[Wed May 29 00:20:16 2013] <thm_prover> I have a hypothesis: "exists a: b = f a"
[Wed May 29 00:20:28 2013] <thm_prover> how do I get hypothesis of the forms "a0 \n b = f a0" ?
[Wed May 29 00:20:38 2013] <thm_prover> there should be a simple tactic for this, but I can't think of it
[Wed May 29 03:25:26 2013] <Cale> When thm_prover gets back, someone tell him destruct H.
[Wed May 29 03:50:48 2013] <thorsten`> is there something in coq like let..in or where known from haskell?
[Wed May 29 04:18:13 2013] <jgross> thorsten: Coq has [let foo := bar in baz] (and fancier versions), though it's really just syntatic sugar for a match. 
[Wed May 29 04:27:16 2013] <sgnb> let are not syntactic sugar for match in Coq
[Wed May 29 04:28:36 2013] <sgnb> ah, I see what you mean
[Wed May 29 04:29:01 2013] <thorsten`> okey, thanks. i want to use it to avoid mentioning the same subterm multiple times
[Wed May 29 04:29:22 2013] <thorsten`> and now i also get the comparison to "match"
[Wed May 29 04:40:31 2013] <thm_prover> is there a way in Coq to do "hint unfold .... "?
[Wed May 29 04:40:57 2013] <thm_prover> dumb question on my part
[Wed May 29 04:41:01 2013] <thm_prover> Google says "Hint Unfold ... "
[Wed May 29 04:41:31 2013] <rks> thm_prover: more generaly http://coq.inria.fr/refman/command-index.html
[Wed May 29 04:46:27 2013] <thm_prover> rks: noted, thanks!
[Wed May 29 04:46:37 2013] <thm_prover> I should set that as my homepage. :-)
[Wed May 29 04:50:38 2013] <jgross> sgnb: [Set Printing All. Check let (a, b) return nat := (1, 2) in a.] tells me "match @pair nat nat (S O) (S (S O)) return nat with | pair a _ => a end".  So, at least, the more complicated versions of "let" are just sugar for "match". 
[Wed May 29 04:52:15 2013] <sgnb> yes, I know... I only think about the "let id := term in term" form when I hear about let
[Wed May 29 04:52:53 2013] <sgnb> and actually this use of let is different from match because it infers the type
[Wed May 29 04:53:13 2013] <sgnb> I mean, you don't need to give the constructor name
[Wed May 29 04:53:25 2013] <sgnb> I see it as a pretyping feature
[Wed May 29 04:58:25 2013] <jgross> @check (match 1 with a => a end) 
[Wed May 29 04:59:42 2013] <jgross> Hmmm.... does lambdabot not like that?	Anyway, you don't have to give the constructor name in a match, either.  You can have a variable name that stands in for all the remaining cases. 
[Wed May 29 05:01:08 2013] <kini> jgross: lambdabot isn't in here, is it?
[Wed May 29 05:17:19 2013] <jgross> @print eq 
[Wed May 29 05:17:47 2013] <jgross> Maybe I mean roosterbot?  There was definately something at one point which responded to commands like @print. 
[Wed May 29 06:21:02 2013] <mdenes> jgross: the binding let (let foo := bar in baz) is a specific construction in Coq
[Wed May 29 06:21:55 2013] <mdenes> kernel terms include let bindings
[Wed May 29 06:22:20 2013] <mdenes> however, there is also this destructuring let, like you wrote let (a, b) return nat := (1, 2) in a.
[Wed May 29 06:22:29 2013] <mdenes> which is indeed syntactic sugar for a match
[Wed May 29 06:23:25 2013] <mdenes> one last remark: match x with _ => _ end is actually removed by the preprocessing done on pattern matching
[Wed May 29 06:23:48 2013] <mdenes> so it's not always equivalent to write a default case in a match, or to enumerate the constructors
[Wed May 29 06:24:42 2013] <mdenes> particularly when matching a coinductive type
[Wed May 29 06:28:20 2013] <roosbeef> hm
[Wed May 29 06:28:26 2013] <roosbeef> im trying to write a recursive function
[Wed May 29 06:28:44 2013] <roosbeef> Coq complains that it cannot guess the decreasing argument of fix
[Wed May 29 06:28:58 2013] <roosbeef> but it seems pretty obvious to me that the recursion is decreasing
[Wed May 29 06:29:14 2013] <roosbeef> anyone can explain why perhaps?
[Wed May 29 06:29:37 2013] <darinmorrison> roosbeef: "obvious" leaves a lot of room for leeway :]
[Wed May 29 06:29:53 2013] <roosbeef> https://privatepaste.com/e6ea9cffe1
[Wed May 29 06:29:54 2013] <darinmorrison> if it's not structurally recursive, or something close to that, probably going to have issues
[Wed May 29 06:30:02 2013] <roosbeef> the (mutually recursive) function im trying to define is at the bottom
[Wed May 29 06:30:30 2013] <roosbeef> it seems close enough to structural recursion to me
[Wed May 29 06:30:40 2013] <roosbeef> only thing is it has some if then else ladders in it
[Wed May 29 06:30:49 2013] <darinmorrison> hmm
[Wed May 29 06:30:51 2013] <roosbeef> but i dont see how that makes it any less structurally recursive
[Wed May 29 06:32:53 2013] <darinmorrison> Yes, it looks like it would work. I'm not an expert in how Coq does those kind of checks. Probably mutual recursion causes a problem somehow.
[Wed May 29 06:32:58 2013] <darinmorrison> I would post on the mailing list
[Wed May 29 06:33:36 2013] <roosbeef> hm
[Wed May 29 06:34:09 2013] <darinmorrison> As an alternative, you might try using Program Fixpoint and see what kind of obligations it asks for
[Wed May 29 06:34:26 2013] <roosbeef> maybe i can do without mutual recursion
[Wed May 29 06:35:14 2013] <roosbeef> somehow :p
[Wed May 29 06:45:49 2013] <roosbeef> how does 'Program Fixpoint' work?
[Wed May 29 06:58:32 2013] <roosbeef> hm, apparently, Coq thinks that: Recursive call to ft_compare has principal argument equal to "h1" instead of "t1".
[Wed May 29 06:59:30 2013] <roosbeef> does it consider the if-then-else ladder when deciding what 'the principal argument' is? Or does it just look at the first argument occurence
[Wed May 29 07:07:50 2013] <Eruquen> did you try to specify the decreasing with {struct <var>}?
[Wed May 29 07:11:21 2013] <roosbeef> yes, {struct ft1}
[Wed May 29 07:11:46 2013] <roosbeef> it only works for the parameters, right? Ive tried to tell it {struct tail1} too but it doesnt know what I mean by that
[Wed May 29 07:12:12 2013] <Eruquen> yeah, I think it only works for the parameters of the function
[Wed May 29 07:27:57 2013] <roosbeef> just curious, is this not working a shortcoming of Coq?
[Wed May 29 07:28:20 2013] <roosbeef> or is the recursion im trying potentially non-decreasing
[Wed May 29 07:41:03 2013] <roosbeef> going to try again tomorrow
[Wed May 29 07:41:14 2013] <roosbeef> thanks for your help guys
[Wed May 29 08:06:11 2013] <Eruquen> https://privatepaste.com/6d83e8f7e7
[Wed May 29 08:06:15 2013] <Eruquen> oh, he's gone already
[Wed May 29 13:54:18 2013] <tswett> Hmmm.
[Wed May 29 13:54:38 2013] <tswett> In Coq, is it possible to prove that there are more than two propositions?
[Wed May 29 13:55:09 2013] <tswett> That there exists a proposition that is equal neither to False nor to True?
[Wed May 29 13:55:39 2013] <elliott> it is consistent to add forall P : Prop, (P = False) \/ (P = True) as an axiom
[Wed May 29 13:55:50 2013] <tswett> * nods.
[Wed May 29 13:55:51 2013] <elliott> so no
[Wed May 29 13:56:05 2013] <elliott> you get it from excluded middle + propositional extensionality, of course
[Wed May 29 13:56:56 2013] <tswett> I kind of like the gamut of consistency that Coq provides.
[Wed May 29 14:07:26 2013] <tswett> So is there a straightforward way to prove the consistency of axioms like that one? Do you construct a model of Coq with the axiom, or simply prove that you can't prove a contradiction from it, or what?
[Wed May 29 14:09:11 2013] <elliott> well, I don't know if propositional extensionality has actually been proved consistent with coq
[Wed May 29 14:09:30 2013] <elliott> take a look here http://cstheory.stackexchange.com/questions/4905/where-is-the-proof-that-coq-excluded-middle-is-consistent
[Wed May 29 16:37:36 2013] <wmeyer> hello
[Wed May 29 18:20:19 2013] <thm_prover> in Coq, is the following lemma provable?: "Lemma silly: (true=true) = True"
[Wed May 29 18:24:32 2013] <thm_prover> Sorry, got disconnected
[Wed May 29 18:24:50 2013] <thm_prover> prev question: in Coq, is the following lemma true? Lemma silly: (true=true) = True.
[Wed May 29 18:25:12 2013] <Ptival> I don't think it's true
[Wed May 29 18:25:17 2013] <thm_prover> I used to think it was true, but now I'm starting to feel that "True" and "true=true" have different types, thus implying they're not equal.
[Wed May 29 18:25:23 2013] <thm_prover> Ptival: why?
[Wed May 29 18:25:28 2013] <Ptival> no they have the same type
[Wed May 29 18:25:41 2013] <Ptival> otherwise you wouldn't even be able to state their equality in the system
[Wed May 29 18:26:00 2013] <thm_prover> In that case, I'm even more confused.
[Wed May 29 18:26:04 2013] <thm_prover> Why is it not provable>
[Wed May 29 18:27:46 2013] <elliott> because not all true propositions are equal to True
[Wed May 29 18:28:15 2013] <elliott> you can add as an axiom that (P <-> Q) -> P = Q for propositions P and Q ("propositional extensionality") and then it's true
[Wed May 29 18:28:35 2013] <elliott> remember that True refers to one _specific_ true proposition, rather than the general idea of something being true
[Wed May 29 18:29:05 2013] <thm_prover> because all we have is some Inductive Bool : Set = True | False.
[Wed May 29 18:29:15 2013] <thm_prover> and anything that can not, by CoC, reduce to "True", is not provably equaly to True ?
[Wed May 29 18:29:16 2013] <elliott> no...
[Wed May 29 18:29:30 2013] <elliott> True and False aren't booleans
[Wed May 29 18:29:34 2013] <thm_prover> If you have time, I'd like you to help debug where my idiocy is.
[Wed May 29 18:29:40 2013] <elliott> Coq < Print True.
[Wed May 29 18:29:40 2013] <elliott> Inductive True : Prop :=  I : True
[Wed May 29 18:29:40 2013] <elliott> Coq < Print False.
[Wed May 29 18:29:40 2013] <elliott> Inductive False : Prop :=
[Wed May 29 18:29:49 2013] <elliott> they are propositions declared inductively, just like any other
[Wed May 29 18:29:53 2013] <elliott> (and hence, types)
[Wed May 29 18:30:02 2013] <elliott> true and false (lowercase) are booleans: Inductive bool : Set :=  true : bool | false : bool
[Wed May 29 18:30:33 2013] <thm_prover> okay, so there is an inductive type Prop, which describes all possible ways in which propositions can be composed together
[Wed May 29 18:30:42 2013] <elliott> Prop isn't inductive, it just contains inductive types
[Wed May 29 18:30:55 2013] <elliott> Coq's equality is "intensional", so basically x = y only if you can compute/rewrite both halves to be the same; there's no way to rewrite (true = true) to be True
[Wed May 29 18:31:19 2013] <elliott> in fact, equality is itself defined by an inductive proposition: Inductive eq (A : Type) (x : A) : A -> Prop :=  eq_refl : x = x
[Wed May 29 18:33:38 2013] <thm_prover> okay, so "A = B" iff there exists some sequence of steps which by A can be rewritten into B
[Wed May 29 18:33:41 2013] <thm_prover> I can accept that.
[Wed May 29 18:34:24 2013] <elliott> right, and those steps are essentially just computation when you get round to it
[Wed May 29 18:34:33 2013] <elliott> 1 + 1 = 2 because evaluating 1 + 1 reduces it to 2
[Wed May 29 18:35:00 2013] <thm_prover> sure, 1 + 1 = (S 0) + (S 0) = S (S 0) + 0 = S (S 0) = 2
[Wed May 29 18:35:04 2013] <thm_prover> or something like that :-)
[Wed May 29 18:35:25 2013] <thm_prover> so "true = true" is just some "Prop", and there's no way I can rewrite it to True
[Wed May 29 18:35:32 2013] <elliott> and you can prove (forall (x : option nat), match x with | None => 123 | Some _ => 123 end = 123) by destructing "x", and then in each branch (x being None and x being Some y for some y), the match evaluates to 123
[Wed May 29 18:35:34 2013] <thm_prover> I can accept this, but it's still weird.
[Wed May 29 18:36:01 2013] <elliott> well, you can't even prove two functions that aren't "identical" are equal, even if they agree on each values
[Wed May 29 18:36:03 2013] <rmk0> the confusion might be from the choice of names
[Wed May 29 18:36:08 2013] <elliott> (that's called "functional extensionality" and there's a module that exports it as an axiom)
[Wed May 29 18:36:13 2013] <elliott> *on every value
[Wed May 29 18:36:36 2013] <thm_prover> rmk0: you mean I'm much more willing to accept "(foo = foo) = Foo" being unprovable?
[Wed May 29 18:36:46 2013] <thm_prover> yeah, I am much willing to accept the later being unprovable :-)
[Wed May 29 18:36:47 2013] <rmk0> rmk0: i mean the use of the names True and False
[Wed May 29 18:36:55 2013] <rmk0> ... didn't mean to talk to myself there
[Wed May 29 18:37:18 2013] <rmk0> thm_prover: compare the definitions of 'unit' and 'True'
[Wed May 29 18:37:26 2013] <rmk0> and also 'Empty_set' and 'False'
[Wed May 29 18:37:35 2013] <elliott> right, yeah
[Wed May 29 18:37:50 2013] <elliott> you could also call True, say, "Trivial"; it's just a proposition defined to be trivially true
[Wed May 29 18:38:00 2013] <elliott> and False is trivially uninhabited
[Wed May 29 18:38:21 2013] <elliott> so they're the "simplest" propositions that are provable/unprovable in a sense, and that's the only reason they have those names
[Wed May 29 18:38:22 2013] <thm_prover> okay
[Wed May 29 18:38:27 2013] <thm_prover> I thikn I'm ahppy now.
[Wed May 29 18:38:40 2013] <thm_prover> Thanks for both of your time. Very helpful. :-)
[Wed May 29 18:38:44 2013] <elliott> you could just as well ask, e.g. "why can't I prove is_even 2 = 123 > 4", because both of them are true :)
[Wed May 29 18:39:05 2013] <elliott> (some systems, e.g. observational type theory, *do* let you prove that two propositions are equal if they imply each other)
[Wed May 29 18:39:13 2013] <elliott> (because they support extensional equality)
[Wed May 29 21:23:40 2013] <tswett> Hmmmm. Now I wonder if you can consistently assume that if a proposition is true, then it has a proof.
[Wed May 29 21:24:03 2013] <tswett> Seems like you could diagonalize here.
[Wed May 29 21:26:00 2013] <tswett> Construct a statement that amounts to "this statement has no proof". So... if you prove that it's true, you can then prove that it's false, by the contrapositive of that axiom there. If it has no proof, then it is false.
[Wed May 29 21:26:49 2013] <tswett> In order to prove that it's true, you'd have to assume that it's provable and derive a contradiction. But provability doesn't lead you anywhere; there's nothing that says that provability implies truth.
[Wed May 29 21:27:02 2013] <tswett> Or is there?
[Thu May 30 04:37:16 2013] <robbert> tswett: how would you formulate "if a    │
[Thu May 30 04:37:18 2013] <robbert>                        | proposition is true, then it has a proof"
[Thu May 30 04:40:19 2013] <thorsten`> hm? i don't think that propositions are "true" or "false". A Proposition itself is the proof
[Thu May 30 04:45:52 2013] <robbert> it should be an inhabitant of the proposition is a proof. "False" is a Proposition, but "False" itself is not a proof.
[Thu May 30 04:47:52 2013] <robbert> so, what does tswett mean by being true? Being inhabited? Being true in some model of pCiC (which does not have to imply being inhabited)? Being true in all models of pCiC (which implies it's inhabited)
[Thu May 30 04:47:55 2013] <thorsten`> oh, right
[Thu May 30 05:52:07 2013] <Cale> robbert: A distinction between truth and provability only makes sense when you're doing something model theoretic in nature - formalising one theory inside another and providing an interpretation of its statements as statements of the outer theory.
[Thu May 30 05:52:51 2013] <Cale> That said, I don't really know what tswett was referring to
[Thu May 30 07:13:59 2013] <basti_> is it possible in coq to prove a statement like "   (0 <= x < b \/ x = b) = (0 <= x < b + 1)
[Thu May 30 07:14:17 2013] <basti_> " - or is that impossible?
[Thu May 30 07:15:07 2013] <basti_> <-> is obviously possible
[Thu May 30 07:17:41 2013] <mdenes> it's not possible in general, but if equality and order are decidable in your context, you should use boolean operators to write this kind of things
[Thu May 30 07:18:32 2013] <elliott> basti_: you can add propositional extensionality as an axiom
[Thu May 30 07:18:34 2013] <basti_> hmm. that is in Z, so equality and order are decideable, and i think i could do this with boolean operators.
[Thu May 30 07:18:44 2013] <elliott> but quite simply, only things you can make the same on both sides are equal
[Thu May 30 07:18:52 2013] <basti_> * nods
[Thu May 30 07:18:55 2013] <elliott> (huh, this question has come up 2, 3? times today/yesterday)
[Thu May 30 07:19:04 2013] <basti_> i don't want prop. ext.
[Thu May 30 07:19:05 2013] <basti_> it has?
[Thu May 30 07:19:10 2013] <basti_> I'm just having fun
[Thu May 30 07:19:17 2013] <basti_> no connection i think.
[Thu May 30 07:20:31 2013] <mdenes> if it's over Z, it's usually convenient to use boolean comparisons to allow this kind of rewriting
[Thu May 30 07:20:33 2013] <elliott> yeah, it's just odd :)
[Thu May 30 07:22:35 2013] <basti_> with "boolean comparisons" you mean to use lemmas like "eqb_eq"?
[Thu May 30 07:28:53 2013] <mdenes> well, eqb_eq allows you to reduce an equality goal in Prop to a boolean one
[Thu May 30 07:29:12 2013] <mdenes> but you can also use boolean functions for order (not only equality) and so on
[Thu May 30 07:29:33 2013] <robbert> In case of Z, "<" is proof irrelevant, "<=" is not
[Thu May 30 07:29:35 2013] <robbert> @print Z.le
[Thu May 30 07:29:45 2013] <robbert> ah, roosterbot is broken
[Thu May 30 07:30:10 2013] <robbert> "Z.le = λ x y, (x ?= y) ≠ Gt"
[Thu May 30 07:31:05 2013] <basti_> oh
[Thu May 30 07:31:17 2013] <basti_> i see.
[Thu May 30 07:32:40 2013] <mdenes> what do you mean, robbert? "<" is proof irrelevant whereas "<=" is not
[Thu May 30 07:33:08 2013] <robbert> That you can prove "forall (x y : Z) (p1 p2 : x < y), p1 = p2"
[Thu May 30 07:33:15 2013] <robbert> but not "forall (x y : Z) (p1 p2 : x <= y), p1 = p2"
[Thu May 30 07:34:16 2013] <mdenes> I really wonder why Z.le is defined like that
[Thu May 30 07:34:37 2013] <robbert> Me too, it's quite annoying
[Thu May 30 07:35:16 2013] <basti_> so if i use only "<", the proof will be possible?
[Thu May 30 07:35:30 2013] <robbert> depends, you also have disjunctions
[Thu May 30 07:35:38 2013] <basti_> okay.
[Thu May 30 07:35:47 2013] <robbert> these are generally not proof irrelevant
[Thu May 30 07:35:55 2013] <robbert> unless both sides are exclusive
[Thu May 30 07:35:59 2013] <elliott> also, this is about equality of two propositions rather than equality of their proofs
[Thu May 30 07:36:06 2013] <basti_> okay.
[Thu May 30 07:36:07 2013] <elliott> even more confusing :)
[Thu May 30 07:36:30 2013] <robbert> oops, you are right, then my remarks are probably useless :)
[Thu May 30 07:36:47 2013] <basti_> -.-
[Thu May 30 07:37:06 2013] <basti_> ;)
[Thu May 30 07:37:35 2013] <basti_> so, generally it might be possible to prove to propositions acutally equal.
[Thu May 30 07:37:41 2013] <basti_> *to be
[Thu May 30 07:37:48 2013] <robbert> yes, so either use <->, in which case you can use the setoid machinery for rewriting with such equations
[Thu May 30 07:37:54 2013] <robbert> or use booleans, as mdenes suggested
[Thu May 30 07:38:13 2013] <basti_> I already came to like "setoid".
[Thu May 30 07:39:21 2013] <elliott> basti_: if you write all the comparisons as boolean functions and then do something like "forall x, is_true (0 <= x) = is_true (x > -1)" or whatever then you could do it
[Thu May 30 07:39:33 2013] <elliott> (having rewritten <= and > to be functions returning booleans)
[Thu May 30 07:39:59 2013] <basti_> hmm
[Thu May 30 07:40:07 2013] <mdenes> robbert: if Z.le was defined as Z.le x y := (x ?= y) = Lt /\ (x ?=y = Eq), it would be proof irrelevant, right?
[Thu May 30 07:40:07 2013] <elliott> because you *do* have bi-implication implying equality on booleans: either both are false or both are true, so it reduces to is_true false = is_true false or is_true true = is_true true
[Thu May 30 07:40:15 2013] <mdenes> not that I suggest such a definition either :D
[Thu May 30 07:40:24 2013] <elliott> that's what mdenes was suggesting, I believe
[Thu May 30 07:40:34 2013] <elliott> and you can define a coercion from bool to Prop that lets you omit the "is_true" there.
[Thu May 30 07:40:43 2013] <basti_> maybe i just started out wrong ^^
[Thu May 30 07:41:06 2013] <elliott> my suggestion is not to try proving propositions equal :)
[Thu May 30 07:41:13 2013] <basti_> ;)
[Thu May 30 07:41:18 2013] <robbert> mdenes: isn't that definition just wrong? You need a disjunction instead of a conjunction
[Thu May 30 07:41:23 2013] <mdenes> robbert: I meant an or, not an and of course
[Thu May 30 07:41:30 2013] <robbert> but in that case, I think so, as both sides are exclusive
[Thu May 30 07:42:03 2013] <mdenes> ok
[Thu May 30 07:44:34 2013] <basti_> i'm addicted to coq.
[Thu May 30 07:49:01 2013] <robbert> mdenes: http://hpaste.org/88891, there you go :)
[Thu May 30 07:49:46 2013] <mdenes> thanks :)
[Thu May 30 08:06:57 2013] <dario> basti_: that's why they named it coq, so that it sounds funny when someone says that ;)
[Thu May 30 08:07:12 2013] <basti_> actually?
[Thu May 30 08:08:38 2013] <dario> probably not, i haven't found a serious source for why they chose that name
[Thu May 30 08:10:01 2013] <dario> well, wiki says a lot of research tools developed in france are named after animals
[Thu May 30 08:10:33 2013] <basti_> * nods
[Thu May 30 08:31:44 2013] <basti_> okay, i made a mistake. I didn't use Extensionality_Ensembles. When I do, I do not need to prove the statement above.
[Thu May 30 09:06:15 2013] <robbert> basti_: note, Extensionality_Ensembles is an axiom!
[Thu May 30 09:07:38 2013] <basti_> hmm. since i'd only use it in proofs I hope I can keep it irrelevant.
[Thu May 30 09:07:56 2013] <robbert> what do you mean by that?
[Thu May 30 09:09:35 2013] <basti_> well I think i can write definitions of functions (which i'd intend to extract eg.), prove them to be correct, and then use the correctness in equality proofs without ever touching the axiomatic set equality.
[Thu May 30 09:09:39 2013] <basti_> can't i?
[Thu May 30 09:10:35 2013] <basti_> i'd just use the proof and not depend a result on it.
[Thu May 30 09:10:46 2013] <basti_> *not have a result depend on it
[Thu May 30 09:10:56 2013] <robbert> if you intend to use extraction, you can assume anything in Prop that does not yield inconsistencies
[Thu May 30 09:11:02 2013] <robbert> extraction will remove all proofs
[Thu May 30 09:11:12 2013] <robbert> if you want to compute inside Coq, axioms can make computation block
[Thu May 30 09:11:19 2013] <basti_> yes, that i understand
[Thu May 30 09:11:26 2013] <elliott> you can assume things that lead to inconsistencies too!
[Thu May 30 09:11:31 2013] <elliott> for additional fun.
[Thu May 30 09:11:39 2013] <robbert> then extraction is no longer sound
[Thu May 30 09:11:43 2013] <basti_> yep
[Thu May 30 09:11:51 2013] <robbert> and may yield non terminating functions as well
[Thu May 30 09:12:02 2013] <elliott> robbert: but on the other hand, it makes the correctnes proofs so easy.
[Thu May 30 09:12:21 2013] <basti_> i realize that you can extract a broken program.
[Thu May 30 09:12:50 2013] <basti_> i don't realize how an endless loop could hapen
[Thu May 30 09:13:14 2013] <robbert> elliott: http://www.inutile.ens.fr/estatis/falso/ is my favorite proof assistant
[Thu May 30 09:13:39 2013] <basti_> however, I intend to just prove properties of the program in question, and that should work, and i don't think extensionality is not sound
[Thu May 30 09:13:51 2013] <robbert> basti_: you can prove non-terminating functions to be terminating using Falso
[Thu May 30 09:14:32 2013] <robbert> e.g, with inconsistent functions you can prove (fun _ _, True) to be well-founded
[Thu May 30 09:14:36 2013] <elliott> presumably if you use Acc and stuff
[Thu May 30 09:14:38 2013] <robbert> *inconsistent axioms
[Thu May 30 09:14:41 2013] <elliott> right.
[Thu May 30 09:14:57 2013] <basti_> hmmm.
[Thu May 30 09:15:39 2013] <basti_> falso is funny, yes.
[Thu May 30 09:16:28 2013] <basti_> of course, if you assume false, which is equal to assuming a contradiction, which is equal to writing a broken function, then you can prove everything.
[Thu May 30 09:19:13 2013] <robbert> http://hpaste.org/88898 for extracting a looping function
[Thu May 30 11:44:24 2013] <tswett> robbert: when I say "if a proposition is true, it has a proof", I'm referring to an axiom along the lines of "forall P : FolProp, isTrue P -> exists p : Proof, isProofOf p P".
[Thu May 30 11:44:56 2013] <tswett> Where "FolProp" is a type representing sentences in first-order logic, isTrue converts a FolProp into a Prop, and "Proof" is a type representing proofs of sentences in first-order logic.
[Thu May 30 12:02:11 2013] <Cale> tswett: Are you assuming LEM?
[Thu May 30 12:02:37 2013] <tswett> No.
[Thu May 30 12:02:44 2013] <Cale> Then I think no.
[Thu May 30 12:04:03 2013] <Cale> tswett: This problem has a name, it's called the Entscheidungsproblem, and it was answered negatively and independently by Church and Turing in 1936 and 1937 respectively :)
[Thu May 30 12:05:19 2013] <Cale> Oh, you need at least one predicate symbol of arity at least 2, other than equality
[Thu May 30 12:05:29 2013] <Cale> In order for that to apply
[Thu May 30 12:05:59 2013] <tswett> Hm. The Entscheidungsproblem entails that there is no algorithm that determines the truth value of a statement. Would this axiom entail the existence of such an algorithm?
[Thu May 30 12:06:34 2013] <tswett> Seems like it would. The algorithm is just "enumerate all proofs on both sides, stop when you get to the one you want", and this axiom entails that that algorithm always halts.
[Thu May 30 12:06:36 2013] <Cale> tswett: The existential there is really a pait
[Thu May 30 12:06:38 2013] <Cale> pair*
[Thu May 30 12:07:22 2013] <tswett> Where the fst is a Proof, and the snd is a proof that the Proof proves the FolProp?
[Thu May 30 12:07:29 2013] <Cale> yeah
[Thu May 30 12:07:47 2013] <Cale> and so you're asking for an effective way to compute the proof
[Thu May 30 12:08:24 2013] <Cale> (at least, so long as you're not taking LEM or something else that isn't computable as an axiom)
[Thu May 30 12:09:44 2013] <Cale> Some first order logical theories are decidable in this way though
[Thu May 30 12:09:58 2013] <tswett> Ah, true.
[Thu May 30 12:10:18 2013] <tswett> exists x, True. forall x y, x = y.
[Thu May 30 12:10:48 2013] <tswett> I think any first-order statement in that system is decidable.
[Thu May 30 12:11:17 2013] <Cale> In fact, if you just have no relation symbols other than equality, I think it's decidable.
[Thu May 30 12:11:30 2013] <Cale> (and probably no function symbols either...)
[Thu May 30 12:12:12 2013] <Cale> http://en.wikipedia.org/wiki/Presburger_arithmetic -- this is a decidable theory -- it's statements of arithmetic about addition
[Thu May 30 12:12:45 2013] <Cale> and that would include all the statements which didn't actually mention addition
[Thu May 30 12:16:58 2013] <Cale> Heh, right, the worst-case runtime of any decision algorithm for Presburger arithmetic is at least doubly exponential.
[Thu May 30 12:20:18 2013] <Cale> http://coq.inria.fr/pylons/pylons/contribs/view/Presburger/v8.4 :D
[Thu May 30 12:20:26 2013] <tswett> Hm. So that page states that Presburger arithmetic is complete and decidable. Doesn't completeness imply decidability?
[Thu May 30 12:21:24 2013] <tswett> And what would decidable mean in an incomplete theory?
[Thu May 30 12:22:50 2013] <Cale> It's perhaps a bit easier to see the difference between completeness and decidability in classical logic
[Thu May 30 12:23:38 2013] <Cale> Completeness means that for every statement P in the language, either there's a proof of P or a proof of not P (but note, our ambient logic has LEM, so we might be able to prove this without being able to say which)
[Thu May 30 12:23:56 2013] <Cale> Decidability means we can say which.
[Thu May 30 12:24:23 2013] <Cale> You could formalise completeness inside an intuitionistic system by double negation.
[Thu May 30 12:25:11 2013] <tswett> But doesn't the statement "either there's a proof of P or there's a proof of not P" imply that searching through all possible proofs will eventually find you one, thus meaning that all statements are decidable?
[Thu May 30 12:27:36 2013] <tswett> Be back soon; shower.
[Thu May 30 12:27:41 2013] <Cale> Hmm! You might be right :)
[Thu May 30 12:28:48 2013] <Cale> Oh, right...
[Thu May 30 12:29:12 2013] <Cale> This is model theoretic completeness we're talking about now
[Thu May 30 12:30:19 2013] <Cale> So, "complete" here means that every statement which is true in every interpretation of the system is a theorem.
[Thu May 30 12:31:43 2013] <Cale> http://en.wikipedia.org/wiki/Completeness#Logical_completeness -- somewhat annoyingly, there are a lot of different concepts for which people use this word.
[Thu May 30 12:32:01 2013] <Cale> (within logic, even)
[Thu May 30 12:44:34 2013] <rmk0> erm... rather bizarre error:
[Thu May 30 12:44:35 2013] <rmk0> http://waste.io7m.com/2013/05/30/ouch.v
[Thu May 30 12:45:03 2013] <rmk0> this is with 8.4pl2
[Thu May 30 12:46:12 2013] <rmk0> rewrite gives that error in the comment, "assumption" claims there's no such hypothesis
[Thu May 30 12:46:33 2013] <rmk0> replacing the last "exists e" with "exists f" results in Failure f = Failure f, which is solvable trivially
[Thu May 30 13:20:58 2013] <tswett> Ah fudge, right, there are two meanings of completeness.
[Thu May 30 13:21:20 2013] <tswett> So essentially, one means "every statement is either necessarily true or necessarily false", and the other means "every necessarily true statement has a proof"?
[Thu May 30 13:22:32 2013] <tswett> And Gödel's completeness theorem states that the latter is true in certain systems. I've forgotten which systems those are (and I'd forgotten that it wasn't true for *all* systems).
[Fri May 31 11:47:46 2013] <rmk0> hm, i have the following error monad definition and a function find_m that works with them:
[Fri May 31 11:47:49 2013] <rmk0> http://waste.io7m.com/2013/05/31/in.txt
[Fri May 31 11:48:13 2013] <rmk0> i'm trying to state (not prove, but state) a lemma that says that each value of type S that's passed to f is taken from ts
[Fri May 31 11:48:28 2013] <rmk0> find myself unable to actually phrase the lemma...
[Fri May 31 11:49:05 2013] <rmk0> it's obviously trivially true, but if the definition of find_m is opaque, it's impossible to know from outside
[Fri May 31 11:49:32 2013] <rmk0> i suppose i mean abstract, not opaque
[Fri May 31 11:49:36 2013] <Cale> It's not opaque though
[Fri May 31 11:49:45 2013] <rmk0> hehe, got there before me
[Fri May 31 11:49:56 2013] <Cale> (or abstract)
[Fri May 31 11:49:57 2013] <rmk0> it's not opaque there, no, but there'll be a module signature that makes it abstract
[Fri May 31 11:50:09 2013] <Cale> So, prove the theorem inside the module?
[Fri May 31 11:50:31 2013] <rmk0> please re-read what i wrote... it's not the proving that's the issue, but the actual writing of the lemma
[Fri May 31 11:50:43 2013] <rmk0> i'm not sure how to refer to the parameter of f in the lemma
[Fri May 31 11:51:53 2013] <Cale> ah, okay
[Fri May 31 11:52:49 2013] <Cale> Well, you could apply find_m to an f which only produces Success in the case where it's applied to an element of the list
[Fri May 31 11:53:34 2013] <rmk0> hm
[Fri May 31 11:53:56 2013] <Cale> hmm
[Fri May 31 11:54:28 2013] <Cale> Ah, but you're manipulating that too...
[Fri May 31 11:56:22 2013] <rmk0> hm... i suppose i could write another definition of find_m that also passes in a proof that List.In x ts
[Fri May 31 11:56:34 2013] <rmk0> and then prove that it gives the same results for all f
[Fri May 31 11:57:14 2013] <rmk0> not exactly ideal
[Fri May 31 11:58:41 2013] <rmk0> by gives the same results, i obviously mean "prove the two are equivalent" so that i can rewrite occurrences of find_m in proofs
[Fri May 31 12:04:02 2013] <Cale> I guess we're trying to formalise parametricity for this case.
[Fri May 31 12:09:01 2013] <Cale> I asked lambdabot:  @free find_m :: (s -> Either f (Maybe t)) -> [s] -> Either f (Maybe t)
[Fri May 31 12:09:21 2013] <Cale> and it gave me  $map_Either g ($map_Maybe h) . k = p . f => $map_Either g ($map_Maybe h) . find_m k = find_m p . $map f
[Fri May 31 12:09:53 2013] <rmk0> hm, right
[Fri May 31 12:10:58 2013] <Cale> So, let me restate that in coq...
[Fri May 31 12:18:37 2013] <elliott> you'll want to eta expand that, most likely
[Fri May 31 12:18:44 2013] <Cale> yes
[Fri May 31 12:48:50 2013] <Cale> http://hpaste.org/89027
[Fri May 31 12:48:53 2013] <Cale> rmk0: ^^
[Fri May 31 12:48:57 2013] <rmk0> * eyes it
[Fri May 31 12:49:14 2013] <rmk0> hehe, ouch
[Fri May 31 12:49:27 2013] <rmk0> thanks for putting in the effort :)
[Fri May 31 12:49:40 2013] <rmk0> * dissects it
[Fri May 31 12:49:43 2013] <Cale> Well, this might be somewhat more general than what you actually need...
[Fri May 31 12:52:14 2013] <Cale> But it's sort of a way of saying that find_m doesn't know or care about what its type parameters are.
[Fri May 31 12:52:43 2013] <rmk0> right
[Fri May 31 17:17:52 2013] <fasta> Isn't there a version of Coq which doesn't require one to write all those useless quantified variables?
[Fri May 31 17:18:23 2013] <tomprince> idris? ;)
[Fri May 31 17:19:11 2013] <fasta> Well, I like idris, but probably the ecosystem isn't as developed.
[Fri May 31 17:19:26 2013] <fasta> Idris is not 'proven technology' ;)
[Fri May 31 17:19:49 2013] <tomprince> There is Generalizable Variables and `
[Fri May 31 17:20:06 2013] <fasta> tomprince: `, list more
[Fri May 31 17:20:26 2013] <tomprince> * was mostly trolling, which I usually do in reverse on #idris
[Fri May 31 17:20:48 2013] <fasta> tomprince: how do I google for `?
[Fri May 31 17:21:49 2013] <tomprince> Lookin the index of the coq manual?
[Fri May 31 17:26:43 2013] <fasta> tomprince: I did now.
[Fri May 31 17:26:52 2013] <fasta> tomprince: ` cannot be found by the pdf search.
[Fri May 31 17:27:07 2013] <fasta> tomprince: and it's also not near the symbols at the start of the global index.
[Fri May 31 17:27:23 2013] <fasta> tomprince: that's wherer it should have been listed, if the manual was sane.
[Fri May 31 17:34:09 2013] <fasta> They are called generalizing binders...
[Fri May 31 18:15:53 2013] <rmk0> Cale: i think i understand your 'find' theorem, but i'm having trouble seeing how to apply it to my original problem. i've got an example here that tries to explain why i was doing this in the first place:
[Fri May 31 18:15:56 2013] <rmk0> http://waste.io7m.com/2013/05/31/find.txt
[Fri May 31 18:16:25 2013] <rmk0> basically, i'd written 'decide0' and was calling it via find_m. unfortunately, i needed more information when doing proofs about decide0, so i needed to add some preconditions in the form of proofs
[Fri May 31 18:16:46 2013] <rmk0> unfortunately, i couldn't then actually pass the proof arguments, for obvious reasons
[Fri May 31 18:17:00 2013] <rmk0> am not sure if there's a better way to achieve this
[Fri May 31 18:17:50 2013] <Cale> Er, sorry, what are you actually trying to prove? Maybe a concrete example would help.
[Fri May 31 18:18:12 2013] <rmk0> er, it's more the problem that the original is hundreds of lines
[Fri May 31 18:18:27 2013] <rmk0> i didn't think you'd really want to sift through all of that nonsense
[Fri May 31 18:18:38 2013] <Cale> The theorem statement is?
[Fri May 31 18:19:02 2013] <rmk0> it's actually not even a theorem that's the problem... it's "find1" in that example
[Fri May 31 18:19:13 2013] <Cale> oh
[Fri May 31 18:19:15 2013] <rmk0> i have List.Forall P xs, and decide1 requires P x
[Fri May 31 18:19:26 2013] <rmk0> i can show P x if i can show List.In x xs
[Fri May 31 18:19:34 2013] <rmk0> but i lose that information via find_m, i think
[Fri May 31 18:20:01 2013] <Cale> Well, where did you get x from?
[Fri May 31 18:20:12 2013] <Cale> You should be able to build a proof of In x xs while traversing xs
[Fri May 31 18:20:27 2013] <rmk0> does that not need to be done inside the find_m function?
[Fri May 31 18:20:30 2013] <rmk0> maybe i'm missing something obvious
[Fri May 31 18:20:40 2013] <Cale> um...
[Fri May 31 18:20:53 2013] <Cale> Okay, maybe it does
[Fri May 31 18:21:07 2013] <Cale> Let me fire up coq again :)
[Fri May 31 18:21:26 2013] <rmk0> i'm entirely willing to entertain the suggestion that there's a stupid answer staring me right in the face :)
[Fri May 31 18:21:29 2013] <rmk0> it wouldn't be the first
[Fri May 31 18:22:06 2013] <Cale> We can add the proof as a parameter to f
[Fri May 31 18:22:11 2013] <Cale> I think
[Fri May 31 18:22:21 2013] <Cale> If that will be useful...
[Fri May 31 18:22:35 2013] <rmk0> pretty sure that'd work
[Fri May 31 18:22:50 2013] <Cale> and T can become some type which contains that proof if you need it beyond that
[Fri May 31 18:23:53 2013] <Cale> errr
[Fri May 31 18:24:31 2013] <Cale> hmm, there might be a better way to do this than I'm thinking, but screw it, I'm adding a new inductive type :)
[Fri May 31 18:24:36 2013] <rmk0> hehe
[Fri May 31 18:25:28 2013] <rmk0> essentially, the proof argument to decide1 isn't actually used inside decide1, i don't think, but it is used when proving things about decide1
[Fri May 31 18:25:37 2013] <rmk0> doubt that matters
[Fri May 31 18:26:15 2013] <rmk0> ... that statement may be wrong
[Fri May 31 18:26:24 2013] <rmk0> *ahem*
[Fri May 31 19:16:48 2013] <Cale> rmk0: lol, I AM NOT GOOD AT COQ... but I did this clumsy thing which might help
[Fri May 31 19:17:14 2013] <rmk0> hehe
[Fri May 31 19:18:02 2013] <Cale> actually, I'm pretty sure one could write these definitions in a fixpoint style, but screw it, having lists of subgoals is nice sometimes...
[Fri May 31 19:18:12 2013] <Cale> http://hpaste.org/89045
[Fri May 31 19:18:36 2013] <rmk0> thanks... eyeing it now
[Fri May 31 19:18:38 2013] <Cale> So, what this does, is to turn a plain list into a list of elements together with proofs that those elements belong to the whole list
[Fri May 31 19:19:04 2013] <rmk0> ah yeah, i wondered about doing something like this
[Fri May 31 19:19:08 2013] <Cale> I'm sure that this needn't be quite as awkward as I've made it
[Fri May 31 19:19:09 2013] <rmk0> a "zip" for propositions
[Fri May 31 19:20:13 2013] <rmk0> thanks again, it's definitely something to try
[Fri May 31 19:20:16 2013] <Cale> I also defined a mapping from my own inductive definition of proofs that elements belong to lists to the usual one, because meh.
[Fri May 31 19:20:38 2013] <Cale> I didn't really bother trying to figure out how to work with the definition of In
[Fri May 31 19:20:45 2013] <rmk0> can often be less painful than the standard library
[Fri May 31 19:22:50 2013] <Cale> Compute InProofs (1 :: 2 :: nil).
[Fri May 31 19:22:53 2013] <Cale> gives:
[Fri May 31 19:23:04 2013] <Cale> exist (fun x : nat => InProof x (1 :: 2 :: nil)) 1 Here :: exist (fun x : nat => InProof x (1 :: 2 :: nil)) 2 (There Here) :: nil
[Fri May 31 19:23:23 2013] <Cale> I should probably swap the args to InProof
[Fri May 31 19:23:43 2013] <rmk0> right
[Fri May 31 19:25:02 2013] <Cale> heh, doesn't really help the display, because it's eta expanded by definition
[Fri May 31 19:31:27 2013] <Cale> So anyway, we can now write:
[Fri May 31 19:31:30 2013] <Cale> Definition Ins {A} (xs : list A) : list {x : A | In x xs} := map (ProofMapExist (fun x => InProofToIn A x xs)) (InProofs xs).
[Fri May 31 19:32:02 2013] <Cale> and, I swapped the parameters to find_m around because I'm going to write find_m' which needs a dependency:
[Fri May 31 19:32:09 2013] <Cale> Definition find_m' {F S T} (ts : list S) (f : { x : S | In x ts } -> t F (option T)) : t F (option T) :=
[Fri May 31 19:32:10 2013] <Cale>   find_m (Ins ts) f.
[Fri May 31 19:32:55 2013] <Cale> rmk0: and so there you go :)
[Fri May 31 19:33:26 2013] <rmk0> nice
[Fri May 31 19:33:53 2013] <rmk0> thanks, will try to integrate this
[Fri May 31 19:35:13 2013] <Cale> http://24.media.tumblr.com/tumblr_m82svgRg7a1qmn40mo1_500.gif -- Accurate depiction of how I write programs in Coq
[Fri May 31 19:35:31 2013] <rmk0> hehe
[Fri May 31 19:35:56 2013] <rmk0> it can be nasty when you've written something that works, and then come to do the _last_ proof and find that you need some extra fact passed through the program
[Fri May 31 19:36:24 2013] <rmk0> it... tends to snowball
[Fri May 31 19:36:31 2013] <rmk0> as this did
[Fri May 31 19:38:18 2013] <Cale> It might be worth figuring out how to translate away my InProof type, because it ought to slow things down a good bit if you're actually computing with this stuff.
[Fri May 31 19:38:27 2013] <Cale> er
[Fri May 31 19:38:29 2013] <Cale> yeah
[Fri May 31 19:38:30 2013] <rmk0> won't be, thankfully
[Fri May 31 19:39:20 2013] <Cale> This is the most elaborate implementation of zip [0..] I've ever written.
[Fri May 31 19:39:26 2013] <rmk0> hehe, yep
[Fri May 31 19:40:33 2013] <rmk0> it's a very neurotic zip
[Fri May 31 19:40:39 2013] <rmk0> has to prove to itself that it does zip
[Fri May 31 19:41:33 2013] <rmk0> the whole point of this was to attempt to formalize the semantics of http://io7m.com/software/jvvfs
[Fri May 31 19:42:05 2013] <rmk0> ran into a nasty inconsistency, so i decided to tear the whole thing down, write the semantics, then reimplement
[Fri May 31 19:42:12 2013] <rmk0> is long overdue, really
[Fri May 31 19:42:38 2013] <rmk0> discovered a few other minor issues in the process, so it was time well spent regardless
[Fri May 31 19:43:23 2013] <rmk0> so, er... won't actually be computing with the result
[Fri May 31 19:43:28 2013] <rmk0> or even extracting a program from it
[Fri May 31 19:43:47 2013] <rmk0> minor sadness about the latter, but i'll live
[Sat Jun  1 02:55:38 2013] <thm_prover> simpl can reduce "length (1::2::3::nil)" to 3.
[Sat Jun  1 02:56:02 2013] <thm_prover> is there some functino which will take "(length (1::2:;3::nil))" as an input and return me a nat as output?
[Sat Jun  1 02:56:21 2013] <thm_prover> there are situations where I can apply a tactic on "3", but not on "(length (1::2::3::nil))"
[Sat Jun  1 02:56:24 2013] <elliott> sure... id :P
[Sat Jun  1 02:56:50 2013] <elliott> perhaps "change (length (1::2::3::nil)) with 3."
[Sat Jun  1 02:57:27 2013] <thm_prover> nothign liek "eval simpl" or "eval compute" ?
[Sat Jun  1 02:57:34 2013] <thm_prover> if I could have that embeeded in a tactic, I'd be happy
[Sat Jun  1 02:58:22 2013] <elliott> well, there's the "simpl" tactic...
[Sat Jun  1 02:58:25 2013] <elliott> and the "compute" tactic
[Sat Jun  1 03:01:19 2013] <thm_prover> here is a minimal fail case: http://hpaste.org/89053
[Sat Jun  1 03:01:24 2013] <thm_prover> the first call to "silly" works.
[Sat Jun  1 03:01:26 2013] <thm_prover> the second does not
[Sat Jun  1 03:01:30 2013] <thm_prover> how do I make the second call work? :-)
[Sat Jun  1 03:04:39 2013] <elliott> oh, I don't know about in ltac
[Sat Jun  1 03:06:16 2013] <thm_prover> well, I don't need it in ltac
[Sat Jun  1 03:06:28 2013] <thm_prover> I just need Coq to change (length (1::2::3::nil)) to "3" before ltac gets it
[Sat Jun  1 03:08:34 2013] <thm_prover> thus, i feel there is some solution involving simpl and compute
[Sat Jun  1 16:58:52 2013] <tswett> I notice that Type = Type : Prop. Do instances of the word "Prop" have universes associated with them just like instances of Type?
[Sat Jun  1 17:56:39 2013] <tswett> I guess that shouldn't be surprising at all. If a record type has a Type as one of its fields, then certainly instances of the name of the record type would have to have universes.
[Sat Jun  1 18:33:11 2013] <tswett> So I'm trying to define everything in Coq.
[Sat Jun  1 18:33:26 2013] <tswett> Two concepts down, and, uh... infinitely many to go!
[Sat Jun  1 19:34:36 2013] <tswett> Now, if you're in the middle of defining something, is there a way to say "instead of stating what this thing is now, I'm going to provide a proof at the end of the definition"?
[Sat Jun  1 19:34:43 2013] <tswett> I seem to remember a way you could do that.
[Sat Jun  1 19:35:21 2013] <tswett> Maybe that way was just to do the entire definition as a Theorem.
[Sat Jun  1 20:07:41 2013] <tomprince> Program does that.
[Sat Jun  1 20:08:47 2013] <tswett> Hmm.
[Sun Jun  2 12:38:50 2013] <thorsten`> if i have an hyptheses "forall x : X, somestatement". how can i create a new hyptheses with a concrete x = x0?
[Sun Jun  2 12:39:52 2013] <elliott> thorsten`: apply it, it's a function
[Sun Jun  2 12:40:56 2013] <thorsten`> how?
[Sun Jun  2 12:42:27 2013] <elliott> a hypothesis H : forall x : X, ... is just like H : X -> ...
[Sun Jun  2 12:42:30 2013] <elliott> except that ... can mention x, of course
[Sun Jun  2 12:42:39 2013] <elliott> so H v : ... where v : X
[Sun Jun  2 12:44:45 2013] <thorsten`> but it seems i can't just use (H v).
[Sun Jun  2 12:45:26 2013] <elliott> what happens?
[Sun Jun  2 12:45:57 2013] <thorsten`> rewrite <- Bla in (H v). gives me: Syntax error: 'type' 'of' expected after '(' (in [hypident]).
[Sun Jun  2 12:46:34 2013] <elliott> you can e.g. pose proof (H v) as Hv.
[Sun Jun  2 12:46:41 2013] <elliott> or pose (H v) as Hv. if you want to keep it transparent
[Sun Jun  2 12:47:38 2013] <thorsten`> nice
[Sun Jun  2 12:47:45 2013] <thorsten`> that's what i was looking for
[Sun Jun  2 15:36:42 2013] <rmk0> ugh, any idea how i might crush this "ill-typed" error?:
[Sun Jun  2 15:36:47 2013] <rmk0> http://waste.io7m.com/2013/06/02/illtyped.txt
[Sun Jun  2 15:37:05 2013] <rmk0> it's taken from a larger development (which i've stripped out and replaced with axioms so that nobody has to read thousands of lines of coq)
[Sun Jun  2 15:37:29 2013] <rmk0> am running into a problem trying to rewrite with an equality there, most likely because of the dependent match in lookup_ex
[Sun Jun  2 15:47:30 2013] <Ptival> rmk0: which version of Coq?
[Sun Jun  2 15:52:10 2013] <rmk0> Ptival: 8.4pl2
[Sun Jun  2 16:14:18 2013] <Ptival> rmk0: that is weird
[Sun Jun  2 16:14:23 2013] <Ptival> even if x is equal to x0
[Sun Jun  2 16:14:47 2013] <Ptival> why would k1 be equal to k0?
[Sun Jun  2 16:20:04 2013] <rmk0> .. i see what you mean
[Sun Jun  2 16:23:00 2013] <rmk0> if x = x0, they k1 = k0 if i allow proof irrelevance
[Sun Jun  2 16:23:04 2013] <rmk0> *then
[Sun Jun  2 16:23:42 2013] <Ptival> sure
[Sun Jun  2 16:23:43 2013] <rmk0> but i obviously can't do that rewrite either (as k1 is used in the goal)
[Sun Jun  2 16:23:55 2013] <Ptival> yeah the rewrite has a dependency
[Sun Jun  2 17:09:58 2013] <rmk0> ugh... that lookup_ex definition seems extremely hard to work with
[Sun Jun  2 17:10:05 2013] <rmk0> almost any theorem i attempt runs into that problem
[Sun Jun  2 17:10:17 2013] <rmk0> am just trying to show that it gives the same results as 'lookup'
[Sun Jun  2 17:10:42 2013] <rmk0> is there some trick to working with dependent matches like that?
[Sun Jun  2 18:22:48 2013] <robbert> rmk0: [subst] will perform the rewrite you need
[Sun Jun  2 18:47:14 2013] <rmk0> robbert: ah, yes, thank you
[Sun Jun  2 18:47:41 2013] <rmk0> i always forget that subst exists
[Mon Jun  3 09:10:51 2013] <rks_> hi!
[Mon Jun  3 09:12:00 2013] <rks_> I have an hypothesis of the form "H: (x, y) = (Term1, Term2)", is there some way to get "H1 : x = Term1 /\ H2: y = Term2" ?
[Mon Jun  3 09:12:27 2013] <rks_> ... yes, inversion
[Mon Jun  3 09:12:34 2013] <rks_> sorry, for the noise
[Mon Jun  3 09:15:18 2013] <elliott> "injection H" is the simplest form I think
[Mon Jun  3 09:15:43 2013] <rks_> oh, ok
[Mon Jun  3 12:45:35 2013] <ryanakca> If I have something of the style "Definition A := B -> Type." and a "b : B", how can I define something to be of type "A b"?
[Mon Jun  3 12:46:53 2013] <ryanakca> I tried with a "fun b => Blah", but I'm asked to provide a Type for Blah.
[Mon Jun  3 13:01:59 2013] <sgnb> ryanakca: difficult to reply with so few context... where does Blah come from?
[Mon Jun  3 13:23:51 2013] <robbert> ryanakca, since A : Type, A b is not well typed, so you certainly won't be able to give an inhabitant of it
[Mon Jun  3 14:45:37 2013] <ryanakca> sgnb: "Blah" was just a placeholder for a series of  random stabs in the dark to try to find something that typechecked. I've got something working-ish now, thanks
[Mon Jun  3 14:48:15 2013] <ryanakca> robbert: I'm having a bit of conceptual difficulty here, since I thought that "A" was something that took a "B" and became a Type, e.g., for all b : B, (A b) is of type Type. What does the "B -> Type" stand for, if not that?
[Mon Jun  3 15:36:24 2013] <robbert> an element of A, is an element of B -> Type (since A is defined as such). Hence an element of A is something that takes a b : B
[Mon Jun  3 15:36:33 2013] <robbert> ryanakca: ^^
[Mon Jun  3 15:47:26 2013] <ryanakca> robbert: Aha, thanks!
[Tue Jun  4 07:49:27 2013] <lonkz> Hi guys. I have a question for ya. I'd like to turn "fs ++ nil" into fs, where fs is a list of something. For that I'm trying to do "rewrite (app_nil_r fs)." but that gives me "Error: Found no subterm matching "fs ++ Datatypes.nil"" presumably because nil and Datatypes.nil are not the same..
[Tue Jun  4 07:49:53 2013] <lonkz> Also, reflexivity will not prove "Datatypes.nil = nil", so I assume it's a matter of more than unfolding.
[Tue Jun  4 07:50:26 2013] <elliott> have you redefined nil or something?
[Tue Jun  4 07:50:53 2013] <lonkz> Nope
[Tue Jun  4 07:53:07 2013] <elliott> I am confused too, do you have a file that reproduces this error?
[Tue Jun  4 07:54:06 2013] <lonkz> I'll try to extract it now.
[Tue Jun  4 07:56:39 2013] <lonkz> Hmm, it works immediately outside the lemma I'm working on, but not inside. This is wierd.
[Tue Jun  4 08:34:02 2013] <rmk0> 'lo. i'm almost ready to release my first non-trivial coq development: https://github.com/io7m/jvvfs-model2
[Tue Jun  4 08:34:38 2013] <rmk0> i have three Admitted proofs in PathVirtual.v and one in ListAux.v, was wondering if i somebody in here would be kind enough to assist in crushing them
[Tue Jun  4 09:38:24 2013] <Cale> rmk0: prefixes_correct is false.  List.In nil (prefixes nil), but (nil <> nil) is false.
[Tue Jun  4 09:42:04 2013] <rmk0> ah, yes
[Tue Jun  4 09:42:43 2013] <rmk0> hm... wonder what i meant there
[Tue Jun  4 09:43:30 2013] <robbert> lonkz: you probably have a hypothesis called nil
[Tue Jun  4 09:44:41 2013] <rmk0> looks like i only depend on prefixes_correct in one other lemma, and nothing depends on that
[Tue Jun  4 09:44:58 2013] <rmk0> i could probably cheat and eliminate both
[Tue Jun  4 09:46:25 2013] <Cale> perhaps  prefixes nil  should be  nil
[Tue Jun  4 09:47:41 2013] <rmk0> yeah, that seems like a harmless change
[Tue Jun  4 09:48:03 2013] <rmk0> i use it to calculate the ancestors of paths (see PathVirtual.v#enumeration)
[Tue Jun  4 09:48:13 2013] <rmk0> and i'm explicitly not passing nil there anyway...
[Tue Jun  4 14:17:01 2013] <osa1> I can't compile software foundations source, here's the error log with coqc version details: http://hpaste.org/89297 can anyone help ?
[Wed Jun  5 15:15:42 2013] <kini> I have a function defined like
[Wed Jun  5 15:15:42 2013] <kini> Fixpoint f x := g (match x with ... end)
[Wed Jun  5 15:15:42 2013] <kini> when I do "unfold f." in proof mode, a term like "f foo" becomes "(fix f x := g (match x with ... end)) foo"
[Wed Jun  5 15:15:42 2013] <kini> how do I get it to actually apply the argument one recursive step, and get "g (match foo with ... end)" ?
[Wed Jun  5 15:15:45 2013] <kini> and does that even make sense?
[Wed Jun  5 15:46:46 2013] <Cale> kini: This isn't really an answer, but my usual approach is to try simpl, and if it doesn't simplify, use induction.
[Wed Jun  5 15:47:48 2013] <Cale> (i.e. if you can actually match foo with one of the patterns, then it ought to be able to reduce somewhat)
[Wed Jun  5 15:49:59 2013] <kini> that's a good idea, thanks Cale :)
[Wed Jun  5 15:50:02 2013] <kini> let's see...
[Wed Jun  5 15:50:45 2013] <kini> yup, destruct works perfectly :D
[Wed Jun  5 15:50:48 2013] <kini> thanks!
[Wed Jun  5 15:51:00 2013] <Cale> You also usually shouldn't have to unfold recursive definitions manually like that.
[Wed Jun  5 15:52:09 2013] <kini> why's that?
[Wed Jun  5 15:52:22 2013] <Cale> Try the same proof without the unfold
[Wed Jun  5 15:52:34 2013] <kini> basically I wanted to use a lemma which said that g was idempotent, to show that g (f (...)) = f (...)
[Wed Jun  5 15:52:48 2013] <kini> and I didn't think the lemma would match unless there was a literal g (g (...))
[Wed Jun  5 15:53:08 2013] <kini> ah, but apparently you're right, it does :)
[Wed Jun  5 15:53:23 2013] <kini> I did have to destruct first, otherwise it gets stuck (but in that case it gets stuck even if I do unfold)
[Fri Jun  7 06:29:51 2013] <Psycho_pr> Hi.
[Fri Jun  7 10:59:09 2013] <rmk0> ugh, very frustrating
[Fri Jun  7 10:59:27 2013] <rmk0> still stuck on those same few proofs
[Fri Jun  7 10:59:59 2013] <rmk0> have tried several implementations of the list "prefixes" function (called "inits" in haskell)
[Fri Jun  7 11:00:06 2013] <rmk0> they all seem brutally difficult to reason about
[Fri Jun  7 11:02:54 2013] <rmk0> two of the admitted theorems seemed false, those have been adjusted now
[Fri Jun  7 11:18:53 2013] <rmk0> http://waste.io7m.com/2013/06/07/prefixes.v
[Fri Jun  7 11:19:00 2013] <rmk0> these are the two that are causing aggravation right now
[Fri Jun  7 11:20:28 2013] <rmk0> i have no idea how to proceed... in both cases the difficulty comes from showing that 'map' ends up building prefixes of the original list
[Fri Jun  7 11:20:46 2013] <rmk0> other implementations that didn't use List.map seemed no easier to reason about
[Fri Jun  7 11:41:45 2013] <rmk0> ah, just solved the first one
[Sat Jun  8 18:17:07 2013] <rmk0> ugh, anyone able to assist? stuck on "prefixes_including_self_last_self": http://waste.io7m.com/2013/06/08/prefixes3.v
[Sat Jun  8 18:17:14 2013] <rmk0> the induction hypothesis is deeply unhelpful
[Sat Jun  8 18:17:54 2013] <rmk0> "last (prefixes_including_self xs)" is basically (Some . id)
[Sat Jun  8 18:29:21 2013] <Ptival> doesn't seem very inductive
[Sat Jun  8 18:32:21 2013] <rmk0> not really, no
[Sat Jun  8 18:39:29 2013] <Ptival> http://paste.awesom.eu/Ptival/pZG this works
[Sat Jun  8 18:40:11 2013] <rmk0> ah, thank you
[Sat Jun  8 18:40:16 2013] <rmk0> * studies it
[Sat Jun  8 18:40:56 2013] <rmk0> the proofs in this file have cost me blood
[Sat Jun  8 18:41:27 2013] <rmk0> have so far taken almost as long as the rest of the development
[Sat Jun  8 18:41:32 2013] <rmk0> not sure why
[Sat Jun  8 19:27:18 2013] <wmeyer``> rmk0: maybe because you stopped implementing all the boring boilerplate and started implementing the logic of your application, which might be more complicated and less general :-)
[Sat Jun  8 19:32:58 2013] <rmk0> ah, this is actually one function of one tiny piece
[Sat Jun  8 19:33:25 2013] <rmk0> http://github.com/io7m/jvvfs-model2/tree/alt-prefixes
[Sat Jun  8 19:33:27 2013] <rmk0> it's that pile
[Sat Jun  8 19:34:45 2013] <wmeyer``> rmk0: may I ask what kind of project is it, you are working on?
[Sat Jun  8 19:35:06 2013] <wmeyer``> out of curiosity
[Sat Jun  8 19:35:13 2013] <rmk0> well, the story is that i initially wrote: http://mvn.io7m.com/jvvfs
[Sat Jun  8 19:35:22 2013] <wmeyer``> I'd like to know if many people actually write real code in Coq
[Sat Jun  8 19:35:28 2013] <rmk0> and "write semantics for jvvfs" had been on the todo list for 18 months
[Sat Jun  8 19:35:52 2013] <rmk0> about a month ago, i found a nasty inconsistency in the implementation of jvvfs, so i decided to get the semantics done and rewrite the implementation from scratch
[Sat Jun  8 19:36:22 2013] <rmk0> unfortunately i won't be able to formally verify the java code against the specification, but it's better than nothing
[Sat Jun  8 19:37:25 2013] <rmk0> have found a few other faulty assumptions in the implementation in the process of writing this, so it was definitely time well spent
[Sat Jun  8 19:38:29 2013] <wmeyer``> do you use ocaml-java after extraction?
[Sat Jun  8 19:39:13 2013] <rmk0> there's no extraction, unfortunately
[Sat Jun  8 19:39:20 2013] <rmk0> when ocaml-java matures, i'll be looking into it
[Sat Jun  8 19:39:33 2013] <wmeyer``> nice
[Sat Jun  8 19:39:50 2013] <wmeyer``> now I started to see a real benefit of ocaml-java :-)
[Sat Jun  8 19:39:54 2013] <rmk0> it'll just be hand-written java, informally checked against the coq specification until then
[Sat Jun  8 19:40:13 2013] <wmeyer``> better than nothing!
[Sat Jun  8 19:40:16 2013] <rmk0> yep
[Sat Jun  8 19:40:20 2013] <rmk0> ocaml on the jvm would be nice
[Sat Jun  8 19:40:46 2013] <rmk0> i miss algebraic types and pattern matching whenever i work with java
[Sat Jun  8 19:40:54 2013] <wmeyer``> Scala is fine though
[Sat Jun  8 19:41:06 2013] <rmk0> i couldn't get along with it
[Sat Jun  8 19:41:15 2013] <rmk0> subtyping + implicits are ... chaotic
[Sat Jun  8 19:41:29 2013] <rmk0> and the tool support is extremely poor... broken IDE and very long compilation times, etc
[Sat Jun  8 19:41:52 2013] <wmeyer``> yes, it has quirkiness but it's good when you realise that it allows functional code
[Sat Jun  8 19:42:06 2013] <rmk0> think most of the problems with it are down to the fact that they wanted strong interoperability with java
[Sat Jun  8 19:42:08 2013] <wmeyer``> the code is quite dense though
[Sat Jun  8 19:42:16 2013] <rmk0> have to inherit most of java's type system damage
[Sat Jun  8 19:42:39 2013] <wmeyer``> yep, they did achieve that, and what i can say, it's almost flawless
[Sat Jun  8 19:42:52 2013] <wmeyer``> (to defend Scala; not my favourite language, but still sane)
[Sat Jun  8 19:43:04 2013] <rmk0> there are certainly worse options than scala
[Sat Jun  8 19:43:33 2013] <wmeyer``> yes, indeed
[Sat Jun  8 20:15:46 2013] <Cale> rmk0: Yeah, I was actually going to suggest doing that. The inductive definitions of predicates seem to be easier to work with.
[Sat Jun  8 20:16:13 2013] <rmk0> Cale: much easier, yes
[Sat Jun  8 20:16:47 2013] <rmk0> lovely to work with using the inversion tactic, too
[Sat Jun  8 21:21:29 2013] <morgan.freenode.net> [freenode-info] if you're at a conference and other people are having trouble connecting, please mention it to staff: http://freenode.net/faq.shtml#gettinghelp
[Sat Jun  8 21:32:57 2013] <leguin.freenode.net> [freenode-info] please register your nickname...don't forget to auto-identify! http://freenode.net/faq.shtml#nicksetup
[Sat Jun  8 21:33:53 2013] <hubbard.freenode.net> [freenode-info] channel flooding and no channel staff around to help? Please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Sun Jun  9 15:04:37 2013] <jgross> Can anyone help me prove "forall (objD : Type) (o0 : objD) (H1 : @eq objD o0 o0) (T : objD -> Type) (m : T o0), @eq (T o0) match H1 in (@eq _ _ o) return (T o0) with | eq_refl => m end match H1 in (@eq _ _ y) return (T y) with | eq_refl => m end."? 
[Sun Jun  9 15:04:37 2013] <jgross> Can anyone help me prove "forall (objD : Type) (o0 : objD) (H1 : @eq objD o0 o0) (T : objD -> Type) (m : T o0), @eq (T o0) match H1 in (@eq _ _ o) return (T o0) with | eq_refl => m end match H1 in (@eq _ _ y) return (T y) with | eq_refl => m end."?
[Sun Jun  9 19:28:03 2013] <miller> Okay, I'm trying to make a type that is (list nat, nat) with the property that all elements in the list are less than a certain number (the second element).  I would expect to be able to write this as `Inductive MaxList (n:nat) : Type :=  max_list : list nat -> n -> Maxlist n`, but that is disallowed, as `n` is not a Type.  Can someone either explain how I'm thinking wrong, or point me at some similar
[Sun Jun  9 19:28:03 2013] <miller> Okay, I'm trying to make a type that is (list nat, nat) with the property that all elements in the list are less than a certain number (the second element).  I would expect to be able to write this as `Inductive MaxList (n:nat) : Type :=  max_list : list nat -> n -> Maxlist n`, but that is disallowed, as `n` is not a Type.  Can someone either explain how I'm thinking wrong, or point me at some similar
[Sun Jun  9 19:28:06 2013] <miller> example code?
[Sun Jun  9 19:28:06 2013] <miller> example code?
[Sun Jun  9 19:28:59 2013] <miller> (I stared at the code for vector for a while, but they explicitly list 0 for nil, and `forall (n:nat), n -> (S n)` after that, so they seem to dodge the issue.)
[Sun Jun  9 19:28:59 2013] <miller> (I stared at the code for vector for a while, but they explicitly list 0 for nil, and `forall (n:nat), n -> (S n)` after that, so they seem to dodge the issue.)
[Sun Jun  9 19:29:33 2013] <elliott> you can just omit "n ->"
[Sun Jun  9 19:29:33 2013] <elliott> you can just omit "n ->"
[Sun Jun  9 19:35:50 2013] <rmk0> miller: not sure if you're aware, but there's some stuff in the standard library you can use here: https://outland.arc7.info/2013/06/09/Less.v
[Sun Jun  9 19:35:50 2013] <rmk0> miller: not sure if you're aware, but there's some stuff in the standard library you can use here: https://outland.arc7.info/2013/06/09/Less.v
[Sun Jun  9 19:36:21 2013] <rmk0> so "lessers 23" would denote the type of lists where all elements are less than 23
[Sun Jun  9 19:36:21 2013] <rmk0> so "lessers 23" would denote the type of lists where all elements are less than 23
[Sun Jun  9 19:36:23 2013] <rmk0> etc
[Sun Jun  9 19:36:23 2013] <rmk0> etc
[Sun Jun  9 19:36:53 2013] <robbert`> or you can bundle the list, or bundle both the list and the bound:
[Sun Jun  9 19:36:53 2013] <robbert`> or you can bundle the list, or bundle both the list and the bound:
[Sun Jun  9 19:36:55 2013] <robbert`> Record foo := { foo_car : list nat; foo_bound : nat;
[Sun Jun  9 19:36:55 2013] <robbert`> Record foo := { foo_car : list nat; foo_bound : nat;
[Sun Jun  9 19:36:57 2013] <robbert`>   foo_prf : Forall (fun x => x < foo_bound) foo_car }.
[Sun Jun  9 19:36:57 2013] <robbert`>   foo_prf : Forall (fun x => x < foo_bound) foo_car }.
[Sun Jun  9 19:36:59 2013] <robbert`> Record bar (n : nat) := { bar_car : list nat;
[Sun Jun  9 19:36:59 2013] <robbert`> Record bar (n : nat) := { bar_car : list nat;
[Sun Jun  9 19:37:01 2013] <robbert`>   bar_prf : Forall (fun x => x < n) bar_car }.
[Sun Jun  9 19:37:01 2013] <robbert`>   bar_prf : Forall (fun x => x < n) bar_car }.
[Sun Jun  9 19:43:46 2013] <miller> elliott: Well I feel silly now.  How does that magically appear as an argument?  Is `Inductive X (n:nat) : Type := foo : X` the same as `Inductive X : Type := foo : forall (n:nat), n -> X` ?
[Sun Jun  9 19:43:46 2013] <miller> elliott: Well I feel silly now.  How does that magically appear as an argument?  Is `Inductive X (n:nat) : Type := foo : X` the same as `Inductive X : Type := foo : forall (n:nat), n -> X` ?
[Sun Jun  9 19:44:02 2013] <miller> rmk0: Was not aware, and is much appreciated.
[Sun Jun  9 19:44:02 2013] <miller> rmk0: Was not aware, and is much appreciated.
[Sun Jun  9 19:44:43 2013] <miller> * sits and processes the record idea
[Sun Jun  9 19:44:44 2013] <miller> * sits and processes the record idea
[Sun Jun  9 19:44:56 2013] <elliott> miller: in "forall n, ...", n is an argument.
[Sun Jun  9 19:44:56 2013] <elliott> miller: in "forall n, ...", n is an argument.
[Sun Jun  9 19:45:04 2013] <elliott> A -> B is just short for forall (_:A), B
[Sun Jun  9 19:45:05 2013] <elliott> A -> B is just short for forall (_:A), B
[Sun Jun  9 19:45:20 2013] <miller> Oh.
[Sun Jun  9 19:45:20 2013] <miller> Oh.
[Sun Jun  9 19:45:42 2013] <elliott> in particular, having n as an argument to MaxList means your max_list basically has an implicit "forall n," in front of it
[Sun Jun  9 19:45:42 2013] <elliott> in particular, having n as an argument to MaxList means your max_list basically has an implicit "forall n," in front of it
[Sun Jun  9 19:45:50 2013] <elliott> max_list : forall n, list nat -> MaxList n
[Sun Jun  9 19:45:50 2013] <elliott> max_list : forall n, list nat -> MaxList n
[Sun Jun  9 19:46:12 2013] <elliott> you could make it more explicit like this: Inductive MaxList : nat -> Type := max_list : forall n, list nat -> MaxList n (but I don't recommend doing so)
[Sun Jun  9 19:46:12 2013] <elliott> you could make it more explicit like this: Inductive MaxList : nat -> Type := max_list : forall n, list nat -> MaxList n (but I don't recommend doing so)
[Sun Jun  9 20:00:00 2013] <robbert`> miller: your "inductive X"s are not the same. In the first "n" is called a parameter, and in the second an index. Parameters should appear exactly as such in the types of the conclusion of each constructor.
[Sun Jun  9 20:00:00 2013] <robbert`> miller: your "inductive X"s are not the same. In the first "n" is called a parameter, and in the second an index. Parameters should appear exactly as such in the types of the conclusion of each constructor.
[Sun Jun  9 20:00:38 2013] <robbert`> Indexes can be different in each constructor's conclusion.
[Sun Jun  9 20:00:38 2013] <robbert`> Indexes can be different in each constructor's conclusion.
[Sun Jun  9 20:01:13 2013] <elliott> robbert`: it isn't even an index in the second
[Sun Jun  9 20:01:13 2013] <elliott> robbert`: it isn't even an index in the second
[Sun Jun  9 20:01:19 2013] <elliott> it doesn't appear in the resulting type
[Sun Jun  9 20:01:19 2013] <elliott> it doesn't appear in the resulting type
[Sun Jun  9 20:01:20 2013] <robbert`> Declaring an argument of an inductive as a parameter (on the left hand side of the ":") instead of an index (on the right hand side) is generally prefered as it gives a stronger elimination principle
[Sun Jun  9 20:01:21 2013] <robbert`> Declaring an argument of an inductive as a parameter (on the left hand side of the ":") instead of an index (on the right hand side) is generally prefered as it gives a stronger elimination principle
[Sun Jun  9 20:01:50 2013] <robbert`> oh, wait, I misread your second X
[Sun Jun  9 20:01:50 2013] <robbert`> oh, wait, I misread your second X
[Sun Jun  9 20:02:15 2013] <robbert`> I thought I read Inductive X : nat -> Type
[Sun Jun  9 20:02:15 2013] <robbert`> I thought I read Inductive X : nat -> Type
[Sun Jun  9 20:02:22 2013] <robbert`> it's late...
[Sun Jun  9 20:02:22 2013] <robbert`> it's late...
[Mon Jun 10 01:16:48 2013] <kini> my god, `coqtop -emacs-U` is taking more than 500 MB of memory? what?
[Mon Jun 10 01:16:48 2013] <kini> my god, `coqtop -emacs-U` is taking more than 500 MB of memory? what?
[Mon Jun 10 01:16:58 2013] <kini> surprising, considering I'm not doing anything particularly heavy duty...
[Mon Jun 10 01:16:58 2013] <kini> surprising, considering I'm not doing anything particularly heavy duty...
[Mon Jun 10 06:23:33 2013] <thorsten`> kini: same effect here. coqtop (when using with proof general) uses about 400 mb (on some 64 bit system)
[Mon Jun 10 06:23:33 2013] <thorsten`> kini: same effect here. coqtop (when using with proof general) uses about 400 mb (on some 64 bit system)
[Mon Jun 10 06:37:42 2013] <kini> how strange
[Mon Jun 10 06:37:42 2013] <kini> how strange
[Mon Jun 10 08:29:34 2013] <rmk0> i have List.NoDup for some xs, and am trying to show that for any two elements x and y in xs, x <> y
[Mon Jun 10 08:29:34 2013] <rmk0> i have List.NoDup for some xs, and am trying to show that for any two elements x and y in xs, x <> y
[Mon Jun 10 08:29:42 2013] <rmk0> any idea if this is actually provable?
[Mon Jun 10 08:29:42 2013] <rmk0> any idea if this is actually provable?
[Mon Jun 10 08:29:52 2013] <rmk0> i'm not entirely sure how to phrase the theorem to begin with...
[Mon Jun 10 08:29:52 2013] <rmk0> i'm not entirely sure how to phrase the theorem to begin with...
[Mon Jun 10 08:30:20 2013] <rmk0> i don't have decidable equality on elements of the list
[Mon Jun 10 08:30:20 2013] <rmk0> i don't have decidable equality on elements of the list
[Mon Jun 10 08:31:47 2013] <elliott> rmk0: perhaps: forall xs, NoDup xs -> forall i j, i <> j -> i < length xs -> j < length xs -> nth_error xs i <> nth_error xs j
[Mon Jun 10 08:31:47 2013] <elliott> rmk0: perhaps: forall xs, NoDup xs -> forall i j, i <> j -> i < length xs -> j < length xs -> nth_error xs i <> nth_error xs j
[Mon Jun 10 08:32:39 2013] <elliott> rmk0: or the other way around (less negation...): forall xs, NoDup xs -> forall i j, i < length xs -> j < length xs -> nth_error xs i = nth_error xs j -> i = j
[Mon Jun 10 08:32:39 2013] <elliott> rmk0: or the other way around (less negation...): forall xs, NoDup xs -> forall i j, i < length xs -> j < length xs -> nth_error xs i = nth_error xs j -> i = j
[Mon Jun 10 08:33:02 2013] <rmk0> hm
[Mon Jun 10 08:33:02 2013] <rmk0> hm
[Mon Jun 10 08:33:29 2013] <elliott> ugly, admittedly
[Mon Jun 10 08:33:29 2013] <elliott> ugly, admittedly
[Mon Jun 10 08:34:23 2013] <rmk0> thanks, will try it
[Mon Jun 10 08:34:23 2013] <rmk0> thanks, will try it
[Mon Jun 10 08:34:30 2013] <elliott> maybe something like...
[Mon Jun 10 08:34:30 2013] <elliott> maybe something like...
[Mon Jun 10 08:35:38 2013] <elliott> Inductive El {A} : list A -> Type := here : forall x xs, El x (x :: xs) | there : forall x y xs, El x xs -> El x (y :: xs); at : El xs -> A; pos : El xs -> nat; forall xs, NoDup xs -> forall i j : El xs, at i = at j -> pos i = pos j
[Mon Jun 10 08:35:38 2013] <elliott> Inductive El {A} : list A -> Type := here : forall x xs, El x (x :: xs) | there : forall x y xs, El x xs -> El x (y :: xs); at : El xs -> A; pos : El xs -> nat; forall xs, NoDup xs -> forall i j : El xs, at i = at j -> pos i = pos j
[Mon Jun 10 08:35:50 2013] <elliott> where El is just an existential version of the inductive version of In of course
[Mon Jun 10 08:35:50 2013] <elliott> where El is just an existential version of the inductive version of In of course
[Mon Jun 10 08:35:54 2013] <elliott> in fact maybe using In would be best
[Mon Jun 10 08:35:54 2013] <elliott> in fact maybe using In would be best
[Mon Jun 10 08:36:00 2013] <rmk0> right
[Mon Jun 10 08:36:00 2013] <rmk0> right
[Mon Jun 10 08:36:28 2013] <elliott> ooh
[Mon Jun 10 08:36:28 2013] <elliott> ooh
[Mon Jun 10 08:36:44 2013] <elliott> how about this: forall xs, NoDup xs -> forall x (Hx1 Hx2 : In x xs), pos Hx1 = pos Hx2
[Mon Jun 10 08:36:44 2013] <elliott> how about this: forall xs, NoDup xs -> forall x (Hx1 Hx2 : In x xs), pos Hx1 = pos Hx2
[Mon Jun 10 08:36:49 2013] <elliott> where pos is defined in the obvious manner
[Mon Jun 10 08:36:49 2013] <elliott> where pos is defined in the obvious manner
[Mon Jun 10 08:37:06 2013] <elliott> then you can derive the consequence
[Mon Jun 10 08:37:06 2013] <elliott> then you can derive the consequence
[Mon Jun 10 08:37:27 2013] <rmk0> hm, yes
[Mon Jun 10 08:37:27 2013] <rmk0> hm, yes
[Mon Jun 10 08:37:29 2013] <elliott> forall xs, NoDup xs -> forall x y (Hx : In x xs) (Hy : In y xs), pos Hx <> pos Hy -> x <> y
[Mon Jun 10 08:37:29 2013] <elliott> forall xs, NoDup xs -> forall x y (Hx : In x xs) (Hy : In y xs), pos Hx <> pos Hy -> x <> y
[Mon Jun 10 08:37:39 2013] <elliott> (I think)
[Mon Jun 10 08:37:39 2013] <elliott> (I think)
[Mon Jun 10 08:37:40 2013] <rmk0> has the benefit of being the shortest :)
[Mon Jun 10 08:37:40 2013] <rmk0> has the benefit of being the shortest :)
[Mon Jun 10 08:37:50 2013] <elliott> I think it specifies the property in the nicest way too
[Mon Jun 10 08:37:50 2013] <elliott> I think it specifies the property in the nicest way too
[Mon Jun 10 08:38:04 2013] <elliott> "given a list with no duplicates, two occurrences of an element in that list must share position"
[Mon Jun 10 08:38:04 2013] <elliott> "given a list with no duplicates, two occurrences of an element in that list must share position"
[Mon Jun 10 08:38:30 2013] <elliott> hence "given a list with no duplicates, two occurrences of two separate elements in that list at different positions must have unequal values"
[Mon Jun 10 08:38:30 2013] <elliott> hence "given a list with no duplicates, two occurrences of two separate elements in that list at different positions must have unequal values"
[Mon Jun 10 08:52:47 2013] <rmk0> hm, not so obvious how to define 'pos' actually, given that List.In isn't inductive
[Mon Jun 10 08:52:47 2013] <rmk0> hm, not so obvious how to define 'pos' actually, given that List.In isn't inductive
[Mon Jun 10 08:53:11 2013] <elliott> rmk0: can do induction on the list?
[Mon Jun 10 08:53:11 2013] <elliott> rmk0: can do induction on the list?
[Mon Jun 10 08:53:12 2013] <elliott> I think
[Mon Jun 10 08:53:12 2013] <elliott> I think
[Mon Jun 10 08:53:23 2013] <elliott> * thinks In should be inductive
[Mon Jun 10 08:53:23 2013] <elliott> * thinks In should be inductive
[Mon Jun 10 08:53:28 2013] <rmk0> it should be, yes
[Mon Jun 10 08:53:28 2013] <rmk0> it should be, yes
[Mon Jun 10 08:53:52 2013] <rmk0> doing induction on the list gives an error when trying to destruct the In, because the function is in Set
[Mon Jun 10 08:53:52 2013] <rmk0> doing induction on the list gives an error when trying to destruct the In, because the function is in Set
[Mon Jun 10 08:54:48 2013] <elliott> rmk0: let me give it a try, I think there's a nice way to do it
[Mon Jun 10 08:54:48 2013] <elliott> rmk0: let me give it a try, I think there's a nice way to do it
[Mon Jun 10 08:54:53 2013] <rmk0> ok, thanks
[Mon Jun 10 08:54:54 2013] <rmk0> ok, thanks
[Mon Jun 10 08:54:58 2013] <elliott> though maybe not without decidable equality on the A? :/
[Mon Jun 10 08:54:58 2013] <elliott> though maybe not without decidable equality on the A? :/
[Mon Jun 10 08:55:02 2013] <elliott> I'll try anyway
[Mon Jun 10 08:55:02 2013] <elliott> I'll try anyway
[Mon Jun 10 08:58:33 2013] <elliott> rmk0: do you care if "pos" is really inefficient?
[Mon Jun 10 08:58:33 2013] <elliott> rmk0: do you care if "pos" is really inefficient?
[Mon Jun 10 08:58:56 2013] <elliott> oh hm
[Mon Jun 10 08:58:56 2013] <elliott> oh hm
[Mon Jun 10 08:59:10 2013] <rmk0> not at all
[Mon Jun 10 08:59:10 2013] <rmk0> not at all
[Mon Jun 10 08:59:41 2013] <rmk0> it might be worth explaining why i'm doing this in the first place
[Mon Jun 10 08:59:42 2013] <rmk0> it might be worth explaining why i'm doing this in the first place
[Mon Jun 10 09:00:18 2013] <rmk0> i'm trying to prove things about a function that calculates all prefixes of a list:
[Mon Jun 10 09:00:18 2013] <rmk0> i'm trying to prove things about a function that calculates all prefixes of a list:
[Mon Jun 10 09:00:21 2013] <rmk0> https://outland.arc7.info/2013/06/10/prefixes5.v
[Mon Jun 10 09:00:21 2013] <rmk0> https://outland.arc7.info/2013/06/10/prefixes5.v
[Mon Jun 10 09:00:40 2013] <rmk0> is_prefix gives the meaning of "being a prefix"
[Mon Jun 10 09:00:40 2013] <rmk0> is_prefix gives the meaning of "being a prefix"
[Mon Jun 10 09:00:54 2013] <rmk0> "prefixes_including_self" calculates all prefixes of a list, but the result includes the original list
[Mon Jun 10 09:00:54 2013] <rmk0> "prefixes_including_self" calculates all prefixes of a list, but the result includes the original list
[Mon Jun 10 09:01:07 2013] <rmk0> nothing is a prefix of itself, so the "prefixes" function simply removes the last element from the results
[Mon Jun 10 09:01:07 2013] <rmk0> nothing is a prefix of itself, so the "prefixes" function simply removes the last element from the results
[Mon Jun 10 09:01:27 2013] <rmk0> am then trying to show that all lists returned by "prefixes" ... are prefixes
[Mon Jun 10 09:01:27 2013] <rmk0> am then trying to show that all lists returned by "prefixes" ... are prefixes
[Mon Jun 10 09:01:33 2013] <elliott> *nod*
[Mon Jun 10 09:01:33 2013] <elliott> *nod*
[Mon Jun 10 09:01:46 2013] <elliott> I don't quite see where this lemma comes in but it's an interesting exercise all the same ;)
[Mon Jun 10 09:01:46 2013] <elliott> I don't quite see where this lemma comes in but it's an interesting exercise all the same ;)
[Mon Jun 10 09:01:58 2013] <rmk0> hehe, i'm trying to see what led me to it yesterday
[Mon Jun 10 09:01:58 2013] <rmk0> hehe, i'm trying to see what led me to it yesterday
[Mon Jun 10 09:02:16 2013] <rmk0> ah... List.In xs (List.removelast (prefixes_including_self ys)) -> xs <> ys
[Mon Jun 10 09:02:16 2013] <rmk0> ah... List.In xs (List.removelast (prefixes_including_self ys)) -> xs <> ys
[Mon Jun 10 09:03:17 2013] <rmk0> wanted to show that all of the "prefixes_including_self" were different to each other, so that i could show that with the last element removed, none of the lists equalled the original list
[Mon Jun 10 09:03:17 2013] <rmk0> wanted to show that all of the "prefixes_including_self" were different to each other, so that i could show that with the last element removed, none of the lists equalled the original list
[Mon Jun 10 09:03:32 2013] <rmk0> so that i could then pass that fact to prefixes_including_self_correct_0
[Mon Jun 10 09:03:32 2013] <rmk0> so that i could then pass that fact to prefixes_including_self_correct_0
[Mon Jun 10 09:03:41 2013] <rmk0> there may be a better way to do this
[Mon Jun 10 09:03:41 2013] <rmk0> there may be a better way to do this
[Mon Jun 10 09:05:25 2013] <rmk0> the ultimate goal is obviously to prove "prefixes_correct" without admissions
[Mon Jun 10 09:05:25 2013] <rmk0> the ultimate goal is obviously to prove "prefixes_correct" without admissions
[Mon Jun 10 09:08:08 2013] <elliott> looks like an inductive definition of In is the right way to go, tho still some issues with keeping the lists connected/equal when doing the induction (isn't it always the same issue?!)
[Mon Jun 10 09:08:08 2013] <elliott> looks like an inductive definition of In is the right way to go, tho still some issues with keeping the lists connected/equal when doing the induction (isn't it always the same issue?!)
[Mon Jun 10 09:11:35 2013] <rmk0> hehe
[Mon Jun 10 09:11:35 2013] <rmk0> hehe
[Mon Jun 10 09:11:54 2013] <rmk0> no idea why they made In a fixpoint
[Mon Jun 10 09:11:54 2013] <rmk0> no idea why they made In a fixpoint
[Mon Jun 10 09:12:13 2013] <rmk0> seems like a perfect textbook example of something that shouldn't be one
[Mon Jun 10 09:12:13 2013] <rmk0> seems like a perfect textbook example of something that shouldn't be one
[Mon Jun 10 09:12:37 2013] <elliott> well, frankly I have no idea why half the lines in the standard library are the way they are
[Mon Jun 10 09:12:37 2013] <elliott> well, frankly I have no idea why half the lines in the standard library are the way they are
[Mon Jun 10 09:12:53 2013] <rmk0> it's quite messy
[Mon Jun 10 09:12:53 2013] <rmk0> it's quite messy
[Mon Jun 10 09:13:08 2013] <Cale> The naming and organisation of the coq standard library is completely mysterious to me
[Mon Jun 10 09:13:08 2013] <Cale> The naming and organisation of the coq standard library is completely mysterious to me
[Mon Jun 10 09:13:19 2013] <rmk0> think it just sort of accumulated junk
[Mon Jun 10 09:13:19 2013] <rmk0> think it just sort of accumulated junk
[Mon Jun 10 09:13:23 2013] <rmk0> nobody designed it, obviously
[Mon Jun 10 09:13:23 2013] <rmk0> nobody designed it, obviously
[Mon Jun 10 09:19:15 2013] <elliott> rmk0: ok, I have proved it for my own version of In/NoDup
[Mon Jun 10 09:19:15 2013] <elliott> rmk0: ok, I have proved it for my own version of In/NoDup
[Mon Jun 10 09:19:17 2013] <elliott> will clean up & show
[Mon Jun 10 09:19:17 2013] <elliott> will clean up & show
[Mon Jun 10 09:19:26 2013] <rmk0> ooh!
[Mon Jun 10 09:19:26 2013] <rmk0> ooh!
[Mon Jun 10 09:24:30 2013] <elliott> very ugly proof :/
[Mon Jun 10 09:24:30 2013] <elliott> very ugly proof :/
[Mon Jun 10 09:25:29 2013] <rmk0> that's no problem... this one function has been holding up my work for about a week now
[Mon Jun 10 09:25:29 2013] <rmk0> that's no problem... this one function has been holding up my work for about a week now
[Mon Jun 10 09:25:34 2013] <rmk0> will be happy to see it eliminated
[Mon Jun 10 09:25:34 2013] <rmk0> will be happy to see it eliminated
[Mon Jun 10 09:27:45 2013] <elliott> rmk0: well, here is the hideous proof: http://sprunge.us/YShS
[Mon Jun 10 09:27:45 2013] <elliott> rmk0: well, here is the hideous proof: http://sprunge.us/YShS
[Mon Jun 10 09:27:57 2013] <elliott> if you use it without cleaning it up, shame on you :)
[Mon Jun 10 09:27:57 2013] <elliott> if you use it without cleaning it up, shame on you :)
[Mon Jun 10 09:28:20 2013] <rmk0> hehe, thanks
[Mon Jun 10 09:28:20 2013] <rmk0> hehe, thanks
[Mon Jun 10 09:28:21 2013] <elliott> oh, Uniq should be in Prop probably
[Mon Jun 10 09:28:21 2013] <elliott> oh, Uniq should be in Prop probably
[Mon Jun 10 09:29:41 2013] <rmk0> * picks it apart
[Mon Jun 10 09:29:41 2013] <rmk0> * picks it apart
[Mon Jun 10 09:32:15 2013] <rmk0> elliott: i'd like to put you in the contributors file for this project... any particular name i should use?
[Mon Jun 10 09:32:15 2013] <rmk0> elliott: i'd like to put you in the contributors file for this project... any particular name i should use?
[Mon Jun 10 09:33:36 2013] <rmk0> if you'd like to remain anonymous, that's no problem
[Mon Jun 10 09:33:36 2013] <rmk0> if you'd like to remain anonymous, that's no problem
[Mon Jun 10 09:33:59 2013] <elliott> oh, dear, don't credit me for that awful proof :)
[Mon Jun 10 09:33:59 2013] <elliott> oh, dear, don't credit me for that awful proof :)
[Mon Jun 10 09:34:03 2013] <elliott> but seriously, no need
[Mon Jun 10 09:34:03 2013] <elliott> but seriously, no need
[Mon Jun 10 09:34:07 2013] <rmk0> hehe
[Mon Jun 10 09:34:07 2013] <rmk0> hehe
[Mon Jun 10 09:34:29 2013] <elliott> (here's a slightly cleaned up version that shows the structure, btw: http://sprunge.us/iJES... I wonder if there isn't some destructing tactic that does what I want here)
[Mon Jun 10 09:34:29 2013] <elliott> (here's a slightly cleaned up version that shows the structure, btw: http://sprunge.us/iJES... I wonder if there isn't some destructing tactic that does what I want here)
[Mon Jun 10 09:35:20 2013] <rmk0> you mean a "destruct" that doesn't "forget"?
[Mon Jun 10 09:35:20 2013] <rmk0> you mean a "destruct" that doesn't "forget"?
[Mon Jun 10 09:35:41 2013] <rmk0> vaguely wonder if "inversion" would do it
[Mon Jun 10 09:35:41 2013] <rmk0> vaguely wonder if "inversion" would do it
[Mon Jun 10 09:35:43 2013] <elliott> right... I thought "inversion" would work here but it doesn't
[Mon Jun 10 09:35:43 2013] <elliott> right... I thought "inversion" would work here but it doesn't
[Mon Jun 10 09:35:47 2013] <rmk0> oh
[Mon Jun 10 09:35:47 2013] <rmk0> oh
[Mon Jun 10 09:36:05 2013] <rmk0> is annoying behaviour
[Mon Jun 10 09:36:05 2013] <rmk0> is annoying behaviour
[Mon Jun 10 09:36:09 2013] <elliott> because it doesn't destruct it in the goal
[Mon Jun 10 09:36:09 2013] <elliott> because it doesn't destruct it in the goal
[Mon Jun 10 09:36:14 2013] <elliott> so to speak
[Mon Jun 10 09:36:14 2013] <elliott> so to speak
[Mon Jun 10 09:37:17 2013] <elliott> at least the proof term is relatively small
[Mon Jun 10 09:37:17 2013] <elliott> at least the proof term is relatively small
[Mon Jun 10 10:52:19 2013] <rmk0> ow, run into an issue
[Mon Jun 10 10:52:20 2013] <rmk0> ow, run into an issue
[Mon Jun 10 10:53:13 2013] <rmk0> https://outland.arc7.info/2013/06/10/elimination.v
[Mon Jun 10 10:53:14 2013] <rmk0> https://outland.arc7.info/2013/06/10/elimination.v
[Mon Jun 10 10:53:24 2013] <rmk0> elliott: InPT is equivalent to your El definition
[Mon Jun 10 10:53:24 2013] <rmk0> elliott: InPT is equivalent to your El definition
[Mon Jun 10 10:53:33 2013] <elliott> right
[Mon Jun 10 10:53:33 2013] <elliott> right
[Mon Jun 10 10:53:45 2013] <rmk0> you... may see the problem there
[Mon Jun 10 10:53:45 2013] <rmk0> you... may see the problem there
[Mon Jun 10 10:53:49 2013] <elliott> * opens proofgenearl
[Mon Jun 10 10:53:49 2013] <elliott> * opens proofgenearl
[Mon Jun 10 10:53:51 2013] <elliott> *general
[Mon Jun 10 10:53:51 2013] <elliott> *general
[Mon Jun 10 10:53:54 2013] <rmk0> Error: Inversion would require case analysis on sort Type which is not
[Mon Jun 10 10:53:54 2013] <rmk0> Error: Inversion would require case analysis on sort Type which is not
[Mon Jun 10 10:53:55 2013] <rmk0> allowed for inductive definition InP.
[Mon Jun 10 10:53:55 2013] <rmk0> allowed for inductive definition InP.
[Mon Jun 10 10:54:46 2013] <elliott> oh, that's easy
[Mon Jun 10 10:54:46 2013] <elliott> oh, that's easy
[Mon Jun 10 10:54:50 2013] <elliott> just do exfalso first
[Mon Jun 10 10:54:50 2013] <elliott> just do exfalso first
[Mon Jun 10 10:55:14 2013] <rmk0> * looks it up
[Mon Jun 10 10:55:14 2013] <rmk0> * looks it up
[Mon Jun 10 10:55:17 2013] <elliott> if you can derive False (and when deriving False you can of course destruct propositions) then you're OK for a result even in type
[Mon Jun 10 10:55:17 2013] <elliott> if you can derive False (and when deriving False you can of course destruct propositions) then you're OK for a result even in type
[Mon Jun 10 10:55:20 2013] <elliott> exfalso is just elimtype False
[Mon Jun 10 10:55:20 2013] <elliott> exfalso is just elimtype False
[Mon Jun 10 10:55:23 2013] <elliott> i.e. apply False_rect
[Mon Jun 10 10:55:23 2013] <elliott> i.e. apply False_rect
[Mon Jun 10 10:55:28 2013] <elliott> i.e. replace goal with False no matter what the goal is
[Mon Jun 10 10:55:28 2013] <elliott> i.e. replace goal with False no matter what the goal is
[Mon Jun 10 10:56:10 2013] <elliott> now, the next goal you'll find harder
[Mon Jun 10 10:56:10 2013] <elliott> now, the next goal you'll find harder
[Mon Jun 10 10:56:16 2013] <rmk0> ah, interesting... didn't realize that was possible
[Mon Jun 10 10:56:16 2013] <rmk0> ah, interesting... didn't realize that was possible
[Mon Jun 10 10:56:21 2013] <elliott> in fact, I believe it is impossible without decidable equality on A or something, even if that
[Mon Jun 10 10:56:21 2013] <elliott> in fact, I believe it is impossible without decidable equality on A or something, even if that
[Mon Jun 10 10:56:29 2013] <elliott> InPT is less proof irrelevant than InP
[Mon Jun 10 10:56:29 2013] <elliott> InPT is less proof irrelevant than InP
[Mon Jun 10 10:56:36 2013] <rmk0> yep
[Mon Jun 10 10:56:36 2013] <rmk0> yep
[Mon Jun 10 10:56:41 2013] <elliott> in essence, proof irrelevance hides the "pos" of InP
[Mon Jun 10 10:56:41 2013] <elliott> in essence, proof irrelevance hides the "pos" of InP
[Mon Jun 10 10:56:50 2013] <elliott> and you can never hope to recover it back to InPT without more information
[Mon Jun 10 10:56:50 2013] <elliott> and you can never hope to recover it back to InPT without more information
[Mon Jun 10 10:57:00 2013] <elliott> my suggestion is to just use InPT throughout unless you have a good reason not to
[Mon Jun 10 10:57:00 2013] <elliott> my suggestion is to just use InPT throughout unless you have a good reason not to
[Mon Jun 10 10:57:11 2013] <rmk0> right
[Mon Jun 10 10:57:11 2013] <rmk0> right
[Mon Jun 10 10:57:24 2013] <rmk0> it's probably enough that i can get back to InP
[Mon Jun 10 10:57:24 2013] <rmk0> it's probably enough that i can get back to InP
[Mon Jun 10 10:58:50 2013] <rmk0> am quite amused at how tricky this "prefixes" function has been
[Mon Jun 10 10:58:50 2013] <rmk0> am quite amused at how tricky this "prefixes" function has been
[Mon Jun 10 10:59:15 2013] <rmk0> has easily been the hardest part of the entire development
[Mon Jun 10 10:59:15 2013] <rmk0> has easily been the hardest part of the entire development
[Mon Jun 10 11:00:50 2013] <elliott> that's computerised proof for you
[Mon Jun 10 11:00:50 2013] <elliott> that's computerised proof for you
[Mon Jun 10 11:00:59 2013] <elliott> 90% annoying boilerplate :P
[Mon Jun 10 11:00:59 2013] <elliott> 90% annoying boilerplate :P
[Mon Jun 10 11:01:13 2013] <rmk0>  \o/
[Mon Jun 10 11:01:13 2013] <rmk0>  \o/
[Mon Jun 10 11:12:26 2013] <rmk0> think it'd introduce inconsistency to take InP -> InPT as an axiom, if it becomes necessary?
[Mon Jun 10 11:12:26 2013] <rmk0> think it'd introduce inconsistency to take InP -> InPT as an axiom, if it becomes necessary?
[Mon Jun 10 11:12:42 2013] <rmk0> ... might take that one to the mailing list, actually
[Mon Jun 10 11:12:42 2013] <rmk0> ... might take that one to the mailing list, actually
[Mon Jun 10 11:12:54 2013] <rmk0> they usually know immediately exactly which axiom would be implied
[Mon Jun 10 11:12:54 2013] <rmk0> they usually know immediately exactly which axiom would be implied
[Mon Jun 10 11:16:35 2013] <elliott> rmk0: uh, I guess it's not inconsistent
[Mon Jun 10 11:16:35 2013] <elliott> rmk0: uh, I guess it's not inconsistent
[Mon Jun 10 11:16:40 2013] <elliott> you can add stuff where Prop affects Type as an axiom
[Mon Jun 10 11:16:40 2013] <elliott> you can add stuff where Prop affects Type as an axiom
[Mon Jun 10 11:16:45 2013] <elliott> like, weird choice stuff.
[Mon Jun 10 11:16:45 2013] <elliott> like, weird choice stuff.
[Mon Jun 10 11:16:49 2013] <rmk0> yep
[Mon Jun 10 11:16:49 2013] <rmk0> yep
[Mon Jun 10 11:16:53 2013] <elliott> I recommend you don't, it's not very constructive :P
[Mon Jun 10 11:16:53 2013] <elliott> I recommend you don't, it's not very constructive :P
[Mon Jun 10 11:16:59 2013] <rmk0> yep!
[Mon Jun 10 11:16:59 2013] <rmk0> yep!
[Mon Jun 10 11:17:07 2013] <rmk0> am hoping it won't be necessary
[Mon Jun 10 11:17:07 2013] <rmk0> am hoping it won't be necessary
[Mon Jun 10 11:17:43 2013] <rmk0> i almost always rely on proof irrelevance though, which isn't very constructive either
[Mon Jun 10 11:17:43 2013] <rmk0> i almost always rely on proof irrelevance though, which isn't very constructive either
[Mon Jun 10 11:20:11 2013] <elliott> sure proof irrelevance is constructive enough
[Mon Jun 10 11:20:11 2013] <elliott> sure proof irrelevance is constructive enough
[Mon Jun 10 11:20:20 2013] <elliott> just close your eyes and pretend it's epigram 2
[Mon Jun 10 11:20:20 2013] <elliott> just close your eyes and pretend it's epigram 2
[Mon Jun 10 11:20:48 2013] <rmk0> * squints
[Mon Jun 10 11:20:48 2013] <rmk0> * squints
[Mon Jun 10 11:26:05 2013] <elliott> rmk0: a silly list type that makes this proof trivial: http://sprunge.us/hiId
[Mon Jun 10 11:26:05 2013] <elliott> rmk0: a silly list type that makes this proof trivial: http://sprunge.us/hiId
[Mon Jun 10 11:27:02 2013] <rmk0> ah, yes
[Mon Jun 10 11:27:02 2013] <rmk0> ah, yes
[Mon Jun 10 20:10:07 2013] <rmk0> ugh, oh dear
[Mon Jun 10 20:10:07 2013] <rmk0> ugh, oh dear
[Mon Jun 10 20:10:33 2013] <rmk0> in using this definition of In that's in Type, it's having the knock-on effect of pushing everything else into Type as well
[Mon Jun 10 20:10:33 2013] <rmk0> in using this definition of In that's in Type, it's having the knock-on effect of pushing everything else into Type as well
[Mon Jun 10 20:11:56 2013] <rmk0> i don't think i can use this approach
[Mon Jun 10 20:11:56 2013] <rmk0> i don't think i can use this approach
[Tue Jun 11 01:06:16 2013] <Pseudonym> I'm having trouble with induction over mutually recursive types.
[Tue Jun 11 01:06:16 2013] <Pseudonym> I'm having trouble with induction over mutually recursive types.
[Tue Jun 11 01:06:20 2013] <Pseudonym> http://www.nomorepasting.com/getpaste.php?pasteid=39436
[Tue Jun 11 01:06:20 2013] <Pseudonym> http://www.nomorepasting.com/getpaste.php?pasteid=39436
[Tue Jun 11 01:06:38 2013] <Pseudonym> Simple example which illustrates the problem.
[Tue Jun 11 01:06:38 2013] <Pseudonym> Simple example which illustrates the problem.
[Tue Jun 11 01:31:18 2013] <Pseudonym> The problem, in this case, is that I'd like to do induction on t, but there isn't a "correct" induction hypothesis.
[Tue Jun 11 01:31:18 2013] <Pseudonym> The problem, in this case, is that I'd like to do induction on t, but there isn't a "correct" induction hypothesis.
[Tue Jun 11 01:41:21 2013] <dolio> Pseudonym: I'm not sure I can help. But I also don't see mutual recursion there.
[Tue Jun 11 01:41:21 2013] <dolio> Pseudonym: I'm not sure I can help. But I also don't see mutual recursion there.
[Tue Jun 11 01:42:01 2013] <Pseudonym> dolio: Imagine if instead of list ty, you had a custom list type.
[Tue Jun 11 01:42:01 2013] <Pseudonym> dolio: Imagine if instead of list ty, you had a custom list type.
[Tue Jun 11 01:42:52 2013] <Pseudonym> Inductive ty : Set := ... TyList ... with TyList := | TyNil : TyList | TyCons : ty -> TyList -> TyList.
[Tue Jun 11 01:42:52 2013] <Pseudonym> Inductive ty : Set := ... TyList ... with TyList := | TyNil : TyList | TyCons : ty -> TyList -> TyList.
[Tue Jun 11 01:43:01 2013] <Pseudonym> Then it would be clearly mutual recursion.
[Tue Jun 11 01:43:01 2013] <Pseudonym> Then it would be clearly mutual recursion.
[Tue Jun 11 01:43:05 2013] <dolio> Yeah.
[Tue Jun 11 01:43:05 2013] <dolio> Yeah.
[Tue Jun 11 01:43:16 2013] <Pseudonym> And it still wouldn't work.
[Tue Jun 11 01:43:16 2013] <Pseudonym> And it still wouldn't work.
[Tue Jun 11 01:43:30 2013] <Pseudonym> There has to be a "right" way to express it.
[Tue Jun 11 01:43:30 2013] <Pseudonym> There has to be a "right" way to express it.
[Tue Jun 11 01:43:32 2013] <dolio> Which part doesn't work? Proving the last part?
[Tue Jun 11 01:43:32 2013] <dolio> Which part doesn't work? Proving the last part?
[Tue Jun 11 01:43:37 2013] <Pseudonym> Right.
[Tue Jun 11 01:43:37 2013] <Pseudonym> Right.
[Tue Jun 11 01:43:54 2013] <Pseudonym> If you do induction on t, you don't get a hypothesis that helps you with finding the type in the list.
[Tue Jun 11 01:43:54 2013] <Pseudonym> If you do induction on t, you don't get a hypothesis that helps you with finding the type in the list.
[Tue Jun 11 01:44:57 2013] <dolio> What does it give you instead?
[Tue Jun 11 01:44:57 2013] <dolio> What does it give you instead?
[Tue Jun 11 01:46:18 2013] <Pseudonym> In this example, or the mutual recursion example?
[Tue Jun 11 01:46:18 2013] <Pseudonym> In this example, or the mutual recursion example?
[Tue Jun 11 01:46:41 2013] <dolio> Either, if neither works.
[Tue Jun 11 01:46:41 2013] <dolio> Either, if neither works.
[Tue Jun 11 01:47:03 2013] <Pseudonym> No induction hypothesis at all.
[Tue Jun 11 01:47:03 2013] <Pseudonym> No induction hypothesis at all.
[Tue Jun 11 01:47:11 2013] <dolio> Oh.
[Tue Jun 11 01:47:11 2013] <dolio> Oh.
[Tue Jun 11 01:48:15 2013] <dolio> Are you using a tactic that turns the <-> obligation into two -> obligations first?
[Tue Jun 11 01:48:15 2013] <dolio> Are you using a tactic that turns the <-> obligation into two -> obligations first?
[Tue Jun 11 01:48:50 2013] <Pseudonym> It doesn't actually matter in this case, but yes, it also doesn't work in that case.
[Tue Jun 11 01:48:50 2013] <Pseudonym> It doesn't actually matter in this case, but yes, it also doesn't work in that case.
[Tue Jun 11 01:49:22 2013] <dolio> Okay. I have no further advice, then. :)
[Tue Jun 11 01:49:22 2013] <dolio> Okay. I have no further advice, then. :)
[Tue Jun 11 01:49:32 2013] <Cale> Have you tried replacing In with something easier to work with?
[Tue Jun 11 01:49:32 2013] <Cale> Have you tried replacing In with something easier to work with?
[Tue Jun 11 01:50:12 2013] <Pseudonym> Yes. As previously noted, I also trued "pure" mutual recursion.
[Tue Jun 11 01:50:12 2013] <Pseudonym> Yes. As previously noted, I also trued "pure" mutual recursion.
[Tue Jun 11 01:50:31 2013] <Pseudonym> I can quickly hack up a script to prove it if this will help/
[Tue Jun 11 01:50:31 2013] <Pseudonym> I can quickly hack up a script to prove it if this will help/
[Tue Jun 11 01:57:27 2013] <Pseudonym> http://www.nomorepasting.com/getpaste.php?pasteid=39437 <- No induction hypothesis here either.
[Tue Jun 11 01:57:27 2013] <Pseudonym> http://www.nomorepasting.com/getpaste.php?pasteid=39437 <- No induction hypothesis here either.
[Tue Jun 11 02:11:54 2013] <Cale> Pseudonym: I don't really know what I'm doing, but perhaps you need something like:
[Tue Jun 11 02:11:54 2013] <Cale> Pseudonym: I don't really know what I'm doing, but perhaps you need something like:
[Tue Jun 11 02:11:57 2013] <Cale> Scheme ty_tylist_ind := Induction for ty Sort Set
[Tue Jun 11 02:11:57 2013] <Cale> Scheme ty_tylist_ind := Induction for ty Sort Set
[Tue Jun 11 02:11:57 2013] <Cale>   with tylist_ty_ind := Induction for tylist Sort Set.
[Tue Jun 11 02:11:57 2013] <Cale>   with tylist_ty_ind := Induction for tylist Sort Set.
[Tue Jun 11 02:12:41 2013] <Cale> er, that should probably be Prop in both cases
[Tue Jun 11 02:12:41 2013] <Cale> er, that should probably be Prop in both cases
[Tue Jun 11 02:13:19 2013] <Pseudonym> I did play with Scheme a bit.
[Tue Jun 11 02:13:19 2013] <Pseudonym> I did play with Scheme a bit.
[Tue Jun 11 02:13:21 2013] <Cale> I don't know how to get the induction tactic to actually use the mutual induction scheme that it generates
[Tue Jun 11 02:13:21 2013] <Cale> I don't know how to get the induction tactic to actually use the mutual induction scheme that it generates
[Tue Jun 11 02:13:36 2013] <Cale> (Or generate something similar)
[Tue Jun 11 02:13:36 2013] <Cale> (Or generate something similar)
[Tue Jun 11 02:13:39 2013] <Pseudonym> But I couldn't get it to work. That doesn't mean it can't work, of course, it could just mean I'm not familiar/smart enough.
[Tue Jun 11 02:13:39 2013] <Pseudonym> But I couldn't get it to work. That doesn't mean it can't work, of course, it could just mean I'm not familiar/smart enough.
[Tue Jun 11 02:15:46 2013] <Cale> I basically like to pretend that Coq is a fancy Haskell extension and mash my keyboard until it accepts things :)
[Tue Jun 11 02:15:46 2013] <Cale> I basically like to pretend that Coq is a fancy Haskell extension and mash my keyboard until it accepts things :)
[Tue Jun 11 02:16:01 2013] <Pseudonym> If it type checks, ship it!
[Tue Jun 11 02:16:01 2013] <Pseudonym> If it type checks, ship it!
[Tue Jun 11 02:17:10 2013] <Pseudonym> Agda with an ML syntax, yeah.
[Tue Jun 11 02:17:10 2013] <Pseudonym> Agda with an ML syntax, yeah.
[Tue Jun 11 02:22:02 2013] <Pseudonym> The thing is, even if you could get Scheme to work, there should be a way to do it with the built-in list.
[Tue Jun 11 02:22:02 2013] <Pseudonym> The thing is, even if you could get Scheme to work, there should be a way to do it with the built-in list.
[Tue Jun 11 02:22:10 2013] <Pseudonym> Otherwise the built-in list isn't very useful.
[Tue Jun 11 02:22:10 2013] <Pseudonym> Otherwise the built-in list isn't very useful.
[Tue Jun 11 02:38:55 2013] <Cale> Well, when I originally made that suggestion, I meant something a little less drastic than your transformation
[Tue Jun 11 02:38:55 2013] <Cale> Well, when I originally made that suggestion, I meant something a little less drastic than your transformation
[Tue Jun 11 02:39:05 2013] <Cale> I just meant making In itself into an inductive type
[Tue Jun 11 02:39:05 2013] <Cale> I just meant making In itself into an inductive type
[Tue Jun 11 02:39:12 2013] <Pseudonym> Oh, I see≥
[Tue Jun 11 02:39:12 2013] <Pseudonym> Oh, I see≥
[Tue Jun 11 02:39:34 2013] <Cale> but... it still seems difficult
[Tue Jun 11 02:39:34 2013] <Cale> but... it still seems difficult
[Tue Jun 11 02:41:44 2013] <Cale> i.e. this one:
[Tue Jun 11 02:41:44 2013] <Cale> i.e. this one:
[Tue Jun 11 02:41:46 2013] <Cale> Inductive Elem {t} : t -> list t -> Prop :=
[Tue Jun 11 02:41:46 2013] <Cale> Inductive Elem {t} : t -> list t -> Prop :=
[Tue Jun 11 02:41:46 2013] <Cale>   | Here {x xs} : Elem x (x :: xs)
[Tue Jun 11 02:41:46 2013] <Cale>   | Here {x xs} : Elem x (x :: xs)
[Tue Jun 11 02:41:46 2013] <Cale>   | There {x a xs} : Elem x xs -> Elem x (a :: xs).
[Tue Jun 11 02:41:46 2013] <Cale>   | There {x a xs} : Elem x xs -> Elem x (a :: xs).
[Tue Jun 11 02:42:17 2013] <Pseudonym> I think I've hit on one thing that I'm definitely doing wrong.
[Tue Jun 11 02:42:17 2013] <Pseudonym> I think I've hit on one thing that I'm definitely doing wrong.
[Tue Jun 11 02:42:36 2013] <Pseudonym> If you're doing double induction, you need a double-induction-like theorem to prove.
[Tue Jun 11 02:42:36 2013] <Pseudonym> If you're doing double induction, you need a double-induction-like theorem to prove.
[Tue Jun 11 02:42:48 2013] <Pseudonym> That is, you can't prove on just types. you need to prove something like this:
[Tue Jun 11 02:42:48 2013] <Pseudonym> That is, you can't prove on just types. you need to prove something like this:
[Tue Jun 11 02:42:54 2013] <Pseudonym> Lemma occurs_correct' : forall (v : b), (forall (t : ty), VarInTy v t <-> occurs v t = true) /\ (forall (ts : tylist), VarInTyList v ts <-> occurs_tylist v ts = true).
[Tue Jun 11 02:42:54 2013] <Pseudonym> Lemma occurs_correct' : forall (v : b), (forall (t : ty), VarInTy v t <-> occurs v t = true) /\ (forall (ts : tylist), VarInTyList v ts <-> occurs_tylist v ts = true).
[Tue Jun 11 02:43:32 2013] <Pseudonym> The Combined Scheme that you get if you merge the two induction schemes gives you something like that as a conclusion.
[Tue Jun 11 02:43:32 2013] <Pseudonym> The Combined Scheme that you get if you merge the two induction schemes gives you something like that as a conclusion.
[Tue Jun 11 02:43:43 2013] <Pseudonym> That makes sense.
[Tue Jun 11 02:43:43 2013] <Pseudonym> That makes sense.
[Tue Jun 11 02:44:12 2013] <Cale> Yeah
[Tue Jun 11 02:44:12 2013] <Cale> Yeah
[Tue Jun 11 02:44:19 2013] <Pseudonym> In the general case, you couldn't really infer the form of the "list" case.
[Tue Jun 11 02:44:19 2013] <Pseudonym> In the general case, you couldn't really infer the form of the "list" case.
[Tue Jun 11 02:49:44 2013] <tomprince> Cale Pseudonym: Something like 'induction <var> with <scheme>'
[Tue Jun 11 02:49:44 2013] <tomprince> Cale Pseudonym: Something like 'induction <var> with <scheme>'
[Tue Jun 11 02:50:12 2013] <Pseudonym> tomprince: There's a problem with that.
[Tue Jun 11 02:50:12 2013] <Pseudonym> tomprince: There's a problem with that.
[Tue Jun 11 02:50:24 2013] <Pseudonym> For mutual recursion, there is no single <var>.
[Tue Jun 11 02:50:24 2013] <Pseudonym> For mutual recursion, there is no single <var>.
[Tue Jun 11 02:57:36 2013] <tomprince> There is, though. You need to start somewhere.
[Tue Jun 11 02:57:36 2013] <tomprince> There is, though. You need to start somewhere.
[Tue Jun 11 03:01:26 2013] <Pseudonym> OK, I can't get Combined Scheme to work wither.
[Tue Jun 11 03:01:26 2013] <Pseudonym> OK, I can't get Combined Scheme to work wither.
[Tue Jun 11 03:01:28 2013] <Pseudonym> eitehr
[Tue Jun 11 03:01:28 2013] <Pseudonym> eitehr
[Tue Jun 11 03:01:35 2013] <Pseudonym> Scheme ty_tylist_ind := Induction for ty Sort Prop with tylist_ty_ind := Induction for tylist Sort Prop.
[Tue Jun 11 03:01:35 2013] <Pseudonym> Scheme ty_tylist_ind := Induction for ty Sort Prop with tylist_ty_ind := Induction for tylist Sort Prop.
[Tue Jun 11 03:01:38 2013] <Pseudonym> Combined Scheme ty_tylist_mutind from ty_tylist_ind, tylist_ty_ind.
[Tue Jun 11 03:01:38 2013] <Pseudonym> Combined Scheme ty_tylist_mutind from ty_tylist_ind, tylist_ty_ind.
[Tue Jun 11 03:02:12 2013] <Pseudonym> I've actually worked out how to apply the scheme, though Adam would not approve of exactly how I did it.
[Tue Jun 11 03:02:12 2013] <Pseudonym> I've actually worked out how to apply the scheme, though Adam would not approve of exactly how I did it.
[Tue Jun 11 03:02:25 2013] <Pseudonym> But you still don't get a good induction hypothesis.
[Tue Jun 11 03:02:25 2013] <Pseudonym> But you still don't get a good induction hypothesis.
[Tue Jun 11 03:04:33 2013] <Pseudonym> * will try doing induction on VarInTy instead of the type
[Tue Jun 11 03:04:33 2013] <Pseudonym> * will try doing induction on VarInTy instead of the type
[Tue Jun 11 03:20:37 2013] <Pseudonym> Nope. Not smart enough to do that.
[Tue Jun 11 03:20:37 2013] <Pseudonym> Nope. Not smart enough to do that.
[Tue Jun 11 06:11:00 2013] <fasta> It is always possible to write an induction principle by hand too, right?
[Tue Jun 11 06:11:00 2013] <fasta> It is always possible to write an induction principle by hand too, right?
[Tue Jun 11 06:11:56 2013] <fasta> (Meaning that Combine Scheme, Scheme, etc. in the end don't provide anything which you couldn't have achieved in some other way)
[Tue Jun 11 06:11:56 2013] <fasta> (Meaning that Combine Scheme, Scheme, etc. in the end don't provide anything which you couldn't have achieved in some other way)
[Tue Jun 11 06:53:20 2013] <robbert`> fasta: for nested induction these commands do not do what you wish, so sometimes you indeed have to do it by hand
[Tue Jun 11 06:53:20 2013] <robbert`> fasta: for nested induction these commands do not do what you wish, so sometimes you indeed have to do it by hand
[Tue Jun 11 10:07:05 2013] <shergill> so what're the limitations imposed by the calculus of constructions (on the space of things which can be proven in coq)? does it simply restrict one to constructive proofs?
[Tue Jun 11 10:07:05 2013] <shergill> so what're the limitations imposed by the calculus of constructions (on the space of things which can be proven in coq)? does it simply restrict one to constructive proofs?
[Tue Jun 11 10:07:14 2013] <shergill> can all constructive proofs be represented in coq?
[Tue Jun 11 10:07:14 2013] <shergill> can all constructive proofs be represented in coq?
[Tue Jun 11 10:13:16 2013] <ianjneu> shergill: if you're asking for a completeness proof of Gallina, I don't think there is one yet.
[Tue Jun 11 10:13:16 2013] <ianjneu> shergill: if you're asking for a completeness proof of Gallina, I don't think there is one yet.
[Tue Jun 11 10:14:23 2013] <ianjneu> and when you say "all proofs" you really need to specify in which logic.
[Tue Jun 11 10:14:23 2013] <ianjneu> and when you say "all proofs" you really need to specify in which logic.
[Tue Jun 11 10:14:50 2013] <ianjneu> context tells me that you likely mean Gallina.
[Tue Jun 11 10:14:50 2013] <ianjneu> context tells me that you likely mean Gallina.
[Tue Jun 11 10:15:23 2013] <shergill> i did mean gallina, sorry
[Tue Jun 11 10:15:23 2013] <shergill> i did mean gallina, sorry
[Tue Jun 11 10:15:51 2013] <ianjneu> we don't even now if it's strongly normalizing.
[Tue Jun 11 10:15:51 2013] <ianjneu> we don't even now if it's strongly normalizing.
[Tue Jun 11 10:16:23 2013] <ianjneu> A bug in the termination checker that robbert showed me would be a counter-example to that.
[Tue Jun 11 10:16:23 2013] <ianjneu> A bug in the termination checker that robbert showed me would be a counter-example to that.
[Tue Jun 11 10:16:32 2013] <shergill> this was mostly musing on my part last night while making my way through a dense maths proof. i was wishing the author had released it as a coq program since it would've required less mental bookkeeping
[Tue Jun 11 10:16:32 2013] <shergill> this was mostly musing on my part last night while making my way through a dense maths proof. i was wishing the author had released it as a coq program since it would've required less mental bookkeeping
[Tue Jun 11 10:17:33 2013] <shergill> that made me wonder about the completeness of gallina
[Tue Jun 11 10:17:33 2013] <shergill> that made me wonder about the completeness of gallina
[Tue Jun 11 10:17:59 2013] <ianjneu> shergill: my hand-written proofs look like Agda programs. Dependent types have changed me deeply. Not sure if that's a good thing.
[Tue Jun 11 10:17:59 2013] <ianjneu> shergill: my hand-written proofs look like Agda programs. Dependent types have changed me deeply. Not sure if that's a good thing.
[Tue Jun 11 10:18:34 2013] <ianjneu> shergill: only recently did we find a completeness proof for intensional FOL. It might be a while.
[Tue Jun 11 10:18:34 2013] <ianjneu> shergill: only recently did we find a completeness proof for intensional FOL. It might be a while.
[Tue Jun 11 10:20:23 2013] <shergill> ianjneu: could you point me to the reference?
[Tue Jun 11 10:20:23 2013] <shergill> ianjneu: could you point me to the reference?
[Tue Jun 11 10:29:04 2013] <ianjneu> shergill: http://www.nuprl.org/KB/show.php?ShowPub=Con11
[Tue Jun 11 10:29:04 2013] <ianjneu> shergill: http://www.nuprl.org/KB/show.php?ShowPub=Con11
[Tue Jun 11 10:32:00 2013] <shergill> thanks
[Tue Jun 11 10:32:00 2013] <shergill> thanks
[Tue Jun 11 10:33:32 2013] <ianjneu> shergill: I haven't read it. I just heard Bob talking about it last summer.
[Tue Jun 11 10:33:32 2013] <ianjneu> shergill: I haven't read it. I just heard Bob talking about it last summer.
[Tue Jun 11 12:39:55 2013] <Psycho_pr> Is there a web interface to Coq?
[Tue Jun 11 12:39:55 2013] <Psycho_pr> Is there a web interface to Coq?
[Tue Jun 11 13:02:32 2013] <rmk0> possibly silly question... when using a tactic such as inversion, i often do "inversion H as [Hx Hy Hz]"
[Tue Jun 11 13:02:32 2013] <rmk0> possibly silly question... when using a tactic such as inversion, i often do "inversion H as [Hx Hy Hz]"
[Tue Jun 11 13:02:51 2013] <rmk0> if i only want to specify names Hx and Hz, how do i avoid giving Hy?
[Tue Jun 11 13:02:51 2013] <rmk0> if i only want to specify names Hx and Hz, how do i avoid giving Hy?
[Tue Jun 11 13:04:18 2013] <elliott> [Hx ? Hz]
[Tue Jun 11 13:04:18 2013] <elliott> [Hx ? Hz]
[Tue Jun 11 13:04:30 2013] <elliott> or [Hx _ Hz]
[Tue Jun 11 13:04:30 2013] <elliott> or [Hx _ Hz]
[Tue Jun 11 13:04:36 2013] <elliott> oh, maybe inversion doesn't support ? and _? I forget
[Tue Jun 11 13:04:36 2013] <elliott> oh, maybe inversion doesn't support ? and _? I forget
[Tue Jun 11 13:04:43 2013] <rmk0> heh, was about to say that
[Tue Jun 11 13:04:43 2013] <rmk0> heh, was about to say that
[Tue Jun 11 13:04:57 2013] <elliott> but fwiw, ? gives new name, _ discards the binding
[Tue Jun 11 13:04:57 2013] <elliott> but fwiw, ? gives new name, _ discards the binding
[Tue Jun 11 13:05:02 2013] <elliott> _ might not always be allowed
[Tue Jun 11 13:05:02 2013] <elliott> _ might not always be allowed
[Tue Jun 11 13:05:02 2013] <rmk0> for ? it says "Anonymous pattern not allowed" and for _ it says "Discarded pattern not allowed"
[Tue Jun 11 13:05:02 2013] <rmk0> for ? it says "Anonymous pattern not allowed" and for _ it says "Discarded pattern not allowed"
[Tue Jun 11 13:05:10 2013] <elliott> ok, then tough, you have to say Hy :)
[Tue Jun 11 13:05:10 2013] <elliott> ok, then tough, you have to say Hy :)
[Tue Jun 11 13:05:14 2013] <rmk0> hehe
[Tue Jun 11 13:05:14 2013] <rmk0> hehe
[Tue Jun 11 13:05:21 2013] <rmk0> * learns to live with it
[Tue Jun 11 13:05:21 2013] <rmk0> * learns to live with it
[Tue Jun 11 13:06:43 2013] <tomprince> Or, file bugs about it.
[Tue Jun 11 13:06:43 2013] <tomprince> Or, file bugs about it.
[Tue Jun 11 13:07:51 2013] <rmk0> is it a bug?
[Tue Jun 11 13:07:51 2013] <rmk0> is it a bug?
[Tue Jun 11 13:08:31 2013] <rmk0> it's not exactly a high priority problem
[Tue Jun 11 13:08:31 2013] <rmk0> it's not exactly a high priority problem
[Tue Jun 11 13:28:56 2013] <tomprince> Well, not a bug, but it seems like a reasonable enhancment.
[Tue Jun 11 13:28:56 2013] <tomprince> Well, not a bug, but it seems like a reasonable enhancment.
[Tue Jun 11 16:07:23 2013] <robbert`> Psycho_pr: http://proofweb.cs.ru.nl
[Tue Jun 11 16:07:23 2013] <robbert`> Psycho_pr: http://proofweb.cs.ru.nl
[Tue Jun 11 16:30:50 2013] <Psycho_pr> robbert`: That's from 2007..
[Tue Jun 11 16:30:51 2013] <Psycho_pr> robbert`: That's from 2007..
[Tue Jun 11 17:05:12 2013] <rmk0> elliott: any idea if element_unique_eq is actually provable? -> http://waste.io7m.com/2013/06/11/element2.v
[Tue Jun 11 17:05:12 2013] <rmk0> elliott: any idea if element_unique_eq is actually provable? -> http://waste.io7m.com/2013/06/11/element2.v
[Tue Jun 11 17:05:21 2013] <rmk0> feel like i'm missing decidable equality
[Tue Jun 11 17:05:21 2013] <rmk0> feel like i'm missing decidable equality
[Tue Jun 11 17:06:51 2013] <elliott> rmk0: I bet you can convert (element xs n = Some x) into my inductive (in Type not Prop) version of In
[Tue Jun 11 17:06:51 2013] <elliott> rmk0: I bet you can convert (element xs n = Some x) into my inductive (in Type not Prop) version of In
[Tue Jun 11 17:06:56 2013] <elliott> and then apply the proof I gave
[Tue Jun 11 17:06:56 2013] <elliott> and then apply the proof I gave
[Tue Jun 11 17:07:36 2013] <rmk0> the problem i had with that is that once i'd moved InP to Type, i then couldn't complete existing proofs i had without moving a ton of other stuff into Type too
[Tue Jun 11 17:07:36 2013] <rmk0> the problem i had with that is that once i'd moved InP to Type, i then couldn't complete existing proofs i had without moving a ton of other stuff into Type too
[Tue Jun 11 17:07:45 2013] <rmk0> would have had a huge ripple effect on the existing development
[Tue Jun 11 17:07:45 2013] <rmk0> would have had a huge ripple effect on the existing development
[Tue Jun 11 17:10:40 2013] <elliott> rmk0: don't move it
[Tue Jun 11 17:10:40 2013] <elliott> rmk0: don't move it
[Tue Jun 11 17:10:43 2013] <elliott> just create a duplicate
[Tue Jun 11 17:10:43 2013] <elliott> just create a duplicate
[Tue Jun 11 17:10:51 2013] <elliott> it's only needed locally for this proof
[Tue Jun 11 17:10:51 2013] <elliott> it's only needed locally for this proof
[Tue Jun 11 17:12:04 2013] <rmk0> well, unless i'm mistaken:
[Tue Jun 11 17:12:04 2013] <rmk0> well, unless i'm mistaken:
[Tue Jun 11 17:12:17 2013] <rmk0> http://waste.io7m.com/2013/06/11/prefixes7.v
[Tue Jun 11 17:12:17 2013] <rmk0> http://waste.io7m.com/2013/06/11/prefixes7.v
[Tue Jun 11 17:12:51 2013] <rmk0> that was the last version i was working on... the proof prefixes_including_self_correct_1 is now not usable ("Inversion would require case analysis on sort Type...")
[Tue Jun 11 17:12:51 2013] <rmk0> that was the last version i was working on... the proof prefixes_including_self_correct_1 is now not usable ("Inversion would require case analysis on sort Type...")
[Tue Jun 11 17:13:10 2013] <rmk0> i assumed that meant moving is_prefix into Type, which is what would cause most of the disruption
[Tue Jun 11 17:13:10 2013] <rmk0> i assumed that meant moving is_prefix into Type, which is what would cause most of the disruption
[Tue Jun 11 17:13:51 2013] <rmk0> is_prefix has rather a lot of dependencies in the actual development
[Tue Jun 11 17:13:51 2013] <rmk0> is_prefix has rather a lot of dependencies in the actual development
[Tue Jun 11 17:15:27 2013] <rmk0> i'm not absolutely sure that using InPT in prefixes_correct_0 and prefixes_correct_1 won't cause issues yet...
[Tue Jun 11 17:15:27 2013] <rmk0> i'm not absolutely sure that using InPT in prefixes_correct_0 and prefixes_correct_1 won't cause issues yet...
[Tue Jun 11 17:17:00 2013] <rmk0> the element2.v development was the beginning of an attempt to try a similar idea but without moving into Type
[Tue Jun 11 17:17:00 2013] <rmk0> the element2.v development was the beginning of an attempt to try a similar idea but without moving into Type
[Tue Jun 11 17:18:16 2013] <elliott> i'll try to prove your thm in element2.v
[Tue Jun 11 17:18:16 2013] <elliott> i'll try to prove your thm in element2.v
[Tue Jun 11 17:18:20 2013] <elliott> to show what i mean
[Tue Jun 11 17:18:20 2013] <elliott> to show what i mean
[Tue Jun 11 17:18:36 2013] <rmk0> ok, thank you
[Tue Jun 11 17:18:36 2013] <rmk0> ok, thank you
[Tue Jun 11 17:19:40 2013] <robbert`> Psycho_pr: well you can use it with Coq 8.4 beta... But yeah, it is pretty undermaintained at the moment. However, the source is there, so feel free to improve it.
[Tue Jun 11 17:19:40 2013] <robbert`> Psycho_pr: well you can use it with Coq 8.4 beta... But yeah, it is pretty undermaintained at the moment. However, the source is there, so feel free to improve it.
[Tue Jun 11 17:20:54 2013] <Psycho_pr> Ok thanks:)
[Tue Jun 11 17:20:54 2013] <Psycho_pr> Ok thanks:)
[Tue Jun 11 17:35:58 2013] <elliott> rmk0: proven
[Tue Jun 11 17:35:58 2013] <elliott> rmk0: proven
[Tue Jun 11 17:36:15 2013] <elliott> http://sprunge.us/EOKi
[Tue Jun 11 17:36:15 2013] <elliott> http://sprunge.us/EOKi
[Tue Jun 11 17:36:24 2013] <elliott> it is very ugly. I bet you can inline all the conversion and stuff.
[Tue Jun 11 17:36:24 2013] <elliott> it is very ugly. I bet you can inline all the conversion and stuff.
[Tue Jun 11 17:36:41 2013] <elliott> perhaps even do away with InPT entirely
[Tue Jun 11 17:36:41 2013] <elliott> perhaps even do away with InPT entirely
[Tue Jun 11 17:36:56 2013] <rmk0> thank you!
[Tue Jun 11 17:36:56 2013] <rmk0> thank you!
[Tue Jun 11 17:36:58 2013] <rmk0> * eyes it
[Tue Jun 11 17:36:58 2013] <rmk0> * eyes it
[Tue Jun 11 17:37:15 2013] <elliott> you might want to consider just using InPT directly instead of more cumbersome (element n xs = Some x) proofs, they give more information
[Tue Jun 11 17:37:15 2013] <elliott> you might want to consider just using InPT directly instead of more cumbersome (element n xs = Some x) proofs, they give more information
[Tue Jun 11 17:37:21 2013] <elliott> but that might require more changes than you want to deal with
[Tue Jun 11 17:37:21 2013] <elliott> but that might require more changes than you want to deal with
[Tue Jun 11 17:37:39 2013] <rmk0> hehe, yes, i'm extremely nervous about disruptive changes
[Tue Jun 11 17:37:39 2013] <rmk0> hehe, yes, i'm extremely nervous about disruptive changes
[Tue Jun 11 17:37:45 2013] <rmk0> i'm about three weeks over the deadline i'd set for myself as it is
[Tue Jun 11 17:37:46 2013] <rmk0> i'm about three weeks over the deadline i'd set for myself as it is
[Tue Jun 11 17:38:37 2013] <rmk0> i see what you mean about keeping that stuff local
[Tue Jun 11 17:38:37 2013] <rmk0> i see what you mean about keeping that stuff local
[Tue Jun 11 17:39:00 2013] <elliott> I basically distrust equalities that you have to use "injection" on to be useful (because they reduce to Some x = Some y), etc.
[Tue Jun 11 17:39:00 2013] <elliott> I basically distrust equalities that you have to use "injection" on to be useful (because they reduce to Some x = Some y), etc.
[Tue Jun 11 17:39:05 2013] <elliott> I think that's when you want to start using an inductive Prop
[Tue Jun 11 17:39:05 2013] <elliott> I think that's when you want to start using an inductive Prop
[Tue Jun 11 17:39:13 2013] <rmk0> yeah, i agree
[Tue Jun 11 17:39:13 2013] <rmk0> yeah, i agree
[Tue Jun 11 17:39:23 2013] <elliott> to record the "trace" of what information caused the function to "succeed"
[Tue Jun 11 17:39:23 2013] <elliott> to record the "trace" of what information caused the function to "succeed"
[Tue Jun 11 17:39:28 2013] <rmk0> i knew it was unpleasant when i wrote it, but couldn't think of a more pleasant way
[Tue Jun 11 17:39:28 2013] <rmk0> i knew it was unpleasant when i wrote it, but couldn't think of a more pleasant way
[Tue Jun 11 17:39:35 2013] <elliott> yeah
[Tue Jun 11 17:39:35 2013] <elliott> yeah
[Tue Jun 11 17:40:02 2013] <elliott> element could take a Fin.t (length xs), that'd at least ease the pain of the option result
[Tue Jun 11 17:40:02 2013] <elliott> element could take a Fin.t (length xs), that'd at least ease the pain of the option result
[Tue Jun 11 17:40:14 2013] <rmk0> right
[Tue Jun 11 17:40:14 2013] <rmk0> right
[Tue Jun 11 17:41:23 2013] <rmk0> well, this is much appreciated
[Tue Jun 11 17:41:23 2013] <rmk0> well, this is much appreciated
[Tue Jun 11 17:41:35 2013] <rmk0> think this may be enough to finally crush the prefixes function
[Tue Jun 11 17:41:35 2013] <rmk0> think this may be enough to finally crush the prefixes function
[Tue Jun 11 17:41:53 2013] <elliott> it was just copy-paste work once I verified that you could convert the proof :)
[Tue Jun 11 17:41:53 2013] <elliott> it was just copy-paste work once I verified that you could convert the proof :)
[Tue Jun 11 17:42:04 2013] <rmk0> right
[Tue Jun 11 17:42:04 2013] <rmk0> right
[Tue Jun 11 17:45:42 2013] <rmk0> nice that sprunge serves plaintext
[Tue Jun 11 17:45:42 2013] <rmk0> nice that sprunge serves plaintext
[Tue Jun 11 17:45:53 2013] <rmk0> hadn't heard of it before you posted those
[Tue Jun 11 17:45:53 2013] <rmk0> hadn't heard of it before you posted those
[Tue Jun 11 17:49:33 2013] <elliott> I like being able to do "curl -F 'sprunge=<-' sprunge.us <foo" to paste a file :)
[Tue Jun 11 17:49:33 2013] <elliott> I like being able to do "curl -F 'sprunge=<-' sprunge.us <foo" to paste a file :)
[Tue Jun 11 17:49:42 2013] <rmk0> yep
[Tue Jun 11 17:49:42 2013] <rmk0> yep
[Tue Jun 11 17:49:53 2013] <elliott> well, that could be "curl -F 'sprunge=<foo' sprunge.us", but I ^R or muscle-memory that part
[Tue Jun 11 17:49:53 2013] <elliott> well, that could be "curl -F 'sprunge=<foo' sprunge.us", but I ^R or muscle-memory that part
[Tue Jun 11 17:50:46 2013] <rmk0> $ echo hello | curl -F 'sprunge=<-' http://sprunge.us
[Tue Jun 11 17:50:46 2013] <rmk0> $ echo hello | curl -F 'sprunge=<-' http://sprunge.us
[Tue Jun 11 17:50:48 2013] <rmk0> http://sprunge.us/eULD
[Tue Jun 11 17:50:48 2013] <rmk0> http://sprunge.us/eULD
[Tue Jun 11 17:50:55 2013] <rmk0> $ curl http://sprunge.us/eULD
[Tue Jun 11 17:50:55 2013] <rmk0> $ curl http://sprunge.us/eULD
[Tue Jun 11 17:50:58 2013] <rmk0> hello
[Tue Jun 11 17:50:58 2013] <rmk0> hello
[Tue Jun 11 17:50:59 2013] <rmk0> lovely
[Tue Jun 11 17:50:59 2013] <rmk0> lovely
[Tue Jun 11 17:53:41 2013] <elliott> :)
[Tue Jun 11 17:53:41 2013] <elliott> :)
[Wed Jun 12 05:42:16 2013] <jpdeplaix> does someone has a clue for proving this theorem ? http://jpdeplaix.dyndns.org/inf.txt
[Wed Jun 12 05:42:16 2013] <jpdeplaix> does someone has a clue for proving this theorem ? http://jpdeplaix.dyndns.org/inf.txt
[Wed Jun 12 06:19:46 2013] <thorsten`> you could do a case distinction (i.e. destruct) on (nat_compare x 100) and in the _-case you probably need to unfold nat_compare to get the (g x <= 100) result
[Wed Jun 12 06:19:46 2013] <thorsten`> you could do a case distinction (i.e. destruct) on (nat_compare x 100) and in the _-case you probably need to unfold nat_compare to get the (g x <= 100) result
[Wed Jun 12 06:30:47 2013] <thorsten`> jpdeplaix: do you prefer tips or entire solutions? You can find the entire proof at http://wwwcip.cs.fau.de/~re06huxa/p/5d86288105f213e29c86e6bf7b8b9698
[Wed Jun 12 06:30:47 2013] <thorsten`> jpdeplaix: do you prefer tips or entire solutions? You can find the entire proof at http://wwwcip.cs.fau.de/~re06huxa/p/5d86288105f213e29c86e6bf7b8b9698
[Wed Jun 12 06:32:00 2013] <jpdeplaix> thorsten`: no, only tips for the moment :) It's just an exercice for myself
[Wed Jun 12 06:32:00 2013] <jpdeplaix> thorsten`: no, only tips for the moment :) It's just an exercice for myself
[Wed Jun 12 06:32:45 2013] <thorsten`> jpdeplaix: ok, do you know the "remember TERM as Identifier" tactic?
[Wed Jun 12 06:32:45 2013] <thorsten`> jpdeplaix: ok, do you know the "remember TERM as Identifier" tactic?
[Wed Jun 12 06:33:22 2013] <jpdeplaix> thorsten`: yes, but I never used it
[Wed Jun 12 06:33:22 2013] <jpdeplaix> thorsten`: yes, but I never used it
[Wed Jun 12 06:33:43 2013] <thorsten`> then this is a perfect exercise for you :)
[Wed Jun 12 06:33:43 2013] <thorsten`> then this is a perfect exercise for you :)
[Wed Jun 12 06:34:31 2013] <thorsten`> jpdeplaix: so as already told, you somehow have to do an case distinction on (nat_compare x 100)
[Wed Jun 12 06:34:31 2013] <thorsten`> jpdeplaix: so as already told, you somehow have to do an case distinction on (nat_compare x 100)
[Wed Jun 12 06:38:06 2013] <thorsten`> intuitively: if you're in the Gt-case, then you only need to show (100 <= 100). there's als othe case where x equals 100 and x is lower than x, which both need some theorems which put the Proposition "le" with the computational comparison nat_compare in relation
[Wed Jun 12 06:38:06 2013] <thorsten`> intuitively: if you're in the Gt-case, then you only need to show (100 <= 100). there's als othe case where x equals 100 and x is lower than x, which both need some theorems which put the Proposition "le" with the computational comparison nat_compare in relation
[Wed Jun 12 06:41:21 2013] <jpdeplaix> oh I didn't know that we can destruct on any terms !
[Wed Jun 12 06:41:21 2013] <jpdeplaix> oh I didn't know that we can destruct on any terms !
[Wed Jun 12 06:50:01 2013] <jpdeplaix> mmmh I get stuck on « x <= 100 » :/
[Wed Jun 12 06:50:01 2013] <jpdeplaix> mmmh I get stuck on « x <= 100 » :/
[Wed Jun 12 06:53:13 2013] <Cale> jpdeplaix: Do you have Le imported?
[Wed Jun 12 06:53:13 2013] <Cale> jpdeplaix: Do you have Le imported?
[Wed Jun 12 06:53:31 2013] <Cale> You'll likely want to use some lemmas from that module
[Wed Jun 12 06:53:31 2013] <Cale> You'll likely want to use some lemmas from that module
[Wed Jun 12 06:55:39 2013] <Cale> oh, actually, the thing you might need is nat_compare_le rather.
[Wed Jun 12 06:55:39 2013] <Cale> oh, actually, the thing you might need is nat_compare_le rather.
[Wed Jun 12 06:56:05 2013] <Cale> That's just in Coq.Arith.Compare_dec which you definitely have imported :)
[Wed Jun 12 06:56:05 2013] <Cale> That's just in Coq.Arith.Compare_dec which you definitely have imported :)
[Wed Jun 12 07:08:50 2013] <jpdeplaix> ok. I've reduce to « 100 <= 100 » for when Eq \o/ Now: Lt !
[Wed Jun 12 07:08:50 2013] <jpdeplaix> ok. I've reduce to « 100 <= 100 » for when Eq \o/ Now: Lt !
[Wed Jun 12 07:20:45 2013] <jpdeplaix> mmmh how to finish the subgoal when « Heqy : x < 100 » and the subgoal is « x <= 100 » ?
[Wed Jun 12 07:20:46 2013] <jpdeplaix> mmmh how to finish the subgoal when « Heqy : x < 100 » and the subgoal is « x <= 100 » ?
[Wed Jun 12 07:21:22 2013] <jpdeplaix> rewriting doesn't work :/
[Wed Jun 12 07:21:22 2013] <jpdeplaix> rewriting doesn't work :/
[Wed Jun 12 07:22:38 2013] <Cale> apply lt_le_weak. ?
[Wed Jun 12 07:22:38 2013] <Cale> apply lt_le_weak. ?
[Wed Jun 12 07:23:07 2013] <Cale> er,  apply (lt_le_weak x 100 Heqy).
[Wed Jun 12 07:23:07 2013] <Cale> er,  apply (lt_le_weak x 100 Heqy).
[Wed Jun 12 07:23:54 2013] <Cale> I didn't quite get to that point in my proof
[Wed Jun 12 07:23:54 2013] <Cale> I didn't quite get to that point in my proof
[Wed Jun 12 07:24:05 2013] <Cale> (I didn't need to use strict inequalities at all)
[Wed Jun 12 07:24:05 2013] <Cale> (I didn't need to use strict inequalities at all)
[Wed Jun 12 07:25:07 2013] <Cale> I used nat_compare_le, and then from there, obtained a proof that Lt = Gt and used discriminate on it.
[Wed Jun 12 07:25:07 2013] <Cale> I used nat_compare_le, and then from there, obtained a proof that Lt = Gt and used discriminate on it.
[Wed Jun 12 07:26:00 2013] <Cale> (but I have no idea if that's the cleanest way)
[Wed Jun 12 07:26:00 2013] <Cale> (but I have no idea if that's the cleanest way)
[Wed Jun 12 07:27:54 2013] <jpdeplaix> Finished \o/  http://jpdeplaix.dyndns.org/inf.txt
[Wed Jun 12 07:27:54 2013] <jpdeplaix> Finished \o/  http://jpdeplaix.dyndns.org/inf.txt
[Wed Jun 12 07:28:05 2013] <jpdeplaix> thanks !
[Wed Jun 12 07:28:05 2013] <jpdeplaix> thanks !
[Wed Jun 12 07:37:21 2013] <Cale> jpdeplaix: here's how mine went if you're curious :)  http://pastebin.com/ArewuTEq
[Wed Jun 12 07:37:21 2013] <Cale> jpdeplaix: here's how mine went if you're curious :)  http://pastebin.com/ArewuTEq
[Wed Jun 12 08:08:26 2013] <jpdeplaix> thanks Cale. What is « Defined » ? An equivalent for « Qed » ?
[Wed Jun 12 08:08:26 2013] <jpdeplaix> thanks Cale. What is « Defined » ? An equivalent for « Qed » ?
[Wed Jun 12 08:08:55 2013] <Cale> oh, yeah
[Wed Jun 12 08:08:55 2013] <Cale> oh, yeah
[Wed Jun 12 08:09:03 2013] <Cale> Well, not quite equivalent
[Wed Jun 12 08:09:03 2013] <Cale> Well, not quite equivalent
[Wed Jun 12 08:10:35 2013] <Cale> It declares the proof as transparent, making it possible to unfold the definition. I wanted to peek at the proof term which was generated.
[Wed Jun 12 08:10:35 2013] <Cale> It declares the proof as transparent, making it possible to unfold the definition. I wanted to peek at the proof term which was generated.
[Wed Jun 12 08:12:40 2013] <Cale> (If you do Compute test, you can see exactly what code was generated from the proof if it was Defined rather than Qed'ed)
[Wed Jun 12 08:12:40 2013] <Cale> (If you do Compute test, you can see exactly what code was generated from the proof if it was Defined rather than Qed'ed)
[Wed Jun 12 08:15:25 2013] <jpdeplaix> ok. Thanks
[Wed Jun 12 08:15:25 2013] <jpdeplaix> ok. Thanks
[Wed Jun 12 10:20:17 2013] <elliott> Cale: you can do that without Defined
[Wed Jun 12 10:20:17 2013] <elliott> Cale: you can do that without Defined
[Wed Jun 12 10:20:21 2013] <elliott> Qed. and then Print test.
[Wed Jun 12 10:20:21 2013] <elliott> Qed. and then Print test.
[Wed Jun 12 10:20:37 2013] <Cale> elliott: cool
[Wed Jun 12 10:20:37 2013] <Cale> elliott: cool
[Wed Jun 12 10:21:37 2013] <Cale> elliott: To be honest, I'm not entirely certain of all the differences between Defined and Qed, apart from the fact that proofs that were Defined expand when displayed like that.
[Wed Jun 12 10:21:37 2013] <Cale> elliott: To be honest, I'm not entirely certain of all the differences between Defined and Qed, apart from the fact that proofs that were Defined expand when displayed like that.
[Wed Jun 12 10:22:04 2013] <rmk0> i think it's solely a matter of controlling unfolding
[Wed Jun 12 10:22:04 2013] <rmk0> i think it's solely a matter of controlling unfolding
[Wed Jun 12 10:22:19 2013] <rmk0> transparent/opaque proofs/terms unfold differently when simplifying
[Wed Jun 12 10:22:19 2013] <rmk0> transparent/opaque proofs/terms unfold differently when simplifying
[Wed Jun 12 10:22:35 2013] <rmk0> so as to avoid getting a thousand lines of gibberish in the current goal when simplifying
[Wed Jun 12 10:22:35 2013] <rmk0> so as to avoid getting a thousand lines of gibberish in the current goal when simplifying
[Wed Jun 12 10:22:47 2013] <elliott> Cale: well, opaque stuff won't be computed with, of course
[Wed Jun 12 10:22:47 2013] <elliott> Cale: well, opaque stuff won't be computed with, of course
[Wed Jun 12 10:23:11 2013] <elliott> so if you have proofs that no computation depends on (they can depend one quality proofs, Acc stuff for recursion etc.) then making them opaque can save time/space/clutter
[Wed Jun 12 10:23:11 2013] <elliott> so if you have proofs that no computation depends on (they can depend one quality proofs, Acc stuff for recursion etc.) then making them opaque can save time/space/clutter
[Wed Jun 12 10:25:58 2013] <Cale> ah, okay, I was wondering why you'd ever want to explicitly make something impossible to compute with
[Wed Jun 12 10:25:58 2013] <Cale> ah, okay, I was wondering why you'd ever want to explicitly make something impossible to compute with
[Wed Jun 12 10:26:07 2013] <Cale> But yeah, saving space seems kind of reasonable
[Wed Jun 12 10:26:07 2013] <Cale> But yeah, saving space seems kind of reasonable
[Wed Jun 12 10:26:14 2013] <Cale> Especially if things are strict.
[Wed Jun 12 10:26:14 2013] <Cale> Especially if things are strict.
[Wed Jun 12 10:29:21 2013] <elliott> Cale: by default yes
[Wed Jun 12 10:29:21 2013] <elliott> Cale: by default yes
[Wed Jun 12 10:29:28 2013] <elliott> you can use cbn instead though
[Wed Jun 12 10:29:28 2013] <elliott> you can use cbn instead though
[Fri Jun 14 07:51:58 2013] <fasta> Is there any way to program imperatively in Coq?
[Fri Jun 14 07:51:58 2013] <fasta> Is there any way to program imperatively in Coq?
[Fri Jun 14 07:52:21 2013] <fasta> There have been research projects, but all of them are unmaintained, AFAIK.
[Fri Jun 14 07:52:21 2013] <fasta> There have been research projects, but all of them are unmaintained, AFAIK.
[Fri Jun 14 08:44:24 2013] <Cale> Well, what do you mean program imperatively? One of the first things I did in Coq (just for fun) was to make a small monad library.
[Fri Jun 14 08:44:24 2013] <Cale> Well, what do you mean program imperatively? One of the first things I did in Coq (just for fun) was to make a small monad library.
[Fri Jun 14 09:09:15 2013] <robbert> fasta: you can use a state monad
[Fri Jun 14 09:09:15 2013] <robbert> fasta: you can use a state monad
[Fri Jun 14 09:09:38 2013] <robbert> CompCert does use a state monad at various places for example
[Fri Jun 14 09:09:38 2013] <robbert> CompCert does use a state monad at various places for example
[Fri Jun 14 09:09:40 2013] <fasta> robbert: state monads don't allow mutable variables.
[Fri Jun 14 09:09:40 2013] <fasta> robbert: state monads don't allow mutable variables.
[Fri Jun 14 09:09:53 2013] <fasta> robbert: or mutable arrays.
[Fri Jun 14 09:09:53 2013] <fasta> robbert: or mutable arrays.
[Fri Jun 14 09:10:05 2013] <robbert> you will not get either in Coq
[Fri Jun 14 09:10:05 2013] <robbert> you will not get either in Coq
[Fri Jun 14 09:10:22 2013] <fasta> robbert: there have been libraries which did that.
[Fri Jun 14 09:10:22 2013] <fasta> robbert: there have been libraries which did that.
[Fri Jun 14 09:10:34 2013] <fasta> robbert: in Coq you can express such semantics.
[Fri Jun 14 09:10:34 2013] <fasta> robbert: in Coq you can express such semantics.
[Fri Jun 14 09:10:51 2013] <robbert> you can define the semantics of a programming language with such features
[Fri Jun 14 09:10:51 2013] <robbert> you can define the semantics of a programming language with such features
[Fri Jun 14 09:10:59 2013] <robbert> but if you program in Coq _itself_ you won't have such features
[Fri Jun 14 09:11:00 2013] <robbert> but if you program in Coq _itself_ you won't have such features
[Fri Jun 14 09:11:06 2013] <robbert> because Coq does not have these features
[Fri Jun 14 09:11:06 2013] <robbert> because Coq does not have these features
[Fri Jun 14 10:41:23 2013] <fasta> robbert: sure, but Coq can talk about expressions written in those target languages.
[Fri Jun 14 10:41:52 2013] <fasta> robbert: and there have been research projects providing such libraries, but they all have been abandoned, unless a new one has popped up again.
[Fri Jun 14 10:42:05 2013] <fasta> robbert: and we are now talking in a cycle again.
[Fri Jun 14 10:49:10 2013] <rmk0> fasta: only library i know of that does exactly what you want is ynot.
[Fri Jun 14 10:49:16 2013] <rmk0> i don't think it's unmaintained
[Fri Jun 14 10:55:23 2013] <mgsloan> fasta: I don't know much about it, but "Idris" seems like a pretty neat language - dependent types + tactics + able to write real world code
[Fri Jun 14 11:15:55 2013] <fasta> rmk0: it is unmaintained.
[Fri Jun 14 11:17:16 2013] <fasta> mgsloan: how is Idris in any way more expressive than Coq?
[Fri Jun 14 11:17:47 2013] <fasta> To me it just seems a one man show version of Coq that looks like Haskell.
[Fri Jun 14 11:18:27 2013] <mgsloan> fasta: Oh, it just seems to more readily compile to stuff you can run (without extraction)
[Fri Jun 14 11:18:31 2013] <fasta> Not a bad thing per se, but no reason to introduce incompatibility,
[Fri Jun 14 11:18:35 2013] <mgsloan> there's also a javascript backend
[Fri Jun 14 11:18:43 2013] <mgsloan> this isn't about expressiveness, but tools
[Fri Jun 14 11:18:56 2013] <fasta> mgsloan: writing an extraction tool is simple for Coq, from what I have seen.
[Fri Jun 14 11:19:04 2013] <mgsloan> Sure, but you need to trust it
[Fri Jun 14 11:19:23 2013] <fasta> Most extractions are extremely trivial.
[Fri Jun 14 11:19:33 2013] <mgsloan> I mean, same for a compiler, but that seems more reasonable than an ad-hoc application-specific extraction
[Fri Jun 14 11:19:51 2013] <mgsloan> I'd say most uses of extraction are probably trivial
[Fri Jun 14 11:20:06 2013] <mgsloan> but then again, I'm not well versed in this stuff, so I'm probably wrong
[Fri Jun 14 11:20:09 2013] <fasta> Sure, if you are interested in JavaScript as a backend, that would be useful.
[Fri Jun 14 11:20:12 2013] <mgsloan> I just find it interesting
[Fri Jun 14 11:20:37 2013] <fasta> The value in Coq would be that you can just prove that your program works and then how long the extraction takes doesn't matter a whole lot.
[Fri Jun 14 11:20:55 2013] <mgsloan> It's not a matter of how long the extraction takes, it's a matter of how correct it is
[Fri Jun 14 11:21:44 2013] <fasta> mgsloan: sure, but that part of a program is usually the easy part.
[Fri Jun 14 11:22:14 2013] <mgsloan> Uhh, isn't that the point of proof about that part of the program?
[Fri Jun 14 11:22:29 2013] <fasta> mgsloan: no
[Fri Jun 14 11:22:33 2013] <mgsloan> that it's not really all that easy, and it'd be good to have some mechanical verification
[Fri Jun 14 11:22:54 2013] <fasta> mgsloan: sure, that kind of verification would be useful too.
[Sun Jun 16 03:39:01 2013] <thm_prover> alright, I've decided to learn proof general
[Sun Jun 16 03:39:01 2013] <thm_prover> alright, I've decided to learn proof general
[Sun Jun 16 03:39:10 2013] <thm_prover> I'm on osx, which has emacs 22.* which proof general does not like
[Sun Jun 16 03:39:11 2013] <thm_prover> I'm on osx, which has emacs 22.* which proof general does not like
[Sun Jun 16 03:39:27 2013] <thm_prover> what version of Emacs should I be using? (and is there a *.dmg I can download -- or do I have to compile emacs from scratch to make proof general happy) ?
[Sun Jun 16 03:39:27 2013] <thm_prover> what version of Emacs should I be using? (and is there a *.dmg I can download -- or do I have to compile emacs from scratch to make proof general happy) ?
[Mon Jun 17 08:12:01 2013] <tag2> hello, has anyone else experienced the Coq binary distribution for mac os x hanging on launch?
[Mon Jun 17 08:12:01 2013] <tag2> hello, has anyone else experienced the Coq binary distribution for mac os x hanging on launch?
[Mon Jun 17 08:56:16 2013] <napping> Good morning. Does anyone know if le n m has unique proofs, or how to prove it?
[Mon Jun 17 08:56:16 2013] <napping> Good morning. Does anyone know if le n m has unique proofs, or how to prove it?
[Mon Jun 17 08:59:12 2013] <elliott> my beliefs: yes; induction and it might be in the stdlib somewhere
[Mon Jun 17 08:59:13 2013] <elliott> my beliefs: yes; induction and it might be in the stdlib somewhere
[Mon Jun 17 08:59:26 2013] <napping> the dependent induction is a bit tricky
[Mon Jun 17 08:59:26 2013] <napping> the dependent induction is a bit tricky
[Mon Jun 17 08:59:57 2013] <elliott> my beliefs are often wrong :)
[Mon Jun 17 08:59:57 2013] <elliott> my beliefs are often wrong :)
[Mon Jun 17 09:00:39 2013] <napping> I think you can do it
[Mon Jun 17 09:00:39 2013] <napping> I think you can do it
[Mon Jun 17 09:00:55 2013] <elliott> * tries
[Mon Jun 17 09:00:55 2013] <elliott> * tries
[Mon Jun 17 09:02:25 2013] <napping> well, I got forall x y (H : x = y) (P : x <= y), P = eq_rec _ (le x) (le_n x) _ H.
[Mon Jun 17 09:02:26 2013] <napping> well, I got forall x y (H : x = y) (P : x <= y), P = eq_rec _ (le x) (le_n x) _ H.
[Mon Jun 17 09:02:49 2013] <napping> using UIP_dec to show eq_refl is the only equality proof over nat in the base case
[Mon Jun 17 09:02:49 2013] <napping> using UIP_dec to show eq_refl is the only equality proof over nat in the base case
[Mon Jun 17 09:03:04 2013] <elliott> err, that's just a proof that all x <= x are unique, no?
[Mon Jun 17 09:03:04 2013] <elliott> err, that's just a proof that all x <= x are unique, no?
[Mon Jun 17 09:03:10 2013] <napping> yeah
[Mon Jun 17 09:03:10 2013] <napping> yeah
[Mon Jun 17 09:03:23 2013] <napping> It's the simpler case I got on induction
[Mon Jun 17 09:03:23 2013] <napping> It's the simpler case I got on induction
[Mon Jun 17 09:03:29 2013] <napping> (match P in _ <= y return (forall (Q : x <= y), P = Q) with ...
[Mon Jun 17 09:03:29 2013] <napping> (match P in _ <= y return (forall (Q : x <= y), P = Q) with ...
[Mon Jun 17 09:04:59 2013] <elliott> right
[Mon Jun 17 09:04:59 2013] <elliott> right
[Mon Jun 17 09:07:35 2013] <elliott> this does seem unusually hard to prove
[Mon Jun 17 09:07:35 2013] <elliott> this does seem unusually hard to prove
[Mon Jun 17 09:16:22 2013] <copumpkin> how is le defined?
[Mon Jun 17 09:16:22 2013] <copumpkin> how is le defined?
[Mon Jun 17 09:16:35 2013] <napping> le_n : n <= n | le_S : forall m : nat, n <= m -> n <= S m
[Mon Jun 17 09:16:35 2013] <napping> le_n : n <= n | le_S : forall m : nat, n <= m -> n <= S m
[Mon Jun 17 09:17:40 2013] <elliott> perhaps the easiest way:
[Mon Jun 17 09:17:40 2013] <elliott> perhaps the easiest way:
[Mon Jun 17 09:17:46 2013] <elliott> wait, nm
[Mon Jun 17 09:17:46 2013] <elliott> wait, nm
[Mon Jun 17 09:17:53 2013] <elliott> what I was thinking of required propositional extensionality or such
[Mon Jun 17 09:17:53 2013] <elliott> what I was thinking of required propositional extensionality or such
[Mon Jun 17 09:18:09 2013] <elliott> although hm
[Mon Jun 17 09:18:09 2013] <elliott> although hm
[Mon Jun 17 09:18:11 2013] <elliott> maybe it still holds
[Mon Jun 17 09:18:11 2013] <elliott> maybe it still holds
[Mon Jun 17 09:18:23 2013] <elliott> the idea was, prove m <= n <-> exists k, m+k = n
[Mon Jun 17 09:18:23 2013] <elliott> the idea was, prove m <= n <-> exists k, m+k = n
[Mon Jun 17 09:18:33 2013] <elliott> since I think proving unicity of the latter would be a lot easier
[Mon Jun 17 09:18:33 2013] <elliott> since I think proving unicity of the latter would be a lot easier
[Mon Jun 17 09:18:39 2013] <napping> yeah, I'm trying to see if, like eq, you can prove propositional extensionality because nat is well-behaved
[Mon Jun 17 09:18:39 2013] <napping> yeah, I'm trying to see if, like eq, you can prove propositional extensionality because nat is well-behaved
[Mon Jun 17 09:32:15 2013] <napping> looks like le_ind isn't actually the induction principle for le
[Mon Jun 17 09:32:15 2013] <napping> looks like le_ind isn't actually the induction principle for le
[Mon Jun 17 09:34:39 2013] <elliott> napping: by propositional extensionality i mean (P <-> Q) -> P = Q
[Mon Jun 17 09:34:39 2013] <elliott> napping: by propositional extensionality i mean (P <-> Q) -> P = Q
[Mon Jun 17 09:37:10 2013] <napping> yeah
[Mon Jun 17 09:37:10 2013] <napping> yeah
[Mon Jun 17 09:37:46 2013] <napping> oh, maybe that's a different level than unicity
[Mon Jun 17 09:37:46 2013] <napping> oh, maybe that's a different level than unicity
[Mon Jun 17 09:38:02 2013] <napping> defining a full induction scheme on le looks promising.
[Mon Jun 17 09:38:02 2013] <napping> defining a full induction scheme on le looks promising.
[Mon Jun 17 09:39:35 2013] <napping> at least I get a goal
[Mon Jun 17 09:39:35 2013] <napping> at least I get a goal
[Mon Jun 17 09:39:50 2013] <napping> le_S n m l = Q, and a hypothesis forall P : n <= m, l = P
[Mon Jun 17 09:39:51 2013] <napping> le_S n m l = Q, and a hypothesis forall P : n <= m, l = P
[Mon Jun 17 09:40:26 2013] <napping> so some kind of destruction lemma saying n <= m implies Q : n <= S m is built from le_S would finish the proof
[Mon Jun 17 09:40:27 2013] <napping> so some kind of destruction lemma saying n <= m implies Q : n <= S m is built from le_S would finish the proof
[Mon Jun 17 09:40:42 2013] <napping> anyway, gotta go for a bit
[Mon Jun 17 09:40:42 2013] <napping> anyway, gotta go for a bit
[Mon Jun 17 12:17:10 2013] <sznurek> Hello! Can somebody help me with little problem? http://pastebin.com/hG9HQjPH - any hints (pun intended) how to debug this behavior?
[Mon Jun 17 12:17:10 2013] <sznurek> Hello! Can somebody help me with little problem? http://pastebin.com/hG9HQjPH - any hints (pun intended) how to debug this behavior?
[Mon Jun 17 12:17:29 2013] <elliott> you can "debug eauto" at least
[Mon Jun 17 12:17:29 2013] <elliott> you can "debug eauto" at least
[Mon Jun 17 12:18:07 2013] <sznurek> OK, I am newbie, I didn't know this command. I am going to check it.
[Mon Jun 17 12:18:07 2013] <sznurek> OK, I am newbie, I didn't know this command. I am going to check it.
[Mon Jun 17 12:18:12 2013] <sznurek> Thanks.
[Mon Jun 17 12:18:12 2013] <sznurek> Thanks.
[Mon Jun 17 12:18:53 2013] <sznurek> The output is "1 depth=5" and nothing more. I guess I must try something else.
[Mon Jun 17 12:18:54 2013] <sznurek> The output is "1 depth=5" and nothing more. I guess I must try something else.
[Mon Jun 17 12:28:34 2013] <elliott> not very helpful output there, yes :)
[Mon Jun 17 12:28:34 2013] <elliott> not very helpful output there, yes :)
[Mon Jun 17 12:28:41 2013] <elliott> perhaps try it with "auto"
[Mon Jun 17 12:28:41 2013] <elliott> perhaps try it with "auto"
[Mon Jun 17 12:29:43 2013] <sznurek> I have tried it: now it shows 'apply my_ind_constructor (* fail *)', but when i replace auto with constructor. trivial. everything works. It's some kind of black magic ;)
[Mon Jun 17 12:29:43 2013] <sznurek> I have tried it: now it shows 'apply my_ind_constructor (* fail *)', but when i replace auto with constructor. trivial. everything works. It's some kind of black magic ;)
[Mon Jun 17 12:30:48 2013] <sznurek> Oh, I guess that wasn't very readable, another try: When i replace 'auto' with 'constructor. trivial.' everything works.
[Mon Jun 17 12:30:48 2013] <sznurek> Oh, I guess that wasn't very readable, another try: When i replace 'auto' with 'constructor. trivial.' everything works.
[Mon Jun 17 12:31:17 2013] <elliott> perhaps "apply my_ind_constructor" does not work but "constructor" does
[Mon Jun 17 12:31:17 2013] <elliott> perhaps "apply my_ind_constructor" does not work but "constructor" does
[Mon Jun 17 12:31:21 2013] <elliott> because "constructor" is doing something fanceir?
[Mon Jun 17 12:31:21 2013] <elliott> because "constructor" is doing something fanceir?
[Mon Jun 17 12:31:23 2013] <elliott> *fancier
[Mon Jun 17 12:31:23 2013] <elliott> *fancier
[Mon Jun 17 12:32:38 2013] <sznurek> Nope, 'apply my_ind_constructor. trivial.' works too :)
[Mon Jun 17 12:32:39 2013] <sznurek> Nope, 'apply my_ind_constructor. trivial.' works too :)
[Mon Jun 17 12:33:02 2013] <elliott> interesting
[Mon Jun 17 12:33:02 2013] <elliott> interesting
[Mon Jun 17 12:33:13 2013] <elliott> so, er, just checking, "apply my_ind_constructor. auto" works right :P
[Mon Jun 17 12:33:13 2013] <elliott> so, er, just checking, "apply my_ind_constructor. auto" works right :P
[Mon Jun 17 12:33:18 2013] <elliott> *, right
[Mon Jun 17 12:33:18 2013] <elliott> *, right
[Mon Jun 17 12:33:40 2013] <sznurek> Yep, that one works too.
[Mon Jun 17 12:33:41 2013] <sznurek> Yep, that one works too.
[Mon Jun 17 12:34:53 2013] <sznurek> I have tried see something with 'Set Ltac Debug', but it just skips auto in one step...
[Mon Jun 17 12:34:53 2013] <sznurek> I have tried see something with 'Set Ltac Debug', but it just skips auto in one step...
[Mon Jun 17 13:13:37 2013] <sznurek> I have solved that problem: After apply I had something with 'length nil' and *nearly* the same goal but with 0 in place of 'length nil'. It turns out that (e)auto cannot handle that. :)
[Mon Jun 17 13:13:37 2013] <sznurek> I have solved that problem: After apply I had something with 'length nil' and *nearly* the same goal but with 0 in place of 'length nil'. It turns out that (e)auto cannot handle that. :)
[Mon Jun 17 13:13:54 2013] <sznurek> simpl in * before auto solved the problem.
[Mon Jun 17 13:13:54 2013] <sznurek> simpl in * before auto solved the problem.
[Mon Jun 17 13:19:50 2013] <elliott> yeah, these things happen :(
[Mon Jun 17 13:19:51 2013] <elliott> yeah, these things happen :(
[Mon Jun 17 14:42:22 2013] <elliott> well, napping isn't here, but for the curious, it is possible: http://sprunge.us/PUTO
[Mon Jun 17 14:42:22 2013] <elliott> well, napping isn't here, but for the curious, it is possible: http://sprunge.us/PUTO
[Mon Jun 17 14:42:26 2013] <elliott> a simpler proof would be interesting to see!
[Mon Jun 17 14:42:27 2013] <elliott> a simpler proof would be interesting to see!
[Mon Jun 17 14:42:41 2013] <elliott> (proof is axiom-free)
[Mon Jun 17 14:42:41 2013] <elliott> (proof is axiom-free)
[Mon Jun 17 18:11:53 2013] <robbert> napping, elliott: see https://sympa.inria.fr/sympa/arc/coq-club/2013-04/msg00034.html for a short proof
[Mon Jun 17 18:11:53 2013] <robbert> napping, elliott: see https://sympa.inria.fr/sympa/arc/coq-club/2013-04/msg00034.html for a short proof
[Mon Jun 17 18:12:00 2013] <robbert> it's axiom free, of course
[Mon Jun 17 18:12:00 2013] <robbert> it's axiom free, of course
[Mon Jun 17 18:12:41 2013] <elliott> robbert: oh, that is clever
[Mon Jun 17 18:12:41 2013] <elliott> robbert: oh, that is clever
[Mon Jun 17 18:12:56 2013] <elliott> just extending the "decidable K" use to the whole thing
[Mon Jun 17 18:12:56 2013] <elliott> just extending the "decidable K" use to the whole thing
[Mon Jun 17 18:14:52 2013] <robbert> the nice thing of this approach is that it easily extends to all kinds of other inductives
[Mon Jun 17 18:14:52 2013] <robbert> the nice thing of this approach is that it easily extends to all kinds of other inductives
[Mon Jun 17 21:10:03 2013] <ryanakca> How would I notate something of type: A -> option (B c d), where the type B is parametrised by (c : C) and (d : D), but where the c and d are dependent on the (a : A) passed to the function?
[Mon Jun 17 21:10:04 2013] <ryanakca> How would I notate something of type: A -> option (B c d), where the type B is parametrised by (c : C) and (d : D), but where the c and d are dependent on the (a : A) passed to the function?
[Mon Jun 17 21:11:02 2013] <ryanakca> More specifically, how would I notate that type
[Mon Jun 17 21:11:03 2013] <ryanakca> More specifically, how would I notate that type
[Mon Jun 17 21:17:31 2013] <Cale> forall a : A, option (B (c a) (d a)) ?
[Mon Jun 17 21:17:32 2013] <Cale> forall a : A, option (B (c a) (d a)) ?
[Mon Jun 17 21:18:13 2013] <ryanakca> Sorry, I should have written: where the choice of c and d are depedent on the a passed to the function
[Mon Jun 17 21:18:13 2013] <ryanakca> Sorry, I should have written: where the choice of c and d are depedent on the a passed to the function
[Mon Jun 17 21:18:27 2013] <elliott> cale's answer seems right to me
[Mon Jun 17 21:18:27 2013] <elliott> cale's answer seems right to me
[Mon Jun 17 21:18:29 2013] <ryanakca> c and d don't "depend" on a in a dependent typed manner
[Mon Jun 17 21:18:29 2013] <ryanakca> c and d don't "depend" on a in a dependent typed manner
[Mon Jun 17 21:18:37 2013] <Cale> wat
[Mon Jun 17 21:18:37 2013] <Cale> wat
[Mon Jun 17 21:18:55 2013] <Cale> You just described what it would mean for them to depend on a in a dependent typed manner
[Mon Jun 17 21:18:55 2013] <Cale> You just described what it would mean for them to depend on a in a dependent typed manner
[Mon Jun 17 21:19:00 2013] <Cale> and then said that they don't
[Mon Jun 17 21:19:00 2013] <Cale> and then said that they don't
[Mon Jun 17 21:22:51 2013] <Cale> (Maybe you can provide a more concrete example of what you're trying to type?)
[Mon Jun 17 21:22:51 2013] <Cale> (Maybe you can provide a more concrete example of what you're trying to type?)
[Mon Jun 17 21:22:53 2013] <ryanakca> I'm not sure I follow. I'm looking for the type of (assume A = string): fun a : string => if string_dec a "abc" then b1 else if string_dec a "def" then b2. where b1 : B c1 d1, and b2 : B c2 d2, with c1 c2 : C, d1 d2 : D, and both C and D are unparametrised types
[Mon Jun 17 21:22:53 2013] <ryanakca> I'm not sure I follow. I'm looking for the type of (assume A = string): fun a : string => if string_dec a "abc" then b1 else if string_dec a "def" then b2. where b1 : B c1 d1, and b2 : B c2 d2, with c1 c2 : C, d1 d2 : D, and both C and D are unparametrised types
[Mon Jun 17 21:23:26 2013] <ryanakca> Sorry, with a "Some" wrapping b1, b2, and a final "else None" clause. So:
[Mon Jun 17 21:23:26 2013] <ryanakca> Sorry, with a "Some" wrapping b1, b2, and a final "else None" clause. So:
[Mon Jun 17 21:24:24 2013] <ryanakca> fun a : string => if (string_dec a "abc") then (Some b1) else (if (string_dec a "def") then (Some b2) else None).
[Mon Jun 17 21:24:24 2013] <ryanakca> fun a : string => if (string_dec a "abc") then (Some b1) else (if (string_dec a "def") then (Some b2) else None).
[Mon Jun 17 21:25:01 2013] <ryanakca> Clearer?
[Mon Jun 17 21:25:01 2013] <ryanakca> Clearer?
[Mon Jun 17 21:29:16 2013] <ryanakca> I thought of something along the lines of: A -> option { cd : (C * D) & B (fst cd) (snd cd) }, but that doesn't seem quite right, because it lets in any (C * D), instead of one specific to the given A.
[Mon Jun 17 21:29:16 2013] <ryanakca> I thought of something along the lines of: A -> option { cd : (C * D) & B (fst cd) (snd cd) }, but that doesn't seem quite right, because it lets in any (C * D), instead of one specific to the given A.
[Mon Jun 17 21:31:09 2013] <Cale> forall (a : string), option (if string_dec a "abc" then B c1 d1 else B c2 d2) ?
[Mon Jun 17 21:31:10 2013] <Cale> forall (a : string), option (if string_dec a "abc" then B c1 d1 else B c2 d2) ?
[Mon Jun 17 21:34:31 2013] <ryanakca> Cale: And if I want to make this generic to an arbitrary (but finite) number of such combinations? Create a new type that takes in a list (A * C * D), and builds the appropriate type from this?
[Mon Jun 17 21:34:31 2013] <ryanakca> Cale: And if I want to make this generic to an arbitrary (but finite) number of such combinations? Create a new type that takes in a list (A * C * D), and builds the appropriate type from this?
[Mon Jun 17 21:34:50 2013] <Cale> I guess? I don't know what you're trying to do
[Mon Jun 17 21:34:50 2013] <Cale> I guess? I don't know what you're trying to do
[Mon Jun 17 21:37:06 2013] <Cale> It could be that you're actually not interested in the precise type of the value, but only that it has certain properties
[Mon Jun 17 21:37:06 2013] <Cale> It could be that you're actually not interested in the precise type of the value, but only that it has certain properties
[Mon Jun 17 21:37:54 2013] <Cale> and you might want to instead define what those are and an injection from the various types into a more general type that expresses that certain operations are available
[Mon Jun 17 21:37:54 2013] <Cale> and you might want to instead define what those are and an injection from the various types into a more general type that expresses that certain operations are available
[Mon Jun 17 21:40:16 2013] <Cale> ryanakca: this works: http://hpaste.org/90070
[Mon Jun 17 21:40:16 2013] <Cale> ryanakca: this works: http://hpaste.org/90070
[Mon Jun 17 21:41:03 2013] <ryanakca> Cale: Thanks
[Mon Jun 17 21:41:03 2013] <ryanakca> Cale: Thanks
[Mon Jun 17 21:41:09 2013] <Cale> (I'm terrible at coq, so I didn't want to bother figuring out the syntax to convince it that Some b1 was well typed in context)
[Mon Jun 17 21:41:09 2013] <Cale> (I'm terrible at coq, so I didn't want to bother figuring out the syntax to convince it that Some b1 was well typed in context)
[Mon Jun 17 21:42:19 2013] <Cale> (for that matter, destruct would probably have worked as well as case_eq)
[Mon Jun 17 21:42:19 2013] <Cale> (for that matter, destruct would probably have worked as well as case_eq)
[Mon Jun 17 21:43:01 2013] <Cale> yeah, it does
[Mon Jun 17 21:43:01 2013] <Cale> yeah, it does
[Mon Jun 17 21:43:21 2013] <Cale> lol, the code that it generates is bizarrely enormous for some reason
[Mon Jun 17 21:43:21 2013] <Cale> lol, the code that it generates is bizarrely enormous for some reason
[Mon Jun 17 21:45:31 2013] <Cale> http://hpaste.org/90071
[Mon Jun 17 21:45:31 2013] <Cale> http://hpaste.org/90071
[Mon Jun 17 21:46:53 2013] <Cale> I guess it's just inlining
[Mon Jun 17 21:46:53 2013] <Cale> I guess it's just inlining
[Mon Jun 17 22:02:57 2013] <Cale> ryanakca: btw, this is how to convince it directly that the types line up: http://hpaste.org/90073
[Mon Jun 17 22:02:57 2013] <Cale> ryanakca: btw, this is how to convince it directly that the types line up: http://hpaste.org/90073
[Tue Jun 18 01:48:34 2013] <gallina_newb> Where can I read the Inductive definition for Prop ?
[Tue Jun 18 01:48:34 2013] <gallina_newb> Where can I read the Inductive definition for Prop ?
[Tue Jun 18 01:48:39 2013] <gallina_newb> i.e. the set of all posisble ways to build up a Prop in coq
[Tue Jun 18 01:48:39 2013] <gallina_newb> i.e. the set of all posisble ways to build up a Prop in coq
[Tue Jun 18 02:10:30 2013] <tomprince> Prop isn't inductively defined.
[Tue Jun 18 02:10:30 2013] <tomprince> Prop isn't inductively defined.
[Tue Jun 18 02:11:01 2013] <tomprince> There are some typing rules in ch2 (I think) of the manual.
[Tue Jun 18 02:11:01 2013] <tomprince> There are some typing rules in ch2 (I think) of the manual.
[Tue Jun 18 02:39:05 2013] <gallina_newb> tomprince: noted, thanks!
[Tue Jun 18 02:39:05 2013] <gallina_newb> tomprince: noted, thanks!
[Tue Jun 18 04:50:00 2013] <gallina_newb> in standard coq, (without law of excluded middlees), is the following even true?
[Tue Jun 18 04:50:00 2013] <gallina_newb> in standard coq, (without law of excluded middlees), is the following even true?
[Tue Jun 18 04:50:01 2013] <gallina_newb> Lemma lem1:   forall (A: Type)        (f1: A -> Prop)        (f2: A -> Prop),   (forall x, f1(x) /\ f2(x)) =   (forall x, f1(x)) /\ (forall x, f2(x)).
[Tue Jun 18 04:50:01 2013] <gallina_newb> Lemma lem1:   forall (A: Type)        (f1: A -> Prop)        (f2: A -> Prop),   (forall x, f1(x) /\ f2(x)) =   (forall x, f1(x)) /\ (forall x, f2(x)).
[Tue Jun 18 04:50:17 2013] <gallina_newb> http://hpaste.org/90092 <-- non ugly version
[Tue Jun 18 04:50:17 2013] <gallina_newb> http://hpaste.org/90092 <-- non ugly version
[Tue Jun 18 04:52:42 2013] <elliott> those propositions are the same. and it doesn't have much to do with excluded middle.
[Tue Jun 18 04:52:42 2013] <elliott> those propositions are the same. and it doesn't have much to do with excluded middle.
[Tue Jun 18 04:52:57 2013] <elliott> are
[Tue Jun 18 04:52:58 2013] <elliott> are
[Tue Jun 18 04:52:59 2013] <elliott> er
[Tue Jun 18 04:52:59 2013] <elliott> er
[Tue Jun 18 04:53:00 2013] <elliott> *are not
[Tue Jun 18 04:53:00 2013] <elliott> *are not
[Tue Jun 18 04:53:03 2013] <elliott> perhaps instead of = (strict equality), you mean <-> (bi-implication)
[Tue Jun 18 04:53:03 2013] <elliott> perhaps instead of = (strict equality), you mean <-> (bi-implication)
[Tue Jun 18 04:53:08 2013] <elliott> in which case it is provable
[Tue Jun 18 04:53:08 2013] <elliott> in which case it is provable
[Tue Jun 18 04:53:15 2013] <gallina_newb> no, I want =
[Tue Jun 18 04:53:15 2013] <gallina_newb> no, I want =
[Tue Jun 18 04:53:18 2013] <gallina_newb> so I can use rewrite
[Tue Jun 18 04:53:18 2013] <gallina_newb> so I can use rewrite
[Tue Jun 18 04:53:23 2013] <gallina_newb> unless I can also use rewrite with <->
[Tue Jun 18 04:53:23 2013] <gallina_newb> unless I can also use rewrite with <->
[Tue Jun 18 04:53:41 2013] <elliott> well, you can't have it. unless you add propositional extensionality as an axiom.
[Tue Jun 18 04:53:41 2013] <elliott> well, you can't have it. unless you add propositional extensionality as an axiom.
[Tue Jun 18 04:53:41 2013] <gallina_newb> how do I prove it?
[Tue Jun 18 04:53:41 2013] <gallina_newb> how do I prove it?
[Tue Jun 18 04:53:52 2013] <gallina_newb> * googles propositional extensionality
[Tue Jun 18 04:53:52 2013] <gallina_newb> * googles propositional extensionality
[Tue Jun 18 04:54:08 2013] <elliott> where are you trying to rewrite it exactly?
[Tue Jun 18 04:54:08 2013] <elliott> where are you trying to rewrite it exactly?
[Tue Jun 18 04:55:21 2013] <gallina_newb> I'm trying to promote a forall and and
[Tue Jun 18 04:55:21 2013] <gallina_newb> I'm trying to promote a forall and and
[Tue Jun 18 04:55:29 2013] <gallina_newb> so something like forall a b c d e f g , P1 /\ P2
[Tue Jun 18 04:55:29 2013] <gallina_newb> so something like forall a b c d e f g , P1 /\ P2
[Tue Jun 18 04:55:38 2013] <gallina_newb> gets split into "forall a b c d e f g, P1" and "foral a b c d e f g, P2"
[Tue Jun 18 04:55:38 2013] <gallina_newb> gets split into "forall a b c d e f g, P1" and "foral a b c d e f g, P2"
[Tue Jun 18 04:55:43 2013] <gallina_newb> for var-length "a b c d e f g"
[Tue Jun 18 04:55:43 2013] <gallina_newb> for var-length "a b c d e f g"
[Tue Jun 18 04:56:22 2013] <elliott> gallina_newb: that's easy. use the "split" tactic.
[Tue Jun 18 04:56:22 2013] <elliott> gallina_newb: that's easy. use the "split" tactic.
[Tue Jun 18 04:56:53 2013] <gallina_newb> it can split across a forall?
[Tue Jun 18 04:56:53 2013] <gallina_newb> it can split across a forall?
[Tue Jun 18 04:57:10 2013] <gallina_newb> sorry, this is a _hypothesis_, not a goal
[Tue Jun 18 04:57:10 2013] <gallina_newb> sorry, this is a _hypothesis_, not a goal
[Tue Jun 18 04:57:18 2013] <gallina_newb> so I have "H: forall ab c d e f g, P1 /\ P2"
[Tue Jun 18 04:57:18 2013] <gallina_newb> so I have "H: forall ab c d e f g, P1 /\ P2"
[Tue Jun 18 04:57:22 2013] <gallina_newb> and I want to generate H1 and H2
[Tue Jun 18 04:57:22 2013] <gallina_newb> and I want to generate H1 and H2
[Tue Jun 18 04:58:28 2013] <elliott> ah.
[Tue Jun 18 04:58:28 2013] <elliott> ah.
[Tue Jun 18 04:58:41 2013] <elliott> I'm not sure you'd be able to do that rewrite even if you had it, given that it's under a binder.
[Tue Jun 18 04:58:41 2013] <elliott> I'm not sure you'd be able to do that rewrite even if you had it, given that it's under a binder.
[Tue Jun 18 04:59:00 2013] <elliott> I think there might be shorthand syntax for introducting H in the split form?
[Tue Jun 18 04:59:00 2013] <elliott> I think there might be shorthand syntax for introducting H in the split form?
[Tue Jun 18 04:59:06 2013] <elliott> you can just write it in the ugly long form way.
[Tue Jun 18 04:59:06 2013] <elliott> you can just write it in the ugly long form way.
[Tue Jun 18 04:59:47 2013] <gallina_newb> elliott: what's the ugly long form way?
[Tue Jun 18 04:59:47 2013] <gallina_newb> elliott: what's the ugly long form way?
[Tue Jun 18 05:00:19 2013] <elliott> pose proof (fun a b c d e f g => proj1 (H a b c d e f g)) as H1.
[Tue Jun 18 05:00:19 2013] <elliott> pose proof (fun a b c d e f g => proj1 (H a b c d e f g)) as H1.
[Tue Jun 18 05:00:24 2013] <elliott> pose proof (fun a b c d e f g => proj2 (H a b c d e f g)) as H2.
[Tue Jun 18 05:00:24 2013] <elliott> pose proof (fun a b c d e f g => proj2 (H a b c d e f g)) as H2.
[Tue Jun 18 05:00:27 2013] <elliott> clear H.
[Tue Jun 18 05:00:27 2013] <elliott> clear H.
[Tue Jun 18 05:02:03 2013] <gallina_newb> yes, but I'm trying to write a tactic :-)
[Tue Jun 18 05:02:03 2013] <gallina_newb> yes, but I'm trying to write a tactic :-)
[Tue Jun 18 05:02:10 2013] <gallina_newb> and I'd like it to handle arbitrary number of a b c d e f g
[Tue Jun 18 05:02:10 2013] <gallina_newb> and I'd like it to handle arbitrary number of a b c d e f g
[Tue Jun 18 05:02:21 2013] <gallina_newb> though in reality, I doubt I'll make it past more than 10
[Tue Jun 18 05:02:21 2013] <gallina_newb> though in reality, I doubt I'll make it past more than 10
[Tue Jun 18 05:04:56 2013] <elliott> * knows nothin about ltac programming, thankfully
[Tue Jun 18 05:04:56 2013] <elliott> * knows nothin about ltac programming, thankfully
[Wed Jun 19 03:06:14 2013] <gallina_newb> I know how to define "max (lst: list Z): Z := ... "
[Wed Jun 19 03:06:14 2013] <gallina_newb> I know how to define "max (lst: list Z): Z := ... "
[Wed Jun 19 03:06:24 2013] <gallina_newb> however, I want to define a function "max" whose inputs are _non-empty_ lists
[Wed Jun 19 03:06:24 2013] <gallina_newb> however, I want to define a function "max" whose inputs are _non-empty_ lists
[Wed Jun 19 03:06:38 2013] <gallina_newb> in Coq, how do I specify somethign like "max (lst: list Z, lst is not nil) : Z := ... "
[Wed Jun 19 03:06:38 2013] <gallina_newb> in Coq, how do I specify somethign like "max (lst: list Z, lst is not nil) : Z := ... "
[Wed Jun 19 03:06:50 2013] <gallina_newb> and then have Coq not complain to me about "match lst with ... " not matching against nil list
[Wed Jun 19 03:06:50 2013] <gallina_newb> and then have Coq not complain to me about "match lst with ... " not matching against nil list
[Wed Jun 19 03:06:51 2013] <gallina_newb> thanks
[Wed Jun 19 03:06:51 2013] <gallina_newb> thanks
[Wed Jun 19 03:30:51 2013] <sgnb> gallina_newb: https://paste.debian.net/11246/
[Wed Jun 19 03:30:51 2013] <sgnb> gallina_newb: https://paste.debian.net/11246/
[Wed Jun 19 03:31:50 2013] <sgnb> (using the proof mode)
[Wed Jun 19 03:31:50 2013] <sgnb> (using the proof mode)
[Wed Jun 19 03:32:36 2013] <gallina_newb> so : refine (let m := IHlst _ in _) <-- this is the same as "m = max of rest of list" ?
[Wed Jun 19 03:32:36 2013] <gallina_newb> so : refine (let m := IHlst _ in _) <-- this is the same as "m = max of rest of list" ?
[Wed Jun 19 03:32:47 2013] <gallina_newb> and "z" is the first element of "lst" ?
[Wed Jun 19 03:32:47 2013] <gallina_newb> and "z" is the first element of "lst" ?
[Wed Jun 19 03:32:53 2013] <gallina_newb> I've never seen a function defined this way.
[Wed Jun 19 03:32:53 2013] <gallina_newb> I've never seen a function defined this way.
[Wed Jun 19 03:34:14 2013] <gallina_newb> oh wait
[Wed Jun 19 03:34:14 2013] <gallina_newb> oh wait
[Wed Jun 19 03:34:26 2013] <gallina_newb> the "exact a" <-- this is the line where I define that a list of element is the avlue of that element
[Wed Jun 19 03:34:26 2013] <gallina_newb> the "exact a" <-- this is the line where I define that a list of element is the avlue of that element
[Wed Jun 19 03:35:08 2013] <sgnb> you have to execute it interactively to understand
[Wed Jun 19 03:35:08 2013] <sgnb> you have to execute it interactively to understand
[Wed Jun 19 03:35:41 2013] <gallina_newb> just did so
[Wed Jun 19 03:35:41 2013] <gallina_newb> just did so
[Wed Jun 19 03:36:01 2013] <gallina_newb> so after you do "destruct lst"
[Wed Jun 19 03:36:01 2013] <gallina_newb> so after you do "destruct lst"
[Wed Jun 19 03:36:11 2013] <gallina_newb> there's two cases, one case is the [a]; the other is x::xs
[Wed Jun 19 03:36:11 2013] <gallina_newb> there's two cases, one case is the [a]; the other is x::xs
[Wed Jun 19 03:36:17 2013] <gallina_newb> "exact a" handles the [a] case
[Wed Jun 19 03:36:17 2013] <gallina_newb> "exact a" handles the [a] case
[Wed Jun 19 03:36:35 2013] <gallina_newb> It's still not clear to me why you're using a refine (let m: ... )
[Wed Jun 19 03:36:35 2013] <gallina_newb> It's still not clear to me why you're using a refine (let m: ... )
[Wed Jun 19 03:42:13 2013] <sgnb> to have the opportunity to give the missing argument to the recursive call as a proof (with tactics)
[Wed Jun 19 03:42:13 2013] <sgnb> to have the opportunity to give the missing argument to the recursive call as a proof (with tactics)
[Wed Jun 19 03:42:59 2013] <sgnb> (the missing argument has type "(z::lst) <> nil")
[Wed Jun 19 03:42:59 2013] <sgnb> (the missing argument has type "(z::lst) <> nil")
[Wed Jun 19 03:44:23 2013] <gallina_newb> unerstood now.
[Wed Jun 19 03:44:23 2013] <gallina_newb> unerstood now.
[Wed Jun 19 03:44:28 2013] <gallina_newb> Thanks for the code, this was very enlightening.
[Wed Jun 19 03:44:28 2013] <gallina_newb> Thanks for the code, this was very enlightening.
[Wed Jun 19 03:49:27 2013] <sgnb> gallina_newb: alternatively, https://paste.debian.net/11250/
[Wed Jun 19 03:49:27 2013] <sgnb> gallina_newb: alternatively, https://paste.debian.net/11250/
[Wed Jun 19 03:49:32 2013] <sgnb> (without proof mode)
[Wed Jun 19 03:49:33 2013] <sgnb> (without proof mode)
[Wed Jun 19 06:51:19 2013] <roosbeef> hi all
[Wed Jun 19 06:51:19 2013] <roosbeef> hi all
[Wed Jun 19 06:51:57 2013] <roosbeef> suppose i would like to prove something like this https://privatepaste.com/10be873a32
[Wed Jun 19 06:51:57 2013] <roosbeef> suppose i would like to prove something like this https://privatepaste.com/10be873a32
[Wed Jun 19 06:52:37 2013] <roosbeef> which is quite trivial on paper but in Coq im a bit unsure on what angle to tackle it from
[Wed Jun 19 06:52:37 2013] <roosbeef> which is quite trivial on paper but in Coq im a bit unsure on what angle to tackle it from
[Wed Jun 19 06:53:36 2013] <roosbeef> the basic idea is that s ++ x is greater than s ++ y, simply because we have the assumption that x is greater than y
[Wed Jun 19 06:53:36 2013] <roosbeef> the basic idea is that s ++ x is greater than s ++ y, simply because we have the assumption that x is greater than y
[Wed Jun 19 06:53:44 2013] <roosbeef> the s part is therefore redundant
[Wed Jun 19 06:53:44 2013] <roosbeef> the s part is therefore redundant
[Wed Jun 19 06:53:57 2013] <roosbeef> any hints?
[Wed Jun 19 06:53:57 2013] <roosbeef> any hints?
[Wed Jun 19 07:02:20 2013] <roosbeef> maybe someone knows of a lemma/theorem from the libraries that looks similar?
[Wed Jun 19 07:02:20 2013] <roosbeef> maybe someone knows of a lemma/theorem from the libraries that looks similar?
[Wed Jun 19 07:11:29 2013] <fisi> I guess this is the kind of property you'd usually want to prove as a separate lemma for the usual orderings of lists.
[Wed Jun 19 07:11:29 2013] <fisi> I guess this is the kind of property you'd usually want to prove as a separate lemma for the usual orderings of lists.
[Wed Jun 19 07:12:29 2013] <fisi> I don't think there's a lemma for this kind of thing already, but it should be rather simple to prove by induction over s
[Wed Jun 19 07:12:29 2013] <fisi> I don't think there's a lemma for this kind of thing already, but it should be rather simple to prove by induction over s
[Wed Jun 19 07:15:17 2013] <roosbeef> yea im making a seperate lemma out of it
[Wed Jun 19 07:15:17 2013] <roosbeef> yea im making a seperate lemma out of it
[Wed Jun 19 07:16:08 2013] <roosbeef> hm
[Wed Jun 19 07:16:08 2013] <roosbeef> hm
[Wed Jun 19 07:16:25 2013] <roosbeef> rather simple you say? :p
[Wed Jun 19 07:16:25 2013] <roosbeef> rather simple you say? :p
[Wed Jun 19 07:18:30 2013] <fisi> well, it looks like it, at least :)
[Wed Jun 19 07:18:30 2013] <fisi> well, it looks like it, at least :)
[Wed Jun 19 07:18:46 2013] <roosbeef> yep that was my impression too
[Wed Jun 19 07:18:46 2013] <roosbeef> yep that was my impression too
[Wed Jun 19 07:19:18 2013] <fisi> in the base case you have the assumption, in the inductive step -- I figure, the compare is defined inductively on the list, so you should be able to use the induction hypothesis
[Wed Jun 19 07:19:18 2013] <fisi> in the base case you have the assumption, in the inductive step -- I figure, the compare is defined inductively on the list, so you should be able to use the induction hypothesis
[Wed Jun 19 07:21:29 2013] <roosbeef> the compare is defined by a fixpoint
[Wed Jun 19 07:21:29 2013] <roosbeef> the compare is defined by a fixpoint
[Wed Jun 19 07:22:11 2013] <roosbeef> https://privatepaste.com/a6fe9a9d3a
[Wed Jun 19 07:22:11 2013] <roosbeef> https://privatepaste.com/a6fe9a9d3a
[Wed Jun 19 07:24:21 2013] <fisi> yeah, so in the inductive step you get a (ltr_compare l l), for which you should have a lemma stating it's always Eq, the ifs simplify, and you should be able to apply IH
[Wed Jun 19 07:24:21 2013] <fisi> yeah, so in the inductive step you get a (ltr_compare l l), for which you should have a lemma stating it's always Eq, the ifs simplify, and you should be able to apply IH
[Wed Jun 19 07:24:44 2013] <fisi> (where l is the first letter of s, on which the induction is happening)
[Wed Jun 19 07:24:44 2013] <fisi> (where l is the first letter of s, on which the induction is happening)
[Wed Jun 19 07:25:32 2013] <roosbeef> yes
[Wed Jun 19 07:25:32 2013] <roosbeef> yes
[Wed Jun 19 07:25:49 2013] <roosbeef> and that lemma stating its always Eq is the one im trying to construct :p
[Wed Jun 19 07:25:49 2013] <roosbeef> and that lemma stating its always Eq is the one im trying to construct :p
[Wed Jun 19 07:28:00 2013] <roosbeef> my battery is running low, gotta move to a spot with an electricity socket, back in a bit
[Wed Jun 19 07:28:00 2013] <roosbeef> my battery is running low, gotta move to a spot with an electricity socket, back in a bit
[Wed Jun 19 07:41:31 2013] <roosbeef> hi
[Wed Jun 19 07:41:31 2013] <roosbeef> hi
[Wed Jun 19 07:57:57 2013] <roosbeef> fisi, still here?
[Wed Jun 19 07:57:57 2013] <roosbeef> fisi, still here?
[Wed Jun 19 07:59:03 2013] <roosbeef> suppose i have this definition of ltr_compare https://privatepaste.com/c83ee4e96c (upper part) and in proof mode i have the bottom part. How do i replace "ltr_compare l l" with Eq?
[Wed Jun 19 07:59:03 2013] <roosbeef> suppose i have this definition of ltr_compare https://privatepaste.com/c83ee4e96c (upper part) and in proof mode i have the bottom part. How do i replace "ltr_compare l l" with Eq?
[Wed Jun 19 08:04:41 2013] <roosbeef> is it possible to add a proven lemma to the list of assumptions?
[Wed Jun 19 08:04:41 2013] <roosbeef> is it possible to add a proven lemma to the list of assumptions?
[Wed Jun 19 08:10:30 2013] <elliott> roosbeef: e.g. "pose proof my_lemma."
[Wed Jun 19 08:10:30 2013] <elliott> roosbeef: e.g. "pose proof my_lemma."
[Wed Jun 19 08:10:57 2013] <roosbeef> ha thanks :)
[Wed Jun 19 08:10:57 2013] <roosbeef> ha thanks :)
[Wed Jun 19 08:11:54 2013] <elliott> roosbeef: but generally you shouldn't need to...
[Wed Jun 19 08:11:54 2013] <elliott> roosbeef: but generally you shouldn't need to...
[Wed Jun 19 08:12:00 2013] <roosbeef> elliott why is that?
[Wed Jun 19 08:12:00 2013] <roosbeef> elliott why is that?
[Wed Jun 19 08:12:30 2013] <roosbeef> well, i have this lemma proven, H0 : forall x : letter, ltr_compare x x = Eq
[Wed Jun 19 08:12:30 2013] <roosbeef> well, i have this lemma proven, H0 : forall x : letter, ltr_compare x x = Eq
[Wed Jun 19 08:12:30 2013] <roosbeef> and this is nested inside a proof im working on:
[Wed Jun 19 08:12:30 2013] <roosbeef> and this is nested inside a proof im working on:
[Wed Jun 19 08:12:35 2013] <roosbeef> ltr_compare l l
[Wed Jun 19 08:12:35 2013] <roosbeef> ltr_compare l l
[Wed Jun 19 08:12:41 2013] <roosbeef> id like to replace the latter with Eq
[Wed Jun 19 08:12:41 2013] <roosbeef> id like to replace the latter with Eq
[Wed Jun 19 08:13:11 2013] <elliott> well, you can usually use "apply" or "contradict" or so on rather than needing it as an assumption
[Wed Jun 19 08:13:11 2013] <elliott> well, you can usually use "apply" or "contradict" or so on rather than needing it as an assumption
[Wed Jun 19 08:13:21 2013] <elliott> here it sounds like what you want is "rewrite H0"
[Wed Jun 19 08:13:21 2013] <elliott> here it sounds like what you want is "rewrite H0"
[Wed Jun 19 08:13:26 2013] <elliott> (I thought you meant a lemma defined separately)
[Wed Jun 19 08:13:26 2013] <elliott> (I thought you meant a lemma defined separately)
[Wed Jun 19 08:13:55 2013] <roosbeef> ha yep that works :) thank you
[Wed Jun 19 08:13:55 2013] <roosbeef> ha yep that works :) thank you
[Wed Jun 19 08:24:36 2013] <fisi> sorry, been afk for a while.
[Wed Jun 19 08:24:36 2013] <fisi> sorry, been afk for a while.
[Wed Jun 19 08:24:59 2013] <fisi> I think in this case you can just use `rewrite lemma_name'
[Wed Jun 19 08:24:59 2013] <fisi> I think in this case you can just use `rewrite lemma_name'
[Wed Jun 19 08:25:50 2013] <fisi> (and in the more complicates cases, if it can't figure out the instantiation, you can just apply the arguments, like in `rewrite (lemma_name l)'
[Wed Jun 19 08:25:50 2013] <fisi> (and in the more complicates cases, if it can't figure out the instantiation, you can just apply the arguments, like in `rewrite (lemma_name l)'
[Wed Jun 19 08:28:18 2013] <roosbeef> cool thanks :)
[Wed Jun 19 08:28:18 2013] <roosbeef> cool thanks :)
[Wed Jun 19 08:28:23 2013] <roosbeef> gotta run, bbl
[Wed Jun 19 08:28:23 2013] <roosbeef> gotta run, bbl
[Tue Jun 25 10:04:22 2013] <roosbeef> ok so suppose we have
[Tue Jun 25 10:04:22 2013] <roosbeef> ok so suppose we have
[Tue Jun 25 10:04:24 2013] <roosbeef> plus_0_r : forall n : nat, n + 0 = n
[Tue Jun 25 10:04:24 2013] <roosbeef> plus_0_r : forall n : nat, n + 0 = n
[Tue Jun 25 10:04:47 2013] <roosbeef> and somewhere nested is fs_countgrave x' + 0
[Tue Jun 25 10:04:47 2013] <roosbeef> and somewhere nested is fs_countgrave x' + 0
[Tue Jun 25 10:04:54 2013] <elliott> * engages the full extent of his supposition
[Tue Jun 25 10:04:55 2013] <elliott> * engages the full extent of his supposition
[Tue Jun 25 10:05:03 2013] <roosbeef> how to rewrite the nested statement to fs_countgrave x'?
[Tue Jun 25 10:05:03 2013] <roosbeef> how to rewrite the nested statement to fs_countgrave x'?
[Tue Jun 25 10:05:09 2013] <roosbeef> (removing the + 0 part)
[Tue Jun 25 10:05:10 2013] <roosbeef> (removing the + 0 part)
[Tue Jun 25 10:05:33 2013] <elliott> rewrite plus_0_r
[Tue Jun 25 10:05:34 2013] <elliott> rewrite plus_0_r
[Tue Jun 25 10:05:50 2013] <elliott> er, or is it rewrite <- plus_0_r. I always mix the directions up.
[Tue Jun 25 10:05:50 2013] <elliott> er, or is it rewrite <- plus_0_r. I always mix the directions up.
[Tue Jun 25 10:05:54 2013] <roosbeef> wow that simple? :p
[Tue Jun 25 10:05:54 2013] <roosbeef> wow that simple? :p
[Tue Jun 25 10:05:58 2013] <roosbeef> thanks lol
[Tue Jun 25 10:05:58 2013] <roosbeef> thanks lol
[Tue Jun 25 10:06:10 2013] <roosbeef> didnt think it would be that simple for some reason ;p
[Tue Jun 25 10:06:10 2013] <roosbeef> didnt think it would be that simple for some reason ;p
[Tue Jun 25 10:06:38 2013] <elliott> :)
[Tue Jun 25 10:06:39 2013] <elliott> :)
[Wed Jun 26 00:06:41 2013] <thm_prover> is there a type for a function of the form "Keq: K -> K -> bool" where forall k1 k2, Keq k1 k2 = true <-> k1 = k2 ?
[Wed Jun 26 00:06:41 2013] <thm_prover> is there a type for a function of the form "Keq: K -> K -> bool" where forall k1 k2, Keq k1 k2 = true <-> k1 = k2 ?
[Wed Jun 26 00:07:08 2013] <thm_prover> I want something more restrictive than "K -> K -> bool"; i.e. something that also satisfies "is the same as ="
[Wed Jun 26 00:07:08 2013] <thm_prover> I want something more restrictive than "K -> K -> bool"; i.e. something that also satisfies "is the same as ="
[Wed Jun 26 00:07:31 2013] <thm_prover> for example, "leb" and "ltb" both satisfy "nat -> nat -> bool", but they don't satisfy "="
[Wed Jun 26 00:07:31 2013] <thm_prover> for example, "leb" and "ltb" both satisfy "nat -> nat -> bool", but they don't satisfy "="
[Wed Jun 26 00:13:18 2013] <Cale> thm_prover: forall a b : K, { a = b } + { a <> b }
[Wed Jun 26 00:13:18 2013] <Cale> thm_prover: forall a b : K, { a = b } + { a <> b }
[Wed Jun 26 00:13:44 2013] <thm_prover> this is a sum-bool right?
[Wed Jun 26 00:13:44 2013] <thm_prover> this is a sum-bool right?
[Wed Jun 26 00:13:56 2013] <thm_prover> although I'm sure you're right, can you explain wtf is going on?
[Wed Jun 26 00:13:56 2013] <thm_prover> although I'm sure you're right, can you explain wtf is going on?
[Wed Jun 26 00:14:14 2013] <thm_prover> how does having this type, without specifying how it's defined, allow me to use it within functions that must terminate
[Wed Jun 26 00:14:14 2013] <thm_prover> how does having this type, without specifying how it's defined, allow me to use it within functions that must terminate
[Wed Jun 26 00:14:22 2013] <thm_prover> I fail to understand all the black magic behind the scenes
[Wed Jun 26 00:14:22 2013] <thm_prover> I fail to understand all the black magic behind the scenes
[Wed Jun 26 00:14:28 2013] <Cale> Er, what?
[Wed Jun 26 00:14:28 2013] <Cale> Er, what?
[Wed Jun 26 00:14:30 2013] <copumpkin> the truth is, bool is rarely what you want
[Wed Jun 26 00:14:30 2013] <copumpkin> the truth is, bool is rarely what you want
[Wed Jun 26 00:14:39 2013] <copumpkin> thm_prover: you want a type that says "either equal or not equal"
[Wed Jun 26 00:14:39 2013] <copumpkin> thm_prover: you want a type that says "either equal or not equal"
[Wed Jun 26 00:14:43 2013] <copumpkin> and that is literally what Cale's type says
[Wed Jun 26 00:14:43 2013] <copumpkin> and that is literally what Cale's type says
[Wed Jun 26 00:14:51 2013] <thm_prover> well, I ned to use this ina  function
[Wed Jun 26 00:14:51 2013] <thm_prover> well, I ned to use this ina  function
[Wed Jun 26 00:15:00 2013] <thm_prover> i.e. Function blah blah blah = if (TEST ...) then ... else ...
[Wed Jun 26 00:15:00 2013] <thm_prover> i.e. Function blah blah blah = if (TEST ...) then ... else ...
[Wed Jun 26 00:15:04 2013] <Cale> If you have a term of that type, what it does is for every a and b of type K to produce either a proof that a = b, or a proof that a <> b.
[Wed Jun 26 00:15:04 2013] <Cale> If you have a term of that type, what it does is for every a and b of type K to produce either a proof that a = b, or a proof that a <> b.
[Wed Jun 26 00:15:10 2013] <copumpkin> iirc, if magically works on that type
[Wed Jun 26 00:15:10 2013] <copumpkin> iirc, if magically works on that type
[Wed Jun 26 00:15:12 2013] <thm_prover> so I think I need K -> K -> bool; ... unless I compeltely fail to understand how functions work
[Wed Jun 26 00:15:12 2013] <thm_prover> so I think I need K -> K -> bool; ... unless I compeltely fail to understand how functions work
[Wed Jun 26 00:15:18 2013] <Cale> This is the case whether it's a function parameter or not.
[Wed Jun 26 00:15:18 2013] <Cale> This is the case whether it's a function parameter or not.
[Wed Jun 26 00:15:35 2013] <Cale> You can always turn a sum like this into a bool
[Wed Jun 26 00:15:35 2013] <Cale> You can always turn a sum like this into a bool
[Wed Jun 26 00:16:05 2013] <Cale> But you can't necessarily go the other way -- the value of the sum type will actually contain the proof of equality or inequality.
[Wed Jun 26 00:16:05 2013] <Cale> But you can't necessarily go the other way -- the value of the sum type will actually contain the proof of equality or inequality.
[Wed Jun 26 00:16:21 2013] <thm_prover> Coq is complaingn to me
[Wed Jun 26 00:16:21 2013] <thm_prover> Coq is complaingn to me
[Wed Jun 26 00:16:29 2013] <thm_prover> that I have a type {k1 = k2} + {k1 <> k2} rather than bool
[Wed Jun 26 00:16:29 2013] <thm_prover> that I have a type {k1 = k2} + {k1 <> k2} rather than bool
[Wed Jun 26 00:16:35 2013] <thm_prover> how do I force this into a bool?
[Wed Jun 26 00:16:35 2013] <thm_prover> how do I force this into a bool?
[Wed Jun 26 00:16:37 2013] <Cale> in which context?
[Wed Jun 26 00:16:37 2013] <Cale> in which context?
[Wed Jun 26 00:17:02 2013] <thm_prover> let me produce minimal example
[Wed Jun 26 00:17:02 2013] <thm_prover> let me produce minimal example
[Wed Jun 26 00:17:25 2013] <Cale> You can usually use this in an if as well... as you can with any inductive type with two constructors
[Wed Jun 26 00:17:25 2013] <Cale> You can usually use this in an if as well... as you can with any inductive type with two constructors
[Wed Jun 26 00:17:54 2013] <thm_prover> http://hpaste.org/90436
[Wed Jun 26 00:17:54 2013] <thm_prover> http://hpaste.org/90436
[Wed Jun 26 00:17:54 2013] <thm_prover> hmm
[Wed Jun 26 00:17:54 2013] <thm_prover> hmm
[Wed Jun 26 00:17:57 2013] <thm_prover> I should minimize it more
[Wed Jun 26 00:17:57 2013] <thm_prover> I should minimize it more
[Wed Jun 26 00:18:11 2013] <Cale> So you could write  if b then true else false, where b : {x = y} + {x <> y}
[Wed Jun 26 00:18:11 2013] <Cale> So you could write  if b then true else false, where b : {x = y} + {x <> y}
[Wed Jun 26 00:18:32 2013] <Cale> and that'll throw away the information about which things were equal or not
[Wed Jun 26 00:18:32 2013] <Cale> and that'll throw away the information about which things were equal or not
[Wed Jun 26 00:19:13 2013] <copumpkin> this is one place where if x then true else false is not a nop! :P
[Wed Jun 26 00:19:13 2013] <copumpkin> this is one place where if x then true else false is not a nop! :P
[Wed Jun 26 00:19:32 2013] <copumpkin> well, in practice, the generated code might be I guess
[Wed Jun 26 00:19:32 2013] <copumpkin> well, in practice, the generated code might be I guess
[Wed Jun 26 00:20:02 2013] <Cale> Well, it's only not a nop because coq has generalised if/then/else :)
[Wed Jun 26 00:20:02 2013] <Cale> Well, it's only not a nop because coq has generalised if/then/else :)
[Wed Jun 26 00:21:09 2013] <thm_prover> I'm an idiot
[Wed Jun 26 00:21:09 2013] <thm_prover> I'm an idiot
[Wed Jun 26 00:21:11 2013] <thm_prover> it works now
[Wed Jun 26 00:21:11 2013] <thm_prover> it works now
[Wed Jun 26 00:21:12 2013] <thm_prover> thanks!
[Wed Jun 26 00:21:12 2013] <thm_prover> thanks!
[Wed Jun 26 00:21:36 2013] <Cale> thm_prover: use in_dec from List
[Wed Jun 26 00:21:36 2013] <Cale> thm_prover: use in_dec from List
[Wed Jun 26 00:21:48 2013] <Cale> rather than whatever in_listb is
[Wed Jun 26 00:21:48 2013] <Cale> rather than whatever in_listb is
[Wed Jun 26 00:22:00 2013] <thm_prover> Cale: I hereby double your commission
[Wed Jun 26 00:22:00 2013] <thm_prover> Cale: I hereby double your commission
[Wed Jun 26 00:32:03 2013] <copumpkin> :O
[Wed Jun 26 00:32:03 2013] <copumpkin> :O
[Wed Jun 26 09:35:38 2013] <roosbeef> in proof mode, why does unfolding a function f inside an assumption lead to a "fix f ..." structure?
[Wed Jun 26 09:35:38 2013] <roosbeef> in proof mode, why does unfolding a function f inside an assumption lead to a "fix f ..." structure?
[Wed Jun 26 09:36:22 2013] <roosbeef> (whereas, unfolding the same function inside a goal just leads to the function being reducted)
[Wed Jun 26 09:36:22 2013] <roosbeef> (whereas, unfolding the same function inside a goal just leads to the function being reducted)
[Wed Jun 26 09:38:26 2013] <roosbeef> nm, guess i have to destruct it as well
[Wed Jun 26 09:38:26 2013] <roosbeef> nm, guess i have to destruct it as well
[Wed Jun 26 09:39:01 2013] <elliott> need to feed it enough information to reduce
[Wed Jun 26 09:39:01 2013] <elliott> need to feed it enough information to reduce
[Wed Jun 26 09:40:56 2013] <roosbeef> whats up elliot :)
[Wed Jun 26 09:40:56 2013] <roosbeef> whats up elliot :)
[Wed Jun 26 09:48:03 2013] <t7> can i do implicit args in coq?
[Wed Jun 26 09:48:03 2013] <t7> can i do implicit args in coq?
[Wed Jun 26 09:48:13 2013] <t7> it keeps expecting them when i pattern match
[Wed Jun 26 09:48:14 2013] <t7> it keeps expecting them when i pattern match
[Wed Jun 26 09:54:00 2013] <roosbeef> hm does "destruct f x" actually compute the result of "f x" as a specific instance, or just replace it with the possible values of f (suppose f has 3 possible outcomes, it would split the goal three way)
[Wed Jun 26 09:54:00 2013] <roosbeef> hm does "destruct f x" actually compute the result of "f x" as a specific instance, or just replace it with the possible values of f (suppose f has 3 possible outcomes, it would split the goal three way)
[Wed Jun 26 09:56:08 2013] <elliott> you probably mean destruct (f x)
[Wed Jun 26 09:56:08 2013] <elliott> you probably mean destruct (f x)
[Wed Jun 26 09:56:15 2013] <elliott> in which case it does not "remember" that the result comes from f, yes
[Wed Jun 26 09:56:15 2013] <elliott> in which case it does not "remember" that the result comes from f, yes
[Wed Jun 26 09:56:20 2013] <elliott> you can do: remember (f x) as foo; destruct foo
[Wed Jun 26 09:56:20 2013] <elliott> you can do: remember (f x) as foo; destruct foo
[Wed Jun 26 09:56:28 2013] <elliott> and then you get an equality showing that the result is equal to f x
[Wed Jun 26 09:56:29 2013] <elliott> and then you get an equality showing that the result is equal to f x
[Wed Jun 26 09:56:33 2013] <elliott> which you can then do inversion type things on
[Wed Jun 26 09:56:33 2013] <elliott> which you can then do inversion type things on
[Wed Jun 26 09:58:56 2013] <roosbeef> i did mean destruct (f x)
[Wed Jun 26 09:58:56 2013] <roosbeef> i did mean destruct (f x)
[Wed Jun 26 09:59:13 2013] <roosbeef> let me see
[Wed Jun 26 09:59:13 2013] <roosbeef> let me see
[Wed Jun 26 10:01:05 2013] <roosbeef> hm
[Wed Jun 26 10:01:05 2013] <roosbeef> hm
[Wed Jun 26 10:01:07 2013] <roosbeef> that doesnt help much
[Wed Jun 26 10:01:07 2013] <roosbeef> that doesnt help much
[Wed Jun 26 10:01:15 2013] <roosbeef> it still splits the goal three way
[Wed Jun 26 10:01:15 2013] <roosbeef> it still splits the goal three way
[Wed Jun 26 10:01:56 2013] <roosbeef> and each subgoal has foo = a, foo = b, or foo = c (a, b, c being the possible outcomes of f)
[Wed Jun 26 10:01:56 2013] <roosbeef> and each subgoal has foo = a, foo = b, or foo = c (a, b, c being the possible outcomes of f)
[Wed Jun 26 10:02:16 2013] <roosbeef> f x has a static value though, it simply computes to a for example
[Wed Jun 26 10:02:16 2013] <roosbeef> f x has a static value though, it simply computes to a for example
[Wed Jun 26 10:02:22 2013] <roosbeef> when you follow the definition of f
[Wed Jun 26 10:02:22 2013] <roosbeef> when you follow the definition of f
[Wed Jun 26 10:02:34 2013] <roosbeef> its almost as if Coq fully ignores x in doing destruct (f x)
[Wed Jun 26 10:02:34 2013] <roosbeef> its almost as if Coq fully ignores x in doing destruct (f x)
[Wed Jun 26 10:02:58 2013] <roosbeef> except that it removes it along with f
[Wed Jun 26 10:02:58 2013] <roosbeef> except that it removes it along with f
[Wed Jun 26 10:05:51 2013] <elliott> huh?
[Wed Jun 26 10:05:51 2013] <elliott> huh?
[Wed Jun 26 10:05:53 2013] <elliott> it shouldn't...
[Wed Jun 26 10:05:53 2013] <elliott> it shouldn't...
[Wed Jun 26 10:05:53 2013] <roosbeef> well,
[Wed Jun 26 10:05:53 2013] <roosbeef> well,
[Wed Jun 26 10:06:00 2013] <elliott> anyway I don't think you want destruct here
[Wed Jun 26 10:06:01 2013] <roosbeef> im doing "destruct (ltr_compare l l)"
[Wed Jun 26 10:06:01 2013] <roosbeef> im doing "destruct (ltr_compare l l)"
[Wed Jun 26 10:06:01 2013] <elliott> anyway I don't think you want destruct here
[Wed Jun 26 10:06:05 2013] <elliott> why not use "simpl" or "compute"?
[Wed Jun 26 10:06:05 2013] <elliott> why not use "simpl" or "compute"?
[Wed Jun 26 10:06:13 2013] <roosbeef> ltr_compare checks the order of two letters
[Wed Jun 26 10:06:13 2013] <roosbeef> ltr_compare checks the order of two letters
[Wed Jun 26 10:06:22 2013] <roosbeef> and if they are the same, it should return Eq
[Wed Jun 26 10:06:22 2013] <roosbeef> and if they are the same, it should return Eq
[Wed Jun 26 10:06:34 2013] <elliott> ok, so it sounds like you need to do destruct or induction on l
[Wed Jun 26 10:06:34 2013] <elliott> ok, so it sounds like you need to do destruct or induction on l
[Wed Jun 26 10:06:40 2013] <roosbeef> so i dont see why Coq would split the goal into three cases, Lt, Eq and Gt
[Wed Jun 26 10:06:40 2013] <roosbeef> so i dont see why Coq would split the goal into three cases, Lt, Eq and Gt
[Wed Jun 26 10:06:42 2013] <elliott> so it computes to Eq in all cases
[Wed Jun 26 10:06:42 2013] <elliott> so it computes to Eq in all cases
[Wed Jun 26 10:06:48 2013] <elliott> because Coq is not a mind-reader
[Wed Jun 26 10:06:48 2013] <elliott> because Coq is not a mind-reader
[Wed Jun 26 10:06:58 2013] <elliott> perhaps you should prove, as a lemma, that forall l, ltr_compare l l = Eq
[Wed Jun 26 10:06:59 2013] <elliott> perhaps you should prove, as a lemma, that forall l, ltr_compare l l = Eq
[Wed Jun 26 10:07:03 2013] <elliott> then you can rewrite with that lemma
[Wed Jun 26 10:07:03 2013] <elliott> then you can rewrite with that lemma
[Wed Jun 26 10:07:08 2013] <roosbeef> hm
[Wed Jun 26 10:07:08 2013] <roosbeef> hm
[Wed Jun 26 10:07:17 2013] <roosbeef> Coq cant see that?
[Wed Jun 26 10:07:18 2013] <roosbeef> Coq cant see that?
[Wed Jun 26 10:07:26 2013] <roosbeef> it follows from the definition
[Wed Jun 26 10:07:26 2013] <roosbeef> it follows from the definition
[Wed Jun 26 10:07:36 2013] <elliott> no, Coq cannot automatically deduce arbitrary theorems about the functions you define :)
[Wed Jun 26 10:07:36 2013] <elliott> no, Coq cannot automatically deduce arbitrary theorems about the functions you define :)
[Wed Jun 26 10:07:47 2013] <roosbeef> its not an arbitrary theorem! :P
[Wed Jun 26 10:07:47 2013] <roosbeef> its not an arbitrary theorem! :P
[Wed Jun 26 10:07:56 2013] <elliott> if it computes like you say it does, then "destruct l; auto" should be enough to prove the lemma.
[Wed Jun 26 10:07:56 2013] <elliott> if it computes like you say it does, then "destruct l; auto" should be enough to prove the lemma.
[Wed Jun 26 10:08:01 2013] <roosbeef> ok fair point i guess
[Wed Jun 26 10:08:01 2013] <roosbeef> ok fair point i guess
[Wed Jun 26 10:08:22 2013] <roosbeef> thanks let me look into that :)
[Wed Jun 26 10:08:22 2013] <roosbeef> thanks let me look into that :)
[Wed Jun 26 10:13:02 2013] <roosbeef> elliott, so i did "pose ltr_compare_l_l_is_Eq" (which is the lemma proving that for all l, ltr_compare l l = Eq)
[Wed Jun 26 10:13:02 2013] <roosbeef> elliott, so i did "pose ltr_compare_l_l_is_Eq" (which is the lemma proving that for all l, ltr_compare l l = Eq)
[Wed Jun 26 10:13:17 2013] <roosbeef> adding to the assumptions e0 := ltr_compare_l_l_is_Eq : forall l : letter, ltr_compare l l = Eq
[Wed Jun 26 10:13:17 2013] <roosbeef> adding to the assumptions e0 := ltr_compare_l_l_is_Eq : forall l : letter, ltr_compare l l = Eq
[Wed Jun 26 10:13:23 2013] <elliott> "rewrite ltr_compare_l_l_is_Eq"
[Wed Jun 26 10:13:23 2013] <elliott> "rewrite ltr_compare_l_l_is_Eq"
[Wed Jun 26 10:13:34 2013] <elliott> btw, I suggest a more concise name, like ltr_compare_diag :p
[Wed Jun 26 10:13:34 2013] <elliott> btw, I suggest a more concise name, like ltr_compare_diag :p
[Wed Jun 26 10:13:43 2013] <roosbeef> dont even need to pose it?
[Wed Jun 26 10:13:43 2013] <roosbeef> dont even need to pose it?
[Wed Jun 26 10:13:47 2013] <elliott> no
[Wed Jun 26 10:13:47 2013] <elliott> no
[Wed Jun 26 10:13:57 2013] <elliott> don't need to pose things to "apply" them either
[Wed Jun 26 10:13:57 2013] <elliott> don't need to pose things to "apply" them either
[Wed Jun 26 10:14:00 2013] <roosbeef> haha why more concise :p this says exactly what it does
[Wed Jun 26 10:14:00 2013] <roosbeef> haha why more concise :p this says exactly what it does
[Wed Jun 26 10:14:18 2013] <elliott> so does "ltr_compare_diag", and it's less typing, and it's more consistent with names used in the standard library
[Wed Jun 26 10:14:18 2013] <elliott> so does "ltr_compare_diag", and it's less typing, and it's more consistent with names used in the standard library
[Wed Jun 26 10:14:25 2013] <elliott> though the standard library's names aren't really very consistent...
[Wed Jun 26 10:14:25 2013] <elliott> though the standard library's names aren't really very consistent...
[Wed Jun 26 10:14:37 2013] <roosbeef> hm what does diag stand for then?
[Wed Jun 26 10:14:37 2013] <roosbeef> hm what does diag stand for then?
[Wed Jun 26 10:16:03 2013] <elliott> diagonal
[Wed Jun 26 10:16:03 2013] <elliott> diagonal
[Wed Jun 26 10:16:17 2013] <elliott> imagine a table of letters as the rows and columns
[Wed Jun 26 10:16:17 2013] <elliott> imagine a table of letters as the rows and columns
[Wed Jun 26 10:16:25 2013] <elliott> and ltr_compare row col as the squares
[Wed Jun 26 10:16:25 2013] <elliott> and ltr_compare row col as the squares
[Wed Jun 26 10:16:32 2013] <roosbeef> ah
[Wed Jun 26 10:16:32 2013] <roosbeef> ah
[Wed Jun 26 10:16:38 2013] <roosbeef> :p
[Wed Jun 26 10:16:38 2013] <roosbeef> :p
[Wed Jun 26 10:16:40 2013] <elliott> then the two letters are equal on the "diagonal"
[Wed Jun 26 10:16:40 2013] <elliott> then the two letters are equal on the "diagonal"
[Wed Jun 26 10:17:14 2013] <elliott> (you can also phrase Cantor's diagonal argument in a way that maxes use of an (f x x) type expression)
[Wed Jun 26 10:17:14 2013] <elliott> (you can also phrase Cantor's diagonal argument in a way that maxes use of an (f x x) type expression)
[Wed Jun 26 10:21:02 2013] <t7> if anyone could help i have    P : xs = f (f xs)     and i need to solve   G xs = f (f (G xs))
[Wed Jun 26 10:21:02 2013] <t7> if anyone could help i have    P : xs = f (f xs)     and i need to solve   G xs = f (f (G xs))
[Wed Jun 26 10:21:10 2013] <t7> can i do rewrite or something
[Wed Jun 26 10:21:10 2013] <t7> can i do rewrite or something
[Wed Jun 26 10:21:40 2013] <elliott> uh, that depends on the definition of G surely
[Wed Jun 26 10:21:40 2013] <elliott> uh, that depends on the definition of G surely
[Wed Jun 26 10:21:55 2013] <elliott> if you can prove G (f (f xs)) = f (f (G xs)) then you could do it
[Wed Jun 26 10:21:55 2013] <elliott> if you can prove G (f (f xs)) = f (f (G xs)) then you could do it
[Wed Jun 26 10:34:18 2013] <t7> im trying to prove     xs = reverse (reverse xs)
[Wed Jun 26 10:34:18 2013] <t7> im trying to prove     xs = reverse (reverse xs)
[Wed Jun 26 10:34:48 2013] <t7> where    reverse (cons x xs) = append (reverse xs) x
[Wed Jun 26 10:34:48 2013] <t7> where    reverse (cons x xs) = append (reverse xs) x
[Wed Jun 26 10:34:58 2013] <t7> any tips?
[Wed Jun 26 10:34:58 2013] <t7> any tips?
[Wed Jun 26 10:36:42 2013] <elliott> well, by induction nil = reverse (reverse nil) should be trivial, and then cons x xs = reverse (reverse (cons x xs)) should follow by reverse (reverse (cons x xs)) reducing to reverse (append (reverse xs) x) and a lemma like reverse (append xs x) = cons x (reverse xs)
[Wed Jun 26 10:36:42 2013] <elliott> well, by induction nil = reverse (reverse nil) should be trivial, and then cons x xs = reverse (reverse (cons x xs)) should follow by reverse (reverse (cons x xs)) reducing to reverse (append (reverse xs) x) and a lemma like reverse (append xs x) = cons x (reverse xs)
[Wed Jun 26 10:38:45 2013] <roosbeef> elliott, i have a question
[Wed Jun 26 10:38:45 2013] <roosbeef> elliott, i have a question
[Wed Jun 26 10:39:02 2013] <roosbeef> allow me to repost something
[Wed Jun 26 10:39:03 2013] <roosbeef> allow me to repost something
[Wed Jun 26 10:39:18 2013] <roosbeef> <roosbeef> im trying to prove the following
[Wed Jun 26 10:39:18 2013] <roosbeef> <roosbeef> im trying to prove the following
[Wed Jun 26 10:39:19 2013] <roosbeef> <roosbeef> take the string slr, composed of strings s, l, r, respectively, and the string s{l>}r
[Wed Jun 26 10:39:19 2013] <roosbeef> <roosbeef> it holds that slr > s{l>}r, where {l>} is a string such that {l>} < l
[Wed Jun 26 10:39:19 2013] <roosbeef> <roosbeef> take the string slr, composed of strings s, l, r, respectively, and the string s{l>}r
[Wed Jun 26 10:39:19 2013] <roosbeef> <roosbeef> it holds that slr > s{l>}r, where {l>} is a string such that {l>} < l
[Wed Jun 26 10:40:44 2013] <roosbeef> im a bit confused, to begin, should i prove (l :: x) > (l :: y) -> x > y, or x > y -> (l :: x) > (l :: y)
[Wed Jun 26 10:40:44 2013] <roosbeef> im a bit confused, to begin, should i prove (l :: x) > (l :: y) -> x > y, or x > y -> (l :: x) > (l :: y)
[Wed Jun 26 10:41:09 2013] <roosbeef> to remove s from slr > s{l>}r
[Wed Jun 26 10:41:09 2013] <roosbeef> to remove s from slr > s{l>}r
[Wed Jun 26 10:42:09 2013] <roosbeef> (attempting to prove the latter right now)
[Wed Jun 26 10:42:09 2013] <roosbeef> (attempting to prove the latter right now)
[Wed Jun 26 10:43:31 2013] <elliott> probably the latter
[Wed Jun 26 10:43:31 2013] <elliott> probably the latter
[Wed Jun 26 10:43:46 2013] <elliott> since your goal is that (s :: ...) > (s :: ...)
[Wed Jun 26 10:43:46 2013] <elliott> since your goal is that (s :: ...) > (s :: ...)
[Wed Jun 26 10:44:00 2013] <elliott> thus you want a proof which yields that
[Wed Jun 26 10:44:00 2013] <elliott> thus you want a proof which yields that
[Wed Jun 26 10:44:03 2013] <roosbeef> yea
[Wed Jun 26 10:44:03 2013] <roosbeef> yea
[Wed Jun 26 10:44:13 2013] <roosbeef> ok so im on the right track :)
[Wed Jun 26 10:44:13 2013] <roosbeef> ok so im on the right track :)
[Wed Jun 26 10:44:26 2013] <elliott> you should be able to prove x > y <-> (l :: x) > (l :: y) though, and then just "apply [<- | ->] prf" whenever you need either direction
[Wed Jun 26 10:44:26 2013] <elliott> you should be able to prove x > y <-> (l :: x) > (l :: y) though, and then just "apply [<- | ->] prf" whenever you need either direction
[Wed Jun 26 10:44:29 2013] <elliott> but it's more work if you only need one way
[Wed Jun 26 10:44:29 2013] <elliott> but it's more work if you only need one way
[Wed Jun 26 11:01:13 2013] <roosbeef> why do assumptions unfold differently from goals?
[Wed Jun 26 11:01:13 2013] <roosbeef> why do assumptions unfold differently from goals?
[Wed Jun 26 11:02:20 2013] <roosbeef> im unfolding the exact same function: https://privatepaste.com/e004b85bbe
[Wed Jun 26 11:02:20 2013] <roosbeef> im unfolding the exact same function: https://privatepaste.com/e004b85bbe
[Wed Jun 26 11:03:15 2013] <roosbeef> once ive managed to remove the l :: part, it wont match the assumption
[Wed Jun 26 11:03:15 2013] <roosbeef> once ive managed to remove the l :: part, it wont match the assumption
[Wed Jun 26 11:05:02 2013] <elliott> because it has enough of a concrete argument to reduce in the goal
[Wed Jun 26 11:05:02 2013] <elliott> because it has enough of a concrete argument to reduce in the goal
[Wed Jun 26 11:05:05 2013] <elliott> not in the assumption
[Wed Jun 26 11:05:05 2013] <elliott> not in the assumption
[Wed Jun 26 11:05:24 2013] <roosbeef> hm
[Wed Jun 26 11:05:24 2013] <roosbeef> hm
[Wed Jun 26 11:07:01 2013] <roosbeef> why is it not enough of a concrete argument
[Wed Jun 26 11:07:01 2013] <roosbeef> why is it not enough of a concrete argument
[Wed Jun 26 11:07:44 2013] <elliott> because of the {struct fs1}
[Wed Jun 26 11:07:45 2013] <elliott> because of the {struct fs1}
[Wed Jun 26 11:07:52 2013] <elliott> why is fs_compare even defined as a fixpoint?
[Wed Jun 26 11:07:52 2013] <elliott> why is fs_compare even defined as a fixpoint?
[Wed Jun 26 11:07:57 2013] <elliott> it doesn't appear to recurse
[Wed Jun 26 11:07:57 2013] <elliott> it doesn't appear to recurse
[Wed Jun 26 11:08:20 2013] <roosbeef> hm youre right it doesnt
[Wed Jun 26 11:08:20 2013] <roosbeef> hm youre right it doesnt
[Wed Jun 26 11:08:29 2013] <roosbeef> better to use Definition?
[Wed Jun 26 11:08:29 2013] <roosbeef> better to use Definition?
[Wed Jun 26 11:08:35 2013] <elliott> if you make it a plain Definition coq will be more liberal about unfolding its definition
[Wed Jun 26 11:08:35 2013] <elliott> if you make it a plain Definition coq will be more liberal about unfolding its definition
[Wed Jun 26 11:08:47 2013] <elliott> with fixpoints it has to be very careful that it only unfolds when you give it "more structure"
[Wed Jun 26 11:08:48 2013] <elliott> with fixpoints it has to be very careful that it only unfolds when you give it "more structure"
[Wed Jun 26 11:08:50 2013] <elliott> to ensure termination
[Wed Jun 26 11:08:51 2013] <elliott> to ensure termination
[Wed Jun 26 11:09:22 2013] <roosbeef> cool, good tip :)
[Wed Jun 26 11:09:22 2013] <roosbeef> cool, good tip :)
[Wed Jun 26 11:09:38 2013] <roosbeef> let me check if i did more of that
[Wed Jun 26 11:09:38 2013] <roosbeef> let me check if i did more of that
[Wed Jun 26 11:10:03 2013] <elliott> btw, you can say "unfold foo in *"
[Wed Jun 26 11:10:03 2013] <elliott> btw, you can say "unfold foo in *"
[Wed Jun 26 11:10:05 2013] <elliott> to do it in one step
[Wed Jun 26 11:10:05 2013] <elliott> to do it in one step
[Wed Jun 26 11:12:17 2013] <roosbeef> ha nice
[Wed Jun 26 11:12:17 2013] <roosbeef> ha nice
[Wed Jun 26 11:14:45 2013] <roosbeef> cool problem fixed! :D
[Wed Jun 26 11:14:45 2013] <roosbeef> cool problem fixed! :D
[Wed Jun 26 11:15:02 2013] <roosbeef> it no longer adds the fix in assumptions
[Wed Jun 26 11:15:02 2013] <roosbeef> it no longer adds the fix in assumptions
[Wed Jun 26 11:15:09 2013] <roosbeef> thanks elliott!
[Wed Jun 26 11:15:09 2013] <roosbeef> thanks elliott!
[Wed Jun 26 11:18:13 2013] <elliott> :)
[Wed Jun 26 11:18:14 2013] <elliott> :)
[Thu Jun 27 00:15:42 2013] <thm_prover> is this channel logged?
[Thu Jun 27 00:15:42 2013] <thm_prover> is this channel logged?
[Thu Jun 27 00:15:49 2013] <thm_prover> (there is a paste someone made weeks ago I'd like to dig up)
[Thu Jun 27 00:15:49 2013] <thm_prover> (there is a paste someone made weeks ago I'd like to dig up)
[Thu Jun 27 00:15:51 2013] <thm_prover> but don't have the url
[Thu Jun 27 00:15:51 2013] <thm_prover> but don't have the url
[Thu Jun 27 00:18:53 2013] <thm_prover> n/m, found it :-)
[Thu Jun 27 00:18:53 2013] <thm_prover> n/m, found it :-)
[Thu Jun 27 03:23:58 2013] <zorun> http://lists.debian.org/debian-devel/2013/06/msg00720.html
[Thu Jun 27 03:23:58 2013] <zorun> http://lists.debian.org/debian-devel/2013/06/msg00720.html
[Thu Jun 27 03:24:03 2013] <zorun> (coq is in the list)
[Thu Jun 27 03:24:03 2013] <zorun> (coq is in the list)
[Thu Jun 27 03:25:37 2013] <sgnb`> I know, but don't hold your breath: https://lists.debian.org/debian-ocaml-maint/2013/06/msg00189.html
[Thu Jun 27 03:25:37 2013] <sgnb`> I know, but don't hold your breath: https://lists.debian.org/debian-ocaml-maint/2013/06/msg00189.html
[Thu Jun 27 10:35:47 2013] <thm_prover> what does "fix" do as a tactic, in particular "fix 2" ?
[Thu Jun 27 10:35:47 2013] <thm_prover> what does "fix" do as a tactic, in particular "fix 2" ?
[Thu Jun 27 10:37:37 2013] <Eruquen> it constructs a function that recurses on the second parameter of the current goal
[Thu Jun 27 10:37:37 2013] <Eruquen> it constructs a function that recurses on the second parameter of the current goal
[Thu Jun 27 10:38:55 2013] <Eruquen> you generally revert all parameters that could change in the different cases and recurse on the parameter that decreases structurally
[Thu Jun 27 10:38:55 2013] <Eruquen> you generally revert all parameters that could change in the different cases and recurse on the parameter that decreases structurally
[Thu Jun 27 10:39:13 2013] <Eruquen> that's why you can select the position of the parameter.. there might be more than one
[Thu Jun 27 10:39:13 2013] <Eruquen> that's why you can select the position of the parameter.. there might be more than one
[Thu Jun 27 10:44:21 2013] <Eruquen> in essence you claim that you can solve the current goal by recursion on the 2nd parameter
[Thu Jun 27 10:44:21 2013] <Eruquen> in essence you claim that you can solve the current goal by recursion on the 2nd parameter
[Thu Jun 27 10:44:55 2013] <Eruquen> and coq will gladly provide you with such function which you can then use, but only if you feed it structurally smaller terms in the 2nd position every time you use it
[Thu Jun 27 10:44:55 2013] <Eruquen> and coq will gladly provide you with such function which you can then use, but only if you feed it structurally smaller terms in the 2nd position every time you use it
[Thu Jun 27 10:45:43 2013] <Eruquen> thm_prover, would you like to see an example?
[Thu Jun 27 10:45:43 2013] <Eruquen> thm_prover, would you like to see an example?
[Thu Jun 27 10:45:55 2013] <thm_prover> actually, I have an example; let me paste it
[Thu Jun 27 10:45:55 2013] <thm_prover> actually, I have an example; let me paste it
[Thu Jun 27 10:46:00 2013] <thm_prover> sorry, was afk (reading Coq code)
[Thu Jun 27 10:46:00 2013] <thm_prover> sorry, was afk (reading Coq code)
[Thu Jun 27 10:46:03 2013] <thm_prover> [reading your responses now]
[Thu Jun 27 10:46:03 2013] <thm_prover> [reading your responses now]
[Thu Jun 27 10:46:42 2013] <thm_prover> http://hpaste.org/90512 so I'm studing this example here
[Thu Jun 27 10:46:42 2013] <thm_prover> http://hpaste.org/90512 so I'm studing this example here
[Thu Jun 27 10:51:19 2013] <Eruquen> okay, in this case fix 2 will provide you with a function that solves the current goal for all lists that structurally smaller than the given list
[Thu Jun 27 10:51:19 2013] <Eruquen> okay, in this case fix 2 will provide you with a function that solves the current goal for all lists that structurally smaller than the given list
[Thu Jun 27 10:53:12 2013] <Eruquen> if you want to know that your current use of the provided function is valid, you can use "Guarded." and it will tell you if you violated the conditions on the usage of the recursive function
[Thu Jun 27 10:53:12 2013] <Eruquen> if you want to know that your current use of the provided function is valid, you can use "Guarded." and it will tell you if you violated the conditions on the usage of the recursive function
[Thu Jun 27 10:54:19 2013] <Eruquen> i.e. if you were to solve the goal right after fix 2. with exact f. you could try Guarded. to see if thats legal. At Qed., coq will complain if its not valid
[Thu Jun 27 10:54:19 2013] <Eruquen> i.e. if you were to solve the goal right after fix 2. with exact f. you could try Guarded. to see if thats legal. At Qed., coq will complain if its not valid
[Thu Jun 27 10:54:36 2013] <Eruquen> damnit, sentences with so many dots in them are hard to read
[Thu Jun 27 10:54:36 2013] <Eruquen> damnit, sentences with so many dots in them are hard to read
[Thu Jun 27 10:58:29 2013] <Eruquen> http://hpaste.org/90512 this would be the equivalent proof using induction
[Thu Jun 27 10:58:29 2013] <Eruquen> http://hpaste.org/90512 this would be the equivalent proof using induction
[Thu Jun 27 10:59:35 2013] <Eruquen> you can see how I extracted the parameter on which I wanted to do induction and reverted the parameters over which I wanted to generalize
[Thu Jun 27 10:59:35 2013] <Eruquen> you can see how I extracted the parameter on which I wanted to do induction and reverted the parameters over which I wanted to generalize
[Thu Jun 27 11:00:51 2013] <Eruquen> there is only a slight difference in the application of z_nth in line 10. induction will give a function that can only be applied to xs
[Thu Jun 27 11:00:51 2013] <Eruquen> there is only a slight difference in the application of z_nth in line 10. induction will give a function that can only be applied to xs
[Thu Jun 27 11:01:07 2013] <Eruquen> fix, on the other hand, constructs functions that can be applied to all subterms of the original list
[Thu Jun 27 11:01:07 2013] <Eruquen> fix, on the other hand, constructs functions that can be applied to all subterms of the original list
[Thu Jun 27 11:01:37 2013] <Eruquen> I am not sure why one would use fix in this example
[Thu Jun 27 11:01:37 2013] <Eruquen> I am not sure why one would use fix in this example
[Thu Jun 27 11:02:10 2013] <Eruquen> however, there are situations where the proof will be much easier with the fix tactic
[Thu Jun 27 11:02:10 2013] <Eruquen> however, there are situations where the proof will be much easier with the fix tactic
[Thu Jun 27 11:14:32 2013] <Eruquen> http://hpaste.org/90512 here is an example in which I do not see a way to proceed with induction. fix, however, enables us to apply the recursive function even after 2x destruct
[Thu Jun 27 11:14:32 2013] <Eruquen> http://hpaste.org/90512 here is an example in which I do not see a way to proceed with induction. fix, however, enables us to apply the recursive function even after 2x destruct
[Thu Jun 27 11:46:12 2013] <thm_prover> Eruquen: I got disconencted, just wnated to say thanks for the descriptions / code snipplets.
[Thu Jun 27 11:46:12 2013] <thm_prover> Eruquen: I got disconencted, just wnated to say thanks for the descriptions / code snipplets.
[Thu Jun 27 11:46:23 2013] <Eruquen> no problem :)
[Thu Jun 27 11:46:23 2013] <Eruquen> no problem :)
[Thu Jun 27 12:33:15 2013] <thm_prover> Eruquen: I have another dumb question. In http://hpaste.org/90520
[Thu Jun 27 12:33:15 2013] <thm_prover> Eruquen: I have another dumb question. In http://hpaste.org/90520
[Thu Jun 27 12:33:25 2013] <thm_prover> do you know where the "l" comes from? (in the goal state)
[Thu Jun 27 12:33:25 2013] <thm_prover> do you know where the "l" comes from? (in the goal state)
[Thu Jun 27 12:33:31 2013] <thm_prover> in particular, the "match lst as l ... "
[Thu Jun 27 12:33:31 2013] <thm_prover> in particular, the "match lst as l ... "
[Thu Jun 27 12:34:01 2013] <thm_prover> line 36:    match lst as l return (0 <= i < Z.of_nat (length l) -> nat) with
[Thu Jun 27 12:34:01 2013] <thm_prover> line 36:    match lst as l return (0 <= i < Z.of_nat (length l) -> nat) with
[Thu Jun 27 12:34:47 2013] <Eruquen> I'll have a look at it
[Thu Jun 27 12:34:47 2013] <Eruquen> I'll have a look at it
[Thu Jun 27 12:35:25 2013] <thm_prover> actually, it looks to me like a new varaible introduced on the fly
[Thu Jun 27 12:35:25 2013] <thm_prover> actually, it looks to me like a new varaible introduced on the fly
[Thu Jun 27 12:35:26 2013] <Eruquen> have you read about dependent matches
[Thu Jun 27 12:35:26 2013] <Eruquen> have you read about dependent matches
[Thu Jun 27 12:35:39 2013] <Eruquen> ?
[Thu Jun 27 12:35:39 2013] <Eruquen> ?
[Thu Jun 27 12:35:47 2013] <thm_prover> this sounds like something mentioned in Chlipala's CPDT, but went over my head when I tried to read it 3 months ago
[Thu Jun 27 12:35:47 2013] <thm_prover> this sounds like something mentioned in Chlipala's CPDT, but went over my head when I tried to read it 3 months ago
[Thu Jun 27 12:36:02 2013] <thm_prover> so, no, I don't know what they are
[Thu Jun 27 12:36:02 2013] <thm_prover> so, no, I don't know what they are
[Thu Jun 27 12:36:13 2013] <thm_prover> I can't cite their definition, and I don't know what properties / quirks they have.
[Thu Jun 27 12:36:13 2013] <thm_prover> I can't cite their definition, and I don't know what properties / quirks they have.
[Thu Jun 27 12:36:14 2013] <Eruquen> basically, you want to destruct a variable and return different things in every case
[Thu Jun 27 12:36:14 2013] <Eruquen> basically, you want to destruct a variable and return different things in every case
[Thu Jun 27 12:36:32 2013] <thm_prover> how is this different from a match?
[Thu Jun 27 12:36:32 2013] <thm_prover> how is this different from a match?
[Thu Jun 27 12:36:39 2013] <thm_prover> does "different things" mean "different Types" ?
[Thu Jun 27 12:36:39 2013] <thm_prover> does "different things" mean "different Types" ?
[Thu Jun 27 12:36:43 2013] <Eruquen> well, the return type may depend on the variable you match on
[Thu Jun 27 12:36:43 2013] <Eruquen> well, the return type may depend on the variable you match on
[Thu Jun 27 12:36:46 2013] <Eruquen> yup
[Thu Jun 27 12:36:46 2013] <Eruquen> yup
[Thu Jun 27 12:37:13 2013] <thm_prover> "dependent match" := "a match statement where different branches can return different _TYPES_" ?
[Thu Jun 27 12:37:13 2013] <thm_prover> "dependent match" := "a match statement where different branches can return different _TYPES_" ?
[Thu Jun 27 12:37:37 2013] <Eruquen> I am not sure how much more there is to it
[Thu Jun 27 12:37:37 2013] <Eruquen> I am not sure how much more there is to it
[Thu Jun 27 12:37:46 2013] <Eruquen> but you can do at least that
[Thu Jun 27 12:37:46 2013] <Eruquen> but you can do at least that
[Thu Jun 27 12:38:41 2013] <Eruquen> there are two different version afaik
[Thu Jun 27 12:38:41 2013] <Eruquen> there are two different version afaik
[Thu Jun 27 12:39:10 2013] <Eruquen> match x as y return .., and match x in y return ..
[Thu Jun 27 12:39:10 2013] <Eruquen> match x as y return .., and match x in y return ..
[Thu Jun 27 12:39:35 2013] <Eruquen> I will have to look it up so that I don't say any nonsense
[Thu Jun 27 12:39:35 2013] <Eruquen> I will have to look it up so that I don't say any nonsense
[Thu Jun 27 12:40:52 2013] <Eruquen> the second version allows you to use the parameters of the type of x in the return statement
[Thu Jun 27 12:40:52 2013] <Eruquen> the second version allows you to use the parameters of the type of x in the return statement
[Thu Jun 27 12:41:52 2013] <Eruquen> with the first one, the type can only depend on the value of x
[Thu Jun 27 12:41:52 2013] <Eruquen> with the first one, the type can only depend on the value of x
[Thu Jun 27 12:44:16 2013] <thm_prover> Eruquen: are you reading CPDT or the Coq reference manual>
[Thu Jun 27 12:44:16 2013] <thm_prover> Eruquen: are you reading CPDT or the Coq reference manual>
[Thu Jun 27 12:44:17 2013] <thm_prover> ?
[Thu Jun 27 12:44:17 2013] <thm_prover> ?
[Thu Jun 27 12:44:26 2013] <Eruquen> coq reference manual
[Thu Jun 27 12:44:26 2013] <Eruquen> coq reference manual
[Thu Jun 27 12:44:33 2013] <Eruquen> http://coq.inria.fr/V8.1/refman/Reference-Manual018.html
[Thu Jun 27 12:44:33 2013] <Eruquen> http://coq.inria.fr/V8.1/refman/Reference-Manual018.html
[Thu Jun 27 12:45:26 2013] <Eruquen> I might be slightly of in the sense that both versions can actually be used in the same match
[Thu Jun 27 12:45:26 2013] <Eruquen> I might be slightly of in the sense that both versions can actually be used in the same match
[Thu Jun 27 12:45:29 2013] <Eruquen> *off
[Thu Jun 27 12:45:29 2013] <Eruquen> *off
[Thu Jun 27 12:45:43 2013] <Eruquen> 15.3.2 introduces the general syntax with both "as" and "in"
[Thu Jun 27 12:45:43 2013] <Eruquen> 15.3.2 introduces the general syntax with both "as" and "in"
[Thu Jun 27 12:46:43 2013] <Eruquen> the most mind-blowing thing for me was the dependent match equivalent to the rewrite tactic
[Thu Jun 27 12:46:43 2013] <Eruquen> the most mind-blowing thing for me was the dependent match equivalent to the rewrite tactic
[Thu Jun 27 12:46:58 2013] <Eruquen> I will see if I can reconstruct it
[Thu Jun 27 12:46:58 2013] <Eruquen> I will see if I can reconstruct it
[Thu Jun 27 12:53:43 2013] <Eruquen> Definition eq_sym' {X: Type} {x y: X}: x = y -> y = x :=fun (H: x = y) => match H in eq _ z return eq z x with eq_refl => eq_refl end.
[Thu Jun 27 12:53:43 2013] <Eruquen> Definition eq_sym' {X: Type} {x y: X}: x = y -> y = x :=fun (H: x = y) => match H in eq _ z return eq z x with eq_refl => eq_refl end.
[Thu Jun 27 12:54:05 2013] <Eruquen> usually one would use "intros H. rewrite H. reflexivity." to proof this
[Thu Jun 27 12:54:05 2013] <Eruquen> usually one would use "intros H. rewrite H. reflexivity." to proof this
[Thu Jun 27 12:55:31 2013] <thm_prover> yea, intros H gets "H: x = y"
[Thu Jun 27 12:55:31 2013] <thm_prover> yea, intros H gets "H: x = y"
[Thu Jun 27 12:55:38 2013] <thm_prover> rewrite H changes the goal to "y = y"
[Thu Jun 27 12:55:38 2013] <thm_prover> rewrite H changes the goal to "y = y"
[Thu Jun 27 12:55:41 2013] <thm_prover> and reflexivitity solves it.
[Thu Jun 27 12:55:41 2013] <thm_prover> and reflexivitity solves it.
[Thu Jun 27 12:55:44 2013] <Eruquen> yup
[Thu Jun 27 12:55:44 2013] <Eruquen> yup
[Thu Jun 27 12:55:55 2013] <Eruquen> reflexivity is the same as "exact eq_refl"
[Thu Jun 27 12:55:55 2013] <Eruquen> reflexivity is the same as "exact eq_refl"
[Thu Jun 27 12:56:00 2013] <Eruquen> (more or less)
[Thu Jun 27 12:56:00 2013] <Eruquen> (more or less)
[Thu Jun 27 12:57:49 2013] <thm_prover> Eruquen: are you familiar with subset types by any chance?
[Thu Jun 27 12:57:49 2013] <thm_prover> Eruquen: are you familiar with subset types by any chance?
[Thu Jun 27 12:57:51 2013] <thm_prover> I have http://hpaste.org/90521
[Thu Jun 27 12:57:51 2013] <thm_prover> I have http://hpaste.org/90521
[Thu Jun 27 12:57:57 2013] <thm_prover> and I want to do something similar to 'exists (i-1)'
[Thu Jun 27 12:57:57 2013] <thm_prover> and I want to do something similar to 'exists (i-1)'
[Thu Jun 27 12:58:08 2013] <thm_prover> I understand why it doesnt work (I don't have a proof taht it satisfies the subset type)
[Thu Jun 27 12:58:08 2013] <thm_prover> I understand why it doesnt work (I don't have a proof taht it satisfies the subset type)
[Thu Jun 27 12:58:18 2013] <thm_prover> but I'm wondering if there's seomthing similar to "apply exists i-1"
[Thu Jun 27 12:58:18 2013] <thm_prover> but I'm wondering if there's seomthing similar to "apply exists i-1"
[Thu Jun 27 12:58:28 2013] <thm_prover> where it accepts i-1, then generates new goal requiring me to prove that i-1 satisfies the conditions
[Thu Jun 27 12:58:28 2013] <thm_prover> where it accepts i-1, then generates new goal requiring me to prove that i-1 satisfies the conditions
[Thu Jun 27 12:59:36 2013] <Eruquen> there is always "exists (i-1)"
[Thu Jun 27 12:59:36 2013] <Eruquen> there is always "exists (i-1)"
[Thu Jun 27 13:00:41 2013] <thm_prover> i'm a dumbass, not sure why it didn't work last time
[Thu Jun 27 13:00:41 2013] <thm_prover> i'm a dumbass, not sure why it didn't work last time
[Thu Jun 27 13:00:46 2013] <thm_prover> I think I typed "exact (i-1)"\
[Thu Jun 27 13:00:46 2013] <thm_prover> I think I typed "exact (i-1)"\
[Thu Jun 27 13:01:49 2013] <Eruquen> well, I'm off to watch a movie
[Thu Jun 27 13:01:49 2013] <Eruquen> well, I'm off to watch a movie
[Thu Jun 27 13:02:58 2013] <thm_prover> thanks for all your help
[Thu Jun 27 13:02:58 2013] <thm_prover> thanks for all your help
[Thu Jun 27 13:13:22 2013] <thm_prover> In https://gist.github.com/anonymous/1ac368a2dfc0e0788134 -- I have proved all my goals, but I can't execute "Defined." Anyone know what I'm doing wrong?
[Thu Jun 27 13:13:22 2013] <thm_prover> In https://gist.github.com/anonymous/1ac368a2dfc0e0788134 -- I have proved all my goals, but I can't execute "Defined." Anyone know what I'm doing wrong?
[Thu Jun 27 13:13:29 2013] <thm_prover> Eruquen: in case you're still around, please see above
[Thu Jun 27 13:13:29 2013] <thm_prover> Eruquen: in case you're still around, please see above
[Thu Jun 27 13:13:42 2013] <tomprince> What error do you get?
[Thu Jun 27 13:13:42 2013] <tomprince> What error do you get?
[Thu Jun 27 13:14:08 2013] <thm_prover> no error at atll
[Thu Jun 27 13:14:08 2013] <thm_prover> no error at atll
[Thu Jun 27 13:14:12 2013] <thm_prover> which makes it hard to Google
[Thu Jun 27 13:14:12 2013] <thm_prover> which makes it hard to Google
[Thu Jun 27 13:14:26 2013] <tomprince> Probably due to fix. It is dangerous, and you need to be careful what you do after having used it.
[Thu Jun 27 13:14:26 2013] <tomprince> Probably due to fix. It is dangerous, and you need to be careful what you do after having used it.
[Thu Jun 27 13:14:36 2013] <thm_prover> how can I prove this without using fix ?
[Thu Jun 27 13:14:36 2013] <thm_prover> how can I prove this without using fix ?
[Thu Jun 27 13:14:49 2013] <thm_prover> oh, induction lst
[Thu Jun 27 13:14:49 2013] <thm_prover> oh, induction lst
[Thu Jun 27 13:14:50 2013] <thm_prover> let me try that
[Thu Jun 27 13:14:50 2013] <thm_prover> let me try that
[Thu Jun 27 13:15:44 2013] <thm_prover> okay, fixed
[Thu Jun 27 13:15:44 2013] <thm_prover> okay, fixed
[Thu Jun 27 13:15:49 2013] <thm_prover> noted: "don't use fix"
[Thu Jun 27 13:15:49 2013] <thm_prover> noted: "don't use fix"
[Thu Jun 27 13:38:45 2013] <thm_prover> http://hpaste.org/90523
[Thu Jun 27 13:38:45 2013] <thm_prover> http://hpaste.org/90523
[Thu Jun 27 13:39:03 2013] <thm_prover> now, this code isn't exactly waht I wanted to prove
[Thu Jun 27 13:39:03 2013] <thm_prover> now, this code isn't exactly waht I wanted to prove
[Thu Jun 27 13:39:21 2013] <thm_prover> what I really want to prove is to say: if $z is of type rangeT a2 b2, then $z$ is also of type rangeT a1 b1
[Thu Jun 27 13:39:21 2013] <thm_prover> what I really want to prove is to say: if $z is of type rangeT a2 b2, then $z$ is also of type rangeT a1 b1
[Thu Jun 27 13:39:32 2013] <thm_prover> instead, I'm saying: give a rangeT a2 b2, I can construct a rangeT a1 b1
[Thu Jun 27 13:39:32 2013] <thm_prover> instead, I'm saying: give a rangeT a2 b2, I can construct a rangeT a1 b1
[Thu Jun 27 13:39:51 2013] <elliott> things only have one type
[Thu Jun 27 13:39:51 2013] <elliott> things only have one type
[Thu Jun 27 13:40:07 2013] <elliott> perhaps you mean to say that given a rangeT a2 b2, there is a rangeT a1 b1 with the same "z"
[Thu Jun 27 13:40:07 2013] <elliott> perhaps you mean to say that given a rangeT a2 b2, there is a rangeT a1 b1 with the same "z"
[Thu Jun 27 13:41:14 2013] <thm_prover> elliott: so I'm writing a proofs, and at some point, I have (z: rangeT a2 b2) ... but then somewhere else, I need to plug in the z, but it has to be a (rangeT a1 b1)
[Thu Jun 27 13:41:14 2013] <thm_prover> elliott: so I'm writing a proofs, and at some point, I have (z: rangeT a2 b2) ... but then somewhere else, I need to plug in the z, but it has to be a (rangeT a1 b1)
[Thu Jun 27 13:41:26 2013] <thm_prover> yeah, there's a ranteT a1 b1 with the same 'z"
[Thu Jun 27 13:41:26 2013] <thm_prover> yeah, there's a ranteT a1 b1 with the same 'z"
[Thu Jun 27 13:41:28 2013] <thm_prover> how do I say that?
[Thu Jun 27 13:41:28 2013] <thm_prover> how do I say that?
[Thu Jun 27 13:42:06 2013] <elliott> proj1_sig (lem_000 p q r) = proj1_sig r or such
[Thu Jun 27 13:42:06 2013] <elliott> proj1_sig (lem_000 p q r) = proj1_sig r or such
[Thu Jun 27 13:42:10 2013] <thm_prover> proj1 z1 = proj1 ... ah
[Thu Jun 27 13:42:10 2013] <thm_prover> proj1 z1 = proj1 ... ah
[Thu Jun 27 13:49:27 2013] <thm_prover> elliott: https://gist.github.com/anonymous/5878677
[Thu Jun 27 13:49:27 2013] <thm_prover> elliott: https://gist.github.com/anonymous/5878677
[Thu Jun 27 13:49:34 2013] <thm_prover> should I force my way through this, or am I being a dumbass
[Thu Jun 27 13:49:34 2013] <thm_prover> should I force my way through this, or am I being a dumbass
[Thu Jun 27 13:54:40 2013] <elliott> heh, yikes
[Thu Jun 27 13:54:40 2013] <elliott> heh, yikes
[Thu Jun 27 13:54:54 2013] <elliott> try destructing z first
[Thu Jun 27 13:54:54 2013] <elliott> try destructing z first
[Thu Jun 27 13:54:57 2013] <elliott> then simpl instead of any unfolding
[Thu Jun 27 13:54:57 2013] <elliott> then simpl instead of any unfolding
[Thu Jun 27 13:55:05 2013] <elliott> should get the proof terms out of the way
[Thu Jun 27 13:55:05 2013] <elliott> should get the proof terms out of the way
[Thu Jun 27 13:55:17 2013] <rmk0> yow!
[Thu Jun 27 13:55:17 2013] <rmk0> yow!
[Thu Jun 27 13:57:15 2013] <thm_prover> was disconnected
[Thu Jun 27 13:57:15 2013] <thm_prover> was disconnected
[Fri Jun 28 12:43:14 2013] <thm_prover> does it ever make sense to have a Coq Inductive with only one constructor?
[Fri Jun 28 12:43:14 2013] <thm_prover> does it ever make sense to have a Coq Inductive with only one constructor?
[Fri Jun 28 12:43:28 2013] <thm_prover> Inductive Foo := makeFoo ... ?
[Fri Jun 28 12:43:28 2013] <thm_prover> Inductive Foo := makeFoo ... ?
[Fri Jun 28 12:45:29 2013] <elliott> well, unit is defined that way :P
[Fri Jun 28 12:45:29 2013] <elliott> well, unit is defined that way :P
[Fri Jun 28 12:46:56 2013] <thm_prover> hmm :-)
[Fri Jun 28 12:46:56 2013] <thm_prover> hmm :-)
[Fri Jun 28 12:47:05 2013] <thm_prover> elliott: are you familiar with subset types?
[Fri Jun 28 12:47:05 2013] <thm_prover> elliott: are you familiar with subset types?
[Fri Jun 28 12:47:14 2013] <thm_prover> I'm looking at chatper 6 of CPDT
[Fri Jun 28 12:47:14 2013] <thm_prover> I'm looking at chatper 6 of CPDT
[Fri Jun 28 12:47:22 2013] <thm_prover> and I'm completely confused on how I'm supposed to be using them
[Fri Jun 28 12:47:22 2013] <thm_prover> and I'm completely confused on how I'm supposed to be using them
[Fri Jun 28 12:47:35 2013] <elliott> as in regular old sig {x:A | ...} things?
[Fri Jun 28 12:47:35 2013] <elliott> as in regular old sig {x:A | ...} things?
[Fri Jun 28 12:47:36 2013] <thm_prover> (the above question comes from trying to define "validIndex" with respect ato a list)
[Fri Jun 28 12:47:36 2013] <thm_prover> (the above question comes from trying to define "validIndex" with respect ato a list)
[Fri Jun 28 12:47:46 2013] <thm_prover> elliott: as in how to use them in practice,
[Fri Jun 28 12:47:46 2013] <thm_prover> elliott: as in how to use them in practice,
[Fri Jun 28 12:48:02 2013] <elliott> well, you can think of it just like a fancy tuple
[Fri Jun 28 12:48:02 2013] <elliott> well, you can think of it just like a fancy tuple
[Fri Jun 28 12:48:06 2013] <elliott> where one element is a proof relating to the other
[Fri Jun 28 12:48:06 2013] <elliott> where one element is a proof relating to the other
[Fri Jun 28 12:48:46 2013] <thm_prover> so it's like a (i: Z) * (H: 0 <= i < Zlength (lst)) ?
[Fri Jun 28 12:48:46 2013] <thm_prover> so it's like a (i: Z) * (H: 0 <= i < Zlength (lst)) ?
[Fri Jun 28 12:49:25 2013] <elliott> right
[Fri Jun 28 12:49:25 2013] <elliott> right
[Fri Jun 28 12:49:35 2013] <elliott> just one half has to be in Prop
[Fri Jun 28 12:49:35 2013] <elliott> just one half has to be in Prop
[Fri Jun 28 12:50:07 2013] <elliott> (there's sigT, {x:A & ...} for when you want a dependent tuple with all non-Prop elements)
[Fri Jun 28 12:50:07 2013] <elliott> (there's sigT, {x:A & ...} for when you want a dependent tuple with all non-Prop elements)
[Fri Jun 28 15:12:08 2013] <wmeyer> hi
[Fri Jun 28 15:12:08 2013] <wmeyer> hi
[Fri Jun 28 18:19:28 2013] <thm_prover> http://hpaste.org/90588 <-- why does this not ocmpile in Coq?
[Fri Jun 28 18:19:28 2013] <thm_prover> http://hpaste.org/90588 <-- why does this not ocmpile in Coq?
[Fri Jun 28 18:26:57 2013] <thm_prover> resolved it
[Fri Jun 28 18:26:57 2013] <thm_prover> resolved it
[Fri Jun 28 18:27:00 2013] <jgross_> Is it possible to prove that the CiC, with the universe hierarchy is cut off at some finite level, is consistent, and is it possible to formalize this proof inside of Coq? 
[Fri Jun 28 18:27:00 2013] <jgross_> Is it possible to prove that the CiC, with the universe hierarchy is cut off at some finite level, is consistent, and is it possible to formalize this proof inside of Coq?
[Fri Jun 28 19:44:48 2013] <thm_prover> how is Z / positive defined in Coq, and why is it so com[licated?
[Fri Jun 28 19:44:48 2013] <thm_prover> how is Z / positive defined in Coq, and why is it so com[licated?
[Fri Jun 28 19:45:19 2013] <thm_prover> this is what "Print positive" looks like:
[Fri Jun 28 19:45:19 2013] <thm_prover> this is what "Print positive" looks like:
[Fri Jun 28 19:45:19 2013] <thm_prover> Warning: query commands should not be inserted in scripts Inductive positive : Set :=     xI : positive -> positive | xO : positive -> positive | xH : positive  For xI: Argument scope is [positive_scope] For xO: Argument scope is [positive_scope]
[Fri Jun 28 19:45:19 2013] <thm_prover> Warning: query commands should not be inserted in scripts Inductive positive : Set :=     xI : positive -> positive | xO : positive -> positive | xH : positive  For xI: Argument scope is [positive_scope] For xO: Argument scope is [positive_scope]
[Fri Jun 28 19:45:27 2013] <thm_prover> why do we have xI, xO, and xH ?
[Fri Jun 28 19:45:27 2013] <thm_prover> why do we have xI, xO, and xH ?
[Fri Jun 28 19:45:37 2013] <thm_prover> why not just n > 0 ?
[Fri Jun 28 19:45:37 2013] <thm_prover> why not just n > 0 ?
[Fri Jun 28 20:00:58 2013] <thm_prover> what does the ~ mean in https://gist.github.com/anonymous/54a5b056a5411372012e ?
[Fri Jun 28 20:00:58 2013] <thm_prover> what does the ~ mean in https://gist.github.com/anonymous/54a5b056a5411372012e ?
[Fri Jun 28 20:22:43 2013] <thm_prover> xH
[Fri Jun 28 20:22:43 2013] <thm_prover> xH
[Fri Jun 28 20:22:45 2013] <thm_prover> and xO apparently
[Fri Jun 28 20:22:45 2013] <thm_prover> and xO apparently
[Fri Jun 28 20:22:47 2013] <thm_prover> figured it out :-)
[Fri Jun 28 20:22:47 2013] <thm_prover> figured it out :-)
[Fri Jun 28 23:15:48 2013] <thm_prover> is the "extract" function written in OCaml or Gallina ?
[Fri Jun 28 23:15:48 2013] <thm_prover> is the "extract" function written in OCaml or Gallina ?
[Fri Jun 28 23:15:54 2013] <thm_prover> I'd like to add a new backend for Coq extract.
[Fri Jun 28 23:15:54 2013] <thm_prover> I'd like to add a new backend for Coq extract.
[Sat Jun 29 13:43:25 2013] <wmeyer> hi
[Sat Jun 29 13:43:25 2013] <wmeyer> hi
[Sat Jun 29 15:43:22 2013] <tswett> Y'know, what would be useful for my silly category theory stuff is the ability to import a single library more than once.
[Sat Jun 29 15:43:22 2013] <tswett> Y'know, what would be useful for my silly category theory stuff is the ability to import a single library more than once.
[Sat Jun 29 15:44:06 2013] <tswett> If I wanted to talk about the category of categories, I could import the library that defines categories twice, and talk about the category-from-one-library of categories-from-the-other-library.
[Sat Jun 29 15:44:06 2013] <tswett> If I wanted to talk about the category of categories, I could import the library that defines categories twice, and talk about the category-from-one-library of categories-from-the-other-library.
[Sat Jun 29 17:07:28 2013] <greenrd> maybe you need universe polymorphism for that?
[Sat Jun 29 17:07:28 2013] <greenrd> maybe you need universe polymorphism for that?
[Sat Jun 29 17:58:24 2013] <ezyang> Hey guys, I'm trying to understand what happens internally when you run 'destruct x' where x is present in other hypothesis
[Sat Jun 29 17:58:24 2013] <ezyang> Hey guys, I'm trying to understand what happens internally when you run 'destruct x' where x is present in other hypothesis
[Sat Jun 29 17:59:06 2013] <ezyang> how does Coq arranging for everything to get refined in the proof terms?
[Sat Jun 29 17:59:06 2013] <ezyang> how does Coq arranging for everything to get refined in the proof terms?
[Sat Jun 29 18:19:09 2013] <jgross_> tswett: (1) What category theory stuff are you working on?  I'm mainly asking because I have my own category theory library that I'm working on at https://bitbucket.org/JasonGross/catdb.
[Sat Jun 29 18:19:09 2013] <jgross_> tswett: (2) You can try using records and sticking the type of objects in the arguments to the record to get partial universe polymorphism in coq 8.4; or, you can try using HoTT/coq (available on github) to get much better universe polymorphism. 
[Sat Jun 29 18:19:09 2013] <jgross_> tswett: (1) What category theory stuff are you working on?  I'm mainly asking because I have my own category theory library that I'm working on at https://bitbucket.org/JasonGross/catdb.
[Sat Jun 29 18:19:09 2013] <jgross_> tswett: (2) You can try using records and sticking the type of objects in the arguments to the record to get partial universe polymorphism in coq 8.4; or, you can try using HoTT/coq (available on github) to get much better universe polymorphism.
[Sat Jun 29 18:20:25 2013] <jgross_> ezyang: Are you asking (1) how is destruct implemented in ocaml, and how could I fake it for a particular inductive type using only, e.g., refine? or (2) what does the resulting proof term look like so that things are well typed?  (or something else?) 
[Sat Jun 29 18:20:25 2013] <jgross_> ezyang: Are you asking (1) how is destruct implemented in ocaml, and how could I fake it for a particular inductive type using only, e.g., refine? or (2) what does the resulting proof term look like so that things are well typed?  (or something else?)
[Sat Jun 29 18:25:02 2013] <ezyang> (2) I think
[Sat Jun 29 18:25:02 2013] <ezyang> (2) I think
[Sat Jun 29 18:56:20 2013] <jgross_> ezyang: You can [Print] and [Show Proof] to see what it does.  The basic idea is that it reverts all of the relevant hypotheses before destructing, and then introduces them all again afterwards.  So if you are destructing [H : x = y] and you have a hypothesis [z : P y], then the resulting proof term will be something like [match H in _ = y' return P y' -> <new type of goal involving y'> with eq_refl => (fun z : P x => _) end z]. 
[Sat Jun 29 18:56:20 2013] <jgross_> ezyang: You can [Print] and [Show Proof] to see what it does.  The basic idea is that it reverts all of the relevant hypotheses before destructing, and then introduces them all again afterwards.  So if you are destructing [H : x = y] and you have a hypothesis [z : P y], then the resulting proof term will be something like [match H in _ = y' return P y' -> <new type of goal involving y'> with eq_refl => (fun z : P x => _) end z].
[Sat Jun 29 18:57:49 2013] <ezyang> eugh
[Sat Jun 29 18:57:49 2013] <ezyang> eugh
[Sat Jun 29 18:58:21 2013] <jgross_> actually, I'm not sure that it needs to do that kind of fancy stuff for simple things; the kernel logic might be advanced enough to just make all of the hypotheses look different inside of the match.  But that's the most general form, and that's what it does when your types are sufficiently dependent. 
[Sat Jun 29 18:58:21 2013] <jgross_> actually, I'm not sure that it needs to do that kind of fancy stuff for simple things; the kernel logic might be advanced enough to just make all of the hypotheses look different inside of the match.  But that's the most general form, and that's what it does when your types are sufficiently dependent.
[Sat Jun 29 19:04:02 2013] <jgross_> ezyang:
[Sat Jun 29 19:04:02 2013] <jgross_> Goal forall T (x y : T) (P : T -> Type) (H : x = y) (z : P y), True.
[Sat Jun 29 19:04:02 2013] <jgross_> intros.
[Sat Jun 29 19:04:03 2013] <jgross_> ezyang:
[Sat Jun 29 19:04:02 2013] <jgross_> destruct H.
[Sat Jun 29 19:04:02 2013] <jgross_> Show Proof.
[Sat Jun 29 19:04:02 2013] <jgross_> (* (fun (T : Type) (x y : T) (P : T -> Type) (H : x = y) (z : P y) =>
[Sat Jun 29 19:04:03 2013] <jgross_> Goal forall T (x y : T) (P : T -> Type) (H : x = y) (z : P y), True.
[Sat Jun 29 19:04:02 2013] <jgross_>  match H in (_ = y0) return (P y0 -> True) with
[Sat Jun 29 19:04:02 2013] <jgross_>  | eq_refl => fun z0 : P x => ?504
[Sat Jun 29 19:04:03 2013] <jgross_> intros.
[Sat Jun 29 19:04:03 2013] <jgross_> destruct H.
[Sat Jun 29 19:04:02 2013] <jgross_>  end z) *) 
[Sat Jun 29 19:04:03 2013] <jgross_> Show Proof.
[Sat Jun 29 19:04:03 2013] <jgross_> (* (fun (T : Type) (x y : T) (P : T -> Type) (H : x = y) (z : P y) =>
[Sat Jun 29 19:04:03 2013] <jgross_>  match H in (_ = y0) return (P y0 -> True) with
[Sat Jun 29 19:04:04 2013] <jgross_>  | eq_refl => fun z0 : P x => ?504
[Sat Jun 29 19:04:04 2013] <jgross_>  end z) *)
[Sat Jun 29 19:24:20 2013] <ezyang> OK, let's see, maybe I can get more concrete here.
[Sat Jun 29 19:24:20 2013] <ezyang> OK, let's see, maybe I can get more concrete here.
[Sat Jun 29 19:24:38 2013] <ezyang> Essentially, I have a simple example which I think shouldn't need this encoding tick
[Sat Jun 29 19:24:38 2013] <ezyang> Essentially, I have a simple example which I think shouldn't need this encoding tick
[Sat Jun 29 19:25:31 2013] <ezyang> Ugh, this is a little complicated because I'm using the HoTT base library/Coq version
[Sat Jun 29 19:25:31 2013] <ezyang> Ugh, this is a little complicated because I'm using the HoTT base library/Coq version
[Sat Jun 29 19:27:00 2013] <ezyang> Do you have a copy of one of those handy? :)
[Sat Jun 29 19:27:00 2013] <ezyang> Do you have a copy of one of those handy? :)
[Sat Jun 29 19:32:25 2013] <ezyang> OK, here is the translated example for normal Coq http://pastebin.com/u3udaTDu
[Sat Jun 29 19:32:25 2013] <ezyang> OK, here is the translated example for normal Coq http://pastebin.com/u3udaTDu
[Sat Jun 29 19:32:41 2013] <ezyang> What I would like to do is run this proof, /without/ calling the 'destruct' tactic
[Sat Jun 29 19:32:41 2013] <ezyang> What I would like to do is run this proof, /without/ calling the 'destruct' tactic
[Sat Jun 29 19:33:08 2013] <ezyang> and in a way that results in a cleaner proof term than what htis spits out
[Sat Jun 29 19:33:08 2013] <ezyang> and in a way that results in a cleaner proof term than what htis spits out
[Sat Jun 29 20:02:20 2013] <tswett> jgross_: well, so far, all I've done is defined categories and functors, and then proved that functors behave like arrows in a category.
[Sat Jun 29 20:02:20 2013] <tswett> jgross_: well, so far, all I've done is defined categories and functors, and then proved that functors behave like arrows in a category.
[Sat Jun 29 20:02:40 2013] <tswett> And I don't know where I want to go after that.
[Sat Jun 29 20:02:40 2013] <tswett> And I don't know where I want to go after that.
[Sat Jun 29 20:02:41 2013] <jgross_> ezyang: Sorry, I disappeared for a bit; I'm working on speeding up my category theory library; it used to be ~10x slower with HoTT/coq than with Coq 8.4, now it's only ~2x slower.  Anyway, here's a "cleaner" version of your proof: http://pastebin.com/czcTpVH8.  I put quotes arount "cleaner" because my version is identical with yours, up to eta reduction, as you can see in the [Eval cbv ...] lines. 
[Sat Jun 29 20:02:41 2013] <jgross_> ezyang: Sorry, I disappeared for a bit; I'm working on speeding up my category theory library; it used to be ~10x slower with HoTT/coq than with Coq 8.4, now it's only ~2x slower.  Anyway, here's a "cleaner" version of your proof: http://pastebin.com/czcTpVH8.  I put quotes arount "cleaner" because my version is identical with yours, up to eta reduction, as you can see in the [Eval cbv ...] lines.
[Sat Jun 29 20:04:57 2013] <ezyang> ah yes, when you eval it out, the lambda factors in, which helps a bit
[Sat Jun 29 20:04:57 2013] <ezyang> ah yes, when you eval it out, the lambda factors in, which helps a bit
[Sat Jun 29 20:05:29 2013] <ezyang> * notes that in the future, he can give jgross HoTT/coq code :) 
[Sat Jun 29 20:05:29 2013] <ezyang> * notes that in the future, he can give jgross HoTT/coq code :) 
[Sat Jun 29 20:06:21 2013] <tswett> jgross_: so if I use HoTT/coq, will my definitions magically become universe-polymorphic?
[Sat Jun 29 20:06:21 2013] <tswett> jgross_: so if I use HoTT/coq, will my definitions magically become universe-polymorphic?
[Sat Jun 29 20:07:49 2013] <jgross_> ezyang: Also, the only two differences (AFAIK) between coq trunk and HoTT/coq (other than that HoTT/coq doesn't get rebased against trunk very often, so is somewhat behind it) is that HoTT/coq has typical ambiguity/full universe polymorphism, and HoTT/coq has the private types extension, which lets you fake higher inductive types in an (IMO) ugly way, by simply disallowing the match construct on the HIT after you define the eliminator you want
[Sat Jun 29 20:07:49 2013] <jgross_> to use.  (I think a much prettier way would be to extend the match construct so that it requires you to send paths to paths, if such a thing can be done.) 
[Sat Jun 29 20:07:49 2013] <jgross_> ezyang: Also, the only two differences (AFAIK) between coq trunk and HoTT/coq (other than that HoTT/coq doesn't get rebased against trunk very often, so is somewhat behind it) is that HoTT/coq has typical ambiguity/full universe polymorphism, and HoTT/coq has the private types extension, which lets you fake higher inductive types in an (IMO) ugly way, by simply disallowing the match construct on the HIT after you define the eliminator you want
[Sat Jun 29 20:07:50 2013] <jgross_> to use.  (I think a much prettier way would be to extend the match construct so that it requires you to send paths to paths, if such a thing can be done.)
[Sat Jun 29 20:09:11 2013] <ezyang> jgross: Well, in this case, the standard library differences are the big thing
[Sat Jun 29 20:09:11 2013] <ezyang> jgross: Well, in this case, the standard library differences are the big thing
[Sat Jun 29 20:09:18 2013] <ezyang> e.g. "Bool" or "bool"
[Sat Jun 29 20:09:18 2013] <ezyang> e.g. "Bool" or "bool"
[Sat Jun 29 20:09:32 2013] <jgross_> tswett: There is a [Polymorphic] flag (and [Monomorphic]) so that you can do [Polymorphic Definition ...] and [Polymorphic Record], etc. There is also [Set Universe Polymorphism.] and [Unset Universe Polymorphism.], which are like global [Polymorphic]/[Monomorphic] flags. 
[Sat Jun 29 20:09:32 2013] <jgross_> tswett: There is a [Polymorphic] flag (and [Monomorphic]) so that you can do [Polymorphic Definition ...] and [Polymorphic Record], etc. There is also [Set Universe Polymorphism.] and [Unset Universe Polymorphism.], which are like global [Polymorphic]/[Monomorphic] flags.
[Sat Jun 29 20:09:43 2013] <tswett> jgross_: *nod* Sounds pretty awesome.
[Sat Jun 29 20:09:43 2013] <tswett> jgross_: *nod* Sounds pretty awesome.
[Sat Jun 29 20:09:59 2013] <jgross_> ezyang: Oh, you mean you're building on top of HoTT/HoTT, rather than just using HoTT/coq? 
[Sat Jun 29 20:09:59 2013] <jgross_> ezyang: Oh, you mean you're building on top of HoTT/HoTT, rather than just using HoTT/coq?
[Sat Jun 29 20:10:17 2013] <ezyang> I'm working on mechanizing the HoTT/book exercises
[Sat Jun 29 20:10:17 2013] <ezyang> I'm working on mechanizing the HoTT/book exercises
[Sat Jun 29 20:10:24 2013] <ezyang> mostly for fun
[Sat Jun 29 20:10:24 2013] <ezyang> mostly for fun
[Sat Jun 29 20:10:28 2013] <tswett> jgross_: do you know if an OS X version of this is already available?
[Sat Jun 29 20:10:28 2013] <tswett> jgross_: do you know if an OS X version of this is already available?
[Sat Jun 29 20:10:40 2013] <ezyang> we should get someone to PPA HoTT/coq
[Sat Jun 29 20:10:40 2013] <ezyang> we should get someone to PPA HoTT/coq
[Sat Jun 29 20:10:48 2013] <jgross_> tswett: Yes, it is pretty sweet.  Except for when it makes your code 10x slower. 
[Sat Jun 29 20:10:48 2013] <jgross_> tswett: Yes, it is pretty sweet.  Except for when it makes your code 10x slower.
[Sat Jun 29 20:10:55 2013] <ezyang> or make übercoq which is mtac+hott
[Sat Jun 29 20:10:55 2013] <ezyang> or make übercoq which is mtac+hott
[Sat Jun 29 20:12:18 2013] <jgross_> HoTT/coq is still very much developmental; see the 5-10 issues I still have open on the github, ranging from things like "Variables A B : Category" should be the same as "Variable A : Category. Variable B : Category." to more complicated problems.  But you should be able to compile it yourself for OS X, if you have OCaml. 
[Sat Jun 29 20:12:18 2013] <jgross_> HoTT/coq is still very much developmental; see the 5-10 issues I still have open on the github, ranging from things like "Variables A B : Category" should be the same as "Variable A : Category. Variable B : Category." to more complicated problems.  But you should be able to compile it yourself for OS X, if you have OCaml.
[Sat Jun 29 20:15:38 2013] <tswett> Compilation is proceeding smoothly so far.
[Sat Jun 29 20:15:38 2013] <tswett> Compilation is proceeding smoothly so far.
[Sat Jun 29 20:16:19 2013] <ezyang> Hmm. It seems to me that it's a lot nicer dealing with dependent types in the tactic language than in the term language
[Sat Jun 29 20:16:19 2013] <ezyang> Hmm. It seems to me that it's a lot nicer dealing with dependent types in the tactic language than in the term language
[Sat Jun 29 20:16:32 2013] <ezyang> except that Coq has been adding heaps of heuristics on how to add in all of the annotations
[Sat Jun 29 20:16:32 2013] <ezyang> except that Coq has been adding heaps of heuristics on how to add in all of the annotations
[Sat Jun 29 20:17:12 2013] <jgross_> ezyang: I haven't tried mtac, but it looks promising.  Have you tried it?  (I think I want coq which is ssreflect+mtac+HoTT+higher inductive types via match+keywords for hSet and hProp and built-in match support for axiom K when you're matching on an hProp (a la http://coq.inria.fr/files/adt-2fev10-corbineau.pdf or similar).	Oh, and also a computational version of univalence and some type of proof erasure support for hProps.  But Bob Harper
[Sat Jun 29 20:17:12 2013] <jgross_> tells me that erasing all hProps is like assuming that everything is strict, which it's not necessarily, so I'm still trying to figure out how to make the last one work .) 
[Sat Jun 29 20:17:12 2013] <jgross_> ezyang: I haven't tried mtac, but it looks promising.  Have you tried it?  (I think I want coq which is ssreflect+mtac+HoTT+higher inductive types via match+keywords for hSet and hProp and built-in match support for axiom K when you're matching on an hProp (a la http://coq.inria.fr/files/adt-2fev10-corbineau.pdf or similar).	Oh, and also a computational version of univalence and some type of proof erasure support for hProps.  But Bob Harper
[Sat Jun 29 20:17:12 2013] <jgross_> tells me that erasing all hProps is like assuming that everything is strict, which it's not necessarily, so I'm still trying to figure out how to make the last one work .)
[Sat Jun 29 20:17:39 2013] <ezyang> hahaha
[Sat Jun 29 20:17:39 2013] <ezyang> hahaha
[Sat Jun 29 20:18:24 2013] <ezyang> That's like saying, "I'd like a Coq with a good chrome finish. And a fusion reactor."
[Sat Jun 29 20:18:24 2013] <ezyang> That's like saying, "I'd like a Coq with a good chrome finish. And a fusion reactor."
[Sat Jun 29 20:18:39 2013] <ezyang> Are people making progress on computational univalence?
[Sat Jun 29 20:18:39 2013] <ezyang> Are people making progress on computational univalence?
[Sat Jun 29 20:19:27 2013] <ezyang> I wonder if erasure is related to truncation
[Sat Jun 29 20:19:27 2013] <ezyang> I wonder if erasure is related to truncation
[Sat Jun 29 20:22:28 2013] <ezyang> LOL this quote "With a (non-Adamized) Coq tactic proof I can at least step through it and see what each piece does."
[Sat Jun 29 20:22:28 2013] <ezyang> LOL this quote "With a (non-Adamized) Coq tactic proof I can at least step through it and see what each piece does."
[Sat Jun 29 20:24:52 2013] <tswett> "Adamized"?
[Sat Jun 29 20:24:52 2013] <tswett> "Adamized"?
[Sat Jun 29 20:25:16 2013] <ezyang> The Adam Chlipala style of theorem proving
[Sat Jun 29 20:25:16 2013] <ezyang> The Adam Chlipala style of theorem proving
[Sat Jun 29 20:27:27 2013] <jgross_> ezyang: tactic support for dependent types is much, much nicer than term support.  Except when you're like "destruct foo." and Coq is like "Error: <incomprehensible error message>".  Because then, if you know enough to do it yourself with match, the error messages you get won't be incomprehensible.  ;-)  But, yeah, there's been at least one time where I got so fed up with dependent matches that I write the matcher in Ltac and then wrote Ltac to
[Sat Jun 29 20:27:27 2013] <jgross_> turn the Ltac into gallina.  (This is in https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/LtacReifiedSimplification.v?at=default.  The method is ReifiedMorphismSimplifyWithProof.  The Ltac match is do_simplification.  I know the Ltac to turn Ltac into gallina is horrible, but, trust me, the gallina match is worse.) 
[Sat Jun 29 20:27:27 2013] <jgross_> ezyang: tactic support for dependent types is much, much nicer than term support.  Except when you're like "destruct foo." and Coq is like "Error: <incomprehensible error message>".  Because then, if you know enough to do it yourself with match, the error messages you get won't be incomprehensible.  ;-)  But, yeah, there's been at least one time where I got so fed up with dependent matches that I write the matcher in Ltac and then wrote Ltac to
[Sat Jun 29 20:27:28 2013] <jgross_> turn the Ltac into gallina.  (This is in https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/LtacReifiedSimplification.v?at=default.  The method is ReifiedMorphismSimplifyWithProof.  The Ltac match is do_simplification.  I know the Ltac to turn Ltac into gallina is horrible, but, trust me, the gallina match is worse.)
[Sat Jun 29 20:29:02 2013] <jgross_> ezyang: googling "univalence for free" gives a result which suggests (IIUC) some progress on computational univalence. 
[Sat Jun 29 20:29:02 2013] <jgross_> ezyang: googling "univalence for free" gives a result which suggests (IIUC) some progress on computational univalence.
[Sat Jun 29 20:29:52 2013] <jgross_> ezyang: "I wonder if erasure is related to truncation"	<- What do you mean?  
[Sat Jun 29 20:29:52 2013] <jgross_> ezyang: "I wonder if erasure is related to truncation"	<- What do you mean?
[Sat Jun 29 20:54:07 2013] <tswett> Compilation is still proceeding smoothly.
[Sat Jun 29 20:54:07 2013] <tswett> Compilation is still proceeding smoothly.
[Sat Jun 29 20:54:22 2013] <tswett> I guess I kind of expected it to be faster than this.
[Sat Jun 29 20:54:22 2013] <tswett> I guess I kind of expected it to be faster than this.
[Sat Jun 29 20:55:04 2013] <tswett> I guess right now it's literally proving hundreds or thousands of the most important theorems in mathematics.
[Sat Jun 29 20:55:04 2013] <tswett> I guess right now it's literally proving hundreds or thousands of the most important theorems in mathematics.
[Sat Jun 29 21:22:13 2013] <tswett> Woo, finally installed. Now I can run it by running this short command:
[Sat Jun 29 21:22:13 2013] <tswett> Woo, finally installed. Now I can run it by running this short command:
[Sat Jun 29 21:22:20 2013] <tswett> /Users/tswett/Documents/Hobbies/Programming/OCaml/coq/bin/coqtop -coqlib /Users/tswett/Documents/Hobbies/Programming/OCaml/coq
[Sat Jun 29 21:22:20 2013] <tswett> /Users/tswett/Documents/Hobbies/Programming/OCaml/coq/bin/coqtop -coqlib /Users/tswett/Documents/Hobbies/Programming/OCaml/coq
[Sat Jun 29 21:22:26 2013] <tswett> Or by using the alias I just defined.
[Sat Jun 29 21:22:26 2013] <tswett> Or by using the alias I just defined.
[Sat Jun 29 21:26:23 2013] <dario> hobbies is _under_ documents? :P
[Sat Jun 29 21:26:23 2013] <dario> hobbies is _under_ documents? :P
[Sat Jun 29 21:27:49 2013] <tswett> Not all documents are hobbies, but all hobbies are documents... I guess.
[Sat Jun 29 21:27:49 2013] <tswett> Not all documents are hobbies, but all hobbies are documents... I guess.
[Sat Jun 29 21:28:18 2013] <tswett> Apparently I have an extremely boring life.
[Sat Jun 29 21:28:18 2013] <tswett> Apparently I have an extremely boring life.
[Sun Jun 30 00:16:22 2013] <tswett> How do you prove the cut rule for linear logic, which has ten connectives, given that the cut rule has three parameters?
[Sun Jun 30 00:16:22 2013] <tswett> How do you prove the cut rule for linear logic, which has ten connectives, given that the cut rule has three parameters?
[Sun Jun 30 00:16:28 2013] <tswett> Easy. Do induction on all three parameters. http://pastie.org/8096007
[Sun Jun 30 00:16:28 2013] <tswett> Easy. Do induction on all three parameters. http://pastie.org/8096007
[Sun Jun 30 00:16:47 2013] <tswett> "1000 subgoals"
[Sun Jun 30 00:16:47 2013] <tswett> "1000 subgoals"
[Sun Jun 30 00:43:25 2013] <greenrd> you guys all know that there is a ##hott channel right?
[Sun Jun 30 00:43:25 2013] <greenrd> you guys all know that there is a ##hott channel right?
[Sun Jun 30 00:44:11 2013] <tswett> I don't actually know what HoTT is.
[Sun Jun 30 00:44:11 2013] <tswett> I don't actually know what HoTT is.
[Sun Jun 30 00:48:40 2013] <greenrd> homotopy type theory
[Sun Jun 30 00:48:40 2013] <greenrd> homotopy type theory
[Sun Jun 30 00:52:22 2013] <tswett> I don't know what that is, either.
[Sun Jun 30 00:52:22 2013] <tswett> I don't know what that is, either.
[Sun Jun 30 00:54:32 2013] <greenrd> http://en.wikipedia.org/wiki/Homotopy_type_theory
[Sun Jun 30 00:54:32 2013] <greenrd> http://en.wikipedia.org/wiki/Homotopy_type_theory
[Sun Jun 30 01:35:31 2013] <XexonixXexillion> I'm somewhat new to coq. I have a recursive function (defined with Fixpoint) and I'm getting an error about types not matching, but I have a lemma which shows that what it expects and what it is given are the same type. Can I actually use this lemma to make it typecheck?
[Sun Jun 30 01:35:31 2013] <XexonixXexillion> I'm somewhat new to coq. I have a recursive function (defined with Fixpoint) and I'm getting an error about types not matching, but I have a lemma which shows that what it expects and what it is given are the same type. Can I actually use this lemma to make it typecheck?
[Sun Jun 30 01:35:59 2013] <tswett> Pretty sure there's a way to make it work, yeah.
[Sun Jun 30 01:35:59 2013] <tswett> Pretty sure there's a way to make it work, yeah.
[Sun Jun 30 01:36:43 2013] <tswett> I don't know how it actually works, but I know that tactics can produce a function that makes it work. Lemme see here.
[Sun Jun 30 01:36:43 2013] <tswett> I don't know how it actually works, but I know that tactics can produce a function that makes it work. Lemme see here.
[Sun Jun 30 01:38:09 2013] <tswett> All right, here's what I did: http://pastie.org/8096148
[Sun Jun 30 01:38:09 2013] <tswett> All right, here's what I did: http://pastie.org/8096148
[Sun Jun 30 01:40:36 2013] <tswett> So it looks like you can use eq_rect (or eq_rec or eq_ind) in order to "convert" a value between two equal types.
[Sun Jun 30 01:40:36 2013] <tswett> So it looks like you can use eq_rect (or eq_rec or eq_ind) in order to "convert" a value between two equal types.
[Sun Jun 30 01:43:12 2013] <tswett> So what you want to do is, for some reason, this: eq_rect (old type) id (value of the old type) (new type) (proof that old type = new type)
[Sun Jun 30 01:43:12 2013] <tswett> So what you want to do is, for some reason, this: eq_rect (old type) id (value of the old type) (new type) (proof that old type = new type)
[Sun Jun 30 01:43:22 2013] <tswett> Replacing eq_rect with eq_rec or eq_ind if necessary.
[Sun Jun 30 01:43:22 2013] <tswett> Replacing eq_rect with eq_rec or eq_ind if necessary.
[Sun Jun 30 01:43:30 2013] <XexonixXexillion> thanks
[Sun Jun 30 01:43:30 2013] <XexonixXexillion> thanks
[Sun Jun 30 01:43:44 2013] <tswett> I guess that if a and b are Sets, you use eq_rec, and if they're Props, you use eq_ind.
[Sun Jun 30 01:43:44 2013] <tswett> I guess that if a and b are Sets, you use eq_rec, and if they're Props, you use eq_ind.
[Sun Jun 30 01:43:50 2013] <tswett> But yeah, you're welcome.
[Sun Jun 30 01:43:50 2013] <tswett> But yeah, you're welcome.
[Sun Jun 30 03:27:02 2013] <jgross_> greenrd: No, I didn't.	Thanks! 
[Sun Jun 30 03:27:02 2013] <jgross_> greenrd: No, I didn't.	Thanks!
[Sun Jun 30 23:17:47 2013] <amosr> is there anything like (list Type -> Type) so if I had "[nat; nat]" it would be eg "(nat * nat)"?
[Sun Jun 30 23:17:47 2013] <amosr> is there anything like (list Type -> Type) so if I had "[nat; nat]" it would be eg "(nat * nat)"?
[Sun Jun 30 23:18:27 2013] <amosr> or should I just use fold_left .. (*) unit
[Sun Jun 30 23:18:27 2013] <amosr> or should I just use fold_left .. (*) unit
[Sun Jun 30 23:47:02 2013] <ezyang> Yep, just fold'em
[Sun Jun 30 23:47:02 2013] <ezyang> Yep, just fold'em
[Mon Jul  1 01:02:53 2013] <amosr> I'm conflicted between defining mutually recursive inductive types where one is equivalent to "list blah", or just writing a custom induction scheme
[Mon Jul  1 01:02:53 2013] <amosr> I'm conflicted between defining mutually recursive inductive types where one is equivalent to "list blah", or just writing a custom induction scheme
[Mon Jul  1 01:02:57 2013] <amosr> neither is particularly appealing
[Mon Jul  1 01:02:57 2013] <amosr> neither is particularly appealing
[Mon Jul  1 01:04:05 2013] <benl23> amosr: defined the induction scheme
[Mon Jul  1 01:04:05 2013] <benl23> amosr: defined the induction scheme
[Mon Jul  1 01:04:14 2013] <benl23> It's less painful that rewriting all of the standard list functions
[Mon Jul  1 01:04:14 2013] <benl23> It's less painful that rewriting all of the standard list functions
[Mon Jul  1 01:04:42 2013] <benl23> Otherwise you need different versions of get/insert/update/filter etc etc for every list-like data structure
[Mon Jul  1 01:04:42 2013] <benl23> Otherwise you need different versions of get/insert/update/filter etc etc for every list-like data structure
[Mon Jul  1 01:05:22 2013] <benl23> The Forall and Forall2 functions are also useful, but only work with standard lists
[Mon Jul  1 01:05:22 2013] <benl23> The Forall and Forall2 functions are also useful, but only work with standard lists
[Mon Jul  1 01:07:22 2013] <amosr> yeah, I just had to rewrite something from Forall2 to my own definition … annoying
[Mon Jul  1 01:07:22 2013] <amosr> yeah, I just had to rewrite something from Forall2 to my own definition … annoying
[Mon Jul  1 01:07:43 2013] <amosr> is there any technical reason that eg Scheme/Combine Scheme couldn't handle list as well?
[Mon Jul  1 01:07:43 2013] <amosr> is there any technical reason that eg Scheme/Combine Scheme couldn't handle list as well?
[Mon Jul  1 01:15:11 2013] <benl23> not that I know of
[Mon Jul  1 01:15:11 2013] <benl23> not that I know of
[Mon Jul  1 02:24:36 2013] <Cale> It might just be my inexperience with Coq, but I've noticed that the list library and others often chooses not to give inductive definitions of predicates, and those definitions seem to magically work out better for me when I try them.
[Mon Jul  1 02:24:36 2013] <Cale> It might just be my inexperience with Coq, but I've noticed that the list library and others often chooses not to give inductive definitions of predicates, and those definitions seem to magically work out better for me when I try them.
[Mon Jul  1 02:25:00 2013] <Cale> Like, using an inductive definition of list membership, for example
[Mon Jul  1 02:25:00 2013] <Cale> Like, using an inductive definition of list membership, for example
[Mon Jul  1 02:25:25 2013] <Cale> (which essentially looks like a fancy version of natural numbers)
[Mon Jul  1 02:25:25 2013] <Cale> (which essentially looks like a fancy version of natural numbers)
[Mon Jul  1 02:37:08 2013] <amosr> Cale: hmm, could you give a specific example? I don't really understand
[Mon Jul  1 02:37:08 2013] <amosr> Cale: hmm, could you give a specific example? I don't really understand
[Mon Jul  1 02:43:26 2013] <Cale> amosr: For instance, the List library defines a predicate In using a Fixpoint, while I'd usually prefer to have something like: http://paste.tryhaskell.org/90630
[Mon Jul  1 02:43:26 2013] <Cale> amosr: For instance, the List library defines a predicate In using a Fixpoint, while I'd usually prefer to have something like: http://paste.tryhaskell.org/90630
[Mon Jul  1 02:43:57 2013] <Cale> amosr: They're equivalent, but having constructors and being able to do induction on the structure of the proof seems handy.
[Mon Jul  1 02:43:57 2013] <Cale> amosr: They're equivalent, but having constructors and being able to do induction on the structure of the proof seems handy.
[Mon Jul  1 02:45:55 2013] <amosr> hmm, I imagine you'd want both?
[Mon Jul  1 02:45:55 2013] <amosr> hmm, I imagine you'd want both?
[Mon Jul  1 02:46:20 2013] <Cale> Maybe!
[Mon Jul  1 02:46:20 2013] <Cale> Maybe!
[Mon Jul  1 02:46:31 2013] <Cale> I haven't really had a need for the other one
[Mon Jul  1 02:46:31 2013] <Cale> I haven't really had a need for the other one
[Mon Jul  1 02:48:32 2013] <Cale> It's actually kind of funny. In is mainly the sore point there, Exists, Forall, Forall2, etc. are all inductive.
[Mon Jul  1 02:48:32 2013] <Cale> It's actually kind of funny. In is mainly the sore point there, Exists, Forall, Forall2, etc. are all inductive.
[Mon Jul  1 02:49:53 2013] <amosr> right, yes, inducting over the structure of a Forall2 is very useful
[Mon Jul  1 02:49:53 2013] <amosr> right, yes, inducting over the structure of a Forall2 is very useful
[Mon Jul  1 16:55:56 2013] <HaikuUser> I think that inversion is not given the credit it deserves
[Mon Jul  1 16:55:56 2013] <HaikuUser> I think that inversion is not given the credit it deserves
[Mon Jul  1 16:57:32 2013] <Cale> heh, what do you mean by that?
[Mon Jul  1 16:57:32 2013] <Cale> heh, what do you mean by that?
[Mon Jul  1 17:30:35 2013] <wmeyer> hi
[Mon Jul  1 17:30:35 2013] <wmeyer> hi
[Mon Jul  1 17:31:35 2013] <Anarchos> wmeyer hi !!
[Mon Jul  1 17:31:35 2013] <Anarchos> wmeyer hi !!
[Mon Jul  1 17:32:04 2013] <Anarchos> Cale the inversion tactic is very fundamental for people used to OCaml types
[Mon Jul  1 17:32:04 2013] <Anarchos> Cale the inversion tactic is very fundamental for people used to OCaml types
[Mon Jul  1 17:33:31 2013] <wmeyer> Anarchos: ho!
[Mon Jul  1 17:33:31 2013] <wmeyer> Anarchos: ho!
[Mon Jul  1 17:34:23 2013] <Anarchos> hi wmeyer
[Mon Jul  1 17:34:23 2013] <Anarchos> hi wmeyer
[Tue Jul  2 21:24:24 2013] <ezyang> How do you ask Coq what a notation means?
[Tue Jul  2 21:24:24 2013] <ezyang> How do you ask Coq what a notation means?
[Tue Jul  2 21:24:38 2013] <ezyang> (there was a query but I can't remember what it is spelled and chapter 11 of the manual is not helping)
[Tue Jul  2 21:25:07 2013] <ezyang> (there was a query but I can't remember what it is spelled and chapter 11 of the manual is not helping)
[Tue Jul  2 23:04:22 2013] <amosr> I want to show that language A and language B have some correspondence. I feel like using big step semantics would be easier than small step, but then I can't prove progress? (without implementing small step as well, and proving equivalence)
[Tue Jul  2 23:04:22 2013] <amosr> I want to show that language A and language B have some correspondence. I feel like using big step semantics would be easier than small step, but then I can't prove progress? (without implementing small step as well, and proving equivalence)
[Tue Jul  2 23:05:59 2013] <amosr> or I could just use small step and transitive closure, but my gut feeling is that'd make it harder to prove
[Tue Jul  2 23:05:59 2013] <amosr> or I could just use small step and transitive closure, but my gut feeling is that'd make it harder to prove
[Tue Jul  2 23:07:03 2013] <ezyang> I've always found choosing the right representation for a proof, and showing the reps are equivalent, is the right way to do things.
[Tue Jul  2 23:07:03 2013] <ezyang> I've always found choosing the right representation for a proof, and showing the reps are equivalent, is the right way to do things.
[Tue Jul  2 23:08:43 2013] <amosr> okay. I think I'll try with big step, then
[Tue Jul  2 23:08:43 2013] <amosr> okay. I think I'll try with big step, then
[Wed Jul  3 00:16:58 2013] <amosr> "try apply X; try apply Y; try apply Z" is there a better way to do this?
[Wed Jul  3 00:16:58 2013] <amosr> "try apply X; try apply Y; try apply Z" is there a better way to do this?
[Wed Jul  3 01:53:14 2013] <ezyang> Well, if you can finish the proof, auto works great for this sort of thing
[Wed Jul  3 01:53:14 2013] <ezyang> Well, if you can finish the proof, auto works great for this sort of thing
[Wed Jul  3 02:12:17 2013] <Ptival> ezyang: Locate
[Wed Jul  3 02:12:17 2013] <Ptival> ezyang: Locate
[Wed Jul  3 02:13:28 2013] <ezyang> argh, why do I always try 'Search' :-(
[Wed Jul  3 02:13:28 2013] <ezyang> argh, why do I always try 'Search' :-(
[Wed Jul  3 02:15:58 2013] <Ptival> amosr: not necessarily equivalent, but there is first [apply X | apply Y | apply Z]
[Wed Jul  3 02:15:58 2013] <Ptival> amosr: not necessarily equivalent, but there is first [apply X | apply Y | apply Z]
[Wed Jul  3 02:16:23 2013] <Ptival> or solve [apply X | apply Y | apply Z] if you want to apply only when it kills the goal
[Wed Jul  3 02:16:23 2013] <Ptival> or solve [apply X | apply Y | apply Z] if you want to apply only when it kills the goal
[Wed Jul  3 02:17:44 2013] <Ptival> but if they're really meant to be applies on top of each other, as long as progress can be made, then I think you have to write it your way
[Wed Jul  3 02:17:44 2013] <Ptival> but if they're really meant to be applies on top of each other, as long as progress can be made, then I think you have to write it your way
[Wed Jul  3 02:17:51 2013] <Ptival> applied*
[Wed Jul  3 02:17:51 2013] <Ptival> applied*
[Wed Jul  3 02:19:06 2013] <amosr> hmm.. perhaps I should look into how the hint databases work
[Wed Jul  3 02:19:06 2013] <amosr> hmm.. perhaps I should look into how the hint databases work
[Wed Jul  3 02:20:27 2013] <ezyang> CPDT ca give you some ideas on how to pull these things together
[Wed Jul  3 02:20:27 2013] <ezyang> CPDT ca give you some ideas on how to pull these things together
[Wed Jul  3 02:20:58 2013] <amosr> ah, I haven't really read CPDT. only snippets. maybe I'll have to go through it
[Wed Jul  3 02:20:58 2013] <amosr> ah, I haven't really read CPDT. only snippets. maybe I'll have to go through it
[Wed Jul  3 09:09:38 2013] <roosbeef> hi
[Wed Jul  3 09:09:38 2013] <roosbeef> hi
[Wed Jul  3 09:10:14 2013] <roosbeef> im proving this lemma, where both arguments are being converted to another format inside a comparison
[Wed Jul  3 09:10:14 2013] <roosbeef> im proving this lemma, where both arguments are being converted to another format inside a comparison
[Wed Jul  3 09:10:49 2013] <roosbeef> the conversion function is a bit complex when fully unfolded
[Wed Jul  3 09:10:49 2013] <roosbeef> the conversion function is a bit complex when fully unfolded
[Wed Jul  3 09:11:10 2013] <roosbeef> is there a way to work with the converted format and not have to delve into the conversion function itself?
[Wed Jul  3 09:11:10 2013] <roosbeef> is there a way to work with the converted format and not have to delve into the conversion function itself?
[Wed Jul  3 09:30:01 2013] <roosbeef> brb
[Wed Jul  3 09:30:01 2013] <roosbeef> brb
[Wed Jul  3 10:14:14 2013] <jgross_> ezyang @ 21:25 yesterday: To find Notations, try something like [Locate "=".] 
[Wed Jul  3 10:14:15 2013] <jgross_> ezyang @ 21:25 yesterday: To find Notations, try something like [Locate "=".]
[Wed Jul  3 10:23:57 2013] <jgross_> Oops, Ptival already said that. 
[Wed Jul  3 10:23:57 2013] <jgross_> Oops, Ptival already said that.
[Wed Jul  3 13:08:10 2013] <osa1> I'm reading the book "Certified Programming With Dependent Types" and one thing confuses me. At first it's said that by Curry-Howard correspondence, proofs == programs, but now it says "the key to telling what is a proof and what is a program is lies between distinction of Proof and Set types" (not exact sentence). now, are programs and proofs equal or not?
[Wed Jul  3 13:08:10 2013] <osa1> I'm reading the book "Certified Programming With Dependent Types" and one thing confuses me. At first it's said that by Curry-Howard correspondence, proofs == programs, but now it says "the key to telling what is a proof and what is a program is lies between distinction of Proof and Set types" (not exact sentence). now, are programs and proofs equal or not?
[Wed Jul  3 13:10:08 2013] <tomprince> Yes.
[Wed Jul  3 13:10:08 2013] <tomprince> Yes.
[Wed Jul  3 13:11:29 2013] <tomprince> To be less facetious, the difference in the later is mostly one of intent.
[Wed Jul  3 13:11:29 2013] <tomprince> To be less facetious, the difference in the later is mostly one of intent.
[Wed Jul  3 13:11:54 2013] <osa1> ah
[Wed Jul  3 13:11:54 2013] <osa1> ah
[Wed Jul  3 13:12:10 2013] <ezyang> "Proof type"; do you mean the "Prop type"?
[Wed Jul  3 13:12:10 2013] <ezyang> "Proof type"; do you mean the "Prop type"?
[Wed Jul  3 13:12:19 2013] <tomprince> So, you can always interpret a program as a proof.
[Wed Jul  3 13:12:19 2013] <tomprince> So, you can always interpret a program as a proof.
[Wed Jul  3 13:12:26 2013] <osa1> ezyang: yes, sorry
[Wed Jul  3 13:12:26 2013] <osa1> ezyang: yes, sorry
[Wed Jul  3 13:13:23 2013] <tomprince> But, for example, considering + as proof, it means that if you have two proofs of 'nat', then you can construct another. Which, from a prrof point of view isn't very interesting.
[Wed Jul  3 13:13:23 2013] <tomprince> But, for example, considering + as proof, it means that if you have two proofs of 'nat', then you can construct another. Which, from a prrof point of view isn't very interesting.
[Wed Jul  3 13:13:35 2013] <ezyang> Well, there is an important difference between Prop and Set, regarding impredicativity
[Wed Jul  3 13:13:35 2013] <ezyang> Well, there is an important difference between Prop and Set, regarding impredicativity
[Wed Jul  3 13:13:51 2013] <ezyang> But I would not worry about it for now, and Adam does explain it a bit
[Wed Jul  3 13:13:51 2013] <ezyang> But I would not worry about it for now, and Adam does explain it a bit
[Wed Jul  3 13:14:25 2013] <osa1> ok
[Wed Jul  3 13:14:25 2013] <osa1> ok
[Wed Jul  3 13:17:52 2013] <osa1> is 'tt' (the value of type unit) shorthand of something?
[Wed Jul  3 13:17:52 2013] <osa1> is 'tt' (the value of type unit) shorthand of something?
[Wed Jul  3 13:19:25 2013] <elliott> no
[Wed Jul  3 13:19:25 2013] <elliott> no
[Wed Jul  3 13:19:26 2013] <robbert> @print unit
[Wed Jul  3 13:19:26 2013] <robbert> @print unit
[Wed Jul  3 13:19:53 2013] <robbert> tomprince: where is roosterbot ;)
[Wed Jul  3 13:19:53 2013] <robbert> tomprince: where is roosterbot ;)
[Wed Jul  3 13:20:02 2013] <osa1> what does it stand for?
[Wed Jul  3 13:20:02 2013] <osa1> what does it stand for?
[Wed Jul  3 13:30:05 2013] <osa1> @print unit
[Wed Jul  3 13:30:05 2013] <osa1> @print unit
[Wed Jul  3 13:30:06 2013] <robbert> osa1: tt is the constructor of the unit type
[Wed Jul  3 13:30:06 2013] <robbert> osa1: tt is the constructor of the unit type
[Wed Jul  3 13:30:08 2013] <robbert> Inductive unit : Set :=  tt : unit
[Wed Jul  3 13:30:08 2013] <robbert> Inductive unit : Set :=  tt : unit
[Wed Jul  3 13:30:11 2013] <roosterbot> Inductive unit : Set :=  tt : ()
[Wed Jul  3 13:30:11 2013] <roosterbot> Inductive unit : Set :=  tt : ()
[Wed Jul  3 13:30:58 2013] <osa1> roosterbot: yes, my question was regarding the `tt` name, does that stand for anything?
[Wed Jul  3 13:30:58 2013] <osa1> roosterbot: yes, my question was regarding the `tt` name, does that stand for anything?
[Wed Jul  3 13:31:07 2013] <osa1> robbert: ^
[Wed Jul  3 13:31:07 2013] <osa1> robbert: ^
[Wed Jul  3 13:32:27 2013] <robbert> ah, no idea
[Wed Jul  3 13:32:27 2013] <robbert> ah, no idea
[Wed Jul  3 13:50:27 2013] <ianjneu> osa1: I would say it's t for "top" but doubled so that "t" isn't taken by the system libraries.
[Wed Jul  3 13:50:27 2013] <ianjneu> osa1: I would say it's t for "top" but doubled so that "t" isn't taken by the system libraries.
[Wed Jul  3 15:23:11 2013] <wmeyer> hello
[Wed Jul  3 15:23:11 2013] <wmeyer> hello
[Wed Jul  3 15:27:34 2013] <ianjneu> hi
[Wed Jul  3 15:27:34 2013] <ianjneu> hi
[Wed Jul  3 16:05:39 2013] <napping> Are there any tactic libraries for temporal logic?
[Wed Jul  3 16:05:39 2013] <napping> Are there any tactic libraries for temporal logic?
[Wed Jul  3 16:08:32 2013] <napping> I've defined the semantics of various operators (forever, eventually, next, etc), but reasoning under them can't take advantage of things like tauto
[Wed Jul  3 16:08:32 2013] <napping> I've defined the semantics of various operators (forever, eventually, next, etc), but reasoning under them can't take advantage of things like tauto
[Wed Jul  3 16:26:33 2013] <ianjneu> napping: Seeing as temporal logic is only useful on finite structures, I'm guessing no.
[Wed Jul  3 16:26:33 2013] <ianjneu> napping: Seeing as temporal logic is only useful on finite structures, I'm guessing no.
[Wed Jul  3 16:27:18 2013] <ianjneu> For the rest of us, we just use path constructions, quantifiers and a reduction relation.
[Wed Jul  3 16:27:18 2013] <ianjneu> For the rest of us, we just use path constructions, quantifiers and a reduction relation.
[Wed Jul  3 16:27:20 2013] <napping> I'm actually working on potentially infinite structures, what's the problem?
[Wed Jul  3 16:27:20 2013] <napping> I'm actually working on potentially infinite structures, what's the problem?
[Wed Jul  3 16:28:18 2013] <napping> I'm building things on paths and a reachability relation also, but there are tons of constructions like forall state1, Path state0 state1 -> ?P state1
[Wed Jul  3 16:28:18 2013] <napping> I'm building things on paths and a reachability relation also, but there are tons of constructions like forall state1, Path state0 state1 -> ?P state1
[Wed Jul  3 16:28:31 2013] <ianjneu> napping: "Temporal logic" in full first-order (or higher) logic does not add expressivity. There are specific modalities that you can express just with quantifiers and the reduction relation.
[Wed Jul  3 16:28:31 2013] <ianjneu> napping: "Temporal logic" in full first-order (or higher) logic does not add expressivity. There are specific modalities that you can express just with quantifiers and the reduction relation.
[Wed Jul  3 16:29:12 2013] <napping> I'm not trying to add expressivity, but to take advantage of restrictions to impose tractability
[Wed Jul  3 16:29:12 2013] <napping> I'm not trying to add expressivity, but to take advantage of restrictions to impose tractability
[Wed Jul  3 16:29:28 2013] <napping> firstorder can handle simple cases, but explodes as formulas grows
[Wed Jul  3 16:29:28 2013] <napping> firstorder can handle simple cases, but explodes as formulas grows
[Wed Jul  3 16:30:17 2013] <ianjneu> So you want to prove certain identities on temporal logic formulae to help reduce goals?
[Wed Jul  3 16:30:17 2013] <ianjneu> So you want to prove certain identities on temporal logic formulae to help reduce goals?
[Wed Jul  3 16:30:39 2013] <napping> there are tons of little lemmas like forall P Q x, always (fun x' => P x' -> Q x') x -> eventually P x -> eventually Q x
[Wed Jul  3 16:30:39 2013] <napping> there are tons of little lemmas like forall P Q x, always (fun x' => P x' -> Q x') x -> eventually P x -> eventually Q x
[Wed Jul  3 16:31:56 2013] <ianjneu> pretty sure you'll have to prove those yourself. Preferably on a simple set + action structure.
[Wed Jul  3 16:31:57 2013] <ianjneu> pretty sure you'll have to prove those yourself. Preferably on a simple set + action structure.
[Wed Jul  3 16:32:09 2013] <ianjneu> ie reduction relation.
[Wed Jul  3 16:32:09 2013] <ianjneu> ie reduction relation.
[Wed Jul  3 16:32:10 2013] <napping> I've proved some lemmas like that myself
[Wed Jul  3 16:32:10 2013] <napping> I've proved some lemmas like that myself
[Wed Jul  3 16:32:33 2013] <napping> it's applying those lemmas to help solve larger problems that seems fairly mechanical
[Wed Jul  3 16:32:33 2013] <napping> it's applying those lemmas to help solve larger problems that seems fairly mechanical
[Wed Jul  3 16:33:07 2013] <ianjneu> The property you posed is not something one can state in propositional temporal logics (the ones that people use model-checkers for)
[Wed Jul  3 16:33:07 2013] <ianjneu> The property you posed is not something one can state in propositional temporal logics (the ones that people use model-checkers for)
[Wed Jul  3 16:33:47 2013] <napping> that comes from the encoding of temporal formulas as (state -> Prop)
[Wed Jul  3 16:33:47 2013] <napping> that comes from the encoding of temporal formulas as (state -> Prop)
[Wed Jul  3 16:34:02 2013] <napping> without making that explicit it would be "[](P -> Q) -> <>P -> <>Q)
[Wed Jul  3 16:34:02 2013] <napping> without making that explicit it would be "[](P -> Q) -> <>P -> <>Q)
[Wed Jul  3 16:36:05 2013] <ianjneu> Since you're working in the rich logic of Gallina, why not use nicer temporal semantics, like Cousot's mu-reverse calculus?
[Wed Jul  3 16:36:05 2013] <ianjneu> Since you're working in the rich logic of Gallina, why not use nicer temporal semantics, like Cousot's mu-reverse calculus?
[Wed Jul  3 16:36:36 2013] <thm_prover> the "option" type lets me return "Some _ | None"
[Wed Jul  3 16:36:36 2013] <thm_prover> the "option" type lets me return "Some _ | None"
[Wed Jul  3 16:36:42 2013] <thm_prover> is there a way to return "one of two values" ?
[Wed Jul  3 16:36:42 2013] <thm_prover> is there a way to return "one of two values" ?
[Wed Jul  3 16:36:49 2013] <thm_prover> i.e. "Left T1 | Right T2" ?
[Wed Jul  3 16:36:49 2013] <thm_prover> i.e. "Left T1 | Right T2" ?
[Wed Jul  3 16:36:56 2013] <thm_prover> i.e. when I return, I either return something of type T1 or something of type T2.
[Wed Jul  3 16:36:56 2013] <thm_prover> i.e. when I return, I either return something of type T1 or something of type T2.
[Wed Jul  3 16:37:00 2013] <thm_prover> I can define this inductively myself
[Wed Jul  3 16:37:00 2013] <thm_prover> I can define this inductively myself
[Wed Jul  3 16:37:09 2013] <thm_prover> but I feel like there is something like this in sthe standard library (but I can't thikn of its name)
[Wed Jul  3 16:37:09 2013] <thm_prover> but I feel like there is something like this in sthe standard library (but I can't thikn of its name)
[Wed Jul  3 16:38:11 2013] <ianjneu> +?
[Wed Jul  3 16:38:11 2013] <ianjneu> +?
[Wed Jul  3 16:38:15 2013] <napping> ianjneu: I don't need a stronger logic, does it have nicer semantics?
[Wed Jul  3 16:38:15 2013] <napping> ianjneu: I don't need a stronger logic, does it have nicer semantics?
[Wed Jul  3 16:38:41 2013] <napping> or a proof system / better interaction with existing tactics
[Wed Jul  3 16:38:41 2013] <napping> or a proof system / better interaction with existing tactics
[Wed Jul  3 16:38:52 2013] <ianjneu> napping: Indeed it does. It deals with traces as temporal logics /should/.
[Wed Jul  3 16:38:52 2013] <ianjneu> napping: Indeed it does. It deals with traces as temporal logics /should/.
[Wed Jul  3 16:39:27 2013] <ianjneu> hmm no proof system past the theorems proved in the temporal abstract interpretation paper.
[Wed Jul  3 16:39:27 2013] <ianjneu> hmm no proof system past the theorems proved in the temporal abstract interpretation paper.
[Wed Jul  3 16:41:53 2013] <thm_prover> inl: A B A -> A + B
[Wed Jul  3 16:41:53 2013] <thm_prover> inl: A B A -> A + B
[Wed Jul  3 16:42:00 2013] <thm_prover> what takes A+B to an A ?
[Wed Jul  3 16:42:00 2013] <thm_prover> what takes A+B to an A ?
[Wed Jul  3 16:42:11 2013] <thm_prover> Definition t = @inl nat String 20.
[Wed Jul  3 16:42:11 2013] <thm_prover> Definition t = @inl nat String 20.
[Wed Jul  3 16:42:16 2013] <thm_prover> how, how do I extract the "20" from t ?
[Wed Jul  3 16:42:16 2013] <thm_prover> how, how do I extract the "20" from t ?
[Wed Jul  3 16:44:51 2013] <napping> thm_prover: do you know how to use Locate/Print/SearchAbout/etc ?
[Wed Jul  3 16:44:51 2013] <napping> thm_prover: do you know how to use Locate/Print/SearchAbout/etc ?
[Wed Jul  3 16:45:03 2013] <thm_prover> napping SearchAbout / Print yes,
[Wed Jul  3 16:45:03 2013] <thm_prover> napping SearchAbout / Print yes,
[Wed Jul  3 16:45:08 2013] <thm_prover> Locate not so much, always get type errors back
[Wed Jul  3 16:45:08 2013] <thm_prover> Locate not so much, always get type errors back
[Wed Jul  3 16:45:17 2013] <ianjneu> thm_prover: Match on v : A + B with contructors left and right
[Wed Jul  3 16:45:17 2013] <ianjneu> thm_prover: Match on v : A + B with contructors left and right
[Wed Jul  3 16:45:18 2013] <thm_prover> SearchAbout( ?A + ?B) however
[Wed Jul  3 16:45:18 2013] <thm_prover> SearchAbout( ?A + ?B) however
[Wed Jul  3 16:45:27 2013] <thm_prover> returns mostly stuff about arithmetric and not "sum"
[Wed Jul  3 16:45:27 2013] <thm_prover> returns mostly stuff about arithmetric and not "sum"
[Wed Jul  3 16:45:27 2013] <napping> Locate "_ + _". will find the notation
[Wed Jul  3 16:45:27 2013] <napping> Locate "_ + _". will find the notation
[Wed Jul  3 16:46:18 2013] <thm_prover> napping: SearchAbout(sum) gives me inl/inr
[Wed Jul  3 16:46:18 2013] <thm_prover> napping: SearchAbout(sum) gives me inl/inr
[Wed Jul  3 16:46:23 2013] <thm_prover> napping: where ar eyou getting left/right from?
[Wed Jul  3 16:46:23 2013] <thm_prover> napping: where ar eyou getting left/right from?
[Wed Jul  3 16:47:04 2013] <napping> right, there is no simple projection function
[Wed Jul  3 16:47:04 2013] <napping> right, there is no simple projection function
[Wed Jul  3 16:47:05 2013] <thm_prover> napping: http://coq.inria.fr/stdlib/Coq.Init.Datatypes.html also has left/right
[Wed Jul  3 16:47:05 2013] <thm_prover> napping: http://coq.inria.fr/stdlib/Coq.Init.Datatypes.html also has left/right
[Wed Jul  3 16:47:37 2013] <napping> that has inl/inr
[Wed Jul  3 16:47:37 2013] <napping> that has inl/inr
[Wed Jul  3 16:48:50 2013] <tomprince> You can't project, since you don't necesarily have a value of the given type.
[Wed Jul  3 16:48:50 2013] <tomprince> You can't project, since you don't necesarily have a value of the given type.
[Wed Jul  3 16:49:10 2013] <tomprince> You could have 'A + B -> option A' though.
[Wed Jul  3 16:49:10 2013] <tomprince> You could have 'A + B -> option A' though.
[Wed Jul  3 16:49:43 2013] <tomprince> But you probably don't want that.
[Wed Jul  3 16:49:43 2013] <tomprince> But you probably don't want that.
[Wed Jul  3 16:52:15 2013] <thm_prover> tomprince: this makes sense
[Wed Jul  3 16:52:15 2013] <thm_prover> tomprince: this makes sense
[Wed Jul  3 16:52:19 2013] <thm_prover> tomprince: thanks
[Wed Jul  3 16:52:19 2013] <thm_prover> tomprince: thanks
[Wed Jul  3 17:02:38 2013] <thm_prover> dumb question: "Transparent foo." did not work <-- is there a database of comamnds where I tell Coq: anytime you can "unfold Foo", do "unfold Foo" ?
[Wed Jul  3 17:02:38 2013] <thm_prover> dumb question: "Transparent foo." did not work <-- is there a database of comamnds where I tell Coq: anytime you can "unfold Foo", do "unfold Foo" ?
[Wed Jul  3 17:02:46 2013] <thm_prover> simpl is too powerful -- it's unfolding stuff I don't wnated unfolded.
[Wed Jul  3 17:02:46 2013] <thm_prover> simpl is too powerful -- it's unfolding stuff I don't wnated unfolded.
[Wed Jul  3 17:04:10 2013] <napping> I haven't tried it, but you might look into autounfold
[Wed Jul  3 17:04:10 2013] <napping> I haven't tried it, but you might look into autounfold
[Wed Jul  3 19:09:45 2013] <thm_prover> is there a way to define some type of tuples as follows:
[Wed Jul  3 19:09:45 2013] <thm_prover> is there a way to define some type of tuples as follows:
[Wed Jul  3 19:09:53 2013] <thm_prover> (nat, H: proof that given nat is > 5) ?
[Wed Jul  3 19:09:53 2013] <thm_prover> (nat, H: proof that given nat is > 5) ?
[Wed Jul  3 19:10:00 2013] <thm_prover> i.e. I want stuff like (6, H: 6 > 5)
[Wed Jul  3 19:10:00 2013] <thm_prover> i.e. I want stuff like (6, H: 6 > 5)
[Wed Jul  3 19:10:04 2013] <thm_prover> (7, H: 7 > 5), ...
[Wed Jul  3 19:10:04 2013] <thm_prover> (7, H: 7 > 5), ...
[Wed Jul  3 19:10:13 2013] <thm_prover> is there a way to define tuples in such a way so that one arg is dependent on another arg?
[Wed Jul  3 19:10:13 2013] <thm_prover> is there a way to define tuples in such a way so that one arg is dependent on another arg?
[Wed Jul  3 19:11:10 2013] <acowley> thm_prover: Check out http://coq.inria.fr/distrib/current/stdlib/Coq.Init.Specif.html
[Wed Jul  3 19:11:10 2013] <acowley> thm_prover: Check out http://coq.inria.fr/distrib/current/stdlib/Coq.Init.Specif.html
[Wed Jul  3 19:11:36 2013] <thm_prover> damn it,
[Wed Jul  3 19:11:36 2013] <thm_prover> damn it,
[Wed Jul  3 19:11:41 2013] <thm_prover> dependent tuples = depdnent types ?
[Wed Jul  3 19:11:41 2013] <thm_prover> dependent tuples = depdnent types ?
[Wed Jul  3 19:13:07 2013] <elliott> thm_prover: that's what {n : nat | n > 5} is
[Wed Jul  3 19:13:07 2013] <elliott> thm_prover: that's what {n : nat | n > 5} is
[Wed Jul  3 19:13:31 2013] <thm_prover> I have one more dumb question.
[Wed Jul  3 19:13:31 2013] <thm_prover> I have one more dumb question.
[Wed Jul  3 19:13:43 2013] <thm_prover> Suppose I have something like (n, H1: n > 5, H2: H2: n < 10),
[Wed Jul  3 19:13:43 2013] <thm_prover> Suppose I have something like (n, H1: n > 5, H2: H2: n < 10),
[Wed Jul  3 19:13:54 2013] <thm_prover> it's easy for me to write: let (m, H1, H2) := ...
[Wed Jul  3 19:13:54 2013] <thm_prover> it's easy for me to write: let (m, H1, H2) := ...
[Wed Jul  3 19:14:09 2013] <thm_prover> now, when I get dependent types, I have stuff everything into one Prop, which means I use /\
[Wed Jul  3 19:14:09 2013] <thm_prover> now, when I get dependent types, I have stuff everything into one Prop, which means I use /\
[Wed Jul  3 19:14:15 2013] <thm_prover> how do I break apart that /\ efficiently ?
[Wed Jul  3 19:14:15 2013] <thm_prover> how do I break apart that /\ efficiently ?
[Wed Jul  3 22:23:45 2013] <amosr> I have a like "match goal with | [ H : TYPE … |- _ ] => inversion H end"
[Wed Jul  3 22:23:45 2013] <amosr> I have a like "match goal with | [ H : TYPE … |- _ ] => inversion H end"
[Wed Jul  3 22:24:21 2013] <amosr> a tactic like
[Wed Jul  3 22:24:21 2013] <amosr> a tactic like
[Wed Jul  3 22:25:06 2013] <amosr> and I want to repeat it, but I want only the first matches to be inverted, since "inversion H" will introduce more goals : TYPE ...
[Wed Jul  3 22:25:06 2013] <amosr> and I want to repeat it, but I want only the first matches to be inverted, since "inversion H" will introduce more goals : TYPE ...
[Wed Jul  3 22:26:27 2013] <amosr> something like find a list of all hypotheses that match "H : TYPE …", then invert on only those
[Wed Jul  3 22:26:27 2013] <amosr> something like find a list of all hypotheses that match "H : TYPE …", then invert on only those
[Thu Jul  4 05:36:00 2013] <amosr> osa1: Locate "=". Check eq.
[Thu Jul  4 05:36:00 2013] <amosr> osa1: Locate "=". Check eq.
[Thu Jul  4 05:36:15 2013] <amosr> you need to look up the notation first to see what it's actually called
[Thu Jul  4 05:36:15 2013] <amosr> you need to look up the notation first to see what it's actually called
[Thu Jul  4 05:36:51 2013] <osa1> thanks
[Thu Jul  4 05:36:51 2013] <osa1> thanks
[Thu Jul  4 13:14:33 2013] <nox> hello
[Thu Jul  4 13:14:33 2013] <nox> hello
[Thu Jul  4 13:15:25 2013] <nox> I have a hypothesis Constant <> Constant, is there something shorter than "assert (contra : Constant = Constant). { reflexivity. } contradiction."?
[Thu Jul  4 13:15:25 2013] <nox> I have a hypothesis Constant <> Constant, is there something shorter than "assert (contra : Constant = Constant). { reflexivity. } contradiction."?
[Thu Jul  4 13:15:41 2013] <elliott> discriminate
[Thu Jul  4 13:15:41 2013] <elliott> discriminate
[Thu Jul  4 13:15:50 2013] <elliott> uh, I think.
[Thu Jul  4 13:15:50 2013] <elliott> uh, I think.
[Thu Jul  4 13:16:09 2013] <elliott> wait, no.
[Thu Jul  4 13:16:09 2013] <elliott> wait, no.
[Thu Jul  4 13:16:22 2013] <elliott> nox: you can apply H; reflexivity at least, but I think there's a shorter way.
[Thu Jul  4 13:16:22 2013] <elliott> nox: you can apply H; reflexivity at least, but I think there's a shorter way.
[Thu Jul  4 13:16:39 2013] <elliott> exfalso; auto should do it too
[Thu Jul  4 13:16:39 2013] <elliott> exfalso; auto should do it too
[Thu Jul  4 13:17:31 2013] <nox> ok, that was nice; yet another tactic I didn't know about :)
[Thu Jul  4 13:17:31 2013] <nox> ok, that was nice; yet another tactic I didn't know about :)
[Thu Jul  4 13:19:35 2013] <nox> elliott: and slightly related, I have a hypothesis f x = true and I can assert that f x = false, how do I prove that it is a contradiction?
[Thu Jul  4 13:19:35 2013] <nox> elliott: and slightly related, I have a hypothesis f x = true and I can assert that f x = false, how do I prove that it is a contradiction?
[Thu Jul  4 13:19:55 2013] <elliott> ah, congruence handles x <> x
[Thu Jul  4 13:19:55 2013] <elliott> ah, congruence handles x <> x
[Thu Jul  4 13:20:08 2013] <elliott> and it should handle that case too I think?
[Thu Jul  4 13:20:08 2013] <elliott> and it should handle that case too I think?
[Thu Jul  4 13:20:15 2013] <nox> ok I will try
[Thu Jul  4 13:20:15 2013] <nox> ok I will try
[Thu Jul  4 13:21:06 2013] <nox> elliott: indeed, thank you!
[Thu Jul  4 13:21:06 2013] <nox> elliott: indeed, thank you!
[Thu Jul  4 13:21:13 2013] <elliott> :)
[Thu Jul  4 13:21:13 2013] <elliott> :)
[Thu Jul  4 13:22:02 2013] <nox> I'm learning Coq while trying to describe the semantics of Erlang
[Thu Jul  4 13:22:02 2013] <nox> I'm learning Coq while trying to describe the semantics of Erlang
[Thu Jul  4 13:22:44 2013] <elliott> ambitious!
[Thu Jul  4 13:22:44 2013] <elliott> ambitious!
[Thu Jul  4 13:23:12 2013] <nox> elliott: especially while being distracted by shiny things along the process
[Thu Jul  4 13:23:12 2013] <nox> elliott: especially while being distracted by shiny things along the process
[Thu Jul  4 13:25:22 2013] <nox> elliott: is there an assert tactic that automatically prove the subgoal with reflexivity?
[Thu Jul  4 13:25:22 2013] <nox> elliott: is there an assert tactic that automatically prove the subgoal with reflexivity?
[Thu Jul  4 13:26:24 2013] <elliott> you can "assert foo by reflexivity", but you should not need to use an assert here I think?
[Thu Jul  4 13:26:24 2013] <elliott> you can "assert foo by reflexivity", but you should not need to use an assert here I think?
[Thu Jul  4 14:03:49 2013] <qqpp> can I transform a P1 x > P2 x goal into P2 x < P1 x ?
[Thu Jul  4 14:03:49 2013] <qqpp> can I transform a P1 x > P2 x goal into P2 x < P1 x ?
[Thu Jul  4 14:08:12 2013] <ianjneu> yes.
[Thu Jul  4 14:08:12 2013] <ianjneu> yes.
[Thu Jul  4 14:09:40 2013] <qqpp> how do I do that?
[Thu Jul  4 14:09:40 2013] <qqpp> how do I do that?
[Thu Jul  4 14:11:06 2013] <ianjneu> Proof by induction, usually. I kid. Which numbers are you using?
[Thu Jul  4 14:11:06 2013] <ianjneu> Proof by induction, usually. I kid. Which numbers are you using?
[Thu Jul  4 14:12:10 2013] <ianjneu> Actually, unfold gt.
[Thu Jul  4 14:12:10 2013] <ianjneu> Actually, unfold gt.
[Thu Jul  4 14:14:27 2013] <qqpp> x is a real
[Thu Jul  4 14:14:27 2013] <qqpp> x is a real
[Thu Jul  4 14:19:42 2013] <ianjneu> okay. unfold Rgt.
[Thu Jul  4 14:19:42 2013] <ianjneu> okay. unfold Rgt.
[Thu Jul  4 14:25:03 2013] <qqpp> the goal remains P1 x > P2 x when I do that
[Thu Jul  4 14:25:03 2013] <qqpp> the goal remains P1 x > P2 x when I do that
[Thu Jul  4 14:28:55 2013] <qqpp> sorry it's actually  P2 x < P1 x  to P1 x > P2 x, so I tried Rlt and then it produces Error: Cannot coerce Rlt to an evaluable reference.
[Thu Jul  4 14:28:55 2013] <qqpp> sorry it's actually  P2 x < P1 x  to P1 x > P2 x, so I tried Rlt and then it produces Error: Cannot coerce Rlt to an evaluable reference.
[Thu Jul  4 14:32:51 2013] <ianjneu> fold Rgt?
[Thu Jul  4 14:32:51 2013] <ianjneu> fold Rgt?
[Thu Jul  4 14:33:23 2013] <qqpp> that doesn't seem to do anything
[Thu Jul  4 14:33:23 2013] <qqpp> that doesn't seem to do anything
[Thu Jul  4 14:34:20 2013] <ianjneu> If there's anything I learned from working with ACL2, it's never phrase theorems in terms of simple functions.
[Thu Jul  4 14:34:20 2013] <ianjneu> If there's anything I learned from working with ACL2, it's never phrase theorems in terms of simple functions.
[Thu Jul  4 14:34:33 2013] <ianjneu> simple being non-recursive.
[Thu Jul  4 14:34:33 2013] <ianjneu> simple being non-recursive.
[Thu Jul  4 14:35:30 2013] <ianjneu> You should just assert the implication, prove it with auto and then use the assertion.
[Thu Jul  4 14:35:30 2013] <ianjneu> You should just assert the implication, prove it with auto and then use the assertion.
[Thu Jul  4 14:42:26 2013] <qqpp> that's what I did before, can I use the hypothesis generated by assert more than one?
[Thu Jul  4 14:42:26 2013] <qqpp> that's what I did before, can I use the hypothesis generated by assert more than one?
[Thu Jul  4 15:02:32 2013] <ianjneu> qqpp: Sure. Make it a theorem.
[Thu Jul  4 15:02:32 2013] <ianjneu> qqpp: Sure. Make it a theorem.
[Thu Jul  4 15:10:24 2013] <qqpp> ok
[Thu Jul  4 15:10:24 2013] <qqpp> ok
[Thu Jul  4 15:11:42 2013] <qqpp> another thing, how does `do` work? what if I want to repeat a certain tactic twice? say assumption. assumption. assumption., can I shorten this?
[Thu Jul  4 15:11:42 2013] <qqpp> another thing, how does `do` work? what if I want to repeat a certain tactic twice? say assumption. assumption. assumption., can I shorten this?
[Thu Jul  4 15:14:21 2013] <qqpp> s/twice/three times
[Thu Jul  4 15:14:21 2013] <qqpp> s/twice/three times
[Thu Jul  4 15:16:32 2013] <ianjneu> qqpp: ya, do is "apply the following tactic n times" whereas repeat is "apply this tactic repeatedly until it fails."
[Thu Jul  4 15:16:32 2013] <ianjneu> qqpp: ya, do is "apply the following tactic n times" whereas repeat is "apply this tactic repeatedly until it fails."
[Thu Jul  4 15:16:58 2013] <ianjneu> both finish if they manage to prove the goal, though.
[Thu Jul  4 15:16:58 2013] <ianjneu> both finish if they manage to prove the goal, though.
[Thu Jul  4 15:17:21 2013] <qqpp> so would that be do 3 assumption.?
[Thu Jul  4 15:17:21 2013] <qqpp> so would that be do 3 assumption.?
[Thu Jul  4 15:18:13 2013] <ianjneu> like I said, you can't use do 3 assumption because the first one will succeed, stopping the next two from running.
[Thu Jul  4 15:18:13 2013] <ianjneu> like I said, you can't use do 3 assumption because the first one will succeed, stopping the next two from running.
[Thu Jul  4 15:19:04 2013] <qqpp> right
[Thu Jul  4 15:19:04 2013] <qqpp> right
[Thu Jul  4 15:19:32 2013] <ianjneu> It's something I wish coq would let me do, but there really isn't a way.
[Thu Jul  4 15:19:32 2013] <ianjneu> It's something I wish coq would let me do, but there really isn't a way.
[Thu Jul  4 15:19:52 2013] <qqpp> so there's nothing that allows you to apply the same tactic to multiple goals at once
[Thu Jul  4 15:19:52 2013] <qqpp> so there's nothing that allows you to apply the same tactic to multiple goals at once
[Thu Jul  4 15:20:13 2013] <ianjneu> You'd have to put after the goal that generates everything you'd want to solve with assumption, "try solve [assumption]."
[Thu Jul  4 15:20:13 2013] <ianjneu> You'd have to put after the goal that generates everything you'd want to solve with assumption, "try solve [assumption]."
[Thu Jul  4 15:20:15 2013] <qqpp> or consecutively rather
[Thu Jul  4 15:20:15 2013] <qqpp> or consecutively rather
[Thu Jul  4 15:20:42 2013] <ianjneu> qqpp: not true. You can use T0;T1 to apply T1 to all goals generated by T0.
[Thu Jul  4 15:20:42 2013] <ianjneu> qqpp: not true. You can use T0;T1 to apply T1 to all goals generated by T0.
[Thu Jul  4 15:21:27 2013] <ianjneu> You can also case split on all the goals generated by T0 (say there are n of them) by doing T0;[T1 | ... | Tn].
[Thu Jul  4 15:21:27 2013] <ianjneu> You can also case split on all the goals generated by T0 (say there are n of them) by doing T0;[T1 | ... | Tn].
[Thu Jul  4 15:22:30 2013] <qqpp> well I have a goal that is generated multiple times...
[Thu Jul  4 15:22:30 2013] <qqpp> well I have a goal that is generated multiple times...
[Thu Jul  4 15:23:21 2013] <qqpp> I tried to create a theorem for it but then I still get other goals I need to call assumption for and it doesn't actually reduce the size of the proof
[Thu Jul  4 15:23:21 2013] <qqpp> I tried to create a theorem for it but then I still get other goals I need to call assumption for and it doesn't actually reduce the size of the proof
[Thu Jul  4 15:23:28 2013] <ianjneu> Have you read Coq'art or Adam Chlipala's book on using Coq?
[Thu Jul  4 15:23:28 2013] <ianjneu> Have you read Coq'art or Adam Chlipala's book on using Coq?
[Thu Jul  4 15:25:57 2013] <qqpp> no
[Thu Jul  4 15:25:57 2013] <qqpp> no
[Thu Jul  4 15:29:49 2013] <ianjneu> qqpp: You might want to. Or perhaps Software Foundations by Pierce et. al. The latter two are free online.
[Thu Jul  4 15:29:49 2013] <ianjneu> qqpp: You might want to. Or perhaps Software Foundations by Pierce et. al. The latter two are free online.
[Thu Jul  4 15:31:53 2013] <qqpp> alright
[Thu Jul  4 15:31:53 2013] <qqpp> alright
[Thu Jul  4 15:31:57 2013] <qqpp> thanks for your help!
[Thu Jul  4 15:31:57 2013] <qqpp> thanks for your help!
[Thu Jul  4 15:54:02 2013] <lolcathost> Is there any tactic that, given "A, B : Type", "x : A" and "p : A = B", lets me conclude "x : B"?
[Thu Jul  4 15:54:02 2013] <lolcathost> Is there any tactic that, given "A, B : Type", "x : A" and "p : A = B", lets me conclude "x : B"?
[Thu Jul  4 15:54:22 2013] <tomprince> rewrite p in x. ?
[Thu Jul  4 15:54:22 2013] <tomprince> rewrite p in x. ?
[Thu Jul  4 15:54:30 2013] <lolcathost> Okay, thanks!
[Thu Jul  4 15:54:30 2013] <lolcathost> Okay, thanks!
[Thu Jul  4 15:54:39 2013] <tomprince> destruct p. ?
[Thu Jul  4 15:54:39 2013] <tomprince> destruct p. ?
[Fri Jul  5 03:04:02 2013] <Ptival> Saizan: well, lambdabot just gave me a message from one year and three months ago
[Fri Jul  5 03:04:02 2013] <Ptival> Saizan: well, lambdabot just gave me a message from one year and three months ago
[Fri Jul  5 03:04:09 2013] <Ptival> so that's useful to me now :)
[Fri Jul  5 03:04:09 2013] <Ptival> so that's useful to me now :)
[Fri Jul  5 03:05:20 2013] <elliott> * once saw someone ask how to send a message to someone with lambdabot, get notified they have new messages immediately after, and upon doing @messages their single message was from a year ago, saying "you use @tell"
[Fri Jul  5 03:05:20 2013] <elliott> * once saw someone ask how to send a message to someone with lambdabot, get notified they have new messages immediately after, and upon doing @messages their single message was from a year ago, saying "you use @tell"
[Fri Jul  5 03:05:32 2013] <elliott> that was the day I started believing in miracles
[Fri Jul  5 03:05:32 2013] <elliott> that was the day I started believing in miracles
[Fri Jul  5 03:31:49 2013] <Saizan> hah
[Fri Jul  5 03:31:49 2013] <Saizan> hah
[Fri Jul  5 03:50:16 2013] <Ptival> haha
[Fri Jul  5 03:50:17 2013] <Ptival> haha
[Fri Jul  5 19:25:32 2013] <ilyanok> Hi everybody. Is there a way to force Coq to put all parentheses explicitly?
[Fri Jul  5 19:25:32 2013] <ilyanok> Hi everybody. Is there a way to force Coq to put all parentheses explicitly?
[Fri Jul  5 23:00:31 2013] <tswett> Hrm. So I'd like to use Coq to define a miniature programming language. Each value in the language should have a type of the form LinearValue t, and LinearValue t should have the type Set, so that it can be extracted.
[Fri Jul  5 23:00:31 2013] <tswett> Hrm. So I'd like to use Coq to define a miniature programming language. Each value in the language should have a type of the form LinearValue t, and LinearValue t should have the type Set, so that it can be extracted.
[Fri Jul  5 23:01:28 2013] <tswett> t has type LinearType. One of the constructors for LinearType is Data : Set -> LinearType, and one of the constructors for LinearValue is wrap : forall {a : Set}, a -> LinearValue (Data a).
[Fri Jul  5 23:01:28 2013] <tswett> t has type LinearType. One of the constructors for LinearType is Data : Set -> LinearType, and one of the constructors for LinearValue is wrap : forall {a : Set}, a -> LinearValue (Data a).
[Fri Jul  5 23:01:34 2013] <tswett> Like so: http://pastie.org/8114496
[Fri Jul  5 23:01:34 2013] <tswett> Like so: http://pastie.org/8114496
[Fri Jul  5 23:03:22 2013] <tswett> But this gives me "Error: Large non-propositional inductive types must be in Type." on line 14.
[Fri Jul  5 23:03:22 2013] <tswett> But this gives me "Error: Large non-propositional inductive types must be in Type." on line 14.
[Fri Jul  5 23:04:20 2013] <tswett> Which, yeah, wrap depends on Set, so of course its type has to be in Type, not in Set. Is there any way to, like, make it be in Set anyway?
[Fri Jul  5 23:04:20 2013] <tswett> Which, yeah, wrap depends on Set, so of course its type has to be in Type, not in Set. Is there any way to, like, make it be in Set anyway?
[Sat Jul  6 06:16:58 2013] <osa1> I'm having trouble understanding `forall` keyword, what is different between `forall n : nat, n = n` and `fun n : nat => n = n` ?
[Sat Jul  6 06:16:58 2013] <osa1> I'm having trouble understanding `forall` keyword, what is different between `forall n : nat, n = n` and `fun n : nat => n = n` ?
[Sat Jul  6 06:20:07 2013] <Saizan> the latter is a type parametrized on 'n', the former is the propositions that says n = n holds for every choice of n
[Sat Jul  6 06:20:07 2013] <Saizan> the latter is a type parametrized on 'n', the former is the propositions that says n = n holds for every choice of n
[Sat Jul  6 06:48:35 2013] <osa1> Saizan: then how does that work: http://paste.tryhaskell.org/90708 here a value(a function) is applied to a 'proposition'? (in line 16)
[Sat Jul  6 06:48:35 2013] <osa1> Saizan: then how does that work: http://paste.tryhaskell.org/90708 here a value(a function) is applied to a 'proposition'? (in line 16)
[Sat Jul  6 06:54:13 2013] <Saizan> nat_rec is a value of type "forall n, ...", it's not "forall n, .." itself
[Sat Jul  6 06:54:13 2013] <Saizan> nat_rec is a value of type "forall n, ...", it's not "forall n, .." itself
[Sat Jul  6 06:54:36 2013] <Saizan> and value of that type are functions
[Sat Jul  6 06:54:36 2013] <Saizan> and value of that type are functions
[Sat Jul  6 06:55:19 2013] <Saizan> dependent functions, in particular
[Sat Jul  6 06:55:19 2013] <Saizan> dependent functions, in particular
[Sat Jul  6 06:58:08 2013] <Saizan> because if you want to prove "forall n : nat, P n" you need something that provides a proof of (P n) for every given n
[Sat Jul  6 06:58:08 2013] <Saizan> because if you want to prove "forall n : nat, P n" you need something that provides a proof of (P n) for every given n
[Sat Jul  6 06:58:50 2013] <Saizan> and in Coq you do that by a function which takes n as arugment and has P n as result
[Sat Jul  6 06:58:50 2013] <Saizan> and in Coq you do that by a function which takes n as arugment and has P n as result
[Sat Jul  6 06:59:00 2013] <Saizan> *and has a value of type P n as result
[Sat Jul  6 06:59:00 2013] <Saizan> *and has a value of type P n as result
[Sat Jul  6 06:59:35 2013] <Saizan> also, "A -> B" is the same as "forall _ : A, B"
[Sat Jul  6 06:59:35 2013] <Saizan> also, "A -> B" is the same as "forall _ : A, B"
[Sat Jul  6 07:00:32 2013] <Saizan> same reasoning, except the type of the result B is independent of the argument of type A
[Sat Jul  6 07:00:32 2013] <Saizan> same reasoning, except the type of the result B is independent of the argument of type A
[Sat Jul  6 07:08:44 2013] <osa1> Saizan: so there are two different uses of forall keyword, is that correct? one in type context and one in term context
[Sat Jul  6 07:08:44 2013] <osa1> Saizan: so there are two different uses of forall keyword, is that correct? one in type context and one in term context
[Sat Jul  6 07:08:56 2013] <osa1> in type context, it means type of a function
[Sat Jul  6 07:08:56 2013] <osa1> in type context, it means type of a function
[Sat Jul  6 07:12:39 2013] <Saizan> osa1: no
[Sat Jul  6 07:12:39 2013] <Saizan> osa1: no
[Sat Jul  6 07:12:47 2013] <Saizan> osa1: where are you seeing this difference?
[Sat Jul  6 07:12:47 2013] <Saizan> osa1: where are you seeing this difference?
[Sat Jul  6 07:12:59 2013] <osa1> [07:52] <Saizan> nat_rec is a value of type "forall n, ...", it's not "forall n, .." itself
[Sat Jul  6 07:12:59 2013] <osa1> [07:52] <Saizan> nat_rec is a value of type "forall n, ...", it's not "forall n, .." itself
[Sat Jul  6 07:13:31 2013] <Saizan> both those forall mean the same thing
[Sat Jul  6 07:13:31 2013] <Saizan> both those forall mean the same thing
[Sat Jul  6 07:13:58 2013] <Saizan> it's like saying "zero is a value of type "nat", it's not "nat" itself"
[Sat Jul  6 07:13:58 2013] <Saizan> it's like saying "zero is a value of type "nat", it's not "nat" itself"
[Sat Jul  6 07:15:06 2013] <Saizan> (maybe replace zero with O for concreteness)
[Sat Jul  6 07:15:06 2013] <Saizan> (maybe replace zero with O for concreteness)
[Sat Jul  6 07:17:28 2013] <osa1> Saizan: I think I get it. is that conversion of arrow types correct: http://paste.tryhaskell.org/90709 ?
[Sat Jul  6 07:17:28 2013] <osa1> Saizan: I think I get it. is that conversion of arrow types correct: http://paste.tryhaskell.org/90709 ?
[Sat Jul  6 07:17:39 2013] <Saizan> notice that "Check nat_rec." is giving you the type of nat_rec, not its definition
[Sat Jul  6 07:17:39 2013] <Saizan> notice that "Check nat_rec." is giving you the type of nat_rec, not its definition
[Sat Jul  6 07:18:12 2013] <Saizan> osa1: yeah
[Sat Jul  6 07:18:12 2013] <Saizan> osa1: yeah
[Sat Jul  6 07:20:17 2013] <osa1> Saizan: well it could be a lot easier to understand if `forall` syntax had been using -> instead of ,
[Sat Jul  6 07:20:17 2013] <osa1> Saizan: well it could be a lot easier to understand if `forall` syntax had been using -> instead of ,
[Sat Jul  6 07:28:32 2013] <Saizan> this syntax is taken quite directly from first order logic, in type theory something like (n : nat) -> P n is fairly common though
[Sat Jul  6 07:28:32 2013] <Saizan> this syntax is taken quite directly from first order logic, in type theory something like (n : nat) -> P n is fairly common though
[Sat Jul  6 13:26:31 2013] <tswett> I have a function apply : forall a b, LinearValue (Lolly a b) -> LinearValue a -> LinearValue b.
[Sat Jul  6 13:26:31 2013] <tswett> I have a function apply : forall a b, LinearValue (Lolly a b) -> LinearValue a -> LinearValue b.
[Sat Jul  6 13:26:55 2013] <tswett> Can I declare apply as a coercion, so that values of type LinearValue (Lolly a b) are automatically coerced to LinearValue a -> LinearValue b?
[Sat Jul  6 13:26:55 2013] <tswett> Can I declare apply as a coercion, so that values of type LinearValue (Lolly a b) are automatically coerced to LinearValue a -> LinearValue b?
[Sat Jul  6 13:46:35 2013] <elliott> Coercion apply : LinaerValue >-> Funclass or something
[Sat Jul  6 13:46:35 2013] <elliott> Coercion apply : LinaerValue >-> Funclass or something
[Sat Jul  6 13:46:38 2013] <elliott> might need to make a b implicit
[Sat Jul  6 13:46:38 2013] <elliott> might need to make a b implicit
[Sat Jul  6 15:26:45 2013] <thm_prover> I have a "| H: a = b |- Some a = Some b"
[Sat Jul  6 15:26:45 2013] <thm_prover> I have a "| H: a = b |- Some a = Some b"
[Sat Jul  6 15:26:52 2013] <thm_prover> without doing "rewrite H; reflexivity", how do I prove this?
[Sat Jul  6 15:26:52 2013] <thm_prover> without doing "rewrite H; reflexivity", how do I prove this?
[Sat Jul  6 15:26:57 2013] <thm_prover> I think there is a constructor tactic of some sort?
[Sat Jul  6 15:26:57 2013] <thm_prover> I think there is a constructor tactic of some sort?
[Sat Jul  6 15:27:01 2013] <thm_prover> I want to use that tactic (the constructor one)
[Sat Jul  6 15:27:01 2013] <thm_prover> I want to use that tactic (the constructor one)
[Sat Jul  6 15:27:06 2013] <thm_prover> but typing "constructor" gives me an error
[Sat Jul  6 15:27:06 2013] <thm_prover> but typing "constructor" gives me an error
[Sat Jul  6 15:38:21 2013] <elliott> f_equal
[Sat Jul  6 15:38:21 2013] <elliott> f_equal
[Sat Jul  6 15:47:36 2013] <thm_prover> noted, thanks
[Sat Jul  6 15:47:36 2013] <thm_prover> noted, thanks
[Sat Jul  6 16:53:34 2013] <jgross__> thm_prover: Other options include: [apply f_equal; reflexivity.]; [case H; reflexivity.]; [destruct H; reflexivity.]; [induction H; reflexivity.]; [subst; reflexivity.]; [exact match H with eq_refl => eq_refl end.]; [exact match H in _ = y return Some a = Some y with eq_refl => eq_refl end.].  In all of these instances (and your [rewrite H; reflexivity.] one), [reflexivity] can be replaced by [constructor]. 
[Sat Jul  6 16:53:34 2013] <jgross__> thm_prover: Other options include: [apply f_equal; reflexivity.]; [case H; reflexivity.]; [destruct H; reflexivity.]; [induction H; reflexivity.]; [subst; reflexivity.]; [exact match H with eq_refl => eq_refl end.]; [exact match H in _ = y return Some a = Some y with eq_refl => eq_refl end.].  In all of these instances (and your [rewrite H; reflexivity.] one), [reflexivity] can be replaced by [constructor].
[Tue Jul  9 16:14:59 2013] <thm_prover> How does the rewrite database work?
[Tue Jul  9 16:14:59 2013] <thm_prover> How does the rewrite database work?
[Tue Jul  9 16:15:09 2013] <thm_prover> is it basically jsut "anytime you can rewrite one of the following forms, rewrite it" ?
[Tue Jul  9 16:15:09 2013] <thm_prover> is it basically jsut "anytime you can rewrite one of the following forms, rewrite it" ?
[Tue Jul  9 16:15:13 2013] <thm_prover> is itused by anything besudes auto?
[Tue Jul  9 16:15:13 2013] <thm_prover> is itused by anything besudes auto?
[Tue Jul  9 16:20:36 2013] <thorsten`> is there some tactic to "unfold" some notation to its original meaning?
[Tue Jul  9 16:20:36 2013] <thorsten`> is there some tactic to "unfold" some notation to its original meaning?
[Tue Jul  9 16:22:00 2013] <Cale> unfold?
[Tue Jul  9 16:22:00 2013] <Cale> unfold?
[Tue Jul  9 16:22:18 2013] <elliott> unfold "+" or such?
[Tue Jul  9 16:22:18 2013] <elliott> unfold "+" or such?
[Tue Jul  9 16:22:23 2013] <thorsten`> yes
[Tue Jul  9 16:22:23 2013] <thorsten`> yes
[Tue Jul  9 16:22:33 2013] <elliott> that will unfold plus itself though
[Tue Jul  9 16:22:33 2013] <elliott> that will unfold plus itself though
[Tue Jul  9 16:22:43 2013] <elliott> I think you have to do Set Printing All. or whatever to just see the notations and nothing else
[Tue Jul  9 16:22:43 2013] <elliott> I think you have to do Set Printing All. or whatever to just see the notations and nothing else
[Tue Jul  9 16:23:02 2013] <elliott> since if it just unfolded the notation it'd do nothing because it'd get printed again in the notated form, I think
[Tue Jul  9 16:23:02 2013] <elliott> since if it just unfolded the notation it'd do nothing because it'd get printed again in the notated form, I think
[Tue Jul  9 16:23:16 2013] <elliott> unless it was set as parsing only or such in which case you wouldn't see it in the first place
[Tue Jul  9 16:23:16 2013] <elliott> unless it was set as parsing only or such in which case you wouldn't see it in the first place
[Tue Jul  9 16:24:02 2013] <thorsten`> it's just temporary so that i can unify two terms by hand
[Tue Jul  9 16:24:02 2013] <thorsten`> it's just temporary so that i can unify two terms by hand
[Tue Jul  9 16:24:46 2013] <Cale> thorsten`: The notations aren't "real"
[Tue Jul  9 16:24:46 2013] <Cale> thorsten`: The notations aren't "real"
[Tue Jul  9 16:24:58 2013] <Cale> yeah, you can turn off their display in coqide
[Tue Jul  9 16:24:58 2013] <Cale> yeah, you can turn off their display in coqide
[Tue Jul  9 16:25:11 2013] <Cale> or with that command
[Tue Jul  9 16:25:11 2013] <Cale> or with that command
[Tue Jul  9 16:25:15 2013] <thorsten`> how can i disable them? (only temporarily)
[Tue Jul  9 16:25:15 2013] <thorsten`> how can i disable them? (only temporarily)
[Tue Jul  9 16:25:34 2013] <thorsten`> "Set Printing All." does not seem to work (i'm using proofgeneral btw)
[Tue Jul  9 16:25:34 2013] <thorsten`> "Set Printing All." does not seem to work (i'm using proofgeneral btw)
[Tue Jul  9 16:25:37 2013] <Cale> View -> Display Notations
[Tue Jul  9 16:25:37 2013] <Cale> View -> Display Notations
[Tue Jul  9 16:25:39 2013] <Cale> oh
[Tue Jul  9 16:25:39 2013] <Cale> oh
[Tue Jul  9 16:25:45 2013] <Cale> I don't know in proofgeneral
[Tue Jul  9 16:25:45 2013] <Cale> I don't know in proofgeneral
[Tue Jul  9 16:25:55 2013] <Cale> But presumably it'd have something similar
[Tue Jul  9 16:25:55 2013] <Cale> But presumably it'd have something similar
[Tue Jul  9 16:26:56 2013] <elliott> thorsten`: Set Printing All. idtac.
[Tue Jul  9 16:26:56 2013] <elliott> thorsten`: Set Printing All. idtac.
[Tue Jul  9 16:27:00 2013] <elliott> you have to get it to refresh sometimes
[Tue Jul  9 16:27:00 2013] <elliott> you have to get it to refresh sometimes
[Tue Jul  9 16:27:13 2013] <elliott> or put Set Printing All. above your tactics and then back up before it and down to them again
[Tue Jul  9 16:27:14 2013] <elliott> or put Set Printing All. above your tactics and then back up before it and down to them again
[Tue Jul  9 16:31:48 2013] <thorsten`> ok, i got "Set Printing All". (there's a lot of stuff..). That's fine for me, thanks! :)
[Tue Jul  9 16:31:48 2013] <thorsten`> ok, i got "Set Printing All". (there's a lot of stuff..). That's fine for me, thanks! :)
[Tue Jul  9 16:34:23 2013] <elliott> :)
[Tue Jul  9 16:34:23 2013] <elliott> :)
[Tue Jul  9 16:34:34 2013] <elliott> thorsten`: if the notations are yours you can also just put ", parsing only" in their definitions temporarily
[Tue Jul  9 16:34:34 2013] <elliott> thorsten`: if the notations are yours you can also just put ", parsing only" in their definitions temporarily
[Tue Jul  9 16:35:11 2013] <thorsten`> yes, they are.
[Tue Jul  9 16:35:11 2013] <thorsten`> yes, they are.
[Tue Jul  9 21:02:02 2013] <thm_prover> this is purely for exploration and not actual proofs; is there a way to reorder the goals
[Tue Jul  9 21:02:02 2013] <thm_prover> this is purely for exploration and not actual proofs; is there a way to reorder the goals
[Tue Jul  9 21:02:08 2013] <thm_prover> i.e. I'm at goal 1/ 17
[Tue Jul  9 21:02:09 2013] <thm_prover> i.e. I'm at goal 1/ 17
[Tue Jul  9 21:02:19 2013] <thm_prover> however, I'd like to look at goals 3-5 because I think I can trivially solve them with automated techniques
[Tue Jul  9 21:02:19 2013] <thm_prover> however, I'd like to look at goals 3-5 because I think I can trivially solve them with automated techniques
[Wed Jul 10 04:11:11 2013] <thorsten`> in case anyone else is interested in the answer: Focus n. will switch to subgoal n
[Wed Jul 10 04:11:11 2013] <thorsten`> in case anyone else is interested in the answer: Focus n. will switch to subgoal n
[Wed Jul 10 16:50:20 2013] <holmes.freenode.net> [freenode-info] please register your nickname...don't forget to auto-identify! http://freenode.net/faq.shtml#nicksetup
[Thu Jul 11 06:55:57 2013] <thorsten`> how can define, that a Tactic Notation gets some (in my case arithmetic) term as a parameter?
[Thu Jul 11 06:55:57 2013] <thorsten`> how can define, that a Tactic Notation gets some (in my case arithmetic) term as a parameter?
[Thu Jul 11 07:02:41 2013] <robbert> thorsten`: Tactic Notation "foo" constr(H) := blaat
[Thu Jul 11 07:02:41 2013] <robbert> thorsten`: Tactic Notation "foo" constr(H) := blaat
[Thu Jul 11 07:55:42 2013] <thorsten`> robbert: thanks!
[Thu Jul 11 07:55:42 2013] <thorsten`> robbert: thanks!
[Fri Jul 12 19:32:32 2013] <ezyang> Hey folks, suppose I have match ??? with | con -> X; I'd like to simplify this to X, how can I do that?
[Fri Jul 12 19:32:32 2013] <ezyang> Hey folks, suppose I have match ??? with | con -> X; I'd like to simplify this to X, how can I do that?
[Fri Jul 12 19:33:06 2013] <ezyang> When I try to destruct ??? I get 'Abstracting over the terms "m" and "p" leads to a term "fun (m : myprod A B) (p : mymkprod (mypr1 m) (mypr2 m) = m) =>  match p in (_ = a) return (C a) with  | 1%path => g (mypr1 m) (mypr2 m)  end = g a b" which is ill-typed.'
[Fri Jul 12 19:33:07 2013] <ezyang> When I try to destruct ??? I get 'Abstracting over the terms "m" and "p" leads to a term "fun (m : myprod A B) (p : mymkprod (mypr1 m) (mypr2 m) = m) =>  match p in (_ = a) return (C a) with  | 1%path => g (mypr1 m) (mypr2 m)  end = g a b" which is ill-typed.'
[Fri Jul 12 19:34:11 2013] <intoverflow> can you use the replace tactic?
[Fri Jul 12 19:34:11 2013] <intoverflow> can you use the replace tactic?
[Fri Jul 12 19:34:28 2013] <ezyang> Hmm, let's give it a try
[Fri Jul 12 19:34:28 2013] <ezyang> Hmm, let's give it a try
[Fri Jul 12 19:37:13 2013] <ezyang> "Terms do not have convertible types"
[Fri Jul 12 19:37:13 2013] <ezyang> "Terms do not have convertible types"
[Fri Jul 12 19:39:49 2013] <intoverflow> is ??? something like "asdf = qwer" ?
[Fri Jul 12 19:39:49 2013] <intoverflow> is ??? something like "asdf = qwer" ?
[Fri Jul 12 19:40:31 2013] <intoverflow> comparing to https://sympa.inria.fr/sympa/arc/coq-club/2013-02/msg00041.html
[Fri Jul 12 19:40:31 2013] <intoverflow> comparing to https://sympa.inria.fr/sympa/arc/coq-club/2013-02/msg00041.html
[Fri Jul 12 19:40:50 2013] <ezyang> Yep, it's an equality type
[Fri Jul 12 19:40:50 2013] <ezyang> Yep, it's an equality type
[Fri Jul 12 19:40:59 2013] <elliott> you can try e.g. subst
[Fri Jul 12 19:40:59 2013] <elliott> you can try e.g. subst
[Fri Jul 12 19:42:46 2013] <ezyang> Oops, looks like subst doesn't work in HoTT Coq :)
[Fri Jul 12 19:42:46 2013] <ezyang> Oops, looks like subst doesn't work in HoTT Coq :)
[Fri Jul 12 19:44:08 2013] <elliott> when dealing with equalities you should always be mindful of the possibility that what you want is unprovable
[Fri Jul 12 19:44:08 2013] <elliott> when dealing with equalities you should always be mindful of the possibility that what you want is unprovable
[Fri Jul 12 19:46:01 2013] <Ptival> ezyang: are you sure it's not a dependent match in disguise?
[Fri Jul 12 19:46:01 2013] <Ptival> ezyang: are you sure it's not a dependent match in disguise?
[Fri Jul 12 19:46:12 2013] <ezyang> ...I /think/ my definition is right
[Fri Jul 12 19:46:12 2013] <ezyang> ...I /think/ my definition is right
[Fri Jul 12 19:46:21 2013] <ezyang> Oh, it is a dependent match, I forgot to mention that
[Fri Jul 12 19:46:21 2013] <ezyang> Oh, it is a dependent match, I forgot to mention that
[Fri Jul 12 19:47:45 2013] <Ptival> so yeah you probably need more care to perform the inversion
[Fri Jul 12 19:47:45 2013] <Ptival> so yeah you probably need more care to perform the inversion
[Fri Jul 12 19:47:55 2013] <Ptival> I was considering writing a blog post about that this week-end
[Fri Jul 12 19:47:55 2013] <Ptival> I was considering writing a blog post about that this week-end
[Fri Jul 12 19:48:11 2013] <Ptival> but maybe you're doing this in a setting more complex than the ones I'm used to
[Fri Jul 12 19:48:11 2013] <Ptival> but maybe you're doing this in a setting more complex than the ones I'm used to
[Fri Jul 12 19:48:20 2013] <Ptival> since HoTT :p
[Fri Jul 12 19:48:20 2013] <Ptival> since HoTT :p
[Fri Jul 12 19:48:28 2013] <ezyang> It is differently complex ;)
[Fri Jul 12 19:48:28 2013] <ezyang> It is differently complex ;)
[Fri Jul 12 19:51:17 2013] <Ptival> oh actually you mentioned it was a dependent match indirectly
[Fri Jul 12 19:51:17 2013] <Ptival> oh actually you mentioned it was a dependent match indirectly
[Fri Jul 12 19:51:22 2013] <Ptival> it's there in your error message
[Fri Jul 12 19:51:22 2013] <Ptival> it's there in your error message
[Fri Jul 12 19:51:22 2013] <ezyang> Hmm, maybe I can do this with univalence
[Fri Jul 12 19:51:22 2013] <ezyang> Hmm, maybe I can do this with univalence
[Fri Jul 12 19:51:29 2013] <ezyang> yeah
[Fri Jul 12 19:51:29 2013] <ezyang> yeah
[Fri Jul 12 19:54:22 2013] <Ptival> usually I solve these by using "dependent inversion" in the easy cases, and writing my own dependent-pattern-matching in the more complicated cases
[Fri Jul 12 19:54:22 2013] <Ptival> usually I solve these by using "dependent inversion" in the easy cases, and writing my own dependent-pattern-matching in the more complicated cases
[Fri Jul 12 19:54:35 2013] <Ptival> I'm actually trying to find ways to not do that for the more complicated
[Fri Jul 12 19:54:35 2013] <Ptival> I'm actually trying to find ways to not do that for the more complicated
[Fri Jul 12 19:54:41 2013] <Ptival> because it's extremely brittle
[Fri Jul 12 19:54:41 2013] <Ptival> because it's extremely brittle
[Fri Jul 12 19:54:56 2013] <Ptival> and just horrible in fact
[Fri Jul 12 19:54:56 2013] <Ptival> and just horrible in fact
[Fri Jul 12 19:55:05 2013] <elliott> there was some blog post about a more advanced destruction/inversion tactic going to be released?
[Fri Jul 12 19:55:05 2013] <elliott> there was some blog post about a more advanced destruction/inversion tactic going to be released?
[Fri Jul 12 19:58:24 2013] <Ptival> oh, yeah Thomas Braibant wrote about it
[Fri Jul 12 19:58:24 2013] <Ptival> oh, yeah Thomas Braibant wrote about it
[Fri Jul 12 19:58:51 2013] <Ptival> http://gallium.inria.fr/blog/a-new-Coq-tactic-for-inversion/
[Fri Jul 12 19:58:51 2013] <Ptival> http://gallium.inria.fr/blog/a-new-Coq-tactic-for-inversion/
[Fri Jul 12 20:00:42 2013] <elliott> yes
[Fri Jul 12 20:00:42 2013] <elliott> yes
[Fri Jul 12 20:53:12 2013] <thm_prover> When do I want to use "Transparent" vs "Hint Unfold" ?
[Fri Jul 12 20:53:12 2013] <thm_prover> When do I want to use "Transparent" vs "Hint Unfold" ?
[Fri Jul 12 21:00:54 2013] <thm_prover> how do I create a new hint database in Coq?
[Fri Jul 12 21:00:54 2013] <thm_prover> how do I create a new hint database in Coq?
[Fri Jul 12 21:02:09 2013] <ezyang> Hint ... : dbname.
[Fri Jul 12 21:02:09 2013] <ezyang> Hint ... : dbname.
[Fri Jul 12 21:14:00 2013] <thm_prover> Thanks, didn't realize databases were created by "adding a new entry to an empty database"
[Fri Jul 12 21:14:00 2013] <thm_prover> Thanks, didn't realize databases were created by "adding a new entry to an empty database"
[Fri Jul 12 22:11:08 2013] <acowley> That inver tactic looks great
[Fri Jul 12 22:11:08 2013] <acowley> That inver tactic looks great
[Fri Jul 12 22:11:17 2013] <acowley> s/inver/invert
[Fri Jul 12 22:11:17 2013] <acowley> s/inver/invert
[Fri Jul 12 22:11:22 2013] <acowley> Any updates since that blog post?
[Fri Jul 12 22:11:22 2013] <acowley> Any updates since that blog post?
[Sat Jul 13 00:09:51 2013] <ezyang> Hm, I have this mysterious situation where coq claims "no subterm matching"
[Sat Jul 13 00:09:51 2013] <ezyang> Hm, I have this mysterious situation where coq claims "no subterm matching"
[Sat Jul 13 00:10:06 2013] <ezyang> But I literally copy pasted the subterm into the equality that I'm trying to do the rewrite with
[Sat Jul 13 00:10:06 2013] <ezyang> But I literally copy pasted the subterm into the equality that I'm trying to do the rewrite with
[Sat Jul 13 00:10:12 2013] <ezyang> What other factors can cause this to fail?
[Sat Jul 13 00:10:12 2013] <ezyang> What other factors can cause this to fail?
[Sat Jul 13 00:10:21 2013] <tomprince> implicit arguments.
[Sat Jul 13 00:10:21 2013] <tomprince> implicit arguments.
[Sat Jul 13 00:10:31 2013] <ezyang> oh ho, very clever
[Sat Jul 13 00:10:31 2013] <ezyang> oh ho, very clever
[Sat Jul 13 00:11:57 2013] <ezyang> Hmm, no implicit parameters that I can see.
[Sat Jul 13 00:11:57 2013] <ezyang> Hmm, no implicit parameters that I can see.
[Sat Jul 13 00:15:31 2013] <ezyang> oh this is not fair
[Sat Jul 13 00:15:31 2013] <ezyang> oh this is not fair
[Sat Jul 13 00:15:47 2013] <ezyang> Coq is printing out a term that when I Check x it is rejecting as ill-typed
[Sat Jul 13 00:15:47 2013] <ezyang> Coq is printing out a term that when I Check x it is rejecting as ill-typed
[Sat Jul 13 00:19:03 2013] <tomprince> Well, 'Check' can have holes.
[Sat Jul 13 00:19:03 2013] <tomprince> Well, 'Check' can have holes.
[Sat Jul 13 00:22:31 2013] <copumpkin> https://dl.dropboxusercontent.com/u/361503/Your-Argument-is-Irrelephant.gif
[Sat Jul 13 00:22:31 2013] <copumpkin> https://dl.dropboxusercontent.com/u/361503/Your-Argument-is-Irrelephant.gif
[Sat Jul 13 05:01:46 2013] <ezyang> I wonder if there is a way to rewrite any proof script that uses rewrite into one that doesn't. Besides the degenerate methods.
[Sat Jul 13 05:01:46 2013] <ezyang> I wonder if there is a way to rewrite any proof script that uses rewrite into one that doesn't. Besides the degenerate methods.
[Sat Jul 13 05:22:16 2013] <ezyang> I find myself in a situation where I need to unfold to expose rewriting opportunities. Is there any easy way to automate this away? IIRC the Unfold database is for auto only.
[Sat Jul 13 05:22:16 2013] <ezyang> I find myself in a situation where I need to unfold to expose rewriting opportunities. Is there any easy way to automate this away? IIRC the Unfold database is for auto only.
[Sat Jul 13 06:01:42 2013] <ezyang> Oh, this can be stated very concisely
[Sat Jul 13 06:01:42 2013] <ezyang> Oh, this can be stated very concisely
[Sat Jul 13 06:02:01 2013] <ezyang> Given P : a = b |- C a = C b, prove this without using rewrite.
[Sat Jul 13 06:02:01 2013] <ezyang> Given P : a = b |- C a = C b, prove this without using rewrite.
[Sat Jul 13 06:03:11 2013] <ezyang> Aha, this is the 'ap' lemma.
[Sat Jul 13 06:03:11 2013] <ezyang> Aha, this is the 'ap' lemma.
[Sat Jul 13 06:03:37 2013] <elliott> ezyang: f_equal
[Sat Jul 13 06:03:37 2013] <elliott> ezyang: f_equal
[Sat Jul 13 06:03:42 2013] <elliott> at least in standard Coq
[Sat Jul 13 06:03:42 2013] <elliott> at least in standard Coq
[Sat Jul 13 06:03:46 2013] <elliott> both function and tactic
[Sat Jul 13 06:03:46 2013] <elliott> both function and tactic
[Sat Jul 13 06:03:55 2013] <elliott> I think the function is ap in HoTT. don't know if they use the tactic
[Sat Jul 13 06:03:55 2013] <elliott> I think the function is ap in HoTT. don't know if they use the tactic
[Sat Jul 13 06:05:35 2013] <ezyang> Got it.
[Sat Jul 13 06:05:35 2013] <ezyang> Got it.
[Sat Jul 13 06:23:15 2013] <ezyang> Hmm, I wonder, what about x = y -> x' = y' -> f x x' = f y y'
[Sat Jul 13 06:23:15 2013] <ezyang> Hmm, I wonder, what about x = y -> x' = y' -> f x x' = f y y'
[Sat Jul 13 06:23:26 2013] <ezyang> I guess... if you do it twice that should be enough?
[Sat Jul 13 06:23:26 2013] <ezyang> I guess... if you do it twice that should be enough?
[Sat Jul 13 06:25:27 2013] <elliott> f_equal handles that
[Sat Jul 13 06:25:27 2013] <elliott> f_equal handles that
[Sat Jul 13 06:25:33 2013] <elliott> it'll generate x = y and x' = y' as subgoals
[Sat Jul 13 06:25:33 2013] <elliott> it'll generate x = y and x' = y' as subgoals
[Sat Jul 13 06:26:00 2013] <elliott> basically it turns (f x = f' x') into (f = f') and (x = x') and recurses on the former and tries to solve as many as it can automatically
[Sat Jul 13 06:26:00 2013] <elliott> basically it turns (f x = f' x') into (f = f') and (x = x') and recurses on the former and tries to solve as many as it can automatically
[Sat Jul 13 06:28:45 2013] <ezyang> Hmmk.
[Sat Jul 13 06:28:45 2013] <ezyang> Hmmk.
[Sat Jul 13 06:30:15 2013] <ezyang> Why doesn't HoTT have an f_equal tactic :-(
[Sat Jul 13 06:30:15 2013] <ezyang> Why doesn't HoTT have an f_equal tactic :-(
[Sat Jul 13 06:32:12 2013] <elliott> perhaps "repeat apply ap." suffices? not sure if that'd work
[Sat Jul 13 06:32:12 2013] <elliott> perhaps "repeat apply ap." suffices? not sure if that'd work
[Sat Jul 13 06:32:45 2013] <ezyang> apply ap won't unify
[Sat Jul 13 06:32:45 2013] <ezyang> apply ap won't unify
[Sat Jul 13 06:32:56 2013] <ezyang> ohhhh
[Sat Jul 13 06:32:56 2013] <ezyang> ohhhh
[Sat Jul 13 06:33:02 2013] <ezyang> but maybe a different ap variant will work
[Sat Jul 13 06:33:02 2013] <ezyang> but maybe a different ap variant will work
[Sat Jul 13 06:33:48 2013] <ezyang> got it: ap11
[Sat Jul 13 06:33:48 2013] <ezyang> got it: ap11
[Sat Jul 13 06:34:39 2013] <elliott> * wonders what the 11 stands for
[Sat Jul 13 06:34:39 2013] <elliott> * wonders what the 11 stands for
[Sat Jul 13 06:34:53 2013] <elliott> oh, probably ap requires the same f and 11 has the f = f' part?
[Sat Jul 13 06:34:53 2013] <elliott> oh, probably ap requires the same f and 11 has the f = f' part?
[Sat Jul 13 06:37:47 2013] <ezyang> yeppers
[Sat Jul 13 06:37:47 2013] <ezyang> yeppers
[Sat Jul 13 06:37:50 2013] <ezyang> ap = ap01
[Sat Jul 13 06:37:50 2013] <ezyang> ap = ap01
[Sat Jul 13 06:44:01 2013] <ezyang> Hmmk
[Sat Jul 13 06:44:01 2013] <ezyang> Hmmk
[Sat Jul 13 06:44:21 2013] <ezyang> Now, let's see, we want to prove 'snd p = x' and we have 'p = (n, x)'
[Sat Jul 13 06:44:21 2013] <ezyang> Now, let's see, we want to prove 'snd p = x' and we have 'p = (n, x)'
[Sat Jul 13 06:44:32 2013] <ezyang> rewrite forbidden :^)
[Sat Jul 13 06:44:32 2013] <ezyang> rewrite forbidden :^)
[Sat Jul 13 06:44:54 2013] <ezyang> This sort of feels like I have to subst, and then apply.
[Sat Jul 13 06:44:54 2013] <ezyang> This sort of feels like I have to subst, and then apply.
[Sat Jul 13 06:46:44 2013] <ezyang> Did I say subst? I meant replace.
[Sat Jul 13 06:46:44 2013] <ezyang> Did I say subst? I meant replace.
[Sat Jul 13 06:54:28 2013] <ezyang> well, concat seems to have done the trick.
[Sat Jul 13 06:54:28 2013] <ezyang> well, concat seems to have done the trick.
[Sat Jul 13 06:55:48 2013] <elliott> ezyang: HoTT really doesn't allow you to rewrite a simple variable = expr?
[Sat Jul 13 06:55:49 2013] <elliott> ezyang: HoTT really doesn't allow you to rewrite a simple variable = expr?
[Sat Jul 13 06:55:57 2013] <elliott> maybe destruct or elim or some other such tactic on the equality?
[Sat Jul 13 06:55:57 2013] <elliott> maybe destruct or elim or some other such tactic on the equality?
[Sat Jul 13 06:56:05 2013] <elliott> once you do that it'd end up snd (n, x) = x
[Sat Jul 13 06:56:05 2013] <elliott> once you do that it'd end up snd (n, x) = x
[Sat Jul 13 06:56:08 2013] <elliott> which is definitionally equal
[Sat Jul 13 06:56:08 2013] <elliott> which is definitionally equal
[Sat Jul 13 06:56:58 2013] <ezyang> elliott: HoTT can rewrite
[Sat Jul 13 06:56:58 2013] <ezyang> elliott: HoTT can rewrite
[Sat Jul 13 06:57:18 2013] <ezyang> But they don't really like it; Coq generates terrible proof terms when you use rewrite.
[Sat Jul 13 06:57:18 2013] <ezyang> But they don't really like it; Coq generates terrible proof terms when you use rewrite.
[Sat Jul 13 06:57:26 2013] <ezyang> So I'm getting a feel for what things are like without rewrite.
[Sat Jul 13 06:57:26 2013] <ezyang> So I'm getting a feel for what things are like without rewrite.
[Sat Jul 13 06:58:24 2013] <ezyang> destructing on the equality doesn't seem to do anything
[Sat Jul 13 06:58:24 2013] <ezyang> destructing on the equality doesn't seem to do anything
[Sat Jul 13 07:00:17 2013] <elliott> right.
[Sat Jul 13 07:00:17 2013] <elliott> right.
[Sat Jul 13 07:00:39 2013] <elliott> sort of feel like Coq tactics are kind of at odds of the HoTT view of the world
[Sat Jul 13 07:00:39 2013] <elliott> sort of feel like Coq tactics are kind of at odds of the HoTT view of the world
[Sat Jul 13 07:00:41 2013] <elliott> vs. a more Agda type thing
[Sat Jul 13 07:00:41 2013] <elliott> vs. a more Agda type thing
[Sat Jul 13 07:02:25 2013] <ezyang> That's terrible. Coq tactics are awesome :-(
[Sat Jul 13 07:02:25 2013] <ezyang> That's terrible. Coq tactics are awesome :-(
[Sat Jul 13 07:04:38 2013] <Cale> Well, if you really care about *which* proof you're getting, then the fancier tactics are probably going to be annoying.
[Sat Jul 13 07:04:39 2013] <Cale> Well, if you really care about *which* proof you're getting, then the fancier tactics are probably going to be annoying.
[Sat Jul 13 07:05:15 2013] <Cale> Maybe it just requires more geometrically-inspired tactics... I'm not even sure what those would look like :)
[Sat Jul 13 07:05:15 2013] <Cale> Maybe it just requires more geometrically-inspired tactics... I'm not even sure what those would look like :)
[Sat Jul 13 07:06:26 2013] <ezyang> hee
[Sat Jul 13 07:06:26 2013] <ezyang> hee
[Sat Jul 13 07:06:57 2013] <ezyang> http://pastebin.com/trDAV2cA god I'm such a terrible person
[Sat Jul 13 07:06:57 2013] <ezyang> http://pastebin.com/trDAV2cA god I'm such a terrible person
[Sat Jul 13 07:07:04 2013] <ezyang> but Adamizing proofs is just too much fun
[Sat Jul 13 07:07:04 2013] <ezyang> but Adamizing proofs is just too much fun
[Sat Jul 13 07:08:40 2013] <elliott> I see more than one ".". you're clearly not trying hard enough.
[Sat Jul 13 07:08:40 2013] <elliott> I see more than one ".". you're clearly not trying hard enough.
[Sat Jul 13 07:09:39 2013] <ezyang> haha
[Sat Jul 13 07:09:39 2013] <ezyang> haha
[Sat Jul 13 07:12:58 2013] <ezyang> remind me, how do I add a global theorem to my context?
[Sat Jul 13 07:12:58 2013] <ezyang> remind me, how do I add a global theorem to my context?
[Sat Jul 13 07:13:12 2013] <elliott> um, "pose proof"?
[Sat Jul 13 07:13:13 2013] <elliott> um, "pose proof"?
[Sat Jul 13 07:13:17 2013] <elliott> depends why you're doing it
[Sat Jul 13 07:13:17 2013] <elliott> depends why you're doing it
[Sat Jul 13 07:13:28 2013] <ezyang> I have some automation which only looks in the context
[Sat Jul 13 07:13:28 2013] <ezyang> I have some automation which only looks in the context
[Sat Jul 13 07:13:38 2013] <ezyang> cheap and cheerful hint database
[Sat Jul 13 07:13:38 2013] <ezyang> cheap and cheerful hint database
[Sat Jul 13 07:14:27 2013] <elliott> :(
[Sat Jul 13 07:14:27 2013] <elliott> :(
[Sat Jul 13 07:14:43 2013] <elliott> this doesn't make me cheerful at all.
[Sat Jul 13 07:14:43 2013] <elliott> this doesn't make me cheerful at all.
[Sat Jul 13 09:01:20 2013] <jgross> ezyang: You should pull a more recent version of HoTT/HoTT.  I recently got an [f_ap] tactic merged which replaces [f_equal] (as far as I understand [f_equal], having never read the ml code). 
[Sat Jul 13 09:01:21 2013] <jgross> ezyang: You should pull a more recent version of HoTT/HoTT.  I recently got an [f_ap] tactic merged which replaces [f_equal] (as far as I understand [f_equal], having never read the ml code).
[Sat Jul 13 09:03:02 2013] <jgross> ezyang: Does [Goal forall A B (x y x' y' : A) (f : A -> B), x = y -> x' = y' -> f x x' = f y y'. intros. path_induction. reflexivity. Qed.] work? 
[Sat Jul 13 09:03:03 2013] <jgross> ezyang: Does [Goal forall A B (x y x' y' : A) (f : A -> B), x = y -> x' = y' -> f x x' = f y y'. intros. path_induction. reflexivity. Qed.] work?
[Sat Jul 13 09:07:57 2013] <jgross> ezyang: http://pastebin.com/trDAV2cA might be nicer with things like "transitivity (snd (mynat_rec' C c0 cs n))" (which seems to be approximattely what you're trying to do?). 
[Sat Jul 13 09:07:58 2013] <jgross> ezyang: http://pastebin.com/trDAV2cA might be nicer with things like "transitivity (snd (mynat_rec' C c0 cs n))" (which seems to be approximattely what you're trying to do?).
[Sat Jul 13 09:11:06 2013] <jgross> ezyang: [Check] might loop forever on a term if typeclass resolution has a loop and you haven't instantiated all the typeclasses.  Or if you [Set Printing All] and have so many terms that your pasting that Coq's parser or whatever stack overflows.  However, usually, if you [Set Printing All.], whatever output comes out should be [Check]able. (Perhaps [Set Printing Implicits. Unset Printing Notations.] would be sufficient?) 
[Sat Jul 13 09:11:06 2013] <jgross> ezyang: [Check] might loop forever on a term if typeclass resolution has a loop and you haven't instantiated all the typeclasses.  Or if you [Set Printing All] and have so many terms that your pasting that Coq's parser or whatever stack overflows.  However, usually, if you [Set Printing All.], whatever output comes out should be [Check]able. (Perhaps [Set Printing Implicits. Unset Printing Notations.] would be sufficient?)
[Sat Jul 13 09:14:09 2013] <jgross> I think the HoTT view of the world is that you most often care about which proofs you get when things are not mere propositions.  Once you've proven something to be a mere proposition (like equality of [nat]s), then you don't care anymore (unless you're doing fancy things and need your proofs to syntatically unify), and can [reqwrite] and [Qed] to your heart's content. 
[Sat Jul 13 09:14:10 2013] <jgross> I think the HoTT view of the world is that you most often care about which proofs you get when things are not mere propositions.  Once you've proven something to be a mere proposition (like equality of [nat]s), then you don't care anymore (unless you're doing fancy things and need your proofs to syntatically unify), and can [reqwrite] and [Qed] to your heart's content.
[Sat Jul 13 12:35:33 2013] <thorsten`> how can i tell "unfold" to unfold a fixpoint at most once?
[Sat Jul 13 12:35:33 2013] <thorsten`> how can i tell "unfold" to unfold a fixpoint at most once?
[Sat Jul 13 12:37:51 2013] <thorsten`> hm it seems "simpl" did it for my concrete case
[Sat Jul 13 12:37:51 2013] <thorsten`> hm it seems "simpl" did it for my concrete case
[Sat Jul 13 12:47:24 2013] <ezyang> throsten`: try manually cbv delta, perhaps, or lazy
[Sat Jul 13 12:47:24 2013] <ezyang> throsten`: try manually cbv delta, perhaps, or lazy
[Sat Jul 13 12:47:37 2013] <ezyang> jgross: Thanks! I will do so.
[Sat Jul 13 12:47:37 2013] <ezyang> jgross: Thanks! I will do so.
[Sat Jul 13 12:48:04 2013] <thorsten`> okey, i will look for those things.
[Sat Jul 13 12:48:04 2013] <thorsten`> okey, i will look for those things.
[Sat Jul 13 12:50:19 2013] <ezyang> jgross: So, have you made a true 'crush' tactic for HoTT proofs, yet? :)
[Sat Jul 13 12:50:19 2013] <ezyang> jgross: So, have you made a true 'crush' tactic for HoTT proofs, yet? :)
[Sat Jul 13 14:02:39 2013] <ezyang> When Set Printing Universes is on, what does this mean: http://pastebin.com/DtLDKSrM
[Sat Jul 13 14:02:39 2013] <ezyang> When Set Printing Universes is on, what does this mean: http://pastebin.com/DtLDKSrM
[Sat Jul 13 14:03:21 2013] <ezyang> I feel like it's a constraint of some sort
[Sat Jul 13 14:03:21 2013] <ezyang> I feel like it's a constraint of some sort
[Sat Jul 13 14:03:51 2013] <ezyang> But I don't recall how to read it.
[Sat Jul 13 14:03:51 2013] <ezyang> But I don't recall how to read it.
[Sat Jul 13 15:23:22 2013] <jgross> ezyang: I don't do arithmetic often; I've mostly worked in category theory.  I've made a more powerful variant of path_induction which will also remove equalities by, e.g., looking for ways to prove the equality equal to idpath via contractibility.  But no crush tactic. (I've never actually used crush, and only looked at it's definition briefly, so I don't know what exactly it can do.) 
[Sat Jul 13 15:23:23 2013] <jgross> ezyang: I don't do arithmetic often; I've mostly worked in category theory.  I've made a more powerful variant of path_induction which will also remove equalities by, e.g., looking for ways to prove the equality equal to idpath via contractibility.  But no crush tactic. (I've never actually used crush, and only looked at it's definition briefly, so I don't know what exactly it can do.)
[Sat Jul 13 15:24:24 2013] <ezyang> Well, the particulars of CPDT crush are not particularly important, since (as Adam says) you really ought to define your own tactic for your own developments
[Sat Jul 13 15:24:24 2013] <ezyang> Well, the particulars of CPDT crush are not particularly important, since (as Adam says) you really ought to define your own tactic for your own developments
[Sat Jul 13 15:24:25 2013] <jgross> ezyang: I think http://pastebin.com/DtLDKSrM means that your definition introduced or uses those two universes, and imposes no constraints between them.  (I think constraints get listed after the |=, or something.) 
[Sat Jul 13 15:24:26 2013] <jgross> ezyang: I think http://pastebin.com/DtLDKSrM means that your definition introduced or uses those two universes, and imposes no constraints between them.  (I think constraints get listed after the |=, or something.)
[Sat Jul 13 15:24:43 2013] <ezyang> jgross: OK, that's what I expected.
[Sat Jul 13 15:24:43 2013] <ezyang> jgross: OK, that's what I expected.
[Sat Jul 13 15:25:04 2013] <ezyang> HoTT-crush would just be some tactic which tries all of the "automatic" inferences HoTTheorists do :^)
[Sat Jul 13 15:25:04 2013] <ezyang> HoTT-crush would just be some tactic which tries all of the "automatic" inferences HoTTheorists do :^)
[Sat Jul 13 15:27:32 2013] <jgross> Well, I've been trying to figure out how to make IsTrunc typeclass resolution better (the first step was making all of their instances global, rather than local, which I think they did by accident, and I'm waiting for the pull request to be merged).  I haven't figured out a good way to classify "information flow", though, in such a way that typeclass resolution won't go around in circles. 
[Sat Jul 13 15:27:32 2013] <jgross> Well, I've been trying to figure out how to make IsTrunc typeclass resolution better (the first step was making all of their instances global, rather than local, which I think they did by accident, and I'm waiting for the pull request to be merged).  I haven't figured out a good way to classify "information flow", though, in such a way that typeclass resolution won't go around in circles.
[Sat Jul 13 15:29:53 2013] <jgross> I've also been trying to figure out if the [decide equality] tactic is definable in Ltac. 
[Sat Jul 13 15:29:53 2013] <jgross> I've also been trying to figure out if the [decide equality] tactic is definable in Ltac.
[Mon Jul 15 03:48:34 2013] <thm_prover> when I have a Hypothesis of the form "H: None = Some x"
[Mon Jul 15 03:48:34 2013] <thm_prover> when I have a Hypothesis of the form "H: None = Some x"
[Mon Jul 15 03:48:37 2013] <thm_prover> how do I derive "False" ?
[Mon Jul 15 03:48:37 2013] <thm_prover> how do I derive "False" ?
[Mon Jul 15 04:08:10 2013] <gdsfh> thm_prover: congruence or inversion H.
[Mon Jul 15 04:08:10 2013] <gdsfh> thm_prover: congruence or inversion H.
[Mon Jul 15 04:09:50 2013] <thm_prover> gdsfh: nice, thanks
[Mon Jul 15 04:09:50 2013] <thm_prover> gdsfh: nice, thanks
[Mon Jul 15 05:02:53 2013] <seliopou> looks like http://coq.inria.fr/ is down
[Mon Jul 15 05:02:53 2013] <seliopou> looks like http://coq.inria.fr/ is down
[Mon Jul 15 09:05:24 2013] <ryanakca> If I have a hypothesis of the form "Hypothesis h : (f A) = B", is there a way to tell Coq that something 'v : (f A)' can be used when it's expecting something of type B?
[Mon Jul 15 09:05:24 2013] <ryanakca> If I have a hypothesis of the form "Hypothesis h : (f A) = B", is there a way to tell Coq that something 'v : (f A)' can be used when it's expecting something of type B?
[Mon Jul 15 09:56:57 2013] <jonsterling> ryanakca: Can you just eliminate the hypothesis (induction h)?
[Mon Jul 15 09:56:57 2013] <jonsterling> ryanakca: Can you just eliminate the hypothesis (induction h)?
[Mon Jul 15 10:01:37 2013] <msrcptival> if I have two hypotheses dependent on the same variable (foo: Bar), is there a way to forget that they depend on the same foo?
[Mon Jul 15 10:01:37 2013] <msrcptival> if I have two hypotheses dependent on the same variable (foo: Bar), is there a way to forget that they depend on the same foo?
[Mon Jul 15 10:01:58 2013] <msrcptival> oh, rather, one occurence of foo is in my hypothesis, and one in my goal
[Mon Jul 15 10:01:58 2013] <msrcptival> oh, rather, one occurence of foo is in my hypothesis, and one in my goal
[Mon Jul 15 10:03:53 2013] <msrcptival> I might be able to pose an equality and forget it?
[Mon Jul 15 10:03:53 2013] <msrcptival> I might be able to pose an equality and forget it?
[Mon Jul 15 10:07:05 2013] <ryanakca> jonsterling: This is in the context of a "Definition a : C := ..." not type checking.
[Mon Jul 15 10:07:05 2013] <ryanakca> jonsterling: This is in the context of a "Definition a : C := ..." not type checking.
[Mon Jul 15 10:10:28 2013] <jonsterling> ryanakca: You should be able to coerce v across that equality either way, unless I am misunderstanding your problem...
[Mon Jul 15 10:10:28 2013] <jonsterling> ryanakca: You should be able to coerce v across that equality either way, unless I am misunderstanding your problem...
[Mon Jul 15 10:26:34 2013] <ryanakca> jonsterling: In short, is there a way to get around the need for eq_rect_r and eq_rect? See http://paste.debian.net/16179/ for an example of what I mean.
[Mon Jul 15 10:26:34 2013] <ryanakca> jonsterling: In short, is there a way to get around the need for eq_rect_r and eq_rect? See http://paste.debian.net/16179/ for an example of what I mean.
[Mon Jul 15 10:33:28 2013] <jonsterling> ryanakca: Oh, I see what you want... I think that would require equality reflection, something intentional type theories don't have. Unless I'm much mistaken, you're probably going to have to use one of the eq induction principles as you surmise.
[Mon Jul 15 10:33:28 2013] <jonsterling> ryanakca: Oh, I see what you want... I think that would require equality reflection, something intentional type theories don't have. Unless I'm much mistaken, you're probably going to have to use one of the eq induction principles as you surmise.
[Mon Jul 15 10:33:35 2013] <jonsterling> *intensional
[Mon Jul 15 10:33:35 2013] <jonsterling> *intensional
[Mon Jul 15 10:33:56 2013] <elliott> you can make the invocation shorter by using _ parameters though
[Mon Jul 15 10:33:56 2013] <elliott> you can make the invocation shorter by using _ parameters though
[Mon Jul 15 10:34:09 2013] <elliott> to omit (fun B => B)
[Mon Jul 15 10:34:09 2013] <elliott> to omit (fun B => B)
[Mon Jul 15 10:41:51 2013] <ryanakca> Is there any way to use a Coercion?
[Mon Jul 15 10:41:51 2013] <ryanakca> Is there any way to use a Coercion?
[Mon Jul 15 10:51:43 2013] <jonsterling> ryanakca: Well, if it is indeed possible, it would still result in more code than just the identity elimination.
[Mon Jul 15 10:51:43 2013] <jonsterling> ryanakca: Well, if it is indeed possible, it would still result in more code than just the identity elimination.
[Tue Jul 16 02:40:51 2013] <coq_newb_234> https://gist.github.com/anonymous/0b02f3ad30e154515b87
[Tue Jul 16 02:40:51 2013] <coq_newb_234> https://gist.github.com/anonymous/0b02f3ad30e154515b87
[Tue Jul 16 02:41:07 2013] <coq_newb_234> in this code sample, (1) why is no substitution happening? and (2) how can I force a substitution?
[Tue Jul 16 02:41:07 2013] <coq_newb_234> in this code sample, (1) why is no substitution happening? and (2) how can I force a substitution?
[Tue Jul 16 02:43:39 2013] <coq_newb_234> hmm
[Tue Jul 16 02:43:39 2013] <coq_newb_234> hmm
[Tue Jul 16 02:43:45 2013] <coq_newb_234> I think what I want is called a "beta" reduction
[Tue Jul 16 02:43:45 2013] <coq_newb_234> I think what I want is called a "beta" reduction
[Tue Jul 16 02:45:48 2013] <amosr> coq_newb_234: I don't know, but does just 'reflexivity' work? it tends to do a bit of simplification itself
[Tue Jul 16 02:45:48 2013] <amosr> coq_newb_234: I don't know, but does just 'reflexivity' work? it tends to do a bit of simplification itself
[Tue Jul 16 06:03:05 2013] <thm_prover> waht is the type of {_} + {_} ?
[Tue Jul 16 06:03:06 2013] <thm_prover> waht is the type of {_} + {_} ?
[Tue Jul 16 06:03:08 2013] <thm_prover> I know that it's a sumbool
[Tue Jul 16 06:03:08 2013] <thm_prover> I know that it's a sumbool
[Tue Jul 16 06:03:11 2013] <thm_prover> but I can't match it with ltac
[Tue Jul 16 06:03:11 2013] <thm_prover> but I can't match it with ltac
[Tue Jul 16 06:05:53 2013] <thm_prover> actually, this is what I'm really dealing with
[Tue Jul 16 06:05:53 2013] <thm_prover> actually, this is what I'm really dealing with
[Tue Jul 16 06:05:56 2013] <thm_prover> {a} + {b} + {c}
[Tue Jul 16 06:05:56 2013] <thm_prover> {a} + {b} + {c}
[Tue Jul 16 06:05:58 2013] <thm_prover> is this a sumbool
[Tue Jul 16 06:05:58 2013] <thm_prover> is this a sumbool
[Tue Jul 16 06:06:01 2013] <thm_prover> or is this something else?
[Tue Jul 16 06:06:01 2013] <thm_prover> or is this something else?
[Tue Jul 16 08:13:38 2013] <ryanakca> The_third_man: I'm not sure how to match it with ltac, but when I match it in regular definitions, I match for 'left EQ' and 'right NEQ'
[Tue Jul 16 08:13:38 2013] <ryanakca> The_third_man: I'm not sure how to match it with ltac, but when I match it in regular definitions, I match for 'left EQ' and 'right NEQ'
[Tue Jul 16 08:14:02 2013] <ryanakca> (assuming the sumbool is over equality, pick suitable names for the variables EQ and NEQ otherwise)
[Tue Jul 16 08:14:02 2013] <ryanakca> (assuming the sumbool is over equality, pick suitable names for the variables EQ and NEQ otherwise)
[Tue Jul 16 10:25:30 2013] <jgross> thm_prover: It should be a nested sumbool.  You can [Set Printing All.], or just [Unset Printing Notations.], to figure out what it is. 
[Tue Jul 16 10:25:30 2013] <jgross> thm_prover: It should be a nested sumbool.  You can [Set Printing All.], or just [Unset Printing Notations.], to figure out what it is.
[Tue Jul 16 10:26:21 2013] <jgross> thm_prover: It's possible that your problem is that ltac is picking the wrong scope for the notation.  Does matching ({_} + {_})%type rather than ({_} + {_}) work? 
[Tue Jul 16 10:26:21 2013] <jgross> thm_prover: It's possible that your problem is that ltac is picking the wrong scope for the notation.  Does matching ({_} + {_})%type rather than ({_} + {_}) work?
[Tue Jul 16 10:27:35 2013] <jgross> Oh, actually, nvm, I think there's a separate notation for [{_} + _]. So you have a sumbool inside, but a something else outside.  I don't recall what it's called, but [Unset Printing Notations.] will tell you. 
[Tue Jul 16 10:27:35 2013] <jgross> Oh, actually, nvm, I think there's a separate notation for [{_} + _]. So you have a sumbool inside, but a something else outside.  I don't recall what it's called, but [Unset Printing Notations.] will tell you.
[Tue Jul 16 12:22:20 2013] <prophile> hi - so I'm just starting to use coq, and I've come across what's probably an obvious beginner mistake: I have a subgoal beginning with an existential qualification, how do I 'select' a value?
[Tue Jul 16 12:22:20 2013] <prophile> hi - so I'm just starting to use coq, and I've come across what's probably an obvious beginner mistake: I have a subgoal beginning with an existential qualification, how do I 'select' a value?
[Tue Jul 16 12:30:38 2013] <jgross> prophile: exists <value you want to use>. 
[Tue Jul 16 12:30:38 2013] <jgross> prophile: exists <value you want to use>.
[Tue Jul 16 12:40:58 2013] <prophile> jgross: lovely, thanks
[Tue Jul 16 12:40:58 2013] <prophile> jgross: lovely, thanks
[Wed Jul 17 16:18:56 2013] <elliott> w/ 24
[Wed Jul 17 16:18:56 2013] <elliott> w/ 24
[Wed Jul 17 16:18:58 2013] <elliott> argh
[Wed Jul 17 16:18:58 2013] <elliott> argh
[Wed Jul 17 22:40:51 2013] <benl23> no, I
[Wed Jul 17 22:40:51 2013] <benl23> no, I
[Wed Jul 17 22:40:55 2013] <benl23> nevermind
[Wed Jul 17 22:40:55 2013] <benl23> nevermind
[Fri Jul 19 03:21:52 2013] <wagle> how important is the book coq'art to learning coq?
[Fri Jul 19 03:21:52 2013] <wagle> how important is the book coq'art to learning coq?
[Fri Jul 19 04:40:47 2013] <amosr> wagle: I have not read it yet, but have been meaning to get a copy. I've read most of ben pierce's software foundations course and a little bit of adam chlipala's cpdt
[Fri Jul 19 04:40:47 2013] <amosr> wagle: I have not read it yet, but have been meaning to get a copy. I've read most of ben pierce's software foundations course and a little bit of adam chlipala's cpdt
[Sun Jul 21 02:26:43 2013] <ezyang_> What is the SSReflect 'homepage'?
[Sun Jul 21 02:26:43 2013] <ezyang_> What is the SSReflect 'homepage'?
[Sun Jul 21 02:28:03 2013] <ezyang_> The mathematical-components page looks dead
[Sun Jul 21 02:28:03 2013] <ezyang_> The mathematical-components page looks dead
[Sun Jul 21 02:28:17 2013] <ezyang_> or maybe not?
[Sun Jul 21 02:28:17 2013] <ezyang_> or maybe not?
[Sun Jul 21 05:39:13 2013] <Ptival> ezyang_: nowadays, probably that one http://www.msr-inria.fr/projects/mathematical-components/ but it's really a mess :(
[Sun Jul 21 05:39:13 2013] <Ptival> ezyang_: nowadays, probably that one http://www.msr-inria.fr/projects/mathematical-components/ but it's really a mess :(
[Sun Jul 21 16:02:41 2013] <adams.freenode.net> [freenode-info] channel flooding and no channel staff around to help? Please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Wed Jul 24 08:40:01 2013] <basti_> hey people... how do i go about proving things in the field of complex numbers in coq?
[Wed Jul 24 08:40:01 2013] <basti_> hey people... how do i go about proving things in the field of complex numbers in coq?
[Wed Jul 24 08:40:16 2013] <basti_> there does not appear to be a library supplied
[Wed Jul 24 08:40:16 2013] <basti_> there does not appear to be a library supplied
[Wed Jul 24 08:40:46 2013] <basti_> i found something via google, but it appeared to be an incomplete and confusing package
[Wed Jul 24 08:40:46 2013] <basti_> i found something via google, but it appeared to be an incomplete and confusing package
[Wed Jul 24 08:40:58 2013] <basti_> ("c-corn")
[Wed Jul 24 08:40:58 2013] <basti_> ("c-corn")
[Wed Jul 24 08:42:04 2013] <basti_> of course, everything in coq is incomplete.
[Wed Jul 24 08:42:04 2013] <basti_> of course, everything in coq is incomplete.
[Wed Jul 24 08:42:05 2013] <Eelis> basti_: you could just use pairs of Rs from the stdlib
[Wed Jul 24 08:42:05 2013] <Eelis> basti_: you could just use pairs of Rs from the stdlib
[Wed Jul 24 08:42:38 2013] <Eelis> if there's no other package that has complex numbers yet
[Wed Jul 24 08:42:38 2013] <Eelis> if there's no other package that has complex numbers yet
[Wed Jul 24 08:43:13 2013] <basti_> no i can't ;) i need a few functions and their properties... I'm working with 3rd order polynomials...
[Wed Jul 24 08:43:13 2013] <basti_> no i can't ;) i need a few functions and their properties... I'm working with 3rd order polynomials...
[Wed Jul 24 08:43:40 2013] <basti_> so at least some exponentiation laws should be included
[Wed Jul 24 08:43:40 2013] <basti_> so at least some exponentiation laws should be included
[Wed Jul 24 08:45:14 2013] <Eelis> you can just assume what laws you need
[Wed Jul 24 08:45:15 2013] <Eelis> you can just assume what laws you need
[Wed Jul 24 08:49:53 2013] <basti_> hmm
[Wed Jul 24 08:49:53 2013] <basti_> hmm
[Wed Jul 24 10:01:46 2013] <robbert> Eelis: bah! If not careful, you assume something inconsistent
[Wed Jul 24 10:01:46 2013] <robbert> Eelis: bah! If not careful, you assume something inconsistent
[Wed Jul 24 10:03:35 2013] <robbert> basti_: are algebraic complex numbers sufficient? In case so, you may want to look at the work of Cyril Cohen (it may be part of Ssreflect).
[Wed Jul 24 10:03:35 2013] <robbert> basti_: are algebraic complex numbers sufficient? In case so, you may want to look at the work of Cyril Cohen (it may be part of Ssreflect).
[Wed Jul 24 10:03:47 2013] <basti_> i think so.
[Wed Jul 24 10:03:47 2013] <basti_> i think so.
[Wed Jul 24 10:06:50 2013] <Eelis> robbert: well i don't advocate assuming things carelessly :)
[Wed Jul 24 10:06:50 2013] <Eelis> robbert: well i don't advocate assuming things carelessly :)
[Wed Jul 24 10:10:27 2013] <robbert> basti_: http://coqfinitgroup.gforge.inria.fr/doc/complex.html
[Wed Jul 24 10:10:27 2013] <robbert> basti_: http://coqfinitgroup.gforge.inria.fr/doc/complex.html
[Wed Jul 24 10:29:01 2013] <basti_> thank you for your hints :)
[Wed Jul 24 10:29:01 2013] <basti_> thank you for your hints :)
[Thu Jul 25 00:59:48 2013] <wagle> are the paperback and hardback editions of coq'art the same or different?
[Thu Jul 25 00:59:48 2013] <wagle> are the paperback and hardback editions of coq'art the same or different?
[Thu Jul 25 10:39:12 2013] <kmicinski> When I use proj_1 on an element of {s | P x} I get a let (a,_) := ... in a, even when using compute.  Is this the expected behavior?
[Thu Jul 25 10:39:12 2013] <kmicinski> When I use proj_1 on an element of {s | P x} I get a let (a,_) := ... in a, even when using compute.  Is this the expected behavior?
[Thu Jul 25 10:39:28 2013] <kmicinski> (I assume it is, but I don't know what reduction I have to do, and therefore assume I must be misunderstanding something.)
[Thu Jul 25 10:39:28 2013] <kmicinski> (I assume it is, but I don't know what reduction I have to do, and therefore assume I must be misunderstanding something.)
[Thu Jul 25 10:40:51 2013] <rks`_> kmicinski: you probably want proj_sig1 or proj1_sig or something like that here, don't you?
[Thu Jul 25 10:40:51 2013] <rks`_> kmicinski: you probably want proj_sig1 or proj1_sig or something like that here, don't you?
[Thu Jul 25 10:40:57 2013] <rks`_> (I don't remember the exact name)
[Thu Jul 25 10:40:57 2013] <rks`_> (I don't remember the exact name)
[Thu Jul 25 10:42:07 2013] <elliott> kmicinski: what is ...?
[Thu Jul 25 10:42:07 2013] <elliott> kmicinski: what is ...?
[Thu Jul 25 10:43:01 2013] <kmicinski> yes, I'm using proj1. ... is the fixpoint which constructs the proof for that proposition
[Thu Jul 25 10:43:01 2013] <kmicinski> yes, I'm using proj1. ... is the fixpoint which constructs the proof for that proposition
[Thu Jul 25 10:43:15 2013] <kmicinski> in my case, it proves the final store from a bigstep semantics
[Thu Jul 25 10:43:15 2013] <kmicinski> in my case, it proves the final store from a bigstep semantics
[Thu Jul 25 10:43:25 2013] <kmicinski> I'm trying to extract the final store in Set, rather than pro
[Thu Jul 25 10:43:25 2013] <kmicinski> I'm trying to extract the final store in Set, rather than pro
[Thu Jul 25 10:43:50 2013] <kmicinski> (I'm using sig rather than exists because I want to do computation with them, rather than proofs.)
[Thu Jul 25 10:43:50 2013] <kmicinski> (I'm using sig rather than exists because I want to do computation with them, rather than proofs.)
[Thu Jul 25 10:45:44 2013] <kmicinski>  let (a, _) := exists_ending_state_bad1 [(0, 0), (1, 1)] in a
[Thu Jul 25 10:45:44 2013] <kmicinski>  let (a, _) := exists_ending_state_bad1 [(0, 0), (1, 1)] in a
[Thu Jul 25 10:45:47 2013] <kmicinski> is what I end up with
[Thu Jul 25 10:45:47 2013] <kmicinski> is what I end up with
[Thu Jul 25 10:45:51 2013] <kmicinski> I want to end up with just the list.
[Thu Jul 25 10:45:51 2013] <kmicinski> I want to end up with just the list.
[Thu Jul 25 10:46:07 2013] <kmicinski> I understand this is equivalent (I *think*), but is there another reduction that needs to be performed?
[Thu Jul 25 10:46:07 2013] <kmicinski> I understand this is equivalent (I *think*), but is there another reduction that needs to be performed?
[Thu Jul 25 10:47:27 2013] <elliott> if you do
[Thu Jul 25 10:47:27 2013] <elliott> if you do
[Thu Jul 25 10:47:28 2013] <elliott> unfold exists_ending_state_bad1.
[Thu Jul 25 10:47:28 2013] <elliott> unfold exists_ending_state_bad1.
[Thu Jul 25 10:47:34 2013] <elliott> what is the result?
[Thu Jul 25 10:47:34 2013] <elliott> what is the result?
[Thu Jul 25 10:54:07 2013] <kmicinski> I get "Cannot coerce exists_ending_state_bad1 to an evaluable reference."
[Thu Jul 25 10:54:07 2013] <kmicinski> I get "Cannot coerce exists_ending_state_bad1 to an evaluable reference."
[Thu Jul 25 10:54:15 2013] <kmicinski> This was basically where I got stuck
[Thu Jul 25 10:54:15 2013] <kmicinski> This was basically where I got stuck
[Thu Jul 25 10:55:19 2013] <kmicinski> (This most confuses me because I can do "Print exists_end...." and get what I'd expect.)
[Thu Jul 25 10:55:19 2013] <kmicinski> (This most confuses me because I can do "Print exists_end...." and get what I'd expect.)
[Thu Jul 25 10:55:53 2013] <elliott> uh, do you have some kind of weird notations?
[Thu Jul 25 10:55:54 2013] <elliott> uh, do you have some kind of weird notations?
[Thu Jul 25 10:56:34 2013] <kmicinski> hm... I don't believe I've added anything nonstandard: if that's what you're asking.  (I assume you think I may be clashing with Coq?)
[Thu Jul 25 10:56:34 2013] <kmicinski> hm... I don't believe I've added anything nonstandard: if that's what you're asking.  (I assume you think I may be clashing with Coq?)
[Thu Jul 25 10:57:02 2013] <elliott> well, that error confuses me. are you using proofgeneral or something? maybe exit and reopen and try again?
[Thu Jul 25 10:57:02 2013] <elliott> well, that error confuses me. are you using proofgeneral or something? maybe exit and reopen and try again?
[Thu Jul 25 10:57:28 2013] <kmicinski> Ah, yes indeed I am.  Thanks for the advice: I didn't think to check that and ProofGeneral does seem to be finicky sometimes :-)
[Thu Jul 25 10:57:28 2013] <kmicinski> Ah, yes indeed I am.  Thanks for the advice: I didn't think to check that and ProofGeneral does seem to be finicky sometimes :-)
[Thu Jul 25 10:59:23 2013] <kmicinski> Hm, restarting ProofGeneral does no good.
[Thu Jul 25 10:59:23 2013] <kmicinski> Hm, restarting ProofGeneral does no good.
[Thu Jul 25 10:59:38 2013] <kmicinski> I'll try googling more and perhaps post to coq-club if I find no solution.
[Thu Jul 25 10:59:38 2013] <kmicinski> I'll try googling more and perhaps post to coq-club if I find no solution.
[Thu Jul 25 11:01:37 2013] <kmicinski> Aw heck, it was a stupid mistake, I typed Qed rather than Defined, making the definition opaque!
[Thu Jul 25 11:01:37 2013] <kmicinski> Aw heck, it was a stupid mistake, I typed Qed rather than Defined, making the definition opaque!
[Thu Jul 25 11:01:52 2013] <elliott> oh!
[Thu Jul 25 11:01:52 2013] <elliott> oh!
[Thu Jul 25 11:01:53 2013] <elliott> duh
[Thu Jul 25 11:01:53 2013] <elliott> duh
[Thu Jul 25 11:01:56 2013] <elliott> that explains everything
[Thu Jul 25 11:01:56 2013] <elliott> that explains everything
[Thu Jul 25 11:02:13 2013] <kmicinski> Yeah, just a force of habit I guess.
[Thu Jul 25 11:02:13 2013] <kmicinski> Yeah, just a force of habit I guess.
[Thu Jul 25 11:03:45 2013] <kmicinski> Thanks for entertaining my questions, all.
[Thu Jul 25 11:03:45 2013] <kmicinski> Thanks for entertaining my questions, all.
[Thu Jul 25 14:26:57 2013] <jgross> Is there a way to get both the notation "p ^" and "p ^ q" working at the same time, if they're in different scopes? 
[Thu Jul 25 14:26:58 2013] <jgross> Is there a way to get both the notation "p ^" and "p ^ q" working at the same time, if they're in different scopes?
[Thu Jul 25 14:28:49 2013] <jgross> It only works if they're at the same level, right? 
[Thu Jul 25 14:28:49 2013] <jgross> It only works if they're at the same level, right?
[Thu Jul 25 19:22:06 2013] <osa1> does anyone have a PDF version of SF book?
[Thu Jul 25 19:22:06 2013] <osa1> does anyone have a PDF version of SF book?
[Fri Jul 26 08:55:39 2013] <robbert> does anyone know of any automatic support, or clever tricks, to easily define a total order on some inductive type (just the standard subterm order, something like derive Ord in Haskell does)
[Fri Jul 26 08:55:39 2013] <robbert> does anyone know of any automatic support, or clever tricks, to easily define a total order on some inductive type (just the standard subterm order, something like derive Ord in Haskell does)
[Fri Jul 26 17:37:14 2013] <osa1> is Reset command removed?
[Fri Jul 26 17:37:14 2013] <osa1> is Reset command removed?
[Fri Jul 26 18:45:35 2013] <Ptival> http://coq.inria.fr/distrib/V8.4/CHANGES Ctrl+F Reset
[Fri Jul 26 18:45:35 2013] <Ptival> http://coq.inria.fr/distrib/V8.4/CHANGES Ctrl+F Reset
[Fri Jul 26 19:48:24 2013] <morgan.freenode.net> [freenode-info] why register and identify? your IRC nick is how people know you. http://freenode.net/faq.shtml#nicksetup
[Sat Jul 27 11:44:58 2013] <osa1> I don't understand how can simpl tactic move the goal from `S n' * 0 = 0' to `n' * 0 = 0' .. how does that work??
[Sat Jul 27 11:44:59 2013] <osa1> I don't understand how can simpl tactic move the goal from `S n' * 0 = 0' to `n' * 0 = 0' .. how does that work??
[Sat Jul 27 11:47:08 2013] <elliott> presumably it turns into 0 + n' * 0 = 0 by reduction
[Sat Jul 27 11:47:09 2013] <elliott> presumably it turns into 0 + n' * 0 = 0 by reduction
[Sat Jul 27 11:47:17 2013] <elliott> and then 0 + n' * 0 turns into n' * 0 by reduction
[Sat Jul 27 11:47:17 2013] <elliott> and then 0 + n' * 0 turns into n' * 0 by reduction
[Sat Jul 27 11:50:38 2013] <osa1> elliott: "presumably it turns into 0 + n' * 0 = 0 by reduction" where is 0 + n' * 0 ?
[Sat Jul 27 11:50:39 2013] <osa1> elliott: "presumably it turns into 0 + n' * 0 = 0 by reduction" where is 0 + n' * 0 ?
[Sat Jul 27 11:52:05 2013] <elliott> I presume mult is defined so that S m * n = n + m * n
[Sat Jul 27 11:52:05 2013] <elliott> I presume mult is defined so that S m * n = n + m * n
[Sat Jul 27 11:52:18 2013] <elliott> therefore S n' * 0 = 0 + n' * 0
[Sat Jul 27 11:52:18 2013] <elliott> therefore S n' * 0 = 0 + n' * 0
[Sat Jul 27 11:52:27 2013] <elliott> and 0 + n' * 0 = n' * o because 0 + n = n
[Sat Jul 27 11:52:27 2013] <elliott> and 0 + n' * 0 = n' * o because 0 + n = n
[Sat Jul 27 11:52:29 2013] <elliott> *0
[Sat Jul 27 11:52:29 2013] <elliott> *0
[Sat Jul 27 11:54:25 2013] <osa1> hmm, that makes sense
[Sat Jul 27 11:54:25 2013] <osa1> hmm, that makes sense
[Sat Jul 27 11:54:31 2013] <osa1> thanks
[Sat Jul 27 11:54:32 2013] <osa1> thanks
[Sat Jul 27 11:54:41 2013] <osa1> (also, you're right about mult's definition)
[Sat Jul 27 11:54:41 2013] <osa1> (also, you're right about mult's definition)
[Sat Jul 27 11:58:34 2013] <elliott> :)
[Sat Jul 27 11:58:34 2013] <elliott> :)
[Sat Jul 27 12:09:37 2013] <osa1> am I missing something or does SF book really have some exercises that require use of previously defined proofs before teaching how to use previously defined proofs?
[Sat Jul 27 12:09:37 2013] <osa1> am I missing something or does SF book really have some exercises that require use of previously defined proofs before teaching how to use previously defined proofs?
[Sat Jul 27 18:09:56 2013] <osa1> is `replace a with b' same as `assert (a = b) as H' and then proving H ?
[Sat Jul 27 18:09:56 2013] <osa1> is `replace a with b' same as `assert (a = b) as H' and then proving H ?
[Sat Jul 27 18:42:39 2013] <osa1> is there a way to search in standard libraries? for example I'm looking for functions like is_odd : nat -> bool and is_even : nat -> bool
[Sat Jul 27 18:42:39 2013] <osa1> is there a way to search in standard libraries? for example I'm looking for functions like is_odd : nat -> bool and is_even : nat -> bool
[Sun Jul 28 11:09:27 2013] <Zedrikov> Ptival: I replied to your mail on Coqlist
[Sun Jul 28 11:09:27 2013] <Zedrikov> Ptival: I replied to your mail on Coqlist
[Sun Jul 28 11:11:12 2013] <Zedrikov> I think we do not have the same version of Coq, as I had to remove the " '{Denoted desc} " in your hvec'_ith definition.
[Sun Jul 28 11:11:12 2013] <Zedrikov> I think we do not have the same version of Coq, as I had to remove the " '{Denoted desc} " in your hvec'_ith definition.
[Sun Jul 28 11:12:45 2013] <Zedrikov> And I "cheated" as I did not start from your 166 line, but a little higher.
[Sun Jul 28 11:12:45 2013] <Zedrikov> And I "cheated" as I did not start from your 166 line, but a little higher.
[Sun Jul 28 11:19:11 2013] <Zedrikov> Ptival: are you still connected?
[Sun Jul 28 11:19:11 2013] <Zedrikov> Ptival: are you still connected?
[Sun Jul 28 11:27:09 2013] <Ptival> Zedrikov: yes
[Sun Jul 28 11:27:09 2013] <Ptival> Zedrikov: yes
[Sun Jul 28 11:27:13 2013] <Ptival> reading your answer now
[Sun Jul 28 11:27:13 2013] <Ptival> reading your answer now
[Sun Jul 28 11:27:24 2013] <Ptival> since the proof seems shorter, I am happy already :)
[Sun Jul 28 11:27:24 2013] <Ptival> since the proof seems shorter, I am happy already :)
[Sun Jul 28 11:28:55 2013] <Zedrikov> yes
[Sun Jul 28 11:28:55 2013] <Zedrikov> yes
[Sun Jul 28 11:29:08 2013] <Ptival> I have 8.3pl5 here so yeah, it's getting old
[Sun Jul 28 11:29:08 2013] <Ptival> I have 8.3pl5 here so yeah, it's getting old
[Sun Jul 28 11:32:50 2013] <Zedrikov> I think I am using 8.4, and my proof can be shortened by not defining P (thus writing directly the "change" with P inlined). That is not a great improvement though.
[Sun Jul 28 11:32:50 2013] <Zedrikov> I think I am using 8.4, and my proof can be shortened by not defining P (thus writing directly the "change" with P inlined). That is not a great improvement though.
[Sun Jul 28 11:45:03 2013] <Ptival> hmmm
[Sun Jul 28 11:45:03 2013] <Ptival> hmmm
[Sun Jul 28 11:45:13 2013] <Ptival> so if I just defined this thing, it would make everything easier>
[Sun Jul 28 11:45:13 2013] <Ptival> so if I just defined this thing, it would make everything easier>
[Sun Jul 28 11:45:14 2013] <Ptival> ?
[Sun Jul 28 11:45:14 2013] <Ptival> ?
[Sun Jul 28 11:46:04 2013] <Ptival> I see
[Sun Jul 28 11:46:04 2013] <Ptival> I see
[Sun Jul 28 11:58:56 2013] <Zedrikov> Ptival: so, will it help for your blog post?
[Sun Jul 28 11:58:56 2013] <Zedrikov> Ptival: so, will it help for your blog post?
[Sun Jul 28 12:00:44 2013] <Ptival> maybe I will reconsider the post :p
[Sun Jul 28 12:00:44 2013] <Ptival> maybe I will reconsider the post :p
[Sun Jul 28 12:00:56 2013] <Ptival> Zedrikov: so something I'm still missing is what case does
[Sun Jul 28 12:00:56 2013] <Ptival> Zedrikov: so something I'm still missing is what case does
[Sun Jul 28 12:01:03 2013] <Ptival> because destruct fails here
[Sun Jul 28 12:01:03 2013] <Ptival> because destruct fails here
[Sun Jul 28 12:02:05 2013] <Ptival> and it's weird how case turned a 'P natD ...' into a 'P boolD ...' for the bool case
[Sun Jul 28 12:02:05 2013] <Ptival> and it's weird how case turned a 'P natD ...' into a 'P boolD ...' for the bool case
[Sun Jul 28 12:04:17 2013] <Zedrikov> case is more low level than destruct.
[Sun Jul 28 12:04:17 2013] <Zedrikov> case is more low level than destruct.
[Sun Jul 28 12:05:04 2013] <Zedrikov> As far as I understand, "destruct" = "revert all hypothesis involving the destructured term; case term; intros all reverted hypothesis"
[Sun Jul 28 12:05:04 2013] <Zedrikov> As far as I understand, "destruct" = "revert all hypothesis involving the destructured term; case term; intros all reverted hypothesis"
[Sun Jul 28 12:06:38 2013] <Zedrikov> maybe that the "natD" inside of P is the problem.
[Sun Jul 28 12:06:38 2013] <Zedrikov> maybe that the "natD" inside of P is the problem.
[Sun Jul 28 12:08:05 2013] <Zedrikov> for the 'P natD' replaced into a 'P boolD' that is normal
[Sun Jul 28 12:08:05 2013] <Zedrikov> for the 'P natD' replaced into a 'P boolD' that is normal
[Sun Jul 28 12:09:05 2013] <Zedrikov> destruct on "t : term envD natD" has a consequence of replacing "natD" with "boolD" in some branches and "natD" in other, according to the inductive definition.
[Sun Jul 28 12:09:05 2013] <Zedrikov> destruct on "t : term envD natD" has a consequence of replacing "natD" with "boolD" in some branches and "natD" in other, according to the inductive definition.
[Sun Jul 28 12:10:17 2013] <Zedrikov> The heuristic of case/destruct is "generalize occurences as most as possible before destruct"
[Sun Jul 28 12:10:17 2013] <Zedrikov> The heuristic of case/destruct is "generalize occurences as most as possible before destruct"
[Sun Jul 28 12:10:58 2013] <Zedrikov> thus any occurence of "natD" will be generalized (as it is involved in the type dependences of t) before pattern matching.
[Sun Jul 28 12:10:58 2013] <Zedrikov> thus any occurence of "natD" will be generalized (as it is involved in the type dependences of t) before pattern matching.
[Sun Jul 28 12:11:43 2013] <Zedrikov> The difference between case and destruct is that 'case' won't generalize over hypothesis, whereas 'destruct' first does it.
[Sun Jul 28 12:11:43 2013] <Zedrikov> The difference between case and destruct is that 'case' won't generalize over hypothesis, whereas 'destruct' first does it.
[Sun Jul 28 12:11:54 2013] <Zedrikov> Most of the time 'destruct' is what you want.
[Sun Jul 28 12:11:54 2013] <Zedrikov> Most of the time 'destruct' is what you want.
[Sun Jul 28 12:12:43 2013] <Zedrikov> So when I said "my proof can be shortened by not defining P (thus writing directly the "change" with P inlined)", I was wrong.
[Sun Jul 28 12:12:43 2013] <Zedrikov> So when I said "my proof can be shortened by not defining P (thus writing directly the "change" with P inlined)", I was wrong.
[Sun Jul 28 12:13:00 2013] <Zedrikov> (as P contains an occurence of natD)
[Sun Jul 28 12:13:00 2013] <Zedrikov> (as P contains an occurence of natD)
[Sun Jul 28 12:13:14 2013] <Zedrikov> Ptival: does it answer some of your questions?
[Sun Jul 28 12:13:14 2013] <Zedrikov> Ptival: does it answer some of your questions?
[Sun Jul 28 12:14:38 2013] <Ptival> part of it yes
[Sun Jul 28 12:14:38 2013] <Ptival> part of it yes
[Sun Jul 28 12:15:43 2013] <Ptival> oh so the problem is that destruct catches the P := in context and tries to abstract over it
[Sun Jul 28 12:15:43 2013] <Ptival> oh so the problem is that destruct catches the P := in context and tries to abstract over it
[Sun Jul 28 12:16:26 2013] <Ptival> replacing the occurence of natD in it
[Sun Jul 28 12:16:26 2013] <Ptival> replacing the occurence of natD in it
[Sun Jul 28 12:16:28 2013] <Ptival> I see
[Sun Jul 28 12:16:28 2013] <Ptival> I see
[Sun Jul 28 12:16:40 2013] <Ptival> so in fact, I defined your P as a function earlier
[Sun Jul 28 12:16:40 2013] <Ptival> so in fact, I defined your P as a function earlier
[Sun Jul 28 12:16:48 2013] <Ptival> function that I can use in the definition of all_nats
[Sun Jul 28 12:16:48 2013] <Ptival> function that I can use in the definition of all_nats
[Sun Jul 28 12:17:09 2013] <Ptival> and which makes destruct behave like case, since now the definition isn't in the proof context
[Sun Jul 28 12:17:09 2013] <Ptival> and which makes destruct behave like case, since now the definition isn't in the proof context
[Sun Jul 28 12:17:13 2013] <Ptival> it's quite neat
[Sun Jul 28 12:17:13 2013] <Ptival> it's quite neat
[Sun Jul 28 12:32:42 2013] <Zedrikov> oh so the problem is that destruct catches the P := in context and tries to abstract over it ← Technically, it is not abstracted, but rather "let bound", that is, the goal is changed into a "let P := … in …", so there is no loss of information
[Sun Jul 28 12:32:42 2013] <Zedrikov> oh so the problem is that destruct catches the P := in context and tries to abstract over it ← Technically, it is not abstracted, but rather "let bound", that is, the goal is changed into a "let P := … in …", so there is no loss of information
[Sun Jul 28 12:35:57 2013] <Zedrikov> Oh, and I confirm that the natD inside of P is the problem. "Definition trick := natD." then "set (P := … fun (e:[[trick]]) => …" allows you to perform a "destruct t." instead of "case t."
[Sun Jul 28 12:35:57 2013] <Zedrikov> Oh, and I confirm that the natD inside of P is the problem. "Definition trick := natD." then "set (P := … fun (e:[[trick]]) => …" allows you to perform a "destruct t." instead of "case t."
[Sun Jul 28 13:06:57 2013] <Ptival> yes
[Sun Jul 28 13:06:57 2013] <Ptival> yes
[Sun Jul 28 13:07:04 2013] <Ptival> I answered on the list
[Sun Jul 28 13:07:04 2013] <Ptival> I answered on the list
[Sun Jul 28 13:07:06 2013] <Ptival> thanks!
[Sun Jul 28 13:07:06 2013] <Ptival> thanks!
[Sun Jul 28 13:12:40 2013] <Zedrikov> So, no blog post?
[Sun Jul 28 13:12:40 2013] <Zedrikov> So, no blog post?
[Sun Jul 28 16:00:05 2013] <Ptival> Zedrikov: not sure :\
[Sun Jul 28 16:00:05 2013] <Ptival> Zedrikov: not sure :\
[Sun Jul 28 16:00:07 2013] <Ptival> maybe
[Sun Jul 28 16:00:07 2013] <Ptival> maybe
[Sun Jul 28 16:01:07 2013] <Ptival> I kinda want to post so that when someone googles the error message, they can find explanations of the mechanism and examples of solutions
[Sun Jul 28 16:01:07 2013] <Ptival> I kinda want to post so that when someone googles the error message, they can find explanations of the mechanism and examples of solutions
[Sun Jul 28 16:01:37 2013] <Zedrikov> I never use your "dependant inversion" tactic.
[Sun Jul 28 16:01:37 2013] <Zedrikov> I never use your "dependant inversion" tactic.
[Sun Jul 28 16:01:59 2013] <Zedrikov> Mainly because I dislike the way inversion works.
[Sun Jul 28 16:01:59 2013] <Zedrikov> Mainly because I dislike the way inversion works.
[Sun Jul 28 16:02:13 2013] <Ptival> what do you not like?
[Sun Jul 28 16:02:13 2013] <Ptival> what do you not like?
[Sun Jul 28 16:02:26 2013] <Zedrikov> The generated term.
[Sun Jul 28 16:02:26 2013] <Zedrikov> The generated term.
[Sun Jul 28 16:02:31 2013] <Ptival> oh
[Sun Jul 28 16:02:31 2013] <Ptival> oh
[Sun Jul 28 16:02:52 2013] <Zedrikov> Often, it is easy to make things a lot cleaner by manually doing it.
[Sun Jul 28 16:02:52 2013] <Zedrikov> Often, it is easy to make things a lot cleaner by manually doing it.
[Sun Jul 28 16:03:09 2013] <Ptival> well usually when I care about the term I write it myself :s
[Sun Jul 28 16:03:09 2013] <Ptival> well usually when I care about the term I write it myself :s
[Sun Jul 28 16:03:30 2013] <Ptival> I guess that's why you use case :)
[Sun Jul 28 16:03:30 2013] <Ptival> I guess that's why you use case :)
[Sun Jul 28 16:03:34 2013] <Zedrikov> Yes, and I tend to always care about my terms ^^
[Sun Jul 28 16:03:34 2013] <Zedrikov> Yes, and I tend to always care about my terms ^^
[Sun Jul 28 16:03:49 2013] <Zedrikov> I also use destruct.
[Sun Jul 28 16:03:49 2013] <Zedrikov> I also use destruct.
[Sun Jul 28 16:04:14 2013] <Ptival> what are you working on that your terms matter?
[Sun Jul 28 16:04:14 2013] <Ptival> what are you working on that your terms matter?
[Sun Jul 28 16:04:30 2013] <Zedrikov> Nothing. It is just a game for me.
[Sun Jul 28 16:04:34 2013] <Zedrikov> Nothing. It is just a game for me.
[Sun Jul 28 16:04:47 2013] <Zedrikov> I do not like to produce terms I am unable to read.
[Sun Jul 28 16:04:59 2013] <Zedrikov> But that is rather personal.
[Sun Jul 28 16:05:23 2013] <Ptival> well, whatever floats your boat
[Sun Jul 28 16:05:32 2013] <Zedrikov> I don't think it is bad practice to use inversion. It is just that I don't like to do it.
[Sun Jul 28 16:05:34 2013] <Ptival> I've met all kinds of users
[Sun Jul 28 16:06:29 2013] <Zedrikov> And in your problem, I do not see the practical gain in using "dependant inversion".
[Sun Jul 28 16:06:55 2013] <Zedrikov> It seems my solution was about the same in length and idea.
[Sun Jul 28 16:07:04 2013] <Ptival> oh yeah there's not much difference
[Sun Jul 28 16:08:23 2013] <Zedrikov> Still, I always have hard time to figure out how to perform good inversion with dependant terms.
[Sun Jul 28 16:09:51 2013] <Zedrikov> I solved your problem, but had to spend some time on it. It is rather frustrating to find out that you still have the same difficulties as when you began. And the final solution often does not seem that hard.
[Sun Jul 28 16:09:51 2013] <Zedrikov> I solved your problem, but had to spend some time on it. It is rather frustrating to find out that you still have the same difficulties as when you began. And the final solution often does not seem that hard.
[Sun Jul 28 16:11:46 2013] <Zedrikov> So at first glance I thought that the solution you choosed was exactly the same "dependant inversion" as the wrong you used at start. In fact there was a difference which looks rather a minor one.
[Sun Jul 28 16:11:46 2013] <Zedrikov> So at first glance I thought that the solution you choosed was exactly the same "dependant inversion" as the wrong you used at start. In fact there was a difference which looks rather a minor one.
[Sun Jul 28 16:12:41 2013] <Zedrikov> Correcting such an error should be easy, but still I took some time to me.
[Sun Jul 28 16:12:41 2013] <Zedrikov> Correcting such an error should be easy, but still I took some time to me.
[Sun Jul 28 16:24:22 2013] <Ptival> yeah now that I look at the answer I wonder how come I did not try that
[Sun Jul 28 16:24:22 2013] <Ptival> yeah now that I look at the answer I wonder how come I did not try that
[Sun Jul 28 16:27:06 2013] <Ptival> I thought I would learn some magic hackery by asking this question, instead  I learned that I was being stupid :)
[Sun Jul 28 16:27:06 2013] <Ptival> I thought I would learn some magic hackery by asking this question, instead  I learned that I was being stupid :)
[Sun Jul 28 16:48:19 2013] <Zedrikov> Hey don't say that. That would mean I am stupid too…
[Sun Jul 28 16:48:19 2013] <Zedrikov> Hey don't say that. That would mean I am stupid too…
[Mon Jul 29 15:53:56 2013] <Ptival> huh, I find it very hard to use tactics with storng dependent types, let alone making the generated term nice :s
[Mon Jul 29 15:53:56 2013] <Ptival> huh, I find it very hard to use tactics with storng dependent types, let alone making the generated term nice :s
[Mon Jul 29 18:15:04 2013] <rmk0> anyone happen to know if any cryptographic ciphers have been developed in coq?
[Mon Jul 29 18:15:04 2013] <rmk0> anyone happen to know if any cryptographic ciphers have been developed in coq?
[Mon Jul 29 18:15:11 2013] <rmk0> or any typed theorem provers, for that matter
[Mon Jul 29 18:15:11 2013] <rmk0> or any typed theorem provers, for that matter
[Mon Jul 29 18:15:33 2013] <rmk0> suppose noone has a good way to get directly from those definitions to efficient C, currently
[Mon Jul 29 18:15:33 2013] <rmk0> suppose noone has a good way to get directly from those definitions to efficient C, currently
[Mon Jul 29 18:17:24 2013] <rmk0> by designed, i mean "formulated in coq (or another system), proved to be free of known classes of vulnerabilities, and then somehow extracted an implementation"
[Mon Jul 29 18:17:24 2013] <rmk0> by designed, i mean "formulated in coq (or another system), proved to be free of known classes of vulnerabilities, and then somehow extracted an implementation"
[Mon Jul 29 18:17:57 2013] <elliott> perhaps Galois' Cryptol is relevant to you, though it is not what you asked for.
[Mon Jul 29 18:17:57 2013] <elliott> perhaps Galois' Cryptol is relevant to you, though it is not what you asked for.
[Mon Jul 29 18:18:21 2013] <elliott> or at least, perhaps not quite directly
[Mon Jul 29 18:18:21 2013] <elliott> or at least, perhaps not quite directly
[Mon Jul 29 18:18:30 2013] <rmk0> it's not for anything i'm working on, to clarify. just curious
[Mon Jul 29 18:18:30 2013] <rmk0> it's not for anything i'm working on, to clarify. just curious
[Mon Jul 29 18:18:34 2013] <rmk0> * eyes cryptol
[Mon Jul 29 18:18:34 2013] <rmk0> * eyes cryptol
[Mon Jul 29 18:19:18 2013] <rmk0> that's more or less what i'd pictured
[Mon Jul 29 18:19:18 2013] <rmk0> that's more or less what i'd pictured
[Mon Jul 29 18:19:43 2013] <elliott> yes, perhaps it is closer than I thought
[Mon Jul 29 18:19:43 2013] <elliott> yes, perhaps it is closer than I thought
[Mon Jul 29 18:20:07 2013] <elliott> http://corp.galois.com/blog/category/cryptol has stuff.
[Mon Jul 29 18:20:07 2013] <elliott> http://corp.galois.com/blog/category/cryptol has stuff.
[Mon Jul 29 18:20:28 2013] <elliott> it is also at least slightly dependently-typed, IIRC
[Mon Jul 29 18:20:28 2013] <elliott> it is also at least slightly dependently-typed, IIRC
[Mon Jul 29 18:21:27 2013] <rmk0> glad someone's at least trying it
[Mon Jul 29 18:21:28 2013] <rmk0> glad someone's at least trying it
[Tue Jul 30 03:04:15 2013] <SrPx> A language with dependent types may include references to programs inside of types. For instance, the type of an array might include a program expression giving the size of the array, making it possible to verify absence of out-of-bounds accesses statically.
[Tue Jul 30 03:04:15 2013] <SrPx> A language with dependent types may include references to programs inside of types. For instance, the type of an array might include a program expression giving the size of the array, making it possible to verify absence of out-of-bounds accesses statically.
[Tue Jul 30 03:04:16 2013] <SrPx> :O
[Tue Jul 30 03:04:16 2013] <SrPx> :O
[Tue Jul 30 03:16:51 2013] <amosr> SrPx: cool huh?
[Tue Jul 30 03:16:51 2013] <amosr> SrPx: cool huh?
[Tue Jul 30 14:24:33 2013] <kmicinski> I want to write a match, but inside the match, I want to know something about the value, which sounds like a dependent match.
[Tue Jul 30 14:24:33 2013] <kmicinski> I want to write a match, but inside the match, I want to know something about the value, which sounds like a dependent match.
[Tue Jul 30 14:25:13 2013] <kmicinski> e.g., match e with | C x => ??? | D x => ??? end.  I want ??? to be a proof that e = C x
[Tue Jul 30 14:25:13 2013] <kmicinski> e.g., match e with | C x => ??? | D x => ??? end.  I want ??? to be a proof that e = C x
[Tue Jul 30 14:25:21 2013] <ianjneu> kmicinski: Chipala's book CPDT has patterns for that.
[Tue Jul 30 14:25:21 2013] <ianjneu> kmicinski: Chipala's book CPDT has patterns for that.
[Tue Jul 30 14:25:43 2013] <kmicinski> does it?  I thought I'd read through and none applied, but I will read again.
[Tue Jul 30 14:25:43 2013] <kmicinski> does it?  I thought I'd read through and none applied, but I will read again.
[Tue Jul 30 14:25:50 2013] <kmicinski> thanks, will check.
[Tue Jul 30 14:25:50 2013] <kmicinski> thanks, will check.
[Tue Jul 30 14:25:54 2013] <ianjneu> It's call the convey pattern
[Tue Jul 30 14:25:54 2013] <ianjneu> It's call the convey pattern
[Tue Jul 30 14:25:58 2013] <ianjneu> convoy*
[Tue Jul 30 14:25:58 2013] <ianjneu> convoy*
[Tue Jul 30 14:26:04 2013] <kmicinski> Ah, okay, thanks for the pointer!
[Tue Jul 30 14:26:04 2013] <kmicinski> Ah, okay, thanks for the pointer!
[Tue Jul 30 14:26:38 2013] <kmicinski> Thanks!  I see it now.
[Tue Jul 30 14:26:38 2013] <kmicinski> Thanks!  I see it now.
[Tue Jul 30 14:31:27 2013] <Ptival> yeah it's there everywhere
[Tue Jul 30 14:31:27 2013] <Ptival> yeah it's there everywhere
[Tue Jul 30 14:32:06 2013] <Ptival> match e as _e return e = _e -> _ with C x => fun EQ => ... end (eq_refl e)
[Tue Jul 30 14:32:06 2013] <Ptival> match e as _e return e = _e -> _ with C x => fun EQ => ... end (eq_refl e)
[Tue Jul 30 14:34:38 2013] <kmicinski> Damn, guess I haven't read that in a while.  It definitely struck me as something I'd seen in CPDT, so I probably should have checked first.
[Tue Jul 30 14:34:38 2013] <kmicinski> Damn, guess I haven't read that in a while.  It definitely struck me as something I'd seen in CPDT, so I probably should have checked first.
[Tue Jul 30 14:36:23 2013] <Ptival> yeah it's used all over in CPDT
[Tue Jul 30 14:36:23 2013] <Ptival> yeah it's used all over in CPDT
[Tue Jul 30 14:36:31 2013] <Ptival> it's fairly common with dependent types
[Tue Jul 30 14:36:31 2013] <Ptival> it's fairly common with dependent types
[Tue Jul 30 14:36:59 2013] <kmicinski> Right, I understand that it would definitely be something you want
[Tue Jul 30 14:36:59 2013] <kmicinski> Right, I understand that it would definitely be something you want
[Tue Jul 30 14:37:11 2013] <kmicinski> especially since I use it quite a bit and have to hack it up each time.
[Tue Jul 30 14:37:11 2013] <kmicinski> especially since I use it quite a bit and have to hack it up each time.
[Tue Jul 30 21:12:22 2013] <kmicinski> I feel the fact I want to do this implies there's something I'm not understanding, but is it possible to show Coq assignments to existential variables from (e.g.,) eapply?
[Tue Jul 30 21:12:22 2013] <kmicinski> I feel the fact I want to do this implies there's something I'm not understanding, but is it possible to show Coq assignments to existential variables from (e.g.,) eapply?
[Tue Jul 30 21:13:01 2013] <kmicinski> e.g., if I have as a hypothesis something x and a goal something ?234
[Tue Jul 30 21:13:01 2013] <kmicinski> e.g., if I have as a hypothesis something x and a goal something ?234
[Tue Jul 30 21:13:36 2013] <kmicinski> and I want to say "?234 := x".  I assume the fact that nothing works implies that I'm misunderstanding these placeholders.
[Tue Jul 30 21:13:36 2013] <kmicinski> and I want to say "?234 := x".  I assume the fact that nothing works implies that I'm misunderstanding these placeholders.
[Tue Jul 30 21:15:34 2013] <kmicinski> (I should say, that doing an "apply H", for example, doesn't work with a unification failure.)
[Tue Jul 30 21:15:34 2013] <kmicinski> (I should say, that doing an "apply H", for example, doesn't work with a unification failure.)
[Tue Jul 30 21:17:13 2013] <elliott> try "eapply" and such?
[Tue Jul 30 21:17:13 2013] <elliott> try "eapply" and such?
[Tue Jul 30 21:17:39 2013] <kmicinski> Hm, I got these metavariables from eapply
[Tue Jul 30 21:17:39 2013] <kmicinski> Hm, I got these metavariables from eapply
[Tue Jul 30 21:18:44 2013] <kmicinski> the FAQ hints at a solution: eapply might choose the wrong thing, and suggests using try solve [ ... ]
[Tue Jul 30 21:18:44 2013] <kmicinski> the FAQ hints at a solution: eapply might choose the wrong thing, and suggests using try solve [ ... ]
[Tue Jul 30 21:19:39 2013] <kmicinski> (actually, I get them from refine...)
[Tue Jul 30 21:19:39 2013] <kmicinski> (actually, I get them from refine...)
[Tue Jul 30 21:53:45 2013] <kmicinski> Ah, my problem is that I was changing the environment before trying to instantiate, an obviously bad thing.
[Tue Jul 30 21:53:45 2013] <kmicinski> Ah, my problem is that I was changing the environment before trying to instantiate, an obviously bad thing.
[Wed Jul 31 02:47:45 2013] <Ptival> yeah you cannot instantiate existentials with variables that have appeared by manipulations later than the existential's creation
[Wed Jul 31 02:47:46 2013] <Ptival> yeah you cannot instantiate existentials with variables that have appeared by manipulations later than the existential's creation
[Wed Jul 31 02:48:08 2013] <Ptival> because obviously the value needs to exist at the moment the existential is introduced
[Wed Jul 31 02:48:08 2013] <Ptival> because obviously the value needs to exist at the moment the existential is introduced
[Wed Jul 31 05:03:47 2013] <gdsfh> hello.  I've got tired writing and debugging some highly-imperative (because of performance constraints) code, so I decided to write it in Coq, proving its properties.
[Wed Jul 31 05:03:47 2013] <gdsfh> hello.  I've got tired writing and debugging some highly-imperative (because of performance constraints) code, so I decided to write it in Coq, proving its properties.
[Wed Jul 31 05:03:57 2013] <gdsfh> The whole idea of this code is: I have 3 arrays, I'm blitting from 1st array to 2nd and then from 2nd to 3rd, I have to minimize count and number of copied elements from 1st to 2nd array
[Wed Jul 31 05:03:57 2013] <gdsfh> The whole idea of this code is: I have 3 arrays, I'm blitting from 1st array to 2nd and then from 2nd to 3rd, I have to minimize count and number of copied elements from 1st to 2nd array
[Wed Jul 31 05:04:05 2013] <gdsfh> (while sometimes it's better to copy more elements to reduce the count of copy-command), and 3rd array should "receive" elements in the same order as they are in 1st array.  (so 2nd array is a buffer.)
[Wed Jul 31 05:04:05 2013] <gdsfh> (while sometimes it's better to copy more elements to reduce the count of copy-command), and 3rd array should "receive" elements in the same order as they are in 1st array.  (so 2nd array is a buffer.)
[Wed Jul 31 05:04:11 2013] <gdsfh> I need to reason about order (if 1st array contains [| 1; 2; 3 |], 3rd array "requested" 2 elements then 1 element, it should get [| 1; 2 |] and [| 3 |]).
[Wed Jul 31 05:04:11 2013] <gdsfh> I need to reason about order (if 1st array contains [| 1; 2; 3 |], 3rd array "requested" 2 elements then 1 element, it should get [| 1; 2 |] and [| 3 |]).
[Wed Jul 31 05:04:12 2013] <gdsfh> I need to prove that blits will respect arrays' sizes, and no uninitialized elements will be copied ever.  How will you suggest me to approach this problem?
[Wed Jul 31 05:04:12 2013] <gdsfh> I need to prove that blits will respect arrays' sizes, and no uninitialized elements will be copied ever.  How will you suggest me to approach this problem?
[Wed Jul 31 05:05:22 2013] <gdsfh> so, I'm planning to write code in Coq and then translate it to OCaml.
[Wed Jul 31 05:05:22 2013] <gdsfh> so, I'm planning to write code in Coq and then translate it to OCaml.
[Wed Jul 31 05:06:19 2013] <gdsfh> I understand that state of all arrays will be represented as some kind of { arr : list (option A) ; len : nat }.  It will be explicitely passed everywhere.
[Wed Jul 31 05:06:19 2013] <gdsfh> I understand that state of all arrays will be represented as some kind of { arr : list (option A) ; len : nat }.  It will be explicitely passed everywhere.
[Wed Jul 31 05:06:50 2013] <gdsfh> maybe I need some kind of regions with initialized data bound to each array.
[Wed Jul 31 05:06:50 2013] <gdsfh> maybe I need some kind of regions with initialized data bound to each array.
[Wed Jul 31 05:17:57 2013] <sgnb> gdsfh: I don't understand the substance of your problem... what is the 2nd array for?
[Wed Jul 31 05:17:57 2013] <sgnb> gdsfh: I don't understand the substance of your problem... what is the 2nd array for?
[Wed Jul 31 05:27:05 2013] <gdsfh> sgnb: 1st array is a file, 2nd array is a buffer, 3rd array is "consumer".
[Wed Jul 31 05:27:05 2013] <gdsfh> sgnb: 1st array is a file, 2nd array is a buffer, 3rd array is "consumer".
[Wed Jul 31 05:27:57 2013] <gdsfh> I have some knowledge about data stored in file, so I know how to cache it better than OS does.
[Wed Jul 31 05:27:57 2013] <gdsfh> I have some knowledge about data stored in file, so I know how to cache it better than OS does.
[Wed Jul 31 05:31:10 2013] <gdsfh> also in some cases I need to read a small number of bytes (because it's probable that I won't need to read more), in some cases I need to read whole clusters.
[Wed Jul 31 05:31:10 2013] <gdsfh> also in some cases I need to read a small number of bytes (because it's probable that I won't need to read more), in some cases I need to read whole clusters.
[Wed Jul 31 05:32:32 2013] <gdsfh> also there are cases when I need to bypass buffer (2nd array).  So the code is complicated, with all these offsets and lengths.
[Wed Jul 31 05:32:32 2013] <gdsfh> also there are cases when I need to bypass buffer (2nd array).  So the code is complicated, with all these offsets and lengths.
[Wed Jul 31 17:51:56 2013] <osa1> why adding X as first argument in recursive length' call here doesn't work: http://lpaste.net/91395
[Wed Jul 31 17:51:56 2013] <osa1> why adding X as first argument in recursive length' call here doesn't work: http://lpaste.net/91395
[Wed Jul 31 17:53:21 2013] <osa1> ?
[Wed Jul 31 17:53:21 2013] <osa1> ?
[Wed Jul 31 17:54:32 2013] <osa1> also I don't understand why this works: Check (cons 1 (nil nat)). but this doesn't Check (cons nat 1 (nil nat)).
[Wed Jul 31 17:54:32 2013] <osa1> also I don't understand why this works: Check (cons 1 (nil nat)). but this doesn't Check (cons nat 1 (nil nat)).
[Wed Jul 31 17:56:04 2013] <osa1> another example for things I don't undestand is why type argument to length' fails here Check (length' nat (cons 1 (nil nat))). removing that makes it working
[Wed Jul 31 17:56:04 2013] <osa1> another example for things I don't undestand is why type argument to length' fails here Check (length' nat (cons 1 (nil nat))). removing that makes it working
[Wed Jul 31 18:33:44 2013] <jgross> I hate it when I'm working on a proof, and I can't apply something, and then I try to do [admit] as a sanity check, and I get an "Illegal Application" error. 
[Wed Jul 31 18:33:44 2013] <jgross> I hate it when I'm working on a proof, and I can't apply something, and then I try to do [admit] as a sanity check, and I get an "Illegal Application" error.
[Wed Jul 31 18:36:32 2013] <jgross> Gah, it was a [simpl in *]. 
[Wed Jul 31 18:36:33 2013] <jgross> Gah, it was a [simpl in *].
[Wed Jul 31 18:55:02 2013] <osa1> does anyone have comperssed/lower resolution versions of that videos http://www.cs.uoregon.edu/research/summerschool/summer13/curriculum.html
[Wed Jul 31 18:55:02 2013] <osa1> does anyone have comperssed/lower resolution versions of that videos http://www.cs.uoregon.edu/research/summerschool/summer13/curriculum.html
[Wed Jul 31 20:43:53 2013] <jgross> Is there a way to ask the typeclasses hint database for the priorities of all the lemmas in it? 
[Wed Jul 31 20:43:53 2013] <jgross> Is there a way to ask the typeclasses hint database for the priorities of all the lemmas in it?
[Thu Aug  1 02:15:42 2013] <Ptival> osa1: q1, you probably have "Set Implicit Arguments." somewhere, so Coq inferred that X can be deduced from lst, and does not ask for it
[Thu Aug  1 02:15:42 2013] <Ptival> osa1: q1, you probably have "Set Implicit Arguments." somewhere, so Coq inferred that X can be deduced from lst, and does not ask for it
[Thu Aug  1 02:17:20 2013] <Ptival> osa1: q2 is for same reason, nil cannot guess the type argument and needs it (in general, even though in this context it could guess it), while cons can figure it out from the parameter
[Thu Aug  1 02:17:20 2013] <Ptival> osa1: q2 is for same reason, nil cannot guess the type argument and needs it (in general, even though in this context it could guess it), while cons can figure it out from the parameter
[Thu Aug  1 02:18:18 2013] <Ptival> osa1: if you want to call a function with all its parameters, you can prefix it with @: Check (@length' nat (cons 1 (nil nat))). should work
[Thu Aug  1 02:18:18 2013] <Ptival> osa1: if you want to call a function with all its parameters, you can prefix it with @: Check (@length' nat (cons 1 (nil nat))). should work
[Thu Aug  1 05:23:22 2013] <osa1> Ptival: thanks. you're right, I had "Set Implicit Arguments" in my code
[Thu Aug  1 05:23:22 2013] <osa1> Ptival: thanks. you're right, I had "Set Implicit Arguments" in my code
[Thu Aug  1 05:56:23 2013] <gdsfh> hello.  I'm trying to work on problem I've asked about yesterday (file/buffer/consumer).  https://gist.github.com/gdsfh/c8419599ec810af8caa6 -- I don't like existentials here.  Local question: how can I turn them into subgoals?  Global question: I'm not sure I chose a right way to represent data structures and invariants, could you please suggest something better?
[Thu Aug  1 05:56:23 2013] <gdsfh> hello.  I'm trying to work on problem I've asked about yesterday (file/buffer/consumer).  https://gist.github.com/gdsfh/c8419599ec810af8caa6 -- I don't like existentials here.  Local question: how can I turn them into subgoals?  Global question: I'm not sure I chose a right way to represent data structures and invariants, could you please suggest something better?
[Thu Aug  1 07:24:04 2013] <gdsfh> https://gist.github.com/gdsfh/74ac36c8f8dbf46d2373 -- why the body of ba' is hidden?  It is required to prove current goal.  How to proceed?
[Thu Aug  1 07:24:04 2013] <gdsfh> https://gist.github.com/gdsfh/74ac36c8f8dbf46d2373 -- why the body of ba' is hidden?  It is required to prove current goal.  How to proceed?
[Thu Aug  1 07:36:08 2013] <gdsfh> forget it; going to ask in coq-club.
[Thu Aug  1 07:36:08 2013] <gdsfh> forget it; going to ask in coq-club.
[Thu Aug  1 07:50:30 2013] <sgnb> gdsfh: splitting the refine works, I guess you're hitting some kind of heuristic concerning Props
[Thu Aug  1 07:50:30 2013] <sgnb> gdsfh: splitting the refine works, I guess you're hitting some kind of heuristic concerning Props
[Thu Aug  1 07:51:27 2013] <gdsfh> sgnb: "splitting the refine" -- please explain a bit, I can't understand what you mean.
[Thu Aug  1 07:51:27 2013] <gdsfh> sgnb: "splitting the refine" -- please explain a bit, I can't understand what you mean.
[Thu Aug  1 07:51:38 2013] <sgnb> I'll answer on coq-club
[Thu Aug  1 07:51:38 2013] <sgnb> I'll answer on coq-club
[Thu Aug  1 07:53:27 2013] <gdsfh> sgnb: thanks!
[Thu Aug  1 07:53:27 2013] <gdsfh> sgnb: thanks!
[Thu Aug  1 07:58:27 2013] <sgnb> done
[Thu Aug  1 07:58:27 2013] <sgnb> done
[Thu Aug  1 08:13:44 2013] <gdsfh> sgnb: it works!  Great!  I'll try to prove all subgoals here and then will answer in coq-club.
[Thu Aug  1 08:13:44 2013] <gdsfh> sgnb: it works!  Great!  I'll try to prove all subgoals here and then will answer in coq-club.
[Thu Aug  1 12:45:52 2013] <osa1> what is the difference between evidence and proof? are those same things?
[Thu Aug  1 12:45:52 2013] <osa1> what is the difference between evidence and proof? are those same things?
[Thu Aug  1 12:52:20 2013] <ianjneu> same thing.
[Thu Aug  1 12:52:20 2013] <ianjneu> same thing.
[Thu Aug  1 12:52:43 2013] <ianjneu> in type theory at least.
[Thu Aug  1 12:52:43 2013] <ianjneu> in type theory at least.
[Thu Aug  1 13:03:05 2013] <Cale> If there's any difference at all, I think it's that "evidence" places some emphasis on the fact that the proof is a concrete object of some sort to be manipulated or passed around.
[Thu Aug  1 13:03:05 2013] <Cale> If there's any difference at all, I think it's that "evidence" places some emphasis on the fact that the proof is a concrete object of some sort to be manipulated or passed around.
[Thu Aug  1 13:04:27 2013] <ianjneu> right, so evidence is relevant and proof need not be relevent.
[Thu Aug  1 13:04:27 2013] <ianjneu> right, so evidence is relevant and proof need not be relevent.
[Thu Aug  1 15:19:57 2013] <kmicinski> I often find myself wanting to apply an inductive hypothesis which requires proving the head of the hypothesis (possibly with automation), but I'm required to assert something I've copied and pasted: this feels kludegy
[Thu Aug  1 15:20:23 2013] <kmicinski> is it common to code up a tactic such as assert_head H; (possible automation here)
[Thu Aug  1 15:21:06 2013] <kmicinski> I guess it's not head, really, it's ... whatever the opposite is.
[Thu Aug  1 15:22:01 2013] <ianjneu> I've found myself having to do this several times too. Perhaps eapply IH would allow you to fill in the head afterwards?
[Thu Aug  1 15:23:07 2013] <kmicinski> hm, hadn't thought of that.  I will try it!
[Thu Aug  1 15:26:38 2013] <kmicinski> ah hm, yes that works quite well in the case the head immediately applies to the goal, but there are also cases where I just want it in the context to apply to other things (about which I might not immediately foresee).
[Thu Aug  1 15:27:08 2013] <kmicinski> thanks however, ianjneu.
[Thu Aug  1 15:19:58 2013] <kmicinski> I often find myself wanting to apply an inductive hypothesis which requires proving the head of the hypothesis (possibly with automation), but I'm required to assert something I've copied and pasted: this feels kludegy
[Thu Aug  1 15:20:23 2013] <kmicinski> is it common to code up a tactic such as assert_head H; (possible automation here)
[Thu Aug  1 15:21:06 2013] <kmicinski> I guess it's not head, really, it's ... whatever the opposite is.
[Thu Aug  1 15:22:01 2013] <ianjneu> I've found myself having to do this several times too. Perhaps eapply IH would allow you to fill in the head afterwards?
[Thu Aug  1 15:23:07 2013] <kmicinski> hm, hadn't thought of that.  I will try it!
[Thu Aug  1 15:26:38 2013] <kmicinski> ah hm, yes that works quite well in the case the head immediately applies to the goal, but there are also cases where I just want it in the context to apply to other things (about which I might not immediately foresee).
[Thu Aug  1 15:27:08 2013] <kmicinski> thanks however, ianjneu.
[Fri Aug  2 19:36:46 2013] <hpaste> osa1 pasted “statement without assumptions” at http://lpaste.net/91465
[Fri Aug  2 19:37:14 2013] <osa1> hi all. I'm trying to do an exercise from SF book, can anyone help me with this: http://lpaste.net/91465 (my problem is written in comments)
[Fri Aug  2 19:38:22 2013] <osa1> (btw, it's not clear from the pasted code but the error is thrown in line 6 -- in apply tactic)
[Fri Aug  2 20:31:56 2013] <hpaste> Cale annotated “statement without assumptions” with “statement without assumptions (annotation)” at http://lpaste.net/91465#a91466
[Sat Aug  3 02:44:18 2013] <wmeyer> hello
[Sat Aug  3 10:06:37 2013] <wmeyer> hello
[Sat Aug  3 12:31:07 2013] <bigos> Hi ezyang, just wanted to say I have learned a lot from your blog posts.  Thank you. :)
[Sat Aug  3 12:32:47 2013] <ezyang> bigos: Yay! :)
[Sat Aug  3 13:06:34 2013] <wmeyer>  hey adrien, sorry afternoon nap
[Sat Aug  3 13:06:46 2013] <wmeyer> well, [make boot] will generate it
[Sat Aug  3 13:07:08 2013] <wmeyer> and we want to get rid of this code
[Sat Aug  3 13:07:23 2013] <wmeyer> and actually use just plain makefiles to compile ocamlbuild
[Sat Aug  3 13:07:32 2013] <wmeyer> without *any* bootstrapping
[Sat Aug  3 13:10:13 2013] <wmeyer> sorry not this channel!
[Sat Aug  3 13:25:11 2013] <basti_> apparently, CoRN is very brittle to build. I'm currently trying to do that. Sometimes a file fails, but this often does not appear to be reproducible
[Sat Aug  3 15:50:08 2013] <basti_> by using a recent version of math-classes, i can have corn build. It's still working.
[Sun Aug  4 09:47:08 2013] <osa1> for some reason I can't ever use apply tactic. even if if I can use rewrite -> H. reflexivity. I can't use apply H, it fails with some error messages. (I don't have a concrete example in mind right now)
[Sun Aug  4 09:57:13 2013] <gdsfh> osa1: if apply fails with some error message, then you need to modify its invocation somehow.  It's obvious!
[Sun Aug  4 09:58:20 2013] <osa1> gdsfh: I don't think it's so obvious. rewrite -> H . reflexivity. works without and modifications on rewrite's invocation. why doesn't apply work then? (btw, I'm just a beginner)
[Sun Aug  4 09:59:46 2013] <gdsfh> (rough picture: ) rewrite H works when H : a = b, and it changes a to b in goal.  "apply" does a different thing.  If your H has type a = b, you don't need apply, you need rewrite.
[Sun Aug  4 10:01:29 2013] <gdsfh> osa1: maybe http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic8 will be interesting.  If you don't understand it anyway, I'll construct a simple example of "what apply does".
[Sun Aug  4 10:04:04 2013] <osa1> I think I got it. it replaces goal with premises of applied term if the goal matches with applied term's conclusion.
[Sun Aug  4 10:05:17 2013] <osa1> I think what confused me is that the sentence in SF book saying something like "here apply does something similar like rewrite ... reflexivity."
[Sun Aug  4 10:09:04 2013] <gdsfh> yes, you've got it.  I hadn't read SF, maybe someone will explain what is meant here.
[Sun Aug  4 10:16:36 2013] <osa1> gdsfh: are there any other good Coq books(in English, other than SF and Certified Programming ... books)
[Sun Aug  4 10:21:21 2013] <gdsfh> osa1: I don't know.  Probably not.  But why other books?  Get a real problem and try to solve it!  (looking in Coq manual and reading pieces of SF and CPDT you understand.  (if you don't understand something, then get more practice and try it later.))
[Sun Aug  4 10:26:55 2013] <osa1> uh. induction H as [|||a b]. fails with syntax error but induction H as [| | |a b] works ...
[Sun Aug  4 10:26:57 2013] <lonkz> Hi. Can anyone tell me if it is possible, in Coq, to specify how to use case on a varible? Eg. telling Coq to try the values 8 and not 8 for a nat.
[Sun Aug  4 10:27:48 2013] <gdsfh> osa1: probably it finds token "|||" or "||" instead of single "|"'s.
[Sun Aug  4 10:31:43 2013] <gdsfh> lonkz: http://paste.in.ua/8533/
[Sun Aug  4 10:32:20 2013] <osa1> gdsfh: what would be a nice motivating real problem to solve in Coq for a beginner? my main goal is to formalize programming languages and prove some useful theorems using that formalizations but that's probably too hard goal for a starter
[Sun Aug  4 10:39:49 2013] <gdsfh> osa1: don't know.  Formalizing programming languages is a hard task for beginner (and for me too).  I've tried to solve my current problems, sometimes "as in plain ML" but with some proofs.
[Sun Aug  4 10:39:54 2013] <gdsfh> osa1: but it'll be better if you'll ask this question in coq-club (I'm interested in simple problems too, for me and for some friends who are trying to learn Coq but have no interesting problems).
[Sun Aug  4 10:42:36 2013] <lonkz> Thanks gdsfh, I'll have a look at it.
[Sun Aug  4 10:45:39 2013] <gdsfh> lonkz: anyway try to stick with "eq-dec"-returning functions (like "eq_nat_dec", look at its type) rather than bool-returning, since former functions return proofs that are usually useful later in developement.
[Sun Aug  4 10:47:04 2013] <ekwialen> something I did for practice was proving that there are infinitely many primes
[Sun Aug  4 10:47:43 2013] <lonkz> I wasn't really looking for casing on nats but a more general approach that will work with my inductives. I think I'll just destruct everything to the largest component that I can do equality on and try "case (x == y)."
[Sun Aug  4 10:49:41 2013] <gdsfh> lonkz: maybe simple "match .. with" will help, if you are writing code, and case/destruct in proof mode?
[Sun Aug  4 10:55:56 2013] <lonkz> gdsfh: That sounds interesting. I don't think I've tried it before. I'll give it a shot. Thanks.
[Sun Aug  4 11:03:29 2013] <gdsfh> lonkz: btw you can mix proof/code modes with "refine".  Something like "refine (match H with | A a1 => _ | B b1 b2 => _ end)." and then add proofs for both cases.  Arguments (a1, b1, b2) will be present in hypotheses.  To gain more control on which goal you are proving, you can use "named goals" like here: https://gist.github.com/gdsfh/4578089
[Sun Aug  4 11:10:21 2013] <lonkz> Hah, that makes it much nicer. Thank you gdsfh.
[Sun Aug  4 11:11:27 2013] <gdsfh> but you can emulate this with "destruct H as [ [a1] [b1 b2] ]" or like.
[Sun Aug  4 12:30:50 2013] <basti_> I managed to compile CoRN now. However, there is not an "install" script supplied? How can I make it available to all users?
[Sun Aug  4 15:28:41 2013] <ezyang> I want to a variant of refine which lets me fill in dependent arguments rather than just evar'ing them
[Sun Aug  4 15:29:05 2013] <ezyang> I heard the new tactical libraries is supposed to let you do that, but I was wondering if I could hack around it in the meantime
[Sun Aug  4 17:44:27 2013] <osa1> does anyone know a mirror of this videos: http://www.cs.uoregon.edu/research/summerschool/summer13/curriculum.html it's just too slow from here
[Sun Aug  4 17:46:41 2013] <Saizan> osa1: usually i just download them and watch from disk
[Sun Aug  4 17:47:48 2013] <osa1> Saizan: yeah I do that too but right now it says 5 hours to finish to download. (I downloaded some chapters before and it was fast but now for some reason it's very slow, maybe because I'm in some other place right now)
[Sun Aug  4 18:29:43 2013] <SrPx> Why is not coq ridiculously fast? It seems to be the most analyzable language out there. I guess you could strip down an absurd amount of code with a good compiler
[Sun Aug  4 18:49:56 2013] <Ptival> because it does not use a sufficiently good compiler?
[Sun Aug  4 18:50:54 2013] <Ptival> first, it extracts to OCaml and Haskell, so probably different things happen and have to be taken care of
[Sun Aug  4 18:51:32 2013] <Ptival> (Haskell's laziness might help...)
[Sun Aug  4 18:52:05 2013] <Ptival> then it depends how well your types are mapped to the backend types
[Sun Aug  4 18:52:09 2013] <Ptival> I guess
[Sun Aug  4 19:06:24 2013] <Saizan> extracted code doesn't get optimized that well from the respective compilers, either, because of all the coercions
[Sun Aug  4 19:34:41 2013] <osa1> am I missing something or first part of "logical relations" course here http://www.cs.uoregon.edu/research/summerschool/summer13/curriculum.html missing few minutes in the beginning?
[Sun Aug  4 20:39:41 2013] <ezyang> It might be
[Sun Aug  4 21:30:20 2013] <kini> osnr: one of the logical relations lectures (maybe the first one) was missing the audio for the first few minutes because the lapel mic's battery was dead and someone had to go find a replacement
[Sun Aug  4 21:30:41 2013] <kini> possibly they removed the corresponding video as well
[Mon Aug  5 08:08:19 2013] <chris2> are there plans to add ssreflect to opam?
[Mon Aug  5 17:27:30 2013] <osa1> so by curry-howard correspondence we know types in programming languages corresponds to proofs in logics, but then what does normalization(or evaluation, or reduction, or whatever) of types corresponds to in logic?
[Mon Aug  5 17:28:27 2013] <osa1> s/proofs/propositions
[Mon Aug  5 17:28:27 2013] <ezyang> Cut-elimination
[Mon Aug  5 17:28:40 2013] <ezyang> specifically, beta-reduction is cut-elimination
[Mon Aug  5 17:28:52 2013] <ezyang> and normalization is cut-elimination from the entire proof
[Mon Aug  5 17:29:13 2013] <osa1> hmm, I know cuts from Prolog but not sure if it's related with cuts in real logic systems :-) where can I learn more about cuts in logics?
[Mon Aug  5 17:29:21 2013] <ezyang> Nope, it's different
[Mon Aug  5 17:29:43 2013] <ezyang> try this: http://www.cs.cmu.edu/~fp/courses/15317-f09/schedule.html
[Mon Aug  5 17:30:10 2013] <ezyang> The basic idea is pretty simple though http://en.wikipedia.org/wiki/Cut-elimination_theorem
[Mon Aug  5 17:32:05 2013] <osa1> ezyang: so beta reduction corresponds to cut-elimination,  does alpha conversion also apply to propositions/types? what does that corresponds to?
[Mon Aug  5 17:33:04 2013] <ezyang> In logic, propositions are not named, so there is no to alpha-convert them
[Mon Aug  5 17:33:10 2013] <ezyang> *way
[Mon Aug  5 17:36:17 2013] <osa1> ok so another question that stucked in my mind while watching some lectures from oragon plt school is predicativities of type systems. what does that mean, how do coq/agda/etc. handle that, does that only apply to dependent types etc. where can I learn more about that?
[Mon Aug  5 17:36:21 2013] <Saizan> in FOL you still have binders (i.e. the quantifiers) and i think there's something similar to alpha-conversion for those if you get really formal
[Mon Aug  5 17:37:16 2013] <shergill> what would be eta reduction? that given P you can prove P?
[Mon Aug  5 17:38:42 2013] <ezyang> osa1: Predicativity is a tricky one, I picked up what was going on from a variety of sources and I don't have something good to point you to.
[Mon Aug  5 17:38:46 2013] <osa1> Saizan: speaking of FOL, is being "constructive" logic or not orthogonal concept with FOL/other logics? what do we call logics that are not "constructive" ?
[Mon Aug  5 17:38:53 2013] <ezyang> But I think understanding what it means for a type system to be impredicative is a good first step.
[Mon Aug  5 17:39:56 2013] <Saizan> osa1: historically the opposition has been between constructive and classical, though the exact negation is just non-constructive
[Mon Aug  5 17:41:13 2013] <osa1> Saizan: ah so we categorize logics as being constructive or non-constructive?
[Mon Aug  5 17:41:15 2013] <Saizan> osa1: often FOL will refer to the classical version, but you can have constructive first order logic just fine
[Mon Aug  5 17:41:20 2013] <osa1> hmm
[Mon Aug  5 17:41:41 2013] <osa1> so what about intuitionistic logics?
[Mon Aug  5 17:42:33 2013] <ezyang> shergill: eta reduction also talks about terms, and doesn't show up when you don't have them.
[Mon Aug  5 17:45:34 2013] <Saizan> osa1: intuitionistic X is most usually X but without excluded middle or equivalent, so it's often more specific than "constructive" which is basically "what a constructivist would accept" :)
[Mon Aug  5 17:46:13 2013] <osa1> Saizan: I thought constructive logics also don't have excluded middle
[Mon Aug  5 17:47:32 2013] <osa1> sorry if I'm asking too much unrelated questions but, what would happen if we suddenly have a proof of excluded middle in Coq?
[Mon Aug  5 17:47:38 2013] <Saizan> osa1: yeah, but they might or might not have other principles, even ones you inconsistent with the corresponding classical logic
[Mon Aug  5 17:48:15 2013] <ezyang> It is known that excluded middle is independent of constructive logic
[Mon Aug  5 17:48:30 2013] <darinm> what was the question re: predicativity?
[Mon Aug  5 17:48:37 2013] <ezyang> So a non-axiomatic proof would probably imply it was inconsistent
[Mon Aug  5 17:49:27 2013] <Saizan> Coq + EM is a consistent theory, but yeah there's something wrong if you can actually prove EM in Coq
[Mon Aug  5 17:49:52 2013] <Saizan> (just phrasing it differently)
[Mon Aug  5 17:50:08 2013] <darinm> Predicativity goes back to Russell and Poincaré and has to do with disallowing circular definitions.
[Mon Aug  5 17:50:54 2013] <darinm> Original naive set theoretic paradoxes came about because of circularity that should be ruled out by predicative approach
[Mon Aug  5 17:51:16 2013] <darinm> which is why Russell introduced ramified type theory and Principia
[Mon Aug  5 17:51:36 2013] <ezyang> But fascinatingly enough, it is OK to have impredicativity in a constructive logic
[Mon Aug  5 17:51:58 2013] <darinm> Coquand did work in this area and found a way to have an impredicative type theory stronger than system F, but you have to give up propositions-as-sets (or types)
[Mon Aug  5 17:52:03 2013] <darinm> hence Coq
[Mon Aug  5 17:52:32 2013] <darinm> ezyang: okay if you give up prop-as-type and do some "maintenance" to keep things sane
[Mon Aug  5 17:53:09 2013] <darinm> funnily enough, Coquand does not even prefer impredicative approach anymore allegedly (talking to him and others about it)
[Mon Aug  5 17:53:21 2013] <osa1> yeah I remember reading in some book that Principia Mathematica basically a work to remove circularities in mathematics ... ramified types is that infinite type tower thing, right? like we have in agda/coq
[Mon Aug  5 17:53:23 2013] <Saizan> it clashes with sigmas too, iirc
[Mon Aug  5 17:53:41 2013] <darinm> as far as I understand, the original _use_ for impredicativity in Coq was because when it was first introduced there were no inductive types or pattern matching
[Mon Aug  5 17:53:49 2013] <darinm> so you had to use, e.g., "church encodings"
[Mon Aug  5 17:53:54 2013] <darinm> you often need impredicativity to make those work
[Mon Aug  5 17:55:24 2013] <darinm> There is kind of an open question as to whether "predicative maths" is powerful enough to do most of what we want in mathematics. I think Feferman wrote about this. Comparatively, predicative systems are weak. But so far it seems like it's enough for most major fields of math, with some reworking
[Mon Aug  5 17:55:55 2013] <darinm> osa1: yes, the type hierarchy we see in modern type systems goes back to Russell
[Mon Aug  5 17:57:51 2013] <darinm> another reason to prefer predicativity for a type theory or logical framework is because it is more conservative and becomes inconsistent with fewer axioms
[Mon Aug  5 17:58:03 2013] <osa1> OK, I should go learn more about this predicativity stuff. designing dependently typed language class in plt school also mentions that stuff but I don't understand anything.
[Mon Aug  5 17:58:26 2013] <darinm> (which is similar to the idea behind constructivism being more conservative than classicism)
[Mon Aug  5 18:00:54 2013] <darinm> Saizan: wasn't there some fuss about impredicative Set and inconsistency when EM was added? I don't remember for sure but thought I saw something about that a long time ago
[Mon Aug  5 18:01:14 2013] <darinm> or AC and some others even
[Mon Aug  5 18:01:25 2013] <Saizan> darinm: i remember something like that too, tbh
[Mon Aug  5 18:01:25 2013] <darinm> (some version of AC)
[Mon Aug  5 18:01:35 2013] <osa1> what is AC?
[Mon Aug  5 18:01:41 2013] <darinm> axiom of choice
[Mon Aug  5 18:02:06 2013] <darinm> so anyway, take away is that impredicativity is less compatible with extra axioms
[Mon Aug  5 18:02:46 2013] <osa1> okay, thanks for all the answers
[Mon Aug  5 18:03:08 2013] <osa1> I'm going to learn more about impredicativity and continue watching plt school lectures later
[Mon Aug  5 18:03:31 2013] <osa1> one hopefully last question that stuck in my mind is that what makes Coq a convenient system to prove useful theorems .. for example, why Haskell isn't used for same purposes?
[Mon Aug  5 18:04:31 2013] <darinm> ezyang: one good way to see where impredicativity pops up is trying to write a system F interpreter in agda :] You can do it easily for STLC…
[Mon Aug  5 18:04:37 2013] <elliott> Haskell does not have dependent types. Haskell is not total so undefined is a proof of every theorem
[Mon Aug  5 18:04:45 2013] <elliott> both of these make it more or less completely useless for proving
[Mon Aug  5 18:05:04 2013] <darinm> right, any theorem is proved with 'undefined' in Haskell :]
[Mon Aug  5 18:05:13 2013] <osa1> elliott: let's exclude "undefined", can I then give proofs for some simple propositions?
[Mon Aug  5 18:05:13 2013] <Saizan> osa1: in terms of logics you could say that haskell is propositional rather than predicative, hence all the pain of encoding stuff through GHC extensions
[Mon Aug  5 18:05:34 2013] <darinm> of course, Coq has some escape hatches too, but fewer… and they show up in RED in Proof General :]
[Mon Aug  5 18:06:03 2013] <osa1> I think not supporting dependent types only makes it less powerful theorem prover, right? because I cannot represent some propositions ..
[Mon Aug  5 18:06:23 2013] <darinm> osa1: you can use Haskell to write "proofs", sure. But you have no termination checker or productivity so you have less confidence.
[Mon Aug  5 18:06:46 2013] <Saizan> osa1: you can prove a bunch of propositional stuff, e.g. ?djinn will search for proofs for propositional intuitionistic logic as haskell programs
[Mon Aug  5 18:06:48 2013] <darinm> and as Saizan pointed out, no dependency of types on terms means you can't encode much that's useful directly
[Mon Aug  5 18:06:50 2013] <elliott> osa1: if you want to write proofs that you can't verify the truth of, use pen and paper.
[Mon Aug  5 18:07:02 2013] <elliott> as a bonus, you won't have to fight Haskell's incredible limitations in what you can express
[Mon Aug  5 18:07:10 2013] <darinm> yeah
[Mon Aug  5 18:07:21 2013] <osa1> :-)
[Mon Aug  5 18:07:39 2013] <elliott> also, Coq or Agda's UI are way way better for proving
[Mon Aug  5 18:07:58 2013] <elliott> from something as simple as Agda's interactive holes and type display to Proof General's three-window mode and interactive tactics etc.
[Mon Aug  5 18:09:19 2013] <osa1> well that UI stuff doesn't work for me because I hate emacs and cannot use it ... Coq's vim plugin is pretty good though
[Mon Aug  5 18:13:14 2013] <darinm> agda has vim functionality too now allegedly
[Mon Aug  5 18:21:00 2013] <elliott> I use Emacs almost exclusively for proof general. it is worth it.
[Mon Aug  5 21:25:39 2013] <ezyang> I have some ?A = ?B, where after reduction ?A and ?B are definitionally equal.
[Mon Aug  5 21:26:00 2013] <ezyang> I would like to use this to type eq_refl, but Coq is rejecting it. What do I have to do to "make it compute"?
[Mon Aug  5 21:43:24 2013] <elliott> maybe simpl; reflexivity. and look at the proof term or something?
[Mon Aug  5 21:43:31 2013] <elliott> I don't quite know what you want
[Mon Aug  5 21:44:49 2013] <ezyang> This ended up being a case of "Coq needs to infer a different definitionally equal term for an argument"
[Mon Aug  5 22:32:01 2013] <ezyang> Well, this is a terrible error messagE:  The term "q" has type "transport P p x .2 = y .2" while it is expected to have type "?756 = ?757".
[Mon Aug  5 22:38:43 2013] <jgross> ezyang: Try [Set Printing All].  My guess is that you'll find that you gave it a dependent function where it was expecting a non-dependent one.  Also, by replacing [h] with [(h _)], I get the message """The term "ap (h y .1) q" has type "h y .1 (transport P p x .2) = h y .1 y .2" while it is expected to have type "transport P' (ap g p) (h x .1 x .2) = h y .1 y .2".""" 
[Mon Aug  5 22:39:16 2013] <ezyang> Well, I got further by filling in the implicit parameters
[Mon Aug  5 22:40:50 2013] <jgross> Also, here's a trick: When your types aren't type-checking, replace the last part of it with [Type], and then fill in your type bit by bit with [refine].  Like:
[Mon Aug  5 22:40:50 2013] <jgross> Theorem theorem2_6_5' {A A'} {P : A -> Type} {P' : A' -> Type} (g : A -> A') (h : forall a, P a -> P' (g a)) (x y : sigT P) (p : x.1	    = y.1) (q : transport _ p x.2 = y.2) : Type.
[Mon Aug  5 22:40:50 2013] <jgross>   pose (fun z => (g z.1; h z.1 z.2)) as f.
[Mon Aug  5 22:40:50 2013] <jgross>   refine (ap f (path_sigma P x y p q) = _).
[Mon Aug  5 22:40:50 2013] <jgross>   refine (path_sigma P' (f x) (f y) (ap g p) _).
[Mon Aug  5 22:40:50 2013] <jgross>   unfold f; simpl.
[Mon Aug  5 22:40:50 2013] <jgross>   exact (ap (h _) q). 
[Mon Aug  5 22:42:55 2013] <ezyang> Nifty!
[Mon Aug  5 22:43:23 2013] <ezyang> I assume that the proofscript you pasted isn't supposed to work?
[Mon Aug  5 22:44:20 2013] <jgross> correct.  It gave me the error message I mentioned.  But it might help you to figure out what you want, because it's more interactive. 
[Mon Aug  5 22:46:12 2013] <ezyang> So, I should be able to get this from q.
[Mon Aug  5 22:50:10 2013] <ezyang> ho ho ho
[Mon Aug  5 23:11:17 2013] <ezyang> Ohhh I screwed up my dfn's
[Mon Aug  5 23:16:19 2013] <ezyang> Wait, no, these are equivalent
[Tue Aug  6 06:56:38 2013] <osa1> let's say I have a goal something like `some_constructor arg1 arg2 = some_constructor arg3 arg4` is there a way to reduce it to two goals `arg1 = arg3` and `arg2 = arg4` ?
[Tue Aug  6 07:00:05 2013] <gdsfh> hello.  I have something like "Require Import ZArith. Open Scope Z_scope. Goal forall (n : Z) (H1 : n >= 3) (H2 : n <= 5), Z.", I want to match 3, 4, 5 and to prove that for other cases "False_rect _ _" is a proof of their impossibility.
[Tue Aug  6 07:00:09 2013] <gdsfh> But matching "Z_dec n 3", then "Z_dec n 4", then "Z_dec n 5" is a boring task.  Do you know any nice ways to write this code?
[Tue Aug  6 07:32:09 2013] <fisi> osa1: there's a tactic called "f_equal", which will do exactly this
[Tue Aug  6 07:33:19 2013] <fisi> (as a matter of fact, it's a little more general: for any goal of the form "f x = g y", it'll produce the goals "f = g" and "x = y" -- but yours is a special case of this)
[Tue Aug  6 07:38:24 2013] <osa1> fisi: thanks
[Tue Aug  6 07:38:36 2013] <fisi> no problem
[Tue Aug  6 07:42:33 2013] <osa1> can anyone help me with this http://lpaste.net/91595
[Tue Aug  6 07:50:58 2013] <beta> osal: can't you just apply beq_nat_refl?
[Tue Aug  6 07:52:26 2013] <osa1> beta: that works but I'm wondering how to do what I wrote in the comment
[Tue Aug  6 07:54:09 2013] <beta> I think you're question can be generalized into "how can I apply a lemma P -> Q on the goal P"
[Tue Aug  6 07:54:13 2013] <beta> is it true?
[Tue Aug  6 07:56:41 2013] <osa1> yeah, I guess
[Tue Aug  6 07:58:07 2013] <fisi> whoa, won't you need the implication to go in the other direction?
[Tue Aug  6 07:58:13 2013] <beta> well, that's not logically possible :-)
[Tue Aug  6 07:58:23 2013] <beta> sorry, I mean, impossible
[Tue Aug  6 07:58:56 2013] <fisi> ah yes, I misread beta's comment, and he's right, that's not possible.
[Tue Aug  6 08:00:39 2013] <beta> when applying a lemma in a goal one is doing "backward reasoning", that is, if you have a lemma L : P -> Q and goal Q, by applying L you are left to prove P
[Tue Aug  6 08:01:12 2013] <osa1> yeah, that makes sense. I'm a bit confused, thanks for explanation.
[Tue Aug  6 08:01:52 2013] <beta> with respect to the problem at hand, you can still use the lemma
[Tue Aug  6 08:01:53 2013] <beta> Lemma beq_nat_true_iff : forall x y, beq_nat x y = true <-> x=y.
[Tue Aug  6 08:02:10 2013] <beta> to *rewrite* your goal into p = p
[Tue Aug  6 08:17:30 2013] <osa1> I'm having trouble understanding inductives, http://lpaste.net/91600 why I'm getting this error here
[Tue Aug  6 08:17:39 2013] <osa1> I'm trying to do palindrome exercise from Software Foundations book
[Tue Aug  6 08:18:41 2013] <osa1> (btw, first constructor in this code should be pal_empty : pal nil)
[Tue Aug  6 08:21:24 2013] <beta> the reason is because you're making both X and the list parameters of the inductive type
[Tue Aug  6 08:22:03 2013] <beta> but you want to provide the list yourself, that is, the type is not parametric on the list
[Tue Aug  6 08:22:04 2013] <fisi> try changing the first line of declaration to "Inductive pal (X : Set) : list' X -> Prop :="; as far as I recall, there's some restrictions on what you can do with binding arguments outside the constructors of the inductive definitions
[Tue Aug  6 08:23:30 2013] <osa1> yeah, that worked
[Tue Aug  6 08:23:44 2013] <osa1> but I don't understand why
[Tue Aug  6 08:24:13 2013] <osa1> to me this two kinds of declarations specifies same types
[Tue Aug  6 08:24:20 2013] <osa1> but probably I'm wrong
[Tue Aug  6 08:27:18 2013] <fisi> nah, it's like what beta said: the parameters of an inductive type are not allowed to change between the constructors. It's really a shorthand (everything that's expressible with the parameters is also expressible without using them) -- and a sort of sanity check if you want the inductive type to be parametric in one of the arguments.
[Tue Aug  6 08:28:02 2013] <beta> as a (probably dry) source of information you can check http://coq.inria.fr/distrib/current/refman/Reference-Manual006.html#sec186
[Tue Aug  6 09:59:18 2013] <osa1> it's very annoying that Coq doesn't allow name shadowing, if I have a 'a' in a  pattern match and I also have a 'a' as a constructor I get weird error messages when I use that matched name 'a'
[Tue Aug  6 10:00:28 2013] <ianjneu> osa1: how would Coq know the difference?
[Tue Aug  6 10:01:30 2013] <ianjneu> nonlinear patterns kind of ruin that expectation.
[Tue Aug  6 10:01:37 2013] <osa1> ianjneu: same as how other languages(for instance Haskell) that know the difference know the difference
[Tue Aug  6 10:01:46 2013] <osa1> what is a nonlinear pattern?
[Tue Aug  6 10:02:44 2013] <ianjneu> a matching pattern that allows duplicate binders, which introduces the constraint that whatever matches both must be equal.
[Tue Aug  6 10:03:12 2013] <osa1> hmm
[Tue Aug  6 10:03:53 2013] <ianjneu> Racket's pattern matching allows what you want, but only because it doesn't allow binders as match heads.
[Tue Aug  6 10:04:59 2013] <ianjneu> This is why I want prefix notation as the default syntax for languages, and fancy syntax just built on top.
[Tue Aug  6 10:05:47 2013] <ianjneu> It makes the language design much more flexible and structured.
[Tue Aug  6 10:10:56 2013] <ianjneu> Just checked - Coq doesn't allow nonlinear patterns. Yup, just turns out to be bad design.
[Tue Aug  6 10:22:21 2013] <gdsfh> ianjneu: "constraint that whatever matches both must be equal" -- maybe it's because of a flexible approach to equality?  Often " = " is not what one wants.
[Tue Aug  6 10:26:07 2013] <ianjneu> gdsfh: I wasn't saying the lack of nonlinear patterns is a bad design decision.
[Tue Aug  6 10:26:36 2013] <ianjneu> HoTT wasn't around when Coq was first created ;)
[Tue Aug  6 10:27:29 2013] <gdsfh> ianjneu: interesting, what HoTT provides for such patterns?
[Tue Aug  6 10:29:51 2013] <ianjneu> Well, you would be able to use equivalences instead of definitional equality. It still would be trickily behaved, since you'd need to inform the unifier of equivalence proof constructors in order for the match to happen (or have a cumbersome syntax for constructing the proof within the match pattern itself)
[Tue Aug  6 10:32:38 2013] <ianjneu> I suppose the same is the case for propositional equality too.
[Tue Aug  6 10:32:51 2013] <ianjneu> I just really like the univalence axiom.
[Tue Aug  6 11:42:07 2013] <Cale> Haskell knows the difference because the names available to variables and the names available to constructors are disjoint.
[Tue Aug  6 11:42:40 2013] <Cale> (in particular, because constructors must start with an uppercase letter, and variables must not)
[Tue Aug  6 11:43:02 2013] <rmk0> same as ocaml... i found the behaviour in coq quite surprising
[Tue Aug  6 11:43:14 2013] <Cale> But yeah, you'd expect shadowing to occur.
[Tue Aug  6 12:35:54 2013] <gdsfh> are there any reading on simulation of digital circuits in Coq?  I've tried to use corecursive streams, but got stuck on RS-trigger (all my CoFixpoints I've tried to write were not accepted by Coq).  Also I don't know whether I'm going a right thing, so I'd prefer to read something useful on this topic.
[Tue Aug  6 13:09:52 2013] <ianjneu> gdsfh: write a step function for your circuit and reason about subject reduction.
[Tue Aug  6 13:22:21 2013] <gdsfh> ianjneu: thanks for suggestion.  It would be much easier.  Also it's interesting to know what I lose here, compared to coinductive streams?  (and what I gain, except ease?)
[Tue Aug  6 13:52:05 2013] <ianjneu> gdsfh: I don't think you lose anything. I don't know what your input stream would be, or if you expect to produce a stream of machine states, but to reason about steps of a circuit, you need more sophisticated methods than just coinduction on infinite traces. What I've seen is more refinement-based bisimulations based on a well-founded measure and a step function.
[Tue Aug  6 13:54:41 2013] <ianjneu> c.f. Pete Manolios' dissertation on WEB refinement in the ACL2 theorem prover.
[Tue Aug  6 13:55:22 2013] <gdsfh> ianjneu: good, I'll try to write code with step functions (at least I'll be able express RS-trigger, I think).  Also will read the paper you've noted.
[Tue Aug  6 13:56:34 2013] <ianjneu> if you plan on verifying a circuit with out-of-order multi-instruction retirement, there is nothing yet published on what is the proper correctness criteria.
[Tue Aug  6 13:57:09 2013] <ianjneu> Pete's student Mitesh Jain is working on that, but his work is currently unpublished.
[Tue Aug  6 14:06:49 2013] <gdsfh> ianjneu: no, I want to play with simple circuits only.  For now, what I want to prove that given scheme will stabilize and give reasonable output within N clock ticks after inputs were changed.  (but I need to _construct_ the scheme first, here's the problem...  now solved with your help, I think.)
[Tue Aug  6 14:09:45 2013] <ianjneu> Usually it's easier to verify the circuit-constructing functions with respect to the circuit evaluation function than individual circuits.
[Tue Aug  6 14:18:08 2013] <gdsfh> ianjneu: noted, thanks.  But I need to read that paper and implement these step functions and evaluator first.
[Tue Aug  6 14:24:57 2013] <ianjneu> gdsfh: Pete has some homework assignments for our freshmen that have them build a netlist for an adder, and an evaluator for a netlist, and then show that addition of encoded numbers is equivalent to real addition of those numbers (within the proper size bounds).
[Tue Aug  6 14:25:16 2013] <ianjneu> Might be a good exercise for you.
[Tue Aug  6 14:26:12 2013] <gdsfh> ianjneu: really, I'll need adders anyway.
[Tue Aug  6 14:40:47 2013] <gdsfh> ianjneu: I'm looking at http://www.ccs.neu.edu/home/pete/research.html and can't find anything about simple circuits like NOR/NAND gates, RS-triggers and so on; here are more high-level things, with processor instructions at least.  Either I've failed to find the right paper (please help, in this case), or his works won't help me at all.
[Tue Aug  6 14:49:15 2013] <osa1> how to covert goals from [a /\ b] to goals [a; b] ?
[Tue Aug  6 14:55:55 2013] <gdsfh> osa1: "split."
[Tue Aug  6 14:57:23 2013] <osa1> thanks. now I'm trying to unfold '<' but cannot find it's name .. how can I unfold '<' ?
[Tue Aug  6 15:07:48 2013] <ianjneu> lt
[Tue Aug  6 15:10:20 2013] <osa1> hmm, unfold lt does do anything
[Tue Aug  6 15:14:42 2013] <ianjneu> osa1: which theory of numbers are you using?
[Tue Aug  6 15:15:21 2013] <ianjneu> gdsfh: It's been given as a homework, so it's not a research paper. Just go from what I said as a spec.
[Tue Aug  6 18:12:38 2013] <osa1> can anyone recommend me some papers to help me understand how to make inference rules "syntax driven", why do we need to have distinct type inferable and type checkable terms(or alternatively annotate every term) etc.
[Tue Aug  6 18:15:08 2013] <ezyang> osa1: Honestly, you should just try to implement it for yourself and see.
[Wed Aug  7 01:18:03 2013] <leroux> This looks very wrong... https://gist.github.com/leroux/6171397
[Wed Aug  7 01:18:11 2013] <leroux> Any suggestions to remedy this incomplete proof?
[Wed Aug  7 01:56:46 2013] <elliott> leroux: be lazier. http://sprunge.us/WDNK
[Wed Aug  7 01:57:43 2013] <leroux> elliott: Is there a way for me to expand to something I can understand right now? I started working through Software Foundations today.
[Wed Aug  7 01:58:00 2013] <leroux> I don't think auto will be introduced for awhile.
[Wed Aug  7 02:00:26 2013] <elliott> sure, one second
[Wed Aug  7 02:02:37 2013] <elliott> leroux: http://sprunge.us/ULeX
[Wed Aug  7 02:03:09 2013] <leroux> Thanks elliott.
[Wed Aug  7 02:03:20 2013] <leroux> So, intros are not always needed?
[Wed Aug  7 02:03:37 2013] <elliott> if you introduce parameters before the colon, yeah.
[Wed Aug  7 02:03:51 2013] <elliott> you can also "destruct x" if you named "x" with a "forall" in your current type and it'll automatically be introduced
[Wed Aug  7 02:04:47 2013] <leroux> Ahh, okay, thanks.
[Wed Aug  7 02:06:34 2013] <elliott> btw, maybe the book wants you to prove this in some other way. but I think it's better to "discriminate" when possible rather than taking advantage of inconsistent equalities less directly
[Wed Aug  7 02:06:55 2013] <elliott> and I don't see much point in using lemmas for things that can be proved so easily with simple computation
[Wed Aug  7 02:08:35 2013] <leroux> Ahh, okay.
[Wed Aug  7 02:08:42 2013] <leroux> So.. I see that you use p || q.
[Wed Aug  7 02:08:52 2013] <leroux> In a way, it can be seen as automation.
[Wed Aug  7 02:09:02 2013] <leroux> Not in the sense of 'auto'.
[Wed Aug  7 02:09:40 2013] <elliott> sure
[Wed Aug  7 02:09:45 2013] <elliott> (p; q) is automation too
[Wed Aug  7 02:09:55 2013] <elliott> but tactics are all about automation, the alternative is crafting proof terms by hand :)
[Wed Aug  7 02:10:15 2013] <leroux> I've only been using intros, destruct, rewrite, reflexivity, simpl.
[Wed Aug  7 02:11:18 2013] <elliott> you can probably do it with rewrite if you really want to
[Wed Aug  7 02:11:19 2013] <leroux> The exercises are so trivial that I'd think that they are supposed to be solved with a limited set of keywords.
[Wed Aug  7 02:11:29 2013] <leroux> So, I was using rewrites...
[Wed Aug  7 02:11:35 2013] <leroux> But it looked very...wrong.
[Wed Aug  7 02:11:44 2013] <elliott> I think discriminate is a great thing to learn early :)
[Wed Aug  7 02:11:56 2013] <leroux> I was doing an intros H every time there was a contradiction.
[Wed Aug  7 02:12:02 2013] <leroux> And then I would rewrite with H.
[Wed Aug  7 02:12:18 2013] <leroux> https://gist.github.com/leroux/6171397
[Wed Aug  7 02:12:50 2013] <leroux> Is that what you mean by it could possibly be done by rewrites?
[Wed Aug  7 02:15:01 2013] <leroux> Anyways, thanks elliott. I'll start using discriminate now.
[Wed Aug  7 02:15:29 2013] <elliott> I mean that you have false = true or true = false in context
[Wed Aug  7 02:15:33 2013] <elliott> and your goal is either false = true or true = false
[Wed Aug  7 02:15:49 2013] <elliott> so it should be easy if you don'tw ant to just reject the contradiction outright.
[Wed Aug  7 02:16:00 2013] <leroux> Ahh, okay.
[Wed Aug  7 08:35:51 2013] <beta> I have a question about the HoTT branch, what is the "rigid" type in evd.mli ?
[Wed Aug  7 08:36:34 2013] <beta> I need to create a new unification variable, and I need to specify how "rigid" it has to be
[Wed Aug  7 13:49:58 2013] <gdsfh> strange thing.  "subst." gives "Error: enr is used in conclusion.", while "subst enr." works ok.  Now I'm using 8.3pl4, probably it's fixed now with new tactics system, but maybe you know why it happens?  (now I'm using "Ltac subst_all := match goal with A := _ |- _ => subst A; subst_all | _ => idtac end.", it works.)
[Wed Aug  7 13:50:47 2013] <gdsfh> (also I can't construct simple example where "subst." fails but "subst that_identifier." succeeds.)
[Wed Aug  7 14:01:50 2013] <jgross> beta: My guess is that rigid means ones of the following: (1) it's [Set] or [Prop], i.e., it's a fixed universe; or (2) it's universe monomorphic, i.e., all the universes that appear in it are fixed.  In both cases, I'd guess that you want it to be not rigid, unless you pick up whether or not you're in a rigid context from the environment, somehow.	But I haven't looked at the code, so I might be completely wrong. 
[Wed Aug  7 14:04:59 2013] <beta> Thanks jgross, that was my guess. But the story is a bit more complicated, because you can either have a rigid, flexible, and "flexible alg" variable
[Wed Aug  7 14:05:25 2013] <beta> the distinction among the last two is a mystery to me
[Wed Aug  7 14:07:43 2013] <jgross> Perhaps flexible means that it's a non-fixed universe (like [Type_n]), and flexible alg means that it's something like [max(Type_n, Type_{m + 1})] (i.e., not rigid, and not a single universe variable, but an algebraic expression of other universe variables)? 
[Wed Aug  7 14:07:59 2013] <jgross> But I have to run.  I'll check my logs later and reply to anything you say. 
[Wed Aug  7 14:08:35 2013] <beta> thanks
[Wed Aug  7 14:45:46 2013] <osa1> I don't understand what is asked in Software Foundations classical axioms exercise. is it possible to prove equalities of propositions?
[Wed Aug  7 14:46:27 2013] <osa1> this chapter: http://www.cis.upenn.edu/~bcpierce/sf/Logic.html classical_axioms exercise
[Wed Aug  7 14:46:56 2013] <ezyang> Your theorems will look like
[Wed Aug  7 14:47:08 2013] <ezyang> Theorem f1 : peirce -> classic
[Wed Aug  7 14:47:14 2013] <ezyang> Theorem f2 : classic -> excluded_middle
[Wed Aug  7 14:47:15 2013] <ezyang> etc
[Wed Aug  7 14:48:00 2013] <elliott> can also use <->
[Wed Aug  7 14:48:25 2013] <osa1> hmm, let me try
[Wed Aug  7 14:49:46 2013] <ezyang> elliott: Well, <-> is kind of inefficient
[Wed Aug  7 14:50:25 2013] <osa1> ok so in logic context equality means <-> ?
[Wed Aug  7 14:51:25 2013] <ezyang> Well, for some very expansive definition of "equality"
[Wed Aug  7 14:58:33 2013] <elliott> inefficient?
[Wed Aug  7 14:58:50 2013] <elliott> osa1: (p <-> q) means (p -> q /\ q -> p), bi-implication.
[Wed Aug  7 14:59:08 2013] <elliott> it's true that considering propositions as booleans this corresponds to equality (as xor does to inequality), and that <-> is an equivalence relation
[Wed Aug  7 14:59:22 2013] <elliott> and that in homotopy type theory you get something very like <-> for equality on propositions.
[Wed Aug  7 14:59:53 2013] <ezyang> elliott: As in, amount of proof effort necessary ;-)
[Wed Aug  7 15:00:07 2013] <ezyang> If you want to show A B C D E equiv, usual method is to do a chain of some sort
[Wed Aug  7 15:00:16 2013] <elliott> well, sure
[Wed Aug  7 18:00:37 2013] <hpaste> osa1 pasted “how does destruct tactic work?” at http://lpaste.net/91640
[Wed Aug  7 18:00:48 2013] <osa1> can anyone help me with this: http://lpaste.net/91640
[Wed Aug  7 18:10:40 2013] <osa1> another question: let's say I'm looking for a proof for `forall n m, S n = S m -> n = m`, is there a command for search this? (I'm looking for an easier way than searching through documentation manually)
[Wed Aug  7 18:14:29 2013] <ezyang> osa1: when the hypothesis being destructed is of form "... -> False"
[Wed Aug  7 18:14:50 2013] <ezyang> then Coq assumes that you're trying to prove false, and simply requests you to show that 0 = 0 is true
[Wed Aug  7 18:14:57 2013] <ezyang> It's like exfalso and then apply
[Wed Aug  7 18:15:22 2013] <ezyang> it doesn't matter what your goal was, if you find a contradiction, the principle of explosion applies
[Wed Aug  7 18:15:42 2013] <ezyang> Try SearchPattern
[Wed Aug  7 18:15:52 2013] <ezyang> Though I find it to be rather finicky
[Wed Aug  7 18:18:56 2013] <osa1> ezyang: what is principle of explosion? prove anything from contradiction?
[Wed Aug  7 18:19:46 2013] <ezyang> yeppers
[Wed Aug  7 18:22:22 2013] <osa1> ok, thanks. another question: if I remove `forall` keyword from Coq, does that give me a ML type system?
[Wed Aug  7 18:22:57 2013] <ezyang> Ill-formed. Am I allowed to do: Definition foo (x : nat) := ...?
[Wed Aug  7 18:23:40 2013] <osa1> yes
[Wed Aug  7 18:24:04 2013] <ezyang> Well, it's equivalent to Definition foo := forall x : nat, ;-)
[Wed Aug  7 18:26:34 2013] <osa1> hmm.
[Wed Aug  7 18:27:14 2013] <ezyang> If you sufficiently make your requirement more stringent, yes, Coq will no longer be a dependently typed language
[Wed Aug  7 18:27:27 2013] <ezyang> Though it's probably not true that it would have ML's type system.
[Wed Aug  7 18:28:45 2013] <osa1> yeah it probably wouldn't be exactly the ML type system, I meant something similar. "make your requirement more stringent" what do you mean by that?
[Wed Aug  7 18:29:09 2013] <ezyang> Well, you could say, "No pi-types, only arrow types"
[Wed Aug  7 18:29:11 2013] <jgross> ezyang: "Definition foo (a : A) := B a" is equivalent to "Definition foo := fun a : A => B a", not "Definition foo := forall a : A, B a" 
[Wed Aug  7 18:29:24 2013] <ezyang> oh oops -_-
[Wed Aug  7 18:30:00 2013] <osa1> ezyang: actually I was trying to say that but couldn't figure out how to remove pi-types
[Wed Aug  7 18:30:11 2013] <osa1> I thought forall was for specifying pi types
[Wed Aug  7 18:30:20 2013] <ezyang> Yeah, it is
[Wed Aug  7 18:30:44 2013] <osa1> then removing it gives me a language without dependent types?
[Wed Aug  7 18:40:02 2013] <elliott> you also end up without polymorphism.
[Wed Aug  7 18:40:38 2013] <elliott> btw, I don't know what ezyang is saying.
[Wed Aug  7 18:40:42 2013] <elliott> those two definitions are not equivalent.
[Wed Aug  7 18:40:47 2013] <elliott> oh
[Wed Aug  7 18:40:49 2013] <elliott> jgross said so
[Wed Aug  7 18:50:27 2013] <jgross> ezyang: https://gist.github.com/JasonGross/6179650 <- the type of theorem2_6_5'.  At least if you're willing to use [match].  I'll leave it up to you to translate that back into transports :-P 
[Wed Aug  7 18:51:06 2013] <ezyang> :-P
[Wed Aug  7 18:51:19 2013] <ezyang> What an ugly theorem.
[Wed Aug  7 18:59:56 2013] <jgross> Indeed.  Maybe favonia or someone else has an idea of how it's supposed to look homotopically. 
[Wed Aug  7 19:01:47 2013] <jgross> If you're willing to cheat, you can look at projT2_path_sigma, which might be what you're looking for here.  Or maybe ap_functor_sigma. 
[Wed Aug  7 19:03:04 2013] <ezyang> I looked through the standard library and didn't see anything that fit the right form.
[Wed Aug  7 19:03:35 2013] <ezyang> I'm uselessly spinning my wheels on the problem and would like to get unstuck as quickly as possible ^_^
[Wed Aug  7 19:07:05 2013] <jgross> Are you sure?  ap_functor_sigma seems to be the theorem, up to alpha conversion, with functor_sigma being your f. 
[Wed Aug  7 19:08:21 2013] <jgross> (Found via "SearchAbout path_sigma ap.") 
[Wed Aug  7 19:08:49 2013] <ezyang> Oh, you're right!
[Wed Aug  7 19:09:10 2013] <ezyang> Hmm, maybe the separation of functor_sigma threw me off.
[Thu Aug  8 01:55:00 2013] <osa1> "type theory was originally invented ... it was later developed as a rigorous formal system in ints own right (under the name lambda calculus)" <- is that quote correct? I thought lambda calculus is a formal system to model function applications and has nothing to do with type theory.
[Thu Aug  8 01:57:45 2013] <benl23> I think Church's original calculus was simply typed
[Thu Aug  8 01:58:15 2013] <benl23> osa1: maybe read about Church's theorem
[Thu Aug  8 02:00:48 2013] <osa1> benl23: this Church's theorem http://en.wikipedia.org/wiki/Church%27s_theorem ? how is that related with type theory?
[Thu Aug  8 02:05:04 2013] <benl23> because the problem asks about first order logic, and lambda calculus can be used to model that
[Thu Aug  8 02:05:35 2013] <benl23> do you know about the "Curry-Howard correspondence"?
[Thu Aug  8 02:06:00 2013] <osa1> yeah, I'm programming Coq
[Thu Aug  8 02:08:16 2013] <osa1> benl23: I'm still having trouble seeing the relation between lambda calculus and type theory
[Thu Aug  8 02:08:27 2013] <osa1> btw, that quote is from HoTT book
[Thu Aug  8 02:09:18 2013] <benl23> ah, those guys probably made that statement with the benefit of hindsight, then.
[Thu Aug  8 02:11:08 2013] <benl23> lambda calculus + logic + type theory are basically the same thing, though the original inventors took some time to realise it.
[Thu Aug  8 02:12:09 2013] <benl23> I think the original statement is true with the benefit of hindsight, but the original people that worked on lambda calculus may not have been thinking "I'm really doing logic and type theory as well".
[Thu Aug  8 02:18:54 2013] <benl23> .. hmm original LC wasn't simply typed
[Thu Aug  8 02:19:05 2013] <benl23> Church's paper came before Gentzen, at least
[Thu Aug  8 02:19:43 2013] <amosr> hmm. well it had to be turing complete, didn't it :-)
[Thu Aug  8 02:20:26 2013] <benl23> .. :-P
[Thu Aug  8 02:22:49 2013] <benl23> http://maths.swan.ac.uk/staff/jrh/papers/JRHHislamWeb.pdf has the story
[Thu Aug  8 03:41:46 2013] <darinm> I thought Church's original version of the lambda calculus was untyped
[Thu Aug  8 03:41:59 2013] <darinm> and he developed the typed variant due to the discovery of paradoxes
[Thu Aug  8 03:42:16 2013] <darinm> even the original variant was meant as a language for mathematics
[Thu Aug  8 03:42:47 2013] <darinm> and the typed variant was intended as a response to Russell
[Thu Aug  8 06:11:35 2013] <msrcptival> anyone in here familiar with ad-hoc proof automation by canonical structures?
[Thu Aug  8 06:12:01 2013] <beta> here
[Thu Aug  8 06:12:36 2013] <beta> msrcptival: I'm going to lunch now, but you can post the question and I'll respond later on
[Thu Aug  8 06:51:51 2013] <msrcptival> beta: http://paste.awesom.eu/Ptival/MeD
[Thu Aug  8 06:53:34 2013] <msrcptival> if you cannot run this, you should know it fails to apply getPos in the proof of where_is_1, with error: Impossible to unify "findHere 1 ?1762" with "findThere ?1738 ?1739".
[Thu Aug  8 06:58:28 2013] <msrcptival> beta: maybe what's going on is that this first resolution fails, and the error message is a later try :\ but then I don't know why the first one fails...
[Thu Aug  8 07:02:09 2013] <msrcptival> (also I realize the resolution I give is when I do 'exists 0.' instead of 'eexists.', the error is identical though
[Thu Aug  8 07:22:37 2013] <beta> msrcptival: two things: first, the description of how unification works with Canonical Structures does not quite work for Coq's apply.
[Thu Aug  8 07:22:56 2013] <beta> Second, you need to provide the target before the triggering of the search
[Thu Aug  8 07:24:23 2013] <beta> when you apply [getPos] to [nth default mySeq position = 3], the unification and triggering of [untag_seq (seq_of f) = mySeq] happens before [target_of f = 3]
[Thu Aug  8 07:24:27 2013] <beta> so you don't have a target
[Thu Aug  8 07:25:21 2013] <beta> and, BTW, you should probably move the target as a parameter of the structure, otherwise [target_of f = 3] will trigger the execution without having the seq
[Thu Aug  8 07:25:54 2013] <beta> that said, I noticed that [apply:] is not working properly in this case
[Thu Aug  8 07:50:44 2013] <beta> this is how I made it work:
[Thu Aug  8 07:50:45 2013] <beta> http://paste.awesom.eu/98m
[Thu Aug  8 08:41:55 2013] <msrcptival> beta: for the unification order, I thought it would still work thanks to backtracking, even though it might have taken more time
[Thu Aug  8 08:43:41 2013] <beta> it might work in some cases, but as a general pattern, you should always make sure that the inputs of your algorithm are defined before the CS resolution engine gets triggered
[Thu Aug  8 08:44:01 2013] <msrcptival> ok
[Thu Aug  8 08:44:29 2013] <msrcptival> so one thing I'm still unclear about is this decision of what to put as parameters of the structure and what to put inside the structure
[Thu Aug  8 08:44:51 2013] <msrcptival> do I only put the term driving resolution and the expected properties of the result inside the structure?
[Thu Aug  8 08:51:35 2013] <beta> I don't think I have a good answer for this. Inputs should go as parameters for sure, except perhaps if you don't have that option (in which case you need the "parametrized tagging" pattern, see the noalias example from our journal paper)
[Thu Aug  8 08:52:42 2013] <beta> outputs can be parameters or fields, but making sure they do not end up being used as triggers (for instance, making them anonymous "_")
[Thu Aug  8 08:56:15 2013] <msrcptival> ok, thanks for the help!
[Thu Aug  8 08:56:25 2013] <msrcptival> I'm going to try a more complicated attempt now :)
[Thu Aug  8 08:58:12 2013] <beta> if you have specific questions you can ask me directly: beta@mpi-sws.org
[Thu Aug  8 08:58:49 2013] <beta> oh, and Georges told me that apply: does not work if it has to assign an existential created before
[Thu Aug  8 09:22:00 2013] <gdsfh> msrcptival: I'm interested in canonical structures too, but had bad internet connection; can you please post chat log from your first question to this message?  (using any paste service, for example)
[Thu Aug  8 09:23:56 2013] <msrcptival> gdsfh: http://paste.awesom.eu/DBt
[Thu Aug  8 09:24:10 2013] <gdsfh> msrcptival: thanks!
[Thu Aug  8 13:43:07 2013] <jgross_> Does anyone have a good replacement for (e)rewrite?  I thought agda equational reasoning was painful, but trying to prove things in Coq without rewrite is even more painful. 
[Thu Aug  8 13:43:07 2013] <jgross_> Does anyone have a good replacement for (e)rewrite?  I thought agda equational reasoning was painful, but trying to prove things in Coq without rewrite is even more painful.
[Thu Aug  8 13:56:30 2013] <msrcptival> beta: do you have an example that does what I'm trying to do in the second part of this? http://paste.awesom.eu/Ptival/4Th
[Thu Aug  8 13:56:30 2013] <msrcptival> beta: do you have an example that does what I'm trying to do in the second part of this? http://paste.awesom.eu/Ptival/4Th
[Thu Aug  8 13:57:11 2013] <msrcptival> there might be a better way to force target and the (Logic.eq_refl mySeq) business
[Thu Aug  8 13:57:11 2013] <msrcptival> there might be a better way to force target and the (Logic.eq_refl mySeq) business
[Thu Aug  8 16:25:44 2013] <ekwialen> join logic
[Thu Aug  8 16:25:44 2013] <ekwialen> join logic
[Thu Aug  8 16:25:51 2013] <ekwialen> \quit
[Thu Aug  8 16:25:51 2013] <ekwialen> \quit
[Fri Aug  9 18:37:37 2013] <Laraoxo> Hello :)
[Fri Aug  9 18:37:37 2013] <Laraoxo> Hello :)
[Sat Aug 10 10:24:14 2013] <osa1> are those two types equal? `forall (y : yesno) (b1 b2 : byntree), P b1 -> P b2 -> P (nbranch y b1 b2)` and `forall (y : yesno) (b1 : byntree), P b1 -> forall b2 : byntree, P b2 -> P (nbranch y b1 b2)`
[Sat Aug 10 10:24:15 2013] <osa1> are those two types equal? `forall (y : yesno) (b1 b2 : byntree), P b1 -> P b2 -> P (nbranch y b1 b2)` and `forall (y : yesno) (b1 : byntree), P b1 -> forall b2 : byntree, P b2 -> P (nbranch y b1 b2)`
[Sat Aug 10 14:36:17 2013] <sgnb> osa1: no
[Sat Aug 10 14:36:17 2013] <sgnb> osa1: no
[Sat Aug 10 14:37:50 2013] <sgnb> osa1: but a way to check is to try to prove it by reflexivity
[Sat Aug 10 14:37:50 2013] <sgnb> osa1: but a way to check is to try to prove it by reflexivity
[Sat Aug 10 14:40:44 2013] <jgross_> osa1: They are equal if you assume univalence, but not otherwise. 
[Sat Aug 10 14:40:44 2013] <jgross_> osa1: They are equal if you assume univalence, but not otherwise.
[Sat Aug 10 15:43:02 2013] <osa1> I have no idea what is univalence.
[Sat Aug 10 15:43:02 2013] <osa1> I have no idea what is univalence.
[Sat Aug 10 17:49:25 2013] <ezyang> Uh oh, Coq reports no more goals, but refuses to let me Qed
[Sat Aug 10 17:49:25 2013] <ezyang> Uh oh, Coq reports no more goals, but refuses to let me Qed
[Sat Aug 10 17:50:02 2013] <ezyang> http://lpaste.net/91725
[Sat Aug 10 17:50:02 2013] <ezyang> http://lpaste.net/91725
[Sat Aug 10 17:53:38 2013] <def-lkb_> you used tactics to generate the proof term ?
[Sat Aug 10 17:53:38 2013] <def-lkb_> you used tactics to generate the proof term ?
[Sat Aug 10 17:54:08 2013] <ezyang> Yeppers
[Sat Aug 10 17:54:09 2013] <ezyang> Yeppers
[Sat Aug 10 17:54:27 2013] <def-lkb_> "Qed" typecheck the proof term generated by tactics, and it happens that a tactic generate a wrong term
[Sat Aug 10 17:54:27 2013] <def-lkb_> "Qed" typecheck the proof term generated by tactics, and it happens that a tactic generate a wrong term
[Sat Aug 10 17:54:42 2013] <def-lkb_> (so its a bug in a tactic implementation…)
[Sat Aug 10 17:54:42 2013] <def-lkb_> (so its a bug in a tactic implementation…)
[Sat Aug 10 17:54:54 2013] <ezyang> makes sense
[Sat Aug 10 17:54:54 2013] <ezyang> makes sense
[Sat Aug 10 17:56:25 2013] <ezyang> Gah, this proof term is so big
[Sat Aug 10 17:56:25 2013] <ezyang> Gah, this proof term is so big
[Sat Aug 10 17:57:21 2013] <ezyang> Hm.
[Sat Aug 10 17:57:21 2013] <ezyang> Hm.
[Sat Aug 10 17:57:28 2013] <ezyang> It appears the /theorem statement itself/ is ill-typed
[Sat Aug 10 17:57:29 2013] <ezyang> It appears the /theorem statement itself/ is ill-typed
[Sat Aug 10 17:57:54 2013] <ezyang> http://lpaste.net/91727
[Sat Aug 10 17:57:54 2013] <ezyang> http://lpaste.net/91727
[Sat Aug 10 17:59:29 2013] <ezyang> Dammit, I wish match had better support for multi-matches :-(
[Sat Aug 10 17:59:29 2013] <ezyang> Dammit, I wish match had better support for multi-matches :-(
[Sat Aug 10 18:03:18 2013] <ezyang> hmmmm this doesn't type check either http://lpaste.net/91728
[Sat Aug 10 18:03:18 2013] <ezyang> hmmmm this doesn't type check either http://lpaste.net/91728
[Sat Aug 10 18:06:07 2013] <ezyang> Ah, and once I put in /all/ of the annotations it goes through
[Sat Aug 10 18:06:07 2013] <ezyang> Ah, and once I put in /all/ of the annotations it goes through
[Sat Aug 10 18:09:25 2013] <ezyang> :-( Now I can't destruct x and y anymore
[Sat Aug 10 18:09:25 2013] <ezyang> :-( Now I can't destruct x and y anymore
[Sat Aug 10 18:12:04 2013] <robbert> ezyang: you may want to paste self contained code here: "Error: The reference Empty was not found ..."
[Sat Aug 10 18:12:04 2013] <robbert> ezyang: you may want to paste self contained code here: "Error: The reference Empty was not found ..."
[Sat Aug 10 18:12:54 2013] <ezyang> Well, you'll need to be on HoTT coq
[Sat Aug 10 18:12:54 2013] <ezyang> Well, you'll need to be on HoTT coq
[Sat Aug 10 18:13:42 2013] <robbert> well, cannot help you in that case
[Sat Aug 10 18:13:42 2013] <robbert> well, cannot help you in that case
[Mon Aug 12 02:11:58 2013] <clj_newb_2345> Notation "e :? pf" := (eq_rect _ (fun X : Set => X) e _ pf)   (no associativity, at level 90).
[Mon Aug 12 02:11:58 2013] <clj_newb_2345> Notation "e :? pf" := (eq_rect _ (fun X : Set => X) e _ pf)   (no associativity, at level 90).
[Mon Aug 12 02:12:01 2013] <clj_newb_2345> what does this notation mean?
[Mon Aug 12 02:12:01 2013] <clj_newb_2345> what does this notation mean?
[Mon Aug 12 02:12:07 2013] <clj_newb_2345> I have read "Check eq_rect"
[Mon Aug 12 02:12:07 2013] <clj_newb_2345> I have read "Check eq_rect"
[Mon Aug 12 02:12:16 2013] <clj_newb_2345> but I don't see all the parts are supposed to figut together
[Mon Aug 12 02:12:16 2013] <clj_newb_2345> but I don't see all the parts are supposed to figut together
[Mon Aug 12 02:13:47 2013] <jgross_> Try "Print eq_rect" or "Eval compute in fun e pf => e :? pf" 
[Mon Aug 12 02:13:47 2013] <jgross_> Try "Print eq_rect" or "Eval compute in fun e pf => e :? pf"
[Mon Aug 12 02:16:37 2013] <clj_newb_2345> match pf in (_ = y) return y with ...
[Mon Aug 12 02:16:37 2013] <clj_newb_2345> match pf in (_ = y) return y with ...
[Mon Aug 12 02:17:03 2013] <clj_newb_2345> I understand you're trying to teach me to fish
[Mon Aug 12 02:17:03 2013] <clj_newb_2345> I understand you're trying to teach me to fish
[Mon Aug 12 02:17:11 2013] <clj_newb_2345> but this might work slightly better once I know what type of fish I'm going after
[Mon Aug 12 02:17:12 2013] <clj_newb_2345> but this might work slightly better once I know what type of fish I'm going after
[Mon Aug 12 02:17:29 2013] <clj_newb_2345> I know that eq_rect is realted to the "rewrite" tactic
[Mon Aug 12 02:17:29 2013] <clj_newb_2345> I know that eq_rect is realted to the "rewrite" tactic
[Mon Aug 12 02:18:38 2013] <jgross_> Well, eq_rect is the recursion/induction principle for equality, and is defined using [match]. 
[Mon Aug 12 02:18:38 2013] <jgross_> Well, eq_rect is the recursion/induction principle for equality, and is defined using [match].
[Mon Aug 12 02:20:12 2013] <jgross_> In this particular example, if [pf] is of type [A = B], and you have [x : A], then [match pf in (_ = y) return y with eq_refl => x end] has type [B]; you can think of this match as transporting/casting [x] along/by the equality [pf]. 
[Mon Aug 12 02:20:12 2013] <jgross_> In this particular example, if [pf] is of type [A = B], and you have [x : A], then [match pf in (_ = y) return y with eq_refl => x end] has type [B]; you can think of this match as transporting/casting [x] along/by the equality [pf].
[Mon Aug 12 02:21:50 2013] <clj_newb_2345> so this is just "A -> A = B -> B" ?
[Mon Aug 12 02:21:50 2013] <clj_newb_2345> so this is just "A -> A = B -> B" ?
[Mon Aug 12 02:22:11 2013] <clj_newb_2345> Why can't this be better stated as lem_simp : forall (A B: Type), A -> A = B -> B .
[Mon Aug 12 02:22:11 2013] <clj_newb_2345> Why can't this be better stated as lem_simp : forall (A B: Type), A -> A = B -> B .
[Mon Aug 12 02:22:27 2013] <jgross_> Because [eq_rect] is more powerful than that. 
[Mon Aug 12 02:22:34 2013] <jgross_> Because [eq_rect] is more powerful than that.
[Mon Aug 12 02:23:39 2013] <jgross_> It also captures [forall A B (x y : A) (f : A -> B), x = y -> f x = f y], I believe. 
[Mon Aug 12 02:23:39 2013] <jgross_> It also captures [forall A B (x y : A) (f : A -> B), x = y -> f x = f y], I believe.
[Mon Aug 12 02:23:54 2013] <clj_newb_2345> hmm, I was going to ask if it was "P A -> A = B -> P B"
[Mon Aug 12 02:23:54 2013] <clj_newb_2345> hmm, I was going to ask if it was "P A -> A = B -> P B"
[Mon Aug 12 02:24:43 2013] <jgross_> That too, for appropriate arguments to [eq_rect]. 
[Mon Aug 12 02:24:43 2013] <jgross_> That too, for appropriate arguments to [eq_rect].
[Mon Aug 12 02:26:23 2013] <clj_newb_2345> oh, I think I got it
[Mon Aug 12 02:26:23 2013] <clj_newb_2345> oh, I think I got it
[Mon Aug 12 02:26:29 2013] <clj_newb_2345> this is bascailly "rewrite pf in e" right?
[Mon Aug 12 02:26:29 2013] <clj_newb_2345> this is bascailly "rewrite pf in e" right?
[Mon Aug 12 02:26:48 2013] <clj_newb_2345> pf has to be something of the form A = B, and A has to appear in e, and we just repalce A with B
[Mon Aug 12 02:26:48 2013] <clj_newb_2345> pf has to be something of the form A = B, and A has to appear in e, and we just repalce A with B
[Mon Aug 12 02:27:31 2013] <jgross_> Yes, that's about right.  But you can also control which occurances of [A] in [e] get replaced with [B] (if [A] shows up multiple times) 
[Mon Aug 12 02:27:32 2013] <jgross_> Yes, that's about right.  But you can also control which occurances of [A] in [e] get replaced with [B] (if [A] shows up multiple times)
[Mon Aug 12 02:28:12 2013] <jgross_> But [match] is more general than that, and is used for things like natural numbers and strings and lists, too. 
[Mon Aug 12 02:28:12 2013] <jgross_> But [match] is more general than that, and is used for things like natural numbers and strings and lists, too.
[Mon Aug 12 02:33:40 2013] <clj_newb_2345> noted, thanks
[Mon Aug 12 02:33:40 2013] <clj_newb_2345> noted, thanks
[Mon Aug 12 03:25:43 2013] <clj_newb_2345> https://gist.github.com/anonymous/6208808
[Mon Aug 12 03:25:43 2013] <clj_newb_2345> https://gist.github.com/anonymous/6208808
[Mon Aug 12 03:25:58 2013] <clj_newb_2345> in this block of code, (with the only comment "varaible-length tuples")
[Mon Aug 12 03:25:58 2013] <clj_newb_2345> in this block of code, (with the only comment "varaible-length tuples")
[Mon Aug 12 03:26:16 2013] <clj_newb_2345> what is index, first, and next supposed to mean intuitively?
[Mon Aug 12 03:26:16 2013] <clj_newb_2345> what is index, first, and next supposed to mean intuitively?
[Mon Aug 12 03:26:27 2013] <clj_newb_2345> they do not match any intuition of index/first/next I'm familiar with
[Mon Aug 12 03:26:27 2013] <clj_newb_2345> they do not match any intuition of index/first/next I'm familiar with
[Mon Aug 12 14:40:04 2013] <clj_newb_2345> in Coq, what does "fun idx => match idx with end" mean ?
[Mon Aug 12 14:40:04 2013] <clj_newb_2345> in Coq, what does "fun idx => match idx with end" mean ?
[Mon Aug 12 14:40:10 2013] <clj_newb_2345> it's a function which takes input idx,
[Mon Aug 12 14:40:10 2013] <clj_newb_2345> it's a function which takes input idx,
[Mon Aug 12 14:40:17 2013] <clj_newb_2345> but the "match idx with end" part seems to not even compile on its own
[Mon Aug 12 14:40:17 2013] <clj_newb_2345> but the "match idx with end" part seems to not even compile on its own
[Mon Aug 12 14:41:11 2013] <gallais> I'd have to guess that idx is of type False
[Mon Aug 12 14:41:11 2013] <gallais> I'd have to guess that idx is of type False
[Mon Aug 12 14:41:31 2013] <gallais> the inductive type with no constructor (hence a pattern matching with no patterns)
[Mon Aug 12 14:41:31 2013] <gallais> the inductive type with no constructor (hence a pattern matching with no patterns)
[Mon Aug 12 14:42:17 2013] <clj_newb_2345> idx has type Empty_Set
[Mon Aug 12 14:42:17 2013] <clj_newb_2345> idx has type Empty_Set
[Mon Aug 12 14:42:21 2013] <clj_newb_2345> which does have no constructors
[Mon Aug 12 14:42:21 2013] <clj_newb_2345> which does have no constructors
[Mon Aug 12 14:42:25 2013] <clj_newb_2345> good call; thanks
[Mon Aug 12 14:42:25 2013] <clj_newb_2345> good call; thanks
[Mon Aug 12 14:42:40 2013] <clj_newb_2345> what is the type of "match idx with end" ?
[Mon Aug 12 14:42:40 2013] <clj_newb_2345> what is the type of "match idx with end" ?
[Mon Aug 12 14:43:01 2013] <clj_newb_2345> or does the type not exist since there are no constructors
[Mon Aug 12 14:43:01 2013] <clj_newb_2345> or does the type not exist since there are no constructors
[Mon Aug 12 14:44:45 2013] <gallais> in a context where "idx: Empty_Set", "match idx with end" has type "forall A : Type, A"
[Mon Aug 12 14:44:45 2013] <gallais> in a context where "idx: Empty_Set", "match idx with end" has type "forall A : Type, A"
[Mon Aug 12 14:45:22 2013] <gallais> or "forall {A : Type}, A" to be precise (A is implicit)
[Mon Aug 12 14:45:22 2013] <gallais> or "forall {A : Type}, A" to be precise (A is implicit)
[Mon Aug 12 14:51:05 2013] <clj_newb_2345> this makes sense
[Mon Aug 12 14:51:05 2013] <clj_newb_2345> this makes sense
[Mon Aug 12 14:51:11 2013] <clj_newb_2345> it reminds me of forall P, False -> {P
[Mon Aug 12 14:51:11 2013] <clj_newb_2345> it reminds me of forall P, False -> {P
[Mon Aug 12 14:51:28 2013] <clj_newb_2345> in the sense that if I can construct you a object of type Empty_Set, then you can return me any type I wanted
[Mon Aug 12 14:51:28 2013] <clj_newb_2345> in the sense that if I can construct you a object of type Empty_Set, then you can return me any type I wanted
[Mon Aug 12 14:51:36 2013] <clj_newb_2345> thanks
[Mon Aug 12 14:51:36 2013] <clj_newb_2345> thanks
[Mon Aug 12 14:52:15 2013] <jgross_> It might be more accurate to say that the type of "match idx return _ with end" (which is equivalent to "match idx with end") can't be inferred, but if you fill in the "_", then the type of "match idx return A with end" (which is roughly equivalent to "match idx with end : A") is "A". 
[Mon Aug 12 14:52:16 2013] <jgross_> It might be more accurate to say that the type of "match idx return _ with end" (which is equivalent to "match idx with end") can't be inferred, but if you fill in the "_", then the type of "match idx return A with end" (which is roughly equivalent to "match idx with end : A") is "A".
[Mon Aug 12 14:54:17 2013] <osa1> what is Admitted? is it something like `undefined` in Haskell? (undefined :: forall a. a)
[Mon Aug 12 14:54:17 2013] <osa1> what is Admitted? is it something like `undefined` in Haskell? (undefined :: forall a. a)
[Mon Aug 12 14:54:24 2013] <clj_newb_2345> yes, I was hoping for a formal statement like that :-)
[Mon Aug 12 14:54:24 2013] <clj_newb_2345> yes, I was hoping for a formal statement like that :-)
[Mon Aug 12 14:54:25 2013] <ezyang> Essentially.
[Mon Aug 12 14:54:25 2013] <ezyang> Essentially.
[Mon Aug 12 14:54:29 2013] <ezyang> (re osa1)
[Mon Aug 12 14:54:29 2013] <ezyang> (re osa1)
[Mon Aug 12 14:55:29 2013] <clj_newb_2345> My understanding of "Admitted." is -- I don't want to prove this, just pretend I proved this.
[Mon Aug 12 14:55:29 2013] <clj_newb_2345> My understanding of "Admitted." is -- I don't want to prove this, just pretend I proved this.
[Mon Aug 12 14:55:50 2013] <osa1> or "just assume this as an axiom" ?
[Mon Aug 12 14:55:50 2013] <osa1> or "just assume this as an axiom" ?
[Mon Aug 12 14:56:13 2013] <clj_newb_2345> there's "Axiom" for "assume this is an axiom"
[Mon Aug 12 14:56:13 2013] <clj_newb_2345> there's "Axiom" for "assume this is an axiom"
[Mon Aug 12 14:56:18 2013] <clj_newb_2345> "Admitted." is used in teh context of a proof
[Mon Aug 12 14:56:18 2013] <clj_newb_2345> "Admitted." is used in teh context of a proof
[Mon Aug 12 14:56:21 2013] <osa1> oh
[Mon Aug 12 14:56:21 2013] <osa1> oh
[Mon Aug 12 14:56:24 2013] <clj_newb_2345> to say "assume I proved this"
[Mon Aug 12 14:56:24 2013] <clj_newb_2345> to say "assume I proved this"
[Mon Aug 12 14:57:31 2013] <osa1> hmm according to my syntax highlighter, Axiom is just another word like Theorem/Definition/Lemma/etc. so it's not a tactic.
[Mon Aug 12 14:57:31 2013] <osa1> hmm according to my syntax highlighter, Axiom is just another word like Theorem/Definition/Lemma/etc. so it's not a tactic.
[Mon Aug 12 14:57:47 2013] <clj_newb_2345> Lemma forall a b c n, n >= 3 -> a <> 0 -> b <> 0 -> a ^ n + b ^ n = c ^n -> False. Proof. Admitted. Qed.
[Mon Aug 12 14:57:47 2013] <clj_newb_2345> Lemma forall a b c n, n >= 3 -> a <> 0 -> b <> 0 -> a ^ n + b ^ n = c ^n -> False. Proof. Admitted. Qed.
[Mon Aug 12 14:58:21 2013] <clj_newb_2345> Axiom is not a tactic
[Mon Aug 12 14:58:21 2013] <clj_newb_2345> Axiom is not a tactic
[Mon Aug 12 14:58:36 2013] <clj_newb_2345> use it in place for Lemma/Theorem for "this is an axiom, accept it without proof"
[Mon Aug 12 14:58:36 2013] <clj_newb_2345> use it in place for Lemma/Theorem for "this is an axiom, accept it without proof"
[Mon Aug 12 15:06:36 2013] <jgross_> Admitted is not a tactic either.  The tactic is "admit".  Admitted is used in place of "Qed" or "Defined" to say "forget the proof I'm trying to do, pretend that instead of Lemma/Theorem/Definition/etc, I said Axiom".  "admit" does not forget the work that you've done on the proof so far, but instead proves your current goal with a fresh axiom added to the global context. 
[Mon Aug 12 15:06:36 2013] <jgross_> Admitted is not a tactic either.  The tactic is "admit".  Admitted is used in place of "Qed" or "Defined" to say "forget the proof I'm trying to do, pretend that instead of Lemma/Theorem/Definition/etc, I said Axiom".  "admit" does not forget the work that you've done on the proof so far, but instead proves your current goal with a fresh axiom added to the global context.
[Mon Aug 12 15:08:44 2013] <clj_newb_2345> what do I need to read to understand sigT ?
[Mon Aug 12 15:08:44 2013] <clj_newb_2345> what do I need to read to understand sigT ?
[Mon Aug 12 15:08:50 2013] <clj_newb_2345> I've seen it show up multiple times
[Mon Aug 12 15:08:50 2013] <clj_newb_2345> I've seen it show up multiple times
[Mon Aug 12 15:08:55 2013] <clj_newb_2345> it has a simple type
[Mon Aug 12 15:08:55 2013] <clj_newb_2345> it has a simple type
[Mon Aug 12 15:08:59 2013] <clj_newb_2345> yet I still have no idea what it does
[Mon Aug 12 15:08:59 2013] <clj_newb_2345> yet I still have no idea what it does
[Mon Aug 12 15:09:19 2013] <clj_newb_2345> why do I want (forall A, (A -> Type) -> Type) ?
[Mon Aug 12 15:09:19 2013] <clj_newb_2345> why do I want (forall A, (A -> Type) -> Type) ?
[Mon Aug 12 16:05:50 2013] <jgross_> Have you tried 'Print sigT.', and have you tried understanding inductive types and constructors in general, and 'existT' in particular? 
[Mon Aug 12 16:05:50 2013] <jgross_> Have you tried 'Print sigT.', and have you tried understanding inductive types and constructors in general, and 'existT' in particular?
[Mon Aug 12 16:21:03 2013] <Cale> clj_newb_2345 needs to learn how to idle ;)
[Mon Aug 12 16:21:03 2013] <Cale> clj_newb_2345 needs to learn how to idle ;)
[Mon Aug 12 16:22:03 2013] <ianjneu> * awoke from his idle slumber
[Mon Aug 12 16:22:03 2013] <ianjneu> * awoke from his idle slumber
[Mon Aug 12 16:22:04 2013] <ianjneu> ya.
[Mon Aug 12 16:22:04 2013] <ianjneu> ya.
[Tue Aug 13 00:33:00 2013] <rajaniemi.freenode.net> [freenode-info] please register your nickname...don't forget to auto-identify! http://freenode.net/faq.shtml#nicksetup
[Tue Aug 13 10:25:41 2013] <ryanakca> How can I create a finite map (preferably using FMapAVL) where the type of the value is parametrized by the key?
[Tue Aug 13 10:25:41 2013] <ryanakca> How can I create a finite map (preferably using FMapAVL) where the type of the value is parametrized by the key?
[Tue Aug 13 10:26:34 2013] <ianjneu> ryanakca: I've wanted so much to do that before.
[Tue Aug 13 10:26:34 2013] <ianjneu> ryanakca: I've wanted so much to do that before.
[Tue Aug 13 10:27:05 2013] <ianjneu> I came to the conclusion that it couldn't be done, since the value type expected is not a family of types over the keys.
[Tue Aug 13 10:27:05 2013] <ianjneu> I came to the conclusion that it couldn't be done, since the value type expected is not a family of types over the keys.
[Tue Aug 13 10:28:55 2013] <ianjneu> It would require an entire rewrite of the theory and implementations :/
[Tue Aug 13 10:28:55 2013] <ianjneu> It would require an entire rewrite of the theory and implementations :/
[Tue Aug 13 10:29:00 2013] <ryanakca> I see, bummer :/
[Tue Aug 13 10:29:00 2013] <ryanakca> I see, bummer :/
[Tue Aug 13 10:29:41 2013] <ianjneu> The problem with dependently-typed languages is library design. No one knows how to do it adequately yet.
[Tue Aug 13 10:29:41 2013] <ianjneu> The problem with dependently-typed languages is library design. No one knows how to do it adequately yet.
[Tue Aug 13 10:38:59 2013] <ryanakca> ianjneu: Did you end up working out an alternate solution?
[Tue Aug 13 10:38:59 2013] <ryanakca> ianjneu: Did you end up working out an alternate solution?
[Tue Aug 13 10:43:17 2013] <ianjneu> ryanakca: Do proofs by hand and keep doing my research.
[Tue Aug 13 10:43:17 2013] <ianjneu> ryanakca: Do proofs by hand and keep doing my research.
[Tue Aug 13 10:43:38 2013] <ianjneu> I've not touched a proof assistant in about a year :/
[Tue Aug 13 10:43:38 2013] <ianjneu> I've not touched a proof assistant in about a year :/
[Tue Aug 13 10:44:52 2013] <ianjneu> Higher-order logic is not good at modular proofs of termination, so a lot of my programs got heavily first-order-ized
[Tue Aug 13 10:44:52 2013] <ianjneu> Higher-order logic is not good at modular proofs of termination, so a lot of my programs got heavily first-order-ized
[Tue Aug 13 10:44:56 2013] <ianjneu> it was painful.
[Tue Aug 13 10:44:56 2013] <ianjneu> it was painful.
[Tue Aug 13 10:46:00 2013] <ianjneu> Consider type family s-expression(X), which is either an atom : X -> s-expression(X) or lst : list(s-expression X) -> s-expression X
[Tue Aug 13 10:46:00 2013] <ianjneu> Consider type family s-expression(X), which is either an atom : X -> s-expression(X) or lst : list(s-expression X) -> s-expression X
[Tue Aug 13 10:46:39 2013] <ianjneu> Write a recursive function f on an s-expression(X) s, that uses map f.
[Tue Aug 13 10:46:39 2013] <ianjneu> Write a recursive function f on an s-expression(X) s, that uses map f.
[Tue Aug 13 10:46:45 2013] <ianjneu> Can't prove termination.
[Tue Aug 13 10:46:45 2013] <ianjneu> Can't prove termination.
[Tue Aug 13 10:48:46 2013] <ianjneu> I have similar problems when representing closures and want to write folds over the enviroment, using the function I'm defining.
[Tue Aug 13 10:48:46 2013] <ianjneu> I have similar problems when representing closures and want to write folds over the enviroment, using the function I'm defining.
[Tue Aug 13 10:54:16 2013] <ryanakca> * nods, it sounds rather unpleasant to prove
[Tue Aug 13 10:54:16 2013] <ryanakca> * nods, it sounds rather unpleasant to prove
[Tue Aug 13 11:04:22 2013] <ianjneu> It's structural, but due to the theory making the implementations opaque, there's no way to know.
[Tue Aug 13 11:04:22 2013] <ianjneu> It's structural, but due to the theory making the implementations opaque, there's no way to know.
[Tue Aug 13 12:04:35 2013] <robbert> ianjneu: here is such a recursive function http://lpaste.net/91822
[Tue Aug 13 12:04:35 2013] <robbert> ianjneu: here is such a recursive function http://lpaste.net/91822
[Tue Aug 13 12:04:38 2013] <robbert> works just fine
[Tue Aug 13 12:04:38 2013] <robbert> works just fine
[Tue Aug 13 12:05:52 2013] <robbert> ryanakca: the problem is that FmapAVL uses the module system to abstract over the type over keys. Unfortunatelly, the module system is not first class, so you cannot do what you want.
[Tue Aug 13 12:05:52 2013] <robbert> ryanakca: the problem is that FmapAVL uses the module system to abstract over the type over keys. Unfortunatelly, the module system is not first class, so you cannot do what you want.
[Tue Aug 13 12:06:49 2013] <robbert> but you can of course make your own implementation (for example using type classes or canonical structures) that will do what you want.
[Tue Aug 13 12:06:49 2013] <robbert> but you can of course make your own implementation (for example using type classes or canonical structures) that will do what you want.
[Tue Aug 13 12:19:49 2013] <ianjneu> robbert: right, the sexp was a bad example. It was really the closure represented via abstract finite function that I wanted to use a fold over.
[Tue Aug 13 12:19:49 2013] <ianjneu> robbert: right, the sexp was a bad example. It was really the closure represented via abstract finite function that I wanted to use a fold over.
[Tue Aug 13 12:46:48 2013] <shergill> are there any tips etc to get more idiomatic haskell code from the extraction mechanism? (remove unnecessary unsafeCoerce etc)
[Tue Aug 13 12:46:48 2013] <shergill> are there any tips etc to get more idiomatic haskell code from the extraction mechanism? (remove unnecessary unsafeCoerce etc)
[Tue Aug 13 13:10:45 2013] <robbert> ianjneu: I think you mentioned something like that a year ago, I believe that was indeed harder (or even not very possible ;)). Maybe sized types as in for example MiniAgda will help? If so, maybe we'll get those in Coq at some day too :)
[Tue Aug 13 13:10:45 2013] <robbert> ianjneu: I think you mentioned something like that a year ago, I believe that was indeed harder (or even not very possible ;)). Maybe sized types as in for example MiniAgda will help? If so, maybe we'll get those in Coq at some day too :)
[Tue Aug 13 16:32:03 2013] <osa1> I don't understand how can ; tactical be used without first writing the long, repetitive and boring form of the proof and then seeing repetition explicitly and moving to ; tactical. and in that case it'd be better to not to use ; because you already wrote the boring code and to reader ; makes proof more magical.
[Tue Aug 13 16:32:03 2013] <osa1> I don't understand how can ; tactical be used without first writing the long, repetitive and boring form of the proof and then seeing repetition explicitly and moving to ; tactical. and in that case it'd be better to not to use ; because you already wrote the boring code and to reader ; makes proof more magical.
[Tue Aug 13 16:34:16 2013] <fisi> You can use it in your custom tactics, for example (which could be quite magical, granted). Also, quite often you actually know what goals a tactic would produce (and so ; makes sense), it kind of comes with practice.
[Tue Aug 13 16:34:16 2013] <fisi> You can use it in your custom tactics, for example (which could be quite magical, granted). Also, quite often you actually know what goals a tactic would produce (and so ; makes sense), it kind of comes with practice.
[Tue Aug 13 16:36:05 2013] <osa1> is it widely used in practical proofs?
[Tue Aug 13 16:36:06 2013] <osa1> is it widely used in practical proofs?
[Tue Aug 13 16:36:10 2013] <osa1> s/practical/real
[Tue Aug 13 16:36:10 2013] <osa1> s/practical/real
[Tue Aug 13 16:36:34 2013] <fisi> I'd say it depends on your style.
[Tue Aug 13 16:36:34 2013] <fisi> I'd say it depends on your style.
[Tue Aug 13 16:38:31 2013] <fisi> For example, consider an inductive proof with a lot of cases, but mostly simple, that could be solved in a similar way.
[Tue Aug 13 16:38:31 2013] <fisi> For example, consider an inductive proof with a lot of cases, but mostly simple, that could be solved in a similar way.
[Tue Aug 13 16:39:18 2013] <fisi> Why not use a semicolon and a tactic to discharge, say, 80% of the cases?
[Tue Aug 13 16:39:18 2013] <fisi> Why not use a semicolon and a tactic to discharge, say, 80% of the cases?
[Tue Aug 13 16:41:12 2013] <osa1> what if inductive definition is given in a way that even though 80% of the cases are similar, different cases are placed in a way that you cannot automatically eliminate 80% cases because that 20% part just come in your way and stop your ; proof? is there a way to reorder inductive cases?
[Tue Aug 13 16:41:12 2013] <osa1> what if inductive definition is given in a way that even though 80% of the cases are similar, different cases are placed in a way that you cannot automatically eliminate 80% cases because that 20% part just come in your way and stop your ; proof? is there a way to reorder inductive cases?
[Tue Aug 13 16:43:28 2013] <fisi> Well, I'd usually consider a tactic that can't fail but can solve a goal, in the style of `auto' for that kind of use
[Tue Aug 13 16:43:28 2013] <fisi> Well, I'd usually consider a tactic that can't fail but can solve a goal, in the style of `auto' for that kind of use
[Tue Aug 13 16:44:21 2013] <Ptival> osa1: for instance, I'm using a custom logic where term manipulations often involve the composition of many theorems, and I'm juggling with many facts
[Tue Aug 13 16:44:21 2013] <Ptival> osa1: for instance, I'm using a custom logic where term manipulations often involve the composition of many theorems, and I'm juggling with many facts
[Tue Aug 13 16:45:03 2013] <Ptival> doing things manually would require a lot of fiddling with associativity, commutativity, adjunctions, morphisms...
[Tue Aug 13 16:45:03 2013] <Ptival> doing things manually would require a lot of fiddling with associativity, commutativity, adjunctions, morphisms...
[Tue Aug 13 16:45:52 2013] <Ptival> writing a tactic that knows how to manipulate these things is very useful
[Tue Aug 13 16:45:52 2013] <Ptival> writing a tactic that knows how to manipulate these things is very useful
[Tue Aug 13 16:46:17 2013] <Ptival> oh wait, you're talking just about semicolon in particular?
[Tue Aug 13 16:46:18 2013] <Ptival> oh wait, you're talking just about semicolon in particular?
[Tue Aug 13 16:47:07 2013] <osa1> yeah
[Tue Aug 13 16:47:07 2013] <osa1> yeah
[Tue Aug 13 16:47:22 2013] <Ptival> well I use it a lot, but try not to make the chains longer than 1 when possible
[Tue Aug 13 16:47:22 2013] <Ptival> well I use it a lot, but try not to make the chains longer than 1 when possible
[Tue Aug 13 16:48:07 2013] <Ptival> or only when I kinda want to see the thing as one composition of manipulations
[Tue Aug 13 16:48:07 2013] <Ptival> or only when I kinda want to see the thing as one composition of manipulations
[Tue Aug 13 16:48:39 2013] <osa1> btw, this is interesting: http://lpaste.net/91825 in the first proof that 2 different cases occured in the middle of the proof but in the second proof, it eliminated all cases and when it failed it just tried for remaining cases so in the end it eliminated all the similar cases
[Tue Aug 13 16:48:39 2013] <osa1> btw, this is interesting: http://lpaste.net/91825 in the first proof that 2 different cases occured in the middle of the proof but in the second proof, it eliminated all cases and when it failed it just tried for remaining cases so in the end it eliminated all the similar cases
[Tue Aug 13 16:50:01 2013] <osa1> thanks for your comments.
[Tue Aug 13 16:50:01 2013] <osa1> thanks for your comments.
[Tue Aug 13 16:50:43 2013] <Ptival> which of these do you prefer?
[Tue Aug 13 16:50:43 2013] <Ptival> which of these do you prefer?
[Tue Aug 13 16:50:48 2013] <fisi> yup, it does use the tactic on all the goals, the goal does not have to become completely solved. So as long as the tactic doesn't *fail*, you're good.
[Tue Aug 13 16:50:48 2013] <fisi> yup, it does use the tactic on all the goals, the goal does not have to become completely solved. So as long as the tactic doesn't *fail*, you're good.
[Tue Aug 13 16:53:10 2013] <osa1> Ptival: in this particular problem I prefer second one, but if you look at optimize_0plus proofs in SF book you'll see that ; actually makes the proof worse, or at least it didn't help to make proof more readable. and after ; tactic ends, it's hard to predict where is your automated proof ended, except if you defined a tactic notation to automatically give labels to cases etc.
[Tue Aug 13 16:53:10 2013] <osa1> Ptival: in this particular problem I prefer second one, but if you look at optimize_0plus proofs in SF book you'll see that ; actually makes the proof worse, or at least it didn't help to make proof more readable. and after ; tactic ends, it's hard to predict where is your automated proof ended, except if you defined a tactic notation to automatically give labels to cases etc.
[Tue Aug 13 16:53:31 2013] <Ptival> osa1: your tacticals should be fairly agnostic to the order of constructors anyway
[Tue Aug 13 16:53:31 2013] <Ptival> osa1: your tacticals should be fairly agnostic to the order of constructors anyway
[Tue Aug 13 16:54:33 2013] <Ptival> sure it can lead you to states whose origin you are unable to figure out
[Tue Aug 13 16:54:34 2013] <Ptival> sure it can lead you to states whose origin you are unable to figure out
[Tue Aug 13 17:13:36 2013] <ianjneu> robbert: I'm reading through the miniAgda paper. I'm curious why sizes are limited to natural numbers rather than ordinal numbers (up to epsilon_0, say)
[Tue Aug 13 17:13:36 2013] <ianjneu> robbert: I'm reading through the miniAgda paper. I'm curious why sizes are limited to natural numbers rather than ordinal numbers (up to epsilon_0, say)
[Tue Aug 13 18:03:33 2013] <osa1> ahh .. after Imp chapter SF book becomes impossible to read on my kindle because all proofs are hidden in a button ..
[Tue Aug 13 18:03:33 2013] <osa1> ahh .. after Imp chapter SF book becomes impossible to read on my kindle because all proofs are hidden in a button ..
[Tue Aug 13 18:16:02 2013] <Ptival> not sure you want to read proofs on a kindle :\
[Tue Aug 13 18:16:02 2013] <Ptival> not sure you want to read proofs on a kindle :\
[Tue Aug 13 18:18:40 2013] <osa1> it's actually very comfortable .. mine is a very old kindle dx, which has big screen so proofs isn't really a problem.
[Tue Aug 13 18:18:40 2013] <osa1> it's actually very comfortable .. mine is a very old kindle dx, which has big screen so proofs isn't really a problem.
[Tue Aug 13 18:26:54 2013] <Ptival> what I mean is Coq proofs are not really to be consumed as text
[Tue Aug 13 18:26:54 2013] <Ptival> what I mean is Coq proofs are not really to be consumed as text
[Wed Aug 14 08:30:05 2013] <msrcptival> hello
[Wed Aug 14 08:30:05 2013] <msrcptival> hello
[Wed Aug 14 08:30:30 2013] <msrcptival> is (fun {T: Type} (_ _: T) => True) defined somewhere in the standard library or ssreflect?
[Wed Aug 14 08:30:30 2013] <msrcptival> is (fun {T: Type} (_ _: T) => True) defined somewhere in the standard library or ssreflect?
[Wed Aug 14 08:32:37 2013] <msrcptival> or alternatively, fun {A B: Type} (f: A -> B) => (forall (x y : A), f x = f y)
[Wed Aug 14 08:32:37 2013] <msrcptival> or alternatively, fun {A B: Type} (f: A -> B) => (forall (x y : A), f x = f y)
[Wed Aug 14 11:19:15 2013] <ryanakca> Any suggestions on how to merge two disjoin finite maps (I'm currently using FMapAVL)?
[Wed Aug 14 11:19:15 2013] <ryanakca> Any suggestions on how to merge two disjoin finite maps (I'm currently using FMapAVL)?
[Wed Aug 14 11:19:26 2013] <ryanakca> msrcptival: Ooh, you're at MSRC? I was there in the fall :)
[Wed Aug 14 11:19:26 2013] <ryanakca> msrcptival: Ooh, you're at MSRC? I was there in the fall :)
[Wed Aug 14 11:31:09 2013] <msrcptival> ryanakca: yes, here for the summer
[Wed Aug 14 11:31:09 2013] <msrcptival> ryanakca: yes, here for the summer
[Wed Aug 14 11:31:12 2013] <msrcptival> can't you use map2?
[Wed Aug 14 11:31:12 2013] <msrcptival> can't you use map2?
[Wed Aug 14 11:45:35 2013] <ianjneu> ryanakca: you'll still have to prove that each map's keys map to the same values that they did prior to merging, using the disjointness property. This isn't already in the facts library?
[Wed Aug 14 11:45:35 2013] <ianjneu> ryanakca: you'll still have to prove that each map's keys map to the same values that they did prior to merging, using the disjointness property. This isn't already in the facts library?
[Wed Aug 14 11:47:34 2013] <ianjneu> hmm, apparently not.
[Wed Aug 14 11:47:34 2013] <ianjneu> hmm, apparently not.
[Wed Aug 14 11:48:26 2013] <msrcptival> they kinda gave up on map2
[Wed Aug 14 11:48:26 2013] <msrcptival> they kinda gave up on map2
[Wed Aug 14 11:48:34 2013] <msrcptival> I had written my own map2i and some properties
[Wed Aug 14 11:48:34 2013] <msrcptival> I had written my own map2i and some properties
[Wed Aug 14 11:48:42 2013] <msrcptival> https://github.com/Ptival/compcert-alias/blob/alias/backend/AliasFMapAVLPlus.v
[Wed Aug 14 11:48:42 2013] <msrcptival> https://github.com/Ptival/compcert-alias/blob/alias/backend/AliasFMapAVLPlus.v
[Wed Aug 14 11:49:16 2013] <msrcptival> great naming conventions
[Wed Aug 14 11:49:16 2013] <msrcptival> great naming conventions
[Wed Aug 14 11:49:22 2013] <msrcptival> _1 _2 _3 _4 _5 :)
[Wed Aug 14 11:49:22 2013] <msrcptival> _1 _2 _3 _4 _5 :)
[Wed Aug 14 11:50:35 2013] <ianjneu> union_map m0 m1 := fold Add m0 m1 (adds m0's bindings to m1's)
[Wed Aug 14 11:50:35 2013] <ianjneu> union_map m0 m1 := fold Add m0 m1 (adds m0's bindings to m1's)
[Wed Aug 14 11:52:39 2013] <ianjneu> Theorem maps_preserved : forall m0 m1, Disjoint m0 m1 -> (forall k e, MapsTo k e m0 -> MapsTo k e (union_map m0 m1)) /\ (forall k e, MapsTo k e m1 -> MapsTo k e (union_map m0 m1))
[Wed Aug 14 11:52:59 2013] <ianjneu> Theorem maps_preserved : forall m0 m1, Disjoint m0 m1 -> (forall k e, MapsTo k e m0 -> MapsTo k e (union_map m0 m1)) /\ (forall k e, MapsTo k e m1 -> MapsTo k e (union_map m0 m1))
[Wed Aug 14 11:54:35 2013] <ianjneu> And you'll need to write the converse, that if k e is mapped in the union, then k e is mapped in the map m such that In k m.
[Wed Aug 14 11:54:35 2013] <ianjneu> And you'll need to write the converse, that if k e is mapped in the union, then k e is mapped in the map m such that In k m.
[Wed Aug 14 14:10:08 2013] <ryanakca> ianjneu: I get http://lpaste.net/91842 with your union_map; any suggestions ?
[Wed Aug 14 14:10:08 2013] <ryanakca> ianjneu: I get http://lpaste.net/91842 with your union_map; any suggestions ?
[Wed Aug 14 14:13:13 2013] <ianjneu> ryanakca: do you have "Set Implicit Arguments." in your file? I would expect it to infer elt from the maps you give.
[Wed Aug 14 14:13:13 2013] <ianjneu> ryanakca: do you have "Set Implicit Arguments." in your file? I would expect it to infer elt from the maps you give.
[Wed Aug 14 14:13:57 2013] <ianjneu> otherwise, use (M.add model) instead of M.add
[Wed Aug 14 14:13:57 2013] <ianjneu> otherwise, use (M.add model) instead of M.add
[Wed Aug 14 14:13:59 2013] <ryanakca> I do
[Wed Aug 14 14:13:59 2013] <ryanakca> I do
[Wed Aug 14 14:16:33 2013] <ianjneu> ryanakca: does (M.add model) work?
[Wed Aug 14 14:16:33 2013] <ianjneu> ryanakca: does (M.add model) work?
[Wed Aug 14 14:17:03 2013] <ryanakca> Trying (M.add string) (the keys are of type string, the values are of type model) gives: The term "string" has type "Set" while it is expected to have type
[Wed Aug 14 14:17:03 2013] <ryanakca> Trying (M.add string) (the keys are of type string, the values are of type model) gives: The term "string" has type "Set" while it is expected to have type
[Wed Aug 14 14:17:06 2013] <ryanakca> "M.key".
[Wed Aug 14 14:17:06 2013] <ryanakca> "M.key".
[Wed Aug 14 14:17:30 2013] <ryanakca> Trying with (M.add model) gives the same error, but with type "Type
[Wed Aug 14 14:17:30 2013] <ryanakca> Trying with (M.add model) gives the same error, but with type "Type
[Wed Aug 14 14:18:09 2013] <ianjneu> M.add expects the type of values as the first argument, not the type of the keys (that was already given to the Make functor)
[Wed Aug 14 14:18:09 2013] <ianjneu> M.add expects the type of values as the first argument, not the type of the keys (that was already given to the Make functor)
[Wed Aug 14 14:18:56 2013] <ryanakca> (@M.add model)
[Wed Aug 14 14:18:56 2013] <ryanakca> (@M.add model)
[Wed Aug 14 14:18:56 2013] <ryanakca> worked
[Wed Aug 14 14:18:56 2013] <ryanakca> worked
[Wed Aug 14 14:19:04 2013] <ianjneu> good show.
[Wed Aug 14 14:19:04 2013] <ianjneu> good show.
[Wed Aug 14 14:19:13 2013] <ryanakca> Thanks for the help :)
[Wed Aug 14 14:19:13 2013] <ryanakca> Thanks for the help :)
[Wed Aug 14 14:19:19 2013] <ianjneu> np
[Wed Aug 14 14:19:19 2013] <ianjneu> np
[Thu Aug 15 07:31:36 2013] <osa1> I have proof of a <-> b, how can I get proof of a -> b from that?
[Thu Aug 15 07:31:37 2013] <osa1> I have proof of a <-> b, how can I get proof of a -> b from that?
[Thu Aug 15 07:40:19 2013] <fisi> A <-> B is defined as A -> B /\ B -> A, so just project out the appropriate implication
[Thu Aug 15 07:40:19 2013] <fisi> A <-> B is defined as A -> B /\ B -> A, so just project out the appropriate implication
[Thu Aug 15 07:40:36 2013] <fisi> (or, you know, destruct the equivalence)
[Thu Aug 15 07:40:36 2013] <fisi> (or, you know, destruct the equivalence)
[Thu Aug 15 07:42:12 2013] <osa1> "project out the appropriate implication" how?
[Thu Aug 15 07:42:13 2013] <osa1> "project out the appropriate implication" how?
[Thu Aug 15 07:45:17 2013] <fisi> it depends what exactly you want to do. If you have H : A <-> B, then proj1 H : A -> B, so that's one option.
[Thu Aug 15 07:45:17 2013] <fisi> it depends what exactly you want to do. If you have H : A <-> B, then proj1 H : A -> B, so that's one option.
[Thu Aug 15 07:45:41 2013] <fisi> (and proj2 H : B -> A)
[Thu Aug 15 07:45:41 2013] <fisi> (and proj2 H : B -> A)
[Thu Aug 15 07:51:31 2013] <osa1> fisi: that worked, thanks.
[Thu Aug 15 07:51:31 2013] <osa1> fisi: that worked, thanks.
[Thu Aug 15 07:51:37 2013] <osa1> so I'm working on an exercise from SF book
[Thu Aug 15 07:51:38 2013] <osa1> so I'm working on an exercise from SF book
[Thu Aug 15 07:51:39 2013] <osa1> http://lpaste.net/91861
[Thu Aug 15 07:51:39 2013] <osa1> http://lpaste.net/91861
[Thu Aug 15 07:51:56 2013] <osa1> is there a way to simplify that `apply`s ?
[Thu Aug 15 07:51:56 2013] <osa1> is there a way to simplify that `apply`s ?
[Thu Aug 15 07:53:40 2013] <fisi> yeah, I think so.
[Thu Aug 15 07:53:41 2013] <fisi> yeah, I think so.
[Thu Aug 15 07:54:38 2013] <fisi> There is a variant of apply where you specify a direction for things you can apply both ways (like an iff), which goes "apply -> foo" (or "apply <- foo")
[Thu Aug 15 07:54:38 2013] <fisi> There is a variant of apply where you specify a direction for things you can apply both ways (like an iff), which goes "apply -> foo" (or "apply <- foo")
[Thu Aug 15 07:57:20 2013] <fisi> also, there's a way of *rewriting* with things other than equality (e.g., iff), but that's a slightly more advanced topic.
[Thu Aug 15 07:57:20 2013] <fisi> also, there's a way of *rewriting* with things other than equality (e.g., iff), but that's a slightly more advanced topic.
[Thu Aug 15 08:05:25 2013] <osa1> yeah, apply -> worked in this case. thanks.
[Thu Aug 15 08:05:26 2013] <osa1> yeah, apply -> worked in this case. thanks.
[Thu Aug 15 08:05:44 2013] <fisi> no problem.
[Thu Aug 15 08:05:44 2013] <fisi> no problem.
[Thu Aug 15 08:39:33 2013] <Anarchos> osa1 you can specify the direction of each command with <- or ->
[Thu Aug 15 08:39:33 2013] <Anarchos> osa1 you can specify the direction of each command with <- or ->
[Thu Aug 15 10:47:13 2013] <ryanakca> How can I use proofs from the "Proofs" module of http://coq.inria.fr/stdlib/Coq.FSets.FMapAVL.html ? I can't access them directly after a "Require Import FMapAVL."
[Thu Aug 15 10:47:14 2013] <ryanakca> How can I use proofs from the "Proofs" module of http://coq.inria.fr/stdlib/Coq.FSets.FMapAVL.html ? I can't access them directly after a "Require Import FMapAVL."
[Thu Aug 15 10:50:41 2013] <ianjneu> The submodule is within the module that results from calling the Make functor, right?
[Thu Aug 15 10:50:41 2013] <ianjneu> The submodule is within the module that results from calling the Make functor, right?
[Thu Aug 15 10:51:39 2013] <ianjneu> So your Map instance (say, M) should have a M.Proofs scope that I think you can Require Import
[Thu Aug 15 10:51:39 2013] <ianjneu> So your Map instance (say, M) should have a M.Proofs scope that I think you can Require Import
[Thu Aug 15 10:52:16 2013] <ianjneu> Are you sure you need AVL facts and not just facts about maps in general?
[Thu Aug 15 10:52:16 2013] <ianjneu> Are you sure you need AVL facts and not just facts about maps in general?
[Thu Aug 15 10:56:16 2013] <ianjneu> ryanakca: ^
[Thu Aug 15 10:56:17 2013] <ianjneu> ryanakca: ^
[Thu Aug 15 10:57:14 2013] <ryanakca> To prove your maps_preserved theorem, I'm afraid that I might be
[Thu Aug 15 10:57:14 2013] <ryanakca> To prove your maps_preserved theorem, I'm afraid that I might be
[Thu Aug 15 10:58:27 2013] <ianjneu> That doesn't sound right. You might need FMapFacts, though
[Thu Aug 15 10:58:27 2013] <ianjneu> That doesn't sound right. You might need FMapFacts, though
[Thu Aug 15 10:58:37 2013] <ryanakca> Alright, I'll look at that
[Thu Aug 15 10:58:38 2013] <ryanakca> Alright, I'll look at that
[Thu Aug 15 11:00:39 2013] <ryanakca> (I got the impression I'd need AVL facts when I unfolded M.fold and had to do a case_eq on a (M.t elt) to simplify things)
[Thu Aug 15 11:00:39 2013] <ryanakca> (I got the impression I'd need AVL facts when I unfolded M.fold and had to do a case_eq on a (M.t elt) to simplify things)
[Thu Aug 15 11:01:31 2013] <ianjneu> No, fold's dependent elimination should handle that.
[Thu Aug 15 11:01:31 2013] <ianjneu> No, fold's dependent elimination should handle that.
[Thu Aug 15 11:01:43 2013] <ianjneu> That's given by the FMap interface.
[Thu Aug 15 11:01:43 2013] <ianjneu> That's given by the FMap interface.
[Thu Aug 15 11:02:26 2013] <ianjneu> It's an abstract guarantee that you can induct over folds regardless of the map's representation.
[Thu Aug 15 11:02:26 2013] <ianjneu> It's an abstract guarantee that you can induct over folds regardless of the map's representation.
[Fri Aug 16 10:58:56 2013] <clj_newb_2345> wtf are coq meta varaibles and what have I gotten myself into?
[Fri Aug 16 10:58:56 2013] <clj_newb_2345> wtf are coq meta varaibles and what have I gotten myself into?
[Fri Aug 16 10:59:12 2013] <clj_newb_2345> "can not ... becuase a metavaraible has several occurences" (on a rewrite)
[Fri Aug 16 10:59:12 2013] <clj_newb_2345> "can not ... becuase a metavaraible has several occurences" (on a rewrite)
[Fri Aug 16 11:57:23 2013] <clj_newb_2345> okay, resolved (despite not knowing why it works) :-)
[Fri Aug 16 11:57:23 2013] <clj_newb_2345> okay, resolved (despite not knowing why it works) :-)
[Fri Aug 16 19:43:09 2013] <jgross_> Can someone explain to me how [Identity Coercion]s are used?  I can declare one easily enough, but I cannot think of a use-case.  That is, I cannot find a statement that will typecheck/run when I have declared a constant as an identity coercion, but which will fail if I have defined that constant, but not declared it as an identity coercion. Can someone show me such a statement, or else explain to me what [Identity Coercion] is supposed to do if
[Fri Aug 16 19:43:09 2013] <jgross_> no such statement exists? 
[Fri Aug 16 19:43:09 2013] <jgross_> Can someone explain to me how [Identity Coercion]s are used?  I can declare one easily enough, but I cannot think of a use-case.  That is, I cannot find a statement that will typecheck/run when I have declared a constant as an identity coercion, but which will fail if I have defined that constant, but not declared it as an identity coercion. Can someone show me such a statement, or else explain to me what [Identity Coercion] is supposed to do if
[Fri Aug 16 19:43:09 2013] <jgross_> no such statement exists?
[Sat Aug 17 18:22:00 2013] <osa1> let's say I have `H : no_whiles c1 && no_whiles c2 = true` as hyphothesis, how can I generate H1 : no_whiles c1 = true and H2 : no_whiles c2 = true from that?
[Sat Aug 17 18:22:01 2013] <osa1> let's say I have `H : no_whiles c1 && no_whiles c2 = true` as hyphothesis, how can I generate H1 : no_whiles c1 = true and H2 : no_whiles c2 = true from that?
[Sat Aug 17 23:02:43 2013] <adelbertc> does anyone here have coq installed via homebrew on mac os x? im trying to get coqide to install with it but no go so far..
[Sat Aug 17 23:02:43 2013] <adelbertc> does anyone here have coq installed via homebrew on mac os x? im trying to get coqide to install with it but no go so far..
[Sat Aug 17 23:42:23 2013] <johnw> i have coq installed, but i never tried using coqide
[Sat Aug 17 23:42:24 2013] <johnw> i have coq installed, but i never tried using coqide
[Sun Aug 18 00:14:08 2013] <adelbertc> anyone use coqide here? i just decided to install it from the dmg on the coq website, but upon running it in hangs.. :-(
[Sun Aug 18 00:14:08 2013] <adelbertc> anyone use coqide here? i just decided to install it from the dmg on the coq website, but upon running it in hangs.. :-(
[Sun Aug 18 00:15:08 2013] <gienah> * doesn't use coqide, the obvious alternative is proof general in emacs
[Sun Aug 18 00:15:08 2013] <gienah> * doesn't use coqide, the obvious alternative is proof general in emacs
[Sun Aug 18 00:16:31 2013] <adelbertc> gienah: you use proof general?
[Sun Aug 18 00:16:31 2013] <adelbertc> gienah: you use proof general?
[Sun Aug 18 00:16:39 2013] <gienah> adelbertc: yeah
[Sun Aug 18 00:16:40 2013] <gienah> adelbertc: yeah
[Sun Aug 18 02:28:40 2013] <wagle> i installed the dmg from the website on mtn lion, and coqide "just works"
[Sun Aug 18 02:28:40 2013] <wagle> i installed the dmg from the website on mtn lion, and coqide "just works"
[Sun Aug 18 05:30:11 2013] <osa1> wow, for some reason my copy of imp.v has more additional exercises than online SF book's Imp chapter
[Sun Aug 18 05:30:11 2013] <osa1> wow, for some reason my copy of imp.v has more additional exercises than online SF book's Imp chapter
[Sun Aug 18 05:59:47 2013] <clj_newb_2345> I'm reading about coq dependent type checking. In particualr, google found https://sympa.inria.fr/sympa/arc/coq-club/2013-02/msg00041.html
[Sun Aug 18 05:59:47 2013] <clj_newb_2345> I'm reading about coq dependent type checking. In particualr, google found https://sympa.inria.fr/sympa/arc/coq-club/2013-02/msg00041.html
[Sun Aug 18 05:59:50 2013] <clj_newb_2345> which leads to teh question: what is ssreflect, and how does it relate to dependent types?
[Sun Aug 18 05:59:50 2013] <clj_newb_2345> which leads to teh question: what is ssreflect, and how does it relate to dependent types?
[Sun Aug 18 06:03:34 2013] <clj_newb_2345> alright
[Sun Aug 18 06:03:34 2013] <clj_newb_2345> alright
[Sun Aug 18 06:03:40 2013] <clj_newb_2345> where can I even download ssreflect ? :-)
[Sun Aug 18 06:03:40 2013] <clj_newb_2345> where can I even download ssreflect ? :-)
[Sun Aug 18 06:04:03 2013] <clj_newb_2345> http://ssr.msr-inria.inria.fr/ <-- is this the right site?
[Sun Aug 18 06:04:03 2013] <clj_newb_2345> http://ssr.msr-inria.inria.fr/ <-- is this the right site?
[Sun Aug 18 06:07:11 2013] <clj_newb_2345> http://www.msr-inria.inria.fr/Projects/math-components <-- linked from main page of Coq, appears to be dead
[Sun Aug 18 06:07:11 2013] <clj_newb_2345> http://www.msr-inria.inria.fr/Projects/math-components <-- linked from main page of Coq, appears to be dead
[Sun Aug 18 06:22:21 2013] <Ptival> http://www.msr-inria.fr/projects/mathematical-components/
[Sun Aug 18 06:22:21 2013] <Ptival> http://www.msr-inria.fr/projects/mathematical-components/
[Sun Aug 18 06:47:30 2013] <clj_newb_2345> Ptival: what is the "software foudnations / cpdt" equiv for ssreflect?
[Sun Aug 18 06:47:30 2013] <clj_newb_2345> Ptival: what is the "software foudnations / cpdt" equiv for ssreflect?
[Sun Aug 18 08:38:07 2013] <chris2> (that would be a nice-to-have :))
[Sun Aug 18 08:38:07 2013] <chris2> (that would be a nice-to-have :))
[Sun Aug 18 11:04:47 2013] <clj_newb_2345> What is the purpsoe of ssreflect?
[Sun Aug 18 11:04:47 2013] <clj_newb_2345> What is the purpsoe of ssreflect?
[Sun Aug 18 11:08:59 2013] <clj_newb_2345> Does ssreflect compile with Ocmal 4.00.1 + Coq 8.4 pl2?
[Sun Aug 18 11:08:59 2013] <clj_newb_2345> Does ssreflect compile with Ocmal 4.00.1 + Coq 8.4 pl2?
[Sun Aug 18 11:09:10 2013] <clj_newb_2345> I'm getting an "Preprocessor error for file src/ssrmatching.ml4"
[Sun Aug 18 11:09:10 2013] <clj_newb_2345> I'm getting an "Preprocessor error for file src/ssrmatching.ml4"
[Sun Aug 18 12:39:23 2013] <clj_newb_2345> doies Coq have supprot for strings
[Sun Aug 18 12:39:23 2013] <clj_newb_2345> doies Coq have supprot for strings
[Sun Aug 18 12:39:35 2013] <clj_newb_2345> as in:                     >> Eval simpl in "Hello World" .
[Sun Aug 18 12:39:35 2013] <clj_newb_2345> as in:                     >> Eval simpl in "Hello World" .
[Sun Aug 18 12:39:41 2013] <clj_newb_2345> If so, what library do I need to include?
[Sun Aug 18 12:39:41 2013] <clj_newb_2345> If so, what library do I need to include?
[Sun Aug 18 12:48:57 2013] <clj_newb_2345> Open Local Scope string_scope. :-)
[Sun Aug 18 12:48:57 2013] <clj_newb_2345> Open Local Scope string_scope. :-)
[Sun Aug 18 17:46:20 2013] <adelbertc> having a bit of trouble understanding somes tuff in SOftware Foundations. http://pastebin.com/YpHA8E3M why is minusTwo of O, O?
[Sun Aug 18 17:46:20 2013] <adelbertc> having a bit of trouble understanding somes tuff in SOftware Foundations. http://pastebin.com/YpHA8E3M why is minusTwo of O, O?
[Sun Aug 18 17:49:55 2013] <mgsloan> These are naturals, not integers!
[Sun Aug 18 17:49:55 2013] <mgsloan> These are naturals, not integers!
[Sun Aug 18 17:52:22 2013] <adelbertc> hmmmm
[Sun Aug 18 17:52:22 2013] <adelbertc> hmmmm
[Sun Aug 18 17:53:05 2013] <adelbertc> i see.. kind of
[Sun Aug 18 17:53:05 2013] <adelbertc> i see.. kind of
[Sun Aug 18 17:53:50 2013] <ziman> there's nowhere to go so you stay at zero :)
[Sun Aug 18 17:53:50 2013] <ziman> there's nowhere to go so you stay at zero :)
[Sun Aug 18 17:54:12 2013] <mgsloan> Yeah, subtraction of naturals isn't very natural
[Sun Aug 18 17:54:12 2013] <mgsloan> Yeah, subtraction of naturals isn't very natural
[Sun Aug 18 17:55:20 2013] <adelbertc> ah..
[Sun Aug 18 17:55:20 2013] <adelbertc> ah..
[Sun Aug 18 17:55:28 2013] <adelbertc> interesting
[Sun Aug 18 17:55:28 2013] <adelbertc> interesting
[Sun Aug 18 19:33:34 2013] <ski> adelbertc : truncating subtraction, aka monus, see e.g. "Equationally complete classes of commutative monoids with monus" in 1984 by K. Amer. often written as a minus sign with a dot above it, `∸'
[Sun Aug 18 19:33:34 2013] <ski> adelbertc : truncating subtraction, aka monus, see e.g. "Equationally complete classes of commutative monoids with monus" in 1984 by K. Amer. often written as a minus sign with a dot above it, `∸'
[Sun Aug 18 19:35:39 2013] <adelbertc> ski: awesome, thanks!
[Sun Aug 18 19:35:39 2013] <adelbertc> ski: awesome, thanks!
[Sun Aug 18 19:35:40 2013] <ski> monus satisfies the adjunction `minuend ∸ subtrahend ≤ remainder  ⇔  minuend ≤ remainder + subtrahend'
[Sun Aug 18 19:35:40 2013] <ski> monus satisfies the adjunction `minuend ∸ subtrahend ≤ remainder  ⇔  minuend ≤ remainder + subtrahend'
[Sun Aug 18 19:38:00 2013] <ski> (instead of "adjunction", you can say "(monotone) Galois connection")
[Sun Aug 18 19:38:00 2013] <ski> (instead of "adjunction", you can say "(monotone) Galois connection")
[Sun Aug 18 19:41:45 2013] <adelbertc> interesting.. that's getting a bit ahead of my math background (which im trying to improve) at the moment, but will keep that in mind :-)
[Sun Aug 18 19:41:45 2013] <adelbertc> interesting.. that's getting a bit ahead of my math background (which im trying to improve) at the moment, but will keep that in mind :-)
[Sun Aug 18 19:41:46 2013] <adelbertc> thanks ski
[Sun Aug 18 19:41:46 2013] <adelbertc> thanks ski
[Sun Aug 18 19:48:54 2013] <ski> (also <http://en.wikipedia.org/wiki/Monus>)
[Sun Aug 18 19:48:54 2013] <ski> (also <http://en.wikipedia.org/wiki/Monus>)
[Sun Aug 18 20:11:15 2013] <kini> rofl "monus"
[Sun Aug 18 20:11:15 2013] <kini> rofl "monus"
[Sun Aug 18 20:17:03 2013] <Cale> I wonder where that paper is which argued strongly in favour of truncating subtraction for natural numbers and gave lots of examples where laws work out nicely with it.
[Sun Aug 18 20:17:03 2013] <Cale> I wonder where that paper is which argued strongly in favour of truncating subtraction for natural numbers and gave lots of examples where laws work out nicely with it.
[Sun Aug 18 21:41:11 2013] <ski> hm, i don't think i've seen that one
[Sun Aug 18 21:41:11 2013] <ski> hm, i don't think i've seen that one
[Sun Aug 18 21:42:30 2013] <ski> (hm, for some reason i forgot to give the URL <http://link.springer.com/article/10.1007%2FBF01182254> for the above paper)
[Sun Aug 18 21:42:31 2013] <ski> (hm, for some reason i forgot to give the URL <http://link.springer.com/article/10.1007%2FBF01182254> for the above paper)
[Sun Aug 18 21:52:44 2013] <kini> Cale: lemme know if you find it
[Sun Aug 18 21:52:44 2013] <kini> Cale: lemme know if you find it
[Sun Aug 18 22:29:47 2013] <adelbertc> code review on proving a simple theorey that forall x, the identity applied twice is x? http://pastebin.com/iXdJ36qe i feel like there should be a better/more succinct way to write this (this is an exercise from ch1 of software foundations)
[Sun Aug 18 22:29:47 2013] <adelbertc> code review on proving a simple theorey that forall x, the identity applied twice is x? http://pastebin.com/iXdJ36qe i feel like there should be a better/more succinct way to write this (this is an exercise from ch1 of software foundations)
[Sun Aug 18 22:30:49 2013] <kini> adelbertc: software foundations attempts to teach you the long way to do some things before showing you the shorter way
[Sun Aug 18 22:30:49 2013] <kini> adelbertc: software foundations attempts to teach you the long way to do some things before showing you the shorter way
[Sun Aug 18 22:31:39 2013] <kini> even so, I have a shorter solution than that one just using stuff from the first chapter
[Sun Aug 18 22:31:39 2013] <kini> even so, I have a shorter solution than that one just using stuff from the first chapter
[Sun Aug 18 22:32:02 2013] <adelbertc> kini: would be interested in seeing it
[Sun Aug 18 22:32:03 2013] <adelbertc> kini: would be interested in seeing it
[Sun Aug 18 22:32:38 2013] <kini> adelbertc: as soon as you've intros'd b, you can already use rewrite -> H. No need to destruct b.
[Sun Aug 18 22:32:38 2013] <kini> adelbertc: as soon as you've intros'd b, you can already use rewrite -> H. No need to destruct b.
[Sun Aug 18 22:32:59 2013] <kini> note that H doesn't care about which bool value the x is, only that it is a bool
[Sun Aug 18 22:32:59 2013] <kini> note that H doesn't care about which bool value the x is, only that it is a bool
[Sun Aug 18 22:33:18 2013] <adelbertc> ahh
[Sun Aug 18 22:33:18 2013] <adelbertc> ahh
[Sun Aug 18 22:33:19 2013] <adelbertc> got it.
[Sun Aug 18 22:33:19 2013] <adelbertc> got it.
[Sun Aug 18 22:33:22 2013] <adelbertc> thanks!
[Sun Aug 18 22:33:22 2013] <adelbertc> thanks!
[Sun Aug 18 23:35:01 2013] <adelbertc> hm.. could use some hints on proving this theorem: http://pastebin.com/E0mUkKii
[Sun Aug 18 23:35:01 2013] <adelbertc> hm.. could use some hints on proving this theorem: http://pastebin.com/E0mUkKii
[Sun Aug 18 23:35:24 2013] <adelbertc> i tried applying demorgans, but didnt get very far
[Sun Aug 18 23:35:24 2013] <adelbertc> i tried applying demorgans, but didnt get very far
[Mon Aug 19 00:26:09 2013] <kini> adelbertc: ugly as it is, try just destructing both b and c
[Mon Aug 19 00:26:10 2013] <kini> adelbertc: ugly as it is, try just destructing both b and c
[Mon Aug 19 00:26:19 2013] <kini> and then showing all four cases by simplification
[Mon Aug 19 00:26:19 2013] <kini> and then showing all four cases by simplification
[Mon Aug 19 00:26:58 2013] <adelbertc> kini: so just intros b c. destruct b. destruct c. ?
[Mon Aug 19 00:26:58 2013] <adelbertc> kini: so just intros b c. destruct b. destruct c. ?
[Mon Aug 19 00:27:05 2013] <kini> try it and see :)
[Mon Aug 19 00:27:05 2013] <kini> try it and see :)
[Mon Aug 19 00:27:08 2013] <adelbertc> because that gets me into a case of true = false
[Mon Aug 19 00:27:08 2013] <adelbertc> because that gets me into a case of true = false
[Mon Aug 19 00:27:22 2013] <kini> really?
[Mon Aug 19 00:27:22 2013] <kini> really?
[Mon Aug 19 00:27:44 2013] <adelbertc> kini: http://pastebin.com/rs5PwsSv
[Mon Aug 19 00:27:44 2013] <adelbertc> kini: http://pastebin.com/rs5PwsSv
[Mon Aug 19 00:27:45 2013] <kini> so it does
[Mon Aug 19 00:27:45 2013] <kini> so it does
[Mon Aug 19 00:27:51 2013] <adelbertc> subgoal 2
[Mon Aug 19 00:27:51 2013] <adelbertc> subgoal 2
[Mon Aug 19 00:27:56 2013] <kini> well, I actually destructed b right after introsing it
[Mon Aug 19 00:27:56 2013] <kini> well, I actually destructed b right after introsing it
[Mon Aug 19 00:28:26 2013] <kini> doing what you did doesn't actually make the problem unsolvable, you just haven't learned how to do the magic poof on false hypotheses yet ;)
[Mon Aug 19 00:28:26 2013] <kini> doing what you did doesn't actually make the problem unsolvable, you just haven't learned how to do the magic poof on false hypotheses yet ;)
[Mon Aug 19 00:28:57 2013] <kini> (if you can show that one of your hypotheses -- something above the line -- is false, that's as good as showing that what's below the line is true, and you can make the goal disappear)
[Mon Aug 19 00:28:57 2013] <kini> (if you can show that one of your hypotheses -- something above the line -- is false, that's as good as showing that what's below the line is true, and you can make the goal disappear)
[Mon Aug 19 00:29:16 2013] <adelbertc> ah interesting
[Mon Aug 19 00:29:16 2013] <adelbertc> ah interesting
[Mon Aug 19 00:29:18 2013] <adelbertc> dont think ive learned that yet
[Mon Aug 19 00:29:18 2013] <adelbertc> dont think ive learned that yet
[Mon Aug 19 00:29:22 2013] <kini> (so if you have something that looks obviously impossible to prove to be true under the line, try to prove something above the line false instead)
[Mon Aug 19 00:29:22 2013] <kini> (so if you have something that looks obviously impossible to prove to be true under the line, try to prove something above the line false instead)
[Mon Aug 19 00:29:26 2013] <kini> yeah you don't learn that until several chapters in
[Mon Aug 19 00:29:26 2013] <kini> yeah you don't learn that until several chapters in
[Mon Aug 19 00:29:32 2013] <kini> but there's a way to solve this problem without running into that
[Mon Aug 19 00:29:32 2013] <kini> but there's a way to solve this problem without running into that
[Mon Aug 19 00:30:13 2013] <adelbertc> i would hope so :-)
[Mon Aug 19 00:30:13 2013] <adelbertc> i would hope so :-)
[Mon Aug 19 00:30:22 2013] <adelbertc> been trying to tackle this on and off the psat hour or so
[Mon Aug 19 00:30:22 2013] <adelbertc> been trying to tackle this on and off the psat hour or so
[Mon Aug 19 00:32:19 2013] <adelbertc> this is 2star, next one is 3, not looking forward to it
[Mon Aug 19 00:32:19 2013] <adelbertc> this is 2star, next one is 3, not looking forward to it
[Mon Aug 19 00:33:18 2013] <kini> hehe
[Mon Aug 19 00:33:19 2013] <kini> hehe
[Mon Aug 19 00:34:39 2013] <adelbertc> kini: any hints?
[Mon Aug 19 00:34:39 2013] <adelbertc> kini: any hints?
[Mon Aug 19 00:35:21 2013] <kini> oh, actually you're not even stuck in what you did
[Mon Aug 19 00:35:21 2013] <kini> oh, actually you're not even stuck in what you did
[Mon Aug 19 00:36:20 2013] <kini> for that sticky second subgoal, just try doing simpl and see if you can't work out something
[Mon Aug 19 00:36:20 2013] <kini> for that sticky second subgoal, just try doing simpl and see if you can't work out something
[Mon Aug 19 00:37:21 2013] <adelbertc> "stuck in what you did" - as in doing the destruct on both b and c?
[Mon Aug 19 00:37:21 2013] <adelbertc> "stuck in what you did" - as in doing the destruct on both b and c?
[Mon Aug 19 00:37:30 2013] <kini> yeah
[Mon Aug 19 00:37:30 2013] <kini> yeah
[Mon Aug 19 00:37:38 2013] <kini> intros b c. destruct b. destruct c.
[Mon Aug 19 00:37:38 2013] <kini> intros b c. destruct b. destruct c.
[Mon Aug 19 00:38:39 2013] <adelbertc> woa. simpl made some stuff dissappear
[Mon Aug 19 00:38:39 2013] <adelbertc> woa. simpl made some stuff dissappear
[Mon Aug 19 00:38:42 2013] <adelbertc> hadn't used simpl like that yet
[Mon Aug 19 00:38:42 2013] <adelbertc> hadn't used simpl like that yet
[Mon Aug 19 00:40:08 2013] <kini> simpl will compute down simple non-recursive functions (like andb and orb) for you
[Mon Aug 19 00:40:08 2013] <kini> simpl will compute down simple non-recursive functions (like andb and orb) for you
[Mon Aug 19 00:40:34 2013] <adelbertc> woot got it!
[Mon Aug 19 00:40:34 2013] <adelbertc> woot got it!
[Mon Aug 19 00:40:44 2013] <adelbertc> simpl. intros H. rewrite -> H. reflexivity.
[Mon Aug 19 00:40:44 2013] <adelbertc> simpl. intros H. rewrite -> H. reflexivity.
[Mon Aug 19 04:20:39 2013] <clj_newb_2345> is there a tactic for "unfold notation" ?
[Mon Aug 19 04:20:39 2013] <clj_newb_2345> is there a tactic for "unfold notation" ?
[Mon Aug 19 04:20:55 2013] <clj_newb_2345> so I'm using "do X <- blah; f blah" (as a notation for Monads in Coq)
[Mon Aug 19 04:20:55 2013] <clj_newb_2345> so I'm using "do X <- blah; f blah" (as a notation for Monads in Coq)
[Mon Aug 19 04:21:06 2013] <clj_newb_2345> and I'd like to have the notation "unfold"
[Mon Aug 19 04:21:06 2013] <clj_newb_2345> and I'd like to have the notation "unfold"
[Mon Aug 19 04:21:13 2013] <clj_newb_2345> (for the sake of proving things)
[Mon Aug 19 04:21:13 2013] <clj_newb_2345> (for the sake of proving things)
[Mon Aug 19 11:40:07 2013] <msrcptival> anyone to point out what I'm doing wrong here? :) http://paste.awesom.eu/Ptival/wSB
[Mon Aug 19 11:40:07 2013] <msrcptival> anyone to point out what I'm doing wrong here? :) http://paste.awesom.eu/Ptival/wSB
[Mon Aug 19 12:06:44 2013] <fisi> msrcptival: I think the way ltac works, you need to evaluate the variable "t" before calling the tactic on it
[Mon Aug 19 12:06:44 2013] <fisi> msrcptival: I think the way ltac works, you need to evaluate the variable "t" before calling the tactic on it
[Mon Aug 19 12:07:13 2013] <fisi> in particular, this seems to work: "let u := eval cbv in t in let s := recompute_size in pose s as S1."
[Mon Aug 19 12:07:13 2013] <fisi> in particular, this seems to work: "let u := eval cbv in t in let s := recompute_size in pose s as S1."
[Mon Aug 19 12:14:24 2013] <fisi> also, it's consistent with other tactics: if, in the setting pasted there, you call "let s := t in idtac s", you'll get "t" printed out, while if you bind "eval cbv in t", you'll get the contents. I guess the reason for this behaviour is that in ltac sometimes you might want not to unfold the definitions of Gallina variables.
[Mon Aug 19 12:14:24 2013] <fisi> also, it's consistent with other tactics: if, in the setting pasted there, you call "let s := t in idtac s", you'll get "t" printed out, while if you bind "eval cbv in t", you'll get the contents. I guess the reason for this behaviour is that in ltac sometimes you might want not to unfold the definitions of Gallina variables.
[Mon Aug 19 12:17:17 2013] <msrcptival> fisi: oh right, thanks
[Mon Aug 19 12:17:17 2013] <msrcptival> fisi: oh right, thanks
[Mon Aug 19 13:12:22 2013] <ryanakca> Why does "case_eq (@M.find T a A)" (where M is given by "Module M := FMapAVL.Make(StringDecOrd)") give me something of the form "forall t : T, M.find (elt:=T) a A = Some t", which strikes me as patently false? Shouldn't I have something of type "exists t : T, M.find (elt:=T) a A = Some t"?
[Mon Aug 19 13:12:22 2013] <ryanakca> Why does "case_eq (@M.find T a A)" (where M is given by "Module M := FMapAVL.Make(StringDecOrd)") give me something of the form "forall t : T, M.find (elt:=T) a A = Some t", which strikes me as patently false? Shouldn't I have something of type "exists t : T, M.find (elt:=T) a A = Some t"?
[Mon Aug 19 13:43:01 2013] <osa1> how to learn names of notations like - + etc. ?
[Mon Aug 19 13:43:01 2013] <osa1> how to learn names of notations like - + etc. ?
[Mon Aug 19 13:43:32 2013] <ezyang> Locate "_ + _"
[Mon Aug 19 13:43:32 2013] <ezyang> Locate "_ + _"
[Mon Aug 19 13:44:07 2013] <osa1> thanks
[Mon Aug 19 13:44:07 2013] <osa1> thanks
[Mon Aug 19 13:46:18 2013] <msrcptival> you can also just Locate "+".
[Mon Aug 19 13:46:19 2013] <msrcptival> you can also just Locate "+".
[Mon Aug 19 13:46:21 2013] <msrcptival> any token will do
[Mon Aug 19 13:46:21 2013] <msrcptival> any token will do
[Mon Aug 19 13:57:41 2013] <osa1> thanks
[Mon Aug 19 13:57:41 2013] <osa1> thanks
[Mon Aug 19 14:44:45 2013] <Cale> ryanakca: You're doing a kind of induction
[Mon Aug 19 14:44:45 2013] <Cale> ryanakca: You're doing a kind of induction
[Mon Aug 19 14:45:00 2013] <Cale> ryanakca: That's an assumption which holds in one case, and not in the other.
[Mon Aug 19 14:45:00 2013] <Cale> ryanakca: That's an assumption which holds in one case, and not in the other.
[Mon Aug 19 14:46:30 2013] <Cale> ryanakca: I assume you see two cases when you do that, right?
[Mon Aug 19 14:46:30 2013] <Cale> ryanakca: I assume you see two cases when you do that, right?
[Mon Aug 19 14:48:34 2013] <ryanakca> Yes, but the other case is obviously false and easily disposed of :)
[Mon Aug 19 14:48:34 2013] <ryanakca> Yes, but the other case is obviously false and easily disposed of :)
[Mon Aug 19 14:50:51 2013] <Cale> ryanakca: Oh, I see, you mistyped it.
[Mon Aug 19 14:50:51 2013] <Cale> ryanakca: Oh, I see, you mistyped it.
[Mon Aug 19 14:51:09 2013] <Cale> ryanakca: you cut off your goal halfway through when you put it into IRC :)
[Mon Aug 19 14:51:09 2013] <Cale> ryanakca: you cut off your goal halfway through when you put it into IRC :)
[Mon Aug 19 14:51:19 2013] <ryanakca> Yes.
[Mon Aug 19 14:51:19 2013] <ryanakca> Yes.
[Mon Aug 19 14:51:37 2013] <Cale> Which is why you're confused about the universal vs. existential quantifier.
[Mon Aug 19 14:51:37 2013] <Cale> Which is why you're confused about the universal vs. existential quantifier.
[Mon Aug 19 14:51:50 2013] <ryanakca> I get "CASE_EQ_STUFF -> MY_OLD_GOAL"
[Mon Aug 19 14:51:50 2013] <ryanakca> I get "CASE_EQ_STUFF -> MY_OLD_GOAL"
[Mon Aug 19 14:52:31 2013] <Cale> The forall captures the whole rest of the type.
[Mon Aug 19 14:52:31 2013] <Cale> The forall captures the whole rest of the type.
[Mon Aug 19 14:53:33 2013] <Cale> You're meant to prove  forall t : T, ((... = Some t) -> (...))
[Mon Aug 19 14:53:34 2013] <Cale> You're meant to prove  forall t : T, ((... = Some t) -> (...))
[Mon Aug 19 14:54:06 2013] <ryanakca> Ah, I see, sorry, I missparsed it :)
[Mon Aug 19 14:54:07 2013] <ryanakca> Ah, I see, sorry, I missparsed it :)
[Mon Aug 19 14:54:20 2013] <Cale> So when you do intros, you'll get a binding t : T, as well as a hypothesis that find ... gives Some t
[Mon Aug 19 14:54:20 2013] <Cale> So when you do intros, you'll get a binding t : T, as well as a hypothesis that find ... gives Some t
[Mon Aug 19 17:44:09 2013] <osa1> does adding excluded middle to Coq make it inconsistent? if not, why we don't have it by default?
[Mon Aug 19 17:44:09 2013] <osa1> does adding excluded middle to Coq make it inconsistent? if not, why we don't have it by default?
[Mon Aug 19 17:45:38 2013] <ianjneu> osa1: no, but it is inconsistent with the univalence axiom.
[Mon Aug 19 17:45:38 2013] <ianjneu> osa1: no, but it is inconsistent with the univalence axiom.
[Mon Aug 19 17:45:55 2013] <ianjneu> It is also not constructive, with is an anti-pattern.
[Mon Aug 19 17:45:55 2013] <ianjneu> It is also not constructive, with is an anti-pattern.
[Mon Aug 19 17:46:02 2013] <elliott> because it breaks canonicity.
[Mon Aug 19 17:46:03 2013] <elliott> because it breaks canonicity.
[Mon Aug 19 17:46:19 2013] <osa1> hmm. I don't understand most of these arguments (univalence, canonicity etc.)
[Mon Aug 19 17:46:19 2013] <osa1> hmm. I don't understand most of these arguments (univalence, canonicity etc.)
[Mon Aug 19 17:46:22 2013] <osa1> but thanks
[Mon Aug 19 17:46:22 2013] <osa1> but thanks
[Mon Aug 19 17:46:41 2013] <elliott> excluded middle isn't computable
[Mon Aug 19 17:46:41 2013] <elliott> excluded middle isn't computable
[Mon Aug 19 17:46:47 2013] <elliott> you can't evaluate stuff down fully any more.
[Mon Aug 19 17:46:47 2013] <elliott> you can't evaluate stuff down fully any more.
[Mon Aug 19 17:46:47 2013] <osa1> so I'm reading SF book and at one point an axiom is added. what I don't understand here is, we have proof objects for theorems, which as far as I understand like a ordinary functions from premises of the theorems to conclusion of the theorem. but what is a proof object for an axiom?
[Mon Aug 19 17:46:47 2013] <osa1> so I'm reading SF book and at one point an axiom is added. what I don't understand here is, we have proof objects for theorems, which as far as I understand like a ordinary functions from premises of the theorems to conclusion of the theorem. but what is a proof object for an axiom?
[Mon Aug 19 17:47:15 2013] <elliott> opaque
[Mon Aug 19 17:47:15 2013] <elliott> opaque
[Mon Aug 19 17:47:18 2013] <elliott> it simply won't evaluate.
[Mon Aug 19 17:47:18 2013] <elliott> it simply won't evaluate.
[Mon Aug 19 17:47:26 2013] <elliott> that's why axioms aren't very nice :)
[Mon Aug 19 17:47:27 2013] <elliott> that's why axioms aren't very nice :)
[Mon Aug 19 17:47:30 2013] <osa1> oh
[Mon Aug 19 17:47:30 2013] <osa1> oh
[Mon Aug 19 17:47:39 2013] <elliott> it just gets "stuck" whenever you rely on an axiom
[Mon Aug 19 17:47:39 2013] <elliott> it just gets "stuck" whenever you rely on an axiom
[Mon Aug 19 17:47:57 2013] <ianjneu> researchers are currently looking for a computational aspect to univalence to remove the need for an axiom.
[Mon Aug 19 17:47:57 2013] <ianjneu> researchers are currently looking for a computational aspect to univalence to remove the need for an axiom.
[Mon Aug 19 17:48:19 2013] <osa1> is this a problem? do we need to "run" proofs? as far as I understand type checking is enough for showing them valid
[Mon Aug 19 17:48:19 2013] <osa1> is this a problem? do we need to "run" proofs? as far as I understand type checking is enough for showing them valid
[Mon Aug 19 17:49:25 2013] <osa1> I think this is the sortest wikipedia page I've ever seen http://en.wikipedia.org/wiki/Univalence_axiom
[Mon Aug 19 17:49:25 2013] <osa1> I think this is the sortest wikipedia page I've ever seen http://en.wikipedia.org/wiki/Univalence_axiom
[Mon Aug 19 17:49:26 2013] <ianjneu> Fully constructive proofs can be normalized and checked. It's why Voevodsky suggested that type theory doesn't have the "problems of inconsistency"
[Mon Aug 19 17:49:26 2013] <ianjneu> Fully constructive proofs can be normalized and checked. It's why Voevodsky suggested that type theory doesn't have the "problems of inconsistency"
[Mon Aug 19 17:50:23 2013] <osa1> I understand that but I don't understand why we need to "normalize" them. it looks to me that only type checking is enough.
[Mon Aug 19 17:50:24 2013] <osa1> I understand that but I don't understand why we need to "normalize" them. it looks to me that only type checking is enough.
[Mon Aug 19 17:50:48 2013] <elliott> it is nice that a proof of (exists n : nat, ...) can be computed to give a natural number which satisfies the proposition.
[Mon Aug 19 17:50:48 2013] <elliott> it is nice that a proof of (exists n : nat, ...) can be computed to give a natural number which satisfies the proposition.
[Mon Aug 19 17:51:14 2013] <elliott> (and philosophically, constructivists wouldn't be happy if it can't necessarily)
[Mon Aug 19 17:51:14 2013] <elliott> (and philosophically, constructivists wouldn't be happy if it can't necessarily)
[Mon Aug 19 17:51:29 2013] <ianjneu> For some people, sure. For full peace of mind, you may wish that your statement does need appeals to some oracle.
[Mon Aug 19 17:51:30 2013] <ianjneu> For some people, sure. For full peace of mind, you may wish that your statement does need appeals to some oracle.
[Mon Aug 19 17:51:38 2013] <kini> [2013-08-19 16:47:57] <ianjneu> researchers are currently looking for a computational aspect to univalence to remove the need for an axiom.
[Mon Aug 19 17:51:38 2013] <kini> [2013-08-19 16:47:57] <ianjneu> researchers are currently looking for a computational aspect to univalence to remove the need for an axiom.
[Mon Aug 19 17:51:38 2013] <kini> how does that "remove the need for an axiom"?
[Mon Aug 19 17:51:38 2013] <kini> how does that "remove the need for an axiom"?
[Mon Aug 19 17:51:52 2013] <kini> or do you just mean that the axiom will be built into the system computationally, and not be opaque anymore?
[Mon Aug 19 17:51:52 2013] <kini> or do you just mean that the axiom will be built into the system computationally, and not be opaque anymore?
[Mon Aug 19 17:52:12 2013] <elliott> well, type theory is generally not considered to have any axioms per se
[Mon Aug 19 17:52:12 2013] <elliott> well, type theory is generally not considered to have any axioms per se
[Mon Aug 19 17:52:55 2013] <kini> hmmm
[Mon Aug 19 17:52:55 2013] <kini> hmmm
[Mon Aug 19 17:53:31 2013] <ianjneu> there are ways to construct and destruct data. The introduction and elimination rules. It's all definitional. If you have a computation rule for univalence, then you can interpret it as just another object.
[Mon Aug 19 17:53:31 2013] <ianjneu> there are ways to construct and destruct data. The introduction and elimination rules. It's all definitional. If you have a computation rule for univalence, then you can interpret it as just another object.
[Mon Aug 19 17:57:54 2013] <ianjneu> I myself am skeptical that there's a nice computational interpretation for univalence. I interpret it as the theory's internalizing the indistinguishability of isomorphic types, which is similar to the reasoning that we use for free theorems via parametricity. It's a meta-level property, and crossing phases could cause foundational issues.
[Mon Aug 19 17:57:54 2013] <ianjneu> I myself am skeptical that there's a nice computational interpretation for univalence. I interpret it as the theory's internalizing the indistinguishability of isomorphic types, which is similar to the reasoning that we use for free theorems via parametricity. It's a meta-level property, and crossing phases could cause foundational issues.
[Mon Aug 19 17:59:54 2013] <elliott> ianjneu: you can internalise parametricity (computably)
[Mon Aug 19 17:59:54 2013] <elliott> ianjneu: you can internalise parametricity (computably)
[Mon Aug 19 18:00:07 2013] <ianjneu> elliott: interesting. source?
[Mon Aug 19 18:00:07 2013] <ianjneu> elliott: interesting. source?
[Mon Aug 19 18:00:12 2013] <elliott> let me dig it up.
[Mon Aug 19 18:00:12 2013] <elliott> let me dig it up.
[Mon Aug 19 18:00:30 2013] <elliott> http://hackage.haskell.org/package/uAgda is an implementation
[Mon Aug 19 18:00:30 2013] <elliott> http://hackage.haskell.org/package/uAgda is an implementation
[Mon Aug 19 18:00:35 2013] <elliott> paper I read is by the same author
[Mon Aug 19 18:00:35 2013] <elliott> paper I read is by the same author
[Mon Aug 19 18:00:48 2013] <ianjneu> neelk and derek dreyer. Of course. Those guys rock.
[Mon Aug 19 18:00:49 2013] <ianjneu> neelk and derek dreyer. Of course. Those guys rock.
[Mon Aug 19 18:01:26 2013] <elliott> ianjneu: http://publications.lib.chalmers.se/publication/153094 I think
[Mon Aug 19 18:01:26 2013] <elliott> ianjneu: http://publications.lib.chalmers.se/publication/153094 I think
[Mon Aug 19 18:01:45 2013] <ianjneu> Okay, so multiple sources.
[Mon Aug 19 18:01:45 2013] <ianjneu> Okay, so multiple sources.
[Mon Aug 19 18:02:26 2013] <elliott> ianjneu: that, http://homotopytypetheory.org/2011/07/27/canonicity-for-2-dimensional-type-theory/ and http://twanvl.nl/blog/agda/subst-from-cong all increased my confidence that a computational interpretation for univalence exists. (but I am just an amateur; take it with a grain of salt)
[Mon Aug 19 18:02:26 2013] <elliott> ianjneu: that, http://homotopytypetheory.org/2011/07/27/canonicity-for-2-dimensional-type-theory/ and http://twanvl.nl/blog/agda/subst-from-cong all increased my confidence that a computational interpretation for univalence exists. (but I am just an amateur; take it with a grain of salt)
[Mon Aug 19 18:02:42 2013] <elliott> (er, follow-up to the latter: http://twanvl.nl/blog/agda/cong-from-refl)
[Mon Aug 19 18:02:42 2013] <elliott> (er, follow-up to the latter: http://twanvl.nl/blog/agda/cong-from-refl)
[Mon Aug 19 18:15:53 2013] <clj_newb_2345> is there a way to do "Hint Extern num context[ ... ]" ... or do I have to do "Hint Extern num match goal with |- context ... end" ?
[Mon Aug 19 18:15:53 2013] <clj_newb_2345> is there a way to do "Hint Extern num context[ ... ]" ... or do I have to do "Hint Extern num match goal with |- context ... end" ?
[Mon Aug 19 18:24:32 2013] <peterbb> I have a goal on the form (c t1 t2) = (c t1' t2'), where c is a constructor for an inductivly defined type. What is the best way to reduce this to two subgoals, t1 = t1' and t2 = t2'? I've not found any tactic doing that.
[Mon Aug 19 18:24:32 2013] <peterbb> I have a goal on the form (c t1 t2) = (c t1' t2'), where c is a constructor for an inductivly defined type. What is the best way to reduce this to two subgoals, t1 = t1' and t2 = t2'? I've not found any tactic doing that.
[Mon Aug 19 18:24:52 2013] <clj_newb_2345> fequal
[Mon Aug 19 18:24:52 2013] <clj_newb_2345> fequal
[Mon Aug 19 18:25:05 2013] <clj_newb_2345> "apply f_equal2"
[Mon Aug 19 18:25:06 2013] <clj_newb_2345> "apply f_equal2"
[Mon Aug 19 18:25:15 2013] <clj_newb_2345> I can start paying my debt to #coq :-)
[Mon Aug 19 18:25:15 2013] <clj_newb_2345> I can start paying my debt to #coq :-)
[Mon Aug 19 18:25:51 2013] <peterbb> Thanks :)
[Mon Aug 19 18:25:51 2013] <peterbb> Thanks :)
[Mon Aug 19 18:33:25 2013] <elliott> you can also just "f_equal"
[Mon Aug 19 18:33:25 2013] <elliott> you can also just "f_equal"
[Mon Aug 19 18:33:28 2013] <elliott> as a tactic
[Mon Aug 19 18:33:28 2013] <elliott> as a tactic
[Mon Aug 19 18:34:09 2013] <clj_newb_2345> alright, I'm now going to back to 0 for the day:
[Mon Aug 19 18:34:10 2013] <clj_newb_2345> alright, I'm now going to back to 0 for the day:
[Mon Aug 19 18:34:39 2013] <clj_newb_2345> instead of a Rewrite database, is it possible to create a "tactic" database -- i.e. a list of tactics, where it's like a repeat ( tac1 || tac2 || tac3 || ...... )
[Mon Aug 19 18:34:40 2013] <clj_newb_2345> instead of a Rewrite database, is it possible to create a "tactic" database -- i.e. a list of tactics, where it's like a repeat ( tac1 || tac2 || tac3 || ...... )
[Mon Aug 19 18:34:47 2013] <clj_newb_2345> basically, if you can apply any of the tactics in this databse, apply it
[Mon Aug 19 18:34:47 2013] <clj_newb_2345> basically, if you can apply any of the tactics in this databse, apply it
[Mon Aug 19 18:34:58 2013] <clj_newb_2345> I tried "Hint Extern"
[Mon Aug 19 18:34:58 2013] <clj_newb_2345> I tried "Hint Extern"
[Mon Aug 19 18:35:05 2013] <clj_newb_2345> but it appears auto only uses it if the tactic can solve the entire goal
[Mon Aug 19 18:35:05 2013] <clj_newb_2345> but it appears auto only uses it if the tactic can solve the entire goal
[Mon Aug 19 18:35:13 2013] <clj_newb_2345> (in my case, it can't ... my tactic introduces new goals)
[Mon Aug 19 18:35:13 2013] <clj_newb_2345> (in my case, it can't ... my tactic introduces new goals)
[Mon Aug 19 19:35:06 2013] <clj_newb_2345> can ocaml tactics generate fake proofs
[Mon Aug 19 19:35:06 2013] <clj_newb_2345> can ocaml tactics generate fake proofs
[Mon Aug 19 19:35:24 2013] <clj_newb_2345> or does "Qed" in Coq also verify the terms generated by the ocaml tactics?
[Mon Aug 19 19:35:24 2013] <clj_newb_2345> or does "Qed" in Coq also verify the terms generated by the ocaml tactics?
[Mon Aug 19 19:42:10 2013] <kini> clj_newb_2345: Qed should verify, yes
[Mon Aug 19 19:42:10 2013] <kini> clj_newb_2345: Qed should verify, yes
[Mon Aug 19 19:46:08 2013] <clj_newb_2345> okay, so in theory, if I screw up my OCaml tactic,
[Mon Aug 19 19:46:08 2013] <clj_newb_2345> okay, so in theory, if I screw up my OCaml tactic,
[Mon Aug 19 19:46:13 2013] <clj_newb_2345> Qed will go "you srewed up"
[Mon Aug 19 19:46:13 2013] <clj_newb_2345> Qed will go "you srewed up"
[Mon Aug 19 19:46:17 2013] <clj_newb_2345> rather than letting me create a fake proof
[Mon Aug 19 19:46:17 2013] <clj_newb_2345> rather than letting me create a fake proof
[Tue Aug 20 10:58:46 2013] <msrcptival> I can't find a syntax to cancel the implicitness of some arguments
[Tue Aug 20 10:58:46 2013] <msrcptival> I can't find a syntax to cancel the implicitness of some arguments
[Tue Aug 20 10:59:12 2013] <msrcptival> rather, of all arguments
[Tue Aug 20 10:59:12 2013] <msrcptival> rather, of all arguments
[Tue Aug 20 10:59:38 2013] <msrcptival> maybe because @ does that job :\
[Tue Aug 20 10:59:38 2013] <msrcptival> maybe because @ does that job :\
[Tue Aug 20 10:59:43 2013] <msrcptival> but still
[Tue Aug 20 10:59:43 2013] <msrcptival> but still
[Tue Aug 20 11:01:33 2013] <fisi> msrcptival: you can change the implicitness of any given arguments with the "Arguments" command (8.4, I believe), but that's a Vernacular-level thing. I don't think there's anything other then '@' at the Gallina level (not even sure how this would be supposed to work).
[Tue Aug 20 11:01:33 2013] <fisi> msrcptival: you can change the implicitness of any given arguments with the "Arguments" command (8.4, I believe), but that's a Vernacular-level thing. I don't think there's anything other then '@' at the Gallina level (not even sure how this would be supposed to work).
[Tue Aug 20 11:01:59 2013] <msrcptival> fisi: yes but
[Tue Aug 20 11:01:59 2013] <msrcptival> fisi: yes but
[Tue Aug 20 11:02:11 2013] <msrcptival> say f : {a b} c
[Tue Aug 20 11:02:11 2013] <msrcptival> say f : {a b} c
[Tue Aug 20 11:02:28 2013] <msrcptival> Arguments f [a] b c. makes it f : {a} b c
[Tue Aug 20 11:02:28 2013] <msrcptival> Arguments f [a] b c. makes it f : {a} b c
[Tue Aug 20 11:02:41 2013] <msrcptival> Arguments f a b c. leaves it f : {a b} c
[Tue Aug 20 11:02:42 2013] <msrcptival> Arguments f a b c. leaves it f : {a b} c
[Tue Aug 20 11:03:40 2013] <msrcptival> I can't find a way to make all the arguments explicit again
[Tue Aug 20 11:03:41 2013] <msrcptival> I can't find a way to make all the arguments explicit again
[Tue Aug 20 11:04:23 2013] <fisi> okay, that's weird.
[Tue Aug 20 11:04:23 2013] <fisi> okay, that's weird.
[Tue Aug 20 11:09:35 2013] <fisi> ha, got it!
[Tue Aug 20 11:09:35 2013] <fisi> ha, got it!
[Tue Aug 20 11:09:59 2013] <fisi> "Arguments qualid : clear implicits"
[Tue Aug 20 11:09:59 2013] <fisi> "Arguments qualid : clear implicits"
[Tue Aug 20 11:10:04 2013] <msrcptival> ah
[Tue Aug 20 11:10:04 2013] <msrcptival> ah
[Tue Aug 20 11:10:08 2013] <msrcptival> so quirky
[Tue Aug 20 11:10:08 2013] <msrcptival> so quirky
[Tue Aug 20 11:10:17 2013] <fisi> yup
[Tue Aug 20 11:10:17 2013] <fisi> yup
[Tue Aug 20 11:10:57 2013] <fisi> I guess it *is* shorter then spelling out everything, but still no clue why the syntax you've given doesn't clear the implicitness
[Tue Aug 20 11:10:57 2013] <fisi> I guess it *is* shorter then spelling out everything, but still no clue why the syntax you've given doesn't clear the implicitness
[Tue Aug 20 17:18:39 2013] <watermind> when trying to install coq via opam I get:    Application of .opam/4.00.1/build/coq.8.4pl2/CAML_LD_LIBRARY_PATH.patch failed: can not determine the correct patch level.
[Tue Aug 20 17:18:39 2013] <watermind> when trying to install coq via opam I get:    Application of .opam/4.00.1/build/coq.8.4pl2/CAML_LD_LIBRARY_PATH.patch failed: can not determine the correct patch level.
[Tue Aug 20 17:18:44 2013] <watermind> any idea how to approach this?
[Tue Aug 20 17:18:44 2013] <watermind> any idea how to approach this?
[Tue Aug 20 18:52:50 2013] <osa1> sometimes I find myself using apply tactic with all parameters specified like this: apply (E_Seq c1 c2 st st'0 st') . is there a way to infer those parameters? obviously I'm specifying parameters because plain "apply E_Seq" doesn't work.
[Tue Aug 20 18:52:51 2013] <osa1> sometimes I find myself using apply tactic with all parameters specified like this: apply (E_Seq c1 c2 st st'0 st') . is there a way to infer those parameters? obviously I'm specifying parameters because plain "apply E_Seq" doesn't work.
[Tue Aug 20 18:55:14 2013] <jgross_> You can try leaving some of them as underscores, and see if [apply] can infer them.  You can see if [eapply E_Seq] works.  You can see if sticking all of them in as underscores and doing something like [refine (E_Seq _ _ _ _ _)] works ([refine] and [apply] use different unification engines, much to my annoyance) 
[Tue Aug 20 18:55:14 2013] <jgross_> You can try leaving some of them as underscores, and see if [apply] can infer them.  You can see if [eapply E_Seq] works.  You can see if sticking all of them in as underscores and doing something like [refine (E_Seq _ _ _ _ _)] works ([refine] and [apply] use different unification engines, much to my annoyance)
[Tue Aug 20 18:56:23 2013] <jgross_> You can also do [apply (E_Seq c1 c2)] and see if Coq can infer the rest of the parameters. 
[Tue Aug 20 18:56:23 2013] <jgross_> You can also do [apply (E_Seq c1 c2)] and see if Coq can infer the rest of the parameters.
[Tue Aug 20 18:56:37 2013] <osa1> hmm, never heard of refine before
[Tue Aug 20 18:56:38 2013] <osa1> hmm, never heard of refine before
[Tue Aug 20 18:57:03 2013] <osa1> I didn't know about _ , thanks. I'll try that in my next proofs
[Tue Aug 20 18:57:03 2013] <osa1> I didn't know about _ , thanks. I'll try that in my next proofs
[Tue Aug 20 19:01:40 2013] <watermind> I'm trying to compile coq but it complains about not finding dlllablgtk2.so, which I do have under  .opam/4.00.1/lib/stublibs
[Tue Aug 20 19:01:41 2013] <watermind> I'm trying to compile coq but it complains about not finding dlllablgtk2.so, which I do have under  .opam/4.00.1/lib/stublibs
[Tue Aug 20 19:02:05 2013] <watermind> any idea how to approach this problem?
[Tue Aug 20 19:02:05 2013] <watermind> any idea how to approach this problem?
[Tue Aug 20 19:09:27 2013] <osa1> have you tried using opam?
[Tue Aug 20 19:09:27 2013] <osa1> have you tried using opam?
[Tue Aug 20 19:14:01 2013] <apples`> hi (on an unstable connection, forgive me if i've already asked), i'm trying to learn coq, and i'm stuck on a proof. http://codepad.org/ogRDxYIM would anyone mind giving me a hint?
[Tue Aug 20 19:14:01 2013] <apples`> hi (on an unstable connection, forgive me if i've already asked), i'm trying to learn coq, and i'm stuck on a proof. http://codepad.org/ogRDxYIM would anyone mind giving me a hint?
[Tue Aug 20 19:14:30 2013] <watermind> osa1: yes it fails with  Application of .opam/4.00.1/build/coq.8.4pl2/CAML_LD_LIBRARY_PATH.patch failed: can not determine the correct patch level.
[Tue Aug 20 19:14:30 2013] <watermind> osa1: yes it fails with  Application of .opam/4.00.1/build/coq.8.4pl2/CAML_LD_LIBRARY_PATH.patch failed: can not determine the correct patch level.
[Tue Aug 20 19:20:55 2013] <osa1> ah, okay than. I'm not very experienced with this stuff but I remember having lots of problems about compiling coq until I discovered opam. then it worked without problems.
[Tue Aug 20 19:20:55 2013] <osa1> ah, okay than. I'm not very experienced with this stuff but I remember having lots of problems about compiling coq until I discovered opam. then it worked without problems.
[Tue Aug 20 19:26:31 2013] <watermind> I just managed :)
[Tue Aug 20 19:26:31 2013] <watermind> I just managed :)
[Tue Aug 20 19:28:14 2013] <watermind> I just linked the .so files which were in .opam/4.00.1/lib/stublibs  in their respective lablgtk2 dir also in .opam
[Tue Aug 20 19:28:14 2013] <watermind> I just linked the .so files which were in .opam/4.00.1/lib/stublibs  in their respective lablgtk2 dir also in .opam
[Tue Aug 20 19:28:20 2013] <watermind> and coq was happy
[Tue Aug 20 19:28:20 2013] <watermind> and coq was happy
[Tue Aug 20 23:21:03 2013] <clj_newb_2345> I suspect proof general is ignoring ./_CoqProject
[Tue Aug 20 23:21:03 2013] <clj_newb_2345> I suspect proof general is ignoring ./_CoqProject
[Tue Aug 20 23:21:16 2013] <clj_newb_2345> how do I check this (to see where proof general read _CoqProject from) ?
[Tue Aug 20 23:21:16 2013] <clj_newb_2345> how do I check this (to see where proof general read _CoqProject from) ?
[Wed Aug 21 00:00:10 2013] <clj_newb_2345> resolved
[Wed Aug 21 00:00:10 2013] <clj_newb_2345> resolved
[Wed Aug 21 00:00:20 2013] <clj_newb_2345> apparently needed to confitgure meacs instead of run it as "proof general"
[Wed Aug 21 00:00:20 2013] <clj_newb_2345> apparently needed to confitgure meacs instead of run it as "proof general"
[Wed Aug 21 00:07:25 2013] <clj_newb_2345> nope, false hope
[Wed Aug 21 00:07:25 2013] <clj_newb_2345> nope, false hope
[Wed Aug 21 06:31:41 2013] <watermind> I am able to install coq but it uses camlp4 rather than 5
[Wed Aug 21 06:31:41 2013] <watermind> I am able to install coq but it uses camlp4 rather than 5
[Wed Aug 21 06:32:21 2013] <watermind> ./configure -usecamlp5 complains about no camlp5 being found... I do have it though
[Wed Aug 21 06:32:21 2013] <watermind> ./configure -usecamlp5 complains about no camlp5 being found... I do have it though
[Wed Aug 21 06:32:33 2013] <watermind> any idea how what may be going on
[Wed Aug 21 06:32:33 2013] <watermind> any idea how what may be going on
[Wed Aug 21 06:33:34 2013] <watermind> I wouldn't care about it normaly, but then why3 compilation is failing and it seems due to the fact that why3 is being compiled with camlp5
[Wed Aug 21 06:33:35 2013] <watermind> I wouldn't care about it normaly, but then why3 compilation is failing and it seems due to the fact that why3 is being compiled with camlp5
[Wed Aug 21 07:17:31 2013] <robbert> watermind: in Debian I use apt-get build-dep coqide to get all dependencies installed, and then a plain ./configure -opt -local; make -j4 works
[Wed Aug 21 07:17:31 2013] <robbert> watermind: in Debian I use apt-get build-dep coqide to get all dependencies installed, and then a plain ./configure -opt -local; make -j4 works
[Wed Aug 21 07:49:41 2013] <watermind> robbert: thank you I'm not using debian though, but I managed meanwhile tio install it with opam
[Wed Aug 21 07:49:41 2013] <watermind> robbert: thank you I'm not using debian though, but I managed meanwhile tio install it with opam
[Wed Aug 21 07:49:53 2013] <watermind> my system was missing the patch utility
[Wed Aug 21 07:49:53 2013] <watermind> my system was missing the patch utility
[Wed Aug 21 11:32:41 2013] <ryanakca> Any suggestions on why line 11 breaks sigT1 notation? http://paste.debian.net/28033/ It's a simple definition sigT3 which does the obvious thing, and the notation is an extension of that for sigT2 from trunk/Theories/Init/Specif.v .
[Wed Aug 21 11:32:41 2013] <ryanakca> Any suggestions on why line 11 breaks sigT1 notation? http://paste.debian.net/28033/ It's a simple definition sigT3 which does the obvious thing, and the notation is an extension of that for sigT2 from trunk/Theories/Init/Specif.v .
[Wed Aug 21 11:33:09 2013] <kmicinski> I'm using sets via FSetInterface and doing some dependently typed programming, and I'd like a decision procedure for subsets, but notice that FSetInterface doesn't have one, am I missing something?
[Wed Aug 21 11:33:09 2013] <kmicinski> I'm using sets via FSetInterface and doing some dependently typed programming, and I'd like a decision procedure for subsets, but notice that FSetInterface doesn't have one, am I missing something?
[Wed Aug 21 11:55:17 2013] <msrcptival> kmicinski:  Parameter subset : t -> t -> bool.
[Wed Aug 21 11:55:17 2013] <msrcptival> kmicinski:  Parameter subset : t -> t -> bool.
[Wed Aug 21 11:55:59 2013] <msrcptival> also Sdep has Parameter subset : forall s s' : t, {Subset s s'} + {~ Subset s s'}.
[Wed Aug 21 11:55:59 2013] <msrcptival> also Sdep has Parameter subset : forall s s' : t, {Subset s s'} + {~ Subset s s'}.
[Wed Aug 21 12:41:07 2013] <kmicinski> msrcptival: right, I need Sdep, but I wondered why this wasn't a parameter of fsetinterface
[Wed Aug 21 12:41:07 2013] <kmicinski> msrcptival: right, I need Sdep, but I wondered why this wasn't a parameter of fsetinterface
[Wed Aug 21 12:41:25 2013] <kmicinski> i.e., can't it be done without sdep's assumptions
[Wed Aug 21 12:41:25 2013] <kmicinski> i.e., can't it be done without sdep's assumptions
[Wed Aug 21 12:43:09 2013] <msrcptival> my guess is it can
[Wed Aug 21 12:43:09 2013] <msrcptival> my guess is it can
[Wed Aug 21 12:43:30 2013] <msrcptival> since you have the non-dependent subset and the theorem subset_2
[Wed Aug 21 12:43:30 2013] <msrcptival> since you have the non-dependent subset and the theorem subset_2
[Wed Aug 21 14:37:25 2013] <jgross_> ryanakca: You want to put your notation "(at level 0, x at level 99)", to fator correctly with the notations for sigT, sigT2.  I don't know exactly how notation factoring works, but it's a bit wonky.  See theories/Init/Notations.v for the reserved notation lines (with levels), and theories/Init/Specif.v for the actual definitions. 
[Wed Aug 21 14:37:25 2013] <jgross_> ryanakca: You want to put your notation "(at level 0, x at level 99)", to fator correctly with the notations for sigT, sigT2.  I don't know exactly how notation factoring works, but it's a bit wonky.  See theories/Init/Notations.v for the reserved notation lines (with levels), and theories/Init/Specif.v for the actual definitions.
[Wed Aug 21 15:44:39 2013] <clj_newb_2345> so apparently proof general gives infinitey better error msgs on "abstracting foo over bar gives ill-typed term"
[Wed Aug 21 15:44:39 2013] <clj_newb_2345> so apparently proof general gives infinitey better error msgs on "abstracting foo over bar gives ill-typed term"
[Wed Aug 21 18:45:49 2013] <clj_newb_2345> Ptival_: ping
[Wed Aug 21 18:45:49 2013] <clj_newb_2345> Ptival_: ping
[Wed Aug 21 19:33:17 2013] <Ptival> pong
[Wed Aug 21 19:33:17 2013] <Ptival> pong
[Wed Aug 21 20:01:14 2013] <rola> Say I want to assert some propositions p1, p2, ..., pn of type Prop. How would I do a forall or exists on them?
[Wed Aug 21 20:01:14 2013] <rola> Say I want to assert some propositions p1, p2, ..., pn of type Prop. How would I do a forall or exists on them?
[Wed Aug 21 20:02:20 2013] <kini> hey rola, could you elaborate what you mean by "do a forall or exists"?
[Wed Aug 21 20:02:20 2013] <kini> hey rola, could you elaborate what you mean by "do a forall or exists"?
[Wed Aug 21 20:06:01 2013] <rola> Sure. suppose I have "Variables p1 p2 p3 p4 p5 p6 : Prop." and I was wondering how I could state this more consisely using an exists: "Hypothesis h0 : p1 \/ p2 \/ p3 \/ p4 \/ p5 \/ p6."
[Wed Aug 21 20:06:01 2013] <rola> Sure. suppose I have "Variables p1 p2 p3 p4 p5 p6 : Prop." and I was wondering how I could state this more consisely using an exists: "Hypothesis h0 : p1 \/ p2 \/ p3 \/ p4 \/ p5 \/ p6."
[Wed Aug 21 20:11:28 2013] <rola> oops. I didn't mean to include 'Hypothesis h0 :'
[Wed Aug 21 20:11:28 2013] <rola> oops. I didn't mean to include 'Hypothesis h0 :'
[Wed Aug 21 20:12:04 2013] <rola> kini, Is that a little clearer?
[Wed Aug 21 20:12:04 2013] <rola> kini, Is that a little clearer?
[Wed Aug 21 20:30:08 2013] <kini> rola: hmm, I still don't really understand what you want to do, but I'm pretty much a coq beginner myself. Maybe wait for someone else to read your question :)
[Wed Aug 21 20:30:08 2013] <kini> rola: hmm, I still don't really understand what you want to do, but I'm pretty much a coq beginner myself. Maybe wait for someone else to read your question :)
[Wed Aug 21 20:54:32 2013] <Cale> rola: Well, if they were actually parameterised by some other type, you could then use forall...
[Wed Aug 21 20:54:33 2013] <Cale> rola: Well, if they were actually parameterised by some other type, you could then use forall...
[Wed Aug 21 21:01:15 2013] <Cale> rola: http://lpaste.net/92052
[Wed Aug 21 21:01:15 2013] <Cale> rola: http://lpaste.net/92052
[Wed Aug 21 21:03:04 2013] <Cale> rola: Does that make sense?
[Wed Aug 21 21:03:04 2013] <Cale> rola: Does that make sense?
[Wed Aug 21 21:09:23 2013] <rola> Cale, I think so. So "Fin 6 -> Prop" is a map from the set of 6 elements to Prop?
[Wed Aug 21 21:09:24 2013] <rola> Cale, I think so. So "Fin 6 -> Prop" is a map from the set of 6 elements to Prop?
[Wed Aug 21 21:10:08 2013] <Cale> yeah
[Wed Aug 21 21:10:08 2013] <Cale> yeah
[Wed Aug 21 21:11:08 2013] <Cale> So you'll have  p F0, p (FS F0), p (FS (FS F0)), ... p (FS (FS (FS (FS (FS F0)))))
[Wed Aug 21 21:11:08 2013] <Cale> So you'll have  p F0, p (FS F0), p (FS (FS F0)), ... p (FS (FS (FS (FS (FS F0)))))
[Wed Aug 21 21:11:29 2013] <Cale> and H says that one of those is true
[Wed Aug 21 21:11:30 2013] <Cale> and H says that one of those is true
[Thu Aug 22 09:12:03 2013] <clj_newb_2345> in proof general, how do I hide the "=>"
[Thu Aug 22 09:12:03 2013] <clj_newb_2345> in proof general, how do I hide the "=>"
[Thu Aug 22 09:12:15 2013] <clj_newb_2345> it's stupidly annoying for hidng the first 2 characters of what I'm typing
[Thu Aug 22 09:12:15 2013] <clj_newb_2345> it's stupidly annoying for hidng the first 2 characters of what I'm typing
[Thu Aug 22 09:12:28 2013] <clj_newb_2345> and also absolutely useless given that the color separation already tells me what's going to be processed next
[Thu Aug 22 09:12:28 2013] <clj_newb_2345> and also absolutely useless given that the color separation already tells me what's going to be processed next
[Thu Aug 22 20:18:46 2013] <clj_newb_2345> what is the inverse of intros
[Thu Aug 22 20:18:46 2013] <clj_newb_2345> what is the inverse of intros
[Thu Aug 22 20:18:54 2013] <clj_newb_2345> i.e. I wnat to move a hypothesis into the goal as a (hyp -> goal)
[Thu Aug 22 20:18:54 2013] <clj_newb_2345> i.e. I wnat to move a hypothesis into the goal as a (hyp -> goal)
[Thu Aug 22 20:31:29 2013] <hpaste_> kini pasted “No title” at http://lpaste.net/92089
[Thu Aug 22 20:31:29 2013] <hpaste_> kini pasted “No title” at http://lpaste.net/92089
[Thu Aug 22 20:31:38 2013] <kini> clj_newb_2345: ↑
[Thu Aug 22 20:31:39 2013] <kini> clj_newb_2345: ↑
[Thu Aug 22 20:38:49 2013] <clj_newb_2345> kini: nice, thanks!
[Thu Aug 22 20:38:50 2013] <clj_newb_2345> kini: nice, thanks!
[Thu Aug 22 20:39:01 2013] <kini> sure :)
[Thu Aug 22 20:39:01 2013] <kini> sure :)
[Fri Aug 23 11:31:49 2013] <clj_newb_2345> so I'm reading about "ex" and "ex_intro" in the Logic chapter of software foundations -- and -- WTF -- is "exist ... ," just a coq notation?
[Fri Aug 23 11:31:49 2013] <clj_newb_2345> so I'm reading about "ex" and "ex_intro" in the Logic chapter of software foundations -- and -- WTF -- is "exist ... ," just a coq notation?
[Fri Aug 23 11:35:46 2013] <ianjneu> exist is a tactic to apply ex_intro to the value you give it, and it tries to find the proof that it satisfies the property of the Sigma type
[Fri Aug 23 11:35:46 2013] <ianjneu> exist is a tactic to apply ex_intro to the value you give it, and it tries to find the proof that it satisfies the property of the Sigma type
[Fri Aug 23 11:36:12 2013] <clj_newb_2345> sorry, I had a typo
[Fri Aug 23 11:36:12 2013] <clj_newb_2345> sorry, I had a typo
[Fri Aug 23 11:36:17 2013] <clj_newb_2345> I meant "exists x, x + 2 = 4"
[Fri Aug 23 11:36:17 2013] <clj_newb_2345> I meant "exists x, x + 2 = 4"
[Fri Aug 23 11:36:25 2013] <clj_newb_2345> not "exist 2" (as my original post suggested)
[Fri Aug 23 11:36:25 2013] <clj_newb_2345> not "exist 2" (as my original post suggested)
[Fri Aug 23 11:36:33 2013] <clj_newb_2345> so the "exists ... ," = notation
[Fri Aug 23 11:36:33 2013] <clj_newb_2345> so the "exists ... ," = notation
[Fri Aug 23 11:36:36 2013] <ianjneu> that's notation for the sigma type.
[Fri Aug 23 11:36:36 2013] <ianjneu> that's notation for the sigma type.
[Fri Aug 23 11:36:50 2013] <clj_newb_2345> and 'exist ... ' = tactic for (apply ex ex_intro ... )
[Fri Aug 23 11:36:51 2013] <clj_newb_2345> and 'exist ... ' = tactic for (apply ex ex_intro ... )
[Fri Aug 23 11:37:05 2013] <clj_newb_2345> and by sigma type, you mean "   ex_intro : forall (witness:X), P witness -> ex X P. " right?
[Fri Aug 23 11:37:05 2013] <clj_newb_2345> and by sigma type, you mean "   ex_intro : forall (witness:X), P witness -> ex X P. " right?
[Fri Aug 23 11:37:39 2013] <ianjneu> That's the introduction rule for the sigma type, ex.
[Fri Aug 23 11:37:40 2013] <ianjneu> That's the introduction rule for the sigma type, ex.
[Fri Aug 23 11:38:38 2013] <ianjneu> Inductive types are used in Coq as a replacement for identity types, dependent sums, sums, products and W types that one would find in Martin Lof type theory.
[Fri Aug 23 11:38:38 2013] <ianjneu> Inductive types are used in Coq as a replacement for identity types, dependent sums, sums, products and W types that one would find in Martin Lof type theory.
[Fri Aug 23 11:38:56 2013] <clj_newb_2345> I did not understand your last sentence
[Fri Aug 23 11:38:56 2013] <clj_newb_2345> I did not understand your last sentence
[Fri Aug 23 11:39:14 2013] <clj_newb_2345> but I think it's okay, basically there is "->", "functions", and Inductive types
[Fri Aug 23 11:39:14 2013] <clj_newb_2345> but I think it's okay, basically there is "->", "functions", and Inductive types
[Fri Aug 23 11:39:18 2013] <clj_newb_2345> all else can be built in terms of those
[Fri Aug 23 11:39:18 2013] <clj_newb_2345> all else can be built in terms of those
[Fri Aug 23 11:39:54 2013] <ianjneu> essentially. There are lots of nuances with termination checking.
[Fri Aug 23 11:39:54 2013] <ianjneu> essentially. There are lots of nuances with termination checking.
[Fri Aug 23 11:40:18 2013] <clj_newb_2345> otherwise, infinite loops can have type "False"
[Fri Aug 23 11:40:18 2013] <clj_newb_2345> otherwise, infinite loops can have type "False"
[Fri Aug 23 11:40:23 2013] <clj_newb_2345> so we need to prove that every function terminates
[Fri Aug 23 11:40:23 2013] <clj_newb_2345> so we need to prove that every function terminates
[Fri Aug 23 11:40:25 2013] <ianjneu> Coinductive types are also a thing in Coq.
[Fri Aug 23 11:40:25 2013] <ianjneu> Coinductive types are also a thing in Coq.
[Fri Aug 23 11:41:24 2013] <ianjneu> There are safe non-terminating programs (tail-recursive functions, for instance), but for a nice meta-theory, strong normalization is a good property for the language to have.
[Fri Aug 23 11:41:24 2013] <ianjneu> There are safe non-terminating programs (tail-recursive functions, for instance), but for a nice meta-theory, strong normalization is a good property for the language to have.
[Fri Aug 23 11:42:15 2013] <ianjneu> You can only "construct" False by promising to do so and just never getting there, all other rules being consistent.
[Fri Aug 23 11:42:15 2013] <ianjneu> You can only "construct" False by promising to do so and just never getting there, all other rules being consistent.
[Fri Aug 23 11:46:01 2013] <clj_newb_2345> hmm
[Fri Aug 23 11:46:01 2013] <clj_newb_2345> hmm
[Fri Aug 23 11:46:06 2013] <clj_newb_2345> is this what the mtac stuff is based upon?
[Fri Aug 23 11:46:06 2013] <clj_newb_2345> is this what the mtac stuff is based upon?
[Fri Aug 23 11:46:13 2013] <clj_newb_2345> i.e. you can have a function of type "M False"
[Fri Aug 23 11:46:13 2013] <clj_newb_2345> i.e. you can have a function of type "M False"
[Fri Aug 23 11:46:22 2013] <clj_newb_2345> but when you run it, you don't get there,and thus can't construct the False ?
[Fri Aug 23 11:46:22 2013] <clj_newb_2345> but when you run it, you don't get there,and thus can't construct the False ?
[Fri Aug 23 11:46:29 2013] <ianjneu> I'm not familiar with mtac
[Fri Aug 23 11:46:29 2013] <ianjneu> I'm not familiar with mtac
[Fri Aug 23 11:47:56 2013] <clj_newb_2345> http://plv.mpi-sws.org/mtac/
[Fri Aug 23 11:47:56 2013] <clj_newb_2345> http://plv.mpi-sws.org/mtac/
[Fri Aug 23 11:48:15 2013] <clj_newb_2345> oh wow,
[Fri Aug 23 11:48:15 2013] <clj_newb_2345> oh wow,
[Fri Aug 23 11:48:20 2013] <clj_newb_2345> so "=" is just shorthand for "eq"
[Fri Aug 23 11:48:20 2013] <clj_newb_2345> so "=" is just shorthand for "eq"
[Fri Aug 23 11:48:25 2013] <clj_newb_2345> which only has type constructor refl_equal
[Fri Aug 23 11:48:25 2013] <clj_newb_2345> which only has type constructor refl_equal
[Fri Aug 23 11:48:28 2013] <clj_newb_2345> this is starting to make so much sense now
[Fri Aug 23 11:48:28 2013] <clj_newb_2345> this is starting to make so much sense now
[Fri Aug 23 11:48:53 2013] <ianjneu> :)
[Fri Aug 23 11:48:53 2013] <ianjneu> :)
[Fri Aug 23 14:21:00 2013] <Ptival> yeah this one is nice :)
[Fri Aug 23 14:21:00 2013] <Ptival> yeah this one is nice :)
[Fri Aug 23 14:29:10 2013] <ianjneu> Ptival: eh?
[Fri Aug 23 14:29:10 2013] <ianjneu> Ptival: eh?
[Fri Aug 23 14:46:52 2013] <Ptival> the inductive definition of equality
[Fri Aug 23 14:46:52 2013] <Ptival> the inductive definition of equality
[Fri Aug 23 14:49:15 2013] <ianjneu> Do you know why Bob Harper & co want to interpret equality coinductively?
[Fri Aug 23 14:49:15 2013] <ianjneu> Do you know why Bob Harper & co want to interpret equality coinductively?
[Fri Aug 23 15:40:08 2013] <Ptival> no
[Fri Aug 23 15:40:08 2013] <Ptival> no
[Sat Aug 24 09:15:02 2013] <clj_newb_2345> Can someone point me at documentation (besides the COq tactics description) of how inversion and destruct differ?
[Sat Aug 24 09:15:02 2013] <clj_newb_2345> Can someone point me at documentation (besides the COq tactics description) of how inversion and destruct differ?
[Sat Aug 24 11:51:47 2013] <jgross_> clj_newb_2345: Have you looked at the reference manual (http://coq.inria.fr/refman/general-index.html)? 
[Sat Aug 24 11:51:48 2013] <jgross_> clj_newb_2345: Have you looked at the reference manual (http://coq.inria.fr/refman/general-index.html)?
[Sat Aug 24 12:13:02 2013] <average> jgross_: he left before you were able to lay information on him
[Sat Aug 24 12:13:03 2013] <average> jgross_: he left before you were able to lay information on him
[Sat Aug 24 14:30:06 2013] <clj_newb_2345> https://gist.github.com/anonymous/3cb996e6beb94c17782d <-- why is this even true? (taken from http://www.cis.upenn.edu/~bcpierce/sf/Equiv.html )
[Sat Aug 24 14:30:06 2013] <clj_newb_2345> https://gist.github.com/anonymous/3cb996e6beb94c17782d <-- why is this even true? (taken from http://www.cis.upenn.edu/~bcpierce/sf/Equiv.html )
[Sat Aug 24 14:49:14 2013] <Saizan> clj_newb_2345: without I/O it doesn't matter _how_ you diverge
[Sat Aug 24 14:49:14 2013] <Saizan> clj_newb_2345: without I/O it doesn't matter _how_ you diverge
[Sat Aug 24 14:57:11 2013] <clj_newb_2345> right
[Sat Aug 24 14:57:11 2013] <clj_newb_2345> right
[Sat Aug 24 14:57:25 2013] <clj_newb_2345> the equiv definition is that for all states, one side termiantes to it iff the otehr side termiantes to it
[Sat Aug 24 14:57:25 2013] <clj_newb_2345> the equiv definition is that for all states, one side termiantes to it iff the otehr side termiantes to it
[Sat Aug 24 14:57:27 2013] <clj_newb_2345> in this case,
[Sat Aug 24 14:57:27 2013] <clj_newb_2345> in this case,
[Sat Aug 24 14:57:30 2013] <clj_newb_2345> for all states, neither side terminates
[Sat Aug 24 14:57:30 2013] <clj_newb_2345> for all states, neither side terminates
[Sat Aug 24 14:57:37 2013] <clj_newb_2345> I'm an idiot :-_)
[Sat Aug 24 14:57:37 2013] <clj_newb_2345> I'm an idiot :-_)
[Sun Aug 25 14:02:46 2013] <logicshan> Hello, everyone. I want to ask a question. I am trying to prove a theorem. The script as follows: Lemma bool_not_eq_True_or_False: ~ (bool=True\/bool=False).
[Sun Aug 25 14:02:47 2013] <logicshan> Hello, everyone. I want to ask a question. I am trying to prove a theorem. The script as follows: Lemma bool_not_eq_True_or_False: ~ (bool=True\/bool=False).
[Sun Aug 25 14:02:47 2013] <logicshan> Proof.
[Sun Aug 25 14:02:47 2013] <logicshan>   intros [A|A].
[Sun Aug 25 14:02:47 2013] <logicshan> Proof.
[Sun Aug 25 14:02:47 2013] <logicshan>   - pose (p X := forall x y:X, x=y).
[Sun Aug 25 14:02:47 2013] <logicshan>   intros [A|A].
[Sun Aug 25 14:02:47 2013] <logicshan>     assert (H: ~ p bool).
[Sun Aug 25 14:02:47 2013] <logicshan>   - pose (p X := forall x y:X, x=y).
[Sun Aug 25 14:02:47 2013] <logicshan>     assert (H: ~ p bool).
[Sun Aug 25 14:02:48 2013] <logicshan>     { intro B. specialize (B true false). discriminate B. }
[Sun Aug 25 14:02:48 2013] <logicshan>     { intro B. specialize (B true false). discriminate B. }
[Sun Aug 25 14:02:50 2013] <logicshan>     apply H. rewrite A.
[Sun Aug 25 14:02:50 2013] <logicshan>     apply H. rewrite A.
[Sun Aug 25 14:02:52 2013] <logicshan>     intros [] []. reflexivity.
[Sun Aug 25 14:02:52 2013] <logicshan>     intros [] []. reflexivity.
[Sun Aug 25 14:02:54 2013] <logicshan>   - pose (p X := forall x : X, False). (*** X is empty ***)
[Sun Aug 25 14:02:54 2013] <logicshan>   - pose (p X := forall x : X, False). (*** X is empty ***)
[Sun Aug 25 14:02:56 2013] <logicshan>     assert (H: ~p bool).
[Sun Aug 25 14:02:56 2013] <logicshan>     assert (H: ~p bool).
[Sun Aug 25 14:02:58 2013] <logicshan>     { intros B. contradiction (B false). }
[Sun Aug 25 14:02:58 2013] <logicshan>     { intros B. contradiction (B false). }
[Sun Aug 25 14:03:00 2013] <logicshan>     apply H. rewrite A.
[Sun Aug 25 14:03:00 2013] <logicshan>     apply H. rewrite A.
[Sun Aug 25 14:03:02 2013] <logicshan>     intros [].
[Sun Aug 25 14:03:02 2013] <logicshan>     intros [].
[Sun Aug 25 14:03:04 2013] <logicshan> Qed.
[Sun Aug 25 14:03:04 2013] <logicshan> Qed.
[Sun Aug 25 14:03:06 2013] <logicshan> Goal (forall X:Type, X = True \/ X = False) -> False.
[Sun Aug 25 14:03:06 2013] <logicshan> Goal (forall X:Type, X = True \/ X = False) -> False.
[Sun Aug 25 14:03:08 2013] <logicshan> Proof.
[Sun Aug 25 14:03:08 2013] <logicshan> Proof.
[Sun Aug 25 14:03:10 2013] <logicshan>   intro A. specialize (A bool). apply bool_not_eq_True_or_False. exact A.  I am stuck here. Why does this happen?
[Sun Aug 25 14:03:10 2013] <logicshan>   intro A. specialize (A bool). apply bool_not_eq_True_or_False. exact A.  I am stuck here. Why does this happen?
[Sun Aug 25 16:06:30 2013] <Necrosporus> I can't compile Coq 8.4: make[1]: *** [doc/stdlib/Library.dvi] Error 1
[Sun Aug 25 16:06:30 2013] <Necrosporus> I can't compile Coq 8.4: make[1]: *** [doc/stdlib/Library.dvi] Error 1
[Sun Aug 25 16:06:56 2013] <Necrosporus> I have compiled it when hevea and lablgtk was not installed
[Sun Aug 25 16:06:57 2013] <Necrosporus> I have compiled it when hevea and lablgtk was not installed
[Sun Aug 25 16:40:46 2013] <clj_newb_2345> in Coq, I know how to say (exists (n: Z), n + 10 = 20).
[Sun Aug 25 16:40:46 2013] <clj_newb_2345> in Coq, I know how to say (exists (n: Z), n + 10 = 20).
[Sun Aug 25 16:40:55 2013] <clj_newb_2345> however, how do I say: "there exists an object of type Foo" ?
[Sun Aug 25 16:40:55 2013] <clj_newb_2345> however, how do I say: "there exists an object of type Foo" ?
[Sun Aug 25 16:41:01 2013] <clj_newb_2345> I wnat (exists (h: Foo))
[Sun Aug 25 16:41:01 2013] <clj_newb_2345> I wnat (exists (h: Foo))
[Sun Aug 25 16:41:06 2013] <clj_newb_2345> taht's all, no post conditions after that.
[Sun Aug 25 16:41:06 2013] <clj_newb_2345> taht's all, no post conditions after that.
[Sun Aug 25 16:41:41 2013] <elliott> just say Foo
[Sun Aug 25 16:41:41 2013] <elliott> just say Foo
[Sun Aug 25 16:41:57 2013] <elliott> if you really want to conceal the value of the Foo outside of Prop, you can say (exists (_ : Foo), True).
[Sun Aug 25 16:41:57 2013] <elliott> if you really want to conceal the value of the Foo outside of Prop, you can say (exists (_ : Foo), True).
[Sun Aug 25 16:42:05 2013] <elliott> or define
[Sun Aug 25 16:42:05 2013] <elliott> or define
[Sun Aug 25 16:42:09 2013] <elliott> Inductive inhabited A : Prop :=
[Sun Aug 25 16:42:09 2013] <elliott> Inductive inhabited A : Prop :=
[Sun Aug 25 16:42:12 2013] <elliott> erm
[Sun Aug 25 16:42:12 2013] <elliott> erm
[Sun Aug 25 16:42:17 2013] <elliott> Inductive inhabited A : Prop := witness : A -> inhabited A.
[Sun Aug 25 16:42:17 2013] <elliott> Inductive inhabited A : Prop := witness : A -> inhabited A.
[Sun Aug 25 16:44:18 2013] <clj_newb_2345> ah, I get it now
[Sun Aug 25 16:44:18 2013] <clj_newb_2345> ah, I get it now
[Sun Aug 25 16:44:22 2013] <clj_newb_2345> thanks
[Sun Aug 25 16:44:22 2013] <clj_newb_2345> thanks
[Sun Aug 25 17:06:25 2013] <Necrosporus> Why does Coq build fail on compiling something tex?
[Sun Aug 25 17:06:25 2013] <Necrosporus> Why does Coq build fail on compiling something tex?
[Sun Aug 25 17:06:58 2013] <Necrosporus> I'm trying to rebuild removing hevea-2.09
[Sun Aug 25 17:06:58 2013] <Necrosporus> I'm trying to rebuild removing hevea-2.09
[Sun Aug 25 17:07:18 2013] <Necrosporus> Maybe it will finish now
[Sun Aug 25 17:07:19 2013] <Necrosporus> Maybe it will finish now
[Sun Aug 25 18:00:41 2013] <Necrosporus> I have fake_ide compiled, but there seem no coq-ide
[Sun Aug 25 18:00:41 2013] <Necrosporus> I have fake_ide compiled, but there seem no coq-ide
[Sun Aug 25 19:39:19 2013] <clj_newb_2345> do you have ocaml gtk?
[Sun Aug 25 19:39:19 2013] <clj_newb_2345> do you have ocaml gtk?
[Sun Aug 25 19:39:23 2013] <clj_newb_2345> also, use proof general
[Sun Aug 25 19:39:23 2013] <clj_newb_2345> also, use proof general
[Sun Aug 25 19:39:33 2013] <clj_newb_2345> I wish I listened to the "listen proof general" 6 months ago
[Sun Aug 25 19:39:33 2013] <clj_newb_2345> I wish I listened to the "listen proof general" 6 months ago
[Mon Aug 26 08:20:32 2013] <ColonelJ> I'm having trouble defining map for my dependently typed binary tree...
[Mon Aug 26 08:20:32 2013] <ColonelJ> I'm having trouble defining map for my dependently typed binary tree...
[Mon Aug 26 08:20:59 2013] <ColonelJ> Get this weird error: The term "l" has type "bvec T n" while it is expected to have type "bvec T ?4".
[Mon Aug 26 08:20:59 2013] <ColonelJ> Get this weird error: The term "l" has type "bvec T n" while it is expected to have type "bvec T ?4".
[Mon Aug 26 08:25:36 2013] <ColonelJ> Hmm I think my definition of binary trees was a bit wrong
[Mon Aug 26 08:25:36 2013] <ColonelJ> Hmm I think my definition of binary trees was a bit wrong
[Mon Aug 26 08:27:07 2013] <ColonelJ> nope still same issue
[Mon Aug 26 08:27:07 2013] <ColonelJ> nope still same issue
[Mon Aug 26 08:34:46 2013] <ColonelJ> bam got it, the dependent variable was quantified in the wrong place
[Mon Aug 26 08:34:46 2013] <ColonelJ> bam got it, the dependent variable was quantified in the wrong place
[Mon Aug 26 08:35:35 2013] <Anarchos> ColonelJ:  \o/
[Mon Aug 26 08:35:35 2013] <Anarchos> ColonelJ:  \o/
[Mon Aug 26 08:38:19 2013] <ColonelJ> unrelated: "BNode (log2len : nat) : ..." vs "BNode : forall log2len : nat, ..." which is preferred?
[Mon Aug 26 08:38:19 2013] <ColonelJ> unrelated: "BNode (log2len : nat) : ..." vs "BNode : forall log2len : nat, ..." which is preferred?
[Mon Aug 26 08:40:05 2013] <ColonelJ> Even though the argument is implicit it counts as one of the constructor arguments either way... which makes me lean towards the more concise form
[Mon Aug 26 08:40:05 2013] <ColonelJ> Even though the argument is implicit it counts as one of the constructor arguments either way... which makes me lean towards the more concise form
[Mon Aug 26 08:57:32 2013] <ColonelJ> It doesn't seem to understand that two trees of the same size are the same size and use the same constructor... this is a bit crap
[Mon Aug 26 08:57:32 2013] <ColonelJ> It doesn't seem to understand that two trees of the same size are the same size and use the same constructor... this is a bit crap
[Mon Aug 26 09:00:23 2013] <elliott> you can omit :nat with forall
[Mon Aug 26 09:00:24 2013] <elliott> you can omit :nat with forall
[Mon Aug 26 09:00:26 2013] <elliott> usually
[Mon Aug 26 09:00:26 2013] <elliott> usually
[Mon Aug 26 09:01:03 2013] <ColonelJ> Actually I can omit on the other side too so the question remains
[Mon Aug 26 09:01:03 2013] <ColonelJ> Actually I can omit on the other side too so the question remains
[Mon Aug 26 09:01:13 2013] <ColonelJ> thanks though
[Mon Aug 26 09:01:13 2013] <ColonelJ> thanks though
[Mon Aug 26 09:02:18 2013] <ColonelJ> Anyway that doesn't really matter, how can I match two of these together so I don't get (BLeaf _, BNode _ _ _) which is impossible since they're the same size
[Mon Aug 26 09:02:18 2013] <ColonelJ> Anyway that doesn't really matter, how can I match two of these together so I don't get (BLeaf _, BNode _ _ _) which is impossible since they're the same size
[Mon Aug 26 09:02:34 2013] <ColonelJ> I mean "Error: Non exhaustive pattern-matching: no clause found for pattern (BLeaf _, BNode _ _ _)"
[Mon Aug 26 09:02:34 2013] <ColonelJ> I mean "Error: Non exhaustive pattern-matching: no clause found for pattern (BLeaf _, BNode _ _ _)"
[Mon Aug 26 09:03:35 2013] <ColonelJ> I may well be going about this the wrong way by pairing them
[Mon Aug 26 09:03:35 2013] <ColonelJ> I may well be going about this the wrong way by pairing them
[Mon Aug 26 09:05:17 2013] <Anarchos> ColonelJ:  i prefer first form for BNode (log2len :nat)
[Mon Aug 26 09:05:17 2013] <Anarchos> ColonelJ:  i prefer first form for BNode (log2len :nat)
[Mon Aug 26 09:08:04 2013] <ColonelJ> "Fixpoint zip (T U V : Set) (f : T -> U -> V) n (l : bvec T n) (r : bvec U n) := match (l, r) with ..." anyone know how to do this so it works/
[Mon Aug 26 09:08:04 2013] <ColonelJ> "Fixpoint zip (T U V : Set) (f : T -> U -> V) n (l : bvec T n) (r : bvec U n) := match (l, r) with ..." anyone know how to do this so it works/
[Mon Aug 26 09:11:56 2013] <ColonelJ> mmh I'll try matching on n instead
[Mon Aug 26 09:11:56 2013] <ColonelJ> mmh I'll try matching on n instead
[Mon Aug 26 09:14:25 2013] <ColonelJ> I still need to be able to deconstruct the vectors somehow...
[Mon Aug 26 09:14:25 2013] <ColonelJ> I still need to be able to deconstruct the vectors somehow...
[Mon Aug 26 09:17:20 2013] <ColonelJ> no I don't want deconstructed coq au vin, thanks google
[Mon Aug 26 09:17:20 2013] <ColonelJ> no I don't want deconstructed coq au vin, thanks google
[Mon Aug 26 09:36:08 2013] <ColonelJ> ended up just writing my own deconstructors
[Mon Aug 26 09:36:09 2013] <ColonelJ> ended up just writing my own deconstructors
[Mon Aug 26 09:36:11 2013] <ColonelJ> using let
[Mon Aug 26 09:36:11 2013] <ColonelJ> using let
[Mon Aug 26 09:36:23 2013] <ColonelJ> which for some bizarre reason actually works
[Mon Aug 26 09:36:23 2013] <ColonelJ> which for some bizarre reason actually works
[Mon Aug 26 09:37:23 2013] <ColonelJ> Definition bvec_leaf T (v : bvec T 0) := let 'BLeaf a := v in a.
[Mon Aug 26 09:37:23 2013] <ColonelJ> Definition bvec_l T n (v : bvec T (S n)) := let 'BNode n l _ := v in l.
[Mon Aug 26 09:37:23 2013] <ColonelJ> Definition bvec_leaf T (v : bvec T 0) := let 'BLeaf a := v in a.
[Mon Aug 26 09:37:23 2013] <ColonelJ> Definition bvec_l T n (v : bvec T (S n)) := let 'BNode n l _ := v in l.
[Mon Aug 26 09:42:58 2013] <ColonelJ> I think binding the vectors before the match is causing the problem... maybe
[Mon Aug 26 09:42:58 2013] <ColonelJ> I think binding the vectors before the match is causing the problem... maybe
[Mon Aug 26 09:43:18 2013] <ColonelJ> I'll move them inside the match
[Mon Aug 26 09:43:18 2013] <ColonelJ> I'll move them inside the match
[Mon Aug 26 09:45:52 2013] <ColonelJ> "Unable to communicate with coqtop, restarting coqtop."
[Mon Aug 26 09:45:53 2013] <ColonelJ> "Unable to communicate with coqtop, restarting coqtop."
[Mon Aug 26 09:46:00 2013] <ColonelJ> this is really fun this
[Mon Aug 26 09:46:00 2013] <ColonelJ> this is really fun this
[Mon Aug 26 09:50:52 2013] <ColonelJ> New idea: make an inductive type to represent a pair of vectors so I can actually match it
[Mon Aug 26 09:50:52 2013] <ColonelJ> New idea: make an inductive type to represent a pair of vectors so I can actually match it
[Mon Aug 26 09:54:15 2013] <ColonelJ> oh wait BNode already does that :D
[Mon Aug 26 09:54:15 2013] <ColonelJ> oh wait BNode already does that :D
[Mon Aug 26 10:00:17 2013] <ColonelJ> Damn this awesome hack requires that the lists are of the same type, I guess I can live with that for this proof..
[Mon Aug 26 10:00:17 2013] <ColonelJ> Damn this awesome hack requires that the lists are of the same type, I guess I can live with that for this proof..
[Mon Aug 26 10:02:20 2013] <ColonelJ> incredibly somehow it manages to still not work
[Mon Aug 26 10:02:21 2013] <ColonelJ> incredibly somehow it manages to still not work
[Mon Aug 26 10:03:43 2013] <ColonelJ> Possibly because it's too stupid to realise that matching an expression which is even lexically determinable to be a BNode still might be a BLeaf by some kind of magic but it's hard to tell due to the complete lack of detail in the error
[Mon Aug 26 10:03:44 2013] <ColonelJ> Possibly because it's too stupid to realise that matching an expression which is even lexically determinable to be a BNode still might be a BLeaf by some kind of magic but it's hard to tell due to the complete lack of detail in the error
[Mon Aug 26 10:04:04 2013] <ColonelJ> "Error: Non exhaustive pattern-matching: no clause found for pattern BLeaf _"  thanks
[Mon Aug 26 10:04:04 2013] <ColonelJ> "Error: Non exhaustive pattern-matching: no clause found for pattern BLeaf _"  thanks
[Mon Aug 26 10:09:43 2013] <ColonelJ> So lets go back to the original idea and have a different constructor for a pair of leaves versus a pair of trees...
[Mon Aug 26 10:09:43 2013] <ColonelJ> So lets go back to the original idea and have a different constructor for a pair of leaves versus a pair of trees...
[Mon Aug 26 10:10:25 2013] <ColonelJ> and of course remove the same type restriction
[Mon Aug 26 10:10:25 2013] <ColonelJ> and of course remove the same type restriction
[Mon Aug 26 10:16:55 2013] <ColonelJ> And then I need a function that will pick the constructor based on the size of the lists...
[Mon Aug 26 10:16:55 2013] <ColonelJ> And then I need a function that will pick the constructor based on the size of the lists...
[Mon Aug 26 10:20:35 2013] <ColonelJ> lol that issue with match not restricting the domain again
[Mon Aug 26 10:20:36 2013] <ColonelJ> lol that issue with match not restricting the domain again
[Mon Aug 26 10:21:16 2013] <ColonelJ> if I try to split it inside coqtop will probably crash again
[Mon Aug 26 10:21:17 2013] <ColonelJ> if I try to split it inside coqtop will probably crash again
[Mon Aug 26 10:21:24 2013] <ColonelJ> no harm in trying
[Mon Aug 26 10:21:24 2013] <ColonelJ> no harm in trying
[Mon Aug 26 10:23:11 2013] <ColonelJ> yup as expected
[Mon Aug 26 10:23:11 2013] <ColonelJ> yup as expected
[Mon Aug 26 11:34:07 2013] <ColonelJ> Anyone now how to define any sensible version of zip for some type of length indexed lists?  Just need any one as an example...
[Mon Aug 26 11:34:07 2013] <ColonelJ> Anyone now how to define any sensible version of zip for some type of length indexed lists?  Just need any one as an example...
[Mon Aug 26 11:51:08 2013] <ianjneu> zip as in map cons over two lists of the same size?
[Mon Aug 26 11:51:08 2013] <ianjneu> zip as in map cons over two lists of the same size?
[Mon Aug 26 11:51:42 2013] <ColonelJ> It doesn't even have to be cons but yea.
[Mon Aug 26 11:51:42 2013] <ColonelJ> It doesn't even have to be cons but yea.
[Mon Aug 26 11:54:00 2013] <ColonelJ> I basically want it by induction on the length so that you can't cheat and define junk values for zip on lists of different length (though it's getting to the point where that's the route I want to go down)
[Mon Aug 26 11:54:01 2013] <ColonelJ> I basically want it by induction on the length so that you can't cheat and define junk values for zip on lists of different length (though it's getting to the point where that's the route I want to go down)
[Mon Aug 26 11:54:27 2013] <ColonelJ> a regular definition would just truncate one of the lists if the lengths are different
[Mon Aug 26 11:54:27 2013] <ColonelJ> a regular definition would just truncate one of the lists if the lengths are different
[Mon Aug 26 11:57:25 2013] <ianjneu> ColonelJ: Agda's dependent pattern matching is great for this. In Coq, you have to use the convoy pattern and convince the type system that ill-matched lengths are absurd, and thus admits the result type.
[Mon Aug 26 11:57:25 2013] <ianjneu> ColonelJ: Agda's dependent pattern matching is great for this. In Coq, you have to use the convoy pattern and convince the type system that ill-matched lengths are absurd, and thus admits the result type.
[Mon Aug 26 11:57:50 2013] <ianjneu> Convoy pattern: http://adam.chlipala.net/cpdt/html/MoreDep.html
[Mon Aug 26 11:57:50 2013] <ianjneu> Convoy pattern: http://adam.chlipala.net/cpdt/html/MoreDep.html
[Mon Aug 26 11:57:54 2013] <ColonelJ> yea I saw a paper for Agda on this but nothing on Coq
[Mon Aug 26 11:57:54 2013] <ColonelJ> yea I saw a paper for Agda on this but nothing on Coq
[Mon Aug 26 11:58:37 2013] <ianjneu> Ya, you match on both arguments but have to maintain a proof of equality between the length indices with the convoy pattern.
[Mon Aug 26 11:58:37 2013] <ianjneu> Ya, you match on both arguments but have to maintain a proof of equality between the length indices with the convoy pattern.
[Mon Aug 26 11:58:58 2013] <ColonelJ> I thought you'd have to do something like that but had no idea how to go about it
[Mon Aug 26 11:58:58 2013] <ColonelJ> I thought you'd have to do something like that but had no idea how to go about it
[Mon Aug 26 11:59:17 2013] <ColonelJ> actually I've been working through CPDT but I'm only on chapter 4
[Mon Aug 26 11:59:17 2013] <ColonelJ> actually I've been working through CPDT but I'm only on chapter 4
[Mon Aug 26 12:00:42 2013] <ianjneu> It's rather clunky. There is an extension to Coq called "equations" that has Agda-style dependent pattern matching. I'm not sure if it postulates Axiom K the way Agda does.
[Mon Aug 26 12:00:42 2013] <ianjneu> It's rather clunky. There is an extension to Coq called "equations" that has Agda-style dependent pattern matching. I'm not sure if it postulates Axiom K the way Agda does.
[Mon Aug 26 12:01:43 2013] <ianjneu> Axiom K is equivalent to uniqueness of identity proofs, which essentially means all types have discrete topology (i.e. are sets).
[Mon Aug 26 12:01:43 2013] <ianjneu> Axiom K is equivalent to uniqueness of identity proofs, which essentially means all types have discrete topology (i.e. are sets).
[Mon Aug 26 12:02:44 2013] <ianjneu> Homotopy type theory explores the world without UIP, but there is yet evidence that it helps programmers whatsoever.
[Mon Aug 26 12:02:44 2013] <ianjneu> Homotopy type theory explores the world without UIP, but there is yet evidence that it helps programmers whatsoever.
[Mon Aug 26 12:03:24 2013] <ianjneu> The univalence axiom is really nice, however, but I'm pretty sure it's not consistent with Axiom K.
[Mon Aug 26 12:03:24 2013] <ianjneu> The univalence axiom is really nice, however, but I'm pretty sure it's not consistent with Axiom K.
[Mon Aug 26 12:06:07 2013] <ColonelJ> CPDT seems to touch on this in chapter 10 so I guess it can wait :P
[Mon Aug 26 12:06:07 2013] <ColonelJ> CPDT seems to touch on this in chapter 10 so I guess it can wait :P
[Mon Aug 26 12:09:04 2013] <ianjneu> "this" is?
[Mon Aug 26 12:09:04 2013] <ianjneu> "this" is?
[Mon Aug 26 12:09:39 2013] <ColonelJ> Axiom K and UIP
[Mon Aug 26 12:09:40 2013] <ColonelJ> Axiom K and UIP
[Mon Aug 26 12:09:45 2013] <ianjneu> ah
[Mon Aug 26 12:09:45 2013] <ianjneu> ah
[Mon Aug 26 12:10:20 2013] <ColonelJ> anyway I'm mostly trying to learn all this stuff since I'm trying to create what could potentially be a stack-oriented dependent programming language
[Mon Aug 26 12:10:20 2013] <ColonelJ> anyway I'm mostly trying to learn all this stuff since I'm trying to create what could potentially be a stack-oriented dependent programming language
[Mon Aug 26 12:10:33 2013] <ianjneu> Honestly they're nice shortcuts, just like LEM. We just need to learn to live without them to get better things in life.
[Mon Aug 26 12:10:33 2013] <ianjneu> Honestly they're nice shortcuts, just like LEM. We just need to learn to live without them to get better things in life.
[Mon Aug 26 12:10:37 2013] <ColonelJ> though the loss of Turing completeness remains to be the main concern
[Mon Aug 26 12:10:38 2013] <ColonelJ> though the loss of Turing completeness remains to be the main concern
[Mon Aug 26 12:10:57 2013] <ColonelJ> I see
[Mon Aug 26 12:10:58 2013] <ColonelJ> I see
[Mon Aug 26 12:11:35 2013] <ianjneu> Turing-completeness is inconsequential if you work in the non-termination monad and just keep pulling on your computation.
[Mon Aug 26 12:11:35 2013] <ianjneu> Turing-completeness is inconsequential if you work in the non-termination monad and just keep pulling on your computation.
[Mon Aug 26 12:12:17 2013] <ColonelJ> I honestly have no idea whether or not that's a joke...
[Mon Aug 26 12:12:17 2013] <ColonelJ> I honestly have no idea whether or not that's a joke...
[Mon Aug 26 12:12:33 2013] <ianjneu> Run TM for n steps for fixed n is not Turing-complete, but you as the user can input n.
[Mon Aug 26 12:12:33 2013] <ianjneu> Run TM for n steps for fixed n is not Turing-complete, but you as the user can input n.
[Mon Aug 26 12:12:57 2013] <ColonelJ> Ah right I already know about that one
[Mon Aug 26 12:12:57 2013] <ColonelJ> Ah right I already know about that one
[Mon Aug 26 12:13:34 2013] <ColonelJ> but if you can prove the upper bound works then you already know it's not terminating
[Mon Aug 26 12:13:35 2013] <ColonelJ> but if you can prove the upper bound works then you already know it's not terminating
[Mon Aug 26 12:13:47 2013] <ColonelJ> s/not//
[Mon Aug 26 12:13:47 2013] <ColonelJ> s/not//
[Mon Aug 26 12:13:48 2013] <ianjneu> Loss of Turing-completeness is not a cause for concern. Cause for concern is having to ask people how the hell to program in the language because the type system is so hard to use.
[Mon Aug 26 12:13:48 2013] <ianjneu> Loss of Turing-completeness is not a cause for concern. Cause for concern is having to ask people how the hell to program in the language because the type system is so hard to use.
[Mon Aug 26 12:14:23 2013] <elliott> I/O-ful programs are codata, Agda program can easily spin forever
[Mon Aug 26 12:14:23 2013] <elliott> I/O-ful programs are codata, Agda program can easily spin forever
[Mon Aug 26 12:14:26 2013] <elliott> *programs
[Mon Aug 26 12:14:26 2013] <elliott> *programs
[Mon Aug 26 12:14:31 2013] <elliott> no loss of turing completeness
[Mon Aug 26 12:14:31 2013] <elliott> no loss of turing completeness
[Mon Aug 26 12:14:51 2013] <elliott> witness https://github.com/wouter-swierstra/Brainfuck
[Mon Aug 26 12:14:51 2013] <elliott> witness https://github.com/wouter-swierstra/Brainfuck
[Mon Aug 26 12:14:56 2013] <ColonelJ> that sounds more useful
[Mon Aug 26 12:14:56 2013] <ColonelJ> that sounds more useful
[Mon Aug 26 12:15:02 2013] <ianjneu> Usually to write the function to calculate the upper-bound of the number of steps requires the same termination argument for the original function.
[Mon Aug 26 12:15:02 2013] <ianjneu> Usually to write the function to calculate the upper-bound of the number of steps requires the same termination argument for the original function.
[Mon Aug 26 12:16:14 2013] <ColonelJ> would make sense
[Mon Aug 26 12:16:14 2013] <ColonelJ> would make sense
[Mon Aug 26 12:16:18 2013] <ianjneu> e.g. how many steps does the Ackermann function take to terminate? The function to compute that number has just about the same recursion scheme.
[Mon Aug 26 12:16:18 2013] <ianjneu> e.g. how many steps does the Ackermann function take to terminate? The function to compute that number has just about the same recursion scheme.
[Mon Aug 26 12:16:57 2013] <ianjneu> This is why we use ordinal numbers to justify termination, since natural numbers are far too weak.
[Mon Aug 26 12:16:57 2013] <ianjneu> This is why we use ordinal numbers to justify termination, since natural numbers are far too weak.
[Mon Aug 26 12:22:42 2013] <ColonelJ> haven't really done anything with those, sounds a bit crazy
[Mon Aug 26 12:22:42 2013] <ColonelJ> haven't really done anything with those, sounds a bit crazy
[Mon Aug 26 12:24:25 2013] <ColonelJ> well luckily I'm the only intended user of this language and I ought to be able to understand it be definiton since I would have made it...
[Mon Aug 26 12:24:25 2013] <ColonelJ> well luckily I'm the only intended user of this language and I ought to be able to understand it be definiton since I would have made it...
[Mon Aug 26 12:30:58 2013] <ColonelJ> Would you say Agda is more practical for programming then?
[Mon Aug 26 12:30:58 2013] <ColonelJ> Would you say Agda is more practical for programming then?
[Mon Aug 26 12:31:49 2013] <ColonelJ> Does it have considerable downsides compared to Coq?
[Mon Aug 26 12:31:49 2013] <ColonelJ> Does it have considerable downsides compared to Coq?
[Mon Aug 26 12:33:27 2013] <ianjneu> It's better on the surface, like for demos and such, but any time you use sufficiently complicated types, you end up needing to do theorem proving, and Agda is very poorly equipped to handle large proof efforts as it currently is. I think tactics are considered an anti-pattern and they don't want to add support for them.
[Mon Aug 26 12:33:27 2013] <ianjneu> It's better on the surface, like for demos and such, but any time you use sufficiently complicated types, you end up needing to do theorem proving, and Agda is very poorly equipped to handle large proof efforts as it currently is. I think tactics are considered an anti-pattern and they don't want to add support for them.
[Mon Aug 26 12:33:56 2013] <ColonelJ> that's funny
[Mon Aug 26 12:33:56 2013] <ColonelJ> that's funny
[Mon Aug 26 12:34:23 2013] <ColonelJ> I thought tactics were the only thing that made this kind of programming barely tolerable
[Mon Aug 26 12:34:23 2013] <ColonelJ> I thought tactics were the only thing that made this kind of programming barely tolerable
[Mon Aug 26 12:35:01 2013] <ColonelJ> doesn't that imply you have to write out pretty much everything?
[Mon Aug 26 12:35:01 2013] <ColonelJ> doesn't that imply you have to write out pretty much everything?
[Mon Aug 26 12:35:11 2013] <Saizan> Agda isn't against tactics in general
[Mon Aug 26 12:35:11 2013] <Saizan> Agda isn't against tactics in general
[Mon Aug 26 12:36:32 2013] <Saizan> but it'd like reflection based "solvers" more than arbitrary proof search, though the support for reflection is not quite there either
[Mon Aug 26 12:36:32 2013] <Saizan> but it'd like reflection based "solvers" more than arbitrary proof search, though the support for reflection is not quite there either
[Mon Aug 26 12:37:10 2013] <ColonelJ> I'm not a fan of reflection at all
[Mon Aug 26 12:37:10 2013] <ColonelJ> I'm not a fan of reflection at all
[Mon Aug 26 12:37:46 2013] <ColonelJ> much rather have everything within a self-consistent framework
[Mon Aug 26 12:37:46 2013] <ColonelJ> much rather have everything within a self-consistent framework
[Mon Aug 26 12:38:25 2013] <Saizan> by reflection i mean something like mtac in Coq
[Mon Aug 26 12:38:25 2013] <Saizan> by reflection i mean something like mtac in Coq
[Mon Aug 26 12:40:11 2013] <Saizan> so you actually get to write Coq programs that generate your proofs, rather than using ltac, but you have extra support for looking at your types in a more intensional way
[Mon Aug 26 12:40:11 2013] <Saizan> so you actually get to write Coq programs that generate your proofs, rather than using ltac, but you have extra support for looking at your types in a more intensional way
[Mon Aug 26 12:42:01 2013] <ColonelJ> I still get the feeling of something 'other' which is outside of your regular code, the whole use of the monad to wrap everything supports this interpretation
[Mon Aug 26 12:42:01 2013] <ColonelJ> I still get the feeling of something 'other' which is outside of your regular code, the whole use of the monad to wrap everything supports this interpretation
[Mon Aug 26 12:42:24 2013] <Saizan> oh, sure
[Mon Aug 26 12:42:24 2013] <Saizan> oh, sure
[Mon Aug 26 12:42:38 2013] <Saizan> but Ltac is completely other, for comparison :)
[Mon Aug 26 12:42:38 2013] <Saizan> but Ltac is completely other, for comparison :)
[Mon Aug 26 12:43:32 2013] <ColonelJ> Ltac has nothing to do with runtime so I see it as more of a code generator, which is not reflection nor a problem
[Mon Aug 26 12:43:32 2013] <ColonelJ> Ltac has nothing to do with runtime so I see it as more of a code generator, which is not reflection nor a problem
[Mon Aug 26 12:43:49 2013] <ColonelJ> Ltac gives a human interface to automate the efforts of proving things
[Mon Aug 26 12:43:49 2013] <ColonelJ> Ltac gives a human interface to automate the efforts of proving things
[Mon Aug 26 12:44:12 2013] <Saizan> well, the reflection stuff that is 'other' is not runtime either
[Mon Aug 26 12:44:13 2013] <Saizan> well, the reflection stuff that is 'other' is not runtime either
[Mon Aug 26 12:44:26 2013] <Saizan> you just get to use within the same language that you also use for runtime
[Mon Aug 26 12:44:26 2013] <Saizan> you just get to use within the same language that you also use for runtime
[Mon Aug 26 12:45:08 2013] <ColonelJ> fine, but then the question remains of why this is a good thing?
[Mon Aug 26 12:45:08 2013] <ColonelJ> fine, but then the question remains of why this is a good thing?
[Mon Aug 26 12:45:10 2013] <ianjneu> How does the phasing work, then?
[Mon Aug 26 12:45:10 2013] <ianjneu> How does the phasing work, then?
[Mon Aug 26 12:45:10 2013] <Saizan> there's still a phase distinction, hence the typechecker executing mtac's run
[Mon Aug 26 12:45:10 2013] <Saizan> there's still a phase distinction, hence the typechecker executing mtac's run
[Mon Aug 26 12:48:18 2013] <Saizan> there are various points, essentially if you like the expressivity of a dependently typed functional language it seems weird to go back to a mostly untyped logic one to write your macros, even if richer types are not always better
[Mon Aug 26 12:48:18 2013] <Saizan> there are various points, essentially if you like the expressivity of a dependently typed functional language it seems weird to go back to a mostly untyped logic one to write your macros, even if richer types are not always better
[Mon Aug 26 12:49:09 2013] <ianjneu> I am an extremely big fan of the choice to use untyped variants, since it only has to work for my input, not generally.
[Mon Aug 26 12:49:09 2013] <ianjneu> I am an extremely big fan of the choice to use untyped variants, since it only has to work for my input, not generally.
[Mon Aug 26 12:49:33 2013] <Saizan> also traditionally these macros tend to have more of a declarative meaning than other tactics
[Mon Aug 26 12:49:34 2013] <Saizan> also traditionally these macros tend to have more of a declarative meaning than other tactics
[Mon Aug 26 12:50:17 2013] <ianjneu> I do most of my real programming in Racket, since its macro system is sooooo powerful - static typing pretty much breaks down since you end up having to prove compiler-correctness for each macro, which is untenable.
[Mon Aug 26 12:50:18 2013] <ianjneu> I do most of my real programming in Racket, since its macro system is sooooo powerful - static typing pretty much breaks down since you end up having to prove compiler-correctness for each macro, which is untenable.
[Mon Aug 26 12:50:57 2013] <Saizan> if you look at mtac's examples you don't need that deep of a verification to use them
[Mon Aug 26 12:50:57 2013] <Saizan> if you look at mtac's examples you don't need that deep of a verification to use them
[Mon Aug 26 12:51:49 2013] <ianjneu> I don't think understand the extent of craziness I'm used to being allowed to do.
[Mon Aug 26 12:51:49 2013] <ianjneu> I don't think understand the extent of craziness I'm used to being allowed to do.
[Mon Aug 26 12:53:22 2013] <Saizan> well, there's always a tension between power and ability to reason about the code
[Mon Aug 26 12:53:23 2013] <Saizan> well, there's always a tension between power and ability to reason about the code
[Mon Aug 26 12:53:52 2013] <Saizan> I suspect you don't need nukes most of the time and can enjoy some more well-behavedness then
[Mon Aug 26 12:53:52 2013] <Saizan> I suspect you don't need nukes most of the time and can enjoy some more well-behavedness then
[Mon Aug 26 12:55:32 2013] <ColonelJ> I get the feeling that this reflection based stuff is not really giving you any separation of concerns and implies that you actually care about your tactics always working when in actual fact you don't care about that and are just trying to speed up the proof effort
[Mon Aug 26 12:55:32 2013] <ColonelJ> I get the feeling that this reflection based stuff is not really giving you any separation of concerns and implies that you actually care about your tactics always working when in actual fact you don't care about that and are just trying to speed up the proof effort
[Mon Aug 26 12:55:46 2013] <ianjneu> Meta-programming is a realm that's very poorly understood (and thus there are no good type systems for them), so I'd prefer to have a dynamically-typed system than something too weak to do anything.
[Mon Aug 26 12:55:46 2013] <ianjneu> Meta-programming is a realm that's very poorly understood (and thus there are no good type systems for them), so I'd prefer to have a dynamically-typed system than something too weak to do anything.
[Mon Aug 26 12:56:11 2013] <Saizan> ianjneu: have you looked at mtac?
[Mon Aug 26 12:56:11 2013] <Saizan> ianjneu: have you looked at mtac?
[Mon Aug 26 12:56:14 2013] <ianjneu> ColonelJ: that is my sentiment as well.
[Mon Aug 26 12:56:14 2013] <ianjneu> ColonelJ: that is my sentiment as well.
[Mon Aug 26 12:56:37 2013] <ianjneu> Saizan: I haven't used Coq in a while. Too busy writing code that I can actually run.
[Mon Aug 26 12:56:37 2013] <ianjneu> Saizan: I haven't used Coq in a while. Too busy writing code that I can actually run.
[Mon Aug 26 12:56:50 2013] <ianjneu> that was a bit of a troll, sorry.
[Mon Aug 26 12:56:50 2013] <ianjneu> that was a bit of a troll, sorry.
[Mon Aug 26 12:58:10 2013] <Saizan> ColonelJ: you don't need a language barrier to separate concerns, and caring about always working is entirely up to the type you want to give to your macro
[Mon Aug 26 12:58:10 2013] <Saizan> ColonelJ: you don't need a language barrier to separate concerns, and caring about always working is entirely up to the type you want to give to your macro
[Mon Aug 26 12:59:16 2013] <Saizan> actually in mtac failure is integrated in the monad so you don't get to specify your macro will always work for some class of inputs, but that's up to them
[Mon Aug 26 12:59:17 2013] <Saizan> actually in mtac failure is integrated in the monad so you don't get to specify your macro will always work for some class of inputs, but that's up to them
[Mon Aug 26 12:59:45 2013] <Saizan> ianjneu: well, i guess you can see reflection as research into meta-programming
[Mon Aug 26 12:59:45 2013] <Saizan> ianjneu: well, i guess you can see reflection as research into meta-programming
[Mon Aug 26 13:01:07 2013] <ianjneu> Saizan: indeed. I'm excited about the frontier in this direction. I just don't want a dependence on an unknown frontier for the work I'm currently doing.
[Mon Aug 26 13:01:07 2013] <ianjneu> Saizan: indeed. I'm excited about the frontier in this direction. I just don't want a dependence on an unknown frontier for the work I'm currently doing.
[Mon Aug 26 13:04:40 2013] <ColonelJ> if to quote CPTD we "require semi-automated proving, to protect the sanity of the programmer" then maybe having a language barrier to at least divide the brain processes a bit wouldn't half help
[Mon Aug 26 13:04:40 2013] <ColonelJ> if to quote CPTD we "require semi-automated proving, to protect the sanity of the programmer" then maybe having a language barrier to at least divide the brain processes a bit wouldn't half help
[Mon Aug 26 13:06:08 2013] <ianjneu> Adam can say many provocative things, but that quote I wholeheartedly agree with.
[Mon Aug 26 13:06:08 2013] <ianjneu> Adam can say many provocative things, but that quote I wholeheartedly agree with.
[Mon Aug 26 13:16:17 2013] <Saizan> maybe lacking the language barrier can be mind bending at first, but honestly that's how macro systems are done in many languages already, but ultimately it just seems a simpler system to me
[Mon Aug 26 13:16:17 2013] <Saizan> maybe lacking the language barrier can be mind bending at first, but honestly that's how macro systems are done in many languages already, but ultimately it just seems a simpler system to me
[Mon Aug 26 13:16:47 2013] <Saizan> anyhow i wouldn't take ltac away from anyone :)
[Mon Aug 26 13:16:47 2013] <Saizan> anyhow i wouldn't take ltac away from anyone :)
[Mon Aug 26 13:18:17 2013] <ColonelJ> ianjneu: my friend says you can do dependent matching using the "match in return with" syntax.  Any comments?
[Mon Aug 26 13:18:18 2013] <ColonelJ> ianjneu: my friend says you can do dependent matching using the "match in return with" syntax.  Any comments?
[Mon Aug 26 13:19:04 2013] <ianjneu> ColonelJ: That is exactly right (see previous comment about the convoy pattern). It's just really cumbersome and requires repeating binders.
[Mon Aug 26 13:19:04 2013] <ianjneu> ColonelJ: That is exactly right (see previous comment about the convoy pattern). It's just really cumbersome and requires repeating binders.
[Mon Aug 26 13:20:12 2013] <ColonelJ> He seemed to be implying that the convoy pattern is overkill but it might just be he doesn't know what it is (I still don't).
[Mon Aug 26 13:20:12 2013] <ColonelJ> He seemed to be implying that the convoy pattern is overkill but it might just be he doesn't know what it is (I still don't).
[Mon Aug 26 13:20:29 2013] <Saizan> yeah, i think there's code by roconnorfor zipping size-indexed vectors together which shows how ugly it can be for even simple stuff
[Mon Aug 26 13:20:29 2013] <Saizan> yeah, i think there's code by roconnorfor zipping size-indexed vectors together which shows how ugly it can be for even simple stuff
[Mon Aug 26 13:20:31 2013] <ColonelJ> Anyway I'll have to come back to this another day, there's no time left
[Mon Aug 26 13:20:31 2013] <ColonelJ> Anyway I'll have to come back to this another day, there's no time left
[Mon Aug 26 14:02:49 2013] <Necrosporus> I have OCaml GTK (lablgtk-2.14.2), but CoqIde is not compiled anyway. Include files present.
[Mon Aug 26 14:02:49 2013] <Necrosporus> I have OCaml GTK (lablgtk-2.14.2), but CoqIde is not compiled anyway. Include files present.
[Mon Aug 26 15:21:34 2013] <gereedy> ColonelJ: still looking for an indexed list zip>
[Mon Aug 26 15:21:34 2013] <gereedy> ColonelJ: still looking for an indexed list zip>
[Mon Aug 26 15:24:06 2013] <gereedy> here's one for ilist from CPDT: https://gist.github.com/anonymous/6345513
[Mon Aug 26 15:24:06 2013] <gereedy> here's one for ilist from CPDT: https://gist.github.com/anonymous/6345513
[Mon Aug 26 15:53:23 2013] <gereedy> or the generalized version of map2: https://gist.github.com/anonymous/6345872
[Mon Aug 26 15:53:23 2013] <gereedy> or the generalized version of map2: https://gist.github.com/anonymous/6345872
[Mon Aug 26 15:55:18 2013] <gereedy> the trick is to delay binding the length of the second list until after matching on the first list so that the type is refined
[Mon Aug 26 15:55:18 2013] <gereedy> the trick is to delay binding the length of the second list until after matching on the first list so that the type is refined
[Mon Aug 26 16:13:21 2013] <karlicoss> Hi guys. I started learning Coq yesterday, I am trying to prove some propositional logic stuff and I'm stuck about what tactic I should use next: http://lpaste.net/92199
[Mon Aug 26 16:13:21 2013] <karlicoss> Hi guys. I started learning Coq yesterday, I am trying to prove some propositional logic stuff and I'm stuck about what tactic I should use next: http://lpaste.net/92199
[Mon Aug 26 16:14:50 2013] <karlicoss> I guess I should use the fact that bool has decidable equality and then do some proof by cases, but I just fail :(
[Mon Aug 26 16:14:50 2013] <karlicoss> I guess I should use the fact that bool has decidable equality and then do some proof by cases, but I just fail :(
[Mon Aug 26 16:30:24 2013] <fisi_> karlicoss: not really. if you look at the second rule of the "eval" fixpoint, you'll notice it matches the pab hypothesis in your context.
[Mon Aug 26 16:30:24 2013] <fisi_> karlicoss: not really. if you look at the second rule of the "eval" fixpoint, you'll notice it matches the pab hypothesis in your context.
[Mon Aug 26 16:31:15 2013] <fisi_> now, this means that pab really says something about implb. Try to see what kind of lemmas you have about implb.
[Mon Aug 26 16:31:15 2013] <fisi_> now, this means that pab really says something about implb. Try to see what kind of lemmas you have about implb.
[Mon Aug 26 16:33:01 2013] <Necrosporus> Coq < Eval compute in (factorial 10).
[Mon Aug 26 16:33:02 2013] <Necrosporus> Coq < Eval compute in (factorial 10).
[Mon Aug 26 16:33:02 2013] <Necrosporus> rlwrap: warning: coqtop killed by SIGSEGV.
[Mon Aug 26 16:33:02 2013] <Necrosporus> rlwrap: warning: coqtop killed by SIGSEGV.
[Mon Aug 26 16:33:09 2013] <Necrosporus> Am I doing something wrong?
[Mon Aug 26 16:33:09 2013] <Necrosporus> Am I doing something wrong?
[Mon Aug 26 16:33:29 2013] <Necrosporus> I'm trying to play with factorial recursive definition
[Mon Aug 26 16:33:29 2013] <Necrosporus> I'm trying to play with factorial recursive definition
[Mon Aug 26 18:17:17 2013] <ColonelJ> gereedy: thanks a lot!  Your 'trick' didn't work out for me though (maybe I didn't do it correctly?) but I did find something with did https://gist.github.com/ColonelJ/6347203.  However my working solution does have the unwanted side effect of making the length an explicit argument.  Anyway it looks pretty simple after all and I don't see any of those repeated binder problems or any such thing.
[Mon Aug 26 18:17:17 2013] <ColonelJ> gereedy: thanks a lot!  Your 'trick' didn't work out for me though (maybe I didn't do it correctly?) but I did find something with did https://gist.github.com/ColonelJ/6347203.  However my working solution does have the unwanted side effect of making the length an explicit argument.  Anyway it looks pretty simple after all and I don't see any of those repeated binder problems or any such thing.
[Mon Aug 26 18:22:52 2013] <ianjneu> ColonelJ: You program like a Schemer
[Mon Aug 26 18:22:52 2013] <ianjneu> ColonelJ: You program like a Schemer
[Mon Aug 26 18:23:13 2013] <ColonelJ> :(
[Mon Aug 26 18:23:13 2013] <ColonelJ> :(
[Mon Aug 26 18:23:28 2013] <ianjneu> Not meant to be a bad thing!
[Mon Aug 26 18:23:28 2013] <ianjneu> Not meant to be a bad thing!
[Mon Aug 26 18:23:47 2013] <ianjneu> I just meant that you seem to prefer projections to pattern matching.
[Mon Aug 26 18:23:47 2013] <ianjneu> I just meant that you seem to prefer projections to pattern matching.
[Mon Aug 26 18:24:03 2013] <ColonelJ> I did that because I couldn't get pattern matching to work
[Mon Aug 26 18:24:03 2013] <ColonelJ> I did that because I couldn't get pattern matching to work
[Mon Aug 26 18:24:33 2013] <ianjneu> weird.
[Mon Aug 26 18:24:33 2013] <ianjneu> weird.
[Mon Aug 26 18:24:49 2013] <ColonelJ> I can maybe get it to work now but I think the code would end up being longer for that function at least
[Mon Aug 26 18:24:49 2013] <ColonelJ> I can maybe get it to work now but I think the code would end up being longer for that function at least
[Mon Aug 26 18:25:17 2013] <ColonelJ> 'fun' doesn't seem to accept patterns
[Mon Aug 26 18:25:17 2013] <ColonelJ> 'fun' doesn't seem to accept patterns
[Mon Aug 26 18:25:27 2013] <ianjneu> well I must head home.
[Mon Aug 26 18:25:28 2013] <ianjneu> well I must head home.
[Mon Aug 26 18:25:33 2013] <ColonelJ> if it did that would be the obvious way to do it
[Mon Aug 26 18:25:34 2013] <ColonelJ> if it did that would be the obvious way to do it
[Mon Aug 26 18:29:56 2013] <ColonelJ> heh, I managed to make n explicit by putting {} round it
[Mon Aug 26 18:29:56 2013] <ColonelJ> heh, I managed to make n explicit by putting {} round it
[Mon Aug 26 18:30:09 2013] <ColonelJ> s/explicit/implicit/
[Mon Aug 26 18:30:09 2013] <ColonelJ> s/explicit/implicit/
[Mon Aug 26 18:30:53 2013] <ColonelJ> what does 'maximally inserted' mean here though
[Mon Aug 26 18:30:53 2013] <ColonelJ> what does 'maximally inserted' mean here though
[Mon Aug 26 18:31:51 2013] <gereedy> ColonelJ: I didn't have any problem to make the match on the first bvec
[Mon Aug 26 18:31:51 2013] <gereedy> ColonelJ: I didn't have any problem to make the match on the first bvec
[Mon Aug 26 18:32:29 2013] <ColonelJ> I got a weird error where it invented an n0 and n1 that it couldn't unify
[Mon Aug 26 18:32:29 2013] <ColonelJ> I got a weird error where it invented an n0 and n1 that it couldn't unify
[Mon Aug 26 18:32:41 2013] <ColonelJ> I might have made a mistake though, I can have another go
[Mon Aug 26 18:32:41 2013] <ColonelJ> I might have made a mistake though, I can have another go
[Mon Aug 26 18:35:32 2013] <ColonelJ> yea I got it to work this time
[Mon Aug 26 18:35:32 2013] <ColonelJ> yea I got it to work this time
[Mon Aug 26 18:35:39 2013] <gereedy> if you use a match to destruct the second bvec that will happen
[Mon Aug 26 18:35:39 2013] <gereedy> if you use a match to destruct the second bvec that will happen
[Mon Aug 26 18:35:51 2013] <ColonelJ> Yea that's what happened last time I used let
[Mon Aug 26 18:35:51 2013] <ColonelJ> Yea that's what happened last time I used let
[Mon Aug 26 18:36:17 2013] <ColonelJ> but why does it accept this function which has let in its definition and not let directly?
[Mon Aug 26 18:36:17 2013] <ColonelJ> but why does it accept this function which has let in its definition and not let directly?
[Mon Aug 26 18:37:11 2013] <ColonelJ> Though "Print bvec_l." looks pretty funky so there's probably a lot of stuff going on behind the scenes there...
[Mon Aug 26 18:37:11 2013] <ColonelJ> Though "Print bvec_l." looks pretty funky so there's probably a lot of stuff going on behind the scenes there...
[Mon Aug 26 18:39:10 2013] <gereedy> I don't fully understand the specifics myself
[Mon Aug 26 18:39:10 2013] <gereedy> I don't fully understand the specifics myself
[Mon Aug 26 18:40:23 2013] <ColonelJ> Gist is updated with my new definition
[Mon Aug 26 18:40:23 2013] <ColonelJ> Gist is updated with my new definition
[Mon Aug 26 18:40:46 2013] <gereedy> yes, that is what mine looked like as well
[Mon Aug 26 18:40:46 2013] <gereedy> yes, that is what mine looked like as well
[Mon Aug 26 18:40:54 2013] <ColonelJ> indeed
[Mon Aug 26 18:40:54 2013] <ColonelJ> indeed
[Mon Aug 26 18:41:30 2013] <ColonelJ> ok finally I can continue transcribing my proof that I did with good old pen 'n' paper
[Mon Aug 26 18:41:30 2013] <ColonelJ> ok finally I can continue transcribing my proof that I did with good old pen 'n' paper
[Mon Aug 26 18:42:06 2013] <ColonelJ> where arguments like 'it's obvious' are perfectly valid
[Mon Aug 26 18:42:06 2013] <ColonelJ> where arguments like 'it's obvious' are perfectly valid
[Mon Aug 26 18:42:21 2013] <ezyang> 'crush'
[Mon Aug 26 18:42:21 2013] <ezyang> 'crush'
[Mon Aug 26 18:43:14 2013] <ColonelJ> for some reason the author said not to use crush in your own work and to write something more applicable to your own problems
[Mon Aug 26 18:43:14 2013] <ColonelJ> for some reason the author said not to use crush in your own work and to write something more applicable to your own problems
[Mon Aug 26 18:43:41 2013] <ezyang> Well, it's true
[Mon Aug 26 18:43:41 2013] <ezyang> Well, it's true
[Mon Aug 26 18:43:57 2013] <ezyang> But CPDT's version is a good starting point, often
[Mon Aug 26 18:43:57 2013] <ezyang> But CPDT's version is a good starting point, often
[Mon Aug 26 18:44:49 2013] <ColonelJ> the thing is, if you've already done a proof by hand, why would you bother trying to get a computer to do parts of it automatically that you've already figured out all the steps for
[Mon Aug 26 18:44:49 2013] <ColonelJ> the thing is, if you've already done a proof by hand, why would you bother trying to get a computer to do parts of it automatically that you've already figured out all the steps for
[Mon Aug 26 18:45:12 2013] <ezyang> but if you wrote "it's trivial", you really didn't, did you?
[Mon Aug 26 18:45:12 2013] <ezyang> but if you wrote "it's trivial", you really didn't, did you?
[Mon Aug 26 18:46:12 2013] <ColonelJ> I never actually wrote it at all, but it was implicit in the definition of zip that it was obvious that the only two valid cases were Leaf & Leaf or Node & Node, and you could see this directly from the fact that n was equal for both and the way bvec was constructed
[Mon Aug 26 18:46:12 2013] <ColonelJ> I never actually wrote it at all, but it was implicit in the definition of zip that it was obvious that the only two valid cases were Leaf & Leaf or Node & Node, and you could see this directly from the fact that n was equal for both and the way bvec was constructed
[Mon Aug 26 19:20:37 2013] <ColonelJ> I guess it's nice though to see things which you overlooked or didn't think worth proving
[Mon Aug 26 19:20:37 2013] <ColonelJ> I guess it's nice though to see things which you overlooked or didn't think worth proving
[Mon Aug 26 19:21:04 2013] <ColonelJ> or just plain omitted out of laziness
[Mon Aug 26 19:21:04 2013] <ColonelJ> or just plain omitted out of laziness
[Mon Aug 26 19:22:35 2013] <jgross_> ColonelJ: Because maybe next time you'll need to do a similar proof, but maybe not realize it, and maybe you can save yourself a lot of effort by throwing the tactic at it.  Or maybe you'll decide to refactor your code, and then you'll happily discover that your general tactic works just fine (while your hand-proof wouldn't).  Or maybe you want to only look at the main ideaas of a proof, and have a brute-force tactic that hides away the
[Mon Aug 26 19:22:35 2013] <jgross_> unimportant details. 
[Mon Aug 26 19:22:36 2013] <jgross_> ColonelJ: Because maybe next time you'll need to do a similar proof, but maybe not realize it, and maybe you can save yourself a lot of effort by throwing the tactic at it.  Or maybe you'll decide to refactor your code, and then you'll happily discover that your general tactic works just fine (while your hand-proof wouldn't).  Or maybe you want to only look at the main ideaas of a proof, and have a brute-force tactic that hides away the
[Mon Aug 26 19:22:36 2013] <jgross_> unimportant details.
[Mon Aug 26 19:25:17 2013] <ColonelJ> very good points, but therein lies the extra challenge of writing the tactics themselves
[Mon Aug 26 19:25:17 2013] <ColonelJ> very good points, but therein lies the extra challenge of writing the tactics themselves
[Mon Aug 26 19:25:54 2013] <ColonelJ> I expect you'd have it be applicable to other problems by design rather than by accident however...
[Mon Aug 26 19:25:55 2013] <ColonelJ> I expect you'd have it be applicable to other problems by design rather than by accident however...
[Mon Aug 26 19:26:25 2013] <ColonelJ> you seems to be falling into the whole re-use ideology
[Mon Aug 26 19:26:25 2013] <ColonelJ> you seems to be falling into the whole re-use ideology
[Mon Aug 26 19:27:29 2013] <ColonelJ> except on that last point of course, that seems like a pretty good reason to use powerful tactics
[Mon Aug 26 19:27:29 2013] <ColonelJ> except on that last point of course, that seems like a pretty good reason to use powerful tactics
[Mon Aug 26 19:27:48 2013] <ColonelJ> That's I think what CPDT is trying to prove
[Mon Aug 26 19:27:48 2013] <ColonelJ> That's I think what CPDT is trying to prove
[Mon Aug 26 19:28:49 2013] <ColonelJ> though it doesn't seem clear to me how you could follow a proof by hand when it is done using such tactics, you'd have to be stepping it through in CoqIde or something surely?
[Mon Aug 26 19:28:49 2013] <ColonelJ> though it doesn't seem clear to me how you could follow a proof by hand when it is done using such tactics, you'd have to be stepping it through in CoqIde or something surely?
[Mon Aug 26 19:33:01 2013] <ColonelJ> If you have a proof that there exists an identity element for a function on some domain is it possible to extract any one of these values from the domain?
[Mon Aug 26 19:33:01 2013] <ColonelJ> If you have a proof that there exists an identity element for a function on some domain is it possible to extract any one of these values from the domain?
[Mon Aug 26 19:38:05 2013] <jgross_> The idea behind CPDT is that machine checked proofs are not to be followed by hand.  Rather than proving a theorem by a long chain of reasoning, instead factor it into many small lemmas, so that all of the instresting insights of a proof are instead made explicit in lemma statements or definitions.  (e.g., if it's tricky to show that two sets are isomorphic, maybe first you define the tricky isomorphism, and then you state your theorem as "that
[Mon Aug 26 19:38:05 2013] <jgross_> function is an iso", rather than bundle them up in the proof).	What I look for in an automated proof are, roughly, just "what lemmas does it use?".  I think that most tactic reasoning beyond "apply/rewrite this lemma, possibly with creative inference of arguments so you don't spend too much time finding dead ends" is a failure in coming up with sublemmas.	Exceptions might be things like omega, i.e., total (or, I suppose, partial) solvers for
[Mon Aug 26 19:38:05 2013] <jgross_> goals of a certain shape, according to a specified algorithm.  Ideally, IMO, your proof script should be a big [repeat match goal with ... end], where the ordering should only matter for speed. 
[Mon Aug 26 19:38:06 2013] <jgross_> The idea behind CPDT is that machine checked proofs are not to be followed by hand.  Rather than proving a theorem by a long chain of reasoning, instead factor it into many small lemmas, so that all of the instresting insights of a proof are instead made explicit in lemma statements or definitions.  (e.g., if it's tricky to show that two sets are isomorphic, maybe first you define the tricky isomorphism, and then you state your theorem as "that
[Mon Aug 26 19:38:06 2013] <jgross_> function is an iso", rather than bundle them up in the proof).	What I look for in an automated proof are, roughly, just "what lemmas does it use?".  I think that most tactic reasoning beyond "apply/rewrite this lemma, possibly with creative inference of arguments so you don't spend too much time finding dead ends" is a failure in coming up with sublemmas.	Exceptions might be things like omega, i.e., total (or, I suppose, partial) solvers for
[Mon Aug 26 19:38:06 2013] <jgross_> goals of a certain shape, according to a specified algorithm.  Ideally, IMO, your proof script should be a big [repeat match goal with ... end], where the ordering should only matter for speed.
[Mon Aug 26 19:42:26 2013] <ColonelJ> I guess that makes sense then, but I think the lemmas you'd define would be the same in either case, but in one case you explicitly write the order they are used and in the other case you just say "use these and a proof will come out somehow or other"
[Mon Aug 26 19:42:26 2013] <ColonelJ> I guess that makes sense then, but I think the lemmas you'd define would be the same in either case, but in one case you explicitly write the order they are used and in the other case you just say "use these and a proof will come out somehow or other"
[Mon Aug 26 19:43:15 2013] <ColonelJ> the benefit of machine checking of course being that no one has to check anything in either case
[Mon Aug 26 19:43:15 2013] <ColonelJ> the benefit of machine checking of course being that no one has to check anything in either case
[Mon Aug 26 19:44:36 2013] <ColonelJ> the problem I see here is that you can't really know which lemmas you need until you actually try to do the proof by hand.  You come across something that looks like it should be obvious, then write a lemma for it so you can do it in one step of the proof.
[Mon Aug 26 19:44:36 2013] <ColonelJ> the problem I see here is that you can't really know which lemmas you need until you actually try to do the proof by hand.  You come across something that looks like it should be obvious, then write a lemma for it so you can do it in one step of the proof.
[Mon Aug 26 19:45:06 2013] <ezyang> My experience is that you come up with lemmas as you go proving
[Mon Aug 26 19:45:06 2013] <ezyang> My experience is that you come up with lemmas as you go proving
[Mon Aug 26 19:45:14 2013] <jgross_> Right.	And I'm arguing that most people aren't terribly interested in the order, and maybe the order will change if you refactor the code, so automate away the order, because computers are good at brute force. 
[Mon Aug 26 19:45:14 2013] <jgross_> Right.	And I'm arguing that most people aren't terribly interested in the order, and maybe the order will change if you refactor the code, so automate away the order, because computers are good at brute force.
[Mon Aug 26 19:45:15 2013] <ezyang> But isn't that true for pencil and paper too?
[Mon Aug 26 19:45:15 2013] <ezyang> But isn't that true for pencil and paper too?
[Mon Aug 26 19:45:28 2013] <ColonelJ> Exactly. As part of this process you already know the order in which the lemmas are applied, so again why not just provide this information as part of your proof
[Mon Aug 26 19:45:28 2013] <ColonelJ> Exactly. As part of this process you already know the order in which the lemmas are applied, so again why not just provide this information as part of your proof
[Mon Aug 26 19:46:05 2013] <ColonelJ> I suppose if the order changing is something that is likely to happen it makes sense then
[Mon Aug 26 19:46:05 2013] <ColonelJ> I suppose if the order changing is something that is likely to happen it makes sense then
[Mon Aug 26 19:47:03 2013] <jgross_> As for which lemmas you need, I'd say you can start with a big [repeat match goal with ... end] with all the lemmas you guess you'll need (maybe from previous similar proofs), and see where that gets you.  If it doesn't solve it, then you come up with another lemma, and add that to the brute force tactic. 
[Mon Aug 26 19:47:03 2013] <jgross_> As for which lemmas you need, I'd say you can start with a big [repeat match goal with ... end] with all the lemmas you guess you'll need (maybe from previous similar proofs), and see where that gets you.  If it doesn't solve it, then you come up with another lemma, and add that to the brute force tactic.
[Mon Aug 26 19:48:36 2013] <ColonelJ> I think I agree with you now, you're better off having something where the machine can do the proof by itself.
[Mon Aug 26 19:48:36 2013] <ColonelJ> I think I agree with you now, you're better off having something where the machine can do the proof by itself.
[Mon Aug 26 19:51:12 2013] <ColonelJ> Would I be right in saying you want you lemmas to be as generic as possible to enable the machine to do more proofs?
[Mon Aug 26 19:51:12 2013] <ColonelJ> Would I be right in saying you want you lemmas to be as generic as possible to enable the machine to do more proofs?
[Mon Aug 26 20:44:44 2013] <ColonelJ> Axiom mult_id_exists : { mult_id : dom | forall x, mult x mult_id = x }.
[Mon Aug 26 20:44:44 2013] <ColonelJ> Axiom mult_id_exists : { mult_id : dom | forall x, mult x mult_id = x }.
[Mon Aug 26 20:44:58 2013] <ColonelJ> Then I can use proj1_sig to get the actual element?
[Mon Aug 26 20:44:58 2013] <ColonelJ> Then I can use proj1_sig to get the actual element?
[Mon Aug 26 20:46:20 2013] <ianjneu> No.
[Mon Aug 26 20:46:20 2013] <ianjneu> No.
[Mon Aug 26 20:46:30 2013] <ianjneu> Axioms are not computational
[Mon Aug 26 20:46:30 2013] <ianjneu> Axioms are not computational
[Mon Aug 26 20:47:14 2013] <ianjneu> If they were, I could claim there is a proof of property X, and just project a proof out of nothing.
[Mon Aug 26 20:47:14 2013] <ianjneu> If they were, I could claim there is a proof of property X, and just project a proof out of nothing.
[Mon Aug 26 20:47:49 2013] <ColonelJ> I'm doing this in a section
[Mon Aug 26 20:47:49 2013] <ColonelJ> I'm doing this in a section
[Mon Aug 26 20:47:53 2013] <ColonelJ> so I can give the proof later
[Mon Aug 26 20:47:53 2013] <ColonelJ> so I can give the proof later
[Mon Aug 26 20:48:04 2013] <ColonelJ> Unless you mean something else?
[Mon Aug 26 20:48:04 2013] <ColonelJ> Unless you mean something else?
[Mon Aug 26 20:48:40 2013] <ColonelJ> The domain here is a parameter so I can't know what the identity is, I want to pass it in with a proof that it's valid
[Mon Aug 26 20:48:40 2013] <ColonelJ> The domain here is a parameter so I can't know what the identity is, I want to pass it in with a proof that it's valid
[Mon Aug 26 20:48:57 2013] <ColonelJ> which seems to be what this dependent product thing allows you to do
[Mon Aug 26 20:48:57 2013] <ColonelJ> which seems to be what this dependent product thing allows you to do
[Mon Aug 26 20:49:26 2013] <ianjneu> Then sure, there shouldn't be a problem with that, unless Coq has some weird safeguards in it
[Mon Aug 26 20:49:27 2013] <ianjneu> Then sure, there shouldn't be a problem with that, unless Coq has some weird safeguards in it
[Mon Aug 26 20:49:30 2013] <ColonelJ> I'm hoping that you can use the proof to do computations on it without knowing what it is
[Mon Aug 26 20:49:30 2013] <ColonelJ> I'm hoping that you can use the proof to do computations on it without knowing what it is
[Mon Aug 26 20:49:44 2013] <ianjneu> You can't within the section.
[Mon Aug 26 20:49:44 2013] <ianjneu> You can't within the section.
[Mon Aug 26 20:50:00 2013] <ColonelJ> the functions are parameterized as well
[Mon Aug 26 20:50:00 2013] <ColonelJ> the functions are parameterized as well
[Mon Aug 26 20:50:15 2013] <ColonelJ> bleh I didn't mean computations I meant proofs
[Mon Aug 26 20:50:15 2013] <ColonelJ> bleh I didn't mean computations I meant proofs
[Mon Aug 26 20:50:30 2013] <ColonelJ> in this case I want to prove that two computations will give the same result
[Mon Aug 26 20:50:30 2013] <ColonelJ> in this case I want to prove that two computations will give the same result
[Mon Aug 26 20:52:42 2013] <ColonelJ> yea I've sort of half convinced myself that this will work somehow but I really need to go to bed so the rest of the exercise can be left till another day
[Mon Aug 26 20:52:42 2013] <ColonelJ> yea I've sort of half convinced myself that this will work somehow but I really need to go to bed so the rest of the exercise can be left till another day
[Mon Aug 26 20:53:03 2013] <ColonelJ> thanks all!
[Mon Aug 26 20:53:03 2013] <ColonelJ> thanks all!
[Mon Aug 26 21:18:46 2013] <clj_newb_2345> minimal failure example: https://gist.github.com/anonymous/adf7d4c7edfd0f999741 <-- how do I figure out how to get notation " [1, 2] " -- "1 :: 2 :: nil" works, but "[1, 2]" does not work
[Mon Aug 26 21:18:46 2013] <clj_newb_2345> minimal failure example: https://gist.github.com/anonymous/adf7d4c7edfd0f999741 <-- how do I figure out how to get notation " [1, 2] " -- "1 :: 2 :: nil" works, but "[1, 2]" does not work
[Mon Aug 26 21:28:59 2013] <ianjneu> clj_newb_2345: github isn't responding :/
[Mon Aug 26 21:30:59 2013] <clj_newb_2345> Require Import ZArith. Require Import List.   Local Open Scope list_scope.       Locate " [ ] ". Eval compute in 1::2::nil. Eval compute in [1; 2].
[Mon Aug 26 21:33:40 2013] <clj_newb_2345> https://gist.github.com/anonymous/6348730
[Mon Aug 26 21:33:49 2013] <clj_newb_2345> I think part of the problem is that my original gist was a secret gist
[Tue Aug 27 03:26:51 2013] <karlicoss> fisi: thanks for the answer (for the question at 0:30)! I actually did the same thing in Agda and found out, that I had managed to prove that in Agda since it normalized the "eval v (impl a b) = true" expression, thus making it easy to prove, however, Coq hadn't, so after I had used "simpl.", I proved it.
[Tue Aug 27 03:26:51 2013] <karlicoss> fisi: thanks for the answer (for the question at 0:30)! I actually did the same thing in Agda and found out, that I had managed to prove that in Agda since it normalized the "eval v (impl a b) = true" expression, thus making it easy to prove, however, Coq hadn't, so after I had used "simpl.", I proved it.
[Tue Aug 27 03:30:00 2013] <karlicoss> What is annoying is such a thing: suppose I have a goal (2 + 2 = 4) -> Whatever. If I type "simpl., I get a goal "4 = 4 -> Whatever", as expected. However, suppose I typed "intro." first, thus getting the context {2 + 2 = 4} and the goad Whatever.
[Tue Aug 27 03:30:00 2013] <karlicoss> What is annoying is such a thing: suppose I have a goal (2 + 2 = 4) -> Whatever. If I type "simpl., I get a goal "4 = 4 -> Whatever", as expected. However, suppose I typed "intro." first, thus getting the context {2 + 2 = 4} and the goad Whatever.
[Tue Aug 27 03:30:22 2013] <karlicoss> How do I normalize the expression "2 + 2 = 4", when it is in the context?
[Tue Aug 27 03:30:22 2013] <karlicoss> How do I normalize the expression "2 + 2 = 4", when it is in the context?
[Tue Aug 27 03:30:46 2013] <fisi> if you have hyp : 2 + 2 = 4, you can do "simpl in hyp"
[Tue Aug 27 03:30:46 2013] <fisi> if you have hyp : 2 + 2 = 4, you can do "simpl in hyp"
[Tue Aug 27 03:31:01 2013] <fisi> and simpl in * simplifies everywhere in the goal & context
[Tue Aug 27 03:31:01 2013] <fisi> and simpl in * simplifies everywhere in the goal & context
[Tue Aug 27 03:32:28 2013] <karlicoss> ah, I suppose I skipped it somehow while reading the tactics reference. Thanks!
[Tue Aug 27 03:32:28 2013] <karlicoss> ah, I suppose I skipped it somehow while reading the tactics reference. Thanks!
[Tue Aug 27 03:33:15 2013] <fisi> no problem
[Tue Aug 27 03:33:15 2013] <fisi> no problem
[Tue Aug 27 03:50:53 2013] <karlicoss> And one more: suppose I have "ab : A -> B" and "a : A" in the context and the goal is Whatever. I want to add "b : B" to the context, I can deduce it by the application (ab a). The way I am doing it now is "cut B." and then proving the subgoal B by "apply ab." . Is there a way to modify the context directly, without splitting the goal?
[Tue Aug 27 03:50:53 2013] <karlicoss> And one more: suppose I have "ab : A -> B" and "a : A" in the context and the goal is Whatever. I want to add "b : B" to the context, I can deduce it by the application (ab a). The way I am doing it now is "cut B." and then proving the subgoal B by "apply ab." . Is there a way to modify the context directly, without splitting the goal?
[Tue Aug 27 03:53:29 2013] <rks`> apply ab in a. ?
[Tue Aug 27 03:53:29 2013] <rks`> apply ab in a. ?
[Tue Aug 27 03:54:00 2013] <fisi> or `specialize (ab a)', both should work
[Tue Aug 27 03:54:00 2013] <fisi> or `specialize (ab a)', both should work
[Tue Aug 27 03:54:58 2013] <karlicoss> oh, thanks. I was doing "apply a in ab." :)
[Tue Aug 27 03:54:58 2013] <karlicoss> oh, thanks. I was doing "apply a in ab." :)
[Tue Aug 27 11:52:04 2013] <Necrosporus> I can't compile CoqIde. LablGtk2 is installed, ./configure script tries to perform test:
[Tue Aug 27 11:52:04 2013] <Necrosporus> I can't compile CoqIde. LablGtk2 is installed, ./configure script tries to perform test:
[Tue Aug 27 11:52:11 2013] <Necrosporus> '[' '' = '' -a -f /usr/lib64/ocaml/lablgtk2/glib.mli -a -f /usr/lib64/ocaml/glib.mli ']'
[Tue Aug 27 11:52:11 2013] <Necrosporus> '[' '' = '' -a -f /usr/lib64/ocaml/lablgtk2/glib.mli -a -f /usr/lib64/ocaml/glib.mli ']'
[Tue Aug 27 11:52:37 2013] <Necrosporus> Test failed because I have /usr/lib64/ocaml/lablgtk2/glib.mli but do not have /usr/lib64/ocaml/glib.mli
[Tue Aug 27 11:52:37 2013] <Necrosporus> Test failed because I have /usr/lib64/ocaml/lablgtk2/glib.mli but do not have /usr/lib64/ocaml/glib.mli
[Tue Aug 27 11:55:29 2013] <Necrosporus> Relevant code from ./configure: 629:                if [ -f "$lablgtkdirtmp/glib.cmi" -a -f "$lablgtkdirtmp/glib.mli" ]; then
[Tue Aug 27 11:55:29 2013] <Necrosporus> Relevant code from ./configure: 629:                if [ -f "$lablgtkdirtmp/glib.cmi" -a -f "$lablgtkdirtmp/glib.mli" ]; then
[Tue Aug 27 11:55:31 2013] <Necrosporus> 630-                    lablgtkdirfoundmsg="LabelGtk2 found by ocamlfind"
[Tue Aug 27 11:55:31 2013] <Necrosporus> 630-                    lablgtkdirfoundmsg="LabelGtk2 found by ocamlfind"
[Tue Aug 27 11:56:18 2013] <Necrosporus> Oh, not this
[Tue Aug 27 11:56:18 2013] <Necrosporus> Oh, not this
[Tue Aug 27 11:57:47 2013] <Necrosporus> Anyway, I think the problem is in configure script, -a instead of -o
[Tue Aug 27 11:57:47 2013] <Necrosporus> Anyway, I think the problem is in configure script, -a instead of -o
[Tue Aug 27 12:00:29 2013] <Necrosporus> I have pointed configure script, now it accepts it
[Tue Aug 27 12:00:29 2013] <Necrosporus> I have pointed configure script, now it accepts it
[Tue Aug 27 15:21:03 2013] <karlicoss> Does anyone know what are holes in Agda? Is there some similar concept in Coq?
[Tue Aug 27 15:21:03 2013] <karlicoss> Does anyone know what are holes in Agda? Is there some similar concept in Coq?
[Tue Aug 27 15:23:15 2013] <fisi> holes are parts of program/proof that you still have to provide -- basically the equivalent of the goals of your proof (or program, if you're programming with tactics).
[Tue Aug 27 15:23:15 2013] <fisi> holes are parts of program/proof that you still have to provide -- basically the equivalent of the goals of your proof (or program, if you're programming with tactics).
[Tue Aug 27 15:24:28 2013] <fisi> so, it kind of depends on how you look at it: there's a lot of support, but not quite of the same variety. ;)
[Tue Aug 27 15:24:28 2013] <fisi> so, it kind of depends on how you look at it: there's a lot of support, but not quite of the same variety. ;)
[Tue Aug 27 15:26:36 2013] <karlicoss> Yeah, I know what they are, I used them in Agda. In Agda, I could put a question mark as a placeholder, then typecheck and then ask a hole, what type it wants to be filled with. Is there some similar tactic/proof technique?
[Tue Aug 27 15:26:36 2013] <karlicoss> Yeah, I know what they are, I used them in Agda. In Agda, I could put a question mark as a placeholder, then typecheck and then ask a hole, what type it wants to be filled with. Is there some similar tactic/proof technique?
[Tue Aug 27 15:28:16 2013] <fisi> that *kind of* corresponds to proving stuff/programming using only the "refine" tactic -- which you can do, but is not very convenient. Also, the Program package lets you write programs with holes (underscores), and leaves what it cannot infer as obligations.
[Tue Aug 27 15:28:16 2013] <fisi> that *kind of* corresponds to proving stuff/programming using only the "refine" tactic -- which you can do, but is not very convenient. Also, the Program package lets you write programs with holes (underscores), and leaves what it cannot infer as obligations.
[Tue Aug 27 15:29:28 2013] <tailcalled> Guess it's settled, then: https://twitter.com/raichoo/status/372439552775835648
[Tue Aug 27 15:29:28 2013] <tailcalled> Guess it's settled, then: https://twitter.com/raichoo/status/372439552775835648
[Tue Aug 27 15:29:38 2013] <tailcalled> :P
[Tue Aug 27 15:29:38 2013] <tailcalled> :P
[Tue Aug 27 15:31:33 2013] <karlicoss> Also I liked I could skip some part of proof in Agda by making a hole and returning to it later, however, I couldn't find a way to skip through a goal and return to it later. Is there some way?
[Tue Aug 27 15:31:33 2013] <karlicoss> Also I liked I could skip some part of proof in Agda by making a hole and returning to it later, however, I couldn't find a way to skip through a goal and return to it later. Is there some way?
[Tue Aug 27 15:35:05 2013] <fisi> `admit'?
[Tue Aug 27 15:35:05 2013] <fisi> `admit'?
[Tue Aug 27 15:36:25 2013] <karlicoss> fisi: yeah, that's it! thanks!
[Tue Aug 27 15:36:25 2013] <karlicoss> fisi: yeah, that's it! thanks!
[Tue Aug 27 19:19:34 2013] <Necrosporus> What's better to learn, ATS, Coq, Adga or any other similar language?
[Tue Aug 27 19:19:34 2013] <Necrosporus> What's better to learn, ATS, Coq, Adga or any other similar language?
[Tue Aug 27 19:23:13 2013] <ianjneu> Coq is the most mature for serious theorem proving
[Tue Aug 27 19:23:13 2013] <ianjneu> Coq is the most mature for serious theorem proving
[Tue Aug 27 19:23:34 2013] <ianjneu> ATS is so weak and difficult to use that even its authors have trouble using it.
[Tue Aug 27 19:23:35 2013] <ianjneu> ATS is so weak and difficult to use that even its authors have trouble using it.
[Tue Aug 27 19:23:48 2013] <ianjneu> Agda is cute for demos, but nothing really serious.
[Tue Aug 27 19:23:48 2013] <ianjneu> Agda is cute for demos, but nothing really serious.
[Tue Aug 27 19:25:23 2013] <elliott> * senses some bias :p
[Tue Aug 27 19:25:23 2013] <elliott> * senses some bias :p
[Tue Aug 27 19:25:46 2013] <Necrosporus> There's also Idris
[Tue Aug 27 19:25:46 2013] <Necrosporus> There's also Idris
[Tue Aug 27 19:26:04 2013] <Necrosporus> What other language support complete lambda cube?
[Tue Aug 27 19:26:04 2013] <Necrosporus> What other language support complete lambda cube?
[Tue Aug 27 19:26:14 2013] <Necrosporus> * es
[Tue Aug 27 19:26:14 2013] <Necrosporus> * es
[Tue Aug 27 19:26:27 2013] <ianjneu> Epigram perhaps, but I've never actually seen it.
[Tue Aug 27 19:26:27 2013] <ianjneu> Epigram perhaps, but I've never actually seen it.
[Wed Aug 28 09:19:01 2013] <karlicoss> Hi guys. I am stuck at proving by case analysis, here is the code http://lpaste.net/92239
[Wed Aug 28 09:19:01 2013] <karlicoss> Hi guys. I am stuck at proving by case analysis, here is the code http://lpaste.net/92239
[Wed Aug 28 09:19:33 2013] <karlicoss> what should I use instead of destruct? And how should I interpret this error?
[Wed Aug 28 09:19:33 2013] <karlicoss> what should I use instead of destruct? And how should I interpret this error?
[Wed Aug 28 09:24:08 2013] <karlicoss> (the same thing in Agda works just fine: http://lpaste.net/92240 )
[Wed Aug 28 09:24:08 2013] <karlicoss> (the same thing in Agda works just fine: http://lpaste.net/92240 )
[Wed Aug 28 09:39:11 2013] <fisi> the gist of it is that Coq's treatment of equality is different than Agda's, and in general the one in Coq does not admit Agda's pattern-matching rule (it assumes an additional axiom, equivalent to Streicher's K or Uniqueness of Identity Proofs).
[Wed Aug 28 09:39:11 2013] <fisi> the gist of it is that Coq's treatment of equality is different than Agda's, and in general the one in Coq does not admit Agda's pattern-matching rule (it assumes an additional axiom, equivalent to Streicher's K or Uniqueness of Identity Proofs).
[Wed Aug 28 09:40:55 2013] <fisi> I think the chapters on dependent types (More Dependent Types, Dependent Data Structures, Reasoning about Equality Proofs) of CPDT should be helpful in understanding how Coq treats this stuff
[Wed Aug 28 09:40:55 2013] <fisi> I think the chapters on dependent types (More Dependent Types, Dependent Data Structures, Reasoning about Equality Proofs) of CPDT should be helpful in understanding how Coq treats this stuff
[Wed Aug 28 09:41:12 2013] <fisi> (the book is available here: http://adam.chlipala.net/cpdt/)
[Wed Aug 28 09:41:12 2013] <fisi> (the book is available here: http://adam.chlipala.net/cpdt/)
[Wed Aug 28 10:05:10 2013] <Ptival> karlicoss: in Coq you need to use more advanced things
[Wed Aug 28 10:05:10 2013] <Ptival> karlicoss: in Coq you need to use more advanced things
[Wed Aug 28 10:05:19 2013] <Ptival> huh I still haven't written my blog post about this
[Wed Aug 28 10:05:19 2013] <Ptival> huh I still haven't written my blog post about this
[Wed Aug 28 10:18:36 2013] <rks`> Ptival: what are you waiting for :)
[Wed Aug 28 10:18:36 2013] <rks`> Ptival: what are you waiting for :)
[Wed Aug 28 10:37:16 2013] <karlicoss> thanks!
[Wed Aug 28 10:37:16 2013] <karlicoss> thanks!
[Wed Aug 28 10:44:13 2013] <Ptival> rks`: heh! :)
[Wed Aug 28 10:44:13 2013] <Ptival> rks`: heh! :)
[Wed Aug 28 11:02:31 2013] <Ptival> karlicoss: here is one way to do it http://paste.awesom.eu/Ptival/dG8
[Wed Aug 28 11:02:31 2013] <Ptival> karlicoss: here is one way to do it http://paste.awesom.eu/Ptival/dG8
[Wed Aug 28 11:13:12 2013] <karlicoss> Prival: thanks! I've managed to use dependent destruction actually
[Wed Aug 28 11:13:12 2013] <karlicoss> Prival: thanks! I've managed to use dependent destruction actually
[Wed Aug 28 11:14:00 2013] <fisi> karlicoss: wow, I don't think that's ever worked for me! (not that I've tried in the last couple years or so)
[Wed Aug 28 11:14:00 2013] <fisi> karlicoss: wow, I don't think that's ever worked for me! (not that I've tried in the last couple years or so)
[Wed Aug 28 11:18:16 2013] <karlicoss> fisi: it's said it is experimental for some reason
[Wed Aug 28 11:18:16 2013] <karlicoss> fisi: it's said it is experimental for some reason
[Wed Aug 28 11:18:43 2013] <fisi> yeah, I know. Still, good it's worked for you
[Wed Aug 28 11:18:43 2013] <fisi> yeah, I know. Still, good it's worked for you
[Wed Aug 28 11:20:07 2013] <karlicoss> don't you know why it's experimental? It could be unsound or what?
[Wed Aug 28 11:20:07 2013] <karlicoss> don't you know why it's experimental? It could be unsound or what?
[Wed Aug 28 11:20:26 2013] <Ptival> karlicoss: can you post me your code then?
[Wed Aug 28 11:20:26 2013] <Ptival> karlicoss: can you post me your code then?
[Wed Aug 28 11:20:32 2013] <Ptival> I never used dependent destruction
[Wed Aug 28 11:20:32 2013] <Ptival> I never used dependent destruction
[Wed Aug 28 11:22:13 2013] <fisi> I don't know why; probably not any kind of unsoundness, though.
[Wed Aug 28 11:22:13 2013] <fisi> I don't know why; probably not any kind of unsoundness, though.
[Wed Aug 28 11:23:15 2013] <karlicoss> Prival: sure http://lpaste.net/92246
[Wed Aug 28 11:23:15 2013] <karlicoss> Prival: sure http://lpaste.net/92246
[Wed Aug 28 11:23:45 2013] <Ptival> karlicoss: oh ok...
[Wed Aug 28 11:23:45 2013] <Ptival> karlicoss: oh ok...
[Wed Aug 28 11:23:50 2013] <Ptival> they must have fixed it in 8.4
[Wed Aug 28 11:23:50 2013] <Ptival> they must have fixed it in 8.4
[Wed Aug 28 11:23:54 2013] <Ptival> this does not work here :)
[Wed Aug 28 11:23:54 2013] <Ptival> this does not work here :)
[Wed Aug 28 11:24:04 2013] <karlicoss> and what was wrong with it?
[Wed Aug 28 11:24:04 2013] <karlicoss> and what was wrong with it?
[Wed Aug 28 11:24:22 2013] <karlicoss> I've got 8.3
[Wed Aug 28 11:24:22 2013] <karlicoss> I've got 8.3
[Wed Aug 28 11:24:23 2013] <Ptival> actually dependent destruction isn't syntactically valid
[Wed Aug 28 11:24:23 2013] <Ptival> actually dependent destruction isn't syntactically valid
[Wed Aug 28 11:24:35 2013] <Ptival> do I have to import something?
[Wed Aug 28 11:24:35 2013] <Ptival> do I have to import something?
[Wed Aug 28 11:24:45 2013] <Ptival> oh right
[Wed Aug 28 11:24:45 2013] <Ptival> oh right
[Wed Aug 28 11:24:55 2013] <karlicoss> Require Import Coq.Program.Equality. line 14
[Wed Aug 28 11:24:55 2013] <karlicoss> Require Import Coq.Program.Equality. line 14
[Wed Aug 28 11:25:00 2013] <Ptival> yes :)
[Wed Aug 28 11:25:00 2013] <Ptival> yes :)
[Wed Aug 28 11:25:04 2013] <Ptival> ok it works, nice
[Wed Aug 28 11:25:04 2013] <Ptival> ok it works, nice
[Wed Aug 28 11:25:23 2013] <fisi> oooh, does that mean it requires K?
[Wed Aug 28 11:25:23 2013] <fisi> oooh, does that mean it requires K?
[Wed Aug 28 11:27:23 2013] <karlicoss> maybe. As far as I remember, K is something from homotopy type theory, so I don't know what is it :(
[Wed Aug 28 11:27:23 2013] <karlicoss> maybe. As far as I remember, K is something from homotopy type theory, so I don't know what is it :(
[Wed Aug 28 11:27:58 2013] <Eruquen> Print Assumptions OnlyOne.
[Wed Aug 28 11:27:58 2013] <Eruquen> Print Assumptions OnlyOne.
[Wed Aug 28 11:27:59 2013] <Eruquen> Axioms: JMeq_eq : forall (A : Type) (x y : A), x ~= y -> x = y
[Wed Aug 28 11:27:59 2013] <Eruquen> Axioms: JMeq_eq : forall (A : Type) (x y : A), x ~= y -> x = y
[Wed Aug 28 11:28:25 2013] <fisi> yup, that would be that then
[Wed Aug 28 11:28:25 2013] <fisi> yup, that would be that then
[Wed Aug 28 11:31:54 2013] <fisi> (as far as I recall these things, at least)
[Wed Aug 28 11:31:54 2013] <fisi> (as far as I recall these things, at least)
[Wed Aug 28 13:37:50 2013] <robbert> karlicoss: dependent destruction is kind of a strange tactic. I may silently dependent on the JMeq_eq axiom (which is logically equivalent to K and uniqueness of identity proofs). These axioms are independent of the current type theory of Coq, but unsound in homotopy type theory.
[Wed Aug 28 13:37:50 2013] <robbert> karlicoss: dependent destruction is kind of a strange tactic. I may silently dependent on the JMeq_eq axiom (which is logically equivalent to K and uniqueness of identity proofs). These axioms are independent of the current type theory of Coq, but unsound in homotopy type theory.
[Wed Aug 28 13:38:02 2013] <robbert> *it may
[Wed Aug 28 13:38:02 2013] <robbert> *it may
[Wed Aug 28 13:40:03 2013] <robbert> many kinds of dependent pattern matching can be done without such axioms (by using approriate return clauses, or using eq_dep in case the indexes of the dependent type have decidable equality)
[Wed Aug 28 13:40:03 2013] <robbert> many kinds of dependent pattern matching can be done without such axioms (by using approriate return clauses, or using eq_dep in case the indexes of the dependent type have decidable equality)
[Wed Aug 28 13:41:45 2013] <karlicoss> robbert: thanks!
[Wed Aug 28 13:41:45 2013] <karlicoss> robbert: thanks!
[Wed Aug 28 13:46:46 2013] <robbert> karlicoss: your Agda code btw has another lemma, which is also trivially provable in Coq :)
[Wed Aug 28 13:46:46 2013] <robbert> karlicoss: your Agda code btw has another lemma, which is also trivially provable in Coq :)
[Wed Aug 28 13:48:03 2013] <karlicoss> robbert: which lemma do you mean?
[Wed Aug 28 13:48:03 2013] <karlicoss> robbert: which lemma do you mean?
[Wed Aug 28 13:48:09 2013] <robbert> onlyone : (x : Fin (S Z)) → x ≡ x
[Wed Aug 28 13:48:09 2013] <robbert> onlyone : (x : Fin (S Z)) → x ≡ x
[Wed Aug 28 13:48:20 2013] <Saizan> yeah, that one is just refl
[Wed Aug 28 13:48:20 2013] <Saizan> yeah, that one is just refl
[Wed Aug 28 13:48:38 2013] <Saizan> maybe you meant (x y : Fin (S Z) -> x ≡ y
[Wed Aug 28 13:48:38 2013] <Saizan> maybe you meant (x y : Fin (S Z) -> x ≡ y
[Wed Aug 28 13:49:02 2013] <Saizan> (with one more closing paren )
[Wed Aug 28 13:49:02 2013] <Saizan> (with one more closing paren )
[Wed Aug 28 13:49:03 2013] <karlicoss> oh crap. I mistyped :)
[Wed Aug 28 13:49:03 2013] <karlicoss> oh crap. I mistyped :)
[Wed Aug 28 13:49:24 2013] <karlicoss> I meant (x : Fin (S Z)) → x ≡ fzero 0
[Wed Aug 28 13:49:24 2013] <karlicoss> I meant (x : Fin (S Z)) → x ≡ fzero 0
[Wed Aug 28 13:52:39 2013] <karlicoss> well, it's still provable in two lines, just the second case is absurd now as expected
[Wed Aug 28 13:52:39 2013] <karlicoss> well, it's still provable in two lines, just the second case is absurd now as expected
[Wed Aug 28 13:55:11 2013] <robbert> karlicoss: another solution in Coq: http://lpaste.net/92253
[Wed Aug 28 13:55:11 2013] <robbert> karlicoss: another solution in Coq: http://lpaste.net/92253
[Wed Aug 28 13:55:30 2013] <robbert> this one may be more generic, and is axiom free of course :)
[Wed Aug 28 13:55:30 2013] <robbert> this one may be more generic, and is axiom free of course :)
[Wed Aug 28 14:40:14 2013] <karlicoss> Suppose I have "H : forall x : X, exists y : Y, P y" in the context. I want to throw off the "P y" part, that is, just make a function "f : X -> Y" from the H. How should I do that?
[Wed Aug 28 14:40:14 2013] <karlicoss> Suppose I have "H : forall x : X, exists y : Y, P y" in the context. I want to throw off the "P y" part, that is, just make a function "f : X -> Y" from the H. How should I do that?
[Wed Aug 28 14:40:22 2013] <karlicoss> It would look somethig like specialize (fun (x : X) => ??? H x) I guess, but what should I use instead of ???  ?
[Wed Aug 28 14:40:22 2013] <karlicoss> It would look somethig like specialize (fun (x : X) => ??? H x) I guess, but what should I use instead of ???  ?
[Wed Aug 28 14:44:44 2013] <robbert> karlicoss: that
[Wed Aug 28 14:44:44 2013] <robbert> karlicoss: that
[Wed Aug 28 14:44:51 2013] <robbert> that's axiom of choice, it's independent of CiC
[Wed Aug 28 14:44:51 2013] <robbert> that's axiom of choice, it's independent of CiC
[Wed Aug 28 14:45:17 2013] <robbert> unless Y is countable and P is decidable
[Wed Aug 28 14:45:17 2013] <robbert> unless Y is countable and P is decidable
[Wed Aug 28 14:45:32 2013] <karlicoss> ah, indeed
[Wed Aug 28 14:45:32 2013] <karlicoss> ah, indeed
[Wed Aug 28 14:46:07 2013] <robbert> if you would have forall x : X, { y : Y | P y } instead, you can do what you wish to do though
[Wed Aug 28 14:46:07 2013] <robbert> if you would have forall x : X, { y : Y | P y } instead, you can do what you wish to do though
[Wed Aug 28 14:46:21 2013] <robbert> then you can just use proj1_sig
[Wed Aug 28 14:46:21 2013] <robbert> then you can just use proj1_sig
[Wed Aug 28 15:01:46 2013] <karlicoss> however.. if I want to prove some general topology, I guess I'm gonna need axiom of choice anyway :)
[Wed Aug 28 15:01:46 2013] <karlicoss> however.. if I want to prove some general topology, I guess I'm gonna need axiom of choice anyway :)
[Wed Aug 28 15:06:11 2013] <ianjneu> karlicoss: you mean classical topology.
[Wed Aug 28 15:06:11 2013] <ianjneu> karlicoss: you mean classical topology.
[Wed Aug 28 15:07:55 2013] <karlicoss> ianjneu: I've heard about constructive, but never studied further. Would you recommend something to read about it?
[Wed Aug 28 15:07:55 2013] <karlicoss> ianjneu: I've heard about constructive, but never studied further. Would you recommend something to read about it?
[Wed Aug 28 15:20:32 2013] <ianjneu> karlicoss: synthetic topology is the earlier work, but I'm not sure it's entirely constructive. The best I know right now is homotopy type theory.
[Wed Aug 28 15:20:32 2013] <ianjneu> karlicoss: synthetic topology is the earlier work, but I'm not sure it's entirely constructive. The best I know right now is homotopy type theory.
[Wed Aug 28 17:21:19 2013] <ColonelJ> What are people's feelings on using the UTF8 encoded unicode symbols for forall etc. in source files
[Wed Aug 28 17:21:19 2013] <ColonelJ> What are people's feelings on using the UTF8 encoded unicode symbols for forall etc. in source files
[Wed Aug 28 17:24:03 2013] <ColonelJ> And in a similar vein, why is the handling of unicode characters so inconsistent and restrictive?
[Wed Aug 28 17:24:03 2013] <ColonelJ> And in a similar vein, why is the handling of unicode characters so inconsistent and restrictive?
[Wed Aug 28 17:25:39 2013] <ianjneu> ColonelJ: camlp5 has suuuuuuuuper weak macros. There doesn't seem to be a way to make a rename-transformer (to use Racket macro terms) to make ∀ always mean forall
[Wed Aug 28 17:25:39 2013] <ianjneu> ColonelJ: camlp5 has suuuuuuuuper weak macros. There doesn't seem to be a way to make a rename-transformer (to use Racket macro terms) to make ∀ always mean forall
[Wed Aug 28 17:26:03 2013] <ianjneu> and similarly for exists.
[Wed Aug 28 17:26:03 2013] <ianjneu> and similarly for exists.
[Wed Aug 28 17:26:36 2013] <rmk0> ocaml suffers with anything that came into existence later than about 1998
[Wed Aug 28 17:26:36 2013] <rmk0> ocaml suffers with anything that came into existence later than about 1998
[Wed Aug 28 17:26:41 2013] <rmk0> * dives for cover
[Wed Aug 28 17:26:41 2013] <rmk0> * dives for cover
[Wed Aug 28 17:26:48 2013] <ColonelJ> I guess the question is whether I should be bothering with it or not, or just stick with good old ASCII...
[Wed Aug 28 17:26:48 2013] <ColonelJ> I guess the question is whether I should be bothering with it or not, or just stick with good old ASCII...
[Wed Aug 28 17:31:56 2013] <ianjneu> ColonelJ: don't bother.
[Wed Aug 28 17:31:56 2013] <ianjneu> ColonelJ: don't bother.
[Wed Aug 28 17:32:42 2013] <ianjneu> You can use xsymbol in emacs and have forall get rendered as the unicode, and similarly for identifiers such as \cup and \to
[Wed Aug 28 17:32:42 2013] <ianjneu> You can use xsymbol in emacs and have forall get rendered as the unicode, and similarly for identifiers such as \cup and \to
[Wed Aug 28 17:33:10 2013] <ColonelJ> I'm using CoqIde unfortunately
[Wed Aug 28 17:33:10 2013] <ColonelJ> I'm using CoqIde unfortunately
[Wed Aug 28 17:33:33 2013] <ianjneu> That is quite unfortunate. Wonks and crashes abound.
[Wed Aug 28 17:33:33 2013] <ianjneu> That is quite unfortunate. Wonks and crashes abound.
[Wed Aug 28 17:33:50 2013] <ColonelJ> actually it seems pretty stable
[Wed Aug 28 17:33:50 2013] <ColonelJ> actually it seems pretty stable
[Wed Aug 28 17:33:59 2013] <ColonelJ> Even if coqtop crashes
[Wed Aug 28 17:33:59 2013] <ColonelJ> Even if coqtop crashes
[Wed Aug 28 17:34:11 2013] <ColonelJ> which is a lot more common
[Wed Aug 28 17:34:11 2013] <ColonelJ> which is a lot more common
[Wed Aug 28 17:35:29 2013] <ColonelJ> Anyway I'm gonna continue using the unicode until it bites me
[Wed Aug 28 17:35:29 2013] <ColonelJ> Anyway I'm gonna continue using the unicode until it bites me
[Wed Aug 28 17:36:17 2013] <ianjneu> ColonelJ: ∀ x (y : A)
[Wed Aug 28 17:36:17 2013] <ianjneu> ColonelJ: ∀ x (y : A)
[Wed Aug 28 17:36:35 2013] <ColonelJ> yup that showed up correctly in my ancient IRC client
[Wed Aug 28 17:36:35 2013] <ColonelJ> yup that showed up correctly in my ancient IRC client
[Wed Aug 28 17:37:41 2013] <ianjneu> unicode-forall x (y : A) doesn't work because the unicode macros only handle x:id ... and x:id ... : A, not any mixture.
[Wed Aug 28 17:37:41 2013] <ianjneu> unicode-forall x (y : A) doesn't work because the unicode macros only handle x:id ... and x:id ... : A, not any mixture.
[Wed Aug 28 17:38:15 2013] <ianjneu> because who ever thought non-terminals when parsing would be a good idea?
[Wed Aug 28 17:38:15 2013] <ianjneu> because who ever thought non-terminals when parsing would be a good idea?
[Wed Aug 28 17:44:17 2013] <ColonelJ> not sure I understand what you're getting at here, it worked fine for me
[Wed Aug 28 17:44:18 2013] <ColonelJ> not sure I understand what you're getting at here, it worked fine for me
[Wed Aug 28 17:46:23 2013] <ColonelJ> Axiom derp : ? A, ? x (y : A), x = y.
[Wed Aug 28 17:46:23 2013] <ColonelJ> Axiom derp : ? A, ? x (y : A), x = y.
[Wed Aug 28 17:46:46 2013] <ColonelJ> Axiom derp : ∀ A, ∀ x (y : A), x = y.
[Wed Aug 28 17:46:46 2013] <ColonelJ> Axiom derp : ∀ A, ∀ x (y : A), x = y.
[Wed Aug 28 17:46:58 2013] <ColonelJ> lol stupid client
[Wed Aug 28 17:46:59 2013] <ColonelJ> lol stupid client
[Wed Aug 28 17:47:41 2013] <ColonelJ> default setting is decode UTF8 but don't encode it
[Wed Aug 28 17:47:41 2013] <ColonelJ> default setting is decode UTF8 but don't encode it
[Wed Aug 28 17:59:42 2013] <ianjneu> ColonelJ: hmm, they must have fixed it since 8.3
[Wed Aug 28 17:59:42 2013] <ianjneu> ColonelJ: hmm, they must have fixed it since 8.3
[Wed Aug 28 19:03:50 2013] <ColonelJ> I don't really understand how to choose between the various assumption keywords
[Wed Aug 28 19:03:50 2013] <ColonelJ> I don't really understand how to choose between the various assumption keywords
[Wed Aug 28 19:04:17 2013] <ColonelJ> Knowing that they all do essentially the same thing doesn't help matters
[Wed Aug 28 19:04:17 2013] <ColonelJ> Knowing that they all do essentially the same thing doesn't help matters
[Wed Aug 28 19:04:41 2013] <ColonelJ> Parameter is the only one that seems obvious
[Wed Aug 28 19:04:41 2013] <ColonelJ> Parameter is the only one that seems obvious
[Wed Aug 28 19:05:21 2013] <ColonelJ> I don't even see what Conjecture even has any use for in a PROOF system
[Wed Aug 28 19:05:22 2013] <ColonelJ> I don't even see what Conjecture even has any use for in a PROOF system
[Wed Aug 28 19:07:39 2013] <rmk0> i think they were supposed to be used by tools that produced documentation, but i'm not sure anything ever did
[Wed Aug 28 19:07:39 2013] <rmk0> i think they were supposed to be used by tools that produced documentation, but i'm not sure anything ever did
[Wed Aug 28 19:07:51 2013] <rmk0> think the existing tools basically treat them all the same way
[Wed Aug 28 19:07:51 2013] <rmk0> think the existing tools basically treat them all the same way
[Wed Aug 28 19:08:19 2013] <ColonelJ> they do carry some semantic distinction even if the tools treat them the same
[Wed Aug 28 19:08:19 2013] <ColonelJ> they do carry some semantic distinction even if the tools treat them the same
[Wed Aug 28 19:08:30 2013] <ColonelJ> which makes it more of a style thing, hence why I asked
[Wed Aug 28 19:08:30 2013] <ColonelJ> which makes it more of a style thing, hence why I asked
[Wed Aug 28 19:10:22 2013] <ColonelJ> I nice keyword to have would be Assumption...
[Wed Aug 28 19:10:22 2013] <ColonelJ> I nice keyword to have would be Assumption...
[Wed Aug 28 19:11:50 2013] <ColonelJ> all I want to do is state some property a parameter already passed in, none of the keywords really seem right, gonna have to use axiom again
[Wed Aug 28 19:11:50 2013] <ColonelJ> all I want to do is state some property a parameter already passed in, none of the keywords really seem right, gonna have to use axiom again
[Wed Aug 28 19:12:28 2013] <ColonelJ> I suppose axioms do have to be assumed
[Wed Aug 28 19:12:28 2013] <ColonelJ> I suppose axioms do have to be assumed
[Wed Aug 28 19:29:40 2013] <ColonelJ> nice list here http://quizlet.com/363753/algebra-1-properties-and-axioms-flash-cards/
[Wed Aug 28 19:29:40 2013] <ColonelJ> nice list here http://quizlet.com/363753/algebra-1-properties-and-axioms-flash-cards/
[Wed Aug 28 19:31:55 2013] <ColonelJ> not sure I trust it though
[Wed Aug 28 19:31:55 2013] <ColonelJ> not sure I trust it though
[Wed Aug 28 21:10:54 2013] <ColonelJ> Don't suppose anyone can tell me how you can prove something with a certain dependent type arose from a certain constructor?
[Wed Aug 28 21:10:54 2013] <ColonelJ> Don't suppose anyone can tell me how you can prove something with a certain dependent type arose from a certain constructor?
[Wed Aug 28 21:11:33 2013] <ColonelJ> destruct tactic doesn't work because it tries to generalise the index which is the only useful piece of info
[Wed Aug 28 21:11:33 2013] <ColonelJ> destruct tactic doesn't work because it tries to generalise the index which is the only useful piece of info
[Thu Aug 29 04:43:48 2013] <karlicoss> ColonelJ: your question is similar to the one I asked yesterday, as I understand: http://lpaste.net/92239. Possible solutions are: http://paste.awesom.eu/Ptival/dG8 , http://lpaste.net/92246 , http://lpaste.net/92253
[Thu Aug 29 04:43:48 2013] <karlicoss> ColonelJ: your question is similar to the one I asked yesterday, as I understand: http://lpaste.net/92239. Possible solutions are: http://paste.awesom.eu/Ptival/dG8 , http://lpaste.net/92246 , http://lpaste.net/92253
[Thu Aug 29 05:24:50 2013] <Anarchos> where can i find information on the parsing of Notations ?
[Thu Aug 29 05:24:50 2013] <Anarchos> where can i find information on the parsing of Notations ?
[Thu Aug 29 06:34:49 2013] <karlicoss> Anarchos: what do you mean by parsing, the formal grammar for Norations? Or just a user reference?
[Thu Aug 29 06:34:49 2013] <karlicoss> Anarchos: what do you mean by parsing, the formal grammar for Norations? Or just a user reference?
[Thu Aug 29 06:35:21 2013] <karlicoss> I've seen user reference in the Coq manual, however, coq.inria.fr seems to be down at the moment.
[Thu Aug 29 06:35:21 2013] <karlicoss> I've seen user reference in the Coq manual, however, coq.inria.fr seems to be down at the moment.
[Thu Aug 29 06:35:23 2013] <Anarchos> i want to add similar features to my program that coq has with Notations
[Thu Aug 29 06:35:23 2013] <Anarchos> i want to add similar features to my program that coq has with Notations
[Thu Aug 29 06:35:41 2013] <Anarchos> i considered dypgen but not sure which way gives me the more flexibility
[Thu Aug 29 06:35:41 2013] <Anarchos> i considered dypgen but not sure which way gives me the more flexibility
[Thu Aug 29 07:20:50 2013] <Necrosporus> http://pastebin.com/ZYqNyt9d I got this code in Coq, it works. But can I make Coq generate all necessary code, including type conversion and printf call?
[Thu Aug 29 07:20:50 2013] <Necrosporus> http://pastebin.com/ZYqNyt9d I got this code in Coq, it works. But can I make Coq generate all necessary code, including type conversion and printf call?
[Thu Aug 29 07:27:48 2013] <Anarchos> no idea
[Thu Aug 29 07:27:48 2013] <Anarchos> no idea
[Thu Aug 29 07:34:38 2013] <Necrosporus> Can I implement Fibonacci's in one match like in other languages?
[Thu Aug 29 07:34:39 2013] <Necrosporus> Can I implement Fibonacci's in one match like in other languages?
[Thu Aug 29 08:06:58 2013] <karlicoss> Necrosporus: it was you who asked it on the conference.jabber.ru server, right? I get error messages while posing there for some reason.
[Thu Aug 29 08:06:58 2013] <karlicoss> Necrosporus: it was you who asked it on the conference.jabber.ru server, right? I get error messages while posing there for some reason.
[Thu Aug 29 08:07:22 2013] <karlicoss> Necrosporus: this seems to work: http://lpaste.net/92279
[Thu Aug 29 08:07:22 2013] <karlicoss> Necrosporus: this seems to work: http://lpaste.net/92279
[Thu Aug 29 08:07:35 2013] <karlicoss> ah
[Thu Aug 29 08:07:35 2013] <karlicoss> ah
[Thu Aug 29 08:07:39 2013] <karlicoss> sorry
[Thu Aug 29 08:07:39 2013] <karlicoss> sorry
[Thu Aug 29 08:07:41 2013] <karlicoss> mistyped
[Thu Aug 29 08:07:41 2013] <karlicoss> mistyped
[Thu Aug 29 08:08:04 2013] <karlicoss> yeah, that doesn't seem to work :)
[Thu Aug 29 08:08:04 2013] <karlicoss> yeah, that doesn't seem to work :)
[Thu Aug 29 08:08:56 2013] <karlicoss> also, you asked for Agda, yeah, in Agda that works http://lpaste.net/92278
[Thu Aug 29 08:08:56 2013] <karlicoss> also, you asked for Agda, yeah, in Agda that works http://lpaste.net/92278
[Thu Aug 29 08:10:33 2013] <karlicoss> I guess the reason is Agda developers have to implement a smart termination checker due to the lack of tactics
[Thu Aug 29 08:10:33 2013] <karlicoss> I guess the reason is Agda developers have to implement a smart termination checker due to the lack of tactics
[Thu Aug 29 08:27:06 2013] <Anarchos> karlicoss i will go with dypgen first as it is close to ocamlyacc syntax :)
[Thu Aug 29 08:27:06 2013] <Anarchos> karlicoss i will go with dypgen first as it is close to ocamlyacc syntax :)
[Thu Aug 29 10:37:37 2013] <robbert`> Necrosporus, karlicoss: http://lpaste.net/92282
[Thu Aug 29 10:37:37 2013] <robbert`> Necrosporus, karlicoss: http://lpaste.net/92282
[Thu Aug 29 10:38:27 2013] <robbert`> Notice that at the level of the underlaying CiC term, there are still two pattern matches.
[Thu Aug 29 10:38:27 2013] <robbert`> Notice that at the level of the underlaying CiC term, there are still two pattern matches.
[Thu Aug 29 10:40:09 2013] <robbert`> a reason that Coq's pattern matching and termination checker is more limited than Agda's, is because they try to keep foundations small (and thus the kernel), whereas Agda does not care too much about that.
[Thu Aug 29 10:40:09 2013] <robbert`> a reason that Coq's pattern matching and termination checker is more limited than Agda's, is because they try to keep foundations small (and thus the kernel), whereas Agda does not care too much about that.
[Thu Aug 29 10:43:10 2013] <ianjneu> They'll have to bite the bullet some time. Modular proof development is impossible currently.
[Thu Aug 29 10:43:10 2013] <ianjneu> They'll have to bite the bullet some time. Modular proof development is impossible currently.
[Thu Aug 29 10:44:06 2013] <ianjneu> You can fake it with typeclasses that just import absolutely everything, but your proof details might end up depending on implementation details inadvertently.
[Thu Aug 29 10:44:06 2013] <ianjneu> You can fake it with typeclasses that just import absolutely everything, but your proof details might end up depending on implementation details inadvertently.
[Thu Aug 29 10:45:49 2013] <Necrosporus> robbert`, why do you use n in last match?
[Thu Aug 29 10:45:49 2013] <Necrosporus> robbert`, why do you use n in last match?
[Thu Aug 29 10:46:33 2013] <robbert`> Necrosporus: what do you mean?
[Thu Aug 29 10:46:33 2013] <robbert`> Necrosporus: what do you mean?
[Thu Aug 29 10:52:54 2013] <Necrosporus> robbert`, match n with S (S n as n')
[Thu Aug 29 10:52:54 2013] <Necrosporus> robbert`, match n with S (S n as n')
[Thu Aug 29 10:53:15 2013] <Necrosporus> So n in this case has other meaning as in function definition
[Thu Aug 29 10:53:15 2013] <Necrosporus> So n in this case has other meaning as in function definition
[Thu Aug 29 10:53:35 2013] <Necrosporus> I guess, it's better to use S (S n'' as n')
[Thu Aug 29 10:53:35 2013] <Necrosporus> I guess, it's better to use S (S n'' as n')
[Thu Aug 29 10:54:03 2013] <Necrosporus> So n'' = n - 2 and n' as n - 1
[Thu Aug 29 10:54:03 2013] <Necrosporus> So n'' = n - 2 and n' as n - 1
[Thu Aug 29 10:54:19 2013] <Necrosporus> instead of n as n - 2 and n' as n - 1
[Thu Aug 29 10:54:19 2013] <Necrosporus> instead of n as n - 2 and n' as n - 1
[Thu Aug 29 10:54:50 2013] <Necrosporus> But thanks, it seem good enough
[Thu Aug 29 10:54:50 2013] <Necrosporus> But thanks, it seem good enough
[Thu Aug 29 10:55:11 2013] <robbert`> you're right
[Thu Aug 29 10:55:11 2013] <robbert`> you're right
[Thu Aug 29 15:50:03 2013] <jlp_> the website coq.inria.fr seems to be down, does anyone know what's up/when it's going to be up again?
[Thu Aug 29 15:50:03 2013] <jlp_> the website coq.inria.fr seems to be down, does anyone know what's up/when it's going to be up again?
[Thu Aug 29 16:07:09 2013] <Anarchos> jlp_ no idea
[Thu Aug 29 16:07:09 2013] <Anarchos> jlp_ no idea
[Thu Aug 29 16:19:38 2013] <robbert`> jlp_: the Coq website is awfully often down... Best to get a local copy of the docs (or verify their webserver using Coq so that it does not crash that often :P)
[Thu Aug 29 16:19:38 2013] <robbert`> jlp_: the Coq website is awfully often down... Best to get a local copy of the docs (or verify their webserver using Coq so that it does not crash that often :P)
[Thu Aug 29 16:28:09 2013] <jlp_> robbert`: thanks, unfortunately I'm a TA for a class using Coq, so all the student want to install it right about now! hopefully it will be back soon!
[Thu Aug 29 16:28:09 2013] <jlp_> robbert`: thanks, unfortunately I'm a TA for a class using Coq, so all the student want to install it right about now! hopefully it will be back soon!
[Thu Aug 29 16:38:27 2013] <robbert`> there is a mirror of the sources on github: https://github.com/coq/coq/tree/v8.4 (although that will probably not really help your windows and mac students :))
[Thu Aug 29 16:38:27 2013] <robbert`> there is a mirror of the sources on github: https://github.com/coq/coq/tree/v8.4 (although that will probably not really help your windows and mac students :))
[Thu Aug 29 16:39:32 2013] <jlp_> awesome, thanks!
[Thu Aug 29 16:39:32 2013] <jlp_> awesome, thanks!
[Fri Aug 30 09:26:31 2013] <Anarchos> if i understand, coqide communicates with a coqtop via a spawned process
[Fri Aug 30 09:26:31 2013] <Anarchos> if i understand, coqide communicates with a coqtop via a spawned process
[Fri Aug 30 09:26:43 2013] <Anarchos> and commands are sent, results are read via XML ?
[Fri Aug 30 09:26:43 2013] <Anarchos> and commands are sent, results are read via XML ?
[Fri Aug 30 09:27:43 2013] <fisi> I believe so.  Also, this is relatively new development. (8.4?)
[Fri Aug 30 09:27:43 2013] <fisi> I believe so.  Also, this is relatively new development. (8.4?)
[Fri Aug 30 09:29:25 2013] <Anarchos> yes it is 8.4 ; do you know how it was made before ?
[Fri Aug 30 09:29:25 2013] <Anarchos> yes it is 8.4 ; do you know how it was made before ?
[Fri Aug 30 09:29:36 2013] <Anarchos> i hate xml for communication between processes
[Fri Aug 30 09:29:36 2013] <Anarchos> i hate xml for communication between processes
[Fri Aug 30 09:30:23 2013] <fisi> well, there's the other way -- the one that ProofGeneral uses -- but I hear the xml is much easier to deal with
[Fri Aug 30 09:30:23 2013] <fisi> well, there's the other way -- the one that ProofGeneral uses -- but I hear the xml is much easier to deal with
[Fri Aug 30 09:31:13 2013] <Anarchos> fisi how works ProofGeneral ?
[Fri Aug 30 09:31:13 2013] <Anarchos> fisi how works ProofGeneral ?
[Fri Aug 30 09:31:18 2013] <fisi> and before coqide was running in the same process (at the very least up until 8.2), which caused a whole lot of problems when tactics looped and the like.
[Fri Aug 30 09:31:18 2013] <fisi> and before coqide was running in the same process (at the very least up until 8.2), which caused a whole lot of problems when tactics looped and the like.
[Fri Aug 30 09:31:55 2013] <Anarchos> fisi ok. I am developing a program with a GUI, which the business logic is done in an isolated OCaml program
[Fri Aug 30 09:31:55 2013] <Anarchos> fisi ok. I am developing a program with a GUI, which the business logic is done in an isolated OCaml program
[Fri Aug 30 09:32:09 2013] <Anarchos> so i have same problems of architecture
[Fri Aug 30 09:32:09 2013] <Anarchos> so i have same problems of architecture
[Fri Aug 30 09:32:41 2013] <fisi> hah, that's a good question! I don't know how exactly the communication is handled in PG; generally, emacs communicates w/ processes using the stdIn/Out/Err streams
[Fri Aug 30 09:32:41 2013] <fisi> hah, that's a good question! I don't know how exactly the communication is handled in PG; generally, emacs communicates w/ processes using the stdIn/Out/Err streams
[Fri Aug 30 09:33:16 2013] <fisi> and this can easily become mighty messy, you have to deal with buffering and whatnot
[Fri Aug 30 09:33:16 2013] <fisi> and this can easily become mighty messy, you have to deal with buffering and whatnot
[Fri Aug 30 09:33:33 2013] <Anarchos> fisi but i have the source of the gui and the program since i write them, so i wonder if there is not a better solution than encode/communicate/decode and so on
[Fri Aug 30 09:33:33 2013] <Anarchos> fisi but i have the source of the gui and the program since i write them, so i wonder if there is not a better solution than encode/communicate/decode and so on
[Fri Aug 30 09:33:44 2013] <Anarchos> yes buffering is a pain
[Fri Aug 30 09:33:44 2013] <Anarchos> yes buffering is a pain
[Fri Aug 30 09:34:45 2013] <fisi> I guess, unless your memory representations on both sides coincide, you *will* have to transcode in some way, won't you?
[Fri Aug 30 09:34:45 2013] <fisi> I guess, unless your memory representations on both sides coincide, you *will* have to transcode in some way, won't you?
[Fri Aug 30 09:35:54 2013] <Anarchos> fisi i don't know yet :)
[Fri Aug 30 09:35:54 2013] <Anarchos> fisi i don't know yet :)
[Fri Aug 30 09:39:39 2013] <Anarchos> but at the user part, formulas are LaTeX strings, so why transcode to XML to send them ??
[Fri Aug 30 09:39:39 2013] <Anarchos> but at the user part, formulas are LaTeX strings, so why transcode to XML to send them ??
[Fri Aug 30 09:41:42 2013] <fisi> you'd probably still want to know where they begin and end, and the likes -- but basically you can go with any home-brewed protocol you want, I guess. It's just that for xml you have libraries already there.
[Fri Aug 30 09:41:42 2013] <fisi> you'd probably still want to know where they begin and end, and the likes -- but basically you can go with any home-brewed protocol you want, I guess. It's just that for xml you have libraries already there.
[Fri Aug 30 09:42:25 2013] <Anarchos> begin and ends : newlines :)
[Fri Aug 30 09:42:25 2013] <Anarchos> begin and ends : newlines :)
[Fri Aug 30 09:43:20 2013] <fisi> if you're certain there are no newlines inside the strings, it'd probably work, why not?
[Fri Aug 30 09:43:20 2013] <fisi> if you're certain there are no newlines inside the strings, it'd probably work, why not?
[Fri Aug 30 09:47:03 2013] <karlicos> speaking about proof general: there should be an emacs config setting for the path to the Coq binaries, right? Can't find anything :(
[Fri Aug 30 09:47:03 2013] <karlicos> speaking about proof general: there should be an emacs config setting for the path to the Coq binaries, right? Can't find anything :(
[Fri Aug 30 09:49:25 2013] <karlicos> ah, finally found it, I guess
[Fri Aug 30 09:49:25 2013] <karlicos> ah, finally found it, I guess
[Fri Aug 30 09:49:58 2013] <karlicos> seems like coq-prog-env
[Fri Aug 30 09:49:58 2013] <karlicos> seems like coq-prog-env
[Sat Aug 31 10:36:29 2013] <ColonelJ> OK I'm really stuck on what seems like it should be a trivial proof.
[Sat Aug 31 10:36:29 2013] <ColonelJ> OK I'm really stuck on what seems like it should be a trivial proof.
[Sat Aug 31 10:36:52 2013] <ColonelJ> Inductive bvec (T : Set) : nat -> Set :=
[Sat Aug 31 10:36:52 2013] <ColonelJ> Inductive bvec (T : Set) : nat -> Set :=
[Sat Aug 31 10:36:52 2013] <ColonelJ>   | BLeaf : T -> bvec T O
[Sat Aug 31 10:36:52 2013] <ColonelJ>   | BLeaf : T -> bvec T O
[Sat Aug 31 10:36:52 2013] <ColonelJ>   | BNode n : bvec T n -> bvec T n -> bvec T (S n).
[Sat Aug 31 10:36:52 2013] <ColonelJ>   | BNode n : bvec T n -> bvec T n -> bvec T (S n).
[Sat Aug 31 10:36:52 2013] <ColonelJ> Definition bvec_leaf T (v : bvec T O) := let 'BLeaf a := v in a.
[Sat Aug 31 10:36:52 2013] <ColonelJ> Definition bvec_leaf T (v : bvec T O) := let 'BLeaf a := v in a.
[Sat Aug 31 10:36:52 2013] <ColonelJ> Lemma leaf_reconstruct : forall T (v : bvec T O), BLeaf (bvec_leaf v) = v.
[Sat Aug 31 10:36:52 2013] <ColonelJ> Lemma leaf_reconstruct : forall T (v : bvec T O), BLeaf (bvec_leaf v) = v.
[Sat Aug 31 10:43:10 2013] <Smerdyakov> I'm surprised that the [bvec_leaf] definition was accepted.  I guess that Coq team has been busy adding dependent typing heuristics.
[Sat Aug 31 10:43:10 2013] <Smerdyakov> I'm surprised that the [bvec_leaf] definition was accepted.  I guess that Coq team has been busy adding dependent typing heuristics.
[Sat Aug 31 10:44:07 2013] <Smerdyakov> Have you read CPDT?
[Sat Aug 31 10:44:07 2013] <Smerdyakov> Have you read CPDT?
[Sat Aug 31 10:46:01 2013] <ColonelJ> I'm part way through it
[Sat Aug 31 10:46:01 2013] <ColonelJ> I'm part way through it
[Sat Aug 31 10:46:18 2013] <ColonelJ> I don't want to have to read the entire thing to be able to do anything
[Sat Aug 31 10:46:18 2013] <ColonelJ> I don't want to have to read the entire thing to be able to do anything
[Sat Aug 31 10:46:25 2013] <ColonelJ> even if I will in time
[Sat Aug 31 10:46:25 2013] <ColonelJ> even if I will in time
[Sat Aug 31 10:47:04 2013] <Smerdyakov> Well, [dependent destruction] makes your lemma easy, but it uses an axiom.
[Sat Aug 31 10:47:04 2013] <Smerdyakov> Well, [dependent destruction] makes your lemma easy, but it uses an axiom.
[Sat Aug 31 10:47:53 2013] <Smerdyakov> The whole thing is easy to do without axioms, and it's basically Chapters 8 and 9 of CPDT that explain how.
[Sat Aug 31 10:47:53 2013] <Smerdyakov> The whole thing is easy to do without axioms, and it's basically Chapters 8 and 9 of CPDT that explain how.
[Sat Aug 31 10:51:07 2013] <ColonelJ> yea they seem quite important chapters might be more productive to read at least that far
[Sat Aug 31 10:51:07 2013] <ColonelJ> yea they seem quite important chapters might be more productive to read at least that far
[Sat Aug 31 10:55:40 2013] <ColonelJ> it's kinda disappointing that this whole thing turns out much less intuitive to use than you'd hope for
[Sat Aug 31 10:55:40 2013] <ColonelJ> it's kinda disappointing that this whole thing turns out much less intuitive to use than you'd hope for
[Sat Aug 31 10:57:49 2013] <Smerdyakov> The sort of magic easy dependent typing that you're hoping for is provably impossible, because of undecidability results.
[Sat Aug 31 10:57:49 2013] <Smerdyakov> The sort of magic easy dependent typing that you're hoping for is provably impossible, because of undecidability results.
[Sat Aug 31 10:58:02 2013] <ColonelJ> Is there any way to do induction over a pair of bvecs without needing that dependent destruction/induction?
[Sat Aug 31 10:58:02 2013] <ColonelJ> Is there any way to do induction over a pair of bvecs without needing that dependent destruction/induction?
[Sat Aug 31 10:58:03 2013] <Smerdyakov> I'd rather that Coq had kept not accepting definitions like your [bvec_leaf] above.
[Sat Aug 31 10:58:03 2013] <Smerdyakov> I'd rather that Coq had kept not accepting definitions like your [bvec_leaf] above.
[Sat Aug 31 10:58:26 2013] <Smerdyakov> That way, you'd realize that you need to do a bit more work, and that work would make obvious which induction strategy will work.
[Sat Aug 31 10:58:26 2013] <Smerdyakov> That way, you'd realize that you need to do a bit more work, and that work would make obvious which induction strategy will work.
[Sat Aug 31 10:58:54 2013] <Smerdyakov> In general, induction is only allowed over inductive families applied only to _variables_.
[Sat Aug 31 10:58:54 2013] <Smerdyakov> In general, induction is only allowed over inductive families applied only to _variables_.
[Sat Aug 31 10:58:59 2013] <Smerdyakov> Above you're applying a family to [0].
[Sat Aug 31 10:58:59 2013] <Smerdyakov> Above you're applying a family to [0].
[Sat Aug 31 10:59:20 2013] <Smerdyakov> See CPDT for the design patterns to deal with this restriction.
[Sat Aug 31 10:59:20 2013] <Smerdyakov> See CPDT for the design patterns to deal with this restriction.
[Sat Aug 31 13:58:27 2013] <ColonelJ> btw, I just used 'induction xs; dependent induction ys; simpl; congruence.' to solve the thing I was trying to do in the first place, I didn't need any special strategy or axioms, it Just Works (TM).
[Sat Aug 31 13:58:28 2013] <ColonelJ> btw, I just used 'induction xs; dependent induction ys; simpl; congruence.' to solve the thing I was trying to do in the first place, I didn't need any special strategy or axioms, it Just Works (TM).
[Sat Aug 31 13:59:07 2013] <ColonelJ> Also I think that the definition of bvec_leaf is very easy to understand and makes a lot of sense to use if Coq can provide that as an option
[Sat Aug 31 13:59:07 2013] <ColonelJ> Also I think that the definition of bvec_leaf is very easy to understand and makes a lot of sense to use if Coq can provide that as an option
[Sat Aug 31 14:02:07 2013] <ColonelJ> Actually reading back I probably misunderstood on the axioms thing if it uses one internally...
[Sat Aug 31 14:02:07 2013] <ColonelJ> Actually reading back I probably misunderstood on the axioms thing if it uses one internally...
[Sat Aug 31 14:06:13 2013] <ColonelJ> I'm guessing it's that JMeq_eq one you mean
[Sat Aug 31 14:06:13 2013] <ColonelJ> I'm guessing it's that JMeq_eq one you mean
[Sat Aug 31 14:09:05 2013] <ColonelJ> hmm that's chapter 10 in CPDT
[Sat Aug 31 14:09:05 2013] <ColonelJ> hmm that's chapter 10 in CPDT
[Sat Aug 31 15:39:36 2013] <ColonelJ> I think I need the function_extensionality for this proof as well, otherwise I can't rewrite anything inside a lambda?
[Sat Aug 31 15:39:36 2013] <ColonelJ> I think I need the function_extensionality for this proof as well, otherwise I can't rewrite anything inside a lambda?
[Sat Aug 31 15:51:37 2013] <ColonelJ> not even sure what the Ltac command is to do rewriting using that..
[Sat Aug 31 15:51:37 2013] <ColonelJ> not even sure what the Ltac command is to do rewriting using that..
[Sat Aug 31 16:03:32 2013] <ColonelJ> rewrite <- (functional_extensionality (λ n, n) (λ n, n + O) (plus_n_O)).
[Sat Aug 31 16:03:32 2013] <ColonelJ> rewrite <- (functional_extensionality (λ n, n) (λ n, n + O) (plus_n_O)).
[Sat Aug 31 16:04:54 2013] <ColonelJ> umm no that's not it
[Sat Aug 31 16:04:54 2013] <ColonelJ> umm no that's not it
[Sat Aug 31 16:57:19 2013] <ColonelJ> I've found you can do "rewrite <- (functional_extensionality this_function that_function)." to get a goal where the function has been replaced and another goal where you prove the outputs of the functions are equal.  Downside is you have to write the functions out in full I think..
[Sat Aug 31 16:57:19 2013] <ColonelJ> I've found you can do "rewrite <- (functional_extensionality this_function that_function)." to get a goal where the function has been replaced and another goal where you prove the outputs of the functions are equal.  Downside is you have to write the functions out in full I think..
[Sat Aug 31 18:21:57 2013] <ColonelJ> I feel like the goals that come out of that should be the other way round
[Sat Aug 31 18:21:57 2013] <ColonelJ> I feel like the goals that come out of that should be the other way round
[Sat Aug 31 18:23:16 2013] <ColonelJ> it would be nicer to prove the functions equal and then continue with your proof
[Sat Aug 31 18:23:16 2013] <ColonelJ> it would be nicer to prove the functions equal and then continue with your proof
[Sat Aug 31 19:27:16 2013] <ColonelJ> yea it's much better to do the other side of the proof backwards and then use the extensionality tactic
[Sat Aug 31 19:27:16 2013] <ColonelJ> yea it's much better to do the other side of the proof backwards and then use the extensionality tactic
[Sat Aug 31 19:27:40 2013] <ColonelJ> I ended up having to do "f_equal; f_equal; extensionality x"
[Sat Aug 31 19:27:40 2013] <ColonelJ> I ended up having to do "f_equal; f_equal; extensionality x"
[Sat Aug 31 19:29:01 2013] <ColonelJ> there must be a better way than having to f_equal multiple times to get down to the core structure surely?
[Sat Aug 31 19:29:01 2013] <ColonelJ> there must be a better way than having to f_equal multiple times to get down to the core structure surely?
[Sat Aug 31 19:33:18 2013] <ColonelJ> this is what my proof looks like currently
[Sat Aug 31 19:33:18 2013] <ColonelJ> this is what my proof looks like currently
[Sat Aug 31 19:33:19 2013] <ColonelJ> autounfold; induction s; simpl; autorewrite with lemmas; autounfold; auto.
[Sat Aug 31 19:33:19 2013] <ColonelJ> autounfold; induction s; simpl; autorewrite with lemmas; autounfold; auto.
[Sat Aug 31 19:33:19 2013] <ColonelJ> simpl; rewrite IHs1, IHs2; autorewrite with lemmas; autounfold.
[Sat Aug 31 19:33:19 2013] <ColonelJ> simpl; rewrite IHs1, IHs2; autorewrite with lemmas; autounfold.
[Sat Aug 31 19:33:20 2013] <ColonelJ> f_equal; f_equal; extensionality x; autorewrite with lemmas; auto.
[Sat Aug 31 19:33:19 2013] <ColonelJ> f_equal; f_equal; extensionality x; autorewrite with lemmas; auto.
[Sat Aug 31 19:40:04 2013] <ColonelJ> new version
[Sat Aug 31 19:40:04 2013] <ColonelJ> new version
[Sat Aug 31 19:40:04 2013] <ColonelJ> solve; induction s; repeat solve; rewrite IHs1, IHs2; solve.
[Sat Aug 31 19:40:05 2013] <ColonelJ> solve; induction s; repeat solve; rewrite IHs1, IHs2; solve.
[Sat Aug 31 19:40:05 2013] <ColonelJ> f_equal; f_equal; extensionality x; solve.
[Sat Aug 31 19:40:05 2013] <ColonelJ> f_equal; f_equal; extensionality x; solve.
[Sat Aug 31 19:41:15 2013] <ColonelJ> new new version
[Sat Aug 31 19:41:15 2013] <ColonelJ> new new version
[Sat Aug 31 19:41:16 2013] <ColonelJ> solve; induction s; repeat solve; rewrite IHs1, IHs2; solve.
[Sat Aug 31 19:41:16 2013] <ColonelJ> solve; induction s; repeat solve; rewrite IHs1, IHs2; solve.
[Sat Aug 31 19:41:16 2013] <ColonelJ> repeat f_equal; extensionality x; solve.
[Sat Aug 31 19:41:16 2013] <ColonelJ> repeat f_equal; extensionality x; solve.
[Sat Aug 31 20:56:08 2013] <ColonelJ> mmh how do you create an empty hint database for rewrites?
[Sat Aug 31 20:56:08 2013] <ColonelJ> mmh how do you create an empty hint database for rewrites?
[Sun Sep  1 04:52:35 2013] <karlicos> How can I omit writing the body for an impossible case in the Definition? For instance, I have Lemma lemma : exists b, a = Some b. , and I am pattern matching on a in some function. How do I discard the None case?
[Sun Sep  1 04:52:35 2013] <karlicos> How can I omit writing the body for an impossible case in the Definition? For instance, I have Lemma lemma : exists b, a = Some b. , and I am pattern matching on a in some function. How do I discard the None case?
[Sun Sep  1 04:54:53 2013] <karlicos> my guess is there should be some built-in like forall T : Set, forall p : Prop, p -> ~ p -> T for handling that.
[Sun Sep  1 04:54:53 2013] <karlicos> my guess is there should be some built-in like forall T : Set, forall p : Prop, p -> ~ p -> T for handling that.
[Sun Sep  1 04:55:22 2013] <ezyang> Well, the signature you just wrote is just application plus explosion (since ~ p = p -> False)
[Sun Sep  1 04:55:22 2013] <ezyang> Well, the signature you just wrote is just application plus explosion (since ~ p = p -> False)
[Sun Sep  1 04:55:34 2013] <ezyang> But in general if you want an impossible case you'll need a dependent pattern match
[Sun Sep  1 04:55:34 2013] <ezyang> But in general if you want an impossible case you'll need a dependent pattern match
[Sun Sep  1 06:05:05 2013] <Ptival_> karlicos: False_rec lets you handle that
[Sun Sep  1 06:05:05 2013] <Ptival_> karlicos: False_rec lets you handle that
[Sun Sep  1 06:05:13 2013] <Ptival_> as soon as you get a False
[Sun Sep  1 06:05:13 2013] <Ptival_> as soon as you get a False
[Sun Sep  1 10:30:09 2013] <ColonelJ> I can't seem to get "proj1_sig signature" to evaluate using simpl even if I do "Arguments proj1_sig [A] [P] !e /." and "Arguments signature /."
[Sun Sep  1 10:30:09 2013] <ColonelJ> I can't seem to get "proj1_sig signature" to evaluate using simpl even if I do "Arguments proj1_sig [A] [P] !e /." and "Arguments signature /."
[Sun Sep  1 10:34:22 2013] <ColonelJ> actually you can't even unfold a signature..
[Sun Sep  1 10:34:22 2013] <ColonelJ> actually you can't even unfold a signature..
[Sun Sep  1 11:22:35 2013] <ColonelJ> ok I guess I'll have to accept it's not 'evaluable' whatever that means
[Sun Sep  1 11:22:35 2013] <ColonelJ> ok I guess I'll have to accept it's not 'evaluable' whatever that means
[Sun Sep  1 15:42:32 2013] <ColonelJ> Notation "( R ) + ( I )j" := (Cplx R I) (at level 45, format
[Sun Sep  1 15:42:32 2013] <ColonelJ> Notation "( R ) + ( I )j" := (Cplx R I) (at level 45, format
[Sun Sep  1 15:42:32 2013] <ColonelJ>   "'[hv  ' '(' R ')' '/'  '+'  '/  ' '(' I ')j' ']'") : program_scope.
[Sun Sep  1 15:42:32 2013] <ColonelJ>   "'[hv  ' '(' R ')' '/'  '+'  '/  ' '(' I ')j' ']'") : program_scope.
[Sun Sep  1 15:42:34 2013] <ColonelJ> heehee
[Sun Sep  1 15:42:34 2013] <ColonelJ> heehee
[Sun Sep  1 15:49:55 2013] <ColonelJ> I should really use a cplx_scope eh
[Sun Sep  1 15:49:55 2013] <ColonelJ> I should really use a cplx_scope eh
[Sun Sep  1 16:33:10 2013] <ColonelJ> Definition mult_cplx x y := let '(xr)+(xi)j := x in let '(yr)+(yi)j := y in
[Sun Sep  1 16:33:10 2013] <ColonelJ> Definition mult_cplx x y := let '(xr)+(xi)j := x in let '(yr)+(yi)j := y in
[Sun Sep  1 16:33:10 2013] <ColonelJ>                               (xr * yr + - xi * yi) + (xr * yi + xi * yr)j.
[Sun Sep  1 16:33:10 2013] <ColonelJ>                               (xr * yr + - xi * yi) + (xr * yi + xi * yr)j.
[Sun Sep  1 16:34:22 2013] <ColonelJ> This complex notation seems to stop me putting xr * yr as (xr * yr) for example so yes things are a bit fraught...
[Sun Sep  1 16:34:22 2013] <ColonelJ> This complex notation seems to stop me putting xr * yr as (xr * yr) for example so yes things are a bit fraught...
[Sun Sep  1 16:36:08 2013] <ColonelJ> Not sure if the problem is the underlying parser engine or Coq's use of it.  LALR is a bit crap though.
[Sun Sep  1 16:36:08 2013] <ColonelJ> Not sure if the problem is the underlying parser engine or Coq's use of it.  LALR is a bit crap though.
[Sun Sep  1 16:37:39 2013] <ColonelJ> oh camlp4 is recursive descent
[Sun Sep  1 16:37:39 2013] <ColonelJ> oh camlp4 is recursive descent
[Sun Sep  1 16:40:48 2013] <ColonelJ> Lemma mult_id_exists_cplx : {mult_id_cplx | ∀ x, mult_cplx x mult_id_cplx = x}.
[Sun Sep  1 16:40:48 2013] <ColonelJ> Lemma mult_id_exists_cplx : {mult_id_cplx | ∀ x, mult_cplx x mult_id_cplx = x}.
[Sun Sep  1 16:40:48 2013] <ColonelJ> exists ((1 - 0) + (0 - 0)j); destruct x; destruct r, i; solve.
[Sun Sep  1 16:40:48 2013] <ColonelJ> exists ((1 - 0) + (0 - 0)j); destruct x; destruct r, i; solve.
[Sun Sep  1 16:40:48 2013] <ColonelJ> Qed.
[Sun Sep  1 16:40:48 2013] <ColonelJ> Qed.
[Sun Sep  1 16:41:56 2013] <ColonelJ> That - is my constructor for type int :P
[Sun Sep  1 16:41:56 2013] <ColonelJ> That - is my constructor for type int :P
[Sun Sep  1 16:45:02 2013] <ColonelJ> Lemma mult_id_exists_cplx : {mult_id_cplx | ∀ x, x * mult_id_cplx = x}.
[Sun Sep  1 16:45:02 2013] <ColonelJ> Lemma mult_id_exists_cplx : {mult_id_cplx | ∀ x, x * mult_id_cplx = x}.
[Sun Sep  1 16:46:56 2013] <ColonelJ> - ((p - n) + (p0 - n0)j) + - ((p1 - n1) + (p2 - n2)j) =
[Sun Sep  1 16:46:56 2013] <ColonelJ> - ((p - n) + (p0 - n0)j) + - ((p1 - n1) + (p2 - n2)j) =
[Sun Sep  1 16:46:56 2013] <ColonelJ> - ((p - n) + (p0 - n0)j + (p1 - n1) + (p2 - n2)j)
[Sun Sep  1 16:46:56 2013] <ColonelJ> - ((p - n) + (p0 - n0)j + (p1 - n1) + (p2 - n2)j)
[Sun Sep  1 16:50:51 2013] <ColonelJ> x * - y =
[Sun Sep  1 16:50:51 2013] <ColonelJ> x * - y =
[Sun Sep  1 16:51:01 2013] <ColonelJ> (p * n1 + n * p1 + (n0 * n2 + p0 * p2) -
[Sun Sep  1 16:51:01 2013] <ColonelJ> (p * n1 + n * p1 + (n0 * n2 + p0 * p2) -
[Sun Sep  1 16:51:01 2013] <ColonelJ>  (p * p1 + n * n1 + (n0 * p2 + p0 * n2)))
[Sun Sep  1 16:51:01 2013] <ColonelJ>  (p * p1 + n * n1 + (n0 * p2 + p0 * n2)))
[Sun Sep  1 16:51:01 2013] <ColonelJ>    +
[Sun Sep  1 16:51:01 2013] <ColonelJ>    +
[Sun Sep  1 16:51:01 2013] <ColonelJ>     (p * n2 + n * p2 + (p0 * n1 + n0 * p1) -
[Sun Sep  1 16:51:01 2013] <ColonelJ>     (p * n2 + n * p2 + (p0 * n1 + n0 * p1) -
[Sun Sep  1 16:51:01 2013] <ColonelJ>      (p * p2 + n * n2 + (p0 * p1 + n0 * n1)))j =
[Sun Sep  1 16:51:01 2013] <ColonelJ>      (p * p2 + n * n2 + (p0 * p1 + n0 * n1)))j =
[Sun Sep  1 16:51:14 2013] <ColonelJ> - (x * y)
[Sun Sep  1 16:51:14 2013] <ColonelJ> - (x * y)
[Sun Sep  1 19:05:54 2013] <defanor> hello. i'm reading http://www.cis.upenn.edu/~bcpierce/sf/Induction.html now, and just stuck on one sentence: "Define a function normalize from binary numbers to binary numbers such that for any binary number b, converting to a natural and then back to binary yields (normalize b)". what's meant by last words, "yields (normalize b)."?
[Sun Sep  1 19:07:06 2013] <ColonelJ> I think 'yields' means produces the same value as
[Sun Sep  1 19:07:35 2013] <ColonelJ> i.e. back_to_binary(convert_to_natural b) = normalize b
[Sun Sep  1 19:07:45 2013] <defanor> oh, thank you
[Sun Sep  1 19:08:09 2013] <defanor> i've thought that those function should yield it somehow
[Sun Sep  1 19:08:33 2013] <ColonelJ> That sentence is very badly written to be honest
[Sun Sep  1 19:11:09 2013] <Anarchos> ColonelJ yes i had to read it twice before completing the exercise
[Sun Sep  1 19:34:28 2013] <ColonelJ> Polished version of my first proof written into Coq if anyone wants to have a look http://paste.mnus.de/view/f399a3cd
[Sun Sep  1 19:36:05 2013] <ColonelJ> It's a proof that the Fast Hadamard Transform does a Hadamard Transform
[Mon Sep  2 13:47:34 2013] <karlicos> Hi guys. I'm stuck at proving Theorem ind_step2 : forall P : nat -> Prop, P 0 -> P 1 -> (forall n, P n -> P (S (S n))) -> forall n, P n. Any advice?
[Mon Sep  2 13:49:21 2013] <ianjneu> where are you stuck?
[Mon Sep  2 13:54:28 2013] <karlicos> Well, I guess I should prove it by induction, so I am stuck at proving the induction step
[Mon Sep  2 13:55:04 2013] <karlicos> However, I suspect I should not use induction. directly, but rather use it as nat_ind with a different predicate.
[Mon Sep  2 13:57:02 2013] <ianjneu> My proofgeneral is having trouble starting coqtop :/
[Mon Sep  2 14:07:58 2013] <fisi> karlicos: I'm assuming you're having trouble, since after applying the induction hypothesis you're left with the P (S n) in the assumptions, and P n to prove
[Mon Sep  2 14:08:10 2013] <karlicos> Yeah
[Mon Sep  2 14:08:21 2013] <karlicos> I've done it actually, my idea was kind of right
[Mon Sep  2 14:08:28 2013] <fisi> ah, OK
[Mon Sep  2 14:08:51 2013] <karlicos> http://lpaste.net/92461
[Mon Sep  2 14:08:52 2013] <fisi> well, you can still do it using induction tactic, but for a different proposition
[Mon Sep  2 14:09:11 2013] <karlicos> kind of ugly, but I'll prettify it later :)
[Mon Sep  2 14:10:14 2013] <fisi> yeah. The thing is, to do this without calling out to nat_ind explicitly, you can use "assert (HInd: P n /\ P (S n))."
[Mon Sep  2 14:10:37 2013] <fisi> and one of the goals that you're left with is trivial ("destruct HInd; assumption")
[Mon Sep  2 14:11:47 2013] <fisi> while on the other you can call "induction n", and it will give you the IH that's strong enough (I actually overkilled in this example, and used "forall k, k <= n -> P k" -- which also works ;))
[Mon Sep  2 14:16:41 2013] <karlicos> fisi: thanks, now it's indeed better :) http://lpaste.net/92462
[Mon Sep  2 14:18:34 2013] <fisi> yeah, so the additional trick with assert is that using the syntax "assert (FOO : expr)" you can name the hyp (and -- since you know the name, in a case like this easily kill off the remaining goal after semicolon).
[Mon Sep  2 14:19:41 2013] <fisi> in this case, for example, like that: "assert (HPair : P n /\ P (S n)); [| destruct HPair as [HT _]; assumption]."
[Mon Sep  2 14:20:34 2013] <fisi> I guess it's a matter of personal taste how the script looks, but I prefer to kill off the easy goals fast, so there's less clutter.
[Mon Sep  2 14:24:11 2013] <fisi> update: ooh, it's even better! You can do assert (expr) as intro_pattern, which allows you to destruct stuff like existentials and con-/disjunctions
[Mon Sep  2 14:24:43 2013] <fisi> (so: "assert (P n /\ P (S n)) as [HGoal _]; [| assumption].")
[Mon Sep  2 14:38:27 2013] <ianjneu> intros; assert (P n /\ P (S n)); induction n; firstorder.
[Mon Sep  2 14:38:46 2013] <ianjneu> Had to rebuild Coq from scratch.
[Mon Sep  2 14:38:54 2013] <fisi> bah, firstorder, anyone can do firstorder! ;)
[Mon Sep  2 18:04:55 2013] <lupine> so I've recently been convinced by a friend that formally-proven code is not actually a massive, impractical waste of time ;)
[Mon Sep  2 18:05:59 2013] <lupine> * is now attempting to understand how it works
[Mon Sep  2 18:12:38 2013] <Cale> lupine: It *does* have a time cost.
[Mon Sep  2 18:13:10 2013] <Cale> But it's not *totally* impractical, and there're really a spectrum there of how much time/effort you want to put into statically verifying things.
[Mon Sep  2 18:14:50 2013] <Cale> lupine: The nice thing about dependently typed systems is that you put as much information into the types as you want, and get results back based on that. If you want to verify more properties, you'll probably have to encode more information about the values into the types, and spend more time working on it, but at least you have the option.
[Mon Sep  2 18:22:01 2013] <lupine> mm, I'm not expecting it to be magic :) but it's certainly intriguing
[Mon Sep  2 18:22:28 2013] <lupine> if only I had what seems to be the necessary mathematics and functional programming backgrounds
[Tue Sep  3 08:01:30 2013] <osa1> "assumption. assumption. assumption." finishes my proof but "repeat assumption." doesn't, why is that? looks like "repeat assumption." applies assumption only one time.
[Tue Sep  3 08:03:57 2013] <fisi> osa1: any tactic application works on the one goal with which you start that stage of proof.
[Tue Sep  3 08:04:59 2013] <fisi> now, in your case, each of the "assumption"s solves a subgoal (as, indeed, assumption can only either completely solve a subgoal or fail).
[Tue Sep  3 08:05:20 2013] <fisi> so "repeat assumption" only works on the first of your subgoals -- which it manages to solve
[Tue Sep  3 08:05:37 2013] <fisi> does this make sense to you?
[Tue Sep  3 08:07:04 2013] <osa1> ah, got it. thanks.
[Tue Sep  3 08:07:31 2013] <fisi> no problem
[Tue Sep  3 08:17:26 2013] <karlicos> osa1: you're gonna need something like tactic; assumption.
[Tue Sep  3 08:17:52 2013] <karlicos> where "tactic" is the name of the tactic which yielded these three subgoals
[Tue Sep  3 08:18:21 2013] <karlicos> (in assumption they were produced by one tactic, of course)
[Tue Sep  3 08:18:57 2013] <karlicos> tactic1; tactic2. is "apply tactic1 and then tactic2 for each subgoal"
[Tue Sep  3 11:57:29 2013] <karlicos> Do I need to type "Local Open Scope list_scope." if I want to use :: instead of cons? Or I am doing something wrong?
[Tue Sep  3 12:00:23 2013] <ianjneu> It's Import List_Notation. or something
[Tue Sep  3 12:00:36 2013] <ianjneu> Once you've required the list library, of course.
[Tue Sep  3 12:04:28 2013] <karlicos> ah, Require Import List seems to be enough
[Tue Sep  3 12:04:32 2013] <karlicos> thanks
[Wed Sep  4 09:34:42 2013] <karlicos> what is the reduction rule to reason (let (a, b) := p in (a, b)) = p ?
[Wed Sep  4 09:43:27 2013] <elliott> try destructing p
[Wed Sep  4 09:45:42 2013] <karlicos> elliott: yeah, I got the answer already, it indeed works. Thanks!
[Wed Sep  4 09:45:52 2013] <elliott> :)
[Wed Sep  4 10:36:01 2013] <karlicos> is there some shorthand for "specialize (something); intro hyp." ?
[Wed Sep  4 10:37:47 2013] <karlicos> ah, I guess pose proof something as hyp.
[Wed Sep  4 14:23:26 2013] <karlicos> I've got a context "a : A", "f : A -> A", "p : P (f a)". How can I transform it into "a : A", "f : A -> A", "b : A", "eq : b = f a", "p : P b"?
[Wed Sep  4 14:27:53 2013] <karlicos> I've managed to do that using assert (exists b, b = f a). exists (f a). reflexivity. though, but isn't there a simpler way?
[Wed Sep  4 14:36:50 2013] <ianjneu> pose (b := f a); assert (eq : b = f a) by reflexivity.
[Wed Sep  4 14:37:00 2013] <karlicos> It seems I needed remember (f a) as b.
[Wed Sep  4 14:37:34 2013] <ianjneu> karlicos: ah, yes that's better.
[Thu Sep  5 16:24:29 2013] <karlicos> How am I supposed to install Coq contributions?
[Thu Sep  5 17:35:29 2013] <karlicos> Do I have to add a contrib to the load bath explicitly, or I am doing something wrong while installing it?
[Thu Sep  5 22:07:57 2013] <osa1> do I need to know about Hoare logic if I'm only interested in meta-level theorems(i.e. theorems about the language) and not theorems about programs written in the language?
[Thu Sep  5 22:20:19 2013] <Saizan> which language?
[Thu Sep  5 22:20:54 2013] <osa1> Saizan: my language -- but does that really matter?
[Thu Sep  5 22:21:02 2013] <Saizan> but hoare logic, afaik, is mostly useful to prove properties of programs which make use of mutation
[Thu Sep  5 22:23:48 2013] <osa1> can anyone recommend me Coq formalizations of some simple languages so that I can have some ideas about what should I know?
[Thu Sep  5 22:25:08 2013] <osa1> I'm following Software Foundations book(in which I'm at Hoare Logic chapter) and it will eventually capture all required techniques but I still want to see a full implementation before finishing SF book(because it may take a long time for me -- I'm self studying)
[Thu Sep  5 22:46:15 2013] <clj_newb_2345> how does reflection / reification relate to each other?
[Fri Sep  6 19:58:40 2013] <ColonelJ> I had this crazy idea that lambda and forall could actually be the same thing allowing dependent arguments to transcend the whole type universes thing and allowing functions to recursively typed in terms of themselves e.g. the type of id is id, and the type of apply is apply.
[Fri Sep  6 19:59:21 2013] <ColonelJ> as before if the dependent argument isn't used it just becomes a normal function arrow
[Fri Sep  6 20:00:02 2013] <ColonelJ> non-termination in a term can mean non-termination in its type meaning that whole problem goes away
[Fri Sep  6 20:33:35 2013] <ColonelJ> hmm no that doesn't work for apply at all, I think I need to think this through a bit more :)
[Sat Sep  7 08:55:14 2013] <robbert`> ColonelJ: in some version of automath, Pi and lambda used to be the same
[Sat Sep  7 08:56:15 2013] <robbert`> ah, he's not here...
[Sat Sep  7 08:58:37 2013] <ski> i wonder what `(Natural -> Boolean) Boolean' would represent, then ..
[Sat Sep  7 10:04:09 2013] <karlicos1> How can I put the "n = S n'" equation in the context? http://lpaste.net/92689
[Sat Sep  7 11:25:11 2013] <ColonelJ> Goal (nat -> nat) : Set.
[Sat Sep  7 11:25:15 2013] <ColonelJ> what do?
[Sat Sep  7 11:30:42 2013] <gdsfh> ColonelJ: "exact (fun n => n)." for example.
[Sat Sep  7 11:38:24 2013] <ColonelJ> and this is unprovable because all elements of s would have to be instantiable? Goal forall s : Set, s.
[Sat Sep  7 11:39:54 2013] <ski> would be the idea, i think
[Sat Sep  7 11:51:48 2013] <ColonelJ> Goal (forall s : Set, s) -> False.
[Sat Sep  7 11:51:48 2013] <ColonelJ> intro X; apply X.
[Sat Sep  7 11:51:48 2013] <ColonelJ> Qed.
[Sat Sep  7 11:51:57 2013] <ColonelJ> Well that was easy
[Sat Sep  7 11:54:54 2013] <ColonelJ> I didn't know False was in Set
[Sat Sep  7 11:58:24 2013] <ColonelJ> What actually is False?
[Sat Sep  7 12:16:06 2013] <ColonelJ> I'm still thinking into my idea of last night, what I want is a system where the type of a list of 1s is a list of nats, the type of that is a list of Sets, the type of that is a list of Types etc.
[Sat Sep  7 12:16:38 2013] <ColonelJ> I'm guessing it's not possible to make anything like this in Coq?
[Sat Sep  7 12:18:17 2013] <ColonelJ> also I'd want a possibility of dependent type for an index on those lists so a list3 of 1s is a list3 of nats is a list3 of Sets...
[Sat Sep  7 16:54:27 2013] <ColonelJ> hi why can't tauto with Classical module prove
[Sat Sep  7 16:54:28 2013] <ColonelJ> Goal forall a : Prop, ~ ~ a <-> a.
[Sun Sep  8 05:16:05 2013] <karlicos> Is there some kind of Search over all libraries in the library path, not only in the current environment?
[Sun Sep  8 05:16:42 2013] <karlicos> or some Proof general feature, implementing this functionality
[Mon Sep  9 15:13:17 2013] <Anarchos> What are the news around coq ?
[Mon Sep  9 15:52:57 2013] <johnw> did you see the news about the Quark verified web browser?
[Mon Sep  9 15:53:36 2013] <Anarchos> no
[Mon Sep  9 15:54:29 2013] <dnm> http://goto.ucsd.edu/quark/
[Mon Sep  9 15:54:35 2013] <dnm> newsham pointed me to it.
[Mon Sep  9 15:55:16 2013] <Anarchos> i am abit hurt by such announce like this ' In this way, Quark is able to make strong guarantees about a million lines of code (e.g., the renderer, JavaScript implementation, JPEG decoders, etc.)'
[Mon Sep  9 15:55:26 2013] <willem> hello everyone, im a coq-newbie - can i ask a question about the "Case" strategy here?
[Mon Sep  9 15:55:39 2013] <Anarchos> did they really proved a million line of code ?
[Mon Sep  9 15:55:52 2013] <Anarchos> willem sure, don't ask to ask :)
[Mon Sep  9 15:56:35 2013] <willem> ok, im following this tutorial: http://www.cis.upenn.edu/~bcpierce/sf/Induction.html
[Mon Sep  9 15:56:58 2013] <Anarchos> willem i did it too
[Mon Sep  9 15:57:10 2013] <willem> and im at the theorem called andb_true_elim1
[Mon Sep  9 15:57:20 2013] <ystael> willem: I think this is an error in Software Foundations, or some base library they failed to mention.
[Mon Sep  9 15:57:28 2013] <ystael> You can find the necessary code here: http://coq.inria.fr/cocorico/Case%20%28tactic%29
[Mon Sep  9 15:57:36 2013] <willem> ah, thank you
[Mon Sep  9 15:57:43 2013] <dnm> Anarchos: They specifically say they make guarantees about other code that wasn't formally proven through the exposed interfaces of the smaller kernel they did prove.
[Mon Sep  9 15:57:51 2013] <ystael> willem: I just ran into this last week :)
[Mon Sep  9 15:58:06 2013] <dnm> What good that is in practice is still to be determined, I think, but it's a decent PoC with comparatively little effort.
[Mon Sep  9 15:58:31 2013] <willem> what would be a nice way to include this piece of code ystael?
[Mon Sep  9 15:59:11 2013] <ystael> willem: Paste that first box into TacticUtil.v, compile it with coqc, then you can Require Export TacticUtil at the top of each module.
[Mon Sep  9 15:59:26 2013] <willem> cheers ;)
[Mon Sep  9 16:00:51 2013] <ystael> good luck!
[Mon Sep  9 16:02:54 2013] <willem> ystael, do you also know by any chance of a command in proof general that lets me check an entire coq file at once?
[Mon Sep  9 16:03:12 2013] <ystael> I just do M-> C-RET
[Mon Sep  9 16:03:22 2013] <ystael> sorry, M-> C-c C-RET
[Mon Sep  9 16:03:41 2013] <willem> thank you (eternally) :D
[Mon Sep  9 16:50:25 2013] <osa1> how can I see definitions of notations?
[Mon Sep  9 16:54:05 2013] <Ptival> osa1: Locate "bla".
[Mon Sep  9 16:54:15 2013] <Ptival> where "bla" cam be some token of the notation
[Mon Sep  9 16:54:52 2013] <Ptival> willem: C-c C-b should process the entire buffer
[Tue Sep 10 10:42:35 2013] <osa1> I'm having trouble understanding difference between induction and inversion .. both generates goals for each constructor but induction provides induction hypothesis but that shouldn't be the only difference because otherwise inversion would be same as destruct, can anyone help me clarify these things?
[Tue Sep 10 10:57:30 2013] <sgnb> osa1: inversion also tries to create equality hypotheses between variables introducted and the thing being destructed
[Tue Sep 10 10:59:30 2013] <osa1> sgnb: hmm.. can you give me a specific example of generated equality hypotheses?
[Tue Sep 10 11:05:26 2013] <sgnb> osa1: http://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_tactic89
[Tue Sep 10 11:08:33 2013] <sgnb> and try to use "destruct" instead of "inversion"... you'll see the difference
[Tue Sep 10 11:09:43 2013] <sgnb> also, inversion solves by itself cases that are obviously impossible
[Tue Sep 10 11:12:04 2013] <osa1> what is "obviously impossible" ?
[Tue Sep 10 11:13:36 2013] <karlicos> osa1: like the things which were constructred by different constructors
[Tue Sep 10 11:13:38 2013] <gdsfh> btw, what's about work on "invert" tactic that could replace "inversion"?  there was a post on gagalium about it.
[Tue Sep 10 11:14:29 2013] <karlicos> for instance, in general, you'll use inverse H if you have "H : true = false" in the context to solve current subgoal
[Tue Sep 10 11:16:46 2013] <karlicos> inversion H of course
[Tue Sep 10 11:20:39 2013] <sgnb> osa1: in the example linked above, the "in_hd" is impossible because it would imply "0 = 1"
[Tue Sep 10 11:21:26 2013] <sgnb> all cases with an hypothesis like that (equality of different constructors) are automatically discarded
[Tue Sep 10 11:21:52 2013] <sgnb> gdsfh: gagalium?
[Tue Sep 10 11:22:35 2013] <gdsfh> sgnb: sorry, gagallium.  http://gallium.inria.fr/blog/a-new-Coq-tactic-for-inversion/
[Tue Sep 10 11:23:46 2013] <sgnb> anyway, inversion is constantly being criticized and there have been talks on replacing it since I started doing Coq in 2007
[Tue Sep 10 11:24:05 2013] <osa1> sgnb: why is that?
[Tue Sep 10 11:24:23 2013] <sgnb> osa1: why is what?
[Tue Sep 10 11:24:44 2013] <sgnb> inversion criticized?
[Tue Sep 10 11:24:47 2013] <osa1> yes
[Tue Sep 10 11:25:14 2013] <sgnb> I guess because it is (sometimes) difficult to predict
[Tue Sep 10 11:25:44 2013] <sgnb> I don't know, I'm not part of the criticizers ;-)
[Tue Sep 10 11:26:31 2013] <osa1> okay
[Tue Sep 10 11:36:04 2013] <Anarchos> i prefer destruct to inversion, it gives more clue on what is going
[Wed Sep 11 07:00:43 2013] <rola> I'm trying to prove that <-> is associative in coq. Am I stating this correctly? Lemma equivassoc : forall p q r : Prop, (p <-> (q <-> r)) <-> ((p <-> q) <-> r).
[Wed Sep 11 07:48:15 2013] <karlicos> Will I be able to prove this lemma without using extentionality axioms?  Inductive single : Set :=
[Wed Sep 11 07:48:15 2013] <karlicos>         | ss : single.
[Wed Sep 11 07:48:15 2013] <karlicos>       Lemma bbb : forall f : single -> bool, (forall x, f x = true) \/ (forall x, f x = false).
[Wed Sep 11 07:48:15 2013] <karlicos>         intro f.
[Wed Sep 11 07:48:15 2013] <karlicos>         
[Wed Sep 11 07:48:21 2013] <karlicos> Ah, sorry
[Wed Sep 11 07:48:53 2013] <karlicos> http://lpaste.net/92848
[Wed Sep 11 09:43:11 2013] <osa1> is it just me or differences between small-step and big-step operational semantics are really not well-defined?
[Wed Sep 11 10:58:16 2013] <Ptival> you?
[Wed Sep 11 10:58:37 2013] <ianjneu> that's a strange utterance for 30 minutes of silence.
[Wed Sep 11 10:59:20 2013] <Ptival> AFAIU, big-step tells you under what conditions an expression reduces to a certain result, and small-step just tells you how an expression evolves step by step in its evaluation
[Wed Sep 11 11:00:52 2013] <Ptival> but the line might be blurry sometimes?
[Wed Sep 11 11:05:06 2013] <ianjneu> It's not blurry. Big step semantics are passe since they don't define limiting behavior.
[Wed Sep 11 11:06:44 2013] <ianjneu> It doesn't really matter for strongly normalizing languages, but often you want to prove preservation properties for such languages, so you might as well use small-step semantics to begin with.
[Wed Sep 11 11:08:48 2013] <Ptival> "such languages"?
[Wed Sep 11 11:09:25 2013] <ianjneu> proven strongly normalizing, like points on the lambda cube.
[Wed Sep 11 11:12:13 2013] <osa1> what is limiting behavior?
[Wed Sep 11 11:14:51 2013] <Ptival> behavior of functions at their limits?
[Wed Sep 11 11:14:55 2013] <ianjneu> osa1: what happens to program evaluation when it's diverging/not terminating
[Wed Sep 11 11:15:21 2013] <ianjneu> they're different due to the difference between productivity and non-productivity.
[Wed Sep 11 11:16:08 2013] <ianjneu> You still might want to know if a term is growing without bound, say, instead of just spinning (like Omega).
[Wed Sep 11 11:16:50 2013] <osa1> ianjneu: is it possible to know if a term is growing without bound?
[Wed Sep 11 11:17:13 2013] <ianjneu> osa1: not in a big-step semantics, since it's just not defined.
[Wed Sep 11 11:17:59 2013] <ianjneu> You'd have to use a co-inductive big-step semantics, which pretty much duplicates the entire relation. It's really silly and unnecessary.
[Wed Sep 11 11:18:43 2013] <osa1> yeah and I don't know co-induction
[Wed Sep 11 11:55:42 2013] <ollehar> <3
[Wed Sep 11 12:44:27 2013] <ollehar> can coq talk with ocaml? like an ffi?
[Wed Sep 11 12:45:55 2013] <gdsfh> ollehar: yes, it can.  Via "Axiom"s.
[Wed Sep 11 12:46:20 2013] <gdsfh> ollehar: http://coq.inria.fr/refman/Reference-Manual025.html
[Wed Sep 11 12:46:37 2013] <ollehar> gdsfh: thx
[Wed Sep 11 12:48:40 2013] <gdsfh> ollehar: the whole idea: you define axioms with right types (note that Prop erasure works both ways), then tell coq how to "extract" them, then use them in your coq code, and after extraction these axioms will be present as calls to some ocaml functions.  it's very textual, sometimes it's subtle, sometimes it's great.
[Wed Sep 11 12:49:46 2013] <ollehar> gdsfh: to be more concrete: I have a Lua library in OCaml. Can I make a wrapper module around it in Coq?
[Wed Sep 11 12:50:21 2013] <ollehar> Or use the Lua module in Coq?
[Wed Sep 11 12:55:39 2013] <gdsfh> ollehar: you can.  I've described the simplest way.  But if the number of definitions you want to be present in coq is great, maybe it's worth to automatize the generation of "Axiom"s, at least partially.
[Wed Sep 11 12:56:01 2013] <gdsfh> Details can be found in manual (link's above) and by experimenting.  I have a coq code that interacts heavily with ocaml code, and everything works fine, just look carefully at extraction's results until you'll understand how extraction works.
[Wed Sep 11 12:56:38 2013] <ollehar> gdsfh: ok thanks, will read some more :)
[Wed Sep 11 17:08:52 2013] <osa1> I think I'll just ignore all proof automation stuff (try/repeat, auto etc.) because they look just too meaningless to me. how can I know that `auto` will work before manually writing the proof? and after writing the proof, what's the point of replacing it with auto?
[Wed Sep 11 17:11:07 2013] <ystael> osa1: Adam Chlipala's book Certified programming with dependent types has a fairly convincing exposition of the opposite point of view
[Wed Sep 11 17:11:20 2013] <ystael> (convincing to me, definitely a novice, anyway)
[Wed Sep 11 17:11:57 2013] <ystael> namely, that you should automate _all_ the trivial parts of your proofs so far as you can, leaving only the essentials (like 'induction')
[Wed Sep 11 17:12:16 2013] <ystael> because that way your proofs are robust against small changes in the shape of their hypotheses or changes in the implementation of Coq
[Wed Sep 11 17:13:32 2013] <osa1> ystael: oh my god I had started that book but left it after seeing the crush tactic
[Wed Sep 11 17:13:38 2013] <Anarchos> Proof Riemann_conjecture. auto. Qed.
[Wed Sep 11 17:13:40 2013] <Anarchos> well ...
[Wed Sep 11 17:15:35 2013] <osa1> I mean let's say auto/crush/whatever-mega-automation-tactic-you-like failed, how can you know if your theorem is not really a theorem or your automation tactic is simply not powerful enough?
[Wed Sep 11 17:17:24 2013] <Ptival> osa1: hopefully they make progress as they fail
[Wed Sep 11 17:17:56 2013] <Ptival> or if they don't make progress it's because there is a non-trivial decision to be made (or a need for a lemma)
[Wed Sep 11 17:18:01 2013] <ystael> I think part of the point is that you need to understand enough Ltac to know what crush (or your magical proof search of choice) is really doing
[Wed Sep 11 17:18:14 2013] <Ptival> yeah I don't think you can use it as a black box
[Wed Sep 11 17:18:28 2013] <ystael> I audited that class when he gave it in 2009? (i think) and learned an awful lot about Ltac automation
[Wed Sep 11 17:18:29 2013] <Ptival> since you have to help it
[Wed Sep 11 17:18:32 2013] <ystael> (which I have since forgotten :( )
[Wed Sep 11 17:18:39 2013] <Ptival> (for your own good? :D)
[Wed Sep 11 17:18:45 2013] <ystael> no, i had a baby :p
[Wed Sep 11 17:18:59 2013] <ystael> nothing that happened more than 48 hours ago exists any longer
[Wed Sep 11 17:19:09 2013] <Ptival> :)
[Wed Sep 11 17:20:05 2013] <ystael> If you don't build proof search carefully then it leaves really obnoxious crap all over your context when it fails
[Wed Sep 11 17:23:28 2013] <karlicos> osa1: Adam Chlipala's tutorial is focused more on code verification rather than on proving (imho), that's why the crush tactic
[Wed Sep 11 17:24:06 2013] <karlicos> While following that tutorial, I didn't use crush at all and proved myself the parts he proved with crush.
[Wed Sep 11 17:24:38 2013] <osa1> as a hobbyist who self-studies all this, I prefer learning principles instead of automation stuff and magic.
[Wed Sep 11 17:26:09 2013] <karlicos> yeah, me too :) So at some point I stopped reading Adam Chipilata's guide since I just couldn't understand some parts of proofs :)
[Wed Sep 11 17:26:21 2013] <karlicos> try Pierce's "Software Foundations"
[Wed Sep 11 17:26:44 2013] <karlicos> It is a lot more detailed
[Wed Sep 11 17:26:55 2013] <osa1> yeah I'm already doing that (in fact, I'm about to finish SF)
[Wed Sep 11 17:27:31 2013] <ystael> osa1: Even given that, I think some stuff (try, try solve, etc) is still useful
[Wed Sep 11 17:27:44 2013] <ystael> It makes it easier to write proofs or sections of proofs as ; chains instead of . chains
[Wed Sep 11 17:28:06 2013] <ystael> I don't think that's really too magic
[Wed Sep 11 17:28:30 2013] <osa1> ok thanks for the discussion .. I have to leave now
[Wed Sep 11 17:35:16 2013] <ollehar> and thanks for the book tips ;)
[Wed Sep 11 22:21:02 2013] <osa1> we can have different proof objects for same theorem, right?
[Thu Sep 12 01:51:42 2013] <Ptival> osa1: yes
[Thu Sep 12 01:52:00 2013] <Ptival> Goal bool. exact true. Goal bool. exact false.
[Thu Sep 12 13:03:01 2013] <ia0> hi everyone!
[Thu Sep 12 13:03:17 2013] <ia0> I can't find how to do an "import qualified" in coq
[Thu Sep 12 13:03:34 2013] <ia0> i.e. give a short name to a module
[Thu Sep 12 13:03:53 2013] <rmk0> ia0: Require A.B.LongName; Module M := LongName;
[Thu Sep 12 13:03:55 2013] <rmk0> should do it
[Thu Sep 12 13:04:15 2013] <ia0> Thanks!
[Thu Sep 12 13:05:25 2013] <ia0> (it works)
[Thu Sep 12 15:42:33 2013] <rmk0> anyone know of a simple example showing operational semantics for left-to-right evaluation of arguments to n-ary functions?
[Thu Sep 12 15:42:46 2013] <rmk0> i don't mean in coq, just a written example
[Thu Sep 12 15:42:56 2013] <rmk0> small step
[Thu Sep 12 15:43:32 2013] <rmk0> i'm attempting to formalize a small language i've been working on, i'd like to see how other authors have documented
[Thu Sep 12 15:43:57 2013] <Anarchos> rmk0 did you look the boof "software foundations" of B. C. Pierce online ? There is such a sample in it
[Thu Sep 12 15:45:04 2013] <rmk0> Anarchos: i'm familar with the book... i don't remember that being in there. will check again!
[Thu Sep 12 15:45:15 2013] <Anarchos> it was near the end
[Thu Sep 12 15:45:25 2013] <Anarchos> you can look at compcert too
[Thu Sep 12 15:45:59 2013] <rmk0> does it use left-to-right evaluation for C?
[Thu Sep 12 15:53:28 2013] <rmk0> can't seem to find n-ary functions in SF...
[Thu Sep 12 23:39:12 2013] <osa1> do we have any other alternatives to defining operational semantics as logical relations?
[Thu Sep 12 23:40:20 2013] <osa1> probably not. I was trying to ask for different kind of relations than explained in SF book ...
[Thu Sep 12 23:40:44 2013] <osa1> actually what I'm really asking is probably that what are alternative models for programming languages that can be applied in Coq environment ....
[Thu Sep 12 23:40:58 2013] <osa1> maybe I should go sleep
[Fri Sep 13 09:25:45 2013] <osa1> how to generate glob files for coqdoc ?
[Fri Sep 13 09:42:45 2013] <osa1> how to place links to arbitrary html pages in coqdoc?
[Fri Sep 13 09:52:18 2013] <osa1> anyone?
[Fri Sep 13 10:42:52 2013] <osa1> how is notations in software foundations book translated to symbols in html documents? like ||, ->, =>, <-> etc.
[Fri Sep 13 10:48:27 2013] <gallais> (** printing ~  ~ *)
[Fri Sep 13 10:48:51 2013] <gallais> you can add these kinds of comments in the source code to display some constructs using utf8
[Fri Sep 13 10:49:38 2013] <osa1> gallais: can you give me a concrete example? let's say I want to print '||' as that fat down arrow like in SF book
[Fri Sep 13 10:59:32 2013] <gallais> http://lpaste.net/92946
[Fri Sep 13 10:59:52 2013] <gallais> the relevant part of the manual: http://coq.inria.fr/V8.2pl1/refman/Reference-Manual018.html
[Fri Sep 13 11:00:55 2013] <osa1> how to test strings for equality?
[Fri Sep 13 11:01:01 2013] <osa1> gallais: thanks, looking now
[Fri Sep 13 11:02:15 2013] <osa1> gallais: your lpaste code doesn't work for me. it prints vv in the code
[Fri Sep 13 11:07:20 2013] <osa1> can't find string_eq_bool in standard library
[Fri Sep 13 11:28:29 2013] <ystael> osa1: are you looking for Coq.Strings.String.string_dec ?
[Fri Sep 13 11:31:40 2013] <osa1> ystael: just saw that but didn't understand how does that work
[Fri Sep 13 11:35:12 2013] <ystael> osa1: The return type of string_dec is a decidable equality proof: {s1 = s2} + {s1 <> s2} is a tagged disjoint union which you can pattern match to get either a proof of s1 = s2 or a proof of s1 <> s2
[Fri Sep 13 11:36:10 2013] <osa1> ystael: yeah and how can I get a bool from that? (to be used in a if conditional)
[Fri Sep 13 11:36:19 2013] <osa1> also, where should I look for a division function?
[Fri Sep 13 11:37:27 2013] <ystael> replace the if with a pattern match:  match (string_dec s1 s2) with | left _ => (truecode) | right _ => (falsecode) end
[Fri Sep 13 11:38:22 2013] <ystael> or you can put that pattern match into a function string_eq_bool and then use if on the result of that
[Fri Sep 13 11:39:10 2013] <osa1> ystael: wow ... this worked "if string_dec id' id then Some n else lookup rest id"
[Fri Sep 13 11:39:12 2013] <osa1> how can this work??
[Fri Sep 13 11:41:20 2013] <ystael> ... oh, right, i forgot
[Fri Sep 13 11:41:33 2013] <ystael> 'if' is syntactic sugar for *any* pattern match on two-constructor datatypes with irrelevant arguments
[Fri Sep 13 11:41:38 2013] <ystael> see Coq reference manual sectino 2.2.2
[Fri Sep 13 11:41:57 2013] <ystael> it works exactly the same on bool as on decidable equality types, if you don't care about the proof terms
[Fri Sep 13 11:43:42 2013] <ystael> where you should look for a division function depends on the number type you'er using
[Fri Sep 13 11:44:21 2013] <osa1> ystael: ok so we have decidable equality proof that says for every strings s1 and s2 we know they are either equal or not but for two particular strings how do we know whether or not they're equal?
[Fri Sep 13 11:44:24 2013] <osa1> ystael: nat
[Fri Sep 13 11:46:52 2013] <ystael> osa1: you apply string_dec to your particular strings.  the type of string_dec is forall s1 s2 : string, {s1 = s2} + {s1 <> s2}, so the type of (string_dec mystring mystring') is {mystring = mystring'} + {mystring <> mystring'}
[Fri Sep 13 11:47:17 2013] <ystael> you pattern match on that (or use if) to get a proof of {mystring = mystring'} or a proof of {mystring <> mystring'}
[Fri Sep 13 11:48:58 2013] <osa1> ystael: about division, I have proof of my divisor <> 0, is there a function for me to divide two nats?
[Fri Sep 13 11:49:19 2013] <ystael> If the standard library has division for Peano naturals (the primitive 'nat') I don't know where it is
[Fri Sep 13 11:49:43 2013] <gallais> 16:36 < osa1> ystael: yeah and how can I get a bool from that? (to be used in a if conditional)
[Fri Sep 13 11:49:57 2013] <gallais> i think there's an implicit coercion from dec to bool
[Fri Sep 13 11:52:01 2013] <osa1> ok so what numeric type work for me? I have a proof of divisor <> 0 and I want to make division
[Fri Sep 13 11:53:34 2013] <ystael> you can _write_ division on nat, I just don't know whether it's in the standard library somewhere
[Fri Sep 13 11:54:15 2013] <ystael> Look through the standard library, you may try N from BinNat
[Fri Sep 13 12:09:17 2013] <anders__> hello. I am new to coq. I have the following problem. I have the goal "x R z" and the assumptions "x R y" and "y R z" and "transitive R". What tactic finishes the proof?
[Fri Sep 13 12:30:58 2013] <Ptival> anders__: if you declared the transitivity of R as an instance of Transitive, 'transitivity y; assumption' should finish it
[Fri Sep 13 12:31:28 2013] <Ptival> otherwise, you probably want to 'eapply <proof of transitive R>; eassumption.'
[Fri Sep 13 12:32:06 2013] <osa1> Ptival: what do you mean by "instance" ? do we have interfaces or typeclasses in Coq?
[Fri Sep 13 12:35:32 2013] <jgross_> osa1: http://coq.inria.fr/V8.4pl2/refman/Reference-Manual022.html <- Typeclasses 
[Fri Sep 13 12:37:24 2013] <anders__> Ptival: thanks! the latter approach worked. the relation R is transitive by virtue of being the transitive reflexive closure of another relation S, obtained by R := clos_refl_trans S. the transitivity is proved by clos_rt_is_preorder. how would I do to declare R as an instance of Transitive?
[Fri Sep 13 12:47:09 2013] <anders__> Another question: if I have "same_relation R S" how do I get "R = S" ?
[Fri Sep 13 12:51:25 2013] <Ptival> anders__: this is not true
[Fri Sep 13 12:51:39 2013] <anders__> ok. why not?
[Fri Sep 13 12:52:24 2013] <Ptival> Coq's notion of equality is not "extensional", meaning that the fact that two things behave exactly the same is not sufficient for them to be equal
[Fri Sep 13 12:54:19 2013] <osa1> oh god I'm searching through documentation for a function for divide ... I can use any numeric types can anyone help me?
[Fri Sep 13 12:54:22 2013] <Ptival> for instance, "being an even number >= 0" and "being an even number >= 1" are two different relations intensionally, even though they are the same relation extensionally
[Fri Sep 13 12:56:24 2013] <Ptival> osa1: there seems to be a Z.div in BinInt
[Fri Sep 13 12:56:54 2013] <osa1> is Z a module?
[Fri Sep 13 12:57:16 2013] <Ptival> yes
[Fri Sep 13 12:57:29 2013] <anders__> I see. So then if I have "same_relation R S" how do I prove something true of R if I have that it is true of S?
[Fri Sep 13 12:58:28 2013] <Ptival> same_relation R S := inclusion R S /\ inclusion S R
[Fri Sep 13 12:58:37 2013] <anders__> yes
[Fri Sep 13 12:58:45 2013] <Ptival> inclusion A B := forall x y, A x y -> B x y
[Fri Sep 13 12:59:16 2013] <anders__> yes
[Fri Sep 13 12:59:45 2013] <Ptival> so you can "apply (proj1 <same_relation R S>) in <R a b>." to make a <S a b>
[Fri Sep 13 13:00:01 2013] <Ptival> so you can "apply (proj2 <same_relation R S>) in <S a b>." to make a <R a b>
[Fri Sep 13 15:51:22 2013] <osa1> oh wow
[Fri Sep 13 15:51:32 2013] <osa1> why is it broken now http://lpaste.net/92951 ?
[Fri Sep 13 15:51:42 2013] <osa1> oh right because I imported string library
[Fri Sep 13 15:51:52 2013] <osa1> is there a way to fix this without removing the lib
[Fri Sep 13 16:18:43 2013] <Ptival> maybe put an Opaque string. somewhere?
[Fri Sep 13 16:18:45 2013] <Ptival> not sure
[Fri Sep 13 16:30:55 2013] <ystael> osa1: maybe the problem is that string_scope is open so when you write a quoted string for the Case tactic it gets interpreted into string_scope?
[Fri Sep 13 16:31:11 2013] <ystael> maybe the problem is the open notation scope rather than the library itself?
[Fri Sep 13 16:34:50 2013] <Ptival> yeah
[Fri Sep 13 17:04:38 2013] <osa1> ystael: probably. how can I close notation scope?
[Fri Sep 13 17:07:28 2013] <ystael> osa1: Close Scope string_scope
[Fri Sep 13 17:07:39 2013] <ystael> maybe then you will see a difference between "label" and "label"%string
[Fri Sep 13 17:12:50 2013] <osa1> ystael: after close_scope I'm getting "no interpretation for string" error
[Fri Sep 13 17:15:39 2013] <ystael> hm, that clearly wasn't the right thing to do then
[Fri Sep 13 17:19:17 2013] <ystael> osa1: I don't have much more insight to offer.  I wonder if adding the String notation makes Ltac and Gallina 'argue' over who owns the interpretation of strings?
[Fri Sep 13 17:19:39 2013] <ystael> like when the "" string notation is there, "label" is parsed as a Gallina term, but when it's not there, it goes intact to Ltac and the Case tactic does what you expect
[Fri Sep 13 17:19:49 2013] <ystael> I'm just whistling in the dark here
[Fri Sep 13 17:21:08 2013] <osa1> seriously
[Fri Sep 13 17:21:27 2013] <osa1> how do people use Case tactics with string library imported
[Fri Sep 13 17:21:52 2013] <ystael> the answer may very well be "they don't"
[Fri Sep 13 17:21:58 2013] <ystael> not like Case is part of the standard library
[Fri Sep 13 17:21:59 2013] <osa1> yeah
[Fri Sep 13 17:22:31 2013] <osa1> maybe Case tactics aren't that much useful .. I find them very very useful when combined with some Ltacs to generate them automatically,
[Fri Sep 13 17:22:45 2013] <osa1> Software Foundations style
[Fri Sep 13 17:24:02 2013] <jgross_> Have you tried something like "Local Close Scope string_scope."? 
[Fri Sep 13 17:24:14 2013] <osa1> no. one sec.
[Fri Sep 13 17:24:55 2013] <osa1> jgross_: same error ("no interpretation for string")
[Fri Sep 13 17:27:02 2013] <jgross_> Sorry, what code is this that you're having trouble with? 
[Fri Sep 13 17:29:33 2013] <osa1> jgross_: just import String
[Fri Sep 13 17:29:38 2013] <osa1>  and then use Case tactic
[Fri Sep 13 17:32:55 2013] <jgross_> Can you paste the line of code you use to call "Case" and also the output of "Print Ltac Case."?  (Also, see if "Local Open Scope string_scope." works (Open rather than Close) 
[Fri Sep 13 17:40:40 2013] <osa1> hmm wait. I think I found a bug in my editor's coq plugin and it doesn't undo some commands.
[Fri Sep 13 17:41:43 2013] <osa1> ok yeah I reloaded my editor and now it works.
[Sat Sep 14 02:17:49 2013] <defanor_> http://www.cis.upenn.edu/~bcpierce/sf/Prop.html -- I'm proving those theorems from additional exercises with "forall (X: Type) (l: list X)" instead of just "forall l". Is it right, or something is wrong with my palindrome definition?
[Sat Sep 14 02:17:58 2013] <defanor_> was not able to state them without Type
[Sat Sep 14 02:19:04 2013] <defanor_> like this: Inductive pal {X: Type} : list X -> Prop
[Sat Sep 14 11:06:43 2013] <Ptival> defanor: no you are right, you need to pass the type of the list
[Sat Sep 14 11:10:20 2013] <defanor> thanks
[Sat Sep 14 17:03:39 2013] <osa1> my proofs look so bad it's depressing
[Sat Sep 14 17:05:39 2013] <osa1> what is that ... syntax?
[Sat Sep 14 17:06:36 2013] <osa1> I don't remember SF explaining that but suddenly it's used
[Sat Sep 14 18:34:00 2013] <Ptival> osa1: if I understand your question correctly
[Sat Sep 14 18:34:08 2013] <Ptival> you can do Proof with (some tactics).
[Sat Sep 14 18:34:30 2013] <Ptival> and in the proof, every time you want to '; some tactics.' you can just '...'
[Sat Sep 14 18:38:35 2013] <osa1> Ptival: and how does that fill "some tactics" part ?
[Sat Sep 14 23:17:49 2013] <Ptival> osa1: you have to write what you want there
[Sat Sep 14 23:18:07 2013] <Ptival> it's basically a shortcut to call some tactics that will occur frequently during that proof
[Sun Sep 15 19:32:36 2013] <samg_> I'm reading Software Foundations and working through the examples. I am stuck on the mult_comm question, but I have a smaller question that I ran into when trying to figure out mult_comm.
[Sun Sep 15 19:33:08 2013] <samg_> I can't figure out how to prove something very simple, that forall n : nat, S n = n + 1.
[Sun Sep 15 19:34:38 2013] <samg_> I don't know very many tactics. Just simpl. reflexivity. rewrite. destruct. and induction.
[Sun Sep 15 19:36:16 2013] <samg_> I just don't see how this simply follows from the definition of S.
[Sun Sep 15 19:36:39 2013] <samg_> That was confusingly worded. It seems like this _does_ follow simply from the definition of S.
[Sun Sep 15 19:37:14 2013] <osa1> samg_: you should do induction on n.
[Sun Sep 15 19:38:09 2013] <osa1> samg_: http://lpaste.net/93034
[Sun Sep 15 19:39:06 2013] <samg_> I got it :)
[Sun Sep 15 19:39:40 2013] <karlicos> samg_: if you had defined + by the induction on the second argument, it would have been by the definition indeed
[Sun Sep 15 19:40:22 2013] <samg_> Interesting. I defined it by induction on the first argument.
[Sun Sep 15 19:40:35 2013] <karlicos> yeah, it's usually on the first
[Sun Sep 15 19:40:53 2013] <samg_> If I have plus_comm, then, I should be able to prove this without induction?
[Sun Sep 15 19:41:00 2013] <samg_> Hold on, that was lazy. Let me try.
[Sun Sep 15 19:41:24 2013] <karlicos> you should be able to prove forall n, S n = 1 + n without induction, this is indeed by the definition
[Sun Sep 15 19:42:11 2013] <samg_> Indeed.
[Sun Sep 15 20:20:34 2013] <samg_> Hmm... I'm stuck again. http://lpaste.net/93035
[Sun Sep 15 21:21:07 2013] <samg_> Cool! I proved mult_comm :)
[Sun Sep 15 21:21:29 2013] <samg_> I'm sure it seems simple to you all, but it's taken me 2 days.
[Sun Sep 15 21:47:19 2013] <kini> congratulations samg_ :)
[Mon Sep 16 01:32:23 2013] <samg_> I'm having trouble defining addition for a binary number representation, described in Software Foundations.
[Mon Sep 16 01:32:26 2013] <samg_> http://lpaste.net/93040
[Mon Sep 16 01:33:11 2013] <samg_> The error is "Error: Cannot guess decreasing argument of fix." The book mentions this, and mentions that this might require me to write things in an unusual way.
[Mon Sep 16 01:34:49 2013] <samg_> Can someone help me understand why Coq can't guess the decreasing argument, so I might work around it?
[Mon Sep 16 01:38:32 2013] <ezyang> Coq's termination checker is very simple.
[Mon Sep 16 01:38:56 2013] <ezyang> It looks to see if there is some argument, for which it *always* gets smaller in the recursive call.
[Mon Sep 16 01:39:12 2013] <ezyang> In your bin_plus, what argument is always decreasing?
[Mon Sep 16 01:39:31 2013] <ezyang> It's not b, because in the Twice case it gets bigger: (bin_plus b' b')
[Mon Sep 16 01:39:38 2013] <samg_> Ah. I thought it was b, but now I see that it becomes bigger.
[Mon Sep 16 01:39:50 2013] <ezyang> It's not c, because it always stays the same
[Mon Sep 16 01:45:18 2013] <samg_> That was just what I needed to know. I haven't proved it yet, but I got PG to accept my definition. :)
[Mon Sep 16 02:19:52 2013] <benl23> ezyang: ping?
[Mon Sep 16 02:19:59 2013] <ezyang> pong
[Mon Sep 16 02:20:17 2013] <ezyang> HiW?
[Mon Sep 16 02:20:26 2013] <benl23> yep ?
[Mon Sep 16 02:20:51 2013] <ezyang> Ryan Newton said that he was going to post the program, so I think if you can get in touch with him it will go up
[Mon Sep 16 02:21:08 2013] <benl23> how long ago did he say that?
[Mon Sep 16 02:21:13 2013] <ezyang> A while ago ^^
[Mon Sep 16 02:21:19 2013] <benl23> weeks?
[Mon Sep 16 02:21:33 2013] <ezyang> Aug 23
[Mon Sep 16 02:21:51 2013] <benl23> hrm.
[Mon Sep 16 02:22:00 2013] <ezyang> Though, I'm pretty sure we notified all the speakers
[Mon Sep 16 02:22:09 2013] <benl23> If you know who is speaking someone else from the PC should at least post the list of talks
[Mon Sep 16 02:22:19 2013] <ezyang> OK, I'll go ahead and do that
[Mon Sep 16 02:22:20 2013] <benl23> otherwise attendees don't know what they're in for
[Mon Sep 16 02:22:46 2013] <benl23> you can just say "schedule yet to be determined", but still post the names of the speakers and talk titles
[Mon Sep 16 02:22:52 2013] <ezyang> Yep, that's pretty reasonable
[Mon Sep 16 02:22:55 2013] <benl23> ok, thanks.
[Mon Sep 16 02:27:28 2013] <ezyang> benl23: OK, done
[Mon Sep 16 02:27:35 2013] <ezyang> I'll incrementally post the abstracts
[Mon Sep 16 02:27:54 2013] <benl23> ezyang: cool, thanks.
[Mon Sep 16 02:27:58 2013] <benl23> abstracts would also be good
[Mon Sep 16 02:28:45 2013] <benl23> Without abstracts you won't get a good turnout
[Mon Sep 16 02:29:15 2013] <ezyang> gotcha
[Mon Sep 16 02:38:27 2013] <ezyang> benl23: OK, all done. Thanks for poking!
[Mon Sep 16 02:38:35 2013] <benl23> :)
[Mon Sep 16 02:39:22 2013] <ezyang> * sprinkles wiki magic to get the author names linkified... I wish 
[Mon Sep 16 02:43:37 2013] <defanor_> i'm stuck on palindrome_converse from http://www.cis.upenn.edu/~bcpierce/sf/Prop.html, need some advice. i have already proved that 'forall (X : Type) (x : X) (l : list X), pal (l ++ rev (snoc l x))' and 'forall (X : Type) (x : X) (l : list X), pal (l ++ [x] ++ rev l)', and googled the 'exists' tactic, but not sure if it's the right way ('exists' was not introduced in the book yet)
[Mon Sep 16 02:47:38 2013] <defanor_> oh, the first one is not important. i've thoight about using a theorem from previous exercise (pal (l ++ rev l)) and the second one (pal (l ++ [x] ++ rev l))
[Mon Sep 16 02:48:53 2013] <defanor_> and googled 'exists' to prove that one of such lists exists for any l = rev l
[Mon Sep 16 02:49:30 2013] <defanor_> but have trouble with that proof too. did not learned 'exists' and disjunction yet
[Mon Sep 16 05:19:02 2013] <coqNewbie> having "match ...  in T return (F T) with ...", what should I apply to (F T) to make it compute its result (normalize?); for example, if F T = R, I would like to be able to return r : R in each branch (instead of r : F T)
[Mon Sep 16 18:21:59 2013] <osa1> is there a case where inversion helps solving the proof but destruct combined with some other tactics cannot help?
[Mon Sep 16 18:24:02 2013] <Ptival> osa1: destruct abstracts over concrete indices, forgetting their values
[Mon Sep 16 18:24:12 2013] <Ptival> but you can sort of do inversion by using remember before
[Mon Sep 16 18:24:19 2013] <Ptival> I believe
[Mon Sep 16 18:24:55 2013] <osa1> hmm
[Mon Sep 16 18:25:18 2013] <Ptival> you can probably simulate inversion entirely with rememer, destruct, and something like discriminate
[Mon Sep 16 18:25:56 2013] <osa1> okay so what does "concrete indices" mean?
[Mon Sep 16 18:26:20 2013] <Ptival> if you destruct an indexed type
[Mon Sep 16 18:27:17 2013] <Ptival> by concrete I mean that there is at least a head constructor in an index
[Mon Sep 16 18:27:20 2013] <Ptival> for instance
[Mon Sep 16 18:27:34 2013] <Ptival> T : bool -> Type
[Mon Sep 16 18:27:48 2013] <Ptival> b : bool, t : T b (* the index is not concrete *)
[Mon Sep 16 18:27:57 2013] <Ptival> t : T true (* the index is concrete *)
[Mon Sep 16 18:28:44 2013] <Ptival> if you destruct the latter, Coq will forget that the index was the concrete value 'true', and replace it with some unknown boolean
[Mon Sep 16 18:29:39 2013] <Ptival> so sometimes you might lose information, or have spurious cases that don't even have type 'T true'
[Mon Sep 16 18:30:12 2013] <Ptival> inversion will not generate such spurious cases, and will introduce equalities to save the information about partially-concrete indices
[Mon Sep 16 18:30:26 2013] <gallais> it looks like discriminate is building the kind of diagonal arguments Monin was advocating for in the "small inversion" paper (http://hal.archives-ouvertes.fr/docs/00/48/94/12/PDF/paper_1.pdf)
[Mon Sep 16 18:36:27 2013] <Ptival> gallais: oh that's interesting, thanks
[Mon Sep 16 20:26:51 2013] <osa1> Ptival: after trying on a few examples I think I got it. thanks.
[Mon Sep 16 20:27:06 2013] <osa1> so is there a case that one should need to use destruct but inversion doesn't work?
[Mon Sep 16 20:34:57 2013] <Ptival> I was going to say no, but I seem to remember problems with dependent types where inversion is ill-typed but destruction is fine (well, it's fine but it loses information)
[Mon Sep 16 20:35:57 2013] <osa1> hmm
[Mon Sep 16 20:36:06 2013] <osa1> http://lpaste.net/93071 how to do this*
[Mon Sep 16 20:36:55 2013] <osa1> ahhhhh
[Mon Sep 16 20:36:56 2013] <osa1> sorry
[Mon Sep 16 20:37:07 2013] <osa1> nevermind. please forget my last question :p
[Tue Sep 17 10:33:55 2013] <osa1> what's special about this type: forall P . (P -> P) -> P ?
[Tue Sep 17 10:35:00 2013] <Saizan> it's the type of fix?
[Tue Sep 17 10:35:32 2013] <osa1> hm
[Tue Sep 17 10:44:42 2013] <osa1> I'm reading some papers about dependent types and I'm confused -- let's say we allow general recursion on type level but never write non-terminating type level expressions. does that still make our type system unsound or broken in some other sense?
[Tue Sep 17 10:52:09 2013] <Saizan> that's kind of what systems with termination checking do, ensure you only write stuff with a normal form even if the grammar/types allow unrestricted recursion
[Tue Sep 17 10:52:22 2013] <Saizan> and it seems to be fine
[Tue Sep 17 10:52:50 2013] <Saizan> oh, but i guess you want to allow non-terminating stuff at the value level?
[Tue Sep 17 10:52:55 2013] <Saizan> then you can prove false
[Tue Sep 17 10:54:41 2013] <osa1> yeah .. then how does Agda handle this? does that allow type level general recursion but no term level general recursion?
[Tue Sep 17 10:55:28 2013] <ianjneu> osa1: Agda does not allow general recursion. It just has a more powerful termination checker than Coq
[Tue Sep 17 10:55:52 2013] <ianjneu> which is still pretty weak when compared to Vroon and Manolios' stuff.
[Tue Sep 17 10:56:03 2013] <ianjneu> But theirs is for a first-order language.
[Tue Sep 17 10:56:40 2013] <Saizan> osa1: agda has some flags to make it accept programs which the termination checker doesn't approve of, but you do that at your own risk
[Tue Sep 17 10:56:46 2013] <osa1> ianjneu: can we have that kind of more powerful termination checker in Coq without giving up soundness of our system?
[Tue Sep 17 10:57:03 2013] <osa1> Saizan: and in that case does that mean I can prove false?
[Tue Sep 17 10:57:12 2013] <Saizan> osa1: yep
[Tue Sep 17 10:57:20 2013] <osa1> hmm
[Tue Sep 17 10:58:00 2013] <ianjneu> Termination checkers can always be more powerful, by the full employment theorem.
[Tue Sep 17 10:58:39 2013] <osa1> okay so I don't really understand how can non-terminating program prove falsity. I mean I understand how can I do that in programming languages but what I don't really understand is "what does it actually mean" or what are consequences of this
[Tue Sep 17 10:58:48 2013] <Saizan> the termination checker is run over everything, btw, doesn't matter if type or value level (the distinction often depends on context anyway)
[Tue Sep 17 10:58:58 2013] <osa1> ianjneu: is there a theorem like that :-D
[Tue Sep 17 10:59:06 2013] <ianjneu> define f(x) = not f(x)
[Tue Sep 17 10:59:26 2013] <osa1> like in "full employement for PL designers"
[Tue Sep 17 10:59:37 2013] <Saizan> osa1: if you have fix : forall P . (P -> P) -> P, then fix id : forall P. P which lets you prove anything
[Tue Sep 17 10:59:41 2013] <Saizan> including False
[Tue Sep 17 11:00:00 2013] <ianjneu> osa1: full employment theorems exist for any realm that is trying to carve out decidable subsets of undecidable problems.
[Tue Sep 17 11:00:03 2013] <osa1> Saizan: I know this stuff... I think I couldn't express myself
[Tue Sep 17 11:00:10 2013] <Saizan> fix id doesn't have a normal form though
[Tue Sep 17 11:01:03 2013] <Saizan> osa1: oh, i guess the missing link is that there's no closed normal form which has the type "False" so no closed term of that type can have a normal form
[Tue Sep 17 11:01:11 2013] <Saizan> hence they must be non-terminating
[Tue Sep 17 11:01:30 2013] <osa1> wow
[Tue Sep 17 11:01:38 2013] <ianjneu> Due to the full employment theorem for logicians, there will never be a best logic to work in. Type theorists cannot claim to have described, "all of math" because math includes the informal boundary-pushing for better logics.
[Tue Sep 17 11:02:14 2013] <osa1> Saizan: that's really a good insight and will probably help me get a better understanding after some thinking
[Tue Sep 17 11:10:16 2013] <osa1> so about my early questions: is it sensible to allow non-terminating programs in type level but disallow them in term level? I mean does such a sentence even make sense? because as far as I can understand type and term level distinction are really blurry in dependently typed PLs so I though maybe there is no distinction at all
[Tue Sep 17 11:18:25 2013] <osa1> is there such a thing like "running a Coq program" or all we can do is to type check them?
[Tue Sep 17 11:19:03 2013] <Saizan> if you allow me to define and use D : Set; D = D -> D; i can embed the untyped lambda calculus
[Tue Sep 17 11:19:18 2013] <Saizan> osa1: yeah, in fact if you can't run coq programs you can't typecheck them
[Tue Sep 17 11:19:28 2013] <ianjneu> osa1: Compute allows you to get normal forms, and you can also extract Coq programs into OCaml, and to some extent Haskell and Scheme.
[Tue Sep 17 11:19:46 2013] <Saizan> well, i mean typechecking a program is probably going to involve running of other programs
[Tue Sep 17 11:21:34 2013] <osa1> " D : Set; D = D -> D;" what syntax is that? how does this work?
[Tue Sep 17 11:21:57 2013] <Saizan> that's Agda, sorry
[Tue Sep 17 11:22:22 2013] <osa1> is there a Coq equivalent :-)
[Tue Sep 17 11:22:38 2013] <Saizan> i guess in Coq it'd be "Definition D : Type := D -> D;" ?
[Tue Sep 17 11:23:38 2013] <Saizan> osa1: anyhow i think you might be interested in the trelly project
[Tue Sep 17 11:24:30 2013] <osa1> Saizan: this https://code.google.com/p/trellys/ ?
[Tue Sep 17 11:24:39 2013] <Saizan> osa1: from what i've heard they aim to have a good story to handle not-necessarily-terminating definitions while keeping consistency, i guess they have some way to restrict their use
[Tue Sep 17 11:24:53 2013] <Saizan> osa1: yep!
[Tue Sep 17 11:26:22 2013] <Saizan> there are some publications on it
[Tue Sep 17 11:26:31 2013] <osa1> now I wonder what is Idris' position in this terminating/non-terminating discussion because it claims to be _practical_ so I guess it needs to have some way of implementing general recursion while keeping the system sound?
[Tue Sep 17 11:26:46 2013] <osa1> Saizan: that definitely looks interesting. thanks.
[Tue Sep 17 11:29:13 2013] <Saizan> osa1: Idris is not that far from Agda, i guess it has 3 levels: total, partial, asserted total
[Tue Sep 17 11:29:59 2013] <Saizan> partial stuff is not unfolded at typechecking but it's still there, if you want to be sure a proof is valid you have to require it to be total
[Tue Sep 17 11:30:21 2013] <Saizan> asserted total is when you think you know better than the checker and override it
[Tue Sep 17 11:34:24 2013] <osa1> are total and terminating same things?
[Tue Sep 17 11:37:30 2013] <Saizan> well, terminating is more operational i guess, while total is more denotational and in general use total is more likely to cover the coinductive case
[Tue Sep 17 11:38:35 2013] <osa1> where can I learn more about coinduction?
[Tue Sep 17 11:41:13 2013] <Saizan> good question, i don't really know though
[Tue Sep 17 11:41:25 2013] <ianjneu> osa1: http://adam.chlipala.net/cpdt/html/Coinductive.html
[Tue Sep 17 11:58:03 2013] <defanor_> sorry for repetition, but i'm stuck on palindrome_converse exercise from http://www.cis.upenn.edu/~bcpierce/sf/Prop.html and need some hint/advice about it
[Tue Sep 17 12:10:32 2013] <Saizan> defanor_: if you show how far you got it'll be easier to give hints, i think
[Tue Sep 17 12:14:05 2013] <defanor_> Saizan: i've just proved some lemmas, but they are probably useless: http://coq.xelpaste.org/8258
[Tue Sep 17 12:14:49 2013] <defanor_> had a lot of attempts, but erased them yesterday
[Tue Sep 17 12:18:37 2013] <defanor_> http://coq.xelpaste.org/8259 -- here they are, from the undo history, but it's a mess there. and i can't say for sure which of those tries is further, cause all of them could be wrong
[Tue Sep 17 12:20:12 2013] <Saizan> the definition of pal would also help I think, though i'm no Coq programmer myself
[Tue Sep 17 12:22:17 2013] <defanor_> oh, right, here it is: http://coq.xelpaste.org/8260
[Tue Sep 17 12:46:26 2013] <Saizan> i think you might want to strengthen your induction to forall xs l, xs ++ l = rev l ++ rev xs -> pal l. so that recursive calls are easier, but no guarantees :)
[Tue Sep 17 12:46:40 2013] <Saizan> rev is such an annoying function
[Tue Sep 17 12:48:01 2013] <defanor_> thanks, i'll try
[Tue Sep 17 14:48:35 2013] <defanor_> Saizan: it worked, yay!
[Tue Sep 17 16:39:40 2013] <reynir> I have made a tactic, and on this particular term it will always produce the same result (which can be simplified to the original term). When I do "repeat mytactic." It seems to stop after ~2 iterations. How come?
[Tue Sep 17 16:41:15 2013] <reynir> Does it somehow check if it is repeating on an identical term and then stop?
[Tue Sep 17 16:41:35 2013] <reynir> I expected an infinite loop :)
[Tue Sep 17 16:54:55 2013] <Zedrikov> reynir: you may be interested in the "progress" tactic, see the reference manual (and look "repeat" too).
[Tue Sep 17 16:55:33 2013] <Zedrikov> http://coq.inria.fr/refman/Reference-Manual011.html#hevea_tactic181
[Tue Sep 17 16:56:06 2013] <Zedrikov> http://coq.inria.fr/refman/Reference-Manual011.html#hevea_tactic179
[Tue Sep 17 17:04:21 2013] <reynir> Zedrikov: It's not clear to me from the documentation that repeat should stop in that case
[Tue Sep 17 17:04:35 2013] <reynir> Thanks for the pointer to progress!
[Tue Sep 17 17:05:17 2013] <Ptival> yeah there's a tactic that never fails but stops when 'repeat'ed
[Tue Sep 17 17:05:34 2013] <Ptival> which is, while weird, guiltily practical
[Tue Sep 17 17:09:34 2013] <reynir> It isn't possible to prove [zeroes = Cons 0 zeroes] where zeroes is the infinite stream of zeroes, right?
[Tue Sep 17 17:37:26 2013] <Zedrikov> reynir: Do you mean with coinductives ?
[Tue Sep 17 17:38:16 2013] <Zedrikov> If so, yes, as far as I know it is not possible without additionnal axioms.
[Tue Sep 17 17:39:08 2013] <Zedrikov> And in inductive cases, you cannot define 'zeroes'.
[Tue Sep 17 17:41:49 2013] <Zedrikov> The idea of the reason you cannot do it is that you cannot reason by induction (since the type is not finite), and you cannot reason by coinduction (since a cofixpoint must produce a coinductive and "eq" is inductive).
[Tue Sep 17 17:42:14 2013] <Zedrikov> Setting eq as coinductive won't work either.
[Tue Sep 17 17:44:20 2013] <reynir> Yea, thanks
[Tue Sep 17 17:44:23 2013] <Zedrikov> But still you can define something like "CoInductive eq_stream (A : Type) (x y : stream A) : Prop := EqCons : head x = head y → eq_stream A (tail x) (tail y) → eq_stream A x y."
[Tue Sep 17 17:44:34 2013] <reynir> Yea I know
[Tue Sep 17 17:44:39 2013] <Zedrikov> And in this situation you can prove your equality.
[Tue Sep 17 17:44:58 2013] <Zedrikov> (well eq_stream equality in fact)
[Tue Sep 17 19:44:03 2013] <robbert> reynir: another argument why it's not provable, [zeroes] and [Cons 0 zeroes] are both closed terms, hence [zeroes = Cons 0 zeroes] is provable iff [refl : zeroes = Cons 0 zeroes], and since [zeroes] and [Cons 0 zeroes] are not convertable, that's not going to happen.
[Tue Sep 17 20:01:41 2013] <robbert> Hmm, you can actually prove that, see http://lpaste.net/93106. The weird thing however, if you normalize the proof, it's indeed a refl (which is AFAIK impossible).
[Tue Sep 17 20:01:50 2013] <robbert> But if you recheck the normalized proof, it will fail
[Tue Sep 17 20:02:02 2013] <robbert> does this have to do with the failure of subject reduction due to coinductive types?
[Tue Sep 17 20:02:12 2013] <robbert> or am I too sleepy to see what's actually going on
[Tue Sep 17 20:48:40 2013] <robbert> reading Georges Gonthier's message here: http://permalink.gmane.org/gmane.science.mathematics.logic.coq.club/3608
[Tue Sep 17 20:49:11 2013] <robbert> I guess my problem is related, it's also due to cofix expansions in dependent pattern matches
[Tue Sep 17 20:50:16 2013] <robbert> So, this means that the reasoning I used above to show that something is not provable, does not work when dealing with coinductive types (because of the failure of subject reduction)
[Wed Sep 18 08:41:27 2013] <reynir> I don't think I fully understand notation scope
[Wed Sep 18 09:34:42 2013] <reynir> Emacs coq-mode / proofgeneral question: Is there a keybinding to toggle "Ltac Debug"?
[Wed Sep 18 11:49:54 2013] <osa1> hi all. more questions related with yesterday's discussion: let's say my system allows general recursion in program level but I'm always running the proofs. does that still make my system unsound? because for instance this proof: forall a. a will never terminate and thus is not a valid proof in my system. or is there value with type 'forall a. a' that
[Wed Sep 18 11:49:54 2013] <osa1> terminates?
[Wed Sep 18 11:59:45 2013] <Saizan> usually the problems comes from proofs of implications
[Wed Sep 18 12:01:15 2013] <osa1> how?
[Wed Sep 18 12:02:36 2013] <Saizan> because in some cases i can make a proof f of X -> Y that has a normal form but for some x : X you get that (f x) is non-terminating
[Wed Sep 18 12:03:15 2013] <Saizan> so in a sense you can't ever trust proofs of implication, you can only verify each application of them
[Wed Sep 18 12:03:52 2013] <Saizan> though i guess that might not be enough to make your system unsound, tbf
[Wed Sep 18 12:04:22 2013] <Saizan> it will still be inconsistent, but it won't just do random things
[Wed Sep 18 12:04:59 2013] <Saizan> that's pretty much the situation Haskell is in
[Wed Sep 18 12:07:22 2013] <osa1> I don't understand this argument. if x is not terminating that it's not a valid prof.
[Wed Sep 18 12:07:26 2013] <osa1> proof*
[Wed Sep 18 12:07:37 2013] <osa1> so it cannot be used for implications
[Wed Sep 18 12:08:07 2013] <Saizan> x is terminating
[Wed Sep 18 12:08:11 2013] <Saizan> but (f x) isn't
[Wed Sep 18 12:08:42 2013] <osa1> ahh so f x is not terminating for some x but terminating for other x
[Wed Sep 18 12:09:06 2013] <Saizan> right, but also 'f' itself as an expression might be terminating
[Wed Sep 18 12:09:52 2013] <Saizan> which is the only thing you can realistically check by reduction, the domain of f might be infinite
[Wed Sep 18 12:10:40 2013] <osa1> hmm
[Wed Sep 18 12:11:48 2013] <osa1> okay so what happens if I just ignore non-terminating f x and count terminating f x as valid proofs?
[Wed Sep 18 12:14:40 2013] <Saizan> i was assuming you'd do that
[Wed Sep 18 12:15:55 2013] <Saizan> my point was: would a f like the above be a valid proof of X -> Y? and if not how do you tell it apart from valid ones?
[Wed Sep 18 12:16:47 2013] <osa1> what is source of inconsistency here? is it because type of f is `forall (P : X -> Prop)` but for some x : X it doesn't give us a proof so that `forall` is somewhat ... wrong?
[Wed Sep 18 12:16:52 2013] <Saizan> though i must say i haven't worked out the details of this stuff, so there might be room for a positive resolution
[Wed Sep 18 12:17:50 2013] <Saizan> osa1: yeah
[Wed Sep 18 12:18:42 2013] <Saizan> osa1: which i guess is not exactly like saying "you can derive False" but it's still worrying
[Wed Sep 18 12:20:30 2013] <osa1> yeah. ok so let's say I find a way to mimic dependent types in Haskell, what features of Haskell prevents it from being a proof assistant? (other than the termination stuff we just talked)
[Wed Sep 18 12:25:29 2013] <Saizan> osa1: if you make it consistent then i guess it'd just need some tool support or language feature to make proofs easier
[Wed Sep 18 12:28:32 2013] <osa1> (though I'm not sure if there's a way to mimic Coq's 'forall' syntax in Haskell's function types -- I think this types are called 'pi' types or something like that)
[Wed Sep 18 12:30:52 2013] <Saizan> you can mimic _some_ dependent types through singleton types, SHE by McBride had some preprocessing on that vein
[Wed Sep 18 12:31:12 2013] <Saizan> i wonder if haskell has an 'f' like i described above
[Wed Sep 18 12:43:02 2013] <osa1> Saizan: f = \case -> { 0 -> f 0; n -> n } ?
[Wed Sep 18 12:44:48 2013] <osa1> ops that first arrow should not be there: \case { ... }
[Wed Sep 18 12:47:35 2013] <osa1> f 0 = f 0; f n = n
[Wed Sep 18 12:58:25 2013] <osa1> is there a reason to not to use inversion and use destruct instead?
[Wed Sep 18 13:00:45 2013] <ianjneu> speed & memory I imagine.
[Wed Sep 18 13:01:41 2013] <osa1> okay so can we say that inversion is strictly more powerful that destruct? e.g. if I can prove with destruct I can also prove with inversion?
[Wed Sep 18 13:03:18 2013] <osa1> s/that/than
[Wed Sep 18 13:07:59 2013] <Ptival> well, as I said yesterday, my intuition would tell me "yes", but in practice I believe some problems are ok to destruct, but somehow ill-typed by inversion
[Wed Sep 18 13:08:14 2013] <ianjneu> second Ptival
[Wed Sep 18 13:08:18 2013] <Ptival> so you'd have to do a dependent inversion
[Wed Sep 18 13:09:02 2013] <Ptival> dependent inversion ought to be strictly more powerful than destruct
[Wed Sep 18 13:09:20 2013] <Ptival> but maybe I'm ignoring some issues :)
[Wed Sep 18 13:09:34 2013] <osa1> uh. never heard "dependent inversion" before.
[Wed Sep 18 13:11:09 2013] <Ptival> it's similar to inversion but you can specify a return annotation
[Wed Sep 18 13:15:41 2013] <chris2> coq doesn't have axiom K by default, right? but it is considered to have "dependent pattern matching"?
[Wed Sep 18 13:18:24 2013] <ianjneu> chris2: dependent pattern matching is the application of a type's induction principle, which needs a motive, whereas regular pattern matching uses the recursion principle, which doesn't.
[Wed Sep 18 13:19:11 2013] <ianjneu> Agda's monopoly of the term dependent pattern matching meaning the assumption of UIP is just an accident of history.
[Wed Sep 18 13:19:30 2013] <chris2> ok :)
[Wed Sep 18 13:19:42 2013] <osa1> what is UIP?
[Wed Sep 18 13:20:06 2013] <ianjneu> uniqueness of identity proofs <-> Axiom K
[Wed Sep 18 13:21:07 2013] <ianjneu> Homotopy type theory showed us that UIP is the assertion that all types are sets, whereas they allow types to be infinity-groupoids.
[Wed Sep 18 13:21:16 2013] <chris2> yes
[Wed Sep 18 13:21:27 2013] <chris2> i'm interested in using "pattern matching" in such a context
[Wed Sep 18 13:21:40 2013] <chris2> so, coq's match can be supported by J alone?
[Wed Sep 18 13:22:08 2013] <ianjneu> I believe so.
[Wed Sep 18 13:22:29 2013] <ianjneu> Well, J is only for Id proofs, but I know what you're getting at.
[Wed Sep 18 13:22:43 2013] <chris2> okay
[Wed Sep 18 13:23:19 2013] <chris2> but that means it doesnt work like coquands 1992 paper?
[Wed Sep 18 13:23:43 2013] <ianjneu> The HoTT formalization in Coq only had to change the internals to fix the handling of universes and not elimination.
[Wed Sep 18 13:24:17 2013] <ianjneu> chris2: I'm not as well versed in historical literature as I'd like. Elaborate?
[Wed Sep 18 13:24:24 2013] <chris2> http://www.cse.chalmers.se/~coquand/pattern.ps
[Wed Sep 18 13:24:35 2013] <chris2> this is cited by the agda people often :P
[Wed Sep 18 13:24:50 2013] <chris2> brb, groceries
[Wed Sep 18 13:25:30 2013] <ianjneu> mumble. I was looking for a summary. I'm working on a paper due tonight.
[Wed Sep 18 13:47:20 2013] <chris2> ianjneu: well, the dependent pattern matching explained there implies axiom k. and http://www.qatar.cmu.edu/~sacchini/papers/types08.pdf shows how to extend coq's pattern matching to imply it as well
[Wed Sep 18 13:51:52 2013] <ianjneu> I just approach pattern matching as a notational convenience for applying induction or recursion principles.
[Wed Sep 18 13:52:04 2013] <chris2> yes
[Wed Sep 18 13:52:23 2013] <chris2> from my non-dependent background, i thought it was mostly syntax :)
[Wed Sep 18 13:52:52 2013] <chris2> i'll read these papers more closely to figure out the "benefit"
[Wed Sep 18 13:54:10 2013] <ianjneu> type theorists have been mostly confused about how this all works, and most stuff leading to HoTT is just messy and gross.
[Wed Sep 18 13:54:53 2013] <chris2> :)
[Wed Sep 18 13:55:03 2013] <chris2> it certainly changed assumptions of what people want
[Wed Sep 18 13:55:17 2013] <chris2> and i think exploring HIT will do that even more
[Wed Sep 18 13:55:26 2013] <ianjneu> HIT?
[Wed Sep 18 13:55:37 2013] <chris2> higher inductive types
[Wed Sep 18 13:55:37 2013] <ianjneu> derp, nm
[Wed Sep 18 13:56:41 2013] <ianjneu> Dan Licata has felt a lot of pain trying to write HoTT proofs in Agda, since path induction is eeeeverywhere, heh.
[Wed Sep 18 13:56:58 2013] <chris2> yep
[Wed Sep 18 13:58:09 2013] <ianjneu> you follow him on twitter?
[Wed Sep 18 13:58:39 2013] <chris2> not yet
[Wed Sep 18 14:01:50 2013] <chris2> his fall 2013 class sounds interesting as well
[Wed Sep 18 14:02:04 2013] <chris2> meh, material is not public
[Wed Sep 18 14:06:17 2013] <ianjneu> did you go to OPLSS?
[Wed Sep 18 14:06:21 2013] <chris2> no
[Wed Sep 18 14:07:16 2013] <ianjneu> well he has lectures there and supporting material (protected by password, but I think it's oplss2013/ducks if not, stated in one of the lecture videos)
[Wed Sep 18 14:07:29 2013] <chris2> ok
[Wed Sep 18 14:07:36 2013] <chris2> thanks
[Wed Sep 18 14:09:40 2013] <Ptival> doesn't seem to work here :\
[Wed Sep 18 14:11:28 2013] <ianjneu> oplss/duck
[Wed Sep 18 14:11:34 2013] <ianjneu> just tried.
[Wed Sep 18 14:11:36 2013] <Ptival> thx
[Wed Sep 18 15:03:11 2013] <osa1> ianjneu: can I also have the link for lectures and extra materials?
[Wed Sep 18 15:05:32 2013] <ianjneu> 1: http://www.cs.cmu.edu/~drl/teaching/oplss13/
[Wed Sep 18 15:05:48 2013] <ianjneu> 2: http://www.cs.uoregon.edu/research/summerschool/summer13/curriculum.html
[Wed Sep 18 15:24:55 2013] <osa1> uh "and in reality many programming languages are given “big step” (coinductive) semantics" how is big step  operational semantics and coinduction related?
[Wed Sep 18 15:25:04 2013] <osa1> (from this post http://www.cs.umd.edu/~micinski/posts/2012-09-04-on-understanding-coinduction.html)
[Wed Sep 18 15:27:14 2013] <ianjneu> Coinduction is needed to talk about non-terminating reduction sequences. It's really a terrible hack. Small-step semantics are much better to use for just about anything that isn't a toy.
[Wed Sep 18 15:28:14 2013] <osa1> ianjneu: do you know an example where coinduction is used in a big step definition?
[Wed Sep 18 15:30:31 2013] <ianjneu> Yes. The Principles of Program Analysis monograph by Nielson Nielson and Hankin define their languages with big-step semantics with an "acceptability" relation for their analyses, all defined with coinduction, but some of their proofs make a detour through small-step semantics. It's messy garbage.
[Wed Sep 18 15:31:06 2013] <ianjneu> You're better off with Felleison's reduction semantics style.
[Wed Sep 18 15:32:10 2013] <osa1> Felleison's reduction semantics? is that small-step SOS ?
[Wed Sep 18 15:32:55 2013] <ianjneu> It's like SOS, but you can reason contextually nicely, so control operators are easily expressed with evaluation contexts.
[Wed Sep 18 15:33:33 2013] <osa1> so it has a nice way to describe call/cc ?
[Wed Sep 18 15:33:48 2013] <ianjneu> E[(reset F[(shift k e)])] |-> E[e{k := (lambda (x) F[x])}]
[Wed Sep 18 15:34:03 2013] <ianjneu> (where F contains no resets)
[Wed Sep 18 15:35:24 2013] <ianjneu> call/cc is easier: E[(call/cc (lambda (k) e))] |-> e{k := E}, E[(E' v)] |-> E'[v]
[Wed Sep 18 15:35:35 2013] <Anarchos> osa1 what means the cc in call/cc ?
[Wed Sep 18 15:35:42 2013] <ianjneu> current-continuation
[Wed Sep 18 15:36:05 2013] <Anarchos> ianjneu thx
[Wed Sep 18 15:36:36 2013] <ianjneu> miss-typed, e{k := (cont E)} and E[((cont E') v)] |-> E'[v]
[Wed Sep 18 15:37:14 2013] <ianjneu> gotta wrap it to make it a value rather than say it's adding extra holes to the evaluation context.
[Wed Sep 18 15:37:36 2013] <ianjneu> Check out Semantics Engineering in PLT Redex
[Wed Sep 18 15:41:01 2013] <ianjneu> The classic call/cc is too overpowered. It needs to be delimited so that a program can't capture context it doesn't have the capability to capture.
[Wed Sep 18 15:42:13 2013] <ianjneu> shift/reset are delimited continuations, yes, but they are also composable. There are use cases where (delimited) non-composable continuations ala call/cc with prompt-tags is the right solution.
[Wed Sep 18 15:43:05 2013] <ianjneu> "Adding delimited and composable control to a production programming environment": http://www.cs.utah.edu/plt/publications/icfp07-fyff.pdf
[Wed Sep 18 15:43:23 2013] <osa1> thanks for the paper suggestions
[Wed Sep 18 15:45:05 2013] <Anarchos> * spotted an eye-catcher : production programming environment
[Wed Sep 18 15:45:41 2013] <ianjneu> Anarchos: PLT Scheme, now called Racket.
[Wed Sep 18 15:46:31 2013] <ianjneu> They don't believe in doing PL work that isn't readily useful for actually doing some programming, as opposed to some more math-types that hang around here, heh.
[Wed Sep 18 15:50:48 2013] <osa1> any ideas on where to find online or printed version of Coq'Art book?
[Wed Sep 18 15:51:44 2013] <ianjneu> University library?
[Wed Sep 18 15:53:37 2013] <Anarchos> osa1 i had it but in french
[Wed Sep 18 15:53:56 2013] <ianjneu> It's pretty outdated. I would stick to software foundations and CPDT
[Wed Sep 18 15:54:33 2013] <Anarchos> SF is fine
[Wed Sep 18 15:54:35 2013] <ianjneu> and robbert krebbers. He hangs out here and knows about even the undocumented stuff.
[Wed Sep 18 15:54:38 2013] <Anarchos> CPDT is a bit more advanced
[Wed Sep 18 17:04:41 2013] <reynir> I have a goal [Some a = Some b]. How do I reduce it to [a = b]? I forget
[Wed Sep 18 17:09:13 2013] <ianjneu> f_equal
[Wed Sep 18 17:10:26 2013] <Anarchos> reynir induction.
[Wed Sep 18 17:14:33 2013] <reynir> Thank you ianjneu
[Wed Sep 18 17:47:54 2013] <osa1> I'm having trouble to understand how can anything be provable on coinductive definitions ...
[Wed Sep 18 17:50:50 2013] <osa1> also, do we have a name for kind of functions that allow us to write filter function on streams? like the primitive/general recursion distinction?
[Wed Sep 18 18:03:06 2013] <Ptival> what is disturbing your understanding?
[Wed Sep 18 18:05:28 2013] <osa1> basically I don't understand anything about reasoning on infinite data ... how can we prove that map S zeroes = ones (where zeroes = infinite stream of zeroes etc.)
[Wed Sep 18 18:07:14 2013] <osa1> and also how what does equality in this proposition mean
[Wed Sep 18 18:12:35 2013] <ianjneu> A productive coinductive definition (always builds) is dual to a well-founded recursive definition (always decreases structure).
[Wed Sep 18 18:13:24 2013] <ianjneu> If there's no way to refute something in finite time, it might as well be true.
[Wed Sep 18 18:14:30 2013] <Anarchos> osa1 get a look at Büchi automaton
[Wed Sep 18 18:47:35 2013] <osa1> ianjneu: does same reasoning work for the other case? like "if there's no way to prove something in finite time, it might be false" ?
[Wed Sep 18 18:49:19 2013] <Ptival> well then it is "not provable", which has little to do with truth and falsity
[Wed Sep 18 18:55:07 2013] <osa1> Ptival: can't we use "not provable" in the sense of "might be false"
[Wed Sep 18 18:57:05 2013] <osa1> also I don't understand relation with büchi automaton
[Wed Sep 18 19:14:17 2013] <Cale> Something which is not provable also might be true, at least, if its negation also isn't provable.
[Wed Sep 18 19:22:28 2013] <robbert> osa1: that result is just not provable. Instead of using Leibniz equality to talk about equality of streams, you should use use bisimilarity (which is defined coinductively)
[Wed Sep 18 19:22:42 2013] <robbert> then you can prove such "equalities" using a cofix
[Wed Sep 18 19:23:04 2013] <robbert> or the coinduction principle (which can easily be derived), but that's probably more useful for more involved stream equality proofs
[Wed Sep 18 19:23:22 2013] <robbert> reads the Coq'Art or CPDT chapter on coinduction :)
[Wed Sep 18 19:23:25 2013] <robbert> *read
[Wed Sep 18 19:24:51 2013] <robbert> osa1: by Goedel we know that all logics which can at least express arithmetic are incomplete, so there are statements P which are not provable, neither its negation ~P
[Wed Sep 18 19:25:23 2013] <robbert> and Coq is "very incomplete" (whatever that may mean formally :P) due to its intensional and constructive nature
[Wed Sep 18 19:26:38 2013] <robbert> In particular, in Coq many equalities are not provable due to the lack of functional extensionality, proof irrelevance, prop irrelevance, ...
[Wed Sep 18 19:30:12 2013] <osa1> robbert: I already read CPDT cofix chapter before asking here .. what's not explained in CPDT chapter how can coinductive proofs give use confidence on truth.
[Wed Sep 18 19:31:02 2013] <osa1> robbert: well we have proof relevance here http://coq.inria.fr/stdlib/Coq.Logic.ProofIrrelevance.html doesn't that help? also I remember SF book defining an exiom for functional extensionality and saying that this doesn't break Coq's logical foundations
[Wed Sep 18 19:32:02 2013] <robbert> osa1: well, your original question was about proving "map S zeroes = ones", that's literaly in CPDT
[Wed Sep 18 19:32:27 2013] <robbert> how do coinductive proofs give you confidence, well, I guess by believing that the metatheory of Coq is consistent
[Wed Sep 18 19:32:30 2013] <osa1> robbert: what I meant there was how can that proof give us confidence of truth because it's completely nonsense to me
[Wed Sep 18 19:32:55 2013] <robbert> you mean the proof, or the fact that he uses stream_eq instead of eq?
[Wed Sep 18 19:33:13 2013] <osa1> (let me check the proof again)
[Wed Sep 18 19:33:23 2013] <robbert> because the idea of using a proof assistant, is that you do not have to "trust the proof" to get confidence
[Wed Sep 18 19:33:38 2013] <robbert> you need to trust that the statement is indeed the thing what you want, and that the system is consistent
[Wed Sep 18 19:34:49 2013] <robbert> osa1: proof irrelevance there is an axiom, it's not provable in Coq
[Wed Sep 18 19:34:51 2013] <osa1> robbert: ok let me express myself this way: if I explain someone inductively defined data types and then proofs by induction I think that stuff make sense for most people. now I'm looking for a way to explain coinductive data types and coinduction but to explain myself
[Wed Sep 18 19:36:02 2013] <osa1> I'm not looking for Coq or proof assistant or constructive logic specific answers here
[Wed Sep 18 19:36:41 2013] <robbert> well, coinduction is basically dual to induction, so many things are the other way arround
[Wed Sep 18 19:37:08 2013] <robbert> since you construct infinite objects, you do not have that definitions (and thus by Curry-Howard) proofs should be terminating. Rather you want them to be productive
[Wed Sep 18 19:37:23 2013] <robbert> that intuitively means, they will always indeed produce something infinite
[Wed Sep 18 19:37:38 2013] <robbert> hence, the not guarded errors if you try to do proofs by cofix
[Wed Sep 18 19:39:49 2013] <robbert> osa1: if you want to understand the mathematics of coinductive types in a non Coq specific way, you may want to read something like http://www.cs.ru.nl/~bart/PAPERS/JR.pdf
[Wed Sep 18 19:40:39 2013] <osa1> yeah I have that paper on my to-do list. maybe I should give that greater priority
[Wed Sep 18 19:41:40 2013] <robbert> or, if you are interested in the programming side of things, you may want to read some tuturial on dealing with infinite data in Haskell
[Wed Sep 18 19:42:49 2013] <robbert> but I must agree, coinductive types in Coq are a bit obscure...
[Wed Sep 18 19:43:05 2013] <robbert> so, it's not very strange that you are confused about it :)
[Wed Sep 18 19:50:18 2013] <osa1> someone should edit this page http://en.wikipedia.org/wiki/Bisimulation
[Thu Sep 19 00:15:09 2013] <osa1> looking for papers to understand coinduction/codata/etc. (other than "tutorial on costuff ...." paper)
[Thu Sep 19 00:17:25 2013] <ianjneu> To get the zen of coinduction, you should try to understand the duality in the categorical sense. Coinduction "is just" the dual of induction.
[Thu Sep 19 00:20:52 2013] <osa1> ianjneu: do you have logs with our talk with robbert ? I can use CoInductive data types and CoFixpoints etc. but what I don't understand is that how does proving properties of codata really work. and at this point I don't want/have time to learn the "zen" of it.
[Thu Sep 19 00:21:24 2013] <osa1> (btw, I don't know why I'm obsessed over it .. maybe I just let it go and use CoInduction/CoFixpoint when necessary)
[Thu Sep 19 00:26:25 2013] <ianjneu> Sorry I can't be more helpful right now. I'm racing toward a deadline. It's past midnight here and my thinking cycles have to go into the paper.
[Thu Sep 19 00:30:32 2013] <osa1> okay, no problem. it's past midnight here too :)
[Thu Sep 19 00:39:25 2013] <ianjneu> It's great finding that one of my older papers is wrong when trying to find a bug in the code for the next paper. -_-;;
[Thu Sep 19 01:05:50 2013] <osa1> I probably need to learn category theory and some other maths too ...
[Thu Sep 19 10:27:01 2013] <anders__> can i define a notation such that i can use R* instead of clos_refl_trans _ R. clos_refl_trans is in Relation_Operators: http://coq.inria.fr/distrib/8.3pl5/stdlib/Coq.Relations.Relation_Operators.html
[Thu Sep 19 11:22:27 2013] <gereedy> osa1: maybe http://www.fing.edu.uy/inco/eventos/SEFM2011/cursos/Davide.pdf can help to understand coinduction
[Thu Sep 19 11:23:44 2013] <gereedy> It is from 2011 SEFM School; slides from Davide Sangiorgi's class Bisimulation and coinduction
[Thu Sep 19 11:23:49 2013] <kmicinski> This seems like a potentially overly broad question, but I'm doing some reasoning about refinement of functions, is there a "good" way to reason about refinement / program equality?
[Thu Sep 19 11:24:06 2013] <kmicinski> (E.g., other than Coq.Program.Equality with dependent equality axioms)
[Thu Sep 19 11:44:52 2013] <osa1> gereedy: thanks for the link, it looks interesting.
[Thu Sep 19 12:32:05 2013] <osa1> oh boy. there's a book named "introduction to coinduction and bisimulation".
[Thu Sep 19 13:00:07 2013] <kmicinski> osa1: yes, it has some pretty good explanations
[Thu Sep 19 14:43:10 2013] <anders__> if I do: "specialize (H …).", the assumption H is dropped, how do I keep it?
[Thu Sep 19 14:51:46 2013] <ystael> anders__: you can copy it ahead of time -- there's probably a better way to do it but `assert H as H'. exact H.` might do the job
[Thu Sep 19 14:53:47 2013] <anders__> ystael: thanks. I found that remember `H as H'; clear HeqH'.` also did the job. I assume it can be done in one command though.
[Thu Sep 19 14:57:09 2013] <tomprince> anders__: You could perhaps even just do 'pose (H ...) as Hspec'
[Thu Sep 19 15:00:06 2013] <tomprince> anders__: specialize is designed to replace the hypothesis you specify. If you want to keep it, just use a tactic that introduces a new hypothesis.
[Thu Sep 19 15:00:42 2013] <anders__> ok, which other tactic would have the same effect (instantiate a universal expression)
[Thu Sep 19 15:01:20 2013] <tomprince> <tomprince> anders__: You could perhaps even just do 'pose (H ...) as Hspec'
[Thu Sep 19 15:01:45 2013] <tomprince> pose proof (H ...) as .
[Thu Sep 19 15:01:58 2013] <tomprince> assert (Hspec := H ...) as Hspec.
[Thu Sep 19 15:07:31 2013] <anders__> tomprince: thanks! that was exactly what i was looking for
[Thu Sep 19 19:20:54 2013] <ezyang> Hey guys, I'm trying to interpret Chlipala's comments here: http://blog.ezyang.com/2013/09/induction-and-logical-relations/comment-page-1/#comment-6242
[Thu Sep 19 19:21:39 2013] <ezyang> (I know the post is written in Agda, but Chlipala primarily uses Coq so I thought maybe the insight here would be better)
[Thu Sep 19 19:22:10 2013] <ezyang> The first thing to look at is the definition of 'what is a value', defined here http://lpaste.net/93187 ; Adam suggests that it should be done recursively; but I can't think of a way to do it that doesn't involves units and voids
[Thu Sep 19 19:33:28 2013] <ianjneu> ezyang: I couldn't follow what he suggested.
[Thu Sep 19 19:34:22 2013] <ezyang> ok, because I couldn't follow it either
[Thu Sep 19 19:36:14 2013] <ezyang> What does he mean by polymorphic equality? JMeq?
[Thu Sep 19 19:36:50 2013] <ezyang> Oh, he just means Leibniz equality
[Thu Sep 19 19:36:53 2013] <ianjneu> murmble. Chlipala has always been incomprehensible to me.
[Thu Sep 19 20:26:24 2013] <Ptival> oh I did not see that post :)
[Thu Sep 19 22:33:37 2013] <ystael> I'm trying to prove an induction principle for nat with multiple base cases and a "step size" of 2.
[Thu Sep 19 22:34:06 2013] <ystael> I don't understand why the inductive hypothesis IHn'' isn't just P n'' here: http://lpaste.net/93192
[Thu Sep 19 22:43:29 2013] <ystael> Is the problem that I don't have information about the structure of the proof of P n' that comprises IHn' ?
[Thu Sep 19 22:57:25 2013] <ystael> never mind, figured it out - had to strengthen the conclusion
[Fri Sep 20 13:47:06 2013] <osa1> I'm trying to understand ... syntax, if I start the proof with "Proof with auto.", then ... replaced with ; auto. ?
[Fri Sep 20 14:02:32 2013] <Ptival> yes?
[Fri Sep 20 15:46:50 2013] <osa1> Ptival: okay, thanks.
[Fri Sep 20 16:00:58 2013] <Armael> hi
[Fri Sep 20 16:01:15 2013] <Armael> i was just wondering: how can I use Print on something like <> ?
[Fri Sep 20 16:01:47 2013] <Armael> Print <>, or Print "<>" don't seem to work
[Fri Sep 20 16:05:17 2013] <osa1> Armael: maybe first Locate "<>". than call Print on the identifier
[Fri Sep 20 16:05:38 2013] <osa1> s/than/then
[Fri Sep 20 16:06:13 2013] <Armael> oh, Locate is indeed useful
[Fri Sep 20 16:06:15 2013] <Armael> thanks
[Sat Sep 21 09:24:55 2013] <clj_newb_2345> I'm trying to define a new notation for a paritcular scope. I'm getting back "unknown scope delimiting key"
[Sat Sep 21 11:47:02 2013] <Ptival> clj_newb_2345: you need to declare scopes ahead
[Sat Sep 21 11:57:02 2013] <clj_newb_2345> Ptival: https://gist.github.com/anonymous/5661535788e4d74da844
[Sat Sep 21 11:57:04 2013] <clj_newb_2345> what am I missing?
[Sat Sep 21 11:58:32 2013] <Ptival> oh
[Sat Sep 21 11:58:41 2013] <Ptival> after declaration, you don't need the _scope
[Sat Sep 21 11:58:50 2013] <Ptival> it's just % foo
[Sat Sep 21 11:58:55 2013] <Ptival> I hate this stupid syntax
[Sat Sep 21 11:59:31 2013] <Ptival> Since you said "Delimit Scope foo_scope with foo."
[Sat Sep 21 12:03:15 2013] <clj_newb_2345> fucking dumbass syntax :-)
[Sat Sep 21 12:03:33 2013] <clj_newb_2345> I suspect the designers of Coq were like "how can we keep low motivation people from using Coq"
[Sat Sep 21 12:04:06 2013] <clj_newb_2345> and they were like "let return fun dependent type errors of abstractinf foo over bar; make Ltac impossibly hard to debug; and do delimiter stuff"
[Sat Sep 21 12:04:23 2013] <clj_newb_2345> in otther words, thank you :-)
[Sat Sep 21 12:14:30 2013] <Ptival> hehe
[Sat Sep 21 13:29:14 2013] <reynir> Ah, I had the same problem! Thanks, Ptival
[Sat Sep 21 14:06:49 2013] <clj_newb_2345> what?
[Sat Sep 21 14:06:57 2013] <clj_newb_2345> it was my line of questioning that provided the answer :-)
[Sat Sep 21 15:20:07 2013] <RegEchse> I've got a match in a goal that looks like  match f x with |a => ...  where x is of an inductive type i defined and f is a Fixpoint mytype -> mytype. the match consists of three branches but i already proofed a Lemma stating  forall x : mytype, f x <> a.  can i somehow tell Coq to drop the first branch and leave me with the match against the other two?
[Sat Sep 21 17:59:52 2013] <robbert> RegEchse: the best you can do is probably destruct (f x) as [foo|bar|baz] eqn:baq, and then use your result in the first subbranch
[Sat Sep 21 18:28:46 2013] <RegEchse> robbert: ok, thx. just what i thought. actually i'm destruct-ing x now, anyway.
[Sat Sep 21 18:34:09 2013] <osa1> pfff .... it's hard to predict whether to use inversion or induction while starting a long proof ...
[Sat Sep 21 18:36:15 2013] <osa1> are there any conventions for levels while defining new notations? I'm wondering how people decided levels of notation in SF book.
[Sat Sep 21 18:51:56 2013] <robbert> RegEchse: well, that may work too, the trick in my suggestion is the eqn:baq clause, it adds an equality to each subgoal to remember which variant of the inductive you are considering
[Sat Sep 21 18:53:02 2013] <robbert> osa1: induction if you need an induction hypothesis, inversion if the thing is dependent, dependent induction if both (but that tactic is a bit weird and may assume additional axioms...)
[Sat Sep 21 18:54:52 2013] <robbert> osa1: there is a table with the levels of the ordinary connectives in the documentation, try to put your own notations at a sensible level in between them
[Sat Sep 21 18:55:15 2013] <osa1> robbert: what do you mean by "dependent" ?
[Sat Sep 21 18:56:04 2013] <robbert> if the type contains indices in which something more complex than just a variable is used
[Sat Sep 21 18:56:11 2013] <robbert> for example H : vec A (S n)
[Sat Sep 21 18:57:47 2013] <robbert> here you typically want to avoid one case (namely nil) because of the index (S n)
[Sat Sep 21 20:19:07 2013] <osa1> what is 2 in "solve by inversion 2" ?
[Sat Sep 21 20:46:26 2013] <osa1> I wonder what was considered formal before we had theorem provers(like Coq) ...
[Sat Sep 21 20:53:00 2013] <Ptival> inversion num
[Sat Sep 21 20:53:01 2013] <Ptival> This does the same thing as intros until num then inversion ident where ident is the identifier for the last introduced hypothesis.
[Sat Sep 21 20:53:30 2013] <Ptival> intros until num
[Sat Sep 21 20:53:31 2013] <Ptival> This repeats intro until the num-th non-dependent product.
[Sat Sep 21 23:09:04 2013] <osa1> wow ... this is my first time using auto and it really helped http://lpaste.net/93238
[Sun Sep 22 06:37:54 2013] <anders_> I have a relation R and an assumption "H : R u v". when doing "induction H", how do I get an equation in each case that tells me the value that u takes?
[Sun Sep 22 07:40:23 2013] <ollehar> anders_: pastebin?
[Sun Sep 22 07:41:34 2013] <anders_> sure, I will try to come up with a minimal example
[Sun Sep 22 07:56:19 2013] <anders_> this should be a sort of minimal example of what i want
[Sun Sep 22 07:56:25 2013] <anders_> http://pastebin.com/gti27twc
[Sun Sep 22 07:58:41 2013] <robbert> anders_: what is the point of wanting that in the first place?
[Sun Sep 22 07:59:23 2013] <robbert> if you want it so badly, the easiest way is probably to write your own induction principle that gives such equalities
[Sun Sep 22 08:05:23 2013] <anders_> in the actual proof I am doing, I have R (x*y) (x'*y'), R x x', R y y'. doing induction on the first relation, (x*y) is substituted for z, and I need to to use (x*y) = z together with the other relations to prove some things.
[Sun Sep 22 08:06:05 2013] <anders_> (z being just some expression of course)
[Sun Sep 22 08:06:09 2013] <robbert> anders_: ok, that makes things clear :)
[Sun Sep 22 08:06:33 2013] <robbert> best use remember (x * y) as u eqn:Hu before doing the induction
[Sun Sep 22 08:07:56 2013] <anders_> yep that seems to do the trick! much thanks!
[Sun Sep 22 08:49:55 2013] <RegEchse> what is a simple way of applying a function to both sides of a hypothesis equation?  currently my equation is  H: x = y  and i'm doing   assert (H0: f x = f y). rewrite H. reflexivity. clear H.   Can i do that more directly?
[Sun Sep 22 08:55:05 2013] <robbert> RegEchse: apply (f_equal f) in H
[Sun Sep 22 08:57:59 2013] <RegEchse> ah! i already looked up f_equal in the reference manual but didn't know how to apply it. thanks. :)
[Sun Sep 22 08:58:43 2013] <robbert> RegEchse: note this is unrelated to the f_equal tactic
[Sun Sep 22 08:59:02 2013] <robbert> it's just applying the lemma f_equal at an assumption
[Sun Sep 22 09:03:45 2013] <RegEchse> yes, i understand that. i also already Check-ed f_equal to see what it actually does / how it is defined.
[Sun Sep 22 09:21:39 2013] <anders_> For a relation R, I want to prove "for all u v, R u v -> R u v' -> exists w, R v w /\ R v' w" (i.e. diamond property of R). R has 4 constructors say R1,R2,R3,R4. Obviously the case "(R1 u v and R2 u v')" is the same as "(R2 u v /\ R1 u v')" etc, thus I should only have to consider 7 cases. this is the case if I do "induction H_Ruv. induction H_Ruv' " but I need to do "generalize dependent v'. induction H_Ruv. intros v' H_R
[Sun Sep 22 09:21:40 2013] <anders_> induction H_Ruv' " which gives me 16 cases to handle. Is it possible to not have to handle the redundant cases?
[Sun Sep 22 09:23:26 2013] <anders_> sorry 10 cases actually, but i did not need do the second induction in one case so 7 cases in total in my situation
[Sun Sep 22 09:45:37 2013] <ollehar> anders_: shouldn't you do "incudction u"?
[Sun Sep 22 09:47:49 2013] <anders_> no I am doing inductions over the relation R
[Sun Sep 22 14:10:50 2013] <prophile> ;w 56
[Sun Sep 22 15:07:12 2013] <osa1> I wish SF's source was on Github and was accepting pull requests from readers
[Sun Sep 22 15:11:03 2013] <osa1> how to simplify this H : (if eq_id_dec i i then s else tvar i) = t' ?
[Sun Sep 22 15:40:10 2013] <reynir> This is pretty cool https://sympa.inria.fr/sympa/arc/coq-club/2013-09/msg00059.html
[Sun Sep 22 16:26:44 2013] <osa1> is there a tactic to generalize multiple variables? like instead of this generalize dependent s. generalize dependent x. generalize dependent t'. some shorter version
[Sun Sep 22 16:28:48 2013] <tomprince> osa1: Have you tried "generalized dependent s x t'."
[Sun Sep 22 16:41:05 2013] <osa1> tomprince: yep
[Sun Sep 22 16:41:25 2013] <osa1> tomprince: throws syntax error
[Sun Sep 22 16:49:00 2013] <osa1> this is exhausting http://lpaste.net/93267
[Sun Sep 22 17:45:05 2013] <reynir> I was wondering the same a few months ago and came to the conclusion that there wasn't
[Sun Sep 22 20:54:08 2013] <osa1> in an implication like A -> B is there a special name given to A ?
[Sun Sep 22 21:00:37 2013] <tomprince> I'd be inclined to call it the domain.
[Sun Sep 22 21:01:57 2013] <osa1> um yeah but then it sounds like we're talking about function types
[Sun Sep 22 21:04:25 2013] <RegEchse> in formal logic i think one would call A the 'antecedent'. i don't know whether people would use that term in functional programming, though.  good night
[Mon Sep 23 03:33:15 2013] <robbert> osa1: in logic, the premise
[Mon Sep 23 09:42:39 2013] <osa1> robbert: hmm. I though premise/conclusion naming convention are for natural deduction style inference rules...
[Mon Sep 23 10:40:05 2013] <osa1> (* The "solve by inversion" tactic is explained in Stlc.v. *) <-- I don't think it's true. solve by inversion tactic is never explained anywhere in SF book .. or am I missing something?
[Mon Sep 23 11:15:22 2013] <osa1> http://www.cis.upenn.edu/~bcpierce/sf/References.html any ideas about last exercise? how to add garbage collection, what are some standard theorems about garbage collecting etc.
[Mon Sep 23 11:32:28 2013] <osa1> what is the name of @ operator? trying to look it up from documentation
[Mon Sep 23 11:33:00 2013] <tomprince> @about @
[Mon Sep 23 11:33:53 2013] <tomprince> @about @
[Mon Sep 23 11:34:15 2013] <roosterbot> error: Syntax error: illegal begin of smart_global_eoi.
[Mon Sep 23 11:34:35 2013] <tomprince> @about "@"
[Mon Sep 23 11:34:35 2013] <roosterbot> error: Error: Unable to interpret "@" as a reference.
[Mon Sep 23 11:35:00 2013] <gereedy> osa1: do you mean @ for explicit application as described in http://coq.inria.fr/distrib/current/refman/Reference-Manual004.html#sec118
[Mon Sep 23 11:35:37 2013] <osa1> gereedy: probably. thanks.
[Mon Sep 23 11:36:24 2013] <osa1> basically I'm trying to understand why this tactic works ` remember (@empty ty).` while this one fails `remember (empty ty).`
[Mon Sep 23 11:37:04 2013] <tomprince> @check @empty
[Mon Sep 23 11:37:04 2013] <roosterbot> error: Error: The reference empty was not found in the current environment.
[Mon Sep 23 11:37:28 2013] <tomprince> osa1: Do 'Check @empty' and 'Check empty'
[Mon Sep 23 11:37:33 2013] <gereedy> If you do Check empty. and Check @empty. you will see they have different types
[Mon Sep 23 11:37:36 2013] <tomprince> @ disables implicit arguments.
[Mon Sep 23 11:37:36 2013] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Mon Sep 23 11:38:38 2013] <osa1> yeah. and I don't understand what is this term: \empty : partial_map ?3801, what is backslash in the beginning?
[Mon Sep 23 11:50:23 2013] <gereedy> osa1: because of Notation "'\empty'" := empty.
[Mon Sep 23 11:50:34 2013] <gereedy> in the processed document the \ is rendered as a lambda
[Mon Sep 23 11:52:50 2013] <osa1> thanks.
[Mon Sep 23 11:53:04 2013] <osa1> another question, assumption fails but apply H1 works, why is that?
[Mon Sep 23 11:55:12 2013] <gereedy> without seeing the entire context I can't say for sure, but assumtion "looks in the local context for an hypothesis which type is equal to the goal"
[Mon Sep 23 11:57:25 2013] <gereedy> key part being "equal to the goal", so I guess H1 has some implicit arguments and those make its type not equal
[Mon Sep 23 12:00:27 2013] <gereedy> apply
[Mon Sep 23 12:00:37 2013] <gereedy> apply "match the current goal against the conclusion of the type of term"
[Mon Sep 23 12:01:16 2013] <gereedy> so it does not require strict equality but just that the conclusion unifies with the goal
[Mon Sep 23 12:05:02 2013] <osa1> hmm. that makes sense.
[Mon Sep 23 12:07:52 2013] <osa1> I'm having trouble finding my way in Coq documentation .. where is reference manual for "solve by ..." tactic? http://coq.inria.fr/distrib/current/refman/tactic-index.html I don't think solve here is the same
[Mon Sep 23 12:21:08 2013] <ystael> osa1: `by` is not an Ltac keyword, I think.  Look for a Tactic Notation somewhere.
[Mon Sep 23 15:07:27 2013] <osa1> can we say that eauto is strictly more powerful than auto? (probably not -- otherwise who needs auto? I'm looking for a case where auto works but eauto doesn't)
[Mon Sep 23 15:11:24 2013] <Anarchos> osa1 no idea
[Mon Sep 23 15:28:02 2013] <tomprince> osa1: It isn't. It will leave unresolved metas around, which auto won't do.
[Mon Sep 23 21:12:58 2013] <ystael> How can I do case analysis on a term but retain an equation in the context saying what case I'm in?
[Mon Sep 23 21:14:35 2013] <ystael> For example, if beq_nat : nat -> nat -> bool is equality, I would like to destruct (beq_nat n m), but remember in the false case an equation (beq_nat n m) = false so that I can rewrite by it later.
[Mon Sep 23 21:15:50 2013] <ystael> (In my case I need to use the fact twice but the second time is behind a reduction enabled by the first substitution.)
[Mon Sep 23 22:43:08 2013] <Ptival> ystael: destruct (beq_nat n m) eqn:H
[Tue Sep 24 03:31:35 2013] <robbert> osa1: although it does not explicitly stated, the thing in LICENCE is the MIT licence
[Tue Sep 24 03:31:43 2013] <robbert> *state it
[Tue Sep 24 06:42:13 2013] <reynir> Is there a way to repeat a Ltac a fixed number of times? Like 5 times.
[Tue Sep 24 06:58:09 2013] <robbert> reynir: do 5 foo?
[Tue Sep 24 07:07:33 2013] <reynir> Great, thanks robbert :-)
[Tue Sep 24 10:34:12 2013] <ystael> Ptival: thanks for the pointer yesterday; i haven't tried it yet but from the doc it looks like exactly what i need
[Tue Sep 24 11:01:33 2013] <Ptival> for solve by?
[Tue Sep 24 11:02:29 2013] <Ptival> you should grep 'Tactic Notation "solve' over your codebase to find it :p
[Tue Sep 24 11:02:56 2013] <Ptival> oh wait I'm mistaken
[Tue Sep 24 11:03:04 2013] <Ptival> yeah the eqn thing
[Tue Sep 24 11:03:35 2013] <Ptival> otherwise you can simulate with remember but it's more manual
[Tue Sep 24 12:28:54 2013] <Ptival> huh this stupid talk is 11:30-12:30 on Farmer's Market day @__@
[Tue Sep 24 12:28:59 2013] <Ptival> woop
[Tue Sep 24 12:29:12 2013] <Ptival> wrong channel :)
[Tue Sep 24 12:38:16 2013] <roosbeef> suppose i would like to check if some element is in a list of the element's type
[Tue Sep 24 12:39:54 2013] <roosbeef> would it be possible to do it in a way resembling this?
[Tue Sep 24 12:39:56 2013] <roosbeef> Fixpoint elem_isin (e : element) (le : list element) : bool :=
[Tue Sep 24 12:39:56 2013] <roosbeef>   match e, le with
[Tue Sep 24 12:39:56 2013] <roosbeef>       _, nil      => false
[Tue Sep 24 12:39:56 2013] <roosbeef>   | var, var :: _ => true
[Tue Sep 24 12:39:56 2013] <roosbeef>   |   _, _   :: t => ltr_isin e t
[Tue Sep 24 12:39:57 2013] <roosbeef>   end.
[Tue Sep 24 12:40:22 2013] <roosbeef> Coq complains that 'var' is bound multiple times
[Tue Sep 24 12:40:48 2013] <roosbeef> it does work when every case is specified, but i would like to just quantify over all possible cases
[Tue Sep 24 13:05:09 2013] <ystael> roosbeef: What do you mean by "when every case is specified"?  In general you can't give an identifier multiple times in a pattern to impose an equality constraint.
[Tue Sep 24 13:05:15 2013] <ystael> (Also, use a pastebin like lpaste.net)
[Tue Sep 24 13:08:28 2013] <ystael> To do what you want you need the type element to have a decidable equality predicate, which not every type has.
[Tue Sep 24 15:16:40 2013] <roosbeef> ystael: could you give an example of a decidable equality predicate?
[Tue Sep 24 15:19:43 2013] <Anarchos> equality on integers ?
[Tue Sep 24 15:22:48 2013] <ystael> roosbeef: A "decidable equality predicate" is a function that, given two elements of the type, yields one thing if they are equal and another if they are not equal.
[Tue Sep 24 15:23:07 2013] <ystael> For instance, a simple boolean equality on natural numbers might have type nat -> nat -> bool.
[Tue Sep 24 15:23:51 2013] <ystael> (Usually by "decidable equality" one means something whose result type is actually a disjoint sum of proofs, like (m n : nat) -> {m = n} + {m <> n}.)
[Tue Sep 24 15:26:41 2013] <ystael> The point is that you don't necessarily have a decision procedure for equality on terms of any random type.  That's why the pattern matcher can't enforce equality between two instances of 'var' in your pattern.
[Tue Sep 24 15:33:58 2013] <roosbeef> i understand
[Tue Sep 24 15:34:21 2013] <roosbeef> the type i have in mind would be decidably equatable though
[Tue Sep 24 15:35:18 2013] <roosbeef> so how would i then plug this equality function into the elem_isin function and use a variable of some sort?
[Tue Sep 24 15:36:46 2013] <ystael> Just match on le rather than e, le, and inside the x::xs case of the match, do a second match on the result of the equality test
[Tue Sep 24 15:37:21 2013] <ystael> (or use `if`, which is syntactic sugar for a match on a two-constructor datatype)
[Tue Sep 24 15:38:55 2013] <roosbeef> ahh
[Tue Sep 24 15:38:58 2013] <roosbeef> clever!
[Tue Sep 24 15:39:05 2013] <roosbeef> sounds pretty solid :)
[Tue Sep 24 15:39:13 2013] <roosbeef> im gonna try that
[Tue Sep 24 15:39:15 2013] <roosbeef> thanks a lot!
[Tue Sep 24 15:39:27 2013] <ystael> np, good luck
[Tue Sep 24 19:04:54 2013] <shergill> ezyang: ping
[Tue Sep 24 19:06:27 2013] <shergill> ezyang: where can i access the source tree for coq with mtac?
[Tue Sep 24 21:06:56 2013] <ezyang> shergill: pong
[Tue Sep 24 21:09:29 2013] <ezyang> should be https://github.com/beta-ziliani/coq/tree/patch-1 or https://github.com/beta-ziliani/coq/tree/mh
[Tue Sep 24 21:11:31 2013] <ezyang> I have some branches of my own but I don't know what they're named on coq/
[Tue Sep 24 21:13:38 2013] <shergill> ezyang: thanks
[Tue Sep 24 21:13:54 2013] <ezyang> also check out my rockin' Ubuntu packages
[Tue Sep 24 21:14:54 2013] <shergill> i already have that installed :)
[Tue Sep 24 21:15:24 2013] <shergill> i was considering going through hott exercises with coq-mtac
[Tue Sep 24 21:15:50 2013] <shergill> and hott requires a patched version of coq too
[Tue Sep 24 21:16:03 2013] <ezyang> oh, definitely use the mh
[Tue Sep 24 21:16:09 2013] <ezyang> branch
[Tue Sep 24 21:16:15 2013] <shergill> gotcha
[Tue Sep 24 21:16:27 2013] <ezyang> hmm, I should build Coq for HoTT with Mtac
[Tue Sep 24 21:17:13 2013] <shergill> if that's not too much effort for you, that'd be awesome
[Tue Sep 24 21:18:37 2013] <ezyang> The big downside
[Tue Sep 24 21:18:42 2013] <ezyang> is you can only have one of these packages installed at a time
[Tue Sep 24 21:18:56 2013] <ezyang> So if you want to switch, I still recommend building from source and twiddling your rcfiles
[Tue Sep 24 21:20:18 2013] <shergill> hmm what do you mean by 'packages'? as in debian packages? or mtac and hott changesets are conflicting?
[Tue Sep 24 21:20:52 2013] <ezyang> The packages conflict
[Tue Sep 24 21:21:08 2013] <ezyang> Actually, that is not even true; they are the same package, all different versions
[Tue Sep 24 21:21:54 2013] <shergill> right. i was wondering if they introduced some mathematical conflict. it seems not?
[Tue Sep 24 21:22:28 2013] <ezyang> HoTT will cause some traditional Coq stuff to stop working. Definitely so if you use their alternate standard library
[Tue Sep 24 21:22:33 2013] <ezyang> mtac should be completely compatible
[Tue Sep 24 21:22:40 2013] <shergill> ok
[Wed Sep 25 12:30:37 2013] <robbert> Not really a Coq question, how is a partialorder that is not reflexive called?
[Wed Sep 25 12:31:07 2013] <robbert> In case of an equivalence relation, they call it a partial equivalence relation (PER)
[Wed Sep 25 12:50:44 2013] <gereedy> robbert: according to wikipeia, a strict partial order
[Wed Sep 25 13:56:09 2013] <robbert> gereedy: a strict partial order is also irreflexive (which is not the same as "not reflexive" :))
[Wed Sep 25 13:57:04 2013] <robbert> I want to know whether there is a nice name for a relation that is transitive and anti symmetric
[Wed Sep 25 14:02:41 2013] <tomprince> robbert: What is your example?
[Wed Sep 25 14:07:25 2013] <robbert> tomprince: i have a relation on expressions of a programming language that is almost the partial order. The only thing lacking is that reflexivity only holds for well typed expressions.
[Wed Sep 25 14:08:33 2013] <tomprince> What is the relation?
[Wed Sep 25 14:11:12 2013] <robbert> it means that the permissions contained in the expression allow more
[Wed Sep 25 14:13:26 2013] <robbert> but that does not matter so much, the reason for it not being reflexive, is because its definition relies on the fact that the expression is well-typed
[Wed Sep 25 14:14:21 2013] <robbert> it is set up in such a way that t1 <= t2 => well_typed t1 /\ well_typed t2
[Wed Sep 25 14:17:39 2013] <ystael> Is there an example of the currently idiomatic way to derive decidable equality predicates for simple inductive types?
[Wed Sep 25 14:17:47 2013] <ystael> I don't know if I should be looking for a type class, or a module, or what
[Wed Sep 25 14:17:59 2013] <robbert> the reason for it not being reflexive, is the same as that the equality judgment Gamma |- x = y : A in traditional MLTT is just a PER
[Wed Sep 25 14:18:13 2013] <Ptival> ystael: there is a tactic 'decide equality'
[Wed Sep 25 14:19:07 2013] <ystael> Ptival: but is there some way I should be declaring that my type implements such a predicate?
[Wed Sep 25 14:20:47 2013] <ystael> I guess what I'm saying is, I can write the predicate by hand (or use that tactic), I know what its type and implementation should be.  But I don't know the standard library well enough yet to know whether there's a particular way I should spell it to work well in context.
[Wed Sep 25 14:20:49 2013] <robbert> ystael: should: not really, could: use the type class Class Decision (P : Prop) := decide : {P} + {¬P}.
[Wed Sep 25 14:25:23 2013] <ystael> robbert: I don't find that in the standard library?
[Wed Sep 25 14:30:04 2013] <robbert> robbert: I don't think it is, see Section 4.1 of http://arxiv.org/abs/1102.1323 for the idea behind it
[Wed Sep 25 14:31:55 2013] <ystael> ah, ok, thanks
[Wed Sep 25 16:33:24 2013] <osa1> automation is so awesome ... it leaves me only the interesting part in this theorem http://lpaste.net/93403 (the admitted part)
[Wed Sep 25 16:33:50 2013] <osa1> (also, I wish I didn't have to `remember (@empty ...)` in this proof)
[Wed Sep 25 16:43:10 2013] <osa1> oh wow, i
[Wed Sep 25 16:43:51 2013] <osa1> if I give a theorem for type preserving substitution and add it to hint database, admitted part in the proof I linked above can be solved with auto.
[Wed Sep 25 16:44:37 2013] <osa1> http://lpaste.net/93404
[Wed Sep 25 16:50:19 2013] <osa1> though I'm not sure how to prove subst_preservation
[Wed Sep 25 18:19:17 2013] <osa1> is there a way to print what tactics are applied by auto/eauto?
[Wed Sep 25 18:23:03 2013] <Ptival> info_auto
[Wed Sep 25 21:09:41 2013] <osa1> what is difference between try solve [ inversion H; eauto ]. and try (inversion H; eauto). ?
[Wed Sep 25 23:02:33 2013] <ystael> osa1: i believe 'try' by itself does not fail if its argument tactic fails partway down, but you still get whatever changes have been applied up to that point; whereas 'try solve' is a no-op if its argument does not completely solve the goal.
[Wed Sep 25 23:31:12 2013] <maxiepoo> is there a particular reason that the unit value is denoted `tt` ?
[Wed Sep 25 23:37:57 2013] <Ptival> I think it stands for tautology?
[Wed Sep 25 23:39:07 2013] <Ptival> or something like trivially true
[Wed Sep 25 23:42:39 2013] <maxiepoo> ah that kinda makes sense
[Thu Sep 26 09:26:04 2013] <roosbeef> hi
[Thu Sep 26 09:26:18 2013] <roosbeef> is there a way to shorten substrings in proof mode?
[Thu Sep 26 09:26:27 2013] <roosbeef> i would like to do this for better readability
[Thu Sep 26 09:27:49 2013] <roosbeef> for example shorten this to 'max':
[Thu Sep 26 09:27:51 2013] <roosbeef> (max (ft_depth (stratify (à :: r))) (ft_depth (stratify (ó :: r))) * max (ft_width 0 (stratify (à :: r))) (ft_width 0 (stratify (ó :: r))))
[Thu Sep 26 09:41:43 2013] <rribeiro> Hello to all! I'm in trouble to understand a error message given at a definition using the refine tactic. I've pasted the code at http://pastebin.com/HEDwsu5T
[Thu Sep 26 09:42:40 2013] <rribeiro> I can solve the obligations generated by holes, but when I try to "Defined.", it gaves me a error message "Ill formed recursive definition"
[Thu Sep 26 09:45:05 2013] <rribeiro> Could someone give any hints on this error message?
[Thu Sep 26 10:13:56 2013] <jgross> It means that you applied your fixpoint function to an argument that is not structurally smaller.  Try looking a "Show Proof" and seeing where the fixpoint definition show up? 
[Thu Sep 26 10:36:25 2013] <fafounet> how can I state the equivalence between an inductive in Prop and another one in Type?
[Thu Sep 26 10:38:24 2013] <ianjneu> You won't be able to prove it unless your inductive is either empty or a singleton.
[Thu Sep 26 10:38:53 2013] <ianjneu> Things in Prop are inhabited by at most one thing.
[Thu Sep 26 10:41:06 2013] <jgross> ianjneu: That's not provable.  Whether or not things in Prop can be inhabited by multiple things requires an extra axiom. 
[Thu Sep 26 10:41:31 2013] <fafounet> OK. Thus another question: I want an inductive s.t. I can compute on it with Fixpoints and I can state a Proper instance to ease things
[Thu Sep 26 10:41:37 2013] <fafounet> How can I do?
[Thu Sep 26 10:43:34 2013] <ianjneu> I don't know what you're asking.
[Thu Sep 26 10:45:43 2013] <fafounet> I want an inductive MyInd : list form -> form -> ??? (with form defined somewhere)
[Thu Sep 26 10:46:51 2013] <fafounet> I would like to have: Instance compat : Proper (@Permutation _ ==> eq ==> iff) MyInd.
[Thu Sep 26 10:47:24 2013] <fafounet> if I want to compute I need it to be in Type. However for my permutation thing that should be in Prop
[Thu Sep 26 10:47:33 2013] <fafounet> I don't know how to solve this dilemma
[Thu Sep 26 10:48:42 2013] <jgross> I don't really understand what you're asking (what's Permutation), but are you looking for higher inductive types? 
[Thu Sep 26 10:51:20 2013] <fafounet> Permutation is the one of the standard library. This states that if MyInd A B holds, then for any permutation A A', MyInd A' B holds. And later, if I have a permutation as an hypothesis, I can directly use rewrite in my Goal MyInd A B
[Thu Sep 26 10:52:09 2013] <fafounet> I don't about higher inductive types. I'll have a look
[Thu Sep 26 11:02:21 2013] <jgross> Are you asking how to define an "unordered list" inductive type?  The two ways that I know of are by imposing some arbitrary order on the elements of the list, so that for any given set of elements, there's only one "unordered list" with those elements; or by using higher inductive types, which are still in development (not yet in a released version of Coq). 
[Thu Sep 26 11:03:50 2013] <ezyang> i,i higher inductive list with permutation path constructors
[Thu Sep 26 11:04:44 2013] <ezyang> (which is just a quotient type over permutations)
[Thu Sep 26 11:08:00 2013] <fafounet> ok thanks
[Thu Sep 26 11:23:01 2013] <jgross> ezyang: Have you seen https://github.com/barras/coq/tree/hit? 
[Thu Sep 26 11:31:10 2013] <ezyang> nope, not yet
[Thu Sep 26 11:33:56 2013] <jgross> It's an implementation of higher inductive types where you can prove functional extensionality (but you can't compute with it very well, yet). 
[Thu Sep 26 16:03:22 2013] <mortberg> jgross: doesn't function extensionallity from the fact that you can define the interval using higher inductive types?
[Thu Sep 26 16:27:09 2013] <jgross> mortberg: Yes, that's the proof I was thinking of.  I functional extensionality is the simplest result I know of fromm having HITs, and this is the first version of Coq AFAIK that can prove funext without axioms. 
[Thu Sep 26 16:36:02 2013] <mortberg> yeah, ok, that is pretty neat indeed
[Thu Sep 26 17:01:53 2013] <anders__> has anyone emulated coq ide in vim on os x? http://www.vim.org/scripts/script.php?script_id=4388
[Thu Sep 26 17:22:47 2013] <reynir> anders__: https://github.com/trefis/coquille
[Fri Sep 27 00:29:42 2013] <maxiepoo> is coq strongly normalizing?
[Fri Sep 27 02:49:50 2013] <jgross> maxiepoo: Yes.	(Or, at least, it's believed to be.  I think it's been proven somewhere, but I don't have a source.) 
[Fri Sep 27 03:16:23 2013] <mortberg> jgross: for CC you can have a look at Coq in Coq by Bruno Barras and Benjamin Werner, they implement CC in Coq and prove strong normalization. however CC is just a part of the Coq kernel so it does not mean that all of Coq is strongly normalizing...
[Fri Sep 27 03:25:06 2013] <anders_> reynir: thanks!
[Fri Sep 27 04:47:15 2013] <robbert> maxiepoo: no, it is not
[Fri Sep 27 04:49:30 2013] <robbert> try, fix f (x : nat) : nat := let _ := f x in 10) 12
[Fri Sep 27 04:50:07 2013] <robbert> with cbv evaluation, it diverges
[Fri Sep 27 04:50:09 2013] <robbert> Eval compute in (fix f (x : nat) : nat := let _ := f x in 10) 12.
[Fri Sep 27 04:50:16 2013] <robbert> gives a nice "Stack overflow." :)
[Fri Sep 27 04:51:07 2013] <robbert> ah, he's not even here anymore...
[Fri Sep 27 08:48:24 2013] <roosbeef> hi
[Fri Sep 27 08:48:41 2013] <roosbeef> in proof mode, is it possible to 'fold back' functions that are unfolded?
[Fri Sep 27 08:50:09 2013] <roosbeef> or more preferably, would it be possible to just replace some substring with a keyword or something like that? After a few unfolds the propositions can become huge
[Fri Sep 27 08:54:51 2013] <jgross> You can try [fold <function name>], but it doesn't always work very well.  You can also try [change (<form of the goal you want to see>)], if you know what the goal should be.  Look also at the tactic [set], and the [change foo with bar] variant of [change]. 
[Fri Sep 27 08:56:57 2013] <roosbeef> hm
[Fri Sep 27 08:57:24 2013] <roosbeef> so for example suppose i have this in my goal:
[Fri Sep 27 08:57:33 2013] <roosbeef> (max (ft_depth (stratify (à :: r))) (ft_depth (stratify (ó :: r))) * max (ft_width 0 (stratify (à :: r))) (ft_width 0 (stratify (ó :: r)))))
[Fri Sep 27 08:57:52 2013] <roosbeef> and id like to replace it with 'maximal'
[Fri Sep 27 08:57:59 2013] <roosbeef> would that be possible?
[Fri Sep 27 08:58:47 2013] <roosbeef> it would make things a lot easier to read and that substring isnt even really that important for the proof itself anyway
[Fri Sep 27 09:09:19 2013] <jgross> You can try [set (maximal := <that long expression).], as long as it's not under binders (every free variable in that expression is mentioned in the hypotheses, and not bound in the goal).  Alternatively, you can do "Notation maximal := (<that long expression, replacing bound variables by underscores>)." 
[Fri Sep 27 09:10:07 2013] <jgross> If the substring really isn't important, you can do [generalize (<that long expression>); intro.], and then it's just a variable. 
[Fri Sep 27 09:12:06 2013] <roosbeef> works :)
[Fri Sep 27 09:12:09 2013] <roosbeef> thank you!
[Fri Sep 27 10:24:54 2013] <reynir> Is it possible to make a notation so I can use decimal notation for my own types? E.g. 42%my_type
[Fri Sep 27 10:44:59 2013] <jgross> reynir: Yes, but you have to write ml code.  You can look at plugins/syntax/nat_syntax_plugin.* in the coq source tree.  Or you can just make a coercion from nat to your type. 
[Fri Sep 27 10:51:13 2013] <reynir> Thanks. Coercion works great!
[Fri Sep 27 14:25:01 2013] <roosbeef> why cant a proposition contain bool types?
[Fri Sep 27 14:26:01 2013] <ystael> what do you mean by "contain" ?
[Fri Sep 27 14:26:20 2013] <roosbeef> forall x, f_bool x -> f_prop x
[Fri Sep 27 14:26:43 2013] <roosbeef> (where f_bool has return type bool and f_prop return type Prop)
[Fri Sep 27 14:27:12 2013] <roosbeef> Coq would complain if i did that
[Fri Sep 27 14:27:21 2013] <ystael> What is the type f_prop x in case f_bool x is false?
[Fri Sep 27 14:27:55 2013] <roosbeef> is that a trick question? :p
[Fri Sep 27 14:29:06 2013] <ystael> ... I don't think so?
[Fri Sep 27 14:29:23 2013] <roosbeef> oh
[Fri Sep 27 14:29:48 2013] <roosbeef> i guess it would just be 'false'  then?
[Fri Sep 27 14:29:59 2013] <roosbeef> eh wait
[Fri Sep 27 14:30:02 2013] <ystael> not false but False, the inductive type in sort Prop with no constructor
[Fri Sep 27 14:30:10 2013] <roosbeef> yea, im confused
[Fri Sep 27 14:30:11 2013] <roosbeef> i have no idea
[Fri Sep 27 14:30:54 2013] <ystael> Look at it this way.  A proof of forall x, f_bool x -> f_prop x (or, a function of that type) would have to consume a boolean (either true or false) and yield a value of the corresponding type in Prop
[Fri Sep 27 14:31:05 2013] <ystael> But if f_bool x is false, you want the type of proofs of f_prop x to be empty
[Fri Sep 27 14:31:12 2013] <ystael> (otherwise you have proved false)
[Fri Sep 27 14:31:26 2013] <roosbeef> HM
[Fri Sep 27 14:31:29 2013] <ystael> So your function cannot yield anything at an x for which f_bool x = false
[Fri Sep 27 14:31:30 2013] <roosbeef> that makes sense
[Fri Sep 27 14:31:37 2013] <roosbeef> ok
[Fri Sep 27 14:31:45 2013] <ystael> Try instead: forall x, f_bool x = true -> f_prop x
[Fri Sep 27 14:31:55 2013] <roosbeef> ah :)
[Fri Sep 27 14:32:01 2013] <roosbeef> sounds good
[Fri Sep 27 14:32:03 2013] <roosbeef> lemme try
[Fri Sep 27 14:33:22 2013] <roosbeef> works :)
[Fri Sep 27 14:33:45 2013] <roosbeef> is it possible to apply an hypothesis to another hypothesis?
[Fri Sep 27 14:33:49 2013] <roosbeef> for example,
[Fri Sep 27 14:33:59 2013] <roosbeef> H : fl_isin à r = true
[Fri Sep 27 14:33:59 2013] <roosbeef> H0 : if fl_isin à r
[Fri Sep 27 14:34:19 2013] <roosbeef> would it be possible to plug H into the if condition of H0?
[Fri Sep 27 14:34:31 2013] <ystael> you can `rewrite H in H0`
[Fri Sep 27 14:34:40 2013] <roosbeef> ha gotcha
[Fri Sep 27 14:34:41 2013] <ystael> similarly `apply H in H0`, though I think rewrite is what you want here
[Fri Sep 27 14:35:18 2013] <roosbeef> apply H in H0 didnt work
[Fri Sep 27 14:35:21 2013] <roosbeef> it said "Error: Statement without assumptions."
[Fri Sep 27 14:35:36 2013] <ystael> yeah.  apply is for conditionals.  you want rewrite, that uses equations.
[Fri Sep 27 14:38:11 2013] <roosbeef> hm
[Fri Sep 27 14:38:18 2013] <roosbeef> sorry for asking so many questions :/
[Fri Sep 27 14:38:21 2013] <roosbeef> but how do i rewrite this
[Fri Sep 27 14:38:23 2013] <roosbeef> H0 : (if fl_isin à (highest r) then true else false) = true
[Fri Sep 27 14:38:24 2013] <roosbeef> to
[Fri Sep 27 14:38:35 2013] <roosbeef> H0 : fl_isin à (highest r) = true
[Fri Sep 27 14:38:47 2013] <roosbeef> (which seems to be equivalent)
[Fri Sep 27 14:39:24 2013] <ystael> the way i would do that is case analysis on fl_isin à (highest r)
[Fri Sep 27 14:39:41 2013] <ystael> destruct (fl_isin à (highest r)) eqn: H1
[Fri Sep 27 14:39:54 2013] <roosbeef> what does eqn: H1 do?
[Fri Sep 27 14:40:07 2013] <ystael> eqn: H1 tells destruct to retain an equation in the context telling you which case you're in
[Fri Sep 27 14:40:29 2013] <roosbeef> to retain it?
[Fri Sep 27 14:40:30 2013] <ystael> otherwise you don't actually know that the 'true' or 'false' you obtained by case analysis is connected to the originally analyzed term fl_isin à (highest r)
[Fri Sep 27 14:41:00 2013] <ystael> try the destruct with and without it and see the difference
[Fri Sep 27 14:41:06 2013] <roosbeef> ok let me see
[Fri Sep 27 14:42:20 2013] <roosbeef> it splits the proof in two cases
[Fri Sep 27 14:42:36 2013] <roosbeef> one where H0: true = true
[Fri Sep 27 14:42:41 2013] <roosbeef> and one where H0: false = true
[Fri Sep 27 14:43:36 2013] <roosbeef> was eqn: H1 supposed to prevent that from happening?
[Fri Sep 27 14:44:26 2013] <ystael> eqn: H1 adds an additional hypothesis which is the thing you actually wanted to remember
[Fri Sep 27 14:44:42 2013] <roosbeef> yes
[Fri Sep 27 14:44:56 2013] <ystael> and you can clear the false = true case with `contradiction`
[Fri Sep 27 14:46:18 2013] <roosbeef> ok works :)
[Fri Sep 27 14:46:26 2013] <roosbeef> is there a way to merge the subgoals?
[Fri Sep 27 14:46:31 2013] <roosbeef> as they are the same now
[Fri Sep 27 14:46:41 2013] <ystael> you can clear the one you don't care about by chaining
[Fri Sep 27 14:46:52 2013] <ystael> destruct (fl_isin à (highest r)) eqn H1; try contradiction.
[Fri Sep 27 14:47:11 2013] <roosbeef> oh wait i think it auto-merged the subgoals
[Fri Sep 27 14:47:21 2013] <roosbeef> how do i unfocus after i did Focus 2?
[Fri Sep 27 14:47:34 2013] <ystael> um, Focus 1. ?
[Fri Sep 27 14:47:35 2013] <ystael> :)
[Fri Sep 27 14:47:36 2013] <roosbeef> (to see all subgoals again)
[Fri Sep 27 14:47:41 2013] <ystael> oh, I don't know
[Fri Sep 27 14:47:52 2013] <roosbeef> yea but then i cant Focus 2 anymore, so i guess it merged them
[Fri Sep 27 14:48:02 2013] <roosbeef> :p
[Fri Sep 27 14:49:08 2013] <reynir> Sometimes I get hypothesises of the form [C1 x1 = C2 x2] where C1 and C2 are two different constructors. Is there a thing like discriminate that automatically finds such hypothesis?
[Fri Sep 27 14:55:51 2013] <Ptival> congruence?
[Fri Sep 27 14:56:49 2013] <Ptival> but doesn't discriminate do that already?
[Fri Sep 27 15:00:14 2013] <roosbeef> can i use Lists.List.In as an if condition? For example if (In x y) then ...?
[Fri Sep 27 15:00:31 2013] <Ptival> you'd use In_dec
[Fri Sep 27 15:01:01 2013] <Ptival> in_dec in fact
[Fri Sep 27 15:01:16 2013] <Ptival> (the naming schemes in this stdlib @___@)
[Fri Sep 27 15:02:27 2013] <roosbeef> both work
[Fri Sep 27 15:02:30 2013] <roosbeef> but what does this mean
[Fri Sep 27 15:02:33 2013] <roosbeef> (forall x y:A, {x = y} + {x <> y})
[Fri Sep 27 15:02:39 2013] <roosbeef> what does the + mean here
[Fri Sep 27 15:02:56 2013] <roosbeef> boolean and?
[Fri Sep 27 15:03:07 2013] <roosbeef> err logical i mean
[Fri Sep 27 15:05:37 2013] <roosbeef> * confused
[Fri Sep 27 15:08:01 2013] <roosbeef> are you sure in_dec is the boolean version of In?
[Fri Sep 27 15:08:22 2013] <roosbeef> it looks more like some theorem to prove a property of In
[Fri Sep 27 15:15:19 2013] <reynir> Ptival: Looks like you are right. I must have missed that when I read the documentation
[Fri Sep 27 15:35:13 2013] <ystael> roosbeef: That type is a more sophisticated version of boolean equality
[Fri Sep 27 15:35:34 2013] <ystael> Instead of a true value or a false value, it gives a proof that x = y is true or a proof that x <> y is true (which is a proof that x = y -> False)
[Fri Sep 27 15:36:03 2013] <ystael> Because `if` is just syntactic sugar for a pattern match on any two-constructor datatype, you can use this type in an `if` just as if it were a boolean
[Fri Sep 27 15:36:15 2013] <ystael> ... oh. gone.  :(
[Fri Sep 27 16:17:46 2013] <Ptival> :\
[Fri Sep 27 16:20:03 2013] <reynir> ystael: I appreciate the explanation even though I didn't ask :)
[Fri Sep 27 16:20:50 2013] <ystael> :)
[Sat Sep 28 08:02:55 2013] <tee0> Hello.
[Sat Sep 28 08:03:56 2013] <tee0> I'm using coq with proof general and in Utoks mode i've noticed that => got converted into real unicode ⇒ and coq doesn't recognize it.
[Sat Sep 28 08:04:48 2013] <tee0> Is ther a way to tell Utoks mode not to convert tokens into real unicode?
[Sat Sep 28 09:16:02 2013] <Cale> tee0: Isn't that what Utoks mode is for?
[Sat Sep 28 09:16:48 2013] <Cale> Oh, right, the idea is that it doesn't actually modify the underlying buffer, only displays it as such
[Sat Sep 28 09:46:43 2013] <tee0> Cale: Yeah, but it does modify it for some reason
[Sat Sep 28 09:49:29 2013] <tee0> And it obvously break things. :(
[Sat Sep 28 11:35:50 2013] <reynir> I have a project with subdirectories. In emacs+proofgeneral I have a problem where it can't find one of the libraries. What can I do?
[Sat Sep 28 15:05:34 2013] <defanor_> i'm stuck on classical_axioms exercise from http://www.cis.upenn.edu/~bcpierce/sf/Logic.html. should i prove that, for example, "peirce -> classic" (and four more similar implications)? if so, looks like i need some advice/hint how to do it. after unfolding and intros, i just can't see what to do next: tried to apply "peirce" with something, but had no success
[Sat Sep 28 15:07:12 2013] <ianjneu> defanor_: keep playing with it
[Sat Sep 28 15:08:23 2013] <defanor_> i'll try, thanks
[Sat Sep 28 16:18:35 2013] <defanor_> yay, done with "peirce -> classic"
[Sun Sep 29 15:51:40 2013] <osa1> almost all of the proofs in References.v fail at somewhere in my Coq installation
[Sun Sep 29 15:51:55 2013] <osa1> which is version 84pl2 (June 2013)
[Sun Sep 29 15:52:03 2013] <osa1> 8.4*
[Sun Sep 29 17:13:40 2013] <defanor> i'm stuck on the same exercise again (http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, classical_axioms), on the last theorem: implies_to_or -> peirce, need a hint/advice. here is my progress (not even sure if i'm on a right way): http://lpaste.net/7367171717954797568. also tried inversion on ITO, but it looks tricky
[Sun Sep 29 17:16:25 2013] <defanor> *induction on ITO
[Sun Sep 29 17:20:35 2013] <defanor> *seems
[Sun Sep 29 19:32:44 2013] <robbert> defanor: I don't think you are on the right way
[Sun Sep 29 19:33:40 2013] <robbert> you have to make a smart choice which propositions to use for implies_to_or with
[Sun Sep 29 19:33:52 2013] <robbert> you only need to use implies_to_or once
[Sun Sep 29 19:34:11 2013] <robbert> and if you make the right choice, the remaining proof is entirely trivial
[Sun Sep 29 19:35:03 2013] <robbert> (my proof takes 45 characters)
[Sun Sep 29 19:38:05 2013] <defanor> robbert: thanks
[Sun Sep 29 19:40:58 2013] <robbert> to give a further hint, you can (and most sensibly have to) make that choice straight away after the intros
[Sun Sep 29 19:43:14 2013] <robbert> defanor: and yet another hint, try proving implies_to_or -> excluded_middle before, it may give you some insight
[Sun Sep 29 19:45:44 2013] <defanor> robbert: thanks again, going to try it now
[Sun Sep 29 19:54:13 2013] <defanor> yay, finally done with it
[Sun Sep 29 19:58:07 2013] <robbert> defanor: well done!
[Mon Sep 30 09:57:06 2013] <roosbeef> im trying to use the function 'In' as an if-condition
[Mon Sep 30 09:57:31 2013] <roosbeef> so that the if statement would return one thing if some element is in some list, and another thing otherwise
[Mon Sep 30 09:57:33 2013] <roosbeef> eg.
[Mon Sep 30 09:57:35 2013] <roosbeef> Definition test_in (e : nat) (list : list nat) : bool :=
[Mon Sep 30 09:57:35 2013] <roosbeef>   if (In e list) then true else false.
[Mon Sep 30 09:57:39 2013] <roosbeef> why does this not work?
[Mon Sep 30 09:58:08 2013] <roosbeef> Coq tells me: Error: The term "In e list" has type "Prop" which is not a (co-)inductive type.
[Mon Sep 30 09:58:24 2013] <roosbeef> what does that mean and how instead should i apply In?
[Mon Sep 30 09:59:36 2013] <ianjneu> In is not a decidable property. You need In_dec with a list that has decidable equality.
[Mon Sep 30 10:05:02 2013] <roosbeef> have to reboot, brb 2 mins
[Mon Sep 30 10:09:23 2013] <roosbeef> ianjneu, how do i tell in_dec about the lists decidability? It doesnt seem to automatically infer it
[Mon Sep 30 10:10:38 2013] <roosbeef> the lists equality decidability, i mean*
[Mon Sep 30 10:14:50 2013] <roosbeef> it seems to require something like (H : forall x y : A, {x = y} + {x <> y})
[Mon Sep 30 10:15:08 2013] <roosbeef> but that notation doesnt make sense to me
[Mon Sep 30 10:17:14 2013] <roosbeef> what type of function is that, do i need to custom write one for the list type im using?
[Mon Sep 30 10:17:33 2013] <roosbeef> what does x = y + x <> y mean?
[Mon Sep 30 10:18:35 2013] <roosbeef> hm is that like a set with all x and y that are either equal xor not equal?
[Mon Sep 30 10:19:37 2013] <ianjneu> one sec
[Mon Sep 30 10:21:03 2013] <ianjneu> {x = y} + {x <> y} is a decision procedure for elements of the type A, where you're trying to decide in_dec for some list A.
[Mon Sep 30 10:23:30 2013] <ianjneu> If you have your type in hand but no decision procedure, you likely can define it with the "decide equality" tactic.
[Mon Sep 30 10:23:54 2013] <roosbeef> wait tactics are to be used in Proof mode arent they?
[Mon Sep 30 10:25:20 2013] <ianjneu> Definition my_eq_dec : the-dec-eq-type. decide equality. Defined.
[Mon Sep 30 10:28:06 2013] <roosbeef> cool works :)
[Mon Sep 30 10:28:12 2013] <roosbeef> thanks ianjneu
[Mon Sep 30 10:34:49 2013] <roosbeef> ianjneu, it doesnt work for this type: https://privatepaste.com/8f74555e33
[Mon Sep 30 10:35:05 2013] <roosbeef> (the bottom type, i mean)
[Mon Sep 30 10:35:07 2013] <roosbeef> why is that?
[Mon Sep 30 10:35:58 2013] <ianjneu> it depends on other types having decidable equality. You have to apply letter_eq_dec and accent_eq_dec at the appropriate times.
[Mon Sep 30 10:36:23 2013] <ianjneu> Or you can duplicate their work and use "repeat decidable equality"
[Mon Sep 30 10:37:35 2013] <roosbeef> ha that works :p
[Mon Sep 30 10:37:55 2013] <ianjneu> decide equality; try solve [apply accent_dec | apply letter_dec].
[Mon Sep 30 10:38:01 2013] <ianjneu> also works.
[Mon Sep 30 10:39:24 2013] <ianjneu> I don't know how to prove decidable equality without an annoying amout of work for something like Inductive S : Type := A : S | B : list S -> S.
[Mon Sep 30 10:52:36 2013] <roosbeef> hm
[Mon Sep 30 10:53:24 2013] <roosbeef> what if i want to state in a theorem (to be proven) that some letter is in some list?
[Mon Sep 30 10:54:39 2013] <roosbeef> eg. https://privatepaste.com/eae3d6b2d2
[Mon Sep 30 10:55:09 2013] <roosbeef> Coq says Error: In environment r : list fletter The term "in_dec fl_eq_dec à r" has type "{In à r} + {~ In à r}" which should be Set, Prop or Type.
[Mon Sep 30 10:57:28 2013] <ianjneu> in_dec is useful for programming / proving. You want to use In for statements of propositions.
[Mon Sep 30 10:57:50 2013] <roosbeef> oh lol
[Mon Sep 30 10:58:00 2013] <roosbeef> yea In just works there :P
[Mon Sep 30 10:58:05 2013] <roosbeef> thanks
[Mon Sep 30 11:03:00 2013] <roosbeef> is there a function to inject an element at some specific point in a list? Eg. inject z 2 (a :: b :: c :: d :: nil) would be (a :: b :: z :: c :: d :: nil)
[Mon Sep 30 11:03:28 2013] <roosbeef> (or maybe overwrite that location)
[Mon Sep 30 11:09:38 2013] <roosbeef> i wrote a function myself but trying to replace as much code as i can by code from the stdlib, because it will probably make proofs a lot simpler
[Mon Sep 30 11:09:58 2013] <roosbeef> cook dinner bbl
[Mon Sep 30 11:10:01 2013] <roosbeef> <3
[Mon Sep 30 15:16:14 2013] <osa1> do you guys know anything about this: "Integrating infinite data and coinduction with dependent types is tricky. For example, in the Calculus of (Co)Inductive Construc- tions, the core theory underlying Coq (INRIA 2012), coinduction is broken, since computation does not preserve types (Gim ́enez 1996)"
[Mon Sep 30 15:17:17 2013] <osa1> (from Wellfounded Recursion with Copattern paper)
[Mon Sep 30 15:23:53 2013] <osa1> sorry for off-topic question but are SMT-prover and SMT-solver same things?
[Mon Sep 30 15:35:25 2013] <Anarchos> osa1 yes :)
[Mon Sep 30 15:36:32 2013] <osa1> Anarchos: was that for first question or second one?
[Mon Sep 30 15:36:41 2013] <Anarchos> for the first
[Mon Sep 30 15:37:04 2013] <osa1> great, can you give me an example of this for demonstration?
[Mon Sep 30 15:37:33 2013] <osa1> does that mean we don't have preservation theorem for Coq? and if so, doesn't that make Coq an unsound system?
[Mon Sep 30 15:37:33 2013] <Anarchos> no sory i just have  a slightly idea of what he said
[Mon Sep 30 15:37:44 2013] <osa1> ah ok
[Mon Sep 30 15:38:00 2013] <Anarchos> it just said that they had to insert cofixpoint as primitive (as fixpoint) to deal with infinite datas
[Mon Sep 30 16:05:28 2013] <maxiepoo> hi could someone help me out? I'm getting a weird type error, but only when other type errors are present in a definition
[Mon Sep 30 16:05:43 2013] <maxiepoo> in a separate case of a match
[Mon Sep 30 16:05:58 2013] <maxiepoo> Here's the gist: https://gist.github.com/maxsnew/6769354
[Mon Sep 30 16:09:57 2013] <Anarchos> maxiepoo let me look
[Mon Sep 30 16:10:33 2013] <maxiepoo> it
[Mon Sep 30 16:10:38 2013] <maxiepoo> 's very strange
[Mon Sep 30 16:12:02 2013] <Anarchos> TinConst takes only one parameter, not two
[Mon Sep 30 16:12:49 2013] <Anarchos> wops sorry not
[Mon Sep 30 16:12:53 2013] <maxiepoo> yea
[Mon Sep 30 16:13:04 2013] <Anarchos> the type of (n,s) is a couple
[Mon Sep 30 16:13:16 2013] <maxiepoo> the weird thing is that it says there's a type error in the TiNConst case
[Mon Sep 30 16:13:22 2013] <Anarchos> but you declare line 62 to be vstack ts'
[Mon Sep 30 16:13:47 2013] <maxiepoo> but when you fix the error in the TiBinop case, it disappears
[Mon Sep 30 16:14:06 2013] <Anarchos> in the following line TiNConst has only one parameter :
[Mon Sep 30 16:14:07 2013] <Anarchos> | TiNConst : forall s, nat -> tinstr s (Nat :: s)
[Mon Sep 30 16:14:58 2013] <Anarchos> and it returns a function taking a nat
[Mon Sep 30 16:15:06 2013] <Anarchos> did you try (s,n) instead of (n,s) ?
[Mon Sep 30 16:15:29 2013] <maxiepoo> no, that's not the bug
[Mon Sep 30 16:15:36 2013] <maxiepoo> that case is actually correct
[Mon Sep 30 16:15:39 2013] <Anarchos> ok
[Mon Sep 30 16:15:57 2013] <Anarchos> maybe coq types cases in match in reverse order, as in ocaml
[Mon Sep 30 16:16:11 2013] <maxiepoo> if you uncomment the tbinopDenote case and comment the one that's currently there
[Mon Sep 30 16:16:15 2013] <Anarchos> so the type of TiNConst is matched against TiBinop
[Mon Sep 30 16:16:19 2013] <maxiepoo> then the whole thing typechecks
[Mon Sep 30 16:16:55 2013] <maxiepoo> and works
[Mon Sep 30 16:17:10 2013] <Anarchos> what means the first ' in  let '(arg1, (arg2, s')) := s in ?
[Mon Sep 30 16:17:41 2013] <maxiepoo> it's special let syntax
[Mon Sep 30 16:17:45 2013] <maxiepoo> I got this from the book
[Mon Sep 30 16:17:53 2013] <maxiepoo> the Chlipala book
[Mon Sep 30 16:18:15 2013] <maxiepoo> "Certified Programming with Dependent Types"
[Mon Sep 30 16:18:20 2013] <maxiepoo> Chapter 2
[Mon Sep 30 16:18:23 2013] <Anarchos> ok
[Mon Sep 30 16:18:26 2013] <Anarchos> i know this book
[Mon Sep 30 16:18:45 2013] <maxiepoo> and I added pairs to the language
[Mon Sep 30 16:18:50 2013] <Anarchos> for the syntax error i am not skilled enough to spot it in a minute
[Mon Sep 30 16:19:26 2013] <maxiepoo> it's not a syntax error though, that's what's so frustrating
[Mon Sep 30 16:34:03 2013] <Ptival> which syntax error?
[Mon Sep 30 16:38:51 2013] <maxiepoo> there isn't a syntax error
[Mon Sep 30 16:38:51 2013] <Ptival> the problem is that at that point, the mechanism that tries to figure out the match's return type annotation has been disturbed by the second branch
[Mon Sep 30 16:39:19 2013] <maxiepoo> why?
[Mon Sep 30 16:40:00 2013] <Ptival> well it should return a vstack ts' where ts' is the second index of i
[Mon Sep 30 16:40:23 2013] <maxiepoo> yes
[Mon Sep 30 16:41:18 2013] <Ptival> but the second branch does not typecheck with respect to that
[Mon Sep 30 16:41:20 2013] <maxiepoo> oh and also, I want to mention that the same error happens when the tBinop case is completely missing
[Mon Sep 30 16:41:43 2013] <maxiepoo> so want I really want to know
[Mon Sep 30 16:41:45 2013] <maxiepoo> is
[Mon Sep 30 16:42:32 2013] <maxiepoo> is there something I can do to the first case so that it catches the errors in the `TiBinop` case instead of the `TiNConst` case
[Mon Sep 30 16:42:57 2013] <maxiepoo> I had similar problems before, but I could just annotate them
[Mon Sep 30 16:43:14 2013] <maxiepoo> for this one, I can't seem to annotate it properly to get the error to go away
[Mon Sep 30 16:44:51 2013] <Ptival> oh
[Mon Sep 30 16:45:24 2013] <Ptival> http://paste.awesom.eu/Ptival/YUo
[Mon Sep 30 16:46:56 2013] <maxiepoo> Hurrah!
[Mon Sep 30 16:47:06 2013] <maxiepoo> now would you mind explaining it to me?
[Mon Sep 30 16:47:13 2013] <Ptival> explain the return annotation?
[Mon Sep 30 16:47:15 2013] <maxiepoo> yeah
[Mon Sep 30 16:47:39 2013] <maxiepoo> I haven't seen it before, I've just started the Chlipala book
[Mon Sep 30 16:47:43 2013] <Ptival> ok
[Mon Sep 30 16:49:24 2013] <Ptival> well the general form of an annotated match is 'match foo as x in T _ _ i1 i2 return R foo x i1 i2 with ... end'
[Mon Sep 30 16:49:45 2013] <Ptival> the 'x' part allows you to bind the term being discriminated
[Mon Sep 30 16:50:05 2013] <Ptival> the 'T _ _ i1 i2' part allows you to bind its type's indices
[Mon Sep 30 16:50:25 2013] <Ptival> and then in the return part you can use all of these bound values
[Mon Sep 30 16:50:53 2013] <ystael> Ptival: meaning the 'in' part ascribes a specific (partially or completely) instantiated type to foo?
[Mon Sep 30 16:50:57 2013] <Ptival> here you want to return "vstack ts -> vstack ts'" where ts and ts' are the indices of the constructor being matched
[Mon Sep 30 16:51:35 2013] <Ptival> ystael: it doesn't really ascribe or instantiates no :\
[Mon Sep 30 16:52:01 2013] <Ptival> the T in the 'in' part is the type of 'foo'
[Mon Sep 30 16:52:04 2013] <ystael> oh, it's just a local binder for names for the indices?
[Mon Sep 30 16:52:07 2013] <Ptival> yes
[Mon Sep 30 16:53:20 2013] <maxiepoo> ah this makes sense
[Mon Sep 30 16:53:23 2013] <maxiepoo> Ptival: thanks!
[Mon Sep 30 16:53:24 2013] <Ptival> you say that foo has type 'T _ _ i1 i2', where the underscores are for parameters (that you don't really need to name because they are uniform), and the i1 i2 gives you a name in order to refer to the index in the return part
[Mon Sep 30 16:53:49 2013] <Ptival> this way, in each branch, i1 and i2 become the index of that particular constructor
[Mon Sep 30 16:54:31 2013] <ystael> I tried working through this book some time ago and I sort of bounced off the problem of understanding dependent match annotations
[Mon Sep 30 16:58:20 2013] <Ptival> yeah it took me a few tries before groking it
[Mon Sep 30 16:58:46 2013] <Ptival> it's easy to explain on a whiteboard
[Mon Sep 30 16:59:02 2013] <Ptival> not so much to write it up :)
[Mon Sep 30 16:59:06 2013] <Ptival> ezyang: ^
[Mon Sep 30 18:25:13 2013] <joe______> Hi, I am super new at Coq, what tactic would eliminate the same term from both sides of an inequality/equation?
[Mon Sep 30 18:27:34 2013] <Ptival> injection?
[Mon Sep 30 18:27:48 2013] <Ptival> joe______: could you be more precise (an example for instance)?
[Mon Sep 30 18:31:37 2013] <joe______> hmm say I am trying to show that op x + op y <= op x + op z
[Mon Sep 30 18:31:46 2013] <joe______> where x, y, z are nat
[Mon Sep 30 18:34:08 2013] <Ptival> oh inequality
[Mon Sep 30 18:34:09 2013] <Ptival> I misread
[Mon Sep 30 18:35:21 2013] <tomprince> I don't think there is a tactic. You'll probably have to use theormes.
[Mon Sep 30 18:35:22 2013] <Ptival> I don't think there's a tactic that simplifies this
[Mon Sep 30 18:35:54 2013] <Ptival> if you have a op y <= op z, omega should finish, but otherwise you pretty much have to direct the reasoning here
[Mon Sep 30 18:40:42 2013] <joe______> hm, is there a simple example of the latter case?
[Mon Sep 30 18:57:18 2013] <Ptival> I don't really have things set up for that now
[Mon Sep 30 18:57:27 2013] <Ptival> SearchAbout (_ <= _) might helps
[Mon Sep 30 19:11:41 2013] <joe______> np, thanks for your help anyway
[Mon Sep 30 19:16:01 2013] <Ptival> you'll probably want to apply something like (a <= b -> c <= d -> a + c <= b + d)
[Mon Sep 30 19:16:05 2013] <Ptival> or maybe it'll be a
[Mon Sep 30 19:16:31 2013] <Ptival> Proper (le ==> le ==> le) plus
[Mon Sep 30 19:16:54 2013] <Ptival> but searching the stdlib is a pain
[Tue Oct  1 03:04:27 2013] <gdsfh> hello.  I have a question with no practical meaning.  "Goal forall A (a b : A) (P Q : a = b), P = Q." -- can this be proved without axioms?  (I think it can't.)  Which axioms are needed to prove it?  Why anyone will want to prove it?
[Tue Oct  1 03:13:55 2013] <shachaf> Maybe http://coq.inria.fr/stdlib/Coq.Logic.ProofIrrelevance.html is relevant to your proof?
[Tue Oct  1 03:16:55 2013] <gdsfh> really, it can finish the proof easily.  (dumb me, forgot about it.)  but the last question still holds.
[Tue Oct  1 03:17:27 2013] <shachaf> Oh, and http://coq.inria.fr/stdlib/Coq.Logic.EqdepFacts.html has exactly what you said (Uniqueness of Identity Proofs).
[Tue Oct  1 03:18:55 2013] <gdsfh> yes.  thanks.
[Tue Oct  1 03:20:07 2013] <gdsfh> (also i promise not to ask questions when i haven't woke up properly.)
[Tue Oct  1 06:01:12 2013] <jgross> gdsfh: That implies that [forall A P (a : A) (x y : P a), existT P a x = existT P a y -> x = y]. 
[Tue Oct  1 06:01:26 2013] <jgross> This statement is unprovable without UIP. 
[Tue Oct  1 06:19:40 2013] <gdsfh> jgross: got it.
[Tue Oct  1 10:48:06 2013] <robbert> gdsfh: the statement is provable if you specify to a type [A] with decidable equality
[Tue Oct  1 10:52:11 2013] <gdsfh> robbert: good to know.  It seems I understand how to do it (and doubt I'll try).  But nobody had answered _why_ anyone will ever want to prove an equality of equality-proofs.  Maybe you know it?
[Tue Oct  1 11:33:52 2013] <jgross> gdsfh: Is proving that equality of the second of dependent pairs (sigma types) not enough of a reason to want to prove UIP? Alternatively/additionally, you can go look into homotopy type theory, which talks a lot about which proofs of equality are equal and which aren't (because, secretly, equalities are path spaces). 
[Tue Oct  1 12:26:08 2013] <gdsfh> jgross: HoTT was an origin of my question: I've discussed it privately with someone who told me that it's cool to prove equalities of equality proofs.  Equalities on values of sigma-types -- good point.  (but handmade equality-like relation can be helpful too, that one that discards second component of dependent pair.)
[Tue Oct  1 12:31:35 2013] <jgross> If you want to discard the second component, the appropriate (HoTT) way to do it is to take the truncation of the second component, i.e., { x : A & |B x| } where |T| means "the type T, but with all elements identified". 
[Tue Oct  1 12:34:34 2013] <jgross> If you're in a regime where you're not assuming UIP as an axiom, then it's useful to prove it for particular types, because then you get, e.g., the permission to use axiom-K-based pattern matching (which is nicer, in some cases); the ability to use that type as the morphisms of a precategory; the ability to use that type as the objects of a strict category; the ability to apply any theorem you've proven about hSets (discrete types), etc. 
[Tue Oct  1 13:38:29 2013] <ystael> Has someone written an expository overview of the various "extra" axioms that are frequently added to base CoC and how they relate to each other?  (Things like UIP, axiom K, etc)
[Tue Oct  1 13:39:22 2013] <ystael> When someone mentions one of these things I vaguely know what they're referring to, but not really what the implications are.
[Tue Oct  1 13:48:00 2013] <Ptival> ystael: I seem to remember such a thing in the Coq FAQ
[Tue Oct  1 13:49:10 2013] <Ptival> http://coq.inria.fr/faq?som=5#htoc36
[Tue Oct  1 13:49:57 2013] <ystael> Ptival: I saw that - I was wondering if there existed anywhere a more in-depth exposition
[Tue Oct  1 13:50:07 2013] <Ptival> ok, sorry
[Tue Oct  1 13:50:35 2013] <ystael> no, no, I wasn't clear, don't apologize!  :)
[Tue Oct  1 13:52:14 2013] <ystael> Have you read this paper Hofmann/Streicher 'The groupoid interpretation of type theory' which is referred to from that section of the FAQ?  maybe I should start there
[Tue Oct  1 13:58:03 2013] <Ptival> no I don't know much either
[Tue Oct  1 15:21:53 2013] <roosbeef> hm
[Tue Oct  1 15:24:18 2013] <roosbeef> im trying to prove this: https://privatepaste.com/ce8bc29e4b
[Tue Oct  1 15:25:31 2013] <roosbeef> but in the definition of 'highest' ive used in_dec, and in the proof ive used In
[Tue Oct  1 15:25:50 2013] <roosbeef> the definition would not allow use of In, and the proof would not allow use of in_dec
[Tue Oct  1 15:26:19 2013] <roosbeef> how can i then still use the assumption of the proof when im unfolding 'highest'?
[Tue Oct  1 15:26:41 2013] <roosbeef> if that makes sense
[Tue Oct  1 15:26:52 2013] <ystael> roosbeef: look at the result type of in_dec
[Tue Oct  1 15:27:22 2013] <roosbeef> how?
[Tue Oct  1 15:27:59 2013] <ystael> in_dec a l has type {In a l} + {~ In a l}
[Tue Oct  1 15:28:21 2013] <ystael> ah, I see, you need to go the other way
[Tue Oct  1 15:29:17 2013] <ystael> you could try destructing the application of in_dec and obtaining a contradiction in the context in the cases that cannot hodl
[Tue Oct  1 15:29:20 2013] <ystael> hold
[Tue Oct  1 15:30:26 2013] <ystael> it's hard to say what to do without seeing the complete script
[Tue Oct  1 15:30:54 2013] <roosbeef> :p
[Tue Oct  1 15:31:13 2013] <Ptival> could you at least paste the proof state at the point where you are stuck?
[Tue Oct  1 15:31:31 2013] <Ptival> you can probably destruct an in_dec, but I can't really help blindly
[Tue Oct  1 15:32:03 2013] <roosbeef> i can paste the whole thing but its kinda big
[Tue Oct  1 15:32:22 2013] <roosbeef> (although i guess you guys have probably seen much worse)
[Tue Oct  1 15:33:00 2013] <roosbeef> ill isolate the relevant parts, brb
[Tue Oct  1 15:35:55 2013] <Ptival> or at least the definition of highest
[Tue Oct  1 15:38:44 2013] <roosbeef> https://privatepaste.com/48cc92648b
[Tue Oct  1 15:39:05 2013] <roosbeef> should work in CoqIDE
[Tue Oct  1 15:39:24 2013] <roosbeef> the thing im trying to prove unfolds to huge proportions
[Tue Oct  1 15:39:52 2013] <roosbeef> so im just playing around with simplified subproblems
[Tue Oct  1 15:40:54 2013] <ystael> one could give a much simpler definition of 'highest'; do you have a particular reason for the definition you've chosen?
[Tue Oct  1 15:41:18 2013] <ystael> eh, wait, i may have misunderstood your intent
[Tue Oct  1 15:41:53 2013] <roosbeef> suggestions are very welcome :p
[Tue Oct  1 15:42:52 2013] <ystael> I would do it in the standard tail-recursive way with an auxiliary accumulator
[Tue Oct  1 15:43:36 2013] <ystael> Fixpoint highest (accum ll: list fletter)
[Tue Oct  1 15:43:51 2013] <ystael> where you add an element to accum if it is not equal to or dominated by any of the existing elements of accum
[Tue Oct  1 15:44:31 2013] <ystael> The flattening function extract_list seems like it makes things inconvenient
[Tue Oct  1 15:45:37 2013] <roosbeef> could you give an example of a function that uses this accum parameter?
[Tue Oct  1 15:46:54 2013] <ystael> Fixpoint fact_iter (accum n: nat): nat := match n with | O => accum | S n' => fact_iter (n * accum) n' end.
[Tue Oct  1 15:47:04 2013] <ystael> Definition fact (n: nat): nat := fact_iter 1 n.
[Tue Oct  1 15:47:18 2013] <ystael> I just typed that into the chat, it may be totally wrong.
[Tue Oct  1 15:47:36 2013] <roosbeef> lets have a look
[Tue Oct  1 15:48:29 2013] <roosbeef> (works)
[Tue Oct  1 15:49:57 2013] <ystael> This is just recognizing that what you're doing is a kind of fold
[Tue Oct  1 15:52:56 2013] <roosbeef> let me try and rewrite highest to a more simplified form
[Tue Oct  1 16:14:42 2013] <roosbeef> ystael, something like this? https://privatepaste.com/5d748d7869
[Tue Oct  1 16:17:36 2013] <roosbeef> oh wait it returns nil :p that should be result
[Tue Oct  1 16:20:49 2013] <roosbeef> seems to do what its supposed to, but is that what you meant? Do you think it could be further simplified?
[Tue Oct  1 16:21:06 2013] <roosbeef> (library is almost closing btw, gotta leave in 5 min)
[Tue Oct  1 16:24:41 2013] <ianjneu> bools don't encode correctness information.
[Tue Oct  1 16:25:09 2013] <roosbeef> ianjneu, what do you mean by that
[Tue Oct  1 16:25:46 2013] <ianjneu> You can write your bool decision procedures, but you will need to show that f(args ...) = true implies some-property(args ...) and vice versa.
[Tue Oct  1 16:26:10 2013] <roosbeef> you mean that the current notation doesnt mean what it should?
[Tue Oct  1 16:26:51 2013] <ianjneu> If you write less-than as an inductive definition that is a proposition for what "less-than" means, you can write a correctness theorem for your boolean-returning functions.
[Tue Oct  1 16:27:20 2013] <ianjneu> Otherwise, you just get "true" or "false" out of the function and get no semantic information for later proofs.
[Tue Oct  1 16:27:36 2013] <roosbeef> can i get back to you later on this?
[Tue Oct  1 16:27:47 2013] <ianjneu> I should be around for another hour or so.
[Tue Oct  1 16:27:47 2013] <roosbeef> it sounds quite important but i dont have time to look into it atm :<
[Tue Oct  1 16:27:54 2013] <roosbeef> tomorrow maybe?
[Tue Oct  1 16:28:01 2013] <ianjneu> perhaps, sure.
[Tue Oct  1 16:28:07 2013] <roosbeef> cool
[Tue Oct  1 16:28:10 2013] <roosbeef> thanks guys :)
[Tue Oct  1 16:28:27 2013] <roosbeef> gotta run security is coming ;p
[Wed Oct  2 06:51:35 2013] <roosbeef> why does Coq not return a concrete answer here?
[Wed Oct  2 06:51:36 2013] <roosbeef> https://privatepaste.com/f94aba7317
[Wed Oct  2 06:51:54 2013] <roosbeef> (see the last two computations)
[Wed Oct  2 07:02:41 2013] <roosbeef> i think it has to do with what ianjneu said last night
[Wed Oct  2 07:02:54 2013] <roosbeef> <ianjneu> bools don't encode correctness information.
[Wed Oct  2 07:02:54 2013] <roosbeef> <roosbeef> ianjneu, what do you mean by that
[Wed Oct  2 07:02:54 2013] <roosbeef> <ianjneu> You can write your bool decision procedures, but you will need to show that f(args ...) = true implies some-property(args ...) and vice versa.
[Wed Oct  2 07:02:54 2013] <roosbeef> <roosbeef> you mean that the current notation doesnt mean what it should?
[Wed Oct  2 07:02:54 2013] <roosbeef> <ianjneu> If you write less-than as an inductive definition that is a proposition for what "less-than" means, you can write a correctness theorem for your boolean-returning functions.
[Wed Oct  2 07:02:57 2013] <roosbeef> <ianjneu> Otherwise, you just get "true" or "false" out of the function and get no semantic information for later proofs.
[Wed Oct  2 07:03:15 2013] <roosbeef> not entirely sure what he meant by that however
[Wed Oct  2 07:33:33 2013] <roosbeef> bbl
[Wed Oct  2 11:47:00 2013] <osa1> where can I see Coq proofs for theorems listed here http://www.cs.ru.nl/~freek/100/
[Wed Oct  2 14:39:50 2013] <napping> seems "Rewrite" isn't allowed as a constructor name. What does that collide with?
[Wed Oct  2 14:40:33 2013] <napping> It doesn't stand alone as vernacular, maybe "Hint Rewrite"? The only other thing I see in the tactic "rewrite", and a lowercase rewrite is allowed.
[Wed Oct  2 15:27:41 2013] <Ptival> I think Hint Rewrite yes
[Wed Oct  2 16:23:07 2013] <ollehar> can't I pattern match like
[Wed Oct  2 16:23:07 2013] <ollehar> | odd x :: y => x :: oddmembers(y)
[Wed Oct  2 16:23:09 2013] <ollehar> _
[Wed Oct  2 16:23:10 2013] <ollehar> ?
[Wed Oct  2 16:23:41 2013] <napping> what would you want that to do?
[Wed Oct  2 16:23:54 2013] <napping> You could have a fallthough clause | _ => nil
[Wed Oct  2 16:23:59 2013] <ollehar> find all odd nat's of a list
[Wed Oct  2 16:24:56 2013] <napping> Oh, odd isn't a constructor? You can't write it like one  then
[Wed Oct  2 16:25:11 2013] <ollehar> hm
[Wed Oct  2 16:29:58 2013] <ollehar> why doesn't "Eval compute in even 3" return a bool?
[Wed Oct  2 16:38:17 2013] <ollehar> nm, found a fixpoint even instead
[Wed Oct  2 18:11:53 2013] <roosbeef> ianjneu, around perhaps?
[Wed Oct  2 18:13:09 2013] <ianjneu> roosbeef: For 17 minutes.
[Wed Oct  2 18:13:23 2013] <roosbeef> :)
[Wed Oct  2 18:13:44 2013] <roosbeef> was hoping you could elaborate a bit on what you said yesterday
[Wed Oct  2 18:13:54 2013] <roosbeef> with regards to https://privatepaste.com/f94aba7317
[Wed Oct  2 18:14:06 2013] <ianjneu> ah, bool versus proof
[Wed Oct  2 18:14:13 2013] <roosbeef> <ianjneu> bools don't encode correctness information.
[Wed Oct  2 18:14:13 2013] <roosbeef> <roosbeef> ianjneu, what do you mean by that
[Wed Oct  2 18:14:13 2013] <roosbeef> <ianjneu> You can write your bool decision procedures, but you will need to show that f(args ...) = true implies some-property(args ...) and vice versa.
[Wed Oct  2 18:14:13 2013] <roosbeef> <roosbeef> you mean that the current notation doesnt mean what it should?
[Wed Oct  2 18:14:13 2013] <roosbeef> <ianjneu> If you write less-than as an inductive definition that is a proposition for what "less-than" means, you can write a correctness theorem for your boolean-returning functions.
[Wed Oct  2 18:14:16 2013] <roosbeef> <ianjneu> Otherwise, you just get "true" or "false" out of the function and get no semantic information for later proofs.
[Wed Oct  2 18:14:21 2013] <roosbeef> yea
[Wed Oct  2 18:14:51 2013] <roosbeef> why is there a difference
[Wed Oct  2 18:15:54 2013] <ianjneu> Notice the types of "decision procedures" in Coq. They look like {P}+{~P}. In programs you can just say, "left or right, I know that P or ~P holds so I go and do something."
[Wed Oct  2 18:16:18 2013] <roosbeef> yep
[Wed Oct  2 18:16:20 2013] <ianjneu> And in proofs you can use proofs of P or ~P to do reasoning.
[Wed Oct  2 18:16:30 2013] <roosbeef> right
[Wed Oct  2 18:16:52 2013] <ianjneu> true + false give you the same ability to go left or right in a program, but they don't give you the same abilities in proofs.
[Wed Oct  2 18:17:27 2013] <roosbeef> what does a proof need then?
[Wed Oct  2 18:18:46 2013] <ianjneu> A proof needs evidence. Consider an inductive datatype that is all the rules of "a < b"
[Wed Oct  2 18:19:06 2013] <ianjneu> > is just flip of that, and you can use propositional equality for the Eq case.
[Wed Oct  2 18:19:15 2013] <RegEchse> roosbeef:  as to why your compute doesn't work:  Eval compute in highest (à :: nil).   <-- should be   Eval compute in highest (à :: nil) nil.   (your Fixpoint takes a list and then another list to complete its job ;))
[Wed Oct  2 18:20:04 2013] <roosbeef> oh lol
[Wed Oct  2 18:20:11 2013] <ianjneu> Your fl_compare should be an Inductive, where oa, ua, oe, ue, and uo are constructors.
[Wed Oct  2 18:20:12 2013] <roosbeef> RegEchse, i hadnt even noticed that :P
[Wed Oct  2 18:20:39 2013] <roosbeef> ianjneu, you would have written fl_compare differently?
[Wed Oct  2 18:21:40 2013] <roosbeef> RegEchse, thanks, that solves that i guess.. although any tips on simplifying or stylizing my code to make it behave better in proof mode is more than welcome
[Wed Oct  2 18:21:52 2013] <ianjneu> fl_compare can produce "comparison x y" where comparison also carries proofs, such that Lt carries "x < y" proofs, Gt carries "y < x" proofs and Eq carries "x = y" proofs.
[Wed Oct  2 18:21:53 2013] <RegEchse> roosbeef:  and i guess  "(* should be FrenchLetter o acute :: FrenchLetter o grave :: nil *)
[Wed Oct  2 18:22:08 2013] <RegEchse> " that should be "u acute"  ...
[Wed Oct  2 18:22:28 2013] <RegEchse> :P
[Wed Oct  2 18:23:06 2013] <roosbeef> hm
[Wed Oct  2 18:23:06 2013] <RegEchse> roosbeef: as for simplifying ... sorry, i am myself a coq noob ;)
[Wed Oct  2 18:23:47 2013] <roosbeef> both should be o (since o dominates u), but they are in the wrong order, need to fix that
[Wed Oct  2 18:24:04 2013] <roosbeef> ianjneu, i still dont understand what you mean by carrying proofs
[Wed Oct  2 18:24:30 2013] <roosbeef> ianjneu, are those isgreater islesser isequal functions still needed when "carrying proof"?
[Wed Oct  2 18:25:36 2013] <ianjneu> Inductive comparison : fletter -> fletter -> Prop := Lt : forall x y : fletter, x < y -> comparison x y | Eq : forall x y : fletter, x = y -> comparison x y | Gt : forall x y : fletter, y < x -> comparison x y.
[Wed Oct  2 18:26:11 2013] <ianjneu> where < is defined also inductively.
[Wed Oct  2 18:26:18 2013] <roosbeef> is that from std lib or did you just custom write that
[Wed Oct  2 18:26:30 2013] <ianjneu> I just wrote that.
[Wed Oct  2 18:27:02 2013] <roosbeef> but comparison is a type from std lib right
[Wed Oct  2 18:27:37 2013] <ianjneu> I'm a bit out of touch with the std lib
[Wed Oct  2 18:27:44 2013] <roosbeef> :p ok
[Wed Oct  2 18:28:05 2013] <roosbeef> but youre saying that islesser isnt needed?
[Wed Oct  2 18:28:09 2013] <ianjneu> CompareSpec might be what you want
[Wed Oct  2 18:28:46 2013] <roosbeef> do you have an url for that?
[Wed Oct  2 18:28:55 2013] <ianjneu> http://coq.inria.fr/stdlib/Coq.Init.Datatypes.html
[Wed Oct  2 18:29:25 2013] <ianjneu> I have to head out.
[Wed Oct  2 18:29:50 2013] <roosbeef> alright man thanks a lot for helping
[Wed Oct  2 18:29:52 2013] <roosbeef> meh :p
[Wed Oct  2 18:30:44 2013] <RegEchse> roosbeef: sorry for that then, i didn't actually break down your 'highest' and thought it was a typo about your expected result rather than an implementation fault ;D
[Wed Oct  2 18:31:09 2013] <roosbeef> yea it is an implementation fault, the order should be reversed
[Wed Oct  2 18:31:27 2013] <roosbeef> i guess ill just add 'rev' to the nil case
[Wed Oct  2 18:33:30 2013] <RegEchse> ah, so highest is about to collect all elements that compare equal but are greater than the others, i guess.
[Wed Oct  2 18:36:07 2013] <roosbeef> yep
[Wed Oct  2 18:36:18 2013] <roosbeef> it finds the highest ranked letter
[Wed Oct  2 18:36:28 2013] <roosbeef> or letters if more than one have the same ranking
[Wed Oct  2 18:42:49 2013] <roosbeef> ok im off to sleep
[Wed Oct  2 18:43:09 2013] <roosbeef> thanks for your help RegEchse :)
[Wed Oct  2 22:10:29 2013] <osa1> hi guys. I'm finished Software Foundations book -- now can anyone recommend me some other book to learn dependently typed programming (not necessarily related with theorem proving)
[Wed Oct  2 23:16:10 2013] <ystael> osa1: have you read CPDT?
[Wed Oct  2 23:16:45 2013] <ystael> wait, i think we had this conversation already :)
[Thu Oct  3 06:52:46 2013] <roosbeef> trying to prove this seemingly simple thing
[Thu Oct  3 06:53:26 2013] <roosbeef> https://privatepaste.com/2f6035731e (at the bottom)
[Thu Oct  3 06:54:28 2013] <roosbeef> how do i tell Coq that it should apply parts of the unfolded function to some of its arguments? (so as to build the proof)
[Thu Oct  3 06:58:31 2013] <roosbeef> when im unfolding the function it just substitutes the function name with (fix function ...)
[Thu Oct  3 06:59:13 2013] <RegEchse> roosbeef: btw, your highest more or less reimplements fold; you might want to take a look at fold_(left|right). Here i rewrote your highest using fold_right:  https://gist.github.com/J0J0/6807976
[Thu Oct  3 07:00:55 2013] <roosbeef> hm
[Thu Oct  3 07:01:05 2013] <roosbeef> definitely appreciated but
[Thu Oct  3 07:01:12 2013] <roosbeef> in what way does that help?
[Thu Oct  3 07:01:51 2013] <RegEchse> i didn't look at your link from above. I just thought you wanted to know for future use :)
[Thu Oct  3 07:02:22 2013] <roosbeef> well it seems good to know, i strive to use std lib more
[Thu Oct  3 07:16:34 2013] <roosbeef> RegEchse, how would you approach proving such a thing? It's obviously true, right?
[Thu Oct  3 07:41:42 2013] <RegEchse> sorry, i'm kinda busy at the moment. But yes, your lemma seems to be obviously true.
[Thu Oct  3 07:42:21 2013] <RegEchse> if i had no idea how to start i'd use a pen and paper and try to infer the crucial point about the proof
[Thu Oct  3 07:43:06 2013] <RegEchse> sometimes coq's unfolding makes the obvious difficult to see (directly in coq), at least for me
[Thu Oct  3 07:44:09 2013] <roosbeef> well the crucial point i guess would be that highest l is a subset of l
[Thu Oct  3 07:44:33 2013] <roosbeef> mm no wait
[Thu Oct  3 07:45:19 2013] <roosbeef> yea, actually there is no causal connection
[Thu Oct  3 07:45:31 2013] <roosbeef> but its a tautology
[Thu Oct  3 07:48:15 2013] <roosbeef> actually, i guess a crucial point would be that a has the highest ranking of all letters
[Thu Oct  3 07:48:54 2013] <roosbeef> but how can i convince Coq of this? :/
[Thu Oct  3 07:51:21 2013] <RegEchse> yes, that's what i'd think, too.  and to me that smells like you have to destruct the "next letter of r" at some point, because if you've got actual fletters (not just variable of that type) coq should be able to simplify the matching done in your fl_compare
[Thu Oct  3 07:53:00 2013] <roosbeef> ah right
[Thu Oct  3 07:53:13 2013] <roosbeef> so like, a case by case analysis
[Thu Oct  3 07:53:19 2013] <RegEchse> why do you need the hypothesis   In à r ->
[Thu Oct  3 07:53:22 2013] <RegEchse>  btw?
[Thu Oct  3 07:53:28 2013] <RegEchse> In à (highest (à :: r) nil).
[Thu Oct  3 07:53:30 2013] <roosbeef> yea its unneeded haha, i removed it already
[Thu Oct  3 07:53:40 2013] <RegEchse> ah, ok
[Thu Oct  3 07:53:42 2013] <RegEchse> :D
[Thu Oct  3 07:54:29 2013] <RegEchse> yeah, but i guess once you destructed the letter deep enough every single case should like mostly the same.
[Thu Oct  3 07:58:07 2013] <roosbeef> hm
[Thu Oct  3 07:58:20 2013] <roosbeef> r can be infinitely large though right
[Thu Oct  3 07:58:40 2013] <roosbeef> when does the case analysis end then? Should i perform some sort of induction?
[Thu Oct  3 08:03:28 2013] <RegEchse> i'd prefer 'arbitrarily large', but since  In x (h::t)  becomes  x=h \/ In x t  and you prepend the à you should be done once you know that à is the first element of your resulting list.  So, i think i should work out without an induction here
[Thu Oct  3 08:04:13 2013] <roosbeef> pretty much, but
[Thu Oct  3 08:04:13 2013] <RegEchse> *it
[Thu Oct  3 08:04:26 2013] <roosbeef> highest is applied somewhere along the line
[Thu Oct  3 08:04:33 2013] <roosbeef> which makes it less obvious
[Thu Oct  3 08:19:59 2013] <roosbeef> RegEchse, im only just realizing how much i like your rewritten version of highest, its not using isequal isgreater etc :)
[Thu Oct  3 08:23:14 2013] <roosbeef> the results parameter becomes obsolete as well
[Thu Oct  3 08:29:43 2013] <roosbeef> RegEchse, could you maybe explain a few things about the rewrite you did?
[Thu Oct  3 08:34:44 2013] <roosbeef> like for example, why does c l need to be in that order? I tried to do l c and reverse the arguments but that failed to work
[Thu Oct  3 08:35:02 2013] <roosbeef> and what exactly did fold_right do?
[Thu Oct  3 08:49:18 2013] <roosbeef> (my connection is acting up, i might have missed a msg)
[Thu Oct  3 08:51:43 2013] <roosbeef> bbl
[Thu Oct  3 08:51:45 2013] <RegEchse> no you didn't.
[Thu Oct  3 08:51:49 2013] <roosbeef> oh :p
[Thu Oct  3 08:52:05 2013] <RegEchse> i was just busy ;)
[Thu Oct  3 08:52:14 2013] <roosbeef> alright np
[Thu Oct  3 08:53:03 2013] <RegEchse> 14:23:14 roosbeef | the results parameter becomes obsolete as well  <- yeah, i just copied your header, that's why my definition got that superfluously
[Thu Oct  3 08:54:59 2013] <RegEchse> ok, so what you actually want to understand is fold.   http://www.cis.upenn.edu/~bcpierce/sf/Poly.html <- grep that for fold, there's a short explanation
[Thu Oct  3 08:55:09 2013] <RegEchse> with some examples
[Thu Oct  3 08:55:53 2013] <roosbeef> ah so it applies that function to each element of a list
[Thu Oct  3 08:56:39 2013] <roosbeef> but its more than just that, right? Because it combines the results to a single result
[Thu Oct  3 08:56:42 2013] <RegEchse> and i just updated the gist to include a proof of your lemma with my highest''.
[Thu Oct  3 08:56:53 2013] <RegEchse> yes
[Thu Oct  3 08:57:19 2013] <RegEchse> it starts at one end of the list,  applying  f elem default
[Thu Oct  3 08:57:46 2013] <RegEchse> then it goes to the next element of the list and does  f elem result_of_last_call_to_f
[Thu Oct  3 08:58:09 2013] <roosbeef> why do c l have to be in that order?
[Thu Oct  3 08:58:21 2013] <roosbeef> ahh :)
[Thu Oct  3 08:58:23 2013] <roosbeef> that makes sense then
[Thu Oct  3 08:59:49 2013] <roosbeef> ok im gonna scrutinize this proof
[Thu Oct  3 09:00:01 2013] <roosbeef> thank you :)
[Thu Oct  3 09:00:05 2013] <roosbeef> be back later
[Thu Oct  3 09:00:05 2013] <roosbeef> <3
[Thu Oct  3 09:22:33 2013] <joneshf-laptop> looking at cpdt, working through ch.2.  On page 20 he starts explaining Eval, there's a line there: `Eval simpl in expDenote (Const 42).` how does this get evaluated?
[Thu Oct  3 09:24:02 2013] <joneshf-laptop> the next line is indented and has `= 42 : nat` is this the result of an evaluation, or something that needs to be in the source?
[Thu Oct  3 09:24:47 2013] <joneshf-laptop> actually, looking at the source for StackMachine.v, it looks like that second line is commented.
[Thu Oct  3 10:21:21 2013] <ianjneu> robbert: congrats on your POPL acceptance
[Thu Oct  3 12:30:53 2013] <Ptival> joneshf-laptop: that is the result of the evaluation
[Thu Oct  3 12:32:03 2013] <joneshf-laptop> Ptival, thanks, i realized I was supposed to be evaluating those lines after i asked ;)
[Thu Oct  3 12:37:14 2013] <Ptival> yeah
[Thu Oct  3 12:51:12 2013] <reynir> ah, so you hang out in #coq as well, joneshf-laptop :-)
[Thu Oct  3 12:54:34 2013] <joneshf-laptop> reynir, i actually just joined
[Thu Oct  3 12:54:57 2013] <reynir> oh
[Thu Oct  3 20:25:46 2013] <Ptival> hmm, so say I have a JMeq T1 t1 T2 t2, and a T1 = T2, what can I do?
[Thu Oct  3 20:26:04 2013] <Ptival> also, t1 and t2 have different head constructors
[Thu Oct  3 20:27:00 2013] <Saizan> you can deduce "coerce (eq : T1 = T2) t1 = t2"
[Thu Oct  3 20:28:11 2013] <Ptival> can I derive False?
[Thu Oct  3 20:29:15 2013] <Saizan> not that easy, e.g. eq could be an isomorphism that swaps those constructors
[Thu Oct  3 20:29:56 2013] <Saizan> K would give you False
[Thu Oct  3 20:30:10 2013] <Ptival> wait, eq can be an isomorphism in plain Coq?
[Thu Oct  3 20:30:30 2013] <Ptival> I'm not doing hott
[Thu Oct  3 20:30:39 2013] <Saizan> Ptival: well, you can't use it, but whatever you prove must be consistent with that
[Thu Oct  3 20:30:48 2013] <Ptival> heh
[Thu Oct  3 20:31:45 2013] <Saizan> i think you can prove "coerce eq" is an iso, so in the end you'd have to prove there's no iso f such that f t1 = t2
[Fri Oct  4 09:16:33 2013] <roosbeef> i have a function max_natlist to return the highest nat in a list nat
[Fri Oct  4 09:16:49 2013] <roosbeef> trying to make it more efficient by rewriting it to use fold_right
[Fri Oct  4 09:17:17 2013] <roosbeef> https://privatepaste.com/e86e84bf11 (top: my first version, bottom: rewritten version not working yet)
[Fri Oct  4 09:17:43 2013] <roosbeef> why does it not work, anyone?
[Fri Oct  4 09:18:24 2013] <reynir> How does it not work?
[Fri Oct  4 09:18:55 2013] <roosbeef> well it says The term "c" has type "list nat" while it is expected to have type "nat".
[Fri Oct  4 09:20:04 2013] <roosbeef> does fold_right have to have list as return type?
[Fri Oct  4 09:20:15 2013] <reynir> No
[Fri Oct  4 09:20:44 2013] <reynir> switch the order of c and l
[Fri Oct  4 09:20:51 2013] <roosbeef> tried that, doesnt work :p
[Fri Oct  4 09:20:58 2013] <reynir> wait no
[Fri Oct  4 09:21:05 2013] <roosbeef> The term "lnat" has type "list nat" while it is expected to have type
[Fri Oct  4 09:21:05 2013] <roosbeef>  "list (list nat)".
[Fri Oct  4 09:21:19 2013] <reynir> the arguments to the fun is not a list
[Fri Oct  4 09:21:26 2013] <reynir> it's an element of the list
[Fri Oct  4 09:21:35 2013] <roosbeef> ahh right
[Fri Oct  4 09:21:37 2013] <roosbeef> :)
[Fri Oct  4 09:21:41 2013] <reynir> Try check the type of fold_right
[Fri Oct  4 09:23:08 2013] <roosbeef> https://privatepaste.com/d18fba07d4
[Fri Oct  4 09:23:09 2013] <roosbeef> this works
[Fri Oct  4 09:23:18 2013] <roosbeef> thanks a lot reynir :)
[Fri Oct  4 09:23:55 2013] <reynir> Now you can make it shorter by just writing max instead of (fun l c => max l c) :)
[Fri Oct  4 09:24:54 2013] <roosbeef> wow cool
[Fri Oct  4 09:25:37 2013] <reynir> If you want to make it *even* shorter you can drop the argument to max_natlist' and just write fold_right max 0
[Fri Oct  4 09:26:16 2013] <reynir> So it would be [Definition max_natlist'' := fold_right max 0.]
[Fri Oct  4 09:28:08 2013] <roosbeef> geez
[Fri Oct  4 09:28:10 2013] <roosbeef> ;p
[Fri Oct  4 09:28:59 2013] <jacobian> I'm trying to use ListSet, but I don't want to supply A and eq_dec to every function, is there a way to fill these parameters when importing?
[Fri Oct  4 13:39:33 2013] <Panzani> hi
[Fri Oct  4 13:40:05 2013] <Panzani> is there anyone around familiar with C-CoRN?
[Fri Oct  4 14:13:58 2013] <robbert> Panzani: I may be able to help, what do you need to know?
[Fri Oct  4 14:32:03 2013] <Panzani> robbert: OK
[Fri Oct  4 14:32:09 2013] <Panzani> i have a partial function
[Fri Oct  4 14:32:13 2013] <Panzani> defined on IR
[Fri Oct  4 14:32:23 2013] <Panzani> i'm multiplying this function by x
[Fri Oct  4 14:32:46 2013] <Panzani> and i'd like to prove that the resulting function is indeed a partial function
[Fri Oct  4 14:32:50 2013] <Panzani> defined on the same domain
[Fri Oct  4 14:33:00 2013] <Panzani> (which looks silly and sounds trivial, yes)
[Fri Oct  4 14:33:31 2013] <Panzani> but I feel like I cannot do that without classical logic
[Fri Oct  4 14:33:58 2013] <Panzani> because partial function need some proof of f(x,Hx)#f(y,Hy) => x#y
[Fri Oct  4 14:34:13 2013] <Panzani> functions*
[Fri Oct  4 14:43:21 2013] <robbert> Panzani: I guess you need the fact that [*] is a strong setoid morphism
[Fri Oct  4 14:43:27 2013] <robbert> that's called bin_op_strext_unfolded afaik
[Fri Oct  4 14:45:41 2013] <Panzani> oh thanks, i'm gonna give it a try
[Fri Oct  4 14:46:39 2013] <Panzani> damn
[Fri Oct  4 14:46:47 2013] <Panzani> i've spent a couple of hours on this
[Fri Oct  4 14:46:50 2013] <Panzani> it worked
[Fri Oct  4 14:46:51 2013] <Panzani> thanks :)
[Fri Oct  4 14:47:10 2013] <robbert> no thanks!
[Fri Oct  4 15:39:03 2013] <epta> Could coq be used to prove that something cannot be deduced?
[Fri Oct  4 15:40:10 2013] <epta> Like that https://gist.github.com/dmalikov/cbe21c2947462822f2ce
[Fri Oct  4 15:44:35 2013] <ezyang> It is certainly true that Coq can prove the negation of statements.
[Fri Oct  4 15:50:25 2013] <epta> Have no idea how to write in coq smth like "having MI use rule1, rule2, rule3, rule4 many times and get MU"
[Fri Oct  4 15:50:38 2013] <epta> Have no idea how to formulate these rules also :[
[Fri Oct  4 15:50:41 2013] <epta> Or define A*
[Fri Oct  4 19:25:29 2013] <ollehar> help?
[Fri Oct  4 19:26:09 2013] <Anarchos> ollehar what about ?
[Fri Oct  4 19:27:34 2013] <ollehar> pastebin ok? it's not hard
[Fri Oct  4 19:28:11 2013] <ollehar> http://pastebin.com/eeaX3wXv
[Fri Oct  4 19:29:01 2013] <ollehar> what tacit to use?
[Fri Oct  4 19:29:07 2013] <ollehar> *tactic
[Fri Oct  4 19:33:43 2013] <ollehar> Anarchos: ^
[Fri Oct  4 19:34:39 2013] <ollehar> or perhaps I need a theorem, like
[Fri Oct  4 19:34:39 2013] <ollehar> forall x, eqnat x x = yes
[Fri Oct  4 19:40:39 2013] <ollehar> yep, that worked
[Fri Oct  4 19:45:13 2013] <ollehar> can I backstep or undo a tactic?
[Fri Oct  4 20:55:24 2013] <defanor> i'm stuck and need some advice, again. it's filter_challenge exercise from http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, and here is my progress: http://lpaste.net/2668364568555683840. looks like i need to show that something is wrong in context, but not sure if i'm on a right way
[Fri Oct  4 21:02:21 2013] <defanor> tried to apply iom_l1 in M also, but stucking there too
[Sat Oct  5 06:08:31 2013] <roosbeef> i have a data type that has two forms which are interconvertible
[Sat Oct  5 06:09:14 2013] <roosbeef> it has a string form with accents which indicate how to convert it into tree form, and the tree form can be flattened to string form as well
[Sat Oct  5 06:10:01 2013] <roosbeef> now i have to prove something for which the tree form needs to be used, but the actual proof (on paper) uses string form
[Sat Oct  5 06:10:27 2013] <roosbeef> so in Coq, a convertion function is thrown in there
[Sat Oct  5 06:10:49 2013] <roosbeef> which huuugely clutters the proof mode window
[Sat Oct  5 06:11:19 2013] <roosbeef> since the convertion is not super efficient
[Sat Oct  5 06:11:21 2013] <roosbeef> any ideas on how to tackle this?
[Sat Oct  5 19:58:39 2013] <defanor> sorry for the repetition, but i'm really stuck: http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, filter challenge exercise, current progress: clean one - http://lpaste.net/2668364568555683840, messy one - http://lpaste.net/8981362586914127872. looking for a hint/advice/suggestion
[Sat Oct  5 21:27:23 2013] <peterbb> defanor: are you sure you state the lemma correctly? :)
[Sat Oct  5 21:28:20 2013] <defanor> peterbb: going to check now
[Sat Oct  5 21:31:58 2013] <defanor> oh, looks like i forgot about "every item in [l1] satisfies [test]", and probably i should use forallb for that
[Sat Oct  5 21:32:09 2013] <defanor> peterbb: thanks
[Sat Oct  5 21:32:42 2013] <peterbb> np :)
[Sat Oct  5 22:04:24 2013] <rola> I'm trying to state the following in coq: given a function f from set U to set V and subsets of U called A and B, f is injective iff f(A intersects B) = f(A) intersects f(B)
[Sat Oct  5 22:04:36 2013] <rola> Goal forall (U V : Set) (A B : Ensemble U) (f : U -> V),injective U V f <-> (Im U V (Intersection U A B) f = Intersection V (Im U V A f) (Im U V B f)).
[Sat Oct  5 22:04:49 2013] <rola> Does that look ok?
[Sat Oct  5 22:13:07 2013] <rola> i'm not sure how to 'split' = though
[Sat Oct  5 22:25:39 2013] <peterbb> rola: What about the axiom Extensionality_Ensembles from Ensembles?
[Sat Oct  5 22:27:23 2013] <rola> ah yes
[Sat Oct  5 22:49:45 2013] <defanor> a question about the next exercise from http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, filter_challenge_2: subsequences are mentioned here, but they are defined just for [list nat] before (in Prop.v), so should i prove filter_challenge_2 just for lists of natural numbers then? btw, why is it just about natural numbers in Prop.v?
[Sat Oct  5 22:53:25 2013] <defanor> it's probably not important for the exercise itself, i'm just curious about it
[Sun Oct  6 10:01:08 2013] <ijp> I was working through Software Foundations in emacs with proof general, and everything was going fine until I reached http://www.cis.upenn.edu/~bcpierce/sf/Poly.html#slide-5
[Sun Oct  6 10:01:15 2013] <ijp> but now I'm getting "Error: Unknown command of the non proof-editing mode."
[Sun Oct  6 10:03:16 2013] <ijp> I'm looking through the reference manual at the moment, but if you have any pointers, I'd appreciate it
[Sun Oct  6 10:07:26 2013] <ianjneu> slide-5 isn't a tag in the page you linked to. What in particular is the problem? Did you remember to require the SF libraries?
[Sun Oct  6 10:08:27 2013] <ijp> funny, it took me right to it in firefox
[Sun Oct  6 10:09:37 2013] <ijp> ianjneu: I've been working through the .v files in the offline version
[Sun Oct  6 10:09:37 2013] <ianjneu> ijp: all the a tag names are "lab<some-number>"
[Sun Oct  6 10:10:07 2013] <ianjneu> Ah. Well, are you using coq 8.4 or 8.3? The book was written for 8.3
[Sun Oct  6 10:10:25 2013] <ijp> it's an id, not a name
[Sun Oct  6 10:10:34 2013] <ijp> Im using 8.3pl3
[Sun Oct  6 10:11:22 2013] <ianjneu> well, iono :P
[Sun Oct  6 10:14:09 2013] <ijp> anyway if that link isn't working, my issue is with the directive "Arguments nil {X}."
[Sun Oct  6 10:16:03 2013] <ijp> I'm sorry that the question is a bit rubbish, but I've using this since yesterday and I still don't know my left from my southwest.
[Sun Oct  6 10:35:40 2013] <ijp> okay, I think I have the solution
[Sun Oct  6 10:35:47 2013] <ijp> "Before version 8.4 the command to specify the implicit arguments of a constant was Implicit Arguments followed by a bracketed list of identifiers. Starting with Coq 8.4 the Argument command must be used (see 2.7.4)."
[Sun Oct  6 10:36:09 2013] <ijp> So it looks like I should be using Implicit Arguments nil [[X]] instead on 8.3
[Sun Oct  6 10:41:25 2013] <rola> Can I get a hint on where to go from here? http://lpaste.net/raw/6379171004689678336
[Sun Oct  6 10:56:07 2013] <ianjneu> rola: Firstly, you should use set equality in your proposition rather than intensional equality.
[Sun Oct  6 10:58:52 2013] <ianjneu> n/m
[Sun Oct  6 10:59:25 2013] <rola> ?
[Sun Oct  6 11:01:00 2013] <ianjneu> nevermind
[Sun Oct  6 11:08:41 2013] <ianjneu> Im_def immediately applies after induction H, H; subst.
[Sun Oct  6 11:14:13 2013] <rola> thanks!
[Sun Oct  6 11:27:16 2013] <ianjneu> not seeing a way to prove the other direction.
[Sun Oct  6 11:30:47 2013] <ianjneu> Your quantification doesn't match your comment
[Sun Oct  6 11:41:45 2013] <ianjneu> Your comment makes it look like you should be proving this
[Sun Oct  6 11:41:46 2013] <ianjneu> forall (UT VT : Set) (U : Ensemble UT) (V : Ensemble VT) (f : Ensemble UT -> Ensemble VT),
[Sun Oct  6 11:41:49 2013] <ianjneu> injective _ _ f <-> forall (A B : Ensemble UT), Included UT A U -> Included UT B U -> (f (Intersection _ A B)) = (Intersection _ (f A) (f B)).
[Sun Oct  6 11:45:44 2013] <rola> what does the underscore do?
[Sun Oct  6 11:50:06 2013] <ianjneu> leaves it for inference
[Sun Oct  6 11:59:10 2013] <rola> whoops, for some reason i thought A : Ensemble U meant A was a subset of U
[Sun Oct  6 12:01:21 2013] <ianjneu> g2g good luck
[Sun Oct  6 23:44:53 2013] <rola> http://sprunge.us/PIfI Regarding the hypothesis H in the link, is there a tactic similar to decompose that would break it down?
[Sun Oct  6 23:53:13 2013] <Ptival> rola: depends what you mean by decompose
[Sun Oct  6 23:53:39 2013] <Ptival> you can apply H to two ensembles and two inclusion proofs to obtain an equality
[Mon Oct  7 00:04:22 2013] <rola> I can?
[Mon Oct  7 11:03:26 2013] <mrl42> hi, do you know an automatic way to generate a proof of equality of two records from the all proofs of equalities of projections ?
[Mon Oct  7 11:07:42 2013] <mrl42> of course, I would like it to work for any record (I don't want an ad-hoc solution for each particular record).
[Mon Oct  7 12:43:39 2013] <jgross> mrl42: Are you asking about record types, or terms of some particular record type?
[Mon Oct  7 12:43:39 2013] <jgross> mrl42: If the former: You need univalence for that.  Given "Record True := I {}." and "Record unit := tt {}.", you can't prove "unit = True" without univalence.  If you have univalence, go look at the [issig] tactics in theories/types/Record.v of HoTT/HoTT on github, for a tactic which proves equivalence of a record with the appropriate nested sigT type.  Since equivalence is transitive, if you prove two records equivalent to equal nested sigT
[Mon Oct  7 12:43:39 2013] <jgross> types (and you should have that proof of equality via your equality of fields), then you can get that the two record types are equivalent.  Then you can use univalence to get that they're equal.
[Mon Oct  7 12:43:39 2013] <jgross> mrl42: If the latter: The tactic [repeat (subst || simpl in * || f_equal)] should suffice if every field of each term is a variable (i.e. not some specific expression), and you have the appropriate hypotheses of equality in your context.  I usually make a separate lemma for each record type that I use, so that I don't need to do finicky [generalize]ing each time I want to apply it (also for speed). 
[Mon Oct  7 12:46:07 2013] <jgross> So, for example:
[Mon Oct  7 12:46:07 2013] <jgross> Set Implicit Arguments.
[Mon Oct  7 12:46:07 2013] <jgross> Record prod (A B : Type) := pair { fst : A ; snd : B }.
[Mon Oct  7 12:46:07 2013] <jgross> Goal forall A B (x y : prod A B),
[Mon Oct  7 12:46:07 2013] <jgross> 	fst x = fst y -> snd x = snd y -> x = y.
[Mon Oct  7 12:46:07 2013] <jgross> Proof.
[Mon Oct  7 12:46:07 2013] <jgross>   intros; destruct x, y; simpl in *
[Mon Oct  7 12:46:07 2013] <jgross>   repeat (subst || simpl in * || reflexivity || f_equal).
[Mon Oct  7 12:46:07 2013] <jgross> Qed.
[Mon Oct  7 12:46:07 2013] <jgross> (I haven't tested it, but I think it'll work.) 
[Mon Oct  7 12:47:33 2013] <mrl42> it was the latter
[Mon Oct  7 12:47:49 2013] <mrl42> I've just discover the existence of the tactic f_equal
[Mon Oct  7 12:48:04 2013] <mrl42> but it seems very  buggy when you have dependent type see for instance :
[Mon Oct  7 12:48:24 2013] <mrl42> Variable R : Type.
[Mon Oct  7 12:48:24 2013] <mrl42> Variable A : Type.
[Mon Oct  7 12:48:24 2013] <mrl42> Variable B : A -> Type.
[Mon Oct  7 12:48:24 2013] <mrl42> Variable f : forall x:A, B x -> R.
[Mon Oct  7 12:48:24 2013] <mrl42> Lemma test : forall x y x' y', f x y = f x' y'.
[Mon Oct  7 12:48:26 2013] <mrl42> intros.
[Mon Oct  7 12:48:29 2013] <mrl42> f_equal.
[Mon Oct  7 12:49:36 2013] <jgross> What do you want it to do, there?  Give you a goal that [eq_rect <some arguments involving y and an evar of type [x = x']> = y']? 
[Mon Oct  7 12:50:30 2013] <mrl42> oh, I want it to ask me to prove x = x', rewrite, then ask me for proving y = y', and rewrite
[Mon Oct  7 12:50:45 2013] <mrl42> obviously it is not possible from the context I've given :)
[Mon Oct  7 12:52:10 2013] <jgross> The rewrite isn't possible in general unless [x] and [x'] are variables. 
[Mon Oct  7 12:54:27 2013] <jgross> It's also the case that the proof you want might be impossible (without axioms) unless you know what the proof of [x = x'] looks like. 
[Mon Oct  7 12:58:11 2013] <jgross> For example, [existT (fun x => x) bool true = existT (fun x => x) bool true] isn't provable via all proofs that [bool = bool].	(That is, if you run your tactic such that it asks you for a proof that [existT (fun x => x) bool = existT (fun x => x) bool], and then you run it again, and give [eq_refl : existT (fun x => x) = existT (fun x => x)], then you can't show that all proofs that you give it of [bool = bool] will result in [<cast true to
[Mon Oct  7 12:58:11 2013] <jgross> bool across that proof> = true] (and if you have univalence, there are some proofs of [bool = bool] that send true to false when you cast across them). 
[Mon Oct  7 13:00:43 2013] <mrl42> I don't understand
[Mon Oct  7 13:00:59 2013] <mrl42> on your example, there's nothing to do. reflexivity works.
[Mon Oct  7 13:01:26 2013] <mrl42> my lemma "test" was a stupid example since it is not provable
[Mon Oct  7 13:01:41 2013] <mrl42> here is a provable one :
[Mon Oct  7 13:02:15 2013] <mrl42> Lemma test :
[Mon Oct  7 13:02:15 2013] <mrl42>   forall x y x' y', forall h : x = x',
[Mon Oct  7 13:02:16 2013] <mrl42>    eq_rect x B y x' h = y' -> f x y = f x' y'.
[Mon Oct  7 13:03:09 2013] <mrl42> oh, no, wait :)
[Mon Oct  7 13:03:19 2013] <mrl42> I see.
[Mon Oct  7 13:04:14 2013] <mrl42> no, no, no, no, I don't see :).
[Mon Oct  7 13:05:07 2013] <mrl42> I don't understand why f_equal could not always work even when you have dependent types.
[Mon Oct  7 13:52:20 2013] <jgross> Not quite the counterexample you're looking for: it's possible to prove [existT (fun x => x) bool true = existT (fun x => x) bool false] using univalence, but not if you run [f_equal] first. 
[Mon Oct  7 13:56:54 2013] <jgross> Alternatively, if you have univalence, and "Inductive bool1 := true1 | false1." and "Inductive bool2 := true2 | false2.", you can prove "existT (fun x => x) bool1 true1 = existT (fun x => x) bool2 true2", but you need the right proof of [bool1 = bool2] (in particular, it needs to send true1 to true2).	So if you have an opaque proof	[H : bool1 = bool2], you can't actually prove [eq_rect _ _ true1 _ H = true2]. 
[Mon Oct  7 14:14:33 2013] <mrl42> thanks jason
[Tue Oct  8 17:48:12 2013] <peterbb> Is it so that using "dependent induction" does not work inside a "match goal with ..."? See: https://gist.github.com/peterbb/6892368
[Tue Oct  8 17:49:34 2013] <peterbb> (Program is loaded, btw).
[Tue Oct  8 18:07:40 2013] <ijp> why is the extension .v as opposed to .coq or similar?
[Tue Oct  8 18:08:29 2013] <chris2> vernacular i think
[Tue Oct  8 18:09:28 2013] <ijp> hmm, I see
[Tue Oct  8 18:12:19 2013] <chris2> so, historical :)
[Wed Oct  9 10:15:33 2013] <roosbeef> if i have in proof mode a hypothesis of the form 'if condition then True else False', can i convert this into a hypothesis of the form 'condition'?
[Wed Oct  9 10:17:51 2013] <roosbeef> or at least use it to prove condition by assumption?
[Wed Oct  9 10:39:03 2013] <roosbeef> how can i destruct variables that are inside (fix f ...) constructs?
[Wed Oct  9 10:48:51 2013] <roosbeef> (be right back)
[Wed Oct  9 11:27:12 2013] <roosbeef> anyone?
[Wed Oct  9 11:29:39 2013] <ianjneu> roosbeef: hello
[Wed Oct  9 11:33:48 2013] <roosbeef> hey ianjneu :)
[Wed Oct  9 11:33:53 2013] <roosbeef> would you happen to know this?
[Wed Oct  9 11:34:00 2013] <roosbeef> <roosbeef> how can i destruct variables that are inside (fix f ...) constructs?
[Wed Oct  9 11:34:28 2013] <roosbeef> for example,
[Wed Oct  9 11:34:41 2013] <ianjneu> You want to reduce under lambda?
[Wed Oct  9 11:35:14 2013] <roosbeef> (not sure what you mean by 'reduce under lambda'?)
[Wed Oct  9 11:35:43 2013] <roosbeef> for example https://privatepaste.com/2df3bdc8ed - if i do destruct fs', coq tells me Error: The reference fs' was not found in the current environment.
[Wed Oct  9 11:37:08 2013] <ianjneu> hmm
[Wed Oct  9 11:38:12 2013] <ianjneu> I don't have enough context to play with it myself, but from what I see, fs' should be in scope for pattern matching.
[Wed Oct  9 11:39:10 2013] <roosbeef> https://privatepaste.com/3a052d0a20
[Wed Oct  9 11:39:44 2013] <ianjneu> it's yelling about line 16?
[Wed Oct  9 11:40:01 2013] <roosbeef> yea thats the one im trying to destruct
[Wed Oct  9 11:40:24 2013] <roosbeef> hm i guess there's multiple instances of fs'
[Wed Oct  9 11:41:56 2013] <ianjneu> Oh, you're trying to use the destruct fs' tactic on this term? That's different.
[Wed Oct  9 11:42:14 2013] <roosbeef> how is that?
[Wed Oct  9 11:42:49 2013] <ianjneu> You'll need to reduce so that fs' gets substituted with some value in scope that you can destruct.
[Wed Oct  9 11:43:20 2013] <roosbeef> what do you mean by 'reduce'?
[Wed Oct  9 11:43:29 2013] <ianjneu> like, simpl
[Wed Oct  9 11:43:39 2013] <ianjneu> or compute
[Wed Oct  9 11:44:07 2013] <ianjneu> ((lambda (x) x) 0) reduces to 0
[Wed Oct  9 11:44:53 2013] <roosbeef> its not possible to destruct fs' before then?
[Wed Oct  9 11:46:31 2013] <ianjneu> no, destruct is just a match term constructor, so since fs' isn't in scope to match on (it's an inner binding in some subterm)
[Wed Oct  9 11:46:37 2013] <ianjneu> you can't.
[Wed Oct  9 11:46:42 2013] <ianjneu> I have a talk to go to.
[Wed Oct  9 11:46:44 2013] <ianjneu> bbl
[Wed Oct  9 11:46:47 2013] <roosbeef> alright man
[Wed Oct  9 11:46:53 2013] <roosbeef> thanks for helping :)
[Wed Oct  9 11:48:41 2013] <ystael> roosbeef: what happens if you destruct on s?
[Wed Oct  9 11:54:41 2013] <roosbeef> that works
[Wed Oct  9 11:54:54 2013] <roosbeef> it creates subgoals with different cases of s
[Wed Oct  9 12:05:49 2013] <ystael> but they should simplify down, right?  those pattern matches should reduce then
[Wed Oct  9 12:11:38 2013] <roosbeef> i guess
[Wed Oct  9 12:11:46 2013] <roosbeef> but fs' is still there, and i would like to destruct it :p
[Wed Oct  9 12:12:59 2013] <ystael> what do you get after destructing s
[Wed Oct  9 12:13:58 2013] <roosbeef> the same but with different subgoals for each case of s
[Wed Oct  9 12:15:10 2013] <ystael> but in that first big stratify_rec call, fs' is fs, and fs is s ++ (l::nil) ++ r
[Wed Oct  9 12:15:27 2013] <ystael> so you should be able to rewrite by some lemmas to get the match on fs' to collapse
[Wed Oct  9 12:16:41 2013] <roosbeef> how?
[Wed Oct  9 12:17:56 2013] <ystael> I don't remember the names exactly but in the s = [] case you want the left identity lemma for ++, forall (A: Set) (l: list A), [] ++ l = l
[Wed Oct  9 12:18:40 2013] <ystael> and in the s = g::s' case you want some combination of associativity for :: and ++ that will get the string into the form g::(some stuff)
[Wed Oct  9 12:18:49 2013] <roosbeef> how does that help?
[Wed Oct  9 12:18:54 2013] <roosbeef> simpl already does that i think
[Wed Oct  9 12:19:53 2013] <ystael> If :: isn't the outermost call on the expression that ultimately becomes fs', simpl won't reduce the match, I think
[Wed Oct  9 12:20:29 2013] <roosbeef> how does all of this relate to destructing fs' though?
[Wed Oct  9 12:20:46 2013] <ystael> You can't destruct fs'.  It's lambda bound.
[Wed Oct  9 12:20:52 2013] <roosbeef> ah
[Wed Oct  9 12:20:56 2013] <ystael> What you want to do is get the pattern match on fs' to reduce, right?
[Wed Oct  9 12:21:45 2013] <roosbeef> right
[Wed Oct  9 12:23:10 2013] <ystael> the way to do that is to manipulate the expression (s ++ (l::nil) ++ r) which is going to be substituted in as fs'
[Wed Oct  9 12:23:40 2013] <roosbeef> why is that necessary?
[Wed Oct  9 12:24:33 2013] <roosbeef> it has to fit the options 'nil' or 'h :: t'?
[Wed Oct  9 12:24:39 2013] <ystael> Exactly
[Wed Oct  9 12:24:51 2013] <roosbeef> ahaa
[Wed Oct  9 12:25:00 2013] <roosbeef> ok that makes sense :)
[Wed Oct  9 12:25:27 2013] <roosbeef> so basically i should just try and get that original expression to form a single and straight forward list
[Wed Oct  9 12:25:33 2013] <ystael> yeah
[Wed Oct  9 12:25:48 2013] <ystael> to have :: as the outermost function call, so that the pattern match on fs' sees it
[Wed Oct  9 12:25:57 2013] <roosbeef> right
[Wed Oct  9 12:26:11 2013] <roosbeef> awesome that clarifies a lot :D
[Wed Oct  9 12:26:17 2013] <roosbeef> thanks very much
[Wed Oct  9 12:26:55 2013] <ystael> np, good luck
[Wed Oct  9 12:27:10 2013] <ystael> You can configure autorewrite hints using Hint Rewrite if you are using some sets of equations very often
[Wed Oct  9 12:27:33 2013] <roosbeef> app_nil_l and app_nil_r are the ones you were talking about i think
[Wed Oct  9 12:27:55 2013] <ystael> I haven't had very good luck with that feature but there are people much smarter than I am who have very good results with it
[Wed Oct  9 12:28:19 2013] <roosbeef> i have never used Hint Rewrite
[Wed Oct  9 12:28:30 2013] <roosbeef> maybe ill look into it later
[Wed Oct  9 12:29:06 2013] <roosbeef> hm
[Wed Oct  9 12:29:18 2013] <roosbeef> how do i apply app_nil_r to that expression though :p
[Wed Oct  9 12:29:37 2013] <ystael> app_nil_r doesn't apply
[Wed Oct  9 12:29:57 2013] <ystael> In the s = [] case, you may need to use app_assoc first so that you have [] ++ ((l::nil) ++ r), then app_nil_l should do the job
[Wed Oct  9 12:30:03 2013] <roosbeef> my bad, app_nil_l
[Wed Oct  9 12:30:19 2013] <ystael> I don't remember the associativity of ++, you'd think it would be right
[Wed Oct  9 12:32:06 2013] <roosbeef> hm
[Wed Oct  9 12:32:08 2013] <roosbeef> i have (nil ++ (l :: nil) ++ nil)
[Wed Oct  9 12:32:32 2013] <roosbeef> but Coq says Error: Impossible to unify "?1385 ++ ?1386 ++ ?1387 = (?1385 ++ ?1386) ++ ?1387" with
[Wed Oct  9 12:38:05 2013] <roosbeef> eg. https://privatepaste.com/ac9ba39078
[Wed Oct  9 12:51:47 2013] <ijp> can I switch around the order in which I prove the the goals from e.g. a destruct, or induction.
[Wed Oct  9 14:05:41 2013] <ystael> ijp: You may be looking for Focus, as in Focus 2. to temporarily switch to the second goal
[Wed Oct  9 15:07:08 2013] <roosbeef> in proof mode, is there a way to substitute? For example, match ft_compare (stratify (nil ++ (l :: nil) ++ nil)) (stratify (nil ++ x ++ nil)) with ...
[Wed Oct  9 15:07:33 2013] <roosbeef> would it be possible to substitute nil ++ list_x with just list_x?
[Wed Oct  9 15:08:12 2013] <roosbeef> or (l :: nil) ++ list_x to l :: list_x?
[Wed Oct  9 15:11:20 2013] <ystael> roosbeef: you want the tactic replace ... with ...
[Wed Oct  9 15:11:25 2013] <ystael> http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic117
[Wed Oct  9 15:12:01 2013] <ijp> ystael: yes, that is basically what I was after, thanks
[Wed Oct  9 15:14:10 2013] <ystael> roosbeef: There is also the `at` clause to rewrite which can be used to rewrite only a specific occurrence of a lemma's matching expression, but I find it frustrating to use
[Wed Oct  9 15:17:23 2013] <roosbeef> cool that works perfectly, thanks ystael! :)
[Wed Oct  9 16:40:58 2013] <logic_prog> "Inductive Nat := O: Nat | S: Nat -> Nat". How can I make this more "verbose"? I.e. I want to write "Inductive Nat := O: Nat | S: forall (n: Nat), ... "
[Wed Oct  9 16:41:01 2013] <logic_prog> but I don't know what to put in the for ...
[Wed Oct  9 16:44:07 2013] <the-manless-man> just Nat
[Wed Oct  9 16:44:20 2013] <logic_prog> awesome, thanks!
[Wed Oct  9 16:44:53 2013] <the-manless-man> in fact "A -> B" abbreviates "forall x : A, B"
[Wed Oct  9 16:45:04 2013] <the-manless-man> with x not in B
[Thu Oct 10 05:30:44 2013] <rks`> hi, naïve question here: I have something of type « forall x0 y0, (fun x y => Some_type) x0 y0 » why isn't it just « forall x0 y0, Some_type » ? isn't it equivalent?
[Thu Oct 10 05:33:47 2013] <rks`> apparently I can coerce without any problem, so the question remains: why doesn't it simply automatically?
[Thu Oct 10 07:15:01 2013] <robbert> rks`: use the "simpl", "lazy beta" tactic or something similar
[Thu Oct 10 07:36:16 2013] <rks`> robbert: hmm?
[Thu Oct 10 07:36:25 2013] <rks`> It's the type inferred for a piece of code
[Thu Oct 10 07:36:31 2013] <rks`> (no tactics involved)
[Thu Oct 10 07:42:26 2013] <robbert> rks`: in that case, why does it matter? Types are equivalent up to convertability
[Thu Oct 10 07:44:05 2013] <rks`> right
[Thu Oct 10 07:44:09 2013] <rks`> just making sure
[Thu Oct 10 07:45:36 2013] <rks`> (but why isn't it reduced "by default" so?)
[Thu Oct 10 10:30:59 2013] <defanor_> i'm stuck again, and again asking for an advice. it's http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, the last exercise: i've tried to use the given lemmas and excluded_middle, but it looks almost like a mess already, and i can't find a way to show that there is a contradiction in context. here is my current progress: http://lpaste.net/6545470175590744064
[Thu Oct 10 12:28:25 2013] <roosbeef> so after unfolding a few functions, the proof window looks like this: https://privatepaste.com/5f12f65002
[Thu Oct 10 12:30:04 2013] <roosbeef> any tips on how to work large unfolds like that? Comments welcome as well, maybe my code is inefficiently written?
[Thu Oct 10 12:32:34 2013] <ystael> roosbeef: I try to avoid large goals like that; my instinct would be to pull back several steps and see if I can extract some lemmas to get reductions without unfolding explicitly
[Thu Oct 10 12:32:48 2013] <ystael> but I don't have enough experience doing truly difficult proofs to give any better advice than that
[Thu Oct 10 12:33:00 2013] <roosbeef> hm
[Thu Oct 10 12:33:20 2013] <roosbeef> yea maybe i should think up some sublemmas
[Thu Oct 10 12:34:55 2013] <roosbeef> the property to prove isnt that complicated
[Thu Oct 10 12:35:45 2013] <ystael> Sometimes `generalize` can be your friend for discovering lemmas
[Thu Oct 10 12:36:16 2013] <ystael> if you have a complicated subterm that appears several times and is making the goal more complex than it really needs to be
[Thu Oct 10 12:36:30 2013] <roosbeef> how does that work?
[Thu Oct 10 12:37:02 2013] <roosbeef> ah it makes it more readable right
[Thu Oct 10 12:38:05 2013] <ystael> If you generalize too far it can turn a true goal into a false goal!  But sometimes it also makes things easier to prove
[Thu Oct 10 12:38:31 2013] <roosbeef> hm :p
[Thu Oct 10 12:41:36 2013] <roosbeef> the property im trying to prove is basically that, in some order >, x :: z > y :: z, given that x > y
[Thu Oct 10 12:42:30 2013] <ystael> that sounds like exactly the generality you should prove it in then
[Thu Oct 10 12:42:32 2013] <roosbeef> which is really as simple as it seems, but to establish that, both x :: z and y :: z need to pass through a convertion function, to convert their list/string form to a tree form
[Thu Oct 10 12:42:38 2013] <ystael> ah, ok
[Thu Oct 10 12:42:55 2013] <roosbeef> and that convertion function is hugely clogging up the proof
[Thu Oct 10 12:43:34 2013] <ystael> can you instead transport the order on trees to the order on lists and then prove a correctness theorem for the transport of the order?
[Thu Oct 10 12:43:49 2013] <ystael> or, maybe this theorem you're trying to prove is basically that correctness theorem
[Thu Oct 10 12:48:13 2013] <roosbeef> ill have to think about it
[Thu Oct 10 12:48:36 2013] <roosbeef> thanks for your suggestions
[Thu Oct 10 12:48:40 2013] <roosbeef> gotta run
[Thu Oct 10 12:48:41 2013] <roosbeef> <3
[Fri Oct 11 07:40:09 2013] <ahokaomaeha> Is there any easy way to pattern-match the result of "lt_eq_lt_dec x y" (lt_eq_lt_dec from Coq.Arith.Compare_dec).
[Fri Oct 11 07:40:10 2013] <ahokaomaeha> ?
[Fri Oct 11 07:41:44 2013] <ahokaomaeha> Never mind. I should have just RTFM. :-|
[Fri Oct 11 11:55:47 2013] <defanor> sorry for the repetition, but will try to ask again:
[Fri Oct 11 11:55:49 2013] <defanor> i'm stuck again, and again asking for an advice. it's http://www.cis.upenn.edu/~bcpierce/sf/Logic.html, the last exercise: i've tried to use the given lemmas and excluded_middle, but it looks almost like a mess already, and i can't find a way to show that there is a contradiction in context. here is my current progress: http://lpaste.net/6545470175590744064
[Fri Oct 11 11:59:43 2013] <napping> What proof are you aiming for?
[Fri Oct 11 12:00:28 2013] <napping> induction on l2 seems like a bad idea
[Fri Oct 11 12:02:25 2013] <defanor> um, i think i didn't get the question, but i'm aiming to prove the pigeonhole_principle theorem. and thanks for the advice, will try to go by other way
[Fri Oct 11 12:03:59 2013] <napping> I think you should be able to eliminate right away cases other than l1 being non-empty with a tail exactly as long as l2
[Fri Oct 11 12:06:04 2013] <napping> not sure if that usefully uses the earlier definitions, but to finish you'd prove that every element of l2 appears in the tail of l1, so you can't cons on the head
[Fri Oct 11 12:07:07 2013] <defanor> napping: thanks, going to try now
[Fri Oct 11 12:07:36 2013] <napping> I haven't finished a proof of the pigeonhole principle myself :(
[Fri Oct 11 12:08:40 2013] <defanor> i'm trying not to skip any exercises, but looks like it'll take a long time to finish the book this way =\
[Fri Oct 11 12:09:30 2013] <defanor> but it's fun most of the time anyway
[Fri Oct 11 12:32:11 2013] <napping> ah, looks like excluded middle should only be necessary for comparing values
[Fri Oct 11 12:32:33 2013] <chris2> what's a good tool for printing ssreflect proofs in latex?
[Fri Oct 11 12:57:37 2013] <napping> defanor: also ended up needing it for deciding whether, even when length l1 = length l2, the tail of l1 already has repeats
[Fri Oct 11 12:58:01 2013] <napping> (which would be decidable given an equality predicate)
[Fri Oct 11 12:59:30 2013] <napping> I got thing to go through making use of the lemmas by proving an auxiliary lemma saying that (forall x, appears_in x l2 -> appears_in x l1) if (forall x, appears_in x l1 -> appears_in x l2), ~ repeats l1, and the lengths are equal
[Fri Oct 11 19:36:23 2013] <ezyang> How would you prove this: Goal forall (f : forall A, A -> A), f = (fun _ => fun x => x).
[Fri Oct 11 19:53:59 2013] <Saizan> you'd have to postulate parametricity, then you can prove that forall x, f x = x
[Fri Oct 11 19:54:15 2013] <ezyang> Is parametricity independent of CiC?
[Fri Oct 11 19:54:33 2013] <Saizan> yep
[Fri Oct 11 19:54:44 2013] <ezyang> oh dear.
[Fri Oct 11 19:54:54 2013] <copumpkin> it's anti-classical
[Fri Oct 11 19:54:59 2013] <copumpkin> so you wouldn't want it to follow
[Fri Oct 11 19:55:22 2013] <ezyang> So, what's the standard parametricity axiom?
[Fri Oct 11 19:55:36 2013] <copumpkin> dinaturality gets you some of the way there, but I don't think there's a single one
[Fri Oct 11 19:55:45 2013] <ezyang> ewww
[Fri Oct 11 19:56:11 2013] <Saizan> well, it's a family of axioms really
[Fri Oct 11 19:56:13 2013] <copumpkin> there's this thing I wrote a while back, but Saizan pointed out that I can cheat with something like that
[Fri Oct 11 19:56:14 2013] <copumpkin> https://gist.github.com/copumpkin/2907135
[Fri Oct 11 19:57:12 2013] <Saizan> ezyang: this is a good starting point http://wiki.portal.chalmers.se/agda/pmwiki.php?n=Libraries.LightweightFreeTheorems
[Fri Oct 11 19:57:31 2013] <ezyang> Hmm, looking at the HoTT folks, it looks like they don't have a good idea what is going on here either
[Fri Oct 11 19:57:52 2013] <ezyang> I like how this is all Agda ^^"
[Fri Oct 11 19:58:39 2013] <copumpkin> I think bob atkey had a recent paper on parametricity and noether's theorem, but I don't think much of "traditional math" uses it much
[Fri Oct 11 19:59:43 2013] <Saizan> well, the actual paper from bernardy is less agda-ish, and the tool linked is more haskellish
[Fri Oct 11 20:01:05 2013] <Saizan> parametricity goes all the way back to semantics for System F
[Fri Oct 11 21:40:56 2013] <jgross> copumkin: What paper talks about noether's theorem and parametricity?
[Fri Oct 11 21:40:56 2013] <jgross> ezyang: There's a computational interpretation of parametricity (and in which parametricity is itself parametric).  Googling "computational interpretation of parametricity" should get you it (I'd link it, but my internet is slow right now). 
[Fri Oct 11 21:43:58 2013] <Saizan> http://publications.lib.chalmers.se/publication/153094-a-computational-interpretation-of-parametricity <- yeah, from bernardy too
[Sat Oct 12 14:05:53 2013] <osa1> "... a good parser for Type 0 grammars would probably make a good starting point for a theorem prover". can anyone explain me that sentence? how is theorem proving and parsing type 0 grammars related?
[Sat Oct 12 14:24:11 2013] <Cale> A parser for a type 0 grammar is a Turing machine?
[Sat Oct 12 14:25:43 2013] <Cale> Or do they really mean a parser for the grammars themselves (strings containing production rules)
[Sat Oct 12 14:29:28 2013] <osa1> I have no ideas
[Sat Oct 12 14:31:51 2013] <Cale> If we interpret it the way I did at first, I can see where they're coming from. You can encode the rules of your logic as productions, and then the problem of determining whether there's a proof of some statement becomes the same problem as parsing the statement with this grammar.
[Sat Oct 12 14:33:03 2013] <Cale> So they mean theorem prover in the sense of a program which searches for proofs, rather than a program which checks them.
[Sat Oct 12 14:33:08 2013] <Cale> (perhaps)
[Sat Oct 12 16:38:51 2013] <osa1> is there an IRC channel to ask questions regarding to parsing, parsers, grammars etc.
[Sat Oct 12 16:40:29 2013] <defanor_> osa1: there is ##parsers in list
[Sat Oct 12 16:40:53 2013] <osa1> oh wow I had tried #parsers and nobody was there ... thanks
[Sat Oct 12 16:41:04 2013] <osa1> 24 ppl in ##parsers :-S
[Sat Oct 12 16:41:04 2013] <defanor_> yw
[Sun Oct 13 05:46:12 2013] <defanor_> i'm still stuck on the pigeonhole_principle from http://www.cis.upenn.edu/~bcpierce/sf/Logic.html. napping has suggested a useful lemma, which makes it easy to prove, but now i'm stuck on that lemma, and need one more advice. current progress: http://lpaste.net/5611770566345228288
[Sun Oct 13 06:05:28 2013] <defanor_> and another question: how could i disable switching to a new line after C-c C-n in proof general?
[Sun Oct 13 06:05:41 2013] <defanor_> *to a next line
[Sun Oct 13 11:05:03 2013] <defanor> i'll skip that exercise for now, but need to decide which way to follow further. how long, in relation to everything before the Logic chapter in Software Foundations, will take reading/solving other chapters, which are recommended for one-semester course at http://www.cis.upenn.edu/~bcpierce/sf/deps.html? and how much time, also in relation to those previous chapters, could take all the other chapters?
[Sun Oct 13 11:09:28 2013] <defanor> before the Logic chapter -- and including it
[Mon Oct 14 05:01:36 2013] <kirillt> Hi, guys.
[Mon Oct 14 05:02:27 2013] <johnw> hi!
[Mon Oct 14 07:41:25 2013] <kirillt> I started software-foundations and doing first example.
[Mon Oct 14 07:41:55 2013] <kirillt> But I want not to prove table of truths but proove that "nandb x y = negb (andb x y)".
[Mon Oct 14 07:42:11 2013] <kirillt> And I want to do it without manual case exploration.
[Mon Oct 14 07:42:27 2013] <kirillt> There is bool_ind, which takes predicate to prove.
[Mon Oct 14 07:42:37 2013] <kirillt> But I don't know how to put the goal into it.
[Mon Oct 14 07:42:59 2013] <kirillt> Is it possible or should I use any kind of "reflexion" (if I use this word correctly)?
[Mon Oct 14 07:45:14 2013] <kirillt> So, my goal is `(x : bool) (y : bool), nandb x y = negb (andb x y)' and I want to prove it with `bool_ind <2-ary-goal> <proof-for-first-arg-is-true> <proof-for-second-arg-is-false>', but don't know how to do it inCoq.
[Mon Oct 14 07:52:53 2013] <kirillt> s/second-arg-is-false/first-arg-is-false/g
[Mon Oct 14 08:26:10 2013] <gdsfh> kirillt: using _ind for such simple cases is not justified usually.  why not "destruct x; destruct y; now (simpl; reflexivity)" or something like this?
[Mon Oct 14 08:50:02 2013] <kirillt> gdsfh, didn't know about `now' tactic, thank you.
[Mon Oct 14 08:50:34 2013] <kirillt> gdsfh, `now (destruct x; destruct y; simpl; reflexivity)' does what I want.
[Mon Oct 14 08:53:13 2013] <gdsfh> kirillt: it should work without "now", i suppose.
[Mon Oct 14 09:07:22 2013] <kirillt> gdsfh, really, you are right.
[Mon Oct 14 09:08:11 2013] <kirillt> gdsfh, so actions, separated with ';' are done for every alternative?
[Mon Oct 14 09:15:12 2013] <gdsfh> gdsfh: for every goal generated by previous tactic (or for the original goal when no goal generation happened).
[Mon Oct 14 09:42:52 2013] <kirillt> gdsfh, nice, thank you.
[Mon Oct 14 10:56:05 2013] <reynir> Does the stdlib have a function forall A : Type, False -> A or similar?
[Mon Oct 14 11:10:10 2013] <gdsfh> @check False_rect
[Mon Oct 14 11:10:15 2013] <roosterbot> False_rect : ∀ P : Type, False → P
[Mon Oct 14 11:10:23 2013] <gdsfh> reynir: ^^^
[Mon Oct 14 11:13:20 2013] <reynir> Thank you
[Mon Oct 14 17:34:21 2013] <kirillt> How to prove such: 'Example ble_nat_succ : forall x, ble_nat x (S x) = true.'?
[Mon Oct 14 17:34:34 2013] <kirillt> How to perform inductive step?
[Mon Oct 14 17:34:46 2013] <kirillt> Should I use nat_ind?
[Mon Oct 14 17:48:09 2013] <Ptival> hmm depends on how ble_nat is defined, but probably yeah
[Mon Oct 14 17:50:56 2013] <kirillt> Ptival, how to insert nat_ind into proof?
[Mon Oct 14 17:53:25 2013] <Ptival> kirillt: there is a tactic called induction, if you need it for the exercise it should have been introduced earlier in the chapter
[Mon Oct 14 17:54:45 2013] <kirillt> Ptival, I have a habit to do boring exercises in a different way, there is other task.
[Mon Oct 14 17:54:51 2013] <Ptival> I see
[Mon Oct 14 17:54:52 2013] <kirillt> Ptival, thank you for the tip.
[Mon Oct 14 17:54:59 2013] <Ptival> well if you want to not use tactics
[Mon Oct 14 17:55:05 2013] <Ptival> you can try "apply nat_ind."
[Mon Oct 14 17:55:19 2013] <kirillt> Ptival, tactic is ok, didn't know about name of it.
[Tue Oct 15 07:24:15 2013] <kirillt> What tactic is used for expanding function name to its definition?
[Tue Oct 15 07:24:32 2013] <kirillt> I tried compute, but it gives strange result.
[Tue Oct 15 07:24:44 2013] <kirillt> And I thinks it does more actions.
[Tue Oct 15 07:27:28 2013] <kirillt> I want to convert `f (S n)' to term which defines f and then simplify pattern matching step with (S n).
[Tue Oct 15 07:28:37 2013] <kirillt> But `compute' somehow converts `f (S n)' to `<term-with-pattern-matching> n' (sic!).
[Tue Oct 15 07:28:52 2013] <kirillt> It somehoe lost my `S'.
[Tue Oct 15 07:30:28 2013] <kirillt> Oh, I found it.
[Tue Oct 15 07:30:31 2013] <kirillt> `unfold'
[Tue Oct 15 07:30:42 2013] <kirillt> But somehow it lost 'S', too.
[Tue Oct 15 07:31:45 2013] <ia0> you can try 'simpl' too
[Tue Oct 15 07:37:36 2013] <gdsfh> kirillt: S was "simplified" -- compute decided to unfold function one more time, since it knows the shape of argument (it is S n), and stopped when the shape is unknown (n, which can be O or S _).  As for fine-grained reductions, you may be interested in these tactics: cbv, lazy, hnf, red (maybe i've forgot some).
[Tue Oct 15 09:45:21 2013] <roosbeef> why doesnt coq replace this with its computed value?
[Tue Oct 15 09:45:23 2013] <roosbeef> https://privatepaste.com/7f8cd6bade
[Tue Oct 15 09:46:56 2013] <roosbeef> Eval compute in fl_compare (FrenchLetter a acute) (FrenchLetter a acute).= Eq : comparison
[Tue Oct 15 09:47:17 2013] <roosbeef> my connection dropped, sorry if im reposting
[Tue Oct 15 09:47:26 2013] <roosbeef> <roosbeef> why doesnt coq replace this with its computed value?
[Tue Oct 15 09:47:26 2013] <roosbeef> <roosbeef> https://privatepaste.com/7f8cd6bade
[Tue Oct 15 09:47:26 2013] <roosbeef> <roosbeef> Eval compute in fl_compare (FrenchLetter a acute) (FrenchLetter a acute).= Eq : comparison
[Tue Oct 15 10:14:30 2013] <roosbeef> nevermind, had to do compute
[Tue Oct 15 14:22:06 2013] <ijp> is there a standard lemma for saying that if for all x , f x = g x, then f = g
[Tue Oct 15 14:23:53 2013] <shergill> ijp: proof irrelevance
[Tue Oct 15 14:24:14 2013] <shergill> i think
[Tue Oct 15 14:28:35 2013] <shergill> ijp: hmm actually i'm not sure you even need that. eta-conversion is one of the things coq 8.4 gives you, so there may be a more direct way
[Tue Oct 15 14:32:29 2013] <peterbb> It's not provable, you need the axiom in FunctionalExtensionality.
[Tue Oct 15 14:35:47 2013] <peterbb> shergill: eta-conversion is that (fun x => f x) = f.
[Tue Oct 15 14:36:07 2013] <peterbb> So I don't think it would be of much help here.
[Tue Oct 15 14:37:15 2013] <ijp> peterbb: shergill: thanks
[Tue Oct 15 15:20:31 2013] <kirillt> What to do with cases like 'false = true' when I split by cases my assertion?
[Tue Oct 15 15:20:49 2013] <kirillt> I mean I want to prove e.g. `x = y -> y = x'.
[Tue Oct 15 15:21:16 2013] <kirillt> And I do `destruct x; destruct y; compute', but I have now false hypothesis, too.
[Tue Oct 15 15:28:11 2013] <ystael> kirillt: `contradiction` will prove your goal from an absurd hypothesis
[Tue Oct 15 15:29:00 2013] <kirillt> ystael, oh, ye, I see now
[Tue Oct 15 15:29:16 2013] <kirillt> ystael, but what defference with `absurd'?
[Tue Oct 15 15:29:20 2013] <kirillt> *diff
[Tue Oct 15 15:29:39 2013] <kirillt> And how it knows when something is False?
[Tue Oct 15 15:29:40 2013] <ystael> by "absurd" I mean "the tactic can figure out that it is False"
[Tue Oct 15 15:31:03 2013] <kirillt> ystael, ah ok
[Tue Oct 15 15:31:17 2013] <ystael> I think some step in that tactic is smart enough to use `discriminate` (which is a tactic that directly proves False from an equation between two values with different type constructors)
[Tue Oct 15 15:31:20 2013] <kirillt> ystael, there is also tactic called `absurd'.
[Tue Oct 15 15:31:21 2013] <ystael> I don't know what step that is
[Tue Oct 15 15:32:16 2013] <ystael> `absurd` declares that you intend to prove by reductio ad absurdum, that is, `absurd P` replaces any goal by two goals P and ~P
[Tue Oct 15 15:32:26 2013] <kirillt> Hmm, seems that Coq cannot find `contradiction' tactic. But I see it on the web-site.
[Tue Oct 15 15:32:42 2013] <kirillt> ysteal, understood, thanks
[Tue Oct 15 15:35:32 2013] <jgross> You could also prove your original goal (and not just for bool) by [intros. subst. reflexivity.] 
[Tue Oct 15 16:34:36 2013] <maxiepoo> So I heard you can break type preservation in Coq by mixing inductive and coinductive data somehow, but I can't find anything about it online
[Tue Oct 15 16:35:08 2013] <maxiepoo> Is that true and if so could someone give me a link to an explanation?
[Tue Oct 15 18:09:40 2013] <robbert> maxiepoo: http://permalink.gmane.org/gmane.science.mathematics.logic.coq.club/3608
[Tue Oct 15 18:21:33 2013] <Anarchos> robbert gnééééé
[Tue Oct 15 18:21:51 2013] <Anarchos> gonthier, did he forgot to speak in a *normal* language ?
[Tue Oct 15 18:22:09 2013] <Anarchos> last time i saw him was in 2001, he seemed to be sane at this time :)
[Tue Oct 15 19:59:55 2013] <Ptival> I saw him this summer and he seemed sane :p
[Tue Oct 15 20:00:39 2013] <Smerdyakov> Who's that?
[Tue Oct 15 20:04:18 2013] <Ptival> Gonthier?
[Tue Oct 15 20:04:47 2013] <Smerdyakov> Why the question mark?
[Tue Oct 15 20:05:11 2013] <Ptival> are you asking who he is?
[Tue Oct 15 20:05:27 2013] <Smerdyakov> I joined the channel right after "I saw him this summer and he seemed sane :p".
[Tue Oct 15 20:05:33 2013] <Smerdyakov> So I think I got the answer I was looking for.
[Tue Oct 15 20:05:36 2013] <Ptival> ok
[Tue Oct 15 20:05:37 2013] <Ptival> yeah
[Tue Oct 15 22:15:18 2013] <ijp> is there a tactic like unfold, but that only unfolds a recursive function one step
[Tue Oct 15 23:00:19 2013] <jgross> ijp: You can try [unfold f; fold f], which sometimes works.  You can also try [cbv delta [f]; cbv beta at 1; fold f] (or maybe [at 0] rather than [at 1]?), but I'm not sure.  I don't think there's a reliable way to do it. 
[Wed Oct 16 02:09:42 2013] <Ptival> yeah unfold will consume as much input as it can if the head constructor for the recursive call is known I believe
[Wed Oct 16 02:09:51 2013] <Ptival> oh he's gone anyway
[Wed Oct 16 04:57:36 2013] <kirillt> Is there something like `undefined' in haskell?
[Wed Oct 16 04:57:46 2013] <kirillt> I want to mock one case in pattern-matching.
[Wed Oct 16 04:58:18 2013] <ia0> undefined it is
[Wed Oct 16 04:58:39 2013] <ia0> admit
[Wed Oct 16 04:59:05 2013] <ia0> ah wait, in a definition?
[Wed Oct 16 05:00:04 2013] <ia0> in a definition, if it is only temporary, I would use an axiom undefined
[Wed Oct 16 05:00:57 2013] <ia0> but if you know this case is not useful, either you can build a garbage object of this type, or you would need to take some property which would imply False for this branch
[Wed Oct 16 08:08:33 2013] <roosbeef> suppose H0: P, H1: P -> Q
[Wed Oct 16 08:09:04 2013] <roosbeef> if my goal is Q, how can i use H1 for this?
[Wed Oct 16 08:12:02 2013] <roosbeef> nevermind, apply H1 first and then H0 i guess
[Wed Oct 16 08:32:17 2013] <roosbeef> hm
[Wed Oct 16 08:32:33 2013] <roosbeef> https://privatepaste.com/6aea51a5a2
[Wed Oct 16 08:32:36 2013] <roosbeef> would this work somehow?
[Wed Oct 16 08:32:57 2013] <roosbeef> seems to me like it would be possible to apply IHx first, and then H
[Wed Oct 16 08:33:03 2013] <roosbeef> but Coq wont have it
[Wed Oct 16 08:54:00 2013] <roosbeef> in the following proof: https://privatepaste.com/3b7c3c4740
[Wed Oct 16 08:54:19 2013] <roosbeef> why does the final step 'assumption' work?
[Wed Oct 16 08:54:29 2013] <roosbeef> the goal is not in the assumptions
[Wed Oct 16 09:35:07 2013] <defanor> it is impossible to define incorrect (contradictory) proof objects, right?
[Wed Oct 16 09:35:34 2013] <defanor> (without contradictory axioms, at least)
[Wed Oct 16 09:36:14 2013] <rmk0> assuming there aren't any bugs in the type checker
[Wed Oct 16 09:36:29 2013] <defanor> yep, thanks
[Wed Oct 16 10:09:58 2013] <peterbb> roosbeef: regarding the last example, if you do a "simple" before doing "assumption", you will see that they are equivalent. assumption does this kind of computation automatically.
[Wed Oct 16 12:24:06 2013] <gdsfh> Hello.  I'm trying to implement a multithreaded algorithm with synchronization on semaphores/mutexes, but I can't convince myself that it will work correctly.  Are there any relatively simple ways to formalize such things in Coq?
[Wed Oct 16 12:27:20 2013] <gdsfh> (why I need to do such sh.t -- I found out that fcntl (to synchronize file access; via OCaml's Unix.lockf) takes 60 microseconds, and it's too slow for my task, so I need some home-made readers-writer locks storage.)
[Wed Oct 16 12:30:04 2013] <gdsfh> (btw, links to rwlock implementations via semaphores/mutexes are welcome too; my google-fu seems to be broken, I can't find any decent implementation.)
[Wed Oct 16 13:40:36 2013] <kirillt> Hi, guys.
[Wed Oct 16 13:40:55 2013] <kirillt> I have problem with example from software foundations.
[Wed Oct 16 13:41:21 2013] <kirillt> Assertion to prove is `forall b c, andb b c = true -> b = true'.
[Wed Oct 16 13:42:37 2013] <kirillt> But example uses `Case' tactics which somehow cannot be interpreted on my system (error is e.g. `No interpretation for string "b = true"').
[Wed Oct 16 13:43:24 2013] <kirillt> I commented it out, but in example there is `rewrite <- H' which doesn't work for me (maybe because of lack of Case steps).
[Wed Oct 16 13:44:11 2013] <kirillt> Full proof is `Proof. intros b c H. destruct b. Case "b = true". reflexivity. Case "b = false". rewrite <- H. reflexivity. Qed.'.
[Wed Oct 16 13:44:35 2013] <kirillt> I tried to prove also via `contradict H' and got False goal, but don't know what to do next.
[Wed Oct 16 13:46:45 2013] <gdsfh> kirillt: dumb way: "destruct b; destruct c; simpl; discriminate" or like.  If it doesn't work, show your hypotheses and goal.
[Wed Oct 16 13:50:09 2013] <gereedy> kirillt: which version of coq do you have? the proof works for me without the Case tactics
[Wed Oct 16 13:53:40 2013] <ystael> kirillt: This is an error in Software Foundations, or something.  Case tactics are found on cocorico wiki: http://coq.inria.fr/cocorico/Case%20%28tactic%29
[Wed Oct 16 13:53:51 2013] <ystael> This is not the only case where SF relies on something from cocorico without saying so.
[Wed Oct 16 14:00:08 2013] <ijp> kirillt: are you copying from the html?
[Wed Oct 16 14:00:37 2013] <ijp> if you download the tarball, there are .v files and the code for Case tactics is included in a few of the files
[Wed Oct 16 14:01:43 2013] <ijp> Induction.v and SfLib.v
[Wed Oct 16 14:01:48 2013] <kirillt> ijp, ye, I have seen the code archive; but didn't search for Case there.
[Wed Oct 16 14:01:58 2013] <kirillt> ijp, so Case isn't standard?
[Wed Oct 16 14:02:18 2013] <kirillt> ystael, I see page, but don't see what to import for et Case work
[Wed Oct 16 14:02:53 2013] <kirillt> gdsfh, 8.3pl4
[Wed Oct 16 14:03:11 2013] <kirillt> (it was to gereedy) 8.3pl4
[Wed Oct 16 14:03:34 2013] <ystael> kirillt: paste that piece of code into a file to import
[Wed Oct 16 14:04:02 2013] <kirillt> How 'rewrite <- H' can solve it? It converts 'false = true' into 'false = andb false c'.
[Wed Oct 16 14:04:26 2013] <kirillt> ystael, there is no library or something?
[Wed Oct 16 14:04:27 2013] <ystael> kirillt: what happens when you reduce 'andb false c' ?
[Wed Oct 16 14:04:34 2013] <ystael> kirillt: It's not in the standard library, no.
[Wed Oct 16 14:05:21 2013] <ystael> As ijp said, the implementation on that wiki page or something similar is included in the SF sources tar; or you can do what I did and just make your own mini-library.
[Wed Oct 16 14:06:06 2013] <kirillt> ystael, ye, I understood. Just thought that there is lib with all such utility code.
[Wed Oct 16 14:06:29 2013] <kirillt> btw, suddenly 'rewrite <- H. reflexivity.' works for me, too.
[Wed Oct 16 14:06:31 2013] <kirillt> But how?
[Wed Oct 16 14:06:51 2013] <kirillt> Reflexivity is when `a = a`, but we have contradiction.
[Wed Oct 16 14:07:43 2013] <ystael> It's OK to derive a proof from impossible hypotheses without explicitly observing that the hypotheses are impossible :)
[Wed Oct 16 14:08:52 2013] <Ptival> kirillt: reflexivity also works when the two sides of the equation reduce to the same value
[Wed Oct 16 14:09:14 2013] <Ptival> in this case, probably if you do the tactic `simpl.`, `andb false c` reduces to `false`
[Wed Oct 16 14:09:36 2013] <kirillt> Ptival, ystael, ah, ok, understood
[Wed Oct 16 14:10:06 2013] <Ptival> for instance, `1 + 1 = 2` by reflexivity
[Wed Oct 16 14:11:04 2013] <Ptival> but not `S a + b = a + S b`, because one of the sides would not reduce
[Wed Oct 16 14:11:16 2013] <Ptival> in which case you have to do some rewriting
[Wed Oct 16 14:11:36 2013] <Ptival> to reason equationally rather than computationally
[Wed Oct 16 14:14:58 2013] <kirillt> Hm, how to include SfLib.v or Induction.v into my source?
[Wed Oct 16 14:15:10 2013] <kirillt> `Export SfLib.' doesn't work.
[Wed Oct 16 14:15:35 2013] <kirillt> SfLib.v is compiled, both .v and .vo files are in the same directory. Error is "SfLib isn't module.".
[Wed Oct 16 14:16:05 2013] <kirillt> Source file name <> module name?
[Wed Oct 16 14:17:53 2013] <Ptival> Require Export SfLib?
[Wed Oct 16 14:18:46 2013] <kirillt> Really.
[Wed Oct 16 14:19:01 2013] <kirillt> Thanks, everything work now!
[Wed Oct 16 14:24:04 2013] <roosbeef> im a bit confused to how induction works
[Wed Oct 16 14:24:18 2013] <roosbeef> for example in this proof  https://privatepaste.com/3b7c3c4740
[Wed Oct 16 14:24:24 2013] <roosbeef> the final step is 'assumption'
[Wed Oct 16 14:24:32 2013] <roosbeef> but H does not match the goal
[Wed Oct 16 14:24:41 2013] <roosbeef> why does Coq still accept 'assumption' then
[Wed Oct 16 14:26:47 2013] <Ptival> roosbeef: for the exact same reason that I just told kirillt about :)
[Wed Oct 16 14:27:00 2013] <roosbeef> ha whats that
[Wed Oct 16 14:27:06 2013] <roosbeef> (i was offline at that time i think)
[Wed Oct 16 14:27:07 2013] <Ptival> if you simpl your goal, it reduces exactly to the type of your assumption
[Wed Oct 16 14:27:22 2013] <Ptival> so their reduced form is exactly the same
[Wed Oct 16 14:27:45 2013] <roosbeef> hm
[Wed Oct 16 14:28:11 2013] <roosbeef> but why in this case does it reduce to that
[Wed Oct 16 14:28:20 2013] <roosbeef> S n is not the same as n is it?
[Wed Oct 16 14:30:26 2013] <Ptival> look at the definition of nat_compare
[Wed Oct 16 14:31:25 2013] <Ptival> and think about what it reduces to when called with `S (n + x)` and `S (n + y)`
[Wed Oct 16 14:31:44 2013] <roosbeef> ah, right
[Wed Oct 16 14:31:51 2013] <roosbeef> the final clause
[Wed Oct 16 14:31:57 2013] <roosbeef> :)
[Wed Oct 16 14:32:13 2013] <roosbeef> im trying to prove something that has to do with a comparison between lists
[Wed Oct 16 14:32:49 2013] <roosbeef> but the decisive elements of those lists are in the middle of the list
[Wed Oct 16 14:33:12 2013] <roosbeef> (eg. see https://privatepaste.com/0258feaf52)
[Wed Oct 16 14:34:30 2013] <roosbeef> if im comparing two lists, (a ++ x :: b) and (a ++ y ++ b), do i need to perform induction on a, b and y? (as those are all lists)
[Wed Oct 16 14:35:18 2013] <roosbeef> or just on y, as that is the decisive list (a and b dont play a determining factor because they are on both sides of the comparison)
[Wed Oct 16 14:36:39 2013] <roosbeef> my connection dropped for a minute, hopefully all came through
[Wed Oct 16 14:41:22 2013] <napping> using apply on a hypothesis will unfold definitions to find an appropriate product, is there any way to get auto to do the same (even for specific definitions, Hint Unfold and Hint Transparent seem only to affect the goal)
[Wed Oct 16 15:04:41 2013] <roosbeef> in general, does 'induction' split up the goal in subgoals A and B, where you need to prove A and can prove B by induction hypothesis?
[Wed Oct 16 15:05:11 2013] <roosbeef> or do you need to prove both
[Wed Oct 16 15:31:42 2013] <defanor> oh, napping, there you are!
[Wed Oct 16 15:31:53 2013] <defanor> <napping> I got thing to go through making use of the lemmas by proving an auxiliary lemma saying that (forall x, appears_in x l2 -> appears_in x l1) if (forall x, appears_in x l1 -> appears_in x l2), ~ repeats l1, and the lengths are equal -- have you proved this lemma?
[Wed Oct 16 15:32:05 2013] <napping> yeah
[Wed Oct 16 15:32:11 2013] <defanor> it makes whole proof easy, but i'm stuck on it
[Wed Oct 16 15:32:43 2013] <defanor> could you give me some advice about this lemma?
[Wed Oct 16 15:33:11 2013] <napping> the trick in stating it was to start with a forall n, and then say that the lengths are both equal to n, so you can do induction on the identical lengths
[Wed Oct 16 15:33:24 2013] <napping> (maybe you could do something with the "remember" tactic anyway)
[Wed Oct 16 15:34:03 2013] <defanor> thanks, going to try
[Wed Oct 16 15:34:35 2013] <napping> inside it, lots of the little lemmas about membership and appending become useful
[Thu Oct 17 07:26:13 2013] <yezariaely> I want to use Coq.Lists.List's notation. I imported the just mentioned module. Is there anything else I have to import?
[Thu Oct 17 07:26:24 2013] <yezariaely> I want to use [1,2,3]
[Thu Oct 17 08:14:37 2013] <yezariaely> hmm anyone?
[Thu Oct 17 08:27:37 2013] <kirillt> Is there built-in analog of ble_nat from software-foundations?
[Thu Oct 17 08:27:49 2013] <kirillt> I.e. function `nat -> nat -> bool'.
[Thu Oct 17 08:45:03 2013] <yezariaely> there is le but this is Prop not bool.
[Thu Oct 17 09:09:30 2013] <yezariaely> can I somehow directly desctruct tuples as function arguments?
[Thu Oct 17 09:10:37 2013] <yezariaely> e.g. Fixpoint myfun (a,b) := a (without an explicit match)
[Thu Oct 17 10:09:49 2013] <gereedy> yezariaely: If you're still looking to get list notation you need to Require Import List. Import ListNotations. Open list_scope.
[Thu Oct 17 10:12:08 2013] <gereedy> and the notation is [1;2;3] not [1,2,3]
[Thu Oct 17 10:32:24 2013] <roosbeef> hm
[Thu Oct 17 10:32:57 2013] <roosbeef> im kinda stuck with this simple proof for a couple weeks now
[Thu Oct 17 10:33:13 2013] <roosbeef> a major sticking point i think is the inefficiency of some of my code
[Thu Oct 17 10:34:11 2013] <roosbeef> anyone care to check out a selection of functions i think are the major obstructors?
[Thu Oct 17 10:36:46 2013] <roosbeef> i think simplifying these would greatly reduce the bloat in proof mode
[Thu Oct 17 10:37:45 2013] <roosbeef> but they perform a relatively complex task and im not sure how to further simplify
[Thu Oct 17 10:42:31 2013] <gereedy> roosbeef: what are you stuck on?
[Thu Oct 17 10:43:51 2013] <roosbeef> gereedy, one sec ill put up an example
[Thu Oct 17 10:45:29 2013] <yezariaely> gereedy: thx!
[Thu Oct 17 10:47:04 2013] <yezariaely> gereedy: however it doesn't work for me. Error: ListNotations is not a module
[Thu Oct 17 10:47:56 2013] <roosbeef> gereedy, https://privatepaste.com/60b23dc3e4
[Thu Oct 17 10:48:31 2013] <roosbeef> gereedy, the function i would like to simplify is 'stratify' and its components (stratify_sub and stratify_rec)
[Thu Oct 17 10:49:34 2013] <roosbeef> its at the bottom
[Thu Oct 17 10:49:35 2013] <gereedy> yezariaely: I guess you must be using coq 8.3
[Thu Oct 17 10:49:54 2013] <roosbeef> ive added relevant code above
[Thu Oct 17 10:50:01 2013] <yezariaely> gereedy:  your guess is correct
[Thu Oct 17 10:50:30 2013] <yezariaely> For which version is it?
[Thu Oct 17 10:51:43 2013] <gereedy> 8.4
[Thu Oct 17 10:52:26 2013] <gereedy> In 8.3 the list notation is done as a local notation but in 8.4 it is in a Module
[Thu Oct 17 10:52:46 2013] <gereedy> as far as I know there isn't any way to get at that local notation, other than to copy it into your code
[Thu Oct 17 10:58:24 2013] <yezariaely> gereedy: thx again.
[Thu Oct 17 11:14:18 2013] <gereedy> roosbeef: maybe a different structure for term would help
[Thu Oct 17 11:14:55 2013] <gereedy> like Inductive fterm := TermNil : fterm | TermConsString : fstring -> fterm -> fterm | TermConsTerm : fterm -> fterm -> fterm.
[Thu Oct 17 11:19:07 2013] <roosbeef> gereedy, interesting
[Thu Oct 17 11:19:26 2013] <roosbeef> that would be functionally equivalent to its current definition?
[Thu Oct 17 11:19:30 2013] <gereedy> I think that is isomorphic to your fterm
[Thu Oct 17 11:19:38 2013] <gereedy> but makes the interleaving explicit
[Thu Oct 17 11:20:08 2013] <gereedy> I think TermConsString could actually be TermConsLetter replacing the fstring with fletter
[Thu Oct 17 11:20:27 2013] <roosbeef> why?
[Thu Oct 17 11:24:03 2013] <gereedy> becase f (TermConsString nil ft') = ft' and f (TermConsString (fl::fs) ft') = TermConsLetter fl (f (TermConsString fs ft')) is a morphism
[Thu Oct 17 11:24:57 2013] <gereedy> it is essentially a nested list structure
[Thu Oct 17 11:26:59 2013] <roosbeef> yea
[Thu Oct 17 11:27:08 2013] <roosbeef> sounds good :)
[Thu Oct 17 11:27:13 2013] <roosbeef> im gonna give that a shot
[Thu Oct 17 11:27:26 2013] <roosbeef> been stuck on this approach for too long now
[Thu Oct 17 11:27:35 2013] <roosbeef> thanks very much! :)
[Thu Oct 17 11:27:43 2013] <gereedy> sure, hope it helps
[Thu Oct 17 13:44:12 2013] <kirillt> I am just wondering: what if I try to prove function definition?
[Thu Oct 17 13:44:32 2013] <kirillt> E.g. `Definition length' : natlist -> nat.'
[Thu Oct 17 13:44:41 2013] <kirillt> `Proof. intro xs.'
[Thu Oct 17 13:45:07 2013] <kirillt> What's next how to formulate definition-term in terms of tactics?
[Thu Oct 17 13:45:11 2013] <kirillt> Is it possible?
[Thu Oct 17 13:45:38 2013] <kirillt> According Curry-Howard correspondence there is no difference, if I understand it correctly.
[Thu Oct 17 13:47:10 2013] <kirillt> Proof of type `nat' must be concrete instance, but how to provide it via tactics?
[Thu Oct 17 13:47:14 2013] <gdsfh> kirillt: it's possible, but it's not recommended to build computational terms with tactics.  Try, for example, "Definition add (a b : nat) : nat.  auto.  Defined."
[Thu Oct 17 13:47:42 2013] <gdsfh> kirillt: I'll build correct length with tactics, wait some time.
[Thu Oct 17 13:49:34 2013] <Zedrikov> Theres is the low level 'fix' tactic for that.
[Thu Oct 17 13:49:46 2013] <Zedrikov> But guardedness is chec
[Thu Oct 17 13:49:59 2013] <Zedrikov> ked at Qed time
[Thu Oct 17 13:50:04 2013] <gdsfh> kirillt: http://paste.in.ua/8872/
[Thu Oct 17 13:50:40 2013] <Zedrikov> It is often safer tou
[Thu Oct 17 13:50:53 2013] <Zedrikov> use induction tactic rather than fix
[Thu Oct 17 13:51:41 2013] <Zedrikov> (sorry for multiline, I recently changed my layout, and hit 'enter' at the wrong place)
[Thu Oct 17 13:51:42 2013] <kirillt> gdsfh, thanks
[Thu Oct 17 13:52:15 2013] <gdsfh> really, induction works too: http://paste.in.ua/8873/
[Thu Oct 17 13:53:49 2013] <Zedrikov> Yes, and gdsfh called needlessly the 'fix' tactic in its first paste.
[Thu Oct 17 13:54:22 2013] <Zedrikov> If you are a beginner, I do not advise the use of the 'fix' tactic.
[Thu Oct 17 13:54:45 2013] <kirillt> Quiet funny :)
[Thu Oct 17 13:54:46 2013] <gdsfh> Zedrikov: that's because I hadn't found "length" in hypotheses, and hadn't noticed strange "IHt : nat".
[Thu Oct 17 13:54:57 2013] <kirillt> Adding hypothesis to number :D
[Thu Oct 17 13:55:36 2013] <Zedrikov> (unless you really want to have a nice proof term)
[Thu Oct 17 13:56:22 2013] <kirillt> (Didn't look for `fix' tactic description yet). Is `fix' tactic for referring to the goal inside proof? Like recursive calls via Y-combinator in lambda calculus.
[Thu Oct 17 13:57:22 2013] <Zedrikov> Yet, forget about the 'fix' tactic. With normal Coq usage, you should not need it.
[Thu Oct 17 13:57:33 2013] <kirillt> Just wandering.
[Thu Oct 17 13:57:37 2013] <gdsfh> kirillt: do you understand why it's bad to build computational terms with tactics, while for Prop-typed values it's safe/acceptable?
[Thu Oct 17 13:57:58 2013] <kirillt> gdsfh, because there are a lot of possible terms?
[Thu Oct 17 13:58:12 2013] <Zedrikov> You need it if you disable automatic generation of induction principles, and it can be usefull for mutual induction.
[Thu Oct 17 13:58:50 2013] <kirillt> gdsfh, as I understand we can generate only one determined term for definition only in case when our TYPE of definition has only one term.
[Thu Oct 17 13:59:20 2013] <Zedrikov> Kirillt: that plus the fact that proof scripts are unreadable for human beings.
[Thu Oct 17 14:00:09 2013] <kirillt> Zedrikov, ye
[Thu Oct 17 14:02:12 2013] <Zedrikov> But there are cases where it is not much annoying. For instance, you can write a function "sub : ∀ m n, {m<n}+{diff|m=n+diff}
[Thu Oct 17 14:02:13 2013] <gdsfh> kirillt: possible terms -- yes.  Also: 1. if you extract Coq code to OCaml (for example), all Prop values will be erased, but Type/Set values will live in the code, so they (and functions over them) rule how the program will be executed.  2. some kind of proof irrelevance: it doesn't matter (in general) how the proof looks like, so if you build a value of your type P : Prop, you have the proof.
[Thu Oct 17 14:03:09 2013] <kirillt> Zedrikov, does it have only one inhabitant?
[Thu Oct 17 14:03:09 2013] <Zedrikov> tactics and code extraction are two unrelated things in the design
[Thu Oct 17 14:03:39 2013] <Zedrikov> No, but the computationnal result will be what you want.
[Thu Oct 17 14:03:43 2013] <gdsfh> Zedrikov: I know, but they are related when one uses them both.
[Thu Oct 17 14:04:16 2013] <kirillt> Zedrikov, oh, ye, of course, I forgot, that we obviously can code one function in different ways.
[Thu Oct 17 14:04:46 2013] <Zedrikov> That is: either m is lesser than n (in which case substraction is not defined) either the difference will be returned with a proof it is really the difference (but you do not )
[Thu Oct 17 14:05:00 2013] <Zedrikov> know how it is computed
[Thu Oct 17 14:05:13 2013] <kirillt> gdsfh, interesting what will be extracted from tactic-performed definition.
[Thu Oct 17 14:05:54 2013] <gdsfh> kirillt: use "Extraction length." on my examples.
[Thu Oct 17 14:06:04 2013] <gdsfh> after definition of length of course.
[Thu Oct 17 14:06:46 2013] <Zedrikov> I guess the output will be the same for both, as 'fix' is not used in the first one.
[Thu Oct 17 14:07:51 2013] <kirillt> gdsfh, extracted code not very scarry, but definitely not readable.
[Thu Oct 17 14:07:54 2013] <gdsfh> Zedrikov: it is used.  "exact (1 + length t)", where length was brought by "fix 1".
[Thu Oct 17 14:08:25 2013] <Zedrikov> There is also the 'Print' command, which is probably better, if you are not interested in extraction but only in the proof/term representation
[Thu Oct 17 14:09:42 2013] <Zedrikov> right, I misread it, so it is induction which is useless in your first example, it seems.
[Thu Oct 17 14:10:32 2013] <Zedrikov> (sorry, I am not running Coq now, so I cannot test)
[Thu Oct 17 14:10:55 2013] <gdsfh> Zedrikov: yes, destruct seems to be enough, but I'm lazy to check it.
[Thu Oct 17 14:11:46 2013] <Zedrikov> I never use induction when destruct is enough
[Thu Oct 17 14:12:17 2013] <Zedrikov> As I never use the Fixpoint keyword to introduce a non recursive function
[Thu Oct 17 14:13:26 2013] <gdsfh> yes, I agree with you.  No need to clutter proof terms.
[Thu Oct 17 14:15:37 2013] <gdsfh> btw, the most boring thing I've done with Coq was rewriting a part of stdlib about plus and le, so that proof terms got nice and _transparent_.
[Thu Oct 17 14:18:17 2013] <gdsfh> also I wonder how people live with "Eval .. in .." having opaque proofs from stdlib.
[Fri Oct 18 10:41:45 2013] <reynir> jesus christ
[Fri Oct 18 10:42:01 2013] <reynir> I turned my screen upside down somehow
[Fri Oct 18 10:43:00 2013] <roosbeef> xrandr -o normal
[Fri Oct 18 10:44:17 2013] <reynir> Windows :/
[Fri Oct 18 13:16:00 2013] <napping> Can an Ltac tactic take a set of hint databases?
[Fri Oct 18 13:16:09 2013] <napping> Ltac foo hints := auto with hints.
[Fri Oct 18 13:16:21 2013] <napping> works with a single hint database as argument
[Sat Oct 19 05:19:14 2013] <kirillt> I forgot, how to handle false cases in induction?
[Sat Oct 19 05:19:48 2013] <kirillt> like `[] = [1] -> <assertion>'.
[Sat Oct 19 05:26:26 2013] <kirillt> And what is opposite to `reflexivity'?
[Sat Oct 19 05:26:45 2013] <kirillt> I mean tactic which I need when I have goal like `[1] <> []'.
[Sat Oct 19 05:27:58 2013] <Anarchos> injective should work
[Sat Oct 19 05:28:33 2013] <Anarchos> or was it inversion ?
[Sat Oct 19 05:42:10 2013] <kirillt> inversion requires an parameter.
[Sat Oct 19 05:42:22 2013] <kirillt> And there is no injective tactic.
[Sat Oct 19 05:43:09 2013] <Anarchos> kirillt i think you should find the answer in benjamin pierce book
[Sat Oct 19 05:43:10 2013] <rks`> you want discriminate.
[Sat Oct 19 05:44:10 2013] <rks`> (you can also use "discriminate H" if you avec an hypothesis "H : [] = [1]")
[Sat Oct 19 05:44:31 2013] <kirillt> Ye, `disriminate' works.
[Sat Oct 19 05:44:39 2013] <kirillt> Thanks.
[Sat Oct 19 05:44:55 2013] <Anarchos> tactics contradiction ?
[Sat Oct 19 05:45:02 2013] <kirillt> Anarchos, somehow there is no introduction of `discriminate' ant the current place of the book.
[Sat Oct 19 05:46:32 2013] <kirillt> Anarchos, `contradiction' gives an error, and I don't know about what it is, because ide's highlighting covers message.
[Sat Oct 19 05:52:02 2013] <kirillt> What means error "No primitive equality found."?
[Sat Oct 19 05:52:25 2013] <kirillt> It appears when I try use `discriminate' in bad cases.
[Sat Oct 19 05:54:48 2013] <defanor> <kirillt> inversion requires an parameter. -- not sure, but i think that that false hypothesis could make a nice parameter for it. after intros, at least
[Sat Oct 19 06:01:00 2013] <kirillt> Hmm, I am trying to prove existential goal now. Base case of induction is OK, but step isn't clear. I tried to use `rewrite', but Coq talks that I must import Setoids.
[Sat Oct 19 06:01:08 2013] <kirillt> Is there workaround without Setoids?
[Sat Oct 19 06:01:24 2013] <kirillt> How to apply existential assertion to my goal?
[Sat Oct 19 06:08:38 2013] <kirillt> Oh, I proved it just with `exists <recursive call>'.
[Sat Oct 19 06:09:09 2013] <kirillt> No need in induction, only destruct.
[Sat Oct 19 06:29:36 2013] <kirillt> How to prove inequality?
[Sat Oct 19 06:31:46 2013] <kirillt> Hmm, or `discriminate' works for it, too.
[Sat Oct 19 06:33:46 2013] <kirillt> But there is other problem with inequalities: base case of induction is juse `discriminate', but during step I can't apply inductive hypothesis, because it contains `<>' and I can't prove `<>' for bigger term from `<>' for smaller term.
[Sat Oct 19 06:33:54 2013] <kirillt> So I think I need to use existential lemma.
[Sat Oct 19 06:34:21 2013] <kirillt> I proved it (forall xs, forall x, exists ys, exists y, snoc x xs = cons y ys).
[Sat Oct 19 06:34:51 2013] <kirillt> But still can't prove the goal.
[Sat Oct 19 06:35:11 2013] <kirillt> Because I can't use discriminate on goal like `[] = x :: xs'.
[Sat Oct 19 09:30:57 2013] <roosbeef> hi
[Sun Oct 20 10:53:22 2013] <anderslundstedt> kirillt: use the predecessor function
[Sun Oct 20 10:53:23 2013] <anderslundstedt> http://pastebin.com/Dvvu3awd
[Sun Oct 20 10:55:56 2013] <anderslundstedt> is there a finite map data structure in Coq? I want to define substitution on a term type:
[Sun Oct 20 10:55:58 2013] <kirillt> anderslundstedt, can it be done without `change'?
[Sun Oct 20 10:56:01 2013] <anderslundstedt> Inductive term {A : Set} : Set :=
[Sun Oct 20 10:56:01 2013] <anderslundstedt>   var : nat -> term
[Sun Oct 20 10:56:02 2013] <anderslundstedt> | const : A -> term
[Sun Oct 20 10:56:03 2013] <anderslundstedt> | conc : term -> term -> term.
[Sun Oct 20 10:56:17 2013] <kirillt> anderslundstedt, (only with induction)
[Sun Oct 20 11:01:39 2013] <anderslundstedt> kirillt: have you tried induction n; induction m?
[Sun Oct 20 11:04:42 2013] <anderslundstedt> kirillt: otherwise I do not know really, you might want to check out section 6.2.3.2 "the inner workings of injection" in Coq'Art
[Sun Oct 20 11:12:35 2013] <kirillt> anderskundstedt, I tried `induction n; induction m', can't prove last case, because hypothesis contains non-symmetrical S's (don't know how to describe shortly and clearer).
[Sun Oct 20 11:12:52 2013] <kirillt> anderskundstedt, but thank you for the reference to the literature
[Sun Oct 20 11:13:56 2013] <kirillt> Is there free english pdf version of Coq'Art?
[Sun Oct 20 11:14:55 2013] <anderslundstedt> kirillt: you will have to ask google that. If you could provide a paste bin of your attempt with induction n induction m I could take a look at tit
[Sun Oct 20 11:16:08 2013] <kirillt> oh, book is easy to find
[Sun Oct 20 11:16:17 2013] <kirillt> I searched previous times and somehow failed
[Sun Oct 20 11:16:25 2013] <kirillt> now I found it
[Sun Oct 20 11:21:29 2013] <kirillt> anderslundstedt, my attempt to prove it (here, because I have problems with posting to pastebin on current system): `intros n m eq. induction n; induction m. reflexivity. discriminate. discriminate. (* problem *)'.
[Sun Oct 20 11:22:24 2013] <kirillt> Problem in that we have hypothesis like `S n = S S m -> ...' or `S S n = S m -> ...' and cannot apply them to equality `S n = S m'.
[Sun Oct 20 11:26:21 2013] <anderslundstedt> kirillt: I see. sorry I am not able to help at the moment.
[Sun Oct 20 20:42:07 2013] <bitwiddly> How do I import modules that conflict. Specifically t from Vector and Fin (in the stdlib)?
[Mon Oct 21 00:54:25 2013] <osa1> hi all. sorry if this is off-topic but can anyone tell me some grad schools/professors in europe to work on programming language theory? I'm having hard times deciding where to apply (I only know some schools/professors in US)
[Mon Oct 21 03:51:32 2013] <yezariaely> I use coq 8.3 and I want to use the omega tactics. What import do I have to maek?
[Mon Oct 21 03:52:51 2013] <yezariaely> ah just found it.
[Mon Oct 21 10:10:58 2013] <anderslundstedt> is it possible to write the following without the helper function? http://pastebin.com/YX3T7xE3
[Mon Oct 21 10:27:16 2013] <ianjneu> anderslundstedt: can you not just match on (sub_map n)?
[Mon Oct 21 16:41:58 2013] <ystael> How difficult is it to add another extraction back-end to Coq?
[Mon Oct 21 16:43:24 2013] <ystael> (on a scale of "like washing a lot of dishes" to "if you have to ask, you're incapable of understanding the answer")
[Mon Oct 21 16:43:32 2013] <kirillt> What means "%list" at the end of expression?
[Mon Oct 21 16:43:50 2013] <ystael> kirillt: That's a notation scope; it says the expression should be interpreted in the notation scope named list_scope.
[Mon Oct 21 16:44:42 2013] <ystael> For instance, `1%nat` says that `1` should be interpreted in nat_scope and so it names the value 1 : nat (= S O).
[Mon Oct 21 16:44:59 2013] <kirillt> ystael, you mean where "Notation <string> := <expression>" interpretations are taken from?
[Mon Oct 21 16:45:04 2013] <ystael> yes, exactly.
[Mon Oct 21 16:45:10 2013] <kirillt> ystael, ok, thank you
[Mon Oct 21 18:22:05 2013] <kirillt> How to copy hypothesis into new variable?
[Mon Oct 21 18:31:53 2013] <kirillt> Or how to introduce arbitrary hypothesis into context?
[Mon Oct 21 18:37:18 2013] <Ptivampire> kirillt: if you have a proof, you can 'pose proof <proofname>.'
[Mon Oct 21 18:37:21 2013] <kirillt> I can imagine only the way with "assert (X : <hypothesis> -> <goal>)".
[Mon Oct 21 18:41:53 2013] <kirillt> Ptivampire, you mean, that I should give lemma or something into <proofname>?
[Mon Oct 21 18:42:23 2013] <kirillt> Ptivampire, and Coq will extract necessary hypothesis from it?
[Mon Oct 21 18:52:01 2013] <anderslundstedt> why do I get Error: Unknown interpretation for notation "_ :: _" for http://pastebin.com/9Lq5ZE9N ?
[Mon Oct 21 19:03:26 2013] <kirillt> Oh, there is `destruct .. eqn', that is what I looked for.
[Mon Oct 21 19:09:28 2013] <kirillt> But Coq cannot parse it somehow.
[Mon Oct 21 19:09:48 2013] <kirillt> (I found this tactic in software-foundations book.)
[Mon Oct 21 20:30:06 2013] <anderslundstedt> how do I use a comparison between nats in a function: "Definition f (n : nat) := if n = 0 then 1 else 0." gives Error: The term "n = 0" has type "Prop" which is not a (co-)inductive type.
[Mon Oct 21 20:34:11 2013] <jamesolantern> anderslundstedt, try beq_nat
[Mon Oct 21 20:34:56 2013] <jamesolantern> or eq_nat_dec
[Mon Oct 21 20:37:23 2013] <anderslundstedt> what library do I have to require?
[Mon Oct 21 20:39:15 2013] <jamesolantern> Arith?
[Mon Oct 21 20:39:18 2013] <jamesolantern> I'm not sure.
[Mon Oct 21 20:42:01 2013] <anderslundstedt> does not work: "The reference beq_nat was not found in the current environment." and similar for eq_nat_dec
[Mon Oct 21 20:44:06 2013] <jamesolantern> http://coq.inria.fr/stdlib/Coq.Arith.EqNat.html#beq_nat
[Mon Oct 21 20:46:13 2013] <anderslundstedt> could my coq install be broken? "Require Coq.Arith.EqNat. Eval compute in beq_nat O O." gives "The reference beq_nat was not found in the current environment."
[Mon Oct 21 20:46:48 2013] <jamesolantern> it's also possible that you have an old version.
[Mon Oct 21 20:47:09 2013] <jamesolantern> beq_nat is also straightforward to define yourself
[Mon Oct 21 20:49:53 2013] <anderslundstedt> yep but I would still worry that a broken coq install would cause other problems. so just to verify: "Require Coq.Arith.EqNat. Eval compute in beq_nat O O." should work?
[Mon Oct 21 20:52:04 2013] <jamesolantern> it should be "Require Import..."
[Mon Oct 21 20:52:06 2013] <jamesolantern> then it should work
[Mon Oct 21 20:54:30 2013] <anderslundstedt> oh
[Mon Oct 21 20:54:32 2013] <anderslundstedt> thanks!
[Tue Oct 22 07:04:42 2013] <kirillt> How to provide type argument to `fold'?
[Tue Oct 22 07:05:23 2013] <kirillt> Now I get error `Cannot infer the implicit parameter of X of f' when type `fold f'.
[Tue Oct 22 07:05:59 2013] <kirillt> I have parameter X in the context but don't know how to give it to tactic (tried `fold f with X').
[Tue Oct 22 07:54:39 2013] <gdsfh> kirillt: "fold (@f X)"?
[Tue Oct 22 08:20:55 2013] <kirillt> gdsfh, oh, seems to be
[Tue Oct 22 08:50:39 2013] <anderslundstedt> is it possible to get the following operator overloading to work? http://pastebin.com/a0cF8qd8
[Tue Oct 22 10:22:31 2013] <kirillt> I want to destruct n into 0, S 0, and S S n' and then use induction hypothesis for it. Can I perform such tricky induction?
[Tue Oct 22 10:24:13 2013] <kirillt> It is useful for proof about evenb function. If I define it with `match n with | O => true | S (S n') => evenb n' | _ => false' then it is hard to prove that it is equal to inductive-defined even predicate (`Inductive even : nat -> Prop := ...').
[Tue Oct 22 10:27:05 2013] <kirillt> I have thought only about new fake natural inductive with three constructors, but it is awful.
[Tue Oct 22 10:27:53 2013] <ystael> kirillt: Try strengthening the proposition you are trying to prove so that you get a stronger inductive hypothesis from a single (one-step) induction.
[Tue Oct 22 10:28:00 2013] <ianjneu> there was a recent thread on the mailing list about such stuff too
[Tue Oct 22 10:29:10 2013] <kirillt> ianjneu, I think it should be possible to google mailing archive with this topic, but can't imageine keywords for search.
[Tue Oct 22 10:29:31 2013] <kirillt> ystael, hmm, will think about it
[Tue Oct 22 10:31:39 2013] <ianjneu> https://sympa.inria.fr/sympa/arc/coq-club/2013-10/msg00156.html
[Tue Oct 22 10:34:12 2013] <kirillt> ianjneu, thank you
[Tue Oct 22 10:48:31 2013] <kirillt> ianjneu, the thread is not about induction =/
[Tue Oct 22 10:52:01 2013] <robbert> kirillt: You are best of proving the induction principle with two bases here.
[Tue Oct 22 10:52:24 2013] <robbert> that is forall (P : nat -> Prop), P 0 -> P 1 -> (forall x, P x -> P (S x) -> P (S (S x))) -> forall x, P x.
[Tue Oct 22 10:52:38 2013] <robbert> and then use that to do your proof that evenb x -> even x.
[Tue Oct 22 10:54:08 2013] <kirillt> robert, how should I define this induction principle?
[Tue Oct 22 10:54:26 2013] <kirillt> robert, and how to use it? Just `apply'?
[Tue Oct 22 10:55:47 2013] <robbert> kirilt: Lemma nat_ind_2 (P : nat -> Prop) :
[Tue Oct 22 10:55:49 2013] <robbert>   P 0 -> P 1 -> (forall x, P x -> P (S x) -> P (S (S x))) -> forall x, P x.
[Tue Oct 22 10:56:08 2013] <robbert> kirilt: induction n using nat_ind_2
[Tue Oct 22 10:56:14 2013] <robbert> or just apply or refine it
[Tue Oct 22 10:56:22 2013] <kirillt> oh, very good, thanks
[Tue Oct 22 11:01:20 2013] <kirillt> but I stuck at the same moment while proving nat_ind_2 :)
[Tue Oct 22 11:01:59 2013] <kirillt> I am trying to do it with `induction n. apply P0. induction n. apply P1. (* ? *)'.
[Tue Oct 22 11:02:18 2013] <robbert> You need to prove a more general statement than just forall x, P x
[Tue Oct 22 11:02:26 2013] <robbert> think about that kind of more general statement you should prove
[Tue Oct 22 11:05:23 2013] <kirillt> how can it be more general?
[Tue Oct 22 11:05:54 2013] <kirillt> I mean more general and be useful for nat_ind_2 proving.
[Tue Oct 22 11:06:29 2013] <robbert> well, as you may have noticed when just saying induction x, your induction hypothesis is not strong enough
[Tue Oct 22 11:07:05 2013] <robbert> so, the idea is to prove [forall x, Q x] for a certain [Q : nat -> Prop] such that [Q x -> P x] and such that the induction proof works
[Tue Oct 22 11:11:29 2013] <kirillt> robbert, are you talking now about my goal or about nat_ind_2 lemma?
[Tue Oct 22 12:23:04 2013] <chris2> anyone have considerable experience with ssreflect that i could bug for a few questions on general work flow?
[Tue Oct 22 16:15:14 2013] <anderslundstedt> for inductive types, is there any direct way to get the relation "x is equal to y or x is used in the construction of y". Example: http://pastebin.com/A8e3Pg91
[Wed Oct 23 08:09:19 2013] <roosbeef> sup guys :)
[Wed Oct 23 10:12:54 2013] <roosbeef> is it possible to have a function print debug info?
[Wed Oct 23 10:13:04 2013] <roosbeef> (as its running through some loop for example)
[Wed Oct 23 10:16:20 2013] <gdsfh> roosbeef: it's possible to prevent reduction of some expression[s].  Take a look at https://bitbucket.org/gds/coq-breakpoints/src/tip/Bp_examples.v
[Wed Oct 23 10:16:49 2013] <gdsfh> it's not the same, but it's useful for debugging.
[Wed Oct 23 10:17:25 2013] <roosbeef> ha nice
[Wed Oct 23 10:17:35 2013] <roosbeef> so you'll know when the loop enters some case
[Wed Oct 23 10:18:22 2013] <gdsfh> exactly.
[Wed Oct 23 10:18:54 2013] <roosbeef> Error: Cannot find library Breakpoints in loadpath
[Wed Oct 23 10:19:21 2013] <gdsfh> roosbeef: it's my library.  https://bitbucket.org/gds/coq-breakpoints
[Wed Oct 23 10:19:30 2013] <roosbeef> oh :P
[Wed Oct 23 10:19:52 2013] <roosbeef> lemme plug that in then
[Wed Oct 23 10:20:12 2013] <gdsfh> (my -- code; ideas are not mine.)
[Wed Oct 23 10:20:59 2013] <gdsfh> you can just copy Breakpoints.v to your source tree.  No external dependencies.
[Wed Oct 23 10:23:28 2013] <roosbeef> Error: The reference BREAK was not found in the current environment.
[Wed Oct 23 10:23:39 2013] <gdsfh> roosbeef: please read README file first.
[Wed Oct 23 10:23:44 2013] <roosbeef> :p
[Wed Oct 23 10:26:23 2013] <gdsfh> also decide first, do you need one kind of breakpoints or many.  in former case it's more convenient to use nameless breakpoints, in latter case use named ones.
[Wed Oct 23 10:27:31 2013] <roosbeef> gdsfh, awesome stuff! Definitely gonna help me to sharpen my source code
[Wed Oct 23 10:28:17 2013] <gdsfh> roosbeef: glad you've liked it.
[Wed Oct 23 11:38:51 2013] <kirillt> How to apply function to both sides of hypothesis?
[Wed Oct 23 11:39:11 2013] <kirillt> I.e `H : x = y' -> `H: length x = length y'.
[Wed Oct 23 11:55:53 2013] <ystael> kirillt: try: pose (H1 := length x = length x); rewrite -> H in H1 at 1
[Wed Oct 23 11:56:10 2013] <ystael> eh, H1 := refl_equal (length x)
[Wed Oct 23 11:56:26 2013] <ystael> probably there's a better way
[Wed Oct 23 12:07:51 2013] <kirillt> ystael, I did it with `assert', but it is not very pretty.
[Wed Oct 23 12:09:07 2013] <kirillt> Hmm, is there rev_injective lemma?
[Wed Oct 23 12:09:31 2013] <kirillt> (in standard library)
[Wed Oct 23 12:35:17 2013] <kirillt> Hmm, and very strange thing: inductive hypothesis isn't generated when I do induction on tuple (like `induction (xs, rev xs)').
[Wed Oct 23 12:36:00 2013] <kirillt> like it is a `destruct'.
[Wed Oct 23 13:17:55 2013] <ystael> kirillt: That's because it is effectively a destruct -- the constructor of a tuple type isn't recursive, so the induction principle generated is just a destructuring one.
[Wed Oct 23 13:19:13 2013] <ystael> You can see this yourself by doing something like Inductive two_tuple (A: Set) (B: Set): Set := | mk2: A -> B -> two_tuple A B.
[Wed Oct 23 13:19:38 2013] <ystael> and then examining the type of the generated induction principle two_tuple_ind.
[Wed Oct 23 13:33:39 2013] <kirillt> ystael, is it difficult to construct my own inductive principle for this purpose?
[Wed Oct 23 13:34:13 2013] <kirillt> ystael, don't know yet what it should be...
[Wed Oct 23 13:38:07 2013] <gdsfh> kirillt: maybe "remember xs as xs_rem; induction xs as [ | x xs' ]" would suffice?  (by trying to do induction over tuple i guess you want to store previous xs for later use.  maybe i'm wrong.)
[Wed Oct 23 13:38:53 2013] <gdsfh> no, it's not that case.
[Wed Oct 23 13:40:35 2013] <gdsfh> kirillt: how do you think induction over "rev xs" should work?  use simple induction over "xs" and use facts about "rev".
[Wed Oct 23 13:50:10 2013] <robbert> kirillt: apply (f_equal length) in H
[Wed Oct 23 13:58:07 2013] <ystael> robbert: ah, f_equal, that was the thing i couldn't remember
[Wed Oct 23 13:58:29 2013] <ystael> There should be something where you enter the type of the term you want and it finds it in the standard library :)
[Wed Oct 23 14:01:00 2013] <robbert> ystael: SearchAbout, SearchPattern ?
[Wed Oct 23 14:01:59 2013] <ystael> robbert: ooh, that's close!  thank you!
[Wed Oct 23 14:02:07 2013] <ystael> I am instructed :)
[Wed Oct 23 18:45:29 2013] <kirillt> gdsfh, or induction xs and destruct (rev xs) if I understand correctly
[Wed Oct 23 18:45:48 2013] <kirillt> gdsfh, even don't remember my own intention behind that
[Wed Oct 23 18:46:26 2013] <kirillt> robbert, yep, the nicest solution
[Wed Oct 23 18:48:37 2013] <kirillt> Guys, if you use Coq for solving "industrial" problems, which problems these are?
[Thu Oct 24 12:39:52 2013] <ianjneu> mumble.
[Thu Oct 24 14:59:52 2013] <kirillt> Is there composition function?
[Thu Oct 24 14:59:59 2013] <kirillt> like `.' in haskell.
[Thu Oct 24 15:01:42 2013] <kirillt> (Found `compose' in Coq.Program.Basics.)
[Thu Oct 24 15:11:28 2013] <cwinebrinner> t
[Thu Oct 24 16:50:12 2013] <osa1> this LBNF stuff looks cool. I was looking for similar tools(trying to move away from SDF), does anyone know what parsing algorith is used in LBNF generated parsers?
[Thu Oct 24 16:50:54 2013] <osa1> hmm, LALR, I guess
[Thu Oct 24 17:16:08 2013] <ianjneu> Could be like Danny Yoo's ragg in Racket.
[Thu Oct 24 17:17:35 2013] <ianjneu> eh, but ragg doesn't do precedence yet. LBNF probably uses earley parsing since there are no written caveats about ambiguity
[Thu Oct 24 17:27:09 2013] <osa1> ianjneu: it's probably LALR because it's generating Happy code for Haskell frontend
[Thu Oct 24 17:27:14 2013] <osa1> which means LALR
[Thu Oct 24 17:39:56 2013] <lopho> it suggests it is LALR in chapter 10
[Fri Oct 25 07:08:33 2013] <rks`> hi!
[Fri Oct 25 07:08:41 2013] <rks`> can anyone help me with that error : http://paste.awesom.eu/vzF ?
[Fri Oct 25 07:08:57 2013] <rks`> hmmm
[Fri Oct 25 07:09:40 2013] <rks`> I mean, that error http://paste.awesom.eu/TZ8
[Fri Oct 25 13:22:39 2013] <anderslundstedt> in context: "H : for all f : A -> B, f a = a". goal: "(for all (b : B) (f : A -> B), P (f a) b) <-> (for all b : B, P a b)", where P is some predicate. How do I finish the proof quickly? Is there a rewrite tactic to make the equivalence in the goal trivial?
[Fri Oct 25 13:32:13 2013] <funfunctor> hi, I am trying to define a new lexical type using a regexpression.. token IPIdent (digit{1,3}\.){3,3} digit{1,3}
[Fri Oct 25 13:32:26 2013] <funfunctor> http://bnfc.digitalgrammars.com/LBNF-report.pdf I don't fully get the syntax outlined here... Can anyone help?
[Fri Oct 25 13:37:26 2013] <ianjneu> perhaps #haskell is a better place to ask?
[Fri Oct 25 14:04:29 2013] <funfunctor> I asked in both places :/
[Fri Oct 25 14:28:33 2013] <ianjneu> Well maybe a mailing list is the next place to try
[Sun Oct 27 09:59:31 2013] <peterbb> There seems to be a bug in the definition of monoid on http://coq.inria.fr/a-short-introduction-to-coq (see the notation of op). Anyone know who one can contact for that?
[Sun Oct 27 10:14:37 2013] <robbert> peterbb: that's a subtle bug :) I guess the bugtracker: http://www.lix.polytechnique.fr/coq/bugs/
[Sun Oct 27 10:40:46 2013] <peterbb> report sent. :)
[Sun Oct 27 13:53:31 2013] <maxiepoo> Is there somewhere I can find a reference on the refine error "Error: Refiner was given an argument _ of type _ instead of _"?
[Sun Oct 27 13:53:42 2013] <maxiepoo> I can't find it in the error index
[Sun Oct 27 13:54:24 2013] <maxiepoo> and the code I'm getting the error for seems to be type correct
[Sun Oct 27 14:02:04 2013] <robbert> maxiepoo: Maybe Set Printing All. will give a better error message?
[Sun Oct 27 14:02:50 2013] <maxiepoo> hm, doesn't change the error message
[Sun Oct 27 14:15:38 2013] <maxiepoo> hm it actually seems to be a problem with fix with 2 mutually recursive functions
[Sun Oct 27 14:16:12 2013] <maxiepoo> I'm calling with one function but the error message says that I'm applying the other one
[Sun Oct 27 14:24:37 2013] <lpaste> maxiepoo pasted “Weird Refine Mutual Fixpoint Error” at http://lpaste.net/94883
[Sun Oct 27 14:27:15 2013] <maxiepoo> oh whoops I posted the wrong thing
[Sun Oct 27 14:28:45 2013] <lpaste> maxiepoo revised “Weird Refine Mutual Fixpoint Error”: “No title” at http://lpaste.net/94883
[Sun Oct 27 14:29:08 2013] <maxiepoo> ok that's the problematic code
[Sun Oct 27 14:31:04 2013] <maxiepoo> I get the error: The term "F" of type "forall x : b, onesB x -> @sig a (fun y : a => onesA y)"
[Sun Oct 27 14:31:20 2013] <maxiepoo> cannot be applied to the terms "z" : "a" "aTob z H" : "onesA z"
[Sun Oct 27 14:31:57 2013] <maxiepoo> but I'm not calling F on z, I'm calling G!
[Sun Oct 27 22:17:48 2013] <defanor> "Imp programs that don't involve while loops always terminate. State and prove a theorem that says this." -- how could i state such thing? should it be something like 'there always exists a result of expression if there's no while in it'?
[Sun Oct 27 22:19:45 2013] <defanor> (it's from http://www.cis.upenn.edu/~bcpierce/sf/Imp.html)
[Sun Oct 27 22:21:59 2013] <amosr> defanor: that sounds right to me
[Sun Oct 27 22:22:37 2013] <defanor> amosr: thanks, going to try then
[Mon Oct 28 00:17:50 2013] <jk4> Ada has general loops
[Mon Oct 28 00:17:55 2013] <jk4> loop ... end loop;
[Mon Oct 28 00:18:01 2013] <jk4> no faked up conditions
[Mon Oct 28 00:18:11 2013] <jk4> no for (;;) shit or while (true)
[Mon Oct 28 00:19:11 2013] <jk4> The idea being that in Ada the typical infinite loop would normally end with detonation heh
[Mon Oct 28 00:19:56 2013] <jk4> there are while loops, but no one really uses them
[Mon Oct 28 00:21:01 2013] <jk4> usually just use an exit statement in the loop.
[Mon Oct 28 00:21:39 2013] <jk4> loop Do_Stuff; exit when Whatever_Evals_To_True; More_Stuff; end loop;
[Mon Oct 28 00:23:27 2013] <jk4> actually Ada for loops *can't* go on forever. they have a well defined range over which they iterate and then they're done
[Mon Oct 28 00:31:37 2013] <jk4>                   /o/
[Mon Oct 28 12:58:57 2013] <kirillt> The only difference between `sumbool' and `\/' is in that '\/' is Prop and `sumbool' is Set?
[Mon Oct 28 13:00:39 2013] <ianjneu> most likely.
[Mon Oct 28 13:01:01 2013] <ianjneu> Proof relevance versus proof irrelevance.
[Mon Oct 28 13:01:11 2013] <kirillt> ?
[Mon Oct 28 13:01:43 2013] <kirillt> What is "proof relevance"?
[Mon Oct 28 13:04:39 2013] <kirillt> Am I right that we can use both Prop and Set inside proofs and inside definitions?
[Mon Oct 28 13:06:46 2013] <kirillt> Oh, seems that answer is "no".
[Mon Oct 28 13:07:37 2013] <kirillt> But why? What reason for that?
[Mon Oct 28 13:08:56 2013] <ianjneu> Proof irrelevance is useful for sanity's sake.
[Mon Oct 28 13:09:42 2013] <ianjneu> proof relevance is just another way of saying that something can be inspected, and further drive computations.
[Mon Oct 28 13:10:43 2013] <ianjneu> Proof irrelevance just means you have a proof, you don't care what it is, and you can treat all proofs as the same. That latter bit means that for soundness' sake, you may not inspect proof-irrelevant data (i.e. stuff in Prop)
[Mon Oct 28 13:11:49 2013] <ianjneu> Proof irrelevance is what homotopy type theorists call call 0-truncation.
[Mon Oct 28 13:11:54 2013] <ianjneu> -call
[Mon Oct 28 13:12:43 2013] <ianjneu> that is, proofs of identity of elements of the type (proposition) are all equivalent.
[Mon Oct 28 15:39:00 2013] <cmeiklejohn> anyone got an example of proving something that involves a fold_left
[Mon Oct 28 17:30:01 2013] <Ptivampire> cmeiklejohn: I have two reasoning things here https://github.com/Ptival/compcert-alias/blob/alias/backend/AliasAnalysis.v
[Mon Oct 28 17:30:24 2013] <Ptivampire> they aren't great proofs though :)
[Mon Oct 28 17:30:42 2013] <Ptivampire> not sure what you're looking for
[Mon Oct 28 17:31:08 2013] <Ptivampire> but I found these two things useful for my proofs, because I would mostly reason about monotonic operations
[Mon Oct 28 17:37:57 2013] <milleral> your thousand line proof scares me
[Mon Oct 28 17:39:04 2013] <Ptivampire> milleral: yeah that file is terrible, it was my first step into Coq :)
[Mon Oct 28 17:39:22 2013] <milleral> * is still making his way through software foundations
[Tue Oct 29 00:55:47 2013] <maxiepoo> hm, how can I get the typechecker to do some type level arithmetic?
[Tue Oct 29 00:56:04 2013] <maxiepoo> The term "NodeSame (S m) (Rec m r) y l" has type "brauntree (S (2 * S m))"
[Tue Oct 29 00:56:05 2013] <maxiepoo>  while it is expected to have type "brauntree (S (S (S (2 * m))))".
[Tue Oct 29 11:18:31 2013] <kirillt> How to dispatch on result of boolean function?
[Tue Oct 29 11:19:01 2013] <kirillt> I.e. I have expression `p a' in my goal and I want to split goal into cases when `p a' is true and false.
[Tue Oct 29 11:19:23 2013] <kirillt> `destruct (p a)' doesn't help, because it doesn't create new hypothesis to use.
[Tue Oct 29 11:19:51 2013] <kirillt> And `destruct (p a) as _eqn:X' doesn't work.
[Tue Oct 29 11:20:29 2013] <kirillt> (because it needs pattern before, but I can't give pattern to boolean value)
[Tue Oct 29 11:24:08 2013] <maxiepoo_> what's wrong with `destruct (p a)`?
[Tue Oct 29 11:24:32 2013] <maxiepoo_> doesn't it split into 2 subgoals one where `p a` is replaced by true and another false?
[Tue Oct 29 11:25:03 2013] <kirillt> maxiepoo, it doesn't replace somehow.
[Tue Oct 29 11:25:22 2013] <kirillt> Oh.
[Tue Oct 29 11:25:25 2013] <kirillt> Or I am blind.
[Tue Oct 29 11:25:55 2013] <kirillt> Yeah, its ok. I just didn't see goal change.
[Tue Oct 29 11:26:14 2013] <maxiepoo_> oh haha
[Tue Oct 29 11:27:08 2013] <kirillt> But for the future issues: is there universal way to create hypothesis from destruct? I use `destruct term as [] _eqn:H' now.
[Tue Oct 29 11:27:51 2013] <kirillt> Not sure if it is useful for booleans.
[Tue Oct 29 11:28:02 2013] <kirillt> But my way doesn't work.
[Tue Oct 29 11:28:15 2013] <maxiepoo_> what hypothesis do you want
[Tue Oct 29 11:28:34 2013] <kirillt> `term = true' and `term = false'
[Tue Oct 29 11:29:27 2013] <kirillt> Does `destruct' replaces the term with its value only in goal or in any other hypothesis too?
[Tue Oct 29 11:30:09 2013] <maxiepoo_> I think everywhere
[Tue Oct 29 11:30:59 2013] <kirillt> Hmm, seems my problem didn't solved. The goal is changed, but I need info about the term again after applyin some rules.
[Tue Oct 29 11:31:30 2013] <kirillt> I think it is possible to workaround with `assert'.
[Tue Oct 29 11:31:50 2013] <kirillt> Ah, or not.
[Tue Oct 29 11:32:15 2013] <maxiepoo_> if you have a symbol {b = true} + {b = false} and destruct you get those terms
[Tue Oct 29 11:32:19 2013] <maxiepoo_> sumbool*
[Tue Oct 29 11:33:10 2013] <maxiepoo_> sumbools are typically more useful for proofs
[Tue Oct 29 11:33:15 2013] <maxiepoo_> than booleans
[Tue Oct 29 11:33:30 2013] <kirillt> Is there function for converting bool into sumbool?
[Tue Oct 29 11:33:38 2013] <maxiepoo_> no
[Tue Oct 29 11:33:42 2013] <maxiepoo_> er
[Tue Oct 29 11:33:56 2013] <maxiepoo_> I'm not sure what you mean
[Tue Oct 29 11:34:07 2013] <maxiepoo_> sumbools carry more information
[Tue Oct 29 11:34:59 2013] <kirillt> I mean I have `p x' and want to get sumbool {p x = true} + {p x = false} value in my context.
[Tue Oct 29 11:37:00 2013] <maxiepoo_> I don't know if there's one in the stdlib
[Tue Oct 29 11:37:59 2013] <maxiepoo_> but I think the best way to do it is to change your p to return sumbool proofs instead of booleans
[Tue Oct 29 11:38:09 2013] <maxiepoo_> unless you're actually proving some property of booleans
[Tue Oct 29 11:38:14 2013] <kirillt> Seems that it not hard to do what I want: `assert (PA : {p a = true} + {p a = false}). destrut (p a). apply left. reflexivity. apply right. reflexivity.'
[Tue Oct 29 11:39:18 2013] <kirillt> maxiepoo, maybe, just wanted to save purity of `filter' definition (exercise from SF).
[Tue Oct 29 11:39:25 2013] <kirillt> maxiepoo, maybe, just wanted to save purity of `filter' definition (exercise from SF).
[Tue Oct 29 11:40:02 2013] <maxiepoo_> ah
[Wed Oct 30 00:42:40 2013] <defanor_> http://www.cis.upenn.edu/~bcpierce/sf/Imp.html -- i'm stuck on s_compile_correct exercise now, can't make up that more general lemma and need some advice. here are my definitions of those functions: http://lpaste.net/6048620838301728768
[Wed Oct 30 00:52:40 2013] <defanor_> googled a solution, but it'll be too big hint
[Wed Oct 30 00:53:13 2013] <defanor_> ugh, will check lemma statement =/
[Wed Oct 30 00:53:58 2013] <defanor_> oh, i thought about such thing even
[Wed Oct 30 01:17:37 2013] <defanor_> no, the question is actual still. there's a huge proof where i found it, i don't think it should be that large
[Wed Oct 30 01:18:16 2013] <defanor_> googled some hints
[Wed Oct 30 08:01:09 2013] <kirillt> Can I split my proof into cases depending on equality of two objects?
[Wed Oct 30 08:01:28 2013] <kirillt> E.g. if a = x then ... else ...
[Wed Oct 30 08:02:00 2013] <kirillt> I can if I have boolean equality function, then I can use just `destruct (eq a x)'. But what if I haven't?
[Wed Oct 30 08:02:40 2013] <kirillt> For instance, if I have to prove the goal for any type X.
[Wed Oct 30 08:02:42 2013] <gdsfh> kirillt: so you can't.  (but it's better to destruct eq-dec-like functions.  {a = b} + {a <> b})
[Wed Oct 30 08:04:15 2013] <kirillt> gdsfh, is it impossible because of constructivity? It seems to require excluded middle to do such thing that I want (not sure, just assumption).
[Wed Oct 30 08:04:44 2013] <kirillt> I mean in classic logic we know that either a = x or a <> x, here we don't know.
[Wed Oct 30 08:04:52 2013] <kirillt> Am I right?
[Wed Oct 30 08:07:52 2013] <gdsfh> kirillt: excluded middle should help, but it's not good to use it if you don't need it for other parts of program/proof.  Better solution is: when you need to use equality on values of some type, make sure the user of your function will supply eq-dec function.  You can use typeclasses to ease this process.  (with typeclasses coq can find and construct instances.)
[Wed Oct 30 08:08:59 2013] <kirillt> gdsfh, yeah, I think the same, too. I taled about excluded middle not because I wanted to use it, just insight about reasons to impossibility of the thing.
[Wed Oct 30 08:14:50 2013] <gdsfh> kirillt: "Goal 2 + 2 = 4. auto. Show Proof." gives "Proof: eq_refl 4".  So the mechanics of " = " seems to be: "convert both values to normal form then match them syntactically".  Proofs are just functions, they can't work with syntax of values you give them, they work with values only.
[Wed Oct 30 08:14:54 2013] <gdsfh> (it's lame enough explanation however.  maybe someone will explain better.)  Also imagine X = nat -> nat.  What about equality on functions?
[Wed Oct 30 08:29:15 2013] <kirillt> gdsfh, ye, I didn't think about equality on functions.
[Wed Oct 30 08:29:32 2013] <kirillt> Thanks for explanations.
[Wed Oct 30 11:14:48 2013] <kirillt> Anybody uses ssreflect?
[Wed Oct 30 11:55:08 2013] <kirillt> If anybody uses ssreflect under ubuntu answer please: do you use packages libssreflect-coq or compiled and installed ssreflect from sources?
[Wed Oct 30 11:55:29 2013] <kirillt> I installed packages but can't make simple example with "make=>" work.
[Wed Oct 30 12:01:38 2013] <kirillt> Oh, seems it works. Just need to import files.
[Wed Oct 30 12:03:03 2013] <kirillt> ssrcoq --version
[Wed Oct 30 12:06:06 2013] <kirillt> Also, both `coqc' and `ssrcoq -compile' compile tutorial successfully. What difference?
[Wed Oct 30 15:01:43 2013] <kirillt> Why I can apply `and' which is of type `Prop -> Prop -> Prop' to booleans? `A /\ B' where A and B are of type `bool' succeed.
[Wed Oct 30 15:04:34 2013] <kirillt> Or is it a ssreflect's feature?
[Wed Oct 30 15:16:19 2013] <gdsfh> kirillt: "Goal true /\ false." <-- doesn't typecheck in plain coq (and shouldn't).
[Wed Oct 30 15:20:01 2013] <kirillt> gdsfh, yep, seems that ssreflect uses coercion for converting bool into Prop (`x' -> `x = true').
[Wed Oct 30 19:02:59 2013] <defanor> http://lpaste.net/7084625808328753152 -- i've getting 'The term "c1" has type "com" while it is expected to have type "Top.com".' with this. what's wrong there?
[Wed Oct 30 19:04:15 2013] <defanor> it's about 'c1' from (c1 ;; c2) / st1 || s2 / st3
[Wed Oct 30 19:04:46 2013] <defanor> *i'm
[Wed Oct 30 19:06:10 2013] <defanor> (http://www.cis.upenn.edu/~bcpierce/sf/Imp.html, break_imp exercise)
[Wed Oct 30 19:10:45 2013] <defanor> oh, notation is changed here
[Wed Oct 30 19:10:55 2013] <defanor> ';' instead of ';;'
[Wed Oct 30 19:59:34 2013] <defanor> now i'm stuck on while_break_true, can't figure out how should those states look like. advices are welcome
[Wed Oct 30 20:03:42 2013] <defanor> trying induction on c now
[Wed Oct 30 22:14:08 2013] <defanor> passed that one, but now stuck on ceval_deterministic
[Fri Nov  1 00:09:38 2013] <moorcock.freenode.net> [freenode-info] channel trolls and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Fri Nov  1 08:31:03 2013] <kirillt> What is "strong" induction?
[Fri Nov  1 08:39:31 2013] <kirillt> Oh, I found it.
[Fri Nov  1 20:36:13 2013] <defanor> if i have 'A' in context, and a defined theorem stating that 'A <-> B', how could i replace it with 'B', without additional assertions?
[Fri Nov  1 20:36:34 2013] <defanor> oh, sorry, will rewrite the question. it's not clear
[Fri Nov  1 20:37:03 2013] <defanor> the theorem is 'negb_false_iff: forall b : bool, negb b = false <-> b = true'
[Fri Nov  1 20:37:26 2013] <defanor> and i have 'negb (beval st b) = true' in context
[Fri Nov  1 20:37:51 2013] <defanor> i want to get '(beval st b) = true'
[Fri Nov  1 20:38:13 2013] <defanor> in some simple and clean way
[Fri Nov  1 20:38:41 2013] <defanor> but getting 'negb (negb (beval st b)) = false' if i'm just applying that theorem
[Fri Nov  1 20:47:40 2013] <defanor> s/'(beval st b) = true'/'(beval st b) = false'/. solved that exercise without it (with two applications instead of one) already, but question is actual still: it would be useful to know anyway
[Fri Nov  1 22:04:32 2013] <JoeyA> Is the law of excluded middle required to prove forall a b : Prop, a /\ b <> (~ (~ a \/ ~ b))  ?
[Fri Nov  1 22:05:05 2013] <JoeyA> i.e. De Morgan's laws
[Fri Nov  1 22:12:34 2013] <JoeyA> I guess so.  Proofs are on http://coq.inria.fr/V8.1/stdlib/Coq.Logic.Classical_Prop.html
[Fri Nov  1 22:17:51 2013] <JoeyA> Oops, I messed up the operator precedence.  It's (a /\ b) <> (~ (~ a \/ ~ b).
[Fri Nov  1 22:32:31 2013] <JoeyA> Double oops.  It's <->, not <>.  <> means not-equals.
[Sun Nov  3 16:07:27 2013] <ianjneu> jgross: how many people do you have interested in the HoTT reading group?
[Sun Nov  3 16:35:43 2013] <jgross> Currently about 10, including me. 
[Sun Nov  3 16:38:27 2013] <Ptival> have you started already?
[Sun Nov  3 16:38:35 2013] <Ptival> I could get interested in that...
[Sun Nov  3 16:40:33 2013] <jgross> Ptival: No, I'm planning to start at the beginning of January, and meet weekly in some MIT classroom.  Perhaps I should post the ad to the HoTT mailing list and/or the HoTT-amateurs mailing list and/or the ##hott channel? 
[Sun Nov  3 16:57:13 2013] <Ptival> jgross: oh I see
[Sun Nov  3 17:06:21 2013] <chris2> btw, anyone following the harper course on hott?
[Sun Nov  3 18:11:38 2013] <ianjneu> chris2: I just starting watching the lectures, but it's a lot of rehashing the OPLSS lectures.
[Sun Nov  3 18:13:03 2013] <chris2> didnt watch these yet
[Sun Nov  3 18:13:40 2013] <ianjneu> I have a pretty strong background in ITT, and he doesn't do a lot of lectures on transport, suspensions, HITs or encode/decode proofs...
[Sun Nov  3 18:13:54 2013] <ianjneu> So it's an exercise in patience.
[Sun Nov  3 18:15:11 2013] <chris2> hm, ok
[Sun Nov  3 18:16:37 2013] <ianjneu> I'm up to chapter 8 in the HoTT book, and I've looked forward a little bit, but after HITs, the book starts going 0.95 * c
[Sun Nov  3 18:16:50 2013] <chris2> hehe
[Sun Nov  3 18:17:25 2013] <ianjneu> Ptival: are you in the Boston area?
[Sun Nov  3 18:26:47 2013] <Ptival> ianjneu: no
[Sun Nov  3 18:26:56 2013] <Ptival> I thought it was the online reading group
[Sun Nov  3 18:44:03 2013] <ianjneu> Ptival: maybe we could set up a ventrillo or something.
[Mon Nov  4 11:14:37 2013] <ystael> jgross: Do you have any plans for remote access (google hangout or whatever) to the HoTT reading group?  I am interested but would not be able to attend in person if it is during the day on weekdays.
[Mon Nov  4 12:18:19 2013] <kini> ystael: you might ask in #HoTT, there might be more group members in there than here (?)
[Mon Nov  4 12:18:26 2013] <kini> er, ##HoTT
[Mon Nov  4 12:25:18 2013] <ianjneu> jgross hasn't told us when/where yet.
[Mon Nov  4 12:25:45 2013] <ianjneu> I would be fine taking my laptop and a webcam to make a hangout
[Mon Nov  4 17:22:30 2013] <milleral> Homotopy Type Theory book?
[Mon Nov  4 17:27:16 2013] <Anarchos> where where ?
[Mon Nov  4 17:29:37 2013] <milleral> I'm trying to guess what HoTT is
[Mon Nov  4 17:29:53 2013] <defanor_> yes. i think
[Mon Nov  4 17:30:04 2013] <defanor_> http://homotopytypetheory.org/book/
[Mon Nov  4 17:35:25 2013] <Anarchos> milleralkind of a dragon...
[Mon Nov  4 17:37:57 2013] <Anarchos> milleral oh it comes from IAS !
[Mon Nov  4 17:38:55 2013] <milleral> * hasn't heard of the IAS before
[Mon Nov  4 17:40:00 2013] <Anarchos> milleral it was the laboratory of einstein :)
[Mon Nov  4 17:40:30 2013] <milleral> oh cool
[Mon Nov  4 18:00:56 2013] <Anarchos> milleral just by the names listed in the book, i can assure you it is valuable
[Mon Nov  4 18:01:19 2013] <milleral> I'm just hoping I'll be able to understand it :)
[Mon Nov  4 18:02:16 2013] <Anarchos> i will look at it tomorrow at work :)
[Mon Nov  4 20:49:00 2013] <maxiepoo_> So I'm trying to Eval a term, but it won't reduce past a Fix_F
[Mon Nov  4 20:49:32 2013] <maxiepoo_> I've tried Eval compute, simpl, hnf, red and they all get stuck there or sooner
[Mon Nov  4 20:50:31 2013] <maxiepoo_> the term is a terminating computation, so I don't know why I can't just force it to eval all the way
[Mon Nov  4 20:51:46 2013] <maxiepoo_> are there any other evaluation strategies I could use?
[Mon Nov  4 21:31:21 2013] <peterbb> Anyone who knows any literature about formalizing claims of fresh variables in derivations, where the freshness-claim is "global", i.e. can't really be checked locally.
[Tue Nov  5 12:38:57 2013] <Xenasis> How do I install Coq properly if I have OCaml version 4 or up?
[Tue Nov  5 12:41:08 2013] <Xenasis> apt-get install is telling me I need 3.12.1, though I had to manually install 4.02.0 from the svn repo, and I can't find a download for the CoqIDE thing, only Coq
[Tue Nov  5 12:43:26 2013] <Ptival> Xenasis: the apt-get version of Coq seems fairly old, I'd recommend building it manually at that point :\
[Tue Nov  5 12:44:35 2013] <Xenasis> Yeah, the reason I had to build OCaml manually was because the apt-get OCaml was 3.12.1, and my lecturer uses 4.01.1, as is required
[Tue Nov  5 12:44:52 2013] <Xenasis> The problem is that I can't find anywhere to get CoqIDE to build
[Tue Nov  5 12:45:17 2013] <Xenasis> http://coq.inria.fr/download
[Tue Nov  5 12:45:19 2013] <Ptival> is CoqIDE required for the lecture?
[Tue Nov  5 12:45:31 2013] <Ptival> otherwise, I find ProofGeneral to be a much nicer environment
[Tue Nov  5 12:45:41 2013] <Xenasis> Coq isn't required at all, but you can use Coq or Agda for bonus marks
[Tue Nov  5 12:45:44 2013] <Xenasis> plus they look fun
[Tue Nov  5 12:46:05 2013] <Ptival> do you use emacs? :\
[Tue Nov  5 12:46:10 2013] <Xenasis> I do
[Tue Nov  5 12:46:25 2013] <Ptival> then I highly suggest installing ProofGeneral instead of trying CoqIDE
[Tue Nov  5 12:46:33 2013] <Xenasis> Alrighty
[Tue Nov  5 12:51:17 2013] <Xenasis> http://hammerprinciple.com/therighttool/statements/i-often-feel-like-i-am-not-smart-enough-to-write-t
[Tue Nov  5 12:51:27 2013] <Xenasis> I'm not sure if this should scare or excite me
[Tue Nov  5 12:53:02 2013] <Ptival> Xenasis: both :)
[Tue Nov  5 12:53:39 2013] <Xenasis> File "kernel/univ.ml", line 229, characters 0-2:
[Tue Nov  5 12:53:39 2013] <Xenasis> Error: This comment contains an unterminated string literal
[Tue Nov  5 12:53:39 2013] <Xenasis> make[1]: *** [kernel/univ.cmo] Error 2
[Tue Nov  5 12:53:39 2013] <Xenasis> make[1]: Leaving directory `/home/andrew/Downloads/coq-8.4pl2'
[Tue Nov  5 12:53:39 2013] <Xenasis> make: *** [world] Error 2
[Tue Nov  5 12:53:41 2013] <Xenasis> ...huh
[Tue Nov  5 12:53:56 2013] <Ptival> huh
[Tue Nov  5 12:54:53 2013] <Ptival> what's on that line in your file?
[Tue Nov  5 12:55:06 2013] <Ptival> mine has (* between u v = {w|u<=w<=v, w canonical}          *)
[Tue Nov  5 12:55:35 2013] <Xenasis> One second, I'll find it
[Tue Nov  5 12:58:35 2013] <Xenasis> (* between u v = {w|u<=w<=v, w canonical}          *)
[Tue Nov  5 12:58:41 2013] <Xenasis> ...huh
[Tue Nov  5 13:00:06 2013] <Xenasis> they're the same line
[Tue Nov  5 13:15:21 2013] <Ptival> Xenasis: what does ocamlc -v return?
[Wed Nov  6 09:18:57 2013] <kirillt> How to get LibTactics module?
[Wed Nov  6 09:19:03 2013] <kirillt> Is there lib with it or somthing?
[Wed Nov  6 09:19:52 2013] <kirillt> I see gallium.inria.fr link with it but don't see convinient way to get it except copy-paste.
[Wed Nov  6 09:23:01 2013] <kirillt> Is "UseTactics" the name of it?
[Thu Nov  7 17:25:08 2013] <napping> It's pretty unfortunate that inductive types can't directly implement parameters in module types
[Thu Nov  7 17:25:31 2013] <napping> Need to fold or unfold the definition seems to confuse auto
[Fri Nov  8 17:41:42 2013] <Ptival> is there a way to bind a tactic to a name without running it?
[Fri Nov  8 17:42:42 2013] <jgross_> "Ltac foo := <tactic>." ? 
[Fri Nov  8 17:43:27 2013] <Ptival> oh I mean locally, sorry
[Fri Nov  8 17:43:48 2013] <Ptival> it's weird because
[Fri Nov  8 17:43:56 2013] <jgross_> "Local Ltac foo := <tactic>." ? 
[Fri Nov  8 17:43:57 2013] <Ptival> let t := fail in idtac. (* works *)
[Fri Nov  8 17:44:08 2013] <Ptival> but let t := mytactic in idtac. (* fails *)
[Fri Nov  8 17:44:41 2013] <Ptival> even when the toplevel of mytactic is a lazymatch
[Fri Nov  8 17:44:49 2013] <jgross_> Is mytactic a [match]?	Try "let t := (idtac; mytactic) in idtac.". 
[Fri Nov  8 17:45:37 2013] <Ptival> jgross_: indeed this works :s
[Fri Nov  8 17:45:43 2013] <jgross_> Coq treats things like [match] specially, because they might return a constr.  Like, if you do [let f := match goal with |- ?f => constr:(f) end in idtac f.], you want the goal, not a tactic. 
[Fri Nov  8 17:47:03 2013] <Ptival> sure
[Fri Nov  8 17:47:29 2013] <Ptival> though the solution seems arbitrary
[Fri Nov  8 17:49:10 2013] <jgross_> Any use of ; in the top level tactic you're binding will make it be treated as a tactic, rather than be eagerly evaluated.  You can also turn it into a tactic function, e.g., [let t := (fun _ => ...) in t idtac.] or something. 
[Sat Nov  9 10:00:19 2013] <Anarchos> copumpkin fun name you have :)
[Sat Nov  9 10:00:46 2013] <defanor_> yeah, i like that too
[Sat Nov  9 11:12:28 2013] <anderslundstedt> what is the best way to handle equivalence relations and operations that respect these relations? in my case I have an equivalence relation "==" and an operation "*". i have hypotheses a*b=x and a*b*c=y, from which i want to prove x*c=y. is there a quick way to this?
[Sat Nov  9 11:20:23 2013] <copumpkin> you'll need proof that * respects ==
[Sat Nov  9 11:20:53 2013] <copumpkin> something like x == y -> a == b -> x * a == y * b
[Sat Nov  9 11:21:04 2013] <copumpkin> or that it's subsitutive, which basically means everything respects it
[Sat Nov  9 11:22:15 2013] <copumpkin> need to go catch a train
[Sat Nov  9 11:34:22 2013] <anderslundstedt> thanks for the help. I have such a proof, is there a tactic then that gets the job done without having to apply that theorem and transitivity etc ....
[Sat Nov  9 14:50:11 2013] <Ptival> anderslundstedt: I think if you make proper morphism instances and use type classes you get a lot out of tactics like ring
[Sat Nov  9 14:50:17 2013] <Ptival> or just auto even?
[Sat Nov  9 14:51:49 2013] <anderslundstedt> Ptival: thanks. Do you have any recommended reading about type classes?
[Sat Nov  9 14:53:56 2013] <Ptival> probably this though I haven't read it http://www.labri.fr/perso/casteran/CoqArt/TypeClassesTut/typeclassestut.pdf
[Sat Nov  9 14:56:00 2013] <anderslundstedt> thank you
[Sun Nov 10 11:43:42 2013] <defanor_> http://www.cis.upenn.edu/~bcpierce/sf/Equiv.html -- i'm stuck on havoc_swap, and not sure if solved himp_ceval right. defined E_Havoc as "forall (st : state) (X : id) (n : nat), (HAVOC X) / st || update st X n", and now i think that even same program is not 'cequal' to itself, if it contains Havoc, but i also think that it's wrong =/ need some help
[Sun Nov 10 11:45:20 2013] <defanor_> *not 'cequiv'
[Sun Nov 10 11:47:36 2013] <defanor_> oh, wait, same program is cequiv to itself anyway
[Sun Nov 10 11:48:41 2013] <defanor_> and probably it should be cequiv in havoc_swap also
[Sun Nov 10 17:26:44 2013] <jrw> defanor_: your definition of E_Havoc looks right to me. the definition of cequiv makes it automatically reflexive, so you don't have to worry about that. and I think you're right that havoc_swap is "true", but I haven't actually done the exercise.
[Sun Nov 10 18:59:47 2013] <anderslundstedt> if i have a binary operation * that is proper wrt an equivalence relation ==, which tactic finishes proofs of goals like: x*y==z -> x*y*w=a -> z*w=a
[Sun Nov 10 19:00:49 2013] <anderslundstedt> = should be == everywhere in goal
[Sun Nov 10 19:18:34 2013] <Ptival> well it looks like I lied :\
[Sun Nov 10 19:23:17 2013] <anderslundstedt> not a big problem, and proper morphisms gives easy rewrites so still a big convenience
[Sun Nov 10 19:35:31 2013] <Rc43> Hi, guys.
[Sun Nov 10 19:36:18 2013] <Rc43> I am trying to install coq on my ubuntu, but SOMEHOW it depends on gnome, gtk and other stuff which I do not want to install.
[Sun Nov 10 19:36:52 2013] <Rc43> E.g. virtual package `libcoq-ocaml-twu11', what is it? What means "twu11"? I googled, but couldnt resolve by myself.
[Sun Nov 10 20:00:21 2013] <jgross> CoqIDE depends on Gtk.	I don't know if there's a package which is coq but not CoqIDE.	If you build it from source, you can build it without Gtk.  (You'll want to have ocaml and camlp5 and ocamlfind (ocaml-findlib, maybe?) installed first.  Also GNU make.) 
[Mon Nov 11 01:04:26 2013] <defanor_> jrw: thanks
[Mon Nov 11 16:06:03 2013] <quadelirus> I am trying to write a small library for real-weighted binary trees in Coq. I want a prune function which removes a leaf edge (edge to a leaf node) if its weight is equal to zero. I'm using Coq.Reals.Reals for real numbers. Neither of the following constructs work: if w = 0%R then ... else ... nor if Req_dec w 0 then ... else ... (where w is of type R). How do I make this if/else work, and is the real number library suitable for this sort 
[Mon Nov 11 16:06:03 2013] <quadelirus> thing?
[Mon Nov 11 16:08:57 2013] <ianjneu> what's the error for the if Req_dec w 0 case?
[Mon Nov 11 16:11:46 2013] <quadelirus> @ianjneu: Incorrect elimination of "Req_dec w0 0" in the inductive type "or":
[Mon Nov 11 16:11:47 2013] <quadelirus> the return type has sort "Type" while it should be "Prop".
[Mon Nov 11 16:11:50 2013] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Mon Nov 11 16:12:33 2013] <ianjneu> ah, you need proof-relevance.
[Mon Nov 11 16:12:45 2013] <quadelirus> hrm. what is that?
[Mon Nov 11 16:13:26 2013] <quadelirus> I'm very new to all this Coq programming. So many new concepts my head is swimming a little bit...
[Mon Nov 11 16:14:08 2013] <ianjneu> You can't eliminate a Prop to create something not in Prop. Prop is proof-irrelevant (all proofs are opaque and considered equal to one another), and because of the way Coq does things, eliminating a Prop to make a Type can cause logical inconsistencies.
[Mon Nov 11 16:14:54 2013] <Cale> quadelirus: To put it another way, you can't actually compute with Req_dec.
[Mon Nov 11 16:15:06 2013] <Cale> Req_dec is a bit of a lie, actually
[Mon Nov 11 16:15:14 2013] <quadelirus> is there any way to compute with reals in coq?
[Mon Nov 11 16:15:16 2013] <ianjneu> That's not quite true. You can normalize proofs.
[Mon Nov 11 16:15:19 2013] <Cale> (Real equality isn't decidable)
[Mon Nov 11 16:15:35 2013] <ianjneu> Tarski proved otherwise.
[Mon Nov 11 16:15:58 2013] <ianjneu> the reals have a decidable theory of arithmetic.
[Mon Nov 11 16:17:32 2013] <Cale> Surely there's some kind of LEM going on here.
[Mon Nov 11 16:19:04 2013] <ianjneu> I don't know how much work it would be to actually make Req_dec proof-relevant, since its decidability proof probably uses lots of other Prop-valued functions.
[Mon Nov 11 16:20:53 2013] <quadelirus> sorry lost internet. DOes this mean you can't represent real weighted trees in coq?
[Mon Nov 11 16:21:39 2013] <Cale> quadelirus: Why do you need to test equality with 0?
[Mon Nov 11 16:21:47 2013] <ianjneu> No, you should be able to, but you might have to reimplement reals to be proof-relevant. Is there a reason why you don't want to use the field of rationals?
[Mon Nov 11 16:22:06 2013] <quadelirus> need to use sin functions
[Mon Nov 11 16:22:13 2013] <quadelirus> the alg i want to prove correct
[Mon Nov 11 16:22:24 2013] <quadelirus> prunes edges w 0 length
[Mon Nov 11 16:23:02 2013] <quadelirus> and the weights are decreased periodically by trig functions
[Mon Nov 11 16:23:13 2013] <quadelirus> like w = w - sin x
[Mon Nov 11 16:23:32 2013] <quadelirus> and whenever a weight becomes zero the edge is pruned
[Mon Nov 11 16:23:43 2013] <ianjneu> oh, you want to use transcendental functions. That could be a problem.
[Mon Nov 11 16:25:02 2013] <ianjneu> you can use the zeros of sin to encode the integers and then get the same undecidability results of peano arithmetic.
[Mon Nov 11 16:25:36 2013] <quadelirus> meaning that it can't be done?
[Mon Nov 11 16:25:53 2013] <ianjneu> not with exact precision, no.
[Mon Nov 11 16:25:55 2013] <Cale> quadelirus: The algorithm you're describing doesn't sound computable.
[Mon Nov 11 16:26:20 2013] <quadelirus> thats too bad
[Mon Nov 11 16:26:23 2013] <Cale> You can check to see if a real number is within some nonzero distance of 0
[Mon Nov 11 16:26:29 2013] <Cale> (computably)
[Mon Nov 11 16:26:34 2013] <ianjneu> there is a notion of "delta-completeness" for the real numbers that's NP-complete, even with transcedental functions. You have to admit a non-zero amount of error though (delta)
[Mon Nov 11 16:27:27 2013] <quadelirus> hmmm, well this is a geometric algorithm, the sines coming from angle measures, so maybe I can use one of the geometry packages to encode everything and avoid coordinate based approaches, though i think that may be a big project
[Mon Nov 11 16:28:17 2013] <quadelirus> embed the trees nodes as points and take edges to be line segments
[Mon Nov 11 16:28:26 2013] <quadelirus> in an axiomatic system like Tarski's
[Mon Nov 11 16:29:03 2013] <ianjneu> if you can just use +,-,*,/ then you should be set.
[Mon Nov 11 16:29:08 2013] <quadelirus> Well this has been really helpful, but my son is crying so I've got to run. Thank you guys.
[Mon Nov 11 16:29:14 2013] <quadelirus> cool, well I'll give that a shot
[Mon Nov 11 16:29:18 2013] <quadelirus> and probably show up here another time :)
[Mon Nov 11 16:29:22 2013] <ianjneu> indeed
[Mon Nov 11 16:29:25 2013] <ianjneu> good luck
[Mon Nov 11 16:57:24 2013] <kirillt> Guys, I am debugging a proof now. The goal is stated as `forall X l i  (e : X), insert l i e = Some nil -> False'. `insert' function is defined in obvious way.
[Mon Nov 11 16:58:11 2013] <kirillt> Then one part of proof is `intro v. destruct i; destruct l; try destruct l; inversion h.'.
[Mon Nov 11 16:59:12 2013] <ianjneu> insert like insert sort? I expect then that X has a decidable ordering?
[Mon Nov 11 16:59:30 2013] <kirillt> The alternative part of proof is `intro v. destruct i; destruct l. (* DOT *) destruct l; inversion h. inversion h. destruct l; inversion h.'; i.e. this unfolds semicolon into three tactics.
[Mon Nov 11 16:59:50 2013] <kirillt> ianjneu, no, just insert element in the list at i'th position.
[Mon Nov 11 17:00:02 2013] <kirillt> Somehow these two parts are not equivalent.
[Mon Nov 11 17:00:28 2013] <kirillt> First leaves one goal; second leaves two (it didn't solve last of three goals).
[Mon Nov 11 17:01:42 2013] <kirillt> Oh, I mean `destruct l; inversion h. inversion h. inversion h' after (* DOT *) in the second part.
[Mon Nov 11 17:01:54 2013] <kirillt> (Sorry, can't use pastebin on this system.)
[Mon Nov 11 17:02:53 2013] <kirillt> Ah, maybe the first part resolves last goal, so it leaves only one. But I can't test it.
[Mon Nov 11 17:03:09 2013] <kirillt> Maybe admit will help to diagnose problem.
[Mon Nov 11 17:04:57 2013] <kirillt> Ye, seems to be.
[Mon Nov 11 17:05:19 2013] <kirillt> That feel when you write huge wall of text and resolve the problem by yourself =/
[Mon Nov 11 17:05:37 2013] <ianjneu> it's called rubber-duck-debugging
[Mon Nov 11 17:07:22 2013] <kirillt> LOL
[Mon Nov 11 17:08:02 2013] <kirillt> Rubber coq ;)
[Mon Nov 11 17:08:12 2013] <kirillt> :D
[Mon Nov 11 17:10:12 2013] <ianjneu> I'm going to have to use that.
[Mon Nov 11 17:10:27 2013] <ianjneu> the joke, not the denoted joke object
[Mon Nov 11 17:10:31 2013] <ianjneu> *sigh*
[Mon Nov 11 17:21:53 2013] <kirillt> ianjneu, at first I didn't too
[Mon Nov 11 17:35:08 2013] <ianjneu> I don't understand
[Mon Nov 11 18:48:01 2013] <Rc43> Hi, guys.
[Mon Nov 11 18:48:08 2013] <Rc43> Anybody familiar with ssreflect?
[Mon Nov 11 18:48:33 2013] <Rc43> I can't find analogue of standard `inversion' tactic.
[Mon Nov 11 18:50:24 2013] <ianjneu> nope, sorry
[Mon Nov 11 19:23:17 2013] <Rc43> I am installing gentoo from minimal cd, ifconfig tells that my network interface is called "enp0s3". Is it ok?
[Mon Nov 11 19:23:51 2013] <Rc43> Also I am in virtualbox, so maybe it is called so because of it; but I am not sure.
[Mon Nov 11 19:24:26 2013] <Rc43> Should I have "eth0" usually in real machine?
[Mon Nov 11 19:25:08 2013] <Ptival> Rc43: hmm this is #coq :)
[Mon Nov 11 19:25:16 2013] <Rc43> Ptival, oh
[Wed Nov 13 09:12:01 2013] <gdsfh> can somebody please check following code on recent Coq version?  My old 8.3pl4 gives scary error message (or maybe it's normal?).   Goal forall (a : nat), True. match compute in a with | _ => idtac end.
[Wed Nov 13 09:13:57 2013] <gdsfh> also dumb question.  Suppose I have "x := true : bool" in hypotheses.  How can I execute tactic tactrue or tacfalse depending on what value "x" has?
[Wed Nov 13 09:40:33 2013] <rks`> where mopidy-scan
[Wed Nov 13 09:40:42 2013] <rks`> oh, well, "oups", sorry
[Wed Nov 13 10:48:23 2013] <robbert`> gdsfh: "Error: Must evaluate to a closed term offending expression: compute in a this is a VFun with body compute in a instantiated arguments uninstantiated arguments "
[Wed Nov 13 10:48:27 2013] <robbert`> yes, that's is scary :)
[Wed Nov 13 10:48:37 2013] <robbert`> using 8.4pl2 here
[Wed Nov 13 10:51:37 2013] <gdsfh> robbert`: also it's formatted in a very strange way, in multiple lines, and doesn't give any insights on what is wrong here.
[Wed Nov 13 10:53:31 2013] <gdsfh> (but maybe it's just my nitpicking.)
[Wed Nov 13 10:54:11 2013] <robbert`> yes, that's strange indeed. The problem however is that "compute in a" yields a tactic
[Wed Nov 13 10:54:22 2013] <robbert`> not the result of cbv reducing a
[Wed Nov 13 10:54:39 2013] <robbert`> for that you need eval cbv in a
[Wed Nov 13 10:55:38 2013] <robbert`> match eval compute in x with false => idtac "false" | true => idtac "true" end. would solve your second problem
[Wed Nov 13 10:56:09 2013] <robbert`> what you were trying do to, is basically match on a tactic
[Wed Nov 13 10:56:17 2013] <robbert`> which is not possible, but still the error is insane :)
[Wed Nov 13 11:00:40 2013] <gdsfh> robbert`: i know i'm doing the wrong thing.  As for second problem -- it works, thank you!  (i have some free time now and i'm trying to implement "do rewrite when it reduces goal size only", mentioned in coq-club; just for fun.)
[Wed Nov 13 11:01:58 2013] <robbert`> gdsfh: just wondering, how do you determine that the size of the goal decreases?
[Wed Nov 13 11:05:12 2013] <gdsfh> robbert`: i don't know whether my way is correct, but now i'm trying something like this: http://paste.in.ua/9025/raw/ (nats is a special case since S (S ..) is treated as application of S to (S ..); don't know is it needed to treat nats specially)
[Wed Nov 13 11:06:12 2013] <gdsfh> and i'm only trying to do it, debugging, looking at what tactic returns.  Maybe it won't work in general case; just exploring.
[Wed Nov 13 11:07:24 2013] <gdsfh> also i'm not sure that this approach works well.  Some clever normalization would be better, even if it expands term.
[Wed Nov 13 11:08:08 2013] <gdsfh> (so, "rewrites with decreasing goal" won't work in arithmetics, where "omega" works fine.)
[Wed Nov 13 11:23:48 2013] <robbert`> gdsfh: I do not really see what you are trying to do there. But anyway, I doubt you can do this properly in Ltac, especially because you cannot go under binders (and rewrite will, aslong as the bound variable is not involved)
[Wed Nov 13 11:24:31 2013] <robbert`> my attempt would be something like http://lpaste.net/95603
[Wed Nov 13 11:32:03 2013] <robbert`> and there is now also the whole tactic, quite ugly, and no idea whether it will work properly ;)
[Wed Nov 13 11:54:05 2013] <gdsfh> robbert`: your code is much simpler ( => better) than mine.  It's a good ltac lesson for me.  But i'm not sure such rewrites are useful -- i've read this idea in coq-club and tried to implement it, nothing serious/concrete.  So i won't proceed further, everything is clear for me.
[Wed Nov 13 12:33:06 2013] <robbert`> gdsfh: I also doubt such a tactic is useful. What's much more useful is to rewrite equations that have a variable on one of the sides, and that is what subst is doing.
[Wed Nov 13 12:44:50 2013] <gdsfh> robbert`: yes, subst is useful.  Also some kind of normalization is needed, like "repeat rewrite Plus.plus_assoc" to rewrite "a + (b + c)" to "a + b + c".  When working (not playing), "ring" with user-defined rings can be useful.
[Wed Nov 13 12:44:55 2013] <gdsfh> proofs by reflection are good, canonical structures could be useful to "normalize" some terms (or i'm wrong?).  Someone should write a generic mechanism to do rewriting-with-normalization.  ("auto" is not enough.)
[Wed Nov 13 13:03:38 2013] <robbert`> gdsfh: about the associativity, maybe you are looking for something like AACTactics?
[Wed Nov 13 13:07:01 2013] <gdsfh> robbert`: not "looked for", but it's an interesting reading.
[Thu Nov 14 16:06:14 2013] <napping> Is there any way to reopen a Section?
[Thu Nov 14 16:07:20 2013] <Anarchos> napping maybe :)
[Thu Nov 14 16:13:29 2013] <napping> If one module includes a section that had some variables, I'd like to be able to import that module into another, make those things variables again, and prove some additional stuff without having to explicitly supply all the parameters introduced when I closed the first section
[Thu Nov 14 18:15:13 2013] <Ptival> yeah that'd be cool
[Fri Nov 15 00:55:05 2013] <Rc43> Hi, guys.
[Fri Nov 15 00:55:12 2013] <Rc43> Anybody uses gentoo?
[Fri Nov 15 00:55:56 2013] <Rc43> Just want to know is there ebuild for ssreflect or not. Maybe coq overlay? (I didn't find.)
[Mon Nov 18 04:29:35 2013] <kirillt> Hi, guys.
[Mon Nov 18 06:31:43 2013] <kirillt> How do you use ProofGeneral on projects with subfolders?
[Mon Nov 18 06:32:25 2013] <kirillt> E.g. I have folder "src" and ubfolder "sub" and file src/sub/B.v depends on src/A.v.
[Mon Nov 18 06:32:33 2013] <kirillt> How to tell ProofGeneral about loadpath?
[Mon Nov 18 07:02:44 2013] <amosr> hello kirillt
[Mon Nov 18 07:59:38 2013] <kirillt> Anybody know how to enable interpreted text highlighting in proofgeneral?
[Mon Nov 18 08:00:01 2013] <kirillt> I.e. after C-c C-n.
[Mon Nov 18 19:02:14 2013] <jameshfisher> Hello Coq people! I'm trying to run a file from the Software Foundations book and running into an error I don't understand. Could anyone help me? http://stackoverflow.com/questions/20056972/coq-error-no-focused-proof-when-using-arguments-command
[Mon Nov 18 19:12:22 2013] <acowley> jameshfisher: fwiw, I have Coq 8.4pl2, and don't get an error message.
[Mon Nov 18 19:12:50 2013] <acowley> jameshfisher: Can you try running coqc on the file?
[Mon Nov 18 19:13:39 2013] <acowley> jameshfisher: (I ask because I don't have CoqIDE, and it would be good to eliminate it as a variable.)
[Mon Nov 18 19:14:52 2013] <jameshfisher> Hi, okay, good idea
[Mon Nov 18 19:15:10 2013] <jameshfisher> (Only just starting out and I've only used CoqIDE.)
[Mon Nov 18 19:15:51 2013] <jameshfisher> I assume the equivalent is `coqc test.v` where test.v contains the "Inductive list .... Arguments nil {X}." stuff?
[Mon Nov 18 19:15:59 2013] <acowley> yeah
[Mon Nov 18 19:16:18 2013] <jameshfisher> Hmm. "Error: Unknown command of the non proof-editing mode."
[Mon Nov 18 19:16:27 2013] <jameshfisher> "File "./test.v", line 4, characters 0-18:"
[Mon Nov 18 19:16:47 2013] <acowley> So perhaps this is an 8.3 vs. 8.4 change
[Mon Nov 18 19:18:39 2013] <jameshfisher> Sounds like a reasonable theory. I'll try to install 8.4 and/or check documentation changes.
[Mon Nov 18 19:19:05 2013] <acowley> jameshfisher: Try adding the word Implicit to the start of the line
[Mon Nov 18 19:19:54 2013] <acowley> Most of my code that uses this was written pre-8.4 and has "Implicit Arguments foo [x y z]."
[Mon Nov 18 19:20:25 2013] <acowley> Hrm, actually my own code archeology is confusing on this
[Mon Nov 18 19:20:33 2013] <jameshfisher> Ooh, it accepts that, with the bracket change too
[Mon Nov 18 19:21:49 2013] <acowley> Ah, [] is for implicit, and {} is for maximally inserted implicit
[Mon Nov 18 19:24:29 2013] <jameshfisher> Time for me to read up on what that means, then. :-)
[Mon Nov 18 19:25:12 2013] <jameshfisher> I should be able to take it from here -- great help, thanks!
[Tue Nov 19 00:08:48 2013] <kirillt> Let we have goal "forall (x y : list X), Some x = Some y -> x = y". Why proof "intros x y h; inversion h; ..." works and "destruct x; destruct y; intro h; inversion h. ..." doesn't?
[Tue Nov 19 00:09:26 2013] <kirillt> I.e. in first proof inversion destructs hypothesis (and gives us injection) and in the second it doesn't.
[Tue Nov 19 00:09:29 2013] <kirillt> Why so?
[Tue Nov 19 03:48:10 2013] <Cale> kirillt: uh, it seems to work, but the destructs produce a bunch of different cases. inversion on h is still useful.
[Tue Nov 19 03:52:19 2013] <Cale> kirillt: You can handle the nil = nil case with trivial, and then inversion h immediately solves the nil = (a0 :: y) case, and then you're left with  (a0 :: x) = y, you can destruct y again if you really want, and apply inversion h to each of the two cases that generates, or you can just use inversion h directly.
[Tue Nov 19 03:53:10 2013] <Cale> (but also, why are you proving this for lists specifically? It's generally true that Some is injective, you don't have to specialise it to lists.)
[Tue Nov 19 04:24:48 2013] <kirillt> Cale, ye, I already understood that it is bad example. I tried to extract small example of my issue.
[Tue Nov 19 04:27:13 2013] <kirillt> Cale, it seems that in some cases destruct for complex terms (without functions but with constructors application, that why I used lists) do nothing, when it does injection-like things when it is only one constructor applied to one variable (like Some x instead of Some x :: xs).
[Tue Nov 19 04:27:28 2013] <kirillt> But it is messy to tell it with words, I need good example
[Tue Nov 19 08:08:32 2013] <roosbeef> im somewhat confused about induction in Coq
[Tue Nov 19 08:08:47 2013] <roosbeef> this would look like your typical induction-based proof, i think: https://privatepaste.com/fce4d7ed25
[Tue Nov 19 08:09:25 2013] <roosbeef> what are the typical steps from here? I need to do something with a0, but how does that allow me to use IHFS to complete the proof
[Tue Nov 19 19:53:25 2013] <logic_prog> why do we have a separation of Prop and Type?
[Tue Nov 19 19:53:34 2013] <logic_prog> (and where can I read up more on what this sepration gives us)?
[Tue Nov 19 19:55:18 2013] <Saizan> Prop stuff is guaranteed to be erased during program extraction
[Tue Nov 19 19:55:25 2013] <Saizan> Prop is also impredicative
[Tue Nov 19 19:56:29 2013] <benl23> I heard the Prop/Type distinction is being removed in the HoTT branch
[Tue Nov 19 19:56:39 2013] <benl23> .. though I don't know the inside story
[Tue Nov 19 20:00:32 2013] <amosr> is proof irrelevance related?
[Tue Nov 19 20:03:03 2013] <benl23> Coq won't let you write a function that destructs a Prop thing and produces a Type thing.
[Tue Nov 19 20:03:43 2013] <benl23> Prop things are erased at runtime, so are computationally irrelevant
[Tue Nov 19 20:14:43 2013] <logic_prog> is there some book chapter I can read
[Tue Nov 19 20:14:54 2013] <logic_prog> on the distinction of these two? (was disconected while asking about prop vs type)
[Tue Nov 19 20:17:17 2013] <Saizan> logic_prog: the manual has the details, at least for the typing rules iirc
[Tue Nov 19 20:17:33 2013] <logic_prog> actually I'm implementing a dependent type checker
[Tue Nov 19 20:17:36 2013] <logic_prog> based on the tutorial of
[Tue Nov 19 20:17:49 2013] <logic_prog> http://math.andrej.com/2012/11/08/how-to-implement-dependent-type-theory-i/
[Tue Nov 19 20:18:00 2013] <logic_prog> and I'm now confused with regardes to "how do I add props to this type theory" ?
[Tue Nov 19 20:19:07 2013] <benl23> adam chlipala's CPDT book has a chapter on it
[Tue Nov 19 20:19:09 2013] <benl23> with examples
[Tue Nov 19 20:19:39 2013] <benl23> some of the official Coq documentation is hard to read if you don't already know what it means
[Tue Nov 19 20:20:04 2013] <benl23> The Universes and Axioms chapter of CPDT
[Tue Nov 19 20:30:38 2013] <logic_prog> with apologies for missing something really simple
[Tue Nov 19 20:30:43 2013] <logic_prog> why is it important that we can not destrut Props ?
[Tue Nov 19 20:31:35 2013] <benl23> You can destruct Props, but you can't write a function that then produces a Type
[Tue Nov 19 20:31:45 2013] <benl23> suppose  f (x : Prop) : Type = ...
[Tue Nov 19 20:31:59 2013] <benl23> After program extraction, the argument 'x' isn't available at runtime
[Tue Nov 19 20:32:08 2013] <benl23> so there is nothing to match on to produce the result value
[Tue Nov 19 20:32:45 2013] <benl23> It's ok to have   g (x : Prop) : Prop = ...  because neither the argument or result value need to exist at runtime
[Tue Nov 19 20:33:10 2013] <logic_prog> I have one more dumb question (I think it's related to this).
[Tue Nov 19 20:33:26 2013] <logic_prog> in Coq, I have "H: Cat = Dog", then I can do "inversion H", get False, and get done with all.
[Tue Nov 19 20:33:38 2013] <logic_prog> However, if I use "forall p q, p <-> q -> p = q"
[Tue Nov 19 20:33:43 2013] <logic_prog> then I can have "And True True = True"
[Tue Nov 19 20:33:57 2013] <logic_prog> why can't I destruct "H: And True True = True" and get False? what is different in this case?
[Tue Nov 19 20:34:36 2013] <benl23> what is 'And' ?
[Tue Nov 19 20:36:07 2013] <logic_prog> err, sorry, " True /\ True"
[Tue Nov 19 20:37:26 2013] <benl23> I don't see how 'True /\ True = True' is going to get you False
[Tue Nov 19 20:38:16 2013] <logic_prog> It doesn't, but if I had "Cat 1 2 = Dog 1 2" I would get false
[Tue Nov 19 20:38:30 2013] <logic_prog> so why is Prop treated differently in that I have "True /\ True = True" but I don't get false
[Tue Nov 19 20:41:03 2013] <benl23> hrm
[Tue Nov 19 20:42:01 2013] <logic_prog> is htis because False is a type
[Tue Nov 19 20:42:05 2013] <logic_prog> and after I destruct a Prop I can't return a Type?
[Tue Nov 19 20:42:19 2013] <logic_prog> (I don't know, I'm throwing mud at where I think a wall is blindfolded in the dark while drunk)
[Tue Nov 19 20:43:30 2013] <benl23> I don't have a clean enough understanding to give a good answer
[Tue Nov 19 20:43:39 2013] <benl23> it's related to how equality is defined in Coq
[Tue Nov 19 20:43:47 2013] <benl23> I don't think it's a Prop/Type problem
[Tue Nov 19 20:49:06 2013] <benl23> ..
[Tue Nov 19 20:49:41 2013] <benl23> given (True /\ True) you can destruct it to get a True, so (True /\ True) = True
[Tue Nov 19 20:49:48 2013] <benl23> but you can't destruct a Cat or a Dog to get the other one
[Tue Nov 19 20:49:54 2013] <benl23> ... but he's gone
[Tue Nov 19 21:03:13 2013] <benl23> hrm
[Tue Nov 19 21:03:44 2013] <benl23> I'm note sure of either '(True /\ True) = True' or 'not ((True /\ True) = True)' is provable
[Tue Nov 19 21:22:33 2013] <benl23> that statement, forall p q, p <-> q -> p = q, seems pretty dodgy
[Wed Nov 20 03:29:29 2013] <maxiepoo> Hm, people are probably asleep but I'll ask anyway
[Wed Nov 20 03:30:30 2013] <maxiepoo> so in coq when you use Fixpoint you need to use primitive(ish) recursion or the definition will be rejected
[Wed Nov 20 03:31:00 2013] <maxiepoo> dually, when doing CoFixpoint you need every recursive call to be guarded with a constructor
[Wed Nov 20 03:31:07 2013] <maxiepoo> a sort of primitive corecursion
[Wed Nov 20 03:32:08 2013] <maxiepoo> but you can get the primitive recursion restriction by proving that some argument is decreasing according to some "well founded" relation
[Wed Nov 20 03:32:26 2013] <maxiepoo> is there a dual notion for corecursion?
[Wed Nov 20 03:33:00 2013] <maxiepoo> a way to encode less simple notions of productivity?
[Thu Nov 21 03:56:54 2013] <roosbeef> hm
[Thu Nov 21 04:31:15 2013] <roosbeef> ok so ive got this subgoal
[Thu Nov 21 04:32:01 2013] <roosbeef> https://privatepaste.com/1707ff50a5
[Thu Nov 21 04:32:29 2013] <roosbeef> basically, forall x, hs_compare x nil => Gt
[Thu Nov 21 04:32:37 2013] <roosbeef> except when x is nil
[Thu Nov 21 04:33:14 2013] <roosbeef> ive got the assumption notnil x (in the above paste-example its f, my bad)
[Thu Nov 21 04:33:50 2013] <roosbeef> how do i destruct f and then tell Coq that the case in which x is nil is ruled out by "H: notnil x"?
[Thu Nov 21 04:34:24 2013] <roosbeef> so that i can use H1 to prove the subgoal
[Thu Nov 21 07:05:36 2013] <kirillt1> How difficult to implement custom extraction for Coq?
[Thu Nov 21 09:39:04 2013] <akonny> How do I rewrite n + 1 to S(n). Tried unfolding the plus operator but i did not work
[Thu Nov 21 09:40:04 2013] <akonny> more concretely I have this expression S n' + 1 = S (S n') and I am using Arith.
[Thu Nov 21 10:41:54 2013] <notdan> Hi
[Thu Nov 21 10:43:27 2013] <ystael> notdan: This channel is pretty quiet most of the time.  If you have a question, just ask and whoever is around will do their best :)
[Thu Nov 21 11:16:44 2013] <notdan> Yeah, thanks :)
[Thu Nov 21 11:17:13 2013] <notdan> One question that I had was about 'repeat'. Apparently I can't use to to repeatedly solve multiple subgoals
[Thu Nov 21 11:17:27 2013] <notdan> is there a way to get rid of a lot of subgoals at once?
[Thu Nov 21 11:21:25 2013] <ianjneu> notdan: you have to use ; to chain the repeat after the subgoals are generated.
[Thu Nov 21 11:24:43 2013] <notdan> Oh, that's right, thank you
[Thu Nov 21 11:24:49 2013] <notdan> I haven't touched Coq in a while
[Thu Nov 21 11:25:35 2013] <ianjneu> glad you're breaking your celibacy.
[Thu Nov 21 11:33:43 2013] <notdan> While you are online maybe you can recommend me something/comment in a line or two: https://sympa.inria.fr/sympa/arc/coq-club/2013-11/msg00154.html (not sure if you are subscribed)
[Thu Nov 21 11:34:17 2013] <notdan> OK, thanks to 'repeat', ';', and 'try' my proofs are not shorter
[Thu Nov 21 11:34:51 2013] <notdan> Oh, and Coq.inria.fr is down :(
[Thu Nov 21 11:42:38 2013] <ianjneu> not -> now?
[Thu Nov 21 11:44:44 2013] <ianjneu> I don't know much about petri nets or the libraries for relations :/
[Thu Nov 21 11:45:12 2013] <ianjneu> If there's a relation union, you might try unioning Relation P T and Relation T P
[Thu Nov 21 11:57:55 2013] <notdan> Well I am talking not about petri nets specifically, but more about, you know, different models that involve sets and functions and relations.
[Thu Nov 21 11:59:08 2013] <notdan> 'Relation' is part of the standard library isn't it?
[Thu Nov 21 11:59:20 2013] <notdan> I guess I should ditch SF's libraries
[Thu Nov 21 14:16:19 2013] <notdan> Where can I read about Coq's 'Set'?
[Thu Nov 21 14:16:30 2013] <notdan> I can seem to find a lot of information about it :(
[Thu Nov 21 23:49:00 2013] <Ptival> is there an easy way to have an inductive type parameter be explicit for the type former, and implicit for every constructor?
[Thu Nov 21 23:49:49 2013] <Ptival> (as in, it should always be inferrable from the context type, so I'd like it to appear in the type, but not to type it after every constructor :\)
[Fri Nov 22 07:01:20 2013] <Rc43> Could yoou ban kirillt? Its my irc launched on other machine, I havent access to it now. It can spam about a week or something untill it won't banned.
[Fri Nov 22 09:53:06 2013] <gereedy> Ptival: you mean as the list type is?
[Fri Nov 22 09:54:29 2013] <gereedy> the short answer is Set Implicit Arguments
[Fri Nov 22 11:56:08 2013] <notdan> How can avoid explicit type parameters while using coq's stdlib? E.g., I want to write 'symmetric myRel' instead of 'symmetric nat myRel' throughout the code
[Fri Nov 22 11:57:25 2013] <ianjneu> Set Implicit Arguments doesn't work?
[Fri Nov 22 12:08:35 2013] <notdan> No :(
[Fri Nov 22 12:09:54 2013] <notdan> http://lpaste.net/7115879121405607936
[Fri Nov 22 12:09:59 2013] <notdan> A minimal example
[Fri Nov 22 12:11:40 2013] <lpaste> Dan pasted “Implicit arguments” at http://lpaste.net/7115879121405607936
[Fri Nov 22 12:27:02 2013] <ianjneu> it appears you can't. You can however just do Definition symmetric_ := symmetric. and use that instead.
[Fri Nov 22 12:31:51 2013] <notdan> Alright, thanks, that worked!
[Fri Nov 22 12:38:22 2013] <notdan> Another quick Q, how can I use EqLtNotation : http://coq.inria.fr/coq/stdlib/Coq.Structures.Orders.html#EqLtNotation
[Fri Nov 22 12:38:47 2013] <notdan> It seems that I need to declare a separate module that implements it and then require it?
[Fri Nov 22 12:46:29 2013] <osa1_> hi everyone. can anyone explain me what does "being coded in it's own logic" mean? (an example use is here http://www.cs.utexas.edu/users/moore/best-ideas/acl2/index.html )
[Fri Nov 22 12:51:46 2013] <notdan> Hm, I would guess that the calculus for ACL2 has been formalized in itself? BUt that doesn't sound right
[Fri Nov 22 12:52:16 2013] <osa1_> yeah, I don't think that's what it means
[Fri Nov 22 12:53:29 2013] <notdan> Maybe in case of ACL2 it means that ACL2 is itself written in (subset of) Common Lisp and you can use it to reason about Common Lisp?
[Fri Nov 22 12:56:43 2013] <osa1_> I guess it's more like "ACL2 written in Common Lisp which is a formal system by itself, and ACL2 uses that formal system for reasoning" or something like that but I may be misusing terms completely
[Fri Nov 22 13:03:26 2013] <ianjneu> osa1_: ACL2 is implemented in a subset of Common Lisp, some of which is the subset that it can prove properties about.
[Fri Nov 22 13:04:14 2013] <ianjneu> Not all of ACL2 is written in "logic mode" as they call it, because logic functions must be total, and they have non-terminating functions.
[Fri Nov 22 13:04:49 2013] <ianjneu> which are in "program mode"
[Fri Nov 22 13:05:06 2013] <ianjneu> I've hacked on ACL2 in the past.
[Fri Nov 22 13:10:11 2013] <osa1_> ianjneu: "some of which is the subset that it can prove properties about" some of what? properties about itself?
[Fri Nov 22 13:13:49 2013] <ianjneu> sure. They tend to be really simple helper functions for manipulating proof state though.
[Fri Nov 22 13:14:31 2013] <ianjneu> If you want to see something /like/ ACL2 that is entirely written in itself, check out Milawa
[Fri Nov 22 13:15:35 2013] <kini> ACL2 talk in #coq?
[Fri Nov 22 13:15:39 2013] <kini> am I dreaming? :P
[Fri Nov 22 13:15:52 2013] <kini> osa1_: you might want to ask in #acl2
[Fri Nov 22 13:16:05 2013] <ianjneu> there's a #acl2?
[Fri Nov 22 13:16:12 2013] <kini> yup, as of a couple months ago (I made it)
[Fri Nov 22 13:16:21 2013] <kini> one of the ACL2 authors has been kind enough to start lurking in there too
[Fri Nov 22 13:16:31 2013] <kini> as well as a few former PhD students from the ACL2 research group at UT
[Fri Nov 22 13:16:40 2013] <ianjneu> Ya, I know Sol and Matt.
[Fri Nov 22 13:17:17 2013] <kini> clop is jared davis and darage is david rager, if you know them
[Fri Nov 22 13:17:25 2013] <ianjneu> yup yup.
[Fri Nov 22 13:17:44 2013] <ianjneu> Went to the ACL2 seminar my last year at UT.
[Fri Nov 22 13:17:58 2013] <kini> cool, I didn't know you were at UT
[Fri Nov 22 13:18:05 2013] <kini> I just started here as a first year PhD student this year
[Fri Nov 22 13:18:20 2013] <ianjneu> ah so.
[Fri Nov 22 13:18:58 2013] <ianjneu> What're they up to currently? Still chip verification stuff I assume.
[Fri Nov 22 13:19:14 2013] <osa1_> and I'm a CS undergrad who are currently applying to grad schools :-P
[Fri Nov 22 13:19:28 2013] <kini> osa1_: at UT?
[Fri Nov 22 13:19:50 2013] <kini> ianjneu: still doing x86 modeling, yeah
[Fri Nov 22 13:20:03 2013] <kini> but I'm not sure whether calling it "chip verification" is accurate
[Fri Nov 22 13:20:11 2013] <osa1_> kini: no, some random university outside of the US. I'm currently doing an internship at UIUC though.
[Fri Nov 22 13:20:18 2013] <ianjneu> If you want to coq for a living, Harvard, MIT and UPenn are up there.
[Fri Nov 22 13:20:27 2013] <kini> the group is officially called the "Hardware Verification Group", but I was told that what we're actually doing is low-level software verification
[Fri Nov 22 13:20:50 2013] <osa1_> yes, I already applied to UPenn, and I don't think I'm good enough for Harvard and MIT (I have very low GPA)
[Fri Nov 22 13:20:54 2013] <kini> I guess when doing verification you create a model and then verify the behavior of something slightly higher level than what the model is modeling by analyzing the thing's interface to its backend, which is your model
[Fri Nov 22 13:21:06 2013] <ianjneu> osa1_: do you have research experience?
[Fri Nov 22 13:21:19 2013] <kini> so this project is at the boundary, where the model is of hardware and the object being verified is software
[Fri Nov 22 13:21:27 2013] <osa1_> ianjneu: yes, two internship at two different universities
[Fri Nov 22 13:21:31 2013] <osa1_> internships*
[Fri Nov 22 13:21:41 2013] <osa1_> but no papers, unfortunately
[Fri Nov 22 13:21:50 2013] <ianjneu> ah.
[Fri Nov 22 13:22:04 2013] <kini> if I had known more about the field when I was applying to grad schools I would have applied to those three schools as well, haha
[Fri Nov 22 13:22:17 2013] <ianjneu> well, Maryland is getting a new professor in static analysis. They're looking for students
[Fri Nov 22 13:22:20 2013] <kini> but UT is pretty nice too, though there's like one Coq user here who just graduated (afaik)
[Fri Nov 22 13:22:32 2013] <osa1_> ianjneu: yeah I'll apply to Maryland, too :-)
[Fri Nov 22 13:22:34 2013] <kini> and maybe <5 isabelle users
[Fri Nov 22 13:23:44 2013] <ianjneu> their PL group is "plum"
[Fri Nov 22 13:24:50 2013] <kini> I saw something out of maryland, I forgot what it was...
[Fri Nov 22 13:24:57 2013] <osa1_> other universities I already applied: Indiana and Portland State. I guess I'm done after applied to Maryland (which will make 4 universities)
[Fri Nov 22 13:25:19 2013] <ianjneu> oh ya, Indiana just got Sam Tobin-Hochstadt and Jeremy Siek.
[Fri Nov 22 13:25:30 2013] <notdan> osa1_: what unis outside of the US are you applying to? I am asking because I am a CS undergrad too
[Fri Nov 22 13:25:45 2013] <kini> osa1_: I was at portland state for a year
[Fri Nov 22 13:25:54 2013] <kini> there are some really cool people there, and portland is a great city
[Fri Nov 22 13:25:59 2013] <osa1_> notdan: I'm not applying anywhere outside of the US, mostly because I have no idea where to apply and I liked uni. environment in the US
[Fri Nov 22 13:26:19 2013] <notdan> but I didn't take GRE this year so I won't be getting in any of the US universities
[Fri Nov 22 13:26:20 2013] <osa1_> ianjneu: yeah, we met with them at PLFest
[Fri Nov 22 13:26:22 2013] <ianjneu> Portland is really white. Like /really/ white.
[Fri Nov 22 13:26:39 2013] <notdan> oh, sorry, I read your message as if you are applying to random universities outside of the US
[Fri Nov 22 13:26:58 2013] <notdan> bleh
[Fri Nov 22 13:27:11 2013] <osa1_> notdan: what universities are you applying outside the US ?
[Fri Nov 22 13:27:19 2013] <kini> but I was warned by a PSU student that I shouldn't go there because the average ability of students there is sort of low and the faculty don't publish that much as it's not that competitive a university, rankings-wise
[Fri Nov 22 13:27:20 2013] <kini> haha
[Fri Nov 22 13:27:37 2013] <kini> ianjneu: that's true
[Fri Nov 22 13:27:57 2013] <kini> not any more so than austin though I don't think
[Fri Nov 22 13:27:57 2013] <osa1_> kini: that may be a good thing for me because my GPA is very low and I basically depend on recommendation letters and previous experience
[Fri Nov 22 13:28:26 2013] <kini> osa1_: the PL people there are quite good I think, faculty and grad students alike
[Fri Nov 22 13:28:32 2013] <notdan> osa1_: I want to apply to Free University of Bozen Bolzano, Chalmers, Humboldt U, any uni in the EMCL program
[Fri Nov 22 13:28:36 2013] <ianjneu> kini: not at all. My wife is black and was totally comfortable in Austin.
[Fri Nov 22 13:28:54 2013] <notdan> but I have to take TOEFL or IELTS before I can apply :S
[Fri Nov 22 13:29:02 2013] <ianjneu> Portland is was a game of "try to spot a black person" and we just gave up.
[Fri Nov 22 13:29:03 2013] <kini> ianjneu: I see.  Well, I haven't paid much attention to things like that, and also I haven't really explored much beyond the confines of the university yet :)
[Fri Nov 22 13:29:12 2013] <ianjneu> it was*
[Fri Nov 22 13:29:29 2013] <osa1_> notdan: yeah, I took required tests while doing my current internship at UIUC ..
[Fri Nov 22 13:29:30 2013] <ianjneu> kini: check out Barton Springs.
[Fri Nov 22 13:29:34 2013] <ianjneu> it's pretty.
[Fri Nov 22 13:30:08 2013] <notdan> osa1_: hm, so you have already finished your bachelors, haven't you? or you are finishing it this year
[Fri Nov 22 13:30:14 2013] <notdan> *are you
[Fri Nov 22 13:30:17 2013] <osa1_> notdan: I'm finishing on April 2014
[Fri Nov 22 13:30:26 2013] <notdan> Oh
[Fri Nov 22 13:30:36 2013] <notdan> Well, I envy your ability to manage your time
[Fri Nov 22 13:31:17 2013] <osa1_> huh, why?
[Fri Nov 22 13:43:04 2013] <notdan> osa1_: You manage to study for your degree, work as an intern in a foreign university and prepare for/take the necessary exams. That's a lot of stuff to do :)
[Fri Nov 22 13:54:42 2013] <osa1_> notdan: well, I don't think I managed to do "study for your degree" part, my GPA is 2.7 :-P
[Fri Nov 22 13:55:48 2013] <ianjneu> your statement of purpose and letters of recommendation are much more important than you GPA
[Fri Nov 22 13:55:51 2013] <ianjneu> your*
[Fri Nov 22 13:56:36 2013] <osa1_> yeah, that's what motivates me to apply, because all grad schools I applied say that they need at least 3.0 GPA
[Fri Nov 22 14:53:29 2013] <gereedy> notdan: you can also use the Arguments command to change the treatment of the arguments for an already defined identifier
[Fri Nov 22 14:53:40 2013] <gereedy> e.g. Arguments symmetric {A} _.
[Fri Nov 22 16:27:21 2013] <jgross_> notdan: > I  want to write 'symmetric myRel' instead of 'symmetric nat myRel' <- Is 'symmetric _ myRel' good enough for you?  Alternatively, you can do 'Local Arguments symmetric [_] R _ _ _.' to make the first parameter implicit (use {_} for implicit and maximally inserted).  I'd suggest Local rather than Global, or it'll confuse people who Import your code. 
[Sat Nov 23 05:19:17 2013] <notdan> jgross_: thanks :)
[Sun Nov 24 15:39:22 2013] <notdan> Can  I prove that forall A, Empty_set = sig A (fun _ => False)?
[Sun Nov 24 23:45:03 2013] <osa1> what does "smallest in the subtype relation" mean?
[Mon Nov 25 00:53:02 2013] <jrw> osa1: context?
[Mon Nov 25 08:09:42 2013] <Eruquen> I am trying to introduce  the following notation: Notation "'set' i := j + c" := (WAssgnPlus i j c) (at level 200).
[Mon Nov 25 08:10:16 2013] <Eruquen> however, I can not get fun (i j: Var) c => (set i := j + c) to be accepted by coq
[Mon Nov 25 08:10:34 2013] <Eruquen> Syntax error: '+' expected after [constr:operconstr level 200] (in [constr:binder_constr]).
[Mon Nov 25 08:11:04 2013] <Eruquen> are there any references on how to debug notations?
[Mon Nov 25 08:17:03 2013] <Eruquen> ah, adding "j at level 40" fixed it
[Mon Nov 25 14:32:53 2013] <Anarchos> r
[Tue Nov 26 08:17:57 2013] <lpjhjdh> I'm probably misphrasing this but is there an easy way in Coq to force a value in a match based on an index?  More specifically if you have some type "d x" with a constructor "C : forall x, d x", you'd like to know when you match on C that the x is the same one.
[Tue Nov 26 08:18:44 2013] <lpjhjdh> I know Adam Chlipala's book has several good tricks but maybe there's a more extensive list somewhere?
[Tue Nov 26 12:13:37 2013] <notdan> Can someone who is knowledgeblable please comment/answer my Q: https://sympa.inria.fr/sympa/arc/coq-club/2013-11/msg00164.html
[Tue Nov 26 12:18:10 2013] <ianjneu> ack, but I don't use modules since types are anti-modular.
[Tue Nov 26 12:19:44 2013] <ianjneu> I think you need to use the "with Definition" form rather than use internal definitions.
[Tue Nov 26 12:26:05 2013] <notdan> hm doesn't work either, but maybe I am messing something up
[Tue Nov 26 12:26:18 2013] <notdan> definitely going to try it using 'with' later, thanks
[Tue Nov 26 12:26:35 2013] <notdan> out of curiousity, why do you say that types are anti-modular?
[Tue Nov 26 12:26:49 2013] <notdan> And why, in that case, Coq's standard library makes such immense use of modules?
[Tue Nov 26 12:31:00 2013] <ianjneu> Coq is an experiment in the use of dependent types for large-scale programming. It's had mixed success.
[Tue Nov 26 12:32:54 2013] <ianjneu> Types are anti-modular in the sense that they leak implementation details. When you use existentials, you end up unable to prove properties about your modules. If you export lots of propositional equalities where you previously would have definitional equalities, you get into problems where many things are not well-typed. Bob Harper admits that definitional equalities lead to the same anti-modular patterns that are rampant in OO code.
[Tue Nov 26 12:33:45 2013] <ianjneu> We don't know how to do without definitional equalities yet, and without exposing the code for certain internals, you can make certain higher-order programming patterns impossible to prove terminating.
[Tue Nov 26 12:35:34 2013] <ianjneu> For some reason your R is not convertible to MyModT.t -> MyModT.t -> Prop, and that's why it's erroring. The reason for that is the Funsig instantiation does not remember that the module its given is definitionally equal to MyModT.
[Tue Nov 26 12:40:32 2013] <ianjneu> Got it. Add "with Definition t := A" after MyModT : Typ
[Tue Nov 26 13:07:15 2013] <ystael> ianjneu: "If you export lots of propositional equalities where you previously would have definitional equalities, you get into problems where many things are not well-typed." -- can you give a pointer to an example or background reading?
[Tue Nov 26 13:16:08 2013] <notdan> I still don't get Harper's argument about OO being anti-modular
[Tue Nov 26 13:16:18 2013] <notdan> is that stuff spelled out somewhere for newbs like me?
[Tue Nov 26 13:17:07 2013] <notdan> inb4 read through PFPL
[Tue Nov 26 13:18:15 2013] <notdan> ianjneu: hm, it works for "with Definition" but not for "with Axiom"
[Tue Nov 26 15:24:40 2013] <notdan> http://lpaste.net/1110043978507485184 What is going on in there?
[Tue Nov 26 15:25:23 2013] <notdan> Why is rt1n_trans defined to be a notation for clos_rt1n_rt they have a completely different signatures
[Tue Nov 26 15:25:26 2013] <notdan> -a
[Tue Nov 26 16:02:37 2013] <ianjneu> notdan: I don't know.
[Tue Nov 26 17:05:09 2013] <maxiepoo> hey the website seems to be down
[Tue Nov 26 17:05:23 2013] <maxiepoo> is there a mirror somewhere
[Tue Nov 26 17:05:32 2013] <maxiepoo> or at least some reference material?
[Tue Nov 26 17:11:35 2013] <ystael> maxiepoo: they distribute the reference manual as a tar.gz, but if you didn't grab it before I suppose that won't help you now :(
[Tue Nov 26 17:11:58 2013] <ystael> IIRC the standard library documentation is generated from the sources, so if you built from source you can at least refer to that
[Tue Nov 26 17:19:29 2013] <maxiepoo> hm I installed with yum
[Tue Nov 26 17:19:33 2013] <maxiepoo> maybe it's here somewhere
[Tue Nov 26 17:39:30 2013] <osa1> so why Coq generates weak induction hyphothesis in first encoding of record types here http://www.cis.upenn.edu/~bcpierce/sf/Records.html ?
[Tue Nov 26 17:41:32 2013] <ianjneu> records aren't recursive. Why would there be a non-degenerate induction scheme?
[Tue Nov 26 17:43:01 2013] <osa1> ianjneu: what does non-degenerate mean? record constructor's first parameter is definitely an inductive type, what I don't understand is why generated induction scheme doesn't take that into account
[Tue Nov 26 17:47:33 2013] <ianjneu> Degenerate means you don't have a self-reference to the type anywhere. Booleans are a degenerate inductive type, for example.
[Tue Nov 26 17:48:59 2013] <osa1> I also have another question; I want to implement some formalizations from some papers in Coq as a learning exercise, which papers do you recommend me for this? I'm mostly interested in type systems, type inference etc.
[Tue Nov 26 17:51:32 2013] <ianjneu> Adam Chlipala has some papers on proving compiler correctness of simple languages in Coq, using his (now bitrotted) Lambda Tamer library. Software foundations has many examples, but I wouldn't consider their approach anything more than brute force.
[Tue Nov 26 17:52:00 2013] <ianjneu> Substitution is just a bitch to do in Coq.
[Tue Nov 26 17:52:15 2013] <ianjneu> It's much better in Twelf, but Twelf has very little automation.
[Tue Nov 26 17:55:29 2013] <osa1> ianjneu: what's wrong with SF's approach?
[Tue Nov 26 17:55:39 2013] <osa1> I learned all I know about Coq from SF :-)
[Tue Nov 26 17:58:47 2013] <jrw> osa1: do you own TAPL?
[Tue Nov 26 17:59:13 2013] <jrw> I recommend finding a chapter in there that you find interesting that is not already done in SF and doing it in SF style
[Tue Nov 26 17:59:16 2013] <osa1> jrw: yeah, I already read half of it
[Tue Nov 26 17:59:31 2013] <jrw> I also recommend adam's CPDT
[Tue Nov 26 17:59:43 2013] <ianjneu> They use a really nasty environment library based on alists and lots of representation-specific lemmas. It's not modularized by the behavior of finite maps. It's entirely unportable to better representations.e
[Tue Nov 26 18:00:04 2013] <osa1> ianjneu: what are some better representation?
[Tue Nov 26 18:00:30 2013] <ianjneu> some kind of balanced tree, for example.
[Tue Nov 26 18:00:49 2013] <jrw> or hash maps, or anything else you might expect to actually use in an interpreter
[Tue Nov 26 18:00:57 2013] <ijp> osa1: ianjneu point is really that the internal representation shouldn't matter
[Tue Nov 26 18:01:29 2013] <ianjneu> the problem is I've tried to abstract this out, but Coq is just limited by its need to work with definitional equalities.
[Tue Nov 26 18:02:48 2013] <jrw> yes, this is a more general problem in coq than just sf
[Tue Nov 26 18:02:59 2013] <ianjneu> I work and think really abstractly. Like a good software engineer, I separate concerns behind interfaces. The type theory Coq uses, while state-of-the-art, is unable to handle such abstractions.
[Tue Nov 26 18:03:59 2013] <osa1> interesting, so are there other theories that have equalities other than simple syntactic equalities that we have in Coq ?
[Tue Nov 26 18:05:08 2013] <ianjneu> propositional equalities are getting better understood in HoTT, but we're still not at a point where definitional equalities can be reliably removed and still have a usable library.
[Tue Nov 26 18:05:43 2013] <ianjneu> short answer: no. Getting work done in Coq is like getting work done in Pascal. Duplicate effort all over.
[Tue Nov 26 18:06:44 2013] <ianjneu> gotta go
[Tue Nov 26 18:06:48 2013] <osa1> ianjneu: how can this prevent us from unified interfaces? let's say I can provide equalitiy of my terms to some other terms, given some interface implemented for that other term etc.
[Tue Nov 26 18:06:51 2013] <osa1> uh
[Tue Nov 26 18:07:02 2013] <osa1> from having unified interfaces*
[Tue Nov 26 18:54:03 2013] <ezyang> Sometimes, when I refine, Coq will existentialize one of my holes. Is there a way to make it not do that?
[Tue Nov 26 19:16:43 2013] <Ptival> unfortunately, I don't think so :\
[Tue Nov 26 19:16:57 2013] <Ptival> maybe by introducing artificial constructs like a let-binding, but it's somewhat annoying?
[Wed Nov 27 14:27:52 2013] <roosbeef> how do vectors work?
[Wed Nov 27 14:28:02 2013] <roosbeef> how are they different from lists for example
[Wed Nov 27 14:46:38 2013] <roosbeef> for example how do i build a nat vector of size 3 containing 1 2 3?
[Wed Nov 27 14:54:03 2013] <roosbeef> ha Vcons
[Wed Nov 27 15:01:33 2013] <Ptival> they work like lists but are indexed with their length
[Wed Nov 27 15:09:37 2013] <roosbeef> yep starting to make sense
[Wed Nov 27 15:09:49 2013] <roosbeef> is there a less cumbersome way of constructing them?
[Wed Nov 27 15:10:27 2013] <roosbeef> besides Vcons a (Vcons b (Vcons c Vnil))) for the vector nat 3 equivalent of a :: b :: c :: nil?
[Wed Nov 27 15:10:44 2013] <Ptival> how is that cumbersome?
[Wed Nov 27 15:10:55 2013] <roosbeef> eh thats not entirely correct ;p but you get my point i guess
[Wed Nov 27 15:11:28 2013] <roosbeef> the list notation is more convenient for manual labor
[Wed Nov 27 15:11:40 2013] <Ptival> you can make a notation for it too
[Wed Nov 27 15:11:52 2013] <roosbeef> ha cool
[Wed Nov 27 15:11:54 2013] <roosbeef> guess ill do that
[Wed Nov 27 15:11:59 2013] <roosbeef> how does that work?
[Wed Nov 27 15:12:19 2013] <Ptival> alternatively, I also like to write a function "mkVec : forall {T} (l : list T) -> Vec T (length l)"
[Wed Nov 27 15:12:44 2013] <Ptival> but
[Wed Nov 27 15:13:12 2013] <roosbeef> yea something like that :)
[Wed Nov 27 15:14:18 2013] <Ptival> Notation "[| x ; .. ; y |]" := (VecCons x .. (VecCons y (VecNil _)) ..).
[Wed Nov 27 15:15:36 2013] <roosbeef> works but with Vcons and Vnil
[Wed Nov 27 15:16:34 2013] <roosbeef> Notation "[| x ; .. ; y |]" := (Vcons x .. (Vcons y (Vnil _)) ..).
[Wed Nov 27 15:16:34 2013] <roosbeef> Check [| 1 ; 2 ; 3 |].
[Wed Nov 27 15:17:00 2013] <roosbeef> should that give : vector nat 3?
[Wed Nov 27 15:17:22 2013] <Ptival> you can even reuse the list notation, using scopes to allow both to coexist
[Wed Nov 27 15:19:18 2013] <roosbeef> what is VecCons, do i need to import a library for that?
[Wed Nov 27 15:20:01 2013] <roosbeef> is there a better way to find corresponding libraries besides doing a google search for "Coq someFunction"?
[Wed Nov 27 15:26:52 2013] <roosbeef> Ptival? :p
[Wed Nov 27 15:35:00 2013] <roosbeef> nevermind ill figure something out
[Wed Nov 27 15:35:11 2013] <roosbeef> <3
[Thu Nov 28 05:25:50 2013] <roosbeef> nat is the Set of natural numbers, right
[Thu Nov 28 05:26:02 2013] <roosbeef> whats the Set of letters
[Thu Nov 28 05:26:42 2013] <roosbeef> i want a huge set of characters to use as function symbols
[Thu Nov 28 05:27:13 2013] <roosbeef> could also just use something like (F n) i guess, but im just curious if theres a set of letters available in Coq
[Thu Nov 28 15:43:10 2013] <lpjhjdh> :w
[Fri Nov 29 11:05:32 2013] <Rc43> Anybody knows is there channel for Coq devs?
[Fri Nov 29 11:16:27 2013] <jgross> Are you sure there's a channel?  I know there's the coqdev mailing list. 
[Fri Nov 29 11:40:43 2013] <sgnb> when I was active, I was the only one here...
[Fri Nov 29 17:04:19 2013] <Rc43> Anybody know when new release is planned?
[Fri Nov 29 17:42:26 2013] <jgross> Rc43: Soon, I'd hope.  Maybe within the next year?  There are a number of new features that have either recently been merged or are in the process of being finished up and merged, so I wouldn't be surprised if 8.5 comes out in the next year or so. 
[Sat Nov 30 07:22:49 2013] <aico4> Hello.
[Sat Nov 30 07:25:24 2013] <aico4> I solved Basics chapter of "software foundations" in coq and now i'm trying to do the same in agda. Encountered a little problem http://vpaste.net/WaJdg . Not sure how can i apply neg-involutive to prove neg-involution...
[Sat Nov 30 11:40:26 2013] <aico4> Is it provable forall n : nat, 0 = n + n -> n = 0. ?
[Sat Nov 30 11:50:33 2013] <aico4> http://lpaste.net/96410 How can prove it in coq?
[Sat Nov 30 12:01:46 2013] <aico4> http://lpaste.net/96411 That was hard.
[Sat Nov 30 12:02:02 2013] <aico4> I've dumped my 0 = n + n -> n = 0 afterall.
[Sat Nov 30 14:05:15 2013] <aico4> How can i prove  m * S n = m + m * n ?
[Sat Nov 30 14:13:15 2013] <aico4> People?
[Sat Nov 30 14:16:44 2013] <lolcathost> aico4: What definition of * are you using? Pattern matching on the first argument?
[Sat Nov 30 14:26:46 2013] <aico4> lolcathost: Yep.
[Sat Nov 30 15:42:46 2013] <aico4> lolcathost: Is it possible to prove without changing definition of *?
[Sun Dec  1 06:12:29 2013] <aico4> Hello.
[Sun Dec  1 06:12:54 2013] <aico4> I have "rewrite mult_0_r. rewrite mult_0_r. rewrite mult_0_r. " in my proof. Is there a way rewrite all at once?
[Sun Dec  1 06:13:02 2013] <aico4> to rewrite*
[Sun Dec  1 06:16:40 2013] <defanor> aico4: you could write ';' instead of '.' after previous tactic, so 'rewrite mult_0_r' will be applied to everything which it'll yield
[Sun Dec  1 06:17:33 2013] <defanor> oh, sorry, did not get the question probably
[Sun Dec  1 06:18:15 2013] <defanor> maybe 'repeat' is what you want
[Sun Dec  1 06:18:55 2013] <defanor> like 'repeat (rewrite mult_0_r)'
[Sun Dec  1 06:23:26 2013] <aico4> defanor: Thank you. Repeat is great.
[Sun Dec  1 06:23:53 2013] <defanor> yw
[Sun Dec  1 09:08:16 2013] <robbert> aico4, defanor: rewrite !mult_0_r (to rewrite 1 ore more times), or rewrite ?mult_0_r (to rewrite 0 or more times) is the more idiomatic way of doing that
[Sun Dec  1 09:09:03 2013] <aico4> robbert: Thanks for tip.
[Sun Dec  1 16:06:20 2013] <Ptival> wow I totally ignored that :(
[Sun Dec  1 16:21:30 2013] <ianjneu> Ptival: ?
[Sun Dec  1 16:45:22 2013] <Ptival> the ! and ? modifiers for rewrite
[Mon Dec  2 10:37:28 2013] <Rc43> Hi, guys.
[Mon Dec  2 10:37:40 2013] <Rc43> Are there any coq-developers?
[Mon Dec  2 10:38:04 2013] <Rc43> I am trying to apply patch to coq, but it gives wrong behaviour.
[Mon Dec  2 10:38:18 2013] <Rc43> I tried to run test-suite (cd test-suite && make run)
[Mon Dec  2 10:38:25 2013] <Rc43> But I don't understand results.
[Mon Dec  2 10:38:46 2013] <Rc43> There is folder "failures", but seems that it means "expected failures".
[Mon Dec  2 10:38:55 2013] <Rc43> How to see errors?
[Mon Dec  2 10:43:10 2013] <ianjneu> that seems like a question for coq-club.
[Mon Dec  2 10:43:30 2013] <ianjneu> There is a dearth of documentation for this stuff :/
[Mon Dec  2 10:48:08 2013] <Rc43> ianjneu, mailing lists are quiet slow =/
[Mon Dec  2 10:49:21 2013] <ianjneu> Rc43: You'll get a response today I'm quite sure.
[Mon Dec  2 11:21:15 2013] <ianjneu> Rc43: gg
[Mon Dec  2 11:21:46 2013] <Rc43> ianjneu, received my mail? :)
[Mon Dec  2 11:22:00 2013] <ianjneu> yup.
[Mon Dec  2 14:56:32 2013] <aico4> Hello, is there something beyond `match' in function definition langauge(not sure what name iyt has)?
[Mon Dec  2 14:56:55 2013] <aico4> Something like `let' would nice to have.
[Mon Dec  2 14:57:12 2013] <ianjneu> let and fix are expression constructs
[Mon Dec  2 14:57:30 2013] <ianjneu> let (x,y) := a_pair in body.
[Mon Dec  2 14:57:48 2013] <ianjneu> fix is a nested fixpoint definition
[Mon Dec  2 14:58:06 2013] <aico4> ianjneu: Thanks, but where i can read about all possilbe syntax for function definition language?
[Mon Dec  2 14:58:33 2013] <ianjneu> http://coq.inria.fr/refman/Reference-Manual003.html
[Mon Dec  2 14:59:13 2013] <aico4> ianjneu: Ah, so it's called "Gallina", great, thank you.
[Mon Dec  2 14:59:26 2013] <ianjneu> Yup.
[Mon Dec  2 15:01:07 2013] <ianjneu> it means hen in Spanish.
[Mon Dec  2 15:34:46 2013] <aico4> http://vpaste.net/a3nFr How can if fix "Error: Cannot guess decreasing argument of fix." for remove_all?
[Mon Dec  2 15:34:57 2013] <aico4> s/if/i/
[Mon Dec  2 15:41:59 2013] <aico4> Well, i could copy-past remove_one definition and change on `match' branch a bit but if it possible to reuse remove_one?
[Mon Dec  2 15:46:19 2013] <ianjneu> What you're doing is generative recursion, not structural recursion. You have to prove to coq that remove_one always decreases in size.
[Mon Dec  2 15:46:40 2013] <ianjneu> See the reference manual for well-founded recursion.
[Mon Dec  2 16:02:24 2013] <aico4> ianjneu: Okay, thanks.
[Mon Dec  2 16:02:44 2013] <aico4> Is [] subset of [whatever]?
[Mon Dec  2 16:03:19 2013] <aico4> More pecifically is [] subset of [1,2,3]?
[Mon Dec  2 16:04:18 2013] <ianjneu> empty is a subset of all sets.
[Mon Dec  2 16:06:29 2013] <aico4> ianjneu: Cool.
[Mon Dec  2 16:09:46 2013] <aico4> "Write down an interesting theorem about bags involving the functions [count] and [add], and prove it." it's from SF.
[Mon Dec  2 16:09:53 2013] <aico4> Can you suggest something interesintg?
[Mon Dec  2 16:12:22 2013] <ianjneu> (count (add a b)) = (count a)+(count b) ?
[Mon Dec  2 16:17:03 2013] <aico4> ianjneu: He-he, "count" counts occurances of element in natlist and add just adds elment to head of list(x :: xs). :)
[Mon Dec  2 16:21:05 2013] <ianjneu> aico4: fine, make it forall v, (count v (add a b)) = (count v a) + (count v b).
[Mon Dec  2 16:23:44 2013] <aico4> ianjneu: "Definition add (v:nat) (s:bag) : bag := v :: s." Bag is natlist, it can't concat two lists but just add one element ot head (cons).
[Mon Dec  2 16:26:06 2013] <ianjneu> okay, so even simpler: count v (add v a) = S (count v a).
[Mon Dec  2 16:26:35 2013] <aico4> ianjneu: Oh, thanks, sounds interesting.
[Mon Dec  2 16:37:18 2013] <aico4> ianjneu: How do you think, does it porvable using only rewrite/induction/simpl/reflexevity tactics?
[Mon Dec  2 16:44:11 2013] <aico4> http://vpaste.net/gnRv4 I wonder why it's not reflexive?
[Mon Dec  2 16:44:22 2013] <aico4> n n are obviously equal.
[Mon Dec  2 16:46:08 2013] <ystael> aico4: you need a lemma to reduce beq_nat n n to true.
[Mon Dec  2 16:46:14 2013] <aico4> I guess i have to prove that to.
[Mon Dec  2 16:46:19 2013] <aico4> ystael: Yeah.
[Mon Dec  2 16:46:47 2013] <ystael> if you've been going through SF up to this point, you should have that lemma already.
[Mon Dec  2 16:49:18 2013] <aico4> ystael: Indeed, just found it.
[Mon Dec  2 16:50:07 2013] <aico4> And having that "count v (add v a) = S (count v a)" easy as "intros.  simpl. rewrite <- beq_nat_refl. reflexivity." . :)
[Mon Dec  2 16:53:18 2013] <aico4> Thank you guys!
[Tue Dec  3 04:46:12 2013] <pchrist> hi guys, is there any ETA regarding a V8.4pl3 that will include the trivial fix for gnumake 4.0 bug (id 3137) or shall I apply a  gentoo based patch for the time being as it started hitting our users?
[Tue Dec  3 05:04:35 2013] <sgnb> good question
[Tue Dec  3 05:17:37 2013] <robbert> pchrist: coqdev@inria.fr is probably a better place to ask
[Tue Dec  3 13:51:07 2013] <aico4> Hello.
[Tue Dec  3 13:51:19 2013] <aico4> Trying to prove rev (rev l) = l.
[Tue Dec  3 13:52:07 2013] <aico4> Inudcing on l. When l = [] it's simple - reflexivity.
[Tue Dec  3 13:52:26 2013] <aico4> When it's x :: xs - i don't know.
[Tue Dec  3 13:52:30 2013] <aico4> Any hints?
[Tue Dec  3 13:53:54 2013] <ystael> aico4: it should go fairly straightforwardly from the earlier lemma rev_snoc
[Tue Dec  3 13:56:18 2013] <aico4> ystael: http://www.cis.upenn.edu/~bcpierce/sf/Lists.html There is no rev_snoc. I'll try to define it. What does it states?
[Tue Dec  3 13:56:37 2013] <aico4> snoc (rev xs) x = rev (x :: xs) ?
[Tue Dec  3 13:57:42 2013] <ystael> aico4: hm, I thought that was in the text, but I guess I just added that myself :)
[Tue Dec  3 13:58:41 2013] <ystael> try to find an equation about what you get in the inductive hypothesis
[Tue Dec  3 13:59:39 2013] <ystael> what you gave might work, though it's not what i used
[Tue Dec  3 14:00:53 2013] <aico4> ystael: I don't think "snoc (rev xs) x = rev (x :: xs) " will give me something usefull because coq just simplified rev (x :: xs) to snoc (rev xs) x.
[Tue Dec  3 14:01:18 2013] <aico4> ystael: What equation do you mean? What i get in the induction hypothesis?
[Tue Dec  3 14:06:19 2013] <aico4> ystael_: IHl : rev (rev l) = l this is my inductive hypothesis.
[Tue Dec  3 14:06:26 2013] <aico4> So it's basically a goal.
[Tue Dec  3 14:06:45 2013] <Anarchos> ystael_ try "destruct l"
[Tue Dec  3 14:06:59 2013] <Anarchos> ystael_ it applies the basis cases of the type
[Tue Dec  3 14:08:50 2013] <aico4> http://vpaste.net/D8i8s Thats what i have so far.
[Tue Dec  3 14:09:28 2013] <aico4> Anarchos: Is destruct the same as induction but without hypothesis?
[Tue Dec  3 14:11:51 2013] <aico4> After simpl i got "   rev (snoc (rev l) n) = n :: l"
[Tue Dec  3 14:12:35 2013] <Anarchos> aico4 yes it is
[Tue Dec  3 14:17:00 2013] <aico4> Anarchos: Do you mean i need to perform induction and then destruct on l?
[Tue Dec  3 14:22:58 2013] <Anarchos> aico4 no : either induction, or destruct l. It is the same
[Tue Dec  3 14:23:51 2013] <aico4> Anarchos: It's not.
[Tue Dec  3 14:24:06 2013] <aico4> Induction gives hypothesis, destruct does not.
[Tue Dec  3 14:26:54 2013] <ianjneu> rev (app x y) = app (rev y) (rev x)
[Tue Dec  3 14:27:34 2013] <Anarchos> ianjneu yes it is true.
[Tue Dec  3 14:28:03 2013] <ianjneu> does SF's rev use snoc or app?
[Tue Dec  3 14:29:18 2013] <ianjneu> snoc l a = app l (list a) so the lemma simplifies to rev (snoc x a) = a :: (rev x)
[Tue Dec  3 14:30:02 2013] <ianjneu> (list a) meaning (a :: nil). I've been programming in Racket for a long time now. Worlds colliding.
[Tue Dec  3 15:06:07 2013] <Anarchos> ianjneu did you take into account that a::nil is written [a] in coq, as in ocaml ?
[Tue Dec  3 15:23:51 2013] <ianjneu> Anarchos: I've given up on syntax, as is evident by my Racket use.
[Wed Dec  4 06:53:26 2013] <Rc43> Hi, guys.
[Wed Dec  4 06:54:05 2013] <Rc43> Anybody know how to disable "import qualified Prelude" in extraction of haskell code from coq?
[Wed Dec  4 06:54:09 2013] <Rc43> *knows
[Wed Dec  4 09:40:49 2013] <roosbeef> whats an FSet
[Wed Dec  4 09:48:56 2013] <notdan> finite set
[Wed Dec  4 09:49:48 2013] <notdan> now replaced with MSet apparenttly http://coq.inria.fr/distrib/current/stdlib/Coq.MSets.MSets.html
[Wed Dec  4 09:55:28 2013] <roosbeef> is there a function to decide equality between elements of a set?
[Wed Dec  4 09:55:33 2013] <roosbeef> (of an arbitrary set, that is)
[Wed Dec  4 09:56:15 2013] <roosbeef> i dont want to have to match a, b with some huge list of a, a => true | b, b => true | c, c => true | etc..
[Wed Dec  4 09:59:22 2013] <notdan> hm I think there can be one for finite sets
[Wed Dec  4 09:59:44 2013] <notdan> I haven't used FSets/MSets thought. There is no such thing for Ensembles, strangely
[Wed Dec  4 10:00:39 2013] <notdan> there is http://coq.inria.fr/distrib/current/stdlib/Coq.MSets.MSetDecide.html
[Wed Dec  4 10:04:59 2013] <roosbeef> not using FSet or MSet actually :p i dont know how to use them, all those libraries confuse me
[Wed Dec  4 10:05:23 2013] <roosbeef> for Set though, is there an equality decider function?
[Wed Dec  4 10:42:32 2013] <roosbeef> is there a function to fill this gap?
[Wed Dec  4 10:42:49 2013] <roosbeef> Lemma beq_symb_ok : forall f g : fletter, some_function f g = true <-> f = g.
[Wed Dec  4 10:43:02 2013] <roosbeef> (the gap here being 'some_function')
[Wed Dec  4 10:44:17 2013] <ianjneu> what's this?
[Wed Dec  4 10:44:21 2013] <roosbeef> haha
[Wed Dec  4 10:44:25 2013] <roosbeef> hello ianjneu
[Wed Dec  4 10:44:39 2013] <roosbeef> im working on term rewriting
[Wed Dec  4 10:44:58 2013] <roosbeef> trying to get a simple base off the ground using CoLoR (a library on term rewriting)
[Wed Dec  4 10:45:54 2013] <roosbeef> i want to use an arbitrary set as a datatype
[Wed Dec  4 10:46:07 2013] <roosbeef> to define the signature, a decidable equality function is required
[Wed Dec  4 10:47:22 2013] <roosbeef> since i want to use an arbitrary (finite) Set, i cant define an explicit function like match f, g with a, a => true | b, b => true | c, c => true | ... | _, _ => false end.
[Wed Dec  4 10:48:01 2013] <ianjneu> It tends to be easier to use the decide equality tactic and derive the boolean function from that.
[Wed Dec  4 10:48:24 2013] <roosbeef> the decidable equality tactic being eq_dec?
[Wed Dec  4 10:48:41 2013] <ianjneu> Definition fletter_dec_eq : forall f g : fletter, {f = g}+{f <> g}. repeat decide equality. Defined.
[Wed Dec  4 10:49:32 2013] <ianjneu> Then Definition flatter_beq (f g : fletter) := if flatter_dec_eq f g then true else false.
[Wed Dec  4 10:49:50 2013] <ianjneu> fletter_beq*
[Wed Dec  4 10:53:25 2013] <roosbeef> not working
[Wed Dec  4 10:53:25 2013] <roosbeef> https://privatepaste.com/a6ae7040db
[Wed Dec  4 10:54:09 2013] <ianjneu> oh, you have an arbitrary type in an fletter.
[Wed Dec  4 10:54:20 2013] <roosbeef> yea thats probably why
[Wed Dec  4 10:54:40 2013] <ianjneu> how about you make fletter take a decidable type?
[Wed Dec  4 10:54:53 2013] <roosbeef> isnt Set a decidable type?
[Wed Dec  4 10:55:03 2013] <ianjneu> not at all.
[Wed Dec  4 10:55:11 2013] <roosbeef> why not
[Wed Dec  4 10:55:13 2013] <roosbeef> its finite
[Wed Dec  4 10:55:15 2013] <roosbeef> i thought?
[Wed Dec  4 10:55:25 2013] <ianjneu> Nope. Set = Type_0
[Wed Dec  4 10:55:42 2013] <roosbeef> i would use FSet if i had any idea of how that worked
[Wed Dec  4 10:55:44 2013] <ianjneu> It's an arbitrary type of data, which can contain functions etc.
[Wed Dec  4 10:56:21 2013] <ianjneu> MSets are the preferred container now, I think.
[Wed Dec  4 10:56:35 2013] <roosbeef> CoLoR still uses FSet i think
[Wed Dec  4 10:56:56 2013] <roosbeef> how do i refer to an FSet? What libraries do i need to Require Import?
[Wed Dec  4 10:57:16 2013] <ianjneu> FSetInterface
[Wed Dec  4 10:57:17 2013] <roosbeef> is there some online (simple) example of FSet being applied?
[Wed Dec  4 10:57:33 2013] <ianjneu> and probably FSetDecide
[Wed Dec  4 10:58:00 2013] <ianjneu> ya, there are instantiations to different implementations, using lists and AVL trees.
[Wed Dec  4 10:58:24 2013] <roosbeef> for an alphabet-like set
[Wed Dec  4 10:58:34 2013] <roosbeef> which would be appropriate
[Wed Dec  4 10:58:48 2013] <roosbeef> just unordered lists i guess?
[Wed Dec  4 10:58:57 2013] <ianjneu> ya
[Wed Dec  4 10:59:17 2013] <ianjneu> There should be a list->set function I think.
[Wed Dec  4 11:00:05 2013] <ianjneu> ya, you can just fold add over a set with empty as a base case.
[Wed Dec  4 11:00:12 2013] <ianjneu> over a list*
[Wed Dec  4 11:00:56 2013] <roosbeef> sounds good
[Wed Dec  4 11:01:09 2013] <roosbeef> whats the 'type' of the resulting set, though?
[Wed Dec  4 11:04:28 2013] <roosbeef> i can sort of understand the mechanics behind these libraries, but its often unclear to me what elements these are actually applied to
[Wed Dec  4 11:04:31 2013] <ianjneu> Well, you will have a module FLetterSet := FSetWeakList.Make Fletter_as_decidable_type. The type of the set will be FLetterSet.t
[Wed Dec  4 11:05:08 2013] <roosbeef> hm
[Wed Dec  4 11:05:10 2013] <ianjneu> Fletter_as_decidable_type is a shim module you'll have to make with the Decidable_Type signature.
[Wed Dec  4 11:05:23 2013] <ianjneu> Er, no underscore.
[Wed Dec  4 11:05:46 2013] <ianjneu> Coq modules and functors are annoying. I'd much rather have units.
[Wed Dec  4 11:05:57 2013] <roosbeef> :p
[Wed Dec  4 11:06:01 2013] <roosbeef> yea i dont like modules either
[Wed Dec  4 11:06:12 2013] <roosbeef> although im not sure what functors or units are haha
[Wed Dec  4 11:07:11 2013] <ianjneu> functors are essentially functions from modules to modules that can (in Coq) expose certain abstract types as being definitionally equal to types its instantiating with.
[Wed Dec  4 11:07:35 2013] <ianjneu> But they're second class, so they can't take functors as values.
[Wed Dec  4 11:07:58 2013] <roosbeef> hm
[Wed Dec  4 11:09:48 2013] <ianjneu> exposing those equalities is rather important to make things work, actually.
[Wed Dec  4 11:10:56 2013] <roosbeef> hm
[Wed Dec  4 11:16:16 2013] <roosbeef> ok i should definitely look into this
[Wed Dec  4 11:16:25 2013] <roosbeef> its starting to make more sense
[Wed Dec  4 11:16:35 2013] <roosbeef> thanks ianjneu
[Wed Dec  4 11:17:48 2013] <ianjneu> n/p
[Wed Dec  4 13:45:28 2013] <aico4> Hello.
[Wed Dec  4 13:45:41 2013] <aico4> Still trying to prove  rev (rev l) = l.
[Wed Dec  4 13:51:12 2013] <notdan> hi
[Wed Dec  4 13:52:05 2013] <aico4> http://vpaste.net/A2MmU Still at same spot.
[Wed Dec  4 13:52:13 2013] <aico4> What can i prove to help myself?
[Wed Dec  4 13:52:14 2013] <notdan> aico4: are you doing software foundation exercises?
[Wed Dec  4 13:52:19 2013] <aico4> notdan: Yep.
[Wed Dec  4 13:52:36 2013] <notdan> Have you proved the rev_snoc theorem?
[Wed Dec  4 13:52:41 2013] <notdan>   rev (snoc l n) = cons n (rev l).
[Wed Dec  4 13:53:38 2013] <aico4> notdan: Nope, thanks for hint, i'll try to prove it now.
[Wed Dec  4 14:11:50 2013] <aico4> Yay, proved rev_involutive!
[Wed Dec  4 14:12:01 2013] <aico4> notdan: Thank you for hint.
[Wed Dec  4 14:12:31 2013] <aico4> notdan: How did you came up with idea that you need exact that rewrite?
[Wed Dec  4 14:19:18 2013] <aico4> I mean, i'm interested in your thought flow on that theorem. I'm really new to theorem proving of any sort so maybe i'm just thinking in a wrong way...
[Wed Dec  4 14:30:32 2013] <aico4> WOW, i proved distr_rev by my self!
[Wed Dec  4 14:30:43 2013] <aico4> Feels good.
[Wed Dec  4 14:47:33 2013] <aico4> "Write down a non-trivial theorem involving [cons] ([::]), [snoc], and [app] ([++])."
[Wed Dec  4 14:47:38 2013] <aico4> Can you suggest one?
[Wed Dec  4 14:50:36 2013] <robbert`> aico4: the correctness of some sorting algorith? Stuff about permutations?
[Wed Dec  4 14:55:00 2013] <aico4> robbert`: Nah, it's too hard, i haven't even seen any sorting algo or permuations in coq.
[Wed Dec  4 14:56:55 2013] <Ptival> a ++ b :: c = (snoc a b) ++ c
[Wed Dec  4 14:58:51 2013] <aico4> Ptival: Both arguments of ++ must be natlists and first argument of snoc must be natlist and second must be nat.
[Wed Dec  4 14:59:30 2013] <aico4> Ah a ++ (b :: c) = (snoc a b) ++ c
[Wed Dec  4 14:59:37 2013] <Ptival> yes
[Wed Dec  4 15:01:16 2013] <Anarchos> a++ (cons b c) = (snoc a b) ++ c
[Wed Dec  4 15:01:25 2013] <aico4> Ptival: Cool, i'll try to prove it.
[Wed Dec  4 15:01:56 2013] <aico4> Anarchos: Same as Ptival's theorem. :)
[Wed Dec  4 15:02:14 2013] <Anarchos> aico4 yes soory
[Wed Dec  4 15:07:22 2013] <aico4> http://vpaste.net/Bz347 Proved. :)
[Wed Dec  4 15:19:47 2013] <notdan> aico4: I don't remeber! I think that theorem was given in the hint in SF
[Wed Dec  4 15:19:57 2013] <notdan> I just have it in my Lists.v file
[Wed Dec  4 15:20:21 2013] <Anarchos> aico4 that is one easy of SF
[Wed Dec  4 15:29:01 2013] <aico4> notdan: Wow, i gues they changed Lists.v since then because it's not there now,
[Wed Dec  4 15:41:57 2013] <ianjneu> aico4: ACL2 has heuristics that can prove rev-rev from scratch. Particularly it proves the rev_snoc theorem automatically. Following "the method" as they call it, you end up in certain proof states where you get stuck. You think, why am I stuck? What doesn't it see? And after some thinking you can come up with such lemmas.
[Wed Dec  4 15:57:34 2013] <aico4> ianjneu: Thank you for sharing.
[Thu Dec  5 09:16:20 2013] <roosbeef> trying to declare a FSetWeakList
[Thu Dec  5 09:17:35 2013] <roosbeef> https://privatepaste.com/a4ade5ce98
[Thu Dec  5 09:17:44 2013] <roosbeef> ^ not working
[Thu Dec  5 09:18:27 2013] <roosbeef> what exactly does FSetWeakList.Make expect?
[Thu Dec  5 09:18:44 2013] <roosbeef> that Module E := X confuses me a bit http://coq.inria.fr/library/Coq.FSets.FSetWeakList.html
[Thu Dec  5 09:28:26 2013] <notdan> roosbeef: I don't know the answer, but if you figure the way to easily handle sets like that please do tell me :)
[Thu Dec  5 09:44:26 2013] <roosbeef> notdan, found a working example here http://robbertkrebbers.nl/research/gammainf/gammainf.v
[Thu Dec  5 09:44:47 2013] <roosbeef> modified Var_as_UDT to suit my purpose
[Thu Dec  5 09:44:49 2013] <roosbeef> seems to work
[Thu Dec  5 12:14:56 2013] <aico4> Hello.
[Thu Dec  5 12:16:23 2013] <aico4> I'm trying to prove http://vpaste.net/9Oe1a, am i on right track?
[Thu Dec  5 12:16:31 2013] <aico4> Just a bit stuck, hints appreciated.
[Thu Dec  5 12:19:01 2013] <ystael> aico4: try backing out of that last 'simpl'
[Thu Dec  5 12:22:22 2013] <aico4> ystael: It gives me "   ble_nat (count 0 (remove_one 0 (S n :: s))) (count 0 (S n :: s)) = true" under ======= line.
[Thu Dec  5 12:23:41 2013] <ystael> oh
[Thu Dec  5 12:23:51 2013] <ystael> so, the problem is that you used `induction n`
[Thu Dec  5 12:24:05 2013] <ystael> this isn't actually an induction on n; the only thing you care about is whether n is zeor
[Thu Dec  5 12:24:31 2013] <ystael> there's a different tactic you can use there that will give you better rewrites
[Thu Dec  5 12:25:54 2013] <aico4> ystael: I wonder which one? All tactics i know so far are: destruct/induction, simpl, rewrite, compute, intros, replace, assert.
[Thu Dec  5 12:26:35 2013] <ystael> what do you use to discriminate - only to discriminate - between "n = zero" and "n = S n'"
[Thu Dec  5 12:27:50 2013] <aico4> ystael: Right, and it corners me after i prove "n = zero" case.
[Thu Dec  5 12:28:46 2013] <ystael> Try simpl before destruct n rather than after
[Thu Dec  5 12:31:00 2013] <aico4> http://vpaste.net/9Fot5
[Thu Dec  5 12:31:43 2013] <ystael> and what is your inductive hypothesis IHs?
[Thu Dec  5 12:31:51 2013] <ystael> (Look up fold/unfold tactics, they may help you here)
[Thu Dec  5 12:32:33 2013] <aico4> http://vpaste.net/MzNOl
[Thu Dec  5 12:33:12 2013] <aico4> ystael: But i haven't encountered fold/unfold yet in book, does it mean that there should be the way to prove it without fold/unfold?
[Thu Dec  5 12:33:26 2013] <ystael> so, now you need to discriminate on n = 0 or not, try doing that with destruct rather than induction.
[Thu Dec  5 12:33:54 2013] <ystael> that should make the `beq_nat n 0` in those matches fall out.
[Thu Dec  5 12:35:12 2013] <ystael> Just because fold/unfold isn't in the book yet doesn't mean you can't use them to explore :)
[Thu Dec  5 12:36:40 2013] <aico4> " destruct n. simpl. rewrite ble_n_Sn. reflexivity." after last simpl, leaves me with exact same thing in my first paste(without IHn though).
[Thu Dec  5 12:37:37 2013] <ystael> aha
[Thu Dec  5 12:38:02 2013] <ystael> no, nevermind
[Thu Dec  5 12:40:29 2013] <ystael> I'm confused because I have a working proof for this that looks more or less exactly like yours
[Thu Dec  5 12:41:23 2013] <ystael> so I'm confused why yours doesn't work
[Thu Dec  5 12:41:33 2013] <ianjneu> aico4 uses member.
[Thu Dec  5 12:41:48 2013] <ianjneu> which is wasteful since you end up traversing the list anyway.
[Thu Dec  5 12:42:11 2013] <aico4> ianjneu: Ah, so i messed up count implementation?
[Thu Dec  5 12:42:13 2013] <ianjneu> If you write remove_one more directly, the induction hypothesis is exactly the goal.
[Thu Dec  5 12:42:15 2013] <ystael> oh, your definition of remove_one
[Thu Dec  5 12:43:39 2013] <ianjneu> from scratch: http://vpaste.net/UY1M3
[Thu Dec  5 12:44:20 2013] <aico4> ianjneu: Thanks!
[Thu Dec  5 15:21:49 2013] <Rc43> Hello.
[Thu Dec  5 15:22:14 2013] <Rc43> Am I right that plugins bind dynamically to Coq? Is there way to bind them statically?
[Thu Dec  5 15:27:36 2013] <ianjneu> Rc43: I don't know. Are you having performance problems or something.
[Thu Dec  5 15:27:40 2013] <ianjneu> ?*
[Thu Dec  5 15:28:34 2013] <Rc43> ianjneu, trying to debug that issue with failed test on patch appliance (I asked about test-suite some days ago)
[Thu Dec  5 15:28:51 2013] <Rc43> ianjneu, seems that some modules aren't loaded in debugger due to dynamic binding
[Thu Dec  5 15:29:13 2013] <Rc43> ianjneu, not sure how debugger works with dynamic libs
[Thu Dec  5 15:29:42 2013] <ianjneu> ah.
[Thu Dec  5 15:35:34 2013] <Rc43> But seems that problem is not in plugins. Dynamic libs should work in debugger the same way as static; and I can't set breakpoint to other functions, too.
[Thu Dec  5 18:40:06 2013] <yfyf> uhm, I guess a lot of people here are using Coq with Emacs+Proof General. Stupid question, but how do you indent a line twice? I only seem to be able to indent once using <TAB>
[Thu Dec  5 18:40:16 2013] <ezyang> "mash the space key"
[Thu Dec  5 18:40:37 2013] <yfyf> ugh
[Thu Dec  5 18:40:57 2013] <ezyang> honestly, you should just use PG's indentation
[Thu Dec  5 18:41:37 2013] <yfyf> but it doesn't seem to work well in e.g. proof scripts
[Thu Dec  5 18:41:51 2013] <ezyang> "Use more ltac definitions" ;)
[Thu Dec  5 18:42:07 2013] <yfyf> I would like to indent cases for example
[Thu Dec  5 18:59:45 2013] <Ptival> I indent manually...
[Thu Dec  5 19:00:11 2013] <Ptival> because pg's indentation frustrates me so much, and the el script is just too messy to fix :(
[Thu Dec  5 19:28:04 2013] <yfyf> yeah, it seems the state of the whole thing is rather messy
[Fri Dec  6 00:11:24 2013] <ezyang> What's the preferred method for proving properties about programs that manipulate linked lists right now?
[Fri Dec  6 00:11:33 2013] <ezyang> (something as simple as removing an element from a list)
[Fri Dec  6 05:26:23 2013] <Rc43> Hello.
[Fri Dec  6 06:40:12 2013] <notdan_> Hi
[Fri Dec  6 20:04:19 2013] <ianjneu> Trying to find the right way to prove a::b <> b for b some list. Surprised how I can't do this.
[Fri Dec  6 20:08:41 2013] <copumpkin> I can tell you how I'd do it in Agda, if it didn't have the magic knowledge that that's true built into it :)
[Fri Dec  6 20:08:48 2013] <jgross> ianjneu: Try doing it by induction on b 
[Fri Dec  6 20:09:25 2013] <jgross> Coq knows that a::[] <> [] (by inversion or congruence or something). 
[Fri Dec  6 20:10:34 2013] <Saizan> copumpkin: the magic "occurs check" :)
[Fri Dec  6 20:10:54 2013] <jgross> Actually, better way: Show that length a::b = S (length b). 
[Fri Dec  6 20:10:59 2013] <ianjneu> I can do the base case simply, yes.
[Fri Dec  6 20:11:14 2013] <ianjneu> ah, length. Yes, that should work.
[Fri Dec  6 20:11:25 2013] <jgross> Then prove that x <> S x, and use that fact that a = b -> f a = f b to finish. 
[Fri Dec  6 20:12:23 2013] <ianjneu> mmhmm
[Fri Dec  6 20:12:59 2013] <jgross> Copumkin, Saizan: Does that work in agda without K?  I feel like it contradicts HITs, e.g., if you have Zmod2 with O and S and S (S O) = O. 
[Fri Dec  6 20:13:48 2013] <ianjneu> worked.
[Fri Dec  6 20:16:24 2013] <Saizan> jgross: it doesn't without K
[Fri Dec  6 20:16:37 2013] <Saizan> K is so nice
[Fri Dec  6 20:25:12 2013] <ianjneu> I have an s-exp ish type that I can't get the right proof of decidable equality for. It's so frustrating.
[Fri Dec  6 20:47:20 2013] <jgross> Saizan: But K breaks HoTT.  I want K, but only for my hSets. 
[Fri Dec  6 20:48:19 2013] <jgross> ianjneu: Is it defined inductively?  Can you just use the "decide equality" tactic on the goal "forall x y : s-exp, {x = y} + {x <> y}" or something? 
[Fri Dec  6 21:06:12 2013] <ianjneu> jgross: doesn't work for the "list of thing I'm trying to decide equality for" case.
[Fri Dec  6 23:15:16 2013] <uucico> i'm trying to learn how to prove things in Coq, and i'm trying to prove a seemingly simple lemma: "exists L : list nat, In 0 L".  the econstructor tactic gets me past the exists, but i would like to just tell coq about an example L that satisfies the exists.  what tactic lets me do this?  (or what else do i do here?)
[Fri Dec  6 23:17:07 2013] <Cale> apply?
[Fri Dec  6 23:22:54 2013] <Cale> uucico: Try  exists (cons 0 nil)  for the existential.
[Fri Dec  6 23:23:41 2013] <Cale> and then you just have to prove In 0 (cons 0 nil), which is pretty easy.
[Fri Dec  6 23:25:24 2013] <uucico> ah, thanks!  the "exists" tactic is what i was looking for.  now i will try to figure out how to prove "In 0 (cons 0 nil)".
[Fri Dec  6 23:25:39 2013] <uucico> and "constructor" seems to prove it.  cool.
[Fri Dec  6 23:25:40 2013] <Cale> (Hint, do simpl first)
[Fri Dec  6 23:25:43 2013] <Cale> yeah
[Fri Dec  6 23:25:52 2013] <Cale> Or left
[Sat Dec  7 15:19:51 2013] <aico4> Hello.
[Sat Dec  7 15:20:48 2013] <aico4> Got to the MoreCoq chapter. Just wondering, why contradictory things are proven so easily, isn't it wrong?
[Sat Dec  7 15:21:10 2013] <aico4> E.g http://vpaste.net/zi2pi .
[Sat Dec  7 15:21:37 2013] <aico4> Why is it being accpeted by coq?
[Sat Dec  7 15:21:37 2013] <copumpkin> not wrong at all
[Sat Dec  7 15:21:42 2013] <notdan_> It's not wrong
[Sat Dec  7 15:21:45 2013] <copumpkin> if you assume impossible things, you can do impossible things
[Sat Dec  7 15:21:52 2013] <notdan_> if you assume that 1 = 0 you can prove anything
[Sat Dec  7 15:21:52 2013] <notdan_> eh
[Sat Dec  7 15:22:04 2013] <copumpkin> http://en.wikipedia.org/wiki/Principle_of_explosion
[Sat Dec  7 15:22:39 2013] <aico4> Ah, got it. Thanks.
[Sat Dec  7 15:22:55 2013] <sgnb> I think the real question is why 1 = 0 is contradictory
[Sat Dec  7 15:23:10 2013] <notdan_> Because of the way nats are defined
[Sat Dec  7 15:23:33 2013] <aico4> sgnb: Different contructors.
[Sat Dec  7 15:23:56 2013] <sgnb> aico4: ah, I was going to explain that but you already know
[Sat Dec  7 15:24:11 2013] <copumpkin> (all constructors are injective)
[Sat Dec  7 15:24:28 2013] <sgnb> this is different from injectivity of constructors
[Sat Dec  7 15:24:52 2013] <aico4> Different constructors are disjoint.
[Sat Dec  7 15:24:53 2013] <notdan_> hm, how so? I am intrigued
[Sat Dec  7 15:25:04 2013] <sgnb> different constructors are disjoint
[Sat Dec  7 15:25:08 2013] <sgnb> contructors are injective
[Sat Dec  7 15:25:21 2013] <sgnb> these are two different properties of constructors in Coq
[Sat Dec  7 15:25:51 2013] <notdan_> wait, what does even injectivity mean in the presence of constructors like O : nat
[Sat Dec  7 15:25:52 2013] <notdan_> ?
[Sat Dec  7 15:26:01 2013] <sgnb> nothing
[Sat Dec  7 15:26:06 2013] <sgnb> but S n = S p -> n = p
[Sat Dec  7 15:26:29 2013] <notdan> OK. I see
[Sat Dec  7 15:26:30 2013] <notdan> thanks
[Sat Dec  7 15:26:32 2013] <copumpkin> one interesting exercise is proving that 1 != 0 "from first principles"
[Sat Dec  7 15:30:26 2013] <aico4> |- = -> right?
[Sat Dec  7 15:32:05 2013] <aico4> Not in coq but in general one can write S n = S p |- n = p, right?
[Sat Dec  7 15:35:24 2013] <aico4> "|-" - entailment.
[Sat Dec  7 15:35:33 2013] <aico4> http://en.wikipedia.org/wiki/Logical_consequence
[Sat Dec  7 15:39:02 2013] <notdan> Yeah.. Kinda. I would say an equivalent of A1,A2,.. |- f in Coq would be 'Axiom A1. Axiom A2. .. . Theorem f ..'
[Sat Dec  7 15:39:13 2013] <notdan> => is more like an internalization of |-
[Sat Dec  7 15:50:18 2013] <aico4> Uh, a bit confused by inversion. http://vpaste.net/fIJWB That subgoal i inculded is a state of proof right before inversion was applied.
[Sat Dec  7 15:50:30 2013] <aico4> How iversion proves that goal?
[Sat Dec  7 16:00:52 2013] <aico4> I mean that proof is perfectly accpeted by coq but i don't see how inversion did proved that last goal...
[Sat Dec  7 16:04:04 2013] <Ptival> aico4: your hypothesis H's type reduces to "false = true"
[Sat Dec  7 16:05:46 2013] <aico4> Ptival: Does it mean that induction was a wrong step?
[Sat Dec  7 16:06:54 2013] <Ptival> aico4: no not at all
[Sat Dec  7 16:10:11 2013] <Ptival> you could have gone with just 'destruct' though, since you won't need the induction hypothesis
[Sat Dec  7 16:10:15 2013] <aico4> Ptival: So proving that theorem though "false = true" was okay? Sorry for silly questions.
[Sat Dec  7 16:15:45 2013] <Ptival> aico4: aico4 your proof goes by case analysis on the structure of n
[Sat Dec  7 16:16:04 2013] <Ptival> when n is equal to zero, the goal is trivially true
[Sat Dec  7 16:17:05 2013] <aico4> Ptival: But when n is S n' then there is contradiction.
[Sat Dec  7 16:18:00 2013] <aico4> Maybe there is a way to tell coq that that is impossible case and with assumtion "beq_nat 0 n = true" it is impossible to have S n'.
[Sat Dec  7 16:18:03 2013] <aico4> ?
[Sat Dec  7 16:20:19 2013] <Ptival> when n is not equal to zero, your hypothesis is a contradiction
[Sat Dec  7 16:20:52 2013] <Ptival> so you can invert it to defer the goal
[Sat Dec  7 16:23:56 2013] <aico4> Ptival: Is there tactic for explicitly stating that hypothesis is contradiction and it's impossible case? I tried "contradiction H" but got "Error: Not a contradiction.".
[Sat Dec  7 16:27:53 2013] <Ptival> aico4: there's many tactics that would work
[Sat Dec  7 16:28:54 2013] <aico4> Ptival: Which ones for example?
[Sat Dec  7 16:31:12 2013] <notdan> inversion for example
[Sat Dec  7 16:31:40 2013] <notdan> you can also try unfolding beq_nat and simplifying things in H, and only then applying a contradiction tactic
[Sat Dec  7 16:32:27 2013] <notdan> I think... but the inversion tactic is a perfectly fine one
[Sat Dec  7 16:35:15 2013] <Ptival> one is named "congruence"
[Sat Dec  7 16:42:42 2013] <aico4> notdan: simpl in H, simplifies hypothesis to false = true. But okay. thank you guys, got it. Just confused that there is no tactic for expressive .... expression of impossible cases like "()" in agda.
[Sat Dec  7 16:49:41 2013] <Ptival> aico4: inversion on the unfeasible argument is sort of like () in Agda...
[Sat Dec  7 17:03:02 2013] <aico4> Ptival: Understood, thanks!
[Sun Dec  8 02:32:52 2013] <notdan> Hm agda is weird
[Sun Dec  8 02:32:59 2013] <notdan> I'd think that () is a unit type :S
[Mon Dec  9 04:01:30 2013] <uucico> i'm trying to prove something by considering two cases: whether or not the length of a list is >= n.  i naively tried "case_eq (gt (length l) n)", but gt produces a Prop rather than bool, and case_eq doesn't work on non-inductive things.  what's the right way of doing this?
[Mon Dec  9 04:22:44 2013] <uucico> ah, it looks like i have to state an excluded_middle axiom, and then destruct (excluded_middle Prop)..
[Mon Dec  9 04:48:52 2013] <uucico> and for nat in particular, it seems like i don't need excluded_middle; i can just destruct (Coq.Arith.Bool_nat.nat_gt_le_bool ...).
[Mon Dec  9 06:47:44 2013] <roosbeef> hi
[Mon Dec  9 06:48:08 2013] <roosbeef> how can i refer to a component of an inductive definition inside the definition itself?
[Mon Dec  9 06:49:17 2013] <roosbeef> eg. https://privatepaste.com/61158e3bfc
[Mon Dec  9 06:50:21 2013] <roosbeef> x should here be the result of applying a function f to that 'S1.Sig' part
[Mon Dec  9 06:59:12 2013] <roosbeef> nm :)
[Mon Dec  9 10:52:42 2013] <uucico> when i do "apply some_lemma in H", H changes based on what some_lemma said.  i'd like to keep the original H around.  how can i duplicate a hypothesis before apply, or get apply to not modify H in-place?
[Mon Dec  9 11:00:11 2013] <defanor> uucico: it's possible to do via assume, but there was some better (shorter/cleaner) way, maybe it was 'remember'
[Mon Dec  9 11:01:23 2013] <defanor> *via 'assert', not 'assume'
[Mon Dec  9 11:02:36 2013] <uucico> ah, indeed, remember does what i want.  thanks!
[Mon Dec  9 11:03:26 2013] <defanor> yw
[Tue Dec 10 13:10:09 2013] <ianjneu> I can't seem to abstract over a substitution in Ltac, e.g. Ltac foo k := apply inv with (arg := k).
[Tue Dec 10 13:10:19 2013] <ianjneu> What's the right way to do this
[Tue Dec 10 13:47:38 2013] <jgross> ianjneu: That works fine for me:
[Tue Dec 10 13:47:38 2013] <jgross> Axiom inv : forall arg : Type, arg * arg -> arg.
[Tue Dec 10 13:47:38 2013] <jgross> Ltac foo k := apply inv with (arg := k).
[Tue Dec 10 13:47:38 2013] <jgross> Goal nat.
[Tue Dec 10 13:47:38 2013] <jgross>   foo nat.
[Tue Dec 10 13:47:38 2013] <jgross> What problem are you having? 
[Tue Dec 10 14:18:06 2013] <ianjneu> jgross: I switched to apply (inv (arg := k) and got the right behavior, oddly.
[Tue Dec 10 14:18:14 2013] <ianjneu> (inv (arg := k)) *
[Tue Dec 10 14:31:35 2013] <aico4> Hello.
[Tue Dec 10 14:38:26 2013] <ianjneu> hi
[Tue Dec 10 14:51:15 2013] <aico4> Having hard time proving http://vpaste.net/rdWzK , could you please give me some hints?
[Tue Dec 10 15:06:16 2013] <ianjneu> prove n + S m = S (n + m) as a lemma.
[Tue Dec 10 15:12:16 2013] <notdan> aico4: I think the use of induction on m. here is not appropriate
[Tue Dec 10 15:12:39 2013] <notdan> Look at the induction hypothesis, you clearly can't get anything useful from it
[Tue Dec 10 15:12:41 2013] <ianjneu> notdan: true, induction on n suffices. You can just destruct m.
[Tue Dec 10 15:13:14 2013] <notdan> "appropriate" is probably not a right word here, though, but yeah
[Tue Dec 10 15:18:19 2013] <notdan> hm ok now that i actually tried i can't prove it myself :S
[Tue Dec 10 15:19:16 2013] <notdan> oh nvm think I got it
[Tue Dec 10 15:20:41 2013] <ianjneu> not intros; omega? :P
[Tue Dec 10 15:25:08 2013] <notdan> Ha, no.
[Tue Dec 10 15:25:30 2013] <notdan> I actually never tried using omega. I guess it's ~magic~, like firstorder
[Tue Dec 10 15:26:35 2013] <notdan> aico4: idea: turn H from 'Sn + S n = S m + S m' into 'S (S (n + n)) = S (S (m + m))'
[Tue Dec 10 15:28:33 2013] <notdan> kay, going to hit the sack, bye everyone
[Tue Dec 10 15:29:25 2013] <ianjneu> by
[Tue Dec 10 15:29:26 2013] <ianjneu> bye*
[Tue Dec 10 15:36:06 2013] <aico4> Thanks for hints!
[Tue Dec 10 15:53:59 2013] <aico4> ianjneu: I alread have that lemma, but not sure how to apply it.
[Tue Dec 10 15:57:29 2013] <ianjneu> induction over n with m still quantified; destruct m and you'll get three trivial cases, and finally one that you'll apply that lemma twice in a hypothesis before using it with your induction hypothesis.
[Tue Dec 10 17:15:57 2013] <ianjneu> mixing coinduction and induction doesn't seem to do what I want. Grumble.
[Tue Dec 10 17:26:17 2013] <ianjneu> I have a coinductive unrolling a of a list-like structure through a finite map. At the end of the list there is either nil or "look up from the map and keep unrolling." I'm trying to prove that if something is an unrolling, then it is an unrolling of a conservative extension of the finite map.
[Wed Dec 11 00:05:51 2013] <Saizan> what's a good way to learn Coq for someone already familiar with tyep theory?
[Wed Dec 11 00:07:00 2013] <jgross> Write a category theory library in Coq? 
[Wed Dec 11 00:07:17 2013] <jgross> Do the HoTT exercies in Coq? 
[Wed Dec 11 00:08:31 2013] <jgross> You can try going through CPDT (Certified Programs with Dependent Types) by Chlipala, which is a good intro to using tactics, which I think are the biggest stylistic difference between Agda and Coq. 
[Wed Dec 11 00:10:08 2013] <Saizan> right, i need to learn about tactics and other language specific parts
[Wed Dec 11 00:14:43 2013] <jgross> (I think the other main ones are that Agda uses pattern matching definitions where Coq uses a single "match" construct, in Agda, everyone reimplements their own library, whereas in Coq everyone uses the standard library (because, e.g., if you write your own Nat type, you'd need ML code to get the numeral syntax for it), Agda is more unicode friendly, has mixfix notation (but Coq has notation scopes), Agda has explicit universe levels while Coq
[Wed Dec 11 00:14:43 2013] <jgross> has implicit ones, Agda uses a termination checker where Coq uses simple synatctic positivity checks, Agda uses mutual blocks where Coq uses explicit syntax for recursion (Fixpoint, fix) and mutual recursion (uh, "with" I think? or "and"; I can't remember).  In Coq, sections are used more than modules, and modules are rather heavy-weight and impoverished.  Coq uses "forall" to mean "pi type" rather than "infer these types".  Coq is much better
[Wed Dec 11 00:14:43 2013] <jgross> at guessing which arguments should be implicit than Agda is.  Agda is built on K, while Coq is built on J.  That's all I can think of right now, though I might list more as I think of them.) 
[Wed Dec 11 00:15:36 2013] <jgross> Oh, also, Coq has incremental compilation, always, where-as Agda often needs to recompile the whole file (if you mess up you're holes, for example). 
[Wed Dec 11 00:17:25 2013] <Saizan> *nod*
[Wed Dec 11 00:19:05 2013] <jgross> And you'll need to get used to working without dependently typed holes, unless you go get the trunk version of Coq, in which case you can use the [refine] tactic to give you something similar to Agda's holes. 
[Wed Dec 11 00:20:37 2013] <Saizan> oh, you mean when writing terms as opposed to using tactics?
[Wed Dec 11 00:22:49 2013] <jgross> Yes. 
[Wed Dec 11 00:23:52 2013] <jgross> I hear [Program] is also a useful way of getting holes in your definitions.  (Though, using tactics is also writing terms. They just tend to be very ugly terms.  And [refine] is a pretty low-level tactic that lets you be explicit about things.) 
[Wed Dec 11 00:26:20 2013] <Saizan> i guess if i go through cpdt i'll get some working knowledge
[Wed Dec 11 00:33:44 2013] <jgross> Saizan: If you're interested, you could try porting some of your CT stuff from Agda to https://github.com/HoTT/HoTT/tree/master/theories/categories.  Were you recently working on generalized polynomial functors or categories with families, or something of that sort?  (Though, going through CPDT will probably give you a better guided tour in tactics and other Coq features.) 
[Wed Dec 11 00:43:36 2013] <Saizan> jgross: it seems that in most Coq files there's enough unfamiliar stuff that i'd better get a feel for the language first
[Wed Dec 11 03:05:13 2013] <Ptival> and I don't think Coq has induction-recursion yet, though that's in the making?
[Wed Dec 11 03:32:05 2013] <sgnb> Ptival: do you have a reference for that?
[Wed Dec 11 07:45:58 2013] <roosbeef> hi
[Wed Dec 11 07:46:04 2013] <roosbeef> anyone here working with CoLoR?
[Wed Dec 11 07:55:53 2013] <roosbeef> brb
[Wed Dec 11 09:46:50 2013] <roosbeef> im trying to define a lexicographic order between terms (which are structured as trees)
[Wed Dec 11 09:46:55 2013] <roosbeef> using CoLoR
[Wed Dec 11 09:47:23 2013] <roosbeef> however in order to do this, first it should be clear to coq how the basic elements relate to each other (the labels at the tree nodes)
[Wed Dec 11 09:47:40 2013] <roosbeef> how do i do this? Im a bit of a novice still when it comes to making sense of libraries
[Wed Dec 11 09:48:04 2013] <roosbeef> so i think i should be using these two libraries mostly but how do i tell Coq that f > g > h for example
[Wed Dec 11 09:48:11 2013] <roosbeef> http://color.inria.fr/doc/CoLoR.RPO.VLPO.html
[Wed Dec 11 09:48:17 2013] <roosbeef> http://color.inria.fr/doc/CoLoR.RPO.VPrecedence.html
[Wed Dec 11 09:48:41 2013] <roosbeef> i need to establish a VPrecedence relation somehow? (if that even makes sense)
[Wed Dec 11 09:51:26 2013] <companion_cube> I think you need to provide a precedence with  leF : Sig -> Sig -> Prop.  and prove it's well founded and a total order
[Wed Dec 11 09:56:12 2013] <roosbeef> companion_cube, how though :p
[Wed Dec 11 09:57:23 2013] <companion_cube> well, how are your labels represented?
[Wed Dec 11 09:57:28 2013] <roosbeef> as strings
[Wed Dec 11 09:57:52 2013] <roosbeef> but thats like a parameter in Sig
[Wed Dec 11 09:57:56 2013] <roosbeef> wait ill show you
[Wed Dec 11 09:58:29 2013] <companion_cube> the usual ordering on strings is total, and probably well-founded if you make shorter strings smaller
[Wed Dec 11 09:58:33 2013] <roosbeef> http://color.inria.fr/doc/CoLoR.Term.WithArity.ASignature.html#Signature
[Wed Dec 11 09:59:15 2013] <roosbeef> ok suppose we have strings F and G as the only strings in MySig
[Wed Dec 11 09:59:25 2013] <roosbeef> then how would i tell Coq that F > G?
[Wed Dec 11 09:59:40 2013] <roosbeef> leF G F?
[Wed Dec 11 10:00:49 2013] <companion_cube> if you already have a function Sig -> Sig -> bool, it could be used to build a predicate Sig -> Sig -> Prop?
[Wed Dec 11 10:01:02 2013] <roosbeef> hm
[Wed Dec 11 10:01:03 2013] <companion_cube> or just add an axiom, maybe, yes
[Wed Dec 11 10:01:16 2013] <roosbeef> so you would suggest to write a function Sig -> Sig -> bool
[Wed Dec 11 10:01:28 2013] <roosbeef> that specifically indicates which labels precede which labels
[Wed Dec 11 10:01:29 2013] <roosbeef> ?
[Wed Dec 11 10:01:38 2013] <roosbeef> and then present that function to leF?
[Wed Dec 11 10:02:17 2013] <companion_cube> beq_symb : symbol -> symbol -> bool    <--- don't you already have this in the signature?
[Wed Dec 11 10:02:30 2013] <roosbeef> yea thats just to provide decidable equality
[Wed Dec 11 10:03:14 2013] <companion_cube> hmm right, it's not an ordering
[Wed Dec 11 10:04:57 2013] <companion_cube> then you can directly define a function (with pattern matching for instance) that return True or False to decide whether labels are smaller than other labels
[Wed Dec 11 10:05:21 2013] <roosbeef> ok that makes sense
[Wed Dec 11 10:05:40 2013] <roosbeef> suppose we have this function fstring -> fstring -> Prop
[Wed Dec 11 10:06:31 2013] <companion_cube> then you can apply the VPrecedence functor
[Wed Dec 11 10:06:38 2013] <roosbeef> how to feed this to Coq and make Coq understand that this order between labels is to be used to determine order between terms with VPrecedence / VLPO and what not
[Wed Dec 11 10:06:47 2013] <companion_cube> well you also have to prove the properties required in VPrecedenceType
[Wed Dec 11 10:07:29 2013] <roosbeef> ah
[Wed Dec 11 10:07:35 2013] <roosbeef> so the function is like the parameter leF
[Wed Dec 11 10:09:30 2013] <roosbeef> but wait the function is fstring -> fstring -> Prop, not Sig -> Sig -> Prop
[Wed Dec 11 10:18:08 2013] <companion_cube> roosbeef: you may want to read http://coq.inria.fr/cocorico/ModuleSystemTutorial about functors (to see how leF, Sig and the proofs are provided to VPrecedence)
[Wed Dec 11 10:27:37 2013] <roosbeef> nice!
[Wed Dec 11 10:27:39 2013] <roosbeef> will check that out
[Wed Dec 11 10:27:53 2013] <roosbeef> thanks for your help companion_cube, very much appreciated :)
[Wed Dec 11 10:44:52 2013] <ianjneu> g'morning
[Wed Dec 11 10:50:06 2013] <ianjneu> has anyone used Hur et. al.'s paco library for coinduction?
[Wed Dec 11 11:29:21 2013] <jgross> sgnb: http://coq.inria.fr/files/coq5-slides-herbelin.pdf <- page 10 says Matthieu Sozeau is working on IR (or hoping to or planning to) 
[Wed Dec 11 11:31:30 2013] <sgnb> jgross: the point just above (type-based guard) was already being talked about since before my PhD (I started in 2007)... so don't hold your breath
[Thu Dec 12 15:29:48 2013] <lopho> hi
[Thu Dec 12 15:29:56 2013] <lopho> is the reduction strategy used by coqchk documented anywhere?
[Thu Dec 12 15:31:13 2013] <companion_cube> I don't know, but I think it's strong reduction
[Thu Dec 12 15:31:34 2013] <companion_cube> it reduces every redex, even in subterms
[Thu Dec 12 15:32:27 2013] <lopho> thanks.  any idea on whether it is cbv or lazy?
[Thu Dec 12 15:33:00 2013] <companion_cube> well, it's different
[Thu Dec 12 15:33:09 2013] <companion_cube> since it also reduces under lambda (afaik)
[Thu Dec 12 15:33:17 2013] <companion_cube> but it would be closer to call by value, I think
[Thu Dec 12 15:33:36 2013] <companion_cube> since all terms have a normal form, all terms can be reduced to their normal form without worrying
[Thu Dec 12 15:34:30 2013] <lopho> i understand that it will reach a fully normalized term, but the redn strategy to get there will make a difference for some of the proof terms i'm writing (i think)
[Thu Dec 12 15:35:27 2013] <companion_cube> in what way would that make a difference?
[Thu Dec 12 15:36:04 2013] <lopho> embarrassingly large subterms in proof terms :)
[Thu Dec 12 15:36:35 2013] <companion_cube> ah, you mean in intermediate steps
[Thu Dec 12 15:36:55 2013] <lopho> not sure what you mean by intermediate steps
[Thu Dec 12 15:37:22 2013] <companion_cube> well, if those subterms occur in the normal form, every reduction strategy will have to deal with them anyway
[Thu Dec 12 15:37:31 2013] <companion_cube> there has ben quite a lot of research on reduction machines for CiC
[Thu Dec 12 15:38:53 2013] <lopho> right, i suspect that a lazy strategy would be a good candidate for this particular application, but that seemed too much to hope for
[Thu Dec 12 15:39:09 2013] <lopho> thx, i'll look for the CiC reduction machine research
[Thu Dec 12 15:39:34 2013] <companion_cube> matita may have a different strategy, btw
[Thu Dec 12 15:39:42 2013] <lopho> i was just wondering about that!
[Thu Dec 12 15:40:07 2013] <lopho> and isn't there a CiC -> lua floating around also?
[Thu Dec 12 15:40:22 2013] <companion_cube> oh dear, I hope not so
[Thu Dec 12 15:48:13 2013] <lopho> http://www.cri.ensmp.fr/classement/doc/A-525-slides.pdf
[Thu Dec 12 15:48:23 2013] <lopho> section 4.1 http://raweb.inria.fr/rapportsactivite/RA2012/deducteam/deducteam.pdf
[Thu Dec 12 15:49:56 2013] <lopho> so a proof checker for lambda Pi using LuaJIT; not CiC -> Lua
[Thu Dec 12 15:51:16 2013] <companion_cube> I know the author :)
[Thu Dec 12 15:51:41 2013] <companion_cube> and the proof checker is moving away from lua actually, toward a matita-like reduction machine in OCaml
[Thu Dec 12 15:56:00 2013] <lopho> are you one of the authors?  :)
[Thu Dec 12 16:00:58 2013] <lopho> thanks for the matita suggestion, i see the reduction strategy can be altered there.  do you know if the same will apply to dedukti?
[Thu Dec 12 16:02:14 2013] <companion_cube> I'm not, but I know people who work on it
[Thu Dec 12 17:49:00 2013] <Anarchos> d t ?
[Thu Dec 12 22:22:26 2013] <ianjneu> tactics as macros doesn't quite work. I was hoping they were actually untyped, where I could mix tactic and term as output. Is there a nonobvious way to do that?
[Thu Dec 12 22:25:42 2013] <ianjneu> urgh scoping
[Thu Dec 12 23:44:03 2013] <jgross> ianjneu: I think you want notations, which are in fact untyped.  You can also construct ill-typed terms by using (app)context, e.g., "match 1 + 1 = 2 with | appcontext G[plus] => let G' := context G[1] in idtac end".  If you get trunk as of a few days ago, you can now use $(<tactic code here>)$ anywhere that Coq wants a constr, and so you can mix tactic and term.  Alteratively, if you don't know about it, you can return terms from tactics by
[Thu Dec 12 23:44:03 2013] <jgross> using constr:(), and possibly continuation passing style. 
[Fri Dec 13 11:37:21 2013] <napping> Should this work: Require Import Setoid. Goal forall (P : Prop), P <-> P. reflexivity.
[Fri Dec 13 11:46:22 2013] <ianjneu> reflexivity? Hmm, is <-> a declared equivalence instance for prop?
[Fri Dec 13 11:47:05 2013] <napping> there's a reflexive instance iff_Reflexive, which I can indeed finish the goal with
[Fri Dec 13 11:47:20 2013] <ianjneu> It works for me.
[Fri Dec 13 11:47:38 2013] <ianjneu> 8.4pl2
[Fri Dec 13 11:47:58 2013] <napping> hmm, that's what mine says also, but I may have built from source
[Fri Dec 13 11:48:53 2013] <napping> actually, it works with that coqtop, maybe I have something else broken
[Fri Dec 13 11:49:43 2013] <napping> Weird, seems Proof General somehow got its Coq in a bad state
[Fri Dec 13 21:29:42 2013] <ianjneu> anyone still awake?
[Sat Dec 14 06:29:53 2013] <iainm> Hello. I've been working through the Software Foundations book and find myself stymied by a question (actually a particular detail of a question). Is this a good place to ask about it?
[Sat Dec 14 06:44:37 2013] <defanor> iainm: yes, i think. at least i did it, got some answers
[Sat Dec 14 06:50:06 2013] <iainm> Oh. No matter. You know the thing where the process of framing the question in sufficient detail leads you to test some assumptions which leads you to the answer? Yes, that.
[Sat Dec 14 06:52:50 2013] <defanor> heh
[Mon Dec 16 16:21:18 2013] <napping> Is there any way to define a notation with a free variable, for use inside generalizing binders?
[Wed Dec 18 07:35:41 2013] <roosbeef> im playing around with list to vector conversion
[Wed Dec 18 07:37:19 2013] <roosbeef> so ive got these functions:
[Wed Dec 18 07:37:40 2013] <roosbeef> https://privatepaste.com/87bad4e36a
[Wed Dec 18 07:38:19 2013] <roosbeef> basically i would like to have a function tailor_vec_of_list l n that takes the first n elements of list l and puts them in a vector
[Wed Dec 18 07:39:09 2013] <roosbeef> i think the code should work, but coq cant see that the length is correct
[Wed Dec 18 07:39:12 2013] <roosbeef> The term "vec_of_list (tailor_list A l Datatypes.nil i)" has type
[Wed Dec 18 07:39:12 2013] <roosbeef>  "vector A (length (tailor_list A l Datatypes.nil i))"
[Wed Dec 18 07:39:12 2013] <roosbeef>  while it is expected to have type "vector A i".
[Wed Dec 18 07:51:56 2013] <roosbeef> ok tailor_list was incomplete (didnt expend shorter lists), fixed -> https://privatepaste.com/cd6d7eb112
[Wed Dec 18 07:52:19 2013] <roosbeef> coq gives the same message though
[Wed Dec 18 07:52:50 2013] <roosbeef> how do i convince coq that  (length (tailor_list A l Datatypes.nil i)) is actually equal to i
[Wed Dec 18 07:54:44 2013] <Saizan> by induction on l and i
[Wed Dec 18 07:54:55 2013] <roosbeef> induction where?
[Wed Dec 18 07:55:01 2013] <roosbeef> im not in proof mode when coq is telling me this
[Wed Dec 18 07:55:41 2013] <roosbeef> (see latter url) it happens when im trying to get the second function to be defined
[Wed Dec 18 07:57:04 2013] <Saizan> well, i've never actually used coq, but once you've proven the equality separately, i imagine there's something like transport/subst to fix the types in your code
[Wed Dec 18 07:57:29 2013] <roosbeef> hm
[Wed Dec 18 07:57:46 2013] <roosbeef> yea i could prove a lemma that says the length is i
[Wed Dec 18 07:58:16 2013] <roosbeef> so youre saying coq would automatically use that lemma and not return that message?
[Wed Dec 18 07:58:39 2013] <Saizan> no
[Wed Dec 18 07:59:10 2013] <roosbeef> how would that work then..
[Wed Dec 18 07:59:38 2013] <roosbeef> coq wont define the function because it doesnt realise the length is equal to i, but how do i make it realise that?
[Wed Dec 18 08:00:27 2013] <Saizan> you would use the equality explicitly, with a combinator, let me see if i can find something suitable in the stdlib
[Wed Dec 18 08:02:12 2013] <Saizan> or maybe you should just define tailor_vec_of_list in proof mode and use apply and rewrite?
[Wed Dec 18 08:03:01 2013] <Saizan> or use a case on the lemma
[Wed Dec 18 08:03:16 2013] <roosbeef> define it in proof mode?
[Wed Dec 18 08:04:03 2013] <Saizan> yeah, i think it's possible?
[Wed Dec 18 08:04:19 2013] <Saizan> i'm sorry, i'm not being very helpful but i'm quite a newbie too
[Wed Dec 18 08:04:52 2013] <roosbeef> :p
[Wed Dec 18 08:21:08 2013] <Saizan> roosbeef: that'd be transport http://lpaste.net/97160
[Wed Dec 18 08:22:06 2013] <roosbeef> how does that work?
[Wed Dec 18 08:23:47 2013] <Saizan> if you have a proof (p : m = n) and (xs : vector A m) then (transport (vector A) p xs) will have type (vector a n)
[Wed Dec 18 08:24:21 2013] <roosbeef> ha nice
[Wed Dec 18 08:24:57 2013] <roosbeef> so proof the lemma, then plug that lemma into transport
[Wed Dec 18 08:24:59 2013] <roosbeef> prove*
[Wed Dec 18 08:25:08 2013] <Saizan> yeah
[Wed Dec 18 08:25:11 2013] <roosbeef> awesome :)
[Wed Dec 18 08:25:17 2013] <roosbeef> gonna try that, thanks a lot!
[Wed Dec 18 08:25:49 2013] <Saizan> np!
[Wed Dec 18 08:27:07 2013] <Saizan> i imagine there are more idiomatic/automated ways, but still
[Wed Dec 18 08:49:15 2013] <roosbeef> so i have in proof mode that S i = 1
[Wed Dec 18 08:49:29 2013] <roosbeef> is there something in the std lib that allows me to convert this into i = 0?
[Wed Dec 18 08:50:59 2013] <iainm> f_equal? http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic159
[Wed Dec 18 08:53:10 2013] <roosbeef> thanks :)
[Wed Dec 18 16:29:02 2013] <ianjneu> how does one make Coq contradact redexes for cofix applications? It's really bugging me.
[Wed Dec 18 16:30:19 2013] <ianjneu> contract*
[Wed Dec 18 18:24:34 2013] <ianjneu> ah, Eduardo's email on the list answers this. Basically coinductive is friggin useless.
[Wed Dec 18 19:52:05 2013] <Hodapp> http://pastebin.com/QhmVFQXn - I'm fairly new to Coq, but trying to work through some of the textbook there; for that exercise, I have an answer that works, but I don't understand why it works
[Wed Dec 18 19:53:04 2013] <Hodapp> particularly, I don't know why I need 'rewrite <- plus_1_l' rather than ->, and the book just mentions that the former does right-to-left rather than left-to-right rewriting
[Wed Dec 18 20:06:38 2013] <ianjneu> Hodapp: the right-to-left rewrite changes the m = S n hypothesis to m = 1 + n, so you get m = 1 + n -> m * (1 + n) = m * m afterwards.
[Wed Dec 18 20:07:41 2013] <ianjneu> then if you do intro H; rewrite H; reflexivity. you'll finish since you will blast away m to have a goal (1 + n) * (1 + n) = (1 + n) * (1 + n).
[Wed Dec 18 20:08:07 2013] <ianjneu> reflexivity finalizes the proof.
[Wed Dec 18 20:08:51 2013] <Hodapp> hmm, whereas, if I use the left-to-right, then I get... m * (S n) = m * m, but wouldn't then rewriting with H give (S n) * (S n) on each side?
[Wed Dec 18 20:08:54 2013] <Hodapp> or what am I missing there?
[Wed Dec 18 20:22:31 2013] <defanor> Hodapp: why have you decided that you *need* to use '<-' there?
[Wed Dec 18 20:22:56 2013] <ianjneu> ya, either way works.
[Wed Dec 18 23:39:06 2013] <anderslundstedt> tuple notation: is there a way so I can write "intros (x,y,z)" instead of "intros ((x,y),z)"?
[Thu Dec 19 05:13:50 2013] <robbert`> ianjneu: "coinductive is friggin useless" is both an overstatement and an understatement ;)
[Thu Dec 19 05:14:05 2013] <robbert`> On the one hand, it is kind of useful. For example, when summing powerseries, the lazy computation given by coinductive types is pretty useful (and I guess there are tons of other examples).
[Thu Dec 19 05:14:25 2013] <robbert`> On the other hand, it is really broken: coinductive types break subject reduction...
[Thu Dec 19 08:21:29 2013] <Hodapp> defanor, ianjneu: I didn't decide that, Coq did. I get, "Error: Tactic generated a subgoal identical to the original goal."
[Thu Dec 19 08:22:20 2013] <defanor> Hodapp: oh, you might want to add 'intros'
[Thu Dec 19 08:22:33 2013] <defanor> i mean, to intoduce H
[Thu Dec 19 08:22:43 2013] <defanor> before rewriting
[Thu Dec 19 08:22:51 2013] <Hodapp> I tried it that way too.
[Thu Dec 19 08:23:17 2013] <Hodapp> well, wait, I wrote down that I had... but actually that works too...
[Thu Dec 19 08:23:53 2013] <Hodapp> maybe I'll have to look through my Emacs undo buffer and see what I actually did
[Thu Dec 19 08:26:48 2013] <roosbeef> right
[Thu Dec 19 08:26:53 2013] <roosbeef> so im working this subgoal
[Thu Dec 19 08:26:57 2013] <roosbeef> https://privatepaste.com/e76d87cdac
[Thu Dec 19 08:27:17 2013] <roosbeef> when doing 'compute', the goal resolves to S i = 1, then f_equal resolves to i = 0
[Thu Dec 19 08:27:42 2013] <Hodapp> other thing that confuses me a little - if I have, say: Theorem plus_id_exercise : forall n m o : nat, n = m -> m = o -> n + m = m + o.
[Thu Dec 19 08:27:42 2013] <roosbeef> why does IHi not want to resolve to something similar?
[Thu Dec 19 08:28:33 2013] <roosbeef> upon doing 'compute in IHi', that assumption resolves to https://privatepaste.com/034b6084f2
[Thu Dec 19 08:28:33 2013] <Hodapp> and I do 'intros H H2.' - what is the rule for how H and H2 line up? They appear to magically line up with n=m and m=0 in this case
[Thu Dec 19 08:29:34 2013] <roosbeef> what do you mean by line up
[Thu Dec 19 08:30:38 2013] <Hodapp> What defines that H and H2 are hypotheses, and what defines that they are n = m and m = o respectively?
[Thu Dec 19 08:31:03 2013] <Hodapp> for I use the same syntax with 'intros n m o.' and there it's understood that they're universally quantified variables
[Thu Dec 19 08:32:09 2013] <roosbeef> H and H2 are simply names for the hypotheses that 'intros' introduces, n=m and m=0 are chosen because these are the first and second premises of that implication you mentioned
[Thu Dec 19 08:32:30 2013] <roosbeef> i guess with 'intros n m o', maybe coq recognizes that those are already bound and treats them differently
[Thu Dec 19 08:32:47 2013] <Hodapp> but the names could be anything and hypotheses are just chosen serially?
[Thu Dec 19 08:33:17 2013] <roosbeef> pretty much, yea. Try doing 'intros' with no name specification
[Thu Dec 19 08:35:19 2013] <Hodapp> I'm still trying to figure out Proof General a bit better
[Thu Dec 19 08:35:29 2013] <Hodapp> and how I can interactively enter commands
[Thu Dec 19 08:43:01 2013] <roosbeef> cool im using coqide
[Thu Dec 19 09:17:08 2013] <roosbeef> hm
[Thu Dec 19 09:17:15 2013] <roosbeef> trying to prove this simple theorem
[Thu Dec 19 09:17:16 2013] <roosbeef> https://privatepaste.com/fc6ff6fd4c
[Thu Dec 19 09:17:43 2013] <roosbeef> for some reason i keep running in circles
[Thu Dec 19 09:18:40 2013] <roosbeef> do i do induction on i or l? Or both? Any hints?
[Thu Dec 19 09:22:09 2013] <Hodapp> * shrugs... first day using Coq was yesterday.
[Thu Dec 19 10:10:45 2013] <jrw> roosbeef needs to generalize his induction hypothesis.
[Thu Dec 19 10:11:09 2013] <jrw> but he's already left in frustration.
[Thu Dec 19 10:11:27 2013] <jrw> I hope this doesn't ruin is day/evening...
[Thu Dec 19 10:13:25 2013] <notdan> I think you just need induction on i and destruction on l...
[Thu Dec 19 10:13:58 2013] <notdan> oh no, you are right
[Thu Dec 19 10:14:00 2013] <jrw> notdan: if you don't leave "il" general in the induction it won't go through.
[Thu Dec 19 10:14:25 2013] <jrw> so the first most obvious thing doesn't work. but the second most obvious thing does :)
[Thu Dec 19 10:15:55 2013] <notdan> 'il'?
[Thu Dec 19 10:16:25 2013] <notdan> I think generalizing over l is necessary, I am trying to crack this right now
[Thu Dec 19 10:16:26 2013] <jrw> that's what he called the argument to the function. then it's called "l" in the lemma. whatever you call it.
[Thu Dec 19 10:16:33 2013] <notdan> but totally forgot how does the generalization work
[Thu Dec 19 10:16:51 2013] <notdan> jrw: oh, sorry, got confused a little bit
[Thu Dec 19 10:17:00 2013] <jrw> notdan: hacky way: move i to the first thing after the forall then start the proof with "induction i" (no intros first)
[Thu Dec 19 10:18:04 2013] <jrw> more generally (hehe), if you've already intros'd something, you can try "generalize dependent l"
[Thu Dec 19 10:18:15 2013] <jrw> which will move l back into the goal as a quantified variable.
[Thu Dec 19 10:20:47 2013] <notdan> yep, 'generalize dependent l' , that's what I been looking for
[Thu Dec 19 10:20:48 2013] <notdan> thanks
[Thu Dec 19 10:20:59 2013] <notdan> for some reason it is no longer in SF :(
[Thu Dec 19 10:21:30 2013] <notdan> oh it's still in there, just in the MoreCoq chapter
[Thu Dec 19 11:11:10 2013] <fafounet> Hi. I'm struggling to prove some basic properties for permutations of permutations (for lists of lists).
[Thu Dec 19 11:11:30 2013] <fafounet> Can anyone help me with the beginning of the last lemma: http://tny.cz/fe6618a9 ?
[Thu Dec 19 11:21:27 2013] <jrw> fafounet: are you expecting this to follow directly somehow?
[Thu Dec 19 11:21:35 2013] <jrw> my intuition is that it will not.
[Thu Dec 19 11:22:14 2013] <jrw> you'll need to prove something way stronger. on the order of "if doubleperm as bs, then for all a in as and b in bs, Permuation a b"
[Thu Dec 19 11:22:44 2013] <jrw> with the caveat that I haven't actually tried to prove that. or thought very carefully about it.
[Thu Dec 19 11:23:45 2013] <fafounet> I guessed I have something stronger to prove but I don't know what.
[Thu Dec 19 11:24:21 2013] <fafounet> what you suggest should be adapted to ... there exists b in bs s.t. Permutation a b
[Thu Dec 19 11:24:34 2013] <fafounet> i'm not sure it's enough
[Thu Dec 19 11:25:22 2013] <jrw> right, good point.
[Thu Dec 19 12:57:29 2013] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Basics.html#lab29 - In a line such as "intros n. destruct n as [| n']." what is going on here that tells us how to 'destruct' n? Does a type defined with M different constructors break down into exactly M subgoals?
[Thu Dec 19 12:59:55 2013] <Hodapp> and does the [| n'] automatically line up serially, with the empty part going to the nullary constructor, and the n' going to the S : nat -> nat?
[Thu Dec 19 13:32:44 2013] <notdan> "oes a type defined with M different constructors break down into exactly M subgoals?
[Thu Dec 19 13:32:48 2013] <notdan> " Yes
[Thu Dec 19 13:33:06 2013] <notdan> and yes for the second part too :)
[Thu Dec 19 13:34:17 2013] <ystael> i don't try to understand how to write as-clauses for inversion, but for destruct they more or less make sense
[Thu Dec 19 13:35:17 2013] <Hodapp> notdan: alrighty, thank you
[Thu Dec 19 13:41:13 2013] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Basics.html#lab32 - any hint on how to apply a rewrite from ∀(x : bool), f x = x? I seem to be stuck there
[Thu Dec 19 13:41:46 2013] <Hodapp> trying to destruct on b, but don't know how to rewrite 'f true' as 'true' (for instance)
[Thu Dec 19 13:42:22 2013] <notdan> if ∀(x : bool), f x = x is in your context as H, you can use 'rewrite (H true)'
[Thu Dec 19 13:43:25 2013] <notdan> But in that particular lemma you don't need to destruct on b really
[Thu Dec 19 13:43:34 2013] <Hodapp> oh, didn't realize a hypothesis could take parameters like that
[Thu Dec 19 13:43:52 2013] <Hodapp> ...is it a hypothesis?
[Thu Dec 19 13:44:12 2013] <notdan> if H is of a form (forall a:A. B) than (H a) gives you B
[Thu Dec 19 13:44:17 2013] <notdan> (assuming that a:A)
[Thu Dec 19 13:44:27 2013] <Hodapp> ooh, okay
[Thu Dec 19 13:45:08 2013] <notdan> that lemma, you can prove with just 'intros f H b.  rewrite H. rewrite H.' though
[Thu Dec 19 13:45:36 2013] <Hodapp> I'll see if I get there on my own with enough headbanging :P
[Thu Dec 19 13:48:20 2013] <notdan> yeah sorry I wont spoil it for you
[Thu Dec 19 13:48:31 2013] <notdan> SF is such a great book
[Thu Dec 19 13:48:41 2013] <notdan> but apparently it got harder since the last time I read it
[Thu Dec 19 13:51:23 2013] <Hodapp> I'm glad it's a good book, because I had no idea going in
[Thu Dec 19 13:51:57 2013] <Hodapp> I was reading a paper which mentioned a page of lectures from uoregon in its references, and said lecture page referred to this text
[Thu Dec 19 13:54:46 2013] <notdan> OPLSS? Ya Pierce lectured there a few times
[Thu Dec 19 13:55:26 2013] <Hodapp> http://www.cs.uoregon.edu/research/summerschool/summer10/curriculum.html - there
[Thu Dec 19 13:56:02 2013] <Hodapp> 'rewrite H.' - no -> or <- there; what does it mean in the absence of those?
[Thu Dec 19 13:56:12 2013] <ystael> Hodapp: -> is default
[Thu Dec 19 13:57:43 2013] <Hodapp> okay
[Thu Dec 19 13:59:07 2013] <Hodapp> also, why is 'H' fine with no argument?
[Thu Dec 19 14:00:30 2013] <ystael> Coq will try to unify the conclusion of H with the goal to find candidates for the arguments of H
[Thu Dec 19 14:00:38 2013] <ystael> you don't have to specify them explicitly
[Thu Dec 19 14:02:15 2013] <Hodapp> ahh, I see that 'rewrite (H b)' works likewise
[Thu Dec 19 14:02:52 2013] <ystael> yeah, you can specify the argument, or try to let Coq do it
[Thu Dec 19 15:28:32 2013] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Basics.html#lab33 is posing an embarassing level of difficulty to me... tried destructing 'b', and then in the first subgoal it complains it can't unify 'c' with 'true'.
[Thu Dec 19 15:29:57 2013] <Hodapp> well, I suppose that's referring to the goal, I'd mistakenly thought it had derived that from the hypothesis
[Thu Dec 19 16:38:05 2013] <Hodapp> I'm to a stage in that problem where I'm at the subgoal for b=false, and H : false = orb false c, with the subgoal of false = c
[Thu Dec 19 16:38:23 2013] <Hodapp> if I add a 'rewrite H.' then it's proven, but why? I don't see how rewriting with H can solve anything there
[Thu Dec 19 16:38:50 2013] <Hodapp> or is it actually replacing 'false' with 'orb false c' which it then evaluates to 'c' thus c=c?
[Thu Dec 19 21:47:34 2013] <farewell> hello
[Thu Dec 19 21:48:05 2013] <farewell> can i ask a question?
[Thu Dec 19 22:01:48 2013] <amosr> hello, farewell
[Thu Dec 19 22:10:29 2013] <Cale> Apparently he can't? :)
[Thu Dec 19 22:10:45 2013] <Cale> Though I guess from another perspective, he did
[Thu Dec 19 22:11:00 2013] <amosr> whoa
[Fri Dec 20 01:14:53 2013] <anderslundstedt> which decision procedures for pean arithmetic are available?
[Fri Dec 20 01:16:51 2013] <anderslundstedt> (for decidable fragments of course. hesburger arithmetic does not suffice in my case)
[Fri Dec 20 01:17:21 2013] <anderslundstedt> *presburger
[Fri Dec 20 01:17:24 2013] <amosr> hesburger. is that the sa
[Fri Dec 20 01:17:24 2013] <amosr> ah
[Fri Dec 20 01:17:45 2013] <amosr> I was going to suggest looking at omega, but obviously not then
[Fri Dec 20 01:37:35 2013] <jrw> anderslundstedt: what's your goal look like?
[Fri Dec 20 01:38:37 2013] <anderslundstedt> jrw: one example is context "H : a * (d' + 1) + b' * (d + 1) = a' * (d + 1) + b * (d' + 1)" and goal "0 = (d' + 1) * (b - a - 1 + 1) + (d + 1) * (a' - b' - 1 + 1)"
[Fri Dec 20 01:39:31 2013] <anderslundstedt> (I have not double checked that the goal is in fact provable from the assumption, but if I have not done anything wrong in my definitions it should be)
[Fri Dec 20 01:42:52 2013] <anderslundstedt> now I have checked: it is provable
[Fri Dec 20 01:53:14 2013] <jrw> anderslundstedt: are those all nats?
[Fri Dec 20 01:53:20 2013] <anderslundstedt> yes
[Fri Dec 20 01:54:23 2013] <jrw> I'm not sure I believe that it's true, but if you say so. in any case, I was going to suggest ring, but ring says it can't prove it.
[Fri Dec 20 01:56:21 2013] <jrw> anderslundstedt: no, I'm right. that goal is false in that context.
[Fri Dec 20 01:56:33 2013] <jrw> anderslundstedt: substitute all variables for 0 and you get "0 = 0 -> 0 = 1"
[Fri Dec 20 01:56:40 2013] <anderslundstedt> hmmm .... ok
[Fri Dec 20 01:58:41 2013] <anderslundstedt> did you take into account that 0 - 0 - 1 + 1 = 1?
[Fri Dec 20 01:59:08 2013] <anderslundstedt> or is the associativity the other way around?
[Fri Dec 20 01:59:41 2013] <jrw> I didn't take anything into acount. I copied your goal. destructed all variables and looked that the first case (where they're all 0) and it was false.
[Fri Dec 20 01:59:51 2013] <anderslundstedt> ok.
[Fri Dec 20 02:02:57 2013] <jrw> anderslundstedt: I would be curious to know if "ring" solves your goal once you get it right. I haven't worked much with ring; I'm not sure exactly what its limitations are.
[Fri Dec 20 02:03:37 2013] <anderslundstedt> I will see if I can find another example where the goal is in fact provable and try ring.
[Fri Dec 20 02:03:52 2013] <anderslundstedt> I have tried ring with no success but I have not verified that the goal was provable
[Fri Dec 20 02:04:15 2013] <jrw> anderslundstedt: it's those pesky false theorems that get you :) if only ring could prove all goals...
[Fri Dec 20 02:15:09 2013] <anderslundstedt> jrw: it looks like it possible that all theorems where ring has not succeded are wrong. However I will not look more into this at the moment. (I am trying to prove basic rational arithmetic results using the fraction representation (a-b)/(d+1) with a b d : nat, i.e. rationals as setoid with underlying set nat*nat*nat, so that is where my equations come from.)
[Fri Dec 20 02:16:45 2013] <jrw> anderslundstedt: cool, good to know. good luck!
[Fri Dec 20 04:19:39 2013] <anderslundstedt> jrw: I now have a provable goal that is not solvable with ring. context "a b d : nat" and "H : a < b", goal "(a * 0 + b * (d + 1)) * 1 + 0 = d * (b - a - 1) + d + (b - a - 1) + 1 + 0 + (a * (d + 1) + 0) * 1".  (This is half of the proof of multiplicative inverse for my representation of rationals.)
[Fri Dec 20 04:24:17 2013] <anderslundstedt> http://pastebin.com/bR0CXvSQ
[Fri Dec 20 04:33:54 2013] <jrw> anderslundstedt: if it depends on that inequality (presumably), then yes. ring can't handle inequalities.
[Fri Dec 20 04:34:09 2013] <jrw> if you have inequalities but not general multiplication, omega. if you have general multiplication but no inequalities, ring. otherwise... :(
[Fri Dec 20 11:26:53 2013] <Hodapp> I'm in a subgoal where I've destructed some term, and I've turned a hypothesis to "false = true". What exactly do I do here to signify "the hypothesis is false, this subgoal is irrelevant"?
[Fri Dec 20 11:31:30 2013] <rmk0> Hodapp: try "contradiction"
[Fri Dec 20 11:31:34 2013] <ystael> Hodapp: [inversion H] will eliminate the current goal if H is a contradiction
[Fri Dec 20 11:34:16 2013] <Hodapp> Coq doesn't believe there's a contradiction, but 'inversion H' did it. Thanks.
[Fri Dec 20 15:15:19 2013] <Hodapp> http://adam.chlipala.net/cpdt/ hmm, this book any good?
[Fri Dec 20 15:17:09 2013] <ianjneu> Hodapp: it is when you've gotten the basics down. It moves at a fast pace.
[Fri Dec 20 15:19:23 2013] <Hodapp> I'm surprised at the amount of free, supposedly good-quality material on this.
[Sat Dec 21 15:55:39 2013] <ianjneu> is there a way to use instantiate with identifiers given to evar rather than the very brittle exact number assigned to that identifier?
[Sat Dec 21 16:01:38 2013] <ianjneu> ah, Chlipala's equate tactic.
[Sat Dec 21 16:03:06 2013] <ianjneu> gluh, can't change its value in different cases.
[Sat Dec 21 17:30:04 2013] <ianjneu> okay, this has bothered me for a while: is there any way to define a tactic during a proof script within the scope of the proof context?
[Sat Dec 21 17:30:23 2013] <ianjneu> I hate lamba-lifting all my tactics.
[Sat Dec 21 17:52:55 2013] <jgross> ianjneu: lambda-lifting? 
[Sat Dec 21 17:57:35 2013] <ianjneu> jgross: turning free variables that are put in a closure into arguments that then have to be passed in at every call.
[Sat Dec 21 18:29:27 2013] <ianjneu> jgross: it also appears that "Proof with" is unhygienic.
[Sun Dec 22 11:38:52 2013] <ezyang> What does a hyphen before a tactic do? E.g. - intros x y.
[Sun Dec 22 12:54:42 2013] <ianjneu> unsure.
[Sun Dec 22 12:54:59 2013] <ianjneu> looks like it focuses on the goal.
[Sun Dec 22 13:32:05 2013] <jgross> ianjneu (from last night): I generally try to structure my tactics so that they pick up variables they need from the context, by type. e.g., replacing [destruct x, y, z.] with [repeat match goal with | [ H : prod _ _ |- _ ] => destruct H end] 
[Sun Dec 22 13:33:22 2013] <jgross> ezyang: http://coq.inria.fr/coq-84 "this version features ... a new proof engine by A. Spiwack whose most salient feature is the introduction of bullets (+, -, *) and structured scripts ({ ... })" 
[Sun Dec 22 13:49:57 2013] <ianjneu> jgross: unless I can fully automate a proof in a transparent way, I prefer to introduce informative names.
[Sun Dec 22 13:53:05 2013] <jgross> ianjneu: My goal is to make all of my proofs as fully automated as possible. 
[Sun Dec 22 14:21:37 2013] <ianjneu> jgross: I'm not that good yet.
[Sun Dec 22 15:35:04 2013] <ianjneu> if I have a hypothesis ((K 0 1) :: l), how do I bind (K 0 1) to a pattern variable in a tactic? The following fails: match goal with [H: (?a :: ?l) |- _] => inversion H end
[Sun Dec 22 16:02:36 2013] <jgross> ianjneu: You get better by practicing.	If you always try to make proofs as automated as possible, then you'll get better over time, even if your first proof scripts are ugly.  If you only automate proofs when you already know how to fully automate them, it'll take much longer to get better. 
[Sun Dec 22 16:03:40 2013] <jgross> ianjneu: ((K 0 1) :: l) isn't a type, so you can't have a hypothesis of that type.  Do you mean "match goal with [ H : (?a :: ?l) = _ |- _ ] => inversion H end"?  Or maybe "match goal with [ H := ?a :: ?l |- _ ] => idtac a end"? 
[Sun Dec 22 16:17:39 2013] <ianjneu> jgross: right, my attempt to give a contrived example resulted in a type error.
[Sun Dec 22 21:38:24 2013] <Hodapp> Hrm, am I the only one whose workflow - at least on the problems in SF - usually involves writing a proof that purposely fails and then inspecting the current goals/subgoals?
[Sun Dec 22 22:06:59 2013] <jrw> Hodapp: what do you mean by "fail"?
[Sun Dec 22 22:09:40 2013] <Hodapp> As in, one that you know is missing pieces and will produce an error.
[Sun Dec 22 22:19:32 2013] <jrw> Hodapp: if you're constructing a proof for the first time, especially if you're not sure the theorem is true, I'd say that's unavoidable
[Sun Dec 22 22:19:38 2013] <jrw> think of it as "exploratory proving"
[Sun Dec 22 22:43:53 2013] <Hodapp>  seems to me to be why Coq has many of the interactive/reflective features it has
[Mon Dec 23 12:08:30 2013] <roosbeef> hm
[Mon Dec 23 12:08:40 2013] <roosbeef> so im trying to define this type
[Mon Dec 23 12:08:42 2013] <roosbeef> Definition fterm_v : Type := VTerm.term S1.VSig.
[Mon Dec 23 12:08:42 2013] <roosbeef> Definition fterm_v_wf : Type := fterm_v_wf (VTerm.term S1.VSig).
[Mon Dec 23 12:08:42 2013] <roosbeef> Error: The term "term S1.VSig" has type "Type" while it is expected to have type "fterm_v".
[Mon Dec 23 12:09:08 2013] <roosbeef> (fterm_v_wf is a function that takes fterm_v as argument)
[Mon Dec 23 12:09:38 2013] <roosbeef> how do i make coq recognize that fterm_v and "term S1.VSig" are actually one and the same Type
[Mon Dec 23 12:17:59 2013] <roosbeef> or maybe im just not defining the type properly
[Mon Dec 23 12:36:12 2013] <roosbeef> found it
[Mon Dec 23 19:03:46 2013] <ezyang> God, I always forget the vernacular for "tell me what this notation means"
[Mon Dec 23 19:23:15 2013] <ianjneu> ezyang: I just Set Printing All.
[Mon Dec 23 20:25:50 2013] <jgross> ezyang: Locate "+". 
[Tue Dec 24 07:40:49 2013] <Igloo> Can I give a name to "f x" without moving it before the "," here?: http://paste.debian.net/72451/
[Tue Dec 24 07:41:32 2013] <Igloo> (and without also repeating the names of x, y, proof, and without explicitly renaming it from "H")
[Tue Dec 24 08:12:39 2013] <jrw> Igloo: does "intros Hfx" do what you mean?
[Tue Dec 24 08:13:11 2013] <Igloo> jrw: That introduces 'x' with the name 'Hfx'
[Tue Dec 24 08:13:34 2013] <jrw> Igloo: okay, how about "intros x y proof Hfx"? :)
[Tue Dec 24 08:13:45 2013] <Igloo> "intros ? ? ? Hfx." does do it, but I'd rather not have to write so many ?s
[Tue Dec 24 08:13:59 2013] <Igloo> jrw: "without also repeating the names of x, y, proof"  :-)
[Tue Dec 24 08:14:50 2013] <jrw> Igloo: you could state the lemma as 'forall (x : nat) (y : nat) (proof : R x y) (Hfx : f x), g y'
[Tue Dec 24 08:14:59 2013] <jrw> and then just intros
[Tue Dec 24 08:16:15 2013] <Igloo> I can't remember if I can still use rewrite with the lemma if I do that?
[Tue Dec 24 08:16:41 2013] <Igloo> I'd half-remembered that there was a way to name things in that position, but maybe my memory is palying tricks on me
[Tue Dec 24 08:17:09 2013] <jrw> there might be, but I don't know it :)
[Tue Dec 24 08:19:50 2013] <Igloo> thanks for the help, anyway  :-)
[Tue Dec 24 08:51:16 2013] <ezyang> "What does UNBOUND_REL" mean?
[Tue Dec 24 10:33:54 2013] <jgross> ezyang: Technically, it means you found a place where Coq neglected to name something (see https://coq.inria.fr/bugs/show_bug.cgi?id=3073). In practice, I've found that it means that you tried to use a non-dependent theorem where you wanted a dependent one. 
[Tue Dec 24 10:40:01 2013] <ianjneu> I just spent a really long time writing feedback for the Coq survey sent out this morning. The page timed out when I submitted, and I couldn't go back. Awesome.
[Tue Dec 24 10:49:06 2013] <rks`> :DDDDDDDDd
[Tue Dec 24 10:55:30 2013] <ianjneu> eh?
[Wed Dec 25 06:31:50 2013] <Rc43> Hello.
[Wed Dec 25 06:38:42 2013] <Rc43> Keyword `return' is necessary only for type casts?
[Wed Dec 25 06:39:19 2013] <ezyang> In match? Sort of; usually you need it when you're doing a dependent match
[Wed Dec 25 06:40:02 2013] <Rc43> ezyang, ye, in match; found that in implementation of polyvariadic functions.
[Wed Dec 25 06:40:32 2013] <Rc43> like nArrow n = match n with O => nat | S n => nat -> nArrow n, etc.
[Wed Dec 25 06:40:56 2013] <Rc43> Then in usage it is written nSum = match n return nArrow n with ...
[Wed Dec 25 06:41:13 2013] <ezyang> Yeah, I stand by my answer
[Wed Dec 25 06:41:57 2013] <Rc43> ezyang, why Coq can't deduce type without this?
[Wed Dec 25 06:42:12 2013] <ezyang> Because it is undecidable
[Wed Dec 25 06:42:22 2013] <ezyang> that being said, Coq has gotten pretty good at guessing in many cases.
[Wed Dec 25 06:43:28 2013] <Rc43> ezyang, yeah; I checked now without "return" -- in my case it works.
[Wed Dec 25 06:45:45 2013] <ezyang> Here is a good resource about what 'return' means: http://adam.chlipala.net/cpdt/html/MoreDep.htmlhttp://adam.chlipala.net/cpdt/html/MoreDep.html
[Wed Dec 25 06:45:49 2013] <ezyang> oops, that's http://adam.chlipala.net/cpdt/html/MoreDep.html
[Wed Dec 25 06:47:58 2013] <Rc43> ezyang, thanks, will check it
[Wed Dec 25 07:10:43 2013] <Igloo> If "dependent destruction H" works, but "dependent inversion H" says "Error: Current goal does not depend on H", is there anything I can do to make "depent inversion" work?
[Wed Dec 25 07:11:01 2013] <Igloo> (I want to add an "as ..." clause, which dependent destruction doesn't allow)
[Wed Dec 25 09:43:58 2013] <ezyang> It seems pretty unfortunate that when you have a context, Coq gives it a name, even though the preferred mechanism by which is should be used is by the name of the method in the typeclass
[Wed Dec 25 23:23:46 2013] <defanor-> could somebody recommend some books/articles/examples about implementing/proving network protocols in coq? i want to try it, but have no idea where to start
[Wed Dec 25 23:51:44 2013] <jrw> defanor-: have you read the frenetic work?
[Wed Dec 25 23:53:21 2013] <jrw> http://www.frenetic-lang.org/publications.php
[Wed Dec 25 23:53:49 2013] <defanor-> jrw: nope, thanks, will check it
[Wed Dec 25 23:54:48 2013] <jrw> specifically the PLDI 2013 paper is the coq proofs.
[Wed Dec 25 23:55:46 2013] <jrw> defanor-: this might not be exactly what you mean, depending on your definitions of "network protocol" and "implementing"...
[Wed Dec 25 23:56:59 2013] <jrw> they verify a compiler from a software-defined networking language to open flow table rules. to do that they model open flow semantics as well as the network.
[Wed Dec 25 23:57:02 2013] <jrw> it's a good paper.
[Thu Dec 26 00:00:26 2013] <jrw> defanor-: I'd also be curious to hear more about what you're interested in doing, if it's not top secret :)
[Thu Dec 26 00:00:26 2013] <defanor-> jrw: even if it's not exactly what i want, it seems interesting and could be helpful. thanks
[Thu Dec 26 00:01:10 2013] <jrw> np
[Thu Dec 26 00:01:43 2013] <defanor-> just some protocols, on top of tcp and csd, like rpc
[Thu Dec 26 00:02:54 2013] <jrw> and you want to verify that, given some assumptions about tcp, the rpc satisfies certain properties?
[Thu Dec 26 00:02:59 2013] <defanor-> i have a bunch of protocols to work with here, so it'd be nice to prove at least that any composed message could be read
[Thu Dec 26 00:03:43 2013] <defanor-> and when i have server implementation also, then i'd like to prove that, say, it does not allow parameters which don't pass validation
[Thu Dec 26 00:04:31 2013] <defanor-> and there are some a little more complex schemas for recovery on disconnect, it'd be nice also to prove that they work
[Thu Dec 26 00:25:26 2013] <jrw> defanor-: cool. keep me posted!
[Thu Dec 26 05:20:37 2013] <nones> hello
[Thu Dec 26 05:20:47 2013] <nones> I'm beginner in coq
[Thu Dec 26 05:21:16 2013] <nones> Can you explain, how to write factorial function for Z, not using nat
[Thu Dec 26 05:30:41 2013] <jrw> nones: there are several ways, the easiest of which is to use nat. why don't you want to do it that way?
[Thu Dec 26 05:31:55 2013] <nones> I want to better understand how to work with Z and positive
[Thu Dec 26 07:43:22 2013] <nones> why this code not good? https://codeo.me/3qi
[Thu Dec 26 07:44:04 2013] <ezyang> Not obviously terminating
[Thu Dec 26 07:44:38 2013] <nones> when it will not terminated?
[Thu Dec 26 07:45:18 2013] <ezyang> As it turns out, it will in fact terminate. But Coq needs help to figure that out.
[Thu Dec 26 07:45:57 2013] <nones> how to hint coq it?
[Thu Dec 26 07:47:22 2013] <ezyang> I am not super familiar with how Z is represented, but if you can arrange for the code to be doing structural induction on your structure of Z, you will be good.
[Thu Dec 26 07:47:33 2013] <ezyang> Otherwise, you will need to give Coq a well-foundedness argument
[Thu Dec 26 11:06:41 2013] <roosbeef> hi
[Thu Dec 26 11:06:50 2013] <roosbeef> anyone up for a brain wrecker?
[Thu Dec 26 11:07:13 2013] <roosbeef> on this chilled out christmas day :p
[Thu Dec 26 11:09:32 2013] <roosbeef> alright so im getting this error when trying to define a function https://privatepaste.com/8e6688c332
[Thu Dec 26 11:10:10 2013] <roosbeef> this function https://privatepaste.com/e80d3449d9
[Thu Dec 26 11:11:07 2013] <roosbeef> so basically, coq is saying "hey wait, in that data type theres a ratio between the length of args and the length of h"
[Thu Dec 26 11:11:38 2013] <roosbeef> in the assumptions however, theres "ftv : wf_fterm_v x" (ftv is the variable matched)
[Thu Dec 26 11:11:54 2013] <roosbeef> which states precisely that the ratio between h and args is in order
[Thu Dec 26 11:12:51 2013] <roosbeef> how do i relay that information properly though? There is no interaction with the user like in proof mode when defining a function is there?
[Thu Dec 26 11:15:33 2013] <ystael> roosbeef: I have a gut feeling that your problem may be a few steps further back
[Thu Dec 26 11:16:00 2013] <ystael> It seems strange to write a pattern match expecting the value of ftv to be True
[Thu Dec 26 11:16:15 2013] <ystael> Here True is the type True : Prop that has a single constructor tt : True, correct?
[Thu Dec 26 11:17:10 2013] <roosbeef> yep
[Thu Dec 26 11:18:10 2013] <roosbeef> is there a better way to plug in this fact? The function needs that to be sound
[Thu Dec 26 11:19:31 2013] <ystael> What is the definition of the type wf_fterm_v ?
[Thu Dec 26 11:21:16 2013] <roosbeef> https://privatepaste.com/39064b0569
[Thu Dec 26 11:25:42 2013] <ystael> I would probably try to define fterm_v_is_wf as an inductive type of propositions rather than a function generating a proposition
[Thu Dec 26 11:26:03 2013] <ystael> That way you can pattern match on its structure more easily
[Thu Dec 26 11:27:36 2013] <ystael> You can enforce the length constraint on the argument list by using dependently typed vectors
[Thu Dec 26 11:28:08 2013] <roosbeef> and so, some dependently typed vnil as well?
[Thu Dec 26 11:32:43 2013] <ystael> This is just a sketch: https://privatepaste.com/0d5604bcf4
[Thu Dec 26 11:32:49 2013] <roosbeef> let me see
[Thu Dec 26 11:33:03 2013] <ystael> It may be nonsense in whole or in part
[Thu Dec 26 11:34:22 2013] <ystael> The thing in the comment should be a dependent pair (arg, inhabitant of fterm_v_is_wf arg)
[Thu Dec 26 11:35:50 2013] <roosbeef> so args becomes a list of dependent pairs?
[Thu Dec 26 11:36:00 2013] <roosbeef> what does Vec do?
[Thu Dec 26 11:37:34 2013] <ystael> not sure what you call it, it's the standard length-dependent vector type
[Thu Dec 26 11:38:04 2013] <ystael> (Vec n A is the type of vectors of type A and length n; I may have the arguments in the wrong order or the name wrong)
[Thu Dec 26 11:38:12 2013] <roosbeef> ok
[Thu Dec 26 11:39:31 2013] <roosbeef> hm
[Thu Dec 26 11:39:58 2013] <roosbeef> i can see how use of this other definition of fterm_v_is_wf can be more elegant
[Thu Dec 26 11:40:12 2013] <ystael> In a way what this does is it encodes the well-formedness constraint directly into the term type, instead of using auxiliary proofs
[Thu Dec 26 11:40:24 2013] <roosbeef> but even then, coq would complain when constructing the resulting fterm_a
[Thu Dec 26 11:40:59 2013] <roosbeef> or would it automatically detect the ratio being adhered to somehow?
[Thu Dec 26 11:41:40 2013] <ystael> No, that's the hard thing about constructing dependently typed functions
[Thu Dec 26 11:41:55 2013] <roosbeef> :<
[Thu Dec 26 11:41:56 2013] <ystael> You have to figure out how to introduce all the relevant facts into the type checker so it can match everything up
[Thu Dec 26 11:42:15 2013] <roosbeef> how does one introduce a fact though?
[Thu Dec 26 11:44:19 2013] <roosbeef> would this help? https://privatepaste.com/a7d8c707a0
[Thu Dec 26 11:44:26 2013] <ystael> Generally speaking you need to have some structure on the types of the things you're putting in
[Thu Dec 26 11:44:52 2013] <roosbeef> well the structure is there but its based on the structure of where these things are coming from
[Thu Dec 26 11:45:28 2013] <roosbeef> basically im trying to construct a tree with ratio enforced from a tree with no ratio enforced BUT with the ratio in place anyway (the proof of this being available)
[Thu Dec 26 11:45:39 2013] <ystael> transport might be made to help, yes
[Thu Dec 26 11:45:58 2013] <ystael> The problem is that the type of (fterm_v_is_wf x) is Prop
[Thu Dec 26 11:46:19 2013] <ystael> Not the *sort* of its type, but its *type*
[Thu Dec 26 11:46:47 2013] <ystael> That isn't what you want
[Thu Dec 26 11:47:00 2013] <ystael> If you want fterm_v_is_wf x to be a proof that x is well formed, it should inhabit a type of sort Prop
[Thu Dec 26 11:47:53 2013] <roosbeef> what do you mean by 'inhabit', or 'sort of its type'?
[Thu Dec 26 11:48:00 2013] <roosbeef> im slightly confused :p
[Thu Dec 26 11:48:14 2013] <ystael> that's because I'm talking nonsense, ignore the last few lines
[Thu Dec 26 11:48:18 2013] <ystael> sorry
[Thu Dec 26 11:48:49 2013] <roosbeef> haha
[Thu Dec 26 11:48:51 2013] <roosbeef> :P
[Thu Dec 26 11:50:29 2013] <ystael> I am still confused by what looks like a mismatch between the definition of fterm_v_is_wf x and its use in a pattern match
[Thu Dec 26 11:50:48 2013] <ystael> sorry, wf_fterm_v x
[Thu Dec 26 11:51:05 2013] <ystael> fterm_v_is_wf consumes a term and yields a type of sort Prop
[Thu Dec 26 11:51:16 2013] <ystael> if the term is a Var, that type is True
[Thu Dec 26 11:51:26 2013] <ystael> if the term is a Fun, that type is something /\ somethingelse
[Thu Dec 26 11:51:51 2013] <ystael> Then in aterm_of_vterm, you start by trying to pattern match on ftv which has type wf_fterm_v x
[Thu Dec 26 11:52:04 2013] <ystael> But you do not even know the structure of the type of ftv
[Thu Dec 26 11:52:41 2013] <ystael> If x is a Var, then ftv has type True, and the pattern match should have a single case tt
[Thu Dec 26 11:52:56 2013] <ystael> If x is a Fun, then ftv has type a /\ b, and the pattern match should have a single case, but that case is different
[Thu Dec 26 11:53:26 2013] <ystael> So I don't see how you can hope to write a match like that
[Thu Dec 26 11:53:53 2013] <ystael> You should maybe match on x first, and destructure the proof ftv inside each case
[Thu Dec 26 11:54:48 2013] <roosbeef> the library is closing, have to get out of here, be back in about 5 mins <3
[Thu Dec 26 12:06:24 2013] <roosbeef> hm
[Thu Dec 26 12:07:15 2013] <roosbeef>  but its fed both x and ftv right
[Thu Dec 26 12:07:24 2013] <roosbeef> ftv is a property of x
[Thu Dec 26 12:08:16 2013] <roosbeef> ahh wait
[Thu Dec 26 12:08:23 2013] <roosbeef> i see your point now :p
[Thu Dec 26 12:08:29 2013] <roosbeef> let me go ahead and try that
[Thu Dec 26 12:08:31 2013] <roosbeef> :)
[Thu Dec 26 12:09:07 2013] <roosbeef> how would ftv match with False though
[Thu Dec 26 12:10:03 2013] <ystael> A pattern match against the type False has no cases
[Thu Dec 26 12:10:20 2013] <ystael> but if you have a term of type wf_fterm_v x, then you know that wf_fterm_v x is not the type False
[Thu Dec 26 12:10:37 2013] <ystael> because False has no inhabitants
[Thu Dec 26 12:10:47 2013] <ystael> Don't confuse truth of a proposition with inhabiting the type True
[Thu Dec 26 12:12:38 2013] <ystael> Terms of a conjunction type A /\ B have the form conj a b, where a : A and b : B
[Thu Dec 26 12:13:07 2013] <roosbeef> what does it mean for a proposition to 'inhabit' the type True?
[Thu Dec 26 12:13:16 2013] <ystael> sorry, 'inhabit' is just a word for 'have the type'
[Thu Dec 26 12:13:22 2013] <roosbeef> right
[Thu Dec 26 12:13:30 2013] <roosbeef> so its an expression of True
[Thu Dec 26 12:13:40 2013] <ystael> it's a proof term of the proposition True
[Thu Dec 26 12:13:51 2013] <roosbeef> yea
[Thu Dec 26 12:14:02 2013] <ystael> The proposition (type) True has _exactly_one_ proof term (inhabitant)
[Thu Dec 26 12:14:06 2013] <ystael> that term is tt
[Thu Dec 26 12:14:22 2013] <ystael> True /\ True is a true proposition, but its proof term is not tt
[Thu Dec 26 12:14:24 2013] <ystael> it is conj tt tt
[Thu Dec 26 12:15:15 2013] <roosbeef> but if youre pattern matching a proposition, you normally go by each possible case right?
[Thu Dec 26 12:15:44 2013] <ystael> With the way you have set things up, you need to know the structure of x in order to know the structure of the type wf_fterm_v x, so that you can know what the cases are
[Thu Dec 26 12:16:08 2013] <ystael> Like I said before - if x is a Var, wf_fterm_v x is the type True, and the pattern match has a single case, | tt => ...
[Thu Dec 26 12:16:11 2013] <roosbeef> x can be VTerm.Var or VTerm.Fun
[Thu Dec 26 12:16:27 2013] <ystael> If x is a Fun, then wf_fterm_v x is _not_ the type True, it is a type whose constructor is /\
[Thu Dec 26 12:16:40 2013] <roosbeef> ah right its true by the previous case match
[Thu Dec 26 12:17:05 2013] <ystael> so in this case the match on ftv (of type wf_fterm_v x = something /\ somethingelse) has a single case, | conj proof-of-something proof-of-somethingelse => ...
[Thu Dec 26 12:17:31 2013] <ystael> Without knowing the *structure* of the type wf_fterm_v x, you cannot pattern match on proofs inhabiting that type
[Thu Dec 26 12:18:11 2013] <ystael> This is why I suggested making wf_fterm_v x a dependent inductive type instead of the result of a fixpoint function -- that way you get the structure transparently
[Thu Dec 26 12:18:26 2013] <roosbeef> ok im going to try that
[Thu Dec 26 12:18:47 2013] <roosbeef> but that thing about dependent pairs was weird to me to be honest
[Thu Dec 26 12:18:53 2013] <roosbeef> what did you mean by that
[Thu Dec 26 12:19:39 2013] <ystael> You need to have a proof term that each argument is well formed, for the recursive descent, right?
[Thu Dec 26 12:21:15 2013] <ystael> So for each argument arg, you need a proof term of type wf_fterm_v arg
[Thu Dec 26 12:21:55 2013] <ystael> so what you really have is a vector of arguments and proofs that they are well formed, which is a vector of pairs (arg, proof term of type wf_fterm_v arg)
[Thu Dec 26 12:22:44 2013] <ystael> This is a dependent pair because the type of the second thing depends on the first
[Thu Dec 26 12:22:52 2013] <roosbeef> what would those proofs look like then? The inductive type itself is meant to serve as proof of that, right?
[Thu Dec 26 12:23:49 2013] <ystael> yes, exactly
[Thu Dec 26 12:24:27 2013] <roosbeef> then why have them be pairs
[Thu Dec 26 12:25:04 2013] <ystael> Because you can't name "the type of proofs that <some argument> is well formed" without saying what <some argument> is
[Thu Dec 26 12:25:30 2013] <roosbeef> hm
[Thu Dec 26 12:25:56 2013] <roosbeef> so by 'pair' do you mean 'application' of the inductive type to some value?
[Thu Dec 26 12:26:27 2013] <ystael> I think you'd spell the type of the pair as sig fterm_v wf_fterm_v
[Thu Dec 26 12:26:31 2013] <ystael> see Coq.Init.Specif
[Thu Dec 26 12:27:08 2013] <roosbeef> not wf_fterm_v (sig fterm_v)?
[Thu Dec 26 12:27:25 2013] <roosbeef> what does sig do here
[Thu Dec 26 12:27:30 2013] <roosbeef> aaaargh ;p
[Thu Dec 26 12:27:32 2013] <roosbeef> * eats screen
[Thu Dec 26 12:27:56 2013] <ystael> sig is just the type constructor for dependent pairs
[Thu Dec 26 12:28:03 2013] <roosbeef> ah ok
[Thu Dec 26 12:28:06 2013] <roosbeef> was hoping that :p
[Thu Dec 26 12:28:35 2013] <ystael> sig A P is the constructor for a type of pairs consisting of a term (a : A) and a proof term of the proposition (P a)
[Thu Dec 26 12:29:07 2013] <ystael> a term of type sig A P has the form exist (a : A) (pf: P a)
[Thu Dec 26 12:29:38 2013] <roosbeef> so its specifically meant to build pairs of term a and proof of a Pa?
[Thu Dec 26 12:29:45 2013] <ystael> yes
[Thu Dec 26 12:29:48 2013] <roosbeef> nice
[Thu Dec 26 12:29:55 2013] <roosbeef> ok i can see how that would work
[Thu Dec 26 12:30:03 2013] <ystael> if P is a more general thing (yields Types rather than Props) there is sigT instead
[Thu Dec 26 12:30:09 2013] <ystael> but you have Props here
[Thu Dec 26 12:31:35 2013] <roosbeef> do you think coq would be able to infer from this pattern match on a more elaborate structure that the ratio required for the resulting type is adhered to?
[Thu Dec 26 12:32:43 2013] <ystael> I don't know enough about your problem domain to answer that with confidence
[Thu Dec 26 12:32:57 2013] <roosbeef> only one way to find out i guess :)
[Thu Dec 26 12:33:31 2013] <ystael> In my (relatively limited) experience getting dependently typed pattern matches to typecheck is always challenging
[Thu Dec 26 12:34:03 2013] <ystael> but whatever you can do to expose things directly to pattern matching rather than putting them behind opaque functions or equality proofs helps
[Thu Dec 26 12:34:12 2013] <roosbeef> cool im gonna give it a shot
[Thu Dec 26 12:34:20 2013] <roosbeef> thanks a lot!
[Thu Dec 26 12:34:33 2013] <roosbeef> you have made it a lot more clear :)
[Thu Dec 26 12:34:50 2013] <roosbeef> or at least it doesnt seem as cloudy and obscure anymore to me
[Thu Dec 26 12:35:13 2013] <ystael> you're welcome, good luck :)
[Thu Dec 26 14:10:40 2013] <ianjneu> anyone around? Module question.
[Thu Dec 26 14:12:12 2013] <umei> Hehe... Ask! :)
[Thu Dec 26 14:13:29 2013] <ianjneu> I separated a moderately sized development into modules, and now things don't typecheck due to loss of definitional equalities.
[Thu Dec 26 14:13:36 2013] <ianjneu> Not sure how to expose them.
[Thu Dec 26 14:15:22 2013] <ianjneu> For instance, I have a type CESK that is defined as an instantiation of another type. CESK := Shell CES_point. The reduction relation is CESK -> CESK -> Prop. When I use the relation outside the module, it says the relation has type CESK -> CESK -> Prop instead of Shell CES_point -> Shell CES_point -> Prop.
[Thu Dec 26 14:17:07 2013] <ianjneu> The shell is also defined within the module that provides the reduction relation.
[Thu Dec 26 14:23:40 2013] <ianjneu> also, I have two functors that share the same instantiation of a third module. How do I expose that they are the same? Do they have to become a parameter to said functors?
[Thu Dec 26 14:24:14 2013] <ianjneu> That instantiation is dependent on the previous arguments to the functior :/
[Thu Dec 26 14:39:47 2013] <ianjneu> Thought not.
[Thu Dec 26 14:40:59 2013] <ianjneu> The FAQ for modules is empty. Awesome.
[Thu Dec 26 15:02:37 2013] <ianjneu> * is very frustrated.
[Fri Dec 27 00:15:55 2013] <Hodapp> wow, proving commutativity of multiplication in the exercise in SF is throwing me for a loop...
[Fri Dec 27 02:11:45 2013] <jrw> Hodapp: where are you stuck/what have you tried?
[Fri Dec 27 05:19:22 2013] <ezyang> Is there something like 'Section', except I can control the visibility of identifiers defined in it?
[Fri Dec 27 10:23:24 2013] <Hodapp> jrw: I was trying induction on 'm', getting then m' * n = n * m' -> S m' * n = n * S m', but keep running into cases where the S (whatever) is on the right operand and I can't turn it to anything I seem to be able to simplify
[Fri Dec 27 15:28:41 2013] <jrw> Hodapp: that's right. you have to prove a lemma like: m * (S n) = m + m * n. and to prove that you'll need commutativity and associativity of addition (I think).
[Fri Dec 27 15:28:48 2013] <jrw> and induction on m.
[Fri Dec 27 15:31:01 2013] <Hodapp> ahh, okay.
[Sat Dec 28 16:35:29 2013] <Igloo> Why isn't this ltac matching the hypothesis (as commented on line 68)? http://paste.debian.net/72899/
[Sat Dec 28 16:47:43 2013] <Igloo> Ah, because I meant to have a "_ : " prefix to the pattern, I think
[Sat Dec 28 16:49:50 2013] <Igloo> Hmm, but it then isn't accepted with the assert uncommented
[Sat Dec 28 19:07:49 2013] <Igloo> Aha, "match type of hyp" rather than "match hyp" seems to be what I was looking for
[Sun Dec 29 23:26:38 2013] <hjfreyer> newb question: Is there an equivalent to agda's "()" syntax for absurd patterns in coq? For instance, if I have an Even property for nat, how could I make a div2 function which takes an "Even n" object so I don't have to define it for odd values?
[Sun Dec 29 23:44:34 2013] <Cale> hjfreyer: How you'll define it depends on what Even n consists of.
[Sun Dec 29 23:47:04 2013] <hjfreyer> let's say its something like Inductive Even : nat -> Prop :=
[Sun Dec 29 23:47:13 2013] <hjfreyer> | O_even : Even O
[Sun Dec 29 23:47:42 2013] <hjfreyer> | plus_2_even : forall n, Even n -> Even (S (S n))
[Sun Dec 29 23:47:52 2013] <hjfreyer> (forgive my perhaps wrong syntax, still learning)
[Sun Dec 29 23:48:53 2013] <Cale> Well, you'll likely write something like:
[Sun Dec 29 23:48:56 2013] <hjfreyer> In agda you just pattern match on Even n, and the case of Even 1 is obviously empty to the unifier
[Sun Dec 29 23:49:06 2013] <Cale> Fixpoint div2 (n : nat) (p : Even n) : nat :=
[Sun Dec 29 23:49:10 2013] <Cale>   match p with
[Sun Dec 29 23:49:18 2013] <Cale>    | O_even => O
[Sun Dec 29 23:49:34 2013] <Cale>    | plus_2_even k p => S (div2 k p)
[Sun Dec 29 23:49:38 2013] <Cale>   end.
[Sun Dec 29 23:50:22 2013] <jrw> Cale: if Even n is in Prop can you match on it?
[Sun Dec 29 23:50:35 2013] <Cale> Oh, Prop...
[Sun Dec 29 23:50:50 2013] <Cale> Yeah, I guess that won't work then.
[Sun Dec 29 23:50:57 2013] <Cale> I don't tend to use Prop myself much
[Sun Dec 29 23:51:01 2013] <hjfreyer> well, here's a more complex example:
[Sun Dec 29 23:51:10 2013] <hjfreyer> you take two lists and a proof that they have the same length
[Sun Dec 29 23:51:14 2013] <Cale> But okay...
[Sun Dec 29 23:51:25 2013] <hjfreyer> and you don't want to have to address the case where one is [] and the other is cons
[Sun Dec 29 23:52:17 2013] <hjfreyer> Is that the kind of thing you'd do in coq, or am I just thinking wrongly?
[Sun Dec 29 23:52:26 2013] <Cale> I think you just leave out the cases you don't need?
[Sun Dec 29 23:53:51 2013] <Cale> I could be wrong
[Sun Dec 29 23:55:48 2013] <hjfreyer> nope, it says non-exhaustive pattern match
[Sun Dec 29 23:58:54 2013] <Cale> okay, hmm
[Mon Dec 30 00:00:09 2013] <Cale> Well, Prop is weird, and Agda has no analogue to it.
[Mon Dec 30 00:00:56 2013] <Cale> But it would be good to know if we can use a Prop to define a function like this.
[Mon Dec 30 00:01:05 2013] <Cale> (Rather than just other Props)
[Mon Dec 30 00:01:08 2013] <hjfreyer> yeah, but even if I make it a Type or whatever, that still won't address the two vectors case
[Mon Dec 30 00:01:24 2013] <Cale> It will, you'll just do induction on the structure of the proof
[Mon Dec 30 00:01:34 2013] <Cale> (or recursion)
[Mon Dec 30 00:02:59 2013] <hjfreyer> hrm, I don't totally understand how the builtin "=" operator works
[Mon Dec 30 00:03:09 2013] <hjfreyer> and whether one can pattern match on it
[Mon Dec 30 00:03:13 2013] <Cale> oh, right, there's this match ... as ... return ... syntax
[Mon Dec 30 00:06:57 2013] <Cale> No, that doesn't help
[Mon Dec 30 00:07:30 2013] <Cale> Yeah, I don't think you can eliminate a Prop in order to construct something of a type which is a Set
[Mon Dec 30 00:08:03 2013] <Cale> I got this error message while trying:
[Mon Dec 30 00:08:09 2013] <Cale> Incorrect elimination of "p" in the inductive type "Even":
[Mon Dec 30 00:08:09 2013] <Cale> the return type has sort "Set" while it should be "Prop".
[Mon Dec 30 00:08:09 2013] <Cale> Elimination of an inductive object of sort Prop
[Mon Dec 30 00:08:09 2013] <Cale> is not allowed on a predicate in sort Set
[Mon Dec 30 00:08:09 2013] <Cale> because proofs can be eliminated only to build proofs.
[Mon Dec 30 00:08:42 2013] <Cale> That kind of thing is why I just avoid Prop altogether.
[Mon Dec 30 00:10:55 2013] <jrw> I don't know the right way to do this, but the basic idea is to annotate your match correctly (???) and then put underscores on the RHS of the invalid cases, then surround the whole match with a "refine", then you get dropped into proof mode, and you prove False.
[Mon Dec 30 00:12:25 2013] <hjfreyer> aha!
[Mon Dec 30 00:12:32 2013] <hjfreyer> this seems like what I'm looking for
[Mon Dec 30 00:14:21 2013] <jrw> I just don't know what the magic annotations are in this case :(
[Mon Dec 30 00:29:06 2013] <Cale> oh, there's Program
[Mon Dec 30 00:29:14 2013] <Cale> http://coq.inria.fr/distrib/current/refman/Reference-Manual026.html#hevea_default913
[Mon Dec 30 00:54:38 2013] <jrw> hjfreyer already left, but here's some ugly code that does what he wants...
[Mon Dec 30 00:54:40 2013] <jrw> http://lpaste.net/97722
[Mon Dec 30 01:22:33 2013] <Cale> Oh, I see
[Mon Dec 30 01:25:48 2013] <jrw> I'm not sure that's the best way to do it. but I have seen similar things done that way by people who know more than me :)
[Mon Dec 30 09:37:51 2013] <pirapira> I made an escrowing site for Coq proofs and bitcoins: https://proofmarket.org/
[Mon Dec 30 21:33:03 2013] <augur> so proof market is hilariously awesome
[Mon Dec 30 21:33:25 2013] <augur> im tempted to learn coq now just so i can say officially that im a blackmarket logician
[Mon Dec 30 21:36:53 2013] <augur> https://proofmarket.org/ in case
[Mon Dec 30 21:39:41 2013] <jrw> no good problems on there as far as I can see :(
[Mon Dec 30 21:40:22 2013] <augur> jrw: add one!
[Mon Dec 30 21:41:31 2013] <jrw> the problem (ha) with that kind of site is that often the hard part of a coq development comes in just getting the right definitions and statements of theorems.
[Tue Dec 31 08:15:42 2013] <Rc43> Hello.
[Tue Dec 31 08:15:52 2013] <Rc43> Anybody knows what plugin "funind" for?
[Tue Dec 31 08:17:02 2013] <Rc43> I get exception from this plugin while using "relation extraction" plugin so I am interesting what I am doing wrong.
[Tue Dec 31 08:17:21 2013] <Rc43> As I understood "funind" is for proof generation or something.
[Thu Jan  2 11:10:29 2014] <ianjneu> anyone successfully install ssreflect in 8.4pl2? I'm getting an error about GEXTEND
[Thu Jan  2 11:10:55 2014] <ianjneu> when I change that to EXTEND, there's type error about incompatible token stream types.
[Thu Jan  2 11:17:32 2014] <ianjneu> I know someone's gotten it to work. There's a library (CoqHensel) with 8.4pl2 and ssreflect 1.4 dependencies.
[Thu Jan  2 11:18:09 2014] <Smerdyakov> ianjneu, what do you use Ssreflect for?
[Thu Jan  2 11:19:50 2014] <ianjneu> Smerdyakov: I'm just trying to learn it. The winter break allows me to yak shave.
[Thu Jan  2 11:20:11 2014] <Smerdyakov> * nods.
[Thu Jan  2 11:20:25 2014] <ianjneu> I'd like to use it in my development of this static analysis correctness proof.
[Thu Jan  2 11:21:06 2014] <ianjneu> Specifically, the propositions I have in this paper http://arxiv.org/abs/1305.3163
[Thu Jan  2 11:21:44 2014] <Smerdyakov> And you think that's a more practical approach than the one CPDT advocates?
[Thu Jan  2 11:24:03 2014] <ianjneu> CPDT is impenetrable to me.
[Thu Jan  2 11:24:41 2014] <Smerdyakov> :-(
[Thu Jan  2 11:26:21 2014] <ianjneu> I've read and reread it at least 3 times.
[Thu Jan  2 11:27:11 2014] <ianjneu> I do use the convoy pattern a lot, but I find myself looking it up every time I decide I need it.
[Thu Jan  2 11:27:24 2014] <Smerdyakov> What about the Ltac advice?  Impenetrable, too?
[Thu Jan  2 11:30:09 2014] <ianjneu> I've assimilated some of its advice, but it's very difficult to come up with ltac strategies that will work in more than one place. A lot of the time when I'd like to invert most every hypothesis and use just what I need, Coq says that the goal depends on something-or-other and won't do it. It's very unfriendly to let-binding.
[Thu Jan  2 11:30:44 2014] <Smerdyakov> Do you have an example of that sort of scenario?
[Thu Jan  2 11:30:51 2014] <rmk0> proof automation makes me nervous... mainly because when something inevitably breaks, i've no idea why
[Thu Jan  2 11:30:57 2014] <rmk0> it seems hard to track down the problem
[Thu Jan  2 11:31:26 2014] <rmk0> at least the level of automation that CPDT advocates
[Thu Jan  2 11:31:36 2014] <rmk0> "Proof. crush. Qed."
[Thu Jan  2 11:31:59 2014] <ianjneu> nothing small. I have a formalization of a reduction relation that uses let-bindings in its reduction rules. If I invert something and do subst, it says the goal depends on one of the let-bound variables and dies.
[Thu Jan  2 11:32:29 2014] <Smerdyakov> ianjneu, well, if it's ever practical to produce an example I could look at, I'd be interested.
[Thu Jan  2 11:32:43 2014] <ianjneu> crush is a metavariable dynamically bound in multiple places in the book. It's extremely unhelpful and disorienting.
[Thu Jan  2 11:32:47 2014] <Smerdyakov> rmk0, CPDT addresses how to debug in that situation.
[Thu Jan  2 11:33:11 2014] <Smerdyakov> ianjneu, I don't understand what you mean about a metavariable dynamically bound.
[Thu Jan  2 11:34:14 2014] <ianjneu> Either my eyes glazed over and missed its definition, or crush is, "an exercise left to the reader" and is meant to have different definitions at different parts of the book.
[Thu Jan  2 11:34:24 2014] <Smerdyakov> It's defined in a .v file.
[Thu Jan  2 11:34:41 2014] <Smerdyakov> And the details are intentionally not given in the prose, since that would be distracting early on.
[Thu Jan  2 11:35:04 2014] <Smerdyakov> If you want to see the particular definition for the book, read CpdtTactics.v.
[Thu Jan  2 11:45:27 2014] <ianjneu> Smerdyakov: how would you suggest someone with an ACL2 background approach CPDT?
[Thu Jan  2 11:46:37 2014] <Smerdyakov> ianjneu, it's designed to be read from front to back, assuming said person has also worked with Haskell or ML a fair bit.
[Thu Jan  2 11:47:37 2014] <Smerdyakov> But, of course, reading any book about programming is a small part of the learning process.
[Thu Jan  2 11:47:52 2014] <Rc43> Hello.
[Thu Jan  2 11:47:57 2014] <Smerdyakov> Probably a first read where lots of things don't make much sense is reasonable, and then you come back to understand parts that seem useful in specific projects
[Thu Jan  2 11:48:18 2014] <ianjneu> Indeed, it's easy to read and understand each small bit of information, but combining it all within a single framework of understanding is the hard part.
[Thu Jan  2 11:48:26 2014] <Smerdyakov> I guess the point of the first read is to form an index of "what might hurt later and where to look to find the cure."
[Thu Jan  2 11:49:28 2014] <Rc43> Is there a way in LTac to write conditional patterns? E.g match goal with | [ A : ?X = a, B : ?Y = b ... a <> b ... |- _] => ... ?
[Thu Jan  2 11:51:27 2014] <Smerdyakov> Rc43, you can make the equality in the case body and fail if it comes out the wrong way.
[Thu Jan  2 11:51:44 2014] <Smerdyakov> Rc43, CPDT has examples like that.
[Thu Jan  2 11:51:57 2014] <Smerdyakov> s/equality/equality test
[Thu Jan  2 11:52:24 2014] <Rc43> Serdyakov, I am afraid that if I will brute-force all possibly left sides and compare them with tactics then it will very long.
[Thu Jan  2 11:52:54 2014] <Rc43> Serdyakov, but if there is no built-in facility, then that is a way
[Thu Jan  2 11:52:57 2014] <ianjneu> Rc43: let there be an experiment!
[Thu Jan  2 11:53:37 2014] <Smerdyakov> Rc43, it's not obvious that the fancier language feature you're proposing could do much better.  I don't think Ltac pattern-matching is implemented in a very sophisticated way.
[Thu Jan  2 11:53:37 2014] <Rc43> Hmm, how can I test thing for equality?
[Thu Jan  2 11:53:47 2014] <Smerdyakov> Rc43, hold on, I'll find the example in CDPT.
[Thu Jan  2 11:54:31 2014] <Smerdyakov> Rc43, see [notHyp] here: http://adam.chlipala.net/cpdt/html/Match.html
[Thu Jan  2 11:54:55 2014] <Smerdyakov> Rc43, also, I suggest at least reading that whole chapter, if you want to do serious automation in Coq.
[Thu Jan  2 11:55:01 2014] <Rc43> Smerdyakov, thanks!
[Thu Jan  2 11:58:29 2014] <Rc43> Hmm, is there a way to test arbitrary values for equality? I tried `match (constructor1,constructor2) with | (x,x) => true | _ => false end.', but I can't use variable twice in patterns.
[Thu Jan  2 11:59:06 2014] <Smerdyakov> Yes, and the example I pointed to implicitly uses that way.
[Thu Jan  2 11:59:38 2014] <Smerdyakov> Match one operand with a pattern that just mentions the other.
[Thu Jan  2 12:03:55 2014] <Rc43> Smerdyakov, does it work only in LTac or in Gallina, too? I tried "Definition check (x y : term) := match x with | y => true | _ => false end.", but y matchs with everything.
[Thu Jan  2 12:04:02 2014] <Smerdyakov> Only in Ltac.
[Thu Jan  2 12:04:09 2014] <Rc43> Ok then.
[Thu Jan  2 12:04:13 2014] <Smerdyakov> It would be a serious metatheoretical problem if it worked in Gallina.
[Thu Jan  2 12:04:47 2014] <Rc43> Why?
[Thu Jan  2 12:04:49 2014] <Smerdyakov> It feels like it would either break parametricity or make evaluation undecidable.
[Thu Jan  2 12:05:58 2014] <Smerdyakov> I guess another option would be to allow pattern-matching to "raise an exception" for "I can't figure this out."
[Thu Jan  2 12:06:12 2014] <Smerdyakov> Any of the above make the big picture of Coq significantly more complicated!
[Thu Jan  2 12:07:17 2014] <Saizan> can you do something like match (x,y) with | (?X,?X) => true | _ => false end ?
[Thu Jan  2 12:08:12 2014] <Smerdyakov> That sounds like it should be equivalent.
[Thu Jan  2 12:08:18 2014] <Smerdyakov> More code, though!
[Thu Jan  2 12:08:40 2014] <Rc43> Steel can't make it work. If I match context with `| [ A : ?X = ?Z, B : ?Y = ?Z |- _ ] => ...', then I cna't match ?Z because it is a metavariable.
[Thu Jan  2 12:09:15 2014] <Rc43> Thought about extra-pattern with ..=?Z, ..=?Z but not sure.
[Thu Jan  2 12:10:18 2014] <Smerdyakov> You never write the question mark in the body of a match case.
[Thu Jan  2 12:11:39 2014] <Rc43> Ah, I succeeded.
[Thu Jan  2 12:12:21 2014] <Rc43> Second assumption was correct; just match with one pattern when things are equal and do nothing, next pattern will match when things are non-equal automatically.
[Thu Jan  2 15:19:15 2014] <ianjneu> I found a strange violation of hygiene in my current proof script. (Simplified) I have H0 : p = (something s), H1 : match (fun c) with something s => le s (extract_s p) end. When I subst p, H1 does not rename s, but instead conflates the two s variables.
[Thu Jan  2 15:19:33 2014] <ianjneu> subst p and simpl, I should say.
[Thu Jan  2 15:25:13 2014] <jgross> Can you prove false using it?  Or can you get a proof of false which only fails at Qed time? 
[Thu Jan  2 15:26:31 2014] <jgross> You should probably report it as a bug. 
[Thu Jan  2 15:37:11 2014] <ianjneu> jgross: I can't. I had to further destruct a value in the match expression, which distinguished the two identifiers. It's just weird that they displayed as the same even with Set Printing All.
[Thu Jan  2 15:38:33 2014] <jgross> You should probably still report it as a bug. 
[Thu Jan  2 15:38:45 2014] <jgross> Do you have a small example producing the behavior? 
[Thu Jan  2 15:57:35 2014] <ianjneu> jgross: not as yet.
[Thu Jan  2 16:03:04 2014] <ianjneu> Okay, made one.
[Thu Jan  2 16:10:34 2014] <ianjneu> and submitted.
[Thu Jan  2 17:10:08 2014] <the-manless-man> i'm trying to prove something like (exist A P x Px = exist B Q y Qy)
[Thu Jan  2 17:10:42 2014] <the-manless-man> i've tried to use f_equal4, but there's a problem since P : A -> Prop
[Thu Jan  2 17:10:46 2014] <the-manless-man> while Q : B -> Prop
[Thu Jan  2 17:12:46 2014] <the-manless-man> i've even tried to use f_equal4_JMeq, as in
[Thu Jan  2 17:12:48 2014] <the-manless-man> http://math.mit.edu/~dspivak/teaching/sp13/submissions/JasonGross/html/FEqualDep.html
[Thu Jan  2 17:15:37 2014] <the-manless-man> but my goal is something like  @JMeq C (exist A P x Px) C (exist B Q y Qy)
[Thu Jan  2 17:16:21 2014] <the-manless-man> and f_equal4_JMeq seems to expect that C is of the form (?1 ?2 ?3 ?4 ?5)
[Thu Jan  2 17:16:41 2014] <the-manless-man> (cannot unify)
[Thu Jan  2 17:17:53 2014] <ianjneu> the-manless-man: are you sure there is always a unique witness?
[Thu Jan  2 17:18:58 2014] <the-manless-man> i think there is, using extensionality
[Thu Jan  2 17:19:53 2014] <the-manless-man> (it's a function space)
[Thu Jan  2 17:22:21 2014] <ianjneu> are you familiar with HoTT?
[Thu Jan  2 17:23:14 2014] <the-manless-man> actually the dependent issue is not between A/P and B/Q as i said before
[Thu Jan  2 17:23:15 2014] <the-manless-man> rather, it's a space of monotonic functions
[Thu Jan  2 17:23:15 2014] <the-manless-man> x and y are the same function by extensionality
[Thu Jan  2 17:23:15 2014] <the-manless-man> Px and Qy are the proofs that x / y are monotonic
[Thu Jan  2 17:23:15 2014] <the-manless-man> i've read the first couple of chapters
[Thu Jan  2 17:24:39 2014] <jgross> Try filling in the arguments to f_equal4_JMeq by hand.	refine (@f_equal4_JMeq _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _). gets rid of the unification error. 
[Thu Jan  2 17:25:15 2014] <the-manless-man> coming from a cs background, the topological parts are somewhat obscure
[Thu Jan  2 17:26:44 2014] <the-manless-man> i'll try that, thanks!
[Thu Jan  2 17:27:34 2014] <jgross> Alternatively, try "cut (A = B); [ intro H; destruct H | ]. cut (P = Q); [ intro H; destruct H | ]. cut (x = y); [ intro H; destruct H | ]. cut (Px = Qy); [ intro H; destruct H | ]." to do it by hand. 
[Thu Jan  2 17:30:02 2014] <the-manless-man> i see, i had tried "replace x with y" unsuccessfully
[Thu Jan  2 17:30:26 2014] <jgross> (Note that those are all eq, not JMeq.	There's probably a way to do it with JMeq, with dependent destruction or something.) 
[Thu Jan  2 17:30:41 2014] <jgross> Yes, you need to "replace A with B" before you can "replace x with y" 
[Thu Jan  2 17:31:23 2014] <the-manless-man> thanks, both alternatives seem to work
[Thu Jan  2 17:33:05 2014] <jgross> (Or "replace A with B in *"?  Or "revert Px Qx P Q x y" and then "replace A with B".) 
[Fri Jan  3 00:51:13 2014] <rajaniemi.freenode.net> [freenode-info] channel trolls and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Sun Jan  5 18:46:46 2014] <watermind> and by branches, I mean including the pattern for each case
[Sun Jan  5 19:12:51 2014] <Hodapp> "Define a function [normalize] from binary numbers to binary numbers such that for any binary number b, converting to a natural and then back to binary yields [(normalize b)].  Prove it."
[Sun Jan  5 19:13:54 2014] <Hodapp> I wonder if I was cheating by making 'normalize' a function which converts to a natural and then back to binary, so the proof is true by definition... or if that's the solution he wanted people to find.
[Mon Jan  6 00:33:55 2014] <roosbeef> Cale, im a bit puzzled as to how refine can be practically applied, the example seems overly trivial
[Mon Jan  6 00:35:02 2014] <roosbeef> (this is the example from the reference manual https://privatepaste.com/8721679504)
[Mon Jan  6 00:36:30 2014] <roosbeef> if this is my conversion function (+error) https://privatepaste.com/6462a0ffa6
[Mon Jan  6 00:37:07 2014] <roosbeef> then how would i allow myself the opportunity to fix that error by replacing part of the definition by blanks and doing refine later?
[Mon Jan  6 00:43:03 2014] <jgross> roosbeef: Is https://privatepaste.com/ac9c737b14 what you're looking for? 
[Mon Jan  6 12:03:19 2014] <roosbeef> i have this assumption: attempt1 := vec_of_list (map aterm_of_vterm args) : vector fterm_a (length (map aterm_of_vterm args))
[Mon Jan  6 12:03:52 2014] <roosbeef> how do i apply the Lemma map_length from std lib? (Lemma map_length : forall l, length (map l) = length l.)
[Mon Jan  6 12:04:16 2014] <roosbeef> id like to replace "length (map aterm_of_vterm args)" by "length args"
[Mon Jan  6 12:05:02 2014] <ystael> `rewrite map_length` doesn't work?
[Mon Jan  6 12:05:27 2014] <roosbeef> it does, thank you
[Mon Jan  6 12:05:32 2014] <roosbeef> weird i thought i had tried that :p
[Mon Jan  6 12:45:38 2014] <roosbeef> hm
[Mon Jan  6 12:46:01 2014] <roosbeef> im trying to prove P with the assumption P /\ Q
[Mon Jan  6 12:46:11 2014] <roosbeef> how do i rewrite the assumption to P?
[Mon Jan  6 12:46:51 2014] <roosbeef> (my problem is actually https://privatepaste.com/46aaf986a5, but that is the abstracted structure)
[Mon Jan  6 12:47:41 2014] <jrw> roosbeef: inversion on the hypothesis P /\ Q will give you two hypotheses, one for P and one for Q
[Mon Jan  6 12:48:07 2014] <roosbeef> hm
[Mon Jan  6 12:48:15 2014] <roosbeef> P /\ Q is embedded though
[Mon Jan  6 12:48:24 2014] <roosbeef> so inversion H would not work
[Mon Jan  6 12:48:48 2014] <jrw> * actually reads the paste now...
[Mon Jan  6 12:49:15 2014] <jrw> oh, destruct t is what you want
[Mon Jan  6 12:49:44 2014] <roosbeef> cool thanks :))
[Mon Jan  6 14:04:44 2014] <notdan> argh, what font do I need to install to see this symbol: http://www.cs.ru.nl/~jherold/math-classes-doc/interfaces.canonical_names.html#::x_%27%E2%9F%B6%27_x
[Mon Jan  6 14:30:48 2014] <notdan> hm how can I actually compile the math-classes?
[Mon Jan  6 14:51:33 2014] <notdan> oh nvm, got it
[Mon Jan  6 14:51:45 2014] <notdan> had to add -R <path-to-mathclasses> MathClasses to the coq-prog-args
[Mon Jan  6 15:15:24 2014] <roosbeef> i have a function that converts one data type to another
[Mon Jan  6 15:15:51 2014] <roosbeef> the conversion from A to B only works given a certain assumption, which is a propery of A
[Mon Jan  6 15:16:29 2014] <roosbeef> how do i tell Coq that the function applies only to A when it has that property?
[Mon Jan  6 15:17:56 2014] <notdan> I'd say f : (forall a, your_property a -> a -> b)
[Mon Jan  6 15:20:24 2014] <roosbeef> Fixpoint convert_a_to_b : forall (wf_a x), (x : a) -> b.
[Mon Jan  6 15:20:30 2014] <roosbeef> like that?
[Mon Jan  6 15:21:57 2014] <roosbeef> hm.. im trying this "Fixpoint aterm_of_vterm : forall (x : fterm_v), (wf_term_v x) -> fterm_a." but Coq says Error: A fixpoint needs at least one parameter.
[Mon Jan  6 15:22:16 2014] <roosbeef> ive got the function written out almost completely, just gotta plug that assumption into it somehow :)
[Mon Jan  6 15:25:16 2014] <notdan> Yeah you need a parameter
[Mon Jan  6 15:25:45 2014] <notdan> mayb Fixpoint aterm_of_vterm (x : fterm_v) (_ : wf_term_v x) : fterm_a
[Mon Jan  6 15:25:47 2014] <notdan> something like that
[Mon Jan  6 15:27:07 2014] <roosbeef> Error: Cannot do a fixpoint on a non inductive type.
[Mon Jan  6 15:27:49 2014] <notdan> wf_term_v x is not inductive, right?
[Mon Jan  6 15:27:50 2014] <notdan> maybe
[Mon Jan  6 15:28:04 2014] <notdan> Fixpoint aterm_of_vterm (x: fterm_v) : wf_term_v x -> fterm_a
[Mon Jan  6 15:29:31 2014] <roosbeef> https://privatepaste.com/9fcaf10a4d
[Mon Jan  6 15:30:21 2014] <roosbeef> ok yea that seems to work :)
[Mon Jan  6 15:30:25 2014] <roosbeef> thank you
[Mon Jan  6 15:32:06 2014] <notdan> yeh because you really want to induct on fterm_v, not on the proof that x is a well formed term :)
[Mon Jan  6 15:35:55 2014] <notdan> robbert: sorry, are you Robbert Krebbers? If that's the case, I was wondering if the math-classes is still active
[Mon Jan  6 15:51:20 2014] <roosbeef> waaa
[Mon Jan  6 15:51:21 2014] <roosbeef> ;p
[Mon Jan  6 15:51:55 2014] <roosbeef> theres a recursive aspect to the function im writing
[Mon Jan  6 15:51:56 2014] <roosbeef> https://privatepaste.com/6328fce62d
[Mon Jan  6 15:52:14 2014] <roosbeef> soo now that assumption seems to be in place :) which is good
[Mon Jan  6 15:53:39 2014] <roosbeef> but i think that in the recursion its not obvious to Coq that the same assumption holds there
[Mon Jan  6 15:53:54 2014] <roosbeef> (although it does follow from the definition of that assumption that it does)
[Mon Jan  6 16:30:40 2014] <jrw> roosbeef: I'm not sure if you can do this with List.map directly. you'll need a lemma that says that if the (Fun h args) is well formed, then each element of the arument list is also well formed. then you'll need to thread that through (maybe with a custom map-like definition)
[Mon Jan  6 16:33:06 2014] <roosbeef> hm
[Mon Jan  6 16:33:10 2014] <roosbeef> yea that would make sense
[Mon Jan  6 16:33:50 2014] <roosbeef> how would i pipe that lemma in though?
[Mon Jan  6 16:35:45 2014] <roosbeef> so something like map_if_wf?
[Mon Jan  6 17:31:54 2014] <jrw> roosbeef: it's a little bit complicated. if you post full definitions of everything you have, I may be able to look at it later
[Mon Jan  6 23:59:19 2014] <jrw> in this example, why does coq allow the indirect recursive calls via map? how can I exploit this kind of thing for my own data types? http://lpaste.net/98082
[Tue Jan  7 00:24:27 2014] <jrw> for example, if I replace map with a functionally equivalent my_map, the definition no longer goes through...
[Tue Jan  7 04:05:52 2014] <roosbeef> morning
[Tue Jan  7 04:12:34 2014] <roosbeef> soo
[Tue Jan  7 04:12:55 2014] <jrw> roosbeef: one sec
[Tue Jan  7 04:13:10 2014] <roosbeef> ok
[Tue Jan  7 04:13:46 2014] <jrw> roosbeef: what is CoLoR, btw?
[Tue Jan  7 04:15:10 2014] <roosbeef> its a library about term rewriting systems
[Tue Jan  7 04:16:01 2014] <roosbeef> a term being of the structure  Induction term : string -> list term -> term | emptystring : term
[Tue Jan  7 04:16:09 2014] <roosbeef> (informally speaking)
[Tue Jan  7 04:16:30 2014] <roosbeef> soo basically my issue at the moment is that
[Tue Jan  7 04:16:35 2014] <jrw> interesting, anyway
[Tue Jan  7 04:17:41 2014] <jrw> if you look at what I have there, I'm not sure it's the right direction to go, but it has a couple ideas for you
[Tue Jan  7 04:17:55 2014] <roosbeef> cool :)
[Tue Jan  7 04:18:00 2014] <jrw> first is to change the definition of fterm_v_is_wf
[Tue Jan  7 04:18:04 2014] <jrw> to an inductive one
[Tue Jan  7 04:18:07 2014] <jrw> that starts on line 372
[Tue Jan  7 04:18:39 2014] <jrw> second one is to rework the type of aterm_of_vterm to be a conversion that can fail
[Tue Jan  7 04:18:47 2014] <jrw> so it goes fterm_v -> option fterm_a
[Tue Jan  7 04:19:09 2014] <jrw> then, you prove a lemma like (fterm_v_is_wf x -> aterm_of_vterm x = Some y)
[Tue Jan  7 04:19:26 2014] <jrw> this is kind of a separation of concerns: the code from the proof
[Tue Jan  7 04:19:30 2014] <roosbeef> ah right, you prove a lemma that it doesnt fail given that fterm_v_is_wf
[Tue Jan  7 04:19:46 2014] <jrw> this is not always the right architecture, but sometimes it can make things clearer
[Tue Jan  7 04:20:41 2014] <jrw> so I tried both of those ideas (together, but actually, you could have tried them separately), but I got stuck at the very end
[Tue Jan  7 04:20:58 2014] <jrw> if you load that file up, you'll see that it gets all the way to the last line, and then chokes on the Defined.
[Tue Jan  7 04:21:02 2014] <jrw> which is always a huge bummer
[Tue Jan  7 04:21:54 2014] <roosbeef> thats odd :p
[Tue Jan  7 04:22:01 2014] <roosbeef> so the proof is complete but it wont wrap up
[Tue Jan  7 04:22:13 2014] <jrw> well, actually the proof isn't quite complete
[Tue Jan  7 04:22:21 2014] <roosbeef> it says no more subgoals
[Tue Jan  7 04:22:29 2014] <jrw> yeah, it's lying :)
[Tue Jan  7 04:22:32 2014] <jrw> because aterm_of_vterm isn't structurally restrictive
[Tue Jan  7 04:22:34 2014] <roosbeef> :p
[Tue Jan  7 04:22:39 2014] <jrw> er, recursive
[Tue Jan  7 04:22:48 2014] <jrw> damn, now I need to sleep, haha
[Tue Jan  7 04:22:53 2014] <roosbeef> haha
[Tue Jan  7 04:23:13 2014] <jrw> but you see where I call mapSeq?
[Tue Jan  7 04:23:18 2014] <roosbeef> yes
[Tue Jan  7 04:23:28 2014] <jrw> that's not a structurally recursive call to aterm_of_vterm
[Tue Jan  7 04:23:33 2014] <jrw> so it won't go through
[Tue Jan  7 04:23:51 2014] <jrw> now, coq has some magic for the builtin list.map that makes this kind of thing work
[Tue Jan  7 04:24:20 2014] <jrw> for example, check out:  http://lpaste.net/98082
[Tue Jan  7 04:24:27 2014] <roosbeef> wow thats some advanced stuff youre using :p
[Tue Jan  7 04:24:33 2014] <roosbeef> ok lemme see
[Tue Jan  7 04:24:54 2014] <jrw> if you look at f there, it's not technically structurally recursive
[Tue Jan  7 04:25:09 2014] <jrw> but coq has some heuristic I don't know about or something to do the right thing there
[Tue Jan  7 04:25:23 2014] <roosbeef> yea because it uses map right
[Tue Jan  7 04:25:26 2014] <jrw> right
[Tue Jan  7 04:25:39 2014] <jrw> maybe Ptival_ knows?
[Tue Jan  7 04:25:47 2014] <jrw> he's probably also asleep though.
[Tue Jan  7 04:26:15 2014] <roosbeef> you guys are in the US?
[Tue Jan  7 04:26:21 2014] <jrw> yeah, west coast
[Tue Jan  7 04:26:30 2014] <jrw> 1:25am atm
[Tue Jan  7 04:26:31 2014] <roosbeef> haha cool
[Tue Jan  7 04:26:35 2014] <roosbeef> gmt+1 here
[Tue Jan  7 04:26:39 2014] <roosbeef> (NL)
[Tue Jan  7 04:26:46 2014] <jrw> cool
[Tue Jan  7 04:27:17 2014] <roosbeef> im gonna have a closer look at your code
[Tue Jan  7 04:27:39 2014] <roosbeef> thank you so much for looking into this man, seems like you took your time
[Tue Jan  7 04:27:44 2014] <jrw> sounds good.
[Tue Jan  7 04:27:52 2014] <jrw> no problem, it's a good exercise for me
[Tue Jan  7 04:27:59 2014] <jrw> sorry I didn't get it all the way
[Tue Jan  7 04:28:09 2014] <roosbeef> haha you got close enough though, no more subgoals
[Tue Jan  7 04:28:32 2014] <jrw> also, I don't know how much you've done with dependent pattern matching, but that code might be kind of confusing
[Tue Jan  7 04:28:55 2014] <roosbeef> some of it does look somewhat exotic i would have to admit :p
[Tue Jan  7 04:29:02 2014] <jrw> so mapSeq isn't that bad
[Tue Jan  7 04:29:42 2014] <jrw> just map a function that might fail over a list, then if it succeeded on all elements, return all the results
[Tue Jan  7 04:30:04 2014] <jrw> then I have an admitted lemma that says if mapSeq succeeds, the resulting list has the same length as the input
[Tue Jan  7 04:30:14 2014] <jrw> I didn't bother to prove it, but it should be straightforward
[Tue Jan  7 04:30:24 2014] <jrw> (famous last words, but I'm pretty sure in this case)
[Tue Jan  7 04:30:43 2014] <roosbeef> :p
[Tue Jan  7 04:30:51 2014] <jrw> then there's aterm_of_vterm
[Tue Jan  7 04:31:07 2014] <jrw> if the lengths don't match, we fail right away (the else branch)
[Tue Jan  7 04:31:24 2014] <jrw> otherwise, we do the mapSeq
[Tue Jan  7 04:31:32 2014] <jrw> we match on the result of that
[Tue Jan  7 04:31:35 2014] <roosbeef> yea im still a bit puzzled how the mapSeq would even know that each of the elements in args is wf BECAUSE Fun h args is wf
[Tue Jan  7 04:31:47 2014] <jrw> oh, it won't
[Tue Jan  7 04:32:09 2014] <jrw> remember we're not thinking about wf yet
[Tue Jan  7 04:32:23 2014] <jrw> just doing the computation, and failing if we get into a not wf stage
[Tue Jan  7 04:32:32 2014] <jrw> then later, come back, prove a lemma about wf never failing
[Tue Jan  7 04:32:34 2014] <jrw> right?
[Tue Jan  7 04:32:38 2014] <roosbeef> ahh right
[Tue Jan  7 04:32:47 2014] <jrw> so mapSeq doesn't care about wf at all
[Tue Jan  7 04:33:06 2014] <jrw> but you're totally right that we'll have to prove some more lemmas about mapSeq preserving wf or something
[Tue Jan  7 04:33:41 2014] <jrw> okay, so back to aterm_of_vterm?
[Tue Jan  7 04:33:45 2014] <roosbeef> yes
[Tue Jan  7 04:33:51 2014] <jrw> so we match on the result of mapSeq
[Tue Jan  7 04:34:09 2014] <jrw> you should ignore everything between "as z..." up to "with" for right now
[Tue Jan  7 04:34:19 2014] <jrw> if the mapSeq failed, we fail too
[Tue Jan  7 04:34:34 2014] <jrw> (ignore the "fun _ =>" for now...)
[Tue Jan  7 04:35:00 2014] <jrw> otherwise, we get a list of results back, and we construct the Aterm with that, using asig_of_vsig (ignore the "fun p =>" for now...
[Tue Jan  7 04:35:12 2014] <jrw> does that make sense at a high level?
[Tue Jan  7 04:35:18 2014] <roosbeef> at a high level, yes
[Tue Jan  7 04:35:29 2014] <jrw> okay, so the details are a little nastier
[Tue Jan  7 04:35:56 2014] <jrw> basically, ATerm.Fun takes a vector, right?
[Tue Jan  7 04:36:17 2014] <jrw> so we have to prove to coq that the result "l" that we get back from mapSeq has the right length
[Tue Jan  7 04:36:20 2014] <roosbeef> yes, a string and a vector of a certain length depending on the string length
[Tue Jan  7 04:36:35 2014] <jrw> that turns out to be  more annoyting than one might hope...
[Tue Jan  7 04:36:44 2014] <jrw> * can't type
[Tue Jan  7 04:36:47 2014] <roosbeef> :p
[Tue Jan  7 04:37:02 2014] <jrw> so have you seen the "return" annotations before?
[Tue Jan  7 04:37:09 2014] <roosbeef> yea ive seen it
[Tue Jan  7 04:37:15 2014] <roosbeef> not entirely sure what it does
[Tue Jan  7 04:37:18 2014] <jrw> ok
[Tue Jan  7 04:37:32 2014] <jrw> so if you were going to convince me that l has the right length, how would you do it?
[Tue Jan  7 04:37:49 2014] <roosbeef> l being args?
[Tue Jan  7 04:38:06 2014] <jrw> no, l being the result of mapSeq if it succeeds
[Tue Jan  7 04:38:07 2014] <roosbeef> ah right l being args with vterm_from_aterm applied to it
[Tue Jan  7 04:38:09 2014] <jrw> line 438
[Tue Jan  7 04:38:11 2014] <jrw> yeah
[Tue Jan  7 04:38:20 2014] <roosbeef> i would say that map is length preserving
[Tue Jan  7 04:38:25 2014] <jrw> yep
[Tue Jan  7 04:38:36 2014] <jrw> so you need to know that l is in fact map applied to args
[Tue Jan  7 04:38:53 2014] <jrw> which it clearly is, because we matched on map applied to args, right?
[Tue Jan  7 04:39:04 2014] <jrw> but it turns out that coq can't see this equality directly
[Tue Jan  7 04:39:11 2014] <roosbeef> and that the length of args is proportional to the length of h, because Fun h args is wf
[Tue Jan  7 04:39:15 2014] <jrw> when you go inside the match, you lose what you were matching on.
[Tue Jan  7 04:39:24 2014] <jrw> haha, no wf yet!
[Tue Jan  7 04:39:30 2014] <roosbeef> :p
[Tue Jan  7 04:39:56 2014] <jrw> length of args is good because we checked all the way up on line 434 if the lengths matched, remember?
[Tue Jan  7 04:40:05 2014] <jrw> and we failed otherwise (else branch)
[Tue Jan  7 04:40:33 2014] <roosbeef> ah yes we did!
[Tue Jan  7 04:40:40 2014] <roosbeef> thats clever
[Tue Jan  7 04:40:45 2014] <jrw> ;)
[Tue Jan  7 04:41:00 2014] <jrw> but we have to convince coq of our cleverness :p
[Tue Jan  7 04:41:29 2014] <jrw> ok so as I was saying, when you go inside a match and get a result, coq forgets what you matched on
[Tue Jan  7 04:41:40 2014] <roosbeef> yes.. so how do we bring this under the attention of coq then?
[Tue Jan  7 04:41:41 2014] <jrw> there are good technical reasons for this, but it can be annoying in practice
[Tue Jan  7 04:41:46 2014] <jrw> good question.
[Tue Jan  7 04:41:55 2014] <jrw> the answer is the "as" and "return" annotations
[Tue Jan  7 04:42:15 2014] <jrw> "as z" means "remember the thing you're matching on and call it z"
[Tue Jan  7 04:42:21 2014] <roosbeef> ahh
[Tue Jan  7 04:42:47 2014] <roosbeef> so you can then refer to z within the match
[Tue Jan  7 04:42:51 2014] <jrw> yep
[Tue Jan  7 04:42:54 2014] <jrw> and also in the return
[Tue Jan  7 04:43:01 2014] <roosbeef> nice
[Tue Jan  7 04:43:02 2014] <jrw> "return ... = z -> option fterm_a" means "then give me a proof that what you matched on was actually 'mapSeq...' and I'll give you an option fterm_a"
[Tue Jan  7 04:43:42 2014] <jrw> now we've actually changed the type we want to return from the match
[Tue Jan  7 04:43:53 2014] <jrw> instead of returning just the option
[Tue Jan  7 04:44:12 2014] <jrw> we return a function from proofs that we're matching on "mapSeq ..." to options
[Tue Jan  7 04:44:23 2014] <jrw> that's why each branch starts with "fun"
[Tue Jan  7 04:44:33 2014] <jrw> because it takes in that proof
[Tue Jan  7 04:44:42 2014] <jrw> also notice that little underscore at the end of line 439
[Tue Jan  7 04:44:45 2014] <jrw> that's very important
[Tue Jan  7 04:44:59 2014] <jrw> that's where we're going to call the function we returned from the match and pass it the proof
[Tue Jan  7 04:45:10 2014] <jrw> because we're inside a refine here, we can supply that proof later in proof mode.
[Tue Jan  7 04:45:24 2014] <jrw> did all that make sense?
[Tue Jan  7 04:45:33 2014] <roosbeef> one second :p
[Tue Jan  7 04:45:37 2014] <jrw> sure
[Tue Jan  7 04:47:03 2014] <jrw> brb.
[Tue Jan  7 04:49:08 2014] <roosbeef> ok so 'as' and 'return' are both modifiers of "match .. with"
[Tue Jan  7 04:49:38 2014] <jrw> yes, exactly
[Tue Jan  7 04:49:41 2014] <jrw> "annotations"
[Tue Jan  7 04:49:46 2014] <roosbeef> where does the p in fun p come from?
[Tue Jan  7 04:49:52 2014] <roosbeef> and where does the value of that last _ come from?
[Tue Jan  7 04:49:56 2014] <jrw> it's just an argument name
[Tue Jan  7 04:50:12 2014] <jrw> it's like where the x in "Fixpoint aterm_of_vterm (x : fterm_v) " comes from
[Tue Jan  7 04:50:22 2014] <roosbeef> ah
[Tue Jan  7 04:50:29 2014] <jrw> p for proof
[Tue Jan  7 04:50:36 2014] <roosbeef> so it can just be introduced there?
[Tue Jan  7 04:50:37 2014] <jrw> p has type apSeq aterm_of_vterm args = z
[Tue Jan  7 04:50:53 2014] <jrw> yeah, it's just an anonymous function
[Tue Jan  7 04:51:03 2014] <roosbeef> ok
[Tue Jan  7 04:51:12 2014] <jrw> I could have written "fun (p : mapSeq aterm_of_vterm args = z) => "
[Tue Jan  7 04:51:19 2014] <jrw> but coq is smart enough to infer it
[Tue Jan  7 04:51:48 2014] <jrw> actually, I probably could have left out the name entirely, but that's not really the point
[Tue Jan  7 04:51:55 2014] <roosbeef> :p
[Tue Jan  7 04:52:03 2014] <jrw> so what were you asking about the last _?
[Tue Jan  7 04:52:07 2014] <roosbeef> well
[Tue Jan  7 04:52:25 2014] <roosbeef> it seems that there is some sort of function application taking place
[Tue Jan  7 04:52:30 2014] <jrw> yes!
[Tue Jan  7 04:52:33 2014] <roosbeef> where that _ is taken as an argument
[Tue Jan  7 04:52:37 2014] <jrw> exactly
[Tue Jan  7 04:52:40 2014] <roosbeef> but where is that argument coming from then
[Tue Jan  7 04:52:49 2014] <jrw> oh, so that's where refine comes in handy
[Tue Jan  7 04:53:03 2014] <jrw> the whole function is inside a refine, right?
[Tue Jan  7 04:53:07 2014] <roosbeef> yes
[Tue Jan  7 04:53:15 2014] <roosbeef> ah right so you later tell Coq what the _ is
[Tue Jan  7 04:53:19 2014] <jrw> so we can put underscores wherever we want, and they become subgoals below
[Tue Jan  7 04:53:35 2014] <jrw> it turns out that that _ is very easy to fill in, "reflexivity" proves it
[Tue Jan  7 04:54:02 2014] <roosbeef> why does it even want that argument though
[Tue Jan  7 04:54:23 2014] <jrw> oh, because remember I said the type we're getting out of the match has changed
[Tue Jan  7 04:54:41 2014] <jrw> from (option fterm_a) to (mapSeq aterm_of_vterm args = z -> option fterm_a)
[Tue Jan  7 04:54:44 2014] <jrw> right?
[Tue Jan  7 04:54:54 2014] <roosbeef> yes
[Tue Jan  7 04:55:01 2014] <jrw> that's what the return annotation did, along with the "fun ... =>" in each branch
[Tue Jan  7 04:55:05 2014] <jrw> so now we have a function back
[Tue Jan  7 04:55:07 2014] <roosbeef> thats what return did
[Tue Jan  7 04:55:10 2014] <jrw> but that's not what we want yet
[Tue Jan  7 04:55:11 2014] <roosbeef> yea
[Tue Jan  7 04:55:21 2014] <jrw> we actually needed the (option fterm_a)
[Tue Jan  7 04:55:26 2014] <jrw> right? so we're not done yet
[Tue Jan  7 04:55:30 2014] <roosbeef> ahh right
[Tue Jan  7 04:55:31 2014] <jrw> we have to apply the function to something
[Tue Jan  7 04:55:39 2014] <jrw> but what we want to apply it to is a proof
[Tue Jan  7 04:55:51 2014] <jrw> and those are annoyhing to construct, so we just do it later
[Tue Jan  7 04:55:58 2014] <jrw> hence "_"
[Tue Jan  7 04:56:07 2014] <jrw> which looks like an emoticon
[Tue Jan  7 04:56:14 2014] <roosbeef> ok but why do we have a function there in the first place? Cant we just leave out the 'fun _ =>' part?
[Tue Jan  7 04:56:17 2014] <roosbeef> haha it does
[Tue Jan  7 04:56:31 2014] <jrw> yeah, that's a good question
[Tue Jan  7 04:56:36 2014] <jrw> the answer is no
[Tue Jan  7 04:56:48 2014] <jrw> I invite you to mess with it to see what the error messages are
[Tue Jan  7 04:57:17 2014] <jrw> but the reason boils down to the fact that coq does not (and in general, it turns out, *cannot*) remember what you matched in each branch of a match
[Tue Jan  7 04:57:39 2014] <jrw> and the way you remind it of what you matched on is with this weird return annotation
[Tue Jan  7 04:58:07 2014] <roosbeef> hmm right
[Tue Jan  7 04:58:39 2014] <roosbeef> haha its funny that what you did is actually not even that exotic but mostly necessary for coq to remember earlier information
[Tue Jan  7 04:58:58 2014] <jrw> yeah that happens a lot
[Tue Jan  7 04:59:06 2014] <roosbeef> cause at first sight i thought wow what is this guy doing haha
[Tue Jan  7 04:59:19 2014] <jrw> yep, that's the right first reaction :)
[Tue Jan  7 04:59:49 2014] <jrw> honestly, I'm no expert, so there may be a better way of doing it. but I have seen other people do it this way...
[Tue Jan  7 05:00:26 2014] <roosbeef> could you maybe expand a little on the proof steps you did?
[Tue Jan  7 05:00:31 2014] <roosbeef> what does specialize do for example
[Tue Jan  7 05:00:34 2014] <jrw> yeah, sure
[Tue Jan  7 05:00:49 2014] <jrw> okay before we get there
[Tue Jan  7 05:01:16 2014] <jrw> at a high level, we have one nontrivial subgoal, which boils down to convincing coq that "l" on line 438 has the right length, right?
[Tue Jan  7 05:02:14 2014] <roosbeef> l being that return thing
[Tue Jan  7 05:02:15 2014] <roosbeef> yes
[Tue Jan  7 05:02:40 2014] <jrw> l being the result from matchSeq if it succeeded, yeah
[Tue Jan  7 05:03:09 2014] <jrw> ok so this will be clearer if you actually step all the way up to that subgoal so you can see the context
[Tue Jan  7 05:03:24 2014] <jrw>   aterm_of_vterm : fterm_v -> option fterm_a
[Tue Jan  7 05:03:26 2014] <jrw>   x : fterm_v
[Tue Jan  7 05:03:28 2014] <jrw>   f : S1.VSig
[Tue Jan  7 05:03:30 2014] <jrw>   args : list (term S1.VSig)
[Tue Jan  7 05:03:32 2014] <jrw>   _H : length args = arity (asig_of_vsig f)
[Tue Jan  7 05:03:34 2014] <jrw>   l : list fterm_a
[Tue Jan  7 05:03:36 2014] <jrw>   p : mapSeq aterm_of_vterm args = Some l
[Tue Jan  7 05:03:38 2014] <jrw>   ============================
[Tue Jan  7 05:03:40 2014] <jrw>    vector (ATerm.term S1.ASig) (arity (asig_of_vsig f))
[Tue Jan  7 05:03:42 2014] <jrw> should look like that (before the rewrite _H)
[Tue Jan  7 05:03:54 2014] <roosbeef> yep im there
[Tue Jan  7 05:04:12 2014] <jrw> okay so first we know that args has the same length as the arity of f
[Tue Jan  7 05:04:15 2014] <jrw> why do we know that?
[Tue Jan  7 05:04:27 2014] <roosbeef> i cant say wf can i :p
[Tue Jan  7 05:04:30 2014] <jrw> no!
[Tue Jan  7 05:04:37 2014] <jrw> haha, but that's why I asked :)
[Tue Jan  7 05:04:54 2014] <jrw> ***because we checked if the lengths were the same on line 434***
[Tue Jan  7 05:04:58 2014] <jrw> :D
[Tue Jan  7 05:05:04 2014] <roosbeef> ah right
[Tue Jan  7 05:05:22 2014] <jrw> now eq_dec_nat has a fancy dependent type that gives you the right hypothesis in each branch of the if
[Tue Jan  7 05:05:24 2014] <roosbeef> so it would not have gone into that branch of the algorithm if the lengths were not the same
[Tue Jan  7 05:05:28 2014] <jrw> yep
[Tue Jan  7 05:05:38 2014] <jrw> _H is the result of that in the "then" branch
[Tue Jan  7 05:05:42 2014] <roosbeef> ahh
[Tue Jan  7 05:05:45 2014] <jrw> and it says the lengths of the same
[Tue Jan  7 05:05:46 2014] <roosbeef> i was wondering where that came from
[Tue Jan  7 05:05:52 2014] <jrw> god damn I really can't type
[Tue Jan  7 05:05:59 2014] <roosbeef> so _H is produced by eq_dec_nat?
[Tue Jan  7 05:06:04 2014] <jrw> kind of, yeah
[Tue Jan  7 05:06:08 2014] <roosbeef> kind of?
[Tue Jan  7 05:06:29 2014] <jrw> so the type of eq_dec_nat is weird
[Tue Jan  7 05:06:46 2014] <jrw> {n = m} + {n <> m}
[Tue Jan  7 05:06:54 2014] <jrw> you've seen stuff like that before?
[Tue Jan  7 05:06:59 2014] <roosbeef> yea
[Tue Jan  7 05:07:02 2014] <jrw> yeah okay
[Tue Jan  7 05:07:14 2014] <jrw> so in the "then" branch, we get "n = m"
[Tue Jan  7 05:07:23 2014] <jrw> and in the else branch we would get n <> m if we cared
[Tue Jan  7 05:07:29 2014] <jrw> that's where _H comes from
[Tue Jan  7 05:07:33 2014] <roosbeef> ah right
[Tue Jan  7 05:07:37 2014] <jrw> in this case n is length args and m is arity of f
[Tue Jan  7 05:07:41 2014] <roosbeef> so _H is just the branch of eq_dec_nat were in
[Tue Jan  7 05:07:44 2014] <jrw> yes
[Tue Jan  7 05:08:01 2014] <roosbeef> thats very kind of eq_dec_nat to leave that in the assumptions
[Tue Jan  7 05:08:07 2014] <jrw> :) yeah
[Tue Jan  7 05:08:23 2014] <jrw> you wouldn't have appreciated that kindness if we hadn't just spent 30 minutes talking about return annotations, haha
[Tue Jan  7 05:08:31 2014] <roosbeef> haha
[Tue Jan  7 05:08:37 2014] <jrw> that's why I didn't use beq_nat in the if there
[Tue Jan  7 05:08:50 2014] <roosbeef> oh beq_nat doesnt do that?
[Tue Jan  7 05:08:53 2014] <jrw> it would still work, but I'd have to use another lemma blah blah
[Tue Jan  7 05:08:59 2014] <jrw> no no, different problem
[Tue Jan  7 05:09:02 2014] <jrw> you still get an assumption
[Tue Jan  7 05:09:14 2014] <jrw> it just needs massaging before it's an equality
[Tue Jan  7 05:09:23 2014] <roosbeef> hmm
[Tue Jan  7 05:09:25 2014] <jrw> you get the assumption (beq_nat n m = true)
[Tue Jan  7 05:09:29 2014] <jrw> when you want (n = m)
[Tue Jan  7 05:09:32 2014] <roosbeef> right
[Tue Jan  7 05:09:47 2014] <jrw> not that hard to go between, but sometimes just easier to use eq_dec_nat
[Tue Jan  7 05:09:49 2014] <jrw> anyways
[Tue Jan  7 05:09:57 2014] <roosbeef> ok so yea
[Tue Jan  7 05:10:00 2014] <jrw> so we rewrite with that
[Tue Jan  7 05:10:06 2014] <roosbeef> we know that args has the same length as arity of f
[Tue Jan  7 05:10:13 2014] <jrw> yep
[Tue Jan  7 05:10:22 2014] <jrw> and after the rewrite we have the goal:
[Tue Jan  7 05:10:28 2014] <jrw> vector (ATerm.term S1.ASig) (length args)
[Tue Jan  7 05:10:37 2014] <roosbeef> yep
[Tue Jan  7 05:10:46 2014] <jrw> and we might think at this point "hey great, let's use (vec_of_list l) and we're done"
[Tue Jan  7 05:10:51 2014] <jrw> and in one sense, that is correct
[Tue Jan  7 05:10:57 2014] <jrw> and I invite you to try it to see what happens
[Tue Jan  7 05:11:02 2014] <jrw> you'll get an error
[Tue Jan  7 05:11:16 2014] <jrw> but conceptually it's the right idea.
[Tue Jan  7 05:11:33 2014] <roosbeef> well
[Tue Jan  7 05:11:52 2014] <jrw> but you probably already see what's wrong there.
[Tue Jan  7 05:12:05 2014] <roosbeef> let me try that, i would think that coq would say "but how is the length of that vector correct?"
[Tue Jan  7 05:12:15 2014] <jrw> yeah
[Tue Jan  7 05:12:32 2014] <jrw> so we need our mapSeq_length lemma
[Tue Jan  7 05:13:05 2014] <jrw> specialize is a tactic that, ironically, is very similar to generalize
[Tue Jan  7 05:13:29 2014] <jrw> if you give it a lemma, you can then partially apply some of the lemma's arguments
[Tue Jan  7 05:13:40 2014] <roosbeef> partially?
[Tue Jan  7 05:13:55 2014] <jrw> well if the lemma has 9 arguments, you could specify the first few but not necessarily all of them
[Tue Jan  7 05:14:28 2014] <jrw> and then it adds a hypothesis to your context with the lemma specialized to those arguments
[Tue Jan  7 05:15:02 2014] <roosbeef> where does specialize find "aterm_of_vterm args l p"
[Tue Jan  7 05:15:23 2014] <jrw> those are all arguments to mapSeq_length
[Tue Jan  7 05:15:25 2014] <roosbeef> oh those are assumptions :p nm
[Tue Jan  7 05:15:29 2014] <jrw> yeah
[Tue Jan  7 05:15:45 2014] <jrw> okay, if you step through the specialize and the intro you'll see the hypothesis, right?
[Tue Jan  7 05:16:50 2014] <roosbeef> yea the hypothesis being that mapSeq is length preserving
[Tue Jan  7 05:16:56 2014] <jrw> yeah
[Tue Jan  7 05:17:09 2014] <jrw> now at this point you should want to say "rewrite H"
[Tue Jan  7 05:17:26 2014] <jrw> but for reasons unknown to me, that gives a totally incoherent error message
[Tue Jan  7 05:17:31 2014] <roosbeef> haha
[Tue Jan  7 05:17:43 2014] <jrw> I think it's possibly related to the fact that the Defined isn't going to go through in a few lines
[Tue Jan  7 05:17:54 2014] <jrw> and the rewrite tactic just prints the wrong error or something
[Tue Jan  7 05:17:57 2014] <jrw> that's my guess
[Tue Jan  7 05:18:13 2014] <jrw> anyway, instead of rewrite, you can use replace, and it works for some reason
[Tue Jan  7 05:18:17 2014] <jrw> again, not sure why]
[Tue Jan  7 05:18:28 2014] <roosbeef> but why does it not give you another subgoal to prove
[Tue Jan  7 05:18:44 2014] <jrw> because I have that exact assumption in context
[Tue Jan  7 05:18:45 2014] <roosbeef> replace wants you to prove the equality from what i remember?
[Tue Jan  7 05:18:49 2014] <roosbeef> ah
[Tue Jan  7 05:18:50 2014] <jrw> yeah
[Tue Jan  7 05:18:54 2014] <jrw> but heuristics :)
[Tue Jan  7 05:18:57 2014] <roosbeef> so that does work but rewrite doesnt
[Tue Jan  7 05:19:11 2014] <jrw> yeah, like I said, probably for not-very-interesting error handling reasons
[Tue Jan  7 05:19:30 2014] <roosbeef> hm
[Tue Jan  7 05:19:37 2014] <roosbeef> this proof seems convincing
[Tue Jan  7 05:19:43 2014] <jrw> haha, good.
[Tue Jan  7 05:19:45 2014] <jrw> it should.
[Tue Jan  7 05:19:46 2014] <roosbeef> but apparently Coq chokes on it :<
[Tue Jan  7 05:19:52 2014] <jrw> nah, it likes the proof
[Tue Jan  7 05:19:57 2014] <jrw> "no more subgoals"
[Tue Jan  7 05:20:02 2014] <roosbeef> whats the part it doesnt like?
[Tue Jan  7 05:20:04 2014] <jrw> it just doesn't like the actual definition
[Tue Jan  7 05:20:10 2014] <jrw> of the function
[Tue Jan  7 05:20:10 2014] <roosbeef> why
[Tue Jan  7 05:20:14 2014] <jrw> it doesn't like the map
[Tue Jan  7 05:20:21 2014] <jrw> not structurally recursive blah blah blah
[Tue Jan  7 05:20:24 2014] <roosbeef> hmm
[Tue Jan  7 05:20:31 2014] <roosbeef> yea thats the idea of using map right
[Tue Jan  7 05:20:38 2014] <jrw> right
[Tue Jan  7 05:20:53 2014] <roosbeef> do you think i should try a more structurally recursive approach?
[Tue Jan  7 05:21:00 2014] <jrw> um, you could
[Tue Jan  7 05:21:02 2014] <roosbeef> like using fold_right or something? (im not even sure if that makes sense)
[Tue Jan  7 05:21:21 2014] <jrw> I'm not sure what the right approach in that direction would be
[Tue Jan  7 05:21:28 2014] <jrw> I mean, mapSeq is basically map
[Tue Jan  7 05:21:44 2014] <jrw> so if coq can figure map out, we should be able to convince it of mapSeq
[Tue Jan  7 05:21:52 2014] <jrw> I'm just not familiar with the machinery
[Tue Jan  7 05:22:04 2014] <jrw> so my suggested strategy would be to ask more peope in here :)
[Tue Jan  7 05:22:10 2014] <roosbeef> ha ok
[Tue Jan  7 05:22:24 2014] <roosbeef> i think its pretty funny that coq goes all the way through the proof with you
[Tue Jan  7 05:22:33 2014] <roosbeef> only to then say "mmmm nah i dont like your definition"
[Tue Jan  7 05:22:36 2014] <jrw> yeah that happens more often than you might think
[Tue Jan  7 05:22:45 2014] <jrw> it's actually a design choice that coq makes
[Tue Jan  7 05:22:49 2014] <jrw> tactics are unverified
[Tue Jan  7 05:23:11 2014] <jrw> then there's an extra "double check" step at the Qed or Defined that makes sure things are good
[Tue Jan  7 05:23:26 2014] <roosbeef> cool
[Tue Jan  7 05:23:27 2014] <roosbeef> well
[Tue Jan  7 05:23:39 2014] <roosbeef> im gonna see if i can approach it from another angle somehow
[Tue Jan  7 05:23:51 2014] <jrw> I assume most of these types you didn't define yourself
[Tue Jan  7 05:23:55 2014] <roosbeef> again thanks a lot, your comment was even more clarifying than i had expected!
[Tue Jan  7 05:23:56 2014] <jrw> like VTerm.term
[Tue Jan  7 05:24:18 2014] <jrw> oh, no worries
[Tue Jan  7 05:24:19 2014] <roosbeef> because like i said my first impression was "wow wtf"
[Tue Jan  7 05:24:30 2014] <jrw> glad to help
[Tue Jan  7 05:24:42 2014] <jrw> one thing you might try is to read some other functions that process VTerm.terms
[Tue Jan  7 05:24:43 2014] <roosbeef> yea those types are from the library
[Tue Jan  7 05:24:49 2014] <jrw> to see how they recurse and such
[Tue Jan  7 05:24:56 2014] <roosbeef> hm thats a good idea
[Tue Jan  7 05:25:11 2014] <jrw> maybe my approach is just wrong and there's a better one
[Tue Jan  7 05:25:14 2014] <jrw> that would be nice.
[Tue Jan  7 05:25:26 2014] <jrw> and that's better than you banging your head against this all day
[Tue Jan  7 05:25:56 2014] <roosbeef> thats ok, it builds character or so ive heard :p
[Tue Jan  7 05:26:03 2014] <jrw> it's true
[Tue Jan  7 05:26:18 2014] <jrw> anyway, I really need to sleep
[Tue Jan  7 05:26:40 2014] <jrw> but keep me posted, you've got me curious :)
[Tue Jan  7 05:26:40 2014] <roosbeef> alright see you later man
[Tue Jan  7 05:26:45 2014] <roosbeef> i will!
[Tue Jan  7 05:26:48 2014] <jrw> yep, have a good one
[Tue Jan  7 08:01:42 2014] <notdan> http://coq.inria.fr/library/Coq.Classes.Morphisms.html#Proper can someone please explain to me what is this all about?
[Tue Jan  7 08:02:06 2014] <notdan> I thought proper morphisms were something different
[Tue Jan  7 08:43:56 2014] <notdan> Where did the SetoidAxioms module went? Changelog doesn't mention it
[Tue Jan  7 08:44:12 2014] <notdan> I am looking for setoid_extensionality inparticular
[Tue Jan  7 21:33:08 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Lists.html#lab68 - tl_length_pred right here doesn't make much sense to me; what are 'tl' and 'pred'? Are they declared implicitly and their types inferred?
[Tue Jan  7 21:54:47 2014] <ianjneu> pred = _ - 1. tl = second
[Tue Jan  7 21:55:27 2014] <ianjneu> well, not second. The tail of the list. second sometimes means that.
[Tue Jan  7 21:58:04 2014] <Hodapp> but then what does "length (tl l)" mean?
[Tue Jan  7 21:58:34 2014] <Hodapp> I was figuring that 'tl' had to be some kind of natlist -> natlist function, or something
[Tue Jan  7 22:00:14 2014] <ianjneu> if you have a list l = [1; 2] = 1 :: 2 :: nil, then tl l = [2] = 2 :: nil
[Tue Jan  7 22:00:26 2014] <ianjneu> so length l = 2 and length (tl l) = 1
[Tue Jan  7 22:01:35 2014] <ianjneu> for that proposition to be a theorem, tl must be defined to return nil when given nil, and pred returns 0 given 0.
[Tue Jan  7 22:03:24 2014] <ianjneu> tl is defined on that page to do just that.
[Tue Jan  7 22:04:00 2014] <Hodapp> ohhhh, I was confused there for a minute. I thought you meant 'tl' was the tail of some specific list, i.e. 'tl' is a list
[Tue Jan  7 22:04:03 2014] <Hodapp> but now I see we're saying the same thing
[Wed Jan  8 02:22:09 2014] <defanor> i've imported Coq.Numbers.NatInt.NZLog, but getting "Error: The reference log2_up was not found in the current environment"; coq version 8.4pl2. what am i doing wrong?
[Wed Jan  8 02:25:06 2014] <defanor> will try to update
[Wed Jan  8 02:26:59 2014] <defanor> ugh, there's no 'uninstall' target in coq makefile =/ not that important though
[Wed Jan  8 02:40:52 2014] <defanor> same with 8.4pl3
[Wed Jan  8 03:08:59 2014] <defanor> checked it, that definition is present in theories/Numbers/NatInt/NZLog.v, and it's compiled version was compiled lately. restarted proog general and coq also, and found that i had log2 from Coq.Numbers.Natural.Peano.NPeano; without that import, i don't have log2 even
[Wed Jan  8 03:12:19 2014] <defanor> probably i should open some scope
[Wed Jan  8 03:15:50 2014] <defanor> there is some NatScope, but i don't get how to open it. imported Coq.Numbers.Natural.Abstract.NAxioms, still getting "Error: Scope NatScope is not declared."
[Wed Jan  8 03:32:50 2014] <defanor> managed to use Z.log2_up from BinInt, but it's from ZArith
[Wed Jan  8 03:33:23 2014] <defanor> probably i could use Z2N, but it does not seem nice
[Wed Jan  8 03:34:27 2014] <defanor> Z.to_nat even
[Wed Jan  8 03:36:01 2014] <defanor> and Z.of_nat =/
[Wed Jan  8 03:49:18 2014] <defanor> will it be harder to prove thorems with ZArith?
[Wed Jan  8 06:01:15 2014] <defanor> seems harder, there are negative cases
[Wed Jan  8 06:01:32 2014] <defanor> and it's excessive, because i don't even need them here
[Wed Jan  8 06:11:57 2014] <defanor> probably it'll be easier to define everything manually for nats
[Wed Jan  8 06:32:34 2014] <defanor> oh, there is N.log2_up
[Wed Jan  8 06:32:36 2014] <defanor> nice
[Wed Jan  8 08:56:54 2014] <defanor> how to define fixpoints with decreasing N?
[Wed Jan  8 08:59:48 2014] <defanor> i could convert it between N and nat all the time, but it does not seem nice at all
[Wed Jan  8 09:00:12 2014] <defanor> and probably will make proofs harder
[Wed Jan  8 09:08:46 2014] <defanor> perhaps i should read more about coq before trying to practice apart of exercises
[Wed Jan  8 16:03:11 2014] <ystael> wXeno: You eventually need to understand the underlying type theory.
[Wed Jan  8 16:03:38 2014] <ystael> You don't need to understand the _dynamics_ of how Coq works internally, in the same way as a Prolog programmer needs to manipulate the order of clause resolution and things like that.
[Wed Jan  8 16:03:38 2014] <wXeno> that's not a big issue, since I'm just as interrested in the type theory as in the proofs
[Wed Jan  8 16:04:42 2014] <ystael> To the extent that similar issues arise, it's in figuring out how to build automated tactics (which is a large part of what CPDT is about)
[Wed Jan  8 16:04:52 2014] <ystael> Ltac is pretty vaguely specified and frustrating
[Wed Jan  8 16:06:18 2014] <wXeno> :/
[Wed Jan  8 16:07:07 2014] <wXeno> this one got a pretty good walkthrough of the basics btw: http://www.cis.upenn.edu/~bcpierce/sf/index.html
[Wed Jan  8 16:07:14 2014] <ystael> yes, that's an excellent text
[Wed Jan  8 16:07:18 2014] <wXeno> I wish he would make a print and/or pdf edition of it
[Wed Jan  8 16:07:44 2014] <ystael> if you work through even an initial segment of it you should have no problems with CPDT
[Wed Jan  8 16:09:11 2014] <ystael> (well, not *no* problems.  there are never *no* problems in Coq.)
[Wed Jan  8 16:10:15 2014] <wXeno> :)
[Wed Jan  8 16:17:27 2014] <notdan> https://github.com/math-classes/math-classes/blob/master/src/theory/hom_functor.v#L10 why won't this type check if I remove the 'Program' part? It says "The term "comp x v w X:(x ⟶ v) → x ⟶ w" has type "(x ⟶ v) → x ⟶ w" while it is expected to have type "homFrom v ⟶ homFrom w".
[Wed Jan  8 16:17:28 2014] <notdan> "
[Wed Jan  8 16:17:40 2014] <notdan> but the definition of `homFrom` is exactly that
[Wed Jan  8 16:17:41 2014] <notdan> idgi
[Wed Jan  8 16:43:08 2014] <ystael> notdan: it's not exactly that; homFrom is wrapped in the constructor setoids.object of setoids.Object; the raw arrow type is not
[Wed Jan  8 18:05:29 2014] <notdan> Hm, so why does the Program thing make it work?
[Wed Jan  8 20:19:40 2014] <ystael> notdan: I don't know if anyone else has answered your question
[Wed Jan  8 20:19:57 2014] <ystael> Program is a way of using tactics instead of explicit term construction to construct functions as opposed to just prove theorems
[Wed Jan  8 20:20:28 2014] <ystael> The "proof" tactic there is just `constructor` which does exactly that: applies the necessary constructor
[Wed Jan  8 20:20:37 2014] <ystael> which is precisely the difference between that arrow type and homFrom
[Thu Jan  9 01:24:32 2014] <roosbeef> is it possible to rewrite an assumption using another assumption?
[Thu Jan  9 07:08:19 2014] <robbert> notdan: I am Robbert Krebbers indeed. Unfortunatelly, it is not, all authors are currently working on other things, and we do not any running projects on the RU on formalization of math in Coq. If you have question about it, feel free to mail me (or Bas Spitters).
[Thu Jan  9 07:47:03 2014] <notdan> robbert: thanks, I'll try to play aroung with it a little bit more before mailing specific questions
[Thu Jan  9 12:00:01 2014] <notdan> Why does the 'Setoid' class have type 'Type -> Type'? Shouldn't it be Type -> Prop?
[Thu Jan  9 12:05:54 2014] <robbert> notdan: Equiv has type [Type -> Type] (that is the informative part), but Setoid has type [forall A, Equiv A -> Prop]
[Thu Jan  9 12:09:49 2014] <notdan> robbert: that's in math-classes, right?
[Thu Jan  9 12:10:02 2014] <notdan> I think that's reasonable, but I was talking about stdlib, sorry
[Thu Jan  9 12:10:17 2014] <notdan> sorry I didn't make that clear
[Thu Jan  9 12:15:47 2014] <robbert> notdan: because that Setoid class contains the relation, which you want to be able to project out
[Thu Jan  9 12:15:54 2014] <robbert> for that it needs to be in Type
[Thu Jan  9 12:19:32 2014] <notdan> So there is not possible to define a type of proper setoid morphisms using the stdlib definition?
[Thu Jan  9 12:20:28 2014] <notdan> I tried (exists h, Proper (equiv ==> equiv) h)
[Thu Jan  9 12:20:39 2014] <notdan> oh I guess I can use pairT
[Thu Jan  9 12:22:49 2014] <robbert> Or use a record
[Thu Jan  9 12:40:04 2014] <notdan> oh right, that works
[Thu Jan  9 13:04:50 2014] <ianjneu> if I have a goal that uses match e as o return (e = o -> ...) with ... end, and a hypothesis H: e = something, Coq does not let me rewrite H to reduce the goal. What is the proper incantation to do such things?
[Thu Jan  9 13:06:45 2014] <notdan> ouch, I am using this definition of setoid morphism http://vpaste.net/9ACSC and I need to prove that composiiton of setoid morphisms is still a setoid morphism.
[Thu Jan  9 13:07:30 2014] <notdan> So I managed to get to this point: http://vpaste.net/c29bi but now I have this problem of two different proofs for 'Setoid b' sm_from0 and sm_to1
[Thu Jan  9 13:07:39 2014] <notdan> and they are incompatible
[Thu Jan  9 13:09:35 2014] <ianjneu> setoid hell.
[Thu Jan  9 13:16:14 2014] <notdan> Oh got it, need to redefine the record type: http://vpaste.net/sLBXi the (Setoid B) proof is not being duplicated that way
[Thu Jan  9 13:16:18 2014] <notdan> ianjneu: indeed :(
[Thu Jan  9 13:16:57 2014] <notdan> I set to proof Yoneda lemma a couple of days ago, fast-forward, have to sit and read about setoids
[Thu Jan  9 13:22:21 2014] <ianjneu> Category theory in Coq is very difficult. You might want to check out jgross's category theory library for pointers. He had to jump through many hoops.
[Thu Jan  9 13:25:16 2014] <notdan> The one in HoTT repository?
[Thu Jan  9 13:25:25 2014] <ianjneu> so much of my experience with Coq is *intense concentration for 6 hours* followed by FUUUUUUUUCK
[Thu Jan  9 13:25:31 2014] <ianjneu> notdan: I think so.
[Thu Jan  9 13:25:36 2014] <notdan> haha
[Thu Jan  9 13:26:23 2014] <notdan> oh he is using records
[Thu Jan  9 13:26:31 2014] <notdan> I was toying wit the typeclass approach
[Thu Jan  9 13:27:57 2014] <notdan> Also he doesn't deal with setoids, I think? Probably using some HoTT equality
[Thu Jan  9 13:35:40 2014] <notdan> Is there a way to split goal of proving the equality of records into several goals?
[Thu Jan  9 13:37:44 2014] <ianjneu> f_equal doesn't work?
[Thu Jan  9 13:40:36 2014] <notdan> oh I didn't think of records as functions
[Thu Jan  9 13:40:37 2014] <notdan> thanks
[Thu Jan  9 13:41:36 2014] <ianjneu> records aren't functions, but their constructors are.
[Thu Jan  9 14:31:36 2014] <notdan> Managed to prove the associativity of setoid morphisms using proof irrelevance
[Thu Jan  9 14:31:51 2014] <notdan> not sure if it was fair to use it
[Thu Jan  9 14:52:06 2014] <Hodapp> Someday, I'll know WTF you are saying.
[Thu Jan  9 14:53:57 2014] <ianjneu> Hodapp: elaborate?
[Thu Jan  9 14:57:30 2014] <ystael> ianjneu: Can you say a little bit about why your goal looks like that?  (I'm not questioning you, I'm curious - I don't understand why you build the match to return e = o -> something.)
[Thu Jan  9 14:57:43 2014] <ystael> *would build a match
[Thu Jan  9 14:59:46 2014] <Hodapp> ianjneu: 'setoid' and 'proof irrelevance' are not yet words I even know the meaning of. It will be a ways before I work with them with fluency.
[Thu Jan  9 15:02:58 2014] <ianjneu> ystael: I wanted to case split on whether my alist lookup finds something, and maintain the equality of the result so I could use a theorem that correlates the algorithmic lookup and the relational lookup, "MapsTo"
[Thu Jan  9 15:05:23 2014] <ianjneu> Hodapp: "X-oid" in type theory means there is possibly higher path structure to the generally set-theoretic X. As for Coq's setoid's, they're a structure of a type and an equivalence relation, meant to use the typeclass system to make congruence-based reasoning more natural. They're a pain in the butt though.
[Thu Jan  9 15:06:07 2014] <ystael> But in that context e and o are not already definitionally equal? (since the name o is assigned to e by the match?)
[Thu Jan  9 15:07:53 2014] <ianjneu> ystael: nope. That would admit axiom K I believe.
[Thu Jan  9 15:08:36 2014] <ystael> ianjneu: hm. I clearly don't understand equality yet then :)
[Thu Jan  9 15:13:54 2014] <ystael> ah, I see what I don't understand, though I still don't understand it
[Thu Jan  9 15:20:16 2014] <jrw> ianjneu: when I'm in that situation, sometimes destructing on the discriminee works for me, sometimes it doesn't (error something like: goal depends on foo). but I have no idea what I'm doing. will be curious to see if you get a better answer
[Thu Jan  9 15:25:46 2014] <ianjneu> jrw: I can't destruct it or do case_eq. It needs to transport the equality across the return type, but I don't know how to make it do that.
[Thu Jan  9 15:26:28 2014] <ianjneu> I get an error along the lines of, "if you do this, you get BAAAARF which is ill-typed."
[Thu Jan  9 15:26:48 2014] <ianjneu> which is indicative of a missing transport.
[Thu Jan  9 17:42:07 2014] <notdan> Yay, managed to define the category of setoids and the covariant hom-functor
[Thu Jan  9 17:42:55 2014] <notdan> the problem was that Coq auto-picked an equivalence relation on setoid morphisms for me, and it was just Leibniz equality
[Thu Jan  9 17:43:02 2014] <notdan> which is wrong
[Thu Jan  9 19:41:57 2014] <jgross> ianjneu: and a hypothesis H: e = something <- use "destruct H" or "symmetry in H; destruct H" or "destruct (eq_sym H)" (I don't recall which side gets eliminated) 
[Thu Jan  9 19:44:23 2014] <jgross> ianjneu: Or use "subst e".  This is assuming "e" is a variable.  If it's a term, you might need to first "revert H" then make it a variable by "generalize e" or "pattern e; generalize e" or a manual "change" to introduce the transport in the right place, and then you can re-intro H and destruct it. 
[Thu Jan  9 19:45:12 2014] <jgross> (This is all assuming H is not mentioned in the goal at all.  If it is, you should be able to do "pose proof H" and then destruct your new equality, but you'll be out of luck when you need to know the structure of H) 
[Thu Jan  9 19:52:50 2014] <jgross> notdan, ianjneu: Yes, the one in the HoTT repository is the most recent version, and it uses higher inductive types rather than setoids.  There's an older version of the repo at https://bitbucket.org/JasonGross/catdb, and if you go far back enough in the history, there's some work with very basic category theory based on setoids.  There's not yet a proof of the yoneda lemma in HoTT/HoTT, but please feel free to clean up
[Thu Jan  9 19:52:50 2014] <jgross> https://github.com/JasonGross/HoTT-categories/blob/yoneda/theories/Categories/Yoneda.v (my wip on the previous version of the ct library) and port it to HoTT/HoTT and submit a pull request.  Also, I plan to submit a paper to ITP 2014 on the trials and tribulations of making a performant category theory library in a proof assistant.  If there's interest, I can announce (or email/irc message) when I have a better draft of it (it currently requires
[Thu Jan  9 19:52:50 2014] <jgross> a decent amount of reorganization). 
[Thu Jan  9 23:05:04 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Lists.html#lab73 hrmph, rev_involutive is really tripping me up for some reason
[Thu Jan  9 23:05:24 2014] <Hodapp> it *looks* like something that induction on l should solve easily, but I cannot find a way to make it work
[Thu Jan  9 23:06:19 2014] <Hodapp> gotten the subgoal to "rev (snoc (rev l') v') = v' :: l'" and just cannot find how to apply the inductive hypothesis "rev (rev l)) = l" to it
[Thu Jan  9 23:06:31 2014] <Hodapp> er, s/l/l'/ for the hypothesis
[Thu Jan  9 23:19:54 2014] <bishboria> Hodapp: rewrite?
[Thu Jan  9 23:24:12 2014] <jgross__> * slaps jgross__ around a bit with a large trout
[Thu Jan  9 23:25:01 2014] <jgross__> Oops, sorry, I was seeing what a button in the kiwiirc.com irc client did.
[Thu Jan  9 23:36:34 2014] <hjfreyer> Hey, if I have a goal which is "S _ = O -> something", how do I prove it?
[Thu Jan  9 23:36:47 2014] <hjfreyer> the lhs is obviously false but I don't know how to tell it
[Thu Jan  9 23:39:49 2014] <hjfreyer> aha, congruence
[Fri Jan 10 00:46:47 2014] <jrw> Hodapp: did you get it?
[Fri Jan 10 05:07:54 2014] <notdan> jgross: oh I would love to read such paper
[Fri Jan 10 05:08:24 2014] <notdan> jgross: unfortunately I don't know anything about higher inductive types, so I think such a write up would be very interesting and useful for me
[Fri Jan 10 05:10:54 2014] <notdan> Hodapp: you need to get that v' in front of the rev(rev(l')), I think a 'simpl' will suffice
[Fri Jan 10 07:42:17 2014] <Hodapp> notdan: 'simpl' just gets me from "rev (rev (v' :: l')) = v' :: l'" to the subgoal I stated; not sure what you mean
[Fri Jan 10 07:43:40 2014] <Hodapp> bishboria: I have tried rewriting with the inductive hypothesis and it's not clear to me that it gets me anywhere.
[Fri Jan 10 07:53:18 2014] <Hodapp> been trying to remove the outermost 'rev' somehow and just can't seem to get there; simplifying just appears to bury the v' deeper inside another application of 'rev'
[Fri Jan 10 08:00:07 2014] <notdan> I think you have to prove that 'rev (snoc l v) == v :: rev l'
[Fri Jan 10 08:00:21 2014] <notdan> and then you can use that lemma to prove your goal
[Fri Jan 10 08:00:29 2014] <notdan> at least that's how I did it
[Fri Jan 10 08:01:47 2014] <Hodapp> hmm, yeah, that looks like it'd work
[Fri Jan 10 08:01:49 2014] <bishboria> for the `cons` case of l, I did: simple, then two different rewrites
[Fri Jan 10 08:02:41 2014] <bishboria> (simple might not be necessary, I liked to use it as I ran through proofs step at a time to see how things change)
[Fri Jan 10 12:11:59 2014] <jgross> notdan: about HITs, I don't use them much.  The selling point is that you use them when you need to (quotient types, epimorphisms in Set), and otherwise don't need to worry about them at all.  Unlike setoids, where you need to worry about them everywhere. 
[Fri Jan 10 12:52:48 2014] <ianjneu> I'd like to see HITs used for representing binding. See how that looks.
[Fri Jan 10 13:40:50 2014] <Ptival> HIT for higher-order inductive types?
[Fri Jan 10 14:02:26 2014] <notdan> jgross: I'll take a look, this sounds promising
[Fri Jan 10 14:02:27 2014] <ianjneu> Ptival: higher inductive types. Higher as in n > 0 htypes.
[Fri Jan 10 14:19:32 2014] <Ptival> ianjneu: oright
[Fri Jan 10 15:23:34 2014] <ianjneu> I'm trying to figure out the right definition of stuttering bisimulation refinement that doesn't need proof relevance for reduction relations. It's not going smoothly. Grah.
[Fri Jan 10 15:25:30 2014] <ianjneu> The parametric bisimulations paper is way too complicated to import.
[Fri Jan 10 15:40:03 2014] <notdan> proof relevance?
[Fri Jan 10 15:52:30 2014] <ianjneu> notdan: I'd rather not get into it.
[Fri Jan 10 15:55:05 2014] <notdan> got it. thought you made a typo
[Fri Jan 10 16:44:02 2014] <jgross> ianjneu: Have you considered basing your work on HoTT, where proof relevance is a good thing, rather than annoying? 
[Fri Jan 10 17:01:26 2014] <Saizan> jgross: do you mean that HoTT addresses some of the annoying parts of relevance?
[Fri Jan 10 17:04:28 2014] <ianjneu> jgross: I don't think it's really necessary. I just have to wrap more into props. I don't have any higher path structure since the reduction relation is decidable.
[Fri Jan 10 17:05:33 2014] <ianjneu> Rather, I'm trying to bake in a notion of stuttering into my relation between two trace-based semantics.
[Fri Jan 10 17:06:42 2014] <ianjneu> s --> s' ==> n,s |--> n', s' and n' < n ==> n,s |--> n',s
[Fri Jan 10 17:07:29 2014] <jgross> Saizan: HoTT gives a systematic way for reasoning about proof-releant equalities.  What annoying parts were you thinking of? 
[Fri Jan 10 17:08:16 2014] <jgross> ianjneu: You need prop for impedicativity, or something else? 
[Fri Jan 10 17:08:38 2014] <ianjneu> The annoying parts are basically the syntactic separation of Type and Prop in Coq, so that all libraries I use have to be duplicated with Type instead of Prop.
[Fri Jan 10 17:10:02 2014] <ianjneu> I don't need relevant equalities. Rather I (thought I) need a relevant proof of s stepsto* s', so I can transform that trace in one semantics to a corresponding trace in the other semantics.
[Fri Jan 10 17:10:32 2014] <ianjneu> I'm trying a different approach nowe.
[Fri Jan 10 17:10:36 2014] <ianjneu> now*
[Fri Jan 10 17:13:37 2014] <Saizan> jgross: well i was thinking about those, e.g. needing to prove two proofs of equality equal, knowing that it's a groupoid helps but maybe you meant more? like some powerful tactic?
[Fri Jan 10 17:19:56 2014] <jgross> Like, if you have two proofs of equality between sigma types, and you want to prove them equal, then you'd be stumped if they don't unify. But if you know HoTT, then you know that the type (p; H) = (p'; H') (with _;_ being the constructor for sigma types, i.e., existT in Coq) is equivalent to the type (p = p'; H = H').  So now you've simplified your proof obligation from one of type @eq ((p; H) = (p' H')) _ _ to @eq (p = p'; H = H') _ _.  And
[Fri Jan 10 17:19:56 2014] <jgross> there's a way to prove equality of dependent pairs, namely, first prove equality of the first components, then of the second components.  Maybe your first components will unify now, and then your second component proof will be doable.  The idea is just that before, when you were faced with an iterated equality, you blinked and were confused, or used proof irrelevance, and now when you're faced with an iterated equality, you know how to keep
[Fri Jan 10 17:19:56 2014] <jgross> simplifying it until you can either prove it, or exhibit a counter-example. 
[Fri Jan 10 17:22:48 2014] <Saizan> ah, right, i guess coming at it from K i never really experienced that part of the problem
[Fri Jan 10 17:23:39 2014] <ystael> jgross: Is there an Agda port of your category library?  Or is that a stupid question?
[Fri Jan 10 17:23:47 2014] <Saizan> so i mostly see "ok, i proved the first projections equal, now i'll have that in the way when i prove the second projections are too"
[Fri Jan 10 17:28:02 2014] <jgross> There are a bunch of lemmas dealing with how you proved the first projections equal.  e.g., if you used functional extensionality, there's a way of fixing that if the functions are all applied in the second projections. 
[Fri Jan 10 17:31:52 2014] <Saizan> ah, nice
[Fri Jan 10 17:32:18 2014] <Saizan> are they discussed in the book too?
[Fri Jan 10 18:19:58 2014] <jgross> Almost certainly, but I haven't read that far yet.  Basically, they're rules for how transport interacts with various functions with construct paths. 
[Sat Jan 11 00:25:58 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Lists.html#lab78 - huh, I guess I did the easy way. They'd already proven rev is involutive, so I did l1 = rev (rev l1) and l2 = rev (rev l2), thus making the goal rev (rev l1) = rev (rev l2) which the hypothesis readily makes true
[Sat Jan 11 00:26:02 2014] <Hodapp> not sure what the hard way was...
[Sat Jan 11 04:15:33 2014] <notdan> Hodapp: the hard way is by inductino probably
[Sat Jan 11 08:21:08 2014] <Hodapp> notdan: probably. I found the easy way pretty slick nonetheless.
[Sat Jan 11 08:23:13 2014] <Hodapp> though it's less impressive when I read that all involutions are bijections and therefore injective :P
[Sat Jan 11 17:01:48 2014] <Igloo> How do I make a modules called foo.bar?
[Sat Jan 11 17:02:07 2014] <Igloo> "Module Export foo.bar." gives an error
[Sat Jan 11 18:00:43 2014] <robbert> Igloo: Modulo foo. Module bar. ?
[Sat Jan 11 18:03:33 2014] <Igloo> Hmm, I still get "Error: The file .../foo/bar.vo contains library bar and not library foo.bar"
[Sat Jan 11 21:40:54 2014] <jgross> Is anyone here familiar with the ConCaT contrib?  I'm finding it's short names and lack of comments combination particularly impenetrable. 
[Sat Jan 11 23:29:04 2014] <ianjneu> is there a way to assert something and maintain its definitional equalities after you give the proof?
[Sat Jan 11 23:30:17 2014] <ezyang> ianjneu: Not that I know of. There a few ways around this, but generally I end up defining this outside the theorem
[Sat Jan 11 23:30:30 2014] <ezyang> Note that 'pose proof' sometimes works well when you know what the proof term looks like
[Sat Jan 11 23:31:15 2014] <ianjneu> The point is to use tactics instead of giving the term up front.
[Sat Jan 11 23:31:20 2014] <ianjneu> oh well :/
[Sat Jan 11 23:32:01 2014] <ezyang> Well, if the definitional equalities are important, maybe a tactic shouldn't be used
[Sat Jan 11 23:32:08 2014] <ezyang> Proof relevant mathematics, after all :)
[Sat Jan 11 23:35:51 2014] <ianjneu> mumble grumble.
[Sat Jan 11 23:36:28 2014] <ianjneu> I guess I should actually learn how to build these terms myself. It's just sooo much redundant typing.
[Sun Jan 12 01:04:04 2014] <jgross> ianjneu: You can often get away with _s.  It's also good to understand how to build these terms yourself.  That said, you can go build coq trunk yourself, and you can do what you want there; you get access to the proof term after building it with tactics.  (There's also a nifty feature where you get to do things like "Definition foo := $(let t := constr:(1 + 1) in let t' := eval simpl in t in exact t')$.") 
[Sun Jan 12 08:36:05 2014] <Igloo> Has anyone got any idea how to make hierarchicial module names work please? http://paste.debian.net/75757/
[Sun Jan 12 10:54:37 2014] <ianjneu> Which version of Coq natively supports eta-expansion for functions?
[Sun Jan 12 10:58:55 2014] <ianjneu> 8.4 is supposed to, but I can't find any docs for how to apply xi.
[Sun Jan 12 11:00:59 2014] <ianjneu> oh, I can prove xi by reflexivity.
[Sun Jan 12 11:48:13 2014] <Roscoebeezie> So i'm looking to learn coq. What would be the best IDE?
[Sun Jan 12 11:48:28 2014] <Cale> Roscoebeezie: coqide or proof general
[Sun Jan 12 11:49:17 2014] <Cale> Those are kind of the only two reasonable choices you have as far as I'm aware, and they're more or less equivalent
[Sun Jan 12 11:50:46 2014] <Roscoebeezie> hmm i'm not really to big on emacs so I guess its coqide
[Sun Jan 12 11:51:40 2014] <Roscoebeezie> I did see that there were some vim plugins anyone have experiance with those
[Sun Jan 12 11:54:20 2014] <Cale> There's apparently this: http://www.vim.org/scripts/script.php?script_id=4388
[Sun Jan 12 11:54:40 2014] <Cale> I don't know, I suppose you could use it.
[Sun Jan 12 11:56:29 2014] <Cale> The key thing you need is something to show you the hypotheses and goals, as well as other messages from coq as you step through a proof.
[Sun Jan 12 11:56:59 2014] <Cale> Anything which does that should be fine. coqide presents them in a split view.
[Sun Jan 12 11:57:48 2014] <Cale> I guess the other nice thing when you're starting out is that coqide has menus of the standard tactics and stuff
[Sun Jan 12 11:58:21 2014] <Cale> so if you can't quite remember the names of them, you can still look through to see if there's something which sounds about right :)
[Sun Jan 12 11:59:53 2014] <Cale> http://www.youtube.com/watch?v=7sk8hPWAMSw might also be helpful
[Sun Jan 12 12:05:52 2014] <Roscoebeezie> Yeah I just tried it vs proof general and It just makes alot more sense
[Sun Jan 12 12:41:26 2014] <Roscoebeezie> How would I go about change text color in coqide?
[Sun Jan 12 12:54:23 2014] <ianjneu> man, refine is pretty useless when it comes to putting _s in eliminator applications. It just complains about some application of a unification variable not being the same as some other application of a different unification variable. When you give the correct motive, it works.
[Sun Jan 12 13:41:34 2014] <ianjneu> feck, is there a translation of internal_typename_rew_r to path induction?
[Sun Jan 12 13:41:47 2014] <ianjneu> typename in this case is my eq type in Type.
[Sun Jan 12 13:41:53 2014] <ianjneu> "eqT"
[Sun Jan 12 13:58:22 2014] <ianjneu> okay, starting to get the hang of this.
[Sun Jan 12 14:46:43 2014] <ianjneu> awesome. Uncaught exception not found when trying to elide an inferrable argument.
[Sun Jan 12 15:43:12 2014] <chris2> meh, no coq 8.4pl3 in opam
[Sun Jan 12 18:30:14 2014] <jgross> ianjneu: You should consider reporting the uncaught exception. (https://github.com/JasonGross/coq-bug-finder can help you minimize a test case).  path induction is just dependent pattern matching, so there should always be a translation.  (The translation to eliminators is non-trivial when you start using recursion/fixpoints, but as long as the call isn't recursive, there's an easy translation.)	You can print out the [internal_] constants to
[Sun Jan 12 18:30:14 2014] <jgross> see how they're defined. Using [rewrite] consists of first [pattern]ing on something, and then applying a lemma.  The second step can ~always be replaced by [transport] or [transportD] or similar. 
[Sun Jan 12 19:49:59 2014] <napping> I'm having a bit of trouble with Ltac, trying to abstract over another tactic. If it takes an argument (even a dummy argument) everything is fine, if not it runs too early
[Sun Jan 12 19:54:52 2014] <napping> I thought tactic arguments were basically call by name
[Sun Jan 12 20:04:43 2014] <napping> The problematic argument was a tactic defined like Ltac foo ::= match ... end. adding ; idtac to the end of that somehow fixes things
[Sun Jan 12 20:22:55 2014] <jgross> napping: Ltac has this confusing behavior where there's "I'm returning something" mode and "I'm computing something" mode.  The first is eagerly evaluated (think [match goal with |- ?G => constr:(G) end], while the second is lazily evaluated (or cbv rather than cbn, or something).  Adding [; idtac] makes the tactic not be in "returning something" mode. 
[Sun Jan 12 20:39:20 2014] <napping> That seems to be how it works. From the documentation, I was expecting a match goal with tactics in the branches to be defining a tactic rather than eagerly returning something
[Sun Jan 12 21:08:49 2014] <ianjneu> jgross: submitted. It was actually really shallow.
[Sun Jan 12 21:09:00 2014] <ianjneu> https://coq.inria.fr/bugs/show_bug.cgi?id=3209
[Mon Jan 13 09:29:53 2014] <chris2> i'm trying to re-program http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.39.7587&rep=rep1&type=pdf
[Mon Jan 13 09:30:11 2014] <chris2> http://sprunge.us/TUOP but i fail to see how to apply the IH here
[Mon Jan 13 10:33:17 2014] <ianjneu> chris2: your definition of delete_neutral is dubious.
[Mon Jan 13 10:34:32 2014] <ianjneu> nm, I see r1 is a constructor.
[Mon Jan 13 10:39:43 2014] <chris2> yes
[Mon Jan 13 10:40:35 2014] <chris2> i tried destructing x1/x2 now, but i can't figure out the rmult cases
[Mon Jan 13 10:41:17 2014] <ianjneu> I'm working it out too. I'll let you know.
[Mon Jan 13 10:41:44 2014] <chris2> i also tried destructing (rmult x1 x2)
[Mon Jan 13 10:42:03 2014] <chris2> the paper doesnt say much about it, but apparently they solve it with a rather simple tactic
[Mon Jan 13 10:43:22 2014] <chris2> and obviously i can't rewrite inner terms with IHx1, nor show delete_neutral x1 = x1 in general because T_A is not injective
[Mon Jan 13 10:44:15 2014] <ianjneu> I'm brute-forcing it myself.
[Mon Jan 13 10:44:31 2014] <chris2> i stopped after three levels on induction :P
[Mon Jan 13 10:47:09 2014] <ianjneu> Oh, I have just the one.
[Mon Jan 13 10:50:20 2014] <ianjneu> http://sprunge.us/KMUW
[Mon Jan 13 10:50:53 2014] <chris2> let me step through it
[Mon Jan 13 10:51:26 2014] <chris2> nice
[Mon Jan 13 10:51:38 2014] <chris2> unfold T_A; fold T_A;
[Mon Jan 13 10:51:42 2014] <chris2> what does that do?
[Mon Jan 13 10:54:28 2014] <ianjneu> it does some reductions, but not as many as simpl.
[Mon Jan 13 10:54:38 2014] <chris2> that was the step i was missing, i guess
[Mon Jan 13 10:54:48 2014] <chris2> simpl is terrible to control with many match
[Mon Jan 13 10:56:37 2014] <ianjneu> precisely.
[Mon Jan 13 10:57:04 2014] <chris2> i will rewrite this thing later with ssreflect anyway
[Mon Jan 13 10:57:43 2014] <chris2> such stuff should be fully auto-matable, tho.
[Mon Jan 13 10:58:47 2014] <ianjneu> I wish I knew the right way to automate it.
[Mon Jan 13 11:09:29 2014] <ianjneu> my best compression :( http://sprunge.us/XCdI
[Mon Jan 13 11:49:30 2014] <chris2> somehow i cant make auto/autorewrite do the simplest rewrites...
[Mon Jan 13 11:53:18 2014] <chris2> ok, adding all rewrites helps :P
[Mon Jan 13 12:00:27 2014] <ianjneu> elaborate?
[Mon Jan 13 12:01:21 2014] <chris2> i forgot a rule
[Mon Jan 13 12:04:41 2014] <chris2> ianjneu: ok, http://sprunge.us/KQTO
[Mon Jan 13 12:08:49 2014] <ianjneu> not bad.
[Mon Jan 13 12:09:07 2014] <chris2> unfortunately not powerful enough :P
[Mon Jan 13 12:09:32 2014] <chris2> delete_neutral should be a bit more complex
[Mon Jan 13 12:09:36 2014] <chris2> but then it doesnt work anymore
[Mon Jan 13 13:24:03 2014] <roosbeef> whats the point of JMeq with regard to dependent types, could someone explain?
[Mon Jan 13 13:24:36 2014] <roosbeef> i have sort of a vague idea about how its necessary to use that but not quite clear..
[Mon Jan 13 13:28:23 2014] <Ptival> my understanding is that it is a more lax way of defining equality, since it allows you to talk about equality of things whose types are not structurally equal
[Mon Jan 13 13:34:38 2014] <roosbeef> right..
[Mon Jan 13 13:34:56 2014] <roosbeef> that makes sense
[Mon Jan 13 13:35:04 2014] <ianjneu> roosbeef: http://homotopytypetheory.org/2012/11/21/on-heterogeneous-equality/
[Mon Jan 13 13:35:05 2014] <roosbeef> but now im looking at this lemma for example
[Mon Jan 13 13:35:21 2014] <roosbeef> and i dont see the significance of it https://privatepaste.com/7c046406a7
[Mon Jan 13 13:35:28 2014] <roosbeef> ianjneu, ive been reading that..
[Mon Jan 13 13:36:22 2014] <roosbeef> why would something not be structurally equal to itself?
[Mon Jan 13 13:36:46 2014] <roosbeef> i can see how JMeq helps to speak of structural equality between lists and vectors for example, but that lemma doesnt make sense to me
[Mon Jan 13 13:37:04 2014] <ianjneu> it's a way of glossing over transport
[Mon Jan 13 13:37:48 2014] <roosbeef> glossing over?
[Mon Jan 13 13:38:51 2014] <roosbeef> how does transport come into play here
[Mon Jan 13 13:38:52 2014] <ianjneu> hand-waving it away so you can say P(x) = P(y) instead of transport[z.P](some-proof-that-x=y).
[Mon Jan 13 13:39:20 2014] <roosbeef> why would it be necessary to use transport otherwise?
[Mon Jan 13 13:39:26 2014] <ianjneu> anyway, I'm heading out to MIT for the HoTT reading group.
[Mon Jan 13 13:40:00 2014] <roosbeef> alright, take care
[Mon Jan 13 13:40:11 2014] <roosbeef> thanks for your help
[Mon Jan 13 13:40:13 2014] <ianjneu> er, not P(x) = P(y) but m : P(x) and n : P(y) with JMeq m n allowing you to gloss over the transport from m to n.
[Mon Jan 13 13:41:04 2014] <Ptival> roosbeef: let's say you have v1 : Vec (x + y), and v2 : Vec (y + x), you can express that they are equal before you show that + is commutative
[Mon Jan 13 13:43:05 2014] <roosbeef> what? How
[Mon Jan 13 13:43:25 2014] <roosbeef> x y : nat?
[Mon Jan 13 13:45:30 2014] <Ptival> yes
[Mon Jan 13 13:47:11 2014] <roosbeef> ah because of the "forall (n n' : nat), n = n' -> " part?
[Mon Jan 13 13:48:01 2014] <ystael> Ptival: Let me check that I understand properly what I've been reading :) Without JMeq, you would have to use the eliminator for = on nat to derive that Vec (x + y) = Vec (y + x), and then the eliminator for = on Set to derive a function Vec (x + y) -> Vec (y + x), is that right?
[Mon Jan 13 14:00:19 2014] <roosbeef> back in 10 mins
[Mon Jan 13 14:03:04 2014] <Ptival> ystael: without JMeq, you could not express an equality between v1 and v2, you'd have to transform either into the other's type using eliminating a proof of "x + y = y + x"
[Mon Jan 13 14:56:42 2014] <Anarchos> Ptival ah ah JMeq (the John Major equality : all members of the society are equal, but only to members of their (social) class :) )
[Mon Jan 13 15:13:23 2014] <Ptival> Anarchos: haha yeah, Conor explained it to me in a pub, it's all very political :)
[Mon Jan 13 15:28:22 2014] <Anarchos> Ptival it is mentioned in a footnote of the french edition of the coqart :)
[Mon Jan 13 15:45:57 2014] <Ptival> ah
[Mon Jan 13 19:45:23 2014] <adelbertc> does anyone have experience with Coquille (CoqIDE for vim - https://github.com/the-lambda-church/coquille) or using Coq in vim?
[Mon Jan 13 19:47:53 2014] <Ptival> I went as far as to install Coquille yes
[Mon Jan 13 19:48:59 2014] <adelbertc> any comments? good? bad? terrible? exemplary?
[Mon Jan 13 19:49:38 2014] <Ptival> at the time it was pretty good, I'm fairly used to ProofGeneral by now so I didn't bother making the switch, but I liked it
[Mon Jan 13 19:50:52 2014] <adelbertc> good to hear
[Mon Jan 13 19:52:21 2014] <Igloo> Is there a way I can stop the implementation leaking here: http://paste.debian.net/76068/
[Mon Jan 13 23:51:12 2014] <adelbertc> does anyone have an opinion regarding CoqArt vs Certified Programming w/ DT vs Software Foundations for a beginner?
[Tue Jan 14 00:06:47 2014] <jrw> adelbertc: I think if you're truly a beginner at coq, you should start with sf and do as much of it as possible
[Tue Jan 14 00:06:59 2014] <jrw> adelbertc: if you finish that and want more, read CPDT
[Tue Jan 14 00:07:15 2014] <jrw> if you finish that and want someone else's take on how to teach coq, maybe then look at coqart
[Tue Jan 14 00:18:30 2014] <adelbertc> jrw - noted, cheers
[Tue Jan 14 00:19:26 2014] <jrw> adelbertc: and I at least (and probably others in this channel) am happy to answer questions when you have them :) coq can be confusing at first
[Tue Jan 14 00:20:37 2014] <adelbertc> glad to hear it :-)
[Tue Jan 14 00:20:44 2014] <adelbertc> i attempted software foundations last year
[Tue Jan 14 00:20:59 2014] <adelbertc> didn't go well. then again i wasn't very well versed in functional programming back then either (not sure if this has any effect)
[Tue Jan 14 00:23:04 2014] <jrw> adelbertc: well certainly being familiar with fp can help understand the kind of programs sf has you write at the beginning. but sf strives to not make fp a prereq.
[Tue Jan 14 00:23:21 2014] <adelbertc> got it
[Tue Jan 14 00:23:43 2014] <adelbertc> i ws also using coqide at the time which may have contributed to my giving up as well.. it hasn't garnered many fond reviews from the few people i've asked
[Tue Jan 14 00:25:55 2014] <jrw> yeah, in my experience most people use proof general. you can always put emacs in "easy" mode if you want. I forget the real name, but basically it gives you Ctrl-x/c/v as cut/copy/paste
[Tue Jan 14 06:23:19 2014] <roosbeef> is it possible to rewrite an assumption using another assumption?
[Tue Jan 14 06:25:49 2014] <jgross> roosbeef: rewrite H in H'? 
[Tue Jan 14 06:28:26 2014] <roosbeef> that should work?
[Tue Jan 14 06:29:17 2014] <roosbeef> H : exists C : context S1.VSig, t = fill C st
[Tue Jan 14 06:29:18 2014] <roosbeef> H0 : fterm_v_is_wf t
[Tue Jan 14 06:29:34 2014] <roosbeef> i have these two assumptions, was trying to rewrite t in H0 to fill C st
[Tue Jan 14 06:30:24 2014] <roosbeef> rewrite H in H0 gives Error: The term does not end with an applied homogeneous relation.
[Tue Jan 14 09:57:25 2014] <roosbeef> so ive got this property
[Tue Jan 14 09:57:34 2014] <roosbeef> 'wf_tree'
[Tue Jan 14 09:58:00 2014] <roosbeef> from this property i know that if a tree is well formed, so are all its subtrees
[Tue Jan 14 09:58:12 2014] <roosbeef> im trying to prove this in Coq
[Tue Jan 14 09:59:45 2014] <roosbeef> https://privatepaste.com/07e53712b0
[Tue Jan 14 10:00:26 2014] <roosbeef> subterm_eq unfolds to H : exists C : context S1.VSig, t = fill C st
[Tue Jan 14 10:01:01 2014] <roosbeef> how do i use this to sculpt the current subgoal?
[Tue Jan 14 10:01:49 2014] <roosbeef> (ie. https://privatepaste.com/0b523a5e80)
[Tue Jan 14 10:27:04 2014] <roosbeef> ystael, perhaps you would have some light to shed on this?
[Tue Jan 14 10:28:24 2014] <ystael_> roosbeef: I missed whatever it is
[Tue Jan 14 10:28:40 2014] <roosbeef> haha pm
[Tue Jan 14 10:34:46 2014] <ystael> roosbeef: Well, first you need to unfold that existential
[Tue Jan 14 10:38:13 2014] <roosbeef> ystael, how?
[Tue Jan 14 10:39:19 2014] <ystael> sorry, I had to look it up :)
[Tue Jan 14 10:39:22 2014] <ystael> destruct it
[Tue Jan 14 10:40:00 2014] <ystael> remember that an existential is a dependent pair, the first coordinate is the context C, the second coordinate is the equation dependent on C
[Tue Jan 14 10:40:12 2014] <ystael> destruct H will split the pair in the context
[Tue Jan 14 10:41:03 2014] <roosbeef> ha thx :)
[Tue Jan 14 10:41:34 2014] <roosbeef> yea thats precisely what i was looking to do, split the quantification from the assertion
[Tue Jan 14 11:08:47 2014] <roosbeef> hm
[Tue Jan 14 11:20:47 2014] <roosbeef> i have the assumption H: is_wf (fill x st)
[Tue Jan 14 11:21:07 2014] <roosbeef> and the subgoal is_wf st
[Tue Jan 14 11:21:40 2014] <roosbeef> which can be derived from H, since if (fill x st) is well formed, so is st
[Tue Jan 14 11:22:19 2014] <roosbeef> (x being a context in t, such that is_wf t)
[Tue Jan 14 11:30:14 2014] <roosbeef> i need a break bbl
[Tue Jan 14 14:40:57 2014] <osa1> hi guys. I finished reading software foundations couple of months ago but I never used Coq for anything since then. now I was wondering if Coq is also useful for proving theorems not in programming language related fields but in fields like abstract algebra(groups etc.) or number theory. can anyone give me some pointers on that? I'm a CS major but this
[Tue Jan 14 14:40:58 2014] <osa1> semester I'm taking an abstract algebra course just for fun and I was thinking maybe I can use my Coq knowledge in that course somehow.
[Tue Jan 14 14:42:24 2014] <adelbertc> osa1 - i believe coq was used to prove the four color theorem in graph theory
[Tue Jan 14 14:43:01 2014] <osa1> adelbertc: yeah I heard something like that too(though I'm not sure if what I heard was Coq and not some other theorem prover). do you have any introductory examples on that kind of things?
[Tue Jan 14 14:43:24 2014] <adelbertc> unfortunately, no, i'd be interested myself. i'm a newbie at coq, haven't even gotten through software foundations yet
[Tue Jan 14 14:44:08 2014] <osa1> maybe I should send an email to mailing list
[Tue Jan 14 14:57:39 2014] <osa1> sent an email to coq list
[Tue Jan 14 19:04:36 2014] <hodapp> hrmph, I keep getting Coq (well, Proof General) into a state where I seem to be hanging the process and I have no idea why, and C-c C-c is not doing anything (it says the proof process is not active)
[Tue Jan 14 19:08:36 2014] <hodapp> http://pastebin.com/hjHib0xf - if I uncomment what is commented, this seems to cause it, oddly
[Tue Jan 14 19:08:44 2014] <hodapp> yet 'coqc' doesn't seem to bomb out on it
[Tue Jan 14 19:16:10 2014] <kini> a bunch of messages on the coq-club mailing list have been censored from Gmane, it seems
[Tue Jan 14 19:16:28 2014] <kini> mostly from the second half of december I think
[Tue Jan 14 19:16:31 2014] <kini> any idea why?
[Tue Jan 14 19:16:43 2014] <kini> was there some XNo-Archive header or something being added to messages on coq-club at that time?
[Tue Jan 14 19:16:54 2014] <kini> can someone who receives coq-club emails check?
[Tue Jan 14 19:38:59 2014] <ianjneu> kini: my email client is so shitty I can't access the whole email header. Sorry.
[Tue Jan 14 19:40:46 2014] <kini> ianjneu: impressive, haha - what client is that?
[Tue Jan 14 20:13:34 2014] <ianjneu> kini: a severely old version of Zimbra, a web client my school hosts.
[Tue Jan 14 20:13:45 2014] <ianjneu> I can't even reply inline.
[Tue Jan 14 20:13:55 2014] <ianjneu> I compose such emails in emacs.
[Wed Jan 15 01:07:15 2014] <roosbeef> from the assumption H0 : fterm_v_is_wf (fill x st)
[Wed Jan 15 01:07:25 2014] <roosbeef> how do i derive that fterm_v_is_wf st?
[Wed Jan 15 01:08:24 2014] <roosbeef> (fill x st) is basically a term with st a subterm
[Wed Jan 15 01:08:36 2014] <roosbeef> if a term is well formed, all of its subterms are
[Wed Jan 15 01:09:15 2014] <roosbeef> im a bit unsure as to how to approach this
[Wed Jan 15 01:11:51 2014] <jrw> roosbeef: I'm not sure I understand. if fill x st actually just contains st as a subterm, then you should be able to get what you want by inversion on H0
[Wed Jan 15 01:14:00 2014] <roosbeef> it does
[Wed Jan 15 01:15:29 2014] <jrw> can I see the definition of fill?
[Wed Jan 15 01:16:00 2014] <jrw> oh wait, when you say "subterm" do you mean "immediate subterm" or is st way deep down somewhere?
[Wed Jan 15 01:18:33 2014] <roosbeef> http://color.inria.fr/doc/CoLoR.Term.Varyadic.VContext.html#fill
[Wed Jan 15 01:18:56 2014] <roosbeef> both, it can be as deep as the term goes
[Wed Jan 15 01:33:47 2014] <jrw> roosbeef: the direct approach would be to formalize the notion of subterm and then prove your claim that all subterms of a wf term are wf
[Wed Jan 15 01:34:19 2014] <roosbeef> formalize it how?
[Wed Jan 15 01:34:24 2014] <jrw> exactly :)
[Wed Jan 15 01:34:32 2014] <roosbeef> well
[Wed Jan 15 01:34:39 2014] <jrw> on the other hand, I think a lemma of the form "wf (fill c t) -> wf t" might be provable by induction on c
[Wed Jan 15 01:34:42 2014] <roosbeef> fill x st is actually an unfold of subset_eq
[Wed Jan 15 01:35:00 2014] <jrw> oh :(
[Wed Jan 15 01:35:06 2014] <roosbeef> err, subterm_eq: http://color.inria.fr/doc/CoLoR.Term.Varyadic.VContext.html#subterm_eq
[Wed Jan 15 04:38:53 2014] <pyon> Are there any libraries/frameworks/whatever for proving stuff about concurrent programs that use shared mutable state and locks?
[Wed Jan 15 06:40:01 2014] <Eruquen> how do I define mutually inductive types as in http://pastebin.com/XB9FA148 ?
[Wed Jan 15 06:40:26 2014] <Eruquen> currently I get "The reference Ctx was not found in the current environment"
[Wed Jan 15 13:37:31 2014] <jgross> Does anyone have suggestions for standard references (for use as citations in a paper) for the folklore semantic connection between categories and typed functional programming; for higher-order type theory; and for setoids? 
[Wed Jan 15 13:44:11 2014] <ianjneu> jgross: can you be more specific? Surely category theory was used to give denotational semantics to typed functional programming languages, but you seem to be getting at something else. What is "higher-order" type theory?
[Wed Jan 15 13:49:36 2014] <ianjneu> setoids originated in Bishop's 1967 book on set theory
[Wed Jan 15 13:56:27 2014] <jgross> ianjneu: This is for citations for the intro of a paper I'm writing for a conference.  (Higher-order here I think just means "functions can take functions as input") 
[Wed Jan 15 13:59:49 2014] <jgross> So the category theory <-> function programming connection is probably just what you mentioned.  (The intro was mostly written by my advisor.) 
[Wed Jan 15 14:00:01 2014] <ianjneu> Bob doesn't have any citations for his holy trinityL
[Wed Jan 15 14:00:04 2014] <ianjneu> ?*
[Wed Jan 15 14:01:51 2014] <ystael> jgross: I didn't hear you mention it in this week's reading group, but you said next week there's no meeting, right?
[Wed Jan 15 14:02:14 2014] <ianjneu> correct, and it was mentioned, maybe after the feed ended.
[Wed Jan 15 14:02:25 2014] <ystael> ah, ok, sorry
[Wed Jan 15 14:35:25 2014] <ianjneu> I will not be going to POPL. I will be cleaning my baby's POOPL
[Wed Jan 15 18:07:59 2014] <notdan> jgross: do you mean the original Lambek's theorem about functional programming/CCCs?
[Thu Jan 16 01:11:08 2014] <roosbeef> so im working with this library on term rewriting
[Thu Jan 16 01:11:16 2014] <roosbeef> and trying to do some stuff with well foundedness
[Thu Jan 16 01:11:33 2014] <roosbeef> theres a section about wf (http://www.lix.polytechnique.fr/coq/distrib/8.2-bugfix/stdlib/Coq.Init.Wf.html#well_founded)
[Thu Jan 16 01:11:45 2014] <roosbeef> which seems useful in this regard
[Thu Jan 16 01:12:09 2014] <roosbeef> from what i can tell it can do computations given a certain wf
[Thu Jan 16 01:12:46 2014] <roosbeef> but how do i tell Coq which wf to use, how do i describe what would be a wf term
[Thu Jan 16 01:15:33 2014] <roosbeef> oh actually those are from the std lib btw
[Thu Jan 16 01:15:57 2014] <roosbeef> but still i dont see where to plug in the definition of wf to use
[Thu Jan 16 09:18:07 2014] <ianjneu> roosbeef: http://adam.chlipala.net/cpdt/html/GeneralRec.html you'll use "Fix"
[Thu Jan 16 20:16:02 2014] <hodapp> huh, interesting... SF has pointed out the interpretation that their polymorphic List type can be seen as a Type -> Type function
[Thu Jan 16 20:16:10 2014] <hodapp> this is somehow the first time I've seen it that way
[Thu Jan 16 20:47:24 2014] <hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Poly.html#lab89 - I'm not totally getting what this question is asking, but is the answer zero, since I can't actually create a single element of that type?
[Thu Jan 16 20:48:41 2014] <hodapp> unless I can make some sort of recursive definition, e.g. x Z where Z = x Z
[Thu Jan 16 20:55:44 2014] <ianjneu> hodapp: it's 0, since baz is not coinductive.
[Thu Jan 16 20:59:42 2014] <hodapp> I can't quickly find any clean definition of 'coinductive' that seems to very obviously not describe 'baz'.
[Thu Jan 16 21:01:31 2014] <ianjneu> It's easy to think of recursive occurrences of a coinductive type's definition as "delayed" in the lazy evaluation sense.
[Thu Jan 16 21:02:16 2014] <ianjneu> Coinduction in Coq is broken, though. I suggest not using it, or at least using the Paco library.
[Thu Jan 16 21:04:08 2014] <hodapp> I'm still not grasping what about coinduction makes the answer to that question zero.
[Thu Jan 16 21:07:39 2014] <ianjneu> Well, unless you have a guarded corecursive function that generates baz'es to lazily consume (think of a function f : ones -> baz := fun s => match s with CS s' => x (f s') end)
[Thu Jan 16 21:08:03 2014] <ianjneu> but I don't remember if that's allowed if baz isn't a coinductive type or not.
[Thu Jan 16 21:08:48 2014] <ianjneu> Also, in this case I take CoInductive ones := CS : ones -> ones.
[Thu Jan 16 21:10:13 2014] <ianjneu> likely they're trying to get at since there are no base cases in the inductive type, there is no wellfounded construction of one, and we thus say there aren't any inhabitants.
[Thu Jan 16 21:11:13 2014] <ianjneu> Coinduction, even though it's just flipping the arrows of induction, is not well supported in theorem provers. Annoying.
[Thu Jan 16 21:13:14 2014] <ianjneu> Corecursors are defined by the proof of terminality of the corecursive object in the category of F-coalgebras.
[Thu Jan 16 21:14:21 2014] <ianjneu> but in the case of arbtrary pattern matching, like Coq has for inductive types, the story is murkier, apparently.
[Thu Jan 16 21:17:05 2014] <hodapp> I have no idea on any of this. I'm working through an early chapter in Software Foundations.
[Thu Jan 16 21:25:31 2014] <ianjneu> the categorical basis is intriguing, and I'm not a pointy-headed theorist.
[Thu Jan 16 21:26:58 2014] <hodapp> It is all very intriguing to me, but there is only so much intrigue I can handle without knowing much in this area.
[Thu Jan 16 21:29:56 2014] <ianjneu> The HoTT book is pretty good at explaining the foundational issues.
[Thu Jan 16 21:30:52 2014] <hodapp> I intended, after finishing Software Foundations, to move onto either HoTT or CPDT.
[Thu Jan 16 21:34:19 2014] <ianjneu> deeeefinitely HoTT. CPDT is like a memior of, "Coq is annoying to do really complicated things in. Here's how I hacked around it. BAAAAARF."
[Thu Jan 16 21:51:14 2014] <jgross> HoTT will teach you a lot about the foundational issues and how to think about equality types, not so much about Coq (though the HoTT exercises might be more fun than the CPDT exercises for people who like math).  CPDT will teach you how to use Coq to do stuff, and not so much about the theory behind it. 
[Thu Jan 16 21:54:41 2014] <hodapp> I'm curious about both.
[Fri Jan 17 03:43:57 2014] <notdan> What do you mean by coinduction is broken? I was thinking of one of my developments recently and I realized that I am in need of inifinite structures
[Fri Jan 17 03:44:15 2014] <notdan> Coq'Art book talks about coinduction a bit, granted I didn't read that section
[Fri Jan 17 03:55:57 2014] <jgross> Reduction doesn't preserve the productivity condition; you can go from a valid definition to an invalid one just by simplification.  Also, it's really hard to get anything done, because it's not compositional.  (This is what I've heard from others; I've not really used coninduction myself.) 
[Fri Jan 17 04:49:48 2014] <notdan> hm, I se
[Fri Jan 17 04:49:51 2014] <notdan> that's unfortunate
[Fri Jan 17 05:09:22 2014] <Cale> The more I think about it, the more I find myself impressed with the ridiculously simple constructions and proofs that path induction provides you (i.e. regarding concatenation, the inverse, all the laws and their coherences)
[Fri Jan 17 05:09:48 2014] <Cale> The amount of fiddly nonsense which that papers over is remarkable :)
[Fri Jan 17 05:10:40 2014] <Cale> and like, how somehow in there is all the information you need for an infinity groupoid, when the classical definitions of this are so often horrifying
[Fri Jan 17 05:10:55 2014] <Cale> and it's all so easy to unpack
[Fri Jan 17 05:11:10 2014] <hodapp> bwaaa, it's 5 AM here, what neck of the woods are you two in?
[Fri Jan 17 05:11:24 2014] <Cale> It's 5am here, but I woke up at 6pm
[Fri Jan 17 05:11:42 2014] <hodapp> I think that means you need to move to another continent or something
[Fri Jan 17 05:12:02 2014] <Cale> But then I'd have to move back in like 2 days or something
[Fri Jan 17 05:12:11 2014] <hodapp> Pfffft.
[Fri Jan 17 05:12:16 2014] <Cale> My sleep schedule is extremely erratic :)
[Fri Jan 17 05:12:37 2014] <Cale> THERE ARE TOO MANY INTERESTING THINGS
[Fri Jan 17 05:12:50 2014] <hodapp> mine's pretty normal, except for today.
[Fri Jan 17 05:14:29 2014] <notdan> Cale: is that something from HoTT?
[Fri Jan 17 05:14:32 2014] <notdan> path induction
[Fri Jan 17 05:14:41 2014] <Cale> notdan: yeah
[Fri Jan 17 05:15:05 2014] <notdan> man i should get onto that hott train ASAP it seems awesome and makes everything eathier
[Fri Jan 17 05:15:12 2014] <notdan> hodapp: it's 2pm for me :)
[Fri Jan 17 05:15:54 2014] <Cale> Whenever you want to prove something of the form  Pi (x, y : A), Pi (p : x = y), C(p), you're essentially allowed to assume that y is definitionally equal to x, and that p is refl, and prove C(refl_x)
[Fri Jan 17 05:16:36 2014] <Cale> that's for any C: (x = y) -> Type
[Fri Jan 17 05:17:48 2014] <Cale> and basically what this means is that when you want to do something like define the concatenation of paths p : x = y and q : y = z, you apply path induction a couple times, and you get to assume that p and q are both refl_x
[Fri Jan 17 05:18:07 2014] <Cale> and then define the concatenation as refl_x
[Fri Jan 17 05:18:13 2014] <Cale> and path induction does the rest
[Fri Jan 17 05:18:25 2014] <Cale> It's like "what just happened?"
[Fri Jan 17 05:19:09 2014] <Cale> In traditional homotopy theory, you'd be messing around with functions from the interval [0,1] into your space
[Fri Jan 17 05:19:44 2014] <ziman> this is what we are used to from Agda; what I find a bit weird is that the above does not mean that every equality is refl, it's just that proving things for refl makes them hold for any other equality :)
[Fri Jan 17 05:20:19 2014] <Cale> yeah, a key thing to realise is that you're not allowed to do this unless you're doing it for all paths in a space at once
[Fri Jan 17 05:20:33 2014] <hodapp> I'd like to use Agda a bit after learning a bit more of Haskell
[Fri Jan 17 05:20:47 2014] <hodapp> side question: anyone know a way in Proof General to simply show the result of evaluating something?
[Fri Jan 17 05:21:02 2014] <Cale> (or, it can be shown that it works for all paths having *one* endpoint at a specific place)
[Fri Jan 17 05:21:10 2014] <Cale> But *both* endpoints: no.
[Fri Jan 17 05:21:42 2014] <hodapp> nevermind, I guess C-c C-a C-c does it
[Fri Jan 17 05:21:53 2014] <hodapp> or not...
[Fri Jan 17 05:22:00 2014] <Cale> I don't know Proof General so well, but I'd try  Print whatever.
[Fri Jan 17 05:22:16 2014] <Cale> oh, or you want the cbv thing
[Fri Jan 17 05:22:27 2014] <hodapp> cbv?
[Fri Jan 17 05:22:35 2014] <ziman> you can still put an "Eval compute in foo bar baz." in your script but this is discouraged afaik :)
[Fri Jan 17 05:23:09 2014] <Cale> Eval cbv in <term>
[Fri Jan 17 05:23:19 2014] <Cale> or Compute <term>
[Fri Jan 17 05:23:22 2014] <hodapp> ziman: yeah, I'm looking at an 'Eval compute in...' in the textbook and wanting to get the result of that evaluation
[Fri Jan 17 05:23:49 2014] <Cale> ziman: Well, I think you're discouraged from leaving them in for whatever reason.
[Fri Jan 17 05:24:11 2014] <Cale> I'm not sure you're discouraged from using them to test things for yourself.
[Fri Jan 17 05:24:18 2014] <ziman> hodapp, you just put it into the script and step over it
[Fri Jan 17 05:25:02 2014] <Cale> (It's obviously annoying if you write a library of stuff which has all kinds of Prints and such in the proof scripts.)
[Fri Jan 17 05:25:04 2014] <hodapp> I have no idea how to step in a script
[Fri Jan 17 05:25:20 2014] <Cale> hodapp: the button which makes things green?
[Fri Jan 17 05:25:54 2014] <Cale> (and impossible to edit)
[Fri Jan 17 05:26:00 2014] <hodapp> I know of no such button in Proof General; I only know of C-c C-b which processes the entire buffer
[Fri Jan 17 05:26:10 2014] <Cale> orly...
[Fri Jan 17 05:26:18 2014] <Cale> I'm pretty sure the emacs toolbar has it
[Fri Jan 17 05:26:48 2014] <Cale> I also seem to recall it was bound to some key, but I never learn keybindings properly for my editors :P
[Fri Jan 17 05:27:00 2014] <Cale> I'll load up a .v and see
[Fri Jan 17 05:27:03 2014] <hodapp> I just re-enabled the toolbar and I don't see it (also, I use this from SSH pretty often)... C-c C-n seems to do what I need though
[Fri Jan 17 05:28:48 2014] <Cale> try C-c C-n
[Fri Jan 17 05:28:51 2014] <Cale> yes
[Fri Jan 17 05:29:29 2014] <Cale> I think there's also C-c C-p iirc.
[Fri Jan 17 05:31:26 2014] <hodapp> that lets me inspect the current proof/subgoals, I believe
[Fri Jan 17 06:02:11 2014] <roosbeef> ok so i have this wf property P on terms t, from P t follows that for all subterms st of t, it also holds that P st
[Fri Jan 17 06:02:49 2014] <roosbeef> what would be the conventional way of proving this given as a lemma?
[Fri Jan 17 06:02:59 2014] <roosbeef> Lemma t_wf_then_st_wf : forall (t : fterm_v) (st : fterm_v), subterm_eq st t -> fterm_v_is_wf t -> fterm_v_is_wf st.
[Fri Jan 17 06:26:02 2014] <Cale> I would use my proof that st was a subterm of t to recursively walk down my inductive proof that t is well formed, until I found the proof that st was well formed as a Coq-subterm of it.
[Fri Jan 17 06:26:16 2014] <Cale> But really it depends on how these things are defined...
[Fri Jan 17 06:27:35 2014] <Cale> (I like to formulate a lot of things as inductive types whenever I can, so that I can do induction on proofs)
[Fri Jan 17 06:29:18 2014] <Cale> roosbeef: Can you prove this for each fterm_v constructor individually, and then put the proofs together, perhaps?
[Fri Jan 17 06:29:48 2014] <Cale> (and where the subterm is an immediate one)
[Fri Jan 17 06:30:20 2014] <roosbeef> mm
[Fri Jan 17 06:30:25 2014] <roosbeef> dont know
[Fri Jan 17 06:30:40 2014] <roosbeef> i find this quite confusing to be honest
[Fri Jan 17 06:31:28 2014] <Cale> Try something simpler like:  forall (t t' : fterm_v), fterm_v_is_wf (App t t') -> fterm_v_is_wf t
[Fri Jan 17 06:31:40 2014] <roosbeef> what does App do?
[Fri Jan 17 06:31:53 2014] <Cale> I'm assuming that App is a constructor of the inductive type fterm_v
[Fri Jan 17 06:32:00 2014] <Cale> I have no idea how your type is defined in the first place :)
[Fri Jan 17 06:32:06 2014] <roosbeef> :p
[Fri Jan 17 06:32:32 2014] <roosbeef> right, so
[Fri Jan 17 06:32:46 2014] <roosbeef> if the result of building t is wf, then t is wf
[Fri Jan 17 06:33:10 2014] <Cale> (Could I see your definitions perhaps?)
[Fri Jan 17 06:33:14 2014] <Cale> yeah
[Fri Jan 17 06:33:30 2014] <roosbeef> sure
[Fri Jan 17 06:34:02 2014] <roosbeef> http://color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html#term
[Fri Jan 17 06:34:27 2014] <roosbeef> http://coq.inria.fr/V8.2pl1/contribs/CoLoR.Term.Varyadic.VContext.html#subterm_eq
[Fri Jan 17 06:34:49 2014] <roosbeef> oh those arent the same versions i guess, doesnt matter hopefully
[Fri Jan 17 06:35:17 2014] <Cale> Er, where is fterm_v?
[Fri Jan 17 06:36:14 2014] <roosbeef> Definition fterm_v : Type := VTerm.term S1.VSig.
[Fri Jan 17 06:40:47 2014] <Cale> hmm
[Fri Jan 17 06:42:45 2014] <Cale> Okay, so, subterm_eq st t should be a dependent pair of a context C (which is an inductive type there), and a proof that t = fill C st
[Fri Jan 17 06:43:50 2014] <Cale> The idea of the context type is that it's like a term with a hole blown in it. If you have any term, it's either constructed with Var
[Fri Jan 17 06:44:13 2014] <Cale> In which case the Hole has only one place to go, in place of the variable
[Fri Jan 17 06:46:22 2014] <Cale> And this is a little mindbending, but the other case is it's constructed with Fun, as a mapping from (Signatures?) and lists of terms to terms
[Fri Jan 17 06:46:54 2014] <Cale> and you can see in the context type, there's a constructor Cont to handle this case, where we take some terms and a context, and some more terms, and produce a context
[Fri Jan 17 06:47:28 2014] <Cale> oh, sorry, no, it's straightforward, I got confused for a moment
[Fri Jan 17 06:47:46 2014] <Cale> So you have Fun applied to a Sig and a list of terms
[Fri Jan 17 06:47:53 2014] <roosbeef> yep
[Fri Jan 17 06:48:02 2014] <Cale> You want to put a hole in one of them, so you have some list before the hole, then a context, and some list after
[Fri Jan 17 06:48:11 2014] <roosbeef> yea
[Fri Jan 17 06:48:28 2014] <roosbeef> i can see how t = fill C st, if subterm_eq st t
[Fri Jan 17 06:49:08 2014] <Cale> how is fterm_v_is_wf defined?
[Fri Jan 17 06:49:11 2014] <roosbeef> but im a bit unsure as to what way to go about proving that Lemma, what steps to take
[Fri Jan 17 06:49:49 2014] <roosbeef> https://privatepaste.com/ec5670f76f
[Fri Jan 17 06:50:27 2014] <Cale> Why do people have so much love for Prop? :)
[Fri Jan 17 06:50:29 2014] <Cale> okay
[Fri Jan 17 06:50:35 2014] <roosbeef> (basically, an fterm_v is well formed if there is a certain ratio between the length of its head and the number of arguments)
[Fri Jan 17 06:51:20 2014] <roosbeef> i dunno, its the Proper way i guess :p
[Fri Jan 17 06:53:16 2014] <Cale> oh neat
[Fri Jan 17 06:53:20 2014] <Cale> Lemma subterm_ind : ∀ (P : term → Prop)
[Fri Jan 17 06:53:20 2014] <Cale>   (IH : ∀ t, (∀ u, subterm u t → P u) → P t),
[Fri Jan 17 06:53:20 2014] <Cale>   ∀ t, P t.
[Fri Jan 17 06:53:32 2014] <roosbeef> yea i was looking at that
[Fri Jan 17 06:54:05 2014] <roosbeef> it doesnt seem to fit into the proof of that lemma
[Fri Jan 17 06:54:06 2014] <Cale> Lemma subterm_eq_rect : ∀ (P : term → Type) t,
[Fri Jan 17 06:54:06 2014] <Cale>   (∀ u, subterm_eq u t → P u) → P t.
[Fri Jan 17 06:54:12 2014] <Cale> Or that
[Fri Jan 17 06:54:23 2014] <roosbeef> subterm_eq_rect is going from wf subterms to wf term, right?
[Fri Jan 17 06:55:00 2014] <roosbeef> i need to prove that if t is wf, then all subterms st are fw
[Fri Jan 17 06:55:03 2014] <roosbeef> wf*
[Fri Jan 17 06:55:54 2014] <Cale> ah, right, yes
[Fri Jan 17 06:57:35 2014] <Cale> Well, we need some way to let you do induction on the structure of the term which is somehow directed by the context that you get from subterm_eq
[Fri Jan 17 06:57:46 2014] <Cale> Like...
[Fri Jan 17 07:00:59 2014] <Cale> If p is a proof that subterm_eq u t
[Fri Jan 17 07:01:16 2014] <roosbeef> why would you need a proof of that
[Fri Jan 17 07:01:29 2014] <roosbeef> that is a given right..
[Fri Jan 17 07:01:41 2014] <Cale> Yeah, we're going to take that as a given
[Fri Jan 17 07:02:49 2014] <Cale> Well, we want the C
[Fri Jan 17 07:03:05 2014] <Cale> for which it's the case that exists C, t = fill C u.
[Fri Jan 17 07:03:14 2014] <roosbeef> yea exactly!
[Fri Jan 17 07:03:19 2014] <roosbeef> but how do we pin that C
[Fri Jan 17 07:03:20 2014] <Cale> Because that thing is going to tell us how to step down
[Fri Jan 17 07:06:36 2014] <roosbeef> so suppose we have H : exists C : context S1.VSig, t = fill C st
[Fri Jan 17 07:07:09 2014] <roosbeef> how does that crystalize into something more workable
[Fri Jan 17 07:08:08 2014] <Cale> Try decompose record H.
[Fri Jan 17 07:09:09 2014] <Cale> Does that work? :)
[Fri Jan 17 07:09:09 2014] <roosbeef> ok that gives the same as 'destruct H'
[Fri Jan 17 07:09:13 2014] <Cale> Yeah
[Fri Jan 17 07:09:17 2014] <roosbeef> adds x : context S1.VSig and H0 : t = fill x st
[Fri Jan 17 07:09:30 2014] <Cale> Now you can induction x
[Fri Jan 17 07:09:42 2014] <Cale> I'm not sure that's *exactly* what you want on its own
[Fri Jan 17 07:09:45 2014] <Cale> But it's something...
[Fri Jan 17 07:10:14 2014] <Cale> Try it and see if you end up in a rhubarb or not :)
[Fri Jan 17 07:10:27 2014] <Cale> There might be some lemma we could prove to make this work more smoothly
[Fri Jan 17 07:10:40 2014] <Cale> But I have a feeling that with enough induction it'll go through
[Fri Jan 17 07:11:00 2014] <roosbeef> hm
[Fri Jan 17 07:11:01 2014] <roosbeef> well
[Fri Jan 17 07:11:02 2014] <Cale> (I can't try it myself because I don't have your code)
[Fri Jan 17 07:11:14 2014] <roosbeef> thats actually as far as i got until now :p
[Fri Jan 17 07:11:19 2014] <roosbeef> i did just that
[Fri Jan 17 07:11:23 2014] <roosbeef> with induction on x
[Fri Jan 17 07:11:25 2014] <Cale> What happens?
[Fri Jan 17 07:11:33 2014] <roosbeef> i get stuck :p
[Fri Jan 17 07:11:41 2014] <Cale> So we have two cases
[Fri Jan 17 07:11:52 2014] <Cale> One is that the context is Hole
[Fri Jan 17 07:11:57 2014] <Cale> Did you get that one okay?
[Fri Jan 17 07:12:16 2014] <Cale> the t = fill Hole st should simplify to t = st
[Fri Jan 17 07:12:22 2014] <Cale> I'd expect
[Fri Jan 17 07:12:43 2014] <roosbeef> yea the first case was trivial
[Fri Jan 17 07:14:01 2014] <Cale> Okay, so in the next case, we'll have t = Cont f v1 c' v2
[Fri Jan 17 07:15:07 2014] <Cale> and t = fill (Cont f v1 c' v2) st should simplify to  t = Fun f (v1 ++ fill c' st :: v2)
[Fri Jan 17 07:15:21 2014] <Cale> * pretends to be Coq
[Fri Jan 17 07:16:11 2014] <roosbeef> this is as far as i got: https://privatepaste.com/ac24e93804
[Fri Jan 17 07:16:47 2014] <Cale> simpl in H
[Fri Jan 17 07:16:57 2014] <Cale> what happens?
[Fri Jan 17 07:17:23 2014] <roosbeef> H : ar f = length (l ++ fill x st :: l0) /\
[Fri Jan 17 07:17:23 2014] <roosbeef>     list_prop (map fterm_v_is_wf (l ++ fill x st :: l0))
[Fri Jan 17 07:17:37 2014] <roosbeef> yea that looks a lot like what you just said
[Fri Jan 17 07:17:53 2014] <roosbeef> although not quite but in a way it does :p
[Fri Jan 17 07:18:35 2014] <Cale> What's ar?
[Fri Jan 17 07:18:52 2014] <Cale> Oh, arity
[Fri Jan 17 07:18:53 2014] <Cale> hah
[Fri Jan 17 07:18:54 2014] <Cale> okay
[Fri Jan 17 07:19:09 2014] <roosbeef> yep
[Fri Jan 17 07:19:34 2014] <Cale> So, the first bit is just saying that the top level of t was okay
[Fri Jan 17 07:20:17 2014] <roosbeef> yep the first half of /\
[Fri Jan 17 07:20:17 2014] <Cale> and the second bit is (informally) saying that fterm_v_is_wf for every element of l ++ fill x st :: l0
[Fri Jan 17 07:20:36 2014] <roosbeef> yes
[Fri Jan 17 07:20:42 2014] <Cale> and all we need to apply our induction hypothesis
[Fri Jan 17 07:20:54 2014] <Cale> is  fterm_v_is_wf (fill x st)
[Fri Jan 17 07:21:05 2014] <Cale> so that's in there, we just need to dig it out
[Fri Jan 17 07:21:17 2014] <roosbeef> sounds good
[Fri Jan 17 07:21:20 2014] <roosbeef> but how :p
[Fri Jan 17 07:21:52 2014] <Cale> Well, first of all, just split that thing apart with destruct
[Fri Jan 17 07:22:29 2014] <roosbeef> yep
[Fri Jan 17 07:22:33 2014] <roosbeef> then unfold list_prop?
[Fri Jan 17 07:22:49 2014] <Cale> Yeah, what is that even?
[Fri Jan 17 07:23:16 2014] <roosbeef> https://privatepaste.com/dbca6b40f2
[Fri Jan 17 07:27:12 2014] <Cale> okay, so let's go back and do a lemma or two
[Fri Jan 17 07:27:53 2014] <roosbeef> what kind of lemmas?
[Fri Jan 17 07:28:43 2014] <Cale> Lemmas relating ++ and list_prop
[Fri Jan 17 07:30:12 2014] <Cale> Lemma list_prop_append (l l' : list Prop) : list_prop (l ++ l') -> list_prop l /\ list_prop l'.
[Fri Jan 17 07:31:01 2014] <roosbeef> hmm
[Fri Jan 17 07:31:53 2014] <roosbeef> but how do we get rid of map fterm_v_is_wf in H2 : list_prop (map fterm_v_is_wf (l ++ fill x st :: l0))
[Fri Jan 17 07:32:45 2014] <Cale> the lemma for that already exists in the list library I believe
[Fri Jan 17 07:32:59 2014] <Cale> Lemma map_app : forall l l', map (l++l') = (map l)++(map l').
[Fri Jan 17 07:33:53 2014] <roosbeef> apply map_app in H2. gives Error: Statement without assumptions.
[Fri Jan 17 07:35:35 2014] <Cale> rewrite map_app in H2?
[Fri Jan 17 07:35:43 2014] <Cale> (might need to supply params)
[Fri Jan 17 07:36:07 2014] <roosbeef> ah
[Fri Jan 17 07:36:09 2014] <roosbeef> yea that works, H2 : list_prop (map fterm_v_is_wf l ++ map fterm_v_is_wf (fill x st :: l0))
[Fri Jan 17 07:37:20 2014] <Cale> okay, and in the meantime, I crudely proved the other lemma
[Fri Jan 17 07:38:00 2014] <Cale> http://lpaste.net/98642
[Fri Jan 17 07:39:19 2014] <roosbeef> haha nice
[Fri Jan 17 07:39:38 2014] <Cale> Lemma list_prop_append (l l' : list Prop) : list_prop (l ++ l') -> list_prop l /\ list_prop l'.
[Fri Jan 17 07:39:38 2014] <Cale> firstorder ; induction l ; firstorder.
[Fri Jan 17 07:39:39 2014] <Cale> Qed.
[Fri Jan 17 07:39:41 2014] <Cale> better proof
[Fri Jan 17 07:39:46 2014] <Cale> lol
[Fri Jan 17 07:39:46 2014] <roosbeef> ok
[Fri Jan 17 07:39:54 2014] <roosbeef> so now we have H2 : list_prop (map fterm_v_is_wf l) /\ list_prop (map fterm_v_is_wf (fill x st :: l0))
[Fri Jan 17 07:40:05 2014] <Cale> now
[Fri Jan 17 07:40:21 2014] <Cale> We only want the second part of that
[Fri Jan 17 07:40:28 2014] <Cale> You can destruct it if you want
[Fri Jan 17 07:40:40 2014] <Cale> (and clear the first part even)
[Fri Jan 17 07:41:19 2014] <Cale> and then simpl, and the bit we need should come out
[Fri Jan 17 07:41:41 2014] <roosbeef> cool
[Fri Jan 17 07:41:44 2014] <Cale> (the map will reduce because it's applied to a constructor)
[Fri Jan 17 07:41:50 2014] <roosbeef> yea its coming to the surface :)
[Fri Jan 17 07:41:53 2014] <roosbeef> H3 : list_prop (map fterm_v_is_wf (fill x st :: l0))
[Fri Jan 17 07:42:09 2014] <Cale> simpl in H3 should make progress
[Fri Jan 17 07:42:29 2014] <roosbeef> nope that doesnt change anything
[Fri Jan 17 07:42:31 2014] <roosbeef> oh wait
[Fri Jan 17 07:42:32 2014] <Cale> hm
[Fri Jan 17 07:42:45 2014] <roosbeef> wow
[Fri Jan 17 07:42:46 2014] <roosbeef> H3 : fterm_v_is_wf (fill x st) /\ list_prop (map fterm_v_is_wf l0)
[Fri Jan 17 07:42:51 2014] <Cale> yep
[Fri Jan 17 07:42:51 2014] <roosbeef> that actually solves the whole lemma
[Fri Jan 17 07:45:13 2014] <roosbeef> hm
[Fri Jan 17 07:45:19 2014] <roosbeef> or maybe not entirely :p
[Fri Jan 17 07:45:20 2014] <roosbeef> https://privatepaste.com/136708f5c6
[Fri Jan 17 07:45:35 2014] <roosbeef> so the first subgoal is in the assumptions
[Fri Jan 17 07:45:40 2014] <roosbeef> but how to go about the second subgoal there?
[Fri Jan 17 07:46:07 2014] <roosbeef> im guessing its in H1?
[Fri Jan 17 07:52:57 2014] <Cale> destruct H0
[Fri Jan 17 07:53:18 2014] <Cale> er
[Fri Jan 17 07:53:20 2014] <Cale> nono
[Fri Jan 17 07:53:40 2014] <Cale> hm!
[Fri Jan 17 07:53:52 2014] <Cale> Step back a bit...
[Fri Jan 17 07:54:04 2014] <Cale> To where you did the decompose record H0
[Fri Jan 17 07:54:12 2014] <roosbeef> that far? :p
[Fri Jan 17 07:54:15 2014] <Cale> which assumptions did that generate?
[Fri Jan 17 07:54:30 2014] <Cale> I just want to know where some of the assumptions have gone :)
[Fri Jan 17 07:55:17 2014] <Cale> oh, we have  t = fill (Cont f l x l0) st
[Fri Jan 17 07:55:23 2014] <roosbeef> yea
[Fri Jan 17 07:55:25 2014] <Cale> okay
[Fri Jan 17 07:55:31 2014] <Cale> simpl in that
[Fri Jan 17 07:55:39 2014] <roosbeef> but how do we rewrite that to x
[Fri Jan 17 07:55:41 2014] <Cale> simpl in H1, specifically :)
[Fri Jan 17 07:55:56 2014] <roosbeef> did that
[Fri Jan 17 07:56:00 2014] <roosbeef> gives H1 : t = Fun f (l ++ fill x st :: l0)
[Fri Jan 17 07:56:09 2014] <roosbeef> its possible to dig it out there as well?
[Fri Jan 17 07:56:17 2014] <Cale> That's bad...
[Fri Jan 17 07:56:24 2014] <Cale> Wait...
[Fri Jan 17 07:56:24 2014] <roosbeef> thought so :p
[Fri Jan 17 07:56:31 2014] <roosbeef> (back in 5 mins)
[Fri Jan 17 07:56:33 2014] <Cale> Can you paste your stuff
[Fri Jan 17 07:56:38 2014] <Cale> from the 2/2
[Fri Jan 17 07:56:47 2014] <Cale> because sometimes the assumptions change1
[Fri Jan 17 07:56:48 2014] <Cale> !
[Fri Jan 17 08:05:06 2014] <roosbeef> sure
[Fri Jan 17 08:05:56 2014] <roosbeef> https://privatepaste.com/c506643362
[Fri Jan 17 08:11:38 2014] <Cale> hmm!
[Fri Jan 17 08:11:42 2014] <Cale> How did we get here?
[Fri Jan 17 08:11:53 2014] <Cale> This is clearly false
[Fri Jan 17 08:12:48 2014] <Cale> If we had t = fill x st here
[Fri Jan 17 08:13:07 2014] <Cale> then we'd have t = Fun f (l ++ t :: l0)
[Fri Jan 17 08:13:51 2014] <Cale> Maybe two of our assumptions are contradictory already
[Fri Jan 17 08:17:11 2014] <roosbeef> :<
[Fri Jan 17 08:17:33 2014] <Cale> (if they are, we're done)
[Fri Jan 17 08:17:48 2014] <roosbeef> oh really?
[Fri Jan 17 08:18:13 2014] <Cale> yeah, if you can prove a contradiction, you can do anything
[Fri Jan 17 08:18:21 2014] <roosbeef> well
[Fri Jan 17 08:18:49 2014] <roosbeef> yea i guess thats a classic proof
[Fri Jan 17 08:19:09 2014] <Cale> It's also intuitionistically valid
[Fri Jan 17 08:19:45 2014] <Cale> Check False_rect. :)
[Fri Jan 17 08:20:26 2014] <Cale> induction on False is very powerful :)
[Fri Jan 17 08:21:39 2014] <Cale> however
[Fri Jan 17 08:21:58 2014] <Cale> Can you determine which step in the proof created this particular goal?
[Fri Jan 17 08:22:31 2014] <roosbeef> let me see..
[Fri Jan 17 08:22:43 2014] <roosbeef> yea
[Fri Jan 17 08:22:45 2014] <roosbeef> apply IHx
[Fri Jan 17 08:23:15 2014] <roosbeef> gives https://privatepaste.com/6d2b34d768
[Fri Jan 17 08:23:15 2014] <Cale> okay, go back there and paste things, and let's see what we can do
[Fri Jan 17 08:23:28 2014] <Cale> what did it look like just before then?
[Fri Jan 17 08:23:53 2014] <roosbeef> fterm_v_is_wf st
[Fri Jan 17 08:30:35 2014] <Cale> oh wait
[Fri Jan 17 08:30:46 2014] <Cale> We cleared H2 at one point, what was that?
[Fri Jan 17 08:30:56 2014] <roosbeef> the first half of that conjunction
[Fri Jan 17 08:30:59 2014] <Cale> Was that one of the list_props?
[Fri Jan 17 08:31:14 2014] <roosbeef> H2 : list_prop (map fterm_v_is_wf l)
[Fri Jan 17 08:31:14 2014] <roosbeef> H3 : list_prop (map fterm_v_is_wf (fill x st :: l0))
[Fri Jan 17 08:31:19 2014] <Cale> ah, okay
[Fri Jan 17 08:31:23 2014] <Cale> hmm
[Fri Jan 17 08:32:23 2014] <Cale> What'd things look like just before the induction on x? It's interesting that our induction hypothesis looks like this
[Fri Jan 17 08:33:08 2014] <roosbeef> https://privatepaste.com/82a2b8c5ce
[Fri Jan 17 08:33:26 2014] <Cale> and then just after?
[Fri Jan 17 08:33:49 2014] <Cale> What's the IHx? Is it the same one?
[Fri Jan 17 08:34:34 2014] <Cale> I'm just confused about why our IHx depends on that equation.
[Fri Jan 17 08:35:39 2014] <roosbeef> before: https://privatepaste.com/bb25de0b4f
[Fri Jan 17 08:35:40 2014] <roosbeef> after: https://privatepaste.com/0a3c9cff59
[Fri Jan 17 08:50:39 2014] <Cale> huh
[Fri Jan 17 08:50:46 2014] <Cale> lemme go look at what context was again
[Fri Jan 17 08:51:25 2014] <Cale> um
[Fri Jan 17 08:51:40 2014] <Cale> Can you  Check context_ind.  and see what type it has?
[Fri Jan 17 08:52:49 2014] <roosbeef> context_ind
[Fri Jan 17 08:52:49 2014] <roosbeef>      : forall (Sig : Signature) (P : context Sig -> Prop),
[Fri Jan 17 08:52:50 2014] <roosbeef>        P Hole ->
[Fri Jan 17 08:52:50 2014] <roosbeef>        (forall (f0 : Sig) (l : list (term Sig)) (c : context Sig),
[Fri Jan 17 08:52:50 2014] <roosbeef>         P c -> forall l0 : list (term Sig), P (Cont f0 l c l0)) ->
[Fri Jan 17 08:52:50 2014] <roosbeef>        forall c : context Sig, P c
[Fri Jan 17 08:58:07 2014] <Cale> I don't see any = signs in that
[Fri Jan 17 08:58:09 2014] <Cale> So weird
[Fri Jan 17 08:58:39 2014] <Cale> lol, maybe we should apply  context_ind  directly!
[Fri Jan 17 08:59:00 2014] <roosbeef> um where :p
[Fri Jan 17 08:59:16 2014] <Cale> Instead of induction x
[Fri Jan 17 09:00:05 2014] <roosbeef> oh yea
[Fri Jan 17 09:00:08 2014] <Cale> oh
[Fri Jan 17 09:00:08 2014] <roosbeef> then Coq says
[Fri Jan 17 09:00:09 2014] <roosbeef> Error: Unable to find an instance for the variable Sig.
[Fri Jan 17 09:00:13 2014] <Cale> er, right
[Fri Jan 17 09:00:23 2014] <roosbeef> but um
[Fri Jan 17 09:00:24 2014] <Cale> What's a Sig exactly?
[Fri Jan 17 09:00:32 2014] <roosbeef> i have a meeting at 3pm
[Fri Jan 17 09:00:36 2014] <Cale> Variable Sig : Signature.
[Fri Jan 17 09:00:38 2014] <Cale> wat
[Fri Jan 17 09:00:42 2014] <roosbeef> so i guess i should be going
[Fri Jan 17 09:00:47 2014] <roosbeef> (its 3pm now :p)
[Fri Jan 17 09:00:47 2014] <Cale> okay
[Fri Jan 17 09:00:54 2014] <Cale> Well, good luck with it :)
[Fri Jan 17 09:01:03 2014] <roosbeef> gotta say lotta thanks for your help man, sorry for my limited input
[Fri Jan 17 09:01:11 2014] <roosbeef> im back in about 2 hours i think
[Fri Jan 17 09:01:11 2014] <Cale> no problem :)
[Fri Jan 17 09:01:13 2014] <roosbeef> <3
[Fri Jan 17 11:16:59 2014] <roosbeef> Cale, still here?
[Fri Jan 17 11:29:12 2014] <Cale> kinda, I'm playing a game with a friend
[Fri Jan 17 11:29:20 2014] <roosbeef> :p what are you playing
[Fri Jan 17 11:46:05 2014] <roosbeef> Cale, could you specify what the contradiction was that weve arrived at earlier?
[Fri Jan 17 11:46:58 2014] <roosbeef> [t = fill x st] together with [H1 : t = Fun f (l ++ fill x st :: l0)]?
[Fri Jan 17 11:47:54 2014] <Cale> Well, it's just that if t = Fun f (l ++ t :: l0)
[Fri Jan 17 11:48:12 2014] <Cale> then t would have to be an infinite data structure
[Fri Jan 17 11:48:13 2014] <roosbeef> haha
[Fri Jan 17 11:48:14 2014] <roosbeef> oh yea
[Fri Jan 17 11:48:28 2014] <roosbeef> that would be a possibility
[Fri Jan 17 11:48:38 2014] <roosbeef> but quite possibly not what were after in this instance :p
[Fri Jan 17 11:48:55 2014] <roosbeef> hm
[Fri Jan 17 11:49:11 2014] <roosbeef> im kinda sad now cause it felt like we were so close haha
[Fri Jan 17 11:52:26 2014] <Cale> I don't understand the introduction of that equality parameter in the induction hypothesis
[Fri Jan 17 11:52:44 2014] <Cale> The type of induction on contexts doesn't contain any identity types
[Fri Jan 17 11:53:11 2014] <Cale> so it must be coming from the choice of P
[Fri Jan 17 11:53:43 2014] <Cale> Do you know what Sig is?
[Fri Jan 17 11:55:21 2014] <roosbeef> yea
[Fri Jan 17 11:55:40 2014] <roosbeef> actually i would just put the whole thing on privatepaste but comments are kinda messy :p
[Fri Jan 17 11:56:09 2014] <roosbeef> Definition VSig := VSignature.mkSignature    fstring_beq_ok.
[Fri Jan 17 11:56:16 2014] <roosbeef> but thats VSig.. sec
[Fri Jan 17 11:56:24 2014] <Cale> no, that's okay
[Fri Jan 17 11:56:28 2014] <Cale> Sig is a Parameter
[Fri Jan 17 11:57:25 2014] <roosbeef> color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html
[Fri Jan 17 11:58:23 2014] <roosbeef> yea its the signature by which those terms are constructed, so basically the arity of f (function/head symbol) and what f looks like (eg. its a string)
[Fri Jan 17 11:58:39 2014] <Cale> http://coq.inria.fr/pylons/contribs/files/CoLoR/v8.4/CoLoR.Term.Varyadic.VSignature.html
[Fri Jan 17 11:58:46 2014] <Cale> http://coq.inria.fr/pylons/contribs/files/CoLoR/v8.4/CoLoR.Term.Varyadic.VTerm.html
[Fri Jan 17 11:58:50 2014] <Cale> http://coq.inria.fr/pylons/contribs/files/CoLoR/v8.4/CoLoR.Term.Varyadic.VContext.html
[Fri Jan 17 12:00:13 2014] <roosbeef> yep
[Fri Jan 17 12:00:29 2014] <roosbeef> those are the main elements at play
[Fri Jan 17 12:09:28 2014] <Cale> wtf, how can Coq list a module in Print LoadPath. but not be able to find it?
[Fri Jan 17 12:09:38 2014] <Cale> I'm trying to install CoLoR
[Fri Jan 17 12:10:21 2014] <roosbeef> haha
[Fri Jan 17 12:10:24 2014] <roosbeef> did you compile?
[Fri Jan 17 12:11:13 2014] <Cale> ah, that's all it is
[Fri Jan 17 12:11:33 2014] <Cale> (I was expecting it'd just interpret everything :P)
[Fri Jan 17 12:12:04 2014] <roosbeef> nah
[Fri Jan 17 12:12:12 2014] <roosbeef> and it takes about 10 minutes too :p
[Fri Jan 17 12:13:02 2014] <Cale> lol, I'm actually getting some use out of the obscene amount of memory I have in this system
[Fri Jan 17 12:13:14 2014] <Cale> Up to 9 GB used :)
[Fri Jan 17 12:13:18 2014] <roosbeef> :P nice
[Fri Jan 17 12:13:38 2014] <Cale> (of 16)
[Fri Jan 17 12:14:09 2014] <roosbeef> i remember back when having a 1GB hard drive was a big deal
[Fri Jan 17 12:14:50 2014] <Cale> Oh, the game I was playing with my friend is called Heroes of Umbra. It's a freely available multiplayer action RPG / platformer game in Java.
[Fri Jan 17 12:15:12 2014] <roosbeef> cool
[Fri Jan 17 12:15:35 2014] <Cale> It's all right, but we're getting to parts that are pretty frustrating now :)
[Fri Jan 17 12:15:39 2014] <roosbeef> only game i ever play these days is Soul Calibur 5 at work :p
[Fri Jan 17 12:16:02 2014] <roosbeef> oh its a cooperative rpg?
[Fri Jan 17 12:16:03 2014] <Cale> okay, compiled
[Fri Jan 17 12:16:08 2014] <Cale> yeah
[Fri Jan 17 12:16:09 2014] <roosbeef> wow that was fast :p
[Fri Jan 17 12:20:07 2014] <Cale> Do you suppose you could paste the bits of your definitions that aren't part of this package?
[Fri Jan 17 12:20:08 2014] <Cale> I want to fiddle with it a bit
[Fri Jan 17 12:20:08 2014] <Cale> (at least, the stuff relevant to this lemma)
[Fri Jan 17 12:21:53 2014] <roosbeef> sure
[Fri Jan 17 12:22:16 2014] <roosbeef> let me go over my comments for a bit then ill put it up
[Fri Jan 17 12:28:41 2014] <Cale> I don't need comments :P
[Fri Jan 17 12:29:00 2014] <Cale> Just want the definitions so that I can step over them and try to prove this lemma :)
[Fri Jan 17 12:39:15 2014] <roosbeef> Cale, this should contain all relevant code https://privatepaste.com/82ac61409c
[Fri Jan 17 12:46:27 2014] <Cale> Oh weird, fstring_beq_ok has a different type here
[Fri Jan 17 12:46:49 2014] <Cale> er, no that's your thing
[Fri Jan 17 12:46:51 2014] <Cale> mkSignature does
[Fri Jan 17 12:47:02 2014] <roosbeef> ?
[Fri Jan 17 12:47:09 2014] <Cale> Error: The term "fstring_beq_ok" has type
[Fri Jan 17 12:47:09 2014] <Cale>  "forall f g : fstring, fstring_beq f g = true <-> f = g"
[Fri Jan 17 12:47:09 2014] <Cale>  while it is expected to have type
[Fri Jan 17 12:47:09 2014] <Cale>  "forall f g : fstring, {f = g} + {f <> g}".
[Fri Jan 17 12:47:37 2014] <Cale> I can fix it :)
[Fri Jan 17 12:47:43 2014] <roosbeef> its still weird
[Fri Jan 17 12:47:45 2014] <roosbeef> why does that happen
[Fri Jan 17 12:48:18 2014] <Cale> Oh, you have eq_fstring_dec
[Fri Jan 17 12:49:11 2014] <Cale> Which version of Coq are you using? I'm on 8.4pl2
[Fri Jan 17 12:49:27 2014] <Cale> and I downloaded the corresponding CoLoR library for that
[Fri Jan 17 12:49:37 2014] <roosbeef> yea that might be why
[Fri Jan 17 12:49:56 2014] <roosbeef> im using Coq 8.4 with CoLoR 130920
[Fri Jan 17 12:50:33 2014] <roosbeef> (using that version of Coq because it came with Xubuntu 13.04)
[Fri Jan 17 12:52:48 2014] <Cale> huh, why does it think that term needs to be applied to ASig?
[Fri Jan 17 12:53:29 2014] <roosbeef> i think ATerm.term is a function taking an ASig
[Fri Jan 17 12:53:37 2014] <roosbeef> where does it say that
[Fri Jan 17 12:54:14 2014] <Cale> Fixpoint fterm_v_is_wf (ftv : term VSig) : Prop :=
[Fri Jan 17 12:54:30 2014] <Cale> Error: The term "VSig" has type "Signature" while it is expected to have type
[Fri Jan 17 12:54:33 2014] <Cale>  "ASignature.Signature".
[Fri Jan 17 12:54:40 2014] <roosbeef> oh
[Fri Jan 17 12:54:45 2014] <roosbeef> should be VTerm.term
[Fri Jan 17 12:54:46 2014] <roosbeef> then
[Fri Jan 17 12:55:37 2014] <roosbeef> actually
[Fri Jan 17 12:55:40 2014] <roosbeef> t : fterm_v
[Fri Jan 17 12:55:42 2014] <roosbeef> that would also work
[Fri Jan 17 12:57:21 2014] <Cale> I fixed a bunch of those ambiguities by qualifying some things with VTerm when it complained, and now I'm down to the Lemma we were working on
[Fri Jan 17 12:57:22 2014] <Cale> Lemma t_wf_then_st_wf : forall (t : fterm_v) (st : fterm_v),
[Fri Jan 17 12:57:22 2014] <Cale>    fterm_v_is_wf t -> subterm_eq st t -> fterm_v_is_wf st.
[Fri Jan 17 12:57:24 2014] <Cale> It's complaining about the st in subterm_eq st t
[Fri Jan 17 12:57:29 2014] <Cale> The term "st" has type "fterm_v" while it is expected to have type
[Fri Jan 17 12:57:29 2014] <Cale>  "term ?695".
[Fri Jan 17 12:57:50 2014] <Cale> Maybe just make those VTerm.terms?
[Fri Jan 17 12:58:04 2014] <roosbeef> i guess
[Fri Jan 17 12:58:07 2014] <roosbeef> dunno why its acting up
[Fri Jan 17 12:58:29 2014] <Cale> nope, still complains
[Fri Jan 17 12:58:32 2014] <roosbeef> did Coq/CoLoR change that much over a couple months?
[Fri Jan 17 12:58:46 2014] <Cale> no idea :)
[Fri Jan 17 12:59:04 2014] <Cale> I also had to change a Vnil to Vector.nil
[Fri Jan 17 13:01:02 2014] <Cale> oh
[Fri Jan 17 13:01:02 2014] <Cale> heh
[Fri Jan 17 13:01:48 2014] <Cale> So I tried commenting out anything from ASignature/ATrs
[Fri Jan 17 13:01:53 2014] <Cale> and now I get
[Fri Jan 17 13:02:01 2014] <Cale> The reference subterm_eq was not found in the current environment.
[Fri Jan 17 13:02:04 2014] <Cale> So that explains something
[Fri Jan 17 13:02:10 2014] <roosbeef> ah
[Fri Jan 17 13:02:16 2014] <roosbeef> so were using the wrong subterm_eq
[Fri Jan 17 13:04:00 2014] <Cale> okay, and now I imported CoLoR.Term.Varyadic.VContext and it's good
[Fri Jan 17 13:05:21 2014] <roosbeef> still quite strange
[Fri Jan 17 13:11:33 2014] <Cale> I might've gotten somewhere. No idea what the heck the induction tactic was doing.
[Fri Jan 17 13:12:27 2014] <Cale> errrr...
[Fri Jan 17 13:12:27 2014] <Cale> heh
[Fri Jan 17 13:17:20 2014] <Cale> "Error: Unable to find an instance for the variable Q." -- nothing called Q anywhere that I can see, great
[Fri Jan 17 13:17:34 2014] <ianjneu> unfold something?
[Fri Jan 17 13:18:05 2014] <Cale> ah, it's in the parameters to term_ind.
[Fri Jan 17 13:39:49 2014] <roosbeef> bbl
[Fri Jan 17 14:23:29 2014] <Anarchos> hi roosbeef
[Fri Jan 17 15:00:50 2014] <Igloo> How do I export an Inductive with a Module Type?
[Fri Jan 17 15:10:14 2014] <maxiepoo> Hi, is there a guide to writing new extraction procedures for coq?
[Fri Jan 17 15:10:38 2014] <maxiepoo> I'd like to write a Racket/improved scheme extraction that uses structs instead of tagged lists
[Fri Jan 17 15:45:30 2014] <ianjneu> maxiepoo: I wouldn't bet on it. I'd totally be on board with a Racket extractor though <3
[Fri Jan 17 15:46:05 2014] <maxiepoo> ianjneu: do you know how hard it would be? Do you have to patch the compiler or is there some plugin mechanism?
[Fri Jan 17 15:46:34 2014] <ianjneu> Since you can make racket look arbitrarily close to ocaml, you would think it's not hard at all.
[Fri Jan 17 15:46:50 2014] <ianjneu> Start with looking at tho ocaml extractor.
[Fri Jan 17 15:46:52 2014] <ianjneu> the*
[Fri Jan 17 15:48:31 2014] <roosbeef> whats up Anarchos
[Fri Jan 17 15:49:50 2014] <Anarchos> roosbeef not so much
[Fri Jan 17 15:50:03 2014] <Anarchos> roosbeef still confused with set theory and hott, things like that
[Fri Jan 17 15:50:16 2014] <roosbeef> hmm
[Sat Jan 18 04:46:01 2014] <roosbeef> morning
[Sat Jan 18 07:30:49 2014] <osa1> hi all. I'm trying to do some algebra stuff(mainly related with relations, groups etc.) in Coq. can anyone help me how can I define something like this in Coq: "xRy in \real if |x| = |y|" , here R is a relation. I want to define this in Coq and later show some properties of this relation, like reflexivity, symmetry and transitivity.
[Sat Jan 18 07:50:25 2014] <osa1> do we have an absolute value function defined for reals in stdlib?
[Sat Jan 18 07:59:22 2014] <osa1> how can I prove x - x = 0 for reals?
[Sat Jan 18 08:04:23 2014] <osa1> what was the command that shows name of a notation?
[Sat Jan 18 08:05:34 2014] <jgross> osa1: Locate "-". 
[Sat Jan 18 08:05:56 2014] <jgross> Also, you might find SearchAbout (<some pattern or identifier>) useful 
[Sat Jan 18 08:06:06 2014] <osa1> ahh right. thanks.
[Sat Jan 18 08:06:18 2014] <osa1> jgross: can you help me with proving 0 <= 3 where 0 and 3 are reals?
[Sat Jan 18 08:06:53 2014] <jgross> I've never used real numbers in Coq, but you probably either find a lemma in the stdlib, or you do it by induction. 
[Sat Jan 18 08:07:15 2014] <osa1> R is not inductive, I think.
[Sat Jan 18 08:07:25 2014] <osa1> induction x failed with "not inductive product"
[Sat Jan 18 08:07:30 2014] <osa1> where x is R
[Sat Jan 18 08:08:48 2014] <jgross> If the relation isn't inductive, then you should just be able to [compute] or [simpl], and it'll tell you "yes".  If it doesn't do that, it's probably because either it's opaque (and then you need lemmas) or it's inductive. 
[Sat Jan 18 08:11:47 2014] <osa1> yeah, compute changed the goal but now I'm stuck with 0 < 3 :-)
[Sat Jan 18 08:12:01 2014] <osa1> working with reals turned out to be annoying that I expected
[Sat Jan 18 09:26:19 2014] <hodapp> reals look like rather a mess
[Sat Jan 18 09:45:22 2014] <barb> osa1: hello, 0 and 3 are just natural numbers and there must be a lemma saying that injection of natural numbers into reals is monotonic…
[Sat Jan 18 10:54:57 2014] <ianjneu> I'm going to rubber-duck to this channel a little bit.
[Sat Jan 18 10:55:44 2014] <ianjneu> I have a reduction relation that is parameterized by an address allocation strategy. It should be the case that if allocation always produces fresh addresses that the reduction relation is deterministic.
[Sat Jan 18 10:57:28 2014] <ianjneu> There are three important enviroments: the heap (Address -> set Value), the memo table (Context -> set Result), and the stack segment table (Context -> set Stack_segment).
[Sat Jan 18 10:59:27 2014] <ianjneu> A Context is a data-structure with enough information about a state such that regardless of the rest of the state components, the "result" of running the filled out state is "the same." Think of a memoized function called in different places. The continuation is different throughout, but you have clear points at which to say that you've reached a "result"
[Sat Jan 18 10:59:55 2014] <ianjneu> For the CESK machine, the CES components suffice for such a context.
[Sat Jan 18 11:00:14 2014] <ianjneu> Okay, so, the hard part.
[Sat Jan 18 11:00:31 2014] <osa1> barb: I found injections here http://coq.inria.fr/distrib/current/stdlib/Coq.Reals.RIneq.html but still can't prove 0 < 3 for reals
[Sat Jan 18 11:00:41 2014] <osa1> can you help me with this?
[Sat Jan 18 11:01:29 2014] <ianjneu> Intuitively, if you are executing from some context, and reach the same context again without memoizing, you will never memoize, since you just called yourself with the exact same arguments.
[Sat Jan 18 11:02:13 2014] <ianjneu> How might one state, prove, and use such a proposition to prove the overall determinism of such a reduction relation?
[Sat Jan 18 11:02:35 2014] <osa1> I'd expect   rewrite H. rewrite Rabs_R0. compute. left. apply lt_INR.
[Sat Jan 18 11:02:35 2014] <osa1>  to work but it doesn't
[Sat Jan 18 11:04:08 2014] <ianjneu> osa1: how are number literals 0 and 3 represented? Is 0%real = INR 0%nat?
[Sat Jan 18 11:04:51 2014] <osa1> ianjneu: I have no ideas how 0 and 3 are represented.
[Sat Jan 18 11:05:16 2014] <osa1> also don't know about second part but I was expecting it to be true
[Sat Jan 18 11:05:39 2014] <ianjneu> r_syntax_plugin looks to be the place it's all defined.
[Sat Jan 18 11:05:54 2014] <osa1> what's that?
[Sat Jan 18 11:07:22 2014] <ianjneu> a plugin for understanding better syntax for real number literals, I suppose.
[Sat Jan 18 11:14:32 2014] <ianjneu> so, 0%R = INR 0 by reflexivity, but reflexivity does not prove 3%R = INR 3.
[Sat Jan 18 11:15:25 2014] <osa1> this is annoying. I can't prove anything on reals. I'm also stuck at 1 + -7 < 0 is False
[Sat Jan 18 11:19:50 2014] <ianjneu> osa1: Set Printing All, then you can see the uses of Rplus, etc so you can use the associativity axioms to make it all work. I'll pastebin my 0 < 3 solution. You might try Robbert Krebbers' library for real numbers too.
[Sat Jan 18 11:20:42 2014] <ianjneu> http://pastebin.com/wa0Gh1d8
[Sat Jan 18 11:21:07 2014] <osa1> WTF?! "Access to the application you were trying to use has been blocked in accordance with company policy. Please contact your system administrator if you believe this is in error."
[Sat Jan 18 11:21:22 2014] <osa1> ianjneu: apparently my access to pastebin is blocked ^^
[Sat Jan 18 11:22:12 2014] <ianjneu> http://sprunge.us/ePQD
[Sat Jan 18 11:22:21 2014] <ianjneu> better?
[Sat Jan 18 11:22:26 2014] <osa1> yup, thanks.
[Sat Jan 18 11:22:56 2014] <osa1> neat. I didn't know assert ... as ... tactic.
[Sat Jan 18 11:27:23 2014] <Cale> http://lpaste.net/98732
[Sat Jan 18 11:27:24 2014] <Cale> (I copied his paste there)
[Sat Jan 18 14:45:18 2014] <roosbeef> so im working with this data type, 'terms'
[Sat Jan 18 14:45:26 2014] <roosbeef> (from the library CoLoR)
[Sat Jan 18 14:47:37 2014] <roosbeef> now im trying to prove for some property P that, forall terms t: P t -> forall subterms st: P st
[Sat Jan 18 14:47:50 2014] <roosbeef> using this lemma: http://color.inria.fr/doc/CoLoR.Term.Varyadic.VContext.html#subterm_ind
[Sat Jan 18 14:48:30 2014] <roosbeef> how do i sculpt my statement such that i can apply that lemma, or is it even the lemma to use for this particular problem?
[Sat Jan 18 14:49:07 2014] <roosbeef> ive defined the problem as Lemma t_wf_then_st_wf : forall (t : fterm_v), fterm_v_is_wf t -> forall (st : fterm_v), subterm_eq st t -> fterm_v_is_wf st.
[Sat Jan 18 14:50:33 2014] <roosbeef> but after doing intros, if i apply subterm_ind, variables lose sync (not sure how to say, new variables are introduced)
[Sat Jan 18 15:14:47 2014] <roosbeef> bbl
[Sat Jan 18 21:56:15 2014] <jrw> is there a way to combine identical subgoals? so given a context with a bunch of subgoals, my desired command would leave a context with one subgoal for each distinct subgoal in the original context, that is, eliminating repeats.
[Sat Jan 18 22:50:14 2014] <jgross> jrw: Maybe in 8.5, but not in 8.4.  If "tac" solves the goal, you can do something like "[ abstract tac using bar | ]; exact bar" 
[Sat Jan 18 22:57:01 2014] <jrw> jgross: thanks, that's better than nothing :)
[Sat Jan 18 22:57:40 2014] <jrw> jgross: also where can read about changes in 8.5?
[Sat Jan 18 23:19:22 2014] <jgross> jrw: https://github.com/coq/coq/commits, https://github.com/maximedenes/coq-8.5-demo, http://coq.inria.fr/cocorico/CoqDevelopment/CRGTCoq20131126 
[Sat Jan 18 23:19:42 2014] <jrw> jgross: ooo, thanks!
[Sun Jan 19 03:38:20 2014] <roosbeef> morning
[Sun Jan 19 03:48:36 2014] <roosbeef> so ive got this state of proof https://privatepaste.com/590be1aafa
[Sun Jan 19 03:48:57 2014] <roosbeef> then apply this induction lemma http://color.inria.fr/doc/CoLoR.Term.Varyadic.VContext.html#subterm_sub_ind
[Sun Jan 19 03:49:58 2014] <roosbeef> bringing me to this state of proof https://privatepaste.com/aed92248d2
[Sun Jan 19 03:50:04 2014] <roosbeef> but why does it rename the variables
[Sun Jan 19 03:51:16 2014] <roosbeef> succesfully proving the lemma would require the t in H to be the same as t0 in H0
[Sun Jan 19 03:55:16 2014] <roosbeef> or is this sublemma merely an application of the lemma im trying to prove (saying basically that IF the lemma is true then it holds)
[Sun Jan 19 15:58:40 2014] <hodapp> I wonder what the reason is for Coq employing a different syntax for giving a function's signature in a definition, and in a type
[Sun Jan 19 16:13:37 2014] <ia0> do you have an example? for me it looks like it's the same
[Sun Jan 19 16:20:04 2014] <jgross> hodapp: Do you mean the option of saying "Definition f x : x = Type := ...", but how you have to say (f : forall x, x = Type) elsewhere? (the reason "f x : x = Type" doesn't work in a type signature is that space means "separator in list of variables of the same type that I'm defining") 
[Sun Jan 19 16:33:20 2014] <hodapp> ia0: in Haskell, for instance, a definition contains a function signature that is almost identical to how you'd refer to that function's type elsewhere (e.g. Foo :: Float -> Float -> Float)
[Sun Jan 19 16:33:52 2014] <hodapp> while (Float -> Float -> Float) is also a valid type, if you had a function which could accept Foo as a parameter
[Sun Jan 19 16:34:32 2014] <ia0> it is the same in Coq
[Sun Jan 19 16:34:35 2014] <hodapp> but to steal an example from SF, a definition like: Fixpoint flat_map {X Y:Type} (f:X -> list Y) (l:list X)
[Sun Jan 19 16:34:44 2014] <hodapp> has a type of: forall X Y : Type, (X -> list Y) -> list X -> list Y
[Sun Jan 19 16:34:45 2014] <ia0> If you write : Definition myfun : mytype := mycode.
[Sun Jan 19 16:35:30 2014] <ia0> Fixpoint are particular because you have to give at least one argument, but you could write
[Sun Jan 19 16:35:33 2014] <ia0> :
[Sun Jan 19 16:36:18 2014] <ia0> Definition flat_map : forall X Y : Type, (X -> list Y) -> list X -> list Y := fix flat_map X Y f l :=
[Sun Jan 19 16:36:40 2014] <ia0> and then tell that X and Y are implicit
[Sun Jan 19 16:37:29 2014] <ia0> Arguments flat_map [X Y] f l.
[Sun Jan 19 16:37:37 2014] <ia0> or something like that, I'm not an expert
[Sun Jan 19 16:37:58 2014] <ia0> The difference between Haskell and Coq is the same as between Haskell and OCaml
[Sun Jan 19 16:38:11 2014] <ia0> in Haskell you write the whole signature at once
[Sun Jan 19 16:38:17 2014] <ia0>   myfun :: mysign
[Sun Jan 19 16:38:48 2014] <ia0> in OCaml and Coq, its mixed with the definition of the function
[Sun Jan 19 16:39:09 2014] <ia0>   myfun some_args : result_type = mycode
[Sun Jan 19 18:59:45 2014] <uucico> i'm trying to figure out why coq refuses to unify an existential variable (something like "?123") with another named variable that i believe should have the same type.  how can i ask coq for the type signature of that existential variable -- the moral equivalent of "Check x"?
[Sun Jan 19 19:12:23 2014] <Igloo> IME, life is easier if you prove things in a way that means existentials don't get created
[Sun Jan 19 19:13:16 2014] <Igloo> If using coqide, the View menu (e.g. "View/Display all low-level contents") might be helpful
[Sun Jan 19 19:18:08 2014] <uucico> i suppose i will try to go back and see if i can avoid existentials in the first place..  although i'm now quite curious what's going on here.  my goal (with "Set Printing All") is nearly trivial: "@eq Mem.mem x1 ?1504", and my only hypothesis is "x1 : Mem.mem".
[Sun Jan 19 19:19:13 2014] <uucico> perhaps one confusing part is that, when i try to "Show Existentials", an extra existential appears that doesn't seem to be in any of my goals..
[Sun Jan 19 19:20:23 2014] <uucico> .. < Show Existentials. \\ Existential 1 = ?1559 : [x1 : Mem.mem |- @eq Mem.mem x1 ?1504] \\ Existential 2 = ?1504 : [ |- Mem.mem]
[Sun Jan 19 19:20:36 2014] <uucico> what is this ?1559 thing?
[Sun Jan 19 19:25:49 2014] <hodapp> is there some analog to prefixing with @ to make all implicit arguments explicit?
[Sun Jan 19 19:26:07 2014] <hodapp> disclaimer: I just learned about this on Friday and don't know Coq very well
[Sun Jan 19 19:31:59 2014] <uucico> i thought that's what @ does..  i.e., the type argument to eq is usually implicit, but @eq has an explicit type argument
[Sun Jan 19 20:17:07 2014] <jgross> uucico: Coq represents some goals as existentials, behind the scenes. 
[Sun Jan 19 20:18:41 2014] <jgross> What's going on is that x1 was introduced after ?1504 (notice that ?1504 has no hypotheses in context).  So you can't instantiate it with x1.  Otherwise, you could do something silly, like "Goal exists x : False, forall y, y = x. eexists. intro y.  reflexivity." and then you'd have a proof of false. 
[Sun Jan 19 20:24:49 2014] <uucico> jgross: ah, that makes sense, thanks!
[Sun Jan 19 22:11:54 2014] <adelbertc> is software foundations or cpdt more suited for a complete newbie?
[Sun Jan 19 22:15:24 2014] <uucico> starting from nearly zero PL background, i found coq`art to be very approachable, but cpdt was difficult to absorb (and SF was somewhere in the middle).  after coq`art, cpdt is much easier to read.
[Sun Jan 19 22:18:10 2014] <Ptival> adelbertc: software foundations should be smoother
[Sun Jan 19 22:21:48 2014] <adelbertc> alright ill try SF first and if that proves to be too difficult ill fall back to coqart
[Sun Jan 19 22:21:48 2014] <adelbertc> cheers
[Mon Jan 20 00:29:50 2014] <roosbeef> how does it get determined what variables get newly introduced and what variables get bound?
[Mon Jan 20 00:31:50 2014] <roosbeef> for example i would like to use this hypothesis H0 : exists C : context VSig, C <> Hole /\ t = fill C st
[Mon Jan 20 00:32:28 2014] <roosbeef> to prove the subgoals [x <> Hole] and [t = fill x st]
[Mon Jan 20 00:33:33 2014] <roosbeef> oh wait i guess thats not correct, because that C is not necessarily equal to x :p
[Mon Jan 20 00:34:27 2014] <roosbeef> ok so nevermind haha
[Mon Jan 20 00:34:47 2014] <roosbeef> * sip coffee
[Mon Jan 20 00:37:47 2014] <roosbeef> what if theres an assumption x <> x
[Mon Jan 20 00:38:03 2014] <roosbeef> that should tick off a subgoal right? But what tactic do i use
[Mon Jan 20 08:14:13 2014] <roosbeef> anyone familiar with CoLoR?
[Mon Jan 20 09:00:07 2014] <roosbeef> is it possible to use this Lemma, subterm_sub_ind: http://color.inria.fr/doc/CoLoR.Term.Varyadic.VContext.html#subterm_sub_ind
[Mon Jan 20 09:00:56 2014] <roosbeef> to prove that,
[Mon Jan 20 09:01:58 2014] <roosbeef> if we have a property P on terms, such that if for a term t it holds that P t, it also holds that P st for any subterm st,
[Mon Jan 20 09:02:41 2014] <roosbeef> to prove that if P t, then for all st (subterms of t) it holds that P st
[Mon Jan 20 09:02:43 2014] <roosbeef> ?
[Mon Jan 20 09:09:09 2014] <ianjneu> "Sigma P : term -> Prop . forall t, P t -> forall st, subterm st t -> P st" does not have a reverse statement, that is, forall t, P <-> [...].
[Mon Jan 20 09:09:23 2014] <ianjneu> P t *
[Mon Jan 20 09:11:23 2014] <roosbeef> such a reverse statement would be required?
[Mon Jan 20 09:12:29 2014] <ianjneu> well, can you state your desired proposition formally?
[Mon Jan 20 09:12:42 2014] <ianjneu> is my type what you're after?
[Mon Jan 20 09:13:58 2014] <roosbeef> well
[Mon Jan 20 09:14:31 2014] <roosbeef> i need to be able to infer from [P t] that if [subterm st t] then also [P st]
[Mon Jan 20 09:15:13 2014] <ianjneu> as an assumption on P
[Mon Jan 20 09:15:14 2014] <ianjneu> ?
[Mon Jan 20 09:15:50 2014] <roosbeef> its inherent to P
[Mon Jan 20 09:15:59 2014] <roosbeef> if thats what you mean by 'an assumpton _on_ P'?
[Mon Jan 20 09:16:24 2014] <roosbeef> P is a property of wellformedness
[Mon Jan 20 09:16:25 2014] <ianjneu> excuse me, "of"
[Mon Jan 20 09:16:28 2014] <ianjneu> kk
[Mon Jan 20 09:16:44 2014] <roosbeef> if t is well formed, then subterms are also by definition of wellformedness of t
[Mon Jan 20 09:19:35 2014] <roosbeef> what approach would you suggest id take? It seems like a simple enough lemma to prove but in all honesty im struggling to get at it :/
[Mon Jan 20 09:21:11 2014] <ianjneu> so the induction principle subterm_sub_ind is saying that _if_ you can prove wellformedness purely from the wellformedness of all subterms, then all subterms are wellformed.
[Mon Jan 20 09:21:29 2014] <roosbeef> ok so thats the other direction
[Mon Jan 20 09:22:34 2014] <roosbeef> guess im confused
[Mon Jan 20 09:22:59 2014] <roosbeef> then this would be the direction im looking for? Lemma subterm_ind : forall (P : term -> Prop) (IH : forall t, (forall u, subterm u t -> P u) -> P t), forall t, P t.
[Mon Jan 20 09:24:17 2014] <ianjneu> Your condition on P does not say that you can satisfy IH. It says the opposite of the IH.
[Mon Jan 20 09:24:37 2014] <ianjneu> forall t, P t -> forall u, subterm u t -> P u
[Mon Jan 20 09:24:51 2014] <roosbeef> yep
[Mon Jan 20 09:25:00 2014] <roosbeef> haha
[Mon Jan 20 09:25:08 2014] <roosbeef> so none of these fit my puzzle
[Mon Jan 20 09:25:09 2014] <roosbeef> then
[Mon Jan 20 09:25:33 2014] <ianjneu> So, unless you can use definitional equalities of P to satisfy IH, you're hosed. Purely abstractly, this does not appear to be a theorem.
[Mon Jan 20 09:25:46 2014] <roosbeef> what??
[Mon Jan 20 09:26:00 2014] <roosbeef> does not appear to be a theorem how
[Mon Jan 20 09:26:19 2014] <roosbeef> it does appear to be correct?
[Mon Jan 20 09:28:37 2014] <ianjneu> If you have a tree with root node R : term -> term -> term, (say we're looking at R c0 c1) and you know that c0, c1 and all their subterms are well-formed, it's not a guarantee that R c0 c1 is well-formed. You could have a deeper condition on the well-formedness of R nodes, saying that c0 must additionally be depth 4, or whatever.
[Mon Jan 20 09:29:38 2014] <roosbeef> hm
[Mon Jan 20 09:29:58 2014] <roosbeef> so the assumption is that the tree [R c0 c1] is wellformed
[Mon Jan 20 09:30:31 2014] <roosbeef> surely one can infer from this that c0 is wellformed if that is essential to a tree being wellformed (that all its subtrees are also wellformed)
[Mon Jan 20 09:31:28 2014] <roosbeef> oh, youre describing subterm_ind right
[Mon Jan 20 09:31:31 2014] <roosbeef> my bad :p
[Mon Jan 20 09:31:36 2014] <ianjneu> yes, you don't get that R c0 c1 is wellformed when trying to satisfy the IH. Your goal is wellformedness of R c0 c1 given the wellformedness of all its subterms.
[Mon Jan 20 09:32:58 2014] <roosbeef> so how would one go about proving wf c0 given wf [R c0 c1]?
[Mon Jan 20 09:34:05 2014] <ianjneu> Unless I know more about wf, that's not necessarily a theorem.
[Mon Jan 20 09:35:02 2014] <ianjneu> Consider that terms are only well-formed if they're closed. lambda x x is well-formed, but the subterm x is not.
[Mon Jan 20 09:36:40 2014] <roosbeef> https://privatepaste.com/6c4f8bd873
[Mon Jan 20 09:37:16 2014] <roosbeef> (its at the bottom)
[Mon Jan 20 09:38:14 2014] <ianjneu> I don't know what ATerms and VTerms are.
[Mon Jan 20 09:39:03 2014] <roosbeef> http://color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html#term
[Mon Jan 20 09:39:26 2014] <roosbeef> ATerms are not relevant
[Mon Jan 20 09:40:08 2014] <ianjneu> Ah, so it's like ANF lambda calculus terms.
[Mon Jan 20 09:41:03 2014] <roosbeef> yep i suppose
[Mon Jan 20 09:44:31 2014] <ianjneu> I don't know enough about CoLoR to to help much more. It looks like induction on the term itself should suffice, since the wellformedness is so simple.
[Mon Jan 20 09:45:00 2014] <roosbeef> basic induction?
[Mon Jan 20 09:47:35 2014] <ianjneu> ya, but I'm not sure how you would construct the context to show that something is a subterm. You'd have to have deeper knowledge about your list_prop thing, that is, what position in the list are you looking at, so you can construct the hole there and fill the left and right sides with the appropriate terms.
[Mon Jan 20 09:48:13 2014] <ianjneu> brb
[Mon Jan 20 09:48:31 2014] <Cale> We had some rather weird problems the other day where using the induction tactic introduced strange equality requirements on the induction hypothesis
[Mon Jan 20 09:48:31 2014] <roosbeef> cool thanks for having a look :)
[Mon Jan 20 09:48:39 2014] <Cale> I couldn't figure out where they were coming from.
[Mon Jan 20 09:48:47 2014] <roosbeef> whats up Cale :0
[Mon Jan 20 09:48:56 2014] <Cale> (that was using induction on contexts)
[Mon Jan 20 09:49:02 2014] <Cale> not much
[Mon Jan 20 09:49:03 2014] <roosbeef> yea thats why im unsure about using basic induction
[Mon Jan 20 09:55:39 2014] <roosbeef> why was that equality requirement so strange though
[Mon Jan 20 09:56:58 2014] <roosbeef> it merely requires [t = fill x st], right? Where x is a Context in t
[Mon Jan 20 09:57:34 2014] <roosbeef> or is that not the one you were speaking of
[Mon Jan 20 09:59:00 2014] <ianjneu> baby duty. Likely will be pretty silent for a while.
[Mon Jan 20 10:00:50 2014] <roosbeef> haha
[Mon Jan 20 11:26:37 2014] <ianjneu> Back for a while
[Mon Jan 20 11:26:37 2014] <ianjneu> .
[Mon Jan 20 14:33:56 2014] <samg_> I'm working through Software Foundations and I want to check one of my freeform answers. The question is in Poly, called baz_num_elts.
[Mon Jan 20 14:33:59 2014] <samg_> My answer: https://github.com/samwgoldman/sf/blob/67a50e9ef9ef8a60c324bfc7099c0694a75ce457/Poly.v#L182
[Mon Jan 20 14:35:06 2014] <samg_> Can someone here tell me if my answer is wrong?
[Mon Jan 20 14:51:15 2014] <Cale> samg_: I agree with your answer, but why don't you try to prove it?
[Mon Jan 20 14:51:23 2014] <Cale> samg_: Theorem bazEmpty : baz -> False.
[Mon Jan 20 14:54:36 2014] <samg_> Cool idea!
[Mon Jan 20 15:14:06 2014] <samg_> Cale: I think I might need to use a tactic I haven't learned to prove baz -> False. I tried `intros H. induction H.` and then I get stuck. If I try to rewrite using IHbaz, I get "The term provided is not an applied relation" but I'm not sure what that means.
[Mon Jan 20 15:14:42 2014] <Cale> samg_: You can use assumption, because your goal matches one of your hypotheses
[Mon Jan 20 15:14:54 2014] <Cale> Or if you want to be more explicit, you can use  apply IHbaz.
[Mon Jan 20 15:18:16 2014] <samg_> Yeah, I haven't covered those tactics yet. I will read up on them. Thanks :)
[Mon Jan 20 15:59:44 2014] <roosbeef> what tactic do i use to eliminate a subgoal when x <> x is an assumption?
[Mon Jan 20 16:00:30 2014] <samg_> git st
[Mon Jan 20 16:00:34 2014] <samg_> oops :)
[Mon Jan 20 16:25:34 2014] <jrw> roosbeef: "congruence" will do it. if you think that's overkill you can also do something like "exfalso. apply H. reflexivity." where H is the name of the hypothesis x <> x
[Mon Jan 20 16:25:56 2014] <jrw> also "contradiction H" sometimes works
[Mon Jan 20 16:32:13 2014] <roosbeef> jrw thanks! :)
[Mon Jan 20 16:35:28 2014] <Anarchos> * is really impressed by the bazillions tactics on coq....
[Mon Jan 20 16:48:41 2014] <hodapp> 'bazillions'? What's that tactic do?
[Mon Jan 20 16:49:11 2014] <rmk0> hodapp: suspect whatever it does, it does a lot of it
[Mon Jan 20 16:50:26 2014] <Anarchos> hodapp i mean there are too much tactics in the standard libs
[Mon Jan 20 16:50:35 2014] <hodapp> :)
[Mon Jan 20 17:17:16 2014] <Igloo> Why doesn't this work? http://paste.debian.net/77493/
[Mon Jan 20 17:26:14 2014] <ezyang> Don't you have to open the module or something?
[Mon Jan 20 17:54:22 2014] <Igloo> ezyang: Ah, yeah, I think I need "Module Export impl : Sig". Thanks!
[Mon Jan 20 18:37:45 2014] <samg_> Is there a convention for the use of simpl before tactics that do a simpl implicitly, like reflexivity? I tend to omit the simpl, but would it be more clear to include it?
[Mon Jan 20 22:12:29 2014] <hodapp> must constructors always be disjoint, or can 'inversion' detect whether or not they are?
[Tue Jan 21 04:35:52 2014] <ziman> constructors are always disjoint
[Tue Jan 21 04:49:45 2014] <roosbeef> whats up guys
[Tue Jan 21 04:50:01 2014] <roosbeef> so ive got this assumption that is clearly false
[Tue Jan 21 04:50:05 2014] <roosbeef> H0 : subterm st (Var x)
[Tue Jan 21 04:50:25 2014] <roosbeef> basically saying "st is a subterm of Variable x"
[Tue Jan 21 04:50:39 2014] <roosbeef> which is impossible because variables dont have subterms (in this framework)
[Tue Jan 21 04:51:00 2014] <roosbeef> how do i alude coq to this fact
[Tue Jan 21 05:00:07 2014] <roosbeef> nevermind, coq has finally agreed with me haha
[Tue Jan 21 05:18:15 2014] <roosbeef> breakfast brb
[Tue Jan 21 07:50:50 2014] <hodapp> ziman: alrighty, good to know. Textbook showed how it was obviously the case with booleans, naturals, and lists, but I wasn't sure if any other possibilities existed.
[Tue Jan 21 07:51:15 2014] <hodapp> 'inversion' is a proof technique I've never seen before until now but it looks very powerful
[Tue Jan 21 08:04:41 2014] <ziman> http://lpaste.net/98847 <- you can prove disjointness yourself for any pair of data constructors
[Tue Jan 21 08:12:41 2014] <roosbeef> hm
[Tue Jan 21 08:13:06 2014] <roosbeef> so im unfolding this function inside assumption H3 https://privatepaste.com/7f306305cc
[Tue Jan 21 08:13:56 2014] <roosbeef> a (fix function ...) is revealed, with a case match inside
[Tue Jan 21 08:14:15 2014] <roosbeef> it has two cases, but one case is covered by another assumption, H2
[Tue Jan 21 08:15:07 2014] <roosbeef> how do i make coq realize that c is not Hole if H2 and H3 are congruent, and collapse that function to just the second option?
[Tue Jan 21 08:36:52 2014] <Cale> roosbeef: Of course, because it's a fixed point, you can't *really* remove the Hole case
[Tue Jan 21 08:37:23 2014] <Cale> roosbeef: But maybe there's some way to get Coq to rewrite fix f -> f (fix f)
[Tue Jan 21 08:37:31 2014] <Cale> and then do some reduction
[Tue Jan 21 08:38:54 2014] <roosbeef> what would you say are the odds
[Tue Jan 21 08:39:03 2014] <roosbeef> :p
[Tue Jan 21 08:40:19 2014] <roosbeef> btw found a way to do that induction that seems to work using http://coq.inria.fr/V8.2pl1/contribs/CoLoR.Term.Varyadic.VTerm.html#term_ind_forall
[Tue Jan 21 08:48:57 2014] <Cale> ah, nice
[Tue Jan 21 08:49:40 2014] <roosbeef> yep
[Tue Jan 21 08:50:00 2014] <Cale> hmm, I think you'll also have a problem even if you get the fixpoint to unfold
[Tue Jan 21 08:50:23 2014] <roosbeef> hm
[Tue Jan 21 08:50:45 2014] <Cale> Because it's hard to infer from x <> Hole that exists ..., x = Cont f v1 c' v2
[Tue Jan 21 08:51:00 2014] <roosbeef> why
[Tue Jan 21 08:51:14 2014] <Cale> Because x <> Hole doesn't tell us which f, v1, c', v2 to use
[Tue Jan 21 08:51:29 2014] <roosbeef> hm
[Tue Jan 21 08:51:38 2014] <roosbeef> https://privatepaste.com/1a23ab481d
[Tue Jan 21 08:51:47 2014] <roosbeef> if we go back a few steps
[Tue Jan 21 08:51:57 2014] <roosbeef> thats the current status
[Tue Jan 21 08:52:11 2014] <roosbeef> im pretty sure it should be fairly straight forward to wrap that up
[Tue Jan 21 08:52:39 2014] <roosbeef> H1 says that st is in v (if st is a subterm in Fun f v, it must be in the argument list v)
[Tue Jan 21 08:53:28 2014] <roosbeef> H and H0 both say (indirectly) that fterm_v_is_wf v
[Tue Jan 21 08:53:39 2014] <roosbeef> and so the subgoal must be true
[Tue Jan 21 08:53:56 2014] <roosbeef> brb meeting with a friend for coffee
[Tue Jan 21 08:53:59 2014] <roosbeef> <3
[Tue Jan 21 08:54:01 2014] <Cale> ok
[Tue Jan 21 19:20:20 2014] <hodapp> with I could understand what "Error: Statement without assumptions" meant
[Tue Jan 21 19:22:03 2014] <ianjneu> You're trying to apply some hypothesis that isn't a function.
[Tue Jan 21 19:22:03 2014] <hodapp> s/with/wish/
[Tue Jan 21 19:23:51 2014] <hodapp> that isn't a function? I'm not sure what you mean
[Tue Jan 21 19:24:50 2014] <hodapp> SF is showing it being used with hypotheses and theorems
[Tue Jan 21 19:32:43 2014] <ianjneu> you can apply some hypothesis of the form A -> B or forall x, B x, but you can't apply a theorem/hypothesis of something not immediately known to be of that form.
[Tue Jan 21 19:36:43 2014] <Cale> You could also apply a hypothesis whose type is equal to your goal, but that's kind of a base case.
[Tue Jan 21 19:42:12 2014] <ianjneu> an ad-hoc base case. I use exact in that case by principle.
[Tue Jan 21 22:05:48 2014] <Ptival> jgross: nice wishlist :)
[Tue Jan 21 22:40:59 2014] <hodapp> http://lpaste.net/98930 - I am not really sure if I overcomplicated this proof or not, given the concepts the book has used so far... would anybody be willing to take a look and see if I missed any obvious, simpler ways to prove that 2nd theorem?
[Tue Jan 21 23:56:07 2014] <Cale> hodapp: Whenever your goal involves an equality between two things which are constructed with distinct constructors, you can use discriminate to get rid of it.
[Wed Jan 22 00:13:30 2014] <Cale> induction n as [| n']; destruct m as [| m']; try (reflexivity || discriminate).  -- this would knock off the 3 boring cases for you so that only the interesting one is left.
[Wed Jan 22 02:43:39 2014] <roosbeef> right
[Wed Jan 22 02:43:53 2014] <roosbeef> so ive got this assumption with a 'fix f' inside
[Wed Jan 22 02:44:02 2014] <roosbeef> see H1 in https://privatepaste.com/9db2854eda
[Wed Jan 22 02:44:41 2014] <roosbeef> ftv should match with the second case so i can unfold 'lforall fterm_v_is_wf args'
[Wed Jan 22 02:45:03 2014] <roosbeef> how does one handle such 'fix f' inside of assumptions?
[Wed Jan 22 06:07:07 2014] <roosbeef> is it possible to apply an A -> B -> C lemma using H0 : A and H1 : B?
[Wed Jan 22 06:07:18 2014] <roosbeef> (adding C as H2 for example)
[Wed Jan 22 06:24:56 2014] <roosbeef> nevermind :p
[Wed Jan 22 08:22:15 2014] <Cale> pose (H2 := f H0 H1)
[Wed Jan 22 08:33:30 2014] <roosbeef> ha tx :)
[Wed Jan 22 08:38:29 2014] <hodapp> Cale: ahh, I wasn't aware of the 'discriminate' command. The textbook hadn't yet mentioned it. It had mentioned that 'inversion' will get rid of those cases which use different constructors, and I could see clearly how 0 = S (...) is different constructors, but I don't see what other places had different constructors that I could immediately eliminate.
[Wed Jan 22 09:08:14 2014] <roosbeef> meh
[Wed Jan 22 09:08:27 2014] <roosbeef> i cant figure out how to perform induction on subterms
[Wed Jan 22 09:12:42 2014] <hodapp> got an example to post? I am not tooooo experienced but I can look
[Wed Jan 22 09:12:50 2014] <roosbeef> sure
[Wed Jan 22 09:12:54 2014] <roosbeef> do you have CoLoR installed?
[Wed Jan 22 09:13:58 2014] <roosbeef> ive got all aspects of the proof covered except for the induction
[Wed Jan 22 09:33:24 2014] <hodapp> I don't
[Wed Jan 22 16:36:32 2014] <ianjneu> So, I'm used to the general recursive functions of ACL2 giving rise to induction schemes. I have a function I admitted with Fix, and I'm looking for the way to produce the induction scheme "induced by the structure of the recursive function."
[Wed Jan 22 16:39:12 2014] <hodapp> * stares blankly.
[Wed Jan 22 16:54:31 2014] <ianjneu> figured it out, just have to duplicate proofs (barf).
[Wed Jan 22 22:11:44 2014] <hodapp> http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html#lab134 trying to grok this...
[Wed Jan 22 22:13:57 2014] <hodapp> So, if I introduce a variable into the context, in effect this is saying 'for some single...' rather than 'for every...'?
[Wed Jan 22 22:14:12 2014] <hodapp> is this something rather specific to induction?
[Wed Jan 22 23:35:10 2014] <roosbeef> whats up guys
[Wed Jan 22 23:35:30 2014] <roosbeef> ive been kinda struggling with induction over subterms
[Wed Jan 22 23:35:48 2014] <roosbeef> i think im realizing now where the crux lies
[Wed Jan 22 23:36:01 2014] <roosbeef> im using CoLoR which is a library on term rewriting
[Wed Jan 22 23:36:56 2014] <roosbeef> ive figured out all aspects of the lemma im trying to prove except for the induction part
[Wed Jan 22 23:38:12 2014] <roosbeef> so what i think has happened is the following
[Wed Jan 22 23:39:49 2014] <roosbeef> heres the proof mode status after having done term_ind_forall https://privatepaste.com/c677508dc1
[Wed Jan 22 23:41:26 2014] <roosbeef> you can see from this that the subgoal is true
[Wed Jan 22 23:42:52 2014] <roosbeef> H0 means that Fun f v is wellformed, which means that any subterms thereof are wf (so anything in v), and x is in v (H1), st is a subterm of x, so the subgoal is true
[Wed Jan 22 23:46:07 2014] <roosbeef> but in coq [subterm_eq st t] is defined as "t = fill x st", if theres a 'hole' in term t, and youd fill it with st, youd get term t
[Wed Jan 22 23:46:38 2014] <roosbeef> and so what i think is missing in my proof is induction over that hole, to somehow cover all possible positions of the hole in term t
[Wed Jan 22 23:49:45 2014] <roosbeef> sooo yea, thats where im stuck, i have tried to just do 'induction x' there, but somehow things dont seem to click into place. Maybe because of the structure of terms/subterms? Im probably overlooking something... anyone?
[Thu Jan 23 04:19:03 2014] <osa1> hi guys, as my undergraduate dissertation I want to mechanize theory of a multi-staged lambda calculus in Coq. I already finished SF book and I want to use definition in that book as a starting point. I was wondering if name binding method used in that book(functions as environments + extensional equality axiom) is good enough for my purposes or do I need to
[Thu Jan 23 04:19:03 2014] <osa1> use some other method? any ideas on that?
[Thu Jan 23 04:36:56 2014] <osa1> what's in a ModuleName.glob file?
[Thu Jan 23 06:06:00 2014] <osa1> can anyone help me with this http://lpaste.net/98984
[Thu Jan 23 06:14:16 2014] <osa1> never mind guys. I did it with some generalize dependent blah commands.
[Thu Jan 23 07:36:37 2014] <osa1> wpw
[Thu Jan 23 07:36:53 2014] <osa1> wow, (n + 1) this pattern matching on nats worked ...
[Thu Jan 23 11:30:38 2014] <ccasin> osa1: I think you will run into a bit of trouble if you try to extend the name binding approach in that book to more complicated systems
[Thu Jan 23 11:31:21 2014] <ccasin> It was chosen because it allows SF to side-step the standard bit of machinery around "capture-avoiding substitution"
[Thu Jan 23 11:31:25 2014] <ccasin> but it doesn't scale
[Thu Jan 23 11:31:34 2014] <ccasin> for a real project, I'd use de Bruijn indices
[Thu Jan 23 15:58:47 2014] <Aa3ai> hello
[Thu Jan 23 15:59:20 2014] <ianjneu> Aa3ai: welcome
[Thu Jan 23 16:05:27 2014] <Aa3ai> trying to prove beq_nat n m = true -> n = m.
[Thu Jan 23 16:07:31 2014] <Aa3ai> http://lpaste.net/8156929754587463680 but seemingle it gets nowhere...
[Thu Jan 23 16:07:36 2014] <Aa3ai> hints are appreciated
[Thu Jan 23 16:10:27 2014] <ystael> Aa3ai: this is one of the things `inversion` is good for : eliminating cases with impossible hypotheses
[Thu Jan 23 16:14:12 2014] <Aa3ai> ystael: yeah http://lpaste.net/8672537181153132544 but now i'm stuck here, i have a feeling that i started that proof somehow wrong.
[Thu Jan 23 16:16:05 2014] <Aa3ai> sorry if i'm talking nonsense, i'm really not good at coq yet
[Thu Jan 23 16:16:39 2014] <ystael> You're getting somewhere
[Thu Jan 23 16:16:44 2014] <ystael> Aa3ai: you probably need to do something that will discriminate whether m is O or S m'
[Thu Jan 23 16:17:24 2014] <ystael> You did so in the n = O case, but you need to do it also for the n = S n' case
[Thu Jan 23 16:18:10 2014] <Aa3ai> ystael: do you mean, apply induction in n = S n' case?
[Thu Jan 23 16:19:12 2014] <ystael> induction or destruct, yes.  If you don't actually need to use an induction hypothesis on m, you can use destruct instead of induction
[Thu Jan 23 16:20:14 2014] <Aa3ai> ystael: got it thanks
[Thu Jan 23 16:20:28 2014] <ystael> np, good luck
[Thu Jan 23 16:21:15 2014] <Aa3ai> he-he, it seems it actually took me to base case but in "S" way. http://lpaste.net/3332770467076374528
[Thu Jan 23 16:22:54 2014] <ystael> This is a case where you maybe didn't actually want to use induction on m, because it rewrote the inductive hypotheses in a way you don't want
[Thu Jan 23 16:24:27 2014] <Aa3ai> http://lpaste.net/3182305779738738688 gives a bit different result but goal is the same
[Thu Jan 23 16:25:52 2014] <Aa3ai> after "rewrite <- H in IHn."  IHn becames "beq_nat n (S m) = beq_nat (S n) (S m) -> n = S m"
[Thu Jan 23 16:26:15 2014] <Aa3ai> it's (beq_nat n (S m) = beq_nat (S n) (S m)) clearly something impossible but i can't use inversion here
[Thu Jan 23 16:26:24 2014] <Aa3ai> because IHn is not inductive
[Thu Jan 23 16:27:02 2014] <Aa3ai> "intros IHn" gives nothing
[Thu Jan 23 16:28:31 2014] <Aa3ai> so does it mean it;s dead end?
[Thu Jan 23 16:30:05 2014] <hodapp> Aa3ai: wow, I think you are on the same problem I was on a few days ago...
[Thu Jan 23 16:31:02 2014] <hodapp> I solved that one but I did so in a kind of ugly way, I felt
[Thu Jan 23 16:31:20 2014] <ystael> Aa3ai: If the inductive hypothesis is not in the form you want, you may have intro'd too much before inducting
[Thu Jan 23 16:32:02 2014] <ystael> so your inductive theorem on n is too weak -- it's only for a specific m rather than all m
[Thu Jan 23 16:33:52 2014] <Aa3ai> heh, proved by accident http://lpaste.net/6577369537648263168
[Thu Jan 23 16:33:59 2014] <hodapp> I hadn't realized you could just do 'destruct m' and 'induction m', not 'destruct m as ...' or 'induction m as...'
[Thu Jan 23 16:34:24 2014] <hodapp> Aa3ai: you working through SF?
[Thu Jan 23 16:34:31 2014] <ystael> hodapp: It's better to use the as-clause because that gives you control over the names of the generated identifiers, which you need for automation
[Thu Jan 23 16:34:37 2014] <ianjneu> Sooooooo, motives. http://lpaste.net/99003
[Thu Jan 23 16:35:18 2014] <Aa3ai> hodapp: yep
[Thu Jan 23 16:35:27 2014] <hodapp> ystael: the textbook always uses the as-clause, it looks like, so I tended to follow suit
[Thu Jan 23 16:35:35 2014] <hodapp> Aa3ai: me too and I think we are at roughly the same point in the book
[Thu Jan 23 16:35:43 2014] <Aa3ai> hodapp: heh
[Thu Jan 23 16:35:56 2014] <hodapp> huh, what would it mean to have 'reflexivity' followed by 'exact H'?
[Thu Jan 23 16:36:24 2014] <hodapp> my solution at that final case was: intros eq. simpl in eq. apply IHn' in eq. rewrite eq. reflexivity.
[Thu Jan 23 16:36:31 2014] <hodapp> it might be redundant or larger than normal
[Thu Jan 23 16:36:39 2014] <Aa3ai> hodapp: i'm not really sure, it's proved by accident, i just followed the coq
[Thu Jan 23 16:37:05 2014] <ystael> ianjneu: wat
[Thu Jan 23 16:38:23 2014] <Aa3ai> apply IHn in H. rewrite H. reflexivity. rewrote it like that
[Thu Jan 23 16:38:38 2014] <hodapp> the 'simpl in eq.' in mine is definitely not needed; 'apply' does a 'simpl' first
[Thu Jan 23 16:38:50 2014] <ianjneu> ystael: ya, exactly. I'm trying to prove that bool is finite (equivalent to fin 2), and I get to a point where I need a fancy motive that for one needs to know that the fin-ness of the discriminee is greater than 0 (which it always is)
[Thu Jan 23 16:38:50 2014] <hodapp> which makes mine basically identical to yours
[Thu Jan 23 16:39:07 2014] <Aa3ai> ystael: so how one should determine what to intro and what to not?
[Thu Jan 23 16:39:17 2014] <ianjneu> ystael: this is a trimmed down version that still overflows.
[Thu Jan 23 16:39:31 2014] <hodapp> Aa3ai: the chapter you're on, shortly after that problem, goes into a bit of detail on this
[Thu Jan 23 16:39:37 2014] <ystael> ianjneu: I guess it seems a little weird that the O case of your dependent return type is a function yielding False : Prop, but the S n' case yields Prop instead of True : Prop ?
[Thu Jan 23 16:39:42 2014] <ystael> bit tjat
[Thu Jan 23 16:39:48 2014] <ystael> but that's just what my eyeballs trip over
[Thu Jan 23 16:40:31 2014] <ianjneu> oh, you're right that's off, but even fixing that, it overflows.
[Thu Jan 23 16:41:37 2014] <ystael> Aa3ai: Practice. The general instinct is as I said though -- if your inductive hypothesis is too weak to prove what you want, you can strengthen it by trying to inductively prove a stronger thing, which often means generalizing over more variables
[Thu Jan 23 16:42:04 2014] <Aa3ai> ystael: That makes sense, thank you!
[Thu Jan 23 16:44:32 2014] <ystael> ianjneu: It doesn't overflow for me in stock Coq 8.4pl2
[Thu Jan 23 16:44:48 2014] <Aa3ai> do you guys belive that theorem proving using martin lof type theory will ever succeed over what we have in coq?
[Thu Jan 23 16:44:54 2014] <Aa3ai> what we have in coq btw?
[Thu Jan 23 16:45:06 2014] <ystael> ianjneu: Eval compute in why_overflow F1 is perfectly happy to yield I: True
[Thu Jan 23 16:46:44 2014] <Aa3ai> you know there are agda theorem provers based on martin lof type theory but frankly i don't find it more usable for theorem proving than coq
[Thu Jan 23 16:47:04 2014] <ystael> Aa3ai: Before I started working through the homotopy type theory book, I was working through SF simultaneously in Coq and Agda
[Thu Jan 23 16:47:15 2014] <ystael> I got up to a point just a little farther than you are now
[Thu Jan 23 16:47:24 2014] <Aa3ai> ystael: with agda?
[Thu Jan 23 16:47:36 2014] <ystael> With both.  Some things are easier in Coq, some things are easier in Agda.
[Thu Jan 23 16:48:13 2014] <ystael> I've heard many people say that Agda becomes unreasonably difficult for large developments because of the lack of tactics; I don't have the experience to say, myself.
[Thu Jan 23 16:48:14 2014] <Anarchos> ystael i wonder why they don't release a verifier program with the homotopy type theory book  !!
[Thu Jan 23 16:48:31 2014] <ystael> uh, github.com/HoTT/coq ?
[Thu Jan 23 16:49:23 2014] <Anarchos> ystael it is for coq, but reading the book it looks that they have all in the annexes to write a (possibly) more powerful tool
[Thu Jan 23 16:49:41 2014] <Aa3ai> i tried agda on SF but it was so much harder to do in agda so i dropped it for time being, it feels a bit more natural to prove in coq and so hard to wrap my head around the way agda suggests to prove things
[Thu Jan 23 16:50:09 2014] <ystael> Anarchos: as I understand it, it is not yet clear (to researchers in the field) what the computational interpretation of HoTT constructs should even be
[Thu Jan 23 16:50:36 2014] <Aa3ai> i guess i'm having huge gap in my knowlege somewhere that it makes agda so hard and coq so easy
[Thu Jan 23 16:50:38 2014] <Anarchos> ystael i am aware of that point. But the annex 2 is really astonishing
[Thu Jan 23 16:50:41 2014] <ystael> Aa3ai: if you're curious, you can look at my exercises repo: https://github.com/ystael/sf
[Thu Jan 23 16:50:51 2014] <Aa3ai> ystael: cool, thanks
[Thu Jan 23 16:51:25 2014] <Aa3ai> i wonder what should i study to be able to get basic intuition on how to prove in agda...
[Thu Jan 23 16:51:25 2014] <ystael> Aa3ai: I won't lie, there have been several points so far where I wanted to punch the Agda pattern matching engine in its stupid face
[Thu Jan 23 16:51:48 2014] <Cale> There is apparently a computational interpretation now!
[Thu Jan 23 16:52:12 2014] <Cale> https://github.com/simhu/cubical
[Thu Jan 23 16:52:29 2014] <Aa3ai> ystael: ha-ha
[Thu Jan 23 16:52:51 2014] <ystael> Aa3ai: Ulf Norell's agda tutorial PDF was a big help
[Thu Jan 23 16:52:55 2014] <ianjneu> Cale: UA, yes. HITs, no.
[Thu Jan 23 16:53:00 2014] <ystael> even though the names of all the library primitives have changed since then
[Thu Jan 23 16:53:51 2014] <Aa3ai> ystael: http://www.cse.chalmers.se/~ulfn/papers/afp08/tutorial.pdf that one?
[Thu Jan 23 16:53:55 2014] <ystael> yep
[Thu Jan 23 16:54:01 2014] <Aa3ai> ystael: great, thanks once again
[Thu Jan 23 16:54:13 2014] <ystael> np, also I learned a bunch from Saizan and some other people on #agda
[Thu Jan 23 16:55:33 2014] <Cale> ianjneu: well, yeah :)
[Thu Jan 23 16:55:39 2014] <ianjneu> ystael: I have 8.4pl2 as well.
[Thu Jan 23 16:55:58 2014] <ystael> ianjneu: hm, I don't know why it barfs for you and not for me then
[Thu Jan 23 16:56:11 2014] <Cale> Though are there actual fundamental difficulties with HITs?
[Thu Jan 23 16:56:17 2014] <ystael> All I did was paste your code (with the Prop => True correction) into a fresh buffer and evaluate it
[Thu Jan 23 16:56:48 2014] <ystael> oh, oh, wait, I lied, I have 8.4pl1
[Thu Jan 23 16:57:22 2014] <ystael> pl2 is on my other machine
[Thu Jan 23 16:57:47 2014] <ianjneu> ystael: okay, so it's clearly a bug and not me being a nob.
[Thu Jan 23 16:58:04 2014] <ystael> seems like it, yeah
[Thu Jan 23 17:01:37 2014] <hodapp> why can't it be both? ;)
[Thu Jan 23 17:02:35 2014] <ianjneu> hodapp: you're not distinguished enough here to suggest such a notion.
[Thu Jan 23 17:02:52 2014] <ianjneu> but ya, it's definitely both.
[Thu Jan 23 17:03:17 2014] <hodapp> pffffft.
[Thu Jan 23 17:04:24 2014] <ianjneu> I don't know the unicode for sarcasteses.
[Thu Jan 23 17:05:01 2014] <ianjneu> sarcastises* (still a neologism)
[Thu Jan 23 17:07:15 2014] <hodapp> Agda's on my list of things to learn, but it'll be down the road somewhere.
[Thu Jan 23 17:07:20 2014] <hodapp> hopefully knowing some Haskell will help.
[Thu Jan 23 17:10:15 2014] <ianjneu> ehh, it's very different.
[Thu Jan 23 17:12:19 2014] <hodapp> I thought I'd read that it had some similarities, in terms of appearance if nothing else
[Thu Jan 23 17:15:58 2014] <Cale> I sort of discovered that I already "knew" how to write Coq code, or at least, that I could be successful in getting the typechecker to accept things by mashing on my keyboard until the proofs were done :)
[Thu Jan 23 17:16:13 2014] <ianjneu> it has annoying pattern matching and an oppressive type checker, so ya, in some ways like Haskell.
[Thu Jan 23 17:16:23 2014] <hodapp> Cale: that's how I defeat the C++ type checks.
[Thu Jan 23 17:16:27 2014] <hodapp> ianjneu :)
[Thu Jan 23 17:17:04 2014] <Cale> It's kind of just like Haskell with fancier types and some MLish syntax here and there, and then there's the whole tactics thing.
[Thu Jan 23 17:18:15 2014] <ianjneu> Cale: motives, strict positivity, and strong normalization are the big differences.
[Thu Jan 23 17:19:51 2014] <Cale> Well, strong normalisation doesn't seem to require much in the way of learning. I can't say much about the other two (what are motives?). I suppose you do need to be aware about the structural conditions on recursion in various situations.
[Thu Jan 23 17:21:17 2014] <ianjneu> motives are the type families you inhabit with dependent eliminators. In Coq, they're the types given in the "return" part of the match form.
[Thu Jan 23 17:21:42 2014] <Cale> Oh, okay
[Thu Jan 23 17:23:08 2014] <ystael> ianjneu: I don't suppose "motives" in this sense is related to motivic cohomology?
[Thu Jan 23 17:23:31 2014] <hodapp> * . o O ( is that a term ystael just completely made up? )
[Thu Jan 23 17:23:40 2014] <Cale> It's not :)
[Thu Jan 23 17:23:52 2014] <Cale> (and I don't think so)
[Thu Jan 23 17:24:05 2014] <Cale> http://en.wikipedia.org/wiki/Motivic_cohomology
[Thu Jan 23 17:24:07 2014] <hodapp> I'll pair those answers up however I like...
[Thu Jan 23 17:24:34 2014] <ianjneu> man, Grothendieck was the man.
[Thu Jan 23 17:24:42 2014] <ystael> Still is, as far as I know :)
[Thu Jan 23 17:25:07 2014] <ianjneu> He could be dead on a mountainside for all anyone knows.
[Thu Jan 23 17:25:11 2014] <ystael> yeah
[Thu Jan 23 17:25:31 2014] <ystael> I wonder how many more years it will take us to get to the end of "what Grothendieck was thinking" though
[Thu Jan 23 17:27:06 2014] <ianjneu> Bourbaki are a bunch of bastards, the math world has gone to hell, the good old days are long gone.
[Thu Jan 23 17:27:35 2014] <ianjneu> and fuck anyone who profits from my work
[Thu Jan 23 17:27:47 2014] <Cale> wat
[Thu Jan 23 17:27:50 2014] <hodapp> wat
[Thu Jan 23 17:28:37 2014] <ianjneu> Y'all don't know your math history?
[Thu Jan 23 17:28:44 2014] <ianjneu> Get with it.
[Thu Jan 23 17:28:51 2014] <hodapp> my degree is in electrical engineering.
[Thu Jan 23 17:29:01 2014] <ianjneu> My degree is in computer science.
[Thu Jan 23 17:29:03 2014] <Cale> I don't understand what you're referring to by "the good old days"
[Thu Jan 23 17:29:14 2014] <hodapp> I might do a graduate degree in Comp Sci. I dunno.
[Thu Jan 23 17:29:22 2014] <Cale> or in saying that the math world has gone to hell
[Thu Jan 23 17:29:39 2014] <Cale> It seems as good as it's ever been to me.
[Thu Jan 23 17:29:54 2014] <Anarchos> Cale without grothendieck there should be no topos, no coq, and no hott :)
[Thu Jan 23 17:29:54 2014] <ianjneu> Cale: he was a prominent member of Bourbaki, and new blood came in and changed the group's direction in ways he vehemently disagreed with.
[Thu Jan 23 17:30:19 2014] <Cale> Oh, you're referring to Grothendieck specifically
[Thu Jan 23 17:30:22 2014] <hodapp> * wanders off to the gym
[Thu Jan 23 17:30:24 2014] <ianjneu> ya
[Thu Jan 23 17:30:44 2014] <ianjneu> my works were conjectures of "what Grothendieck was thinking"
[Thu Jan 23 17:30:47 2014] <ianjneu> words*
[Thu Jan 23 17:32:47 2014] <Cale> It's not like the stuff he did has stopped existing or that people have stopped working on it though.
[Thu Jan 23 17:33:28 2014] <Cale> Oh, I see what you mean, you were speaking as if you were Grothendieck :)
[Thu Jan 23 17:35:52 2014] <Cale> Yeah, he sort of went nuts as I recall, trying to claw back everything he'd ever written.
[Thu Jan 23 17:36:41 2014] <Anarchos> Cale i find it very sane of him trying to forbid french government to takeover his work
[Thu Jan 23 17:39:24 2014] <Cale> Anarchos: Well, he apparently requested that libraries with copies of his work remove them and such
[Thu Jan 23 17:39:42 2014] <Cale> Which seems a little extreme
[Thu Jan 23 17:39:47 2014] <Anarchos> Cale copies of his manuscript works, not the book if i remember
[Thu Jan 23 17:40:09 2014] <Anarchos> anyway he is a genius and i find that astonishing the work he achieved
[Thu Jan 23 17:53:15 2014] <ianjneu> bah, bug persists in pl3.
[Thu Jan 23 18:06:44 2014] <ianjneu> even smaller. http://lpaste.net/99013
[Thu Jan 23 18:07:38 2014] <ianjneu> wat the what wat
[Thu Jan 23 18:20:06 2014] <jgross> ianjneu: what's wrong with that?  If it doesn't work, then my answer is "Coq isn't always great at inferring 'return' arguments", and if it does, my answer is "Coq has recently gotten a lot better at inferring 'return' arguments."	Try "Set Printing All." and print out the term? 
[Thu Jan 23 18:24:47 2014] <jgross> Oh, I missed the title on the lpaste.  Anyway, Matthieu has answered on coq-club. 
[Thu Jan 23 18:35:10 2014] <jgross> ianjneu: Type inference is done from left to right, so it doesn't know it's looking for [return (n = n -> nat)], and loops on trying to infer the return clause.  If you replace [end)] with [end : n = n -> nat)], it compiles fine. 
[Thu Jan 23 23:05:58 2014] <ianjneu> jgross: thanks
[Fri Jan 24 04:53:06 2014] <roosbeef> so im working with CoLoR (lib on term rewriting)
[Fri Jan 24 04:54:07 2014] <roosbeef> im trying to prove that, given P t, forall st (subterm of t) P st
[Fri Jan 24 04:54:23 2014] <roosbeef> its inherent to P that if P holds for t it holds for all subterms of t
[Fri Jan 24 04:54:53 2014] <roosbeef> eg. https://privatepaste.com/3f640c9953
[Fri Jan 24 04:55:26 2014] <roosbeef> the subgoal follows from H2, H1 and H0
[Fri Jan 24 04:58:46 2014] <roosbeef> but i cant find an induction method in the library that would tie these together
[Fri Jan 24 05:01:28 2014] <roosbeef> what do i do? Ive tried many things that didnt work but im pretty certain this should not be too difficult
[Fri Jan 24 07:33:30 2014] <roosbeef> brb
[Fri Jan 24 10:20:48 2014] <jrw> roosbeef: if I were you, I'd try changing your P to be something as simple as possible and then try some of the induction schemes to see how they work in the simple case.
[Fri Jan 24 10:22:23 2014] <ystael> ianjneu: ??!!.  Does it still overflow if you eta-expand the match and extract it as a separate definition?
[Fri Jan 24 10:42:39 2014] <ianjneu> ystael: From coq-club, I just need to give a more specific return clause.
[Fri Jan 24 10:55:36 2014] <roosbeef> so id like to assert (st = (Fun f v) \/ st <> (Fun f v)).
[Fri Jan 24 10:57:06 2014] <roosbeef> how do i use term_eq_dec to prove this? (From color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html)
[Fri Jan 24 11:00:48 2014] <Cale> term_eq_dec (Fun f v) : forall u : term, {Fun f v = u} + {Fun f v <> u}
[Fri Jan 24 11:01:27 2014] <Cale> oh, or st is a specific term, so you probably want to apply that one first to have them in the order you were looking for
[Fri Jan 24 11:01:41 2014] <Cale> term_eq_dec st (Fun f v) : {st = Fun f v} + {st <> Fun f v}
[Fri Jan 24 11:01:51 2014] <ystael> ianjneu: i still don't understand how to write return annotations for dependent matches :|
[Fri Jan 24 11:02:21 2014] <roosbeef> Cale, yea its a specific term :p
[Fri Jan 24 11:03:20 2014] <roosbeef> Cale, so what exactly is that? A Lemma? An application of term_eq_dec?
[Fri Jan 24 11:03:41 2014] <Cale> application
[Fri Jan 24 11:12:02 2014] <roosbeef> hm
[Fri Jan 24 11:12:06 2014] <roosbeef> given this status https://privatepaste.com/036c94064c
[Fri Jan 24 11:12:33 2014] <roosbeef> how do i say "x cannot be Hole, because if it were Hole, then H0 would be false"
[Fri Jan 24 11:12:55 2014] <roosbeef> (since fill Hole z = z)
[Fri Jan 24 11:14:05 2014] <Cale> What happens if you do intros?
[Fri Jan 24 11:15:45 2014] <Cale> oh, you might have to unfold not.
[Fri Jan 24 11:16:13 2014] <Cale> Sometimes I don't really understand why things like that don't happen automatically :P
[Fri Jan 24 11:17:19 2014] <Cale> x <> Hole is the same thing as (x = Hole) -> False
[Fri Jan 24 11:18:08 2014] <Cale> But it's *really* the same thing as  not (x = Hole)  and for whatever reason, that doesn't expand to  (x = Hole) -> False  on its own.
[Fri Jan 24 11:19:14 2014] <roosbeef> ok that problem is solved :)
[Fri Jan 24 11:19:32 2014] <roosbeef> but what did you mean by  term_eq_dec st (Fun f v) : {st = Fun f v} + {st <> Fun f v}
[Fri Jan 24 11:19:45 2014] <roosbeef> how do i apply that
[Fri Jan 24 11:19:45 2014] <Cale> I mean, that's a term of the type you were asking for
[Fri Jan 24 11:19:53 2014] <Cale> apply (term_eq_dec st (Fun f v))
[Fri Jan 24 11:20:06 2014] <Cale> or perhaps
[Fri Jan 24 11:20:13 2014] <Cale> pose (G := term_eq_dec st (Fun f v))
[Fri Jan 24 11:20:24 2014] <Cale> Depending on how you wanted to use it
[Fri Jan 24 11:20:42 2014] <roosbeef> Error: Impossible to unify "{st = Fun f v} + {st <> Fun f v}" with "st = Fun f v \/ st <> Fun f v".
[Fri Jan 24 11:20:46 2014] <Cale> oh, right
[Fri Jan 24 11:21:00 2014] <roosbeef> yea thats the root issue i guess :p
[Fri Jan 24 11:21:02 2014] <Cale> It's this silly Prop/Type thing, there are many definitions of "or"
[Fri Jan 24 11:21:08 2014] <Cale> Definition sumbool_to_or {A B} (p : { A } + { B }) : A \/ B.
[Fri Jan 24 11:21:08 2014] <Cale>   induction p.
[Fri Jan 24 11:21:09 2014] <Cale>   apply (or_introl a).
[Fri Jan 24 11:21:09 2014] <Cale>   apply (or_intror b).
[Fri Jan 24 11:21:09 2014] <Cale> Defined.
[Fri Jan 24 11:22:15 2014] <Cale> Of course, you could also just inline that reasoning by doing induction (term_eq_dec st (Fun f v))
[Fri Jan 24 11:23:16 2014] <roosbeef> ha perfect
[Fri Jan 24 11:23:18 2014] <roosbeef> ill do that
[Fri Jan 24 11:23:30 2014] <roosbeef> i find that to be more elegant as well
[Fri Jan 24 11:23:36 2014] <roosbeef> thanks vm :)
[Fri Jan 24 11:24:31 2014] <Cale> I should really try to understand what Prop is good for.
[Fri Jan 24 11:25:32 2014] <roosbeef> maybe its a very elaborate practical joke
[Fri Jan 24 11:25:47 2014] <roosbeef> j/k that would be cool though
[Fri Jan 24 11:26:24 2014] <Cale> I mean, sure, it means you can prove  forall P Q : Prop, P \/ Q -> Q \/ P and have that itself be a Prop
[Fri Jan 24 11:26:36 2014] <Cale> Without going up a universe level
[Fri Jan 24 11:27:02 2014] <Cale> But what does that really do for you in practical terms? Why does it *matter* that it doesn't land in another universe?
[Fri Jan 24 11:28:26 2014] <Cale> (and is it really worth duplicating *everything* for Prop and Type and every possible combination of the two?)
[Fri Jan 24 11:31:11 2014] <roosbeef> No more subgoals.
[Fri Jan 24 11:31:12 2014] <Cale> I'd love to see someone more experienced come up with an example where you'd just get stuck, or be forced into a really awkward position without Prop's impredicativity.
[Fri Jan 24 11:31:18 2014] <roosbeef> * runs around hysterically
[Fri Jan 24 11:31:27 2014] <Cale> Congrats!
[Fri Jan 24 11:31:31 2014] <roosbeef> :D
[Fri Jan 24 11:33:18 2014] <roosbeef> thanks again for helping out Cale
[Fri Jan 24 11:33:24 2014] <Cale> No problem :)
[Fri Jan 24 11:33:33 2014] <roosbeef> im gonna call it a day haha
[Fri Jan 24 11:33:54 2014] <roosbeef> been hammering at this lemma for WEEKS literally hahaha
[Fri Jan 24 11:34:10 2014] <Cale> Paste the final result?
[Fri Jan 24 11:34:15 2014] <roosbeef> sure
[Fri Jan 24 11:34:33 2014] <Cale> This is the "all subterms of a WF term are themselves WF" thing?
[Fri Jan 24 11:34:46 2014] <roosbeef> yep
[Fri Jan 24 11:34:51 2014] <roosbeef> https://privatepaste.com/3c9bd0c85a
[Fri Jan 24 11:37:19 2014] <roosbeef> hm
[Fri Jan 24 11:37:26 2014] <roosbeef> wf_t_then_wf_st is redundant, that was just a simplified version to practice on
[Fri Jan 24 11:40:47 2014] <roosbeef> aaaaanyway
[Fri Jan 24 11:40:50 2014] <roosbeef> im out
[Fri Jan 24 11:40:51 2014] <roosbeef> ttyl :)
[Fri Jan 24 11:43:54 2014] <ianjneu> ystael: it's tricky.
[Fri Jan 24 11:56:51 2014] <Cale> ianjneu: Maybe you know why Prop is important?
[Fri Jan 24 11:57:18 2014] <Cale> I don't understand what makes impredicativity really nice.
[Fri Jan 24 11:57:33 2014] <Cale> (So much so that it's worth duplicating so much functionality)
[Fri Jan 24 12:47:03 2014] <ianjneu> Cale: I believe the person who knows best about the merits of impredicativity is Thorsten Altenkirch. I can't readily find the materials I've read before by him that spell out those merits, however.
[Fri Jan 24 12:47:53 2014] <Cale> Thanks for the pointer
[Fri Jan 24 14:46:08 2014] <ianjneu> gah, so many publications on, "hey, look what I proved in Coq!" with broken links to the scripts or none at all. I don't want to reprove Kleene's fixed point theorem! Graaaah
[Fri Jan 24 14:47:08 2014] <ystael> ianjneu: if github ever goes under we're gonna have a bad time
[Fri Jan 24 15:00:40 2014] <ianjneu> ystael: dunno about you, but I have local copies of my repos.
[Fri Jan 24 15:02:56 2014] <ystael> ianjneu: yeah, but it's going to make finding other people's code even more challenging
[Fri Jan 24 15:13:18 2014] <ianjneu> ystael: one of my co-authors uses a private svn server. It's terribel.
[Fri Jan 24 15:13:20 2014] <ianjneu> tirrebl
[Fri Jan 24 15:13:31 2014] <ianjneu> can't even spell correctly the rage is so much.
[Fri Jan 24 15:13:59 2014] <Cale> ianjneu: There was some project to use VMs to ensure that things like that wouldn't bitrot
[Fri Jan 24 15:14:30 2014] <Cale> Of course, if the links are just completely dead, that wouldn't help
[Fri Jan 24 15:34:29 2014] <ianjneu> Ya...
[Fri Jan 24 16:31:16 2014] <ianjneu> why doesn't Definition is_true b := b = true. Coercion is_true : bool >-> Prop. work?
[Fri Jan 24 16:31:52 2014] <ianjneu> it yells about class_rawexpr not following >->, but the docs do this exact thing.
[Fri Jan 24 16:36:25 2014] <ianjneu> Coercion is_true := (fun b => b = true). works, however. Fine. Whatever.
[Fri Jan 24 16:51:23 2014] <jgross> I believe you mean "Sortclass", not "Prop"? 
[Fri Jan 24 17:05:09 2014] <ianjneu> jgross: If that's what I should mean, then the docs are wrong.
[Fri Jan 24 17:25:22 2014] <jgross> Which docs are you talking about?  http://coq.inria.fr/refman/Reference-Manual021.html#sec647 doesn't allow target classes unless they're Sortclass, Funclass, or user-defined. 
[Fri Jan 24 17:27:14 2014] <ianjneu> jgross: http://coq.inria.fr/library/Coq.Init.Datatypes.html
[Fri Jan 24 17:29:33 2014] <jgross> Yeah, that's wrong.  Do you want to report it/submit a patch, or shall I? 
[Fri Jan 24 17:31:32 2014] <jgross> I'll go submit a patch on github now, unless you want to. 
[Fri Jan 24 17:33:49 2014] <ianjneu> go for it.
[Fri Jan 24 17:39:07 2014] <jgross> https://github.com/coq/coq/pull/8 
[Fri Jan 24 20:07:54 2014] <ianjneu> woo, 4 nested fold_lefts. Let's see how fun that one will be to prove things about ^_^;;
[Fri Jan 24 20:44:30 2014] <Saizan> fold lefts are the evil
[Fri Jan 24 20:44:40 2014] <Saizan> *devil
[Fri Jan 24 20:51:27 2014] <ianjneu> Saizan: they're also stack-efficient.
[Fri Jan 24 23:27:19 2014] <hodapp> http://lpaste.net/6302811051717033984 - as soon as it hits 'rewrite snoc_simpl.' it adds a new subgoal simply called 'nat', and I don't understand what's going on here
[Fri Jan 24 23:28:21 2014] <hodapp> I've some idea that it pertains to some quantified variable I've pulled into the context when I shouldn't have, or vice versa, or something...
[Fri Jan 24 23:32:41 2014] <hodapp> ...nevermind. I was about to get ready for bed and realized that I did not even make use of an 'n' in the lemma
[Sat Jan 25 12:31:59 2014] <notdan> ianjneu: I do use it, but the proof looks clumsy nevertheless http://lpaste.net/2039702891110858752
[Sat Jan 25 12:32:18 2014] <notdan> Doesn't work without all the assetions.
[Sat Jan 25 12:34:18 2014] <A3mr> wow, solved app_length_cons 3 star exercise by my own
[Sat Jan 25 12:34:21 2014] <A3mr> good
[Sat Jan 25 12:35:39 2014] <ianjneu> notdan:  the first assert is essentially a motive for equality induction, so I'm not surprised that's there. The second, however, I would have thought etas would simpl away. I might be mistaken.
[Sat Jan 25 12:39:32 2014] <notdan> nah, I tried simpl before :(
[Sat Jan 25 12:39:50 2014] <notdan> strangely, a similar goal does not require the first assertion at all!
[Sat Jan 25 12:40:20 2014] <notdan> "f >=> return = f' requires it, "return >=> f = f" does not
[Sat Jan 25 12:40:35 2014] <notdan> man, porting this proof to arbitrary categories via setoids will be a nightmare
[Sat Jan 25 12:47:28 2014] <jgross> notdan: Why via setoids?  Also, which proof is this? 
[Sat Jan 25 12:50:24 2014] <notdan> jgross: because I still haven't read your draft, cos I'm a dummy :D
[Sat Jan 25 12:50:27 2014] <notdan> this proof: http://repos.covariant.me/browse?r=coq;a=headblob;f=/Rep.v
[Sat Jan 25 12:50:42 2014] <notdan> I am trying to prove that representable endofunctors are monads
[Sat Jan 25 12:50:57 2014] <notdan> Proved it on paper via equational reasoning
[Sat Jan 25 12:53:25 2014] <jgross> Which version of Coq are you using?  Eta for functions is judgmental in 8.4. 
[Sat Jan 25 12:53:48 2014] <notdan> The Coq Proof Assistant, version 8.4 (September 2012)
[Sat Jan 25 12:53:48 2014] <notdan> compiled on Sep 25 2012 15:01:39 with OCaml 3.12.1
[Sat Jan 25 12:54:15 2014] <notdan> I am sorry, I don't know what does 'judgmental' mean in this context
[Sat Jan 25 12:55:26 2014] <jgross> It means you can replace "apply eta_expansion." with "reflexivity" 
[Sat Jan 25 12:55:58 2014] <A3mr> omg, proved app_length_twice 4 star exercise without anyone's help at all. i gues i'm doing progress.
[Sat Jan 25 12:58:24 2014] <notdan> jgross: what if I want to apply eta_expansion to some subterm?
[Sat Jan 25 13:00:03 2014] <jgross> change (fun a => ?f a) with f.	(Or replace "f" and "?f" with the constant if you don't want to eta-reduce all of the terms.) 
[Sat Jan 25 13:03:17 2014] <notdan> Oh, change .. with .. does work
[Sat Jan 25 13:03:20 2014] <notdan> thank you!
[Sat Jan 25 13:07:51 2014] <jgross> But your proof is not that complicated, and probably will not be any harder for arbitrary categories; most of what's annoying is that category composition is turning into function application, and that's obscuring the proofs.  I wouldn't be surprised if things get easier in category-land.  Also, here's a tactic that solves all of your obligations:	 repeat first [ intro		     | reflexivity		  | apply
[Sat Jan 25 13:07:51 2014] <jgross> functional_extensionality_dep		     | rewrite ab_iso1		      | rewrite ab_iso2 	       | rewrite <- ab_iso1; apply f_equal		  | rewrite <- ab_iso2; apply f_equal ]. 
[Sat Jan 25 13:13:56 2014] <notdan> Arghh, How do you do this
[Sat Jan 25 13:13:57 2014] <notdan> and so fast
[Sat Jan 25 13:14:04 2014] <notdan> thanks a lot jgross
[Sat Jan 25 13:15:29 2014] <notdan> Ah, rewrite <- ab_iso2; is like applying beta to both sides
[Sat Jan 25 13:15:31 2014] <notdan> that's smart!
[Sat Jan 25 13:22:34 2014] <A3mr> hodapp: ping
[Sat Jan 25 13:23:12 2014] <hodapp> pong
[Sat Jan 25 13:23:19 2014] <A3mr> http://lpaste.net/9217258726434537472 sorry, having troubles with that one, looks complicated. hints appreciated.
[Sat Jan 25 13:23:39 2014] <hodapp> I don't know that I'm that far yet in the book
[Sat Jan 25 13:24:08 2014] <hodapp> you're a few questions ahead
[Sat Jan 25 13:24:13 2014] <A3mr> ah, okay. :)
[Sat Jan 25 13:24:19 2014] <hodapp> but I may get to it soon
[Sat Jan 25 13:30:04 2014] <jgross> notdan: I have experience with the kinds of tricks you want for automating category theory proofs without depending on asserting things in the middle, e.g., how to turn forward reasoning into backward reasoning, and similar. 
[Sat Jan 25 14:08:10 2014] <A3mr> is there a way to use "eqn:" without having to specify name by hand?
[Sat Jan 25 14:08:15 2014] <A3mr> autogenerated are fine too
[Sat Jan 25 14:09:22 2014] <jrw> A3mr: does "eqn:?" do what you want?
[Sat Jan 25 14:15:31 2014] <A3mr> jrw: destruct on compuond exressions. like destruct (f (f x)) eqn:ffx
[Sat Jan 25 14:17:22 2014] <A3mr> http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html#lab142
[Sat Jan 25 14:55:30 2014] <A3mr> for example now i'm stuck here http://lpaste.net/4473325021376282624 (uses eqn a lot)
[Sat Jan 25 14:59:57 2014] <A3mr> hint appreciated as always. :)
[Sat Jan 25 15:13:07 2014] <A3mr> what is the difference between apply and rewrite?
[Sat Jan 25 15:27:39 2014] <notdan> if you have an equation (H1 = H2) you can rewrite using it, to replace occurrence of H1 with H2. Apply is a function/proof application and it works if you have a premise of the form (A -> B), and goal B
[Sat Jan 25 15:32:27 2014] <A3mr> notdan: gotcha
[Sat Jan 25 15:34:06 2014] <A3mr> but why for example appy doesn't work if i have theorem "beq_nat_true: forall n m : nat, beq_nat n m = true -> n = m" and goal "   beq_nat m m = true"?
[Sat Jan 25 15:34:24 2014] <A3mr> "apply beq_nat_true." => "Error: Impossible to unify "?2893 = ?2894" with "beq_nat m m = true"."
[Sat Jan 25 15:40:49 2014] <notdan> A3mr: you want a therem that states the dual thing: n = m -> beq_nat n m = true
[Sat Jan 25 15:40:59 2014] <notdan> (in this case you can probably just unfold & simpl)
[Sat Jan 25 15:41:30 2014] <notdan> For apply to work you need to have a premise (A->B) and a goal B.
[Sat Jan 25 15:41:56 2014] <notdan> Informally, you know that from A you can prove B, and you want to prove be; therefore, you decide to prove A
[Sat Jan 25 15:42:06 2014] <notdan> and by proving A you can get B
[Sat Jan 25 15:45:31 2014] <A3mr> notdan: so in my case m = m was not proven?
[Sat Jan 25 15:55:58 2014] <A3mr> * dumb
[Sun Jan 26 00:09:34 2014] <hodapp> gah. app_length_twice is throwing me for a loop...
[Sun Jan 26 00:16:52 2014] <cads> Hey guys, have you guys heard of the new proofmarket website?
[Sun Jan 26 00:16:53 2014] <cads> https://proofmarket.org/problem
[Sun Jan 26 00:17:07 2014] <cads> One of the open problems in particular seems interesting
[Sun Jan 26 00:17:58 2014] <cads> https://proofmarket.org/problem/view/13
[Sun Jan 26 00:18:48 2014] <cads> after glancing over the paper in the problem's description, it's not at all obvious that traceL == traceR
[Sun Jan 26 00:19:09 2014] <cads> the prize for a solution is a cool $45
[Sun Jan 26 05:00:14 2014] <roosbeef> how do i make coq remember where a variable came from
[Sun Jan 26 05:00:53 2014] <roosbeef> eg. https://privatepaste.com/ebca4a98bf
[Sun Jan 26 05:01:04 2014] <roosbeef> im doing a case match on x
[Sun Jan 26 05:01:35 2014] <roosbeef> in the second case, id like to be able to refer to args_v as belonging to x somehow
[Sun Jan 26 05:08:27 2014] <roosbeef> so how do i get something in the assumptions like H1 : x = VTerm.Fun head_v args_v
[Sun Jan 26 07:35:38 2014] <ianjneu> roosbeef: the convoy pattern. (match e with pat => (fun H : e = pat => body) ... end (eq_refl e))
[Sun Jan 26 07:37:24 2014] <ianjneu> sometime you have to give the proper return statement so that the unification engine doesn't stack overflow, as I recently found out. match e as x return (e = x -> _) pat => [...]
[Sun Jan 26 07:48:13 2014] <anderslundstedt> what is the fastest way to transform goal "exists x, P /\ Q" to "exists x, Q /\ P"?
[Sun Jan 26 07:51:12 2014] <anderslundstedt> is there a better way than "cut (exists x, Q /\ P); [firstorder | idtac]?"
[Sun Jan 26 07:55:30 2014] <ianjneu> make that a lemma and then rewrite lemma.
[Sun Jan 26 07:55:32 2014] <ianjneu> :P
[Sun Jan 26 09:36:30 2014] <roosbeef> ianjneu, gonna try that. Thanks!! :)
[Sun Jan 26 12:02:36 2014] <osa1> constructor. constructor. solves my goal but auto. does not, why is that? does settings search depth something bigger work? (if yes, how can I do that?)
[Sun Jan 26 12:04:16 2014] <ianjneu> osa1: Hint Constructors the types involved.
[Sun Jan 26 12:05:19 2014] <osa1> ianjneu: I already did that.
[Sun Jan 26 12:05:29 2014] <ianjneu> osa1: and they're not two separate goals?
[Sun Jan 26 12:05:58 2014] <ianjneu> and your hints aren't in a different section than the one you're currently in?
[Sun Jan 26 12:06:12 2014] <osa1> yes and yes.
[Sun Jan 26 12:07:40 2014] <ianjneu> try auto 6 I suppose.
[Sun Jan 26 12:25:29 2014] <osa1> guys, I defined my function "closed" which return true if a term does not contain any free variables and I'm wondering when do I need a Prop for same thing, if I ever need it. any ideas on that?
[Sun Jan 26 12:27:48 2014] <ianjneu> (forall coquser, guy coquser) -> False.
[Sun Jan 26 12:28:29 2014] <ianjneu> It's a good idea to have a spec version for inductive proof and an implementation version for program-writing.
[Sun Jan 26 12:28:38 2014] <ianjneu> spec version ~ type
[Sun Jan 26 12:31:47 2014] <osa1> which scope has [], [a] etc for lists?
[Sun Jan 26 12:43:15 2014] <ianjneu> Import ListNotations.
[Sun Jan 26 12:45:16 2014] <osa1> apparently I don't have that library.
[Sun Jan 26 12:46:29 2014] <ianjneu> Require List first.
[Sun Jan 26 12:49:30 2014] <osa1> I already did that
[Sun Jan 26 12:50:29 2014] <ianjneu> Perhaps List.ListNotations.
[Sun Jan 26 12:52:26 2014] <osa1> ianjneu: are yous sure there's such a standard module? I can't see it here http://coq.inria.fr/distrib/current/stdlib/
[Sun Jan 26 13:07:08 2014] <ianjneu> osa1: I use it all the time. I do Require Import List. Import ListNotations.
[Sun Jan 26 15:25:27 2014] <hodapp> http://lpaste.net/6928329435871444992 well, I proved app_length_twice from SF but I feel like I did it in a really roundabout way
[Sun Jan 26 15:25:33 2014] <hodapp> suggestions welcome!
[Sun Jan 26 15:31:36 2014] <ianjneu> http://lpaste.net/6546249402917322752
[Sun Jan 26 15:32:36 2014] <ianjneu> hodapp: ^
[Sun Jan 26 15:34:39 2014] <hodapp> hmm, I'm trying to stick with what the book's explained so far
[Sun Jan 26 15:35:23 2014] <hodapp> [|simpl;f_equal; apply IHl]; auto. - that whole thing is foreign to me presently
[Sun Jan 26 15:36:06 2014] <ianjneu> oh, the induction introduces two goals, so [tactics for goal1 | tactics for goal 2]; tactics applied to everything after.
[Sun Jan 26 15:37:04 2014] <hodapp> ohh, okay... hmmm
[Sun Jan 26 15:38:07 2014] <ianjneu> f_equal turns f x y z = f x' y' z' into goals about x = x' , y = y' , z = z'
[Sun Jan 26 15:38:30 2014] <ianjneu> the rule of Leibniz for the definition of a function allows this.
[Sun Jan 26 15:40:54 2014] <roosbeef> ianjneu, would this be correct application of the convoy pattern? https://privatepaste.com/25b64209d0
[Sun Jan 26 15:42:33 2014] <ianjneu> ya, though I would think refine would need parens around the application of the match to (eq_refl x)
[Sun Jan 26 15:42:52 2014] <ianjneu> problem with it?
[Sun Jan 26 15:43:12 2014] <roosbeef> hm
[Sun Jan 26 15:43:13 2014] <roosbeef> yea :P
[Sun Jan 26 15:43:16 2014] <roosbeef> doesnt work
[Sun Jan 26 15:46:19 2014] <ianjneu> what's the error?
[Sun Jan 26 15:48:33 2014] <roosbeef> with (eq_refl x) at the end: Syntax error: '.' or '...' expected after [tactic:tactic] (in [proof_mode:subgoal_command]).
[Sun Jan 26 15:48:53 2014] <roosbeef> without: Error: The type of this term is a product while it is expected to be "fterm_a".
[Sun Jan 26 15:49:07 2014] <roosbeef> pointing at (fun H : x = VTerm.Var n => ATerm.Var n)
[Sun Jan 26 15:49:10 2014] <ianjneu> Did you put parens where I just said?
[Sun Jan 26 15:49:16 2014] <roosbeef> yep
[Sun Jan 26 15:49:38 2014] <roosbeef> https://privatepaste.com/c02d74d95e
[Sun Jan 26 15:50:01 2014] <ianjneu> you got rid of the eq_refl though, heh
[Sun Jan 26 15:50:56 2014] <roosbeef> yes
[Sun Jan 26 15:51:13 2014] <roosbeef> ah
[Sun Jan 26 15:51:14 2014] <roosbeef> my bad
[Sun Jan 26 15:51:27 2014] <roosbeef> i was putting it after end)
[Sun Jan 26 15:51:36 2014] <roosbeef> where it should be as end (eq_refl x))
[Sun Jan 26 15:51:37 2014] <roosbeef> :)
[Sun Jan 26 15:51:39 2014] <roosbeef> thank you
[Sun Jan 26 15:52:07 2014] <roosbeef> works like a charm!
[Sun Jan 26 15:53:37 2014] <ianjneu> ;)
[Sun Jan 26 15:54:39 2014] <ianjneu> I just wrote a tiny "my unary f_equal" via eq_ind to show hodapp and hit a coq bug. Fuckin.. and people trust its proofs.
[Sun Jan 26 15:55:04 2014] <ianjneu> granted it's not a soundness bug, but... SOFTWAAAARE!! *shakefist*
[Sun Jan 26 15:55:17 2014] <hodapp> o_O
[Sun Jan 26 16:02:04 2014] <hodapp> ianjneu: If only you had... some way to write software that would verify its correctness.
[Sun Jan 26 16:02:41 2014] <ianjneu> hodapp: Try it: Definition my_f_equal {A B} (f : A -> B) (a a' : A) (p : a = a') : f a = f a' := eq_ind _ _ (fun a' => f a = f a') _ _ p.
[Sun Jan 26 16:03:17 2014] <ianjneu> the fix is to make the first _ after the fun into (eq_refl _)
[Sun Jan 26 16:03:24 2014] <ianjneu> but still.
[Sun Jan 26 16:04:00 2014] <ianjneu> hodapp: Self-certifying theorem provers exist. Coq-in-coq and Milawa (in particular) are such.
[Sun Jan 26 16:04:15 2014] <ianjneu> Jitawa is verified down to the assembly.
[Sun Jan 26 16:04:51 2014] <ianjneu> but chips still have logic flaws and are also subject to uncertainty from the laws of physics.
[Sun Jan 26 16:05:08 2014] <ianjneu> We can be confident of correctness, but never certain.
[Sun Jan 26 16:05:59 2014] <ianjneu> Purists who bitch and moan about everything needing to be correct has never had to write real software as part of a business.
[Sun Jan 26 16:06:05 2014] <ianjneu> have*
[Sun Jan 26 16:06:24 2014] <ianjneu> proven correct*
[Sun Jan 26 16:06:52 2014] <ianjneu> </rant>
[Sun Jan 26 16:06:56 2014] <ianjneu> (for now)
[Sun Jan 26 16:37:54 2014] <roosbeef> ianjneu, im messing around with that sigT thing you spoke of earlier
[Sun Jan 26 16:38:11 2014] <roosbeef> so how can sigT be used to construct something ofthe form {a' : fterm_v & fterm_v_is_wf a'}?
[Sun Jan 26 16:38:44 2014] <roosbeef> what type of structure is {.. & ..} anyway?
[Sun Jan 26 16:41:52 2014] <ianjneu> sigT (fun a : A => blah) is {a : A & blah}
[Sun Jan 26 16:42:10 2014] <ianjneu> intro form is existT predicate witness proof
[Sun Jan 26 16:43:25 2014] <roosbeef> existT predicate witness proof?
[Sun Jan 26 16:43:43 2014] <roosbeef> soo, to construct {a : A & blah},
[Sun Jan 26 16:44:13 2014] <roosbeef> one does existT fterm_v_is_wf a'
[Sun Jan 26 16:44:16 2014] <roosbeef> for example
[Sun Jan 26 16:44:21 2014] <roosbeef> and then provide the proof?
[Sun Jan 26 16:45:00 2014] <ianjneu> Print sigT. to see what the intro form expects.
[Sun Jan 26 16:46:03 2014] <roosbeef> hm
[Sun Jan 26 16:46:20 2014] <roosbeef> The term "map (existT fterm_v_is_wf) args_v" has type "list (sigT ?795)" while it is expected to have type "list {a' : fterm_v & fterm_v_is_wf a'}".
[Sun Jan 26 16:48:47 2014] <ianjneu> well, your map needs to apply the function to two arguments (witness and proof) to create that resulting type.
[Sun Jan 26 16:48:55 2014] <ianjneu> what's args_v?
[Sun Jan 26 16:50:22 2014] <roosbeef> list fterm_v
[Sun Jan 26 16:50:54 2014] <roosbeef> and, fterm_v_is_wf : fterm_v -> Prop
[Sun Jan 26 16:51:37 2014] <roosbeef> so a witness is just some entity to which the predicate applies? And proof would be the proof thereof?
[Sun Jan 26 16:52:20 2014] <ianjneu> whatever function you're writing (I assume it checks for well-formedness) will have to produce some option type since you won't know starting off that the args_v are all wellformed.
[Sun Jan 26 16:52:56 2014] <roosbeef> well
[Sun Jan 26 16:53:34 2014] <roosbeef> i wrote some lemmas to derive from wf x that any subterm of x is also wf
[Sun Jan 26 16:53:58 2014] <roosbeef> let me show you
[Sun Jan 26 16:54:34 2014] <roosbeef> https://privatepaste.com/17a13eff8a
[Sun Jan 26 16:55:16 2014] <roosbeef> so H together with H1 or H2 should cover that
[Sun Jan 26 16:55:20 2014] <ianjneu> I'm actually heading out
[Sun Jan 26 16:55:23 2014] <ianjneu> gl
[Sun Jan 26 16:55:33 2014] <roosbeef> cool
[Sun Jan 26 16:55:41 2014] <roosbeef> cya :)
[Sun Jan 26 17:08:04 2014] <roosbeef> so weird
[Sun Jan 26 17:08:05 2014] <roosbeef> im getting this
[Sun Jan 26 17:08:07 2014] <roosbeef> The term "map (fun x : term VSig => existT x fterm_v_is_wf) args_v" has type
[Sun Jan 26 17:08:07 2014] <roosbeef>  "list {_ : term VSig & fterm_v -> Prop}" while it is expected to have type
[Sun Jan 26 17:08:07 2014] <roosbeef>  "list {a' : fterm_v & fterm_v_is_wf a'}".
[Sun Jan 26 17:08:59 2014] <roosbeef> why does it use _ and not x
[Sun Jan 26 17:09:28 2014] <roosbeef> eh, well not x but something that binds
[Sun Jan 26 17:24:36 2014] <roosbeef> hm
[Sun Jan 26 17:24:42 2014] <roosbeef> (map (fun (a' : fterm_v) => existT a' (H1 a' (H2 a' [In a' args_v]) )) args_v)
[Sun Jan 26 17:24:44 2014] <roosbeef> this should work
[Sun Jan 26 17:25:09 2014] <roosbeef> but theres one problem
[Sun Jan 26 17:25:25 2014] <roosbeef> from an outsiders perspective, [In a' args_v]  is obviously true
[Sun Jan 26 17:25:44 2014] <roosbeef> any a' that map binds to is in args_v
[Sun Jan 26 17:26:12 2014] <roosbeef> but how do i get that piece of information in there? Is there a way to postpone having to provide that proof?
[Sun Jan 26 17:57:07 2014] <roosbeef> time for sleep
[Sun Jan 26 20:36:07 2014] <samg_> I'm working through software foundations, and I just wrote an inductive definition for palindromes with a proof that pal l -> l = rev l. The hint for this exercise says that my inductive definition needs 3 constructors, but I was able to write the theorems with only 2.
[Sun Jan 26 20:36:11 2014] <samg_> http://lpaste.net/99122
[Sun Jan 26 20:37:34 2014] <samg_> I think I was supposed to add a constructor, forall x, pal [x], but I'm not sure why I was able to prove pal l -> l = rev l without that constructor. Can someone give me a hint?
[Sun Jan 26 20:44:21 2014] <samg_> Oh. I think I get it. I might be able to prove pal l -> l = rev l, but I will have a hard time proving l = rev l -> pal l, because I can't provide evidence for pal [x].
[Sun Jan 26 23:38:25 2014] <roosbeef> morning
[Mon Jan 27 00:16:12 2014] <roosbeef> so ive got this function that wants a witness and a proof
[Mon Jan 27 00:16:18 2014] <roosbeef> and id like to map that over a list l
[Mon Jan 27 00:16:30 2014] <roosbeef> part of the proof however is that the witness is in l
[Mon Jan 27 00:17:21 2014] <roosbeef> eg. map (fun (a' : fterm_v) => existT a' (H1 a' (H2 a' [In a' args_v]) )) args_v
[Mon Jan 27 00:19:36 2014] <roosbeef> any ideas?
[Mon Jan 27 07:12:47 2014] <roosbeef> i would like to map a function over elements e from list l and refer inside that function to the fact that In e l
[Mon Jan 27 07:12:50 2014] <roosbeef> is that possible?
[Mon Jan 27 07:56:39 2014] <roosbeef> (eg. https://privatepaste.com/a42fa3e44b)
[Mon Jan 27 08:01:53 2014] <roosbeef> brb
[Mon Jan 27 08:33:36 2014] <ianjneu> You can't without modifying map. Here: http://www.privatepaste.com/984150807d
[Mon Jan 27 08:35:13 2014] <roosbeef> hm
[Mon Jan 27 08:36:18 2014] <ianjneu> Proofs are data. You need to do "dependency injection" to get the facts you want.
[Mon Jan 27 08:37:22 2014] <roosbeef> this is some advanced stuff :p
[Mon Jan 27 08:38:27 2014] <ianjneu> "dependency injection," or as functional programmers call it, "passing arguments"
[Mon Jan 27 08:40:15 2014] <ianjneu> what part of my solution is advanced?
[Mon Jan 27 08:41:11 2014] <roosbeef> dunno
[Mon Jan 27 08:41:23 2014] <roosbeef> it wouldve taken a long time for me to come up with that myself though
[Mon Jan 27 08:41:38 2014] <ianjneu> cut P; [intro blah; l | r] is a shorthand for (assert (blah : P) by r; l)
[Mon Jan 27 08:41:51 2014] <roosbeef> ah thats what cut does?
[Mon Jan 27 08:41:53 2014] <ianjneu> roughly.
[Mon Jan 27 08:41:57 2014] <roosbeef> yea i was looking at that as well
[Mon Jan 27 08:42:09 2014] <roosbeef> hey how do i refer back to In a l?
[Mon Jan 27 08:42:28 2014] <ianjneu> the function is given the proof as its second argument.
[Mon Jan 27 08:43:08 2014] <roosbeef> hm
[Mon Jan 27 08:44:33 2014] <roosbeef> so the first argument is an element of l
[Mon Jan 27 08:44:40 2014] <roosbeef> and the second is In e l
[Mon Jan 27 08:45:10 2014] <ianjneu> yup.
[Mon Jan 27 08:45:28 2014] <roosbeef> and the result is just a list of type B right
[Mon Jan 27 08:46:11 2014] <ianjneu> yup.
[Mon Jan 27 08:46:53 2014] <roosbeef> map_witness (fun a' b => existT a' (H1 a' (H2 a' b))) args_v
[Mon Jan 27 08:47:02 2014] <roosbeef> Error: The type of this term is a product while it is expected to be "list ?861".
[Mon Jan 27 08:47:25 2014] <ianjneu> give args_v first, since the function depends on it.
[Mon Jan 27 08:47:51 2014] <roosbeef> gotcha :)
[Mon Jan 27 08:47:56 2014] <roosbeef> seems to work :9
[Mon Jan 27 08:48:25 2014] <roosbeef> lets have a look
[Mon Jan 27 08:50:35 2014] <roosbeef> magic
[Mon Jan 27 08:50:41 2014] <roosbeef> thanks a lot ianjneu!
[Mon Jan 27 08:53:09 2014] <ianjneu> yup. One day after banging your head on the keyboard for hours on end, this will start to come naturally. At least, that's the road I took.
[Mon Jan 27 08:56:43 2014] <roosbeef> haha
[Mon Jan 27 08:56:51 2014] <roosbeef> definitely heading in the right direction then :p
[Mon Jan 27 10:26:50 2014] <roosbeef> so im making this assertion in proof mode
[Mon Jan 27 10:27:27 2014] <roosbeef> assert (x := some exotic computation).
[Mon Jan 27 10:28:02 2014] <roosbeef> how do i add a 'copy' to assumptions, eg. Hx : x = some exotic comuptation
[Mon Jan 27 10:36:59 2014] <ianjneu> ?
[Mon Jan 27 10:38:38 2014] <roosbeef> well,
[Mon Jan 27 10:38:55 2014] <roosbeef> ive made this assertion
[Mon Jan 27 10:39:14 2014] <roosbeef> assert (args_a := sigmap fterm_v_is_wf aterm_of_vterm (map_witness args_v (fun a' b => existT a' (H1 a' (H2 a' b))))).
[Mon Jan 27 10:39:15 2014] <ianjneu> your assert is essentially (let x := computation in <rest of proof>) so you can do (guess what?) the convoy pattern to get the equality as an assumption. (let x := computation in (fun Hx : x = computation => <rest of proof>) (eq_refl x))
[Mon Jan 27 10:39:43 2014] <ianjneu> I think.
[Mon Jan 27 10:39:44 2014] <roosbeef> yea i was messing around with convoy pattern a bit but couldnt get it right
[Mon Jan 27 10:39:47 2014] <roosbeef> hm
[Mon Jan 27 10:39:58 2014] <roosbeef> ok that sounds obvious
[Mon Jan 27 10:46:01 2014] <roosbeef> ianjneu, how is my assert essentially "(let x := computation in <rest of proof>)"?
[Mon Jan 27 10:48:12 2014] <ianjneu> My bad, I was thinking pose and not assert.
[Mon Jan 27 10:48:24 2014] <ianjneu> assert is a left-left-lambda.
[Mon Jan 27 10:49:07 2014] <ianjneu> assert (H : T) by proof; continuing-proof = ((fun H : T => continuing-proof-term) proof-term-for-assert)
[Mon Jan 27 10:51:00 2014] <roosbeef> could you give a simple example of that please?
[Mon Jan 27 10:52:55 2014] <roosbeef> what is "by proof"?
[Mon Jan 27 10:52:59 2014] <ianjneu> roosbeef: I'll let you play around with it and see what comes out. I learned how to make these proof terms by printing theorems after I've proven them to see what Coq's tactics formed.
[Mon Jan 27 10:53:42 2014] <ianjneu> assert ... by tac. is a way to prove an assertion outright with some tactic, failing if you don't finish the proof.
[Mon Jan 27 10:56:17 2014] <roosbeef> this assert doesnt require a proof though
[Mon Jan 27 10:58:10 2014] <ianjneu> assert always requires proof.
[Mon Jan 27 10:58:38 2014] <roosbeef> maybe the proof is inferred automatically
[Mon Jan 27 10:59:03 2014] <roosbeef> what i did is simply "assert (args_a := computation)."
[Mon Jan 27 10:59:24 2014] <roosbeef> and this adds "args_a : result_of_computation" to the assumptions
[Mon Jan 27 11:01:37 2014] <ianjneu> ah, I was thinking : instead of :=
[Mon Jan 27 11:01:58 2014] <roosbeef> :p
[Mon Jan 27 11:02:20 2014] <ianjneu> instead use pose (args_a  := computation) since you'll keep the equality.
[Mon Jan 27 11:03:29 2014] <roosbeef> hm
[Mon Jan 27 11:03:39 2014] <roosbeef> can i rewrite from that?
[Mon Jan 27 11:04:15 2014] <ianjneu> Yup.
[Mon Jan 27 11:04:42 2014] <ianjneu> well, it's judgemental, so it might just be subst args_a to get rid of it.
[Mon Jan 27 11:05:34 2014] <roosbeef> yep subst works :)
[Mon Jan 27 11:05:41 2014] <roosbeef> awesome
[Mon Jan 27 11:05:51 2014] <roosbeef> thanks and sorry for being such a drag
[Mon Jan 27 11:08:32 2014] <ianjneu> no apologies necessary. I'm in #coq mostly to help.
[Mon Jan 27 11:09:36 2014] <roosbeef> mehhhh
[Mon Jan 27 11:09:38 2014] <roosbeef> No more subgoals.
[Mon Jan 27 11:09:48 2014] <roosbeef> Defined.
[Mon Jan 27 11:09:52 2014] <roosbeef> Error: Recursive definition of aterm_of_vterm is ill-formed.
[Mon Jan 27 11:10:12 2014] <hodapp> Coq certainly makes me look at other languages differently...
[Mon Jan 27 11:10:18 2014] <hodapp> I use Python a lot at work.
[Mon Jan 27 11:10:32 2014] <hodapp> and C++ but not if I can avoid it.
[Mon Jan 27 11:10:33 2014] <ianjneu> you're using your fix'd function on a non-subterm probably.
[Mon Jan 27 11:11:33 2014] <roosbeef> fix'd function?
[Mon Jan 27 11:11:47 2014] <roosbeef> the convoy pattern you mean?
[Mon Jan 27 11:12:10 2014] <ianjneu> are you using refine on a use of fix?
[Mon Jan 27 11:12:31 2014] <roosbeef> no
[Mon Jan 27 11:12:42 2014] <LinearInterpol> I have a rather.. dumb question about type theory and its foundations.
[Mon Jan 27 11:12:58 2014] <ianjneu> LinearInterpol: go on
[Mon Jan 27 11:13:16 2014] <hodapp> Your question is almost certainly not more dumb than I am about its subject.
[Mon Jan 27 11:13:16 2014] <LinearInterpol> (Bear in mind I was a pure-C programmer just a few weeks ago, so bear with my ignorance. :)
[Mon Jan 27 11:14:15 2014] <LinearInterpol> Outside of a language like Coq or Haskell, how would I define a function in type theory? Does it require some supplementary logic to define the "form" of a function?
[Mon Jan 27 11:15:27 2014] <roosbeef> gonna give it a rest, bbl
[Mon Jan 27 11:15:27 2014] <roosbeef> <3
[Mon Jan 27 11:15:27 2014] <ianjneu> type theory is an informal concept. There are specific type theories. Some consistent (at least we think), like Gallina, some inconsistent (like Haskell's)
[Mon Jan 27 11:16:01 2014] <ianjneu> I don't know quite what you mean, LinearInterpol.
[Mon Jan 27 11:16:05 2014] <LinearInterpol> So effectively there's no one "Type Theory".
[Mon Jan 27 11:16:19 2014] <LinearInterpol> There are systems of it.
[Mon Jan 27 11:16:22 2014] <ianjneu> We have as axioms the computation rules such as beta.
[Mon Jan 27 11:16:52 2014] <LinearInterpol> Beta?
[Mon Jan 27 11:17:08 2014] <LinearInterpol> Beta reduction?
[Mon Jan 27 11:17:11 2014] <ianjneu> indeed.
[Mon Jan 27 11:18:01 2014] <LinearInterpol> http://lpaste.net/5958568516704534528
[Mon Jan 27 11:18:51 2014] <LinearInterpol> A few weeks ago I was just a strict C programmer. My friend converted me to Haskell, and I've just been struggling to understand where the sort of language-dependent stuff splits from the purely mathematical stuff.
[Mon Jan 27 11:18:58 2014] <LinearInterpol> An example of which would be pattern matching.
[Mon Jan 27 11:19:44 2014] <LinearInterpol> I asked him rather naively:
[Mon Jan 27 11:20:02 2014] <LinearInterpol> "Is pattern/form matching a mathematical thing or a tool that languages use?"
[Mon Jan 27 11:20:09 2014] <LinearInterpol> "Is there something 'lower' than it?"
[Mon Jan 27 11:20:35 2014] <LinearInterpol> He equated it to functions over sets.
[Mon Jan 27 11:23:17 2014] <LinearInterpol> * crawls back into his lurking state.
[Mon Jan 27 11:25:46 2014] <ianjneu> LinearInterpol: eliminators are the "lower" things. Type eliminators are essentially proofs of initiality of the functor algebra that the inductive type forms.
[Mon Jan 27 11:26:01 2014] <ianjneu> Sorry for the delay. Diaper changes an' whatnot.
[Mon Jan 27 11:26:30 2014] <LinearInterpol> Type eliminators, huh?
[Mon Jan 27 11:26:30 2014] <ianjneu> See Conor McBride's "eliminating pattern matching" paper if you're interested in the details.
[Mon Jan 27 11:26:43 2014] <LinearInterpol> Lovely! :)
[Mon Jan 27 11:27:05 2014] <ianjneu> When you define an "Inductive" in coq, you might have noticed several different functions get "defined"
[Mon Jan 27 11:27:23 2014] <LinearInterpol> Type constructors, I assume?
[Mon Jan 27 11:28:08 2014] <ianjneu> those are the recursive (non-dependent) and inductive (dependent) eliminators. There are more than two because of a historical accident with "Set" and "Type"
[Mon Jan 27 11:28:38 2014] <LinearInterpol> What is an eliminator?
[Mon Jan 27 11:28:40 2014] <ianjneu> LinearInterpol: no, type constructors and variants are different.
[Mon Jan 27 11:29:54 2014] <LinearInterpol> Sorry for the questions, by the way. Just trying to grok all of this. :)
[Mon Jan 27 11:30:03 2014] <ianjneu> An eliminator for (A * B), say, would say give me a function that does something with an A and a B, an element of (A * B), and do the "computation" with it to produce an element of the motive (the result type)
[Mon Jan 27 11:30:57 2014] <LinearInterpol> So we're back to dealing with sets if we're working with eliminators.
[Mon Jan 27 11:31:27 2014] <ystael> LinearInterpol: Think of "eliminator" in the sense of "I have an expression using this new type constructor and I want to cope with it by eliminating it, i.e., interpreting it in terms of constructors I already understand."
[Mon Jan 27 11:31:48 2014] <LinearInterpol> Alright, I'm starting to get that..
[Mon Jan 27 11:31:49 2014] <ianjneu> go into Coq and do Check prod_rect.
[Mon Jan 27 11:32:12 2014] <ianjneu> for the formal type of what I was getting at with A * B.
[Mon Jan 27 11:33:12 2014] <LinearInterpol> forall (A B : Tye) (P : A * B -> TYPE)...
[Mon Jan 27 11:33:21 2014] <LinearInterpol> ...woah.
[Mon Jan 27 11:33:45 2014] <LinearInterpol> That. That's a little more over my head than I'd like. o_o
[Mon Jan 27 11:33:47 2014] <ianjneu> LinearInterpol: type theory is richer than set theory, as recent research in homotopy type theory has illuminated.
[Mon Jan 27 11:34:15 2014] <LinearInterpol> It's why I'm trying to get a hold on it. Remember: I was once a C programmer. Types aren't exactly forced on me. :)
[Mon Jan 27 11:34:22 2014] <LinearInterpol> And I will admit that I know very very very little of Coq.
[Mon Jan 27 11:35:20 2014] <LinearInterpol> Homotopy type theory looks.. odd. It deals with homomorphisms between types or something?
[Mon Jan 27 11:35:53 2014] <ianjneu> brb
[Mon Jan 27 11:36:50 2014] <LinearInterpol> Sure. :)
[Mon Jan 27 11:37:15 2014] <LinearInterpol> By the way: you folks are the nicest people I've met, all other people I've pretty much annoyed want me banned from their channel. :P
[Mon Jan 27 11:38:38 2014] <LinearInterpol> So.. an eliminator is effectively something that characterises an operation over all things belonging to that type?
[Mon Jan 27 11:39:03 2014] <LinearInterpol> And yields some (A * B).
[Mon Jan 27 11:40:45 2014] <ystael> LinearInterpol: You might try one of the following sources for more background: Programming in Martin-Löf's Type Theory, http://www.cse.chalmers.se/research/group/logic/book/book.pdf ; Bob Harper, Practical Foundations for Programming Languages, http://www.cs.cmu.edu/~rwh/plbook/book.pdf ; Martin-Löf's original book Intutionistic Type Theory, http://intuitionistic.files.wordpress.com/2010/07/martin-lof-tt.pdf .
[Mon Jan 27 11:41:01 2014] <ystael> (That isn't to tell you to go away, just to provide some background reading if you want it.)
[Mon Jan 27 11:41:13 2014] <LinearInterpol> Totally!
[Mon Jan 27 11:41:28 2014] <ystael> The eliminator for product types characterizes functions _out_of_ a product type in terms of functions out of the constituents of the product.
[Mon Jan 27 11:41:41 2014] <ystael> It says "to give a function A * B -> C, give a function A -> B -> C."
[Mon Jan 27 11:42:24 2014] <LinearInterpol> I'm not exactly equipped with much terminology.. constituents of the product?
[Mon Jan 27 11:42:41 2014] <ystael> Sorry, not a technical term.  The types you gave to the * type constructor.
[Mon Jan 27 11:42:43 2014] <ystael> A and B.
[Mon Jan 27 11:42:46 2014] <LinearInterpol> Oh.
[Mon Jan 27 11:43:38 2014] <LinearInterpol> So.. to produce or make an operation/function A * B.
[Mon Jan 27 11:44:06 2014] <ystael> Not to produce the * type constructor itself, but to produce something that consumes arguments of type A * B.
[Mon Jan 27 11:44:54 2014] <LinearInterpol> I'm not sure I'm getting this very well.. sorry. :(
[Mon Jan 27 11:45:12 2014] <LinearInterpol> I'm not really mathematically versed.
[Mon Jan 27 11:45:24 2014] <ystael> I've been playing with these ideas on and off for years and they still confuse me :)
[Mon Jan 27 11:45:52 2014] <LinearInterpol> Hehe, glad to know I'm not alone. :)
[Mon Jan 27 11:45:54 2014] <ystael> (I'm an amateur, there are several professionals in this channel but I'm just some software guy)
[Mon Jan 27 11:46:22 2014] <LinearInterpol> Same.. I've left the comfort of void* pointers and manual safety for Coq, Haskell, etc. :)
[Mon Jan 27 11:47:04 2014] <LinearInterpol> I've always been fascinated by the mathematics behind it.
[Mon Jan 27 11:47:24 2014] <LinearInterpol> Yet it's almost never approachable.
[Mon Jan 27 11:48:02 2014] <ystael> Have you taken a look at Software Foundations (Pierce et al) ?
[Mon Jan 27 11:48:03 2014] <LinearInterpol> I'm very hands-on, and it's difficult for me to sort of translate abstractions to a relatively simple concept to me.
[Mon Jan 27 11:48:09 2014] <LinearInterpol> Yes, actually! Only just a bit.
[Mon Jan 27 11:48:16 2014] <LinearInterpol> Does it cover eliminators and all of that?
[Mon Jan 27 11:49:02 2014] <ystael> In the chapter MoreInd where they talk about induction principles, those are another name for what we've been calling eliminators.
[Mon Jan 27 11:49:26 2014] <LinearInterpol> Awesome. I guess I just need to work more with Coq to understand this. :)
[Mon Jan 27 11:49:34 2014] <LinearInterpol> But it's nice to know that awesome people are nearby. :D
[Mon Jan 27 11:49:49 2014] <LinearInterpol> Afk for a bit, gotta do stuff for a class.. thanks for all the help! :)
[Mon Jan 27 11:49:59 2014] <ystael> I'd encourage you to continue working through Software Foundations and also look at Bob Harper's book.
[Mon Jan 27 11:50:08 2014] <LinearInterpol> Will do!
[Mon Jan 27 11:50:13 2014] <ystael> that's probably the most accessible of the sources I gave above.  Good luck!
[Mon Jan 27 11:50:17 2014] <LinearInterpol> Thanks! :D
[Mon Jan 27 11:58:16 2014] <ianjneu> okay. Condo board of trustees shit taken care of.
[Mon Jan 27 11:58:21 2014] <ianjneu> Now for the scrollback.
[Mon Jan 27 12:00:34 2014] <ianjneu> okay, nothing I need to say.
[Mon Jan 27 15:13:08 2014] <roosbeef> when coq tells me this
[Mon Jan 27 15:13:21 2014] <roosbeef> Error: Recursive definition of aterm_of_vterm is ill-formed.
[Mon Jan 27 15:13:22 2014] <roosbeef> Recursive call to aterm_of_vterm has not enough arguments.
[Mon Jan 27 15:13:45 2014] <roosbeef> why is that
[Mon Jan 27 15:14:24 2014] <roosbeef> i did work out a full proof to the definition of aterm_of_vterm
[Mon Jan 27 15:14:36 2014] <roosbeef> and coq even told me "No more subgoals"
[Mon Jan 27 15:14:50 2014] <roosbeef> but it wont wrap up the definition when doing Defined, giving that error
[Mon Jan 27 15:19:15 2014] <roosbeef> it might be because im using refine, maybe the recursion is not structurally decreasing?
[Mon Jan 27 15:19:20 2014] <roosbeef> but i dont understand that error message
[Mon Jan 27 15:19:27 2014] <roosbeef> or maybe*
[Mon Jan 27 15:21:25 2014] <roosbeef> heres the full error msg https://privatepaste.com/69acfc11c6
[Mon Jan 27 19:37:03 2014] <Rc43> Hello.
[Mon Jan 27 19:37:09 2014] <Anarchos> hi Rc43
[Mon Jan 27 19:41:36 2014] <Rc43> I have problem with writing mutual fixpoint expression.
[Mon Jan 27 19:41:40 2014] <Rc43> According to http://coq.inria.fr/V8.2pl1/refman/Reference-Manual003.html#fixpoints I am trying to write this: http://coq.xelpaste.org/9636
[Mon Jan 27 19:42:12 2014] <Rc43> But that doesn't pass due error on `g': "A fixpoint needs at least one parameter."
[Mon Jan 27 19:42:53 2014] <Rc43> (Also manual says to write "for <ident_i>", but ident_i should be function with argument.)
[Mon Jan 27 19:43:04 2014] <Rc43> How to properly define such function?
[Mon Jan 27 20:09:43 2014] <Rc43> Oooooh, problem was in usage of "Function" instead of "Definition".
[Tue Jan 28 04:46:02 2014] <roosbeef> hi
[Tue Jan 28 04:46:36 2014] <roosbeef> so im getting this
[Tue Jan 28 04:47:13 2014] <roosbeef> after a large proof of a function definition, after coq says "no more subgoals", when i try to wrap the thing up by doing Defined, it says
[Tue Jan 28 04:47:14 2014] <roosbeef> Error: Recursive definition of aterm_of_vterm is ill-formed.
[Tue Jan 28 04:47:14 2014] <roosbeef> Recursive call to aterm_of_vterm has not enough arguments.
[Tue Jan 28 04:48:13 2014] <roosbeef> is that a generic error for a deeper issue (thats what some google results seemed to suggest?), or is there something wrong with the definition
[Tue Jan 28 04:49:03 2014] <roosbeef> im a bit confused as to why coq accepts the proof (and thus the corresponding type checks?) but rejects the overall definition.. didnt it thoroughly type check during proof mode?
[Tue Jan 28 04:54:27 2014] <jgross> The ill-formed recursive call generally means that you did something that the termination checker won't pass (such as Fixpoint f x := f x.).  I've never seen the "not enough arguments" message, but it probably means you used the recursive call as returning a function, rather than explicitly giving it an argument to do structural recursion on (and you can't do Fixpoint f (x : Type) : Type -> Type := fun _ => f. either).	There's not an easy way
[Tue Jan 28 04:54:27 2014] <jgross> to check this when constructing the proof, so Coq only checks it at the end. 
[Tue Jan 28 04:55:09 2014] <roosbeef> hmm
[Tue Jan 28 04:55:12 2014] <roosbeef> well,
[Tue Jan 28 04:56:20 2014] <roosbeef> im converting terms (tree type data structure, eg. f(g(a),g(b,c)))
[Tue Jan 28 04:56:23 2014] <roosbeef> )
[Tue Jan 28 04:57:20 2014] <roosbeef> from fterm_v to fterm_a, basically the only difference being that fterm_a has a constraint such that it has a strict branching ratio
[Tue Jan 28 04:57:45 2014] <roosbeef> so when converting from the unconstrained type to the constrained type, both terms/trees look exactly the same
[Tue Jan 28 04:58:27 2014] <roosbeef> (the input is assumed to conform to that constraint)
[Tue Jan 28 04:59:34 2014] <roosbeef> so yea long story short, i think i might have been doing some of the things you were describing
[Tue Jan 28 05:00:05 2014] <roosbeef> for one there is no structurally decreasing argument :/
[Tue Jan 28 05:01:49 2014] <jgross> If there's no structurally decreasing argument, then you want well-founded recursion, not structural fixpoints.  (I've never used wf-recursion, so I probably can't help you much with it.) 
[Tue Jan 28 05:02:08 2014] <roosbeef> how does that work?
[Tue Jan 28 05:02:51 2014] <roosbeef> (or how does that look rather)
[Tue Jan 28 05:10:35 2014] <jgross> http://adam.chlipala.net/cpdt/html/GeneralRec.html 
[Tue Jan 28 05:12:18 2014] <roosbeef> yea was just reading that, thanks :)
[Tue Jan 28 08:00:32 2014] <LinearInterpol> Question: what is a dependent type?
[Tue Jan 28 08:12:42 2014] <hodapp> LinearInterpol: A type that depends on a value.
[Tue Jan 28 08:13:02 2014] <hodapp> LinearInterpol: One example: A function that takes a list of length 'n', and returns a list also of length 'n'.
[Tue Jan 28 08:13:46 2014] <LinearInterpol> So.. wait.
[Tue Jan 28 08:14:08 2014] <LinearInterpol> So the type of that function depends on "n"?
[Tue Jan 28 08:20:18 2014] <ianjneu> more accurately, "dependent types" depend on terms, not values.
[Tue Jan 28 08:20:52 2014] <LinearInterpol> terms, okay.
[Tue Jan 28 08:20:58 2014] <LinearInterpol> Okay.
[Tue Jan 28 08:21:08 2014] <LinearInterpol> So that type is effectively dependent on the list type.
[Tue Jan 28 08:21:19 2014] <LinearInterpol> Or terms of the list type.
[Tue Jan 28 08:26:01 2014] <hodapp> dammit Wikipedia. https://en.wikipedia.org/wiki/Lambda_cube says "depending on terms", but https://en.wikipedia.org/wiki/Dependent_type says "depends on a value".
[Tue Jan 28 08:26:13 2014] <LinearInterpol> I know! I'm so confused! :(
[Tue Jan 28 08:34:23 2014] <ianjneu> terms, when the free variables are substituted for values, compute to values.
[Tue Jan 28 08:35:32 2014] <LinearInterpol> ah.
[Tue Jan 28 08:35:41 2014] <LinearInterpol> okay, that makes a tad more sense.
[Tue Jan 28 08:35:59 2014] <LinearInterpol> so if a function takes a parameter "n" of type "A", the type of that function is dependent on "n"
[Tue Jan 28 08:36:11 2014] <LinearInterpol> and that's called a dependent type.
[Tue Jan 28 08:36:12 2014] <LinearInterpol> right?
[Tue Jan 28 08:36:41 2014] <ianjneu> no, you just said the function takes an A, you didn't say what it produces depends on the input terms of type A.
[Tue Jan 28 08:36:53 2014] <LinearInterpol> oh.
[Tue Jan 28 08:37:12 2014] <ianjneu> A -> B is shorthand for forall x:A, B where x is not free in B.
[Tue Jan 28 08:37:33 2014] <LinearInterpol> * goes back to working through Software Foundations.
[Tue Jan 28 08:57:41 2014] <LinearInterpol> Ruh-roh.
[Tue Jan 28 08:57:43 2014] <LinearInterpol> Error: Impossible to unify "tuesday" with "monday".
[Tue Jan 28 08:57:58 2014] <LinearInterpol> In the first few examples.
[Tue Jan 28 09:10:36 2014] <LinearInterpol> Oh, sweet. I can actually step through and see the subgoals..
[Tue Jan 28 09:10:42 2014] <LinearInterpol> Huh. That's why it failed.
[Tue Jan 28 09:39:15 2014] <hodapp> ianjneu: can dependent types depend on a term with free variables?
[Tue Jan 28 10:07:08 2014] <ianjneu> hodapp: depends on what you mean by "free." Contextual type theory deals with "open" terms, but meta-closes them, heh.
[Tue Jan 28 10:10:07 2014] <hodapp> meta-closes?
[Tue Jan 28 10:11:26 2014] <hodapp> I guess what I'm looking for is what dependent type systems actually handle the gap in between 'types that depend on a term' and 'types that depend on a value', since a distinction was made, but you did specify that terms compute to values when free variables are substituted for values.
[Tue Jan 28 10:17:50 2014] <ianjneu> well, the terms get closed by quantifiers outside of the dependent types.
[Tue Jan 28 10:18:21 2014] <ianjneu> so zooming in on a type under a quantifier, there can be free variables.
[Tue Jan 28 10:21:34 2014] <hodapp> that's what meta-closed means?
[Tue Jan 28 10:22:53 2014] <ianjneu> no no, contextual type theory is something used in a logical framework called Beluga, where you can manipulate quoted terms that have free variables, but you have a context of meta-variables and their typings.
[Tue Jan 28 10:54:49 2014] <A3mr> hello
[Tue Jan 28 10:55:23 2014] <A3mr> hodapp: have you had a chance to prove combine_split? :)
[Tue Jan 28 11:07:21 2014] <hodapp> hah, that's where I'm stuck presently
[Tue Jan 28 11:07:37 2014] <hodapp> I was trying to use their nearby techniques of destructing an expression but I keep losing information that I need that way
[Tue Jan 28 11:08:48 2014] <hodapp> however I've not had much time to look at this
[Tue Jan 28 11:09:26 2014] <hodapp> was gonna work on it Sunday, but Sunday was also my birthday, and the dinner plans ended up with a bunch of friends surprising me there and then buying many many shots of tequila for me, so not much Coq happened when I got home...
[Tue Jan 28 11:25:57 2014] <A3mr> hodapp: to not loose info use eqn
[Tue Jan 28 11:26:07 2014] <A3mr> like destruct (foo bar) eqn:foo_bar.
[Tue Jan 28 11:26:42 2014] <hodapp> A3mr: I was trying to do it only using what they'd unveiled thus far in the book.
[Tue Jan 28 11:28:19 2014] <ystael> while destruct eqn: may be useful, one can prove this result without it.
[Tue Jan 28 11:28:39 2014] <hodapp> and that's what I'm looking for.
[Tue Jan 28 11:32:37 2014] <ystael> hodapp: you will need to unpack the hypothesis `split l = (l1, l2)` somehow.
[Tue Jan 28 11:32:54 2014] <hodapp> ystael: I was getting a sense of that as I worked, but not seeing how.
[Tue Jan 28 11:33:02 2014] <hodapp> 'unfold' just seemed to make things worse.
[Tue Jan 28 11:33:47 2014] <ystael> try `inversion`; the section is about inversion after all :)
[Tue Jan 28 11:34:25 2014] <hodapp> hmmmmmmmm
[Tue Jan 28 11:37:49 2014] <LinearInterpol> What does "reflexivity" really mean in Coq?
[Tue Jan 28 11:37:59 2014] <LinearInterpol> In contrast to simpl. ?
[Tue Jan 28 11:38:28 2014] <LinearInterpol> Does reflexivity just not show the simplification of whatever I want to prove?
[Tue Jan 28 11:39:01 2014] <ystael> LinearInterpol: It means "simpl, and then attempt to apply the constructor `eq_refl` of equality types."
[Tue Jan 28 11:39:10 2014] <ystael> Well, that's the mechanics.
[Tue Jan 28 11:39:22 2014] <LinearInterpol> Ah. So "simpl." doesn't imply any sort of equality.
[Tue Jan 28 11:39:46 2014] <LinearInterpol> * doesn't understand eq_refl, but he'll learn it later hopefully.
[Tue Jan 28 11:39:46 2014] <ystael> right.  `simpl` just applies the reduction rules (beta delta eta zeta iota).
[Tue Jan 28 11:40:02 2014] <ystael> You can see what `simpl` would do in a particular term by typing `Eval compute in <term>`.
[Tue Jan 28 11:40:09 2014] <LinearInterpol> Any "simple" explanation/reference to those rules?
[Tue Jan 28 11:40:16 2014] <LinearInterpol> Just so I can look at them.
[Tue Jan 28 11:40:32 2014] <LinearInterpol> I may know them but the terminology always screws me over. :)
[Tue Jan 28 11:40:40 2014] <ystael> This chapter from Adam Chlipala's book is useful: http://adam.chlipala.net/cpdt/html/Equality.html
[Tue Jan 28 11:43:19 2014] <ystael> Note that eta expansion (f == \x -> f x) was not part of Coq's definitional equality at the time the book was written; it was added in Coq 8.4
[Tue Jan 28 11:47:08 2014] <LinearInterpol> Huh. Sweet.
[Tue Jan 28 11:50:03 2014] <LinearInterpol> So delta just replaces a reference to a function with the actual function?
[Tue Jan 28 11:50:34 2014] <LinearInterpol> then beta works by replacing terms with values..
[Tue Jan 28 11:50:54 2014] <LinearInterpol> Then iota simplifies it down by determining the matches..
[Tue Jan 28 11:51:34 2014] <LinearInterpol> Then zeta.. wait, how is that different than beta?
[Tue Jan 28 11:52:28 2014] <ystael> It's not different if you think of lets as desugaring into lambdas, but lets are primitive in Gallina
[Tue Jan 28 11:52:44 2014] <LinearInterpol> Oh.
[Tue Jan 28 11:52:45 2014] <ystael> so they need their own reduction rule
[Tue Jan 28 11:52:59 2014] <LinearInterpol> I see.
[Tue Jan 28 11:53:07 2014] <LinearInterpol> That explains it.
[Tue Jan 28 12:02:21 2014] <CoqNewbie> is it possible to prove  S n = S m -> n = m  without using inversion? how can I prove ~ (0 = 1)?
[Tue Jan 28 12:06:46 2014] <ianjneu> See the HoTT book chapter 2.12. There is a simpler problem of proving injectivity of coproduct injectors.
[Tue Jan 28 12:09:30 2014] <A3mr> is proving ~ (0 = 1) without inversion is some constructive trick?
[Tue Jan 28 12:13:34 2014] <A3mr> nvm
[Tue Jan 28 12:13:36 2014] <Ptival> A3mr: match on the equality with a 0-True/1-False predicate, prove False
[Tue Jan 28 12:22:09 2014] <A3mr> could you please give me some hints on how to proceed with that theorem http://vpaste.net/eID9J ?
[Tue Jan 28 12:25:25 2014] <A3mr> i feel myself so dumb
[Tue Jan 28 12:26:44 2014] <CoqNewbie> Ptival: "match on the equality with a 0-True/1-False predicate, prove False", are you talking about how to prove "~ (0 = 1)"?
[Tue Jan 28 12:27:32 2014] <CoqNewbie> ianjneu: do we really need such a complicated proof? "code(x)" etc?
[Tue Jan 28 12:29:59 2014] <CoqNewbie> Agda's way:   "suc-inversion : ∀ n m → suc n ≡ suc m → n ≡ m;suc-inversion .m m refl = refl"
[Tue Jan 28 12:32:28 2014] <CoqNewbie> how can I write something like the above in a Coq Definition ?
[Tue Jan 28 12:37:54 2014] <CoqNewbie> "Print" ftw
[Tue Jan 28 12:40:03 2014] <Ptival> CoqNewbie: yes
[Tue Jan 28 12:43:42 2014] <Ptival> A3mr: you need to strengthen your induction hypothesis
[Tue Jan 28 12:45:42 2014] <A3mr> Ptival: ah, does it mean i "intros" too much?
[Tue Jan 28 12:47:02 2014] <A3mr> Ptival: induction hypothesis of "induction l" right?
[Tue Jan 28 12:47:04 2014] <Ptival> A3mr: yes, either that or you need to "revert" a few things before starting the induction
[Tue Jan 28 12:47:46 2014] <Ptival> for instance, you'd want your induction hypothesis to be quantified over l1 and l2
[Tue Jan 28 12:47:55 2014] <Ptival> if you're going to perform induction on l
[Tue Jan 28 12:49:22 2014] <Ptival> in the version you have posted, you see that you are stuck because the hypothesis for your induction hypothesis is false, because it is tied to the initial l1 and l2
[Tue Jan 28 12:49:51 2014] <Ptival> if it became IHl: forall l1 l2, split l = (l1, l2) -> combine l1 l2 = l
[Tue Jan 28 12:50:12 2014] <Ptival> then you'd be able to use it with l1' being the tail of the initial l1
[Tue Jan 28 12:52:32 2014] <Rc43> Hello.
[Tue Jan 28 12:52:44 2014] <Rc43> Coq doesn't use ocaml batteries, right?
[Tue Jan 28 12:54:56 2014] <A3mr> Ptival: sorry, could you please expand a bit on " use it with l1' being the tail of the initial l1"? current version: http://vpaste.net/3kqRY
[Tue Jan 28 12:55:21 2014] <A3mr> i haven't got what is l1' and what is tail of initial l1
[Tue Jan 28 12:55:33 2014] <A3mr> do you mean tail of initial l?
[Tue Jan 28 12:58:44 2014] <Ptival> A3mr: my assumption is that if you were to destruct l1 into hl1 :: tl1, then x would have to be hl1, and you could prove your goal by applying the induction hypothesis to tl1 and l2
[Tue Jan 28 12:59:03 2014] <Ptival> (in fact you might not have needed to revert l2, but whatever)
[Tue Jan 28 12:59:24 2014] <Ptival> (oh you did not, you just intro-ed less, good)
[Tue Jan 28 12:59:44 2014] <Ptival> A3mr: what happens if you "simpl in H"?
[Tue Jan 28 13:01:12 2014] <A3mr> Ptival: http://vpaste.net/SZW4S
[Tue Jan 28 13:03:44 2014] <Ptival> oh sorry, got it
[Tue Jan 28 13:04:05 2014] <Ptival> well you should be able to make progress by yourself now :)
[Tue Jan 28 13:05:39 2014] <A3mr> Ptival: was that simpl in H step necessary?
[Tue Jan 28 13:12:23 2014] <A3mr> it won't budge :(
[Tue Jan 28 13:22:23 2014] <LinearInterpol> In the proof by simplication for "plus" or "add" in software foundations, two questions.
[Tue Jan 28 13:22:31 2014] <LinearInterpol> 1. It has "Proof." on one line.
[Tue Jan 28 13:22:44 2014] <LinearInterpol> Why?
[Tue Jan 28 13:23:03 2014] <hodapp> can you link to the part of the book you mean?
[Tue Jan 28 13:23:06 2014] <LinearInterpol> 2. "intros n." Seems to be dependent on "n". What exactly does it do?
[Tue Jan 28 13:23:08 2014] <LinearInterpol> Oh, sure.
[Tue Jan 28 13:23:11 2014] <LinearInterpol> http://www.cis.upenn.edu/~bcpierce/sf/Basics.html#slide-1
[Tue Jan 28 13:23:24 2014] <LinearInterpol> Proof by Simplification.
[Tue Jan 28 13:24:49 2014] <LinearInterpol> When we're proving that "n" has an identity O which yields "n".
[Tue Jan 28 13:25:16 2014] <A3mr> Ptival: that streightening of hypothesis left with exact same environment but with "forall"s in hypothesis
[Tue Jan 28 13:26:27 2014] <hodapp> LinearInterpol: that's just how Coq denotes that a proof of the theorem follows, I believe.
[Tue Jan 28 13:26:36 2014] <LinearInterpol> Cool.
[Tue Jan 28 13:26:49 2014] <LinearInterpol> So "Proof." and "Qed." are a kind of delimiter.
[Tue Jan 28 13:27:24 2014] <hodapp> LinearInterpol: intros, as I understand it, moves something out of a quantifier (i.e. forall n) and into the context as a sort of arbitrary value being assumed.
[Tue Jan 28 13:27:24 2014] <Ptival> A3mr: you should break x apart into its two pieces to let H simplify even further
[Tue Jan 28 13:27:35 2014] <hodapp> but folks here may have a less hand-wavy description of 'intros'.
[Tue Jan 28 13:27:39 2014] <LinearInterpol> Hehe.
[Tue Jan 28 13:28:02 2014] <LinearInterpol> Now.. I'm trying to prove that forall n : nat, n - n = O
[Tue Jan 28 13:28:09 2014] <LinearInterpol> Says it can't unify sub n n = O
[Tue Jan 28 13:28:17 2014] <LinearInterpol> (sub being my subtraction function)
[Tue Jan 28 13:28:41 2014] <ianjneu> induction on n
[Tue Jan 28 13:28:51 2014] <LinearInterpol> ?
[Tue Jan 28 13:29:11 2014] <ianjneu> n is a neutral term. You need to prove your proposition via induction.
[Tue Jan 28 13:29:18 2014] <hodapp> LinearInterpol: The next chapter goes into induction; you may need that.
[Tue Jan 28 13:29:21 2014] <hodapp> ianjneu: neutral term?
[Tue Jan 28 13:29:39 2014] <LinearInterpol> I definitely will..
[Tue Jan 28 13:29:55 2014] <LinearInterpol> Proof by Rewriting?
[Tue Jan 28 13:30:26 2014] <ianjneu> rewriting is different from induction.
[Tue Jan 28 13:30:26 2014] <hodapp> what about it?
[Tue Jan 28 13:30:38 2014] <hodapp> that's just another section, not another chapter
[Tue Jan 28 13:30:40 2014] <LinearInterpol> oh.
[Tue Jan 28 13:30:41 2014] <LinearInterpol> sorry.
[Tue Jan 28 13:31:05 2014] <LinearInterpol> ianjneu: What exactly does "intros" do?
[Tue Jan 28 13:31:09 2014] <ianjneu> hodapp: neutral term is a piece of terminology from normalization-by-evaluation.
[Tue Jan 28 13:31:20 2014] <LinearInterpol> And.. I'm really sucky with terminology.
[Tue Jan 28 13:31:24 2014] <hodapp> I'd say "patience, grasshopper" but I'm not sure that grasshoppers are allowed to say that to other grasshoppers.
[Tue Jan 28 13:31:30 2014] <LinearInterpol> haha. :)
[Tue Jan 28 13:31:39 2014] <hodapp> I'm only a few chapters ahead of you.
[Tue Jan 28 13:31:40 2014] <LinearInterpol> It's terrifying that grasshoppers can talk in the first place.
[Tue Jan 28 13:32:17 2014] <ianjneu> intros without arguments will produce a proof term that is a function of as many arguments as there are things left of an -> or forall to use in the body (i.e. rest of proof)
[Tue Jan 28 13:32:40 2014] <LinearInterpol> Got an example?
[Tue Jan 28 13:33:30 2014] <ianjneu> Remark lint : forall (P Q : Prop) P -> Q -> P. Proof. intros; assumption. Qed. Print lint.
[Tue Jan 28 13:35:15 2014] <A3mr> Ptival: indeed, H become "  H : (x :: foo l, y :: bar l) = (l1, l2)" i wonder from where these foo and bar came :)
[Tue Jan 28 13:35:16 2014] <LinearInterpol> I suppose I just need to work through the rest of the book.
[Tue Jan 28 13:35:34 2014] <LinearInterpol> Gonna hold intros. off until later.
[Tue Jan 28 13:35:45 2014] <LinearInterpol> Because I, honest to god, understand little to none of that. Sorry. :\
[Tue Jan 28 13:36:02 2014] <LinearInterpol> Cheers.
[Tue Jan 28 13:36:25 2014] <Ptival> A3mr: I'm not sure which tactics you have learned yet, but now this H allows you to deduce things about l1 and l2
[Tue Jan 28 13:41:36 2014] <A3mr> Ptival: what things? Ptival well, my tactics knowlege is limited to http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html#lab147
[Tue Jan 28 13:57:12 2014] <CoqNewbie> is there anyway to prove x = y -> f x = f y?
[Tue Jan 28 13:59:47 2014] <hodapp> CoqNewbie: http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html#lab130
[Tue Jan 28 14:05:14 2014] <ianjneu> CoqNewbie: f_equal is a builtin to do this for any arity function. Try proving it yourself with an application of eq_ind
[Tue Jan 28 14:05:55 2014] <Ptival> A3mr: you should be able to get that l1 is x :: foo and l2 is y :: bar l
[Tue Jan 28 15:24:16 2014] <A3mr> Ptival: yeah, thats clear but what is foo and bar?
[Tue Jan 28 16:10:26 2014] <hodapp> What is the counterpart to 'inversion', but for the present goal?
[Tue Jan 28 16:13:06 2014] <hodapp> nevermind, looks like f_equal does what I need
[Tue Jan 28 16:46:28 2014] <hodapp> A3mr: okay, finally finished combine_split :P
[Tue Jan 28 16:47:09 2014] <hodapp> I find it neat that I can interactively step through my own proofs and watch things unfold; it doesn't replace good commenting, but it's nice to have
[Tue Jan 28 16:47:34 2014] <A3mr> hodapp: congrats!
[Tue Jan 28 16:48:25 2014] <A3mr> hodapp: did you encountered "l1 is x :: foo and l2 is y :: bar l" ?
[Tue Jan 28 16:50:14 2014] <hodapp> A3mr: I think I had something very similar
[Tue Jan 28 16:51:25 2014] <hodapp> A3mr: http://lpaste.net/2450854973576052736 is how I solved it
[Tue Jan 28 16:52:22 2014] <A3mr> neat, http://vpaste.net/fnWIb thats where i'm stuck :)\
[Tue Jan 28 17:00:11 2014] <hodapp> what's induction on X get you?
[Tue Jan 28 17:00:16 2014] <hodapp> er, x
[Tue Jan 28 17:01:02 2014] <hodapp> so, mine looks similar to yours in that 2nd case, but take a look at H - it is using the same constructor on each side
[Tue Jan 28 17:01:24 2014] <hodapp> which should suggest a logical next step
[Tue Jan 28 17:15:04 2014] <A3mr> hodapp: whithout simpl and induction on x my H looks like "split (x :: l) = (l1, l2)"
[Tue Jan 28 17:17:17 2014] <hodapp> even without that, it has to be using the same constructor
[Tue Jan 28 17:28:31 2014] <LinearInterpol> question:
[Tue Jan 28 17:28:37 2014] <LinearInterpol> I've done some digging and thinking.
[Tue Jan 28 17:28:51 2014] <LinearInterpol> Underlying pattern matching, I was informed about eliminators.
[Tue Jan 28 17:29:02 2014] <LinearInterpol> Aren't they just equivalent to logical disjunction?
[Tue Jan 28 17:37:09 2014] <Ptival> LinearInterpol: the answer is probably no, but I am not sure of what you mean
[Tue Jan 28 17:37:19 2014] <Ptival> could you elaborate on what you feel is equivalent
[Tue Jan 28 17:37:59 2014] <LinearInterpol> Ptival: I'm an extreme newbie.
[Tue Jan 28 17:38:13 2014] <LinearInterpol> But "P v Q" is an eliminator because you only need to know either P or Q.
[Tue Jan 28 17:38:21 2014] <LinearInterpol> And whichever one you don't know, you don't need.
[Tue Jan 28 17:39:15 2014] <LinearInterpol> I don't know.
[Tue Jan 28 17:39:51 2014] <Ptival> LinearInterpol: what is your definition of eliminator?
[Tue Jan 28 17:40:19 2014] <LinearInterpol> I don't know. I'm trying to find out things that sort of "make up" pattern matching.
[Tue Jan 28 17:42:31 2014] <Ptival> pattern matching is indeed a syntactical nicety for using eliminators
[Tue Jan 28 17:42:38 2014] <ianjneu> P v Q is not an eliminator. It's a coproduct type.
[Tue Jan 28 21:58:08 2014] <adelbertc> Confused about a part in CPDT regarding nat's and injenction tactic, help? http://lpaste.net/1902386099393658880
[Tue Jan 28 22:17:20 2014] <ystael> adelbertc: In general the `injection` tactic applies injectivity of data constructors, that is, if K is a data constructor then `injection` can take K a = K b and deduce a = b.
[Tue Jan 28 22:18:11 2014] <adelbertc> i see. So S n = Sm -> n = m means if we have S n, and if "n" follows from S m, then m
[Tue Jan 28 22:18:13 2014] <ystael> The `1` part is a convenience of the tactic language.  If the goal has the form A -> B -> C -> ... -> X, then some tactics which normally act on a hypothesis can take a number n.
[Tue Jan 28 22:18:34 2014] <ystael> That means "introduce the first n hypotheses using intros, and act on the last one".
[Tue Jan 28 22:18:48 2014] <ystael> No, you have the syntax precedence wrong; it is (S n = S m) -> (n = m).
[Tue Jan 28 22:18:48 2014] <adelbertc> i see, so injenction 1 is acting on "S n"
[Tue Jan 28 22:19:03 2014] <adelbertc> ohhhhh ok
[Tue Jan 28 22:19:10 2014] <adelbertc> so injenction is acts on (S n = S m)
[Tue Jan 28 22:19:12 2014] <ystael> yes
[Tue Jan 28 22:19:28 2014] <adelbertc> and the injenction tactic basically does what you described up there
[Tue Jan 28 22:19:32 2014] <ystael> yes
[Tue Jan 28 22:19:38 2014] <adelbertc> followed by trivial. got it got it
[Tue Jan 28 22:19:39 2014] <adelbertc> cheers
[Tue Jan 28 22:19:47 2014] <ystael> np, good luck
[Tue Jan 28 22:26:40 2014] <hodapp> ystael: how would that vary from 'inversion' in this case?
[Tue Jan 28 22:27:53 2014] <hodapp> as SF explained inversion in much the same way - if K is a data constructor, K a1 a2 a3... = K b1 b2 b3... supplies hypotheses a1 = b1, a2 = b2, a3 = b3, and so on
[Wed Jan 29 11:03:17 2014] <cads> hey guys
[Wed Jan 29 11:04:11 2014] <cads> I have a theorem I'd like to inspect and possibly prove
[Wed Jan 29 11:04:20 2014] <cads> it's already stated using coq syntax
[Wed Jan 29 11:04:38 2014] <cads> but I'm new to coq
[Wed Jan 29 11:04:44 2014] <cads> this is the theorem https://proofmarket.org/problem/view/13
[Wed Jan 29 11:04:57 2014] <cads> I have the strong suspicion that the theorem is actually false
[Wed Jan 29 11:05:44 2014] <cads> and I'm wondering if I can use coq to inspect the definitions. I'd like to 'see' them well enough to first start trying to build a counter-example
[Wed Jan 29 11:11:58 2014] <hodapp> cads: Coq isn't going to tell you a ton that isn't visible right from the source.
[Wed Jan 29 11:14:32 2014] <cads> I understand only a few lines of the source
[Wed Jan 29 11:14:32 2014] <cads> :)
[Wed Jan 29 11:14:56 2014] <cads> I'm going to install proof general and see if I can learn how to load the code for now
[Wed Jan 29 11:15:03 2014] <hodapp> that's a good start.
[Wed Jan 29 13:44:20 2014] <Eruquen> what exactly is () and why is its type ()? "Check ()." yields "() : ()"
[Wed Jan 29 13:47:01 2014] <Eruquen> ah, let me guess: () is tt and () is unit?
[Wed Jan 29 13:52:54 2014] <Ptival> Eruquen: probably yes
[Wed Jan 29 14:00:21 2014] <adelbertc> what is the difference between arrow and "fat arrow? e.g. nat_ind = fun P: nat -> Prop => nat_rect P: \forall (etc etc). CPDT says "We see that this induction principle is defined in terms of a more general principle, nat_rect" ?
[Wed Jan 29 14:08:47 2014] <dfan> I am a beginner in Coq, working through the book Software Foundations
[Wed Jan 29 14:09:16 2014] <dfan> I want to use apply on a hypothesis, but when I do so the original hypothesis is gone
[Wed Jan 29 14:09:26 2014] <dfan> and I need to keep it around to use in the future
[Wed Jan 29 14:09:32 2014] <dfan> How can I do that?
[Wed Jan 29 14:09:42 2014] <hodapp> why are so many folks working through SF right at the same time I started o_O
[Wed Jan 29 14:10:00 2014] <dfan> Everyone made the same New Year's resolution :)
[Wed Jan 29 14:10:03 2014] <hodapp> dfan: where in the book are you that you're needing this?
[Wed Jan 29 14:10:14 2014] <dfan> Prop.v
[Wed Jan 29 14:10:30 2014] <dfan> I'm working on palindrome_converse
[Wed Jan 29 14:10:38 2014] <hodapp> hmm, I am not yet to this point
[Wed Jan 29 14:12:55 2014] <adelbertc> i'm working on CPDT!
[Wed Jan 29 14:16:15 2014] <dfan> OK, it looks like I can use "assert (eq2 := eq)." to duplicate eq into eq2
[Wed Jan 29 14:16:25 2014] <dfan> although I don't know if that's idiomatic
[Wed Jan 29 14:19:50 2014] <hodapp> I wonder if there's some way to just duplicate a hypothesis
[Wed Jan 29 14:20:02 2014] <hodapp> as then you could just 'apply' on the one
[Wed Jan 29 14:20:12 2014] <dfan> That's what that tactic did
[Wed Jan 29 14:20:27 2014] <hodapp> but doesn't it then add a subgoal you must prove?
[Wed Jan 29 14:20:39 2014] <dfan> Nope, it just duplicates it
[Wed Jan 29 14:20:50 2014] <hodapp> ahh, fair enough
[Wed Jan 29 14:51:30 2014] <jrw> I usually use "generalize H; intro Hdup" or something for duplicating hypotheses
[Wed Jan 29 15:21:16 2014] <hodapp> split_combine is throwing me for a loop too now...
[Wed Jan 29 15:21:50 2014] <hodapp> I see in some pattern-matching how the only possible result is with a specific branch of that pattern-matching which occurs only when two arguments are both empty lists, but Coq doesn't see this
[Wed Jan 29 15:42:29 2014] <ystael> hodapp: If your problem is "I need Coq to see that X is the only possible result", `inversion` is usually what you want.  Figuring out how exactly to phrase the inversion can be hard, however.
[Wed Jan 29 15:50:53 2014] <Eruquen> is there a command to show intermediate reduction steps for Compute or Eval ... in?
[Wed Jan 29 15:53:51 2014] <ystael> Eruquen: You can restrict which reduction rules are applied by naming them; Eval cbv beta in ... will apply only beta-reduction.
[Wed Jan 29 15:54:20 2014] <Eruquen> hm, but it will apply them all the way through, won't it?
[Wed Jan 29 15:54:52 2014] <ystael> yes
[Wed Jan 29 15:54:57 2014] <ystael> I don't know how to get it to singlestep
[Wed Jan 29 16:06:34 2014] <hodapp> ystael: this might also be a case of Coq being right to not see something :P
[Wed Jan 29 16:22:37 2014] <Ptival> to duplicate a hypothesis H: pose proof H as H'.
[Wed Jan 29 16:24:16 2014] <Ptival> adelbertc: the fat arrow is related to fun, the syntax is (fun arg => body) to build an anonymous function
[Wed Jan 29 16:24:36 2014] <Ptival> adelbertc: the normal arrow is the arrow for types (A -> B)
[Wed Jan 29 16:34:37 2014] <jgross_> ystael: Coq doesn't singlestep, I think.  You can try "cbv beta at 1" or something, and maybe that will work to some degree?  Regardless, you can do it manually with "change (<next step of goal>)" or "change (<old type>) with (<next step>)" 
[Wed Jan 29 16:39:22 2014] <ystael> jgross_: Unrelated question - has anyone done an Agda port of your category theory library
[Wed Jan 29 16:39:25 2014] <ystael> ?
[Wed Jan 29 16:41:59 2014] <jgross_> ystael: No, but https://github.com/copumpkin/categories and https://github.com/pcapriotti/agda-categories/ are decently well-developed (and the latter is HoTT based, though I hear pcapriotti has problems with its notations being too slow). 
[Wed Jan 29 16:42:54 2014] <ystael> I recall seeing some people (maybe you?) talking about the proof engineering problems that arise when trying to formalize category theory.
[Wed Jan 29 16:43:07 2014] <ystael> Is there a blog post or article or something anywhere?
[Wed Jan 29 16:43:21 2014] <jgross_> people.csail.mit.edu/jgross/category-coq-experience/category-coq-experience.pdf 
[Wed Jan 29 16:43:40 2014] <jgross_> Will soon be submitted to ITP 2014, and then I'm going to put it on arXiv. 
[Wed Jan 29 16:45:09 2014] <ystael> awesome, thank you!
[Wed Jan 29 16:45:17 2014] <Anarchos> jgross_ http 404...
[Wed Jan 29 16:45:35 2014] <jgross_> It's geared at Coq (some of the problems are solved in Agda, or don't come up in Agda, and Agda has some problems that Coq doesn't (such as lack of notation overloading/scoping)), but I've still yet to see a CT library in any proof assistant that does monoidal/enriched/2- categories without being super-slow, so I imagine that much of what I say also applies to other proof assistants. 
[Wed Jan 29 16:46:26 2014] <Anarchos> jgross_ are you sure of the link ?
[Wed Jan 29 16:46:32 2014] <ystael> Anarchos: works for me
[Wed Jan 29 16:47:07 2014] <jgross_> Anarchos: really? http://people.csail.mit.edu/jgross/category-coq-experience/category-coq-experience.pdf (http://tinyurl.com/nyqunne) works fine for me in Chrome.  ystael, does it work for you? 
[Wed Jan 29 16:47:16 2014] <Anarchos> jgross_ thanks it works for me now
[Wed Jan 29 16:47:37 2014] <Anarchos> jgross_ oh you work with adam ?
[Wed Jan 29 16:47:52 2014] <jgross_> Yes 
[Wed Jan 29 16:48:45 2014] <Anarchos> jgross_ get lucky ;)
[Wed Jan 29 16:49:22 2014] <Anarchos> jgross_ i will print it tomorrow and read it
[Wed Jan 29 16:51:02 2014] <jgross_> Anarchos: get lucky ;) <- What do you mean? 
[Wed Jan 29 17:00:00 2014] <Anarchos> jgross_ you are lucky to work with adam. and it is a joke with daft punk ;)
[Wed Jan 29 17:00:09 2014] <Anarchos> jgross_ by the way, what is a resk completion ?
[Wed Jan 29 17:14:17 2014] <jgross_> Anarchos: It is a yoneda-like saturation operator that turns a precategory into an isomorphic (univalent) category.  The relevent paper is one of the references (the one corresponding to that library). 
[Wed Jan 29 17:15:48 2014] <jgross_> Also, you mean Rezk, not Resk, right? 
[Wed Jan 29 17:16:22 2014] <Anarchos> right
[Wed Jan 29 17:26:03 2014] <cads> hey guys, what's preferred - coqide, or proof general?
[Wed Jan 29 17:28:39 2014] <napping> Is there any way to work together on parallel goals?
[Wed Jan 29 17:30:06 2014] <napping> I have a case where something like eapply mkfoo;try tac;instantiate;try tac;instantiate;try tac solves a goal
[Wed Jan 29 17:31:56 2014] <cads> hey guys, I'm trying to compile the code available here : http://coq.inria.fr/V8.2pl1/contribs/Markov.markov.html
[Wed Jan 29 17:32:00 2014] <adelbertc> cads - proof general seems to be the most usable
[Wed Jan 29 17:32:30 2014] <napping> actually, I guess I don't need the instantiate
[Wed Jan 29 17:32:38 2014] <cads> I'm in coqide. I get "line 15, characters 7-8: Error: P is already used."
[Wed Jan 29 17:32:52 2014] <napping> so eapply mkfoo;try tac;try tac; try tac does the job, but eapply mkfoo;repeat tac doesn't work
[Wed Jan 29 17:33:04 2014] <napping> because that's going independently
[Wed Jan 29 17:34:33 2014] <cads> it seems like P is already defined
[Wed Jan 29 17:34:52 2014] <cads> when I delete P from the intros statement, it compiles that section.
[Wed Jan 29 17:35:31 2014] <cads> there are other sections that have similar "already used" names in their intros statement.
[Wed Jan 29 17:36:12 2014] <ystael> cads: is it always something listed immediately to the right of the goal name as a parameter, without an explicit 'forall' ?
[Wed Jan 29 17:37:01 2014] <napping> cads: Are you trying to compile with v8.2pl1?
[Wed Jan 29 17:37:33 2014] <napping> there is for example http://coq.inria.fr/pylons/contribs/files/Markov/v8.4/Markov.markov.html
[Wed Jan 29 17:38:12 2014] <napping> which for example starts Lemma chicli_pottier_simpson by intros EM. rather than intros P EM.
[Wed Jan 29 17:42:10 2014] <rks`> jgross_: I like the paper, it's nice that you looked at performances
[Wed Jan 29 17:44:37 2014] <rks`> or not looked, but rather talk about them
[Wed Jan 29 18:26:35 2014] <jgross_> rks: Thanks 
[Wed Jan 29 18:27:00 2014] <rks`> (good timing, I just finished!)
[Wed Jan 29 20:58:35 2014] <cads> Hey guys, I have a goal term   traceL f == traceR f,  along with the premises A : Type, x : A, a : id_refl x == id_refl x, f : a == a
[Wed Jan 29 20:59:26 2014] <cads> can I expand the definition of traceL and traceR?
[Wed Jan 29 21:00:11 2014] <cads> It seems like I've tried all the tactics and nothing that even substitutes trace* with the definitions
[Wed Jan 29 21:02:26 2014] <cads> Here are the complete definitions
[Wed Jan 29 21:05:45 2014] <ianjneu> unfold traceL,traceR.
[Wed Jan 29 21:08:07 2014] <ianjneu> cads: ^
[Wed Jan 29 21:08:40 2014] <cads> how do I unfold notation?
[Wed Jan 29 21:08:54 2014] <cads> (I now have:    ((!id_right_inverse a @ (f[@]id_refl (!a))) @ (!inv_sq a[@]id_refl (!a))) @
[Wed Jan 29 21:08:54 2014] <cads> id_left_inverse (!a) == traceR f   )
[Wed Jan 29 21:09:57 2014] <ianjneu> well, you can do Set Printing All. but be prepared for a deluge of stuff.
[Wed Jan 29 21:10:28 2014] <ianjneu> Or Set Printing Notations.
[Wed Jan 29 21:10:57 2014] <ianjneu> er, Unset
[Wed Jan 29 21:14:24 2014] <cads> wow, unfolding too much gets rid of any legible structure
[Wed Jan 29 21:19:17 2014] <ianjneu> yup.
[Wed Jan 29 21:19:26 2014] <ianjneu> compute is even worse.
[Thu Jan 30 12:45:39 2014] <dfan> Under what circumstances might I get the following error?
[Thu Jan 30 12:45:44 2014] <dfan> Error: Impossible to unify "S n1 <= m" with "S n1 <= m".
[Thu Jan 30 12:45:52 2014] <dfan> I'm trying to understand how it is possible for that unification to fail
[Thu Jan 30 12:55:04 2014] <jrw> dfan: might just be an example of a bad/wrong error message. can you give more context?
[Thu Jan 30 12:56:00 2014] <dfan> I am working on the plus_lt theorem in MoreProp.v from Software Foundations
[Thu Jan 30 12:56:06 2014] <dfan> Actually, a simplified version of it
[Thu Jan 30 12:56:18 2014] <dfan> Theorem plus_lt : forall n1 n2 m, n1 + n2 < m -> n1 < m.
[Thu Jan 30 12:56:48 2014] <dfan> Er, I guess I could paste this somewhere, maybe there's too much context to give here
[Thu Jan 30 12:58:30 2014] <dfan> http://pastebin.com/S20yLvjn
[Thu Jan 30 12:59:08 2014] <dfan> Coq 8.4
[Thu Jan 30 13:05:06 2014] <jrw> dfan: it's because of a conflict between SF's version of le and Coq's built in one.
[Thu Jan 30 13:05:14 2014] <jrw> because they have the same notation, the error looks really weird
[Thu Jan 30 13:05:17 2014] <dfan> Ah!
[Thu Jan 30 13:05:21 2014] <jrw> but actually they're just two different things
[Thu Jan 30 13:05:50 2014] <dfan> So somehow I'm not overriding the built in definition sufficiently?
[Thu Jan 30 13:06:14 2014] <jrw> hmm, well it sure looks like you are...
[Thu Jan 30 13:07:36 2014] <dfan> Maybe it's an lt issue rather an le issue? All the previous proofs worked OK and this is the first one with <= rather than <
[Thu Jan 30 13:07:43 2014] <dfan> Uh, reverse that
[Thu Jan 30 13:07:50 2014] <jrw> yeah it's your definition of lt
[Thu Jan 30 13:07:54 2014] <jrw> you forgot an "-"
[Thu Jan 30 13:07:56 2014] <jrw> :)
[Thu Jan 30 13:08:13 2014] <jrw> er, "="
[Thu Jan 30 13:08:17 2014] <dfan> Indeed! Thank you
[Thu Jan 30 13:08:43 2014] <jrw> dfan: btw, the way I figured this out was to say "Set Printing All."
[Thu Jan 30 13:08:50 2014] <dfan> I learn much better when I type code in by hand instead of copying and pasting, but this is one occasioncal drawback
[Thu Jan 30 13:09:00 2014] <jrw> then it started saying things like "Peano.le" which was clearly not what you meant.
[Thu Jan 30 13:09:13 2014] <dfan> Great, thanks for the tip
[Thu Jan 30 13:09:19 2014] <jrw> dfan: I'm a big fan of typing stuff out as well
[Thu Jan 30 13:10:15 2014] <dfan> Unlucky for me that it didn't raise a syntax error
[Thu Jan 30 13:58:25 2014] <adelbertc> Inductiveeq(A:Type)(x : A):AæProp:=eq refl: x =x <---- CPDT says "eq" has both a parameter x that is fixed and un unamed extra argument of the same type
[Thu Jan 30 13:58:32 2014] <adelbertc> i don't see where the unnamed extra argument appears
[Thu Jan 30 13:58:57 2014] <adelbertc> Inductive eq(A:Type)(x : A):A -> Prop:=eq_refl: x =x
[Thu Jan 30 13:59:56 2014] <ystael> adelbertc: "A ->" in "A -> Prop"
[Thu Jan 30 14:00:20 2014] <ystael> the parameter x : A ends up on the left side of =, and the A -> argument winds up on the right
[Thu Jan 30 14:00:54 2014] <adelbertc> hm. so i could see it as "eq" is parameterized over some Type A, takes as an argument a value of A, and returns a function that takes an A and returns a Prop?
[Thu Jan 30 14:02:23 2014] <Ptival> somehow yes
[Thu Jan 30 14:03:58 2014] <adelbertc> eq_refl is a constructor? the only constructor for the 'eq" inductive type?
[Thu Jan 30 14:04:58 2014] <adelbertc> hm i sorta get it
[Thu Jan 30 14:06:28 2014] <Ptival> yes eq_refl is the constructor of the eq inductive type
[Thu Jan 30 14:07:26 2014] <adelbertc> ok so i see eq_refl is the only way to construct "eq". i see ystael is saying x is on the left side of the infix "eq" notation, but why does A -> argument wind up on the right? or is it doing prolog-like unification
[Thu Jan 30 14:10:42 2014] <Ptival> the idea is that for a given type A and an element (a : A), (@eq A a) is a family of inductive types, indexed over a second element of type A
[Thu Jan 30 14:11:49 2014] <Ptival> now you see that the only inhabitant of this inductive type family is eq_refl, and it only exists in the family member that has this second element be exactly a
[Thu Jan 30 14:12:20 2014] <Ptival> so the type (@eq A a a) has one inhabitant, eq_refl
[Thu Jan 30 14:12:30 2014] <adelbertc> ohhhhhhh
[Thu Jan 30 14:12:39 2014] <adelbertc> so the type itself is indexed over the 'a"
[Thu Jan 30 14:13:06 2014] <adelbertc> is this a form of DT?
[Thu Jan 30 14:15:08 2014] <Ptival> hmmm, I haven't thought that through, but I think it is slightly orthogonal to dependent types
[Thu Jan 30 14:16:53 2014] <adelbertc> hm.
[Thu Jan 30 18:13:18 2014] <Ptival> is there a way to Ltac match up to beta-delta-whatever-equivalence? :(
[Thu Jan 30 18:13:25 2014] <Ptival> rather than syntactic
[Thu Jan 30 18:28:56 2014] <Rc43> Hello.
[Thu Jan 30 18:49:14 2014] <jgross> Ptival: Not easily.  You can do something like [match goal with |- appcontext[?E] => unify E <pattern>; ... end] or something, or you can run [compute] first.  But beta-iota-zeta-delta-eta equivalence matching would be significantly slower, if you're matching things in context.  If you know the hnf of the head, you can just run hnf on the hypothesis, check if the head matches, and then try to unify the rest of the term.
[Thu Jan 30 19:00:59 2014] <Ptival> jgross: I think I'd care mostly about delta-equivalence
[Thu Jan 30 19:01:14 2014] <Ptival> i.e. matching against any definition alias
[Thu Jan 30 19:33:27 2014] <Ptival> jgross: thanks for the unify idea though, I'll probably work something up with this
[Thu Jan 30 19:49:47 2014] <hodapp> alright, back to banging my head into the desk over split_combine...
[Thu Jan 30 20:18:35 2014] <Rc43> Can I declare module functors which derive given signature?
[Thu Jan 30 20:18:37 2014] <Rc43> Like this http://pastebin.com/raw.php?i=2QGGgpju
[Thu Jan 30 20:26:44 2014] <Rc43> And what difference between ":" and "<:" in "Module A <: Sig."?
[Fri Jan 31 05:46:23 2014] <roosbeef> how can i intro a variable x from the assumption H: forall x, ...?
[Fri Jan 31 06:01:15 2014] <roosbeef> confused brb
[Fri Jan 31 06:34:50 2014] <rmk0> roosbeef: you... can't. think what H is stating: "for any x that you can provide, H holds"
[Fri Jan 31 06:35:25 2014] <rmk0> you can instantiate it for a particular y by applying it... H y
[Fri Jan 31 06:35:41 2014] <rmk0> you may be thinking of existentials
[Fri Jan 31 13:03:07 2014] <roosbeef> so ive got this function
[Fri Jan 31 13:03:17 2014] <roosbeef> getting the following error
[Fri Jan 31 13:03:19 2014] <roosbeef> Error: Recursive definition of aterm_of_vterm is ill-formed.
[Fri Jan 31 13:03:19 2014] <roosbeef> Recursive call to aterm_of_vterm has not enough arguments.
[Fri Jan 31 13:03:26 2014] <roosbeef> how would one go about fixing that
[Fri Jan 31 13:04:20 2014] <jrw> roosbeef: in the definition are you passing the function you're defining to some other higher-order function?
[Fri Jan 31 13:05:31 2014] <roosbeef> nah
[Fri Jan 31 13:05:39 2014] <jrw> can you paste the definition then?
[Fri Jan 31 13:05:43 2014] <roosbeef> sure
[Fri Jan 31 13:06:07 2014] <roosbeef> its more like the recursion isnt structurally decreasing
[Fri Jan 31 13:06:10 2014] <roosbeef> or something like that
[Fri Jan 31 13:06:21 2014] <jrw> something like that.
[Fri Jan 31 13:06:24 2014] <roosbeef> ive tried to apply some induction lemmas from the library im working with
[Fri Jan 31 13:06:32 2014] <roosbeef> (CoLoR, which is about term rewriting)
[Fri Jan 31 13:06:40 2014] <roosbeef> but im not sure how as to plug that into my definition
[Fri Jan 31 13:06:46 2014] <roosbeef> let me paste my def for you though
[Fri Jan 31 13:07:26 2014] <ianjneu> Fix is usually what you use to define a general recursive function.
[Fri Jan 31 13:08:12 2014] <ianjneu> you have to uncurry all the arguments that termination depends on and prove there's a well-founded order on that structure.
[Fri Jan 31 13:08:37 2014] <ianjneu> (since fix only describes unary functions)
[Fri Jan 31 13:11:29 2014] <roosbeef> full error: http://pastebin.com/gBcGE8pj
[Fri Jan 31 13:11:34 2014] <roosbeef> full definition: http://pastebin.com/SzkjgNC9
[Fri Jan 31 13:11:52 2014] <roosbeef> right before Defined, coq says "No more subgoals"
[Fri Jan 31 13:12:12 2014] <roosbeef> but when proceeding to wrap things up, coq chokes
[Fri Jan 31 13:12:28 2014] <jrw> roosbeef: you pass aterm_of_vterm to sigmap
[Fri Jan 31 13:14:21 2014] <roosbeef> ah, thats what you meant?
[Fri Jan 31 13:14:42 2014] <jrw> yeah. you'll need a fancier induction principle for that to work I think.
[Fri Jan 31 13:14:48 2014] <roosbeef> hm
[Fri Jan 31 13:14:49 2014] <jrw> maybe.
[Fri Jan 31 13:14:58 2014] <jrw> I don't really know what I'm talking about.
[Fri Jan 31 13:15:02 2014] <roosbeef> :(
[Fri Jan 31 13:15:26 2014] <jrw> I just know that I get that error when I pass the function I'm defining to something else.
[Fri Jan 31 13:19:31 2014] <roosbeef> hm
[Fri Jan 31 13:19:41 2014] <roosbeef> i kinda need sigmap though
[Fri Jan 31 13:20:00 2014] <roosbeef> because the whole function itself is based on the assumption fterm_v_is_wf (that the input term is well formed)
[Fri Jan 31 13:20:39 2014] <roosbeef> and so, to recursive into its argument list (terms have a tree type structure, so to apply this function its first applied to the head, and then to each subterm)
[Fri Jan 31 13:21:08 2014] <roosbeef> to recurse into that list, it has to also have the assumption fterm_v_is_wf for that subterm
[Fri Jan 31 13:21:16 2014] <roosbeef> if that makes sense? So thats what sigmap is used for
[Fri Jan 31 13:21:42 2014] <roosbeef> the argument list is first converted to a list of pairs <fterm_v_is_wf st & st>
[Fri Jan 31 13:22:30 2014] <roosbeef> and then sigmap outputs a list of (f st), while providing fterm_v_is_wf st to f each time
[Fri Jan 31 13:48:53 2014] <roosbeef> jrw, so ive got this lemma which i think is the sort of 'fancy induction principle' youre speaking of
[Fri Jan 31 13:48:54 2014] <roosbeef> http://color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html#term_rect_forall
[Fri Jan 31 13:49:56 2014] <roosbeef> kinda lost as to how to modify the current definition to implement that
[Fri Jan 31 14:22:44 2014] <roosbeef> so im messing with this induction principle
[Fri Jan 31 14:22:45 2014] <roosbeef> http://pastebin.com/j062CmhH
[Fri Jan 31 14:23:24 2014] <roosbeef> when i try to apply X, coq tells me "Error: Unable to find an instance for the variable t."
[Fri Jan 31 14:23:39 2014] <roosbeef> how can i introduce this variable?
[Fri Jan 31 14:24:21 2014] <jrw> roosbeef: apply (X my_t)
[Fri Jan 31 14:24:52 2014] <roosbeef> Error: The reference my_t was not found in the current environment.
[Fri Jan 31 14:25:44 2014] <jrw> roosbeef: where "my_t" is whatever you want to instantiate t with
[Fri Jan 31 14:25:51 2014] <roosbeef> well, yes
[Fri Jan 31 14:25:57 2014] <roosbeef> um
[Fri Jan 31 14:26:30 2014] <roosbeef> so basically, it should be ANY t such that Inb term_eq_dec t v = true
[Fri Jan 31 14:27:07 2014] <roosbeef> im not used to forall statements in the assumptions, still confused with that i guess
[Fri Jan 31 14:29:00 2014] <ianjneu> roosbeef: you can do apply ... with (t := my_t) or you can do (with some limitations), apply (X (t:= my_t)).
[Fri Jan 31 14:29:42 2014] <ianjneu> "with" syntax is annoying to abstract over with Ltac, for some crappy reason.
[Fri Jan 31 14:31:02 2014] <roosbeef> apply X with (t := my_t) - Error: The reference my_t was not found in the current environment.
[Fri Jan 31 14:31:09 2014] <roosbeef> apply (X (t:= my_t)) - Error: Wrong argument name: t.
[Fri Jan 31 14:33:29 2014] <ianjneu> again, you have to give an actual term for what you want to instantiate t with.
[Fri Jan 31 14:36:29 2014] <roosbeef> well, yes
[Fri Jan 31 14:36:44 2014] <roosbeef> but how do i assert such a term
[Fri Jan 31 14:37:04 2014] <roosbeef> as an assumption
[Fri Jan 31 14:37:57 2014] <roosbeef> full environment: http://pastebin.com/tFdJDK8r
[Fri Jan 31 14:40:52 2014] <jrw> roosbeef: so what t do you want to use?
[Fri Jan 31 14:43:35 2014] <roosbeef> v should be the list of arguments in x
[Fri Jan 31 14:43:40 2014] <roosbeef> t should be any element of v
[Fri Jan 31 14:43:48 2014] <jrw> yeah but what element?
[Fri Jan 31 14:43:59 2014] <roosbeef> any?
[Fri Jan 31 14:44:12 2014] <roosbeef> see this is where i get confused :p
[Fri Jan 31 14:44:16 2014] <jrw> that's not how apply works.
[Fri Jan 31 14:44:58 2014] <roosbeef> i understand but how should one proceed from here?
[Fri Jan 31 14:49:18 2014] <jrw> not sure because I don't understand what you're trying to prove or the context in which you're trying to prove it.
[Fri Jan 31 14:49:49 2014] <hodapp> ...one of the only Freenode channels where a line like that isn't associated with stupid IRC debates.
[Fri Jan 31 14:50:48 2014] <jrw> :)
[Fri Jan 31 14:51:45 2014] <roosbeef> :p
[Fri Jan 31 14:55:24 2014] <roosbeef> so is it possible to break up v into a head and tail?
[Fri Jan 31 14:55:56 2014] <roosbeef> so i can use the head to apply X on?
[Fri Jan 31 14:56:05 2014] <jrw> roosbeef: what if it's nil?
[Fri Jan 31 14:56:22 2014] <roosbeef> hm
[Fri Jan 31 14:57:02 2014] <roosbeef> well that would not affect the truth of X
[Fri Jan 31 14:57:34 2014] <roosbeef> but i see your point
[Fri Jan 31 14:58:01 2014] <roosbeef> its not possible to break up v into cases where v is nil and where v is not nil though? And then feed these into X?
[Fri Jan 31 14:58:37 2014] <jrw> roosbeef: what about destruct?
[Fri Jan 31 14:59:34 2014] <roosbeef> ah yea
[Fri Jan 31 14:59:42 2014] <roosbeef> thats starting to look like it
[Fri Jan 31 14:59:46 2014] <roosbeef> haha i actually did that
[Fri Jan 31 15:00:23 2014] <roosbeef> but been durring at this for so long that i didnt even see that it was actually producing a desirable effect
[Fri Jan 31 15:05:39 2014] <roosbeef> thanks a lot guys
[Fri Jan 31 15:06:05 2014] <roosbeef> gonna have a fresher look at it tomorrow :p
[Sat Feb  1 04:52:18 2014] <roosbeef> hi
[Sat Feb  1 04:52:24 2014] <roosbeef> so im using this induction principle on terms
[Sat Feb  1 04:52:59 2014] <roosbeef> terms have a tree type structure, where a term looks like [string (list term)]
[Sat Feb  1 04:53:48 2014] <roosbeef> the weird thing with this induction principle http://color.inria.fr/doc/CoLoR.Term.Varyadic.VTerm.html#term_rect_forall
[Sat Feb  1 04:54:13 2014] <roosbeef> im applying it, and it gives three subgoals, the last of which is asking for a term
[Sat Feb  1 04:54:54 2014] <roosbeef> but all three of them should be working on that (input) term, not just the last one. The input term is unlinked from the first and second subgoal
[Sat Feb  1 04:56:14 2014] <roosbeef> these subgoals dont affect each others environments, right?
[Sat Feb  1 09:34:58 2014] <Rc43> I have strange issue with building coq from sources.
[Sat Feb  1 09:35:18 2014] <Rc43> I do `cd coq; ./configure -local; make`. Anybody know what could I forget to do before `make`?
[Sat Feb  1 09:36:06 2014] <Rc43> Strange is that I just can build coq from other directory, but can't from other (with cloned code). Also, I pulled code from git.
[Sat Feb  1 09:44:06 2014] <Rc43> Error is that there is no library Rbase; but I see theories/Reals/Rbase.v
[Sat Feb  1 10:12:05 2014] <Igloo> Why does coq appear to have forgotten what :: means here? http://paste.debian.net/79641/
[Sat Feb  1 10:39:58 2014] <Igloo> Hmm, a %list fixes it
[Sat Feb  1 14:45:37 2014] <Igloo> Bah, looks like even "Program" won't let me provide a class instance after making a definition
[Sat Feb  1 14:54:35 2014] <jgross_> Igloo: Are you looking for the 'Existing Instance' command? 
[Sat Feb  1 14:55:28 2014] <Igloo> Hmm, I don't /think/ so
[Sat Feb  1 14:56:39 2014] <Igloo> http://paste.debian.net/79689/ is my problem
[Sat Feb  1 14:57:39 2014] <Igloo> I can prove "ConsOK p cxt" from "{notIn : notInContextedPatch p c}", but I can't see a way to convince coq to give me the opportunity
[Sat Feb  1 14:58:00 2014] <Igloo> Or at least, not a pleasant way
[Sat Feb  1 15:00:15 2014] <jgross_> Program Definition ... := match c as c' return (ConsOK p (match c' with MkContextedPatch _ _ ctx _ _ => ctx end) -> ContextedPatched pu) with ... => fun (H : ConsOK p ctx) => ... end _. 
[Sat Feb  1 15:04:17 2014] <Igloo> Hmm, I'll read up on the return/with stuff. Thanks
[Sat Feb  1 20:24:51 2014] <LinearInterpol> .....Hhhuh.
[Sat Feb  1 20:25:07 2014] <LinearInterpol> So pattern matching is just using the elimination rules for a type to extract a value?
[Sat Feb  1 20:50:21 2014] <uucico> I'm trying to prove something seemingly simple: forall (A B C:Type) (f:A->B*C), (fun a => let (x, y) := (f a) in (x, y)) = f.  I can prove two related propositions, but can't seem to figure out how to combine them to prove the first goal here.  Namely, it's easy to prove forall (A B:Type) (f:A->B), (fun a => let z := f a in z) = f.  And also forall (A B:Type) (v:A*B), (let (x, y) := v in (x, y)) = v.  But I can't rewrite the first "let" 
[Sat Feb  1 20:50:48 2014] <uucico> Any thoughts as to what's going on here?
[Sat Feb  1 20:57:21 2014] <dolio> LinearInterpol: Pattern matching and recursion is more general than that, but the idea is to have a checker that only lets you write what you could write using elimination rules, or other things derived from them.
[Sat Feb  1 20:57:39 2014] <dolio> Sometimes there are bugs with that, though.
[Sat Feb  1 21:09:38 2014] <jgross_> uucico: You need functional extensionality to prove that.  The "let (x, y) := ..." is syntactic sugar for pattern matching, and there's no rule (yet! see https://coq.inria.fr/bugs/show_bug.cgi?id=3119) for reducing "let (x, y) := v in (x, y)" to "v" judgmentally, while there is a judgmental rule for "let x := v in x" -> "v". 
[Sat Feb  1 21:18:00 2014] <uucico> ah, interesting!  i recall briefly seeing "functional extensionality" somewhere in coq'art..  so even though i have a lemma that says (let (x, y) := v in (x, y)) = (v), coq can't use it inside the "fun a => ..."?  does this mean coq generally doesn't allow rewrite'ing of expressions inside a fun body?
[Sat Feb  1 21:23:00 2014] <jgross_> That's correct.  Functional extensionality is "(forall x, f x = g x) -> f = g". 
[Sat Feb  1 21:28:05 2014] <uucico> thanks!
[Sat Feb  1 21:58:19 2014] <uucico> the lack of functional extensionality makes it pretty awkward to reason about something like state monads, which are all functions.  what's the usual solution to this, if any?  avoid monads?  use a different equality definition for which functional extensionality holds in Coq?  introduce functional extensionality as an axiom?
[Sat Feb  1 22:16:57 2014] <dolio> You could work up to the equivalence relation defined by functional extensionality.
[Sat Feb  1 22:17:16 2014] <dolio> Just use (forall x. f x = g x) as your equivalence type.
[Sat Feb  1 22:17:48 2014] <dolio> It is less convenient than equality for some things, but maybe it won't matter.
[Sat Feb  1 22:18:36 2014] <jgross_> Introduce functional extensionality as an axiom.  Or use setoids.  Or you can wait until Coq 8.6 (or 9.0? 9.1? 10?) which will hopefully have computational functional extensionality.	(You can prove functional extensionality in https://github.com/barras/coq/tree/hit by http://homotopytypetheory.org/2011/04/04/an-interval-type-implies-function-extensionality/ using "Inductive Interval := zero | one with paths := seg : zero = one."  Or you can
[Sat Feb  1 22:18:36 2014] <jgross_> introduce functional extensionality as the axiom that f_equal_dep is an equivalence, which gives you enough rope to compute with functional extensionality (though rather tediously). 
[Sat Feb  1 22:20:21 2014] <uucico> makes sense; thanks again.
[Sun Feb  2 07:23:06 2014] <anderslundstedt> Using vim plugins CoqIDE (http://goo.gl/z7uYZD) or Coquille (http://goo.gl/bvFemZ), Coq responds "Incorrect query" when trying to send a command to Coqtop. My Coq is 8.4pl3. anyone with a solution?
[Sun Feb  2 07:34:02 2014] <jgross_> They've been changing the interaction protocol recently (though I thought they left it backwards compatible in 8.4).  Try 8.4pl2? 
[Sun Feb  2 07:35:53 2014] <anderslundstedt> Ok, I will try that.
[Sun Feb  2 07:46:41 2014] <Igloo> If there an equivalent to "match e with C x y" which keeps a hypothesis "e = C x y"?
[Sun Feb  2 07:48:10 2014] <jgross_> "match e as e' return e = e' -> ... with C x y => ... end eq_refl" 
[Sun Feb  2 07:48:51 2014] <Igloo> Why are there 2 ...s?
[Sun Feb  2 07:49:19 2014] <jgross_> Alternatively, "Goal <stuff>. destruct e.  Show Proof." and you can see what kind of proof term Coq creates to do it. 
[Sun Feb  2 07:50:06 2014] <jgross_> The first ... is the return type (if you didn't need a "return" clause before, you can leave it as an underscore), the second is the return clause/term. 
[Sun Feb  2 07:51:17 2014] <jgross_> Erm, I guess in this case, you'd want "case_eq e" not "destruct e". 
[Sun Feb  2 07:55:21 2014] <Igloo> Hmm, I'm getting this: http://paste.debian.net/79770/  I guess this is the Program stuff getting in the way?
[Sun Feb  2 08:09:01 2014] <jgross_> No, you need to replace "c" with "fun H => c" and "addToContext ..." with "fun H => addToContext ...". 
[Sun Feb  2 08:09:51 2014] <Igloo> Ah, ta
[Sun Feb  2 08:10:35 2014] <Igloo> Hmm, that seems to create more obligations that I can't prove
[Sun Feb  2 08:10:59 2014] <Igloo> e.g. http://paste.debian.net/79772/
[Sun Feb  2 08:12:42 2014] <Igloo> (where ps and ps' are the things that the "return" says are equal)
[Sun Feb  2 08:13:13 2014] <jgross_> I think Program might be messing you up.  Use "Fixpoint <type>.  refine match ...." instead (you'll have to stick in underscores for all of the arguments to the recursive call, explicitly). 
[Sun Feb  2 08:14:26 2014] <Igloo> "Fixpoint <type>." gives me "Error: Cannot do a fixpoint on a non inductive type."
[Sun Feb  2 08:26:31 2014] <Igloo> Which I assume is because ContextedPatch is in Type, but AFAICS I can't put it in Set instead
[Sun Feb  2 08:35:09 2014] <jgross_> Fixpoint <args> {struct <recrsuive argument name} : <type>. 
[Sun Feb  2 08:35:46 2014] <jgross_> It's just telling you that without a "match" it can't figure out ahead of time what you're going to be matching on (inducting on) 
[Sun Feb  2 08:43:19 2014] <Igloo> Aha, thanks!
[Sun Feb  2 08:48:04 2014] <Igloo> OK, I think I might have everything working now. Thanks for all your help!
[Sun Feb  2 11:03:58 2014] <osa1> inside of definition part of Inductive ty := ... I want to use "tyenv" instead of (id -> option ty), is there a way to do that?
[Sun Feb  2 11:29:18 2014] <Ptival_> osa1: I think you can "with Notation ..." with your definition
[Sun Feb  2 11:31:12 2014] <osa1> but is this a notation? I'm actually defining this as a Definition but I just want to use that definition inside definition of ty too ..
[Sun Feb  2 11:31:28 2014] <osa1> hmm wait. yeah "with notation" makes sense
[Sun Feb  2 11:31:52 2014] <osa1> I also need to use reserved notation, right?
[Sun Feb  2 11:32:52 2014] <Ptival_> I think so yes
[Sun Feb  2 11:33:35 2014] <osa1> I'll try in a minute.
[Sun Feb  2 11:36:37 2014] <osa1> I'm using functions as type environments in my language definition, is there a problem with having extensional equality as an axiom?
[Sun Feb  2 11:38:32 2014] <osa1> oh wait, we already have extensional equality in stdlib!
[Sun Feb  2 11:55:30 2014] <osa1> I don't understand how does induction work. it forgets too many things. if I use "remember" than most cases can't be proved by "auto" ...
[Sun Feb  2 11:55:39 2014] <osa1> s/than/then
[Sun Feb  2 11:59:03 2014] <osa1> hmm. I solved that cases by using inversion ...;subst.
[Sun Feb  2 11:59:06 2014] <osa1> nice.
[Sun Feb  2 12:10:56 2014] <Ptival> yeah induction forgets about indices that are not just variables :(
[Sun Feb  2 12:10:58 2014] <Ptival> inversion does not
[Sun Feb  2 12:55:11 2014] <osa1> is there a way to apply a function to both sides of an equation?
[Sun Feb  2 12:56:00 2014] <osa1> like, I have term1 = term2 as goal and I want to have fun term1 = fun term2.
[Sun Feb  2 13:03:06 2014] <osa1> whatever. I proved it by changing my definitions a bit.
[Sun Feb  2 13:04:10 2014] <Ptival> osa1: I think you can "apply f_equal with (f := fun) in H"?
[Sun Feb  2 13:04:16 2014] <Ptival> unless I got it backwards
[Sun Feb  2 13:22:10 2014] <osa1> Ptival: thanks, I'll try. I don't need it anymore, though, because I changed some of my definitions instead and proved my theorem that way.
[Sun Feb  2 14:39:46 2014] <robbert> osa1: various reasons for not assuming funtional extensionality: 1.) if you do not use it, you have proven a stronger theorem 2.) if programs rely on it, they won't compute 3.) more axioms, bigger chance on them being unsound (see the prop ext issue of a while ago), however the "chance of you actually using it as a paradox" is of cource rather small.
[Sun Feb  2 14:41:09 2014] <osa1> robbert: thanks. in point 2 do you mean if I ever run my program?
[Sun Feb  2 14:46:48 2014] <robbert> osa1: well, whenever a pattern match on the functional extensionality axiom appears in your program, it cannot be contracted.
[Sun Feb  2 14:47:21 2014] <robbert> but if you only use it at careful places, it may very well be dead code, and your program may run fine
[Sun Feb  2 14:49:13 2014] <osa1> robbert: what do you mean by "it cannot be contracted"? does that effect type checking?
[Sun Feb  2 14:49:59 2014] <robbert> osa1: it just means that match functional_extensionality FOO with refl => BAR end cannot be reduced
[Sun Feb  2 14:50:20 2014] <robbert> no, in principle it does not affect type checking
[Sun Feb  2 14:50:32 2014] <osa1> then it works for me :-)
[Sun Feb  2 14:50:50 2014] <osa1> I'm just formalizing a language, I don't think I'll ever need to run something.
[Sun Feb  2 18:15:54 2014] <defanor_> is it guaranteed that any gallina function will eventually halt?
[Sun Feb  2 18:17:48 2014] <defanor_> googled it, looks like it is
[Mon Feb  3 00:21:04 2014] <dickson.freenode.net> [freenode-info] why register and identify? your IRC nick is how people know you. http://freenode.net/faq.shtml#nicksetup
[Tue Feb 11 15:12:33 2014] <Rc43> Hello
[Tue Feb 11 15:22:46 2014] <Rc43> Suppose I declared "Module Type Interface. Definition D : Type. admit. Defined. Parameter P : Type. End Interface." and want to use D in my module "Module Implementation <: Interface. Definition P := D. End IMplementation.".
[Tue Feb 11 15:22:48 2014] <Rc43> How to do it?
[Tue Feb 11 15:23:56 2014] <Rc43> Or should I separate common things in other module-argument and make Implementation to be functor?
[Tue Feb 11 15:34:54 2014] <Rc43> But seems I can't (in my partial case, I need mutual recursion between defined data and parameters in Interface).
[Tue Feb 11 15:55:43 2014] <Rc43> I found that I can do that with "Declare Module Export X : Interface.".
[Tue Feb 11 15:56:09 2014] <Rc43> But I found also that I must dublicate all data defined in Interface.
[Tue Feb 11 15:56:12 2014] <Rc43> How to avoid this?
[Wed Feb 12 11:44:13 2014] <Rc43> Hello.
[Wed Feb 12 11:45:09 2014] <Rc43> Is there library function for constructing such proposition: "forall X (l : list X), all P l" with given (P : X -> Prop)?
[Wed Feb 12 11:45:31 2014] <Rc43> Or at least "forall x, member x l".
[Wed Feb 12 12:03:22 2014] <ianjneu> mem_ind or something
[Wed Feb 12 12:08:24 2014] <Rc43> ianjneu, didn't find that; but found "Forall".
[Wed Feb 12 12:08:38 2014] <Rc43> "Inductive Forall {A} (P:A->Prop) : list A -> Prop := ..."
[Wed Feb 12 12:12:37 2014] <ianjneu> oh that's what you meant.
[Wed Feb 12 12:12:44 2014] <ianjneu> Ya, Forall is good.
[Wed Feb 12 15:35:28 2014] <osa1> hi guys. I have this hypothesis: "H : set_add eq_id_dec h2 (set_union eq_id_dec [] t2) = []" and I want to eliminate this case since this is not true. How can I do that? inversion doesn't provide anything useful.
[Wed Feb 12 15:35:54 2014] <osa1> theorem I'm trying to prove is this: set_union eq_id_dec set1 set2 = nil <-> set1 = nil /\ set2 = nil.
[Wed Feb 12 15:35:59 2014] <osa1> forall set1 set2
[Wed Feb 12 15:38:06 2014] <osa1> aha! I have H: false
[Wed Feb 12 15:38:09 2014] <osa1> now how can I use this?
[Wed Feb 12 15:38:40 2014] <osa1> inversion H.
[Wed Feb 12 15:38:41 2014] <osa1> nice.
[Wed Feb 12 16:36:43 2014] <osa1> wtf?!?! I can't apply minus_n_O because last character is not actually O or 0 ??
[Wed Feb 12 16:37:04 2014] <osa1> duh. I think I need to use proper font.
[Wed Feb 12 16:37:35 2014] <hodapp> hah
[Wed Feb 12 16:38:50 2014] <osa1> I hate functions. can anyone help me solving this: http://lpaste.net/99837 ?
[Wed Feb 12 16:53:10 2014] <ianjneu> osa1: what does simpl in H3 do?
[Thu Feb 13 12:12:40 2014] <Rc43_> Hello.
[Thu Feb 13 12:12:51 2014] <Rc43_> Is there analogue of "exissts" for Type instead Prop?
[Thu Feb 13 12:13:19 2014] <Rc43_> I want to construct sort of heterogeneous list.
[Thu Feb 13 12:13:50 2014] <Rc43_> (Without declaring extra type.)
[Thu Feb 13 12:20:48 2014] <ystael> Rc43: see sigT in Coq.Init.Specif
[Thu Feb 13 12:24:24 2014] <ystael> in this case, if P is a type family indexed by A, you probably want list (sigT A P).
[Thu Feb 13 12:29:36 2014] <Rc43> ystael, seems to be what I want; but I can't use it with A = Type :/
[Thu Feb 13 12:30:09 2014] <Rc43> I have Definition Tag1 : Type and Definition Tag2 : Type. And I mark elements of list with this tags.
[Thu Feb 13 12:30:54 2014] <Rc43> Seems that this is impossible.
[Thu Feb 13 12:31:16 2014] <ystael> are Tag1 and Tag2 types each of which has several values, or do you have only two tag values?
[Thu Feb 13 12:31:59 2014] <ystael> Pretty sure you don't want A = Type, as that would mean your type family is indexed by Type (i.e., for *every* type you have a defined fiber type)
[Thu Feb 13 12:33:45 2014] <Rc43> Ye, I already fixed my tags to "Inductive Tag := Tag1 | Tag2".
[Thu Feb 13 12:33:59 2014] <Rc43> But now I found that sigT works with Type, but not Set.
[Thu Feb 13 12:34:43 2014] <Rc43> Oh, or everything is ok, not sure yet.
[Thu Feb 13 12:35:35 2014] <ystael> Rc43: Set is included in Type, it behaves as if Set were Type at universe level 0
[Thu Feb 13 12:35:52 2014] <ystael> Also if your tag type no longer varies between values, you don't need sigma types at all
[Thu Feb 13 12:37:20 2014] <Rc43> ystael, it varies between Tag1 and Tag2; list contains elements Element Tag1 or Element Tag2.
[Thu Feb 13 12:37:39 2014] <ystael> ah, I see
[Thu Feb 13 12:37:52 2014] <ystael> so yeah, it should be sigT Tag Element, right?
[Thu Feb 13 12:38:02 2014] <Rc43> I am trying to define HList := list (sigT Tag (fun t => Element t)), but coq says that it expects only ? -> Type.
[Thu Feb 13 12:38:10 2014] <Rc43> Aaaa
[Thu Feb 13 12:38:15 2014] <Rc43> Just Element :)
[Thu Feb 13 12:39:08 2014] <ystael> well, that shouldn't make a difference I think?
[Thu Feb 13 12:39:08 2014] <Rc43> But Coq still complains, it says that it expects only function.
[Thu Feb 13 12:39:15 2014] <ystael> paste the full error somewhere?
[Thu Feb 13 12:40:34 2014] <Rc43> Error: the term "Tag" has type "Set" while it is expected to have type "?50 -> Type".
[Thu Feb 13 12:40:54 2014] <Rc43> If I write "sigT Element" it is ok, but that is not what I want.
[Thu Feb 13 12:40:57 2014] <ystael> no, I mean the entire set of definitions
[Thu Feb 13 12:41:27 2014] <ystael> lpaste.net
[Thu Feb 13 12:43:47 2014] <Rc43> http://pastebin.com/raw.php?i=Xmr8mVg6
[Thu Feb 13 12:46:24 2014] <ystael> Oh
[Thu Feb 13 12:46:57 2014] <ystael> It looks like the A argument of sigT is implicit; that's not super obvious from the library source
[Thu Feb 13 12:47:13 2014] <ystael> it just has Set Implicit Arguments at the top which I guess makes it maximally implicit
[Thu Feb 13 12:47:20 2014] <ystael> so sigT Element is all you need to write
[Thu Feb 13 12:47:22 2014] <Rc43> Ye, I thought implicit arguments must be in { }.
[Thu Feb 13 12:47:26 2014] <ystael> to write it out in full, @sigT Tag Element
[Thu Feb 13 12:47:45 2014] <Rc43> Hmm, if sigT is what I want, then how to construct element?
[Thu Feb 13 12:47:52 2014] <Rc43> *sigT Element
[Thu Feb 13 12:48:40 2014] <Rc43> Oh
[Thu Feb 13 12:48:49 2014] <Rc43> existT Element Left left
[Thu Feb 13 12:48:55 2014] <Rc43> so long
[Thu Feb 13 12:51:24 2014] <Rc43> Seems I need some aliases.
[Thu Feb 13 13:07:45 2014] <Rc43> http://pastebin.com/raw.php?i=dF2sPpLe
[Thu Feb 13 13:07:55 2014] <Rc43> Why there is Error about non-exhaustive pattern matching?
[Thu Feb 13 13:09:40 2014] <Rc43> (We can't provide this possible branches with any element, because L requires Left element e.g.)
[Thu Feb 13 15:10:41 2014] <Rc43> Anybody knows if there is lib similar to haskell's lenses?
[Thu Feb 13 15:11:33 2014] <Rc43> I described some structure with Coq, but it requires a lot of code to take a field from the bottom of structure.
[Thu Feb 13 15:31:26 2014] <ianjneu> I don't.
[Sat Feb 15 08:18:41 2014] <Igloo> I don't suppose there are any coq bugzilla folk around? When I try to add a comment to #2689 I get an error "You must select a target milestone for bug 2689 if you are going to accept it. Part of accepting a bug is giving an estimate of when it will be fixed.", but I can't set a milestone
[Sat Feb 15 08:22:47 2014] <ianjneu> :/ no idea. Probably jgross knows.
[Sat Feb 15 08:27:34 2014] <Igloo> Hah, the "Help" link takes me to https://coq.inria.fr/bugs/docs/en/html/query.html#list
[Sat Feb 15 08:34:05 2014] <kamatara> hi, is there a way to force coq to forget the default library?
[Sat Feb 15 08:52:32 2014] <robbert> kamatara: -nois
[Sat Feb 15 08:53:05 2014] <kamatara> robbert, o it does not work, because i ould still write Require Import ... and the thing will be found and load
[Sat Feb 15 08:53:16 2014] <kamatara> that's what I want to prevent
[Sat Feb 15 08:53:32 2014] <kamatara> I 'm looking for a 100% virgin environment
[Sat Feb 15 08:58:47 2014] <robbert> kamatara: rm theories in the coq root?
[Sat Feb 15 09:00:04 2014] <kamatara> robbert, ..., it's really the only solution? coqc is the only compiler which does not provide that kind of switch?
[Sat Feb 15 09:00:56 2014] <robbert> I have no idea, but I don't think a more extreme switch than -nois exists
[Sat Feb 15 09:02:33 2014] <kamatara> that's sad
[Sat Feb 15 09:02:45 2014] <kamatara> but thank for the help
[Sat Feb 15 09:25:42 2014] <robbert> kamatara: by the way, there has been quite some discussion about disabling the recursive Require Import, see https://sympa.inria.fr/sympa/arc/coq-club/2013-12/msg00099.html
[Sat Feb 15 09:25:52 2014] <robbert> maybe that would be of help (eventually)
[Sat Feb 15 10:02:19 2014] <hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Prop.html#lab180 - does anyone know a simple solution to the final (Optional, harder) one there?
[Sat Feb 15 10:03:02 2014] <hodapp> I'm trying to work through it, but keep getting nowhere; induction on either piece of evidence seems to lead me nowhere
[Sat Feb 15 10:13:32 2014] <kamatara> hodapp, do you know how to do the proofs with you pen and your paper ?
[Sat Feb 15 12:12:17 2014] <osa1> let's say I have this as goal: "length tl = n - 1" can I apply S to both sides of equation and have S (length tl) = S (n - 1) as goal?
[Sat Feb 15 12:24:23 2014] <ianjneu> That only works if n <> 0
[Sat Feb 15 12:26:47 2014] <osa1> why?
[Sat Feb 15 12:27:02 2014] <osa1> yeah right
[Sat Feb 15 12:27:14 2014] <osa1> let's assume I have H: n <> 0
[Sat Feb 15 12:27:26 2014] <osa1> and I want to apply S to both sides of the equation.
[Sat Feb 15 12:32:48 2014] <kamatara> there must be an axiom stating that any arrow is a morphism for = somewhere.
[Sat Feb 15 12:32:51 2014] <robbert> ianjneu: uhm, S is injective, so that just works
[Sat Feb 15 12:32:57 2014] <robbert> @check eq_add_S
[Sat Feb 15 12:32:58 2014] <kamatara> oups;
[Sat Feb 15 12:33:04 2014] <roosterbot> eq_add_S : ∀ n m : nat, S n = S m → n = m
[Sat Feb 15 12:33:30 2014] <robbert> going from S (n - 1) to n requires n <> 0
[Sat Feb 15 12:34:08 2014] <robbert> check @f_equiv
[Sat Feb 15 12:34:28 2014] <robbert> kamatara, is that what you mean?
[Sat Feb 15 12:34:43 2014] <robbert> @check f_equiv
[Sat Feb 15 12:34:44 2014] <roosterbot> error: Error: The reference f_equiv was not found in the current environment.
[Sat Feb 15 12:34:49 2014] <robbert> @check f_equal
[Sat Feb 15 12:34:49 2014] <roosterbot> f_equal : ∀ (A B : Type) (f : A → B) (x y : A), x = y → f x = f y
[Sat Feb 15 12:34:53 2014] <kamatara> robbert, forget what I said (it's just that I was thinking about n = 0 and not n <> 0)
[Sat Feb 15 12:35:34 2014] <kamatara> is there a way to find axiom by their type (like with hoogle)?
[Sat Feb 15 12:36:08 2014] <robbert> SearchPattern
[Sat Feb 15 12:36:27 2014] <robbert> SearchPattern (S ?x = S ?y -> ?x = ?y).
[Sat Feb 15 12:36:35 2014] <robbert> for example
[Sat Feb 15 12:38:14 2014] <kamatara> nice, thx
[Sat Feb 15 12:38:31 2014] <robbert> And by the way, this result about injectivity of S is a theorem (Coq is strong enough to prove it), not an axiom :)
[Sat Feb 15 12:42:08 2014] <kamatara> robbert, impossible, that's the definition of injectivity
[Sat Feb 15 12:43:00 2014] <kamatara> (coq is not more powerful than maths)
[Sat Feb 15 12:48:02 2014] <ianjneu> kamatara: no, that is the rule of Leibniz.
[Sat Feb 15 12:48:38 2014] <kamatara> ianjneu, ho please look at your axioms, and you'll see that somewhere you have an axiom equivalent to that, that's why you think it's a theorem and not an axiom
[Sat Feb 15 12:49:13 2014] <robbert> kamatara: Coq can prove the Peano axioms
[Sat Feb 15 12:49:14 2014] <ianjneu> It's a theorem by induction on (x = y)
[Sat Feb 15 12:49:19 2014] <kamatara> robbert, no it can't
[Sat Feb 15 12:49:28 2014] <kamatara> when you use inductive, coq define the axioms for you
[Sat Feb 15 12:49:52 2014] <robbert> No, it does not
[Sat Feb 15 12:50:04 2014] <robbert> those induction principles are defined in terms of fix/match
[Sat Feb 15 12:50:07 2014] <robbert> which are primitives in Coq
[Sat Feb 15 12:50:13 2014] <kamatara> @check nat_ind
[Sat Feb 15 12:50:14 2014] <roosterbot> nat_ind : ∀ P : nat → Prop, P 0 → (∀ n : nat, P n → P (S n)) → (∀ n : nat, P n)
[Sat Feb 15 12:50:20 2014] <robbert> Do print nat_ind
[Sat Feb 15 12:50:22 2014] <kamatara> isn't it the gfucking axiom of recurrence ?
[Sat Feb 15 12:50:56 2014] <kamatara> @check nat_rect
[Sat Feb 15 12:50:57 2014] <roosterbot> nat_rect : ∀ P : nat → Type, P 0 → (∀ n : nat, P n → P (S n)) → (∀ n : nat, P n)
[Sat Feb 15 12:51:03 2014] <ianjneu> @print nat_rect
[Sat Feb 15 12:51:19 2014] <ianjneu> :|
[Sat Feb 15 12:51:31 2014] <kamatara> Ok it's not axiom, because it's inductive wich come with the axioms builtin
[Sat Feb 15 12:51:33 2014] <ianjneu> roosterbot: okay fine, don't print the term.
[Sat Feb 15 12:51:41 2014] <roosterbot> nat_rect =
[Sat Feb 15 12:51:41 2014] <roosterbot> λ (P : nat → Type) (f : P 0) (f0 : ∀ n : nat, P n → P (S n)),
[Sat Feb 15 12:51:41 2014] <roosterbot> fix F (n : nat) : P n :=
[Sat Feb 15 12:51:41 2014] <roosterbot>   match n as n0 return (P n0) with
[Sat Feb 15 12:51:41 2014] <roosterbot>   | 0 => f
[Sat Feb 15 12:51:42 2014] <roosterbot>   | S n0 => f0 n0 (F n0)
[Sat Feb 15 12:51:42 2014] <roosterbot>   end
[Sat Feb 15 12:51:43 2014] <roosterbot>      : ∀ P : nat → Type, P 0 → (∀ n : nat, P n → P (S n)) → (∀ n : nat, P n)
[Sat Feb 15 12:51:43 2014] <ianjneu> kamatara: also false.
[Sat Feb 15 12:51:55 2014] <kamatara> inductive is a hiddent way to introduce axioms
[Sat Feb 15 12:52:20 2014] <ianjneu> kamatara: only if you consider function definitions axioms.
[Sat Feb 15 12:52:48 2014] <ianjneu> that is, the axiom that function symbol f is equal to its body.
[Sat Feb 15 12:52:58 2014] <kamatara> inductive is magic
[Sat Feb 15 12:53:02 2014] <ianjneu> no it's not.
[Sat Feb 15 12:53:08 2014] <kamatara> which provides a way to have recurrence hidden
[Sat Feb 15 12:53:42 2014] <kamatara> recurrence is a fucking axiom, it's proved, so if it's a theorem in coq, it's because there is an equivalent axiom sopmewhere, otherwise we are facing a contradictino
[Sat Feb 15 12:53:44 2014] <kamatara> QED.
[Sat Feb 15 12:54:05 2014] <ianjneu> The structure of the grammar of Inductive allows Coq to automatically produce an induction theorem.
[Sat Feb 15 12:54:10 2014] <kamatara> those axioms are hidden in inductive
[Sat Feb 15 12:54:14 2014] <robbert> sorry, but if you start calling things a "fucking axiom", I do not really consider a discussion with you seriously
[Sat Feb 15 12:54:28 2014] <kamatara> robbert, i proved what i said
[Sat Feb 15 12:54:37 2014] <kamatara> induction is an axiom, even in coq
[Sat Feb 15 12:54:50 2014] <kamatara> it's just coq come with a built in induction axiom
[Sat Feb 15 12:54:50 2014] <ianjneu> induction is a tactic.
[Sat Feb 15 12:55:19 2014] <robbert> read on the history of type theory/Coq, back in the days Coq was based on the Calculus of Constructions, where one could define data types like the natural numbers using second order encoding
[Sat Feb 15 12:55:19 2014] <ezyang> Mmm, calling induction an axiom is misrepresenting it a little.
[Sat Feb 15 12:55:38 2014] <kamatara> ezyang, a scheme of axioms if you want
[Sat Feb 15 12:55:40 2014] <robbert> then, indeed, you could not prove injectivity of S, induction, and so on
[Sat Feb 15 12:55:49 2014] <kamatara> robbert, I could use it
[Sat Feb 15 12:56:07 2014] <robbert> As thus, they added inductive data types to the system, which made it possible to prove those properties in the system
[Sat Feb 15 12:56:08 2014] <kamatara> you can prove that S O = O => false
[Sat Feb 15 12:56:14 2014] <robbert> without relying on axioms
[Sat Feb 15 12:56:40 2014] <kamatara> robbert, inductive type are a camouflaged way to introduce axioms
[Sat Feb 15 12:57:11 2014] <robbert> No, they are not, they are part of the system. Axioms are things you introduce using the Parameter command
[Sat Feb 15 12:57:53 2014] <robbert> If you have Gamma |- M : A, Gamma are the axioms, you can prove Gamma |- 1 /= 0 with Gamma = empty
[Sat Feb 15 12:58:05 2014] <ezyang> Axioms tend not to have computation rules
[Sat Feb 15 12:58:08 2014] <kamatara> axiom are thing I can't prove using modus ponens, absurd, and the few laws about forall
[Sat Feb 15 12:58:13 2014] <kamatara> you won't redefine mathematics
[Sat Feb 15 12:58:32 2014] <ianjneu> I'm done feeding the troll.
[Sat Feb 15 12:58:40 2014] <robbert> ezyang: indeed!
[Sat Feb 15 12:59:23 2014] <kamatara> for mathematicians you'll be joke when you will try to affirm that induction is not an "axiom"
[Sat Feb 15 12:59:42 2014] <kamatara> call me troll if you want, but thet truth is mathematicians agree with me, not you
[Sat Feb 15 13:00:34 2014] <ianjneu> it depends on what form induction takes. It can be reconstructed from more basic notions.
[Sat Feb 15 13:00:37 2014] <ezyang> I mean, what you're saying is all true in set theory, but type theory works differently.
[Sat Feb 15 13:01:54 2014] <kamatara> ezyang, what a joke
[Sat Feb 15 13:01:59 2014] <kamatara> go explain that to mathematicians
[Sat Feb 15 13:02:07 2014] <kamatara> you're just a kiddo for me
[Sat Feb 15 13:02:08 2014] <ijp> nothing wrong with redefining mathematics, mathematicians have beend doing if for millenia
[Sat Feb 15 13:02:23 2014] <ijp> if->it
[Sat Feb 15 13:02:26 2014] <kamatara> ijp, yes but each time they agree on the fact that induction is an "axiom"
[Sat Feb 15 13:02:55 2014] <ianjneu> You're in a channel of mathematicians.
[Sat Feb 15 13:03:33 2014] <kamatara> ianjneu, OK, Isn't induction an "axiom" in mathematics ?
[Sat Feb 15 13:03:42 2014] <kamatara> we'll see :)
[Sat Feb 15 13:04:11 2014] <robbert> It is an axiom in classical first order logic
[Sat Feb 15 13:04:22 2014] <copumpkin> o.O
[Sat Feb 15 13:04:33 2014] <ianjneu> copumpkin: long time no see
[Sat Feb 15 13:04:46 2014] <copumpkin> hi :)
[Sat Feb 15 13:04:46 2014] <robbert> here to troll :P
[Sat Feb 15 13:05:07 2014] <copumpkin> not often you see trolls in these sorts of channels
[Sat Feb 15 13:05:15 2014] <copumpkin> last I remember was a coq troll in #agda
[Sat Feb 15 13:05:47 2014] <kamatara> so a guy come, say what mathematicians say since a long time, and for you that guy is a troll
[Sat Feb 15 13:05:51 2014] <kamatara> you're funny guys
[Sat Feb 15 13:05:51 2014] <ijp> copumpkin: presumably they don't appear because trolling is not constructive
[Sat Feb 15 13:05:55 2014] <ianjneu> copumpkin: I think HoTT has attracted more amateurs to explore the area. This often leads to trolling.
[Sat Feb 15 13:06:01 2014] <copumpkin> fair enough
[Sat Feb 15 13:06:08 2014] <robbert> ianjneu: ha ha :)
[Sat Feb 15 13:06:33 2014] <kamatara> today I know why mathematician fdon't use such a tool
[Sat Feb 15 13:06:39 2014] <ianjneu> What's the story? "The September that never ended"?
[Sat Feb 15 13:06:44 2014] <kamatara> the community is not serious and mature for math
[Sat Feb 15 13:06:48 2014] <copumpkin> yes yes
[Sat Feb 15 13:06:49 2014] <copumpkin> move along
[Sat Feb 15 13:07:06 2014] <kamatara> I quit before the ban
[Sat Feb 15 13:07:12 2014] <copumpkin> you won't get banned
[Sat Feb 15 13:07:16 2014] <copumpkin> it just won't be productive
[Sat Feb 15 13:07:19 2014] <kamatara> ciao guys, learn math and we will argue more seriously nn the future
[Sat Feb 15 13:07:34 2014] <robbert> What a douche ;)
[Sat Feb 15 13:07:46 2014] <ianjneu> Proof assistants are just really hard to use. The status quo in the mathematics community does not pressure people to spend the time to certify their proofs with these tools.
[Sat Feb 15 13:09:11 2014] <robbert> Well, the thing here is that "actual mathematicians" (whomever I may address using that), don't really care about logic/foundations. But when using a proof assistant, it becomes quite a big deal.
[Sat Feb 15 13:09:48 2014] <ianjneu> robbert: I'm sure they care, just not when it comes to getting papers out.
[Sat Feb 15 13:10:26 2014] <ianjneu> I'm tired of overgeneralized speculation and no-true-scotsman arguments though.
[Sat Feb 15 13:10:31 2014] <ianjneu> I'm going back to my proof.
[Sat Feb 15 13:11:26 2014] <robbert> Well, my point was more they do not really care about whether to be classical/constructive, having choice, intensional/extensional equality, setoids, ...
[Sat Feb 15 13:12:51 2014] <ianjneu> for an appropriate, "they," sure
[Sat Feb 15 13:13:48 2014] <robbert> Hence the quotes arround "actual mathematicians" in my previous message :)
[Sat Feb 15 13:42:56 2014] <Olive`> is there a nice simple example of a coq proof that uses integers? I'm really new to this :(
[Sat Feb 15 13:44:53 2014] <ianjneu> Olive`: omega is really great at knocking out simple obligations.
[Sat Feb 15 13:45:48 2014] <Olive`> is that part of the standard library?
[Sat Feb 15 13:46:15 2014] <ianjneu> ZArith.
[Sat Feb 15 13:47:46 2014] <Olive`> thank you! I'll look there
[Sat Feb 15 14:07:24 2014] <jgross_> Igloo, ianjneu: I've never seen that error message before.  If you tell me what you want to comment (e.g., by gist or something), I can try to comment for you?  Alternatively, maybe there was a change since you loaded the page, and Pierre Letouzey assigned the bug to himself, but your comment page didn't know about it, and so bugzilla assumed that you were unassigning the bug to him when you commented?  If you reload the page and try to comment,
[Sat Feb 15 14:07:24 2014] <jgross_> does it work now? 
[Sat Feb 15 14:30:26 2014] <Olive`> ianjneu: I ended up using the definition of Z from Coq.Numbers.BinNums
[Sat Feb 15 15:07:18 2014] <jrw> hodapp: did you get that subsequence one?
[Sat Feb 15 15:24:54 2014] <hodapp> apparently #coq is not drama-exempt?
[Sat Feb 15 15:24:56 2014] <hodapp> * scrolls up
[Sat Feb 15 15:26:59 2014] <Anarchos> hodapp why ?
[Sat Feb 15 15:33:04 2014] <hodapp> BECAUSE I BELIEVE IN FAIRY-TALES SOMETIMES, YOU DON'T NEED TO REMIND ME
[Sat Feb 15 15:33:07 2014] <hodapp> * runs away
[Sat Feb 15 15:34:07 2014] <hodapp> jrw: I have not yet, but I've not had a lot of time since I posted to look at it.
[Sat Feb 15 15:37:21 2014] <jrw> hodapp: the hint they give is very accurate, if also very vague. in response to your original "does anyone have a clean way...", if you pick your induction correctly, it's pretty clean.
[Sat Feb 15 15:38:35 2014] <Olive`> what kinds of cool things are you all working on?
[Sat Feb 15 15:38:39 2014] <hodapp> jrw: I'd suspected all of those things upon starting the problem, but seem stuck anyhow...
[Sat Feb 15 15:38:54 2014] <hodapp> Olive`: We're all learning more math so that we are qualified to talk to katamara.
[Sat Feb 15 15:39:02 2014] <jrw> lol
[Sat Feb 15 15:39:05 2014] <Olive`> hehehe
[Sat Feb 15 15:39:06 2014] <jrw> hodapp: what have you tried inducting on?
[Sat Feb 15 15:39:26 2014] <hodapp> jrw: mostly the two pieces of evidence.
[Sat Feb 15 15:39:38 2014] <hodapp> jrw: I don't entirely see how inducting on either list can get me anywhere.
[Sat Feb 15 15:39:38 2014] <jrw> hodapp: try something else :)
[Sat Feb 15 15:40:09 2014] <jrw> there are two "pieces of evidence" and three lists, no? I suggest you try all of them.
[Sat Feb 15 15:40:24 2014] <hodapp> what is a piece of evidence? A proposition?
[Sat Feb 15 15:40:34 2014] <hodapp> I wasn't sure what term to apply.
[Sat Feb 15 15:40:50 2014] <jrw> you used the phrase first, I assumed you had a definition in mind :p
[Sat Feb 15 15:40:51 2014] <hodapp> Olive`: I'm just going through the Software Foundations book. I idle here because when the rest of the channel talks it reminds me of how much I don't know.
[Sat Feb 15 15:41:00 2014] <jrw> I just meant one of the two "subsequence" hypotheses
[Sat Feb 15 15:41:00 2014] <Olive`> aw
[Sat Feb 15 15:41:07 2014] <Olive`> trust me I probably know less than you
[Sat Feb 15 15:41:33 2014] <hodapp> jrw: well, it's things like 'subseq l1 l2', things which Coq allows as hypotheses
[Sat Feb 15 15:41:44 2014] <jrw> yep
[Sat Feb 15 15:42:34 2014] <hodapp> Olive`: my degree is in EE, and I do some embedded programming... one thing that piques my interest a little is if I'd be able to leverage Coq's code generation for a fairly simple embedded kernel.
[Sat Feb 15 15:43:06 2014] <hodapp> but once I get through this book, I was going to go either to HoTT or CPDT, and folks have dominantly recommended the latter :P
[Sat Feb 15 15:43:18 2014] <Olive`> hodapp that's cool! I just started learning about electronics recently
[Sat Feb 15 15:44:41 2014] <hodapp> Olive`: what brings you here?
[Sat Feb 15 15:45:10 2014] <Olive`> I got interested in type theory and proving things about programs
[Sat Feb 15 15:52:31 2014] <hodapp> that's sort of how I landed here. I was dabbling a bit with functional programming, particularly Haskell, and the channel mentioned some things like Agda
[Sat Feb 15 15:52:41 2014] <hodapp> and somehow this led me to SF
[Sat Feb 15 16:18:48 2014] <osa1> ezyang: was that for me: "I mean, what you're saying is all true in set theory, but type theory works differently." ?
[Sat Feb 15 16:19:04 2014] <osa1> (sorry for very late response)
[Sat Feb 15 16:50:12 2014] <ianjneu> osa1: I believe he was talking to the troll about induction always being an axiom.
[Sat Feb 15 16:57:06 2014] <osa1> ah, okay.
[Sat Feb 15 18:00:56 2014] <Igloo> I don't suppose anyone has an example of how to make an OrderedType in which eq is Leibniz equality handy?
[Sat Feb 15 19:08:20 2014] <anderslundstedt> "Error: refine: proof term contains metas in a product." what does this mean?
[Sun Feb 16 07:14:09 2014] <roosbeef> hi
[Sun Feb 16 07:14:15 2014] <roosbeef> should this be trivial?
[Sun Feb 16 07:14:17 2014] <roosbeef> Lemma layer_compare_wf' : forall h1, forall h2, subfterm_order h1 h2 -> Acc subfterm_order h1.
[Sun Feb 16 09:06:14 2014] <ollehar> any tips on proving "rev (rev list) = list"?
[Sun Feb 16 09:08:56 2014] <ollehar> nm, found on google
[Sun Feb 16 10:19:44 2014] <osa1> this looked like a very basic question to me https://sympa.inria.fr/sympa/arc/coq-club/2014-02/msg00150.html but apparently it's not .. does anyone here have any ideas?
[Sun Feb 16 10:44:57 2014] <ianjneu> it is simple. Injectivity of constructors.
[Sun Feb 16 10:46:59 2014] <Saizan> injectivity if you need to go S x = S y -> x = y, if you need to go x = y -> S x = S y it's just congruence and can be proved for any function
[Sun Feb 16 10:47:08 2014] <ianjneu> osa1: http://lpaste.net/264255443503677440
[Sun Feb 16 10:48:01 2014] <ianjneu> Saizan: congruence isn't even needed. It's induction on the equality: the functoriality of functions over equalities.
[Sun Feb 16 10:48:11 2014] <ianjneu> aka the rule of Leibniz.
[Sun Feb 16 10:49:04 2014] <Saizan> yeah, that's how you prove congruence :)
[Sun Feb 16 10:49:32 2014] <Saizan> but maybe there's something in Coq called congruence that i'm accidentally referring to in this conversation
[Sun Feb 16 10:52:11 2014] <ianjneu> Saizan: the congruence tactic works with the setoid and equivalence typeclasses to do "equality-like" things (basically, you make instances of the proper typeclass to prove that a function respects some equivalence relation that isn't necessarily built-in)
[Sun Feb 16 10:52:57 2014] <ianjneu> If you've heard of the congruence closure algorithm, it's like that, but general to equivalence relations.
[Sun Feb 16 10:55:32 2014] <Saizan> ianjneu: i see, thanks
[Sun Feb 16 11:24:02 2014] <osa1> thanks guys!
[Sun Feb 16 11:24:08 2014] <osa1> ianjneu: that worked.
[Sun Feb 16 11:24:21 2014] <osa1> I'm seeing "trivial" and "injection" tactics for first time ...
[Sun Feb 16 11:24:41 2014] <osa1> also cut
[Sun Feb 16 11:26:53 2014] <ianjneu> osa1: cut is simpler "assert"
[Sun Feb 16 11:27:13 2014] <ianjneu> trivial is a weaker form of intuition.
[Sun Feb 16 11:27:26 2014] <ianjneu> and auto.
[Sun Feb 16 11:28:21 2014] <osa1> speaking of new tactics, maybe someone can give me some tactics on simplifying our proofs: https://github.com/osa1/StagedLambda/blob/master/Lc.v :-) (we're two first time Coq users)
[Sun Feb 16 11:31:03 2014] <ianjneu> osa1: check out Adam Chlipala's cheat sheet
[Sun Feb 16 11:31:20 2014] <ianjneu> http://adam.chlipala.net/itp/tactic-reference.html
[Sun Feb 16 11:31:33 2014] <osa1> thank you.
[Sun Feb 16 17:43:55 2014] <ollehar> can I save the "state" of a coqtop session?
[Sun Feb 16 18:28:07 2014] <ianjneu> ollehar: http://sourceforge.net/projects/dmtcp
[Sun Feb 16 18:28:54 2014] <ianjneu> There might be a better answer, but I work with Proofgeneral, where my state is a file.
[Mon Feb 17 06:29:05 2014] <Rc43> Hello.
[Mon Feb 17 12:51:12 2014] <roosbeef> just out of curiosity, how much of a trivial matter do well foundedness proofs tend to be?
[Mon Feb 17 12:52:21 2014] <roosbeef> (im having some difficulties)
[Mon Feb 17 12:52:22 2014] <roosbeef> :p
[Mon Feb 17 13:02:32 2014] <hodapp> * stares blankly
[Mon Feb 17 13:03:25 2014] <Saizan> roosbeef: considering that you can sometimes prove the (relative) consistency of logical systems through well-foundednes they can get pretty hard :)
[Mon Feb 17 13:08:48 2014] <roosbeef> meh
[Mon Feb 17 13:16:22 2014] <jrw> roosbeef: IMHO they can be tricky. it's easy to get lost.
[Mon Feb 17 13:17:16 2014] <jrw> roosbeef: http://adam.chlipala.net/cpdt/html/GeneralRec.html maybe have a look at adam's proof that less than on nats is well founded
[Mon Feb 17 13:17:35 2014] <jrw> or, rather, that "length order" on lists is
[Mon Feb 17 13:19:37 2014] <roosbeef> jrw, that was my starting point actually :p
[Mon Feb 17 13:20:09 2014] <jrw> roosbeef: might be a good exercise to delete his proofs and try them yourself
[Mon Feb 17 13:20:23 2014] <jrw> also to meditate one why he has that helper lemma
[Mon Feb 17 13:20:24 2014] <roosbeef> yep my thoughts exactly :p
[Mon Feb 17 13:20:27 2014] <jrw> s/one/on
[Mon Feb 17 13:20:46 2014] <roosbeef> tried adapting the helper lemma to my setting but no luck
[Mon Feb 17 13:21:40 2014] <roosbeef> nevermind ill give it a rest and have a closer look later
[Mon Feb 17 13:22:49 2014] <roosbeef> <3
[Mon Feb 17 13:58:00 2014] <jkff> Hi! I have a question about proof irrelevance. I know that it cannot be proven in Coq, and I know it can be safely added to Coq as an axiom. But: can its negation be disproven in Coq? Does "proof relevance" lead to any contradictions?
[Mon Feb 17 18:57:57 2014] <hodapp> http://www.cis.upenn.edu/~bcpierce/sf/MoreProp.html in the 'le' relation, if I am doing induction over a piece of evidence with 'le', e.g. E: n <= m, I expect that when I use 'as' with induction that each part corresponds to a specific constructor
[Mon Feb 17 18:58:43 2014] <hodapp> so I would expect that, for the 2nd constructor, I'd need to supply names for n, m, and some hypothesis?
[Mon Feb 17 18:58:49 2014] <hodapp> which does not seem to be the case
[Mon Feb 17 18:59:04 2014] <hodapp> so, I'm wondering what's wrong about how I see it
[Mon Feb 17 19:07:31 2014] <Ptival> hodapp: do you have an example, it seems to work the way I expect here...
[Mon Feb 17 19:08:50 2014] <Ptival> I do induction LE as [ n' | n' m' LE' ].
[Mon Feb 17 19:16:07 2014] <hodapp> http://lpaste.net/100081
[Mon Feb 17 19:16:45 2014] <hodapp> step through and note things at Case "le_S"
[Mon Feb 17 19:32:22 2014] <Ptival> is this using le from the file you pointed at or le from the standard library?
[Mon Feb 17 19:32:58 2014] <Ptival> they differ in that the LHS is a parameter in one and an index in the other
[Mon Feb 17 19:34:03 2014] <Ptival> hodapp: could you "Locate le." ?
[Mon Feb 17 20:26:53 2014] <hodapp> this is 'le' from the URL I gave
[Mon Feb 17 20:29:33 2014] <ollehar> Hm, I get this. Wrong version of Coq_
[Mon Feb 17 20:29:33 2014] <ollehar> Coq < Arguments nil {X}.
[Mon Feb 17 20:29:33 2014] <ollehar> Error: Unknown command of the non proof-editing mode.
[Mon Feb 17 20:29:34 2014] <ollehar> ?
[Mon Feb 17 20:30:15 2014] <ijp> are you using coq 8.3?
[Mon Feb 17 20:30:47 2014] <ollehar> ijp: yes
[Mon Feb 17 20:30:58 2014] <ijp> the syntax changed between 8.3 and 8.4
[Mon Feb 17 20:31:04 2014] <ollehar> ah!
[Mon Feb 17 20:31:05 2014] <ijp> try Implicit Arguments nil [[X]].
[Mon Feb 17 20:31:22 2014] <ollehar> they should update the book, then :P
[Mon Feb 17 20:31:30 2014] <ijp> the book is right for 8.4
[Mon Feb 17 20:31:50 2014] <ollehar> right, I'm using the old version. duh.
[Mon Feb 17 20:32:00 2014] <ollehar> thanks.
[Mon Feb 17 21:19:48 2014] <jgross_> jkff: The univalence axiom is consistent with Coq, and implies the negation of proof irrelevance. 
[Mon Feb 17 21:49:23 2014] <Cale> (At least insofar as the consistency of anything of that sort can be ensured...)
[Mon Feb 17 21:52:31 2014] <jgross_> Cale: There's a model.	I trust consistency of univalence, consistency of proof irrelevance, consistency of Coq core all approximately equally (slightly more trust in Coq core, though). 
[Mon Feb 17 21:53:32 2014] <Cale> jgross_: Right, but it'd be a model in ZF or something which hopefully can't prove its own consistency. :)
[Mon Feb 17 21:54:56 2014] <jgross_> Cale: Of course. 
[Mon Feb 17 21:56:24 2014] <Cale> At some point I'll really have to find a route to dig into the model theory of HoTT. There's a lot of cool-sounding things in that direction.
[Tue Feb 18 06:31:03 2014] <Rc43> Hello.
[Tue Feb 18 06:31:27 2014] <Rc43> Is there syntax for records which gives possibility to create new copy with changed field?
[Tue Feb 18 10:22:56 2014] <dolle> Is there a quick way to derive a "strong induction" principle for an inductive datatype? That is, I want to be able to do induction via a well-founded subterm relation instead of just immediate subterms.
[Tue Feb 18 10:23:57 2014] <dolle> I think I know how to do it manually, but it seems like something that can easily be automated.
[Tue Feb 18 10:29:32 2014] <ianjneu> It's not clear what the order relation should be for an arbitrary inductive datatype for such a scheme to be automatically generated.
[Tue Feb 18 10:32:11 2014] <dolle> Right, but isn't there a way to use something like "Scheme" to hint at what that should be?
[Tue Feb 18 10:33:12 2014] <dolle> Oh, wait, I think I get what you're saying.
[Tue Feb 18 10:33:55 2014] <dolle> Hmm, I guess I have to define a subterm relation manually, and prove an induction principle.
[Tue Feb 18 10:34:31 2014] <ianjneu> The induction principle is Acc_ind once you prove your subterm relation wellfounded.
[Tue Feb 18 10:35:17 2014] <dolle> Ah, that's convenient! Thank you.
[Tue Feb 18 12:12:58 2014] <robbert> dolle: I tend to define a measure [foo_size : foo -> nat] for such inductive types [foo], and then do well-founded induction on the size
[Tue Feb 18 13:33:50 2014] <dolle> robbert: Yeah, that is probably the easiest to do. I ended up defining a "deep" subterm relation, proved that it was well-founded and then used the well_founded_ind principle. Next time, I think I'll just use term sizes :)
[Tue Feb 18 15:50:56 2014] <jdoles> Is there any formal definition of what HoTT is about? For a text written by a bunch of mathematicians, it's surprisingly non formal.
[Tue Feb 18 15:51:38 2014] <jdoles> If you look at the HoTT book, the first time the word "path" is being used, it's not even followed by a fully formal definition of the concept.
[Tue Feb 18 15:52:27 2014] <Anarchos> jdoles do you know algebraic topology ?
[Tue Feb 18 15:52:56 2014] <jdoles> Anarchos: I wonder whether anyone does ;)
[Tue Feb 18 15:53:04 2014] <jdoles> Anarchos: more seriously, I know "some".
[Tue Feb 18 15:54:10 2014] <Anarchos> jdoles then you must know what a path is ....
[Tue Feb 18 15:55:04 2014] <Igloo> Is the code in http://permalink.gmane.org/gmane.science.mathematics.logic.coq.club/7252 meant to work?
[Tue Feb 18 15:55:28 2014] <Igloo> It seems to be missing proofs for eq_equiv and lt_strorder?
[Tue Feb 18 15:55:38 2014] <jdoles> Anarchos: they say in the text that some concepts are supposed to be interpreted in a homotopy type theory specific manner.
[Tue Feb 18 15:55:59 2014] <jdoles> Anarchos: so, the idea is that I flip a coin to decide which ones those are?
[Tue Feb 18 15:57:06 2014] <jdoles> Anarchos: to make things more complex, the definition of a continuous map talks about sets again.
[Tue Feb 18 15:57:19 2014] <jdoles> Anarchos: and I though the whole point of HoTT was to get rid of sets.
[Tue Feb 18 15:57:37 2014] <jdoles> thought*
[Tue Feb 18 15:57:51 2014] <ystael> jdoles: there is a ##hott channel if you're interested (I don't say this to chide you for asking here)
[Tue Feb 18 15:59:02 2014] <jdoles> I also don't particularly care about all the constructions people have build on a few axioms.
[Tue Feb 18 15:59:12 2014] <ystael> which definition of continuous map are you referring to?
[Tue Feb 18 15:59:26 2014] <jdoles> I would much rather just have seen an algorithmic and logical description of what was "invented".
[Tue Feb 18 15:59:58 2014] <jdoles> For example CIC is easy to understand (it fits on half a page).
[Tue Feb 18 16:00:25 2014] <jdoles> Now, why does HoTT need 100+ pages (order of magnitude)?
[Tue Feb 18 16:01:28 2014] <jdoles> (Similarly, I don't care that people have build Feit-Thompson on top of Coq when I am learning about the calculus behind Coq. )
[Tue Feb 18 16:01:40 2014] <jdoles> ystael: https://en.wikipedia.org/wiki/Continuous_%28topology%29#Continuous_functions_between_topological_spaces
[Tue Feb 18 16:02:03 2014] <ystael> oh, the classical topological one, i thought you were referring to something in the HoTT book
[Tue Feb 18 16:02:32 2014] <jdoles> ystael: ok, so even the word "continuous map" is now overloaded?
[Tue Feb 18 16:02:38 2014] <jdoles> or phrase*
[Tue Feb 18 16:03:03 2014] <ystael> i'm not the best person to be answering this, I'm only part way through the book myself
[Tue Feb 18 16:03:13 2014] <ystael> you'd get better answers from ##hott probably
[Tue Feb 18 16:03:41 2014] <ystael> but as I understand it the word "continuous" isn't actually given a definition in the base type theory
[Tue Feb 18 16:04:12 2014] <ystael> there's a formal analogy between the theories, that's all
[Tue Feb 18 16:04:19 2014] <ystael> "path" just means "element of an identity type"
[Tue Feb 18 16:04:47 2014] <ystael> because in the analogy, elements of identity types behave like paths in homotopy theory
[Tue Feb 18 16:10:50 2014] <ianjneu> jdoles: There's an entire book because once you give a foundation of mathematics (ITT + UA + HIT), you should support its usefulness by providing constructions of standard mathematical ideas in it.
[Tue Feb 18 16:12:13 2014] <ianjneu> Moreover, HoTT is under active research, trying to pin down completely formally the kinds of arguments exposited in the book. There is no complete formal semantics for it like Martin-Loef intensional type theory.
[Tue Feb 18 16:13:48 2014] <ianjneu> UA is modeled by cubical sets via Coquand's cubical evaluator (as far as we know), but we still don't know the boundaries of what constitutes a valid HIT or not.
[Wed Feb 19 11:15:56 2014] <Rc43> Hello.
[Wed Feb 19 11:19:42 2014] <hodapp>   Admitted.
[Wed Feb 19 11:52:37 2014] <ianjneu> hodapp: eh?
[Wed Feb 19 11:52:59 2014] <ianjneu> hodapp: is that your new #coq greeting?
[Wed Feb 19 11:53:58 2014] <hodapp> Only if the greeting I'm replying to looks like a Coq command.
[Wed Feb 19 11:54:30 2014] <ianjneu> Understood.
[Wed Feb 19 11:55:17 2014] <hodapp> hmm, I'm finding 'emacsclient' rather helpful with Proof General
[Wed Feb 19 11:55:47 2014] <hodapp> because my desktop at home can have full GUI emacs there, but I can also SSH in from other environments and get to the same buffer wherever I left off.
[Wed Feb 19 11:57:31 2014] <ianjneu> hodapp: interesting. I can use my phone's ssh client to do some proofs on the go :P
[Wed Feb 19 11:57:43 2014] <hodapp> I... could do that. In theory.
[Wed Feb 19 11:58:26 2014] <ianjneu> I have a physical keyboard on my phone. It's nice.
[Wed Feb 19 11:58:50 2014] <hodapp> I do too, but Emacs isn't the easiest thing to use on it.
[Wed Feb 19 11:59:45 2014] <hodapp> my phone's an MB612
[Wed Feb 19 12:00:20 2014] <ianjneu> dunno it.
[Wed Feb 19 12:00:24 2014] <ianjneu> Droid 4 here.
[Wed Feb 19 12:01:06 2014] <hodapp> slider keyboards looked too failure-prone and annoying to me
[Wed Feb 19 12:01:16 2014] <hodapp> but I'm running out of phones that have fixed QWERTY keyboards
[Wed Feb 19 12:02:23 2014] <hodapp> unless I get a Blackberry.......
[Wed Feb 19 12:04:07 2014] <ianjneu> tiny screen
[Wed Feb 19 12:59:11 2014] <hodapp> yeah
[Wed Feb 19 12:59:59 2014] <Anarchos> hi hodapp
[Wed Feb 19 13:00:03 2014] <hodapp> hiya
[Thu Feb 20 10:41:46 2014] <osa1> why apply sometimes prints "unable to unify because ....." but sometimes just prints "unable to unify." ?
[Thu Feb 20 11:02:17 2014] <ianjneu> osa1: I imagine it's a difference between impossibility of unificiation and not being able to find a substitution due to the uncomputability of higher-order unification.
[Fri Feb 21 02:38:06 2014] <kornbluth.freenode.net> [freenode-info] please register your nickname...don't forget to auto-identify! http://freenode.net/faq.shtml#nicksetup
[Fri Feb 21 07:25:46 2014] <Rc43> Hello.
[Fri Feb 21 07:27:04 2014] <Olive`> hi
[Fri Feb 21 07:43:54 2014] <Rc43> How to create module M with parameter P and fucnction f : P -> X such way that I import M once and then choose P every time I use f?
[Fri Feb 21 07:44:16 2014] <Rc43> If I defined Parameter P then I must choose P when I import module M.
[Fri Feb 21 07:44:35 2014] <Rc43> So I need to import M multiple times for multiple paramters.
[Fri Feb 21 08:08:07 2014] <ianjneu> Rc43: What's wrong with sections?
[Fri Feb 21 08:15:28 2014] <Rc43> ianjneu, hmm, hever used them; will look
[Fri Feb 21 08:23:04 2014] <ianjneu> Rc43: Section BigScope. Variables (A B C : Type) (a0 : A). (* functions with A B C and a0 fixed ... *) End BigScope. (* uses of functions in bigscope that can give different A B C a0 *)
[Fri Feb 21 08:25:48 2014] <Rc43> ianjneu, ye, seems to be exactly what I want.
[Fri Feb 21 08:31:16 2014] <Rc43> ianjneu, is it possible to make this parameters implicit when section is closed?
[Fri Feb 21 09:11:18 2014] <roosbeef> hi
[Fri Feb 21 09:25:55 2014] <roosbeef> im trying to proof the well-foundedness of some function
[Fri Feb 21 09:26:36 2014] <roosbeef> (following http://adam.chlipala.net/cpdt/html/GeneralRec.html)
[Fri Feb 21 09:28:46 2014] <roosbeef> first im trying to prove the sublemma analogous to http://adam.chlipala.net/cpdt/html/GeneralRec.html#lengthOrder_wf%27
[Fri Feb 21 09:29:05 2014] <roosbeef> but how do i prove that? The definition of Acc confuses me
[Fri Feb 21 13:29:32 2014] <anderslundstedt> I have a function m : A -> nat. How do I define a recursive function with arguments x having decreasing m x?
[Fri Feb 21 13:38:16 2014] <Ptival> Function f x y z {measure m x} : t := ... ?
[Fri Feb 21 13:44:08 2014] <anders_> Ptival: Error: Found a product. Can not treat such a term
[Fri Feb 21 13:45:44 2014] <Ptival> where is the error located?
[Fri Feb 21 13:47:23 2014] <anders_> "failure in proveterminate"
[Fri Feb 21 13:53:13 2014] <anders_> Function f x : Prop := match x with ... f0 a b => f a -> f b ...
[Fri Feb 21 13:53:58 2014] <anders_> that is the problematic part. without it (and another product) it goes through
[Fri Feb 21 16:52:34 2014] <ezyang> Was wondering, how would you prove two monad transformers commute in Coq?
[Fri Feb 21 16:53:30 2014] <Ptival> ezyang: is the question about stating the fact or going about proving such an existing statement?
[Fri Feb 21 16:56:20 2014] <ezyang> Stating the fact.
[Fri Feb 21 16:56:56 2014] <ezyang> To be concrete, let's consider ReaderT a and ReaderT b
[Fri Feb 21 16:57:17 2014] <Ptival> (yep I think concrete will help)
[Fri Feb 21 17:01:35 2014] <ezyang> The first difficulty seems to be selecting the category to operate in. Let's suppose that we use Coq itself as the CC
[Fri Feb 21 17:01:38 2014] <ezyang> *CCC
[Fri Feb 21 17:06:50 2014] <ezyang> Maybe I will natter around with the ExtLib monad implementation
[Fri Feb 21 17:16:21 2014] <Rc43> Why my module can be import ed twice?
[Fri Feb 21 17:16:51 2014] <Rc43> I have now in scope every definition with two instances: "Module.Def" and just "Def".
[Fri Feb 21 17:16:58 2014] <Rc43> That makes some troubles.
[Sat Feb 22 02:27:31 2014] <ezyang> Hm, I'm playing with Conor's suggested alternative formulation of free monad http://comments.gmane.org/gmane.science.mathematics.logic.coq.club/3232
[Sat Feb 22 02:27:46 2014] <ezyang> But I can't figure out how to turn a functor into a container form
[Sat Feb 22 03:05:46 2014] <ezyang> Oh, Conor is using a very silly trick
[Sat Feb 22 07:44:53 2014] <roosbeef> how do i define a string type where every letter always alphabetically precedes the next letter?
[Sat Feb 22 09:20:13 2014] <roosbeef> whats up ianjneu
[Sat Feb 22 11:07:45 2014] <roosbeef> hm
[Sat Feb 22 11:08:12 2014] <roosbeef> seems like freenode is unstable atm
[Sat Feb 22 11:09:00 2014] <roosbeef> hope im not reposting
[Sat Feb 22 11:10:56 2014] <roosbeef> so ive got this order R between letters of some alphabet E
[Sat Feb 22 11:10:57 2014] <roosbeef> how do i define a type eq_string such that every letter has the same order as all other letters in that string?
[Sat Feb 22 11:11:28 2014] <roosbeef> i was thinking something like https://privatepaste.com/975869e6a4
[Sat Feb 22 11:12:03 2014] <roosbeef> but im stuck at the last part. Seems like coq doesnt want to evaluate fl_eq
[Sun Feb 23 06:51:40 2014] <roosbeef> trying to get this dependent type to work
[Sun Feb 23 06:51:47 2014] <roosbeef> https://privatepaste.com/0b2093ac30
[Sun Feb 23 06:52:21 2014] <roosbeef> coq tells me Error: The term "eqCons à è eq_proof :: nil" has type "list (fletter_eq à)" while it is expected to have type "hstring".
[Sun Feb 23 06:53:22 2014] <roosbeef> Definition hstring : Type := forall fl, list (fletter_eq fl).
[Sun Feb 23 06:54:05 2014] <roosbeef> how does a forall/dependency in typing work? (or rather, why does it not work here :p)
[Sun Feb 23 07:44:45 2014] <roosbeef> where is everybody? :p
[Sun Feb 23 07:56:09 2014] <roosbeef> bbl
[Sun Feb 23 11:52:14 2014] <ianjneu> roosbeef: I think you want fun fl => instead of forall fl,
[Sun Feb 23 11:53:31 2014] <ianjneu> weird irc client wouldn't scroll all the way down.
[Sun Feb 23 12:30:55 2014] <roosbeef> hi
[Sun Feb 23 13:26:21 2014] <Olive`> hello
[Sun Feb 23 13:37:08 2014] <roosbeef> whats up Olive`
[Sun Feb 23 21:29:01 2014] <anderslu1dstedt> how do I apply a tactic to multiple goals at once?
[Sun Feb 23 21:36:10 2014] <ianjneu_> anderslu1dstedt: are you familiar with the ; operator?
[Sun Feb 23 21:48:27 2014] <anderslu1dstedt> ianjneu_: yes, I know how to apply it to subgoals. How do I apply it to multiple goals generated by e.g. the Function command?
[Sun Feb 23 22:47:15 2014] <ianjneu_> impossible
[Mon Feb 24 09:04:02 2014] <Rc43> Hello.
[Mon Feb 24 09:04:15 2014] <Rc43> How to handle diamond module dependencies?
[Mon Feb 24 09:04:42 2014] <Rc43> I.e. A and B have common depenndency C and D imports A and B. I have problems with that.
[Mon Feb 24 10:01:28 2014] <ianjneu_> Rc43: Have you consulted CPDT chapter 16?
[Mon Feb 24 10:15:01 2014] <Rc43> ianjneu_, didn't know it contains info about modules; thanks for the reference
[Mon Feb 24 10:15:53 2014] <ianjneu_> hmm, maybe the numbers changed, but CPDT has a chapter on modules.
[Mon Feb 24 10:17:03 2014] <Rc43> It's 16.3.
[Mon Feb 24 12:13:24 2014] <adsisco> As a math student, how can I use coq to improve my education or mathematical intuition?
[Mon Feb 24 12:16:42 2014] <ianjneu_> adsisco: mathematical intuition comes from lots of practice. Perhaps work through the exercises of Software Foundations or the HoTT book.
[Mon Feb 24 12:19:03 2014] <ianjneu_> adsisco: what form of mathematics are you looking to strengthen?
[Mon Feb 24 13:40:14 2014] <Rc43> Hmm, didn't find information in CPDT 16.3 =/
[Mon Feb 24 14:00:18 2014] <roosbeef> whats up guys
[Mon Feb 24 14:00:37 2014] <roosbeef> im kinda puzzled by dependent typing in coq
[Mon Feb 24 14:00:41 2014] <roosbeef> anyone care to help?
[Mon Feb 24 14:02:00 2014] <roosbeef> https://privatepaste.com/624888c20e
[Mon Feb 24 14:02:28 2014] <roosbeef> the type im trying to create is something along the lines of "a string of letters that have equal order in fl_compare"
[Mon Feb 24 14:16:38 2014] <ianjneu_> equal order?
[Mon Feb 24 14:17:10 2014] <roosbeef> well,
[Mon Feb 24 14:17:30 2014] <roosbeef> so that forall x y in the string, eq_fl x y is True
[Mon Feb 24 14:17:47 2014] <roosbeef> (cf. link)
[Mon Feb 24 14:20:08 2014] <ianjneu_> two lists of the same length where component-wise fl_eq holds?
[Mon Feb 24 14:20:14 2014] <ianjneu_> I'm not following what you're getting at.
[Mon Feb 24 14:20:32 2014] <roosbeef> :p my bad
[Mon Feb 24 14:20:55 2014] <roosbeef> so suppose we have the order a, b > c, d > e, f
[Mon Feb 24 14:21:13 2014] <roosbeef> where a and b are equal in >, as are c and d, and e and f
[Mon Feb 24 14:21:49 2014] <roosbeef> how do i build a type so that it consists of all strings made of a and b, or c and d or e and f?
[Mon Feb 24 14:22:37 2014] <roosbeef> actually it doesnt even have to be that, i just want to wrap my head around dependent typing cause i cant get it to work ;p (as can be seen in the example at the bottom)
[Mon Feb 24 14:43:44 2014] <ianjneu_> roosbeef: use an equivalence closure of your ordering.
[Mon Feb 24 14:44:28 2014] <roosbeef> how does that work?
[Mon Feb 24 14:44:59 2014] <roosbeef> (in coq, i mean, how is that implemented)
[Mon Feb 24 14:47:55 2014] <ianjneu_> roosbeef: Relation_Operators defines transitive closure. Reflexive closure has two constructors: one that says x is related to x, and one that says if R x y then Reflexive_closure R x y.
[Mon Feb 24 14:48:27 2014] <ianjneu_> Symmetric closure is similar, only instead of x related to x, you have if R x y then Symmetric_closure R y x.
[Mon Feb 24 14:48:40 2014] <ianjneu_> put all three together and you have an equivalence closure.
[Mon Feb 24 14:50:13 2014] <roosbeef> so how does one employ an equivalence closure to define a type?
[Mon Feb 24 14:51:18 2014] <ianjneu_> It's a proposition.
[Mon Feb 24 14:51:27 2014] <roosbeef> ah
[Mon Feb 24 14:52:07 2014] <ianjneu_> also, equivalence closure of your > won't give you a, b <> c but a = b.
[Mon Feb 24 14:52:25 2014] <roosbeef> thats fine i guess
[Mon Feb 24 14:52:30 2014] <roosbeef> hm
[Mon Feb 24 14:52:51 2014] <roosbeef> but how is that different from the above failed attempt? (see link)
[Mon Feb 24 14:52:53 2014] <ianjneu_> how do you want your equivalence classes to look?
[Mon Feb 24 14:52:59 2014] <roosbeef> that is using a Prop too?
[Mon Feb 24 14:54:37 2014] <ianjneu_> hstring is "a list of fletters that have a proof that they're equal to fl, for a universally quantified fl." Your quantification seems to be in the wrong place.
[Mon Feb 24 14:54:55 2014] <ianjneu_> Perhaps you want exists.
[Mon Feb 24 14:56:12 2014] <roosbeef> in fletter_eq you mean?
[Mon Feb 24 14:56:22 2014] <ianjneu_> hstring
[Mon Feb 24 14:57:43 2014] <roosbeef> Definition hstring : Type := exists fl, list (fletter_eq fl).
[Mon Feb 24 14:57:43 2014] <roosbeef> Error: In environment fl : fletter
[Mon Feb 24 14:57:43 2014] <roosbeef> The term "list (fletter_eq fl)" has type "Set" while it is expected to have type "Prop".
[Mon Feb 24 14:59:04 2014] <ianjneu_> sigT fletter_eq
[Mon Feb 24 14:59:22 2014] <ianjneu_> er, sigT (fun fl => list (fletter_eq fl))
[Mon Feb 24 15:00:03 2014] <ianjneu_> The syntactic Prop/Type distinction is getting on my nerves.
[Mon Feb 24 15:01:18 2014] <roosbeef> Definition hstring : Type := exists fl, sigT (fun fl => list (fletter_eq fl)).
[Mon Feb 24 15:01:18 2014] <roosbeef> Error: In environment fl : ?12 The term "{fl : fletter & list (fletter_eq fl)}" has type "Set" while it is expected to have type "Prop".
[Mon Feb 24 15:01:38 2014] <ianjneu_> no, kill the exists.
[Mon Feb 24 15:01:42 2014] <roosbeef> oh haha
[Mon Feb 24 15:01:45 2014] <roosbeef> :p
[Mon Feb 24 15:03:13 2014] <roosbeef> ok that seems to work
[Mon Feb 24 15:03:21 2014] <roosbeef> but how to construct a string of this type?
[Mon Feb 24 15:03:40 2014] <roosbeef> and why is sigT required?
[Mon Feb 24 15:04:00 2014] <ianjneu_> sigT is an existential type in Type and not Prop.
[Mon Feb 24 15:04:37 2014] <ianjneu_> existT (fun fl => list (fletter_eq fl)) some_fletter some_list_of_fletter_eq_some_fletter
[Mon Feb 24 15:05:00 2014] <roosbeef> hm
[Mon Feb 24 15:05:03 2014] <roosbeef> lets see
[Mon Feb 24 15:07:49 2014] <roosbeef> ok then i dont understand how fletter_eq works haha
[Mon Feb 24 15:08:08 2014] <roosbeef> heres what im trying
[Mon Feb 24 15:08:11 2014] <roosbeef> Definition test1 : hstring := existT (fun fl => list (fletter_eq fl)) à ((eqCons à) :: (eqCons è) :: nil).
[Mon Feb 24 15:08:35 2014] <roosbeef> Error: The term "eqCons è :: nil" has type "list (forall fl' : fletter, fl_eq è fl' -> fletter_eq è)"
[Mon Feb 24 15:08:35 2014] <roosbeef>  while it is expected to have type "list (forall fl' : fletter, fl_eq à fl' -> fletter_eq à)".
[Mon Feb 24 15:10:39 2014] <ianjneu_> how about existT _ à ((eqCons à à) :: (eqCons à è) :: nil)
[Mon Feb 24 15:12:09 2014] <roosbeef> Error: The term "eqCons à à :: eqCons à è :: nil" has type "list (fl_eq à à -> fletter_eq à)" while it is expected to have type "list (fletter_eq à)".
[Mon Feb 24 15:12:15 2014] <roosbeef> does that mean coq wants proof?
[Mon Feb 24 15:12:47 2014] <ianjneu_> yup.
[Mon Feb 24 15:12:50 2014] <roosbeef> hm
[Mon Feb 24 15:12:59 2014] <roosbeef> is there a way to make coq automatically derive this proof?
[Mon Feb 24 15:13:10 2014] <roosbeef> its quite trivial when you look at the definitions
[Mon Feb 24 15:13:12 2014] <ianjneu_> Canonical structures.
[Mon Feb 24 15:13:20 2014] <roosbeef> how does that work?
[Mon Feb 24 15:13:30 2014] <ianjneu_> mumble mumble
[Mon Feb 24 15:13:44 2014] <roosbeef> haha
[Mon Feb 24 15:14:08 2014] <roosbeef> does it help to write tactics? I havent been using those so far
[Mon Feb 24 15:14:25 2014] <roosbeef> (well custom ones i mean)
[Mon Feb 24 15:16:05 2014] <ianjneu_> it won't help. You have to hook into the unification algorithm to fill in those proofs.
[Mon Feb 24 15:16:13 2014] <ianjneu_> that's what canonical structures give you
[Mon Feb 24 15:17:13 2014] <roosbeef> would you have a good resource for getting started with canonical structures perhaps?
[Mon Feb 24 15:18:25 2014] <ianjneu_> http://www.mpi-sws.org/~beta/lessadhoc/
[Mon Feb 24 15:20:34 2014] <roosbeef> looks good :)
[Mon Feb 24 15:20:38 2014] <roosbeef> gonna study that
[Mon Feb 24 15:20:42 2014] <roosbeef> thanks a lot!
[Mon Feb 24 20:18:24 2014] <anderslundstedt> how do I simplify Fixpoints created by Program Fixpoint? http://pastebin.com/J10FeHV1
[Mon Feb 24 20:40:46 2014] <ianjneu_> anderslundstedt: what obligations did you have left to prove?
[Mon Feb 24 20:42:54 2014] <anderslundstedt> well, if I do the import Coq.Program.Program then none, all are solved automatically
[Mon Feb 24 20:45:14 2014] <anderslundstedt> here is a modified pastebin with no obligations remaining or admitted: http://pastebin.com/TCRCztNU (just the first line changed)
[Mon Feb 24 20:45:22 2014] <ianjneu_> unfold f; rewrite Fix_eq; fold f; simpl.
[Mon Feb 24 20:47:40 2014] <ianjneu_> full proof: intros n. unfold f; rewrite Fix_eq; [simpl; reflexivity|intro x; induction x; auto].
[Mon Feb 24 20:54:43 2014] <anderslundstedt> thank you. The actual fixpoint I have is of course more complicated. The combination "unfold f; rewrite Fix_eq; fold f; simpl." does not work there. There is no combination that works with all Program Fixpoints?
[Mon Feb 24 20:58:42 2014] <ianjneu_> I suggest you look at the theorems you get from uses of Fix.
[Mon Feb 24 21:00:07 2014] <anderslundstedt> where can I find them?
[Mon Feb 24 21:03:18 2014] <ianjneu_> SearchAbout Fix.
[Mon Feb 24 21:04:20 2014] <anderslundstedt> thanks
[Tue Feb 25 02:36:41 2014] <anderslundstedt> how do I get the necessary equalities when using refine on a pattern match? http://pastebin.com/n8G12TY8
[Tue Feb 25 04:06:18 2014] <jrw> anderslundstedt: something like this? http://pastebin.com/meTJhpd6
[Tue Feb 25 04:13:09 2014] <Cale> I kind of wish there were a more sugary syntax available for providing additional inferrable parameters to the branches of a case in that fashion.
[Tue Feb 25 04:13:31 2014] <Cale> of a match, I should say :)
[Tue Feb 25 04:54:58 2014] <anderslundstedt> jrw: yes, thanks!
[Tue Feb 25 15:18:04 2014] <Anarchos> Is there a powerpoint to evangelise coq within enterprises ?
[Tue Feb 25 15:25:04 2014] <jgross> Anarchos: There was a talk at POPL about how to sell program verification to industry: http://www.cl.cam.ac.uk/~pes20/pip2014-slides/PIP2014-Leroy.pdf 
[Tue Feb 25 15:28:34 2014] <Anarchos> jgross thanks
[Tue Feb 25 15:28:44 2014] <Anarchos> jgross do you know if this channel is looged ?
[Tue Feb 25 15:29:05 2014] <jgross> I have my own logs of it, but I don't know of any public logs.	Why? 
[Tue Feb 25 15:46:49 2014] <Anarchos> jgross to be able to find this link again at work tomorrow
[Tue Feb 25 15:47:19 2014] <ianjneu> Anarchos: paste in in ##hott :P
[Tue Feb 25 15:48:21 2014] <Anarchos> ianjneu lol
[Tue Feb 25 15:48:44 2014] <Anarchos> ianjneu so is T. Coquand near to show that univalent axiom as a computation model ?
[Tue Feb 25 15:57:06 2014] <ianjneu> I'm not close to the project. Dunno.
[Tue Feb 25 16:01:35 2014] <Anarchos> ianjneu oh ok
[Tue Feb 25 16:01:54 2014] <Anarchos> could you remind me what are you close to ?
[Tue Feb 25 16:04:35 2014] <ianjneu> Anarchos: http://www.ccs.neu.edu/home/ianj/
[Tue Feb 25 16:06:07 2014] <Anarchos> ok :)
[Tue Feb 25 17:01:34 2014] <jgross> Anarchos: google popl 2014 pip, then look for "Xavier Leroy, How much is a mechanized proof worth, certification-wise?" 
[Tue Feb 25 19:05:18 2014] <rribeiro> Hi folks. I'm with some trouble in defining a decidable equality function on a dependent type. The problematic code is in the following gist: https://gist.github.com/rodrigogribeiro/9220646
[Tue Feb 25 19:06:04 2014] <rribeiro> If someone could take a look, the trouble is in definition eq_ty_dec
[Tue Feb 25 19:11:45 2014] <ianjneu> rribeiro: looks like you want propositional extensionality, not JMeq.
[Tue Feb 25 19:14:37 2014] <rribeiro> ianjneu: Propositional extensionality? But the types in eq_ty_dec involve different indices... Because of that, I thought that JMeq was necessary
[Tue Feb 25 19:15:36 2014] <ianjneu> JMeq is a kludge best not used.
[Tue Feb 25 19:15:52 2014] <ianjneu> and I meant proof irrelevance. I'm still playing with your code.
[Tue Feb 25 19:16:01 2014] <rribeiro> ianjneu: Using proof irrelevance, I can prove some cases, but I can't do inversion on some contradictions
[Tue Feb 25 19:16:50 2014] <rribeiro> ianjneu: But, there's no way of doing this without any axioms like proof irrelevance?
[Tue Feb 25 19:18:33 2014] <ianjneu> rribeiro: you need to show that two variables of type In x y are equal. That needs proof irrelevance or more information than you're giving.
[Tue Feb 25 19:28:21 2014] <Rc43> Hello.
[Tue Feb 25 19:30:17 2014] <ianjneu> Rc43: hey
[Tue Feb 25 19:32:32 2014] <ianjneu> rribeiro: I'm hitting an anomaly trying to induct on points of JMeq.
[Tue Feb 25 19:33:30 2014] <rribeiro> what kind of anomaly?
[Tue Feb 25 19:33:43 2014] <rribeiro> ianjneu: what kind of anomaly? ***
[Tue Feb 25 19:34:39 2014] <ijp> an anomalous one
[Tue Feb 25 19:36:53 2014] <ianjneu> OAnomaly: Uncaught exception Option.IsNone. Please report.
[Tue Feb 25 19:37:15 2014] <rribeiro> oh! A bug...
[Tue Feb 25 19:37:57 2014] <ianjneu> ya
[Tue Feb 25 19:38:16 2014] <ianjneu> I keep hitting those. I am Ian, breaker of languages.
[Tue Feb 25 19:38:33 2014] <rribeiro> ianjneu: :)
[Tue Feb 25 19:39:27 2014] <ianjneu> JMeq_ind seems to be weaker than what it should be..
[Tue Feb 25 19:48:18 2014] <ianjneu> Internal rewrites seem to break well-typedness too. Wtf.
[Tue Feb 25 19:48:50 2014] <ianjneu> oh okay. Trying to do Defined gives a universe inconsistency.
[Tue Feb 25 19:58:43 2014] <rribeiro> ]ianjneu: Wtf this thing... It seems to be a simple definition... :(
[Tue Feb 25 19:59:08 2014] <ianjneu> rribeiro: equality is mysterious.
[Tue Feb 25 20:02:56 2014] <rribeiro> ianjneu: Strange thing... In agda, I believe that this function is easy to implement... :(
[Tue Feb 25 20:03:23 2014] <rribeiro> ianjneu: I thought that it would be equaly easy in Coq.
[Tue Feb 25 20:06:47 2014] <ianjneu> Agda treats equality irreverently.
[Wed Feb 26 00:25:52 2014] <jgross> rribeiero: Agda's pattern matching assumes Axiom K.  That is what makes it easy.  But if you're willing to replace [In] with a decidable version, then it's doable in Coq, without any axioms and using eq rather than JMeq: https://gist.github.com/rodrigogribeiro/9220646#comment-1180189 
[Wed Feb 26 03:05:28 2014] <iXeno> hi, CoqIde refuses to start properly on my macbook pro running mavericks... is that a known problem?
[Wed Feb 26 03:05:45 2014] <iXeno> 8.4p12
[Wed Feb 26 08:06:59 2014] <hodapp> wow, I amaze myself with the things I can come up with in Coq
[Wed Feb 26 08:07:25 2014] <hodapp> ...and how far they are from an actual simple solution to the problem.
[Wed Feb 26 10:49:51 2014] <napping> Where can I find the expected form of and induction principle for induction ... using ?
[Wed Feb 26 11:01:38 2014] <hodapp> napping: do you have any sort of example of what you're talking about?
[Wed Feb 26 11:02:35 2014] <napping> Lets say you have a vec : Set -> nat -> Set
[Wed Feb 26 11:04:10 2014] <napping> and define something like vec_nz_ind : forall (Q : forall A n, vec A n) (H : forall A (a : A) n (v : vec A n), a -> Q v -> Q (vcons a v)), forall A n (v : vec A (S n)), Q v
[Wed Feb 26 11:05:21 2014] <napping> that doesn't seem to work with destruct ... using
[Wed Feb 26 11:05:35 2014] <napping> like if you have H : vec string 3 in scope, destruct H using vec_nz_ind
[Wed Feb 26 11:05:50 2014] <napping> Haven't actually tested that yet, it's simplified from my full code
[Wed Feb 26 11:28:42 2014] <napping> Here's a simpler example that actually fails http://lpaste.net/100415
[Wed Feb 26 22:44:52 2014] <eridu> is this a channel strictly for coq development, or are coq usage questions acceptable here?
[Wed Feb 26 22:57:21 2014] <jrw> eridu: usage questions definitely welcome!
[Wed Feb 26 23:14:24 2014] <eridu> how can I split out an implication that's in a hypothesis?
[Wed Feb 26 23:15:03 2014] <jrw> eridu: can you give an example?
[Wed Feb 26 23:15:46 2014] <eridu> if I have a hypothesis of the form P -> Q, is there a way I can split that so I have a hypothesis P?
[Wed Feb 26 23:17:37 2014] <jrw> eridu: I'm not sure I follow, but that doesn't sound like something you should expect to be able to do
[Wed Feb 26 23:17:49 2014] <jrw> if I know "P implies Q" that doesn't mean I know "P" (or "Q" for that matter)
[Wed Feb 26 23:17:50 2014] <eridu> that's understandable, I don't understand this very well
[Wed Feb 26 23:18:20 2014] <jrw> now, if your *goal* is "P -> Q"
[Wed Feb 26 23:18:37 2014] <jrw> then the tactic "intros" will introduce P into your hypotheses
[Wed Feb 26 23:18:43 2014] <jrw> and then your goal will become Q
[Wed Feb 26 23:32:51 2014] <eridu> so, let's say I have an assumption P x -> Q
[Wed Feb 26 23:33:06 2014] <eridu> and another assumption about the shape of x that means I know P x to be true/provable
[Wed Feb 26 23:33:23 2014] <eridu> how can I apply the latter assumption to prove Q in the former assumption?
[Wed Feb 26 23:38:11 2014] <eridu> also, is the "Case" (uppercase) command/tactic used in the Software Foundations book an extension? I can't seem to use it in my coq
[Wed Feb 26 23:40:02 2014] <jrw> eridu: regarding Case, if I recall, you have to import their library that defines it.
[Wed Feb 26 23:40:32 2014] <jrw> recent versions of coq have a sort of similar mechanism via bullets: you can use "-", "+", and "*" to delineate cases in your proof
[Wed Feb 26 23:41:42 2014] <jrw> regarding the other question, one thing you can do is "assert (P x)." then proceed to prove P x. that will give you a new hypothesis "P x", then you can apply the old hypothesis to the new one to get Q
[Wed Feb 26 23:49:02 2014] <eridu> ah, okay
[Wed Feb 26 23:52:50 2014] <eridu> how do parentheticals interact with the "in 1" sort of syntax? If I have a constructor application in parens, inside a larger statement, is that one increment of the 'in x' number, or more?
[Wed Feb 26 23:58:07 2014] <jrw> do you mean "at 1"?
[Wed Feb 26 23:58:28 2014] <jrw> in that case, I don't think parenteses matter, but I don't use that feature very much
[Thu Feb 27 00:04:06 2014] <eridu> yes, that
[Thu Feb 27 00:08:21 2014] <eridu> okay, I think this should be one of my last questions; thanks so much for your help
[Thu Feb 27 00:09:22 2014] <eridu> how do you construct a value of a sigma type? like {x | P x}
[Thu Feb 27 00:09:39 2014] <eridu> actually typing "{x | P x}" gives me something in set, but I want that particular type
[Thu Feb 27 00:12:03 2014] <jrw> eridu: the answer in this case is the constructor  "exist"
[Thu Feb 27 00:12:37 2014] <jrw> you can find this by saying: Locate "{ _ | _ }".
[Thu Feb 27 00:12:44 2014] <jrw> which tells you that the real type name is sig
[Thu Feb 27 00:12:48 2014] <jrw> you can then say: Print sig.
[Thu Feb 27 00:12:58 2014] <jrw> to see its constructors (in this case there's only one)
[Thu Feb 27 00:13:22 2014] <eridu> ah. I was confusing exist and existT.
[Thu Feb 27 02:32:48 2014] <iXeno> hi, CoqIdE won't start on mavericks - or rather, it just doesn't open the window - anything anyone knows about?
[Thu Feb 27 03:58:49 2014] <eridu> I have two hypotheses: a < b and b > a. How can I derive a contradiction?
[Thu Feb 27 03:59:30 2014] <eridu> it seems like most of the normal contradiction tactics don't easily work on inequalities...
[Thu Feb 27 04:44:54 2014] <BmoreDaniel> eridu: Do you mean a < b and b < a? If so, omega will solve the goal.
[Thu Feb 27 04:45:13 2014] <eridu> yeah, I had exactly that, but omega was saying it couldn't solve the system.
[Thu Feb 27 04:45:47 2014] <eridu> could have been another issue though
[Thu Feb 27 05:39:27 2014] <Rc43> Hi.
[Thu Feb 27 05:54:32 2014] <Rc43> What function should be used for getting remainder of division?
[Thu Feb 27 05:54:38 2014] <Rc43> (a `mod` b)
[Thu Feb 27 06:06:39 2014] <Rc43> Oh, its Zmod.
[Thu Feb 27 06:07:09 2014] <Rc43> But Z <> nat.
[Thu Feb 27 06:08:19 2014] <Cale> http://coq.inria.fr/distrib/current/stdlib/Coq.Arith.Euclid.html
[Thu Feb 27 06:08:25 2014] <Cale> There's that, which might be of use
[Thu Feb 27 06:14:20 2014] <Rc43> Oh, I already used Z.of_nat and Z.to_nat :)
[Thu Feb 27 06:39:46 2014] <Rc43> Is ther analogue of "undefined" from haskell?
[Thu Feb 27 06:40:02 2014] <Rc43> I can use "admit" in proofs, but what about functions?
[Thu Feb 27 06:46:21 2014] <Rc43> I found in google, that there are "holes" in ProofGeneral for Coq.
[Thu Feb 27 06:46:30 2014] <Rc43> But I can't find how to use it.
[Thu Feb 27 06:49:06 2014] <Rc43> Ah, just import Program and put _ in desired place.
[Thu Feb 27 06:54:08 2014] <Rc43> But I can't use unfinished definitions (with holes) =/
[Thu Feb 27 13:21:58 2014] <Anarchos> has coq kernel been extracted from coq itself ?
[Thu Feb 27 13:29:02 2014] <hodapp> the closest I'm aware of is: http://coq.inria.fr/V8.2pl1/contribs/CoqInCoq.html
[Thu Feb 27 13:35:06 2014] <Anarchos> hodapp i read the report of bruno barras on the subject, and obviously he used Godel theorem to state it is not fully feasible
[Thu Feb 27 14:02:19 2014] <ianjneu>  There is a research goal of the HoTT community to see if type theory with n + 1 universes justifies the consistency of type theory with n universes.
[Thu Feb 27 14:02:37 2014] <ianjneu> I think it's along the lines of the paper, "Type theory should eat itself."
[Thu Feb 27 14:39:26 2014] <Anarchos> ianjneu well it sounds like ZFC+Cardinal Inaccessible proves ZF
[Thu Feb 27 15:26:04 2014] <jtpercon> I am looking for some help working with a function that has a non-obvious induction metric
[Thu Feb 27 15:28:24 2014] <jtpercon> the only way I've gotten coq to accept a definition that looks right is with Program Fixpoint, but I don't know how to actually work with that definition because it adds a bunch of complicated stuff I don't understand
[Thu Feb 27 15:54:37 2014] <ianjneu> jtpercon: You have to use the Fix theorems like Fix_eq to rewrite functions to their body.
[Thu Feb 27 15:54:53 2014] <ianjneu> simpl does not do this for you.
[Thu Feb 27 15:55:42 2014] <jtpercon> ok I will take a look at Fix_eq
[Thu Feb 27 15:59:44 2014] <jtpercon> ianjneu: I don't understand what this does
[Thu Feb 27 16:02:04 2014] <Anarchos> jtpercon it unrolls recursive calls
[Thu Feb 27 16:06:05 2014] <jtpercon> ok so after I unfold two things I get to a goal that is an application of Fix_sub to a bunch of stuff, which seems to be the right shape to apply Fix_eq, but it doesn't actually match if I try to do that
[Thu Feb 27 16:07:24 2014] <ianjneu> rewrite, don't apply
[Thu Feb 27 16:08:01 2014] <jtpercon> but the conclusion isn't an equality
[Thu Feb 27 16:08:11 2014] <jtpercon> or wait, I am reading this wrong
[Thu Feb 27 16:08:40 2014] <jtpercon> I misread a => as a -> and also ignored some parens, oops
[Thu Feb 27 16:11:27 2014] <jtpercon> ok it did a rewrite, but this was not actually helpful because now I have a huge match expression instead of something I can read
[Thu Feb 27 16:19:31 2014] <Anarchos> did you try «simpl» after that ?
[Thu Feb 27 16:20:28 2014] <jtpercon> actually I think I might be getting it? hang on
[Thu Feb 27 16:25:26 2014] <jtpercon> well ok, I got things to match up for one subgoal that looks like what I expect to be proving but it generated another subgoal with a bunch of stuff I don't understand
[Thu Feb 27 16:34:47 2014] <jtpercon> I am not sure what information to give now other than explaining everything I'm doing
[Thu Feb 27 16:55:42 2014] <ianjneu> jtpercon: the extra subgoal is almost always provable by auto or intro x; induction x; auto.
[Thu Feb 27 16:59:48 2014] <jtpercon> ok so you know what the extra subgoal is then?
[Thu Feb 27 17:02:32 2014] <jtpercon> (it does give me a thing called x but doing induction on it did not solve the goal)
[Thu Feb 27 17:11:57 2014] <ianjneu> I forget.
[Thu Feb 27 17:14:03 2014] <jtpercon> I may have to give up on this for today
[Thu Feb 27 17:14:15 2014] <ianjneu> ah, it's the subgoal that you preserve the function equality given the equality of recursive calls.
[Thu Feb 27 17:15:04 2014] <jtpercon> oh is that what it is, ok
[Thu Feb 27 17:15:39 2014] <jtpercon> that sort of makes sense from the parts of this proof state I have been able to make sense of
[Thu Feb 27 17:31:30 2014] <jtpercon> yeah I give up for now, thanks anyway ianjneu
[Thu Feb 27 17:33:12 2014] <jtpercon> * gets it to work immediately after saying I gave up
[Thu Feb 27 20:44:49 2014] <anderslundstedt> how do I return a finite set of nats from a function?
[Thu Feb 27 21:35:59 2014] <anderslundstedt> Module FinNatSet := MSetList.Make Nat_as_OT.
[Thu Feb 27 21:36:06 2014] <anderslundstedt> is that correct?
[Thu Feb 27 22:58:41 2014] <Ptival> could be
[Thu Feb 27 22:58:49 2014] <ianjneu> FinNatSet.t
[Fri Feb 28 05:48:25 2014] <rribeiro> Hello to all! I have a question about well founded relations. I want to define a wf relation between elements of two "diferent" types --- different in the sense that the types have different indices. I've looked at stdlibrary and books (coq-art and chlipala's) and didn't find anything. Anyone have any suggestion on how to define such relation? Thanks in advance
[Fri Feb 28 07:11:33 2014] <ianjneu> rribeiro: package the different index into a sigma type.
[Sat Mar  1 11:53:14 2014] <ollehar> can I use coq to prove that a state machine cannot reach an invalid state?
[Sat Mar  1 11:56:18 2014] <ziman> with suitable definitions, sure
[Sat Mar  1 12:00:55 2014] <ollehar> ziman: cool, any tips how? or a link?
[Sat Mar  1 12:02:47 2014] <ollehar> I found some info about it in OCaml on stackoverflow, will check that
[Mon Mar  3 09:18:27 2014] <fser> bonjour
[Mon Mar  3 09:22:59 2014] <Anarchos> hi fser
[Mon Mar  3 09:24:07 2014] <fser> sorry I didn't notice this channel was english spoken :)
[Mon Mar  3 09:24:19 2014] <Anarchos> fser no problem
[Mon Mar  3 09:24:38 2014] <fser> I may have beginner questions about coq, maybe this is not the appropriate chan ..
[Mon Mar  3 09:41:10 2014] <Rc43> I have term like: 'match l with | cons x l' => ... | nil => ... end'.
[Mon Mar  3 09:41:34 2014] <Rc43> How to generate equalities "l = cons x l'" and "l = nil" inside branches?
[Mon Mar  3 09:52:27 2014] <Anarchos> destruct l
[Mon Mar  3 09:57:20 2014] <Rc43> Anarchos, how to do it with term?
[Mon Mar  3 09:57:47 2014] <Rc43> I want to define function, not prove its propertty.
[Mon Mar  3 10:01:31 2014] <Rc43> Maybe it is easier to define the function with tactics though =/
[Mon Mar  3 10:02:32 2014] <Anarchos> Rc43 no idea
[Mon Mar  3 10:02:45 2014] <Anarchos> rc did you look into the coqart ?
[Mon Mar  3 10:07:20 2014] <Rc43> Anarchos, not yet
[Mon Mar  3 10:18:00 2014] <Rc43> How to use "inversion" if I want to keep equality?
[Mon Mar  3 10:18:13 2014] <Rc43> I mean, "keep equality hypothesis in the context".
[Mon Mar  3 10:27:45 2014] <Rc43> I can't make "eqn:" from ref manual work.
[Mon Mar  3 10:30:12 2014] <Rc43> Hmm, "destruct something as [x y] eqn:N" works.
[Mon Mar  3 13:10:09 2014] <mixxu> new to coq here, are there tactics to automatically prove easy theorems like: http://pastie.org/8842272 (for instance, if i fix A to be a finite set, are there tactics which just enumerate all possible relations and check if the property holds?)
[Mon Mar  3 16:24:31 2014] <osa1> guys, any ideas why simpl does not work in this case: http://lpaste.net/100661
[Mon Mar  3 17:41:36 2014] <Ptival> osa1: maybe it doesn't want to simple unless it knows the structure of the structurally-recursive argument?
[Tue Mar  4 16:00:09 2014] <defanor_> is there a way to bind multiple values with a single let?
[Tue Mar  4 16:02:10 2014] <Anarchos> defanor_ if you can define a tuple , yes. And i remind it should be feasible within coqq
[Tue Mar  4 16:05:51 2014] <defanor_> thanks
[Tue Mar  4 22:22:46 2014] <kini> In working through a proof, I found that at a particular point, "destruct e." gives me an error, "Error: Case analysis on sort Type is not allowed for inductive definition Logic.ex."
[Tue Mar  4 22:23:03 2014] <kini> However, if I first do "exfalso.", then the error does not appear and I'm successfully able to destruct the term e.
[Tue Mar  4 22:23:35 2014] <kini> specifically, I have "e : exists v : val, set_In (l, v) nil" (i.e. it's a contradiction)
[Tue Mar  4 22:23:59 2014] <kini> it destructs to "x : val" and "H : set_In (l, x) nil", the latter of which I can use the contradiction tactic on to satisfy the goal
[Tue Mar  4 22:24:05 2014] <kini> but why do I need to use exfalso before destructing e?
[Tue Mar  4 22:24:28 2014] <kini> isn't the goal irrelevant when destructing a hypothesis?
[Tue Mar  4 22:34:12 2014] <Cale> kini: I think it has to do with the  exists v : val, set_In (l, v) nil  being a Prop, while your goal is perhaps a Type?
[Tue Mar  4 22:35:13 2014] <Cale> kini: Once you do exfalso, the goal becomes False, which is a Prop, so you can eliminate other Props to get it.
[Tue Mar  4 22:37:27 2014] <kini> Yes, my goal is a Type, good guess!
[Tue Mar  4 22:37:57 2014] <kini> I'm not sure I understand why that would prohibit me from destructing a Prop, though...
[Tue Mar  4 22:41:06 2014] <Cale> I'm not sure I do either, I just know that Coq doesn't like it. :)  There's probably something bad that you can do using Prop's impredicativity if you're allowed to destruct Props to get Types, but I don't really know.
[Tue Mar  4 22:41:33 2014] <Cale> Personally, I tend to prefer to avoid Prop
[Tue Mar  4 22:45:20 2014] <Cale> But there are some set theoretical things you need that impredicativity for, like defining power sets without going up a universe level.
[Tue Mar  4 23:23:07 2014] <jgross> Cale, kini: It's not so much the impredicativity (I think) that bites as it is prop erasure.  When you extract code, all the Prop arguments get erased.  If your construction depends on it, then your extracted code goes boom.  In HoTT there's a more structured distinction: (weak) hProps can only be destructed if you prove that your construction doesn't depend on the value (i.e., you send all inhabitants of the hProp to propositionally equal
[Tue Mar  4 23:23:07 2014] <jgross> things).  strict hProps require you to send all inhabitants to judgmentally equal things. 
[Tue Mar  4 23:39:07 2014] <kini> hmm, I guess I don't really know what I'm doing
[Tue Mar  4 23:39:35 2014] <kini> I remember that at POPL someone said that anyone who has used Coq for long enough knows that the only way to get any work done is to make your code have simple types and then prove external theorems about your code using more complicated types
[Tue Mar  4 23:39:50 2014] <kini> rather than trying to carry proofs of theorems along with your computational values
[Tue Mar  4 23:39:58 2014] <kini> I guess I'm finding that out firsthand :P
[Tue Mar  4 23:41:16 2014] <kini> but I think I see your point, jgross -- destructing a Prop will basically create a match expression on the Prop in the proof object, right? so if that Prop is gone, you have a problem, even if it is impossible to get into that branch during execution (as you are trying to go on to prove)
[Tue Mar  4 23:41:40 2014] <kini> because your code is just missing pieces, even though it's in a dead code region, so to speak
[Tue Mar  4 23:41:55 2014] <Cale> Yeah, that's a good point
[Tue Mar  4 23:43:36 2014] <kini> ok, here is a very dumb question. I have a hypothesis "(x, y) = (z, w)". How do I get two hypotheses "x = z" and "y = w"? Trying to destruct the hypothesis just makes it go away.
[Wed Mar  5 00:01:29 2014] <Cale> kini: Ah, apparently it's called f_equal.
[Wed Mar  5 00:02:00 2014] <Cale> f_equal fst p should get you x = z
[Wed Mar  5 00:02:10 2014] <Cale> where p is your (x, y) = (z, w)
[Wed Mar  5 00:02:22 2014] <Cale> (In HoTT, this is called ap)
[Wed Mar  5 00:03:36 2014] <Cale> You might need to supply the implicit parameter to fst
[Wed Mar  5 00:04:00 2014] <kini> well, this is a hypothesis, not a goal...
[Wed Mar  5 00:04:22 2014] <Cale> The function is also called f_equal
[Wed Mar  5 00:04:42 2014] <Cale> (There's also a tactic called f_equal)
[Wed Mar  5 00:06:24 2014] <jgross> There is also an [inversion] tactic that might do what you want.  But [pose proof (f_equal (@fst _ _) p)] is less black-box-magic. 
[Wed Mar  5 00:06:26 2014] <Cale> My version of Coq has trouble unifying the type of fst with the type of the argument to f_equal though unless I explicitly specify the type of the second part using (B := B)
[Wed Mar  5 00:06:45 2014] <kini> oh, of course, inversion worked, haha
[Wed Mar  5 00:07:03 2014] <kini> thanks, Cale and jgross
[Wed Mar  5 00:07:10 2014] <Cale> Oh, that at-sign magic again :)
[Wed Mar  5 00:07:12 2014] <kini> man, it's been too long since I cracked open software foundations...
[Wed Mar  5 00:07:50 2014] <jgross> Kini: exfalso is how you tell Coq that you're in a dead code region. Coq can't figure out whether or not you're in a dead code region automatically, so you need to tell it. 
[Wed Mar  5 00:08:35 2014] <jgross> Cale: What's magic about @s?  @? are kind-of magic in pattern matching (but not magic enough), but @ just says "make all the parameters explicit". 
[Wed Mar  5 00:08:43 2014] <kini> well, you could also just keep going and eventually say "contradiction H", but I guess that's just being overly conservative in what you're telling Coq is a dead code region
[Wed Mar  5 00:08:55 2014] <kini> so I guess the lesson is to use exfalso as soon as possible
[Wed Mar  5 00:09:24 2014] <Cale> jgross: Well, it's strange to me that Coq would refuse to infer the implicit parameters, and then you go and make them explicit and fill them with blanks and everything is okay
[Wed Mar  5 00:10:08 2014] <Cale> I would kind of expect  fst  to mean the very same thing as  @fst _ _
[Wed Mar  5 00:10:15 2014] <Cale> given that fst has two implicit parameters
[Wed Mar  5 00:10:58 2014] <jgross> Cale: This is the difference between implict, and implicit and maximally inserted.  [fst] is the same as [@fst] if you pass it no parameters, but if you pass it a parameter [x], then it's [@fst _ _ x].  If you want [fst] to mean [@fst _ _], then you need to do [Arguments fst {A B} _.]  (To make it implicit but not maximally inserted, you do [Arguments fst [A B] _.]) 
[Wed Mar  5 00:13:24 2014] <Cale> I wonder if it would be worth making it try adding blanks until it runs out of implicit parameters in the case of a type mismatch.
[Wed Mar  5 00:13:51 2014] <Cale> (In general)
[Wed Mar  5 00:16:45 2014] <jgross> Cale, I think that would be confusing.	But maybe not.	Feel free to submit a feature request for a kind of "minimally inserted implicit arguments". 
[Wed Mar  5 00:16:56 2014] <jgross> Anyway, I'm off to bed.  Goodnight! 
[Wed Mar  5 00:17:12 2014] <Cale> Yeah, I haven't thought it through too well :)
[Wed Mar  5 00:17:41 2014] <Cale> But it seems like it would be the right thing in many cases, given that the parameters are already supposed to be implicit
[Wed Mar  5 00:18:01 2014] <Cale> (obviously auto-inserting _'s for non-implicit parameters would be confusing!)
[Wed Mar  5 14:45:42 2014] <joe9> what is reflexivity? google search does not seem to help? I am trying to learn coq from here: https://www.kevinjsullivan.com/lets-start-at-the-very-beginning and could not understand what reflexivity is.
[Wed Mar  5 14:45:46 2014] <joe9> any thoughts, please?
[Wed Mar  5 14:46:00 2014] <joe9> Or, is there a better place to learn coq from?
[Wed Mar  5 14:48:08 2014] <Ptival> joe9: in general, reflexivity is a property of a relation, that says that an element is related to itself
[Wed Mar  5 14:48:22 2014] <ezyang> the reflexivity tactic solves goals of the form 'a = a'
[Wed Mar  5 14:48:25 2014] <Ptival> the common example is the fact that a thing is always equal to itself
[Wed Mar  5 14:49:47 2014] <joe9> Ptival: ezyang thanks.
[Wed Mar  5 14:57:37 2014] <joe9> I do not have a math background. just wanted to check if there are any good coq tutorials or if this is my best bet: https://www.kevinjsullivan.com/lets-start-at-the-very-beginning
[Wed Mar  5 14:58:35 2014] <rmk0> joe9: http://www.cis.upenn.edu/~bcpierce/sf/
[Wed Mar  5 15:03:22 2014] <ezyang> ditto SF. It is a very gentle introduction.
[Wed Mar  5 15:20:52 2014] <joe9> rmk0: ezyang thanks.
[Wed Mar  5 15:49:44 2014] <joe9> for a beginner, is it recommended to use coqide or emacs/proof general. I have both working. Just want to check if there is a "better for beginner" one.
[Wed Mar  5 15:57:47 2014] <ystael> joe9: if you are already an emacs user, definitely proof general.  if not, a little harder to say, but when i tried to use coqide it was not a great editor experience.
[Wed Mar  5 15:58:07 2014] <ystael> i hate mice though
[Wed Mar  5 16:02:01 2014] <joe9> ystael: yes, I use emacs. thanks, will stick with proof general.
[Wed Mar  5 16:05:01 2014] <joe9> When I make a mistake with emacs/proof general, the region becomes red (read-only). Is there any way to revert back to editing mode?
[Wed Mar  5 16:05:43 2014] <joe9> or, delete that region.
[Wed Mar  5 16:06:15 2014] <ystael> C-c C-u to back up? does that work?
[Wed Mar  5 16:08:07 2014] <joe9> ystael: yes, that helped. thanks.
[Wed Mar  5 17:21:43 2014] <joe9> error: http://codepad.org/N5Nu2ICl code, http://codepad.org/R4vVbrPQ . The error is with the second true argument of this line : Example test_orb3 (orb false true) = true.
[Wed Mar  5 17:21:50 2014] <joe9> Any thoughts on what I am missing, please?
[Wed Mar  5 17:22:15 2014] <joe9> oh, got it. sorry for the bother.
[Wed Mar  5 22:20:15 2014] <joe9> :sp
[Wed Mar  5 22:20:19 2014] <joe9> sorry for that.
[Wed Mar  5 22:55:21 2014] <joe9> Any suggestions on the basics of mathematical theorem proving. Just so that I can learn what QED, hypothesis, etc. mean.
[Wed Mar  5 22:56:19 2014] <joe9> I know high school maths, not college level maths. Just want to check if there is any book to read that can help with the terminology of mathematics theorem proving.
[Wed Mar  5 23:11:50 2014] <joe9>  would you recommend any of these: http://www.amazon.com/exec/obidos/ASIN/0471510041/ref=nosim/weisstein-20 http://www.amazon.com/exec/obidos/ASIN/047196199X/ref=nosim/weisstein-20
[Wed Mar  5 23:13:59 2014] <joe9> http://www.amazon.com/How-Prove-It-Structured-Approach/dp/0521675995/ref=pd_sim_sbs_b_1?ie=UTF8&refRID=1EHRTK3XA5BFWKJE7QHV or this.
[Wed Mar  5 23:20:36 2014] <Ptival> these look like affiliate links :(
[Wed Mar  5 23:21:13 2014] <Ptival> oh maybe you copied the link from somewhere...
[Wed Mar  5 23:21:39 2014] <joe9> Ptival: yes, from amazon.
[Thu Mar  6 15:54:44 2014] <joe9_> Is there some functionality to show how a tactic changes the goals? I can see the end result after applying the tactic. Just want to check if there is a way to show the goal before and after.
[Thu Mar  6 16:04:35 2014] <joe9_> I am using proofgeneral but I can use coqide, if that can show these changes.
[Thu Mar  6 16:18:03 2014] <joe9_> got it, the coq window has that info.
[Thu Mar  6 16:18:25 2014] <Ptival> hmmm not really :\
[Thu Mar  6 16:18:31 2014] <Ptival> info tactic. maybe?
[Thu Mar  6 17:01:31 2014] <joe9_> Ptival: could not find "info tactic" with M-x. Is that what you meant?
[Thu Mar  6 17:14:22 2014] <Ptival> no I meant the tactic modifier "info"
[Thu Mar  6 17:14:28 2014] <Ptival> but it won't do what you want anyway
[Thu Mar  6 17:14:57 2014] <Ptival> joe9: I believe the only way to do what you want is to go back and forth applying the tactic
[Thu Mar  6 20:06:56 2014] <joe9> Ptival: ok, thanks.
[Thu Mar  6 20:20:03 2014] <Hodapp> looking at the excluded middle definition from Logic.v of SF (forall P:Prop, P \/ ~P)... but not understanding how to actually *use* this definition
[Thu Mar  6 20:21:22 2014] <Hodapp> it looks like I should be able to apply it to some proposition and use inversion to get two subgoals, one for P and one for ~P
[Thu Mar  6 20:21:27 2014] <Hodapp> but I don't know how to achieve that
[Thu Mar  6 20:36:09 2014] <Hodapp> also... http://lpaste.net/100812 - I thought anything resembling P1 \/ P2 was a disjunctive pattern with two branches? What is going on here?
[Thu Mar  6 20:37:59 2014] <joe9> is this correct: http://codepad.org/8TS434ut ? this is an Exercise problem from sf.
[Thu Mar  6 20:38:18 2014] <Hodapp> joe9: another fellow working through SF?!
[Thu Mar  6 20:38:37 2014] <joe9> seems to be the best book I could find.
[Thu Mar  6 20:38:42 2014] <joe9> Hodapp: ^^
[Thu Mar  6 20:38:56 2014] <Hodapp> I'm told it's a good book, I'm just surprised by how many people come through here working with it
[Thu Mar  6 20:39:19 2014] <Hodapp> I'm working through SF too but I'm further along so I don't suppose you'd be able to help
[Thu Mar  6 20:39:28 2014] <joe9> Hodapp: have you checked out these? http://www.cs.uoregon.edu/research/summerschool/summer12/curriculum.html  http://www.seas.upenn.edu/~cis500/current/index.html
[Thu Mar  6 20:39:39 2014] <joe9> I checked them out, but, was not sure how useful they are.
[Thu Mar  6 20:40:44 2014] <Hodapp> your exercise solution looks good to me
[Thu Mar  6 20:41:34 2014] <Hodapp> that first link is how I found SF
[Thu Mar  6 20:45:37 2014] <Hodapp> oh, I think my issue with that paste is not the inversion but how I was trying to do it
[Thu Mar  6 21:13:22 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Logic.html#lab221 this one is seriously throwing me for a loop. I can't use 'rewrite' with their equality definition and I really can't find anything else I can do either
[Thu Mar  6 21:17:50 2014] <Hodapp> waitaminute... if I do 'inversion' on x = y, then I get another hypothesis of x = y, yet this latter one I can use 'rewrite' on. That does not make much sense... is it using another definition there?
[Thu Mar  6 21:31:50 2014] <joe9_>   this exercise http://codepad.org/wNcVGJm6 suddenly jumped to a lemma.
[Thu Mar  6 21:32:15 2014] <joe9_> without teaching how to prove a lemma, etc.
[Thu Mar  6 21:32:43 2014] <ezyang> Lemmas are just other theorems
[Thu Mar  6 21:33:37 2014] <joe9_> ezyang: I do not want the solution for this exercise. Can you please guide me on how to go about solving it.
[Thu Mar  6 21:33:52 2014] <joe9_> should I first prove (andb b c = orb b c)?
[Thu Mar  6 21:33:57 2014] <joe9_> that is the hypothesis.
[Thu Mar  6 21:34:07 2014] <joe9_> I can just use intros and it goes to the assumption.
[Thu Mar  6 21:34:21 2014] <joe9_> this is how I am going about it. http://codepad.org/YMARVtJx
[Thu Mar  6 21:35:03 2014] <joe9_> but, it does not seem to be correct as I get stuck with  http://codepad.org/0miAhQcS second subgoal is unprovable.
[Thu Mar  6 21:35:38 2014] <ezyang> joe9_: Hint: is the hypothesis impossible?
[Thu Mar  6 21:37:22 2014] <joe9_>  ezyang: yes, I think the hypothesis is impossible as the second goal seems a valid value, but, it is not equal.
[Thu Mar  6 21:37:43 2014] <joe9_> andb true false = orb true false -> true = false -- is impossible.
[Thu Mar  6 21:38:03 2014] <ezyang> From falsity you can conclude anything
[Thu Mar  6 21:38:51 2014] <joe9_> ezyang: I do not understand.
[Thu Mar  6 21:39:52 2014] <ezyang> I can prove '1 = 0 -> 2 = 4'
[Thu Mar  6 21:40:24 2014] <ezyang> Do you know how to use the 'contradiction' tactic yet?
[Thu Mar  6 21:40:55 2014] <joe9_> ezyang: no. It does not seem to have been covered yet.
[Thu Mar  6 21:41:38 2014] <ezyang> Hmmk
[Thu Mar  6 21:41:52 2014] <joe9_> http://www.cis.upenn.edu/~bcpierce/sf/Basics.html is the lesson
[Thu Mar  6 21:41:58 2014] <joe9_> and there is nothing in there with contradiction.
[Thu Mar  6 21:42:31 2014] <ezyang> Basically, your proof approach requires use of contradiction
[Thu Mar  6 21:43:14 2014] <joe9_> ezyang: ok, thanks. I will try the exercise after the next chapter then.
[Thu Mar  6 22:09:47 2014] <joe9_> code: http://codepad.org/75x0S8uC error: Toplevel input, characters 20-30: Error: No interpretation for string "b = true".
[Thu Mar  6 22:10:03 2014] <joe9_> In here http://www.cis.upenn.edu/~bcpierce/sf/Induction.html, it seems to work fine.
[Thu Mar  6 22:14:06 2014] <joe9_> http://stackoverflow.com/questions/19212951/coq-error-when-trying-to-use-case-example-from-software-foundations-book got it here.
[Fri Mar  7 02:56:52 2014] <keep_learning> Hello everyone.
[Fri Mar  7 02:57:22 2014] <keep_learning> I am learning Coq for CPDT and tried the code http://lpaste.net/100826
[Fri Mar  7 02:57:28 2014] <keep_learning> but getting error.
[Fri Mar  7 02:57:52 2014] <keep_learning> It's the same code given on page 49
[Fri Mar  7 02:58:40 2014] <ezyang> Looks like a bug in the code; you need to pass T to Cons and app
[Fri Mar  7 02:58:46 2014] <ezyang> As they are not implicit arguments
[Fri Mar  7 02:59:47 2014] <keep_learning> ezyang: Thank you.
[Fri Mar  7 03:03:17 2014] <keep_learning> ezyang: By setting the Set Implicit Arguments, it pass the type arguments under the hood ?
[Fri Mar  7 03:05:37 2014] <ezyang> yes, that's right.
[Fri Mar  7 07:40:16 2014] <roosbeef> anyone worked with canonical structures?
[Fri Mar  7 09:20:48 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Logic.html#lab222 - they say of 'sumbool', "The only difference is that values of [sumbool] are declared to be in [Set] rather than in [Prop]; this is a technical distinction that allows us to compute with them."
[Fri Mar  7 09:20:58 2014] <Hodapp> what do they mean there?
[Fri Mar  7 09:44:30 2014] <roosbeef> ianjneu, around perhaps?
[Fri Mar  7 10:24:14 2014] <Ptival> Hodapp: sumbool returns in Set, so they will not be erased at runtime, which allows you to inspect them to build values in Set
[Fri Mar  7 10:25:36 2014] <Hodapp> Ptival: Props are erased at runtime?
[Fri Mar  7 11:37:35 2014] <Ptival> Hodapp: at extraction should I say
[Fri Mar  7 11:38:37 2014] <Hodapp> But if extraction is never performed here (if you're referring to what I think you are), it seems unlikely that that's what the author is talking about
[Fri Mar  7 11:38:43 2014] <Hodapp> when he says 'allows us to compute with them'
[Fri Mar  7 11:40:24 2014] <Ptival> Hodapp: in order to allow this feature of not extracting Prop things, the system enforces a policy that you never compute over Prop things in the process of building Set things
[Fri Mar  7 11:41:06 2014] <Hodapp> Ptival: but in the context of Coq, what does 'compute over' mean?
[Fri Mar  7 11:41:24 2014] <Ptival> for instance, pattern matching
[Fri Mar  7 11:41:43 2014] <Hodapp> ahh, so, one can never pattern match on a proposition?
[Fri Mar  7 11:41:56 2014] <Hodapp> or, a Prop specifically
[Fri Mar  7 11:41:57 2014] <Ptival> you can, but only in order to build other propositions
[Fri Mar  7 11:42:24 2014] <Hodapp> hmmmmm
[Fri Mar  7 11:42:44 2014] <Ptival> you cannot pattern match on propositions to build computationally-relevant terms, because the propositions are meant to disappear and the term could not compute without the proposition
[Fri Mar  7 11:43:33 2014] <Hodapp> what are 'computationally-relevant terms'?
[Fri Mar  7 11:43:44 2014] <Hodapp> and when you say 'meant to disappear' is this manifest anywhere besides extraction?
[Fri Mar  7 11:43:59 2014] <Ptival> in Coq, the things in Set
[Fri Mar  7 11:44:43 2014] <Ptival> and no, I think they disappear at extraction, but that still has consequences for you even if you don't plan to extract your code
[Fri Mar  7 11:44:56 2014] <Hodapp> this is the first I've seen Set thus far in the SF book
[Fri Mar  7 11:45:03 2014] <Ptival> ok
[Fri Mar  7 11:45:12 2014] <Hodapp> so I'm trying to make sense of what they're doing
[Fri Mar  7 11:45:35 2014] <Ptival> sure
[Fri Mar  7 11:45:38 2014] <Hodapp> but it appears that for a Prop in general you cannot 'introspect' on it in any way... is that right?
[Fri Mar  7 11:45:51 2014] <Hodapp> where pattern matching is a sort of introspection I guess
[Fri Mar  7 11:46:00 2014] <Ptival> well you can inspect them in the context of other proofs
[Fri Mar  7 11:46:38 2014] <Ptival> but you should not try to inspect them in the context of "computations", because you agreed with the system that you would not do that when you declared something in Prop
[Fri Mar  7 11:46:47 2014] <Hodapp> but is extraction here pretty specifically what it does when you're turning the code to Haskell, Scheme, or ML?
[Fri Mar  7 11:47:19 2014] <Ptival> yes
[Fri Mar  7 11:48:06 2014] <Ptival> the idea is that proofs are only here to make sure everything is fine, but you don't really want to run them everytime you run your code because they are usually computationally-intensive
[Fri Mar  7 11:48:50 2014] <Ptival> so by enforcing this phase distinction between things meant to be computed and things meant to be checked once for all, the system can then produce code that contains only the things that matter
[Fri Mar  7 11:49:53 2014] <Ptival> you'll see later that Prop has a few other features I guess, but for now you can think of it as a contract between you and Coq to mean "I'll only inspect Prop things to build other Prop things, never to build Set things"
[Fri Mar  7 11:50:38 2014] <Hodapp> ahh, okay
[Fri Mar  7 12:04:51 2014] <roosbeef> isnt the point of canonical structures automatic type inference?
[Fri Mar  7 12:05:41 2014] <roosbeef> (this is unrelated to the above, but im currently scratching my head about something to do with canonical structures)
[Sat Mar  8 00:41:34 2014] <jrw> joe9_: yes, but first: what don't you like about it?
[Sat Mar  8 00:45:45 2014] <joe9_> jrw, seems too long.
[Sat Mar  8 00:46:05 2014] <jrw> joe9_: right, I'd say the repetitiveness of it is what's annoying.
[Sat Mar  8 00:46:06 2014] <joe9_> and, I am sure there is a better way than brute-force'ing all the values.
[Sat Mar  8 00:46:44 2014] <jrw> joe9_: so one way would be to use other properties you might already have of orb and andb
[Sat Mar  8 00:46:53 2014] <joe9_> jrw, btw, I cannot figure this out: http://codepad.org/GEJmbqvT
[Sat Mar  8 00:46:58 2014] <joe9_> any hints, please?
[Sat Mar  8 00:47:01 2014] <jrw> in this case though, I'd recommend sticking with the brute force approach
[Sat Mar  8 00:47:09 2014] <joe9_> jrw, ok, thanks.
[Sat Mar  8 00:47:14 2014] <jrw> iirc, SF hasn't introduced the semicolon operator yet
[Sat Mar  8 00:47:22 2014] <joe9_> yes, it has not.
[Sat Mar  8 00:47:23 2014] <jrw> but this is a great example of why its useful
[Sat Mar  8 00:47:52 2014] <jrw> your whole proof can be reduced to "destruct b, c; simpl; reflexivity"
[Sat Mar  8 00:48:07 2014] <jrw> and even the simpl isn't necessary
[Sat Mar  8 00:48:07 2014] <joe9_>  oh, ok. thanks.
[Sat Mar  8 00:48:23 2014] <joe9_> ok, then I will not bother with that.
[Sat Mar  8 00:48:48 2014] <joe9_> Can you please give some hints about mult_plus_distr_r?
[Sat Mar  8 00:48:52 2014] <jrw> joe9_: for your other question, how did you decide to induct on p?
[Sat Mar  8 00:49:14 2014] <joe9_> seemed easier than inducting on n or m.
[Sat Mar  8 00:50:00 2014] <jrw> joe9_: why?
[Sat Mar  8 00:50:26 2014] <joe9_> jrw, you are correct. inducting on n is getting somewhere. let me try that.
[Sat Mar  8 00:50:35 2014] <jrw> joe9_: yep, that's going to be the right choice
[Sat Mar  8 00:50:46 2014] <jrw> generally speaking you want to induct on the variable that occurs as the structurally recursive argument to the functions your reasoning about
[Sat Mar  8 00:51:12 2014] <jrw> in this case, both + and * are defined by matching over their first argument, so n is a good choice
[Sat Mar  8 00:52:28 2014] <joe9_> jrw, ok, thanks.
[Sat Mar  8 00:52:38 2014] <jrw> joe9_: that's not to say you couldn't get the induction to go through over p, just that it would be harder. you'll need lots of lemmas describing the behavior of + and * when their second argument is of the form "S x"
[Sat Mar  8 00:52:53 2014] <jrw> might be an interesting exercise to do the proof that way
[Sat Mar  8 00:54:29 2014] <joe9_> http://codepad.org/bqIak4Sk stuck here. I will take a break and continue this tomorrow. I cannot seem to think.
[Sat Mar  8 00:56:33 2014] <joe9_> jrw, sorry for the bother today.
[Sat Mar  8 00:56:53 2014] <jrw> joe9_: np, that's what irc is for :)
[Sat Mar  8 00:58:15 2014] <jrw> joe9_: don't do the second induction on m. rewrite by IHn immediately and look at the resulting goal. it should remind you of something...
[Sat Mar  8 01:57:16 2014] <anderslundstedt> why does coercions have the following effect on the printing of notations? http://pastebin.com/7wsVhEfj
[Sat Mar  8 08:06:51 2014] <roosbeef> so ive got this data type, 'fletter' and an order on fletter called 'fl_compare'
[Sat Mar  8 08:08:05 2014] <roosbeef> im trying to construct the following data type: list fletter such that for all elements x,y of this list, fl_compare x y = Eq
[Sat Mar  8 08:09:18 2014] <roosbeef> heres my attempt so far: https://privatepaste.com/9e950c60ce
[Sat Mar  8 08:10:23 2014] <roosbeef> been trying to use canonical structure, but to be honest i dont see its added value for my purposes. But perhaps im not applying it properly..
[Sat Mar  8 08:22:38 2014] <roosbeef> any ideas?
[Sat Mar  8 10:02:22 2014] <roosbeef> brb
[Sat Mar  8 11:31:11 2014] <roosbeef> is there a way to take a currently existing data type, such as list, and impose additional constraints upon it?
[Sat Mar  8 11:32:20 2014] <copumpkin> a sigma, but then you need to unwrap it
[Sat Mar  8 11:32:46 2014] <roosbeef> with existT, right?
[Sat Mar  8 11:57:33 2014] <roosbeef> brb
[Sat Mar  8 11:57:43 2014] <roosbeef> library closing
[Sat Mar  8 12:10:20 2014] <joe9_> jrw, that helped. thanks.
[Sat Mar  8 13:11:52 2014] <Hodapp> interesting. this Logic.v section that explains that their use of 'Definition' rather than 'Proof', and 'Set' rather than 'Prop', in order to have the proposition (in some sense) contain evidence, reminds me somewhat of http://existentialtype.wordpress.com/2011/03/15/boolean-blindness/ where he talks about why not to use booleans
[Sat Mar  8 13:20:59 2014] <Hodapp> so I suppose the original Prop is, what, encoded in the existence of a well-founded 'sumbool' term?
[Sat Mar  8 13:44:27 2014] <Cale> Hodapp: Prop is very much like Set/Type, but it's designed to interact with those in such a way that terms of type Prop don't have to exist in compiled code (they can be erased). So when your goal is some type which is a Set, you're not allowed to eliminate something whose type is a Prop.
[Sat Mar  8 13:47:53 2014] <Cale> However, terms whose type is a Prop are allowed to appear in other data types, notably:  Inductive sig (A:Set) (P:A -> Prop) : Set := exist (x:A) (_:P x).
[Sat Mar  8 13:49:23 2014] <Cale> At runtime, the proofs here can be erased, but they serve as a witness at compile time that the x : A actually satisfies the property that it was supposed to.
[Sat Mar  8 13:50:44 2014] <Cale> Hodapp: Personally, I find that restriction very frustrating to work under though. It's often a very natural thing to construct a result by doing induction over the structure of the proof of some property.
[Sat Mar  8 13:51:11 2014] <Cale> (But it makes sense if you're interested in conserving memory at runtime)
[Sat Mar  8 13:52:33 2014] <Cale> Just to be clear, you *are* allowed to eliminate things whose type is a Prop when your goal is to produce something else whose type is a Prop.
[Sat Mar  8 13:53:12 2014] <Cale> So, the Props *do* carry evidence, they just don't let you access that when you're making something in a Set or Type.
[Sat Mar  8 13:54:01 2014] <Cale> (It's evidence which won't be present at runtime in compiled code)
[Sat Mar  8 13:54:32 2014] <Hodapp> 'compiled code' meaning what here?
[Sat Mar  8 13:54:48 2014] <Hodapp> Ptival was explaining it yesterday and I think he was saying something similar
[Sat Mar  8 13:55:23 2014] <Cale> Hodapp: For example, if you extract OCaml or Haskell code
[Sat Mar  8 13:55:34 2014] <Hodapp> ah, so it's referring specifically to extraction?
[Sat Mar  8 13:56:17 2014] <Cale> Perhaps also coqc, but I don't know the details there
[Sat Mar  8 13:56:35 2014] <Cale> (In fact, I don't *really* know the details in any case :D)
[Sat Mar  8 13:57:09 2014] <Cale> But yeah, the intention is that when you compile Coq code to something else, it should be at least possible to erase all the Props.
[Sat Mar  8 13:59:13 2014] <Hodapp> I've yet to get to anything of the 'extraction' part of Coq
[Sat Mar  8 15:18:34 2014] <roosbeef> copumpkin, do you have any examples of how to use "a sigma" to put constraints on a list to build a new data type? (eg. a list of elements that relate to one another in some particular way)
[Sat Mar  8 15:19:57 2014] <roosbeef> using a sigma is the only way to do that? I thought i had something working (basically the list contains only elements that are equivalent by some order) but i had to prove the equivalence for each member of the list, even though the equivalence is trivial
[Sat Mar  8 15:46:28 2014] <joe9_> How do I define this without using recursion? http://codepad.org/e2PihFaY from  http://codepad.org/Djg5FG3o of http://www.cis.upenn.edu/~bcpierce/sf/Lists.html
[Sat Mar  8 15:54:31 2014] <joe9_> the same for this http://codepad.org/fvq4x1pw .
[Sat Mar  8 15:54:39 2014] <joe9_> the map has not been covered yet.
[Sat Mar  8 15:55:22 2014] <ystael> joe9_: you misunderstand the meaning of 'add'
[Sat Mar  8 15:55:41 2014] <ystael> it doesn't mean to add something to each element of the bag, but to add (put in) something to the bag
[Sat Mar  8 15:56:31 2014] <ystael> you should not expect to be able to define `member` without using recursion somewhere, however
[Sat Mar  8 15:56:51 2014] <ystael> that doesn't mean the recursion is explicit in the definition of `member` though
[Sat Mar  8 15:57:15 2014] <ystael> the question you should ask yourself is, do you already have functions defined which carry out the recursive operation, and which you can delegate to?
[Sat Mar  8 16:00:00 2014] <joe9_> ystael: oh, ok.
[Sat Mar  8 16:06:12 2014] <joe9_> ystael: thanks, I figured it out.
[Sat Mar  8 16:06:21 2014] <joe9_> your explanation helped.
[Sat Mar  8 16:06:32 2014] <ystael> np, good luck
[Sat Mar  8 19:09:31 2014] <begriffs> Hello, I'm new to Coq and getting stuck. I created a bool type and am using "Example" to check that some truth tables work on the type, but "Proof. reflexivity. Qed." isn't cutting it. Coq thinks there's a subgoal remaining. What am I don't wrong? I'm working from this book: http://www.cis.upenn.edu/~bcpierce/sf/Basics.html#slide-4
[Sat Mar  8 19:10:21 2014] <Ptival> begriffs: what is the theorem you're trying to prove?
[Sat Mar  8 19:10:53 2014] <begriffs> Example test_orb: (orb true false) = true.
[Sat Mar  8 19:11:16 2014] <begriffs> The first example in the page I linked.
[Sat Mar  8 19:12:20 2014] <begriffs> Here's a gist with my code and coq's output https://gist.github.com/begriffs/9441011
[Sat Mar  8 19:12:21 2014] <Ptival> hmm this one should work by reflexivity :\
[Sat Mar  8 19:13:14 2014] <Ptival> begriffs: I think your display might not have updated correctly
[Sat Mar  8 19:13:23 2014] <Ptival> can you go back/forth the Qed.?
[Sat Mar  8 19:13:50 2014] <begriffs> Hm, I'm using vim with a plugin to run things through coqtop. Maybe I should try with the coqide to double check
[Sat Mar  8 19:14:23 2014] <begriffs> Oh, it works in coqide. Hmm, frustrating.
[Sat Mar  8 19:15:19 2014] <Ptival> are you using Coquille?
[Sat Mar  8 19:16:00 2014] <begriffs> I'm on a mac and using https://github.com/eagletmt/coqtop-vim
[Sat Mar  8 19:16:25 2014] <begriffs> The thing that worked however was "Coq Proof Assistant 8.4"
[Sat Mar  8 19:18:33 2014] <Ptival> https://github.com/the-lambda-church/coquille this could be an alternative
[Sat Mar  8 19:27:17 2014] <begriffs> Ptival: thank you, I'll give that a try. This irc channel is surprisingly active!
[Sat Mar  8 19:35:09 2014] <begriffs> Yep, Coquille works. Just need to find a way to change the nasty highlight color. :)
[Sat Mar  8 19:39:10 2014] <joe9> http://codepad.org/UFGE6YMz can anyone please help with this? I seem to be stuck. It is from here: http://www.cis.upenn.edu/~bcpierce/sf/Lists.html Exercise: 3 stars (list_exercises)
[Sat Mar  8 19:41:36 2014] <Ptival> joe9: it'd be nice if you posted the goal on which you're stuck in comments
[Sat Mar  8 19:45:30 2014] <joe9>  Ptival: sure, http://codepad.org/qWeBjThc
[Sat Mar  8 19:46:06 2014] <joe9> Ptival: if I add a simple, I get this: http://codepad.org/jHoligbo
[Sat Mar  8 19:51:25 2014] <Ptival> joe9: I'd prove a side lemma about rev of snoc
[Sat Mar  8 19:52:12 2014] <joe9> Ptival: makes sense. thanks.
[Sat Mar  8 21:21:40 2014] <begriffs> Do I have to include a module or something to get access to the "admit" tactic? I'm getting "Error: The reference admit was not found in the current environment."
[Sat Mar  8 23:37:48 2014] <Ptival> hmm no it's standard
[Sat Mar  8 23:37:59 2014] <Ptival> are you sure you're in a proof setting? :)
[Sat Mar  8 23:38:28 2014] <Ptival> begriffs: ^
[Sat Mar  8 23:52:14 2014] <joe9> Ptival: got it. thanks. http://codepad.org/R44bdHKf
[Sat Mar  8 23:55:45 2014] <Ptival> joe9: looks good
[Sun Mar  9 12:51:30 2014] <Igloo> Has anyone got any suggestions for how I can make progress on this please? http://paste.debian.net/86578/
[Sun Mar  9 14:11:30 2014] <joe9> Any help on how to do this, please? problem: http://codepad.org/RRSTW8nJ  from http://www.cis.upenn.edu/~bcpierce/sf/Lists.html. My partial try: http://codepad.org/zourb5Rq , goal: http://codepad.org/yTcYLLx4
[Sun Mar  9 15:17:34 2014] <joe9> From what I am learning from coq, this is my opinion. Please correct me if I am wrong. "It is hard for unit tests to cover all possible scenarios, whereas when we write a proof, we cover for all possible scenarios." -- Is this correct/
[Sun Mar  9 15:17:37 2014] <joe9> s,/,?,
[Sun Mar  9 15:25:31 2014] <Hodapp> joe9: I wouldn't say it's just hard for unit tests to cover all possible scenarios, I'd say it's impossible.
[Sun Mar  9 15:26:01 2014] <Hodapp> joe9: Or, as Dijkstra put it, "Testing shows the presence, not the absence of bugs."
[Sun Mar  9 15:45:01 2014] <ziman> you can also go for partial correctness -- not proving everything totally correct but just preserving the most important invariants
[Sun Mar  9 15:45:46 2014] <ziman> this already helps a lot and is easy to get in expressively typed languages
[Sun Mar  9 15:49:39 2014] <ijp> hodapp: don't forget the knuth quote "beware of bugs in the above code, I have only proven it correct, not tested it"
[Sun Mar  9 15:51:06 2014] <joe9> so "proven program does not cover for all possible scenarios"?
[Sun Mar  9 16:12:03 2014] <gdsfh> joe9: what you prove is what you get.  Sometimes one can overlook an important property of code, forget to prove it, and code may disregard this property.
[Sun Mar  9 16:12:09 2014] <gdsfh> as [a silly] example, one can prove that [List.append x y] returns list that contains all elements of [x] and [y].
[Sun Mar  9 16:12:12 2014] <gdsfh> but also it's possible to prove that [List.append x y] returns list, where [x]'s elements are going in an order they are in [x] list, and then [y]'s elements in order.
[Sun Mar  9 16:16:15 2014] <gdsfh> proofs are a bit like tests: there was a case when i found a logic error in my code, then i added proof that proves absence of this error.  so this proof guarantees i have no this error (even if i modify function's code later), and makes my development more trustworthy.
[Sun Mar  9 16:16:22 2014] <Ptival> yeah I've had times where I proved a property, only to realize that it did not mean exactly what I thought it did
[Sun Mar  9 16:20:41 2014] <jdoles> Ptival: this is a common argument against proving in general.
[Sun Mar  9 16:20:51 2014] <jdoles> Ptival: a flawed argument, obviously.
[Sun Mar  9 16:21:23 2014] <Rc43> Hello.
[Sun Mar  9 16:22:22 2014] <Rc43> I am have main project folder "src" and subfolder "sub". Can I import src/Upper.v in src/sub/Lower.v?
[Sun Mar  9 16:24:23 2014] <gdsfh> jdoles: personally i'm not against either proving or testing, but do you really think you are always be able to catch all important properties of your code?  What about human factor?
[Sun Mar  9 16:24:52 2014] <Ptival> jdoles: yeah it is obviously flawed in that if you don't understand what you're talking about you're in trouble in any setting
[Sun Mar  9 16:26:00 2014] <Ptival> Rc43: this has to do with you coq-loadpath
[Sun Mar  9 16:26:34 2014] <Rc43> Ptival, oh, thanks
[Sun Mar  9 16:32:34 2014] <jdoles> gdsfh: practically speaking it's valuable to know what to prove and what not for a specific service.
[Sun Mar  9 16:33:31 2014] <jdoles> gdsfh: but theoretically getting 100% is certainly possible.
[Sun Mar  9 16:33:42 2014] <gdsfh> jdoles: for tests too, obv.
[Sun Mar  9 16:34:01 2014] <jdoles> gdsfh: sure, but you are much less certain then of its correctness.
[Sun Mar  9 16:34:19 2014] <jdoles> gdsfh: and I think the main advantage for proofs is that you don't need to trust someone else anymore.
[Sun Mar  9 16:34:41 2014] <jdoles> gdsfh: if someone has just written a bunch of tests there is no guarantee it's completely solid.
[Sun Mar  9 16:35:24 2014] <gdsfh> i know this.  Also when someone has written a bunch of proofs.  But why it's an argument against proving?  It's also against testing.
[Sun Mar  9 16:35:26 2014] <jdoles> gdsfh: I think it's a *huge* productivity improvement that one no longer needs to see a computing system as a system but as an idealized mathematical machine.
[Sun Mar  9 16:36:13 2014] <jdoles> gdsfh: you mean the thing I talked about before?
[Sun Mar  9 16:36:27 2014] <gdsfh> yes, about common argument.
[Sun Mar  9 16:36:47 2014] <jdoles> gdsfh: the argument goes like this: humans might make a mistake in the specification and thus they prove the wrong thing and hence there is still a bug in the final product.
[Sun Mar  9 16:36:49 2014] <gdsfh> about other things you wrote -- i agree completely.
[Sun Mar  9 16:37:04 2014] <jdoles> gdsfh: like I said: it's a flawed argument.
[Sun Mar  9 16:37:31 2014] <jdoles> gdsfh: however some people without university backgrounds (or bad university backgrounds) are also walking around on this planet.
[Sun Mar  9 16:37:44 2014] <jdoles> gdsfh: and they are just fueled by ignorance.
[Sun Mar  9 16:41:15 2014] <gdsfh> ah, i understood your point.  symmetric flawed arguments could be used by both sides of "proofs vs tests" holywar.
[Sun Mar  9 16:43:16 2014] <gdsfh> lol, i had only 11 years of school education.  (now i'm 31.)  and i use proofs everywhere i can, because i know their power.
[Sun Mar  9 16:47:37 2014] <Ptival> well, it's a real concern, but it does not constitute an argument against proving
[Sun Mar  9 17:34:07 2014] <Igloo> OK, I made a boiled-down standalone version of my problem. Could anyone help me with proving http://paste.debian.net/86657/ please?
[Sun Mar  9 17:36:56 2014] <ezyang> That's weird, seems to me it should just work
[Sun Mar  9 17:41:07 2014] <Igloo> Well, that would be nice...  :-)
[Sun Mar  9 18:10:09 2014] <jrw> Igloo: maybe you meant to mark "ps" as the structural argument using "{struct ps}"?
[Sun Mar  9 18:13:18 2014] <Igloo> jrw: Aha, ta
[Sun Mar  9 18:50:44 2014] <joe9> gdsfh: about using proofs everywhere. which programming language do you use? Do you do so even for general programs?
[Sun Mar  9 18:50:54 2014] <joe9> such as maybe a webscraper, etc.
[Sun Mar  9 19:15:56 2014] <gdsfh> joe9: "everywhere _i can_".  Most of my code have no proofs/tests at all.  I have proofs for some Coq code (extracted to OCaml), OCaml code (manually, by direct translation from Coq to OCaml), some C code (with not so direct translation).  Usually I prove critical code, it's small, and properties are known beforehand.
[Sun Mar  9 19:16:20 2014] <gdsfh> but proving is acceptable for general programs for end-users too, for example, http://goto.ucsd.edu/quark/ (i didn't participate in this project, just for clarity)
[Sun Mar  9 19:22:20 2014] <ziman> the difference to testing may lie in the fact that for tests, you need their whole code to assess their correctness/completeness; for proofs, you only need to read their statements (types)
[Sun Mar  9 19:22:29 2014] <ziman> (*also lie)
[Mon Mar 10 01:36:12 2014] <begriffs> While learning coq I've been creating some simple arithmetic functions. They operate on my custom "nat" type. How can I get coq to convert arabic numerals into my type? Right now it says 'Error: The term "5" has type "Datatypes.nat" while it is expected to have type "nat".'
[Mon Mar 10 08:52:43 2014] <rribeiro> Hi folks... I'm with a little trouble in defining a function using dependent pattern matching. I've already defined it in Agda without any trouble, but in Coq I got stuck. Some could help me with this? The code is on the following gist: https://gist.github.com/rodrigogribeiro/9464436. The trouble is function eqVarDec, that I do not know how to express the required dependency between arguments and return type.
[Mon Mar 10 10:08:16 2014] <joe9> relevant article gdsfh http://www.reddit.com/r/netsec/comments/1lyxxr/quark_a_web_browser_with_a_formally_verified/
[Mon Mar 10 11:24:44 2014] <Rc43> Hello.
[Mon Mar 10 11:25:02 2014] <ianjneu> Rc43: hey
[Mon Mar 10 11:25:03 2014] <Rc43> Is there way to provide proof of termination for my fixpoints?
[Mon Mar 10 11:25:25 2014] <ianjneu> Which fixpoints would those be?
[Mon Mar 10 11:26:00 2014] <Rc43> Currently I have fixpoint args n {struct n} : option result, where n is only for termination checker. And I have proof that forall args exists n such that fixpoint = some result.
[Mon Mar 10 11:27:27 2014] <Rc43> I can write wrapper that takes this functions and the theorem, computes n from theorem and gives to function. But this makes unnecessary computations.
[Mon Mar 10 11:29:53 2014] <ianjneu> Try Program Fixpoint instead.
[Mon Mar 10 12:33:15 2014] <roosbeef> hi
[Mon Mar 10 12:33:29 2014] <roosbeef> so i have this proven: Lemma some_lemma : forall y, forall x, fl_lt x y -> Acc fl_lt x.
[Mon Mar 10 12:34:14 2014] <roosbeef> now im trying to use this to prove this: Lemma some_other_lemma : forall x, Acc fl_lt x
[Mon Mar 10 12:35:25 2014] <roosbeef> but somehow i cant seem to get rid of some loose ends on that
[Mon Mar 10 12:35:32 2014] <roosbeef> wait ill paste some
[Mon Mar 10 12:38:29 2014] <roosbeef> those lemmas: https://privatepaste.com/770f807238
[Mon Mar 10 12:39:21 2014] <roosbeef> current proof state: https://privatepaste.com/0ce62ece70
[Mon Mar 10 12:41:18 2014] <roosbeef> what would be the proper approach here?
[Mon Mar 10 12:56:56 2014] <ianjneu> induct on x
[Mon Mar 10 12:57:22 2014] <ianjneu> and use your lemma in the IH case(s)
[Mon Mar 10 12:57:59 2014] <roosbeef> hm
[Mon Mar 10 12:58:31 2014] <roosbeef> there is no IH case though
[Mon Mar 10 12:58:59 2014] <roosbeef> when i do that
[Mon Mar 10 12:59:24 2014] <ianjneu> x is a trivial inductive type? Acc should also then be trivial.
[Mon Mar 10 13:00:01 2014] <roosbeef> what defines a trivial inductive type?
[Mon Mar 10 13:00:17 2014] <ianjneu> no self references.
[Mon Mar 10 13:00:38 2014] <roosbeef> yea its trivial
[Mon Mar 10 13:00:53 2014] <roosbeef> what do you mean by 'Acc should be trivial'?
[Mon Mar 10 13:01:43 2014] <ianjneu> You should only have to use constructors and no induction principles, which really makes your lemma unnecessary.
[Mon Mar 10 13:02:17 2014] <roosbeef> ?
[Mon Mar 10 13:02:29 2014] <roosbeef> could you elaborate on that please
[Mon Mar 10 13:02:50 2014] <roosbeef> how can i use constructors to prove that forall x, Acc fl_lt x
[Mon Mar 10 13:03:05 2014] <ianjneu> paste your full definitions and I'll show you.
[Mon Mar 10 13:03:10 2014] <roosbeef> sure
[Mon Mar 10 13:05:40 2014] <roosbeef> https://privatepaste.com/4bfc3f87e2
[Mon Mar 10 13:16:16 2014] <ianjneu> ok got it.
[Mon Mar 10 13:16:23 2014] <ianjneu> red; intros []; intros [] []; do 3 (let H := fresh in constructor; intros [[] []] H; compute in H; try solve [destruct H]).
[Mon Mar 10 13:17:23 2014] <roosbeef> what does intros [] mean
[Mon Mar 10 13:17:42 2014] <ianjneu> let x := fresh in intro x; destruct x.
[Mon Mar 10 13:18:54 2014] <roosbeef> wow thats pretty cool :)
[Mon Mar 10 13:19:32 2014] <roosbeef> alright im going to have to take a closer look at this
[Mon Mar 10 13:19:35 2014] <roosbeef> thanks very much! :)
[Mon Mar 10 13:29:26 2014] <roosbeef> why do 3?
[Mon Mar 10 13:31:05 2014] <roosbeef> nevermind
[Mon Mar 10 13:35:11 2014] <ianjneu> fletter, letter, acute.
[Mon Mar 10 14:20:05 2014] <joe9> need help with this? I think simpl is doing something wrong here. partial proof: http://codepad.org/FlsEy69Q , goal: http://codepad.org/9bCiwpTO . But, when I do simpl now, it gives me this as the goal: http://codepad.org/Ymg7jp7W <- this is not correct.
[Mon Mar 10 14:20:15 2014] <joe9> Any thoughts on what I could be missing, please?
[Mon Mar 10 14:56:18 2014] <ianjneu> joe9: Your definition of rev must be wrong.
[Mon Mar 10 14:57:51 2014] <ianjneu> rev [] = [] ; rev (s :: t) = snoc (rev t) s
[Mon Mar 10 14:58:08 2014] <ianjneu> however you must have made the last snoc simply snoc t s.
[Mon Mar 10 15:10:09 2014] <joe9> ianjneu: thanks. you are correct. that was my mistake. Thanks again.
[Mon Mar 10 15:25:25 2014] <joe9> proof: http://codepad.org/CYy78A47 , goal: http://codepad.org/sxOMGrOY . adding reflexivity. to the proof gives this error: http://codepad.org/3NKKdk2q
[Mon Mar 10 15:25:34 2014] <joe9> Any thoughts on what I am missing, please?
[Mon Mar 10 15:27:11 2014] <ianjneu> destruct p; simpl.
[Mon Mar 10 15:29:12 2014] <joe9> ianjneu: thanks, that helped.
[Mon Mar 10 16:35:29 2014] <chris2> do ssreflect users never use inversion? i find no occurence for it in the sources. how would i prove an inductive definition to be decidable then?
[Mon Mar 10 18:28:25 2014] <knight-erraunt> Hi. Does anyone know how long will the website be down? (or at least is it down since a long time) ?
[Mon Mar 10 18:44:51 2014] <knight-erraunt> Hi. Does anyone know how long will the website be down? (or at least is it down since a long time) ?
[Mon Mar 10 18:48:04 2014] <joe9> proof: http://codepad.org/g2A52Z5p , goal: http://codepad.org/ccEkaSxa . Any thoughts on how to solve this, please?
[Mon Mar 10 18:50:30 2014] <jrw> joe9: I'd prove that "map f (xs ++ ys) = map f xs ++ map f ys" and the rest should be relatively straightforward.
[Mon Mar 10 18:52:32 2014] <rribeiro> Hi folks... I'm with a little trouble with dependent pattern matching. The problematic code is in the following gist:https://gist.github.com/rodrigogribeiro/9464436 . If someone could helme with some pointer on how I could define the function eqVarDec (in the gist), I would appreciate.
[Mon Mar 10 18:54:57 2014] <jrw> rribeiro: is the convoy pattern relevant here?
[Mon Mar 10 18:55:53 2014] <rribeiro> jrw: Convoy? What is this?
[Mon Mar 10 18:57:19 2014] <joe9> jrow, thanks.
[Mon Mar 10 18:57:41 2014] <jrw> rribeiro: http://adam.chlipala.net/cpdt/html/MoreDep.html
[Mon Mar 10 18:57:43 2014] <jrw> search for convoy
[Mon Mar 10 18:58:52 2014] <rribeiro> jrw: I've googled and found the same link as you provide... I'm reading it now! Thanks for the tip!
[Mon Mar 10 18:59:21 2014] <rribeiro> jrw: I've googled and found the same link as you provide... I'm reading it now! Thanks for the tip!
[Tue Mar 11 04:36:07 2014] <Rc43> Hello.
[Tue Mar 11 04:36:38 2014] <Rc43> What is the syntax for strings?
[Tue Mar 11 04:36:49 2014] <Rc43> Like "123" in other langs.
[Tue Mar 11 05:10:55 2014] <anderslundstedt> Rc43: http://pastebin.com/KnCDjvZn
[Tue Mar 11 05:11:29 2014] <anderslundstedt> String : ascii -> string -> string
[Tue Mar 11 05:13:45 2014] <Rc43> anderslundstedt, ye, I didn't open scope.
[Tue Mar 11 06:23:46 2014] <Rc43> Is there unchecked exceptions in Coq? I want to use them for my mocks.
[Tue Mar 11 06:24:14 2014] <Rc43> Now I use "Axiom error : forall {X}, X.", but not sure that this appropriate perfectly.
[Tue Mar 11 09:31:45 2014] <Rc43> Also, is it possible to "trace" Coq code?
[Tue Mar 11 10:01:54 2014] <Hodapp> 'trace' in what sense?
[Tue Mar 11 10:12:06 2014] <Rc43> Hodapp, printing strings during evaluation.
[Tue Mar 11 10:12:52 2014] <Rc43> Hodapp, E.q. "match x with | S x' => <trace "going to S"> f x' | O => <trace "going to O"> 1 end".
[Tue Mar 11 10:34:55 2014] <joe9> can someone please help me with this proof? http://codepad.org/7RR2QlSs I am stuck here: http://codepad.org/geysJ4sT
[Tue Mar 11 10:36:35 2014] <joe9> sorry, got it: http://codepad.org/jHucBOgu
[Tue Mar 11 12:12:01 2014] <jrw> joe9: so you didn't need map_app? sorry I sent you down the wrong path...
[Tue Mar 11 12:14:45 2014] <jrw> oh I see, you proved map_snoc
[Tue Mar 11 12:14:59 2014] <jrw> which is a special case
[Tue Mar 11 12:15:01 2014] <jrw> nice.
[Tue Mar 11 12:18:06 2014] <gdsfh> Rc43: tracing -- maybe this approach will work for you: https://bitbucket.org/gds/coq-breakpoints/src ?  But it's not exactly what you want.
[Tue Mar 11 12:29:54 2014] <joe9> jrw, thanks.
[Tue Mar 11 15:07:49 2014] <joe9> just wanted to check, is induction a bullet-proof way of proving theorems. Just because something works with 0 (in case of nat's), does not mean it will work for all numbers.
[Tue Mar 11 15:08:06 2014] <joe9> I am a non-math guy, please excuse if the above statement is stupid.
[Tue Mar 11 15:09:06 2014] <ystael> joe9: induction on natural numbers is true (reliable) in all sane logics
[Tue Mar 11 15:09:49 2014] <ystael> remember that the inductive step has a hypothesis: forall n, P n -> P (S n)
[Tue Mar 11 15:13:28 2014] <pordan30> the induction schema principle that if P holds for 0 and if P holds for (n + 1) whenever P holds for n, then P holds for all n. the key is the "if P holds for (n + 1) whenever..." part. if the preceding were true, but P didn't hold for all n, then there would be a least n for which it failed, say m. but then P holds for m - 1, and so for m as well. is this what you mean?
[Tue Mar 11 15:14:12 2014] <pordan30> *induction schema for a proposition P; sorry about the typo
[Tue Mar 11 15:21:17 2014] <joe9> pordan30: yes, that is along the lines of what I was trying to get to.
[Tue Mar 11 15:21:23 2014] <joe9> ystael: pordan30 thanks.
[Tue Mar 11 15:26:28 2014] <pordan30> joe9: you can also think of it like a game: suppose (a) P 0 and (b) P n -> P (n + 1) for all n. then you see if you can find a number for which P fails. if you give me 0, I invoke (a). If you give me 1, I invoke (a) and (b) once. In general, if you give me m, I invoke (a) and then (b) m times.
[Tue Mar 11 15:34:56 2014] <joe9> pordan30: induction only holds if both a and b hold. if P n -> P (n+1) does not hold, then induction does not hold. correct?
[Tue Mar 11 15:39:38 2014] <pordan30> joe9: that's right. if P n -> P (n + 1) doesn't hold, then there would be a particular m for which P fails.
[Tue Mar 11 15:39:50 2014] <pordan30> (or at least one such m)
[Tue Mar 11 15:40:04 2014] <ystael> joe9: better to say, the induction *principle* is true, but if P n -> P (n + 1) is not true, then you cannot use induction to prove forall n, P n
[Tue Mar 11 15:40:12 2014] <ystael> (this doesn't mean that forall n, P n is false!)
[Tue Mar 11 15:41:59 2014] <joe9> pordan30: ystael, ok, thanks.
[Tue Mar 11 15:43:39 2014] <pordan30> really? suppose you have a proof M that forall n, P n holds. then P n -> P (n + 1) holds since M proves P (n + 1). what am i missing?
[Tue Mar 11 21:44:44 2014] <joe9>  I am trying to figure out how to do this without using apply? http://codepad.org/2uxzknEk  , my attempt:  http://codepad.org/tUeX580V   goal: http://codepad.org/GD3G4QDZ
[Tue Mar 11 21:44:50 2014] <joe9> can anyone please help?
[Tue Mar 11 21:46:50 2014] <ezyang> Not sure, but try 'rewrite (eq2 ?? ??)', filling in the blanks appropriately
[Tue Mar 11 21:47:08 2014] <ezyang> maybe you need three arguments
[Tue Mar 11 22:17:21 2014] <joe9> ezyang: ok, thanks.
[Tue Mar 11 22:19:17 2014] <joe9> ezyang: thanks, that helped.
[Wed Mar 12 03:56:32 2014] <Rc43> Hello.
[Wed Mar 12 03:57:59 2014] <Rc43> How to print strings in convinient way?
[Wed Mar 12 04:00:21 2014] <Rc43> I have strange representation of string in list, but I can't reproduce it yet.
[Wed Mar 12 04:00:54 2014] <Rc43> My strings are represented (by Eval) in constructor-way.
[Wed Mar 12 04:01:37 2014] <Rc43> I.e. String.String "A" (String.String. "B" (.... String.EmptyString)))))
[Wed Mar 12 04:03:58 2014] <Rc43> Aah =/ IT's just because I didn't import String in one file.
[Wed Mar 12 05:08:32 2014] <Rc43> Is there option of "coqc", which increaases stack size?
[Wed Mar 12 07:46:16 2014] <roosbeef> how do i define a data type that is a list such that each element is equivalent according to some comparison function f?
[Wed Mar 12 08:43:22 2014] <chris2> is there a tactic that tries all applicable constructors if they provide a trivial solution? how could i write that?
[Wed Mar 12 11:33:27 2014] <joe9> How do I prove this, please?
[Wed Mar 12 11:33:44 2014] <joe9> I know that with rev_involutive, l = rev (rev l).
[Wed Mar 12 11:34:12 2014] <joe9> with intros, I have: http://codepad.org/1kAMyTYv
[Wed Mar 12 11:42:07 2014] <ianjneu> joe9: you've proved rev_snoc?
[Wed Mar 12 12:09:42 2014] <joe9> ianjneu: thanks. I did. let me check it.
[Wed Mar 12 12:10:54 2014] <joe9> ianjneu: I am not sure how rev_snoc can help. rev_snoc: forall (X : Type) (v : X) (s : list X), rev (snoc s v) = v :: rev s
[Wed Mar 12 12:11:21 2014] <joe9> I need to substitute the l above with rev l'.
[Wed Mar 12 12:12:11 2014] <ianjneu> joe9: did you try induction on l to prove rev_involutive?
[Wed Mar 12 12:12:30 2014] <joe9> sorry, got it. all i needed was a rewrite -> H.
[Wed Mar 12 12:12:42 2014] <joe9> sorry that I missed that.
[Wed Mar 12 12:12:46 2014] <ianjneu> np
[Wed Mar 12 12:13:11 2014] <joe9> http://codepad.org/ZG8K7MGi
[Wed Mar 12 12:50:47 2014] <joe9> in sf, the inversion tactic is confusing. www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html did anyone feel the same and is there something that helped with the confusion?
[Wed Mar 12 12:54:38 2014] <ianjneu> what about it is confusing?
[Wed Mar 12 12:55:02 2014] <joe9> it seems to prove things that are wrong.
[Wed Mar 12 12:55:11 2014] <joe9> from the examples.
[Wed Mar 12 12:55:55 2014] <ianjneu> not quite
[Wed Mar 12 12:56:49 2014] <ianjneu> It can help you use inherent properties of constructors to show your assumptions are contradictory, making the conclusion vacuously true.
[Wed Mar 12 12:57:35 2014] <ianjneu> It also allows you to decompose a value into its components (like destruct) but maintain equality information, in case you need it.
[Wed Mar 12 13:15:47 2014] <napping> If there are no remaining goals or existentials, is Guarded. enough to ensure Qed. will succeed?
[Wed Mar 12 13:29:03 2014] <ianjneu> napping: no, you can still have universe inconsistencies
[Wed Mar 12 13:32:26 2014] <napping> I'm trying to write up a few ways of proving something so it can also be stepped through in proof general
[Wed Mar 12 13:32:48 2014] <napping> I guess I'll just make separate Goals.
[Wed Mar 12 13:33:15 2014] <napping> Undo and Reset mess up navigation, and Abort doesn't tell you by itself that the Qed would actually go through
[Wed Mar 12 14:46:42 2014] <joe9> How can I write this proof using apply instead of rewrite? http://codepad.org/bji5iRe2
[Wed Mar 12 14:51:26 2014] <jrw> joe9: if you subst first can you just apply rev_invol?
[Wed Mar 12 15:17:29 2014] <ianjneu> joe9: you're using redundant syntax. You can just write rewrite H,rev_involutive.
[Wed Mar 12 15:25:16 2014] <Hodapp> SF doesn't give a lot of these shortened syntax forms
[Wed Mar 12 15:39:43 2014] <ianjneu> -> is always unnecessary
[Wed Mar 12 15:45:56 2014] <Hodapp> ianjneu: whaa? always?
[Wed Mar 12 15:51:35 2014] <joe9> jrw, ianjneu Hodapp, thanks.
[Wed Mar 12 15:52:23 2014] <joe9> can you please help me prove this: my attempt: http://codepad.org/qCqkLknz , goal: http://codepad.org/QxprlXxw
[Wed Mar 12 16:00:26 2014] <joe9> jrw, for the previous question regarding using apply instead of rewrite, this is what I get. proof: http://codepad.org/6ZrypZyU , goal: http://codepad.org/jznEUJlJ , error: http://codepad.org/nD6laGOm
[Wed Mar 12 16:23:07 2014] <joe9> jrw, forget the above question, I got it. Proof. intros. rewrite -> H. symmetry. apply rev_involutive. Qed.
[Wed Mar 12 17:26:16 2014] <roosbeef> hi
[Wed Mar 12 17:26:41 2014] <roosbeef> ive been kinda struggling with this for a couple days
[Wed Mar 12 17:26:58 2014] <roosbeef> it shouldnt be too difficult i dont think
[Wed Mar 12 17:28:47 2014] <roosbeef> how does one define a data type that is a list, where each element of that list relates to the next element by some function f (for example forall x, forall y In l, f x y = Eq)
[Wed Mar 12 17:28:50 2014] <roosbeef> ?
[Wed Mar 12 17:38:51 2014] <Ptival> hmmm I guess there could be different ways
[Wed Mar 12 17:39:03 2014] <roosbeef> im all ears :)
[Wed Mar 12 17:42:24 2014] <Ptival> in a language with induction-recursion, one could probably make it very intrinsic by having a cons constructor that does something like Cons : (x : T) -> (l : flist T) -> ((y : T) -> In y l -> f x y) -> flist T
[Wed Mar 12 17:43:13 2014] <roosbeef> is coq such a language?
[Wed Mar 12 17:43:23 2014] <Ptival> not yet, AFAIK
[Wed Mar 12 17:43:51 2014] <roosbeef> too bad, that would be quite elegant
[Wed Mar 12 17:44:36 2014] <Ptival> on the opposite side of the spectrum, a super extrinsic way would be the type {l : list T | forall a b c, l = a ++ b :: c -> (forall x, In x c -> f x b) }
[Wed Mar 12 17:45:06 2014] <roosbeef> that works in coq?
[Wed Mar 12 17:45:12 2014] <Ptival> oh wait, you only want to relate to the next
[Wed Mar 12 17:45:18 2014] <Ptival> sorry I was relating to everyone in the tail
[Wed Mar 12 17:45:20 2014] <roosbeef> well, forall is ok too
[Wed Mar 12 17:45:29 2014] <roosbeef> i thought the next would be simpler
[Wed Mar 12 17:45:39 2014] <roosbeef> its a transitive relation, so doesnt matter
[Wed Mar 12 17:45:54 2014] <Ptival> {l : list T | forall a b c d, l = a ++ b :: c :: d -> f b c }
[Wed Mar 12 17:45:57 2014] <Ptival> something like this
[Wed Mar 12 17:46:08 2014] <Ptival> but you get the idea
[Wed Mar 12 17:46:35 2014] <roosbeef> hm
[Wed Mar 12 17:46:52 2014] <roosbeef> thats a data type?
[Wed Mar 12 17:47:17 2014] <roosbeef> what are the {} for
[Wed Mar 12 17:47:42 2014] <Ptival> depending on your jargon, you might call them subset types
[Wed Mar 12 17:48:10 2014] <roosbeef> ah so basically you declare a subset of your original list by this function
[Wed Mar 12 17:48:14 2014] <Ptival> (akin to what people could call Sigma types, dependent sums, or dependent pairs)
[Wed Mar 12 17:48:21 2014] <Ptival> yeah
[Wed Mar 12 17:48:30 2014] <roosbeef> do you maybe have a working example of this?
[Wed Mar 12 17:48:34 2014] <Ptival> it basically consist of a list l, paired with a proof that it has the property you care about
[Wed Mar 12 17:49:03 2014] <roosbeef> i have tried to mess around with sigT and existT but no luck
[Wed Mar 12 17:49:03 2014] <Ptival> this is what people call the "extrinsic" approach, because the list itself does not have any property baked in
[Wed Mar 12 17:49:12 2014] <roosbeef> ahh right
[Wed Mar 12 17:49:16 2014] <Ptival> you just carry proofs around with it
[Wed Mar 12 17:49:17 2014] <roosbeef> so its like a workaround
[Wed Mar 12 17:49:21 2014] <roosbeef> hm :/
[Wed Mar 12 17:49:28 2014] <Ptival> whereas the intrinsic approach tries to make the list be correct by construction
[Wed Mar 12 17:49:40 2014] <roosbeef> and i guess what youre saying is that coq only supports these extrinsic workaround type approaches
[Wed Mar 12 17:49:50 2014] <Ptival> oh no, Coq supports both approaches
[Wed Mar 12 17:50:01 2014] <roosbeef> really? I thought you said the former wasnt supported yet
[Wed Mar 12 17:50:30 2014] <Ptival> no, I said induction-recursion was not supported yet, and has the ability to make the extrinsic approach much nicer
[Wed Mar 12 17:50:44 2014] <roosbeef> nicer how?
[Wed Mar 12 17:50:59 2014] <roosbeef> can it work without sigT and existT?
[Wed Mar 12 17:51:01 2014] <Ptival> I'm pretty sure there's always a way to get around it but it implies messing a little bit with universes
[Wed Mar 12 17:51:34 2014] <roosbeef> with universes?
[Wed Mar 12 17:51:56 2014] <Ptival> and then working with intrinsic datatypes in Coq can be a bit tedious, whereas other languages like Agda/Idris have facilities that make it a bit easier for you
[Wed Mar 12 17:52:02 2014] <Ptival> yeah
[Wed Mar 12 17:52:25 2014] <roosbeef> that way you dont have to use sigT and existT?
[Wed Mar 12 17:52:28 2014] <Ptival> the problem is that if you want to encode the property that the "rest" of the list relates to the head
[Wed Mar 12 17:52:37 2014] <Ptival> you need to force it in your Cons constructor
[Wed Mar 12 17:52:51 2014] <roosbeef> one problem i had with sigT and existT, was that i had to provide a proof of every single outcome of the subset declaring function
[Wed Mar 12 17:52:56 2014] <Ptival> and to do this you need to be able to "observe" the tail in the constructor
[Wed Mar 12 17:53:17 2014] <Ptival> but you're trying to observe the type you're currently defining, and that can be tricky
[Wed Mar 12 17:53:37 2014] <Ptival> hmmm
[Wed Mar 12 17:53:54 2014] <Ptival> what do you call the "subset declaring function"?
[Wed Mar 12 17:53:59 2014] <roosbeef> basically
[Wed Mar 12 17:54:26 2014] <roosbeef> the list consists of elements that are compared by some function f, and forall x, forall y, f x y = Eq should be the case
[Wed Mar 12 17:54:40 2014] <roosbeef> but coq wants a proof of that statement
[Wed Mar 12 17:54:52 2014] <Ptival> yes it will want a proof
[Wed Mar 12 17:54:57 2014] <roosbeef> well
[Wed Mar 12 17:55:11 2014] <roosbeef> but the proof is just "compute; trivial."
[Wed Mar 12 17:55:54 2014] <Ptival> the datatype {x : T | P x} only contains elements of the form (existT x pf) such that x has type T and pf has type P x for that x
[Wed Mar 12 17:56:21 2014] <Ptival> so to build elements you need to build the proofs
[Wed Mar 12 17:56:34 2014] <roosbeef> {} is pseudocode or does that work in coq?
[Wed Mar 12 17:56:55 2014] <Ptival> it's a notation that should be in scope by default I think
[Wed Mar 12 17:57:13 2014] <Ptival> it stands for something like (sigT (fun x => P x))
[Wed Mar 12 17:57:48 2014] <roosbeef> but what if you want to make a data type spanning over nat for example
[Wed Mar 12 17:57:54 2014] <Ptival> defined in Coq.Init.Specif http://coq.inria.fr/stdlib/Coq.Init.Specif.html
[Wed Mar 12 17:58:11 2014] <roosbeef> how can you generate such proofs automatically?
[Wed Mar 12 17:58:12 2014] <Ptival> { n : nat | odd n }
[Wed Mar 12 17:58:19 2014] <Ptival> ah!
[Wed Mar 12 17:58:30 2014] <Ptival> then you need some help from Coq :)
[Wed Mar 12 17:58:32 2014] <roosbeef> especially since the proof is just "compute; trivial; qed."
[Wed Mar 12 17:58:39 2014] <roosbeef> for all instances
[Wed Mar 12 17:58:42 2014] <Ptival> I can show you one way:
[Wed Mar 12 18:01:36 2014] <Ptival> http://paste.awesom.eu/EbEO here are ways to do so
[Wed Mar 12 18:02:47 2014] <Ptival> another way is using the Program extension of Coq that helps with separating implementation from proofs for such kinds of lightweight dependent types
[Wed Mar 12 18:03:12 2014] <roosbeef> but doesnt that still require interaction between user and coq?
[Wed Mar 12 18:03:29 2014] <Ptival> sure
[Wed Mar 12 18:03:33 2014] <roosbeef> what i meant was, is it possible for coq to automatically infer the proof without even going into proof mode
[Wed Mar 12 18:03:40 2014] <Ptival> ah!
[Wed Mar 12 18:03:50 2014] <Ptival> not always, but sometimes yes
[Wed Mar 12 18:04:00 2014] <roosbeef> in the case of such trivial proofs?
[Wed Mar 12 18:04:12 2014] <Ptival> let me think of how you could achieve this quickly :\
[Wed Mar 12 18:04:30 2014] <Ptival> getting Coq to work out proofs automatically without entering proof mode is not trivial
[Wed Mar 12 18:04:32 2014] <roosbeef> because otherwise how does one create a data type where there are dozens and dozens of combinations
[Wed Mar 12 18:04:51 2014] <roosbeef> or should one write those all out manually?
[Wed Mar 12 18:04:58 2014] <Ptival> one way I can think of is using Canonical Instances in the way described in the "proof automation less ad hoc" paper, however it's a lot of work to set up
[Wed Mar 12 18:05:12 2014] <roosbeef> haha yea i was messing around with canonical types too :p
[Wed Mar 12 18:05:22 2014] <roosbeef> and i did get it to work
[Wed Mar 12 18:05:40 2014] <roosbeef> but i couldnt get from compairing two values to comparing values in a list
[Wed Mar 12 18:06:18 2014] <Ptival> yeah it's tricky
[Wed Mar 12 18:06:26 2014] <Ptival> because of the unification mechanism
[Wed Mar 12 18:06:36 2014] <Ptival> also I feel like it might be brittle if Coq changes :(
[Wed Mar 12 18:06:45 2014] <roosbeef> haha thats ok
[Wed Mar 12 18:07:15 2014] <Ptival> the technique is really nice but some built-in support for these things would be much better than their crazy hacks to make it work :)
[Wed Mar 12 18:07:27 2014] <roosbeef> hm
[Wed Mar 12 18:07:50 2014] <roosbeef> what approach would you take in my situation?
[Wed Mar 12 18:08:00 2014] <Ptival> anyway, no I can't really think of a lightweight way to get Coq to fill your proofs for you without at least typing one tactic
[Wed Mar 12 18:08:20 2014] <Ptival> I mean, that's what Program should do for you
[Wed Mar 12 18:08:20 2014] <roosbeef> and then just perform that tactic manually a dozen times?
[Wed Mar 12 18:08:41 2014] <roosbeef> maybe i can reuse the same proof?
[Wed Mar 12 18:08:56 2014] <Ptival> well you can do refine(   program with many proof obligations as _   ); powerful_tactic_that_solves_all_obligations.
[Wed Mar 12 18:09:21 2014] <Ptival> you should take a look at Program
[Wed Mar 12 18:09:29 2014] <roosbeef> so the proof becomes part of the definition right
[Wed Mar 12 18:09:37 2014] <Ptival> but maybe some other people will have better ideas for you
[Wed Mar 12 18:09:48 2014] <Ptival> I have a slow brain right now :)
[Wed Mar 12 18:10:14 2014] <roosbeef> haha thats ok these are exactly the answers i was looking for
[Wed Mar 12 18:10:35 2014] <roosbeef> even considering that its not so simple as i was hoping is an answer in and of itself
[Wed Mar 12 18:10:57 2014] <roosbeef> its weird though because this doesnt seem like a very sophisticated data type
[Wed Mar 12 18:11:22 2014] <Ptival> yeah it is not complicated in fact
[Wed Mar 12 18:13:32 2014] <roosbeef> alright so
[Wed Mar 12 18:14:09 2014] <roosbeef> what i had working was this: https://privatepaste.com/711bbd6c17
[Wed Mar 12 18:14:18 2014] <roosbeef> but i dont like how ugly that is
[Wed Mar 12 18:14:46 2014] <roosbeef> that is what you were talking about though right?
[Wed Mar 12 18:15:36 2014] <roosbeef> its weird though, im using the same proof twice for different equalities
[Wed Mar 12 18:15:59 2014] <roosbeef> (only saw that just now)
[Wed Mar 12 18:29:06 2014] <roosbeef> alright
[Wed Mar 12 18:29:11 2014] <roosbeef> im gonna call it a day
[Wed Mar 12 18:29:19 2014] <roosbeef> thanks for hearing me out Ptival :)
[Wed Mar 12 18:29:31 2014] <roosbeef> ill try and mess around with what i had some more, perhaps its not that bad after all
[Wed Mar 12 18:32:25 2014] <Ptival> roosbeef: where's the proof used twice?
[Wed Mar 12 18:32:56 2014] <roosbeef> um
[Wed Mar 12 18:32:58 2014] <roosbeef> its 'pr'
[Wed Mar 12 18:33:31 2014] <roosbeef> if you look below its used both for eqCons a e as for eqCons a a
[Wed Mar 12 18:33:38 2014] <roosbeef> which i dont fully understand
[Wed Mar 12 18:34:37 2014] <Ptival> oh that's not weird :)
[Wed Mar 12 18:35:38 2014] <Ptival> a nice thing about your property is that it is computable
[Wed Mar 12 18:37:46 2014] <roosbeef> yea
[Wed Mar 12 18:38:07 2014] <roosbeef> but the proof only computes some other proposition right
[Wed Mar 12 18:38:46 2014] <Ptival> so your type fl_eq à à is really just computed to be the True type
[Wed Mar 12 18:38:57 2014] <Ptival> anf your proof pf is just I, the inhabitant of True
[Wed Mar 12 18:39:12 2014] <roosbeef> ok that makes sense then
[Wed Mar 12 18:39:26 2014] <Ptival> I guess what is weird is that
[Wed Mar 12 18:39:41 2014] <Ptival> fl_compare à è seems to return Eq?
[Wed Mar 12 18:39:46 2014] <roosbeef> yea
[Wed Mar 12 18:39:52 2014] <roosbeef> because they are equivalent
[Wed Mar 12 18:39:58 2014] <Ptival> ok
[Wed Mar 12 18:40:05 2014] <Ptival> well then all is well
[Wed Mar 12 18:40:10 2014] <roosbeef> yep
[Wed Mar 12 18:40:47 2014] <roosbeef> one last question how do i infer any properties from this data type?
[Wed Mar 12 18:41:14 2014] <roosbeef> for example if i know the first letter is a then i know the next letter is equivalent, how do i infer this?
[Wed Mar 12 18:41:37 2014] <roosbeef> my formulation on this question is a bit fuzzy i guess
[Wed Mar 12 18:41:44 2014] <Ptival> yeah I'm not sure what you mean
[Wed Mar 12 18:42:06 2014] <roosbeef> but what im trying to get at is that the data type is 'wrapped' by sigT and 'unwrapped' by existT, right?
[Wed Mar 12 18:42:18 2014] <Ptival> no
[Wed Mar 12 18:42:39 2014] <roosbeef> oh whats the role of those two functions then
[Wed Mar 12 18:42:44 2014] <Ptival> sigT is a type constructor
[Wed Mar 12 18:42:52 2014] <Ptival> existT is a data constructor for the type sigT
[Wed Mar 12 18:43:26 2014] <roosbeef> right so you use sigT in the data type definition
[Wed Mar 12 18:43:36 2014] <roosbeef> and existT in the declaration of some instance of that data type
[Wed Mar 12 18:46:16 2014] <Ptival> yes
[Wed Mar 12 18:46:43 2014] <roosbeef> alright ill just mess around with it a bit tomorrow, im puzzled as to im going to extract that equivalence information
[Wed Mar 12 18:46:57 2014] <roosbeef> (in proof mode, when its relevant)
[Wed Mar 12 18:47:22 2014] <roosbeef> thanks a lot for you help!
[Wed Mar 12 18:47:53 2014] <roosbeef> things have become much clearer to me :)
[Wed Mar 12 18:53:16 2014] <Ptival> cool
[Wed Mar 12 23:16:04 2014] <Cale> current goal is  S1_pmul (a @ b) 1 = S1_pmul a 1 @ S1_pmul b 1
[Wed Mar 12 23:16:10 2014] <Cale> Error: Found no subterm matching "S1_pmul a 1" in the current goal.
[Wed Mar 12 23:16:13 2014] <Cale> AUGH
[Wed Mar 12 23:16:20 2014] <Cale> Any idea what it could be?
[Wed Mar 12 23:16:39 2014] <ezyang> Try turning on printing of implicit parameters and try again
[Wed Mar 12 23:16:42 2014] <ezyang> 'Set Printing all'
[Wed Mar 12 23:17:21 2014] <Cale> aha!
[Wed Mar 12 23:17:32 2014] <Cale> That seems to help :)
[Thu Mar 13 06:09:44 2014] <Rc43> Hello.
[Thu Mar 13 06:10:07 2014] <Rc43> I found such manual http://ulm.uni.udm.ru/~budin/coq-docs-html/node.3.8.0.html with section "Realizing axioms".
[Thu Mar 13 06:10:21 2014] <Rc43> It says about command "Link" for axioms realization.
[Thu Mar 13 06:10:27 2014] <Rc43> But it seems to be outdated.
[Thu Mar 13 06:10:36 2014] <Rc43> Is there similar facility in modern Coq?
[Thu Mar 13 07:44:52 2014] <gdsfh> Rc43: "Link" -- strange, why it's noted in chapter about extraction, it's just a way to tell "let A will be nat" (as in example).  The most resembling thing in modern Coq are functors.  So, you create functor (function between modules, uses special syntax), then apply functor, providing given A, and get module where A = nat.
[Thu Mar 13 07:45:54 2014] <Rc43> gdsfh, ye, I use functors for such thing, but looked for workaround (currently I work with legacy code and lazy to refactor it).
[Thu Mar 13 07:45:58 2014] <gdsfh> Rc43: not everybody love functors; sometimes explicitly parameters (look at Section command) or typeclasses could be used, but not always.
[Thu Mar 13 07:46:08 2014] <Rc43> gdsfh, so, Link is related only to extraction?
[Thu Mar 13 07:46:48 2014] <gdsfh> Rc43: I hadn't used such old Coq versions to tell exactly.  And I wonder why Link is placed in extraction chapter of old docs.
[Thu Mar 13 07:47:32 2014] <Rc43> btw, ah, clear now
[Thu Mar 13 07:47:39 2014] <gdsfh> but if you do extraction and know that A in extracted code must be nat always, you can use modern extraction mechanism to state it.
[Thu Mar 13 07:48:06 2014] <Rc43> No, I currently don't need extraction. Just was wondering if it is extraction-only feature or not.
[Thu Mar 13 08:05:06 2014] <Rc43> gdsfh: BTW, implementing everything via modules+functors makes some problems (maybe I do it wrong). Not critical, but requires some garbage like exporting modules-parameters outside, etc.
[Thu Mar 13 08:12:19 2014] <gdsfh> Rc43: really, sometimes verbose things must be written when working with modules.  But it's not a big problem usually.  However there are records, typeclasses, you can try them out, maybe some things will look better.
[Thu Mar 13 08:12:27 2014] <Rc43> But I really don't remember were such problems caused by wrong usage or not.
[Thu Mar 13 08:12:50 2014] <Rc43> gdsfh, ye, typeclasses are fine.
[Thu Mar 13 08:13:19 2014] <Rc43> gdsfh, records -- I usually use them not for functions, but for structures only.
[Thu Mar 13 08:13:48 2014] <Rc43> BTW, are typeclasses = records + algorithms for inference of implicit arguments?
[Thu Mar 13 08:15:55 2014] <gdsfh> Rc43: records can hold not only values, but functions, types and proofs too.  They are powerful.  Typeclasses -- really, records + searching of instances, in rough words.
[Thu Mar 13 08:17:07 2014] <Rc43> Seems I again encounter situation, when I need to re-export imported modules.
[Thu Mar 13 08:17:09 2014] <Rc43> In two words: A (E) -> B (E) -> C (E).
[Thu Mar 13 08:17:30 2014] <Rc43> E -- parameter for A, B, C, which are functors, which use themselves in linear order.
[Thu Mar 13 08:17:54 2014] <Rc43> Like "Module B (E : ...). Import A (E). Export A (E).".
[Thu Mar 13 08:18:21 2014] <Rc43> Not big problem though.
[Thu Mar 13 08:22:40 2014] <Rc43> Also, is there way to declare "Variable X : ..." such way, that after "End Section." it will become implicit argument (not explicit)?
[Thu Mar 13 08:26:39 2014] <gdsfh> Rc43: about modules: Import A(E) really works?  I have complain "Syntax error: '.' expected after".  If you have no intersections between A and B, you can use "Include A(E)" in functor B, it: 1. includes all A(E) elements in B, 2. exports them.  With intersections, "Module Export AE := A(E). Import AE." may help.
[Thu Mar 13 08:28:35 2014] <Rc43> gdsfh, ah, no :) I shortened it. Must be "Module X := A E. Import X.".
[Thu Mar 13 08:29:03 2014] <gdsfh> so "Module Export X := A(E). Import X."
[Thu Mar 13 08:29:45 2014] <Rc43> Yes, this is what I do, but looks not very good.
[Thu Mar 13 08:30:26 2014] <Rc43> Maybe problem not in module, because they do what it is expected; problem is in bad separation of code.
[Thu Mar 13 08:32:37 2014] <Rc43> I think, it is because, we can't put all things that depend on one set of modules into one scope; we usually separate them. But if we don't want to create whole pile of intermediate modules for proper injection we must to "linearise" them. Hence we often need to to these Import+Export things.
[Thu Mar 13 08:33:14 2014] <Rc43> I suspect that type classes appropriate better.
[Thu Mar 13 08:38:55 2014] <gdsfh> Rc43: I don't know.  Putting every small bit of code in separate module/functor is not a good decision.  However it's better to be seen "in situ".  Many definitions can be left outside of functors usually.  As for typeclasses, they have its own weaknesses.
[Thu Mar 13 08:40:57 2014] <gdsfh> if modules represent a kind of layers, then linearizing them looks very natural.
[Thu Mar 13 08:41:27 2014] <gdsfh> (layers -- in terms of software engineering.)
[Thu Mar 13 08:46:11 2014] <Rc43> gdsfh, yep, agree about layers.
[Thu Mar 13 08:46:39 2014] <Rc43> gdsfh, so perhaps problem is in too large stack of layers instead of separating some of them into ortogonal components.
[Thu Mar 13 08:47:33 2014] <gdsfh> Rc43: really, it looks like a common problem with development.
[Thu Mar 13 12:04:57 2014] <joe9> this proof seems convoluted: http://codepad.org/S5mpUznk . It is from http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html . Just want to check if it is doing so as it cannot use "not-yet-taught" tactic.
[Thu Mar 13 12:05:48 2014] <joe9> or, is such a proof the common occurrence.
[Thu Mar 13 14:31:53 2014] <joe9> Can anyone please help with this exercise: http://codepad.org/jOZDMyKo from http://www.cis.upenn.edu/~bcpierce/sf/MoreCoq.html . My attempt: http://codepad.org/JYhtGuKi goal: http://codepad.org/S0N06Idq
[Thu Mar 13 14:48:57 2014] <jrw> joe9: this is a good example of when you need a stronger induction hypothesis. try only "intros n. induction n." and then intros the rest of the stuff. see if you can make that work.
[Thu Mar 13 15:21:22 2014] <joe9> jrw, thanks. will try that.
[Thu Mar 13 15:57:44 2014] <joe9>  jrw, I am stuck here: http://codepad.org/r9jz3Tft goal: http://codepad.org/vnrDqjcR
[Thu Mar 13 16:23:07 2014] <ianjneu> joe9: still stuck? (btw, separating your proof state into several pastes doesn't help us)
[Thu Mar 13 17:08:15 2014] <joe9> ianjneu: yes, still stuck.
[Thu Mar 13 17:13:56 2014] <ianjneu> what have you tried and what are you currently thinking?
[Thu Mar 13 17:43:23 2014] <joe9> goals: http://codepad.org/tPgwTWvi proof attempt: http://codepad.org/Bc4JjyWl . How do I do this: apply IHn' in eq with (n':=(S n')).
[Thu Mar 13 17:43:41 2014] <joe9> I think if I can do that, the proof will be complete.
[Thu Mar 13 17:48:29 2014] <jrw> joe9: you will need to use plus_n_S or whatever the hint was to rewrite your hypothesis eq
[Thu Mar 13 17:48:52 2014] <jrw> you'll probably also want to destruct m and use plus_n_S again
[Thu Mar 13 17:49:11 2014] <jrw> then you can use inversion to get something that satisfies the hypothesis of IHn
[Thu Mar 13 20:30:31 2014] <joe9> jrw, ok, thanks.
[Thu Mar 13 20:57:13 2014] <joe9> jrw, proof: http://codepad.org/42YI7jHI error: http://codepad.org/8HzolwM1 goal: http://codepad.org/ys4z2AQu . I cannot figure out how plus_n_Sm fits in here.
[Fri Mar 14 01:24:20 2014] <jrw> joe9: do "rewrite plus_n_Sm in eq." instead of "apply..."
[Fri Mar 14 01:25:01 2014] <jrw> joe9: also, if you combine your pastes into one big one instead of separating everything out, it makes things easier.
[Fri Mar 14 04:42:08 2014] <BmoreDan_> Is it possible to define an inductive type and a fixpoint which both depend on each other?
[Fri Mar 14 09:07:38 2014] <joe9>  I find forward reasoning more readable than backward reasoning. Anyone uses forward reasoning all the time?
[Fri Mar 14 10:52:32 2014] <robbert> BmoreDan_: that is called induction-recursion, and it is not allowed in Coq. In some simple cases you can fake it though (using a sigma over a type of pseudo terms)
[Fri Mar 14 12:15:19 2014] <joe9>  I am having a hard time understanding these proofs/theorems. Can anyone please throw some insight? http://codepad.org/JRD2uqFu
[Fri Mar 14 12:15:59 2014] <joe9> The theorems do not make sense to me. They cannot be true. How did we end up proving them?
[Fri Mar 14 12:36:53 2014] <jrw> joe9: what's wrong with them? assuming False, anything follows.
[Fri Mar 14 12:52:45 2014] <joe9> jrw, regarding the rewrite plus_n_Sm in eq, I get this error: http://codepad.org/MgXgzBv9
[Fri Mar 14 12:53:09 2014] <joe9> jrw, so, even "false" assumptions can be used?
[Fri Mar 14 12:53:21 2014] <jrw> joe9: "rewrite <- plus_n_Sm in eq." ?
[Fri Mar 14 12:54:24 2014] <jrw> joe9: yes, this is common in logic. see http://en.wikipedia.org/wiki/Principle_of_explosion
[Fri Mar 14 12:56:44 2014] <joe9> jrw, thanks. the rewrite
[Fri Mar 14 12:56:48 2014] <joe9> <- helped.
[Fri Mar 14 12:57:55 2014] <jrw> joe9: re: forward reasoning, many people agree with you. I suggest trying to learn to like backward reasoning first, because that is what coq is good at by default. there are ways to do better forward reasoning after you understand more.
[Fri Mar 14 13:00:41 2014] <joe9> jrw, can you please help with this. http://codepad.org/WVctlOln I am stuck here.
[Fri Mar 14 13:01:27 2014] <jrw> joe9: you'll need to do the rewrite twice: once for each side of the equality in eq. then inversion (twice, possibly) will get you what you want.
[Fri Mar 14 13:08:54 2014] <joe9> jrw, this worked http://codepad.org/9uRTLeNf . btw, how did you know that? or, how did you figure that out? did you struggle with it initially? If so, what helped figure it out.
[Fri Mar 14 13:43:32 2014] <jrw> joe9: practice :)
[Fri Mar 14 13:43:50 2014] <joe9> jrw, how long have you been doing this?
[Fri Mar 14 13:44:10 2014] <jrw> joe9: I worked through SF about 3 years ago.
[Fri Mar 14 13:46:43 2014] <ianjneu> Mitch Wand taught me the curry-howard isomorphism. I also banged my head on ACL2 for a year prior to that.
[Fri Mar 14 14:36:08 2014] <Hodapp> ACL2 looks interesting
[Fri Mar 14 14:36:23 2014] <Hodapp> read through a tutorial on it, but have yet to mess with it
[Fri Mar 14 15:06:25 2014] <ianjneu> Hodapp: it's really fast, but hard to drive. Like a racecar.
[Fri Mar 14 15:12:10 2014] <Hodapp> hmmmm.
[Fri Mar 14 15:15:42 2014] <ianjneu> particularly, you have to think carefully about what your rewriting strategy will be. Imagine every Coq proof was autorewrite with everything-proved; destruct everything; congruence; induction wizzlepop (congruence does weird things, and induction guesses which scheme is probably the best to use).
[Fri Mar 14 15:16:59 2014] <ianjneu> the trusted extension to ACL2, the ACL2 sedan, has better termination checking using state-of-the-art tech. It also does amazing work to generate counter-examples when it can.
[Fri Mar 14 15:17:59 2014] <ianjneu> (sedans are easier to drive than racecars)
[Fri Mar 14 15:44:58 2014] <BmoreDa__> robbert: Thanks. Is there some fundamental reason it's not allowed in Coq?
[Fri Mar 14 15:56:10 2014] <ianjneu> BmoreDa__: no one's implemented it.
[Fri Mar 14 15:56:39 2014] <ianjneu> I think Matthieu Sozeau is implementing it for some later version, however.
[Fri Mar 14 15:59:45 2014] <BmoreDaniel> ianjneu: Ok, thanks.
[Fri Mar 14 16:12:59 2014] <joe9> inversion seems to be magical to me now. I do not seem to understand all that it does. Is that common when starting out?
[Fri Mar 14 16:15:56 2014] <ijp> it is traditional for not understanding to precede understanding
[Fri Mar 14 16:20:29 2014] <joe9> ijp: haha. inversion seems to be a very powerful tactic.
[Fri Mar 14 16:20:41 2014] <joe9> there seems to be a lot of functionality in it.
[Sat Mar 15 11:01:28 2014] <osa1> hi guys, can anyone help me with this definition: http://lpaste.net/101239 I'm getting Error: The reference tm was not found in the current environment.
[Sat Mar 15 11:01:37 2014] <osa1> in with value : tm -> Prop := ...
[Sat Mar 15 11:03:07 2014] <roosbeef> youre still defining tm at that point, right
[Sat Mar 15 11:03:39 2014] <osa1> yup
[Sat Mar 15 11:03:46 2014] <roosbeef> maybe thats why
[Sat Mar 15 11:03:51 2014] <roosbeef> im a novice at coq though :p
[Sat Mar 15 11:03:54 2014] <osa1> but isn't that point of "and" syntax? I'm trying to define mutually recursive definitions
[Sat Mar 15 11:04:36 2014] <Hodapp> http://lpaste.net/101241 . . . can anyone give some pointers here? I'm at http://www.cis.upenn.edu/~bcpierce/sf/Logic.html#lab226
[Sat Mar 15 11:05:23 2014] <Hodapp> I have E : all X (fun t : X => test t = true) (v' :: l') and Heq : test v' = true, which looks to me like it should be sufficient to show the goal, all X (fun t : X => test t = true) l', but perhaps my definition of 'all' is somehow prohibiting this
[Sat Mar 15 11:33:14 2014] <Hodapp> but, I suppose I cannot rely on my assumption that the constructors 'empty' and 'rest' are disjoint, which I was mis-remembering from something else
[Sat Mar 15 11:34:20 2014] <Hodapp> that is - I'm acting like 'all X P (a::l)' can only come from '(P a)' and 'all X P l' being given, and I expect Coq to see this, but then it hardly seems like a certainty
[Sat Mar 15 19:27:49 2014] <jrw> Hodapp: I think if you do "inversion E" you should get what you want.
[Sun Mar 16 00:28:54 2014] <Hodapp> jrw: alright. I'll try to work through that, thanks.
[Sun Mar 16 00:30:22 2014] <Hodapp> I need to remember that 'inversion' means more than 'HEY LOOK, A CONTRADICTION!'
[Sun Mar 16 00:31:47 2014] <Hodapp> as predicted - this readily made it very easy to solve. I'll have to figure out why soon.
[Sun Mar 16 02:30:44 2014] <jrw> Hodapp: if you invert on a hypothesis that is an inductive. it will consider all constructors for that inductive that unify with the form your hypothesis has. for each such constructor, inversion gives you a new subgoal with the hypotheses of that constructor added to your context
[Sun Mar 16 02:31:40 2014] <jrw> in this case, the only constructor of "all" that unifies with "all X P (a::l)" is the second constructor, since the first one would have to unify nil with cons. one of that constructor's hypotheses is "all X P l" which is what you wanted
[Sun Mar 16 09:43:32 2014] <ollehar> can I do model checking in coq?
[Sun Mar 16 10:30:17 2014] <Hodapp> jrw: yup... I remember reading basically that in this chapter, but, it had slipped my mind.
[Sun Mar 16 12:35:56 2014] <Rc43> Hello.
[Sun Mar 16 12:36:44 2014] <Rc43> How such notation is called? "Definition wrapper := { something | predicate something }"
[Sun Mar 16 12:41:30 2014] <Rc43> (There is "something : X")I have such definition and have term of type X
[Sun Mar 16 12:41:46 2014] <Rc43> and want to get term of type Wrapper.
[Sun Mar 16 12:47:21 2014] <gdsfh> Rc43: disable printing of notations (depends on your "ide") and use "Print wrapper.".
[Sun Mar 16 13:10:28 2014] <Rc43> gdsfh, that helped. BTW, should work for any "ide".
[Sun Mar 16 13:10:44 2014] <Rc43> (Unset Printing Notations. Print Wrapper.)
[Sun Mar 16 13:11:33 2014] <gdsfh> Rc43: "Error: Use CoqIDE display menu instead".  And really, menu provides such function.
[Sun Mar 16 13:11:48 2014] <Rc43> gdsfh, wow
[Sun Mar 16 13:12:44 2014] <gdsfh> Rc43: CoqIDE tries to keep some global modes in sync between gui and engine.
[Sun Mar 16 13:14:50 2014] <Rc43> Yep, but semantics is little different (Coq's settings can be different in two different places of one file), in some scenarios it can be undesirable.
[Sun Mar 16 13:18:25 2014] <gdsfh> source is a thing to be processed by coqc finally, and used for extraction or linking, so printing is just a developer's setting, never needed in final result.
[Sun Mar 16 13:18:39 2014] <Hodapp> when you have something like:  Inductive appears_in {X:Type} (a:X) : list X -> Prop := ...
[Sun Mar 16 13:20:07 2014] <Hodapp> I guess 'X' and 'a' are parameters of appears_in... what is the fundamental difference here between those and the 'list X'?
[Sun Mar 16 13:20:46 2014] <Hodapp> just that 'X' and 'a' must be present to parametrize appears_in?
[Sun Mar 16 14:52:05 2014] <Hodapp> http://lpaste.net/101289 - trying to do this for the first part of http://www.cis.upenn.edu/~bcpierce/sf/Logic.html#lab228 (defining what it means for a list to be a merge of others)
[Sun Mar 16 14:53:01 2014] <Hodapp> and keep getting errors like, "Last occurrence of list_is_merge must have l2 as 3rd argument in list_is_merge X [] [] []."
[Sun Mar 16 14:53:20 2014] <Hodapp> I'm trying to figure out what this error means or why the last occurrence must have this, and not getting much
[Sun Mar 16 14:53:42 2014] <ianjneu> Hodapp: move l1 and l2 from the left of the : to the righte.
[Sun Mar 16 14:54:02 2014] <Hodapp> ianjneu: in the... type declaration? (not sure what to call it)
[Sun Mar 16 14:54:10 2014] <ianjneu> Currently list_is_merge is indexed by these values rather than parameterized by them.
[Sun Mar 16 14:54:23 2014] <Hodapp> ahh, that's kind of what I was asking earlier
[Sun Mar 16 14:54:36 2014] <ianjneu> I just came back
[Sun Mar 16 14:54:38 2014] <Hodapp> 'indexed by' vs. 'parametrized by', there's a distinction I'm not really familiar with
[Sun Mar 16 14:54:59 2014] <Hodapp> yeah, I'm not blaming you for not answering my question immediately, just saying this was already something I didn't get well :P
[Sun Mar 16 14:56:20 2014] <ianjneu> Well, indicies allow you to fix something that will be shared amongst all variants of the type. Parameters allow free choice at each variant.
[Sun Mar 16 14:57:21 2014] <Hodapp> does SF explain this? this chapter uses the phrase "indexed by" but I'm not sure they explain it
[Sun Mar 16 14:57:52 2014] <ianjneu> Say you're looking at a form of "list" that is parameterized by a type rather than indexed by one. It's like a comparison of a homogeneous list and a heterogeneous one.
[Sun Mar 16 14:58:54 2014] <ianjneu> I didn't read SF from start to finish since I was fairly proficient at the time it came out.
[Sun Mar 16 14:59:12 2014] <Hodapp> yeah, I'm just aiming to know where to get a good idea what the difference is
[Sun Mar 16 14:59:21 2014] <Hodapp> since all I know now is that there's a syntactic difference
[Sun Mar 16 14:59:45 2014] <ianjneu> http://cs.stackexchange.com/questions/20100/what-are-the-difference-between-and-consequences-of-using-type-parameters-and-ty
[Sun Mar 16 14:59:59 2014] <ianjneu> different induction principles.
[Sun Mar 16 15:00:25 2014] <Hodapp> thanks
[Sun Mar 16 15:02:25 2014] <ianjneu> I found myself using two versions of refl_trans closure of a reduction relation, where the starting point is an index versus a parameter. I show the two are logically equivalent, and in some lemmas I need the induction principle from the indexed version and in others I need the one from the parameterized version.
[Sun Mar 16 15:02:46 2014] <ianjneu> It's a whole to-dop.
[Sun Mar 16 15:02:49 2014] <ianjneu> to-do*
[Sun Mar 16 15:05:43 2014] <Hodapp> hmmmmmmm.
[Sun Mar 16 15:05:50 2014] <Hodapp> * goes to make some Irish Coffee
[Sun Mar 16 15:29:36 2014] <Hodapp> mind went blank. Is there something that simplifies a goal of a :: l1 = a :: l2?
[Sun Mar 16 15:29:56 2014] <Hodapp> I know I can simplify a hypothesis of this sort with 'inversion', but I don't know about a goal
[Sun Mar 16 15:31:12 2014] <Hodapp> meh, guess it doesn't really matter - if I had what I needed I could just rewrite
[Sun Mar 16 15:34:23 2014] <jgross> Hodapp: f_equal 
[Sun Mar 16 16:22:38 2014] <Hodapp> jgross: thanks.
[Mon Mar 17 09:56:28 2014] <user1_> hi here http://coq.inria.fr/distrib/current/refman/Reference-Manual012.html  10.1.1 dependent induction H generalizing G D   do not work
[Mon Mar 17 09:57:15 2014] <user1_> but dependent induction H do work alone
[Mon Mar 17 09:59:53 2014] <user1_> everyone is zzzz or what :D
[Mon Mar 17 10:00:21 2014] <Hodapp> it's St. Patrick's Day. We're all hitting up the whiskey.
[Mon Mar 17 10:00:38 2014] <user1_> lol :P
[Mon Mar 17 10:50:10 2014] <osa1> I'm trying to define this: "Definition var := (id * var_kind)." but it fails with "id sould be nat" beucause I think it's interpreting * as multiplication, how can I fix this?
[Mon Mar 17 10:50:15 2014] <osa1> I'm trying to define a tuple type
[Mon Mar 17 12:10:26 2014] <Rc43> Hello.
[Mon Mar 17 12:12:21 2014] <Rc43> Am I right that Coq's type checking is decidable?
[Mon Mar 17 12:32:18 2014] <Rc43> I have strange error:
[Mon Mar 17 12:32:29 2014] <Rc43> I defined term with pattern matching like "Definition t := match x with ... " where (x : sigT some_pred) and (t : sigT other_pred).
[Mon Mar 17 12:32:39 2014] <Rc43> But I got error "term .. has type (other_pred ..) while it is expected to have type ?116".
[Mon Mar 17 12:32:50 2014] <Rc43> Ok, I rewrote definition with explicit declaration of type of result "Definition t : sigT other_pred := ..." and tried to type-check definition. But it doesn't terminate.
[Mon Mar 17 12:38:07 2014] <Rc43> Also, the same term inside larger definition works fine.
[Mon Mar 17 13:50:33 2014] <gdsfh> Rc43: if you have no typeclasses (or similar features, maybe), and typechecking doesn't terminate, it's a bug (imho).  Try the latest release.  If bug persists, file it to bugtracker.  If you aren't sure it's a bug or not, write to coq-club.
[Mon Mar 17 14:29:47 2014] <Rc43> gdsfh, ye, going to do it but still not sure (maybe I am just shooting in my foot).
[Mon Mar 17 14:29:57 2014] <Rc43> I used some "Axiom error : forall {M} {X}, X." definitions for mocking some holes; maybe it is a problem.
[Mon Mar 17 14:30:27 2014] <Rc43> Now rewriting with monad ^_^
[Mon Mar 17 15:36:14 2014] <watermind> what's the usual mathematical notation to denote sets of dependent pairs?
[Mon Mar 17 15:37:13 2014] <ianjneu> {x \in domain : prop-about-x} but in Coq it's {x : domain & prop-about-x}
[Mon Mar 17 15:37:52 2014] <ianjneu> but in math those aren't really pairs, but just a restricted subset of domain.
[Mon Mar 17 15:38:24 2014] <ianjneu> so probably {(x,y) : prop-relating-y-with-x}
[Mon Mar 17 15:38:27 2014] <watermind> exactly so I get that  e.g.  a family would also denote such a space,  so for instance  (A_i)_{i \in I}
[Mon Mar 17 15:38:57 2014] <watermind> I can pick an i, and then an element of A_i
[Mon Mar 17 15:39:30 2014] <watermind> so in effect such a family defines what could be thought of as a space of dependent pairs
[Mon Mar 17 15:39:45 2014] <watermind> but I don't think it is standard to write  (i,a)
[Mon Mar 17 15:39:51 2014] <ianjneu> ya I can see that as a classic mathematics notation for a Sigma type.
[Mon Mar 17 15:40:12 2014] <ianjneu> but not for an inhabitant of it.
[Mon Mar 17 15:40:16 2014] <watermind> exactly
[Mon Mar 17 15:40:46 2014] <ianjneu> I wouldn't fret too much about notation. Classic mathematics is vague and ambiguous.
[Mon Mar 17 15:40:49 2014] <watermind> I was wondering if there was such a thing
[Mon Mar 17 15:40:56 2014] <watermind> true
[Mon Mar 17 15:41:02 2014] <watermind> I just don't like reinventing the wheel
[Mon Mar 17 15:41:58 2014] <ianjneu> Better to do and ask forgiveness than to ask and be shut down.
[Mon Mar 17 15:43:05 2014] <watermind> :)
[Mon Mar 17 15:43:30 2014] <Rc43> Is it possible to make Coq output aliases instead of normal form? E.g. "Inductive Either .... left | right ... . Definition fail := left. Eval compute in ... . (* output: left ... ; desired: fail ... *)".
[Mon Mar 17 15:44:31 2014] <ianjneu> Rc43: Notation
[Mon Mar 17 15:44:55 2014] <ianjneu> use notation for fail instead of Definition.
[Mon Mar 17 15:45:53 2014] <Rc43> ianjneu, ah, so simple; thanks
[Mon Mar 17 15:51:00 2014] <Rc43> > A notation must include at least one symbol
[Mon Mar 17 15:51:01 2014] <Rc43> =/
[Mon Mar 17 15:51:23 2014] <Rc43> Let it be "!fail" and "!ok" then.
[Mon Mar 17 15:57:43 2014] <Rc43> Strange enough; rewrote error handling properly (with Either monad) but looks that computation doesn't terminate.
[Mon Mar 17 16:05:48 2014] <ianjneu> Rc43: Notation fail := left. doesn't work?
[Mon Mar 17 16:06:07 2014] <Rc43> ianjneu no, its ok.
[Mon Mar 17 16:06:14 2014] <ianjneu> If you use quotes, anything in single quotes becomes a keyword for the lexer.
[Mon Mar 17 16:06:29 2014] <Rc43> ianjneu, problem in my setting, but pretty strange.
[Mon Mar 17 16:06:39 2014] <Rc43> ianjneu, cycled computation
[Mon Mar 17 16:06:49 2014] <ianjneu> 'cycled'?
[Mon Mar 17 17:51:09 2014] <chris2> is there a way to use in the presence of an explit type like 'I_10 numeric literals for Ordinal in ssreflect?
[Mon Mar 17 20:32:39 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/Logic.html#lab228 is taking me a ton of effort and confusion
[Mon Mar 17 20:32:51 2014] <Hodapp> yet.. I have no one to blame but myself... because I wrote the specification :|
[Mon Mar 17 20:58:00 2014] <jrw> Hodapp: what do your definitions look like?
[Mon Mar 17 21:15:43 2014] <Hodapp> jrw: http://lpaste.net/101368
[Mon Mar 17 21:17:01 2014] <Hodapp> jrw: I've been trying inversion on 'list_is_merge l1 l2 l' and I'm not sure if it gets me anywhere or not. I was trying induction first and that seemed to help, but then I kept bumping into cases that seemed contradictory but not in ways I knew how to show
[Mon Mar 17 21:17:30 2014] <Hodapp> but I've been looking over my definitions and filter_challenge to see if the reason I'm having trouble with that proof is because the theorem is idiotic and wrong
[Mon Mar 17 21:23:51 2014] <jrw> Hodapp: I think that proof will go through. I don't think you need to destruct on (test a) because you'll know the answer by one of your hypotheses.
[Mon Mar 17 21:24:16 2014] <jrw> Hodapp: all that being said, I actually recommend inducting on your in order merge hypothesis
[Mon Mar 17 21:24:22 2014] <jrw> I found that proof to be easier
[Mon Mar 17 21:24:39 2014] <jrw> I think they're basically isomorphic though
[Mon Mar 17 21:25:21 2014] <Ptival> isomorphic proofs!
[Mon Mar 17 21:31:22 2014] <Hodapp> jrw: fair enough. and I think I was heading into the same thing by a different direction, because it was in a certain branch that the annoying-sorta-contradiction emerged
[Mon Mar 17 21:37:13 2014] <jrw> Hodapp: feel free to post a partial proof if you get stuck
[Mon Mar 17 21:38:21 2014] <Hodapp> looks like I already did once :P
[Mon Mar 17 21:52:39 2014] <Hodapp> I guess it's important that I do this exercise, since I managed to forget that induction on a hypothesis is a thing you could do.
[Mon Mar 17 21:54:21 2014] <Hodapp> * . o O ( leave it up to me to forget that something defined inductively can have induction over it... )
[Mon Mar 17 22:08:14 2014] <Hodapp> jrw: thank you much. the proof was a cinch after that.
[Mon Mar 17 22:17:51 2014] <jrw> Hodapp: cool. nice work!
[Tue Mar 18 03:58:18 2014] <osa1> wtf?!?! I can't compile this code http://lpaste.net/101378 it's failing with "Error: substx_rec already exists."... how can this be? any idea?
[Tue Mar 18 03:58:40 2014] <osa1> if I print it it says "Error: substx_rec not a defined object."
[Tue Mar 18 03:58:45 2014] <osa1> wtf????
[Tue Mar 18 04:44:51 2014] <Saizan> i think it's because substx_rec is going to be the name of the generated recursion principle for substx
[Tue Mar 18 04:46:24 2014] <osa1> Saizan: yeah that's right :) I also asked this to mailing list and got same asnwer.
[Tue Mar 18 04:46:27 2014] <osa1> answer*
[Tue Mar 18 13:46:05 2014] <Rc43> Is there built-in function for taking n-list from stream?
[Tue Mar 18 13:57:16 2014] <ianjneu> I don't think streams have much in terms of batteries included.
[Tue Mar 18 15:58:21 2014] <user1_> heho anyone here
[Tue Mar 18 17:01:10 2014] <jrw> hi user1_
[Wed Mar 19 07:24:38 2014] <Rc43> Hello.
[Wed Mar 19 07:51:18 2014] <Rc43> I have type synonym "T a := x -> a".
[Wed Mar 19 07:51:20 2014] <Rc43> I want to write fixpoint on it (i.e. Fixpoint f : T something).
[Wed Mar 19 07:51:53 2014] <Rc43> But I need to specify that arguement of type X is {struct x}.
[Wed Mar 19 07:52:01 2014] <Rc43> Is there workaround for that?
[Wed Mar 19 08:27:57 2014] <Rc43> If I just unwrap T definition then something wrong with my monads happens (suppose that it becomes harder to find right instance).
[Wed Mar 19 08:47:23 2014] <Rc43> Can I make Coq to unify "forall x {struct x}, a" with "T a" where T is "X -> A"?
[Wed Mar 19 08:52:09 2014] <gdsfh> Rc43: as a general note: for simple monads typeclasses are ok, but for monad transformers you'll probably get lost with them.  I've tried.  Coq typeclasses are more powerful than haskell's ones, instance searching is more complex.  The best thing I could do to use monads in my code is https://bitbucket.org/gds/coq-practical-monads
[Wed Mar 19 08:53:02 2014] <Rc43> gdsfh, wow, didn't searched for monads implementation, thanks
[Wed Mar 19 08:53:22 2014] <gdsfh> btw, there are _many_ implementations.
[Wed Mar 19 08:53:47 2014] <Rc43> gdsfh, I currently don't use monad transformers, but just hasrdcoded complex monad instance for (F -> R -> Either Error A)
[Wed Mar 19 08:54:17 2014] <Rc43> (where F -> Q and R -> Q and Either Error Q are monads)
[Wed Mar 19 08:56:26 2014] <gdsfh> Rc43: got it.  Your approach is simple (that's good), but proofs must be hard.  Using monad transformers, one can be sure that monad laws are obeyed.  (but probably you don't need proofs here.)
[Wed Mar 19 08:57:43 2014] <Rc43> gdsfh, will not need, its code for generating some testing stuff (here R stands for Random := Stream nat and F stands for Fuel := nat; fuel is used for limiting recursion).
[Wed Mar 19 08:58:24 2014] <Rc43> but problem that with hiding F into compplex monad I lost ability to type {struct f} on argument of type F
[Wed Mar 19 08:59:08 2014] <Rc43> (BTW, F -> Q isn't actually monad, but F -> Either Error Q looks to be).
[Wed Mar 19 08:59:20 2014] <Rc43> (in my case)
[Wed Mar 19 09:01:49 2014] <gdsfh> suppose you are using module as an argument to monad transformer's functor.  By default, module values are transparent.  Nothing should prevent you from looking at f's structure, even when you are working with monad that uses F.  But I have not much brainpower now, so may be mistaken.
[Wed Mar 19 09:06:51 2014] <Rc43> gdsfh, hmm, I didn't understand something.
[Wed Mar 19 09:06:56 2014] <Rc43> I have "Definition Dirty A := Fuel -> Rand -> Either Error A." and I want to type function "Fixpoint generate ... : Dirty Result." which is decreasing on Fuel which is inside of Dirty.
[Wed Mar 19 09:07:20 2014] <Rc43> I have "Instance dirty_monad : Monad Dirty := ..." also.
[Wed Mar 19 09:08:43 2014] <Rc43> If I type "Fixpoint generate ... : forall (f : Fuel), {struct f}, Rand -> Either Error A" Coq doesn't complain about fix, but complains something like "expected ?123, got Something".
[Wed Mar 19 09:09:59 2014] <Rc43> I suppose that it is because Coq can't unify LHS with RHS during type classes instances search.
[Wed Mar 19 09:11:31 2014] <gdsfh> I give up on questions about instance searching.  Maybe you'd better post complete example here or to coq-club, so somebody could help?
[Wed Mar 19 09:13:01 2014] <Rc43> gdsfh, just posted into coq-club; but complete example is pretty long; will try to reduce it (also it can give some information to me, too).
[Wed Mar 19 10:07:31 2014] <Rc43> Is {struct x} just notation or hardcoded into Coq? Can I write something like {x : proof_that_something_is_structural_recrusive}?
[Wed Mar 19 10:40:41 2014] <robbert> Rc43: for what it is worth, {struct foo} is no type or so, it is just syntax that belongs to the Fixpoint command and fix term, where it can only be used on the left hand side of the :
[Wed Mar 19 10:42:09 2014] <robbert> structural arguments should always appear on the LHS of the :, you cannot curry them like you are trying to
[Wed Mar 19 10:42:34 2014] <Rc43> robbert, and we can't pass fixpoint name into its body without any arguments?
[Wed Mar 19 10:43:47 2014] <robbert> you can, for example in nested recursive functions
[Wed Mar 19 10:44:40 2014] <robbert> In your 03:41 PM message at Coqclub, the {struct f} already makes no sense, it should refer to an argument of the fixpoint
[Wed Mar 19 10:44:52 2014] <robbert> and please! post self-contained code
[Wed Mar 19 10:45:16 2014] <robbert> there is no way of knowing what is going on with code where many definitions are missing
[Wed Mar 19 10:47:52 2014] <Rc43> robbert, its about 100 lines =/
[Wed Mar 19 10:48:34 2014] <Rc43> rrobbert, {struct f} is typo, should be {struct fuel}.
[Wed Mar 19 10:48:51 2014] <robbert> I doubt we need all of it
[Wed Mar 19 10:49:12 2014] <robbert> just keep unfolding and removing definitions util you end up with a self contained example
[Wed Mar 19 10:50:02 2014] <Rc43> robbert, I did it, it is about 100 lines, because we need to define functor, monad and applicative instances for either and some other types.
[Wed Mar 19 10:50:22 2014] <Rc43> http://pastebin.com/raw.php?i=Skm2hLdN
[Wed Mar 19 10:51:24 2014] <Rc43> Ye, I can construct example without monads though, but initial point was in type synonyms and why I can't just type them unfolded.
[Wed Mar 19 10:53:10 2014] <robbert> The kind of syntax in
[Wed Mar 19 10:53:13 2014] <robbert> Program Fixpoint f : forall (f : Fuel) {struct f}, WithFuel nat :=
[Wed Mar 19 10:53:19 2014] <robbert> is probably wrong
[Wed Mar 19 10:53:41 2014] <robbert> Like I said, the decreasing argument and the struct declaration should be on the LHS of the :
[Wed Mar 19 10:53:43 2014] <Rc43> robbert, yes, it's old version before emails.
[Wed Mar 19 10:54:01 2014] <robbert> Here, the { } is seen as an implicit argument or so, I guess
[Wed Mar 19 10:54:03 2014] <Rc43> robbert, just wanted to show you size
[Wed Mar 19 10:55:29 2014] <Rc43> How do you think is it possible to do in any way? To use monadic operations on fixpoints, I mean.
[Wed Mar 19 10:57:10 2014] <Rc43> Can I provide manual proof of termination?
[Wed Mar 19 10:59:14 2014] <robbert> It could work for sure, but I would recommend you to first play without the whole type class and notation machinery, just so you can see what is actually going on
[Wed Mar 19 11:00:23 2014] <robbert> What you are doing now, is making it highly confusing. Start simple, and when that is working, extend
[Wed Mar 19 11:04:55 2014] <Rc43> I can't make run already this "Fixpoint f (fuel : Fuel) {struct fuel} : Either Error nat := let g := (pure 1) >>= (fun x => pure (S x)) >>= (fun _ => f) in g fuel."
[Wed Mar 19 11:05:24 2014] <Rc43> But maybe I am missing something obvous.
[Wed Mar 19 11:05:29 2014] <Rc43> Will try to reduce some more.
[Wed Mar 19 11:05:56 2014] <robbert> Unfold pure, unfold bind, unfold the let, and study that term
[Wed Mar 19 11:06:10 2014] <robbert> there is enough left to simplify
[Wed Mar 19 11:13:17 2014] <Rc43> Am I right that wiithout wrapper Coq will not find instance of type class?
[Wed Mar 19 11:13:48 2014] <Rc43> So I need to use (FromX A) instead of (X -> A)?
[Thu Mar 20 08:17:58 2014] <roosbeef> is it possible to only 'compute' part of a goal or hypothesis?
[Thu Mar 20 09:32:10 2014] <Cale> roosbeef: You can rewrite by refl with a given type
[Thu Mar 20 09:32:32 2014] <Cale> Not sure if that's exactly what you mean
[Thu Mar 20 09:33:20 2014] <roosbeef> suppose we have H : f3 (f1 x) (f2 y)
[Thu Mar 20 09:33:26 2014] <roosbeef> how can i compute only (f1 x)
[Thu Mar 20 09:33:42 2014] <roosbeef> and get H : f3 [result] (f2 y)
[Thu Mar 20 21:48:42 2014] <Hodapp> Logic.v of SF has done a great job stumping me. I guess it makes for good practice.
[Fri Mar 21 04:28:47 2014] <Cale> Hodapp: What are you having trouble with?
[Fri Mar 21 04:30:57 2014] <Cale> Are you doing the 5 star exercise? :)
[Fri Mar 21 07:45:25 2014] <Hodapp> Cale: yup :P
[Fri Mar 21 07:45:53 2014] <Hodapp> but I'm on, "Finally, state and prove one or more interesting theorems relating [disjoint], [no_repeats] and [++] (list append)."
[Fri Mar 21 07:46:22 2014] <Hodapp> trying to show: no_repeats (l1 ++ l2) <-> disjoint l1 l2.
[Fri Mar 21 12:45:53 2014] <roosbeef> how do i "lift" a relation from symbols to strings of symbols?
[Fri Mar 21 12:49:32 2014] <roosbeef> for example. if we have the relation let_le on letters, how do we define str_le to encompass the following:
[Fri Mar 21 12:50:27 2014] <ianjneu> strings of symbols = list of symbols?
[Fri Mar 21 12:50:32 2014] <roosbeef> yes,
[Fri Mar 21 12:50:39 2014] <ianjneu> also, unary relation or binary?
[Fri Mar 21 12:50:46 2014] <ianjneu> if unary, use Forall
[Fri Mar 21 12:50:49 2014] <roosbeef> take two strings, x and y, and let the first letter of these be x1 and y1 respectively; if let_le x1 y1 then str_le x y; otherwise, take the second letters x2 and y2; if let_le x2 y2 then str_le x y, and so on and so forth
[Fri Mar 21 12:51:13 2014] <roosbeef> (binary)
[Fri Mar 21 12:51:27 2014] <ianjneu> you want a lexicographic ordering on lists?
[Fri Mar 21 12:51:31 2014] <roosbeef> exactly :)
[Fri Mar 21 12:52:23 2014] <ianjneu> One minute.
[Fri Mar 21 12:52:26 2014] <roosbeef> ive defined the ordering on letters inductively
[Fri Mar 21 12:53:16 2014] <roosbeef> like this: https://privatepaste.com/7c9ac3d1ca
[Fri Mar 21 12:54:04 2014] <roosbeef> but not sure how to approach defining a lifted order
[Fri Mar 21 12:56:35 2014] <ianjneu> btw you can get rid of "forall" and move accent to the left of the colon
[Fri Mar 21 12:57:10 2014] <ianjneu> fl_Le_oa accent : fl_Le (FrenchLetter o accent) [...]
[Fri Mar 21 13:01:23 2014] <roosbeef> does that in practice amount to exactly the same?
[Fri Mar 21 13:01:32 2014] <roosbeef> seems to me like this requires less parameters
[Fri Mar 21 13:01:58 2014] <ianjneu> it's the same, just less typing "forall"
[Fri Mar 21 13:03:15 2014] <roosbeef> hm
[Fri Mar 21 13:06:10 2014] <ianjneu> so lexorder or dictionary order? If you're looking at strings, should [a;p;p;l;e] be less than [b;e] ? Or do you also need to have a tail of length less than or equal to the rhs list's tail?
[Fri Mar 21 13:06:28 2014] <ianjneu> n.b. if dictionary order, it won't be wellfounded
[Fri Mar 21 13:06:30 2014] <roosbeef> yea apple should be less than be
[Fri Mar 21 13:06:51 2014] <roosbeef> it wont?
[Fri Mar 21 13:06:55 2014] <ianjneu> nope.
[Fri Mar 21 13:07:12 2014] <roosbeef> i guess i need lexorder then ;p
[Fri Mar 21 13:07:18 2014] <roosbeef> cause it should be well founded
[Fri Mar 21 13:07:34 2014] <roosbeef> why is that not well founded btw
[Fri Mar 21 13:08:32 2014] <ianjneu> infinite decending chain of a^{n}b
[Fri Mar 21 13:09:03 2014] <roosbeef> why would that be infinitely decending
[Fri Mar 21 13:10:36 2014] <roosbeef> unless n equals infinity?
[Fri Mar 21 13:10:37 2014] <ianjneu> there is no "smallest" string. Is ab? No, aab is smaller. Is aab? No, aaab is smaller.
[Fri Mar 21 13:10:57 2014] <roosbeef> ahh
[Fri Mar 21 13:11:06 2014] <roosbeef> ok that makes sense
[Fri Mar 21 13:11:38 2014] <roosbeef> i think emptystring is always the smallest, does that help?
[Fri Mar 21 13:15:27 2014] <ianjneu>  nil < (a::l)
[Fri Mar 21 13:16:18 2014] <roosbeef> ie. yes? :p
[Fri Mar 21 13:17:47 2014] <ianjneu> ya. Working on wellfoundedness claim.
[Fri Mar 21 13:18:38 2014] <roosbeef> wow thanks
[Fri Mar 21 13:31:11 2014] <Cale> If you want something like lexicographic order which is a well ordering, you can just compare the length first, and then break ties with lexicographic order.
[Fri Mar 21 13:31:35 2014] <Cale> (which is sometimes referred to as graded lexicographic order, or grlex)
[Fri Mar 21 13:31:53 2014] <roosbeef> how does that work
[Fri Mar 21 13:32:56 2014] <roosbeef> nm googled it
[Fri Mar 21 13:33:33 2014] <Cale> (You'll probably find lots of resources about computing Gröbner bases, because that's where it mostly shows up :)
[Fri Mar 21 13:34:00 2014] <roosbeef> haha yea
[Fri Mar 21 13:34:03 2014] <roosbeef> was looking at https://en.wikipedia.org/wiki/Monomial_order#Graded_lexicographic_order
[Fri Mar 21 13:34:15 2014] <roosbeef> which makes mention of that
[Fri Mar 21 13:35:18 2014] <ianjneu> the rules are just nil < (a::l) | a < a' & |l| <= |l'| => (a::l) < (a'::l') | l < l' => (a::l) < (a::l')
[Fri Mar 21 13:35:26 2014] <ianjneu> of course < must also be wellfounded.
[Fri Mar 21 13:36:21 2014] <roosbeef> ok that looks correct
[Fri Mar 21 13:39:31 2014] <roosbeef> why "& |l| <= |l'|"?
[Fri Mar 21 13:41:14 2014] <ianjneu> to rule out dictionary ordering.
[Fri Mar 21 13:41:28 2014] <roosbeef> ah but it should be dictionary ordering right?
[Fri Mar 21 13:42:17 2014] <roosbeef> i thought nil ensured well foundedness for dictionary ordering?
[Fri Mar 21 13:42:45 2014] <roosbeef> err, forall x, le nil x
[Fri Mar 21 13:43:27 2014] <ianjneu> the tails don't matter at all for dictionary ordering.e
[Fri Mar 21 13:43:44 2014] <ianjneu> if the heads are different, I mean.
[Fri Mar 21 13:44:27 2014] <roosbeef> what would any of these orderings look like in coq though?
[Fri Mar 21 13:44:49 2014] <roosbeef> should i be using Inductive to define that?
[Fri Mar 21 13:44:55 2014] <roosbeef> or Fixpoint?
[Fri Mar 21 13:45:19 2014] <ianjneu> Inductive is how I'm doing it. Still trying to prove accessibility.
[Fri Mar 21 13:54:08 2014] <roosbeef> meeting in 5 minutes :/
[Fri Mar 21 13:54:14 2014] <roosbeef> back in 40 mins
[Fri Mar 21 14:26:11 2014] <kini> I did a dinky little thing in coq https://gist.github.com/kini/9683018
[Fri Mar 21 14:26:11 2014] <kini> eapply is magic :P
[Fri Mar 21 14:26:46 2014] <kini> anyone have comments on style? (if there can even be style concerns about something this small)
[Fri Mar 21 14:40:49 2014] <roosbeef> hi
[Fri Mar 21 14:41:35 2014] <ianjneu> hey, I had to walk home and now I'm on baby duty.
[Fri Mar 21 14:41:56 2014] <roosbeef> haha ok
[Fri Mar 21 14:42:08 2014] <roosbeef> baby duty?
[Fri Mar 21 14:43:19 2014] <ianjneu> My partner and I split our work days to take care of the little one. She's 3 months.
[Fri Mar 21 14:44:07 2014] <roosbeef> :)
[Fri Mar 21 14:45:24 2014] <ianjneu> that is to say, I haven't proven wf
[Fri Mar 21 14:46:08 2014] <roosbeef> no worries
[Fri Mar 21 14:46:36 2014] <roosbeef> i would love to give it a shot
[Fri Mar 21 14:47:46 2014] <roosbeef> could you give me a hint as to what your definition of the ordering looks like?
[Fri Mar 21 14:48:26 2014] <ianjneu> http://lpaste.net/4554856999736573952
[Fri Mar 21 14:53:07 2014] <roosbeef> why do you need ZArith? For length?
[Fri Mar 21 14:53:57 2014] <ianjneu> ya
[Fri Mar 21 14:54:12 2014] <ianjneu> omega takes out some silly cases that I cut out of the paste.
[Fri Mar 21 14:54:35 2014] <roosbeef> omega?
[Fri Mar 21 14:55:28 2014] <ianjneu> it's a powerful tactic for arithmetic goals.
[Fri Mar 21 14:55:52 2014] <roosbeef> ah like sledgehammer
[Fri Mar 21 14:56:24 2014] <ianjneu> pvs?
[Fri Mar 21 14:56:46 2014] <roosbeef> sorry my connection dropped, i may have missed some messages
[Fri Mar 21 14:57:26 2014] <ianjneu> sledgehammer is a PVS thing, right?
[Fri Mar 21 15:00:42 2014] <roosbeef> i think so, yea
[Fri Mar 21 15:03:46 2014] <roosbeef> ok going to disect your definition for a while
[Fri Mar 21 15:03:54 2014] <roosbeef> much thanks!
[Fri Mar 21 15:22:08 2014] <roosbeef> ianjneu, why do you open the module with
[Fri Mar 21 15:22:09 2014] <roosbeef> Module ListLex (Ord: EqLtLe) : EqLtLe with Definition t := list Ord.t.
[Fri Mar 21 15:22:12 2014] <roosbeef> and then say
[Fri Mar 21 15:22:20 2014] <roosbeef> Definition t := list Ord.t.
[Fri Mar 21 15:26:27 2014] <ianjneu> Because Coq modules are painfully verbose.
[Fri Mar 21 15:28:01 2014] <roosbeef> are those both defining the same t?
[Fri Mar 21 15:28:45 2014] <ianjneu> yes. The "with" is to make it transparent to users of the module.
[Fri Mar 21 15:29:41 2014] <roosbeef> ahh
[Fri Mar 21 15:30:10 2014] <roosbeef> why would that need to be transparent?
[Fri Mar 21 15:30:24 2014] <ystael> ianjneu: so that imposes a constraint on the t exported by the signature EqLtLe of ListLex Ord?
[Fri Mar 21 15:42:28 2014] <ianjneu> It makes it clear that the ordered type defined by the module is connected to the type put into it.
[Fri Mar 21 15:49:38 2014] <roosbeef> hm
[Fri Mar 21 15:50:49 2014] <roosbeef> im working with signatures
[Fri Mar 21 15:52:19 2014] <roosbeef> this question might make no sense
[Fri Mar 21 15:52:35 2014] <roosbeef> but suppose we have Definition fs_Sig : Signature := mkSignature fstring_beq_ok.
[Fri Mar 21 15:53:33 2014] <roosbeef> how do i then define a function like ListLexLt : fs_Sig -> fs_Sig -> Prop?
[Fri Mar 21 15:53:54 2014] <roosbeef> my bad i should have included that fact
[Fri Mar 21 16:01:56 2014] <roosbeef> brb
[Fri Mar 21 19:34:56 2014] <Cale> kini: Here's a slightly different way to formulate the same thing: http://lpaste.net/101576
[Fri Mar 21 19:35:41 2014] <Cale> Makes it perhaps a little clearer that it's SKK :)
[Fri Mar 21 19:35:44 2014] <kini> right, treat axioms as premiseless inference rules basically :)
[Fri Mar 21 19:36:40 2014] <kini> yes, bob atkey pointed that out to me on twitter (about SKI), haha
[Fri Mar 21 19:37:35 2014] <Cale> You can also do away with f_not, and replace contrapositive by ((F ~> G) ~> F) ~> F  :)
[Fri Mar 21 19:37:53 2014] <Cale> (also known as call/cc)
[Fri Mar 21 19:38:02 2014] <Cale> (also known as Peirce's law)
[Sat Mar 22 09:11:45 2014] <ainieco> hello
[Sat Mar 22 09:12:26 2014] <ainieco> is there some builtin functionality to automatically prove that l1 = [] and l2 = [] having ([], []) = (l1, l2)?
[Sat Mar 22 09:17:03 2014] <Anarchos> induction ?
[Sat Mar 22 09:17:07 2014] <Anarchos> or destruct ?
[Sat Mar 22 09:18:19 2014] <gdsfh> ainieco: Require Import List. Goal forall (l1 l2 : list nat), (nil, nil) = (l1, l2) -> nil = l1. intros l1 l2 H. injection H. intros.
[Sat Mar 22 09:18:22 2014] <schoppenhauer> hello. (how) can I load/check a .v-file in the default emacs-coq-mode? C-c C-l does not work.
[Sat Mar 22 09:19:10 2014] <Anarchos> gdsfh aah i forgot «injection H»
[Sat Mar 22 09:19:12 2014] <gdsfh> ainieco: or "congruence", when the goal is a simple one.
[Sat Mar 22 09:19:19 2014] <schoppenhauer> I don't want to use this "coqide".
[Sat Mar 22 09:19:52 2014] <ainieco> gdsfh: thanks, injection exactly what i needed
[Sat Mar 22 09:32:53 2014] <ainieco> trying to prove split l = (l1, l2) -> combine l1 l2 = l but stuck with - http://lpaste.net/4415477618694946816 . could you please give me some hints on that?
[Sat Mar 22 09:34:16 2014] <schoppenhauer> is this possible with the default coq-mode?
[Sat Mar 22 10:12:53 2014] <user1> HEHOO guys urgent question
[Sat Mar 22 10:13:37 2014] <user1> whats goin on with the [focus on] of chap11 math proof language ?????
[Sat Mar 22 10:14:22 2014] <Hodapp> what?
[Sat Mar 22 10:15:06 2014] <user1> sec 11.3.7
[Sat Mar 22 10:16:11 2014] <Hodapp> of what?
[Sat Mar 22 10:16:49 2014] <user1> http://coq.inria.fr/distrib/current/refman/Reference-Manual013.html
[Sat Mar 22 10:24:35 2014] <user1> KNOCK KNOC?
[Sat Mar 22 10:30:07 2014] <Anarchos> Why is there a source code of an ocaml runtime in the source code of coq ?
[Sat Mar 22 10:32:41 2014] <user1> [focus on] is supposed to be part of the tactics of the math proof language..
[Sat Mar 22 10:33:04 2014] <user1> it is even written in the syntax presentation
[Sat Mar 22 10:33:16 2014] <user1> and given in example.. so why the error?
[Sat Mar 22 10:37:16 2014] <ainieco> anyone?
[Sat Mar 22 10:44:57 2014] <schoppenhauer> anyone?
[Sat Mar 22 10:48:17 2014] <gdsfh> ainieco: give full example that depends on stdlib only; i'm not a big fan of SF.
[Sat Mar 22 10:48:26 2014] <gdsfh> schoppenhauer: are you using proofgeneral?
[Sat Mar 22 10:48:46 2014] <schoppenhauer> gdsfh: not sure. i think not.
[Sat Mar 22 10:49:40 2014] <gdsfh> schoppenhauer: so, maybe you should install it?  it has some documentation, afair.
[Sat Mar 22 10:50:12 2014] <schoppenhauer> yes.
[Sat Mar 22 10:50:18 2014] <schoppenhauer> but ...
[Sat Mar 22 10:50:52 2014] <schoppenhauer> hm ...
[Sat Mar 22 10:51:10 2014] <schoppenhauer> I am not quite sure I understand what proofgeneral actually is.
[Sat Mar 22 10:52:06 2014] <gdsfh> it's an emacs mode, good for interactive proving within emacs.
[Sat Mar 22 10:52:42 2014] <gdsfh> maybe not a "mode" by itself, but it should provide its mode.
[Sat Mar 22 10:53:10 2014] <schoppenhauer> thx
[Sat Mar 22 10:58:20 2014] <ainieco> gdsfh: http://lpaste.net/6370845343730368512
[Sat Mar 22 11:09:49 2014] <gdsfh> ainieco: received, checked, thinking.
[Sat Mar 22 11:10:16 2014] <ainieco> gdsfh: thank you
[Sat Mar 22 11:37:43 2014] <gdsfh> ainieco: http://paste.in.ua/9467/ -- not a beautiful proof, but straightforward (for my style of thinking).  It's possible to do better.
[Sat Mar 22 11:49:01 2014] <ainieco> gdsfh: Thanks!
[Sun Mar 23 13:10:45 2014] <ianjneu> What is the right citation to use when discussing "The Coq proof assistant" in a paper?
[Sun Mar 23 13:14:51 2014] <roosbeef> what does [] mean?
[Sun Mar 23 13:16:06 2014] <ianjneu> roosbeef: depends on context. In expression context with ListNotations imported, it means nil. If an intros pattern, it means destruct and use default naming rules for the unnamed components (which are all of them)
[Sun Mar 23 13:17:37 2014] <roosbeef> yea its added in a hypothesis after intros
[Sun Mar 23 13:24:10 2014] <roosbeef> ianjneu, im working on that ListLex module
[Sun Mar 23 13:24:33 2014] <roosbeef> could you explain this tactic please? Ltac acc_bad := constructor; intros ? bad; inversion bad.
[Sun Mar 23 13:25:12 2014] <ianjneu> ? is an intro pattern that says to use the default naming strategy (but don't destruct)
[Sun Mar 23 13:25:32 2014] <roosbeef> normally intro destructs?
[Sun Mar 23 13:25:55 2014] <ianjneu> no, but I was just relating back to my explanation of intros [].
[Sun Mar 23 13:26:02 2014] <roosbeef> ah
[Sun Mar 23 13:27:40 2014] <roosbeef> so basically, this tactic breaks apart the data type according to its constructors and sees if it can dismiss any of these by contradiction?
[Sun Mar 23 13:27:42 2014] <ianjneu> So acc_bad is for typical Acc proofs, since your base case is almost always an argument of vacuity, which acc_bad will do.
[Sun Mar 23 13:29:29 2014] <roosbeef> right
[Sun Mar 23 13:34:20 2014] <roosbeef> so when looking at this proof state https://privatepaste.com/30fe4d2f00
[Sun Mar 23 13:34:59 2014] <roosbeef> subgoal 1 is the base case, right?
[Sun Mar 23 13:39:48 2014] <ianjneu> ya, l must be [], so if you invert H0, you'll be able to use acc_bad, but you might also have to argue the extra cases of the inversion are vacuous.
[Sun Mar 23 13:42:43 2014] <roosbeef> im confused
[Sun Mar 23 13:42:44 2014] <roosbeef> :p
[Sun Mar 23 13:43:43 2014] <roosbeef> doing inversion H0. acc_bad. results in https://privatepaste.com/4b1215030d
[Sun Mar 23 13:44:22 2014] <ianjneu> do subst after inversion.
[Sun Mar 23 13:46:03 2014] <roosbeef> hm
[Sun Mar 23 13:46:14 2014] <roosbeef> btw im attempting to prove le not lt
[Sun Mar 23 14:00:21 2014] <ianjneu> you're trying to prove forall l, Acc ListLexLe l?
[Sun Mar 23 14:00:40 2014] <ianjneu> since that won't work. You can have an infinite chain of equal lists.
[Sun Mar 23 14:01:41 2014] <ianjneu> However, if you use Le to bound l from above (ListLexLe l l') to prove Acc ListLexLt l, that might work by induction on l'.
[Sun Mar 23 14:03:58 2014] <roosbeef> Lemma wf_acc : well_founded fl_Le -> forall l' l, ListLexLe l l' -> Acc ListLexLe l.
[Sun Mar 23 14:04:29 2014] <ianjneu> ya that's a nontheorem.
[Sun Mar 23 14:04:37 2014] <roosbeef> why?
[Sun Mar 23 14:05:24 2014] <ianjneu> Because you can have (ListLexLe l l) ad infinitum. You will never bottom out.
[Sun Mar 23 14:05:50 2014] <roosbeef> hm
[Sun Mar 23 14:06:13 2014] <roosbeef> ok that makes sense
[Sun Mar 23 14:06:19 2014] <ianjneu> Exercise, assume well_founded ListLexLe and prove False.
[Sun Mar 23 14:08:21 2014] <roosbeef> whats the syntax for that?
[Sun Mar 23 14:08:42 2014] <roosbeef> Lemma ex : well_founded ListLexLe.
[Sun Mar 23 14:08:42 2014] <roosbeef> ?
[Sun Mar 23 14:09:27 2014] <roosbeef> Lemma ex : well_founded ListLexLe -> False.
[Sun Mar 23 14:09:30 2014] <ianjneu> Lemma ex : ~ well_founded ListLexLe.
[Sun Mar 23 14:09:32 2014] <ianjneu> ya
[Sun Mar 23 14:11:20 2014] <roosbeef> hm
[Sun Mar 23 14:11:49 2014] <roosbeef> https://privatepaste.com/5b7f20236e
[Sun Mar 23 14:29:38 2014] <robbert> ianjneu: FWIW, I always cite the manual.
[Sun Mar 23 14:30:16 2014] <roosbeef> gotta go home
[Sun Mar 23 14:30:30 2014] <roosbeef> thanks for your help and patience ianjneu :)
[Sun Mar 23 22:01:38 2014] <Hodapp> * considers the possibility that Coq invents even more and more outlandish theorems the deeper and deeper you get into a proof, just to mess with your head.
[Sun Mar 23 22:07:45 2014] <user1> why
[Sun Mar 23 22:08:01 2014] <user1> and did you solve my [focus on] problem
[Sun Mar 23 22:13:59 2014] <Hodapp> I don't know what problem you refer to.
[Mon Mar 24 11:45:09 2014] <wwilly_> hi
[Mon Mar 24 11:46:17 2014] <wwilly_> i'm young with coq, and have problem with definition of tail recursive function for compute length of a list
[Mon Mar 24 11:46:35 2014] <wwilly_> Fixpoint lengthbis (acc: nat) (l: list nat) :nat := match l with   | nil => acc   | cons x xs => lengthbis (acc + 1) xs end.
[Mon Mar 24 11:46:55 2014] <wwilly_> i have this error: The components of this disjunctive pattern must bind the same variables. for the first match
[Mon Mar 24 11:47:04 2014] <wwilly_> i don't understand the problem
[Mon Mar 24 15:03:11 2014] <jrw> wwilly_: you have a stray underscore before the first pipe
[Mon Mar 24 18:06:06 2014] <Anarchos> how to prove that the foundation axiom is independent of the bourbaki axioms ?
[Mon Mar 24 23:40:38 2014] <kini> what foundation axiom and what bourbaki axioms?
[Tue Mar 25 06:43:55 2014] <roosbeef> how do i make coq abstract over details?
[Tue Mar 25 06:44:16 2014] <roosbeef> for example i have this goal: fl_Lt (FrenchLetter a grave) (FrenchLetter a acute)
[Tue Mar 25 06:44:29 2014] <roosbeef> and i have this assumption H : fl_Lt (FrenchLetter a acute) (FrenchLetter a grave)
[Tue Mar 25 06:44:42 2014] <roosbeef> 'grave' and 'acute' are irrelevant for this proof
[Tue Mar 25 06:45:17 2014] <roosbeef> yet coq sees this assumption as unfitting to solve the goal (even though it is)
[Tue Mar 25 07:05:09 2014] <roosbeef> nevermind wrote a lemma :p
[Tue Mar 25 07:05:20 2014] <roosbeef> (to rewrite one into the other)
[Tue Mar 25 07:07:34 2014] <roosbeef> brb
[Tue Mar 25 08:29:39 2014] <roosbeef> im working on this well foundedness proof that should be quite trivial
[Tue Mar 25 08:30:10 2014] <roosbeef> but using the wrong tactics i think
[Tue Mar 25 08:30:18 2014] <roosbeef> anyone care to give a slight push in the right direction?
[Tue Mar 25 08:44:05 2014] <roosbeef> nm think i got it :)
[Tue Mar 25 12:46:47 2014] <schoppenhauer> hello. http://lpaste.net/3760098886731956224 ← "Error: The reference lt_zero_one was not found in the current environment." ← what am I doing wrong?
[Tue Mar 25 12:54:36 2014] <BmoreDaniel> schoppenhauer: You need to finish that theorem with Qed.
[Tue Mar 25 12:55:09 2014] <Hodapp> There's something kind of ironic about someone named Schoppenhauer forgetting the "Qed." at the end.
[Tue Mar 25 12:55:12 2014] <Hodapp> * flees
[Tue Mar 25 12:55:30 2014] <schoppenhauer> hm. i tried "qed."
[Tue Mar 25 12:55:40 2014] <schoppenhauer> didnt expect it to be capital
[Tue Mar 25 12:56:04 2014] <schoppenhauer> kthx!
[Tue Mar 25 13:22:18 2014] <schoppenhauer> is it possible to have "anonymous theorems"?
[Tue Mar 25 13:23:46 2014] <jgross_> schoppenhauer: Are you looking for the [abstract] tactic, or the [Goal] vernacular command? 
[Tue Mar 25 13:35:49 2014] <schoppenhauer> jgross_: probably #1, but ... I just want to be able to have a proof term inside a "normal" term (like I would in Agda).
[Tue Mar 25 13:38:30 2014] <schoppenhauer> hm. ok, more important question: is there in the stdlib some definition for "guarded" subtraction, that is, subtraction n - m that requires one to provide n <= m?
[Tue Mar 25 13:39:47 2014] <ianjneu> schoppenhauer: maybe you're looking for cut
[Tue Mar 25 13:40:07 2014] <ianjneu> for your first question
[Tue Mar 25 13:41:05 2014] <ianjneu> What would you want guarded subtraction to look like, other than just be an alias for subtraction with a dummy argument?
[Tue Mar 25 13:41:55 2014] <schoppenhauer> ianjneu: subtraction on natural numbers n - m is only possible if n <= m
[Tue Mar 25 13:42:37 2014] <ianjneu> not when pred 0 = 0, which is what it's defined to be.
[Tue Mar 25 13:42:57 2014] <schoppenhauer> wut?
[Tue Mar 25 13:43:00 2014] <schoppenhauer> ah.
[Tue Mar 25 13:43:10 2014] <schoppenhauer> well, that is not what I want.
[Tue Mar 25 13:43:34 2014] <schoppenhauer> it is a lot harder to prove properties about this.
[Tue Mar 25 13:44:06 2014] <ianjneu> nah, you just have to use the right library theorems, or the omega tactic.
[Tue Mar 25 15:21:57 2014] <kini> there's a special name for types of the form { foo | bar }, right? what is that name again?
[Tue Mar 25 15:22:23 2014] <ianjneu> kini: do you mean {x : A & P x} ?
[Tue Mar 25 15:22:46 2014] <ianjneu> they're sigma types, but in that notation they're sometimes called, "subset types"
[Tue Mar 25 15:23:18 2014] <kini> hmm, what's the difference between & and | there?
[Tue Mar 25 15:24:18 2014] <ianjneu> I don't know about the { foo | bar } notation, except informally in mathematics, which denotes to what I discussed.
[Tue Mar 25 15:25:09 2014] <ystael> kini: | is used for the sig type family, where the condition P x is required to live in Prop; & for sigT, where P x lives in Type.
[Tue Mar 25 15:25:10 2014] <kini> well, coq accepts both and prints them out differently...
[Tue Mar 25 15:25:17 2014] <ystael> see Coq.Init.Specif
[Tue Mar 25 15:25:24 2014] <ianjneu> ystael: ah
[Tue Mar 25 15:25:35 2014] <kini> Check ({z : nat & z = 0}, {z : nat | z = 0}).
[Tue Mar 25 15:25:35 2014] <kini> ({z : nat & z = 0}, {z : nat | z = 0}) : Set * Set
[Tue Mar 25 15:25:48 2014] <kini> ystael: aha, thanks
[Tue Mar 25 15:27:30 2014] <kini> I still don't really understand the difference between Type, Set, and Prop. I guess I should read Coq'Art...
[Tue Mar 25 15:29:32 2014] <ianjneu> I'm pretty sure Set should be deprecated, since it really stands for Type_0, but it can't be interpreted with typical ambiguity.
[Tue Mar 25 15:30:41 2014] <ianjneu> Type has a predicative tower for "large" types, and Prop doesn't allow any destruction of Props except to create Props. It makes sure values never depend on proofs so that they can be dropped during extraction.
[Tue Mar 25 15:30:57 2014] <ianjneu> They're also impredicative
[Tue Mar 25 19:14:41 2014] <schoppenhauer> is there a substantal difference between Lemma and Theorem?
[Tue Mar 25 19:14:57 2014] <jrw> schoppenhauer: no
[Tue Mar 25 19:16:10 2014] <schoppenhauer> thx.
[Tue Mar 25 19:16:55 2014] <ianjneu> schoppenhauer: don't forget about Remark :P
[Tue Mar 25 19:21:44 2014] <ianjneu> Can anyone with access to a better subscription to Elsevier get me a copy of "A note on linear time simulation of deterministic two-way pushdown automata" by Neil Jones?
[Tue Mar 25 19:22:11 2014] <ianjneu> Fucking paywalls are a detriment to science.
[Tue Mar 25 19:22:28 2014] <ezyang> http://ojs.statsbiblioteket.dk/index.php/daimipb/article/viewFile/6492/5611 ?
[Tue Mar 25 19:22:59 2014] <ianjneu> ezyang: many thanks.
[Tue Mar 25 19:32:35 2014] <schoppenhauer> hello.
[Tue Mar 25 19:32:43 2014] <schoppenhauer> hm.
[Tue Mar 25 19:32:53 2014] <schoppenhauer> http://lpaste.net/5523438529473937408 can please somebody help me, I am totally stuck.
[Tue Mar 25 19:34:26 2014] <jrw> schoppenhauer: what have you tried?
[Tue Mar 25 19:35:51 2014] <schoppenhauer> jrw: actually, this is pretty much the problem I extracted from something bigger.
[Tue Mar 25 19:36:03 2014] <schoppenhauer> jrw: I try to do induction on all variables.
[Tue Mar 25 19:36:21 2014] <schoppenhauer> and come to a subgoal "False" from "H : lex (true :: nil) nil"
[Tue Mar 25 19:36:59 2014] <schoppenhauer> this H can obviously not occur
[Tue Mar 25 19:37:08 2014] <schoppenhauer> by inversion.
[Tue Mar 25 19:37:12 2014] <schoppenhauer> for example.
[Tue Mar 25 19:37:18 2014] <jrw> right. so if you do inversion what happens?
[Tue Mar 25 19:39:15 2014] <schoppenhauer> it works -.-
[Tue Mar 25 19:39:20 2014] <schoppenhauer> sorry
[Tue Mar 25 19:39:34 2014] <schoppenhauer> its late and I took a lot of pills against my headache :/
[Tue Mar 25 19:39:41 2014] <schoppenhauer> jrw: thank you!
[Tue Mar 25 19:40:07 2014] <jrw> np
[Tue Mar 25 20:05:29 2014] <hcp_> hi! Does anyone know of a parser generator that generates Coq parsing code?
[Tue Mar 25 20:06:16 2014] <hcp_> The furthest i got was with one called Menhir, but it is undocumented and the code it generates seems to depend on modules it does not generate.
[Tue Mar 25 22:56:08 2014] <ollehar> anyone here?
[Tue Mar 25 23:22:04 2014] <ianjneu> nope.
[Wed Mar 26 16:02:18 2014] <roosbeef> how do i prove transitivity of a relation without having to go by every single combination of elements?
[Wed Mar 26 16:02:22 2014] <roosbeef> https://privatepaste.com/3a4d30aa26
[Wed Mar 26 16:02:30 2014] <carter> induction?
[Wed Mar 26 16:02:46 2014] <carter> * ducks
[Wed Mar 26 16:03:22 2014] <roosbeef> my bad, https://privatepaste.com/b698f7c8a7
[Wed Mar 26 16:03:38 2014] <carter> looks the same :)
[Wed Mar 26 16:38:07 2014] <roosbeef> anyone?
[Wed Mar 26 16:40:54 2014] <roosbeef> carter: its a trivial inductive type
[Wed Mar 26 16:40:59 2014] <carter> :)
[Wed Mar 26 16:41:09 2014] <carter> i'm rusty wrt coq
[Wed Mar 26 16:47:53 2014] <roosbeef> got it! :))
[Wed Mar 26 16:48:03 2014] <roosbeef> now i can go home
[Wed Mar 26 16:48:07 2014] <roosbeef> <3
[Fri Mar 28 08:07:33 2014] <ianjneu> Hodapp: how goes?
[Fri Mar 28 08:07:46 2014] <Hodapp> mostly nowhere!
[Fri Mar 28 08:08:23 2014] <Hodapp> not too familiar at dealing with the existentials
[Fri Mar 28 08:10:00 2014] <ianjneu> invert existential hypotheses to get hold of a witness, and use exists w to give a witness w.
[Fri Mar 28 08:10:05 2014] <ianjneu> pretty much handles it.
[Fri Mar 28 08:15:22 2014] <ianjneu> I proved it by induction on l with no lemmas.
[Fri Mar 28 08:16:38 2014] <ianjneu> If you get stuck http://lpaste.net/3266009989348589568
[Fri Mar 28 08:22:42 2014] <Hodapp> hmm, I was just pondering inverting the existential, but hadn't tried it yet
[Fri Mar 28 09:45:51 2014] <ianjneu> Hodapp: how's it coming?
[Fri Mar 28 10:21:13 2014] <Hodapp> ianjneu: I'm at work now, thus no progress :P
[Fri Mar 28 10:25:28 2014] <ianjneu> ah
[Fri Mar 28 10:25:32 2014] <ianjneu> where's work?
[Fri Mar 28 10:36:25 2014] <roosbeef> im trying to prove wellfoundedness of an order between strings
[Fri Mar 28 10:36:32 2014] <roosbeef> this is done by means of induction, right?
[Fri Mar 28 10:43:12 2014] <ianjneu> still on that, huh?
[Fri Mar 28 10:43:50 2014] <ianjneu> b
[Fri Mar 28 10:44:15 2014] <roosbeef> haha yep
[Fri Mar 28 10:45:00 2014] <roosbeef> i did prove wellfoundedness of the same order between letters (of which the string is composed)
[Fri Mar 28 10:46:03 2014] <ianjneu> :/
[Fri Mar 28 10:46:31 2014] <ianjneu> have you proven lt strict?
[Fri Mar 28 10:46:58 2014] <roosbeef> what do you mean by strict?
[Fri Mar 28 10:48:07 2014] <Hodapp> ianjneu: design engineer at a startup, or something like that
[Fri Mar 28 10:49:43 2014] <ianjneu> roosbeef: irreflexive and transitive. As in the type constructor StrictOrder. I found that irreflexivity at least will probably be needed.
[Fri Mar 28 10:49:54 2014] <roosbeef> ah
[Fri Mar 28 10:49:56 2014] <roosbeef> yes i did
[Fri Mar 28 10:50:10 2014] <roosbeef> wait actually i proved reflexive and transitive
[Fri Mar 28 10:50:33 2014] <roosbeef> i want to use an order from CoLoR called VLPO
[Fri Mar 28 10:50:34 2014] <ianjneu> lt should not be reflexive.
[Fri Mar 28 10:50:36 2014] <ianjneu> le will be.
[Fri Mar 28 10:50:41 2014] <roosbeef> yea ive used le
[Fri Mar 28 10:50:48 2014] <roosbeef> it requires a preorder
[Fri Mar 28 10:50:49 2014] <ianjneu> again le is not wellfounded.
[Fri Mar 28 10:51:21 2014] <roosbeef> heres an example of the order: http://gallium.inria.fr/~fpottier/ssphs/MyLPO.html
[Fri Mar 28 10:51:40 2014] <roosbeef> le doesnt have to be proven wellfounded
[Fri Mar 28 10:51:43 2014] <roosbeef> only lt
[Fri Mar 28 10:54:29 2014] <roosbeef> so i did get to a working lt_lpo
[Fri Mar 28 10:54:37 2014] <roosbeef> but it was with letters not strings
[Fri Mar 28 16:30:30 2014] <cbkg11> Hey guys. I have trouble with cons defined in Coq.Init.Datatypes. "Compute cons." gives "fun (A : Type) (x : A) (x0 : list A) => x :: x0", but "Compute (cons nat)" yields "fun x : list Set => nat :: x", where I was expecting something like "fun (x : nat) (x0 : list nat) => x :: x0". Can someone explain this behaviour?
[Fri Mar 28 16:34:22 2014] <ystael> cbkg11: A is an implicit argument to cons.  Does `Compute (@cons nat)` give you what you expect?
[Fri Mar 28 16:35:59 2014] <cbkg11> Yes, it does indeed. Do you have some reference to the documentation of @ or an identifier I can search for?
[Fri Mar 28 16:36:47 2014] <ystael> cbkg11: @ maximally de-implicitifies an application: http://coq.inria.fr/refman/Reference-Manual004.html#hevea_default136
[Fri Mar 28 16:37:10 2014] <ystael> You could instead say `Compute (cons (A := nat))`
[Fri Mar 28 16:37:34 2014] <cbkg11> I see, good to know. Thank you!
[Fri Mar 28 16:37:39 2014] <ystael> np, good luck
[Fri Mar 28 16:59:09 2014] <Cale> I really wish that Coq had syntax which made it apparent in all cases when parameters were implicit
[Fri Mar 28 16:59:16 2014] <Cale> You can't really tell from the types sometimes
[Fri Mar 28 18:08:19 2014] <Anarchos> Cale put an @ in front of the name of the term you want the full type (with implicit parameters made explicit)
[Fri Mar 28 18:09:01 2014] <Cale> Anarchos: Well, that's fine, but it's not what I want :)
[Fri Mar 28 18:09:22 2014] <Cale> Anarchos: I want a type signature which somehow represents syntactically which of the parameters are implicit.
[Fri Mar 28 18:10:38 2014] <Cale> Similarly, in cbkg11's example, the fun term which was printed was unable to indicate which parameters there were implicit.
[Fri Mar 28 18:11:32 2014] <Cale> It would be nice if  fun {A : Type} (x : A) (x0 : list A) => x :: x0  were valid syntax, so that this would be clear
[Fri Mar 28 18:12:03 2014] <Cale> Oh, apparently it even is
[Fri Mar 28 18:12:43 2014] <Cale> But Coq chose not to use that syntax to represent the fact that the parameter was implicit.
[Fri Mar 28 18:13:11 2014] <Cale> In other cases, especially in type signatures, it's harder to express that certain parameters are implicit.
[Sat Mar 29 18:20:27 2014] <ollehar> Qeq return Prop. Can it return bool?
[Sat Mar 29 18:36:42 2014] <ollehar> nm
[Sun Mar 30 08:52:34 2014] <cbkg11> Hi guys, can someone explain how I can use Reverse_Induction from Coq.Lists.List to do induction on a reversed list?
[Sun Mar 30 09:29:35 2014] <notdan> w 27
[Sun Mar 30 09:29:41 2014] <notdan> oops, sorry
[Sun Mar 30 09:41:54 2014] <Hodapp> looking at http://www.cis.upenn.edu/~bcpierce/sf/ProofObjects.html#lab237 and writing the proof object directly
[Sun Mar 30 09:42:08 2014] <Hodapp> and I can't exactly figure out why this is not valid: Definition b_times2': forall n, beautiful n -> beautiful (2*n) := forall n, forall H, b_sum n n H H.
[Sun Mar 30 09:44:13 2014] <ijp> because coq doesn't know that (H + H) there is the same as (2 * H)
[Sun Mar 30 09:45:25 2014] <ijp> as far as it is concerned, 2 * x is 2 + (2 + 0)
[Sun Mar 30 09:46:19 2014] <Hodapp> I was looking at that and for writing it as a 'proof object' I've no idea how to express that as it's only just here the text has shown proofs of this form...
[Sun Mar 30 09:46:53 2014] <Hodapp> but I made a lemma, beautiful (n+n) -> beautiful(2*n), and attempted to wrap it in that, but to the same error
[Sun Mar 30 09:47:47 2014] <ijp> when giving evidence for the right branch, supply the proof that H is H + 0
[Sun Mar 30 09:48:09 2014] <ijp> which is simply another b_sum
[Sun Mar 30 09:51:22 2014] <Hodapp> I'm still getting it complaining that the whole object has type "beautiful (2*n)" which should be Set, Prop, or Type
[Sun Mar 30 09:51:57 2014] <Hodapp> and I get that whether the right branch of the outer b_sum has proof that H is H+0 or not
[Sun Mar 30 09:53:39 2014] <ijp> Hodapp: oh right, you should also change the second n to reflect the new evidence
[Sun Mar 30 09:53:53 2014] <ijp> or just use _
[Sun Mar 30 09:57:14 2014] <Hodapp> I'm to:  Definition b_times2': forall n, beautiful n -> beautiful (2*n) := forall n, forall H, b_sum n _ H (b_sum n 0 H b_0).
[Sun Mar 30 09:57:40 2014] <Hodapp> which still complains that it has type 'beautiful (n + (n + 0))' which should be Set, Prop or Type
[Sun Mar 30 09:58:19 2014] <Hodapp> trying to grok what that error even means...
[Sun Mar 30 09:58:36 2014] <Hodapp> or what solution the text was going for here
[Sun Mar 30 09:59:19 2014] <ijp> oh right, it's because you are using forall
[Sun Mar 30 10:00:10 2014] <Hodapp> not sure how else I'm meant to do it
[Sun Mar 30 10:02:48 2014] <ijp> Hodapp: we generalise propositions with forall, we generalise code with ....
[Sun Mar 30 10:03:50 2014] <Hodapp> the textbook appears to generalize code with forall.
[Sun Mar 30 10:04:09 2014] <ijp> look up to the definition of b_plus3'
[Sun Mar 30 10:04:23 2014] <ijp> same section as the exercise you are doing
[Sun Mar 30 10:05:49 2014] <Hodapp> oh... so the expectation was writing a function.
[Sun Mar 30 10:07:14 2014] <ijp> yes. if propositions correspond to types, then implications correspond to function types
[Sun Mar 30 10:07:39 2014] <ijp> so you supply a function as evidence
[Sun Mar 30 10:11:26 2014] <Hodapp> hmmm... was confused because [Check b_plus3'] and [Check b_plus3''] both gave the same thing so I wasn't aware there was a fundamental difference
[Sun Mar 30 19:54:20 2014] <Hodapp> "The term "beautiful n" has type "Prop" while it is expected to have type "beautiful n"."
[Sun Mar 30 19:54:25 2014] <Hodapp> errrrm... well, okay then...
[Sun Mar 30 20:26:49 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/ProofObjects.html#lab241 I could see easily how to do this if it were beautiful n -> gorgeous n, or gorgeous n -> beautiful n, but the <-> is throwing me for a loop.
[Sun Mar 30 20:28:50 2014] <Hodapp> it looks like I need to use 'iff' somehow to give evidence, and I'm confused as to how
[Sun Mar 30 20:28:58 2014] <ianjneu> eh?
[Sun Mar 30 20:29:11 2014] <ianjneu> split and do each case separately
[Sun Mar 30 20:29:37 2014] <Hodapp> they want a proof object, not tactics
[Sun Mar 30 20:29:42 2014] <Hodapp> can I use split there?
[Sun Mar 30 20:30:34 2014] <ianjneu> conj proof_obj1 proof_obj2
[Sun Mar 30 20:32:11 2014] <Hodapp> that's one thing I'm trying, but still getting errors I don't really comprehend.
[Sun Mar 30 20:32:31 2014] <Hodapp> presently trying "fun (n : nat) => conj (beautiful__gorgeous n) (gorgeous__beautiful n)"
[Sun Mar 30 20:34:41 2014] <Hodapp> if I need (P -> Q) /\ (Q -> P) to give evidence for iff, it looks to me like 'beautiful__gorgeous n' should supply the (P -> Q) but clearly I'm not getting something here
[Sun Mar 30 20:36:24 2014] <ianjneu> dunno what to tell you without more info.
[Sun Mar 30 20:38:10 2014] <Hodapp> http://lpaste.net/6742821582084767744 . . . it's just the question I linked to.
[Sun Mar 30 20:39:15 2014] <Hodapp> ack, forgot two theorems it refers to. http://lpaste.net/102034
[Sun Mar 30 20:41:19 2014] <ianjneu> and the error is what?
[Sun Mar 30 20:42:06 2014] <Hodapp> The term "beautiful__gorgeous n" has type "beautiful n -> gorgeous n" while it is expected to have type "Prop".
[Sun Mar 30 20:43:24 2014] <ianjneu> I suppose you don't have Set Implicit Arguments. Try conj _ _ object1 object2.
[Sun Mar 30 20:44:25 2014] <Hodapp> ahh, that did it
[Sun Mar 30 20:46:54 2014] <Hodapp> if I kept trying to do it with 'iff' would that have led anywhere?
[Sun Mar 30 20:47:57 2014] <ianjneu> "do it with iff" means what?
[Sun Mar 30 20:51:35 2014] <Hodapp> they use: Definition iff (P Q : Prop) := (P -> Q) /\ (Q -> P).
[Sun Mar 30 20:52:05 2014] <Hodapp> so I guess, using that to provide evidence for the <->
[Sun Mar 30 20:52:17 2014] <Hodapp> which I guess is what conj is doing anyhow
[Sun Mar 30 20:57:20 2014] <anderslundstedt> is there way to name the introduced variables when using "dependent induction"? e.g. as one uses "induction as [...]"? http://pastebin.com/TtB6uUmf
[Sun Mar 30 21:07:13 2014] <ianjneu> anderslundstedt: nope. It also uses JMeq if you're unaware of any introduced axiom dependencies
[Mon Mar 31 10:31:59 2014] <schoppenhauer> hello. does coq have a "literal mode", like agda/haskell, etc.?
[Mon Mar 31 12:32:57 2014] <Hodapp> schoppenhauer: what is 'literal mode'?
[Mon Mar 31 13:20:53 2014] <Saizan> literate mode, actualy
[Mon Mar 31 14:06:27 2014] <willy_> hello
[Mon Mar 31 14:07:07 2014] <willy_> i have a newbie problem:
[Mon Mar 31 14:07:10 2014] <willy_> Error: Impossible to unify
[Mon Mar 31 14:07:10 2014] <willy_>  "(derivable f1 x /\ derivable f2 x) /\
[Mon Mar 31 14:07:10 2014] <willy_>   (exists x : R, interp f2 x < 0) /\ (exists x : R, interp f2 x > 0)" with
[Mon Mar 31 14:07:10 2014] <willy_>  "interp f2 x <> 0".
[Mon Mar 31 14:10:56 2014] <willy_> i write                     (and (exists x:R, Rlt (interp ed x) 0) (exists x:R, Rgt (interp ed x) 0))   for meaning that (interp x) must be different of zero
[Mon Mar 31 14:11:20 2014] <willy_> did i do mistake ?
[Mon Mar 31 14:12:45 2014] <jrw> willy_: if you paste your code somewhere I can look at it.
[Mon Mar 31 14:20:03 2014] <willy_> jrw, mp, is personal project
[Mon Mar 31 14:21:15 2014] <jrw> willy_: so first of all your "fonction" type is uninhabited
[Mon Mar 31 14:52:12 2014] <schoppenhauer> Yes, literate mode.
[Mon Mar 31 15:05:15 2014] <schoppenhauer> what do I have to import to get integer division? ("/")
[Mon Mar 31 15:05:27 2014] <schoppenhauer> There is http://coq.inria.fr/distrib/V8.4/stdlib/Coq.Numbers.Natural.Abstract.NDiv.html, but it is not sufficient.
[Mon Mar 31 15:52:34 2014] <schoppenhauer> noone?
[Mon Mar 31 15:52:55 2014] <ianjneu> I don't do integer division in Coq, heh.
[Mon Mar 31 15:53:26 2014] <ianjneu> Coq doesn't have anything about Euclidean domains?
[Mon Mar 31 15:54:03 2014] <schoppenhauer> it *has* packages which use division ... I just cannot import them ...
[Mon Mar 31 15:56:39 2014] <ianjneu> Require Import NPeano.
[Mon Mar 31 15:57:58 2014] <ianjneu> I tried it. It works.
[Mon Mar 31 16:00:41 2014] <schoppenhauer> seems so, thanks.
[Mon Mar 31 16:15:57 2014] <Rc43> Hello.
[Mon Mar 31 16:16:20 2014] <Rc43> Can I easily treat Set or Type values as Prop without lots of modification?
[Mon Mar 31 16:16:46 2014] <Rc43> Currently I can do it, but I need to replace "P x" with "exists _ : P x" and fix some proofs.
[Mon Mar 31 16:16:51 2014] <Rc43> Not very convinient.
[Mon Mar 31 16:17:23 2014] <Rc43> Ah, even "exists _ : P x, True".
[Mon Mar 31 16:20:31 2014] <ianjneu> You can make "P x" into "Propify (P x)": Make an inductive type Inductive Propify : A -> Prop := propify : forall (A : Type), A -> Propify A.
[Mon Mar 31 16:21:31 2014] <Rc43> Ye, but tactics don't know about Propify, so I still need to fix proofs.
[Mon Mar 31 16:32:50 2014] <schoppenhauer> is there n=n/1 proved anywhere?
[Mon Mar 31 16:33:29 2014] <Rc43> Wrapping intro inductive is inconvinient, because in proofs I need to inversion hypothesis with such wrapper, I can't just write "exact (H H1 H2 (H3 H4))", only "remember (H3 H4) as H5; inversion H5 as H5'; ...".
[Mon Mar 31 16:43:30 2014] <ianjneu> Rc43: you can make a coercion rule.
[Mon Mar 31 16:44:16 2014] <ianjneu> schoppenhauer: SearchAbout div. You'll find Nat.div_1_r.
[Mon Mar 31 16:45:57 2014] <schoppenhauer> ianjneu: thx!
[Mon Mar 31 17:09:23 2014] <Rc43> ianjneu, ah, ok; never used coercions, will look at it.
[Mon Mar 31 17:32:29 2014] <Rc43> Why proof irrelevance gives restriction with matching on Prop values?
[Mon Mar 31 17:33:04 2014] <Rc43> Ah, forget; I already understood :)
[Mon Mar 31 17:43:02 2014] <Ptival> because the proof has to be irrelevant? :)
[Mon Mar 31 17:43:48 2014] <ianjneu> And now unward to proof parametricity
[Mon Mar 31 17:49:36 2014] <Rc43> Ptival, no, I meant other: why I am restricted if I don't care about determinancy of my Set result. But answer is that we have "functional" programming, where every function must return the same answer every time on same parameters.
[Mon Mar 31 17:54:05 2014] <Ptival> hmmm I'm unsure this makes sense
[Mon Mar 31 21:09:20 2014] <Hodapp> mind = blown.
[Mon Mar 31 21:09:30 2014] <Hodapp> 'induction' is just a wrapper around 'apply t_ind'.
[Mon Mar 31 21:44:16 2014] <jrw> Hodapp: did you also know that you can define t_ind yourself? that was mind blowing for me.
[Mon Mar 31 21:53:18 2014] <Hodapp> NOOOOO SHUTUP
[Mon Mar 31 22:11:52 2014] <jrw> :D
[Tue Apr  1 07:45:18 2014] <sendak.freenode.net> [freenode-info] channel flooding and no channel staff around to help? Please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Tue Apr  1 08:27:20 2014] <schoppenhauer> hello. I wnat to make a case-distinction between c<a and c>=a for natural a and c. this should be decidable. but how do I do this case distinction?
[Tue Apr  1 11:18:16 2014] <Ptival> schoppenhauer: Arith contains a lt_dec
[Tue Apr  1 12:50:52 2014] <schoppenhauer> Ptival: thx.
[Tue Apr  1 20:15:02 2014] <ollehar> how to remove a definition, to re-state it?
[Tue Apr  1 21:28:25 2014] <SrPx_> Hello (cross post from agda), are coq terms total, and is there an open specification/report for coq such as R5RS?
[Tue Apr  1 22:41:12 2014] <ianjneu> SrPx: The functions are total, assuming you don't admit a proof of wellfoundedness (in the case of, say, a Program Fixpoint).
[Tue Apr  1 22:41:42 2014] <ianjneu> Terms aren't total. That doesn't make sense.
[Tue Apr  1 22:42:08 2014] <ianjneu> As for a spec, I doubt there is one.
[Tue Apr  1 23:38:48 2014] <Rc43> Hello.
[Tue Apr  1 23:39:38 2014] <Rc43> Is there tactic for multiple rewrite?
[Tue Apr  1 23:49:05 2014] <ianjneu> Rc43: de n rewrite?
[Tue Apr  1 23:50:20 2014] <ianjneu> or rewrite H,H',<- H'',H''' (etc)
[Wed Apr  2 00:04:31 2014] <Rc43> ianjneu, second answer appropriates, thanks
[Wed Apr  2 00:04:55 2014] <Rc43> ianjneu, as for the first -- what is syntax? coq website seemd to be down currently =/
[Wed Apr  2 00:08:49 2014] <Rc43> Also, if I have hypothesis "[match something with | first => Some x | second => None end] = [Some y]", how to convert it to "x = y"?
[Wed Apr  2 00:08:51 2014] <Rc43> Plain inversion can't do it.
[Wed Apr  2 00:09:00 2014] <Rc43> Need I implement my own tactic?
[Wed Apr  2 00:09:37 2014] <Rc43> I can destruct on "something", but in my case it is pretty big and can be different.
[Wed Apr  2 00:12:21 2014] <Rc43> ianjneu, seems you have meant "do"; I found that in tactics list, didn't know about it.
[Wed Apr  2 02:23:22 2014] <gdsfh> Rc43: "Ltac eq_some := match goal with H : match ?a with first => _ | second => _ end = Some ?b |- _ => destruct a end."  Fresh coq versions might accept "Ltac eq_some := match goal with H : match ?a with _ end = Some ?b |- _ => destruct a end.".
[Wed Apr  2 02:26:14 2014] <knarr> Hey, sinc coq.inria.fr seems to be down (at least from my computer) does anyone know an alternative reference for structures or would be willing to explain them to me briefly?
[Wed Apr  2 02:46:06 2014] <Rc43> gdfsh, can I construct something similar for arbitrary inductive?
[Wed Apr  2 02:46:23 2014] <Rc43> gdfsh, or I need sort of reflection for that?
[Wed Apr  2 03:10:49 2014] <Rc43> Also, would be useful tactic or lemma for record types: [match x with {| field1 := y; field2 := z |} => f y z end] -> [f (field1 x) (field2 x)].
[Wed Apr  2 03:17:48 2014] <Rc43> Though such lemma seems to be easily provable...
[Wed Apr  2 05:30:25 2014] <Rc43> Is it ok if my proof cannot be checked at Qed stage in 5 minutes?
[Wed Apr  2 05:30:31 2014] <Rc43> It isn't very large.
[Wed Apr  2 05:33:28 2014] <Rc43> Can it be because of hypothesis, which I introduced with "assert (<something>) by admit."?
[Wed Apr  2 05:44:48 2014] <gdsfh> Rc43: "inversion" and "omega" generate large proof terms usually.  Also think about "abstract" tactic, it may appear useful here.
[Wed Apr  2 08:22:13 2014] <schoppenhauer> hello. I have the following definition: http://lpaste.net/7906967588582719488 - it complains that "inv" has type "m < 2 ^ n" while it is expected to have type "m < 2 ^ S n'". But in this case, n = S n'.
[Wed Apr  2 08:42:11 2014] <sgnb> schoppenhauer: there is a problem in your code; I've tried to fix it but there is a true logical issue
[Wed Apr  2 08:42:26 2014] <sgnb> (same place)
[Wed Apr  2 08:43:43 2014] <schoppenhauer> sgnb: what logical issue?
[Wed Apr  2 08:44:17 2014] <sgnb> I get "The term "from_msb_helper1 m n' inv0" has type "m - 2 ^ n' * (m / 2 ^ n') < 2 ^ n'" while it is expected to have type "n' < 2 ^ (m - 2 ^ n' * (m / 2 ^ n'))".
[Wed Apr  2 08:45:10 2014] <sgnb> schoppenhauer: replacing "inv" by "_" in your original code (+ fixing parentheses) show the issue
[Wed Apr  2 08:46:45 2014] <schoppenhauer> sgnb: ah ... exchanging the arguments n' and (m-(pow 2 n')*(m/(pow 2 n'))) in the recursive call results in no error with your code.
[Wed Apr  2 08:47:20 2014] <sgnb> ok, I didn't think a lot on that...
[Wed Apr  2 08:48:22 2014] <sgnb> schoppenhauer: you might be interested by Program, though... http://coq.inria.fr/distrib/current/refman/Reference-Manual026.html
[Wed Apr  2 08:49:17 2014] <schoppenhauer> thx.
[Wed Apr  2 08:50:34 2014] <schoppenhauer> sgnb: hm ... what does "end inv" actually do?
[Wed Apr  2 08:51:25 2014] <sgnb> schoppenhauer: "end" finishes the "match", which defines a function which is applied to "inv"
[Wed Apr  2 08:52:45 2014] <sgnb> (inv has different types "inside" and "outside" the match)
[Wed Apr  2 08:53:39 2014] <sgnb> Program would hide this kind of details
[Wed Apr  2 08:54:16 2014] <schoppenhauer> ok thx.
[Wed Apr  2 10:35:29 2014] <roosbeef> how do i use list2multiset from http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetTheory.html
[Wed Apr  2 10:36:25 2014] <roosbeef> coq says its not found in current environment even though i did import CoLoR.Util.Multiset.MultisetTheory
[Wed Apr  2 10:58:30 2014] <roosbeef> brb
[Wed Apr  2 16:15:09 2014] <roosbeef> why cant i use the function list2multiset from this library when i import it: http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetTheory.html
[Wed Apr  2 16:19:13 2014] <roosbeef> is there something im overlooking?
[Wed Apr  2 18:06:52 2014] <jgross> [Multiset] is a functor; you need to give it a [MultisetCore] argument to turn it into a module, and then import that module. 
[Wed Apr  2 18:07:38 2014] <jgross> roosbeef: ^ 
[Thu Apr  3 00:05:32 2014] <shergill> ezyang_: do you plan to update coq with mtac to coq 8.4pl3?
[Thu Apr  3 02:03:37 2014] <ezyang_> shergill: Yeah, I can do that, I just have to do it ^_^
[Thu Apr  3 02:36:03 2014] <ezyang_> shergill: Well, I don't know if Beta has tested it with coq 8.4pl3
[Thu Apr  3 03:11:17 2014] <roosbeef> do i need to do something special to use the function list2multiset from http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetTheory.html ?
[Thu Apr  3 03:11:50 2014] <roosbeef> coq keeps telling me it cannot find the function in the current environment even though i did import that lib
[Thu Apr  3 06:04:17 2014] <robbert> roosbeef: reposting a question multiple times a day, without any other posts in between, is not done... Please don't do that.
[Thu Apr  3 06:04:28 2014] <robbert> Anyway, to answer your question, that function is in a module.
[Thu Apr  3 06:26:01 2014] <roosbeef> my bad.. i am aware of netiquette, thought a few hours in between would be ok. I wont do that again sorry
[Thu Apr  3 06:27:26 2014] <roosbeef> so do i need to create an instance of the module to call the function?
[Thu Apr  3 06:32:49 2014] <roosbeef> nevermind ill check this tutorial http://coq.inria.fr/cocorico/ModuleSystemTutorial
[Thu Apr  3 06:33:00 2014] <roosbeef> thanks :)
[Thu Apr  3 08:28:11 2014] <schoppenhauer> in agda, it is possible to just write ? somehwere when you want to provide a correctly-typed term later. (how) can this be done in coq? admit and Admitted only work inside proofs.
[Thu Apr  3 08:29:16 2014] <gdsfh> schoppenhauer: use "refine" tactic instead of directly written term, mark holes with "_".
[Thu Apr  3 08:31:59 2014] <schoppenhauer> gdsfh: but it is a function and not a theorem.
[Thu Apr  3 08:33:38 2014] <gdsfh> schoppenhauer: no big differences.  Definition succ (n : nat) : nat. refine (S n). Defined.
[Thu Apr  3 08:35:52 2014] <schoppenhauer> gdsfh: so I just write "Admitted" after "refine (...)"?
[Thu Apr  3 08:37:04 2014] <gdsfh> "refine (...); admit." would work.
[Thu Apr  3 08:38:48 2014] <schoppenhauer> thx.
[Thu Apr  3 08:38:51 2014] <schoppenhauer> works.
[Thu Apr  3 08:45:07 2014] <chris2> is there a ssreflect idiom for move=> H; apply H.?
[Thu Apr  3 08:46:11 2014] <chris2> ah, exact if its done then
[Thu Apr  3 09:56:36 2014] <roosbeef> how do i use modules
[Thu Apr  3 09:57:08 2014] <roosbeef> i feel like a total idiot for not understanding this because ive been trying tutorials and what not
[Thu Apr  3 10:06:49 2014] <roosbeef> brb
[Thu Apr  3 11:33:54 2014] <shergill> ezyang_: gotcha. what would the 'test' entail? building it and seeing? or ensuring that updates in pl3 (not sure what they are specifically) interact nicely with mtac manually?
[Fri Apr  4 01:07:37 2014] <mortberg> chris2: try with only writing "apply"
[Fri Apr  4 01:10:40 2014] <mortberg> it should work as "move=> H; apply: H" just pop and push H on the "stack" and then use apply
[Fri Apr  4 10:25:26 2014] <roosbeef> what does this mean?
[Fri Apr  4 10:25:32 2014] <roosbeef> The term "fs" has type "list fletter" while it is expected to have type "list Eq.A".
[Fri Apr  4 10:25:43 2014] <roosbeef> whats Eq.A?
[Fri Apr  4 10:28:19 2014] <Cale> Maybe try something like  Print Eq.A
[Fri Apr  4 10:29:25 2014] <roosbeef> *** [ Eq.A : Type ]
[Fri Apr  4 10:29:54 2014] <Cale> okay, so that doesn't tell us much :)
[Fri Apr  4 10:30:14 2014] <Cale> Do you know where the Eq module might be defined?
[Fri Apr  4 10:30:36 2014] <Cale> oh, right CoLoR
[Fri Apr  4 10:30:38 2014] <roosbeef> haha no im looking for it
[Fri Apr  4 10:31:15 2014] <Cale> http://coq.inria.fr/V8.2pl1/contribs/CoLoR.Util.Relation.RelExtras.html
[Fri Apr  4 10:31:49 2014] <Cale> (check the version number there, I got that link from google)
[Fri Apr  4 10:32:52 2014] <roosbeef> how do i get my type to match Eq.A?
[Fri Apr  4 10:32:57 2014] <Cale> So it looks like Eq.A is a parameter, I'm not sure why it's not being unified with something else here
[Fri Apr  4 10:33:41 2014] <Cale> When it comes to details like this, I really don't know how I should expect Coq to behave
[Fri Apr  4 10:34:24 2014] <roosbeef> :/
[Fri Apr  4 10:34:45 2014] <roosbeef> that not very reassuring coming from you :p
[Fri Apr  4 10:35:43 2014] <Cale> I haven't actually read anything about how Coq works or how to write programs in it. I just get by on intuition and knowing similar languages.
[Fri Apr  4 10:36:02 2014] <Cale> (Well, that's a bit of a lie, I've looked things up in the documentation a bunch)
[Fri Apr  4 10:38:56 2014] <roosbeef> so do i need to declare my type to be a parameter in Eq somehow?
[Fri Apr  4 10:40:23 2014] <roosbeef> Eqset*
[Fri Apr  4 17:16:13 2014] <osa1> how can I use list syntax for vectors?
[Fri Apr  4 17:16:56 2014] <osa1> I opened vector_scope but Check [] still says list
[Fri Apr  4 17:18:13 2014] <osa1> hmm. nil is also list. how can I use vector constructors?
[Fri Apr  4 18:42:49 2014] <jgross> Cale, roosbeef: http://coq.inria.fr/pylons/contribs/files/CoLoR/v8.4/CoLoR.Util.Relation.RelExtras.html 
[Fri Apr  4 18:45:06 2014] <jgross> roosbeef, Cale: I think it means you need to make a module that implements the Module Type Eq, and use list fletter as the A, and apply the functor to that module, and call the method that gives you. 
[Fri Apr  4 19:06:24 2014] <Cale> jgross: Yeah, I just haven't investigated the Coq module system very fully at all.
[Sat Apr  5 03:12:12 2014] <osa1> can anyone help me using vector? I imported it but still can't use, nil and [] is still list constructors, not vector. what should I do?
[Sat Apr  5 03:12:18 2014] <osa1> (I also opened vector_scope)
[Sat Apr  5 04:46:42 2014] <osa1> what's wrong with this last print statement? http://lpaste.net/102289 it fails with Syntax error: 'XML' or 'Firstorder' 'Solver' expected after 'Print' (in [vernac:command]).
[Sat Apr  5 05:37:57 2014] <robbert> osa1: Print expects an identifier, not a proper term. That means, you can Print take, but not take applied to something.
[Sat Apr  5 08:26:32 2014] <roosbeef> how can i implement a module with <: and give it a name name at the same time?
[Sat Apr  5 08:26:59 2014] <roosbeef> (im trying to figure out how to work with modules)
[Sat Apr  5 08:27:35 2014] <roosbeef> for my purposes, i would like to do the following:
[Sat Apr  5 08:27:38 2014] <roosbeef> Module M (MC : MultisetCore). Export MC.
[Sat Apr  5 08:27:47 2014] <roosbeef> without masking
[Sat Apr  5 08:29:08 2014] <roosbeef> because it seems that with masking, coq will complain that
[Sat Apr  5 08:29:32 2014] <roosbeef> The term "fs" has type "list fletter" while it is expected to have type "list Eq.A".
[Sat Apr  5 10:00:30 2014] <roosbeef> brb
[Sat Apr  5 12:24:54 2014] <schoppenhauer> i have a function f : (a : nat) -> (a < C) -> list bool, and a_lt : a < C, b_lt : b < C. I know a = b. (how) can I prove f a a_lt = f b b_lt?
[Sat Apr  5 12:31:52 2014] <gdsfh> schoppenhauer: rewrite hypothesis that states "a = b" in 1. hypothesis b_lt, 2. goal "f a .. = f b ..", 3. replace b_lt with a_lt (they are equal since step#1).
[Sat Apr  5 12:33:49 2014] <schoppenhauer> gdsfh: I dont quite understand.
[Sat Apr  5 12:34:50 2014] <gdsfh> schoppenhauer: your knowledge about "a = b" is a hypothesis, an axiom, parameter or like?
[Sat Apr  5 12:35:23 2014] <schoppenhauer> gdsfh: a = b is a hypothesis.
[Sat Apr  5 12:35:55 2014] <gdsfh> schoppenhauer: so wait a bit, I'll construct an example.
[Sat Apr  5 12:47:03 2014] <gdsfh> schoppenhauer: https://gist.github.com/gdsfh/6f70c5f852f289a00ded , i was wrong, one more thing is needed.  Either proof irrelevance axiom, or proof of equality of lt proofs (it's possible, but it's hard; however maybe stdlib has such proof now).
[Sat Apr  5 12:56:18 2014] <schoppenhauer> gdsfh: yes, proof irrelevance.
[Sat Apr  5 13:00:14 2014] <gdsfh> schoppenhauer: so you know what to do here to prove it?
[Sat Apr  5 13:01:14 2014] <schoppenhauer> yes.
[Sat Apr  5 14:25:58 2014] <osa1> can anyone help me with this https://sympa.inria.fr/sympa/arc/coq-club/2014-04/msg00015.html ?
[Sat Apr  5 15:23:45 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/MoreInd.html#lab266 . . . hmm... I'm struggling a little to understand what's going on with the induction principles that Coq generates for inductively-defined propositions
[Sat Apr  5 15:29:35 2014] <Hodapp> it looks like it generates an induction principle that is... indexed over? parametrized by?... all propositions that are of the same form as that proposition
[Sat Apr  5 15:29:39 2014] <Hodapp> and I'm trying to see why
[Sat Apr  5 16:54:29 2014] <jrw> Hodapp: I'm not sure what you mean. the induction principles there let you prove an arbitrary statement (called P) about all natural numbers.
[Sat Apr  5 16:57:32 2014] <Hodapp> induction principles where?
[Sat Apr  5 17:00:16 2014] <Hodapp> are you referring to them in general or something specific on that page?
[Sat Apr  5 17:02:07 2014] <jrw> Hodapp: the ones you linked to
[Sat Apr  5 17:02:17 2014] <jrw> like gorgeous_ind
[Sat Apr  5 17:17:44 2014] <schoppenhauer> what library (if any) would be recommended when dealing with (self-defined) ordering relations, maxima/suprema, sums, etc.?
[Sun Apr  6 06:40:54 2014] <roosbeef> im having difficulties coming to grasp with the workings of modules
[Sun Apr  6 06:41:09 2014] <roosbeef> anyone bored and feel like helping out a struggling novice? :p
[Sun Apr  6 06:43:51 2014] <roosbeef> grips*
[Sun Apr  6 07:04:58 2014] <roosbeef> brb
[Sun Apr  6 07:24:54 2014] <notdan> roosbeef: I think that the only document available is the reference manual
[Sun Apr  6 07:25:08 2014] <notdan> which is quite hard to follow if you are learning modules from scratch
[Sun Apr  6 07:25:17 2014] <notdan> I am interested in learning modules in Coq myself btw :D
[Sun Apr  6 07:25:28 2014] <notdan> I used them a bit, but it was a trial-error thing
[Sun Apr  6 07:30:42 2014] <roosbeef> haha well
[Sun Apr  6 07:31:33 2014] <roosbeef> do you understand what type of unit they are? Is it like a template for reuse of code? Or is it an object? I have no idea how to 'use' a module, if the term 'use' even makes sense in that context
[Sun Apr  6 07:31:58 2014] <notdan> it's similar to modules in ML
[Sun Apr  6 07:32:11 2014] <notdan> or to namespaces in Java/C#
[Sun Apr  6 07:32:17 2014] <notdan> (albeit more "powerful")
[Sun Apr  6 07:32:30 2014] <roosbeef> i havent worked with those
[Sun Apr  6 07:33:40 2014] <roosbeef> whats the use of namespaces in Java?
[Sun Apr  6 07:33:46 2014] <notdan> do you come from a programming background or math background?
[Sun Apr  6 07:33:55 2014] <notdan> well it's like
[Sun Apr  6 07:34:06 2014] <roosbeef> both, but more toward programming i guess (AI)
[Sun Apr  6 07:34:25 2014] <notdan> it's a unit of separation, in some sense. It also lets you avoid name clashes
[Sun Apr  6 07:34:58 2014] <notdan> So if you have a variable x in a module A, you can use it as normal inside A, but outside A you have to refer to it as A.x or whatnot
[Sun Apr  6 07:35:17 2014] <roosbeef> how is that useful in coq? In my attempts to work with modules ive had more issues with not being able to locate the origin of some reference than with name clashes haha :p
[Sun Apr  6 07:35:19 2014] <notdan> But in Coq modules can be abstracted over types
[Sun Apr  6 07:35:40 2014] <notdan> roosbeef: that is *exactly* the issue I had!
[Sun Apr  6 07:36:00 2014] <notdan> I still don't understand the differences between "Require Import"/"Require Export"/"Import"/etc
[Sun Apr  6 07:36:14 2014] <roosbeef> yea what does Export do within a module
[Sun Apr  6 07:37:20 2014] <notdan> but anyway, in Coq you can parametrize module over some type which helps with code reuse: http://coq.inria.fr/cocorico/ModuleSystemTutorial
[Sun Apr  6 07:37:38 2014] <notdan> In that tutorial the module "Sig" works like an interface
[Sun Apr  6 07:37:50 2014] <notdan> and module Min accepts all the modules that adhere to that interface
[Sun Apr  6 07:38:10 2014] <notdan> roosbeef: apparently Export imports a module and exports it... or something like that
[Sun Apr  6 07:38:21 2014] <roosbeef> exports it where?
[Sun Apr  6 07:38:46 2014] <notdan> Well if I understand it correctly, it exports it like it exports other things
[Sun Apr  6 07:38:57 2014] <notdan> (it  being another module)
[Sun Apr  6 07:39:01 2014] <roosbeef> how are things exported in general then
[Sun Apr  6 07:39:10 2014] <roosbeef> it makes sense to me to import external code
[Sun Apr  6 07:39:18 2014] <notdan> Those technicalities, I am not sure about :S Sorry I wish I knew more about it myself
[Sun Apr  6 07:39:34 2014] <notdan> but the tutorial I linked provides a nice outline
[Sun Apr  6 07:39:56 2014] <notdan> roosbeef: yes, but you can only import something if it is available for export
[Sun Apr  6 07:39:58 2014] <roosbeef> i have looked at that one before :/
[Sun Apr  6 07:40:07 2014] <roosbeef> was actually going over it again this morning
[Sun Apr  6 07:40:41 2014] <roosbeef> ive also read the chapter about modules in Coq'Art
[Sun Apr  6 07:41:09 2014] <notdan> I wanted to read Elie Soubiran thesis on modules, but havent got to do it yet
[Sun Apr  6 07:41:34 2014] <roosbeef> he/she wrote a thesis on modules in coq?
[Sun Apr  6 07:41:44 2014] <notdan> there is also this: http://adam.chlipala.net/cpdt/html/Large.html
[Sun Apr  6 07:42:00 2014] <notdan> yep http://tel.archives-ouvertes.fr/docs/00/67/92/01/PDF/these.pdf
[Sun Apr  6 07:42:09 2014] <notdan> and it's in English
[Sun Apr  6 07:43:56 2014] <roosbeef> wow thanks!
[Sun Apr  6 07:44:30 2014] <roosbeef> there should be at least one or two clarifying parts in there :)
[Sun Apr  6 07:44:44 2014] <notdan> yw :) please share your experience if you get to read it
[Sun Apr  6 07:45:42 2014] <roosbeef> will do but dont expect major epiphanies :p
[Sun Apr  6 09:26:27 2014] <roosbeef> notdan: been reading, still confused :p
[Sun Apr  6 09:34:57 2014] <roosbeef> the reason i would like to understand modules is because a data type i want to use (http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetCore.html) is written using modules
[Sun Apr  6 09:35:08 2014] <roosbeef> i cant seem to get to the root of the definition of a multiset though
[Sun Apr  6 09:35:16 2014] <roosbeef> what is a multiset? Where are the operations on multisets?
[Sun Apr  6 09:35:33 2014] <roosbeef> how can i instantiate a multiset and how can i manipulate it
[Sun Apr  6 09:36:13 2014] <roosbeef> seems like theres only skeletons of code that could potentially be used to implement that, and references to other such skeletons
[Sun Apr  6 09:40:22 2014] <roosbeef> although im pretty sure the authors of CoLoR would not include such non-operational code in their library
[Sun Apr  6 09:41:46 2014] <Anarchos> no idea
[Sun Apr  6 09:47:21 2014] <roosbeef> brb
[Sun Apr  6 10:42:46 2014] <osa1> is there a difference betwen Defined. and Qed. ?
[Sun Apr  6 10:43:33 2014] <Anarchos> osa1 number of letters used ?
[Sun Apr  6 10:43:46 2014] <Anarchos> Defined is more for a definition, qed for the end of a proog
[Sun Apr  6 10:43:49 2014] <Anarchos> proof.
[Sun Apr  6 10:44:09 2014] <Anarchos> Qed means : «Quod erat demonstration» = what was to be proved.
[Sun Apr  6 10:54:47 2014] <Saizan> Qed might make the definition opaque? iirc
[Sun Apr  6 10:57:46 2014] <Anarchos> Saizan we should look the manual for it :)
[Sun Apr  6 12:45:28 2014] <Hodapp> is:  fun (a0 : A0) (a1 : A1) (a2 : A2) ... (aN : aN) => ...
[Sun Apr  6 12:45:54 2014] <Hodapp> just syntactic sugar for:  fun (a0 : A0) => fun (a1 : A1) => fun (a2 : A2) => ... => fun (aN : AN) => ... ?
[Sun Apr  6 13:16:06 2014] <osa1> I'm reading CPDT dependently typed programming section, and I don't understand lines 6 and 7 in this code http://lpaste.net/102331 why Unknown takes one argument, and Found takes 3? isn't that supposed to be 0 and 2 arguments?
[Sun Apr  6 13:24:16 2014] <gdsfh> osa1: first argument is "P : A -> Prop" (declared in Inductive maybe ...) for both constructors.
[Sun Apr  6 13:26:07 2014] <osa1> gdsfh: that makes sense. thanks.
[Sun Apr  6 13:26:41 2014] <osa1> gdsfh: but sometimes that argument is not really passed, it's confusing.
[Sun Apr  6 13:27:34 2014] <osa1> for example,
[Sun Apr  6 13:27:36 2014] <osa1> Inductive sumor (A : Type) (B : Prop) : Type := inleft : A -> A + {B} | inright : B -> A + {B} here when using inright we're passing only two parameters
[Sun Apr  6 13:28:36 2014] <osa1> hmm
[Sun Apr  6 13:28:58 2014] <gdsfh> For inleft: Argument A is implicit
[Sun Apr  6 13:28:58 2014] <gdsfh> For inright: Argument B is implicit
[Sun Apr  6 13:29:07 2014] <gdsfh> Print sumor.
[Sun Apr  6 13:29:28 2014] <osa1> gdsfh: how do I understand what's implicit?
[Sun Apr  6 13:29:43 2014] <gdsfh> osa1: "Print sumor."
[Sun Apr  6 13:30:04 2014] <osa1> gdsfh: I already pasted output of Print sumor.
[Sun Apr  6 13:30:35 2014] <osa1> as far as I know implicit argumetns are specified using {} but in this definition they're not wrapped with {}
[Sun Apr  6 13:30:55 2014] <gdsfh> my output is http://paste.in.ua/9500/
[Sun Apr  6 13:31:58 2014] <osa1> ahh, right. I ignored rest of the output. so does Coq make some arguments implicit automatically or do I need to do something to make some arguments implicit?
[Sun Apr  6 13:32:23 2014] <gdsfh> you need to do something explicit to make them implicit.
[Sun Apr  6 13:34:05 2014] <gdsfh> osa1: http://coq.inria.fr/refman/Reference-Manual004.html#hevea_default115
[Sun Apr  6 13:46:16 2014] <osa1> can anyone help me proving this http://lpaste.net/102332 ?
[Sun Apr  6 13:49:11 2014] <gdsfh> osa1: exists n'. reflexivity.
[Sun Apr  6 13:51:06 2014] <osa1> gdsfh: thanks, I didn't know exists work on sig. is it possible to implement that case in pattern matching part of the code?
[Sun Apr  6 13:54:16 2014] <gdsfh> osa1: yes, and it's better to do it (don't construct computation values with tactics): S n' => inleft _ (exist _ n' _)
[Sun Apr  6 13:55:07 2014] <osa1> why not construct computation values with tactics?
[Sun Apr  6 13:55:24 2014] <osa1> I'm just learning but to me it seems like sometimes constructing values in proof mode is easier.
[Sun Apr  6 14:05:42 2014] <gdsfh> osa1: Definition add (a b : nat) : nat. auto. Show Proof.
[Sun Apr  6 14:08:19 2014] <gdsfh> osa1: "exist" tactic is "safe", like destruct, case, decide equality.  Like any other tactic where there's no place for error, like using one value instead of another.
[Sun Apr  6 14:08:32 2014] <osa1> very interesting program if you ask me :P
[Sun Apr  6 14:29:28 2014] <osa1> while trying to complete some paths using refine tactic and underscores, why equalities are not added as hyphothesis? for example, if I have match n with | 0 => something _ _ ... I don't have n = 0 as hyphothesis, why?
[Sun Apr  6 14:41:01 2014] <gdsfh> osa1: don't know/remember exactly, but use "convoy pattern" (described in CPDT) if you need them.  Also maybe "Program" instead of "Definition" could help, but never tried it in practice (so i can't help here).
[Mon Apr  7 04:10:03 2014] <osa1> whoa!! "Anomaly: unknown meta ?2107. Please report."
[Mon Apr  7 15:51:22 2014] <Hodapp> * pokes jdoles
[Mon Apr  7 15:52:06 2014] <jdoles> * was pleasantly surprised to discover this
[Tue Apr  8 05:12:08 2014] <roosbeef> i am completely confused about how i can use the data types and operations defined in this lib http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetCore.html
[Tue Apr  8 05:13:05 2014] <roosbeef> anyone care to nudge me into the right direction?
[Tue Apr  8 09:15:13 2014] <schoppenhauer> hello. is it possible to have an inversion on a record, and get an equality for it at the same time? like for induction, you would pass eqn:?
[Tue Apr  8 09:15:23 2014] <schoppenhauer> (which does not work on inversions)
[Tue Apr  8 09:16:21 2014] <schoppenhauer> ah I can just use induction
[Tue Apr  8 09:16:23 2014] <schoppenhauer> thx
[Tue Apr  8 09:32:35 2014] <Rc43> Hello.
[Tue Apr  8 09:33:08 2014] <Rc43> I am looking at fresh Coquand's pdf http://www.cse.chalmers.se/~coquand/cirm.pdf
[Tue Apr  8 09:33:35 2014] <Rc43> And can't understand what is "description operator" on page 13 and how it acts.
[Tue Apr  8 09:33:39 2014] <Rc43> Any ideas?
[Tue Apr  8 10:10:05 2014] <ianjneu> Rc43: you might get insights from http://plato.stanford.edu/entries/type-theory-church/
[Tue Apr  8 10:11:30 2014] <Rc43> ianjneu, ah, thanks
[Tue Apr  8 10:11:46 2014] <Rc43> ianjneu, btw, is Church's TT is the most early version of TTs?
[Tue Apr  8 10:12:30 2014] <ijp> russell's probably
[Tue Apr  8 10:13:12 2014] <Rc43> Ah, ye, I see in the article about TT of Russel in 1908.
[Tue Apr  8 10:16:40 2014] <Rc43> Btw, how did versions of lambda calculus and TTs interact in history? I mean LC and TT are seems to be all-sufficient and it is not clear when they have been met.
[Tue Apr  8 10:18:50 2014] <ijp> pretty early on in the development of the lambda calculus
[Tue Apr  8 10:23:54 2014] <ianjneu> Russel's type theory is decidable. I don't remember which standard logic it's equivalent to off the top of my head.
[Tue Apr  8 10:24:14 2014] <ianjneu> STLC also has decidable type inhabitance.
[Tue Apr  8 10:25:46 2014] <ijp> "History of Lambda Calculus and Combinatory Logic" by Cardone and Hindley devotes about 20 pages to a section on types
[Tue Apr  8 15:21:13 2014] <arnovanlumig> When I have a goal that contains a "match (nat_compare a b) with ...", and I do an induction on that, why don't I get the 'current' case of that match as a hypothesis in the created goals?
[Tue Apr  8 15:22:10 2014] <Cale> What did you do induction on? On (nat_compare a b)?
[Tue Apr  8 15:22:14 2014] <arnovanlumig> yes
[Tue Apr  8 15:22:26 2014] <Cale> Maybe try simpl?
[Tue Apr  8 15:23:40 2014] <arnovanlumig> doesn't do anything, but the actual situation isn't really that simple. The match comes from a fixpoint that I've just unfolded
[Tue Apr  8 15:24:21 2014] <arnovanlumig> when I do "induction (nat_compare a b)" then I get three cases, but I expect one of the hypotheses to be 'nat_compare a b = Gt' for example
[Tue Apr  8 15:24:26 2014] <arnovanlumig> or something along those lines...
[Tue Apr  8 15:26:19 2014] <Cale> Does inversion do any better?
[Tue Apr  8 15:28:07 2014] <arnovanlumig> doesn't inversion just work on hypotheses?
[Tue Apr  8 15:29:17 2014] <Cale> Uh, you might be right. I'm trying to recall, there was some tactic which gave you an equational hypothesis when it did case analysis. case_eq?
[Tue Apr  8 15:30:01 2014] <Cale> (Yeah, it looks like inversion only works on identifiers in context, not arbitrary terms)
[Tue Apr  8 15:30:30 2014] <arnovanlumig> hm, case_eq looks promising
[Tue Apr  8 15:31:19 2014] <arnovanlumig> it does exactly what I wanted to do... now just to finish this proof ;)
[Tue Apr  8 15:31:29 2014] <Cale> nice!
[Tue Apr  8 15:32:04 2014] <arnovanlumig> thanks a lot!
[Tue Apr  8 15:32:13 2014] <schoppenhauer> if I have a proof for "forall ... exists ...", how do I get a function from it?
[Tue Apr  8 15:32:22 2014] <schoppenhauer> (eg program extraction)
[Tue Apr  8 15:35:41 2014] <Cale> schoppenhauer: I don't know anything about program extraction, but within Coq, you can simply treat a term of that type as a function and apply it to an argument of the type quantified over by the forall.
[Tue Apr  8 15:45:36 2014] <Rc43> Hello again.
[Tue Apr  8 15:45:52 2014] <Rc43> What do curve brackets mean in result of function?
[Tue Apr  8 15:46:30 2014] <Rc43> E.g. "Theorem test (x : X) : {y : <some expression>}".
[Tue Apr  8 15:46:44 2014] <Rc43> Is it has something with existential types?
[Tue Apr  8 15:56:44 2014] <arnovanlumig> Cale: Qed :), thanks again!
[Tue Apr  8 15:57:54 2014] <Cale> arnovanlumig: cheers!
[Tue Apr  8 15:58:28 2014] <Cale> Rc43: In that case, it's a notation for an existential type.
[Tue Apr  8 15:59:10 2014] <Rc43> Cale, thanks; but is there other case?
[Tue Apr  8 15:59:25 2014] <Rc43> Cale, (other but in result not arguments)
[Tue Apr  8 15:59:27 2014] <Cale> Rc43: Curly braces are also used for implicit parameters
[Tue Apr  8 15:59:45 2014] <Rc43> Cale, ah, ok
[Tue Apr  8 16:00:22 2014] <Cale> {x:A | P x} means sig A P
[Tue Apr  8 16:00:34 2014] <schoppenhauer> Cale: the problem is ... I have a "decidable ...", and I cannot match on it
[Tue Apr  8 16:01:06 2014] <Cale> and {x:A & P x} means sigT A P
[Tue Apr  8 16:01:29 2014] <schoppenhauer> since decidable is a Prop and not a set (why ever ...)
[Tue Apr  8 16:02:12 2014] <Cale> schoppenhauer: The reason for this is that Props are meant to be erasable at runtime, so you can only eliminate them into other Props
[Tue Apr  8 16:02:54 2014] <schoppenhauer> Cale: you mean "not meant", I guess.
[Tue Apr  8 16:03:42 2014] <schoppenhauer> Cale: and I know the reason for irrelevance, but the question is whether I have to rewrite the whole thing or can use some magical Coq-Extraction-Mechanism instead.
[Tue Apr  8 16:03:57 2014] <Rc43> When we need functional extensionality?
[Tue Apr  8 16:05:20 2014] <Cale> schoppenhauer: I think I meant meant :)
[Tue Apr  8 16:05:46 2014] <Cale> schoppenhauer: When you do program extraction, things whose type is a Prop vanish.
[Tue Apr  8 16:06:56 2014] <schoppenhauer> Cale: Can I extract a Set from something that produces a Prop?<
[Tue Apr  8 16:07:07 2014] <schoppenhauer> Cale: so I do not have to write stuff twice?
[Tue Apr  8 16:07:55 2014] <schoppenhauer> I have proved the decidability of a relation.
[Tue Apr  8 16:08:39 2014] <schoppenhauer> The problem is that I now need it at runtime.
[Tue Apr  8 16:08:52 2014] <Cale> To be honest, I avoid Prop so much that my answer here will probably not be idiomatic
[Tue Apr  8 16:08:55 2014] <Cale> But there is sig
[Tue Apr  8 16:10:13 2014] <Cale> sig : forall A : Type, (A -> Prop) -> Type
[Tue Apr  8 16:10:37 2014] <schoppenhauer> Cale: this is just a dependent pair type
[Tue Apr  8 16:10:44 2014] <schoppenhauer> isn't it?
[Tue Apr  8 16:11:13 2014] <Cale> Well, but it is turning a Prop into a Type in some sense :)
[Tue Apr  8 16:12:05 2014] <schoppenhauer> ah, I see.
[Tue Apr  8 16:14:36 2014] <schoppenhauer> Cale: I am not quite sure how to use this for something that returns decidability.
[Tue Apr  8 16:15:00 2014] <Cale> Yeah, I'm not sure either. Let me play with it a bit.
[Tue Apr  8 16:16:56 2014] <Rc43> Is univalence axiom is the same as proposition extensionality?
[Tue Apr  8 16:17:26 2014] <Cale> no
[Tue Apr  8 16:17:42 2014] <Cale> Well, wait, what do you mean by "proposition extensionality"?
[Tue Apr  8 16:19:31 2014] <Rc43> This one: "Axiom prop_ext : forall (P Q : Prop),    (P <-> Q) -> P = Q
[Tue Apr  8 16:19:35 2014] <Rc43> "
[Tue Apr  8 16:19:45 2014] <Rc43> But I already see that it is only in one direction.
[Tue Apr  8 16:20:04 2014] <Rc43> It is from here: http://coq.inria.fr/cocorico/CoqAndAxioms
[Tue Apr  8 16:21:10 2014] <Cale> Well, it's similar in shape to that, except that you have to replace <-> with some appropriate notion of equivalence of types.
[Tue Apr  8 16:22:08 2014] <Cale> If Prop was was the HoTT book called Prop, then this might actually be a reasonable analogy, as (homotopy) propositions are equivalent if coinhabited.
[Tue Apr  8 16:22:17 2014] <Cale> was what*
[Tue Apr  8 16:22:21 2014] <Rc43> Also, it is not obvious for me how we produce excluded middle from indefinite description and proof irrelevance.
[Tue Apr  8 16:23:36 2014] <Rc43> Well, I don't understand indefinite description as well: "Axiom constructive_indefinite_description :   forall (A : Type) (P : A->Prop),      (exists x, P x) -> { x : A | P x }."
[Tue Apr  8 16:23:58 2014] <Cale> schoppenhauer: hmm. Well, I don't know. What I usually end up doing is just avoiding Prop and constructing things of sort Type in the first place.
[Tue Apr  8 16:23:59 2014] <Rc43> Aren't "exists x, P x" and "{ x : A | P x }" the same?
[Tue Apr  8 16:24:31 2014] <Cale> Rc43: Is that in the HoTT library?
[Tue Apr  8 16:25:03 2014] <Cale> I'm pretty sure the HoTT library unifies all the various weird existentials in Coq.
[Tue Apr  8 16:25:10 2014] <Rc43> Cale, not sure; I've found that on http://coq.inria.fr/stdlib/Coq.Logic.ClassicalEpsilon.html
[Tue Apr  8 16:25:20 2014] <Cale> Oh, well, then no
[Tue Apr  8 16:27:01 2014] <Cale> https://github.com/HoTT/HoTT/wiki -- the HoTT Coq documentation is here
[Tue Apr  8 16:27:19 2014] <Cale> and there's a special version of Coq which goes with it too
[Tue Apr  8 16:27:46 2014] <Saizan> exists x, P x is a Prop, i guess?
[Tue Apr  8 16:28:07 2014] <Rc43> Saizan, yep, isn't {.. | ..} a Prop, too?
[Tue Apr  8 16:28:30 2014] <Cale> Oh, it certainly isn't. { x : A | P x } is a Set
[Tue Apr  8 16:28:42 2014] <Rc43> Ah, so that makes sense.
[Tue Apr  8 16:29:08 2014] <Rc43> I just was confused P : Prop with {...} : Prop.
[Tue Apr  8 16:29:18 2014] <Rc43> *-was
[Tue Apr  8 16:30:08 2014] <Rc43> What's the point of HoTT library/patch?
[Tue Apr  8 16:30:17 2014] <Cale> It changes practically everything.
[Tue Apr  8 16:30:28 2014] <Cale> It replaces the base libraries
[Tue Apr  8 16:30:44 2014] <Rc43> What I can do with it?
[Tue Apr  8 16:31:05 2014] <Rc43> (Counting only what I can't do without it.)
[Tue Apr  8 16:31:29 2014] <Cale> You can do homotopy type theory with it :)
[Tue Apr  8 16:31:46 2014] <schoppenhauer> Cale: how can I use the proof assistent then?
[Tue Apr  8 16:31:49 2014] <Rc43> Ow :)
[Tue Apr  8 16:32:06 2014] <Cale> I suppose one big thing is that it avoids lots of things which are inconsistent with homotopy type theory
[Tue Apr  8 16:32:23 2014] <Rc43> Cale, isn't HoTT declared as a tool and not as a goal?
[Tue Apr  8 16:33:05 2014] <Cale> Rc43: Well, I don't know what the distinction between those is right now. It's a research program.
[Tue Apr  8 16:33:11 2014] <Rc43> Or is it useful only for new foundation?
[Tue Apr  8 16:33:59 2014] <Cale> If you're interested in taking part in that line of research, then you'll want to use the HoTT-specific versions of things, more likely than not.
[Tue Apr  8 16:35:21 2014] <Cale> There are reasons why HoTT might turn out to be a really good formalism for mathematics in general, but there are also things which at present can make it awkward for things which would otherwise be easy.
[Tue Apr  8 16:35:28 2014] <Rc43> Cale, ok, I just thought that it is already have pretty examples of appliance in maths.
[Tue Apr  8 16:35:36 2014] <Cale> Yes, it does.
[Tue Apr  8 16:35:57 2014] <Rc43> Where can I look at it?
[Tue Apr  8 16:36:14 2014] <Cale> Well, there's a whole book :)
[Tue Apr  8 16:36:23 2014] <Cale> http://homotopytypetheory.org/book/
[Tue Apr  8 16:36:27 2014] <Rc43> Isn't it about HoTT itself but not about examples?
[Tue Apr  8 16:36:39 2014] <Rc43> Yep, I have seen it and even started.
[Tue Apr  8 16:36:47 2014] <Rc43> But I still don't understand.
[Tue Apr  8 16:36:50 2014] <Cale> It develops a large fraction of what's been done so far
[Tue Apr  8 16:36:51 2014] <Saizan> later chapters are about applications
[Tue Apr  8 16:37:02 2014] <Rc43> Ah, ok.
[Tue Apr  8 16:37:04 2014] <Cale> Including applications
[Tue Apr  8 16:37:07 2014] <Cale> This is all very new
[Tue Apr  8 16:40:10 2014] <Saizan> http://www.cse.chalmers.se/~coquand/cirm.pdf <- i like slide 65 here
[Tue Apr  8 16:41:15 2014] <Cale> haha
[Tue Apr  8 16:41:27 2014] <Cale> "The proof is incredible"
[Tue Apr  8 16:46:14 2014] <Rc43> Doesn't "indefinite_description" break computability?
[Tue Apr  8 16:46:50 2014] <Saizan> i'd expect so
[Tue Apr  8 16:47:07 2014] <Saizan> if you want to erase Prop's at least
[Tue Apr  8 16:47:27 2014] <Rc43> Ok, but how it with prop extensionality implies excluded middle?
[Tue Apr  8 16:48:10 2014] <Rc43> Can't imagine how we can use i.d. if e.m. is about props and not sets.
[Tue Apr  8 17:01:15 2014] <Rc43> Oh, btw, I recalled that I had a question about SSReflect.
[Tue Apr  8 17:01:46 2014] <Rc43> So it has its name because it reflects prop to decidable prop, right?
[Tue Apr  8 17:01:54 2014] <Rc43> Doesn't it require excluded middle?
[Tue Apr  8 21:07:49 2014] <schoppenhauer> I would like to use a fixpoint (recursive function) inside something similar to "refine". is this possible?
[Tue Apr  8 21:08:11 2014] <schoppenhauer> (fun ... => ...) apparently does not allow recursion.
[Tue Apr  8 21:08:29 2014] <schoppenhauer> I could of course use the _rec-function from the decreasing argument
[Tue Apr  8 21:08:34 2014] <schoppenhauer> but that would not be as nice.
[Tue Apr  8 21:34:54 2014] <schoppenhauer> ok, i found it ... there is a "fix" keyword
[Wed Apr  9 07:19:46 2014] <roosbeef> Module LexicographicOrder (A_ord B_ord : Ord).
[Wed Apr  9 07:19:49 2014] <roosbeef> whats Ord?
[Wed Apr  9 07:35:42 2014] <roosbeef> brb
[Wed Apr  9 08:36:08 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/MoreInd.html#lab275 - in nat_ind2, what does that "forall n : nat, P n := ..." syntax even mean?
[Wed Apr  9 08:36:30 2014] <Hodapp> I was trying to walk myself through that definition, and that's where I am stuck
[Wed Apr  9 08:48:48 2014] <schoppenhauer> is there an automatic way of rewriting a proof-irrelevant term such that one gets an adequate relevant term?
[Wed Apr  9 09:56:12 2014] <roosbeef> whats Sid?
[Wed Apr  9 09:57:21 2014] <roosbeef> nevermind ^^
[Wed Apr  9 10:24:59 2014] <schoppenhauer> is it possible to do destruct {n | {m | ...}} inside a term?
[Wed Apr  9 10:25:49 2014] <ianjneu> schoppenhauer: match e with sig n (sig m _) => _ end
[Wed Apr  9 10:27:50 2014] <ianjneu> where e is a term of type {n | {m | ...}}
[Wed Apr  9 10:57:32 2014] <schoppenhauer> thx.
[Wed Apr  9 15:53:58 2014] <schoppenhauer> I just read http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic129 , but is it possible to just evaluate "one step", only the outer definition?
[Wed Apr  9 16:03:16 2014] <ianjneu> schoppenhauer: unfold function_name
[Wed Apr  9 16:04:13 2014] <schoppenhauer> ianjneu: thx.
[Wed Apr  9 16:06:32 2014] <ianjneu> schoppenhauer: if you're looking for something more robust, as in, contract "the first" redex using beta, delta, iota or zeta, then I don't have as good of an answer.
[Wed Apr  9 16:07:32 2014] <schoppenhauer> its sufficient for me, thx
[Wed Apr  9 16:07:34 2014] <schoppenhauer> .
[Wed Apr  9 20:56:08 2014] <Hodapp> huh... implementing a parser, and proving that certain optimizations do not change the value of anything
[Wed Apr  9 20:56:18 2014] <Hodapp> interesting use case that I'd likely not have thought of...
[Thu Apr 10 08:37:20 2014] <schoppenhauer> hello. if I want rational numbers, and prove several inequalities, is Coq.Numbers.Rational.BigQ.BigQ the right thing?
[Thu Apr 10 08:37:52 2014] <schoppenhauer> or is QArith better?
[Thu Apr 10 08:38:20 2014] <schoppenhauer> I will not use the rational numbers in a "relevant" fashion, they only occur in Props.
[Thu Apr 10 08:39:09 2014] <schoppenhauer> so efficiency is probably not an issue, ease of proving is.
[Thu Apr 10 09:17:03 2014] <schoppenhauer> gah ... QArith does not work with Nats...
[Thu Apr 10 09:30:51 2014] <schoppenhauer> is there a function that injects nat -> positive?
[Thu Apr 10 09:31:17 2014] <schoppenhauer> well, except when nat = 0, obviously.
[Thu Apr 10 09:41:17 2014] <schoppenhauer> is there a library that works with nat rather that BinNums?
[Thu Apr 10 11:59:20 2014] <schoppenhauer> is there a function that injects nat -> positive? *push*
[Thu Apr 10 13:05:48 2014] <ollehar> schoppenhauer: what's positive? rational number?
[Thu Apr 10 13:23:34 2014] <schoppenhauer> ollehar: the denominators of rationals must be of type "BinNums.positive"
[Thu Apr 10 13:24:32 2014] <schoppenhauer> and  this is a problem, because I want to have the rational 1/(2 ^ n) for n:nat
[Thu Apr 10 13:26:17 2014] <schoppenhauer> why are the ratinal numbers not defined using nat?
[Thu Apr 10 14:05:32 2014] <ollehar> schoppenhauer: nat can be zero?
[Thu Apr 10 14:05:41 2014] <ollehar> so you have to prove it's not, I suppose
[Thu Apr 10 14:06:20 2014] <ollehar> but I'm a coq n00b, so don't take my word for anything ;)
[Thu Apr 10 14:11:38 2014] <schoppenhauer> ok.
[Thu Apr 10 14:45:12 2014] <rmk0> schoppenhauer: do you have a proof that n > 0 everywhere you use 1/(2 ^ n)?
[Thu Apr 10 14:53:05 2014] <schoppenhauer> rmk0: why is it necessarry that n>0? 2^n>0, even if n=0
[Thu Apr 10 14:53:46 2014] <rmk0> hah, sorry, yes, completely misread
[Thu Apr 10 16:13:53 2014] <schoppenhauer> ok. first, I have problems with the packaging/scoping system. is there a good introduction to it?
[Thu Apr 10 16:22:02 2014] <napping> What kind of packaging?
[Thu Apr 10 16:22:20 2014] <napping> There's a module and section system
[Thu Apr 10 16:22:30 2014] <napping> notations have interpretation scopes
[Thu Apr 10 16:34:46 2014] <schoppenhauer> this
[Thu Apr 10 16:35:08 2014] <schoppenhauer> I currently have the problem of having to use many additions and multiplications.
[Thu Apr 10 16:35:32 2014] <schoppenhauer> so far, I just wrote qualified names.
[Thu Apr 10 16:36:05 2014] <schoppenhauer> but somehow, I cannot get "Pos.mul" imported.
[Thu Apr 10 16:37:45 2014] <napping> Where are you trying to import it from?
[Thu Apr 10 16:37:54 2014] <napping> You can look in the library module index to see where it's from
[Thu Apr 10 16:38:08 2014] <napping> but I'm pretty sure it's reexported from somehwere more convenient than PArith
[Thu Apr 10 16:40:54 2014] <schoppenhauer> napping: I only find  mul [definition, in Coq.Numbers.Cyclic.ZModulo.ZModulo]
[Thu Apr 10 16:41:37 2014] <napping> http://coq.inria.fr/distrib/current/stdlib/Coq.PArith.BinPos.html
[Thu Apr 10 16:41:54 2014] <schoppenhauer> yes, and this does not work.
[Thu Apr 10 16:42:16 2014] <napping> Which one do you want?
[Thu Apr 10 16:42:32 2014] <schoppenhauer> the one in BinPos
[Thu Apr 10 16:42:34 2014] <schoppenhauer> Require Coq.PArith.BinPos.
[Thu Apr 10 16:42:46 2014] <schoppenhauer> but I cannot use BinPos.mul or BinPos.Pos.Mul
[Thu Apr 10 16:42:50 2014] <schoppenhauer> or anything similar
[Thu Apr 10 16:42:53 2014] <napping> You didn't import short names
[Thu Apr 10 16:43:04 2014] <schoppenhauer> I do not want
[Thu Apr 10 16:43:27 2014] <schoppenhauer> I want qualified names.
[Thu Apr 10 16:43:28 2014] <napping> try Check Coq.PArith.BinPos.Pos.mul.
[Thu Apr 10 16:43:33 2014] <napping> you got a qualified name
[Thu Apr 10 16:44:11 2014] <schoppenhauer> ok, this works.
[Thu Apr 10 16:44:13 2014] <schoppenhauer> thx.
[Thu Apr 10 16:44:32 2014] <napping> If you do something like Require Import Coq.PArith.BinPos, you'll have Pos.mul in scope
[Thu Apr 10 16:44:55 2014] <schoppenhauer> but I'll also have collisions when using notations like + and *
[Thu Apr 10 16:45:15 2014] <napping> for that you should look up how to use notation scopes
[Thu Apr 10 16:46:25 2014] <napping> oh, I guess you don't need to fully qualify that
[Thu Apr 10 16:47:06 2014] <napping> BinPos.Pos.mul works after your require
[Thu Apr 10 16:47:30 2014] <napping> Pos is a module defined in the file so you can't require it as a module
[Thu Apr 10 16:47:36 2014] <schoppenhauer> dafaq ... I thought I tried this already.
[Thu Apr 10 16:47:39 2014] <schoppenhauer> thx.
[Thu Apr 10 16:49:09 2014] <schoppenhauer> as I asked ... a good introduction to it would be nice. the documentation is very "shorthand"
[Thu Apr 10 16:49:59 2014] <napping> I just look at the reference manual for that
[Thu Apr 10 16:50:33 2014] <napping> and read very carefully
[Thu Apr 10 19:12:26 2014] <ollehar>    exists k : nat, 0 = 2 * k
[Thu Apr 10 19:12:34 2014] <ollehar> how do I solve this ^
[Thu Apr 10 19:12:46 2014] <ollehar> as a goal, I want to pick a k
[Thu Apr 10 19:13:23 2014] <ollehar> but "intro k" gives "Error: No product even after head-reduction."
[Thu Apr 10 19:30:48 2014] <ollehar> ah, "exists 0"
[Fri Apr 11 01:49:19 2014] <Rc43> Hello.
[Fri Apr 11 01:50:14 2014] <Rc43> Am I right that in Coq definitional equality for (a b : Set) can hold but propositional -- not?
[Fri Apr 11 01:50:42 2014] <Rc43> I mean, we can do reductions on elements of Set, so there is notion of def-l equality for them.
[Fri Apr 11 01:51:02 2014] <Rc43> But if I do "Check eq_refl nat nat" then I get error about Set.
[Fri Apr 11 01:51:19 2014] <Rc43> So propositional equality can't be applied to elements of Set, right?
[Fri Apr 11 02:06:51 2014] <jrw> Rc43: no. eq_refl only takes one argument
[Fri Apr 11 02:07:02 2014] <jrw> "Check eq_refl nat." should work fine
[Fri Apr 11 02:08:52 2014] <Rc43> Oh =/
[Fri Apr 11 02:09:32 2014] <Rc43> jrw, yea, that works; I forgot to check type annotation
[Fri Apr 11 02:09:37 2014] <Rc43> jrw, thanks
[Fri Apr 11 02:09:54 2014] <jrw> np.
[Fri Apr 11 04:38:20 2014] <roosbeef> how can i check where some function was defined? (From what library)
[Fri Apr 11 04:38:44 2014] <roosbeef> for example id like to know where the notation _ =A= _ is defined
[Fri Apr 11 04:38:47 2014] <roosbeef> but when i do
[Fri Apr 11 04:38:48 2014] <roosbeef> Check _ =A= _.
[Fri Apr 11 04:39:02 2014] <roosbeef> it only says ?37 =A= ?38 : Prop
[Fri Apr 11 04:39:13 2014] <roosbeef> which is not very informative :p
[Fri Apr 11 04:40:14 2014] <jrw> roosbeef: does "Locate ..." help?
[Fri Apr 11 04:41:35 2014] <roosbeef> Locate (_ =A= _). Syntax error: [locatable] expected after 'Locate' (in [vernac:command]).
[Fri Apr 11 04:43:21 2014] <jrw> roosbeef: how about:
[Fri Apr 11 04:43:26 2014] <jrw> Locate "=A=".
[Fri Apr 11 04:43:52 2014] <roosbeef> same
[Fri Apr 11 04:44:01 2014] <roosbeef> ah wait i forgot to include "
[Fri Apr 11 04:44:04 2014] <roosbeef> works now, thanks :)
[Fri Apr 11 04:44:32 2014] <roosbeef> hm
[Fri Apr 11 04:44:49 2014] <roosbeef> actually that only shows "X =A= Y" := eqA X Y
[Fri Apr 11 04:45:34 2014] <jrw> roosbeef: right, so now you should try "Check eqA"
[Fri Apr 11 04:45:38 2014] <jrw> or googling eqA
[Fri Apr 11 04:45:50 2014] <jrw> but at least now you have something google-able
[Fri Apr 11 04:46:50 2014] <roosbeef> * headbutt desk
[Fri Apr 11 04:47:16 2014] <roosbeef> haha thanks :p not fully awake yet i guess
[Fri Apr 11 04:47:27 2014] <roosbeef> did Locate eqA, that worked
[Fri Apr 11 07:15:06 2014] <roosbeef> hi
[Fri Apr 11 07:15:15 2014] <roosbeef> so im working with this lib http://color.inria.fr/doc/CoLoR.Util.Pair.LexOrder.html
[Fri Apr 11 07:15:30 2014] <roosbeef> where does lp_L or lp_R get its value?
[Fri Apr 11 07:15:49 2014] <roosbeef> or how
[Fri Apr 11 07:28:58 2014] <robbert> jrw: uhm, eq_refl really takes two arguments: eq_refl : ∀ (A : Type) (x : A), x = x
[Fri Apr 11 07:40:56 2014] <roosbeef> nm, got it :)
[Fri Apr 11 12:12:39 2014] <Rc43> Hello.
[Fri Apr 11 12:12:57 2014] <Rc43> Which semantics is used while unification? I guess lazy, but not sure.
[Fri Apr 11 12:13:03 2014] <Rc43> Also, is it possible to specify?
[Fri Apr 11 12:22:40 2014] <ianjneu> I think it's full normalization.
[Fri Apr 11 13:52:58 2014] <osa1> this code is taken from CPDT http://lpaste.net/102573 how is this definition of app valid? Coq gives an error but as far as I can see it's full of errors... (or maybe I'm missing something)
[Fri Apr 11 13:53:23 2014] <osa1> first, recursive call to app is applied to 2 arguments but `app` actually gets 4 arguments.
[Fri Apr 11 13:53:31 2014] <jrw> osa1: set implicit arguments?
[Fri Apr 11 13:53:54 2014] <osa1> jrw: no, it gives same error (maybe it was already set)
[Fri Apr 11 13:54:03 2014] <osa1> jrw: does that definition look correct to you?
[Fri Apr 11 13:54:47 2014] <jrw> osa1: yes. I just typed it in and it worked. you have to say "Set Implicit Arguments." before the first line
[Fri Apr 11 13:55:37 2014] <osa1> ooh wait. how can this work
[Fri Apr 11 13:56:06 2014] <osa1> application of Cons and app takes less number or arguments than their definitions...
[Fri Apr 11 13:58:00 2014] <jrw> osa1: yes. because those arguments are implicit. you should read about implicit arguments.
[Fri Apr 11 17:13:14 2014] <ollehar> what does it really _mean_ to make induction over an hypothesis?
[Fri Apr 11 17:15:15 2014] <Hodapp> What does it mean to destruct over one?
[Fri Apr 11 17:19:02 2014] <Ptival> Hodapp: context?
[Fri Apr 11 17:51:27 2014] <ollehar> Hodapp: you mean it's the same thing?
[Fri Apr 11 18:56:12 2014] <uucico> i have this seemingly simple problem..  somewhere in my proof, i have a hypothesis H: Int.eq i Int.zero = true.  i also have a theorem Int.eq_spec: forall x y : int, if Int.eq x y then x = y else x <> y.  how do i get "i = Int.zero" out of this?
[Fri Apr 11 19:03:25 2014] <schoppenhauer> assume (x = y). apply H. probably?
[Fri Apr 11 19:03:35 2014] <schoppenhauer> äh
[Fri Apr 11 19:03:44 2014] <schoppenhauer> assume (Int.zero = true)
[Fri Apr 11 19:03:47 2014] <schoppenhauer> wah
[Fri Apr 11 19:04:03 2014] <schoppenhauer> assume (i = Int.zero)
[Fri Apr 11 19:04:16 2014] <schoppenhauer> then apply Int.eq_spec
[Fri Apr 11 19:08:14 2014] <uucico> i tried that, but even if i'm very explicit -- doing apply (Int.eq_spec i Int.zero) -- Coq tells me it cannot unify (if Int.eq i Int.zero then i = Int.zero else i <> Int.zero) with (i = Int.zero)..
[Fri Apr 11 19:08:58 2014] <uucico> i have some ugly workaround with rewrite rules -- first rewriting the (i = Int.zero) goal into (if Int.eq i Int.zero then i=Int.zero else i<>Int.zero), and then proving it using Int.eq_spec.  but i don't understand why Coq is happy to convert (i=Int.zero) into the (if..) but not unify them the other way around.
[Fri Apr 11 19:09:16 2014] <uucico> s/convert/rewrite/
[Fri Apr 11 19:15:10 2014] <schoppenhauer> ok, good question, I am too much of a newb to have an answer.
[Fri Apr 11 19:26:05 2014] <ollehar> uucico: pastebin of proof status?
[Fri Apr 11 19:26:26 2014] <uucico> one second, let me reconstruct my situation at that point..
[Fri Apr 11 19:29:09 2014] <uucico> proof status: http://pastebin.com/jVXHciAH  output from "apply (Int.eq_spec i Int.zero)" at that point: http://pastebin.com/Php264NY
[Fri Apr 11 19:29:19 2014] <uucico> pardon the gigantic unwieldy proof :)
[Fri Apr 11 19:32:26 2014] <ollehar> You do know that "i = Int.zero" is a proposition?
[Fri Apr 11 19:33:17 2014] <uucico> sure, as is any (eq a b), right?
[Fri Apr 11 19:33:38 2014] <ollehar> Have you tried eq_bool?
[Fri Apr 11 19:34:06 2014] <uucico> what is eq_bool?
[Fri Apr 11 19:34:51 2014] <ollehar> a function that returns true or false. but a proposition is either True or False (not the same thing as true or false). I think.
[Fri Apr 11 19:35:04 2014] <ollehar> Hm.
[Fri Apr 11 19:36:02 2014] <uucico> i'm not sure why it should be necessary (and, pragmatically, the compcert library that i'm using lacks an Int.eq_bool that i can see).
[Fri Apr 11 19:36:38 2014] <uucico> specifically, it doesn't seem necessary because, from what i understand, the type of (if _ then i=Int.zero else i<>Int.zero) should be Prop, same as i=Int.zero and i<>Int.zero.
[Fri Apr 11 19:37:02 2014] <ollehar> hm, ok
[Fri Apr 11 19:40:05 2014] <ollehar> but in "if x", shouldn't x be a proof, or a function that returns a proof?
[Fri Apr 11 19:41:33 2014] <ollehar> eq_dec should be such a function.
[Fri Apr 11 19:41:41 2014] <uucico> not necessarily, i think -- it just needs to be some inductive product with two constructors, where the first one gets treated as true, and the second gets treated as false
[Fri Apr 11 19:42:18 2014] <uucico> my "x" is already of type bool, which should be decidable (has two constructors); it's not a raw proposition
[Fri Apr 11 19:42:35 2014] <uucico> (in particular, my x is "Int.eq i Int.zero", and i have a hypothesis "Int.eq i Int.zero = true")
[Fri Apr 11 19:45:17 2014] <ollehar> OK, don't know, I'm a beginner too ^^
[Fri Apr 11 19:45:19 2014] <ollehar> sorry
[Fri Apr 11 19:45:26 2014] <uucico> no worries -- thanks for looking :)
[Fri Apr 11 19:45:34 2014] <ollehar> Mostly, I post stuff on stackoverflow
[Fri Apr 11 19:45:44 2014] <ollehar> usually get an answer within some hours
[Fri Apr 11 19:58:32 2014] <Ptival> oh I think I answered your last two posts
[Fri Apr 11 20:01:31 2014] <Ptival> uucico: can you describe your problem?
[Fri Apr 11 20:01:59 2014] <uucico> let me try to produce it in a simpler setting; one second
[Fri Apr 11 20:02:03 2014] <Ptival> ok
[Fri Apr 11 20:05:50 2014] <uucico> here's the coqtop transcript that confuses me: http://pastebin.com/siRpYiyN
[Fri Apr 11 20:05:59 2014] <uucico> in particular, why does my replace command work when the unification fails?
[Fri Apr 11 20:49:21 2014] <Ptival> uucico: well the unification fails because the two types don't unify
[Fri Apr 11 20:50:13 2014] <Ptival> the fact that you have a proof that "Int.eq i Int.zero = true" does not mean that "Int.eq i Int.zero" is convertible with "true"
[Fri Apr 11 20:50:20 2014] <Ptival> so
[Fri Apr 11 20:50:28 2014] <Ptival> if Int.eq i Int.zero then i = Int.zero else i <> Int.zero
[Fri Apr 11 20:50:47 2014] <Ptival> is inert
[Fri Apr 11 20:53:16 2014] <Ptival> and not judgementally equal to true
[Sat Apr 12 06:22:23 2014] <osa1_> can anyone help me fixing and completing this function http://lpaste.net/102596 ?
[Sat Apr 12 08:31:05 2014] <gdsfh> osa1_: it's not a full source.
[Sat Apr 12 08:31:13 2014] <gdsfh> "Error: The reference Vector.t was not found in the current environment."
[Sat Apr 12 08:32:44 2014] <gdsfh> osa1_: ah, I've read coq-club, somebody will help, forget it.
[Sat Apr 12 08:34:30 2014] <osa1_> gdsfh: Require Import Coq.Vectors.Vector.
[Sat Apr 12 08:36:22 2014] <gdsfh> osa1_: "Error: Cannot find library Coq.Vectors.Vector in loadpath".  8.3pl4 is too old, i think.
[Sat Apr 12 08:36:54 2014] <osa1_> gdsfh: I don't know. I have 8.4pl2
[Sat Apr 12 08:37:07 2014] <osa1_> it's in stdlib
[Sat Apr 12 08:38:24 2014] <gdsfh> there were significant changes in 8.4 stdlib.  So sorry, can't help -- not enough free time to install fresh coq.  But don't worry, coq-club will help you, almost sure.
[Sat Apr 12 13:37:20 2014] <Hodapp> where is my misunderstanding here? I have a line like, "destruct b; simpl; repeat (rewrite optimize_0_plus_sound); reflexivity." and I do not even see optimize_0_plus_sound being applied a single time
[Sat Apr 12 13:37:49 2014] <Hodapp> I've tried with and without 'try' around the 'repeat, or inside it
[Sat Apr 12 13:42:13 2014] <Hodapp> http://lpaste.net/102617 is what I'm working with. For optimize_0plus_b_sound I have the solution for each individual case and I am trying to rewrite using tacticals
[Sat Apr 12 13:44:09 2014] <Hodapp> nevermind. It had an extraneous underscore
[Sat Apr 12 13:44:17 2014] <Hodapp> so 'try' was happily failing and moving along.
[Sat Apr 12 18:10:00 2014] <Rc43> Hello.
[Sat Apr 12 18:15:40 2014] <Hodapp> Hi.
[Sat Apr 12 20:34:52 2014] <Rc43> In HoTT book it is said that there is proof-relevant mathematics in the book.
[Sat Apr 12 20:35:04 2014] <Rc43> How it is combines with proof-irrelevance of Coq?
[Sat Apr 12 20:35:22 2014] <Rc43> Or HoTT modification of Coq declines proof irrelevance?
[Sat Apr 12 20:35:42 2014] <ezyang> Proof irrelevance is an axiom and it does not hold for HoTT
[Sat Apr 12 20:36:25 2014] <Rc43> Isn't it built in Coq?
[Sat Apr 12 20:36:40 2014] <Rc43> For erasure e.g.
[Sat Apr 12 20:38:49 2014] <ianjneu> Rc43: Erasure/extraction is not part of the program logic. It's pretty ad-hoc.
[Sat Apr 12 20:40:09 2014] <ianjneu> Proof-relevance is a fancy word for treating data like data, no matter what philosophical meaning people attribute to that data's type.
[Sat Apr 12 20:44:36 2014] <Rc43> ianjneu, but why HoTT makes accent on proof-relevance?
[Sat Apr 12 20:44:49 2014] <jgross> If you put equality in Prop, and then have univalence for that equality, your extracted program will segfault (rather than simply blocking on an axiom).  Hence in HoTT, equality goes in Type. 
[Sat Apr 12 20:45:00 2014] <Rc43> (maybe it is explained, I didn't read ch.1 and intro)
[Sat Apr 12 20:46:00 2014] <Rc43> jgross, ah, I didn't know that in HoTT version eq is in Type; so it is combined nicely.
[Sat Apr 12 20:46:19 2014] <Rc43> BTW, there is no logs for that channel?
[Sat Apr 12 20:47:13 2014] <ianjneu> "that" meaning ##hott? Because jgross has a public log.
[Sun Apr 13 02:44:43 2014] <Rc43> Actually, at night I was meaning "this" (#coq) channel.
[Sun Apr 13 02:46:51 2014] <Rc43> Going through the HoTT book I imageined two more questions:
[Sun Apr 13 02:46:53 2014] <Rc43> 1. Has Coq-HoTT modified type-checking? How he is adapted to univalence axiom? I just don't see difference if it is just an axiom, because we need to use it manually to rewrite terms and then it is just easier to use isomorphism.
[Sun Apr 13 02:47:10 2014] <Rc43> 2. What is judgmental equality? Is it the same as extensional equality?
[Sun Apr 13 02:51:45 2014] <Cale> Rc43: Even when it's an axiom, you still can use it to create equalities of types
[Sun Apr 13 02:52:03 2014] <ezyang> Rc43: The big reason why Coq modifications were needed was universe polymorphism
[Sun Apr 13 02:55:17 2014] <Cale> Rc43: Judgmental equality is a sort of equality where you can just make substitutions anywhere like you're used to from classical mathematics, but the system only has very restricted ways to give you judgmental equalities. Because it's not a type, but a judgment, you can't form universal statements about judgmental equality. Basically it ends up amounting to a sort of equality which expresses what can be computed directly
[Sun Apr 13 02:55:17 2014] <Cale> from the definitions.
[Sun Apr 13 02:55:41 2014] <Cale> You might like to have a look at, I think it was Appendix 2
[Sun Apr 13 02:56:04 2014] <Cale> where there are formal rules laid about, and you can see where judgmental equalities get formed there
[Sun Apr 13 03:03:36 2014] <Rc43_> Cale, oh, maybe. I just searched "judgment" in part of the book before the place I read and didn't find; so I thought there is no its definitional (would be pretty strange).
[Sun Apr 13 03:08:46 2014] <Rc43_> Am I right? There are at least 3 equalities:
[Sun Apr 13 03:08:47 2014] <Rc43_> 1. Eq_A(x : A, x : A) is a propositional equality (i.e. wrapper of definitional equality (i.e. depends on reduction rules)).
[Sun Apr 13 03:09:21 2014] <Rc43_> 2. Equivalence of propositions (i.e. when we have isomorphism (i.e. function to and reverse)).
[Sun Apr 13 03:09:34 2014] <Rc43_> 3. Judgmental equality (I haven't understand yet what it is).
[Sun Apr 13 03:10:38 2014] <Rc43_> Or 2 points of this list are the same?
[Sun Apr 13 03:14:43 2014] <Rc43_> Also I guess that 2 is also called extensional equality and 1 is called intensional equality.
[Sun Apr 13 04:44:43 2014] <Saizan> Rc43: definitional and judgemental are synonym, propositional is distinct
[Sun Apr 13 04:45:35 2014] <Saizan> Rc43: univalence is the axiom saying that Equivalence of types and propositional equality are the same thing
[Sun Apr 13 04:47:24 2014] <Saizan> (prop. equality between those types)
[Sun Apr 13 07:05:21 2014] <osa1> I'm having trouble indexing vectors. is there a way to convert a nat to Fin.t ?
[Sun Apr 13 07:05:33 2014] <osa1> I have a proof that nat n > 0
[Sun Apr 13 07:22:51 2014] <Rc43> Saizan, thanks
[Sun Apr 13 07:23:14 2014] <Rc43> Saizan, what about intensional/extensional equalities?
[Sun Apr 13 07:24:01 2014] <Rc43> I suppose, that intensional = propositional and extensional = equivalence.
[Sun Apr 13 07:28:35 2014] <Saizan> not really
[Sun Apr 13 07:30:00 2014] <Saizan> intensional and extensional are quite mudded, in particular you get some extensional properties for prop.equality once you have the univalence axiom, but still it's not the same as "Extensional Type Theory" which is the one with the equality reflection rule
[Sun Apr 13 07:31:04 2014] <Saizan> anyhow equivalence is supposed to be the definition of prop. equality in HoTT, so the two should have the same properties
[Sun Apr 13 07:31:04 2014] <Rc43> Saizan, ah, ok. So intensional/extensional is more term for properties than for specific notion and they can be mapped differently to other notions in different TTs.
[Sun Apr 13 07:32:06 2014] <Saizan> sometimes you get people saying "extensional equality" to mean a prop. equality with the reflection rule
[Sun Apr 13 07:32:49 2014] <Saizan> but a prop. equality with the reflection rule can't be interpreted as paths, so you get people calling it strict equality
[Sun Apr 13 07:33:16 2014] <Saizan> (if you have equality reflection then def. and prop. equality collapse into the same thing)
[Sun Apr 13 07:33:18 2014] <Rc43> As I remember I heard it about [ pointwise equality of functions -> equality of functions].
[Sun Apr 13 07:33:47 2014] <Saizan> that's a principle more properly called "functional extensionality"
[Sun Apr 13 07:33:50 2014] <Rc43> And about some other things. Maybe about (A <=> B) -> (A = B).
[Sun Apr 13 07:33:56 2014] <Saizan> and there are various ways to get it for prop. equality
[Sun Apr 13 07:33:58 2014] <Rc43> Saizan, exactly
[Sun Apr 13 07:35:22 2014] <Saizan> right, the confusion is that for a long time the main system that had functional extensionality was extensional type theory, i.e. with equality reflection
[Sun Apr 13 07:35:35 2014] <Saizan> so the two things were strongly associated together
[Sun Apr 13 07:36:09 2014] <Saizan> but OTT and now HoTT show there are other ways
[Sun Apr 13 07:38:15 2014] <Saizan> so now we have that the equality of extensional type theory (ETT) is less philosofically extensional than the prop.equality of HoTT
[Sun Apr 13 07:52:10 2014] <Rc43> Saizan, what is OTT?
[Sun Apr 13 07:55:48 2014] <Saizan> Rc43: observational type theory, what Epigram 2 would use if it existed :)
[Sun Apr 13 07:56:42 2014] <Saizan> Rc43: there equality for the type A is defined according to the shape of A, so you do get functional extensionality
[Sun Apr 13 07:57:23 2014] <Saizan> Rc43: though equality of types is more precise than equivalence there, and you get uniqueness of identity proofs
[Sun Apr 13 07:57:43 2014] <Saizan> Rc43: though i think an actual implementation of HoTT will be a lot like a generalization of OTT
[Sun Apr 13 08:01:14 2014] <osa1> can anyone help me? do I have to write a function to convert nats to Fin.t ?
[Sun Apr 13 11:54:35 2014] <roosbeef> its weird
[Sun Apr 13 11:54:44 2014] <roosbeef> i have this subgoal: MSet.member a (a :: nil)
[Sun Apr 13 11:55:07 2014] <roosbeef> (MSet is a multiset module)
[Sun Apr 13 11:55:36 2014] <roosbeef> what it boils down to is (if eq_letter_dec a a then 1 else 0) > 0
[Sun Apr 13 11:56:07 2014] <roosbeef> is there any way to make coq automatically infer eq_letter_dec a a?
[Sun Apr 13 18:10:42 2014] <Rc43> Hi, guys.
[Sun Apr 13 18:12:13 2014] <Rc43> Could anybody check it for correctness/clearness?
[Sun Apr 13 18:12:14 2014] <Rc43> https://docs.google.com/drawings/d/1IhJ2Utmb9OpiBSCcjSpZFFIqfSaqDsqWtzZ9_A8D59Y
[Sun Apr 13 18:12:33 2014] <Rc43> Also, I has a question: what should be on place of ?1 and ?2 ?
[Sun Apr 13 18:13:28 2014] <Rc43> When we do topology we use index space instead of them (X for indexing path and I for indexing homotopy's "instances").
[Sun Apr 13 18:13:53 2014] <Rc43> But in HoTT it isn't clear what to substitute, because our paths are just morphisms.
[Sun Apr 13 18:24:15 2014] <Saizan> Rc43: it's not public
[Sun Apr 13 18:25:39 2014] <Rc43> Saizan, fixed
[Sun Apr 13 18:31:53 2014] <Rc43> Maybe the name is misleading (it's not about lemma, just it is about place from the book right after the lemma).
[Sun Apr 13 18:40:31 2014] <Rc43> Are ?1 and ?2 just one-point sets?
[Sun Apr 13 18:52:46 2014] <Rc43> I am confused.
[Sun Apr 13 19:07:24 2014] <Rc43> Ow, there is in book different description of how P is fibration =/ There we must lift path, but not homotopy as I did on picture.
[Sun Apr 13 19:07:31 2014] <Rc43> Why first description is right?
[Sun Apr 13 19:07:57 2014] <Rc43> Isn't fibration defined for 2-paths?
[Sun Apr 13 19:15:38 2014] <Rc43> Oh, it seems that there can be different lifting properties: homotopy / path at least. On wiki def of fibration is about homotopy lifting only.
[Sun Apr 13 19:18:46 2014] <Cale> You could probably do it the exact same way using the interval type, or express the homotopies involved a little differently
[Sun Apr 13 19:22:00 2014] <Rc43> What are morphisms in HoTT? Isn't it true that our morphisms are paths only i.e. Eq_A(x,y)?
[Sun Apr 13 19:22:54 2014] <Rc43> Or we can talk about type also in external"
[Sun Apr 13 19:23:09 2014] <Rc43> category where morphisms are functional types?
[Sun Apr 13 19:23:43 2014] <Rc43> (This "external" category would be built on top of our groupoid.)
[Sun Apr 13 19:24:40 2014] <Cale> Well, what category do you want to talk about? There are functions between types in HoTT
[Mon Apr 14 02:36:42 2014] <Rc43> Cale, I want to talk about that category in which type family P : A -> U is a fibration.
[Mon Apr 14 02:39:02 2014] <Rc43> Cale, and there is interesting for me question: is P fibration  only according to path lifting property, or according to homotopy lifting property, too?
[Mon Apr 14 02:41:20 2014] <Cale> http://www.andrew.cmu.edu/user/awodey/preprints/TTH.pdf might answer your question :)
[Mon Apr 14 02:42:17 2014] <Cale> The idea, I think, is that those things are represented by fibrations in various models of the theory
[Mon Apr 14 02:42:40 2014] <Cale> and yeah, you should get the homotopy lifting property
[Mon Apr 14 02:44:00 2014] <Cale> There also ought to be a homotopy lifting property which you can prove within HoTT
[Mon Apr 14 02:44:25 2014] <Cale> The main tricky part about proving it will be stating it conveniently.
[Mon Apr 14 02:58:33 2014] <Rc43> Cale, thanks for paper
[Mon Apr 14 03:21:57 2014] <Rc43> Strange, text search in the paper looks to be broken
[Mon Apr 14 03:23:23 2014] <Rc43> E.g. ctrl+f("bration") finds "fibration" on p.9; but ctrl+f("ibration") doesn't. Seems that author accidentally inserted 'i' from other language =/
[Mon Apr 14 03:23:51 2014] <Rc43> Or just broken index.
[Mon Apr 14 03:24:01 2014] <jgross> Maybe it's the 'fi' ligature? 
[Mon Apr 14 03:24:36 2014] <Rc43> Oh, maybe.
[Mon Apr 14 03:25:00 2014] <jgross> If it's from LaTeX, you need to explicitly include, e.g., "\input{glyphtounicode} \pdfgentounicode=1" to get "fi" to be correctly searchable in all pdf readers. 
[Mon Apr 14 03:25:03 2014] <Rc43> I am not familiar with such things, I am from Russia; we don't use ligatures.
[Mon Apr 14 03:25:39 2014] <Rc43> jgross, ah, that's not my paper :)
[Mon Apr 14 03:26:12 2014] <jgross> Well, the author would need to include that for it to be searchable in all pdf readers. 
[Mon Apr 14 03:26:13 2014] <Rc43> jgross, ligatures are automatically inserted instead of known pairs or only manually?
[Mon Apr 14 03:26:24 2014] <jgross> Automatically 
[Mon Apr 14 03:28:02 2014] <Rc43> But I think the fault is in index. Because I try "path-" and get "ath-l". It looks to be shifted since one place.
[Mon Apr 14 03:28:38 2014] <Rc43> Also "path-l" fails, but "path-li" works properly (without shift).
[Mon Apr 14 03:28:41 2014] <Rc43> Strange.
[Mon Apr 14 16:23:16 2014] <Rc43> Hello.
[Mon Apr 14 16:23:57 2014] <ianjneu> Rc43: hola
[Mon Apr 14 20:54:56 2014] <schoppenhauer> hello. /2
[Mon Apr 14 20:55:27 2014] <schoppenhauer> is there any other library for finite types than the one from ssreflectP
[Mon Apr 14 20:55:30 2014] <schoppenhauer> ?
[Mon Apr 14 20:55:45 2014] <schoppenhauer> because currently I do not use ssreflect
[Tue Apr 15 08:47:49 2014] <roosbeef> in proof mode, when i have unfolded a function and it results in a subnested fix function
[Tue Apr 15 08:48:03 2014] <roosbeef> how can i split that into the different possible outcomes of that match ... with?
[Tue Apr 15 08:48:30 2014] <roosbeef> for example https://privatepaste.com/3ce130fd7f
[Tue Apr 15 08:49:06 2014] <roosbeef> how can i split that into two cases, one replacing the whole nested fix with 'empty', and the other with '{{h0}} + fstring2multiset t'
[Tue Apr 15 10:50:15 2014] <janno> what's the current status of coq para-itp?
[Tue Apr 15 12:47:02 2014] <ollehar> No "Redo" in coq?
[Tue Apr 15 15:28:51 2014] <Rc43> Hello.
[Tue Apr 15 15:30:04 2014] <ianjneu> o/
[Tue Apr 15 17:02:48 2014] <roosbeef> if im trying to prove this goal: well_founded  (fun f g : Sig => fstring_le f g /\ ~ (fstring_le f g /\ fstring_le g f))
[Tue Apr 15 17:03:01 2014] <roosbeef> how can i split that into multiple goals somehow?
[Tue Apr 15 17:03:28 2014] <roosbeef> suppose i have proof of fstring_le being well_founded for example
[Tue Apr 15 17:04:08 2014] <roosbeef> how do i fit that proof to this goal?
[Tue Apr 15 17:05:10 2014] <ianjneu> that doesn't seem like a theorem, if the relation's name denotes what I think it does. Consider instantiating f and g with the same thing.
[Tue Apr 15 17:05:53 2014] <roosbeef> thats what the second conjunct covers
[Tue Apr 15 17:07:33 2014] <roosbeef> the module im working with for some reason wants a less than equal relation and then limit that relation to only the less than part (with this "f x y /\ ~ (f x y /\ f y x)" construction)
[Tue Apr 15 17:12:28 2014] <roosbeef> (eg. http://color.inria.fr/doc/CoLoR.RPO.VPrecedence.html -> ltF_wf)
[Tue Apr 15 17:13:53 2014] <ianjneu> ah
[Tue Apr 15 17:15:15 2014] <ianjneu> (wellfounded R) is often proved with a lemma "forall x y, y <= x -> Acc R y"
[Tue Apr 15 17:15:39 2014] <ianjneu> induct on x.
[Tue Apr 15 17:15:49 2014] <ianjneu> The cases come from the induction.
[Tue Apr 15 17:16:03 2014] <roosbeef> hm
[Tue Apr 15 17:19:31 2014] <roosbeef> ltF is basically an order on pairs
[Tue Apr 15 17:19:48 2014] <roosbeef> (a lexicographic order on pairs)
[Tue Apr 15 17:20:12 2014] <roosbeef> for both the left and the right component of those pairs i have a proof that they are wellfounded
[Tue Apr 15 17:20:26 2014] <roosbeef> (multisets and natural numbers)
[Tue Apr 15 17:21:46 2014] <roosbeef> and this lemma tells me that if thats the case, then ltF is also wellfounded: http://color.inria.fr/doc/CoLoR.Util.Pair.LexOrder.html#lp_lexprod_wf
[Tue Apr 15 17:22:02 2014] <roosbeef> do i really need to unfold into Acc and all that?
[Tue Apr 15 17:22:46 2014] <ianjneu> wf_lexprod in Wellfounded/Lexicographic_Product.v is a place to look.
[Tue Apr 15 17:26:21 2014] <roosbeef> i dont understand
[Tue Apr 15 17:26:29 2014] <roosbeef> what is there to look for?
[Tue Apr 15 17:27:34 2014] <ianjneu> soryy I'm a bit distracted.
[Tue Apr 15 17:27:41 2014] <roosbeef> :p
[Tue Apr 15 18:39:43 2014] <Rc43> In Intensional TT how can we get "non-trivial" proof of propositional equality?
[Tue Apr 15 18:39:44 2014] <Rc43> When we have not-coinciding definitional and propositional equalities?
[Tue Apr 15 18:44:41 2014] <ianjneu> Rc43: meta-theoretically, they're all refl.
[Tue Apr 15 18:44:58 2014] <ianjneu> but this is probably a better question for ##hott
[Tue Apr 15 18:45:39 2014] <Rc43> ianjneu, there is no channel for type theories or something?
[Tue Apr 15 18:45:56 2014] <Rc43> ianjneu, I mean for more general topic
[Tue Apr 15 18:46:31 2014] <ianjneu> Rc43: hott in particular specializes in questions of equality.
[Tue Apr 15 18:47:01 2014] <ianjneu> I'm not sure of any general "type theory" channel. Just the upenn types mailing list and ncatlab.
[Tue Apr 15 18:47:33 2014] <Rc43> so, we know that all proofs are refl, but sometimes can't prove it inside our theory?
[Tue Apr 15 18:47:52 2014] <ianjneu> yes.
[Tue Apr 15 18:48:05 2014] <ianjneu> Due to canonicity of ITT
[Tue Apr 15 18:48:57 2014] <Rc43> Shouldn't canonicity be something about that every proof is refl?
[Tue Apr 15 18:49:06 2014] <Rc43> Where to read about that property?
[Wed Apr 16 08:20:57 2014] <roosbeef> my goal is well_founded  (fun x y : fs_Sig => LexMSTR.LexProd_Lt (fstring2pair x) (fstring2pair y))
[Wed Apr 16 08:21:20 2014] <roosbeef> i have already proven Lemma lexprod_wf : well_founded LexMSTR.LexProd_Lt.
[Wed Apr 16 08:22:01 2014] <roosbeef> how do i use lexprod_wf to prove the above goal?
[Wed Apr 16 08:35:31 2014] <roosbeef> back in 30 mins
[Wed Apr 16 09:33:38 2014] <roosbeef> ok 60 :p
[Wed Apr 16 09:43:22 2014] <roosbeef> how can i search for all lemmas with well_founded in their definition?
[Wed Apr 16 09:45:26 2014] <roosbeef> nm found it :)) http://coq.inria.fr/coq/stdlib/Coq.Wellfounded.Inverse_Image.html
[Wed Apr 16 15:40:59 2014] <solrize> so if you write a proof using generic tactics and then extract code, do you get crappy code and are you better off proving in smaller steps?  is there a sense of how to optimize the code by choosing tactics carefully?
[Wed Apr 16 16:21:34 2014] <Ptival> solrize: you mean if you write a computationally-relevant term using tactics?
[Wed Apr 16 16:26:09 2014] <gdsfh1> solrize: use only {exact, refine, destruct, case[_eq], clear, decide equality, apply, abstract} tactics and everything will be ok, if you'll get Defined at last.  (induction too, maybe.  e<tactic> too, maybe.)
[Wed Apr 16 16:26:57 2014] <solrize> ptival, yeah, i wondered if that was reasonable.  gdsfh1, thanks
[Wed Apr 16 16:28:44 2014] <gdsfh1> solrize: btw, not very reasonable, imho.  It's better to write computational terms with refine and prove other stuff (which is in Prop) with tactics or whatever.
[Wed Apr 16 16:29:18 2014] <solrize> thanks
[Wed Apr 16 16:29:21 2014] <Ptival> basically, only use tactics for which you understand exactly what the proof-subterm being built is and whether it is the right thing to do :)
[Wed Apr 16 16:29:47 2014] <Ptival> but even then, I agree with gdsfh1
[Wed Apr 16 16:30:23 2014] <solrize> cool
[Wed Apr 16 16:30:45 2014] <Ptival> since there's not really code generators in Coq, you can use tactics to build the term, then copy-paste it and tweak :)
[Wed Apr 16 18:31:49 2014] <schoppenhauer> hello. when using refine, one parameter needs to decrease. is there a direct method of giving another measure of induction?
[Wed Apr 16 18:32:28 2014] <schoppenhauer> the thing that currently decreases is a rather sophisticated calculation.
[Wed Apr 16 18:36:00 2014] <Ptival> schoppenhauer: have you seen measure?
[Wed Apr 16 18:36:08 2014] <Ptival> or wellfounded?
[Wed Apr 16 18:37:13 2014] <schoppenhauer> not yet, no.
[Wed Apr 16 18:39:30 2014] <schoppenhauer> Ptival thx
[Wed Apr 16 18:39:47 2014] <schoppenhauer> loox like what i need.
[Thu Apr 17 04:13:55 2014] <roosbeef> is it possible to 'assume' a lemma? So instead of writing a proof and finishing off with Qed, just finished off with Assumed? And use that lemma as a placeholder in subsequent proofs? And then return to it later to fill in the proof
[Thu Apr 17 04:14:18 2014] <ezyang> Admitted.
[Thu Apr 17 04:16:52 2014] <roosbeef> perfect, thanks :))
[Thu Apr 17 04:49:33 2014] <roosbeef> how can i pull a hypothesis back to the goal?
[Thu Apr 17 04:49:57 2014] <roosbeef> for example H: P with goal Q, how can i turn that into the goal P -> Q
[Thu Apr 17 04:51:45 2014] <ezyang> generalize
[Thu Apr 17 04:52:07 2014] <roosbeef> ha thanks :)
[Thu Apr 17 05:25:18 2014] <roosbeef> hm
[Thu Apr 17 05:26:53 2014] <roosbeef> Lemma fstring_le_trans: forall s1 s2 s3, fstring_le s1 s2 -> fstring_le s2 s3 -> fstring_le s1 s3.
[Thu Apr 17 05:27:10 2014] <roosbeef> fstring_le is simply defined as https://privatepaste.com/9675452629
[Thu Apr 17 05:27:34 2014] <roosbeef> i have proven Lemma LexProd_LT_trans : transitive LexMSTR.LexProd_Lt.
[Thu Apr 17 05:27:50 2014] <roosbeef> how do i use LexProd_LT_trans to prove fstring_le_trans?
[Thu Apr 17 05:30:04 2014] <roosbeef> my problem is that i need fstring_le when either of s1 s2 s3 are equal (apply fstring_eq), and LexProd_LT otherwise. When destructing things, it tends to bring this out of sync..
[Thu Apr 17 05:35:18 2014] <roosbeef> nevermind think i got it
[Thu Apr 17 05:35:35 2014] <roosbeef> when doing inversion on the assumptions rather than destructing things, that works better
[Thu Apr 17 05:38:06 2014] <roosbeef> nope ;p actually it brings up the same issue
[Thu Apr 17 06:37:09 2014] <roosbeef> back in a bit
[Thu Apr 17 07:50:52 2014] <roosbeef> how is this possible?
[Thu Apr 17 07:50:58 2014] <roosbeef> Error: Impossible to unify "strict_order (MultisetGt ?2982)" with "strict_order (MultisetGT (transp l_Lt))".
[Thu Apr 17 14:23:33 2014] <Ptival> roosterbot:
[Thu Apr 17 14:23:35 2014] <Ptival> oops
[Thu Apr 17 14:23:41 2014] <Ptival> no roosbeef
[Fri Apr 18 04:19:28 2014] <roosbeef> is it possible to get more specifications on a message like this? Error: Impossible to unify "strict_order (MultisetGt ?2982)" with "strict_order (MultisetGT (transp l_Lt))".
[Fri Apr 18 04:37:44 2014] <roosbeef> i dont get it
[Fri Apr 18 05:08:03 2014] <roosbeef> how do i add lemmas to the hint database, or check that they are in there?
[Fri Apr 18 05:28:46 2014] <Guuf> How do I load a file in coqtop?
[Fri Apr 18 05:45:28 2014] <Guuf> Is there any kind of help command in coqtop?
[Fri Apr 18 05:48:00 2014] <Guuf> I figured out how to load stuff, but if I make a small change in my file and want to reload it I get name collisions and have to quit coqtop and reload. Is there a better way to do this?
[Fri Apr 18 05:59:04 2014] <ezyang> Guuf: I am not sure what you are doing, but if it's normal proof editing you should use Proof General or CoqIDE
[Fri Apr 18 06:00:39 2014] <Guuf> I am working through the second chapter in “Certified Programming with Dependent Types”, so right now I am basically just doing regular programming.
[Fri Apr 18 06:01:12 2014] <Guuf> CoqIde does not work on my OS and Proof General uses emacs.
[Fri Apr 18 06:02:18 2014] <ezyang> :( You don't like emacs?
[Fri Apr 18 06:02:35 2014] <ezyang> It basically is not possible to do proofs without proper IDE support
[Fri Apr 18 06:02:55 2014] <Cale> Which OS?
[Fri Apr 18 06:03:26 2014] <Guuf> OS X.
[Fri Apr 18 06:04:03 2014] <Guuf> I guess it was broken with the Mavericks update to OS X>
[Fri Apr 18 06:04:36 2014] <Guuf> I guess it’s this bug: http://www.lix.polytechnique.fr/coq/bugs/show_bug.cgi?id=3155
[Fri Apr 18 06:06:00 2014] <Guuf> ezyang: Yeah, I thought so, we’ll see when I run into a wall. :)
[Fri Apr 18 06:07:07 2014] <ezyang> It sounds like you've already run into it
[Fri Apr 18 06:07:20 2014] <ezyang> :P
[Fri Apr 18 06:07:57 2014] <Guuf> Nah, this is just a hurdle.
[Fri Apr 18 07:23:25 2014] <Guuf> Maybe I’ll just make my own IDE, with blackjack, and hookers.
[Fri Apr 18 07:50:57 2014] <osa1> Guuf: there's a vim plugin which works great
[Fri Apr 18 07:51:06 2014] <osa1> I'm using it for months
[Fri Apr 18 07:52:04 2014] <Guuf> Cool!
[Fri Apr 18 07:52:08 2014] <Guuf> Thanks osa1.
[Fri Apr 18 07:52:29 2014] <osa1> Guuf: I'm using customized version of http://www.vim.org/scripts/script.php?script_id=4388 but there's also https://github.com/the-lambda-church/coquille
[Fri Apr 18 07:53:46 2014] <osa1> Guuf: you can see my vim setup here https://github.com/osa1/rcbackup you may want to copy coq related files/settings
[Fri Apr 18 08:15:01 2014] <Guuf> osa1, thanks a bunch!
[Sat Apr 19 05:52:04 2014] <roosbeef> suppose we have this goal: strict_order (MultisetGT (transp l_Lt))
[Sat Apr 19 05:52:21 2014] <roosbeef> and we have this proven Lemma, mord_sorder : strict_order MultisetGt. (see http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetOrder.html)
[Sat Apr 19 05:52:54 2014] <roosbeef> why does coq then give this error when trying to apply that lemma, and what does coq mean by that? Error: Impossible to unify "strict_order (MultisetGt ?2982)" with "strict_order (MultisetGT (transp l_Lt))".
[Sat Apr 19 05:53:23 2014] <roosbeef> it should be able to unify those? How can i find out whats going wrong
[Sat Apr 19 07:56:33 2014] <roosbeef> back in a bit
[Sat Apr 19 09:33:34 2014] <roosbeef> doh
[Sat Apr 19 09:33:41 2014] <roosbeef> GT is not Gt
[Sat Apr 19 09:34:15 2014] <roosbeef> how did i manage to overlook that for hours on end haha
[Sat Apr 19 11:26:17 2014] <Anarchos> what are the news about coq and its extracted programs ?
[Sat Apr 19 12:40:03 2014] <roosbeef> im trying to prove for some function f on strings that "forall x y : string_type, {f x y} + {~ f x y}"
[Sat Apr 19 12:40:36 2014] <roosbeef> it should be straight forward i think
[Sat Apr 19 12:41:16 2014] <roosbeef> but i keep getting stuck on the induction part
[Sat Apr 19 12:41:21 2014] <roosbeef> any tips?
[Sat Apr 19 13:04:53 2014] <Anarchos> roosbeef did you look at *_eq_dec theorems ?
[Sat Apr 19 13:11:04 2014] <roosbeef> well
[Sat Apr 19 13:11:11 2014] <roosbeef> ive been browsing them a lot yea
[Sat Apr 19 13:11:28 2014] <roosbeef> but arent those about equalities?
[Sat Apr 19 13:13:58 2014] <roosbeef> im trying to prove rel_dec f, not eq_dec f
[Sat Apr 19 13:14:11 2014] <roosbeef> um
[Sat Apr 19 13:14:49 2014] <roosbeef> i guess eq_dec f doesnt make sense but just to emphasize :p
[Sat Apr 19 15:38:05 2014] <roosbeef> ok i give up for today
[Sun Apr 20 05:26:02 2014] <roosbeef> to prove that a relation R is decidable, ie. rel_dec R (see http://color.inria.fr/doc/CoLoR.Util.Relation.RelMidex.html#rel_dec)
[Sun Apr 20 05:26:28 2014] <roosbeef> is it neccesary to use this lemma? http://color.inria.fr/doc/CoLoR.Util.Relation.RelDec.html#clos_trans_restriction_dec_R_dec
[Sun Apr 20 08:05:41 2014] <roosbeef> given a relation R on letters https://privatepaste.com/048ea75e06
[Sun Apr 20 08:06:51 2014] <roosbeef> how can i write a function that takes a list of letters and returns a list of only those letters x for which l_Lt x y is not in l_Lt (given any y of the input list)
[Sun Apr 20 08:09:38 2014] <roosbeef> meh
[Sun Apr 20 08:09:41 2014] <roosbeef> i have to go
[Sun Apr 20 08:09:48 2014] <roosbeef> but im back in a bit
[Sun Apr 20 08:21:11 2014] <roosbeef> hi :p
[Sun Apr 20 09:17:44 2014] <Guuf> Hello there roosbeef!
[Sun Apr 20 09:31:19 2014] <roosbeef> whats up Guuf
[Sun Apr 20 09:31:26 2014] <Guuf> Not much.
[Sun Apr 20 09:31:29 2014] <Guuf> The sun, I guess.
[Sun Apr 20 09:31:35 2014] <roosbeef> haha
[Sun Apr 20 09:31:36 2014] <Guuf> You?
[Sun Apr 20 09:31:36 2014] <roosbeef> it is indeed
[Sun Apr 20 09:32:05 2014] <roosbeef> just listening to some music
[Sun Apr 20 09:32:28 2014] <roosbeef> i was taking a break from trying to figure out coq
[Sun Apr 20 09:34:21 2014] <Guuf> Hmm, yes, indeed. I myself am trying to figure out Coq. What approach are you using?
[Sun Apr 20 09:34:31 2014] <roosbeef> brute force
[Sun Apr 20 09:34:42 2014] <Guuf> Haha. :)
[Sun Apr 20 09:34:54 2014] <roosbeef> how far along are you?
[Sun Apr 20 09:34:56 2014] <Guuf> Any special resources, books?
[Sun Apr 20 09:34:59 2014] <Guuf> Not very.
[Sun Apr 20 09:35:06 2014] <roosbeef> well, ive read Coq'Art mostly
[Sun Apr 20 09:35:16 2014] <Guuf> Is it good?
[Sun Apr 20 09:35:48 2014] <Guuf> I have been reading “Certified Programming with Dependent Types” but couldn’t get an example to work.
[Sun Apr 20 09:36:11 2014] <roosbeef> i guess, although i only started to really understand coq after simply messing with it for a while
[Sun Apr 20 09:36:29 2014] <Guuf> I see.
[Sun Apr 20 09:36:43 2014] <roosbeef> im probably not giving it enough credit though
[Sun Apr 20 09:37:03 2014] <roosbeef> because when i was reading that it seemed like it was the only resource on coq that would start you from scratch
[Sun Apr 20 09:39:14 2014] <roosbeef> itll probably seem like a brand new book when i read it now
[Sun Apr 20 09:40:50 2014] <roosbeef> besides that book, this channel has been of tremendous value to me
[Sun Apr 20 09:41:58 2014] <Guuf> Okay, sounds good.
[Sun Apr 20 09:42:25 2014] <Guuf> Well, I have been messing around a bit with Coq now, so maybe I should pick up Coq’Art.
[Sun Apr 20 09:43:17 2014] <roosbeef> it will get you past the point of trying to get an example to work thats for sure :p
[Sun Apr 20 09:49:44 2014] <Guuf> :)
[Sun Apr 20 09:54:39 2014] <jdoles> Coq d'Art doesn't teach you a method of proof, AFAIK.
[Sun Apr 20 09:54:51 2014] <jdoles> It just shows you a bunch of random things you can do with Coq.
[Sun Apr 20 09:55:46 2014] <jdoles> CPDT on the other hand shows a proof framework such that you can work in a structured manner.
[Sun Apr 20 10:03:51 2014] <roosbeef> hm
[Sun Apr 20 10:04:03 2014] <roosbeef> think ill just read CPDT
[Sun Apr 20 10:04:17 2014] <roosbeef> seems like a decent book
[Sun Apr 20 12:21:59 2014] <scubed> The goo.gl link in the topic appears to be about some publicly visible work of art, not a theorem.
[Sun Apr 20 14:03:16 2014] <schoppenhauer> hello. I do not quite get what {bla} does. for example, one has {a <= b}+{b <= a}.
[Sun Apr 20 14:03:40 2014] <schoppenhauer> can somebody explain please?
[Sun Apr 20 14:06:07 2014] <scubed> schoppenhauer: It's syntax for that it's decidable which of those outcomes it is.
[Sun Apr 20 14:06:25 2014] <schoppenhauer> scubed: i mean the {...} especially.
[Sun Apr 20 14:06:49 2014] <scubed> That's just syntax.  It doesn't particular have meaning on its own.
[Sun Apr 20 14:06:56 2014] <scubed> particularly
[Sun Apr 20 14:07:43 2014] <schoppenhauer> scubed: but I cannot follow a+b from {a}+{b}
[Sun Apr 20 14:08:32 2014] <scubed> schoppenhauer: Try Locate "{" and you'll see that it comes out to sumbool and sumor.
[Sun Apr 20 14:09:10 2014] <scubed> So, + is not plus, but sumbool.
[Sun Apr 20 14:09:24 2014] <scubed> (You can also do Locate "+".)
[Sun Apr 20 14:09:39 2014] <scubed> So, it's not related to "a+b".
[Sun Apr 20 14:09:50 2014] <scubed> That would have a and b be nat, but here, they're propositions.
[Sun Apr 20 14:10:14 2014] <scubed> Does that help?  Or which part is confusing?
[Sun Apr 20 14:10:47 2014] <schoppenhauer> hm.
[Sun Apr 20 14:11:48 2014] <schoppenhauer> scubed: why can't I use inl to generate a+b?
[Sun Apr 20 14:12:26 2014] <scubed> Could you give a concrete example?
[Sun Apr 20 14:14:37 2014] <schoppenhauer> scubed: http://lpaste.net/103003
[Sun Apr 20 14:15:02 2014] <schoppenhauer> Impossible to unify "(?8286 + ?8287)%type" with "a <= b + b <= a".
[Sun Apr 20 14:15:28 2014] <schoppenhauer> it is a set, probably.
[Sun Apr 20 14:15:34 2014] <schoppenhauer> and not a type.
[Sun Apr 20 14:16:15 2014] <scubed> schoppenhauer: Check forall a b, (a <= b + b) /\ ( b+b <= a).
[Sun Apr 20 14:16:34 2014] <scubed> If you put that in, you'll see it displays as a <= b + b <= a, which is what you have in your goal.
[Sun Apr 20 14:16:48 2014] <schoppenhauer> m(
[Sun Apr 20 14:16:50 2014] <schoppenhauer> ok thx
[Sun Apr 20 14:16:52 2014] <scubed> So, you're doing plus (b : nat) (b :nat)
[Sun Apr 20 14:17:07 2014] <scubed> instead of sumbool (A : a <= b) (B: b <= a).
[Sun Apr 20 14:17:37 2014] <scubed> You need {} so it parses as sumbool instead of plus.
[Sun Apr 20 14:20:08 2014] <schoppenhauer> scubed: but (a <= b) + (b <= a) is not the same as {a <= b} + {b <= a}.
[Sun Apr 20 14:21:05 2014] <scubed> That's sum instead of sumbool.  The Locate command shows you which syntax there is for different symbols.
[Sun Apr 20 14:21:29 2014] <schoppenhauer> is there a standard lemma showing that the one follows from the other?
[Sun Apr 20 14:22:05 2014] <schoppenhauer> I mean I can prove it now.
[Sun Apr 20 14:22:10 2014] <scubed> sumbool is Prop, sum is Type.
[Sun Apr 20 14:22:20 2014] <schoppenhauer> hm.
[Sun Apr 20 14:22:46 2014] <scubed> So, sum is more general.
[Sun Apr 20 14:23:23 2014] <scubed> e.g. like how there's nat_rect vs. nat_ind.
[Sun Apr 20 14:24:38 2014] <scubed> schoppenhauer: Print sum.  Print sumbool.
[Sun Apr 20 14:26:48 2014] <scubed> schoppenhauer: You can do e.g. destruct (le_ge_dec a b) as [|] _eqn.
[Sun Apr 20 14:27:09 2014] <scubed> That proves your Lemma.
[Sun Apr 20 14:34:59 2014] <schoppenhauer> thx.
[Sun Apr 20 15:51:30 2014] <tswett> Ahoy.
[Sun Apr 20 21:17:57 2014] <solrize> so let's see, we've got values like 3, that are members of types, and the types are members of higher types (2-types) and so on through the finite indexes.  the union is omega.  question: is it meaningful to abstract over all of them and so on, so you get transfinite ordinal type levels?
[Mon Apr 21 05:41:00 2014] <roosbeef> hi
[Mon Apr 21 05:41:53 2014] <roosbeef> given a type and a partial order R on this type, is it possible to extract from a list of this type only those elements that are in R?
[Mon Apr 21 05:42:00 2014] <roosbeef> eg. https://privatepaste.com/ea625c88fd
[Mon Apr 21 05:43:45 2014] <roosbeef> how can i, given any list of letters, create a list of only the elements e such that forall x, not_eq x e -> l_Lt x e
[Mon Apr 21 08:01:09 2014] <roosbeef> brb
[Mon Apr 21 15:14:58 2014] <schoppenhauer> hello. I (still) do not get how I can get equalities from match ... with. If I have match a with | b => _, then in _, I want to have a predicate a=b
[Mon Apr 21 15:15:02 2014] <schoppenhauer> is that possible?
[Mon Apr 21 15:18:02 2014] <schoppenhauer> like I would do with eqn:... in inductions.
[Mon Apr 21 15:34:52 2014] <ianjneu> schoppenhauer: there is a design pattern to do this described in Adam Chlipala's book, CPDT. It's called the convoy pattern.
[Mon Apr 21 15:35:47 2014] <ianjneu> Essentially you eta-expand inside each match case to get equality hypotheses, and you apply the match to eq_refl of the discriminant (the thing you match on)
[Mon Apr 21 15:36:34 2014] <ianjneu> (match x as y in (x = y -> _) with blah => fun H : x = blah => rhs end (eq_refl x))
[Mon Apr 21 16:11:32 2014] <schoppenhauer> ianjneu: thx. i try it, but didnt notice that my battery vanished.
[Tue Apr 22 09:12:24 2014] <schoppenhauer> hi. I have a problem: I know that a=b. and I want to prove that (forall x, x<a -> nat) = (forall x, x<b -> nat).
[Tue Apr 22 09:12:58 2014] <schoppenhauer> well actually, I have a function f : forall x, x<a -> nat, and I need forall x, x<b -> nat, but I can prove a=b.
[Tue Apr 22 09:13:26 2014] <schoppenhauer> but rewrite does not go into type parameters.
[Tue Apr 22 09:16:43 2014] <schoppenhauer> oh nice, setoid_rewrite gives a coredump :3
[Tue Apr 22 09:17:06 2014] <schoppenhauer> a segv.
[Tue Apr 22 09:17:18 2014] <schoppenhauer>  I assume this is a bug. right?
[Tue Apr 22 09:19:04 2014] <gdsfh> schoppenhauer: maybe you want "(forall x, x<a -> nat) -> (forall x, x<b -> nat)" instead of equality?
[Tue Apr 22 09:19:16 2014] <schoppenhauer> gdsfh: unfortunately, no.
[Tue Apr 22 09:19:55 2014] <schoppenhauer> hm. ok, independently of my actual problem, I can reproduce a segfault using setoid_rewrite.
[Tue Apr 22 09:20:17 2014] <schoppenhauer> is this a know issue or should I file a bug report?
[Tue Apr 22 09:20:27 2014] <gdsfh> schoppenhauer: Goal forall (a b : nat) (E : a=b), (forall x, x<a -> nat) = (forall x, x<b -> nat). intros a b E. rewrite <- E. reflexivity. Qed.
[Tue Apr 22 09:20:41 2014] <schoppenhauer> gdsfh: thx.
[Tue Apr 22 09:21:00 2014] <gdsfh> schoppenhauer: if you are using not so old coq version (>=8.4), it's better to file a bug.
[Tue Apr 22 09:21:36 2014] <schoppenhauer> Welcome to Coq 8.4pl3 (April 2014)
[Tue Apr 22 09:21:40 2014] <schoppenhauer> that should be sufficient :3
[Tue Apr 22 09:21:56 2014] <gdsfh> schoppenhauer: btw, "<-" in rewrite is not necessary here.
[Tue Apr 22 09:22:29 2014] <schoppenhauer> gdsfh: I have read that without <- its not compatible with ssreflect. and even though I do not use ssreflect, I think it makes t he code more clear.
[Tue Apr 22 09:28:20 2014] <gdsfh> schoppenhauer: don't know about ssreflect.  But as you wish; "rewrite E" == "rewrite -> E".  In this example the direction of rewrite can be any.
[Tue Apr 22 10:41:08 2014] <schoppenhauer> Error: Impossible to unify "?9445" with "?9445".
[Tue Apr 22 10:41:55 2014] <schoppenhauer> :3
[Tue Apr 22 10:43:51 2014] <tswett> Yup, that's an unhelpful error message.
[Tue Apr 22 10:44:49 2014] <tswett> I think you can tell Coq to print more details.
[Tue Apr 22 10:45:20 2014] <schoppenhauer> doesn't matter in this case.
[Tue Apr 22 10:45:45 2014] <tswett> Set Printing All!
[Tue Apr 22 10:45:49 2014] <schoppenhauer> I just thought it was funny.
[Tue Apr 22 10:46:02 2014] <schoppenhauer> tswett: thank you.
[Tue Apr 22 10:50:38 2014] <schoppenhauer> ok, my problem is more general: is there a possibility to replace x : T a with x : T b if a = b, where T is some type-functor?
[Tue Apr 22 10:52:15 2014] <schoppenhauer> or equivalently: a rewrite tactic that goes into every type parameter?
[Tue Apr 22 11:06:58 2014] <tswett> I don't remember if the type system is too stubborn to allow you to do that.
[Tue Apr 22 11:10:36 2014] <tswett> If I'm not mistaken (and my Coq is very rusty), the type checker will only give one type to a term; if x : T a, then (barring coercion) it's not the case that x : T b.
[Tue Apr 22 11:10:56 2014] <tswett> But I think given a = b, you ought to be able to take a term of type T a and create a different term of type T b out of it.
[Tue Apr 22 11:13:44 2014] <schoppenhauer> gah, I cannot even do pattern matching on dependent types ...
[Tue Apr 22 11:14:01 2014] <schoppenhauer> s/types/products
[Tue Apr 22 11:14:19 2014] <schoppenhauer> I am probably doing something wrong *reads chapter 17 agan*
[Tue Apr 22 11:30:12 2014] <schoppenhauer> tswett: if I define a coercion, is it possible then?
[Tue Apr 22 11:31:00 2014] <ystael> schoppenhauer: do you need x : T b, or just <some term derived from x> : T b ?
[Tue Apr 22 11:31:18 2014] <schoppenhauer> ystael: x : T b
[Tue Apr 22 11:33:50 2014] <schoppenhauer> I actually have a function f : forall (x : nat) (g : forall y : nat -> (y < x) -> nat).
[Tue Apr 22 11:33:57 2014] <schoppenhauer> and I am doing induction over x, essentially.
[Tue Apr 22 11:34:26 2014] <schoppenhauer> to prove that f 0 g = ..., and f (S n) g = ...
[Tue Apr 22 11:34:55 2014] <schoppenhauer> now when x = 0, g is not of type (forall (y : nat) -> (y < 0) -> nat).
[Tue Apr 22 11:35:07 2014] <schoppenhauer> (I know that y < 0 is not possible)
[Tue Apr 22 11:35:19 2014] <schoppenhauer> (but that is not the problem here)
[Tue Apr 22 11:35:59 2014] <schoppenhauer> (the function just must be the trivial function from \bot to \bot)
[Tue Apr 22 11:38:57 2014] <ystael> schoppenhauer: The type you have given for g is a type family, dependent on x.  I feel like your match clauses should have the shape f 0 (g 0) = ..., f (S n) (g (S n)) = ...
[Tue Apr 22 11:41:39 2014] <ystael> i.e., g : P x where P x = forall (y : nat) -> (y < x) -> nat
[Tue Apr 22 12:03:15 2014] <schoppenhauer> ystael: you mean g gets an additional implicit argument?
[Tue Apr 22 12:03:55 2014] <ystael> Whether it is implicit or not is a syntactic issue, but yes, I think it needs to have an additional argument.
[Tue Apr 22 12:50:51 2014] <tswett> schoppenhauer: I think coercion is just a convenience allowing functions to be implied automatically, without having to be written; you can't do anything with coercion that you couldn't do without it.
[Tue Apr 22 13:09:33 2014] <schoppenhauer> ok, thanks. I am trying to do the whole thing in another way now.
[Tue Apr 22 13:43:25 2014] <tswett> Does the mainline version of Coq have universe polymorphism yet?
[Tue Apr 22 15:15:44 2014] <schoppenhauer> http://lpaste.net/103089 ok, this pretty much summarizes my problem I guess.
[Tue Apr 22 15:16:28 2014] <schoppenhauer> the refinement fails, because The 2nd term has type "forall x : nat, x < i0 -> nat" which should be coercible to "forall x : nat, x < i -> nat".
[Tue Apr 22 15:20:53 2014] <robbert> tswett: only for inductives, not for definitions. Matthieu Sozeau is working on full universe polymorphism.
[Tue Apr 22 15:21:19 2014] <robbert> he may have a version on github
[Tue Apr 22 15:23:46 2014] <schoppenhauer> does anyone have a clue whats wrong?
[Tue Apr 22 15:37:47 2014] <schoppenhauer> why doesn't it automatically substitute the correct term?
[Tue Apr 22 15:48:17 2014] <schoppenhauer> hm. I'll post it on SO.
[Thu Apr 24 23:48:46 2014] <p92> Does coq support any form of definitional equality for coinductive types at the type level?
[Thu Apr 24 23:50:15 2014] <p92> For example, how do I prove that (repeat 1 = Yield 1 (repeat 1)), for reasonable definitions of repeat and Yield and streams?
[Thu Apr 24 23:59:46 2014] <jrw> p92: doesn't cpdt discuss this
[Thu Apr 24 23:59:48 2014] <jrw> ?
[Fri Apr 25 00:01:49 2014] <jrw> p92: yeah, reread cpdt 5.2
[Fri Apr 25 00:06:28 2014] <jrw> p92: short answer: your equality probably isn't provable.
[Fri Apr 25 00:24:22 2014] <p92> jrw, CPDT suggests "no", wonder if anything has changed.
[Fri Apr 25 00:27:32 2014] <jrw> p92: what do you mean?
[Fri Apr 25 00:28:51 2014] <p92> jrw, I get confused by Coq versions and which one CPDT discusses
[Fri Apr 25 00:30:12 2014] <jrw> p92: I seriously doubt that this has changed in any recent version of coq
[Fri Apr 25 00:31:10 2014] <p92> jrw, fair enough
[Fri Apr 25 09:02:47 2014] <mrtn_> Hi! How would one go about proving a lemma where the left side of a consequence does not hold?
[Fri Apr 25 09:02:57 2014] <mrtn_> E.g. Lemma A: 2 = 3 -> P.
[Fri Apr 25 09:04:49 2014] <ijp> well, false proves anything, so exfalso
[Fri Apr 25 09:09:42 2014] <ijp> mrtn_: just do inversion on your hypothesis 2=3
[Fri Apr 25 09:11:45 2014] <mrtn_> Ah yes, thanks!
[Fri Apr 25 09:20:13 2014] <Rc43> Error: Cannot infer an internal placeholder of type "Type".
[Fri Apr 25 09:20:14 2014] <Rc43> =/
[Fri Apr 25 09:23:38 2014] <Rc43> Solved with manual annotation of type.
[Fri Apr 25 09:31:14 2014] <mrtn_> Another question: How are lemma's with greater-than relations handled?
[Fri Apr 25 09:31:34 2014] <mrtn_> E.g. Lemma B: forall n, S n > O.
[Fri Apr 25 09:40:14 2014] <Rc43> mrtn_, what do you want to do with it exactly?
[Fri Apr 25 09:40:27 2014] <Rc43> mrtn_, I use "inversion" on them usually
[Fri Apr 25 09:40:36 2014] <Rc43> mrtn_, but not sure that it is the best way
[Fri Apr 25 09:44:46 2014] <mrtn_> I try to proof that each iteration of my algorithm results in a smaller datastucture. I defined a length function and now I need to proof a subgoal similar to lemma B above.
[Fri Apr 25 09:45:43 2014] <mrtn_> How would I use inversion on lemma B, if I apply it directly it only duplicates my subgoal?
[Fri Apr 25 11:11:17 2014] <schoppenhauer> hello. is there a "<=" defined for Fin.t anywhwere?
[Fri Apr 25 11:11:28 2014] <schoppenhauer> otherwise I would have to use to_nat.
[Fri Apr 25 11:21:54 2014] <Rc43> mrtn_, oh  I thought you want to imply something from x > y. So now you need to construct element of x > y; lt is just inductive type lt. E.g. for Lemma B you need to destruct n, you will get n = 0 and goal : S O > O, this is proved by lt_base (I don't remember exact name); other branch is n = S n', here you need to use induction hypothesis and the second contructor of inductive lt.
[Fri Apr 25 12:01:22 2014] <schoppenhauer> gah, when I try to prove it, I get strange type errors.
[Fri Apr 25 12:11:58 2014] <schoppenhauer> is there any decidable equality for Fin.t ?
[Fri Apr 25 12:25:05 2014] <ianjneu> schoppenhauer: depends on what you want to show. You can use to_nat and decide equality there, or you can inject the smaller indexed type into the larger index and use a decidable equality in that type, but you're hosed if you want to arbitrarily compare elements of type Fin.t with different indices (unless you admit the sloppy JMeq axiom)
[Fri Apr 25 12:50:30 2014] <schoppenhauer> ianjneu: If (a b : Fin.t m), then it should be decidable whether a=b, shouldn't it?
[Fri Apr 25 12:52:04 2014] <schoppenhauer> ianjneu: that is, a and b both have the index m.
[Fri Apr 25 12:56:00 2014] <schoppenhauer> ianjneu: why are strong axioms required to proof equalities of *finite* objects?
[Fri Apr 25 12:59:54 2014] <schoppenhauer> ianjneu: equality of numbers is also decidable. and I really need forall m (a b : Fin m), a = b \/ ~ a = b
[Fri Apr 25 13:07:57 2014] <ianjneu> schoppenhauer: it's a little more difficult since the indices change through induction. You need a stronger argument.
[Fri Apr 25 13:08:38 2014] <schoppenhauer> ianjneu: so equality on Fin m is not decidable?
[Fri Apr 25 13:10:49 2014] <ianjneu> schoppenhauer: It is, it's just harder to prove.
[Fri Apr 25 13:11:11 2014] <schoppenhauer> ianjneu: is there a proof in the standard lib?
[Fri Apr 25 13:11:18 2014] <schoppenhauer> I could not find one
[Fri Apr 25 13:12:40 2014] <ianjneu> not that I know of.
[Fri Apr 25 13:12:52 2014] <ianjneu> perhaps in Agda's standard lib.
[Fri Apr 25 13:13:40 2014] <schoppenhauer> yeah, but I use coq ...
[Fri Apr 25 13:14:54 2014] <ianjneu> yes, but you can port proofs.
[Fri Apr 25 15:09:12 2014] <keep_learning> Hello all.
[Fri Apr 25 15:09:45 2014] <keep_learning> I just finished the first chapter of software foundation and trying to compile it using coqc Basic.v
[Fri Apr 25 15:09:49 2014] <keep_learning> but getting
[Fri Apr 25 15:10:01 2014] <keep_learning> Error: There are pending proofs
[Fri Apr 25 15:10:19 2014] <keep_learning> I think I proved all the theorem ihttp://lpaste.net/103203
[Fri Apr 25 15:10:40 2014] <keep_learning> Could some one please tell me what is wrong with code.
[Fri Apr 25 15:15:42 2014] <ianjneu> identity_fn_applied_twice
[Fri Apr 25 15:17:20 2014] <ianjneu> keep_learning: ^
[Fri Apr 25 15:20:02 2014] <keep_learning> ianjneu: I did not get you. You mean Notation "x ^ y" := ( exp x y )                       ( at level 30, right associativity)                       : nat_scope. Eval simpl in 2^2^3 ?
[Fri Apr 25 15:31:20 2014] <keep_learning> Any one ?
[Fri Apr 25 15:33:09 2014] <rribeiro> keep_learning: Hi!
[Fri Apr 25 15:33:28 2014] <keep_learning> rribeiro: Hi!
[Fri Apr 25 15:34:34 2014] <rribeiro> keep_learning: When you ask "Any one?", its because do you have a question?
[Fri Apr 25 15:34:50 2014] <keep_learning> rribeiro: Yes.
[Fri Apr 25 15:35:14 2014] <keep_learning> I just finished the first chapter of software foundation
[Fri Apr 25 15:35:16 2014] <rribeiro> keep_learning: What is your question, maybe I could help you
[Fri Apr 25 15:35:22 2014] <Anarchos> keep_learning Any one ? ----> 1
[Fri Apr 25 15:35:28 2014] <keep_learning> rribeiro: http://lpaste.net/103203
[Fri Apr 25 15:35:35 2014] <keep_learning> and moving to second chapter
[Fri Apr 25 15:35:42 2014] <Anarchos> * gave an intuitionistic answer with a constructive proof :)
[Fri Apr 25 15:35:48 2014] <keep_learning> so it asked me to compiler the Basic.v
[Fri Apr 25 15:35:59 2014] <keep_learning> and but I am getting compiler error.
[Fri Apr 25 15:36:08 2014] <keep_learning> Error: There are pending proofs
[Fri Apr 25 15:36:27 2014] <keep_learning> but I think I proved every single theorem.
[Fri Apr 25 15:36:38 2014] <keep_learning> except one which I removed from file.
[Fri Apr 25 15:37:58 2014] <rribeiro> Yes. It give me the same error
[Fri Apr 25 15:38:10 2014] <rribeiro> I'm looking your code to see what is happening
[Fri Apr 25 15:38:23 2014] <jrw> Qed missing at identity_fn_applied_twice?
[Fri Apr 25 15:39:19 2014] <rribeiro> keep_learning: Just as jrw says: missing Qed at identity_fn_applied_twice
[Fri Apr 25 15:39:33 2014] <keep_learning> rribeiro: jrw Thank you!
[Fri Apr 25 15:42:08 2014] <keep_learning> rribeiro: so how come it accepted proof without Qed. Should not that be error ?
[Fri Apr 25 15:42:53 2014] <rribeiro> keep_learning: Yeah... It also have happened to me when I'm making software foundations... I don't know why this is happening
[Fri Apr 25 15:43:19 2014] <rribeiro> I believe that this is related to the fact that you can define a theorem inside another one.
[Fri Apr 25 15:43:36 2014] <rribeiro> so, before you Qed something, you can start another proof.
[Sat Apr 26 05:26:48 2014] <robbert> schoppenhauer: see https://github.com/robbertkrebbers/ch2o/blob/master/vector.v#L41 for decidable equality of fin
[Sat Apr 26 06:47:09 2014] <Rc43> Hello.
[Sat Apr 26 06:48:16 2014] <Rc43> I am reading CPDT #7, and see the definition of well-founded relation R as such, that every element is accessible with R.
[Sat Apr 26 06:48:38 2014] <Rc43> And there is implication that such relation doesn't has infinitely decreasing chains.
[Sat Apr 26 06:49:30 2014] <Rc43> Am I right that "<" on [0;1] would be well-founded in this definition if we could define real numbers?
[Sat Apr 26 06:50:02 2014] <Rc43> (I mean that for "<" on [0;1] there are infinitely decreasing chains, but it satisfies the definition.)
[Sat Apr 26 07:14:38 2014] <ziman> how does it satisfy the definition?
[Sat Apr 26 07:16:37 2014] <ziman> suppose you are given a formalisation of reals; how do you give a proof that _<_ is WF?
[Sat Apr 26 07:17:57 2014] <Rc43> ziman, hmm
[Sat Apr 26 07:21:39 2014] <Rc43> ziman, seems I understood. We can't build acc_intro, because there are always elements less than given; in wf relations terminal point is when we haven't such elements, so function \y yRx -> _|_ is trivial.
[Sat Apr 26 07:22:48 2014] <Rc43> I was confused with name of the relation "accessibility"; I interpreted it wrong.
[Sat Apr 26 07:23:45 2014] <ziman> right
[Sat Apr 26 07:24:18 2014] <ziman> it took a while for me to wrap my head around the notion
[Sat Apr 26 12:14:59 2014] <nolrai66> So what was the reason to shift from record based type classes to module based type classes? (I find the second much harder to use, though honestly I don't understand what I don't understand.)
[Sat Apr 26 12:56:21 2014] <ianjneu> nolrai66: I can't say for certain, but I do know there are performance benefits to using first order modules rather than records.
[Sat Apr 26 12:57:21 2014] <nolrai66> Okay. Its just I can not figure out how to use MSets.
[Sat Apr 26 12:59:01 2014] <nolrai66> Maybe I can get away with lists or vectors...
[Sat Apr 26 13:38:22 2014] <robbert> nolrai66: modules have been there long before type classes in Coq
[Sat Apr 26 13:38:59 2014] <robbert> hmm, maybe I should start checking whether people I respond to are actually still here... ;)
[Sat Apr 26 13:39:24 2014] <robbert> does anyone know whether you can make that more visible in weechat?
[Sat Apr 26 13:40:10 2014] <ianjneu> robbert: if you write names tab-complete, I think most chat clients only use the list of who's currently in the room.
[Sat Apr 26 13:46:08 2014] <robbert> ianjneu: awesome, that works :)
[Sat Apr 26 13:53:58 2014] <ijp> robbert: and now you have the problem where you reply to other people with the same prefix :)
[Sat Apr 26 13:55:07 2014] <ijp> anyway, speaking of modules, what's the curre
[Sat Apr 26 13:55:39 2014] <ijp> anyway, speaking of modules, what's a recommended overview of the state of the art in ML-style module systems?
[Sat Apr 26 14:08:21 2014] <ianjneu> ML-style module systems or just Coq's?
[Sat Apr 26 14:08:49 2014] <ianjneu> Dreyer & Rossburg have a good paper on mixin-based ML modules.
[Sat Apr 26 14:09:54 2014] <ianjneu> http://www.mpi-sws.org/~rossberg/papers/Rossberg,%20Dreyer%20-%20Mixin%27%20Up%20the%20ML%20Module%20System.pdf
[Sat Apr 26 21:11:19 2014] <ddere> hey all, is there a resource someone can point me to to read about how to structure a Coq project?
[Sat Apr 26 21:11:49 2014] <ddere> it doesnt seem to work too well when i dont put all the source in the same directory
[Sat Apr 26 23:59:10 2014] <jgross> ddere: I think CPDT has a chapter about structuring Coq projects. 
[Sun Apr 27 02:22:55 2014] <ddere> jgross: cool thank you :)
[Sun Apr 27 08:14:40 2014] <roosbeef> when proving a decidability theorem, such as {f x} + {~ f x}
[Sun Apr 27 08:15:04 2014] <roosbeef> where f is inductively defined
[Sun Apr 27 08:15:53 2014] <roosbeef> is there a way to replace f with one of its clauses?
[Sun Apr 27 08:16:33 2014] <roosbeef> (without breaking up the {} + {~} decidability pattern)
[Sun Apr 27 08:20:51 2014] <gdsfh1> roosbeef: "{induction,destruct,case,case_eq} (f x)."
[Sun Apr 27 08:25:11 2014] <roosbeef> eh
[Sun Apr 27 08:25:25 2014] <roosbeef> not sure if im applying it correctly
[Sun Apr 27 08:26:06 2014] <gdsfh1> show your "proof window" maybe?
[Sun Apr 27 08:27:01 2014] <roosbeef> ok
[Sun Apr 27 08:27:14 2014] <roosbeef> well heres my goal: {MultisetGt l_Lt m n} + {~ MultisetGt l_Lt m n}
[Sun Apr 27 08:27:17 2014] <roosbeef> and im trying {constructor} (MultisetGt l_Lt m n).
[Sun Apr 27 08:27:33 2014] <roosbeef> Coq says Syntax error: '.' or '...' expected after [tactic:tactic] (in [proof_mode:subgoal_command]).
[Sun Apr 27 08:29:51 2014] <gdsfh1> probably you need "destruct (MultisetGt l_Lt m n).".  "{}" was a meta-stuff: choose one of these options.
[Sun Apr 27 08:32:44 2014] <roosbeef> ah
[Sun Apr 27 08:34:09 2014] <roosbeef>   destruct (MultisetGt l_Lt m n). Error: Not an inductive product.
[Sun Apr 27 08:34:09 2014] <roosbeef>   constructor (MultisetGt l_Lt m n). Error: The reference MultisetGt was not found in the current environment.
[Sun Apr 27 08:35:37 2014] <roosbeef> i actually just want to unfold MultisetGt i guess, its not directly inductively defined actually... Definition MultisetGt := clos_trans MultisetRedGt.
[Sun Apr 27 08:36:33 2014] <roosbeef> ok
[Sun Apr 27 08:36:44 2014] <roosbeef> this is weird
[Sun Apr 27 08:36:55 2014] <roosbeef> i did "unfold MultisetGt." and that just worked
[Sun Apr 27 08:36:58 2014] <roosbeef> apparently i hadnt tried that
[Sun Apr 27 08:37:05 2014] <roosbeef> yay me
[Sun Apr 27 08:37:07 2014] <roosbeef> :'(
[Sun Apr 27 08:39:49 2014] <gdsfh1> also i was wrong about destruct, understood it.
[Sun Apr 27 08:44:20 2014] <roosbeef> hm
[Sun Apr 27 08:44:29 2014] <roosbeef> maybe you can help me with the following then
[Sun Apr 27 08:44:54 2014] <roosbeef> which happens to be my original question
[Sun Apr 27 08:45:16 2014] <roosbeef> with a goal like this: {clos_trans (MultisetRedGt l_Lt) m n} + {~ clos_trans (MultisetRedGt l_Lt) m n}
[Sun Apr 27 08:45:35 2014] <roosbeef> where clos_trans, MultisetRedGt and l_Lt are all inductive definitions
[Sun Apr 27 08:46:05 2014] <roosbeef> how can i rewrite any of those to their deeper definitions without breaking up the {...} + {~...} pattern?
[Sun Apr 27 08:47:38 2014] <gdsfh1> something you can do, yes.  But what kind of rewrite?  What do you want to achieve?
[Sun Apr 27 08:54:08 2014] <roosbeef> good point
[Sun Apr 27 08:54:58 2014] <roosbeef> um
[Sun Apr 27 08:55:13 2014] <roosbeef> well im trying to prove that the decidability holds
[Sun Apr 27 09:05:57 2014] <gdsfh1> roosbeef: so, if you want to rewrite inside {...}, you can do it with usual "rewrite" that takes term of type "... -> a = b", it should be possible.
[Sun Apr 27 09:13:02 2014] <gdsfh1> roosbeef: but maybe there are lemmas about { clos_trans ?x } + { ~ clos_trans ?x }?  you can try to SearchAbout them.
[Sun Apr 27 09:21:30 2014] <roosbeef> gdsfh1: nope, nothing in SearchAbout
[Sun Apr 27 09:23:38 2014] <roosbeef> is there a conventional approach to proving theorems like this?
[Sun Apr 27 09:24:17 2014] <roosbeef> for example breaking it up into deeper levels of decidability? Its probably easier to prove that l_Lt is decidable and that clos_trans is decidable for example
[Sun Apr 27 09:42:29 2014] <gdsfh1> roosbeef: it could work.  For example, if you prove lemma : forall x (xdec : {x} + {~x}), {clos_trans x} + {~clos_trans x}, then you can "apply" this lemma to your goal and next you will have to prove premises of this lemma (xdec).  (of course "clos_trans x" is malformed; it takes 3 arguments as i see in your code, but i gave an idea only.)
[Sun Apr 27 09:53:33 2014] <roosbeef> ok yea that seems to work :)
[Sun Apr 27 09:58:32 2014] <roosbeef> gonna see how i can work with that
[Sun Apr 27 09:58:34 2014] <roosbeef> thanks gdsfh1
[Sun Apr 27 09:58:35 2014] <roosbeef> brb
[Sun Apr 27 11:49:21 2014] <roosbeef> Error: Unable to unify.
[Sun Apr 27 11:49:24 2014] <roosbeef> how do i get more details on that?
[Sun Apr 27 12:07:52 2014] <ianjneu> roosbeef: unification is directionless and infamously hard to debug. The best I can say is that you are not giving enough explicit arguments somewhere.
[Sun Apr 27 12:08:15 2014] <ianjneu> also, PL research software is notoriously bad at including debugging features :P
[Sun Apr 27 12:11:05 2014] <roosbeef> i am giving explicit arguments
[Sun Apr 27 12:11:14 2014] <roosbeef> so i guess theres something wrong with them
[Sun Apr 27 12:11:40 2014] <roosbeef> would be nice if Coq just said what its expecting and what im giving
[Sun Apr 27 12:15:16 2014] <roosbeef> what do you mean by 'somewhere'?
[Sun Apr 27 12:16:41 2014] <ianjneu> just that. I don't know
[Sun Apr 27 12:19:55 2014] <ijp> * mutters something about coq should provide a constructive proof of an error
[Sun Apr 27 12:38:33 2014] <roosbeef> meh
[Sun Apr 27 12:38:35 2014] <roosbeef> https://privatepaste.com/150fcf5874
[Sun Apr 27 12:38:53 2014] <roosbeef> im trying to do "apply t_step with A0 R x y in H"
[Sun Apr 27 12:39:16 2014] <roosbeef> shouldnt that fit?
[Sun Apr 27 14:31:37 2014] <ianjneu> roosbeef: subtraces?
[Sun Apr 27 14:32:57 2014] <ianjneu> try apply (@t_trans _ _ _ x y) in H
[Sun Apr 27 14:33:14 2014] <ianjneu> derp, nm I see you mean step.
[Sun Apr 27 14:36:17 2014] <roosbeef> ianjneu, subtraces?
[Sun Apr 27 14:38:29 2014] <ianjneu> the current proof engine (8.4) doesn't do well with dependent goals. You'll need to get a proof of R x y up-front to give to t_step, is my suspicion.
[Sun Apr 27 14:42:28 2014] <roosbeef> hm
[Sun Apr 27 14:42:51 2014] <roosbeef> but thats the subgoal im trying to prove :p
[Sun Apr 27 14:43:27 2014] <ianjneu> use cut
[Sun Apr 27 14:44:13 2014] <roosbeef> how?
[Sun Apr 27 14:44:43 2014] <ianjneu> cut (R x y); [intro Rxy; apply t_step|].
[Sun Apr 27 14:46:08 2014] <roosbeef> cut creates a duplicate subgoal
[Sun Apr 27 14:46:18 2014] <roosbeef> suppose this works, how do i solve the new subgoal?
[Sun Apr 27 14:48:36 2014] <roosbeef> nm
[Sun Apr 27 14:48:48 2014] <roosbeef> its not a duplicate ;p
[Sun Apr 27 22:15:46 2014] <molikto> hi, anyone here?
[Sun Apr 27 22:19:35 2014] <amosr> hi molikto
[Sun Apr 27 22:20:29 2014] <molikto> i am reading the "theories" folder of HoTT. what does this means? why the last one is a Type?
[Sun Apr 27 22:20:30 2014] <molikto> Definition relation (A : Type) := A -> A -> Type.
[Sun Apr 27 22:22:25 2014] <molikto> for example, in haskell we have class Eq a where(==)::a →a →Bool
[Sun Apr 27 22:23:46 2014] <amosr> hmm, well relation takes two values of type A, and is a type that may or may not be inhabited
[Sun Apr 27 22:24:41 2014] <amosr> say you had a fixed-size vector, it’d be something like “Inductive vector (A : Type) : nat -> Type”
[Sun Apr 27 22:25:31 2014] <amosr> then “vector unit 2” is a type
[Sun Apr 27 22:26:35 2014] <molikto> ok. i see this. thanks. but i still do not understand why use this but not a bool or something. i think i should read more and see how's it actually used
[Sun Apr 27 22:27:50 2014] <amosr> types are usually better than bools, because you use it to provide proof that the two are related somehow, rather than just a boolean that asserts they are related
[Sun Apr 27 22:28:28 2014] <amosr> you can often then induct over the proof object because it has some structure
[Sun Apr 27 22:28:43 2014] <amosr> I’m not sure if what I’m saying is at all helpful; I haven’t read the HoTT stuff
[Sun Apr 27 22:29:19 2014] <molikto> thanks, i think i understand now.
[Sun Apr 27 22:33:53 2014] <amosr> hey - did you guys see that we had a Coq Fight in Sydney last week?
[Sun Apr 27 22:33:54 2014] <amosr> http://liamoc.net/posts/2014-04-26-coqfight.html
[Sun Apr 27 22:34:12 2014] <amosr> it was a lot of fun. we had projectors set up and raced to prove lemmas
[Sun Apr 27 22:44:04 2014] <ddere> and amosr won
[Sun Apr 27 22:48:54 2014] <amosr> :-)
[Sun Apr 27 22:49:22 2014] <amosr> that’s true, but I didn’t really want to gloat, I just thought others might be interested ;-)
[Sun Apr 27 22:49:41 2014] <ddere> amosr: I know, you're modest, but i got your back
[Mon Apr 28 06:57:53 2014] <roosbeef> im trying to prove the decidability of a relation
[Mon Apr 28 06:58:15 2014] <roosbeef> (without much use of pre-existing decidability lemmas from the libraries)
[Mon Apr 28 06:58:41 2014] <roosbeef> no matter how i break it up into subproblems, i dont seem to be succeeding
[Mon Apr 28 06:59:10 2014] <roosbeef> anyone got any tips to help me go the right direction?
[Mon Apr 28 07:47:57 2014] <Rc43> Hello.
[Mon Apr 28 07:48:29 2014] <Rc43> Am I right, that there is no easy way to place a proof from Prop into Set?
[Mon Apr 28 08:14:26 2014] <ziman> the point of Prop is to make that impossible so that anything in Prop can be erased
[Mon Apr 28 08:26:45 2014] <Rc43> Actually, I don't understand this decision.
[Mon Apr 28 08:26:46 2014] <Rc43> I have read that main reasons are erasability-and-extraction and some mathematical related to excluded middle (http://cstheory.stackexchange.com/questions/21836/why-does-coq-have-prop).
[Mon Apr 28 08:27:13 2014] <Rc43> But if we are talking about extraction then it seems that there are better ways to provide erasability.
[Mon Apr 28 08:27:38 2014] <Rc43> E.g. mark some things in development as "non-valuable" and travers their dependencies.
[Mon Apr 28 08:27:58 2014] <Rc43> Or create polymorphic universe type with mark to erase it or not.
[Mon Apr 28 08:28:18 2014] <Rc43> Because now we have to have duplicates of the same things in Prop and Set sometimes.
[Mon Apr 28 08:29:05 2014] <Rc43> I have one proof in Prop and now I realized that I need to use it in computation, but it is difficult to move it into Set =/
[Mon Apr 28 08:34:36 2014] <Rc43> Maybe latter way ("polymorphic universe type with mark to erase it or not") is equivalent to polymorphism like "forall U, forall A : U, forall x y z : A, <something with x y z>".
[Mon Apr 28 08:55:36 2014] <ziman> I agree. ;)
[Mon Apr 28 08:56:27 2014] <ziman> that's why I developed erasure for Idris in a different way :)
[Mon Apr 28 09:39:48 2014] <gdsfh1> Rc43: do you have a small but meaningful example where Set/Prop duplication is necessary?  Interesting to look at it.  (by no means I doubt that duplication can happen in a practically useful manner.)  Also maybe coq-club members will suggest some way to avoid this duplication.
[Mon Apr 28 09:39:57 2014] <gdsfh1> Rc43: but do you really mean Set?  Why not Type?
[Mon Apr 28 09:44:14 2014] <ziman> there is a guy that achieves remarkably good erasure with Prop without much duplication
[Mon Apr 28 09:45:01 2014] <ziman> https://github.com/jonleivent/mindless-coding
[Mon Apr 28 09:45:26 2014] <ziman> it requires quite a lot of automation but it seems to be doable
[Mon Apr 28 09:47:09 2014] <ziman> also, the extracted ML code bears no trace of proofs at all, which is very nice
[Mon Apr 28 09:48:02 2014] <gdsfh1> ziman: good stuff, but he overcomplicates things, imho.  ML code is nice, really.
[Mon Apr 28 09:48:53 2014] <ziman> gdsfh1, could you make it simpler?
[Mon Apr 28 09:49:43 2014] <Rc43> gdsfh1, 1st question:
[Mon Apr 28 09:49:51 2014] <Rc43> Currently I have proof of termination for some function made by my collegue; it uses some metrics (i.e. functions X -> nat) and lemmas about decreasing of them.
[Mon Apr 28 09:49:52 2014] <ziman> basically, what he does is creating an Erased monad and then implementing some scaffolding for lifting things to it without having to duplicate definitions
[Mon Apr 28 09:49:56 2014] <Rc43> Then I have main theorem about termination: "exists n : nat, <something in Prop>".
[Mon Apr 28 09:50:01 2014] <Rc43> I wanted to refactor it to made proof be in Set, but encountered that can't destruct "/\" and "\/" to make Set.
[Mon Apr 28 09:50:17 2014] <Rc43> This isn't a problem, just replaced with "*" and "+".
[Mon Apr 28 09:50:23 2014] <Rc43> But then I found the same issue with "<" -- I don't see counterparts in Set for it and I also realized that there can be too much changes.
[Mon Apr 28 09:50:25 2014] <Rc43> Theoretically, I can modify structure of proof to give number (which is "exists n : nat, ..."), but I am not sure that it is easy in my case.
[Mon Apr 28 09:50:55 2014] <Rc43> So, it isn't something fundamental, just matter of pragmatics.
[Mon Apr 28 09:51:38 2014] <gdsfh1> ziman: "make" -- no, have no time*brain now and in near future.  just some thoughts: keep rbtree with invariants packed in value with computational part and invariants, write code with refine, prove invariants.
[Mon Apr 28 09:52:02 2014] <ziman> yes, ideally, the function would just take the proof to convince the termination checker that everything is okay, and then not use it at runtime to get rid of the proof as well
[Mon Apr 28 09:52:28 2014] <ziman> gdsfh1, that's what he does
[Mon Apr 28 09:52:30 2014] <Rc43> gdsfh1, about 2nd question (Set/Type): I really don't know; what difference?
[Mon Apr 28 10:01:05 2014] <gdsfh1> Rc43: 2. Set is a restricted kind of Type.  Set is almost not needed in current versions of Coq, Type is enough.  But sometimes people use Set with intention.  I wondered whether is it your case.
[Mon Apr 28 10:02:04 2014] <gdsfh1> Rc43: 1. why do you need a termination proof to be in Set?
[Mon Apr 28 10:04:42 2014] <Rc43> gdsfh1, 1. I want to bind it with the function to get "good" wrapper (f : nat -> X -> option Y; termination : forall x : X, {n : nat | exists y, f n x = Some y}, g : X -> Y).
[Mon Apr 28 10:05:16 2014] <Rc43> gdsfh1, 1. I need this "g" for more convinient definitions and proofs without considering unnecessary branch with None, etc.
[Mon Apr 28 10:06:09 2014] <Rc43> gdsfh1, 2. I didn't know, what's the restriction? Maybe I have the same problem with Type, too, not sure.
[Mon Apr 28 10:19:15 2014] <gdsfh1> Rc43: if you can reformulate "termination" to "forall x : X, {n : nat & {y : Y | f n x = Some y } }.", then it's possible to build "g".  But maybe it's worth to rewrite proof and build Acc/wf for your recursion?
[Mon Apr 28 10:26:52 2014] <Rc43> gdsfh1, yes, it is what I tried to do. Definetely it's worth to rewrite proof / build Acc/wf, but I need to understand code and some time :)
[Mon Apr 28 10:27:18 2014] <Rc43> gdsfh1, as I said nothing fundamental, just weekday problems
[Mon Apr 28 10:28:20 2014] <Rc43> gdsfh1, but what about Set-vs-Type? I thought that Set is just alias for Set0 and Type is aliase(es) for Set1 and higher.
[Mon Apr 28 10:28:32 2014] <gdsfh1> Rc43: as I understand, the problems are caused by the fact that one can't destruct Prop and get value in Set/Type to use in computations.  (here -- use in "g" as a return value.)
[Mon Apr 28 10:29:13 2014] <Rc43> gdsfh1, yep, exactly
[Mon Apr 28 10:32:46 2014] <gdsfh1> Rc43: I'm not an expert in theory, just a "software engineer", so don't believe me here :)  But I think you are right about SetN.
[Mon Apr 28 10:37:36 2014] <ianjneu> Rc43: the set-vs-type thing is so that you don't "accidentally" go up a universe level when using Set. Type has typical ambiguity resolved in the background.
[Mon Apr 28 10:38:05 2014] <ianjneu> Set used to also be impredicative, but that was shown inconsistent.
[Mon Apr 28 10:39:26 2014] <Rc43> ianjneu, what's bad in going up a universe level? Inference/type checking/unification problems?
[Mon Apr 28 10:41:40 2014] <ianjneu> Well, <=8.4 isn't universe-polymorphic, so you kind of screw yourself when trying to write reusable libraries that muck with universe constraints.
[Mon Apr 28 10:42:43 2014] <ianjneu> The HoTT people can probably tell better horror stories about typical ambiguity than I can.
[Mon Apr 28 10:48:14 2014] <Rc43> Btw, is there < counterpart in Set?
[Mon Apr 28 10:48:39 2014] <ianjneu> as in, lt in the natural numbers?
[Mon Apr 28 10:49:03 2014] <ianjneu> Probably not. Coq libraries are not written in a relevance-polymorphic way.
[Mon Apr 28 10:49:59 2014] <ianjneu> If I learned anything using Coq, it's that abstraction is limited to copy and paste in most cases.
[Mon Apr 28 10:50:27 2014] <ianjneu> when you have a type system, that is. Oh man do I love Racket and its macros...
[Mon Apr 28 10:51:29 2014] <Rc43> :D
[Mon Apr 28 10:52:05 2014] <Rc43> Well, I hope that I needn't copy-paste something more than lt...
[Mon Apr 28 10:52:54 2014] <ianjneu> Rc43: theorems & proofs related to lt, no doubt.
[Mon Apr 28 10:53:17 2014] <ianjneu> But if you're doing this to prove termination, you're just doing it wrong.
[Mon Apr 28 10:55:07 2014] <Rc43> ianjneu, maybe the proof uses only transitivity or something elementary (I hope :)
[Mon Apr 28 10:55:19 2014] <Rc43> ianjneu, I agree, that it is done wrong
[Mon Apr 28 10:55:29 2014] <Rc43> ianjneu, it's a crutch =/
[Mon Apr 28 10:56:28 2014] <ianjneu> It's not so much a crutch as it is a virus. Proof relevance will spread everywhere in your development.
[Mon Apr 28 10:57:38 2014] <Rc43> ianjneu, actually, I think that it will not; this function is a top of all development and I need only to prove one lemma about it for the interface between "that" part and "my" part.
[Mon Apr 28 10:58:05 2014] <Rc43> Btw, in some sense any crutch is a virus.
[Mon Apr 28 11:19:51 2014] <Rc43_> Strange, ssreflect's "move =>" looks to behave differently for Prop and Set.
[Mon Apr 28 11:41:57 2014] <Rc43> Also, can I print proof of local hypothesis?
[Mon Apr 28 11:42:15 2014] <Rc43> I found it with omega and want to learn it. But proof session for it is already closed.
[Mon Apr 28 12:22:11 2014] <ianjneu> Rc43: no
[Mon Apr 28 12:24:01 2014] <ianjneu> you can print the entire proof term afterwards and find the binding that is the hypothesis you were looking for
[Mon Apr 28 12:24:24 2014] <ianjneu> Theorem foo : T. Proof. blah. Qed. Print foo.
[Mon Apr 28 20:07:34 2014] <schoppenhauer> hello. is it possible to prove that forall (n' : Fin 1), n' = Fin.F1?
[Mon Apr 28 20:07:42 2014] <schoppenhauer> because ... this obviously holds.
[Mon Apr 28 20:23:19 2014] <jrw> schoppenhauer: if you Require Import Program you can use the dependent destruction tactic to do that
[Mon Apr 28 20:23:31 2014] <jrw> requires JMeq, though
[Mon Apr 28 20:23:59 2014] <jrw> usually if you look at the resulting match annotations you can figure out how to do it yourself without JMeq
[Mon Apr 28 20:24:14 2014] <Ptival> yeah it shouldn't be too hard
[Mon Apr 28 20:24:31 2014] <Ptival> I just realized 8.4 has some better dependent match annotation inference when using refine!
[Mon Apr 28 20:32:40 2014] <Ptival> like this: http://paste.awesom.eu/lxkj
[Mon Apr 28 20:32:49 2014] <Ptival> (pretty bad proof, don't use it please :p)
[Mon Apr 28 20:34:31 2014] <schoppenhauer> got it
[Mon Apr 28 20:34:55 2014] <schoppenhauer> Ptival: ok, mine is different
[Mon Apr 28 20:35:38 2014] <schoppenhauer> Ptival: http://pastebin.com/vAVYH8AX
[Mon Apr 28 20:36:11 2014] <Ptival> yeah dependent destruction hides away all the gory stuff :)
[Tue Apr 29 03:23:45 2014] <robbert> schoppenhauer, Ptival: and it secretly makes your lemma depend on an axiom...
[Tue Apr 29 03:24:14 2014] <robbert> Print Assumptions fin_1_is_1.
[Tue Apr 29 03:24:18 2014] <robbert> Axioms:
[Tue Apr 29 03:24:20 2014] <robbert> JMeq_eq : ∀ (A : Type) (x y : A), x ~= y → x = y
[Tue Apr 29 03:25:48 2014] <robbert> I tend to use a hand made inversion tactic for such types, like http://pastebin.com/KAg9f062
[Tue Apr 29 03:25:58 2014] <robbert> at least, now you get axiom free proofs
[Tue Apr 29 03:30:44 2014] <Ptival> robbert: the one I posted earlier should be axiom free
[Tue Apr 29 03:30:50 2014] <Ptival> though I'd trust JMeq on that one
[Tue Apr 29 03:31:02 2014] <Ptival> isn't it provable safe on decidable types or something like that?
[Tue Apr 29 03:35:42 2014] <jgross> JMeq A a A b is the same as (existT (fun T => T) A a) = (existT (fun T => T) A b).  JMeq A a A b -> a = b is only provable when A is an hProp (when you already have forall a b : A, a = b).  Otherwise it implies that the universe is an hSet, i.e., that all proofs of A = A are refl. 
[Tue Apr 29 03:44:02 2014] <Cale> Does anyone get the political joke about John Major? I'm not from the UK.
[Tue Apr 29 03:46:45 2014] <Cale> Also, I think you should get JMeq A a A b -> ||a = b|| whenever a and b lie in equivalent connected components of A.
[Tue Apr 29 03:52:51 2014] <jgross> Cale: I can prove JMeq bool true bool false using univalence and the path ua negb.  Does this break your claim? 
[Tue Apr 29 03:53:06 2014] <Cale> nope, it's an example of it :)
[Tue Apr 29 03:53:33 2014] <jgross> I don't follow.  We don't have || true = false ||, right? 
[Tue Apr 29 03:53:35 2014] <Cale> true and false are in the two connected components of Bool, each of which is equivalent to the unit type
[Tue Apr 29 03:53:48 2014] <Cale> er
[Tue Apr 29 03:53:52 2014] <Cale> oops, yeah
[Tue Apr 29 03:54:06 2014] <Cale> hmm, what do I want to say here :)
[Tue Apr 29 03:55:48 2014] <jgross> You get JMeq A a B b -> A = B, but that's not particularly interesting, I think.  If A has decidable equality, you provably don't get anything more than that, because the "swap a and b" isomorphism equates all a's and b's.	If A does not have decidable equality, then the case is murkier. 
[Tue Apr 29 03:55:57 2014] <Cale> Maybe I just wanted to say ||JMeq A a B b|| whenever a and b lie in equivalent connected components of A
[Tue Apr 29 03:56:09 2014] <Cale> That seems more plausible
[Tue Apr 29 03:56:16 2014] <Cale> er
[Tue Apr 29 03:56:25 2014] <Cale> that B should be A
[Tue Apr 29 03:57:28 2014] <Cale> So, you transport along the equivalence which swaps the two components, and get mere existence of a path between them
[Tue Apr 29 03:58:26 2014] <jgross> I'm not sure that's provable without decidable equality.  Like, say you have that { x : A & || x = a || } and { x : A & || x = b || } are equivalent types, and you want || JMeq A a A b ||.  I don't see where you're going to pull a mere isomorphism of A from, since you don't really know enough to swap the connected components unless || x = a || and || x = b || are decidable. 
[Tue Apr 29 04:15:38 2014] <Cale> hmmm
[Tue Apr 29 07:57:12 2014] <schoppenhauer> robbert, Ptival, jgross: Hm. Ok, I guess I'll just try to avoid it and write stuff where I need it only inside small opaque lemmata, so I can replace them later. currently, it somehow boosted my productivity.
[Tue Apr 29 07:57:18 2014] <schoppenhauer> is that a good strategy?
[Tue Apr 29 07:59:09 2014] <schoppenhauer> (as far as I understand, that is what I was suggested to do anyway, sort of... looking at the proofs dependent induction gives me.)
[Tue Apr 29 07:59:14 2014] <schoppenhauer> (but I can do that later as well)
[Tue Apr 29 10:21:33 2014] <Ptival> Cale: I remember asking Conor to explain it to me. IIRC, John Major was arguing for a classless society, but didn't really come through, so that's meant as "any two things can hope to be equal, but in practice only two of the same things can be truly equal"
[Tue Apr 29 10:22:58 2014] <Ptival> jgross: thanks
[Tue Apr 29 14:53:03 2014] <Rc43> Hello.
[Tue Apr 29 14:54:47 2014] <Rc43> I am wondering, why eliminating of Prop is forbidden not for all elements of Prop?
[Tue Apr 29 14:55:38 2014] <Rc43> E.g. proving "Lemma q (p : 1 = 1) : { n : nat | n > 6 }" I can do "destruct p".
[Tue Apr 29 14:56:00 2014] <Rc43> Or for "(p : 1 = 1 /\ 2 = 2)" I can do "destruct p", too.
[Tue Apr 29 14:56:22 2014] <Rc43> But for "(p : 1 <= 2)" I can't.
[Tue Apr 29 14:56:55 2014] <Rc43> ("Case analysis on sort Set is not allowed for inductive definition le.")
[Tue Apr 29 14:57:21 2014] <Rc43> So, is it really true that I can't build anything in Set/Type from Prop?
[Tue Apr 29 14:57:59 2014] <Rc43> Or I can to do it only before Qed and then proof will be declined anyway?
[Tue Apr 29 15:01:44 2014] <Ptival> Rc43: not sure what you mean, it's the universe of what you're trying to build that influences whether Prop elimination is allowed or not
[Tue Apr 29 15:02:04 2014] <Ptival> let me try
[Tue Apr 29 15:02:41 2014] <jonikelee> Rc43: the difference is the number of constructors.  If only 1, then the Prop can be destructed without case analysis.
[Tue Apr 29 15:03:08 2014] <Ptival> oh :)
[Tue Apr 29 15:03:16 2014] <Rc43> jonikelee, ah, so simple
[Tue Apr 29 15:04:35 2014] <Rc43> jonikelee, does it imply that inductive types with only one constructor don't carry any information in some sense?
[Tue Apr 29 15:05:01 2014] <Rc43> jonikelee, we needn't destruct, because all information is already known, etc.
[Tue Apr 29 15:05:05 2014] <jonikelee> It implies they don't carry information in the form of which constructor was used - but their args might carry some.
[Tue Apr 29 15:06:00 2014] <Rc43> jonikelee, yes, I forgot about arguments. Is it ok then to allow to destruct Prop?
[Tue Apr 29 15:06:20 2014] <Rc43> jonikelee, I mean destruct one-constructor inductives in Prop.
[Tue Apr 29 15:07:20 2014] <jonikelee> Yes - any single constructor inductive in Prop is always destructable, since no choice (no info) was involved in its construction.
[Tue Apr 29 15:08:33 2014] <ianjneu> jonikelee: not true in all models. Singleton elimination changes the theory. It's inconsistent with univalence.
[Tue Apr 29 15:09:26 2014] <jonikelee> Oh - sorry - in the standard Coq model then.  I guess one should never say "always".
[Tue Apr 29 15:10:09 2014] <Rc43> ianjneu, why is it inconsistent with univalence?
[Tue Apr 29 15:11:16 2014] <ianjneu> It makes every proof of equality refl, which ua refutes with something like the circle.
[Tue Apr 29 15:14:42 2014] <Rc43> ianjneu, it is inconsistent in UA + HIT only or in any UA?
[Tue Apr 29 15:17:05 2014] <ianjneu> bool = bool has two distinct proofs of equality
[Tue Apr 29 15:18:58 2014] <Rc43> Ah, I got it. I thought it is because HIT can add "constructors" of Eq, but it is just because in HoTT we use information while construct Eq object (even without HITs).
[Tue Apr 29 20:29:24 2014] <Cale> Ptival: ah, haha
[Tue Apr 29 22:31:29 2014] <ianjneu> schoppenhauer: did you ever get the decidable equality of Fin.t figured out?
[Tue Apr 29 22:44:42 2014] <mj3> Why is it that sometimes I should supply forall-arguments explicitly and other times I shouldn't?
[Tue Apr 29 22:45:20 2014] <mj3> I.e sometimes it's a type error to leave them out and sometimes it's a type error to provide them explicitly
[Tue Apr 29 22:45:41 2014] <mj3> The example I'm looking it is page 60 of http://adam.chlipala.net/cpdt/cpdt.pdf
[Tue Apr 29 22:46:37 2014] <mj3> And_case is applied without passing in f1 and f2 explicitly, while Forall_case is applied specifying f explicitly
[Tue Apr 29 22:47:33 2014] <ianjneu> see Set Implicit Arguments.
[Tue Apr 29 22:50:19 2014] <mj3> ah, the args are implicit, and if i want to specify them explicitly I need to do so by name
[Tue Apr 29 22:50:32 2014] <mj3> Thanks ianjneu
[Tue Apr 29 22:51:09 2014] <ianjneu> or use the @ syntax to get the explicit version
[Tue Apr 29 22:52:00 2014] <mj3> And "Print Implicit" shows which args are implicit. Okay, I'm good now.
[Tue Apr 29 22:52:33 2014] <mj3> @ works too. Thanks.
[Tue Apr 29 22:52:36 2014] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Tue Apr 29 23:06:48 2014] <ianjneu> @Check Acc_ind.
[Tue Apr 29 23:06:48 2014] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Tue Apr 29 23:07:04 2014] <ianjneu> huh.
[Tue Apr 29 23:20:39 2014] <ianjneu> schoppenhauer: I played around with it. Here's my solution. http://lpaste.net/103378
[Tue Apr 29 23:34:19 2014] <mj3> @help
[Tue Apr 29 23:34:19 2014] <roosterbot> Get help on what? (try 'help <foo>', or 'commands' for a command list)
[Tue Apr 29 23:34:28 2014] <mj3> @help commands
[Tue Apr 29 23:34:29 2014] <roosterbot> Usage: commands - List available commands
[Tue Apr 29 23:34:36 2014] <mj3> @commands
[Tue Apr 29 23:34:36 2014] <roosterbot> buildbot commands: about, check, commands, compute, def, default, hello, help, mute, print, source, unmute, version
[Tue Apr 29 23:35:06 2014] <mj3> @check Acc_ind
[Tue Apr 29 23:35:18 2014] <mj3> @check Acc_ind.
[Tue Apr 29 23:36:02 2014] <roosterbot> Acc_ind : ∀ (A : Type) (R : A → A → Prop) (P : A → Prop),
[Tue Apr 29 23:36:02 2014] <roosterbot> (∀ x : A, (∀ y : A, R y x → Acc R y) → (∀ y : A, R y x → P y) → P x)
[Tue Apr 29 23:36:02 2014] <roosterbot> → (∀ x : A, Acc R x → P x)
[Tue Apr 29 23:36:03 2014] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Wed Apr 30 07:28:49 2014] <Rc43> Hello.
[Wed Apr 30 07:29:26 2014] <Rc43> I found that somehow I can't build Prop with destructing of exists.
[Wed Apr 30 07:30:39 2014] <Rc43> I get error "case analysis on sort Type is not allowed for inductive definition ex".
[Wed Apr 30 07:31:55 2014] <Rc43> Aaah, I understood my mistake. I tried to prove "Prop" (I was meaning element of Prop).
[Wed Apr 30 07:33:09 2014] <Rc43> Or didn't understand =/
[Wed Apr 30 07:33:45 2014] <Rc43> I am trying "Definition order (x y : X) : Prop." and then to do refines for constructing formula.
[Wed Apr 30 07:38:23 2014] <Rc43> What's wrong with this? "Definition order (x y : X) := match some_function x with ex_intro y' ... => y = y' end."
[Wed Apr 30 07:41:21 2014] <Rc43> Seems that the reason is elimination of Prop for construction of Type. But is it the same "dangerous" as construction of Set?
[Thu May  1 10:34:08 2014] <roosbeef> how do i force coq to normalize decidable equality statements automatically?
[Thu May  1 10:35:24 2014] <roosbeef> for example "if match fletter_eq_dec (FrenchLetter a grave) (FrenchLetter a grave) with"
[Thu May  1 10:37:07 2014] <ianjneu> is your eq_dec Defined or Qed'd?
[Thu May  1 10:37:37 2014] <roosbeef> Qed
[Thu May  1 10:37:43 2014] <roosbeef> should i use Defined?
[Thu May  1 10:37:47 2014] <ianjneu> yes.
[Thu May  1 10:37:51 2014] <roosbeef> ha
[Thu May  1 10:37:54 2014] <roosbeef> lets see
[Thu May  1 10:37:55 2014] <ianjneu> Qed removes computational content.
[Thu May  1 10:38:31 2014] <roosbeef> works :)
[Thu May  1 10:38:33 2014] <roosbeef> hm
[Thu May  1 10:38:38 2014] <roosbeef> so when to use Qed?
[Thu May  1 10:38:50 2014] <schoppenhauer> never!
[Thu May  1 10:38:58 2014] <roosbeef> haha
[Thu May  1 10:39:32 2014] <ianjneu> Use Qed when you don't need the result, just the type.
[Thu May  1 10:39:47 2014] <ianjneu> e.g. correctness theorems.
[Thu May  1 10:39:58 2014] <roosbeef> ok that makes sense
[Thu May  1 10:40:10 2014] <roosbeef> when you simply want to know IF some statement holds
[Thu May  1 10:40:52 2014] <schoppenhauer> except for some pseudo-efficiency-results, is it really useful to remove computational content?
[Thu May  1 10:40:56 2014] <roosbeef> is there any advantage to using Qed over Defined in those cases?
[Thu May  1 10:41:05 2014] <roosbeef> ha i was going to aim at the same
[Thu May  1 10:41:22 2014] <schoppenhauer> I mean, ok, when actually extracting programs ... that is, in the late developement-phase ... it might be.
[Thu May  1 10:41:32 2014] <schoppenhauer> or if proof-irrelevance is needed.
[Thu May  1 10:41:56 2014] <ianjneu> decidable equalities need computational content if you use them in functions that are extracted.
[Thu May  1 10:42:04 2014] <ianjneu> However,
[Thu May  1 10:42:25 2014] <ianjneu> it's better to write a -> bool function and prove a correspondence instead
[Thu May  1 10:42:40 2014] <schoppenhauer> hm. agda-developers would not agree, I guess ^^
[Thu May  1 10:42:49 2014] <schoppenhauer> "forgettfull boolean" and stuff.
[Thu May  1 10:42:59 2014] <schoppenhauer> so I guess it is a matter of culture.
[Thu May  1 10:43:03 2014] <ianjneu> Agda people don't write programs that do anything.
[Thu May  1 10:43:38 2014] <ianjneu> so ya, elitists can go ahead and say, "no no no" but I'll get shit done at the end of the day.
[Thu May  1 10:43:52 2014] <schoppenhauer> well, I wonder ... isn't it a solved problem to track the parts of a lambda-term that are actually needed?
[Thu May  1 10:44:29 2014] <schoppenhauer> which makes the efficiency-part of proof irrelevance ... sort of useless?
[Thu May  1 10:44:36 2014] <ianjneu> useless variable elimination does not go deep into data structures.
[Thu May  1 10:45:09 2014] <ianjneu> which is the optimization I think you're alluding to.
[Thu May  1 10:45:30 2014] <schoppenhauer> hm. probably.
[Thu May  1 10:45:38 2014] <schoppenhauer> well, lazy evaluation, then?
[Thu May  1 10:46:07 2014] <schoppenhauer> I remember that I proved for the formalism of minlog that it is possible to automatically decorate proofs.
[Thu May  1 10:46:26 2014] <ianjneu> laziness is seldom what you want.
[Thu May  1 10:46:49 2014] <schoppenhauer> @laziness: well, if it makes work easier, it is a prize I am willing to pay.
[Thu May  1 10:46:52 2014] <roosterbot> error: Syntax error: end of input expected after [constr:lconstr] (in [constr:lconstr_eoi]).
[Thu May  1 10:46:52 2014] <ianjneu> scratch that, need. I have no idea what backward-ass desires people have these days.
[Thu May  1 10:47:32 2014] <Hodapp> * shrugs, walks off
[Thu May  1 10:47:44 2014] <schoppenhauer> anyway, I am not sure whether the same decorating algorithm works for dependent types as well.
[Thu May  1 10:47:52 2014] <ianjneu> Hodapp: heh, not touching that one?
[Thu May  1 10:48:14 2014] <schoppenhauer> in minlog, you do not squash types, but you decorate quantifiers and implications with "c" and "nc" (computable and non-computable)
[Thu May  1 10:48:33 2014] <schoppenhauer> and an optimal such decoration can be found automatically.
[Thu May  1 10:49:31 2014] <Hodapp> ianjneu: never written in Agda before.
[Thu May  1 10:50:04 2014] <schoppenhauer> Hodapp: have you written minlog?
[Thu May  1 10:51:29 2014] <schoppenhauer> http://hugelol.com/lol/270917?
[Thu May  1 10:51:31 2014] <schoppenhauer> GAH
[Thu May  1 10:51:35 2014] <schoppenhauer> wrong channel, sorry.
[Thu May  1 10:52:35 2014] <roosbeef> hugelol :p
[Thu May  1 10:52:36 2014] <roosbeef> j/k
[Thu May  1 10:52:43 2014] <ianjneu> nice.
[Thu May  1 10:52:44 2014] <roosbeef> interesting discussion
[Thu May  1 10:53:36 2014] <roosbeef> regardless: thanks very much guys for solving my problem by changing a single word haha
[Thu May  1 11:12:36 2014] <Hodapp> Nope.
[Fri May  2 12:24:44 2014] <schoppenhauer> hello. can somebody please explain to me, what <+ means (heavily used in http://coq.inria.fr/distrib/V8.4/stdlib/Coq.Structures.Orders.html#)
[Fri May  2 12:25:16 2014] <schoppenhauer> I need Mergesort (actually, I need any kind of sorting predicate to begin with), and would like to keep it near the stdlib.
[Fri May  2 12:25:59 2014] <schoppenhauer> but I have a special ordering relation. I can prove transitivity, decidability, antisymmetry, etc. - but I have no idea how to pack that together such that I can use the predefined stuff for it.
[Fri May  2 12:38:13 2014] <ianjneu> <+ is sugar for including all module types or modules mentioned.
[Fri May  2 12:44:13 2014] <ianjneu> so you can <+ all the module types that include those properties. OrderedType is decidable and has a strict ordering. Transitivity and antisymmetry come from IsStrOrder, which uses the StrictOrder class in Classes/RelationClasses.
[Fri May  2 12:45:48 2014] <ianjneu> forgive me, antisymmetry is not strictness. That's irreflexivity.
[Fri May  2 12:46:31 2014] <schoppenhauer> ianjneu: so ... all I have to do is ... make a module, let it <: LeBool, and implement le_..., etc., inside it?
[Fri May  2 12:46:51 2014] <ianjneu> ya, modules are terribly verbose.
[Fri May  2 12:47:19 2014] <schoppenhauer> hm?
[Fri May  2 12:48:09 2014] <schoppenhauer> "ya"?
[Fri May  2 12:49:10 2014] <schoppenhauer> ianjneu: what do you mean?
[Fri May  2 12:50:26 2014] <ianjneu> nevermind me.
[Fri May  2 12:50:29 2014] <ianjneu> I just bitch.
[Fri May  2 12:51:44 2014] <schoppenhauer> ok.
[Fri May  2 14:44:44 2014] <Rc43> Is type "Inductive Q : Set := | q : Q -> Q." equal to empty type?
[Fri May  2 14:57:36 2014] <Anarchos> Rc43 i am not sure if it is a valid definition.
[Fri May  2 15:01:00 2014] <Cale> It's a valid definition, and yeah, it's empty.
[Fri May  2 15:01:55 2014] <Cale> (Try proving that, it's not hard: Theorem emptyQ : not Q. )
[Fri May  2 15:05:43 2014] <Rc43> Cale, ah, yep; obvious. And there is other side of isomorphism because we have morphism from False to anything.
[Sat May  3 01:36:38 2014] <dmbaturin> Are there really trivial examples that demonstrate the workflow?
[Sat May  3 01:44:06 2014] <dmbaturin> I mean, really trivial. I have never done any automated/assisted theorem proving but I'd like to get into it.
[Sat May  3 01:44:32 2014] <lispy> dmbaturin: Are you looking for a book?
[Sat May  3 01:44:39 2014] <lispy> dmbaturin: or a video? or?
[Sat May  3 01:45:58 2014] <lispy> dmbaturin: This book starts out pretty basic: http://www.cis.upenn.edu/~bcpierce/sf/
[Sat May  3 01:46:00 2014] <dmbaturin> lispy: Preferrably a commented code sample that gives the answer for a trivial axiom set and proposition (like x+3 always >=3 or whatever).
[Sat May  3 01:46:15 2014] <lispy> dmbaturin: and I think this is a recorded lecture for that same book: https://www.youtube.com/watch?v=KKrD4JcfW90
[Sat May  3 01:46:39 2014] <lispy> dmbaturin: do you have proof-general setup in emacs?
[Sat May  3 01:47:38 2014] <dmbaturin> Uhm, no, I generally prefer vim over emacs. I installed the coq IDE.
[Sat May  3 01:48:00 2014] <dmbaturin> Should I setup it in emacs instead?
[Sat May  3 01:48:54 2014] <lispy> I like vim too, but the coq integration doesn't appear to work reliably
[Sat May  3 01:49:20 2014] <lispy> I asked a friend about Coq IDE and he said it's best to skip it and go straight to proof-general
[Sat May  3 01:49:36 2014] <lispy> He felt that it's flaky
[Sat May  3 01:49:45 2014] <lispy> (I don't have any experience)
[Sat May  3 01:50:50 2014] <dmbaturin> Ah, ok. I'm not really an emacs hater type.
[Sat May  3 01:50:53 2014] <lispy> dmbaturin: getting back to your earlier question. Are you familiar with natural deductions or representing proofs as a tree of derivations?
[Sat May  3 01:51:33 2014] <dmbaturin> lispy: A little. I think I have a lot to catch up here.
[Sat May  3 01:53:04 2014] <lispy> dmbaturin: The proof assistant interaction (using tactics) is really that same concept.
[Sat May  3 01:53:50 2014] <lispy> dmbaturin: Coq presents you with a list of things it currently knows and a current goal. And the format is very similar to that of a natural deduction.
[Sat May  3 01:54:51 2014] <lispy> It's your job to help it make progress by using a tactic on some of the known things to transform (or solve) the goal.
[Sat May  3 01:54:58 2014] <lispy> Very abstract and probably not helpful :)
[Sat May  3 01:56:01 2014] <dmbaturin> I'll read the "Software foundations" book then, seems it has some examples.
[Sat May  3 01:56:42 2014] <lispy> Download the .v files and step through them in proof-general with C-c C-n
[Sat May  3 02:09:58 2014] <dmbaturin> lispy: What kind of tasks do you use coq for?
[Sat May  3 02:14:05 2014] <lispy> dmbaturin: Learning Coq :)
[Sat May  3 02:14:33 2014] <lispy> at the moment I'm just learning it to learn it.
[Sat May  3 02:27:33 2014] <dmbaturin> lispy: Ah, same here. I'm using SPARK for Ada programs verification, but I want to get into more fundamental proofs too.
[Sat May  3 06:30:58 2014] <roosbeef> ok so
[Sat May  3 06:31:28 2014] <roosbeef> im working with an order on the data type 'term'
[Sat May  3 06:31:39 2014] <roosbeef> Error: The term "empty_vterm" has type "VTerm.term fs_Sig" while it is expected to have type "term".
[Sat May  3 06:32:02 2014] <roosbeef> this is what Coq tells me when i try to call it - Eval compute in MyLPO.lt_lpo empty_vterm empty_vterm.
[Sat May  3 06:32:21 2014] <roosbeef> i think that coq doesnt realize these are actually the same type..
[Sat May  3 06:32:39 2014] <roosbeef> how can i find out where the gap lies and how can i bridge that gap, anyone?
[Sat May  3 06:53:23 2014] <roosbeef> brb
[Sat May  3 23:40:29 2014] <sendak.freenode.net> [freenode-info] why register and identify? your IRC nick is how people know you. http://freenode.net/faq.shtml#nicksetup
[Sun May  4 10:06:39 2014] <basti_> hi. I'm trying to work with boolean vectors. Apparently I can't declare a fixpoint on them, because "Bcons" would not be a constructor.
[Sun May  4 10:07:05 2014] <basti_> I tried to use the "cons" constructor of vector, but apparently I can't reach it.
[Sun May  4 10:07:29 2014] <basti_> I can't require "Vector" either, it appears to be hidden in Bvector
[Sun May  4 10:11:03 2014] <basti_> there's not even a file called like that, even though i just installed a debian package
[Sun May  4 10:22:17 2014] <basti_> i upgraded the package, and now it works
[Mon May  5 11:04:31 2014] <ryanakca> Is there somewhere I can find a definition of positive / negative position in inductive definitions? Unfortunately, all of the Google results I've managed to find relate to coordinate systems, etc.
[Mon May  5 11:05:31 2014] <ystael> ryanakca: a precise definition is in 4.5.3 of http://coq.inria.fr/doc/Reference-Manual006.html
[Mon May  5 11:05:45 2014] <ryanakca> ystael: Thanks
[Mon May  5 11:05:53 2014] <ystael> "strictly positive occurrence" may be a better Google phrase
[Mon May  5 12:12:40 2014] <schoppenhauer> is there something similar to eqn:? for elim?
[Mon May  5 12:12:47 2014] <schoppenhauer> that is, getting the equality?
[Mon May  5 14:01:56 2014] <rks`> hi!
[Mon May  5 14:02:21 2014] <rks`> I'm trying to use the "Drop" command (from coqtop)
[Mon May  5 14:02:53 2014] <rks`> but I don't know how to "reattach"/"return to" coq once I am done with on the caml side
[Mon May  5 14:03:03 2014] <rks`> the ressources I found seem outdated
[Mon May  5 14:03:11 2014] <rks`> ( http://coq.inria.fr/cocorico/CoqCustomizationHowTo and http://flint.cs.yale.edu/cs428/coq/doc/Reference-Manual014.html )
[Mon May  5 14:03:57 2014] <rks`> ( http://coq.inria.fr/refman/Reference-Manual016.html#sec567 says the same as that last link, but that doesn't seem to work for me)
[Mon May  5 14:05:51 2014] <rks`> ok it seems to now be called "Coqloop.loop"
[Mon May  5 14:05:57 2014] <rks`> (found this in dev/base_include)
[Mon May  5 14:06:00 2014] <rks`> sorry for the noise
[Mon May  5 14:08:26 2014] <schoppenhauer> hello.
[Mon May  5 14:08:32 2014] <schoppenhauer> is it possible to prove Lemma existT_inj : forall f (n : nat) (a m : f n), existT f n a = existT f n m -> a = m.
[Mon May  5 14:08:47 2014] <schoppenhauer> because that should hold...
[Mon May  5 14:43:58 2014] <schoppenhauer> ok, I probably can get it with dependent equality.
[Mon May  5 14:57:09 2014] <Saizan> you need to use the fact that nat has decidable equality
[Mon May  5 17:29:04 2014] <tswett> Ahoy. Is there some convention as to when an identifier should begin with a capital letter?
[Mon May  5 17:33:27 2014] <ianjneu> tswett: the convension usually is that types are uppercase.
[Mon May  5 17:33:37 2014] <ianjneu> well, start with a capital letter I mean.
[Mon May  5 17:34:02 2014] <ianjneu> but that isn' strictly true.
[Mon May  5 17:34:04 2014] <tswett> That convention seems to be violated pretty frequently in the standard library, though.
[Mon May  5 17:34:07 2014] <tswett> With things like nat and relation.
[Mon May  5 17:34:10 2014] <ianjneu> tswett: indeed.
[Mon May  5 17:34:26 2014] <tswett> I could see a person arguing that nat is a "pretty small" type or something.
[Mon May  5 17:35:06 2014] <ianjneu> I often see ML-ish types with lowercase, but "more dependent" types with capital letters.
[Mon May  5 17:35:52 2014] <tswett> Now, if I'm in a proof and the goal is a record type, is there a tactic I can use to perform one proof for each field in the record?
[Mon May  5 17:36:46 2014] <ianjneu> constructor should work.
[Mon May  5 17:37:23 2014] <tswett> There we go. Thanks.
[Mon May  5 17:38:50 2014] <tswett> This proof ends up being pretty easy, then.
[Mon May  5 17:38:54 2014] <tswett> "constructor. auto. auto. auto."
[Mon May  5 17:50:34 2014] <ianjneu> constructor; auto.
[Mon May  5 17:51:08 2014] <ianjneu> or if you have Hint Constructors your_record_type. then just auto will work.e
[Mon May  5 19:12:46 2014] <schoppenhauer> gah ... again ... I need to prove Lemma toN_S : forall {n} (t : fin n), toN (FinFS t) = S (toN t).
[Mon May  5 19:12:55 2014] <schoppenhauer> but I can't ...
[Mon May  5 19:13:08 2014] <schoppenhauer> I always run into problems with the typechecker.
[Mon May  5 19:23:29 2014] <Ptival> do you have a working file?
[Mon May  5 19:23:43 2014] <Ptival> schoppenhauer: ^
[Mon May  5 22:37:02 2014] <schoppenhauer> hm. I solved the problem differently.
[Mon May  5 22:37:12 2014] <schoppenhauer> now ... I am trying to understand the mergesort-package.
[Mon May  5 22:37:38 2014] <schoppenhauer> when I use "sort f L", it returns Sorted f L : Prop, instead of ... a list.
[Mon May  5 22:38:04 2014] <schoppenhauer> as it should, as far as I understand http://coq.inria.fr/library/Coq.Sorting.Mergesort.html
[Mon May  5 22:39:54 2014] <ianjneu> dunno.
[Mon May  5 22:40:21 2014] <schoppenhauer> hm?
[Mon May  5 22:40:28 2014] <schoppenhauer> well, you told me this already.
[Mon May  5 22:40:46 2014] <schoppenhauer> there is an example ... but it is ... strange.
[Mon May  5 22:45:48 2014] <schoppenhauer> this whole part of the library seems ... over-engineered.
[Mon May  5 22:54:30 2014] <ianjneu> It's hard to strike the right balance between generality/reusability and intuitiveness/usability.
[Mon May  5 23:04:16 2014] <schoppenhauer> for list sorting, it shouldn't be too hard, though.
[Mon May  5 23:05:33 2014] <schoppenhauer> I never really understood anything beyond what java-people would call "interfaces" ... have dependent records with some guaranteed functions and name shadowing if you really want.
[Mon May  5 23:06:34 2014] <schoppenhauer> When you don't have fully dependent types, I see a reason for template- and generic-mechanisms. but aren't "parametrized modules" just types?
[Mon May  5 23:09:26 2014] <ianjneu> functors and modules are second class for static compilation reasons.
[Mon May  5 23:11:37 2014] <schoppenhauer> ok. so it is not bad style to just ... not use them. when one already decided to use eqdep/JMeq and make everything computational...
[Mon May  5 23:12:23 2014] <ianjneu> A lot of Coq developers have abandoned modules in favor of type classes.
[Tue May  6 00:25:54 2014] <Ptival> a lot of Coq developers have abandoned modules in favor of dependent records
[Tue May  6 02:48:46 2014] <steshaw> Ptival, that’s interesting. Would you say more about that?
[Tue May  6 11:41:13 2014] <Ptival> steshaw: https://plus.google.com/103230589736939055811/posts/hd4PTtZvEuN
[Tue May  6 16:25:36 2014] <steshaw> Ptival: thanks. IIRC Lennart Augustsson used dependent records in Cayenne but there was some kind of downside that I can't recall (and probably never understood)
[Tue May  6 17:31:27 2014] <Ptival> well I'd be interested in knowing :)
[Tue May  6 18:23:08 2014] <avenge> Can anyone help me understand induction on propositions?
[Tue May  6 18:23:11 2014] <avenge> http://lpaste.net/103701
[Tue May  6 18:26:56 2014] <ianjneu> performing an induction on something without all variable parameters rarely works. You may need to generalize.
[Tue May  6 18:27:25 2014] <avenge> But all my variables are mentioned in the hypothesis.  There's nothing to generalize.
[Tue May  6 18:27:51 2014] <ianjneu> (n::l1) is not a single variable.
[Tue May  6 18:27:54 2014] <ianjneu> I'll take a closer look.
[Tue May  6 18:28:00 2014] <avenge> thanks.
[Tue May  6 18:31:23 2014] <ianjneu> your notion of subsequence is that l is a subsequence of l' iff l' is of shape _++l++_ ?
[Tue May  6 18:32:38 2014] <avenge> no, interspersed characters should be okay, too.  [1;3;5] is a subsequence of [1;2;3;4;5].
[Tue May  6 18:32:45 2014] <avenge> at least that was the intent.
[Tue May  6 18:33:14 2014] <ianjneu> okay.
[Tue May  6 18:51:57 2014] <ianjneu> http://lpaste.net/103705
[Tue May  6 18:53:38 2014] <avenge> Thanks!
[Tue May  6 19:07:00 2014] <ezyang> ianjneu: It's kind of weird that you do induction on l1/l2, not the evidence
[Tue May  6 19:11:57 2014] <ianjneu> ezyang: the (n::l1) makes the induction fail, since it's "forgotten" with a fresh list variable.
[Tue May  6 19:12:26 2014] <ezyang> yeah
[Tue May  6 19:12:41 2014] <ianjneu> so I did what didn't fail.
[Tue May  6 19:12:42 2014] <ezyang> but it turns out that sticking it in an external equality isn't right either; you get the wrong IH
[Tue May  6 19:12:51 2014] <ezyang> here is a more golfed proof:  induction l2; inversion 1; auto.
[Tue May  6 19:14:06 2014] <ianjneu> nice. Needs Hint Constructors subsequence @avenge
[Tue May  6 23:40:01 2014] <mj____> Is there a tactic that will make use of a match statement in the goal and break the proof into cases depending on which match branch is taken?
[Tue May  6 23:40:53 2014] <mj____> I can do a match to find a match and destruct its argument but that breaks things down too much in my use case
[Tue May  6 23:44:55 2014] <mj____> I'll try to make a minimal version of my problem...
[Tue May  6 23:46:16 2014] <jrw> mj____: I use something like this quite a bit. http://lpaste.net/103714
[Tue May  6 23:47:00 2014] <mj____> I have something similar
[Tue May  6 23:47:09 2014] <mj____> what does eqn:? acheive?
[Tue May  6 23:47:13 2014] <mj____> I don't have that
[Tue May  6 23:47:26 2014] <jrw> mj____: it introduces an equality that remembers which branch was taken
[Tue May  6 23:47:37 2014] <mj____> oh, that is very useful indeed
[Tue May  6 23:47:38 2014] <jrw> for example if you're matching a list. in one case you get "xs = []"
[Tue May  6 23:47:45 2014] <jrw> and in the other, something about cons
[Wed May  7 00:22:42 2014] <mj____> Another q: Why does apply fail like this? Impossible to unify "?3257 * 0 = 0" with "binopDenote b (expDenote e1_1) (expDenote e1_2) * {| this := 0; canon := canon|} = {| this := 0; canon := canon|}?
[Wed May  7 00:23:58 2014] <mj____> I'm using the Qcanon module. canon is a proof that 0 is a reduced (that is, canonical) rational
[Wed May  7 00:24:53 2014] <mj____> And {| this := _; canon := _ |} is the internal representation of canonical rationals, which is leaking out into this proof
[Wed May  7 00:29:50 2014] <mj____> It can't unify is 0 with {| this := 0; canon := canon |} it seems
[Wed May  7 00:32:37 2014] <mj____> At a higher level, I guess what I want to do is destruct rational numbers more usefully than by their internal representation
[Wed May  7 00:41:59 2014] <mj____> okay, I was able to eventually prove it by proving that that internal repr equals 0
[Wed May  7 00:42:05 2014] <mj____> but pretty ugly
[Wed May  7 00:47:22 2014] <Ptival> mj____: maybe your library has some nicer elimination rules for rationals
[Wed May  7 00:47:33 2014] <Ptival> I am not familiar with Qcanon unfortunately
[Wed May  7 00:54:14 2014] <mj____> Thanks, that seems like it could be the right direction
[Wed May  7 05:47:45 2014] <ezyang> Here's a puzzle for denizens of this channel (posed by neelk): prove commutativity of addition with a single induction and no lemmas
[Wed May  7 11:10:31 2014] <schoppenhauer> Anomaly: unknown meta ?9583. Please report.
[Wed May  7 11:10:33 2014] <schoppenhauer> ;_;
[Wed May  7 11:11:17 2014] <schoppenhauer> what should I do ...
[Wed May  7 11:52:25 2014] <schoppenhauer> noone here?
[Wed May  7 13:26:08 2014] <Ptival> schoppenhauer: that happens... do something else :(
[Wed May  7 13:26:32 2014] <Ptival> ezyang: oooh sweet :3
[Wed May  7 13:44:11 2014] <schoppenhauer> Ptival: what?
[Wed May  7 13:45:47 2014] <schoppenhauer> Ptival: I tried to find a workaround, but ... is there any useful way of finding what actually goes wrong?
[Wed May  7 13:46:05 2014] <schoppenhauer> (and ... "that happens" ... for something that is used for program verification ...)
[Wed May  7 13:47:33 2014] <schoppenhauer> Ptival: It doesn't even happen after I proved something. It is after I started a theorem.
[Wed May  7 13:48:34 2014] <schoppenhauer> what does this even mean?
[Wed May  7 13:57:39 2014] <Ptival> schoppenhauer: Coq has many bugs, so you can try to file a bug report or search the horrendous bug tracker for this issue
[Wed May  7 13:57:49 2014] <Ptival> otherwise I'm not sure how they debug that
[Wed May  7 13:59:58 2014] <schoppenhauer> ok ... I'll try to update to ... trunk.
[Wed May  7 14:00:07 2014] <schoppenhauer> because there are a lot of bugs with this error message.
[Wed May  7 14:06:25 2014] <Ptival> oh
[Wed May  7 14:06:44 2014] <Ptival> do you have a small example? :\
[Wed May  7 14:16:17 2014] <schoppenhauer> Ptival: I'll first try it on the git version (maybe it has been resolved already), and then I will try to get a smaller example.
[Wed May  7 14:25:41 2014] <Ptival> ok
[Wed May  7 14:54:01 2014] <schoppenhauer> how can I turn on the more detailled output in coq again?
[Wed May  7 15:00:15 2014] <schoppenhauer> I now get a different error message, that f cannot be unified with ?..., but I have no idea what ?... should be
[Wed May  7 15:01:25 2014] <schoppenhauer> Unable to unify "f" with "?1202" (cannot unify "?1202" and
[Wed May  7 15:01:28 2014] <schoppenhauer> "f").
[Wed May  7 15:06:03 2014] <schoppenhauer> ok, I tried "Set Printing All", but ... nothing helps.
[Wed May  7 15:18:17 2014] <schoppenhauer> ok, after messing around with it, it ... sorta works.
[Wed May  7 17:09:32 2014] <Ptival> ezyang: is a a nat induction? :)
[Wed May  7 17:15:55 2014] <tswett> Ahoy.
[Wed May  7 17:16:04 2014] <ezyang> Ptival: "a a nat"?
[Wed May  7 17:16:47 2014] <tswett> Hey, little question. Is it feasible to write readable tactic-based proofs in Coq? It seems like the behavior of each tactic is so context-dependent that it's not really possible to read a tactic-based proof without working through it in the prover.
[Wed May  7 17:18:35 2014] <tswett> Also, at the moment I have a goal of Reflexive (onLists e). I'd like to expand Reflexive, but not onLists. Is there a tactic that does that?
[Wed May  7 17:19:04 2014] <Ptival> ezyang: sorry, I meant to write "is it a nat induction?"
[Wed May  7 17:19:49 2014] <ezyang> Ptival: I do not know.
[Wed May  7 17:19:55 2014] <tswett> I guess hnf does that.
[Wed May  7 17:20:14 2014] <Ptival> ezyang: oh you haven't solved it yet? :)
[Wed May  7 17:20:28 2014] <ystael> tswett: [unfold Reflexive] ?
[Wed May  7 17:20:33 2014] <ezyang> No, I was hoping someone would tweet me the answer
[Wed May  7 17:23:33 2014] <tswett> ystael: that's what I was looking for. Thanks.
[Wed May  7 17:28:34 2014] <Ptival> ezyang: do you think making an inductive family and going from (x, y) to an element of that family is fair game? :\
[Wed May  7 17:31:36 2014] <ezyang> I think that might be ok
[Wed May  7 17:34:18 2014] <tswett> Hm. So I have a relation on lists, "onLists e", which is defined inductively. I want to prove that if onLists e x y, then onLists e y x.
[Wed May  7 17:34:32 2014] <tswett> onLists is False if x and y have different lengths.
[Wed May  7 17:34:47 2014] <tswett> What I want to do is do induction on both x and y in tandem.
[Wed May  7 17:35:57 2014] <tswett> So that, for part of the inductive step, I get to use "onLists e (x' :: xs) (y' :: ys) -> onLists e (y' :: ys) (x' :: xs)" as an assumption.
[Wed May  7 17:47:48 2014] <tswett> I don't really know how to go about doing that, other than perhaps zipping x and y together.
[Wed May  7 18:05:16 2014] <Ptival> ezyang: I feel like there might be a way to somehow shift the S's from one side of plus to the other using some new datatype and unification, but I don't know how to
[Wed May  7 18:06:49 2014] <tswett> Right, I can define a third list, z, that's the zipping-together of x and y, and then do induction on z.
[Wed May  7 18:07:35 2014] <ezyang> Ptival: The problem with doing another inductive type is that you need to convert from the first evidence to your new evidence, and that constitutes an induction
[Wed May  7 18:07:39 2014] <tswett> Thing is, x and y are still around, and so it does induction on z independent of x and y.
[Wed May  7 18:08:05 2014] <Ptival> ezyang: yeah
[Wed May  7 18:08:37 2014] <Ptival> it almost feels like there is a way to prove that this riddle is not solvable :D
[Wed May  7 18:08:48 2014] <Ptival> but I assume it is :(
[Wed May  7 18:12:03 2014] <tswett> help, how do i do weird induction
[Wed May  7 18:15:43 2014] <Ptival> tswett: are you working on the riddle?
[Wed May  7 18:23:57 2014] <tswett> Ptival: no, I'm working on my own thing.
[Wed May  7 18:26:48 2014] <tswett> Given an equivalence relation e, I'm saying that two lists are equivalent according to "onLists e" if and only if the lists are the same length and corresponding elements are equivalent.
[Wed May  7 18:26:56 2014] <tswett> Now I'm trying to prove that this new relation is also an equivalence relation.
[Wed May  7 18:27:24 2014] <tswett> Reflexivity wasn't too hard to prove, but symmetricity is different.
[Wed May  7 18:34:54 2014] <jrw> tswett: I proved symmetry without too much trouble. what exact definition of onLists are you using?
[Wed May  7 18:37:27 2014] <tswett> jrw: lemme paste some stuff.
[Wed May  7 18:40:35 2014] <tswett> http://lpaste.net/103778 - my definition, and my attempt at proving symmetry.
[Wed May  7 18:44:14 2014] <tswett> jrw: as you can see, using "induction x" doesn't work; I end up being asked to prove the wrong thing.
[Wed May  7 18:45:03 2014] <jrw> tswett: why do you think that's the wrong thing?
[Wed May  7 18:46:10 2014] <tswett> jrw: well, we have lists x and y. I'm being asked to prove that if "onLists e" is symmetric for x and y, then it's symmetric for (a0 :: x) and y.
[Wed May  7 18:46:24 2014] <tswett> But if x and y have the same length, then (a0 :: x) and y do not have the same length.
[Wed May  7 18:46:35 2014] <jrw> tswett: oh, don't intros first
[Wed May  7 18:46:42 2014] <jrw> you need to induct on x leaving y general
[Wed May  7 18:46:49 2014] <tswett> Ahh.
[Wed May  7 18:46:59 2014] <tswett> That sounds about right. Let me try that.
[Wed May  7 18:50:23 2014] <tswett> Yeah, this seems to be working. Thanks.
[Wed May  7 18:50:28 2014] <jrw> np
[Wed May  7 18:57:51 2014] <tswett> All right. Let's see if I can finally prove this entire theorem now.
[Wed May  7 19:02:43 2014] <tswett> Now something I'd like to do is to unfold onLists by one step only.
[Wed May  7 19:04:26 2014] <tswett> Apparently simpl does that.
[Wed May  7 19:19:38 2014] <dwoos> dependent
[Wed May  7 19:19:56 2014] <dwoos> ^ sorry, disregard
[Wed May  7 19:36:25 2014] <tswett> I notice that if I look at the type of Equivalence_Reflexive, it seems to give me some arbitrary equivalence relation as the relation that it's for.
[Wed May  7 19:36:53 2014] <tswett> Like its implicit parameter is something that looks in the surrounding scope and grabs whatever looks right.
[Wed May  7 19:57:44 2014] <tswett> * ponders whether or not he wants to include a readable proof that the always-true relation is an equivalence relation.
[Wed May  7 19:57:47 2014] <tswett> The proof is really boring.
[Wed May  7 19:58:42 2014] <Eelis> maybe one of the auto tactics is sufficient?
[Wed May  7 19:58:54 2014] <Eelis> Proof. auto. Qed.  is very readable :)
[Wed May  7 19:59:05 2014] <Eelis> or tauto, intuition, whatever
[Wed May  7 20:00:20 2014] <tswett> auto is just barely insufficient.
[Wed May  7 20:00:33 2014] <tswett> The required proof is "constructor. auto. auto. auto."
[Wed May  7 20:00:50 2014] <Eelis> tried tauto?
[Wed May  7 20:01:46 2014] <tswett> Well, I'm trying to prove something of the form "Equivalence r". The "tauto" tactic can't break through Equivalence.
[Wed May  7 20:02:34 2014] <Eelis> intuition maybe then. gotta try 'em all!
[Wed May  7 20:02:40 2014] <Eelis> it's the Coq way
[Wed May  7 20:02:51 2014] <tswett> When in doubt, use a bunch of automatic tactics.
[Wed May  7 20:03:00 2014] <Eelis> yes!
[Wed May  7 20:03:34 2014] <tswett> Lemme look at the hint commands.
[Wed May  7 20:03:40 2014] <tswett> Maybe instead of providing a proof, I can just declare a hint.
[Wed May  7 20:03:48 2014] <Eelis> btw that can also be your life philosophy
[Wed May  7 20:04:18 2014] <tswett> Need a job? Type "I need a job" into Google and hope for the best.
[Wed May  7 20:04:30 2014] <Eelis> worked for me!
[Wed May  7 20:06:19 2014] <Eelis> i believe there's something like Hint Constructors bla.
[Wed May  7 20:07:48 2014] <tswett> Yeah, "Local Hint Constructors Equivalence : core" made the proof go away.
[Wed May  7 20:11:46 2014] <tswett> Huh, reflexivity solved something that auto couldn't.
[Wed May  7 20:21:15 2014] <Eelis> this is why you have to try them all: it is unpredictable which ones will bring you success
[Wed May  7 20:21:30 2014] <tswett> Maybe there should be a tactic that automatically tries all automatic tactics.
[Wed May  7 20:21:33 2014] <tswett> "autoauto"
[Wed May  7 20:22:01 2014] <Eelis> let's call it HAL
[Wed May  7 20:22:55 2014] <Eelis> "trivial" is also a nice one
[Wed May  7 20:23:02 2014] <Eelis> and congruence
[Wed May  7 20:23:34 2014] <Eelis> the best thing about tactics that automatically pick tactics for you is that there's so many of these tactics to pick from!
[Wed May  7 20:37:50 2014] <tswett> I'm starting to feel like it's best to use "Theorem" for complicated proofs and "Definition" for simple ones.
[Wed May  7 20:38:16 2014] <tswett> A very short proof that uses "exact" a couple of times seems like an ugly proof.
[Wed May  7 21:23:06 2014] <tswett> Woo, I've defined a couple of monoids.
[Wed May  7 22:21:58 2014] <ezyang> What happened to the 'dependent induction' tactic?
[Thu May  8 00:28:16 2014] <tswett> Eh, isn't there some tactic that, if the goal is a record type, creates a subgoal for each of the fields?
[Thu May  8 00:30:45 2014] <tswett> "eapply" with the constructor does it, I guess.
[Thu May  8 10:42:09 2014] <eizo> how can i define a "partial order" type which is a couple "set,relation" such that the relation is reflexive transitive antisymmetric?
[Thu May  8 10:48:53 2014] <ianjneu> eizo check out the Classes/RelationClasses.v library. There's a partial order typeclass.
[Thu May  8 10:53:46 2014] <eizo> Class PartialOrder {A} eqA `{equ : Equivalence A eqA} R `{preo : PreOrder A R}
[Thu May  8 10:54:07 2014] <eizo> how do i use it?
[Thu May  8 10:55:12 2014] <ianjneu> Program Instance your_partialorder_name : PartialOrder your_eqv_rel your_preorder.
[Thu May  8 10:56:29 2014] <eizo> http://pastie.org/9155982
[Thu May  8 10:57:15 2014] <eizo> in the end i want a type Hist which the set of labeled posets (over some arbitrary set, or say over N for simplicity, i don't know which is simpler)
[Thu May  8 10:57:26 2014] <eizo> posets labeled by "I"
[Thu May  8 10:58:44 2014] <ianjneu> I don't understand this paste.
[Thu May  8 10:58:52 2014] <eizo> ianjneu: that would be for defining a particular partial order
[Thu May  8 11:00:04 2014] <eizo> ianjneu: line 8 i want to say that I is the cartesian product of sets M and D, line 10, i want to define the type "Poset", and line 12 i want to say Hist has elements composed of a partial order, alongside a labeling function
[Thu May  8 11:07:08 2014] <Rc43> Hello.
[Thu May  8 11:07:30 2014] <Hodapp> Hello.
[Thu May  8 11:11:53 2014] <Eelis> morning
[Thu May  8 11:15:30 2014] <eizo> does this make sense? http://pastie.org/9156050
[Thu May  8 11:15:56 2014] <eizo> how do i extend this to restrict the "relation Element" to be a partial order?
[Thu May  8 11:32:24 2014] <eizo> i have a definition Definition blah : type_of_blah. why can't i use blah in an another definition? i'm getting "blah was not found in the current environment";
[Thu May  8 11:33:40 2014] <ianjneu> eizo: you never defined it.
[Thu May  8 11:33:50 2014] <eizo> ianjneu: i admitted it
[Thu May  8 11:33:57 2014] <ianjneu> When?
[Thu May  8 11:34:18 2014] <ianjneu> your pastes don't have "Admitted."
[Thu May  8 11:34:31 2014] <eizo> ianjneu: http://pastie.org/9156142
[Thu May  8 11:34:36 2014] <eizo> blah is "false_hists"
[Thu May  8 11:35:16 2014] <eizo> hm i guess i should replace admit by Admitted
[Thu May  8 11:41:50 2014] <eizo> thanks
[Thu May  8 12:22:12 2014] <eizo> how can i apply a forall or implication hypothesis to another hypothesis?
[Thu May  8 12:22:18 2014] <Ainieco> Hello, what theory lies behind http://qandwhat.apps.runkite.com/i-failed-a-twitter-interview/ task? I want to build proven solution to this problem in coq
[Thu May  8 12:33:58 2014] <eizo> if i have H: A -> B and X: A in my hypothesis, in order to get B, should i assert(B); apply H?
[Thu May  8 12:36:14 2014] <eizo> and when i have H : Exists t -> ... how can i get such a t as a hypothesis?
[Thu May  8 13:31:34 2014] <tswett> Now I'd like to prove that two values of record types are equal by proving that their fields are equal.
[Thu May  8 13:31:39 2014] <tswett> Is there a nice way to do that?
[Thu May  8 13:38:49 2014] <jrw> tswett: there's a tactic f_equal that might do what you want
[Thu May  8 13:47:37 2014] <eizo> given hypothesis g(x) = t and x = f(y) how to solve the goal g(f(y)) = t
[Thu May  8 13:48:11 2014] <ianjneu> subst x
[Thu May  8 14:04:36 2014] <eizo> thanks
[Thu May  8 14:13:19 2014] <eizo> how to change a whole expression in the goal by another expression which is equal by hypothesis?
[Thu May  8 14:19:59 2014] <tswett> I think that's "replace (first expression) with (second expression)".
[Thu May  8 14:20:14 2014] <tswett> That's one way to do it, at least.
[Thu May  8 14:38:34 2014] <eizo> thanks
[Thu May  8 19:33:25 2014] <ezyang> Is there a way to clear out the default hint database?
[Thu May  8 19:34:35 2014] <Eelis> there's -nois, closest i can think of
[Thu May  8 19:35:02 2014] <ezyang> ugh, I don't really want to do that
[Thu May  8 19:38:56 2014] <ezyang> ugh, even if I use a different hint database, it looks like core is still used
[Thu May  8 19:42:28 2014] <Eelis> i wonder how much hassle it would be to use -nois in a big Coq project
[Thu May  8 19:42:41 2014] <Eelis> probably not much
[Thu May  8 19:49:59 2014] <tswett> I mean, there's nocore, right?
[Thu May  8 19:50:18 2014] <tswett> If you can specify an alternative database to use, can't you also specify that core should not be used?
[Thu May  8 19:55:59 2014] <ezyang> Hm, is there a way to specify -nois from the source file?
[Thu May  8 19:57:05 2014] <ezyang> oh this is so terrible http://comments.gmane.org/gmane.science.mathematics.logic.coq.club/2800
[Fri May  9 10:22:35 2014] <eizo_> given a set A : Set, how do i define the subsets of A?
[Fri May  9 10:41:39 2014] <Eelis> eizo_: depends on what kind of subsets you want
[Fri May  9 10:41:45 2014] <Eelis> A->Prop is a good start
[Fri May  9 10:42:00 2014] <eizo_> hm yes
[Fri May  9 12:39:53 2014] <eizo> Parameter A B: Set. Definition I := A * B. why does this fail, but Definition I := prod A B works?
[Fri May  9 12:44:48 2014] <rks`> Definition I := (A * B)%type.
[Fri May  9 12:45:57 2014] <eizo> rks`: thanks, but why?
[Fri May  9 12:47:51 2014] <rks`> * == prod in the type scope, in the term/expression/what's-the-name scope it is a notation for mult : nat -> nat -> nat I'm guessing
[Fri May  9 12:48:27 2014] <eizo> ok i see
[Fri May  9 14:13:55 2014] <Rc43> Hello.
[Fri May  9 14:14:02 2014] <Eelis> morning
[Fri May  9 14:14:38 2014] <Rc43> Am I right that it is impossibly to prove "((forall x, D x) -> False) -> (exists x, (D x -> False))"?
[Fri May  9 14:14:48 2014] <Rc43> Is it possible to do with excluded_middle?
[Fri May  9 14:14:59 2014] <Eelis> yes and yes
[Fri May  9 14:18:16 2014] <Rc43> Eelis, I am just trying to prove drinker's paradox, but I thought that it uses ex_middle only once in the proof.
[Fri May  9 14:18:44 2014] <Eelis> oh, maybe i'm wrong
[Fri May  9 14:19:01 2014] <Rc43> Eelis, intuitevely I think that you are right
[Fri May  9 14:19:09 2014] <Eelis> what is the type of x?
[Fri May  9 14:19:18 2014] <Rc43> Eelis, any {X}
[Fri May  9 14:19:59 2014] <Rc43> {X} {D : X -> Prop} (f : (forall x, D x) -> False) : exists x, (D x -> False)
[Fri May  9 14:21:43 2014] <Eelis> yeah that's provable with excluded middle
[Fri May  9 14:22:56 2014] <Eelis> http://codepad.org/rZb4Cs7x
[Fri May  9 14:26:48 2014] <eizo> why can't i use tabs to indent proofs? should i use emacs instead of coqide?
[Fri May  9 14:27:48 2014] <Rc43> eizo, I guess that most of guys here use emacs for Coq.
[Fri May  9 14:27:58 2014] <Rc43> Eelis, you are fast; I am still trying.
[Fri May  9 14:29:42 2014] <ystael> eizo: I find proof general much more functional than CoqIDE, but I use Emacs for everything else
[Fri May  9 14:30:02 2014] <ystael> If you're not already an emacs user and CoqIDE is working for you, there may not be a reason to switch
[Fri May  9 14:30:44 2014] <Rc43> Eelis, oh, or I just tried to prove wrong expression (maybe I confused brackets).
[Fri May  9 14:31:19 2014] <Eelis> * uses coqide
[Fri May  9 14:34:31 2014] <eizo> hm i like this emacs autoindent
[Fri May  9 14:36:59 2014] <Eelis> how does it indent proofs?
[Fri May  9 14:38:22 2014] <eizo> just by two spaces, but you can type tab wherever on the line and it will indent it correctly; also si you're in a proof with 4 indents, it will keep 4 spaces for the next line
[Fri May  9 14:38:42 2014] <eizo> any editor would do that, but they don't have coq integrated
[Fri May  9 14:38:46 2014] <Eelis> oh, thought you meant a coq-specific autoindent, not just "copy the previous line's indentation"
[Fri May  9 14:39:23 2014] <Rc43> Where I can find overview of ConCaT? It's category theory contribution for Coq.
[Fri May  9 14:39:56 2014] <Eelis> never heard of it
[Fri May  9 14:40:09 2014] <Rc43> I heard that it uses multiple copies of the same file for some reason and want to make sure/understand why.
[Fri May  9 14:40:23 2014] <Eelis> there are lots of category theory Coq developments
[Fri May  9 14:40:24 2014] <Rc43> Eelis, I guess that it is that one: http://coq.inria.fr/pylons/contribs/view/ConCaT/v8.4
[Fri May  9 14:41:00 2014] <Eelis> i think that one may be very old. it probably doesn't use Coq's modern features
[Fri May  9 14:42:35 2014] <Eelis> Rc43: one reason you sometimes used to have to copy stuff in Coq was because it didn't support universe polymorphism very well. i think nowadays the support is much better
[Fri May  9 14:44:05 2014] <Rc43> Eelis, may be this is the reaason; I heard about that workaround with files in ConCat exact in discussion of HoTT and how does it make proofs simpler.
[Fri May  9 14:45:23 2014] <Eelis> i didn't understand the grammar in that last part
[Fri May  9 14:53:52 2014] <Rc43> Eelis, there was discussion between me and one guy. I was interested in HoTT applications and that guy said me that one of applications is category theory. And he said about that workaround with files in ConCaT.
[Fri May  9 14:56:09 2014] <Eelis> well, HoTT is what's spurring the improvements in universe polymorphism support, for example
[Fri May  9 14:56:14 2014] <Eelis> so yeah, that's related
[Fri May  9 14:57:39 2014] <Rc43> Eelis, yep
[Fri May  9 14:58:17 2014] <Rc43> But as I understand here we needn't all power of HoTT, agda has universe polymorphism as I know
[Fri May  9 14:58:54 2014] <Eelis> "some form of universe polymorphism, would be nice" http://wiki.portal.chalmers.se/agda/pmwiki.php?n=Main.UniversePolymorphism  doesn't sound like it, unless it's new
[Fri May  9 14:59:11 2014] <Rc43> Hmmm
[Fri May  9 14:59:28 2014] <Rc43> Maybe I don't know what is universe polymorphism.
[Fri May  9 14:59:49 2014] <Rc43> I thought that it is something like "forall l, X : Set l".
[Fri May  9 15:00:16 2014] <Eelis> no
[Fri May  9 15:00:16 2014] <Rc43> It seems that this page is just old.
[Fri May  9 15:00:32 2014] <Rc43> > Page last modified on December 27, 2009
[Fri May  9 15:00:47 2014] <Eelis> ah indeed http://wiki.portal.chalmers.se/agda/pmwiki.php?n=ReferenceManual.UniversePolymorphism
[Fri May  9 15:01:04 2014] <Eelis> next question: do they mean the same by universe polymorphism as the coq people? ^_^
[Fri May  9 15:01:28 2014] <Rc43> Yeah :)
[Fri May  9 15:01:52 2014] <Rc43> Also, "Universe levels are no longer defined as a data type" -- seems that I tried agda right before this change.
[Fri May  9 15:02:02 2014] <Eelis> in any case, i certainly wasn't saying you needed HoTT for universe polymorphism. if anything, i'd guess the opposite is more likely true
[Fri May  9 15:02:18 2014] <Rc43> And maybe now it is made without "forall l, Set l".
[Fri May  9 15:43:32 2014] <eizo> is the book Software Foundation ok for learning more about coq?
[Fri May  9 15:53:17 2014] <Anarchos> eizo yes.
[Fri May  9 15:56:27 2014] <eizo> ok i'll have a look
[Fri May  9 16:13:39 2014] <eizo> how can i use a hypothesis like "1 = 0" to prove false?
[Fri May  9 16:21:23 2014] <ianjneu> discriminate
[Fri May  9 16:21:46 2014] <ianjneu> eizo: ^
[Fri May  9 16:25:47 2014] <eizo> cool thanks
[Fri May  9 16:48:01 2014] <Eelis> heh, i just read about the new "primitive projections". i guess Coq got /another/ kind of implicit argument, hurray!
[Fri May  9 16:48:08 2014] <Eelis> how many do we have now, 4?
[Fri May  9 16:48:24 2014] <rmk0> what's a primitive projection?
[Fri May  9 16:48:33 2014] <Eelis> i don't know more than what's in CHANGES
[Fri May  9 16:50:43 2014] <Eelis> it's also not clear to me whether it's just sugar or truly primitive
[Fri May  9 16:51:59 2014] <Eelis> they put it under "Logic", after all
[Fri May  9 17:10:07 2014] <jgross> Eelis: It's truely primitive (as in, in the kernel).  The primary purpose is to speed up handling of things like sigma types, because arguments to primitve projections don't show up in the term.  (They also provide judgmental eta for records.)  Also, Coq 8.5 will have universe polymorphism (but probably not any explicit universe level type). 
[Fri May  9 17:15:27 2014] <Anarchos> jgross i guess it is for hott ?
[Fri May  9 17:16:15 2014] <jgross> It was developed for HoTT.  It's useful even without HoTT. 
[Fri May  9 17:20:54 2014] <Anarchos> jgross i hope to see what hott will provide in 2014 !
[Fri May  9 17:24:01 2014] <jgross> Anarchos: http://math.andrej.com/2014/05/06/brazilian-type-checking/ 
[Fri May  9 17:24:51 2014] <jgross> Unless you mean "I hope that HoTT will provide me things in 2014, and I won't have to wait for 2015", in which case, me too. 
[Fri May  9 17:25:04 2014] <Anarchos> jgross will look :)
[Fri May  9 17:25:23 2014] <Anarchos> jgross i just wait for the computational interperation of the ua axiom :)
[Fri May  9 17:31:18 2014] <jgross> Anarchos: There's a cubical sets evaluator that's computational. 
[Fri May  9 17:34:15 2014] <jgross> Maxime Dénès recently managed to prove False again (this time in trunk): https://coq.inria.fr/bugs/show_bug.cgi?id=3300#c3 
[Fri May  9 17:44:02 2014] <Anarchos> jgross i thougt vladimir was still looking for a computational interpretation of ua ?
[Fri May  9 17:56:00 2014] <jgross> Anarchos: There are some subtleties.  E.g., the J computation rule is propositional and not judgmental in cubical sets, so you can't actually compare it with Coq/MLTT, strictly speaking.  And it's not known how to compute directly, nor if terms compute to the same thing in all models. 
[Fri May  9 17:59:35 2014] <Eelis> jgross: but could a development that uses primitive projections be rewritten to not use them?
[Fri May  9 18:00:54 2014] <Eelis> anyway, feels hacky to me
[Fri May  9 18:02:33 2014] <Eelis> then again pretty much everything to do with records in Coq seems hacky
[Fri May  9 18:12:20 2014] <jgross> Eelis: Not if it uses judgmental eta for records with primitive projections. 
[Fri May  9 18:12:39 2014] <Eelis> ah, i see
[Fri May  9 18:18:49 2014] <Eelis> also, cool link, thanks
[Fri May  9 18:19:08 2014] <Eelis> (first one)
[Sat May 10 12:01:58 2014] <magnus____> If I'm proving something like this, is there a way to break up the proof into cases based on what smartPlus returns (and what that tells about the arguments) rather than by destructuring e1 and e2?    forall e1 e2, expDenote (smartPlus e1 e2) = expDenote (Binop Plus e1 e2).
[Sat May 10 12:02:27 2014] <magnus____> smartPlus's body is a match statement on e1 and e2
[Sat May 10 12:02:37 2014] <magnus____> s/statement/expression
[Sat May 10 12:03:47 2014] <magnus____> While I can break down the proof based on how e1 and e2 is inductively defined, it would be much more natural to break it down based on which match branch is taken within smartPlus
[Sat May 10 12:16:50 2014] <Cale> magnus____: apply induction to smartPlus e1 e2?
[Sat May 10 12:17:13 2014] <Cale> Or just destruct it or whatever
[Sat May 10 12:50:03 2014] <magnus____> That gives me the right goal, but it doesn't infer any info about e1 and e2 based on what smartPlus returned
[Sat May 10 12:50:19 2014] <magnus____> which should come from which match branch was taken in smartPlus
[Sat May 10 12:51:54 2014] <Cale> oh, right, you might want something like... what was it called...
[Sat May 10 12:52:33 2014] <lispy> let's say I have a goal like forall a. a = b -> c, and I can use intros followed by rewrite to solve the goal. Is there a way to apply the rewrite "under the forall" so that I don't have to use intros?
[Sat May 10 12:52:51 2014] <Cale> case_eq
[Sat May 10 12:53:39 2014] <Cale> magnus____: ^^
[Sat May 10 12:53:42 2014] <magnus____> Very interesting :)
[Sat May 10 12:55:43 2014] <Cale> lispy: I'm not sure that'll always make sense, because the things you're rewriting might involve the variables bound by intros, no?
[Sat May 10 12:55:57 2014] <Cale> lispy: Is it sufficient just to revert the variables after?
[Sat May 10 12:56:42 2014] <magnus____> lispy: maybe this: intro as A; rewrite A
[Sat May 10 12:57:31 2014] <magnus____> that at least avoids having to know the name after introducing the hypothesis
[Sat May 10 12:57:45 2014] <lispy> I should have said, I don't need to do this. I just started playing with avoiding intros and seeing which tactics could still be used.
[Sat May 10 12:58:07 2014] <lispy> I know that intros roughly corresponds to creating a lambda
[Sat May 10 14:15:08 2014] <Rc43> Hello.
[Sat May 10 14:16:14 2014] <Rc43> Suppose, I have hypothesis, which looks like "yh' := f yh : list nat". How to rewrite other expression with it?
[Sat May 10 14:16:39 2014] <Rc43> I can't use "rewrite", because its type "list nat", buut not equality.
[Sat May 10 14:16:52 2014] <Rc43> I can use "assert", I guess. But that is not very convinient.
[Sat May 10 14:18:50 2014] <eizo> Rc43: what does this hypothesis say?
[Sat May 10 14:19:51 2014] <Rc43> eizo, that I have variable yh' which is by definition equal to image of "f" on "yh".
[Sat May 10 14:19:52 2014] <Rc43> But I need usual propositional equality instead of eq-y by definition.
[Sat May 10 14:20:35 2014] <eizo> why does it have type "list nat"?
[Sat May 10 14:20:37 2014] <Rc43> "assert (yh'Eq : yh' = f yh) by auto" solves the problem; but it isn't very good solution, I think.
[Sat May 10 14:20:59 2014] <Rc43> eizo, because it is variable of that type; function f is of type "ist nat -> list nat".
[Sat May 10 14:45:05 2014] <ianjneu> Rc43: try zeta reduction.
[Sat May 10 14:48:00 2014] <Rc43> ianjneu, which tactic? Just "zeta" doesn't work.
[Sat May 10 14:51:28 2014] <Rc43> Oh, "cbv zeta".
[Sat May 10 14:52:13 2014] <Rc43> "cbv zeta in T" doesn't work, can I point my yh' hypothesis to it?
[Sat May 10 14:55:16 2014] <ianjneu> well I know subst yh' works, but you won't keep the yh' binding in the context.
[Sat May 10 14:58:29 2014] <Rc43> ianjneu, seems that I need "backward" subst.
[Sat May 10 14:58:59 2014] <Rc43> ianjneu, not "a + b + c -> a + <binding for b> + c", but backward
[Sat May 10 15:17:02 2014] <ianjneu> Rc43: use the change tactic.
[Sat May 10 15:26:08 2014] <Rc43> ianjneu, it does what I want; thanks
[Sat May 10 15:26:39 2014] <Rc43> Though requires little bit verbous writing (change <expr for yh'> with yh' in T1.).
[Sat May 10 15:32:17 2014] <Rc43> Is there fast equivalent to "remember <expr> as T; clear HeqT."?
[Sat May 10 15:34:02 2014] <Rc43> If not can I construct it with Ltac? I don't know how to bind T agrument from "as T", because it doesnseems
[Sat May 10 15:34:12 2014] <Rc43> *doesn't seem to be argument of tactic
[Sat May 10 15:35:37 2014] <Rc43> Ah, passing T as parameter isn't a problem; but I can't do "clear HeqT" inside Ltac expression (it doesn't see the hypothesis).
[Sat May 10 15:37:12 2014] <Rc43> Oh, just "Ltac rem exp name := remember exp as name eqn:T; clear T."
[Sat May 10 15:37:36 2014] <Rc43> But I guess that T can be binded with hypothesis from outside =/
[Sat May 10 17:11:42 2014] <Rc43> Am I right that (a + b) - c = a + (b - c)?
[Sat May 10 17:11:48 2014] <Rc43> I can't prove =/
[Sat May 10 17:15:15 2014] <Rc43> Oh, thats wrong.
[Sat May 10 18:12:12 2014] <eizo> Rc43: why?
[Sat May 10 18:12:50 2014] <Rc43> eizo, for natural numbers (I forgot to add that)
[Sat May 10 18:12:55 2014] <Rc43> eizo, because if c > b then (b - c) = 0
[Sat May 10 18:13:08 2014] <eizo> oh ok
[Sat May 10 18:13:42 2014] <eizo> i want to define a polymorphic record R { Blah } := ..., and then write a function taking some r : R { Blah } and b : Blah; what is the syntax for writing such a function?
[Sat May 10 18:14:11 2014] <Rc43> eizo, what do you mean by "polymorphic"?
[Sat May 10 18:14:20 2014] <Rc43> eizo, as I understand your task it is type class
[Sat May 10 18:14:33 2014] <Rc43> there is manual about that
[Sat May 10 18:15:31 2014] <eizo> Rc43: http://pastie.org/9163545
[Sat May 10 18:18:30 2014] <magnus____> what do you call an endomorphic catamorphism?
[Sat May 10 18:19:00 2014] <magnus____> ie expFold (f : exp -> exp) : exp -> exp where f is applied on backing out of the recursion
[Sat May 10 18:22:11 2014] <Rc43> eizo, "relation" is something standard?
[Sat May 10 18:22:22 2014] <Rc43> eizo, could you give me lines for import?
[Sat May 10 18:23:07 2014] <Rc43> eizo, btw your syntax at definition looks wrong
[Sat May 10 18:23:31 2014] <Rc43> eizo, if you want to provide implicit parameter you should write not "something {arg}", but "@something arg".
[Sat May 10 18:23:45 2014] <Rc43> eizo, @ makes all implicit arguments to be explicit
[Sat May 10 18:24:22 2014] <Rc43> eizo, maybe that was your problem
[Sat May 10 18:24:32 2014] <eizo> Rc43: Require Import Relations and I is some Set
[Sat May 10 18:25:22 2014] <eizo> Rc43: Record @Hist Element? that doesn't parse
[Sat May 10 18:25:41 2014] <Rc43> eizo, no-no-no :)
[Sat May 10 18:25:50 2014] <Rc43> eizo, not in Record; in Definition.
[Sat May 10 18:26:32 2014] <eizo> Rc43: i finally wrote it like that: http://pastie.org/9163562 that way i can access the Domain of the Hist within the field
[Sat May 10 18:26:33 2014] <Rc43> When you declare that "x" is implicit argument, you write "{x}"; when you want to provide implicit argument for something you should convert function with @
[Sat May 10 18:27:20 2014] <Rc43> So, you should write "Definition f {Element} (h : @Hist Element) ..." in your first paste.
[Sat May 10 18:28:33 2014] <eizo> Rc43: that means a Hist whose implicit type parameter is Element?
[Sat May 10 18:28:53 2014] <Rc43> eizo, yep
[Sat May 10 18:29:41 2014] <Rc43> eizo, but be careful with @, because it converts all implicit arguments into expllicit; not only first
[Sat May 10 18:32:48 2014] <eizo> works perfect thanks
[Sat May 10 18:36:33 2014] <eizo> Rc43: now almost everytime i write  a function with some Hist, i have to put Element explicitely it's a bit annoying
[Sat May 10 18:39:28 2014] <Rc43> eizo, yep, it's not very convinient if you are trying to make all possible arguments implicit. Make arguments explicit if you have to point them manually frequently.
[Sat May 10 18:40:06 2014] <Rc43> Try to make implicit only that what can be inferred by Coq in most of cases.
[Sat May 10 18:40:56 2014] <eizo> making the parameter explicit for the record would mean putting it inside the record?
[Sat May 10 18:41:46 2014] <Rc43> eizo, not necessary, I will try now, but I guess that you can just remove { and }, maybe you need annotate type manuall too
[Sat May 10 18:43:08 2014] <Rc43> eizo, ye, you need to place type annotation; e.g. Record R (T : Set) := mk_R { ... }.
[Sat May 10 18:46:32 2014] <eizo> make sense thanks
[Sat May 10 19:05:13 2014] <Rc43> How to rewrite only first place?
[Sat May 10 19:07:03 2014] <Rc43> "rewrite <eq> at 1" doesn't work.
[Sun May 11 00:03:16 2014] <magnus____> Is there a version of match that produces evidence of equality of the input and matched terms?
[Sun May 11 01:04:21 2014] <magnus____> Ah, http://coq.inria.fr/refman/Reference-Manual026.html describes a rewrite that does the trick
[Sun May 11 08:57:01 2014] <Rc43> Hello.
[Sun May 11 08:57:21 2014] <Rc43> I can't understand how to propogate information about equalities.
[Sun May 11 08:58:02 2014] <Rc43> match xs with xh :: xt => (fun (p : eq xs (xh :: xt)) => ...) eq_refl end
[Sun May 11 08:58:05 2014] <Rc43> How to do it?
[Sun May 11 09:01:02 2014] <Rc43> I would consult CPDT, but it meets me with huge red-black tree example.
[Sun May 11 09:01:09 2014] <Rc43> Is there small example?
[Sun May 11 09:30:08 2014] <Rc43> Ah, old mail from Gabriel Scherer gives small example.
[Mon May 12 08:22:39 2014] <Rc43> Hello.
[Mon May 12 08:22:49 2014] <Rc43> Can I apply tactic to every hypothesis in context?
[Mon May 12 08:23:53 2014] <Rc43> I tried Ltac with "repeat" and "match" but can't do it because my tactic can fail, so I need to wrap it with "try"; therefore my repeat can't exit the loop.
[Mon May 12 08:28:26 2014] <ezyang> Rc43: check 'fail 1'
[Mon May 12 08:29:48 2014] <Rc43> ezyang, hmm, tricky
[Mon May 12 08:29:58 2014] <Rc43> ezyang, I need some time to understand it; but looks fine
[Mon May 12 08:30:45 2014] <ezyang> http://adam.chlipala.net/cpdt/html/Match.html also has a discussion of this and other ltac tricks
[Mon May 12 08:34:59 2014] <Rc43> ezyang, ah yeah; I glanced at it but didn't read the whole
[Mon May 12 08:35:12 2014] <Rc43> ezyang, now I know that I need to search "fail 1" on it; thanks
[Mon May 12 10:36:20 2014] <osa1> what should I add to my program to enable list and string syntax?
[Mon May 12 10:37:46 2014] <osa1> I opened list and string scopes but list syntax still doesn't work
[Mon May 12 11:01:14 2014] <ystael> osa1: You need to Require Import Coq.Lists.List. Import Coq.Lists.List.ListNotations.
[Mon May 12 11:07:50 2014] <osa1> ystael: I was already trying that but I'm getting this Cannot find library Coq.Lists.List.ListNotations in loadpath
[Mon May 12 11:09:25 2014] <osa1> do I need to update my Coq? I have 8.4pl2
[Mon May 12 11:09:53 2014] <ystael> ListNotations is a submodule of Coq.Lists.List
[Mon May 12 11:10:00 2014] <ystael> note, it is "Import" not "Require Import" for the second one
[Mon May 12 11:10:19 2014] <osa1> okay now it works, thanks
[Mon May 12 11:10:34 2014] <osa1> how are they different? Require Import and Import?
[Mon May 12 11:11:46 2014] <ystael> "Require" is "load a module from filesystem"; "Import" is "open a loaded module"; "Require Import" is "do both"
[Mon May 12 19:20:09 2014] <Rc43> There is no well_founded relation for product in the library?
[Mon May 12 19:21:01 2014] <Rc43> I mean, given A B and < on A and < on B, which are w.f. < on A*B is w.f. too.
[Mon May 12 19:24:45 2014] <Rc43> Oh, seems that it is lexprod =/
[Mon May 12 19:56:06 2014] <Rc43> How to make module local?
[Mon May 12 19:56:12 2014] <Rc43> I.e. without exporting it outside.
[Mon May 12 20:00:10 2014] <Rc43> Manual says that I have to use "Require Export Module", if I want to make it visible by default. By somehow it is already visible for me.
[Mon May 12 20:04:01 2014] <Rc43> Or maybe it is possible to make section local?
[Tue May 13 14:01:42 2014] <soso> how can i make this typecheck? Definition comp (T: Type) (A B: Set) (p: A = B) (f: T -> A) (g: T -> B) := forall t, f t = g t.
[Tue May 13 14:01:45 2014] <soso> (using p)
[Tue May 13 14:56:36 2014] <jrw> soso: maybe you're looking for eq_rect, aka transport
[Tue May 13 15:10:18 2014] <soso> forall (A : Type) (x : A) (P : A -> Type),        P x -> forall y : A, x = y -> P y
[Tue May 13 15:13:10 2014] <soso> trying to make sense of that
[Tue May 13 15:41:36 2014] <soso> jrw: i wasn't able to apply it to my example
[Tue May 13 15:43:02 2014] <soso> if i want to make that typecheck: Definition comp (T: Type) (X Y: Set) (p: X = Y) (f: T -> X) (g: T -> Y) := forall t, f t = g t.
[Tue May 13 15:43:53 2014] <soso> i guess i have to use eq_rect (signature above) with A = Set, x = X
[Tue May 13 15:44:47 2014] <soso> but whenever i start writing eq_rect Set X i get a type error
[Tue May 13 17:50:54 2014] <Eelis> soso: still stuck?
[Tue May 13 17:52:10 2014] <soso> Eelis: finally i got it by making a proof and printing it; it makes sense now, thanks
[Tue May 13 17:52:34 2014] <soso> the proof was just "rewrite <- p. assumption", and it generated a proof term with "eq_rec"
[Tue May 13 17:53:23 2014] <Eelis> right, and the reason typing "eq_rect Set X" didn't work was because some of eq_rect's arguments are implicit
[Tue May 13 17:54:24 2014] <soso> Eelis: yes looks like the first forall (A : Type)
[Tue May 13 17:54:35 2014] <soso> is there a way in general to know which are implicits?
[Tue May 13 17:55:14 2014] <Eelis> About thing.  mentions which of thing's parameters are implicit
[Tue May 13 17:58:46 2014] <soso> nice thanks
[Wed May 14 02:16:34 2014] <heatsink> I don't understand the 'destruct' tactic.  As I understand it now, it's like 'inversion' except that it loses information sometimes.
[Wed May 14 02:17:22 2014] <heatsink> Here's an example where inversion works but destruct generates a result that's too weak to complete the proof. http://lpaste.net/104119
[Wed May 14 02:17:32 2014] <heatsink> What does destruct do?
[Wed May 14 02:24:13 2014] <ezyang> destruct is a simplified version of induction
[Wed May 14 02:24:31 2014] <ezyang> The full answer is, "It's complicated", but it comes down to the fact that in order to do induction, you need to calculate a "motive" for it
[Wed May 14 02:25:07 2014] <ezyang> This might help http://web.mit.edu/~ezyang/Public/motive/motive.html
[Wed May 14 02:33:53 2014] <heatsink> hmm...
[Wed May 14 02:50:09 2014] <heatsink> I see that there's a free type in the early examples representing the conclusion from eliminating a first-order nonrecursive constructor.  More generally, the conclusion type can depend on the argument values of the type constructor being eliminated.
[Wed May 14 02:51:39 2014] <heatsink> Does destruct assume the conclusion's type is invariant?
[Wed May 14 02:53:24 2014] <ezyang> I'm not sure what you mean.
[Wed May 14 02:53:40 2014] <ezyang> But I think the answer is, "It all has to do with how the unification algorithm works"
[Wed May 14 02:55:20 2014] <heatsink> Hmm, okay
[Wed May 14 02:56:42 2014] <heatsink> I don't really get it, but I can work around it.
[Wed May 14 02:58:37 2014] <ezyang> When you get a chance, try doing some inductive proofs by hand
[Wed May 14 02:58:50 2014] <ezyang> that is, without the 'induction' tactic, but by manually calling the relevant *_ind function
[Wed May 14 02:59:46 2014] <heatsink> Do you have any proofs in mind?
[Wed May 14 03:00:06 2014] <heatsink> * is currently writing merge sort in Coq because it seemed like a good thing to practice
[Wed May 14 03:00:17 2014] <heatsink> Well, I'm writing lemmas about sorted lists now.
[Wed May 14 03:00:41 2014] <ezyang> It doesn't matter. Maybe start with some facts about natural numbers
[Wed May 14 03:22:07 2014] <Ptival> heatsink: it's basically as you put it yeah, destruct does case analysis after generalizing all the type indices
[Wed May 14 03:22:21 2014] <Ptival> while inversion does its best to save all the indices as equations
[Wed May 14 12:52:03 2014] <schoppenhauer> "Error: Applied theorem has not enough premisses.
[Wed May 14 12:52:05 2014] <schoppenhauer> "
[Wed May 14 12:52:07 2014] <schoppenhauer> what does this even mean?
[Wed May 14 12:53:45 2014] <schoppenhauer> it makes no sense.
[Wed May 14 12:53:59 2014] <schoppenhauer> how can a theorem not have enough premisses?
[Wed May 14 12:57:14 2014] <Ptival> schoppenhauer: you're probably trying to apply a theorem with p premisses to a goal with q premisses where p < q?
[Wed May 14 12:57:37 2014] <Ptival> but it's weird that it doesn't default to some behavior
[Wed May 14 13:04:54 2014] <schoppenhauer> well. I gave up for today.
[Wed May 14 13:13:33 2014] <schoppenhauer> hm.
[Wed May 14 13:13:37 2014] <schoppenhauer> ok, I only gave up shortly.
[Wed May 14 13:13:50 2014] <schoppenhauer> Ptival: what is a "premis" in this case?
[Wed May 14 13:14:09 2014] <schoppenhauer> I only have closed proofs of stuff.
[Wed May 14 13:17:48 2014] <ianjneu> a premise a something left of ->
[Wed May 14 13:26:35 2014] <schoppenhauer> http://lpaste.net/104143
[Wed May 14 13:26:46 2014] <schoppenhauer> ianjneu, Ptival: http://lpaste.net/104143 ← minimal error.
[Wed May 14 13:28:47 2014] <schoppenhauer> I don't really see the problem.
[Wed May 14 13:31:35 2014] <schoppenhauer> why am I always making mistakes when pasting code ...
[Wed May 14 13:34:31 2014] <schoppenhauer> http://lpaste.net/104143 ← more like it
[Wed May 14 13:37:46 2014] <schoppenhauer> ok ... + binds stronger that ->
[Wed May 14 13:37:48 2014] <schoppenhauer> one error.
[Wed May 14 13:37:55 2014] <Ptival> schoppenhauer: the thing you try to apply has type (_ + _)
[Wed May 14 13:38:14 2014] <Ptival> and the goal has type ((_ + _) -> _)
[Wed May 14 13:45:07 2014] <schoppenhauer> ok.
[Wed May 14 13:45:16 2014] <schoppenhauer> still ... not a helpful error message.
[Wed May 14 13:45:25 2014] <schoppenhauer> but thx. got it now.
[Wed May 14 18:00:18 2014] <dmbaturin> Anyone used coq for reasoning about formal grammars consistency and ambiguity?
[Wed May 14 19:53:55 2014] <tswett> Don't you love it when you can do proofs like this:
[Wed May 14 19:53:57 2014] <tswett> comp_Arrows_is_assoc := fun _ _ _ _ _ _ _ => eq_refl
[Wed May 14 19:57:14 2014] <dmbaturin> tswett: What exactly that statement means? I'm still learning the very basics.
[Wed May 14 19:58:05 2014] <tswett> Well, it defines comp_Arrows_is_assoc as a function that takes seven arguments, ignores them, and returns eq_refl.
[Wed May 14 19:59:54 2014] <tswett> Meanwhile, eq_refl has the type a = a for all a.
[Wed May 14 20:03:42 2014] <dmbaturin> So the function is supposed to check if all arguments are the same or..?
[Wed May 14 20:04:07 2014] <tswett> Well, are you familiar with the purpose of Coq?
[Wed May 14 20:04:46 2014] <tswett> Coq is an automated proof verifier; you give it proofs written in computer language and it verifies that they're correct. fun _ _ _ _ _ _ _ => eq_refl is a proof.
[Wed May 14 20:05:11 2014] <Cale> Well, you should probably give the type signature, or else it's not clear which proof that is
[Wed May 14 20:05:14 2014] <tswett> It's a proof that two things are equal. Just by looking at it, you can't see what, exactly, it's proving to be equal.
[Wed May 14 20:05:17 2014] <dmbaturin> Familiar with the purpose, but still struggling with the syntax.
[Wed May 14 20:06:04 2014] <tswett> In this case, it happens to be a proof that compose f (compose g h) = compose (compose f g) h.
[Wed May 14 20:11:30 2014] <tswett> Little question: given "Inductive Bloop : Prop := {a : Bloop; b : Bloop}.", can we prove that a <> b?
[Wed May 14 20:14:37 2014] <tswett> I guess that's the wrong definition. Shrug.
[Wed May 14 20:53:22 2014] <Cale> tswett: Given function extensionality, I can prove a = b
[Wed May 14 20:54:03 2014] <Cale> (by first proving  not Bloop)
[Wed May 14 20:55:27 2014] <Cale> tswett: http://lpaste.net/104156
[Thu May 15 10:19:02 2014] <schoppenhauer> how can one proof that eq ~= eq_refl x forall eq : x = y? (this should hold, since UIP holds)
[Thu May 15 10:22:41 2014] <heatsink> It's an inductive type.  You can match an eq term against eq_refl.
[Thu May 15 10:23:49 2014] <heatsink> It's not clear to me what part of that isn't true by definition.
[Thu May 15 10:27:16 2014] <schoppenhauer> heatsink: so ... how do I derive it?
[Thu May 15 10:30:22 2014] <Cale> schoppenhauer: Apply UIP?
[Thu May 15 10:30:35 2014] <schoppenhauer> Cale: where is UIP?
[Thu May 15 10:30:40 2014] <Cale> schoppenhauer: It's not a theorem
[Thu May 15 10:30:46 2014] <schoppenhauer> Cale: but?
[Thu May 15 10:30:49 2014] <Cale> So you must have assumed it somewhere
[Thu May 15 10:31:00 2014] <Cale> If you're saying that it holds
[Thu May 15 10:31:20 2014] <schoppenhauer> it holds for JMeq I thought.
[Thu May 15 10:31:33 2014] <Cale> JMeq shouldn't imply UIP
[Thu May 15 10:32:20 2014] <Cale> Oh, perhaps JMeq_eq will... let me think about that
[Thu May 15 10:34:02 2014] <Cale> Well, no, I don't believe you'll get a version of UIP for JMeq, and so JMeq_eq shouldn't help
[Thu May 15 10:34:13 2014] <Cale> You could certainly assume one
[Thu May 15 10:35:16 2014] <schoppenhauer> what I actually want to prove:
[Thu May 15 10:35:26 2014] <schoppenhauer> forall {A} {n m} (eq : n = m) (v : vec A n), (vec_id eq v) ~= v
[Thu May 15 10:35:30 2014] <schoppenhauer> where
[Thu May 15 10:35:43 2014] <schoppenhauer> vec_id {A} {a b} (eq : a = b) : vec A a -> vec A b.
[Thu May 15 10:35:56 2014] <schoppenhauer> this should hold.
[Thu May 15 10:36:05 2014] <Cale> What is ~= ?
[Thu May 15 10:36:12 2014] <schoppenhauer> JMeq
[Thu May 15 10:36:16 2014] <Cale> okay
[Thu May 15 10:36:17 2014] <schoppenhauer> it will not hold for =
[Thu May 15 10:36:26 2014] <schoppenhauer> because that is not well-typed
[Thu May 15 10:37:18 2014] <schoppenhauer> do you agree that this should hold?
[Thu May 15 10:43:01 2014] <Cale> hmm
[Thu May 15 10:45:09 2014] <Hodapp> dang, I have had no time for Coq lately due to editing lots of wedding photos
[Thu May 15 10:55:09 2014] <Cale> schoppenhauer: Okay, I managed to do it
[Thu May 15 10:55:27 2014] <schoppenhauer> Cale: how?
[Thu May 15 10:55:30 2014] <Cale> Actually, you're probably not using HoTT, let me just translate this :)
[Thu May 15 10:56:01 2014] <Cale> Oh, hmm
[Thu May 15 10:56:15 2014] <Cale> It won't let me do induction over the equality in the same place...
[Thu May 15 10:56:25 2014] <schoppenhauer> :3
[Thu May 15 10:56:30 2014] <schoppenhauer> coq is a productivity sink.
[Thu May 15 10:57:05 2014] <Hodapp> at least you're not editing wedding photos.
[Thu May 15 10:57:07 2014] <Cale> http://lpaste.net/104173
[Thu May 15 10:57:17 2014] <Cale> This works in my HoTT-Coq
[Thu May 15 10:57:26 2014] <Cale> and doesn't really use HoTT all that much
[Thu May 15 10:57:40 2014] <Cale> But when I try it in plain Coq, it won't let me do induction over the path eq
[Thu May 15 10:57:51 2014] <Cale> In the latter proof
[Thu May 15 10:57:59 2014] <schoppenhauer> indeed, indeed.
[Thu May 15 10:58:03 2014] <schoppenhauer> that's coq.
[Thu May 15 10:58:10 2014] <Cale> That *might* be that my plain Coq is older
[Thu May 15 10:58:34 2014] <Cale> The HoTT Coq that I'm using is a development release
[Thu May 15 10:58:37 2014] <schoppenhauer> the only reason why I need vec_id in the first place is that a=b does not imply vec A a = vec A b, obviously.
[Thu May 15 10:58:46 2014] <Cale> Well, it does imply that
[Thu May 15 10:58:53 2014] <schoppenhauer> well, it does, but it is not easy to work with it.
[Thu May 15 10:59:20 2014] <Cale> Definition vec_id {A} {a b} (eq : a = b) : vec A a = vec A b.
[Thu May 15 10:59:20 2014] <Cale>   induction eq.
[Thu May 15 10:59:20 2014] <Cale>   reflexivity.
[Thu May 15 10:59:20 2014] <Cale> Defined.
[Thu May 15 10:59:26 2014] <schoppenhauer> there is no simple way to get c : vec A b from c : Vec A a
[Thu May 15 10:59:41 2014] <schoppenhauer> yes, but I cannot rewrite with this.
[Thu May 15 10:59:55 2014] <Cale> You can transport...
[Thu May 15 11:00:02 2014] <schoppenhauer> ?
[Thu May 15 11:00:44 2014] <schoppenhauer> what does that mean?
[Thu May 15 11:01:15 2014] <Cale> transport : forall (P : A -> Type) (x y : A), x = y -> P x -> P y.
[Thu May 15 11:01:17 2014] <schoppenhauer> (sorry, I am a bit ... nerved ... by the many concepts people evolved for something as simple as equality ... especially since the stuff I *actually* want to prove is hard enough)
[Thu May 15 11:01:22 2014] <schoppenhauer> ah ok
[Thu May 15 11:01:27 2014] <schoppenhauer> that is "subst" for me.
[Thu May 15 11:01:32 2014] <schoppenhauer> yes, I can do that.
[Thu May 15 11:01:50 2014] <Cale> Right, yeah, I couldn't remember the standard name for some reason :)
[Thu May 15 11:02:43 2014] <schoppenhauer> actually, vec_id is some sort of substitution
[Thu May 15 11:02:58 2014] <Cale> btw, HoTT gives you a much better intuition for when things will be possible with equalities -- if you think about them as paths which might not be refl, then it becomes clearer what the obstructions are to doing certain things.
[Thu May 15 11:03:12 2014] <Cale> Yes, it is
[Thu May 15 11:03:56 2014] <Cale> Definition vec_id {A} {a b} (eq : a = b) : vec A a -> vec A b := transport _ eq.
[Thu May 15 11:04:11 2014] <Cale> (or subst ;)
[Thu May 15 11:05:05 2014] <Cale> But instead of making that substitution, you could instead do it with whatever you were trying to prove about c
[Thu May 15 11:05:18 2014] <Cale> (I think)
[Thu May 15 11:05:35 2014] <Cale> Or if you don't care, you could always just assume UIP and it all becomes trivial.
[Thu May 15 11:21:54 2014] <tswett> Cale: what I meant to define was an inductive type Bloop with two values, a and b.
[Thu May 15 11:25:39 2014] <Cale> tswett: Oh, well, in that case, yes, you can prove they're distinct.
[Thu May 15 11:25:53 2014] <Cale> http://lpaste.net/104175
[Thu May 15 11:29:36 2014] <Cale> tswett: The type you defined earlier was a record consisting of a pair of values of type Bloop. Because the recursion wasn't well-founded, it was easy to show that no such record could ever be constructed.
[Thu May 15 11:31:09 2014] <tswett> Cale: can I still prove they're distinct if Bloop : Prop?
[Thu May 15 11:32:08 2014] <Cale> ah, hmm
[Thu May 15 11:33:20 2014] <Cale> Apparently not the same way, at least.
[Thu May 15 11:34:12 2014] <tswett> * looks at how discriminate behaves.
[Thu May 15 11:34:57 2014] <tswett> Looks like it essentially says, let f a = True and f b = False; if a = b, then by eq_ind, f a = f b, so True = False.
[Thu May 15 11:36:52 2014] <tswett> When I try to do the same with Bloop : Prop, I get this:
[Thu May 15 11:37:43 2014] <tswett> Error: Incorrect elimination of "e" in the inductive type "Bloop": the return type has sort "Type" while it should be "Prop". Elimination of an inductive object of sort Prop is not allowed on a predicate in sort Type because proofs can be eliminated only to build proofs.
[Thu May 15 11:38:45 2014] <tswett> Specifically, that's what happens when I do "Goal a = b. set (f := fun e => match e with | a => True | b => False end)."
[Thu May 15 11:40:58 2014] <Cale> yeah
[Thu May 15 11:41:25 2014] <Cale> True : Prop and Prop : Type
[Thu May 15 11:42:01 2014] <tswett> I didn't know about that rule.
[Thu May 15 11:42:20 2014] <Cale> I tend to just avoid Prop as much as possible.
[Thu May 15 11:44:04 2014] <Cale> There are two main reasons you'd want to use Prop: 1) either you need impredicativity because you're doing set theoretical things, and it lets you deal with things like the powerset, or 2) you're doing program extraction and you want to make use of the fact that Props are erased
[Thu May 15 11:44:41 2014] <tswett> * looks at his code.
[Thu May 15 11:45:07 2014] <tswett> Well, I'm using equality, which is a Prop.
[Thu May 15 11:45:23 2014] <Cale> Ah, there's no reason for equality to be a Prop.
[Thu May 15 11:45:58 2014] <Cale> (and it isn't one in HoTT for instance)
[Thu May 15 11:46:32 2014] <Cale> I suppose there's a bit of a trick
[Thu May 15 11:46:34 2014] <tswett> eq is a Prop in my copy of HoTT Coq.
[Thu May 15 11:47:00 2014] <Cale> Uh, that's weird
[Thu May 15 11:47:07 2014] <Cale> It's not in mine.
[Thu May 15 11:47:24 2014] <tswett> You type "Check eq." and it gives you a Type?
[Thu May 15 11:47:34 2014] <tswett> Maybe I have a weird version.
[Thu May 15 11:47:52 2014] <Cale> Er, it tells me that eq isn't a thing
[Thu May 15 11:48:05 2014] <Cale> Check paths tells me that  paths : forall (_ : ?1) (_ : ?1), Type
[Thu May 15 11:48:28 2014] <tswett> I don't have paths.
[Thu May 15 11:48:46 2014] <tswett> Yeah, I guess we're talking about different things.
[Thu May 15 11:48:51 2014] <Cale> hm
[Thu May 15 11:49:10 2014] <tswett> What I know about my copy of HoTT Coq is that it's just like regular Coq except you can say "Set Universe Polymorphism."
[Thu May 15 11:49:12 2014] <Cale> Any usage of Prop in HoTT should be considered a bug
[Thu May 15 11:49:32 2014] <Cale> Are you using the HoTT library with it?
[Thu May 15 11:49:41 2014] <tswett> I don't think so.
[Thu May 15 11:51:08 2014] <Cale> Let me do an update to make absolutely sure that I have the latest version. The code is here: https://github.com/HoTT/HoTT
[Thu May 15 11:51:41 2014] <Cale> You can see that coq-HoTT is a submodule which is meant to be used together with the theories from here
[Fri May 16 10:07:37 2014] <eizo> if i want to prove something on a list of the form l = x :: (l' ++ [y]), how can i apply the induction hypothesis on l'?
[Fri May 16 10:18:32 2014] <eizo> i need to use P(l') in order to prove P(l)
[Fri May 16 11:09:34 2014] <eizo> i made a recursive function which given an int S (S k) calls itself on k, but coq cannot guess the decrasing argument, how can i help it?
[Sat May 17 15:31:02 2014] <Anarchos> why is it a copy of the ocaml interpreter in coq (in kernel/byterun/coq_interp.c) ?
[Sun May 18 09:27:26 2014] <Anarchos> why does coq have its own ocaml runtime interpreter ?
[Sun May 18 09:57:03 2014] <jgross> Anarchos: Maybe someting to do with the native compiler or vm_compute?	(It sometimes compiles Coq functions to OCaml and runs them, for speed.) 
[Sun May 18 10:09:19 2014] <Anarchos> jgross why not using the installed runtime ??
[Sun May 18 10:33:41 2014] <knight-erraunt> Hi. I am just starting to learn Coq with the company of "Software fundations" book, and I wonder if it is possible to make Coq rewrite specific parts of the equaltions or I have to play with make simple nested proofs to make coq guess which variables I want to subsitute?
[Sun May 18 10:34:48 2014] <knight-erraunt> (just proved the distributivity of multiplication with addition and it was kind of cumbersome)
[Sun May 18 10:38:43 2014] <knight-erraunt> nvm. Just came to the moment where they tell me that there actually is an easier way of doing it.
[Sun May 18 10:54:33 2014] <jgross> Anarchos: That would increase the size of the trusted code base? 
[Sun May 18 10:56:24 2014] <Anarchos> jgross i am not skilled enough to answer that sorry :)
[Sun May 18 11:19:02 2014] <Anarchos> Why do i get this one when compiling coq ? COQC -noinit theories/Init/Notations.v Fatal error: exception File "camlinternalFormat.ml", line 980, characters 6-12: Assertion failed
[Sun May 18 18:09:55 2014] <robbert> schoppenhauer: no! We have [existT (fun x => x) bool true = existT (fun x => x) bool false] with univalence
[Sun May 18 18:10:26 2014] <robbert> nevermind, my chatlog was a couple of days back :)
[Sun May 18 18:32:06 2014] <tautologico> taking a look at Coq'Art, it seems a lot of terms that were typed Set in 8.2 are now Type... why is that?
[Sun May 18 18:35:24 2014] <ianjneu> tautologico: Set is only to restrict the user to not go up a universe level. Most people don't care anymore and want to reuse their code in places that do need universes.
[Sun May 18 18:35:46 2014] <ianjneu> also Set used to be impredicative, but now that that's gone, it's pretty nerfed.
[Sun May 18 18:38:57 2014] <tautologico> ianjneu: I see, thanks
[Sun May 18 18:43:34 2014] <heatsink> Is there a way to normalize and print a term?
[Sun May 18 18:44:00 2014] <heatsink> I want to look at the result of a function application, but Print just shows the application
[Sun May 18 18:50:56 2014] <tautologico> Eval compute in ?
[Sun May 18 18:53:41 2014] <heatsink> that works! thanks
[Sun May 18 21:15:55 2014] <heatsink> I'm trying to show that any terms of type { x : list A | length x = 0 } are equal, but I can't figure out how to show equality for 'exist' terms.
[Sun May 18 21:16:24 2014] <heatsink> The 'destruct' tactic doesn't work for case analysis. http://lpaste.net/104297
[Sun May 18 21:18:19 2014] <heatsink> I don't know how to show equality using induction, because the predicate of 'exist' depends on the existentially bound value.
[Sun May 18 21:19:56 2014] <heatsink> I'd appreciate some advice, or reading on how to prove equality in these cases.
[Sun May 18 22:41:42 2014] <jrw> heatsink: easiest way to prove something like that is with proof irrelevance. but know that that comes with philosophical implications.
[Sun May 18 22:42:56 2014] <jrw> heatsink: you probably are happy enough proving `proj1 lst1 = proj1 lst2`?
[Sun May 18 22:48:20 2014] <jrw> heatsink: something like this: http://lpaste.net/104298
[Sun May 18 22:51:37 2014] <heatsink> hmm...
[Sun May 18 22:57:57 2014] <jrw> those inductions can be replaced by destructs. not sure what I was thinking.
[Sun May 18 23:03:48 2014] <heatsink> Overall, I'm writing mergesort as an exercise to learn Coq.  I can see that proving equality of proj1 should be logically sufficient, but I don't know how that will affect the rest of the code.
[Sun May 18 23:06:00 2014] <heatsink> I was planning for the code to carry along evidence that the output of subproblems is a sorted permutation of the input.
[Sun May 18 23:08:27 2014] <jrw> you can still do that, I think.
[Sun May 18 23:08:35 2014] <jrw> if you post your code I can take a look
[Sun May 18 23:09:57 2014] <heatsink> I think that switching to equality on projections will be encapsulated in the proposition that says "permutation p transforms lst1 into lst2," so it won't affect the rest of the code.
[Sun May 18 23:10:20 2014] <heatsink> I can do that.
[Sun May 18 23:16:25 2014] <heatsink> I was also trying to write the equality proof using sig_ind and eq_ind
[Sun May 18 23:18:44 2014] <heatsink> But I couldn't find a solution that way.  It seemed like I needed a proof of (length xs = 0) for arbitrary xs, which clearly isn't right.
[Sun May 18 23:20:34 2014] <heatsink> There must be some extra trick to dependent equality, beyond using induction, eq_refl, and f_equal.
[Sun May 18 23:34:52 2014] <heatsink> Reading a so post about proof irrelevance. http://cstheory.stackexchange.com/q/5158
[Sun May 18 23:46:05 2014] <heatsink> Right I think I have a handle on the problem now.  Thanks for suggesting to use the projection, jrw.
[Sun May 18 23:46:18 2014] <jrw> np
[Mon May 19 15:37:24 2014] <schoppenhauer> hello.
[Mon May 19 15:37:48 2014] <schoppenhauer> I often have the pattern that I need to prove f(a)=f(b), by just proving a=b
[Mon May 19 15:38:07 2014] <schoppenhauer> this is possible, but is there a strategy such that I can just convert the goal f(a)=f(b) into the goal a=b?
[Mon May 19 15:38:20 2014] <schoppenhauer> (this is the trivial direction. the other requires injectivity.)
[Mon May 19 15:50:36 2014] <Saizan> f_equal or something
[Mon May 19 16:36:12 2014] <schoppenhauer> thx
[Mon May 19 18:40:01 2014] <kmicinski> I'm using proof general and am getting Error: Compiled library AssocList.vo makes inconsistent assumptions over
[Mon May 19 18:40:04 2014] <kmicinski> library Coq.Init.Logic
[Mon May 19 18:40:10 2014] <kmicinski> with a library I'm using
[Mon May 19 18:40:26 2014] <kmicinski> I compiled everything with my version of Coq, is it possible my proofgeneral is using a different version?
[Mon May 19 18:41:04 2014] <kmicinski> (This was from the metatheory library, but I don't really think that's got anything to do with it, metalib compiles fine if I just run the Makefile)
[Mon May 19 22:59:46 2014] <logicalguy> Hi, I'm a budding programmer and someone recommended that I learn coq.  I'm wondering, how will it help me be a better programmer?
[Mon May 19 23:02:43 2014] <mankyKitty> I suspect because it will affect how you think. It will challenge your assumptions about programming and the structure of programs. Consequently your problem solving approaches will change
[Mon May 19 23:03:33 2014] <mankyKitty> But it also depends on your skill level, experience, and interests wrt programming...
[Tue May 20 00:06:18 2014] <logicalguy> Hi, I'm a budding programmer and someone recommended that I learn coq.  I'm wondering, how will it help me be a better programmer?
[Tue May 20 00:08:27 2014] <mankyKitty> logicalguy: didn't like my other answers? :(
[Tue May 20 00:09:11 2014] <logicalguy> mankyKitty, I'm sorry, I missed your answers because my network died :(
[Tue May 20 00:09:27 2014] <mankyKitty> logicalguy: 1:02 PM <mankyKitty> I suspect because it will affect how you think. It will challenge your assumptions about programming and the structure of programs. Consequently your problem solving approaches will change
[Tue May 20 00:09:28 2014] <mankyKitty> 1:03 PM <mankyKitty> But it also depends on your skill level, experience, and interests wrt programming...
[Tue May 20 00:09:35 2014] <mankyKitty> :)
[Tue May 20 00:10:31 2014] <logicalguy> Well, I do have a degree in computer science, but its been over 5 years since I did any programming.  I need to start with baby steps again
[Tue May 20 00:11:08 2014] <mankyKitty> logicalguy: No you don't. Dive in, deep end, with concrete shoes.
[Tue May 20 00:13:07 2014] <mankyKitty> logicalguy: http://www.cis.upenn.edu/~bcpierce/sf/ Have at it !! :)
[Tue May 20 00:13:26 2014] <logicalguy> mankyKitty, ha ha, yes, but what I mean is since I'm pretty much starting again from scratch, I want to build a proper foundation
[Tue May 20 00:13:48 2014] <logicalguy> mankyKitty, thank you, I'm looking it up now
[Tue May 20 00:14:03 2014] <mankyKitty> Coq and or Haskell will provide you with that foundation.
[Tue May 20 00:14:06 2014] <mankyKitty> np
[Tue May 20 00:14:39 2014] <mankyKitty> I'm only learning Coq now, but I'm a firm believer in learning languages that challenge how you think instead of "how do I do a for loop in this language?"
[Tue May 20 00:14:46 2014] <logicalguy> oh, between Coq and haskell, is it either-or, or are they complementary
[Tue May 20 00:15:06 2014] <mankyKitty> I would regard them as complementary
[Tue May 20 00:15:46 2014] <logicalguy> okay,
[Tue May 20 00:16:18 2014] <logicalguy> I'm learning Java right now, so maybe getting into Haskell right now would only confuse me, I think
[Tue May 20 00:16:31 2014] <mankyKitty> drop java, it will ruin you
[Tue May 20 00:16:35 2014] <mankyKitty> gogo Haskell :P
[Tue May 20 00:16:50 2014] <logicalguy> ha ha
[Tue May 20 00:16:58 2014] <logicalguy> unfortunately, I also need to find a job
[Tue May 20 00:17:51 2014] <logicalguy> which are hard to come by for Haskell programmers, where I live
[Tue May 20 00:18:00 2014] <mankyKitty> fair enough
[Tue May 20 00:19:20 2014] <logicalguy> I'm watching this right now: http://vimeo.com/6615365
[Tue May 20 00:19:48 2014] <mankyKitty> noice
[Tue May 20 00:21:42 2014] <logicalguy> hope all this decides to stay on in this thick head of mine :D
[Tue May 20 00:22:32 2014] <mankyKitty> don't worry you're not the only one with that concern ><
[Tue May 20 00:23:02 2014] <logicalguy> really
[Tue May 20 00:23:40 2014] <logicalguy> okay, I will wait for tomorrow to tell me how much I've retained
[Tue May 20 00:23:52 2014] <mankyKitty> hehe
[Tue May 20 00:23:54 2014] <mankyKitty> best of luck !
[Tue May 20 00:26:07 2014] <logicalguy> how long approx was it for you before you noticed a change in the way you think,
[Tue May 20 00:27:56 2014] <mankyKitty> hard to say, i've been kicking around FP for a while, and recently started on Haskell.. but lately just noticed I look at problems differently and break them up into different components... not something I could really put my finger on.
[Tue May 20 00:28:57 2014] <mankyKitty> how and what you code will change what benefits you get... just keep learning what fascinates you and you'll do a double take in the near future about how you're approaching things. ;)
[Tue May 20 00:30:11 2014] <logicalguy> mankyKitty, yes, I want to learn what I'm interested in, but i want a proper approach to it, not just googling on a topic randomly everyday, you know :)
[Tue May 20 00:30:33 2014] <mankyKitty> logicalguy: my advice then is to follow the references
[Tue May 20 00:30:44 2014] <mankyKitty> for example work through software foundations
[Tue May 20 00:31:10 2014] <mankyKitty> but also you'll discover through looking for information that people drop the names of people/papers
[Tue May 20 00:31:13 2014] <mankyKitty> read them
[Tue May 20 00:31:23 2014] <mankyKitty> then if they reference something interesting go read that
[Tue May 20 00:31:36 2014] <mankyKitty> don't read papers piecemeal
[Tue May 20 00:31:57 2014] <mankyKitty> go through the whole paper, not a few at a time (my current problem)
[Tue May 20 00:32:39 2014] <logicalguy> ah okay
[Tue May 20 00:32:57 2014] <mankyKitty> logicalguy: here is a (daunting) awesome reading list for haskell http://www.stephendiehl.com/posts/essential_haskell.html
[Tue May 20 00:33:02 2014] <mankyKitty> just as an example
[Tue May 20 00:33:54 2014] <logicalguy> here's goodbye to my life :(
[Tue May 20 00:34:06 2014] <mankyKitty> also don't be afraid to try to help people, even if you're not 100% sure about things... like I can't form a single Coq statement yet, but I'm more than happy to natter with you about this stuff
[Tue May 20 00:34:07 2014] <mankyKitty> hahaha
[Tue May 20 00:34:13 2014] <mankyKitty> that's why i said one at a time
[Tue May 20 00:34:22 2014] <mankyKitty> plenty of time for life and type theory :P
[Tue May 20 00:34:46 2014] <logicalguy> it's not life AND, it's life OR
[Tue May 20 00:35:06 2014] <mankyKitty> pfft
[Tue May 20 00:35:45 2014] <logicalguy> sorry, looking at that list made me a bit melancholic
[Tue May 20 00:36:16 2014] <mankyKitty> Your own list will grow organically from your learning
[Tue May 20 00:36:33 2014] <mankyKitty> things like that are meant as a reference or bounce point
[Tue May 20 00:36:55 2014] <mankyKitty> No one looks at a bibliography and just adds that to their reading list
[Tue May 20 00:37:02 2014] <logicalguy> yes, I understand, I was just kidding :)
[Tue May 20 00:37:24 2014] <logicalguy> but isn't that what this stephen dude wants people to do
[Tue May 20 00:37:54 2014] <mankyKitty> in a perfect world, wouldn't you? :D
[Tue May 20 00:38:17 2014] <logicalguy> no
[Tue May 20 00:38:32 2014] <logicalguy> I'd want everyone to go on a two-week trek in the himalayas
[Tue May 20 00:39:03 2014] <mankyKitty> yeah but it's a perfect world so you can do both. :p
[Tue May 20 00:40:00 2014] <logicalguy> yes, probably, ha ha, one could be cut off from all distractions and have 3G internet at the same time
[Tue May 20 00:40:57 2014] <mankyKitty> heh
[Tue May 20 00:42:53 2014] <logicalguy> do you have a programming job or do you do it as a hobby
[Tue May 20 00:43:15 2014] <mankyKitty> yeah I'm a workaday coder... PHP though :(
[Tue May 20 00:43:18 2014] <mankyKitty> hobby too
[Tue May 20 00:43:34 2014] <logicalguy> are you also a gamer
[Tue May 20 00:43:48 2014] <mankyKitty> used to be, lost interest
[Tue May 20 00:44:49 2014] <logicalguy> oh
[Tue May 20 00:49:29 2014] <logicalguy> sensible
[Tue May 20 00:52:29 2014] <mankyKitty> meh, it's neither here nor there
[Tue May 20 00:53:35 2014] <logicalguy> have you finished the whole SF book?
[Tue May 20 00:54:37 2014] <mankyKitty> nope, only just getting started myself
[Tue May 20 00:54:47 2014] <mankyKitty> I'm just keen as biscuits :D
[Tue May 20 00:55:29 2014] <logicalguy> yes, you're already an evangelist
[Tue May 20 00:55:51 2014] <mankyKitty> nah, if I was i'd still be yelling at you about java :p
[Tue May 20 00:56:25 2014] <logicalguy> bible bashing with a Java bible, goodness!
[Tue May 20 01:03:28 2014] <mankyKitty> logicalguy: good luck with your efforts though and stick with it.. don't be afraid to kick around a few "I wonder if ..." side projects too.. always fun :D I'll probably be around randomly as I work through the book
[Tue May 20 01:07:41 2014] <logicalguy> thanks a lot for your comments and suggestions, mankyKitty, I'm sure I'll be around to bother you with more questions every now and then :)
[Tue May 20 01:07:53 2014] <mankyKitty> logicalguy: happy to help ^_^
[Tue May 20 01:10:04 2014] <logicalguy> have a good night :)
[Tue May 20 14:11:29 2014] <wagle> whats the status of CoqIde for macosx for coq8.4pl4?  is there a new version?
[Tue May 20 15:47:10 2014] <Enjolras> hi
[Tue May 20 15:48:24 2014] <Enjolras> what's the canonical way to deal with non exhaustive pattern matching ? When the case can't happen
[Tue May 20 15:57:48 2014] <Ptival> Enjolras: turn the return type of the pattern matching into a match
[Tue May 20 15:58:13 2014] <Ptival> where you return an empty type in cases that are unfeasible
[Tue May 20 15:58:14 2014] <Ptival> ?
[Tue May 20 15:58:34 2014] <Enjolras> Whaou. You blew my mind.
[Tue May 20 15:58:59 2014] <Enjolras> That's totally awesome to be able to do that. Thanks
[Tue May 20 15:59:51 2014] <Enjolras> I'm stil stuck in an ML world sometimes :)
[Tue May 20 16:00:58 2014] <tswett> Ahoy.
[Tue May 20 16:03:05 2014] <tswett> So I'm defining a sort of variant lambda calculus thingy. In order to typecheck the term "apply a b", I want to typecheck the terms "a" and "b", and verify that the type of "a" is a function whose domain is the type of "b".
[Tue May 20 16:03:16 2014] <tswett> Types are defined inductively.
[Tue May 20 16:04:04 2014] <tswett> Is there a way to use the "match" construct, or some other construct, to check whether or not two values of inductive types are equal?
[Tue May 20 16:04:38 2014] <tswett> Other than just doing case analysis with one case per constructor.
[Tue May 20 16:11:44 2014] <schoppenhauer> is there a way to permutate universal quantifiers?
[Tue May 20 16:12:13 2014] <tswett> schoppenhauer: like, during a proof?
[Tue May 20 16:12:19 2014] <schoppenhauer> tswett: yes.
[Tue May 20 16:12:30 2014] <schoppenhauer> tswett: when I need to do induction on the second variable, not on the first.
[Tue May 20 16:12:43 2014] <schoppenhauer> tswett: and want the quantor for the first variable in the induction hypothesis.
[Tue May 20 16:12:50 2014] <tswett> * nods.
[Tue May 20 16:12:57 2014] <schoppenhauer> how?
[Tue May 20 16:13:54 2014] <tswett> Well, if you're trying to prove A -> B -> C, could you just say "cut (B -> A -> C). tauto."?
[Tue May 20 16:14:12 2014] <Ptival> schoppenhauer: just introduce the two, and revert the one you need not introduced
[Tue May 20 16:14:45 2014] <schoppenhauer> Ptival: thx! that was what I was searching for!
[Tue May 20 16:15:09 2014] <Ptival> revert will put a hypothesis back, generalize dependent will put a hypothesis back along with all the stuff that depended on it
[Tue May 20 16:15:56 2014] <Ptival> tswett: you should write a function for your type of terms, whose type would be forall (a b : term), {a = b} + {a <> b}
[Tue May 20 16:16:25 2014] <Ptival> tswett: then you can just use this function to decide equality of two values
[Tue May 20 16:18:01 2014] <Ptival> tswett: this function will probably have pattern matching involved, though you might be lucky using the 'decide equality.' tactic to do most of the work
[Tue May 20 16:18:09 2014] <tswett> Ptival: *nod* Thanks.
[Tue May 20 16:22:46 2014] <tswett> Sweet. I managed to use magic to make it look like I have a term T : T.
[Tue May 20 16:26:14 2014] <tswett> First I defined a type Term, with T : Term. Then I defined a type "Val a", which is the type of Terms with "type" a. I then defined a function checkU which takes a term and returns the "type" of that term, and finally I defined checkT which takes a term and returns the "Val" version of that term.
[Tue May 20 16:26:51 2014] <tswett> Then I just do "Coercion Val : Term >-> Sortclass" and "Coercion checkT : Term >-> Val", and voila, "Check T : T." says that T : T.
[Tue May 20 16:27:30 2014] <Ptival> hehe
[Tue May 20 16:28:33 2014] <tswett> I tried to do that a while back, but I couldn't think of the correct trick.
[Tue May 20 16:34:33 2014] <tswett> What I'd really like to do is just type something like "Axiom T : T. Axiom Si : Fun (Si T) T. Axiom Fun : Fun (Times (Si T) (Si T)) T. Axiom Times : Fun (Times T T) T."
[Tue May 20 16:35:41 2014] <tswett> Unfortunately, you can't define an axiom whose type involves a term that hasn't already been defined.
[Tue May 20 16:37:03 2014] <tswett> I'd like it if there were some really easy way to work around that.
[Tue May 20 16:41:17 2014] <tswett> An alternative that would also be nice: "Inductive Val := | T : Val T."
[Tue May 20 16:41:32 2014] <tswett> Of course, the type of Val is Val T -> Type.
[Tue May 20 19:52:11 2014] <schoppenhauer> is it possible to eliminate equality`
[Tue May 20 19:52:13 2014] <schoppenhauer> ?
[Tue May 20 19:52:27 2014] <schoppenhauer> (do induction after it?)
[Tue May 20 19:52:32 2014] <schoppenhauer> because it somehow wont work for me.
[Tue May 20 19:53:08 2014] <schoppenhauer> I need to match some equality with eq_refl.
[Tue May 20 20:08:36 2014] <schoppenhauer> ok got it using refinement.
[Tue May 20 22:06:04 2014] <wagle> whats the status of CoqIde for macosx for coq8.4pl4? is there a new version?
[Tue May 20 23:18:41 2014] <mankyKitty> hi everyone
[Tue May 20 23:19:53 2014] <mankyKitty> I'm working through Software Foundations and I've a question about one of the exercises in the Basics.v file..
[Tue May 20 23:20:17 2014] <mankyKitty> I've solved it, but it feels a little messy.. anyone have any pointers perhaps -> https://gist.github.com/mankyKitty/27693c0961361e76509b
[Tue May 20 23:25:34 2014] <dalaing> mankyKitty: I think something like Proof. intros f H b.  rewrite -> H. rewrite -> H. reflexivity. Qed.
[Tue May 20 23:26:01 2014] <ddere> intros f H b. rewrite -> H. apply H. Qed.
[Tue May 20 23:26:03 2014] <ddere> yeh
[Tue May 20 23:26:12 2014] <alkabetz> I’d use the [repeat] tactical and some semicolons: “intros f x b.  destruct b; repeat (rewrite -> x); reflexivity.”
[Tue May 20 23:26:13 2014] <dalaing> ie you don't need to destruct, since you're not using the knowledge you gain from the destruction
[Tue May 20 23:26:31 2014] <alkabetz> Oh, yeah, that makes it even shorter.
[Tue May 20 23:26:41 2014] <dalaing> ddere: alkabetz: this is from Basics.v in SF - apply and repeat aren't in scope yet :)
[Tue May 20 23:26:51 2014] <ddere> ah ok
[Tue May 20 23:27:03 2014] <alkabetz> Oh, right, oops.
[Tue May 20 23:27:04 2014] <ddere> assumption would work just as well i think
[Tue May 20 23:27:12 2014] <ddere> thats got to be in scope right?
[Tue May 20 23:27:21 2014] <ddere> assumption in place of apply H.
[Tue May 20 23:27:27 2014] <mankyKitty> dalaing: Yeah i was trying to retrieve my H, but I couldn't and didn't understand what I'd gotten myself into
[Tue May 20 23:27:30 2014] <dalaing> I mean in scope of what has been covered in SF at this point
[Tue May 20 23:27:38 2014] <mankyKitty> thanks for the suggestions everyone
[Tue May 20 23:27:40 2014] <mankyKitty> :D
[Tue May 20 23:27:42 2014] <alkabetz> mankyKitty: So yes, it seems a little messy, but only because not enough stuff is in scope to make it really elegant ):
[Tue May 20 23:27:55 2014] <dalaing> always good to know there are better things coming
[Tue May 20 23:28:01 2014] <ddere> daliang: the forall (x : bool) part makes me think they wanted him to do the destruct as an exercise though
[Tue May 20 23:28:20 2014] <ddere> daliang: otherwise you could just do forall (x : A) right?
[Tue May 20 23:28:30 2014] <dalaing> no polymorphism at that point
[Tue May 20 23:28:40 2014] <ddere> ah ok
[Tue May 20 23:29:06 2014] <ddere> coq seems to let me down on the polymorphism front in general i guess
[Tue May 20 23:29:23 2014] <ddere> im probably just missing something
[Tue May 20 23:29:25 2014] <dalaing> I'm only part way through SF, so I remember the progression pretty well
[Tue May 20 23:29:37 2014] <dalaing> looking forward to revisiting it after CPDT with crush in hand...
[Tue May 20 23:29:43 2014] <ddere> :)
[Tue May 20 23:30:34 2014] <ddere> mankyKitty: in any case, you had intros f x b.
[Tue May 20 23:30:45 2014] <mankyKitty> At least I was curious about the right things... the unused b' had me concerned and I was lost when trying to introduce my hypothesis (??)
[Tue May 20 23:30:46 2014] <mankyKitty> the H
[Tue May 20 23:31:02 2014] <mankyKitty> ddere: yeah that part was why I went...well..still right, but ugly
[Tue May 20 23:31:04 2014] <ddere> mankyKitty: x : forall x : bool, f x = x was a bit confusing ;)
[Tue May 20 23:31:16 2014] <mankyKitty> yup
[Tue May 20 23:32:13 2014] <mankyKitty> so much fun to just chip away at this... looking forward to CPDT too !
[Tue May 20 23:32:20 2014] <ddere> daliang: do you know if theres something i am  missing here: https://github.com/domdere/haskell-coq/blob/master/src/classes/Monad.v#L128
[Tue May 20 23:32:52 2014] <ddere> dliang: like if theres a way i can get away without having bind1 and bind2 as separate arguments, and instead just have a single bind
[Tue May 20 23:33:02 2014] <ddere> a single (polymorphic) bind
[Tue May 20 23:33:08 2014] <dalaing> I'm still pretty new to this :)
[Tue May 20 23:35:06 2014] <dalaing> so not at the moment
[Tue May 20 23:35:27 2014] <dalaing> can you implicit type arguments to the bind itself?
[Tue May 20 23:35:55 2014] <ddere> daliang: i havent managed to
[Tue May 20 23:36:25 2014] <ddere> daliang: when i *call* those functions i can use the same function that has been defined polymorphically
[Tue May 20 23:36:40 2014] <ddere> daliang: but i jsut have to pass it in twice and get it to resolve them down into 2 seperate functions
[Tue May 20 23:38:07 2014] <dalaing> could you replace the A/B/Cs in bind with underscores? or will it try to unify them across the usages?
[Tue May 20 23:38:21 2014] <dalaing> it's a bit beyond my level I'm afraid
[Tue May 20 23:39:05 2014] <dalaing> although I'm about to start working 4 days a week to get more FP study in, so hopefully I'll get to that level sooner rather than later :)
[Tue May 20 23:39:20 2014] <ddere> daliang: wow ok
[Tue May 20 23:39:30 2014] <mankyKitty> dalaing: nice O_O
[Tue May 20 23:39:46 2014] <ddere> daliang: thats not a bad suggestion, i'll give it a try when i get home
[Tue May 20 23:51:00 2014] <dalaing> ddere: I might be too used to Haskell's inferencing - started wondering whether you need the binds in the definition at all
[Tue May 20 23:59:42 2014] <ddere> daliang: hmm?
[Wed May 21 00:00:30 2014] <ddere> the function is a helper function to use while defining your instances, so technically the arg is not a Monad yet
[Wed May 21 00:01:18 2014] <ddere> daliang: its a function i intend to use when defining the Applicative instance which is a requirement for the Monad instance in my defns
[Wed May 21 00:37:42 2014] <ddere> hey where can i find a reference on strictness/non-strictness and the Eval command in Coq?
[Wed May 21 00:39:17 2014] <jrw> ddere: what do you mean?
[Wed May 21 00:40:10 2014] <ddere> well i understand that in a total language like Coq, in terms of the result returned by a function strictness/non-strictness is irrelevent
[Wed May 21 00:40:17 2014] <ddere> (am i wrong there?)
[Wed May 21 00:41:08 2014] <ddere> but i read somewhere that you can still tell Eval to evaluate a function strictly or non-strictly?
[Wed May 21 00:44:08 2014] <jrw> ddere: you're right that if you want to normalize a term, it doesn't matter what reduction strategy you follow. you might want to read about the difference between the "cbv" and "lazy" tactics in coq
[Wed May 21 00:44:27 2014] <ddere> jrw: ok cool thanks :)
[Wed May 21 00:45:17 2014] <jrw> one difference, for example, is their behavior under binders, iirc.
[Wed May 21 00:53:14 2014] <ddere> and whats the difference between "Eval simpl" and "Eval compute"?
[Wed May 21 00:53:45 2014] <jrw> ddere: compute normalizes terms. simpl does less reduction.
[Wed May 21 00:53:51 2014] <jrw> the exact rules are a little complicated
[Wed May 21 00:53:55 2014] <ddere> ah ok
[Wed May 21 00:54:14 2014] <jrw> but, for example, simpl will not unfold a fixpoint unless its structural argument is "known"
[Wed May 21 00:56:43 2014] <ddere> ah ok
[Wed May 21 00:59:48 2014] <jgross> jrw: I don't think cbv (equivalently(?), compute) and lazy differ under binders.  Perhaps you're thinking of hnf vs. lazy/compute? 
[Wed May 21 01:00:46 2014] <jrw> ah, I must be wrong about that. I'm sure you're right.
[Wed May 21 01:14:15 2014] <jgross> tests say:
[Wed May 21 01:14:15 2014] <jgross> Eval hnf in (fun x : Set => 1 + 1). (*	    = fun _ : Set => 1 + 1 *)
[Wed May 21 01:14:15 2014] <jgross> Eval cbv in (fun x : Set => 1 + 1). (*	    = fun _ : Set => 2 *)
[Wed May 21 01:14:15 2014] <jgross> Eval lazy in (fun x : Set => 1 + 1). (*      = fun _ : Set => 2 *)
[Wed May 21 01:14:15 2014] <jgross> Eval compute in (fun x : Set => 1 + 1). (*	= fun _ : Set => 2 *)
[Wed May 21 01:14:15 2014] <jgross> Eval simpl in (fun x : Set => 1 + 1). (*      = fun _ : Set => 2 *) 
[Wed May 21 03:33:01 2014] <avenge> Dumb question: At some point in my proof, an inversion introduces some package-qualified names (e.g., "Imp.X").  Is there some convenient way to reference these without typing "." (which causes proof general to send the partial statement to coq)?  Thanks.
[Wed May 21 03:34:16 2014] <logicalguy> Warning: query commands should not be inserted in scripts ---------------- I get this warning in coqide, what is the right way to enter query commands?
[Wed May 21 04:58:27 2014] <eizo> does decidability in coq "forall t, (P t \/ ~ P t)" correspond exactly to the existence of a turing machine which can tell whether P t or not P t for all t?
[Wed May 21 07:07:55 2014] <eizo> how can i stop ProofGeneral from advancing automatically the proof when i make a "."?
[Wed May 21 07:45:42 2014] <schoppenhauer> eizo: C-c .
[Wed May 21 07:46:35 2014] <schoppenhauer> eizo: and it does not "exactly" correspond. if you can prove it, there is such a turing machine. if you cannot prove it, things are more complicated.
[Wed May 21 07:48:07 2014] <schoppenhauer> but thinking in terms of turing machines is probably not the best in this case anyway.
[Wed May 21 08:36:14 2014] <td202> schoppenhauer: I think it's the other way: if there's a TM that decides it, you should be able to prove it. But for instance, when t is infinite (e.g. a stream of nats) then you might be able to prove "forall t, (P t \/ ~ P t)" (e.g. P t := stream is all 0s), but couldn't decide such a property with a TM.
[Wed May 21 09:08:52 2014] <eizo> thanks
[Wed May 21 09:08:55 2014] <eizo> so they're incomparable?
[Wed May 21 09:21:04 2014] <eizo> td202: how do you prove that in coq?
[Wed May 21 09:21:23 2014] <eizo> i thought proofs corresponded to terminating programs
[Wed May 21 09:38:01 2014] <eizo> http://pastie.org/9196028
[Wed May 21 10:45:18 2014] <td202> * is probably mistaken
[Thu May 22 06:16:01 2014] <xavierm02> Hi. I'm trying to access the equiv "field" of a Setoid which is required by a Module Type. But I can't firgure out how to do that.Module Type Eqset. Parameter A : Type. Parameter Instance SetoidA : Setoid A. Definition eqA := SetoidA.equiv. End Eqset.
[Thu May 22 06:24:37 2014] <xavierm02> Nevermind. It's just equiv without SetoidA in front of it.
[Thu May 22 11:20:20 2014] <eizo> why do i get "Could not find an instance for "RelationClasses.subrelation"" when trying to use "rewrite andb_true_eq"
[Thu May 22 11:22:58 2014] <eizo> or andb_prop
[Thu May 22 16:37:51 2014] <heatsink> I don't know how to go about doing a counting proof in coq.  Can I have a hint or example?
[Thu May 22 16:38:08 2014] <heatsink> For example, for any byte b, for any set S of 256 bytes, b is in S.
[Thu May 22 16:58:46 2014] <jrw> heatsink: can you say a bit more about what you're trying to do? how are you modeling byes? sets?
[Thu May 22 17:05:34 2014] <heatsink> jrw, I'm encoding size-N permutations as a list of list indices less than N, with all list elements distinct from each other.
[Thu May 22 17:06:02 2014] <heatsink> I want to show that each list index appears exactly once
[Thu May 22 17:06:27 2014] <heatsink> i.e., permuting a list doesn't discard or duplicate elements
[Thu May 22 17:07:19 2014] <jrw> heatsink: okay, can you post your definitions? it's definitely possible to show this.
[Thu May 22 17:07:27 2014] <heatsink> Alright, just a moment
[Thu May 22 17:14:08 2014] <heatsink> I think this is the only part that's relevant. http://lpaste.net/104485
[Thu May 22 17:14:27 2014] <heatsink> There's the permutation data type and the goal to be proven.
[Thu May 22 17:14:37 2014] <jrw> heatsink: what's ForallOrdPairs?
[Thu May 22 17:14:53 2014] <jrw> oh I see
[Thu May 22 17:14:54 2014] <heatsink> It's from the List module
[Thu May 22 17:14:56 2014] <jrw> stdlib
[Thu May 22 17:15:45 2014] <heatsink> ForallOrdPairs R lst means that R x y holds for each (x, y) in the list where x precedes y
[Thu May 22 17:16:05 2014] <heatsink> each x and each y, rather
[Thu May 22 17:17:16 2014] <jrw> heatsink: is there any reason you chose not to use the definition of permutation in Sorting.Permutation?
[Thu May 22 17:19:16 2014] <heatsink> No.  I'm not familiar with Coq and the library.
[Thu May 22 17:19:54 2014] <jrw> ok, well one option would be to use that
[Thu May 22 17:19:58 2014] <jrw> there are more lemmas about permutations
[Thu May 22 17:20:06 2014] <jrw> but not the exact one you want.
[Thu May 22 17:21:37 2014] <heatsink> Hmm
[Thu May 22 17:24:42 2014] <heatsink> There's a lemma that if l is a permutation of l', every element of l is in l'.
[Thu May 22 17:24:55 2014] <jrw> yeah, that's pretty close to what you were saying
[Thu May 22 17:25:34 2014] <heatsink> Permutations here are a relation on lists, rather than a transformation that can be applied to lists.  But I think that will work for now.
[Thu May 22 17:27:23 2014] <heatsink> I am still interested in learning about counting proofs, though
[Thu May 22 17:28:06 2014] <heatsink> Since it seems "obvious" but I have no idea how to formalize it
[Thu May 22 17:31:10 2014] <heatsink> My intuition says that I could use 'cardinal' from the Finite_sets module, and induction on the natural number data type, to count the size of { i | i < n }
[Thu May 22 17:33:09 2014] <heatsink> That would also give me a way of constructing the set, with type Ensemble { i | i < n }
[Thu May 22 17:35:01 2014] <heatsink> That won't give me the whole proof, but I think I need to put that off for another time
[Thu May 22 17:35:30 2014] <heatsink> while I try using Sorting.Permutation
[Fri May 23 03:09:40 2014] <dahh> how can i set hybrid mode by default for coq?
[Fri May 23 03:09:46 2014] <dahh> in emacs
[Fri May 23 07:44:57 2014] <eizo> let (S,<=) be an arbitrary partially ordered type, and Max be the set of elements which are maximal in S. can i prove in coq that for every s in S, there exists a maximal element m such that s <= m?
[Fri May 23 07:45:13 2014] <eizo> i feel i need to use the excluded_middle, in order to expose the maximal element
[Fri May 23 07:47:43 2014] <eizo> nvm this is just wrong
[Fri May 23 08:19:26 2014] <eizo> how can i force a definition to always be unfolded in proofs?
[Fri May 23 10:13:46 2014] <alkabetz> You should post a minimal example, but I’ve got something kind of like what you want using [Hint Unfold] and the [autounfold] tactic.  See http://lpaste.net/104516.
[Fri May 23 11:45:06 2014] <schoppenhauer> hello. I have found strange behavior in coq.
[Fri May 23 11:45:10 2014] <schoppenhauer> but I cannot isolate it.
[Fri May 23 11:45:27 2014] <schoppenhauer> and I don't want to put my whole code online
[Fri May 23 11:45:42 2014] <schoppenhauer> is anyone willing to look at it? might be a bug.
[Fri May 23 11:46:16 2014] <schoppenhauer> (I use the git-version. and it sometimes does not recognize subterms that are there. but also, I have a case in which it does not demand an equality proof.)
[Fri May 23 11:46:26 2014] <schoppenhauer> (even though I do a replacement before)
[Fri May 23 11:59:47 2014] <schoppenhauer> nevermind.
[Fri May 23 12:00:09 2014] <schoppenhauer> what I need to do works now ... everything else ... oh well.
[Fri May 23 13:14:08 2014] <eizo> alkabetz: thank you
[Fri May 23 19:10:58 2014] <tswett> Ahoy.
[Fri May 23 19:12:00 2014] <tswett> How does the proof that the Calculus of Constructions is strongly normalizing go? Does it pretty much go by defining a model in ZFC?
[Fri May 23 19:17:42 2014] <tswett> Related question. The CoC is weaker than ZFC; is there a simple axiom you can add that makes it as strong as ZFC?
[Fri May 23 19:50:33 2014] <tswett> Maybe a transfinite induction axiom would do the trick. Given a well-ordered set, and a function that takes a family of Ts indexed by a truncation of the well-ordered set and returns a T, there's a family of Ts indexed by the entire well-ordered set such that each T is produced by the function applied to all the Ts before it.
[Fri May 23 19:53:05 2014] <tswett> Then, if you wanted to, you could define the von Neumann universe by using the set of all ordinal numbers as your well-ordered set.
[Fri May 23 19:53:19 2014] <tswett> (Obviously, multiple universes will end up getting invoked here.)
[Fri May 23 20:58:56 2014] <konne> I'm trying to create the following definition:
[Fri May 23 20:59:02 2014] <konne> http://pastebin.com/mxRbcuZZ
[Fri May 23 20:59:08 2014] <konne> But Coq complains that
[Fri May 23 20:59:17 2014] <konne>   term "v" has type "if b then nat else unit"
[Fri May 23 20:59:23 2014] <konne>   while it is expected to have type "if b then nat else unit".
[Fri May 23 20:59:28 2014] <konne> How can I fix my definition?
[Sat May 24 00:43:49 2014] <jrw> konne: you have a rather subtle bug with a terrible error message
[Sat May 24 00:44:07 2014] <jrw> as always, the first step is to say "Set Printing All." to get coq to stop contradicting itself while printing things to you
[Sat May 24 00:44:20 2014] <jrw> once you do that, you'll see that it's having trouble with Type vs Set
[Sat May 24 00:44:47 2014] <jrw> in this case, the problem is that the if expression is automagically returning a Set where a Type is expected
[Sat May 24 00:45:26 2014] <jrw> the following code works: http://pastebin.com/eW3qsF7u
[Sat May 24 14:25:44 2014] <Enjolras> hi
[Sat May 24 14:26:10 2014] <Enjolras> I'd like to unfold an inductive definition, but only unfold one step and don't perform simpl
[Sat May 24 14:26:19 2014] <Enjolras> I don't find how to do that
[Sat May 24 14:31:52 2014] <Enjolras> nvm, I might not be possible at all, i should read about delta reduction. I found another way
[Sat May 24 17:45:50 2014] <Ptival> Enjolras: yeah cbv delta might help
[Mon May 26 05:51:48 2014] <xaviem02> Hi. I'd like to know if it's possible to get a proof that the argument of a match is equal to the matched pattern. Thank you in advance.
[Mon May 26 06:35:23 2014] <xaviem02> Nevermind. I got what I wanted with a Program Definition.
[Mon May 26 06:36:40 2014] <rmk0> xaviem02: there's a more verbose way called the "convoy pattern", but if you're happy to use Program...
[Mon May 26 06:36:44 2014] <rmk0> xaviem02: http://adam.chlipala.net/cpdt/html/MoreDep.html
[Mon May 26 06:39:00 2014] <rmk0> xaviem02: essentially, you use extra annotations on the match expression and effectively pass equality proofs to each case of the match
[Mon May 26 06:39:36 2014] <rmk0> can obviously use this to mark "unreachable" cases by refuting the equality proofs in the cases that are supposed to be unreachable
[Mon May 26 06:39:47 2014] <rmk0> i think Program does these refinements by itself
[Mon May 26 07:02:13 2014] <xaviem02> rmk0: Thank you :)
[Mon May 26 15:56:34 2014] <Ptival> does anyone have a good understanding of why a Coinductive definition of eq is not satisfactory for proving equalities of coinductive datatypes?
[Mon May 26 15:57:49 2014] <Ptival> it seems to relate to how judgemental equality does not unfold cofix unless they are being consumed
[Mon May 26 17:35:06 2014] <robbert> Ptival: what do you mean by "a Coinductive definition of eq"?
[Mon May 26 17:35:43 2014] <robbert> cofixes are unfolded lazily when applied to a match
[Mon May 26 17:36:40 2014] <Ptival> robbert: I mean, take the greatest fixed point of Coq's eq definition
[Mon May 26 17:37:15 2014] <robbert> For non-recursive data types, being inductive or coinductive does not matter
[Mon May 26 17:38:08 2014] <robbert> Coinductive ceq {A} (x : A) : A -> Prop := crefl : eq x x. is equivalent to the ordinary eq (easy exercise to prove)
[Mon May 26 17:41:07 2014] <Ptival> robbert: to prove in Coq or to meta-prove?
[Mon May 26 17:41:38 2014] <robbert> To prove in Coq
[Mon May 26 17:41:58 2014] <Ptival> interesting :)
[Mon May 26 17:43:47 2014] <robbert> The proof is a one-liner :)
[Mon May 26 17:47:06 2014] <Ptival> http://paste.awesom.eu/2Zz5 like this?
[Mon May 26 17:48:03 2014] <robbert> Yes, or just [now split; destruct 1.] :).
[Mon May 26 17:48:41 2014] <Ptival> ok
[Mon May 26 17:49:10 2014] <Ptival> that's a bit surprising to me
[Mon May 26 17:49:34 2014] <robbert> But anyway, now that you have this, the argument that bisimarity does not implies Coq's equality eq, is the same for bisimilarity w.r.t your coinductive eq type
[Mon May 26 17:49:55 2014] <Ptival> yes
[Mon May 26 17:50:06 2014] <robbert> Well, basically, taking the greatest or least fixpoint over a constant functor is the same
[Mon May 26 17:50:17 2014] <Ptival> yeah
[Mon May 26 17:50:18 2014] <robbert> So, if a data type is not recursive, coinductive and inductive are the same
[Mon May 26 17:51:22 2014] <Ptival> I'm trying to understand how propositional equality captures more than judgemental :\
[Mon May 26 17:52:10 2014] <robbert> By the way, there are some people that define records like [CoInductive foo := Foo { bar : nat }.]
[Mon May 26 17:52:40 2014] <robbert> that way you do not mess up your namespace with garbage induction principles :)
[Mon May 26 17:53:42 2014] <Ptival> robbert: ? CoInductive does not seem to generate principles
[Mon May 26 17:53:51 2014] <Ptival> oh I see
[Mon May 26 17:53:57 2014] <Ptival> you mean when they actually want an inductive
[Mon May 26 17:54:27 2014] <robbert> No, I mean, it does not matter :) And since the induction principles for records are useless, you may as well avoid generating them
[Mon May 26 17:55:03 2014] <robbert> But for coinductive types, both propositional equality and judgmental equality are generally too weak
[Mon May 26 17:55:27 2014] <robbert> You cannot prove [map suc zeroes = ones] for example
[Mon May 26 17:55:36 2014] <Ptival> oh I meant, even in the inductive case now
[Mon May 26 17:56:24 2014] <robbert> Uhm, you are wondering about the difference between propositional and judgmental equality for inductive types?
[Mon May 26 17:56:30 2014] <Ptival> I guess propositional lets you prove that things that aren't syntactically equivalent would reduce to syntacticall-equivalent things in all cases?
[Mon May 26 17:56:34 2014] <Ptival> yes
[Mon May 26 17:57:00 2014] <Ptival> or rather, how the inductive definition eq captures more equalities than the judgemental I guess?
[Mon May 26 17:57:23 2014] <robbert> Judgmental equality is just algorithmic equality (beta/eta/iota/delta)
[Mon May 26 17:57:32 2014] <Ptival> when it seems to simply say that things judgementally equal are propositionally equal :)
[Mon May 26 17:58:13 2014] <robbert> Hence, you do not have that [plus x 1] is judgmentally equal to [plus 1 x]
[Mon May 26 17:58:31 2014] <robbert> Both terms have unequal normal forms
[Mon May 26 17:59:19 2014] <robbert> And indeed, judgmental equality (which is a meta property, by the way) implies propositional equality
[Mon May 26 18:00:08 2014] <robbert> That is by the conversion rule, which states that if [M : A], [A : some sort], and [A] judgmentally equal to [B], then [M : B]
[Mon May 26 18:13:46 2014] <Ptival> robbert: my current interrogation is of the form "how is it that the fixed-point of the eq definition contains eq (plus x 1) (plus 1 x)"
[Mon May 26 18:16:28 2014] <Ptival> i.e. how is the set of things judgementally equal not a fixed point?
[Mon May 26 18:31:10 2014] <Ptival> oh maybe it doesn't, but you can start using the other rules of the proof system to make judgementally equal things appear?
[Tue May 27 04:05:21 2014] <robbert> Ptival: what do you mean by "the fixed-point of the eq definition"
[Tue May 27 04:06:06 2014] <robbert> Anyway, the reason is indeed that you can use other rules of the system (in particular induction) to prove equalities
[Tue May 27 05:14:41 2014] <schoppenhauer> is it possible to rewrite an assumption?
[Tue May 27 05:19:49 2014] <Ptival> schoppenhauer: do you mean perform a rewrite in an assumption's type?
[Tue May 27 05:38:44 2014] <schoppenhauer> Ptival: yes.
[Tue May 27 15:44:42 2014] <Ptival> schoppenhauer: isn't it just 'rewrite H1 in H2.'?
[Tue May 27 15:55:56 2014] <schoppenhauer> Ptival: thy.
[Tue May 27 15:55:58 2014] <schoppenhauer> *thx
[Wed May 28 09:41:36 2014] <roosbeef> how do i copy a hypothesis?
[Wed May 28 09:41:57 2014] <roosbeef> for example duplicate H to H and H_copy
[Wed May 28 09:44:07 2014] <roosbeef> nevermind ill just use cut
[Wed May 28 13:03:15 2014] <Ptival> roo
[Wed May 28 13:03:18 2014] <Ptival> erf
[Wed May 28 13:09:32 2014] <hodapp> bonk
[Wed May 28 13:21:31 2014] <rmk0> The sound of glass breaking.
[Thu May 29 05:34:58 2014] <roosbeef> if i have x <-> y
[Thu May 29 05:35:04 2014] <roosbeef> is it possible to prove that x = y
[Thu May 29 05:35:05 2014] <roosbeef> ?
[Thu May 29 05:35:25 2014] <ezyang> for general x/y, no
[Thu May 29 05:35:30 2014] <roosbeef> ok but in some cases?
[Thu May 29 05:35:38 2014] <ezyang> sure
[Thu May 29 05:35:55 2014] <roosbeef> i have this equivalence between relations
[Thu May 29 05:36:02 2014] <roosbeef> MultisetGt (transp l_Lt) <-> MultisetGT (transp l_Lt)
[Thu May 29 05:36:14 2014] <roosbeef> and would like to use this to prove this subgoal MultisetGt (transp l_Lt) = MultisetGT (transp l_Lt)
[Thu May 29 05:36:31 2014] <ezyang> you don't need the equivalence, your subgoal is true by reflexivity....
[Thu May 29 05:36:54 2014] <roosbeef> note one is large T one is small t
[Thu May 29 05:37:03 2014] <ezyang> oh oopsies
[Thu May 29 05:37:12 2014] <roosbeef> yea :p
[Thu May 29 05:37:21 2014] <ezyang> You probably need univalence
[Thu May 29 05:37:29 2014] <roosbeef> whats that?
[Thu May 29 05:37:51 2014] <ezyang> it says if A is isomorphic to B, then A = B
[Thu May 29 05:37:52 2014] <eizo> roosbeef: what's the type of these objects?
[Thu May 29 05:38:18 2014] <ezyang> you need extra conditions to hold on <->
[Thu May 29 05:38:22 2014] <roosbeef> MultisetGt (transp l_Lt) : Multiset -> Multiset -> Prop
[Thu May 29 05:38:47 2014] <roosbeef> ezyang, how do i figure if they are isomorphic?
[Thu May 29 05:38:58 2014] <eizo> what if you had functional extensionality ?
[Thu May 29 05:39:10 2014] <roosbeef> whats that?
[Thu May 29 05:40:37 2014] <eizo> roosbeef: http://pastie.org/9234139 (taken from Equiv chapter of the software foundations book)
[Thu May 29 05:41:11 2014] <eizo> i'm new to coq, so i'm not sure if that's what you need
[Thu May 29 05:42:30 2014] <roosbeef> hm.. in all honesty i dont see how that would help
[Thu May 29 05:44:16 2014] <roosbeef> ok there are some Morphisms in the library that provides the relations
[Thu May 29 05:44:29 2014] <roosbeef> ezyang: would that help?
[Thu May 29 05:44:34 2014] <eizo> roosbeef: if i understood correctly, you know: forall m1 m2, MultisetGt (transp l_Lt) m1 m2 = MultisetGT (transp l_Lt) m1 m2
[Thu May 29 05:45:25 2014] <ezyang> Yes, funexst is exactly what the doctor ordered, except you still might have trouble proving equalities in Prop
[Thu May 29 05:45:25 2014] <roosbeef> that is not correct
[Thu May 29 05:45:29 2014] <eizo> oh wait, maybe rather: forall m1 m2, MultisetGt (transp l_Lt) m1 m2 <-> MultisetGT (transp l_Lt) m1 m2
[Thu May 29 05:45:36 2014] <roosbeef> eizo: yep
[Thu May 29 05:45:50 2014] <roosbeef> ezyang, why?
[Thu May 29 05:46:12 2014] <eizo> roosbeef: you need to deduce from that that they're equal, and they apply funexst
[Thu May 29 05:46:23 2014] <roosbeef> whats funexst?
[Thu May 29 05:46:29 2014] <eizo> functional extensionality
[Thu May 29 05:46:49 2014] <roosbeef> how do i do that
[Thu May 29 05:48:49 2014] <roosbeef> how are Morphisms employed?
[Thu May 29 05:48:57 2014] <eizo> i don't know, maybe there is an axiom that you can add to coq which says: forall p1 p2 : Prop, (p1 <-> p2) -> p1 = p2, but that seems a bit strong
[Thu May 29 05:49:17 2014] <eizo> why do you need to prove that MultisetGt (transp l_Lt) = MultisetGT (transp l_Lt)? and what do you mean by equality here?
[Thu May 29 05:49:21 2014] <ezyang> funext is an axiom
[Thu May 29 05:49:26 2014] <roosbeef> because i want to rewrite one to the other
[Thu May 29 05:49:30 2014] <ezyang> it states (forall x, f x = f' x) -> f = f'
[Thu May 29 05:50:46 2014] <eizo> roosbeef: why do you need to rewrite? is it not enough to use the prop equivalence for all m1 m2?
[Thu May 29 05:50:54 2014] <roosbeef> well,
[Thu May 29 05:51:04 2014] <roosbeef> i have a lemma for one but not for the other
[Thu May 29 05:51:12 2014] <roosbeef> and i want to apply that lemma to the other
[Thu May 29 05:51:17 2014] <roosbeef> so i need a bridge from one to the other
[Thu May 29 05:51:28 2014] <eizo> roosbeef: can you post the lemma?
[Thu May 29 05:51:32 2014] <roosbeef> sure
[Thu May 29 05:52:33 2014] <roosbeef> Lemma mord_sorder : strict_order MultisetGt.
[Thu May 29 05:53:02 2014] <roosbeef> and i need transitive MultisetGT, i guess
[Thu May 29 05:54:13 2014] <eizo> could you post more context, on a pastebin if possible
[Thu May 29 05:54:34 2014] <roosbeef> i could but do you really need more?
[Thu May 29 05:55:10 2014] <roosbeef> http://color.inria.fr/doc/CoLoR.Util.Multiset.MultisetOrder.html
[Thu May 29 05:55:14 2014] <roosbeef> its from this lib
[Thu May 29 05:57:24 2014] <roosbeef> suppose id give funext a try, do i need to Require Import something?
[Thu May 29 05:58:16 2014] <eizo> roosbeef: you can write down the axiom as in the pastebin
[Thu May 29 05:58:52 2014] <roosbeef> eh
[Thu May 29 05:59:03 2014] <roosbeef> but thats unproven
[Thu May 29 05:59:23 2014] <roosbeef> i cant be adding axioms like that
[Thu May 29 05:59:49 2014] <eizo> roosbeef: basically, you want to prove that if two relations are "equivalent" and one is transitive, the other one is transitive too
[Thu May 29 05:59:59 2014] <roosbeef> yep
[Thu May 29 06:00:05 2014] <roosbeef> which is true
[Thu May 29 06:00:12 2014] <eizo> given the definition of transitivity:  forall x y z:A, R x y -> R y z -> R x z, this doesn't seem hard
[Thu May 29 06:00:35 2014] <roosbeef> it doesnt?
[Thu May 29 06:07:25 2014] <eizo> roosbeef: http://pastie.org/9234326
[Thu May 29 06:11:00 2014] <roosbeef> hm
[Thu May 29 06:11:14 2014] <roosbeef> did i miss anything? My wifi dropped i guess
[Thu May 29 06:24:23 2014] <eizo> roosbeef: http://pastie.org/9234326
[Thu May 29 06:25:08 2014] <roosbeef> interesting :)
[Thu May 29 06:25:17 2014] <roosbeef> let me have a look at that, thanks!
[Thu May 29 06:33:35 2014] <eizo> roosbeef: if you know R2 x y and R2 y z, you deduce by equivalence that R1 x y and R1 y z, then by transitivity of R1 you deduce R1 x z, and by equivalence you conclude that R2 x z (thus that R2 is transitive) the proof in coq is backwards compare to what i wrote
[Thu May 29 06:36:57 2014] <eizo> compared
[Thu May 29 06:43:27 2014] <roosbeef> hm
[Thu May 29 06:44:04 2014] <roosbeef> yea that makes sense
[Thu May 29 06:44:30 2014] <roosbeef> but why cant it be done directly :p
[Thu May 29 06:46:23 2014] <eizo> roosbeef: you can write down a lemma which says if R1 and R2 are equivalent, and one is a strict order, then the other one too
[Thu May 29 06:46:46 2014] <roosbeef> similar to what you did, right?
[Thu May 29 06:47:38 2014] <eizo> you don't have to do it again, you just apply this lemma
[Thu May 29 06:47:43 2014] <eizo> (and another one for irreflexivity)
[Thu May 29 06:48:22 2014] <roosbeef> yea writing the irreflexivity one as we speak :)
[Thu May 29 06:51:46 2014] <roosbeef> equiv_irreflexivity is defined
[Thu May 29 06:51:47 2014] <roosbeef> :)
[Thu May 29 06:52:52 2014] <eizo> :) now you should be able to combine the two to define equiv_strict_order
[Thu May 29 06:53:49 2014] <roosbeef> yep it seems like :)
[Thu May 29 06:53:53 2014] <roosbeef> thanks very much!
[Thu May 29 06:57:23 2014] <eizo> yw
[Thu May 29 07:22:54 2014] <roosbeef> it worked! :D
[Thu May 29 07:23:08 2014] <roosbeef> * does a chair spin
[Thu May 29 07:26:44 2014] <eizo> =)
[Thu May 29 09:23:14 2014] <ubuntu3422> hehehe surprise surprise :D
[Fri May 30 03:04:19 2014] <logicalguy> hello
[Fri May 30 07:04:35 2014] <roosbeef> ok so i have
[Fri May 30 07:04:35 2014] <roosbeef> Module FL. Definition A := fletter. End FL.
[Fri May 30 07:04:54 2014] <roosbeef> how do i make it so that coq can see outside of FL that FL.A. is fletter?
[Fri May 30 07:05:28 2014] <roosbeef> i know how to do this when the Module has a type, you open the module with Module FL : Type with Definition A := fletter.
[Fri May 30 07:05:38 2014] <roosbeef> but how do i do the same thing when a module has no "type"?
[Fri May 30 07:14:06 2014] <amosr> roosbeef: try just “unfold FL.A”?
[Fri May 30 07:14:27 2014] <amosr> with Module FL. Definition A := 1. End FL.
[Fri May 30 07:14:52 2014] <amosr> I can do
[Fri May 30 07:14:53 2014] <amosr> Lemma A_lt_2 : FL.A < 2. unfold FL.A.
[Fri May 30 07:16:21 2014] <roosbeef> let me see
[Fri May 30 07:16:59 2014] <roosbeef> lol
[Fri May 30 07:17:02 2014] <roosbeef> yea that works :P
[Fri May 30 07:17:08 2014] <amosr> :-)
[Sat May 31 05:08:08 2014] <roosbeef> is there a lemma to rewrite "'exists2' x : t , p & q" to "'exists x : t , p /\ q"?
[Sat May 31 07:20:53 2014] <roosbeef> i have to prove this subgoal: https://privatepaste.com/8ce9779065
[Sat May 31 07:21:41 2014] <roosbeef> because of the ~ ( forall a0, ... ) structure i find it difficult to get to the root of it
[Sat May 31 07:21:54 2014] <roosbeef> any tips on how to approach this?
[Sat May 31 17:09:44 2014] <konne> @roosbeef, the lemma you asked for can be proven in the following way
[Sat May 31 17:09:59 2014] <konne> https://www.irccloud.com/pastebin/8MMyrKm0
[Sun Jun  1 22:39:08 2014] <coventry> Is there any automated way to enumerate the elements of an inductive type?  I want to check my answer for type baz in the Poly.v file of Software Foundations.
[Sun Jun  1 23:12:02 2014] <coventry> coq 8.3 is failing on the Arguments directive in Software Foundation's Poly.v (as described here: http://stackoverflow.com/questions/23303713/coq-arguments-directive) and 8.4 is failing on Basics.v with the error message "There are pending proofs."  Any suggestions for how to move forward?
[Sun Jun  1 23:13:31 2014] <coventry> Oh, and Basics.v runs without errors under 8.4 under Proof General.
[Sun Jun  1 23:17:05 2014] <coventry> Basics.v also runs without errors in CoqIde v8.4, but executing the Software Foundations make file under CoqIde via Compile -> Makefile fails with the same error, "There are pending proofs."
[Sun Jun  1 23:22:44 2014] <coventry> Never mind, it was a modification I'd made when playing around with Basics.v.
[Sun Jun  1 23:23:41 2014] <konne> @coventry, it is generally undecidable to check whether a value is an element of an inductive type.
[Sun Jun  1 23:25:22 2014] <konne> e.g. you can define an inductive type whose elements are all the Turing Machines that terminate
[Sun Jun  1 23:25:54 2014] <konne> If you tell us your answer for baz, we can tell you whether it's right or not
[Sun Jun  1 23:27:25 2014] <konne> I actually don't know how you could proof in coq that there are exactly x elements in baz
[Sun Jun  1 23:28:39 2014] <coventry> konne: Can you give me an example of a definition for an inductive type which doesn't implicitly define an enumeration of its elements?
[Sun Jun  1 23:28:55 2014] <konne> I suspect it might be impossible
[Sun Jun  1 23:32:15 2014] <coventry> I guess the halting Turing machines definition must be an example, actually.  Can you point me at that definition?
[Sun Jun  1 23:34:48 2014] <coventry> Oh, maybe not, but if the definition is enumerable, there can't be a decidable way of estimating when all turing machine expressions of a given length have been enumerated.
[Sun Jun  1 23:36:37 2014] <konne> " I suspect it might be impossible" was in reference to the provability  of elements in baz, not your response
[Sun Jun  1 23:38:16 2014] <coventry> Thanks for clarifying.
[Sun Jun  1 23:39:21 2014] <konne> for an example, you can take a look at small step semantics of programming languages. e.g. http://www.cis.upenn.edu/~bcpierce/sf/Smallstep.html
[Sun Jun  1 23:40:30 2014] <coventry> Thanks.  Probably a bit beyond me right now, but I will keep it in mind when I get to that section.
[Mon Jun  2 03:17:55 2014] <amosr> is there any difference between Z_of_nat and Z_of_nat’ ?
[Mon Jun  2 04:19:57 2014] <roosbeef> is it possible to unfold only a particular occurence of a function inside a subgoal?
[Mon Jun  2 04:22:01 2014] <roosbeef> nevermind found it, "at n"
[Mon Jun  2 04:22:03 2014] <roosbeef> :)
[Mon Jun  2 05:42:23 2014] <roosbeef> how do i apply the same tactic to multiple subgoals?
[Mon Jun  2 05:43:37 2014] <amosr> you can do semicolon after the thing that produces multiple goals
[Mon Jun  2 05:43:46 2014] <amosr> like “destruct X; apply Y”
[Mon Jun  2 05:44:00 2014] <roosbeef> but for existing subgoals?
[Mon Jun  2 05:44:21 2014] <amosr> I don’t know whether there’s a way to do that
[Mon Jun  2 05:44:23 2014] <amosr> hmm
[Mon Jun  2 05:44:39 2014] <roosbeef> such as "all:tactic"
[Mon Jun  2 05:44:51 2014] <roosbeef> i found this on google: http://www.lix.polytechnique.fr/coq/bugs/show_bug.cgi?id=1805
[Mon Jun  2 05:45:03 2014] <roosbeef> guess its still a requested feature?
[Mon Jun  2 05:47:36 2014] <amosr> is there any way to defer the current subgoal?
[Mon Jun  2 05:47:45 2014] <amosr> like, put it at the end?
[Mon Jun  2 05:48:04 2014] <roosbeef> well
[Mon Jun  2 05:48:08 2014] <roosbeef> i have three subgoals
[Mon Jun  2 05:48:14 2014] <roosbeef> and they are all the same
[Mon Jun  2 05:48:14 2014] <roosbeef> :p
[Mon Jun  2 05:48:40 2014] <roosbeef> ah i see what youre hinting at
[Mon Jun  2 05:48:59 2014] <amosr> yeah
[Mon Jun  2 05:49:02 2014] <roosbeef> defer the first subgoal when those three appear, and then apply the tactic after ;
[Mon Jun  2 05:49:29 2014] <amosr> but I’m not sure
[Mon Jun  2 05:50:53 2014] <amosr> I’m not sure. if they’re all the same, why doesn’t ; work?
[Mon Jun  2 05:52:44 2014] <roosbeef> because theyre not the only new subgoals
[Mon Jun  2 05:53:21 2014] <amosr> ah, ok. “try apply X“ can be useful
[Mon Jun  2 05:53:33 2014] <amosr> or “try (solve (X Y Z))” I think
[Mon Jun  2 05:53:40 2014] <roosbeef> yea was thinking of that but its a bit ugly imo
[Mon Jun  2 05:58:13 2014] <amosr> yeah, true
[Mon Jun  2 06:22:36 2014] <roosbeef> lunch timeee
[Mon Jun  2 06:22:38 2014] <roosbeef> see ya :p
[Mon Jun  2 07:55:27 2014] <roosbeef> say i have a list in my hypotheses
[Mon Jun  2 07:55:40 2014] <roosbeef> is it possible to introduce an arbitrary element of this list?
[Mon Jun  2 07:55:54 2014] <roosbeef> for example pose x : A
[Mon Jun  2 07:56:11 2014] <roosbeef> which would add x : A and Hx : In x l
[Mon Jun  2 07:56:12 2014] <roosbeef> ?
[Mon Jun  2 07:56:21 2014] <roosbeef> (suppose we take some element x from l)
[Mon Jun  2 08:01:34 2014] <amosr> hmm, maybe a lemma “forall xs, xs <> [] -> exists x, In x xs”?
[Mon Jun  2 08:03:36 2014] <roosbeef> sounds good :)
[Mon Jun  2 08:03:40 2014] <roosbeef> lemme try that, thanks!
[Mon Jun  2 08:03:49 2014] <roosbeef> pretty obvious lol
[Mon Jun  2 08:04:20 2014] <roosbeef> i guess im still confused with direction of reasoning in hypotheses (opposite from the direction of reasoning in subgoals)
[Mon Jun  2 08:04:49 2014] <amosr> most of the time it’s only obvious in retrospect ;-)
[Mon Jun  2 08:06:59 2014] <roosbeef> haha
[Mon Jun  2 08:07:32 2014] <roosbeef> yea the solution space can be large :p
[Wed Jun  4 07:25:48 2014] <roosbeef> {x0 =mul= y0} + {x0 <>mul y0}
[Wed Jun  4 07:25:52 2014] <roosbeef> is there a lemma for this?
[Wed Jun  4 10:18:28 2014] <roosbeef> i have subgoal False
[Wed Jun  4 10:19:31 2014] <ianjneu> roosbeef: show one of your assumptions is false.
[Wed Jun  4 10:19:34 2014] <roosbeef> can i use this hypothesis to prove that? forall l, In l nil -> exists2 l', In nil & lt l l'
[Wed Jun  4 10:19:35 2014] <roosbeef> ?
[Wed Jun  4 10:19:51 2014] <ianjneu> no, it assumes false.
[Wed Jun  4 10:20:03 2014] <roosbeef> hm
[Wed Jun  4 10:20:23 2014] <roosbeef> so the assumption is not false?
[Wed Jun  4 10:21:03 2014] <roosbeef> forall l, In l nil -> exists2 l', In l' nil & lt l l'
[Wed Jun  4 10:21:08 2014] <roosbeef> fixed*
[Wed Jun  4 10:26:20 2014] <ianjneu> nope. You can prove that easily with intros ? bad; inversion bad.
[Wed Jun  4 10:32:09 2014] <roosbeef> hm :<
[Wed Jun  4 14:24:56 2014] <Ptival> do we need weak bisimilarity to prove equivalence of λ-terms in STLC, or is bisimilarity enough?
[Wed Jun  4 20:00:38 2014] <schoppenhauer> Anomaly: Backtrack.backto 13252: a state with no vcs_backup. Please report.
[Wed Jun  4 20:00:40 2014] <schoppenhauer> what to do?
[Fri Jun  6 01:01:47 2014] <amosr> hmm, is there an ltac way to recursively look inside the current goal for anything matching “V_eq_dec _ _” and destruct on it?
[Fri Jun  6 01:06:34 2014] <jrw> amosr: Ltac foo :=
[Fri Jun  6 01:06:36 2014] <jrw>   match goal with
[Fri Jun  6 01:06:38 2014] <jrw>     | [ |- context [ V_eq_dec ?X ?Y ] ] => destruct (V_eq_dec X Y)
[Fri Jun  6 01:06:40 2014] <jrw>   end.
[Fri Jun  6 01:06:42 2014] <jrw>         
[Fri Jun  6 01:06:47 2014] <jrw> see if that does what you want
[Fri Jun  6 01:16:06 2014] <amosr> jrw: cool, thanks!
[Fri Jun  6 01:16:53 2014] <jrw> amosr: note that that only works if what you want to destruct is in the conclusion of the goal, not any hypothesis
[Fri Jun  6 01:17:09 2014] <jrw> if you want hypotheses too, that's also possible by adding another branch to that ltac match
[Fri Jun  6 04:07:48 2014] <dalaing> is there coq syntax for treating an operator as a function?
[Fri Jun  6 04:08:10 2014] <dalaing> I'm in a position where I want to use + as nat -> nat -> nat
[Fri Jun  6 04:22:21 2014] <dwoos> dalaing: it actually works the other way; + is just a Notation for the plus function
[Fri Jun  6 04:23:04 2014] <dalaing> Is there a way to search for the function, given a notation?
[Fri Jun  6 04:23:24 2014] <dalaing> I found the functions I was looking for in the Peano module, just wondering for the future
[Fri Jun  6 04:23:50 2014] <dalaing> (I should be less lazy and read about all of the various search functions again, been a little while)
[Fri Jun  6 04:24:06 2014] <dalaing> currently lurching through SF, for greater context :)
[Fri Jun  6 04:27:22 2014] <amosr> dalaing: Locate, I think
[Fri Jun  6 04:27:29 2014] <dwoos> dalaing: Locate "+" will give you notation definitions that use the "+" symbol
[Fri Jun  6 04:27:38 2014] <dalaing> ah, quotes :)
[Fri Jun  6 04:27:40 2014] <dalaing> thank you both
[Fri Jun  6 04:27:51 2014] <dwoos> dalaing: it'll give you a few more of them than you want, but one of them is "plus" :)
[Fri Jun  6 05:47:01 2014] <roosbeef> suppose i have an inductively defined relation R
[Fri Jun  6 05:47:04 2014] <roosbeef> which looks something like
[Fri Jun  6 05:48:23 2014] <roosbeef> Definition R : A -> B -> Prop := R1 x y : R x y | R2 x y : R x y.
[Fri Jun  6 05:48:47 2014] <roosbeef> suppose we also have transitive R1 and transitive R2
[Fri Jun  6 05:48:54 2014] <roosbeef> is it possible to prove from this that transitive R?
[Fri Jun  6 06:58:19 2014] <roosbeef> ok its possible, had to adjust my definition of R2 a little :p
[Fri Jun  6 13:54:50 2014] <alkabetz> I’m trying to write a nonempty list type, and I’m having some notation difficulties (http://lpaste.net/105179).  Any recommendations?
[Fri Jun  6 14:06:23 2014] <ianjneu> I don't know camlp4's bastardization of MBE. It probably doesn't know how to identify b as a single terminator for an ellipsised nonterminal.
[Fri Jun  6 14:08:17 2014] <alkabetz> I also tried [Notation "[ a ; .. ; b ; c ]" := (cons a .. (cons b (singleton c)) .. ).], which Coq allows but it doesn’t parse correctly.
[Fri Jun  6 14:09:50 2014] <ianjneu> did you try putting it on both high and low priorities for precedence? Maybe that has something to do with it.
[Fri Jun  6 14:11:14 2014] <alkabetz> I get the same error at level 0 and level 200.
[Fri Jun  6 14:15:17 2014] <ianjneu> :/
[Fri Jun  6 16:02:32 2014] <alkabetz> How can I get a list of currently-open notation scopes?
[Sat Jun  7 14:27:13 2014] <jrw> I have some notation defined for record updates. if I deeply nest this notation coqtop takes quite a while to process. see http://lpaste.net/105241 . does anyone have any ideas about why this is happenning?
[Sat Jun  7 14:27:54 2014] <jrw> as an interesting side note, scaling up n from 7 to 10 causes coqtop to start swapping on a machine with 8gb ram... :D
[Sat Jun  7 15:21:53 2014] <Cale> jrw: Without thinking too hard about it, my first guess is that the types of intermediate terms are very large.
[Sat Jun  7 15:22:25 2014] <jrw> Cale: the *types* of the terms are large? all the intermediate terms should have type foo...
[Sat Jun  7 15:24:10 2014] <Cale> jrw: hmm, it does appear that way
[Sat Jun  7 15:24:54 2014] <Cale> Either foo or nat or some function type like foo -> nat anyway
[Sat Jun  7 15:30:26 2014] <Cale> jrw: It takes a similarly long time when nested the other way (inverting the order of the 'with')
[Sat Jun  7 15:31:23 2014] <Cale> oh, turn off notation display and try printing func
[Sat Jun  7 15:31:43 2014] <Cale> That will explain everything :D
[Sat Jun  7 15:32:47 2014] <jrw> haha, wow. such duplication. many term.
[Sat Jun  7 15:33:12 2014] <Cale> jrw: Of course, it's somewhat to be expected, as 'a' occurs many times on the right hand side of your notation.
[Sat Jun  7 15:33:51 2014] <jrw> cool. I can probably force sharing using a let or something
[Sat Jun  7 15:34:15 2014] <Cale> It would likely be better to define functions for setting each of the fields, and then define the notations to be applications of those functions
[Sat Jun  7 15:36:59 2014] <jrw> that's probably true. thanks for your help, Cale.
[Sat Jun  7 15:37:52 2014] <Cale> No problem
[Sat Jun  7 18:08:32 2014] <eizo> how can i define transform_set in the following? http://pastie.org/9269276
[Sat Jun  7 18:12:03 2014] <jrw> eizo: can you say more about what you want it to mean?
[Sat Jun  7 18:13:21 2014] <eizo> jrw: yes, you're given some a's, and by applying the hypothesis, you know for every a, there is b with Pred a b, so you can contruct that way a bunch of b's (i want these ones)
[Sat Jun  7 18:15:06 2014] <eizo> i should start by defining a function A -> B, which given an a, construct the corresponding B
[Sat Jun  7 18:15:19 2014] <jrw> that sounds like a good start
[Sat Jun  7 18:17:11 2014] <eizo> jrw: http://pastie.org/9269298 why can't i destruct (transform a) here?
[Sat Jun  7 18:19:43 2014] <jrw> eizo: good question.
[Sat Jun  7 18:21:00 2014] <jrw> I guess you're trying to use a Prop (the exists...) to define something that is computationally relevant
[Sat Jun  7 18:21:12 2014] <jrw> why not change transform to be of type A -> B?
[Sat Jun  7 18:21:32 2014] <jrw> and then include an extra hypothesis that says forall a, Pred a (transform a)
[Sat Jun  7 18:21:54 2014] <eizo> jrw: in my real file 'transform' is a theorem
[Sat Jun  7 18:21:57 2014] <eizo> hm
[Sat Jun  7 18:22:37 2014] <jrw> eizo: implement the proof of the theorem as a program of type A -> B
[Sat Jun  7 18:23:35 2014] <eizo> i'll try the first idea thanks
[Sat Jun  7 20:38:54 2014] <tswett_> Hey, I was wondering if there's a simple way to describe how the induction functions are generated from inductive definitions.
[Sun Jun  8 01:08:13 2014] <johnw> how can I get coq-SearchAbout in Proof General to search terms from other files that I've required (and perhaps transitively required)?
[Sun Jun  8 01:27:12 2014] <johnw> for example, Foo Require's Bar, but when I am working in Foo, C-c C-a C-a only matches against theorems in Foo, and not from Bar
[Sun Jun  8 09:30:19 2014] <roosbeef> is xor available in coq?
[Sun Jun  8 09:43:34 2014] <Athas> Is it alright to ask Proof General questions in here?  I want to prevent it from ever making new Emacs frames.
[Sun Jun  8 10:18:46 2014] <rmk0> Athas: best to just ask...
[Sun Jun  8 10:18:55 2014] <rmk0> (i don't use proof general)
[Sun Jun  8 10:19:59 2014] <ianjneu> I use it very superficially.
[Sun Jun  8 12:22:00 2014] <Athas> Does the standard library predefine simple algebraic laws for natural numbers (like commutativity, the distributive law, etc)?
[Sun Jun  8 12:22:24 2014] <Athas> I'm using the 'nat' type.
[Sun Jun  8 12:25:29 2014] <eizo> Athas: http://coq.inria.fr/V8.1/stdlib/Coq.Arith.Plus.html
[Sun Jun  8 12:25:55 2014] <eizo> http://coq.inria.fr/V8.1/stdlib/Coq.Arith.Mult.html
[Sun Jun  8 12:27:48 2014] <Athas> Nice, thanks.
[Sun Jun  8 18:49:26 2014] <dreams> What is a good book on denotational semantics? (That uses lambda or typed lambda)
[Sun Jun  8 19:01:13 2014] <ianjneu> denotational semantics is dead.
[Sun Jun  8 19:01:22 2014] <Hodapp> I read that as "demotivational semantics".
[Sun Jun  8 19:02:39 2014] <ianjneu> I mean that in terms of its usefulness. Denotational semantics stagnated until Abramsky came up with game semantics, which have been superceded by the more intuitive construction of Kripke logical relations and operational semantics.
[Sun Jun  8 19:03:26 2014] <ianjneu> Perhaps Appel's new book on program logics is a place to look.
[Sun Jun  8 19:03:42 2014] <ianjneu> I haven't read it myself, but I know the general gist of the work.
[Sun Jun  8 19:05:40 2014] <dreams> ianjneu: reading papers on FP, gives the insight that denotational semantics are still widely used.
[Sun Jun  8 19:07:14 2014] <ianjneu> dreams: outside Haskell?
[Sun Jun  8 19:07:35 2014] <dreams> ianjneu: nope.
[Sun Jun  8 19:07:50 2014] <dreams> ianjneu: I am talking about papers from the 90s.
[Sun Jun  8 19:08:06 2014] <ianjneu> I'm talking about the last 5-10 years.
[Sun Jun  8 19:08:13 2014] <dreams> sorry I meant *were* widely used. not still.
[Sun Jun  8 19:09:27 2014] <dreams> ianjneu: well, the 90s papers for Haskell are golden for me, and so I am trying to break into denotational semantics (coming from operational semantics background). If there is a good read, please guide.
[Sun Jun  8 19:09:36 2014] <ianjneu> Ya, a problem with PL papers is that they often present toys that use weak proof techniques, then promise the world that it must be able to scale to more features like effects. That ends up not happening.
[Sun Jun  8 19:10:14 2014] <ianjneu> Gunter is what people in my lab point to.
[Sun Jun  8 19:10:34 2014] <ianjneu> ISBN 0-262-07143-6
[Sun Jun  8 19:10:45 2014] <ianjneu> Wiskel is another.
[Sun Jun  8 19:10:52 2014] <dreams> ianjneu: Thanks a lot.
[Sun Jun  8 19:10:54 2014] <ianjneu> ISBN 0-262-73103-7
[Sun Jun  8 19:11:16 2014] <ianjneu> See also Sampson Abramsky's dissertation.
[Sun Jun  8 19:11:52 2014] <ianjneu> Winskel has lecture notes online: http://www.cl.cam.ac.uk/~gw104/dens.pdf
[Sun Jun  8 19:12:55 2014] <dreams> ianjneu: Great, I will check them out. Any thoughts on the "The Scott-Strachey Approach to Programming Language Theory" book?
[Sun Jun  8 19:13:58 2014] <ianjneu> I haven't read that book. I think Strachey started doing work in environmental bisimulations, but I might be mistaken.
[Sun Jun  8 19:14:16 2014] <ianjneu> Scott on semantics is old-hat. Love the guy, but he's done.
[Sun Jun  8 19:15:57 2014] <dreams> Ah. I heard its out-dated. Though I never didn't know that denotational semantics are dead. I am surprised.
[Sun Jun  8 19:17:26 2014] <dreams> ianjneu: Which kind of formal semantics are widely used now?
[Sun Jun  8 19:17:44 2014] <ianjneu> Haskellers that haven't even used denotational semantics to prove something will likely refute their demise, but for people trying to actually prove things, denotational semantics are too cumbersome and underpowered to help.
[Sun Jun  8 19:18:56 2014] <ianjneu> Derek Dreyer, Lars Birkedal (Scott's successor), Amal Ahmed et. al. have done the most impressive work on logical relations for proving program equivalences.
[Sun Jun  8 19:19:33 2014] <ianjneu> The underlying semantics are I believe small-step reduction semantics a la Felleisen.
[Sun Jun  8 19:19:50 2014] <ezyang> long live syntactic!
[Sun Jun  8 19:19:51 2014] <dreams> so natural semantics?
[Sun Jun  8 19:20:19 2014] <dreams> Ah wait you mean sos.
[Sun Jun  8 19:20:50 2014] <ianjneu> dreams: natural semantics is a mistaken term that denotes big step semantics. Big step is problematic and has been largely abandoned for small-step.
[Sun Jun  8 19:20:54 2014] <ianjneu> No, not sos.
[Sun Jun  8 19:21:22 2014] <ianjneu> Evaluation contexts reify the control structure that is implicit in sos derivations.
[Sun Jun  8 19:21:30 2014] <ianjneu> additionally in big-step.
[Sun Jun  8 19:22:44 2014] <dreams> I see.
[Sun Jun  8 19:23:09 2014] <ianjneu> "pretty-big step" is a new technique that is essentially a compiled form of small-step semantics. Many small steps that are bounded by the depth of a term are glommed into one, to make reasoning a bit less symbol-churning.
[Sun Jun  8 23:13:19 2014] <ski> ianjneu : "parallel" steps or what ?
[Sun Jun  8 23:14:21 2014] <ski> hm, i suppose not. i suppose they would be successive steps on some path ..
[Mon Jun  9 00:01:15 2014] <johnw> in Emacs, does anyone know how to search for theorems in any required file, and not just the current one?
[Mon Jun  9 00:45:28 2014] <jrw> johnw: in my experience SearchAbout does something like that. but I usually "Require Import" instead of just "Require"...
[Mon Jun  9 00:45:44 2014] <johnw> I'm specifically working with Software Foundations
[Mon Jun  9 00:45:53 2014] <johnw> I go to Prop.v and evaluate to a certain point
[Mon Jun  9 00:46:01 2014] <johnw> then I search for a term when I know was in List.v
[Mon Jun  9 00:46:07 2014] <johnw> but I have no way of finding it without grep at the console
[Mon Jun  9 05:42:19 2014] <roosbeef> hy
[Mon Jun  9 05:43:04 2014] <roosbeef> suppose we have an Inductive R
[Mon Jun  9 05:43:23 2014] <roosbeef> which says something like case : forall y, some_property y
[Mon Jun  9 05:43:50 2014] <roosbeef> :p
[Mon Jun  9 05:44:10 2014] <roosbeef> wait let me be a bit more clear on that description
[Mon Jun  9 05:48:44 2014] <roosbeef> ok
[Mon Jun  9 05:48:53 2014] <roosbeef> ive got this https://privatepaste.com/35b64e2c8c
[Mon Jun  9 05:49:07 2014] <roosbeef> basically, the thing to prove is what the inductively defined assumption states
[Mon Jun  9 05:49:08 2014] <roosbeef> but
[Mon Jun  9 05:49:15 2014] <roosbeef> when i do inversion on that assumption
[Mon Jun  9 05:49:27 2014] <roosbeef> the universal quantifiers become disconnected
[Mon Jun  9 05:49:36 2014] <roosbeef> how can i make it so that they match?
[Mon Jun  9 07:03:14 2014] <roosbeef> got it :)
[Mon Jun  9 07:04:04 2014] <roosbeef> brackets in the inductive definitions were too narrow
[Mon Jun  9 13:03:56 2014] <watermind> bit of a (probably easy) theoretical question
[Mon Jun  9 13:04:44 2014] <watermind> I understand how indexed sums generalise binary products to the dependent case
[Mon Jun  9 13:05:16 2014] <watermind> likewise I for indexed products and dependent functions
[Mon Jun  9 13:06:10 2014] <watermind> now I was reading that implication is a particular case of quantification where variables aren't used
[Mon Jun  9 13:07:36 2014] <watermind> but that I'm having more trouble making sense of
[Mon Jun  9 13:09:12 2014] <watermind> is there some set theoretical interpretation that helps clarify the meaning
[Mon Jun  9 13:09:32 2014] <watermind> with implication denoting functions between sets
[Mon Jun  9 13:09:41 2014] <watermind> or will this lead me nowhere?
[Mon Jun  9 13:11:04 2014] <watermind> i.e. I understand that from a logical perspective  forall _ : I . B is true as long as there is a witness for I, any witness
[Mon Jun  9 13:11:26 2014] <watermind> and therefore if we prove I, then B is a consequence
[Mon Jun  9 15:25:06 2014] <inf-groupoid> Is there any infix notation for "andb x y" ?
[Mon Jun  9 15:26:31 2014] <jrw> inf-groupoid: &&
[Mon Jun  9 15:26:53 2014] <jrw> probably will want to say "Open Scope bool." somewhere before you want to use it
[Mon Jun  9 15:30:40 2014] <inf-groupoid> Ah!
[Mon Jun  9 15:30:43 2014] <inf-groupoid> Thanks!
[Mon Jun  9 19:13:53 2014] <pyon> Is there any tactic that attempts to apply each the available hypothesis exactly once, in all possible orders?
[Mon Jun  9 19:45:51 2014] <pyon> I have a goal of the form "A -> B". "A" has no constructors. How do I say "from A follows anything"?
[Mon Jun  9 19:46:26 2014] <jrw> pyon: one way would be "intros H_a. inversion H_a."
[Mon Jun  9 19:47:04 2014] <pyon> Ah, thanks!
[Mon Jun  9 20:09:19 2014] <pyon> How do I apply a hypothesis to another hypothesis to get a new hypothesis?
[Mon Jun  9 20:11:05 2014] <jrw> pyon: "apply H1 in H2" ?
[Mon Jun  9 20:11:22 2014] <pyon> Ah!
[Mon Jun  9 23:03:31 2014] <pyon> http://i.imgur.com/9nlGPaW.png -- In this Coq session, given "H : level (S n) (Succ t)", I would like to derive "level n t", by pattern-matching on H. How do I do this?
[Mon Jun  9 23:26:25 2014] <jrw> pyon: "inversion H." ?
[Mon Jun  9 23:26:39 2014] <jrw> in general if you post your stuff in plain text people will have an easier time looking at it/playing with it
[Mon Jun  9 23:28:06 2014] <pyon> Ah! Thanks!
[Tue Jun 10 01:16:04 2014] <cjenkin2> So is CoqIDE not smart enough to know that if I say "Definition mytypealias := othertype." that "mytypealias" is an inductive type is "othertype" is?
[Tue Jun 10 01:16:23 2014] <cjenkin2> *jf "othertype" is
[Tue Jun 10 01:16:31 2014] <cjenkin2> Wow, *if
[Tue Jun 10 02:34:18 2014] <Cale> cjenkin1: I'm not sure what you mean by that... you may have to unfold the definition.
[Tue Jun 10 07:54:22 2014] <roosbeef> how do i pick the left element of a pair?
[Tue Jun 10 07:54:32 2014] <roosbeef> eg. pair : nat * nat
[Tue Jun 10 07:54:35 2014] <roosbeef> how would i get the first number?
[Tue Jun 10 08:01:20 2014] <roosbeef> got it
[Tue Jun 10 08:01:22 2014] <roosbeef> fst and snd, thanks :)
[Tue Jun 10 08:12:48 2014] <schoppenhauer> hello. I need to proof something about a list of lists. The induction would go along the "maximum length of a list in this list".
[Tue Jun 10 08:13:04 2014] <schoppenhauer> However, I don't quite understand how to use induction measures.
[Tue Jun 10 08:13:17 2014] <schoppenhauer> I can prove that in every step the maximum length gets smaller.
[Tue Jun 10 08:13:32 2014] <schoppenhauer> but how can I use this to make coq accept it?
[Tue Jun 10 08:14:07 2014] <schoppenhauer> except for using a refinement on a fixpoint on n, and a dependent argument (n = maxlen l)
[Tue Jun 10 08:14:18 2014] <schoppenhauer> which is possible, but not ... beautiful.
[Tue Jun 10 08:14:55 2014] <ianjneu> schoppenhauer: I'll need more specificity to help.
[Tue Jun 10 08:16:39 2014] <ianjneu> also, give up on beautiful in Coq.
[Tue Jun 10 08:22:28 2014] <schoppenhauer> ianjneu: well, I can do a recursion.
[Tue Jun 10 08:22:41 2014] <schoppenhauer> ianjneu: and the recursive calls use lists of lists as well.
[Tue Jun 10 08:23:27 2014] <schoppenhauer> ianjneu: the only thing I know is that the maximum length will be strictly smaller in every step.
[Tue Jun 10 08:35:41 2014] <schoppenhauer> ok, I'll do it the ugly way
[Tue Jun 10 08:51:23 2014] <jabesed> so I was reading "certified prog. with dep. types" and got to the section on inductive type and their restricitions
[Tue Jun 10 08:51:58 2014] <jabesed> where it explains the positivity requirement in constructor's arguments
[Tue Jun 10 08:52:17 2014] <jabesed> to understand why that is so, they give this example
[Tue Jun 10 08:52:20 2014] <jabesed> http://lpaste.net/105390
[Tue Jun 10 09:11:47 2014] <shouya> hello, i'm new to coq and just encountered a problem while following a tutorial to implement the 'nat' Set.
[Tue Jun 10 09:12:21 2014] <shouya> in the tutorial the 'fixpoint plus' was defined as:
[Tue Jun 10 09:13:04 2014] <shouya> Fixpoint plus(a b: nat): nat :=
[Tue Jun 10 09:13:04 2014] <shouya>   match a with
[Tue Jun 10 09:13:04 2014] <shouya>     | O => b
[Tue Jun 10 09:13:04 2014] <shouya>     | (S a') => S (plus a' b)
[Tue Jun 10 09:13:04 2014] <shouya>   end.
[Tue Jun 10 09:14:41 2014] <shouya> The theorem to prove 'forall n. (plus 0 n)' is by "induction n as [|n'], auto. simpl, rewrite inHn'. auto."
[Tue Jun 10 09:15:02 2014] <shouya> While i tried to define plus in another way: (S a') => (plus a' (S b))
[Tue Jun 10 09:15:34 2014] <shouya> And i was stuck in the proof of the theorem.
[Tue Jun 10 09:16:02 2014] <shouya> is there any hints? or suggestions?
[Tue Jun 10 09:18:12 2014] <roosbeef> is there a lemma to infer from a relation's well-foundedness that it must be irreflexive?
[Tue Jun 10 09:18:45 2014] <roosbeef> shouya, where did you get stuck?
[Tue Jun 10 09:19:06 2014] <shouya> i just don't know how to go on after induction and auto.
[Tue Jun 10 09:19:16 2014] <shouya> 1 subgoals
[Tue Jun 10 09:19:16 2014] <shouya> n' : nat
[Tue Jun 10 09:19:16 2014] <shouya> IHn' : plus n' O = n'
[Tue Jun 10 09:19:16 2014] <shouya> ______________________________________(1/1)
[Tue Jun 10 09:19:16 2014] <shouya> plus (S n') O = S n'
[Tue Jun 10 09:19:18 2014] <shouya> i got this.
[Tue Jun 10 09:19:29 2014] <roosbeef> f_equal.
[Tue Jun 10 09:19:36 2014] <roosbeef> assumption.
[Tue Jun 10 09:20:05 2014] <roosbeef> Print f_equal.
[Tue Jun 10 09:20:11 2014] <roosbeef> if you want to know why that works
[Tue Jun 10 09:20:24 2014] <shouya> roosbeef: i yet haven't learned that...
[Tue Jun 10 09:20:39 2014] <roosbeef> haha well thats what i would do :p
[Tue Jun 10 09:20:45 2014] <shouya> i'm completely new :p
[Tue Jun 10 09:20:48 2014] <roosbeef> welcome :)
[Tue Jun 10 09:21:05 2014] <shouya> roosbeef: okay perhaps i'd continue following the guide :)
[Tue Jun 10 09:21:34 2014] <roosbeef> haha yea i guess they probably want you to do something else
[Tue Jun 10 09:21:52 2014] <roosbeef> to be honest my skills with induction are a bit poor
[Tue Jun 10 09:21:53 2014] <shouya> yep but i am too a noob..
[Tue Jun 10 09:22:20 2014] <shouya> i just touch this thing and start to feel a little bit amazed.
[Tue Jun 10 09:22:23 2014] <roosbeef> ive been at it for a while now but still a novice, doing my thesis on term rewriting systems
[Tue Jun 10 09:22:34 2014] <roosbeef> haha its pretty cool right?
[Tue Jun 10 09:22:42 2014] <shouya> roosbeef: really cool.
[Tue Jun 10 09:23:21 2014] <shouya> i started to imagine one day i can proof all the abstract algebra i learned with coq after i got started with it :p
[Tue Jun 10 09:24:14 2014] <shouya> actually i am following this guide: http://kevinjsullivan.org/Courses/Reasoning/L04_Ad_Infinitum.html
[Tue Jun 10 09:24:54 2014] <shouya> however it's not easy to find a novice-friendly tutorial to coq.
[Tue Jun 10 09:25:07 2014] <Cypi> shouya : what you could do is prove "forall n m, plus n (S m) = S (plus n m)" beforehand, and then use this to conclude.
[Tue Jun 10 09:25:53 2014] <shouya> Cypi: wow i was just wondering something like that !!
[Tue Jun 10 09:26:25 2014] <shouya> Cypi: cool! thanks. i'd have a try.
[Tue Jun 10 09:48:42 2014] <eizo> shouya: what are you trying to prove?
[Tue Jun 10 09:48:58 2014] <shouya> forall n m, plus n (S m) = S (plus n m)
[Tue Jun 10 09:49:00 2014] <shouya> currently.
[Tue Jun 10 09:49:39 2014] <eizo> for which definition of "plus"? S a' => plus a' (S b)?
[Tue Jun 10 09:50:12 2014] <shouya> yup. this one.
[Tue Jun 10 09:50:32 2014] <shouya> |O => b
[Tue Jun 10 09:50:32 2014] <shouya> |(S a') => (plus a' (S b))
[Tue Jun 10 09:52:44 2014] <eizo> shouya: i just tried it it's a direct application of the induction hypothesis
[Tue Jun 10 09:53:28 2014] <shouya> what do you mean by 'direct'?
[Tue Jun 10 09:54:03 2014] <ianjneu> apply IH
[Tue Jun 10 09:54:25 2014] <shouya> hum.. wait.
[Tue Jun 10 09:55:11 2014] <shouya> to be more detailed?
[Tue Jun 10 09:55:26 2014] <shouya> ianjneu: or simple show the code?
[Tue Jun 10 09:56:03 2014] <roosbeef> for two relations R1 R2, both of which are defined inductively, im trying to prove the following: well_founded R1 -> well_founded R2
[Tue Jun 10 09:56:17 2014] <roosbeef> how can i 'unfold' R1 and R2? R2 is actually a special case of R1
[Tue Jun 10 09:56:51 2014] <eizo> shouya: http://pastebin.com/aJjZPhEP
[Tue Jun 10 09:57:48 2014] <ianjneu> shouya: induction n; intros; [|simpl;rewrite IHn];reflexivity.
[Tue Jun 10 09:58:17 2014] <shouya> i'm trying to understand it :p
[Tue Jun 10 09:58:52 2014] <eizo> try to understand each step when executing the proof i pasted
[Tue Jun 10 09:58:53 2014] <ianjneu> roosbeef: By "unfold" I'm guessing your relations aren't definitions but rather things that don't have a reduction rule to expose their bodies?
[Tue Jun 10 09:59:07 2014] <roosbeef> whats a reduction rule?
[Tue Jun 10 09:59:21 2014] <ianjneu> roosbeef: delta beta iota zeta
[Tue Jun 10 09:59:30 2014] <eizo> roosbeef: have you tried inversion?
[Tue Jun 10 10:00:19 2014] <roosbeef> i have tried inversion
[Tue Jun 10 10:00:35 2014] <roosbeef> but then coq tries to apply that to well_founded i think
[Tue Jun 10 10:00:48 2014] <roosbeef> wait let me put it on a pastebin, easier to explain
[Tue Jun 10 10:02:10 2014] <roosbeef> https://privatepaste.com/b0f96b135d
[Tue Jun 10 10:02:19 2014] <shouya> ianjneu: eizo: ooh it's so obvious...
[Tue Jun 10 10:02:35 2014] <roosbeef> (note: ive implemented Multiset using list fletter)
[Tue Jun 10 10:03:01 2014] <ianjneu> roosbeef: It's easier when what you paste actually works.
[Tue Jun 10 10:03:02 2014] <shouya> ianjneu: eizo: thanks. btw a stupid question: how to use previously proved theorem in another proof?
[Tue Jun 10 10:03:39 2014] <roosbeef> ianjneu, that would require you to install CoLoR..
[Tue Jun 10 10:03:40 2014] <ianjneu> shouya: refer to it by name the same way you refer to hypotheses.
[Tue Jun 10 10:03:48 2014] <ianjneu> roosbeef: Blech, okay.
[Tue Jun 10 10:04:05 2014] <shouya> ianjneu: alright, thanks :)
[Tue Jun 10 10:04:49 2014] <ianjneu> roosbeef: I'm not sure how to help. Too much unknown context.
[Tue Jun 10 10:05:00 2014] <roosbeef> hm..
[Tue Jun 10 10:05:04 2014] <roosbeef> well
[Tue Jun 10 10:05:11 2014] <roosbeef> if i can somehow expose the bodies of R1 and R2
[Tue Jun 10 10:05:23 2014] <roosbeef> that would allow me to point out to coq that they are in fact the same
[Tue Jun 10 10:05:55 2014] <roosbeef> (as you can see, when Z = nil they are equivalent)
[Tue Jun 10 10:06:26 2014] <roosbeef> (fl_is_in_fs and in are also equivalent)
[Tue Jun 10 10:07:09 2014] <roosbeef> hm i need to add transp somewhere but hopefully it got the point accross..
[Tue Jun 10 10:08:03 2014] <roosbeef> MSOrd.gtA is MultisetGT (transp fl_Lt), and >A is (transp fl_Lt)
[Tue Jun 10 10:08:20 2014] <roosbeef> ianjneu, haha sorry i only realize now that there is indeed a lot of context missing :p
[Tue Jun 10 10:08:40 2014] <roosbeef> should i fix the paste so it has all information?
[Tue Jun 10 10:09:00 2014] <ianjneu> I still wouldn't be able to step through it without CoLoR
[Tue Jun 10 10:09:12 2014] <roosbeef> there isnt much to step through though..
[Tue Jun 10 10:09:19 2014] <roosbeef> coq wont unfold anything
[Tue Jun 10 10:10:06 2014] <roosbeef> Error: The type of H is not inductive.
[Tue Jun 10 10:11:11 2014] <ianjneu> installing CoLoR
[Tue Jun 10 10:11:16 2014] <roosbeef> haha :P
[Tue Jun 10 10:14:54 2014] <pyon> Is there any type of numbers that can be actually used in practice for computing results, rather than merely prove stuff by induction on the natural numbers?
[Tue Jun 10 10:15:35 2014] <pyon> (i.e., not Peano naturals)
[Tue Jun 10 10:23:21 2014] <ystael> pyon: see Coq.ZArith in the standard library
[Tue Jun 10 10:35:33 2014] <pyon> ystael: Ah! :-)
[Tue Jun 10 10:39:44 2014] <pyon> Are there any facilities for "tweaking a definition" within a section/module/whatever?
[Tue Jun 10 10:40:18 2014] <pyon> I am solving exercises from TaPL, and some of them are of the form "Would theorem Foo still hold if we added/removed one rule to/from Bar?"
[Tue Jun 10 11:16:51 2014] <ystael> pyon: No, in general you cannot redefine existing types or theorems; you must restate the definition with the changes you want and give it a new name.
[Tue Jun 10 11:17:21 2014] <pyon> Ah, well, I guess I have to live with that.
[Tue Jun 10 11:50:15 2014] <roosbeef> whats a typical approach in proving well_foundedness
[Tue Jun 10 11:50:21 2014] <roosbeef> somehow i always get stuck at this
[Tue Jun 10 11:56:49 2014] <roosbeef> both > and < are well_founded right? (on natural numbers)
[Tue Jun 10 11:58:15 2014] <ski> no¸ only `<'
[Tue Jun 10 11:58:56 2014] <roosbeef> hm
[Tue Jun 10 11:59:42 2014] <roosbeef> ah yea, that makes sense i guess :p
[Tue Jun 10 13:37:20 2014] <pyon> I am stuck in the middle of this proof. Could anyone point me in the right direction? -- https://gist.github.com/eduardoleon/ee5dd1ead90e5896de19 (By the way, I did understand the proof from the book, I just... have no idea how to enter it in Coq.)
[Tue Jun 10 14:02:09 2014] <ianjneu> pyon: commented.
[Tue Jun 10 14:08:26 2014] <jrw> pyon: you need to generalize your induction hypothesis by not introducing t2 until after you say "induction". then you should be able to push the proof through, just a few more cases left after what you had.
[Tue Jun 10 14:11:26 2014] <pyon> jrw: Ah!
[Tue Jun 10 14:11:43 2014] <pyon> ianjneu: Checking out.
[Tue Jun 10 14:13:11 2014] <pyon> jrw: ianjneu: Thanks, you two :-)
[Tue Jun 10 14:15:21 2014] <jrw> np
[Tue Jun 10 14:27:07 2014] <pyon> jrw: So, in general, if a function (theorem) has multiple arguments (premises), the order of the premises matters, even if there is no dependency between them, right?
[Tue Jun 10 14:29:22 2014] <jrw> pyon: yes and it's even worse than that. it matters how soon you intro them (before vs after saying "induction")
[Tue Jun 10 14:51:41 2014] <pyon> It would be nice if function arguments were arranged in a partial order, with only dependent arguments coming after their dependencies.
[Tue Jun 10 14:53:16 2014] <ianjneu> pyon: how would you call them? (consider a function that takes two natural numbers)
[Tue Jun 10 14:54:51 2014] <pyon> dunno, perhaps something like OCaml's labelled arguments?
[Tue Jun 10 14:56:44 2014] <ianjneu> Not a bad idea. Positional constructions are a big fucking mess for refactoring.
[Tue Jun 10 16:36:48 2014] <pyon> If my goal is "f x = f y", where f is an injective function (more specifically, a constructor), what tactic do I use to get "x = y" as the new goal?
[Tue Jun 10 16:38:03 2014] <ianjneu> apply the proof of injectivity.
[Tue Jun 10 16:38:17 2014] <ianjneu> pyon: ^
[Tue Jun 10 16:38:39 2014] <ianjneu> or f_equal
[Tue Jun 10 16:39:02 2014] <ianjneu> f_equal is actually the right tactic here.
[Tue Jun 10 16:39:13 2014] <johnw> doesn't one usually prove a = b -> f a = f b?
[Tue Jun 10 16:39:36 2014] <pyon> Ah.
[Tue Jun 10 16:39:47 2014] <ianjneu> johnw: that is functoriality of identity, which always holds.
[Tue Jun 10 16:39:51 2014] <johnw> ah, o
[Tue Jun 10 16:40:16 2014] <ianjneu> It's also known as "the rule of Leibniz" for what defines a function.
[Tue Jun 10 16:40:40 2014] <ianjneu> Gottlieb was the man.
[Tue Jun 10 16:40:43 2014] <johnw> congruence?
[Tue Jun 10 16:40:53 2014] <johnw> I use "cong" in Agda for that situation
[Tue Jun 10 16:41:15 2014] <pyon> TIL f_equal. YIL injection. :-P
[Tue Jun 10 16:41:17 2014] <ianjneu> congruence is more general to equivalence relations.
[Tue Jun 10 16:42:08 2014] <ianjneu> pyon: f_equal is a built-in tactic for applying johnw's proposition to any arity of function.
[Tue Jun 10 16:42:51 2014] <ianjneu> well, not built-in, but needs to use raw Ocaml and the plugin framework to generalize to any arity.
[Tue Jun 10 16:44:27 2014] <pyon> Ah!
[Tue Jun 10 16:46:58 2014] <ianjneu> pyon: is your name supposed to be the Japanese onomatopoeia for hop?
[Tue Jun 10 16:48:45 2014] <pyon> yea
[Tue Jun 10 16:50:19 2014] <pyon> Mmm, while proofs can be stepped over, it is hard to tell what they mean without stepping over them.
[Tue Jun 10 16:53:40 2014] <ianjneu> tactics are an inside-out way to write proofs, whereas Agda's "hole based" way is outside in. Inside out has a hidden shell around each goal, effectively. Neither give both ways to view proof. I share your frustration.
[Tue Jun 10 16:57:42 2014] <pyon> If my current goal matches (the type of) an existing lemma, what tactic do I use?
[Tue Jun 10 16:57:55 2014] <alkabetz> Is the lemma in your context already?
[Tue Jun 10 16:58:08 2014] <alkabetz> Or is it somewhere else in your code?
[Tue Jun 10 16:58:10 2014] <pyon> It is not amongst the hypotheses, if that is what you mean.
[Tue Jun 10 16:58:32 2014] <pyon> It is immediately above the theorem I am trying to prove.
[Tue Jun 10 16:58:37 2014] <alkabetz> Okay.  So you want 'exact lemma_name', I think.
[Tue Jun 10 16:59:04 2014] <alkabetz> (If it were amongst your hypotheses, you’d use 'assumption'.)
[Tue Jun 10 16:59:38 2014] <pyon> Ah!
[Tue Jun 10 16:59:40 2014] <pyon> Thanks!
[Tue Jun 10 16:59:58 2014] <alkabetz> You’re welcome!
[Tue Jun 10 17:00:19 2014] <alkabetz> As an aside, if you find yourself typing 'exact my_lemma' a lot, you should consider adding it as a hint.
[Tue Jun 10 17:02:55 2014] <pyon> Ah!
[Tue Jun 10 17:07:20 2014] <ianjneu> pyon: more precisely, Hint Immediate my_lemma.
[Tue Jun 10 17:10:58 2014] <pyon> What if I find myself using the same tactic a lot? :-O
[Tue Jun 10 17:11:06 2014] <pyon> Or, rather, the same sequence of tactics.
[Tue Jun 10 17:11:19 2014] <Anarchos> pyon gyang
[Tue Jun 10 17:11:46 2014] <pyon> hehe
[Tue Jun 10 17:11:49 2014] <alkabetz> pyon: You can define your own tactics: e.g., [Ltac my_tac := tac1; tac2; tac3.]
[Tue Jun 10 17:13:48 2014] <pyon> Does this work even if the intermediate tactics use hypotheses introduced by the preceding ones?
[Tue Jun 10 17:13:57 2014] <alkabetz> Yes.
[Tue Jun 10 17:13:58 2014] <pyon> I am going to post an example.
[Tue Jun 10 17:14:05 2014] <alkabetz> Ltac is effectively a macro language.
[Tue Jun 10 17:14:34 2014] <pyon> Ah!
[Tue Jun 10 17:30:05 2014] <pyon> In this script, how would I make a Ltac macro for lines 18 and 19? -- https://gist.github.com/eduardoleon/f4be9c6ad4993c09f265
[Tue Jun 10 17:32:59 2014] <alkabetz> Just syntactically, you could do [Ltac foo new old := rewrite <- new in old; inversion old.]
[Tue Jun 10 17:33:07 2014] <pyon> Ah!
[Tue Jun 10 17:33:32 2014] <pyon> The inversion tactic is nice... but there really ought to be some way to make it not pollute the hypotheses with lots of equal things.
[Tue Jun 10 17:36:15 2014] <Cypi> inversion foo; subst. usually does the job
[Tue Jun 10 17:36:17 2014] <alkabetz> I mean, sometimes you need those equal things.
[Tue Jun 10 17:36:46 2014] <alkabetz> But ==Cypi
[Tue Jun 10 17:37:25 2014] <pyon> Ah!
[Tue Jun 10 17:39:18 2014] <alkabetz> pyon: You should scan through http://coq.inria.fr/refman/Reference-Manual011.html when you have a chance, just so you know what kinds of wacky stuff you can do in Ltac.
[Tue Jun 10 17:40:16 2014] <pyon> Ah!
[Tue Jun 10 18:04:46 2014] <pyon> In general, single-tactic proofs (a single tactic may be a "compound" one: "foo; bar; baz; ...") are "nicer" than multi-tactic proofs, right?
[Tue Jun 10 18:06:21 2014] <alkabetz> There are varying schools of thought on this. :)
[Tue Jun 10 18:07:36 2014] <pyon> :-O
[Tue Jun 10 18:44:59 2014] <pyon> Is there any way to step through proofs built using "foo ; bar" and "solve [ foo | bar ]" ?
[Tue Jun 10 23:51:01 2014] <amosr> hmm. if I define “Ltac blah := …” inside a proof, it’s visible after the proof. is there a way to make only local ltacs?
[Tue Jun 10 23:53:31 2014] <alkabetz> You can put them inside a module.  They won’t be local to the proof, but they will be local to the module.
[Tue Jun 10 23:54:45 2014] <alkabetz> (Or, at least, they’ll only be in the module’s namespace.)
[Wed Jun 11 01:35:19 2014] <johnw> what does it mean generally when my goal turns into n = S n?  What principle have I violated?
[Wed Jun 11 01:36:42 2014] <pyon> johnw: It means that some of your hypotheses better be provably insatisfiable. :-P
[Wed Jun 11 01:36:54 2014] <ddere> yeah indeed
[Wed Jun 11 01:37:07 2014] <pyon> johnw: Nothing wrong with provably insatisfiable goals per se.
[Wed Jun 11 01:37:40 2014] <ddere> yeah like it can mean that case in uninhabitable
[Wed Jun 11 01:38:17 2014] <johnw> for example: https://gist.github.com/0dc5726a7b2bfb7105ea
[Wed Jun 11 01:38:29 2014] <johnw> every approach I try, I end up with S (S n) = n, roughly speaking
[Wed Jun 11 01:38:53 2014] <ddere> that link doesnt work for me
[Wed Jun 11 01:38:55 2014] <pyon> "Whoops. We seem to have missed the gist of that gist you were looking for."
[Wed Jun 11 01:39:03 2014] <johnw> https://gist.github.com/0dc5726a7b2bfb7105ae
[Wed Jun 11 01:39:10 2014] <johnw> spell checker reversed the last two letters
[Wed Jun 11 01:39:37 2014] <pyon> oh
[Wed Jun 11 01:40:23 2014] <ddere> ah
[Wed Jun 11 01:40:25 2014] <ddere> yeah
[Wed Jun 11 01:40:37 2014] <ddere> youmight want to prove the result for two lists xs and ys first
[Wed Jun 11 01:40:40 2014] <johnw> I've been at that one for long enough that I'm ready for help :)
[Wed Jun 11 01:40:51 2014] <ddere> cos length is defined recursively on the firt arg i think
[Wed Jun 11 01:41:06 2014] <ddere> you would find it easier if you only performed induction on the first arg
[Wed Jun 11 01:41:14 2014] <johnw> aren't I already applying induction on l?
[Wed Jun 11 01:42:36 2014] <ddere> yeh but l is both the first and second arg to ++
[Wed Jun 11 01:43:10 2014] <johnw> how do I perform induction on only the first arg?
[Wed Jun 11 01:43:27 2014] <Cypi> If he's doing SF, the goal of the exercise is to not use this lemma that says "length (l1 ++ l2) = (length l1) + (length l2)"
[Wed Jun 11 01:43:43 2014] <ddere> ah i see
[Wed Jun 11 01:43:50 2014] <johnw> right
[Wed Jun 11 01:43:52 2014] <johnw> with that it would be trivial
[Wed Jun 11 01:44:03 2014] <johnw> I keep reaching for it and slapping my hand away
[Wed Jun 11 01:48:48 2014] <Cypi> What I did at this point was to prove first the reciprocal of app_length_cons, but I'm not sure if it is the intended way...
[Wed Jun 11 01:49:16 2014] <Cypi> (since it still comes back to an induction where you have both l1 and l2)
[Wed Jun 11 02:39:04 2014] <johnw> ok, what I was missing was the inverse of app_length_cons
[Wed Jun 11 02:39:24 2014] <johnw> if I have some Theorem a -> b, is there an automated way to transform it into b -> a, if the proof can remain the same?
[Wed Jun 11 02:39:41 2014] <johnw> because to change app_length_cons to app_length_cons_r, all I did was invert the proposition; I didn't have to change the proof at all.
[Wed Jun 11 03:15:56 2014] <ddere> ah i dont think so
[Wed Jun 11 03:17:10 2014] <ddere> cos generally the converse of an implication is not always true
[Wed Jun 11 03:17:29 2014] <ddere> if you have a Theorem a <-> b then you get both directions
[Wed Jun 11 03:18:21 2014] <ddere> in your case its possible that whoever defined app_length_cons as a weaker result than they could have
[Wed Jun 11 03:20:28 2014] <ddere> "johnw: ok, what I was missing was the inverse of app_length_cons" <- isnt that what Cypi said?
[Wed Jun 11 03:26:58 2014] <amosr> what would you call a tactic that looks for contradictory hypotheses like “n <> n” ?
[Wed Jun 11 03:27:39 2014] <amosr> I think I’ll just call it bye_not_eq
[Wed Jun 11 03:29:49 2014] <johnw> ddere: yes :)
[Wed Jun 11 04:25:08 2014] <ddere> amosr: absurd?
[Wed Jun 11 05:59:57 2014] <shouya> hi, a stupid question, again :p
[Wed Jun 11 06:00:17 2014] <shouya> what tactic should i use to prove 'true = false -> true = false'.
[Wed Jun 11 06:02:51 2014] <shouya> simply i can't prove 'true = false' is false.
[Wed Jun 11 06:03:20 2014] <shouya> because 'true = false' is a Prop, while 'false' is a bool value.
[Wed Jun 11 06:05:06 2014] <schoppenhauer> how about ... "trivial"
[Wed Jun 11 06:05:58 2014] <schoppenhauer> or "intro quak. apply quak."
[Wed Jun 11 06:06:17 2014] <shouya> 'trivial' works but i want to know if i can prove it with 'simpl', 'destruct', and 'rewrite'.
[Wed Jun 11 06:06:42 2014] <schoppenhauer> "inversion" probably.
[Wed Jun 11 06:06:43 2014] <shouya> since i am following a guide till which i just learned these three tactics.
[Wed Jun 11 06:06:50 2014] <schoppenhauer> "intro Q. inversion Q."
[Wed Jun 11 06:06:57 2014] <shouya> hmm.
[Wed Jun 11 06:07:16 2014] <schoppenhauer> "intros Q. rewrite <- Q. reflexivity."
[Wed Jun 11 06:07:38 2014] <schoppenhauer> should also work.
[Wed Jun 11 06:08:04 2014] <shouya> hmm...
[Wed Jun 11 06:08:13 2014] <shouya> i'd have a try?
[Wed Jun 11 06:08:37 2014] <shouya> never thought 'true = false' can be used to rewrite goals... :p
[Wed Jun 11 06:09:20 2014] <schoppenhauer> works for me.
[Wed Jun 11 06:09:22 2014] <shouya> yup it works.
[Wed Jun 11 06:09:47 2014] <shouya> thanks, i think that's what the guide wants me to use :)
[Wed Jun 11 06:09:54 2014] <schoppenhauer> \o/
[Wed Jun 11 06:43:25 2014] <Cypi> shouya : whenever you have A = B, it really means that each time there is A somewhere, you can replace it by B (and conversely).
[Wed Jun 11 06:43:36 2014] <Cypi> The fact that A = B is false is irrelevant :p
[Wed Jun 11 06:43:41 2014] <shouya> okay~
[Wed Jun 11 06:44:05 2014] <shouya> so it doesn't mean i can derive a 'false' from 'A = B'?
[Wed Jun 11 06:45:22 2014] <Cypi> Well, if you know A = B and A <> B, then yes, you can most certainly prove False.
[Wed Jun 11 06:48:40 2014] <schoppenhauer> ... since A <> B is shorthand for A = B -> False ...
[Wed Jun 11 06:49:12 2014] <shouya> okay.
[Wed Jun 11 06:49:25 2014] <schoppenhauer> at least I hope that there is no exception.
[Wed Jun 11 06:49:34 2014] <shouya> it's a little bit weird but still fine :p
[Wed Jun 11 06:49:46 2014] <schoppenhauer> weird?
[Wed Jun 11 06:50:08 2014] <shouya> to regard 'A = B' just as a property.
[Wed Jun 11 06:50:51 2014] <shouya> as simply equality and it doesn't derive a value.
[Wed Jun 11 06:50:52 2014] <schoppenhauer> huh?
[Wed Jun 11 06:51:28 2014] <Cypi> You mean, the fact that "A = B" isn't a boolean? Like "beq_nat n m"?
[Wed Jun 11 06:51:46 2014] <shouya> yup. that's exactly what i mean.
[Wed Jun 11 06:51:59 2014] <schoppenhauer> because it is intensional.
[Wed Jun 11 06:52:39 2014] <shouya> yup.
[Wed Jun 11 06:52:50 2014] <schoppenhauer> hm. if it was a boolean ... how would you use it for rewriting?
[Wed Jun 11 06:53:00 2014] <shouya> hm. i knew but i still have to get used to that.
[Wed Jun 11 06:53:14 2014] <shouya> so i can derive 'false -> *' is false.
[Wed Jun 11 06:53:26 2014] <shouya> that's basically what i thought.
[Wed Jun 11 06:53:28 2014] <schoppenhauer> what's *?
[Wed Jun 11 06:53:37 2014] <shouya> any of true or false.
[Wed Jun 11 06:53:48 2014] <schoppenhauer> ah ok.
[Wed Jun 11 06:54:00 2014] <schoppenhauer> actually, False -> * is true.
[Wed Jun 11 06:54:08 2014] <shouya> sorry. little mistake.
[Wed Jun 11 06:54:13 2014] <shouya> i mean that.
[Wed Jun 11 06:54:53 2014] <Cypi> Yes, be careful with capitalization also: "false -> true" doesn't make sense (these are booleans), whereas "False -> True" does.
[Wed Jun 11 06:55:48 2014] <shouya> can't distinguish with them.. can't i have 'a : bool -> b : bool'?
[Wed Jun 11 06:56:02 2014] <shouya> but only 'a : Prop -> b : Prop'?
[Wed Jun 11 06:56:36 2014] <shouya> okay, it's confirmed/
[Wed Jun 11 06:56:42 2014] <Cypi> ->, by default, is meant between Prop, not between booleans.
[Wed Jun 11 06:56:59 2014] <shouya> okay :)
[Wed Jun 11 06:57:41 2014] <schoppenhauer> the intuition that every property can be assigned with a boolean comes from classical logic ...
[Wed Jun 11 06:57:58 2014] <Cypi> Also, unformally, you have "not not B -> B" for booleans (if you were to defined implication on booleans), whereas you don't have "~ ~ P -> P" in general
[Wed Jun 11 06:57:59 2014] <schoppenhauer> and many mathematicians do not understand why that might not be the ultimate truth.
[Wed Jun 11 06:58:05 2014] <Cypi> this ^
[Wed Jun 11 06:59:14 2014] <shouya> Cypi: why is the difference?
[Wed Jun 11 06:59:57 2014] <Cypi> Exactly for what schoppenhauer said.
[Wed Jun 11 07:00:14 2014] <Cypi> In classical logic, you have the fact that a property is either true or false.
[Wed Jun 11 07:00:31 2014] <Cypi> Not in constructive logic, which is Coq's logic.
[Wed Jun 11 07:00:40 2014] <shouya> hm, and?
[Wed Jun 11 07:01:03 2014] <Cypi> Actually, if you're following Software Foundations, it is explained (better than I could do it) in Logic.v
[Wed Jun 11 07:01:04 2014] <shouya> how about properties?
[Wed Jun 11 07:01:46 2014] <shouya> okay, i skipped the first chapter... :p
[Wed Jun 11 07:02:24 2014] <shouya> no. no. it's in the latter chapters.
[Wed Jun 11 07:02:47 2014] <Cypi> It's the next one for you I believe
[Wed Jun 11 07:02:51 2014] <Cypi> don't worry :p
[Wed Jun 11 07:03:22 2014] <shouya> thanks, i'll read it :)
[Wed Jun 11 07:03:46 2014] <schoppenhauer> the reason why we do not want ~ ~ P -> P in general is that we cannot give realizers of this axiom, in general.
[Wed Jun 11 07:04:26 2014] <shouya> what do you mean 'realizer'?
[Wed Jun 11 07:04:35 2014] <schoppenhauer> the canonical example of why constructivism is worthwile is the simple classical proof that "there are irrational a and b, such that a^b is rational".
[Wed Jun 11 07:04:40 2014] <shouya> and why we cannot do that?
[Wed Jun 11 07:05:01 2014] <schoppenhauer> you say: assome sqrt(2)^sqrt(2) is rational. then we are done.
[Wed Jun 11 07:05:21 2014] <shouya> schoppenhauer: good example.
[Wed Jun 11 07:05:23 2014] <schoppenhauer> assume not. then (sqrt(2)^sqrt(2))^sqrt(2)=sqrt(2)^2=2 is and we are also done.
[Wed Jun 11 07:05:33 2014] <shouya> i thought i caught that...
[Wed Jun 11 07:05:51 2014] <schoppenhauer> so we can prove that "there exist a b", but we cannot give examples for a and b.
[Wed Jun 11 07:06:05 2014] <shouya> hm.
[Wed Jun 11 07:06:45 2014] <schoppenhauer> while in constructive logic, as long as you have computational realizers of your axioms, you will always get a computational realizer of your proof.
[Wed Jun 11 07:07:41 2014] <schoppenhauer> so if you prove forall x exists y, then you get a function from the x-s to the y-s (not in coq, because "exists" is a prop, you would need to use {x | ...}, but that has other reasons)
[Wed Jun 11 07:08:35 2014] <shouya> wow. true.
[Wed Jun 11 07:09:45 2014] <shouya> i noted down what you said there :p
[Wed Jun 11 07:10:17 2014] <shouya> amazing... just expanded my outlook. i never thought so deeply.
[Wed Jun 11 07:12:12 2014] <shouya> alright thanks. i got to carry on. i'll be back when i have further questions :)
[Wed Jun 11 07:12:34 2014] <schoppenhauer> ++
[Wed Jun 11 12:22:56 2014] <pyon> I have been stuck with this problem since yesterday. Yesterday I managed to prove that the evaluation strategy of a small language with booleans and if-then-else is deterministic. Now I extended this language with natural numbers, and want to prove that the evaluation strategy of this language is still deterministic. https://gist.github.com/eduardoleon/593666acc0ca56c1a85d
[Wed Jun 11 12:22:56 2014] <pyon>  
[Wed Jun 11 12:27:56 2014] <pyon> Oops. Just fixed the paste -- https://gist.github.com/eduardoleon/593666acc0ca56c1a85d
[Wed Jun 11 12:27:59 2014] <pyon> But I am still stuck.
[Wed Jun 11 14:18:34 2014] <pyon> Is there a more elegant way to do what lines 40-44 do here? https://gist.github.com/eduardoleon/593666acc0ca56c1a85d
[Wed Jun 11 14:29:36 2014] <jrw> pyon: a good rule of thumb is that if you have to do inline induction, you should factor it out as a lemma
[Wed Jun 11 14:47:38 2014] <ianjneu> pyon: did you get an answer? I relocated.
[Wed Jun 11 15:03:23 2014] <pyon> jrw: Ah!
[Wed Jun 11 15:03:30 2014] <pyon> ianjneu: I got a tip.
[Wed Jun 11 15:03:39 2014] <jrw> pyon: I also commented on your gist
[Wed Jun 11 15:03:46 2014] <pyon> Oh, let me see.
[Wed Jun 11 15:15:53 2014] <pyon> How do you write such long sequences of semicolon-separated tactics?
[Wed Jun 11 15:16:04 2014] <pyon> Do you first write them separately and then try to merge them? :-O
[Wed Jun 11 15:18:24 2014] <ianjneu> pyon: that's my technique.
[Wed Jun 11 15:19:08 2014] <pyon> :-O
[Wed Jun 11 15:20:10 2014] <ianjneu> it's like when you decide to write a function for something rather than write it all over again.
[Wed Jun 11 15:23:58 2014] <shouya> excuse me for asking a so stupid.. i'm totally confused on how to prove: S n = 1 -> n = 0.
[Wed Jun 11 15:24:32 2014] <pyon> f_equal, perhaps.
[Wed Jun 11 15:24:51 2014] <shouya> what is f_equal?
[Wed Jun 11 15:24:59 2014] <shouya> i'm new to coq. sorry.
[Wed Jun 11 15:25:20 2014] <pyon> Ignore me, that does not work.
[Wed Jun 11 15:25:39 2014] <alkabetz> shouya: You want [injection] on the hypothesis that [S n = 1].
[Wed Jun 11 15:26:13 2014] <shouya> i currently only learned intro, induction, destruct, reflexivity, simpl, assert, and rewrite,
[Wed Jun 11 15:26:15 2014] <pyon> Yeah, injection H (that is what the hypotheses was called here) did the trick. :-)
[Wed Jun 11 15:26:43 2014] <shouya> can i solve it solely with these tactics i learned?
[Wed Jun 11 15:27:03 2014] <alkabetz> Hmm, let me try.
[Wed Jun 11 15:30:26 2014] <shouya> actually i am starting from proving: forall n k k' : nat, n + k = n + k' -> k = k'.
[Wed Jun 11 15:31:02 2014] <shouya> yet i'm stuck here. it looks simple but i have really no idea how to carry on :(
[Wed Jun 11 15:33:52 2014] <pyon> Given a goal "x = y", is there a tactic "apply the same injective function to both sides"?
[Wed Jun 11 15:33:58 2014] <alkabetz> I can’t do it with only those tactics.  I’m able to do it with [injection] or with [symmetry] and a theorem from the standard library.
[Wed Jun 11 15:34:26 2014] <shouya> nope? :(
[Wed Jun 11 15:34:33 2014] <shouya> maybe i'm on the wrong way?
[Wed Jun 11 15:34:49 2014] <alkabetz> shouy: It might be possible, but I’m not sure how.  Are you sure it’s possible using only those tactics?
[Wed Jun 11 15:35:00 2014] <shouya> i don't know.
[Wed Jun 11 15:35:02 2014] <alkabetz> (e.g., is this a /Software Foundations/ exercise?)
[Wed Jun 11 15:35:06 2014] <shouya> yes.
[Wed Jun 11 15:35:13 2014] <alkabetz> Which one is it?
[Wed Jun 11 15:35:35 2014] <shouya> proving mult_comm. ( http://www.cis.upenn.edu/~bcpierce/sf/current/Induction.html )
[Wed Jun 11 15:36:35 2014] <shouya> is there any pastebin-like service that support coq code highlighting? i shall show my work.
[Wed Jun 11 15:36:45 2014] <alkabetz> shouya: That exercise looks like a different theorem than the one you’ve been trying to prove.
[Wed Jun 11 15:36:56 2014] <alkabetz> shouya: http://lpaste.net/
[Wed Jun 11 15:41:15 2014] <alkabetz> pyon: I don’t think there’s a tactic for ‘apply this injective function to the equality in the goal’, because that would require you to pass the tactic a proof that the function is actually injective
[Wed Jun 11 15:41:34 2014] <alkabetz> Usually, a function’s injectivity is stated as an auxiliary lemma and then [apply]d
[Wed Jun 11 15:41:43 2014] <shouya> alkabetz: http://lpaste.net/105474 here is it.
[Wed Jun 11 15:43:23 2014] <alkabetz> pyon: Have a look at http://lpaste.net/105476
[Wed Jun 11 15:46:10 2014] <alkabetz> pyon: Have they introduced [assumption] yet?
[Wed Jun 11 15:46:16 2014] <alkabetz> Er, not pyon.
[Wed Jun 11 15:46:24 2014] <alkabetz> shouya: Have they introduced [assumption] yet?
[Wed Jun 11 15:46:40 2014] <shouya> alkabetz: nay :(
[Wed Jun 11 15:47:47 2014] <alkabetz> Okay.  ([assumption] says ‘this goal is identical to an assumption I have and therefore true’, but you can get there the same way using [rewrite] and [reflexivity])
[Wed Jun 11 15:48:27 2014] <shouya> yup. i've met this situation. and i used rewrite and reflexivity :p
[Wed Jun 11 15:49:05 2014] <johnw> I would guess there are a lot of people doing SF this week, in preparation for OPLSS
[Wed Jun 11 15:49:43 2014] <shouya> johnw: no i'm just learning for fun :p i'm just graudated from high school lol
[Wed Jun 11 15:49:49 2014] <johnw> ah, very cool!
[Wed Jun 11 15:49:56 2014] <johnw> great time to do it
[Wed Jun 11 15:50:11 2014] <shouya> johnw: i'm really enjoyin
[Wed Jun 11 15:50:12 2014] <johnw> I wish i had known about stuff like this back in high school
[Wed Jun 11 15:50:18 2014] <johnw> yeah, it's seriously addictive
[Wed Jun 11 15:50:50 2014] <shouya> true. and very immersive.
[Wed Jun 11 15:57:22 2014] <johnw> are you using proof general and prooftree?
[Wed Jun 11 15:58:35 2014] <alkabetz> shouya: Okay, I found a simpler way for you to be proving this.  You do not need to do induction on [m].
[Wed Jun 11 15:58:36 2014] <shouya> johnw: what are those?
[Wed Jun 11 15:58:49 2014] <shouya> alkabetz: how?
[Wed Jun 11 15:58:55 2014] <johnw> proof general is an interactive theorem prover for Emacs that makes working on proofs much easier
[Wed Jun 11 15:59:10 2014] <johnw> prooftree shows you a graphical representation of your proof as you work on it, so that you don't get lost in sub-goals
[Wed Jun 11 15:59:13 2014] <alkabetz> shouya: How much of a hint do you want me to give you?
[Wed Jun 11 15:59:32 2014] <shouya> on the branch to 'induction m'.
[Wed Jun 11 15:59:40 2014] <shouya> what should i do next rather than ab induction?
[Wed Jun 11 15:59:46 2014] <shouya> s/ab/an/
[Wed Jun 11 15:59:56 2014] <johnw> shouya: http://dl.dropbox.com/u/137615/Screen%20Shot%202014-06-11%20at%202.59.15%20PM.png
[Wed Jun 11 15:59:59 2014] <johnw> that's my current desktop
[Wed Jun 11 16:01:17 2014] <shouya> johnw: prooftree looks awesome XD
[Wed Jun 11 16:01:24 2014] <johnw> it's super handy
[Wed Jun 11 16:01:35 2014] <johnw> in Emacs while working on any proof, I type C-c C-d to pop up a prooftree window for that proof
[Wed Jun 11 16:01:37 2014] <alkabetz> shouya: Go back to [Case "n = S n".].  You don’t need to [simpl]; look again at the theorems above yours in SF and see if anything looks promising.
[Wed Jun 11 16:01:40 2014] <johnw> also, it updates in real time with my typing
[Wed Jun 11 16:01:52 2014] <shouya> johnw: cool, i'd have a look later. currently still using coqide.
[Wed Jun 11 16:02:14 2014] <shouya> alkabetz: thanks, i'd have a try first :)
[Wed Jun 11 16:02:44 2014] <alkabetz> I’m going to be AFK for a while, would you like me to put my solution on lpaste so you can have a look at it if you get really stuck?
[Wed Jun 11 16:05:27 2014] <shouya> alkabetz: okay :)
[Wed Jun 11 16:05:37 2014] <shouya> alkabetz: thank you very much :)
[Wed Jun 11 16:07:27 2014] <shouya> alkabetz: got it! assert (H: 0 + S n = S n). !
[Wed Jun 11 16:09:54 2014] <alkabetz> Wait, is this in your proof for [plus_uniq_r]?
[Wed Jun 11 16:11:24 2014] <shouya> alkabetz: nay. nay. i misread it.
[Wed Jun 11 16:11:32 2014] <shouya> alkabetz: ignore me.
[Wed Jun 11 16:17:09 2014] <alkabetz> shouya: Well, if you get really stuck, a complete proof script is now at http://lpaste.net/105479.  Good luck!
[Wed Jun 11 16:17:49 2014] <shouya> alkabetz: thank you :) have a good night (from my timezone)
[Wed Jun 11 16:18:39 2014] <alkabetz> Haha, I’m on -0700, so good afternoon :)
[Wed Jun 11 16:19:22 2014] <shouya> i'm on +0800, so it's 4.19 in the morning :p
[Wed Jun 11 20:32:19 2014] <ramers> sa va  pas  se  solidifier  tout  de  suite ;
[Wed Jun 11 20:32:24 2014] <ramers> sa va  pas  se  solidifier  tout  de  suite .
[Wed Jun 11 20:32:41 2014] <ramers> RESPIRE
[Wed Jun 11 20:32:49 2014] <ramers> et détache  toi  tout  seul
[Wed Jun 11 20:33:04 2014] <ramers> tres  doucement  dans cette  boue
[Wed Jun 11 20:33:22 2014] <ramers>   le  pire  à    croire  la perte  de  temps
[Wed Jun 11 20:33:59 2014] <ramers> marche  jusque  la  tu y  arrivera  encore mieu à l'entrainement .
[Wed Jun 11 20:35:19 2014] <ramers> le  tronc   de   bois   ici
[Wed Jun 11 20:35:35 2014] <ramers>  délicattement  dans la  boue
[Wed Jun 11 20:36:00 2014] <ramers> u  de  leau  à voir  à coté
[Wed Jun 11 20:36:06 2014] <ramers>   de  leau  à voir  à coté
[Wed Jun 11 20:36:19 2014] <ramers>  ont  suveile  les  pioisson
[Wed Jun 11 20:36:22 2014] <ramers>  ont  suveile  les  poisson
[Wed Jun 11 20:36:29 2014] <ramers>  ont  surveille  les  poisson
[Wed Jun 11 20:36:35 2014] <ramers>  ont  surveilles  les  poisson
[Wed Jun 11 20:36:40 2014] <ramers>  ont  surveilles  les  poissons
[Wed Jun 11 20:36:44 2014] <copumpkin> o.O
[Wed Jun 11 20:36:52 2014] <ramers>   dans  l'eau
[Wed Jun 11 20:36:58 2014] <ramers>  se  laver  de  la  boue
[Wed Jun 11 20:37:07 2014] <Cypi> Anyone can be op here?
[Wed Jun 11 20:37:08 2014] <ramers> pas  les  crocodiles
[Wed Jun 11 20:38:04 2014] <ramers>   soyez  tous  attentif  à  tout le monde .
[Wed Jun 11 20:39:31 2014] <ramers>  alerte  dans  l'eau
[Wed Jun 11 20:40:00 2014] <ramers>  crier  une  seule  fois  alerte  dans  l'eau  tanp  pis  si  personne  à  entendu .
[Wed Jun 11 20:41:02 2014] <ramers>   de la   bouffe  la  bas
[Wed Jun 11 20:41:18 2014] <ramers> parcontre les   machoire  serrer   avec  les   nerf
[Wed Jun 11 20:41:29 2014] <ramers> lui   faire  comprendre   de  lacher .
[Wed Jun 11 20:41:55 2014] <ramers>      ont plaisante  c'est   un piege
[Wed Jun 11 20:42:03 2014] <ramers> un crocodile  au  repa
[Wed Jun 11 20:42:06 2014] <ramers> un crocodile  au  repas
[Wed Jun 11 20:42:30 2014] <ramers> le  faire   cuire  sentire  de  loin  les  jaguar
[Wed Jun 11 20:42:33 2014] <ramers> le  faire   cuire  sentire  de  loin  les  jaguars
[Wed Jun 11 20:43:21 2014] <ramers> et tous .
[Wed Jun 11 20:44:06 2014] <ramers>   bonne  appétit   crocodile
[Wed Jun 11 20:44:18 2014] <ramers>   tu  a  entendu
[Wed Jun 11 20:44:43 2014] <ramers> la  riviere  est   plein  d'eau .
[Wed Jun 11 20:45:02 2014] <ramers> la tete  se  mange
[Wed Jun 11 20:45:07 2014] <ramers> ont  laisse  rien
[Wed Jun 11 20:45:29 2014] <ramers>  quel  bonne  appétie  cette  aliguatore
[Wed Jun 11 20:45:30 2014] <alkabetz> Nope, neither channel op is on right now. :P
[Wed Jun 11 20:46:19 2014] <ramers> ont  pourrait  le  secher  la  viande  avec  du sel .
[Wed Jun 11 20:46:37 2014] <ramers> les proteine .
[Wed Jun 11 20:46:41 2014] <ramers> les proteines .
[Wed Jun 11 20:47:01 2014] <ramers> etant  doner  que  l'estomcs  décompose  tout
[Wed Jun 11 20:47:09 2014] <ramers> les  genes  nous  revienne  pas
[Wed Jun 11 20:47:18 2014] <ramers> un peut  de  science à  savoir .
[Wed Jun 11 20:48:11 2014] <ramers> etant  doner  que  l'estomac  décompose  tout
[Wed Jun 11 20:48:13 2014] <ramers> les  genes  nous  revienne  pas
[Wed Jun 11 20:48:17 2014] <ramers> les  genes  nous  reviennes  pas
[Wed Jun 11 20:48:28 2014] <ramers> un peu  de  science à  savoir .
[Wed Jun 11 20:49:17 2014] <ramers> le   crocodile   vous  mange par  surprise
[Wed Jun 11 20:49:45 2014] <ramers> dieu à  bien  fait   à  eux   cloulé  son  bec  avec un   peu  de   force .
[Wed Jun 11 20:50:10 2014] <ramers> le  trainé  ici  maintenant
[Wed Jun 11 20:50:12 2014] <ramers> tous
[Wed Jun 11 20:50:27 2014] <ramers> dieu à  bien  fait   à  eux   cloué  son  bec  avec un   peu  de   force .
[Wed Jun 11 20:50:52 2014] <ramers>  petit  soyons  à  coté  c'est  un  talent
[Wed Jun 11 20:51:16 2014] <ramers>  le  zbre  est  complement   décapité
[Wed Jun 11 20:51:38 2014] <ramers> petit comme une  sourrie    elle  conserve  sa  forme .
[Wed Jun 11 20:51:43 2014] <mankyKitty> I just used ignore... everything tis deathly quiet now.. :P
[Wed Jun 11 20:52:44 2014] <ramers>  il est  mort
[Wed Jun 11 20:52:49 2014] <ramers>  pas  l'autre
[Wed Jun 11 20:53:25 2014] <ramers>   son dentier  au fond  de la   bouche  est   de la  peau
[Wed Jun 11 20:53:34 2014] <ramers> osé   sert  queleque   fois
[Wed Jun 11 20:54:14 2014] <ramers>   des  ose  ossi  acséder à la  boite  cranier  avec  son  couteau  éguisé  dans l'au .
[Wed Jun 11 20:54:17 2014] <ramers>   des  ose  ossi  acséder à la  boite  cranier  avec  son  couteau  éguisé  dans l'eau .
[Wed Jun 11 20:54:28 2014] <ramers>   des  ose  ossi  acséder à la  boite  cranien  avec  son  couteau  éguisé  dans l'eau .
[Wed Jun 11 20:55:02 2014] <ramers>  et léquipe  qui  doit  savoir    usé  de  son  intelligence  au  mieu aidé
[Wed Jun 11 20:55:22 2014] <ramers>   remonté  assez   vite
[Wed Jun 11 20:55:48 2014] <ramers> une  bouché  d'air   à  coté  de   tous
[Wed Jun 11 20:55:52 2014] <ramers> les  canibale
[Wed Jun 11 20:55:55 2014] <ramers> les  canibale s
[Wed Jun 11 20:55:57 2014] <ramers> les  canibales
[Wed Jun 11 20:56:00 2014] <ramers> pas nous .
[Wed Jun 11 20:56:15 2014] <ramers> tiré   le  deuxieme
[Wed Jun 11 20:56:21 2014] <ramers> qui tient   l'autre
[Wed Jun 11 20:56:30 2014] <ramers> plus  de peur  que  de  mal .
[Wed Jun 11 20:56:51 2014] <ramers> reprenons  notre  nourriture  une  autre  fois
[Wed Jun 11 20:57:40 2014] <ramers>    pas  mal osé
[Wed Jun 11 20:57:49 2014] <ramers> les  court  sont  théorique
[Wed Jun 11 20:57:56 2014] <ramers> pas  pour  rien .
[Wed Jun 11 20:58:04 2014] <ramers> les  cours  sont  théorique
[Wed Jun 11 20:58:09 2014] <ramers> les  cours  sont  théoriques
[Wed Jun 11 20:58:11 2014] <ramers> pas  pour  rien .
[Wed Jun 11 20:58:46 2014] <ramers> osé   le  faire  plustot  que  se  sauvez  comme  un  animale
[Wed Jun 11 20:59:16 2014] <ramers> pas mal  il  vous a  pas  mordu
[Wed Jun 11 20:59:22 2014] <ramers> et  s'était  rapide
[Wed Jun 11 20:59:35 2014] <ramers> les  crocodile ont   manger  l'autre
[Wed Jun 11 20:59:40 2014] <ramers> les  crocodiles ont   manger  l'autre
[Wed Jun 11 20:59:50 2014] <ramers> il  y  en  avait plein
[Wed Jun 11 21:00:00 2014] <ramers> il  faudrai  savoir  ou  s''est
[Wed Jun 11 21:00:04 2014] <ramers> il  faudrai  savoir  ou  s'est
[Wed Jun 11 21:01:15 2014] <ramers>     une  chance  parmis   plusieurs  de lui  coulé  le  bec
[Wed Jun 11 21:01:24 2014] <ramers> c'est   de  la  théorie  ça  aussi .
[Wed Jun 11 21:01:34 2014] <ramers>     une  chance  parmis   plusieurs  de lui  cloué   le  bec
[Wed Jun 11 21:02:27 2014] <ramers>  saut  perrieux  en  erriere  dans  leau .
[Wed Jun 11 21:02:35 2014] <ramers>  saut  perrieux  en  arriere  dans  leau .
[Wed Jun 11 21:03:18 2014] <ramers>  il mort    lea   ce  stupide  animale  à  ce  moment   lui  bouclé   sa   face .
[Wed Jun 11 21:03:33 2014] <ramers> dans  l'au  il sait   nagé .
[Wed Jun 11 21:03:43 2014] <ramers>    il respire pas .
[Wed Jun 11 21:04:03 2014] <ramers>  j   suit  à  coté pas  de  panique  .    tu  respire pas  .
[Wed Jun 11 21:04:30 2014] <ramers>  son  cerveau  est  sa   boite  cranien .   un  couteau de  guerre .
[Wed Jun 11 21:04:37 2014] <ramers> tourné
[Wed Jun 11 21:05:06 2014] <ramers>    sauvons  nous de la , .
[Wed Jun 11 21:05:11 2014] <ramers> pour l'instant
[Wed Jun 11 21:05:25 2014] <ramers> le  language  des  signes .
[Wed Jun 11 21:05:56 2014] <ramers>   loin la  bas
[Wed Jun 11 21:06:01 2014] <ramers>  tiré les .
[Wed Jun 11 21:06:22 2014] <ramers> OKAI
[Wed Jun 11 21:06:26 2014] <ramers>  DEBOUT
[Wed Jun 11 21:06:34 2014] <ramers> PLUS  DE  PALME  CELLE  CI  AU SOL
[Wed Jun 11 21:10:11 2014] <ramers>  le  crocodiles  est  toujours  à craindre
[Wed Jun 11 21:10:34 2014] <ramers> la   thhéorie  sera  jamais  suffisant .
[Wed Jun 11 21:10:40 2014] <ramers> la   théorie  sera  jamais  suffisant .
[Wed Jun 11 21:10:50 2014] <ramers> la   théorie  sera  jamais  suffisant .
[Wed Jun 11 21:11:03 2014] <ramers>    avoir peur  non
[Wed Jun 11 21:11:20 2014] <ramers> mais  savoir  quil  sait  nager  et   courrir  au sol .
[Wed Jun 11 21:11:58 2014] <ramers>  etre  calme à  toujour  été mieu .
[Wed Jun 11 21:12:05 2014] <ramers>  etre  calme à  toujours  été mieu .
[Wed Jun 11 21:12:28 2014] <ramers>    au dessus  de  la  surface  la  haut
[Wed Jun 11 21:12:48 2014] <ramers>  trainer   son arme   dont les  millitaire  save  pas  le  lacher
[Wed Jun 11 21:13:15 2014] <ramers>     un  crocodile à  manger .
[Wed Jun 11 21:13:20 2014] <ramers>   cuit .
[Wed Jun 11 21:13:28 2014] <pyon> Just wondering... What are you going on about?
[Wed Jun 11 21:13:37 2014] <ramers> dautre  moceau à d'autres  voir  si il sont  canibale .
[Wed Jun 11 21:13:40 2014] <ramers> dautre  moceau à d'autres  voir  si il sont  canibale .s
[Wed Jun 11 21:13:43 2014] <ramers> dautre  moceau à d'autres  voir  si il sont  canibales
[Wed Jun 11 21:14:00 2014] <pyon> s'ils* sont, perhaps?
[Wed Jun 11 21:14:17 2014] <ramers> dautre  morceau à d'autres  voir  si il sont  canibales
[Wed Jun 11 21:14:32 2014] <ramers>  un  crocodile  de peche
[Wed Jun 11 21:14:37 2014] <ramers>  se  nourrir ;
[Wed Jun 11 21:14:41 2014] <ramers>  se  nourrir.
[Wed Jun 11 21:14:58 2014] <ramers>   CUIT  AU FEU ;
[Wed Jun 11 21:15:15 2014] <ramers>   cuit au  feu .
[Wed Jun 11 21:18:04 2014] <ramers> des proteines .
[Wed Jun 11 21:18:29 2014] <ramers>  les  virus   existes  que     comme des  parrasites  sauf que  ça
[Wed Jun 11 21:18:55 2014] <ramers> possedent  une  proteine un espace  génétique  propore .
[Wed Jun 11 21:19:00 2014] <ramers> possedent  une  proteine un espace  génétique  propre .
[Wed Jun 11 21:19:27 2014] <ramers> je  serait  moin  bete   croire  que la   théorie  est potentiellement  existante  .   de  a
[Wed Jun 11 21:19:34 2014] <ramers> je  serait  moin  bete   croire  que la   théorie  est potentiellement  existante  de  ça
[Wed Jun 11 21:20:15 2014] <ramers>   quatre patte   de   crocodile  en un  seul  ou  mécui .
[Wed Jun 11 21:20:22 2014] <ramers>   quatre patte   de   crocodile  en un  seul  ou  méchoui .
[Wed Jun 11 21:21:00 2014] <ramers>   combien de  personne   cinq ?
[Wed Jun 11 21:21:09 2014] <ramers> DEUX   CROCODILE  POUR LA  SOIR2
[Wed Jun 11 21:21:20 2014] <ramers> DEUX   CROCODILE  POUR LA  SOIRéé$
[Wed Jun 11 21:22:30 2014] <ramers>   ont  nous  a  libré  du  sel .
[Wed Jun 11 21:22:35 2014] <ramers>   ont  nous  a  livré  du  sel .
[Wed Jun 11 21:23:26 2014] <ramers>  un  gros  morceau de  pulet
[Wed Jun 11 21:23:31 2014] <ramers> pas  de  vache
[Wed Jun 11 21:23:39 2014] <ramers>  un  gros  morceau de  poulet
[Wed Jun 11 21:23:42 2014] <ramers> pas  de  vache.
[Wed Jun 11 21:24:04 2014] <ramers>   ont  est heureux  maintenant
[Wed Jun 11 21:24:15 2014] <ramers>  pas  triste  sauf  à  faire  mine .
[Wed Jun 11 21:31:02 2014] <ramers>  manger   doucement
[Wed Jun 11 21:31:18 2014] <ramers> comme  ceux  qui  dame   peu   ou  beaucoup   avoir  le  meme  poids
[Wed Jun 11 21:32:33 2014] <ramers> je  déteste  pas  la  franmaçonnerie  à  dire   comme  tous   pense    des  satanique .
[Wed Jun 11 21:32:36 2014] <ramers> je  déteste  pas  la  franmaçonnerie  à  dire   comme  tous   pense    des  sataniques .
[Wed Jun 11 21:32:54 2014] <ramers> ce que  jaimerai pas  aussi; .
[Wed Jun 11 21:32:58 2014] <ramers> ce que  jaimerai pas  aussi .
[Wed Jun 11 21:35:31 2014] <ramers>  heuresement
[Wed Jun 11 21:35:37 2014] <ramers> parcontre  à la  cantine
[Wed Jun 11 21:35:44 2014] <ramers> lesz  frittes  saller
[Wed Jun 11 21:35:48 2014] <ramers> ont  aimes
[Wed Jun 11 21:36:05 2014] <ramers> le  steque  ont   en  discute pas  vraiment .
[Wed Jun 11 21:36:25 2014] <ramers> les  cerises .
[Wed Jun 11 21:36:38 2014] <ramers>  manger  votre  steak
[Wed Jun 11 21:36:44 2014] <ramers> apres les  cerises .
[Wed Jun 11 21:42:09 2014] <ramers> le pot  de  cerise .
[Wed Jun 11 21:42:19 2014] <ramers> le  grand pot  de  cerise ;
[Wed Jun 11 21:42:25 2014] <ramers> le  grand pot  de  cerise .
[Wed Jun 11 21:42:56 2014] <ramers>   BASTON  DE  CERIS  ;
[Wed Jun 11 21:43:01 2014] <ramers>   BASTON  DE  CERISe maintenant$  ;
[Wed Jun 11 21:43:07 2014] <ramers>   BASTON  DE  CERISe maintenant$  ;
[Wed Jun 11 21:43:34 2014] <ramers> baston de  cerise   maintenant  .
[Wed Jun 11 21:44:50 2014] <ramers> noyau de  cerise .
[Wed Jun 11 21:45:47 2014] <ramers>   baston  de  nayau de  cerise .
[Wed Jun 11 21:46:04 2014] <ramers>  souflé
[Wed Jun 11 21:46:11 2014] <ramers>  loi la  bas .
[Wed Jun 11 21:46:15 2014] <ramers>  loin la  bas .
[Wed Jun 11 21:48:39 2014] <ramers>  tipar
[Wed Jun 11 21:49:01 2014] <ramers>  noyau de  cerise   loin la  bas
[Wed Jun 11 21:49:12 2014] <ramers>  un soufflé
[Wed Jun 11 21:52:52 2014] <ramers> attack .
[Wed Jun 11 21:53:12 2014] <ramers>   pleins  de  cerises .?
[Wed Jun 11 21:53:14 2014] <ramers>   pleins  de  cerises .
[Wed Jun 11 21:53:16 2014] <ramers>   pleins  de  cerises .
[Wed Jun 11 21:53:20 2014] <ramers>   pleins  de  cerises .
[Wed Jun 11 21:54:00 2014] <ramers>  un soullet  de  noyau
[Wed Jun 11 21:54:12 2014] <ramers> et des  cerisqes  à  balençer  seulement  la  bas
[Wed Jun 11 21:54:31 2014] <ramers> et des  cerises  à  balançer  seulement  la  bas
[Wed Jun 11 21:58:11 2014] <ramers>   je  suit   pas  le  premier   à en parler .
[Wed Jun 11 21:59:11 2014] <ramers>    des  noyeu  de  cerise   meme des  cerises  entiers .
[Wed Jun 11 21:59:55 2014] <ramers> et le  pot  de  fleur  .
[Wed Jun 11 22:00:49 2014] <ramers> et la  table .
[Wed Jun 11 22:00:56 2014] <ramers>  les  chaises .
[Wed Jun 11 22:04:18 2014] <ramers>  manger  des  protein  avant  les  fruits .
[Wed Jun 11 22:04:42 2014] <ramers> LES  PROTEIN FRUITUI2  SONT  AUSSI  DES  PROTeine
[Wed Jun 11 22:05:04 2014] <ramers> LES  PROTEIN FRUITé  SONT  AUSSI  DES  PROTeines
[Wed Jun 11 22:05:16 2014] <ramers> nan ?
[Wed Jun 11 22:05:41 2014] <ramers>  cerise
[Wed Jun 11 22:06:08 2014] <ramers>  noyaux  de   cerise  à totallement  damé .
[Wed Jun 11 22:06:22 2014] <ramers>  à l'autre  boud  de  la  salle .
[Wed Jun 11 22:07:37 2014] <ramers>  fois  deux
[Wed Jun 11 22:07:40 2014] <ramers> et  trois
[Wed Jun 11 22:07:48 2014] <ramers>  et  quatre ;
[Wed Jun 11 22:07:56 2014] <ramers> et cind  et  six
[Wed Jun 11 22:08:01 2014] <ramers> huit  neuf  dix
[Wed Jun 11 22:08:09 2014] <ramers>  et  cent  .
[Wed Jun 11 22:10:56 2014] <ramers>   bataille  de noyau de  cerise     ensuite  de  cerise   simplement  et  de  pot  de  fleur
[Wed Jun 11 22:11:03 2014] <ramers> la  table  et  les  chaises .
[Wed Jun 11 22:13:39 2014] <ramers>  quelque  camp  se  sont  formé.
[Wed Jun 11 22:17:24 2014] <ramers>   soyer labas
[Wed Jun 11 22:17:54 2014] <ramers> mais  peureux  que  je  suit  pa s  vraiment  à  faire  espres  si  plus   jeune                              du cayak  en  faite  non
[Wed Jun 11 22:18:18 2014] <ramers> mais  peureux  que  je  suit  pa s  vraiment  à  faire  espres  si  plus   jeune  du cayak  $
[Wed Jun 11 22:18:20 2014] <ramers> mais  peureux  que  je  suit  pa s  vraiment  à  faire  espres  si  plus   jeune  du cayak
[Wed Jun 11 22:18:46 2014] <ramers>  en  faite  non  j'était pas peureux
[Wed Jun 11 22:19:11 2014] <ramers>  il est compliquer  peut  etre  meme  aaujoudrhui    de  respecter  dieu  et  sa  création .
[Wed Jun 11 22:19:22 2014] <ramers>  il est compliquer  peut  etre  meme  aujoudrhui    de  respecter  dieu  et  sa  création .
[Wed Jun 11 22:19:44 2014] <ramers>   cela  dit  comme  un  noob
[Wed Jun 11 22:19:50 2014] <ramers> mais  pas  loin .?
[Wed Jun 11 22:19:53 2014] <ramers> mais  pas  loin .
[Wed Jun 11 22:20:00 2014] <ramers>   cela  dit  comme  un  noob mais  pas  loin .
[Wed Jun 11 22:21:11 2014] <ramers>  je  déteste  pas  tellement   dieu   parler  de  la   création    comme  darwin  dirait  des  poisson  pareil .
[Wed Jun 11 22:21:32 2014] <ramers> ce que   par  avance   son  charabia   lui  appartient .
[Wed Jun 11 22:22:45 2014] <ramers>    ce que   darwin  dirait  est   totallement  nullement  en  contradiction avec  la  création de  dieu .
[Wed Jun 11 22:25:07 2014] <ramers> je  pense   pas  dire  juif  la  personne  qui  en  est
[Wed Jun 11 22:25:22 2014] <ramers>  moise  est  un  film
[Wed Jun 11 22:25:53 2014] <ramers> leetre  jeai  vu les   fourbe  et  dautres  paysages  bien mieu  éduquer
[Wed Jun 11 22:26:33 2014] <ramers>    tres  simples  de  discuer  de paysage  terrestre .
[Wed Jun 11 22:27:14 2014] <ramers>  je  suit  pas  le pote  de   hitler  lui meme  brun  dire que  les  blond  aux  yaux  bleu  sont  meilleur meme ence  moment  .
[Wed Jun 11 22:27:32 2014] <ramers>  je  suit  pas  le pote  de   hitler  lui meme  brun  dire que  les  blond  aux  yux  bleu  sont  meilleur meme ence  moment  .
[Wed Jun 11 22:27:39 2014] <ramers>  je  suit  pas  le pote  de   hitler  lui meme  brun  dire que  les  blond  aux  yeux  bleu  sont  meilleur meme ence  moment  .
[Wed Jun 11 22:28:00 2014] <ramers>  je  suit  pas  le pote  de   hitler  lui meme  brun  dire que  les  blond  aux  yeux  bleu  sont  meilleurs .
[Wed Jun 11 22:29:37 2014] <copumpkin> ramers: can you stop please?
[Wed Jun 11 22:29:51 2014] <ramers> je parle  de  ce  que  je  veut
[Wed Jun 11 22:29:53 2014] <ramers> ensuite
[Wed Jun 11 22:30:03 2014] <ramers> parler  en  français  si  vous  voulez .
[Wed Jun 11 22:30:16 2014] <copumpkin> j'en ai pas envie
[Wed Jun 11 22:30:21 2014] <ramers> lol.
[Wed Jun 11 22:31:37 2014] <copumpkin> what made you want to write all that stuff?
[Wed Jun 11 22:31:44 2014] <ramers> what  you made
[Wed Jun 11 22:31:52 2014] <ramers>   enddin  zut
[Wed Jun 11 22:32:19 2014] <ramers> je  parles  français  au thcat  je  comprends  beaucoup  de  gens  qui  aime  pas  le  foot  encore  aujourdhui .
[Wed Jun 11 22:33:24 2014] <copumpkin> thank you
[Wed Jun 11 22:33:28 2014] <ramers> je  parles  français  au tchat  je  comprends  beaucoup  de  gens  qui  aime  pas  le  foot  encore  aujourdhui .
[Wed Jun 11 22:34:22 2014] <ramers> ja'aime  le  volley  ball   et  aussi  le badblitnone
[Wed Jun 11 22:35:37 2014] <ramers> ja'aime  le  volley  ball   et  aussi  le badblitone
[Wed Jun 11 22:36:19 2014] <ramers>  je  déteste  le  bablitone  en  vrai.
[Wed Jun 11 22:37:52 2014] <ramers>  je  déteste  le  bablintone  en  vrai.
[Wed Jun 11 22:38:06 2014] <ramers>  je  déteste  le  bablitone  en  vrai.
[Wed Jun 11 22:38:16 2014] <ramers>   le  foot   est  pire
[Wed Jun 11 22:38:34 2014] <ramers>   savoir   en  période  de   baccallauréat   le  tenis .
[Wed Jun 11 22:39:05 2014] <ramers> savoir  tote l'anée  eduquer  sa pose pas  de  probleme;
[Wed Jun 11 22:39:09 2014] <ramers> savoir  tote l'anée  eduquer  sa pose pas  de  probleme;
[Wed Jun 11 22:39:12 2014] <ramers> savoir  tote l'anée  eduquer  sa pose pas  de  probleme.
[Wed Jun 11 22:39:23 2014] <ramers> savoir  toUte l'anée  eduquer  sa pose pas  de  probleme.
[Wed Jun 11 22:39:35 2014] <ramers> savoir  toute l'anée  eduquer  sa pose pas  de  probleme.
[Wed Jun 11 22:39:48 2014] <ramers> savoir  toute l'année  eduquer  sa pose pas  de  probleme.
[Wed Jun 11 22:41:39 2014] <ramers> savoir  toute l'année  eduquer  sa pose pas  de  probleme.
[Wed Jun 11 22:42:16 2014] <ramers> je  félicite  à présent  les  gens  mon  bete   qui passe le  baccalauréat  bientot.
[Wed Jun 11 22:42:36 2014] <ramers> je  félicite  à présent  les  gens  moin  bete   qui passe le  baccalauréat  bientot.
[Wed Jun 11 22:44:19 2014] <ramers> jaitait un  tueur    en  math  et  en  tout  .
[Wed Jun 11 22:44:43 2014] <ramers>  de  la   dire  ça  à tous .
[Wed Jun 11 22:45:53 2014] <ramers> je  sait  pas  plus  aujourdhui  comment   sappelle  les  equations  complexes; S4EN  SOUVENIR  comme les  profs
[Wed Jun 11 22:46:57 2014] <ramers> PARLER    DES  POULPES   EN  CORR2LLATION DANS  SE MONDE ;
[Wed Jun 11 22:47:00 2014] <ramers> PARLER    DES  POULPES   EN  CORR2LLATION DANS  CE MONDE ;
[Wed Jun 11 22:47:40 2014] <ramers> je  suit   satifait  en  parler   de  vous .
[Wed Jun 11 22:47:51 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:13 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:14 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:15 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:16 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:17 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:18 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:22 2014] <ramers> 41
[Wed Jun 11 22:48:23 2014] <ramers> 41
[Wed Jun 11 22:48:23 2014] <ramers> 41
[Wed Jun 11 22:48:23 2014] <ramers> 41
[Wed Jun 11 22:48:23 2014] <ramers> 41
[Wed Jun 11 22:48:23 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:29 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:48:30 2014] <ramers> je  suit   satisfait  en  parler   de  vous .
[Wed Jun 11 22:49:15 2014] <ramers> jai  eut  des   bon  prof
[Wed Jun 11 22:49:24 2014] <ramers> je  peut  rien  reprocher   à moi .
[Wed Jun 11 22:49:37 2014] <ramers> je  peut  rien  reprocher   à moi .
[Wed Jun 11 22:49:44 2014] <ramers> jai  eut  des   bon  profs
[Wed Jun 11 22:49:46 2014] <ramers> je  peut  rien  reprocher   à moi .
[Wed Jun 11 22:53:26 2014] <ramers> meme  en otique
[Wed Jun 11 22:53:33 2014] <ramers> meme  en  optique
[Wed Jun 11 22:54:07 2014] <ramers>  je  peut  absolument  rien me  reprocher .
[Wed Jun 11 22:54:40 2014] <ramers>  c'est la   faute    d'un  tier .
[Wed Jun 11 22:54:59 2014] <ramers>   parceque   ça  aurrait   interresser    la  myonne  game  .
[Wed Jun 11 22:55:10 2014] <ramers>   parceque   ça  aurrait   interresser    la  moyenne  game  .
[Wed Jun 11 22:55:50 2014] <ramers>   nul  est  soit    pas  les  profs .
[Wed Jun 11 22:56:07 2014] <ramers> nul est  soit  pas  les  profs .
[Wed Jun 11 22:58:30 2014] <ramers>    savoit   apprendre  des  math pourrit  appréçié  faites pas  semblant .
[Wed Jun 11 22:58:41 2014] <ramers>    savoir   apprendre  des  math pourrit  appréçié  faites pas  semblant .
[Wed Jun 11 22:58:47 2014] <ramers> ou de la  biologie .
[Wed Jun 11 22:58:57 2014] <ramers> aussi  bien
[Wed Jun 11 22:59:22 2014] <copumpkin> hi roconnor
[Wed Jun 11 22:59:27 2014] <copumpkin> fancy seeing you here!
[Wed Jun 11 22:59:36 2014] <copumpkin> maybe spread some of that power for future needs :)
[Wed Jun 11 23:01:45 2014] <ramers>  apprenez  enffin
[Wed Jun 11 23:01:53 2014] <Cale> Yeah, ramers has been sitting here spamming for 300-some-odd lines
[Wed Jun 11 23:02:04 2014] <ramers> les  profs   qui ont  été   payé par  l'éducations  nationale   les  miens .
[Wed Jun 11 23:02:15 2014] <ramers> par  rappord  au  autres
[Wed Jun 11 23:02:22 2014] <ramers> ls   intellot alleur
[Wed Jun 11 23:02:28 2014] <ramers> ls   intellot ailleur
[Wed Jun 11 23:02:43 2014] <ramers> les   intellot alleur
[Wed Jun 11 23:02:48 2014] <ramers> les   intellot ailleur
[Wed Jun 11 23:08:13 2014] <ChanServ> roconnor set flags +o on cale.
[Wed Jun 11 23:08:30 2014] <ChanServ> roconnor set flags +o on copumpkin.
[Wed Jun 11 23:27:29 2014] <ChanServ> roconnor set flags +ARfirstv on copumpkin.
[Wed Jun 11 23:27:45 2014] <ChanServ> roconnor set flags +ARfirstv on cale.
[Thu Jun 12 08:57:00 2014] <Cypi> Is there way to partially give the shape of an existential? More precisely, if I'm using "eapply foo." and it introduces some existential ?666, quand I tell Coq that it should be something more precise like "Cons ?666"?
[Thu Jun 12 08:57:10 2014] <Cypi> s/quand/can/
[Thu Jun 12 09:54:31 2014] <schoppenhauer> why does inversion not prove that S (S n) <> n?
[Thu Jun 12 12:01:30 2014] <Saizan> need some induction too, i'd imagine
[Thu Jun 12 14:11:43 2014] <johnw> schoppenhauer: I've wondered that too, but I have a feeling it would take an induction proof to determine that
[Thu Jun 12 14:12:44 2014] <schoppenhauer> yes, with induction it worked.
[Thu Jun 12 14:12:58 2014] <johnw> i mean, it can't know that until you've proven it down to the base case
[Thu Jun 12 21:35:07 2014] <johnw> can I prove things directly about recursive data types in negative position in Coq, since I can't do that in Agda without some hoop-jumping?
[Thu Jun 12 21:38:08 2014] <johnw> ah, it says "Non strictly positive occurence" also
[Thu Jun 12 21:40:08 2014] <johnw> what I'm wondering is where I can prove theorems about Free monads in Coq
[Thu Jun 12 21:42:24 2014] <amosr> I think ddere might have been looking at free monads in coq at some stage
[Thu Jun 12 22:07:36 2014] <johnw> can anyone help me understand why Coq thinks 'k' is a type in my call to the Y constructor here: https://gist.github.com/795c9c7777df1ad15b70
[Thu Jun 12 22:07:43 2014] <johnw> let me add more code to that
[Thu Jun 12 22:07:52 2014] <johnw> updated
[Thu Jun 12 22:10:10 2014] <amosr> johnw: Y (fun k …) is the (f : Type -> Type) parameter of Yoneda, I think
[Thu Jun 12 22:10:25 2014] <johnw> doh!  thank you
[Thu Jun 12 22:10:31 2014] <johnw> I forget that that parameter wasn't implicit yet
[Thu Jun 12 22:10:51 2014] <johnw> I'm still not used to type variables being fulfilled by what seem like values passed to functions
[Thu Jun 12 22:10:59 2014] <amosr> hmm, though “Y f (fun k …)” doesn’t work either
[Thu Jun 12 22:11:11 2014] <johnw> Y f X ?
[Thu Jun 12 22:12:44 2014] <johnw> Y f X X (fun k => fmap f X X k a). works, though it's not correct :)
[Thu Jun 12 22:13:22 2014] <amosr> heheh
[Thu Jun 12 22:17:08 2014] <johnw> amosr: got it!  fixed the gist
[Thu Jun 12 22:19:36 2014] <amosr> nice!
[Thu Jun 12 22:20:50 2014] <amosr> I don’t really understand what this is
[Thu Jun 12 22:20:57 2014] <johnw> trying to prove yoneda's lemma
[Thu Jun 12 22:21:22 2014] <amosr> ah ok, I don’t know that
[Thu Jun 12 22:21:30 2014] <amosr> *googles*
[Thu Jun 12 22:21:56 2014] <johnw> for the case of lists, it says that [a] ~ \f -> fmap f [a]
[Thu Jun 12 22:22:08 2014] <johnw> everything you can do with a list, you can do with a suspended application of fmap on a list
[Thu Jun 12 22:22:44 2014] <johnw> the impliciations are very deep, but phrasing it this way makes it easier to prove :)
[Thu Jun 12 22:24:22 2014] <amosr> I think I’m misunderstanding. you couldn’t filter a list with a fmap?
[Thu Jun 12 22:27:37 2014] <johnw> filter' :: (a -> Bool) -> ((a -> a) -> [a]) -> ((a -> a) -> [a])
[Thu Jun 12 22:27:38 2014] <johnw> filter' f xs k = Prelude.filter f (xs k)
[Thu Jun 12 22:29:00 2014] <johnw> so we could define: newtype YList a = YList (forall r. (a -> r) -> [r])
[Thu Jun 12 22:29:11 2014] <johnw> and for all intents and purposes, anything you can do with [a], you can do with YList a
[Thu Jun 12 22:29:23 2014] <johnw> which means we can write functions [a] -> YList a, and YList a -> [a]
[Thu Jun 12 22:29:42 2014] <johnw> (sorry, I speak more Haskell than Coq)
[Thu Jun 12 22:30:20 2014] <amosr> yeah, me too
[Thu Jun 12 22:31:14 2014] <amosr> huhh okay
[Thu Jun 12 22:31:28 2014] <johnw> the advantage of doing so
[Thu Jun 12 22:31:53 2014] <johnw> is that repeated applications of fmap turn into simple composition, and the real fmap is only invoked once you lower the YList a back to [a]
[Thu Jun 12 22:32:08 2014] <johnw> so in cases where you have to pass a list around to various functions, each doing its own fmapping
[Thu Jun 12 22:32:22 2014] <johnw> this lets you optimize for the 2nd functor law without changing any of that code
[Thu Jun 12 22:32:24 2014] <johnw> it's a pretty nifty trick
[Thu Jun 12 22:32:26 2014] <amosr> oh!
[Thu Jun 12 22:32:53 2014] <amosr> like a “delayed array representation for free”
[Thu Jun 12 22:32:55 2014] <amosr> wow
[Thu Jun 12 22:32:57 2014] <johnw> exactly
[Thu Jun 12 22:33:23 2014] <johnw> and it gets better too
[Thu Jun 12 22:33:34 2014] <johnw> lists are isomorphic to suspended fmaps, per Yoneda
[Thu Jun 12 22:33:39 2014] <johnw> they are also isomorphic to suspended folds
[Thu Jun 12 22:34:03 2014] <johnw> newtype FList a = FList (forall r. r -> (r -> a -> r) -> r)
[Thu Jun 12 22:34:23 2014] <johnw> now, let's say we want to generate our list on demand, using side-effects, so we turn this into a suspended monadic fold:
[Thu Jun 12 22:34:35 2014] <johnw> newtype FListM m a = FListM (forall r. r -> (r -> a -> m r) -> m r)
[Thu Jun 12 22:34:45 2014] <johnw> well, believe it or not, we have enough for an entire streaming library, using only that type :)
[Thu Jun 12 22:35:00 2014] <johnw> see http://hackage.haskell.org/package/simple-conduit :)
[Thu Jun 12 22:35:55 2014] <amosr> that’s fascinating
[Thu Jun 12 22:36:05 2014] <johnw> yeah, it's still blowing my mind over here
[Thu Jun 12 22:37:09 2014] <johnw> so, I was wanting to prove some of these properties in Coq, which is what brought me here
[Thu Jun 12 22:38:37 2014] <johnw> I don't think the way I've written is_iso is correct, though
[Thu Jun 12 22:38:45 2014] <johnw> maybe that should be a Definition
[Thu Jun 12 22:39:33 2014] <amosr> yeah, I think it should be a definition
[Thu Jun 12 22:48:46 2014] <ddere> johnw: yeah free monads dont really work in coq
[Thu Jun 12 22:48:54 2014] <johnw> amosr: yay, https://gist.github.com/59aa0b5b16e85911928d
[Thu Jun 12 22:48:58 2014] <johnw> yoneda proven for lists :)
[Thu Jun 12 22:49:42 2014] <johnw> ddere: do you have any developments started?
[Thu Jun 12 22:50:19 2014] <ddere> no i backed out of them
[Thu Jun 12 22:50:33 2014] <ddere> i dont think they are possible in coq
[Thu Jun 12 22:50:40 2014] <ddere> well
[Thu Jun 12 22:50:52 2014] <ddere> not as an inductive type at least
[Thu Jun 12 22:51:09 2014] <amosr> johnw: cool! do you think you’d be able to prove that just from the fmap laws, for any functor?
[Thu Jun 12 22:51:11 2014] <johnw> ddere: see: https://github.com/jwiegley/notes/blob/master/agda-free-monad-trick.md
[Thu Jun 12 22:51:24 2014] <ddere> coq can't validate the positivity restriction
[Thu Jun 12 22:51:27 2014] <johnw> amosr: I would be able to prove it for any functor whose functor laws have been proven
[Thu Jun 12 22:51:36 2014] <johnw> so this is likely a job for type classes
[Thu Jun 12 22:51:44 2014] <ddere> ah i see
[Thu Jun 12 22:51:47 2014] <johnw> then, if you can make an instance of the functor type class, then by definition yoneda applies to you
[Thu Jun 12 22:51:56 2014] <amosr> yeah
[Thu Jun 12 22:52:08 2014] <johnw> ddere: I didn't write that note, btw
[Thu Jun 12 22:52:16 2014] <johnw> it was copied from elsewhere on the web
[Thu Jun 12 22:52:20 2014] <amosr> or if you don’t want to screw around with typeclasses, you could just assume them as hypotheses/variables
[Thu Jun 12 22:52:28 2014] <ddere> johnw: well yeh the positivity restriction is exactly the problem i ran into but i couldnt work around it
[Thu Jun 12 22:53:00 2014] <johnw> ddere: oh well
[Thu Jun 12 22:53:14 2014] <amosr> Variable f : Type -> Type. Variable fmap : … f a -> f b. Hypothesis fmap_id x : fmap id x = x
[Thu Jun 12 22:53:20 2014] <johnw> the strict positivity requirement makes it hard to prove some things I'd really like to make proofs for :(
[Thu Jun 12 22:53:23 2014] <shergill> johnw: so what use cases does simple-conduit not handle (wrt conduit)?
[Thu Jun 12 22:53:27 2014] <johnw> amosr: right
[Thu Jun 12 22:53:28 2014] <ddere> johnw: well the first few lines of that note imply that thats what he is working around, is that right?
[Thu Jun 12 22:53:34 2014] <johnw> shergill: there are essentially two
[Thu Jun 12 22:53:37 2014] <amosr> which is probably just equivalent to a typeclass really
[Thu Jun 12 22:53:46 2014] <johnw> shergill: leftovers, and fine-grained exception handling
[Thu Jun 12 22:54:02 2014] <johnw> shergill: thus far, I've been able to implement every other conduit function in terms of simple-conduit, with no loss of functionality
[Thu Jun 12 22:54:10 2014] <shergill> i forget, but does pipes handle leftovers?
[Thu Jun 12 22:54:12 2014] <johnw> oh, and ZipSinks require side-effects to implement
[Thu Jun 12 22:54:15 2014] <johnw> no, pipes does not either
[Thu Jun 12 22:54:18 2014] <ddere> johnw: really? i think things would be pretty broken without it
[Thu Jun 12 22:54:22 2014] <shergill> makes sense
[Thu Jun 12 22:54:32 2014] <johnw> ddere: pretty broken without what?
[Thu Jun 12 22:54:40 2014] <ddere> the positivity restriction
[Thu Jun 12 22:54:45 2014] <johnw> oh, yeah
[Thu Jun 12 22:54:57 2014] <johnw> but I was hoping to prove some properties of simple-conduit in Coq
[Thu Jun 12 22:55:02 2014] <johnw> but I'm not going to be able to
[Thu Jun 12 22:55:03 2014] <ddere> oh i see
[Thu Jun 12 22:55:15 2014] <johnw> or at least, not without more effort than it's worth
[Thu Jun 12 22:55:20 2014] <ddere> right yeh
[Thu Jun 12 22:55:28 2014] <ddere> i know that feeling
[Thu Jun 12 22:55:45 2014] <johnw> I'll just use good old fast Eq reasoning to show that they form a category, uphold the monad laws, etc.
[Thu Jun 12 22:56:42 2014] <johnw> i'm actually starting to think that simple-conduit may be as expressive as uni-directional pipes, which means that I can use his FreeT trick to achieve the same kinds of things that Gabriel does
[Thu Jun 12 22:57:40 2014] <amosr> I’m staying at a friend’s place. he doesn’t drink coffee… better go buy some. seeya!
[Thu Jun 12 22:57:58 2014] <johnw> ah, not quite
[Thu Jun 12 22:58:07 2014] <johnw> pipes' Proxy type is an MFunctor, which my Source cannot be
[Thu Jun 12 22:58:22 2014] <johnw> so he has greater expressivity
[Thu Jun 12 23:01:28 2014] <johnw> oh, n/m!
[Thu Jun 12 23:01:32 2014] <johnw> just implemented MFunctor :)
[Thu Jun 12 23:01:42 2014] <johnw> it's wonderful what a night of rest can do
[Fri Jun 13 02:49:32 2014] <johnw> if I have a function that wants an argument like {X : Type}, how do I specify X?  Using {arg} doesn't work in Coq as it would in Agda
[Fri Jun 13 02:49:53 2014] <ddere> @
[Fri Jun 13 02:50:05 2014] <ddere> if you func is "foo"
[Fri Jun 13 02:50:17 2014] <ddere> @foo is the same func with the implicit args made explicit
[Fri Jun 13 02:50:25 2014] <ddere> i think, from memeory
[Fri Jun 13 03:01:11 2014] <ddere> johnw: did that work?
[Fri Jun 13 03:05:29 2014] <johnw> ah, didn't try that
[Fri Jun 13 03:05:33 2014] <johnw> but thank you
[Fri Jun 13 03:06:07 2014] <ddere> johnw: hehe thanks me when it works, i'm a bit unsure
[Fri Jun 13 03:06:16 2014] <johnw> I have a Functor type class now
[Fri Jun 13 03:06:25 2014] <johnw> how do I say that a Theorem wants (F : Functor)?
[Fri Jun 13 03:07:29 2014] <ddere> https://github.com/domdere/haskell-coq/blob/master/src/classes/Applicative.v#L36
[Fri Jun 13 03:07:32 2014] <ddere> something like that
[Fri Jun 13 03:07:37 2014] <ddere> i do it with Applictive there though
[Fri Jun 13 03:07:52 2014] <johnw> ah, nice
[Fri Jun 13 03:07:57 2014] <johnw> that's exactly what I needed, thanks!
[Fri Jun 13 03:08:01 2014] <ddere> np
[Fri Jun 13 03:08:10 2014] <johnw> and @ worked too
[Fri Jun 13 03:08:21 2014] <ddere> if you want to use it as a constraint later like (Functor f) => Applicative f
[Fri Jun 13 03:08:26 2014] <ddere> that example is there too ;)
[Fri Jun 13 03:08:44 2014] <ddere> like i mean as a constraint for another typeclass
[Fri Jun 13 03:14:40 2014] <johnw> saw that
[Fri Jun 13 03:16:36 2014] <johnw> ddere: I have this now: https://gist.github.com/a406d661167b1a19b918
[Fri Jun 13 03:16:51 2014] <johnw> can you tell me why, in lift_yoneda, it complains that 'k' has type 'Type'?
[Fri Jun 13 03:16:56 2014] <johnw> shouldn't it have type X -> Y?
[Fri Jun 13 03:19:55 2014] <ddere> hmm
[Fri Jun 13 03:20:03 2014] <ddere> yeah i cant see the problem there either sorry :(
[Fri Jun 13 03:20:15 2014] <ddere> you're doing something that i hadnt figured out how to do with : (forall {Y}, (X -> Y) -> F Y)
[Fri Jun 13 03:20:27 2014] <ddere> as in real polymorphism in Y
[Fri Jun 13 03:20:48 2014] <ddere> so, thats the second line and its already unexplored territory for me
[Fri Jun 13 03:20:56 2014] <johnw> :)
[Fri Jun 13 03:21:01 2014] <johnw> I'm just translating the Haskell really
[Fri Jun 13 03:21:16 2014] <ddere> :)
[Fri Jun 13 03:24:07 2014] <johnw> coq.inria.fr is down ;(
[Fri Jun 13 03:24:31 2014] <ddere> :/
[Fri Jun 13 03:28:03 2014] <johnw> ddere: got it!
[Fri Jun 13 03:28:10 2014] <ddere> nice!
[Fri Jun 13 03:28:15 2014] <johnw> Embed takes two parameters, since they aren't implicit in the definition of Yoneda
[Fri Jun 13 03:28:24 2014] <ddere> ahh
[Fri Jun 13 03:28:25 2014] <johnw> I love it when everything turns that pleasing shade of blue :)
[Fri Jun 13 03:28:30 2014] <ddere> :)
[Fri Jun 13 03:28:35 2014] <johnw> (well, Embed takes three)
[Fri Jun 13 03:28:41 2014] <johnw> Embed F X (fun _ f => fmap f a)
[Fri Jun 13 03:28:43 2014] <johnw> is what I needed exactly
[Fri Jun 13 03:28:49 2014] <johnw> dunno why the _ is necessary
[Fri Jun 13 03:28:54 2014] <johnw> since the {Y} is implicit
[Fri Jun 13 03:29:19 2014] <johnw> I updated https://gist.github.com/jwiegley/a406d661167b1a19b918
[Fri Jun 13 03:29:27 2014] <johnw> now yoneda is proven for any functor :)
[Fri Jun 13 03:29:49 2014] <ddere> ah right i see now
[Fri Jun 13 03:30:06 2014] <johnw> my is_iso needs to prove both directions also
[Fri Jun 13 03:30:13 2014] <ddere> yeh that bites me too even when i use something simple like a list sometimes
[Fri Jun 13 03:30:43 2014] <ddere> anyway im heading off cya!
[Fri Jun 13 03:32:00 2014] <johnw> night!  thanks for your help
[Fri Jun 13 03:37:35 2014] <ddere> np :)
[Fri Jun 13 04:47:47 2014] <johnw> how should I express a theorem that involves two propositions?
[Fri Jun 13 04:48:04 2014] <johnw> for example, to prove an isomorphism, I want to prove that to (from x) = x && from (to x) == x
[Fri Jun 13 04:48:23 2014] <johnw> but I'd like to proceed by proving each individually
[Fri Jun 13 04:48:46 2014] <johnw> perhaps I should make a data type called Isomorphism?
[Fri Jun 13 04:48:55 2014] <johnw> i'm not sure at which "level" to do this
[Fri Jun 13 06:02:18 2014] <roosbeef> so im working with multisets
[Fri Jun 13 06:02:47 2014] <roosbeef> equality between multisets M N is denoted meq M N, or M =mul= N
[Fri Jun 13 06:02:56 2014] <roosbeef> i need decidability of this equality
[Fri Jun 13 06:03:18 2014] <roosbeef> but the only lemmas seeming to relate to that i could find were these:
[Fri Jun 13 06:03:20 2014] <roosbeef> Lemma empty_dec : forall M, {M =mul= empty}+{M <>mul empty}.
[Fri Jun 13 06:03:31 2014] <roosbeef> Lemma empty_decomp_dec : forall M, {Ma: (Multiset * A) | M =mul= fst Ma + {{snd Ma}}} + {M =mul= empty}.
[Fri Jun 13 06:03:46 2014] <roosbeef> is this some sort of standard deal for list-like data type equalities?
[Fri Jun 13 06:04:35 2014] <roosbeef> can i employ these two lemmas to prove Lemma meq_dec : forall M N, {M =mul= N} + {M <>mul N}
[Fri Jun 13 06:04:37 2014] <roosbeef> ?
[Fri Jun 13 06:07:34 2014] <roosbeef> hm
[Fri Jun 13 06:07:40 2014] <roosbeef> theres also Lemma member_dec : forall a M, {a in M}+{~a in M}.
[Fri Jun 13 06:49:55 2014] <roosbeef> back in a bit
[Fri Jun 13 10:17:53 2014] <shergill> could someone link me and/or explain the strict positivity condition. what is meant by positive and negative in this context, and how is it sufficient for soundness?
[Fri Jun 13 10:24:04 2014] <ianjneu> shergill: it's a sufficient condition to make fixpoints on inductive types always terminate. In other words, it's sufficient to make the type well-founded.
[Fri Jun 13 10:25:09 2014] <ianjneu> Unfortunately we don't have support for a semantic notion of inductive datatype that allows users to prove their generators indeed are still well-founded even if not strictly positive.
[Fri Jun 13 10:25:43 2014] <ianjneu> there's some discussion here
[Fri Jun 13 10:25:45 2014] <ianjneu> http://adam.chlipala.net/cpdt/html/InductiveTypes.html
[Fri Jun 13 10:27:12 2014] <shergill> ianjneu: right, i gather that. but what threw me off was the example of the Inductive term here http://adam.chlipala.net/cpdt/html/InductiveTypes.html
[Fri Jun 13 10:27:44 2014] <shergill> i don't understand why only 'Abs' constructor runs afoul and not 'App'
[Fri Jun 13 10:32:00 2014] <ianjneu> That tripped me up too when I tried to understand strict positivity. I didn't end up getting a satisfying answer, just "because"
[Fri Jun 13 10:33:07 2014] <ianjneu> you can think of a -> b -> c as (prod a b) -> c, and in inductive type definitions, c is always the inductive type, so you might as well consider a and b to be in positive position.
[Fri Jun 13 10:33:54 2014] <ianjneu> but that probably is just confusing and unenlightening. That's where I am with my understanding.
[Fri Jun 13 10:59:55 2014] <shergill> http://coq.inria.fr/refman/Reference-Manual006.html seems to offer some detail, but i need time to digest it
[Fri Jun 13 12:19:18 2014] <schoppenhauer> hello. how cann I pass a parameter to an imported module, imported by module import.
[Fri Jun 13 12:26:12 2014] <schoppenhauer> I mean, I can assume parameters ... as documented in http://www.lix.polytechnique.fr/coq/distrib/current/refman/Reference-Manual004.html.
[Fri Jun 13 12:26:24 2014] <schoppenhauer> but how can I set them when importing?
[Fri Jun 13 12:42:25 2014] <ianjneu> schoppenhauer: Parameters, Variables, Hypotheses etc are all synonyms for extra arguments that will be passed to functions that use them. You have two options
[Fri Jun 13 12:42:51 2014] <ianjneu> 1. redefine everything with the parameters explicitly given.
[Fri Jun 13 12:43:39 2014] <ianjneu> 2. give all your parameters unique 'tags' and then use the canonical structure mechanism to automatically resolve to the parameter you want.
[Fri Jun 13 12:44:11 2014] <ianjneu> Inductive Tag : Type := my_unique_tag : type_to_tag -> Tag.
[Fri Jun 13 12:44:39 2014] <ianjneu> Coq is notoriously bad at ergonomics.
[Fri Jun 13 12:47:33 2014] <schoppenhauer> ianjneu: redefinition is no option, I want to use http://coq.inria.fr/stdlib/Coq.Sorting.Mergesort.html#Sort.sort
[Fri Jun 13 12:47:44 2014] <schoppenhauer> ianjneu: the problem is that the type has a parameter.
[Fri Jun 13 12:48:17 2014] <schoppenhauer> I don't get this "tag" thing ...
[Fri Jun 13 12:49:24 2014] <schoppenhauer> and what's the canonical structure mechanism?
[Fri Jun 13 12:50:30 2014] <schoppenhauer> ok, I do not really understand the documentation about canonical structures.
[Fri Jun 13 12:51:52 2014] <schoppenhauer> can I declare modules "locally" somehow?
[Fri Jun 13 12:52:10 2014] <ianjneu> Modules may not be within Sections.
[Fri Jun 13 12:52:56 2014] <schoppenhauer> so there is no way to directly set the parameters, and if I have a list of parametrized types whjich I want to sort, I can ... gfm ...?
[Fri Jun 13 12:52:57 2014] <ianjneu> I also don't know how a local module would help you. If you're not using modules for scoping tactic databases and notations, you should really just be using records.
[Fri Jun 13 12:53:12 2014] <schoppenhauer> i do not want to use modules.
[Fri Jun 13 12:53:16 2014] <schoppenhauer> but mergesort uses them
[Fri Jun 13 12:53:28 2014] <ianjneu> lame.
[Fri Jun 13 12:53:35 2014] <schoppenhauer> see http://coq.inria.fr/stdlib/Coq.Sorting.Mergesort.html
[Fri Jun 13 12:53:48 2014] <schoppenhauer> I'm trying to follow the example at the bottom of the page
[Fri Jun 13 12:53:51 2014] <schoppenhauer> but they sort Nat.
[Fri Jun 13 12:54:04 2014] <schoppenhauer> I have an order over fin n * nat, where n is a parameter.
[Fri Jun 13 12:54:16 2014] <schoppenhauer> and this parameter is set _inside_ a proof.
[Fri Jun 13 12:54:33 2014] <ianjneu> modules are not first class. You can't do that.
[Fri Jun 13 12:55:05 2014] <schoppenhauer> so ... I cannot use this library?
[Fri Jun 13 12:55:18 2014] <ianjneu> You'll have to rewrite it to use records.
[Fri Jun 13 12:55:42 2014] <schoppenhauer> is there another library for list sorting?
[Fri Jun 13 12:55:51 2014] <ianjneu> Or find a version rewritten already, since most people have realized modules in Coq are terrible.
[Fri Jun 13 12:56:10 2014] <schoppenhauer> I guess writing it myself is easier ...
[Fri Jun 13 12:57:35 2014] <ianjneu> put it on github afterwards so others may benefit.
[Fri Jun 13 12:59:10 2014] <ianjneu> schoppenhauer:  ordered types have a typeclass implementation in Lescuyer's Containers contribution
[Fri Jun 13 12:59:13 2014] <ianjneu> http://coq.inria.fr/pylons/pylons/contribs/view/Containers/v8.4
[Fri Jun 13 13:18:37 2014] <schoppenhauer> hm. do not really see how this would help
[Fri Jun 13 16:14:06 2014] <johnw> can someone help me with this: https://gist.github.com/4f11f2a128183fe33f68
[Fri Jun 13 16:14:14 2014] <johnw> I'm down to this goal: Embed F X (fmap x f) id = Embed F X f x
[Fri Jun 13 16:14:32 2014] <johnw> which should be trivially true, except that its truth depends on the implementation of how Embed is lowered by lower_yoneda
[Fri Jun 13 16:15:32 2014] <johnw> and I'm not sure how to say that these values will both be consumed by lower_yoneda, and that it's in that sense that they are equal
[Fri Jun 13 16:22:23 2014] <Saizan> quotient types would be the solution
[Fri Jun 13 16:22:47 2014] <johnw> what are those?
[Fri Jun 13 16:25:30 2014] <johnw> searching
[Fri Jun 13 16:31:28 2014] <johnw> hmm
[Fri Jun 13 16:35:48 2014] <Saizan> basically they allow you to specify a custom equivalence relation to use place of their equality
[Fri Jun 13 16:36:12 2014] <johnw> do you have a simpler example of their use than what I'm finding online?
[Fri Jun 13 16:36:37 2014] <Saizan> but anyhow Coq doesn't have the
[Fri Jun 13 16:36:41 2014] <Saizan> *them
[Fri Jun 13 16:36:44 2014] <johnw> ah
[Fri Jun 13 16:40:05 2014] <johnw> so is this proof not doable in Coq then?  or will it just require a lot more wizardry than I posses at the moment?
[Fri Jun 13 16:42:25 2014] <Saizan> you either have to postulate quotient types or change your definition of functor to use a given equivalence relation rather than equality
[Fri Jun 13 16:43:22 2014] <johnw> ah
[Fri Jun 13 17:07:12 2014] <johnw> hmm..
[Fri Jun 13 17:07:19 2014] <johnw> can I just make something this basic a Hypothesis?
[Fri Jun 13 17:07:40 2014] <johnw> something tells me that's just bad form though
[Fri Jun 13 17:07:53 2014] <johnw> creating a functor equivalence is a bit too non-obvious yet
[Fri Jun 13 17:24:53 2014] <Saizan> i guess it's not too bad, since it's a consequence of parametricity
[Fri Jun 13 17:30:42 2014] <johnw> OK.  I'll stick with it for now, then.  I'm not trying to develop a general treatment for CT, but just endofunctors in Coq (ala Haskell), so that I can prove things about the behavior of Haskell types.
[Fri Jun 13 17:30:58 2014] <johnw> total Haskell types, that is
[Sat Jun 14 02:04:38 2014] <johnw> what does `(...) mean?
[Sat Jun 14 03:53:55 2014] <johnw> if I have something like (let (fmap, _, _) := Identity_Functor X in fmap), and I know what Identity_Functor is, how can I "unfold" that?
[Sat Jun 14 04:13:06 2014] <johnw> ah, Defined
[Sat Jun 14 05:16:01 2014] <johnw> in this code: https://gist.github.com/f9a2bbdd246ebd4e00e6, in the fun_identity proof for EitherT_Functor, I need to be able to unfold the fmap definition from Either_Functor.  How do I bring that instance "into scope" so to speak?
[Sat Jun 14 11:16:26 2014] <schoppenhauer> hm ... so now I have written a module "Quicksort" ... and it is in the same directory as my main project file. And Print LoadPath also contains the directory of my project file. Still, I cannot Require Import it.
[Sat Jun 14 11:19:01 2014] <schoppenhauer> ah.
[Sat Jun 14 11:19:06 2014] <schoppenhauer> I have to run Coqc on it.
[Sat Jun 14 11:19:10 2014] <schoppenhauer> didnt know that, sorry.
[Sat Jun 14 14:39:50 2014] <schoppenhauer> is it possible to pass the names of the hypotheses to "destruct" and "inversion"?
[Sat Jun 14 14:52:11 2014] <ianjneu> schoppenhauer: yes, destruct H as [a b c|d e] if there are two constructors of H, the first with (at least) 3 arguments, the second with (at least) 2 arguments.
[Sat Jun 14 14:52:18 2014] <ianjneu> same with inversion
[Sat Jun 14 15:08:41 2014] <johnw> when I'm defining an instance whose type is also an instance of the same typeclass, how do I make that other instance's definitions transparent?
[Sat Jun 14 15:08:48 2014] <johnw> i mean, whose type has within it a type which is an instance of the same typeclass
[Sat Jun 14 15:10:38 2014] <johnw> ahh, Transparent
[Sat Jun 14 15:14:45 2014] <johnw> if my function accepts a constraint (m_dict : Monad M), how do I make that m_dict transparent?
[Sat Jun 14 15:45:46 2014] <johnw> I guess that makes no sense, until I would know which monad it was; thanks
[Sat Jun 14 15:50:26 2014] <johnw> given that I have this m_dict, can I push one of its laws as a hypothesis into the current context (I'm assuming it's already taken as "given", I just don't see it)?  I found my way to proceed, but I have to modify the law to match the exact form of my goal.
[Sat Jun 14 16:04:57 2014] <johnw> aha: pose proof (@monad_law_5 M m_dict X) as H.
[Sat Jun 14 16:05:01 2014] <johnw> thank goodness for stackoverflow
[Sun Jun 15 13:17:08 2014] <cjenkin2> johnw: there's an oplss channel, if you're interested
[Sun Jun 15 16:23:59 2014] <alkabetz> If I say [Hint Rewrite my_thm], what tactics will leverage that theorem?
[Sun Jun 15 19:10:19 2014] <alkabetz> Can I extract Coq nats to Haskell Integers or some other numeric type?
[Sun Jun 15 19:21:21 2014] <amosr> alkabetz: yup, I think…
[Sun Jun 15 19:21:25 2014] <amosr> Extract Inductive nat => "Prelude.Int" [ "0" "(Prelude.+ 1)" ] "(\fO fS n -> if n Prelude.== 0 then fO () else fS (n Prelude.- 1))".
[Sun Jun 15 19:23:00 2014] <amosr> I imagine you’d want to extract addition, subtraction and all that to something like ((a - b) `max` 0)
[Sun Jun 15 19:27:30 2014] <amosr> I guess something like… Extract Constant minus => “(\a b -> Prelude.max 0 (Prelude.- a b))”.
[Sun Jun 15 19:27:44 2014] <alkabetz> Heh, that last argument to Extract Inductive is totally undocumented.  Thanks!
[Sun Jun 15 19:28:10 2014] <amosr> though it might be nicer to define your own newtype Nat = Nat Integer with its own Num instance
[Sun Jun 15 19:28:45 2014] <alkabetz> * nods
[Sun Jun 15 19:28:46 2014] <amosr> actually what I’ve been wondering about extraction – do you know if there’s a way to add “import qualified Blah” to the top of the extracted module?
[Sun Jun 15 19:29:16 2014] <amosr> it seems like such an obvious thing, but I just haven’t seen it mentioned in the docs
[Sun Jun 15 19:37:28 2014] <ddere> it would be nice if this was integrated with cabal
[Sun Jun 15 19:40:10 2014] <ddere> amosr: you been doing a lot of coq extraction to haskell?
[Sun Jun 15 19:40:27 2014] <ddere> amosr: i wouldnt mind learning all your tricks
[Sun Jun 15 19:40:50 2014] <amosr> ddere: not a whole lot. I’ve just been playing around to see how plausible it was
[Sun Jun 15 19:43:00 2014] <mankyKitty> that seems like a mad science sort of fun, will have to try haskell / coq fun times when I'm a bit more skilled ^.^
[Sun Jun 15 19:44:45 2014] <amosr> yeah, I’m hoping to be able to extract something useful that we can use in ddc
[Sun Jun 15 19:53:20 2014] <ddere> ah cool
[Sun Jun 15 20:24:46 2014] <ddere> amosr: I think what i worry about when it comes to extracting haskell from coq is all the `error  "absurd case"' like statements that might crop up all over the place when it removes all the proofs
[Sun Jun 15 20:26:13 2014] <amosr> ddere: hmm, I haven’t seen any of those, but I have seen this double underscore __ for when Prop values are computed
[Sun Jun 15 20:26:47 2014] <ddere> amosr: oh ok cool maybe its not as bad as i feared then
[Sun Jun 15 20:27:33 2014] <ddere> they have those error cases in some CPDT examples where they extract some examples to Ocaml, i.e it gereates partialfunctions
[Sun Jun 15 20:27:35 2014] <amosr> my stuff probably doesn’t have many absurd cases though
[Sun Jun 15 20:28:11 2014] <mankyKitty> so have you been just sort of working through various types, and typeclasses etc? proving that they work in Coq and then using them for building up the rest?
[Sun Jun 15 20:28:28 2014] <mankyKitty> or is it for actual programs? like vital pieces that Must Work(TM)
[Sun Jun 15 20:30:20 2014] <amosr> so, what I eventually want to do is prove that this fusion/clustering algorithm gives a clustering that works/gives the same result
[Sun Jun 15 20:31:05 2014] <amosr> the clustering algorithm takes a list of combinators or graph, and generates these integer linear programming constraints
[Sun Jun 15 20:32:00 2014] <amosr> so I’ve axiomatised the integer linear program solver in coq, but ideally I’d be able to extract a function that takes a list of combinators, and gives back a list of constraints
[Sun Jun 15 20:32:31 2014] <amosr> or better yet, if it returned the list of (list of combinators fused together)
[Sun Jun 15 20:32:42 2014] <mankyKitty> wow
[Sun Jun 15 20:32:43 2014] <mankyKitty> damn
[Sun Jun 15 20:33:17 2014] <amosr> I’ve just started trying with a much simpler clustering algorithm though
[Sun Jun 15 20:33:18 2014] <mankyKitty> so basically you're prototyping and designing and proving in Coq before you implement in Haskell? That's awesome... (if I've understood correctly)
[Sun Jun 15 20:33:59 2014] <amosr> actually I have already implemented a rough prototype in haskell, but it’s not integrated into DDC
[Sun Jun 15 20:34:23 2014] <mankyKitty> DDC? (sorry ><)
[Sun Jun 15 20:34:43 2014] <amosr> ah, the disciplined disciple compiler (benl23’s language)
[Sun Jun 15 20:35:09 2014] <amosr> strict, haskelly, but finer-grained effect types instead of using monads for side-effects
[Sun Jun 15 20:35:43 2014] <mankyKitty> oooo another language!! *adds to list*
[Sun Jun 15 20:36:52 2014] <mankyKitty> oh man that looks awesome
[Sun Jun 15 20:36:55 2014] <mankyKitty> brutal, but fun
[Sun Jun 15 20:37:04 2014] <amosr> …and we have this ghc plugin that converts things to ddc core and back, so we can implement our fusion optimisations in ddc and use them from ghc
[Sun Jun 15 20:37:15 2014] <mankyKitty> O.O
[Sun Jun 15 20:37:26 2014] <mankyKitty> cripes that's the pointy end of things
[Sun Jun 15 20:38:42 2014] <mankyKitty> yeah I'm definitely getting in on this, thanks amosr !! :D
[Sun Jun 15 20:39:12 2014] <amosr> it’s pretty crazy, but it will end up being less work than implementing twice (I hope)
[Sun Jun 15 21:24:45 2014] <amosr> extraction to haskell xmonad experience report “I use a shell-script that removes the first fifteen lines of the extracted Haskell code and splices in a custom, hand-written Haskell header”
[Sun Jun 15 21:39:20 2014] <mankyKitty> o.O
[Sun Jun 15 22:48:51 2014] <the-manless-man> hi, is there a way of making a definition using terms with holes that are turned into proof obligations?
[Sun Jun 15 22:49:18 2014] <the-manless-man> i'm thinking specifically on the exist constructor for sig types
[Sun Jun 15 22:49:43 2014] <the-manless-man> i haven't found anything similar
[Sun Jun 15 22:54:39 2014] <ddere> kind of like the metavariables in idris?
[Sun Jun 15 22:55:07 2014] <the-manless-man> sorry, i'm not sure, i haven't used idris
[Sun Jun 15 22:55:19 2014] <the-manless-man> i guess it might be similar to that
[Sun Jun 15 22:56:10 2014] <ddere> yeah i dont know sorry :(
[Sun Jun 15 22:56:22 2014] <ddere> it would be nice if there was, cos i think its a great feature
[Mon Jun 16 08:12:28 2014] <schoppenhauer> is there some script or something that automatically adds name-annotations to induction/inversion, etc.?
[Mon Jun 16 08:12:49 2014] <schoppenhauer> and if not ... assuming one wants to write one ... what would be the best way to do it?
[Mon Jun 16 09:39:50 2014] <ianjneu> schoppenhauer: I remember robbert trying to produce better, more persistent names a couple years ago. If he's around perhaps he'll tell you what he learned.
[Mon Jun 16 09:40:36 2014] <schoppenhauer> ianjneu: the problem is, I use a git-version of coq ... and I can remember it has a different naming scheme than the stable version.
[Mon Jun 16 09:41:10 2014] <schoppenhauer> ok, robbert seems to be idling *highlights*
[Mon Jun 16 09:41:26 2014] <schoppenhauer> my ansatz would be to ... run coqtop and parse its output.
[Mon Jun 16 09:41:43 2014] <schoppenhauer> and then just add the names it gives automatically to the file.
[Mon Jun 16 09:45:29 2014] <schoppenhauer> ianjneu: https://github.com/dasuxullebt/quicksort.v btw.
[Mon Jun 16 09:47:05 2014] <ianjneu> This seems like a really good feature for proof general to have.
[Mon Jun 16 09:47:44 2014] <ianjneu> your proofs could really handle to be better automated.
[Mon Jun 16 09:49:11 2014] <schoppenhauer> hm?
[Mon Jun 16 09:49:49 2014] <schoppenhauer> what do you mean?
[Mon Jun 16 09:51:08 2014] <schoppenhauer> by better automated?
[Mon Jun 16 09:51:10 2014] <ianjneu> your proofs are crazy imperative and menial. You can cut out a lot of repetition by encoding your proof strategy into a tactic.
[Mon Jun 16 09:51:20 2014] <schoppenhauer> hm.
[Mon Jun 16 09:51:27 2014] <schoppenhauer> I never worked with tactics so far.
[Mon Jun 16 09:52:00 2014] <ianjneu> everything you're using in your proof is a tactic.
[Mon Jun 16 09:52:19 2014] <schoppenhauer> yes, but I never wrote my own tactics.
[Mon Jun 16 09:53:09 2014] <ianjneu> now's a good a time as any.
[Mon Jun 16 09:53:39 2014] <ianjneu> Also, Coq rejects your statement of the first lemma. {post | ...} isn't a proposition.
[Mon Jun 16 09:54:50 2014] <schoppenhauer> I use a git version.
[Mon Jun 16 09:54:55 2014] <schoppenhauer> which does not reject it.
[Mon Jun 16 09:55:06 2014] <schoppenhauer> never tested it in stable.
[Mon Jun 16 09:56:40 2014] <schoppenhauer> ianjneu: might this be a bug in the git-version?
[Mon Jun 16 09:57:01 2014] <ianjneu> I don't know.
[Mon Jun 16 09:57:37 2014] <schoppenhauer> anyway, it compiles in the version I use.
[Mon Jun 16 10:00:17 2014] <ianjneu> a lot of the time goals are solved just by inverting the right hypothesis. If you write a tactic that just inverts everything, you can get rid of a lot of work.
[Mon Jun 16 10:00:32 2014] <ianjneu> Ltac invert_all := repeat match goal with [H : _ |- _] => inversion H end.
[Mon Jun 16 10:00:51 2014] <ianjneu> your first lemma's base case is then simple:
[Mon Jun 16 10:01:39 2014] <ianjneu> do 5 intro; induction 0; [exists nil,nil; repeat split; intros; try solve [invert_all]|].
[Mon Jun 16 10:02:28 2014] <schoppenhauer> that would be shorter, but nobody would understand it.
[Mon Jun 16 10:02:58 2014] <schoppenhauer> but I need to look at the tactic stuff.
[Mon Jun 16 10:03:33 2014] <ianjneu> perhaps intros; induction list; [exists nil,nil; firstorder|].
[Mon Jun 16 10:09:55 2014] <schoppenhauer> anyway ... the much bigger problem is to make it ... compatible with future versions of coq.
[Mon Jun 16 10:10:16 2014] <schoppenhauer> not only this but also the rest of my code
[Mon Jun 16 10:11:03 2014] <ianjneu> the best way to do that is not depend on names and instead use tactics to search for what you mean.
[Mon Jun 16 10:11:55 2014] <schoppenhauer> ok
[Mon Jun 16 10:15:03 2014] <schoppenhauer> may I quote you in my paper? ^^
[Mon Jun 16 10:15:17 2014] <schoppenhauer> I think this is a nice quote.
[Mon Jun 16 10:16:26 2014] <ianjneu> I just forked your gist with a much smaller proof of the first lemma.
[Mon Jun 16 10:16:50 2014] <ianjneu> I only introduce names that I actually need.
[Mon Jun 16 10:18:18 2014] <schoppenhauer> ++
[Mon Jun 16 10:18:57 2014] <ianjneu> ?
[Mon Jun 16 10:19:09 2014] <schoppenhauer> i consider this positive.
[Mon Jun 16 10:20:46 2014] <ianjneu> I should have made the third ? in the intros "total", but it's safe to assume all future versions of Coq will introduce named hypotheses as the actual names, unless those names are already taken.
[Mon Jun 16 10:21:08 2014] <schoppenhauer> ianjneu: do you have a link?
[Mon Jun 16 10:21:40 2014] <schoppenhauer> to your fork?
[Mon Jun 16 10:22:46 2014] <ianjneu> I just made a pull request.
[Mon Jun 16 10:22:54 2014] <ianjneu> You should be able to see it.
[Mon Jun 16 10:25:02 2014] <schoppenhauer> thx
[Mon Jun 16 11:27:08 2014] <robbert> schoppenhauer/ianjneu: the tricks I use for names are 1.) For inversion, I often use the "small inversions" technique by Monin. That way, it is easier to control the generated names than using the ordinary inversion tactic
[Mon Jun 16 11:28:11 2014] <robbert> 2.) I tend to use automation in order to avoid having to refer to automatically named hypotheses 3.) If often apply induction principles by hand so that you can intro all the names on a per case basis
[Mon Jun 16 11:41:12 2014] <schoppenhauer> hm. ok.
[Mon Jun 16 11:41:21 2014] <schoppenhauer> robbert: I do not understand 3.
[Mon Jun 16 11:42:34 2014] <schoppenhauer> robbert: but in general, you are saying the same thing as ianjneu: use automation?
[Mon Jun 16 12:01:00 2014] <robbert> schoppenhauer: yes, indeed, especially for CS proofs, more automation is generally nicer
[Mon Jun 16 12:01:11 2014] <robbert> for math proofs, not so
[Mon Jun 16 12:01:55 2014] <schoppenhauer> hm. how can I name the induction hypothesis of an induction?
[Mon Jun 16 12:01:55 2014] <robbert> About 3.) instead of saying induction foo as [x y z|x y q], say refine (foo _ _ _) (or use the elim tactic if you want to use the standard induction scheme)
[Mon Jun 16 12:02:05 2014] <robbert> that way, the names do not all appear at the top
[Mon Jun 16 12:02:10 2014] <robbert> but at the right place in the proof
[Mon Jun 16 12:04:02 2014] <schoppenhauer> hm.
[Mon Jun 16 12:04:07 2014] <schoppenhauer> so refinement of a fixpoint.
[Mon Jun 16 12:04:09 2014] <schoppenhauer> I did that often
[Mon Jun 16 12:04:15 2014] <schoppenhauer> when the induction was complicated
[Mon Jun 16 12:05:45 2014] <robbert> Oops, that should be refine (foo_ind _ _ _)
[Mon Jun 16 12:05:50 2014] <robbert> So, refinement of the induction scheme
[Mon Jun 16 12:34:49 2014] <schoppenhauer> hm. how can I import a module "Unqualified", that is, without having to type its name before every function it contains.
[Mon Jun 16 12:34:58 2014] <alkabetz> Require Import module_name.
[Mon Jun 16 12:35:13 2014] <alkabetz> Or, if you’ve already [Require]d it, just [Import module_name.].
[Mon Jun 16 12:35:15 2014] <schoppenhauer> alkabetz: doesn't work
[Mon Jun 16 12:35:19 2014] <schoppenhauer> doesn't work.
[Mon Jun 16 12:35:29 2014] <schoppenhauer> do I have to do something inside the module?
[Mon Jun 16 12:35:36 2014] <schoppenhauer> like exporting symbols or something?
[Mon Jun 16 12:35:47 2014] <alkabetz> No, all symbols are exported by default.
[Mon Jun 16 12:35:53 2014] <alkabetz> Can you paste an example?
[Mon Jun 16 12:36:31 2014] <schoppenhauer> no.
[Mon Jun 16 12:36:36 2014] <schoppenhauer> the code is too long
[Mon Jun 16 12:36:40 2014] <schoppenhauer> that is why I want to split it.
[Mon Jun 16 12:37:15 2014] <schoppenhauer> I am just using "Module my_module. ...code... End my_module." then coqc-ing it, and then in the main file Require Import my_module.
[Mon Jun 16 12:37:27 2014] <schoppenhauer> it works, and accessing all symbols using my_module.symbol also works.
[Mon Jun 16 12:37:30 2014] <alkabetz> Oh, you don’t want to put a [Module] declaration at the top level.
[Mon Jun 16 12:37:40 2014] <schoppenhauer> I dont?
[Mon Jun 16 12:37:43 2014] <alkabetz> As in OCaml, every file is automatically a new module.
[Mon Jun 16 12:37:52 2014] <alkabetz> You don’t need an explicit module declaration like you do in Haskell.
[Mon Jun 16 12:38:49 2014] <schoppenhauer> ok
[Mon Jun 16 12:38:52 2014] <schoppenhauer> that was the problem
[Mon Jun 16 12:38:54 2014] <schoppenhauer> thx
[Mon Jun 16 12:39:00 2014] <alkabetz> You’re welcome.
[Mon Jun 16 13:29:09 2014] <johnw> given that I know the definition of fmap, id and "fmap id" for some types X and F X, can I prove fmap id = id?  fmap id x = id x isn't a problem, but I can get it to unify the two lambdas which fmap id and id unfold to
[Mon Jun 16 13:30:08 2014] <johnw> s/can/cannot
[Mon Jun 16 13:30:10 2014] <pyon> johnw: for that you need function extensionality
[Mon Jun 16 13:30:21 2014] <pyon> johnw: which afaik isn't readily available in coq
[Mon Jun 16 13:30:30 2014] <pyon> (i had a similar issue not too long ago, still a coq newbie myself)
[Mon Jun 16 13:30:42 2014] <johnw> for example, one thing I'm tripping up on is proving that fmap (fmap id) x = id x
[Mon Jun 16 13:31:28 2014] <johnw> where I know "which" fmap to use in the outermost fmap, but I only know that I have some Functor for the inner one
[Mon Jun 16 13:31:41 2014] <johnw> so I need a general way to say "if it's really a Functor, then fmap id can be collapsed down to id"
[Mon Jun 16 13:32:52 2014] <johnw> in particular I'm trying to prove the first functor law for EitherT e m a, which is effectively Functor (Monad (Functor A)), where I know the inner and outer functor definitions, but I don't know which Monad the user will choose
[Mon Jun 16 13:33:44 2014] <shergill> i thought coq 8.4 could do eta equivalence?
[Mon Jun 16 13:33:55 2014] <shergill> at least for dependent product types
[Mon Jun 16 13:34:01 2014] <johnw> how do I use it?
[Mon Jun 16 13:34:23 2014] <johnw> my code is here: https://github.com/jwiegley/simple-conduit/blob/master/coq/Either.v
[Mon Jun 16 13:34:36 2014] <johnw> i'm stuck on line 124
[Mon Jun 16 13:34:47 2014] <tbelarie> I'm trying to debug a vim plugin for Coq.  There's some strangeness in the xml responses that I'm getting
[Mon Jun 16 13:34:54 2014] <tbelarie> is there documentation on the ideslave stuff?
[Mon Jun 16 13:35:25 2014] <shergill> johnw: no clue, not having tried it myself =/ try your hand at googling?
[Mon Jun 16 13:35:33 2014] <johnw> yes, intensive googling so far :)
[Mon Jun 16 13:35:43 2014] <johnw> now I'm down to reading manuals and papers to see if I can glean some insight
[Mon Jun 16 13:35:50 2014] <tbelarie> Technically, I'm working with the HoTT coq, butt he ideslave module hasn't been changed in the fork
[Mon Jun 16 14:36:47 2014] <Ptival> tbelarie: no, no documentation
[Mon Jun 16 14:40:27 2014] <tbelarie> Would you like documentation that I write up as I try and get this working?
[Mon Jun 16 14:41:03 2014] <tbelarie> It'd be rough, and possibly incorrect, as I will be only looking at the parts that I need
[Mon Jun 16 14:41:42 2014] <Ptival> I don't need it personally but it'd be good
[Mon Jun 16 14:41:46 2014] <Ptival> https://github.com/coq/coq/blob/trunk/lib/serialize.ml this is what I look at
[Mon Jun 16 14:42:31 2014] <Ptival> ezyang: did you attempt to write up about it at some point?
[Mon Jun 16 14:57:18 2014] <tbelaire> Oh, cool I do see
[Mon Jun 16 14:57:18 2014] <tbelaire> http://blog.ezyang.com/2012/05/what-happens-when-you-mix-three-research-programming-languages-together/
[Mon Jun 16 14:57:37 2014] <tbelaire> From ezyang, I'm checking out his patches and looking about
[Mon Jun 16 14:57:45 2014] <tbelaire> That's at least a lead, thanks
[Mon Jun 16 15:24:06 2014] <ezyang> tbelaire: I'm a bit rusty, but yes, that code should be helpful
[Mon Jun 16 15:50:32 2014] <tbelaire> What I'm seeing right now though, is I'm sending the command Check 4.
[Mon Jun 16 15:50:35 2014] <tbelaire> it replies
[Mon Jun 16 15:50:39 2014] <tbelaire> I send Check 4.
[Mon Jun 16 15:50:51 2014] <tbelaire> it replies with <string />
[Mon Jun 16 15:50:58 2014] <tbelaire> I send Check 4.
[Mon Jun 16 15:51:05 2014] <tbelaire> vim locks up
[Mon Jun 16 15:52:00 2014] <tbelaire> Most confusingly, when I change pr_debug_answer
[Mon Jun 16 15:52:07 2014] <tbelaire> to also include the xml string
[Mon Jun 16 15:52:23 2014] <tbelaire> (from Serialize.of_answer)
[Mon Jun 16 15:52:33 2014] <tbelaire> it's different from what I get on the vim side
[Mon Jun 16 15:54:43 2014] <tbelaire> is Xml_utils.print_xml different Xml_utils.to_string followed by a print?
[Mon Jun 16 17:33:57 2014] <Anarchos> ah ah : coq$ make install -> argument is too big
[Tue Jun 17 08:18:51 2014] <schoppenhauer> when using firstorder and recursion, firstorder sometimes calls the recursive function without decreasing the argument. can I prevent firstorder from using certain assumptions?
[Tue Jun 17 10:24:43 2014] <roosbeef> whats the tactic that does nothing?
[Tue Jun 17 10:25:50 2014] <ianjneu> idtac
[Tue Jun 17 10:29:47 2014] <roosbeef> thanks :)
[Tue Jun 17 11:41:54 2014] <alkabetz> Is there an [OrderedType] module for [nat]?  Or do I need to switch to [BinNat]?
[Tue Jun 17 22:19:18 2014] <johnw> if I see something like "(let (fmap, _, _) := Either_Functor X in fmap) X0 Y f (Left E X0 e)", how do I substitute for the definition of fmap, when Either_Functor is my base instance?
[Tue Jun 17 22:27:43 2014] <ddere> can do it with an unfold
[Tue Jun 17 22:28:22 2014] <ddere> johnw: https://github.com/domdere/haskell-coq/blob/master/src/types/Maybe.v#L126
[Tue Jun 17 22:30:19 2014] <johnw> what do I unfold exactly?
[Tue Jun 17 22:30:24 2014] <johnw> unfolding fmap is what gets me to what I pasted
[Tue Jun 17 22:31:02 2014] <johnw> for example, I have is_functor := Either_Functor X
[Tue Jun 17 22:31:11 2014] <johnw> but when I "unfold is_functor", nothing happens
[Tue Jun 17 22:36:26 2014] <ddere> in that example i am unfolding maybe_functor which is defined here: https://github.com/domdere/haskell-coq/blob/master/src/types/Maybe.v#L29
[Tue Jun 17 22:37:13 2014] <ddere> so you have to find the specific instance that applies
[Tue Jun 17 22:55:43 2014] <johnw> how do I specify types, as in unfold (Either_Functor X).?
[Tue Jun 17 22:56:15 2014] <johnw> also, locally I have 'is_functor := Either_Functor X'
[Tue Jun 17 22:56:18 2014] <johnw> as I mentioned before
[Tue Jun 17 23:02:52 2014] <johnw> ddere: https://gist.github.com/ba5e829644b14d53f4c3
[Tue Jun 17 23:03:54 2014] <johnw> oh, duh
[Tue Jun 17 23:03:58 2014] <johnw> I used Qed instead of Defined
[Tue Jun 17 23:04:12 2014] <johnw> yep, that was it
[Tue Jun 17 23:04:13 2014] <johnw> thanks ddeere
[Tue Jun 17 23:04:37 2014] <ddere> np :)
[Tue Jun 17 23:17:59 2014] <johnw> what tactic would I use to go from (fun x0 : X0 => f (g x0)) back to (f . g)?
[Tue Jun 17 23:30:04 2014] <johnw> woohoo, did it!
[Tue Jun 17 23:31:10 2014] <mankyKitty> johnw: grats !
[Tue Jun 17 23:31:21 2014] <johnw> thanks, that took many many hours
[Tue Jun 17 23:36:52 2014] <tswett> Would that just be "replace (fun x0 : X0 => f (g x0)) with (f . g)" or something?
[Tue Jun 17 23:37:01 2014] <tswett> Given that that's the definition of f . g?
[Tue Jun 17 23:38:16 2014] <johnw> i ended up just rewriting using a lemma from the typeclass, fun_composition
[Tue Jun 17 23:38:47 2014] <johnw> proving app_identity is proving very tricky too
[Tue Jun 17 23:39:12 2014] <cottons> i have a dependent type matching question
[Tue Jun 17 23:39:53 2014] <cottons> standard example: dependently typed fixed length vectors
[Tue Jun 17 23:40:03 2014] <cottons> I want to write a zip function
[Tue Jun 17 23:40:39 2014] <cottons> zip {A} {B} {n} (v1:vector A n) (v2:vector B n): vector (A*B) n := ...
[Tue Jun 17 23:41:14 2014] <cottons> i match on the first list, then the second list,
[Tue Jun 17 23:41:55 2014] <cottons> but the lengths of the two sub-vectors are given distinct length so the type checking fails in the recursive call.
[Tue Jun 17 23:44:09 2014] <cottons> hmm, here's my code, maybe that's clearer: http://pastebin.com/9T1ZtfaS
[Tue Jun 17 23:44:37 2014] <cottons> the typechecker fails with v1' and v2' having different types n0 and n1.
[Tue Jun 17 23:44:43 2014] <cottons> anyone know how to tell coq that n0 = n1?
[Wed Jun 18 00:34:16 2014] <johnw> maybe have your vnil and vcons constructors take the nat?
[Wed Jun 18 00:34:41 2014] <johnw> ah, n/m
[Wed Jun 18 00:34:48 2014] <johnw> I'm confused here: Inductive vector (A:Type): nat -> Type
[Wed Jun 18 00:34:56 2014] <johnw> why is that nat -> Type?
[Wed Jun 18 00:38:19 2014] <ddere> i'm a bit confused about why A*B is used
[Wed Jun 18 00:39:03 2014] <ddere> oh nvm
[Wed Jun 18 00:40:05 2014] <ddere> and also why => tt?
[Wed Jun 18 08:50:00 2014] <roosbeef> hi
[Wed Jun 18 08:50:46 2014] <roosbeef> ive got this definition and hypothesis: https://privatepaste.com/9172784a17
[Wed Jun 18 08:51:19 2014] <roosbeef> when i do 'destruct H3', coq discards the value of fs1 and fs2
[Wed Jun 18 08:51:29 2014] <roosbeef> eg. H3 : fs_lt fs2 fs1
[Wed Jun 18 08:51:57 2014] <roosbeef> how can i destruct H3 so that it becomes H3 : fs_lt (vt_head (VTerm.Fun f0 l0)) (vt_head (VTerm.Fun f l))
[Wed Jun 18 08:51:58 2014] <roosbeef> ?
[Wed Jun 18 08:53:41 2014] <roosbeef> oh nevermind, just use inversion i guess :p
[Wed Jun 18 12:25:58 2014] <Cypi> Let's say I have a type A and a predicate P : A -> Prop. How can I say : "Define t : A such that (P t)", followed by a proof that builds t?
[Wed Jun 18 12:33:07 2014] <alkabetz> I can do something like http://lpaste.net/105807, but I’m curious if there’s a better way.
[Wed Jun 18 12:43:08 2014] <Cypi> Somebody else just told me that, it seems to be the right way to do it.
[Wed Jun 18 12:44:24 2014] <Cypi> However... I'd like to be able to really print the term, how can I do that? :/
[Wed Jun 18 12:45:00 2014] <Cypi> (proj1_sig t) is the term I want to print, but Coq doesn't seem to go farther than "let (a, _) := p in a" when I ask to print it.
[Wed Jun 18 12:51:25 2014] <johnw> p is not transparent
[Wed Jun 18 12:51:31 2014] <johnw> what is p in this context?
[Wed Jun 18 12:51:39 2014] <Cypi> Sorry, 'p' is 't'
[Wed Jun 18 12:51:43 2014] <Cypi> (different notations)
[Wed Jun 18 12:51:50 2014] <johnw> what is its type?
[Wed Jun 18 12:52:28 2014] <Cypi> http://lpaste.net/105807 >> its type would be { x : A | P x} in the general case
[Wed Jun 18 12:52:42 2014] <Cypi> I could be more precise for my use-case, but I don't know if it would be relevant?
[Wed Jun 18 12:53:16 2014] <johnw> so, proj1_sig throws away the second argument, so it's definition is just that 'let' you pasted
[Wed Jun 18 12:53:40 2014] <johnw> (more specifically, the second value from the product)
[Wed Jun 18 12:53:47 2014] <alkabetz> You can do [Eval compute in proj1_sig t].
[Wed Jun 18 12:53:55 2014] <johnw> it's the same as fst or π₁
[Wed Jun 18 12:53:56 2014] <Cypi> That's what I tried
[Wed Jun 18 12:54:04 2014] <Cypi> it still doesn't try to replace p by its value
[Wed Jun 18 12:54:23 2014] <alkabetz> Oh, really?  I get <<= 8 : nat>> when I do that.
[Wed Jun 18 12:54:43 2014] <Cypi> Hmm, I tried with my code. Wait, I can paste it, it's short.
[Wed Jun 18 12:55:32 2014] <Cypi> http://lpaste.net/105808
[Wed Jun 18 12:55:42 2014] <Cypi> The goal was just to find automatically some combinator
[Wed Jun 18 12:55:56 2014] <Cypi> So only the last lines are important
[Wed Jun 18 12:56:07 2014] <johnw> change line 36 from Qed to Defined
[Wed Jun 18 12:56:10 2014] <Cypi> Oh
[Wed Jun 18 12:56:27 2014] <Cypi> I see, thanks a lot!
[Wed Jun 18 12:56:41 2014] <alkabetz> [Qed] produces an opaque term, while [Defined] produces a transparent one.
[Wed Jun 18 12:56:44 2014] <alkabetz> Glad we could help!
[Wed Jun 18 12:57:10 2014] <johnw> it feels so bizarre to be answering these questions instead of asking them :)
[Wed Jun 18 12:57:24 2014] <johnw> I guess at least that's one sign of progress
[Wed Jun 18 12:57:29 2014] <alkabetz> Hooray for learning!
[Wed Jun 18 12:57:34 2014] <Cypi> :D
[Wed Jun 18 12:58:41 2014] <johnw> I'm in a Coq class right now, being overwhelmed by tactics
[Wed Jun 18 12:59:52 2014] <ianjneu> johnw: always go for the flank.
[Wed Jun 18 13:00:07 2014] <johnw> I propose we add strategies to Coq
[Wed Jun 18 13:00:25 2014] <johnw> good strategies beat tactics all the time
[Wed Jun 18 13:01:46 2014] <ianjneu> strategies are tactic databases, no?
[Wed Jun 18 13:03:36 2014] <johnw> hmm... I would say that in chess at least, a tactic takes advantage of a weakness, while a strategy is a scheme to create opportunities for exploiting weakness
[Wed Jun 18 13:04:07 2014] <ianjneu> so an autorewrite database.
[Wed Jun 18 13:04:19 2014] <ianjneu> or the boyer-moore tactic :P
[Wed Jun 18 13:04:21 2014] <alkabetz> I just discovered autorewrite yesterday.  I was so excited.
[Wed Jun 18 13:04:51 2014] <ijp> maybe you should get some sunlight and human contact once in a while
[Wed Jun 18 13:05:06 2014] <alkabetz> Ha!
[Wed Jun 18 15:40:38 2014] <shouya> hi folks,
[Wed Jun 18 15:41:06 2014] <shouya> i stuck on an exercise provided by software foundations.
[Wed Jun 18 15:42:35 2014] <shouya> it's about using double induction to prove theorem.
[Wed Jun 18 15:42:48 2014] <shouya> i just stuck in the final step.
[Wed Jun 18 15:42:52 2014] <shouya> check it here: http://lpaste.net/105814
[Wed Jun 18 15:42:57 2014] <shouya> thank you :)
[Wed Jun 18 15:47:44 2014] <ianjneu> shouya: the proof is simply induction m; induction n; auto.
[Wed Jun 18 15:48:00 2014] <shouya> but... what does 'auto' do.
[Wed Jun 18 15:48:10 2014] <shouya> i haven't learned that yet.
[Wed Jun 18 15:49:32 2014] <shouya> ianjneu: hm... since i am still studying, i tend to do it manually before i knew how it works :p
[Wed Jun 18 15:49:46 2014] <ianjneu> it will try applying hypotheses recursively. It also does stuff with hints, but you're not there yet.
[Wed Jun 18 15:50:20 2014] <ianjneu> Here's another way that is more transparent: induction m; induction n; repeat match goal with [H : _ |- _] => apply H end; assumption.
[Wed Jun 18 15:50:54 2014] <ianjneu> actually, ; assumption is unneeded because applying a non-product hypothesis is the same as saying exact of that hypothesis.
[Wed Jun 18 15:51:33 2014] <shouya> ianjneu: hmm.. but so far i haven't learned those tactics yet...
[Wed Jun 18 15:51:38 2014] <ianjneu> repeat is unnecessary, even. You can just use do 2, since that's the depth of search you need.
[Wed Jun 18 15:52:24 2014] <shouya> sorry but i haven't learned 'match' neither :p
[Wed Jun 18 15:52:42 2014] <shouya> i thought there may be other ways..
[Wed Jun 18 15:52:50 2014] <Cypi> shouya : the problem with your proof is that you're doing an induction on 'm' when 'n' is already instantiated
[Wed Jun 18 15:52:54 2014] <shouya> as an exercise on tutorial.
[Wed Jun 18 15:52:58 2014] <Cypi> so the hypothesis that you get is not general enough
[Wed Jun 18 15:53:12 2014] <shouya> Cypi: hmm..
[Wed Jun 18 15:53:34 2014] <Cypi> So, two choices : don't instantiate m et n before doing the induction ; or use "genralize dependent n.", which will put pack a "forall n," at the beginning of the goal and make it general enough.
[Wed Jun 18 15:53:46 2014] <Cypi> generalize dependent n. sorry
[Wed Jun 18 15:53:49 2014] <shouya> Cypi: the last 'induction m' is nothing necesary.
[Wed Jun 18 15:53:49 2014] <ianjneu> shouya: indeed, don't use intros; but instead do 6 intro; induction m; intro n; induction n; if you want to be more explicit.
[Wed Jun 18 15:54:02 2014] <Cypi> I meant, at the beginning
[Wed Jun 18 15:54:24 2014] <shouya> Cypi: perhaps?
[Wed Jun 18 15:54:44 2014] <shouya> Cypi: i'd try it, bbl.
[Wed Jun 18 15:55:29 2014] <Cypi> "intros. induction m." : here, you have already lost, you won't be able to prove the second goal.
[Wed Jun 18 15:57:45 2014] <shouya> Cypi: yep it works. http://lpaste.net/105814
[Wed Jun 18 15:58:12 2014] <shouya> how do i understand 'generalize dependent' and when should i use it?
[Wed Jun 18 15:58:31 2014] <shouya> i mean, i know what it means. but i don't get the intuition...
[Wed Jun 18 15:59:01 2014] <ianjneu> when you need an induction to include quantification over that thing.
[Wed Jun 18 15:59:27 2014] <Cypi> http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic57 to know what happens exactly (the reference manual is very useful imo)
[Wed Jun 18 15:59:49 2014] <shouya> Cypi: i'm just following that guide lol
[Wed Jun 18 16:00:23 2014] <shouya> Cypi: i don't see much intuition about when to use it...
[Wed Jun 18 16:01:19 2014] <Cypi> Well, what ianjneu said. That is, when you need to make a goal more general.
[Wed Jun 18 16:02:15 2014] <Cypi> In your example, without generalizing a little bit the goal, the induction hypothesis that you get only concernes one particular n, which is not enough to prove what you want. By generalizing n, you have an induction hypothesis that concerns every n.
[Wed Jun 18 16:02:41 2014] <shouya> Cypi: ianjneu: hmm...
[Wed Jun 18 16:03:12 2014] <shouya> Cypi: ianjneu: very clear explanation.. i thought, i believe i got the point. thanks :)
[Wed Jun 18 16:03:48 2014] <shouya> i'd try to read more examples and do more exercises about that :)
[Wed Jun 18 16:06:31 2014] <shouya> So, the difference between 'generalize' and 'generalize dependent' is that the latter one remove the 'particular x' from the assumptions. am i understanding correctly?
[Wed Jun 18 16:09:23 2014] <Cypi> It also generalizes the hypotheses that depend on x
[Wed Jun 18 16:09:31 2014] <Cypi> So, if you "generalize dependent n."
[Wed Jun 18 16:09:45 2014] <Cypi> and in your context, you have "H : Q n" where Q : nat -> Prop is some predicate
[Wed Jun 18 16:10:16 2014] <Cypi> It will remove n and H from your context, and put "forall n, Q n -> " at the beginning of the goal
[Wed Jun 18 16:16:26 2014] <shouya> Cypi: ryu gai desu!
[Wed Jun 18 16:17:47 2014] <Cypi> What?
[Wed Jun 18 16:18:10 2014] <shouya> ryo kai desu == 'i understood' in japanese :)
[Wed Jun 18 16:18:30 2014] <Cypi> ok :D
[Wed Jun 18 16:19:09 2014] <alkabetz> In a typing rule, when do I need inference in my hypothesis?  It seems like checking should be sufficient in all cases …
[Wed Jun 18 16:22:08 2014] <alkabetz> Oh, I think I need inference whenever the term won’t have a type associated with it in Γ by the time I try to typecheck it.
[Wed Jun 18 16:58:36 2014] <Ptival> alkabetz: it depends a lot on what you're trying to type
[Wed Jun 18 16:59:19 2014] <alkabetz> Oh, wait, lolz, wrong channel
[Wed Jun 18 16:59:30 2014] <alkabetz> No wonder nobody responded quickly :)
[Wed Jun 18 16:59:37 2014] <alkabetz> Anyway, I got the help I needed offline.
[Wed Jun 18 16:59:46 2014] <Ptival> oplss? :)
[Wed Jun 18 16:59:54 2014] <alkabetz> Yep :)
[Wed Jun 18 19:38:46 2014] <johnw> Does anyone know how to rewrite (fun xv : Either E X => match xv with | Left e => f (Left E X e) | Right x' => f (Right E X x') end) as f?
[Wed Jun 18 19:39:03 2014] <johnw> as a separate Theorem I can prove it trivially, but I can't seem to rewrite it in my goal
[Wed Jun 18 19:39:26 2014] <johnw> in fact, when I try to apply my Theorem, it says it can't find any subterm matching the lambda
[Wed Jun 18 22:44:52 2014] <wagle> how do you uninstall coq 8.4pl2 from a mac?
[Wed Jun 18 22:46:54 2014] <yogurt_truck> wagle: drag it to the trash bin?
[Wed Jun 18 22:47:23 2014] <wagle> its smeared all over /usr/local
[Wed Jun 18 22:47:25 2014] <yogurt_truck> wagle: btw are you on mavericks? I was unable to get coqide working on it last time I tried
[Wed Jun 18 22:47:42 2014] <yogurt_truck> ahh
[Wed Jun 18 22:47:48 2014] <wagle> on mavericks, havent gotten that far yet
[Wed Jun 18 22:48:54 2014] <wagle> trying to install coq8.4pl4 via homebrew, doesnt work due to the old coq being there
[Wed Jun 18 22:49:16 2014] <mankyKitty> brew remove coq ?
[Wed Jun 18 22:49:33 2014] <mankyKitty> also a 'brew cleanup' might help if things have become a bit messy
[Wed Jun 18 22:49:38 2014] <wagle> the old one isnt brew
[Wed Jun 18 22:49:42 2014] <yogurt_truck> if you're not managing the old one with brew or anything, you might have to manually remove things
[Wed Jun 18 22:49:47 2014] <mankyKitty> yar
[Wed Jun 18 22:50:24 2014] <wagle> prolly have to rebuild /usr/local
[Wed Jun 18 22:50:28 2014] <yogurt_truck> run a `find /usr/ -iname "coq*"` and get to tedious work I guess :/
[Wed Jun 18 22:50:55 2014] <wagle> not everything has "coq" in its name
[Wed Jun 18 22:52:31 2014] <yogurt_truck> bummer
[Wed Jun 18 22:57:08 2014] <wagle> lsbom /private/var/db/receipts/fr.inria.coq.bom
[Wed Jun 18 22:57:51 2014] <wagle> this assumes it installed everything normally, and not by scripts
[Wed Jun 18 22:58:02 2014] <wagle> homebrew was happy
[Wed Jun 18 22:58:15 2014] <wagle> meh
[Wed Jun 18 23:14:22 2014] <wagle> awww he quit
[Wed Jun 18 23:15:17 2014] <wagle> coqide-8.4pl4-ssreflect-1.5.dmg  worked, but CoqIdE_8.4pl4.app.tar.bz2 froze on launch
[Fri Jun 20 01:36:12 2014] <alkabetz> Why won’t [Hint Extern] cause [plus] to get unfolded in http://lpaste.net/105855 ?
[Fri Jun 20 01:36:59 2014] <alkabetz> Oh, wait, does auto not pay attention to [Hint Extern]?
[Fri Jun 20 01:47:24 2014] <gdsfh1> alkabetz: auto uses Hint Extern, but only when it helps to solve goal.  Here the goal is not solved with your hint and with other automation stuff.
[Fri Jun 20 01:48:26 2014] <gdsfh1> alkabetz: so, what do you see if you manually "unfold plus. auto."?
[Fri Jun 20 01:49:18 2014] <alkabetz> Then it works, as does 'autounfold'.
[Fri Jun 20 01:50:23 2014] <gdsfh1> after "unfold plus. auto." the goal is not _solved_.  (in my Coq version at least.)  So Coq decided that your hint is not useful to solve goal, so it is not applied with auto.
[Fri Jun 20 01:51:11 2014] <alkabetz> Ah, I see.  Hang on …
[Fri Jun 20 01:52:23 2014] <alkabetz> Okay.  I have to go to sleep, but I’ll revisit this later.  Thanks for your help.
[Fri Jun 20 13:11:14 2014] <alkabetz> I’m having some difficulty with closed notations.  Why does http://lpaste.net/105880 error out?
[Fri Jun 20 13:20:52 2014] <alkabetz> Any Coq wizards have any idea why http://lpaste.net/105880 fails?
[Fri Jun 20 13:21:04 2014] <alkabetz> Oh, whoops, wrong channel.  Sorry for the double post.
[Fri Jun 20 13:29:12 2014] <alkabetz> Oh, never mind anyway, I got it to work with [x at level 0]
[Fri Jun 20 15:16:59 2014] <shouya> excuse me, a little question.
[Fri Jun 20 15:17:28 2014] <shouya> i have this in the hypothesis: H: (l1', l2') = (l1, l2) -> combine l1 l2 = l
[Fri Jun 20 15:17:45 2014] <shouya> and my goal is: combine l1' l2' = l
[Fri Jun 20 15:17:56 2014] <shouya> so what can i do to prove it?
[Fri Jun 20 15:19:18 2014] <shouya> my basic idea is some like: 'intro in H.
[Fri Jun 20 15:19:20 2014] <shouya> '
[Fri Jun 20 15:23:26 2014] <shouya> okay, solved. i used 'rewrite.
[Fri Jun 20 18:48:03 2014] <johnw> say I have some 'u : F A', where I know that eta (an embedding function) exists for F.  How can I posit exists (x : A), u = eta x in my proof, so that I can work in the domain of A and then later switch back to F A?
[Fri Jun 20 18:52:24 2014] <johnw> hmm.. this isn't generally true, ok
[Sat Jun 21 22:31:17 2014] <minopret> Is someone here? I would like to know where to ask my Gallina question.  http://coq.inria.fr produces 502 proxy error
[Sat Jun 21 22:31:28 2014] <alkabetz> I’m here.
[Sat Jun 21 22:31:52 2014] <alkabetz> Looks like the Coq site is down again :/
[Sat Jun 21 22:32:00 2014] <alkabetz> This seems to happen every couple weeks.
[Sat Jun 21 22:32:50 2014] <minopret> I have18 lines of Gallina code with a blank I'm not sure how to fill.
[Sat Jun 21 22:33:19 2014] <alkabetz> You should put it on lpaste.net
[Sat Jun 21 22:33:25 2014] <minopret> Well, 19 lines really, it needs "Require Import BinPos."
[Sat Jun 21 22:33:25 2014] <minopret> ok
[Sat Jun 21 22:41:47 2014] <minopret> http://lpaste.net/106022
[Sat Jun 21 22:42:57 2014] <minopret> Hope that's either easy or interesting. Possibly it's only barking up the wrong tree though
[Sat Jun 21 22:43:01 2014] <alkabetz> * looks
[Sat Jun 21 22:50:45 2014] <minopret> I found the github README so I'll make a  request to coq-club-request@inria.fr
[Sat Jun 21 22:58:02 2014] <minopret> If I lose connection or leave the channel, I would welcome comments about http://lpaste.net/106022 at my email address mentioned there
[Mon Jun 23 06:57:59 2014] <schoppenhauer> hello. is it possible to replace a function f with a function g, if forall x, fx = gx, somehow?
[Mon Jun 23 06:58:23 2014] <schoppenhauer> the equality is not intensional.
[Mon Jun 23 09:04:43 2014] <ianjneu> schoppenhauer: that is called functional extensionality. Currently it has to be taken as an axiom.
[Mon Jun 23 09:05:26 2014] <schoppenhauer> afaik the axiom is not consistent with some hott-stuff or so.
[Mon Jun 23 09:06:03 2014] <schoppenhauer> anyway, I am trying to solve the problem differently now.
[Mon Jun 23 09:10:10 2014] <Saizan> if = is proprositional equality then what you are asking for is actually implied by univalence, so quite consistent with hott
[Mon Jun 23 09:10:24 2014] <Saizan> otherwise it depends
[Mon Jun 23 09:11:26 2014] <Saizan> btw, does Coq have some way to let me use a value of a record type where i actually mean some specific projection of it?
[Mon Jun 23 09:11:47 2014] <Saizan> e.g. so that i don't have to use the second projection for some sigma types explicitly
[Mon Jun 23 14:17:31 2014] <athan> Could someone explain the fundamental differences between haskell's and coq's type systems to me? I've learned a little about dependent type systems, and I know a fair amount of haskell. Could anyone help me understand what else coq provides? I understand it models the calculus of inductive constructions (i think), but I haven't studied type theory for long at all. What practical applications does that bring?
[Mon Jun 23 14:22:43 2014] <johnw> athan: Have you looked at the Software Foundations course?
[Mon Jun 23 14:23:33 2014] <athan> johnw: No! Thank you!!
[Mon Jun 23 14:24:00 2014] <johnw> I think that will help, and then you can come back and ask again, because that's a fairly deep question :)
[Tue Jun 24 12:41:04 2014] <alkabetz> What’s the difference between [match goal with _ |- _ => …] and [match goal with [_ |- _] => …]?  When do I need brackets around the context rule?
[Wed Jun 25 15:46:27 2014] <the-manless-man> Hi! I have a structure with Set and Prop fields. Is there any direct/idiomatic way of reducing equality of record instances to the equality of each of its Set fields? (i.e. assuming proof irrelevance)
[Wed Jun 25 18:29:49 2014] <Ptival> has anyone ever used "Show Tree."?
[Wed Jun 25 18:30:01 2014] <Ptival> it doesn't seem to do anything under proofgeneral or coqide :\
[Thu Jun 26 04:02:19 2014] <amosr> I don’t really understand when coq will, or will not let you induct over something
[Thu Jun 26 04:03:05 2014] <amosr> like, if I want to induct over “Vs” but Vs is mentioned inside this definition of Min, I need to unfold Min before performing induction
[Thu Jun 26 04:03:35 2014] <amosr> but Vs is also mentioned in this thing Clustering_Full, and I don’t have to unfold clustering_full. it can be very confusing
[Thu Jun 26 04:04:10 2014] <amosr> sorry– when I say I need to unfold Min, I mean coq gives me an error if I don’t
[Thu Jun 26 09:49:39 2014] <schoppenhauer> hello. I have proved {x | ...}. How can I compute and print x?
[Thu Jun 26 09:49:47 2014] <schoppenhauer> "Print x" does just give me the term.
[Thu Jun 26 10:59:45 2014] <Cypi> schoppenhauer : if [px : {x | ...}], you can use [Eval compute in (proj1_sig px).].
[Thu Jun 26 11:00:00 2014] <Cypi> The definition of [px] has to be transparent however
[Thu Jun 26 11:00:50 2014] <schoppenhauer> hm.
[Thu Jun 26 11:01:03 2014] <schoppenhauer> you mean everything must be "Defined." rather than "Qed.", Cypi ?
[Thu Jun 26 11:01:29 2014] <Cypi> I think so. I'm not that sure because I asked this very question here a few days ago :p
[Thu Jun 26 11:05:09 2014] <schoppenhauer> I'll just try.
[Thu Jun 26 15:58:32 2014] <schoppenhauer> hm ... my current implementation takes a *lot* of RAM and time ... probably because I tried to avoid using Prop and opaque definitions. Is it to be expected that the extracted program will be faster? Is there a way of doing dead-code-detection?
[Thu Jun 26 16:01:54 2014] <Rc43> Are intersection types connected to type classes?
[Thu Jun 26 16:46:59 2014] <alkabetz> schoppenhauer: Coq does not do dead-code detection during extraction (beyond not extracting proof terms).  Whatever language you’re extracting to may do dead-code detection, though.
[Thu Jun 26 16:53:28 2014] <schoppenhauer> alkabetz: does ocaml do that?
[Thu Jun 26 16:57:28 2014] <alkabetz> A cursory glance at the compiler source suggests it does, but I’m definitely not familiar with the OCaml compiler internals
[Thu Jun 26 16:58:45 2014] <schoppenhauer> Error: The 2nd argument of exist still occurs after extraction.
[Thu Jun 26 16:59:05 2014] <schoppenhauer> wut?
[Thu Jun 26 17:00:27 2014] <schoppenhauer> Please check the Extraction Implicit declarations.
[Thu Jun 26 17:00:30 2014] <schoppenhauer> what does that mean
[Thu Jun 26 17:00:51 2014] <alkabetz> Can you paste a minimal failing example?
[Thu Jun 26 17:01:26 2014] <schoppenhauer> no.
[Thu Jun 26 17:01:36 2014] <alkabetz> :(
[Thu Jun 26 17:01:37 2014] <schoppenhauer> it is a very complicated recursion.
[Thu Jun 26 17:01:42 2014] <schoppenhauer> and I have no clue ...
[Thu Jun 26 17:01:43 2014] <alkabetz> Ah.
[Thu Jun 26 17:01:45 2014] <schoppenhauer> where to start.
[Thu Jun 26 17:02:08 2014] <alkabetz> What do your [Extraction] commands look like?
[Thu Jun 26 17:02:24 2014] <schoppenhauer> Extraction Language Haskell.
[Thu Jun 26 17:02:25 2014] <schoppenhauer> Recursive Extraction fc1.
[Thu Jun 26 17:02:43 2014] <schoppenhauer> same for
[Thu Jun 26 17:02:45 2014] <schoppenhauer> Extraction "fc1.hs" fc1.
[Thu Jun 26 17:02:48 2014] <alkabetz> Okay.
[Thu Jun 26 17:04:10 2014] <alkabetz> Okay, so the second argument of [exist] is the proposition in the Σ type
[Thu Jun 26 17:04:32 2014] <alkabetz> Where are you passing [Prop]s around in your code?
[Thu Jun 26 17:05:55 2014] <schoppenhauer> hm. nowhere?
[Thu Jun 26 17:06:06 2014] <schoppenhauer> isn't there some way to find out the problematic part?
[Thu Jun 26 17:06:22 2014] <alkabetz> I mean, if that’s the only information the extractor gives you …
[Thu Jun 26 17:06:35 2014] <schoppenhauer> How can I check that?
[Thu Jun 26 17:07:21 2014] <alkabetz> What does Proof General / Coqide say when you run the [Recursive Extraction] command?
[Thu Jun 26 17:08:34 2014] <schoppenhauer> Toplevel input, characters 15-40:
[Thu Jun 26 17:08:37 2014] <schoppenhauer> Error: The 2nd argument of exist still occurs after extraction.
[Thu Jun 26 17:08:39 2014] <schoppenhauer> Please check the Extraction Implicit declarations.
[Thu Jun 26 17:09:03 2014] <alkabetz> Hmm, want to try coqc instead?  It might give you a better error.
[Thu Jun 26 17:09:40 2014] <schoppenhauer> ok
[Thu Jun 26 17:10:28 2014] <schoppenhauer> nope.
[Thu Jun 26 17:10:30 2014] <schoppenhauer> same error.
[Thu Jun 26 17:10:32 2014] <alkabetz> It sounds like you have a [Prop] getting passed around somewhere as an implicit argument, and Coq gets sad when it tries to extract because it expects all [Prop]s to be erasable … but yours isn’t?
[Thu Jun 26 17:10:38 2014] <alkabetz> Ew.
[Thu Jun 26 17:11:34 2014] <alkabetz> Have you looked at http://coq.inria.fr/distrib/current/refman/Reference-Manual025.html#sec710 at all?
[Thu Jun 26 17:11:43 2014] <alkabetz> I suspect this is how you fix it once you figure out where the problem is
[Thu Jun 26 17:11:48 2014] <alkabetz> Not that that’s terribly useful :/
[Thu Jun 26 17:12:28 2014] <schoppenhauer> can't I just tell coq to ... just extract everything?
[Thu Jun 26 17:12:42 2014] <alkabetz> You mean, including the [Prop]s?
[Thu Jun 26 17:13:44 2014] <schoppenhauer> yes
[Thu Jun 26 17:14:00 2014] <schoppenhauer> if I have a language with dead code detection, props are merely good for proof irrelevance
[Thu Jun 26 17:14:26 2014] <alkabetz> I don’t think you can do that, unfortunately.
[Thu Jun 26 17:14:57 2014] <alkabetz> At this point, I’d probably start binary-searching your codebase to try to isolate the function that causes extraction problems. :(
[Thu Jun 26 17:29:38 2014] <schoppenhauer> that is a *bit* too much work.
[Thu Jun 26 17:29:45 2014] <schoppenhauer> for ... 7000 loc
[Thu Jun 26 17:30:16 2014] <alkabetz> Aw, it’s only 13 bisections :)
[Thu Jun 26 17:30:35 2014] <alkabetz> You should consider asking on coq-club
[Thu Jun 26 17:31:11 2014] <schoppenhauer> is there any situation in which I can not just replace {... | ...} with {... & ...} ?
[Thu Jun 26 17:38:03 2014] <schoppenhauer> I just wonder ... why doesn't the typesystem guarantee that this cannot happen?
[Thu Jun 26 17:39:05 2014] <schoppenhauer> I'm asking for a list ... everything else is inside the term.
[Thu Jun 26 21:01:55 2014] <amosr> if I have a hypothesis “x = SomeConstructor” and a goal “x <> OtherConstructor”, is there an easy tactic to solve that?
[Thu Jun 26 21:02:22 2014] <amosr> I mean, I can just do “intros not. rewrite not in blah. inversion blah” but it seems like there should be a simpler way
[Thu Jun 26 21:06:58 2014] <Cypi> [congruence.] will solve this I believe
[Thu Jun 26 21:07:17 2014] <amosr> ahh. thank you
[Thu Jun 26 21:07:43 2014] <Cypi> (I don't know if it's an overkill or not, sorry)
[Thu Jun 26 22:49:26 2014] <amosr> weird thing happened earlier:
[Thu Jun 26 22:49:39 2014] <amosr> induction Vs (* error: hypothesis t depends on Vs! *)
[Thu Jun 26 22:49:48 2014] <amosr> clear t (* no hypothesis ’t’! *)
[Fri Jun 27 03:08:45 2014] <johnw> if I have a hypothesis of the form, IHn' : exists e : N, e N zero succ = C_n n'
[Fri Jun 27 03:08:56 2014] <johnw> how can I choose 'e' to match my goal?
[Fri Jun 27 03:14:35 2014] <amosr> johnw: if it’s a hypothesis, I don’t think you can “choose” which e it is. you don’t know which e it is, only that there is an e
[Fri Jun 27 03:14:51 2014] <johnw> I see, that makes sense
[Fri Jun 27 03:15:32 2014] <amosr> but you can destruct it to introduce the e, whatever it may be
[Fri Jun 27 03:15:54 2014] <johnw> destruct the hypothesis?
[Fri Jun 27 03:16:06 2014] <johnw> oh, weird
[Fri Jun 27 03:16:50 2014] <johnw> well, now I have universe inconsistencies
[Fri Jun 27 03:16:54 2014] <johnw> so I think I may give up here
[Fri Jun 27 03:17:09 2014] <amosr> hmm. that sounds scary
[Fri Jun 27 03:17:11 2014] <Cypi> :o
[Fri Jun 27 03:34:09 2014] <johnw> it's too bad too, I was able to complete all the goals
[Fri Jun 27 03:34:14 2014] <johnw> I wonder if there's an easy fix
[Fri Jun 27 03:34:39 2014] <Cypi> If you describe a little bit more your problem, maybe someone will be able to help x)
[Fri Jun 27 03:34:56 2014] <johnw> sorry to be obscure
[Fri Jun 27 03:35:02 2014] <johnw> here is the proof attempt: https://gist.github.com/6ae2ecbe63ae3c4501f5
[Fri Jun 27 03:44:55 2014] <Cypi> Hmm, I'm kind of new to this universe inconsistencies stuff, but I'm not sure that you can prove your goal
[Fri Jun 27 03:45:35 2014] <johnw> it seems odd to me that e is parameterized over N, when Ct_<n> clearly isn't
[Fri Jun 27 03:45:54 2014] <johnw> I have a feeling it isn't complaining more, simply because the shapes appear similar when you aren't trying to fully resolve them
[Fri Jun 27 03:45:56 2014] <Cypi> You can get a more informative error if you display universes levels, either through the "View" menu in CoqIDE if you're using it, or with the command "Set Printing Universes."
[Fri Jun 27 03:46:16 2014] <johnw> (cannot enforce Top.6579 <= Top.6581)
[Fri Jun 27 03:47:34 2014] <Cypi> Yes, and in your case, Top.6579 is the type of the parameter given to N, and Top.6581 is the type of N itself
[Fri Jun 27 03:48:19 2014] <Cypi> Hmm
[Fri Jun 27 03:48:24 2014] <Cypi> Or I am saying nonsense
[Fri Jun 27 03:48:24 2014] <Cypi> wait
[Fri Jun 27 03:48:38 2014] <Cypi> http://adam.chlipala.net/cpdt/html/Universes.html
[Fri Jun 27 03:48:48 2014] <Cypi> Maybe the best thing to do is to learn properly about universes :)
[Fri Jun 27 03:51:39 2014] <Cypi> Alright, so, scratch what I said before : Top.6579 is the type of N itself, and Top.6581 is the type of the A that is given to N. So when you write [@e N zero succ], you're trying to convert a Top.6579 too a Top.6581 (hence the inequality that Coq wants to enforce)
[Fri Jun 27 03:52:16 2014] <johnw> is there any fix, or am I trying to prove the impossible?
[Fri Jun 27 03:52:20 2014] <Cypi> but when you defined N, Coq also added [Top.6581 < Top.6579] to a set of inequalities that have to be respected by the universes managed by Coq
[Fri Jun 27 03:55:20 2014] <Cypi> Sorry, I don't know :/
[Fri Jun 27 03:58:57 2014] <Cypi> Well, I don't think you can even state that goal actually
[Fri Jun 27 03:59:21 2014] <Cypi> You basically cannot apply an object to itself, if I'm not mistaken
[Fri Jun 27 04:00:13 2014] <johnw> ok, time to sleep then
[Fri Jun 27 04:00:15 2014] <johnw> thank you, Cypi
[Fri Jun 27 05:24:21 2014] <schoppenhauer> hm ... isn't coq supposed to ... like ... extract correct programs from accepted proofs?
[Fri Jun 27 05:25:00 2014] <schoppenhauer> or am I mistaken?
[Fri Jun 27 05:25:18 2014] <schoppenhauer> can an accepted proof yield a wrong program?
[Fri Jun 27 05:25:29 2014] <schoppenhauer> and if so ... why?
[Fri Jun 27 05:27:50 2014] <schoppenhauer> __ = Prelude.error "Logical or arity value used"
[Fri Jun 27 05:27:54 2014] <schoppenhauer> just ... _why_?
[Fri Jun 27 05:35:06 2014] <rmk0> schoppenhauer: is not typical to derive a program from a proof. is more typical to write a program, prove properties of the program, then extract executable ocaml/haskell from the program you've written (with the proofs and most of the types erased)
[Fri Jun 27 05:41:24 2014] <schoppenhauer> rmk0: but why can a *correct, accepted* proof yield a wrong program?
[Fri Jun 27 05:42:45 2014] <rmk0> schoppenhauer: is a hard question to answer... if you're deriving programs from proofs that were constructed from tactics, you've got no guarantee that the program will run in a reasonable amount of time. there could also be bugs in the extraction code (because nobody's verified that extraction is correct), although i think those are rare
[Fri Jun 27 05:42:51 2014] <rmk0> is there something specific you're seeing?
[Fri Jun 27 05:43:03 2014] <schoppenhauer> rmk0: yes, the above error.
[Fri Jun 27 05:43:38 2014] <rmk0> that __ = Prelude.error ... function actually gets called?
[Fri Jun 27 05:43:42 2014] <schoppenhauer> yes
[Fri Jun 27 05:44:15 2014] <rmk0> i've not extracted to haskell before... is your code public?
[Fri Jun 27 05:44:32 2014] <schoppenhauer> not yet.
[Fri Jun 27 05:44:46 2014] <schoppenhauer> well, it also extracts the same type twice.
[Fri Jun 27 05:44:56 2014] <rmk0> sounds bad
[Fri Jun 27 05:45:06 2014] <schoppenhauer> I just don't understand *why*
[Fri Jun 27 05:45:56 2014] <rmk0> hard to tell without looking... usually proven unreachable cases would be marked with "undefined" and so on (assert false in ocaml), but if that code is actually being reached, then there's an issue somewhere
[Fri Jun 27 05:46:12 2014] <rmk0> probably worth telling the mailing list about it
[Fri Jun 27 05:47:33 2014] <schoppenhauer> there appear to be a *lot* of issues with coq when you really work with it.
[Fri Jun 27 05:47:48 2014] <rmk0> urhur
[Fri Jun 27 05:48:15 2014] <rmk0> i get the impression that the ocaml extraction is a lot more mature than the haskell extraction
[Fri Jun 27 05:48:38 2014] <rmk0> i should mention that extraction assumes that you're respecting the preconditions of functions you define when you call them from ocaml/haskell
[Fri Jun 27 05:48:42 2014] <rmk0> like, er
[Fri Jun 27 05:49:09 2014] <rmk0> let's assume you define a function f that divides its first argument by the second
[Fri Jun 27 05:49:20 2014] <rmk0> so in coq, you define it as requiring a proof that the second argument is > 0
[Fri Jun 27 05:49:49 2014] <rmk0> extraction will obviously erase the proof argument, and the extracted code will assume that you never call it "from outside" with the second argument as 0
[Fri Jun 27 05:50:01 2014] <rmk0> so you need to be careful what you expose to external code
[Fri Jun 27 05:50:24 2014] <schoppenhauer> rmk0: I directly extract a term of type "List (List Bool)"
[Fri Jun 27 05:50:29 2014] <schoppenhauer> rmk0: it has no arguments
[Fri Jun 27 05:50:39 2014] <rmk0> hm, right
[Fri Jun 27 05:50:52 2014] <schoppenhauer> but I
[Fri Jun 27 05:50:58 2014] <schoppenhauer> will t ry the ocaml-extraction
[Fri Jun 27 05:51:07 2014] <schoppenhauer> I just don
[Fri Jun 27 05:51:14 2014] <schoppenhauer> t know ocaml well enough.
[Fri Jun 27 05:57:20 2014] <rmk0> worth it just to see if the same issue is there too
[Fri Jun 27 10:43:25 2014] <Rc43> Am I right that "omega can't solve this system" <=> "goal is false" if there is no quantifiers in goal and it consists only from <= and +?
[Fri Jun 27 10:44:12 2014] <Rc43> The only two hypotheses consist of <= and + too.
[Fri Jun 27 10:56:56 2014] <Rc43> Ah, I did a mistake, now it's ok.
[Fri Jun 27 14:17:04 2014] <alkabetz> If I have [forall a, a -> b] and [b -> c] as hypotheses, how can I combine them to produce [forall a, a -> c]?
[Fri Jun 27 14:18:27 2014] <ianjneu> alkabetz: assuming they're named H0 and H1, pose (fun x : a => H1 (H0 x))
[Fri Jun 27 14:19:00 2014] <ianjneu> well, x : whatever type a is.
[Fri Jun 27 14:19:14 2014] <ianjneu> Type, I suppose.
[Fri Jun 27 14:19:18 2014] <ianjneu> or Prop
[Fri Jun 27 14:23:27 2014] <alkabetz> Coq doesn’t like that.  I get ‘The term "H0 x" has type "x -> b" while it is expected to have type "b".’
[Fri Jun 27 14:24:06 2014] <alkabetz> I can do [assert (forall x : Prop, x -> a -> c) by eauto], but that feels a bit ugly
[Fri Jun 27 14:24:41 2014] <alkabetz> Er, [assert (forall a : Prop, a -> c) by eauto]
[Fri Jun 27 14:24:47 2014] <alkabetz> (I totally copied the wrong thing there.  Sorry.)
[Fri Jun 27 14:28:51 2014] <alkabetz> I can also do [pose (fun (a : Prop) (pf : a) => H1 (H0 a pf))], it looks like, which seems similarly ugly
[Sat Jun 28 05:43:36 2014] <roosbeef> if destruct introduces new variables, is there a way to name them?
[Sat Jun 28 10:50:46 2014] <alkabetz> roosbeef: Yes – see variant 2 under http://coq.inria.fr/refman/Reference-Manual010.html#sec371
[Sat Jun 28 10:53:45 2014] <roosbeef> whats a num
[Sat Jun 28 10:54:55 2014] <alkabetz> It’s literally a number – e.g., [destruct 0]
[Sat Jun 28 11:04:24 2014] <roosbeef> how does that relate to destructing a hypothesis?
[Sat Jun 28 11:55:11 2014] <roosbeef> alkabetz, still dont understand but thanks anyway, i had solved it already by modifying the variables on paper :P
[Sat Jun 28 12:55:16 2014] <fturco> Hello
[Sat Jun 28 12:55:50 2014] <fturco> I'm looking for a computer program for writing mathematical proofs
[Sat Jun 28 12:56:15 2014] <fturco> at the moment I'm studying simple theorems from set theory
[Sat Jun 28 12:56:41 2014] <fturco> example: http://i.imgur.com/6SAsw1Z.jpg (kuratowski ordered pairs)
[Sat Jun 28 12:56:58 2014] <fturco> I'm wondering if coq can be good for me
[Sat Jun 28 12:57:08 2014] <alkabetz> Whoa, that’s beautiful
[Sat Jun 28 12:57:16 2014] <alkabetz> I’ve never actually seen somebody do a formal proof on paper
[Sat Jun 28 12:58:12 2014] <fturco> i use natural deduction
[Sat Jun 28 12:58:19 2014] <fturco> first order logic
[Sat Jun 28 12:58:28 2014] <fturco> nothing exotic
[Sat Jun 28 12:58:30 2014] <alkabetz> So, all the computer theorem provers use higher-order logic.
[Sat Jun 28 12:58:35 2014] <alkabetz> I don’t know if this matters to you.
[Sat Jun 28 12:58:55 2014] <alkabetz> But if you’re already used to the detail and commitment required to do formal proofs on paper, learning a theorem prover would probably be a lot of fun.
[Sat Jun 28 12:59:36 2014] <fturco> my goal is to learn math and then physics
[Sat Jun 28 12:59:44 2014] <alkabetz> * nods
[Sat Jun 28 12:59:54 2014] <alkabetz> Formal proofs are some pretty deep math :)
[Sat Jun 28 13:00:48 2014] <fturco> i dropped out of university because i couldn't stand the way they addressed theory
[Sat Jun 28 13:00:58 2014] <fturco> i had a hard time at learning the rules
[Sat Jun 28 13:01:19 2014] <fturco> but then i discovered they are rather simple
[Sat Jun 28 13:02:07 2014] <fturco> someone could have described them to me in an afternoon. i spent years instead, on my own.
[Sat Jun 28 13:02:17 2014] <alkabetz> So, I recomend trying out all of Coq, Agda, and Isabelle.  For math, I’ve been happiest with Isabelle, but I use Coq mostly nowadays.  (I’m a computer scientist.)
[Sat Jun 28 13:04:15 2014] <fturco> isn't there some example somewhere of a proved theorem like mine?
[Sat Jun 28 13:04:43 2014] <alkabetz> https://en.wikipedia.org/wiki/Isabelle_(proof_assistant) has an example in Isabelle
[Sat Jun 28 13:07:18 2014] <fturco> isabelle manual is a whopping 223 pages!
[Sat Jun 28 13:08:25 2014] <alkabetz> Yeah, Isabelle is /very/ well-documented
[Sat Jun 28 13:08:47 2014] <alkabetz> Coq is also pretty well-documented, but Agda documentation is unfortunately fairly sparse
[Sat Jun 28 13:15:53 2014] <fturco> coq tutorial seems shorter and more spot on
[Sat Jun 28 13:16:09 2014] <alkabetz> I’d recommend /Software Foundations/ for Coq (it’s free online)
[Sat Jun 28 13:16:27 2014] <alkabetz> It is more geared at CS folk, though
[Sat Jun 28 13:17:32 2014] <fturco> * is installing coq
[Sat Jun 28 15:33:58 2014] <alkabetz> In CPDT, Adam says that ‘Some very recent versions of Coq include mechanisms for removing hints from databases’.  Anybody know more about this?
[Sat Jun 28 15:34:29 2014] <alkabetz> Alternatively, can I run [auto] without the core hint database loaded?
[Sat Jun 28 15:38:19 2014] <alkabetz> Ah, it looks like [Remove Hints] is slated for Coq 8.5 :/
[Sat Jun 28 17:01:24 2014] <alkabetz> Oh hey!  $coq_expert says I should use [auto with nocore], which works!
[Mon Jun 30 03:32:20 2014] <amosr> is there something like Forall, except for _ -> Set instead of _ -> Prop?
[Mon Jun 30 03:33:46 2014] <ezyang> ....forall?
[Mon Jun 30 03:34:27 2014] <ddere> yeah forall should still work with Set
[Mon Jun 30 03:35:04 2014] <amosr> hmm. I guess I really want something like a heterogeneous list
[Mon Jun 30 03:35:37 2014] <ezyang> sure, you can totally do that in Coq
[Mon Jun 30 03:35:40 2014] <amosr> so I have a thing, (S -> Set) and a list S, then I want Forall’Set (list S)
[Mon Jun 30 03:36:06 2014] <ezyang> http://adam.chlipala.net/cpdt/html/DataStruct.html
[Mon Jun 30 03:36:41 2014] <amosr> cool, thanks
[Mon Jun 30 03:36:59 2014] <amosr> I thought there might just be something in the library. Forall seems exactly the same, right, except that it’s restricted to Prop
[Tue Jul  1 02:58:52 2014] <shouya> hello folks. i got a question.
[Tue Jul  1 02:59:13 2014] <shouya> it's about how 'apply' tactic works.
[Tue Jul  1 03:00:39 2014] <shouya> http://lpaste.net/106695
[Tue Jul  1 03:00:49 2014] <shouya> i am confused on the usage of apply here.
[Tue Jul  1 03:01:21 2014] <shouya> which seems splitted the goal into two subgoal but i don't know why this is.
[Tue Jul  1 03:02:20 2014] <shouya> sorry, code updated. the definition of 'classic' and 'excluded_middle' now included.
[Tue Jul  1 04:29:21 2014] <Cypi_> shouya : when Coq applies [P -> False] to H, it will deduce [False] from the conclusion [P] in H. This is what you obtain in the first goal, where you have to prove your main goal and H is replaced simply bi [False].
[Tue Jul  1 04:29:47 2014] <Cypi_> But to be able to deduce [False] from [P] in H, you first have to prove [(P -> False) -> False]
[Tue Jul  1 04:29:51 2014] <Cypi_> this is the second goal
[Tue Jul  1 04:30:50 2014] <shouya> Cypi_: i see. it's all clear now.
[Tue Jul  1 04:30:57 2014] <shouya> Cypi_: thank you :)
[Tue Jul  1 04:31:08 2014] <Cypi_> So if you have [H1 : A -> B -> C -> D] and [H2 : D -> E], when you do [apply H2 in H1.], Coq generates the subgoals for A, B and C, and replace H1 by E for your main goal.
[Tue Jul  1 04:32:41 2014] <shouya> Cypi_: yup.
[Tue Jul  1 11:17:19 2014] <Rc43> Hello.
[Tue Jul  1 11:17:45 2014] <Rc43> Can I parameterize Ltac expressions with "usual" like nats or records?
[Tue Jul  1 11:18:07 2014] <Rc43> I would like to implement some semigroup-polymorphic tactics, but seems that I can't =/
[Tue Jul  1 11:25:14 2014] <Rc43> Well, Ltac seems to be possible to take semigroup as argument, but somehow I can't rewrite with it's associativity law.
[Tue Jul  1 11:36:16 2014] <elarnon> Rc43: what is your definition for semigroups?
[Tue Jul  1 11:37:01 2014] <ianjneu> magma + assoc
[Tue Jul  1 11:37:14 2014] <elarnon> i mean coq definition
[Tue Jul  1 11:37:26 2014] <elarnon> typeclass? records? informal set of required theorems?
[Tue Jul  1 11:37:58 2014] <elarnon> anyway Ltac arguments work in a rather primitive way
[Tue Jul  1 11:40:30 2014] <elarnon> you can get "regular" coq arguments (works best with Tactic Notation) but can't really do anything with them except inlining them into expressions
[Tue Jul  1 11:44:17 2014] <elarnon> so whatever way you define your semigroups, you need functions that, given a semigroup, gives you the neutral element/law/associativity lemma
[Tue Jul  1 11:44:34 2014] <elarnon> the easiest way to do that is probably to use typeclasses and let Coq figure out the correct instantiation for you
[Tue Jul  1 11:46:08 2014] <Rc43> elarnon, yep, it is type class
[Tue Jul  1 11:46:36 2014] <Rc43> elarnon, just rewrite says something that it expects "Semigroup.op x (Smeigroup.op y z)" instead of x + y + z
[Tue Jul  1 11:46:44 2014] <Rc43> And I don't know how to fix it.
[Tue Jul  1 11:46:45 2014] <elarnon> then you shouldn't need to know the actual type of your typeclass in your ltac
[Tue Jul  1 11:46:54 2014] <elarnon> can you show the definition of your typeclass?
[Tue Jul  1 11:47:02 2014] <Rc43> elarnon, sure, one moment
[Tue Jul  1 11:47:19 2014] <Rc43> I will minimize example of ltac I try.
[Tue Jul  1 11:54:33 2014] <Rc43> elarnon, aah, seems I did mistake at the very beginning, it rewrites ok =/
[Tue Jul  1 11:55:37 2014] <Rc43> I even found the way imitate loops with "regular" nat, match on S _ | O, but don't use n' from (S n'); use (pred n) instead.
[Tue Jul  1 12:48:29 2014] <Rc43> Is there common name for something with neutral element?
[Tue Jul  1 12:48:42 2014] <Rc43> Like "Monoid = <with_neutral> + Semigroup".
[Tue Jul  1 12:51:58 2014] <elarnon> wikipedia says unital
[Tue Jul  1 12:52:39 2014] <elarnon> https://en.wikipedia.org/wiki/Magma_(algebra)#Classification_by_properties
[Tue Jul  1 13:00:04 2014] <Rc43> elarnon, oh, thanks
[Tue Jul  1 14:01:12 2014] <Rc43> Aaah, tactics fully-polymorphic on type-classes don't work well =/
[Tue Jul  1 14:01:38 2014] <Rc43> E.g. when different semigroups should be tried.
[Tue Jul  1 14:02:13 2014] <Rc43> Like "rewrite assoc" on "x + 0 + 1 * x + x * 1 = x + x + x".
[Tue Jul  1 14:03:31 2014] <Rc43> Because Coq searchs semigroup instance using information about founded implicit arguments, not simultaneously =/
[Tue Jul  1 14:05:01 2014] <Rc43> *monoid instance
[Tue Jul  1 14:21:03 2014] <schoppenhauer> is there any library to work with indexed sums?
[Tue Jul  1 16:54:10 2014] <johnw> Can anyone tell me whether https://github.com/jwiegley/simple-conduit/blob/master/coq/Category.v#L209 looks like a properly stated theorem about the UMP for products, and if my subsequent proof for tuples in Coq looks reasonable?
[Tue Jul  1 16:54:55 2014] <johnw> elarnon: hello!
[Tue Jul  1 17:04:29 2014] <elarnon> johnw: hi! how was your trip home?
[Tue Jul  1 17:05:50 2014] <elarnon> your definition of product seems weird to me
[Tue Jul  1 17:06:05 2014] <johnw> it was uneventful; how about yoU?
[Tue Jul  1 17:06:15 2014] <johnw> I thought it might be weird, I just didn't know in what way...
[Tue Jul  1 17:06:43 2014] <elarnon> as far as i understand (is afaiu a valid abbreviation?) the Coq arrow shouldn't appear there
[Tue Jul  1 17:07:14 2014] <johnw> where exactly?
[Tue Jul  1 17:07:45 2014] <RchrdBrrll> elarnon, I always use "AIUI", shortening "as I understand it".
[Tue Jul  1 17:07:50 2014] <johnw> I have -> as the Coq arrow, and → as the categorical arrow
[Tue Jul  1 17:08:05 2014] <elarnon> the trip was too long for my taste, and my right foot didn't like it much, but it was otherwise ok
[Tue Jul  1 17:08:17 2014] <johnw> but I don't see how to do objC → objC → objC, because I don't have currying, since currying needs products :)
[Tue Jul  1 17:08:29 2014] <elarnon> but you are defining the product
[Tue Jul  1 17:08:43 2014] <johnw> and homC is defined with Coq arrows on line 40
[Tue Jul  1 17:08:49 2014] <elarnon> let me think about what i would have written
[Tue Jul  1 17:08:52 2014] <johnw> but can I define the product in terms of a product?
[Tue Jul  1 17:08:56 2014] <johnw> k
[Tue Jul  1 17:09:42 2014] <elarnon> the Coq arrow on the definition of Category are required b/c you are creating your model
[Tue Jul  1 17:09:51 2014] <elarnon> but then Coq arrows should have been abstracted
[Tue Jul  1 17:10:29 2014] <johnw> I'm not sure what ob → ob → ob would even mean though
[Tue Jul  1 17:10:32 2014] <elarnon> so I guess P and X are just unneeded
[Tue Jul  1 17:10:41 2014] <johnw> oh
[Tue Jul  1 17:10:52 2014] <johnw> hmm
[Tue Jul  1 17:11:08 2014] <johnw> then p1 becomes what?
[Tue Jul  1 17:11:17 2014] <elarnon> Class Product `{C : Category objC} {A B : objC} (P : objC) (p1 : P \to A) (p2 : P \to B) := ...
[Tue Jul  1 17:11:29 2014] <johnw> I see
[Tue Jul  1 17:11:39 2014] <johnw> trying to imply that these things have "types" is wrong
[Tue Jul  1 17:13:11 2014] <johnw> hmm
[Tue Jul  1 17:13:24 2014] <johnw> so now what does my instance become
[Tue Jul  1 17:13:26 2014] <elarnon> well "P : objC -> objC -> objC" doesn't make any sense in a categorical way as you said
[Tue Jul  1 17:13:28 2014] <johnw> Global Instance Tuple_Product : @Product Coq Tuple (@fst A B) snd. is not right anymore
[Tue Jul  1 17:14:54 2014] <elarnon> well Global Instance Tuple_Product : @Product Coq A B (A * B) fst snd should be
[Tue Jul  1 17:15:14 2014] <johnw> ah, I've been wondering about this
[Tue Jul  1 17:15:18 2014] <johnw> how do I get a general '*' operator?
[Tue Jul  1 17:15:26 2014] <johnw> every time I use it, it wants ℕ
[Tue Jul  1 17:15:32 2014] <elarnon> what do you mean by general?
[Tue Jul  1 17:15:39 2014] <johnw> something not specialized to nats
[Tue Jul  1 17:16:08 2014] <elarnon> you get into the quirks of Coq's notation system
[Tue Jul  1 17:16:35 2014] <johnw> what is a notation for in this case?
[Tue Jul  1 17:16:35 2014] <elarnon> are you familiar with the way notation scopes work?
[Tue Jul  1 17:16:38 2014] <johnw> yes
[Tue Jul  1 17:16:58 2014] <johnw> I have a category_scope
[Tue Jul  1 17:17:09 2014] <elarnon> "*" is just a notation for mult (or whatever it is called) in scope nat_scope
[Tue Jul  1 17:18:01 2014] <elarnon> so various options are open to you
[Tue Jul  1 17:18:15 2014] <elarnon> you can close nat_scope and redefine a notation for *
[Tue Jul  1 17:18:32 2014] <johnw> what is your use of * here referring to?
[Tue Jul  1 17:18:42 2014] <elarnon> you can use scope delimiters for your notation (as in (A * B)%type that you have to type in the body of a definition if you need it)
[Tue Jul  1 17:19:24 2014] <elarnon> well whatever you want the notation to be ; maybe to a 'mult' member of some Num typeclass?
[Tue Jul  1 17:19:53 2014] <johnw> I mean, in this case
[Tue Jul  1 17:20:01 2014] <johnw> I'm defining general products of (Type * Type)
[Tue Jul  1 17:20:05 2014] <johnw> what does "*" mean in that case?
[Tue Jul  1 17:20:19 2014] <johnw> I.e., what would the Notation rewrite into?
[Tue Jul  1 17:20:25 2014] <elarnon> is Type the Coq Type?
[Tue Jul  1 17:20:29 2014] <johnw> in this case, yes
[Tue Jul  1 17:20:39 2014] <johnw> Tuple is the product of the Coq category
[Tue Jul  1 17:20:55 2014] <elarnon> i'm not sure ; you can just Unset Printing Notations. and see by yourself
[Tue Jul  1 17:21:00 2014] <johnw> I'm trying to prove that "Coq" has categorical products
[Tue Jul  1 17:21:26 2014] <johnw> hmm
[Tue Jul  1 17:21:30 2014] <elarnon> oh, you mean my use of "*"in the definition?
[Tue Jul  1 17:21:30 2014] <johnw> i feel like I'm missing something here
[Tue Jul  1 17:21:32 2014] <johnw> yes
[Tue Jul  1 17:21:41 2014] <elarnon> you can just use your "Tuple" class if you want
[Tue Jul  1 17:21:47 2014] <elarnon> but Coq has built-in tuple types
[Tue Jul  1 17:22:11 2014] <johnw> I thought it might, but I couldn't find them
[Tue Jul  1 17:22:25 2014] <elarnon> well * is a notation for them
[Tue Jul  1 17:22:37 2014] <johnw> I see, so somehow these nat tuples are getting in my way
[Tue Jul  1 17:22:41 2014] <elarnon> (and they are probably defined through an Inductive similar to yours, but with a different name)
[Tue Jul  1 17:22:50 2014] <elarnon> yes
[Tue Jul  1 17:23:00 2014] <johnw> yay, it worked
[Tue Jul  1 17:23:08 2014] <johnw> Global Instance Tuple_Product : Product (Tuple A B) fst snd.
[Tue Jul  1 17:23:09 2014] <elarnon> so coq has a special scope named "type_scope" which it uses by default anywhere it is expecting a type
[Tue Jul  1 17:23:25 2014] <elarnon> and it do not open that scope elsewhere
[Tue Jul  1 17:23:38 2014] <elarnon> hence the (A * B)%type
[Tue Jul  1 17:24:50 2014] <johnw> is there a HOWTO anywhere about using the builtin tuples instead of these nat-specific tuples?
[Tue Jul  1 17:24:54 2014] <elarnon> so Coq's "built-in" product is called prod and has exactly the same definition as your tuple modulo alpha-renaming
[Tue Jul  1 17:25:06 2014] <elarnon> it is not nat-specific tuples
[Tue Jul  1 17:25:15 2014] <johnw> ah, "prod", that's what I was looking for
[Tue Jul  1 17:25:27 2014] <elarnon> when you write (A * B) Coq rewrites this to "mult A B", i.e. the natural numbers multiplication
[Tue Jul  1 17:25:31 2014] <johnw> ah
[Tue Jul  1 17:25:34 2014] <johnw> i see
[Tue Jul  1 17:25:41 2014] <johnw> so that notation is getting in the way of the type_scope notation?
[Tue Jul  1 17:26:05 2014] <elarnon> yes
[Tue Jul  1 17:26:17 2014] <johnw> how do I unset a notation?
[Tue Jul  1 17:27:11 2014] <elarnon> you can't afaik ; but you can close the nat_scope
[Tue Jul  1 17:27:32 2014] <johnw> Close Scope nat_scope.
[Tue Jul  1 17:27:34 2014] <elarnon> well, or just re-open type_scope to make it shadow the other
[Tue Jul  1 17:27:40 2014] <elarnon> with Open Scope type_scope.
[Tue Jul  1 17:27:49 2014] <elarnon> (coq first searches the last opened scope)
[Tue Jul  1 17:28:14 2014] <johnw> excellent
[Tue Jul  1 17:31:59 2014] <johnw> huh, even though prod is nearly identical, using (prod A B) doesn't work, but (Tuple A B) does
[Tue Jul  1 18:48:18 2014] <osa1> how is "not equal" symbol in CPDT book printed in Coq syntax?
[Tue Jul  1 18:52:36 2014] <alkabetz> Can you point to a specific source file?
[Tue Jul  1 18:52:51 2014] <alkabetz> (Or, equivalently, a specific chapter?)
[Tue Jul  1 18:53:40 2014] <osa1> alkabetz: page 111
[Tue Jul  1 18:53:48 2014] <osa1> or chapter 6.2
[Tue Jul  1 18:54:10 2014] <osa1> I don't have any source files
[Tue Jul  1 18:54:47 2014] <alkabetz> Ah, it’s written <>: http://adam.chlipala.net/cpdt/repo/file/1dd9d8664853/src/Subset.v#l410
[Tue Jul  1 18:55:52 2014] <osa1> alkabetz: thanks!
[Tue Jul  1 19:42:24 2014] <alkabetz> You’re welcome!
[Tue Jul  1 20:46:06 2014] <Rc43> How can I declare local Ltac procedure inside other Ltac procedure?
[Tue Jul  1 20:48:58 2014] <Rc43> Ah, I found it.
[Tue Jul  1 20:49:10 2014] <Rc43> Ltac something := ... with other := ... .
[Tue Jul  1 20:51:09 2014] <Cypi> Rc43 : in this case, 'other' is not local, it's just defined at the same time. (It allows for mutually recursive functions)
[Tue Jul  1 20:51:26 2014] <Cypi> If you want 'other' to be local, you can use : Ltac something := let other := ... in ...
[Tue Jul  1 20:51:42 2014] <Cypi> (mutually recursive tactics* I meant)
[Tue Jul  1 20:52:15 2014] <Rc43> Cypi, ah, ye; I wanted your way.
[Tue Jul  1 22:03:19 2014] <johnw> would anyone like to help with a proof before I tear my head off of my spine?
[Tue Jul  1 22:03:50 2014] <johnw> I'm trying to prove that composing two applicative functors always yields an applicative functor
[Tue Jul  1 22:04:08 2014] <amosr> I could take a peek
[Tue Jul  1 22:04:09 2014] <johnw> before I was trying to prove this in a more involved context, but now I think I've simplified it down to the core lemma
[Tue Jul  1 22:04:15 2014] <johnw> ok, let me commit what I have.
[Tue Jul  1 22:04:50 2014] <johnw> the repository is https://github.com/jwiegley/simple-conduit
[Tue Jul  1 22:04:53 2014] <johnw> subdirectory "coq"
[Tue Jul  1 22:04:56 2014] <johnw> the file is Functor.v
[Tue Jul  1 22:04:59 2014] <johnw> search for "admit"
[Tue Jul  1 22:22:33 2014] <johnw> I'm looking for a paper proof of this, that applicative functors are closed under composition, but while I find many papers which state it as a fact, none give a proof
[Tue Jul  1 22:35:48 2014] <amosr> johnw: nope. no clue!
[Tue Jul  1 22:36:30 2014] <johnw> ok, thanks amosr
[Tue Jul  1 22:36:40 2014] <johnw> I hate to admit how many things I've tried :)
[Wed Jul  2 05:13:39 2014] <roosbeef> suppose im trying to prove decidability of a complex statement such as:
[Wed Jul  2 05:13:40 2014] <roosbeef> exists2 e0 : fletter, countIn eq eq_fletter_dec e0 ll > 0 & fl_Lt l e0 \/ fl_Lt e0 l
[Wed Jul  2 05:14:04 2014] <roosbeef> how can i chop this up into smaller segments to prove decidability of?
[Wed Jul  2 06:48:07 2014] <osa1> what is `[x]` syntax used in this code from CPDT: `Notation "[|| x ||]" := (inleft _ [x]).` ?
[Wed Jul  2 06:48:33 2014] <osa1> I can't define that notation because I'm getting this error: "Syntax error: ',' or ')' expected after [constr:operconstr level 200] (in [constr:operconstr])."
[Wed Jul  2 07:31:08 2014] <elarnon> johnw: i don't have a proof for you, but it seems that you are not proving what you think you are proving (and neither are you in Compose_Functor) - the objects you are considering seem to be F (F X) rather than F (G X)
[Wed Jul  2 11:32:05 2014] <robbert> roosbeef: I use typeclasses to automatically derive such deciders
[Wed Jul  2 11:32:25 2014] <robbert> and he's offline...
[Wed Jul  2 12:04:11 2014] <osa1> is there a way to search for a definition in libs to see what to import?
[Wed Jul  2 12:20:17 2014] <alkabetz> If you already have it imported, you can use [Locate the_definition.].
[Wed Jul  2 12:20:26 2014] <alkabetz> Otherwise, I always just use grep …
[Thu Jul  3 05:16:21 2014] <roosbeef> ive got this proof state: https://privatepaste.com/98f8bf9183
[Thu Jul  3 05:16:31 2014] <roosbeef> how do i get rid of a0?
[Thu Jul  3 05:17:00 2014] <roosbeef> the exists quantifier is kinda confusing me i guess, are there any libraries for that i should look at?
[Thu Jul  3 06:47:55 2014] <johnw> elarnon: ping
[Thu Jul  3 07:02:07 2014] <Rc43> Hello.
[Thu Jul  3 07:27:26 2014] <osa1> what should I do to use leb definition in this module http://coq.inria.fr/distrib/current/stdlib/Coq.NArith.BinNatDef.html ? I'm importing Coq.NArith.BinNatDef but Check leb fails with `Error: The reference leb was not found in the current environment.`
[Thu Jul  3 07:30:38 2014] <Cypi> osa1 : N.leb
[Thu Jul  3 07:31:06 2014] <osa1> Cypi: Error: The reference N.leb was not found in the current environment.
[Thu Jul  3 07:31:20 2014] <osa1> oh wait, if worked after I added "Import"
[Thu Jul  3 07:31:27 2014] <osa1> so what's difference between Require and Require Import?
[Thu Jul  3 07:33:11 2014] <Cypi> With only "Require", you have to fully qualify leb : [Check Coq.Narith.BinNatDef.N.leb.] (actually, only [Check BinNatDef.N.leb.] works)
[Thu Jul  3 07:34:01 2014] <Cypi> With Import, the contents of the module is also imported, so that you can access directly its components
[Thu Jul  3 07:35:08 2014] <Cypi> Check http://coq.inria.fr/refman/Reference-Manual008.html#hevea_command147 and http://coq.inria.fr/refman/Reference-Manual004.html#Import
[Thu Jul  3 07:54:47 2014] <osa1> ops, apparently I need a leb that works on nats
[Thu Jul  3 07:55:14 2014] <osa1> why I'm wasting 90% of my time searching for basic functions in the stdlib?
[Thu Jul  3 09:25:22 2014] <Rc43> Is there a way to define Inductive mutually with a term?
[Thu Jul  3 09:25:48 2014] <Cypi> What do you mean?
[Thu Jul  3 09:26:24 2014] <Rc43> Like "Inductive some_type : Type := ... some_struct ... with some_struct := ... some_type ... ."
[Thu Jul  3 09:28:35 2014] <Cypi> Well, what you said work, doesn't it?
[Thu Jul  3 09:28:38 2014] <Rc43> Where some_struct is term, not inductive.
[Thu Jul  3 09:28:52 2014] <Cypi> Ah.
[Thu Jul  3 09:29:13 2014] <Rc43> Cypi, but I am not sure that what I want terminates =/
[Thu Jul  3 09:29:51 2014] <Rc43> I want type class instance which has field-type which uses this type class instance itself.
[Thu Jul  3 10:51:56 2014] <Rc43> Is it possible to define recursive type class instances?
[Thu Jul  3 10:52:03 2014] <Rc43> (Sounds pretty scary.)
[Thu Jul  3 10:56:49 2014] <Rc43> Oh, seems that I can just use Fixpoint + Build_<class_name>.
[Thu Jul  3 17:04:36 2014] <{AS}> Hi, is it possible to extend the scope of a let-binding in coq?
[Thu Jul  3 17:05:07 2014] <{AS}> such that all let-bindings occur at the outer most scope (when the bound variables are not free in the outer scope)
[Thu Jul  3 17:05:39 2014] <{AS}> e.g. if I have R (a) (let b := c in d) and I want let b := c in R (a) (d)
[Thu Jul  3 17:53:12 2014] <johnw> when Coq is showing me a goal, is there a way for it to print the @x forms of all identifiers, so that I can see all implicit arguments?
[Thu Jul  3 17:55:49 2014] <jrw> johnw: Set Printing All.
[Thu Jul  3 17:56:23 2014] <johnw> sweet, thanks
[Thu Jul  3 17:57:17 2014] <johnw> can I do it for a specific identifier?
[Thu Jul  3 17:58:23 2014] <jrw> not that I know of
[Thu Jul  3 23:02:50 2014] <johnw> I have a hypothesis in my context, and an occurance of its left-hand side in my goal, which I've verified with Set Printing All.  However, it still says "no subterm matching"
[Thu Jul  3 23:03:07 2014] <johnw> https://gist.github.com/aed819ae66f7be914b5a
[Thu Jul  3 23:03:18 2014] <johnw> I'm trying to do "rewrite H6"
[Thu Jul  3 23:03:34 2014] <mankyKitty> sweet dickens
[Thu Jul  3 23:03:47 2014] <johnw> well, the goal is just mu ∘ fmap mu = mu ∘ fmap mu ∘ fmap eta otherwise :)
[Thu Jul  3 23:04:05 2014] <johnw> i'm following someone else's paper proof step by step, and I'm stuck on not being able to do this rewrite
[Thu Jul  3 23:04:23 2014] <mankyKitty> yeah I'm barely two chapters into SF so I'm not going to be much help to you. :(
[Thu Jul  3 23:04:30 2014] <johnw> oh, weird
[Thu Jul  3 23:04:33 2014] <johnw> if I use replace, it works
[Thu Jul  3 23:04:42 2014] <mankyKitty> spooky?
[Thu Jul  3 23:04:58 2014] <johnw> yeah, I've actually run into this a lot, where replace won't work but assert will, and now vice-versa
[Thu Jul  3 23:05:07 2014] <johnw> I don't quite understand the subtle differences between them yet
[Thu Jul  3 23:35:17 2014] <johnw> if I have an instance which defines basically fmap := fmap . fmap, and I'm in a situation where I believe that instance is in scope, how can I "unfold" that fmap into fmap . fmap?
[Fri Jul  4 00:31:24 2014] <ddere> johnw: holy moly, when it says it cant match the subterms, what patterns does it give you in the error msg?
[Fri Jul  4 00:37:35 2014] <johnw> it states the exact subterm I'm trying to match :)
[Fri Jul  4 01:01:57 2014] <ddere> oh :(
[Fri Jul  4 05:19:27 2014] <johnw> is there a way to have separate notations based on the types used for a polymorphic function?
[Fri Jul  4 05:19:47 2014] <johnw> i'm looking at 7 instances of fmap, but they're not all the same fmap, which makes it very hard to determine what the goal actually is
[Fri Jul  4 05:25:49 2014] <johnw> for example, if it's really (@fmap M _ ...), I'd like it to print fmap[M]
[Fri Jul  4 05:28:23 2014] <johnw> ah, got it: Notation "fmap[ M ]" := (@fmap M _ _ _ _) (at level 68).
[Fri Jul  4 05:31:04 2014] <johnw> and: Notation "fmap[ M N ]" := (@fmap (fun X => M (N X)) _ _ _ _) (at level 66).
[Fri Jul  4 05:31:07 2014] <johnw> now it's perfect
[Fri Jul  4 08:29:43 2014] <Rc43> Hello.
[Fri Jul  4 08:29:59 2014] <Rc43> Is it possible to defined Fixpoint with tactics?
[Fri Jul  4 08:30:06 2014] <Rc43> Without Fix combinator or something.
[Fri Jul  4 08:30:17 2014] <Rc43> I am getting error on "Defined." stage.
[Fri Jul  4 08:33:15 2014] <Cypi> It is possible: http://lpaste.net/106918
[Fri Jul  4 08:34:05 2014] <Rc43> Cypi, ok, thanks; therefore I will search bugs in my definition.
[Fri Jul  4 08:38:24 2014] <Cypi> Hum, my definition is actually false, but don't mind it, it still shows that you can use tactics with Fixpoint :-°
[Fri Jul  4 08:39:12 2014] <Rc43> Cypi, I have localised my problem, it is because of incorrect recursive call (though I don't know yet why).
[Fri Jul  4 08:43:35 2014] <gdsfh> Rc43: just "clear" everything you don't need to make a recursive call, it usually helps.
[Fri Jul  4 08:49:02 2014] <Rc43> gdsfh, actually it is pretty small definition, I have only one rec. call (well, second is commented now).
[Fri Jul  4 08:49:28 2014] <Rc43> And message is weird "has not enough arguments" while there is only one argument to rec. function.
[Fri Jul  4 08:49:43 2014] <Rc43> (and it is given)
[Fri Jul  4 08:53:53 2014] <Rc43> Hmm, I commented the single rec. call (replaced with admit) and error didn't dissapear.
[Fri Jul  4 08:57:22 2014] <Rc43> Could "induction" be the reason of that?
[Fri Jul  4 08:59:17 2014] <Rc43> Indeed, "Show Proof." shows that there is redundant call.
[Fri Jul  4 08:59:38 2014] <Rc43> (Not redundant, but surprizing for me.)
[Fri Jul  4 09:00:11 2014] <Rc43> Why does it use recursion instead of induction principle?
[Fri Jul  4 09:01:37 2014] <Rc43> Ah, I am stupid, it's "<rec.fun_name>_admitted".
[Fri Jul  4 09:02:02 2014] <gdsfh> Rc43: because. :]  Maybe you should supply induction principle if you want it to be used?
[Fri Jul  4 09:04:03 2014] <Rc43> gdsfh, no-no, it was my distraction, no rec calls at all, nat_rect is used as it should be.
[Fri Jul  4 09:04:30 2014] <Rc43> gdsfh, so there is no rec calls at all, but message says that "not enough arguments".
[Fri Jul  4 09:06:26 2014] <gdsfh> Rc43: I faced similar problem years ago, but can't remember what caused it.  If you have small standalone example, I could try to help.
[Fri Jul  4 09:06:57 2014] <Rc43> gdsfh, I will try to reduce it
[Fri Jul  4 09:12:59 2014] <gdsfh> Rc43: maybe after reducing it will work, so show minimal example that doesn't work; but please, without external dependencies.
[Fri Jul  4 09:14:15 2014] <gdsfh> btw, does anybody know about coq+opam progress?  Some guys wanted to use them together (in coq-club iirc).
[Fri Jul  4 09:17:24 2014] <Rc43> gdsfh, you mean intention to install coq via opam?
[Fri Jul  4 09:18:16 2014] <gdsfh> Rc43: coq + some widely used libraries/extensions, like mtac, ssreflect, CoLoR.
[Fri Jul  4 09:18:48 2014] <gdsfh>  + custom repositories (I use it in OCaml development, very handy).
[Fri Jul  4 09:24:08 2014] <Rc43> gdsfh, yep, that would be great thing.
[Fri Jul  4 09:25:48 2014] <Rc43> gdsfh, seems that this message is occured on every Fixpoint with admit.
[Fri Jul  4 09:26:07 2014] <Rc43> gdsfh, at least on "Fixpoint test (n : nat) : nat. admit. Defined."
[Fri Jul  4 09:26:53 2014] <Rc43> Don't understand yet what can be wrong in "fix test (n : nat) : nat => test_admitted test n".
[Fri Jul  4 09:27:35 2014] <Rc43> Aaaah, I understood.
[Fri Jul  4 09:27:52 2014] <Rc43> Haha, it just sees plain "test" without args and complains about it.
[Fri Jul  4 09:29:59 2014] <gdsfh> really, "test" needs arguments.  btw, you can move arguments that change on recursive calls to right, it simplifies writing of fixpoint.
[Fri Jul  4 09:31:14 2014] <Rc43> gdfsh, why does it?
[Fri Jul  4 09:36:18 2014] <gdsfh> Rc43: why fixpoints needs arguments?  It's about termination, as I remember.
[Fri Jul  4 09:41:10 2014] <Cypi> If you just allow test_admitted to take test as an argument this way, I guess you wouldn't know what test_admitted will do with foo
[Fri Jul  4 09:41:44 2014] <Cypi> It could just call foo again on some nat, and you would end up with an infinite loop
[Fri Jul  4 09:43:04 2014] <Rc43> gdsfh, no :) Why does arguments on right instead of left help to write fixpoints?
[Fri Jul  4 09:43:40 2014] <Rc43> Cypi, why did Coq generate such Coq?
[Fri Jul  4 09:43:51 2014] <Rc43> Cypi, couldn't it just place test_admitted without arguments?
[Fri Jul  4 09:44:41 2014] <Cypi> I don't know if it's just a weakness of the "admitted" tactic, which shouldn't occur anyway in finalized proofs.
[Fri Jul  4 09:45:20 2014] <Cypi> admit*
[Fri Jul  4 09:45:26 2014] <Cypi> You can just write "Axiom test_admitted : nat. exact test_admitted." or something similar if you want, it must be close to what admit would do, I guess
[Fri Jul  4 09:47:39 2014] <Rc43> Cypi, yep, sure. Just was surprizing and spent some time.
[Fri Jul  4 09:48:10 2014] <gdsfh> Rc43: because you don't need to pass these arguments on each recursive call.  Take a look at http://pastebin.com/nywncwFE , "f" is constant on each call.
[Fri Jul  4 09:48:12 2014] <Rc43> Btw, in this particular case it is possible just ot use "Admitted."
[Fri Jul  4 09:48:38 2014] <Cypi> Yes, since Admitted will abort the proof altogether and replace your definition with an Axiom
[Fri Jul  4 09:48:49 2014] <Cypi> it won't just fill one gap with an axiom
[Fri Jul  4 09:50:15 2014] <Rc43> Cypi, ah, I didn't know.
[Fri Jul  4 09:50:47 2014] <Rc43> Cypi, I thought that it is just syntax sugar for "admit. Qed."
[Fri Jul  4 09:51:12 2014] <Cypi> Nope, especially since it works for any number of remaining subgoals :p
[Fri Jul  4 09:58:41 2014] <Rc43> Hmm, so I figure out now that I need "Fixpoint f", which depends on "Definition g.", which depends on "f" again.
[Fri Jul  4 09:58:43 2014] <Rc43> But I want to defined "f" with tactics; is there syntax for such mutual definition?
[Fri Jul  4 10:01:14 2014] <osa1> how do I import stream type used here http://adam.chlipala.net/cpdt/repo/file/1dd9d8664853/src/GeneralRec.v#l110?
[Fri Jul  4 10:01:27 2014] <Cypi> Rc43: "Fixpoint foo (n : nat) : nat with bar (n : nat) : nat.", and then you end up with two subgoals.
[Fri Jul  4 10:03:16 2014] <Rc43> Cypi, "Fixpoints should be on the same mutual inductive declaration."
[Fri Jul  4 10:03:23 2014] <Rc43> Cypi, (in my case).
[Fri Jul  4 10:03:58 2014] <Rc43> Both f and g are "terms".
[Fri Jul  4 10:04:13 2014] <Cypi> Hum, I don't know what it means, sorry :o . (I'm learning as I am answering you actually, don't take my words as good advice, just as something that worked for me)
[Fri Jul  4 10:05:19 2014] <Rc43> Oh, I just put non-recursive arguments into rgight in "f" and everything is ok.
[Fri Jul  4 10:06:10 2014] <Rc43> I mean I replaced "Fixpoint f (n : nat) (xs ys : list ...) : ..." with "Fixpoint f (n : nat) : list ...".
[Fri Jul  4 10:07:35 2014] <Rc43> Ah, still can't unfold "g" inside proof of "f".
[Fri Jul  4 10:08:08 2014] <Rc43> Maybe I need to decrease its argument =/
[Fri Jul  4 10:08:38 2014] <Cypi> I think so. Apparently Coq heuristics for fixpoints isn't clever enough to figure it out in such cases :/
[Fri Jul  4 10:09:12 2014] <Cypi> Ah wait, you want to unfold
[Fri Jul  4 10:09:23 2014] <Cypi> hum
[Fri Jul  4 10:09:25 2014] <Rc43> Hmm, even with "smaller" argument Coq can't "coerce it to evaluable reference".
[Fri Jul  4 10:10:11 2014] <Cypi> Well yes, you are defining both f and g at the same time with a Fixpoint, so until the definition is complete, f and g aren't bound to anything, they only have a type.
[Fri Jul  4 10:10:33 2014] <Cypi> Hmm, how could you do that...
[Fri Jul  4 10:11:05 2014] <Rc43> Cypi, maybe it is because what you just said.
[Fri Jul  4 10:11:14 2014] <Rc43> *because of
[Fri Jul  4 10:19:12 2014] <Rc43> Ow, and I can't use "h" in type of "g" while defining "Fixpoint f : ... with g : ... with h : ... ."
[Fri Jul  4 10:19:13 2014] <Rc43> =/
[Fri Jul  4 10:20:41 2014] <Rc43> Reasonably though (since no value binded to name "h" so far).
[Fri Jul  4 11:41:18 2014] <Rc43> Has anybody an idea about how to define record (instance of type class), which is recursive through its field?
[Fri Jul  4 11:42:52 2014] <Rc43> E.g. Fixpoint record (S n) : ... := { x := ... ; y := .... @x record n ... }.
[Fri Jul  4 11:44:02 2014] <Rc43> My problem is in that "@x" can't be replaced with its body (because definition isn't complete), so I just can't use "record" inside definition of "y".
[Fri Jul  4 14:28:10 2014] <osa1> in CPDT chapter 7.1 this is said "... yet we know this[merge sort] is a well-founded recursive definition" how do we know about that?
[Fri Jul  4 14:43:48 2014] <osa1> I'm also wondering how well-founded recursion is encoded. is there something magic going on under the hood to make termination checker accept such definitions(e.g. by somehow making Fix special), or is it somehow encoded with exsiting basic rules? can we implement that as an external library?
[Fri Jul  4 14:52:24 2014] <osa1> also, are there any other ways to tell termination checker that a function actually teminates? I mean other than structural recursive and well-founded ones?
[Fri Jul  4 15:07:51 2014] <osa1> how can I search in standard library?
[Fri Jul  4 15:11:08 2014] <alkabetz> osa1: I’m a fan of grep for that …
[Fri Jul  4 16:20:53 2014] <xcombelle> hi (bonjour)
[Fri Jul  4 19:00:18 2014] <osa1> `match E as Y in (T x1 ... xn) return U with | C z1 .. zm => B end` in this code are Y and x1 ... xn bound in B ?
[Fri Jul  4 19:51:26 2014] <osa1> can anyone help me with this proof http://lpaste.net/106947 ? This code is from CPDT and I want to prove it without using magical CPDT tactics.
[Fri Jul  4 20:10:41 2014] <jrw> osa1: you'll need to write the match in the proof term by hand because coq's destruct isn't smart enough to handle this kind of dependent match
[Sun Jul  6 17:02:41 2014] <osa1_> when is "dependent destruction" tactic added to standard tactics library?
[Sun Jul  6 17:03:57 2014] <ezyang> I don't think there are any plans to do so
[Sun Jul  6 17:05:15 2014] <osa1_> am I looking to wrong page http://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_tactic80
[Sun Jul  6 17:08:24 2014] <ezyang> Erm, maybe I don't know what you're askig
[Sun Jul  6 17:09:38 2014] <osa1_> ezyang: I'm trying to use "dependent destruction" tactic explained in that link but I'm getting `Syntax error: 'generalize_eqs_vars' or 'generalize_eqs' or 'rewrite' or 'simple' 'inversion' expected after 'dependent' (in [tactic:simple_tactic]).` so I'm wondering if I'm doing some stupid mistake or I need to update Co
[Sun Jul  6 17:09:39 2014] <osa1_> Coq*
[Sun Jul  6 17:16:46 2014] <osa1_> I'm using 8.4pl2 and latest version appears to be 8.4pl4
[Sun Jul  6 17:17:07 2014] <osa1_> so any comments before I update Coq?
[Sun Jul  6 17:32:41 2014] <ezyang> oh, that error. You need to import some module
[Sun Jul  6 18:46:53 2014] <johnw> How do I hide symbols from an earlier imported module?
[Sun Jul  6 18:51:51 2014] <mankyKitty> johnw: I don't believe that's possible.. but I'm pretty sure the ordering of the imports matters, so if you have bindings that shadow earlier imports, if you import those AFTER the originals then you should be okay.. err.. I think..
[Sun Jul  6 18:52:17 2014] <johnw> i'm running into conflicts between notations
[Sun Jul  6 18:53:01 2014] <mankyKitty> I've only been present for conversations between people that have had a similar problem.. the import order matters is the only thing I remember out of it.. I've not encountered it myself, sorry mate. :(
[Sun Jul  6 18:53:35 2014] <johnw> ok, I worked around it
[Sun Jul  6 18:53:37 2014] <johnw> thx
[Sun Jul  6 18:53:45 2014] <mankyKitty> \o/
[Sun Jul  6 19:24:28 2014] <johnw> what does it mean when you use {} to specify a type class instance?
[Sun Jul  6 19:24:35 2014] <johnw> like: Category { Fobj : C->D & Functor C D Fobj } (...)
[Sun Jul  6 19:29:35 2014] <ddere> implicit args for the instance?
[Sun Jul  6 19:29:43 2014] <ddere> i'm not entirely sure myself, thats just a guess
[Sun Jul  6 19:41:51 2014] <johnw> woohoo, just encountered a case where I had to use sigma types; never quite understood it before, now it clicked
[Mon Jul  7 04:06:56 2014] <johnw> why is it that when I have a typeclass in my context, like H0 : Monad (EitherT E M), that I can't simplify any of the methods from that typeclass, even though there is an instance for it in scope?
[Mon Jul  7 04:08:39 2014] <roosbeef> what does it say when you try
[Mon Jul  7 04:08:47 2014] <johnw> it just doesn't simplify
[Mon Jul  7 04:08:49 2014] <johnw> my goal says:
[Mon Jul  7 04:08:55 2014] <johnw> (EitherT_ E M A ∘ eta/M ∘ eta/Either E) x = (eta/EitherT E M) x
[Mon Jul  7 04:09:05 2014] <johnw> that should just be refl, since the left is exactly the implementation of EitherT_eta
[Mon Jul  7 04:09:19 2014] <johnw> beta eta/EitherT E M is not "resolving" down to the method I used to implement it:
[Mon Jul  7 04:09:29 2014] <johnw> eta   := fun _ => EitherT_eta
[Mon Jul  7 04:09:35 2014] <johnw> I've noticed this in other places before
[Mon Jul  7 04:09:50 2014] <johnw> here's a simple example: https://gist.github.com/977fe1d45b66a824c947
[Mon Jul  7 04:09:57 2014] <johnw> rather, see the whole file:
[Mon Jul  7 04:10:00 2014] <johnw> https://gist.github.com/dd5bc6ee27d9db3e462a
[Mon Jul  7 04:10:13 2014] <johnw> if I add a constraint `{Functor (fun X => F (G X))}
[Mon Jul  7 04:10:20 2014] <johnw> suddenly I can't unfold compose_fmap anymore
[Mon Jul  7 04:10:35 2014] <johnw> it seems I can only see the instance methods when the type class constraint isn't present
[Mon Jul  7 04:16:08 2014] <roosbeef> (i dont think i would be of much help here, being a relative novice at this)
[Mon Jul  7 04:23:08 2014] <johnw> ah well, I'm missing something simple
[Mon Jul  7 04:23:12 2014] <johnw> elarnon would know :)
[Mon Jul  7 04:24:01 2014] <elarnon> hm?
[Mon Jul  7 04:24:07 2014] <johnw> hi elarnon!
[Mon Jul  7 04:24:13 2014] <johnw> Just having some issues with type classes
[Mon Jul  7 04:24:38 2014] <elarnon> hi johnw
[Mon Jul  7 04:24:49 2014] <johnw> I finished proving all those things I was trying to prove
[Mon Jul  7 04:25:06 2014] <elarnon> nice!
[Mon Jul  7 04:25:15 2014] <johnw> yes, it feels good
[Mon Jul  7 04:25:26 2014] <johnw> now I'm trying to prove that my MonadTrans instance is lawful
[Mon Jul  7 04:25:33 2014] <johnw> but I'm stuck on a simplification issue
[Mon Jul  7 04:25:42 2014] <johnw> 03:10 <johnw> https://gist.github.com/dd5bc6ee27d9db3e462a
[Mon Jul  7 04:25:43 2014] <johnw> 03:10 <johnw> if I add a constraint `{Functor (fun X => F (G X))}
[Mon Jul  7 04:25:43 2014] <johnw> 03:10 <johnw> suddenly I can't unfold compose_fmap anymore
[Mon Jul  7 04:25:50 2014] <johnw> that is a good example of the problem
[Mon Jul  7 04:26:06 2014] <johnw> why does having a constraint make the instance opaque?
[Mon Jul  7 04:26:09 2014] <elarnon> i'll take a quick look to see if i can help
[Mon Jul  7 04:27:37 2014] <johnw> that would be great, thanks
[Mon Jul  7 04:28:05 2014] <elarnon> what is the error you get?
[Mon Jul  7 04:28:09 2014] <johnw> no erro
[Mon Jul  7 04:28:10 2014] <johnw> r
[Mon Jul  7 04:28:19 2014] <elarnon> (or alternatively, where can i see the Functor.v file?)
[Mon Jul  7 04:28:19 2014] <johnw> just that unfold does nothing
[Mon Jul  7 04:28:32 2014] <johnw> https://github.com/jwiegley/category-theory/blob/master/Endo/Functor.v
[Mon Jul  7 04:28:35 2014] <elarnon> oh hm
[Mon Jul  7 04:31:44 2014] <johnw> wrong file: https://github.com/jwiegley/category-theory/blob/master/Endo/FCompose.v
[Mon Jul  7 04:31:46 2014] <johnw> that's what I meant
[Mon Jul  7 04:31:52 2014] <johnw> oh, I see, n/m
[Mon Jul  7 04:33:11 2014] <elarnon> well your goal is no longer the same
[Mon Jul  7 04:33:39 2014] <johnw> it uses is_functor now, rather than Functor_Compose, right?
[Mon Jul  7 04:33:45 2014] <elarnon> the `{Functor (fun X => F (G X))} shadows the Functor_Compose instance
[Mon Jul  7 04:33:52 2014] <johnw> right
[Mon Jul  7 04:33:58 2014] <johnw> how do I unshadow?
[Mon Jul  7 04:34:08 2014] <johnw> I mean, the instance satisfies that constraint
[Mon Jul  7 04:34:26 2014] <johnw> hmm.. because I'm parametrizing on the instance?
[Mon Jul  7 04:34:32 2014] <elarnon> yes
[Mon Jul  7 04:34:37 2014] <johnw> I'm allowing the user to select any instance of that type
[Mon Jul  7 04:34:38 2014] <johnw> ah, I see
[Mon Jul  7 04:34:39 2014] <johnw> hmm
[Mon Jul  7 04:34:42 2014] <elarnon> so you don't know what is the definition of this fmap anymore
[Mon Jul  7 04:34:48 2014] <johnw> that actually makes sense :)
[Mon Jul  7 04:34:52 2014] <elarnon> it may be something completely unrelated to fmap_compose as far as Coq knows
[Mon Jul  7 04:35:03 2014] <johnw> right
[Mon Jul  7 04:35:23 2014] <johnw> it's like having a forall on the instance type
[Mon Jul  7 04:35:51 2014] <elarnon> yes, you are saying this is true for any instance
[Mon Jul  7 04:36:27 2014] <elarnon> you are actually trying to prove this for any function with same type as compose_fmap
[Mon Jul  7 04:37:05 2014] <johnw> that is awesome, thanks elarnon
[Mon Jul  7 04:37:13 2014] <johnw> you answered me perfectly :)
[Mon Jul  7 04:37:49 2014] <elarnon> you're welcome :-)
[Mon Jul  7 04:37:51 2014] <johnw> and with that, my problem is fixed
[Mon Jul  7 04:38:13 2014] <johnw> i just had to make my typeclass dictionary be a parameter of the MonadTrans type class, rather than a parameter of each law
[Mon Jul  7 04:40:48 2014] <elarnon> do you really need to use Global Instance btw?
[Mon Jul  7 04:41:14 2014] <elarnon> it is only different from Instance when using the Section mechanism (which you do not seem to be), iirc
[Mon Jul  7 04:41:38 2014] <johnw> ah, ok
[Mon Jul  7 04:41:44 2014] <johnw> I just copied that from elsewhere when I started
[Mon Jul  7 07:57:35 2014] <roosbeef> if i have a function with nested functions (fix ... ) args
[Mon Jul  7 07:57:49 2014] <roosbeef> how can i do case analysis on the arguments?
[Mon Jul  7 08:35:22 2014] <roosbeef> http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic137
[Mon Jul  7 08:35:29 2014] <roosbeef> how does this work?
[Mon Jul  7 08:35:33 2014] <roosbeef> unfold tactic at 2, 3.
[Mon Jul  7 08:35:40 2014] <roosbeef> that doesnt work..
[Mon Jul  7 08:36:56 2014] <elarnon> what "doesn't work" mean?
[Mon Jul  7 08:37:02 2014] <elarnon> +does
[Mon Jul  7 08:39:08 2014] <roosbeef> well, coq unfold fl_insert at 2, 3.
[Mon Jul  7 08:39:14 2014] <elarnon> oh, the manual seems to be outdated
[Mon Jul  7 08:39:16 2014] <roosbeef> gives
[Mon Jul  7 08:39:16 2014] <roosbeef> Syntax error: [unfold_occ] expected after ',' (in [red_tactic]).
[Mon Jul  7 08:39:28 2014] <elarnon> you want [unfold fl_insert at 2 3]
[Mon Jul  7 08:39:36 2014] <roosbeef> ??
[Mon Jul  7 08:39:38 2014] <roosbeef> why the brackets
[Mon Jul  7 08:39:38 2014] <elarnon> or [unfold fl_insert at 2, fl_insert at 3]
[Mon Jul  7 08:39:41 2014] <roosbeef> oh
[Mon Jul  7 08:39:51 2014] <roosbeef> ok :p
[Mon Jul  7 08:39:57 2014] <roosbeef> makes no sense but lets try
[Mon Jul  7 08:40:03 2014] <elarnon> no the bracket means "coq code inside"
[Mon Jul  7 08:40:14 2014] <roosbeef> ok works :)
[Mon Jul  7 08:40:16 2014] <roosbeef> thank you
[Mon Jul  7 08:40:30 2014] <elarnon> that's the convention in coq/ocaml comments and i tend to use it a bit too much ;-)
[Mon Jul  7 08:40:51 2014] <elarnon> in coqdoc/ocamldoc comments*
[Mon Jul  7 08:40:57 2014] <roosbeef> you dont say :p
[Mon Jul  7 08:42:23 2014] <elarnon> Ltac syntax is a bit weird ; when you think comma should be a separator but it doesn't work try space (and conversely)
[Mon Jul  7 13:33:00 2014] <shouya> hello,
[Mon Jul  7 13:33:14 2014] <shouya> i got stuck while trying to understand some inductions.
[Mon Jul  7 13:33:35 2014] <ianjneu> shouya: okay
[Mon Jul  7 13:33:50 2014] <shouya> ianjneu: one minute, i'll paste the code :)
[Mon Jul  7 13:35:41 2014] <shouya> http://lpaste.net/107061
[Mon Jul  7 13:35:47 2014] <shouya> here, a very simple case.
[Mon Jul  7 13:36:13 2014] <shouya> to prove the transivity of less_or_equal.
[Mon Jul  7 13:36:45 2014] <ianjneu> you're introducing too many variables. You want your induction to include quantification over c.
[Mon Jul  7 13:37:36 2014] <shouya> over c
[Mon Jul  7 13:37:41 2014] <shouya> what is that?
[Mon Jul  7 13:37:44 2014] <Cypi> In this case you don't need induction anyway, since you're using "le_S", which basically did all the work.
[Mon Jul  7 13:38:13 2014] <shouya> nono.. it's from software foundations guide.
[Mon Jul  7 13:39:13 2014] <Cypi> Oh, sorry. [assumption] uses the induction hypothesis, nevermind :)
[Mon Jul  7 13:39:55 2014] <shouya> the guide uses induction to prove this. that's a case in the guide: http://www.cis.upenn.edu/~bcpierce/sf/current/Rel.html#lab232
[Mon Jul  7 13:40:00 2014] <ianjneu> intros; generalize dependent c; induction H.
[Mon Jul  7 13:41:21 2014] <shouya> ianjneu: thank you... but i am still confused.
[Mon Jul  7 13:41:41 2014] <shouya> my question is about the induction over 'le'
[Mon Jul  7 13:42:03 2014] <shouya> let me state my confusion clearly.
[Mon Jul  7 13:42:23 2014] <shouya> first of all, the type of le is nat -> nat -> Prop, right?
[Mon Jul  7 13:42:36 2014] <Cypi> Yes
[Mon Jul  7 13:42:42 2014] <shouya> so 'le a b' should have type of Prop isn't it?
[Mon Jul  7 13:42:44 2014] <ianjneu> le is an inductive definition that carries more information about the ordering relationship of two natural numbers.
[Mon Jul  7 13:42:56 2014] <Cypi> Yes it does
[Mon Jul  7 13:43:00 2014] <shouya> that's why it's valid to be put as a hypo.
[Mon Jul  7 13:43:02 2014] <shouya> and...
[Mon Jul  7 13:43:02 2014] <ianjneu> You can eliminate Prop into Prop.
[Mon Jul  7 13:43:20 2014] <shouya> why can i perform an induction on a Prop.
[Mon Jul  7 13:43:32 2014] <ianjneu> relation's return type is Prop.
[Mon Jul  7 13:43:34 2014] <shouya> Prop isn't any inductive type basically.
[Mon Jul  7 13:43:41 2014] <Cypi> Because in this case, [le] is an inductive definition
[Mon Jul  7 13:44:02 2014] <shouya> Cypi: okay, that's how i interpret it. fine.
[Mon Jul  7 13:44:16 2014] <shouya> and second, i don't know if i'm understanding correctly.
[Mon Jul  7 13:44:50 2014] <shouya> induction basically means to seperate an inductive definition into each cases, just like what 'destruct' does.
[Mon Jul  7 13:45:18 2014] <shouya> so as the definition of le, showing here: http://lpaste.net/107061
[Mon Jul  7 13:45:42 2014] <Ptival> shouya: yes, but on top of what destruct does, it also gives you a proof for the recursive occurences of the same type
[Mon Jul  7 13:45:57 2014] <shouya> Ptival: yup that's no problem.
[Mon Jul  7 13:46:20 2014] <shouya> but i found no where the cases goes in splited subgoals after induction.
[Mon Jul  7 13:47:32 2014] <Ptival> shouya: what is your misunderstanding
[Mon Jul  7 13:47:45 2014] <Ptival> so after induction you now have two subgoals, one for each of the constructors of `le`
[Mon Jul  7 13:48:36 2014] <shouya> Ptival: yup i think in this way.
[Mon Jul  7 13:48:47 2014] <Ptival> in the first case, `b` and `c` have been unified (because le_n is indexed at the same value as its parameter)
[Mon Jul  7 13:49:31 2014] <shouya> okay. good so far :)
[Mon Jul  7 13:50:11 2014] <shouya> so it should yield a hypo: b = c right?
[Mon Jul  7 13:50:25 2014] <shouya> okay... i get it.
[Mon Jul  7 13:50:32 2014] <shouya> how about the second case?
[Mon Jul  7 13:50:39 2014] <Ptival> well, it does, but then it just substs it, so you never see that hypothesis
[Mon Jul  7 13:50:52 2014] <Ptival> I mean, it doesn't, but morally you could think it does
[Mon Jul  7 13:51:13 2014] <shouya> Ptival: i see it :)
[Mon Jul  7 13:51:46 2014] <shouya> btw, updated paste: the goals before and after the induction are shown. http://lpaste.net/107061
[Mon Jul  7 13:51:52 2014] <Ptival> in fact, if you do 'remember c.' before the induction, you will see it
[Mon Jul  7 13:52:18 2014] <shouya> Ptival: i think i can comprehend this case, no problem :)
[Mon Jul  7 13:52:35 2014] <Ptival> not the second one?
[Mon Jul  7 13:53:27 2014] <Ptival> so in the second one, we consider the case where the original `b <= c` we did induction has been built using the constructor `le_S`
[Mon Jul  7 13:54:08 2014] <Ptival> so it must be the case that `b <= c` unifies with `n <= S m`, therefore `b` unifies with `n` and `c` unifies with `S m`
[Mon Jul  7 13:54:22 2014] <shouya> hmm...
[Mon Jul  7 13:54:48 2014] <shouya> gotcha!
[Mon Jul  7 13:55:09 2014] <Ptival> so you get in your context the parameters given to le_S: m, `n <= m` (which after unification becomes `b <= m`)
[Mon Jul  7 13:55:22 2014] <shouya> Ptival: thank you i think i got the idea of how it works :P
[Mon Jul  7 13:55:40 2014] <Ptival> and your goal is still `a <= c`, but `c` has been unified with `S m`, so the goal is `a <= S m`
[Mon Jul  7 13:55:48 2014] <shouya> yes, yes..
[Mon Jul  7 13:56:07 2014] <shouya> it just a little bit convoluted :)
[Mon Jul  7 13:56:17 2014] <shouya> thanks everyone :)
[Mon Jul  7 13:56:50 2014] <Ptival> yeah it takes time to wrap your head around it
[Mon Jul  7 13:57:13 2014] <shouya> :P
[Mon Jul  7 13:57:29 2014] <Ptival> especially because all the unification happens so you don't see some more intermediate states
[Mon Jul  7 13:59:07 2014] <shouya> Ptival: is there an option that i can switch it on and see all the detailed reductions?
[Mon Jul  7 14:01:34 2014] <ianjneu> shouya: I annotated with a proof
[Mon Jul  7 14:03:09 2014] <shouya> ianjneu: thanks at first, i'm trying this out step by step :)
[Mon Jul  7 14:08:00 2014] <shouya> ianjneu: why is there an extra 'subst' in line 45?
[Mon Jul  7 14:08:58 2014] <ianjneu> shouya: inversion introduces equalities. I used subst to distribute them.
[Mon Jul  7 14:09:20 2014] <shouya> this step seems unnecessary isn't it?
[Mon Jul  7 14:09:44 2014] <ianjneu> it might be.
[Mon Jul  7 14:13:26 2014] <shouya> ianjneu: what does 'constructor' tactic do?
[Mon Jul  7 14:13:49 2014] <shouya> it transforms the goal 'n <= S n' directly to 'n <= n'.
[Mon Jul  7 14:14:06 2014] <shouya> is it same as 'apply le_Sn' ?
[Mon Jul  7 14:16:23 2014] <shouya> okay, i've checked the ref doc :)
[Mon Jul  7 14:20:01 2014] <shouya> ianjneu: thank you for such an elaborated annotation. it's very clear. i think my confusion has been solved. thank you again :p
[Mon Jul  7 14:51:42 2014] <Ptival> shouya: not really, because there are no reductions per se
[Mon Jul  7 21:01:59 2014] <johnw> there is nothing quite so satisfying as spending hours, giving up on a proof as hopeless, then after a night's sleep finding the solution within 30 minutes :)
[Mon Jul  7 21:02:20 2014] <johnw> turns out I used f_equal a few too many times, and robbed myself of the information I needed to solve the problem
[Tue Jul  8 17:20:18 2014] <napping> is forall {A B : Set}, (A -> inhabited B) -> inhabited (A -> B) provable?
[Tue Jul  8 17:21:40 2014] <Ptival> what if A is empty?
[Tue Jul  8 17:21:46 2014] <Ptival> oh
[Tue Jul  8 17:21:47 2014] <Ptival> nvm
[Tue Jul  8 17:21:49 2014] <Ptival> wait
[Tue Jul  8 17:21:56 2014] <Ptival> I confused myself :)
[Tue Jul  8 17:23:44 2014] <rmk0> does "inhabited" include a witness?
[Tue Jul  8 17:24:13 2014] <rmk0> assume it must...
[Tue Jul  8 17:24:17 2014] <napping> It's from the library, Inductive inhabited (A : Type) : Prop :=  inhabits : A -> inhabited A
[Tue Jul  8 17:30:30 2014] <rmk0> is obviously possible to construct an "inhabited B", but i don't know how to extract the witness given that the whole thing's in Prop
[Tue Jul  8 17:31:16 2014] <rmk0> http://waste.io7m.com/2014/07/08/state.txt
[Tue Jul  8 17:31:23 2014] <rmk0> is the sticking point, as i'm sure you've already discovered
[Tue Jul  8 17:31:47 2014] <napping> yes. This might be relevant: http://homotopytypetheory.org/2012/01/22/univalence-versus-extraction/
[Tue Jul  8 17:34:40 2014] <napping> defining the full induction scheme looks like it might help
[Tue Jul  8 17:44:06 2014] <napping> looks like it won't work
[Tue Jul  8 17:45:20 2014] <napping> anyone know how to get any use out of ~Acc?
[Tue Jul  8 17:46:11 2014] <napping> I came by this "inhabited" stuff trying to work with some kind of CoInductive diverges {A} (step : A -> A -> Prop) (a : A) := dstep : forall b, step a b -> diverges step b -> diverges step a
[Tue Jul  8 17:46:25 2014] <napping> like getting an explicit path as a (nat -> A) function under an "exists"
[Tue Jul  8 17:48:27 2014] <napping> even getting from ~Acc R a to exists b, R b a /\ ~Acc R b seems to take a decent helping of excluded middle.
[Tue Jul  8 17:50:03 2014] <napping> ~Acc R a -> ~~exists b, R b a without axioms
[Tue Jul  8 17:51:12 2014] <napping> well, I guess I don't have too much reason to put my diverging paths into Prop
[Tue Jul  8 17:59:41 2014] <napping> seems like there's a bit of a gap between having termination, and exhibiting a diverging path
[Tue Jul  8 19:20:10 2014] <osa1__> how can I unfold <= ?
[Tue Jul  8 19:20:57 2014] <amosr> maybe Locate “<=“. unfold le_nat (or whatever it says) ?
[Tue Jul  8 19:21:42 2014] <amosr> actually I can’t remember whether <= is defined in terms of <, or vice versa
[Tue Jul  8 19:22:52 2014] <osa1> so <= is actually notation for le and sometimes I want to replace notations with definitions in hypothesis/goal screen.
[Tue Jul  8 19:23:35 2014] <elarnon> you can Unset Printing Notations. in proof general and there is a menu somewhere in coqide
[Tue Jul  8 19:23:36 2014] <osa1> so it's not unfolding, but I need something more general to replace notations with definitions.
[Tue Jul  8 19:24:04 2014] <osa1> I'm not using proof general or CoqIDE
[Tue Jul  8 19:24:18 2014] <osa1> Unset Printing Notations failed with: Error: Use CoqIDE display menu instead
[Tue Jul  8 19:24:52 2014] <osa1> so basically there's not a command like this but CoqIDE somehow manages to do it
[Tue Jul  8 19:24:58 2014] <osa1> or am I missing something?
[Tue Jul  8 19:25:23 2014] <elarnon> there is a command that does this, but CoqIDE disables it
[Tue Jul  8 19:25:33 2014] <osa1> hm
[Tue Jul  8 19:25:35 2014] <elarnon> what are you using to interact with Coq if not CoqIDE?
[Tue Jul  8 19:25:42 2014] <osa1> a vim plugin
[Tue Jul  8 19:25:58 2014] <elarnon> coquille?
[Tue Jul  8 19:26:26 2014] <osa1> most of the time notations are very, very annoying to me. especially annoying when working through CPDT book because it's full of notations that convert Coq syntax into something annoying.
[Tue Jul  8 19:26:29 2014] <osa1> elarnon: no
[Tue Jul  8 19:26:43 2014] <osa1> elarnon: I don't think it has a name, I found it in vim.org and modified a little bit to make it working
[Tue Jul  8 19:26:53 2014] <osa1> it was something like "vim coq plugin"
[Tue Jul  8 19:27:09 2014] <osa1> I didn't like coquille for several reasons I don't remember now
[Tue Jul  8 19:27:57 2014] <elarnon> well whatever, i don't know how this coq plugin interacts with coq but coq believes it is using CoqIDE somehow
[Tue Jul  8 19:28:34 2014] <elarnon> do you  know the command that is used by your plugin to start coq?
[Tue Jul  8 19:29:57 2014] <osa1> no
[Tue Jul  8 19:30:11 2014] <elarnon> you should be able to get it by running "ps aux | grep coq" in a terminal on a linux (and probably mac too) machine
[Tue Jul  8 19:30:19 2014] <elarnon> while your vim plugin is running
[Tue Jul  8 19:30:31 2014] <osa1> coqtop.opt -ideslave
[Tue Jul  8 19:30:51 2014] <osa1> interesting. there's also `grep --color=auto coq`
[Tue Jul  8 19:31:50 2014] <elarnon> that one is the command that you used for searching, which indeed contain "coq" in the name also
[Tue Jul  8 19:32:28 2014] <elarnon> so apparently your vim plugin is telling coq that it is running under CoqIDE (which is not the case)
[Tue Jul  8 19:33:05 2014] <elarnon> so either the plugin provide a way to toggle this and you need to find it, or you're screwed
[Tue Jul  8 19:33:51 2014] <jrw> osa1: out of curiousity, why do you need to replace notations with definitions? they're transparent to coq, so you should be able to just proceed using notations.
[Tue Jul  8 19:34:06 2014] <elarnon> jrw: he wants to see the real goal
[Tue Jul  8 19:34:30 2014] <osa1> right. also I want to be able to SearchAbout without running Locate every single time.
[Tue Jul  8 19:34:34 2014] <elarnon> in order to know what are the actual definitions used
[Tue Jul  8 19:34:37 2014] <osa1> also, CPDT notations are horrible anyway
[Tue Jul  8 19:35:05 2014] <elarnon> SearchPattern may help
[Tue Jul  8 19:35:21 2014] <elarnon> but i thought SearchAbout worked with notation patterns
[Tue Jul  8 19:35:59 2014] <jgross> Are you looking for [Unset Printing Notations.]? 
[Tue Jul  8 19:36:10 2014] <elarnon> SearchAbout works with notation patterns
[Tue Jul  8 19:36:28 2014] <elarnon> jgross: he is using a vim plugin that starts coq in coqide mode, so coq refuses this
[Tue Jul  8 19:36:32 2014] <osa1> jgross: I'm looking for making it working
[Tue Jul  8 19:36:59 2014] <osa1> elarnon: in any case I'd love to get ride of notations
[Tue Jul  8 19:37:17 2014] <elarnon> osa1: you can do things like [SearchAbout (_ <= _).]
[Tue Jul  8 19:37:32 2014] <osa1> thanks for the tip, I didn't know that
[Tue Jul  8 19:42:56 2014] <elarnon> osa1: if your plugin is http://www.vim.org/scripts/script.php?script_id=4388 , you should be able to do <leader>N to disable notation printing and <leader>n to enable it again
[Tue Jul  8 19:46:46 2014] <elarnon> well on that i will go to bed, hope you find a solution that works for you osa1
[Tue Jul  8 19:46:54 2014] <osa1> elarnon: yeah that plugin but I don't think that binding is working. it's still showing h' <= h as goal.
[Tue Jul  8 19:46:58 2014] <osa1> elarnon: yeah thanks
[Tue Jul  8 19:49:34 2014] <osa1> maybe I should read another book instead
[Tue Jul  8 20:27:49 2014] <osa1> is there a way to fold an unintentionally unfolded definition?
[Tue Jul  8 20:27:57 2014] <osa1> other than assertion equality and rewriting
[Tue Jul  8 20:27:59 2014] <osa1> asserting*
[Wed Jul  9 06:00:12 2014] <roosbeef> this is the definition of multiset equality:
[Wed Jul  9 06:00:29 2014] <roosbeef> forall a0 : fletter, multiplicity (list_contents eq eq_fletter_dec (ú :: ó :: nil)) a0 = multiplicity (list_contents eq eq_fletter_dec (ú :: ó :: ó :: nil)) a0
[Wed Jul  9 06:00:41 2014] <roosbeef> actually, not a definition but an instance
[Wed Jul  9 06:01:04 2014] <roosbeef> anyway, does anyone see how this definition works?
[Wed Jul  9 06:01:14 2014] <roosbeef> i can conceptually grasp it perfectly
[Wed Jul  9 06:01:20 2014] <roosbeef> but i dont see how coq makes sense of this
[Wed Jul  9 06:01:31 2014] <roosbeef> when i unfold multiplicity and list_contents, heres what it says:
[Wed Jul  9 06:02:20 2014] <roosbeef> https://privatepaste.com/cb69f65c17
[Wed Jul  9 06:02:36 2014] <roosbeef> which makes no sense to me, how does coq infer from this any number?
[Wed Jul  9 06:02:47 2014] <roosbeef> its comparing numbers right, with <=
[Wed Jul  9 06:02:49 2014] <roosbeef> ?
[Wed Jul  9 06:09:03 2014] <roosbeef> ahh thats what Bag does, nevermind :)
[Wed Jul  9 08:33:15 2014] <osa1> I'm trying to solve exercises listed here http://www.cs.princeton.edu/~appel/VFA/ but I'm stuck with first exercise http://lpaste.net/3569227525030674432 (see insert_sorted_preserve lemma) can anyone help me on how to approach this?
[Thu Jul 10 11:03:47 2014] <osa1_> I'm that part of the day again, in which I'm wasting 30 minutes looking for a function in stdlib which takes less amount of time to implement from scratch. this time I'm looking for peano nat division.
[Thu Jul 10 11:04:05 2014] <osa1_> I'm in that part*
[Thu Jul 10 11:10:34 2014] <ianjneu> osa1_:  have you tried searchabout combined with your editor's "find" functionality?
[Thu Jul 10 11:12:02 2014] <ianjneu> NPeano.div is what you want I imagine.
[Thu Jul 10 11:15:02 2014] <osa1_> ianjneu: yes. thanks.
[Thu Jul 10 11:15:35 2014] <ianjneu> Here's what I did: coqtop RET Require Import ZArith. RET SearchAbout nat. RET C-R div C-R (some number of times to search. Oh, NPeano.divide?) Print NPeano.divide. RET (hmm, nope that's a prop) C-R div C-R (searching more. Ah, NPeano.div) Print NPeano.div. (That looks right) Eval compute in (NPeano.div 60 6). (that's the right answer. Good.)
[Thu Jul 10 11:15:40 2014] <osa1_> so it turns out that I can use types in SearchAbout like SearchAbout (nat - >nat -> nat) which is very useful.
[Thu Jul 10 11:16:23 2014] <ianjneu> This is in emacs's shell, btw
[Thu Jul 10 11:16:36 2014] <ianjneu> C-R is search reverse.
[Thu Jul 10 11:17:02 2014] <osa1_> ianjneu: the problem with SearchAbout is that I have to include required modules for it to be useful.
[Thu Jul 10 11:17:19 2014] <osa1_> ianjneu: but I have no idea what module to import which is part of the main problem.
[Thu Jul 10 11:17:27 2014] <ianjneu> osa1_: You can be reasonably sure that your arithmetic needs are in ZArith.
[Thu Jul 10 11:17:29 2014] <osa1_> because if I knew the module I could look in documentation
[Thu Jul 10 11:18:37 2014] <ianjneu> But I agree with you in general, outside of numbers, coq's lib is hard to navigate. I really love Racket's documentation search.
[Thu Jul 10 11:39:28 2014] <osa1_> is there an alternative keyword for Proof? does Proof keyword has any significance other than being useful for delimiting tactic-based definitions?
[Thu Jul 10 11:53:25 2014] <ianjneu> Proof has an optional form: Proof with tac. This allows you to denote an application of tac with just ".."
[Thu Jul 10 11:54:20 2014] <ianjneu> Er, "..."
[Thu Jul 10 11:55:16 2014] <ianjneu> Goal True. Proof with (exact I). idtac... Qed.
[Thu Jul 10 11:55:29 2014] <ianjneu> contrived, but meh.
[Thu Jul 10 11:55:44 2014] <elarnon> i hate this feature
[Thu Jul 10 11:55:58 2014] <ianjneu> It's really stupid, I agree.
[Thu Jul 10 11:56:09 2014] <elarnon> using a Ltac definition i a couple of keywords longer and much more clearer
[Thu Jul 10 11:56:16 2014] <elarnon> keystrokes*
[Thu Jul 10 11:56:42 2014] <ianjneu> It counts as a "." so you can't use it in any of ti for t;[t0 | ... | tn]
[Thu Jul 10 11:59:39 2014] <ianjneu> ... should be treated as ;tac, only tac may not textually reference the current proof environment, because that's unhygienic.
[Thu Jul 10 12:00:07 2014] <ianjneu> I'm pretty sure it's an old wart, not a new feature.
[Thu Jul 10 12:02:38 2014] <elarnon> i would love to see it deprecated
[Thu Jul 10 17:36:33 2014] <osa1> can anyone give me some pointers on how to prove this http://lpaste.net/138510831280193536 ?
[Thu Jul 10 17:53:48 2014] <jrw> osa1: you'll need an induction hypothesis that generalizes over i because the two recursive calls use different values for i
[Thu Jul 10 17:54:00 2014] <jrw> other than that it should go through just by using some permutation facts
[Thu Jul 10 17:54:54 2014] <osa1> jrw: hmm I didn't try generalizing i before induction. I'll try that, thanks for the pointer.
[Fri Jul 11 06:57:28 2014] <roosbeef> i have an insert sort function, fl_insert
[Fri Jul 11 06:57:28 2014] <roosbeef> id like to say that fl_insert f L equals either f :: L' or L' (where L' is a subset of L)
[Fri Jul 11 06:57:49 2014] <roosbeef> how do i formulate this?
[Fri Jul 11 06:58:37 2014] <roosbeef> i find it difficult to involve L'
[Fri Jul 11 06:59:03 2014] <roosbeef> (as it is not defined/instantiated at the point of beginning that case analysis)
[Fri Jul 11 07:13:41 2014] <roosbeef> nevermind, this should work i guess: forall f L, msubeq (fl_insert f L) L \/ msubeq (fl_insert f L) f :: L.
[Fri Jul 11 08:05:37 2014] <notdan> Uggh, damn you, `fresh'
[Fri Jul 11 08:08:08 2014] <notdan> http://lpaste.net/2182626071143251968 how can something like this generate name clashes?
[Fri Jul 11 08:08:17 2014] <notdan> I use nothing but "fresh" and H/H0
[Fri Jul 11 08:08:56 2014] <notdan> http://lpaste.net/2182626071143251968 i've postedt the error too
[Fri Jul 11 08:15:20 2014] <notdan> Ugh, I replaced all "with" with "in"
[Fri Jul 11 08:15:22 2014] <notdan> and it's working
[Fri Jul 11 08:15:27 2014] <notdan> weird :SS
[Fri Jul 11 08:16:40 2014] <notdan> Anyway, finally finished proving deduction lemma for propositional calculus. 261 lines
[Fri Jul 11 10:52:02 2014] <osa1> I tried to encode some algebraic structures/properties in Coq https://gist.github.com/osa1/fb600a76dd7123d8b37a am I doing this right?
[Fri Jul 11 10:53:00 2014] <notdan> osa1: Usually I've seen people using 1) Records 2) Typeclasses for defining algebraic gadgets
[Fri Jul 11 10:54:04 2014] <osa1> hm, I don't know neither of those.
[Fri Jul 11 10:54:12 2014] <osa1> notdan: other than that it looks OK?
[Fri Jul 11 10:54:38 2014] <osa1> I mean I know records and typeclasses from Haskell but I never used them in Coq
[Fri Jul 11 10:56:03 2014] <ianjneu> osa1: they're not much different, and they are much nicer to use for non-inductive collections like algebraic structures.
[Fri Jul 11 10:56:31 2014] <notdan> http://arxiv.org/pdf/1102.1323v1.pdf <- a paper about implementing mathematics in Coq with typeclasses
[Fri Jul 11 10:56:36 2014] <ianjneu> Record monad := mk_monad {tau : ... ; mu : ...}.
[Fri Jul 11 10:57:07 2014] <osa1> thanks for the paper
[Fri Jul 11 10:57:34 2014] <notdan> I think there are some downsides to using inductive..
[Fri Jul 11 10:58:07 2014] <osa1> like what?
[Fri Jul 11 10:58:15 2014] <notdan> well I guess with typeclasses you can have automatic instnaces, and you dont have to carry proofs around
[Fri Jul 11 11:00:33 2014] <notdan> also the upside of using typeclasses is that you can use setoids and setoid rewriting, which is just a special type of equality
[Fri Jul 11 11:00:43 2014] <osa1> yeah, things are a bit more explicit when typeclasses are not used. on the other hand this way I can have multiple different implementations of same proof.
[Fri Jul 11 11:00:44 2014] <notdan> e.g. you might want to have quotient groups and stuff
[Fri Jul 11 11:01:14 2014] <osa1> setoid = Type + equality function with some laws?
[Fri Jul 11 11:01:18 2014] <notdan> I think you can have multiple instances for a typeclass as well, I don't remember precisel
[Fri Jul 11 11:01:40 2014] <notdan> osa1: yeah, basically a type with an equivalence relation
[Fri Jul 11 11:01:54 2014] <notdan> and setoid morphism is a function from one type to another that preserves the equality relations
[Fri Jul 11 11:02:24 2014] <ianjneu> setoids are unfortunately cumbersome.
[Fri Jul 11 11:02:42 2014] <notdan> yep
[Fri Jul 11 11:04:51 2014] <osa1> is there a convention to when to use capitalized variable names and when to use lowercase?
[Fri Jul 11 11:08:24 2014] <ianjneu> osa1: like in Haskell. Types and Type Constructors versus constructors and functions.
[Fri Jul 11 11:09:23 2014] <ijp> osa1: Or When You Need To Get Your Point Across
[Fri Jul 11 11:09:39 2014] <rmk0> proof by EMPHATIC DECLARATION
[Fri Jul 11 11:09:55 2014] <ianjneu> just be consistent.
[Fri Jul 11 11:10:07 2014] <osa1> lol
[Fri Jul 11 11:10:18 2014] <ianjneu> rmk0: I USE ALL CAPS SO YOU TOTALLY MISS THIS NEXT Admitted.
[Fri Jul 11 11:10:28 2014] <rmk0>  \o/
[Fri Jul 11 11:10:46 2014] <ianjneu> actually I don't.
[Fri Jul 11 11:10:46 2014] <ijp> http://staffhome.ecm.uwa.edu.au/~00043886/humour/invalid.proofs.html
[Fri Jul 11 11:11:26 2014] <ijp> my favourite is Proof by Exercise.
[Fri Jul 11 11:11:33 2014] <ianjneu> I'm a kabab case person from all my years in Racket. Too bad most other languages think I'm trying to subtract proof from my when I write my-proof.
[Fri Jul 11 12:33:55 2014] <notdan> anyone here in Viena atm by any chance?
[Fri Jul 11 12:33:59 2014] <notdan> *from here
[Fri Jul 11 12:37:40 2014] <ianjneu> notdan: you might find fabianm in #prl sometimes. He's from Austria, but I'm not sure if Vienna.
[Fri Jul 11 12:38:35 2014] <notdan> Oh, don't know anybody from the nuprl community. I was thiking more of people participating in the VSL
[Fri Jul 11 12:38:36 2014] <ianjneu> that's Fabian Muehlboehck at Cornell.
[Fri Jul 11 12:39:00 2014] <ianjneu> previously a masters in my lab.
[Fri Jul 11 12:39:25 2014] <ianjneu> prl isn't nuprl, but northeastern university's Programming Research Lab.
[Fri Jul 11 12:39:49 2014] <notdan> Ah
[Fri Jul 11 12:40:22 2014] <ianjneu> I think Billy Bowman and Phillip Mates are there.
[Fri Jul 11 12:40:39 2014] <ianjneu> pmatey and bluephoenix47 in #prl.
[Fri Jul 11 12:41:35 2014] <ianjneu> They're at some logic summer school...
[Fri Jul 11 12:41:45 2014] <ianjneu> maybe it's a different one in Paris.
[Fri Jul 11 13:22:22 2014] <Rc43> Hello.
[Fri Jul 11 13:23:00 2014] <Rc43> Can I prove in Coq that "forall f : X -> X, fun x => f x = f" ?
[Fri Jul 11 13:24:27 2014] <elarnon> no
[Fri Jul 11 13:24:55 2014] <elarnon> that's functional extensionality and it has to be imported as an axiom if you need it
[Fri Jul 11 13:25:30 2014] <elarnon> see http://coq.inria.fr/library/Coq.Logic.FunctionalExtensionality.html
[Fri Jul 11 13:26:00 2014] <Rc43> elarnon, ok, I thought the same, but somehow fell in doubts.
[Fri Jul 11 13:26:20 2014] <elarnon> oh wait
[Fri Jul 11 13:26:51 2014] <elarnon> it's not functional extensionality directly but i thought it was equivalent
[Fri Jul 11 13:27:01 2014] <elarnon> i'm not so sure anymore
[Fri Jul 11 13:27:33 2014] <Rc43> elarnon, I just thought that we can rewrite somehow f into "fun x => f x" (dunno)
[Fri Jul 11 13:28:00 2014] <elarnon> no that's false iirc
[Fri Jul 11 13:28:06 2014] <elarnon> well not false
[Fri Jul 11 13:28:15 2014] <elarnon> no it should be equivalent to functext
[Fri Jul 11 13:28:22 2014] <Rc43> elarnon, oh, I understood that actually I needn't it!
[Fri Jul 11 13:28:31 2014] <Rc43> elarnon, yep it seems to be equivalent to FE.
[Fri Jul 11 13:28:32 2014] <alkabetz> Yeah, that’s η-reduction, which is equivalent to extensionality
[Fri Jul 11 13:28:40 2014] <Rc43> elarnon, but I can prove equality of arguments.
[Fri Jul 11 13:31:29 2014] <elarnon> it is trivially implied by extensionality but i'm having doubts about the converse
[Fri Jul 11 13:33:43 2014] <elarnon> coq doc only says it follows from functext
[Fri Jul 11 13:33:53 2014] <ianjneu> alkabetz: eta is not equivalent to funext.
[Fri Jul 11 13:35:21 2014] <elarnon> and it seems you never get an x to apply eta expansion when trying to prove functext
[Fri Jul 11 13:35:47 2014] <ianjneu> Rc43: in Coq8.4 that goal is provable by auot.
[Fri Jul 11 13:35:49 2014] <ianjneu> auto*
[Fri Jul 11 13:36:27 2014] <ianjneu> Goal forall (X : Type) (f : X -> X), (fun x : X => f x) = f. auto. Qed.
[Fri Jul 11 13:37:36 2014] <elarnon> oooh right they added eta to Coq, forgot about that one
[Fri Jul 11 13:38:47 2014] <ianjneu> I'm heading home for lunch.
[Fri Jul 11 13:56:35 2014] <Rc43> Hmm, can't understand is it true that "well_founded R -> well_founded (symmetric R)", where "symmetric R (xl,xr) (yl,yr) := R (xr,xl) (yl,yr)".
[Fri Jul 11 18:46:22 2014] <osa1> does anyone know some data structures with group properties? we have monoids but I can't come up with a data structure with inverse elements. does that even make sense?
[Fri Jul 11 18:48:06 2014] <Ptival> diffs? :)
[Fri Jul 11 18:51:02 2014] <osa1> very interesting. I think you're right.
[Fri Jul 11 18:52:32 2014] <osa1> but we can't always merge two diffs
[Fri Jul 11 18:53:02 2014] <osa1> so it doesn't have a semigroup operation.
[Fri Jul 11 18:57:01 2014] <osa1> we can't define Diff -> Diff -> Diff, we can only define Diff -> Diff -> option Diff or some other partial function.
[Fri Jul 11 18:57:05 2014] <osa1> any other ideas? :)
[Fri Jul 11 18:59:33 2014] <osa1> so if I work with setoids can I use rewrite when I have my equivalence relation between two values?
[Sat Jul 12 00:55:55 2014] <the-manless-man> Hi everybody! A soft question: if one wants to encode mainstream math in Coq (classical, without an emphasis on program extraction), is there a "recommended" existential quantifier? (ex / sig / sigT)
[Sat Jul 12 00:59:16 2014] <the-manless-man> I mean the one that implies less headaches :)
[Sat Jul 12 01:41:59 2014] <Cale> the-manless-man: I don't have enough experience with it to say for sure, but I usually just avoid Prop.
[Sat Jul 12 01:42:15 2014] <Cale> the-manless-man: There are reasons why you might want the impredicativity that Prop offers
[Sat Jul 12 01:42:34 2014] <Cale> (even if you don't care about Prop erasure)
[Sat Jul 12 01:43:19 2014] <Cale> But for the most part, well, at least I find it more convenient to be able to take apart proofs in order to define functions and such.
[Sat Jul 12 02:16:30 2014] <the-manless-man> Thanks Cale
[Sat Jul 12 02:17:28 2014] <the-manless-man> Are you thinking on a specific reason one might want to work in Prop, other than erasure?
[Sat Jul 12 02:19:14 2014] <the-manless-man> Oh, ok, you were pointing to impredicativity
[Sat Jul 12 10:37:41 2014] <ianjneu> osa1_: you can use rewrite if you also have a typeclass instance of Proper for the function in question wrt your relation.
[Sat Jul 12 17:29:18 2014] <osa1_> I'm trying to implement a very simple dependently typed function, basically I want to reverse a list from given index, provided that index < length list and I also want to return a proof that returned list has same length as argument list. I'm trying this: http://lpaste.net/1470943702363930624 can anyone give me some pointers?
[Sat Jul 12 17:31:51 2014] <osa1> I was disconnected if anyone wrote anything to me
[Sat Jul 12 17:34:41 2014] <osa1> I updated the link
[Sat Jul 12 17:36:08 2014] <osa1> doh "Anomaly: Uncaught exception Vernac.End_of_input. Please report."
[Sat Jul 12 17:40:02 2014] <osa1> why I can't do inversion on p : 0 > 0 ?
[Sat Jul 12 17:41:47 2014] <johnw> can anyone offer advice on this theorem from SF:
[Sat Jul 12 17:41:48 2014] <johnw> Theorem rev_pal : forall X l, l = rev l -> pal X l.
[Sat Jul 12 17:42:01 2014] <johnw> it would seem to do this that I need to perform induction on l from "both directions at once"
[Sat Jul 12 17:42:10 2014] <johnw> and yet, that's not something which the text has introduced
[Sat Jul 12 17:42:23 2014] <johnw> every set of solutions on the web has Admitted for this proof :)
[Sat Jul 12 17:43:36 2014] <ijp> which section of SF is it in?
[Sat Jul 12 17:45:01 2014] <ijp> hmm, no, I Admitted. that one too
[Sat Jul 12 17:45:40 2014] <johnw> :)
[Sat Jul 12 17:45:49 2014] <johnw> i've spent enough time on it now that I'm ready for hints
[Sat Jul 12 17:45:51 2014] <ezyang_> It's a pretty tough one
[Sat Jul 12 17:45:58 2014] <johnw> ezyang_: oh!
[Sat Jul 12 17:46:02 2014] <johnw> ezyang_: I had a separate question for you
[Sat Jul 12 17:46:05 2014] <ezyang_> I think my advisor spent a day working on it
[Sat Jul 12 17:46:10 2014] <ezyang_> * has not solve dit 
[Sat Jul 12 17:46:28 2014] <johnw> in LogicT, why is the type (a -> m r -> m r) -> m r -> m r, instead of just (a -> r -> m r) -> r -> m r?
[Sat Jul 12 17:46:59 2014] <ezyang_> Well, the former type seems more flexible. Maybe it could be supported cost free?
[Sat Jul 12 17:47:14 2014] <johnw> can you give into more detail there?
[Sat Jul 12 17:47:25 2014] <johnw> this concerns a design point in one of my own libraries
[Sat Jul 12 17:47:39 2014] <ezyang_> given Monad m => (a -> m r -> m r) -> m r -> m r, I can give you the latter
[Sat Jul 12 17:49:30 2014] <ijp> johnw: I got reasonably far by proving it true for even, and for odd, and then proving that the length is always odd or even
[Sat Jul 12 17:49:59 2014] <ijp> but the whole thing was a mess, and I'm not going to let you see it :)
[Sat Jul 12 17:50:46 2014] <johnw> ezyang_: https://gist.github.com/c6e7a22a8875a480d21d
[Sat Jul 12 17:51:08 2014] <johnw> aren't the two forms isomorphic?
[Sat Jul 12 17:51:20 2014] <johnw> ijp: :(
[Sat Jul 12 17:51:42 2014] <ezyang_> It's true
[Sat Jul 12 17:51:56 2014] <johnw> the best ideas I've seen on the Web so far involve crafting a custom induction principle for lists, where you case analyze on both ends at once; and yet, SF have never talked about this
[Sat Jul 12 17:52:09 2014] <johnw> ezyang_: so....
[Sat Jul 12 17:52:26 2014] <johnw> ezyang_: why does LogicT not choose the simpler form?
[Sat Jul 12 17:52:26 2014] <ezyang_> johnw: You're guess is as good as mine :) Take a look at the impl, maybe
[Sat Jul 12 17:52:30 2014] <johnw> ok
[Sat Jul 12 17:52:36 2014] <johnw> i've been pouring over that, and Oleg's paper
[Sat Jul 12 17:52:46 2014] <ezyang_> re custom induction principle, you know an induction principle is just another lemma, right?
[Sat Jul 12 17:52:53 2014] <osa1> can anyone help me? why I can't use inversion on p : S (length t) > 0 ?
[Sat Jul 12 17:52:53 2014] <johnw> Tekmo thought that with the additional 'm', you couldn't have a lawful MonadTrans instance for LogicB
[Sat Jul 12 17:52:58 2014] <johnw> but I proved in Coq that that's not the case
[Sat Jul 12 17:52:58 2014] <osa1> ops sry
[Sat Jul 12 17:53:01 2014] <osa1> wrong expression
[Sat Jul 12 17:53:08 2014] <osa1> p : 0 > 0
[Sat Jul 12 17:53:10 2014] <johnw> ezyang_: true
[Sat Jul 12 17:53:20 2014] <johnw> ezyang_: very true.....
[Sat Jul 12 17:53:50 2014] <johnw> even still, that seems beyond what the reader is expected to know that point in SF, which makes me feel like I'm missing something more obvious
[Sat Jul 12 17:54:08 2014] <ijp> johnw: they're covered in one of the optional parts, no?
[Sat Jul 12 17:54:15 2014] <ijp> I forget which one
[Sat Jul 12 17:55:15 2014] <johnw> well, https://github.com/vladoovtcharov/Software-Foundations-Solutions/blob/master/Prop.v does have a simpler answer
[Sat Jul 12 17:55:18 2014] <johnw> he uses:
[Sat Jul 12 17:55:22 2014] <johnw> Inductive pal' {X: Type} : list X -> Prop :=
[Sat Jul 12 17:55:23 2014] <johnw>   | palc' : forall l, l = rev l -> pal' l.
[Sat Jul 12 17:55:39 2014] <johnw> even though SF itself says you wouldn't want to do that
[Sat Jul 12 17:55:57 2014] <ijp> MoreInd.html I think
[Sat Jul 12 17:56:18 2014] <johnw> although that's 3 chapters further into the book from Prop.v!
[Sat Jul 12 17:59:25 2014] <johnw> ezyang_: did he ever finish it?
[Sat Jul 12 18:04:25 2014] <osa1> maybe I should do inversion but how can I eliminate the goal from if I have `p : S idx' < 0` ?
[Sat Jul 12 18:04:34 2014] <osa1> shouldn't*
[Sat Jul 12 18:08:50 2014] <osa1> interesting, omega solved it.
[Sat Jul 12 18:12:08 2014] <Cypi> "< osa1> why I can't do inversion on p : 0 > 0 ?" >> it actually works for me :o
[Sat Jul 12 18:15:21 2014] <osa1> I'm very confused. I can't do anything with refine but I can't implement recursion as I want without using refine... so I'm stuck
[Sat Jul 12 18:16:08 2014] <osa1> there are always lots of information lost while filling missing parts when refine is used.
[Sat Jul 12 18:16:46 2014] <osa1> Cypi: "Error: Inversion would require case analysis on sort Type which is not allowed for inductive definition le."
[Sat Jul 12 18:17:02 2014] <osa1> I'd love to see some refine examples.
[Sat Jul 12 18:17:49 2014] <Cypi> Certified Programming with Dependent Types uses a lot refine, in some chapters
[Sat Jul 12 18:18:20 2014] <osa1> I'm trying to avoid that book if possible :P
[Sat Jul 12 18:18:27 2014] <Cypi> Oh? Ok
[Sat Jul 12 18:19:34 2014] <Cypi> About your error, ok, I have the same if I'm trying to prove "0 < 0 -> nat" for example. (Because my goal is not in Prop, I guess)
[Sat Jul 12 18:20:20 2014] <Cypi> But doing "exfalso" first works just fine.
[Sat Jul 12 18:24:19 2014] <osa1> interesting. what's wrong with doing inversion when goal is not prop?
[Sat Jul 12 18:40:45 2014] <elarnon> johnw: how would you prove your theorem by hand?
[Sat Jul 12 18:42:19 2014] <elarnon> osa1: Coq prevents you from doing case analysis (inversion, induction, destruct, etc.) on Prop when your goal is not in Prop for code extraction reasons
[Sat Jul 12 18:42:50 2014] <elarnon> things in Prop are erased when you extract code, so your real values (things in Set and Type) must never look at it
[Sat Jul 12 18:43:37 2014] <elarnon> otherwise your code couldn't be executed
[Sat Jul 12 18:45:23 2014] <elarnon> using the [exfalso] tactic allows you to say "I am looking at these things in Prop to prove this goal in Set/Type, but my goal is actually a contradiction so when running code I will never get there and it is safe"
[Sat Jul 12 18:45:58 2014] <osa1> elarnon: that makes sense. thanks.
[Sat Jul 12 18:47:26 2014] <elarnon> johnw: (my hint would be that you probably wouldn't do an induction on the list but rather on some simple derived property)
[Sat Jul 12 19:06:21 2014] <johnw> elarnon: thanks!
[Sun Jul 13 05:00:08 2014] <johnw> ltac can be pretty fun
[Sun Jul 13 05:00:17 2014] <johnw> most of my set theory proofs now reduce to:
[Sun Jul 13 05:00:22 2014] <johnw> Theorem inter_assoc : forall A B C, A ∩ (B ∩ C) = (A ∩ B) ∩ C.
[Sun Jul 13 05:00:23 2014] <johnw> Proof. intros. extension; obvious. Qed.
[Sun Jul 13 05:00:44 2014] <johnw> that's how most of the simple ones look now, whereas before they were many lines each
[Sun Jul 13 09:40:49 2014] <osa1> question http://lpaste.net/107424
[Sun Jul 13 09:45:38 2014] <alkabetz> You need well-founded recursion.  See http://adam.chlipala.net/cpdt/html/GeneralRec.html.
[Sun Jul 13 09:49:24 2014] <osa1> oh no
[Sun Jul 13 09:56:05 2014] <alkabetz> Coq’s termination checker is extremely simple.  It expects to find you recursing on a /syntactic/ subterm of one of your arguments. You’re not, so you need to prove to Coq that your recursion is well-founded.
[Sun Jul 13 10:07:37 2014] <osa1> I know. I just find type of Fix hard to understand. I think the idea of well-founded relation is very simple(not in Coq context, but in general) but somehow I can't use that to define recursive functions.
[Sun Jul 13 10:15:12 2014] <osa1> I'm wondering if there are languages with more powerful termination checkers as default.
[Sun Jul 13 10:19:58 2014] <osa1> do I need to use noBadChains as described in CPDT?
[Sun Jul 13 19:33:40 2014] <osa1> I solved my problem with map_rest function by using a "timeout" parameter.
[Mon Jul 14 05:20:36 2014] <johnw> ezyang_: ping
[Mon Jul 14 05:21:51 2014] <ezyang_> pong
[Mon Jul 14 05:22:05 2014] <johnw> ok, so using Coq I attempted to prove the isomorphism between those two forms of LogicT
[Mon Jul 14 05:22:21 2014] <johnw> which led to the discovery that I need an additional law for it to hold:
[Mon Jul 14 05:22:23 2014] <johnw> forall A B (f : M A -> M B), mu ∘ fmap f = f ∘ mu
[Mon Jul 14 05:22:50 2014] <johnw> which I think means that the two type are adjoint with respect to this law, not isomorphic
[Mon Jul 14 05:23:19 2014] <johnw> here's my work: https://gist.github.com/543bdc9ac4d39ad608db
[Mon Jul 14 05:23:26 2014] <johnw> sorry, https://gist.github.com/543bdc9ac4d39ad608bd
[Mon Jul 14 05:23:27 2014] <ezyang_> That looks like a parametricity property
[Mon Jul 14 05:23:51 2014] <johnw> hmm
[Mon Jul 14 05:24:07 2014] <johnw> Jones & Duponcheel give this law in their formulation of agreeable monadic compositions
[Mon Jul 14 05:24:17 2014] <johnw> or rather, they say that when you assume it, certain properties can hold
[Mon Jul 14 05:24:32 2014] <ezyang_> Oh, OK, nevermind then
[Mon Jul 14 05:24:59 2014] <johnw> so I think it can be said that for any monads M and N which form a monad composite, then LogicT and LogicT' (using r -> m r) are isomorphic
[Mon Jul 14 05:25:23 2014] <johnw> no, wait, the N is missing in some cases
[Mon Jul 14 05:25:34 2014] <johnw> I wonder what this law is all about then
[Mon Jul 14 05:32:21 2014] <johnw> we have the law: join . fmap (fmap f) = fmap f . join
[Mon Jul 14 05:32:28 2014] <johnw> but apparently we can't specialize that down to just f
[Mon Jul 14 10:40:25 2014] <notdan> yay, I am at ITP
[Mon Jul 14 10:41:43 2014] <johnw> cool!
[Mon Jul 14 10:42:59 2014] <notdan> Currently Dimitry Traitel is talking about co-datatypes in Isabelle; don't understand much tbqh
[Mon Jul 14 10:51:10 2014] <schoppenhauer> hello. is there some "deque" defined in coq?
[Mon Jul 14 10:51:25 2014] <schoppenhauer> (deque = fifo)
[Mon Jul 14 10:53:24 2014] <ianjneu_> not that I know of.
[Mon Jul 14 10:54:57 2014] <ianjneu_> schoppenhauer: you could use Okasaki's pure functional deque, but then you'd have to do all the correctness proofs etc.
[Mon Jul 14 10:56:15 2014] <ianjneu_> It uses lazy streams, so it could get awkward.
[Mon Jul 14 10:56:59 2014] <ianjneu_> here's an implementation in Typed Racket you could start from https://github.com/takikawa/tr-pfds/blob/v6.0/pfds/deque/real-time.rkt
[Mon Jul 14 10:58:16 2014] <schoppenhauer> ianjneu_: well, the naive implementation using two lists is amortized constant, so I would probably use that one
[Mon Jul 14 10:59:44 2014] <ianjneu_> sure.
[Mon Jul 14 11:01:38 2014] <schoppenhauer> but maybe there is already something with actual lemmata and such
[Mon Jul 14 11:05:40 2014] <ianjneu> I don't see anything obvious is user contribs
[Mon Jul 14 11:06:01 2014] <schoppenhauer> ok
[Mon Jul 14 11:08:57 2014] <ianjneu_> ACL2 has a verified super-fast deque implementation, but that doesn't help too much. It uses single-threaded objects to do "purely functional mutation"
[Mon Jul 14 11:09:15 2014] <ianjneu_> Not sure if Coq has a fast runST :P
[Mon Jul 14 11:30:43 2014] <notdan> jason gross is about to speak, and like 20 more people entered the room
[Mon Jul 14 12:46:53 2014] <Cypi> In CPDT (the book by Chlipala), there is an exercise about dependent types where you define a type of lists [plist : nat -> Set] such that any [plist n] contains at least [n] elements that satisfy some predicate [P]. You then have to define [plistOut : forall n, plist n -> list A] (A is the set in which the elements of the lists are), which is easy. But then you have to define [plistIn], which
[Mon Jul 14 12:46:58 2014] <Cypi> would be "list A -> plist n". Except that I don't know exactly which return type there should be. The return type should express the fact that [n] has been chosen to be the best possible [n].
[Mon Jul 14 12:47:12 2014] <Cypi> If I'm not very clear: http://lpaste.net/107476 . I wonder what type I should put instead of "(* ??? *)"
[Mon Jul 14 12:49:00 2014] <notdan> well, can't you take n to be (length l)?
[Mon Jul 14 12:49:28 2014] <notdan> or (length (filter P l)) rather
[Mon Jul 14 12:50:41 2014] <Cypi> Ah. I didn't think of that, I guess so
[Mon Jul 14 12:51:14 2014] <notdan> also, are you sure that your plistOut definition is correct?
[Mon Jul 14 12:51:25 2014] <notdan> it doesn't work for me
[Mon Jul 14 12:51:54 2014] <Cypi> What do you mean "it doesn't work"? I didn't test it (the next step is to prove the correctness of both functions ^^' )
[Mon Jul 14 12:52:31 2014] <notdan> It didn't compile for me; I had to replace the call to (plistOut t) with (plistOut n0 t)
[Mon Jul 14 12:52:43 2014] <Cypi> Oh, right
[Mon Jul 14 12:52:46 2014] <Cypi> Chlipala uses "Set Implicit Arguments.
[Mon Jul 14 12:52:49 2014] <Cypi> " everywhere
[Mon Jul 14 12:52:58 2014] <Cypi> (which I don't like very much :/ )
[Mon Jul 14 12:53:21 2014] <notdan> ah, fair enough
[Mon Jul 14 12:53:42 2014] <notdan> I didn't think 'n' was implicit in that definition. Probably should finally look up the exact specification
[Mon Jul 14 12:54:32 2014] <Cypi> The second argument to [plistOut] is a [plist n], so you can deduce [n] from the type of the second argument, which makes it implicit
[Mon Jul 14 12:55:02 2014] <notdan> thx
[Mon Jul 14 12:55:20 2014] <Cypi> It does weird things sometimes, for example [x] is implicit in the constructor [PCons] :/
[Mon Jul 14 12:57:03 2014] <notdan> What chapter is plist from?
[Mon Jul 14 12:58:02 2014] <Cypi> It's in this pdf: http://adam.chlipala.net/cpdt/ex/exercises.pdf section "0.5 From MoreDep".
[Mon Jul 14 12:59:33 2014] <notdan> oh, cool
[Mon Jul 14 12:59:40 2014] <notdan> I didn't know there were exercises
[Mon Jul 14 13:01:25 2014] <ianjneu> http://lpaste.net/107477
[Mon Jul 14 13:01:42 2014] <ianjneu> Cypi: not a proof term, but there you go.
[Mon Jul 14 13:10:49 2014] <Cypi> Ah, I was trying to write directly a proof term (apparently this is what was intended for this exercise) :p
[Mon Jul 14 13:11:32 2014] <Cypi> Defining things with tactics was kind of unthinkable for me some time ago, but now I find it to be easier, indeed
[Mon Jul 14 13:12:13 2014] <ianjneu> ya, good luck writing that proof term.
[Mon Jul 14 13:23:49 2014] <notdan> If I have a decision procedure P_dec : forall x : A, {P x} + {~ P x}, and a statement H: if P_dec x then true else false = true, how can I get p:P x?
[Mon Jul 14 13:25:23 2014] <notdan> It seems strange that I can write if P_dec x ... anyway :| it's not a bool
[Mon Jul 14 13:25:58 2014] <notdan> Oh, if works on all booleans
[Mon Jul 14 13:27:18 2014] <ianjneu> notdan: if has a weird-ass semantics that depends on the order you write your inductive's type constructors.
[Mon Jul 14 13:32:51 2014] <notdan> btw, I think you don't need a complicated match there: http://lpaste.net/107477
[Mon Jul 14 13:33:17 2014] <notdan> granted, I did define Pbool through P_dec, the other way around
[Mon Jul 14 13:33:21 2014] <notdan> (relatively to what you did)
[Mon Jul 14 13:53:46 2014] <Cypi> notdan : you can write [if e then _ else _] whenever [e] is in an inductive type with exactly two constructors.
[Mon Jul 14 13:54:10 2014] <Cypi> It doesn't have to be booleans or anything related to booleans (it works with lists for example)
[Mon Jul 14 14:01:00 2014] <notdan> oh
[Mon Jul 14 17:20:09 2014] <Cypi> So, about [plist] again, I wrote the proof term myself (helped by Coq still), but there is one single point I do not get
[Mon Jul 14 17:20:12 2014] <Cypi> http://lpaste.net/107491
[Mon Jul 14 17:20:26 2014] <Cypi> The definition of plistIn is fine, but the definition of plistIn' is not
[Mon Jul 14 17:20:49 2014] <Cypi> The only difference is the replacement of [if s then true else false] by [s]. How come this is important?
[Mon Jul 14 17:49:29 2014] <Cypi> I also added a lemma that I don't seem to be able to prove :/
[Mon Jul 14 17:49:37 2014] <Cypi> (Yes, I'm having trouble with dependent types :p )
[Mon Jul 14 18:00:57 2014] <johnw> where are you getting filter from?
[Mon Jul 14 18:01:37 2014] <Cypi> Standard library
[Mon Jul 14 18:01:44 2014] <johnw> what Require line?
[Mon Jul 14 18:01:48 2014] <johnw> I cannot load your file as it was patsed
[Mon Jul 14 18:01:54 2014] <Cypi> Maybe you need "Require Import Arith List."
[Mon Jul 14 18:01:59 2014] <Cypi> (probably only List)
[Mon Jul 14 18:02:03 2014] <Cypi> Sorry, it's a messy file :x
[Mon Jul 14 18:02:06 2014] <johnw> ah, that was it
[Mon Jul 14 18:02:18 2014] <Cypi> I added it
[Mon Jul 14 18:05:56 2014] <johnw> well, it would seem you need to case analyze 's' at two levels deep to get to the type you need
[Mon Jul 14 18:06:09 2014] <johnw> which is what 'if' is doing
[Mon Jul 14 18:07:00 2014] <Cypi> Hmm. The type of [s] is [{P x} + {~ P x}]
[Mon Jul 14 18:07:32 2014] <Cypi> So for me, what [if s then true else false] does is just replacing a sumbool by the correspondig boolean (which should contain even less information :o )
[Mon Jul 14 18:07:43 2014] <johnw> i think that proving the lemma you'll need some other things
[Mon Jul 14 18:07:54 2014] <johnw> like a way to move the 'x' inside x :: plistOut (plistIn t)
[Mon Jul 14 18:08:28 2014] <johnw> if I had x :: plistOut (plistIn t) = plistOut (plistIn (x :: t)), the proof is trivial
[Mon Jul 14 18:09:32 2014] <Cypi> Well, yes, that's exactly the second case of the induction :p
[Mon Jul 14 18:09:39 2014] <Cypi> (At least I think)
[Mon Jul 14 18:09:56 2014] <Cypi> What surprised me is the error I got
[Mon Jul 14 18:10:05 2014] <johnw> how do I rewrite only the second occurence?
[Mon Jul 14 18:10:09 2014] <johnw> rewrite <- IHt at 2 never works for me
[Mon Jul 14 18:10:09 2014] <Cypi> "Error: Abstracting over the term "s" leads to a term [...] which is ill-type"
[Mon Jul 14 18:10:21 2014] <Cypi> That's the way, but I tried it here and it didn't work
[Mon Jul 14 18:11:42 2014] <johnw> https://gist.github.com/6eeb25e529131b791e9c
[Mon Jul 14 18:12:18 2014] <johnw> that's really just a trivial rewrite of the goal
[Mon Jul 14 18:12:47 2014] <Cypi> Yes, I agree. But this subgoal is as difficult as the original proof
[Mon Jul 14 18:12:51 2014] <johnw> exactly
[Mon Jul 14 18:13:54 2014] <johnw> I feel like there's not enough information here to proceed
[Mon Jul 14 18:14:11 2014] <johnw> I really have no laws governing what NCons and PCons mean
[Mon Jul 14 18:14:29 2014] <johnw> the definition of plistIn is pretty complex
[Mon Jul 14 18:14:53 2014] <johnw> try to break it down into the simplest expression of the property that you can
[Mon Jul 14 18:15:07 2014] <Cypi> Well, intuitively, here, you just have to make a case-analysis on [P_dec x], and it's really easy
[Mon Jul 14 18:15:17 2014] <Cypi> But Coq won't let me for some reason that I have a hard time to understand :p
[Mon Jul 14 18:15:32 2014] <johnw> oh, it lets me
[Mon Jul 14 18:15:35 2014] <johnw> in the place of the admit
[Mon Jul 14 18:15:44 2014] <johnw> it gives me: p : P x
[Mon Jul 14 18:15:49 2014] <johnw> and then asks me to prove the same goal
[Mon Jul 14 18:16:08 2014] <Cypi> Well, try with [case_eq (P_dec x.] instead, you'll get more information
[Mon Jul 14 18:16:13 2014] <Cypi> but even then, it doesn't work
[Mon Jul 14 18:16:24 2014] <johnw> ah
[Mon Jul 14 18:16:29 2014] <johnw> that adds H : P_dec x = left p
[Mon Jul 14 18:16:34 2014] <Cypi> the next logical step would be to [simpl.], and then rewrite to replace [P_dec x] with [{P x}]
[Mon Jul 14 18:16:42 2014] <Cypi> Or with [left p] I mean
[Mon Jul 14 18:16:47 2014] <Cypi> by using this hypothesis H
[Mon Jul 14 18:17:16 2014] <Cypi> but then you get, again, this cryptic error
[Mon Jul 14 18:17:28 2014] <Cypi> "Error: Abstracting over the term "P_dec x" leads to a term [...] which is ill-typed"
[Mon Jul 14 18:17:30 2014] <johnw> yeah
[Mon Jul 14 18:17:35 2014] <johnw> i've never used 'as' before, so I can't really help
[Mon Jul 14 18:17:53 2014] <Cypi> The difficulties of dependently-typed terms :(
[Mon Jul 14 18:18:51 2014] <johnw> subst says: Error: Cannot find any non-recursive equality over t.
[Mon Jul 14 18:19:02 2014] <johnw> perhaps that's more illuminating
[Mon Jul 14 18:19:28 2014] <Cypi> It's not the same error. In this case, it's just that the only inquality over t is recursive, so [subst] won't use it
[Mon Jul 14 18:19:36 2014] <Cypi> equality*
[Mon Jul 14 18:20:34 2014] <johnw> ah
[Mon Jul 14 18:23:28 2014] <Cypi> Oh well, I have to go for now, dropping the link again in case someone can help in some way :D http://lpaste.net/107491
[Mon Jul 14 18:23:36 2014] <Cypi> Thanks in any case johnw
[Mon Jul 14 18:24:55 2014] <johnw> sure, let me know what you find
[Tue Jul 15 11:27:33 2014] <Cypi> johnw: just in case you're interested, someone helped me for the problem I had yesterday
[Tue Jul 15 11:27:38 2014] <Cypi> http://lpaste.net/107491 for a completed proof
[Tue Jul 15 11:27:54 2014] <Cypi> (And yes, this is kind of ugly, but apparenty this is usual when dealing with dependently-typed matches...)
[Tue Jul 15 11:28:41 2014] <ianjneu> ya, I wouldn't have come up with that.
[Tue Jul 15 15:22:45 2014] <johnw> huh
[Wed Jul 16 19:06:32 2014] <johnw> can I declare a `{...} constraint as a Variable in a section?
[Wed Jul 16 19:58:13 2014] <johnw> ah, "Context"
[Wed Jul 16 20:07:39 2014] <johnw> can I name my obligations, so that they aren't named Tuple_Assoc_obligation_2?
[Wed Jul 16 20:07:48 2014] <johnw> i'd rather that be called Tuple_Assoc_iso_from
[Thu Jul 17 10:19:01 2014] <Ainieco> hello
[Thu Jul 17 10:19:33 2014] <Ainieco> is it possible to display "forall" and such keywords as unicode characters in coqide?
[Thu Jul 17 10:19:50 2014] <Ainieco> like \forall
[Thu Jul 17 10:20:06 2014] <Ainieco> ∀
[Thu Jul 17 10:22:57 2014] <Ainieco> too bad coq general haven't benn updated for almost year and can't even be compiled with latest emacs
[Thu Jul 17 10:23:05 2014] <Ainieco> proof general*
[Thu Jul 17 10:36:30 2014] <alkabetz> Ainieco: Coq Proof General works fine for me on Emasc 24.3.1, and M-x proof-unicode-tokens-toggle works fine for me as well.
[Thu Jul 17 10:51:34 2014] <Ainieco> alkabetz: same emacs version, unicode tokens break arrows e.g when i'm writing "->" it converts it to "→" literally, as one character which coq doesn't understand
[Thu Jul 17 10:52:24 2014] <Ainieco> "->" written before toggling unicode tokens remain to be two char token which coq perfectly understands but newly written "->" after toggling unicode are broken
[Thu Jul 17 10:52:38 2014] <alkabetz> Oh, huh, look at that.
[Thu Jul 17 10:53:18 2014] <alkabetz> Hang on, let me look at this for a second …
[Thu Jul 17 11:05:06 2014] <alkabetz> Well, I’m not sure why it does this, but disabling the Unicode tokens input mode (C-\) fixes the issue.
[Thu Jul 17 11:05:44 2014] <alkabetz> (That is, I’m not sure why the Unicode tokens mode enables the input method.  It’s pretty obvious why disabling the input method fixes the glitch.)
[Thu Jul 17 11:06:12 2014] <ianjneu> we "fixed the glitch"
[Thu Jul 17 11:15:45 2014] <Ainieco> alkabetz: thanks!
[Thu Jul 17 11:18:39 2014] <alkabetz> You’re welcome.  Enjoy your Unicode ☺
[Thu Jul 17 18:26:02 2014] <uucico> I'm trying to use the {order} annotation for Program Fixpoint.  As an exercise, I'm trying to reproduce standard syntactic-subterm restriction that Coq imposes on Fixpoint functions.  Is there any standard trick to construct a well-founded relation along the lines of Coq's syntactic-subterm restriction?  Something similar to structural induction?
[Thu Jul 17 20:45:40 2014] <johnw> in my Ltac script, if I want to match against anything in the goal of the form "match ?X with ... end", how do I specify the "..."?
[Thu Jul 17 21:00:57 2014] <johnw> also, can I get the ?X to only match a specific form?
[Thu Jul 17 21:01:04 2014] <johnw> right now it's matching anything there
[Thu Jul 17 21:03:48 2014] <uucico> perhaps do a later match on X and fail if it's not what you wanted?
[Thu Jul 17 21:04:23 2014] <uucico> e.g., match type of X with ..., or match X with ...
[Thu Jul 17 21:09:55 2014] <johnw> ah, I se
[Thu Jul 17 21:10:03 2014] <johnw> how do I say match X is bare-naked identifier?
[Thu Jul 17 21:10:11 2014] <johnw> because that's all I care about
[Thu Jul 17 21:10:24 2014] <johnw> i just want to match on ?X when ?X has the form 'x' or 'u' or 'a'
[Thu Jul 17 21:10:32 2014] <johnw> letter unknown
[Thu Jul 17 21:10:43 2014] <johnw> right now I have this nastiness: https://gist.github.com/00b1e88713a9996706d4
[Thu Jul 17 21:10:52 2014] <johnw> which works, but is basically just working around the problem statement above
[Thu Jul 17 21:12:02 2014] <johnw> also, can I get Program Instance to try one of my tactics on each obligation for me?
[Thu Jul 17 21:13:26 2014] <johnw> ooh, Obligation Tactic
[Thu Jul 17 21:14:46 2014] <uucico> perhaps you could use context patterns to avoid describing all of the ways that match could appear in your goal?
[Thu Jul 17 21:15:22 2014] <uucico> something like..  match goal with | [ |- context[match ?X with _] ] => ... end.
[Thu Jul 17 21:15:48 2014] <johnw> but that doesn't help the "match ?X only if it's an identifier"
[Thu Jul 17 21:16:06 2014] <johnw> when I do a full context[match ?X with _], it matches sub-matches, for example
[Thu Jul 17 21:16:21 2014] <johnw> of the form match match match x with ... end with ... end with ... end
[Thu Jul 17 21:16:26 2014] <johnw> i only want to match the innermost match
[Thu Jul 17 21:17:04 2014] <uucico> in the "..." of the tactic i suggested, perhaps you could match X and fail if it's another match?
[Thu Jul 17 21:17:27 2014] <johnw> ah, I see
[Thu Jul 17 21:17:28 2014] <johnw> that I could do
[Thu Jul 17 21:17:51 2014] <johnw> how do I match on any number of sub-patterns?
[Thu Jul 17 21:17:56 2014] <johnw> your context[match ?X with _] doesn't parse
[Thu Jul 17 21:33:03 2014] <johnw> instead of "fail", can I have it move on to trying the next match expression?
[Thu Jul 17 21:33:25 2014] <johnw> I have this: https://gist.github.com/978da72c04ee2cd92a2f
[Thu Jul 17 21:33:32 2014] <johnw> if I could say "skip" instead of "fail", for example, it would work
[Thu Jul 17 21:33:46 2014] <johnw> once I determine that the "match" doesn't match what I'm looking for, I want to move on to try the next one
[Thu Jul 17 21:36:01 2014] <johnw> ah, I need to make this recursive
[Thu Jul 17 21:45:21 2014] <johnw> uucico: this did it: https://gist.github.com/cd6817136ecae21db740
[Thu Jul 17 21:45:24 2014] <johnw> thanks for your help
[Fri Jul 18 04:17:21 2014] <elarnon> johnw: another approach for your problem would be "match goal with [ x: _ |- context[match ?y with _ => _] ] => unify x y; ... end"
[Fri Jul 18 04:17:52 2014] <johnw> hmmm
[Fri Jul 18 04:17:57 2014] <johnw> can you explain further?
[Fri Jul 18 04:18:57 2014] <elarnon> the "x: _" will match any "hypothesis" (in this case, we are actually interested in the variables present in the context)
[Fri Jul 18 04:19:49 2014] <elarnon> so this will try all variables in your context, try to unify them with what is matched, fail when it is not what is matched, and the remaining will only apply when x=y (so y is a pure variable)
[Fri Jul 18 04:21:38 2014] <johnw> ahh
[Fri Jul 18 04:21:41 2014] <johnw> that makes total sense!
[Fri Jul 18 04:21:44 2014] <johnw> thanks elarnon
[Fri Jul 18 04:21:48 2014] <johnw> I like it
[Fri Jul 18 04:22:41 2014] <elarnon> note that if you are matching on an existential variable and there is a variable of that type in your context, this will blindly perform the unification though
[Fri Jul 18 04:25:34 2014] <johnw> good to know
[Fri Jul 18 04:26:21 2014] <ia0> I missed the beginning of the discussion, but I thought there was an is_var tactic to know if a term is a variable
[Fri Jul 18 04:26:45 2014] <ia0> match goal with [ |- context[ match ?y with _ => _ ] ] => is_var y; ... end
[Fri Jul 18 04:27:00 2014] <elarnon> oh, you are right
[Fri Jul 18 04:27:13 2014] <johnw> ah, this is exactly what I wanted
[Fri Jul 18 04:27:23 2014] <elarnon> somehow never seen that one, nice
[Fri Jul 18 04:27:52 2014] <johnw> yep, that does the trick
[Fri Jul 18 04:27:52 2014] <elarnon> knowing that is_evar existed, I could have guessed
[Fri Jul 18 04:30:12 2014] <elarnon> never understood how tu use is_evar, though
[Fri Jul 18 04:30:42 2014] <elarnon> it always fail for me
[Fri Jul 18 15:40:09 2014] <han__> Hi, I know almost nothing about coq. Are there some easy exaples of formalization of finite algebra in coq, preferable the universal algebraic flavor? Are there other proof assistants more suitable for finite algebra?
[Fri Jul 18 19:26:37 2014] <anderslundstedt> How do I get congruence or a similar tactic to work with setoid equality? Require Import Coq.Classes.SetoidClass.
[Fri Jul 18 19:26:40 2014] <anderslundstedt>  
[Fri Jul 18 19:26:42 2014] <anderslundstedt> Parameter A : Set.
[Fri Jul 18 19:26:45 2014] <anderslundstedt> Axiom A_setoid : Setoid A.
[Fri Jul 18 19:26:47 2014] <anderslundstedt>  
[Fri Jul 18 19:26:50 2014] <anderslundstedt> Theorem t : forall a b c : A, a = b -> c = a -> b = c.
[Fri Jul 18 19:26:52 2014] <anderslundstedt> Proof.
[Fri Jul 18 19:26:55 2014] <anderslundstedt>   congruence.
[Fri Jul 18 19:26:57 2014] <anderslundstedt> Qed.
[Fri Jul 18 19:27:00 2014] <anderslundstedt>  
[Fri Jul 18 19:27:02 2014] <anderslundstedt> Theorem t' : forall a b c : A, a == b -> c == a -> b == c.
[Fri Jul 18 19:27:05 2014] <anderslundstedt> Proof.
[Fri Jul 18 19:27:07 2014] <anderslundstedt>   try congruence. (* no success *)
[Fri Jul 18 19:27:10 2014] <anderslundstedt>   intros a b c H H'. rewrite <- H, H'. reflexivity.
[Fri Jul 18 19:27:12 2014] <anderslundstedt> srry, did not mean to paste
[Fri Jul 18 19:27:15 2014] <anderslundstedt> http://pastebin.com/UNYvFMqr
[Fri Jul 18 19:37:09 2014] <johnw> have you try "reduce"?
[Fri Jul 18 19:40:46 2014] <anderslundstedt> johnw: No success.
[Fri Jul 18 19:40:59 2014] <johnw> one sec
[Fri Jul 18 19:41:36 2014] <johnw> that file checks here
[Fri Jul 18 19:41:42 2014] <johnw> oh, I see
[Fri Jul 18 19:45:53 2014] <johnw> it proves here also with: intros. transitivity a; symmetry; assumption.
[Fri Jul 18 19:48:35 2014] <anderslundstedt> Yes that works. But I am looking for something as convenient as the subst or congruence tactics is for equality.
[Sat Jul 19 05:56:40 2014] <Rc43> Hello.
[Sat Jul 19 05:58:07 2014] <Rc43> Is there canonical way to handle hypotheses like "match x with | <1> => true | <2> => false end = true"?
[Sat Jul 19 05:59:13 2014] <Rc43> I can do it with proving lemma for bool by destructing x and filtering bad subgoals but when I will have other type (say, nat) I will have to rewrite this routine.
[Sat Jul 19 05:59:21 2014] <Rc43> Is there something standard/idiomatic?
[Sat Jul 19 05:59:59 2014] <Rc43> I guess that I can write own tactic for that polymorphic on type, but not sure that it is enough robust.
[Sun Jul 20 14:11:05 2014] <Ainieco> hello
[Sun Jul 20 14:11:46 2014] <Ainieco> if i need to do "rewrite -> foo" three times, there was some operator to apply tactic until it fails of something, iirc it looked like "!".
[Sun Jul 20 14:12:31 2014] <Ainieco> could you please remind me that?
[Sun Jul 20 14:18:04 2014] <alkabetz> [repeat (rewrite -> foo)] should do what you want.
[Sun Jul 20 14:18:53 2014] <Ainieco> alkabetz: indeed, thank you!
[Sun Jul 20 14:40:26 2014] <osa1> how can I get an instance of `H : forall l : list A, Permutation l (f l) /\ length l = length (f l)` for a specific l ?
[Sun Jul 20 14:40:56 2014] <osa1> I have l : list A but apply doesn't work
[Sun Jul 20 14:41:10 2014] <Cale> osa1: H l
[Sun Jul 20 14:43:37 2014] <osa1> Cale: that doesn't work. "Error: The reference H was not found in the current environment." even though I have H as hypothesis
[Sun Jul 20 14:45:00 2014] <Cale> Are you trying to use it as a tactic?
[Sun Jul 20 14:45:05 2014] <Cale> It's just an expression
[Sun Jul 20 14:45:17 2014] <Cale> You should be able to  pose (G := H l)
[Sun Jul 20 14:46:06 2014] <Cale> But whatever you were going to do with G, you could also do with H l directly
[Sun Jul 20 14:47:00 2014] <Cale> e.g. you should be able to  split (H l)
[Sun Jul 20 14:47:50 2014] <Cale> If that's the sort of thing you're trying and it's still complaining about H not being found, well, I don't know what's going on.
[Sun Jul 20 14:49:56 2014] <osa1> yeah split (H l) worked. thanks.
[Sun Jul 20 14:50:14 2014] <osa1> it'd still be nice to have H1: <initialized version>.
[Sun Jul 20 14:50:24 2014] <osa1> specialized version*
[Sun Jul 20 14:50:41 2014] <osa1> or instantiated version. I don't know what term to use :P
[Sun Jul 20 14:51:32 2014] <Cypi> [pose proof (H l)] maybe?
[Sun Jul 20 14:56:50 2014] <Cale> Yeah, you can use pose to define a variable equal to that
[Sun Jul 20 15:03:09 2014] <osa1> can anyone give me some tips to fill this admitted case http://lpaste.net/107796 ?
[Sun Jul 20 15:12:49 2014] <Cale> Perhaps start with  apply (Permutation_trans H0).
[Sun Jul 20 15:14:01 2014] <Cale> oh, right, your induction hypothesis says stuff about t
[Sun Jul 20 15:14:31 2014] <tswett> Ahoy.
[Sun Jul 20 15:14:45 2014] <tswett> I'm reading Gödel, Escher, Bach, and it includes Euclid's theorem about prime numbers.
[Sun Jul 20 15:15:20 2014] <Cale> Which one was that?
[Sun Jul 20 15:15:31 2014] <tswett> There are infinitely many.
[Sun Jul 20 15:15:37 2014] <Cale> okay
[Sun Jul 20 15:15:54 2014] <tswett> Or, to paraphrase it in a manner Euclid may have liked better: For every (finite) set of prime numbers, there is a prime number not in that set.
[Sun Jul 20 15:16:04 2014] <tswett> (If I remember correctly, Euclid wasn't a fan of infinite sets.)
[Sun Jul 20 15:16:37 2014] <tswett> GEB says that the proof, if you break it down into the smallest possible pieces, is actually very complicated.
[Sun Jul 20 15:16:45 2014] <Cale> Set theory didn't really exist in Euclid's time :)
[Sun Jul 20 15:16:53 2014] <tswett> And this made me want to write the proof in Coq without using tactics.
[Sun Jul 20 15:17:10 2014] <tswett> (I find tactic-based proofs completely unreadable. I'm guessing everyone finds tactic-based proofs completely unreadable.)
[Sun Jul 20 15:17:28 2014] <Cale> The usual proof uses LEM
[Sun Jul 20 15:17:53 2014] <Cale> So you'll want to throw that axiom in.
[Sun Jul 20 15:18:02 2014] <tswett> Does it?
[Sun Jul 20 15:18:05 2014] <Cale> yes
[Sun Jul 20 15:18:18 2014] <tswett> I don't remember that bit. I'll add it in once I run into it.
[Sun Jul 20 15:18:48 2014] <Cale> Well, okay, the way you stated it the second time, I don't think you need LEM for.
[Sun Jul 20 15:19:29 2014] <tswett> I certainly don't feel like proving the existence of a bijection between the primes and a subset of the primes.
[Sun Jul 20 15:19:29 2014] <Cale> Hm, actually, perhaps I'm wrong :)
[Sun Jul 20 15:19:36 2014] <tswett> Anyway.
[Sun Jul 20 15:19:58 2014] <Cale> tactic-based proofs are readable iff you can step through them interactively
[Sun Jul 20 15:20:14 2014] <Cale> and see the goal and hypotheses
[Sun Jul 20 15:20:19 2014] <tswett> Right.
[Sun Jul 20 15:20:45 2014] <tswett> I'm trying to find a function that tells me whether or not one nat is greater than another.
[Sun Jul 20 15:21:02 2014] <tswett> And, for the future, I'm wondering if there's a way I can search within Coq for such things.
[Sun Jul 20 15:21:12 2014] <tswett> Like if I can get a list of all names in a module or something.
[Sun Jul 20 15:31:16 2014] <Cale> tswett: managed to find it: http://coq.inria.fr/distrib/current/stdlib/Coq.Arith.Compare_dec.html
[Sun Jul 20 15:31:33 2014] <tswett> Thanks.
[Sun Jul 20 15:31:38 2014] <Cale> tswett: generally, I tend to use the index for the web documentation
[Sun Jul 20 15:32:04 2014] <Cale> In this case, I figured there might be something starting with dec or decidable or something
[Sun Jul 20 15:32:12 2014] <tswett> All right. At the moment, I want to prove ~(S x <= 0).
[Sun Jul 20 15:32:32 2014] <tswett> I felt like proving the decidability manually.
[Sun Jul 20 15:33:10 2014] <tswett> I hit "intro", and now I have S x <= 0 and I want to prove False.
[Sun Jul 20 15:33:50 2014] <tswett> I feel like now I want to do induction on H : S x <= 0, so I can show that le_n doesn't work and le_S doesn't help either.
[Sun Jul 20 15:33:58 2014] <Cale> inversion H.
[Sun Jul 20 15:35:13 2014] <tswett> Yup, that did it. Lemme look up what inversion is.
[Sun Jul 20 15:37:19 2014] <tswett> Feels similar to destruct.
[Sun Jul 20 15:40:33 2014] <Cale> Yeah, it sort of takes the thing apart and figures out what would be required in order to have a term of that type, and when that's impossible, it'll discover this and solve whatever goal you might have.
[Sun Jul 20 15:42:07 2014] <Cale> (impossible because none of the data constructors could generate that particular application of the type constructor)
[Sun Jul 20 15:43:07 2014] <tswett> So it's like destruct, but it also generates hypotheses?
[Sun Jul 20 15:44:16 2014] <Cale> yeah
[Sun Jul 20 15:45:21 2014] <tswett> And how do I change "forall x y" in the goal to "forall y x"?
[Sun Jul 20 15:46:09 2014] <tswett> Rather, change "forall x y" to "forall x" with y as a hypothesis.
[Sun Jul 20 15:46:37 2014] <tswett> I could either swap the antecedents, or do "intros" and then turn x back from a hypothesis into an antedecent.
[Sun Jul 20 15:46:58 2014] <Cale> I think that's "revert x"?
[Sun Jul 20 15:47:10 2014] <tswett> Looks like it. Thanks.
[Sun Jul 20 15:52:10 2014] <tswett> If someone asked me to develop a procedure to test whether or not one natural number is greater than another, I think I would have a much, much easier time describing it in English...
[Sun Jul 20 15:55:37 2014] <tswett> Maybe it would be useful to actually imagine that I'm explaining the procedure, in English, to a very stubborn mathematician.
[Sun Jul 20 15:55:52 2014] <tswett> Then I just have to type in a translation of my explanation.
[Sun Jul 20 16:05:43 2014] <osa1> can anyone help me with this http://lpaste.net/107796
[Sun Jul 20 16:12:42 2014] <tswett> Now I have "IHy : forall x, blah blah x blah", and I'd like to instantiate it as "blah blah z blah", replacing the original hypothesis.
[Sun Jul 20 16:12:55 2014] <tswett> (I don't have to, but I'd like to.)
[Sun Jul 20 16:13:14 2014] <Cale> IHy z
[Sun Jul 20 16:13:24 2014] <Cale> oh
[Sun Jul 20 16:13:38 2014] <tswett> I could do "set (IHy z)", but that leaves IHy there and I can't clear it.
[Sun Jul 20 16:13:43 2014] <Cale> I don't know about replacing the original hypothesis, but you could generate a new one
[Sun Jul 20 16:14:09 2014] <tswett> Because Coq remembers that the new hypothesis is equal to IHy z, and so it refuses to forget about IHy z.
[Sun Jul 20 16:14:31 2014] <Cale> Yeah, IHy needs to continue existing
[Sun Jul 20 16:14:47 2014] <Cale> You could maybe destruct (IHy z) or something
[Sun Jul 20 16:15:43 2014] <tswett> I guess that works, since I was going to destruct it right away anyway.
[Sun Jul 20 16:22:02 2014] <tswett> "Okay, tswett, I know that x <= y. But how does it follow that S x <= S y?" My, what an interesting question, Mr. Stubborn Mathematician.
[Sun Jul 20 16:33:29 2014] <tswett> All right, the proof turns out to be really simple.
[Sun Jul 20 16:33:52 2014] <tswett> I was trying to figure out whether to use induction on x or on y. After a while, I realized I actually have to do induction on the proof that x <= y.
[Sun Jul 20 16:39:44 2014] <tswett> "All right, tswett, but how about the converse? We are given that S x <= S y, but I don't see why it must be true that x <= y." Why, isn't it the same thing, Mr. Mathematician? Do induction on the given proof.
[Sun Jul 20 16:39:56 2014] <tswett> "No, that doesn't work." No? Why not?
[Sun Jul 20 16:54:14 2014] <tswett> Whelp, I figured out how to get past it. Perform inversion once first, then you can do induction.
[Sun Jul 20 17:04:34 2014] <tswett> I'm trying to figure out exactly how it is that the induction tactic works.
[Sun Jul 20 17:16:33 2014] <tswett> http://lpaste.net/107804 – so I'm trying to figure out how the hypotheses in the last subgoal were generated.
[Sun Jul 20 17:17:13 2014] <tswett> What we had before was H1 : S x <= y |- x <= y. If we perform induction on H1, one of the inductive cases is the constructor le_S : forall m : nat, n <= m -> n <= S m.
[Sun Jul 20 17:19:23 2014] <tswett> What I see happen is that new hypotheses m : nat, H1 : Sx <= m, and IHle : x <= m are created, and in the goal, y is replaced with S m.
[Sun Jul 20 17:20:19 2014] <tswett> I'm trying to figure out why those hypotheses are created.
[Sun Jul 20 17:20:24 2014] <tswett> (Sx should be S x, of course.)
[Sun Jul 20 17:22:06 2014] <tswett> I see there's one hypothesis created for each parameter of le_S, with n replaced with S x. So we get m : nat and H1 : S x <= m.
[Sun Jul 20 17:22:46 2014] <tswett> But there's also an extra hypothesis, IHle : x <= m. That's the inductive hypothesis, of course. Where did it come from, and why's it that?
[Sun Jul 20 19:35:20 2014] <tswett> Dang. Sometimes tactics produce really huge proof terms.
[Sun Jul 20 19:36:09 2014] <tswett> I said, "Goal forall x y : nat, S x <= S y -> x <= y. intros. inversion H. admit. admit. Defined. Print Unnamed_thm1."
[Sun Jul 20 19:36:14 2014] <tswett> It's a pretty good screenful.
[Sun Jul 20 20:24:26 2014] <tswett> Even really simple proofs can be pretty unreadable when written as proof terms.
[Sun Jul 20 20:25:17 2014] <tswett> le_ind (S x) (le x) (le_S x x (le_n x)) (fun m _ => le_S x m)
[Sun Jul 20 20:48:07 2014] <tswett> I guess that is pretty readable when you add lots of comments to it.
[Sun Jul 20 23:35:04 2014] <tswett> Yeah, I guess this is pretty complicated after all.
[Sun Jul 20 23:38:09 2014] <johnw> tswett: have you read the section in Software Foundations about induction?
[Sun Jul 20 23:38:19 2014] <tswett> I don't think so.
[Sun Jul 20 23:44:16 2014] <johnw> you'd find that highly illuminating here
[Mon Jul 21 00:11:23 2014] <tswett> Whelp. This is the best code I've ever written:
[Mon Jul 21 00:11:33 2014] <tswett> Axiom mod_conv : forall (s : nat -> Real) (m : Real), baz m -> baz (minus one m) -> (forall i, gt (times m (minus (s (S i)) (s i))) (minus (s (S (S i))) (s (S i)))) -> exists (l : Real), forall (n : nat), exists (j : nat), forall (p : nat), p > j -> gt (times (nat_to_Real n) (minus l (s p))) /\ gt (times (nat_to_Real n) (minus (s p) l)).
[Mon Jul 21 00:13:06 2014] <tswett> Actually, gt takes multiple arguments.
[Mon Jul 21 00:15:38 2014] <tswett> Stick "one" after both of those "gt"s.
[Mon Jul 21 00:40:43 2014] <johnw> does that really need to be an axiom?
[Mon Jul 21 17:54:46 2014] <osa1> can anyone help me proving this simple theorem? http://lpaste.net/107853 I can't make any progress for two days now
[Mon Jul 21 18:19:02 2014] <Cypi> osa1 : I have a solution, do you want it or just a hint?
[Mon Jul 21 18:19:17 2014] <osa1> Cypi: hint :)
[Mon Jul 21 18:19:42 2014] <Cypi> Ok. By doing it this way you are stuck I believe, because you are reasoning about permutations, so having an induction hypothesis like that is not enough
[Mon Jul 21 18:20:08 2014] <Cypi> Try proving this instead : [forall A (f : list A -> list A), (forall (l : list A), Permutation l (f l)) -> forall (n : nat) (l : list A), length l = n -> Permutation l (map_rest l f)]
[Mon Jul 21 18:20:19 2014] <Cypi> and then you use it to prove your main theorem
[Mon Jul 21 18:23:16 2014] <osa1> Cypi: as far as I can see only difference is that extra n but why is this necessary?
[Mon Jul 21 18:23:29 2014] <Cypi> You can also start your proof with [intros. remember (length l) as n. generalize dependent l.] to do the same, actually
[Mon Jul 21 18:23:45 2014] <Cypi> the idea is that you will do the induction on the length of l, not on l itself
[Mon Jul 21 18:24:05 2014] <Cypi> That way, you will get an induction hypothesis about the tail of l, but also all the permutations of the tail of l
[Mon Jul 21 18:24:27 2014] <Cypi> (or any list of size [length l - 1], which is what you need)
[Mon Jul 21 18:30:36 2014] <osa1> Cypi: I'm having this IHn' : length l = n' -> Permutation l (map_rest l f) but I can't use it because this is second case of induction, where length l = S n'.
[Mon Jul 21 18:31:10 2014] <Cypi> [IHn' : forall l : list A, n' = length l -> Permutation l (map_rest l f)] I have this, which is better
[Mon Jul 21 18:31:21 2014] <Cypi> l should not be in the context when you do the induction, only n
[Mon Jul 21 18:31:55 2014] <osa1> okay let me try that
[Mon Jul 21 18:33:08 2014] <osa1> okay. now I need to destruct l, right?
[Mon Jul 21 18:34:20 2014] <Cypi> That's probably a good idea, yes
[Mon Jul 21 18:47:31 2014] <osa1> how can I get `Permutation (a :: l) (f (a :: l))` from H : forall l : list A, Permutation l (f l) ?
[Mon Jul 21 18:48:13 2014] <Cypi> Just [apply H] will do the job. So even [auto] will do it
[Mon Jul 21 18:48:33 2014] <Cypi> Oh, sorry, you want it as an hypothesis? [pose proof (H l)]
[Mon Jul 21 18:49:00 2014] <Cypi> Or [pose proof (H (a :: l))] rather :p
[Mon Jul 21 18:49:09 2014] <osa1> that worked, thanks
[Mon Jul 21 18:50:31 2014] <osa1> I'm trying to eliminate first case of `match f l with ...`
[Mon Jul 21 18:50:49 2014] <osa1> I have this as hypothesis H0 : Permutation (a :: l) []
[Mon Jul 21 18:51:13 2014] <osa1> ah, Permutation_nil should help
[Mon Jul 21 18:51:19 2014] <osa1> to derive a :: l = []
[Mon Jul 21 18:51:25 2014] <Cypi> For instance, yes
[Mon Jul 21 19:01:34 2014] <osa1> interesting. I'm stuck again but this time at `length ret = n'`. all I know about n' is that it's a nat
[Mon Jul 21 19:01:42 2014] <osa1> maybe I need to use remember at some point
[Mon Jul 21 19:03:05 2014] <osa1> hmm yeah H2 : length l = n' is lost at some point because I used it in apply
[Mon Jul 21 19:04:11 2014] <osa1> and it worked!! \o/
[Mon Jul 21 19:04:13 2014] <osa1> Cypi: thanks!
[Mon Jul 21 19:04:36 2014] <osa1> now I'm going to remove `length l = n` part and use remember instead
[Mon Jul 21 19:07:34 2014] <osa1> Cypi: http://lpaste.net/107854 how did you solve it?
[Mon Jul 21 19:32:23 2014] <osa1> so with the help of this theorem I proved that a weird sort function returns a permutation. now harder part, proving that result is sorted.
[Tue Jul 22 05:34:36 2014] <Cypi> osa1 : http://lpaste.net/107866
[Tue Jul 22 05:34:54 2014] <Cypi> but that's not particularly a nice proof, I didn't try to make it better :p
[Tue Jul 22 05:41:54 2014] <osa1> Cypi: what's destruct ... eqn: ... ?
[Tue Jul 22 05:42:28 2014] <Cypi> It keeps in context an equation about what you destructed
[Tue Jul 22 05:42:44 2014] <osa1> whoa!
[Tue Jul 22 05:42:59 2014] <Cypi> So here it adds [Hfal: f (a :: l) = []] and [Hfal: f (a :: l) = a' :: l']
[Tue Jul 22 05:43:02 2014] <osa1> I was doing something like that `remember (f (a :: l)) as ret` before every single destruct
[Tue Jul 22 05:43:11 2014] <Cypi> Well, now you can do that :)
[Tue Jul 22 05:43:16 2014] <osa1> awesome! \o/
[Tue Jul 22 05:43:17 2014] <Cypi> (the syntax is a bit weird, but eh)
[Tue Jul 22 06:44:58 2014] <osa1> it's still not exactly same as remember ... as e. destruct e.
[Tue Jul 22 06:51:16 2014] <osa1> generated equality is symmetric to what we get when remember is used.
[Tue Jul 22 09:02:59 2014] <Rc43> Hello.
[Tue Jul 22 09:03:41 2014] <Rc43> I have project divided into subfolders. How can I make modules be accessible by "dot" notation?
[Tue Jul 22 09:04:03 2014] <Rc43> I have read manual, but either I hadn't understood or it doesn't talk about it.
[Tue Jul 22 09:04:26 2014] <Rc43> I want to be able to access A/B/C.v with "Require Import A.B.C.".
[Tue Jul 22 09:06:43 2014] <Rc43> I also tried to examine how it is done in coq "theories", but I only see "Require Export Datatypes." in Init/Prelude.v; though it is possible to write "Require Import Coq.Init.Datatypes."
[Tue Jul 22 09:12:13 2014] <Rc43> And I tried -R option of coq, but id doesn't seem to help.
[Tue Jul 22 10:51:03 2014] <notdan> http://bogomolov-lab.ru/SHKOLA2014/talks/voevodsky.html Voevodsky is going to talk about Homotopy Type Theory and Coq at the Russian algebraic geometry school
[Tue Jul 22 10:52:21 2014] <Rc43> notdan, will he actually use HoTT or only plain Coq? The page talks only about Coq, no mention about HoTT.
[Tue Jul 22 11:09:18 2014] <notdan> well he talks about "univalent foundations" and i think he will show examples from homotopy theory proved with hott
[Tue Jul 22 16:52:17 2014] <dfdfff> anyone around?
[Tue Jul 22 16:54:07 2014] <ianjneu> dfdfff: I am
[Tue Jul 22 16:56:14 2014] <dfdfff> ianjneu: Good. I'm reading Aluffi's "Algebra 0" and would like to do proofs in Coq. Is it a realistic goal for a beginner in both?
[Tue Jul 22 16:57:38 2014] <dfdfff> ianjneu: For instance, I'd like to prove that a certain relation is an equivalence relation.  Or, say, that Sets is indeed a category.
[Tue Jul 22 16:58:03 2014] <dfdfff> What packages should I try?
[Tue Jul 22 16:58:53 2014] <ianjneu> Category theory is generally difficult to do in dependent type theories, but jgross has done some good work using univalence in the HoTT github repo.
[Tue Jul 22 16:59:54 2014] <dfdfff> ianjneu: Oh, I've thought it should be easy.  Could you elaborate a bit?
[Tue Jul 22 17:00:08 2014] <ianjneu> I don't know Aluffi's Algebra 0. I would recommend a text that is written with mechanized proof in mind, like "software foundations"
[Tue Jul 22 17:01:42 2014] <ianjneu> dfdfff: The notion of equality in category theory is largely brushed under the rug as a "foundational question," but in a proof theory, the foundation hits you square in the face. Homotopy type theory has a promising notion of equality that is suitable for reasoning about equalities/equivalences in categories.
[Tue Jul 22 17:03:05 2014] <ianjneu> On top of equality issues are representation questions. Bundling morphisms and objects and all the rest actually takes careful thought and engineering. Many previous attempts have come up against performance limitations of the underlying proof assistants.
[Tue Jul 22 17:04:27 2014] <ianjneu> I don't have a single source to point you to on this, as it's just been buzzing around my head following different conversations in person, the Agda and Coq mailing lists, etc. jgross again is probably a good resource for questions about CT in DTT.
[Tue Jul 22 17:04:34 2014] <dfdfff> I'm surprized that there are performance problems.
[Tue Jul 22 17:05:01 2014] <dfdfff> Thanks for the pointers, anyway.
[Tue Jul 22 17:20:56 2014] <dfdfff> ianjneu: are you familiar with Pierce's Category Theory book?  Does it contain any proofs/defn's?
[Tue Jul 22 17:33:47 2014] <ianjneu> I haven't read it, no.
[Tue Jul 22 17:34:24 2014] <ianjneu> I also don't expect much formalism when I see category theory proofs.
[Tue Jul 22 17:40:03 2014] <osa1> any ideas what does OTT stand for? I guess ITT is intuitionistic type theory but OTT???
[Tue Jul 22 17:42:49 2014] <ianjneu> observational type theory
[Tue Jul 22 17:43:11 2014] <osa1> thanks.
[Tue Jul 22 17:43:18 2014] <ianjneu> It's... something best overlooked.
[Tue Jul 22 17:44:19 2014] <ianjneu> Conor McBride is a bit of a type theory hacker, so what he comes up with isn't particularly clean, concise or elegant.
[Tue Jul 22 17:51:29 2014] <osa1> I don't know any alternative type theories(I don't even know Coq's underlying type theory completely) but I like Coq's syntactic approach of deciding termination and equality, mostly because it's very easy to understand and I'm a beginner :)
[Tue Jul 22 17:53:23 2014] <osa1> I'm wondering how is well-founded recursion encoded in Coq. is there a magic(an axiom or something like that) that somehow makes Coq termination checker to accept such definitions or is it somehow encoded in a way that it looks to Coq like a structural recursion on subterms?
[Tue Jul 22 17:53:59 2014] <ianjneu> osa1: it's unfortunately not that easy to understand because it had bugs in it until recently.
[Tue Jul 22 17:54:19 2014] <ianjneu> wellfoundedness is proven using Acc.
[Tue Jul 22 17:54:38 2014] <jgross> ianjneu, dfdfff: Most of what I've done is precategory theory; I haven't actually been making use of univalence much, but have been making sure that what I do is compatible with it.  In Agda, copumpkin has a category theory library with many contributions from Saizan and xplat, and all three of them tend to hang around #agda.  (By the way, proving that Sets is a (pre)category is pretty easy, though you need functional extensionality to get that
[Tue Jul 22 17:54:38 2014] <jgross> the morphisms form a set rather than a groupoid.  Here's my construction: https://github.com/HoTT/HoTT/blob/master/theories/categories/SetCategory/Core.v) 
[Tue Jul 22 17:55:47 2014] <osa1> ianjneu: do you mean in termination checker or equality? what was the bug?
[Tue Jul 22 17:56:07 2014] <jgross> Also, I'm happy to answer questions, though I only check IRC a few times a day (at most; ocassionally I only check it once every few days).  If you mention 'jgross', though, it'll be highlighted in my client, and I'll notice it. 
[Tue Jul 22 17:56:16 2014] <ianjneu> cafe closing. Relocating.
[Tue Jul 22 17:59:16 2014] <jgross> osa1: The guardedness checker (termination checker) is/was incompatible with propositional extensionality.  (The coinductive productivity checker had a bug that let you prove false in a vaguly similar manner that doesn't actually require propositional extensionality.)  The bugs are now (mostly?) fixed.  There are more details on the coq-club archives.  (You can search for mail from Maxime Denes to find it relatively quickly.) 
[Tue Jul 22 18:24:20 2014] <osa1> what is propositional extensionality? is this that function equality thing?
[Tue Jul 22 18:24:55 2014] <ianjneu> (p <-> q) -> p = q
[Tue Jul 22 18:25:17 2014] <Cypi> Is that the same thing as proof irrelevance?
[Tue Jul 22 18:25:38 2014] <Cypi> Hum, nevermind.
[Tue Jul 22 18:32:25 2014] <osa1> is that defined by default or is it an extra axiom like the one that says functions may be equal even thought they're syntactically not?
[Tue Jul 22 18:32:29 2014] <osa1> (what was the name of it?)
[Tue Jul 22 18:32:39 2014] <Cypi> functional extensionality
[Tue Jul 22 18:32:43 2014] <Cypi> and that's an extra axiom
[Tue Jul 22 18:33:33 2014] <ianjneu> functional extensionality is an axiom in Coq, but it does follow from the computational extensional equality from univalence.
[Tue Jul 22 18:56:55 2014] <osa1> so what's univalence? I always thought HoTT when I heard univalence I don't have many ideas about HoTT too :) I was just reading this "Function extensionality as a principle of equality cannot be derived in ITT, but must be added as an additional postulate (or derived from a stronger postulate, such as univalence or the existence of a one-dimensional interval type)." in one of Robert Harper's blog posts
[Tue Jul 22 19:11:36 2014] <osa1> "The “Fix” combinator is written as primitive-recursive in the structure of a termination proof, and extraction to OCaml erases proofs systematically." so when I use well-founded recursion, decreasing argument is actually the termination proof? cool.
[Tue Jul 22 19:18:04 2014] <ianjneu> osa1: that is correct.
[Wed Jul 23 12:45:58 2014] <ianjneu> ijp: Another Racket/Coq member. Interesting.
[Wed Jul 23 12:51:25 2014] <ijp> I'm not stalking you, honest!
[Wed Jul 23 12:52:00 2014] <ianjneu> Nah, anyone straddling Racket and Coq at the same time is too busy for stalking.
[Thu Jul 24 00:13:02 2014] <sjouke> http://rosettacode.org/wiki/Proof#Agda
[Thu Jul 24 00:13:21 2014] <sjouke> i've heard that coq is usually more verbose than agda, but this doesn't seem to be the case here
[Thu Jul 24 00:13:38 2014] <sjouke> what do you get with agda that you don't get with coq?
[Thu Jul 24 00:13:47 2014] <sjouke> what do you get with coq that you don't get with agda?
[Thu Jul 24 05:01:00 2014] <johnw> how good/complete would you say Coq's extraction to OCaml is in 8.4?
[Thu Jul 24 07:08:50 2014] <alkabetz> johnw: Modulo a couple issues related to functor extraction, it’s very complete.
[Thu Jul 24 07:09:06 2014] <alkabetz> The Coq development team makes the OCaml extractor a higher priority than the Haskell or Scheme extractors.
[Thu Jul 24 07:09:56 2014] <alkabetz> We’re using it for research work in my group, and it produces multiple thousand lines of OCaml without issue (save for the aforementioned functor issues).
[Thu Jul 24 07:42:55 2014] <Anarchos> alkabetz what for do you produce code ?
[Thu Jul 24 07:48:27 2014] <alkabetz> We have a compiler written in Coq; its bottom IR gets extracted to OCaml, which pretty-prints it.
[Thu Jul 24 07:48:35 2014] <alkabetz> It’s really a performance hack.
[Thu Jul 24 07:53:36 2014] <Anarchos> alkabetz a compiler for which language ?
[Thu Jul 24 07:54:22 2014] <alkabetz> Bedrock: http://plv.csail.mit.edu/bedrock/
[Thu Jul 24 07:56:46 2014] <Anarchos> alkabetz oh you work with adam ?
[Thu Jul 24 07:58:22 2014] <alkabetz> Yes.
[Thu Jul 24 07:58:49 2014] <Anarchos> alkabetz oh i envision you will write a verified operating system in coq some day ?
[Thu Jul 24 07:59:21 2014] <alkabetz> I don’t know about me personally, but I think that’s a dream :)
[Thu Jul 24 07:59:31 2014] <alkabetz> The technology is still quite a way away from taking on a project of that magnitude.
[Thu Jul 24 08:35:26 2014] <Anarchos> alkabetz is it the opinion of your team ?
[Thu Jul 24 08:52:07 2014] <alkabetz> I like my group.  Everybody is very competent.  I can get a lot of good help when Coq misbehaves. :)
[Thu Jul 24 09:03:13 2014] <Anarchos> alkabetz sure, as adam wrote a book about coq :)
[Thu Jul 24 09:39:07 2014] <Hodapp> adam? of CPDT?
[Thu Jul 24 09:46:21 2014] <Anarchos> Hodapp yes
[Thu Jul 24 09:47:00 2014] <Hodapp> I need to read that book
[Thu Jul 24 10:10:54 2014] <Anarchos> Hodapp i began but it becomes difficult early...
[Thu Jul 24 10:11:45 2014] <Cypi> Agreed, I'm currently trying to read it
[Thu Jul 24 13:29:46 2014] <Ptival> hehe, Adam is much nicer in person than he appears on the Coq mailing list :)
[Thu Jul 24 13:32:06 2014] <ianjneu> Ptival: he's gotten better.
[Thu Jul 24 13:32:49 2014] <ianjneu> Once he all but said to me that my research is stupid.
[Thu Jul 24 13:36:51 2014] <Anarchos> ianjneu what rude :/
[Thu Jul 24 13:40:06 2014] <ianjneu> Well, I pivoted research topics after that anyway, since Matthias Felleisen told me, "it's a noble goal, but I've been thinking about how to do that for 20 years and still don't know where to start."
[Thu Jul 24 13:40:48 2014] <ianjneu> Not many people appreciate hygienic macros.
[Thu Jul 24 14:51:31 2014] <johnw> I'm now about halfway through CPDT
[Thu Jul 24 14:51:42 2014] <johnw> some parts of certainly denser than others, so skip them if they give you troubles
[Thu Jul 24 14:51:45 2014] <johnw> better parts lie ahead :)
[Thu Jul 24 14:52:10 2014] <johnw> I'm glad he wrote it, but so far I haven't seen anything else even remotely like it out in the world
[Thu Jul 24 14:52:22 2014] <johnw> which is a shame, because Coq can do some very cool things
[Thu Jul 24 14:55:12 2014] <Hodapp> certified programming I thought was not particularly unique - is it the dependent typing that makes it unique?
[Thu Jul 24 14:55:22 2014] <johnw> it's the emphasis on proof automation
[Thu Jul 24 14:55:42 2014] <Hodapp> I thought automated proof assistants were already used plenty for certified programming though
[Thu Jul 24 14:55:44 2014] <johnw> he basically makes the claim that nearly every proof you do should end up using only one or two tactics for the body of the proof
[Thu Jul 24 14:55:53 2014] <Hodapp> huh
[Thu Jul 24 14:58:32 2014] <tautologico> I'm liking cpdt as well, though some parts I only skim to keep for future reference... part III about proof automation and Ltac is interesting (Coq'Art didn't cover Ltac if I remember correctly)
[Thu Jul 24 14:58:59 2014] <johnw> yeah, I've skimmed several sections now, since they really get into the nitty gritty of how to automate very particular scenarios
[Thu Jul 24 14:59:08 2014] <johnw> it's good enough to know they're there for future reference
[Thu Jul 24 14:59:37 2014] <johnw> but it's cool just how much area he covers
[Thu Jul 24 14:59:49 2014] <johnw> at OPLSS I asked elarnon if there was a way to use domain theory to encode free monads in Coq
[Thu Jul 24 15:00:07 2014] <johnw> and lo and behold, CPDT has a chapter on using domain theory to encode potentially non-terminating monads in Coq :)
[Thu Jul 24 15:00:14 2014] <tautologico> yes
[Thu Jul 24 15:00:42 2014] <tautologico> this is the chapter about general recursion, and it's quite useful
[Thu Jul 24 15:00:53 2014] <ijp> Hodapp: dependent typing is not really unique either
[Thu Jul 24 15:01:39 2014] <tautologico> it's curious that there's nothing about type classes, but I think the book was mostly written a few years ago
[Thu Jul 24 15:07:51 2014] <johnw> I had an idea for the Admitted directive
[Thu Jul 24 15:08:34 2014] <johnw> What if Admitted, instead of just assuming the theorem, in the background generated a QuickCheck test for that theorem and ran it through 100 iterations during type-checking, so that you could at least get sanity checking for pending proofs
[Thu Jul 24 15:11:55 2014] <tautologico> this could be problematic for some richer types in Coq
[Thu Jul 24 15:12:30 2014] <ianjneu> quickcheck my theorem that assumes the generalized reimann hypothesis
[Thu Jul 24 15:12:44 2014] <ianjneu> riemann*
[Thu Jul 24 15:22:56 2014] <johnw> well, let's say it'll do it if and where it can
[Thu Jul 24 15:23:08 2014] <johnw> a "better than nothing" approach, that can also just be turned off
[Thu Jul 24 15:23:18 2014] <johnw> maybe Tested instead of Admitted
[Thu Jul 24 15:23:28 2014] <Anarchos> ianjneu what was your first research topics ?
[Thu Jul 24 15:23:29 2014] <ianjneu> johnw: Well, this exists in the ACL2 sedan :)
[Thu Jul 24 15:23:40 2014] <johnw> ianjneu: nice to know!
[Thu Jul 24 15:24:02 2014] <johnw> at work i'm currently reviewing the theorems proving universe, so that kind of info is exactly what I'm looking for
[Thu Jul 24 15:24:42 2014] <ianjneu> Anarchos: 1st was automated theorem proving in ACL2 with Pete Manolios. He pivoted to system assembly via SMT, so I went to work with Mitch Wand on proving correctness of hygienic macros.
[Thu Jul 24 15:25:02 2014] <Anarchos> what is ACL2 ?
[Thu Jul 24 15:25:30 2014] <ianjneu> a computational logic for applicative common lisp.
[Thu Jul 24 15:26:27 2014] <ianjneu> It's a current "Boyer-Moore" style theorem prover, actively developed by Moore and more substantially by Matt Kaufmann.
[Thu Jul 24 15:26:37 2014] <johnw> we're using ACL2 in fact, but not my immediate gruop
[Thu Jul 24 15:26:38 2014] <ianjneu> The other "current" is PVS.
[Thu Jul 24 15:27:07 2014] <johnw> alkabetz: say hi to adam from me, I was one of his first hcoop users :)
[Thu Jul 24 15:27:11 2014] <Anarchos> ok
[Thu Jul 24 15:27:39 2014] <alkabetz> johnw: He’s at a PI meeting right now, but I’ll be sure to mention you when he gets back next week
[Thu Jul 24 15:28:22 2014] <johnw> when I first knew him, he was undergrad, that was a long time ago now, 12 years?
[Thu Jul 24 15:32:17 2014] <osa1> is this a file format that GNU Make recognizes or is this for some Coq-specific build tool http://mattam.org/repos/coq/prelude/Make ?
[Thu Jul 24 15:36:01 2014] <johnw> that looks like a file you'd import into a makefile
[Thu Jul 24 15:36:08 2014] <johnw> how, I don't know
[Thu Jul 24 15:36:11 2014] <osa1> awful. I guess that project uses some now invalid Coq syntax
[Thu Jul 24 15:36:14 2014] <johnw> are you using coq_makefile to generate your Makefile?
[Thu Jul 24 15:36:33 2014] <osa1> no
[Thu Jul 24 15:36:55 2014] <osa1> I never used that. but that project won't work anyway
[Thu Jul 24 15:39:02 2014] <osa1> looks like that project is last updated in 2007.
[Thu Jul 24 15:39:11 2014] <johnw> which project?
[Thu Jul 24 15:41:52 2014] <osa1> [22:31] <osa1> is this a file format that GNU Make recognizes or is this for some Coq-specific build tool http://mattam.org/repos/coq/prelude/Make ? <--- that one
[Thu Jul 24 15:42:00 2014] <johnw> ah, I see
[Thu Jul 24 15:46:46 2014] <osa1> I have F : Type -> Type and I'm having this error message: `The term "ret ?506 x" has type "F ?506" while it is expected to have type "Type".` any ideas why?
[Thu Jul 24 15:48:42 2014] <Cypi> Probably a problem with universes (which means I won't be able to help you much ^^ )
[Thu Jul 24 15:49:13 2014] <Cypi> Try [Set Printing Universes.] just to confirm.
[Thu Jul 24 15:49:33 2014] <osa1> Error: Use CoqIDE display menu instead
[Thu Jul 24 15:49:35 2014] <osa1> ..........
[Thu Jul 24 15:49:51 2014] <osa1> this thing is driving me crazy
[Thu Jul 24 15:50:02 2014] <Cypi> In "View", check "Display universes levels"
[Thu Jul 24 15:50:08 2014] <Cypi> universe*
[Thu Jul 24 15:50:11 2014] <osa1> I'm not using CoqIDe
[Thu Jul 24 15:50:22 2014] <Cypi> Oh.
[Thu Jul 24 15:50:24 2014] <Cypi> :o
[Thu Jul 24 15:51:16 2014] <osa1> it's just that my coq editor uses coq with -ideslave parameter which makes coq assume that it's running inside CoqIDE.
[Thu Jul 24 15:51:35 2014] <osa1> oh wait, I have CoqIDE installed
[Thu Jul 24 15:52:02 2014] <Anarchos> I have this error when compiling coq : http://pastebin.com/5JzevKFq
[Thu Jul 24 15:53:46 2014] <osa1> Cypi: is this a universe related error http://lpaste.net/108057 ?
[Thu Jul 24 15:55:10 2014] <Cypi> Seems like it, I guess. F returns a [Type (* Top.774 *)] while a [Type (* Top.791 *)] is expected, and most probably, somehow, Top.774 < Top.791 is enforced
[Thu Jul 24 15:55:29 2014] <Cypi> oh wait
[Thu Jul 24 15:55:48 2014] <Cypi> [The term "ret x" has type "x -> F x"] >> I'm not sure actually, don't believe me ^^'
[Thu Jul 24 15:56:52 2014] <osa1> Cypi: I pasted wrong error message
[Thu Jul 24 15:56:55 2014] <osa1> let me paste correct one
[Thu Jul 24 15:57:25 2014] <osa1> Cypi: http://lpaste.net/108057
[Thu Jul 24 15:57:50 2014] <Cypi> Ok, so what I was saying did make sense, I believe
[Thu Jul 24 15:58:02 2014] <Cypi> (not that it would help you however ^^ )
[Thu Jul 24 16:40:40 2014] <osa1> cool. I can use _ to fill that part in tactic mode
[Thu Jul 24 16:40:46 2014] <osa1> while defining instances
[Thu Jul 24 16:44:34 2014] <osa1> I wish I could do that without losing almost all the relevant information.
[Thu Jul 24 16:44:43 2014] <osa1> while defining functions/fixpoints
[Thu Jul 24 16:51:05 2014] <osa1> what to do to use (x, y) syntax for pair construction/pattern matching?
[Fri Jul 25 03:47:59 2014] <roosbeef> is "scattered sublist" in the coq libs?
[Fri Jul 25 03:49:24 2014] <roosbeef> nm guess ill adapt from this http://coq.inria.fr/pylons/contribs/files/HigmanS/v8.4/HigmanS.list_embeding.html#Embeds
[Fri Jul 25 09:30:35 2014] <Hodapp> http://plv.csail.mit.edu/ur/ that's kind of interesting...
[Fri Jul 25 09:30:41 2014] <Hodapp> now if only we could do it client-side o_O
[Fri Jul 25 09:32:15 2014] <ianjneu> Hodapp: sandbox the sandbox in a sandbox.
[Fri Jul 25 09:32:25 2014] <ianjneu> and yet still XSS.
[Fri Jul 25 09:33:34 2014] <ianjneu> Hodapp: also relevant to your interests http://blog.ezyang.com/2012/07/managing-the-server-client-split-in-ur-web/
[Fri Jul 25 09:50:54 2014] <Ainieco> hello
[Fri Jul 25 09:51:14 2014] <Ainieco> "coqc" says "Error: There are pending proofs", what does it means?
[Fri Jul 25 09:51:49 2014] <ianjneu> Ainieco: you have unproven goals, or you haven't written Qed. or Defined. after your proofs.
[Fri Jul 25 09:51:55 2014] <Ainieco> i have quite large file and it looksl ike everyth theorem have its "Qed".
[Fri Jul 25 09:53:01 2014] <ianjneu> unfortunately I don't know of a settable warning for a newly started "Theorem" or "Lemma" during a proof.
[Fri Jul 25 09:53:19 2014] <alkabetz> Binary search your file by commenting out parts to find where the unclosed theorem is. :/
[Fri Jul 25 09:53:47 2014] <Ainieco> uh, okay
[Fri Jul 25 09:55:15 2014] <Ainieco> what is difference between [| ] and [] in "destruct x as"?
[Fri Jul 25 09:56:09 2014] <ianjneu> | separates constructors.
[Fri Jul 25 09:57:09 2014] <ianjneu> if x is of type T, with constructors C1 ... Cn, you would expect a pattern on x to have [names ..._1| ...|names ..._n]
[Fri Jul 25 09:58:01 2014] <ianjneu> where names correspond to arguments of the respective constructors, with trailing names optional.
[Fri Jul 25 09:58:17 2014] <alkabetz> In what circumstances would I be expecting this?
[Fri Jul 25 09:59:59 2014] <alkabetz> When I’m reading somebody else’s code?  When Coq is autogenerating names for me?
[Fri Jul 25 10:00:00 2014] <ianjneu> expecting what? That the syntax makes intuitive sense?
[Fri Jul 25 10:00:15 2014] <alkabetz> Oh, wait, derp
[Fri Jul 25 10:00:19 2014] <alkabetz> That was not a question.
[Fri Jul 25 10:00:28 2014] <alkabetz> I was very confused. :P
[Fri Jul 25 10:00:30 2014] <alkabetz> Sorry.
[Fri Jul 25 10:00:40 2014] <Ainieco> ianjneu: got it, thanks
[Fri Jul 25 10:00:53 2014] <ianjneu> No apologies necessary. Coq has some weird design decisions that cause confusing.
[Fri Jul 25 10:00:56 2014] <ianjneu> confusion*
[Fri Jul 25 14:11:25 2014] <osa1> hi all.
[Fri Jul 25 14:13:11 2014] <osa1> I want to define some languages in Coq -- which means implementing operational semantics, type system etc. as inductive definitions. almost all of the languages contain some kind of binders and thus substitution, alpha renaming etc. and it's too painful to implement those again and again. I'm wondering if we have some libraries to somehow make implementing those easier.
[Fri Jul 25 14:27:08 2014] <Ptival> osa1: there's probably a few
[Fri Jul 25 14:27:17 2014] <Ptival> right now I can think of dblib by Pottier
[Fri Jul 25 14:28:14 2014] <Ptival> might also want to consider PHOAS unless you need to do program transformations
[Fri Jul 25 14:42:55 2014] <Ainieco> hello
[Fri Jul 25 14:43:58 2014] <Ainieco> is there a let statement(expression) in coq?
[Fri Jul 25 14:44:32 2014] <Ainieco> i want to use it within Fixpoint
[Fri Jul 25 14:47:11 2014] <Ptival> Ainieco: I think so, it's probably "let pattern := expr in expr"?
[Fri Jul 25 15:01:46 2014] <johnw> is there a standard library module for applying all the lambda calculus conversions?  I mean, I know beta-reduction would just be "simpl", but what about eta conversion?
[Fri Jul 25 15:04:42 2014] <Ainieco> Ptival: it worked, thanks!
[Fri Jul 25 15:07:39 2014] <alkabetz> johnw: There’s the cbv tactic for β/δ/ι/ζ reduction.  I don’t know about η.
[Fri Jul 25 15:07:52 2014] <johnw> ok, thanks!
[Fri Jul 25 15:08:10 2014] <johnw> I've seen the tactic mentioned in Adam's book
[Fri Jul 25 15:28:28 2014] <Ainieco> how to search proofs by substring?
[Fri Jul 25 15:30:03 2014] <Ainieco> i just want to find all proofs which name includes "beq_nat"
[Fri Jul 25 15:30:16 2014] <Ainieco> of proves something about beq_nat function
[Fri Jul 25 15:31:34 2014] <johnw> well, you can use SearchAbout and SearchRewrite
[Fri Jul 25 15:33:28 2014] <Ainieco> johnw: SearchAbout is what i wanted, thank you
[Fri Jul 25 15:37:57 2014] <Ainieco> johnw: what SearchRewrite does?
[Fri Jul 25 15:38:52 2014] <johnw> SearchRewrite (S _ + n = S (_ + n)
[Fri Jul 25 15:38:58 2014] <johnw> you can search for patterns
[Fri Jul 25 15:41:14 2014] <sfsfsdf> What's your sha256sum of http://coq.inria.fr/distrib/V8.4pl4/files/coq-8.4pl4.tar.gz?
[Fri Jul 25 15:41:25 2014] <Ainieco> johnw: oh, that's really cool!
[Fri Jul 25 17:30:06 2014] <uucico> i'm proving various goals that involve arithmetic (+, -, *, =, <>) over sig types.  ordinarily, omega would be able to solve these without any problem, but some constraints are hidden away inside the sig type.  is there a "omega for sig types" of some sort out there, to help automate proving such things?
[Fri Jul 25 18:05:38 2014] <osa1> Ptival: what is PHOAS?
[Fri Jul 25 18:28:39 2014] <Ptival> osa1: parametric higher-order abstract syntax
[Fri Jul 25 18:28:57 2014] <Ptival> osa1: there's a primer on it in CPDT
[Sat Jul 26 07:22:26 2014] <osa1> I can't make this code copied from CPDT working http://lpaste.net/108181 any ideas what's changed?
[Sat Jul 26 07:28:57 2014] <Cypi> What error do you get?
[Sat Jul 26 07:29:13 2014] <Cypi> Also, make sure to have [Set Implicit Arguments.] if you want to make code from CPDT work
[Sat Jul 26 07:37:04 2014] <osa1> ops, right. it works now, thanks
[Sat Jul 26 15:08:33 2014] <Anarchos> I often got «/bin/sh: ./install.sh: Argument too big», is it known ?
[Sat Jul 26 16:57:15 2014] <Anarchos> it fails in install-library
[Sat Jul 26 18:37:06 2014] <Hodapp> slowly, I think I made sense of why the notation for a function's signature is the same as the notation for logical implication.
[Sat Jul 26 18:37:09 2014] <Hodapp> I think.
[Sat Jul 26 18:53:07 2014] <Anarchos> Hodapp curry howard correspondence.
[Sat Jul 26 18:53:41 2014] <Hodapp> I know the sound-bite reason, but that doesn't give an immediate intuitive notion for the nature of the notation.
[Sat Jul 26 19:16:47 2014] <Hodapp> why are a lot of proofs shown with ; rather than . separating the tactics, in cases where they are equivalent in meaning? (i.e. only one subgoal)
[Sat Jul 26 22:43:00 2014] <Hodapp> huh, Imp.v mentions "Fixpoint loop_false (n : nat) : False := loop_false n." being illegal by virtue of being non-terminating recursion
[Sat Jul 26 22:43:19 2014] <Hodapp> but says, hypothetically, if it were permitted, then 'loop_false 0' would be a proof of False, which would cause all sorts of problems
[Sat Jul 26 22:43:45 2014] <Hodapp> can't quite grasp what they mean there... how would it be a proof of False?
[Sat Jul 26 22:46:44 2014] <Cale> Hodapp: Just look at its type!
[Sat Jul 26 22:47:01 2014] <Cale> Hodapp: loop_false applied to any n : nat has type False
[Sat Jul 26 22:50:36 2014] <Hodapp> but even being permitted, what does that actually matter, when it cannot terminate?
[Sat Jul 26 22:54:01 2014] <Cale> You don't actually evaluate proofs to decide if they're valid.
[Sat Jul 26 22:54:29 2014] <Cale> Evaluation corresponds to some sort of normalisation or simplification of proofs.
[Sat Jul 26 22:55:41 2014] <Cale> Introducing axioms such as LEM will also cause proofs to become stuck terms.
[Sat Jul 26 22:55:50 2014] <Hodapp> LEM?
[Sat Jul 26 22:55:57 2014] <Cale> Law of excluded middle
[Sat Jul 26 22:56:01 2014] <Hodapp> oh.
[Sat Jul 26 22:56:13 2014] <Hodapp> and what is a 'stuck term'?
[Sat Jul 26 22:56:57 2014] <Cale> An expression which isn't a value, but to which no evaluation rule applies.
[Sat Jul 26 22:58:42 2014] <Cale> Er, sorry, or perhaps one which never reaches a value under evaluation.
[Sat Jul 26 22:59:14 2014] <Cale> So infinite loops count as well, even though evaluation rules keep applying, they don't help reduce the expression to a value.
[Sat Jul 26 23:01:49 2014] <Cale> If you think about classical logic, it really has nothing corresponding to evaluation
[Sat Jul 26 23:02:09 2014] <Cale> It just has something which more or less corresponds to typechecking.
[Sat Jul 26 23:06:24 2014] <Hodapp> I think that makes sense, thanks
[Sat Jul 26 23:06:37 2014] <Hodapp> I was off of this textbook for 3 months so I'm having to re-learn some things.
[Sun Jul 27 09:09:10 2014] <osa1> when I have a section and inside it `Variable A : Set`, is that added to definitions in the section as an implicit argument?
[Sun Jul 27 10:16:09 2014] <osa1> I'm trying to implement "get" on ilists using tactics and I wrote this http://lpaste.net/108218 extracted code is different but I believe they could be proven equal(e.g. for same arguments they return same results)
[Sun Jul 27 10:17:43 2014] <osa1> implementing recursion on sub-structures of multiple arguments is too painful to implement in both tactics and code.
[Sun Jul 27 10:21:26 2014] <osa1> also, I don't understand how this line http://lpaste.net/108218#line29 works. (line 29) it's missing get's first argument
[Sun Jul 27 10:36:58 2014] <ianjneu> osa1: note the Set Implicit Arguments.
[Sun Jul 27 10:47:07 2014] <Hodapp> hmm, SF notes the Coq "computation mechanism" a few times but I still have a hazy idea what it actually is
[Sun Jul 27 10:48:23 2014] <ianjneu> Hodapp: beta, iota, delta, zeta reduction?
[Sun Jul 27 12:01:06 2014] <Hodapp> So, if my interpretation is right, when SF gives their example of evaluating some expressions and imperative commands...
[Sun Jul 27 12:01:47 2014] <Hodapp> this can be done as a relation, which requires a proof that the given expression actually does evaluate to a result
[Sun Jul 27 12:02:52 2014] <Hodapp> or it can be done as a function, which utilizes Coq's "computation mechanism", and is itself a constructive way to create that same proof
[Sun Jul 27 12:03:25 2014] <Hodapp> but, then it cannot handle constructs such as their general 'while' loop, because it cannot guarantee termination
[Sun Jul 27 12:07:24 2014] <Hodapp> that's the way I made sense of stuff, so hopefully that's reasonably correct.
[Mon Jul 28 05:15:10 2014] <Anarchos> still "argument too big" when installing coq library :(
[Mon Jul 28 06:21:44 2014] <osa1> I'm implementing code in CPDT without using implicit arguments. I hope this removes some levels of magic.
[Mon Jul 28 06:23:55 2014] <Anarchos> osa1 i cross fingers for you :)
[Mon Jul 28 06:23:57 2014] <osa1> also, I'm avoiding name shadowing since it makes things only more complex and hard to understand. (like y in match ... in return (x y) where y is also a parameter to the enclosing function)
[Mon Jul 28 06:24:02 2014] <osa1> heh
[Mon Jul 28 06:34:37 2014] <osa1> I'm still using {} sometimes
[Mon Jul 28 06:56:18 2014] <osa1> what is Obj.magic Tt and why is it used in places of absurd cases?
[Mon Jul 28 06:56:53 2014] <osa1> (in extracted OCaml code)
[Mon Jul 28 07:02:23 2014] <osa1> is there a value like "undefined" of Haskell to just fill in some parts to see the progress?
[Mon Jul 28 07:04:28 2014] <osa1> in definition of Fin in CPDT, isn't this constructor have wrong type:   | First : forall n, fin (S n) ? I think it should be First : fin 1
[Mon Jul 28 07:07:55 2014] <Cypi> Obj.magic has type [forall A B, A -> B]
[Mon Jul 28 07:08:13 2014] <Cypi> so it serves in places where the OCaml type system isn't expressive enough
[Mon Jul 28 07:11:16 2014] <osa1> Cypi: any ideas about fin?
[Mon Jul 28 07:11:21 2014] <Cypi> About [fin n], as he says, it's meant to be isomorphic to {m : Nat | m < n}. So, first of all, [fin 0] has no elements, hence the [S n] in the constructor [First].
[Mon Jul 28 07:12:04 2014] <Cypi> Then, if you just put [fin 1], it doesn't work: the only inhabitant of [fin 2] would be [Next (First 1)] for example, and so on (you would have exactly one inhabitant of [fin n] for any n > 0).
[Mon Jul 28 07:12:04 2014] <osa1> yeah but I think it should be First : S 0 which still makes it isomorphic to that
[Mon Jul 28 07:12:19 2014] <osa1> ah
[Mon Jul 28 07:12:50 2014] <osa1> I get it now, thanks
[Mon Jul 28 07:13:16 2014] <osa1> I still think my definition would make some stuff easier
[Mon Jul 28 07:13:53 2014] <Cypi> Your definition doesn't make [fin n] isomorphic to {m : Nat | m < n}
[Mon Jul 28 07:14:14 2014] <osa1> right but why we need that isomorphism?
[Mon Jul 28 07:14:29 2014] <Cypi> Because the idea is to use an element of [fin n] as an index for an [ilist n]
[Mon Jul 28 07:14:55 2014] <Cypi> and the only indexes that make sense for an [ilist n] are those in {m : Nat | m < n}
[Mon Jul 28 07:15:05 2014] <Cypi> which is why we want a type to represent this set of indexes
[Mon Jul 28 07:15:21 2014] <osa1> oh right
[Mon Jul 28 07:15:31 2014] <Cypi> Try to write [get] with your definition if you're not convinced
[Mon Jul 28 07:15:44 2014] <osa1> right, my definition would be useless.
[Mon Jul 28 07:15:53 2014] <Cypi> You will either get in trouble trying to write it, or write a definition that will only allow access to the last element
[Mon Jul 28 07:16:10 2014] <Cypi> (depending on the type you want to give it)
[Mon Jul 28 11:18:26 2014] <roosbeef> hi
[Mon Jul 28 11:19:11 2014] <Anarchos> Anybody get  "argument too big" when installing coq library ?
[Mon Jul 28 12:29:10 2014] <osa1> I don't understand how does Coq type check and it's really annoying. I have a constructor `Cons : forall n, A -> ilist n -> ilist (S n)` in a section with `Variable A : Set.` and I can apply that constructor 2, 3, 4 or even 5 arguments. I tried hard to fix it(I removed all implicit argument declaration) but now the closest I could get was `The 1st term has type "Type" which should be coercible to "Set".` which is super frustrating.
[Mon Jul 28 12:33:27 2014] <Anarchos> osa1 is it due to implicit arguments ?
[Mon Jul 28 12:33:57 2014] <osa1> I assume not because I removed implicit arguments commands. unless it's somehow active by default.
[Mon Jul 28 12:38:52 2014] <Anarchos> what is your ilist definition ?
[Mon Jul 28 12:40:05 2014] <osa1> Anarchos: http://lpaste.net/108294 whole code, just evaluate/compile it and you should see
[Mon Jul 28 12:41:59 2014] <osa1> ha! I found same error demonstrated in here http://adam.chlipala.net/cpdt/html/Universes.html
[Mon Jul 28 12:42:04 2014] <Anarchos> osa1 i can't evaluate it (broken install here)
[Mon Jul 28 12:42:41 2014] <osa1> Anarchos: error is given while evaluating last definition (imap)
[Mon Jul 28 12:43:51 2014] <Anarchos> osa1 did you try  Set Printing All. ?
[Mon Jul 28 12:44:06 2014] <osa1> no
[Mon Jul 28 12:44:23 2014] <osa1> I can't use that "Error: Use CoqIDE display menu instead"
[Mon Jul 28 12:44:30 2014] <osa1> ...
[Mon Jul 28 12:45:09 2014] <alkabetz> That just means there’s an option for it in CoqIDE.
[Mon Jul 28 12:45:14 2014] <Anarchos> it should.
[Mon Jul 28 12:45:26 2014] <osa1> alkabetz: really? well guess what, I'm not using CoqIDE
[Mon Jul 28 12:45:39 2014] <osa1> I'm using a vim plugin which runs coq using -ideslave
[Mon Jul 28 12:45:56 2014] <osa1> coq is so smart it assumes I'm using CoqIDE if I use -ideslave since it has to be the only coq ide
[Mon Jul 28 12:46:22 2014] <alkabetz> Ugh. :(
[Mon Jul 28 12:48:01 2014] <osa1> I'll try replacing Sets with Types
[Mon Jul 28 13:09:11 2014] <rooftopjoe> hi. may i ask a question related to formal verification in general (as opposed to coq in particular)? if not, please direct me to a place where this is appropriate.
[Mon Jul 28 13:11:43 2014] <elarnon> don't ask to ask
[Mon Jul 28 13:12:21 2014] <rooftopjoe> normally i don't, but when it's not on-topic, there's always someone who gets on your case :)
[Mon Jul 28 13:12:31 2014] <elarnon> you may get answers here, or someone may redirect you to a more appropriate place, but that is easier to do knowing the question
[Mon Jul 28 13:14:27 2014] <rooftopjoe> ok, so the question is this: i'm new to both functional programming and to formal verification. however, as far as i understand, the point of formal verification is to come up with a mathematical formulation that is self-evidently taken as correct and then prove some imperative code is equivalent to it. functional code, on the other hand, seems to be that mathematical formulation so why not write functional code instead and skip all t
[Mon Jul 28 13:15:34 2014] <elarnon> (your message seem to have hit the length limit and stopped at "instead and skip all t")
[Mon Jul 28 13:16:00 2014] <rooftopjoe> ...all the intermediary steps?
[Mon Jul 28 13:16:04 2014] <rooftopjoe> sorry about that.
[Mon Jul 28 13:17:45 2014] <elarnon> don't worry about it
[Mon Jul 28 13:18:21 2014] <elarnon> there seem to be a couple of misunderstanding somewhere
[Mon Jul 28 13:18:51 2014] <rooftopjoe> i'm not surprised :)
[Mon Jul 28 13:21:41 2014] <rooftopjoe> could you elaborate on what those might be?
[Mon Jul 28 13:21:57 2014] <rooftopjoe> i'm willing to do the research but i'd like to know where to start
[Mon Jul 28 13:21:57 2014] <elarnon> sorry i had to take a call, i'm back
[Mon Jul 28 13:22:07 2014] <rooftopjoe> it's alright, no need to apologize
[Mon Jul 28 13:23:36 2014] <elarnon> so basically formal verification means building a mathematical model of your code (that may be imperative, functional, or hardware circuits…) and proving properties about this model
[Mon Jul 28 13:24:37 2014] <elarnon> the only thing you sake as self-evidently correct is that the model you are building has the same semantics (meaning) as the program/algorithm you are considering
[Mon Jul 28 13:25:39 2014] <rooftopjoe> sure but that's kind of an ambiguous statement. when you write any piece of code, the assumption that you make is that it does what you want it to :)
[Mon Jul 28 13:25:51 2014] <rooftopjoe> but i know what you mean
[Mon Jul 28 13:26:00 2014] <elarnon> functional programming on the other hand does not really concern itself about mathematics (although there are links)
[Mon Jul 28 13:26:52 2014] <elarnon> so the thing is, you may be writing really complex code that does complex stuff efficiently
[Mon Jul 28 13:27:34 2014] <elarnon> (in reply to your remark)
[Mon Jul 28 13:28:06 2014] <elarnon> and the inner working of this program may be really complex
[Mon Jul 28 13:29:18 2014] <elarnon> but you want to prove that is satisfy a simple specification — and for that what you need is a system that can a) express your specification and b) reason about your code
[Mon Jul 28 13:29:55 2014] <elarnon> you may very well just take a formal system that understands the language your code is written in and directly reason about it
[Mon Jul 28 13:30:37 2014] <elarnon> and the only thing that can't be checked is that the semantics of the language understood by your formal system actually corresponds to what your compiler is doing or whatever
[Mon Jul 28 13:31:04 2014] <elarnon> but I digress
[Mon Jul 28 13:31:23 2014] <elarnon> back to functional programming
[Mon Jul 28 13:31:42 2014] <elarnon> the notion is a bit fuzzy
[Mon Jul 28 13:33:11 2014] <elarnon> the main idea is that it means your functions are first-class objects of your language — you can take them as arguments and pass them around
[Mon Jul 28 13:34:51 2014] <rooftopjoe> indeed
[Mon Jul 28 13:34:53 2014] <elarnon> it is often associated to others ideas, amongst them the idea of immutability - once you have a value, you can't change it, and this has the benefit that once you have a value, there is not another piece of code that is going to change it
[Mon Jul 28 13:35:04 2014] <rooftopjoe> so people actually prove functional code too, i take it
[Mon Jul 28 13:35:27 2014] <elarnon> which is why it is "math-like", because it shares characteristics with mathematical objects
[Mon Jul 28 13:35:37 2014] <rooftopjoe> yes, i thought immutability was a key feature of functional programming
[Mon Jul 28 13:36:31 2014] <elarnon> it is usually easier to prove things about functional code because of this immutability
[Mon Jul 28 13:37:13 2014] <elarnon> because it means that you don't have to analyze the set of objets that can be modified each time you do an operation — if you proved something about a value, that property is never going to change
[Mon Jul 28 13:37:17 2014] <rooftopjoe> right, because it is a guarantee that your therems don't break
[Mon Jul 28 13:37:30 2014] <elarnon> yes
[Mon Jul 28 13:38:06 2014] <elarnon> so for instance coq is both a formal verification system and a functional programming language (although you should probably not expect good performances out of it, that is not really the point)
[Mon Jul 28 13:39:10 2014] <elarnon> which allows you to express and prove mathematical properties about code written in its language
[Mon Jul 28 13:39:57 2014] <elarnon> but it is also complete enough that you can define the semantics of other languages in it, and prove properties about programs written in other languages
[Mon Jul 28 13:40:58 2014] <rooftopjoe> i should definitely try it out :)
[Mon Jul 28 13:41:47 2014] <elarnon> a SMT solver on the other hand is an automated formal verification system that is (usually) not a functional language that allows you to express models and properties about them, and have powerful algorithms try to prove them for you
[Mon Jul 28 13:42:32 2014] <elarnon> an languages like OCaml, Haskell, or scheme are functional programming languages but aren't expressive enough to express and prove complex properties about their programs
[Mon Jul 28 13:43:35 2014] <rooftopjoe> i presume smt's aren't particularly useful for big problems (because of the whole p vs np problem)
[Mon Jul 28 13:44:21 2014] <elarnon> if you want to read more about coq i would suggest the Software Foundations book (http://www.cis.upenn.edu/~bcpierce/sf/ )
[Mon Jul 28 13:45:12 2014] <elarnon> so it is not really that smts are not useful for big problems
[Mon Jul 28 13:45:15 2014] <rooftopjoe> is it accessible with someone who has no background in formal verification?
[Mon Jul 28 13:45:19 2014] <elarnon> it's more that they are not useful for complex problems
[Mon Jul 28 13:45:53 2014] <elarnon> it should, yes
[Mon Jul 28 13:46:12 2014] <rooftopjoe> * downloads
[Mon Jul 28 13:46:15 2014] <elarnon> but you should at least read the introduction anyway
[Mon Jul 28 13:46:54 2014] <elarnon> it expands a bit on what i said
[Mon Jul 28 13:48:05 2014] <rooftopjoe> he seems to have given a series of lectures on software foundtions in coq, too
[Mon Jul 28 13:48:08 2014] <elarnon> so the thing about SMTs is, they are usually extremely efficient as long as the problem you throw at them does not involve induction or too much quantifiers
[Mon Jul 28 13:48:13 2014] <rooftopjoe> i'll use that to accompany this material
[Mon Jul 28 13:48:30 2014] <elarnon> and when they fail you are on your own
[Mon Jul 28 13:49:30 2014] <rooftopjoe> i understand what the computational limitations are. i do know some computer science :)
[Mon Jul 28 13:49:35 2014] <elarnon> there is work to adapt SMTs into proof assistants (see for instance http://www.lix.polytechnique.fr/~keller/Recherche/smtcoq.html ) and be able to send them your formulae once you simplified them enough that they can handle it
[Mon Jul 28 13:50:13 2014] <rooftopjoe> ooh
[Mon Jul 28 13:50:15 2014] <rooftopjoe> nice
[Mon Jul 28 13:52:34 2014] <rooftopjoe> what a coincidence that i was studying sat solvers the past few weeks
[Mon Jul 28 13:53:18 2014] <rooftopjoe> i hadn't heard the term "smt" before but i understand what they are
[Mon Jul 28 13:54:14 2014] <elarnon> smt stands for satisfiability modulo theory ; it's basically more powerful sat solvers that "know" about arithmetic or other mathematical theories
[Mon Jul 28 13:54:36 2014] <elarnon> (because at some points booleans are just boring)
[Mon Jul 28 13:55:46 2014] <rooftopjoe> yeah, i read on wikipedia what the gist is
[Mon Jul 28 13:56:02 2014] <rooftopjoe> cool stuff. i'll look over that book cause all this stuff seems exciting
[Mon Jul 28 13:56:24 2014] <elarnon> do you have something precise you are trying to do?
[Mon Jul 28 13:56:51 2014] <rooftopjoe> no, just wanting to educate myself
[Mon Jul 28 13:57:33 2014] <elarnon> :-)
[Tue Jul 29 07:31:49 2014] <osa1> is isabelle also a dependently typed PL with some helper tools(like tactics) for proving?
[Tue Jul 29 07:54:06 2014] <alkabetz> IIRC it’s not dependently typed, but it does have a tactic system.
[Tue Jul 29 08:08:31 2014] <osa1> so no curry-howard or similar correspondence of isabelle programs and props/proofs? or does it have a different type system?
[Tue Jul 29 08:37:06 2014] <Hodapp> does the lack of dependent typing limit how much Curry-Howard applies?
[Tue Jul 29 09:01:30 2014] <elarnon> iirc, there is no real curry-howard correspondance in isabelle (maybe in the kernel ; but to the end-user proofs and terms / propositions and types are different beasts)
[Tue Jul 29 09:26:21 2014] <osa1> Hodapp: probably not but I think you still need a type system
[Tue Jul 29 09:27:01 2014] <osa1> so I'm reading the paper and apparently they specified a subset of C in isabelle. I'm wondering if they had a compiler from that definition too.
[Tue Jul 29 09:27:11 2014] <osa1> had a compile for that definition too*
[Tue Jul 29 12:22:48 2014] <Hodapp> elarnon: what does a language itself do to support Curry-Howard Correspondence?
[Tue Jul 29 12:24:03 2014] <Hodapp> the only language of this sort that I've worked with is Coq, really
[Tue Jul 29 12:28:20 2014] <ianjneu> Hodapp: Curry-Howard is a syntactic thing. It's probably not what want. Say you have a linear arithmetic solver in your typechecker to relieve you from mundane arithmetical manipulation. You would then need a syntactic form, like "using linarith, e"
[Tue Jul 29 12:31:31 2014] <Hodapp> ianjneu: I guess my take after reading a little is that it looked more like a way of interpreting things than a syntactic thing, but I'm not very familiar (as you've probably guessed from my derpy questions here).
[Tue Jul 29 13:08:57 2014] <elarnon> Hodapp: my formulation was a bit confusing, sorry — what I meant was that iirc in Isabelle there are distinct mechanisms for programs/types and formulae/proofs, so that (unlike e.g. Coq) it doesn't really apply the ideas in the correspondance
[Tue Jul 29 13:10:47 2014] <elarnon> of course you can always apply the correspondance to a logic system and get a typing system and conversely, the correspondance is just the insight that these are the same anyway, merely looked at through different glasses
[Tue Jul 29 14:24:38 2014] <Hodapp> elarnon: well, that's why I asked - what does a language itself do to support it?
[Tue Jul 29 14:25:24 2014] <Hodapp> elarnon: or are you saying that what it provides is not particularly useful when viewed that way, compared to (for instance) Coq?
[Tue Jul 29 14:25:24 2014] <elarnon> there is no difference between proofs/programs and propositions/types in coq
[Tue Jul 29 14:26:23 2014] <elarnon> i mean they really are the same thing, everything you can do with types inside coq you can do with a proposition
[Tue Jul 29 14:26:33 2014] <elarnon> that is, afaik, not the case in Isabelle
[Tue Jul 29 14:26:45 2014] <Hodapp> ahhh, okay
[Tue Jul 29 14:28:38 2014] <elarnon> (well you probably can but that's two different mechanism — afai the exact tactic wouldn't make much sense in Isabelle for instance)
[Tue Jul 29 14:30:11 2014] <Hodapp> so any sort of translation between the two would have to be done manually?
[Tue Jul 29 14:30:37 2014] <elarnon> again, that's as far as user interaction is concerned ­ Isabelle is a LCF system so the kernel is probably using propositions as types
[Tue Jul 29 14:31:36 2014] <Hodapp> hmmmm
[Tue Jul 29 14:33:13 2014] <elarnon> from what I understand Isabelle's programs are sort of written in some DSL embedded in Isabelle
[Tue Jul 29 14:42:17 2014] <johnw> hi elarnon!  bon jour
[Tue Jul 29 14:56:20 2014] <elarnon> hi johnw !
[Tue Jul 29 14:56:25 2014] <elarnon> how are you doing?
[Tue Jul 29 14:56:31 2014] <johnw> I'm good, you?
[Tue Jul 29 14:56:39 2014] <elarnon> (crap, i'm getting confused with spaces before punctuation again)
[Tue Jul 29 14:57:11 2014] <elarnon> I'm having a little bit of trouble writing my internship report, but I'm good otherwise
[Tue Jul 29 14:57:17 2014] <johnw> will you be at ICFP?
[Tue Jul 29 14:58:02 2014] <elarnon> I don't think I'll be at any conference in the next year
[Tue Jul 29 14:59:17 2014] <elarnon> it will depend how things go, but if things are going well I should be doing industry internships the whole year
[Tue Jul 29 15:02:53 2014] <johnw> aw, we'll miss you then
[Tue Jul 29 15:03:06 2014] <johnw> I may visit france during the two weeks after ICFP though
[Tue Jul 29 15:03:36 2014] <johnw> my father bought a property I think in Bordeaux?  We may drive down to visit it
[Tue Jul 29 15:26:04 2014] <osa1__> what's LCF?
[Tue Jul 29 15:27:19 2014] <roosbeef> how do i prove transitivity of a definition like this? Do i need to use induction? And if so, how?
[Tue Jul 29 15:27:20 2014] <roosbeef> https://privatepaste.com/310fa9ad06
[Tue Jul 29 15:29:53 2014] <johnw> I believe you'd use induction on L1
[Tue Jul 29 15:30:07 2014] <johnw> and you may need to generalize your dependents L2 and L3
[Tue Jul 29 15:31:25 2014] <roosbeef> hm
[Tue Jul 29 15:31:38 2014] <roosbeef> what do you mean by that :p
[Tue Jul 29 15:32:21 2014] <roosbeef> alright so after doing induction L1, ive got https://privatepaste.com/c92c15ebb8
[Tue Jul 29 18:29:43 2014] <mankyKitty> Does anyone here work with Coq & Vim ? Just trying ot use the coquille plugin and it's a bit interesting
[Tue Jul 29 18:37:30 2014] <osa1> mankyKitty: I'm using vim
[Tue Jul 29 18:38:00 2014] <osa1> mankyKitty: I had some problems with coquille. there's a Coq plugin in vim.org, I use a modified version of it and it works great.
[Tue Jul 29 18:38:15 2014] <mankyKitty> osa1: awesome cheers
[Tue Jul 29 18:38:23 2014] <mankyKitty> what did you have to modify?
[Tue Jul 29 18:38:37 2014] <osa1> mankyKitty: it's coming with hard-coded colors so you have to modify that parts for your color scheme
[Tue Jul 29 18:38:49 2014] <osa1> mankyKitty: see my vim setup at github.com/osa1/rcbackup
[Tue Jul 29 18:38:55 2014] <mankyKitty> ahhh okay.
[Tue Jul 29 18:39:21 2014] <mankyKitty> that's not a huge drama then :)
[Tue Jul 29 18:39:31 2014] <osa1> right
[Tue Jul 29 18:40:04 2014] <mankyKitty> thanks for that. :)
[Tue Jul 29 18:40:09 2014] <osa1> mankyKitty: there's also another problem but that's all
[Tue Jul 29 18:40:40 2014] <osa1> mankyKitty: you can't enable some Coq settings because Coq thinks you're using CoqIDE and says "use CoqIDE menu to do that".
[Tue Jul 29 18:40:46 2014] <osa1> other than that it works great.
[Tue Jul 29 18:40:50 2014] <mankyKitty> haha
[Tue Jul 29 18:40:52 2014] <mankyKitty> nifty
[Tue Jul 29 18:41:07 2014] <mankyKitty> I'm not really doing anything creepy so it should be fine
[Wed Jul 30 03:06:45 2014] <roosbeef> how do i prove transitivity on a relation on lists? (eg. sublist)
[Wed Jul 30 03:07:15 2014] <roosbeef> forall K L M, sublist K L -> sublist L M -> sublist K M
[Wed Jul 30 03:07:44 2014] <roosbeef> where to apply induction? What variable to introduce first? Im trying different things but somehow keep running into walls
[Wed Jul 30 04:26:57 2014] <roosbeef> should it be difficult to prove transitivity?
[Wed Jul 30 04:27:05 2014] <roosbeef> i dont get why im stuck on this for hours lol
[Wed Jul 30 04:36:53 2014] <dolle> How is sublist defined?
[Wed Jul 30 04:37:59 2014] <dolle> I guess you could start by proving forall K L, sublist K L <-> exists K1 K2, K1 ++ K ++ K2 = L, from which you result would follow directly
[Wed Jul 30 04:39:24 2014] <roosbeef> as such: https://privatepaste.com/eb9a5845f6
[Wed Jul 30 04:42:01 2014] <dolle> Ohh, I see. Not the kind of sublist I thought :)
[Wed Jul 30 04:43:10 2014] <dolle> This is kind of ordered multi-set inclusion
[Wed Jul 30 04:45:42 2014] <dolle> It doesn't work by induction on derivations?
[Wed Jul 30 04:49:44 2014] <roosbeef> whats that?
[Wed Jul 30 04:51:18 2014] <dolle> Induction on the structure of the proof of `sublist K L', instead of one of K or L
[Wed Jul 30 04:51:46 2014] <roosbeef> that sounds interesting
[Wed Jul 30 04:51:49 2014] <roosbeef> how do i do that
[Wed Jul 30 04:53:02 2014] <dolle> Wait, actually, I don't think that applies here. But otherwise you could do something like `intros K L M SP. induction SP.'
[Wed Jul 30 04:53:37 2014] <roosbeef> wow thats weird
[Wed Jul 30 04:53:45 2014] <roosbeef> it doesnt apply here?
[Wed Jul 30 04:54:23 2014] <roosbeef> ohh wait
[Wed Jul 30 04:54:34 2014] <roosbeef> think its starting to dawn on me
[Wed Jul 30 04:54:36 2014] <dolle> No, I don't think it's going to help you, since the second argument is decreasing anyway
[Wed Jul 30 04:54:41 2014] <roosbeef> hm but youre saying thats not useful?
[Wed Jul 30 04:55:01 2014] <dolle> I think, however, that you might get somewhere by generalizing the first two lists and doing induction over M.
[Wed Jul 30 04:55:41 2014] <roosbeef> hm could you clarify that perhaps?
[Wed Jul 30 04:55:53 2014] <roosbeef> so lets say we have
[Wed Jul 30 04:55:59 2014] <roosbeef> Lemma sublist_trans : forall K M L, sublist K L -> sublist L M -> sublist K M.
[Wed Jul 30 04:56:29 2014] <dolle> So: intros K L M. generalize K L. clear K L. induction M.
[Wed Jul 30 04:57:31 2014] <roosbeef> https://privatepaste.com/737fe58def
[Wed Jul 30 04:57:41 2014] <roosbeef> ok, ive been at that point
[Wed Jul 30 04:57:45 2014] <roosbeef> but how to proceed from there?
[Wed Jul 30 05:00:11 2014] <dolle> The first goal can be solved by using inversion on H, from which you learn that K=nil. Then you can proceed by induction on L, (or, prove in a different lemma that forall L, sublist nil L).
[Wed Jul 30 05:01:22 2014] <roosbeef> ok thats a good idea, ill prove that in an auxiliary lemma
[Wed Jul 30 05:01:56 2014] <roosbeef> https://privatepaste.com/29715fdcf5
[Wed Jul 30 05:02:21 2014] <roosbeef> no wait
[Wed Jul 30 05:02:32 2014] <roosbeef> https://privatepaste.com/52e44ee2f4
[Wed Jul 30 05:02:57 2014] <roosbeef> hm
[Wed Jul 30 05:03:06 2014] <roosbeef> so first induction on M, then on L, and then on K right?
[Wed Jul 30 05:04:32 2014] <dolle> Okay, I just went through the proof in coq, and it actually suffices to do only a single induction over M.
[Wed Jul 30 05:05:16 2014] <roosbeef> thats it?
[Wed Jul 30 05:05:31 2014] <roosbeef> but how do you do the rest then?
[Wed Jul 30 05:05:49 2014] <dolle> So, let's go though it, the goals that you pasted look right.
[Wed Jul 30 05:06:58 2014] <dolle> Oh, wait, it seems like you ended up doing induction on the middle list instead of the last. Can you paste your lemma and the proof script up until now?
[Wed Jul 30 05:08:42 2014] <roosbeef> sure
[Wed Jul 30 05:08:47 2014] <roosbeef> https://privatepaste.com/eb728d803f
[Wed Jul 30 05:09:20 2014] <dolle> ah, yes. In your first line, you actually rename your variables.
[Wed Jul 30 05:09:56 2014] <dolle> When you write "intros K L M", it does not change the order that the variables are introduced, you just assign them new names. So, this renames M to L, and L to M :)
[Wed Jul 30 05:10:04 2014] <roosbeef> oh haha
[Wed Jul 30 05:10:08 2014] <roosbeef> i didnt mean to
[Wed Jul 30 05:11:10 2014] <dolle> It probably makes most sense to reorder the variables in the statement of the lemma, so they come in alphabetical order ;)
[Wed Jul 30 05:12:11 2014] <dolle> Anyways, after that, you only need `intros K L M. generalize K L. clear K L. induction M.', and after that, everything should go through by using inversion and applying the induction hypothesis and the sublist_cons rules.
[Wed Jul 30 05:12:53 2014] <dolle> I can send you my proof script if you want to :)
[Wed Jul 30 05:15:11 2014] <roosbeef> yes please
[Wed Jul 30 05:15:18 2014] <dolle> Here you go: http://privatepaste.com/5deffa9eb2
[Wed Jul 30 05:15:37 2014] <roosbeef> right now my head is still spinning from a thousand and one brute force attempts :p
[Wed Jul 30 05:15:37 2014] <dolle> It's a little messy, but you should be able to step through it and get the idea
[Wed Jul 30 05:16:03 2014] <roosbeef> awesome :) gonna have a closer look at that
[Wed Jul 30 05:16:06 2014] <dolle> Haha, yes, I know the feeling :).
[Wed Jul 30 05:16:55 2014] <roosbeef> thanks a million :) brb
[Wed Jul 30 05:17:10 2014] <dolle> You're welcome :)
[Wed Jul 30 09:57:52 2014] <roosbeef> how hard is it to write and prove a custom induction lemma?
[Wed Jul 30 10:06:03 2014] <roosbeef> maybe this induction lemma already exists?
[Wed Jul 30 10:06:24 2014] <roosbeef> https://privatepaste.com/9e6d7ca0f3
[Wed Jul 30 10:09:36 2014] <roosbeef> its based on well-founded induction i guess
[Wed Jul 30 10:15:57 2014] <roosbeef> nm got it :) pretty simple
[Wed Jul 30 13:50:48 2014] <osa1> "A compiling option of Coq allows to type-check theories in this extended system." what does this extended system provide? (from http://coq.inria.fr/refman/Reference-Manual006.html)
[Wed Jul 30 13:56:40 2014] <osa1> I'm having trouble finding info about sections in the documentation
[Wed Jul 30 13:57:48 2014] <Ptival_> it provides impredicativity of Set
[Wed Jul 30 13:58:38 2014] <Hodapp> is Coq predicative absent that?
[Wed Jul 30 13:58:58 2014] <alkabetz> Modulo bugs in Coq, yes.
[Wed Jul 30 14:00:48 2014] <Hodapp> Okay. I was reading about Calculus of Constructions, and constructive type theory, last night and confusing myself a bit.
[Wed Jul 30 14:05:28 2014] <osa1> Ptival: does that mean I can have `Inductive ty : Set -> Set` ?
[Wed Jul 30 14:06:44 2014] <osa1> Ptival: does that lead to inconsistencies? if not, why not enable it by default?
[Wed Jul 30 14:07:30 2014] <alkabetz> Impredicativity does lead to inconsistencies.
[Wed Jul 30 14:07:46 2014] <Anarchos> alkabetz like russel's paradox ?
[Wed Jul 30 14:07:51 2014] <alkabetz> Exactly.
[Wed Jul 30 14:12:04 2014] <alkabetz> Although now that I look more into this, I see this in CPDT: ‘… [Prop] is impredicative….  The impredicativity of [Prop] interacts crucially with the elimination restriction to avoid those pitfalls.’
[Wed Jul 30 14:12:51 2014] <osa1> alkabetz: which page?
[Wed Jul 30 14:13:40 2014] <alkabetz> Not sure; my copy’s not in front of me.  It’s in http://adam.chlipala.net/cpdt/html/Universes.html.
[Wed Jul 30 14:13:40 2014] <osa1> chapter 12  I guess
[Wed Jul 30 14:50:42 2014] <main> Hi. Anyone read "Certified programming and dependent types" and "Software fundations" ?
[Wed Jul 30 14:51:00 2014] <alkabetz> I’ve read some of each.
[Wed Jul 30 14:51:20 2014] <Hodapp> I'm reading the latter.
[Wed Jul 30 14:54:48 2014] <main> alkabetz: great. Could you compare them? I am a SC & maths student and I am wondering which would be better for me to read? The main reason why I want to know Coq is to prove programs but from the introduction to Cpdt I have a feeling that it is less precise (a library is used for proof automation from the begininng instead of manual proofs)
[Wed Jul 30 14:57:09 2014] <alkabetz> Full disclosure: The author of CPDT is my advisor. :)
[Wed Jul 30 14:57:44 2014] <alkabetz> But that said, I agree with the widespread advice that you should start with Software Foundations, and then switch to CPDT when you get bored.
[Wed Jul 30 14:58:36 2014] <main> alkabetz: ok, thanks
[Wed Jul 30 14:58:49 2014] <alkabetz> If you want to deal with large proof developments, you need the style of automation integrated throughout CPDT.  But for just starting out, I think learning to do proofs manually is valuable.
[Wed Jul 30 14:59:01 2014] <alkabetz> (Heck, learning to write proof terms is valuable until you get sick of it.)
[Wed Jul 30 15:03:54 2014] <Anarchos> alkabetz i tried to learn write proof, but i go fast to use "intro, induction auto elim" only :/
[Wed Jul 30 15:04:21 2014] <vanila> <alkabetz> Impredicativity does lead to inconsistencies.
[Wed Jul 30 15:04:39 2014] <vanila> I don't think that is true, what do you mean by "Impredicativity"?
[Wed Jul 30 15:05:13 2014] <vanila> System F is usually considered impredicative, for example
[Wed Jul 30 15:05:23 2014] <ezyang> vanila: Yes, and it's inconsistent with classical axioms
[Wed Jul 30 15:05:38 2014] <ezyang> well, System F is not strong enough to be that interesting, I guess
[Wed Jul 30 15:05:45 2014] <ezyang> Coq used to be impredicative by default
[Wed Jul 30 15:09:46 2014] <Saizan_> if you have impredicativity for large types then you are even inconsistent with and sigma types
[Wed Jul 30 15:19:17 2014] <vanila> Coq has -impredicative-set, I doubt they would provide that if it was contradictory
[Wed Jul 30 15:37:21 2014] <alkabetz> vanila: -impredicative-set lets you break the consistency of Coq, which is why it’s a flag you have to turn on as opposed to the default.
[Wed Jul 30 15:41:03 2014] <vanila> How is that done?
[Wed Jul 30 15:41:44 2014] <vanila> I think you need extra axioms like excluded middle, for it to cause contradiction
[Wed Jul 30 15:44:21 2014] <alkabetz> IIRC you would lose only with impredicativity, but I’ve never actually constructed a proof of False from an impredicative Coq. Somebody else can probably give a more complete/satisfying answer. :/
[Wed Jul 30 15:44:40 2014] <ianjneu> vanila: http://okmij.org/ftp/Haskell/impredicativity-bites.html
[Wed Jul 30 15:44:52 2014] <vanila> ianjneu, I don't think that's relevant?
[Wed Jul 30 16:00:16 2014] <Ptival> "Set has been made predicative from version 8.0 of Coq. The main reason is to interact smoothly with a classical mathematical world where both excluded-middle and the axiom of description are valid"
[Wed Jul 30 16:03:07 2014] <ianjneu> Hmm, I thought it had something to do with injective constructors too. Guess that's wrong.
[Wed Jul 30 16:04:30 2014] <Ptival> ianjneu: it
[Wed Jul 30 16:04:34 2014] <Ptival> also does
[Wed Jul 30 16:04:36 2014] <Ptival> cf.
[Wed Jul 30 16:05:20 2014] <Ptival> http://coq.inria.fr/faq?som=5#htoc48
[Wed Jul 30 16:05:44 2014] <ianjneu> Ptival: is Girard's proof that Impredicative MLTT in his dissertation related?
[Wed Jul 30 16:05:53 2014] <vanila> ah "The question remains open whether injectivity is consistent on some large inductive types not expressive enough to encode known paradoxes (such as type I above)."
[Wed Jul 30 16:05:55 2014] <Ptival> idk
[Wed Jul 30 16:06:03 2014] <vanila> so it's an open problem
[Wed Jul 30 16:06:05 2014] <ianjneu> impredicative MLTT is inconsistent*
[Wed Jul 30 17:17:29 2014] <osa1> "Matthieu Sozeau has started the discussion on Haskell Cafe on January 27, 2010, describing the divergence in the type checker encountered while encoding a recently found Coq paradox in Haskell" where can I learn more about this paradox? was that an implementation related bug or a problem in theory? (maybe in cic or whatever)
[Wed Jul 30 20:25:10 2014] <vanila> How do I get the emacs mode to put me into hybrid 3 window mode?
[Wed Jul 30 20:25:20 2014] <vanila> I mean, it works when I select that from the menu
[Wed Jul 30 20:25:39 2014] <vanila> but when I close and reopen im back in 'smart'
[Wed Jul 30 20:38:53 2014] <mankyKitty> vanila: there is an option in the emacs menu I believe to switch to 3 buffer mode
[Wed Jul 30 20:39:02 2014] <mankyKitty> I think
[Wed Jul 30 20:39:08 2014] <vanila> I selected that, then saved my preferences - but when I reopen im back to smart mode
[Wed Jul 30 20:40:49 2014] <mankyKitty> oohh right, yeah that's a different collection of settings.. something about remembering buffer configs and restoring on open.. I've not used them though so I'm not much help. Sorry :)
[Wed Jul 30 20:49:51 2014] <osa1> is there a way to make a section variable implicit outside of the section?
[Wed Jul 30 20:55:11 2014] <osa1> uh... Error: Impossible to unify "?20" with "?20".
[Wed Jul 30 22:28:21 2014] <uucico> i've run into a situation where "inversion" appears to construct an existT out of nowhere (http://lpaste.net/108469).  any ideas as to what's going on -- what terms or concepts should i read about / google for?
[Wed Jul 30 23:53:49 2014] <tautologico> why (if eq_nat_dec x x then true else false) does not reduce/simplify to true?
[Wed Jul 30 23:56:50 2014] <chirpsalot> tautologico: what is eq_nat_dec?
[Wed Jul 30 23:57:12 2014] <chirpsalot> tautologico: and how did you define your booleans?
[Wed Jul 30 23:58:07 2014] <tautologico> standard booleans
[Wed Jul 30 23:58:16 2014] <tautologico> it doesn't matter, actually
[Wed Jul 30 23:58:36 2014] <tautologico> (if eq_nat_dec x x then A else B) should be A
[Thu Jul 31 00:00:06 2014] <tautologico> I'm doing something wrong, maybe I should be using ListSet or eq_nat_dec there
[Thu Jul 31 00:12:47 2014] <jrw> tautologico: if x isn't concrete, then that won't reduce by computation, you need to use the fact that eq_nat_dec is reflexive
[Thu Jul 31 00:14:01 2014] <tautologico> I tried to look for a reflexive property for it but couldn't find it
[Thu Jul 31 00:23:57 2014] <tautologico> I can get it to work using destruct, but it's not pretty
[Thu Jul 31 00:35:37 2014] <tautologico> I think ListSet may not be a good option for (computational) sets
[Thu Jul 31 04:10:57 2014] <vanila> Would anyone be able to help me with a recursive function im trying to define?
[Thu Jul 31 04:11:38 2014] <vanila> http://pastebin.com/hQYyY078 I just added the Askipif case, and the compiler seems to go into an infinite loop
[Thu Jul 31 04:16:48 2014] <vanila> oh actually i have to fix something else first, then i'll try this again
[Thu Jul 31 05:29:46 2014] <vanila> How do I register a new equality relation?
[Thu Jul 31 10:27:25 2014] <vanila> I'm trying to prove a simpler compiler correct but the type dependency keeps causing problems (like blocking rewrite)
[Thu Jul 31 10:27:43 2014] <vanila> what should I read to learn to fix this? I've already been reading coq'art and cpdt
[Thu Jul 31 10:28:55 2014] <ianjneu> vanila: docs for ssreflect
[Thu Jul 31 10:29:13 2014] <vanila> great, thanks
[Thu Jul 31 10:37:27 2014] <shergill> ooc, what're the limitations with regards to what is provable in coq?
[Thu Jul 31 10:39:45 2014] <ianjneu> shergill: that's a really open-ended question. What exactly are you looking for in an answer?
[Thu Jul 31 10:42:03 2014] <Anarchos> ianjneu what is ssreflect ?
[Thu Jul 31 10:42:54 2014] <shergill> ianjneu: well i'm aware that certain constraints that coq imposes (such as strict positivity) are more constraining than what is strictly required. i am curious what impact that has on the space of things which can be proven (or perhaps the space of techniques which you have at your disposal to construct a proof with)
[Thu Jul 31 10:45:13 2014] <ianjneu> Anarchos: a tactic language developed by Gonthier et al. It does more conversions for rewriting, so you don't get stuck simpl'ing and unfolding, etc.
[Thu Jul 31 10:45:25 2014] <ianjneu> Of course there's a lot more to it than that.
[Thu Jul 31 10:47:39 2014] <ianjneu> shergill: The problem of higher-order termination does not have a satisfying solution for modular termination proofs, so you end up having to have concrete representations of your datatypes available if you want to use higher-order functions recursively. I think that's a major roadblock that no one has solved.
[Thu Jul 31 10:48:19 2014] <ianjneu> By
[Thu Jul 31 10:50:44 2014] <ianjneu> My go-to example is trying to use an abstract finite function type family to define a closure datatype, i.e. Closure := closure : LambdaTerm -> FiniteFunction Name Closure -> Closure.
[Thu Jul 31 10:52:00 2014] <ianjneu> HoTT researchers are looking for more "semantic" criteria for defining inductive datatypes, but I don't know what the status of that search is.
[Thu Jul 31 11:00:19 2014] <vanila> I skimmed through the ssreflect manual and I don't really see how this could help me
[Thu Jul 31 11:24:35 2014] <ianjneu> vanila: what do you mean by blocking rewrite then?
[Thu Jul 31 11:30:00 2014] <vanila> it cant generalize the goals to apply eq_rect because of dependent indices
[Thu Jul 31 11:32:27 2014] <ianjneu> do you have a small example?
[Thu Jul 31 11:33:17 2014] <vanila> it's not very small - I could post a summary along with the whole code
[Thu Jul 31 11:33:33 2014] <ianjneu> you likely have to transport your equalities through the indices. Heterogeneous equality is a hack that HoTT addresses.
[Thu Jul 31 11:34:17 2014] <vanila> this sounds a lot harder than I think i can manage :(
[Thu Jul 31 11:35:05 2014] <vanila> my file is 334 lines
[Thu Jul 31 11:35:10 2014] <ianjneu> paste it.
[Thu Jul 31 11:35:16 2014] <ianjneu> I'll take a stab at it
[Thu Jul 31 11:36:44 2014] <vanila> ok thanks!
[Thu Jul 31 11:36:48 2014] <vanila> http://pastebin.com/wRfR8tuh
[Thu Jul 31 11:36:48 2014] <vanila> s
[Thu Jul 31 11:36:49 2014] <vanila> so
[Thu Jul 31 11:37:26 2014] <vanila> I define E with tagless interpreter, then line 40 to 120 is some weird hacking that I was desperately trying - can ignore this
[Thu Jul 31 11:37:49 2014] <vanila> then I defined stack based "assembly instructions" A with an interpreter
[Thu Jul 31 11:38:10 2014] <vanila> then the compiler that I want to prove preserves meaning
[Thu Jul 31 11:38:45 2014] <vanila> and then etype_eq_list expresses that true booleans get compiled to any number other than zero, false booleans are 0
[Thu Jul 31 11:40:51 2014] <vanila> then in the proof at line 308 I can't progress because I have "etype_of e2" that I can't rewrite - because of the type dependency problem
[Thu Jul 31 11:41:33 2014] <vanila> I guess that I basically need to find a completely different way to do this: I tried using a tagged interpreter and the maybe monad - but then I can't even get this far in the proof because all the monad binds block applying induction hyps
[Thu Jul 31 11:41:57 2014] <vanila> but any kind of nudge in an interesting direction would be helpful
[Thu Jul 31 11:57:15 2014] <Anarchos> vanila what kind of compiler ?
[Thu Jul 31 11:57:22 2014] <Anarchos> vanila did you look at compcert sources ?
[Thu Jul 31 11:57:34 2014] <vanila> just simple arithmetic and boolean expressions with if
[Thu Jul 31 11:57:58 2014] <vanila> im googling about for papers/slides that might help
[Thu Jul 31 12:06:41 2014] <ianjneu> baby is hindering...
[Thu Jul 31 12:07:54 2014] <ianjneu> the high level is that you need to generalize by the type and use match's return to match on the type and give unit in the impossible cases.
[Thu Jul 31 12:08:19 2014] <vanila> ah
[Thu Jul 31 12:08:46 2014] <vanila> neat, I think that might work
[Thu Jul 31 12:09:34 2014] <ianjneu> Agda's sugar for this pattern is the absurd form. lambda()
[Thu Jul 31 12:50:24 2014] <ianjneu> vanila: how goes?
[Thu Jul 31 12:50:36 2014] <vanila> good, thanks for the idea!
[Thu Jul 31 13:20:08 2014] <esennesh> hi, bloody-stupid question to ask here.
[Thu Jul 31 13:20:51 2014] <esennesh> I've defined two mutual inductives in Type (inductively-defined data-types) and also defined a mutually-inductive predicate (inductive Prop) over them.
[Thu Jul 31 13:21:07 2014] <esennesh> Now I want to prove properties of the inductive Prop, such as its reflexive property.
[Thu Jul 31 13:21:20 2014] <esennesh> the mutual induction schemes I've read about how to create seem to help for later theorems, but not for this.
[Thu Jul 31 13:21:25 2014] <esennesh> what can I do here?
[Thu Jul 31 13:45:42 2014] <ianjneu> esennesh: are you stating reflexivity properties for both types and trying to prove them at the same time?
[Thu Jul 31 13:46:34 2014] <ianjneu> You'll want to have a scheme that takes a "tag" for which type you're talking about, and state your theorem wrt a given tag.
[Thu Jul 31 13:55:38 2014] <esennesh> ok, though I actually figured out how to just write down the predicate I wanted as a function returning bool and prove the appropriate properties over it.
[Thu Jul 31 13:55:41 2014] <esennesh> Thanks!
[Thu Jul 31 14:25:54 2014] <Ainieco> hello
[Thu Jul 31 14:28:51 2014] <Ainieco> http://lpaste.net/6060138596264837120 during simplification Coq gave me weird result - what sense does "(rev n)" make since n is a nat, it doesn't typecheck in my head
[Thu Jul 31 14:29:56 2014] <jrw> Ainieco: look at the context, n is a natlist.
[Thu Jul 31 14:30:09 2014] <jrw> l1' is a nat
[Thu Jul 31 14:30:15 2014] <jrw> strangely named, I agree
[Thu Jul 31 14:30:26 2014] <Ainieco> ugh, i flipped it accidentally
[Thu Jul 31 14:30:28 2014] <Ainieco> sorry
[Thu Jul 31 14:30:49 2014] <jrw> no worries :)
[Thu Jul 31 14:43:18 2014] <Elision> is there a good general reference forsyntax?
[Thu Jul 31 14:43:55 2014] <Elision> working through some stuff in the HoTT book and it's confusing trying to figure out where to put foralls and stuff
[Thu Jul 31 14:44:47 2014] <ystael> Elision: you mean other than the Coq reference manual?
[Thu Jul 31 14:44:48 2014] <Ainieco> Elision: http://coq.inria.fr/distrib/current/refman/
[Thu Jul 31 14:46:10 2014] <Elision> aha
[Thu Jul 31 14:46:22 2014] <Elision> I'd only ever found tutorials that skip over stuff I really want to know
[Thu Jul 31 14:46:23 2014] <Elision> thanks
[Thu Jul 31 14:46:39 2014] <johnw> Elision: what kind of stuff do you really want to know?
[Thu Jul 31 14:48:11 2014] <Anarchos> Elision there is coq code in the HoTT book ??
[Thu Jul 31 14:48:13 2014] <Elision> stuff about types :p
[Thu Jul 31 14:48:34 2014] <Elision> Anarchos: no, I'm trying to implement some of the stuff in the first chapter in coq right now
[Thu Jul 31 14:48:53 2014] <Elision> see if I can verifiably prove my solutions to the exercises :p
[Thu Jul 31 14:50:01 2014] <Elision> they do mention it at times, and I know there's a library/plugin/whatever to coq for working specifically on it, though
[Thu Jul 31 14:50:57 2014] <johnw> Elision: see also https://github.com/HoTT/HoTT/tree/master/coq/theories
[Thu Jul 31 14:51:28 2014] <Elision> yeah that's what I was talking about
[Thu Jul 31 14:51:44 2014] <Elision> gonna be adding to that in the fall, hopefully, in a research course
[Thu Jul 31 14:51:52 2014] <johnw> nice!
[Thu Jul 31 14:52:20 2014] <Elision> but I want to start from scratch right now to make sure I really understand the fundamentals
[Thu Jul 31 14:54:18 2014] <johnw> if you can understand the fundamentals of HoTT, I say more power to you :)
[Thu Jul 31 14:54:53 2014] <Elision> :p
[Thu Jul 31 14:57:08 2014] <ystael> Elision: Until recently you needed the fork of Coq at https://github.com/HoTT/coq to use the HoTT library.  I _think_ that those changes are now on Coq master so if you build current master the HoTT library will work with that too?  I'm not sure.
[Thu Jul 31 14:57:57 2014] <johnw> What's coming in 8.5?
[Thu Jul 31 14:58:00 2014] <Elision> I read something like that... I'm sure my advisor knows how to get it all set up if I have any trouble, since he suggested the project
[Thu Jul 31 14:58:14 2014] <johnw> I started with 8.4, and already use several features that I didn't realize never existed previously
[Thu Jul 31 15:02:50 2014] <Elision> does anyone really use anything other than coqide and the emacs bindings?
[Thu Jul 31 15:04:56 2014] <Ainieco> ystael: like which changes?
[Thu Jul 31 15:06:55 2014] <osa1> Elision: I use vim plugin
[Thu Jul 31 15:08:11 2014] <ystael> Ainieco: I don't know exactly what the issues were -- I believe the biggest one had something to do with universe polymorphism?
[Thu Jul 31 15:08:29 2014] <ystael> I mostly used Agda rather than Coq for HoTT hacking so I don't know the details
[Thu Jul 31 15:09:41 2014] <Elision> osa1: ooh! it works well, then?
[Thu Jul 31 15:09:57 2014] <osa1> Elision: it works very well except for one problem.
[Thu Jul 31 15:10:31 2014] <johnw> how different is the experience doing it in Agda?
[Thu Jul 31 15:10:32 2014] <osa1> Elision: you can't use some commands that coqide allows you to use
[Thu Jul 31 15:10:40 2014] <Elision> oh :|
[Thu Jul 31 15:10:58 2014] <Elision> this is, uh, coquille? or something?
[Thu Jul 31 15:11:01 2014] <osa1> there are mostly commands that are useful for debugging. when I really need them I just fire coqide and try there
[Thu Jul 31 15:11:25 2014] <osa1> not coquille, the one listed in vim.org. you need to modify it because colors are hard-coded and won't match with your color scheme
[Thu Jul 31 15:11:36 2014] <Elision> ah
[Thu Jul 31 15:11:38 2014] <osa1> I had some problems with coquille but I don't remembe what was the problems were
[Thu Jul 31 15:12:08 2014] <Elision> I feel like I tried it a while ago and couldn't get it to do anything
[Thu Jul 31 15:12:34 2014] <osa1> interesting. I'm using it for months now. you can see my vim setup at github.com/osa1/rcbackup if you need help
[Thu Jul 31 15:13:21 2014] <ystael> johnw: I think the differences between working in Coq and in Agda are similar between HoTT and other things: Agda has a more flexible syntax (if you like to go nuts with Unicode math symbols, which I do) and is simpler and more regular.  BUT you have to construct your terms semi-manually, whereas Coq has tactics.
[Thu Jul 31 15:13:50 2014] <ystael> If what you are doing is working through the HoTT book, constructing proof terms semi-manually is actually OK, becaues it helps understand what's going on.
[Thu Jul 31 15:14:36 2014] <ystael> (I say "semi-manually" because the Emacs mode provides some automation tools analogous to the behavior of simple Coq tactics, so you're pretty much required to use the Emacs mode.)
[Thu Jul 31 15:14:41 2014] <Elision> osa1: that is, I couldn't get coquille to do anything
[Thu Jul 31 15:15:54 2014] <ystael> johnw: Adam Chlipala says the value of tactic-based proof automation basically dominates the value of all other design choices once you get into bigger developments, so Agda is ultimately not useful.  I don't have enough experience to have an opinion yet.
[Thu Jul 31 15:16:19 2014] <johnw> i've been trying out Adam's techniques
[Thu Jul 31 15:16:20 2014] <osa1> Elision: did you get an error about some Python libs? as far as I can remember I had a problem related with some Python modules but it was easy to fix.
[Thu Jul 31 15:16:24 2014] <johnw> it's certainly powerful stuff
[Thu Jul 31 15:16:33 2014] <Elision> osa1: no idea, this was in like march
[Thu Jul 31 15:16:53 2014] <Elision> I'll give the vim.org one a shot tonight
[Thu Jul 31 15:19:34 2014] <ystael> I can say that after writing some Agda code with heavy use of Unicode math symbols, I really, really miss them when going back to Coq (or any other programming language)
[Thu Jul 31 15:21:15 2014] <osa1> ystael: does Coq notations help for that?
[Thu Jul 31 15:21:17 2014] <Elision> I can see that in something like coq
[Thu Jul 31 15:21:33 2014] <Elision> but I'd rather not have unicode in source I have to maintain
[Thu Jul 31 15:22:36 2014] <ystael> Elision: My background is math, not computer science, so I am predisposed to consider the symbology worth the price
[Thu Jul 31 15:23:06 2014] <ystael> osa1: Yes, but it's just not as easy as Agda makes it
[Thu Jul 31 15:23:20 2014] <ystael> I haven't spent the time trying to get a unicode input method wired into Proof General for Coq
[Thu Jul 31 15:23:40 2014] <Elision> ystael: I come from both, but I consider programming from a mainly pragmatic viewpoint
[Thu Jul 31 15:24:00 2014] <Elision> in general, not in this specific instance
[Thu Jul 31 15:33:17 2014] <johnw> M-x proof-unicode-tokens-enable
[Thu Jul 31 15:33:28 2014] <johnw> I actually use Agda's input method in Coq files
[Thu Jul 31 15:33:42 2014] <johnw> C-x RET C-\, then pick Agda
[Thu Jul 31 16:02:41 2014] <ystael> johnw: it's that easy?! o_O
[Thu Jul 31 16:02:58 2014] <johnw> yeh
[Thu Jul 31 18:45:11 2014] <johnw> is there a tactac for unfold not. intros. inversion H.?
[Thu Jul 31 19:00:58 2014] <Cypi> johnw : in some cases, [discriminate]
[Thu Jul 31 21:35:10 2014] <Hodapp> eegad. Is pup_to_2_ceval in Imp.v an exercise - or a penance for using imperative languages all my life?
[Thu Jul 31 21:59:09 2014] <Hodapp> http://www.cis.upenn.edu/~bcpierce/sf/current/Imp.html#lab426 - do they mean "partial function" here, as opposed to a relation that is not a function? Not as opposed to a total function?
[Thu Jul 31 22:10:31 2014] <Cypi> Hodapp: yes. He basically says "This is good, we don't have a total function anyway. However, is it still at least a function?"
[Thu Jul 31 22:10:39 2014] <Cypi> s/anyway/anymore/
[Thu Jul 31 22:47:55 2014] <Hodapp> the confusion was that they phrased it as, "Is the second definition of evaluation actually a partial function?  That is, is it possible that, beginning from the same state [st], we could evaluate some command [c] in different ways to reach two different output states [st'] and [st'']?"
[Thu Jul 31 22:48:24 2014] <Hodapp> asking if it is a partial function, is not the same as asking that "That is..." question
[Thu Jul 31 22:48:59 2014] <Hodapp> as the latter is asking if it's *not* a partial function
[Thu Jul 31 22:49:56 2014] <Cypi> Ah, I see. I didn't see it as confusing, but English is not my native tongue, so maybe I wasn't mislead by the "That is..." :p
[Thu Jul 31 22:51:26 2014] <vanila> when you're talking about Coq "function" means "total function"
[Thu Jul 31 22:52:14 2014] <Cypi> In this sentence, Pierce wasn't talking about Coq functions, he was really speaking of some relation he defined inductively.
[Thu Jul 31 22:52:20 2014] <vanila> so he's saying "partial function" to avoid implying that it's total
[Thu Jul 31 23:01:14 2014] <Hodapp> My confusion is that starting a sentence with, "That is," should follow with a restatement of something earlier - not a restatement of its opposite.
[Thu Jul 31 23:01:43 2014] <Cypi> Well, for me, asking "P ?" and "Not P ?" is the same thing :p
[Thu Jul 31 23:02:06 2014] <vanila>  But it also raises a question: Is the second definition of evaluation actually a partial function? That is, is it possible that, beginning from the same state st, we could evaluate some command c in different ways to reach two different output states st' and st''?
[Thu Jul 31 23:02:17 2014] <vanila> "that is" is continuing on from the question
[Thu Jul 31 23:02:34 2014] <vanila> he's elaborating
[Thu Jul 31 23:10:47 2014] <Hodapp> "But it also raises a question: Is it a triangle? That is, does it have four sides?"
[Thu Jul 31 23:11:32 2014] <Hodapp> Now suppose you're not entirely certain what 'triangle' is meant to contrast with.
[Thu Jul 31 23:12:07 2014] <vanila> I mean, I could argue more - but this is silly
[Thu Jul 31 23:12:32 2014] <vanila> whether or not something has four sides doesn't say if it's a triangle or not
[Thu Jul 31 23:12:49 2014] <vanila> whether or not something 'can be evaluating two different ways' does determine if it's a function or not
[Thu Jul 31 23:14:38 2014] <Hodapp> If it has four sides, it is not a triangle. If it can be evaluated two different ways, it is not a function.
[Thu Jul 31 23:18:29 2014] <Cypi> "four sides" implies "not a triangle", but is not equivalent to "not a triangle". "it can be evaluated two different ways" is equivalent to "not a function"
[Thu Jul 31 23:18:35 2014] <Cypi> At least I see it this way
[Thu Jul 31 23:18:48 2014] <vanila> yeah that's what I was trying to say
[Thu Jul 31 23:19:43 2014] <vanila> don't get me wrong - if you were proof-reading/editing this book it would be right to bring this up
[Thu Jul 31 23:19:58 2014] <vanila> but if you're trying to learn Coq or something, just read on
[Thu Jul 31 23:26:31 2014] <Hodapp> That is, I should examine the wording further?
[Thu Jul 31 23:27:11 2014] <vanila> lol
[Thu Jul 31 23:27:24 2014] <Hodapp> ;)
[Fri Aug  1 00:32:57 2014] <yukko> do any of you have any opinions on what the best way to represent a two-dimensional grid (like a game board for chess or shogi or something) in coq might be?
[Fri Aug  1 00:34:42 2014] <yukko> right now I have board (w h : nat) := {x | x < w} -> {y | y < h} -> tile where tile is whatever gets put on the board
[Fri Aug  1 00:36:28 2014] <yukko> I've also seen people use lists of lists but that makes certain operations (like anything dealing with columns instead of rows) a bit complicated
[Fri Aug  1 00:58:19 2014] <jrw> yukko: it really depends on what you're trying to do with it, but I would tend to stay away from a function taking sigmas for this. either use a function that takes nats and returns a bogus tile when the coordinates are out of bounds, or use a list of lists
[Fri Aug  1 01:01:42 2014] <yukko> but then wouldn't a board be infinitely large and difficult to write proofs about?
[Fri Aug  1 01:02:17 2014] <jrw> yukko: like I said, it depends. it would be infinitely large but you'd only ever use the in bounds cells
[Fri Aug  1 01:02:36 2014] <jrw> depending on what you're proving, this can actually make things easier or harder
[Fri Aug  1 01:02:44 2014] <jrw> another option would be a vector of vectors
[Fri Aug  1 01:02:50 2014] <jrw> which can be indexed by fins
[Fri Aug  1 01:05:27 2014] <yukko> oh that's true!
[Fri Aug  1 04:20:16 2014] <Ainieco> hello
[Fri Aug  1 04:20:50 2014] <Ainieco> having troubles to come up with "an interesting theorem about bags involving the functions [count] and [sum]"
[Fri Aug  1 04:21:10 2014] <Ainieco> what interesting could be proven about these functions and bags?
[Fri Aug  1 04:22:13 2014] <vanila> what are those?
[Fri Aug  1 04:22:59 2014] <roosbeef> bags are like mulitsets right?
[Fri Aug  1 04:23:01 2014] <Ainieco> vanila: bag - list of nats, sum - sum of nats in list, count - count of elements in bag
[Fri Aug  1 04:23:04 2014] <roosbeef> multi*
[Fri Aug  1 04:23:18 2014] <Ainieco> roosbeef: yup
[Fri Aug  1 04:23:28 2014] <vanila> count unique elements of the list?
[Fri Aug  1 04:23:48 2014] <vanila> can I see the formal definitions?
[Fri Aug  1 04:24:20 2014] <Ainieco> count 1 s = 1 -> S (sum s) looks kind of boring.
[Fri Aug  1 04:24:57 2014] <Ainieco> vanila: http://www.cis.upenn.edu/~bcpierce/sf/current/Lists.html that's what i'm doing
[Fri Aug  1 04:26:12 2014] <Ainieco> vanila: one sec ,i'll extract it for you
[Fri Aug  1 04:26:17 2014] <vanila> that's ok I see it!
[Fri Aug  1 04:27:10 2014] <Ainieco> oh, sum does not sums nats... it's just an ++ for list.
[Fri Aug  1 04:27:18 2014] <Ainieco> sorry got confused by name
[Fri Aug  1 04:27:24 2014] <Elision> oh
[Fri Aug  1 04:27:33 2014] <vanila> count a s + count a s' = count a (sum s s')
[Fri Aug  1 04:28:35 2014] <Ainieco> vanila: that's interesting! thank you!
[Fri Aug  1 04:45:17 2014] <Ainieco> how can i define such theorem? http://vpaste.net/v4icy
[Fri Aug  1 04:46:31 2014] <Ainieco> Theorem match_bool_nat_distr : forall (bool : Boolean) (a b c : nat), ???.
[Fri Aug  1 04:46:46 2014] <Ainieco> what should be in place of "???" ?
[Fri Aug  1 04:48:14 2014] <Ainieco> or does my pseudo theorem on vpaste is valid enough for coq?
[Fri Aug  1 04:50:02 2014] <Ainieco> heh, actually it is. :)
[Fri Aug  1 04:51:38 2014] <Ainieco> vanila: yay!  proved yout theorem. :)
[Fri Aug  1 04:51:48 2014] <Ainieco> * feels smart
[Fri Aug  1 04:56:04 2014] <vanila> well done :)
[Fri Aug  1 05:04:22 2014] <Ainieco> does it "f x = f y -> x = y" called "congruence"?
[Fri Aug  1 05:04:39 2014] <vanila> injectivity
[Fri Aug  1 05:08:42 2014] <Ainieco> vanila: hm, in agda they have cong with type "{A B : Set} {f : A -> B} {x y : A} -> x = y -> f x -> f y"
[Fri Aug  1 05:09:05 2014] <Ainieco> so "f x = f y -> x = y" injectivity and "x = y -> f x -> f y" is congruence?
[Fri Aug  1 05:09:18 2014] <vanila> yes
[Fri Aug  1 05:09:36 2014] <Ainieco> vanila: got it, thanks!
[Fri Aug  1 05:13:05 2014] <Ainieco> oh, "x = y -> f x -> f y" should be "x = y -> f x = f y", but i guess you've got what i meant anyway. :)
[Fri Aug  1 05:18:52 2014] <Ainieco> having hard time proving "Theorem injectivity : forall (A B : Type) (f : A -> B) (x y : A), f x = f y -> x = y.".
[Fri Aug  1 05:19:13 2014] <Ainieco> just don't know how to start...
[Fri Aug  1 05:19:36 2014] <Ainieco> "intros A B f x y H." and then i'm stuck.
[Fri Aug  1 05:20:39 2014] <vanila> Ainieco, let f be the constant function from bool to 0
[Fri Aug  1 05:20:54 2014] <vanila> f true = f false but true <> false
[Fri Aug  1 05:23:20 2014] <Ainieco> vanila: it's over my head for now i guess, haven't been introduced to "<>" in SF yet and don't know how to "let f be the constant function from bool to 0" in coq either. :)
[Fri Aug  1 05:23:33 2014] <vanila> <> means not equal
[Fri Aug  1 05:23:51 2014] <vanila> Definition f : bool -> nat := fun _ => 0.
[Fri Aug  1 05:24:21 2014] <Ainieco> just encountered "Theorem rev_inj : forall (l1 l2 : natlist), rev l1 = rev l2 -> l1 = l2." exercise in SF and tried to generalize solution via proving injectivity :)
[Fri Aug  1 05:24:43 2014] <Ainieco> vanila: but how can i use this definition within proof?
[Fri Aug  1 05:25:00 2014] <vanila> This is a counter-example to your theorem
[Fri Aug  1 05:25:27 2014] <Ainieco> vanila: ah, so my theorem is invalid, right?
[Fri Aug  1 05:25:33 2014] <vanila> that's right
[Fri Aug  1 05:25:40 2014] <vanila> not everytihng is injective, rev is special
[Fri Aug  1 05:25:54 2014] <Ainieco> okay, lesson learned.
[Fri Aug  1 05:32:52 2014] <Ainieco> found an easy way to prove rev_inj via fact that rev is involutive.
[Fri Aug  1 05:48:00 2014] <Ainieco> i wonder what's workflow for writing software in arbitrary language and proving properties about that software using coq. one thing bugs me, if coq doesn't support target lagnuage code generation then it possible to make typo/manual translation/etc mistakes.
[Fri Aug  1 05:48:26 2014] <Ainieco> that complete mystery to how did they proved their things http://sel4.systems/FAQ/proof.pml
[Fri Aug  1 05:48:43 2014] <Ainieco> they even excluded compiler and linker from trusted parties!
[Fri Aug  1 05:49:02 2014] <Ainieco> that's complete mystery to me*
[Fri Aug  1 05:49:58 2014] <vanila> sel4 uses isabelle
[Fri Aug  1 05:50:19 2014] <vanila> I could not build it :(
[Fri Aug  1 05:50:41 2014] <Hodapp> isn't there also a more in-depth paper on seL4?
[Fri Aug  1 05:51:03 2014] <Ainieco> vanila: isabell is proof asistant too, isn't it? So it's possible to do the same thing with coq, right?
[Fri Aug  1 05:51:16 2014] <vanila> Well I don't know about isabelle
[Fri Aug  1 05:51:19 2014] <vanila> so I can't say
[Fri Aug  1 05:51:33 2014] <vanila> I think so
[Fri Aug  1 05:52:15 2014] <Ainieco> vanila: but how would you exclude compiler and linker from trusted parties if you were proving things about you C code?
[Fri Aug  1 05:52:25 2014] <Hodapp> are 'target language code generation' and 'program extraction' vastly different?
[Fri Aug  1 05:52:42 2014] <Hodapp> as SF has http://www.cis.upenn.edu/~bcpierce/sf/current/Extraction.html
[Fri Aug  1 05:53:17 2014] <vanila> I think that the way sel4 claims to do this is by showing the assembly has the same meaning as the C code
[Fri Aug  1 05:53:23 2014] <Hodapp> and there is Bedrock as well, http://plv.csail.mit.edu/bedrock/
[Fri Aug  1 05:54:02 2014] <vanila> "There is a further proof that the binary code which executes on the hardware is a correct translation of the C code. This means that the compiler does not have to be trusted, and extends the functional correctness property to the binary. "
[Fri Aug  1 05:56:23 2014] <Ainieco> vanila: well, how that proof can be possible? did they proved that *some* of compilers transalte their C code correctly because i can't think of a way to abstract away compiler
[Fri Aug  1 05:57:33 2014] <Ainieco> vanila: sorry for being annoying on that topic, just excited about that magic.
[Fri Aug  1 05:58:43 2014] <vanila> I think their development includes a C compile
[Fri Aug  1 05:58:54 2014] <vanila> it's not annoying :)
[Fri Aug  1 05:58:56 2014] <bacam> Ainieco: By ignoring the compiler entirely, and showing that the model of the source code that they've proved correct is implemented by the machine code, without worrying about where the machine code came from.  (Although they use knowledge about the compiler to guide that proof)
[Fri Aug  1 05:59:04 2014] <vanila> oh I see
[Fri Aug  1 05:59:15 2014] <vanila> I was really excited about sel4 but I couldn't get it working, because of problems with running/building isabelle
[Fri Aug  1 05:59:24 2014] <vanila> so I haven't investigated it much
[Fri Aug  1 06:00:41 2014] <bacam> I didn't have much trouble rerunning the proofs, but it does use quite a lot of memory (it swapped a bit on my 8GB machine)
[Fri Aug  1 06:01:20 2014] <bacam> Although that probably doesn't include the machine code bit.
[Fri Aug  1 06:01:21 2014] <vanila> woah
[Fri Aug  1 06:01:24 2014] <vanila> that's gigantic
[Fri Aug  1 06:01:50 2014] <bacam> It's not the worst Isabelle development I've seen for that.
[Fri Aug  1 06:03:14 2014] <Ainieco> bacam: hm, so they're proved correctess of machine code ignoring compilers but end user still need to use compiler to build se4L, right?
[Fri Aug  1 06:04:21 2014] <bacam> If the end user really cares about correctness they ought to use the binary that was checked, or rerun the check themselves.
[Fri Aug  1 06:04:51 2014] <Ainieco> bacam: yeah, that all makes sense now
[Fri Aug  1 06:05:04 2014] <Ainieco> bacam: thanks for an explanation!
[Fri Aug  1 06:05:20 2014] <vanila> Ainieco, not related to seL4, but there is a C compiler developed in Coq called compcert - with correctness proofs
[Fri Aug  1 06:05:41 2014] <Ainieco> vanila: that's cool!
[Fri Aug  1 06:08:10 2014] <bacam> BTW, Andrew Appel's group have been working on verification using the language semantics for CompCert, which gives you strong guarantees about the machine code too via the compiler correctness theorem.
[Fri Aug  1 06:09:42 2014] <Hodapp> It's certainly interesting to work with developments like this after working for several years in software development where it was just assumed to be the case that formally correct software was an impossibility.
[Fri Aug  1 06:09:45 2014] <Ainieco> looks like compcert's site is down http://compcert.inria.fr/
[Fri Aug  1 06:10:18 2014] <vanila> meanwhile http://sel4.systems/ is up
[Fri Aug  1 06:10:26 2014] <vanila> "© 2014 NICTA. Terms of use · Contact us · privacy Served by Apache on Linux on seL4. "
[Fri Aug  1 06:11:11 2014] <Ainieco> >on Linux on seL4
[Fri Aug  1 06:11:12 2014] <Ainieco> wow
[Fri Aug  1 06:13:20 2014] <Hodapp> waaaait, Linux ON seL4?
[Fri Aug  1 06:13:54 2014] <Hodapp> oh, http://os.inf.tu-dresden.de/L4/LinuxOnL4/ maybe
[Fri Aug  1 06:18:31 2014] <Hodapp> http://l4android.org/ I suppose that's neat too
[Fri Aug  1 13:17:03 2014] <pumpkin360> Hi. I am doing SF exercises and encountered a problem, in the second chapter the book tells me to compile the module "Basic.v", and so I did. Never the less in the second chapter coq complains that it does not know "evenb". Anyone encountered similar problems ?
[Fri Aug  1 13:30:06 2014] <jrw> pumpkin360: are you working in the provided Induction.v file?
[Fri Aug  1 13:32:06 2014] <jrw> pumpkin360: also, the file is "Basics.v" not "Basic.v", maybe that's it?
[Fri Aug  1 13:51:34 2014] <pumpkin360> jrw: you solved my problem, thanks.
[Fri Aug  1 13:51:47 2014] <jrw> np
[Fri Aug  1 21:48:43 2014] <pumpkin360> Hi. I am reading software fundations and have a task to filter even elements from the list, but if statments were not covered yet, is it possible to filter even elements from the list using only pattern matching?
[Fri Aug  1 21:49:11 2014] <pumpkin360> Possible and reasonably complex.
[Fri Aug  1 21:50:21 2014] <Cypi> In which file is this?
[Fri Aug  1 21:50:48 2014] <pumpkin360> Cypi: Lists.v
[Fri Aug  1 21:51:05 2014] <pumpkin360> Cypi: line ~290
[Fri Aug  1 21:53:10 2014] <Cypi> Yes, I see it. I was just checking if indeed if statements were not covered yet, and it seems to be the case. I'm surprised :o
[Fri Aug  1 21:53:19 2014] <Cypi> (I used "if" for this exercise)
[Fri Aug  1 21:53:50 2014] <pumpkin360> Cypi: so will I do then. Thanks.
[Fri Aug  1 22:16:28 2014] <Hodapp> pumpkin360: I did not use 'if' statements in my own solution, it appears.
[Fri Aug  1 22:16:33 2014] <Hodapp> just pattern matching.
[Fri Aug  1 22:20:12 2014] <Cypi> Hmm, I wonder how you did it exactly then
[Fri Aug  1 22:46:32 2014] <pumpkin360> Hodapp: Can I see it?
[Sun Aug  3 07:40:09 2014] <schoppenhauer> hello. are there any collections and dictionaries in coq?
[Sun Aug  3 09:00:20 2014] <alkabetz> There are dictionaries; they’re called ‘finite maps’ (e.g., the [FMaps] module).  What other collections do you need?
[Sun Aug  3 09:17:20 2014] <schoppenhauer> alkabetz: I need maps which can be efficiently changed elementwise.
[Sun Aug  3 09:40:32 2014] <pumpkin360> Cypi: I know how he ommited using if statements - we can match on anything, on the predicate return value in particular so, match a | true => true | false => false end. := if a then true else false
[Sun Aug  3 09:50:27 2014] <Cypi> Ah, alright
[Sun Aug  3 09:50:37 2014] <Cypi> Thanks
[Sun Aug  3 09:53:37 2014] <pumpkin360> btw. I find Coq syntax extremely cumbersome, I guess that it is connected with the fact that it is a DSL less convenient for general purpose programming? Or maybe because it is old?
[Sun Aug  3 09:55:23 2014] <pumpkin360> (comparing to Haskell because that is probably the most similar language)
[Sun Aug  3 09:57:22 2014] <Cypi> I don't know, I don't find it that cumbersome :o
[Sun Aug  3 10:00:17 2014] <pumpkin360> maybe it is a matter of little experience. I am just starting to learn but do not even think I will understand the rules of type inference anytime soon.
[Sun Aug  3 10:00:35 2014] <pumpkin360> and the syntax of giving types to things.
[Sun Aug  3 10:02:07 2014] <Hodapp> pumpkin360: I got your response a bit late. Do you still want to see mine?
[Sun Aug  3 10:15:20 2014] <pumpkin360> Hodapp: no, I figured it out how to do it.
[Sun Aug  3 10:15:31 2014] <pumpkin360> Hodapp: but thanks.
[Sun Aug  3 11:12:51 2014] <Anarchos> pumpkin360 if you had a math background, you would not find typing difficult to understand at all
[Sun Aug  3 11:13:42 2014] <vanila> hey I did math and folk could not proe x + y = y + x, don't assume match background helps anything :P
[Sun Aug  3 11:13:51 2014] <vanila> math background*
[Sun Aug  3 11:17:21 2014] <Cypi> Anarchos : I'm not sure a math background would help with typing dependent matches, that kind of things :-°
[Sun Aug  3 11:20:36 2014] <Anarchos> Cypi maybe i find things too easy there :)
[Sun Aug  3 11:20:47 2014] <vanila> in my country math is just memorize a bunch of bullshit, theorem names etc.
[Sun Aug  3 11:21:15 2014] <ianjneu> vanila: you in the US?
[Sun Aug  3 11:21:24 2014] <vanila> UK
[Sun Aug  3 11:21:50 2014] <vanila> it's a sad situation :(
[Sun Aug  3 11:21:55 2014] <ianjneu> so, similar education it appears.
[Sun Aug  3 11:22:20 2014] <pumpkin360> vanila: that's what it looks like in many countries I guess. I am learning SC and not maths - that helps :)
[Sun Aug  3 11:22:57 2014] <ianjneu> Lockhart's lament. Mathematicians have been trying to say there's so much more to math than what is taught in schools, and people write them off like industry writes off Haskellers.
[Sun Aug  3 11:23:05 2014] <ianjneu> "ya ya, know-it-alls."
[Sun Aug  3 11:24:33 2014] <pumpkin360> does it really write off Haskellers? I think that Haskell is getting more and more attention in industrial applications (it is not suited in many cases though)
[Sun Aug  3 11:27:15 2014] <ijp> specialised subgroup bemoans lack of wider acceptance by society, news at 11
[Sun Aug  3 11:27:42 2014] <vanila> What is SC?
[Sun Aug  3 11:27:58 2014] <pumpkin360> vanila: sorry, was supposed to be CS
[Sun Aug  3 11:28:05 2014] <vanila> ah, CS was horrible for me :(
[Sun Aug  3 11:28:10 2014] <vanila> we were forced to make pets in second life
[Sun Aug  3 11:28:19 2014] <vanila> so I dropped CS and went to pure math, which has its own problems
[Sun Aug  3 11:28:35 2014] <vanila> like, we got marked on how nice our pets were.. and did a pet show
[Sun Aug  3 11:28:52 2014] <Cypi> o_o
[Sun Aug  3 11:29:38 2014] <vanila> so I think institutionalised education needs a revamp, or maybe it's just not about educating people
[Sun Aug  3 11:29:42 2014] <pumpkin360> vanila: since the next learn I will also be learning pure maths. Btw. we don't have such things on our University...
[Sun Aug  3 11:30:24 2014] <pumpkin360> ijp: aren't you a Schemer?
[Sun Aug  3 11:31:11 2014] <ijp> I'm many things
[Sun Aug  3 11:32:15 2014] <Anarchos> vanila  in my maths lessons, we did exhaustive demonstrations on about nearly 900 pages of hand written papers...
[Sun Aug  3 11:33:10 2014] <vanila> ok! hard work benefits well :)
[Sun Aug  3 11:35:12 2014] <pumpkin360> Oh, if we made a such big offtopic, I guess you may be fimilar with statistics/machine learning, what languages would you advice for it? Is R worth learning in particular?
[Sun Aug  3 11:35:56 2014] <vanila> well I think R is very nice, but I dont know about machine learning..
[Sun Aug  3 11:36:27 2014] <vanila> and yeay maybe we should start to talk about Coq some day :p I may start to work through pierce SF book today
[Sun Aug  3 11:37:44 2014] <pumpkin360> vanila: brace yourself, it gets boring very fast. I am in my 3 attempt to read it and hopeful won't give up too fast this time.
[Sun Aug  3 11:38:02 2014] <vanila> haha
[Sun Aug  3 11:38:06 2014] <vanila> I can skip the first couple chatpers
[Sun Aug  3 11:38:11 2014] <vanila> because I studied some other books already
[Sun Aug  3 11:38:21 2014] <Anarchos> vanila id did most of SF at work while being bored with silly bank java code :)
[Sun Aug  3 11:38:25 2014] <vanila> I'm just interested in how they formalize IMP, and prove things about it
[Sun Aug  3 11:38:30 2014] <vanila> Anarchos, hehe don't get caught !
[Sun Aug  3 11:40:57 2014] <pumpkin360> vanila: that may be a good idea. I have started from the beginning because Coq was new to me and was expecting to learn proving formatlly and the main thing I learnt in the first chapters is the syntax of another language which seems a bit archaic.
[Sun Aug  3 11:41:36 2014] <pumpkin360> vanila: and ugly - comparing to Haskell for example, but perhaps I will get used to it soon.
[Sun Aug  3 11:42:18 2014] <vanila> lol
[Sun Aug  3 11:42:21 2014] <vanila> it's based on ocaml
[Sun Aug  3 11:42:25 2014] <vanila> the syntax
[Sun Aug  3 11:42:42 2014] <vanila> I kind of agree, but I don't mind it much
[Sun Aug  3 11:42:48 2014] <pumpkin360> heard about it
[Sun Aug  3 11:42:59 2014] <vanila> the important thing is what's behind the syntax - which is very good
[Sun Aug  3 11:44:04 2014] <Anarchos> vanila IMP ?
[Sun Aug  3 11:44:53 2014] <vanila> one of the later chapers
[Sun Aug  3 11:44:54 2014] <pumpkin360> vanila: perhap you know - where in SF will the mechanism of checking proofs be described, I would really like to be able to know what can I do. Chapter "Logic" or "More Coq" ?
[Sun Aug  3 11:44:59 2014] <vanila> for imperative programming langauge
[Sun Aug  3 11:45:39 2014] <vanila> pumpkin360, I don't know if it goes into the theory much - but it's quite simple. Checking proofs is just type checking lambda calculus terms
[Sun Aug  3 11:45:44 2014] <Anarchos> pumpkin360 what do you mean by "the mechanism of checking proofs" ?
[Sun Aug  3 11:45:54 2014] <vanila> all the tactics in Coq do is create lambda terms, for the core proof checker to look at
[Sun Aug  3 11:45:57 2014] <Anarchos> vanila you answered faster than me
[Sun Aug  3 11:46:53 2014] <pumpkin360> and the "core proof checker" is some simple algorithm operating on lambda calculus ?
[Sun Aug  3 11:48:28 2014] <vanila> yes
[Sun Aug  3 11:49:04 2014] <Cypi> There are just some complications to ensure termination I believe.
[Sun Aug  3 11:49:10 2014] <vanila> The fundamental idea is that any complicated things can be expressed in terms of a simple core - so that you have less assumptions to worry about to see what is a valid proof
[Sun Aug  3 11:49:30 2014] <vanila> Do you know the simple typed lambda calculus?
[Sun Aug  3 11:50:13 2014] <pumpkin360> and tactics will be described in MoreCoq.
[Sun Aug  3 11:50:16 2014] <pumpkin360> a little bit
[Sun Aug  3 11:50:41 2014] <vanila> it can serve as a proof language for constructive propositional logic
[Sun Aug  3 11:50:46 2014] <vanila> like P -> P is proved by \p -> p
[Sun Aug  3 11:51:15 2014] <pumpkin360> vanila: ok. I will read about it a bit then, and about Coq tactics.
[Sun Aug  3 11:51:37 2014] <vanila> and Coq is just a more powerful lambda calculus plus data types.. plus pattern matching
[Sun Aug  3 11:51:45 2014] <vanila> at least the core is
[Sun Aug  3 11:53:47 2014] <Anarchos> pumpkin360 do you know the curry howard correspondance ?
[Sun Aug  3 13:02:55 2014] <pumpkin360> Anarchos: Only hear about it, that it states that proves are equal to programs
[Sun Aug  3 13:04:50 2014] <vanila> it's like how I said  \p -> p  proves P -> P
[Sun Aug  3 13:05:04 2014] <vanila> that proof is a "program" in lambda calculus
[Sun Aug  3 13:05:31 2014] <Anarchos> pumpkin360 ok. If you can get a glance at it, it is really interesting
[Sun Aug  3 13:54:41 2014] <tautologico> is there a way to say "in this file, this implicit argument is always equal to T"?
[Sun Aug  3 13:57:05 2014] <vanila> You can use sections
[Sun Aug  3 13:57:11 2014] <vanila> and define it as a parameter
[Sun Aug  3 13:57:30 2014] <vanila> http://coq.inria.fr/library/Coq.Init.Wf.html for example
[Sun Aug  3 13:57:42 2014] <vanila> Variable A : Type, Variable R
[Sun Aug  3 13:58:04 2014] <tautologico> yes, my situation is
[Sun Aug  3 13:58:34 2014] <tautologico> I'm using ListSet, and it defines a section with an hypothesis Aeq_dec to say that the type A of elements has decidable equality
[Sun Aug  3 13:58:56 2014] <tautologico> I'm using it for sets of nats, but I have to pass eq_nat_dec all the time as a parameter
[Sun Aug  3 13:59:12 2014] <tautologico> I'd like to fix Aeq_dec as equal to eq_nat_dec
[Sun Aug  3 14:00:40 2014] <vanila> oh you're on the other side,  I see - sorry I don't know how to solve that
[Sun Aug  3 14:00:51 2014] <Ainieco> hello
[Sun Aug  3 14:01:05 2014] <tautologico> thanks anyway :) I think this may be solved using modules or type classes
[Sun Aug  3 14:01:13 2014] <tautologico> but it's just for convenience
[Sun Aug  3 14:02:03 2014] <Ainieco> why does "map f t" has " list (list Y)" type http://lpaste.net/4199287390424006656 ?
[Sun Aug  3 14:02:47 2014] <vanila> Ainieco, you use map instead of flat_map
[Sun Aug  3 14:02:55 2014] <Ainieco> ohhh
[Sun Aug  3 14:03:07 2014] <tautologico> yes
[Sun Aug  3 14:03:12 2014] <Ainieco> thanks for pointing it out :)
[Sun Aug  3 14:03:16 2014] <tautologico> t : list X, f : X -> list Y
[Sun Aug  3 14:04:02 2014] <ianjneu> never use modules unless you're exporting hint databases and notations.
[Sun Aug  3 14:04:51 2014] <Ainieco> * needs more coffee
[Sun Aug  3 14:04:56 2014] <tautologico> so type classes then
[Sun Aug  3 14:06:19 2014] <ianjneu> * just downed a 4-shot americano.
[Sun Aug  3 14:06:59 2014] <tautologico> a 4-shot americano is about the same as 1 espresso, in terms of caffeine? :)
[Sun Aug  3 14:08:50 2014] <ianjneu> 4 shots of espresso, with water added = 4-shot americano
[Sun Aug  3 14:09:25 2014] <tautologico> I see
[Sun Aug  3 14:09:40 2014] <tautologico> I only associate "americano" with "weak coffee"
[Sun Aug  3 14:11:14 2014] <ianjneu> definitely not the case.
[Sun Aug  3 14:11:57 2014] <ianjneu> well, depends on how much water you add, TBH
[Sun Aug  3 14:12:03 2014] <tautologico> yes
[Sun Aug  3 14:12:28 2014] <tautologico> it's the water... and basically every coffee I had in the US was weak
[Sun Aug  3 14:13:04 2014] <tautologico> I prefer to drink espresso or ristretto
[Sun Aug  3 14:14:45 2014] <tautologico> is there a good way to say that a list of sets is disjunct, with good theorems about this?
[Sun Aug  3 14:15:42 2014] <tautologico> i.e. given a list of sets I want a Prop that says they're disjunct, and an easy way to establish that a member of one of them is not a member of the others
[Sun Aug  3 14:17:01 2014] <schoppenhauer> hm. is there some way of having fast arrays in coq? like monads or uniqueness types would do?
[Sun Aug  3 14:18:01 2014] <tautologico> do you want them to extract to arrays?
[Sun Aug  3 14:18:32 2014] <schoppenhauer> yes
[Sun Aug  3 14:18:53 2014] <schoppenhauer> i want a blob. and do stuff on that blob.
[Sun Aug  3 14:19:52 2014] <schoppenhauer> i can (and probably will) use a tree if that is necessary
[Sun Aug  3 14:20:02 2014] <schoppenhauer> it just would be nice
[Sun Aug  3 14:20:30 2014] <tautologico> I don't know if there's something like that already
[Sun Aug  3 14:42:49 2014] <Ainieco> huh, kind of unexpcted to see these kind of things about proof assistants, but well this is japan apparantly http://p.twpl.jp/show/orig/qGEap
[Sun Aug  3 14:46:10 2014] <vanila> http://p.twpl.jp/show/orig/FslzM
[Sun Aug  3 14:46:55 2014] <Ainieco> they even have stickers... http://f.st-hatena.com/images/fotolife/a/akuraru/20130622/20130622214252.jpg
[Sun Aug  3 14:47:17 2014] <vanila> haha
[Sun Aug  3 14:47:36 2014] <Ainieco> cute proof general :)
[Sun Aug  3 14:47:48 2014] <vanila> it's from #ProofCafe
[Sun Aug  3 14:47:54 2014] <vanila> japanese formal methods club
[Sun Aug  3 14:48:19 2014] <vanila> https://twitter.com/search?q=%23ProofCafe
[Sun Aug  3 14:51:29 2014] <vanila> http://f.hatena.ne.jp/akuraru/20130622214454
[Sun Aug  3 15:54:38 2014] <Ainieco> what is the difference between "rewrite" and "apply" tactics, it looks like "apply" can do quite a lot of different things at same time'
[Sun Aug  3 15:56:05 2014] <Ainieco> so far i'm thinking about "apply" as about "simpl + rewrite" or "rewrite + reflexivity"
[Sun Aug  3 15:56:19 2014] <Ainieco> but i don't have clear understanding what it actually does
[Sun Aug  3 15:56:49 2014] <ianjneu> Ainieco: apply deals with Goals (or targets) of form G and uses a hypothesis of form H ... -> G. Rewrite allows you to change subterms in a target, using equality or more generally equivalence relations that are respected.
[Sun Aug  3 15:57:45 2014] <ianjneu> You can't "apply" a hypothesis of form H <-> H', but you can rewrite it.
[Sun Aug  3 16:00:56 2014] <Cypi> Actually you can apply a hypothesis of form H <-> H'.
[Sun Aug  3 16:01:59 2014] <Cypi> and unless I'm mistaken, you cannot rewrite it without [Require Import Setoid.] or something like that.
[Sun Aug  3 16:06:30 2014] <Ainieco> hm, so when i have goal G and hypothesis of form A = B then if rewriting G using H solves G then "apply" acts as "rewrite + reflexivity". but if H has form of H ... -> H then what happens?
[Sun Aug  3 16:06:51 2014] <Ainieco> H ... -> G*
[Sun Aug  3 16:12:36 2014] <Ainieco> let me rephrase
[Sun Aug  3 16:13:50 2014] <Ainieco> http://lpaste.net/7982070606491287552 what happened after "apply H1."? does it substituted current goal with premise of H1, correct?
[Sun Aug  3 16:18:46 2014] <Ainieco> if so then what happens when there is no premises, e.g., when theorem being applied is just proven equality?
[Sun Aug  3 16:18:48 2014] <ianjneu> there is no rewrite + reflexivity happening here. In order to make H1's conclusion match the goal, it determined n = 3. It now needs to know that evenb 3 = true, because it doesn't backchain to fulfil obligations.
[Sun Aug  3 16:19:55 2014] <jrw> Ainieco: for now think of rewrite as having to do with equality. if you have a hypothesis H : a = b, and a appears in the goal, then "rewrite H" will replace that occurence of a with b.
[Sun Aug  3 16:20:03 2014] <ianjneu> Just like if you have a goal of bool and have a hypothesis H: nat -> bool, if you apply H, you have to apply it to _something_ of type nat.
[Sun Aug  3 16:20:53 2014] <jrw> apply is more about implication. simplest example is if you have a hypothesis H : P and your goal is exactly P then you can "apply H" to finish
[Sun Aug  3 16:21:37 2014] <jrw> more generally, if you have H : P -> Q and your goal is Q, then "apply H" will change your goal to P, because if you can prove P, then H proves P implies Q and so Q follows
[Sun Aug  3 16:21:50 2014] <jrw> so apply and rewrite are really quite different and unrelated
[Sun Aug  3 16:22:18 2014] <jrw> however, in your example, it can be confusing, because you're reasoning about equality, so it seems like maybe rewrite is involved.
[Sun Aug  3 16:22:27 2014] <jrw> but it's not
[Sun Aug  3 16:23:01 2014] <jrw> when you do "apply H1", coq unifies the conclusion of H1 (that is, "oddb (S n) = true") with your goal
[Sun Aug  3 16:23:18 2014] <Ainieco> oh, i think i got it, thank you guys!
[Sun Aug  3 16:23:20 2014] <jrw> this unification tells coq that n must be 3
[Sun Aug  3 16:24:55 2014] <Ainieco> jrw: and then i need to prove that premise of conclusion holds, to do that i did "apply H2" which is exactly what my goal is.
[Sun Aug  3 16:29:41 2014] <jrw> Ainieco: exactly
[Sun Aug  3 16:30:19 2014] <jrw> so "apply H1" changed the goal to the assumption of H1, suitably modified since we know n must be 3.
[Sun Aug  3 16:30:42 2014] <jrw> then "apply H2" is the simplest case I mentioned above, when a hypothesis exactly matches a goal.
[Sun Aug  3 19:08:05 2014] <johnw> if I have f ≈ f' in my context, and f = f' in my goal, how can I relate these two?
[Sun Aug  3 19:16:13 2014] <Cypi> [assumption], or [exact H] where [H : f = f'], or [rewrite H; reflexivity], or simply [auto].
[Sun Aug  3 19:16:56 2014] <Cypi> or I didn't understand your question
[Sun Aug  3 19:16:59 2014] <johnw> it's ≈ from Setoid, not =
[Sun Aug  3 19:17:14 2014] <Cypi> Oh, sorry. Then I don't know :)
[Sun Aug  3 19:17:41 2014] <johnw> normally I would be able to rewrite H, but not here; I may be missing something
[Sun Aug  3 19:19:41 2014] <johnw> ahh
[Sun Aug  3 19:19:44 2014] <johnw> apply eqv_equivalence in H.
[Sun Aug  3 19:19:53 2014] <johnw> that turns f ≈ f' into f = f' in the context
[Sun Aug  3 19:20:07 2014] <johnw> uh, no, sorry, msiread it
[Sun Aug  3 19:20:11 2014] <johnw> it just flipped f and f'
[Sun Aug  3 22:02:43 2014] <alkabetz> Isn’t there a setoid_rewrite tactic?
[Sun Aug  3 22:04:57 2014] <ianjneu> alkabetz: Require Import Setoid.
[Mon Aug  4 06:50:39 2014] <schoppenhauer> hello. I am trying to do recursion on a structure, matching a structure with patterns like C0 => _ | C1 0 => _ | C1 (S m) => _.
[Mon Aug  4 06:51:12 2014] <schoppenhauer> the prblem is, when I call the recursion inside the body of the last part with C1 m, the recursion checker fails.
[Mon Aug  4 06:51:30 2014] <schoppenhauer> *termination
[Mon Aug  4 09:12:31 2014] <osa1> "so it is not very surprising that a ({x : A | P x} : Prop) can be cast into a ({x : A | P x} : Type)." how is this not surprising? I thought Prop and Type are two separate universes with no conversions between them.
[Mon Aug  4 09:13:30 2014] <vanila> That is very surprising
[Mon Aug  4 09:13:40 2014] <vanila> "cast"? where is this from
[Mon Aug  4 09:14:18 2014] <osa1> coq-club
[Mon Aug  4 09:14:28 2014] <osa1> see "what exactly are the Prop analysis rules?" thread
[Mon Aug  4 09:16:44 2014] <Cypi> Isn't Prop a subtype of Type?
[Mon Aug  4 09:17:41 2014] <Cypi> [Variable P : Prop. Definition x : Type := P.] does work
[Mon Aug  4 09:18:04 2014] <vanila> I thought Prop had stricter elimination rules than Type, so I don't get it
[Mon Aug  4 09:18:14 2014] <vanila> I guess im just wrong, that would nake sense
[Mon Aug  4 09:22:14 2014] <osa1> interesting.
[Mon Aug  4 09:22:27 2014] <osa1> I didn't know Prop is subtype of Type
[Mon Aug  4 09:27:18 2014] <osa1> what's a singleton?
[Mon Aug  4 09:55:39 2014] <ianjneu> osa1: A singleton is a few things due to conflated concepts. One is the notion of singleton elimination in Prop: if an inductive has only one constructor, you can eliminate into Type, because it's essentially a 0-information tag. It can also mean a type that intensionally has one element, like unit. Another meaning is now called a sub-singleton: a type in which all inhabitants have a pairwise equality.
[Mon Aug  4 09:56:25 2014] <ianjneu> singleton elimination in Coq is inconsistent with univalence.
[Mon Aug  4 10:08:20 2014] <osa1> ianjneu: "if an inductive has only one constructor, you can eliminate into Type" what does that mean? do you have an example?
[Mon Aug  4 10:14:03 2014] <osa1> how is [True\/True] not isomorphic to bool ?
[Mon Aug  4 10:19:36 2014] <osa1> so analyzing(destructing) [exists e, P] is actually safe but prevented in Coq for some reason?
[Mon Aug  4 10:32:07 2014] <vanila> The idea is that Prop should have a notion of "proof irrelevance"
[Mon Aug  4 10:32:26 2014] <vanila> where any two proofs of the same proposition should be interchangable
[Mon Aug  4 10:32:53 2014] <vanila> That's why when you fininsh a proof with Qed rather than Defined, it doesn't reduce it in computations
[Mon Aug  4 10:33:16 2014] <vanila> it's all about trying to make proofs more opaque, so that as long as the theorem is proved you'll be ok (doesn't matter which proof)
[Mon Aug  4 10:33:50 2014] <vanila> so you shouldn't be able to write a nonconstant function  True\/True -> bool
[Mon Aug  4 10:37:23 2014] <osa1> vanila: so the problem is that [True\/True] has type Prop? what if I cast it to Type? (like mentioned above)
[Mon Aug  4 10:37:41 2014] <vanila> well yeah, that's why I was so confused earlier - please try this and tell me what happens
[Mon Aug  4 10:38:23 2014] <osa1> I have no ideas about how to "cast" :)
[Mon Aug  4 10:38:47 2014] <osa1> oh Check (True \/ True : Type).
[Mon Aug  4 10:38:54 2014] <osa1> I guess annotating is enough.
[Mon Aug  4 10:41:23 2014] <osa1> Error: Case analysis on sort Set is not allowed for inductive definition or.
[Mon Aug  4 10:44:29 2014] <ianjneu> osa1: http://lpaste.net/108746
[Mon Aug  4 10:44:46 2014] <osa1> so it's not type of what I'm doing pattern matching on but rather the type of the result.
[Mon Aug  4 10:45:14 2014] <ianjneu> osa1: yes, that's what I mean by "eliminate into"
[Mon Aug  4 12:37:19 2014] <osa1> do we have a Prop in stdlib saying that `e is member of list l` with constructors member e (e :: l) | member e t -> member e (h :: t) ?
[Mon Aug  4 12:39:49 2014] <ianjneu> osa1: I only know In, which is a fixpoint, but there is Exists, which is a decorated version of your "member".
[Mon Aug  4 12:41:11 2014] <ianjneu> member: forall A : Type, A -> list A -> Prop. member A x l <-> Exists A (fun y => x = y) l.
[Mon Aug  4 17:33:46 2014] <osa1> any ideas how to prove this http://lpaste.net/108781 ?
[Mon Aug  4 17:49:36 2014] <jrw> osa1: prove a lemma that says membership is preserved by permutation
[Mon Aug  4 17:50:17 2014] <vanila> osa1, induction on the permutation using lemmas like http://lpaste.net/108782
[Mon Aug  4 17:51:06 2014] <osa1> jrw: well that's already the main goal
[Mon Aug  4 17:51:20 2014] <osa1> oh wait sorry it's not
[Mon Aug  4 17:53:18 2014] <osa1> so any of you proved something like this before to prove some sorting algorithm correct?
[Mon Aug  4 17:54:01 2014] <jrw> osa1: here's one way. http://lpaste.net/108783
[Mon Aug  4 17:54:13 2014] <jrw> yes it's common to reason about Permutations for sorting algorithms.
[Mon Aug  4 17:54:36 2014] <vanila> that's a really nice proof
[Mon Aug  4 17:54:39 2014] <vanila> much better than my way
[Mon Aug  4 17:55:46 2014] <osa1> jrw: eauto doesn't do induction, right?
[Mon Aug  4 17:55:55 2014] <osa1> I'm wondering how did that work
[Mon Aug  4 17:56:10 2014] <jrw> osa1: you don't need induction for the last proof :)
[Mon Aug  4 17:56:13 2014] <jrw> only to prove the lemma
[Mon Aug  4 17:56:21 2014] <jrw> then your thing follows immediately using that lemma
[Mon Aug  4 17:58:28 2014] <osa1> oh I get it now. really nice proof. so actually the tricky part is to see that proving membership is preserved with permutation is required.
[Mon Aug  4 17:59:34 2014] <jrw> osa1: right. I first tried to do it directly by induction, but in the transitivity case the IH is not strong enough. so you know you'll need to generalize something.
[Mon Aug  4 18:05:02 2014] <osa1> jrw: why I can't use the lemma with auto and I have to use eauto instaed?
[Mon Aug  4 18:06:06 2014] <osa1> I'm also wondering how did you figure that `match goal` part. did you first write the whole proof manually?
[Mon Aug  4 18:06:17 2014] <osa1> e.g. using inversions and autos.
[Mon Aug  4 18:06:33 2014] <jrw> osa1: yes I always start manually
[Mon Aug  4 18:06:35 2014] <jrw> then clean up
[Mon Aug  4 18:08:40 2014] <jrw> osa1: you have to use eauto because it needs to guess the value of l'
[Mon Aug  4 18:08:47 2014] <jrw> er, I mean l
[Mon Aug  4 18:08:57 2014] <jrw> because l doesn't appear in the conclusion of member_perm
[Mon Aug  4 18:09:56 2014] <osa1> I thought it's only used for guessing existential vars
[Mon Aug  4 18:11:23 2014] <jrw> osa1: eauto applies member_perm to the goal and introduces an existential variable in place of l. this existential is resolved by finding the hypothesis "Permutation l l'"
[Tue Aug  5 01:26:05 2014] <johnw> can anyone help with a universe inconsistency problem?  https://github.com/jwiegley/category-theory/blob/master/Functors.v#L131
[Tue Aug  5 01:26:24 2014] <johnw> that doesn't get accepted because: Error: Universe inconsistency (cannot enforce Category.33 <= Top.32334).
[Tue Aug  5 01:27:14 2014] <johnw> is it because I'm trying to create arrows between objects which are arrows?
[Tue Aug  5 01:28:32 2014] <johnw> I'm trying to rely on the fact that polymorphic functions in Coq are effectively sets of functions
[Tue Aug  5 01:28:52 2014] <johnw> (or rather, any function type is effectively a set of functions)
[Tue Aug  5 02:39:34 2014] <schoppenhauer> *push* hello. I am trying to do recursion on a structure, matching a structure with patterns like C0 => _ | C1 0 => _ | C1 (S m) => _.
[Tue Aug  5 02:39:52 2014] <schoppenhauer> the prblem is, when I call the recursion inside the body of the last part with C1 m, the termination checker fails.
[Tue Aug  5 03:09:07 2014] <jrw> schoppenhauer: yes because that is not a direct subterm. one way to proceed is to use the general recursion facilities of coq. another way is to define a custom induction principle for your type which allows recursive calls to applications of C1 to smaller nats.
[Tue Aug  5 03:18:36 2014] <jgross> johnw: The issue seems to be your [Instance Nat]; moving your definition to just before that instance makes it work, whereas right after that instance, you get the universe inconsistency.  This seems to be because, according to Coq's universe rules, natrual transformations on functors out of a locally small category do not form a Set (the type [forall {X : objC}, F X ~> G X] has universe level max(level of objC, level of _ ~{ D }~> _)).  If you
[Tue Aug  5 03:18:36 2014] <jgross> add the ": objC" annotation to [forall {X}, F X ~> G X] (so that you don't go through the monomorphic type of [obj] and you make it so that [Natural] takes a [Set] for [objC], it all goes through.  I think you can get away with taking a [Type] for [objC], if you break things up into enough sections so that [Nat] and [Natural] get different universes for [objC].  In any case, if you're interested, it compiles fine with the older version of my
[Tue Aug  5 03:18:36 2014] <jgross> library (https://bitbucket.org/JasonGross/catdb/src) which works with 8.4 (the newer version is (https://github.com/HoTT/HoTT/tree/master/theories/categories/): https://gist.github.com/JasonGross/a7ada2d97eb0b0e8be27 is on top of catdb. 
[Tue Aug  5 03:20:54 2014] <jgross> johnw: One useful trick for tracking down universe inconsistencies in 8.4 (things are much, much better in trunk) is to make the type of morphisms be [Set] (working under the "category theorists only ever need small and locally small categories, ~never large ones" principle), and seeing what breaks.  This makes things break much earlier, and is an easier way to find a conceptualization than staring at the too-verbose output of [Print Universes].
[Tue Aug  5 03:20:54 2014] <jgross>  (Again, things are better in trunk, where printing a definition also prints the universe constraints it adds.) 
[Tue Aug  5 04:48:11 2014] <hseg> Hi. I'd like to install coq on a pendrive. Is this possible?
[Tue Aug  5 08:58:03 2014] <schoppenhauer> jrw: what general recursion facilities do you mean?
[Tue Aug  5 09:56:11 2014] <schoppenhauer> jrw: I can only find "experimental" features for functional induction
[Tue Aug  5 10:14:40 2014] <schoppenhauer> hm. ok, i will just define my own measure function and work with bla = measure blubb, and induction over bla
[Tue Aug  5 10:14:44 2014] <schoppenhauer> (did this before)
[Tue Aug  5 10:16:33 2014] <schoppenhauer> (it's just ... harder)
[Tue Aug  5 12:45:21 2014] <jrw> schoppenhauer: I was thinking of using Function or Program. I can whip up an example if you're interested
[Tue Aug  5 12:45:58 2014] <schoppenhauer> jrw: the documentation sais these are experimental.
[Tue Aug  5 12:46:10 2014] <schoppenhauer> so I probably better stick with my explicit equality.
[Tue Aug  5 12:46:42 2014] <schoppenhauer> (my expierience sais that ... if something is experimental in coq, one shouldn't use it ...)
[Tue Aug  5 12:46:48 2014] <jrw> schoppenhauer: coq is a research tool, many things are experimental. depending on what project you're working on, you shouldn't feel too worried about using them.
[Tue Aug  5 12:49:00 2014] <schoppenhauer> jrw: actually I have to finish stuff in the near future, so better more to write but less to debug. thank you anyway!
[Tue Aug  5 14:05:18 2014] <Ainieco> hello
[Tue Aug  5 14:07:29 2014] <Ainieco> geez, it's so hard http://lpaste.net/6734884027255226368
[Tue Aug  5 14:08:09 2014] <Ainieco> using app_length it's piece of cake but exercise forbids usage of app_length
[Tue Aug  5 14:09:36 2014] <Ainieco> did my current context messed up? or is there any way forward without using app_length?
[Tue Aug  5 14:32:19 2014] <jrw> Ainieco: you're allowed to use cons_app_length, right?
[Tue Aug  5 14:33:17 2014] <jrw> Ainieco: I recommend doing induction on n without introducng l.
[Tue Aug  5 14:53:24 2014] <osa1> can anyone help me with this http://lpaste.net/108854 ? I'm looking for tips
[Tue Aug  5 15:08:07 2014] <jrw> osa1: you'll need to prove a lemma about find_min_idx_aux
[Tue Aug  5 15:08:08 2014] <Ainieco> jrw: thanks for hint, i'll try
[Tue Aug  5 15:11:42 2014] <osa1> jrw: any more tips? I think that one is kind of obvious :)
[Tue Aug  5 15:12:15 2014] <jrw> osa1: you need something about the fact that min_idx is always less than the length of l plus cur_idx
[Tue Aug  5 15:13:27 2014] <osa1> min_idx l < length l + cur_idx ? but this is not correct.
[Tue Aug  5 15:15:26 2014] <jrw> osa1: okay, well there's some invariant about cur_idx you need to capture
[Tue Aug  5 15:15:45 2014] <osa1> hm
[Tue Aug  5 15:19:12 2014] <jrw> osa1: http://lpaste.net/108860
[Tue Aug  5 15:19:14 2014] <osa1> okay. I think there are two invariants about cur_idx. 1) it's always holds index of minimum element of the list up to the point we're currently analyzing. 2) it's always smaller than length of analyzed part of the list.
[Tue Aug  5 15:19:29 2014] <osa1> I shouldn't see that
[Tue Aug  5 15:19:31 2014] <osa1> :)
[Tue Aug  5 15:21:29 2014] <jrw> osa1: oh sorry, I wasn't sure if you wanted to see a way to do it or just hints.
[Tue Aug  5 15:21:43 2014] <osa1> well don't worry I read it and it's amazing.
[Tue Aug  5 15:21:48 2014] <osa1> I think I understand the lemma.
[Tue Aug  5 15:22:52 2014] <jrw> so the invariant is that the return value of find_min_idx_aux will always be less than the length of the input list plus ci
[Tue Aug  5 15:23:11 2014] <jrw> under the assumption that you pass in a reasonable value for mi (that is, a value that is less than ci)
[Tue Aug  5 15:51:59 2014] <Ainieco> jrw: by the way, exercise description says "Prove this by induction on [l]" :)
[Tue Aug  5 16:03:40 2014] <osa1> why we don't have a nth with type `l -> n -> n < length l -> a ?
[Tue Aug  5 16:18:04 2014] <osa1> do we have lb in stdlib? like leb but I want < relation not <=.
[Tue Aug  5 16:34:01 2014] <jrw> osa1: there's NPeano.ltb
[Tue Aug  5 16:34:12 2014] <osa1> http://lpaste.net/108870 any ideas why I'm having this huge term?
[Tue Aug  5 18:58:36 2014] <johnw> if I have to prove that two records are propositionally equal, how do I split the fields into separate goals?
[Tue Aug  5 19:01:55 2014] <jrw> johnw: does f_equal do what you want?
[Tue Aug  5 19:02:05 2014] <johnw> no, it has no effect
[Tue Aug  5 19:02:23 2014] <johnw> I end up:
[Tue Aug  5 19:02:28 2014] <johnw>    {| transport := transport1; naturality := naturality1 |} = {| transport := transport0; naturality := naturality0 |}
[Tue Aug  5 19:02:28 2014] <johnw>  
[Tue Aug  5 19:02:45 2014] <johnw> and I need to prove separately that transport1 = transport0, and naturality1 = naturality0
[Tue Aug  5 19:03:17 2014] <vanila> assert (transport1 = transport0) as A.
[Tue Aug  5 19:03:19 2014] <vanila> prove it
[Tue Aug  5 19:03:23 2014] <vanila> then assert the other as B
[Tue Aug  5 19:03:33 2014] <vanila> then congruence should complet the goal
[Tue Aug  5 19:03:46 2014] <johnw> it says "transport0 not found in the current environment"
[Tue Aug  5 19:03:57 2014] <johnw> oh, wait
[Tue Aug  5 19:07:34 2014] <johnw> no, that didn't work
[Tue Aug  5 19:08:03 2014] <johnw> I do end up with a context of transport1 = transport0, but those are both just types: ∀ X : C, A X ~{ D }~> B X
[Tue Aug  5 19:08:07 2014] <johnw> I think I'm missing some other condition
[Tue Aug  5 19:11:39 2014] <johnw> is there any other way to do induction on record fields?
[Tue Aug  5 19:17:39 2014] <johnw> apply f_equal2 was much more successful
[Tue Aug  5 21:00:48 2014] <johnw> I'm using f
[Tue Aug  5 21:00:51 2014] <johnw> _equal2 to attempt to simplify two records
[Tue Aug  5 21:00:54 2014] <johnw> and I'm ending up with: https://gist.github.com/0ee41eeed2bb70bd1141
[Tue Aug  5 21:00:58 2014] <johnw> now, I have a right_identity law; is there any way to "reach inside" when applying f_equal like this to get it to use that law?
[Tue Aug  5 21:01:06 2014] <johnw> just rewriting does not find the term
[Tue Aug  5 21:05:55 2014] <vanila> I thought Coq had eta conversion
[Tue Aug  5 21:06:18 2014] <vanila> what if you do    intro H X Y f0. apply (H X Y f0).
[Tue Aug  5 21:06:29 2014] <vanila> I mean, I assume you tried this and it doesn't work - I'm justcurious what happens?
[Tue Aug  5 21:06:47 2014] <johnw> here's my context: https://gist.github.com/ca56ec2d900bdf68f11f
[Tue Aug  5 21:06:56 2014] <johnw> you'll see that I can't use intro here (or don't know how)
[Tue Aug  5 21:07:08 2014] <johnw> if I could "descend" into the second field somehow, and prove that as a separate goal, then I could
[Tue Aug  5 21:07:22 2014] <johnw> oh, way
[Tue Aug  5 21:07:23 2014] <johnw> wait
[Tue Aug  5 21:07:29 2014] <johnw> maybe I can use forward reasoning here
[Tue Aug  5 21:08:47 2014] <johnw> if I have something in my context of type ∀ X, ...
[Tue Aug  5 21:08:51 2014] <vanila> I can't help you unless I can try things with this, even then I probably can't help
[Tue Aug  5 21:08:53 2014] <johnw> how do I bring the X out as an existential?
[Tue Aug  5 21:09:06 2014] <johnw> github.com/jwiegley/category-theory, if you are interested
[Tue Aug  5 21:10:10 2014] <vanila> thanks, what file is this?
[Tue Aug  5 21:10:14 2014] <johnw> Functors.v
[Tue Aug  5 21:10:33 2014] <johnw> trying to prove right_identity for the Nat category
[Tue Aug  5 21:11:09 2014] <vanila> ok i need to figure out how to add loadpaths, then I'll look at this
[Tue Aug  5 21:11:22 2014] <johnw> thanks!
[Tue Aug  5 21:14:26 2014] <vanila> it says Error: Cannot find library Category in loadpath
[Tue Aug  5 21:14:40 2014] <vanila> so I tried adding that in .emacs but it doesn't work
[Tue Aug  5 21:14:47 2014] <vanila> maybe i have to build it
[Tue Aug  5 21:14:52 2014] <johnw> since Functors.v and Category.v are in the same directory
[Tue Aug  5 21:14:57 2014] <johnw> you shouldn't need to add any load path
[Tue Aug  5 21:15:01 2014] <johnw> I never did
[Tue Aug  5 21:15:22 2014] <vanila> ah it works after you 'make'
[Tue Aug  5 21:15:29 2014] <johnw> ah, ok
[Tue Aug  5 21:15:48 2014] <johnw> here's the further I've gotten: https://gist.github.com/08a02fcf890ade991e77
[Tue Aug  5 21:15:55 2014] <johnw> which is *so* close
[Tue Aug  5 21:16:05 2014] <johnw> and I have the law, I just don't know how to "get it in there"
[Tue Aug  5 21:16:39 2014] <vanila> youre proving that natural transforms form a category
[Tue Aug  5 21:16:43 2014] <johnw> yes
[Tue Aug  5 21:16:51 2014] <johnw> well, that functors, with natural transforms as the morphisms
[Tue Aug  5 21:17:06 2014] <vanila> I forgot why this is true
[Tue Aug  5 21:17:16 2014] <johnw> when I was working in setoids I proved it easily
[Tue Aug  5 21:17:24 2014] <johnw> now I'm trying to do it with just propositional equality
[Tue Aug  5 21:17:30 2014] <vanila> I get it, you just paste the diagrams together
[Tue Aug  5 21:19:46 2014] <johnw> if I have ∀ X, X = ∀ X, Y, can I change that to ∀ X, X = Y?
[Tue Aug  5 21:23:27 2014] <vanila> I think that this is impossible
[Tue Aug  5 21:23:41 2014] <johnw> hmm
[Tue Aug  5 21:23:51 2014] <vanila> http://lpaste.net/108880
[Tue Aug  5 21:23:58 2014] <vanila> I tried to make a lemma that would split the proof into parts
[Tue Aug  5 21:24:07 2014] <johnw> yeah, I just tried to assert that very thing
[Tue Aug  5 21:24:10 2014] <vanila> but naturality0 = naturality1 doesn't typecheck
[Tue Aug  5 21:24:20 2014] <johnw> oh, no, what I did was different
[Tue Aug  5 21:24:23 2014] <johnw> what was the error?
[Tue Aug  5 21:24:43 2014] <vanila> well basically they have different types, so you can't claim they're equal
[Tue Aug  5 21:24:51 2014] <vanila> one of them has transport0 in the type, the other transport1
[Tue Aug  5 21:25:19 2014] <vanila> we do have a proof that these are equal, and could rewrite that into the type to say something like   naturality0 = eq_ind _ _ _ _ naturality1
[Tue Aug  5 21:25:28 2014] <vanila> but Coq can't deal with that sort of thing properly
[Tue Aug  5 21:28:09 2014] <johnw> what about something along the lines of:
[Tue Aug  5 21:28:11 2014] <johnw>     assert (∀ f, nat_compose f nat_identity =
[Tue Aug  5 21:28:12 2014] <johnw>             {| transport := (@transport C D A B f) ∘ id |}).
[Tue Aug  5 21:28:19 2014] <johnw> (left incomplete for now)
[Tue Aug  5 21:30:15 2014] <vanila> oh "id" is not the identify function
[Tue Aug  5 21:30:24 2014] <vanila> it's the identity morphism from a category
[Tue Aug  5 21:30:30 2014] <johnw> yeah, I just changed it
[Tue Aug  5 21:31:38 2014] <vanila> hmmmm
[Tue Aug  5 21:36:56 2014] <vanila> http://lpaste.net/108881
[Tue Aug  5 21:36:59 2014] <vanila> Coq can't rewrite this
[Tue Aug  5 21:37:09 2014] <vanila> I'm not sure how to even prove (λ X : C, transport0 X ∘ id) = transport0
[Tue Aug  5 21:37:15 2014] <johnw> yeah
[Tue Aug  5 21:37:17 2014] <vanila> but this same issue with the indices is a problem
[Tue Aug  5 21:37:18 2014] <johnw> i wonder where I've gone wrong here
[Tue Aug  5 21:37:24 2014] <vanila> I don't think it's you that's gone wrong
[Tue Aug  5 21:37:33 2014] <vanila> this is just a limitation of Coq
[Tue Aug  5 21:37:49 2014] <vanila> when you try to do proofs about things with dependent types it gets really stuck
[Tue Aug  5 21:40:53 2014] <johnw> if my natural transformations behaved like arrows on functors, rather than as dependent records, I think this would be trivial
[Tue Aug  5 21:40:59 2014] <johnw> that's what happened with setoids
[Tue Aug  5 21:41:17 2014] <johnw> i just had f ≈ f' → transport f ≈ transport f'
[Tue Aug  5 21:41:23 2014] <johnw> and then all the proofs were trivial
[Tue Aug  5 21:41:37 2014] <johnw> transport is the action of the Natural
[Tue Aug  5 22:12:09 2014] <Hodapp> bah, loop_never_stops of Imp.v is throwing me for a loop (no, not a pun)
[Wed Aug  6 02:50:17 2014] <jgross> johnw, vanila: To prove  (λ X : C, transport0 X ∘ id) = transport0, you need the functional_extensionality axiom from FunctionalExtensionality.  If you want to see where I did this, it's at https://github.com/HoTT/HoTT/blob/master/theories/categories/NaturalTransformation/Composition/Laws.v, and the classification of the equality type of natural transformations is at
[Wed Aug  6 02:50:17 2014] <jgross> https://github.com/HoTT/HoTT/blob/master/theories/categories/NaturalTransformation/Paths.v 
[Wed Aug  6 04:27:30 2014] <roosbeef> im trying to prove that, given an order R on a set S, for any finite subset s of S, there is always an element in s such that ~ exists s', R s s'
[Wed Aug  6 04:27:40 2014] <roosbeef> this should not be too difficult right?
[Wed Aug  6 04:28:14 2014] <roosbeef> given a transitive, irreflexive order*
[Wed Aug  6 04:52:25 2014] <jgross> roosbeef, do you mean "for any finite subset T of S, there is always and element s in T such that ~ exists s', s' \in T /\ R s s'"?  First of all, the empty subset is a counter-example.  And if you're not assuming classical axioms, then you can't prove that non-empty -> has a distinguished element.  If by "finite", you mean "I have a list of the elements", then you can start going somewhere.  Is your order total (do you have forall x y, R x y \/
[Wed Aug  6 04:52:25 2014] <jgross> R y x, or maybe R x y + R y x if you want your element constructively (using sig, rather than exist))?	If so, you can just enumerate all of the elements to find the largest one, and then use the proof that it's the largest to contradict [exists s', s' \in T /\ R s s']. 
[Wed Aug  6 04:59:38 2014] <roosbeef> my bad, assuming s <> nil
[Wed Aug  6 05:00:14 2014] <roosbeef> the order is partial
[Wed Aug  6 05:05:02 2014] <jgross> If the order isn't decidable, you can't do anything.  For example, say S = nat, and R x y = (if P = NP then x < y else x > y).	You're not going to be able to come up with your element unless you can also prove P = NP or P <> NP. 
[Wed Aug  6 05:05:43 2014] <roosbeef> its decidable
[Wed Aug  6 05:08:32 2014] <jgross> Assuming it's constructively decidable, you can define pairwise-max-according-to-R, which picks, say, the first one if the elements are incomparable, and prove the properties you want about it. 
[Wed Aug  6 05:10:53 2014] <roosbeef> hm
[Wed Aug  6 05:10:59 2014] <roosbeef> thats interesting
[Wed Aug  6 05:11:02 2014] <roosbeef> why pick the first?
[Wed Aug  6 05:12:41 2014] <roosbeef> Lemma always_max_elem : forall L, L <> nil -> exists e, In e L /\ not_below e L.
[Wed Aug  6 05:12:59 2014] <roosbeef> not_below : https://privatepaste.com/22a32e6e8f
[Wed Aug  6 05:20:30 2014] <roosbeef> it seems very obvious to me that this must be true
[Wed Aug  6 05:21:07 2014] <roosbeef> but somehow cant seem to prove it
[Wed Aug  6 05:21:56 2014] <roosbeef> maybe i need to define a sublemma?
[Wed Aug  6 05:53:10 2014] <roosbeef> back in a bit
[Wed Aug  6 06:05:38 2014] <jgross> You should be able to prove it by induction.  The sublemma will be something like "for any x and any list L, together with an [e] such that [In e L /\ not_below e L], either [not_below e (x::L)] or [not_below x L]". 
[Wed Aug  6 06:07:07 2014] <roosbeef> back
[Wed Aug  6 06:19:19 2014] <jgross> Did you see: You should be able to prove it by induction.  The sublemma will be something like "for any x and any list L, together with an [e] such that [In e L /\ not_below e L], either [not_below e (x::L)] or [not_below x L]". ? 
[Wed Aug  6 06:23:03 2014] <roosbeef> nope i missed that
[Wed Aug  6 06:23:04 2014] <roosbeef> hm
[Wed Aug  6 06:24:14 2014] <roosbeef> lemme see if that sublemma helps
[Wed Aug  6 06:26:04 2014] <roosbeef> is that true though?
[Wed Aug  6 06:27:10 2014] <roosbeef> why would x not_below L?
[Wed Aug  6 06:59:07 2014] <roosbeef> (back in a bit)
[Wed Aug  6 07:54:01 2014] <roosbeef> hi
[Wed Aug  6 07:55:15 2014] <hodapp> hi
[Wed Aug  6 07:56:25 2014] <vanila> hello
[Wed Aug  6 07:58:28 2014] <roosbeef> haha whats up guys :p
[Wed Aug  6 07:59:18 2014] <hodapp> well, working on http://www.cis.upenn.edu/~bcpierce/sf/current/Imp.html#lab429
[Wed Aug  6 07:59:21 2014] <hodapp> and being a bit stuck
[Wed Aug  6 07:59:57 2014] <hodapp> I did "induction contra" and "inversion Heqloopdef" and then I have no idea where to go
[Wed Aug  6 08:08:17 2014] <vanila> I'm going to work on this too
[Wed Aug  6 08:08:25 2014] <vanila> I wish I had started this a couple days ago, then maybe we could discuss it
[Wed Aug  6 08:08:28 2014] <vanila> I'll definitely start on it today
[Wed Aug  6 08:09:30 2014] <vanila> maybe i can just look at it now
[Wed Aug  6 08:14:44 2014] <roosbeef> can i prove properties of non-empty lists by means of induction?
[Wed Aug  6 08:17:50 2014] <vanila> hodapp, I proved it
[Wed Aug  6 08:18:19 2014] <vanila> use  induction contra; try discriminate.  to start off and clear away all the nonsense cases
[Wed Aug  6 08:18:37 2014] <vanila> now you can use inversion Heqloopdef; subst. to make use of your structual hypotheses
[Wed Aug  6 08:18:41 2014] <vanila> in both remaining cases
[Wed Aug  6 08:19:01 2014] <vanila> both are easy, can post the script if you want to step through it
[Wed Aug  6 08:19:31 2014] <vanila> http://lpaste.net/108902
[Wed Aug  6 08:25:08 2014] <hodapp> ah, I've never heard of 'discriminate' before.
[Wed Aug  6 08:26:57 2014] <hodapp> or perhaps I forgot. who knows...
[Thu Aug  7 05:23:51 2014] <roosbeef> what would be a good way to go about proving the following lemma
[Thu Aug  7 05:23:53 2014] <roosbeef> https://privatepaste.com/a869582a45
[Thu Aug  7 06:15:12 2014] <roosbeef> brb
[Thu Aug  7 06:55:14 2014] <roosbeef> i think it's related to Zorn's lemma? Although i was hoping there would be a simpler way of proving it for finite sets
[Thu Aug  7 07:26:49 2014] <schoppenhauer> hello. is there any implementation of the pi calculus für coq?
[Thu Aug  7 07:58:56 2014] <schoppenhauer> ok there apparently is. thx.
[Thu Aug  7 08:01:27 2014] <hodapp> LINK!
[Thu Aug  7 08:01:57 2014] <schoppenhauer> http://coq.inria.fr/V8.2pl1/contribs/PiCalc.html
[Thu Aug  7 08:02:56 2014] <gdsfh> hello.  I want to prove an algorithm, but don't know how to represent my subject area.  Algorithm works on direct acyclic graphs with mutable vertices.  Of course, there are walking down the graph, mutating vertices' data, some global mutable state too (no threads, at least..).  Which keywords can you suggest me?
[Thu Aug  7 08:03:58 2014] <schoppenhauer> what are "mutable vertices"?
[Thu Aug  7 08:04:54 2014] <gdsfh> vertices with mutable data associated with them.  Some record with mutable fields, in my case.
[Thu Aug  7 08:06:09 2014] <gdsfh> such graph can be represented in OCaml as "type node = { children : node list ; mutable fld : int }", for example.
[Thu Aug  7 08:09:52 2014] <schoppenhauer> hm. mutable state is a problem I also often have to face. mostly I can somehow hack myself around it.
[Thu Aug  7 08:11:01 2014] <schoppenhauer> i *guess* there are som mstate monads out there. otherwise ... well, I would also be interested.   something that would be nice would be uniqueness types or something like that, but it probably doesnt exist in coq.
[Thu Aug  7 08:11:14 2014] <gdsfh> what your hacks look like typically?
[Thu Aug  7 08:12:21 2014] <gdsfh> monads are not very useful -- I can manually pass state if needed, but proofs won't be much easier or harder because of such passing.
[Thu Aug  7 08:12:31 2014] <schoppenhauer> there are a lot of purely functional structures that one can use. balanced trees, stuff from okasaki et al. they mostly behave only linearly worse.
[Thu Aug  7 08:15:21 2014] <gdsfh> I can't avoid mutability in my OCaml version of this algorithm, and mutability adds problems in "manual" reasoning, that's why I want to use Coq here.  If I could implement it in an immutable way, there were not problems, I think.
[Thu Aug  7 08:15:34 2014] <gdsfh> * there were no problems
[Thu Aug  7 08:21:34 2014] <schoppenhauer> for mutable recursion you usually have a loop invariant, don't you?
[Thu Aug  7 08:23:55 2014] <gdsfh> I should have it, probably.  It's easier to state what was before entering function and what is after exiting.
[Thu Aug  7 08:25:13 2014] <schoppenhauer> maybe it would be easier to suggest something if you provided more info.
[Thu Aug  7 08:26:46 2014] <gdsfh> really.  In a few minutes..
[Thu Aug  7 08:28:20 2014] <schoppenhauer> I once implemented warshall in agda. the invariant there is that between any two nodes, aevery n-tuple of nodes accessing it are longer than the  direct path (which was introduced), and this n increased. so, since there were only finitely many nodes, n was bounded.
[Thu Aug  7 08:40:51 2014] <sgnb> roosbeef: https://privatepaste.com/ada8937059 (probably not the shortest way)
[Thu Aug  7 08:41:38 2014] <gdsfh> schoppenhauer: https://gist.github.com/gdsfh/b5fc400f3e931e0194ad -- it's a simple example of "what code I want to prove".  (of course, this concrete example can be rewritten to avoid machine-checked proofs, but it's just an example, real code is harder.)
[Thu Aug  7 08:41:39 2014] <gdsfh> Here I want to prove that "after calling 'setmax somenode' all nodes below 'somenode' have 'fld = max(n.fld)' where n are direct and indirect children".
[Thu Aug  7 08:42:15 2014] <gdsfh> ( + fld of leaf nodes is intact.)
[Thu Aug  7 08:48:17 2014] <roosbeef> sgnb, thanks! let me have a look at that :)
[Thu Aug  7 10:26:55 2014] <roosbeef> sgnb, is your definition of nbn equivalent to not_below_nat?
[Thu Aug  7 10:34:04 2014] <sgnb> roosbeef: it depends on what you mean by "equivalent"... it is for Coq's "<->"
[Thu Aug  7 10:34:43 2014] <sgnb> L4 proves one way, the other way can be proven as well
[Thu Aug  7 10:38:19 2014] <schoppenhauer> gdsfh: mh ... you should be able to prove that the fold-max of a list is larger-or-equal to all elements of that list.
[Thu Aug  7 10:39:21 2014] <schoppenhauer> gdsfh: but why do you use state here? you could let setmax create a new graph.
[Thu Aug  7 10:43:50 2014] <roosbeef> sgnb, haha nice. I should probably review some of my code and try to simplify it :p
[Thu Aug  7 10:45:39 2014] <gdsfh> schoppenhauer: it was just a toy example that shows "which things I can't encode in Coq in an easy way".  In the real case I need to prove things about "which vertices would be affected and how exactly" -- logic consists of misc arithmetics checks, modifying vertex data, recursions.  I can't create new graph, it's not convenient for programmer who uses my code, and too costly.
[Thu Aug  7 10:47:49 2014] <gdsfh> also there are "diamonds" in DAG, so creating a new graph must care of preserving their physical sharing.
[Thu Aug  7 10:59:48 2014] <schoppenhauer> hm.
[Thu Aug  7 11:00:31 2014] <schoppenhauer> I'm not sure whether then it wouldn't be better to view the graph as a set of nodes and a set of edges, gdsfh
[Thu Aug  7 11:04:42 2014] <gdsfh> schoppenhauer: right, I've tried to do something like this, plus state passing.  But: 1. it's hard to work with, 2. I need something to prove things like "eval (a := 1; a := 2) => a == 2", including not only linear sequence of "instructions", but recursive calls too, and I don't know how to represent such code in Coq.
[Thu Aug  7 11:05:57 2014] <gdsfh> and http://perso.ens-lyon.fr/jeanmarie.madiot/files/reportru.pdf doesn't help too much, or I'm too dumb to apply this approach to my task.
[Thu Aug  7 11:06:18 2014] <schoppenhauer> ok, I guess I can't help you, sorry.
[Thu Aug  7 11:06:39 2014] <gdsfh> no problem.
[Thu Aug  7 13:49:51 2014] <johnw> it looks like Coq head changes the way files are compiled a fair bit
[Thu Aug  7 13:49:57 2014] <johnw> by head I mean Git HEAD
[Thu Aug  7 13:50:22 2014] <johnw> it now doesn't find files in my current directory without -I., and it says: Error: Cannot find library Functors in loadpath, for things that I just Require
[Thu Aug  7 13:57:01 2014] <johnw> ah, I see the change to -I in CHANGES
[Thu Aug  7 14:06:49 2014] <johnw> if I say -I . -as Hask, then should I expect to be able to refer to a library Foo.v in . as Hask.Foo?
[Thu Aug  7 15:31:23 2014] <johnw> ok, got it all resolved
[Thu Aug  7 16:18:23 2014] <vanila> johnw, hey did you complete the proof about natural transforms?
[Thu Aug  7 17:03:42 2014] <johnw> vanila: yes
[Thu Aug  7 17:03:48 2014] <vanila> wow awesome!
[Thu Aug  7 17:03:51 2014] <vanila> I am really surprised
[Thu Aug  7 17:03:57 2014] <vanila> well done
[Thu Aug  7 17:04:00 2014] <johnw> if I have an object of type ∃ x, y, can I pluck out the x?
[Thu Aug  7 17:04:14 2014] <vanila> I thin that you can as long as it's into a Prop context
[Thu Aug  7 17:04:19 2014] <jgross> vanila: Why are you surprised? 
[Thu Aug  7 17:04:24 2014] <johnw> vanila: well, it was Adam who solved the natural transforms proof
[Thu Aug  7 17:04:24 2014] <vanila> if you want to use it in a Set context you'll need { x | y }
[Thu Aug  7 17:04:31 2014] <vanila> ok adam can do anything
[Thu Aug  7 17:04:35 2014] <johnw> I was really close, but I hadn't assumed proof irrelevance
[Thu Aug  7 17:04:38 2014] <vanila> even if it's impossible
[Thu Aug  7 17:04:43 2014] <vanila> oh
[Thu Aug  7 17:04:46 2014] <vanila> you had to use the K axio
[Thu Aug  7 17:04:46 2014] <vanila> m
[Thu Aug  7 17:04:53 2014] <vanila> that's what I was talking about when I said "this is a limitation of Coq"
[Thu Aug  7 17:05:06 2014] <johnw> yeah
[Thu Aug  7 17:05:43 2014] <vanila> good luck with the rest of the category stuff you're doing :)
[Thu Aug  7 17:05:57 2014] <jgross> johnw: You might be interested in the recent thread on the coq-club mailing list about how to pull things out of props ("prop smuggling") 
[Thu Aug  7 17:06:14 2014] <johnw> oh, nice
[Thu Aug  7 17:06:21 2014] <jgross> johnw: Is there any particular reason you decided to do a category theory library? 
[Thu Aug  7 17:06:34 2014] <johnw> yes
[Thu Aug  7 17:06:45 2014] <johnw> edwardk is building a really cool library for Haskell called "hask"
[Thu Aug  7 17:06:56 2014] <johnw> based on the notion of monoidal bifunctors over enriched closed categories
[Thu Aug  7 17:07:05 2014] <johnw> and I want to formalize what he's doing to verify that the theory is sound
[Thu Aug  7 17:07:21 2014] <johnw> he's on Google hangouts with me now, and we're working on a lemma for the unique of products
[Thu Aug  7 17:07:41 2014] <edwardk> * waves hello
[Thu Aug  7 17:07:43 2014] <jgross> Any particular reason you decided to start from scratch, rather than base it on one of the existing libraries? 
[Thu Aug  7 17:07:52 2014] <jgross> *waves back* 
[Thu Aug  7 17:07:57 2014] <johnw> yeah, we're working on a really small subset of what the existing libraries try to deal with
[Thu Aug  7 17:08:06 2014] <johnw> and I wanted to end up with something that you could read side-by-side with the Haskell
[Thu Aug  7 17:08:22 2014] <edwardk> i do all the category theory in hask in a slightly odd way, all the category theory is curried -- since i only work with locally small categories and this leads to a very nice way to talk about the yoneda lemma, etc.
[Thu Aug  7 17:08:31 2014] <vanila> What are monoidal bifunctors over enriched closed categories
[Thu Aug  7 17:08:48 2014] <edwardk> well, its not quite that =)
[Thu Aug  7 17:09:08 2014] <johnw> ooh, do correct me!
[Thu Aug  7 17:09:31 2014] <edwardk> i do a lot of stuff encoding things as monoids over monoidal categories. e.g. haskell's applicative is a monoid for day convolution, monads are monoids for compose, etc.
[Thu Aug  7 17:10:26 2014] <vanila> Wow, that sounds really neat :)
[Thu Aug  7 17:10:36 2014] <jgross> Also, I suspect you're going to run into a lot of trouble with speed when you try to formalize enriched categories (at least, if you go through monoidal categories).  Things are better in trunk than in 8.4, but when I did monoidal and enriched categories in https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/MonoidalCategory.v?at=default, my definition of monoidal categories (not even doing anything with them)
[Thu Aug  7 17:10:36 2014] <jgross> took around 35 seconds to compile. 
[Thu Aug  7 17:11:38 2014] <edwardk> the first version of hask deliberately conflated the notion of a kind in haskell with a category, this made for a very nice way to talk about functors over any argument, etc. without burden, but parametricity is a poor proxy for naturality. it is too strong and too weak at the same time
[Thu Aug  7 17:11:52 2014] <johnw> jgross: I switched to trunk about an hour ago :)
[Thu Aug  7 17:11:57 2014] <edwardk> so in that pseudo-category theory we get limits that are too strong to express products, the yoneda lemma, etc.
[Thu Aug  7 17:12:05 2014] <edwardk> but which are very nice to talk about haskell stuff
[Thu Aug  7 17:12:21 2014] <edwardk> then i went back and did a more correct form of category theory to compare and contrast for folks
[Thu Aug  7 17:12:34 2014] <edwardk> to show _why_ limits have the structure they do, why parametricity isn't naturality
[Thu Aug  7 17:12:45 2014] <edwardk> and to drive home the need for the different distinctions
[Thu Aug  7 17:12:52 2014] <edwardk> that is the form john is writing up in coq now
[Thu Aug  7 17:12:59 2014] <Elision> day convolution?
[Thu Aug  7 17:13:04 2014] <vanila> What a cool projec
[Thu Aug  7 17:13:05 2014] <vanila> t
[Thu Aug  7 17:13:18 2014] <johnw> vanila: https://github.com/jwiegley/category-theory
[Thu Aug  7 17:13:20 2014] <edwardk> instead of bifunctors what we do is functors to a functor category, so we are doing 'curried' category theory
[Thu Aug  7 17:13:25 2014] <vanila> yeah I have it bookmarked :)
[Thu Aug  7 17:13:28 2014] <johnw> and https://github.com/ekmett/hask
[Thu Aug  7 17:13:30 2014] <edwardk> which is an application of the yoneda lemma
[Thu Aug  7 17:13:41 2014] <edwardk> which is sound in the case where our categories are all locally small
[Thu Aug  7 17:14:06 2014] <edwardk> then the yoneda embedding _is_ the notion of an opposite category for us, since it just curries backwards
[Thu Aug  7 17:14:11 2014] <edwardk> and we're already curried
[Thu Aug  7 17:14:33 2014] <johnw> so ∃ x : A, y doesn't have the type { x : A & y }?  projT1 isn't working on the former
[Thu Aug  7 17:14:46 2014] <vanila> exists is in Prop isn't it?
[Thu Aug  7 17:14:59 2014] <johnw> and we have no projects for Prop, do we
[Thu Aug  7 17:14:59 2014] <vanila> http://coq.inria.fr/library/Coq.Init.Logic.html
[Thu Aug  7 17:15:03 2014] <johnw> projections
[Thu Aug  7 17:15:03 2014] <vanila>  Inductive ex (A:Type) (P:A -> Prop) : Prop :=
[Thu Aug  7 17:15:03 2014] <vanila>   ex_intro : forall x:A, P x -> ex (A:=A) P.
[Thu Aug  7 17:15:11 2014] <vanila> you can project as long as you only use it in proofs
[Thu Aug  7 17:15:17 2014] <johnw> ah
[Thu Aug  7 17:15:22 2014] <johnw> I need to project to state the lemma
[Thu Aug  7 17:15:22 2014] <vanila> so you might need to change to subset from Specif, instead of exists
[Thu Aug  7 17:15:53 2014] <jgross> The yoneda embedding is currying/opposite categories?  (Yoneda is the one bit of category theory that I really don't understand, despite having formalized it.	(The rest of category theory that I have no clue about, it's because I haven't formalized it yet.)) 
[Thu Aug  7 17:16:02 2014] <edwardk> but then the 'old' notion of parametricity instead of naturality can possibly be salvaged by doing _more_ non-standard category theory, by tyiong the notion of variance to the objects, then Nat ceases to be what you're used to, loses its terminal and initial object and becomes to adjoined copies of Nat varying by variance, etc.
[Thu Aug  7 17:16:25 2014] <edwardk> If we write down a category C     in terms of a bifunctor C^op -> [ C, Set ]
[Thu Aug  7 17:16:32 2014] <edwardk> note we've curried the bifunctor here
[Thu Aug  7 17:16:41 2014] <edwardk> its not going from (C^op * C) -> Set
[Thu Aug  7 17:16:43 2014] <vanila> You might understand Yoneda better if you do it on paper
[Thu Aug  7 17:16:47 2014] <edwardk> but rather its a functor to the functor category
[Thu Aug  7 17:17:01 2014] <edwardk> then the definition of a category is already going through one form of the yoneda embedding!
[Thu Aug  7 17:17:06 2014] <edwardk> in the other direction
[Thu Aug  7 17:17:27 2014] <vanila> I see
[Thu Aug  7 17:17:28 2014] <edwardk> Yoneda :: C -> [C^op, Set]  -- takes an object in the category c to Hom(_, c)
[Thu Aug  7 17:17:32 2014] <edwardk> the presheaves on C
[Thu Aug  7 17:17:39 2014] <edwardk> the arrows that end at c
[Thu Aug  7 17:18:00 2014] <edwardk> in the encoding above, if C^op^op = C then you get Yoneda = ^op
[Thu Aug  7 17:18:17 2014] <edwardk> it becomes our opposite category
[Thu Aug  7 17:18:35 2014] <edwardk> then the yoneda lemma lets you go back and forth between Nat (p a) f       and f a
[Thu Aug  7 17:18:46 2014] <edwardk> for some category p
[Thu Aug  7 17:18:49 2014] <vanila> sheaves are the thing I don't understand/scared of
[Thu Aug  7 17:18:54 2014] <edwardk> sheaves are boring
[Thu Aug  7 17:19:03 2014] <edwardk> well
[Thu Aug  7 17:19:05 2014] <edwardk> presheaves are
[Thu Aug  7 17:19:08 2014] <edwardk> sheaves are terrifying
[Thu Aug  7 17:19:14 2014] <edwardk> presheaves  are 'functors to set'
[Thu Aug  7 17:19:29 2014] <edwardk> any functor f :: C^op -> Set  -- is a presheave
[Thu Aug  7 17:19:33 2014] <edwardk> er presheaf
[Thu Aug  7 17:19:42 2014] <edwardk> ay functor C -> Set is a copresheaf
[Thu Aug  7 17:20:03 2014] <vanila> oh that's simple then :)
[Thu Aug  7 17:20:16 2014] <edwardk> representable presheaves are the ones that look like Hom(_,c)  for some c
[Thu Aug  7 17:20:19 2014] <__cody__> often called a "covariant presheaf"
[Thu Aug  7 17:20:31 2014] <jgross> edwardk: in the encoding above, if C^op^op = C then you get Yoneda = ^op <- Isn't C^op^op always C?  And ^op is a functor Cat -> Cat. Yoneda is a functor C -> [C^op, Set].  How can Yoneda = ^op? 
[Thu Aug  7 17:21:01 2014] <edwardk> jgross: yes C^op^op = C
[Thu Aug  7 17:21:14 2014] <edwardk> i was using that as a lemma you give yourself to show that Yoneda above is describing the opposite category
[Thu Aug  7 17:21:41 2014] <edwardk> Yoneda C   is now a category that when you apply it to one object gives you a presheaf
[Thu Aug  7 17:21:52 2014] <edwardk> becuase in this world our categories are functors
[Thu Aug  7 17:21:59 2014] <edwardk> C^op -> [C, Set]
[Thu Aug  7 17:22:20 2014] <edwardk> Then Yoneda_C :: C -> [C^op, Set]
[Thu Aug  7 17:22:44 2014] <edwardk> is a functor that you can partially apply to one argument to get an object in [C^op, Set] which is a functor from C^op -> Set
[Thu Aug  7 17:23:17 2014] <__cody__> It's kind of like defining a category to be "that for which op satisfies the Yoneda lemma"
[Thu Aug  7 17:23:18 2014] <edwardk> our categories are functors with a few extra conditions on them basically
[Thu Aug  7 17:23:27 2014] <edwardk> __cody__: yeah
[Thu Aug  7 17:23:35 2014] <edwardk> __cody__: categories are where the yoneda lemma holds
[Thu Aug  7 17:23:38 2014] <edwardk> =)
[Thu Aug  7 17:23:41 2014] <__cody__> hehe
[Thu Aug  7 17:23:56 2014] <edwardk> which is a perfectly cromulent way to do category theory
[Thu Aug  7 17:24:12 2014] <vanila> that's tricky
[Thu Aug  7 17:24:14 2014] <edwardk> but it also means we're not farting around with products all the time
[Thu Aug  7 17:24:18 2014] <edwardk> so everything stays curried
[Thu Aug  7 17:24:24 2014] <edwardk> which makes it very nice to work with
[Thu Aug  7 17:24:35 2014] <edwardk> you can now define Functor Either,   Functor (Either a) -- etc.
[Thu Aug  7 17:24:39 2014] <edwardk> and the former makes use of the latter
[Thu Aug  7 17:25:14 2014] <edwardk> then the number of times you use transport determines which argument you are focalizing on
[Thu Aug  7 17:25:23 2014] <jgross> How does this definition of categories relate to the standard one? 
[Thu Aug  7 17:25:42 2014] <edwardk> and bimap, etc. for bifunctors is defined in terms of using the functors you map to as well as the outer form
[Thu Aug  7 17:26:24 2014] <edwardk> well, this form of category is what you get if you go back and forth by currying the usual definition of Hom as a bifunctor through the internal hom of Cat, which you can do for locally small categories.
[Thu Aug  7 17:26:53 2014] <edwardk> you need to know that the set of arrows between any two objects is formally "small enough" and this encoding works
[Thu Aug  7 17:27:13 2014] <edwardk> since we're working in internal category / constructive hell? we're pretty much always going to be small enough
[Thu Aug  7 17:27:55 2014] <edwardk> in haskell i do most of my work in terms of bicategories, i build the tower of naturality up, then i work with explicit 1-morphisms for Compose or for profunctor composition
[Thu Aug  7 17:28:31 2014] <edwardk> and then all my monoids are w.r.t. these weak monoidal structures, so everything becomes weak with explicit associators
[Thu Aug  7 17:28:34 2014] <edwardk> and unitors
[Thu Aug  7 17:28:35 2014] <vanila> you mean normal programming?
[Thu Aug  7 17:28:49 2014] <edwardk> yes =)
[Thu Aug  7 17:29:09 2014] <vanila> that sounds really interesting, do you have some example of that around?
[Thu Aug  7 17:29:24 2014] <edwardk> so the main difference is that we build profunctors 'backwards' from the usual category theory definition
[Thu Aug  7 17:29:36 2014] <edwardk> sure
[Thu Aug  7 17:29:41 2014] <edwardk> let me dig up monads in hask
[Thu Aug  7 17:30:17 2014] <edwardk> https://github.com/ekmett/hask/blob/master/src/Hask/Tensor/Compose.hs#L134
[Thu Aug  7 17:30:45 2014] <edwardk> Compose itself isn't 'on the nose'
[Thu Aug  7 17:31:12 2014] <edwardk> here's Day convolution which is less magic right now: https://github.com/ekmett/hask/blob/master/src/Hask/Tensor/Day.hs#L16
[Thu Aug  7 17:31:40 2014] <edwardk> the monoids of Day convolution are applicatives (lax closed functors with strength)
[Thu Aug  7 17:32:11 2014] <edwardk> in contravariant form you get some stuff that is going into my contravariant package, which are contravariant applicatives, etc.
[Thu Aug  7 17:35:30 2014] <edwardk> anyways, i find it to be a nice encoding of category theory in haskell because then you can just use kinds as an approximation of category sans info on variance, morphisms, etc. and refine it with a category
[Thu Aug  7 17:39:04 2014] <vanila> yeah - it's really interesting turning things upside down like that
[Thu Aug  7 17:39:11 2014] <vanila> how do you come up with this stuff :)
[Thu Aug  7 17:39:37 2014] <edwardk> i spend a lot of time building things up sideways to work around haskell ;)
[Thu Aug  7 17:40:13 2014] <edwardk> i gave a talk on hask when i had it wired up deliberately wrong  a couple of weeks ago
[Thu Aug  7 17:40:41 2014] <edwardk> https://www.youtube.com/watch?v=Klwkt9oJwg0&feature=youtu.be
[Thu Aug  7 18:35:05 2014] <johnw> if my goal is { a : { b : B, c }, d }, how do I provide a value of the sigma type using exists?
[Thu Aug  7 18:35:27 2014] <johnw> conversely, how do I break it apear so that I can use exists on the argument, making it into a goal?
[Thu Aug  7 18:35:31 2014] <vanila> you could assert { b : B, c } as H
[Thu Aug  7 18:35:32 2014] <vanila> prove that
[Thu Aug  7 18:35:35 2014] <vanila> then exists H
[Thu Aug  7 18:35:36 2014] <johnw> ah
[Thu Aug  7 18:35:36 2014] <vanila> and prove d
[Thu Aug  7 18:35:39 2014] <johnw> thank you
[Thu Aug  7 18:36:05 2014] <johnw> perfect
[Thu Aug  7 18:41:27 2014] <johnw> vanila: in https://github.com/jwiegley/category-theory/blob/master/Products.v#L75
[Thu Aug  7 18:41:38 2014] <johnw> I have a proof where I've asserted the same object to two sigmas
[Thu Aug  7 18:41:51 2014] <johnw> and yet, Coq does not preserve their identity, forcing me to have to elaborate
[Thu Aug  7 18:42:00 2014] <johnw> is there any way unify the two choices of 'h' that I have there?
[Thu Aug  7 18:42:10 2014] <johnw> you'll see what I mean if you step through the proof
[Thu Aug  7 18:42:11 2014] <vanila> let me try running it
[Thu Aug  7 18:43:56 2014] <vanila> "coqc"  -Q . Hask CpdtTactics
[Thu Aug  7 18:43:56 2014] <vanila> coqc: -Q: no such file or directory
[Thu Aug  7 18:43:56 2014] <vanila> Makefile.coq:251: recipe for target 'CpdtTactics.vo' failed
[Thu Aug  7 18:43:59 2014] <vanila> this wasnt happening last time
[Thu Aug  7 18:44:02 2014] <johnw> sorry
[Thu Aug  7 18:44:05 2014] <johnw> I'm using the HEAD version of Coq
[Thu Aug  7 18:44:26 2014] <johnw> I needed universe polymorphism
[Thu Aug  7 19:22:54 2014] <johnw> if I have (λ x : Z, f (g1 x)) = (λ x : Z, f (g2 x)) in my context, how can I invent an x to apply to both sides?  In the goal I'd use extensionality
[Thu Aug  7 19:24:00 2014] <vanila> I think that is an axiom: (forall x, f x = g x) -> f = g
[Thu Aug  7 19:24:04 2014] <vanila> which is not part of coqs theory
[Thu Aug  7 19:24:13 2014] <vanila> so you would just apply that axiom
[Thu Aug  7 19:24:24 2014] <johnw> that's called functional_extensionality_dep I believe
[Thu Aug  7 19:24:30 2014] <vanila> using axioms could cause problems (blocking reduction) though
[Thu Aug  7 19:24:33 2014] <johnw> no, just functional_extensionality
[Thu Aug  7 19:24:34 2014] <johnw> http://coq.inria.fr/library/Coq.Logic.FunctionalExtensionality.html
[Thu Aug  7 19:25:05 2014] <johnw> but applying it to the context does not work
[Thu Aug  7 19:25:09 2014] <johnw> it says "Unable to unify"
[Thu Aug  7 19:25:12 2014] <vanila> hm
[Thu Aug  7 19:25:16 2014] <vanila> maybe instantiate it
[Thu Aug  7 19:25:19 2014] <vanila> like
[Thu Aug  7 19:25:45 2014] <vanila> apply (functional_extensionality (λ x : Z, f (g1 x)) (λ x : Z, f (g2 x))).
[Thu Aug  7 19:26:38 2014] <johnw> Unable to unify "(λ x : Z, f (g1 x)) = (λ x : Z, f (g2 x))" with "g1 e = g2 e".
[Thu Aug  7 19:27:01 2014] <johnw> i tihnk those f applications are causing me trouble
[Thu Aug  7 19:27:07 2014] <vanila> what about just looking at
[Thu Aug  7 19:27:11 2014] <vanila> pose (functional_extensionality (λ x : Z, f (g1 x)) (λ x : Z, f (g2 x))).
[Thu Aug  7 19:27:16 2014] <johnw> thanks
[Thu Aug  7 19:27:20 2014] <vanila> and seeing if it looks the same as what you have in the goal
[Thu Aug  7 19:27:41 2014] <johnw> it looks identity to what I have in the context
[Thu Aug  7 19:28:21 2014] <johnw> ah
[Thu Aug  7 19:28:26 2014] <johnw> (∀ x : Z, f (g1 x) = f (g2 x)) → (λ x : Z, f (g1 x)) = (λ x : Z, f (g2 x))
[Thu Aug  7 19:28:30 2014] <johnw> that is indeed something I want
[Thu Aug  7 19:39:30 2014] <johnw> given a hypothesis of the form ∀ x y : X, f x = f y → x = y
[Thu Aug  7 19:39:40 2014] <johnw> can I have Coq invent two variables of type X?
[Thu Aug  7 19:39:50 2014] <johnw> I want something like especialize H.
[Thu Aug  7 20:17:35 2014] <jgross> johnw: Try [eapply f_equal in H].  (This would be functional extensionality in the goal, but it's f_equal in a hypothesis, because you're going the other way.)  For your other question, are you looking for [evar (x : X)]? 
[Thu Aug  7 20:20:31 2014] <edwardk> yeah we found that one, if you pull you should see it
[Thu Aug  7 20:20:55 2014] <edwardk> evar we didn't find
[Thu Aug  7 20:45:28 2014] <johnw> ok, it's pushed
[Thu Aug  7 20:45:58 2014] <johnw>   extensionality e; apply H; apply (equal_f H0). was the magic sauce we needed
[Thu Aug  7 23:39:07 2014] <gdsfh> hello.  Now I need a hack (if it exists).  Can something in Coq be used as "unique identifiers"?  Say, I have "Definition id1 := <something1>. Definition id2 := <something2>." and then I can use in proofs facts like "idN = idN" and "idN <> idM where N<>M".
[Thu Aug  7 23:50:00 2014] <johnw> is there a way to ask Proof General to not be so eager about clearing the response buffer?
[Thu Aug  7 23:50:16 2014] <johnw> as soon as I start typing it clears it, and yet 99% of the time I want to do further editing based on what I had seen there
[Fri Aug  8 01:21:51 2014] <johnw> if i have (∃ x0 : X, f x0 = f e) = True in my goal, and an e : X in my context, what tactic can I use?
[Fri Aug  8 01:23:35 2014] <johnw> it's like I want to check if both sides of the equality are the same, but separately
[Fri Aug  8 01:23:53 2014] <johnw> I can easily prove that the left side is True, but I can't rewrite to show True = True
[Fri Aug  8 01:33:00 2014] <edwardk> still playing with surjectivity?
[Fri Aug  8 01:33:09 2014] <johnw> I feel like I'm almost there
[Fri Aug  8 01:33:29 2014] <johnw> the goal is obviously true, I just don't know what to tell coq to turn the left side into True
[Fri Aug  8 01:33:34 2014] <edwardk> good luck, going to go sleep. medication/being sick sucks.
[Fri Aug  8 01:33:42 2014] <johnw> sleep well, edwardk!  thanks for today
[Fri Aug  8 01:33:47 2014] <edwardk> np
[Fri Aug  8 01:33:53 2014] <edwardk> we'll get there!
[Fri Aug  8 01:34:02 2014] <johnw> indeed
[Fri Aug  8 01:34:08 2014] <johnw> we made huge progress today
[Fri Aug  8 02:14:53 2014] <johnw> given that 'e : X' is in my context, why isn't it obvious that (∃ x0 : X, f x0 = f e) = (f e = f e)?
[Fri Aug  8 02:18:40 2014] <johnw> said more generally:
[Fri Aug  8 02:18:42 2014] <johnw> Lemma existence_exists {A} (a : A) (P : A → Prop) : (∃ y : A, P y) = P a.
[Fri Aug  8 03:32:34 2014] <Saizan> those types might be logically equivalent, but surely not equal
[Fri Aug  8 03:32:58 2014] <Saizan> unless A is an hProp too
[Fri Aug  8 03:33:20 2014] <Saizan> (and we're using univalence)
[Fri Aug  8 03:35:53 2014] <Saizan> uh, i guess another case is when P x = x = z, which is your case :)
[Fri Aug  8 03:37:14 2014] <roosbeef> how could P x = x
[Fri Aug  8 03:37:36 2014] <Saizan> P x = (x = z)
[Fri Aug  8 03:37:43 2014] <roosbeef> ohh
[Fri Aug  8 03:37:44 2014] <roosbeef> haha
[Fri Aug  8 03:38:05 2014] <roosbeef> sorry im at a caffeine defficiency :p
[Fri Aug  8 04:44:13 2014] <sgnb> gdsfh: define an inductive type with constant constructors
[Fri Aug  8 04:45:03 2014] <sgnb> (as in: "Inductive foo := id1 | id2")
[Fri Aug  8 05:00:11 2014] <gdsfh> sgnb: really, thanks.  /me feels too dumb.
[Fri Aug  8 06:29:03 2014] <roosbeef> how do i prove incomparability is transitive in a partial strict order?
[Fri Aug  8 06:38:57 2014] <barb> it's not in general: consider a, b, c s.t. a < b, a is incomparable to c, c is incomparable to b, but a is comparable to b
[Fri Aug  8 06:42:17 2014] <roosbeef> is partial strict order and weak strict order the same?
[Fri Aug  8 06:42:19 2014] <roosbeef> https://en.wikipedia.org/wiki/Weak_ordering
[Fri Aug  8 06:42:31 2014] <roosbeef> here it says incomparability is transitive in such an order
[Fri Aug  8 06:44:01 2014] <roosbeef> or am i misreading that?
[Fri Aug  8 06:57:09 2014] <barb> no, a weak strict order is precisely a partial strict order which additionaly satisfies transitivity for incomparability. You cannot derive it, you have to assume it.
[Fri Aug  8 06:57:53 2014] <roosbeef> oh haha
[Fri Aug  8 07:13:46 2014] <jgross> johnw: is there a way to ask Proof General to not be so eager about clearing the response buffer? <- Submit a feature request on the bug tracker? 
[Fri Aug  8 07:16:04 2014] <jgross> johnw: The axiom you're looking for is called propositional extensionality.  It says (forall P Q : Prop, (P <-> Q) -> P = Q). 
[Fri Aug  8 07:16:44 2014] <roosbeef> are there any examples of well-founded recursion in coq online except http://adam.chlipala.net/cpdt/html/GeneralRec.html ?
[Fri Aug  8 08:03:44 2014] <jgross> roosbeef: I have an implementation of quick-select on a vector at https://github.com/JasonGross/ClosestPoints/blob/master/VectorQuickSelect.v, see [vector_quick_select] at the bottom, but it's not particularly pretty or well-documented. 
[Fri Aug  8 08:08:41 2014] <roosbeef> jgross, thank you
[Fri Aug  8 08:09:49 2014] <roosbeef> jgross, how much more difficult would you say is it to use wf recursion compared to standard recursion
[Fri Aug  8 08:16:25 2014] <roosbeef> brb
[Fri Aug  8 11:27:56 2014] <johnw> jgross: ahhhh, thank you
[Fri Aug  8 14:54:14 2014] <edwardk> johnw: ping
[Fri Aug  8 17:03:29 2014] <johnw> edwardk: pog
[Fri Aug  8 17:15:59 2014] <johnw> edwardk: you pinged?
[Fri Aug  8 17:16:10 2014] <edwardk> yeah was going to check in on the state of things
[Fri Aug  8 17:16:18 2014] <johnw> I completed the proofs we were working on
[Fri Aug  8 17:16:21 2014] <edwardk> but distracted by the chatter on #nothaskell
[Fri Aug  8 17:16:22 2014] <johnw> and all the admitted ones
[Fri Aug  8 17:16:27 2014] <johnw> :)
[Fri Aug  8 17:16:30 2014] <johnw> it was good chatter
[Fri Aug  8 17:16:32 2014] <edwardk> did you figure out surjective?
[Fri Aug  8 17:16:41 2014] <johnw> I did, but again I needed an axiom, but I don't like it at all
[Fri Aug  8 17:16:47 2014] <johnw> so I asked the mailing list for help
[Fri Aug  8 17:16:56 2014] <johnw> this axiom is unacceptable pretty much
[Fri Aug  8 17:17:07 2014] <edwardk> yeah
[Fri Aug  8 17:17:08 2014] <johnw> see if you can think of a better way to progres...
[Fri Aug  8 17:17:25 2014] <johnw> https://github.com/jwiegley/category-theory/blob/master/Products.v#L261
[Fri Aug  8 17:17:36 2014] <johnw> so, for the g1 and g2 I picked functions returning propositions
[Fri Aug  8 17:17:51 2014] <johnw> since I think it would be easy enough to yield two things that were both True
[Fri Aug  8 17:17:54 2014] <johnw> s/think/thought
[Fri Aug  8 17:18:29 2014] <johnw> however, without propositional extensionality I run into the same problem I did with functional extensionality: how to identify two propositions as equal
[Fri Aug  8 17:18:46 2014] <johnw> so I think the real answer is a better choice of functions
[Fri Aug  8 17:20:39 2014] <edwardk> ok, heading home
[Fri Aug  8 17:20:42 2014] <johnw> k
[Fri Aug  8 17:21:06 2014] <johnw> i'll be on later this evening, if you want to hack some more
[Fri Aug  8 17:43:20 2014] <cody__> johnw: I'm confused why you need propositional extensionality
[Fri Aug  8 17:43:35 2014] <johnw> did you see the proof on coq-club?
[Fri Aug  8 17:43:42 2014] <cody__> um
[Fri Aug  8 17:43:44 2014] <cody__> no
[Fri Aug  8 17:44:08 2014] <johnw> https://github.com/jwiegley/category-theory/blob/master/Products.v#L235
[Fri Aug  8 17:44:11 2014] <johnw> that's the context
[Fri Aug  8 17:44:20 2014] <johnw> I would like to do away with that lemma
[Fri Aug  8 17:44:30 2014] <johnw> is this the cody that I met at Hac Boston?
[Fri Aug  8 17:44:33 2014] <cody__> yes
[Fri Aug  8 17:44:38 2014] <johnw> hello!!
[Fri Aug  8 17:44:40 2014] <cody__> hi
[Fri Aug  8 17:44:41 2014] <johnw> it was great meeting you
[Fri Aug  8 17:44:45 2014] <cody__> same here!
[Fri Aug  8 17:44:50 2014] <johnw> I like the way you pronounce 'Coq' :)
[Fri Aug  8 17:45:01 2014] <cody__> it's hard to find a balance
[Fri Aug  8 17:45:20 2014] <cody__> the lemma looks a bit strange
[Fri Aug  8 17:45:32 2014] <cody__> i didn't run your file though
[Fri Aug  8 17:45:40 2014] <johnw> it needs the HEAD version of Coq to compile
[Fri Aug  8 17:46:16 2014] <cody__> how come?
[Fri Aug  8 17:46:25 2014] <johnw> i'm using universe polymorphism now
[Fri Aug  8 17:46:34 2014] <johnw> in order to have the category of categories
[Fri Aug  8 17:47:17 2014] <cody__> ah ok
[Fri Aug  8 17:47:27 2014] <cody__> I should really try to sell you on Lean
[Fri Aug  8 17:47:31 2014] <johnw> :)
[Fri Aug  8 17:47:41 2014] <johnw> i'm open to learning most anything in this space at the moment
[Fri Aug  8 17:47:42 2014] <cody__> but that debate is for another time
[Fri Aug  8 17:47:59 2014] <cody__> i don't see why you need this property
[Fri Aug  8 17:48:24 2014] <johnw> down on line 268
[Fri Aug  8 17:48:50 2014] <johnw> I end up with a goal of: (∃ x0 : X, f x0 = f e) = (f e = f e
[Fri Aug  8 17:48:53 2014] <johnw> )
[Fri Aug  8 17:49:14 2014] <johnw> giving 'e' to the left-hand side yields the equality I need
[Fri Aug  8 17:49:28 2014] <cody__> http://pastebin.com/hHh1yJtK
[Fri Aug  8 17:50:14 2014] <cody__> that goal is weird
[Fri Aug  8 17:50:32 2014] <johnw> one sec, let me chew on this
[Fri Aug  8 17:50:37 2014] <cody__> it's strange to end up with an equality between propositions as a goal
[Fri Aug  8 17:51:30 2014] <johnw> I don't have surj_f in my context
[Fri Aug  8 17:51:32 2014] <johnw> here is what I have:
[Fri Aug  8 17:51:38 2014] <johnw> https://gist.github.com/8cdcd6aae521f0b42aa5
[Fri Aug  8 17:52:04 2014] <cody__> oh
[Fri Aug  8 17:52:09 2014] <johnw> i'm proving the other direction: given a surjective function, it is epi
[Fri Aug  8 17:52:09 2014] <cody__> that's not provable
[Fri Aug  8 17:52:12 2014] <johnw> oh?
[Fri Aug  8 17:52:21 2014] <cody__> it's false in some sense
[Fri Aug  8 17:52:27 2014] <cody__> surjective is really strong
[Fri Aug  8 17:52:31 2014] <cody__> more than epi
[Fri Aug  8 17:52:32 2014] <johnw> it's provable with propositional extensionality.... :)
[Fri Aug  8 17:52:46 2014] <cody__> it's true in SET
[Fri Aug  8 17:52:50 2014] <johnw> yes
[Fri Aug  8 17:52:54 2014] <johnw> I'm only proving it for Set
[Fri Aug  8 17:52:57 2014] <cody__> it's false in TOP
[Fri Aug  8 17:53:10 2014] <johnw> right, I've read about that in Awodey
[Fri Aug  8 17:53:10 2014] <cody__> in Coq, Sets behaves like TOP sometimes
[Fri Aug  8 17:53:14 2014] <johnw> oh?
[Fri Aug  8 17:53:34 2014] <cody__> intuitionistic logic is a bit closer to topolgy
[Fri Aug  8 17:53:52 2014] <cody__> but let me mull over it for a second
[Fri Aug  8 17:54:00 2014] <cody__> maybe i'm being stupid
[Fri Aug  8 17:54:08 2014] <vanila> cody__, isn't that the whole basis of topos theory?
[Fri Aug  8 17:54:32 2014] <cody__> one thing for sure: epi + mono -/-> iso
[Fri Aug  8 17:54:39 2014] <cody__> yea
[Fri Aug  8 17:55:12 2014] <cody__> basically, being a continuous bijection doesn't make you an isomorphism in TOP
[Fri Aug  8 17:55:22 2014] <cody__> which is the source of all weirdness
[Fri Aug  8 18:00:18 2014] <cody__> http://math.stackexchange.com/questions/81123/examples-of-categories-where-epimorphism-does-not-have-a-right-inverse-not-surj
[Fri Aug  8 18:00:27 2014] <cody__> this explains it better than I can
[Fri Aug  8 18:04:26 2014] <cody__> basically you need some form of the excluded middle
[Fri Aug  8 20:27:29 2014] <jgross> johnw: You can do it without that axiom if you only care about sets where you can decide whether or not an element is in the image of a function: https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/SetCategoryFacts.v?at=default#cl-120.  You can do it with univalence and higher inductive types (which give you a nicer form of propositional extensionality):
[Fri Aug  8 20:27:29 2014] <jgross> https://github.com/HoTT/HoTT/blob/402eacdd7d19132d2040bd8d1ddd6ca9253f78d6/theories/hit/epi.v#L60, although things will go wrong quickly without an impredicative hProp. You can also do it via pushouts and cones (also via higher inductive types and univalence): https://github.com/HoTT/HoTT/blob/master/theories/hit/epi.v#L163. You're not going to be able to avoid using axioms, except (maybe) by using setoids, or by restricting your attention to a
[Fri Aug  8 20:27:29 2014] <jgross> decidable subset. 
[Fri Aug  8 20:43:14 2014] <johnw> ok
[Fri Aug  8 20:43:17 2014] <johnw> i started out with setoids, but abandoned them to due to their added complexity and slowness
[Fri Aug  8 23:43:00 2014] <jgross> johnw: How attached are you to not using axioms?  If you're willing to use axioms whose computational interpretation is still being figured out, use higher inductive types, which give you all the benefit of setoids without any of the slowdown (by pushing the complexity into the metatheory). 
[Sat Aug  9 00:00:46 2014] <johnw> jgross: I'm certainly attracted to the idea of higher inductive types
[Sat Aug  9 00:00:49 2014] <johnw> if I keep hitting snags, I'll head that route
[Sat Aug  9 07:03:23 2014] <keep_learning> Hello all.
[Sat Aug  9 07:03:39 2014] <keep_learning> I am reading the second chapter of software foundation.
[Sat Aug  9 07:04:06 2014] <keep_learning> Could some one please give me the little hint about solving the theorem
[Sat Aug  9 07:04:12 2014] <keep_learning> m * n = n * m
[Sat Aug  9 07:04:32 2014] <keep_learning> One way I can thing of is destruct m
[Sat Aug  9 07:04:39 2014] <keep_learning> and follow both cases
[Sat Aug  9 07:06:07 2014] <keep_learning> first case is reflexivity
[Sat Aug  9 07:06:23 2014] <keep_learning> but I am stuck with S m' * n = n * S m'
[Sat Aug  9 07:46:17 2014] <hodapp> Induction.v, mult_comm?
[Sat Aug  9 07:49:07 2014] <keep_learning> Theorem mult_comm : ∀m n : nat,  m × n = n × m.
[Sat Aug  9 10:11:58 2014] <schoppenhauer> is it possible to give an explicit data type into which a coq datatype has to be extracted?
[Sat Aug  9 10:12:47 2014] <schoppenhauer> for example, I want to prove stuff about bytes. therefore, I want a vec 8 to extract to a Byte in Haskell, not a vector.
[Sat Aug  9 10:12:50 2014] <schoppenhauer> vec 8 bool
[Sat Aug  9 10:13:07 2014] <schoppenhauer> or vec bool 8, whatever ...
[Sat Aug  9 10:14:01 2014] <schoppenhauer> probably by giving explicit realizers for functions and constructors or so.
[Sat Aug  9 10:35:58 2014] <schoppenhauer> The problem I see is that bytes are fast to inc/dec, but also fast bitwise ops. and this cannot be directly mapped to coq.
[Sat Aug  9 10:58:29 2014] <schoppenhauer> hm. nobody here?
[Sat Aug  9 12:48:49 2014] <osa1> do we have a nth function in stdlib that takes a proof n < length l and removes default argument?
[Sat Aug  9 13:55:59 2014] <schoppenhauer> osa1: no, but there is nth_error.
[Sat Aug  9 13:56:11 2014] <schoppenhauer> and iirc there are lemmata about nth_error that say this.
[Sat Aug  9 13:56:14 2014] <schoppenhauer> so it is easy to build.
[Sat Aug  9 14:21:53 2014] <schoppenhauer> so ... anyone knows how to represent bytes?
[Sat Aug  9 15:03:01 2014] <schoppenhauer> ok. it would be helpful to have a possibility to extract nat to the native ints of haskell.
[Sat Aug  9 15:04:33 2014] <schoppenhauer> I found http://flint.cs.yale.edu/cs428/coq/doc/Reference-Manual021.html can I do Extract Inductive nat "int" ["0" "(1 +)"] ?
[Sat Aug  9 15:04:36 2014] <schoppenhauer> or something similar?
[Sat Aug  9 15:04:44 2014] <schoppenhauer> and give explicit realizers of *, /, etc.?
[Sat Aug  9 15:05:29 2014] <schoppenhauer> for the latter thing, I don't know how to do this. there is Extract Constant.
[Sat Aug  9 15:06:24 2014] <schoppenhauer> Would Extract Constant mult "'x" "'y" "'x * 'y"
[Sat Aug  9 15:06:43 2014] <schoppenhauer> work?
[Sat Aug  9 15:06:58 2014] <schoppenhauer> even though the multiplication is given as a function?
[Sat Aug  9 15:13:35 2014] <osa1> yay. I'm working on my first non-trivial correctness proof and I have two lemmas left (unless I need more lemmas to prove them) I had to define 13 lemmas in total
[Sat Aug  9 15:17:48 2014] <schoppenhauer> ah ok, according to http://www.seas.upenn.edu/~cis500/current/sf/Extraction.html
[Sat Aug  9 15:19:01 2014] <schoppenhauer> it worx
[Sat Aug  9 15:19:21 2014] <schoppenhauer> have to try it.
[Sat Aug  9 17:24:59 2014] <osa1> can anyone help me prove this http://lpaste.net/109134?
[Sat Aug  9 17:56:16 2014] <cody__> in general, to prove something about a function defined in terms of auxiliary functions, you need to prove an auxiliary lemma
[Sat Aug  9 17:56:38 2014] <cody__> in this case, you need to find some invariant for find_min_idx_aux
[Sat Aug  9 18:08:49 2014] <cody__> by the way, it would probably help a lot if member had an extra argument which gave the position
[Sat Aug  9 18:09:15 2014] <cody__> osa1
[Sat Aug  9 18:09:48 2014] <vanila> this is really hard to prove, it's not clear what kind of induction you should use
[Sat Aug  9 18:10:13 2014] <vanila> trying to prove things about find_min_idx_aux by induction on l doesn't seem to work
[Sat Aug  9 18:13:37 2014] <osa1> vanila: yeah. I tried induction on everything in that context.
[Sat Aug  9 18:13:46 2014] <osa1> I also tried induction on length l
[Sat Aug  9 18:14:00 2014] <vanila> I tried functional induction scheme but it doesn't seem to work either
[Sat Aug  9 18:14:17 2014] <vanila> i would rewrite the function so its easier to prove things about
[Sat Aug  9 18:15:01 2014] <vanila> its kind of bugging me though, this shouldn't be hard to prove things about...
[Sat Aug  9 18:15:05 2014] <osa1> I can change the aux one but other one should stay same
[Sat Aug  9 18:15:17 2014] <vanila> yeah, as cody said aux is the only one that matters
[Sat Aug  9 18:15:38 2014] <osa1> okay, so how can I make proving easier?
[Sat Aug  9 18:22:28 2014] <cody__> osa1: find the invariant you want to prove about aux
[Sat Aug  9 18:22:32 2014] <cody__> make it a lema
[Sat Aug  9 18:22:34 2014] <cody__> lemma
[Sat Aug  9 19:16:12 2014] <vanila> osa1, have you had any luck yet?
[Sat Aug  9 20:36:23 2014] <tautologico> I'm having trouble with recursion when defining a fixpoint
[Sat Aug  9 20:37:51 2014] <tautologico> I have a function f, in some cases a call f x is resolved to f (g y) where y is part of x and g does not increase the size of y, but coq does not recognize that this argument is decreasing.. is there any way to do that or do I have to try another approach?
[Sat Aug  9 20:40:16 2014] <vanila> coq just looks for structurally decreasing recursive calls
[Sat Aug  9 20:41:01 2014] <vanila> for something like this you might need to use mutual recursion with g, or if that's not the case use a well founded measure (proving that g y is smaller than x) or Equations which automates that stuff
[Sat Aug  9 20:41:35 2014] <tautologico> what's Equations?
[Sat Aug  9 20:44:48 2014] <tautologico> it's from the stdlib?
[Sat Aug  9 21:01:30 2014] <tautologico> I guess I'll have to try to use well-foundedness
[Sun Aug 10 01:01:04 2014] <johnw> trap_exit: welcemoe
[Sun Aug 10 01:01:16 2014] <trap_exit> johnw: did you also write git from the bottom up?
[Sun Aug 10 01:01:20 2014] <johnw> I did
[Sun Aug 10 01:01:27 2014] <trap_exit> let's talk git in #coq!
[Sun Aug 10 01:01:28 2014] <trap_exit> i'm kidding
[Sun Aug 10 01:01:32 2014] <johnw> haha
[Sun Aug 10 01:01:37 2014] <trap_exit> back to Coq, so dyou do you performance debug ltac ?
[Sun Aug 10 01:01:41 2014] <johnw> I do
[Sun Aug 10 01:01:42 2014] <trap_exit> I had problems with it in proof general
[Sun Aug 10 01:01:48 2014] <trap_exit> where it shows me how the ltac script does its work
[Sun Aug 10 01:01:49 2014] <johnw> when crush is really slow, I first think about my hint databases
[Sun Aug 10 01:01:52 2014] <trap_exit> but i found it useless
[Sun Aug 10 01:01:56 2014] <johnw> and whether I should be using Hint Immediate instead of Hint Resolve
[Sun Aug 10 01:02:11 2014] <johnw> plus, some rewrite rules should be in specific databases, and not fire generally
[Sun Aug 10 01:02:23 2014] <johnw> what key is that in PG?
[Sun Aug 10 01:02:54 2014] <trap_exit> I do not recall; I stopped using proof-general/ltac a while back
[Sun Aug 10 01:03:23 2014] <johnw> ah.  I spent 12 hours on Friday in PG
[Sun Aug 10 01:03:31 2014] <johnw> it's so hard to stop working on proofs
[Sun Aug 10 01:03:47 2014] <trap_exit> the 'video game' effect ?
[Sun Aug 10 01:03:50 2014] <johnw> yep
[Sun Aug 10 01:03:51 2014] <trap_exit> try working on this one:
[Sun Aug 10 01:04:14 2014] <trap_exit> forall a, b, c, n: a >= 2, b >= 2, c >= 2, n >= 3: a^n + b^n != c^n
[Sun Aug 10 01:04:15 2014] <johnw> whoever thought of color the background blue when you hit period was genius
[Sun Aug 10 01:04:24 2014] <johnw> hahaha
[Sun Aug 10 01:04:44 2014] <johnw> i recognize the lemma, but have forgotten the name
[Sun Aug 10 01:04:53 2014] <trap_exit> Fermat's Last Theorem
[Sun Aug 10 01:04:55 2014] <ijp> auto.
[Sun Aug 10 01:05:03 2014] <johnw> really_crush
[Sun Aug 10 01:05:13 2014] <trap_exit> skynet_crush
[Sun Aug 10 01:05:25 2014] <trap_exit> why is the color blue important?
[Sun Aug 10 01:05:39 2014] <johnw> it's just what he chose
[Sun Aug 10 01:05:46 2014] <johnw> the green Idris uses is way too bold
[Sun Aug 10 01:06:47 2014] <tautologico> coq is fast becoming my #1 choice for active procrastination
[Sun Aug 10 01:07:01 2014] <tautologico> I think it already has the spot
[Sun Aug 10 01:08:09 2014] <tautologico> can I have two modules that refer to each other, or is it like OCaml where there are no recursive modules?
[Sun Aug 10 01:08:15 2014] <trap_exit> what I hate most about Coq
[Sun Aug 10 01:08:26 2014] <trap_exit> is how it's changed my relationship with math
[Sun Aug 10 01:08:36 2014] <trap_exit> these days, I read math proofs, and I'm like "this is not formal enough"
[Sun Aug 10 01:08:38 2014] <trap_exit> "Coq would not accept this"
[Sun Aug 10 01:08:41 2014] <trap_exit> "crush would get stuck"
[Sun Aug 10 01:09:20 2014] <johnw> tautologico: I can't see how recursion would work
[Sun Aug 10 01:09:26 2014] <johnw> since order of declaration is significant
[Sun Aug 10 01:09:37 2014] <johnw> trap_exit: lol
[Sun Aug 10 01:09:47 2014] <johnw> trap_exit: mostly I think "this is not a constructive proof"
[Sun Aug 10 01:11:05 2014] <trap_exit> johnw: what are you using Coq for? intellectual interest, or actual development use?
[Sun Aug 10 01:11:15 2014] <johnw> I mentioned it in #haskell
[Sun Aug 10 01:11:26 2014] <johnw> I'm using it both for personal development in maths studies
[Sun Aug 10 01:11:31 2014] <johnw> and to formalize edwardk's hask library
[Sun Aug 10 05:29:18 2014] <osa1_> vanila: no luck. I can see several invariants about the aux function but none of them look useful to me. main problem is that induction hypothesis looks useless no matter what I do induction on in main function. (e.g. there's no way to move from inductive hypothesis to current goal)
[Sun Aug 10 05:30:01 2014] <osa1_> I guess I shouldn't be using induction on main function and focus on aux function instead.
[Sun Aug 10 05:54:04 2014] <roosbeef> nice
[Sun Aug 10 05:54:21 2014] <roosbeef> for some reason irc is blocked here but webchat works :)
[Sun Aug 10 05:59:27 2014] <roosbeef> brb
[Sun Aug 10 06:09:16 2014] <esennesh> hi, I'm trying to prove what ought be a downright trivial theorem.
[Sun Aug 10 06:09:30 2014] <esennesh> forall s, IdMapFacts.diff s (IdMap.empty type) = s
[Sun Aug 10 06:09:55 2014] <esennesh> Unfortunately, trying to actually prove it seems to blow up into some complicated thing involving functional extensionality and then gets stuck.
[Sun Aug 10 06:10:08 2014] <esennesh> Which trivial lemma from the standard library am I missing here?
[Sun Aug 10 06:16:26 2014] <esennesh> Where IdMapFacts and IdMap are just FMapWeakList and FMapFacts instances.
[Sun Aug 10 06:24:34 2014] <johnw> is there a way to say that once I've proven C^op^op = C for any category C, that Coq could apply this during type unification in order to know that C^op^op stands for C?
[Sun Aug 10 06:27:03 2014] <johnw> i wonder if Identity Coercion could do this, but it's telling me that Category must be a transparent constant (it's a typeclass)
[Sun Aug 10 06:51:35 2014] <schoppenhauer> is there a part in the standard library that calculates the binary representation of a nat (and proves stuff about it)?
[Sun Aug 10 06:51:54 2014] <schoppenhauer> I could write it myself, but if it was there ...
[Sun Aug 10 06:52:20 2014] <johnw> do you mean Coq.NArith.BinNat?
[Sun Aug 10 06:54:25 2014] <schoppenhauer> johnw: looks promising.
[Sun Aug 10 06:54:39 2014] <schoppenhauer> johnw: do you know how the function is called that transforms nat to BinNat?
[Sun Aug 10 06:55:24 2014] <johnw> SearchAbout for double -> nat
[Sun Aug 10 06:57:55 2014] <schoppenhauer> hm. there is to_nat.
[Sun Aug 10 06:57:57 2014] <schoppenhauer> and of_nat
[Sun Aug 10 08:24:01 2014] <roosbeef> how do i use let ... :=  ... in ...
[Sun Aug 10 08:24:06 2014] <roosbeef> when this is loaded
[Sun Aug 10 08:24:08 2014] <roosbeef> Notation            Scope      "x 'in' M" := member x M       : msets_scope                       (default interpretation)
[Sun Aug 10 08:24:25 2014] <esennesh> you might want to give it a lower priority in parsing, I would think.
[Sun Aug 10 08:24:53 2014] <roosbeef> is there another way?
[Sun Aug 10 08:25:00 2014] <roosbeef> its from a library
[Sun Aug 10 08:25:15 2014] <roosbeef> i have this definition https://privatepaste.com/d57796632e
[Sun Aug 10 08:25:32 2014] <roosbeef> but Coq tells me Syntax error: 'in' expected after [constr:operconstr level 200] (in [constr:binder_constr]).
[Sun Aug 10 08:25:46 2014] <roosbeef> im guessing it has something to do with msets_scope
[Sun Aug 10 08:25:57 2014] <roosbeef> because Coq does accept the definition before Multisets are loaded
[Sun Aug 10 08:27:38 2014] <roosbeef> isnt there a way to disambiguate the statement?
[Sun Aug 10 08:28:11 2014] <roosbeef> or maybe i can close the scope temporarily? Ive tried Close Scope msets_scope. but to no avail
[Sun Aug 10 08:39:29 2014] <roosbeef> Notation "x 'in' M" := (member x M) (at level 10) : msets_scope.
[Sun Aug 10 08:40:13 2014] <roosbeef> its defined at level 10, thats very low right? I dont get it
[Sun Aug 10 08:41:24 2014] <vanila> Unset Notation
[Sun Aug 10 08:42:26 2014] <vanila> oh that's only for priting, that wont help
[Sun Aug 10 08:43:23 2014] <vanila> oh you tried Close Scope sets_scope.
[Sun Aug 10 08:43:40 2014] <roosbeef> vanila: doesnt work, same thing
[Sun Aug 10 08:43:41 2014] <vanila> Locate "in"
[Sun Aug 10 08:43:47 2014] <vanila> is it part of other scopes
[Sun Aug 10 08:45:20 2014] <roosbeef> nope, just msets_scope
[Sun Aug 10 08:45:45 2014] <roosbeef> CoqIDE doesnt give any feedback when i do Close Scope msets_scope. but i did do it
[Sun Aug 10 08:53:09 2014] <roosbeef> sorry my wifi connection dropped
[Sun Aug 10 08:53:14 2014] <roosbeef> did i miss anything?
[Sun Aug 10 09:14:14 2014] <esennesh> Near-victory!  I've at least proved: IdMap.Equal s (subst_diff empty_subst s).
[Sun Aug 10 09:14:38 2014] <esennesh> Now if I can prove this implies Leibniz equality when the key type is a UsualDecidableType...
[Sun Aug 10 09:34:07 2014] <roosbeef> haha i cant even do Eval compute in 2 + 2. anymore
[Sun Aug 10 09:37:55 2014] <esennesh> And I proceeded to find absolutely no way to strengthen that theorem given my knowledge that it's Leibniz equality on everything.
[Sun Aug 10 09:38:03 2014] <esennesh> So I just gave up and declared success with a weaker theorem.
[Sun Aug 10 10:24:23 2014] <roosbeef_> if i dont respond to any suggestions, its probably because my laptop lost the wifi signal..
[Sun Aug 10 16:06:05 2014] <osa1> vanila: I still can't prove my lemma
[Sun Aug 10 16:06:09 2014] <osa1> vanila: any tips? :-)
[Sun Aug 10 16:19:02 2014] <vanila> http://lpaste.net/109177
[Sun Aug 10 16:19:05 2014] <vanila> here's a round-about approach
[Sun Aug 10 16:19:29 2014] <vanila> it's difficult to prove things about a function that returns list indexes (i can say why if you want)
[Sun Aug 10 16:20:06 2014] <vanila> so idea: Write the min function normally, prove it correct and then write a version that returns indices and relate the two - carry correctness across that relation
[Sun Aug 10 16:20:54 2014] <osa1> why it's difficult to prove about functions that return list indexes?
[Sun Aug 10 16:24:07 2014] <vanila> it's hard because the specification of the function requires correctness of recursive calls - but the recursive calls depend on being part way through a list.. If you try to give a specification that accounts for being part way through a list you might be able to complete the proof but it's difficult to come up with
[Sun Aug 10 17:05:31 2014] <schoppenhauer> hm ... I guess I asked this before, but ... are there state monads or something like that in coq?
[Sun Aug 10 17:05:46 2014] <schoppenhauer> or anything else to enforce stateful operation?
[Sun Aug 10 17:06:09 2014] <schoppenhauer> state monads would be good, they can be extracted to haskell directly
[Sun Aug 10 17:13:59 2014] <gdsfh> schoppenhauer: just state monad, for example.  https://bitbucket.org/gds/coq-practical-monads/src .  But don't think you'll like it.
[Sun Aug 10 17:26:52 2014] <vanila> it looks like SF doesn't work with the latest coq (from git)
[Sun Aug 10 17:37:23 2014] <cody__> osa1, vanila: I think i've got it
[Sun Aug 10 17:37:58 2014] <cody__> the trick is to define a min_list predicate of type list A -> A -> nat -> Prop
[Sun Aug 10 17:38:37 2014] <vanila> cool! Good luck, i'd like to see if you complete it
[Sun Aug 10 17:38:45 2014] <vanila> I managed to get SF to build, but I had to change some pattern matches
[Sun Aug 10 17:39:54 2014] <cody__> I've managed to prove the appropriate invariant
[Sun Aug 10 17:40:00 2014] <cody__> all i have to do is tie up the knots
[Sun Aug 10 17:41:41 2014] <osa1> cody__: can you share?
[Sun Aug 10 17:41:56 2014] <cody__> yea give me a minute to prove the main theorem
[Sun Aug 10 18:01:25 2014] <osa1> cody__: any news?
[Sun Aug 10 18:03:03 2014] <schoppenhauer> gdsfh: hm. the main reason I ask this is since the best possibility to solve a certain problem I have is by using an array. I can make sure that the changes to this array are sequential. But it is still necessary to have an array.
[Sun Aug 10 18:03:35 2014] <schoppenhauer> gdsfh: and since I want to run the code afterwards, I want it to be extractable.
[Sun Aug 10 18:06:19 2014] <schoppenhauer> gdsfh: in fact, if I just used a function with many arguments, the usual tco of haskell et al whould apply.
[Sun Aug 10 18:12:30 2014] <schoppenhauer> gdsfh: but I'd guess that I can give explicit extraction commands for bind et al. so this looks promising, thx!
[Sun Aug 10 18:12:58 2014] <cody__> um
[Sun Aug 10 18:13:12 2014] <cody__> osa1: it's a bit more tedious than expected
[Sun Aug 10 18:13:20 2014] <cody__> as can be expected :)
[Sun Aug 10 18:13:35 2014] <cody__> just give me another minute
[Sun Aug 10 18:14:01 2014] <osa1> sure :-)
[Sun Aug 10 18:18:12 2014] <schoppenhauer> gdsfh: hm. what is the MonadRecord.v good for?
[Sun Aug 10 19:10:24 2014] <cody__> osa1: ok finally done
[Sun Aug 10 19:11:31 2014] <cody__> http://pastebin.com/ea1C9gsC
[Sun Aug 10 19:11:35 2014] <cody__> reaaaly ugly though
[Sun Aug 10 19:11:40 2014] <cody__> there's got to be a better way
[Sun Aug 10 19:12:54 2014] <cody__> I made some small changes to the code btw
[Sun Aug 10 19:13:07 2014] <cody__> it returns a Some instead of defaulting to 0
[Sun Aug 10 19:36:18 2014] <johnw> cody__: do you know much about parametric relations?
[Sun Aug 10 19:37:01 2014] <johnw> cody__: the Hoare logic chapter in SF is basically proving things about a state monad, although I'm not sure if they introduce monads
[Sun Aug 10 19:39:17 2014] <johnw> I want to define Isomorphism as an equivalence relation, so that setoid_rewrite will let me use isomorphisms in my context as if they were equalities
[Sun Aug 10 19:39:46 2014] <johnw> I wrote the Parametric Relation, but when I try to use it I get:
[Sun Aug 10 19:39:51 2014] <johnw> https://gist.github.com/39c05b708a558abdace8
[Sun Aug 10 19:39:58 2014] <johnw> so it feels like I'm missing an instance of something
[Sun Aug 10 19:41:06 2014] <johnw> ah, Proper it would esem
[Sun Aug 10 19:58:10 2014] <ijp> is there a common name for the function "split" where split f g (a,b) = (f a , g b) ?
[Sun Aug 10 20:10:01 2014] <cody__> johnw: did you work it out?
[Sun Aug 10 20:10:15 2014] <johnw> almost there
[Sun Aug 10 20:10:24 2014] <johnw> i'm defining a Proper instance for eq_iso right now
[Sun Aug 10 20:10:56 2014] <cody__> I have a small example of parametric morphisms but i'm not sure it will help
[Sun Aug 10 20:11:19 2014] <cody__> http://www.andrew.cmu.edu/user/croux/coq/monoid_nbe.html
[Sun Aug 10 20:11:54 2014] <johnw> what's the difference between Add Relation and Add Parametric Relation?
[Sun Aug 10 20:12:48 2014] <cody__> I think Add Parametric Relation is more verbose but more expressive
[Sun Aug 10 20:14:10 2014] <cody__> http://coq.inria.fr/V8.2pl1/refman/Reference-Manual030.html#toc157
[Sun Aug 10 20:14:53 2014] <cody__> you're going to need parametric relation though probably
[Sun Aug 10 21:08:05 2014] <johnw> cody__: still no go yet: https://github.com/jwiegley/category-theory/blob/master/Category.v#L350
[Sun Aug 10 21:09:50 2014] <cody__> johnw: what is proper?
[Sun Aug 10 21:10:00 2014] <johnw> to be honest, I don't really know
[Sun Aug 10 21:26:09 2014] <cody__> by the way, what you're doing isn't trivial
[Sun Aug 10 21:26:21 2014] <cody__> it's basically the first level of univalence
[Sun Aug 10 21:26:38 2014] <johnw> right
[Sun Aug 10 21:26:47 2014] <johnw> and if I can make it inductive, I get infinity-groupoids?
[Sun Aug 10 23:04:55 2014] <cody__> pretty much
[Sun Aug 10 23:05:03 2014] <cody__> logging out
[Mon Aug 11 00:12:00 2014] <ijp> is there some syntactic extension for "exists (some, pair)"?
[Mon Aug 11 00:12:37 2014] <johnw> you mean { some | pair }?
[Mon Aug 11 00:12:58 2014] <johnw> or do you mean inhabited (some * pair)?
[Mon Aug 11 00:13:10 2014] <ijp> the latter
[Mon Aug 11 00:13:21 2014] <johnw> there is "inhabited"
[Mon Aug 11 00:14:02 2014] <ijp> johnw: can you point me to some documentation?
[Mon Aug 11 00:14:12 2014] <johnw> http://coq.inria.fr/library/Coq.Init.Logic.html
[Mon Aug 11 00:14:17 2014] <johnw> search for "Being inhabited"
[Mon Aug 11 00:14:38 2014] <johnw> it's a fairly weak notion, I think, in that unlike the sigma it doesn't give you the witness
[Mon Aug 11 00:16:05 2014] <ijp> I'll keep a note of it, thanks
[Mon Aug 11 02:54:07 2014] <gdsfh> schoppenhauer: (sorry for late answer, I was sleeping)  MonadRecord -- for working with monads and their laws that are first-class values; modules are not first-class values in Coq.  Don't remember though, where and how it was used.  As for your arrays, I don't know what would be the best solution..
[Mon Aug 11 06:08:18 2014] <osa1> I have a function that returns Some for (h :: t) and None for [] and I have a hypothesis saying that f (n :: n0 :: t) = None. is there an easy way to eliminate this case?
[Mon Aug 11 06:11:54 2014] <Cypi> osa1 : doesn't inversion takes care of this? :o
[Mon Aug 11 06:22:04 2014] <osa1> Cypi: I guess it could but in case of (h :: t) there are further pattern matchings and function calls going so it's still a lot more work than just simple destruct l + inversion. I need to keep destructing to prove all the nested pattern matchings.
[Mon Aug 11 06:23:14 2014] <Cypi> If just [simpl] isn't enough to simplify [f (n :: n0 :: t)] to [Some _], then maybe should prove this in a separate lemma?
[Mon Aug 11 06:23:21 2014] <Cypi> +you
[Mon Aug 11 06:24:15 2014] <osa1> yeah I did just that while waiting for answers :-) I was expecting a smart tactic that further destructs and uses inversion automatically to prove that result is in the form of Some _.
[Mon Aug 11 06:25:04 2014] <Cypi> I don't believe a lot of tactics will attempt to destruct things by themselves.
[Mon Aug 11 08:01:11 2014] <osa1> wow. assert _ by _ and replace _ by _ are really useful.
[Mon Aug 11 08:01:45 2014] <osa1> I was doing that manually: assert (_ = _) as eq; omega or auto; rewrite <- eq in _; clear eq.
[Mon Aug 11 15:21:27 2014] <johnw> instead of clear H, is there a way to just say "keep H in the context, but don't show it?"
[Mon Aug 11 15:23:22 2014] <ianjneu> Doubtful
[Mon Aug 11 16:05:39 2014] <Ptival> johnw: I wished
[Mon Aug 11 16:12:00 2014] <johnw> osa1: and sometimes replace can achieve things that assert+rewrite can't; I ran into that just now
[Mon Aug 11 18:10:47 2014] <osa1> so I'm still working on my find_min_correct lemma
[Mon Aug 11 18:12:08 2014] <osa1> I currently have two solutions but neither of them written by me and I don't understand how they work. so I'm trying to derive it.
[Mon Aug 11 18:12:45 2014] <osa1> I think I understand what's wrong with working on indexes. I tried a different version(find_min which returns minimum element instead of index of minimum element) and proving it correct was almost trivial.
[Mon Aug 11 18:13:35 2014] <osa1> but I can't prove `nth (find_min_idx l) l 0 = find_min l` so I'm still stuck.
[Mon Aug 11 18:18:55 2014] <jrw> osa1: how can I help?
[Mon Aug 11 18:23:33 2014] <osa1> jrw: this is the lemma I'm trying to prove http://lpaste.net/109212
[Mon Aug 11 18:23:49 2014] <osa1> jrw: and I'm clueless
[Mon Aug 11 18:24:34 2014] <osa1> jrw: basically, induction doesn't work and I need a different approach but I don't know what
[Mon Aug 11 18:26:55 2014] <jrw> osa1: okay, one sec while I look at it.
[Mon Aug 11 18:30:22 2014] <jrw> osa1: again, you'll need some fact about the aux function that will be proved by induction
[Mon Aug 11 18:31:00 2014] <jrw> whenever you have this situation where one function is defined using a helper, and that helper is the actually recursive part, and you want to prove something about the function, you'll pretty much always need a lemma about the helper
[Mon Aug 11 18:31:32 2014] <jrw> and it's not always completely obvious what the helper lemma should be
[Mon Aug 11 18:32:29 2014] <osa1> jrw: yeah and that's the problem. I know I need to prove something about the aux one but after an unfold is that what I'm doing already?
[Mon Aug 11 18:33:11 2014] <jrw> osa1: no, because by just unfolding you haven't generalized the extra arguments
[Mon Aug 11 18:33:20 2014] <jrw> I prefer to state the aux lemma separately
[Mon Aug 11 18:33:25 2014] <jrw> it is clearer and easier, I find.
[Mon Aug 11 18:33:32 2014] <osa1> hm
[Mon Aug 11 18:51:42 2014] <jrw> osa1: how's it going?
[Mon Aug 11 18:57:18 2014] <osa1> jrw: not great. trying to figure out what invariant would help me.
[Mon Aug 11 18:59:07 2014] <jrw> osa1: okay, so you have your end goal of proving this fact about find_min_idx. if you're stuck on the helper lemma, try copy-pasting the fact you want to prove and doing the unfold manually. try to prove that by induction. you'll get stuck somewhere along the line probably. how exactly you get stuck will help you figure out what stronger invariant you need.
[Mon Aug 11 19:08:16 2014] <osa1> jrw: okay. I'll need to find what helper lemma to use first.
[Mon Aug 11 19:08:41 2014] <jrw> osa1: I'm suggesting a way to get started on figuring that out.
[Mon Aug 11 19:09:07 2014] <jrw> copy paste the end goal lemma and do the unfold manually and proceed by induction
[Tue Aug 12 00:47:24 2014] <johnw> if I have an equal between two records of N fields, so {| ... |} = {| ... |}, how can I break it apart so that I now have to prove N goals?
[Tue Aug 12 00:47:46 2014] <johnw> trying to apply f_equal3 wants all the fields to match
[Tue Aug 12 01:42:59 2014] <jrw> osa1_: ping
[Tue Aug 12 03:10:01 2014] <jrw> osa1_: I made you a pset :) http://lpaste.net/109225
[Tue Aug 12 03:10:03 2014] <gdsfh> hello.  I'm stuck, help please.  I have relation (inductive type) with transitivity case, and I can't prove something about it: http://pastebin.com/HrLWUWDC (it's not a real case, I've simplified it to nats).
[Tue Aug 12 03:16:13 2014] <jrw> gdsfh: you need to use induction
[Tue Aug 12 03:16:29 2014] <jrw> you also need to generalize the 0 to a variable before inducting
[Tue Aug 12 03:16:36 2014] <gdsfh> jrw: induction on which term?
[Tue Aug 12 03:16:47 2014] <jrw> gdsfh: on the my_le hypothesis
[Tue Aug 12 03:21:15 2014] <gdsfh> jrw: how to generalize 0?
[Tue Aug 12 03:21:39 2014] <jrw> gdsfh: you can either use the "remember" tactic, or restate the goal. I prefer to restate things.
[Tue Aug 12 03:23:12 2014] <jrw> gdsfh: http://lpaste.net/109227
[Tue Aug 12 03:27:49 2014] <gdsfh> jrw: thank you!  What was your intuition here?  (how you found out what is the correct way to prove it?)
[Tue Aug 12 03:38:11 2014] <jrw> gdsfh: good question. the short answer is that any time you have a transitivity rule like that, you'll need to prove everything by inudction on the derivation.
[Tue Aug 12 03:38:34 2014] <jrw> because the recursive cases in transitivity don't decrease the nat
[Tue Aug 12 03:38:45 2014] <jrw> so induction on any of the parameters/indices won't work
[Tue Aug 12 03:39:36 2014] <johnw> can I "downgrade" a pi-type to a function type?
[Tue Aug 12 03:45:44 2014] <elarnon> johnw: what do you mean ?
[Tue Aug 12 03:46:12 2014] <gdsfh> jrw: good answer :)  thanks!
[Tue Aug 12 03:46:47 2014] <jrw> np
[Tue Aug 12 03:50:30 2014] <elarnon> coq doesn't make any difference between a pi type w/o dependencies and a function type afaik (see e.g. [Check eq_refl : (forall x:nat, nat) = (nat -> nat)])
[Tue Aug 12 04:44:26 2014] <jgross> johnw: prove f_equalN to prove an equality between two records of N fields.  See https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/FEqualDep.v?at=default for versions that let you handle dependent records (f_equalN_JMeq), by assuming K (rather, the equivalent, JMeq_eq).  If some of your fields are hProps, (are proof irrelevant), you can classify the path space of your record; see
[Tue Aug 12 04:44:26 2014] <jgross> https://github.com/HoTT/HoTT/blob/master/theories/categories/Functor/Paths.v#L100 
[Tue Aug 12 04:45:26 2014] <jgross> johnw: In trunk, -> is just a notation for forall: https://github.com/coq/coq/blob/trunk/theories/Init/Logic.v#L13 
[Tue Aug 12 05:33:08 2014] <osa1> jrw: wow that's really helpful. thanks. I was sleeping and just saw that.
[Tue Aug 12 07:00:43 2014] <vanila> newtype ListT m a = ListT (m (Maybe (a, ListT m a)))
[Tue Aug 12 07:00:48 2014] <vanila> How would I define this in Coq?
[Tue Aug 12 07:00:54 2014] <vanila> Inductive ListT (m : Type -> Type) (a : Type) : Type :=
[Tue Aug 12 07:00:54 2014] <vanila> | listT : m (option (a * ListT m a)) -> ListT m a.
[Tue Aug 12 07:00:56 2014] <vanila> was my first attempt
[Tue Aug 12 07:00:59 2014] <vanila> but it says
[Tue Aug 12 07:01:02 2014] <vanila> Error: Non strictly positive occurrence of "ListT" in
[Tue Aug 12 07:01:02 2014] <vanila>  "m (option (a * ListT m a)) -> ListT m a".
[Tue Aug 12 07:06:47 2014] <vanila> https://github.com/nikita-volkov/list-t/blob/master/library/ListT.hs would like to prove this correct
[Tue Aug 12 08:06:06 2014] <Rc43> Hello!
[Tue Aug 12 08:06:20 2014] <vanila> hiya
[Tue Aug 12 08:06:45 2014] <Rc43> Is it possible to define mutually recursive lemmas?
[Tue Aug 12 08:06:46 2014] <Rc43> I.e. to define them via tactics.
[Tue Aug 12 08:07:15 2014] <Rc43> Like "Lemma f (n : nat) : .... . exact (...). Defined with Lemma g (n : nat) : ... ."
[Tue Aug 12 08:07:49 2014] <vanila> yes
[Tue Aug 12 08:08:28 2014] <vanila> "with" is the keyword for that
[Tue Aug 12 08:09:35 2014] <Rc43> vanila, yep, but how to insert tactics? I know that it is possible in fresh Coq versions, but I am on 8.4pl3.
[Tue Aug 12 08:09:48 2014] <vanila> i think that you specify both lemmas, then do the proofs
[Tue Aug 12 08:11:56 2014] <Rc43> vanila, I can't manage to do it =/
[Tue Aug 12 08:18:00 2014] <Rc43> I can use "Program" extension though.
[Tue Aug 12 08:19:39 2014] <vanila> I'm sure you can do this without program
[Tue Aug 12 10:32:21 2014] <roosbeef> Syntax error: 'in' expected after [constr:operconstr level 200] (in [constr:binder_constr]).
[Tue Aug 12 10:33:13 2014] <roosbeef> Notation "x 'in' M" := (member x M) (at level 10) : msets_scope.
[Tue Aug 12 10:33:46 2014] <roosbeef> (in https://privatepaste.com/2c39647ca3)
[Tue Aug 12 10:34:12 2014] <roosbeef> how can i make Coq disregard the Notation and instead use let ... := ... in ...
[Tue Aug 12 10:34:13 2014] <roosbeef> ?
[Tue Aug 12 10:36:23 2014] <alkabetz> [Local Close Scope msets_scope]?
[Tue Aug 12 10:37:36 2014] <roosbeef> didnt help
[Tue Aug 12 10:37:47 2014] <alkabetz> Can you paste the full file?
[Tue Aug 12 10:37:55 2014] <vanila> edit the library that makes this bad notation
[Tue Aug 12 10:37:55 2014] <roosbeef> well..
[Tue Aug 12 10:38:05 2014] <roosbeef> i could but you would have to have CoLoR installed
[Tue Aug 12 10:38:17 2014] <roosbeef> vanila, i cant modify the library
[Tue Aug 12 10:38:29 2014] <vanila> use a older version of coq
[Tue Aug 12 10:38:31 2014] <alkabetz> I don’t think that’s the right approach.  The notation is defined in [msets_scope], so the right approach is to hide that scope.
[Tue Aug 12 10:38:42 2014] <alkabetz> roosbeef: I just want to see the whole code, not run it
[Tue Aug 12 10:39:36 2014] <alkabetz> Like, I’d like to see what you’re importing
[Tue Aug 12 10:39:56 2014] <alkabetz> Alternatively, what’s the output of [Print Visibility] right before your [Fixpoint]?
[Tue Aug 12 10:40:06 2014] <roosbeef> http://coq.inria.fr/pylons/contribs/files/CoLoR/v8.4/CoLoR.Util.Multiset.MultisetTheory.html
[Tue Aug 12 10:40:42 2014] <roosbeef> https://privatepaste.com/aac27c0d4c
[Tue Aug 12 10:41:43 2014] <roosbeef> hm
[Tue Aug 12 10:41:46 2014] <alkabetz> Huh, weird
[Tue Aug 12 10:41:53 2014] <roosbeef> somehow its removed by that command you suggested
[Tue Aug 12 10:42:04 2014] <roosbeef> <alkabetz> [Local Close Scope msets_scope]?
[Tue Aug 12 10:42:07 2014] <alkabetz> Yeah.
[Tue Aug 12 10:42:15 2014] <alkabetz> Are you familiar with notation scopes in Coq?
[Tue Aug 12 10:42:17 2014] <roosbeef> but Coq gives the same complaint
[Tue Aug 12 10:42:23 2014] <alkabetz> Oh, wait, what?
[Tue Aug 12 10:42:26 2014] <alkabetz> Uhh
[Tue Aug 12 10:42:43 2014] <alkabetz> Are you using Proof General?  This might be a good time to restart Proof General. :)
[Tue Aug 12 10:42:56 2014] <alkabetz> Or C-r your buffer and reload it
[Tue Aug 12 10:42:57 2014] <roosbeef> nah CoqIDE
[Tue Aug 12 10:43:01 2014] <alkabetz> Huh, weird
[Tue Aug 12 10:43:15 2014] <alkabetz> And you pu the [Close Scope] above the [Fixpoint]?
[Tue Aug 12 10:43:18 2014] <alkabetz> *put
[Tue Aug 12 10:43:37 2014] <roosbeef> yes
[Tue Aug 12 10:43:56 2014] <roosbeef> the scope comes from a module
[Tue Aug 12 10:44:07 2014] <roosbeef> does that matter?
[Tue Aug 12 10:44:15 2014] <alkabetz> It shouldn’t …
[Tue Aug 12 10:44:38 2014] <roosbeef> it works before this line and not after: Module Export FL_MSetTheory := MultisetTheory.Multiset FL_MSetCore.
[Tue Aug 12 10:45:32 2014] <alkabetz> You should be able to put that [Local Close Scope] after the [Module Export] command to make that scope disappear.
[Tue Aug 12 10:46:02 2014] <roosbeef> are there alternative ways to close it?
[Tue Aug 12 10:46:46 2014] <alkabetz> Not that I’m aware of.
[Tue Aug 12 10:46:56 2014] <alkabetz> Oh, wait, is this crossing a section boundary or something like that?
[Tue Aug 12 10:47:04 2014] <roosbeef> ah yea i guess it is
[Tue Aug 12 10:47:12 2014] <roosbeef> yes
[Tue Aug 12 10:47:26 2014] <alkabetz> I forget if notations get reset when you exit a section …
[Tue Aug 12 10:47:36 2014] <roosbeef> well
[Tue Aug 12 10:47:38 2014] <roosbeef> the module is loaded
[Tue Aug 12 10:47:44 2014] <roosbeef> and then a new section is opened
[Tue Aug 12 10:48:05 2014] <alkabetz> Oh, okay
[Tue Aug 12 10:48:09 2014] <alkabetz> That shouldn’t be an issue, then
[Tue Aug 12 10:48:14 2014] <alkabetz> Scopes only get reset when you exit a section
[Tue Aug 12 10:49:23 2014] <roosbeef> so how can the notation not be in Print Visibility
[Tue Aug 12 10:49:34 2014] <roosbeef> but still be found when doing Locate "in".
[Tue Aug 12 10:49:54 2014] <alkabetz> That means the notation exists but is not visible.
[Tue Aug 12 10:50:00 2014] <alkabetz> That sounds like expected behaviour.
[Tue Aug 12 10:50:20 2014] <roosbeef> why is there a difference between existing and being visible
[Tue Aug 12 10:50:31 2014] <alkabetz> Being visible means it’s in a currently-open notation scope
[Tue Aug 12 10:50:45 2014] <alkabetz> Existing means that it’s been defined and can be used, e.g., in a scope-delimited block
[Tue Aug 12 10:50:46 2014] <roosbeef> isnt there some prefix i can use
[Tue Aug 12 10:50:49 2014] <alkabetz> Suffix, yeah
[Tue Aug 12 10:50:52 2014] <roosbeef> so that Coq interprets in to mean something else?
[Tue Aug 12 10:51:20 2014] <alkabetz> Sure, you can define a notation to make [in] mean whatever you want
[Tue Aug 12 10:51:27 2014] <alkabetz> And then put that in a scope-delimited block
[Tue Aug 12 10:51:58 2014] <roosbeef> a scope-delimited block?
[Tue Aug 12 10:52:27 2014] <alkabetz> Something like (3 + 5)%nat
[Tue Aug 12 10:52:44 2014] <roosbeef> yea exactly
[Tue Aug 12 10:52:51 2014] <roosbeef> so in%normal
[Tue Aug 12 10:52:54 2014] <roosbeef> or something like that?
[Tue Aug 12 10:53:15 2014] <alkabetz> I don’t know if there’s a key for ‘don’t use any custom scopes’
[Tue Aug 12 10:54:54 2014] <alkabetz> Oh, wait, hang on, I can reproduce
[Tue Aug 12 10:54:58 2014] <alkabetz> This is really weird
[Tue Aug 12 10:57:22 2014] <roosbeef> it is right
[Tue Aug 12 10:57:26 2014] <roosbeef> :\
[Tue Aug 12 11:00:03 2014] <alkabetz> Okay, I talked with a postdoc in my office, and he figured it out
[Tue Aug 12 11:00:19 2014] <alkabetz> When a notation exists, even if it is not in scope, it defines a parser rule for it
[Tue Aug 12 11:00:45 2014] <alkabetz> So just by virtue of the fact that the [in] notation exists in CoLoR, Coq tries to parse [in] as part of the notation
[Tue Aug 12 11:00:49 2014] <alkabetz> Does that make sense?
[Tue Aug 12 11:01:21 2014] <alkabetz> The kind-of-unsatisfactory solution we came up with for this is to not [Import] the module, but just [Require] it
[Tue Aug 12 11:01:39 2014] <alkabetz> And then if you need to re-export or something, [Export] it at the end of the module, after you no longer need to use [let]
[Tue Aug 12 11:01:39 2014] <roosbeef> let me try that
[Tue Aug 12 11:01:51 2014] <alkabetz> But we both agree this is a really awful design decision on the CoLoR devs’ part
[Tue Aug 12 11:01:56 2014] <alkabetz> Maybe things are better in trunk?
[Tue Aug 12 11:02:07 2014] <roosbeef> yea it would be nice if they had used inn or something :p
[Tue Aug 12 11:02:22 2014] <alkabetz> But in the meantime, somebody probably ought to file a bug against CoLoR
[Tue Aug 12 11:02:42 2014] <roosbeef> so use [Import CoLoR.Util.Multiset.MultisetTheory.]?
[Tue Aug 12 11:02:50 2014] <alkabetz> Use [Require], not [Import]
[Tue Aug 12 11:02:54 2014] <roosbeef> ah
[Tue Aug 12 11:03:25 2014] <roosbeef> that doesnt work
[Tue Aug 12 11:03:34 2014] <alkabetz> In what way?
[Tue Aug 12 11:03:45 2014] <alkabetz> Like, it still breaks the parser?
[Tue Aug 12 11:03:49 2014] <roosbeef> no wait it does
[Tue Aug 12 11:03:50 2014] <roosbeef> my bad
[Tue Aug 12 11:03:53 2014] <alkabetz> Okay. :)
[Tue Aug 12 11:04:27 2014] <roosbeef> ok so i only Required it
[Tue Aug 12 11:04:54 2014] <roosbeef> what do you mean by <alkabetz> And then if you need to re-export or something, [Export] it at the end of the module, after you no longer need to use [let]
[Tue Aug 12 11:09:05 2014] <alkabetz> So, say you’re wrapping a module M.
[Tue Aug 12 11:09:28 2014] <roosbeef> wrapping a module?
[Tue Aug 12 11:09:29 2014] <alkabetz> Normally, the way you do this is by saying [Require Export M] at the top of your file
[Tue Aug 12 11:09:32 2014] <alkabetz> Oh, uh
[Tue Aug 12 11:09:41 2014] <alkabetz> Here, hang on, let me write up a quick example.
[Tue Aug 12 11:09:49 2014] <roosbeef> ok
[Tue Aug 12 11:15:08 2014] <alkabetz> … and now I discover I don’t actually understand the Coq module system as well as I thought I did.
[Tue Aug 12 11:15:52 2014] <roosbeef> :p
[Tue Aug 12 11:15:55 2014] <alkabetz> I think I understand things now, but I’m sufficiently shaky that I don’t want to lie to you.
[Tue Aug 12 11:16:05 2014] <alkabetz> Plus, I think this is probably enough of an edge case that you’re not going to need to worry about it.
[Tue Aug 12 11:16:39 2014] <roosbeef> whats an edge case?
[Tue Aug 12 11:16:55 2014] <alkabetz> A weird use case that doesn’t appear in real code very often.
[Tue Aug 12 11:17:05 2014] <alkabetz> We both should probably (re)read http://coq.inria.fr/refman/Reference-Manual004.html#section%3AModules at some point, but for the time being, I think you should just forge ahead.
[Tue Aug 12 11:18:07 2014] <alkabetz> Anyway, I’ve got to head out for a bit, but I’m glad we figured out the [Notation] thing.  Good luck!
[Tue Aug 12 11:18:08 2014] <roosbeef> yea i guess i could do without let ... := ... in ...
[Tue Aug 12 11:18:24 2014] <roosbeef> alkabetz, thanks a lot! Ill think of something :)
[Tue Aug 12 11:18:44 2014] <alkabetz> Oh, wait
[Tue Aug 12 11:18:49 2014] <alkabetz> I think I didn’t make myself quite clear.
[Tue Aug 12 11:19:05 2014] <alkabetz> I’m very confident that [Require], rather than [Import], will fix the issue with the notation.
[Tue Aug 12 11:19:27 2014] <alkabetz> I’m not sure about exactly when you should be using [Export], but like I said, I don’t think it’s going to be an issue in your code right now.
[Tue Aug 12 11:19:55 2014] <roosbeef> ok then i dont understand
[Tue Aug 12 11:20:07 2014] <roosbeef> but dont worry about it :p
[Tue Aug 12 11:20:15 2014] <alkabetz> No, no, let’s fix this. :)
[Tue Aug 12 11:20:26 2014] <roosbeef> i need to open that module right
[Tue Aug 12 11:20:29 2014] <roosbeef> to start using it
[Tue Aug 12 11:20:33 2014] <roosbeef> open/Export
[Tue Aug 12 11:20:36 2014] <alkabetz> No.
[Tue Aug 12 11:20:41 2014] <alkabetz> You need only [Require] it.
[Tue Aug 12 11:20:51 2014] <roosbeef> no because it uses other modules
[Tue Aug 12 11:21:13 2014] <alkabetz> Okay, hold on.
[Tue Aug 12 11:21:16 2014] <alkabetz> We need to slow down a bit.
[Tue Aug 12 11:21:18 2014] <roosbeef> https://privatepaste.com/e64603157b
[Tue Aug 12 11:21:26 2014] <alkabetz> You want to use CoLoR.Util.Multiset.MultisetTheory, correct?
[Tue Aug 12 11:21:33 2014] <alkabetz> Ah, looking
[Tue Aug 12 11:21:33 2014] <roosbeef> you see, it uses FL_MSetCore
[Tue Aug 12 11:21:50 2014] <roosbeef> basically, im using that module with a custom data type
[Tue Aug 12 11:21:59 2014] <roosbeef> if i only Require it, the module wont recognize that
[Tue Aug 12 11:22:42 2014] <alkabetz> Which module are you using with a custom data type?
[Tue Aug 12 11:23:25 2014] <roosbeef> all of them?
[Tue Aug 12 11:23:33 2014] <alkabetz> Okay.
[Tue Aug 12 11:23:54 2014] <alkabetz> So what error do you get that indicates to you that you need to [Import] CoLoR.Util.Multiset.MultisetTheory?
[Tue Aug 12 11:24:02 2014] <roosbeef> i dont get such an error
[Tue Aug 12 11:24:07 2014] <roosbeef> but i dont understand what you mean by Export it later
[Tue Aug 12 11:24:11 2014] <alkabetz> Oh.
[Tue Aug 12 11:24:13 2014] <roosbeef> i need to Export it at that point
[Tue Aug 12 11:24:20 2014] <roosbeef> for my code to work
[Tue Aug 12 11:25:23 2014] <alkabetz> Do you need to [Export] CoLoR.Util.Multiset.MultisetTheory?
[Tue Aug 12 11:26:15 2014] <roosbeef> hm
[Tue Aug 12 11:26:17 2014] <roosbeef> not sure to be honest
[Tue Aug 12 11:26:26 2014] <roosbeef> im not gonna lie, im a bit of a novice at Coq :p
[Tue Aug 12 11:26:33 2014] <alkabetz> ‘Aren’t we all’ :)
[Tue Aug 12 11:26:34 2014] <roosbeef> even though ive been working on this project for over a year
[Tue Aug 12 11:26:39 2014] <alkabetz> Well, I guess jgross isn’t :)
[Tue Aug 12 11:26:54 2014] <roosbeef> for me, if it works it works :P i gave up wanting to understand every single bit
[Tue Aug 12 11:27:02 2014] <alkabetz> Heh, yeah, I know that feeling
[Tue Aug 12 11:27:05 2014] <roosbeef> let me try to drop [Export]
[Tue Aug 12 11:27:42 2014] <roosbeef> ok that seems to work
[Tue Aug 12 11:27:54 2014] <alkabetz> So, AIUI, [Export Foo] means ‘Import Foo, and then also make it so that when people import this module, they also get all the names in Foo as well’
[Tue Aug 12 11:27:54 2014] <roosbeef> but now the scope is never even initialized
[Tue Aug 12 11:30:44 2014] <roosbeef> meh sorry but i have to go
[Tue Aug 12 11:30:58 2014] <roosbeef> gotta be at work in 30 mins
[Tue Aug 12 11:31:12 2014] <alkabetz> Okay, yep :)  Sounds like we made some progress, though.  Best of luck!
[Tue Aug 12 11:31:30 2014] <roosbeef> we did
[Tue Aug 12 11:31:33 2014] <roosbeef> again thanks a lot for being so helpful, much appreciated :)
[Tue Aug 12 11:31:46 2014] <alkabetz> You’re welcome.  Glad I could help. :)
[Tue Aug 12 11:43:11 2014] <tswett> Ahoy.
[Tue Aug 12 11:43:44 2014] <tswett> Given an infix operator or a piece of notation, how can I tell what term it refers to?
[Tue Aug 12 11:47:39 2014] <tswett> Here we go. Locate.
[Tue Aug 12 11:53:36 2014] <tswett> I'm occasionally amazed how certain rules of logic turn out to be "induction" principles for certain connectives.
[Tue Aug 12 11:54:08 2014] <tswett> Ex falso quodlibet is induction on falsehood proofs. Substitution is induction on equality proofs.
[Tue Aug 12 12:16:23 2014] <edwardk> vanila: in coq for listT done right you might look at something more like the LogicT approach: After you strip away all of Oleg's newtype noise you are left with ListT m a = forall r. (a -> m r -> m r) -> m r -> m r  which is a special case of the Codensity monad
[Tue Aug 12 12:17:12 2014] <vanila> clever edwardk! Thanks for that idea
[Tue Aug 12 12:17:23 2014] <vanila> just replacing it with the church encoding
[Tue Aug 12 12:17:48 2014] <edwardk> i have to do that a lot in haskell for speed / technical reasons, so its a habit =)
[Tue Aug 12 12:18:21 2014] <edwardk> also you may want to look at oleg's recent Reflection without Remorse paper which gives a much heavier way to translate LogicT
[Tue Aug 12 12:18:33 2014] <edwardk> that approach may or may not work in Coq.
[Tue Aug 12 12:19:10 2014] <vanila> great, ill give this a go :)
[Tue Aug 12 12:25:25 2014] <johnw> vanila: what behavior do you want from your ListT?
[Tue Aug 12 12:25:44 2014] <johnw> vanila: if you just want monadic production of values, then forall r. (a -> r -> m r) -> r -> m r will work fine
[Tue Aug 12 12:26:02 2014] <johnw> vanila: if you want something like Oleg's msplit combinator, you'll need the form that edwardk gave
[Tue Aug 12 12:26:05 2014] <vanila> I just want to prove it's monad, and I thought Coq would help me https://github.com/nikita-volkov/list-t/blob/master/library/ListT.hs
[Tue Aug 12 12:26:20 2014] <johnw> for example, see https://github.com/jwiegley/category-theory/blob/master/Endo/Conduit.v
[Tue Aug 12 12:26:36 2014] <johnw> "Source" is a final-encoded ListT, and I have proofs that it is a monad there
[Tue Aug 12 12:26:39 2014] <vanila> This was just released and there's no proofs or references! So I was wondering what this correctness claim was based on
[Tue Aug 12 12:26:51 2014] <edwardk> it is an old old idea
[Tue Aug 12 12:27:04 2014] <edwardk> and its kind of annoying to see it repackaged when the old idea is already packaged elsewhere
[Tue Aug 12 12:27:11 2014] <johnw> yeah, theer are many ListT's out in the world now
[Tue Aug 12 12:27:12 2014] <vanila> What does final-encoded mean?
[Tue Aug 12 12:27:18 2014] <edwardk> http://www.haskell.org/haskellwiki/ListT_done_right is the classic writeup
[Tue Aug 12 12:27:20 2014] <vanila> Thanks for this, this is great!
[Tue Aug 12 12:27:29 2014] <johnw> turning m [a] into the Boehm-Berarducci encoding
[Tue Aug 12 12:27:48 2014] <vanila> oh interesting, that's a new term to me
[Tue Aug 12 12:28:08 2014] <johnw> nikita's form just turns the Nil+Cons constructors into a Maybe, which is algebraically isomorphic
[Tue Aug 12 12:28:21 2014] <johnw> so really there is nothing new there
[Tue Aug 12 12:28:37 2014] <johnw> vanila: http://okmij.org/ftp/tagless-final/course/Boehm-Berarducci.html
[Tue Aug 12 12:28:55 2014] <vanila> great lots of crazy fun stuff to read today, thanks :)
[Tue Aug 12 12:29:01 2014] <johnw> it's funny you ask this, since I've been working on exactly this in Coq for the last two months :)
[Tue Aug 12 12:29:16 2014] <johnw> proving not just monad, but all the other type classes as well
[Tue Aug 12 12:30:22 2014] <johnw> nikita's ListT is really an anemic form of http://hackage.haskell.org/package/simple-conduit
[Tue Aug 12 12:31:24 2014] <vanila> ([bug] http://hackage.haskell.org/package/simple-conduit-0.5.1/docs/Conduit-Simple.html your hyperlinks have been mangled here)
[Tue Aug 12 12:31:35 2014] <johnw> ouch, thanks
[Tue Aug 12 12:41:35 2014] <johnw> vanila: also, if you did want the LogicT approach: https://github.com/jwiegley/category-theory/blob/master/Endo/LogicT.v
[Tue Aug 12 12:42:06 2014] <johnw> proving that either of those is a monad should follow pretty much the same form as proving it for the more complex Source type
[Tue Aug 12 12:42:40 2014] <johnw> jgross: I don't quite follow, although what you linked to is probably exactly what I'm looking for; I'm lacking a bit of context to understand how it relates
[Tue Aug 12 13:44:55 2014] <johnw> if my goal is a record, for example I have to prove Foo a b, I normally do it using apply Build_Foo with (field1 := ...) ...
[Tue Aug 12 13:45:11 2014] <johnw> is there a way to simply say "make production of all those fields goals, and then have it build up the record after I've proven them all?
[Tue Aug 12 13:47:52 2014] <vanila> Does apply Build_Foo. alone work? or maybe eapply
[Tue Aug 12 13:48:08 2014] <johnw> well, then I have these existentials in my goal, but I don't know what to do with them
[Tue Aug 12 13:49:26 2014] <vanila> It should be that when you prove one of the goals, that fills in the existentials in the others
[Tue Aug 12 13:49:39 2014] <johnw> for exampel, my goal is now ?1316 (?1317 e) = e
[Tue Aug 12 13:49:47 2014] <vanila> hm
[Tue Aug 12 13:49:48 2014] <johnw> wheer those things are the "from" and "to" which I'm needing to define
[Tue Aug 12 13:49:57 2014] <johnw> except now I don't know how to "provide a definition" for ?1316
[Tue Aug 12 13:50:01 2014] <vanila> maybe give Build_Foo all the information you can, like type indices and things
[Tue Aug 12 13:50:11 2014] <vanila> but leave out all the fields
[Tue Aug 12 13:52:34 2014] <johnw> no, that changes nothing
[Tue Aug 12 13:57:36 2014] <jrw> osa1: how's it going?
[Tue Aug 12 14:00:20 2014] <osa1> jrw: I'll start working on it in 2-3 hours. I'm currently working on my day job :p
[Tue Aug 12 14:00:33 2014] <jrw> haha, okay
[Tue Aug 12 14:12:40 2014] <jgross> johnw: In trunk, you're looking for [refine (Build_Foo _ _ ...)]. Currently, [refine] is ~the only tactic that introduces dependent subgoals.  (I think there might be an rapply defined somewhere in the stdlib that just does [refine H || refine (H _) || refine (H _ _) || ...] up to some number.) 
[Tue Aug 12 14:12:54 2014] <johnw> let me try
[Tue Aug 12 14:14:44 2014] <johnw> huh, that worked!
[Tue Aug 12 14:15:15 2014] <johnw> i was doing assert (foo := ...) for a bunch of things
[Tue Aug 12 14:15:30 2014] <johnw> and then apply Build_Foo with (foo := foo), etc.
[Tue Aug 12 14:16:07 2014] <jgross> johnw: The key idea in Functor/Paths.v is that to prove an equality of functors, you need to prove that they're equal on objects and equal on morphisms.  So I prove this fact (for arbirary functors), which is mostly straightforward (most of the noise is dealing with functional extensionality and proof irrelevance), and then I can just apply this theorem whenever I want to use it.	If you only ever try to prove equality of a few record types,
[Tue Aug 12 14:16:07 2014] <jgross> it's much easier to prove such a lemma for each record type separately, than to try to use general tactics/lemmas that are meant to prove equality of any records. 
[Tue Aug 12 14:16:58 2014] <jgross> johnw: Yes, assert is the old-school way to do things, where by old-school, I mean older than current development. 
[Tue Aug 12 14:17:08 2014] <johnw> ok; I'm using HEAD so this is great, thanks
[Tue Aug 12 14:17:21 2014] <johnw> however, I'm finding that refine needs all the type arguments for Build_Foo function
[Tue Aug 12 14:17:26 2014] <johnw> example: refine (Build_Isomorphism Sets (Const a ⟾ F) (Cone a F) _ _ _ _).
[Tue Aug 12 14:18:03 2014] <johnw> can i pick different names for what the refiner is building?
[Tue Aug 12 14:18:31 2014] <johnw> ah, rename X into transport. did it
[Tue Aug 12 14:21:27 2014] <jgross> johnw: If you do it a lot with a given record, you can do [hnf; lazymatch goal with |- @Isomorphism ?a ?b ?c => refine (@Build_Isomorphism a b c _ _ _ _) end].  (Or stuff that into a [Build_Isomorphism] tactic or something.) 
[Tue Aug 12 14:25:04 2014] <jgross> johnw: Do you have an example where you need to give arguments?  The following works for me:
[Tue Aug 12 14:25:04 2014] <jgross> Record iso A B := { f : A -> B;
[Tue Aug 12 14:25:04 2014] <jgross> 		    g : B -> A;
[Tue Aug 12 14:25:04 2014] <jgross> 		    sect : forall x, f (g x) = x;
[Tue Aug 12 14:25:04 2014] <jgross> 		    retr : forall x, g (f x) = x }.
[Tue Aug 12 14:25:04 2014] <jgross> Goal iso Set Set.
[Tue Aug 12 14:25:04 2014] <jgross>   refine (Build_iso _ _ _ _ _ _). 
[Tue Aug 12 14:28:36 2014] <johnw> yeah, noe sec
[Tue Aug 12 14:29:12 2014] <johnw> https://github.com/jwiegley/category-theory/blob/master/Functor.v#L702
[Tue Aug 12 14:29:27 2014] <johnw> if you make all the arguments there to Build_Isomorphism underbars, you'll get errors
[Tue Aug 12 14:29:31 2014] <johnw> sometimes even an infinite lopo
[Tue Aug 12 14:30:56 2014] <johnw> jgross: thanks so much for this refine trick, it will add years back to my life
[Tue Aug 12 14:44:36 2014] <jgross> johnw: Do you want to run that through https://github.com/JasonGross/coq-bug-finder (python /path/to/coq-bug-finder.py ./Functor.v bug_refine.v --topname Hask) (you can add -vv if you want to see more about what it's doing), after you save Functor.v so that it gives you the error?  (You may have to run "make" first... I haven't worked out all the bugs in the auto-building code.)  It'll inline all the dependencies and (eventually) give you a
[Tue Aug 12 14:44:36 2014] <jgross> small example reproducing the error in bug_refine.v.  I suspect that it's an unfortunate interaction with typeclasses, but it might be a bug, or worth reporting on the bug tracker. 
[Tue Aug 12 14:45:50 2014] <johnw> ooh
[Tue Aug 12 14:46:40 2014] <johnw> do you mean find-bug.py?
[Tue Aug 12 14:47:28 2014] <johnw> jgross: even the working version gives me an error
[Tue Aug 12 14:48:12 2014] <jgross> Yes, I mean find-bug.py 
[Tue Aug 12 14:48:26 2014] <johnw> oh
[Tue Aug 12 14:48:30 2014] <johnw> now using all underscores works
[Tue Aug 12 14:48:38 2014] <johnw> is there a way to say "use as many underscores as you need?"
[Tue Aug 12 14:48:44 2014] <jgross> johnw: What do you mean "even the working version gives me an error"? 
[Tue Aug 12 14:48:56 2014] <johnw> meaning, the Functor.v that compiles still gives an error
[Tue Aug 12 14:49:39 2014] <johnw> i wonder if there's sometheing like #line for Coq, so find-bug.py can relate bugs to their source in Functor.v
[Tue Aug 12 14:50:50 2014] <jgross> You mean, it doesn't give you the error when you compile Functor.v, but you do get the error after it inlines all the dependencies? 
[Tue Aug 12 14:50:56 2014] <johnw> yep
[Tue Aug 12 14:51:01 2014] <johnw> let me make sure about that
[Tue Aug 12 14:51:50 2014] <johnw> yes, coqc passes
[Tue Aug 12 14:52:00 2014] <johnw> bug_refine does not
[Tue Aug 12 14:52:25 2014] <jgross> Ugh.  I'll take a look in a moment.  (The first thing it does is inlines the imports, Coq's the file, and asks you if the error matches the one you thought you'd get.	There are only a few cases that I know of where it fails, essentailly all of them are when you depend on the fact that you haven't [Require]d something.) 
[Tue Aug 12 14:52:59 2014] <jgross> Also, https://github.com/coq/coq/blob/f5bbb5ce34bb1ee2165086b0fdb3ee5f3d96a44e/theories/Program/Tactics.v#L173 <- "as many underscores as I need". 
[Tue Aug 12 14:53:01 2014] <johnw> that could well be
[Tue Aug 12 14:53:06 2014] <johnw> hahaha
[Tue Aug 12 14:53:09 2014] <johnw> awesome
[Tue Aug 12 14:53:26 2014] <johnw> I have a feeling that just injesting your brain would help me
[Tue Aug 12 14:54:01 2014] <jgross> Nah, ingesting it would probably destroy it. 
[Tue Aug 12 14:54:16 2014] <johnw> I'm going to learn Coq tricks, zombie-style
[Tue Aug 12 14:54:46 2014] <johnw> so another questoin
[Tue Aug 12 14:54:55 2014] <johnw> i have two records, say with 3 fields each
[Tue Aug 12 14:55:06 2014] <johnw> if I try apply f_equal3, it wants the three to be refl
[Tue Aug 12 14:55:12 2014] <jgross> The main cases of this (inlining not working) are: you use a notation that changes the parser in a way that breaks other files (e.g., you make a notation for "a : b" in one file, and then use it as has-type-of in another file where you haven't Require'd the first one.) Typeclass instances used to be another case of side-effects of Require, but I thought they fixed that one. 
[Tue Aug 12 14:55:14 2014] <johnw> how do I get it to just turn them into goals that I then prove?
[Tue Aug 12 14:55:48 2014] <johnw> I want apply f_equal_but_if_they_don't_unify_then_make_it_a_goal
[Tue Aug 12 14:56:13 2014] <jgross> 1. Are they dependent?	2. Have you tried [rapply f_equal3] or [refine (f_equal3 _ _ _...)]? 
[Tue Aug 12 14:56:25 2014] <johnw> ohh
[Tue Aug 12 14:56:26 2014] <johnw> i haven't
[Tue Aug 12 14:56:33 2014] <johnw> uh oh
[Tue Aug 12 14:56:37 2014] <johnw> rapply Build_Cone causes an infinite loop
[Tue Aug 12 14:57:22 2014] <johnw> if you clone github.com/jwiegley/category-theory, you should be able to build it htere
[Tue Aug 12 14:57:35 2014] <johnw> just "make"
[Tue Aug 12 14:57:48 2014] <johnw> then go into Functor.v, line 702, and change it to use rapply
[Tue Aug 12 14:57:59 2014] <johnw> actually, I've been seeing infinite loops in this file a *lot*
[Tue Aug 12 14:58:51 2014] <johnw> huh
[Tue Aug 12 14:59:10 2014] <johnw> even with what I have now, if I don't crush before refine (Build_Cone ...) I get an infinite loop
[Tue Aug 12 14:59:30 2014] <jgross> You should add a .dir-locals.el to set coq-prog-args to ("-emacs" "-R" "." "Hask") (see https://github.com/HoTT/HoTT/blob/master/theories/.dir-locals.el) 
[Tue Aug 12 14:59:37 2014] <johnw> ah, thanks
[Tue Aug 12 15:01:39 2014] <jgross> Why do you use -Q in Makefile but -R in _CoqProject? 
[Tue Aug 12 15:01:45 2014] <johnw> done
[Tue Aug 12 15:01:50 2014] <johnw> i don't know, copy&paste fail
[Tue Aug 12 15:02:06 2014] <johnw> won't the _CoqProject settings set coq-prog-args correctly?
[Tue Aug 12 15:02:26 2014] <johnw> is -R better, or -Q?
[Tue Aug 12 15:05:25 2014] <jgross> It's not setting it for me, but maybe I've mis-configured my emacs. -R means "I'm not going to fully qualify all of my imports" and -Q means "I am going to ...", right? 
[Tue Aug 12 15:05:41 2014] <johnw> you've got me, that's a brand new flag I thought
[Tue Aug 12 15:06:33 2014] <jgross> coqc --help says
[Tue Aug 12 15:06:33 2014] <jgross>   -R dir -as coqdir	 recursively map physical dir to logical coqdir
[Tue Aug 12 15:06:33 2014] <jgross>   -R dir coqdir 	 (idem)
[Tue Aug 12 15:06:33 2014] <jgross>   -Q dir coqdir 	 map physical dir to logical coqdir 
[Tue Aug 12 15:06:50 2014] <johnw> ah
[Tue Aug 12 15:07:53 2014] <jgross> You should make coq-prog-args a local variable, as in the HoTT example I pointed you at, or else emacs will get very confused when you decide you want to mess around in another project that doesn't set coq-prog-args. 
[Tue Aug 12 15:08:07 2014] <johnw> i put it into .dir-locals.el
[Tue Aug 12 15:09:35 2014] <johnw> jgross: have you written up somewhere how you use higher inductive types to avoid the need for propositional equality?
[Tue Aug 12 15:10:18 2014] <jgross> Also, you should pass -no-native-compiler to coqc unless you use native_compute.  It shaves about a minute off the compilation time of Functor.v (You can use coqc -time -Q . Hask Functor to see that it spends that minute ... after the last Qed in the file.) 
[Tue Aug 12 15:10:30 2014] <johnw> sweet
[Tue Aug 12 15:11:15 2014] <johnw> MUCH faster
[Tue Aug 12 15:11:24 2014] <johnw> hmm
[Tue Aug 12 15:12:56 2014] <jgross> johnw: http://homotopytypetheory.org/2011/04/23/running-circles-around-in-your-proof-assistant/ for HITs in agda/Coq in general.  The particular proof of epi <-> surj is in the HoTT book (http://homotopytypetheory.org/), I think?  See also https://github.com/HoTT/coq/issues/120#issuecomment-46379740.  To avoid prop ext in general, you'll want Univalence. 
[Tue Aug 12 15:13:16 2014] <johnw> great, thanks
[Tue Aug 12 15:13:48 2014] <jgross> johnw: You should report the issue with -no-native-compiler to the bug tracker (coq.inria.fr/bugs/enter_bug.cgi).  Preferably with a .zip file attached of the relevant files up to Functor.v. 
[Tue Aug 12 15:14:47 2014] <johnw> what issue was that?
[Tue Aug 12 15:25:08 2014] <jgross> The fact that it makes things slower. 
[Tue Aug 12 15:26:26 2014] <johnw> oh
[Tue Aug 12 15:28:44 2014] <jgross> johnw: Here's why the inlined version is failing: in obligation 4 of YonedaLemma, you're relying on generated names.  When you define a record in the current file, and then destruct something of that type, the fields get 0s appended to them.  When you define the record in a different file, the names don't have 0s.  So when you say "id A", you mean "the id that came from [destruct C]", but once it's inlined, that's [id0].  So you should either
[Tue Aug 12 15:28:44 2014] <jgross> use [destruct C as [...]], or you should pick up the names some other way. 
[Tue Aug 12 15:29:13 2014] <johnw> ah
[Tue Aug 12 15:29:20 2014] <johnw> thanks for looking into that
[Tue Aug 12 15:29:38 2014] <jgross> In any case, you can open up the file that it gives you the error in, and manually modify it, and then tell it to try again.  (If you say "n(o, this isn't the error I was looking for)", it tells you to do so. 
[Tue Aug 12 15:29:47 2014] <johnw> btw, in Emacs now I'm getting:
[Tue Aug 12 15:29:48 2014] <johnw> Warning:
[Tue Aug 12 15:29:49 2014] <johnw>  Dynlink error, cannot find file /Users/johnw/Projects/category-theory/.coq-native/NHask_Axioms.cmxs in search path
[Tue Aug 12 15:29:55 2014] <jgross> (It won't actually accept the longer version) 
[Tue Aug 12 15:30:20 2014] <jgross> Yes, throw -no-native-compiler in coq-prog-args in the .dir-locals.el? 
[Tue Aug 12 15:31:23 2014] <johnw> that gives me errors:
[Tue Aug 12 15:31:24 2014] <johnw> *** Warning: in file /var/folders/8h/tky3qz1d63l05l5jp_nzwzjr0000gn/T/ProofGeneral-coq80370JZR.v, library Hask.Category.v is required and has not been found in loadpath!
[Tue Aug 12 15:31:40 2014] <johnw> i have in .dir-locals.el:
[Tue Aug 12 15:31:40 2014] <johnw> ((coq-mode . ((coq-prog-args "-emacs" "-no-native-compiler" "-Q" "." "Hask"))))
[Tue Aug 12 15:31:55 2014] <johnw> although really it should be already picking up flags from _CoqProject
[Tue Aug 12 15:32:26 2014] <johnw> however, putting -no-native-compiler in _CoqProject breaks Makefile.coq
[Tue Aug 12 15:32:33 2014] <johnw> I end up with:
[Tue Aug 12 15:32:34 2014] <johnw> /bin/sh: line 0: cd: ./-no-native-compiler: No such file or directory
[Tue Aug 12 15:33:44 2014] <johnw> no, that wasn't the problem
[Tue Aug 12 15:34:04 2014] <jgross> Try rm -rf .coq-native? 
[Tue Aug 12 15:34:12 2014] <johnw> make clean does that, so it wasn't there
[Tue Aug 12 15:34:27 2014] <jgross> Try closing your file and reopening it, to get emacs to look at .dir-locals.el again? 
[Tue Aug 12 15:34:28 2014] <johnw> i'm running into something more basic
[Tue Aug 12 15:34:30 2014] <johnw> let me restart emacs
[Tue Aug 12 15:38:10 2014] <jgross> johnw: I'm about to report the -no-native-compiler issue. 
[Tue Aug 12 15:38:16 2014] <johnw> thanks
[Tue Aug 12 15:38:40 2014] <johnw> so, -R works for me, -Q does not
[Tue Aug 12 15:41:33 2014] <jgross> https://coq.inria.fr/bugs/show_bug.cgi?id=3511 
[Tue Aug 12 15:41:39 2014] <jgross> Where does -Q not work? 
[Tue Aug 12 15:41:42 2014] <johnw> thank you
[Tue Aug 12 15:41:47 2014] <johnw> -Q doesn't work anywhere that I use it
[Tue Aug 12 15:41:50 2014] <johnw> I get those errors I pasted above
[Tue Aug 12 15:43:54 2014] <jgross> If you run coqc -Q . Hask -no-native-compiler <filename>.v, do you get it?  What about coqtop -Q . Hask -no-native-compiler -compile <filename>?  What about coqtop -Q . Hask -no-native-compiler < <filename>.v? 
[Tue Aug 12 15:45:28 2014] <johnw> coqtop -Q . Hask -no-native-compiler -compile Functor works
[Tue Aug 12 15:45:42 2014] <johnw> coqtop -Q . Hask -no-native-compiler Functor.vDon't know what to do with Functor.v
[Tue Aug 12 15:45:42 2014] <johnw> See --help for the list of supported option
[Tue Aug 12 15:45:56 2014] <johnw> coqc works
[Tue Aug 12 15:46:48 2014] <jgross> coqtop -Q . Hask -no-native-compiler < Functor.v ? 
[Tue Aug 12 15:47:27 2014] <jgross> https://github.com/jwiegley/category-theory/blob/master/Utils.v#L26 <- haha.  You could just [Require Export Coq.Program.Tactics] instead; I pointed you at the source for the Coq trunk stdlib. 
[Tue Aug 12 15:47:47 2014] <johnw> that worked too
[Tue Aug 12 15:47:59 2014] <johnw> ah, ok
[Tue Aug 12 15:49:49 2014] <jgross> It sounds like somehow your emacs isn't getting the -no-native-compiler flag.  What command line does the *Messages* buffer say you're running coqtop with? 
[Tue Aug 12 15:51:17 2014] <johnw> Starting: /Users/johnw/.nix-profile/bin/coqtop -emacs -no-native-compiler -R . Hask -R /Users/johnw/src/category-theory -as Hask
[Tue Aug 12 15:51:34 2014] <johnw> see, _CoqProject's arguments are getting inserted
[Tue Aug 12 15:51:40 2014] <johnw> so I don't need .dir_locals, except for -no-native-compiler
[Tue Aug 12 15:52:52 2014] <johnw> ok, I need to switch to some work tasks now
[Tue Aug 12 15:52:55 2014] <johnw> thanks for your help jgross
[Tue Aug 12 15:53:15 2014] <jgross> Ah, I guess I just need to go install PG 4.3. 
[Tue Aug 12 15:53:31 2014] <johnw> yeah, 4.3_prewhatever
[Tue Aug 12 15:54:06 2014] <johnw> also, have you used prooftree?
[Tue Aug 12 15:54:10 2014] <johnw> i find it to be quite helpful
[Tue Aug 12 15:54:12 2014] <jgross> Good luck with your work tasks.  I'm going to head home and have dinner and sleep.  And let me (or the bug tracker) know if you find another case where refine (Build_foo _ _ _ _ _...) doesn't work. 
[Tue Aug 12 15:54:17 2014] <johnw> doesn't seem to work with Program Instance though
[Tue Aug 12 15:54:30 2014] <johnw> ok, I will keep an eye out, since I'll be using refine a LOT in the coming days
[Tue Aug 12 15:56:44 2014] <jgross> Prooftree looks neat for ssreflect-style proofs.  I try to automate everything (Adam's my advisor, so I learned his style, and I also think it makes sense), so I think it wouldn't be super-helpful for me unless it knows how to unroll a [repeat match goal with ... end] automatically. 
[Tue Aug 12 15:57:13 2014] <johnw> very true
[Tue Aug 12 15:57:19 2014] <johnw> i'm working my way toward Adam-style
[Tue Aug 12 15:57:34 2014] <johnw> I went to visit him last week, and we spoke about you :)
[Tue Aug 12 15:59:57 2014] <jgross> Really?  Will you be joining us at MIT?  (I'm curious, if you don't mind sharing, what about me did you talk about?) 
[Tue Aug 12 16:00:39 2014] <johnw> no, but I'm working at BAE now, which is in your back yard
[Tue Aug 12 16:00:49 2014] <johnw> I just know Adam from a long ways back, before either of us had found Coq :)
[Tue Aug 12 16:01:20 2014] <jgross> Boston Academy of English? 
[Tue Aug 12 16:01:26 2014] <johnw> it has no expansion
[Tue Aug 12 16:01:31 2014] <johnw> gov't contractor
[Tue Aug 12 16:01:36 2014] <johnw> I work on research contracts
[Tue Aug 12 16:01:42 2014] <vanila> what was adam doing before coq?
[Tue Aug 12 16:01:51 2014] <johnw> he was running hcoop!
[Tue Aug 12 16:01:56 2014] <vanila> ohh yeah
[Tue Aug 12 16:02:03 2014] <johnw> I think I was user 11
[Tue Aug 12 16:02:12 2014] <edwardk> jgross: for that matter i live right over in medford
[Tue Aug 12 16:02:32 2014] <johnw> jgross: you and edwardk and I should definitely get some chow together the next time I'm out there
[Tue Aug 12 16:02:38 2014] <johnw> jgross: are you coming to ICFP by any chance?
[Tue Aug 12 16:03:18 2014] <edwardk> johnw: hahahaha i just connected the hcoop thing with adam. i'd forgotten that
[Tue Aug 12 16:04:02 2014] <johnw> yeah, that was forever ago.  13 years!
[Tue Aug 12 16:04:18 2014] <johnw> i think that was the year before I join freenode
[Tue Aug 12 16:04:49 2014] <jgross> No, I'm not going to be at ICFP.  I'll have just gotten back to MIT from my internship in the UK then.	I hope to attend POPL, though. 
[Tue Aug 12 16:05:15 2014] <johnw> in India?
[Tue Aug 12 16:05:27 2014] <jgross> Yes ^.^ 
[Tue Aug 12 16:05:28 2014] <edwardk> jgross: fair nuff. well some time when you're back in the MIT area, ping me and we can grab lunch or something
[Tue Aug 12 16:05:39 2014] <johnw> i doubt I can get work to swing that one; Sweden was a hard enough sell
[Tue Aug 12 16:06:56 2014] <edwardk> clearly i should go visit one of the QA teams we have out there at just the right time
[Tue Aug 12 16:09:11 2014] <jgross> Sure, lunch or something sounds great!	I'll ping you two when I'm back in Boston.  (It might take until October, though, depending on how busy your schedules are.  I'll be pretty busy in September; I have a cousin's wedding on the 14th and I'll be in Germany for the Heidelberg Laureate Forum the 19th through the 28th.) 
[Tue Aug 12 16:11:33 2014] <edwardk> I'm all over the place but late September should be pretty open.
[Tue Aug 12 16:11:56 2014] <edwardk> so maybe after ICFP/CUFP
[Tue Aug 12 16:11:58 2014] <edwardk> * shrugs.
[Tue Aug 12 16:12:01 2014] <edwardk> We'll figure it out
[Tue Aug 12 16:31:27 2014] <edwardk> johnw: damn you for getting me to install coq again. =P i was happy and productive in haskell
[Tue Aug 12 16:31:40 2014] <johnw> hahaha
[Tue Aug 12 16:31:49 2014] <johnw> and don't forget proof general 4.3pre!
[Tue Aug 12 16:31:59 2014] <edwardk> * watches his days vanish into the hell of the zork-like 'guess the tactic' adventure game
[Tue Aug 12 16:32:07 2014] <edwardk> building coq head now
[Tue Aug 12 16:32:16 2014] <johnw> > Take lamp.
[Tue Aug 12 16:32:20 2014] <johnw> I don't know what a lamp is.
[Tue Aug 12 16:32:23 2014] <johnw> > Take the lamp.
[Tue Aug 12 16:32:24 2014] <johnw> Taken.
[Tue Aug 12 16:33:17 2014] <edwardk> heh, i have an hour interview thing with jason scott of the get lamp documentary fame coming up, i should mention coq as the spiritual successor to text adventure games to him ;)
[Tue Aug 12 16:34:36 2014] <hodapp> o_O
[Tue Aug 12 16:34:38 2014] <hodapp> what
[Tue Aug 12 16:36:07 2014] <edwardk> hodapp: come on, you've sat there in proof general looking at the current state of the world, your goal, the inventory of stuff you have in the environment and played the "guess the verb" game that defined 80s-90s text adventures.
[Tue Aug 12 16:37:29 2014] <edwardk> open the mailbox. get the pamphlet. read the pamplet.    vs unfold Monic in *. intros. apply eg. apply ef. -- not much different ;)
[Tue Aug 12 16:39:13 2014] <edwardk> vi .emacs # hrmm, i think i'm doing this wrong.
[Tue Aug 12 16:41:24 2014] <johnw> lol
[Tue Aug 12 16:42:17 2014] <johnw> nice, just got Isabella working with proof general
[Tue Aug 12 16:42:54 2014] <edwardk> now i just have to remember my way around emacs sans vim bindings =P
[Tue Aug 12 16:44:33 2014] <johnw> install evil
[Tue Aug 12 16:45:19 2014] <edwardk> may, but i may just go native again. its been long enough
[Tue Aug 12 16:45:40 2014] <edwardk> you know its serious i even gave in and remapped my capslock to ctrl to avoid crippling myself =P
[Tue Aug 12 16:46:59 2014] <johnw> going native is better in the long run
[Tue Aug 12 16:47:10 2014] <johnw> remapping capslock to ctrl is just common sense
[Tue Aug 12 17:28:11 2014] <johnw> oh, did you see that jgross gets dualization of his proofs pretty much for free in his development?
[Tue Aug 12 17:28:26 2014] <johnw> at least, that's what the experience report said
[Tue Aug 12 17:37:27 2014] <edwardk> yeah
[Tue Aug 12 17:37:30 2014] <edwardk> i walked through that part
[Tue Aug 12 17:38:12 2014] <edwardk> noticeably the extra 'redundant' proofs that identity . identity = identity and of the reversed associativity law to make constructing the dual easier
[Tue Aug 12 17:38:46 2014] <johnw> yeah, he's really tempting me to lean in the HoTT direction
[Tue Aug 12 17:39:01 2014] <johnw> only I fear that might lose connection with the Haskell implementation
[Tue Aug 12 17:40:02 2014] <edwardk> the haskell implementation is warped by the need to be implemented in haskell
[Tue Aug 12 17:40:12 2014] <johnw> aye, there's the rub
[Tue Aug 12 18:55:10 2014] <tswett> Hey everyone.
[Tue Aug 12 18:55:20 2014] <tswett> http://lpaste.net/109265 – Coq can be confusing sometimes.
[Tue Aug 12 18:58:57 2014] <tswett> I should learn how induction actually works in Coq.
[Tue Aug 12 19:00:39 2014] <vanila> I think that Coq can't do this
[Tue Aug 12 19:01:09 2014] <tswett> I'm pretty sure that Coq can't do that.
[Tue Aug 12 19:01:55 2014] <tswett> Which seems counterintuitive to me. I have two proofs, p and q, that x = x. Are they the same? Well, let's look at all the things p could possibly be. p must be eq_refl x.
[Tue Aug 12 19:02:14 2014] <vanila> this requires an extra axiom than the normal dependent type lambda calculus, to prove
[Tue Aug 12 19:02:47 2014] <tswett> The "look at all the things p could possibly be" step is where things don't work, I think.
[Tue Aug 12 19:04:15 2014] <cody__> tswett: http://homotopytypetheory.org/2011/04/10/just-kidding-understanding-identity-elimination-in-homotopy-type-theory/
[Tue Aug 12 19:11:18 2014] <tswett> Hmm.
[Tue Aug 12 19:17:14 2014] <tswett> Yeah, my big issue is that I don't see how the type of an induction function is determined. Like, here's how I understand "ordinary" induction: given a predicate over elements of the inductive type, if every constructor preserves truth of that predicate, then the predicate is true everywhere.
[Tue Aug 12 19:18:28 2014] <tswett> So then I try to understand eq_ind like that. Given a predicate over proofs that x = x, if the predicate holds for eq_refl x, then it holds for all proofs that x = x.
[Tue Aug 12 19:18:36 2014] <tswett> But it turns out that eq_ind is actually something completely different.
[Tue Aug 12 19:20:25 2014] <tswett> Ah, but that's not quite how eq is defined.
[Tue Aug 12 19:20:36 2014] <tswett> The "elements of the inductive type" are actually functions A -> Prop.
[Tue Aug 12 19:20:49 2014] <tswett> Okay, let me retry that understanding.
[Tue Aug 12 19:21:55 2014] <vanila> When you define an inductive data type the eliminators are automatically created
[Tue Aug 12 19:22:03 2014] <vanila> Have a look at
[Tue Aug 12 19:22:04 2014] <vanila> Print bool.
[Tue Aug 12 19:22:04 2014] <vanila> then
[Tue Aug 12 19:22:06 2014] <vanila> Print bool_rec.
[Tue Aug 12 19:22:11 2014] <tswett> I know that much.
[Tue Aug 12 19:22:23 2014] <tswett> But I'm wondering how the types of the eliminators are determined.
[Tue Aug 12 19:23:21 2014] <vanila> it creates a hypothesis for each constructor of the type and concludes with the predicate for all values of that type
[Tue Aug 12 19:23:54 2014] <tswett> So now I'd expect eq_ind to look like this: Given a predicate P over equality predicates (x =), if the predicate P holds for eq_refl x, then the predicate P holds for all equality predicates (x =).
[Tue Aug 12 19:25:26 2014] <tswett> Which is starting to resemble the actual type of eq_ind, but still isn't correct.
[Tue Aug 12 19:28:43 2014] <tswett> The type of P in an eliminator seems to be random.
[Tue Aug 12 19:29:42 2014] <tswett> In eq_ind, P : A -> Prop; it's a predicate over one of the arguments to eq. In and_ind, P is just a proposition. In bool_ind, P is a predicate on bool.
[Tue Aug 12 19:31:48 2014] <vanila> that's because it has type indices
[Tue Aug 12 19:32:15 2014] <vanila> if you look at bool then option and so on, you can understand the pattern gradually
[Tue Aug 12 19:32:23 2014] <tswett> If you say so.
[Tue Aug 12 19:32:27 2014] <vanila> wow
[Tue Aug 12 19:32:30 2014] <vanila> good bye
[Tue Aug 12 19:35:13 2014] <tswett> Sorry, did I come across as rude there? I'm just saying that this concept has been difficult for me to understand, so I expect it to be a struggle going on.
[Tue Aug 12 19:35:25 2014] <tswett> I didn't mean to dismiss your advice.
[Tue Aug 12 19:37:22 2014] <vanila> makes me wonder why I try to help people when they act like such assholes, hopefully nicer people show up soon
[Tue Aug 12 19:37:46 2014] <tswett> Sorry, I honestly don't understand what I did wrong.
[Tue Aug 12 19:38:41 2014] <cody__> tswett: there's a really nice paper by Peter Dybjer that explains how recursors for type families are defined
[Tue Aug 12 19:38:46 2014] <cody__> http://www.cse.chalmers.se/~peterd/papers/Inductive_Families.pdf
[Tue Aug 12 19:40:11 2014] <cody__> if you are just looking for technical definitions
[Tue Aug 12 19:40:38 2014] <cody__> the semantics are a bit more complex
[Tue Aug 12 19:58:46 2014] <tswett> vanila: okay, I've looked at bool and option, and yeah, I can see how the constructor hypotheses work. Thanks.
[Tue Aug 12 19:59:00 2014] <tswett> When you say "it has type indices", what's the thing that has type indices?
[Tue Aug 12 20:23:01 2014] <tswett> Okay, I think I finally understand exactly how the type for eq_ind is constructed.
[Tue Aug 12 20:26:21 2014] <tswett> First, the parameters (A : Type) and (x : A). These are just the parameters to eq. Next, (P : A -> Prop)--P always has the same kind as the inductive type itself (as long as the inductive type is of class Prop, not Type).
[Tue Aug 12 20:26:55 2014] <tswett> Then the inductive hypotheses are always the types of the constructors, where the inductive type is replaced with P. In this case, eq x is replaced with P, yielding P x.
[Tue Aug 12 20:27:43 2014] <tswett> Finally, the assertion that as long as the inductive type is actually populated, P is populated, too.
[Tue Aug 12 20:32:17 2014] <cody__> tswett: That's about the long and short of it, except that P can depend on the element of the inductive itself
[Tue Aug 12 20:35:35 2014] <tswett> cody__: right. If I understand correctly, that happens when the inductive is a Set or Type. When the inductive is a Prop, P doesn't depend on the proof.
[Tue Aug 12 20:36:05 2014] <cody__> when I is a Prop
[Tue Aug 12 20:36:18 2014] <cody__> I being the inductive
[Tue Aug 12 20:36:47 2014] <tswett> Indeed, if I understand correctly, Coq never lets you prove that a predicate holds for all proofs of a proposition (unless you can prove that there are no proofs of that proposition).
[Tue Aug 12 20:38:01 2014] <cody__> well you can, you just shouldn't be able to distinguish propositions
[Tue Aug 12 20:38:33 2014] <cody__> which means you shouldn't be able to case on I:Prop into Type
[Tue Aug 12 20:38:47 2014] <cody__> oops
[Tue Aug 12 20:38:49 2014] <cody__> gtg
[Tue Aug 12 21:03:52 2014] <tswett> Guess I'm wrong about the latter part. You can indeed prove that every proof of True is I.
[Wed Aug 13 01:13:02 2014] <gdsfh> hello.  I'm trying to make function threading (composition) that gathers proofs returned by functions: http://pastebin.com/4MffD1JM , but it seems I'm trying to do something impossible.  Right?
[Wed Aug 13 01:17:47 2014] <johnw> cur_prop has the wrong type
[Wed Aug 13 01:17:54 2014] <johnw> it's not the type of a proposition, but a proof term
[Wed Aug 13 01:19:53 2014] <gdsfh> I've tried to write other things in { n : nat | <here> }, but no one worked.  There's something I don't understand, obv.
[Wed Aug 13 01:20:16 2014] <johnw> write out the result type of step first
[Wed Aug 13 01:20:24 2014] <johnw> that shoudl help clarify things
[Wed Aug 13 01:22:02 2014] <gdsfh> "(nat * Prop)".  For example, Check (1, True) returns this type, and I could be happy with it.
[Wed Aug 13 01:22:39 2014] <johnw> have you tried (f : nat -> { n : nat & P })?
[Wed Aug 13 01:23:45 2014] <gdsfh> yes, error is the same.
[Wed Aug 13 01:25:43 2014] <johnw> maybe (f : nat -> { n : nat & Prop })?  The thing is, you're treating { n : nat | P } and (nat * Prop) as if they were effectively the same thing
[Wed Aug 13 01:25:55 2014] <johnw> so they need to be the same thing
[Wed Aug 13 01:25:58 2014] <johnw> if that's right
[Wed Aug 13 01:31:11 2014] <jrw> gdsfh: can you say more about what you're trying to do?
[Wed Aug 13 01:32:29 2014] <gdsfh> johnw: really, "step" typechecks.  But then "Definition f1 n : { n' : nat & n' = S n }." doesn't work in "Example s : unit. refine (step f1 (0, True)).": "The term "f1" has type "forall n : nat, {n' : nat & n' = S n}" while it is expected to have type "nat -> {_ : nat & Prop}".".  I need to return Prop from f1 somehow, but I don't know how to make Prop of "n' = S n".
[Wed Aug 13 01:35:18 2014] <gdsfh> jrw: I have functions that {take,return} proofs and values.  I want to use them in code without providing proofs in the code (using notations, for example), and gather all proofs that these functions return, to use them in proof mode for reasoning about code and for providing input proofs for these functions.
[Wed Aug 13 01:35:53 2014] <johnw> gdsfh: are you talking about a Hoare logic?
[Wed Aug 13 01:36:27 2014] <gdsfh> Hoare logic is very close to what I want to do.
[Wed Aug 13 01:36:44 2014] <gdsfh> so, yes.
[Wed Aug 13 01:37:16 2014] <johnw> software foundations has a couple of chapters on doing that in Coq, if you haven't seen that already
[Wed Aug 13 01:37:43 2014] <johnw> also of possible interest: http://ynot.cs.harvard.edu/
[Wed Aug 13 01:38:15 2014] <gdsfh> I'll read SF on this topic.  Ynot -- seen.
[Wed Aug 13 01:38:56 2014] <jrw> so hoare logic may not be exactly what you're going for. classically speaking hoare logic is applied to imperative style languages.
[Wed Aug 13 01:39:10 2014] <gdsfh> but any ideas are welcome.
[Wed Aug 13 01:39:13 2014] <jrw> obviously the idea is very general
[Wed Aug 13 01:39:31 2014] <johnw> whenever I hear "step" I hear imperative...
[Wed Aug 13 01:40:10 2014] <gdsfh> really, it's about imperative stuff representation.
[Wed Aug 13 01:41:14 2014] <jrw> gdsfh: http://pastebin.com/BdDREznA
[Wed Aug 13 01:41:20 2014] <jrw> I think this is what you were getting at
[Wed Aug 13 01:41:44 2014] <jrw> you have some f that returns a proof of p and some value that's a nat and a proof of q
[Wed Aug 13 01:42:01 2014] <jrw> you want to run f on the nat and get a proof of P, and return the result together with a proof of p /\ q
[Wed Aug 13 01:42:15 2014] <jrw> the trick is that you need to return a proof object that proves p /\ q
[Wed Aug 13 01:42:26 2014] <jrw> you can't just return the value "p /\ q"
[Wed Aug 13 01:42:29 2014] <jrw> which has type Prop
[Wed Aug 13 01:42:30 2014] <johnw> based on the non-dependent sigma, couldn't it be (f : nat -> (nat * P))?
[Wed Aug 13 01:42:47 2014] <jrw> yeah, those are exactly the same
[Wed Aug 13 01:46:55 2014] <gdsfh> jrw: doesn't work: The term "f1" has type "forall n : nat, {n' : nat | n' = S n}" while it is expected to have type "nat -> {_ : nat | ?40}".
[Wed Aug 13 01:59:15 2014] <edwardk> johnw: awake?
[Wed Aug 13 01:59:29 2014] <johnw> that's funny
[Wed Aug 13 01:59:34 2014] <johnw> i was just checking to see if you were around
[Wed Aug 13 01:59:40 2014] <johnw> I'm bored of register allocators, let's have some fun
[Wed Aug 13 01:59:48 2014] <edwardk> heh
[Wed Aug 13 01:59:50 2014] <edwardk> ok, one sec
[Wed Aug 13 02:02:02 2014] <jrw> gdsfh: can you put your example code on a pastebin? it didn't come through right for me.
[Wed Aug 13 02:05:20 2014] <gdsfh> jrw: http://pastebin.com/AU9eE8nh
[Wed Aug 13 02:06:24 2014] <jrw> thanks
[Wed Aug 13 02:19:44 2014] <jrw> gdsfh: http://pastebin.com/4cUXTy4B
[Wed Aug 13 02:31:29 2014] <gdsfh> jrw: thank you, it works!  Also it works when I do "{inp outp} {P : inp -> outp -> Prop}" in step arguments and below.  Nice!
[Wed Aug 13 02:32:09 2014] <jrw> np
[Wed Aug 13 03:18:02 2014] <johnw> can I have mutually recursive records?
[Wed Aug 13 03:36:18 2014] <gdsfh> johnw: afaik no; last answer I received about this was "use mutually recursive inductive types to emulate records".
[Wed Aug 13 03:36:36 2014] <edwardk> when using mutually recursive inductive types how much uglier does it get?
[Wed Aug 13 03:38:11 2014] <gdsfh> 1. explicit projections need to be written, 2. no record.(field) notation, only "proj record".
[Wed Aug 13 03:38:31 2014] <edwardk> 2.) was what i was afraid of
[Wed Aug 13 03:39:10 2014] <edwardk> i suppose you could define the raw 'un-tied' record, make inductive data types that used the raw records as their only members and tie through that?
[Wed Aug 13 03:39:11 2014] <gdsfh> however maybe it's possible to invent nicely looking notation like "r <something> f" := (f r).
[Wed Aug 13 06:32:44 2014] <roosbeef> so im using refine to skip over some things and fill in the blanks later
[Wed Aug 13 06:33:01 2014] <roosbeef> how do i make it so that Coq remembers where the fillers came from?
[Wed Aug 13 06:33:38 2014] <roosbeef> for example,
[Wed Aug 13 06:34:44 2014] <roosbeef> https://privatepaste.com/d098c77d10
[Wed Aug 13 06:35:16 2014] <roosbeef> at the end, im left with this proof state: https://privatepaste.com/4dea4a37dc
[Wed Aug 13 06:35:49 2014] <roosbeef> basically, if Coq would have remembered that x was originally in lss, this would be (almost) trivial
[Wed Aug 13 07:01:27 2014] <hodapp> http://gizmodo.com/a-computer-has-finally-proven-the-answer-to-a-400-year-1620027845
[Wed Aug 13 07:01:39 2014] <hodapp> * stabs the author of that article, and most of the commenters
[Wed Aug 13 07:01:55 2014] <ijp> * sees "gizmodo", ignores
[Wed Aug 13 07:02:29 2014] <hodapp> a wise choice.
[Wed Aug 13 07:02:33 2014] <hodapp> I missed that when I clicked.
[Wed Aug 13 07:02:49 2014] <hodapp> tl;dr https://en.wikipedia.org/wiki/Kepler_conjecture#A_formal_proof
[Wed Aug 13 07:48:03 2014] <torfscholle> Hello all! I'm currently trying to get an overview over the different kinds of Martin Loef Type Theories. Concerning the system described in "Intuitionistic Type Theory", I'm wondering if one can replace the new kind of judgement "A Type" by an ordinary typing judgement "A : Type" with an atomic type 'Type'. As far as I understand, unless one is willing to add a whole hierarchy of types as in Coq, this means that 'Type' itself will not
[Wed Aug 13 07:48:03 2014] <torfscholle> have any type, since 'Type : Type' is inconsistent -- but does this cause problems? Can't one have expressions that arise as types of other expressions, while they are themselves not of any type?
[Wed Aug 13 07:49:03 2014] <torfscholle> With 'Type' introduced as an atomic type, one could e.g. model first order predicate logic by having 'A : Type' as an axiom for any sort A, and 'reln : A1 -> ... -> An -> Type' as an axiom for any n-ary predicate between sorts Ai, and 'fn: A1 -> ... -> An -> B' as an axiom for any n-ary function symbol in the theory. While it's not very different from having "A type" as a new kind of judgement, and introducing axioms 'x1 : A1, ..., xn:
[Wed Aug 13 07:49:03 2014] <torfscholle> An |- reln x1 ... xn type' and so on for sorts, relations and functions, I'd find the above variant more natural. But maybe I'm missing some complications that arise...?
[Wed Aug 13 08:17:37 2014] <jgross> johnw, edwardk: Yes, I get almost all dualization for free (except for this pesky bit of limits not being opposite colimits when they're defined as Kan extensions, because (C^op -> D^op)^op isn't judgmentally (C -> D).  You don't have to use HoTT to do this, though.  However, the correct solution is clearly to get ghc to implement HoTT, to mirror the Coq stuff.  (Using HoTT also doesn't need to pull you away from Haskell.  You just need to think
[Wed Aug 13 08:17:37 2014] <jgross> more carefully about which types are actually sets and which types are univalent and which types are hProps.) 
[Wed Aug 13 09:08:24 2014] <jgross> johnw: Do you want to add your email address to https://coq.inria.fr/bugs/show_bug.cgi?id=3511, so you get updates and can respond with things about your code?  Pierre-Marie Pédrot said "I think that you're stressing the native compiler too much. It doesn't really like to be fed with huge proof terms, and this is not its purpose altogether... I'll assign this bug to Maxime anyway." 
[Wed Aug 13 10:03:27 2014] <edwardk> jgross: we definitely know we're leaning on the compiler too hard just trying to brute force stuff through as we go
[Wed Aug 13 10:05:02 2014] <edwardk> jgross: part of what i started last night was going through and seeing if we can swap out the foundations to make something prettier, because what is there is just an effort in programming by force of will, not elegance =)
[Wed Aug 13 10:15:09 2014] <jgross> edwardk: Where are you running into trouble with brute force?  (I think most places where I throw brute force tactics at things are either when I'm shoving isomorphisms around (mostly pseudofunctors and grothendieck) and when transporting across equalities is painful because Coq's pattern matcher isn't good enough.  I guess my yoneda proofs are a bit ugly, but not very long.  I also might have forgotten some cases.) 
[Wed Aug 13 10:17:02 2014] <edwardk> so far we're getting by actually, this is sort of stab 1 while we get the kinks worked out of how to work. the main thing i want to do is go do work with double categories / framed bicategories / proarrow equipments where things are much more interesting, but we need to get past the base vocabulary first
[Wed Aug 13 10:17:41 2014] <edwardk> my usual approach is to just spew code out, learn the language as we go, and ruthlessly refactor over and over
[Wed Aug 13 10:18:06 2014] <edwardk> we'll probably adopt your symmetry hacks
[Wed Aug 13 10:21:29 2014] <edwardk> the current work we're doing is just setting up limits and colimits in terms of adjoints to the diagonal functor, then monoidal categories, so we can do day convolution, set up monoidal functors and monads as monoids, and then do profunctor composition, show prearrows as monoids of profunctor composition, build a notion of a generalized tambara module that I use for lens so we can get free freyd categories and can freely adjoin
[Wed Aug 13 10:21:29 2014] <edwardk>  'profunctor strength' to any profunctor, model monads and comonads on the category of profunctors, since the Tambara construction is a comonad, and the left adjoint to the construction is a monad whose monad algebras are the strong profunctors
[Wed Aug 13 10:21:39 2014] <edwardk> once we have that we can start talking about the lens plumbing
[Wed Aug 13 10:21:50 2014] <edwardk> thats the stuff i want to talk about mostly
[Wed Aug 13 10:22:24 2014] <edwardk> and i'm happy to swap out plumbing a couple dozen times to get a better sense of taste til we get there.
[Wed Aug 13 10:22:27 2014] <jgross> I'll be interested to see if you can get 2-category stuff working with reasonable speed.  I had problems when I tried in 8.4, though now that trunk is faster, I might try again. 
[Wed Aug 13 10:23:10 2014] <edwardk> especially since i'm more interested in virtual double categories than 2-categories
[Wed Aug 13 10:24:52 2014] <jgross> I have (co)limits as adjoints to the diagonal functor (there's a nifty way of setting this up where you define adjoints using universal morphisms, and you get the usual definition of limits just by unfolding that definition), and I had monoidal categories at one point, but that's where things started getting really slow. 
[Wed Aug 13 10:24:56 2014] <edwardk> i figure the two areas i really know category theory cold are in all the generalized notions of currying/uncurrying/powers/copowers that arise and the asymptotic benefits of certain representations, and in the area of framed bicategories since lens is basically built upon quantifying over the choice of all possible profunctors and working with interesting functors between certain full-subcategories of prof
[Wed Aug 13 10:26:55 2014] <edwardk> here we got stuck a little bit on limits the other day because i forgot a side-condition and poor john beat his head against a wall trying to prove the unprovable for a couple hours, but i think we know the right way forward now
[Wed Aug 13 10:27:03 2014] <edwardk> or rather 'a way forward'
[Wed Aug 13 10:27:08 2014] <edwardk> i hesitate to say the right way
[Wed Aug 13 10:27:51 2014] <edwardk> but ultimately to dodge axiom of choice issues we're going to get shoehorned into taking the univalence approach you did or going to anafunctors and ananatural transformations soon
[Wed Aug 13 10:28:54 2014] <jgross> Yeah, I did something like that when I was first formalizing limits. I said something like "there exists a unique morphism m : s -> d, and also P holds of m" rather than "there exists a unique morphism m : s -> d for which P holds".  I developed an allergy to having too many side conditions and moved to the "intial/terminal objects of comma categories" definition. 
[Wed Aug 13 10:29:18 2014] <edwardk> not a bad choice
[Wed Aug 13 10:29:30 2014] <jgross> Univalence!  (Although, I don't actually make use of it that much, yet.) 
[Wed Aug 13 10:30:17 2014] <edwardk> i'm probably going to steer john towards defining dinatural transformations and swapping out the guts of our natural transformations, build comma categories, do grothendieck through commas, etc.
[Wed Aug 13 10:31:08 2014] <edwardk> ultimately the main thing where univalence gives me heebie-jeebies is i don't really have a firm grasp of where my programs will get stuck because of it.
[Wed Aug 13 10:31:32 2014] <jgross> It's really slick, because you get the fact that (co)limits assemble into a functor which is adjoint to the diagonal functor for free, out of the appropriate characterization of adjoint functors in general.	(I'm kind-of bummed that the adjoint functor theorem talks about limits and colimits in particular; I want to see if there's some nice way of looking at it so that you only talk about adjoints without explicitly mentioning the diagonal
[Wed Aug 13 10:31:32 2014] <jgross> functor, or something.) 
[Wed Aug 13 10:32:45 2014] <jgross> Why do you need dinatural transformations to do comma categories?  And how do comma categories give you grothendieck? 
[Wed Aug 13 10:33:17 2014] <hodapp> * reads "dinosaur transformations"
[Wed Aug 13 10:33:19 2014] <edwardk> you don't need it for comma categories, but you want them so you can talk about ends/coends, then use the end to build nat
[Wed Aug 13 10:33:19 2014] <hodapp> * rubs eyes
[Wed Aug 13 10:33:31 2014] <edwardk> and the comma category is a nice place to do all that
[Wed Aug 13 10:33:40 2014] <edwardk> if you don't want to just directly compose the functors
[Wed Aug 13 10:35:01 2014] <jgross> Univalence will never make your programs get stuck forever; you can always compute by hand, or wait until the technology develops to compute automatically.  You might need a "compute by tactics" or "univalence scrubber tactic" or something.  (And it'll get your programs temporarily stuck in roughly the same places that using funext will get them stuck, I think, except when you're talking about types rather than functions) 
[Wed Aug 13 10:35:37 2014] <edwardk> that's fair
[Wed Aug 13 10:35:48 2014] <jgross> Oh, because grothendieck is a (co)end over something?  I remember thinking (co)ends were ugly because the diagram you were taking the (co)limit over was too complicated. 
[Wed Aug 13 10:35:53 2014] <edwardk> univalence is actually very much my preferred way of thinking about this stuff
[Wed Aug 13 10:36:35 2014] <edwardk> part of this is me going off and trying all the dumb ways to put things together so i can know in my bones why they are dumb and if not make a little progress ;)
[Wed Aug 13 10:38:10 2014] <edwardk> for fiddling with univalence then, what is needed that isn't in head? do you still need to go off and apply the voevodsky hacks to dodge the use of prop etc?
[Wed Aug 13 10:38:38 2014] <edwardk> i'm happy to go back down that path in a branch or side project
[Wed Aug 13 10:40:20 2014] <jgross> Depends how much you care about consistency.  If you want to keep [eq] out of Prop, you need to replace the standard library and use one compiled with -indices-matter (forces [eq] to be in Type).  HoTT/HoTT does this.  If you don't care about smuggling large types into prop and having unsound extraction when you use univalence, you don't need to do anything.  Regardless, you don't need to patch HEAD Coq or anything like that. 
[Wed Aug 13 10:41:01 2014] <edwardk> ok, so -indices-matter is the real trick
[Wed Aug 13 10:41:29 2014] <vanila> is this a workaround for jmeq?
[Wed Aug 13 10:41:30 2014] <edwardk> i may sit down and brute force my way through a simple core then just for familiarity's sake
[Wed Aug 13 10:41:42 2014] <jgross> Yes.  It says "if my inductive type has large indices, then it can't live in Prop", roughly. 
[Wed Aug 13 10:42:17 2014] <edwardk> jmeq being the old john major equality thing?
[Wed Aug 13 10:42:39 2014] <vanila> yeah
[Wed Aug 13 10:42:41 2014] <edwardk> i can never remember the dumb political joke he was making
[Wed Aug 13 10:42:53 2014] <vanila> everyone is equal, some more than others
[Wed Aug 13 10:42:58 2014] <jgross> vanila: What do you mean?  JMeq is equality of pointed types.  That is [JMeq A a B b] is equivalent to [(A; a) = (B; b) :> { T : Type & T }] 
[Wed Aug 13 10:42:59 2014] <edwardk> ah yes
[Wed Aug 13 10:43:29 2014] <vanila> i gotta run sorry
[Wed Aug 13 10:43:32 2014] <vanila> saked at a bad time
[Wed Aug 13 10:44:37 2014] <jgross> edwardk: While you're at it, you should [Set Primitive Projections], so you get judgmental eta for records (and faster nested sigma types). 
[Wed Aug 13 10:44:52 2014] <edwardk> that is the thing that lets you do field projections?
[Wed Aug 13 10:45:15 2014] <jgross> What do you mean? 
[Wed Aug 13 10:46:28 2014] <edwardk> turning that on now
[Wed Aug 13 10:46:58 2014] <edwardk> Set Printing Projections i guess
[Wed Aug 13 10:47:20 2014] <edwardk> http://coq.inria.fr/V8.2pl1/refman/Reference-Manual004.html the bit about dot projection
[Wed Aug 13 10:47:46 2014] <jgross> No, I mean Primitive projections, not Printing projections.  It's a new feature of trunk. 
[Wed Aug 13 10:48:09 2014] <edwardk> yeah noticed the different words after i asked
[Wed Aug 13 10:48:23 2014] <edwardk> turning that on now everywhere
[Wed Aug 13 10:49:41 2014] <jgross> Once I get Matthieu to fix the remaining bugs, I'll move to that in the HoTT library, and I'll only need one kind of opposite natural transformation, rather than the 8 or 16 I have now. 
[Wed Aug 13 10:54:54 2014] <edwardk> that is a very strong argument for turning it on. what goes wrong?
[Wed Aug 13 10:56:13 2014] <jgross> https://coq.inria.fr/bugs/show_bug.cgi?id=3507, https://coq.inria.fr/bugs/show_bug.cgi?id=3503, https://coq.inria.fr/bugs/show_bug.cgi?id=3481, https://coq.inria.fr/bugs/show_bug.cgi?id=3484, https://coq.inria.fr/bugs/show_bug.cgi?id=3505, https://coq.inria.fr/bugs/show_bug.cgi?id=3504, https://coq.inria.fr/bugs/show_bug.cgi?id=3478, https://coq.inria.fr/bugs/show_bug.cgi?id=3506 
[Wed Aug 13 10:58:03 2014] <jgross> There are some minor bugs with evars vs. metas, things (such as subject reduction) break if you ever mix [match] and the primitive projections, and [?f ?x] no longer matches an application of a primitive projection.  And if you mix the eta-expanded forms with the non-eta-expanded forms, [rewrite] fails.  That's most of it. 
[Wed Aug 13 10:58:45 2014] <jgross> Nothing that can't be worked around, but stuff I want to see fixed in Coq rather than committing a bunch of changes to work around it. 
[Wed Aug 13 10:59:17 2014] <edwardk> fair
[Wed Aug 13 11:00:43 2014] <jgross> e.g., until recently, things like [apply <left identity rule>] failed if <left identity rule> was a primitive projection; now it silently eta-expands instead, which is what I think it should do. (After that, the diff to make HoTT/HoTT work with primitive projections went from ~700 loc changed to ~200 loc changed) 
[Wed Aug 13 13:48:31 2014] <johnw> morning
[Wed Aug 13 21:46:20 2014] <edwardk> jgross: around?
[Wed Aug 13 21:48:25 2014] <edwardk> Trying to understand Local Obligation Tactic. If I turn it on, I have a Program Instance block that has 'solved obligations' but i still have to open them one at a time and say they are defined
[Wed Aug 13 21:48:46 2014] <edwardk> tried: Local Obligation Tactic := path_induction.
[Wed Aug 13 21:49:08 2014] <edwardk> and i have a ton of obligations that all look like Obligation 2. path_induction. Defined. that i'd think that would clear out
[Wed Aug 13 21:49:27 2014] <edwardk> https://github.com/jwiegley/category-theory/blob/master/Toy.v#L117
[Wed Aug 13 21:50:16 2014] <edwardk> ideas?
[Wed Aug 13 21:51:37 2014] <edwardk> I also am not clear on how to use Solve Obligations with ...
[Wed Aug 13 21:51:49 2014] <edwardk> they all need the same tactic
[Wed Aug 13 22:02:57 2014] <edwardk> it just weirds me out that i get Obligation 1. Defined. -- for some of them after o turn on the Local Obligation Tactic -- but others don't work
[Wed Aug 13 22:04:21 2014] <johnw> me too
[Thu Aug 14 02:28:51 2014] <jgross> edwardk: Replace [induction] with [destruct] in [path_induction] and it should work fine.  Also, add yourself to https://coq.inria.fr/bugs/show_bug.cgi?id=3517. :-P 
[Thu Aug 14 03:52:09 2014] <torfscholle> good morning
[Thu Aug 14 04:03:04 2014] <jgross> Also, johnw, edwardk: You should list all of your files in _CoqProject, and not pass *.v to coq_makefile (also, possibly don't pass '.', but I'm not sure about that one).  This way, you won't get the page of spew about duplicated targets.	 
[Thu Aug 14 04:03:17 2014] <jgross> torfscholle: good morning  
[Thu Aug 14 04:03:30 2014] <johnw> ah, ok
[Thu Aug 14 04:03:34 2014] <johnw> i do list the files in _CoqProject
[Thu Aug 14 04:04:16 2014] <johnw> ah, much nicer
[Thu Aug 14 04:05:28 2014] <jgross> Also, use $(MAKE), rather than make, to invoke make on, e.g., Makefile.coq.  I think this will make `make -j4` (or however many threads you want) work for the parallel build) 
[Thu Aug 14 04:19:39 2014] <johnw> thanks!
[Thu Aug 14 04:23:57 2014] <torfscho`> Would you mind if I asked some basic thing about systems with dependent types, although not yet Coq?
[Thu Aug 14 04:24:07 2014] <johnw> go for it
[Thu Aug 14 04:26:25 2014] <torfscholle> I'm trying to understand the precise relation between ML type theory, the logical framework lLF as in Pierce's ATPL, and the PTS lP over {*,o}, {* : o}, {(*,*), (*,o)}.
[Thu Aug 14 04:27:27 2014] <torfscholle> It seems that in MLTT, one can only form product and sum types of dependent types, but the dependent types themselves do not exist in the system -- they can only be realized through new axiomatic judgements as 'x y : A |- I x y Type'
[Thu Aug 14 04:29:14 2014] <torfscholle> In lLF, one can introduce them through adding kind assumptions 'I :: A -> A -> *' to the context, but still, one can't define new dependent types through lambda abstractions. In lP finally, one does have abstraction on the type level, and this seems most natural to me. Despite these differences, I'm wondering that all these systems allow for a faithful embedding of first order predicate logic?
[Thu Aug 14 04:34:58 2014] <torfscholle> ... or am I mixing things up?
[Thu Aug 14 04:36:21 2014] <johnw> I don't know enough to say
[Thu Aug 14 04:51:08 2014] <torfscholle> johnw: okay, thanks for reading! It's not terribly important anyway, I'm just trying to get a better overview over the many different type systems.
[Thu Aug 14 04:52:37 2014] <torfscholle> johnw: what are you working on?
[Thu Aug 14 04:52:48 2014] <johnw> MoreLogic.v from Software Foundations right now
[Thu Aug 14 04:53:25 2014] <ijp> they added a morelogic?
[Thu Aug 14 04:53:36 2014] <johnw> yeah, 3.0 changed a lot
[Thu Aug 14 05:00:30 2014] <torfscholle> johnw: ah, interesting. is this the definition of existential quantification that's automatically loaded and used in coq when one writes "exists ..."?
[Thu Aug 14 07:57:47 2014] <roosbeef> anybody have an example of well-founded recursion? I find the Adam Chlipala example highly confusing
[Thu Aug 14 08:15:20 2014] <roosbeef> (ie. of a function using Fix)
[Thu Aug 14 09:25:28 2014] <torfscholle> roosbeef: hi. as far as I understand it, realizing a recursion as being well-founded is a generalization of the method of proving termination of recursive definitions by means of assigning non-negative integer values to the values over which you induct, in such a way that they decrease on each induction step. this is most obvious if the values themselves are numerical, as in the definition of the factorial, but it also works in the
[Thu Aug 14 09:25:28 2014] <torfscholle> mergesort example, where each time mergesort calls itself, it does so with a list of smaller size as argument. however, the point of the technique is not that you are working with non-negative integers, but only that you know there is no infinite strictly decreasing chain of such, and this is precisely what you keep when working with a general well-founded relation
[Thu Aug 14 09:33:09 2014] <torfscholle> I don't know a *useful* example of a well-founded relation R on a type A which is not "layered" in the sense that there is some function f : A -> N_{>= 0} such that R x y <=> f x <= f y, but they exist: for example, consider ordered chains of elements of length 1,2,3,..., and tie them all together at their top element (or take any rooted tree with longer and longer paths from the root to the leaves). then this is a well-founded relation
[Thu Aug 14 09:33:10 2014] <torfscholle> over which you could possible induct, but it is not realizable through a numerical function f as above.
[Thu Aug 14 09:56:59 2014] <roosbeef> hm
[Thu Aug 14 09:57:07 2014] <roosbeef> unfortunately i have to run now
[Thu Aug 14 09:57:11 2014] <roosbeef> work in 3 minutes :p
[Thu Aug 14 09:57:20 2014] <roosbeef> ill look into it later
[Thu Aug 14 09:57:22 2014] <roosbeef> thanks a lot! :)
[Thu Aug 14 11:54:14 2014] <Ainieco> hello
[Thu Aug 14 11:56:28 2014] <Ainieco> i'm a little bit stuck, could someone kindly help me with http://lpaste.net/1719548139012096000 ?
[Thu Aug 14 11:57:07 2014] <Ainieco> i just don't know how to approach it, struggling for couple of days already and feeling terminally dumb
[Thu Aug 14 11:58:05 2014] <vanila> What do you import for this?
[Thu Aug 14 11:58:12 2014] <vanila> snoc is missing
[Thu Aug 14 12:00:30 2014] <Ainieco> http://lpaste.net/1719548139012096000 is it okay now?
[Thu Aug 14 12:00:34 2014] <Ainieco> it's from SF
[Thu Aug 14 12:03:48 2014] <Ainieco> should not require any import at all http://lpaste.net/1719548139012096000
[Thu Aug 14 12:04:18 2014] <Ainieco> sorry about previous ones
[Thu Aug 14 12:05:31 2014] <vanila> this is kind of tricky, did oyu try proving a lemma about split'?
[Thu Aug 14 12:05:40 2014] <vanila> rather than trying to prove the theorem directly by induction on l or so
[Thu Aug 14 12:06:34 2014] <Ainieco> nope, what kind of lemma one can prove about split' to assist combine_split proof?
[Thu Aug 14 12:07:15 2014] <vanila> im having a look
[Thu Aug 14 12:07:49 2014] <Ainieco> did i defined split function in a i shouldn't have at this point in book?
[Thu Aug 14 12:08:15 2014] <Ainieco> i wonder how else one can define split... using map problably but map is defined well after split in book
[Thu Aug 14 12:09:50 2014] <vanila>   split' l (a1, a2) = (l1, l2) -> combine l1 l2 = app(combine a1 a2) l.
[Thu Aug 14 12:09:51 2014] <vanila> maybe this?
[Thu Aug 14 12:10:21 2014] <vanila> I don't know how this related to the book, this is so hard that I imagine you've strayed off the book - but still should be provable and a good learning exercise
[Thu Aug 14 12:11:54 2014] <Ainieco> haha, kind of relief to hear "this is so hard" from someone else, after struggling with it so much time :)
[Thu Aug 14 12:13:19 2014] <Ainieco> vanila: let me try to prove it tonight, not sure how it going to help with main proog yet tho
[Thu Aug 14 12:14:20 2014] <vanila> I don't know if this lemma will be easier to prove
[Thu Aug 14 12:14:25 2014] <vanila> let me show you how I came up with it
[Thu Aug 14 12:14:57 2014] <Ainieco> i guess i just defined split really not the way Pierce imagined one would define it
[Thu Aug 14 12:15:12 2014] <vanila> There are two difficult things about this
[Thu Aug 14 12:15:39 2014] <vanila> First is that you are doing stuff with snoc, reversing lists
[Thu Aug 14 12:16:27 2014] <vanila> second is that the recusion scheme would be nicer if both lists were the same length, but this isn't assured
[Thu Aug 14 12:18:06 2014] <vanila> http://bpaste.net/show/YIfYSTV315agRoTn6Zz6/
[Thu Aug 14 12:20:42 2014] <vanila> I don't think combine_snoc_lemma is true so this can't work without extra assumptions
[Thu Aug 14 12:20:57 2014] <Ainieco> vanila: i could get rid of snoc thing if i define split like this "Fixpoint split {X Y : Type} (l : list (X*Y)) : (list X) * (list Y) := (map fst l, map snd l).
[Thu Aug 14 12:21:00 2014] <Ainieco> "
[Thu Aug 14 12:21:09 2014] <vanila> that could definitely help
[Thu Aug 14 12:21:34 2014] <vanila> that wil make proving this much easier
[Thu Aug 14 12:22:31 2014] <Ainieco> oh, okay, let me try, i guess i can't use map here because it will be defined later on so i'll define split' and split'' which just specialized map on fst and snd functions
[Thu Aug 14 12:23:15 2014] <vanila> i hvae to go, good luck
[Thu Aug 14 12:23:41 2014] <Ainieco> thanks!
[Thu Aug 14 13:01:16 2014] <edwardk> When I see
[Thu Aug 14 13:01:17 2014] <edwardk>   { PreOrder_Reflexive :> Reflexive R | 2 ;  -- what is the | 2 ?
[Thu Aug 14 13:13:33 2014] <jgross> edwardk: It's a priority.  See http://coq.inria.fr/refman/Reference-Manual022.html#hevea_command314 
[Thu Aug 14 13:13:52 2014] <edwardk> thanks
[Thu Aug 14 13:14:07 2014] <jgross> (The :> means "Existing Instance" for Classes, and "Coercion" for Records.) 
[Thu Aug 14 13:14:18 2014] <edwardk> yeah
[Thu Aug 14 13:14:23 2014] <edwardk> i grok the :> part
[Thu Aug 14 13:14:31 2014] <edwardk> next question, since i have you =)
[Thu Aug 14 13:14:50 2014] <edwardk>  Local Obligation Tactic -- how do i get it to actually do work?
[Thu Aug 14 13:15:00 2014] <edwardk> i can get it to _almost_ finish my obligations
[Thu Aug 14 13:15:25 2014] <edwardk> but they get left hanging where i still need to open some of them up with Obligation 1. Defined. -- to finish them off =/
[Thu Aug 14 13:15:59 2014] <edwardk> i have a crap ton of things that can all be defined by path_induction
[Thu Aug 14 13:16:20 2014] <edwardk> and it'd be nice to just kill all the boilerplate Next Obligation. path_induction. Defined. lines in my project
[Thu Aug 14 13:16:29 2014] <jgross> Update Coq.  Matthieu fixed https://coq.inria.fr/bugs/show_bug.cgi?id=3517. 
[Thu Aug 14 13:16:31 2014] <edwardk> i tried Solve All Obligations with path_induction.
[Thu Aug 14 13:16:33 2014] <edwardk> k
[Thu Aug 14 13:16:46 2014] <edwardk> perfect
[Thu Aug 14 13:17:20 2014] <jgross> (If you ever have to do [Next Obligation. Defined.], it's probably a bug, and likely worth tracking down and reporting.) 
[Thu Aug 14 13:18:05 2014] <edwardk> i didn't get very far with your Set Primitive Projections suggestion.
[Thu Aug 14 13:18:18 2014] <edwardk> that one blew up on me halfway through my second or third record/class
[Thu Aug 14 13:18:39 2014] <edwardk> and i'm glad to hear it wasn't just me on that one =)
[Thu Aug 14 13:19:04 2014] <edwardk> i was wracking my brains trying to figure out why Solve All Obligations / Obligation Tactic wasn't working
[Thu Aug 14 13:19:33 2014] <jgross> Blew up on you how?  Like, rewrite started failing?  Or Ltac pattern matching started failing?	Or like, Coq crashed or melted your computer?  (Or something else?) 
[Thu Aug 14 13:21:12 2014] <edwardk> let me turn it on again real quick
[Thu Aug 14 13:21:29 2014] <edwardk> Set Primitive Projections
[Thu Aug 14 13:21:31 2014] <edwardk> er
[Thu Aug 14 13:21:40 2014] <edwardk> Error: Cannot recognize a projection
[Thu Aug 14 13:21:56 2014] <jgross> Yeah, I generally take the "minimize first, report second, applogize if it's not actually a bug later" approach.  (I had to do that last one for https://coq.inria.fr/bugs/show_bug.cgi?id=3498.  But more often then not, I either notice how it works in the process of minimizing the code, or it's actually a bug.)  I guess this might only work well because I have a pretty decent idea of how most of Coq works. 
[Thu Aug 14 13:21:56 2014] <edwardk> is what i get when i go to use one of the Class definitions that works fine without it
[Thu Aug 14 13:22:08 2014] <jgross> Er, what's the class definition? 
[Thu Aug 14 13:22:23 2014] <jgross> When you declare the class, or use it? 
[Thu Aug 14 13:22:28 2014] <edwardk> when i declare it
[Thu Aug 14 13:22:33 2014] <edwardk> i don't even get close to using it
[Thu Aug 14 13:22:59 2014] <edwardk> its a precategory class that looks a lot like yours, for setting up an (infinity,1)-category, sans the IsHSet constraint on  morphisms
[Thu Aug 14 13:24:02 2014] <vanila> Toplevel input, characters 0-160:
[Thu Aug 14 13:24:03 2014] <vanila> Anomaly: Backtrack.backto 40: a state with no vcs_backup. Please report.
[Thu Aug 14 13:24:05 2014] <vanila> this is getting annoying
[Thu Aug 14 13:24:19 2014] <vanila> am I the only one seeing this a lot in HEAD?
[Thu Aug 14 13:24:34 2014] <edwardk> one sec. let me update the file
[Thu Aug 14 13:25:02 2014] <jgross> edwardk: Unrelated question: why do you make it a class?  I can't imagine that typeclass inference is actually helping you in most cases.
[Thu Aug 14 13:25:02 2014] <jgross> Acutal question: which fields can you remove without making the error go away? 
[Thu Aug 14 13:25:55 2014] <edwardk> the class is cargo cult, the reason is i don't know how to get my definitions later to just set up missing fields automatically as obligations when i don't use it because i suck at coq
[Thu Aug 14 13:26:11 2014] <edwardk> good question. one sec. pushing now so you can see the thing that breaks
[Thu Aug 14 13:26:51 2014] <edwardk> https://github.com/jwiegley/category-theory/blob/master/Toy.v#L51 is the definition that doesn't like the Set Primitive Projections
[Thu Aug 14 13:26:54 2014] <jgross> vanila: Is this HEAD as of today/yesterday, or HEAD as of a few weeks ago?  Enrico (or maybe Pierre or Arnaud) fixed most of those; the only one I know about is when you have a [Definition] or [Goal] in the middle of another proof and your statement doesn't parse or type-check.	Are you seeing this one, or another one? 
[Thu Aug 14 13:27:11 2014] <vanila> ah i better update and then see if its still happening
[Thu Aug 14 13:27:38 2014] <edwardk> (* ; uhom             := Type : Type *) is the culprit
[Thu Aug 14 13:29:03 2014] <jgross> Really?  Set Primitive Projections. Class foo := { bar := Type }. works for me.  It must be that together with other ones? 
[Thu Aug 14 13:29:35 2014] <edwardk> Class Precategory := { ob               :> Type; uhom             := Type : Type}.
[Thu Aug 14 13:29:37 2014] <edwardk> that fails for me
[Thu Aug 14 13:29:52 2014] <jgross> Also, why do you have uhom in there at all?  (Where do you need it?) 
[Thu Aug 14 13:30:21 2014] <jgross> Possible way to make it not a class: use an underscore wherever you want [Program] to give it to you as an obligation. 
[Thu Aug 14 13:30:42 2014] <edwardk> we may well not need it to be in there at all
[Thu Aug 14 13:30:46 2014] <jgross> edwardk: You want to report this bug, or shall I? 
[Thu Aug 14 13:30:50 2014] <edwardk> it was something johnw threw in i kept
[Thu Aug 14 13:30:53 2014] <edwardk> go for it
[Thu Aug 14 13:31:04 2014] <vanila> Ainieco, any luck? I had a look at it and I think this way works also
[Thu Aug 14 13:31:06 2014] <edwardk> i suck at bug reporting
[Thu Aug 14 13:31:19 2014] <edwardk> i tend to find them, find workarounds and keep my head down while working on the problem i have at the moment ;)
[Thu Aug 14 13:31:26 2014] <Ainieco> vanila: http://lpaste.net/1719548139012096000 stuck here currently
[Thu Aug 14 13:32:15 2014] <jgross> That's what practice is for?  You already have a minimal example (Set Primitive Projections. Record foo := { bar : Type ; baz := Set }.), all you need to do is say that that gives you the error message you get. 
[Thu Aug 14 13:32:25 2014] <edwardk> heh
[Thu Aug 14 13:32:47 2014] <vanila> http://bpaste.net/show/H37nUljUPW4PhoBFsjMq/
[Thu Aug 14 13:32:52 2014] <vanila> with your original defs this works ok
[Thu Aug 14 13:33:03 2014] <vanila> like, I assume it would be routine to complete this
[Thu Aug 14 13:33:06 2014] <edwardk> ok, with uhom gone now I can use Set Primitive Projections
[Thu Aug 14 13:33:47 2014] <vanila> since I instlaled HEAD I have to do so much messing about to get other peoples code to load, its really frustrating
[Thu Aug 14 13:33:52 2014] <vanila> implicit args all changed
[Thu Aug 14 13:34:04 2014] <jgross> Also, that's part of what I made my bug-minimizer for; I set that on my error-generating code, and let it run while I keep working, and come back to it a few hours later.  (That's why I have it inline all the dependencies first, so I don't have to worry about messing up the error when working on code.) 
[Thu Aug 14 13:34:22 2014] <jgross> vanila: Are you looking for [Set Asymmetric Patterns]? 
[Thu Aug 14 13:34:34 2014] <jgross> So, edwardk, are you going to go report the bug? 
[Thu Aug 14 13:34:36 2014] <edwardk> so basically 'quickcheck shrink' for coq
[Thu Aug 14 13:34:39 2014] <vanila> I don't know, I just want other peoples code to work when I open it up
[Thu Aug 14 13:34:41 2014] <edwardk> ok ok i'll do it
[Thu Aug 14 13:34:45 2014] <edwardk> let me go find the bugtracker
[Thu Aug 14 13:34:47 2014] <vanila> I guess it'll sort itself when everyones at the same version
[Thu Aug 14 13:35:35 2014] <vanila> Ainieco, define split as Definition not Fixpoint
[Thu Aug 14 13:35:56 2014] <jgross> vanila: there are a bunch of compatibility flags.  Set Asymmetric Patterns is the big one, because they changed implicits in pattern matching, and this changes them back.  Alternatively, you could keep 2 versions of Coq installed (or thirteen, which is how many I have). 
[Thu Aug 14 13:35:59 2014] <vanila> now you can complete the proof using inversion H; subst; rewrite IHxs; reflexivity
[Thu Aug 14 13:36:15 2014] <vanila> oh, destruct x in there
[Thu Aug 14 13:36:48 2014] <vanila> jgross, oh I see!
[Thu Aug 14 13:38:19 2014] <edwardk> done =P
[Thu Aug 14 13:38:39 2014] <edwardk> where is Asymmetric Patterns defined i can't find what it means in the docs
[Thu Aug 14 13:39:33 2014] <edwardk> and not being part of the culture i can't tell if its good bad or indifferent ;)
[Thu Aug 14 13:39:41 2014] <Ainieco> vanila: already at destruct x part :)
[Thu Aug 14 13:41:00 2014] <jgross> edwardk: https://github.com/coq/coq/blob/trunk/CHANGES#L66  Don't set it, unless you're porting a large body of code from 8.4.	It's a compatibility flag, and may go away some day. 
[Thu Aug 14 13:41:08 2014] <edwardk> k
[Thu Aug 14 13:41:13 2014] <edwardk> thats what i wanted to know =)
[Thu Aug 14 13:43:59 2014] <vanila> Ainieco, but just comparing the size of your proof with mine, the map definition you came up with is way way easier to work with - a lot of time coming up with nice definitions makes the proofs much easier/possible
[Thu Aug 14 13:44:17 2014] <Ainieco> vanila: i have troubles understanding how does "rewrite IHxs" transfroms "(x, y) :: combine (split' xs) (split'' xs) = (x, y) :: xs" into "(x, y) :: xs = (x, y) :: xs"?
[Thu Aug 14 13:44:27 2014] <Ainieco> vanila: agreed
[Thu Aug 14 13:44:34 2014] <vanila> well that's just a hypothesis that needs to discharged, for the rewrite to work
[Thu Aug 14 13:44:43 2014] <vanila> the actual rewrite is the other goal
[Thu Aug 14 13:45:06 2014] <vanila> whats happening here is that Coq is using unification to guess the variables needed to do the rewrite
[Thu Aug 14 13:48:31 2014] <Ainieco> ah, okay, it unifies "combine (split' xs) (split'' xs)" with "combine l1 l2" and rewrites it with xs, and then leaves us next goal of proving assumption of split xs = (l1, l2), correct?
[Thu Aug 14 13:48:54 2014] <vanila> yeah exactly
[Thu Aug 14 13:50:02 2014] <Ainieco> edwardk: are you Edward Kmett?
[Thu Aug 14 13:50:07 2014] <edwardk> yep
[Thu Aug 14 13:51:13 2014] <Ainieco> sorry, i was just curious, never mind me
[Thu Aug 14 13:52:43 2014] <edwardk> heh, no worries
[Thu Aug 14 13:54:50 2014] <edwardk> weird
[Thu Aug 14 13:55:19 2014] <edwardk> i have a situation where if i use  Solve All Obligations with path_induction. -- i still wind up with obligations that need Next Obligation. path_induction. Defined.
[Thu Aug 14 13:55:24 2014] <edwardk> even with upgraded trunk
[Thu Aug 14 13:56:21 2014] <edwardk> and worse, if i use Local Obligation Tactic := path_induction -- instead of Solve All Obligations with path_induction then i get a different result
[Thu Aug 14 13:56:42 2014] <edwardk> where instead it puts me in a different state where i can't finish with path_induction on one of the sub-problems.
[Thu Aug 14 13:57:03 2014] <edwardk> i can't tell if this is a coq problem or a problem with my thought process of how this works
[Thu Aug 14 13:57:09 2014] <edwardk> since i'm new here i assume the latter
[Thu Aug 14 13:58:27 2014] <edwardk> maybe its my path_induction tactic
[Thu Aug 14 13:59:41 2014] <Ainieco> interesting how two well known haskellers(edwardk and johnw) popping up on #coq around the same time, are you guys doing something interesting haskell related together in coq?
[Thu Aug 14 14:00:10 2014] <edwardk> but its strange to me that Local Obligation Tactic := path_induction and the Obligation n. path_induction. Defined. don't yield the same answers.
[Thu Aug 14 14:00:15 2014] <edwardk> more or less
[Thu Aug 14 14:00:37 2014] <edwardk> he started work at BAE recently and they are now paying him to do more formal methods stuff.
[Thu Aug 14 14:00:49 2014] <edwardk> and i wrote a library for doing some crazier category theory in haskell
[Thu Aug 14 14:00:59 2014] <edwardk> and he decided he was going to formalize it in coq to understand it
[Thu Aug 14 14:01:03 2014] <edwardk> so i've been helping him out
[Thu Aug 14 14:01:13 2014] <edwardk> but we got to the point where setoids sucked the life out of the project
[Thu Aug 14 14:01:30 2014] <edwardk> and he adopted a few of jgross et al's tricks to fix it up
[Thu Aug 14 14:01:51 2014] <edwardk> but now i'm sitting here playing with switching over to a more HoTT like model to get cleaner, faster proofs
[Thu Aug 14 14:02:16 2014] <edwardk> and just decided to take a bit of time and use it to firm up my understanding of (infinity,1)-categories, etc.
[Thu Aug 14 14:02:49 2014] <edwardk> so for the moment i'm just scribbling pseudo-hott code all over jwiegley's nice repo that is a copy of my haskell category theory machinery in coq ;)
[Thu Aug 14 14:02:57 2014] <edwardk> or something like that
[Thu Aug 14 14:03:42 2014] <Ainieco> wow, that's really great, thanks for sharing!
[Thu Aug 14 14:09:24 2014] <edwardk> jgross: anyways the one thing i seem to get out of Class is that if i make it not a class, then my sugar for (~>) breaks inside Pregroupoid
[Thu Aug 14 14:09:35 2014] <edwardk> which makes me sad
[Thu Aug 14 14:09:40 2014] <edwardk> could be a clean way to recover it
[Thu Aug 14 14:09:46 2014] <edwardk> but i'm not that well versed in the tools
[Thu Aug 14 14:41:22 2014] <johnw> roosbeef: https://gist.github.com/3fc6d545a7907bff8610
[Thu Aug 14 14:41:38 2014] <johnw> roosbeef: for a simple example of using well-founded recursion
[Thu Aug 14 14:47:25 2014] <torfscholle> Given A : Set, is it possible to switch back and forth between maps p: B -> A with B : Set and A-dependent sets, i.e. fib: A -> Set?
[Thu Aug 14 14:51:10 2014] <torfscholle> intuitively, fib should be sent to the disjoint union of its values, while p should be sent to a |-> p^(-1)(a), but I can't realize either of these ideas in coq. can someone help?
[Thu Aug 14 14:55:04 2014] <steven_is_false> Hello, did something called le_ind use to be defined in zarith? I'm having trouble proof checking a script that Frama-C came with?
[Thu Aug 14 14:55:28 2014] <steven_is_false> The part that is failing >> apply Z.le_ind with (n := m) ; auto with zarith.
[Thu Aug 14 15:04:05 2014] <chirpsalot> Hmmm. Would it be crazy to write my math course notes with coq-doc?
[Thu Aug 14 15:04:42 2014] <chirpsalot> Probably in a group theory / number theory course. I think it would be interesting to try, but it might become unwieldy very fast?
[Thu Aug 14 15:05:47 2014] <vanila> that would e a really bad idea
[Thu Aug 14 15:07:05 2014] <vanila> for example a normal math course will introduce associativity then freely write a * b * c without brackets, in your entire development in Coq you'll have to manually re-arrange brackets
[Thu Aug 14 15:07:18 2014] <johnw> but you can achieve that with notations
[Thu Aug 14 15:07:23 2014] <johnw> chirpsalot: I don't see what would be wrong with that, you have the side benefit of knowing that the examples in your notes are correct
[Thu Aug 14 15:07:37 2014] <vanila> i'm not talking about the notation
[Thu Aug 14 15:08:05 2014] <johnw> he can also hide the manual rearrangement, if necessary
[Thu Aug 14 15:08:24 2014] <chirpsalot> johnw: yeah, I am just wondering if I will ever come to the point where I get something that I can't prove in Coq. I think it would be great for working through assignments.
[Thu Aug 14 15:08:29 2014] <johnw> I use literate Haskell to write blog articles for just that reason: to know that what I'm posting works exactly in the form that I'm posting
[Thu Aug 14 15:08:42 2014] <johnw> chirpsalot: you could always mark it Admitted and then hide that statement
[Thu Aug 14 15:08:54 2014] <chirpsalot> johnw: yeah, I was thinking that. And then work it out on paper :).
[Thu Aug 14 15:10:22 2014] <chirpsalot> vanila: I mostly mean writing up the theorems. I used to write up my notes live with LaTeX, but I am thinking of just jotting down the theorems on paper and stuffing them in coq later. It would be cool to write the coq notes live, but I suspect that will be more troublesome :).
[Thu Aug 14 15:13:00 2014] <chirpsalot> Thanks for the tips, though. I think I am going to try it. The most effort would probably be going from Coq proofs -> written proofs to hand in, but that's not too bad. Haven't used Coq for any real number stuff yet...
[Thu Aug 14 15:18:05 2014] <vanila> just worried that you will get bogged down with syntax rubbish pulling your attention away from the number theory concepts
[Thu Aug 14 15:18:49 2014] <hodapp> just pretend the syntax rubbish is like a sacrifice you must make to the gods of computing
[Thu Aug 14 15:37:49 2014] <torfscholle> Does anyone know if, given A : Set, the correpondence between maps A -> Set and pairs (B : Set, f: B -> A) has been formalized in Coq?
[Thu Aug 14 15:46:31 2014] <Ainieco> i wonder why Pierce starts using Prop in the middle of chapter without even explainging what is it
[Thu Aug 14 15:48:31 2014] <Ainieco> http://www.cis.upenn.edu/~bcpierce/sf/current/MoreCoq.html#lab176 here, there are no mentions of Prop before that place whatsoever
[Thu Aug 14 15:51:26 2014] <chirpsalot> vanila: this was one of my concerns -- large part of why I asked. I guess it's worth trying to formalize the course in Coq, though?
[Thu Aug 14 15:53:27 2014] <vanila> chirpsalot, well i dont mean to discourage you it will be fun if you try
[Thu Aug 14 15:53:46 2014] <vanila> torfscholle, I don't exactly understand what you mean
[Thu Aug 14 15:54:03 2014] <vanila> for the second type
[Thu Aug 14 15:55:50 2014] <Ainieco> vanila: does it statest that split is inverse of combine? "forall X Y (l : list (X * Y)) l1 l2, combine l1 l2 = l -> split l = (l1, l2)." just a little confused how simple it is because in SF Pierce even gave some hints which suggests that  define such property should be hard...
[Thu Aug 14 15:56:39 2014] <chirpsalot> vanila: oh no worries :). I'm just a bit new to Coq (month or so of use), and wanted opinions from those more familiar. I don't know what hidden madness awaits me ;).
[Thu Aug 14 15:57:10 2014] <vanila> Ainieco, That isn't true but you should be able to prove it assuming length l2 = length l2
[Thu Aug 14 15:57:13 2014] <vanila> length l1 = length l2
[Thu Aug 14 15:57:28 2014] <johnw> Ainieco: you may want to mention that on coq-club, and you're right it isn't
[Thu Aug 14 15:58:10 2014] <johnw> chirpsalot: lots and lots of hidden madness :)
[Thu Aug 14 15:58:24 2014] <johnw> only, it doesn't look like madness to you from the other side...
[Thu Aug 14 15:59:46 2014] <Ainieco> johnw: are you talking about fact that Prop wasn't mentioned previously in the book or the fact that it "split_combine" is not hard?
[Thu Aug 14 15:59:54 2014] <johnw> former
[Thu Aug 14 16:00:21 2014] <johnw> it's hard to say what's really hard and what's not
[Thu Aug 14 16:00:36 2014] <johnw> i've had 2 star exercises take me a whole evening, and 4-star ones take no time at all
[Thu Aug 14 16:00:44 2014] <johnw> so partly it depends on the person and how you see things
[Thu Aug 14 16:01:33 2014] <Ainieco> vanila: hm, sorry but what do you mean by "That isn't true but you should be able to prove it"? sounds like false = true to me :)
[Thu Aug 14 16:03:03 2014] <Ainieco> probably i'm missing what "that" is
[Thu Aug 14 16:03:05 2014] <Cypi> Ainieco : is http://lpaste.net/raw/1719548139012096000 where you're at?
[Thu Aug 14 16:03:15 2014] <vanila> Ainieco, assuming length l2 = length l2
[Thu Aug 14 16:03:18 2014] <vanila> Ainieco, assuming length l1 = length l2
[Thu Aug 14 16:03:21 2014] <vanila> i.e.
[Thu Aug 14 16:03:28 2014] <vanila> forall X Y (l : list (X * Y)) l1 l2, length l1 = length l2 -> combine l1 l2 = l -> split l = (l1, l2)
[Thu Aug 14 16:03:44 2014] <vanila> this is the issue (2) that I mentioned before
[Thu Aug 14 16:04:34 2014] <Ainieco> vanila: ah, i see now, and Pierce's hint now totally makes sense, thank you once again!
[Thu Aug 14 16:04:44 2014] <vanila> no prob :)
[Thu Aug 14 16:05:51 2014] <Ainieco> Cypi: http://www.cis.upenn.edu/~bcpierce/sf/current/MoreCoq.html#lab187 I'm here now
[Thu Aug 14 16:06:31 2014] <Cypi> Ok :)
[Thu Aug 14 16:07:03 2014] <johnw> the other day I proved false = true.  Then i woke up.
[Thu Aug 14 16:07:39 2014] <Ainieco> Cypi: why do you asking?
[Thu Aug 14 16:47:37 2014] <torfscholle> vanila: if A : Set, intuitively a dependent type f: A -> Set over A can be thought of as a set B equipped with a map p: B -> A, with f a being the "fiber" of p over a. do you agree? I'm wondering how to formalize this correspondence in coq
[Thu Aug 14 16:48:18 2014] <vanila> I have never really understood notions like fiber
[Thu Aug 14 16:49:51 2014] <vanila> I don't understand how this pair exists B : Set, B -> A  is related to f but i think that's just because I don't know about this stuff - does anyone else know?
[Thu Aug 14 16:50:43 2014] <johnw> how do I use an assertion in an Ltac script?
[Thu Aug 14 16:50:48 2014] <johnw> assert (X = false) as Hfalse; [ assumption; rewrite Hfalse; clear Hfalse ] is not working
[Thu Aug 14 16:51:02 2014] <johnw> it's not "entering the goal" for the assertion to perform the subtactics
[Thu Aug 14 16:51:27 2014] <johnw> oh, "by solve"
[Thu Aug 14 16:51:39 2014] <johnw> that did it, thanks
[Thu Aug 14 16:59:19 2014] <torfscholle> vanila: to me, 'fiber' is the categorical name for 'preimage'. here we're talking about sets, so "fiber of f:B->A over a:A" literally means "those b : B where f b = a". however, I already don't know how to formalize this in coq, since 'exists b : B, eq (f b) a' is a proposition rather than a set.
[Thu Aug 14 16:59:42 2014] <vanila> you could use { b : B | a = f b }
[Thu Aug 14 16:59:47 2014] <vanila> this is just exists in Set rather than Prop
[Thu Aug 14 16:59:58 2014] <johnw> an "Adam-style" solution to filter_challenge: https://gist.github.com/063935676a06e1dcddc4
[Thu Aug 14 17:00:59 2014] <torfscholle> vanila: ah, great! didn't know about exists for Sets.. what is it an abbreviation for? 'Check ex' only gives existence quantification for propositions
[Thu Aug 14 17:01:18 2014] <vanila> It's in the Specif part of the stb lib
[Thu Aug 14 17:01:25 2014] <jgross> edwardk (catching up on IRC): [Infix "~>" := (@hom _) : category_scope.] will fix your notation problem.  Alternatively, [Arguments hom {_} _ _.].  The issue is that typeclasses are automatically declared as implicit and maximally inserted (what you get with curlies), while records are not.  Note that using records rather than classes means that you can remove the [@]s from most of your subsequent notations. 
[Thu Aug 14 17:02:32 2014] <johnw> jgross: nice
[Thu Aug 14 17:02:39 2014] <vanila> How do you construct a function B -> A given A -> Set though?
[Thu Aug 14 17:02:41 2014] <johnw> jgross: thank you for all of your help with this!
[Thu Aug 14 17:03:09 2014] <roosbeef> johnw, thanks!!
[Thu Aug 14 17:03:10 2014] <vanila> or do you choose B:=A in this case?
[Thu Aug 14 17:03:27 2014] <johnw> roosbeef: oh hey, I wondered if you'd see that :)
[Thu Aug 14 17:03:31 2014] <roosbeef> haha i did
[Thu Aug 14 17:03:36 2014] <roosbeef> but only right before bedtime :p
[Thu Aug 14 17:03:42 2014] <roosbeef> going to have a closer look tomorrow :)
[Thu Aug 14 17:03:56 2014] <johnw> do ask more questions here if you're still stuck
[Thu Aug 14 17:03:58 2014] <johnw> sleep wlel
[Thu Aug 14 17:04:01 2014] <roosbeef> this looks a LOT simpler than the example Adam Chlipala gave :p
[Thu Aug 14 17:04:11 2014] <roosbeef> ok ill keep that in mind, thank you :)
[Thu Aug 14 17:04:18 2014] <jgross> edwardk: Local Obligation Tactic := path_induction should not leave you any cases where [Obligation n. path_induction. Defined.] is what you need to solve something.  Uh, unless [Local Obligation Tactic := repeat path_induction.] is what you need to solve things.  Anyway, if changing [induction] to [destruct] in [path_induction] fixes it, it's probably another universe issue that you should report on the bug tracker.  I've never used [Solve All
[Thu Aug 14 17:04:18 2014] <jgross> Obligations with], but do you have a concrete (preferably smallish, preferably stand-alone) example? 
[Thu Aug 14 17:04:51 2014] <torfscholle> vanila: fun a : A => {b : B | p b = a} is of type A -> Set
[Thu Aug 14 17:05:00 2014] <edwardk> i don't have anything small
[Thu Aug 14 17:05:08 2014] <edwardk> i'll try destruct there
[Thu Aug 14 17:05:57 2014] <torfscholle> vanila: ah sorry, that's the other direction
[Thu Aug 14 17:06:35 2014] <edwardk> i wind up with Paths_Pregroupoid still getting stuck even after going to destruct
[Thu Aug 14 17:07:04 2014] <edwardk> same issue as before
[Thu Aug 14 17:07:13 2014] <jgross> edwardk: If you can get a variant that gives you an error message (that is different from the one you'd get if you removed the [Local Obligation Tactic] line entirely), then you can use find-bug.py in https://github.com/JasonGross/coq-bug-finder to auto-minimize the file. 
[Thu Aug 14 17:07:24 2014] <vanila> torfscholle, I wish I couldfollow sorry :(
[Thu Aug 14 17:07:35 2014] <vanila> I don't understand what the isomorphism is supposed to be between
[Thu Aug 14 17:08:19 2014] <torfscholle> vanila: no it's fine, I'm just thinking about your question on how to get a map B -> A from a map A -> Set
[Thu Aug 14 17:09:05 2014] <jgross> torfscholle: Are you looking for https://github.com/HoTT/HoTT/issues/323 ?  (The names for exists for sets are sigT and sig (the latter has the second component being a Prop, while the former are both types) 
[Thu Aug 14 17:09:35 2014] <torfscholle> vanila: if f : A -> Set, then the corresponding B should be the union of all the sets f a for a : A. so we can define it as an inductive type "unionOfImages" with constructor 'forall a : A, f a -> unionOfImages'
[Thu Aug 14 17:09:52 2014] <vanila> alright let me try that
[Thu Aug 14 17:11:28 2014] <edwardk> jgross: https://github.com/ekmett/homotopy/blob/master/Core.v#L159 is where it dies if i turn on Local Obligation Tactic
[Thu Aug 14 17:11:31 2014] <torfscholle> jgross: thanks, I'll look at it!
[Thu Aug 14 17:11:47 2014] <jgross> vanila, torfscholle: I think the equivalence you want is (forall x, Q x) <~> { f : A -> { x : _ & Q x } & Sect f pr1 } where [Sect fs r := forall x : A, r (s x) = x] (which is what's proven in that issue) 
[Thu Aug 14 17:12:00 2014] <edwardk> it can't figure out how to reverse the arrow there if its on, but it'll run just fine by hand
[Thu Aug 14 17:12:27 2014] <edwardk> could it be something like auto using different hints or something?
[Thu Aug 14 17:12:41 2014] <torfscholle> jgross, vanila: unfortunately, I have to go now - see you later or tomorrow!
[Thu Aug 14 17:13:09 2014] <torfscholle> bye
[Thu Aug 14 17:14:00 2014] <vanila> https://github.com/vladimirias/UniMath/blob/master/UniMath/PAdics/padics.v lol
[Thu Aug 14 17:18:30 2014] <jgross> edwardk: I think that's because the default obligation tactic (which is [program_simpl], according to [Show Obligation Tactic], which I found at http://coq.inria.fr/refman/Reference-Manual026.html) does some unfolding that makes path_induction succeed.  When you give it a different obligation tactic, it obliterates the default tactic, and so path_induction will no longer succeed.	The way to make it so that path induction can solve your
[Thu Aug 14 17:18:30 2014] <jgross> obligation again is to run [hnf in *]. (The reason that morphisms in a pregroupoid are invertible is that they're actually paths.) 
[Thu Aug 14 17:19:03 2014] <edwardk> ah
[Thu Aug 14 17:19:38 2014] <edwardk> so i should bolt that on the front of path_induction if i want to do this this way
[Thu Aug 14 17:19:52 2014] <edwardk> path_destruction? =)
[Thu Aug 14 17:20:31 2014] <jgross> johnw, edwardk: You're doing interesting stuff.  I'm interested in seeing where it goes, so I'm interested in helping out a bit. 
[Thu Aug 14 17:20:34 2014] <johnw> path_elimination?
[Thu Aug 14 17:20:48 2014] <edwardk> jgross: i appreciate it
[Thu Aug 14 17:21:04 2014] <edwardk> i figured what i'd do is go through and throw the other approaches in a blender, try to put my spin on it and see what comes out
[Thu Aug 14 17:21:10 2014] <edwardk> =)
[Thu Aug 14 17:23:52 2014] <edwardk>  right now i'm exploring weakening your definition of Precategory a bit, and seeing if its more natural to define everything 'up to coherent homotopy', and if bringing in the category theory vocabulary earlier makes some of the homotopy vocabulary redundant
[Thu Aug 14 17:24:56 2014] <jgross> No, don't bolt [hnf in *] to the head of [path_induction]; it'll cause you pain later, when it decides that your application of composed functors can be unfolded to some ugly mess.  Look at destruct_head_hnf (https://github.com/JasonGross/coq-tactics/blob/master/Common.v#L203); [destruct_head_hnf T] is like [decompose [T] H] for every hypothesis [H], except that it runs [hnf] on the hypotheses it can eventually decompose
[Thu Aug 14 17:24:56 2014] <jgross> (http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic46 is about decompose).  Basically, you want to run [hnf in H; <check that H is an equality>; destruct H] for each hypothesis. 
[Thu Aug 14 17:25:02 2014] <edwardk> then i want to see if i can instead do monoidal categories instead as bicategories over one object, and model a bunch of other stuff through enriched and internal categories
[Thu Aug 14 17:25:54 2014] <edwardk> ugh. you're going to force me to learn tactics =)
[Thu Aug 14 17:26:52 2014] <jgross> What do you mean by "up to coherent homotopy"?	Like, rather than assume the morphisms are an hset, make them cohere with the groupoid structure on objects?  (If you manage that, I think you get to write a paper on how you defined semisimplicial types?) 
[Thu Aug 14 17:27:17 2014] <jgross> Yes!  Tactics are really useful! 
[Thu Aug 14 17:27:31 2014] <edwardk> jgross: my usual way to learn something is to remove something and run with it until i smack face first into the wall that everyone else tells me is there.
[Thu Aug 14 17:27:33 2014] <johnw> edwardk: tactics are fun :)
[Thu Aug 14 17:27:50 2014] <edwardk> either i get through to the other side by dint of a hard head or i learn something about how hard the wall is and exactly where it is placed.
[Thu Aug 14 17:29:34 2014] <edwardk> i'm okay with this failing process taking a long time, because i have a lot of ground to cover ;)
[Thu Aug 14 17:29:58 2014] <edwardk> basically being on coq day 2. having forgotten everything i knew when i tried it 6 years ago or so
[Thu Aug 14 17:32:06 2014] <napping> I'm having some trouble passing tactic arguments to tactics
[Thu Aug 14 17:32:28 2014] <napping> they often try to run at the call site
[Thu Aug 14 17:32:34 2014] <edwardk> so right now i have two such weakenings in play. the first is relaxing = in the precategory definition to ~, and the second is moving the hSet constraint down to later
[Thu Aug 14 17:33:03 2014] <edwardk> but i haven't gotten to where those will bite me yet. still laying out machinery to get funext from univalence, etc.
[Thu Aug 14 17:34:57 2014] <edwardk> the next major step is to go define bicategories up to coherent homotopy ( (infinity, 2)-bicategories ? ), use bicategories of one object to define monoidal categories and ideally then use that to talk about enriched categories and internal categories
[Thu Aug 14 17:35:05 2014] <edwardk> but i reserve the right to switch goals =)
[Thu Aug 14 17:35:11 2014] <johnw> :)
[Thu Aug 14 17:35:20 2014] <johnw> creativity in action
[Thu Aug 14 17:36:30 2014] <edwardk> do you know of any attempts to do n-categories in coq that worked out at all, etc? i'm curious to scan prior art in this space
[Thu Aug 14 17:36:51 2014] <edwardk> i don't particularly care about that problem, but i do care about the space of solutions around it if that makes sense
[Thu Aug 14 17:37:49 2014] <johnw> edwardk: this thread may be of no interest whatsoever, but: https://groups.google.com/forum/#!topic/sci.physics.research/HM623jsEvrQ
[Thu Aug 14 17:38:13 2014] <jgross> napping: Stare carefully at the manual and the difference between tactics and tactic expressions.  Prefix you're tactics with [idtac; ]. Bury your desire to stab the coq devs. 
[Thu Aug 14 17:38:17 2014] <johnw> also possibly of interest: http://arxiv.org/pdf/1010.1810.pdf
[Thu Aug 14 17:39:10 2014] <edwardk> thanks
[Thu Aug 14 17:39:45 2014] <napping> johnw: I've got some idtac; already, it's especially not nice when I want to pass things through a few layers
[Thu Aug 14 17:40:27 2014] <vanila> CPDT covers a lot of stuff too
[Thu Aug 14 17:40:38 2014] <vanila> good refreshser
[Thu Aug 14 17:40:49 2014] <johnw> yes, I really liked CPDT this time aruond
[Thu Aug 14 17:40:53 2014] <jgross> edwardk: http://mathoverflow.net/questions/152497/formalizations-of-category-theory-in-proof-assistants, http://www.megacz.com/berkeley/coq-categories/, https://bitbucket.org/JasonGross/catdb/src/4eb6407c6ca3200bebefaa3a1834d05c49b01846/EnrichedCategory.v?at=default 
[Thu Aug 14 17:41:03 2014] <napping> I don't remember it answering this problem
[Thu Aug 14 17:41:08 2014] <johnw> i skipped through some of the sections on different embeddings of non-terminating programs
[Thu Aug 14 17:41:11 2014] <johnw> but the rest was pretty valuable
[Thu Aug 14 17:41:18 2014] <napping> ooh, I could use some of that
[Thu Aug 14 17:41:45 2014] <johnw> megacz's coq-categories is a repo that I based a lot of my stuff on, after starting with Mathieu's development
[Thu Aug 14 17:41:47 2014] <napping> ideally embeddings which can be upgraded to executable by proving a termination lemma
[Thu Aug 14 17:42:42 2014] <johnw> jgross: hg, really?
[Thu Aug 14 17:42:55 2014] <edwardk> i read megacz's code when he threw some arrow stuff at ghc as a plugin based on it way back when, i'll go see if it has changed
[Thu Aug 14 17:44:14 2014] <johnw> how do I tell mercurial to just ignore ca-certificates?
[Thu Aug 14 17:44:14 2014] <jgross> napping: CPDT does not talk about this, because it never came up for Adam (I asked him about it recently after it tripped me up in https://coq.inria.fr/bugs/show_bug.cgi?id=3498).  Whenever you start a tactic with [let ... := ... in ...] or [match ... with ... end] or [lazymatch ... with ... end], prefix the [match], [lazymatch], or [let] with [idtac; ].  You only have to do this at top level when you define something with [Ltac foo := ... ], or
[Thu Aug 14 17:44:14 2014] <jgross> when you explicitly pass a [let], [match], or [lazymatch] to a tactic with [ltac:(...)]. 
[Thu Aug 14 17:44:22 2014] <johnw> it can't clone because it's trying to read a file that doesn't exist
[Thu Aug 14 17:44:37 2014] <jgross> johnw: I was just copying my predecesors: https://bitbucket.org/JasonGross/catdb/commits/branch/default?page=19 
[Thu Aug 14 17:44:47 2014] <napping> jgross: I think I'm already doing that everywhere
[Thu Aug 14 17:45:04 2014] <napping> but if you have something like Ltac foo arg := ... ; bar arg ; ...
[Thu Aug 14 17:45:17 2014] <johnw> ah, --insecure
[Thu Aug 14 17:46:38 2014] <jgross> napping: that's fine, and doesn't need an [idtac; ], unless it's secretly [Ltac foo arg := let baz := qux in ... ; bar arg ; ...] (in which case it's actually [Ltac foo arg := let baz := qux in (... ; bar arg ; ...)], in which case you need an [idtac; ] to prevent [qux] from being run immediately and assigned to [baz]. 
[Thu Aug 14 17:47:08 2014] <napping> huh, I thought I already had idtac in all the right places and another indirection was messing it up
[Thu Aug 14 17:47:26 2014] <napping> what about a tactic defined like solve[ .... ] or first[ ... ]?
[Thu Aug 14 17:47:40 2014] <jgross> btw, johnw, edwardk: feel free to improve http://mathoverflow.net/a/176817 
[Thu Aug 14 17:48:11 2014] <johnw> we should really reference github.com/ekmett/homotopy there now too
[Thu Aug 14 17:48:27 2014] <napping> hmm, inlining some definitions into the tactic I was calling, seemd to cure the problem, without any changes to the final call site or the stuff I was passing in
[Thu Aug 14 17:48:32 2014] <johnw> though my repo is likely to stay a bit more "traditional" until I integrate these fancy new homotopy concepts
[Thu Aug 14 17:49:03 2014] <jgross> solve, first, repeat, do, abstact, and some others are fine as top-level things.  What's the tactic you're passing as an argument? 
[Thu Aug 14 17:49:45 2014] <edwardk> i'd rather wait until i had more than 1 file full of thoughts before announcing it to stack overflow, but hey =)
[Thu Aug 14 17:49:54 2014] <napping> several, first is solve[simpl;reflexivity | equate_maps].
[Thu Aug 14 17:50:29 2014] <johnw> and not just stackoverflow, but *math*overflow
[Thu Aug 14 17:50:40 2014] <jgross> johnw: Please do, whenever you're ready.  Either add it to that answer or make a new answer, if it deserves a separate entry.  All the answers to that question so far are mine, and I want other people to add stuff.	I don't want to maintain any answers other than http://mathoverflow.net/a/155038. 
[Thu Aug 14 17:51:03 2014] <jgross> napping: What's the entire tactic invocation?  (Do you have it on pastebin or gist or something, or is it short enough to paste here?) 
[Thu Aug 14 17:51:08 2014] <napping> there's also a  econstructor(match goal with ...) and solve[ let
[Thu Aug 14 17:51:20 2014] <napping> ... ] that I inlined
[Thu Aug 14 17:51:31 2014] <napping> everything else seems to have a ";" at the top level
[Thu Aug 14 17:52:09 2014] <jgross> econstructor takes a tactic argument? 
[Thu Aug 14 17:52:24 2014] <jgross> Or, oh, your match goal with returns a constr? 
[Thu Aug 14 17:52:41 2014] <napping> no, they can't do that
[Thu Aug 14 17:52:52 2014] <napping> I've cps-transformed stuff in other places to work around that
[Thu Aug 14 17:52:54 2014] <jgross> So what does "econstructor(match goal with ...)" mean? 
[Thu Aug 14 17:53:11 2014] <napping> econstructor(<tactic>) is like econstructor, but applies the tactic to all subgoals
[Thu Aug 14 17:53:24 2014] <napping> and only sticks with a constructor that both unifies and has no tactic failures
[Thu Aug 14 17:53:34 2014] <napping> really handy for automatically applying inductively defined relations and such
[Thu Aug 14 17:53:57 2014] <jgross> [let x := (match goal with |- ?G => constr:(G) end) in pose G] works fine. 
[Thu Aug 14 17:54:10 2014] <napping> oh, huh
[Thu Aug 14 17:54:16 2014] <napping> I'll have to try that in places
[Thu Aug 14 17:54:35 2014] <jgross> Is econstructor(<tactic>) new to trunk, or just undocumented?  Anyway, you should see if replacing it with [econstructor(idtac; match goal with ...)] fixes things. 
[Thu Aug 14 17:54:38 2014] <napping> pose x, right?
[Thu Aug 14 17:54:43 2014] <napping> Yeah, just undocumented
[Thu Aug 14 17:54:46 2014] <jgross> Yes, pose x. 
[Thu Aug 14 17:55:02 2014] <napping> well, inlining that into the tactic that I was calling, but not otherwise changing the call seemed to help
[Thu Aug 14 17:56:09 2014] <napping> that's also not the thing running too early, according the Ltac Debug
[Thu Aug 14 17:56:34 2014] <jgross> What's the thing running too early? 
[Thu Aug 14 17:57:08 2014] <jgross> Is [econstructor(tac)] different from [econstructor; tac]? 
[Thu Aug 14 17:57:15 2014] <edwardk> jgross: adding program_simpl to the front of the Local Obligation Tactic (not to path_induction) let me clear out the remaining manual cases there.
[Thu Aug 14 17:57:27 2014] <edwardk> now i just have some stubborn stuff that doesn't want to figure out how to auto apply
[Thu Aug 14 17:57:28 2014] <napping> yes, econstructor;tac commits to the first thing that unifies, whether or not tac can deal with the arguments
[Thu Aug 14 17:57:32 2014] <napping> it's very useful
[Thu Aug 14 17:57:37 2014] <edwardk> jgross++
[Thu Aug 14 17:58:13 2014] <jgross> edwardk: Which thing did I say that you're ++ing? 
[Thu Aug 14 17:58:28 2014] <edwardk> ++'ing for the help with the obligation tactic stuff
[Thu Aug 14 17:58:32 2014] <edwardk> was going nuts on that
[Thu Aug 14 17:59:12 2014] <jgross> :-)  Glad I was able to help. 
[Thu Aug 14 17:59:31 2014] <jgross> napping: I've made https://coq.inria.fr/bugs/show_bug.cgi?id=3521, asking them to document econstructor(tactic) 
[Thu Aug 14 17:59:53 2014] <napping> I heard of it in an email thread where Voevodsky was digging around in the Coq source
[Thu Aug 14 18:00:00 2014] <jgross> Anyway, if you show me the entire tactic invocation, I can probably point out which bits you might need to change to get it to not run too early. 
[Thu Aug 14 18:13:08 2014] <napping> I got it working by inlining stuff inside the definition, without changing how I called it
[Thu Aug 14 18:13:16 2014] <napping> I'll see about pasting that
[Thu Aug 14 18:13:42 2014] <johnw> see you guys later
[Thu Aug 14 18:14:34 2014] <napping> http://lpaste.net/109391
[Thu Aug 14 18:14:44 2014] <napping> the commented out "domain_run" wasn't working, the inlined one does
[Thu Aug 14 18:15:32 2014] <napping> huh, and now it all works the other way too
[Thu Aug 14 18:23:03 2014] <jgross> How'd you call it such that it was failing? 
[Thu Aug 14 18:23:31 2014] <jgross> (I'm pretty sure it's how you call it that matters, and not so much what the definition is.  But not entirely sure.) 
[Thu Aug 14 18:23:34 2014] <napping> domain_run k trans_domain_solver trans_use_result step_domain_solver ltac:split_stuck done_solver for various definitions
[Thu Aug 14 18:24:31 2014] <napping> It was trying to run Ltac done_solver := subst;simpl;repeat eexists;... too early, I think
[Thu Aug 14 18:33:29 2014] <jgross> napping: That doesn't seem right.  Let me know if you have code I can play with that does this. 
[Thu Aug 14 19:06:04 2014] <jgross> edwardk: Without the truncation axiom for precategories (semi-precategories, then?), you will run into issues when you try to prove the laws about composition of natural transformations, necessary to building functor precategories.  See https://groups.google.com/d/msg/homotopytypetheory/cYPhbT4HGcs/27-OWTEEavwJ and
[Thu Aug 14 19:06:04 2014] <jgross> https://github.com/JasonGross/HoTT/blob/yoneda-without-truncatedness-trunk/theories/categories/NaturalTransformation/Composition/Laws.v#L39 
[Thu Aug 14 20:59:01 2014] <edwardk> jgross: i expect as much
[Thu Aug 14 21:03:19 2014] <edwardk> jgross: im willing to keep playing with the foundations in a few different ways. but if i don't smack into where things go wrong i never learn why
[Thu Aug 14 21:10:20 2014] <jgross> edwardk: *nods*  That's approximately how I do things, too. 
[Thu Aug 14 21:10:59 2014] <edwardk> and i figure if i'm going to do any real theorem proving i can't think of a better set of foundational issues to attack
[Thu Aug 14 21:15:35 2014] <edwardk> taking the stashef polyhedra point seriously is there a nice coinductive definition of the associahedra that make up the stashef polytopes?
[Thu Aug 14 21:15:42 2014] <edwardk> er stasheff
[Thu Aug 14 21:17:45 2014] <edwardk> e.g. is there an angle of attack where you take your category, look at its nerve to break it down into sequences of length n, then do what? play with the corresponding stashef polytype for that length and prove the associativity directly or via coinduction / some bisimulation step?
[Thu Aug 14 21:18:36 2014] <edwardk> or am i using the associahedron "side-ways" from how it applies here.
[Thu Aug 14 22:56:37 2014] <edwardk> hrmm, is there a story for induction-recursion in coq?
[Thu Aug 14 22:57:21 2014] <vanila> I think that you just can't do it
[Thu Aug 14 22:57:22 2014] <edwardk> or am i dead in the water if i need it?
[Thu Aug 14 22:57:27 2014] <edwardk> blah
[Thu Aug 14 22:57:35 2014] <vanila> sorry :(
[Thu Aug 14 22:57:42 2014] <edwardk> * doesn't want to give up tactics and go wander the wilds of agda.
[Thu Aug 14 22:59:03 2014] <vanila> what did you want them for?
[Thu Aug 14 22:59:08 2014] <vanila> just curious
[Thu Aug 14 22:59:42 2014] <edwardk> was hoping to play with something like the shulman HIR universe trick and see if i could fix a 'potential' problem that i know will bite me later with my category-theory by building a universe i can exhaustively solve
[Thu Aug 14 22:59:57 2014] <edwardk> but i can't build the universe without induction-recursion
[Thu Aug 14 23:00:01 2014] <edwardk> and so i get stopped before i start
[Thu Aug 14 23:03:47 2014] <edwardk> hrmm, mcbride has a trick for doing induction-recursion for a sufficiently small target type using just induction right?
[Thu Aug 14 23:04:00 2014] <edwardk> * tries to page in what he can remember and dig up by google.
[Thu Aug 14 23:09:56 2014] <vanila> Conor showed how to give codes for all the data types, maybe that's not what you mean though?
[Thu Aug 14 23:10:06 2014] <edwardk> not sure
[Thu Aug 14 23:10:12 2014] <vanila> because that would be much weaker than the kind of thing ind-rec gives you
[Thu Aug 14 23:10:13 2014] <edwardk> fumbling around in this space
[Thu Aug 14 23:10:57 2014] <edwardk> i think what i can say in coq isn't enough to say what i want to say, but i don't know enough to know that for sure
[Thu Aug 14 23:13:07 2014] <edwardk> i suppose this is the real cultural divide between agda/coq at work
[Thu Aug 14 23:13:17 2014] <edwardk> agda throws whatever crap they like in the meta-theory =)
[Thu Aug 14 23:13:53 2014] <vanila> haha
[Thu Aug 14 23:14:17 2014] <edwardk> hrmm does universe polymorphism let us dodge the 'small' requirement?
[Thu Aug 14 23:14:21 2014] <vanila> Dybjer's stuff seems to justify inductive-recursive definitions nicely, and it would fit fine in Coq just like mutually recursive functions - it's just kind of scary and probably very hard to implement
[Thu Aug 14 23:14:27 2014] <edwardk> * goes off to learn how that encodingworks
[Thu Aug 14 23:16:06 2014] <vanila> There's a paper on 'surreal numbers in coq'
[Thu Aug 14 23:16:21 2014] <vanila> they are defined by an inductive-recursion definition
[Thu Aug 14 23:16:29 2014] <edwardk> hrmm
[Thu Aug 14 23:16:41 2014] <vanila> but this guy defines it somehow as two mutually recursive inductive defs
[Thu Aug 14 23:16:48 2014] <vanila> I have no idea how that works
[Thu Aug 14 23:17:01 2014] <edwardk> http://types2004.lri.fr/SLIDES/mamane.pdf ?
[Thu Aug 14 23:17:02 2014] <edwardk> well the paper to go with that
[Thu Aug 14 23:17:19 2014] <vanila> yeah
[Fri Aug 15 00:56:24 2014] <johnw> does anyone know if http://www.irisa.fr/celtique/pichardie/ext/these/ is available as just a tarball of source files?
[Fri Aug 15 00:58:48 2014] <johnw> edwardk: since you can build Coq terms directly just as you would in Agda, what is it exactly that Agda gives you that Coq can't in the case of induction-recursion?
[Fri Aug 15 00:59:01 2014] <edwardk> agda adds it to the core theory
[Fri Aug 15 00:59:16 2014] <johnw> oh, it axiomatizes this particular feature?
[Fri Aug 15 00:59:21 2014] <edwardk> yeah
[Fri Aug 15 00:59:26 2014] <johnw> hrpmh
[Fri Aug 15 00:59:32 2014] <edwardk> says 'this is okay' and lets you use it
[Fri Aug 15 00:59:43 2014] <johnw> I wonder how hard people have looked for inconsistencies
[Fri Aug 15 00:59:44 2014] <edwardk> its just like saying 'generalized recursion is okay'
[Fri Aug 15 00:59:48 2014] <johnw> I'm wary of all axioms now
[Fri Aug 15 00:59:54 2014] <edwardk> not an axiom per se
[Fri Aug 15 01:00:01 2014] <edwardk> just a change in the way the termination checker works
[Fri Aug 15 01:00:08 2014] <edwardk> to permit this thing
[Fri Aug 15 01:00:20 2014] <edwardk> anyways, mcbride showed you could do it for 'small' universes in coq
[Fri Aug 15 01:00:26 2014] <johnw> ah
[Fri Aug 15 01:00:27 2014] <edwardk> but now we have universe polymorphism
[Fri Aug 15 01:00:52 2014] <edwardk> so i'm trying to understand if his approach generalizes to Type : Type now that we have that. to get a 'big enough' universe
[Fri Aug 15 01:01:06 2014] <johnw> right
[Fri Aug 15 01:01:27 2014] <edwardk> if so then i can transcode Mike Shulman's fancy higher inductive-recursive hott universe trick to coq
[Fri Aug 15 01:01:54 2014] <edwardk> and along the way i'm beating my face into how to do basic things in coq and learning the way things work =)
[Fri Aug 15 01:01:55 2014] <johnw> I wonder how much of regular Coq you're going to be able to use when all is said and done
[Fri Aug 15 01:02:30 2014] <edwardk> yes, but you see i have no intuition for what is already there, so i won't miss it so long as i don't taste that sweet sweet forbidden fruit.
[Fri Aug 15 01:02:31 2014] <edwardk> =)
[Fri Aug 15 01:02:57 2014] <edwardk> google-hangout?
[Fri Aug 15 01:03:01 2014] <johnw> sure
[Fri Aug 15 01:03:09 2014] <johnw> let me get my headphones
[Fri Aug 15 02:13:58 2014] <johnw> if I have existT x y z = existT x y' z', how can I reduce this to needing to prove the equality of xs and zs?
[Fri Aug 15 02:15:30 2014] <edwardk> any idea how to proceed on the two lemmas here: https://github.com/ekmett/homotopy/blob/master/Slice.v ?
[Fri Aug 15 02:16:11 2014] <edwardk> i don't know how to dig in there to get to the equalities to use them.
[Fri Aug 15 02:51:57 2014] <edwardk> ok, so the main takeaway i have from this is to get through the connection between Set/I and (I -> Set) you need uniqueness of identity proofs, which is basically Axiom K, and that's not Hott-compatible, right?
[Fri Aug 15 02:58:00 2014] <edwardk> well, i guess we can have it on a type by type basis.
[Fri Aug 15 03:01:53 2014] <johnw> can it be proved that {x : {x : X & f x} & projT1 x = y} = f y?
[Fri Aug 15 03:02:07 2014] <johnw> I don't know how to make "choices" for the witness on the left-hand side of the equality
[Fri Aug 15 03:49:37 2014] <roosbeef> johnw, around perhaps?
[Fri Aug 15 03:50:08 2014] <johnw> I am
[Fri Aug 15 03:50:46 2014] <roosbeef> ha :)
[Fri Aug 15 03:51:07 2014] <roosbeef> so i was playing around with that example of well-founded recursion you gave
[Fri Aug 15 03:51:08 2014] <roosbeef> https://privatepaste.com/4d5b9f16ea
[Fri Aug 15 03:51:22 2014] <roosbeef> Coq says failure in proveterminate Error: Partial application of function stratify_rec in its body is not allowed while using Function
[Fri Aug 15 03:51:34 2014] <roosbeef> does that mean i cant use Function for this type of problem?
[Fri Aug 15 03:55:13 2014] <johnw> let me try
[Fri Aug 15 03:56:05 2014] <roosbeef> so basically im constructing a tree
[Fri Aug 15 03:56:28 2014] <roosbeef> and every iteration, the leafs are split into subleafs
[Fri Aug 15 03:56:46 2014] <johnw> what is an fstring?
[Fri Aug 15 03:56:46 2014] <roosbeef> Coq should recurse into the length of these, and not on the amound of subleafs
[Fri Aug 15 03:56:53 2014] <roosbeef> its a list
[Fri Aug 15 03:57:13 2014] <roosbeef> i could paste you the whole file but it uses CoLoR
[Fri Aug 15 03:57:26 2014] <roosbeef> amount*
[Fri Aug 15 03:58:28 2014] <johnw> yeah, I'm missing too much context to try this here
[Fri Aug 15 03:58:41 2014] <johnw> try not partially applying stratify_rec
[Fri Aug 15 03:58:45 2014] <johnw> write out the lambda
[Fri Aug 15 03:58:48 2014] <roosbeef> how?
[Fri Aug 15 03:58:59 2014] <roosbeef> what does it mean to 'partially apply' something?
[Fri Aug 15 03:59:01 2014] <johnw> map (fun x : TYPE => stratify_rec x)
[Fri Aug 15 03:59:14 2014] <roosbeef> ah it doesnt like that?
[Fri Aug 15 03:59:19 2014] <johnw> well, it MAY not
[Fri Aug 15 03:59:20 2014] <johnw> i don't know
[Fri Aug 15 04:00:53 2014] <roosbeef> failure in proveterminate Error: Found a lambda which body contains a recursive call. Such terms are not allowed
[Fri Aug 15 04:01:02 2014] <johnw> ah
[Fri Aug 15 04:01:14 2014] <roosbeef> on this https://privatepaste.com/57fbc0acf8
[Fri Aug 15 04:01:59 2014] <roosbeef> why does it not accept that though, i thought the whole point was to be able to make recursive calls
[Fri Aug 15 04:02:09 2014] <johnw> so, it doesn't _know_ what map is going to do with that function
[Fri Aug 15 04:02:21 2014] <johnw> which makes it impossible to reason about the recursion requirements
[Fri Aug 15 04:03:18 2014] <johnw> but there may be a harder requirement by the termination checker going on here
[Fri Aug 15 04:03:34 2014] <johnw> since peering into higher-order function arguments is probably impossibly hard, it won't let you define your recursion over them
[Fri Aug 15 04:03:52 2014] <johnw> or it's just a limitation of the current termination checker
[Fri Aug 15 04:04:01 2014] <johnw> this "measure" stuff is brand new
[Fri Aug 15 04:04:03 2014] <johnw> (8.4)
[Fri Aug 15 04:04:06 2014] <roosbeef> hm
[Fri Aug 15 04:04:28 2014] <roosbeef> but the size of these leafs is obviously decreasing
[Fri Aug 15 04:04:36 2014] <roosbeef> since youre splitting them to create more leafs
[Fri Aug 15 04:05:19 2014] <johnw> i'm not saying it's wrong
[Fri Aug 15 04:05:25 2014] <johnw> the termination checker is not perfect
[Fri Aug 15 04:05:36 2014] <johnw> it errs on the side of caution
[Fri Aug 15 04:05:39 2014] <roosbeef> do you think its impossible in Coq 8.4?
[Fri Aug 15 04:06:32 2014] <johnw> i don't know
[Fri Aug 15 04:06:38 2014] <johnw> What is VTerm.Fun?
[Fri Aug 15 04:06:50 2014] <roosbeef> it creates a tree
[Fri Aug 15 04:07:18 2014] <johnw> what is the type of stratify_sub?
[Fri Aug 15 04:07:19 2014] <roosbeef> by taking a head of the node label's type and arguments of type vterm
[Fri Aug 15 04:07:55 2014] <roosbeef> it creates from an fstring a list of fstrings, of which the first element is going to be the head of the new subtree that is to be formed from that input fstring, and the rest are going to be the leafs/arguments
[Fri Aug 15 04:08:11 2014] <roosbeef> (it=stratify_sub)
[Fri Aug 15 04:08:27 2014] <johnw> i see
[Fri Aug 15 04:08:40 2014] <johnw> and you are trying to give evidence that this list of fstrings isn't going to cause infinite recursion
[Fri Aug 15 04:08:46 2014] <roosbeef> yea
[Fri Aug 15 04:08:52 2014] <roosbeef> which its not, right
[Fri Aug 15 04:09:01 2014] <roosbeef> you can only split a list so many times
[Fri Aug 15 04:09:14 2014] <roosbeef> i have the lemma to prove this ready
[Fri Aug 15 04:09:22 2014] <johnw> well, since I don't know anything about stratify_sub, for all I know it could be doubling its args
[Fri Aug 15 04:10:04 2014] <johnw> instead of using map, write out the recursion manually in another function
[Fri Aug 15 04:10:10 2014] <johnw> stratify_args
[Fri Aug 15 04:10:31 2014] <johnw> you'll need to use mutual recursive function definitions
[Fri Aug 15 04:10:49 2014] <johnw> whether that works with "measure" or not, I don't know
[Fri Aug 15 04:10:57 2014] <johnw> but you aren't going to be able to use "map" here
[Fri Aug 15 04:11:00 2014] <roosbeef> hm
[Fri Aug 15 04:11:28 2014] <roosbeef> does Function support mutual recursion?
[Fri Aug 15 04:11:32 2014] <johnw> good question
[Fri Aug 15 04:11:41 2014] <johnw> Function foo : TYPE := BODY with bar : Type := BODY.
[Fri Aug 15 04:18:37 2014] <roosbeef> would it help to use Program?
[Fri Aug 15 04:18:58 2014] <johnw> I don't know
[Fri Aug 15 04:19:03 2014] <johnw> if it does, tell me :)
[Fri Aug 15 04:19:14 2014] <roosbeef> haha mehh
[Fri Aug 15 04:19:45 2014] <roosbeef> what does Program do though
[Fri Aug 15 04:19:50 2014] <roosbeef> its different from Function?
[Fri Aug 15 04:19:56 2014] <roosbeef> how do Program, Function and Fix relate?
[Fri Aug 15 04:20:15 2014] <roosbeef> its hard to find out about these keywords because google will just ignore casing
[Fri Aug 15 04:20:17 2014] <johnw> you'd write "Program Function"
[Fri Aug 15 04:20:24 2014] <johnw> it adds some conveniences
[Fri Aug 15 04:20:43 2014] <roosbeef> its just syntax sugar?
[Fri Aug 15 04:20:52 2014] <johnw> it helps you manage proof obligations, and will even solve the simplest automatically
[Fri Aug 15 04:21:03 2014] <johnw> there's a chapter in the Coq reference manual about the Program environment
[Fri Aug 15 04:21:50 2014] <jgross> edwardk: https://groups.google.com/forum/#!msg/homotopytypetheory/duXp2K8NcRk/7GWayB4vZY0J suggests that defining the stasheff polytopes in Coq/Agda is an open question. 
[Fri Aug 15 04:21:59 2014] <roosbeef> ok so lets forget about Program
[Fri Aug 15 04:22:04 2014] <edwardk> jgross: thx
[Fri Aug 15 04:22:10 2014] <roosbeef> youre saying write a custom map function
[Fri Aug 15 04:22:20 2014] <johnw> yes, make the recursion explicit
[Fri Aug 15 04:22:29 2014] <edwardk> jgross: got bogged down trying to model small induction-recursion in coq
[Fri Aug 15 04:22:35 2014] <johnw> rather than passing your function as an argument to another function
[Fri Aug 15 04:22:39 2014] <edwardk> that's my current dilemma
[Fri Aug 15 04:22:48 2014] <roosbeef> but other than using map, how am i going to apply a function to a list of arguments and then recurse into each argument of the resulting list?
[Fri Aug 15 04:22:55 2014] <roosbeef> thats exactly what map does right?
[Fri Aug 15 04:23:05 2014] <johnw> yep
[Fri Aug 15 04:23:20 2014] <johnw> 03:23 <lambdabot> map _ []     = []
[Fri Aug 15 04:23:21 2014] <johnw> 03:23 <lambdabot> map f (x:xs) = f x : map f xs
[Fri Aug 15 04:23:27 2014] <johnw> it's nothing fancy
[Fri Aug 15 04:23:38 2014] <johnw> in your case, you'd not have the 'f' parameter there
[Fri Aug 15 04:23:44 2014] <roosbeef> so how does it help to copy this and write it out explicitly myself
[Fri Aug 15 04:23:50 2014] <roosbeef> in what way would i modify it
[Fri Aug 15 04:24:36 2014] <edwardk> trying to figure out if universe polymorphism is enough to build fancy universes ala Tarski with "small IR" for Shulman's higher-inductive-recursive univalent universes trick.
[Fri Aug 15 04:24:47 2014] <edwardk> e.g. if universe polymorphism lets small be big enough
[Fri Aug 15 04:25:02 2014] <johnw> something along the lines of: https://gist.github.com/269703e59605b4e6303d
[Fri Aug 15 04:25:30 2014] <edwardk> jgross: do you know of anything that makes this a complete non-starter of a direction?
[Fri Aug 15 04:25:37 2014] <jgross> edwardk, vanila: native IR is on the todo list of some of the Coq devs (Matthieu in particular, if I recall correctly).  Certainly not for 8.5.  Maybe for the version after that.  In the mean time, you can fake induction-recursion by indexing by the result you want to compute; see https://sympa.inria.fr/sympa/arc/coq-club/2013-08/msg00201.html 
[Fri Aug 15 04:26:10 2014] <edwardk> that's the Small IR trick basically
[Fri Aug 15 04:26:28 2014] <roosbeef> johnw, hm let me try that
[Fri Aug 15 04:26:33 2014] <edwardk> figuring universe polymorphism will let that live out in Type
[Fri Aug 15 04:27:28 2014] <edwardk> native IR would make life suck a lot less though
[Fri Aug 15 04:28:09 2014] <roosbeef> Error: Cannot use mutual definition with well-founded recursion or measure
[Fri Aug 15 04:28:11 2014] <roosbeef> :'(
[Fri Aug 15 04:28:23 2014] <johnw> youch
[Fri Aug 15 04:28:24 2014] <edwardk> great link though. that lets me try a much more direct encoding than i was chasing =)
[Fri Aug 15 04:28:26 2014] <johnw> I was afraid of that
[Fri Aug 15 04:30:12 2014] <jgross> edwardk: the small-IR trick just means you have to jump universe levels when you define things, right?	You should be totally fine in Type, you just can't model the type _you_ live in, you only get to model the Types below that one. 
[Fri Aug 15 04:31:07 2014] <edwardk> yeah i just meant that I need to build a Type, not just a Set, which is fine since I can work in Type with a higher universe index, so everything should be good.
[Fri Aug 15 04:31:56 2014] <jgross> johnw, roosbeef: You should be able to do well-founded recursion directly by doing structural recursion on the evidence of well-foundedness?  (I've never tried it, but, I don't think well-founded reucrsion gives you anything over structural recusion, other than ease-of-use.) 
[Fri Aug 15 04:33:05 2014] <roosbeef> jgross, what do you mean by "structural recursion over the _evidence_ of well-foundedness"?
[Fri Aug 15 04:33:06 2014] <johnw> jgross: so pass that evidence as an argument, rather than using the nifty {measure...} syntax?
[Fri Aug 15 04:35:18 2014] <jgross> johnw: regarding what exactly agda gives you that Coq doesn't: Agda has mutual blocks and a termination checker.  Coq has explicit mutual statements (restricted to handling inductive types) and structural recursion.  So they added the appropriate rules to Agda's termination checker to make it accept inductive definitions and function definitions that are mutually recursive, in the same mutual block.  In Coq, you'll get stuck with syntax errors
[Fri Aug 15 04:35:18 2014] <jgross> before you get going, and if you want to add it, you'll need to explicitly add the right rules to the guardedness checker (which is currently ad-hoc, and has had two or three bugs in the last few months which allowed proving False, either without axioms, or from propositional extensionality---people are thinking of moving to sized types to be more systematic, but, again, not for 8.5). 
[Fri Aug 15 04:35:40 2014] <jgross> johnw: Yes, exactly. 
[Fri Aug 15 04:36:09 2014] <johnw> ah, very good to know
[Fri Aug 15 04:36:17 2014] <johnw> I tend to mislike inconsistent systems
[Fri Aug 15 04:36:59 2014] <edwardk> i tend to like them -- right up until i'm bit by the inconsistency. so much easier to prove stuff in!
[Fri Aug 15 04:37:06 2014] <johnw> haha
[Fri Aug 15 04:37:28 2014] <johnw> if we just axiomatize False, think of all we could accomplish!
[Fri Aug 15 04:37:55 2014] <johnw> Want a category theory framed on HoTT and bicategories?  DONE
[Fri Aug 15 04:38:29 2014] <jgross> roosbeef: There's a type, Acc, I think, in the standard library, that is what I think measure uses internally.	Look for Acc, Fix, and Fix_eq as definitions.  I think Fix might be a "well-founded fixpoint combinator defined by structural recursion on the evidence". So you should be able to define a well-founded mutual fixpoint combinator similarly, by mutual structural recursion on evidence (you might or might not need to define a new type of
[Fri Aug 15 04:38:29 2014] <jgross> evidence for handling mutual definitions) 
[Fri Aug 15 04:39:39 2014] <jgross> I'm not aware of any prior work on this, though googling "mutual well-founded fixpoints Coq" or something might give you useful results (I haven't tried, and I should be heading off to work in a few minutes) 
[Fri Aug 15 04:39:58 2014] <johnw> jgross: what is your timezone right now?
[Fri Aug 15 04:40:33 2014] <jgross> edwardk: You're in the same camp as Vladimir, then; he was trying to convince Andrej Bauer to go with type-in-type rather than universe checking for Andromeda (formerly Brazil). 
[Fri Aug 15 04:40:42 2014] <jgross> johnw: Cambridge, UK.  So, 9:40am. 
[Fri Aug 15 04:41:00 2014] <johnw> ah, you exchanged one Cambridge for another I see
[Fri Aug 15 04:41:11 2014] <edwardk> jgross: i like universes really, but then i spend a lot of time coding in haskell and just try to get stuff done rather than prove stuff all day.
[Fri Aug 15 04:41:29 2014] <johnw> edwardk: this evening was the stuff of nightmares
[Fri Aug 15 04:41:38 2014] <edwardk> these things happen.
[Fri Aug 15 04:41:42 2014] <johnw> I'm sure I'm going to have a dream now about everything hinging on needing to know what "Type" is
[Fri Aug 15 04:42:11 2014] <jgross> Yes.  And I exchanged program synthesis and category theory in HoTT for formalized x86 assembly and ... still category theory in HoTT, but much less of it. 
[Fri Aug 15 04:42:34 2014] <jgross> What happened this evening? 
[Fri Aug 15 04:42:46 2014] <johnw> beating one's head against these sorts of things is valuable, in that we can more quickly realize when we're attempting the impossible next time :)  I had a sense that our context was too shallow, and I think we proved it
[Fri Aug 15 04:43:04 2014] <johnw> jgross: try to work through some of Conor's IR stuff
[Fri Aug 15 04:43:13 2014] <johnw> he claimed two definitions were inverses, and we tried to prove it
[Fri Aug 15 04:43:23 2014] <johnw> silly us
[Fri Aug 15 04:43:52 2014] <johnw> formalized x86 assembly?  are you working with Greg Morrissett by any chance?
[Fri Aug 15 04:44:53 2014] <jgross> johnw: No, with Andrew Kennedy and Nick Benton.  At least this summer. x86proved.codeplex.com  Codeplex, because that's what MS said to use, before they came to their sanity and decided on github.  We haven't migrated yet. 
[Fri Aug 15 04:45:18 2014] <johnw> I know that Greg is working on formalizations of parts of x86 in Coq too
[Fri Aug 15 04:46:00 2014] <johnw> they just finished with the integer or the floating-point units, I can't remember which
[Fri Aug 15 04:46:01 2014] <roosbeef> jgross, sorry i had to answer the phone. So Fix does support mutual recursion, whereas Function does not?
[Fri Aug 15 04:46:08 2014] <johnw> also, he may be working at the microcode level, not the x86 surface
[Fri Aug 15 04:47:51 2014] <jgross> No.  Fix is a Coq function defined in the standard library.  I'm thinking you can make a similar definition that does support mutual recursion. 
[Fri Aug 15 04:48:41 2014] <roosbeef> would that require me to prove a gazillion properties of this Fix_alt?
[Fri Aug 15 04:49:01 2014] <roosbeef> for Coq to accept all conclusions drawn from its use?
[Fri Aug 15 04:51:15 2014] <jgross> edwardk, johnw: You might be interested in Matt Oliveri's (now finished/fully working) type checker for raw syntax into an hSet universe, written in Coq, (https://code.google.com/p/outrageous-interpreter/, http://homotopytypetheory.org/2014/03/03/hott-should-eat-itself/#comment-25555).	If you're finding the comments of http://homotopytypetheory.org/2014/03/03/hott-should-eat-itself hard to navigate, Mike Shulman's code is at
[Fri Aug 15 04:51:15 2014] <jgross> http://home.sandiego.edu/~shulman/papers/autophagia/.  (All of this is burried deep in the comments of that blog post.) 
[Fri Aug 15 04:53:34 2014] <jgross> roosbeef: I think you'd only need the equivalent of Fix_eq.  See http://coq.inria.fr/library/Coq.Init.Wf.html.	You don't need anything extra to get Coq to accept conclusions about it, but you won't get any syntactic sugar. 
[Fri Aug 15 04:54:49 2014] <edwardk> heh, the lines of inquiry are exploding faster than my ability to bookmark, be warned, i'll probably ping you for follow up info later ;)
[Fri Aug 15 04:58:27 2014] <roosbeef> johnw, jgross, thanks a lot for your suggestions, this seems to be exactly what i would need to solve this problem
[Fri Aug 15 04:58:43 2014] <jgross> edwardk: That's fine, though this mostly exhausts my knowledge on type theory interpreters.  (For example, I haven't actually read or used either Mike's or Matt's code, though I have followed along with the entire thread of comments as it was happening.)	Anyway, I'm off to work now.  Enjoy your inquiries and bookmarking. 
[Fri Aug 15 04:59:00 2014] <edwardk> will do.
[Fri Aug 15 04:59:19 2014] <edwardk> i read shulman's code for the HIR interpreter through, now to chase other leads
[Fri Aug 15 04:59:22 2014] <johnw> good night/day all
[Fri Aug 15 04:59:26 2014] <edwardk> and eventually do some real work
[Fri Aug 15 04:59:44 2014] <johnw> time to break^H^H^H^H^H fix trifecta!
[Fri Aug 15 05:01:02 2014] <edwardk> "Agda fails to forbid them, but that does not mean that they make sense" -- Conor McBride    -- is eminently quotable.
[Fri Aug 15 07:46:33 2014] <hodapp> what does Agda fail to forbid?
[Fri Aug 15 09:32:23 2014] <Saizan> how do people read those very thin comments on wordpress blogs?
[Fri Aug 15 09:40:23 2014] <ijp> s/very thin//
[Fri Aug 15 09:41:09 2014] <ijp> and s/how/why/ (* todo: learn how to do multiple sed expressions in one line *)
[Fri Aug 15 11:35:45 2014] <edwardk> hodapp: inductive-inductive data types IIRC
[Fri Aug 15 14:28:23 2014] <johnw> edwardk: yet another development of CT in Coq: http://dl.dropbox.com/u/137615/Category%20Theory%20in%20Coq.pdf
[Fri Aug 15 14:28:41 2014] <johnw> it's setoid-based, and far from where you're headed, but it's another point in the space to compare against
[Fri Aug 15 15:46:32 2014] <Ainieco> hello
[Fri Aug 15 15:46:42 2014] <jrw> hi
[Fri Aug 15 15:52:11 2014] <Ainieco> really stuck on split_combine proof http://lpaste.net/4142512831918505984 could someone please give me a hint?
[Fri Aug 15 15:56:45 2014] <vanila> Ainieco, you need that l1 and l2 are not nil
[Fri Aug 15 15:57:14 2014] <vanila> so destruct l1; destruct l2. and discharge the 3 impossible cases to be left with  l1 = x0 :: l1'   and l2 = y0 :: l2'
[Fri Aug 15 15:58:11 2014] <vanila> then you can use the induction hypothesis on the tails of all these lists
[Fri Aug 15 16:01:35 2014] <vanila> You might need these two lemmas to conclude: split' (combine l1 l2) = l1, split'' (combine l1 l2) = l2
[Fri Aug 15 16:04:40 2014] <Ainieco> oh, that makes sense, thanks!
[Fri Aug 15 16:19:23 2014] <Cypi> How do you, from an hypothesis [H: (a, b) = (c, d)], deduce [a=c] and [b=d]? I'd like to have those as hypothesis without Coq doing any substitutions.
[Fri Aug 15 16:21:28 2014] <alkabetz> [inversion H.]
[Fri Aug 15 16:21:44 2014] <Cypi> Well, yes, but then Coq starts doing a lot of substituions that complicate the goal way too much
[Fri Aug 15 16:21:51 2014] <Cypi> substitutions*
[Fri Aug 15 16:22:13 2014] <jrw> Cypi: sometimes injection works better
[Fri Aug 15 16:22:21 2014] <jrw> because it's not too smart for its own good
[Fri Aug 15 16:22:56 2014] <Cypi> Perfect, thanks!
[Fri Aug 15 16:25:21 2014] <_cody_> inversion H; subst
[Fri Aug 15 16:25:25 2014] <_cody_> works quite well
[Fri Aug 15 16:25:42 2014] <Cypi> It doesn't when 'c' and 'd' are subterms of 'a' and 'b'.
[Fri Aug 15 16:25:56 2014] <Cypi> It was the case here, and it is what caused Coq's inversion to go crazy on substitutions.
[Fri Aug 15 16:26:20 2014] <johnw> _cody_: your underscore moved!
[Fri Aug 15 16:26:37 2014] <_cody_> i was trying to through people off...
[Fri Aug 15 16:26:51 2014] <_cody_> Cypi: ah ok
[Fri Aug 15 16:27:22 2014] <_cody_> through -> throw
[Fri Aug 15 16:27:31 2014] <johnw> vanila: I didn't need any helper lemmas for split_combine
[Fri Aug 15 16:36:26 2014] <johnw> vanila: https://gist.github.com/0426d2259d4945e5687f
[Fri Aug 15 16:58:25 2014] <vanila> very neat, i couldn't get it to work here though
[Sat Aug 16 03:28:00 2014] <torfscholle> hi
[Sat Aug 16 03:29:47 2014] <jrw> hi
[Sat Aug 16 06:22:59 2014] <Ainieco> hello
[Sat Aug 16 06:23:41 2014] <Ainieco> is it possible to generalize multiple dependent variable without having to repeat "generalize depended a. generalize dependent b" all over agai?
[Sat Aug 16 08:47:32 2014] <torfscholle> Is it known for which pure type systems typing judgements are decidable?
[Sat Aug 16 13:14:46 2014] <robbert> torfscholle: you probably need atleast weak normalization, but AFAIK there is no clear classification of those that are WN
[Sat Aug 16 17:27:51 2014] <torfscholle> robbert: hm, ok, that's interesting -- my motivation is that I would like to implement Girard's paradox for learning and I am therefore looking for an interpreter for the final pure type system. but if I understand you correctly, typing in this system is not decidable, since it is not even weakly normalizing - right?
[Sat Aug 16 17:44:08 2014] <torfscholle> robbert: can you provide references for the positive results (and implementations?) on the decidability of type checking in PTS?
[Sat Aug 16 21:27:12 2014] <edwardk> ok, super newbie question, when i have a
[Sat Aug 16 21:27:13 2014] <edwardk>   X0 : f (fst (o1, o2)) ~{ E }~> g (snd (o1, o2))  -- in my environment, how do i simplify out the fst and snd ?
[Sat Aug 16 21:27:49 2014] <edwardk> they are obvious from context, but i'm just blanking on what keyword to guess in the tactic game
[Sat Aug 16 21:45:03 2014] <vanila> simpl in X0.
[Sat Aug 16 21:45:39 2014] <vanila> alternative: unfold fst in *; unfold snd in *.
[Sat Aug 16 22:02:41 2014] <edwardk> wound up finding a nicer way
[Sat Aug 16 22:02:47 2014] <edwardk> just avoided the whole situation
[Sat Aug 16 22:02:59 2014] <edwardk> simpl refused to catch it. primitive projections maybe?
[Sat Aug 16 22:16:31 2014] <edwardk> when coqtop decides to spin forever , how do i get control of proof general back and start it over?
[Sat Aug 16 22:19:31 2014] <edwardk> ok, it appears i can go to the *coq* buffer, C-x k it and get control back that way
[Sat Aug 16 22:21:42 2014] <jrw> edwardk: C-c C-c may be what you're looking for
[Sat Aug 16 22:24:56 2014] <edwardk> thx
[Sun Aug 17 02:15:21 2014] <torfscholle> Can one make 'print' recursively unfold all definitions?
[Sun Aug 17 03:46:28 2014] <johnw> if I have a hypothesis, can I "copy" before applying an elimination rule so that I can apply a different eliminate rule?
[Sun Aug 17 03:47:44 2014] <johnw> ah, assert (H2 := H1)
[Sun Aug 17 04:38:01 2014] <Cypi> would've said [pose proof H1], but it does the same :p
[Sun Aug 17 05:10:55 2014] <johnw> filter_challenge_2 took me far too long; I need to remember that sometimes it's just as important to generalize a hypothesis as with any other variable
[Sun Aug 17 05:11:15 2014] <johnw> https://gist.github.com/ea000d370b14fb3c43a4
[Sun Aug 17 12:26:10 2014] <jgross> edwardk: There's always [change foo with bar in H] (and a number of other variants) if [foo] is convertible with [bar].  In this case, though, [simpl fst in X0] (or even just [simpl in X0]) should catch that, unless you've done something like [Arguments fst : simpl never.].  It's probably not primitive projections, because turning on primitive projections doesn't retroactively make the [prod] type from the stdlib primitive.  It only affects new
[Sun Aug 17 12:26:10 2014] <jgross> records, so you'd've needed to rewrite the [prod] type yourself as a record.  If you still have the context where it's failing, see if you can track down the bug? (Or if you don't want to do that, you can point me at it, and I can set up my bug minimizer on it.) 
[Sun Aug 17 12:28:59 2014] <edwardk> i'll have to rebuild it later. i was building some code for comma categories, but eventually i swtiched styles because i was getting stuck that way and assumed it was me.
[Sun Aug 17 12:42:33 2014] <jgross> How are you doing comma categories? 
[Sun Aug 17 12:48:55 2014] <jgross> torfscholle: [Eval compute in foo] will fully unfold and normalize [foo].  See also [Eval cbv delta] in the reference manual. 
[Sun Aug 17 13:19:10 2014] <notdan> Do you guys know, if I have a goal like [((a * b) * c) * d) + x], and I have a lemma that ((x*y)*z) = ((x*z)*y),how can I rewrite my goal to [((a * c) * b) * d) + x]?
[Sun Aug 17 13:19:27 2014] <notdan> I tried [rewrite lem at 0], but it didn't work
[Sun Aug 17 13:20:25 2014] <vanila> is that  forall x y z, ((x*y)*z) = ((x*z)*y)
[Sun Aug 17 13:20:47 2014] <vanila> you could try:  rewrite (lem a b c).
[Sun Aug 17 13:20:56 2014] <vanila> or  rewrite <- (lem a b c).
[Sun Aug 17 13:29:40 2014] <_cody_> of course, [ring
[Sun Aug 17 13:29:44 2014] <_cody_> sorry
[Sun Aug 17 13:29:54 2014] <_cody_> [ring] should be enough to attack your goal
[Sun Aug 17 13:55:30 2014] <edwardk> jgross: not well, that was the problem ;)
[Sun Aug 17 13:56:41 2014] <edwardk> jgross: i was just trying to rephrase some of the standard path groupoid fiber stuff as just talking about a special case of over/under categories in the appropriate places and wound up down a rat-hole.
[Sun Aug 17 14:05:31 2014] <_cody_> rat holes abound down that path :)
[Sun Aug 17 14:05:38 2014] <_cody_> no pun intended
[Sun Aug 17 14:07:52 2014] <edwardk> =P
[Sun Aug 17 14:13:20 2014] <edwardk> what do you do for "Anomaly: Uncaught exception Failure("List.chop", _). Please report." errors in proof general. i can't tell if its a proof general bug or a coq issue or what, but they happen a lot to me
[Sun Aug 17 15:27:39 2014] <ijp> today in idiocy: convincing yourself momentarily that False -> A couldn't be constructively valid because there is no way to synthesise an A for a False argument before remembering there aren't any to begin with
[Sun Aug 17 15:37:39 2014] <jgross> edwardk: I have comma categories at https://github.com/HoTT/HoTT/blob/master/theories/categories/Comma/Core.v.	What were you trying to phrase that got you in a rat hole? 
[Sun Aug 17 15:38:14 2014] <edwardk> didn't have enough scaffolding in place yet
[Sun Aug 17 15:38:38 2014] <edwardk> starting from scratch -- there is usually something you forgot to get to you need ;)
[Sun Aug 17 15:38:49 2014] <jgross> edwardk: Anomalies are bugs in Coq.  Always, unless you have some custom elisp that fakes Coq error messages or something.  You should throw the relevant file at coq-bug-finder/find-bug.py, and submit the resulting file to the bug tracker. 
[Sun Aug 17 15:39:36 2014] <edwardk> alrighty, when i have more bandwidth i'll do that
[Sun Aug 17 15:39:53 2014] <jgross> bandwidth? 
[Sun Aug 17 15:41:04 2014] <jgross> (By the way, if you have suggestions for making find-bug.py easier to use, I'd welcome them.) 
[Sun Aug 17 15:53:35 2014] <edwardk> bandwidth meaning mental bandwidth. juggling a call for participations i have to send out, need to fix up trifecta before work tomorrow, have a dozen balls up in the air with respect to what i'm doing in the little homotopy lib, pushing out updates to some haskell code, etc.
[Sun Aug 17 15:54:31 2014] <edwardk> i'm context switching too much right now =)
[Sun Aug 17 15:57:52 2014] <edwardk> what is the ! in an Arguments command used for?
[Sun Aug 17 16:01:46 2014] <jgross> edwardk: *nods*  My goal with my bug-minimization scripts is to make them as low-bandwidth as possible.  (Once you check that they get the right errors, you can ignore them until they're done running.)
[Sun Aug 17 16:01:46 2014] <jgross> http://coq.inria.fr/refman/Reference-Manual010.html#hevea_command232 says """A constant can be marked to be unfolded only if an entire set of arguments evaluates to a constructor. The ! symbol can be used to mark such arguments.
[Sun Aug 17 16:01:46 2014] <jgross> Coq < Arguments minus !x !y.
[Sun Aug 17 16:01:46 2014] <jgross> After that command, the expression (minus (S x) y) is left untouched by simpl, while (minus (S x) (S y)) is reduced to (minus x y).""" 
[Sun Aug 17 16:03:07 2014] <edwardk> ok, so when i mark inverse , etc. with the ! on the category i'm saying don't simplify unless you know what category i'm working with?
[Sun Aug 17 16:03:25 2014] <jgross> Right. 
[Sun Aug 17 16:03:29 2014] <edwardk> k
[Sun Aug 17 16:03:53 2014] <jgross> I think that's the default, though? 
[Sun Aug 17 16:05:18 2014] <edwardk> was trying to understand where it came from in some code i cargo culted and wanted to understand later
[Sun Aug 17 16:05:59 2014] <edwardk> going through and clearing out a bunch of explicit %scoping by using Bind Scope .. with .. etc
[Sun Aug 17 16:06:09 2014] <edwardk> and trying to get a better understanding of the notation system
[Sun Aug 17 16:06:19 2014] <edwardk> and that led me to clean up my Arguments statements
[Sun Aug 17 16:06:28 2014] <edwardk> but that was the last thing in them i didn't understand
[Sun Aug 17 16:07:21 2014] <jgross> *nods*	I should probably do that with mine, at some point; I think I haven't really updated them for a year or a year-and-a-half, when I knew less about Coq's defaults.  (Or possibly the ! behavior is only default on primitive projections.) 
[Sun Aug 17 16:07:42 2014] <jgross> I should also figure out a notation for morphisms and functors and natural transformations. 
[Sun Aug 17 16:09:42 2014] <edwardk> i had notation that was working nicely, then i started playing around with separating category into more record-like parts so i can more easily reason about piling more properties on the hom without getting stuck in lack-of-record-subtyping hell
[Sun Aug 17 16:10:30 2014] <edwardk> so i'm trying out a quick variant of things where i instead package up a bunch of classes for structure-like-properties like upgrading a category to a groupoid, which can only be done one way
[Sun Aug 17 16:11:01 2014] <edwardk> but then i'm wallowing around in the design space trying to figure out the best balance of what to expose in arguments vs. wrap in the records, etc.
[Sun Aug 17 16:13:41 2014] <jgross> Here are some considerations: Anything you expose that is an argument to things like [Functor] and [NaturalTransformation] will cause exponential blow up in your types, and slow things down.	If you need to layer projections to get to things, you loose the benefit of primitive projections, so all of your projections will carry arguments around (not so much of a problem if your top-level record type has no arguments).  You can read the papers on
[Sun Aug 17 16:13:41 2014] <jgross> ssreflect and mathclasses to get their view on how to get a nice hierarchy. 
[Sun Aug 17 16:15:02 2014] <jgross> I found it sufficient to wrap everything in the records, and then you can have a single typeclass for any other set of properties you need to add on.  But I'm not sure if that generalizes well to your domain. 
[Sun Aug 17 16:15:39 2014] <edwardk> the devil's advocate is that if i don't expose them then i get other explosions making it hard to make deep lattices of properties, so there is a sweet spot in the design space i'm trying to find by flailing all over it ;)
[Sun Aug 17 16:16:17 2014] <edwardk> your description is pretty close to what i'm trying now though
[Sun Aug 17 16:16:48 2014] <jgross> Do you have an example of a deep lattice of properties that you need? 
[Sun Aug 17 16:19:55 2014] <edwardk> well, in haskell i have a bunch of classes that all pile on top of each other to get what i need then i use coherence of instance resolution a lot. here i don't have that. even a trivial example would be starting with category, wanting groupoid to be an enhancement of that, thin category to say the hom-sets are prop-truncated, strict to say they are set-truncated, etc. now the latter few are all property-like-structures, they are
[Sun Aug 17 16:19:55 2014] <edwardk>  unique if proven, they don't change the thing or equip it so they are pretty easy. but ultimately i'm trying to figure out how to nicely tease apart the difference between what i want to say something is (including everything i equipped it with) and all thing things i can say it has by dint of being what it is (property-like structures)
[Sun Aug 17 16:21:34 2014] <edwardk> but when i go from category to monoidal category i wind up making the subclassing relationship by Coercion, but then when i want another point in the lattice off to the side, i wind up paying for all the points in the lattice above me if i'm not careful.
[Sun Aug 17 16:21:40 2014] <edwardk> an example that perhaps makes more sense
[Sun Aug 17 16:21:51 2014] <edwardk> if we define functors between categories
[Sun Aug 17 16:22:00 2014] <edwardk> then they are automatically good enough to be functors between groupoids
[Sun Aug 17 16:22:18 2014] <edwardk> but when i define functors between monoidal categories i need to define monoidal functors as well, they don't automatically preserve the extra structure
[Sun Aug 17 16:23:18 2014] <edwardk> but if i bake the choice of category into the functor all i do is bake in the category-structure, when i come along later and want to do it with monoidal categories, i have to store the same data again in new slots in another record and define the fields in the functor-part of my monoidal functor to be just the projection from my monoidal-category down to its category component
[Sun Aug 17 16:24:05 2014] <edwardk> if i leave it naked on the outside of the record on the other hand, such redundant storage is avoided, and i can use the coercion mechanism, at the cost of blowing up the types
[Sun Aug 17 16:24:55 2014] <edwardk> ultimately i think the answer comes down to carefully distinguishing between http://ncatlab.org/nlab/show/stuff,+structure,+property
[Sun Aug 17 16:25:50 2014] <jgross> Can't you say something like [Record MonoidalFunctor (C D : MonoidalCategory) := { FunctorPart :> Functor C D ; <respectful properties here> }.] and get the projections for free? 
[Sun Aug 17 16:30:19 2014] <edwardk> that is what i do now
[Sun Aug 17 16:31:57 2014] <edwardk> but when i have a diamond, when i have something that is both a strict functor and a monoidal functor for instance, i need to name the pushout of those two theories
[Sun Aug 17 16:32:44 2014] <edwardk> for a sufficiently large lattice of properties this is messy =)
[Sun Aug 17 16:33:17 2014] <edwardk> hence my desire to distinguish between property-like structure you can grab from any proof of its existence
[Sun Aug 17 16:33:26 2014] <edwardk> and stuff you need to bolt into that lattice
[Sun Aug 17 16:34:46 2014] <edwardk> i'll give you an example of this in something like haskell
[Sun Aug 17 16:34:52 2014] <edwardk> lets say you have a class for Monad
[Sun Aug 17 16:34:55 2014] <edwardk> and one for Comonad
[Sun Aug 17 16:35:00 2014] <edwardk> both of these are perfectly cromulent things
[Sun Aug 17 16:35:32 2014] <edwardk> now we'd like to be able to abuse the fact that given a Monad defined haskell-style you can define the definition of fmap for it 'for free'
[Sun Aug 17 16:35:43 2014] <edwardk> you can write out liftM in terms of return and (>>=)
[Sun Aug 17 16:35:50 2014] <edwardk> but we can do the same thing on the Comonad side.
[Sun Aug 17 16:36:18 2014] <edwardk> since there are potentially multiple derivations we just don't let you fill in your superclass methods in haskell, in this sense haskell is bad at abstraction
[Sun Aug 17 16:36:36 2014] <edwardk> why? because as you refine a theory you are adding operations and laws about the operations
[Sun Aug 17 16:36:55 2014] <edwardk> and in haskell we pay for all the operations and get none of the benefits of the laws collapsing the space of possible operations we have to consider at any point
[Sun Aug 17 16:37:21 2014] <edwardk> going back to Monad and Comonad, you can define a thing that is both a Monad and a Comonad by shoving both into a record
[Sun Aug 17 16:37:38 2014] <edwardk> but that is fundamentally the wrong way to pushout the concept of Monad and Comonad to make the proper subclass you want to work with most of the time
[Sun Aug 17 16:37:51 2014] <edwardk> consider (,) e, the partial application of the product type
[Sun Aug 17 16:38:20 2014] <edwardk> it is a Monad when e is a Monoid. you can return by putting mempty in the side you don't care about, you can (>>=) by gluing together the monoidal values with the monoid.
[Sun Aug 17 16:38:25 2014] <edwardk> it is a Comonad all the time though
[Sun Aug 17 16:39:11 2014] <edwardk> when we go to push out the Monad theory and the Comonad theory for (,) e we don't want a Monad + Comonad for (,) e -- we want a pushout of two conditional theories, we want the '(,) e is a monad if e is a monoid' theory and '(,) is a comonad' theories to be pushed out
[Sun Aug 17 16:39:37 2014] <edwardk> then you can say the obligation becomes that liftM = liftW iff both preconditions for the classes to be present are satisfied
[Sun Aug 17 16:41:21 2014] <edwardk> then we can talk about orphans, coherence of instance resolution in this context, etc. that is actually the space where i think the hott approach could be nice. going through and describing all the equalities between parts of records via homotopies of paths, and moving the obligations to the use site, etc. maybe not in coq, but in 'language as yet to be defined in the future where hott is just in the background'
[Sun Aug 17 16:44:40 2014] <jgross> I think you've lost me.  Probably because I've never used comonads, and only really started using monads this year, and haven't formalized them categorically, yet.  I also don't have the bandwith at the moment to figure it out, since I should be cleaning up some code for verifying `echo` (or a simpler version of it), and writing an abstract for a talk I'm giving on Wednesday, and then sleeping.  But I'd love to hear more about this some other
[Sun Aug 17 16:44:40 2014] <jgross> time. 
[Sun Aug 17 16:46:37 2014] <ezyang> jgross: That reminds me, my talk is colocated with yours, so I guess I should be abstractin' too
[Sun Aug 17 16:46:43 2014] <edwardk> jgross: mostly it comes down to the fact that languages like haskell require you to pay for every point above you in the abstraction lattice. the coq approach on the other hand requires you to pay for all the points you directly refine, but costs you coherence of instance resolution, one of my pet research areas is how to get something better than both =P
[Sun Aug 17 16:47:23 2014] <edwardk> it always galls me that OOP-style inheritance gets better code reuse out of deep class hierarchies than Haskell does =/
[Sun Aug 17 16:50:02 2014] <edwardk> in coq i get the ability to write a finer grained class hierarchy but it comes at the expense of coherence, so if i instead limit myself to applying it to things that are 'property-like structures' then it doesn't matter where i get them from, and i can fish around for better ways to express pushouts of conditional theories
[Sun Aug 17 16:53:26 2014] <jgross> I'd be interested to see such an expression of pushouts of conditional theories, if you manage to find a nice way to do it. 
[Sun Aug 17 16:54:45 2014] <edwardk> likewise
[Sun Aug 17 16:54:55 2014] <edwardk> its a thing i've been threatening to write a language to do for months now ;)
[Sun Aug 17 16:55:40 2014] <edwardk> 'pushouts of theories' is how jacques carette views the way his little type system works, the conditional part was me realizing i didn't want to ever pushout Monad/Comonad directly as constraints
[Sun Aug 17 16:55:47 2014] <edwardk> but rather the 'if this then that' part of them
[Sun Aug 17 16:57:05 2014] <edwardk> hoping that i get some insight on this via homotopy pushouts
[Sun Aug 17 16:57:57 2014] <jgross> Homotopy pushouts are just \infty-groupoid pushouts in HoTT, right? 
[Sun Aug 17 16:59:43 2014] <edwardk> as i understand things, yes
[Sun Aug 17 17:00:29 2014] <edwardk> what i'm looking at is trying to model a theory so that i can talk about pushouts of theories directly
[Sun Aug 17 17:01:14 2014] <edwardk> then a conditional theory is a function space / dependent theory, not just a record
[Sun Aug 17 21:42:26 2014] <edwardk> http://perso.ens-lyon.fr/guillaume.allais/pdf/report2012.pdf saw the paper title, expected mcbride. not far off, it is by his student. =P
[Mon Aug 18 01:46:40 2014] <johnw> if I have a Σ, how can I get the type of the witness?
[Mon Aug 18 01:46:59 2014] <johnw> something along the lines of: type of (projT1 x)
[Mon Aug 18 01:53:21 2014] <johnw> ah, found it
[Mon Aug 18 01:55:34 2014] <sh1ken> if I want a proof to be extracted later on, should I always use sigma types?
[Mon Aug 18 01:55:56 2014] <johnw> that's what I ended up doing
[Mon Aug 18 01:56:04 2014] <johnw> but others may know better
[Mon Aug 18 01:56:31 2014] <johnw> sh1ken: extracted from what?
[Mon Aug 18 01:56:43 2014] <robbert> you only need to use sigma types for the parts that are informative
[Mon Aug 18 01:57:30 2014] <sh1ken> johnw: from a theorem to ML, for example. I'm assuming this based on the comments on this post: http://stackoverflow.com/questions/13334863/can-i-extract-a-coq-proof-as-a-haskell-function
[Mon Aug 18 01:59:09 2014] <sh1ken> robbert: informative in which context?
[Mon Aug 18 01:59:34 2014] <robbert> that you care about the witness
[Mon Aug 18 02:00:08 2014] <sh1ken> oh, indeed
[Mon Aug 18 02:00:21 2014] <robbert> forall x : A, { y : B | exists z, P x y z } gets the type A -> B after extraction
[Mon Aug 18 02:00:49 2014] <robbert> forall x : A, { y : B & { z : C | P x y z }} gets the type A -> (B * C) after extraction
[Mon Aug 18 02:01:00 2014] <sh1ken> I see
[Mon Aug 18 02:01:07 2014] <robbert> so, whether to use the exists or sigma here depends on whether you do need this z
[Mon Aug 18 02:01:44 2014] <edwardk> johnw: note you can have a coercion to both funclass and sortclass for a type,s o the category can be abused notationally as both its hom and ob.
[Mon Aug 18 02:02:06 2014] <edwardk> so (x y : C) resolves to ob, while C x y  resolves to the hom
[Mon Aug 18 02:04:10 2014] <johnw> yes, I had that working in my version too
[Mon Aug 18 02:04:17 2014] <johnw> "C" is the obj, "C x y" was the hom
[Mon Aug 18 02:04:31 2014] <johnw> and "C x" the Hom
[Mon Aug 18 02:06:04 2014] <edwardk> yeah
[Mon Aug 18 02:50:31 2014] <sh1ken> if I need to apply some definition (e.g. plus) on two values with sigma types, is there anyway that I can "cast" them? or I need to redefine my definition that matches that sigma type?
[Mon Aug 18 02:52:58 2014] <johnw> you could make a plus_sigma that calls projT1 on its arguments
[Mon Aug 18 02:58:08 2014] <sh1ken> johnw: so I need to redefine the definition either way?
[Mon Aug 18 02:58:42 2014] <johnw> let me see
[Mon Aug 18 03:01:09 2014] <johnw> maybe so
[Mon Aug 18 03:01:41 2014] <sh1ken> the sigma type is a subtype of nat... and plus do process nat. There must be a easier way... right?
[Mon Aug 18 03:03:53 2014] <sh1ken> an*
[Mon Aug 18 03:10:15 2014] <sh1ken> thanks for the help, johnw. I'm going to research a little bit more tomorrow about that.
[Mon Aug 18 06:10:21 2014] <gdsfh> hello.  Is there a way to work with "Record val := { vtype : Type; vval : vtype }." in meaningful way?  For example, somehow match on vtype and extract vval.
[Mon Aug 18 06:28:33 2014] <gdsfh> another question: where can I find papers or slides from http://vsl2014.at/meetings/Coq-index.html ?
[Mon Aug 18 10:45:11 2014] <Rc43> Hello.
[Mon Aug 18 10:45:36 2014] <Rc43> Is there uniform way to apply arbitrary tactic to hypothesis (if it is possible at all)?
[Mon Aug 18 10:46:11 2014] <Rc43> If yes, is it possible to apply tactic/set of tactics to both goal and hypothesis (when it is possible)?
[Mon Aug 18 10:47:28 2014] <Rc43> I often suffer of code duplication because of something like "rewrite A; rewrite B; rewrite A in H; rewrite B in H".
[Mon Aug 18 10:48:33 2014] <Rc43> And I can't write truly generic tactic which uses rewrite and which I want to use both in goal and hypothesis.
[Mon Aug 18 11:02:42 2014] <ijp> maybe "rewrite A in *"
[Mon Aug 18 11:03:45 2014] <Rc43> ijp, no; I mean something like "(rewrite A; rewrite B) in <goal and H>".
[Mon Aug 18 11:04:21 2014] <Rc43> ijp, and if I have tactic like "Ltac do_clever_staff := match ... with .... rewrite ... end" then I can't apply in to hypothesis.
[Mon Aug 18 11:04:37 2014] <Rc43> ijp, so I need two versions of tactic: one for goal and one for hypothesis.
[Mon Aug 18 18:05:34 2014] <napping> Is there a good way to conditionally include a coq_makefile-generated makefile?
[Mon Aug 18 18:05:45 2014] <napping> or should I just check it in?
[Mon Aug 18 18:07:02 2014] <napping> The problem is that some of my .v files are generated in fairly expensive ways, but with the output of coq_makefile included into my main makefile, even the clean targets wants to generate them, so it can generate and include .v.d files
[Mon Aug 18 18:11:24 2014] <johnw> you could make the inclusion depend on a Makefile argument
[Mon Aug 18 18:11:30 2014] <johnw> make -DINCLUDE_COQ
[Mon Aug 18 18:11:51 2014] <johnw> I don't check in coq_makefile  generated files; I check in a more general Makefile that knows how to make them when needed
[Mon Aug 18 18:11:54 2014] <napping> the problem is that I need to include the coq_makefile output to get its clean command
[Mon Aug 18 18:12:09 2014] <johnw> then have your clean target depend on Makefile.coq
[Mon Aug 18 18:12:10 2014] <napping> and that in turn tries to build all the .v.d files, because it includes
[Mon Aug 18 18:12:31 2014] <napping> I'm going to try invoking the coq_makefile output as a recursive make
[Mon Aug 18 18:12:43 2014] <johnw> example: https://gist.github.com/jwiegley/7b13b9fe219adf7ac5a5
[Mon Aug 18 18:13:09 2014] <napping> ah, looks about like what I'm trying
[Mon Aug 18 18:13:27 2014] <jgross> You can also "-include Makefile.coq" at the bottom of your Makefile. 
[Mon Aug 18 18:13:35 2014] <napping> that's what doesn't work right
[Mon Aug 18 18:14:01 2014] <napping> Basically, I've got expensive.v : \n <something expensive>
[Mon Aug 18 18:14:15 2014] <napping> Makefile.coq itself ends up doing -include expensive.v.d
[Mon Aug 18 18:14:32 2014] <napping> so if I ever include Makefile.coq it demands to build expensive.v.d, even if I'm just trying to clean or something
[Mon Aug 18 18:17:12 2014] <napping> johnw: thanks, that did work out nicely. Just had to make all depend on both coq_makefile.mk and expensive.v, while letting clean depend just on coq_makefile.mk
[Mon Aug 18 18:17:24 2014] <johnw> great!
[Mon Aug 18 18:18:46 2014] <napping> The only way I know to suppress a include is with a block conditional on a variable
[Mon Aug 18 21:37:32 2014] <tautologico> what can I do with an hypothesis of the form H: forall v, P -> Q if I don't have a goal with the form Q?
[Mon Aug 18 21:41:55 2014] <johnw> do you have another hypothesis of the form P?
[Mon Aug 18 21:43:04 2014] <johnw> tautologico: ^^
[Mon Aug 18 21:43:45 2014] <tautologico> I have a theorem of the form P -> R
[Mon Aug 18 21:44:07 2014] <johnw> but no P?
[Mon Aug 18 21:44:12 2014] <tautologico> it would be good if I could get to R
[Mon Aug 18 21:44:42 2014] <tautologico> no
[Mon Aug 18 21:44:51 2014] <johnw> if you had a P, you could apply H to it, then destruct Q
[Mon Aug 18 21:45:03 2014] <johnw> but without a P, it's not going to be terribly useful
[Mon Aug 18 21:45:34 2014] <johnw> I suppose you could assert Q, apply H, and then see if you can prove P
[Mon Aug 18 21:47:25 2014] <tautologico> yeah I think there's something wrong with this hypothesis
[Mon Aug 18 21:50:04 2014] <tautologico> this is the last detail in a chain of many theorems... so close yet so far
[Mon Aug 18 21:55:51 2014] <johnw> can you show me what you're seeing now?
[Mon Aug 18 21:57:30 2014] <tautologico> basically this
[Mon Aug 18 21:57:35 2014] <tautologico> Hfree : forall v' : var, freeIn (\\ t) v' -> v' >= c1 /\ v' >= c2
[Mon Aug 18 21:57:35 2014] <tautologico>   ============================
[Mon Aug 18 21:57:35 2014] <tautologico>    forall v' : var, freeIn t v' -> v' >= S c1 /\ v' >= S c2
[Mon Aug 18 21:58:15 2014] <tautologico> from freeIn (\\ t) v' I can get freeIn t (S v')
[Mon Aug 18 21:58:19 2014] <johnw> is that even provable?
[Mon Aug 18 21:58:25 2014] <tautologico> yeah, I don't think so
[Mon Aug 18 21:58:29 2014] <johnw> knowing that x > y, how can you prove that x > S y?
[Mon Aug 18 21:58:40 2014] <johnw> you'd need some other condition in your context
[Mon Aug 18 21:58:49 2014] <tautologico> the v's don't need to be the same
[Mon Aug 18 21:59:11 2014] <johnw> but they'll kind of have to be here
[Mon Aug 18 21:59:30 2014] <johnw> intros; specialize (Hfree v')
[Mon Aug 18 21:59:45 2014] <johnw> there's no other "var" to talk about
[Mon Aug 18 22:01:32 2014] <tautologico> yeah
[Mon Aug 18 22:06:55 2014] <tautologico> this is from an induction hypothesis, I think I have to reorganize it a bit
[Mon Aug 18 22:19:47 2014] <tautologico> can I generalize in an hypothesis?
[Tue Aug 19 00:29:03 2014] <johnw> are there any other Coq extraction backends being developed?  Is anyone looking at going straight to LLVM IR, for example?
[Tue Aug 19 00:29:17 2014] <johnw> I see https://github.com/coq-ext-lib/coq-compile
[Tue Aug 19 04:06:05 2014] <supki> Hi! I've been trying to translate Agda's Parity in coq but I have no idea how to convice it to refine types in pattern match
[Tue Aug 19 04:07:03 2014] <supki> I've seen a match-as-return-with construct, but I'm honestly not sure if that's even what I want
[Tue Aug 19 04:09:51 2014] <jrw> supki: if you post some broken code I'll take a look
[Tue Aug 19 04:14:44 2014] <supki> sure
[Tue Aug 19 04:14:59 2014] <supki> jrw: that's what I have http://lpaste.net/1825874813248339968
[Tue Aug 19 04:15:21 2014] <supki> AFAIUI the problem is that the pattern match on parity does not refine the type of n
[Tue Aug 19 04:15:59 2014] <supki> well, not type
[Tue Aug 19 04:18:25 2014] <jrw> supki: so, one thing is that coq is going to ask you to prove that "S (2 * k) = 2 * k + 1"
[Tue Aug 19 04:31:22 2014] <jrw> supki: http://lpaste.net/109612
[Tue Aug 19 04:31:31 2014] <jrw> taking a different approach using tactics instead
[Tue Aug 19 04:34:18 2014] <jrw> the second version there is as close as it gets, I'm afraid
[Tue Aug 19 04:34:33 2014] <jrw> with the fancy match in notation + convoy pattern
[Tue Aug 19 05:27:12 2014] <supki> jrw: thanks, that's something I would never come up with
[Tue Aug 19 07:07:09 2014] <roosbeef> suppose f: list nat -> list (list nat)
[Tue Aug 19 07:07:24 2014] <roosbeef> where f simply creates a list of singletons
[Tue Aug 19 07:08:22 2014] <roosbeef> how can i use sigT to modify f so that it creates a [list {x : list nat & In x (f input_list)}]
[Tue Aug 19 07:08:48 2014] <roosbeef> if that makes sense? I want Coq to remember where x came from, because im going to be needing that later
[Tue Aug 19 07:18:47 2014] <roosbeef> what i did so far is create a Definition f' (input_list : list nat) : {x : list nat & In x (f input_list)}.
[Tue Aug 19 07:19:42 2014] <roosbeef> which gives me as hypothesis input_list : list nat, and as goal list {x : list nat & In x (f input_list)}
[Tue Aug 19 07:20:09 2014] <roosbeef> my bad the type should be list {... & ...} not just {... & ...}
[Tue Aug 19 07:49:37 2014] <sgnb> roosbeef: what would be the output of f' when input_list is nil?
[Tue Aug 19 07:49:57 2014] <roosbeef> nil :: nil, i guess?
[Tue Aug 19 07:50:07 2014] <roosbeef> eh, no wait
[Tue Aug 19 07:50:36 2014] <sgnb> IIUC, f nil = nil by your specification
[Tue Aug 19 07:51:08 2014] <roosbeef> yes, f (1 :: 2 :: nil) = (1 :: nil) :: (2 :: nil) :: nil
[Tue Aug 19 07:52:08 2014] <roosbeef> but im trying to build f' (1 :: 2 :: nil) = {(1 :: nil) & In (1 :: nil) (f' (1 :: 2 :: nil))} :: {(2 :: nil) & In (2 :: nil) (f' (1 :: 2 :: nil))} :: nil
[Tue Aug 19 07:52:30 2014] <roosbeef> Coq should know where that singleton came from, i need that somewhere in my proof
[Tue Aug 19 07:53:10 2014] <roosbeef> (im actually using other types, but to simplify the problem lets consider list nat)
[Tue Aug 19 08:00:38 2014] <osa1> is there a tactic to clear a hypothesis and all others that depend on that?
[Tue Aug 19 08:01:24 2014] <sgnb> roosbeef: https://paste.debian.net/116339/
[Tue Aug 19 08:02:02 2014] <gdsfh> hello.  I'm writing some module that must be polymorphic with respect to some types (as I don't know in advance which types will be used).
[Tue Aug 19 08:02:07 2014] <gdsfh> Inside my module I build "associative list" with cells (nat * that_polymorphic_type), then work with nats (get/put values of polymorphic type from/into this list).
[Tue Aug 19 08:02:13 2014] <gdsfh> Logic of module doesn't depend on actual type: everything I know (and can guarantee), is that when value of type A was put into list, paired with some n : nat, next "get n" will return value of type A.
[Tue Aug 19 08:02:19 2014] <gdsfh> So probably I wish to have some "ref A" type, that holds that "n : nat" (ref A will be constructed with some "mkref : A -> assoc_list -> (modified_assoc_list * ref A)"), and allows one to get value of type A with "get : ref A -> assoc_list -> A".
[Tue Aug 19 08:02:22 2014] <gdsfh> Type A is not fixed, so functor is not a solution.  In OCaml I could use dynamic typing via "universal types", but this can't be translated in Coq.  Are there any ideas?
[Tue Aug 19 08:02:26 2014] <gdsfh> <eof> :)
[Tue Aug 19 08:02:31 2014] <osa1> after an inversion I'm doing this a lot "clear H4 e0 H2 h0 H6 t0." I'm looking for a shortcut
[Tue Aug 19 08:05:16 2014] <gdsfh> p.s. heterogeneous lists are an option, but they are heavy-weight for proofs, and I'm not sure it will work at all.
[Tue Aug 19 08:05:55 2014] <sgnb> osa1: inversion_clear, maybe?
[Tue Aug 19 08:06:54 2014] <osa1> sgnb: amazing!! I didn't know that tactic, it worked great. thanks!
[Tue Aug 19 08:30:59 2014] <roosbeef> sgnb: ha nice! Let me have a look at that
[Tue Aug 19 08:38:43 2014] <roosbeef> sgnb, could you explain in intuitive terms why and how L1 is used?
[Tue Aug 19 08:43:48 2014] <edwardk> is there anyway to have a conversion to funclass that starts with implicit arguments? e.g. when i try to change my functor record to auto convert to its action on objects it works fine, but the more interesting usecase is to have it auto-convert to its action on functions, but there it has a member map : ∀ {x y : C}, (x ~> y) → fobj x ~> fobj y
[Tue Aug 19 08:44:09 2014] <edwardk> and when i use  map :> ∀ {x y : C}, (x ~> y) → fobj x ~> fobj y   -- it comes out with the x and y as non-implicit args
[Tue Aug 19 08:44:29 2014] <edwardk> as i have no way to write an Arguments statement talking about the extra args you get after implicit conversion I think I'm stuck
[Tue Aug 19 08:45:12 2014] <edwardk> i converted 'transport' from hott to be functorial and was able to get everything else to work, but now i have to use map transport    instead of transport.
[Tue Aug 19 08:45:23 2014] <edwardk> as a sort of concrete motivation
[Tue Aug 19 08:45:33 2014] <edwardk> same with map ap
[Tue Aug 19 08:51:02 2014] <sgnb> roosbeef: L1 is a kind of "List.map" with a richer function type "forall x, A x -> B x", it is used for casting IHinput_list
[Tue Aug 19 08:55:14 2014] <roosbeef> so what types are we casting here?
[Tue Aug 19 09:12:24 2014] <sgnb> roosbeef: see the call to refine... it is casting IHinput_list's type (list { ... & In x (f input_list) }) into the goal (list { ... & a::nil = x \/ In x (f input_list) })
[Tue Aug 19 09:17:53 2014] <roosbeef> hm
[Tue Aug 19 09:18:09 2014] <roosbeef> dont think i fully understand yet but this seems to be what im looking for, thanks a lot sgnb :)
[Tue Aug 19 09:18:22 2014] <roosbeef> gotta leave for work
[Tue Aug 19 09:18:36 2014] <roosbeef> cya
[Tue Aug 19 09:23:42 2014] <gdsfh> (ignore my question here; asked it in coq-club.)
[Tue Aug 19 10:35:05 2014] <jgross> edwardk: You could do something hacky, like
[Tue Aug 19 10:35:05 2014] <jgross> Set Implicit Arguments.
[Tue Aug 19 10:35:05 2014] <jgross> Record Category := { obj :> Type ; hom :> obj -> obj -> Type }.
[Tue Aug 19 10:35:05 2014] <jgross> Record > PackagedHom (C : Category) := { x : C ; y : C ; unpackage :> C x y }.
[Tue Aug 19 10:35:05 2014] <jgross> Record Functor (C D : Category) := { fobj : C -> D ; map :> forall m : PackagedHom C, D (fobj m.(x)) (fobj m.(y)) }.
[Tue Aug 19 10:35:05 2014] <jgross> Section foo.
[Tue Aug 19 10:35:05 2014] <jgross>   Context C D (F : Functor C D) x y (m : C x y).
[Tue Aug 19 10:35:05 2014] <jgross>   Check F m. (* F m : D (fobj F (Top.x m)) (fobj F (Top.y m)) *) 
[Tue Aug 19 10:36:52 2014] <edwardk> hrmm
[Tue Aug 19 10:36:56 2014] <edwardk> i might be able to adapt that
[Tue Aug 19 10:37:32 2014] <edwardk> e.g. leave map alone, but add a separate packaged hom, write the coercion to it separately so others don't have to see the hack over and over
[Tue Aug 19 10:37:39 2014] <jgross> Actually, I think I have a way to make it work without the intermediate PackagedHom getting in the way.  Give me a few minutes. 
[Tue Aug 19 10:37:40 2014] <edwardk> that would let me use my functorial transport/ap everywhere
[Tue Aug 19 10:45:07 2014] <edwardk> what is the Record > PackagedHom  syntax above?
[Tue Aug 19 10:55:39 2014] <edwardk> hrmm, when i try your trick and use it i get The term "p" has type "x ~{ A }~ y" while it is expected to have type "morphism (Paths ?1370)". -- where my morphism  is your PackagedHom
[Tue Aug 19 10:56:11 2014] <jgross> edwardk: It means [Coercion Build_PackagedHom : <type of last argument> >-> PackagedHom] 
[Tue Aug 19 10:56:20 2014] <edwardk> ah
[Tue Aug 19 10:57:00 2014] <jgross> edwardk: First guess: Try turning off primitive projections?  Or make a small example displaying that bug and point me at it?  (What do you expect it to do?) 
[Tue Aug 19 10:57:27 2014] <jgross> I didn't manage to get a nice version without changing the type of [map], but I did find a bug in Coq 8.4: https://coq.inria.fr/bugs/show_bug.cgi?id=3527 
[Tue Aug 19 10:58:23 2014] <edwardk> https://github.com/ekmett/homotopy/blob/master/Core.v#L245
[Tue Aug 19 10:58:52 2014] <edwardk> i want to be able to replace use of 'map transports'  with 'transports' there
[Tue Aug 19 10:59:08 2014] <edwardk> and then eventually to be able to replace all uses of 'transport' with 'transports'
[Tue Aug 19 10:59:19 2014] <edwardk> (and then rename that back to transport!)
[Tue Aug 19 10:59:25 2014] <edwardk> same with ap vs map aps
[Tue Aug 19 10:59:58 2014] <edwardk> the goal is to be able to directly apply my functors and get their action on arrows rather than their action on objects
[Tue Aug 19 11:00:06 2014] <edwardk> since the action on arrows is more interesting
[Tue Aug 19 11:01:38 2014] <edwardk> this way i can make all the bits of hott that are actually functorial be functorial
[Tue Aug 19 11:01:59 2014] <edwardk> right now i have to clutter my code with all sorts of extra 'map' calls
[Tue Aug 19 11:02:14 2014] <edwardk> or make helpers that blur away the benefit
[Tue Aug 19 11:07:16 2014] <Ainieco> hello
[Tue Aug 19 11:09:21 2014] <edwardk> i was able to build it by doing something like
[Tue Aug 19 11:09:37 2014] <edwardk> Arguments Build_morphism [C x y] f%hom : rename; Program Definition path_morphism {A} {a b: A} (p : paths a b) : morphism (Paths A) := Build_morphism p.
[Tue Aug 19 11:10:07 2014] <edwardk> then i can use aps and transports directly on paths
[Tue Aug 19 11:11:36 2014] <edwardk> ok, that let me build everything
[Tue Aug 19 11:11:56 2014] <Ainieco> having really hard time contructing informal proofs - i'm just thinking in coq terms because i never proven anything informally before(really), jumped right into formal proofs.
[Tue Aug 19 11:13:12 2014] <Ainieco> are ifnormal proofs important or ican just skip on them because i can do formal proofs better?
[Tue Aug 19 11:15:50 2014] <edwardk> Ainieco: ultimately proof is about convincing your audience of a fact without wasting their time. proofs vary from audience to audience. to a mathematician with a ton of shared context, often a whiteboard sketch suffices as a proof. to a computer you need to be very explicit
[Tue Aug 19 11:17:51 2014] <edwardk> if the goal of a proof is to convey information, then the fact that if you go too far off into a formal proof you can lose your audience (to boredom, confusion, attention limits) should cause you to pause and consider if a more informal proof that leaves a bit more implicit is the right answer to get them convinced of the broad sweeps of your argument
[Tue Aug 19 11:20:10 2014] <napping> does a match always need to mention all constructors, even if indices rule some out?
[Tue Aug 19 11:20:13 2014] <Ainieco> edwardk: oh, i got your point, i guess it's fine to develop proofs in formal way to be sure about correctness and then transfer that knowlege in informal way because informal proofs are like comressed formal ones. because it's really hard for me to develop
[Tue Aug 19 11:21:02 2014] <Ainieco> to develop proofs in informal way from beginning because i often find my self in thingik "rewrite -> here", "apply there". :)
[Tue Aug 19 11:21:03 2014] <napping> hmm, I have more success with an _ => tt case than I hoped
[Tue Aug 19 11:21:20 2014] <Ainieco> thinking*
[Tue Aug 19 11:21:33 2014] <napping> edwardk: The boring parts of the formal proof should be automated away anyway
[Tue Aug 19 11:26:14 2014] <edwardk> napping: agreed =)
[Tue Aug 19 11:26:55 2014] <edwardk> jgross: anyways, i'm getting more and more happy with the foundational constructions there, now not only are most of the proofs gone but also most of the field definitions.
[Tue Aug 19 11:27:09 2014] <Ainieco> i'm worrying about such stuff just because SF has "write informal proof for" exercises and i'm really bad at it and wondering if i did something wrong or misunderstood along the way...
[Tue Aug 19 11:28:45 2014] <napping> Why not separate entirely the goals of giving an informal idea why it might work out, and convincing that it's entirely correct (unless the details of the proof are the point - obstacles carefully avoided, etc.)
[Tue Aug 19 11:29:55 2014] <napping> For the later, Theorem thm : <blah>. Proof. big_hammer_tac. Qed. Print Assumptions thm. seems to be pretty widely respected
[Tue Aug 19 11:31:55 2014] <Ainieco> napping: i like you definition of infromal proof as just "informal idea why it might work out", in SF examples of informl proofs quite often were 3x larger than formal or at best had the same length...
[Tue Aug 19 11:32:51 2014] <napping> That's not necessarily the sense of informal proof always
[Tue Aug 19 11:33:55 2014] <Ainieco> thank you guys for sharing thoughts on topic!
[Tue Aug 19 11:34:35 2014] <Ainieco> * dives into last bits MoreCoq.v, never been this far
[Tue Aug 19 11:41:15 2014] <jgross> edwardk: You managed to get the coercions working?  (Or is https://github.com/ekmett/homotopy/blob/master/Core.v#L245, or some other line, still broke?  L245 works for me.) 
[Tue Aug 19 11:42:04 2014] <edwardk> its working now
[Tue Aug 19 11:42:35 2014] <edwardk> if you rewind ~4 commits you get to what i was talking about
[Tue Aug 19 11:43:02 2014] <edwardk> https://github.com/ekmett/homotopy/blob/05438d77fa680fbff5c1666b6ed0e4e9df9f38fd/Core.v#L245
[Tue Aug 19 11:43:32 2014] <edwardk> which is fixed in the next patch in by making an explicit case for coercing @paths A to morphism (Path A)
[Tue Aug 19 11:43:50 2014] <edwardk> otherwise it doesn't see it
[Tue Aug 19 11:44:20 2014] <edwardk> it'll probably never work for functions, but it works fine for paths
[Tue Aug 19 11:58:03 2014] <jgross> Yeah, that's the way to do it.	If paths weren't an inductive type, or if Coq were less stupid about identity coercions, you could make path_morphism an identity coercion and then it would never actually show up when it's used. 
[Tue Aug 19 11:58:55 2014] <edwardk> i've yet to stop and take the time to understand the identity coercion machinery
[Tue Aug 19 11:59:13 2014] <edwardk> its phrased somewhat obliquely in the docs and i don't know exactly the kind of problem it solves
[Tue Aug 19 12:12:22 2014] <jgross> It solves the problem where you want to insert a coercion between convertible types, but you don't want the coercion itself (which is just the identity function) to show up in the resulting term. (Unfortunately, it's rather limited, in a very arbitrary way, and while there are hacks to get around some of the limitations, they don't work with inductive types.) 
[Tue Aug 19 12:13:05 2014] <edwardk> ah
[Tue Aug 19 12:15:52 2014] <napping> Is there any easy way to write an empty match on a value in an inductive type with impossible values for the indicies
[Tue Aug 19 12:16:03 2014] <napping> ones that don't even appear to unify with any constructors
[Tue Aug 19 12:16:58 2014] <napping> match _ => ... end doesn't actually give a match, as far as I can tell
[Tue Aug 19 12:17:21 2014] <edwardk> jgross: http://www.lix.polytechnique.fr/coq/bugs/show_bug.cgi?format=multiple&id=3115 being the hack in question?
[Tue Aug 19 12:18:31 2014] <napping> http://lpaste.net/109626
[Tue Aug 19 12:19:28 2014] <napping> with a reflexivity case things are not empty and I can write a somewhat ugly match
[Tue Aug 19 12:37:39 2014] <napping> is there a better way to write that?
[Tue Aug 19 13:04:30 2014] <napping> can this be simplified: http://lpaste.net/109626
[Tue Aug 19 14:05:26 2014] <vanila> How do I add new computation rules to Coq?
[Tue Aug 19 14:05:50 2014] <vanila> is there an extention that lets me easily do this? e.g. if I wanted to axiomatize a data type that isn't strictly positive or something, along with computation rules
[Tue Aug 19 14:14:11 2014] <vanila> Reason: There seems to be one IR definition (Mu) that lets you define any other IR definition via 'codes' that can be defined as a normal inductive type
[Tue Aug 19 14:16:21 2014] <napping> Actually as a computational rule?
[Tue Aug 19 14:16:43 2014] <napping> also, is that like a W type?
[Tue Aug 19 14:17:28 2014] <vanila> yes along with computational rules
[Tue Aug 19 14:17:51 2014] <napping> To make it actually compute I think need to get into O'Caml
[Tue Aug 19 14:17:57 2014] <vanila> I guess it's kind of like a very extreme W type
[Tue Aug 19 14:19:45 2014] <napping> you can assert equations and rewrite by them, if that's enough
[Tue Aug 19 14:20:55 2014] <napping> I've lost track of it, but Conor McBride had a blog post about various ways that W types tend to be not canonical enough, is this Mu better?
[Tue Aug 19 14:25:39 2014] <vanila> I dont know what yure referring to sorry
[Tue Aug 19 14:25:45 2014] <vanila> this isnt really like W
[Tue Aug 19 14:26:05 2014] <vanila> https://github.com/spire/spire.github.io/blob/source/source/_code/2014-08-04-inductive-recursive-descriptions/IDescIR.agda this was some of the code
[Tue Aug 19 14:26:07 2014] <vanila> il beb ack later
[Tue Aug 19 14:32:28 2014] <edwardk> napping: does that work for 'large' IR as well?
[Tue Aug 19 14:32:41 2014] <edwardk> or just small stuff
[Tue Aug 19 14:45:59 2014] <napping> edwardk: you know as much as I do
[Tue Aug 19 14:48:18 2014] <napping> I don't see how the Desc type in the linked code would encode a type that was itself inductive-recursive, if that's what you mean
[Tue Aug 19 14:49:20 2014] <vanila> http://spire-lang.org/blog/2014/08/04/inductive-recursive-descriptions/
[Tue Aug 19 14:49:23 2014] <vanila> there's a blog post about it
[Tue Aug 19 14:50:10 2014] <vanila> This is based on a paper by Dybjer
[Tue Aug 19 14:51:10 2014] <napping> that sounds pretty nice
[Tue Aug 19 14:52:34 2014] <napping> certainly it's claimed to have nice properties and be able to encode even large inductive-recursive definitions
[Tue Aug 19 14:53:14 2014] <edwardk> i read the paper that covered "small IR" being equivalent to polynomial types, etc.
[Tue Aug 19 14:53:36 2014] <edwardk> but if it can do large IR then I can try out some ideas in coq, which'd be nice
[Tue Aug 19 14:53:49 2014] <napping> I don't know if that encoding flies in Coq
[Tue Aug 19 14:54:04 2014] <edwardk> that's what i was afraid of
[Tue Aug 19 14:54:16 2014] <napping> I guess that explains the original question about extending/axiomatizing it
[Tue Aug 19 14:54:18 2014] <edwardk> i tried the one from the small IR paper and smacked into the obvious walls
[Tue Aug 19 14:54:23 2014] <napping> well, Coq doesn't do induction-recursion in general
[Tue Aug 19 14:54:42 2014] <edwardk> napping: sure, the trick was that the small IR paper shows how you can do 'small IR' without IR
[Tue Aug 19 14:55:03 2014] <edwardk> hence my question of if this was the same for large IR, which would have been quite surprising to me
[Tue Aug 19 14:56:12 2014] <napping> ah. No, but it looks like it lets you make a single inductive-recursive definition that then lets you encode others
[Tue Aug 19 14:58:52 2014] <edwardk> fair nuff
[Tue Aug 19 14:59:28 2014] <edwardk> ok, dumb mac emacs question, i seem to be hitting some key combination recently that causes it to pop up some damned dialog asking if i want to Print buffer Core.v
[Tue Aug 19 14:59:32 2014] <edwardk> but i have no way to clear the dialog
[Tue Aug 19 14:59:37 2014] <edwardk> this kills my session basically
[Tue Aug 19 14:59:43 2014] <edwardk> any idea what i'm hitting
[Tue Aug 19 14:59:54 2014] <edwardk> and how the hell i can rebind that thing so i never ever see that stupid dialog again?
[Tue Aug 19 15:00:01 2014] <napping> maybe it's print-buffer?
[Tue Aug 19 15:00:20 2014] <napping> that doesn't have a default binding
[Tue Aug 19 15:00:24 2014] <edwardk> the main problem is i can't get out of it once i accidentally tap it
[Tue Aug 19 15:00:32 2014] <edwardk> so i have no way to save my session, etc.
[Tue Aug 19 15:00:37 2014] <edwardk> its _quite_ frustrating
[Tue Aug 19 15:00:38 2014] <napping> oh, view-lossage is also helpful
[Tue Aug 19 15:00:45 2014] <napping> or are you just plain stuck?
[Tue Aug 19 15:00:48 2014] <edwardk> literally stuck
[Tue Aug 19 15:00:49 2014] <napping> you can't even close it for a bit?
[Tue Aug 19 15:00:52 2014] <edwardk> can't get anything to do anything
[Tue Aug 19 15:01:04 2014] <napping> huh
[Tue Aug 19 15:01:11 2014] <edwardk> clicking on it, just causes it to pop right back
[Tue Aug 19 15:01:20 2014] <edwardk> this is now the 3rd time its caused me to stop work
[Tue Aug 19 15:01:27 2014] <edwardk> so i'm figuring i should start asking
[Tue Aug 19 15:01:41 2014] <edwardk> i'd ask johnw, since he's basically Mr. emacs, but i don't know if he's around.
[Tue Aug 19 15:01:48 2014] <napping> If you can't see how to do anything, maybe ask in #emacs
[Tue Aug 19 15:02:02 2014] <napping> If you can't even interact with emacs any more, I don't know what to suggest
[Tue Aug 19 15:02:23 2014] <edwardk> i can lose this session if it means i can figure out how to fix it for future sessions
[Tue Aug 19 15:02:27 2014] <napping> Keep another frame open?
[Tue Aug 19 15:02:31 2014] <napping> C-g does nothing?
[Tue Aug 19 15:02:53 2014] <napping> anyway, I certainly don't know enough to recover from that kind of wedged state
[Tue Aug 19 15:03:23 2014] <napping> I'd suggest view-lossage if you could
[Tue Aug 19 15:03:56 2014] <napping> can you accept the dialog?
[Tue Aug 19 15:04:36 2014] <edwardk> nothing
[Tue Aug 19 15:04:51 2014] <napping> my proof general session has nothing with "print" in the name with keybindings
[Tue Aug 19 15:05:16 2014] <napping> except a vc-print-log / vc-print-root-log that are described as listing stuff in a window
[Tue Aug 19 15:05:17 2014] <edwardk> i can't get any frame interaction things to happen, new frame, etc. same as everything else, just stuck
[Tue Aug 19 15:06:03 2014] <napping> Is it a separate dialog window?
[Tue Aug 19 15:06:15 2014] <napping> might try xkill
[Tue Aug 19 15:07:05 2014] <napping> well, Coq accepts Desc at least
[Tue Aug 19 15:07:19 2014] <napping> (after switching Set l to Type)
[Tue Aug 19 15:16:18 2014] <napping> and El
[Tue Aug 19 15:22:52 2014] <edwardk> its running in cocoa mode, so its not under x per se
[Tue Aug 19 15:23:15 2014] <edwardk> with universe polymorphism on can you use Type and Type for both?
[Tue Aug 19 15:23:20 2014] <edwardk> under trunk?
[Tue Aug 19 15:23:30 2014] <napping> Does Coq even have universe polymorphism?
[Tue Aug 19 15:24:44 2014] <vanila> yes I think when you write Type it's basically Type[i] for any i - and it maintains an ordering on these indices to ensure consistency
[Tue Aug 19 15:25:33 2014] <napping> I don't think it's polymorphic in those indices
[Tue Aug 19 15:25:38 2014] <edwardk> napping: in trunk, yes
[Tue Aug 19 15:26:26 2014] <edwardk> but i don't know what the Set Universe Polymorphism. thing entails
[Tue Aug 19 15:26:31 2014] <napping> Ah, I'm not following quite that closely
[Tue Aug 19 15:52:44 2014] <napping> how can I prove e.g Z <> bool?
[Tue Aug 19 15:54:00 2014] <vanila> exists b1, exists b2, exists b3, b1 <> b2 /\ b1 <> b3 /\ b2 <> b3
[Tue Aug 19 15:54:03 2014] <vanila> is true of Z but not bool
[Tue Aug 19 15:54:22 2014] <napping> so assume propositional extensionality?
[Tue Aug 19 16:06:36 2014] <napping> http://stackoverflow.com/questions/12224318/how-to-solve-goals-with-invalid-type-equalities-in-coq
[Tue Aug 19 16:06:47 2014] <napping> switching to codes was nicer anyway
[Tue Aug 19 16:11:54 2014] <vanila> http://lpaste.net/109648
[Tue Aug 19 16:32:44 2014] <osa1> jrw: I'm still solving your exercises ;-(
[Tue Aug 19 16:32:58 2014] <osa1> jrw: I have one lemma and main theorem left
[Tue Aug 19 16:32:58 2014] <jrw> osa1: good to hear from you! how's it going?
[Tue Aug 19 16:33:09 2014] <osa1> jrw: not great ;-( let me paste my progress
[Tue Aug 19 16:33:58 2014] <jrw> osa1: sounds good. I'm busy for the next half hour or so, but I'll be happy to take a look after that
[Tue Aug 19 16:34:51 2014] <osa1> jrw: scroll down to see my annotation. sorry for output is a bit noisy because I didn't remove my proof attempts.
[Tue Aug 19 16:34:53 2014] <osa1> http://lpaste.net/109225
[Tue Aug 19 16:35:00 2014] <osa1> jrw: sure, whenever you're available
[Tue Aug 19 16:35:41 2014] <osa1> ops, I think I forgot to paste some used lemmas
[Tue Aug 19 16:37:19 2014] <osa1> http://lpaste.net/109649
[Tue Aug 19 16:54:37 2014] <edwardk> ok, i'm being an idiot, why am i not getting foo_rect when i define a record foo?
[Tue Aug 19 16:54:59 2014] <napping> is it in Prop?
[Tue Aug 19 16:55:01 2014] <edwardk> no
[Tue Aug 19 16:55:09 2014] <edwardk> its just an inductive definition
[Tue Aug 19 16:55:12 2014] <edwardk> well
[Tue Aug 19 16:55:15 2014] <edwardk> even more boring
[Tue Aug 19 16:55:17 2014] <edwardk> just a Record
[Tue Aug 19 16:55:46 2014] <napping> can you request it yourself?
[Tue Aug 19 16:55:48 2014] <edwardk> e.g. Record point := { x : nat; y : nat }.  -- i'd expect point_rect to be in scope, no?
[Tue Aug 19 16:55:53 2014] <edwardk> how?
[Tue Aug 19 16:56:16 2014] <edwardk> point is defined; x is defined; y is defined  -- is all i get
[Tue Aug 19 16:56:28 2014] <napping> "Proof schemes" in the manual, Scheme foo_rect := Induction for foo sort Type.
[Tue Aug 19 16:57:09 2014] <napping> Also, did you "Check" if it was defined? I'm not sure if stuff you get for free is listed in that sort of message
[Tue Aug 19 16:57:43 2014] <edwardk> i tried using it
[Tue Aug 19 16:57:57 2014] <napping> How did the explicit Scheme request go?
[Tue Aug 19 16:58:31 2014] <edwardk> learning about schemes =)
[Tue Aug 19 16:59:16 2014] <edwardk> Scheme ident1 := Induction for ident’1 Sort sort1
[Tue Aug 19 16:59:21 2014] <edwardk> that thing works
[Tue Aug 19 16:59:27 2014] <edwardk> Scheme point_rect := Induction for point Sort Type.
[Tue Aug 19 16:59:42 2014] <napping> "Sort sort1"?
[Tue Aug 19 16:59:48 2014] <edwardk> that was a mispaste
[Tue Aug 19 17:00:02 2014] <napping> okay, I worried it was some of this universe polymorphism
[Tue Aug 19 17:00:10 2014] <napping> does the point_rect work?
[Tue Aug 19 17:00:15 2014] <edwardk> it is defined
[Tue Aug 19 17:00:16 2014] <edwardk> =)
[Tue Aug 19 17:00:21 2014] <napping> Huh
[Tue Aug 19 17:00:21 2014] <edwardk> and it looks sane
[Tue Aug 19 17:01:03 2014] <napping> that's odd you didn't get it already, what's the definition:?
[Tue Aug 19 17:02:48 2014] <edwardk> point_rect = λ (P : point → Type) (f : ∀ x y : nat, P {| x := x; y := y |}) (p : point), match p as p0 return (P p0) with | {| x := x; y := x0 |} => f x x0 end : ∀ P : point → Type, (∀ x y : nat, P {| x := x; y := y |}) → ∀ p : point, P p
[Tue Aug 19 17:03:43 2014] <napping> Record point := MkPoint { x := nat; y := nat }. gives me point/point_rect/point_ind/point_rec
[Tue Aug 19 17:03:52 2014] <edwardk> it may be a trunk thing?
[Tue Aug 19 17:03:57 2014] <napping> and puts Point into Prop
[Tue Aug 19 17:04:06 2014] <napping> Try "Check point"
[Tue Aug 19 17:04:07 2014] <edwardk> or maybe its one of the flags i have set?
[Tue Aug 19 17:04:20 2014] <edwardk> point : Set
[Tue Aug 19 17:04:34 2014] <napping> I don't know how my version things it's okay to eliminate a Prop like that
[Tue Aug 19 17:04:55 2014] <edwardk> putting it in prop seems weird
[Tue Aug 19 17:05:03 2014] <edwardk> wait you have x := nat
[Tue Aug 19 17:05:03 2014] <napping> oh, I might have the syntax wrong
[Tue Aug 19 17:05:06 2014] <edwardk> y := nat
[Tue Aug 19 17:05:09 2014] <edwardk> not x : nat
[Tue Aug 19 17:05:11 2014] <edwardk> y : nat
[Tue Aug 19 17:05:26 2014] <napping> yeah
[Tue Aug 19 17:05:28 2014] <edwardk> you made a pont be a record that was two definitions both equal to nat, always
[Tue Aug 19 17:05:29 2014] <napping> I don't know what that means
[Tue Aug 19 17:05:30 2014] <edwardk> no content
[Tue Aug 19 17:05:42 2014] <edwardk> so of course its a valid prop
[Tue Aug 19 17:05:43 2014] <edwardk> =)
[Tue Aug 19 17:05:44 2014] <napping> okay, that makes a lot more sense. It's in Set now, still getting rect and such
[Tue Aug 19 17:06:24 2014] <edwardk> https://github.com/ekmett/homotopy/blob/master/Core.v is the file i'm working on
[Tue Aug 19 17:06:47 2014] <edwardk> the one interesting thing i have turned on is -indices-matter
[Tue Aug 19 17:07:11 2014] <edwardk> Universe Polymorphism can probably be turned off without effect at this point
[Tue Aug 19 17:08:04 2014] <edwardk> but i've never seen a scheme automatically constructed in the entire time i've been working
[Tue Aug 19 17:08:33 2014] <edwardk> basically i'm trying to define natural transformations at the moment and to do that i want to say something about how to ap my way to glory through a record type
[Tue Aug 19 17:08:56 2014] <napping> what are you using from trunk?
[Tue Aug 19 17:08:57 2014] <edwardk> but i need to do something 'field by field' or its going to get really repetitive
[Tue Aug 19 17:09:13 2014] <edwardk> you may be able to build that without universe polymorphism turned on right now
[Tue Aug 19 17:09:33 2014] <edwardk> i'll eventually need universepolymorphism for the category of small categories
[Tue Aug 19 17:09:50 2014] <edwardk> or rather the category of infinity groupoids
[Tue Aug 19 17:10:30 2014] <napping> pretty close at least
[Tue Aug 19 17:10:39 2014] <napping> is the circle_ind / circle_rect supposed to be special?
[Tue Aug 19 17:11:25 2014] <edwardk> i needed 'Set Elimination Schemes'
[Tue Aug 19 17:11:44 2014] <napping> Is that now off by default?
[Tue Aug 19 17:11:47 2014] <edwardk> those can be killed for now, they don't add any value to the current discussion
[Tue Aug 19 17:11:54 2014] <edwardk> no idea
[Tue Aug 19 17:11:58 2014] <edwardk> but i turned it on and all was good
[Tue Aug 19 17:12:06 2014] <napping> okay, that and the second Nat and "Private Inductive" were all not supported
[Tue Aug 19 17:12:12 2014] <edwardk> maybe from -indices-matter ?
[Tue Aug 19 17:12:26 2014] <napping> but everything else checks
[Tue Aug 19 17:12:28 2014] <jrw> osa1: looks good. so you're working on find_min_..._correct_succ?
[Tue Aug 19 17:13:52 2014] <osa1> jrw: yes. I can actually prove most part of it but there is one case that occurs twice and I can't prove it. I'm stuck with `member e t` and all I know is `member e (h :: t)` or something like that.
[Tue Aug 19 17:14:23 2014] <jrw> osa1: right. you need to do inversion on the hypothesis 'member e (h :: t)' before you apply the induction hypothesis I think
[Tue Aug 19 17:14:36 2014] <osa1> jrw: I tried different ways but I came across to same goal no matter how I approach
[Tue Aug 19 17:14:46 2014] <osa1> jrw: I tried that too
[Tue Aug 19 17:14:52 2014] <jrw> okay let me see
[Tue Aug 19 17:15:13 2014] <osa1> I don't remember what was problem with that though. let me step through the code one more time. on of the attemps should be that.
[Tue Aug 19 17:17:31 2014] <edwardk> ok, guessing indices-matter probably turned off the record eliminators, because of eliminating to prop
[Tue Aug 19 17:17:36 2014] <jrw> osa1: oh, I needed a lemma that it looks like you deleted. find_min_idx_aux_correct_succ_le_min
[Tue Aug 19 17:19:51 2014] <osa1> jrw: I don't think you showed that lemma to me ;-(
[Tue Aug 19 17:20:00 2014] <jrw> oh. hmm. maybe I deleted it :D
[Tue Aug 19 17:20:06 2014] <osa1> jrw: original link http://lpaste.net/109225
[Tue Aug 19 17:20:08 2014] <osa1> :)
[Tue Aug 19 17:20:16 2014] <osa1> oh wait
[Tue Aug 19 17:20:18 2014] <osa1> it's there
[Tue Aug 19 17:20:20 2014] <osa1> I'm an idiot
[Tue Aug 19 17:20:24 2014] <jrw> hehe
[Tue Aug 19 17:20:52 2014] <jrw> whoever named these lemmas must have been crazy :p
[Tue Aug 19 17:21:00 2014] <osa1> jrw: http://lpaste.net/109660 I was just going to paste you where I stuck when I do inversion on member
[Tue Aug 19 17:21:03 2014] <osa1> heh
[Tue Aug 19 17:21:30 2014] <jrw> okay, yeah, you'll need that lemma there
[Tue Aug 19 17:22:01 2014] <osa1> jrw: awesome! many thanks for help. I'll ping you if I get stuck again.
[Tue Aug 19 17:22:35 2014] <jrw> cool. good luck!
[Tue Aug 19 17:23:58 2014] <osa1> thanks
[Tue Aug 19 18:04:24 2014] <edwardk> johnw: around?
[Tue Aug 19 18:08:54 2014] <osa1> jrw: I'm stuck again ;-( http://lpaste.net/109668
[Tue Aug 19 18:13:05 2014] <jrw> osa1: you'll need to apply the IH to the hypothesis about find_min_idx_aux (after some fiddling) and then use transitivity of <=
[Tue Aug 19 18:13:46 2014] <jrw> nth ... <= h <= m
[Tue Aug 19 18:13:50 2014] <osa1> hm
[Tue Aug 19 18:15:39 2014] <jrw> osa1: btw I think 'inversion eq' is probably not necessary
[Tue Aug 19 18:16:10 2014] <osa1> jrw: it worked!
[Tue Aug 19 18:16:18 2014] <jrw> woohoo
[Tue Aug 19 18:16:41 2014] <osa1> jrw: you're right, removed that part
[Tue Aug 19 21:01:15 2014] <johnw> edwardk: hi
[Tue Aug 19 21:01:19 2014] <edwardk> heya
[Tue Aug 19 21:01:31 2014] <johnw> did you need help with Emacs?
[Tue Aug 19 21:01:50 2014] <edwardk> some =)
[Tue Aug 19 21:01:54 2014] <johnw> what's up?
[Tue Aug 19 21:02:24 2014] <edwardk> weird mac specific nonsense where hitting s-P was causing my emacs to just hang indefinitely in an undismissable dialog box
[Tue Aug 19 21:02:38 2014] <johnw> s = shift?
[Tue Aug 19 21:02:48 2014] <edwardk> command
[Tue Aug 19 21:02:55 2014] <edwardk> was trying to use actual emacs parlance ;)
[Tue Aug 19 21:02:59 2014] <johnw> M-P
[Tue Aug 19 21:03:07 2014] <edwardk> no, not M-P
[Tue Aug 19 21:03:10 2014] <johnw> s-P means "super shift P" actually
[Tue Aug 19 21:03:16 2014] <edwardk> the command key, which is super-shift P
[Tue Aug 19 21:03:21 2014] <johnw> whaa?
[Tue Aug 19 21:03:35 2014] <johnw> C-h k and hitting that key report "s-P" at the bottom?
[Tue Aug 19 21:03:43 2014] <edwardk> the little thing with the swirly symbol called command.
[Tue Aug 19 21:03:45 2014] <edwardk> yes
[Tue Aug 19 21:03:48 2014] <johnw> bizarre
[Tue Aug 19 21:03:55 2014] <johnw> for me that a meta key, as it should be
[Tue Aug 19 21:04:06 2014] <edwardk> apparently in the cocoa build we set up it brings in all sorts of fancy mac stuff
[Tue Aug 19 21:04:22 2014] <edwardk> meta for me is still hiding under ecape
[Tue Aug 19 21:04:27 2014] <johnw> this is why I like the emacs24Macport build from Nix :)
[Tue Aug 19 21:04:33 2014] <edwardk> =P
[Tue Aug 19 21:04:36 2014] <johnw> that's really wrong
[Tue Aug 19 21:04:40 2014] <johnw> you need to make that command key a meta key stat
[Tue Aug 19 21:05:00 2014] <johnw> http://blacka.com/david/2010/01/17/switching-to-cocoa-emacs/
[Tue Aug 19 21:05:02 2014] <johnw> see "step 1"
[Tue Aug 19 21:05:05 2014] <edwardk> anyways that called some ns-print-buffer command
[Tue Aug 19 21:05:14 2014] <edwardk> and the way it popped up a dialog or something is probably bugged
[Tue Aug 19 21:05:16 2014] <johnw> yeah, and it's probably waiting on the print to finish or something stupid
[Tue Aug 19 21:05:26 2014] <edwardk> well, its got a dialog you can't dismiss
[Tue Aug 19 21:05:35 2014] <johnw> super modal
[Tue Aug 19 21:05:54 2014] <johnw> I just found a new tactics library for Coq that you might be interested in
[Tue Aug 19 21:05:55 2014] <edwardk> so i think there's just a bug there, because something else caused emacs to pop up a similar dialog and i couldn't get it off the screen, nothing i could type could do anything
[Tue Aug 19 21:06:11 2014] <edwardk> btw- i managed to kill all the uses of inversion
[Tue Aug 19 21:06:21 2014] <johnw> it's called ssreflect, and it pares down the number of tactics you need to think about hugely, by generalizing those few and making them more expressive
[Tue Aug 19 21:06:49 2014] <johnw> I was sold on it by someone turning a 10 line proof i'd written into a 2 line proof with ssreflect
[Tue Aug 19 21:06:49 2014] <edwardk> i've heard about ssreflect, but not found a good rundown of how to use it, etc
[Tue Aug 19 21:07:31 2014] <johnw> read this: http://hal.inria.fr/docs/00/97/55/65/PDF/main.pdf
[Tue Aug 19 21:07:45 2014] <johnw> i'm currently digesting/playing around with it
[Tue Aug 19 21:08:43 2014] <edwardk> google hangout?
[Tue Aug 19 21:09:13 2014] <johnw> I can for only a little bit
[Tue Aug 19 21:09:16 2014] <edwardk> sure
[Tue Aug 19 22:57:20 2014] <jgross> edwardk: Regarding record elims, CHANGES says "The command "Record foo ..." does not generate induction principles (foo_rect, foo_rec, foo_ind) anymore by default (feature wish #2693).  A flag "Set/Unset Record Elimination Schemes" allows to change this.	The tactic "induction" on a record is now actually doing "destruct"." 
[Tue Aug 19 22:57:50 2014] <edwardk> jgross: thats perfectly cool, just missed the note
[Tue Aug 19 22:57:56 2014] <johnw> jgross: do you know why that was done?
[Tue Aug 19 23:01:11 2014] <edwardk> guessing that the prop version and hott don't play well?
[Tue Aug 19 23:01:59 2014] <jgross> https://coq.inria.fr/bugs/show_bug.cgi?id=2693 says "In particular, induction schemes for records lead to large useless code when extracting via "Extraction Library".".  I'm confused by the original report on that page, but this reason makes some amount of sense. 
[Tue Aug 19 23:02:20 2014] <edwardk> makes sense to me
[Tue Aug 19 23:04:19 2014] <jgross> edwardk: Elims into Prop are fine.  It's elims out of prop that can cause trouble.  For a while, you could prove False by doing [Set Primitive Projections. Record foo : Prop := { evil : Type }.] and then you'd get an [evil : foo -> Type] and a [build_foo : Type -> Prop] and then you'd have impredicative type.	But Matthieu has since fixed that. 
[Tue Aug 19 23:04:51 2014] <edwardk> fair
[Tue Aug 19 23:06:50 2014] <johnw> jgross: have you ever used ssreflect?
[Tue Aug 19 23:13:02 2014] <jgross> johnw: Yes.  I'm working in the same lab as Georges Gonthier this summer, so it's only natrual.  Why do you ask? 
[Wed Aug 20 00:50:05 2014] <johnw> jgross: I only just discovered it through coq-club, so I'm reading the documentation now; I wondered what your impressions of it were.  It looks very nice
[Wed Aug 20 01:24:12 2014] <jgross> johnw: There are some nice things, but it's not super-useful when you automate everything.  For not-fully-automated proofs, though, is seems much more well-thought-out and coherent than plain Ltac. 
[Wed Aug 20 01:27:42 2014] <johnw> it seems to be constructed very logically
[Wed Aug 20 01:27:49 2014] <johnw> a few generalized parts that fit together nicely
[Wed Aug 20 02:02:54 2014] <sh1ken> How do I match a term with an output sigma type? Is there a constructor?
[Wed Aug 20 02:06:22 2014] <johnw> I don't fully understand sh1ken, can you clarify?
[Wed Aug 20 02:09:18 2014] <sh1ken> Let me put it this way: If I have a term of type 'nat' for example, can I cast it to an arbitrary sigma type?
[Wed Aug 20 02:09:41 2014] <johnw> you can use the existsT constructor
[Wed Aug 20 02:09:51 2014] <johnw> you should have to provide it with the nat and the predicate
[Wed Aug 20 02:10:53 2014] <sh1ken> Oh, I see, no problem. I'm going to check that out. Thanks.
[Wed Aug 20 09:41:27 2014] <shouya> hi,
[Wed Aug 20 09:41:55 2014] <shouya> may i ask a beginnner's question?
[Wed Aug 20 09:42:07 2014] <shouya> http://lpaste.net/109692
[Wed Aug 20 09:42:33 2014] <shouya> i want to deduce R = square R from the assumption. so what should i do?
[Wed Aug 20 09:43:40 2014] <shouya> hello?
[Wed Aug 20 09:44:54 2014] <shouya> i thought about f_equal tactic, but it doesn't apply to this case.
[Wed Aug 20 09:46:12 2014] <shouya> could anyone give me some hints?
[Wed Aug 20 09:58:35 2014] <alkabetz> You need functional extensionality.
[Wed Aug 20 09:58:52 2014] <shouya> like what?
[Wed Aug 20 09:59:06 2014] <shouya> and how?
[Wed Aug 20 09:59:20 2014] <alkabetz> Coq won’t deduce (forall x y, R x y -> square R x y) -> (R = square) by default.
[Wed Aug 20 10:00:04 2014] <shouya> alkabetz: another idea, can i prove this by contradiction?
[Wed Aug 20 10:00:17 2014] <alkabetz> No.
[Wed Aug 20 10:00:31 2014] <alkabetz> Your goal cannot be proven from your hypotheses under Coq’s standard axiom set.
[Wed Aug 20 10:00:45 2014] <alkabetz> You either need to prove a different goal, like [forall x y, R x y -> square R x y]
[Wed Aug 20 10:00:51 2014] <alkabetz> or you need to import the functional extensionality axiom
[Wed Aug 20 10:01:12 2014] <shouya> hmm...
[Wed Aug 20 10:01:14 2014] <alkabetz> which allows you to prove your goal from [forall x y, R x y -> square R x y].
[Wed Aug 20 10:01:29 2014] <alkabetz> Are you familiar with functional extensionality?
[Wed Aug 20 10:01:37 2014] <shouya> no, i'm new to coq.
[Wed Aug 20 10:01:45 2014] <alkabetz> Ah, okay. :)
[Wed Aug 20 10:02:07 2014] <alkabetz> Functional extensionality is the notion that two functions are equal if they both produce equal output for the same input.
[Wed Aug 20 10:02:29 2014] <shouya> why is that an axiom?
[Wed Aug 20 10:02:47 2014] <alkabetz> Having it built in causes unhappiness with some advanced Coq developments, as I recall.
[Wed Aug 20 10:02:50 2014] <shouya> can't it be deduced from the standard axiom set?
[Wed Aug 20 10:02:57 2014] <alkabetz> No, it cannot.
[Wed Aug 20 10:04:03 2014] <alkabetz> Here, hang on, let me find the FAQ about this …
[Wed Aug 20 10:04:40 2014] <shouya> hm, i just thought of the omega-imcompleteness system.
[Wed Aug 20 10:04:43 2014] <alkabetz> Well, http://coq.inria.fr/cocorico/CoqAndAxioms#Functional_extensionality is the thing I was looking for
[Wed Aug 20 10:04:55 2014] <alkabetz> Unfortunately, it doesn’t have more info about why it’s optional
[Wed Aug 20 10:05:27 2014] <alkabetz> ISTR it makes homotopy type theory sad
[Wed Aug 20 10:05:32 2014] <alkabetz> But also, you might just not want it in general
[Wed Aug 20 10:05:43 2014] <alkabetz> After all, you can have two functions that both produce the same output for the same input
[Wed Aug 20 10:05:52 2014] <alkabetz> but one does so more efficiently than the other.
[Wed Aug 20 10:06:07 2014] <alkabetz> Are two functions equal even if they have radically different running times?
[Wed Aug 20 10:06:15 2014] <alkabetz> Seems like kind of a philosophical point.
[Wed Aug 20 10:06:19 2014] <shouya> hm, i see..
[Wed Aug 20 10:07:02 2014] <shouya> so, without the extensionality, can i prove it in other ways?
[Wed Aug 20 10:07:04 2014] <alkabetz> Anyway, though, if you want functional extensionality, you can [Require Import FunctionalExtensionality], which will get you the axiom
[Wed Aug 20 10:07:24 2014] <alkabetz> Well, you can prove (forall x y, R x y = square R x y), which is similar but not exactly the same.
[Wed Aug 20 10:07:50 2014] <alkabetz> (At least, I assume you can.  I haven’t actually tried, but it looks possible.)
[Wed Aug 20 10:07:51 2014] <shouya> alkabetz: but this is not provable without that hypothesis.
[Wed Aug 20 10:08:50 2014] <shouya> let me show you the code, http://lpaste.net/109694
[Wed Aug 20 10:09:14 2014] <shouya> actually 'square' is defined like this:
[Wed Aug 20 10:09:14 2014] <shouya> Inductive square {X: Type} (R: relation X) : relation X :=
[Wed Aug 20 10:09:14 2014] <shouya>   | sq0 : forall x y z, R x y -> R y z -> square R x z.
[Wed Aug 20 10:09:47 2014] <shouya> so (R = square R) only stands when R is transitive.
[Wed Aug 20 10:10:15 2014] <alkabetz> Here, let me look at this for a second
[Wed Aug 20 10:10:33 2014] <shouya> alkabetz: thanks a lot!
[Wed Aug 20 10:27:38 2014] <alkabetz> I’m still working on this; hang tight.
[Wed Aug 20 10:28:09 2014] <shouya> alkabetz: okay, i'm waiting :)
[Wed Aug 20 10:30:50 2014] <alkabetz> Hmm, should R be reflexive?
[Wed Aug 20 10:31:26 2014] <shouya> actually not necessary isn't it?
[Wed Aug 20 10:32:21 2014] <alkabetz> I’m not sure; I don’t think I know enough about the underlying math to determine if it is :)
[Wed Aug 20 10:32:57 2014] <shouya> hmm, shall i show you the book i am following?
[Wed Aug 20 10:33:32 2014] <shouya> http://people.umass.edu/klement/imp/imp-a4.pdf
[Wed Aug 20 10:33:42 2014] <shouya> this book, on page 25.
[Wed Aug 20 10:34:24 2014] <shouya> i have proved the reverse, that 'a transitive relation is one
[Wed Aug 20 10:34:24 2014] <shouya> which is implied by its square'.
[Wed Aug 20 10:36:20 2014] <alkabetz> Have a look at http://lpaste.net/109696#line77.
[Wed Aug 20 10:36:32 2014] <alkabetz> By switching Coq into classical mode and assuming propositional extensionality,
[Wed Aug 20 10:36:41 2014] <alkabetz> I’ve managed to get the goals into much nicer looking format.
[Wed Aug 20 10:37:18 2014] <alkabetz> I’m not sure how Russell would have felt about it, though :)
[Wed Aug 20 10:37:29 2014] <shouya> what is the propositional extensionality here?
[Wed Aug 20 10:37:43 2014] <alkabetz> It allows you to draw equality between propositions.
[Wed Aug 20 10:37:50 2014] <shouya> okay..
[Wed Aug 20 10:38:01 2014] <alkabetz> forall (P Q : Prop), (P <-> Q) -> P = Q.
[Wed Aug 20 10:38:14 2014] <alkabetz> This is important, because in Coq, a relation has type A -> A -> Prop.
[Wed Aug 20 10:38:27 2014] <alkabetz> So to equate relations, you need both functional and propositional extensionality.
[Wed Aug 20 10:38:47 2014] <alkabetz> The [extensionality] tactic uses functional extensionality to introduce [x] and [y]
[Wed Aug 20 10:39:19 2014] <alkabetz> The [Prop_ext] axiom lets you prove (R x y <-> square R x y) instead of (R x y = square R x y).
[Wed Aug 20 10:39:36 2014] <alkabetz> I suspect this is closer to Russell’s original intent here, but I haven’t read deeply, so I’m unsure.
[Wed Aug 20 10:39:37 2014] <shouya> i see it.
[Wed Aug 20 10:40:26 2014] <shouya> hmm, i'm yet reading how you get to that :)
[Wed Aug 20 10:40:27 2014] <alkabetz> I think the larger question that might need to be answered here is,
[Wed Aug 20 10:40:34 2014] <shouya> hm?
[Wed Aug 20 10:40:44 2014] <alkabetz> ‘What did Russell mean when he said that two relations are equal?’
[Wed Aug 20 10:41:24 2014] <alkabetz> Oh, wait, here it is: ‘One relation is said to contain or be implied by another if it holds whenever the other holds.’
[Wed Aug 20 10:41:26 2014] <shouya> sure,
[Wed Aug 20 10:41:36 2014] <shouya> that's it!
[Wed Aug 20 10:42:01 2014] <alkabetz> So I think that would be formalized as
[Wed Aug 20 10:42:03 2014] <shouya> so it means i can introduce the propositional extensionality with no problem right?
[Wed Aug 20 10:42:09 2014] <alkabetz> I don’t think you need to.
[Wed Aug 20 10:42:15 2014] <alkabetz> I think you should do something like
[Wed Aug 20 10:43:09 2014] <alkabetz> Definition contains {A} (P Q : relation A) : Prop := forall x y : A, Q x y -> P x y.
[Wed Aug 20 10:43:34 2014] <shouya> hm yup,
[Wed Aug 20 10:43:41 2014] <shouya> and also the implied_by ?
[Wed Aug 20 10:44:18 2014] <alkabetz> I would just pick one term and stick with it
[Wed Aug 20 10:44:23 2014] <alkabetz> Either say P is contained by Q
[Wed Aug 20 10:44:33 2014] <alkabetz> Er, P contains Q
[Wed Aug 20 10:44:40 2014] <alkabetz> or P is implied by Q
[Wed Aug 20 10:44:58 2014] <shouya> actually i don't really understand why here it uses the conjunction 'or'.
[Wed Aug 20 10:45:01 2014] <shouya> ‘One relation is said to contain or be implied by another if it holds whenever the other holds.’
[Wed Aug 20 10:45:04 2014] <shouya> in this sentence.
[Wed Aug 20 10:45:15 2014] <alkabetz> Oh, I think he’s saying that they’re two different terms for the same thing.
[Wed Aug 20 10:45:53 2014] <shouya> so how to express it in math notation?
[Wed Aug 20 10:46:32 2014] <shouya> just as what you previously mentioned right? that definition of 'contains' proposition.
[Wed Aug 20 10:46:56 2014] <alkabetz> Yep, I think Russell is saying you can also call that ‘is implied by’ instead of ‘contains’
[Wed Aug 20 10:47:10 2014] <shouya> actually i'm not clear about what this clause means 'if it holds whenever the other holds'
[Wed Aug 20 10:47:39 2014] <alkabetz> ‘If P holds whenever Q holds’ = ‘Q -> P’
[Wed Aug 20 10:48:11 2014] <shouya> oh..
[Wed Aug 20 10:48:14 2014] <shouya> gotcha..
[Wed Aug 20 10:48:17 2014] <alkabetz> Russell is implicitly using functional extensionality here, because you really need to quantify over /what/ the relation is holding over.
[Wed Aug 20 10:48:28 2014] <alkabetz> But you can circumvent that issue by defining your 'contains' predicate nicely.
[Wed Aug 20 10:48:49 2014] <shouya> yes, yes.
[Wed Aug 20 10:49:38 2014] <alkabetz> Do you feel comfortable proceeding on your own now?
[Wed Aug 20 10:49:57 2014] <shouya> i feel much better now :)
[Wed Aug 20 10:50:03 2014] <alkabetz> Awesome!  Good luck!
[Wed Aug 20 10:50:05 2014] <shouya> thanks, you helped a lot :)
[Wed Aug 20 10:50:09 2014] <alkabetz> You’re welcome.
[Wed Aug 20 10:50:33 2014] <alkabetz> This development looks really cool, too – I love seeing mathematical foundations get Coqified like this :)
[Wed Aug 20 10:52:29 2014] <shouya> hm yes～
[Wed Aug 20 10:53:32 2014] <shouya> alkabetz: btw, can i ask one more question about it?
[Wed Aug 20 10:53:41 2014] <shouya> just ensure if i'm understanding correctly.
[Wed Aug 20 10:54:57 2014] <shouya> So i expressed the statement 'From the definitions it will be seen that a transitive relation is one
[Wed Aug 20 10:54:57 2014] <shouya> which is implied by its square' as 'forall {X} (R: relation X), transitive R <-> (forall x y, square R x y -> R x y).'
[Wed Aug 20 10:55:22 2014] <shouya> is it correct?
[Wed Aug 20 11:00:52 2014] <alkabetz> That’s the way I interpreted that.
[Wed Aug 20 11:01:42 2014] <shouya> cool :)
[Wed Aug 20 12:20:44 2014] <Ainieco> hello
[Wed Aug 20 12:22:22 2014] <Ainieco> could you please give me a little hint on http://lpaste.net/8359810244280320000 ?
[Wed Aug 20 12:25:23 2014] <jrw> Ainieco: what are you stuck on? try doing "simpl in *" and then "destruct (test a) eqn:?."
[Wed Aug 20 13:00:07 2014] <peterbb> In a coqtop-session, is there any way to figure out if an axiom has been assumed? I'm familiar with Print Assumptions ident?
[Wed Aug 20 13:03:26 2014] <napping> That's all I know.
[Wed Aug 20 13:06:27 2014] <napping> You can use Print Assumptions on a module name too
[Wed Aug 20 13:06:45 2014] <peterbb> Aha, thats nice.
[Wed Aug 20 13:09:51 2014] <napping> Why do you say coqtop specifically?
[Wed Aug 20 13:10:03 2014] <Ainieco> jrw: proved that, thank you, not sure why did i stumbled on it
[Wed Aug 20 13:10:27 2014] <peterbb> Hmm, actually, I would be fine with any of the standard programs.
[Wed Aug 20 13:11:11 2014] <napping> Well, if you have things in .v files you can do something like coqchk -o on the files, or Print Assumptions on the moduels that came from them, and so on
[Wed Aug 20 13:11:21 2014] <elarnon> peterbb: do you want all the assumed axioms or a specific axiom ?
[Wed Aug 20 13:11:24 2014] <napping> also just plain grepping for admit/Axiom/etc in the source file
[Wed Aug 20 13:11:28 2014] <peterbb> elarnon: all
[Wed Aug 20 13:11:55 2014] <elarnon> in a single module you can get this information from Print All.
[Wed Aug 20 13:12:19 2014] <elarnon> (i.e., in your current module)
[Wed Aug 20 13:12:22 2014] <elarnon> cross-module I don't know
[Wed Aug 20 13:13:04 2014] <peterbb> Print All do not work cross module. I think coqchk -o looks like the thing.
[Wed Aug 20 13:13:30 2014] <napping> I doubt you can get a .vo file from a transient coqtop session
[Wed Aug 20 13:14:10 2014] <napping> but if you have compileable .v files, coqchk is the most comprehensive way to recheck them
[Wed Aug 20 13:14:16 2014] <Ainieco> jrw: also thanks for nice tricks: "in *" and "eqn:?".
[Wed Aug 20 13:14:26 2014] <jrw> np
[Wed Aug 20 13:14:26 2014] <peterbb> yeah
[Wed Aug 20 13:14:41 2014] <Ptival> may I tease my current project here? :) http://goto.ucsd.edu:4242/sf/Basics.html#lab23 and http://goto.ucsd.edu:4242/d3tree.html
[Wed Aug 20 13:15:56 2014] <napping> interesting. A lot of the grey boxes are too short to show any text
[Wed Aug 20 13:16:47 2014] <Ptival> napping: which browser?
[Wed Aug 20 13:17:17 2014] <napping> the firefox in debian stable (iceweasel 24.7)
[Wed Aug 20 13:17:29 2014] <Ainieco> jrw: by the way, do you know if it's possible to "generalize dependent" multiple things at once? i.e., without hvaing to repeat "generlize dependent" for every variable you want to generalize
[Wed Aug 20 13:17:42 2014] <jrw> afaik, that's not possible, no.
[Wed Aug 20 13:17:48 2014] <napping> well, after a rewrite it seems to forget the context
[Wed Aug 20 13:18:07 2014] <Ptival> yeah a multiple generalize would be cool :(
[Wed Aug 20 13:18:13 2014] <Ptival> I guess you can write it yourself...
[Wed Aug 20 13:18:16 2014] <Ptival> huh
[Wed Aug 20 13:18:28 2014] <Ainieco> jrw: okay, thanks for clarifying it for me
[Wed Aug 20 13:18:45 2014] <jrw> yeah, you can probable whip up something hacky at least
[Wed Aug 20 13:18:56 2014] <jrw> using tactic notations, for example
[Wed Aug 20 15:12:43 2014] <Ainieco> is there a way fold something unfolded back?
[Wed Aug 20 15:14:00 2014] <ianjneu> Ainieco: what?
[Wed Aug 20 15:18:36 2014] <johnw> sometimes, using the fold tactic
[Wed Aug 20 15:18:43 2014] <Ainieco> ianjneu: sorry, my term was not actually foldable, just figured that i need to additional lemma to fold it so "fold" didn't worked and i thought that i missused it and decided to ask here.
[Wed Aug 20 15:19:14 2014] <Ainieco> johnw: yeah, tried that, failed, asked here, figured that i need lemma to fold. sorry
[Wed Aug 20 15:19:54 2014] <johnw> n/p; I rarely can get fold to do anything useful
[Wed Aug 20 15:34:09 2014] <napping> match doesn't have anything like pattern guards, does it?
[Wed Aug 20 15:35:03 2014] <napping> er, just plain predicate guards would be enough
[Wed Aug 20 15:44:40 2014] <shouya> hi,
[Wed Aug 20 15:44:48 2014] <johnw> hi shouya
[Wed Aug 20 15:44:49 2014] <shouya> i got stuck, again :(
[Wed Aug 20 15:44:53 2014] <johnw> where?
[Wed Aug 20 15:45:01 2014] <shouya> johnw: wait a second, i show you the code :)
[Wed Aug 20 15:45:55 2014] <shouya> johnw: http://lpaste.net/109716#line136
[Wed Aug 20 15:46:28 2014] <shouya> i'm unsure if i'm understanding the statement correctly.
[Wed Aug 20 15:47:00 2014] <shouya> the statement on book is shown between line 121 and line 124 in the paste.
[Wed Aug 20 15:47:12 2014] <johnw> I'm afraid this is a bit beyond me just at the moment
[Wed Aug 20 15:48:07 2014] <shouya> hmm, is it so though?
[Wed Aug 20 15:48:09 2014] <shouya> tough
[Wed Aug 20 15:48:19 2014] <johnw> no, but i don't know enough to answer right off
[Wed Aug 20 15:48:47 2014] <shouya> firstly, am i intepreting the statement right?
[Wed Aug 20 15:48:54 2014] <shouya> *interpret
[Wed Aug 20 15:49:46 2014] <shouya> the full text can be found here: http://people.umass.edu/klement/imp/imp.html#page33
[Wed Aug 20 15:50:08 2014] <Ainieco> http://lpaste.net/1688314745993560064 could you please give a little hont on that 4 star exercise, i think i did something wrong along the way...
[Wed Aug 20 15:50:19 2014] <Ainieco> hint*
[Wed Aug 20 15:51:48 2014] <napping> shouya: looks like you are missing some of the sense
[Wed Aug 20 15:51:56 2014] <johnw> Ainieco: the result will be a whole lot simpler than what you have there
[Wed Aug 20 15:52:06 2014] <shouya> napping: i am mostly afraiding of that XD
[Wed Aug 20 15:53:38 2014] <johnw> Ainieco: you only need an induction and a destruction; the rest is simplification, unfolding and rewriting
[Wed Aug 20 15:53:48 2014] <johnw> no generalization will be necessary
[Wed Aug 20 15:53:52 2014] <Ainieco> johnw: yeah, i thought that i messed up something along the way
[Wed Aug 20 15:53:55 2014] <napping> seems like it's some kind of definition that should havea a <->
[Wed Aug 20 15:54:17 2014] <napping> "aliorelative" and "contains diversity" seem to be defined as exactly the same thing
[Wed Aug 20 15:55:02 2014] <napping> A <foo> is one which <bar> sounds like a definition, except transitive and aliorelative are already defined
[Wed Aug 20 15:55:14 2014] <johnw> Ainieco: if you get too stuck and need to peek at an approach, see https://github.com/jwiegley/software-foundations/blob/master/MoreCoq.v#L1233
[Wed Aug 20 15:55:26 2014] <napping> huh
[Wed Aug 20 15:55:28 2014] <johnw> I usually allow myself to read others' solutions after I hit the 8-hours-with-no-progress mark
[Wed Aug 20 15:55:39 2014] <napping> actually, wasn't transitive defined as containing it's square?
[Wed Aug 20 15:55:41 2014] <shouya> napping: i'm actually not very sure what it means 'in diversity' here.
[Wed Aug 20 15:55:55 2014] <shouya> napping: yes i think so.
[Wed Aug 20 15:56:01 2014] <napping> reading farther up the book, it seems to be defined as a synonym for aliorelative
[Wed Aug 20 15:56:19 2014] <napping> so I think the bit you are trying to translated is either vacuous, or just unfolding definitions
[Wed Aug 20 15:56:22 2014] <shouya> so what is meant by 'A transitive aliorelative'?
[Wed Aug 20 15:56:37 2014] <napping> I presume a relation that's transitive and "aliorelative"
[Wed Aug 20 15:56:47 2014] <napping> The bit with content seems to be the second part
[Wed Aug 20 15:57:02 2014] <napping> transitivie R -> (asymmetric R <-> aliorelative R)
[Wed Aug 20 15:57:14 2014] <shouya> hmm...
[Wed Aug 20 15:57:47 2014] <napping> Or diversity is the inequality relation, that makes sense too
[Wed Aug 20 15:58:00 2014] <napping> writing R x y -> x <> y instead of just ~(R x x)
[Wed Aug 20 15:58:41 2014] <shouya> pardon me, i still didn't get the point?
[Wed Aug 20 15:59:59 2014] <napping> well, if aliorelative is defined as "implies diversity", and transitive as "contains it's square"
[Wed Aug 20 16:00:16 2014] <napping> saying a transitive aliorelative is a relation that implies diversity and is contained in it's square isn't saying much
[Wed Aug 20 16:00:18 2014] <shouya> hm?
[Wed Aug 20 16:01:02 2014] <shouya> please wait a second, i need time to digest what you said :)
[Wed Aug 20 16:02:12 2014] <shouya> okay.
[Wed Aug 20 16:03:14 2014] <napping> So you could prove that bit as a lemma if you really want, but it's probably just something like "unfold transitive, aliorelative; tauto"
[Wed Aug 20 16:03:37 2014] <napping> The second part of the quote seems to be making a claim that might actually be interesting to prove
[Wed Aug 20 16:03:40 2014] <shouya> a small question.
[Wed Aug 20 16:04:07 2014] <shouya> what's the difference between 'R x y -> x <> y' and '~(R x x)'
[Wed Aug 20 16:04:27 2014] <napping> not a whole lot
[Wed Aug 20 16:04:29 2014] <shouya> i interpret them  the same thing actually..
[Wed Aug 20 16:04:50 2014] <napping> but forall x y, R x y -> G x y is how you would write relation R being contained in relation G
[Wed Aug 20 16:05:18 2014] <shouya> yup, so?
[Wed Aug 20 16:05:23 2014] <napping> so if you want to read "in diversity" as actually talking about relation containment rather than just being a set phrase
[Wed Aug 20 16:05:47 2014] <napping> You might prefer to define aliorelative in the R x y -> x <> y way that looks like relation containment
[Wed Aug 20 16:06:43 2014] <shouya> oh yup.
[Wed Aug 20 16:06:57 2014] <Ainieco> johnw: thanks!
[Wed Aug 20 16:07:07 2014] <shouya> it's shown the previous page...
[Wed Aug 20 16:07:15 2014] <napping> and also then "diversity" itself makes sense as the x <> y relation
[Wed Aug 20 16:08:24 2014] <shouya> hm...
[Wed Aug 20 16:09:08 2014] <shouya> so can i understand 'in diversity' as a property of a relation?
[Wed Aug 20 16:09:39 2014] <napping> it seems to be used that way a lot, just as an alternative to "aliorelative"
[Wed Aug 20 16:09:53 2014] <napping> but you can also understand it as actually saying the relation is contained in the relation "diversity"
[Wed Aug 20 16:09:54 2014] <shouya> okay,
[Wed Aug 20 16:10:38 2014] <shouya> so can i regard the aliorelative as '~(R x x)' and diversity as  'R x y -> x <> y' ?
[Wed Aug 20 16:10:55 2014] <shouya> they're practically same but expressed in different fashions.
[Wed Aug 20 16:11:05 2014] <napping> I'd say diversity {A} : relation A := fun x y => x <> y.
[Wed Aug 20 16:11:30 2014] <napping> then maybe prove aliorelative R <-> subrelation R diversity
[Wed Aug 20 16:11:41 2014] <shouya> hm,
[Wed Aug 20 16:12:35 2014] <shouya> so i'd prove this first and will it help to my current goal?
[Wed Aug 20 16:12:46 2014] <shouya> actually i don't have much intuition on that.
[Wed Aug 20 16:12:58 2014] <napping> what's the current goal?
[Wed Aug 20 16:13:34 2014] <shouya> transitive R -> aliorelative R -> contains R (square R).
[Wed Aug 20 16:13:59 2014] <shouya> if i replace aliorelative with diversity will it be simpler?
[Wed Aug 20 16:14:02 2014] <napping> you should be able to drop aliorelative entirely
[Wed Aug 20 16:14:19 2014] <shouya> to drop it? why?
[Wed Aug 20 16:14:27 2014] <napping> why do you need it?
[Wed Aug 20 16:14:36 2014] <napping> Isn't transitive already defined as containing it's own square?
[Wed Aug 20 16:15:06 2014] <shouya> hm yes, it is though.
[Wed Aug 20 16:15:26 2014] <shouya> my square is defined like this:
[Wed Aug 20 16:15:28 2014] <shouya> Inductive square {X: Type} (R: relation X) : relation X :=
[Wed Aug 20 16:15:28 2014] <shouya>   | sq0 : forall x y z, R x y -> R y z -> square R x z.
[Wed Aug 20 16:16:10 2014] <shouya> and transitive is defined like 'forall x y z, R x y -> R y z -> R x z.'
[Wed Aug 20 16:17:02 2014] <shouya> should i replace the transitive's definition to indicate clearly as that the relation that contains  its own square?
[Wed Aug 20 16:17:17 2014] <napping> you should be able to prove it if you want
[Wed Aug 20 16:17:30 2014] <napping> that's probably the transitive you want, anyway
[Wed Aug 20 16:17:47 2014] <napping> maye redefine square R x z = exists y, R x y /\ R y z
[Wed Aug 20 16:18:05 2014] <shouya> hm, yup.
[Wed Aug 20 16:18:43 2014] <shouya> i would try what you said out :) thank you! i
[Wed Aug 20 16:18:54 2014] <shouya> i'll be back if i get stuck again :)
[Wed Aug 20 23:38:37 2014] <trap_exit> is Coq pronouced "cock" or "coke" ?
[Wed Aug 20 23:38:52 2014] <johnw> depends on the nationality of the person you ask
[Wed Aug 20 23:39:08 2014] <johnw> a french person says it somewhere in between cock and coke
[Wed Aug 20 23:39:31 2014] <johnw> everyone I know who isn't french says cock
[Wed Aug 20 23:51:28 2014] <trap_exit> johnw: noted, thanks
[Thu Aug 21 00:45:58 2014] <Ptival> yeah it sounds closer to cock
[Thu Aug 21 00:46:25 2014] <Ptival> but the "o" is not exactly the English one
[Thu Aug 21 00:48:11 2014] <Ptival> kinda like in "solo"
[Thu Aug 21 01:00:04 2014] <johnw> i'm really liking ssreflect
[Thu Aug 21 02:49:14 2014] <shouya> hi, folks. for the statement 'The “R-posterity” of x is all the terms of which x is an R-ancestor', what should be the type of r_posterity?
[Thu Aug 21 02:50:09 2014] <shouya> does 'all terms' implies a Set?
[Thu Aug 21 02:52:44 2014] <shouya> or i should define a Type?
[Thu Aug 21 02:53:58 2014] <shouya> and how should i define r_posterity.
[Thu Aug 21 03:02:46 2014] <jrw> shouya: I would do that as a relation between x and its R-posteriors.
[Thu Aug 21 03:03:13 2014] <jrw> oh I see, that's already what R-ancestor is.
[Thu Aug 21 03:03:15 2014] <jrw> hmm.
[Thu Aug 21 03:04:05 2014] <jrw> what do you want to prove about R-posterity? you can always define it as a sigma: {y : A | y is an R-ancestor of x}
[Thu Aug 21 03:04:08 2014] <shouya> jrw: like this? Definition r_posterity {X} (R : relation X) (x : X) : X -> Prop :=
[Thu Aug 21 03:04:08 2014] <shouya>   fun y => r_ancestor R y x.
[Thu Aug 21 03:04:30 2014] <jrw> well yeah but that's just the same thing as r_ancestor, no?
[Thu Aug 21 03:04:46 2014] <shouya> yup..
[Thu Aug 21 03:05:17 2014] <shouya> or i should just leave it utill i need to prove other theorems related to it?
[Thu Aug 21 03:05:42 2014] <jrw> shouya: you can always rephrase any theorem about R-posterity to a statement about all ancestors of x
[Thu Aug 21 03:05:57 2014] <shouya> hm yup.
[Thu Aug 21 03:06:10 2014] <jrw> if you want a type for it, you can use a sigma, like I said.
[Thu Aug 21 03:06:19 2014] <jrw> I would lean toward not doing that though.
[Thu Aug 21 03:06:28 2014] <shouya> does sigma have a built in syntax?
[Thu Aug 21 03:06:29 2014] <jrw> just for convenience
[Thu Aug 21 03:07:12 2014] <jrw> shouya: yeah. {x | P x}
[Thu Aug 21 03:07:19 2014] <shouya> cool.
[Thu Aug 21 03:07:50 2014] <shouya> since now i'm just following the book to formalize all such definitions.
[Thu Aug 21 03:09:03 2014] <shouya> i just did what you said. thank you jrw :)
[Thu Aug 21 03:10:48 2014] <jrw> np
[Thu Aug 21 12:37:46 2014] <Ainieco> hello
[Thu Aug 21 12:38:01 2014] <Ainieco> wow, finally made through MoreCoq
[Thu Aug 21 12:39:23 2014] <Ainieco> johnw: failed at proving existsb = existsb' because existsb was ill defined - for some reason it had forallb in definition http://lpaste.net/1688314745993560064
[Thu Aug 21 12:39:35 2014] <Ainieco> otherwise it's really easy
[Thu Aug 21 12:39:52 2014] <Ainieco> took me quite a lot of time to spot that silly mistake
[Thu Aug 21 13:37:22 2014] <mads-> Ainieco: what is MoreCoq? Set of exercises?
[Thu Aug 21 13:38:07 2014] <elarnon> it is a chapter of software foundation
[Thu Aug 21 13:39:16 2014] <mads-> The Benjamin Pierce et al one?
[Thu Aug 21 13:40:15 2014] <elarnon> yep
[Thu Aug 21 13:40:59 2014] <mads-> Just started reading up on coq today for school and have been looking at the "Basics" chapter of that.
[Thu Aug 21 14:03:41 2014] <Ainieco> mads-: what kind of school is that where they teaching you a coq?
[Thu Aug 21 14:09:45 2014] <mads-> Ainieco: Computer Science at University.
[Thu Aug 21 14:09:56 2014] <mads-> It's introduction to functional programming
[Thu Aug 21 14:12:43 2014] <mads-> I actually thought it was mostly used academically.
[Thu Aug 21 14:21:14 2014] <Ainieco> mads-: ah, it's uni afterall, thought that you meant school as high scool
[Thu Aug 21 14:31:48 2014] <Ainieco> johnw: just curious, how much time it took you to complete sf?
[Thu Aug 21 15:49:12 2014] <xavierm02> Hi. To practice using Ltac, I tried to prove an Equivalence property with a tactic that worked for all three subproperties. This tactic introduces everything there is to introduce and then tries to use induction on one element and destruct on all the others. My problem is that I don't know which lists are the tails of original lists and which are not so my tactic keeps destructing tails of tails of .. of tails of the original lists a
[Thu Aug 21 15:51:32 2014] <xavierm02> I think that could be fixed by adding a boolean to each list when introducing them and then removing it once I have destructed it but that sounds ugly. Is there an elegant way of marking some hypotheses to remember that they have been generated? Thank you in advance for your answers.
[Thu Aug 21 15:51:59 2014] <elarnon> xavierm02: the end of your first message got eaten by the size limit on IRC messages ; it ends at "tails of tails of .. of tails of the original lists a"
[Thu Aug 21 15:52:55 2014] <xavierm02> Hi. To practice using Ltac, I tried to prove an Equivalence property with a tactic that worked for all three subproperties. This tactic introduces everything there is to introduce and then tries to use induction on one element and destruct on all the others.
[Thu Aug 21 15:52:58 2014] <elarnon> Ltac is rarely elegant, by the way
[Thu Aug 21 15:53:00 2014] <xavierm02> My problem is that I don't know which lists are the tails of original lists and which are not so my tactic keeps destructing tails of tails of .. of tails of the original lists and never stops.
[Thu Aug 21 15:53:12 2014] <xavierm02> did you get it all this time?
[Thu Aug 21 15:53:29 2014] <elarnon> yes, only a few chars were missing
[Thu Aug 21 15:53:42 2014] <elarnon> do you have the code for your tactics somewhere?
[Thu Aug 21 15:55:09 2014] <xavierm02> the problematic part is:
[Thu Aug 21 15:55:11 2014] <xavierm02> Ltac qwe := repeat match goal with [ l : list A |- _ ] => destruct l end.
[Thu Aug 21 15:55:45 2014] <xavierm02> I only want to destruct the original lists but I end up destructing the tails so i get in an infinite loop
[Thu Aug 21 16:00:27 2014] <xavierm02> One way of doing that would be to "cache" the current goal and keep matching it instead of the new goal. But that doesn't seem to work: Ltac qwe := let g := goal in repeat match g with | [ l : list A |- _ ] => destruct l end.   (I get an error because that's not the kind of match it expects)
[Thu Aug 21 16:00:41 2014] <elarnon> so hm, one solution is to match on a big enough number of lists and then decreases
[Thu Aug 21 16:01:01 2014] <johnw> hi elarnon!
[Thu Aug 21 16:01:05 2014] <elarnon> i.e match goal with [ l1: list A, l2 : list A, ..., ln : list A ] => ... | ... => ... end
[Thu Aug 21 16:01:23 2014] <elarnon> that's very ugly, but i am afraid i have seen similar code in a couple of places
[Thu Aug 21 16:01:32 2014] <elarnon> hi johnw!
[Thu Aug 21 16:01:55 2014] <elarnon> how are you doing?
[Thu Aug 21 16:02:02 2014] <johnw> doing well, just awaking from a long night
[Thu Aug 21 16:02:06 2014] <johnw> how are things over in France?
[Thu Aug 21 16:02:15 2014] <johnw> I forget whether I'm going to be seeing you at ICFP or not?
[Thu Aug 21 16:02:16 2014] <elarnon> well, night is just starting here
[Thu Aug 21 16:02:25 2014] <elarnon> unfortunately no
[Thu Aug 21 16:02:30 2014] <johnw> that is too bad!!
[Thu Aug 21 16:02:52 2014] <johnw> elarnon: do you use SSReflect?
[Thu Aug 21 16:03:14 2014] <elarnon> i happen to have an oral exam for my internship during icfp
[Thu Aug 21 16:03:23 2014] <johnw> ahh
[Thu Aug 21 16:03:35 2014] <elarnon> i would probably use ssreflect if i was using coq seriously
[Thu Aug 21 16:04:03 2014] <elarnon> but i have never gotten the time and motivation to get into it
[Thu Aug 21 16:04:54 2014] <johnw> ah, ok
[Thu Aug 21 16:05:05 2014] <johnw> i finished reading its manual last night, and it's very interesting
[Thu Aug 21 16:05:30 2014] <johnw> you only need to keep a few small number of tactics in mind, but they are much more flexible.  so it's both simpler and more complex and the same time
[Thu Aug 21 16:05:52 2014] <johnw> but the pattern matching facility along is pretty wicked
[Thu Aug 21 16:06:35 2014] <elarnon> oh, they have improved pattern-matching?
[Thu Aug 21 16:06:51 2014] <johnw> yeah
[Thu Aug 21 16:07:07 2014] <johnw> you can say things like: rewrite: [RHS]plus_S_n
[Thu Aug 21 16:07:20 2014] <johnw> or rewrite: [in X in (_ + X) = _]plus_S_n
[Thu Aug 21 16:07:38 2014] <elarnon> oh, that looks nice indeed
[Thu Aug 21 16:07:41 2014] <johnw> so instead of just numeric indices that could change, you describe the exact sub-piece you want the rewrite to apply to
[Thu Aug 21 16:07:55 2014] <elarnon> reminds me of pvs's matching facilities
[Thu Aug 21 16:09:18 2014] <xavierm02> elarnon : Ok so no elegant way :( | Thank you for answering :)
[Thu Aug 21 16:09:33 2014] <elarnon> xavierm02: no elegant way that i know of at least
[Thu Aug 21 16:09:42 2014] <elarnon> maybe ssreflect would have one ;-)
[Thu Aug 21 16:10:16 2014] <elarnon> oh well there is something else you should be able to use
[Thu Aug 21 16:10:39 2014] <elarnon> let me check something real quick
[Thu Aug 21 16:12:42 2014] <gdsfh> hello.  rewrite tells me "Found no subterm matching "if ?2156 ?2155 ?2155 then ?2157 else ?2158" in the current goal.", indeed, goal has "if <expr> then .. else .. as .. return .." (seems it's an invalid construction for Coq parser).
[Thu Aug 21 16:12:45 2014] <gdsfh> destruct <expr> gives "Abstracting over the term "s" leads to a term .. which is ill-typed".  Whole development is large enough to show it, so my question: what does your intuition say about these errors?
[Thu Aug 21 16:13:52 2014] <jrw> it sounds like you're doing dependent matches.
[Thu Aug 21 16:16:04 2014] <elarnon> xavierm02: try using case_eq instead of destruct and using the generated equality as guards
[Thu Aug 21 16:16:11 2014] <gdsfh> jrw: right!  And how to prove things about them?
[Thu Aug 21 16:16:20 2014] <johnw> gdsfh: you may want to use the "refine" tactic
[Thu Aug 21 16:16:25 2014] <johnw> I had that Abstracting error!
[Thu Aug 21 16:16:28 2014] <johnw> s/had/hate
[Thu Aug 21 16:16:52 2014] <johnw> edwardk: ping
[Thu Aug 21 16:16:59 2014] <edwardk> yo
[Thu Aug 21 16:17:14 2014] <johnw> remember how we were looking and looking for a way to say "break this record up and give me goals for matching each member?"
[Thu Aug 21 16:17:19 2014] <edwardk> yeah
[Thu Aug 21 16:17:37 2014] <johnw> I think it's called "injection".  In either case, ssreflect's "case" tactics does exactly that when used in its defective mode.
[Thu Aug 21 16:17:38 2014] <jrw> gdsfh: have you heard of dependent destruction?
[Thu Aug 21 16:17:38 2014] <gdsfh> johnw: term that i'm trying to rewrite into is big for copypasting into proof.
[Thu Aug 21 16:17:57 2014] <edwardk> yeah, i don't think that is admissable in the world i'm working in
[Thu Aug 21 16:17:58 2014] <gdsfh> jrw: yes, will try it now.
[Thu Aug 21 16:17:59 2014] <johnw> gdsfh: use _ with refine
[Thu Aug 21 16:18:12 2014] <johnw> edwardk: either way, ssreflect only works with the current 8.4 release
[Thu Aug 21 16:18:25 2014] <johnw> edwardk: which I've switched back to for working on software foundation
[Thu Aug 21 16:18:32 2014] <gdsfh> johnw: good idea too, will try it too.
[Thu Aug 21 16:18:41 2014] <johnw> edwardk: the "clearing my goals buffer constantly" bug was slowing me down way too much
[Thu Aug 21 16:19:00 2014] <edwardk> yeah unfortunately i'm stuck here because i need the bug fixes
[Thu Aug 21 16:19:16 2014] <johnw> yeah, and I need to use HEAD to use universe polymorphism
[Thu Aug 21 16:19:23 2014] <johnw> so I just keep them both installed in different Nix environments
[Thu Aug 21 16:19:43 2014] <johnw> I run "load-env-coqHEAD" to drop into a shell where coqc is the HEAD version
[Thu Aug 21 16:20:23 2014] <edwardk> go ahead rub in your perfect little nix environment some more ;)
[Thu Aug 21 16:20:46 2014] <johnw> I've found the best way to Ed's heart is iterative reminders of better things on the other side of the fence :)
[Thu Aug 21 16:20:51 2014] <edwardk> i may have to quiz you for some emacs/coq/proof general set up help in a bit
[Thu Aug 21 16:21:00 2014] <johnw> edwardk: cool, I'm not grumpy today :)
[Thu Aug 21 16:21:05 2014] <edwardk> hah
[Thu Aug 21 16:24:03 2014] <johnw> ready when you are
[Thu Aug 21 16:38:46 2014] <xavierm02> elarnon : I tried matching the goal for a list "l" and then doing nothing if I detect and hypothesis "l = _" but since it always tries to match the same one, it just destructs the first one and then stops :/
[Thu Aug 21 16:46:18 2014] <gdsfh> jrw: dependent destruction is allowed only on hypothesis, but I have an expression.  "set (Q := <expr>). dependent destruction Q." hadn't destructed <expr> in goal.  It gave me equation for "<expr> = .." however, but rewriting this equation fails again, "abstracting .. ill-typed".
[Thu Aug 21 16:46:25 2014] <elarnon> xavierm02: try something like [repeat match goal with [ l: list nat |- _ ] => lazymatch goal with [ _: _ = (_::l)%list |- _ ] => fail | [ _: l = _ |- _ ] => fail | _ => destruct l end end]
[Thu Aug 21 16:47:06 2014] <elarnon> (lazymatch does the same thing as match but commits to its choice once a matching branch is found and do not backtrack)
[Thu Aug 21 16:48:18 2014] <elarnon> and replace destruct by case_eq, obviously
[Thu Aug 21 16:50:11 2014] <jrw> gdsfh: if you don't mind assuming things about JMeq, you can use dep_destruct from cpdt which allows destructing on expressions.
[Thu Aug 21 16:50:25 2014] <elarnon> [case_eq q; intros] even
[Thu Aug 21 16:52:51 2014] <gdsfh> johnw: no success with refine: I have a goal "match (if <expr> .. return ..) with | ...end eq_refl = v", so what should I write under refine, "eq_refl _"?  It fails, as types doesn't match, type of first expression (match) is a complex one.
[Thu Aug 21 16:53:45 2014] <gdsfh> jrw: I'll read about dep_destruct; however maybe you know some hints on how to reformulate my terms to avoid JMeq and complex proofs at all?
[Thu Aug 21 16:55:12 2014] <jrw> gdsfh: short, snarky, not-quite-true answer: don't use dependent types in your programs.
[Thu Aug 21 16:55:42 2014] <jrw> gdsfh: longer answer: if you explain what you're trying to do to me, I might be able to give some idea about how to reformulate it.
[Thu Aug 21 16:56:24 2014] <johnw> gdsfh: can you paste me the whole context/goal?
[Thu Aug 21 17:04:34 2014] <mads-> johnw: from what edward said, I reckon you know a little about emacs/coq/proof general. I'm a vim guy myself. Is proof general just an emacs plugin? Should I just use that one-liner, (load-file ....), and nothing else to use proof general with emacs? The folder contains a Makefile and such
[Thu Aug 21 17:05:47 2014] <mads-> And does emacs with proof general hold any advantages over the coqide?
[Thu Aug 21 17:06:25 2014] <gdsfh> johnw: http://pastebin.com/32NWGPHk , The Expression I Want To Destruct is "kdec ref_raddr ref_raddr" (line 45).  It must be equal to "left _".  I swear! :)
[Thu Aug 21 17:06:53 2014] <johnw> mads-: it's much better than coqide says everyone I know who has ever tried both
[Thu Aug 21 17:07:35 2014] <johnw> gdsfh: ah, hm....
[Thu Aug 21 17:07:36 2014] <chirpsalot> mads-: proof general is great. It's just an emacs plugin, yes, but a lot of distros offer a "proofgeneral" package.
[Thu Aug 21 17:08:49 2014] <mads-> chirpsalot: I just downloaded it. It seems easy enough to activate. Though I haven't tried it yet.
[Thu Aug 21 17:09:05 2014] <chirpsalot> mads-: there are some vim plugins, but I don't know how mature any of them are (I suspect not very): http://www.vim.org/scripts/script_search_results.php?keywords=coq&script_type=&order_by=rating&direction=descending&search=search
[Thu Aug 21 17:11:39 2014] <jrw> gdsfh: if you want to plow ahead with your current approach, I suggest dep_destruct. what kind of project is this a part of?
[Thu Aug 21 17:12:47 2014] <gdsfh> jrw: it's about proving some imperative things.  my own silly project.  and i can reimplement anything in it.
[Thu Aug 21 17:12:51 2014] <mads-> chirpsalot: I'm a "the right tool for the job" kind of guy. So if emacs and proof general is what everybody else is using I might as well just use that as well.
[Thu Aug 21 17:13:15 2014] <jrw> gdsfh: sounds cool. if you don't mind sharing the whole codebase publicly, I'd be interested to have a look.
[Thu Aug 21 17:13:16 2014] <mads-> I can't imagine that learning a few emacs hotkeys is going to kill me :)
[Thu Aug 21 17:14:12 2014] <vanila> mads-, http://i.imgur.com/P1i1WoA.png
[Thu Aug 21 17:14:42 2014] <mads-> vanila: I might be wrong, though :)
[Thu Aug 21 17:14:57 2014] <johnw> vanila: what is that PNG supposed to mean?
[Thu Aug 21 17:15:04 2014] <xavierm02> elarnon : It does work. Thank you very much :) | I had to idea you could return fail to send the match to the next thing. That's really cool :)
[Thu Aug 21 17:15:56 2014] <vanila> it's RMS Matthew Stallman after using emacs too long
[Thu Aug 21 17:17:01 2014] <elarnon> … i like that nickname
[Thu Aug 21 17:17:37 2014] <chirpsalot> mads-: might kill your pinky ;).
[Thu Aug 21 17:18:15 2014] <vanila> im just kiding but good reminder to take regular breaks, especially because interactive proof is addictive
[Thu Aug 21 17:18:23 2014] <elarnon> xavierm02: you're welcome, glad to have been of help even though my initial answer was negative :-)
[Thu Aug 21 17:18:41 2014] <chirpsalot> mads-: but, yeah, it should be fine. Just it'd be nice if you could stick to your editor of choice.
[Thu Aug 21 17:19:15 2014] <chirpsalot> * is an emacs user anyway.
[Thu Aug 21 17:19:29 2014] <elarnon> (taking regular breaks may even help you finding proofs faster)
[Thu Aug 21 17:19:41 2014] <vanila> true elarnon :)
[Thu Aug 21 17:20:07 2014] <chirpsalot> elarnon: by setting auto's depth to a higher value when taking a break ;)?
[Thu Aug 21 17:20:44 2014] <gdsfh> jrw: dep_destruct (copypasted from ..): "In nested Ltac calls to "dep_destruct" and "remember E as x" (expanded to "remember (kdec ref_raddr ref_raddr) as x"), last call failed. Error: The correctness of the conclusion relies on the body of x".
[Thu Aug 21 17:20:53 2014] <gdsfh> jrw: It's not a cool project, as there exist CFML, "Prop-enriched State monad", Ynot and other really cool stuff.  It's just my self-education, and moreover nothing works yet.  However I'll share it now.
[Thu Aug 21 17:21:21 2014] <elarnon> chirpsalot: by clear brain.
[Thu Aug 21 17:21:41 2014] <chirpsalot> Actually, I kind of want proof general / coq to do that. Put some low priority coq process with auto running in the background with a very high search depth for the current proof. Race the computer!
[Thu Aug 21 17:22:10 2014] <chirpsalot> Of course it won't always solve it -- probably in most cases? I haven't messed with auto much.
[Thu Aug 21 17:22:30 2014] <elarnon> a problem with that approache involves really long proof re-run and is probably not that efficient anyway
[Thu Aug 21 17:22:50 2014] <elarnon> unless your goal is really huge, that is
[Thu Aug 21 17:23:15 2014] <chirpsalot> elarnon: yeah. Can you save whatever path auto finds if successful, though?
[Thu Aug 21 17:23:31 2014] <elarnon> i'm not sure you can, and i'm not sure it is a good idea
[Thu Aug 21 17:24:16 2014] <elarnon> mainly 'cause of the whole thing where sometimes the theorem statement changes, or the way Coq introduces named variables changes
[Thu Aug 21 17:24:47 2014] <elarnon> wait no that last one doesn't matter
[Thu Aug 21 17:25:50 2014] <chirpsalot> elarnon: it would be less than ideal. Probably long and gross looking, but it might be useful if you don't really care :P.
[Thu Aug 21 17:25:58 2014] <chirpsalot> What do you mean by the first bit?
[Thu Aug 21 17:27:26 2014] <elarnon> well if you save an exact proof term you have no modularity at all and it becomes hard to change the theorem statement during development, or if a new constructor is added to an inductive, etc.
[Thu Aug 21 17:28:00 2014] <elarnon> if your databases are done well, auto should be able to correctly select them after-the-fact and maybe generate a faster script
[Thu Aug 21 17:28:01 2014] <chirpsalot> Wouldn't that affect a "normal" proof too?
[Thu Aug 21 17:28:17 2014] <elarnon> it depends how much automation your proof has
[Thu Aug 21 17:28:40 2014] <gdsfh> jrw: as for sharing, do you prefer mercurial or git?
[Thu Aug 21 17:28:42 2014] <elarnon> maybe calling your long-to-finish [auto] tactic would work again, but then you would need to save both proof scripts in some way
[Thu Aug 21 17:29:58 2014] <chirpsalot> elarnon: http://stackoverflow.com/questions/14917318/verbose-auto-in-coq
[Thu Aug 21 17:30:57 2014] <chirpsalot> Hmmm.
[Thu Aug 21 17:31:11 2014] <chirpsalot> Damn, I need to get back on my Coq-game tonight.
[Thu Aug 21 17:31:28 2014] <elarnon> info is broken in 8.4 afaik
[Thu Aug 21 17:31:55 2014] <elarnon> what i am trying to say is that storing an exact proof-term is really fragile
[Thu Aug 21 17:32:17 2014] <chirpsalot> elarnon: ah, I guess I can understand that.
[Thu Aug 21 17:32:25 2014] <chirpsalot> Don't really know how proof-terms work at the moment.
[Thu Aug 21 17:32:31 2014] <Ptival> does anyone know of any way to ever get a structured term out of coqtop?
[Thu Aug 21 17:33:45 2014] <vanila> Print term.
[Thu Aug 21 17:33:49 2014] <elarnon> chirpsalot: they are literally the term that you could write in coq when not using the tactics language
[Thu Aug 21 17:34:25 2014] <elarnon> or when you use the [exact] tactic, if you do so
[Thu Aug 21 17:34:45 2014] <vanila> chirpsalot, every proof is done by exhibiting a lambda calculus term -- but Coq lets you build very large complex lambda terms behind the scenes using tactics
[Thu Aug 21 17:35:29 2014] <vanila> for example intro x. just starts a lambda abstraction fun x => _
[Thu Aug 21 17:36:04 2014] <Ptival> vanila: I meant, get a structured term, not a string
[Thu Aug 21 17:36:37 2014] <chirpsalot> vanila: oh, huh. That's exactly how I was thinking of making a proof assistant the other day.
[Thu Aug 21 17:36:55 2014] <elarnon> Ptival: what is a structured term? you want an AST?
[Thu Aug 21 17:37:07 2014] <Ptival> elarnon: yes
[Thu Aug 21 17:37:09 2014] <vanila> great minds think alike!
[Thu Aug 21 17:37:33 2014] <chirpsalot> vanila: but, uh... Are the coq terms technically Turing complete, then? And Coq just doesn't let you construct a TC subset of them?
[Thu Aug 21 17:38:23 2014] <elarnon> coq only lets you construct well-typed terms
[Thu Aug 21 17:38:47 2014] <elarnon> and its type systems ensures some strong properties such as termination
[Thu Aug 21 17:38:47 2014] <chirpsalot> And it can only be well-typed if it terminates?
[Thu Aug 21 17:38:51 2014] <vanila> chirpsalot, Coq is strongly normalizing, it's subturing
[Thu Aug 21 17:39:06 2014] <vanila> this is essential because it has to do reduction during type-checking
[Thu Aug 21 17:39:22 2014] <vanila> it would also probably let you prove false if it could do general recursion
[Thu Aug 21 17:39:31 2014] <chirpsalot> vanila: yeah.
[Thu Aug 21 17:39:36 2014] <vanila> but what's great is that Coq can still express turing equivalent languages
[Thu Aug 21 17:39:58 2014] <vanila> like you can make a data type for lambda calculus and express beta reduction as a relation rather than a function, if you want to prove stuf about it
[Thu Aug 21 17:39:58 2014] <chirpsalot> Just with "n steps"?
[Thu Aug 21 17:40:03 2014] <elarnon> Ptival: you may want to use the -xml option to coqtop
[Thu Aug 21 17:40:11 2014] <jgross> johnw, edwardk: injection and case both work on hypotheses; I thought you wanted to work on goals?  (Did you manage to figure out what I was trying to say with classifying the path space of your record type?) 
[Thu Aug 21 17:40:20 2014] <vanila> that's another way!
[Thu Aug 21 17:40:29 2014] <johnw> jgross: ah
[Thu Aug 21 17:40:38 2014] <johnw> jgross: i think ssreflect's "case" works on the goal
[Thu Aug 21 17:40:46 2014] <Ptival> elarnon: so far I was using -ideslave, but it still is annoying to get everything as a string, I don't want to parse Coq terms
[Thu Aug 21 17:41:01 2014] <johnw> but I could be wrong
[Thu Aug 21 17:41:09 2014] <Ptival> will look into -xml...
[Thu Aug 21 17:42:15 2014] <jgross> johnw: ssreflect in trunk: Enrico said on coq-club: """On Thu, Jul 31, 2014 at 04:28:31PM -0400, Jonathan wrote: > - Is there access to a development version that works with the trunk version > of Coq?
[Thu Aug 21 17:42:15 2014] <jgross> It is there:
[Thu Aug 21 17:42:15 2014] <jgross> https://gforge.inria.fr/scm/viewvc.php/trunk/Saclay/Ssreflect/?root=coq-contribs
[Thu Aug 21 17:42:15 2014] <jgross> But don't use it in "production" """  Not sure how to get svn access to it if you don't want to download the files one by one or something, but feel free to ask on coq-club or coqdev 
[Thu Aug 21 17:43:24 2014] <jgross> johnw: case is basically [intro x; case x; revert <things resulting from case x>] 
[Thu Aug 21 17:43:45 2014] <johnw> jgross: ah, ok
[Thu Aug 21 17:43:48 2014] <jgross> It acts on the goal, but only on things to the left of an arrow 
[Thu Aug 21 17:44:12 2014] <johnw> I see
[Thu Aug 21 17:44:20 2014] <jgross> johnw: "clearing my goals buffer constantly" bug <- what bug is that? 
[Thu Aug 21 17:44:26 2014] <johnw> that's why the example show (a,b) = (c,d) -> P going to a = c -> b = d -> P
[Thu Aug 21 17:44:33 2014] <johnw> jgross: one sec
[Thu Aug 21 17:45:52 2014] <johnw> jgross: http://proofgeneral.inf.ed.ac.uk/trac/ticket/495
[Thu Aug 21 17:46:26 2014] <johnw> in other words, my *goals* buffer is constantly being cleared by any edits I make
[Thu Aug 21 17:46:41 2014] <johnw> whereas with 8.4 it is always displaying whatever is the current state of affairs
[Thu Aug 21 17:48:11 2014] <jgross> johnw: Just to make sure, you know about C-c C-p, right?  (It says "send [Show.]" or "redisplay the goals buffer".) 
[Thu Aug 21 17:48:51 2014] <johnw> yes
[Thu Aug 21 17:48:55 2014] <johnw> but I shouldn't have to do it constantly
[Thu Aug 21 17:49:01 2014] <johnw> with 8.4 I almost never need it
[Thu Aug 21 17:49:11 2014] <johnw> with HEAD I am hitting it all the time
[Thu Aug 21 17:49:46 2014] <jgross> johnw: yes, that's why the example is the way it is.  As I understand it, you want the other direction, (a,b) = (c,d) to a = c and b = d. I'm suggesting you prove a separate lemma a = c -> b = d -> (a,b) = (c,d) for each type, and apply that lemma to your goal. 
[Thu Aug 21 17:50:09 2014] <johnw> jgross: that's unfortunate
[Thu Aug 21 17:50:22 2014] <johnw> jgross: I do have such lemmas, but that seems an annoying requirement
[Thu Aug 21 17:50:45 2014] <johnw> what I want is a tactic that says "If I can prove the projected values are equal for these products, then the products are equal"
[Thu Aug 21 17:51:06 2014] <johnw> for injective things like inductive data types, that should always be the case
[Thu Aug 21 17:52:27 2014] <jgross> Why is that unfortunate?  For sufficiently complicated types, you're asking Coq to compute the homotopy groups of your type.  It would be nice to get the lemmas automatically for records (i.e., nested sigma types), though they still require transports in the dependent case. In the non-dependent case, you want the [f_equal] tactic. 
[Thu Aug 21 17:52:50 2014] <johnw> right, I think refine+f_equal is what I'm looking for
[Thu Aug 21 17:53:12 2014] <Cypi> I'm not sure I followed your discussion correctly, but just in case you want to generate the subgoals [a = c] and [b = d] from [(a,b) = (c,d)], f_equal will do it.
[Thu Aug 21 17:53:12 2014] <jgross> If you want, I can hand you a notation that builds the type of the lemma, and another notation that builds its proof, for any record of a fixed number of arguments. 
[Thu Aug 21 17:53:16 2014] <johnw> in ssreflect, refine is automatic, and f_equal just comes with case doesn't it?
[Thu Aug 21 17:53:18 2014] <Cypi> Aaaand, you just said that.
[Thu Aug 21 17:53:35 2014] <johnw> jgross: I love being handed notations
[Thu Aug 21 17:55:03 2014] <jgross> Er, I guess you also have to fix the number of arguments to the record type.  But, give me a few minutes, and I'll hand you one for two component records.  (A few more minutes will give you one for three component records.	For more, I'll let you generalize yourself.) 
[Thu Aug 21 17:55:25 2014] <johnw> k
[Thu Aug 21 18:01:45 2014] <jrw> gdsfh: either hg or git is fine
[Thu Aug 21 18:04:35 2014] <sh1ken> Is there any other way to extract nat as int that's more concrete than the one in SF? http://www.cis.upenn.edu/~bcpierce/sf/current/Extraction.html
[Thu Aug 21 18:05:08 2014] <jrw> sh1ken: what do you mean by "concrete"?
[Thu Aug 21 18:05:29 2014] <gdsfh> jrw: ok, hg, https://bitbucket.org/gds/coq-imp/src
[Thu Aug 21 18:05:33 2014] <jrw> if you mean "better", then no, probably not.
[Thu Aug 21 18:05:36 2014] <jrw> gdsfh: thanks!
[Thu Aug 21 18:05:44 2014] <sh1ken> Yeah, like "better"...
[Thu Aug 21 18:05:49 2014] <sh1ken> Well, that's a shame.
[Thu Aug 21 18:07:12 2014] <tswett_> Hola.
[Thu Aug 21 18:15:22 2014] <ijp> Is there something like "admit", that I can put in normal function definitions as a placeholder?
[Thu Aug 21 18:17:56 2014] <jrw> ijp: something like this? Definition undefined {A : Type} : A. Admitted.
[Thu Aug 21 18:18:07 2014] <jrw> then use 'undefined' as your placeholder
[Thu Aug 21 18:18:35 2014] <ijp> yes, thanks
[Thu Aug 21 18:31:27 2014] <jrw> gdsfh: this is interesting. what's a simple example program you'd like to write and prove something about in your imp language?
[Thu Aug 21 18:34:54 2014] <gdsfh> jrw: it's a sad story.  Program is here: https://bitbucket.org/gds/ocaml_incrcomp/src/tip/lib/incrcomp.ml (interface in .mli), it's buggy (w.r.t. ~eq no-recomputations), and I can't imagine an algorithm and convince myself with paper and pen that this algorithm will be correct.
[Thu Aug 21 18:35:40 2014] <johnw> elarnon: still here?
[Thu Aug 21 18:35:46 2014] <gdsfh> too many details, code paths, and it's imperative (and should be imperative).
[Thu Aug 21 18:37:53 2014] <jrw> gdsfh: what does that ml program do? what do you mean by recomputation?
[Thu Aug 21 18:37:56 2014] <gdsfh> without ~eq ("recompute when sources changed, always") it works, but it appeared that some computation values doesn't change even when sources change, so I have big enough performance penalty in most cases.
[Thu Aug 21 18:39:47 2014] <gdsfh> jrw: this library allows one to introduce "sources" (values that can be set to some value) and "computations" (functions that take sources or other computations and give some result).  It's a kind of DAG with automatic dependencies discovery (when computation got a value from source/computation, it is recorded as dependency).
[Thu Aug 21 18:40:13 2014] <jrw> so for dumb people like me, it's like a spreadsheet?
[Thu Aug 21 18:41:25 2014] <gdsfh> kind of, but cell formulae are not fixed, every new evaluation can change dependencies.
[Thu Aug 21 18:41:55 2014] <jrw> hmm, what about data-conditional dependencies
[Thu Aug 21 18:42:08 2014] <jrw> like 'if (read from source a) then (read from source b) else (read from source c)'?
[Thu Aug 21 18:45:25 2014] <gdsfh> then last computation will record a and either b or c.  Suppose a=true, and it will be b.  So, dependencies are [a; b].  If either a or b change, this computation must be recomputed.  Neat thing is that c can change when a=true, it doesn't affect actuality of computation's result.  When a becomes =false, next recomputation will set dependencies to [a; c].
[Thu Aug 21 18:46:20 2014] <edwardk> johnw: around?
[Thu Aug 21 18:46:57 2014] <jrw> gdsfh: I see. cool.
[Thu Aug 21 18:47:03 2014] <jgross> johnw: https://gist.github.com/JasonGross/d04e770af9342d63fbcf <- path classification for 2-field records.  3-field records are very similar, but require two transports in the third component.  I'm disinclined to write it down, though, given that those 50 lines took me 45 minutes to write. 
[Thu Aug 21 18:47:59 2014] <edwardk> jgross: that's very much what i've been chasing after to do category equality in my toy Core.v
[Thu Aug 21 18:49:33 2014] <edwardk> jgross: i want to transport ob C ~ ob D, transport the hom of C to get hom C' ~ hom D, then check identities and composition, then conditional on those 3 levels check the laws
[Thu Aug 21 18:49:42 2014] <edwardk> with that then i can get my notion of ~ for categories
[Thu Aug 21 18:49:56 2014] <edwardk> and then i can do two more levels of that nonsense to get functors, then i can do nat
[Thu Aug 21 18:50:03 2014] <edwardk> no problem, right? =)
[Thu Aug 21 18:51:16 2014] <jgross> edwardk: https://github.com/JasonGross/HoTT/blob/wip-mostly-finished-but-slow-path-precategory/theories/categories/Category/Paths.v <- that, but for precategoies, and with the property fields already solved.  But, ew, why do you want to talk about equality of categories.  (I guess if you're going to talk about univalence for categories...) 
[Thu Aug 21 18:52:08 2014] <edwardk> well, i need to talk about two ways of composing functors being 'equal' for Nat in this setting, and i'm not yet willing to assert univalence or something that makes everything easy
[Thu Aug 21 18:53:31 2014] <jgross> edwardk: Which ways of composing functors?  Oh, you're trying to do the laws that show that (Functor C D) is a category, but without the truncating the morphisms? 
[Thu Aug 21 18:53:38 2014] <edwardk> correct
[Thu Aug 21 18:53:48 2014] <edwardk> i've done some of the easy parts
[Thu Aug 21 18:54:00 2014] <edwardk> now i'm working up through the tower of all the things i have to say to do it in general
[Thu Aug 21 18:54:23 2014] <jgross> You don't need category equality.  You don't need functor equality either (though you'll need that for Cat).  You just need equality of natural transformations between the same F and G. 
[Thu Aug 21 18:54:37 2014] <edwardk> yeah for that, but then Cat, yes
[Thu Aug 21 18:54:47 2014] <jgross> Cat doesn't need equality of categories, either. 
[Thu Aug 21 18:54:59 2014] <edwardk> hrmm
[Thu Aug 21 18:55:39 2014] <edwardk> let me see if i can get further without tackling the category case, i was mostly using it as a warmup for how to do bigger records
[Thu Aug 21 18:55:48 2014] <edwardk> and category was of course the canonical choice given my chosen subject matter
[Thu Aug 21 18:57:07 2014] <jgross> And the functor composition laws are actually straight forward, because the on-objects and on-morphisms parts are judgmentally equal, and so you don't have any dependency, and can just use f_equal. 
[Thu Aug 21 18:58:00 2014] <edwardk> hrmm
[Thu Aug 21 18:58:25 2014] <edwardk> i've cleaned up a bunch of stuff since the last time i tried, let me see how cleanly that goes through
[Thu Aug 21 18:58:27 2014] <jgross> In terms of size, natural transformation is actually the smallest one (two fields), and category is the biggest one (7 fields). 
[Thu Aug 21 18:58:46 2014] <jgross> (This is, size of the paths classification lemma.) 
[Thu Aug 21 19:00:32 2014] <edwardk> I get down to something like {| map_ob := λ x : C, map_ob f x; map := λ (x y : C) (f0 : C x y), map f f0; map_id := λ x : C, path_compose (map_id f) refl; map_compose := λ (x y z : C) (f0 : C y z) (g : C x y), path_compose refl (map_compose f f0 g) |} ~ f    for the right identity law when i just try to pull through
[Thu Aug 21 19:00:36 2014] <edwardk> er bull through it
[Thu Aug 21 19:00:53 2014] <edwardk> which is just a bunch of eta expanded forms of the right hand side
[Thu Aug 21 19:01:05 2014] <johnw> jgross: thank you!
[Thu Aug 21 19:01:26 2014] <johnw> what does "abstract" do?
[Thu Aug 21 19:01:59 2014] <johnw> ah, you're using the nifty new $()$ feature
[Thu Aug 21 19:07:02 2014] <jrw> gdsfh: can I ask you a random ocaml question? on line 205 of incrcomp.ml you define a local function ret of type unit -> (...) option that returns a constant value. why? is this an idiomatic way of accomplishing something? (forgive me, my ocaml is not great).
[Thu Aug 21 19:09:27 2014] <jgross> gdsfh: I think you are looking for this lemma: https://gist.github.com/JasonGross/4debd69ae85414fc45ca.  You should be able to rewrite with it (assuming Coq isn't being terrible at inferring things inside a [match], and then your code will, I think, be a bit simpler (some of the cases will simplify judgmentally).  I'm not sure if that'll be enough to fully solve it, but if you show me what it looks like after you rewrite with that, I might be
[Thu Aug 21 19:09:27 2014] <jgross> able to help more. 
[Thu Aug 21 19:12:17 2014] <gdsfh> jrw: value of ret () is used 4 times below, it's just to avoid code duplication.  Actually, it's not a good thing to create a closure when it is not needed, GC-wise..  (and no "can I", no "forgive" -- I am responsible for code I wrote; answering any questions about my code is within my responsibility too.)
[Thu Aug 21 19:13:01 2014] <jgross> edwardk: Yes, then you want to [destruct f] and use [f_equal], possibly after a [simpl in *]. 
[Thu Aug 21 19:13:09 2014] <jrw> gdsfh: cool, thanks.
[Thu Aug 21 19:13:17 2014] <edwardk> trying that
[Thu Aug 21 19:15:14 2014] <edwardk> that got me a lot farther.
[Thu Aug 21 19:15:57 2014] <jgross> edwardk: If the coq-devs would implement my request at https://coq.inria.fr/bugs/show_bug.cgi?id=3512, then [reflexivity] would be enough to handle all of the functor composition laws (as long as it's a primitive record), no [destruct]s or [f_equal]s or anything. 
[Thu Aug 21 19:16:50 2014] <jgross> But, as it is, you need functional extensionality to handle to remaining obligations. 
[Thu Aug 21 19:17:25 2014] <edwardk> yeah. i also need to ap out a couple of remaining obligations underneath i think
[Thu Aug 21 19:17:39 2014] <edwardk> i get to http://lpaste.net/8815017386848550912
[Thu Aug 21 19:17:50 2014] <edwardk> then i need to get under there and clear out those path_composes
[Thu Aug 21 19:17:52 2014] <edwardk> before its equal
[Thu Aug 21 19:19:05 2014] <edwardk> so that means building up a couple of compositions involving ap, is there a nice tactic you guys have figured out for saying just the part of the goal you want to swap out and have it figure out the rest of the term? e.g. repeating the whole {| ... |} when i just want to talk about swapping out that path_compose in there is kinda tedious
[Thu Aug 21 19:20:22 2014] <jgross> If you [apply f_equal2] (or you use [f_ap] (https://github.com/HoTT/HoTT/blob/master/theories/Overture.v#L468), which is my HoTT replacement for [f_equal]), that should be what you want.  Or are you looking for the [replace foo with bar] tactic? 
[Thu Aug 21 19:21:03 2014] <edwardk> f_ap should be it
[Thu Aug 21 19:24:18 2014] <jgross> Or maybe you want [pattern (term you care about); refine (transport _ _ _)] or something?  (The [pattern] is so that Coq doesn't have to do higher order unification.)	This is if you care that the proof term be defined in terms of [transport] rather than [ap].  Or, I guess, [Tactic Notation "HoTT" "replace" constr(from) "with" constr(to) let LHS := match goal with |- ?LHS = ?RHS => constr:(LHS) end in let RHS := match goal with |- ?LHS = ?RHS =>
[Thu Aug 21 19:24:18 2014] <jgross> constr:(RHS) end in let LHS' := (eval pattern from in LHS) in let RHS' := (eval pattern from in RHS) in refine (ap _ _).]  (untested) 
[Thu Aug 21 19:25:50 2014] <edwardk> going to need to steal/modify apD10 and ap11 which don't yet exist in my world
[Thu Aug 21 19:28:11 2014] <jgross> They're both very short, so stealing them shouldn't be hard. 
[Thu Aug 21 19:32:00 2014] <edwardk> well, its mostly that i want them in my own idiom here, which would cast ap11 as the bifunctor for function application, etc. =)
[Thu Aug 21 19:32:12 2014] <edwardk> rather than give them one-off names and associated laws
[Thu Aug 21 19:32:33 2014] <edwardk> so i'm going to need to figure out the right path through the design space to fit them in by when i need them
[Thu Aug 21 19:43:11 2014] <gdsfh> i'm trying to avoid proofs/equations in terms (maybe it will simplify proving), and wondering how/why refine changed goal to such a complex one: "Goal forall A (f : A -> option A) (a b : A) (H : f a = Some b), unit. intros. refine (match H with eq_refl => _ end)."  There's something I don't know about match.
[Thu Aug 21 19:51:51 2014] <jgross> gdsfh: Higher order unification in Coq is sometimes wonky.  If you add [return _], you get your expected [unit] type.  If you do [Set Printing All. Check (match H with eq_refl => _ end : unit).], you get the same complicated return annotation. 
[Thu Aug 21 19:56:36 2014] <gdsfh> jgross: really.  Interesting.  Maybe you know how can I use terms that appear after "match .. with eq_refl" for the great good?  They seem to have more information/context (or no?).
[Thu Aug 21 19:59:38 2014] <jgross> gdsfh: Are you talking about my suggestion for your dependent destruction errors (https://gist.github.com/JasonGross/4debd69ae85414fc45ca), or the inferred return clause?  (The inferred return clause basically just says that if (f a) is Some x, then you get Some x = Some b, and if (f a) is None, then you don't have to prove anything. 
[Thu Aug 21 20:03:54 2014] <gdsfh> jgross: ohshi..  Sorry, I missed your message with this gist url.  I'll try your lemma now.
[Thu Aug 21 20:20:38 2014] <jgross> gdsfh: Don't worry about it.  I mentioned it again because I figured you might've missed it, and it might be useful.  Anyway, I'm off to sleep for now. 
[Thu Aug 21 20:30:37 2014] <gdsfh> jgross: lemma rewrites well, but anyway Coq doesn't allow me to destruct/rewrite offending "if .. return ..", it's "too dependent".  Maybe I'll be able to modify your lemma to make progress, or will continue to fiddle with "no equations, almost no functions, inductive predicates only".  Anyway, thank you for "bool-option commutes" approach.
[Fri Aug 22 00:16:50 2014] <edwardk> jgross: f_ap is awesome
[Fri Aug 22 04:05:29 2014] <johnw> elarnon: ping
[Fri Aug 22 04:18:56 2014] <johnw> if I have an equality x = y, how do I "apply" it when writing a term in Gallina to change the type of another value?
[Fri Aug 22 04:19:07 2014] <johnw> i.e., as a tactic I would use rewrite, but what is the equivalent in Gallina?
[Fri Aug 22 04:20:56 2014] <jrw> johnw: eq_rect
[Fri Aug 22 04:22:01 2014] <johnw> excellent, thanks
[Fri Aug 22 04:22:40 2014] <johnw> just have to figure out how to call it...
[Fri Aug 22 04:24:00 2014] <johnw> eq_rect _ _ my-result _ equality-to-rewrite?
[Fri Aug 22 04:29:50 2014] <elarnon> johnw: pong
[Fri Aug 22 04:30:26 2014] <johnw> hey, I'm still not making any progress on rev_pal.  You mentioned a lemma forall X n l, length l <= n -> l = rev l -> pal X l, but I can't see yet how this would even help me
[Fri Aug 22 04:30:49 2014] <johnw> i'm still stuck on the fact that I have an l, and somehow I need to recursively apply the fact that l = x :: snoc m x
[Fri Aug 22 04:31:53 2014] <elarnon> so the point is, when you destruct your list
[Fri Aug 22 04:32:28 2014] <elarnon> and it is not empty
[Fri Aug 22 04:33:15 2014] <elarnon> you need two things: a) proving that the last and first elements are the same b) proving that the middle elements satisfy pal
[Fri Aug 22 04:33:30 2014] <elarnon> a) is easy because you know that l = rev l
[Fri Aug 22 04:34:22 2014] <elarnon> as for b), if you are doing an induction on the length of the list and proved that fact for all lists of smaller length, as there are strictly less middle elements than elements in your list, you are good to go
[Fri Aug 22 04:35:32 2014] <elarnon> you must do the proof by induction on the list length and not on the list itself
[Fri Aug 22 04:35:41 2014] <elarnon> well on [n]
[Fri Aug 22 04:37:16 2014] <elarnon> 'cause natural numbers don't increase by steps of two
[Fri Aug 22 04:37:39 2014] <johnw> ok, let me think on that for a bit
[Fri Aug 22 04:48:55 2014] <johnw> elarnon: no, still stuck in the same place
[Fri Aug 22 04:48:59 2014] <johnw> let me show you what I have so far
[Fri Aug 22 04:49:06 2014] <johnw> https://gist.github.com/90d9b3df0fa38675512a
[Fri Aug 22 04:49:25 2014] <johnw> in 'both_ends' I get stuck on the same thing: induction is not examining the end of my list
[Fri Aug 22 04:50:31 2014] <elarnon> well yes, you are doing induction on the list
[Fri Aug 22 04:50:38 2014] <elarnon> that can't work
[Fri Aug 22 04:50:40 2014] <johnw> so I just say "induction (length l)"?
[Fri Aug 22 04:51:23 2014] <elarnon> that won't work either because you need to do two steps at once
[Fri Aug 22 04:51:36 2014] <elarnon> did you try with the lemma i gave you?
[Fri Aug 22 04:51:43 2014] <johnw> I couldn't prove that lemma
[Fri Aug 22 04:52:14 2014] <johnw> i end up with n <= S m in my context, and a goal of n <= m
[Fri Aug 22 04:52:35 2014] <elarnon> hm, that is not right
[Fri Aug 22 04:52:41 2014] <johnw> let me show you that
[Fri Aug 22 04:52:51 2014] <johnw> https://gist.github.com/aa8a5a79a8c6957c256e
[Fri Aug 22 04:53:36 2014] <johnw> but even with rev_pal_length Admitted, I don't see how to use it
[Fri Aug 22 04:53:45 2014] <johnw> I feel like I'm just missing some huge thing with this theorem
[Fri Aug 22 04:55:06 2014] <elarnon> well it is the exact theorem you are trying to prove, except that you also have to find an [n] such that [length l <= n] holds
[Fri Aug 22 04:55:10 2014] <elarnon> which shouldn't be too hard
[Fri Aug 22 04:55:59 2014] <johnw> so, saying I do: intros. induction n. admit. apply IHn, here is what I'm looking at:
[Fri Aug 22 04:56:03 2014] <johnw> https://gist.github.com/250447073d0f7c80ffc6
[Fri Aug 22 04:56:31 2014] <johnw> isn't that unprovable?
[Fri Aug 22 04:56:47 2014] <elarnon> so first of all [intros. induction n.] is wrong
[Fri Aug 22 04:57:21 2014] <johnw> how do I start?
[Fri Aug 22 04:57:32 2014] <elarnon> you prevent yourself from being able to applying your induction hypothesis: it now has to be [l] while you actually want it to be a sublist of [l], and that is why you get stuck on your [n <= m] impossibility
[Fri Aug 22 04:57:43 2014] <elarnon> you should keep the [forall l] part; just do [induction n]
[Fri Aug 22 04:58:10 2014] <johnw> intros X n. induction n.?
[Fri Aug 22 04:58:17 2014] <elarnon> try writing down the proof by hand on a piece of paper if that might help
[Fri Aug 22 04:58:22 2014] <elarnon> the intros part is unnecessary, but yes
[Fri Aug 22 04:58:29 2014] <johnw> that leds me to the exact same place
[Fri Aug 22 04:58:42 2014] <johnw> now the hypothesis is: IHn : forall l : list X, length l <= n -> l = rev l -> pal X l
[Fri Aug 22 04:58:55 2014] <elarnon> yes, don't apply that right now
[Fri Aug 22 04:59:05 2014] <elarnon> keep it safely and destruct your list
[Fri Aug 22 04:59:40 2014] <elarnon> you want to decompose [l = x :: snoc l' x] and only then apply IHn to [l'] which will have a length < to that of [l]
[Fri Aug 22 04:59:57 2014] <johnw> how do I decompose?  assert?
[Fri Aug 22 05:00:18 2014] <elarnon> you can do that, i did it using destruct and rewrite
[Fri Aug 22 05:00:31 2014] <johnw> what form of destruct is that?
[Fri Aug 22 05:01:09 2014] <johnw> if I assert it, then it says it doesn't know what 'x' is
[Fri Aug 22 05:01:36 2014] <elarnon> let me show you the beginning of my proof
[Fri Aug 22 05:01:39 2014] <johnw> please
[Fri Aug 22 05:07:49 2014] <elarnon> ok, found my coq files
[Fri Aug 22 05:09:14 2014] <elarnon> do you want all the proof or only the beginning?
[Fri Aug 22 05:09:41 2014] <johnw> all of it at this point
[Fri Aug 22 05:09:48 2014] <johnw> I think I've spent enough hours
[Fri Aug 22 05:10:01 2014] <johnw> clearly there's something crucial I just don't have in my mental toolbox yet
[Fri Aug 22 05:10:40 2014] <elarnon> https://gist.github.com/Elarnon/16fedecdd382881cf5c7f
[Fri Aug 22 05:10:53 2014] <johnw> that link failed...
[Fri Aug 22 05:11:19 2014] <elarnon> oh hm
[Fri Aug 22 05:11:32 2014] <elarnon> i really need to get my copypaste working in weechat again
[Fri Aug 22 05:11:43 2014] <johnw> thanks for being patient with me!
[Fri Aug 22 05:11:51 2014] <johnw> je suis fatigue
[Fri Aug 22 05:12:13 2014] <elarnon> is http://bit.ly/1lkTUs0 working?
[Fri Aug 22 05:12:20 2014] <johnw> ah, yes
[Fri Aug 22 05:12:31 2014] <johnw> ok, let me step through this in Coq and see what is going on
[Fri Aug 22 05:14:12 2014] <johnw> what is case_eq?
[Fri Aug 22 05:14:49 2014] <elarnon> it's more or less the same as [remember (rev l) as revl; destruct revl.]
[Fri Aug 22 05:15:40 2014] <elarnon> destructs but with keeping an equality with the term that was destructed
[Fri Aug 22 05:16:12 2014] <elarnon> useful when you destruct something else than a variable, usually
[Fri Aug 22 05:16:45 2014] <johnw> good to know!
[Fri Aug 22 05:30:48 2014] <johnw> ok, case_eq was a pretty big missing piece for me
[Fri Aug 22 05:31:04 2014] <johnw> I had tried the destruct (rev l) approach before, but it failed to retain the hypothesis I needed
[Fri Aug 22 05:35:01 2014] <johnw> ah destruct (rev l) eqn:Heqe is good enough too
[Fri Aug 22 05:36:21 2014] <johnw> elarnon: https://gist.github.com/5868f9ca1169a5c9de93
[Fri Aug 22 05:36:32 2014] <elarnon> [destruct (rev l) eqn:Heqe] is probably cleaner
[Fri Aug 22 05:40:21 2014] <johnw> ah, I can now write this "wrapper"A:
[Fri Aug 22 05:40:24 2014] <johnw> Function rev_pal {X} (l : list X) (H: l = rev l) {measure length l} : pal X l :=
[Fri Aug 22 05:40:25 2014] <johnw>   rev_pal_length X (length l) l (le_n _) H.
[Fri Aug 22 05:40:34 2014] <johnw> which gives me a rev_pal that doesn't need the length as an argument
[Fri Aug 22 05:43:47 2014] <elarnon> (note that you don't need a Function for this - [Theorem rev_pal forall {X} (l : list X), l = rev l -> pal X l. Proof. intros. apply (rev_pal_length X (length l)). Qed.])
[Fri Aug 22 05:43:54 2014] <johnw> aha
[Fri Aug 22 05:44:08 2014] <elarnon> hm wait
[Fri Aug 22 05:44:15 2014] <elarnon> you probably need a constructor somewhere also
[Fri Aug 22 05:44:39 2014] <johnw> no, that worked
[Fri Aug 22 05:44:46 2014] <johnw> I needed apply (rev_pal_length X (length l)); auto.
[Fri Aug 22 05:45:06 2014] <elarnon> ya that works
[Fri Aug 22 05:47:54 2014] <johnw> ok, that all worked out rather nicely in fact: https://gist.github.com/ee0980cf9daa74f0afa6
[Fri Aug 22 05:47:56 2014] <johnw> thanks elarnon!
[Fri Aug 22 05:48:13 2014] <johnw> the "eqn:Heqe" on the destruct (rev l) was the missing piece
[Fri Aug 22 05:48:21 2014] <johnw> and the induction on length l, of course
[Fri Aug 22 05:48:34 2014] <johnw> that latter wouldn't have occurred to me, so I'll ponder it more
[Fri Aug 22 07:44:51 2014] <johnw> elarnon: up for another q?
[Fri Aug 22 07:46:48 2014] <elarnon> i am busy with my report deadline right now, sorry
[Fri Aug 22 07:46:53 2014] <johnw> ok, no problem
[Fri Aug 22 09:29:31 2014] <jgross> edwardk: Glad you're finding it useful 
[Fri Aug 22 09:41:58 2014] <Rc43> Hello.
[Fri Aug 22 09:42:08 2014] <Rc43> Where can I get ZArith version of minus?
[Fri Aug 22 09:42:23 2014] <Rc43> I don't see it here http://coq.inria.fr/library/Coq.ZArith.ZArith.html
[Fri Aug 22 10:02:47 2014] <Rc43> Ok, so it is Zminus =/
[Fri Aug 22 10:28:54 2014] <roosbeef> https://privatepaste.com/883d599d55
[Fri Aug 22 10:29:05 2014] <roosbeef> how can i do case analysis on vt? (its a local variable)
[Fri Aug 22 10:39:37 2014] <Rc43> roosbeef, you mean the actual argument of (fix flatten (vt : vterm) : fstring := ...)?
[Fri Aug 22 10:40:50 2014] <roosbeef> yes, the variable vt
[Fri Aug 22 11:00:33 2014] <Rc43> roosbeef, I think this http://pastebin.com/raw.php?i=98vjvBSH does what you want
[Fri Aug 22 11:00:43 2014] <Rc43> roosbeef, little bit ugly though
[Fri Aug 22 11:01:12 2014] <Rc43> roosbeef, does it help?
[Fri Aug 22 11:06:52 2014] <roosbeef> hm
[Fri Aug 22 11:08:19 2014] <roosbeef> well i guess its a step forward
[Fri Aug 22 11:08:42 2014] <roosbeef> :p
[Fri Aug 22 11:08:47 2014] <roosbeef> the first case is impossible
[Fri Aug 22 11:08:57 2014] <roosbeef> so id like to just simplify
[Fri Aug 22 11:09:06 2014] <roosbeef> and 'unfold' to the second case
[Fri Aug 22 11:15:46 2014] <roosbeef> i can get rid of the first subgoal
[Fri Aug 22 11:15:52 2014] <roosbeef> but then im stuck with this https://privatepaste.com/6af65cf189
[Fri Aug 22 11:24:25 2014] <Rc43> roosbeef, actually I don't know which cases this step produces, because I don't know where to get fstring and vterm (I just mocked them with "Variable").
[Fri Aug 22 11:25:48 2014] <Rc43> roosbeef, I think you should extract some property of l from Eq_arg.
[Fri Aug 22 11:25:58 2014] <Rc43> roosbeef, but I am not very good in proving things :)
[Fri Aug 22 11:36:48 2014] <johnw> elarnon: I was finally able to do pigeonhole
[Fri Aug 22 11:36:53 2014] <johnw> I still can't see how to do it without LEM though
[Fri Aug 22 11:39:02 2014] <Ainieco> hello
[Fri Aug 22 11:39:08 2014] <johnw> hi
[Fri Aug 22 11:40:44 2014] <Ainieco> not stuck at anything(yet), just visiting #coq to see how everbody's doing, ha-ha
[Fri Aug 22 11:40:55 2014] <Ainieco> everybody*
[Fri Aug 22 11:41:30 2014] <Ainieco> johnw: curious how long it took you to complete sf?
[Fri Aug 22 11:42:22 2014] <johnw> I'm still working on it
[Fri Aug 22 11:43:16 2014] <Ainieco> oh, just saw last chapter in your repo, haven't actually opened it(afraid of spoilers) and thought that you've completed it
[Fri Aug 22 11:43:28 2014] <Ainieco> johnw: where are you at now?
[Fri Aug 22 11:44:02 2014] <johnw> tonight I finished the MoreLogic chapter
[Fri Aug 22 11:44:18 2014] <johnw> based on the files in the directory, I'm here: https://gist.github.com/2dc4249b5245ce9dc6d5
[Fri Aug 22 11:45:06 2014] <Ainieco> * 3 chapters away from johnw 
[Fri Aug 22 11:45:21 2014] <Ainieco> i'm at Logic
[Fri Aug 22 11:47:08 2014] <vanila> i should get on with SF
[Fri Aug 22 11:47:50 2014] <johnw> well, considering it's 10:47AM and I haven't slept yet tonight
[Fri Aug 22 11:47:56 2014] <johnw> that should indicate how addictive SF gets
[Fri Aug 22 11:48:02 2014] <vanila> eek!
[Fri Aug 22 11:48:03 2014] <Ainieco> true
[Fri Aug 22 11:48:03 2014] <vanila> yeah!
[Fri Aug 22 11:48:09 2014] <johnw> I just spent 8 hours straight on pigeonhole_principle
[Fri Aug 22 11:51:06 2014] <ijp> johnw: with all due respect, maybe you should have slept instead
[Fri Aug 22 11:51:56 2014] <johnw> no way
[Fri Aug 22 11:52:29 2014] <vanila> the last Qed must feel nice :)
[Fri Aug 22 11:52:33 2014] <johnw> it sure does
[Fri Aug 22 11:52:44 2014] <johnw> I like how Pierce talks about that in his presentation on the first version of SF
[Fri Aug 22 11:54:25 2014] <vanila> not related to SF or Coq but I remember the proof of pigeonhole principle coming to me in a dream
[Fri Aug 22 11:54:29 2014] <vanila> years ago
[Fri Aug 22 11:57:58 2014] <tswett> Ooh, what's that principle, exactly.
[Fri Aug 22 11:58:45 2014] <johnw> if you have N pigeons to put into N-1 boxes, at least two pigeons will have to go into one box
[Fri Aug 22 11:58:55 2014] <tswett> Given two natural numbers a and b, and two sets A and B of cardinality a and b, if a > b, then for every function f : A -> B, then there exist x, y : A such that f(x) = f(y).
[Fri Aug 22 11:59:27 2014] <johnw> yeah, or that :)
[Fri Aug 22 11:59:30 2014] <vanila> Dijkstra rephrased it in a way discussing averages
[Fri Aug 22 11:59:34 2014] <vanila> that was very insightful
[Fri Aug 22 11:59:45 2014] <tswett> 'Course, you have to define "cardinality".
[Fri Aug 22 12:00:09 2014] <tswett> * vi Pigeonhole.v
[Fri Aug 22 12:02:04 2014] <tswett> Nah, I have better ways to spend eight hours.
[Fri Aug 22 12:02:27 2014] <tswett> I keep having to remind myself that I don't have an unlimited amount of free time.
[Fri Aug 22 12:04:04 2014] <johnw> for me those eight hours are about reconfiguring my brain
[Fri Aug 22 12:04:15 2014] <johnw> since math and proving and type theory are all still pretty new to me
[Fri Aug 22 12:04:39 2014] <johnw> so I see it as joyous investment
[Fri Aug 22 12:08:17 2014] <tswett> * nods.
[Fri Aug 22 12:08:24 2014] <tswett> Yeah, that's true.
[Fri Aug 22 12:08:41 2014] <tswett> For me, at the moment, what I'm lacking is money.
[Fri Aug 22 12:08:54 2014] <tswett_hireme> ^_^
[Fri Aug 22 12:09:10 2014] <chirpsalot> In all seriousness who was thinking about stuffing pigeons in holes?
[Fri Aug 22 12:11:47 2014] <ijp> mrs. miggins pie factory and mathematorium
[Fri Aug 22 12:14:41 2014] <chirpsalot> Pigeon pies? If you have N pigeons, but N-1 pie crusts, one pie gets extra filling?
[Fri Aug 22 12:16:41 2014] <hodapp> Pigeonpie principle?
[Fri Aug 22 12:18:08 2014] <elarnon> johnw: what's LEM?
[Fri Aug 22 12:18:22 2014] <elarnon> oh, excluded middle I guess
[Fri Aug 22 12:18:38 2014] <ijp> chirpsalot: I think your name gives away your propigeon bias
[Fri Aug 22 12:20:24 2014] <chirpsalot> ijp: look, somebody has to stand up for pigeon rights. It's atrocious, being packed together in boxes if there are more pigeons than boxes...
[Fri Aug 22 12:21:41 2014] <ijp> the "child's bedroom principle" isn't quite as catchy
[Fri Aug 22 12:26:27 2014] <chirpsalot> Sounds sketchy.
[Fri Aug 22 12:28:09 2014] <chirpsalot> Dammit, I need to get back into the swing of things with Coq. Pigeon hole principle proving sounds like joyous fun times.
[Fri Aug 22 12:28:53 2014] <chirpsalot> I got distracted when looking at polymorphism... Which seems like a bad place to get distracted because it involves a bundle of special syntax.
[Fri Aug 22 12:34:56 2014] <roosbeef> why does unfold f sometimes replace f with (fix f ...)?
[Fri Aug 22 12:35:11 2014] <roosbeef> eg. why does https://privatepaste.com/f2eba5e4df unfold to https://privatepaste.com/0357838078
[Fri Aug 22 12:35:43 2014] <roosbeef> Coq could also substitute into the definition?
[Fri Aug 22 12:42:09 2014] <ianjneu> how could it? It's a fixpoint
[Fri Aug 22 12:46:43 2014] <roosbeef> ah, yea that makes sense :p
[Fri Aug 22 12:46:50 2014] <roosbeef> thanks
[Fri Aug 22 13:11:05 2014] <roosbeef> why is it not possible to rewrite inside the body of a fix?
[Fri Aug 22 13:11:17 2014] <roosbeef> (using a lemma involving some equality)
[Fri Aug 22 13:12:11 2014] <roosbeef> Coq will just say Error: Found no subterm matching "..." in the current goal.
[Fri Aug 22 13:16:20 2014] <ianjneu> roosbeef: functional extensionality
[Fri Aug 22 13:17:10 2014] <roosbeef> could you explain please?
[Fri Aug 22 13:18:44 2014] <ianjneu> fix is a special function form that allows recursion. Rewriting "under a lambda" requires the ability to say that equal inputs lead to equal outputs means equal functions.
[Fri Aug 22 13:18:53 2014] <ianjneu> This is not core to Coq, though.
[Fri Aug 22 13:19:55 2014] <roosbeef> how does that prohibit rewriting?
[Fri Aug 22 13:20:45 2014] <roosbeef> if equality is proven, wouldnt that mean equal input/output?
[Fri Aug 22 13:21:05 2014] <ianjneu> yes, but you need the other direction.
[Fri Aug 22 13:22:12 2014] <roosbeef> what other direction?
[Fri Aug 22 13:22:23 2014] <ianjneu> you prove that if the fixpoints have equal inputs, the output before rewriting and after rewriting are equal, but that doesn't mean the fixpoints themselves are equal without an extensionality principle.
[Fri Aug 22 13:23:15 2014] <roosbeef> ah we _dont_ have the ability to say that
[Fri Aug 22 13:23:36 2014] <ianjneu> much to many's chagrin.
[Fri Aug 22 15:07:45 2014] <mads-> So, I'm looking at the software foundation book in the basics. The first exercise is implementing a nand operator. I have done that in two ways. Now it says I should make Examples for it. Is there a way to say "this function should return the same as the function given any two parameteres of type bool"?
[Fri Aug 22 15:09:44 2014] <jrw> mads-: sure. I bet you can figure it out :)
[Fri Aug 22 15:10:15 2014] <jrw> how would say that in math?
[Fri Aug 22 15:11:00 2014] <mads-> jrw: uuuuh.. I feel like I have it right on my tongue...
[Fri Aug 22 15:11:49 2014] <jrw> for two functions each of a single argument, maybe you could say "forall x, f(x) = g(x)"
[Fri Aug 22 15:12:36 2014] <mads-> oh, I thought we were looking for a name for the concept :)
[Fri Aug 22 15:13:02 2014] <mads-> Can we then say forall x, forall y, f(x,y) = g(x,y) ?
[Fri Aug 22 15:13:09 2014] <jrw> exactly
[Fri Aug 22 15:13:18 2014] <jrw> except the coq syntax is a little different
[Fri Aug 22 15:13:33 2014] <jrw> since you say "andb x y" instead of "andb (x,y)"
[Fri Aug 22 15:13:49 2014] <jrw> coq also lets you introduce multiple universally quantified variables at once
[Fri Aug 22 15:14:00 2014] <jrw> so you can say "forall x y, nand1 x y = nand2 x y"
[Fri Aug 22 15:14:35 2014] <mads-> How does coq know what x and y is?
[Fri Aug 22 15:14:43 2014] <jrw> what do you mean?
[Fri Aug 22 15:14:50 2014] <jrw> do you mean, how does it know they should be booleans?
[Fri Aug 22 15:14:54 2014] <mads-> yeah
[Fri Aug 22 15:14:58 2014] <jrw> type inference
[Fri Aug 22 15:15:06 2014] <ijp> or you can tell it yourself
[Fri Aug 22 15:15:08 2014] <jrw> it knows nand1 takes two booleans
[Fri Aug 22 15:15:19 2014] <ijp> forall (x y : bool), nand1 x y = nand2 x y
[Fri Aug 22 15:15:22 2014] <mads-> Wow. I didn't think the type inference were that strong
[Fri Aug 22 15:15:23 2014] <jrw> or that :)
[Fri Aug 22 15:15:49 2014] <mads-> cool. I will just try that :) Thanks.
[Fri Aug 22 15:15:56 2014] <mads-> It's actually quite fun.
[Fri Aug 22 15:16:09 2014] <jrw> mads-: don't worry, pretty soon you'll think type inference is very weak :p
[Fri Aug 22 15:17:31 2014] <jrw> now if you actually want to prove this statement in coq, you'll have to scroll down to the "proof by case analysis" section of Basics.v to see how.
[Fri Aug 22 15:18:11 2014] <mads-> cool :) Looking forward to it
[Fri Aug 22 15:21:38 2014] <mads-> Another question. Proof General. What does that actually do? Because right now I feel fine doing my coq in vim without any coq-support.
[Fri Aug 22 15:23:35 2014] <jrw> it lets you step through proofs step-by-step
[Fri Aug 22 15:23:55 2014] <jrw> which is essential when developing proofs. not so important for writing programs and the testing exmaples of basics.v
[Fri Aug 22 15:27:03 2014] <mads-> oh damn. Sounds like I should get it then
[Fri Aug 22 15:28:07 2014] <ijp> if you are vehemently anti-emacs, you could use coqide
[Fri Aug 22 15:29:16 2014] <mads-> not vehemently at all. I just know vim and it seems that proof general is made for emacs 23.* and when I compile it for emacs 24.* it gives me an error about something being deprecated
[Fri Aug 22 15:33:38 2014] <elarnon> i think coquille is supposed to be somewhat working in vim as well
[Fri Aug 22 15:34:57 2014] <elarnon> it is somewhat less advanced and more bugged than proofgeneral, but people are able to use it without suffering too much afaik
[Fri Aug 22 15:35:47 2014] <ijp> some impressive topiary on that hedge
[Fri Aug 22 15:37:19 2014] <mads-> I just booted up Proof General. It gives me a little warning about being compiled for 24.2 and I'm using 24.3. But it seems to be working, the small things I have tried so far though.
[Fri Aug 22 15:37:37 2014] <elarnon> what i mean is that vim-users i know are preferring it over coqide, but i also heard quite some curses about it
[Fri Aug 22 15:39:47 2014] <mads-> I was just on the fence about it seeing that it complained about being compiled for my current setup.
[Fri Aug 22 16:09:30 2014] <mads-> If I have a function andb taking two bools and negb taking one bool, both returning a bool, how would I make a nand gate from that? It seems like I can't just do negb andb b1 b2. What is the syntax I am missing here?
[Fri Aug 22 16:10:42 2014] <vanila> negb (and b1 b2)
[Fri Aug 22 16:12:25 2014] <mads-> vanila: like this? http://pastebin.com/2tyZBWUp
[Fri Aug 22 16:12:47 2014] <vanila> yes but without end. just .
[Fri Aug 22 16:13:14 2014] <mads-> aaah yeah, just realized.
[Fri Aug 22 16:13:27 2014] <mads-> So the end is for the match and not the Definition :)
[Fri Aug 22 16:19:55 2014] <mads-> jrw: how would you make that Example we talked about earlier? Like Example nands_test: forall(x y : bool), nandb1 x y = nandb2 x y. Proof. reflexivity. Qed. ?
[Fri Aug 22 16:20:44 2014] <jrw> mads-: the statement is right, but the proof won't work.
[Fri Aug 22 16:20:52 2014] <jrw> have you ready about 'destruct' yet?
[Fri Aug 22 16:20:58 2014] <mads-> nopes.
[Fri Aug 22 16:21:15 2014] <mads-> I guess I will just read some more. I just thought it would be a simple test to make.
[Fri Aug 22 16:26:35 2014] <vanila> it is
[Fri Aug 22 16:36:23 2014] <mads-> vanila: what should be edited from what I wrote?
[Fri Aug 22 16:43:36 2014] <vanila> hi mads-
[Fri Aug 22 16:43:57 2014] <vanila> to prove that nandb1 and nandb2 are the same function, you can use - like jrw said - destruct x; destruct y.
[Fri Aug 22 16:44:03 2014] <vanila> this splits into into all 4 cases possible
[Fri Aug 22 16:44:35 2014] <vanila> e.g.  one case will be  nandb1 true false = nandb2 true false  which you can prove by reflexivity beacuse it reduces: true = true
[Fri Aug 22 16:45:07 2014] <vanila> your theorem statement is fine just the proof needs to be done different
[Fri Aug 22 16:48:32 2014] <jrw> mads-: you can change 'Proof. reflexivity. Qed.' to 'Proof. destruct x, y; reflexivity. Qed.' and it should work.
[Fri Aug 22 16:48:46 2014] <jrw> to understand *why* it works, you'll have to keep reading or ask questions here :)
[Fri Aug 22 16:49:18 2014] <vanila> I didn't know you could do destruct x, y  neat
[Fri Aug 22 16:49:50 2014] <mads-> vanila: you're welcome :P
[Fri Aug 22 16:51:10 2014] <mads-> thanks jrw . I just wanted that to compile before moving on from it
[Fri Aug 22 16:52:10 2014] <jrw> mads-: cool. btw, if you ever want to just get something to compile without finishing the proof, you can replace 'Proof. ... Qed.' with 'Admitted.'
[Fri Aug 22 16:52:14 2014] <jrw> and coq will just believe you.
[Fri Aug 22 16:52:35 2014] <jrw> this has obvious negative consequences if you forget you've admitted something, but it can be helpful while developing.
[Fri Aug 22 16:52:43 2014] <mads-> oh yeah. That is described quite early in the Basics chapter
[Fri Aug 22 17:47:08 2014] <shouya> hi there again~
[Fri Aug 22 17:48:27 2014] <shouya> i gotta some obstacle to describe a recursive type.
[Fri Aug 22 17:48:39 2014] <shouya> please check the question here: http://stackoverflow.com/questions/25455990/describing-a-recursive-type-in-coq
[Fri Aug 22 17:49:02 2014] <shouya> anyone can spare me a hand :) dankon~
[Fri Aug 22 17:50:27 2014] <vanila> Definition Human (sex_ : Sex) (spouse_ : Human) : Human :=
[Fri Aug 22 17:50:35 2014] <vanila> I think it's a problem that "Human" is the name of the function
[Fri Aug 22 17:50:42 2014] <vanila> and "Human" is the name of the type
[Fri Aug 22 17:50:51 2014] <vanila> Definition MakeHuman (sex_ : Sex) (spouse_ : Human) : Human := (sex_, spouse_).
[Fri Aug 22 17:50:55 2014] <vanila> this could work better
[Fri Aug 22 17:51:23 2014] <vanila> or MkHuman
[Fri Aug 22 17:51:39 2014] <vanila> Definition man (h : Human) : Prop := fst h = male.
[Fri Aug 22 17:52:10 2014] <vanila> Definition spouse (h : Human) : Human := snd h.
[Fri Aug 22 17:52:37 2014] <shouya> hmm.
[Fri Aug 22 17:53:10 2014] <vanila> Alternatively http://coq.inria.fr/refman/Reference-Manual004.html#Record
[Fri Aug 22 17:53:18 2014] <shouya> so how do i start to define one of them?
[Fri Aug 22 17:53:25 2014] <shouya> ahh, an instance of a human.
[Fri Aug 22 17:53:34 2014] <shouya> given that all human needs a spouse.
[Fri Aug 22 17:53:49 2014] <vanila> there's a real problem :)
[Fri Aug 22 17:53:54 2014] <vanila> impossible..
[Fri Aug 22 17:54:32 2014] <shouya> hmm.. alirhgt.
[Fri Aug 22 17:55:02 2014] <shouya> thanks, i would give a trial :)
[Fri Aug 22 17:56:17 2014] <shouya> but the makehuman cannot be defined due to the misfound of the name 'Human' there.
[Fri Aug 22 17:59:19 2014] <vanila> You could do it similar to list
[Fri Aug 22 17:59:31 2014] <johnw> elarnon: Law of the Excluded Middle
[Fri Aug 22 17:59:33 2014] <shouya> seems i'd to define an alias?
[Fri Aug 22 17:59:39 2014] <vanila>  Inductive list (A : Type) : Type :=
[Fri Aug 22 17:59:39 2014] <vanila>  | nil : list A
[Fri Aug 22 17:59:39 2014] <vanila>  | cons : A -> list A -> list A.
[Fri Aug 22 18:00:06 2014] <vanila> Inductive Human : Type :=  | child : Sex -> Human  | adult : Sex -> Human -> Human
[Fri Aug 22 18:00:31 2014] <vanila> then  adult sex spouse
[Fri Aug 22 18:00:35 2014] <shouya> hmm. it would work.
[Fri Aug 22 18:00:45 2014] <shouya> but how if i only need the adult type?
[Fri Aug 22 18:00:57 2014] <vanila> in that case it's impossible for any humans to exist
[Fri Aug 22 18:01:04 2014] <shouya> probably i don't need an instance.
[Fri Aug 22 18:01:13 2014] <vanila> Inductive ImpossibleHuman : Type := impossible_adult : Sex -> ImpossibleHuman -> ImpossibleHuman.
[Fri Aug 22 18:01:15 2014] <vanila> then you can prove
[Fri Aug 22 18:01:24 2014] <vanila> Theorem no_impossible_humans : ImpossibleHuman -> False.
[Fri Aug 22 18:01:37 2014] <shouya> ahh...
[Fri Aug 22 18:02:58 2014] <shouya> yup. proved. really disappointing :(
[Fri Aug 22 18:03:24 2014] <vanila> You could define humans then spouses as a relation
[Fri Aug 22 18:04:32 2014] <shouya> that was what I originally wanted.
[Fri Aug 22 18:05:04 2014] <vanila> Inductive Human := shouya | other | ....  then Inductive spouses : Human -> Human -> Set := couple_1 : spouses shouya other | couple2 : spouses __ __ | ...
[Fri Aug 22 18:05:37 2014] <shouya> I see! I think that's what exactly I wanted!
[Fri Aug 22 18:05:48 2014] <shouya> Thank you very much!
[Fri Aug 22 18:05:55 2014] <vanila> ok :D
[Fri Aug 22 20:30:55 2014] <hodapp> * writes the law of the excluded middle on the wall with a spraycan
[Fri Aug 22 20:30:59 2014] <hodapp> * runs away cackling
[Fri Aug 22 20:40:10 2014] <edwardk> * tries to contain the damage by spray painting a small -1 below and to the right of hodapp's crime.
[Fri Aug 22 20:44:02 2014] <ijp> * sprays zorn's lemma on a different wall
[Fri Aug 22 20:59:26 2014] <edwardk> you monster
[Fri Aug 22 20:59:40 2014] <johnw> edwardk: still having fun?
[Fri Aug 22 21:00:13 2014] <edwardk> yeah, taking a night off for once
[Fri Aug 22 21:00:19 2014] <johnw> whoa
[Fri Aug 22 21:00:26 2014] <edwardk> figured i should do something with amy sometime ;)
[Fri Aug 22 21:00:31 2014] <johnw> * edits his mental image of edwardk
[Fri Aug 22 21:00:50 2014] <johnw> i was wrestling with Coq until 10:30am in the morning, so I'm a touch fried now
[Fri Aug 22 21:06:11 2014] <johnw> is there a way of modeling hyperfunctions in Coq?
[Fri Aug 22 21:06:23 2014] <johnw> i.e., working around the strict positivity requirement
[Fri Aug 22 21:07:18 2014] <vanila> hyperfunctions?
[Fri Aug 22 21:07:28 2014] <johnw> it would be: Inductive Hyper (b c : Type) := | H : (Hyper c b -> c) -> Hyper b c.
[Fri Aug 22 21:07:48 2014] <johnw> i.e., it models an interleaving recursive function type
[Fri Aug 22 21:08:52 2014] <johnw> ((((b -> c) -> b) -> c) -> b) -> c
[Fri Aug 22 21:08:55 2014] <vanila> I'm sorry I have no idea what to thnk of that
[Fri Aug 22 21:09:10 2014] <vanila> that is scary
[Fri Aug 22 21:09:22 2014] <johnw> this excellent paper documents a real use of them: http://arxiv.org/pdf/1309.5135.pdf
[Fri Aug 22 21:09:29 2014] <vanila> i should also not look at ncatlab.org when i feel stupid
[Fri Aug 22 21:09:35 2014] <vanila> it does not help
[Fri Aug 22 21:09:48 2014] <johnw> I wanted to explore them in Coq, since they should make interesting categories and monoids and such
[Fri Aug 22 21:13:20 2014] <vanila> maybe you could get a model of lambda calculus and build these self and '#' functions in there
[Fri Aug 22 21:13:55 2014] <vanila> I think you can define H 0, H 1, H 2 for all n
[Fri Aug 22 21:14:07 2014] <vanila> by Fixedpoint
[Fri Aug 22 21:16:05 2014] <johnw> I'm reading about Mendler-style recursion right now
[Fri Aug 22 21:16:38 2014] <edwardk> johnw: mendler-style recursion is just abuse of the yoneda lemma
[Fri Aug 22 21:19:13 2014] <johnw> yeah, I can see that
[Fri Aug 22 21:31:18 2014] <cody__> johnw: there's no way to get around the positivity constraint
[Fri Aug 22 21:31:26 2014] <cody__> otherwise the theory is inconsistent
[Fri Aug 22 21:31:54 2014] <vanila> well I think there are some consistent non-positive definitions
[Fri Aug 22 21:32:31 2014] <vanila> it's undecidable whether or not a data type will be ok, isn't it? and strict positivity is just a nice large decidable subset
[Fri Aug 22 21:32:44 2014] <cody__> sort of
[Fri Aug 22 21:33:05 2014] <vanila> of course the hyperfunction type IS inconsistent
[Fri Aug 22 21:33:06 2014] <vanila> I think..
[Fri Aug 22 21:33:07 2014] <cody__> negativity is certainly not ok if you can "observe t"
[Fri Aug 22 21:33:16 2014] <cody__> *it
[Fri Aug 22 21:33:48 2014] <cody__> in general functors lead to consistent inductive types
[Fri Aug 22 21:35:31 2014] <cody__> Ralph Mattes basically wrote the book on this
[Fri Aug 22 21:35:33 2014] <cody__> http://www.irit.fr/~Ralph.Matthes/works.html
[Fri Aug 22 21:36:51 2014] <cody__> http://www.irit.fr/~Ralph.Matthes/Coq/MapFusion/LamFlatPred.v
[Fri Aug 22 21:37:02 2014] <cody__> there's some nice stuff on the untyped LC
[Fri Aug 22 21:38:21 2014] <vanila> interesting
[Fri Aug 22 21:38:27 2014] <vanila> cheers :)
[Fri Aug 22 21:40:24 2014] <johnw> sure enough, the only hyperfunction stuff on Hackage is from edwardk :)
[Sat Aug 23 02:01:42 2014] <johnw> what is the Gallina equivalent of "simpl"?
[Sat Aug 23 02:02:20 2014] <johnw> ah, n/m
[Sat Aug 23 05:12:48 2014] <osa1> are there any tactics like auto but also do inversion?
[Sat Aug 23 05:14:44 2014] <osa1> I'm using destruct and 4 out of 4 sub goals are solvable by inversion. I was hoping to eliminate them using destruct _; some_tactic.
[Sat Aug 23 07:10:37 2014] <alkabetz> IIRC, Coq is pretty conservative about applying [inversion] for you, since it can easily just generate more useless hypotheses.
[Sat Aug 23 07:10:48 2014] <alkabetz> You should probably just do [inversion; auto].
[Sat Aug 23 08:27:38 2014] <jgross> [Hint Extern 1 => match goal with H : <shape of invertible hypothesis> |- _ => inversion H end.] will tell [auto] to do [inversion] on the hypotheses with shapes you care about 
[Sat Aug 23 09:33:02 2014] <schoppenhauer> Hello. Is there a "div" function for nat?
[Sat Aug 23 09:35:34 2014] <schoppenhauer> hm. coq.arith.euclid looks promising.
[Sat Aug 23 09:49:34 2014] <gdsfh> hello.  Again my "too dependent types", now I've simplified sources: https://gist.github.com/gdsfh/01acad1e1947ece00a38 .  jgross showed me that even complicated matches can be rewritten, but I can't imagine how can I rewrite this match.
[Sat Aug 23 09:49:36 2014] <gdsfh> I need something like "forall .. (H : get_added ..), match get_val_opt n (add_to_lst) .. end = match Some v .. end", or not?  Or even "match get_val_opt n (add_to_lst) with Some x => s x .. end = s v".  What solutions do you see?
[Sat Aug 23 09:52:53 2014] <gdsfh> maybe having (H : get_val_opt (add_to_lst ..) = Some v) I can use eq_rect or something like it to change type of one expression to another type, and at least write down the type of my rewriting lemma?
[Sat Aug 23 10:13:15 2014] <roosbeef> how do i map projT1?
[Sat Aug 23 10:13:56 2014] <roosbeef> eg. i have a list of type list {x : A & P x}
[Sat Aug 23 10:14:05 2014] <roosbeef> how do i do map projT1 list
[Sat Aug 23 10:14:10 2014] <roosbeef> and get a list of type list A
[Sat Aug 23 10:14:39 2014] <roosbeef> Coq tells me The term "projT1" has type "forall (A : Type) (P : A -> Type), sigT P -> A" while it is expected to have type "?1016 -> ?1017".
[Sat Aug 23 10:18:52 2014] <gdsfh> "pattern" is more informative, it gave me hint: https://gist.github.com/gdsfh/f6a6d695f30cfb8c7bb6 , but according to proved lemma eq1 (second part of gist) terms are coercible (reflexivity alone proved it).  Also rewriting eq1 is not successful.
[Sat Aug 23 10:22:27 2014] <gdsfh> roosbeef: if you don't know how to write a term as code, try writing it with tactics: https://gist.github.com/gdsfh/0f90ebbda6862d5c79a0
[Sat Aug 23 10:25:46 2014] <roosbeef> gdsfh, thank you.. but how can i use this to construct that mapping?
[Sat Aug 23 10:29:54 2014] <gdsfh> roosbeef: https://gist.github.com/gdsfh/62e2a1fc9531990e1f49
[Sat Aug 23 10:32:32 2014] <roosbeef> ha i was just doing that :p
[Sat Aug 23 10:32:40 2014] <roosbeef> much thanks
[Sat Aug 23 11:04:25 2014] <gdsfh> Smerdyakov: hello.  Can you please suggest which chapter of CPDT can I read to solve my problem: https://gist.github.com/gdsfh/01acad1e1947ece00a38 ?  (sorry if I confused you with some guy who probably knows it)
[Sat Aug 23 11:07:31 2014] <Smerdyakov> gdsfh, I haven't looked at it in detail, but I don't see anything especially fancy there.
[Sat Aug 23 11:07:56 2014] <vanila> Can you try to define 'get' in a simpler way?
[Sat Aug 23 11:08:04 2014] <gdsfh> Smerdyakov: can you give me hints about this rewriting then?
[Sat Aug 23 11:08:14 2014] <Smerdyakov> gdsfh, maybe later.
[Sat Aug 23 11:09:08 2014] <gdsfh> Smerdyakov: ok, or just ignore it, if you have no time/..
[Sat Aug 23 11:09:39 2014] <jgross> gdsfh: [generalize (@eq_refl _ (get_val_opt n (add_to_lst A l n v))). pattern (get_val_opt n (add_to_lst A l n v)) at 2 3. rewrite (get_added A l n v). simpl.]  That will get you a bit further.  If you then do [hnf in H. Opaque eq_nat_dec get_val_opt mkval projT1. compute.] you can see what the [match]es look like, and see if you can come up with some intermediate stages to rewrite them to. 
[Sat Aug 23 11:10:36 2014] <gdsfh> vanila: it's a function from "api", it will be the base block for coding and future proofs, so I don't know how to make it simpler to make it useful.
[Sat Aug 23 11:15:57 2014] <vanila> just a sec
[Sat Aug 23 11:20:39 2014] <gdsfh> jgross: really, this made progress, thank you.  So I'll try to proceed by myself.
[Sat Aug 23 11:30:27 2014] <vanila> http://lpaste.net/109886
[Sat Aug 23 11:30:36 2014] <vanila> Here is  how to write get in a simpler way
[Sat Aug 23 11:31:01 2014] <vanila> and the proof works out when you do this, except for the last part which is not provable in Coq
[Sat Aug 23 11:31:53 2014] <vanila> A goal like this   eq_rec A (fun T : Type => T) v A B = v  requires decidable equality on A or the K axiom
[Sat Aug 23 11:33:22 2014] <vanila> in general if you have two dependent pairs (like { A : Type & A }) equal, you can't prove their elements are equal
[Sat Aug 23 11:33:35 2014] <vanila> because Coq doesn't support this
[Sat Aug 23 11:34:27 2014] <Smerdyakov> gdsfh, why did you write [get_val_opt] with tactics?
[Sat Aug 23 11:35:49 2014] <vanila> the definition of get uses the idea in here http://adam.chlipala.net/cpdt/html/DataStruct.html
[Sat Aug 23 11:35:55 2014] <vanila> "By pattern-matching on the equality proof pf, we make that equality known to the type-checker"
[Sat Aug 23 11:36:08 2014] <vanila> and see the next chapter for the stuff about how to use K axiom http://adam.chlipala.net/cpdt/html/Equality.html
[Sat Aug 23 12:34:44 2014] <roosbeef> are there any libs about inverse relations/functions?
[Sat Aug 23 12:35:30 2014] <roosbeef> id like to say that map g (map f x) = x if g and f are eachothers inverse function
[Sat Aug 23 12:35:50 2014] <gdsfh> vanila: my definition of get allows rewriting too, when I do "revert B".  It's what I needed, thank you.  As for proving equality on dependent pairs -- Goal forall A P (x : { y : A & P }), projT1 x = projT1 x. reflexivity. -- works.  Maybe you mean something else?
[Sat Aug 23 12:36:34 2014] <vanila> do you see how my definition of get is simpler?
[Sat Aug 23 12:36:39 2014] <vanila> try Print get. on both
[Sat Aug 23 12:36:44 2014] <vanila> anyway
[Sat Aug 23 12:37:15 2014] <vanila> suppose x1 : { y : A & P }, x2 : { y : A & P }  then   x1 = x2 -> projT1 x1 = projT1 x2
[Sat Aug 23 12:37:21 2014] <gdsfh> vanila: really, your definition is simpler, I see.
[Sat Aug 23 12:37:34 2014] <vanila> but you do not have  x1 = x2 -> projT2 x1 = [projT2 x2]
[Sat Aug 23 12:37:44 2014] <vanila> where [] means use the previous theore to cast the types to make this well formed
[Sat Aug 23 12:38:19 2014] <vanila> but this stuff about pairs is a diversion
[Sat Aug 23 12:38:35 2014] <gdsfh> but I don't need to prove that proofs (P) are equal, I need to prove equality on values only.
[Sat Aug 23 12:39:42 2014] <vanila> ok
[Sat Aug 23 12:39:58 2014] <vanila> it's just that you need uniqueness of equality proofs
[Sat Aug 23 12:40:01 2014] <vanila> I think
[Sat Aug 23 12:40:10 2014] <vanila> and that's equivalent to this
[Sat Aug 23 12:40:53 2014] <gdsfh> but the whole task doesn't require reasoning about proofs equality/uniqueness.
[Sat Aug 23 12:42:04 2014] <Smerdyakov> gdsfh, your life will be easier if you avoid using this type of dynamic packages.
[Sat Aug 23 12:45:35 2014] <gdsfh> Smerdyakov: you are right.  But I've asked in coq-club about polymorphism (message from 19 Aug), no one suggested anything at all, so I had no choice.
[Sat Aug 23 12:45:50 2014] <vanila> can you link to the message?
[Sat Aug 23 12:47:41 2014] <gdsfh> vanila: I've tried to google it, no success.  Here is a relevant part of message: http://pastebin.com/raw.php?i=F1QPjC3i
[Sat Aug 23 12:50:21 2014] <vanila> maybe you could have a function typeOf : nat -> Set then your state could be list ({ n : Nat & typeOf n })
[Sat Aug 23 12:50:52 2014] <vanila> The difference here is that there is decidable equality on 'n', so I think you can avoid the need for extra axioms
[Sat Aug 23 12:51:16 2014] <vanila> im not sure though, this is difficult
[Sat Aug 23 12:55:22 2014] <gdsfh> vanila: I can't have such function: code will be too ugly.
[Sat Aug 23 13:00:08 2014] <edwardk> Smerdyakov: welcome back to IRC, long time no see ;)
[Sat Aug 23 13:01:28 2014] <Smerdyakov> edwardk, :)
[Sat Aug 23 13:10:35 2014] <roosbeef> hm
[Sat Aug 23 13:49:12 2014] <mads-> I am new to both coq, emacs and Proof General. Can anyone tell me what happens here and how I can come back to my actual coq code? http://imgur.com/a/CldDG - It works fine with C-c C-n for next steps as shown on image one. However, when I reach the last tauto or Qed my emacs changes to what you see on image two. How do I get back to my code?
[Sat Aug 23 13:50:54 2014] <edwardk> C-x b will let you pick the buffer, you can also sometimes C-x k the buffer that is between you and what you want
[Sat Aug 23 13:52:16 2014] <mads-> thanks. I think I'm going to have a rough start with this emacs :)
[Sat Aug 23 13:54:17 2014] <jgross> mads-: I usually quit PG at that point (C-c C-x) and then restart proof general (C-c C-RET). 
[Sat Aug 23 13:55:03 2014] <Ainieco> hello
[Sat Aug 23 13:56:16 2014] <Ainieco> could someone give me a hint on http://lpaste.net/4599423457300578304 ? it looks easy but im missing something essential...
[Sat Aug 23 13:57:33 2014] <vanila> Ainieco, that goal isn't provable
[Sat Aug 23 13:57:46 2014] <vanila> you can prove all tautologies with tauto. though
[Sat Aug 23 13:58:33 2014] <Cypi> Ainieco : your [left] was a little bit early, you cannot know yet if you will prove [P] or [Q /\ R]
[Sat Aug 23 13:58:49 2014] <Cypi> you need to destruct H0 and H1 to know that
[Sat Aug 23 14:00:42 2014] <Ainieco> oh, thanks
[Sat Aug 23 14:03:24 2014] <Ainieco> wasn't aware of fact that i can destruct H's.
[Sat Aug 23 14:07:23 2014] <Ainieco> hm, i guess destructing H's isn't right approach either http://lpaste.net/4599423457300578304
[Sat Aug 23 14:10:47 2014] <vanila> Ainieco, try this
[Sat Aug 23 14:10:50 2014] <vanila> Proof. tauto. Qed.
[Sat Aug 23 14:11:27 2014] <vanila> here is the bad way to do it http://lpaste.net/109887
[Sat Aug 23 14:15:01 2014] <Ainieco> vanila: i wonder what is intended(by Pierce) way to prove it since he havent mentioned neither tauto tactic nor destructing H...
[Sat Aug 23 14:15:23 2014] <vanila> case is the same as destruct in this situation
[Sat Aug 23 14:27:13 2014] <Ainieco> ugh, forgot i can use inversion on "or", proved it via inversion
[Sat Aug 23 14:27:27 2014] <Ainieco> tauto looks like cheating
[Sat Aug 23 14:28:09 2014] <vanila> do you know how /\ and \/ are defined?
[Sat Aug 23 14:30:53 2014] <Ainieco> yup
[Sat Aug 23 14:31:29 2014] <vanila> so case analysis on /\ gives you both proofs, case analysis on \/ splits your goal into two - each having the assumption
[Sat Aug 23 14:31:56 2014] <vanila> you can use the 'case' tactic instead of inversion (which is more powerful than you need)
[Sat Aug 23 14:33:15 2014] <Ainieco> got it, thanks!
[Sat Aug 23 15:39:34 2014] <hodapp> oh gawd, I just wrote "no_whilesR" as "noWhilesR" in 5 places
[Sat Aug 23 15:39:41 2014] <hodapp> someone get me some brain bleach to clean the Java out of my head
[Sat Aug 23 16:42:56 2014] <johnw> I need help understanding how physical/logical module paths work.  I have a bunch of files in ~/src/foo which I want to reference directory with Require Foo, Require Bar, etc.  I have more files in ~/src/bar, which I want to reference from foo's modules as Bar.Baz and Bar.Quux.  Is this possible?
[Sat Aug 23 16:43:18 2014] <johnw> I tried -I ~/src/foo -I ~/src/bar -as Bar, but it keeps saying that Bar.Baz.v is required but not found
[Sat Aug 23 17:01:10 2014] <johnw> aha, the problem is really that coqdep and coqc have very different behaviors
[Sat Aug 23 17:01:27 2014] <johnw> coqc succeeds, where coqdep with the exact same source code and options claims that the module cannot be found
[Sat Aug 23 17:24:06 2014] <osa1> sorry for long output but if anyone has any ideas about how to prove last lemma I could use some help :) http://lpaste.net/109898
[Sat Aug 23 17:25:01 2014] <johnw> destruct l, the go left in the nil case, right in the cons case
[Sat Aug 23 17:25:24 2014] <johnw> in the right case you'll need to destruct n, as you did above
[Sat Aug 23 17:25:26 2014] <osa1> um well I know that much.. problem is how to do rest
[Sat Aug 23 17:25:46 2014] <osa1> I don't think destructs solve it but I can try one more time I guess
[Sat Aug 23 17:27:43 2014] <osa1> johnw: H : find_min_idx (h :: t) = S n' |- S n' < length (h :: t)
[Sat Aug 23 17:27:55 2014] <osa1> with just destruct I'm stuck at this
[Sat Aug 23 17:28:04 2014] <johnw> can you do inversion on that iypothesis?
[Sat Aug 23 17:28:19 2014] <osa1> no, find_min_idx is a function
[Sat Aug 23 17:28:30 2014] <johnw> ah
[Sat Aug 23 17:28:50 2014] <osa1> johnw: I mean I can do that but I'm getting same thing as H1
[Sat Aug 23 17:38:59 2014] <osa1> ha! I did it!
[Sat Aug 23 17:39:03 2014] <johnw> how?
[Sat Aug 23 17:39:40 2014] <osa1> johnw: http://lpaste.net/109898
[Sat Aug 23 17:40:40 2014] <johnw> ah, well done :)
[Sat Aug 23 17:41:41 2014] <osa1> thanks. I'll remove [pose proof]s and use [apply] instead.
[Sat Aug 23 19:09:19 2014] <jgross> johnw: That sounds like a bug (coqdep and coqc behaving differently). You should report it. 
[Sat Aug 23 19:12:12 2014] <johnw> ok
[Sat Aug 23 19:12:16 2014] <johnw> jgross: have another question for you
[Sat Aug 23 19:12:20 2014] <johnw> https://gist.github.com/6f630649ba0def5606e8
[Sat Aug 23 19:12:28 2014] <johnw> I'm trying to use coinduction to prove things about hyperfunctions
[Sat Aug 23 19:12:38 2014] <johnw> I'm following the tricks given in Adam's book
[Sat Aug 23 19:12:54 2014] <johnw> but for some reason, 'simpl' is not resolving the applications of 'frob' the way they are for Adam
[Sat Aug 23 19:13:24 2014] <jgross> Which line? 
[Sat Aug 23 19:13:30 2014] <johnw> 96
[Sat Aug 23 19:13:38 2014] <johnw> the call to "simpl" leaves "frob f" in the goal
[Sat Aug 23 19:13:42 2014] <johnw> instead of revealing the constructors
[Sat Aug 23 19:13:48 2014] <johnw> also, I'm not sure what to do about hstream_equality
[Sat Aug 23 19:14:02 2014] <johnw> my Category is not really setup for codata
[Sat Aug 23 19:15:24 2014] <johnw> I guess this is again where setoids would help me?
[Sat Aug 23 19:18:48 2014] <jgross> AFAIK, coinduction in Coq is not very pretty.  You could assume [hstream_eq S T] is equivalent to [S = T] as an axiom.	(In much the same way you'd assume functional extensionalty as an axiom.)  There might be a systematic way of doing coinductive equality, but I don't know it.	You could ask on coq-club.  (Also, I hear the paco library is nice for coinduction, but don't actually know much about it.) 
[Sat Aug 23 19:19:49 2014] <jgross> johnw: "Error: Level 99 is already declared right associative while it is now expected to be left associative." 
[Sat Aug 23 19:19:59 2014] <johnw> huh
[Sat Aug 23 19:20:03 2014] <johnw> just change it to 98
[Sat Aug 23 19:20:07 2014] <johnw> or whatever works
[Sat Aug 23 19:20:44 2014] <jgross> And, uh, your [Class Hyper] definition make Coq loop? 
[Sat Aug 23 19:21:06 2014] <johnw> how so?
[Sat Aug 23 19:21:16 2014] <johnw> oh
[Sat Aug 23 19:21:38 2014] <johnw> no, why?
[Sat Aug 23 19:21:43 2014] <johnw> it doesn't here
[Sat Aug 23 19:22:00 2014] <johnw> i'm using 8.4pl4 btw
[Sat Aug 23 19:22:20 2014] <jgross> Oh, I'm using trunk.  Let me try 8.4. 
[Sat Aug 23 19:22:54 2014] <johnw> you may also need my versions of Category and Functor, right?
[Sat Aug 23 19:23:35 2014] <johnw> http://dl.dropbox.com/u/137615/coq-haskell.tar.gz
[Sat Aug 23 19:25:24 2014] <johnw> be back in 10
[Sat Aug 23 19:25:51 2014] <jgross> Oh, yeah, that's probably the issue; I was using edwardk's. 
[Sat Aug 23 19:26:54 2014] <jgross> er, nope, sorry, I was using https://github.com/jwiegley/category-theory 
[Sat Aug 23 19:34:51 2014] <jgross> johnw: I don't see why that should [simpl]?  However, [destruct f; simpl; constructor] works fine, as I expect. 
[Sat Aug 23 19:43:35 2014] <johnw> I changed Category.v
[Sat Aug 23 19:43:38 2014] <johnw> to work with 8.4
[Sat Aug 23 19:43:47 2014] <johnw> destruct f. Guarded. shows the problem
[Sat Aug 23 19:45:12 2014] <johnw> in Adam's book, simpl causes frob f to dissolve into a constructor application
[Sat Aug 23 19:45:16 2014] <johnw> not sure why that isn't happening here
[Sat Aug 23 19:53:47 2014] <johnw> ah, this isn't going to work anyway
[Sat Aug 23 19:54:04 2014] <johnw> I can't realize (a ~> a) -> a, since Type is not coinductive
[Sat Aug 23 19:55:46 2014] <jgross> You're applying [frob] to an opaque thing, and [frob] is defined as a match.  How does that simpl to a constructor?  (Which chapter/definition of CPDT should I look at?) 
[Sat Aug 23 19:56:33 2014] <johnw> http://adam.chlipala.net/cpdt/html/Coinductive.html
[Sat Aug 23 19:56:41 2014] <johnw> about halfway through
[Sat Aug 23 19:57:52 2014] <jgross> You mean with [ones] and [ones']?  That's because both of those are defined as constructor applications, while your [f] is atomic. 
[Sat Aug 23 19:58:08 2014] <johnw> oh
[Sat Aug 23 19:58:15 2014] <johnw> that makes a lot of sense now
[Sat Aug 23 19:58:58 2014] <johnw> it also makes sense that in the inductive world, I need extensionality here typically
[Sat Aug 23 19:59:46 2014] <johnw> if I try it here before apply hstream_equality, I get Error: No matching clauses for match goal
[Sat Aug 23 20:00:35 2014] <jgross> What is "it" that you're trying before hstream_equality? 
[Sat Aug 23 20:00:45 2014] <johnw> "extensionality e"
[Sat Aug 23 20:03:16 2014] <jgross> Well, yes, [extensionality e] is basically [apply functional_extensionality_dep; intro e], and [f] is not a function. 
[Sat Aug 23 20:03:46 2014] <johnw> what if I add a Funclass coercion?
[Sat Aug 23 20:04:38 2014] <johnw> i'll play with it; thanks jgross
[Sat Aug 23 20:07:24 2014] <jgross> johnw: Obligation 1.   apply hstream_equality.	 rewrite (frob_eq (hcompose f (lift (fun x : A => x)))).   rewrite (frob_eq f).   simpl.   destruct f.	 simpl.   revert b f.	cofix.	 intros.   constructor.   simpl.   destruct f.	 rewrite (frob_eq (hcompose _ (lift (fun x : A => x)))).   rewrite (frob_eq f).   simpl.   apply HStream_Category_obligation_1. Defined. 
[Sat Aug 23 20:07:48 2014] <johnw> whoa
[Sat Aug 23 20:08:27 2014] <johnw> what does "revert b f. cofix" mean?
[Sat Aug 23 20:09:08 2014] <jgross> It means "I want my coinduction hypothesis to start with [forall b f,] rather than being tied to the particular [b] and [f] I've chosen. 
[Sat Aug 23 20:09:27 2014] <jgross> s/I've chosen/that happen to be laying around/ 
[Sat Aug 23 20:09:34 2014] <johnw> i mean, it seems like you use destruct to get b and f, then you pop b and f, then you push them back on
[Sat Aug 23 20:09:41 2014] <johnw> and somehow that makes things happy?
[Sat Aug 23 20:10:04 2014] <johnw> hmm
[Sat Aug 23 20:10:11 2014] <johnw> how is destruct f suddenly passing the Guarded condition?
[Sat Aug 23 20:10:20 2014] <johnw> when it wasn't just a few minutes ago...
[Sat Aug 23 20:10:26 2014] <jgross> No, what makes things happy is that I [destruct f] before I [cofix] so that, once I've [cofix]ed, I can first [constructor], before I [destruct f] again. 
[Sat Aug 23 20:10:32 2014] <johnw> ahhhh
[Sat Aug 23 20:10:42 2014] <johnw> that's the piece I was missing
[Sat Aug 23 20:10:47 2014] <jgross> You had the right idea for the proof, you were just "off by one". 
[Sat Aug 23 20:11:15 2014] <johnw> and the revert lets you later use HStream_Category_obligation_1
[Sat Aug 23 20:11:18 2014] <johnw> I wouldn't have spotted that
[Sat Aug 23 20:11:28 2014] <johnw> thanks jgross!
[Sat Aug 23 20:11:36 2014] <johnw> too bad HStream_run can't be defined :(
[Sat Aug 23 20:11:40 2014] <johnw> https://gist.github.com/5ac200658cb722b591eb
[Sat Aug 23 20:11:48 2014] <johnw> I need that to make an instance for the Hyperfunction
[Sat Aug 23 20:12:11 2014] <jgross> Yes, that's what revert does.  (If you go forward with this, you should do cofix as H or whatever lets you name the hypothesis, because generated names are evil.) 
[Sat Aug 23 20:12:17 2014] <jgross> Glad I was able to help :-) 
[Sat Aug 23 20:14:07 2014] <johnw> yay, Category defined
[Sat Aug 23 20:14:52 2014] <johnw> but I don't think I can get an inductive "output" from this coinductive stream
[Sat Aug 23 20:15:09 2014] <johnw> maybe with an approximator
[Sat Aug 23 20:15:55 2014] <jgross> HStream_run is inconsistent.  If you define [rep f] as [HCons f (HCons f ...)], then [HStream_run (rep (@id False)) : False]. 
[Sat Aug 23 20:16:05 2014] <johnw> yep
[Sat Aug 23 20:16:48 2014] <jgross> Personally, I'm glad HStream_run can't be defined :-P 
[Sat Aug 23 20:16:53 2014] <johnw> haha
[Sat Aug 23 20:17:24 2014] <johnw> at best I can define: https://gist.github.com/ccb5c9a9e7e461b1edc4
[Sat Aug 23 20:19:15 2014] <jgross> Isn't that just the constant function None? 
[Sat Aug 23 20:19:26 2014] <johnw> uh, you're right
[Sat Aug 23 20:19:31 2014] <johnw> a very glorified const None
[Sat Aug 23 20:19:37 2014] <jgross> I think you need to give your approximator a seed value 
[Sat Aug 23 20:20:10 2014] <jgross> I might call it pompous rather than glorified 
[Sat Aug 23 20:20:18 2014] <johnw> bombastic
[Sat Aug 23 20:20:40 2014] <jgross> Sure, that works too ^.^ 
[Sun Aug 24 00:24:16 2014] <johnw> if my goal is RelationClasses.Equivalence_Reflexive = Equivalence_Reflexive, what might I be looking for to complete that?
[Sun Aug 24 00:53:00 2014] <hodapp> I'm looking at http://www.cis.upenn.edu/~bcpierce/sf/current/Imp.html#lab431 and I don't actually have any idea how I'd assert that something terminates...
[Sun Aug 24 00:53:48 2014] <johnw> the no_whilesR inductive type cannot be constructed with a non-terminating program
[Sun Aug 24 00:53:57 2014] <johnw> you just need to show that this is the case by induction
[Sun Aug 24 00:55:15 2014] <hodapp> but how would I express the general notion of a non-terminating program?
[Sun Aug 24 00:55:40 2014] <johnw> show that it has a terminating case, and that the evaluation of any program reduces to that terminating case
[Sun Aug 24 00:56:09 2014] <johnw> I haven't done this chapter yet, but I imagine there's an 'END' or 'RETURN' instruction of some sort
[Sun Aug 24 02:41:04 2014] <johnw> jgross: is there an easy way to find out why Coq goes into an infinite loop?
[Sun Aug 24 02:56:10 2014] <jrw> hodapp: are you still trying to phrase termination?
[Sun Aug 24 03:03:26 2014] <jrw> anyways, in this case the big step evaluation relation (ceval) implies termination, so I think what they're looking for is something along the lines of: forall c st, no_whilesR c -> exists st', c / st || st'
[Sun Aug 24 07:05:50 2014] <osa1> do we have a proof for this in stdlib: "exists (h0 : list A) (t : A), h :: th :: tt = h0 ++ [t]" ?
[Sun Aug 24 07:15:35 2014] <roosbeef> is there a simple way to construct from an (L : list A) an (L' : list {x : A & In x L})?
[Sun Aug 24 07:16:22 2014] <roosbeef> im currently using this: https://privatepaste.com/12dea1f149
[Sun Aug 24 07:17:11 2014] <roosbeef> which does work but i have to prove that when doing map projT1 on this list it returns the original list, which seems with this definition more cumbersome than it should be
[Sun Aug 24 07:22:05 2014] <osa1> I have H : S n < S (length l) and when I do rewrite <- lt_n_S in H. I'm having H : S ?9115 < S (length l). why?
[Sun Aug 24 07:23:10 2014] <roosbeef> you need the other way around
[Sun Aug 24 07:23:23 2014] <roosbeef> hm nevermind you did <-
[Sun Aug 24 07:23:27 2014] <roosbeef> id do apply though not rewrite
[Sun Aug 24 07:24:05 2014] <roosbeef> with implications
[Sun Aug 24 07:24:34 2014] <roosbeef> try [apply lt_S_n in H.]?
[Sun Aug 24 07:32:52 2014] <osa1> apply is failing with a weird error message
[Sun Aug 24 07:33:21 2014] <osa1> terms in the error message are not the terms I'm working on so I have no idea what's going on.
[Sun Aug 24 07:36:03 2014] <osa1> I have only one lemma left to finish my master theorem :p
[Sun Aug 24 07:38:28 2014] <roosbeef> nice
[Sun Aug 24 07:38:51 2014] <roosbeef> whats the error message?
[Sun Aug 24 07:55:21 2014] <roosbeef> yay i solved my problem too :)
[Sun Aug 24 08:02:40 2014] <shouya> hi,
[Sun Aug 24 08:03:21 2014] <shouya> a little question: how do i define the one-many property of a relation.
[Sun Aug 24 08:03:54 2014] <shouya> following a method mentioned on imp: http://people.umass.edu/klement/imp/imp.html#page45
[Sun Aug 24 08:04:36 2014] <shouya> they may be defined as relations such that the relative product of one of them and its converse implies identity, where the “relative product” of two relations R and S is that relation which holds between x and z when there is an intermediate term y, such that x has the relation R to y and y has the relation S to z.
[Sun Aug 24 08:04:40 2014] <shouya> here.
[Sun Aug 24 08:05:27 2014] <shouya> my train of thought is to define the concept 'converse', 'relative product', and 'id' first.
[Sun Aug 24 08:07:15 2014] <shouya> http://lpaste.net/109924
[Sun Aug 24 08:07:31 2014] <shouya> here's my definition.
[Sun Aug 24 08:09:27 2014] <shouya> one_many'' is the definition completely following that statement on the book.
[Sun Aug 24 08:09:43 2014] <shouya> the 'Goal' section below is how i understand it.
[Sun Aug 24 08:11:07 2014] <shouya> while I can't prove that they're equivalent.
[Sun Aug 24 08:11:15 2014] <jgross> johnw: No.  If it's typeclasses, you can [Set Typeclasses Debug.]  If it's Ltac, you can [Set Ltac Debug.]  If it's something else, you can recompile Coq with Ocaml+fp and -debug, and then use gprof, I think. And then you have to figure out how the mangled names correspond to the OCaml methods. While the first two are easy, the last is decidedly not. 
[Sun Aug 24 08:17:55 2014] <jgross> edwardk, johnw: You have [Set Primitive Projection] in a bunch of places in https://github.com/jwiegley/category-theory/; the flag is [Set Primitive Projections.] 
[Sun Aug 24 09:16:15 2014] <schoppenhauer> hm. coq warns me about possible stack overflows because I use huge nat's. I would use BinNat's. But is it possible to use decimal notation for BinNats?
[Sun Aug 24 09:18:18 2014] <schoppenhauer> is using N_scope sufficient?
[Sun Aug 24 09:19:29 2014] <schoppenhauer> ok, seems like that.
[Sun Aug 24 09:47:58 2014] <hodapp> jrw: thanks, that makes some sense. I was trying something similar but was missing the 'exists' part because I forgot that exists, err, exists
[Sun Aug 24 09:50:08 2014] <Tuplanolla> This channel is too much for me. Maybe I can handle it better once I'm done with CPDT.
[Sun Aug 24 10:07:00 2014] <schoppenhauer> CPDT?
[Sun Aug 24 10:07:53 2014] <roosbeef> that book by Adam Chlipala
[Sun Aug 24 10:36:07 2014] <hodapp> why'd he leave :(
[Sun Aug 24 10:36:14 2014] <hodapp> or she.
[Sun Aug 24 10:36:15 2014] <hodapp> or it.
[Sun Aug 24 10:37:01 2014] <ijp> or they; don't want to discriminate against the schizophrenic
[Sun Aug 24 10:37:40 2014] <hodapp> THAT'S NOT WHAT SCHIZOPHRENIA MEANS
[Sun Aug 24 10:39:00 2014] <ijp> thank you dsm5bot
[Sun Aug 24 10:39:56 2014] <roosbeef> haha
[Sun Aug 24 12:28:03 2014] <mads-> When using match n with .. S n' => n', does that prime mean anything? Or could I just write S x => x ?
[Sun Aug 24 12:33:17 2014] <bacam> mads-: No, the ' is just part of the name "n'"
[Sun Aug 24 13:00:04 2014] <mads-> bacam: thanks.
[Sun Aug 24 14:43:31 2014] <Ainieco> hello
[Sun Aug 24 14:45:56 2014] <Ainieco> why I can't apply excluded middle right away here http://lpaste.net/481715496035549184 ? Pierce says that it's safe to add these classic theorems as axioms but "apply exluded_middle." doesn't work in excluded_middle_irrefutable
[Sun Aug 24 14:46:45 2014] <Ainieco> aren't those definitions defined by Pierce not axioms enough and i have to do foo-like thing for every one of them?
[Sun Aug 24 14:49:12 2014] <ijp> those definitions are just shorthands for the proposition, not a proof of them, or saying that they are an axiom
[Sun Aug 24 14:49:44 2014] <ijp> coq will accept Definition clearly_not_true := 0 = 1. just fine
[Sun Aug 24 14:50:14 2014] <Ainieco> oh, so i need to add any of them as axiom myself, got it
[Sun Aug 24 14:50:55 2014] <Ainieco> ijp: does that means that i can't prove excluded_middle_irrefutable without having excluded_middle as axiom?
[Sun Aug 24 14:51:20 2014] <ijp> well, you can just make it a hypothesis
[Sun Aug 24 14:52:01 2014] <ijp> I did that for my proofs of classical_axioms
[Sun Aug 24 14:53:52 2014] <ijp> or you can use the Axiom command, if you prefer
[Sun Aug 24 14:53:59 2014] <ijp> http://coq.inria.fr/refman/Reference-Manual003.html#hevea_command0
[Sun Aug 24 14:54:43 2014] <Ainieco> ijp: sorry but how can i make it hypotesis? i can't just prepend  "P \/ ~P -> " to excluded_middle_irrefutable because it's an exercise defined by Pierce
[Sun Aug 24 14:55:02 2014] <Ainieco> ijp: okay, i'll add it as an axiom, thank you!
[Sun Aug 24 14:58:14 2014] <ijp> Ainieco: I think that may imply you can do it without LEM
[Sun Aug 24 14:58:34 2014] <ijp> that exercise wasn't there when I did sf, but I'll see if I can manage it
[Sun Aug 24 15:00:43 2014] <Ainieco> ijp: sorry, what is LEM?
[Sun Aug 24 15:00:51 2014] <ijp> excluded middle
[Sun Aug 24 15:02:16 2014] <Ainieco> ah, can't think about way of proving it without LEM, it'll be interesting to see one tho
[Sun Aug 24 15:03:55 2014] <ijp> yeah, you can solve it without it
[Sun Aug 24 15:04:20 2014] <ijp> quite a cheeky proof really
[Sun Aug 24 15:09:04 2014] <Ainieco> yup, found a way to solve it without LEM
[Sun Aug 24 15:17:38 2014] <Ainieco> ijp: by the way do you know what is meant by "equivalent" in that 5 star exercise from paste?
[Sun Aug 24 15:17:56 2014] <Ainieco> is it pierce = classic?
[Sun Aug 24 15:18:13 2014] <ijp> <-> rather than =
[Sun Aug 24 15:19:00 2014] <ijp> you can get away with only five one way proofs if you do them right
[Sun Aug 24 15:19:51 2014] <Ainieco> ijp: why? i know you're right because i already failed proving it with = but i just want to learn why in this time equivalent means <->
[Sun Aug 24 15:20:12 2014] <Ainieco> because want to reason correctly next time on my own :)
[Sun Aug 24 15:20:53 2014] <ijp> to be honest, I didn't give it a thought
[Sun Aug 24 15:22:26 2014] <Ainieco> ijp: but you somehow decided that it's <-> rather than =, was it a guess?
[Sun Aug 24 15:24:28 2014] <ijp> Ainieco: I suppose I just assumed it based on the use of the word "equivalent" rather than "equal"
[Sun Aug 24 15:26:47 2014] <Ainieco> yeah that makess sense
[Sun Aug 24 16:38:13 2014] <Ainieco> finished all in Logic.v except that 5 star exercise... looks like really though one.
[Sun Aug 24 16:39:43 2014] <vanila> they are not very difficult
[Sun Aug 24 16:39:52 2014] <vanila> just have a go
[Sun Aug 24 16:40:02 2014] <vanila> if you get stuck i could help
[Sun Aug 24 16:40:11 2014] <vanila> I solved these from coq'art a while ago
[Sun Aug 24 16:40:26 2014] <ijp> the peirce ones were harder for me but that's because I didn't really get what the peirce lemma said
[Sun Aug 24 16:40:50 2014] <vanila> by the way, to prove that they are all equivalent yuo just need to show that A -> B, B -> C and C -> A
[Sun Aug 24 16:41:10 2014] <ijp> but I knew it was the type of call/cc, so I figured it out that way
[Sun Aug 24 16:41:11 2014] <Ainieco> vanila: thank you!
[Sun Aug 24 16:43:39 2014] <Ainieco> vanila: yeah, because of transitivity
[Sun Aug 24 16:43:52 2014] <ijp> Ainieco: but none of the proofs are very long, they just require careful thought
[Sun Aug 24 16:44:17 2014] <johnw> jgross: thanks
[Sun Aug 24 16:44:23 2014] <johnw> jgross: in one case, it was typeclass instance resolution going into an infinite loop; but making the call to fmap fully explicit, it fixed it
[Sun Aug 24 16:44:47 2014] <johnw> jgross: is there any resource for better understanding how typeclass instance are resolved in Coq?  I've run into a few cases where it makes little sense to me, coming from Haskell
[Sun Aug 24 16:44:48 2014] <Ainieco> ijp: you're right, thank you of encouraging me :)
[Sun Aug 24 16:45:08 2014] <johnw> for example, I have a Maybe and an Either instance, but when I fmap f x on an Either value, it picks the Maybe instance.  Stuff like that
[Sun Aug 24 16:46:04 2014] <edwardk> johnw: the hint really is the 'typeclass' thing isn't about classes, its implicits, it looks for something that typechecks and plugs it in.
[Sun Aug 24 16:46:19 2014] <edwardk> that's why i switched to records rather than classes
[Sun Aug 24 16:46:37 2014] <johnw> edwardk: how did that solve things for you?
[Sun Aug 24 16:47:17 2014] <edwardk> because now i'm using reocrds i explicitly pass as needed and am not relying on magic instance resolution to try to find an instance when all instances are the same because you have no parameters!
[Sun Aug 24 16:47:28 2014] <edwardk> C : category can always be satisfied
[Sun Aug 24 16:47:34 2014] <edwardk> if you have any category
[Sun Aug 24 16:47:51 2014] <edwardk> that's why you keep getting the latest thing you made
[Sun Aug 24 16:47:51 2014] <johnw> I see.  I would still like to understand what Coq is doing better, and why
[Sun Aug 24 16:47:59 2014] <johnw> Haskell's way of doing things has always made perfect sense
[Sun Aug 24 16:48:07 2014] <johnw> s/better//
[Sun Aug 24 16:48:11 2014] <ijp> I'll take Lakes of the World for $500
[Sun Aug 24 16:48:21 2014] <edwardk> if you make an instance for a thing that has parameters you can actually get something the instance discharge machinery has to fire off of
[Sun Aug 24 16:48:42 2014] <edwardk> but with C : category for instance, you have literally nothing for it to dispatch off for instance
[Sun Aug 24 16:48:52 2014] <johnw> ah, so this is the proxy problem
[Sun Aug 24 16:49:01 2014] <johnw> which in Haskell is an error
[Sun Aug 24 16:49:18 2014] <edwardk> when you say Program Instance Maybe : Functor Types Types   -- you've made 'the functor from types to types'
[Sun Aug 24 16:49:25 2014] <edwardk> rather than a functor from types to types
[Sun Aug 24 16:49:41 2014] <edwardk> so it feels justified filling in the instance whenever it needs a functor from types to types!
[Sun Aug 24 16:49:52 2014] <johnw> right
[Sun Aug 24 16:49:58 2014] <edwardk> in haskell you'd just get yelled at by the compiler
[Sun Aug 24 16:50:06 2014] <johnw> this seems no good
[Sun Aug 24 16:50:17 2014] <edwardk> well, you have no coherence guarantees in coq
[Sun Aug 24 16:50:23 2014] <edwardk> like i said, they are implicits
[Sun Aug 24 16:50:55 2014] <edwardk> in haskell you'd have to make a type constructor to hang the functor off, then the instance would dispatch off that
[Sun Aug 24 16:51:11 2014] <johnw> what I'm doing now is going back to working on my coq-haskell library, which is explicitly for proving properties about typical Haskell code.  For that I want a verison of Category which is convenient to work with *in that context*.  So I'd like to be able to write code which looks and feels like Haskell, meaning I want to make use of typeclasses
[Sun Aug 24 16:51:12 2014] <edwardk> Functor would have a parameter describing the tag/embedding/whatever
[Sun Aug 24 16:51:45 2014] <johnw> but I need to figure out how to make them well-behaved, and how to know when they aren't
[Sun Aug 24 16:51:55 2014] <edwardk> hen you really want Functor to take something haskell would say is of kind * -> * as a parameter, in coq you'd probably pass the lambda at the type level
[Sun Aug 24 16:52:11 2014] <edwardk> you don't get to know when they aren't
[Sun Aug 24 16:52:19 2014] <edwardk> you don't have the global enforcer in the typechecker
[Sun Aug 24 16:52:29 2014] <johnw> edwardk: what looks wrong about this to you: https://github.com/jwiegley/coq-haskell/blob/master/Category.v#L616
[Sun Aug 24 16:52:36 2014] <edwardk> haskell has a whole set of logic to enforce invariants that aren't enforced here
[Sun Aug 24 16:53:24 2014] <johnw> right
[Sun Aug 24 16:53:27 2014] <johnw> just what I'm noticing
[Sun Aug 24 16:54:29 2014] <edwardk> can you back up and give me more context of what you are trying to do and what you expect to have ben wrong?
[Sun Aug 24 16:54:34 2014] <edwardk> * is kinda checked out at the moment
[Sun Aug 24 16:54:42 2014] <johnw> you mean, with that code I linked you?
[Sun Aug 24 16:55:30 2014] <edwardk> es
[Sun Aug 24 16:55:44 2014] <johnw> so, I want to have a category based on setoids so that I can be flexible in the notion of equality
[Sun Aug 24 16:55:59 2014] <johnw> I want this primarily because in order to have a category of hyperfunctions, I need coinductive equality, not inductive equality
[Sun Aug 24 16:56:11 2014] <johnw> with setoids, I can just inject my hstream_eq equality and all is good
[Sun Aug 24 16:56:28 2014] <johnw> but this means that to make Hom, I need to map C^op x C to the category of Setoids, not to plain Sets
[Sun Aug 24 16:56:45 2014] <johnw> and the category of Setoids needs to be based on function equivalence, rather than "equality on the nose"
[Sun Aug 24 16:57:03 2014] <johnw> otherwise, I run into a scenario where given f ≈ g, I need to prove compose f = compose g, which I just can't do
[Sun Aug 24 16:57:07 2014] <johnw> with equivalence on both sides, I can
[Sun Aug 24 16:57:22 2014] <edwardk> google hangout real quick, easier =)
[Sun Aug 24 16:57:24 2014] <johnw> however, while this works great for Hom, it breaks simpler things
[Sun Aug 24 16:57:25 2014] <johnw> ok
[Sun Aug 24 17:15:33 2014] <jgross> johnw: It's approximately [eauto with typeclass_instances].  There are a few subtle differences (backtracking across evar instantiations across multiple goals is handled slightly differently) and a few very, very, very subtle differences (I think the algorithm it uses to look things up and what it unfolds are slightly different in a way that I've seen show up in performance bugs and nothing else).  But, in general, just look at [Print HintDb
[Sun Aug 24 17:15:33 2014] <jgross> typeclass_instances] and [Set Typeclasses := debug.] (I think that's the right invocation?). 
[Sun Aug 24 17:18:55 2014] <johnw> ooh, excellent, I'll try that jgross
[Sun Aug 24 17:29:08 2014] <johnw> edwardk: proved!
[Sun Aug 24 17:29:42 2014] <edwardk> johnw: gratz =)
[Sun Aug 24 17:29:54 2014] <edwardk> johnw: what was the last step?
[Sun Aug 24 17:30:01 2014] <johnw> https://gist.github.com/a2ee37dfaa575d12672b
[Sun Aug 24 17:30:06 2014] <johnw> I was just missing a destruct
[Sun Aug 24 17:30:13 2014] <edwardk> fair nuff
[Sun Aug 24 17:30:18 2014] <johnw> story of my life
[Sun Aug 24 17:34:29 2014] <johnw> when I have trans_sym_co_inv_impl_morphism on one side of my equality, what is Coq expecting me to show?
[Sun Aug 24 17:37:16 2014] <chirpsalot> Is there a way to use "Check" within a definition? I want to double check the type of something mid-definition because I am getting confused.
[Sun Aug 24 17:38:58 2014] <johnw> edwardk: same problem with Hom btw
[Sun Aug 24 17:39:05 2014] <johnw> have to prove f ≈ f' → f = f'
[Sun Aug 24 17:39:15 2014] <johnw> but here equivalence in C is unknown
[Sun Aug 24 17:45:00 2014] <cody__> you're outta luck johnw
[Sun Aug 24 17:45:10 2014] <johnw> haha
[Sun Aug 24 17:45:12 2014] <johnw> I noticed
[Sun Aug 24 17:45:15 2014] <cody__> it's gonna be false in general
[Sun Aug 24 17:45:48 2014] <cody__> chirpsalot: I'm afraid Check is a toplevel command that requires a term argument
[Sun Aug 24 17:46:09 2014] <cody__> you can try Hypothesis my_current_context.
[Sun Aug 24 17:46:14 2014] <cody__> Check my_test_term
[Sun Aug 24 17:46:20 2014] <chirpsalot> Ah, thanks.
[Sun Aug 24 17:46:23 2014] <cody__> or try building your term interactively
[Sun Aug 24 17:46:29 2014] <chirpsalot> Yeah.
[Sun Aug 24 17:46:43 2014] <chirpsalot> It's just a pain to lift all of the context stuff out.
[Sun Aug 24 17:47:47 2014] <chirpsalot> I did figure out my problem, though :). So now I'm not too bitter about that... Until next time.
[Sun Aug 24 17:48:36 2014] <cody__> one trick is to make a goal equal to the type of your term
[Sun Aug 24 17:48:52 2014] <cody__> then use "refine" to put your term, with _ where you aren't sure
[Sun Aug 24 17:49:06 2014] <cody__> that builds your context automagically
[Sun Aug 24 17:50:00 2014] <chirpsalot> I am not sure I know enough of the terminology yet to fully grok what you are saying :(.
[Sun Aug 24 17:50:36 2014] <cody__> Definition myadd : nat -> nat -> nat.
[Sun Aug 24 17:50:37 2014] <chirpsalot> * just got to the MoreCoq section of Coq SF. http://www.cis.upenn.edu/~bcpierce/sf/current/MoreCoq.html
[Sun Aug 24 17:51:21 2014] <cody__> refine (fun x y => _ + x)
[Sun Aug 24 17:51:24 2014] <cody__> .
[Sun Aug 24 17:51:43 2014] <johnw> cody__: so, here's the problem I have in general
[Sun Aug 24 17:52:31 2014] <cody__> johnw: hit me
[Sun Aug 24 17:52:50 2014] <johnw> given that f ≈ f' in some category C, then I have a category of hom-sets, where the morphisms between hom-sets are composition.  How can I show that for two equivalence morphisms in C, the arrows representing compositions to/from those hom-sets are equivalent in Set?
[Sun Aug 24 17:53:24 2014] <johnw> right now I'm defining equivalence in Set as:
[Sun Aug 24 17:53:25 2014] <johnw> Definition func_eqv {a b} (f g : a → b) : Prop := ∀ x, f x = g x.
[Sun Aug 24 17:53:34 2014] <johnw> but that doesn't work if f and g are (compose f) and (compose f') from above
[Sun Aug 24 17:54:06 2014] <cody__> um
[Sun Aug 24 17:54:10 2014] <cody__> i'm confused
[Sun Aug 24 17:54:19 2014] <cody__> you're trying to prove the Yoneda Lemma?
[Sun Aug 24 17:54:46 2014] <johnw> no
[Sun Aug 24 17:54:56 2014] <johnw> just that the Hom functor fulfills the "fmap_respects" law
[Sun Aug 24 17:55:12 2014] <johnw> which says that f ≈ f' → fmap f ≈ fmap f'
[Sun Aug 24 17:55:36 2014] <cody__> can you show me the code?
[Sun Aug 24 17:56:22 2014] <johnw> https://github.com/jwiegley/coq-haskell
[Sun Aug 24 17:56:35 2014] <johnw> func_eqv is in Category.v, and fmap_respects and Hom are in Functor.v
[Sun Aug 24 17:58:58 2014] <cody__> I'm afraid I can't find Hom
[Sun Aug 24 18:01:02 2014] <johnw> in Functor.v
[Sun Aug 24 18:01:02 2014] <cody__> your definition of EqualFunctors is a bit strange as well
[Sun Aug 24 18:01:17 2014] <johnw> https://github.com/jwiegley/coq-haskell/blob/master/Functor.v#L439
[Sun Aug 24 18:01:29 2014] <johnw> I stole that from the coq-categories repo
[Sun Aug 24 18:01:46 2014] <cody__> hmm
[Sun Aug 24 18:01:59 2014] <johnw> I have a feeling that since I'm using setoids, I shouldn't need EqualFunctors
[Sun Aug 24 18:02:05 2014] <johnw> since I already have notions of equivalence everywhere
[Sun Aug 24 18:02:19 2014] <johnw> also, for Hom, I bet I need to use the equivalence of partially applied compositions from C, not from Set
[Sun Aug 24 18:02:38 2014] <cody__> right
[Sun Aug 24 18:02:45 2014] <johnw> so I'm starting with:
[Sun Aug 24 18:02:47 2014] <johnw> fmap_respects := fun a b f f' H => @eqv C a b (compose f) (compose f')
[Sun Aug 24 18:02:55 2014] <johnw> which of course doesn't typecheck
[Sun Aug 24 18:03:14 2014] <cody__> um
[Sun Aug 24 18:03:27 2014] <cody__> let me think for a second
[Sun Aug 24 18:04:00 2014] <cody__> basically you're trying to prove that the hom-functor is indeed a functor
[Sun Aug 24 18:04:05 2014] <johnw> yep
[Sun Aug 24 18:04:18 2014] <johnw> and part of doing so is that fmap respects equivalences
[Sun Aug 24 18:04:57 2014] <johnw> by default, it's choosing Set's version of equivalence, which I cannot prove (and rightfully so)
[Sun Aug 24 18:05:09 2014] <cody__> yes i see
[Sun Aug 24 18:05:13 2014] <cody__> just a second
[Sun Aug 24 18:06:03 2014] <cody__> you need [C, Set]'s version of equivalence rather
[Sun Aug 24 18:06:05 2014] <cody__> no?
[Sun Aug 24 18:06:34 2014] <johnw> this is for the partially applied case
[Sun Aug 24 18:06:47 2014] <johnw> for the non-partially applied case, yes
[Sun Aug 24 18:06:57 2014] <johnw> that's why the instance for Hom has a nested record in there
[Sun Aug 24 18:07:59 2014] <johnw> i.e., you give me an object from C^op, and I'll give you a covariant functor from C → Sets
[Sun Aug 24 18:08:30 2014] <cody__> yea
[Sun Aug 24 18:08:38 2014] <johnw> so now, given equivalence of morphisms in C, I need to show that fmap'ing those morphisms into Set preserves equivalence
[Sun Aug 24 18:08:54 2014] <cody__> I have the nasty feeling the Hom functor isn't a functor in the sense you want it to
[Sun Aug 24 18:09:04 2014] <cody__> it's only a functor over "setoids"
[Sun Aug 24 18:09:11 2014] <johnw> right
[Sun Aug 24 18:09:16 2014] <johnw> I'm OK with that
[Sun Aug 24 18:09:19 2014] <cody__> i.e. sets equipped with an equivalence relation
[Sun Aug 24 18:09:24 2014] <johnw> Sets here should be the category of setoids
[Sun Aug 24 18:09:33 2014] <cody__> very probably
[Sun Aug 24 18:09:35 2014] <johnw> ah, hmmm
[Sun Aug 24 18:09:42 2014] <johnw> so maybe my func_eqv is too specialized
[Sun Aug 24 18:10:04 2014] <cody__> It's annoying because it forces you to change Sets
[Sun Aug 24 18:10:09 2014] <johnw> see https://github.com/jwiegley/coq-haskell/blob/master/Category.v#L653
[Sun Aug 24 18:10:17 2014] <cody__> which may not be a lot of work depending on how much you use it
[Sun Aug 24 18:10:27 2014] <johnw> i wonder if I need to take in eqv as a parameter to that instance
[Sun Aug 24 18:10:48 2014] <johnw> rather than assuming that ∀ x, f x = g x is good enough to establish equivalence of f and g
[Sun Aug 24 18:11:01 2014] <cody__> you'd need to change ob to pairs Type*some_equivalence
[Sun Aug 24 18:11:02 2014] <johnw> since f and g may not be functions, but rather morphisms from some aribtrary category embedded in Sets
[Sun Aug 24 18:11:10 2014] <johnw> ahhhh
[Sun Aug 24 18:11:15 2014] <johnw> yes, now I see where you're going
[Sun Aug 24 18:11:24 2014] <cody__> and hom to functions that respect the equivalence
[Sun Aug 24 18:11:29 2014] <johnw> right
[Sun Aug 24 18:11:41 2014] <johnw> then I'd have a suitable space for embedding hom-sets
[Sun Aug 24 18:11:52 2014] <cody__> yes
[Sun Aug 24 18:11:57 2014] <johnw> ok, in that case then I'll make yet another category called Coq which is not a setoid at all
[Sun Aug 24 18:12:04 2014] <johnw> because I have need of both of these things
[Sun Aug 24 18:12:21 2014] <cody__> really?
[Sun Aug 24 18:12:23 2014] <cody__> how come?
[Sun Aug 24 18:12:31 2014] <johnw> so, Sets I need for Hom and the more categorical stuff I want to prove
[Sun Aug 24 18:12:45 2014] <johnw> the category Coq I need to model things that more closely hew to what you see in Haskell
[Sun Aug 24 18:12:51 2014] <johnw> without having to bend over backwards everywhere
[Sun Aug 24 18:13:10 2014] <johnw> in Coq, equivalence is just equality assuming functional extensionality
[Sun Aug 24 18:13:24 2014] <johnw> but in Sets, equivalence must respect the origin of objects
[Sun Aug 24 18:13:30 2014] <cody__> ok
[Sun Aug 24 18:13:47 2014] <johnw> i wonder if setoids is worth it
[Sun Aug 24 18:13:53 2014] <cody__> Yes in set theory the two categories are the same
[Sun Aug 24 18:14:01 2014] <johnw> there is only one reason I wanted them
[Sun Aug 24 18:14:17 2014] <johnw> in order to build the category of hyperfunctions, I need to use coinductive equality rather than regular equality
[Sun Aug 24 18:14:22 2014] <cody__> what was that?
[Sun Aug 24 18:14:29 2014] <cody__> ah yes ok
[Sun Aug 24 18:14:41 2014] <johnw> if I drop setoids, I'm rather restricted in what I can talk about
[Sun Aug 24 18:14:46 2014] <cody__> honestly coq support for relations is quite good
[Sun Aug 24 18:14:52 2014] <johnw> yes
[Sun Aug 24 18:14:58 2014] <johnw> it's just a lot of groundwork to setup
[Sun Aug 24 18:15:01 2014] <johnw> but I do like the flexibility
[Sun Aug 24 18:15:16 2014] <johnw> for example, see https://github.com/jwiegley/coq-haskell/blob/master/Hyper.v#L127
[Sun Aug 24 18:15:25 2014] <cody__> I think it's the right way to go
[Sun Aug 24 18:15:49 2014] <johnw> actually, no, the more important example is https://github.com/jwiegley/coq-haskell/blob/master/Hyper.v#L233
[Sun Aug 24 18:16:04 2014] <johnw> there are at least 3 ways of modeling hyperfunctions, and Coq can encode two of them
[Sun Aug 24 18:16:19 2014] <johnw> HMachines are inductive, HStreams are coinductive
[Sun Aug 24 18:17:59 2014] <johnw> jgross: in https://github.com/jwiegley/coq-haskell/blob/master/Hyper.v#L223, how do I ask Coq to always prefer ∘ from Sets if no context is given as an argument?
[Sun Aug 24 18:18:03 2014] <cody__> either is probably gonna have drawbacks
[Sun Aug 24 18:18:16 2014] <johnw> cody__: yes, I'm already finding that to be the case :)
[Sun Aug 24 18:18:41 2014] <johnw> with HStream, coinduction can be a pain
[Sun Aug 24 18:19:09 2014] <johnw> with HMachine, that type parameter 'u'  (which is hidden away using rank-2 polymorphism in Haskell) is a major pain
[Sun Aug 24 18:20:23 2014] <cody__> there's a nasty axiom you can probably assume
[Sun Aug 24 18:20:44 2014] <cody__> something like "bisim -> ="
[Sun Aug 24 18:21:00 2014] <cody__> that would allow you to work with the "Strict Set"
[Sun Aug 24 18:21:17 2014] <cody__> but you would have to undo all your good work and take a strict = on Hom sets
[Sun Aug 24 18:21:29 2014] <cody__> I would encourage you to work with Setoids
[Sun Aug 24 18:21:37 2014] <cody__> but I know it's hard work
[Sun Aug 24 18:22:27 2014] <johnw> ok, I'll keep going
[Sun Aug 24 18:22:31 2014] <johnw> I'd like more familiarity with them anyway
[Sun Aug 24 18:22:37 2014] <johnw> it's a good tool to have in the toolbox
[Sun Aug 24 18:22:51 2014] <johnw> off to dinner, thanks for your help cody__!  I think you've unstuck me
[Sun Aug 24 18:23:04 2014] <cody__> um
[Sun Aug 24 18:23:07 2014] <cody__> you're welcome
[Sun Aug 24 18:23:26 2014] <cody__> though I feel like all I said was: you need to change some basic definitions and work really hard
[Sun Aug 24 19:25:46 2014] <jgross> johnw: [unfold trans_sym_co_inv_impl_morphism]?
[Sun Aug 24 19:25:46 2014] <jgross> johnw: Is there a way to use "Check" within a definition? <- use [$(idtac defn; admit)$].  You'll need to get enough of your definition type-checking that admitting the broken piece is enough to get it to go through, but that should show you the thing you want to see.  Or [$(let T := type of defn in idtac T; admit)$].  Or you might need [$(let term := constr:(defn) in let T := type of term in idtac T; admit)$]. 
[Sun Aug 24 19:30:00 2014] <jgross> johnw: how do I ask Coq to always prefer ∘ from Sets <- make [Sets] have prioity 0 ([Instance Sets : Category | 0 := ...]), and give all other instances prioity 1 or higher (default is the number of typeclass arguments the instance has) 
[Sun Aug 24 19:37:25 2014] <jgross> johnw: Rather than using setoids, you should develop the theory of higher coinductive types, or a sane equality for coinductives. :-P (Is axiomatizing HStream_eq -> eq really that terrible?  You should be able to convince yourself in the metatheory that any function out of HStream will respect HStream_eq (because, for cofixpoint functions, you can induct on your proof of HStream_eq, and for non-cofix functions, you can destruct the proof
[Sun Aug 24 19:37:25 2014] <jgross> whatever finite number of times the non-cofix function does.  And then you do magic univalence-like things to get it to work with crazy dependent type families like [eq].) And that's basically the definition of [eq].  Furthermore, if you make your axiom that the function [eq -> HStream_eq] is an equivalence, then you can make your axiom disappear whenever you transport across it, in much the same way that we currently make univalence disappear
[Sun Aug 24 19:37:25 2014] <jgross> in HoTT/HoTT. 
[Sun Aug 24 20:43:20 2014] <johnw> jgross: thank you so much
[Sun Aug 24 20:43:27 2014] <johnw> jgross: you've been invaluable to learning all of this machinery
[Sun Aug 24 20:43:59 2014] <johnw> jgross: hmm.. maybe setoids are too much then
[Sun Aug 24 20:44:07 2014] <johnw> jgross: since I don't need them for 95% of what I want this code for
[Sun Aug 24 20:44:20 2014] <johnw> jgross: ok, I'll shunt this development into a branch and go back to the simpler form of equality where everything was working
[Sun Aug 24 20:47:16 2014] <hodapp> hrmph, I am in the situation that I need to give a witness, but I don't exactly have a value I can give the witness, just a proposition pertaining to it
[Sun Aug 24 20:47:24 2014] <hodapp> which I suppose would make the witness nonconstructive
[Sun Aug 24 20:47:32 2014] <hodapp> which I guess would make it... not really a witness
[Sun Aug 24 20:47:40 2014] <johnw> can you use eexists?
[Sun Aug 24 20:48:44 2014] <hodapp> dunno. There is probably a way to avoid this...
[Sun Aug 24 20:50:22 2014] <hodapp> looking at http://www.cis.upenn.edu/~bcpierce/sf/current/Imp.html#lab431 and I've used for the theorem: forall c st, no_whilesR c -> exists st', c / st || st'
[Sun Aug 24 20:51:23 2014] <hodapp> and I'm at the case of showing that for ;; (sequencing), but I am struggling to figure out how to construct a value as a witness
[Sun Aug 24 20:51:44 2014] <hodapp> as ceval is not a function
[Sun Aug 24 20:52:15 2014] <hodapp> well... I guess there is a function which covers some of its behavior
[Sun Aug 24 20:52:19 2014] <hodapp> I'll shut up for a bit
[Sun Aug 24 20:53:46 2014] <ijp> what have you got so far?
[Sun Aug 24 20:54:12 2014] <hodapp> trying to use ceval_fun_no_while to construct a witness
[Sun Aug 24 20:56:52 2014] <hodapp> which differs anywhere there is a 'while', but no_whilesR guarantees none are present, but I may have to show explicitly that no_whilesR c -> (ceval c st (ceval_fun_no_while c st))
[Sun Aug 24 21:51:24 2014] <johnw> edwardk: jgross convinced me to lay off setoids, so everything I was having trouble with is no longer a trouble; he says to just axiomatize inductive vs. coinductive equality
[Sun Aug 24 21:51:40 2014] <edwardk> heh, welcome back
[Sun Aug 24 21:52:34 2014] <johnw> my beautifully short proof of surj_epi is long again, though
[Sun Aug 24 21:53:15 2014] <johnw> well, not that much longer
[Sun Aug 24 21:56:40 2014] <johnw> edwardk: so now I know how to decide which global instance is selected
[Sun Aug 24 22:04:45 2014] <hodapp> I read that as "lay off steroids".
[Sun Aug 24 22:04:49 2014] <hodapp> I should go to bed.
[Sun Aug 24 22:06:44 2014] <jgross> johnw: Just wait until you move to hProp, which is predicative.  Then your proof of surj_epi will be much, much longer. (https://github.com/HoTT/HoTT/blob/master/theories/hit/epi.v#L72, https://github.com/HoTT/HoTT/blob/master/theories/hit/epi.v#L163) 
[Sun Aug 24 22:20:08 2014] <johnw> jgross: and the benefit of that approach is what, exactly?
[Sun Aug 24 22:20:12 2014] <johnw> fewer axioms?
[Sun Aug 24 22:52:58 2014] <jgross> johnw: Fewer axioms, and better computational behavior.  Prop is broken, because Props can have multiple elements, but you can't prove it, and you can't disprove it.  (Props are also erasable, which is subtly different from being an hProp.)  I think hProp is roughly Prop + constructive_definite_description (http://coq.inria.fr/library/Coq.Logic.Description.html) + proof_irrelevance (http://coq.inria.fr/library/Coq.Logic.ProofIrrelevance.html) (
[Sun Aug 24 22:52:58 2014] <jgross> - impredicativity, but that's optional). 
[Mon Aug 25 02:26:13 2014] <Cale> jgross: Why is that "broken"? I don't care much for Prop myself, but I'm not sure I understand what would be so bad about types whose number of elements isn't determined...
[Mon Aug 25 02:27:05 2014] <Cale> Oh, you mean for use as hProps?
[Mon Aug 25 02:37:45 2014] <begriffs> I've got a vague general question about Coq. Knowing what you do about it, would you say it's useful for designing provably correct algorithms? Or is it more efficient/enjoyable to reason about algorithms with pen and paper?
[Mon Aug 25 04:34:35 2014] <johnw> begriffs: I would say it's extremely useful
[Mon Aug 25 07:14:31 2014] <jgross> Cale: Yes, I mean for use as hProps. 
[Mon Aug 25 08:04:33 2014] <roosbeef> is it possible to do induction on a list without using nil as induction base?
[Mon Aug 25 08:04:43 2014] <roosbeef> i have a lemma that is true for all cases except nil
[Mon Aug 25 08:05:01 2014] <vanila> you have to prove l <> nil -> Lemma
[Mon Aug 25 08:05:45 2014] <roosbeef> yes but how?
[Mon Aug 25 08:06:08 2014] <roosbeef> the IH will say l <> nil -> lemma
[Mon Aug 25 08:06:17 2014] <roosbeef> with (x :: l) in the goal
[Mon Aug 25 08:06:26 2014] <roosbeef> and (x :: l) <> nil in the hypotheses
[Mon Aug 25 08:06:29 2014] <vanila> so what base case do you want?
[Mon Aug 25 08:06:41 2014] <roosbeef> length l > 0
[Mon Aug 25 08:06:42 2014] <roosbeef> i guess
[Mon Aug 25 08:06:48 2014] <roosbeef> err
[Mon Aug 25 08:06:50 2014] <roosbeef> length l = 1
[Mon Aug 25 08:07:41 2014] <vanila> so maybe you could try axiomatizing this induction scheme  (forall x, P (x :: nil)) -> (forall x xs, xs <> nil -> P xs -> P (x :: xs)) -> (forall xs, xs <> nil -> P xs)
[Mon Aug 25 08:07:55 2014] <vanila> and if it helps prove your lemma, prove it
[Mon Aug 25 08:08:08 2014] <roosbeef> hm
[Mon Aug 25 08:08:16 2014] <roosbeef> i dont think i can axiomatize
[Mon Aug 25 08:08:26 2014] <roosbeef> is there a way to do it without axiomatizing?
[Mon Aug 25 08:08:43 2014] <vanila> you could go to the trouble of proving it before trying to use it to see if it helps
[Mon Aug 25 08:08:47 2014] <vanila> this is more time consuming
[Mon Aug 25 08:08:56 2014] <roosbeef> hm
[Mon Aug 25 08:09:07 2014] <roosbeef> well my results have to be solid, i cant just use axioms
[Mon Aug 25 08:09:27 2014] <roosbeef> isnt this a common issue though?
[Mon Aug 25 08:09:56 2014] <mads-> So I'm reading the sf book. I'm currently in the Basics chapter and at the exercise where I'm supposed to implement factorial. This works, but is it decent? http://pastebin.com/qmMKbVVt
[Mon Aug 25 08:10:43 2014] <vanila> roosbeef, I'm suggesting this:
[Mon Aug 25 08:10:52 2014] <vanila> (1) Declare this induction as an axiom
[Mon Aug 25 08:10:58 2014] <vanila> (2) attempt to prove your lemma with it
[Mon Aug 25 08:11:21 2014] <vanila> then If the induction scheme helped, go back and prove it so you don't have any unproved axioms left
[Mon Aug 25 08:11:36 2014] <vanila> if the induction scheme doesn't help, delete it and maybe ask more etc.
[Mon Aug 25 08:15:05 2014] <roosbeef> how do i axiomatize it?
[Mon Aug 25 08:15:31 2014] <roosbeef> as a lemma and then close with [Admitted]?
[Mon Aug 25 08:15:42 2014] <vanila> that works
[Mon Aug 25 08:16:34 2014] <roosbeef> ok im not sure about this but lets try :p
[Mon Aug 25 08:17:10 2014] <vanila> btw, what are you proving exactly? that is true for a whole list but not nil
[Mon Aug 25 08:18:31 2014] <roosbeef> i have a data type that can be conceptualized in both string and tree form
[Mon Aug 25 08:18:48 2014] <roosbeef> nil is equal to (nil :: nil) in tree form
[Mon Aug 25 08:19:01 2014] <roosbeef> so the length for nil in string form is less than the length in tree form
[Mon Aug 25 08:19:19 2014] <roosbeef> for all other strings, the length is greater than or equal
[Mon Aug 25 08:19:34 2014] <roosbeef> (which is the lemma i need)
[Mon Aug 25 08:19:51 2014] <vanila> what about proving your theorem just for strings which are the image of a tree->string function?
[Mon Aug 25 08:20:09 2014] <roosbeef> how would that work?
[Mon Aug 25 08:20:36 2014] <vanila> forall t, P (t_to_s t)
[Mon Aug 25 08:20:43 2014] <vanila> then you can use t's induction scheme
[Mon Aug 25 08:21:04 2014] <roosbeef> no that would be horrible :p
[Mon Aug 25 08:21:11 2014] <roosbeef> because the image function is huge
[Mon Aug 25 08:22:17 2014] <roosbeef> also the theorem im working on atm is to prove the image function followed by its inverse function maps reflexively
[Mon Aug 25 08:22:35 2014] <vanila> interesting
[Mon Aug 25 08:22:48 2014] <roosbeef> (just to prove that the function is working correctly)
[Mon Aug 25 08:25:20 2014] <hodapp> mads-: Err, so what is your question?
[Mon Aug 25 08:29:53 2014] <mads-> hodapp: I am pretty new to coq. Is that also the way you would define factorial?
[Mon Aug 25 08:31:57 2014] <roosbeef> ok well thanks anyway vanila :) im going to think about this
[Mon Aug 25 08:32:19 2014] <vanila> okay good luck if you just paste your whole code i could look at it too
[Mon Aug 25 08:33:24 2014] <roosbeef> nah dont worry about it
[Mon Aug 25 08:33:31 2014] <roosbeef> maybe for a bigger issue
[Mon Aug 25 08:33:45 2014] <roosbeef> it wouldnt be worth the effort of installing all the libs required
[Mon Aug 25 08:34:15 2014] <vanila> oh I forgot you use CoLoR or such
[Mon Aug 25 08:34:40 2014] <roosbeef> yea and Cantor
[Mon Aug 25 09:11:04 2014] <hodapp> mads-: I think it'd end up similar for me, yes.
[Mon Aug 25 09:11:14 2014] <hodapp> mads-: what led you to SF anyway?
[Mon Aug 25 09:16:44 2014] <keep_learning> Hello everyone
[Mon Aug 25 09:16:57 2014] <keep_learning> I am trying to compile the code http://lpaste.net/109975
[Mon Aug 25 09:17:03 2014] <keep_learning> but I am getting some error
[Mon Aug 25 09:17:17 2014] <keep_learning> File "./Induction.v", line 359, characters 14-60: Syntax Error: Lexer: Unterminated string
[Mon Aug 25 09:17:47 2014] <keep_learning> Could some one please tell me what is wrong with code.
[Mon Aug 25 09:24:21 2014] <keep_learning> Some one please.
[Mon Aug 25 09:24:33 2014] <ijp> the warnings seem to be caused by the " at the end of the commented out minus_diag theorem
[Mon Aug 25 09:25:07 2014] <ijp> not sure why coq should care about it
[Mon Aug 25 09:27:05 2014] <keep_learning> ijp: I have removed that part and now it's compiled
[Mon Aug 25 09:27:14 2014] <keep_learning> but it was comment
[Mon Aug 25 09:27:22 2014] <keep_learning> ijp: Thank you!
[Mon Aug 25 09:43:58 2014] <mads-> hodapp: It's linked from my course homepage. I'm starting the course tomorrow. Seems quite exciting
[Mon Aug 25 09:47:09 2014] <hodapp> oh, a course uses this?
[Mon Aug 25 09:47:37 2014] <vanila> cool mads- good luck :)
[Mon Aug 25 09:48:14 2014] <mads-> yeah, it's called introduction to functional programming.
[Mon Aug 25 09:48:34 2014] <mads-> So I guess it's a mix of learning functional programming and proofing the properties
[Mon Aug 25 09:51:25 2014] <hodapp> I need to start a CS degree or something... I'm reading all these papers and textbooks anyhow.
[Mon Aug 25 09:52:24 2014] <mads-> hodapp: any exciting papers on functional programming or similar?
[Mon Aug 25 09:52:36 2014] <mads-> just going to be back later. going home now :)
[Mon Aug 25 09:52:41 2014] <hodapp> mads-: I'll go dig around later and send any that I've liked your way :)
[Mon Aug 25 09:52:49 2014] <hodapp> mads-: just idle around here so I can find you
[Mon Aug 25 11:27:36 2014] <mads-_> hodapp: I am on a irssi screen, so I will be here all day :)
[Mon Aug 25 11:34:39 2014] <chirpsalot> mads-: whaaaat? What course / university / college / whatever you call it wherever you are?
[Mon Aug 25 11:38:04 2014] <chirpsalot> mads-: also that is one fine factorial function y'alls got there ;).  If I wasn't using the SF defined naturals, and using the Coq built ins instead, then I would probably use "1" rather than "S 0", but maybe that's just me.
[Mon Aug 25 11:38:14 2014] <chirpsalot> * is also new to Coq.
[Mon Aug 25 11:40:33 2014] <chirpsalot> mads-: oh, you did mention what the course was -- guess I am daft. Is it just Coq on the syllabus? We have a similar course here "non-procedural programming languages". It generally introduces 2 languages... Common lisp and prolog :|. Sometimes it's Scheme (Racket) and Haskell, but that prof is sadly retiring.
[Mon Aug 25 11:42:16 2014] <ianjneu> chirpsalot: sounds pretty dire.
[Mon Aug 25 11:46:43 2014] <chirpsalot> ianjneu: yeah... I really wish Common Lisp was just replaced with Racket. They try to cripple CL to a "functional" subset and it just doesn't suit it.
[Mon Aug 25 11:47:35 2014] <chirpsalot> I didn't mind Prolog, though. It's kind of cute for "pfff, this problem is NP hard anyway" things.
[Mon Aug 25 11:48:13 2014] <ianjneu> Serious prolog users use it in a very non-logical way anyway. Cut everywhere.
[Mon Aug 25 11:48:19 2014] <chirpsalot> I would _love_ it if we had a course that did Coq.
[Mon Aug 25 11:48:29 2014] <chirpsalot> I did not like cut D:.
[Mon Aug 25 11:48:53 2014] <chirpsalot> I did like that Prolog had pattern matching, though. I missed that so much when writing crippled common lisp.
[Mon Aug 25 11:49:12 2014] <ianjneu> PL is a discipline, not a zoo. Too many colleges don't know that.
[Mon Aug 25 11:49:30 2014] <ianjneu> Racket's match is pretty great.
[Mon Aug 25 11:50:10 2014] <chirpsalot> Common lisp has some pattern matching stuff as well, but we weren't allowed to use it. They literally gave us a list of like 15 functions that we were allowed to use.
[Mon Aug 25 11:50:16 2014] <ianjneu> I have a PR adding named struct fields so you don't have to specify patterns positionally anymore.
[Mon Aug 25 11:50:29 2014] <chirpsalot> PR?
[Mon Aug 25 11:50:34 2014] <ianjneu> pull-request
[Mon Aug 25 11:50:45 2014] <chirpsalot> For Racket?
[Mon Aug 25 11:50:47 2014] <ianjneu> Racket is alive and inviting :)
[Mon Aug 25 11:50:52 2014] <chirpsalot> Cool!
[Mon Aug 25 11:51:22 2014] <chirpsalot> Racket, from what I have seen, is SOOOOOOO much better than Common Lisp. Common Lisp is like trying to program with a museum.
[Mon Aug 25 11:51:50 2014] <ianjneu> CL has its strengths too.
[Mon Aug 25 11:52:01 2014] <ianjneu> CLOS is mighty fine.
[Mon Aug 25 11:52:05 2014] <chirpsalot> Absolutely.
[Mon Aug 25 11:52:14 2014] <chirpsalot> But it's also got a lot of old warts that show.
[Mon Aug 25 11:52:46 2014] <ianjneu> Ya, conflating 0, empty list and false is a sign of dementia.
[Mon Aug 25 11:52:59 2014] <chirpsalot> Like all of the namespace weirdness, and how all symbols are sort of capitalized...?
[Mon Aug 25 11:53:10 2014] <chirpsalot> Very weird.
[Mon Aug 25 11:53:17 2014] <ianjneu> naming things is hard.
[Mon Aug 25 11:53:22 2014] <chirpsalot> Yeah.
[Mon Aug 25 11:53:25 2014] <ianjneu> brb
[Mon Aug 25 11:54:12 2014] <chirpsalot> I mean, it's got a lot of stuff for backwards compatibility from ages ago. It's very strange to have a language that uses its own style of format strings as opposed to just using the C-style ones ;).
[Mon Aug 25 11:55:23 2014] <chirpsalot> Racket just seems more lambda calculusy, and clean.
[Mon Aug 25 12:03:52 2014] <ianjneu> Racket isn't Scheme because it moved away from the timid minimalism that kept Schemes more like calculi than usable tools.
[Mon Aug 25 12:05:53 2014] <hodapp> huh, never used Racket myself.
[Mon Aug 25 12:09:07 2014] <ianjneu> hodapp: It's not as generic as Clojure, but its syntax system, rigorous documentation and vibrant community are top notch.
[Mon Aug 25 12:09:27 2014] <hodapp> not as generic?
[Mon Aug 25 12:09:55 2014] <ianjneu> hodapp: in terms of generic functions. It still has a very Schemey monomorphic programming feel to it.
[Mon Aug 25 12:10:25 2014] <ianjneu> You write vector-ref, list-ref, struct-ref, etc instead of just ref and depend on dispatch.
[Mon Aug 25 12:11:30 2014] <ianjneu> Generics were recently added (in the past year or so), so they're not as pervasive in APIs as some people might expect.
[Mon Aug 25 12:11:35 2014] <ijp> strictly, only standard scheme is timid and minimalistic
[Mon Aug 25 12:11:48 2014] <ijp> the rest is a mine field of unportability
[Mon Aug 25 15:57:10 2014] <johnw> chirpsalot: lol
[Mon Aug 25 15:57:25 2014] <johnw> "trying to program with a museum" -- awesome
[Mon Aug 25 16:22:26 2014] <chirpsalot> johnw: I keep saying that and nobody has recognized my wit :P.
[Mon Aug 25 16:24:24 2014] <johnw> it is now recognized; and as a former CLer, even appreciated
[Mon Aug 25 16:25:46 2014] <chirpsalot> johnw: maybe that's the problem -- most people haven't used Common Lisp so they don't get it :P
[Mon Aug 25 20:40:58 2014] <hodapp> hrmph, stuck on the same problem, and in a situation where I sort of need to destruct on two... related things
[Mon Aug 25 20:42:15 2014] <hodapp> it's basically a boolean, but it's there as a bexp
[Mon Aug 25 20:42:25 2014] <vanila> can i see the code?
[Mon Aug 25 20:42:36 2014] <vanila> maybe i can help
[Mon Aug 25 20:42:51 2014] <hodapp> first off, this is for Imp.v in SF
[Mon Aug 25 20:43:24 2014] <vanila> ah  think i broke my ability to load SF by getting the head version of coq
[Mon Aug 25 20:43:29 2014] <hodapp> http://lpaste.net/110017
[Mon Aug 25 20:43:42 2014] <vanila> Error: The constructor nil (in type list) expects 1 argument.
[Mon Aug 25 20:43:44 2014] <vanila> frustrating
[Mon Aug 25 20:43:47 2014] <johnw>  is this the same problem you were stuck on before?
[Mon Aug 25 20:43:56 2014] <vanila> yeah sorry johnw I forgot the fix :(
[Mon Aug 25 20:44:00 2014] <hodapp> johnw: yes, sadly.
[Mon Aug 25 20:44:00 2014] <vanila> before i managed to apply it
[Mon Aug 25 20:44:09 2014] <vanila> oh you didnt mean me
[Mon Aug 25 20:44:23 2014] <johnw> did you try inversion on H, instead of induction?
[Mon Aug 25 20:44:59 2014] <hodapp> yes; not sure where it's supposed to get me that is different
[Mon Aug 25 20:45:04 2014] <johnw> let me try proving this
[Mon Aug 25 20:47:32 2014] <vanila> im gettingt the latest  head
[Mon Aug 25 20:47:40 2014] <vanila> hopefully they unbroke using any other code
[Mon Aug 25 20:50:01 2014] <gdsfh> hello.  Is it provable at all? : Goal forall (A:Type) (B:A=A) v, match B in (_=y) return y with eq_refl => v end = v.
[Mon Aug 25 20:50:47 2014] <vanila> gdsfh, no
[Mon Aug 25 20:51:08 2014] <gdsfh> why?
[Mon Aug 25 20:51:24 2014] <vanila> Coq isn't capable of dealing with proper dependent type pattern matching
[Mon Aug 25 20:52:08 2014] <vanila> you need 'uniqueness of identity proofs' for that, which your goal also requres to prove
[Mon Aug 25 20:56:02 2014] <hodapp> * . o O ( proper dependent type pattern matching? )
[Mon Aug 25 20:57:40 2014] <gdsfh> in this pattern matching B can be only eq_refl, so the whole construction can be simplified (if one applies usual logic of evaluation).  What happens here really?
[Mon Aug 25 20:58:31 2014] <vanila> gdsfh, the thing is you can't do pattern matching on a dependent type data structure like that in Coq
[Mon Aug 25 20:58:48 2014] <vanila> this would require an extra axiom which we don't have
[Mon Aug 25 21:04:25 2014] <vanila> hodapp: I'd need your definitions and stuff if I were to give any input but I'd get if you don't want to post it
[Mon Aug 25 21:04:59 2014] <gdsfh> vanila: strange, other dependent pattern matchings work ok, this one fails.  I'm going to ask this question in coq-club, so maybe people who exactly know metatheory behind "match" will enlighten me.  Thanks for answer.
[Mon Aug 25 21:05:14 2014] <vanila> gdsfh, you could also ask me
[Mon Aug 25 21:06:37 2014] <johnw> hodapp: for you to finish: https://gist.github.com/6288fe57fc6799a7194e
[Mon Aug 25 21:06:49 2014] <johnw> but that shoudl point you in the right direction
[Mon Aug 25 21:06:52 2014] <johnw> the rest should be mechanical
[Mon Aug 25 21:07:57 2014] <johnw> gdsfh: are you using match with 'return'?
[Mon Aug 25 21:08:12 2014] <hodapp> vanila: this is pretty much just Imp.v
[Mon Aug 25 21:08:31 2014] <johnw> ah, you are
[Mon Aug 25 21:08:34 2014] <vanila> hodapp, I'd have to add my own definitions to Imp.v
[Mon Aug 25 21:08:42 2014] <johnw> hodapp: ^^
[Mon Aug 25 21:08:43 2014] <vanila> they may not be the same as yours
[Mon Aug 25 21:08:43 2014] <gdsfh> vanila: I'll do so.  Why this pattern matching (or data type) is so special so it can't be simplified, also why "destruct B" doesn't work here?
[Mon Aug 25 21:09:33 2014] <gdsfh> johnw: there exists "return" in my match, but not by my will.
[Mon Aug 25 21:10:59 2014] <johnw> vanila: why do you say that Coq can't do proper dependent type pattern matching?
[Mon Aug 25 21:11:18 2014] <vanila> johnw, the lack of proof irrelevance
[Mon Aug 25 21:11:24 2014] <johnw> axiomatize it
[Mon Aug 25 21:11:29 2014] <vanila> that is not computational
[Mon Aug 25 21:11:58 2014] <johnw> so you're saying we need higher inductive types to do this without axioms?
[Mon Aug 25 21:12:10 2014] <vanila> gdsfh, so you have a dependent typed family (eq or "=") with a dependency between the indices - to do case analysis or destruct you need to apply the eliminator for the data type meaning that you need to create a lambda that generalizes out that particular index
[Mon Aug 25 21:12:22 2014] <vanila> gdsfh, but it's impossible to do this because the lambda abstraction cannot be made in a well typed way
[Mon Aug 25 21:12:56 2014] <vanila> you need an axiom like proof irrelevance or equivalently uniqueness of identity proofs (which is much closer to your situation)
[Mon Aug 25 21:13:09 2014] <vanila> a workaround would be if you had decidable equality on A
[Mon Aug 25 21:13:21 2014] <vanila> but that doesn't let you prove *this* goal, just a similar weaker one
[Mon Aug 25 21:14:02 2014] <vanila> johnw, we need computational proof irrelevance to properly eliminate dependent pattern matching
[Mon Aug 25 21:14:18 2014] <johnw> let's just posit computational irrelevance and be done with it :)
[Mon Aug 25 21:14:59 2014] <vanila> ir's not possible to fix this by adding axioms to the theory, because then nothing we have will beta reduce when used inside types
[Mon Aug 25 21:36:48 2014] <gdsfh> vanila: seems like I understood it, thank you.
[Mon Aug 25 21:42:52 2014] <hodapp> * stares blankly
[Mon Aug 25 21:43:17 2014] <johnw> hodapp: did what I paste you help?
[Tue Aug 26 03:48:52 2014] <osa1> can anyone help me prove this http://lpaste.net/110034 ?
[Tue Aug 26 03:57:58 2014] <jrw> osa1: what have you tried?
[Tue Aug 26 03:59:08 2014] <jrw> btw, did you finish the other theorem? about min?
[Tue Aug 26 03:59:44 2014] <osa1> jrw: yeah I finished it
[Tue Aug 26 03:59:48 2014] <jrw> cool.
[Tue Aug 26 04:00:15 2014] <osa1> jrw: I tried induction on n and l but I don't think it's possible to move from inductive case to general case.
[Tue Aug 26 04:00:38 2014] <jrw> osa1: right, straight induction won't work here. what am I going to say next? :p
[Tue Aug 26 04:01:00 2014] <osa1> invariants? :)
[Tue Aug 26 04:02:20 2014] <jrw> yeah, something like that
[Tue Aug 26 04:02:30 2014] <jrw> I was thinking "generalizing the inductive hypothesis"
[Tue Aug 26 04:03:08 2014] <osa1> hm. I think I'm using it in most general form but I'm not sure. let me make sure that's the case.
[Tue Aug 26 04:03:40 2014] <osa1> so if I just start with "induction n" without doing any intros first I guess that'll give me most general form, right?
[Tue Aug 26 04:04:07 2014] <jrw> yeah, but that's not really what I mean
[Tue Aug 26 04:04:17 2014] <jrw> thought that is also generalizing
[Tue Aug 26 04:04:21 2014] <jrw> I mean even more general
[Tue Aug 26 04:04:29 2014] <jrw> you need to fundamentally strengthen the theorem to prove it
[Tue Aug 26 04:07:19 2014] <osa1> how to "strengthen" a theorem?
[Tue Aug 26 04:08:02 2014] <jrw> hm, maybe it's best to just see what I mean in this case
[Tue Aug 26 04:08:10 2014] <jrw> eventually you'll see the pattern I'm getting at
[Tue Aug 26 04:08:34 2014] <jrw> so in this case, how would you describe the behavior of rev_at_aux in general? what does it do?
[Tue Aug 26 04:08:42 2014] <jrw> at a very high level.
[Tue Aug 26 04:09:56 2014] <osa1> I'd say it reverses the list at index n -- meaning that first n elements stay same, rest is reversed.
[Tue Aug 26 04:10:00 2014] <johnw> yay
[Tue Aug 26 04:10:11 2014] <jrw> exactly
[Tue Aug 26 04:10:14 2014] <jrw> I think we should prove that
[Tue Aug 26 04:10:15 2014] <johnw> work is done, time to play.  software foundations here I come...
[Tue Aug 26 04:10:25 2014] <jrw> and then we'll prove your lemma follows from that.
[Tue Aug 26 04:11:31 2014] <osa1> hm. do we have drop, take, splitAt etc. in stdlib to express this idea?
[Tue Aug 26 04:11:43 2014] <jrw> osa1: yeah, look at firstn and skipn
[Tue Aug 26 04:13:58 2014] <osa1> so this is my goal [ rev_at_aux n l = firstn n l ++ rev (skipn n l) ]
[Tue Aug 26 04:14:12 2014] <jrw> looks great.
[Tue Aug 26 04:14:19 2014] <johnw> that should be fairly straightforward by induction on l
[Tue Aug 26 04:16:02 2014] <osa1> yeah it was straightforward.
[Tue Aug 26 04:16:08 2014] <jrw> nice.
[Tue Aug 26 04:16:26 2014] <jrw> okay, now fiddle with your actual goal and see what you see.
[Tue Aug 26 04:16:32 2014] <osa1> okay
[Tue Aug 26 04:16:38 2014] <jrw> (you shouldn't need induction, but you'll need more lemmas.)
[Tue Aug 26 04:16:58 2014] <jrw> (and of course those lemmas might be proved by induction)
[Tue Aug 26 04:22:27 2014] <osa1> I think I need something like this: [n < length l -> head (skipn n l) = nth n l 0].
[Tue Aug 26 04:22:34 2014] <jrw> yep
[Tue Aug 26 04:22:39 2014] <osa1> or maybe [skipn n l = h :: t -> nth n l 0 = h]
[Tue Aug 26 04:22:53 2014] <jrw> right, I like the second one.
[Tue Aug 26 04:34:08 2014] <jrw> osa1: done yet? :p
[Tue Aug 26 04:35:12 2014] <osa1> jrw: almost. just a little lemma left
[Tue Aug 26 04:35:22 2014] <jrw> nice.
[Tue Aug 26 04:35:31 2014] <osa1> it's very simple one but just not in stdlib or I can't find it
[Tue Aug 26 04:36:02 2014] <osa1> [H0 : (x :: x0) ++ rev (firstn n l) = h :: t] I'm trying to derive [x = h] and then I'm done.
[Tue Aug 26 04:37:45 2014] <osa1> yay
[Tue Aug 26 04:38:16 2014] <osa1> oh I left another lemma as admitted..
[Tue Aug 26 04:38:58 2014] <jrw> hehe
[Tue Aug 26 04:39:32 2014] <jrw> I assume you figured out that [inversion] does what you want in that previous case.
[Tue Aug 26 04:40:13 2014] <osa1> jrw: http://lpaste.net/110035
[Tue Aug 26 04:40:16 2014] <osa1> jrw: yeah
[Tue Aug 26 04:41:08 2014] <jrw> osa1: looks all done? nice!
[Tue Aug 26 04:41:25 2014] <johnw> nicely done
[Tue Aug 26 04:41:30 2014] <osa1> thanks! :)
[Tue Aug 26 04:41:56 2014] <johnw> are you interested at this point in learning to write shorter proofs?
[Tue Aug 26 04:42:01 2014] <jrw> here's my version: http://lpaste.net/110036
[Tue Aug 26 04:42:04 2014] <osa1> johnw: of course!
[Tue Aug 26 04:42:20 2014] <johnw> yeah, like jrw's :)
[Tue Aug 26 04:43:10 2014] <johnw> jrw is using some tricks I haven't learned yet
[Tue Aug 26 04:43:20 2014] <osa1> [destruct _ eqn:?] <- this generates a fresh name for equality?
[Tue Aug 26 04:43:25 2014] <jrw> haha, some pretty ugly tricks.
[Tue Aug 26 04:43:27 2014] <jrw> osa1: yeah
[Tue Aug 26 04:43:31 2014] <johnw> the ? lets Coq pick the name
[Tue Aug 26 04:43:40 2014] <osa1> cool
[Tue Aug 26 04:44:12 2014] <jrw> johnw: what in particular hadn't you seen?
[Tue Aug 26 04:44:25 2014] <johnw> eauto with *
[Tue Aug 26 04:44:29 2014] <johnw> what does the * mean there?
[Tue Aug 26 04:44:40 2014] <jrw> wildcard
[Tue Aug 26 04:44:43 2014] <jrw> means all hint dbs
[Tue Aug 26 04:44:46 2014] <johnw> ahh
[Tue Aug 26 04:44:55 2014] <jrw> in this case, could be replaced by 'arith'
[Tue Aug 26 04:45:00 2014] <johnw> also, I'd never used eqn:?, although I could figure out what it mean
[Tue Aug 26 04:45:01 2014] <jrw> because that's what I'm intending to use.
[Tue Aug 26 04:45:13 2014] <jrw> but '*' is shorter :p
[Tue Aug 26 04:45:14 2014] <johnw> other than that, I've used everything else
[Tue Aug 26 04:45:34 2014] <jrw> cool.
[Tue Aug 26 04:46:01 2014] <johnw> oh, I hadn't used congruence before
[Tue Aug 26 04:47:49 2014] <jrw> congruence is great. I don't have great intuition for its limitations, but it can prove a lot of things about equalities.
[Tue Aug 26 04:48:03 2014] <johnw> nice, that was a great thing to add to my toolbox today
[Tue Aug 26 04:48:08 2014] <johnw> i've been wanting something like that
[Tue Aug 26 04:48:14 2014] <johnw> instead of doing a whole bunch of mechanical rewrites
[Tue Aug 26 04:50:11 2014] <jrw> one thing it's not good at is leveraging extra lemmas.
[Tue Aug 26 04:50:12 2014] <osa1> eauto with * looks great. I'll try to simplify my proofs a bit using it. I have a 507 lines long file full of proofs, I'll go over it step by step and try to replace things with auto/eauto with * or congruence.
[Tue Aug 26 04:50:28 2014] <osa1> two tactics that I haven't used yet: congruence and intuition.
[Tue Aug 26 04:51:08 2014] <jrw> osa1: one trick with eauto and auto (and there 'with *' variants) is to say info_eauto and info_auto instead
[Tue Aug 26 04:51:14 2014] <jrw> which prints a trace of simpler tactics
[Tue Aug 26 04:51:23 2014] <jrw> that are equivalent to its action
[Tue Aug 26 04:51:40 2014] <jrw> this can help you learn what eauto (especially 'with *') is doing under the hood
[Tue Aug 26 04:51:42 2014] <johnw> i've used intuition a lot
[Tue Aug 26 04:51:47 2014] <jrw> for example, what lemmas it used.
[Tue Aug 26 04:52:15 2014] <johnw> basically, if looking at all the logical statements in your goal and context make the goal inferrable, intuition will go through all the hoops necessary
[Tue Aug 26 05:34:07 2014] <johnw> without using functional extensionality, if my goal is forall x : X, (fun x' : X => y) = (fun x' : X => y'), is there a way to collapse that down to y = y'?
[Tue Aug 26 05:48:36 2014] <Saizan> yeah
[Tue Aug 26 05:49:23 2014] <johnw> hint?
[Tue Aug 26 05:50:20 2014] <Saizan> well, i don't know how you do it in Coq, but it should be from the functoriality of \y -> fun x' : X => y
[Tue Aug 26 05:50:43 2014] <Saizan> (hott's sense functoriality)
[Tue Aug 26 07:30:10 2014] <mads-> I just started the induction chapter of sf, it tells me to Require Exports Basics. Where do I need to place Basics.vo for that to work?
[Tue Aug 26 08:09:39 2014] <hodapp> * tries to comprehend proof irrelevance...
[Tue Aug 26 09:03:27 2014] <alkabetz> mads-: In the same directory as whatever else you’re doing.
[Tue Aug 26 10:14:49 2014] <mads-> alkabetz: thanks.
[Tue Aug 26 10:15:41 2014] <alkabetz> You’re welcome. :)
[Tue Aug 26 10:34:04 2014] <osa1> what's this tactic called and how is it working: [ tactic1 | tactic2 | tactic3 ] ?
[Tue Aug 26 10:34:42 2014] <ezyang> foo; [ tactic1 | tactic2 | tactic3 ] says
[Tue Aug 26 10:34:52 2014] <ezyang> foo generates three subgoals, solve the first one with tactic1, second one with tactic2, etc
[Tue Aug 26 10:38:02 2014] <osa1> thanks. any name given to this tactic/syntax? (just in case I want to search it in documentation)
[Tue Aug 26 10:38:33 2014] <ezyang> http://coq.inria.fr/refman/Reference-Manual011.html#hevea_tactic178
[Tue Aug 26 10:39:03 2014] <ezyang> (I found it by looking at the tactic index)
[Tue Aug 26 11:14:58 2014] <osa1> wat "coqc: --dump-glob: no such file or directory"
[Tue Aug 26 13:57:50 2014] <osa1> what is lia?
[Tue Aug 26 14:00:55 2014] <napping> linear integer arithmetic
[Tue Aug 26 14:52:38 2014] <osa1> why ->, |- etc. in my coqdoc generated html files are not pretty-printed using unicode chars?
[Tue Aug 26 15:08:41 2014] <osa1> any ideas?
[Tue Aug 26 15:09:00 2014] <osa1> I'm not disabling pretty printing and according to the documentation it should pretty print by default
[Tue Aug 26 16:08:28 2014] <gratatatata> whats a good setup for coq + vim?
[Tue Aug 26 16:11:13 2014] <johnw> osa1: it's the ; tactical
[Tue Aug 26 16:12:21 2014] <osa1> gratatatata: there's an awesome plugin at vim.org.
[Tue Aug 26 16:13:10 2014] <osa1> gratatatata: there are only two problems with it that I could find. 1) it has hard-coded colors so you need to change them by editing the source 2) you can't use some CoqIDE features but I don't remember what features
[Tue Aug 26 16:14:13 2014] <osa1> gratatatata: I'm using it for very long time now and it's great. when you have to use that features you can switch to CoqIDE temporarily.
[Tue Aug 26 16:15:00 2014] <osa1> gratatatata: there's also this https://github.com/the-lambda-church/coquille . this is more actively developed but last time I tried I didn't like it for several reasons
[Tue Aug 26 16:15:20 2014] <gratatatata> ah ok
[Tue Aug 26 16:15:21 2014] <gratatatata> thanks
[Tue Aug 26 16:16:06 2014] <osa1> do we have a chat bot in #coq to save some answers for FAQs and make it answer with a command?
[Tue Aug 26 16:39:04 2014] <johnw> jgross_: latest Coq HEAD is failing to build for me now; I get: codesign: command not found; does that ring any bells?
[Tue Aug 26 16:42:18 2014] <gratatatata> has anybody here used coquille + vim on windows?
[Tue Aug 26 16:44:53 2014] <gratatatata> what is the next leetest thing after coq?
[Tue Aug 26 16:45:49 2014] <johnw> coq + homotopy type theory? :)
[Tue Aug 26 16:46:14 2014] <gratatatata> oh
[Tue Aug 26 16:46:25 2014] <gratatatata> i tried reading that book
[Tue Aug 26 16:46:38 2014] <johnw> that's how leet it is; people try, and then they try again
[Tue Aug 26 16:47:00 2014] <johnw> mathematical hipsterism: I only know theoris I can't possibly explain
[Tue Aug 26 16:47:26 2014] <vanila> lol
[Tue Aug 26 16:47:52 2014] <vanila> alternatively: Reading stuff like Euler and Gauss (original texts)
[Tue Aug 26 16:48:46 2014] <gratatatata> anybody use this coquille thing on windows?
[Tue Aug 26 16:49:33 2014] <napping> I've got (@eq A a b), (forall (a : A) (x y : P a), x = y), and p : P a, q : P b. Can I prove exists P a p = exists P b q?
[Tue Aug 26 16:49:51 2014] <johnw> try f_equal
[Tue Aug 26 16:50:26 2014] <napping> It fails, can't unify (exists P a) with (exsits P b)
[Tue Aug 26 16:50:45 2014] <Hodapp> johnw: http://www.smbc-comics.com/?id=3278#comic
[Tue Aug 26 16:50:50 2014] <jgross_> johnw: https://github.com/coq/coq/commit/9b0dbb30d653bf35145e1e77f0fecfc9d79aa81d.  Do you have $ARCH=Darwin? 
[Tue Aug 26 16:51:28 2014] <johnw> I am on Darwin, building under Nix
[Tue Aug 26 16:52:21 2014] <johnw> is it strictly necessary to codesign?
[Tue Aug 26 16:52:59 2014] <gratatatata> omg nix
[Tue Aug 26 16:53:05 2014] <jgross_> Pierre Boutillier thinks you're on Mac OS and your binaries should be signed.  Does this give you enough information to fill out the apropriate bug report?  (If nothing else, you could submit one that says "the makefile should fallback gracefully in the absence of codesign") 
[Tue Aug 26 16:53:13 2014] <gratatatata> never again
[Tue Aug 26 16:53:14 2014] <gratatatata> lol
[Tue Aug 26 16:53:38 2014] <johnw> jgross_: will do
[Tue Aug 26 16:55:34 2014] <vanila> napping, subst to use a=b then rewrite the x=y and reflexivity? if not can you paste an actual goal to look at in coq
[Tue Aug 26 16:56:14 2014] <johnw> jgross_: https://coq.inria.fr/bugs/show_bug.cgi?id=3548
[Tue Aug 26 16:56:44 2014] <gratatatata> Nobody here uses coquille?
[Tue Aug 26 16:56:50 2014] <napping> Lemma exist_eq {A} (P : A -> Prop) (P_single : forall a (x y : P a), x = y) : forall (a b : sig P), proj1_sig a = proj1_sig b -> a = b.
[Tue Aug 26 16:56:50 2014] <Hodapp> * <- Emacs
[Tue Aug 26 16:57:17 2014] <napping> huh, subst uses the a=b while rewrite fails
[Tue Aug 26 16:57:45 2014] <vanila> ok i thought you meant something totally differnet sorry
[Tue Aug 26 16:57:51 2014] <vanila> misunderstood
[Tue Aug 26 16:58:10 2014] <vanila> you wont' be able to prove this theorem
[Tue Aug 26 16:58:19 2014] <vanila> it requires proof irrelevance
[Tue Aug 26 16:58:38 2014] <vanila> ah
[Tue Aug 26 16:58:40 2014] <vanila> sorry im wrong :)
[Tue Aug 26 16:58:50 2014] <johnw> I had a feeling it needed proof irrelevance
[Tue Aug 26 16:58:57 2014] <vanila> http://lpaste.net/110083
[Tue Aug 26 16:59:15 2014] <vanila> P_single saved us here
[Tue Aug 26 17:14:26 2014] <gratatatata> ahaha.. trying to use the CoqIDE on windows... its soooo bad
[Tue Aug 26 17:40:34 2014] <chirpsalot> gratatatata: have you tried ProofGeneral yet?
[Tue Aug 26 18:40:21 2014] <napping> Are the types of constructors normalized?
[Tue Aug 26 21:53:12 2014] <TallerGhostWalt> /msg tolt File Edit Options Buffers Tools Help
[Tue Aug 26 21:53:13 2014] <TallerGhostWalt> # Sample Keter config file. Would generally be placed at /opt/keter/etc/keter-config.yaml.
[Tue Aug 26 21:53:15 2014] <TallerGhostWalt>  
[Tue Aug 26 21:53:18 2014] <TallerGhostWalt> # Directory containing incoming folder, where to store logs, etc. Relative to
[Tue Aug 26 21:53:19 2014] <TallerGhostWalt> # the config file directory.
[Tue Aug 26 21:53:22 2014] <TallerGhostWalt> root: ../keter
[Tue Aug 26 21:53:25 2014] <TallerGhostWalt>  
[Tue Aug 26 21:53:28 2014] <TallerGhostWalt> # Keter can listen on multiple ports for incoming connections. These ports can
[Tue Aug 26 21:53:31 2014] <TallerGhostWalt> # have HTTPS either enabled or disabled.
[Tue Aug 26 21:53:35 2014] <TallerGhostWalt> listeners:
[Tue Aug 26 21:53:38 2014] <TallerGhostWalt>     # HTTP
[Tue Aug 26 21:53:41 2014] <TallerGhostWalt>     # - host: "*4" # Listen on all IPv4 hosts
[Tue Aug 26 21:53:44 2014] <TallerGhostWalt>     #   port: 80 # Could be used to modify port
[Tue Aug 26 21:53:47 2014] <TallerGhostWalt>     # HTTPS
[Tue Aug 26 21:53:51 2014] <TallerGhostWalt>     - host: "*4"
[Tue Aug 26 21:53:52 2014] <TallerGhostWalt>       port: 443
[Tue Aug 26 21:53:55 2014] <TallerGhostWalt>       key: aacs-us.com.key
[Tue Aug 26 21:53:58 2014] <TallerGhostWalt>       certificate: aacs-us.com.csr
[Tue Aug 26 21:54:01 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:05 2014] <TallerGhostWalt> # User to run applications as
[Tue Aug 26 21:54:08 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:08 2014] <MP2E> -.-
[Tue Aug 26 21:54:11 2014] <TallerGhostWalt> # setuid: scott
[Tue Aug 26 21:54:14 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:18 2014] <TallerGhostWalt> # Get the user's IP address from x-forwarded-for. Useful when sitting behind a
[Tue Aug 26 21:54:21 2014] <TallerGhostWalt> # load balancer like Amazon ELB.
[Tue Aug 26 21:54:25 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:25 2014] <TallerGhostWalt> # ip-from-header: true
[Tue Aug 26 21:54:28 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:31 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:35 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:38 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:41 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:44 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:48 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:51 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:54 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:55 2014] <TallerGhostWalt>  
[Tue Aug 26 21:54:58 2014] <TallerGhostWalt>  
[Tue Aug 26 21:55:01 2014] <TallerGhostWalt>  
[Tue Aug 26 21:55:05 2014] <TallerGhostWalt>  
[Tue Aug 26 21:55:08 2014] <TallerGhostWalt>  
[Tue Aug 26 21:56:06 2014] <chirpsalot> TallerGhostWalt: I think you goofed :P
[Tue Aug 26 22:02:05 2014] <TallerGhostWalt> lol
[Tue Aug 26 22:02:09 2014] <TallerGhostWalt> yes, yes I did
[Tue Aug 26 22:06:40 2014] <Erraunt> Hi. I am in the tedious process of reading SF and I am wondering if I am doing it wrong or is it really that hard to learn Coq. This is my second or third attempt to read it and so far the most succesful but after the first couple of chapters I am still not able to prove the correctness of most of the stuff I know from maths, have no idea how does Coq check the stuff under the hood, and surely am not even close
[Tue Aug 26 22:06:42 2014] <Erraunt> to being able to prove correctness of any program (what was one of the main reasons I wanted to learn Coq). Am I doing something wrong or I am just too impatient and will never know Coq?
[Tue Aug 26 22:07:34 2014] <vanila> Erraunt, it is difficult
[Tue Aug 26 22:07:51 2014] <vanila> What mathematics do you want to formalize in Coq?
[Tue Aug 26 22:08:09 2014] <Erraunt> set theory to begin with
[Tue Aug 26 22:08:18 2014] <vanila> well there is sort of a problem with that
[Tue Aug 26 22:08:58 2014] <Erraunt> ?
[Tue Aug 26 22:09:16 2014] <vanila> Coq is based on type theory, so set theory might not "fit" well although you could axiomatize it and develop some basic theory
[Tue Aug 26 22:09:30 2014] <vanila> (because the two foundations are very different)
[Tue Aug 26 22:09:55 2014] <vanila> and secondly have you seen http://us.metamath.org/mpegif/mmset.html
[Tue Aug 26 22:10:20 2014] <vanila> it's really really time consuming and long to build up even simple parts of set theory rigiously
[Tue Aug 26 22:11:34 2014] <vanila> You might get to your goal of proving programs correct more efficiently if you study CPDT
[Tue Aug 26 22:12:09 2014] <vanila> http://adam.chlipala.net/cpdt/
[Tue Aug 26 22:12:29 2014] <vanila> the second chapter walks through proving a arithmetic to stack compiler correct
[Tue Aug 26 22:12:42 2014] <Erraunt> vanila: came across that website but did not understand what was is it about, I will read about it then.
[Tue Aug 26 22:13:08 2014] <vanila> youre welcome to ask for pointers and stuff on the book here too of course
[Tue Aug 26 22:14:33 2014] <Erraunt> vanila: ok, I will try this way then. (was already adviced to switch to CPDT at some point some time ago)
[Tue Aug 26 22:54:32 2014] <Erraunt> vanila: should I look at metamaths or read CPDT ? Thought I will fast get to know how metamaths work but it is not that easy…
[Tue Aug 26 22:54:45 2014] <Erraunt> *works
[Tue Aug 26 22:55:30 2014] <vanila> I only linked metamath to explain how much effort and time and care has to go into formalizing things is
[Tue Aug 26 22:56:07 2014] <vanila> so don't be discouraged if you find it difficult or slow, that's just the nature of this
[Tue Aug 26 22:56:29 2014] <Erraunt> vanila: isn't that what Coq is all about ?
[Wed Aug 27 00:34:33 2014] <chirpsalot> Set theory is pretty gross to begin with :(
[Wed Aug 27 00:35:28 2014] <chirpsalot> I am hoping to use Coq in my "advanced group theory course".
[Wed Aug 27 00:35:35 2014] <chirpsalot> Hopefully that will work out okay :).
[Wed Aug 27 05:49:33 2014] <osa1> what is this warning trying to warn me about? "Warning: pattern min is understood as a pattern variable"
[Wed Aug 27 05:58:37 2014] <mads-> osa1: not saying I can tell you the solution, but it might be easier if you posted your code as well.
[Wed Aug 27 06:10:15 2014] <osa1> is there an easy way to convince coq that last function here http://lpaste.net/110096 really terminates? other than introducing a timeout argument?
[Wed Aug 27 07:39:05 2014] <mads-> I am a bit surprised. I read about coq and it seemed a little dry and pretty academic. But I most admit it has been some time since I have had so much fun learning something new
[Wed Aug 27 08:15:58 2014] <osa1> mads-: the "interactive" part is really fun. "dependently typed programming" part is not so much.
[Wed Aug 27 08:31:15 2014] <Hodapp> mads-: It was similar for me, in terms of "perception of Coq" vs. "using Coq".
[Wed Aug 27 08:31:26 2014] <Hodapp> one of these days I'll get to "using Coq for something useful" :>
[Wed Aug 27 08:34:06 2014] <mads-> Hodapp: Does it have any practical usages? I mean, it's an awesome proof assistant and language. But how is its I/O and such?
[Wed Aug 27 08:35:40 2014] <Hodapp> one can extract verified code from it, for instance.
[Wed Aug 27 08:36:56 2014] <mads-> ooh, sounds nice.
[Wed Aug 27 08:37:09 2014] <mads-> Did you by the way come to think of any interesting papers? :)
[Wed Aug 27 08:44:52 2014] <ianjneu> mads-: I/O is just not logical. You can optimistically model it in a way that Haskell does at the cost of soundness in the general case. I would imagine this is why Coq has not embraced I/O, on top of the ease of punting to extracted code.
[Wed Aug 27 08:45:36 2014] <ianjneu> mads-: ACL2 doesn't really care about the platonic general case, and makes the tradeoff of "good faith" use of the theorem prover http://www-dev.ccs.neu.edu/home/pete/acl206/papers/davisb.pdf
[Wed Aug 27 08:47:21 2014] <mads-> Interesting. I will give that a look-see :)
[Wed Aug 27 08:49:13 2014] <ianjneu> mads-: see also their file I/O documentation for more details about the logical underpinnings.
[Wed Aug 27 08:50:20 2014] <mads-> How close are ACL2 and Coq related?
[Wed Aug 27 08:51:06 2014] <ianjneu> Not at all.
[Wed Aug 27 08:51:47 2014] <ianjneu> ACL2 is an untyped first-order logic that has an interaction mode of a huge ambient tactic.
[Wed Aug 27 08:55:07 2014] <ianjneu> Equality theorems are by default stored as rewrite rules for the simplifier to use until a fixed-point. It then automatically decomposes all compound data, rewrites with installed congruence rules, removes irrelevant details, generalizes according to a well-known criteria, and then infers an induction scheme that is likely to work. Induction produces new subgoals that the process starts all over again on.
[Wed Aug 27 08:56:54 2014] <ianjneu> It's really beautiful, powerful, pragmatic, and soooo much different from Coq. It has one way to introduce abstract datatypes, after which point all automation is pretty much forfeit (and the mechanism for doing so has been the primary source of soundness bugs in absolutely every release of ACL2)
[Wed Aug 27 08:57:41 2014] <ianjneu> and they're not really datatypes, but instead a collection of uninterpreted functions with a fixed collection of constraints/axioms.
[Wed Aug 27 08:58:56 2014] <ianjneu> if you can write a function that "recognizes" a value of that "type" then you've gotten something. Not a big problem since it's first-order.
[Wed Aug 27 08:59:51 2014] <ianjneu> If you've seen Adam Chlipala's crush tactic, you'll still be humbled by ACL2's "waterfall"
[Wed Aug 27 09:00:47 2014] <mads-> I just recently started with Coq - so I haven't read that much about it yet.
[Wed Aug 27 09:01:00 2014] <mads-> And also recently started on functional programming.
[Wed Aug 27 09:01:17 2014] <ianjneu> jesus, you really picked a difficult starting point.
[Wed Aug 27 09:01:58 2014] <mads-> University course.
[Wed Aug 27 09:02:08 2014] <mads-> Introduction to functional programming.
[Wed Aug 27 09:02:23 2014] <mads-> And I think most of the course is on Coq
[Wed Aug 27 09:06:01 2014] <ianjneu> mads-: way to send them running for the hills, uni.
[Wed Aug 27 09:07:10 2014] <ianjneu> I'm a mostly functional programmer. I like my ambient monad of concurrency, I/O, and mutable state.
[Wed Aug 27 09:08:17 2014] <mads-> I wish I had invested more time in functional programming before now. Seems like an exciting paradigm.
[Wed Aug 27 09:08:57 2014] <ianjneu> mads-: It definitely has its strengths, but its weaknesses are too often drowned out by bravado.
[Wed Aug 27 09:10:11 2014] <mads-> Well, lecture time. I'll catch you later :)
[Wed Aug 27 09:14:59 2014] <Hodapp> ianjneu: I'd say overall that having spent some time in the OOP camp and the FP camp (much more in the former than the latter) that the FP community does a much better job in general acknowledging the weaknesses.
[Wed Aug 27 09:40:44 2014] <Cale> Hodapp: Let's keep it that way. I've seen a lot of marketing nonsense lately.
[Wed Aug 27 09:41:06 2014] <Hodapp> My whole life is full of marketing nonsense.
[Wed Aug 27 09:41:13 2014] <Hodapp> or were you talking specifically about FP marketing nonsense?
[Wed Aug 27 09:41:36 2014] <Cale> Specifically FP-related stuff
[Wed Aug 27 09:42:09 2014] <Hodapp> Look guys, I wrote a functional programming framework in Ruby!
[Wed Aug 27 09:42:11 2014] <Hodapp> It's functional!
[Wed Aug 27 09:43:03 2014] <Cale> http://new-www.haskell.org/ -- like this thing, please no :(
[Wed Aug 27 09:43:38 2014] <Hodapp> needs more github.
[Wed Aug 27 09:43:46 2014] <Hodapp> and a cuter logo.
[Wed Aug 27 09:43:59 2014] <Cale> It's the "Features" section which bothers me
[Wed Aug 27 09:45:30 2014] <Hodapp> yeah, I wish they hadn't just taken to making this look like every other Next Big Thing marketing page.
[Wed Aug 27 09:45:31 2014] <Cale> Some of the things there are sort of true, but if you say things like that to people who don't have any context for them yet, it's easy to take them the wrong way.
[Wed Aug 27 09:45:49 2014] <Cale> and there are certainly valid interpretations of the things being said which are entirely incorrect
[Wed Aug 27 09:47:10 2014] <Cale> The blurb at the top of www.haskell.org as it exists is already buzzwordy enough.
[Wed Aug 27 10:11:07 2014] <schoppenhauer> hello. I want to declare a list of fin 19-s. It would, however, be nice, if I could just write them down as 1 :: 2 :: ...
[Wed Aug 27 10:11:32 2014] <schoppenhauer> all of them are constant. is it possible to let coq automatically check that they are sufficiently small to be converted to fin 19?
[Wed Aug 27 10:11:38 2014] <schoppenhauer> (eG smaller than 19)
[Wed Aug 27 10:13:48 2014] <vanila> yeah you can do this with reflection
[Wed Aug 27 10:14:09 2014] <schoppenhauer> vanila: -v
[Wed Aug 27 10:15:06 2014] <schoppenhauer> vanila: how?
[Wed Aug 27 10:15:20 2014] <vanila> I'll make an example give me a sec
[Wed Aug 27 10:15:27 2014] <vanila> http://coq.inria.fr/distrib/8.4beta/stdlib/Coq.Vectors.Fin.html using this?
[Wed Aug 27 10:16:22 2014] <schoppenhauer> vanila: yes
[Wed Aug 27 10:28:54 2014] <schoppenhauer> vanila: what do you mean by reflection?
[Wed Aug 27 10:30:04 2014] <schoppenhauer> vanila: do you mean Ltac macros and refinement?
[Wed Aug 27 10:35:54 2014] <schoppenhauer> meh. now he's gone.
[Wed Aug 27 10:36:12 2014] <Hodapp> he'll be back.
[Wed Aug 27 10:36:13 2014] <Hodapp> probably.
[Wed Aug 27 10:36:27 2014] <Hodapp> mads-: re: papers - have you read "Tackling the Awkward Squad" yet?
[Wed Aug 27 10:37:02 2014] <Hodapp> mads-: also, I found "Total Functional Programming" by D. A. Turner to be an interesting hypothetical one
[Wed Aug 27 10:37:40 2014] <Hodapp> mads-: "Can programming be liberated from the von Neumann style?" by John Backus
[Wed Aug 27 10:42:11 2014] <sh1ken_> Hodapp: what are those papers about? Their titles sounds interesting.
[Wed Aug 27 10:43:45 2014] <Hodapp> sh1ken_: The first one is about Haskell and how they addressed some things that are a bit ugly to solve and awkward to explain (like I/O)
[Wed Aug 27 10:45:00 2014] <Hodapp> sh1ken_: the second one examines the practical implications of avoiding Turing-completeness in some real-world things that need to exist, like operating systems.
[Wed Aug 27 10:46:21 2014] <Hodapp> third one is a fairly old paper that gives one of the early looks at functional languages ('functional' as they meant it there being more Lispy, I believe)
[Wed Aug 27 10:47:03 2014] <vanila> schoppenhauer, I might have got cut off? I pasted something a bit ago
[Wed Aug 27 10:47:34 2014] <Hodapp> vanila: your last line:
[Wed Aug 27 10:47:36 2014] <Hodapp> 09:15:27          vanila | http://coq.inria.fr/distrib/8.4beta/stdlib/Coq.Vectors.Fin.html using this?                                                │ ezyang
[Wed Aug 27 10:47:44 2014] <vanila> <vanila> http://lpaste.net/110107
[Wed Aug 27 10:47:44 2014] <vanila> <vanila> nat_to_fin should be written better but this is the idea
[Wed Aug 27 10:48:04 2014] <sh1ken_> Hodapp: Thanks. I'll check them all out.
[Wed Aug 27 10:50:30 2014] <ijp> Hodapp: functional there means APL-like
[Wed Aug 27 10:50:59 2014] <ijp> I forget how it defined lisp
[Wed Aug 27 10:51:14 2014] <schoppenhauer> vanila: hm. this was I would have to pass eq_refl every time. Which is not nice, but at least better than everything I could come up with.
[Wed Aug 27 10:51:58 2014] <vanila> you could shorten it more than this too
[Wed Aug 27 10:52:20 2014] <schoppenhauer> yes, I will try.
[Wed Aug 27 10:52:36 2014] <schoppenhauer> but at some point ... the question is whether this is more worthwile than just writing it down.
[Wed Aug 27 10:52:58 2014] <schoppenhauer> or proving a lemma that l can always be mapped to list (fin (max l))
[Wed Aug 27 10:53:01 2014] <schoppenhauer> (max l) + 1
[Wed Aug 27 10:53:21 2014] <vanila> that's a good way as well
[Wed Aug 27 10:55:17 2014] <schoppenhauer> I don't think so. But it is as it is.
[Wed Aug 27 10:55:37 2014] <sh1ken_> Hodapp: Wow, the third one is a Turing Award lecture. Must read.
[Wed Aug 27 10:56:16 2014] <Hodapp> sh1ken: Yes.
[Wed Aug 27 10:56:22 2014] <Hodapp> sh1ken: "Notation as a Tool of Thought" is another good one.
[Wed Aug 27 10:56:51 2014] <schoppenhauer> vanila: thanks!
[Wed Aug 27 10:56:56 2014] <Hodapp> sh1ken: These papers are also depressing, in that their ideas get reinvented, badly, every 5 years, and then forgotten.
[Wed Aug 27 10:58:46 2014] <sh1ken> Hodapp: That's a shame. I'll be looking into that for sure. I'm highly interested in these topics.
[Wed Aug 27 10:59:23 2014] <schoppenhauer> is there a way to write a function of some type T that checks for a condition, and if so, everything is ok, and if not, a type error is raised?
[Wed Aug 27 10:59:46 2014] <schoppenhauer> this would be something that could be used here (check whether reall everything is <19, or raise a type error)
[Wed Aug 27 11:00:29 2014] <schoppenhauer> it should be similar to vanila's paste
[Wed Aug 27 11:00:34 2014] <schoppenhauer> but I guess I don't get something.
[Wed Aug 27 11:01:43 2014] <schoppenhauer> ah, I could use the isTrue-thingy and fold it with logical and.
[Wed Aug 27 11:01:48 2014] <schoppenhauer> and assume that it is true.
[Wed Aug 27 11:01:54 2014] <schoppenhauer> (which should then be computable)
[Wed Aug 27 11:01:56 2014] <schoppenhauer> thx.
[Wed Aug 27 11:08:57 2014] <vanila> http://lpaste.net/110108
[Wed Aug 27 13:05:18 2014] <johnw> Erraunt would be interested in https://github.com/jwiegley/set-theory
[Wed Aug 27 13:06:10 2014] <johnw> chirpsalot: how is it going (with your group theory class)?
[Wed Aug 27 13:51:24 2014] <chirpsalot> johnw: hasn't started yet :).
[Wed Aug 27 13:51:54 2014] <chirpsalot> johnw: so it's going better than it will be in a few weeks, probably :P.
[Wed Aug 27 13:52:19 2014] <johnw> check out the mathcomp library too
[Wed Aug 27 13:52:47 2014] <chirpsalot> Me, or Erraunt?
[Wed Aug 27 13:53:00 2014] <johnw> you
[Wed Aug 27 13:53:15 2014] <johnw> ssreflect and mathcomp contain a lot of tools to make math developments easier
[Wed Aug 27 13:53:51 2014] <chirpsalot> Ah okay, will do. Thanks :).
[Wed Aug 27 13:54:08 2014] <chirpsalot> I'm still working through the SF book at the moment -- I believe it has a chapter on ssreflect?
[Wed Aug 27 13:54:28 2014] <chirpsalot> Right now I am just about finished "More Coq"
[Wed Aug 27 13:54:40 2014] <johnw> it mentions it
[Wed Aug 27 13:54:47 2014] <johnw> but insteadi to develops something called LibTactics
[Wed Aug 27 13:55:05 2014] <johnw> it even says that ssreflect is better for maths, and LibTactics for modeling DSLs
[Wed Aug 27 13:55:13 2014] <chirpsalot> Ah I see.
[Wed Aug 27 13:55:35 2014] <chirpsalot> Are there any good resources for ssreflect / mathcomp that you would recommend?
[Wed Aug 27 13:55:49 2014] <johnw> the manuals for both
[Wed Aug 27 13:55:57 2014] <johnw> http://www.msr-inria.fr/projects/mathematical-components-2/
[Wed Aug 27 13:56:03 2014] <chirpsalot> Ah, okay :). Sometimes manuals are good, other times not.
[Wed Aug 27 13:56:04 2014] <johnw> click on the Downloads tab
[Wed Aug 27 13:56:12 2014] <johnw> ssreflect's manual is unfortunately dense
[Wed Aug 27 13:56:25 2014] <johnw> i wish there was a tutorial and "best practices" guide
[Wed Aug 27 13:56:47 2014] <johnw> but then again, this was made by mathematicians for handling huge math proofs, so advertising it to newcomers isn't their first objective
[Wed Aug 27 13:56:53 2014] <chirpsalot> Like the coq tutorials and stuff recommended on the coq website were useless to me. Did not get through my tiny brain places. SF just clicks, though :).
[Wed Aug 27 13:57:12 2014] <johnw> yes, with SF Coq would just be a mystery
[Wed Aug 27 13:57:14 2014] <johnw> without
[Wed Aug 27 13:57:33 2014] <johnw> at this point you might find Adam's book valuable, chirpsalot
[Wed Aug 27 13:57:37 2014] <chirpsalot> God yeah. Everything else was confusing and I didn't understand it at all. It seemed like Coq was three things.
[Wed Aug 27 13:57:43 2014] <chirpsalot> johnw: is that Coq'Art?
[Wed Aug 27 13:57:47 2014] <johnw> it's really a good book for those who want to use Coq more effectively
[Wed Aug 27 13:57:55 2014] <johnw> no, http://adam.chlipala.net/cpdt/
[Wed Aug 27 13:58:08 2014] <chirpsalot> Oh!
[Wed Aug 27 13:58:14 2014] <chirpsalot> I have that on my amazon wishlist :).
[Wed Aug 27 13:58:21 2014] <johnw> the PDF is free :)
[Wed Aug 27 13:58:26 2014] <chirpsalot> Past me looking out for me again.
[Wed Aug 27 13:58:31 2014] <chirpsalot> johnw: ah.
[Wed Aug 27 13:58:37 2014] <johnw> I read it through and it was excellent
[Wed Aug 27 13:58:42 2014] <chirpsalot> johnw: might buy the kindle version if it seems good.
[Wed Aug 27 13:58:45 2014] <johnw> I've been using several of the techniques ever since
[Wed Aug 27 13:58:52 2014] <chirpsalot> (I like reading on my kindle)
[Wed Aug 27 13:59:08 2014] <chirpsalot> johnw: is it worth finishing SF first?
[Wed Aug 27 13:59:08 2014] <johnw> some of the example sections in the latter half of the book aren't worth reading closely unless you are working on exactly that sort of problem at the moment
[Wed Aug 27 13:59:14 2014] <chirpsalot> Or doing them in parallel... Or what?
[Wed Aug 27 13:59:16 2014] <johnw> i'd read it in conjunction with working on SF
[Wed Aug 27 13:59:28 2014] <johnw> that way you can start using some of the tricks in your SF womrk
[Wed Aug 27 14:00:18 2014] <chirpsalot> Ah.
[Wed Aug 27 14:01:11 2014] <chirpsalot> I get distracted easily, though. Having multiple resources scares me :P. I'll look at the PDF first and see if it's something I can read.
[Wed Aug 27 14:01:23 2014] <johnw> I was able to make the proof for filter_challenge *really* short by using an automated proof script
[Wed Aug 27 14:01:33 2014] <chirpsalot> Oh wait, I think I actually started reading this once.
[Wed Aug 27 14:02:11 2014] <johnw> it's not wise to read that book as an introduction to Coq
[Wed Aug 27 14:02:29 2014] <chirpsalot> No, it wasn't :P.
[Wed Aug 27 14:02:34 2014] <johnw> it's best when you really want to *use* Coq, and you're looking to accelerate your workflow
[Wed Aug 27 14:02:46 2014] <johnw> otherwise, it's too much detail too fast
[Wed Aug 27 14:02:50 2014] <chirpsalot> Like I said. Everything before SF was a disaster and brought me to tears.
[Wed Aug 27 14:02:59 2014] <johnw> but when you do need it, there's nothing better (at the moment)
[Wed Aug 27 14:03:15 2014] <chirpsalot> Sweet :).
[Wed Aug 27 14:03:23 2014] <chirpsalot> I'll definitely look into it.
[Wed Aug 27 14:03:55 2014] <johnw> By the time you get to "Imp", it should definitely be interesting
[Wed Aug 27 14:04:07 2014] <johnw> MoreCoq may still be a bit soon
[Wed Aug 27 14:04:20 2014] <chirpsalot> I bet I can get pandoc to spit out an ebook since there's an html version, actually.
[Wed Aug 27 14:04:25 2014] <chirpsalot> For bus reading.
[Wed Aug 27 14:04:41 2014] <johnw> I did that with Software Foundations
[Wed Aug 27 14:04:53 2014] <johnw> then I skimmed it as a book first, before going back to do the work
[Wed Aug 27 14:05:10 2014] <chirpsalot> I'm keeping SF on the computer because I really want to do the exercises :P.
[Wed Aug 27 14:05:20 2014] <chirpsalot> Otherwise SF isn't super useful.
[Wed Aug 27 14:05:30 2014] <johnw> yes, sure, I just found the material so fascinating that forcing myself to complete the exercises was slowing down my enjoyment
[Wed Aug 27 14:05:43 2014] <chirpsalot> I mean, skimming before is something I have been doing too :P.
[Wed Aug 27 14:05:46 2014] <johnw> so I let myself read ahead, and then go back and do the exercises
[Wed Aug 27 14:06:00 2014] <johnw> it gave me more context too
[Wed Aug 27 14:06:05 2014] <chirpsalot> johnw: the exercises have been going pretty fast for me. It's SUPER enjoyable too.
[Wed Aug 27 14:06:30 2014] <chirpsalot> This is the most fun I have had in a long time :).
[Wed Aug 27 14:06:49 2014] <johnw> yeah, I agree with you 100%
[Wed Aug 27 14:06:57 2014] <johnw> working on SF is my "gaming time" now
[Wed Aug 27 14:07:03 2014] <chirpsalot> Yep, same.
[Wed Aug 27 14:07:04 2014] <johnw> it totally replaced playing actual games
[Wed Aug 27 14:07:12 2014] <chirpsalot> Kicking that YouTube habit :).
[Wed Aug 27 14:07:36 2014] <johnw> one night I booted into Windows and was playing Borderlands, and I started getting bored because I just wanted to be doing proofs
[Wed Aug 27 14:07:47 2014] <chirpsalot> Yesterday I went back to mess with Haskell a bit, though. Had to futz with cabal to get pandoc to install so I could submit a patch :P.
[Wed Aug 27 14:07:48 2014] <johnw> now *that's* successful pedagogy
[Wed Aug 27 14:08:50 2014] <chirpsalot> johnw: it's also kind of weird how Haskell feels a little gross now.
[Wed Aug 27 14:08:59 2014] <chirpsalot> It's like "ewww, Turing complete."
[Wed Aug 27 14:09:09 2014] <johnw> hahaha
[Wed Aug 27 14:09:24 2014] <chirpsalot> It's like going back to C from Haskell.
[Wed Aug 27 14:09:55 2014] <johnw> Haskell does force me to pay more attention to what I'm saying, but I still like how effective it is at making my computer do things
[Wed Aug 27 14:10:14 2014] <johnw> I've been developing a library actually: https://github.com/jwiegley/coq-haskell
[Wed Aug 27 14:10:24 2014] <johnw> I use it for formalizing my Haskell ideas
[Wed Aug 27 14:11:04 2014] <johnw> my intention is to create a comprehensive toolkit for importing types and functions from Haskell, proving things about them, and then carrying those results back.  Not automatically, but in a way that makes Coq a "workshop" for playing with whatever ideas you're implementing in Haskell
[Wed Aug 27 14:13:49 2014] <chirpsalot> Awesome!
[Wed Aug 27 14:14:15 2014] <chirpsalot> johnw: yeah, Haskell is still great. It's just Coq is so much more fun.
[Wed Aug 27 14:14:36 2014] <chirpsalot> Because Haskell was like "oh, this is like a programming language but 400% more awesome"
[Wed Aug 27 14:14:49 2014] <chirpsalot> But Coq is like "oh, this is a cool programming language + cool proof stuff!"
[Wed Aug 27 14:15:24 2014] <chirpsalot> Well, Haskell is fun too, but you get what I am saying :).
[Wed Aug 27 14:15:53 2014] <chirpsalot> Also I feel like SF is giving me a better introduction with Coq than I ever got with Haskell.
[Wed Aug 27 14:16:02 2014] <johnw> true
[Wed Aug 27 14:16:18 2014] <johnw> plus, in Haskell you should find that DataKinds and libraries like "singleton" now make a whole lot more sense
[Wed Aug 27 14:16:26 2014] <johnw> and the value of GADTs
[Wed Aug 27 14:16:52 2014] <johnw> you still don't get pi types in Haskell, but you can approximate a lot of stuff that in Coq is just "how you do things"
[Wed Aug 27 14:16:58 2014] <chirpsalot> I still need to really learn Haskell.
[Wed Aug 27 14:17:12 2014] <spaxxo> what are the 3 windows in coqide for?
[Wed Aug 27 14:17:25 2014] <johnw> spaxxo: should be code, goal, response
[Wed Aug 27 14:17:42 2014] <chirpsalot> Like I know enough to work around in Haskell, but I am not super familiar.
[Wed Aug 27 14:17:50 2014] <johnw> Haskell has a lot of value
[Wed Aug 27 14:17:57 2014] <spaxxo> johnw: what is goal?
[Wed Aug 27 14:18:03 2014] <chirpsalot> Oh yeah, I loooove Haskell.
[Wed Aug 27 14:18:08 2014] <johnw> with all the extensions on, and many of the newer libraries, you get closer to Coq than you might think
[Wed Aug 27 14:18:14 2014] <johnw> spaxxo: the thing you have to prove
[Wed Aug 27 14:18:23 2014] <spaxxo> oh
[Wed Aug 27 14:18:48 2014] <chirpsalot> Don't get me wrong :). I am just really enjoying Coq, and it's weird going back to Haskell now XD.
[Wed Aug 27 14:18:56 2014] <chirpsalot> Anyway -- lunch time!
[Wed Aug 27 14:19:07 2014] <spaxxo> is it possible to prove |R| = |R^R| in coq?
[Wed Aug 27 14:19:26 2014] <spaxxo> size of reals = size of set of functions from reals to reals
[Wed Aug 27 14:21:22 2014] <vanila> spaxxo, there isn't sets in Coq
[Wed Aug 27 14:21:34 2014] <spaxxo> wat
[Wed Aug 27 14:21:40 2014] <vanila> :/
[Wed Aug 27 14:21:53 2014] <spaxxo> lies
[Wed Aug 27 14:23:11 2014] <spaxxo> vanila: there are sets man
[Wed Aug 27 14:23:35 2014] <spaxxo> do 'Check unit.' in the repl
[Wed Aug 27 14:23:42 2014] <spaxxo> unit : Set.
[Wed Aug 27 14:24:01 2014] <johnw> haha
[Wed Aug 27 14:24:26 2014] <johnw> spaxxo: http://math.andrej.com/2009/09/08/constructive-stone-cardinality-of-sets/
[Wed Aug 27 14:24:39 2014] <spaxxo> and the book im reading says 'Inductive nat : Set := ...'
[Wed Aug 27 14:25:09 2014] <spaxxo> johnw: is the theory behind coq based on constructive math?
[Wed Aug 27 14:25:13 2014] <johnw> yep
[Wed Aug 27 14:25:23 2014] <spaxxo> ah
[Wed Aug 27 14:25:25 2014] <spaxxo> ok cool
[Wed Aug 27 14:25:32 2014] <spaxxo> thats what i wanted to know
[Wed Aug 27 14:26:18 2014] <spaxxo> cause cardinalities above N_0 and cantors diagonal proof etc make no sense to me
[Wed Aug 27 14:27:39 2014] <spaxxo> johnw: what is the math that coq is based on?
[Wed Aug 27 14:27:51 2014] <johnw> the calculus of (co)inductive constructions
[Wed Aug 27 14:28:00 2014] <spaxxo> oh ok
[Wed Aug 27 14:28:01 2014] <johnw> the richest of the lambda calcului on the lambda cube
[Wed Aug 27 14:28:09 2014] <spaxxo> ah
[Wed Aug 27 14:28:16 2014] <spaxxo> johnw: is coq turing complete?
[Wed Aug 27 14:28:26 2014] <johnw> it's roots are in intuistionistic type theory (aka Martin Lӧf)
[Wed Aug 27 14:28:27 2014] <johnw> no
[Wed Aug 27 14:28:36 2014] <johnw> turing completeness would be inconsistent
[Wed Aug 27 14:28:42 2014] <spaxxo> oh
[Wed Aug 27 14:28:50 2014] <spaxxo> johnw: are you a mathematician?
[Wed Aug 27 14:28:56 2014] <johnw> no, not at all
[Wed Aug 27 14:29:02 2014] <spaxxo> self taught this stuff?
[Wed Aug 27 14:29:05 2014] <johnw> yeah
[Wed Aug 27 14:29:08 2014] <spaxxo> nice
[Wed Aug 27 14:29:14 2014] <johnw> I aspire to speak intelligently with mathematicians
[Wed Aug 27 14:29:23 2014] <spaxxo> me too
[Wed Aug 27 14:29:29 2014] <spaxxo> but im noob level atm
[Wed Aug 27 14:29:43 2014] <alkabetz> Mathematicians are insane; Coq programmers are more differently insane
[Wed Aug 27 14:29:52 2014] <johnw> I spent my whole life thinking I couldn't learn math, Haskell and Coq showed me a path
[Wed Aug 27 14:30:18 2014] <alkabetz> johnw: See, now /that/’s what should go on the Haskell home page :)
[Wed Aug 27 14:30:35 2014] <johnw> it's so true
[Wed Aug 27 14:30:42 2014] <johnw> Haskell literally gave my mind a rebirth
[Wed Aug 27 14:30:46 2014] <johnw> I don't even remember who I was before
[Wed Aug 27 14:30:50 2014] <spaxxo> i spent my whole life thinking i know math, haskell and coq showed me im retarded lol
[Wed Aug 27 14:31:37 2014] <vanila> this is kind of off-topic
[Wed Aug 27 14:31:40 2014] <vanila> maybe move it to a social channel
[Wed Aug 27 14:35:10 2014] <spaxxo> what are some other channels on freenode related to formal verification and stuff like that?
[Wed Aug 27 14:36:43 2014] <spaxxo> johnw: can you recommend a book on CoC ?
[Wed Aug 27 14:36:59 2014] <johnw> the Coq reference manual has a chapter on it
[Wed Aug 27 14:37:16 2014] <johnw> http://coq.inria.fr/refman/Reference-Manual006.html
[Wed Aug 27 14:37:25 2014] <spaxxo> is that enough to understand it?
[Wed Aug 27 14:37:38 2014] <spaxxo> or is it just an intro/overview?
[Wed Aug 27 14:38:24 2014] <johnw> well, the original paper is by Huet and Coquand
[Wed Aug 27 14:38:30 2014] <johnw> "The Calculus of Constructions", from 1988
[Wed Aug 27 14:38:44 2014] <johnw> http://ac.els-cdn.com/0890540188900053/1-s2.0-0890540188900053-main.pdf?_tid=5dce9390-2e19-11e4-8c7d-00000aab0f02&acdnat=1409164901_63db239cb53ba4012a18553a2334bdc0
[Wed Aug 27 14:38:48 2014] <spaxxo> ah okay, so  its not its own huge theory
[Wed Aug 27 14:39:03 2014] <johnw> no, lambda calculi are pretty simple by nature
[Wed Aug 27 16:11:39 2014] <mads-> I seem somewhat lost. Can someone help me with forall A B C: Prop, (A -> C) \/ (B -> C) -> (A \/ B -> C).
[Wed Aug 27 16:19:29 2014] <vanila> you can use the tauto tactic to automatically prove all trivial theorems like that
[Wed Aug 27 16:19:58 2014] <vanila> ah sorry, I said something stupid :)
[Wed Aug 27 16:20:07 2014] <vanila> Error: tauto failed.
[Wed Aug 27 16:20:12 2014] <vanila> this is not constructively provable
[Wed Aug 27 16:20:28 2014] <vanila> Goal forall A B C: Prop, (A -> C) /\ (B -> C) -> (A \/ B -> C).
[Wed Aug 27 16:20:30 2014] <vanila> you could prove, though
[Wed Aug 27 16:20:51 2014] <Anarchos> vanila elim on A\/B ?
[Wed Aug 27 16:22:28 2014] <mads-> So it can't be proved?
[Wed Aug 27 16:22:53 2014] <mads-> I'm fumbling around with it. And I seem to be doing fine on all the other exercises, but I just can't get that one to play nice.
[Wed Aug 27 16:22:55 2014] <vanila> no, its not true - I thought maybe it was a typo and you wanted /\ at the start?
[Wed Aug 27 16:23:00 2014] <vanila> link to exercise?
[Wed Aug 27 16:23:13 2014] <mads-> course exercise. So it's not online.
[Wed Aug 27 16:23:25 2014] <vanila> email the teacher saying its wrong :)
[Wed Aug 27 16:23:33 2014] <mads-> But he mentioned there might be a few unprovable hidden around.
[Wed Aug 27 16:23:38 2014] <vanila> oh lol
[Wed Aug 27 16:23:39 2014] <vanila> mean
[Wed Aug 27 16:23:46 2014] <mads-> So I just wanted to check if it was me or this exercise.
[Wed Aug 27 16:23:50 2014] <vanila> maybe you could disprove it
[Wed Aug 27 16:23:58 2014] <vanila> by deriving a contradiction from the assumption that it holds
[Wed Aug 27 16:23:58 2014] <mads-> We haven't learned that yet
[Wed Aug 27 16:24:16 2014] <vanila> Theorem unprovable_identity : ~(forall A B C: Prop, (A -> C) \/ (B -> C) -> (A \/ B -> C)).
[Wed Aug 27 16:25:02 2014] <vanila> this is quite easy
[Wed Aug 27 16:25:49 2014] <mads-> What would you do in the case it was a /\ in the start instead of \/ ?
[Wed Aug 27 16:26:00 2014] <vanila> tauto.
[Wed Aug 27 16:26:22 2014] <vanila> on the other hand unprovable_identity is more intersting, you can't just prove it with tauto. You need to pick an assignment for the variables
[Wed Aug 27 16:26:25 2014] <mads-> I mean, how would you destruct/split the (A -> C) /\ (B -> C) up?
[Wed Aug 27 16:26:49 2014] <vanila> Goal forall A B C: Prop, (A -> C) /\ (B -> C) -> (A \/ B -> C).
[Wed Aug 27 16:26:49 2014] <vanila> intros A B C H1 H2.
[Wed Aug 27 16:26:49 2014] <vanila> case H1.
[Wed Aug 27 16:27:02 2014] <vanila> also compare:  destruct H1.
[Wed Aug 27 17:19:12 2014] <spaxxo> what does 'destruct' do?
[Wed Aug 27 17:23:25 2014] <spaxxo> nvm found that there is docs for all this
[Wed Aug 27 17:53:13 2014] <chirpsalot> spaxxo: have you been given the SF book for learning Coq yet? http://www.cis.upenn.edu/~bcpierce/sf/current/index.html
[Wed Aug 27 17:54:12 2014] <chirpsalot> spaxxo: I didn't understand anything of Coq before going through that. It's very good.
[Wed Aug 27 18:16:12 2014] <yukko> is there a way to redefine coq's number notation? like if I made my own natural number type, could I make 0 and 1 and make values of my own type?
[Wed Aug 27 18:37:46 2014] <chirpsalot> yukko: I am new and don't know, but the Software Foundations book uses "O" and "S" to create its own natural numbers. I suspect that might be because 0 is taken.
[Wed Aug 27 18:38:24 2014] <chirpsalot> yukko: but you can override the notation for '+' and such, I believe.
[Wed Aug 27 18:46:08 2014] <yukko> chirpsalot I see!
[Wed Aug 27 18:46:36 2014] <yukko> I'm making some silly notation that just converts the normal numerals (1, 2, 3, etc) into my own types via something like [1] or whatever
[Wed Aug 27 19:17:05 2014] <anderslundstedt> I want to work with a setoid-valued function. I have troubles using the setoid equality when stating axioms. A somewhat minimal working example illustrating the problem is: http://pastebin.com/MajJJ85t
[Wed Aug 27 19:18:17 2014] <anderslundstedt> With setoid-valued I mean that its values are setoids, the type is e.g. nat -> {A : Type & Setoid A}
[Wed Aug 27 21:15:51 2014] <anderslundstedt> solved it (by overriding implicit arguments for equiv)
[Thu Aug 28 03:20:56 2014] <gdsfh> hello.  I have predicate as a function, now I want to reformulate it as an inductive data type.  But I can't draw isomorphism between them: http://pastebin.com/8j0bYuCA .  Seems I'm doing something wrong, and these predicates are not equivalent.  Right?
[Thu Aug 28 03:28:03 2014] <gdsfh> but what I _really_ want, is an ability to store misc terms that are produced by my functions (proofs, other functions, values, types) in some big term, that will be available for proofs (after proper destruction).  It should be easy, but I miss something.
[Thu Aug 28 05:27:29 2014] <anderslundstedt> gdsfh: They are not equivalent, I believe you want: http://pastebin.com/R54fMSf3
[Thu Aug 28 05:31:13 2014] <gdsfh> anderslundstedt: really.  Thank you!
[Thu Aug 28 05:34:34 2014] <anderslundstedt> np
[Thu Aug 28 08:26:35 2014] <schoppenhauer> wah ... how do I get the x in {x : A & B} ?
[Thu Aug 28 08:26:56 2014] <schoppenhauer> sig_proj1 and proj1 do not work.
[Thu Aug 28 08:27:24 2014] <gdsfh> schoppenhauer: projT1
[Thu Aug 28 08:30:06 2014] <schoppenhauer> gdsfh: thx.
[Thu Aug 28 09:09:14 2014] <mads-> Is this how you would have done this? http://pastebin.com/sAXPAiWk . It seems a bit odd to me
[Thu Aug 28 09:58:52 2014] <chirpsalot> johnw: CPDT is /really/ cool. Thanks for the recommendation :).
[Thu Aug 28 09:59:28 2014] <chirpsalot> I like how the first example is "LET'S BUILD A STACK MACHINE COMPILER!"
[Thu Aug 28 10:00:23 2014] <ianjneu> languages are all we know.
[Thu Aug 28 10:03:01 2014] <Hodapp> this might be the first time I've heard someone call CPDT "really cool" :P
[Thu Aug 28 10:03:31 2014] <chirpsalot> Hodapp: you disagree? :P
[Thu Aug 28 10:21:30 2014] <Hodapp> chirpsalot: I've not read the book, so I can't offer much opinion.
[Thu Aug 28 10:21:34 2014] <Hodapp> I'd like to read it once I get through SF.
[Thu Aug 28 10:22:02 2014] <chirpsalot> Hodapp: yeah, I think I might end up doing that. johnw recommended reading it in parallel.
[Thu Aug 28 10:22:56 2014] <chirpsalot> But, I took a peek and it seems like CPDT is pretty neat.
[Thu Aug 28 10:23:24 2014] <chirpsalot> I think I like keeping the flow of going through SF on its own, though.
[Thu Aug 28 10:42:06 2014] <Hodapp> in parallel?!
[Thu Aug 28 10:42:09 2014] <Hodapp> oh well.
[Thu Aug 28 10:42:59 2014] <Hodapp> I am rather liking SF. I like that, about as soon as it makes sense to, it moves into examples that are fairly practical.
[Thu Aug 28 10:44:13 2014] <chirpsalot> Yeah! And all of the exercises are fun.
[Thu Aug 28 10:45:27 2014] <Hodapp> I liked the one where they had you implement a simple optimizer for a limited set of expressions, and then had you prove that the optimizer was correctness-preserving.
[Thu Aug 28 10:45:57 2014] <Hodapp> that, to me, is a practical use.
[Thu Aug 28 10:49:13 2014] <Hodapp> I also think it's pretty neat that the book itself is Coq code.
[Thu Aug 28 12:02:20 2014] <chirpsalot> Hodapp: I believe you are a little farther than I in SF :P.
[Thu Aug 28 12:02:28 2014] <chirpsalot> I am finishing up MoreCoq still.
[Thu Aug 28 13:27:08 2014] <helpta> do any of you guys work in academia?
[Thu Aug 28 13:32:19 2014] <ianjneu> helpta: PhD student.
[Thu Aug 28 13:37:04 2014] <helpta> ah
[Thu Aug 28 13:37:27 2014] <helpta> i wonder if its possible to get into this field without any formal education
[Thu Aug 28 13:40:27 2014] <roosbeef> formal education referring to institutionalized education?
[Thu Aug 28 13:43:07 2014] <helpta> yes roosbeef
[Thu Aug 28 13:45:22 2014] <vanila> helpta, yes there are a lot of good free materials you can learn from
[Thu Aug 28 13:45:31 2014] <ianjneu> helpta: it just takes time and work.
[Thu Aug 28 13:45:49 2014] <ianjneu> and a helpful community :)
[Thu Aug 28 13:46:50 2014] <helpta> what im talking about is getting a job in academia working with this stuff
[Thu Aug 28 13:46:53 2014] <helpta> not learning it
[Thu Aug 28 13:47:26 2014] <vanila> oh
[Thu Aug 28 13:47:49 2014] <vanila> the normal route is to do an undergrad degree then PhD
[Thu Aug 28 13:50:01 2014] <helpta> that sucks
[Thu Aug 28 13:50:10 2014] <vanila> yeah
[Thu Aug 28 13:50:17 2014] <helpta> i cant to university
[Thu Aug 28 13:50:47 2014] <helpta> even  though i really want to and like to learn this stuff
[Thu Aug 28 13:51:09 2014] <roosbeef> why cant you
[Thu Aug 28 13:51:38 2014] <helpta> cause i have ADD or something
[Thu Aug 28 13:51:57 2014] <helpta> i just lose all interest in everything like one week into it
[Thu Aug 28 13:52:07 2014] <roosbeef> well how long have you been into this then
[Thu Aug 28 13:52:10 2014] <helpta> i started and dropped out 3 times already
[Thu Aug 28 13:52:28 2014] <helpta> ive been into this for a while
[Thu Aug 28 13:52:33 2014] <roosbeef> 'a while'?
[Thu Aug 28 13:52:38 2014] <helpta> 'this' being learning math and other stuff
[Thu Aug 28 13:52:45 2014] <helpta> just started coq one week ago
[Thu Aug 28 13:53:57 2014] <helpta> a while is like ~ 2 years
[Thu Aug 28 13:54:08 2014] <helpta> and programming in general 5 years
[Thu Aug 28 13:54:17 2014] <roosbeef> hm
[Thu Aug 28 13:54:19 2014] <roosbeef> fair enough
[Thu Aug 28 13:54:26 2014] <helpta> ive been working as a software engineer already for 3 years
[Thu Aug 28 13:54:27 2014] <roosbeef> why would you want to get into academia though
[Thu Aug 28 13:54:48 2014] <helpta> well i just want to work with math and more theory
[Thu Aug 28 13:54:53 2014] <helpta> doesnt have to be academia
[Thu Aug 28 13:55:12 2014] <vanila> why don't you just enjoy it as a hobby
[Thu Aug 28 13:55:19 2014] <vanila> it isn't really that useful to real programming
[Thu Aug 28 13:56:09 2014] <helpta> really?
[Thu Aug 28 13:56:17 2014] <helpta> it seems very practical to me
[Thu Aug 28 13:56:24 2014] <helpta> and probably will be more so in the future
[Thu Aug 28 13:56:40 2014] <helpta> and doing it as a hobby i dont have enough time
[Thu Aug 28 13:58:14 2014] <helpta> idk i feel like what i currently do is like the computer-equivalent of laying bricks
[Thu Aug 28 13:58:36 2014] <helpta> id rather do research and write papers
[Thu Aug 28 13:58:53 2014] <vanila> oh okay like meta-programming
[Thu Aug 28 13:59:23 2014] <helpta> yeah sure
[Thu Aug 28 14:00:17 2014] <roosbeef> to be honest with you helpta, i wonder, if youre unable to cope with the boring aspects of formal education, why would you want to burden yourself with the boring aspects of academia
[Thu Aug 28 14:00:46 2014] <roosbeef> im just a masters student, so i dont even really know the ins and outs of being a PhD or postdoc etc
[Thu Aug 28 14:00:59 2014] <roosbeef> but thats just a question coming to mind
[Thu Aug 28 14:01:28 2014] <helpta> what boring aspects?
[Thu Aug 28 14:01:57 2014] <helpta> to me it seems like doing research in academia is the perfect job
[Thu Aug 28 14:01:58 2014] <roosbeef> you dont think there are any?
[Thu Aug 28 14:02:18 2014] <helpta> well i know they dont pay very well, but thats not a huge problem for me
[Thu Aug 28 14:03:45 2014] <helpta> but i dont see any downsides other than that
[Thu Aug 28 14:08:20 2014] <ianjneu> helpta: academia is fucking dire. I can't wait to get the hell out.
[Thu Aug 28 14:08:34 2014] <helpta> why?
[Thu Aug 28 14:09:15 2014] <vanila> this is the difference between phd and masters
[Thu Aug 28 14:09:31 2014] <helpta> ianjneu: once you get your phd could you become a researcher and study whatever you like in your area?
[Thu Aug 28 14:09:46 2014] <ianjneu> It's not the ivory tower of people searching for truth. Science is actually pretty rare these days. It's a bunch of egotists fighting over meager resources by stepping on toes, overstating their importance, and spending way more time fundraising than researching.
[Thu Aug 28 14:10:26 2014] <helpta> ah
[Thu Aug 28 14:10:39 2014] <helpta> that sounds like hell
[Thu Aug 28 14:11:10 2014] <helpta> do you need resources to do research in math though?
[Thu Aug 28 14:11:20 2014] <vanila> no
[Thu Aug 28 14:11:35 2014] <chirpsalot> vanila: sometimes computational resources?
[Thu Aug 28 14:12:09 2014] <ianjneu> you need money to pay rent, buy food, and have health insurance.
[Thu Aug 28 14:12:25 2014] <ianjneu> also, office space in a university isn't cheap.
[Thu Aug 28 14:12:52 2014] <helpta> dont all the members get that?
[Thu Aug 28 14:12:58 2014] <ianjneu> People are the most expensive resource in sciences outside of physics.
[Thu Aug 28 14:13:08 2014] <vanila> chirpsalot, it's often rare that this is of use, that depends a lot on what you study though
[Thu Aug 28 14:13:32 2014] <ianjneu> helpta: to be a member, you must fight the fight.
[Thu Aug 28 14:13:39 2014] <helpta> ah
[Thu Aug 28 14:14:34 2014] <chirpsalot> vanila: the more applied the more likely you need resources, probably :P.
[Thu Aug 28 14:14:43 2014] <vanila> yeah
[Thu Aug 28 14:14:54 2014] <helpta> i guess i should stick with hobbying
[Thu Aug 28 14:15:33 2014] <vanila> if you strike gold you can still publish something cool :)
[Thu Aug 28 14:15:40 2014] <chirpsalot> ianjneu: don't you just get office space as a grad student?
[Thu Aug 28 14:15:51 2014] <chirpsalot> * shrugs
[Thu Aug 28 14:15:57 2014] <chirpsalot> I got an office space as an undergrad ;)
[Thu Aug 28 14:16:14 2014] <ianjneu> chirpsalot: Most of the time. Publishing is a nightmare though.
[Thu Aug 28 14:16:31 2014] <ianjneu> the resource fight is more of the professor's job.
[Thu Aug 28 14:16:35 2014] <chirpsalot> ianjneu: publishing sounds horrendously stupid.
[Thu Aug 28 14:17:28 2014] <vanila> journals seem to think publishing is very important
[Thu Aug 28 14:17:34 2014] <ianjneu> chirpsalot: it's an outdated institution. People should just post papers online and allow social media to do the rest.
[Thu Aug 28 14:17:56 2014] <chirpsalot> Also, I don't know, people seem to take publications as some kind of academic dick-swinging... Most publications are kind of useless and irrelevant, though.
[Thu Aug 28 14:18:07 2014] <ianjneu> chirpsalot: this is true.
[Thu Aug 28 14:18:40 2014] <ijp> ianjneu: and kickstart their research grant?
[Thu Aug 28 14:18:43 2014] <ianjneu> bean-counting is the way that universities judge your value, not the actual intrinsic value of your work.
[Thu Aug 28 14:18:55 2014] <chirpsalot> ijp: indiegogo, clearly :P.
[Thu Aug 28 14:19:17 2014] <chirpsalot> I don't know, maybe I should care about publications, but in general it just seems incredibly stupid.
[Thu Aug 28 14:20:27 2014] <ianjneu> chirpsalot: do interesting work and document it rigorously. If anyone cares and tries to build on it, they'll either find bugs and help fix them or just have benefitted from the wonders of science.
[Thu Aug 28 14:22:11 2014] <ianjneu> Science is very much not about truth, but at picking away at something that can help do things later. I would prefer to look at it in the software development point of view rather than the shiny glimmer of platonic truth.
[Thu Aug 28 14:22:41 2014] <vanila> platonic truth is mathematics
[Thu Aug 28 14:22:46 2014] <ianjneu> false.
[Thu Aug 28 14:22:50 2014] <vanila> programming is an engineering discipline
[Thu Aug 28 14:23:20 2014] <ianjneu> your distinctions are only meaningful in terms of culture.
[Thu Aug 28 14:23:21 2014] <helpta> programming is a construction discipline
[Thu Aug 28 14:23:32 2014] <ijp> since this is a constructivist channel, it should be obvious that maths is invented, not discovered
[Thu Aug 28 14:23:36 2014] <vanila> ianjneu, what subject do you study?
[Thu Aug 28 14:23:41 2014] <ianjneu> vanila: semantics.
[Thu Aug 28 14:23:57 2014] <roosbeef> platonic truth, is that like being friend-zoned by truth?
[Thu Aug 28 14:24:16 2014] <helpta> its like liking truth but not being too gay about it
[Thu Aug 28 14:24:38 2014] <roosbeef> you know what they say right, nothing escapes the friend-zone not even light :p
[Thu Aug 28 14:24:58 2014] <ianjneu> roosbeef: misogyny aside
[Thu Aug 28 14:25:01 2014] <helpta> except my friends
[Thu Aug 28 14:25:11 2014] <roosbeef> haha
[Thu Aug 28 14:25:13 2014] <ianjneu> platonism is about objectivity. If you can imagine an object that has some properties, a perfect object satisfying those properties (if they are consistent) exists in a real sense.
[Thu Aug 28 14:25:24 2014] <roosbeef> yea i know
[Thu Aug 28 14:25:27 2014] <roosbeef> i just thought that was funny
[Thu Aug 28 14:25:54 2014] <ianjneu> roosbeef: some people think rape is funny. Doesn't make it right.
[Thu Aug 28 14:26:03 2014] <roosbeef> only if you do it right
[Thu Aug 28 14:26:10 2014] <ianjneu> I'm leaving now.
[Thu Aug 28 14:26:13 2014] <roosbeef> haha
[Thu Aug 28 14:26:31 2014] <vanila> honestly ianjneu
[Thu Aug 28 14:26:38 2014] <vanila> you are being out of line
[Thu Aug 28 14:26:58 2014] <helpta> wat
[Thu Aug 28 14:27:05 2014] <Ptival> did you mean roosbeef?
[Thu Aug 28 14:27:17 2014] <helpta> the troll/sarcasm loops are getting out of hand, lets reset
[Thu Aug 28 14:27:22 2014] <Ptival> yep
[Thu Aug 28 14:27:26 2014] <vanila> the one who started accusing people of mysogeny and talking about rape out of no where
[Thu Aug 28 14:27:40 2014] <Ptival> vanila: I see what you mean
[Thu Aug 28 14:27:56 2014] <helpta> i cant even tell who is trolling who anymore
[Thu Aug 28 14:28:52 2014] <Ptival> is anyone here in the loop of Coq development?:
[Thu Aug 28 14:33:56 2014] <Ptival> guess not
[Thu Aug 28 14:34:22 2014] <helpta> why Ptival ?
[Thu Aug 28 14:36:04 2014] <Ptival> I'd like to know more about an upcoming feature
[Thu Aug 28 14:36:13 2014] <vanila> which feature?
[Thu Aug 28 14:36:46 2014] <Ptival> apparently, an API to replace -ideslave
[Thu Aug 28 14:40:14 2014] <johnw> is anyone actively working on Haskell extraction?
[Thu Aug 28 14:41:26 2014] <helpta> What is Haskell extraction?
[Thu Aug 28 14:41:42 2014] <johnw> Coq can extract functions and types in Set to Haskell code
[Thu Aug 28 14:42:19 2014] <helpta> oh
[Thu Aug 28 14:47:39 2014] <ijp> helpta: we're working on having haskell defect to the wast
[Thu Aug 28 14:48:51 2014] <johnw> huh?
[Thu Aug 28 14:50:03 2014] <ijp> johnw: cold war joke (obviously not funny)
[Thu Aug 28 14:50:15 2014] <johnw> oh, to the west
[Thu Aug 28 14:50:54 2014] <ijp> odd, I read the line over twice, and didn't notice the spelling mistake till you pointed it out
[Thu Aug 28 17:23:02 2014] <johnw> is there a tactical which says ; [a|b|c for all the rest]?
[Thu Aug 28 17:24:54 2014] <johnw> for example, to clean up: https://gist.github.com/e9ec826f3ff72d1247e2
[Thu Aug 28 17:29:13 2014] <ijp> johnw: I don't know but   foo ; [a | b | | | ...] ; c would save you some typing
[Thu Aug 28 17:29:39 2014] <ijp> I think
[Thu Aug 28 17:37:22 2014] <ijp> johnw: http://coq.inria.fr/refman/Reference-Manual011.html#hevea_tactic178 see the .. syntax
[Thu Aug 28 17:37:51 2014] <ijp> looks like [a | b | c ..] should work
[Thu Aug 28 20:33:49 2014] <Erraunt> vanila: Hi. Concerning my yesterdays (or the day before yesterday) question about proving set theory things in Coq - If we don't want to do that how do we state mathematical problem in Coq at all? We try to do it in typed lambda calculus instead of ZFC ?
[Thu Aug 28 20:35:06 2014] <vanila> exactly
[Thu Aug 28 20:35:22 2014] <vanila> coq uses a different mathematical foundation - type theory. So formulate everything in those terms
[Thu Aug 28 20:38:53 2014] <Erraunt> vanila: is there a place (on the web) where I could see how do combinatoric proofs look in Coq? Probably the 4-color theorem is not the best example to begin with.
[Thu Aug 28 20:41:43 2014] <vanila> what kind of things?
[Thu Aug 28 20:43:19 2014] <Erraunt> vanila: simple things about graphs for example
[Thu Aug 28 20:44:51 2014] <vanila> sorry i don't know where tto find examples of that
[Thu Aug 28 20:44:57 2014] <Erraunt> vanila: (maybe not that simple) correctness of Dijkstra's algorithm
[Thu Aug 28 20:45:04 2014] <vanila> it's definitely something you can do without a lot of trouble
[Thu Aug 28 20:45:14 2014] <vanila> that's a cool idea
[Thu Aug 28 20:45:22 2014] <vanila> that would make a good learning project for Coq
[Thu Aug 28 20:46:23 2014] <Erraunt> but I don't necessairly know how to state the problem in Coq (after a couple of chapters of SF)
[Thu Aug 28 20:46:49 2014] <vanila> you would have to develop data types that describes graphs and their meaning
[Thu Aug 28 20:49:42 2014] <Erraunt> how much time would it take for you to make such a proof?
[Thu Aug 28 20:50:06 2014] <vanila> I think it would take a couple weeks, I'm going to try
[Thu Aug 28 20:51:27 2014] <Erraunt> so I should manage… in a couple of years. Do you have a github account or some other place where I could see the result ?
[Thu Aug 28 20:53:23 2014] <vanila> oh no im sure you could do it faster than that
[Thu Aug 28 20:53:46 2014] <vanila> if i dont give up ill link it here
[Thu Aug 28 21:05:38 2014] <Erraunt> vanila: thanks for the time.
[Thu Aug 28 22:42:12 2014] <chirpsalot> Huh. I haven't had any problems thus far, but this one theorem has me stuck. So frustrating. Guess I need to take a break.
[Fri Aug 29 05:20:22 2014] <mads-> Is there any way for me to get coq to be verbose with parantheses in my goals?
[Fri Aug 29 07:06:32 2014] <roosbeef> sigh
[Fri Aug 29 07:40:18 2014] <osa1> in `f : A -> B`, `B` is sometimes called "range" and sometimes called "codomain". are there any differences between those terms?
[Fri Aug 29 07:46:54 2014] <mads-> osa1: I would say no. Though most of the math I have learned is not English.
[Fri Aug 29 07:58:29 2014] <alkabetz> Usually ‘range’ means ‘image’, but it can also mean ‘codomain’.
[Fri Aug 29 07:59:02 2014] <alkabetz> I was taught that it meant ‘codomain’, for instance.
[Fri Aug 29 07:59:37 2014] <alkabetz> Basically, US high school maths teachers are afraid if they use ‘codomain’, parents will throw a screaming fit because the maths is too abstract and useless for everyday life.
[Fri Aug 29 07:59:45 2014] <alkabetz> So they disguise the terminology by using ‘range’.
[Fri Aug 29 08:00:34 2014] <alkabetz> In this particular case, though, [B] is the codomain, not the image, so ‘range’ here means ‘codomain’.
[Fri Aug 29 08:01:16 2014] <alkabetz> Hmm, actually, now that I think about it, my HS maths teachers used ‘range’ to mean both ‘image’ and ‘codomain’.  Ugh.
[Fri Aug 29 08:02:57 2014] <Hodapp> yes, "domain" and "range" are burned into my memory
[Fri Aug 29 08:04:07 2014] <Hodapp> but I am indebted to a grade school math teacher who explained a good bit of set theory to us when the curriculum didn't call for it, and a high school math teacher who spent some time explaining that "algebra" and "an algebra" are different things.
[Fri Aug 29 08:06:48 2014] <Hodapp> she had a PhD in applied mathematics and could have gotten all sorts of other jobs (and did, prior) but seemed to just like teaching high school
[Fri Aug 29 09:30:28 2014] <chirpsalot> * shakes fist.
[Fri Aug 29 09:30:35 2014] <chirpsalot> I hate range.
[Fri Aug 29 09:31:31 2014] <chirpsalot> I always get so confused about it.
[Fri Aug 29 09:32:11 2014] <chirpsalot> Like, it seems to me like a function should always be surjective :P. Just be more specific about your range, dammit!
[Fri Aug 29 10:10:12 2014] <chirpsalot> Why is length_snoc''' so difficult o_o.
[Fri Aug 29 10:16:45 2014] <vanila> chirpsalot, are you trying by induction on l?
[Fri Aug 29 10:16:50 2014] <chirpsalot> Yes.
[Fri Aug 29 10:17:14 2014] <vanila> so th problem with that is that the variable 'n' is not being generalized as part of the induction, instead of it's a constant
[Fri Aug 29 10:17:26 2014] <vanila> http://lpaste.net/110180
[Fri Aug 29 10:17:53 2014] <vanila> if you put n last, induction l or intro X v l; induction l. will let you do the induction with 'n' generalized
[Fri Aug 29 10:18:08 2014] <flergs> lpaste is pornography according to my corporate proxy
[Fri Aug 29 10:18:14 2014] <flergs> all that sexy code
[Fri Aug 29 10:18:19 2014] <vanila> haha
[Fri Aug 29 10:18:25 2014] <vanila> would you like me to use a different serviec from now?
[Fri Aug 29 10:18:32 2014] <vanila> I don't really know which paste site is good
[Fri Aug 29 10:18:33 2014] <chirpsalot> Yeah, I get that, but 'generalize dependent n' isn't doing what I want :|. I thought it would?
[Fri Aug 29 10:18:41 2014] <flergs> nom i like lpaste
[Fri Aug 29 10:19:07 2014] <flergs> no*
[Fri Aug 29 10:19:08 2014] <vanila> intros n X v l; revert n.
[Fri Aug 29 10:19:12 2014] <chirpsalot> vanila: I'll try reorganizing and see if I can do it that way, and if it gives me insight into how to make 'generalize dependent n' work :).
[Fri Aug 29 10:19:28 2014] <vanila> to shuffle the args around 'revert' puts a hyp back into your goal
[Fri Aug 29 10:19:38 2014] <vanila> generalize dependent sounds like a scary tactic
[Fri Aug 29 10:19:46 2014] <chirpsalot> vanila: dunno about revert yet. I'm following SF, and it hasn't introduced revert yet.
[Fri Aug 29 10:20:14 2014] <vanila> revert puts a hypothesis back into the goal, it's fully documented here http://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic39
[Fri Aug 29 10:20:40 2014] <chirpsalot> vanila: yeah, I mean that I would like to try to do it how SF seems to want me to do it?
[Fri Aug 29 10:39:46 2014] <osa1> I'm trying to define some basic category stuff but I'm stuck right at the beginning http://lpaste.net/110181 I need to somehow derive/define that `f o g = id` then `g o f = id`.
[Fri Aug 29 10:41:41 2014] <osa1> any ideas?
[Fri Aug 29 10:42:41 2014] <ianjneu> osa1: you can check out jgross's category theory libraries if you're making a serious effort.
[Fri Aug 29 10:44:06 2014] <vanila> osa1, Doesn't you mean to define isomorphism as a two sided inverse rather than just one sided inverse?
[Fri Aug 29 10:47:07 2014] <ianjneu> indeed you need upper and lower closure.
[Fri Aug 29 10:47:13 2014] <osa1> ianjneu: I'm just following a book, nothing serious
[Fri Aug 29 10:47:16 2014] <osa1> hm
[Fri Aug 29 10:48:08 2014] <osa1> right, that's mentioned in the book too
[Fri Aug 29 10:48:10 2014] <osa1> thanks
[Fri Aug 29 11:27:37 2014] <osa1> how can I write a function `f : Fin.t 3 -> T` where `Inductive T := A | B | C.` ?
[Fri Aug 29 11:30:23 2014] <osa1> I'm trying to use Fin.t for cardinality
[Fri Aug 29 11:30:42 2014] <vanila> a pattern match like this might work:
[Fri Aug 29 11:30:42 2014] <vanila> match i in Fin.t n return match n with  | 3 => T  | _ => True end with
[Fri Aug 29 11:30:46 2014] <vanila> the technique from CPDT
[Fri Aug 29 11:33:32 2014] <ianjneu> so-called large eliminations are great.
[Fri Aug 29 11:35:40 2014] <ianjneu> the "return" type is sometimes called the "motive." If the type of the motive is a universe, then it's sometimes called "large elimination" because some systems don't have universes, just ad-hoc rules for some motives that produce types.
[Fri Aug 29 11:36:42 2014] <vanila> ianjneu++ nice explanation
[Fri Aug 29 11:37:09 2014] <vanila> reminds me about epigram
[Fri Aug 29 11:38:04 2014] <osa1> http://lpaste.net/110186 this doesn't work
[Fri Aug 29 11:38:22 2014] <ianjneu> Conor McBride reminds me of a physicist that comes up with crazy mathematical theories that might work in some cases, but have just about no physical meaning.
[Fri Aug 29 11:38:25 2014] <osa1> The term "tt" has type "unit" while it is expected to have type "example_set_1".
[Fri Aug 29 11:39:17 2014] <vanila> osa1 right idea, i had a go and it isn't nice at all http://lpaste.net/110187 -- let's see if there's an easier way
[Fri Aug 29 11:39:30 2014] <vanila> in particular line 15 is especially worrying
[Fri Aug 29 11:39:50 2014] <vanila> this wil likely come up as a problem in proofs with this definition
[Fri Aug 29 11:40:46 2014] <vanila> a better way to write this might be to define it 'inductively'
[Fri Aug 29 11:41:11 2014] <vanila> ill just make a paste because I don't think i can explain it
[Fri Aug 29 11:44:34 2014] <vanila> Definition finElim {T} : t 0 -> T.
[Fri Aug 29 11:44:38 2014] <vanila> Definition fromFin {T} {n} (e : T) (g : t n -> T) (f : t (S n)) : T
[Fri Aug 29 11:44:57 2014] <vanila> something like that could let you build it up the function one step at a time
[Fri Aug 29 11:50:11 2014] <vanila> http://lpaste.net/110188#line15
[Fri Aug 29 11:50:16 2014] <vanila> this could be a lot neater though
[Fri Aug 29 11:51:14 2014] <vanila> oh and actually partially applying  Fin n -> Vec n T -> T  gives you a much better way to write all this
[Fri Aug 29 12:36:57 2014] <flergs> is there a constructive proof that R is uncountable?
[Fri Aug 29 12:37:46 2014] <vanila> flergs, cantor diagonalization works just the same constructively
[Fri Aug 29 12:38:04 2014] <flergs> wat?
[Fri Aug 29 12:38:07 2014] <flergs> no it doesnt
[Fri Aug 29 12:38:09 2014] <vanila> :(
[Fri Aug 29 12:38:13 2014] <vanila> please don't waste my time
[Fri Aug 29 12:38:21 2014] <flergs> ?
[Fri Aug 29 12:38:27 2014] <flergs> are you serious?
[Fri Aug 29 12:38:45 2014] <vanila> yes please use a single name or something so I don't have to speak to you
[Fri Aug 29 12:38:59 2014] <flergs> why do you say it is constructive?
[Fri Aug 29 12:39:10 2014] <flergs> iirc it is not..
[Fri Aug 29 12:42:04 2014] <flergs> ah you are right vanila
[Fri Aug 29 12:42:09 2014] <flergs> not need to get pissy though
[Fri Aug 29 13:01:35 2014] <flergs> vanila: 'The interpretation of Cantor's result will depend upon one's view of mathematics. To constructivists, the argument shows no more than that there is no bijection between the natural numbers and T. It does not rule out the possibility that the latter are subcountable.'
[Fri Aug 29 13:01:42 2014] <flergs> http://en.wikipedia.org/wiki/Cantor's_diagonal_argument
[Fri Aug 29 13:04:18 2014] <flergs> so it is constructive, but it doesn't prove that R is uncountable
[Fri Aug 29 13:04:52 2014] <flergs> what do you think about this vanila ?
[Fri Aug 29 13:07:07 2014] <ianjneu> which definition of uncountability are you using?
[Fri Aug 29 13:09:04 2014] <flergs> larger than N0
[Fri Aug 29 13:10:26 2014] <flergs> I don't really see how the definition of the element that doesnt fit in the diagonal argument is constructive though
[Fri Aug 29 13:11:13 2014] <flergs> I mean where is the proof that this element exists after all of the previous elements are defined?
[Fri Aug 29 13:12:31 2014] <flergs> im not trying to say it's wrong, i just dont undertsand it
[Fri Aug 29 13:14:37 2014] <flergs> it almost seems like you have to enumerate all of the permutations in order to define s in the first place... which would be a contradiction
[Fri Aug 29 13:15:04 2014] <flergs> do you get what im sayinf ianjneu ?
[Fri Aug 29 13:18:45 2014] <gdsfh> hello.  I want to implement some kind of dsl over my "imperative" stuff using notations.  The code after unfolding notations and goal to prove look like this: https://gist.github.com/gdsfh/dc1a5ad1f92acca8075f
[Fri Aug 29 13:18:46 2014] <gdsfh> But I don't have information about "wcur2 = wnew".  Maybe I should implement passing "world" by different means, not by chaining functions, to get such equalities?
[Fri Aug 29 13:19:41 2014] <vanila> gdsfh, why don't you use a monad?
[Fri Aug 29 13:20:36 2014] <gdsfh> vanila: because it won't simplify anything.  Terms will be not simpler than with naive approach.
[Fri Aug 29 13:21:27 2014] <vanila> gdsfh, I don't think that's true, if you use a monad you can also reason monadically
[Fri Aug 29 13:22:20 2014] <vanila> anyawy if you beta reduce, it will substitute wcur2 in
[Fri Aug 29 13:22:29 2014] <vanila> try red. or simpl. or something like that?
[Fri Aug 29 13:23:03 2014] <flergs> vanila: is it possible to prove that |R| > |N0| using coq?
[Fri Aug 29 13:23:22 2014] <gdsfh> vanila: what my monad should look like?  I have not only one "reference" to get/set, there are lot of them, so it's not a State monad.
[Fri Aug 29 13:24:48 2014] <gdsfh> vanila: it doesn't substitute wcur2 when I have hypotheses I cited: there is no body in wcur2, only type.  Also these tactics doesn't work, checked it now.
[Fri Aug 29 13:26:30 2014] <vanila> how about beta reducing it by hand inside refine?
[Fri Aug 29 13:32:19 2014] <gdsfh> vanila: my notations look like this: https://gist.github.com/gdsfh/d81011e4a26900f13287 , can't imagine such beta reducing.  But it seems the whole approach is wrong.
[Fri Aug 29 13:32:38 2014] <vanila> I see
[Fri Aug 29 13:32:48 2014] <vanila> you could always pass in an equality proof
[Fri Aug 29 13:33:24 2014] <vanila> (fun wcur2 (e : wcur2 = wnew) =>) wcur2 (eq_refl _)
[Fri Aug 29 13:33:47 2014] <vanila> it's not clear to me whether this will cause issues later on though, it's nice to avoid if possible
[Fri Aug 29 13:35:33 2014] <gdsfh> tried this, failed.  Because wnew is not available inside notation.  Also tried (fun wcur wold (e : wcur = wold) => ..) to chain equalities (in hope that Coq will pass bodies in equality type), but it doesn't work.
[Fri Aug 29 14:57:32 2014] <flerx> what does 'reflexivity.' actually do? I'm having trouble understanding this
[Fri Aug 29 14:58:18 2014] <flerx> im trying to prove 'forall n :nat, O + n = n.'
[Fri Aug 29 14:58:58 2014] <flerx> the book im reading says 'intros n. reflexivity. Qed.' but I don't understand what it does to construct a 'proof'
[Fri Aug 29 14:58:59 2014] <flerx> ?
[Fri Aug 29 14:59:30 2014] <Ptival> flerx: it just applies the eq_refl constructor of the eq type, which basically means comparing the normal forms both sides of the equality
[Fri Aug 29 15:00:39 2014] <flerx> Ptival: what is eq_refl?
[Fri Aug 29 15:01:09 2014] <flerx> when I do
[Fri Aug 29 15:01:19 2014] <Ptival> flerx: the constructor of the equality type, you haven't seen that yet but equality is "just" defined as an inductive type
[Fri Aug 29 15:02:11 2014] <Ptival> to keep it simple, here Coq checks whether "0 + n" and "n" are computationally equal, and it finds that they are because "0 + n" reduces to "n"
[Fri Aug 29 15:02:48 2014] <Ptival> if you do "intros n. unfold plus. simpl." you will see why reflexivity holds
[Fri Aug 29 15:03:34 2014] <flerx> Ptival: what does the 'reflexivity' and 'intros' add? Can't it check it based on the sentence 'forall n : nat, 0 + n = n' ?
[Fri Aug 29 15:04:19 2014] <flerx> I have a feeling that the intros and reflexivity are required, but I dont understand why
[Fri Aug 29 15:05:47 2014] <flerx> Ptival: doesnt it determine to check that '0 + n' and 'n' are the same based on the equal sign in the theorem?
[Fri Aug 29 15:07:25 2014] <flerx> Oh I see that '0 n' gets reduced to 'n' in the 'unfold plus'
[Fri Aug 29 15:08:22 2014] <flerx> So it doesn't actually determine how to prove anything itself?
[Fri Aug 29 15:08:46 2014] <flerx> it performs some transformations on the sentence of the theorem based on the proof steps?
[Fri Aug 29 15:08:53 2014] <flerx> Ptival: ?
[Fri Aug 29 15:12:16 2014] <Ptival> flerx: it doesn't do anything until you tell it to
[Fri Aug 29 15:12:48 2014] <Ptival> so at the beginning you pretend "I will prove that the statement forall n, 0 + n = n is true"
[Fri Aug 29 15:13:05 2014] <flerx> okay
[Fri Aug 29 15:13:13 2014] <Ptival> then you tell it "put that n in context" using intro
[Fri Aug 29 15:13:39 2014] <flerx> what does 'put that n in context' mean?
[Fri Aug 29 15:13:43 2014] <Ptival> now you have a n, and you need to prove that for this particular n, "0 + n = n"
[Fri Aug 29 15:14:50 2014] <Ptival> it just means that you have fixed a name for this arbitrary number
[Fri Aug 29 15:15:20 2014] <flerx> Ptival: btw ' intros n. unfold plus. simpl. Qed. says 'Error: attempt to save and incomplete proof.'
[Fri Aug 29 15:15:27 2014] <Ptival> kinda like if you want to prove that "all natural numbers are something", you start by saying "let's pick a number and name it n"
[Fri Aug 29 15:15:44 2014] <Ptival> flerx: you still need the "reflexivity." at the end
[Fri Aug 29 15:15:50 2014] <flerx> oh
[Fri Aug 29 15:16:16 2014] <flerx> so what does 'unfold plus' do?
[Fri Aug 29 15:16:52 2014] <Ptival> actually you don't need the simpl, my bas
[Fri Aug 29 15:16:57 2014] <Ptival> bad*
[Fri Aug 29 15:17:29 2014] <Ptival> "unfold plus" unfolds the definition of the plus function (the + is a notation for the plus function)
[Fri Aug 29 15:18:00 2014] <flerx> so it evaluates all of the 'plus' invocations in the proposition?
[Fri Aug 29 15:19:28 2014] <flerx> or not 'evaluates' but replaces '0 + n' with the definition of plus for that pattern?
[Fri Aug 29 15:19:33 2014] <Ptival> yes
[Fri Aug 29 15:19:53 2014] <Ptival> and then realizing thath it knows the argument's value, it simplifies it
[Fri Aug 29 15:20:10 2014] <flerx> ah
[Fri Aug 29 15:20:19 2014] <flerx> so should the result of the proof steps be a boolean?
[Fri Aug 29 15:21:41 2014] <flerx> and reflexivity checks whether both sides of the '=' are the same?
[Fri Aug 29 15:21:48 2014] <flerx> like the actual strings are the same?
[Fri Aug 29 15:23:24 2014] <Ptival> no, it checks that the terms are convertible according to the rules of the calculus, which is bit more general than just checking the strings are the same
[Fri Aug 29 15:23:30 2014] <ianjneu> flerx: more than textual equality, it normalizes both terms and compares them for structural equality (names are canonicalized in term representation)
[Fri Aug 29 15:23:37 2014] <Ptival> and there is no boolean here
[Fri Aug 29 15:24:15 2014] <flerx> so what is the result of 'reflexivity.' why does it 'complete' the proof?
[Fri Aug 29 15:24:16 2014] <Ptival> in this particular case it happens that they reduce to exactly the same term
[Fri Aug 29 15:24:56 2014] <Ptival> reflexivity asks the system to check whether the two sides are compatible
[Fri Aug 29 15:25:18 2014] <Ptival> if they are, then the system knows how to build the proof
[Fri Aug 29 15:25:30 2014] <flerx> Ah
[Fri Aug 29 15:25:48 2014] <flerx> so whats the point of intros? I just changed the proof to just 'reflexivity.' and it works
[Fri Aug 29 15:40:34 2014] <flerx> ?
[Fri Aug 29 15:44:05 2014] <flerx> Ptival: does the intros change anything in this case?
[Fri Aug 29 15:48:55 2014] <flerx> ianjneu: can you explain what the purpose of 'intros n' here is?
[Fri Aug 29 16:00:36 2014] <ianjneu> intros constructs a function for the proof term, so if you have a goal A -> B, the proof is going to be a function from A to B. If you intro H, then you are in the body of a function (lambda H: A => [Goal]) where Goal is now to construct B, given the additional hypothesis.
[Fri Aug 29 16:01:35 2014] <ianjneu> with no arguments, intros will introduce as many things as it can, using Coq's naming conventions.
[Fri Aug 29 16:08:20 2014] <flerx> ianjneu: so its only useful where there is an '->' ?
[Fri Aug 29 16:12:11 2014] <flerx> ianjneu: because the book im reading says i need 'intros n. reflexivity.' to prove 'forall n, 0 + n = n.' but just 'reflexivity.' also works
[Fri Aug 29 16:12:46 2014] <flerx> 'forall n: nat, O + n = n.' *
[Fri Aug 29 16:16:23 2014] <gdsfh> flerx: you'll understand what is "intros" later; my advice is to continue reading the book.  Anyway, take a look at the goal and hypotheses before and after "intro n".
[Fri Aug 29 16:16:48 2014] <flerx> oh okay
[Fri Aug 29 16:52:43 2014] <Ptival> flerx: http://paste.awesom.eu/mpXO you don't need to understand this just yet, but you can see a more step by step view of what happens underneath
[Fri Aug 29 16:53:23 2014] <Ptival> it turns out that the reflexivity tactic has been beefed up so that it performs all of those steps, so that's why it seems to you like they are unneeded/optional
[Fri Aug 29 16:53:33 2014] <Ptival> but really they still happen under the covers
[Fri Aug 29 16:53:44 2014] <flerx> ah i see
[Fri Aug 29 16:53:46 2014] <flerx> thanks
[Fri Aug 29 16:53:48 2014] <Ptival> at least morally
[Fri Aug 29 17:17:05 2014] <napping> Are Coq parameterized modules applicative?
[Fri Aug 29 17:20:19 2014] <napping> Starting with module types A and B, and a Module B_from_A(MA : A) : B
[Fri Aug 29 17:20:46 2014] <napping> I've also got some parameterized module types of properties, GoodA (MA : A) and GoodB (MB : A).
[Fri Aug 29 17:22:01 2014] <napping> I'd like to write a parameterized module with a signature like (MA : A) (MAGood : GoodA A) : GoodB (B_from_A MA)
[Fri Aug 29 17:22:27 2014] <napping> but I don't even know a legal way to declare that, getting "Error: Application of modules is restricted to paths"
[Fri Aug 29 17:49:30 2014] <napping> Hello again. Did I miss any suggestions?
[Fri Aug 29 18:20:49 2014] <osa1> my attempt to define cardinality has failed http://lpaste.net/110217
[Fri Aug 29 18:34:30 2014] <jrw> osa1: one way would be [dependent destruction e]
[Fri Aug 29 18:34:40 2014] <jrw> you have to [Require Import Program.] first
[Fri Aug 29 18:43:05 2014] <osa1> jrw: I can't use first [exists] if I import Program
[Fri Aug 29 18:44:15 2014] <jrw> osa1: that's weird. I imported it after that exists and things work :p
[Fri Aug 29 18:45:21 2014] <vanila> I tried doin that with Program but Print Assumptions shows that it uses an extra axiom
[Fri Aug 29 18:45:35 2014] <vanila> is there a way to tell Program not to use any extra axioms?
[Fri Aug 29 18:48:02 2014] <jrw> no, it's fundamental to the approach
[Fri Aug 29 18:48:27 2014] <jrw> [dependent destruction] uses the axiom that JMeq implies propositional equality.
[Fri Aug 29 18:48:51 2014] <vanila> that's a shame, there's a way to prove this without axioms - it's just really hard without automation
[Fri Aug 29 19:18:18 2014] <napping> should goals like x = eq_rect _ _ x _ H be provable?
[Fri Aug 29 19:19:02 2014] <jrw> napping: usually iff the type has decidable quality
[Fri Aug 29 19:20:23 2014] <napping> I do, but how do I take advantage of that?
[Fri Aug 29 19:20:55 2014] <napping> Isn't it some kind of foundational issue about the model of =?
[Fri Aug 29 19:22:25 2014] <vanila> there's an axiom with computation rules that could be added to Coq which would completely solve all these difficulties with pattern matching and equality proofs
[Fri Aug 29 19:22:45 2014] <vanila> it's just that Coq doesn't have this so we're stuck using axioms and difficult workarounds
[Fri Aug 29 19:23:37 2014] <napping> Is there any model where x can differ from an eq_rect on x?
[Fri Aug 29 19:24:55 2014] <jrw> napping: see Eqdep_dec.eq_rect_eq_dec
[Fri Aug 29 19:26:16 2014] <vanila> napping, there's some homotopy stuff a fields medalist is working on that contradicts uniqueness of equality proofs
[Fri Aug 29 19:26:20 2014] <jrw> napping: re:models, I think so, yes. in hott for example, intuitively eq_rect over a univalence path should apply the equivalence to its argument. if you give it a non-identity equivalence, then that could happen.
[Fri Aug 29 19:29:19 2014] <jrw> osa1: http://lpaste.net/110226 <- here's a proof without axioms.
[Fri Aug 29 19:30:08 2014] <vanila> nice proof jrw! mine was blowing up much more complex
[Fri Aug 29 19:30:30 2014] <jrw> thanks. it was harder than I expected.
[Fri Aug 29 19:30:53 2014] <jrw> that match annotation...
[Fri Aug 29 19:30:54 2014] <napping> vanila: but it leaves my goal intact - H itself should be/lift to a path from x to the eq_rect
[Fri Aug 29 19:31:18 2014] <napping> jrw: thanks, that's exactly what I needed, I'll have to see how it works.
[Fri Aug 29 19:31:38 2014] <napping> jrw: but in hott the goal is still true because the outer = is satisfiable by a path instead of just equality on the nose
[Fri Aug 29 19:32:07 2014] <napping> well, except the quality may be a parameter to the type function, but it probably ought to lift?
[Fri Aug 29 19:32:19 2014] <jrw> no, that's not true in general.
[Fri Aug 29 19:34:56 2014] <vanila> napping, sorry I don't understand
[Fri Aug 29 19:37:56 2014] <napping> If there are multiple equailty proofs that H could be, then you can prove x = eq_rect _ _ x _ H in multiple ways anyway
[Fri Aug 29 19:41:51 2014] <vanila> but basically you can't do much proving about equality proofs and similar data types with dependent indices
[Fri Aug 29 19:46:13 2014] <napping> oh, except eq_rce
[Fri Aug 29 19:46:29 2014] <napping> eq_rect is dealing with a path between types, not points in a single type
[Sat Aug 30 09:27:30 2014] <kba_> I'm very new to Coq and I'm struggling to understand how plus_assoc works. Is there some other documentation than http://coq.inria.fr/library/Coq.Arith.Plus.html? All it says is:
[Sat Aug 30 09:27:33 2014] <kba_> Lemma plus_assoc : forall n m p, n + (m + p) = n + m + p.
[Sat Aug 30 09:27:59 2014] <kba_> which may be sufficient if you have a general understanding of Coq, but it confuses me
[Sat Aug 30 09:28:13 2014] <kba_> how would I use it?
[Sat Aug 30 09:28:48 2014] <kba_> to prove that the parentheses in addition don't matter
[Sat Aug 30 09:59:32 2014] <gdsfh> kba_: you can use this lemma to rewrite additions.  tactic is "rewrite plus_assoc".  you can rewrite "n + (m + p)" in goal and in hypotheses, also you can rewrite both forth and back.
[Sat Aug 30 10:01:32 2014] <gdsfh> kba_: as for "how to prove that parentheses don't matter" -- take expression with them, use rewrite to rewrite all occurences of "(x + y) + z" into "x + y + z", and you'll get syntactically equal expressions, then tactic "reflexivity" proves that they are equal.
[Sat Aug 30 10:02:19 2014] <kba_> gdsfh: thanks, I actually managed to do it somewhat, but the syntax still confuses me. For instance, if I have an expression `c + (a + b) + d`, I can't figure out how to rewrite it. I'd assume if I did: `rewrite <- (plus_assoc c (a + b)).`
[Sat Aug 30 10:02:41 2014] <kba_> then it would see that c + (a + b) is the same as c + a + b and thus remove the paranthesis
[Sat Aug 30 10:02:57 2014] <kba_> but instead it just puts d in the paranthesis, c + (a + b + d)
[Sat Aug 30 10:03:44 2014] <kba_> gdsfh: I managed to use reflexivity, but I don't fully understand how I can just do that. (Has reflexitivity been proven in the arithemtic library?)
[Sat Aug 30 10:04:41 2014] <gdsfh> kba_: when I have goal "c + (a + b) + d = c + a + b + d", simple "rewrite plus_assoc" gives syntactically equal expressions.
[Sat Aug 30 10:04:57 2014] <mads-> I believe you write reflixivity when both sides of the equality is the same
[Sat Aug 30 10:05:19 2014] <mads-> So you want to rewrite your expressions using axioms or theorems you know hold
[Sat Aug 30 10:05:34 2014] <kba_> mads-: yes, I know, and the property that x = x is reflexitivity, but I just find it odd that I need to tell it to use that property
[Sat Aug 30 10:05:49 2014] <kba_> unless reflexitivity isn't always available
[Sat Aug 30 10:06:07 2014] <gdsfh> reflexivity == "if we have goal A = B, and both A and B, when normalized, are equal, then the proof of this goal can be constructed automatically".
[Sat Aug 30 10:06:11 2014] <kba_> gdsfh: ah, I see. But what is it a syntactic sugar for?
[Sat Aug 30 10:06:32 2014] <gdsfh> which sugar exactly?
[Sat Aug 30 10:06:35 2014] <kba_> how would I write out `rewrite plus_asoc`
[Sat Aug 30 10:06:39 2014] <kba_> doing that is sort of cheating, I feel
[Sat Aug 30 10:06:50 2014] <kba_> I want to know which arguments I should have given plus_assoc to do it manually
[Sat Aug 30 10:07:04 2014] <vanila> rewrite (plus_assoc x y)
[Sat Aug 30 10:07:19 2014] <vanila> reflexivity isn't just for numbers but it proves that any two values of any type are equal by applying a constructor called eq_refl
[Sat Aug 30 10:07:24 2014] <gdsfh> not a cheating too much.  It searches for expressions of given structure.
[Sat Aug 30 10:07:28 2014] <kba_> vanila: yes, but I can't figure out what x and y is in this context
[Sat Aug 30 10:07:37 2014] <vanila> do Check plus_assoc.
[Sat Aug 30 10:07:57 2014] <vanila> and then you can see what sort of pattern it has
[Sat Aug 30 10:07:59 2014] <kba_> I have, it says
[Sat Aug 30 10:08:01 2014] <kba_> plus_assoc: : forall n m p : nat, n + (m + p) = n + m + p
[Sat Aug 30 10:08:19 2014] <vanila> so what about rewrite (plus_assoc c a b)?
[Sat Aug 30 10:09:00 2014] <kba_> oh... the problem was with the arrow
[Sat Aug 30 10:09:14 2014] <kba_> I used `rewrite <-` and I should have used `->`
[Sat Aug 30 10:09:20 2014] <kba_> thanks, just `c a b` actually works
[Sat Aug 30 10:10:01 2014] <kba_> could I do it using `rewrite ->`?
[Sat Aug 30 10:10:43 2014] <mads-> rewrite -> takes from n + (m + p) form to n + m + p form
[Sat Aug 30 10:10:49 2014] <mads-> And <- does it the other way around
[Sat Aug 30 10:11:34 2014] <mads-> So given an expression like a + b + c you can't really rewrite using ->
[Sat Aug 30 10:12:05 2014] <kba_> right, that's what I assumed. So when I say `rewrite -> (plus_assoc c a b).`, I say "I want to arrive at `c a b`". So shouldn't I be able to say something like "I have `c + (a + b) + d`", now rewrite this
[Sat Aug 30 10:12:07 2014] <gdsfh> kba_: try to use as much automation as you can, otherwise it will be boring soon.
[Sat Aug 30 10:12:13 2014] <kba_> using -> then?
[Sat Aug 30 10:13:31 2014] <kba_> gdsfh: I just feel like I need a basic understanding of what is happening behind the scenes before I start taking shortcuts
[Sat Aug 30 10:13:41 2014] <kba_> otherwise I'll soon finding myself solving harder problems, but with less understanding
[Sat Aug 30 10:14:01 2014] <kba_> I think...
[Sat Aug 30 10:16:20 2014] <gdsfh> kba_: really.  But when you are learning Coq, think about automation.  For example, "ok, here I can use just 'rewrite plus_assoc'...".
[Sat Aug 30 10:16:20 2014] <mads-> kba_: silly question: Is this school work?
[Sat Aug 30 10:16:33 2014] <kba_> mads-: it is for a course, yes :)
[Sat Aug 30 10:17:53 2014] <kba_> is this not allowed in herE?
[Sat Aug 30 10:18:28 2014] <mads-> I was just asking because it sounds a bit like what I have as school work as well ;)
[Sat Aug 30 10:18:42 2014] <kba_> Olivier Danvy?
[Sat Aug 30 10:19:00 2014] <mads-> Yeah
[Sat Aug 30 10:19:16 2014] <kba_> :)
[Sat Aug 30 10:22:44 2014] <kba> but I'm having a hard time accepting that I can't rewrite `b + (d + c) + a` to `b d c a` using ->
[Sat Aug 30 10:24:01 2014] <mads-> If you use plus_comm on (b + (d + c)) a first
[Sat Aug 30 10:24:19 2014] <mads-> Then you can use plus_assoc a b (d + c)
[Sat Aug 30 10:24:22 2014] <mads-> Both with ->
[Sat Aug 30 10:28:00 2014] <kba> You want me to perform `rewrite -> (plus_assoc a b (d + c)).` on `c + a + b + d = a + b + (d + c)´?
[Sat Aug 30 10:28:10 2014] <kba> because that isn't working
[Sat Aug 30 10:28:40 2014] <kba> with `rewrite -> (plus_assoc (a + b) (d + c)).`, I get `Error: Found no subterm matching "a + b + (d + c + ?2050)" in the current goal.`
[Sat Aug 30 10:28:48 2014] <kba> these ?nnn always confuses me
[Sat Aug 30 10:29:08 2014] <mads-> plus_assoc takes three arguments
[Sat Aug 30 10:29:24 2014] <mads-> And you gave it two
[Sat Aug 30 10:29:41 2014] <kba> I started with: rewrite -> (plus_assoc a b (d + c)).
[Sat Aug 30 10:30:44 2014] <kba> Right now I have `c + a + b + d = a + b + (d + c)`. That's the thing. To get there, I used `rewrite -> (plus_assoc a b (d + c)).`.
[Sat Aug 30 10:30:55 2014] <kba> but I'm not sure how to move forward from here.
[Sat Aug 30 10:31:11 2014] <mads-> It's mixed_a, right?
[Sat Aug 30 10:31:14 2014] <vanila> why don't you use the ring. tactic
[Sat Aug 30 10:31:22 2014] <kba> mads-: yes
[Sat Aug 30 10:31:36 2014] <vanila> it will automatically do associativity and symmetry and things
[Sat Aug 30 10:32:07 2014] <kba> vanila: I want to learn the basics before I use automation
[Sat Aug 30 10:32:25 2014] <kba> but thanks for the suggestion! I'll keep that in mind in the future... once I undersatnd it
[Sat Aug 30 10:33:13 2014] <vanila> ok that's a good idea too :)
[Sat Aug 30 10:34:28 2014] <mads-> I can't even start with rewrite -> (plus_assoc a b (d + c)). on mine
[Sat Aug 30 10:34:52 2014] <kba> rewrite -> (plus_assoc c a b). rewrite -> (plus_comm (b + (d + c)) a). rewrite -> (plus_assoc a b (d + c)).
[Sat Aug 30 10:35:54 2014] <kba> I just want to do `rewrite -> (plus_assoc b (d + c)).`, basically.
[Sat Aug 30 10:36:23 2014] <kba> I have `a + b + (d + c)`, so I want `b + (d + c)` to transform into `b + d + c`
[Sat Aug 30 10:36:36 2014] <kba> which seems to be exactly what plus_assoc does: n + (m + p) = n + m + p.
[Sat Aug 30 10:37:03 2014] <kba> but it won't let me because of the a, it seems
[Sat Aug 30 10:37:23 2014] <kba> ah! I figured it out. rewrite -> (plus_assoc (a + b) d c).
[Sat Aug 30 10:43:20 2014] <kba> mads-: do you know how I can tell Coq to perform the operation on the right-hand side of the equation? I'm trying to perform `rewrite -> (plus_comm d c).` on `c + a + b + d = a + b + d + c`, but I'm told "Error: Found no subterm matching "d + c" in the current goal."
[Sat Aug 30 10:43:31 2014] <kba> even though `d + c` is clearly on the right-hand side
[Sat Aug 30 10:44:18 2014] <mads-> kba you just have to find the right term
[Sat Aug 30 10:44:33 2014] <mads-> and remember that Coq isn't totally verbose with parantheses.
[Sat Aug 30 10:44:47 2014] <mads-> So look at your original expression and deduce if you are missing any from the screen
[Sat Aug 30 15:47:48 2014] <chirpsalot> Wooo. I proved length_snoc''', guess I just needed a break. Dunno why that was so hard for me XD.
[Sat Aug 30 16:04:43 2014] <chirpsalot> I swear no matter what I was doing 'n' wasn't being generalized... I think my ProofGeneral is buggy -- it is crashing a lot.
[Sat Aug 30 16:10:23 2014] <chirpsalot> I have had a few times where it isn't sending stuff properly to and from coq -- so maybe that's what's happening. That or I REALLY confused myself (likely).
[Sat Aug 30 16:14:48 2014] <elarnon> chirpsalot: are you using the CVS version of ProofGeneral?
[Sat Aug 30 16:15:08 2014] <chirpsalot> elarnon: nope, whatever was in Fedora 20's repositories.
[Sat Aug 30 16:15:40 2014] <elarnon> oh, ok
[Sat Aug 30 16:16:00 2014] <elarnon> I found the CVS version to have similar bugs as you described, while the last released version works fine for me
[Sat Aug 30 16:16:12 2014] <chirpsalot> When I was on NixOS using the nix version I didn't have any problems.
[Sat Aug 30 16:16:31 2014] <chirpsalot> elarnon: who knows, maybe the fedora version is the CVS version.
[Sat Aug 30 16:18:10 2014] <chirpsalot> elarnon: good to know I might not be crazy ;).
[Sat Aug 30 16:19:00 2014] <elarnon> yeah, I would suggest installing another version manually
[Sat Aug 30 16:19:36 2014] <chirpsalot> elarnon: yeah. I have been meaning to install the nix version again since I had no problem with it -- just haven't gotten around to it yet.
[Sat Aug 30 16:19:40 2014] <elarnon> if you're having the same kind of troubles I had with the CVS version, it can't possibly get worse
[Sat Aug 30 16:22:11 2014] <chirpsalot> elarnon: ironic that the IDE for the proof assistant is buggy.
[Sat Aug 30 16:31:55 2014] <elarnon> yeah, emacs should support gallina scripting
[Sat Aug 30 16:32:12 2014] <elarnon> not sure what you could prove about it though
[Sat Aug 30 16:32:15 2014] <chirpsalot> elarnon: I want a new editor built with coq ;).
[Sat Aug 30 16:32:42 2014] <chirpsalot> elarnon: you could prove that transformations on text are correct?
[Sun Aug 31 20:56:40 2014] <Erraunt> Hi. How pattern match on even and odd numbers seperatelly ?
[Sun Aug 31 21:11:18 2014] <ijp> there is even_odd_dec in Coq.Arith.Even
[Sun Aug 31 21:11:42 2014] <Erraunt> ijp: thanks
[Sun Aug 31 21:12:30 2014] <ijp> you can match (even_odd_dec n) and check for the sumbool constructors left and right.
[Sun Aug 31 21:12:54 2014] <Erraunt> ijp: figured that out
[Sun Aug 31 22:17:13 2014] <chirpsalot> Huh. Neat. Hadn't thought about that stuff yet.
[Mon Sep  1 01:56:12 2014] <mgomezch> hi!  beginner here.  just out of curiosity: is there a way to do something like what the simpl tactic does (which in my naive understanding is apply whatever beta-reductions it finds it can apply), but specifying precisely what reductions to apply where?
[Mon Sep  1 01:57:44 2014] <mgomezch> like, in the middle of the proof of an equality, I want to reduce some function application on the left side of the equality that says «foo bar baz», but specifying explicitly «use the definition of foo», or even «use the definition of foo on the left hand side».
[Mon Sep  1 01:58:20 2014] <mgomezch> not that it’s *necessary* — simpl knows what to do.  just wondering if these things *can* be further specified.
[Mon Sep  1 01:59:30 2014] <vanila> i think unfold foo at 1. or simpl foo. will do that. there's also "change" which lets you replace the goal with anything equivalent.
[Mon Sep  1 01:59:51 2014] <mgomezch> oh neat, I’ll try those (: thanks!
[Mon Sep  1 09:07:20 2014] <gdsfh> mgomezch: see also "cbv" tactic.
[Mon Sep  1 15:00:54 2014] <ianjneu> is there a library already out there for heterogeneous maps?
[Mon Sep  1 15:01:12 2014] <ianjneu> Basically I want finite partial pi types.
[Mon Sep  1 19:31:47 2014] <chirpsalot> The classical axioms equivalence exercise in SF is kind of painful :P. Maybe I am doing it wrong.
[Mon Sep  1 19:33:04 2014] <jrw> chirpsalot: those require a lot of thinking, but they end up being not too long.
[Mon Sep  1 19:40:26 2014] <chirpsalot> jrw: I have got MOST of the implications done.
[Mon Sep  1 19:40:43 2014] <chirpsalot> Just need like one or two more to finish the loop.
[Mon Sep  1 19:41:00 2014] <jrw> chirpsalot: might I suggest working on paper if you're stuck. in the case of this particular exercise, I found that to be helpful.
[Mon Sep  1 19:41:21 2014] <chirpsalot> With excluded middle I am just... Baffled about where to start. It's useless on the left hand side.
[Mon Sep  1 19:41:29 2014] <chirpsalot> jrw: yeah. I'm taking a break now.
[Mon Sep  1 19:42:09 2014] <chirpsalot> Just took a break and bashed my head against it some more and made progress :). Stuck again, but that will probably fix itself up once I start again. Started doing things on paper, because blech.
[Mon Sep  1 19:42:31 2014] <chirpsalot> Significant ramp up in difficulty from the rest of SF thus far :P. Guess that's what 5 stars means ;).
[Tue Sep  2 03:35:56 2014] <Ainieco> chirpsalot: ha-ha, stuck on peirce -> classic too, lhs looks useless indeed, haven't gave it much time yet tho
[Tue Sep  2 03:37:40 2014] <Ainieco> can unify lhs with anything...
[Tue Sep  2 03:41:23 2014] <Ainieco> currently ended up with this http://lpaste.net/6827390183927709696
[Tue Sep  2 03:47:20 2014] <Ainieco> can't unify*
[Tue Sep  2 03:56:43 2014] <Ainieco> why can't i apply H to H0? it looks like ((P -> Q) -> P) part of H should unify with (P -> False) -> False to me
[Tue Sep  2 03:56:55 2014] <Ainieco> but coq tells me that it can't unify it
[Tue Sep  2 03:57:02 2014] <Ainieco> why?
[Tue Sep  2 04:07:31 2014] <elarnon> well P is not False
[Tue Sep  2 04:07:36 2014] <Ainieco> ah, because of P <> False.
[Tue Sep  2 04:07:41 2014] <Ainieco> yeah, silly me
[Tue Sep  2 04:10:07 2014] <Ainieco> elarnon: is it a dead end i pasted earlier?
[Tue Sep  2 04:16:28 2014] <Ainieco> elarnon: i mean http://lpaste.net/6827390183927709696
[Tue Sep  2 04:35:09 2014] <elarnon> not sure, i don't really remember the exact proof for this implication
[Tue Sep  2 04:35:25 2014] <elarnon> i also don't really have time to look into it deeper right now unfortunately
[Tue Sep  2 04:37:41 2014] <elarnon> no that is wrong i think
[Tue Sep  2 04:40:11 2014] <elarnon> the [apply H0] is wrong
[Tue Sep  2 04:41:13 2014] <elarnon> that exercise is a perfect example of where mindlessly applying tactics videogame-like won't work btw ;-)
[Tue Sep  2 04:42:45 2014] <elarnon> Ainieco: ^
[Tue Sep  2 04:43:40 2014] <Ainieco> elarnon: got it, thanks for advice :)
[Tue Sep  2 11:02:02 2014] <prodolof> Can I ask some basic math questions in here (topology)?
[Tue Sep  2 11:07:56 2014] <Ainieco> wow, proved 'peirce -> classic'
[Tue Sep  2 11:08:19 2014] <Ainieco> it was so simple
[Tue Sep  2 11:11:31 2014] <Ainieco> http://media.tumblr.com/tumblr_m96p8uqB4M1rvw5pd.gif
[Tue Sep  2 13:16:08 2014] <prodolof_> intros 'grabs' some parts of a proposition and puts it into context of the proof, how do I know for sure which parts it will take and in what order?
[Tue Sep  2 13:16:52 2014] <alkabetz> It takes as many as it can without destructing them, and it assigns them names over which you don’t exactly have control.
[Tue Sep  2 13:17:53 2014] <alkabetz> Do you have a specific example you’re wondering about?
[Tue Sep  2 13:18:49 2014] <prodolof_> yeah alkabetz
[Tue Sep  2 13:19:36 2014] <prodolof_> 'forall (f : bool -> bool), (forall (x : bool), f x = x) -> forall (b : bool), f (f b) = b.'
[Tue Sep  2 13:20:39 2014] <prodolof_> alkabetz: it grabs f, H 'forall x : bool, f x = x', and b
[Tue Sep  2 13:20:50 2014] <alkabetz> Yep, I see that.
[Tue Sep  2 13:20:58 2014] <prodolof_> im confused about how/why its getting H, and why its not getting x
[Tue Sep  2 13:21:10 2014] <alkabetz> Ah, gotcha.
[Tue Sep  2 13:21:42 2014] <alkabetz> Hmm, do you know about Π types?  I can explain with or without. :)
[Tue Sep  2 13:21:51 2014] <prodolof_> No I dont
[Tue Sep  2 13:23:12 2014] <alkabetz> Okay.  So for now, whenever you see [forall X, Y], think of it as a function [X -> Y].
[Tue Sep  2 13:23:41 2014] <alkabetz> So think of the goal you’ve specified as [(f : bool -> bool) -> ((x : bool) -> f x = x) -> (b : bool) -> f (f b) = b].
[Tue Sep  2 13:23:55 2014] <alkabetz> Does that make sense so far?
[Tue Sep  2 13:24:03 2014] <prodolof_> yes
[Tue Sep  2 13:24:16 2014] <alkabetz> Okay.  Now, [intros] takes off everything before the last arrow, atomically.
[Tue Sep  2 13:24:37 2014] <alkabetz> So it takes off [f : bool -> bool], [(x : bool) -> f x = x], and [b : bool].  Does that make sense?
[Tue Sep  2 13:24:47 2014] <prodolof_> yes
[Tue Sep  2 13:25:02 2014] <alkabetz> Anything that has a name gets assigned that name in the context, and anything without gets one generated.
[Tue Sep  2 13:25:21 2014] <alkabetz> So [f] gets called [f], [b] gets called [b], and it makes up a name for [(x : bool) -> f x = x].
[Tue Sep  2 13:25:25 2014] <alkabetz> In this case, it picked [H].
[Tue Sep  2 13:25:45 2014] <alkabetz> What questions do you have about all this?
[Tue Sep  2 13:26:08 2014] <prodolof_> Why didn't it deconstruct H further?
[Tue Sep  2 13:26:17 2014] <prodolof_> like take out x ?
[Tue Sep  2 13:26:38 2014] <alkabetz> I’m not sure what the actual rationale for it is, but that’s the behaviour that [intros] has. :/
[Tue Sep  2 13:26:46 2014] <alkabetz> If you want to get out the [x], you can do [inversion H].
[Tue Sep  2 13:26:56 2014] <alkabetz> Oh, wait, that’s a lie
[Tue Sep  2 13:27:23 2014] <alkabetz> You can’t actually get the [x] out of [H].
[Tue Sep  2 13:27:24 2014] <ijp> prodolof_: because in some proofs you may want to instantiate the H with different kinds of x
[Tue Sep  2 13:27:57 2014] <alkabetz> prodolof_: Do you see why Coq won’t allow you to get the [x] out of [H]?
[Tue Sep  2 13:28:04 2014] <ijp> the function H is the argument, not H applied to a particular x
[Tue Sep  2 13:28:48 2014] <prodolof_> what i was thinking
[Tue Sep  2 13:28:56 2014] <prodolof_> is that x is 'internal' to H
[Tue Sep  2 13:29:04 2014] <prodolof_> is this right?
[Tue Sep  2 13:29:08 2014] <alkabetz> Yes, that’s exactly correct.
[Tue Sep  2 13:29:13 2014] <prodolof_> ah okay
[Tue Sep  2 13:29:14 2014] <prodolof_> thanks
[Tue Sep  2 13:29:24 2014] <alkabetz> You’re welcome.  Sorry about the confusion over [inversion] :)
[Tue Sep  2 13:30:48 2014] <prodolof_> but then it also seems like b is 'internal' to 'forall (b : bool), f (f b) = b'
[Tue Sep  2 13:31:55 2014] <prodolof_> does it go 'inside' the stuff after the last '->' ?
[Tue Sep  2 13:32:27 2014] <alkabetz> No.  Remember, [forall (b : bool), f (f b) = b] is really [(b : bool) -> f (f b) = b].
[Tue Sep  2 13:33:40 2014] <alkabetz> Let me get an exact idea of what you mean by ‘internal’.  Are you familiar with the terms ‘bound’ and ‘free?’
[Tue Sep  2 13:33:51 2014] <prodolof_> yes
[Tue Sep  2 13:34:11 2014] <prodolof_> it looks like x and b are both bound
[Tue Sep  2 13:34:22 2014] <alkabetz> Yes, but they’re bound to different scopes, so to speak.
[Tue Sep  2 13:35:13 2014] <alkabetz> [x] is bound in [f x = x], while [b] is bound in [f (f b) = b].
[Tue Sep  2 13:35:25 2014] <alkabetz> [x] is free in [f (f b) = b], though.
[Tue Sep  2 13:35:50 2014] <prodolof_> so its based on what is free in the last formula?
[Tue Sep  2 13:36:20 2014] <alkabetz> Correct.  The last formula is what you’re trying to prove, assuming all the formulæ that come before it.
[Tue Sep  2 13:37:08 2014] <prodolof_> hmm okay, ill have to think about this some more
[Tue Sep  2 13:37:18 2014] <prodolof_> thanks
[Tue Sep  2 13:37:29 2014] <alkabetz> That is, in P₁ -> ⋯ -> Pₓ -> Q, you assume P₁, …, Pₓ and try to show Q.
[Tue Sep  2 13:37:44 2014] <alkabetz> But you can’t assume any variables bound to any particular P to assume Q.
[Tue Sep  2 13:38:14 2014] <alkabetz> Maybe somebody else can better explain than I can. :/  In the meantime, you’re welcome. :)
[Tue Sep  2 13:38:33 2014] <prodolof_> alkabetz: so intros will take out all of the P_x and all of the variables from Q ?
[Tue Sep  2 13:38:47 2014] <alkabetz> Correct.
[Tue Sep  2 13:38:53 2014] <prodolof_> ah ok
[Tue Sep  2 13:39:07 2014] <alkabetz> Because secretly, [forall foo, bar] just means [foo -> bar]
[Tue Sep  2 13:39:29 2014] <prodolof_> ah
[Tue Sep  2 13:40:05 2014] <alkabetz> Coq won’t let you have free variables in the entire theorem; they have to be explicitly quantified (i.e., bound) at some point.
[Tue Sep  2 13:40:17 2014] <alkabetz> So you couldn’t prove, for instance, [x = x].
[Tue Sep  2 13:40:23 2014] <alkabetz> You’d need to say [forall x, x = x].
[Tue Sep  2 13:40:24 2014] <prodolof_> ah
[Tue Sep  2 13:40:58 2014] <alkabetz> You could do something like [Definition x := 5.  Goal x = x.] and prove that, but that would be kind of silly
[Tue Sep  2 13:41:23 2014] <alkabetz> Usually, when people see free variables, people’s brains implicitly universally quantify them.
[Tue Sep  2 13:41:49 2014] <prodolof_> ah i see
[Tue Sep  2 13:42:02 2014] <prodolof_> it makes sense now, thanks
[Tue Sep  2 13:42:24 2014] <alkabetz> Yay!  I’m glad I could help.
[Tue Sep  2 13:43:00 2014] <prodolof_> :)
[Tue Sep  2 13:46:12 2014] <chirpsalot> Classes are starting tomorrow! Hopefully I have enough Coq-chops to hack it in my "advanced group theory" class as planned :).
[Tue Sep  2 13:47:06 2014] <chirpsalot> I feel like even just having theorem searching will be incredibly useful.
[Tue Sep  2 13:59:27 2014] <prodolof_> whats the difference between Fixpoint and Definition?
[Tue Sep  2 13:59:35 2014] <alkabetz> Only [Fixpoint]s are allowed to be recursive.
[Tue Sep  2 14:00:05 2014] <prodolof_> ah okay
[Tue Sep  2 14:07:05 2014] <prodolof_> can I somehow define a simple fixpoint without using match?
[Tue Sep  2 14:07:33 2014] <chirpsalot> prodolof_: why would you want to?
[Tue Sep  2 14:08:00 2014] <prodolof_> I have a very simple function I want to define 'the successor of a number'
[Tue Sep  2 14:08:16 2014] <chirpsalot> prodolof_: you technically can, but it won't be recursive.
[Tue Sep  2 14:08:32 2014] <prodolof_> oh I dont need it to be recursive
[Tue Sep  2 14:08:41 2014] <chirpsalot> Then you don't need Fixpoint :).
[Tue Sep  2 14:08:42 2014] <prodolof_> I should use Define for non -recursive?
[Tue Sep  2 14:09:17 2014] <chirpsalot> Definition, yes.
[Tue Sep  2 14:09:47 2014] <prodolof_> ah yes that worked
[Tue Sep  2 14:09:58 2014] <prodolof_> so Fixpoint is only for recursive functions?
[Tue Sep  2 14:10:10 2014] <chirpsalot> I believe so.
[Tue Sep  2 14:10:22 2014] <prodolof_> wait, no Fixpoint also worked
[Tue Sep  2 14:10:30 2014] <prodolof_> I just had the wrong syntax
[Tue Sep  2 14:10:33 2014] <chirpsalot> I'm a bit of a newby too, so somebody more experienced may have a more rigorous thing to say about that.
[Tue Sep  2 14:10:37 2014] <alkabetz> You can use [Fixpoint] for nonrecursive functions; it’s just frowned upon.
[Tue Sep  2 14:11:05 2014] <chirpsalot> alkabetz: yeah, but any nonrecursive function can / should be in a definition :).
[Tue Sep  2 14:12:35 2014] <prodolof_> whats the reason that non-recursive functions should be in definition?
[Tue Sep  2 14:13:17 2014] <prodolof_> is it a style-type rule, or something to do with performance or correctness?
[Tue Sep  2 14:14:55 2014] <prodolof_> Is there a good online resource I can use to learn about pi-types?
[Tue Sep  2 14:17:00 2014] <prodolof_> Just out of curiosity, do the features of dependent types such as checking the length of a list require computations during runtime? Or can these things be checked during compile time?
[Tue Sep  2 14:17:05 2014] <ianjneu> prodolof_: it's style-driven only by the fact that it blocks some reductions. Coq doesn't have general recursion, so you have to use inductive or recursive type eliminators to perform "recursion."
[Tue Sep  2 14:17:19 2014] <prodolof_> ah okay
[Tue Sep  2 14:17:56 2014] <alkabetz> prodolof_: All checking is done at compile-time.
[Tue Sep  2 14:18:00 2014] <ianjneu> prodolof_: both. If you have a type-level list, you can check its length at typechecking time, but a runtime list you won't actually know what list you need to get the length of.
[Tue Sep  2 14:19:35 2014] <prodolof_> ianjneu: but this runtime list will not have a type that says it has to be length n right?
[Tue Sep  2 14:20:02 2014] <ianjneu> dependent types aren't indexed by values. They're indexed by terms.
[Tue Sep  2 14:20:50 2014] <Hodapp> ianjneu: what is the distinction?
[Tue Sep  2 14:21:00 2014] <ianjneu> length "n" is symbolic. You don't know what "n" is explicitly. It's a name. You have to perform manipulations based on proof, not arithmetic, to make sure these length indexes stay compatible.
[Tue Sep  2 14:22:48 2014] <ianjneu> It's not like I can call the length function on some identifier that simply stands for some list and have it tell me, "oh ya, the length of that thing is totally 'n'." That doesn't make sense.
[Tue Sep  2 14:23:39 2014] <ianjneu> Hodapp: A value is a ground term. There are no neutral terms in it (i.e. it doesn't have free names)
[Tue Sep  2 14:27:15 2014] <ianjneu> prodolof_: there are functions that can check the length of a list and coerce it into a length-indexed list, say foo : forall l : list A, vec A (length l). Or perhaps bar : forall (l : list A) (n : nat), option (vec A n).
[Tue Sep  2 14:29:09 2014] <ianjneu> foo would not perform a length computation at runtime or typechecking time, although it does construct a new list at runtime. The type you manipulate at compile time would have to involve proofs about the function length.
[Tue Sep  2 14:31:40 2014] <prodolof_> ianjneu: what im trying to understand is if it is possible to have certain conditions for all types checked at compile time, so for example you would never have to calculate these values at runtime
[Tue Sep  2 14:36:31 2014] <prodolof_> ianjneu: nvm, ignore what i asked, thanks
[Tue Sep  2 15:54:09 2014] <mads-> It seems that mult_comm can only be applied to n * m and not (mult n m). Is there a way to interchange between the two notations?
[Tue Sep  2 15:54:27 2014] <mads-> Or would I need to proof that mult n m = mult m n myself?
[Tue Sep  2 17:08:24 2014] <prodolof_> any good books on intuitionistic logic or constructivism?
[Tue Sep  2 17:11:01 2014] <prodolof_> is there a way I can look at what the inductive hypothesis is for a particular case? when i use the 'induction' tactic?
[Tue Sep  2 17:11:46 2014] <prodolof_> for example if I do "induction n as [| n']" how can I see what IHn' is ?
[Tue Sep  2 17:12:28 2014] <prodolof_> oh wait.. its showing it now.. weird
[Tue Sep  2 17:14:40 2014] <prodolof_> the coq documentation for tactics is a bit confusing at first because it uses a notation like 'eq term1 term2' instead of term1 = term2, is this because the '=' notation is a special 'Notation' defined to use 'eq'?
[Tue Sep  2 17:15:14 2014] <prodolof_> oh yeah, it seems like it
[Tue Sep  2 17:25:56 2014] <napping> I'm having a bit of trouble with implicit arguments. I have a constructor
[Tue Sep  2 17:26:02 2014] <napping>   | term : forall c1 c2, ExactTerm c1 -> subsort c1 c2-> Term c2.
[Tue Sep  2 17:26:45 2014] <napping> where any value in ExactTerm ends up with a particular result type, and subsort reduces to True if the relation holds
[Tue Sep  2 17:27:04 2014] <napping> I was hoping to be able to write (term .... I) while building concrete values
[Tue Sep  2 17:27:20 2014] <napping> but it seems c1 isn't filled in eagerly enough from the context
[Tue Sep  2 19:03:21 2014] <jrw> mads-: not sure if you figured it out, but '*' and 'mult' are the same thing ('*' is a notation for mult), so it should apply just fine. if you post code I can look at it.
[Tue Sep  2 19:22:27 2014] <Ptival> unless you locally redefined mult
[Tue Sep  2 19:22:58 2014] <Ptival> in which case mult_comm and * refer to Datatypes.mult
[Tue Sep  2 20:50:59 2014] <hcp_archonn> Hi! I've got a question about the "induction ... eqn:..." tactic. I have a pastie with the offending code: http://pastie.org/9522880
[Tue Sep  2 20:51:01 2014] <hcp_archonn> It feels like "eqn" is generating the equality at a dumb/wrong time. Has anyone else had problems with it?
[Tue Sep  2 21:14:27 2014] <jrw> hcp_archonn: what do you need 'eqn:' for there? I've only ever used 'eqn:' with destruct...
[Tue Sep  2 21:16:51 2014] <hcp_archonn> a friend of mine (the one who wrote the code (but not the final comments)) is going through software foundations, and has started to use "eqn:" as a sort of replacement to SF's "Case" tactic
[Tue Sep  2 21:17:53 2014] <jrw> hcp_archonn: I see. well it does indeed appear to be borked... that is a useless inductive hypothesis. may I susggest sticking with 'Case' ;)
[Tue Sep  2 21:30:34 2014] <hcp_archonn> the weirdest part is that, if "induction m ... eqn:Heq" behaved like "remember m as mr;generalize dependent mr;induction m ...;intros m Heq" (plus something to clean the induction hypothesis a little ), it'd work just fine
[Tue Sep  2 21:40:29 2014] <hcp_archonn> (actually, you have to generalize the old variable, and do induction on the new variable, as it seems coq replaces occurrences of the old variable by the new one)
[Wed Sep  3 02:52:04 2014] <mads-> jrw: Thanks. I think I made a mistake also. I think I applied mult_comm instead of rewriting with it. Might cause some trouble :)
[Wed Sep  3 02:52:52 2014] <jrw> mads-: yep, that would do it.
[Wed Sep  3 02:56:28 2014] <mads-> jrw: Something odd though. I had j*0 = 0 as my goal and then I did "apply (mult_comm j 0)" to which it seemed to have accepted my goal as solved. Why is that?
[Wed Sep  3 02:56:50 2014] <mads-> I just wanted to rewrite to 0*j = 0 because I had a proof for that
[Wed Sep  3 02:59:03 2014] <jrw> mads-: I'm not sure about this, but my guess is that when it tries to unify the conclusion of mult_comm with your goal it works left to right, so it realizes that m must be j and n must be 0, then it tries to unify the right side of the equality with 0*j, but it uses a little bit of normalization, so this is just 0, so it unifies.
[Wed Sep  3 02:59:30 2014] <jrw> otherwise in this situation you'd expect an error, since you meant to rewrite instead of apply.
[Wed Sep  3 03:00:22 2014] <mads-> OK, cool.
[Wed Sep  3 03:01:02 2014] <mads-> I'm not entirely into Coq yet, but it just seemed off it would just let me prove my goal without actually doing it correctly - I felt like I was missing a couple of steps
[Wed Sep  3 07:44:46 2014] <Rc43> Suppose I do "destruct x as [x1|x2]; destruct y as [y1|y2]" and get 4 goals (2 with 2 subgoals).
[Wed Sep  3 07:44:52 2014] <Rc43> I want to perform proofscript A for y1 and B for y2; both for each x_i.
[Wed Sep  3 07:44:54 2014] <Rc43> How to do it without copy-paste?
[Wed Sep  3 08:04:05 2014] <gdsfh> Rc43: wrap scripts into named tactics (Ltac A := ...), then "destructs... ; [A; B | A; B | A | B]."
[Wed Sep  3 08:06:25 2014] <Rc43> gdfsh, yep, it is possible, but I will lose context and also Ltac scripts will garbage global scope :/
[Wed Sep  3 08:08:45 2014] <Rc43> gdfsh, the least evil here would be tactic for "swapping" goals; like [a; b; a; b] -> [a; a; b; b]. Then I could use just "(try A); B".
[Wed Sep  3 08:09:14 2014] <Rc43> gdfsh, not sure if there is such tactic
[Wed Sep  3 08:16:11 2014] <Rc43> Maybe it is possible to perform trick with match.
[Wed Sep  3 09:06:31 2014] <gdsfh> Rc43: one more idea.  Use assert (A : hyps -> goal) to introduce local lemma from hypotheses to goal, then "destructs... | [apply A; apply B | ... | apply A | apply B]" (so each goal will be solved by apply and its light magic).  You can also use current context in these lemmas.
[Wed Sep  3 10:42:45 2014] <napping> This looks nice, but I don't see how to do it in Coq: http://gallium.inria.fr/blog/bove-reloaded/
[Wed Sep  3 10:43:35 2014] <napping> replacing the interpretation function with a datatype allows defining mu, but then there's trouble writing mapRun
[Wed Sep  3 11:42:39 2014] <schoppenhauer> hello. is there a possibility to get peano-style induction for N and Sets instead of Props, because Nind only supports Prop, and Nrec does not provide the proper cases.
[Wed Sep  3 11:45:23 2014] <schoppenhauer> ah
[Wed Sep  3 11:45:31 2014] <schoppenhauer> I applied peano_rec false. sorry.
[Wed Sep  3 11:45:35 2014] <schoppenhauer> s/false/wrong
[Wed Sep  3 11:45:39 2014] <schoppenhauer> nevermind.
[Wed Sep  3 15:33:44 2014] <chirpsalot> If I have ex_mid : forall P : Prop, P \/ ~ P in the context, is there any way to instantiate this with a specific P?
[Wed Sep  3 15:35:09 2014] <chirpsalot> I want to do inversion with P \/ ~P, but it seems unhappy about the "forall P" bit :P.
[Wed Sep  3 15:35:47 2014] <napping> you could destruct (ex_mid MyP)
[Wed Sep  3 15:35:56 2014] <napping> "specialize" specializes a hypothesis
[Wed Sep  3 15:36:11 2014] <chirpsalot> napping: :O
[Wed Sep  3 15:36:14 2014] <chirpsalot> DESTRUCT!
[Wed Sep  3 15:36:38 2014] <chirpsalot> napping: many thanks :)
[Wed Sep  3 15:37:20 2014] <chirpsalot> Now this is sooooo much easier :). Didn't know destruct worked like that for propositions(?)
[Wed Sep  3 15:37:38 2014] <napping> it works for any inductive type. I use it when I can
[Wed Sep  3 15:38:14 2014] <chirpsalot> napping: is "forall P : Prop, P \/ ~P" inductive?
[Wed Sep  3 15:38:21 2014] <chirpsalot> Oh, I guess ex_mid P is.
[Wed Sep  3 15:38:27 2014] <napping> no, but \/ is notation for something that is
[Wed Sep  3 15:38:27 2014] <chirpsalot> Huh.
[Wed Sep  3 15:38:33 2014] <chirpsalot> napping: yeah.
[Wed Sep  3 15:38:47 2014] <chirpsalot> napping: okay! That is where I was confused.
[Wed Sep  3 15:39:28 2014] <chirpsalot> I guess I didn't realize you could supply arguments to something like ex_mid?
[Wed Sep  3 15:39:40 2014] <napping> some things take terms
[Wed Sep  3 15:39:52 2014] <napping> also look up the specialize tactic, if you don't need the hypothesis for anything else
[Wed Sep  3 15:40:58 2014] <chirpsalot> napping: ah, yeah. Wasn't sure what to look up. I am following the SF book and trying not to look ahead too much (might cause me to not learn important stuff), but this exercise is from Coq'Art which I think might be where some of the confusion is -- needs a bit more.
[Wed Sep  3 16:08:16 2014] <chirpsalot> I have to say I really don't like all of the unicode in SF, ha.
[Wed Sep  3 16:08:43 2014] <chirpsalot> And sometimes other notations don't seem to work.
[Wed Sep  3 16:10:09 2014] <chirpsalot> For (~(x=y)) I wanted /= or something, but it complains about levels. Blech.
[Thu Sep  4 20:40:29 2014] <chirpsalot> Hmmm. In the relations chapter of SF: http://www.cis.upenn.edu/~bcpierce/sf/current/Rel.html
[Thu Sep  4 20:41:02 2014] <chirpsalot> It starts talking about things like next_nat, total_relation, and empty_relation which are supposedly defined in Logic.v
[Thu Sep  4 20:41:20 2014] <chirpsalot> But I see no such things in Logic.v... Does anybody know what this is referring to?
[Fri Sep  5 04:21:59 2014] <mads-> If I have 1 + n' = S n' in my goal where n' : nat, how do I show that?
[Fri Sep  5 04:28:29 2014] <roosbeef> simpl?
[Fri Sep  5 04:35:52 2014] <mads-> There is no rewrite to make it verbosely state that 1 + n' = 1 + n'?
[Fri Sep  5 05:28:50 2014] <keep_learning> Hello all
[Fri Sep  5 05:29:10 2014] <keep_learning> I am trying to prove a theorem from software foundations http://lpaste.net/110547
[Fri Sep  5 05:29:20 2014] <keep_learning> and stuck with goal
[Fri Sep  5 05:29:31 2014] <keep_learning> which I am not able to simplify.
[Fri Sep  5 05:29:48 2014] <keep_learning> could some one please give me some hint to solve this goal.
[Fri Sep  5 05:29:56 2014] <keep_learning> I am not looking for solution.
[Fri Sep  5 05:30:13 2014] <keep_learning> A hint would be great.
[Fri Sep  5 05:38:10 2014] <keep_learning> Thank you all. Finally proved it.
[Fri Sep  5 09:25:26 2014] <chirpsalot> mads-: induction?
[Fri Sep  5 10:30:16 2014] <keep_learning_> Hello everyone
[Fri Sep  5 10:30:27 2014] <keep_learning_> I am trying to prove
[Fri Sep  5 10:30:38 2014] <keep_learning_> Theorem dictionary_invariant1' : forall (d : dictionary) (k v: nat),   (find k (insert k v d)) = Some v.
[Fri Sep  5 10:30:43 2014] <keep_learning_> http://lpaste.net/110552
[Fri Sep  5 10:30:56 2014] <keep_learning_> My goal says (if beq_nat k k then Some v else find k d) = Some v
[Fri Sep  5 10:31:07 2014] <keep_learning_> so I want to rewrite ble_nat k k with true
[Fri Sep  5 10:31:24 2014] <keep_learning_> when I am trying to  use  apply ble_nat_refl.
[Fri Sep  5 10:31:39 2014] <keep_learning_> I am getting this error.
[Fri Sep  5 10:31:50 2014] <keep_learning_> Error: Impossible to unify "true = ble_nat ?2131 ?2131" with  "(if beq_nat k k then Some v else find k d) = Some v".
[Fri Sep  5 10:32:04 2014] <keep_learning_> Could some one please tell me how to solve this
[Fri Sep  5 10:34:40 2014] <jrw> keep_learning_: did you try rewrite instead of apply?
[Fri Sep  5 10:37:35 2014] <keep_learning> jrw: Thank you. Seems like I am applying wrong write.
[Fri Sep  5 10:40:54 2014] <keep_learning> jrw: Thank you!
[Fri Sep  5 10:44:27 2014] <osa1> I'm looking for tips&tricks to prove this: http://lpaste.net/110553 any ideas?
[Fri Sep  5 10:45:46 2014] <osa1> I'm trying to make my goal look like Permutation_swap but no luck so far ...
[Fri Sep  5 10:49:06 2014] <vanila> if you take n out to the start: Lemma replace_perm_head : forall n h t,
[Fri Sep  5 10:49:34 2014] <vanila> induction on n gives you a sufficiently general induction hypothesis that it's not that hard to get to Permutation (h0 :: t) (nth n t 0 :: replace t n h0) ==> Permutation (h :: n0 :: t) (nth n t 0 :: n0 :: replace t n h)
[Fri Sep  5 10:49:58 2014] <vanila> http://lpaste.net/110554
[Fri Sep  5 11:02:59 2014] <gdsfh> wow http://ocaml.org/meetings/ocaml/2014/ocaml2014_15.pdf
[Fri Sep  5 11:08:39 2014] <osa1> now I'm stuck at this [H : Permutation (h :: tt) (nth n' tt 0 :: replace tt n' h) |- Permutation (h :: th :: tt) (nth n' tt 0 :: th :: replace tt n' h)] I need a more general version of perm_cons.
[Fri Sep  5 11:17:52 2014] <osa1> is there a short version of [assert (a = b) as eq; .... rewrite eq.] ?
[Fri Sep  5 11:18:10 2014] <osa1> [assert (a = b) as eq; ... rewrite eq. clear eq.]
[Fri Sep  5 11:46:41 2014] <vanila> there's not but you could define this using ltac
[Fri Sep  5 13:08:24 2014] <osa1> how did that work? I could use rewrite on [H0 : Permutation (e :: a :: b) (a :: e :: b)]. like [rewrite <- H0].
[Fri Sep  5 13:12:38 2014] <osa1> documentation says "where eq is the Leibniz equality or a registered setoid equality."
[Fri Sep  5 13:12:54 2014] <osa1> is Permutation considered a leibniz equality?
[Fri Sep  5 13:15:40 2014] <ianjneu> no.
[Fri Sep  5 13:17:51 2014] <osa1> how did that work then?
[Fri Sep  5 13:39:39 2014] <ianjneu> likely a Proper instance that's congruent with the Permutation equivalence class.
[Fri Sep  5 13:46:55 2014] <osa1> Instance Permutation_Equivalence A : Equivalence (@Permutation A) <- this looks related
[Fri Sep  5 13:52:22 2014] <ianjneu> osa1: yes it's an equivalence, but you can only rewrite in positions that have Proper instances that state permutation equivalences are respected.
[Fri Sep  5 14:38:23 2014] <vanila> http://people.cs.kuleuven.be/~jesper.cockx/Without-K/Pattern-matching-without-K.pdf
[Fri Sep  5 14:38:34 2014] <vanila> might be of interest here
[Fri Sep  5 14:43:55 2014] <vanila> nice idea to allow full dependent pattern matching on types that do have "K" e.g. using K_Nat when appropriate
[Fri Sep  5 15:56:59 2014] <ianjneu> vanila: do you know what's up with some of the missing ICFP videos?
[Fri Sep  5 15:58:08 2014] <ianjneu> ah, it's not in the program, but the session video is at https://www.youtube.com/watch?v=4yCvTaw1nUg
[Fri Sep  5 18:04:22 2014] <osa1> is there a way to see what tactics did auto use?
[Fri Sep  5 18:07:01 2014] <gdsfh> osa1: "info_auto."
[Fri Sep  5 18:07:16 2014] <osa1> thanks
[Sat Sep  6 08:05:34 2014] <shouya> hi,
[Sat Sep  6 08:05:50 2014] <shouya> i had a struggling question.
[Sat Sep  6 08:06:09 2014] <shouya> when I say A is B, what do I mean in logic language?
[Sat Sep  6 08:06:19 2014] <shouya> do I mean B -> A or A <-> B?
[Sat Sep  6 08:08:40 2014] <Cale> shouya: "is" in English is a bit ambiguous, but if you want to express the idea that A and B are the same thing, then A <-> B
[Sat Sep  6 08:09:01 2014] <shouya> the point is i am not sure...
[Sat Sep  6 08:09:26 2014] <shouya> let me quote the text, wait a second..
[Sat Sep  6 08:09:44 2014] <shouya> A relation S is said to be a “correlator” or an “ordinal correlator” of two relations P and Q if S is one-one, has the field of Q for its converse domain, and is such that P is the relative product of S and Q and the converse of S.
[Sat Sep  6 08:09:52 2014] <shouya> here it is.
[Sat Sep  6 08:10:24 2014] <shouya> I'm not quite certain about this clause: "such that P is the relative product of S and Q and the converse of S"
[Sat Sep  6 08:10:41 2014] <Cale> That 'is' means =
[Sat Sep  6 08:11:56 2014] <shouya> since my relation is defined as Definition relation {X} := X -> X -> Prop, can I rewrite this clause as 'forall x y, P x y <-> relative_product (relative_product S Q) (converse S) x y'?
[Sat Sep  6 08:12:46 2014] <Cale> yeah, that seems right
[Sat Sep  6 08:13:24 2014] <shouya> But i got stuck with this definition when proving some theorem :(
[Sat Sep  6 08:14:02 2014] <shouya> Can I post the code?
[Sat Sep  6 08:15:48 2014] <shouya> http://lpaste.net/110595
[Sat Sep  6 08:16:39 2014] <shouya> following the book 'Intro to Math Philosophy', I defined two versions of 'similarity'.
[Sat Sep  6 08:17:02 2014] <shouya> and I got stuck while proving they're equivalence.
[Sat Sep  6 08:19:14 2014] <shouya> I'm totally confused on where I make the mistake(s) :(
[Sat Sep  6 12:33:31 2014] <osa1> I'm doing [pose proof A B C D] and what I get is like this: [1 < 2 -> H]. is there a way to generate LHS of that implication easily? I'm imagining something like [pose proof A B C D _] but that doesn't work.
[Sat Sep  6 12:34:46 2014] <jrw> osa1: you can do it by hand with assert, or write a tactic that does the assert for you
[Sat Sep  6 12:35:11 2014] <osa1> I'm doing manual asserts all time, that's what I'm trying to avoid
[Sat Sep  6 12:35:20 2014] <osa1> my proofs are full of [assert trivial by omega]
[Sat Sep  6 12:35:37 2014] <osa1> by trivial I mean a trivial prop like 1 < 2
[Sat Sep  6 12:36:23 2014] <jrw> osa1: first step would be something like:
[Sat Sep  6 12:36:25 2014] <jrw> Ltac forward H :=
[Sat Sep  6 12:36:27 2014] <jrw>   match type of H with
[Sat Sep  6 12:36:29 2014] <jrw>     | ?P -> _ => assert P
[Sat Sep  6 12:36:31 2014] <jrw>   end.
[Sat Sep  6 12:36:43 2014] <jrw> then [forward H7; omega] does what you want
[Sat Sep  6 12:38:54 2014] <osa1> hm. I should learn ltac sometime. can I chain multiple tactics like [forward H7; omega; omega; omega; ...] for eliminating multiple trivial cases similarly?
[Sat Sep  6 12:40:13 2014] <jrw> osa1: no, but I'm not sure what exactly you're going for. if your goal is already trivial, then it's just [omega]
[Sat Sep  6 12:41:14 2014] <jrw> if you have a hypothesis [H : P -> Q] and you'd like to have Q, and P is a trivial arithmetic fact, then you can do [forward H; [omega|]; intuition] or something, and you should have Q
[Sat Sep  6 12:41:41 2014] <osa1> jrw: the problem is most of the time I'm using [pose proof] instead of [apply] because I think it's leading to cleaner context. but problem with that is then I'm not having that trivial stuff as goals and instead I need to manually pass them to the implication
[Sat Sep  6 12:42:36 2014] <jrw> hm, what do you mean about why you're using pose proof?
[Sat Sep  6 12:44:44 2014] <osa1> jrw: I think it produces better context most of the time but I don't have a small example in mind. let's say I use it to see what I know more clearly. I'm sometimes applying some theorems to stuff in my context just to list some facts etc.
[Sat Sep  6 12:46:52 2014] <jrw> osa1: okay, I'd recommend writing a tactic that takes a theorem and a hypothesis, makes a copy of the hypothesis and applies the theorem to the copy
[Sat Sep  6 12:47:12 2014] <osa1> yeah I guess that'd work too
[Sat Sep  6 12:47:36 2014] <osa1> but really [pose proof] is more useful. I can leave a theorem in form [a -> b], which is not possible with apply
[Sat Sep  6 12:47:40 2014] <osa1> it'll just add [a] as goal
[Sat Sep  6 12:48:02 2014] <jrw> I'm confused, I thought you wanted it as a goal.
[Sat Sep  6 12:48:13 2014] <osa1> I don't want any goals, that's the point
[Sat Sep  6 12:48:23 2014] <osa1> I want stuff in form [a -> b -> ...]
[Sat Sep  6 12:49:24 2014] <jrw> osa1: then what did you mean about eliminating trivial cases?
[Sat Sep  6 12:50:32 2014] <osa1> jrw: let's say I'm using [pose proof] to get something in form [a -> b -> c -> ...]. sometimes a is something trivial like [1 < 2]. I'd like to get [b -> c -> ...] without manually using [assert _ by omega as _; apply _; clear _] etc.
[Sat Sep  6 12:50:58 2014] <jrw> osa1: write a tactic :)
[Sat Sep  6 12:51:11 2014] <osa1> yeah I guess that's my only option.
[Sat Sep  6 12:51:41 2014] <osa1> there are actually a lot of tactics that I want to write to make my tactics a lot more clear but I'm too lazy to learn ltac :o
[Sat Sep  6 12:52:22 2014] <jrw> osa1: you should just do it, it's not hard.
[Sat Sep  6 12:52:26 2014] <osa1> also, I don't want to make my proofs harder to read for others. it it was something in stdlib that I'd have an excuse :-)
[Sat Sep  6 12:52:54 2014] <osa1> for exmaple that's one of the reasons why I don't like CPDT. too much ltac magic.
[Sat Sep  6 12:53:07 2014] <osa1> example*
[Sat Sep  6 12:53:12 2014] <jrw> osa1: there's plenty of middle ground between where you are now and cpdt
[Sat Sep  6 12:53:18 2014] <osa1> right
[Sat Sep  6 12:53:38 2014] <jrw> osa1: http://lpaste.net/110610 <- here's some I use pretty frequently to do what you're talking about
[Sat Sep  6 12:54:19 2014] <jrw> (I just edited it to add one more related one)
[Sat Sep  6 12:54:58 2014] <jrw> then you can say something like [repeat conclude_using omega] to get rid of all the trivial cases
[Sat Sep  6 12:55:01 2014] <osa1> thanks
[Sat Sep  6 12:55:04 2014] <osa1> I'll try to see what they're doing
[Sat Sep  6 12:55:25 2014] <jrw> (as long as they appear as the first hypothesis in the chain, it won't work on [ ... -> 0 < 1 -> ... ])
[Sat Sep  6 12:56:41 2014] <osa1> yeah actually I want to do that too. when I have an implication and not a forall I sometimes want to swap arguments. like [b -> a -> c] instead of [a -> b -> c]. I'm wondering if there's a theoretical problem with that in general
[Sat Sep  6 12:57:43 2014] <jrw> osa1: as long as there aren't any binders (like forall) that could introduce dependency, it's fine
[Sat Sep  6 12:57:55 2014] <jrw> in other words, if it's just propositional logic, it should work.
[Sat Sep  6 12:58:56 2014] <osa1> yeah no forall
[Sat Sep  6 12:59:42 2014] <jrw> match goal with
[Sat Sep  6 12:59:44 2014] <jrw>   | [ H : ?P -> ?Q -> ?R |- _ ] =>
[Sat Sep  6 12:59:46 2014] <jrw>     assert (Q -> P -> R) by tauto; clear H
[Sat Sep  6 12:59:48 2014] <jrw> end.
[Sat Sep  6 12:59:50 2014] <jrw> something like that
[Sat Sep  6 17:34:35 2014] <ijp> was there any particular reason for ltac being dynamically typed?
[Sat Sep  6 17:35:26 2014] <ijp> it seems surprising given the context
[Sat Sep  6 17:54:13 2014] <vanila> ijp: I don't think you could give it a type system if you tyied
[Sat Sep  6 17:54:15 2014] <vanila> tried
[Sat Sep  6 17:54:34 2014] <vanila> and for well typed automated reasoning you always have reflection
[Sun Sep  7 01:03:46 2014] <osa1> any ideas how do I prove this http://lpaste.net/110649 ? (I have lots of lemmas about replace, member and find_min_idx but I omitted them to make code easier to read)
[Sun Sep  7 01:07:34 2014] <osa1> how do I duplicate a hypothesis?
[Sun Sep  7 01:14:48 2014] <osa1> [pose proof] did it
[Sun Sep  7 02:07:15 2014] <jrw> osa1: still working on that lemma?
[Sun Sep  7 04:51:55 2014] <osa1> jrw: yep
[Sun Sep  7 04:56:28 2014] <jrw> osa1: okay, well it's a kind of overly specific statement. you'll need some lemmas. can you post the full code?
[Sun Sep  7 05:01:24 2014] <osa1> jrw: it's very long, really. 500 lines long.
[Sun Sep  7 05:01:32 2014] <osa1> brb in 10 mins
[Sun Sep  7 05:02:15 2014] <osa1> jrw: https://gist.github.com/osa1/f0acaa31eacfe4dbece3
[Sun Sep  7 05:17:01 2014] <osa1> jrw: any ideas?
[Sun Sep  7 07:12:22 2014] <osa1> I'll write a ltac program for "duplicate and apply", which takes two arguments H and X then runs [pose proof H; apply X in H]. it'd be nice to have [... as] part too
[Sun Sep  7 07:25:31 2014] <osa1> jrw: isn't more specific better? more specific = more info to use in your proofs which should make proving easier than proving it for more general case.
[Sun Sep  7 11:34:34 2014] <dominik> hey coq experts :-)
[Sun Sep  7 11:35:12 2014] <dominik> I'm very new to coq and I'm currently struggeling with proving contradictions in coq.
[Sun Sep  7 11:35:31 2014] <dominik> suppose, I have some Hypothesis H: something = true as an hypothesis in my context.
[Sun Sep  7 11:35:51 2014] <dominik> I then achieve to deduce a goal something = false
[Sun Sep  7 11:35:55 2014] <dominik> and thus true = false.
[Sun Sep  7 11:36:06 2014] <dominik> that is, assuming my hypothesis H: something = true
[Sun Sep  7 11:36:14 2014] <dominik> I can also derive something = false.
[Sun Sep  7 11:36:32 2014] <dominik> which is obviously a contradiction.
[Sun Sep  7 11:36:53 2014] <dominik> but how do I tell Coq to accept this contradiction?
[Sun Sep  7 11:37:19 2014] <vanila> you could assert (true = false) by congruence. then use discriminate.
[Sun Sep  7 11:38:26 2014] <dominik> vanila: what do you mean by (true = false) by congruence ?
[Sun Sep  7 11:38:56 2014] <vanila> assert (true = false) by congruence.
[Sun Sep  7 11:39:04 2014] <vanila> as a tactic in Coq
[Sun Sep  7 11:40:59 2014] <dominik> vanila: hmm, coq then tells me that congruence failed.
[Sun Sep  7 11:41:24 2014] <vanila> oh
[Sun Sep  7 11:41:31 2014] <vanila> do you have both hypothesis?
[Sun Sep  7 11:41:38 2014] <vanila> something = true and something = false
[Sun Sep  7 11:41:41 2014] <vanila> in your current proof state
[Sun Sep  7 11:42:19 2014] <dominik> vanila: no, I just have H: something = true in my current proof state
[Sun Sep  7 11:42:38 2014] <dominik> and then, however, I can manipulate my goal to something = false.
[Sun Sep  7 11:43:06 2014] <vanila> hmm
[Sun Sep  7 11:43:12 2014] <vanila> can i see the whole proof state?
[Sun Sep  7 11:43:20 2014] <dominik> sure, hold on.
[Sun Sep  7 11:47:05 2014] <gdsfh> dominik: if you have hypothesis "x=true" and goal is "x=false", you can't prove this goal without additional information.
[Sun Sep  7 11:47:59 2014] <dominik> this is my current proof attempt. http://lpaste.net/6411634738334793728
[Sun Sep  7 11:49:09 2014] <dominik> gdsfh: hmmm, isn't it the case that when I have x=true as an hypothesis and I can derive from that x = false, then this is contradicts my assumption that x=true
[Sun Sep  7 11:49:19 2014] <dominik> and thus I'm done?
[Sun Sep  7 11:50:53 2014] <vanila> http://lpaste.net/110667
[Sun Sep  7 11:52:21 2014] <ijp> dominik: if it's a goal, then you haven't derived it
[Sun Sep  7 11:52:27 2014] <ijp> it is something still to be derived
[Sun Sep  7 11:56:57 2014] <dominik> vanila: thanks, what does that omega thing do?
[Sun Sep  7 11:57:31 2014] <dominik> ijp: ah, ok.
[Sun Sep  7 11:59:25 2014] <vanila> dominik, it proves that 0 = x + x implies 0 = x
[Sun Sep  7 11:59:51 2014] <vanila> you could get this from an arithmetic lemma but i didn't want to search around in the stdlib so omega proves it automatically
[Sun Sep  7 12:01:16 2014] <dominik> ok, hold on. I'm trying to rewrite it without omega because we are still at the very basics. Let me try :)
[Sun Sep  7 12:14:06 2014] <dominik> vanila: ok, got it: thanks in particular for showing me on how to use discriminate!
[Sun Sep  7 12:15:36 2014] <vanila> sure :)
[Sun Sep  7 15:33:11 2014] <jrw> osa1: try proving and using this. http://lpaste.net/110673
[Sun Sep  7 16:29:22 2014] <osa1> jrw: thanks for the tip. I'll try in a minute.
[Sun Sep  7 16:50:23 2014] <osa1> I just proved that.
[Sun Sep  7 16:50:51 2014] <osa1> jrw: do you mean I should be able to prove swap_min_replace with that or should I use that one directly in my master theorem?
[Sun Sep  7 16:52:05 2014] <jrw> osa1: you can prove swap_min_replace using that and your lemmas about find_min_idx I think
[Sun Sep  7 16:52:15 2014] <jrw> I didn't look at anything after swap_min_replace
[Sun Sep  7 16:52:41 2014] <osa1> okay
[Sun Sep  7 17:09:55 2014] <osa1> let's say I generated a name with ?, like [assert _ as ? by omega.] can I use that fresh variable in next tactic in ; chain?
[Sun Sep  7 17:31:28 2014] <osa1> I still can't prove swap_min_replace but I'm too tired to see why. maybe I should try in the morning.
[Sun Sep  7 17:32:02 2014] <vanila> What is swap_min_replace
[Sun Sep  7 17:33:46 2014] <osa1> vanila: minimal version: http://lpaste.net/110649 and this is the whole proof if you're interested: https://gist.github.com/osa1/f0acaa31eacfe4dbece3
[Sun Sep  7 17:36:49 2014] <vanila> Definition flip_pancakes
[Sun Sep  7 17:36:49 2014] <vanila> lol
[Sun Sep  7 17:37:19 2014] <osa1> lol
[Sun Sep  7 17:38:08 2014] <ijp> what are you reading that's telling you about pancake sorting? simon singh's book on the simpsons and maths?
[Sun Sep  7 17:38:44 2014] <osa1> ijp: it's just a random blog post. I don't have the source.
[Sun Sep  7 17:38:50 2014] <vanila> this looks very hard to prove though, because of the accumulator and stuff
[Sun Sep  7 17:39:03 2014] <osa1> ijp: I thought it might be a good exercise, and it really is.
[Sun Sep  7 17:39:32 2014] <osa1> vanila: actually I'm almost done
[Sun Sep  7 17:39:57 2014] <osa1> vanila: correctness proof of find_min_idx was really the hardest part
[Sun Sep  7 17:40:09 2014] <osa1> I still have no ideas how did that work
[Sun Sep  7 17:40:23 2014] <osa1> basically I proved what jrw suggested and then figured the rest.
[Sun Sep  7 17:40:26 2014] <ijp> I suppose your next project will be to write a "crush" alike so that all those proofs become induction;crush
[Sun Sep  7 17:41:23 2014] <osa1> is it really that powerful?
[Sun Sep  7 17:44:22 2014] <osa1> hm. I just searched for simon singh and the books look interesting. are they good?
[Sun Sep  7 17:45:27 2014] <vanila> the code book was great i read it when i was younger
[Sun Sep  7 17:45:30 2014] <vanila> i dont know his oters
[Sun Sep  7 17:45:32 2014] <ijp> the simpsons one is fun, if you ignore all the BAD maths jokes
[Sun Sep  7 17:45:41 2014] <ijp> his fermat one is okay
[Sun Sep  7 17:46:09 2014] <ijp> I don't know who invented the abelian grape joke, but I wish them nothing but ill
[Sun Sep  7 23:29:54 2014] <chirpsalot> ijp: I think they might be from the Arabelian Peninsula :>
[Sun Sep  7 23:31:22 2014] <chirpsalot> If you travelled there to bring them harm you might be an illegal abelian.
[Sun Sep  7 23:48:54 2014] <sh1ken_> does anyone had any experience compiling coq?
[Mon Sep  8 00:11:54 2014] <darinmorrison> sh1ken_: a little
[Mon Sep  8 00:37:26 2014] <sh1ken_> I have this exact same error: https://lists.macosforge.org/pipermail/macports-users/2008-May/010299.html
[Mon Sep  8 00:41:16 2014] <sh1ken_> Nevermind, I catched the error. I needed a flag while compiling campl5. Thanks anyway.
[Mon Sep  8 05:02:21 2014] <osa1> yay, I proved something
[Mon Sep  8 05:02:42 2014] <osa1> swap_min_replace
[Mon Sep  8 05:06:37 2014] <jrw> wooo
[Mon Sep  8 05:10:54 2014] <osa1> jrw: I still don't understand how you could come up with that lemmas ... :)
[Mon Sep  8 05:11:30 2014] <jrw> osa1: you get better at it. btw, that reminds me about whether "more specific is better" or not.
[Mon Sep  8 05:11:43 2014] <jrw> it's a very intuitive idea that if you have more information, your theorem should be easier to prove
[Mon Sep  8 05:11:49 2014] <jrw> but it turns out to be false.
[Mon Sep  8 05:12:12 2014] <jrw> this is related to the "generalizing the inductive hypothesis" discussions we've had before
[Mon Sep  8 05:12:30 2014] <jrw> if you're going to prove something by induction, that's a very delicate thing and you need everything to fit together
[Mon Sep  8 05:12:41 2014] <jrw> "more specific" often means that things won't fit together well
[Mon Sep  8 05:13:07 2014] <osa1> right. so if we need induction the hypothesis will probably be less general than we need.
[Mon Sep  8 05:13:11 2014] <jrw> so you end up looking for nice, general, simple lemmas that will go through by induction and allow you to prove the facts you want.
[Mon Sep  8 05:13:25 2014] <jrw> osa1: right.
[Mon Sep  8 05:17:07 2014] <osa1> so I now have 3 sorting algorithms proven correct but I'm not happy with their implementation. because in real world you'd use something that operate on mutable and O(1) access arrays instead of persistent linked lists. is it possible to express those in Coq? do I have to reinvent ST monads or something like that? are there any libs?
[Mon Sep  8 05:18:07 2014] <jrw> osa1: it may be possible to do it in coq (by which you mean in gallina, that is, in coq's programming language), but you might be more interested to use coq to reason about a different language
[Mon Sep  8 05:18:19 2014] <jrw> for example, a simple imperative language with arrays
[Mon Sep  8 05:18:47 2014] <jrw> you could build up a floyd/hoare logic for it, and use your functional implementations as the spec
[Mon Sep  8 05:18:55 2014] <jrw> then you'd have an imperative implementation proven correct
[Mon Sep  8 05:19:28 2014] <osa1> yeah actually that'd work even better for me. I'd prefer, for example, to be able to parse a C program to C definition in Coq and prove on that term.
[Mon Sep  8 05:22:50 2014] <osa1> anyways, breakfast time for me.
[Mon Sep  8 05:22:52 2014] <jrw> osa1: that is possible these days but it's still pretty bleeding edge. you should look at VST
[Mon Sep  8 05:23:04 2014] <jrw> osa1: I'd recommend starting with a toy imperative language
[Mon Sep  8 05:23:19 2014] <osa1> jrw: what's VST? google returned unrelated results
[Mon Sep  8 05:23:43 2014] <osa1> jrw: if you mean a languages like those in SF, I solved almost every exercise in that book.
[Mon Sep  8 05:23:44 2014] <jrw> osa1: http://vst.cs.princeton.edu/
[Mon Sep  8 05:23:55 2014] <osa1> thanks
[Mon Sep  8 05:24:10 2014] <jrw> osa1: I mean something like IMP from SF, but with arrays.
[Mon Sep  8 05:24:25 2014] <jrw> then implement your sorting algorithms in it
[Mon Sep  8 05:24:34 2014] <jrw> then prove they match their spec
[Mon Sep  8 06:38:02 2014] <osa1> uhh ... I just learned about [Hint Rewrite ...]
[Mon Sep  8 06:43:22 2014] <osa1> "Warning: the hint: eapply member_preserved_by_perm will only be used by eauto" why only by eauto?
[Mon Sep  8 06:44:39 2014] <osa1> I have a goal which I solve with [simpl. apply Permutation_cons. apply IHl.] but I can't use [auto] or [eauto] instead. why?
[Mon Sep  8 06:46:35 2014] <osa1> similarly, I'm looking for ways to automate this [simpl. rewrite Permutation_cons_append. apply Permutation_app_tail. apply Permutation_rev.]
[Mon Sep  8 06:53:17 2014] <osa1> you guys may want to use my awesome ltac program http://lpaste.net/110714 :p
[Mon Sep  8 06:54:59 2014] <osa1> lol. it's just stuck in an infinite loop, I guess
[Mon Sep  8 06:55:03 2014] <osa1> how do I terminate it?
[Mon Sep  8 06:55:23 2014] <osa1> I just killed the process
[Mon Sep  8 06:58:27 2014] <gdsfh1> osa1: afaik [e]auto doesn't do "simpl" internally, so write your tactic with "simpl; eauto" if you want "simpl".
[Mon Sep  8 06:59:34 2014] <osa1> gdsfh1: [simpl; eauto with *] or [simpl; auto with *] don't solve what I solve with [simpl. rewrite Permutation_cons_append. apply Permutation_app_tail. apply Permutation_rev.]
[Mon Sep  8 07:03:16 2014] <gdsfh1> osa1: also, if my memory serves me, auto doesn't do rewrites.  So first two steps are still necessary.  However you can write tactic that rewrites goal with your favorite lemmas.  Or maybe "autorewrite" can help, not sure.
[Mon Sep  8 07:04:25 2014] <osa1> right, I remember that too. I just tried now and [auto with *] doesn't even do [apply Permutation_app_tail. apply Permutation_rev.]
[Mon Sep  8 07:09:04 2014] <gdsfh1> are these lemmas declared with Hint Resolve?
[Mon Sep  8 07:10:15 2014] <gdsfh1> also try "eauto with *", if Hint Resolve tells that "auto" won't use some of these lemmas.
[Mon Sep  8 07:14:48 2014] <osa1> [eauto with *] takes too much time, I just had to kill the process again
[Mon Sep  8 07:59:52 2014] <osa1> this link is generated by coqdoc but it's broken http://coq.inria.fr/distrib/8.4pl2/stdlib/Coq.omega.Omega.html#
[Mon Sep  8 08:02:24 2014] <mads-> johnw: Hi there. You went to ICFP, right? How was it?
[Mon Sep  8 09:27:46 2014] <vanila> which haskell libraries  have been developed in Coq?
[Mon Sep  8 10:34:30 2014] <johnw> mads-: it was excellent!
[Mon Sep  8 10:34:36 2014] <johnw> vanila: I'm working on trying to bridge the Haskell/Coq gap
[Mon Sep  8 10:35:36 2014] <edwardk> ICFP was a lot of fun this year
[Mon Sep  8 10:35:48 2014] <johnw> hi edwardk!
[Mon Sep  8 10:36:38 2014] <edwardk> hello hello
[Mon Sep  8 10:36:56 2014] <johnw> you were so deep into your succinct stuff when I had to bug out
[Mon Sep  8 10:37:10 2014] <edwardk> my body is on a really screwed up schedule right now, didn't sleep the last night and just hit the airport at 3am for a 7am flight out
[Mon Sep  8 10:39:10 2014] <johnw> does anyone know a good way to prove parametricity properties in Coq?  the CoqParam project looks to be a bit too out of date
[Mon Sep  8 10:39:52 2014] <johnw> for example, I want to prove: ∀ (identity : ∀ {X}, X → X), ∀ A (x : A), identity x = x.
[Mon Sep  8 10:40:32 2014] <vanila> johnw, I don't think these theorems are provable
[Mon Sep  8 10:41:10 2014] <johnw> so I have to take them as arguments so that the "caller" is forced to prove them for the definition of identity he cares about?
[Mon Sep  8 10:41:23 2014] <johnw> http://www.lix.polytechnique.fr/~keller/Recherche/coqparam.html
[Mon Sep  8 10:41:33 2014] <johnw> that projects has some ml code for proving such things
[Mon Sep  8 10:41:38 2014] <vanila> there was a lambda calculus + parametricity a while ago but parametricity is a metaresult that dependends on the language not having anything like type inspection for example
[Mon Sep  8 10:45:10 2014] <vanila> johnw, let me be clear
[Mon Sep  8 10:45:14 2014] <vanila> you can prove this of the identity function
[Mon Sep  8 10:45:25 2014] <vanila> but you can't prove it for an arbitrary function of ype ∀ {X}, X → X
[Mon Sep  8 10:45:28 2014] <johnw> right
[Mon Sep  8 10:50:27 2014] <osa1> is it possible to give links in a coqdoc document?
[Mon Sep  8 10:50:45 2014] <osa1> by links I mean link to an arbitrary webpage, not like what coqdoc automatically generates.
[Mon Sep  8 10:51:11 2014] <johnw> you can always use raw HTML wherever you like, and raw LaTeX
[Mon Sep  8 10:51:18 2014] <johnw> but I'd imagine there's a general form of "link"
[Mon Sep  8 10:51:48 2014] <osa1> oh I just saw # ... # stuff. thanks.
[Mon Sep  8 10:56:38 2014] <johnw> vanila: in particular: https://github.com/jwiegley/coq-haskell/blob/master/Duncan.v#L124
[Mon Sep  8 10:56:59 2014] <johnw> in the pen&paper proof, Duncan uses parametric relations to prove that lemma
[Mon Sep  8 10:57:20 2014] <vanila> does the proof require parametricity of h,k or k'?
[Mon Sep  8 10:58:08 2014] <vanila> i should think its provable without, at any rate you would have to find a differnet proof
[Mon Sep  8 10:58:11 2014] <johnw> not quite sure how to answer that
[Mon Sep  8 10:58:46 2014] <johnw> see page 68 of http://community.haskell.org/~duncan/thesis.pdf
[Mon Sep  8 10:59:46 2014] <vanila> :(
[Mon Sep  8 10:59:58 2014] <vanila> i tried to load this into coq myself
[Mon Sep  8 11:00:11 2014] <vanila> every since I got the HEAD version I can't run anyone elses code
[Mon Sep  8 11:00:15 2014] <johnw> you'll need to clone github.com/jwiegley/coq-haskell
[Mon Sep  8 11:00:18 2014] <vanila> ill upgrade i hope they fixed it
[Mon Sep  8 11:00:21 2014] <johnw> ah, yes, I'm only using 8.4pl4 now
[Mon Sep  8 11:00:39 2014] <johnw> I'm waiting on one specific bug fix before I switch to HEAD
[Mon Sep  8 11:00:52 2014] <vanila> so i should downgrade
[Mon Sep  8 11:01:01 2014] <johnw> i'm not sure my problem is worth your effort
[Mon Sep  8 11:01:25 2014] <vanila> I'm just interested in it because I don't know for sure how to prove it or if it can be done
[Mon Sep  8 11:01:35 2014] <vanila> of course you can add parametricity axioms
[Mon Sep  8 11:01:41 2014] <johnw> gross
[Mon Sep  8 11:01:54 2014] <vanila> :/
[Mon Sep  8 11:02:57 2014] <ianjneu> vanila: Dreyer et. al. have work on internalizing parametricity in type theories.
[Mon Sep  8 11:03:28 2014] <ianjneu> Adam Chlipala adds parametricity axioms to Coq for reasoning about his PHOAS stuff.
[Mon Sep  8 11:03:58 2014] <johnw> ooh, where?
[Mon Sep  8 11:06:36 2014] <vanila> ianjneu, ah I was thinking of Bernardys work
[Mon Sep  8 11:06:54 2014] <vanila> I don't know the relation
[Mon Sep  8 11:14:53 2014] <jgross_> johnw: http://www.maximedenes.fr/download/coqeal.pdf <- Maxime Dénès has done some work on parametricity and refinement using typeclasses in the past few years. He might have some work that you'd be interested in. 
[Mon Sep  8 11:15:10 2014] <johnw> thanks jgross_
[Mon Sep  8 11:15:40 2014] <johnw> how do I get Coq to extract records as records to Haskell?
[Mon Sep  8 11:17:10 2014] <johnw> i guess it's too much to hope for it to actually use type classes too, since instance lookup could be different in subtle ways
[Mon Sep  8 11:20:09 2014] <jgross_> Google suggests http://coq.inria.fr/refman/Reference-Manual025.html. Typeclasses are resolved at type inference time in Coq, so all your calls will already have the right instances.  It's not reasonable to expect future typeclasses to be resolved by Haskell's typeclass machinerary, because Coq lets you use arbitrary Ltac code to resolve instances. 
[Mon Sep  8 11:23:38 2014] <johnw> right
[Mon Sep  8 11:23:41 2014] <johnw> that makes sense
[Mon Sep  8 11:23:59 2014] <johnw> otherwise it could be trivial to violate any properties I've proven
[Mon Sep  8 12:43:08 2014] <kba> using `rewrite`, how can I make the rewrite take place on the right-hand side?
[Mon Sep  8 12:43:28 2014] <johnw> usually rewrite ___ at 2
[Mon Sep  8 12:43:34 2014] <johnw> or whatever sequence number gets it over there
[Mon Sep  8 12:43:45 2014] <johnw> alternatively, you can specify the exact arguments to the rewrite rule, like:
[Mon Sep  8 12:43:51 2014] <johnw> rewrite (comp_assoc _ _ f)
[Mon Sep  8 12:43:58 2014] <kba> that's what I'm trying to do
[Mon Sep  8 12:44:01 2014] <johnw> rewrite association for me involving (f . g)
[Mon Sep  8 12:48:12 2014] <kba> maybe that's not what I want
[Mon Sep  8 12:48:22 2014] <kba> or that didn't work out at least
[Mon Sep  8 12:48:30 2014] <kba> it will only allow me to do "at 1"
[Mon Sep  8 12:52:41 2014] <kba> johnw: maybe you can look at http://paste.debian.net/plainh/c50e2cf3 for a moment
[Mon Sep  8 12:53:19 2014] <kba> I want to either use: rewrite -> (H_mul_ic n' m). on both sides
[Mon Sep  8 12:53:27 2014] <kba> so that when I use my IHn.', then both sides are equal
[Mon Sep  8 12:53:36 2014] <kba> but I can't figure out how to do it on the right-hand side
[Mon Sep  8 12:54:02 2014] <kba> alternatively, I want to just do it on the left side, then rewrite using IHn', then go back, so the two sides are equal again
[Mon Sep  8 12:54:05 2014] <kba> but neither approach seems to work
[Mon Sep  8 13:03:02 2014] <johnw> you don't have any lemma that says m + mul m n' = mul m (S n')
[Mon Sep  8 13:03:11 2014] <johnw> unless that's the definition of mul
[Mon Sep  8 13:03:21 2014] <johnw> in which case "reflexivity" should work at the end
[Mon Sep  8 13:09:06 2014] <kba> No, my definition is:  mul (S i') j = j + (mul i' j))
[Mon Sep  8 13:09:07 2014] <kba> basically
[Mon Sep  8 13:09:14 2014] <kba> and mul 0 j = 0
[Mon Sep  8 13:10:51 2014] <kba> so no, I don't have a lemma that says that
[Mon Sep  8 13:12:25 2014] <kba> but I thought...
[Mon Sep  8 13:13:59 2014] <mads-> kba: where are you stuck right now?
[Mon Sep  8 13:14:07 2014] <kba> mul (S n') m = mul m (S n')
[Mon Sep  8 13:14:09 2014] <kba> on solving that
[Mon Sep  8 13:14:19 2014] <mads-> commutative?
[Mon Sep  8 13:14:21 2014] <kba> with pen and paper, that would be so trivial
[Mon Sep  8 13:14:22 2014] <kba> yes
[Mon Sep  8 13:14:29 2014] <kba> but Coq won't let me do what I want
[Mon Sep  8 13:14:57 2014] <kba> If I could do `H_mul_ic` on both sides, then I would have
[Mon Sep  8 13:15:12 2014] <kba> m + mul n' m = m + mul m n'
[Mon Sep  8 13:15:28 2014] <kba> and then I could just apply my inductive hypothesis IHn': mul n' m = mul m n'
[Mon Sep  8 13:15:30 2014] <kba> and be done with it
[Mon Sep  8 13:15:37 2014] <kba> but for some reason Coq won't let me
[Mon Sep  8 13:15:38 2014] <mads-> But you can't get from mul m (S n') to mul m n', right?
[Mon Sep  8 13:16:10 2014] <mads-> because your definition of mul says mul (S i') j = j + mul i' j
[Mon Sep  8 13:16:12 2014] <kba> You mean: m + mul m n' = mul m (S n')
[Mon Sep  8 13:16:19 2014] <kba> and yeah, that's where I'm stuck
[Mon Sep  8 13:16:40 2014] <mads-> I can check what I did, if you want a hint?
[Mon Sep  8 13:17:15 2014] <kba> I do, even though it would seem most people do it quite differently
[Mon Sep  8 13:17:24 2014] <kba> by defining bc_left or something
[Mon Sep  8 13:17:59 2014] <mads-> Yeah, I think I have all those lefts and rights
[Mon Sep  8 13:18:21 2014] <kba> but the most frustrating thing is just that, as I said, it's so trivial on paper
[Mon Sep  8 13:18:28 2014] <kba> and I can't grasp why Coq won't let me do what I want
[Mon Sep  8 13:18:39 2014] <kba> then again, I just about half an hour ago found out about assert
[Mon Sep  8 13:18:45 2014] <kba> so it's likely I just don't know how to do it
[Mon Sep  8 13:19:23 2014] <mads-> Yeah, I have bc_left and bc_right which I use in the base case and ic_right in the inductive case
[Mon Sep  8 13:19:41 2014] <mads-> with ic_right stating that  x + mul x y = mul x (S y)
[Mon Sep  8 13:19:54 2014] <kba> yeah, exactly
[Mon Sep  8 13:19:56 2014] <mads-> So that is essentially what you need to prove, right
[Mon Sep  8 13:20:01 2014] <kba> Indeed
[Mon Sep  8 13:20:26 2014] <mads-> I would advice you to try to write a proof for why that is.
[Mon Sep  8 13:20:37 2014] <kba> for why it's true?
[Mon Sep  8 13:20:37 2014] <mads-> The proof itself isn't that difficult and will solve your problem
[Mon Sep  8 13:20:45 2014] <mads-> Yeah, so you can use it as a rewrite
[Mon Sep  8 13:23:03 2014] <kba> would you do the proof inductively? Or why is it we can't just do it in the other proof?
[Mon Sep  8 13:23:23 2014] <mads-> I would do that inductively, yes.
[Mon Sep  8 13:23:55 2014] <mads-> I'm not sure, but I guess you can do nested induction in Coq. But I would rather do it like this, make Propositions and give them semantically correct names
[Mon Sep  8 13:25:07 2014] <mads-> So this ic_right proposition just requires the bc_left in the base case and H_mult_ic and IHn' in the inductive case.
[Mon Sep  8 13:25:20 2014] <mads-> However, be prepared for some plus_assoc and plus_comm fiddling :)
[Mon Sep  8 13:25:27 2014] <kba> already did the base case now
[Mon Sep  8 13:27:36 2014] <mads-> You will also need to prove either S(m+n) = S m + n or S n = n + 1
[Mon Sep  8 13:31:29 2014] <kba> before I was stuck on: mul (S n') m = mul m (S n')
[Mon Sep  8 13:31:42 2014] <kba> when I was writing it without an aux function
[Mon Sep  8 13:31:45 2014] <kba> now I'm stuck on: m + mul m (S n') = mul m (S (S n'))
[Mon Sep  8 13:31:48 2014] <kba> I'm not sure how that's any better
[Mon Sep  8 13:31:53 2014] <kba> ^^
[Mon Sep  8 13:34:24 2014] <mads-> How did you get there? :P
[Mon Sep  8 13:36:48 2014] <kba> it's the inductive case
[Mon Sep  8 13:36:53 2014] <kba> for: m + mul m n = mul m (S n).
[Mon Sep  8 13:37:06 2014] <kba> which is what I'm trying to prove, I assumed
[Mon Sep  8 13:37:14 2014] <kba> since that was the step I was stuck on in mult_is_comm
[Mon Sep  8 13:39:08 2014] <kba> or didn't you prove `x + mul x y = mul x (S y)` using induction?
[Mon Sep  8 13:40:37 2014] <mads-> I did, yes. With induction
[Mon Sep  8 13:41:17 2014] <mads-> How long have you been at it now?
[Mon Sep  8 13:48:46 2014] <kba> been at what?
[Mon Sep  8 13:48:48 2014] <kba> specifically?
[Mon Sep  8 13:49:10 2014] <kba> I'm spent a good amount of hours
[Mon Sep  8 13:51:41 2014] <kba> http://paste.debian.net/plainh/7175062a
[Mon Sep  8 13:51:51 2014] <kba> as you can see, the inductive case is "m + mul m (S n') = mul m (S (S n'))"
[Mon Sep  8 14:34:05 2014] <mads-> When is this due to?
[Mon Sep  8 14:35:23 2014] <johnw> what is specification_of_multiplication?
[Mon Sep  8 14:36:30 2014] <mads-> mul 0 j = 0 and  mul (S i') j = j + (mul i' j)).
[Mon Sep  8 14:38:55 2014] <johnw> I think that specification_of_multiplication thing is getting in your way
[Mon Sep  8 14:39:05 2014] <johnw> using induction and plus_assoc and plus_comm, this proof is about 6 lines long
[Mon Sep  8 14:39:19 2014] <johnw> (if I use ordinary mult)
[Mon Sep  8 14:39:44 2014] <mads-> Indeed.
[Mon Sep  8 14:40:02 2014] <mads-> But the exercise of the assignment is to build it all up from the ground.
[Mon Sep  8 14:40:16 2014] <mads-> Or so we are told :)
[Mon Sep  8 14:40:34 2014] <johnw> ah, I see
[Mon Sep  8 14:40:44 2014] <johnw> then build up plus_assoc and plus_comm from the ground and rejoice :)
[Mon Sep  8 14:41:07 2014] <johnw> I would look hard at how specification_of_multiplication is defined, and what information it is providing you with
[Mon Sep  8 14:42:06 2014] <mads-> We can use plus_assoc and plus_comm though
[Mon Sep  8 14:42:40 2014] <mads-> And plus_0_l and plus_0_r too seeing that we are only allowed to use reflexivity as long as the both sides are perfectly identical
[Mon Sep  8 14:42:45 2014] <johnw> yep
[Mon Sep  8 14:52:45 2014] <chirpsalot> Huh.
[Mon Sep  8 14:53:41 2014] <chirpsalot> My desktop is much faster than my laptop. Proof general takes a while to run my coq file on my laptop... I really should break this up into more files.
[Mon Sep  8 14:53:59 2014] <kba> mads-: as you know, it was due this Saturday at 23.59 ;)
[Mon Sep  8 14:54:39 2014] <chirpsalot> kba: mads- both taking the same course?
[Mon Sep  8 14:54:51 2014] <kba> chirpsalot: yup
[Mon Sep  8 14:54:55 2014] <chirpsalot> Awesome.
[Mon Sep  8 14:55:03 2014] <chirpsalot> I'm muy jealous.
[Mon Sep  8 14:57:00 2014] <kba> mads-: but I assume you've also proven the inductive case for `m + mul m n = mul m (S n).`
[Mon Sep  8 14:57:07 2014] <kba> which is `m + mul m (S n') = mul m (S (S n'))`
[Mon Sep  8 14:57:13 2014] <kba> if so, can you give me a hint?
[Mon Sep  8 14:59:43 2014] <mads-> kba: As my induction goal I get  S n' + mult (S n') y = mult (S n') (S y)
[Mon Sep  8 15:00:11 2014] <mads-> So I think you are doing induction on the wrong variable
[Mon Sep  8 15:01:47 2014] <kba> oh you're right
[Mon Sep  8 15:19:36 2014] <mads-> kba: If you are still struggling with it tomorrow and it all seems hopeless, you can just hit me up in my office if you want some hands-on-help. I'm in Turing 116
[Mon Sep  8 15:20:06 2014] <kba> what's your full name?
[Mon Sep  8 15:24:21 2014] <mads-> Mads Ravn
[Mon Sep  8 15:25:11 2014] <kba> thanks
[Mon Sep  8 15:25:51 2014] <mads-> No probs. I will probably be there from around 9, maybe 10.
[Mon Sep  8 15:28:52 2014] <chirpsalot> mads-: you have a building called Turing?
[Mon Sep  8 15:29:07 2014] <kba> most of our buildings are named after scientists
[Mon Sep  8 15:29:13 2014] <chirpsalot> We don't have anything that cool here :(.
[Mon Sep  8 15:31:38 2014] <kba> in CS, we have buildings named Turing, Babbage, Shannon, Zuse, Stibitz and more
[Mon Sep  8 15:41:45 2014] <chirpsalot> kba: we have CSC and Athabasca, lol.
[Sat Nov 15 17:26:42 2014] <wolfe.freenode.net> [freenode-info] channel trolls and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[Sat Nov 15 21:47:38 2014] <alkabetz> What variable to I have to change to make Proof General let me switch away from the *response* buffer?
[Sat Nov 15 22:32:18 2014] <ijp> yeah, proofgeneral does some pain-in-the-ass things with emacs windows
[Sat Nov 15 22:32:56 2014] <ijp> alkabetz: try splitting the window with C-x 2 and then you should be able to change one
[Sat Nov 15 22:33:05 2014] <ijp> if you figure out a real solution, ping me
[Sat Nov 15 22:33:20 2014] <alkabetz> * sighs
[Sun Nov 16 00:12:08 2014] <johnw> alkabetz: that's what my hack fixes
[Sun Nov 16 00:12:19 2014] <johnw> PG is too aggressive about setting the dedicated flag on buffers
[Sun Nov 16 00:14:07 2014] <johnw> w
[Sun Nov 16 00:14:45 2014] <alkabetz> Ooh, is this posted somewhere?
[Sun Nov 16 00:15:05 2014] <johnw> it's in my github.com/jwiegley/dot-emacs
[Sun Nov 16 00:15:09 2014] <johnw> look in init.el, and search for coq
[Sun Nov 16 04:50:36 2014] <torfscholle> hi. I'm trying to implement a tail function for variable length vectors, see http://pastebin.com/DbbiKfrg. applying 'inversion v' to a vector v of length (S n) correctly infers that it must come form a vector v' of length n, but it does not add equality between v and the prolonging of v' to the context - how can I do that?
[Sun Nov 16 05:14:21 2014] <torfscholle> or maybe it's better just to ask how you would construct the desired tail function :)
[Sun Nov 16 06:40:16 2014] <jgross> torfscholle: http://pastebin.com/FvNqK5Vj  It's easier if your functions match well with your datatype. 
[Sun Nov 16 09:14:21 2014] <torfscholle> jgross: thank you!
[Sun Nov 16 09:18:22 2014] <torfscholle> jgross: I'm wondering, however, if it's possible to encapsulate this compactly using the destruct or inversion tactic. When applying 'inversion v' on 'v : vec_nat (S n)', I'd like to add to the hypotheses 'n0 : nat' 'H : n = n0' 'vp : vec_nat n0' 'm : nat' generated the hypothesis that, up to renaming n by n0 via H, 'v' equals 'concat_vec n0 vp m'. Is there a variant of invertion that does this?
[Sun Nov 16 11:59:36 2014] <Choups314> The Lub inductive type is the lower Upper bound I guess ?
[Sun Nov 16 14:39:51 2014] <nkar> johnw: is it okay to bug you every time I find an error in your software-foundations repo?
[Sun Nov 16 15:00:16 2014] <mads-> nkar: I love you ask like it's going to a common occurence :P
[Sun Nov 16 15:03:29 2014] <nkar> mads-: so far, I've found three issues and reported one of them.
[Sun Nov 16 17:16:17 2014] <johnw> nkar: you are most welcome to!
[Sun Nov 16 17:16:20 2014] <johnw> nkar: can you use the GitHub issues?
[Sun Nov 16 17:16:27 2014] <johnw> that way I can process your feedback via normal channels
[Sun Nov 16 17:18:18 2014] <nkar> I'm trying to avoid github.  though, I'm thinking I should reconsider this.
[Sun Nov 16 17:18:29 2014] <johnw> well, I stand a much better chance of responding there :)
[Sun Nov 16 17:18:41 2014] <johnw> plus, you can queue the issues up to any depth and I won't care
[Sun Nov 16 17:18:57 2014] <nkar> I understand.
[Sun Nov 16 17:19:48 2014] <nkar> I'll send a pull request or open an issue once (if ever) I decide to create an account.
[Sun Nov 16 17:20:04 2014] <adelbertc> is this a repo that contains solutions to SF exercises?
[Sun Nov 16 17:20:10 2014] <adelbertc> ive been looking for an up to date one to compare to
[Sun Nov 16 17:20:25 2014] <johnw> yes
[Sun Nov 16 17:20:34 2014] <nkar> https://gitorious.org/software-foundations
[Sun Nov 16 17:20:41 2014] <nkar> oops, that's mine
[Sun Nov 16 17:20:57 2014] <nkar> https://github.com/jwiegley/software-foundations
[Sun Nov 16 17:21:04 2014] <nkar> adelbertc: ^
[Sun Nov 16 17:21:20 2014] <adelbertc> awesome possum
[Sun Nov 16 17:21:25 2014] <adelbertc> thanks!
[Sun Nov 16 17:31:29 2014] <johnw> I have a feeling that when I resume working on SF, I will start using ssreflect
[Sun Nov 16 17:31:36 2014] <johnw> I'm addicted to some of its simplifications now
[Sun Nov 16 17:34:39 2014] <adelbertc> anyone got hints on proving rev (rev (h :: t)) = h :: t, given the inductive hypothesis rev (rev t) = t
[Sun Nov 16 17:35:15 2014] <johnw> what happens when you "simpl"?
[Sun Nov 16 17:36:11 2014] <johnw> if nothing, you can make a helper lemma like: rev (h :: t) = rcons t h
[Sun Nov 16 17:36:17 2014] <Choups314> Hello :) What is the exact difference between the types Upper_Bound and Lub ? (Defined in Cpo.v)
[Sun Nov 16 17:36:19 2014] <johnw> and then another: rev (rcons t h) = h :: t
[Sun Nov 16 17:36:31 2014] <adelbertc> simpl gets rev (snoc (rev t) h) = h :: t
[Sun Nov 16 17:36:37 2014] <adelbertc> and im not sure how to proceed from there either
[Sun Nov 16 17:36:38 2014] <johnw> where is Cpo.v?
[Sun Nov 16 17:36:43 2014] <Choups314> in Sets
[Sun Nov 16 17:36:58 2014] <Choups314> It's about partial order of sets
[Sun Nov 16 17:37:07 2014] <johnw> adelbertc: ok, then prove that rev (snoc xs x) = x :: rev xs
[Sun Nov 16 17:37:23 2014] <johnw> adelbertc: and then you can use f_equal and you should find yourself at your induction hypothesis
[Sun Nov 16 17:38:00 2014] <johnw> Choups314: I'm not sure what source you're looking at
[Sun Nov 16 17:38:01 2014] <johnw> link?
[Sun Nov 16 17:38:14 2014] <Choups314> https://coq.inria.fr/V8.1/stdlib/Coq.Sets.Cpo.html
[Sun Nov 16 17:38:31 2014] <Choups314> I guess Lub means Lower Upper Bound ? ^^
[Sun Nov 16 17:38:37 2014] <johnw> exactlpy
[Sun Nov 16 17:38:40 2014] <johnw> least upper bound
[Sun Nov 16 17:40:12 2014] <johnw> the upper bound of a set is its highest element, according to the ordering relation
[Sun Nov 16 17:41:25 2014] <johnw> see http://en.wikipedia.org/wiki/Least-upper-bound_property
[Sun Nov 16 17:41:29 2014] <johnw> under "Statement of the property"
[Sun Nov 16 17:41:47 2014] <johnw> there you can see that being an upper bound is a component of being a least upper bound
[Sun Nov 16 17:44:59 2014] <johnw> for example, consider the set of numbers [1; 2; 3; 4; 5]
[Sun Nov 16 17:45:24 2014] <johnw> anything >= 5 could be an upper bound, but 5 would be the least upper bound
[Sun Nov 16 17:45:47 2014] <adelbertc> johnw: ah, got it now. thanks!
[Sun Nov 16 17:48:55 2014] <Choups314> johnw : Ok I figured out now ;). In french it's a totally different word ..
[Sun Nov 16 17:50:14 2014] <Choups314> johnw: Another thing : The integers set is defined in Integers.v (with the inductive type Integers). But is there a similar type in the standard library for the Reals set (R) ?
[Sun Nov 16 18:04:00 2014] <johnw> that I don't know
[Sun Nov 16 23:46:34 2014] <marvimias> Anyone here familiar with PARI/GP?
[Mon Nov 17 02:45:51 2014] <nkar> do I understand correctly that the [rewrite] tactic cannot be used on a hypothesis containing [forall]?
[Mon Nov 17 02:50:43 2014] <johnw> that's correct
[Mon Nov 17 02:50:54 2014] <johnw> you can't rewrite under binders
[Mon Nov 17 02:51:30 2014] <nkar> that's what [apply] is for, got it
[Mon Nov 17 02:51:42 2014] <johnw> well, they don't quite do the exact same thing
[Mon Nov 17 02:51:50 2014] <nkar> yeah, I understand
[Mon Nov 17 02:52:19 2014] <johnw> apply uses a propositional statement P -> Q to change some P into Q.  rewrite takes an equality P = Q, to change one or more parts of a statement matching P into Q
[Mon Nov 17 02:52:55 2014] <johnw> so, if the whole statement is P, they will feel awfully similar
[Mon Nov 17 02:53:32 2014] <nkar> wait, but you can use [apply] on a previously defined lemmas
[Mon Nov 17 02:53:46 2014] <johnw> i'm not sure I understand what you mean
[Mon Nov 17 02:53:58 2014] <nkar> let me explain
[Mon Nov 17 02:56:18 2014] <nkar> I'm referring to this "apply uses a propositional statement [...] rewrite takes an equality [...]"  but you can do [apply rev_involutive.] where [rev_involutive: forall (X : Type) (l : list X), rev (rev l) = l], which is an equality.  am I missing something?
[Mon Nov 17 02:57:36 2014] <johnw> if the statement of your goal (or a hypothesis) is itself an equality, you can use apply
[Mon Nov 17 02:57:57 2014] <johnw> for a hypothesis, it takes a statement of the form P -> Q; for a goal, it can take a statement which is just Q
[Mon Nov 17 02:58:39 2014] <nkar> ah, so you can use it to change a hypothesis, right?
[Mon Nov 17 02:58:45 2014] <johnw> sure
[Mon Nov 17 02:58:58 2014] <johnw> you can even use another hypothesis as the argument to apply
[Mon Nov 17 02:59:02 2014] <johnw> like: apply H in H1
[Mon Nov 17 02:59:10 2014] <nkar> cool
[Mon Nov 17 02:59:10 2014] <johnw> where H has the form P -> Q, and H1 is of type P
[Mon Nov 17 02:59:47 2014] <johnw> it is actually just function application, hence the name
[Mon Nov 17 03:00:20 2014] <nkar> thanks!
[Mon Nov 17 03:00:23 2014] <johnw> i.e., if my goal is G, and calling function foo gives evidence of G, then the goal is proven
[Mon Nov 17 11:00:28 2014] <eraserhd> Thinking about proving some things about nonograms.  Is there an array type, or should I have two lists with a proof that they are equal length?
[Mon Nov 17 11:04:04 2014] <ianjneu> eraserhd: there's a Vec type that is a list with a length type. If you have two Vec X n's then you know they're the same length.
[Mon Nov 17 11:04:52 2014] <ianjneu> the ssreflect libraries also have theorems about matrices, but I don't know how computational they are.
[Mon Nov 17 13:28:43 2014] <benzrf> how do i prove that a number is greater than another number
[Mon Nov 17 13:28:45 2014] <benzrf> or less than
[Mon Nov 17 13:33:32 2014] <sinelaw> hi. is there in logic or type theory a concept of quantor variables, for example "variable X is quantified by  quantor Q" where Q may turn out to be universal or some other quantifier?
[Mon Nov 17 13:33:37 2014] <sinelaw> or in coq
[Mon Nov 17 14:03:17 2014] <jrw> benzrf: do you know about the omega tactic?
[Mon Nov 17 14:03:29 2014] <benzrf> yea
[Mon Nov 17 14:03:40 2014] <jrw> that will prove a lot of your inequalities for you
[Mon Nov 17 14:04:50 2014] <benzrf> oh good
[Mon Nov 17 14:04:54 2014] <benzrf> um
[Mon Nov 17 14:05:11 2014] <benzrf> the thing is i kind of want to examine the gallina term that it genreates
[Mon Nov 17 14:05:19 2014] <benzrf> and i figure omega will probably make it overcomplicated
[Mon Nov 17 14:05:21 2014] <benzrf> w/e
[Mon Nov 17 14:05:26 2014] <benzrf> by the way i wanted to ask
[Mon Nov 17 14:05:31 2014] <benzrf> why are prop, set, and type separate?
[Mon Nov 17 14:05:34 2014] <benzrf> why not just have type?
[Mon Nov 17 14:11:49 2014] <jrw> benzrf: set is mostly just old cruft. back in the day it was impredicative but now it's not so it's just an unnecessarily constrained type
[Mon Nov 17 14:12:16 2014] <jrw> prop is useful for extraction. coq guarantees that nothing in set/type depends on anything in prop, so that the extractor can throw all the props away
[Mon Nov 17 14:13:10 2014] <benzrf> impredicative?
[Mon Nov 17 14:13:15 2014] <benzrf> self-ref?
[Mon Nov 17 14:13:17 2014] <jrw> yeah
[Mon Nov 17 14:13:23 2014] <benzrf> what is extraction?
[Mon Nov 17 14:13:38 2014] <benzrf> and you mean that you cannot parameterize sets or types with props?
[Mon Nov 17 14:13:38 2014] <jrw> take a gallina term and turn it into an ocaml/haskell/lisp program
[Mon Nov 17 14:14:00 2014] <jrw> you can parametrize/index them on props, but you can't depend on any information in the prop to compute something not in prop
[Mon Nov 17 14:30:22 2014] <benzrf> jrw: hmmmmmmmmmmm... ok...
[Mon Nov 17 14:30:31 2014] <benzrf> jrw: is there any other difference at all
[Mon Nov 17 14:30:42 2014] <jrw> prop is impredicative
[Mon Nov 17 14:30:48 2014] <benzrf> oh
[Mon Nov 17 14:31:00 2014] <benzrf> if i take some piece of code and %s/Set/Type/g it, will it still function the same
[Mon Nov 17 14:31:12 2014] <jrw> yes that's true, I think
[Mon Nov 17 14:31:21 2014] <benzrf> what about type -> set
[Mon Nov 17 14:31:34 2014] <benzrf> ah no then it cant accept props
[Mon Nov 17 14:31:44 2014] <benzrf> jrw: why should you ever use set then
[Mon Nov 17 14:32:38 2014] <jrw> benzrf: there may be some corner cases where if you use set you can do something crazy that wouldn't be sound at all levels of the type hierarchy
[Mon Nov 17 14:32:44 2014] <jrw> but generally, there's no reason to use it
[Mon Nov 17 14:32:53 2014] <benzrf> alright
[Mon Nov 17 14:33:09 2014] <benzrf> how does Prop's impredicativity manifest itsel
[Mon Nov 17 14:33:10 2014] <benzrf> f
[Mon Nov 17 14:33:18 2014] <benzrf> what exactly can you do that you cant with Set
[Mon Nov 17 14:33:21 2014] <benzrf> *Type
[Mon Nov 17 14:34:35 2014] <jrw> in type if you say "forall T : Type, T * T" or whatever, then that pops you up a universe level
[Mon Nov 17 14:34:50 2014] <jrw> but if you say "forall P : Prop, P /\ P" then you get to stay at the same universe level
[Mon Nov 17 14:38:34 2014] <benzrf> jrw: hmm...
[Mon Nov 17 14:38:39 2014] <benzrf> how so
[Mon Nov 17 14:39:06 2014] <benzrf> also, isnt forall just fun
[Mon Nov 17 14:39:23 2014] <jrw> yeah
[Mon Nov 17 14:41:34 2014] <jrw> benzrf: it can be more flexible, so for example if I define "Q := forall P : Prop, A P -> B P" then because that's at the same universe, I could apply Q to itself
[Mon Nov 17 14:41:39 2014] <jrw> I couldn't do that in Type
[Mon Nov 17 14:44:05 2014] <benzrf> where does the term "impredicative" come from
[Mon Nov 17 14:44:43 2014] <benzrf> Q := fun P : Prop => A P -> B P
[Mon Nov 17 14:44:48 2014] <benzrf> er
[Mon Nov 17 14:44:55 2014] <benzrf> Q := fun P : Type => A P -> B P
[Mon Nov 17 14:45:02 2014] <benzrf> oh i see
[Mon Nov 17 14:45:11 2014] <benzrf> that's : Type -> Type
[Mon Nov 17 16:40:25 2014] <adelbertc> SF question: checking two natlist's for equality, how come Coq will happily simpl beq_natlist (0 :: t) (0 :: t) to beq_natlist t t, but not beq_natlist(S n :: t) (S n :: t) ?
[Mon Nov 17 16:40:36 2014] <adelbertc> in fact, i dont even know how its simplifying
[Mon Nov 17 16:40:43 2014] <adelbertc> beq_natlist (0 :: t) (0 :: t) to beq_natlist t t
[Mon Nov 17 16:41:29 2014] <nkar> adelbertc: I think it relies on the definition of :: (or cons).
[Mon Nov 17 16:41:43 2014] <nkar> oh, wait
[Mon Nov 17 16:41:47 2014] <nkar> disregard that
[Mon Nov 17 16:42:05 2014] <adelbertc> * blinks
[Mon Nov 17 16:42:34 2014] <adelbertc> if i simpl on the S n :: t bit, all i get is the definition :(
[Mon Nov 17 16:43:06 2014] <nkar> I'm not sure but it's probably because O doesn't accept any arguments.
[Mon Nov 17 16:45:14 2014] <adelbertc> perhaps then i need to prove if beq_nat (n :: t) (n :: t) then beq_nat(S n :: t) (S n :: t)
[Mon Nov 17 16:46:28 2014] <nkar> adelbertc: does the theorem look like this: forall n, beq_nat n n = true?
[Mon Nov 17 16:46:36 2014] <adelbertc> yep
[Mon Nov 17 16:46:41 2014] <Choups314> Hello, is there a type for the reals Set (I mean R in math), like Integers (Defined in theories/Sets/Integers.v) that works for the natural numbers ?
[Mon Nov 17 16:46:44 2014] <adelbertc> its the beq_natlist refl exercise
[Mon Nov 17 16:46:55 2014] <adelbertc> well, beq_natlist, not beq_nat
[Mon Nov 17 16:48:29 2014] <nkar> adelbertc: why are you saying "perhaps"?  have you carefully read the induction chapter?
[Mon Nov 17 16:48:38 2014] <nkar> do you understand when it's needed?
[Mon Nov 17 16:49:23 2014] <adelbertc> i (think?) have a fairly good grasp of when its needed, i can usually anticipate when i need it versus say, just destruct
[Mon Nov 17 16:49:43 2014] <adelbertc> i also just realized
[Mon Nov 17 16:49:45 2014] <adelbertc> thats exactly whats happening
[Mon Nov 17 16:49:48 2014] <adelbertc> i had a brain fart going on
[Mon Nov 17 16:49:52 2014] <adelbertc> im currently at
[Mon Nov 17 16:50:21 2014] <adelbertc> given IHt: true = beq_natlist t t and IHn: true = beq_natlist (n :: t) (n :: t) prove true = beq_natlist (S n :: t) (S n :: t)
[Mon Nov 17 16:50:58 2014] <adelbertc> this is with induction on (l : natlist as [|h t] and induction on (h : nat as [| n]).
[Mon Nov 17 16:51:01 2014] <nkar> so, do you know how to proceed?
[Mon Nov 17 16:51:05 2014] <nkar> yeah, I get it
[Mon Nov 17 16:51:28 2014] <adelbertc> a bit stuck at the moment
[Mon Nov 17 16:52:03 2014] <benzrf> adelbertc: what happens if you simpl
[Mon Nov 17 16:52:59 2014] <adelbertc> becomes
[Mon Nov 17 16:52:59 2014] <adelbertc> true = (if beq_nat n n then beq_natlist t t else false)
[Mon Nov 17 16:53:19 2014] <nkar> right, the definition of beq_natlist gets expanded
[Mon Nov 17 16:53:50 2014] <benzrf> adelbertc: do you see where to go from here
[Mon Nov 17 16:54:02 2014] <adelbertc> not sure if thats ever useful or not. if it is, SF hasnt covered how to approach that yet
[Mon Nov 17 16:54:11 2014] <adelbertc> ive just never done a proof involving the expansion of the def
[Mon Nov 17 16:54:17 2014] <adelbertc> so i stopped exploring that route
[Mon Nov 17 16:54:18 2014] <benzrf> adelbertc: hold on
[Mon Nov 17 16:54:22 2014] <adelbertc> but maybe in this case i need to? o_O
[Mon Nov 17 16:54:22 2014] <nkar> adelbertc: don't worry, I got confused here too
[Mon Nov 17 16:54:23 2014] <benzrf> adelbertc: you're getting closer
[Mon Nov 17 16:54:29 2014] <benzrf> adelbertc: you're almost there
[Mon Nov 17 16:54:34 2014] <benzrf> adelbertc: what do you have?
[Mon Nov 17 16:54:53 2014] <adelbertc> i did a simpl which got me that, then i rewrote IHt so i have true = (if beq_nat n n then true else false)
[Mon Nov 17 16:55:08 2014] <benzrf> adelbertc: very close
[Mon Nov 17 16:55:09 2014] <adelbertc> beq_nat_refl time maybe
[Mon Nov 17 16:55:21 2014] <benzrf> adelbertc: i'd imagine
[Mon Nov 17 16:55:25 2014] <benzrf> adelbertc: you could just use an assert
[Mon Nov 17 16:55:46 2014] <nkar> adelbertc: which tactic are you going to use for that?
[Mon Nov 17 16:56:01 2014] <adelbertc> nkar: i first tried rewrite but it didnt like that, so yeah now im trying assert
[Mon Nov 17 16:56:22 2014] <benzrf> adelbertc: i feel like you probably didn't need to do induction on  h
[Mon Nov 17 16:56:39 2014] <adelbertc> just got it
[Mon Nov 17 16:57:00 2014] <adelbertc> so i suppose getting the expanded definition isnt necessarily a hint that im doing it wrong
[Mon Nov 17 16:57:08 2014] <adelbertc> benzrf: yeah let me remove that line and try again
[Mon Nov 17 16:57:13 2014] <benzrf> adelbertc: no, its a sign youre doing it right, iff you get closer
[Mon Nov 17 16:57:27 2014] <benzrf> adelbertc: what's the overall goal
[Mon Nov 17 16:57:35 2014] <nkar> benzrf: is there a way to solve it without using induction?  the current proof relies on the induction hypothesis.
[Mon Nov 17 16:57:57 2014] <nkar> if we don't count tactics which haven't been covered so far
[Mon Nov 17 16:58:02 2014] <benzrf> nkar: it doesn't
[Mon Nov 17 16:58:04 2014] <benzrf> ?
[Mon Nov 17 16:58:06 2014] <benzrf> er, it does?
[Mon Nov 17 16:58:23 2014] <nkar> yes, it does use the induction hypothesis
[Mon Nov 17 16:58:29 2014] <benzrf> oh wait
[Mon Nov 17 16:58:38 2014] <adelbertc> it relies on induction over the list
[Mon Nov 17 16:58:40 2014] <adelbertc> at least mine does
[Mon Nov 17 16:58:43 2014] <benzrf> no, no it doesnt
[Mon Nov 17 16:58:49 2014] <benzrf> nkar: the 2nd one isnt used
[Mon Nov 17 16:58:58 2014] <benzrf> >IHn: true = beq_natlist (n :: t) (n :: t)
[Mon Nov 17 16:59:11 2014] <benzrf> but you can jump straight to true = (if beq_nat n n then true else  false)
[Mon Nov 17 16:59:17 2014] <benzrf> no IHn needed
[Mon Nov 17 16:59:54 2014] <nkar> benzrf: I /q'd you my proof
[Mon Nov 17 17:00:10 2014] <benzrf> yeah
[Mon Nov 17 17:00:14 2014] <benzrf> that doesn't need IHn
[Mon Nov 17 17:00:52 2014] <nkar> does adelbertc use induction on n, too?
[Mon Nov 17 17:00:53 2014] <benzrf> obviously you need induction but i think adelbertc used an extra induction
[Mon Nov 17 17:00:54 2014] <adelbertc> ah, so you just need destruct
[Mon Nov 17 17:01:00 2014] <adelbertc> nkar: nope i took the induction on n out
[Mon Nov 17 17:01:01 2014] <benzrf> adelbertc: im not sure you even need that
[Mon Nov 17 17:01:16 2014] <benzrf> adelbertc: nkar's proof does not use it
[Mon Nov 17 17:01:30 2014] <nkar> adelbertc: you've nearly proved it already
[Mon Nov 17 17:01:43 2014] <adelbertc> so if i follow intros l with simpl i get nothing, if i destruct on l i can solve the [] case, and then from the h :: t case i can do the beq_nat_refl stuff
[Mon Nov 17 17:01:44 2014] <nkar> go back to the beq_nat_refl step and see what's left
[Mon Nov 17 17:02:09 2014] <adelbertc> yeah i got the solution now :-) thanks for the help!
[Mon Nov 17 17:02:14 2014] <adelbertc> but still interested in seeing how litlte induction i can get away with
[Mon Nov 17 17:02:29 2014] <nkar> no problem
[Mon Nov 17 17:03:30 2014] <nkar> adelbertc: consider uploading your solutions somewhere, so others could learn from them
[Mon Nov 17 17:03:42 2014] <adelbertc> yep, going to create a github repo very soon
[Mon Nov 17 20:14:53 2014] <nickolai> is there a way to debug what a tactic such as [assumption] is doing in terms of type conversions?  i have a situation where [assumption] takes a very long time to finish, and i'd like to find a way to pin down what's getting expanded out in the types and causing some kind of explosion..
[Mon Nov 17 20:22:46 2014] <jrw> nickolai: unfortunately that sort of thing is very difficult to debug and there isn't much tooling to support it. in your case can you try picking the right assumption by hand and seeing how long [apply H] takes?
[Mon Nov 17 20:23:53 2014] <nickolai> it takes much longer than i've been willing to wait on any given occasion (e.g., easily minutes)
[Mon Nov 17 20:24:48 2014] <jrw> nickolai: you mean the apply takes that long too?
[Mon Nov 17 20:25:39 2014] <nickolai> this general class of problem shows up repeatedly in a larger project i'm working on.  each instance can be debugged by manually taking apart the goal and the (almost-matching) hypothesis, until i find some term that can be marked Opaque to stop this degenerate behavior.  but each time it takes me quite a while to do this, and it's a lot of manual effort.
[Mon Nov 17 20:25:52 2014] <nickolai> yes, [apply H] takes a very long time
[Mon Nov 17 20:27:05 2014] <nickolai> what makes this particularly annoying is that, often times, H isn't the right hypothesis, and after a very long time, [apply H] will eventually fail.  this annoys me because this means [auto] is unusable, since the first thing it does is try [assumption]...
[Mon Nov 17 20:27:53 2014] <jrw> right
[Mon Nov 17 20:28:46 2014] <jrw> this kind of thing should only happen if you have large concrete values in your context. on abstract values the evaluation will bottom out pretty quickly in my experience.
[Mon Nov 17 20:28:54 2014] <jrw> is that the case for you?
[Mon Nov 17 20:29:27 2014] <nickolai> right, it tends to happen in situations that involve conversions between [nat] and our own fixed-width integer representation; as you can imagine, those expand out to large trees of mod/div operations.
[Mon Nov 17 20:30:02 2014] <jrw> yeah
[Mon Nov 17 20:30:07 2014] <nickolai> which is why marking things Opaque sometimes (but somehow not always) helps..
[Mon Nov 17 20:31:26 2014] <nickolai> perhaps another thing that could help: is there something like a "Really Opaque"?  the only two options i seem to have is the literal [Opaque], which doesn't seem to always "work", and the [Module Type] trick to fully hide the impl details, which is quite hard to apply retroactively to a definition, and is a lot of overhead even when defining something upfront.
[Mon Nov 17 20:33:38 2014] <nickolai> (just in case, by the [Module Type] trick i mean defining a module type with just the type signature for some expression, along with a theorem saying it's [eq] to its implementation.)
[Mon Nov 17 20:37:52 2014] <jrw> right, yeah that's high overhead
[Mon Nov 17 20:39:15 2014] <nickolai> reading about Coq's conversion rules, it sounds like [Opaque] defers beta-reduction but doesn't prevent it, so probably what i was seeing is that [Opaque] helps in cases when [apply H] is the right answer, but fails to help when [apply H] isn't the right answer..
[Mon Nov 17 20:40:05 2014] <nickolai> i suppose i want my hypothetical [Really Opaque] to prohibit beta-reduction of some term altogether.  i wonder if that would still allow theorems involving that term to be type-checked by the kernel..
[Mon Nov 17 20:42:20 2014] <jrw> nickolai: right. I don't have a great answer to this. could you try something where you introduce section variables for all the concrete values to abstract them and then prove your theorems, introducing section hypotheses as necessary to get properties you need. then when you're done apply the results outside the section to your actual values
[Mon Nov 17 20:42:57 2014] <jrw> kind of a lightweight version of the module type trick
[Mon Nov 17 20:44:22 2014] <jrw> maybe it's my own bias against modules and for sections...
[Mon Nov 17 20:44:39 2014] <johnw> nickolai: for the proof where assumption suceeds but is slow: print the proof term, that should give you a clue at least as to the nature of the massive term being expanded
[Mon Nov 17 20:44:50 2014] <johnw> that's how I usually find out what to mark as 'abstract' or 'Opaque'
[Mon Nov 17 20:44:55 2014] <johnw> (or 'Qed')
[Mon Nov 17 20:47:46 2014] <nickolai> ah, good call, that's at least something.
[Mon Nov 17 20:48:31 2014] <nickolai> relatedly, turns out there's another trick for making things more opaque than [Opaque]: http://t62744.science-mathematics-logic-coq-club.mathematicstalk.info/making-a-definition-really-opaque-t62744.html
[Tue Nov 18 09:32:44 2014] <benzrf> does coq have a built in map/dict/hash library
[Tue Nov 18 09:46:31 2014] <alkabetz> Does FMap (in the standard library) suit your needs?
[Tue Nov 18 11:05:54 2014] <eraserhd> Hrmm, am I reading it right that the vector constructor is "t"?
[Tue Nov 18 11:06:33 2014] <ianjneu> you are. Just don't require import. Require only.
[Tue Nov 18 11:06:41 2014] <ianjneu> Then you can use Vector.t
[Tue Nov 18 11:07:00 2014] <ianjneu> it's an odd divergence from the other theories' naming conventions.
[Tue Nov 18 11:07:24 2014] <alkabetz> If there’s consistency in any of the standard library, it has eluded me. :)
[Tue Nov 18 11:07:47 2014] <ianjneu> zing
[Tue Nov 18 11:15:22 2014] <alkabetz> IIRC, https://github.com/coq-ext-lib/coq-ext-lib is supposed to help fix this, but I haven’t used it yet, so I can’t really comment.
[Tue Nov 18 11:29:28 2014] <eraserhd> Do I even want to use vectors in Coq?  What's the best way to represent a nonogram board (an h x w array of bool)?
[Tue Nov 18 11:33:54 2014] <ianjneu> Well it depends on how much abstraction you want to work through. It's sometimes nice to represent a matrix as a finite function from index to value (say M : matrix A m n is defined as M_{i,j} which is a function fun (i : fin m) (j : fin j) => some_A)
[Tue Nov 18 11:36:47 2014] <eraserhd> ianjneu: What's `fin`?
[Tue Nov 18 11:36:59 2014] <eraserhd> (feel free to yell at me if I'm being annoying)
[Tue Nov 18 11:38:29 2014] <alkabetz> I don’t think you’re being annoying.  I’ve struggled several times to figure out how to represent matrices in Coq. :)
[Tue Nov 18 11:46:19 2014] <ianjneu> eraserhd: fin is the index type for vectors.
[Tue Nov 18 11:46:29 2014] <ianjneu> It might also be Fin.t
[Tue Nov 18 11:56:08 2014] <eraserhd> Oh, because they are 1-indexed.
[Tue Nov 18 11:56:11 2014] <eraserhd> :(
[Tue Nov 18 11:56:56 2014] <eraserhd> Perhaps I just add a proof parameter that all the rows are the same length and use lists.
[Tue Nov 18 12:00:06 2014] <ianjneu> eraserhd: look for previous attempts at matrix code. It's more painful than you think to do what you just proposed.
[Tue Nov 18 12:05:08 2014] <eraserhd> hrmm.
[Tue Nov 18 12:06:53 2014] <eraserhd> Well, since I'm doing this to learn Coq, and I can't figure out why that doesn't work, I'm gonna do it and either succeed or figure out why it won't work. :D
[Tue Nov 18 12:08:48 2014] <ianjneu> as conor mcbride would say, "push the types in" instead of having correctness criteria on the outside.
[Tue Nov 18 12:13:18 2014] <Choups314> Hello :)
[Tue Nov 18 12:13:27 2014] <ianjneu> Choups314: ahoy
[Tue Nov 18 12:13:35 2014] <Choups314> Why can't I declare this type : "Inductive intervalle : (Ensemble R) :=
[Tue Nov 18 12:13:35 2014] <Choups314>     | intervalle_vide : intervalle.  " ?
[Tue Nov 18 12:14:04 2014] <Choups314> It complains with "The term "intervalle" has type "Ensemble R" which should be Set, Prop or Type." ...
[Tue Nov 18 12:15:11 2014] <Choups314> While "Ensemble R" has type Type .... Anyway, this is what says the Check function
[Tue Nov 18 12:17:03 2014] <ianjneu> Inductive creates an optionally indexed type family. You can only have Inductive D (I : T) ... : forall (P : U) ..., Set [or Prop or Type] := blah.
[Tue Nov 18 12:17:50 2014] <ianjneu> Ensemble T has a specific way to inhabit it. You have to use the interface that it gives you.
[Tue Nov 18 12:18:14 2014] <benzrf> does coq have a built in map/dict/hash library
[Tue Nov 18 12:19:23 2014] <ianjneu> benzrf: it has a functor form called FMap that sucks major shit.
[Tue Nov 18 12:20:05 2014] <ianjneu> There's a user contrib called containers that uses typeclasses, but it still has a big problem that no type theory to date has managed to solve.
[Tue Nov 18 12:21:18 2014] <ianjneu> You can't define something like Inductive Value : Type := closure : lambda_term -> map name Value -> Value. where map is the type constructor for the abstract map type.
[Tue Nov 18 12:21:37 2014] <ianjneu> Value is in a negative position, and barf.
[Tue Nov 18 12:22:26 2014] <ianjneu> but if you don't need nestable maps, you should be fine.
[Tue Nov 18 12:22:55 2014] <ianjneu> don't even try to key maps by maps though. You will have a terrible time in setoid hell.
[Tue Nov 18 12:28:57 2014] <Choups314> Is it possible to use a recursive definition ?
[Tue Nov 18 12:30:08 2014] <ianjneu> Choups314: depends if your recursion terminates.
[Tue Nov 18 12:30:34 2014] <ianjneu> You can use the Fixpoint command for structurally recursive definitions.
[Tue Nov 18 12:31:44 2014] <ianjneu> You can use Program Fixpoint to give a terminating ordering that you prove decreases on each recursive call
[Tue Nov 18 13:50:52 2014] <jgross> nickolai: I'd made a feature request at https://coq.inria.fr/bugs/show_bug.cgi?id=3389.  For a while, [Opaque] was really opaque to conversion in trunk; it might have since been switched back.  There's also a trick used in ssreflect called locking.  See [locked] and [locked_with] at the top of http://ssr.msr-inria.inria.fr/doc/ssreflect-1.5/Ssreflect.ssreflect.html. 
[Tue Nov 18 15:27:05 2014] <Choups314> For example if I define A with "Parameter A : Set", and then I define B with "Parameter B : A", there is no means to "cast" (Like in C/C++ for instance) the type of B to Set ?
[Tue Nov 18 16:10:14 2014] <johnw> Choups314: no, because B is much, much smaller than Set.  If A is Int, then B is a number, which is not the same thing as Set at all
[Tue Nov 18 16:16:23 2014] <Choups314> johnw : Ho yes you are right .. I'm not used enough with coq to see this ... :p
[Tue Nov 18 16:17:21 2014] <adelbertc> how accurate would it be to say the latter half of SF gets more into PL metatheory/type theory than it does say "dependent types" in general? considering stopping for a bit after the first half, learning more about DTs/exploring other DT langs, and then coming back and finishing the 2nd half
[Tue Nov 18 16:44:10 2014] <jrw> adelbertc: I think that's fair.
[Tue Nov 18 17:03:35 2014] <johnw> adelbertc: yeah, I'm doing sort of the same thing
[Tue Nov 18 17:03:44 2014] <johnw> adelbertc: I really like how the second half gets into using Coq to do language modelling, but I want to get some more background before doing it
[Tue Nov 18 17:03:53 2014] <adelbertc> likewise.
[Tue Nov 18 17:03:57 2014] <adelbertc> its definitely something im interested in
[Tue Nov 18 17:04:06 2014] <adelbertc> but i also want to learn more about dependent types in general before diving into that
[Tue Nov 18 17:04:08 2014] <johnw> btw, Chlipala's book is almost all about this
[Tue Nov 18 17:04:14 2014] <johnw> so it makes an excellent companion to the 2nd half of SF
[Tue Nov 18 17:04:19 2014] <johnw> also, see the Ynot project
[Tue Nov 18 17:04:26 2014] <adelbertc> all about.. PL metatheory?
[Tue Nov 18 17:04:28 2014] <adelbertc> or DTs
[Tue Nov 18 17:04:29 2014] <johnw> and other things that Appel and Morrisett have done
[Tue Nov 18 17:04:36 2014] <johnw> about using DTs to model systems
[Tue Nov 18 17:04:45 2014] <johnw> and Coq in particular to prove things about those systems
[Tue Nov 18 17:04:53 2014] <adelbertc> ah cool
[Tue Nov 18 17:05:03 2014] <adelbertc> i've only heard his approach to Coq is very..... er.... interesting
[Tue Nov 18 17:05:41 2014] <johnw> his book has two components
[Tue Nov 18 17:05:48 2014] <johnw> one is advanced proof automation
[Tue Nov 18 17:05:53 2014] <johnw> the other is leveraging dependent types
[Tue Nov 18 17:06:13 2014] <johnw> it's a great book in both respects
[Tue Nov 18 17:06:17 2014] <johnw> i'm reading it again the second time right now
[Tue Nov 18 17:06:30 2014] <adelbertc> i've heard lots ofg ood things about it
[Tue Nov 18 17:06:41 2014] <johnw> it's quite excellent, if you intend to really use Coq for anything
[Tue Nov 18 17:06:56 2014] <johnw> if Coq is merely a curiosity, then it may contain too much detail
[Tue Nov 18 17:06:59 2014] <adelbertc> i ended up starting with SF first because i find i need exercises to verify my understanding of the material
[Tue Nov 18 17:07:07 2014] <benzrf> johnw: does coq have anything for assoclists or the like built in
[Tue Nov 18 17:07:10 2014] <johnw> SF is definitely the better place to start
[Tue Nov 18 17:07:12 2014] <adelbertc> i think i'm past the "merely a curiosity" stage :-)
[Tue Nov 18 17:07:19 2014] <johnw> CPDT is more for "getting real things done in Coq"
[Tue Nov 18 17:07:23 2014] <adelbertc> DTs are fun
[Tue Nov 18 17:07:24 2014] <johnw> benzrf: yes
[Tue Nov 18 17:08:07 2014] <johnw> benzrf: https://coq.inria.fr/library/Coq.FSets.FMapAVL.html
[Tue Nov 18 17:08:24 2014] <johnw> granted, I found it a tremendous pain to get started with, being used to Haskell
[Tue Nov 18 17:08:49 2014] <johnw> probably an OCaml user wouldn't find it so painful
[Tue Nov 18 17:09:02 2014] <adelbertc> i've programmed a bit in haskell, most of my time is spent in scala
[Tue Nov 18 17:09:27 2014] <adelbertc> if i squint enough i can see the resemblance between scala and ocaml. though scala will often yell at me once i try to do anything non-trivial with the type system
[Tue Nov 18 17:10:30 2014] <benzrf> thx
[Tue Nov 18 17:11:23 2014] <johnw> benzrf: see also https://github.com/coq-ext-lib/coq-ext-lib/blob/master/theories/Structures/Maps.v
[Tue Nov 18 17:11:30 2014] <johnw> coq-ext-lib tries to bridge some of the Haskell/Coq gap
[Tue Nov 18 17:12:30 2014] <benzrf> what does require exp do
[Tue Nov 18 17:13:16 2014] <johnw> what is the literal syntax?
[Tue Nov 18 17:15:05 2014] <benzrf> Require Export Sth.
[Tue Nov 18 17:16:23 2014] <adelbertc> johnw: have you read Coq'Art?
[Tue Nov 18 17:16:35 2014] <alkabetz> benzrf: That loads the Sth module, imports all its contents into the current module, and re-exports the contents to modules that load the current one.
[Tue Nov 18 17:16:55 2014] <alkabetz> benzrf: It’s equivalent to [Require Sth.  Import Sth.  Export Sth.], if that is helpful at all.
[Tue Nov 18 17:17:21 2014] <benzrf> aha
[Tue Nov 18 17:17:38 2014] <benzrf> oh, i didnt even know Require Foo and Import Foo were separate things
[Tue Nov 18 17:17:39 2014] <benzrf> thx
[Tue Nov 18 17:17:46 2014] <alkabetz> You’re welcome.
[Tue Nov 18 17:17:49 2014] <benzrf> what does Import Bluh do if you dont Require Bluh
[Tue Nov 18 17:17:57 2014] <alkabetz> Gives you an error, usually.
[Tue Nov 18 17:18:06 2014] <alkabetz> Unless Bluh is defined in the same file as the [Import].
[Tue Nov 18 17:18:18 2014] <alkabetz> [Require] deals with files; [Import] and [Export] deal with modules.
[Tue Nov 18 17:18:18 2014] <benzrf> kk
[Tue Nov 18 17:19:06 2014] <benzrf> https://gist.github.com/24bec55bd1e35f1c8c9a
[Tue Nov 18 17:27:25 2014] <johnw> adelbertc: I haven't read Coq'Art yet
[Tue Nov 18 18:28:01 2014] <benzrf>    ia0
[Tue Nov 18 18:28:05 2014] <benzrf> johnw: https://gist.github.com/24bec55bd1e35f1c8c9a
[Tue Nov 18 23:39:24 2014] <johnw> benzrf: hmm?
[Tue Nov 18 23:41:01 2014] <benzrf> johnw: why do i get that error?
[Tue Nov 18 23:42:09 2014] <johnw> why are you expecting empty to be defined?
[Tue Nov 18 23:44:56 2014] <benzrf> because i imported the thing?
[Tue Nov 18 23:45:14 2014] <benzrf> and at https://coq.inria.fr/library/Coq.FSets.FMapAVL.html it says Empty Map
[Tue Nov 18 23:45:14 2014] <benzrf> Definition empty := Leaf.
[Tue Nov 18 23:45:27 2014] <johnw> there's a different between importing what's called a "library"
[Tue Nov 18 23:45:29 2014] <johnw> and importing a module
[Tue Nov 18 23:45:33 2014] <johnw> you'll need to do this:
[Tue Nov 18 23:45:40 2014] <johnw> Require Import FMapAVL.
[Tue Nov 18 23:46:17 2014] <johnw> Module Import M := FMapAVL.Make(Nat_as_OT).
[Tue Nov 18 23:46:24 2014] <johnw> that gives you a map from nat's to whatever
[Tue Nov 18 23:46:42 2014] <johnw> to use your own key type, you'll need to build your own OrderedType module
[Tue Nov 18 23:46:49 2014] <johnw> see the docs for how Nat_as_OT was constructed
[Tue Nov 18 23:47:13 2014] <johnw> you may additional need Require Export Coq.Structures.OrderedTypeEx. too
[Tue Nov 18 23:47:17 2014] <johnw> http://stackoverflow.com/questions/14489232/finite-map-example
[Tue Nov 18 23:49:51 2014] <benzrf> ah
[Tue Nov 18 23:49:55 2014] <benzrf> i
[Tue Nov 18 23:49:58 2014] <benzrf> i don't know any of this
[Tue Nov 18 23:50:12 2014] <johnw> like, I said, coming from Haskell, using FMap is not fun
[Tue Nov 18 23:50:16 2014] <benzrf> scree
[Tue Nov 18 23:50:39 2014] <benzrf> can i just use an assoclist
[Tue Nov 18 23:50:53 2014] <johnw> it'll be the exact same
[Tue Nov 18 23:50:57 2014] <benzrf> ?
[Tue Nov 18 23:51:03 2014] <johnw> same interface
[Tue Nov 18 23:51:28 2014] <benzrf> i mean [(k, v)] in haskell
[Tue Nov 18 23:51:34 2014] <johnw> i know exactly what you mean
[Tue Nov 18 23:51:38 2014] <benzrf> ok i thought so...
[Tue Nov 18 23:51:47 2014] <benzrf> i didnt understand what you meant so i guessed maybe there was a communicatoin error
[Tue Nov 18 23:51:53 2014] <benzrf> :b
[Tue Nov 18 23:52:15 2014] <benzrf> johnw: wait,  do you mean there's an existing assoclist module that i'd have to do the same dance for
[Tue Nov 18 23:52:20 2014] <johnw> yes
[Tue Nov 18 23:52:22 2014] <benzrf> ah
[Tue Nov 18 23:52:35 2014] <benzrf> i was thinking of just rewriting naive impls of the basic functions involved
[Tue Nov 18 23:52:55 2014] <johnw> https://coq.inria.fr/library/Coq.FSets.FMapList.html
[Tue Nov 18 23:53:00 2014] <benzrf> basically i just want a simple free abelian group setup so i can try out using dependent typing for dimensioned units
[Tue Nov 18 23:53:03 2014] <johnw> that's an FMap based on an assoc list
[Wed Nov 19 04:35:31 2014] <johnw> can I re-open a Module in order to add definitions to it?
[Wed Nov 19 05:57:51 2014] <nkar> johnw: are you looking for a key binding allowing to jump to the Module declaration?
[Wed Nov 19 14:38:21 2014] <jgross> johnw: Modules are not mix-in.	However, if you define A.B.x and A'.B.y, and then [Import] A and A', you can refer to both [B.x] and [B.y].  You can also [Include] two modules to make a new module with the definitions of both of your original ones. 
[Wed Nov 19 14:53:40 2014] <johnw> jgross: thanks, that's what I've been doing
[Wed Nov 19 14:53:53 2014] <johnw> I was just wondering if there was a way to avoid so many extra module names
[Wed Nov 19 19:11:36 2014] <benzrf> does coq have strings
[Wed Nov 19 19:53:17 2014] <johnw> yes
[Wed Nov 19 19:53:26 2014] <johnw> Coq.Strings.String.
[Wed Nov 19 19:53:30 2014] <johnw> Open Scope string_scope.
[Wed Nov 19 19:53:42 2014] <benzrf> hmmmmm
[Wed Nov 19 19:53:53 2014] <benzrf> what about floats
[Wed Nov 19 19:53:56 2014] <johnw> what is it that you want to do with Coq, benzrf?
[Wed Nov 19 19:54:47 2014] <benzrf> something that would probably be better accomplished in idris
[Wed Nov 19 19:55:12 2014] <benzrf> i just want me some good old fashioned type level free abelian groups, maaaaaaaan
[Wed Nov 19 19:55:46 2014] <benzrf> so i can tag me numbers with em for when i gotta solve annoying problems featuring physical quantities
[Wed Nov 19 19:55:58 2014] <johnw> ah, I see
[Wed Nov 19 19:56:54 2014] <benzrf> that way i will get a type error if i fuck up my math
[Wed Nov 19 19:57:11 2014] <benzrf> also i can show it to my teacher
[Wed Nov 19 19:57:15 2014] <johnw> ahh
[Wed Nov 19 19:57:40 2014] <benzrf> units in phys act like a free abelian group ysee
[Wed Nov 19 19:57:53 2014] <johnw> in that case I'd probably recommend http://ssr2.msr-inria.inria.fr/doc/ssreflect-1.4/Ssreflect.abelian.html
[Wed Nov 19 19:57:55 2014] <benzrf> actually i was looking for a structure a while back to fully formalize it
[Wed Nov 19 19:58:20 2014] <benzrf> when you restrict yourself to positive reals & mult, it is indeed a product group
[Wed Nov 19 19:58:37 2014] <johnw> also see the quotient library in ssreflect/mathcomp
[Wed Nov 19 19:58:48 2014] <johnw> at least here (http://books.google.com/books?id=7VwlBAAAQBAJ&pg=PA85&lpg=PA85&dq=ssreflect+abelian&source=bl&ots=2ISgCAYI3K&sig=mnyN08GvzGZXVFdu5L5Bb1_vU4E&hl=en&sa=X&ei=hDxtVNfONoujyQTeqYLYCA&ved=0CDYQ6AEwBA#v=onepage&q=ssreflect%20abelian&f=false) they use it to develop a theory of free abelian groups
[Wed Nov 19 19:58:53 2014] <benzrf> but im not sure there's an interesting corresponding structure that captures how full mult & addition work
[Wed Nov 19 19:59:09 2014] <benzrf> i think there's a category here somewher
[Wed Nov 19 19:59:10 2014] <benzrf> e
[Wed Nov 19 19:59:12 2014] <benzrf> there always is
[Wed Nov 19 19:59:19 2014] <johnw> groupoids?
[Wed Nov 19 19:59:22 2014] <benzrf> perhaps
[Wed Nov 19 19:59:50 2014] <johnw> ski would know
[Wed Nov 19 20:02:44 2014] <benzrf> johnw: i already wrote this abomination:
[Wed Nov 19 20:03:11 2014] <benzrf> https://gist.github.com/52d28385bf99e1505276
[Wed Nov 19 20:05:13 2014] <benzrf> johnw: the keys are terms & the values are coefficients, naturally
[Wed Nov 19 20:05:34 2014] <benzrf> i guess that should be ab_add
[Wed Nov 19 20:19:31 2014] <Captcha257> Can anybody tell me why this wont work? http://pastebin.com/6QsEqSVE
[Wed Nov 19 20:20:13 2014] <benzrf> Captcha257: at a glance, tauto not working suggests you are trying sth that requires dne
[Wed Nov 19 20:20:36 2014] <benzrf> Captcha257: have you tried using intro[s] first
[Wed Nov 19 20:20:40 2014] <benzrf> i dont know if that affects anything
[Wed Nov 19 20:20:54 2014] <johnw> wouldn't it be: ~(P /\ ~P) -> ~P \/ P?
[Wed Nov 19 20:21:20 2014] <Captcha257> it should be equivalent.  Right?
[Wed Nov 19 20:21:26 2014] <johnw> sure
[Wed Nov 19 20:21:46 2014] <johnw> hmm
[Wed Nov 19 20:21:54 2014] <johnw> apparently, only if P is decidable
[Wed Nov 19 20:22:06 2014] <johnw> from the stdlib: Decidable.not_and : forall A B : Prop, Decidable.decidable A -> ~ (A /\ B) -> ~ A \/ ~ B
[Wed Nov 19 20:22:07 2014] <johnw>  
[Wed Nov 19 20:22:38 2014] <Captcha257> but isn't tauto a classical logic reasoner?
[Wed Nov 19 20:22:56 2014] <benzrf> n
[Wed Nov 19 20:23:10 2014] <benzrf> johnw: whats Decidable
[Wed Nov 19 20:23:14 2014] <johnw> "tauto succeeds on any instance of an intuitionistic tautological proposition"
[Wed Nov 19 20:23:29 2014] <Captcha257> it fails saying "Error: Classical tauto failed."
[Wed Nov 19 20:23:33 2014] <johnw> Decidable means there is a way to test whether it is true or not true
[Wed Nov 19 20:23:48 2014] <johnw> note that it says "intuitionistic", not classical
[Wed Nov 19 20:24:16 2014] <Captcha257> right, but why would the error say "Classical"
[Wed Nov 19 20:24:27 2014] <johnw> good question
[Wed Nov 19 20:27:10 2014] <Captcha257> strangely enough, this works :  http://pastebin.com/0QLzPfg1
[Wed Nov 19 20:27:45 2014] <benzrf> Captcha257: that's trivially easy
[Wed Nov 19 20:27:51 2014] <benzrf> ~P is really P -> False
[Wed Nov 19 20:27:55 2014] <benzrf> so,
[Wed Nov 19 20:28:03 2014] <benzrf> (P /\ (P -> False)) -> False
[Wed Nov 19 20:28:06 2014] <benzrf> pretty simpl
[Wed Nov 19 20:29:39 2014] <Captcha257> this is the LEM, so it should work only if using classical reasoning..  but I'm using tauto.
[Wed Nov 19 20:29:52 2014] <benzrf> Captcha257: it's not the LEM
[Wed Nov 19 20:30:06 2014] <benzrf> Captcha257: LEM is P \/ ~P
[Wed Nov 19 20:30:22 2014] <Captcha257> Its not ~(P /\ ~P)?
[Wed Nov 19 20:30:41 2014] <benzrf> Captcha257: ~(P /\ ~P) means "not both P and not P"
[Wed Nov 19 20:30:52 2014] <benzrf> Captcha257: P \/ ~P means "either P or not P"
[Wed Nov 19 20:31:09 2014] <benzrf> the latter is LEM
[Wed Nov 19 20:31:52 2014] <Cypi> In intuitionnistic logic, you don't have the usual De Morgan's law [ ~(P /\ Q) <-> ~P \/ ~Q ]
[Wed Nov 19 20:32:01 2014] <johnw> LEM can be axiomated in Coq, and is consistent with its logic if done, but cannot be proven using the logic of Coq alone
[Wed Nov 19 20:34:00 2014] <benzrf> Captcha257: when you think 2 props are equivalent but coq acts like they're not, try thinking through why they seem equal
[Wed Nov 19 20:34:12 2014] <benzrf> Captcha257: then catch yourself applying DNE without thinking
[Wed Nov 19 20:34:48 2014] <johnw> DNE?
[Wed Nov 19 20:37:51 2014] <Captcha257> So how can I get Coq to prove ~(P /\ ~P) -> (P \/ ~P) automatically?
[Wed Nov 19 20:38:05 2014] <johnw> if also need to know that P is decidable
[Wed Nov 19 20:38:10 2014] <johnw> if so, you can use that lemma I mentioned before
[Wed Nov 19 20:38:15 2014] <johnw> s/if also/you also
[Wed Nov 19 20:38:58 2014] <johnw> as for automatically... you need to register that lemma as a Hint Resolve, and then use auto
[Wed Nov 19 20:38:59 2014] <Captcha257> johnw: Decidable.not_and?
[Wed Nov 19 20:39:03 2014] <johnw> right
[Wed Nov 19 20:40:03 2014] <johnw> actually, that's not quite it
[Wed Nov 19 20:45:34 2014] <johnw> Captcha257: https://gist.github.com/786e283198bcf6dabb93
[Wed Nov 19 20:45:59 2014] <johnw> as you can see, I need decidable P to prove it
[Wed Nov 19 20:48:54 2014] <Captcha257> i get a syntax error trying to run it.   Do I need to add an Require Import?
[Wed Nov 19 20:49:05 2014] <johnw> I used the ssreflect library to write that
[Wed Nov 19 20:49:11 2014] <johnw> i didn't think you'd want to use my actual proof
[Wed Nov 19 20:49:20 2014] <johnw> see if you can rewrite it using regular Coq tactics
[Wed Nov 19 20:51:58 2014] <Captcha257> I can get this pretty easily : http://pastebin.com/eZTS2ctt
[Wed Nov 19 20:52:23 2014] <johnw> haha
[Wed Nov 19 20:52:25 2014] <johnw> yeah, that's axiom ;)
[Wed Nov 19 20:52:28 2014] <johnw> an axiom
[Wed Nov 19 20:52:31 2014] <johnw> https://coq.inria.fr/library/Coq.Logic.Classical_Prop.html
[Wed Nov 19 20:56:06 2014] <Captcha257> Ok,I see now : http://pastebin.com/ZLNMzERN  .   Thanks!
[Wed Nov 19 20:56:26 2014] <johnw> but, you're not proving anything
[Wed Nov 19 20:56:31 2014] <johnw> your antecedent is completely ignored
[Wed Nov 19 20:56:38 2014] <johnw> you might as well not have this lemma
[Wed Nov 19 20:57:01 2014] <johnw> since it simply restates the axiom and then uses the axiom to define itself
[Thu Nov 20 02:35:17 2014] <hanso> I just download coqide-8.4pl5.dmg, I run it on os x 10.10, it pops up a window says that "failed to load coqtop. Reset the preference to default?", I have to choose to path to "/Applications/CoqIDE_8.4pl5.app/Contents/Resources/bin", is there any way to config the coqide path?
[Thu Nov 20 02:42:31 2014] <hanso> Oh, I see, I have to set the coqtop to "/Applications/CoqIDE_8.4pl5.app/Contents/Resources/bin/coqtop" in preferences
[Thu Nov 20 10:49:21 2014] <schoppenhauer> hello. are there something like typeclasses/interfaces in coq? that is, abstract types which satisfy certain properties?
[Thu Nov 20 11:37:29 2014] <ianjneu> schoppenhauer: https://coq.inria.fr/distrib/v8.2/refman/Reference-Manual024.html
[Thu Nov 20 11:38:02 2014] <schoppenhauer> kthx
[Thu Nov 20 11:38:55 2014] <ianjneu> they're not really abstract types that satisfy properties so much as they are a meta-system for working conveniently with their current instantiations.
[Thu Nov 20 11:40:00 2014] <ianjneu> typeclass resolution happens before you do any proofs, so you have to be careful to not accidentally use implementation details. It's disappointing, but you end up having to break those abstractions to use Coq in most cases.
[Thu Nov 20 11:40:39 2014] <schoppenhauer> ok.
[Thu Nov 20 11:41:02 2014] <ianjneu> if you use modules and signatures, then you're using a second class system and can't quantify over objects that have those signatures.
[Thu Nov 20 11:41:18 2014] <schoppenhauer> I can also use dependent records.
[Thu Nov 20 11:41:19 2014] <ianjneu> Your best bet is to use dependent records
[Thu Nov 20 12:25:44 2014] <Choups314> I'm trying to define the set {x \in R | \forall n \in N, x = 2n } (The even naturals)  http://latex.codecogs.com/gif.latex?%5C%7Bx%20%5Cin%20R%20%5Cmid%20%5Cforall%20n%20%5Cin%20N%2C%20x%20%3D%202n%20%5C%7D
[Thu Nov 20 12:28:50 2014] <Choups314> http://pastebin.com/E7msUzin
[Thu Nov 20 12:29:49 2014] <Choups314> I would like to define a set (Of the type "Ensemble nat") that contains all the even natural numbers). I did this ^^^, but this is not working ..
[Thu Nov 20 15:04:07 2014] <schoppenhauer> (How) can I write an Ltac that just tries to go through all premises and do inversion once on them, until it works for some of them?
[Thu Nov 20 15:04:12 2014] <schoppenhauer> (and fail, if not)
[Thu Nov 20 15:49:50 2014] <ianjneu> schoppenhauer: solve [match goal with [ H : _ |- _ ] => inversion H]
[Thu Nov 20 15:50:07 2014] <schoppenhauer> ianjneu: thx.
[Thu Nov 20 15:51:43 2014] <ianjneu> schoppenhauer: you may want to check out CPDT's library of tactics, if not the book itself.
[Thu Nov 20 16:32:10 2014] <ski> johnw : .. hm, would know what ?
[Thu Nov 20 16:45:31 2014] <schoppenhauer> ianjneu: I should probably read it, yes. btw, your codeline does not work. to me it seems like it always tries to do inversion on the first assumption.
[Thu Nov 20 16:54:39 2014] <ianjneu> schoppenhauer: try adding ; fail after inversion H
[Thu Nov 20 16:55:46 2014] <schoppenhauer> ianjneu: ah. works \o/
[Thu Nov 20 16:56:54 2014] <ianjneu> schoppenhauer: do you know why?
[Thu Nov 20 16:58:23 2014] <schoppenhauer> ianjneu: i suppose the problem is that the match will not be recognized if there are remaining goals but no error.
[Thu Nov 20 17:01:02 2014] <ianjneu> not quite. match searches for the first hypothesis that will make the right hand side succeed. If the inversion doesn't discharge the goal, the tactic still succeeds, making the match stop searching. We want it to search for the first hypothesis for which inversion discharges the goal. The fail is only reached if the inversion doesn't solve the goal.
[Thu Nov 20 17:03:14 2014] <ianjneu> by failing after an inversion, we force the match to keep searching for a hypothesis for which inversion will solve the goal. Since the match will fail if all hypotheses cause failure, there's no need for the match to be inside "solve"
[Thu Nov 20 17:03:29 2014] <schoppenhauer> ++
[Thu Nov 20 17:15:14 2014] <ianjneu> is that supposed to be an emoji?
[Thu Nov 20 17:15:24 2014] <schoppenhauer> not really
[Thu Nov 20 17:18:45 2014] <schoppenhauer> it is more like ... generally positive reaction.
[Thu Nov 20 19:34:00 2014] <sh1ken> Hey, anyone knows if I can compile a plugin on Coq without recompiling the entire thing?
[Thu Nov 20 19:36:51 2014] <jgross> Only if you have the same version of OCaml that compiled the Coq that you're using.  (So, probably yes if you're using Linux, probably not if you're using Mac or Windows, though maybe if you're using 8.4pl5 rather than 8.4pl4 or earlier.) 
[Thu Nov 20 19:42:32 2014] <sh1ken> Yeah, I have no problem with that actually. I'm compiling the entire thing every time I make a change in the plugin, that's why I'm asking.
[Thu Nov 20 19:42:56 2014] <sh1ken> Is there any intructions anywhere that I can follow? I read through the README and nothing helped me.
[Thu Nov 20 19:44:14 2014] <sh1ken> (README meaning the README in the root folder of coq's repository)
[Thu Nov 20 19:53:22 2014] <jgross> I assumed by "recompiling the entire thing" you meant "all of Coq's source".  If you meant "recompiling the entire plugin", then, I have no idea. 
[Thu Nov 20 20:02:29 2014] <sh1ken> jgross: Woops, I lost my connection. Can you help me in this matter?
[Thu Nov 20 20:24:11 2014] <jgross> < freenode	#coq	    jgross	 I assumed by "recompiling the entire thing" you meant "all of Coq's source".  If you meant "recompiling the entire plugin", then, I have no idea.
[Thu Nov 20 20:24:11 2014] <jgross> You might also want to look at coq_makefile, if you're not already using that. 
[Thu Nov 20 20:39:29 2014] <sh1ken> Oh, yeah, I said:
[Thu Nov 20 20:39:33 2014] <sh1ken> Yeah, "all of Coq's source".
[Thu Nov 20 20:39:38 2014] <sh1ken> I'm assuming that this is not the right way to do it, obviously, but I don't have any previous experience with OCaml.
[Thu Nov 20 20:45:28 2014] <jgross> Have you read, e.g., http://gallium.inria.fr/blog/your-first-coq-plugin/? 
[Fri Nov 21 09:13:25 2014] <benzrf> ok question
[Fri Nov 21 09:14:04 2014] <benzrf> what's the accepted way to talk about things like monoids
[Fri Nov 21 09:14:37 2014] <benzrf> should i define a predicate that takes a set and an operator and says 'this is monoid' and then define a data type that holds a set, an operator, and a proof?
[Fri Nov 21 09:20:10 2014] <ianjneu> benzrf: use a monoid typeclass. It's best to try to not think with sets when in type theory.
[Fri Nov 21 09:23:28 2014] <benzrf> ianjneu: coq has type clsases??
[Fri Nov 21 09:23:31 2014] <benzrf> hot damn
[Fri Nov 21 09:25:32 2014] <ianjneu> I forget the syntax, but it'll be something like Class Monoid := {carrier : Type; op : carrier -> carrier -> carrier; assoc : forall x y z, op (op x y) z = op x (op y z); unit : carrier}. I think Bas Spitters has a lot of the classes and theorems written though.
[Fri Nov 21 09:25:54 2014] <benzrf> im sure somebody has
[Fri Nov 21 09:26:01 2014] <benzrf> but i enjoy defining stuff from scratch myself
[Fri Nov 21 09:27:56 2014] <ianjneu> it's nice when it all works together, so there has been a lot of work in building the theory https://github.com/Eelis/math-classes/blob/master/src/interfaces/abstract_algebra.v
[Fri Nov 21 09:42:05 2014] <notdan> benzrf: http://www.labri.fr/perso/casteran/CoqArt/TypeClassesTut/typeclassestut.pdf <- a nice intro to typeclasses in Coq
[Fri Nov 21 09:42:13 2014] <notdan> they are slightly different from those of Haskell
[Fri Nov 21 09:49:06 2014] <benzrf> oh
[Fri Nov 21 10:55:41 2014] <sh1ken> jgross: Yeah, I checked that. but I'm not sure if I can use coq_makefile to just compile a plugin that's build in within Coq
[Fri Nov 21 10:55:50 2014] <sh1ken> and that's almost purely Ocaml code
[Fri Nov 21 12:59:13 2014] <benzrf> is -> a primitive notation or is it Notation for sth
[Fri Nov 21 13:02:29 2014] <ianjneu> benzrf: context-sensitive. The rewrite tactic has -> and <- as directional notation. A -> B where a type is expected is notation for forall x : A, B [where x does not appear in B]
[Fri Nov 21 13:05:40 2014] <benzrf> ah
[Fri Nov 21 13:05:44 2014] <benzrf> forall is the primitive
[Fri Nov 21 14:29:22 2014] <jgross> sh1ken: Your plugin should not live in the Coq source code directory unless you're actually patching Coq itself.  See https://github.com/braibant/Timing-plugin for an example of a plugin that's written almost entirely in OCaml. 
[Fri Nov 21 16:15:26 2014] <sh1ken> jgross: Thanks for the link. I'm going to check it out. I'm actually modifing the extraction plugin so I don't know if it's necessary to patch Coq itself or I can follow the example that you're giving me.
[Fri Nov 21 16:18:42 2014] <ystael> sh1ken: i did some mucking around with the extraction plugin myself a few weeks ago. what are you making it do?
[Fri Nov 21 16:22:24 2014] <sh1ken> ystael: I'm doing some non-useful stuff actually, haha. I'm printing all the inductive types as a comments into the final extraction through OCaml.
[Fri Nov 21 16:31:23 2014] <sh1ken> ystael: What did you do with it?
[Fri Nov 21 17:28:32 2014] <chirpsalot> http://gallium.inria.fr/~xleroy/publi/verasco-popl2015.pdf neat.
[Fri Nov 21 17:38:54 2014] <adelbertc> MoreCoq.v (SF), given (n : nat), (H : beq_nat 0 n = true), prove n = 0
[Fri Nov 21 17:39:06 2014] <adelbertc> hints? :(
[Fri Nov 21 17:39:11 2014] <adelbertc> it looks so easy but i cant get it to work...
[Fri Nov 21 17:40:14 2014] <benzrf> adelbertc: have you tried induction on n
[Fri Nov 21 17:40:59 2014] <adelbertc> benzrf: well dont i feel silly.
[Fri Nov 21 17:41:10 2014] <adelbertc> i didnt even think to use induction, i kept permuting "inversion" and "apply"
[Fri Nov 21 17:41:13 2014] <adelbertc> hoping to do
[Fri Nov 21 17:41:20 2014] <adelbertc> n = 0, then beq_nat 0 n = beq_nat 0 0
[Sat Nov 22 01:10:55 2014] <nkar> adelbertc: you don't need induction. destruct + inversion should be enough.
[Sat Nov 22 02:05:11 2014] <marvimias> So, I undestand the basics of function growth but I do not know how to show decreasing function growth. The question is: Prove the function F: R to R+ is a decreasing function then " F" is O(1). Show by counterexample that the converse is not necessarily true.
[Sat Nov 22 02:05:17 2014] <marvimias> It's a confusing question, and I'm not sure where to start?
[Sat Nov 22 10:10:32 2014] <Choups314> Hi
[Sat Nov 22 10:12:59 2014] <Choups314> I'm trying to work on a mathematical set (What I want to do is purely mathematic for now) such as http://latex.codecogs.com/gif.latex?%5C%7Bx%20%3D%202n%20%5Cmid%20%5Cin%20%5Cmathbb%7BN%7D%20%5C%7D
[Sat Nov 22 10:14:27 2014] <Choups314> In order to prove mathematical properties of this set, I don't really know whether I should define a new type in coq (like the sig inductive type : {x:nat | even x}, where even is predicate on naturals)
[Sat Nov 22 10:15:14 2014] <Choups314> But then I guess I have to define some injections from this type to natural integers, or it can be done automatically ?
[Sat Nov 22 10:16:34 2014] <Choups314> In fact, I would like to define an Ensemble of such a type and to be able to use natural relations on it (lt, le ...)
[Sat Nov 22 10:33:49 2014] <Cale> You mean {2n | n in N} ?
[Sat Nov 22 10:35:13 2014] <Cale> yes, you do
[Sat Nov 22 10:35:44 2014] <Cale> So, sure, you can use a sigma type, and there's already a projection to the first component
[Sat Nov 22 10:37:13 2014] <Cale> Choups314: It's called proj1_sig
[Sat Nov 22 10:47:19 2014] <Choups314> Cale : What do you mean by projection ?
[Sat Nov 22 10:48:04 2014] <Cale> Choups314: An element of a sigma type is a pair consisting of an element of the base type together with a proof that the element satisfies the given property
[Sat Nov 22 10:48:21 2014] <Cale> Choups314: and there are projections to each of the components of the pair
[Sat Nov 22 10:49:55 2014] <Cale> (though the second projection has a type which uses the first)
[Sat Nov 22 10:53:12 2014] <Cale> https://coq.inria.fr/distrib/8.3pl4/stdlib/Coq.Init.Specif.html#proj1_sig
[Sat Nov 22 11:00:58 2014] <Choups314> Cale: (Sorry for the delay) Ok :), so it is possible to build an Ensemble of such a type (a sigma-type) ?
[Sat Nov 22 11:02:10 2014] <Cale> I'm not exactly sure what you mean by ensemble, but yes, sigma types exist. You can use sig even
[Sat Nov 22 11:02:23 2014] <benzrf> Choups314: sorry i confused you the other day
[Sat Nov 22 11:02:24 2014] <benzrf> it's Set
[Sat Nov 22 11:02:37 2014] <benzrf> Cale: i think french for set is `ensembl' or sth
[Sat Nov 22 11:02:44 2014] <Choups314> Yes it is
[Sat Nov 22 11:02:50 2014] <Choups314> ensemble*
[Sat Nov 22 11:04:07 2014] <roosbeef> for some reason rewrite is not working here
[Sat Nov 22 11:04:08 2014] <roosbeef> https://privatepaste.com/f4056dde10
[Sat Nov 22 11:04:12 2014] <roosbeef> am i missing something?
[Sat Nov 22 11:05:23 2014] <Cale> roosbeef: My guess is that there are implicit parameters which don't match
[Sat Nov 22 11:05:37 2014] <roosbeef> how can i check that?
[Sat Nov 22 11:06:04 2014] <Cale> View -> Display implicit arguments
[Sat Nov 22 11:06:32 2014] <roosbeef> lets see
[Sat Nov 22 11:07:11 2014] <roosbeef> nope they match
[Sat Nov 22 11:07:27 2014] <roosbeef> https://privatepaste.com/c547de7fa6
[Sat Nov 22 11:07:46 2014] <roosbeef> (above the error and below H8)
[Sat Nov 22 11:07:50 2014] <Cale> hm
[Sat Nov 22 11:19:10 2014] <roosbeef> ok managed to make it work with some cutting and using transitivity
[Sat Nov 22 11:19:41 2014] <roosbeef> still surprised as to why Coq was objecting
[Sat Nov 22 11:32:34 2014] <Choups314> Cale: By Ensemble I mean the inductive type defined here : https://coq.inria.fr/library/Coq.Sets.Ensembles.html
[Sat Nov 22 11:33:38 2014] <Choups314> Cale: Another thing : Is it possible to define an implicit coercion (Or something similar) to be able to use the relations on nat on my sigma-type (Which is a subset of nat) ?
[Sat Nov 22 12:49:05 2014] <Choups314> Is it possible to add "custom" type conversion rules ?
[Sat Nov 22 12:58:52 2014] <Choups314> In fact I don't really understand how to implement something like this : http://www.pps.univ-paris-diderot.fr/~sozeau/research/publications/Subset_Coercions_in_Coq.pdf
[Sat Nov 22 15:32:50 2014] <Choups314> Hello :)
[Sat Nov 22 15:33:07 2014] <Choups314> Can someone explain me how does the subset type coercion  works ?
[Sun Nov 23 05:21:02 2014] <nkar> can I limit searchabout to a certain set of files or modules?  I only want to search for things that I defined.
[Sun Nov 23 19:49:55 2014] <benzrf> hey yo
[Sun Nov 23 19:49:59 2014] <benzrf> i have
[Sun Nov 23 19:50:03 2014] <benzrf>   IHn : forall m : ord, ordle n m \/ ordle m n
[Sun Nov 23 19:50:08 2014] <benzrf> but,
[Sun Nov 23 19:50:13 2014] <benzrf> ordle_total < destruct IHn.
[Sun Nov 23 19:50:16 2014] <benzrf> Error: Unable to find an instance for the variable m.
[Sun Nov 23 21:27:12 2014] <nkar> benzrf: there's apply ... with (m := ...).  perhaps [with] works for [destruct], too
[Sun Nov 23 21:39:20 2014] <Cypi> In this case, it would be more something like [destruct (IHn your_m).], you just have to apply IHn to something.
[Sun Nov 23 21:39:51 2014] <benzrf> ah
[Sun Nov 23 21:39:56 2014] <benzrf> Cypi: thanks!
[Mon Nov 24 09:13:09 2014] <chris2> when i find something using Locate inside proof general, can i easily jump to the definition?
[Mon Nov 24 09:27:31 2014] <ianjneu> chris2: Print [name].
[Mon Nov 24 09:27:59 2014] <chris2> in the source code i mean
[Mon Nov 24 09:47:23 2014] <marvimias> Here is a bit of a challenge: Let n > 1 be an integer. In the space, consider the set: S = (x, y, z) | x, y, z ∈ {0, 1, . . . , n}, x + y + z > 0
[Mon Nov 24 09:47:31 2014] <marvimias> Find the smallest number of planes that jointly contain all (n + 1)3 − 1 points of S but none of them passes through the origin.
[Mon Nov 24 09:47:43 2014] <marvimias> It is from A7 in here: https://www.imo-official.org/problems/IMO2007SL.pdf
[Mon Nov 24 09:47:51 2014] <marvimias> Is it possible to prove with Coq?
[Mon Nov 24 11:47:34 2014] <thinkpad20> hey guys, so if I have a goal that looks like (a = a), then I can use reflexivity to complete the proof. But what about if I have a goal that looks like (1 > 0)? This is obviously definitionally true, but I'm not sure which tactic I can use.
[Mon Nov 24 12:01:44 2014] <Cypi> thinkpad20 : just "auto" is sufficient
[Mon Nov 24 12:04:57 2014] <thinkpad20> awesome, thanks! quite a beginner still :)
[Mon Nov 24 12:06:24 2014] <Cypi> If you want to see what exactly auto is doing, you can use "info_auto" instead, which will display the tactics it used to solve your goal.
[Mon Nov 24 12:07:11 2014] <thinkpad20> ah, yeah that's very helpful
[Mon Nov 24 12:27:51 2014] <thinkpad20> how do I do a rewrite in one specific place? For example, I have as a goal `f a b = c b`, and I have a proof that `b = x`, and I want to write my goal as `f a b = c x`, not `f a x = c x`.
[Mon Nov 24 12:29:48 2014] <elarnon> you can [rewrite ... at 1] iirc
[Mon Nov 24 12:29:58 2014] <nkar> thinkpad20: there's replace (expr1) with (expr2).
[Mon Nov 24 12:31:00 2014] <thinkpad20> ah, `at` did the trick :) thanks
[Mon Nov 24 12:42:57 2014] <elarnon> (it's a shame that coq doesn't have a ctx_rewrite or whatever)
[Mon Nov 24 12:43:56 2014] <elarnon> (like in [ctx_rewrite p_b_eq_x H on (_ = _ ?)] or something)
[Mon Nov 24 12:45:33 2014] <elarnon> you can do it with matches (even though it's a bit clumsy imho) but it would be worth having in a "vanilla" tactic i think
[Tue Nov 25 10:56:49 2014] <Choups314> Hey, is it possible to define something in several
[Tue Nov 25 10:57:09 2014] <Choups314> in different manners*, and to choose the best during a proof ?
[Tue Nov 25 11:04:50 2014] <ianjneu> Choups314: yes. You just have to have proven equalities to rewrite with.
[Tue Nov 25 11:05:13 2014] <ianjneu> I've done this myself, to get different computational behavior and induction schemes.
[Tue Nov 25 11:05:54 2014] <ianjneu> That said, I only mean wrt functions, not types. To do the same with types you'd need something like univalence.
[Tue Nov 25 11:18:19 2014] <Choups314> ianjneu : My definitions are actually predicates. If I do so, I have to define the several predicates (that are actually verifying the same property) in several definitions (so it means several names right ?) and then prove the equality between those definitions ?
[Tue Nov 25 11:30:42 2014] <ianjneu> Choups314: no, you can use any equivalence predicate you want in definitions, and in proofs you can move between them by using equality proofs of your various predicates.
[Tue Nov 25 11:31:20 2014] <benzrf> is exists defined like
[Tue Nov 25 11:31:52 2014] <benzrf> Inductive ex : forall A : Type, (A -> Prop) -> Prop :=
[Tue Nov 25 11:33:00 2014] <ianjneu> Inductive ex (A : Type) (P : A -> Prop) : Prop := ex_intro : forall x : A, P x -> ex _ P.
[Tue Nov 25 11:33:11 2014] <benzrf> | witness : forall (A : Type) (P : (A -> Prop)) (a : A), P a -> ex A P.
[Tue Nov 25 11:33:16 2014] <benzrf> oh
[Tue Nov 25 11:33:17 2014] <ianjneu> A and P are indices and not parameters.
[Tue Nov 25 11:33:30 2014] <benzrf> wait
[Tue Nov 25 11:33:32 2014] <benzrf> ?
[Tue Nov 25 11:33:35 2014] <benzrf> whats an index
[Tue Nov 25 11:33:53 2014] <ianjneu> something that can't change across all variants of an inductive type.
[Tue Nov 25 11:34:03 2014] <benzrf> hold on
[Tue Nov 25 11:34:20 2014] <benzrf> im confused
[Tue Nov 25 11:34:21 2014] <ianjneu> parameters can change, like the size of a vector.
[Tue Nov 25 11:34:56 2014] <ianjneu> They're operationally equivalent, but Coq produces different induction schemes for them.
[Tue Nov 25 11:35:07 2014] <Saizan> (i've always seen the terms used the other way around :O)
[Tue Nov 25 11:36:08 2014] <ianjneu> Saizan: well, that may be true.
[Tue Nov 25 11:36:56 2014] <ianjneu> Ya, that's probably the right nomenclature.
[Tue Nov 25 11:37:46 2014] <ianjneu> Adam uses parameter for left of the :, so ya you're right.
[Tue Nov 25 11:44:38 2014] <benzrf> and forall is primitive function type not defined, right
[Tue Nov 25 13:23:51 2014] <schoppenhauer> hello. does anyone happen to know a good (as in: instructive) book/manuscript on the pi-calculus?
[Tue Nov 25 13:25:41 2014] <alkabetz> Have you looked at the Wikipedia article?
[Tue Nov 25 13:25:50 2014] <schoppenhauer> no
[Tue Nov 25 13:26:08 2014] <schoppenhauer> i mean, yes, but ...
[Tue Nov 25 13:26:13 2014] <schoppenhauer> that's just a wikipedia article
[Tue Nov 25 13:27:07 2014] <alkabetz> Sure, sure.  I just wanted to bring it up, because it helped me a lot when I was reading a π-calculus paper.  It sounds like your needs are greater than mine, though.
[Tue Nov 25 13:27:57 2014] <schoppenhauer> hm. ok. but there is the work from milner linked, which is probably enough.
[Tue Nov 25 14:00:03 2014] <schoppenhauer> https://api.flickr.com/services/feeds/photos_public.gne?id=36998705@N00&lang=en-us&format=lolcode
[Tue Nov 25 14:03:56 2014] <alkabetz> That’s fantastic
[Tue Nov 25 14:04:36 2014] <schoppenhauer> wah wrong window
[Tue Nov 25 14:04:39 2014] <schoppenhauer> -.-
[Tue Nov 25 14:04:41 2014] <schoppenhauer> sorry
[Tue Nov 25 14:05:04 2014] <schoppenhauer> but yes, it is funny
[Tue Nov 25 15:01:46 2014] <chris2> anyone using coqtags?
[Tue Nov 25 19:02:31 2014] <benzrf> not forall doesnt imply exists not, right
[Tue Nov 25 19:12:26 2014] <Cypi> Indeed
[Tue Nov 25 19:13:18 2014] <benzrf> tfw cant classical
[Wed Nov 26 08:15:58 2014] <Necrosporus> Is there anything coq can do and ocaml can't beside theorem proving?
[Wed Nov 26 09:11:05 2014] <nkar> Necrosporus: in coq, types are first-class citizens
[Wed Nov 26 09:11:50 2014] <schoppenhauer> Necrosporus: in ocaml you can search for a proof of the inconsistency of peano arithmetic *duck*
[Wed Nov 26 09:14:29 2014] <Necrosporus> really?
[Wed Nov 26 09:14:58 2014] <Necrosporus> nkar, I know that dependent types in Coq but not present in OCaml
[Wed Nov 26 09:15:26 2014] <Necrosporus> My question is about what exactly I can do with them _beside_ proving my programs are correct?
[Wed Nov 26 09:16:07 2014] <Necrosporus> Do they make anything easier to do?
[Wed Nov 26 09:16:39 2014] <Necrosporus> beside writing complex programs which must be guaranteed to be correct
[Wed Nov 26 09:37:53 2014] <schoppenhauer> Necrosporus: no.
[Wed Nov 26 09:38:44 2014] <schoppenhauer> (and searching for an inconsistency in PA results in an algorithm of which it is undecidable whether it terminates.)
[Wed Nov 26 09:38:58 2014] <schoppenhauer> (just ftr)
[Wed Nov 26 09:39:29 2014] <schoppenhauer> (while in coq you must prove that your algorithm terminates, or is at least productive in some way)
[Wed Nov 26 09:41:08 2014] <Necrosporus> schoppenhauer, but in OCaml you could run it on a fast computer and wait for a hour or two?
[Wed Nov 26 09:41:34 2014] <schoppenhauer> Necrosporus: you would likely wait forever ...
[Wed Nov 26 09:41:44 2014] <schoppenhauer> Necrosporus: or at least until your ram is full.
[Wed Nov 26 09:42:19 2014] <schoppenhauer> Necrosporus: but that is the point: you *can* wait forever ... in theory.
[Wed Nov 26 09:43:41 2014] <Necrosporus> Did anyone try to run that program on a sufficiently powerful computer for sufficiently long time?
[Wed Nov 26 09:44:28 2014] <Necrosporus> If yes, then there is no point to run that program on my computer, because it will not produce any useful results before I decide to stop it
[Wed Nov 26 09:44:48 2014] <nkar> also in coq, you have the 'fixpoint', which ensures that successive recursive calls are made on decreasing arguments
[Wed Nov 26 09:49:42 2014] <chris2> what't the rationale for exist2/ex2_intro?
[Wed Nov 26 09:54:09 2014] <schoppenhauer> Necrosporus: do you know what a termination of that program would imply?
[Wed Nov 26 09:57:31 2014] <Necrosporus> schoppenhauer, I guess, I understand it wrongly, I though you were talking about proving Goodstein's theorem
[Wed Nov 26 09:57:55 2014] <schoppenhauer> no.
[Wed Nov 26 09:58:34 2014] <Necrosporus> But you mean inconsistency, not incompleteness
[Wed Nov 26 09:58:52 2014] <Necrosporus> If it's inconsistent then... probably all of our math is wrong
[Wed Nov 26 09:59:59 2014] <schoppenhauer> yes.
[Wed Nov 26 10:01:51 2014] <chris2> just if you dont believe in other foundations
[Wed Nov 26 10:16:38 2014] <Necrosporus> schoppenhauer, have anyone tried to check it anyway?
[Wed Nov 26 10:17:01 2014] <Necrosporus> Run something on a modern supercomputer for few hours for example
[Wed Nov 26 10:20:50 2014] <schoppenhauer> I don't think so.
[Wed Nov 26 10:27:37 2014] <schoppenhauer> and actually, I don't consider that too interesting.
[Wed Nov 26 10:28:04 2014] <Necrosporus> because you believe in consistency of peano arithmetic?
[Wed Nov 26 10:28:18 2014] <schoppenhauer> it's interesting that such an algo exists.
[Wed Nov 26 10:28:38 2014] <schoppenhauer> no, but I believe that we would not get any valuable information from it.
[Wed Nov 26 10:28:38 2014] <Necrosporus> Can I see its code if it's not too long?
[Wed Nov 26 15:05:50 2014] <nolrai66> Hi, so my coqide doesn't seem to be able to find the standard library. Did I miss install something?
[Wed Nov 26 19:44:35 2014] <jabesed> this is kind of off topic, but most people here may know a thing or two about induction so hope you don't mind me asking
[Wed Nov 26 19:45:06 2014] <jabesed> do you know of any work defining algebras of inductive sets?
[Wed Nov 26 19:45:52 2014] <jabesed> by inductive set A = Ind(x,R), here I mean a set generated from an initial set of values x, and a relation R subset of AxA
[Wed Nov 26 19:46:01 2014] <ezyang> Like, universe coding?
[Wed Nov 26 19:46:14 2014] <jabesed> not sure what that is ezyang
[Wed Nov 26 19:46:34 2014] <ezyang> i.e. you define the universe of data types using another data type
[Wed Nov 26 19:46:47 2014] <ezyang> with an interpretation function that takes the 'Code' to a 'Type'
[Wed Nov 26 19:47:19 2014] <jabesed> not really... I don't think so
[Wed Nov 26 19:47:43 2014] <jabesed> all I mean is describing sets from an initial set of values and and a relation
[Wed Nov 26 19:48:06 2014] <jabesed> the idea being that if     a in A  and (a,a') in R then a' in A
[Wed Nov 26 19:48:33 2014] <jabesed> so it's like representing sets by their initial 'seed' and a 'iterator'
[Wed Nov 26 19:49:00 2014] <jabesed> point being that then you could define functions on sets in terms of functions on these iterator relations
[Wed Nov 26 19:49:01 2014] <jabesed> e.g.
[Wed Nov 26 19:49:21 2014] <jabesed> intersection of two inductive sets is just the intersection of their initial seeds and relations
[Wed Nov 26 19:50:02 2014] <jabesed> for union this wouldn't quite work in general, but it would when adding some restrictions to the relations
[Wed Nov 26 19:51:06 2014] <jabesed> then projection on inductive sets of pairs is interesting too, as there would need to be some sort of colapsing in the projection of the relation
[Wed Nov 26 19:51:08 2014] <jabesed> etc
[Wed Nov 26 19:51:48 2014] <jabesed> this is quite handy because using this, one can substitute inductive proofs by these operations on relations
[Wed Nov 26 19:51:59 2014] <jabesed> e.g. you want to prove two inductive sets are the same
[Wed Nov 26 19:52:29 2014] <jabesed> instead of using induction you could prove one relation is contained in the other
[Wed Nov 26 19:52:43 2014] <jabesed> this seems interesting and would be handy for me
[Wed Nov 26 19:52:58 2014] <jabesed> but as I'm defining all this boilerplate, I feel like I must be reinventing the wheel
[Thu Nov 27 06:41:14 2014] <user1> pokop
[Thu Nov 27 07:52:45 2014] <schoppenhauer> hello. is there any predefined error-monad in coq?
[Thu Nov 27 09:35:46 2014] <schoppenhauer> hm. my goal contains a match (x :: y) as | [] => ... | a :: b => ... end. obviously, the [] case cannot occur. how can I remove it?
[Thu Nov 27 09:38:24 2014] <nkar> simpl maybe?
[Thu Nov 27 10:18:01 2014] <schoppenhauer> indeed.
[Thu Nov 27 10:18:03 2014] <schoppenhauer> thx.
[Thu Nov 27 10:18:27 2014] <nkar> np
[Thu Nov 27 10:20:39 2014] <benzrf> match..as?
[Thu Nov 27 22:45:32 2014] <marvimias> In Coq how would I prove that the relation: x R y = (x^2 - y^2) (xy - 1) = 0
[Thu Nov 27 22:45:41 2014] <marvimias> is transitive? I know the definition, but how do I prove that xRz is really (x^2 - z^2)(xz - 1) = 0?
[Thu Nov 27 22:47:16 2014] <benzrf> marvimias: i'd assume induction
[Thu Nov 27 22:47:33 2014] <benzrf> that's the usual route =b
[Thu Nov 27 22:48:41 2014] <marvimias> I think I know how to prove it manually, I was just curious with Coq. Heard about it but never used it before
[Thu Nov 27 22:49:21 2014] <marvimias> benzrf, This is what I got: http://pastebin.com/QRghHYd1
[Thu Nov 27 22:50:06 2014] <benzrf> marvimias: 1 sec
[Thu Nov 27 22:51:28 2014] <benzrf> h m m
[Thu Nov 27 22:52:02 2014] <benzrf> ok 1 sec
[Thu Nov 27 22:52:16 2014] <benzrf> im gonna make a script
[Thu Nov 27 22:53:28 2014] <benzrf> ok nvm
[Thu Nov 27 22:53:34 2014] <benzrf> marvimias: you've never used coq?
[Thu Nov 27 23:00:34 2014] <marvimias> benzrf, Never written a script in Coq, I have used it though
[Thu Nov 27 23:00:40 2014] <marvimias> But not much
[Thu Nov 27 23:00:49 2014] <marvimias> I have the Coq IDE installed
[Thu Nov 27 23:03:45 2014] <marvimias> I have heard Coq does not work well on reals. And it can get a bit messy
[Thu Nov 27 23:09:00 2014] <benzrf> er
[Thu Nov 27 23:09:06 2014] <benzrf> by script i meant a terminal typescript ;b
[Thu Nov 27 23:10:45 2014] <marvimias> benzrf, Oh yes
[Thu Nov 27 23:11:44 2014] <marvimias> That would be good
[Thu Nov 27 23:28:10 2014] <marvimias> benzrf, You still there?
[Thu Nov 27 23:43:32 2014] <benzrf> y
[Thu Nov 27 23:49:00 2014] <marvimias> benzrf, Would it be relatively easy in Coq to prove?
[Thu Nov 27 23:54:29 2014] <benzrf> mm probably
[Thu Nov 27 23:54:40 2014] <benzrf> straightforward induction/simplification dance i'd wager
[Fri Nov 28 00:36:57 2014] <shouya> hi folks,
[Fri Nov 28 00:37:38 2014] <shouya> i wanna know how do you usually prove some artihmetic theorem.
[Fri Nov 28 00:38:42 2014] <shouya> for example for some theorems based on multiplication, doing induction on the variables makes the case more complex.
[Fri Nov 28 00:40:12 2014] <shouya> for a specific example, like this: http://lpaste.net/115249
[Fri Nov 28 00:42:19 2014] <alkabetz> shouya: For this one, you want the 'inversion' tactic, not induction.
[Fri Nov 28 00:42:57 2014] <shouya> oh, got that!
[Fri Nov 28 00:43:09 2014] <alkabetz> I’m not sure if I can offer more general advice, though.  My pattern is usually ‘try one or two tactics I know, see if that makes any progress, repeat’.
[Fri Nov 28 00:43:30 2014] <shouya> I nearly forgot this tactic, i've been a long time not using coq.
[Fri Nov 28 00:44:02 2014] <shouya> alkabetz: sure :) thanks
[Fri Nov 28 00:44:23 2014] <alkabetz> You’re welcome.
[Fri Nov 28 00:44:46 2014] <alkabetz> If you do end up using inversion a lot, watch out for how it interacts with automation – inversion often generates so many new assumptions that it really can slow down proof search.
[Fri Nov 28 00:45:37 2014] <marvimias> <marvimias> In Coq how would I prove that the relation: x R y = (x^2 - y^2) (xy - 1) = 0
[Fri Nov 28 00:45:37 2014] <marvimias> <marvimias> is transitive? I know the definition, but how do I prove that xRz is really (x^2 - z^2)(xz - 1) = 0?
[Fri Nov 28 00:45:42 2014] <marvimias> alkabetz, Any idea?
[Fri Nov 28 00:46:03 2014] <alkabetz> I’ve often used 'inversion H; clear H; subst', which cleans up your proof context quite a bit (but can take you in the wrong direction if you’re not careful).
[Fri Nov 28 00:46:21 2014] <alkabetz> (That was for shouya, not for marvimias)
[Fri Nov 28 00:47:03 2014] <shouya> alkabetz: yup, which is helpful to make the hypothesis clearer.
[Fri Nov 28 00:47:46 2014] <alkabetz> marvimias: What type do you want for x and y?
[Fri Nov 28 00:51:12 2014] <marvimias> alkabetz, Well this is how I tried proving it manually: http://pastebin.com/CPhtnxji
[Fri Nov 28 00:56:37 2014] <alkabetz> marvimias: So wait, you want to prove that R is *not* transitive?
[Fri Nov 28 00:57:02 2014] <marvimias> alkabetz, Which would be easier in Coq?
[Fri Nov 28 00:57:39 2014] <marvimias> alkabetz, I am more just curious about it, don't really need it to be done in Coq, was just curious is all
[Fri Nov 28 00:58:39 2014] <alkabetz> You can’t prove a false proposition in Coq, so you’d want to prove that R is intransitive.  You’d do this by providing Coq a counterexample, just like you’ve done in the English proof.
[Fri Nov 28 00:59:31 2014] <marvimias> alkabetz, I see, and how would that be done in Coq syntax?
[Fri Nov 28 01:00:12 2014] <benzrf> tbh i think i find it easier to reason on the side of the CHC where forall a : A, P a is rendered as (a : A) -> P a
[Fri Nov 28 01:19:22 2014] <alkabetz> marvimias: I’m not 100% sure.  I’d have to actually prove it to find out, and it’s too late for me to be proving things with real numbers right now ;)
[Fri Nov 28 04:07:06 2014] <notdan> Hi
[Fri Nov 28 04:25:35 2014] <nkar> hi
[Fri Nov 28 06:21:44 2014] <user1> salut les petits coquard
[Fri Nov 28 10:49:06 2014] <benzrf> how do + and * differ from \/ and /\
[Fri Nov 28 10:53:46 2014] <ianjneu> Type vs Prop
[Fri Nov 28 10:56:27 2014] <benzrf> ianjneu: but Prop is a Type
[Fri Nov 28 10:56:35 2014] <benzrf> ianjneu: doesnt  + and * work on Prop
[Fri Nov 28 10:56:37 2014] <benzrf> what is this nonsense
[Fri Nov 28 11:00:57 2014] <ianjneu> Prop is impredicative, so specifying Prop is different from just being in the lowest Type universe.
[Fri Nov 28 11:11:24 2014] <Saizan> benzrf: with \/ and /\ you stay within Prop, otherwise you go into Type
[Fri Nov 28 11:11:39 2014] <benzrf> oh
[Fri Nov 28 11:13:07 2014] <Hodapp> one of these days I need to understand type universes.
[Fri Nov 28 12:54:03 2014] <user1_> salut les petits coquards
[Fri Nov 28 12:55:07 2014] <ianjneu> I only speak English and Japanese.
[Fri Nov 28 12:55:26 2014] <ianjneu> but salut anyway
[Fri Nov 28 13:00:38 2014] <benzrf> salut saschmut
[Fri Nov 28 15:31:05 2014] <benzrf>       
[Fri Nov 28 19:50:30 2014] <jn__> The goo.gl link in the topic points to http://www.lemoniteur.fr/157-realisations/article/actualite/706389-un-pont-de-rouen-transforme-en-mikado, is that intended?
[Sat Nov 29 03:49:17 2014] <shouya> hi everyone,
[Sat Nov 29 03:49:37 2014] <shouya> anyone has idea to prove the goal: forall m n n' a, m <> 0 -> a = m * n -> a = m * n' -> n = n'.
[Sat Nov 29 03:54:40 2014] <shouya> i thought it should be done with induction,
[Sat Nov 29 03:59:32 2014] <shouya> here's my trial: http://lpaste.net/115328
[Sat Nov 29 04:44:33 2014] <Saizan> i'd do induction on m
[Sat Nov 29 05:28:48 2014] <shouya> Saizan: could you please give more hints about how to do that?
[Sat Nov 29 05:29:33 2014] <shouya> Saizan: i tried by failed on proving it in this way.
[Sat Nov 29 05:29:39 2014] <shouya> s/by/but
[Sat Nov 29 05:30:21 2014] <Saizan> shouya: mh, i haven't done that proof and i'm not actually a Coq user, so i wouldn't actually know, sorry
[Sat Nov 29 05:30:43 2014] <Saizan> i guess it depends on whether * is defined by recursion on the left or on the right
[Sat Nov 29 05:31:08 2014] <shouya> Saizan: i think that would be both okay,
[Sat Nov 29 05:31:36 2014] <shouya> in library there are these lemmas:
[Sat Nov 29 05:31:44 2014] <shouya> Lemma mult_succ_l : forall n m:nat, S n * m = n * m + m.
[Sat Nov 29 05:31:44 2014] <shouya> Lemma mult_succ_r : forall n m:nat, n * S m = n * m + n.
[Sat Nov 29 05:36:28 2014] <Saizan> mh, maybe it's just induction on n and n' at the same time and proving the diagonal cases are impossible
[Sat Nov 29 05:37:45 2014] <shouya> Saizan: i'll try that again ;-p
[Sat Nov 29 05:38:49 2014] <dbelange> SnmnmmnmnSmnmn
[Sat Nov 29 10:40:56 2014] <benzrf> what exactly does Function do
[Sat Nov 29 10:41:03 2014] <benzrf> v. Definiiitiiion
[Sat Nov 29 11:16:48 2014] <benzrf> > destruct (o a b c f g).
[Sat Nov 29 11:16:48 2014] <benzrf> > ^^^^^^^^^^^^^^^^^^^^^^
[Sat Nov 29 11:16:48 2014] <benzrf> Error: f is used in hypothesis n.
[Sat Nov 29 11:16:51 2014] <benzrf> ??
[Sat Nov 29 11:16:52 2014] <benzrf> > destruct (o a b c f g).
[Sat Nov 29 11:16:52 2014] <benzrf> > ^^^^^^^^^^^^^^^^^^^^^^
[Sat Nov 29 11:16:52 2014] <benzrf> Error: f is used in hypothesis n.
[Sat Nov 29 11:17:43 2014] <benzrf> wot the heck is this
[Sat Nov 29 11:38:30 2014] <benzrf> h e l p
[Sat Nov 29 11:38:34 2014] <benzrf> Cale: can you provide asst?
[Sat Nov 29 11:44:03 2014] <Cale> wat
[Sat Nov 29 11:44:26 2014] <Cale> benzrf: what's up?
[Sat Nov 29 11:45:03 2014] <Cale> I might be slightly distracted, I'm having tons of "fun" fixing broken javascript applets for my panel because some update broke about half of them.
[Sat Nov 29 11:45:30 2014] <benzrf> ok thank u
[Sat Nov 29 11:45:35 2014] <benzrf> > destruct (o a b c f g).
[Sat Nov 29 11:45:35 2014] <benzrf> > ^^^^^^^^^^^^^^^^^^^^^^
[Sat Nov 29 11:45:35 2014] <benzrf> Error: f is used in hypothesis n.
[Sat Nov 29 11:45:37 2014] <benzrf> wat
[Sat Nov 29 11:45:45 2014] <Cale> What's the context?
[Sat Nov 29 11:46:06 2014] <benzrf> http://benzrf.benzrf.com/imgs/913cef.png
[Sat Nov 29 11:46:32 2014] <Cale> weird
[Sat Nov 29 11:56:34 2014] <Cale> benzrf: I might be able to help if you pasted your script somewhere
[Sat Nov 29 12:01:54 2014] <benzrf> script?
[Sat Nov 29 12:45:47 2014] <benzrf> Cale: still there?
[Sat Nov 29 12:46:00 2014] <benzrf> https://gist.github.com/f712abf520f52fc5566e
[Sat Nov 29 13:51:50 2014] <Cale> benzrf|offline: This doesn't appear to be provable.
[Sat Nov 29 13:51:50 2014] <Cale> I can sort of see where the n is coming from, it's from ncm.
[Sat Nov 29 13:51:51 2014] <Cale> benzrf|offline: If you destruct f and g and unfold ncatcomp, you can reach the goal  o n m0 m (ncm m0 m) (ncm n m0) = ncm n m
[Sat Nov 29 13:56:35 2014] <Cale> oh, no, it is
[Sat Nov 29 13:56:35 2014] <Cale> You just need an additional lemma about uniqueness of terms ncatmorph n m
[Sat Nov 29 13:56:35 2014] <Cale> Lemma uniqueness : forall n m, forall (x y : ncatmorph n m), x = y.
[Sat Nov 29 13:57:36 2014] <Cale> That one is easy (destruct x and y, use reflexivity)
[Sat Nov 29 13:57:36 2014] <Cale> You can then apply uniqueness to your goal of o a b c f g = ncatcomp a b c f g
[Sat Nov 29 17:29:06 2014] <benzrf> Cale: yes, that's what i was trying to do
[Sat Nov 29 17:29:11 2014] <benzrf> Cale: just w/o a lemma, rather inline
[Sat Nov 29 17:29:31 2014] <benzrf> Cale: hence why i was trying to destruct o a b c f g
[Sat Nov 29 17:29:45 2014] <benzrf> >destruct x and y
[Sat Nov 29 17:33:58 2014] <nkar> benzrf: hi, have you proved 'app_length_twice' from sf?
[Sat Nov 29 17:35:19 2014] <benzrf> nkar: probably
[Sat Nov 29 17:35:22 2014] <benzrf> i dont remember
[Sat Nov 29 17:36:02 2014] <nkar> benzrf: I got stuck.  could you look at my proof and provide a hint without revealing much?
[Sat Nov 29 17:36:20 2014] <benzrf> OK
[Sat Nov 29 17:36:30 2014] <nkar> thanks, will paste shortly
[Sat Nov 29 17:39:47 2014] <nkar> benzrf: http://dpaste.com/1YBNMMZ
[Sat Nov 29 17:39:59 2014] <nkar> this is from the 'MoreCoq' chapter
[Sat Nov 29 17:41:24 2014] <benzrf> hm
[Sat Nov 29 17:41:40 2014] <nkar> I guess I could prove the goal separately
[Sat Nov 29 17:41:50 2014] <nkar> but it's not allowed
[Sat Nov 29 17:42:11 2014] <nkar> because that's the def'n of app_length, iirc
[Sat Nov 29 17:43:43 2014] <benzrf> * stares a lil
[Sat Nov 29 17:44:24 2014] <nkar> (I'm going to take a nap, but I'll read the backlog.)
[Sat Nov 29 17:53:50 2014] <benzrf> nkar: ok i probably know less coq than u
[Sun Nov 30 04:36:58 2014] <nkar> benzrf|offline: johnw proved it by introducing a new theorem (the opposite of app_length_cons), so I did the same.  I'd thought I could use app_length_cons as is because I forgot that 'if foo then bar' doesn't always holds for 'if bar then foo'.
[Sun Nov 30 05:57:35 2014] <habecker> hi. I'm learning the basics of HoTT and have problems proving the formalization of the following fact: If f: E -> B is a fibration and p: s ~~> t is a path in E which projects to a null-homotopic loop based at some b : B, then p is homotopic to a path in the fiber over b. I formalized this as http://pastebin.com/h0Wvdniz but cannot solve it. any hints?
[Sun Nov 30 07:24:44 2014] <habecker> ah ok... in case anyone is interested: one needs to alter the hypothesis to make path induction in E applicable; instead of only looking at paths connecting points in the same fiber of f, one should associate to *any* path p: x -> y in E a path between y and the transport of x along f p: f x -> f y within the fiber of y. this is part of Thm 2.7.2 in the HoTT book and can be done by path induction
[Sun Nov 30 08:31:00 2014] <Choups314> Hello, is it possible to use the absurd reasonning (of the classical logic) in coq ?
[Sun Nov 30 08:31:56 2014] <Choups314> I mean, suppose the conclusion is False and proof a contradiction ?
[Sun Nov 30 08:47:32 2014] <habecker> Choups314: To use proofs by contradiction you need to impose the law of exluded middle as an additional axiom. Or do you mean something else?
[Sun Nov 30 08:48:54 2014] <andmkent> Choups314: https://coq.inria.fr/library/Coq.Logic.Classical_Prop.html
[Sun Nov 30 08:49:07 2014] <yukko> that's not true, you can prove P x -> False
[Sun Nov 30 08:49:22 2014] <yukko> without needing excluded middle
[Sun Nov 30 08:50:07 2014] <yukko> Choups314 there is an absurd tactic but I'm not sure in what situations it's useful in
[Sun Nov 30 08:50:40 2014] <yukko> there's also elimtype False which makes the current goal into False
[Sun Nov 30 08:58:19 2014] <habecker> yukko: I meant 'proof [of P] by contradiction' as 'it suffices to show that not(P) gives rise to a contradiction', and for that you need excluded middle - but maybe that's not what Choups314 meant
[Sun Nov 30 09:00:36 2014] <yukko> oh okay!
[Sun Nov 30 09:06:08 2014] <Choups314> habecker: In fact I don't understand how to turn the current goal (the conclusion) into an hypothesis (i.e. if I have a goal P, turn not(P) to an hypothesis) ?
[Sun Nov 30 09:10:11 2014] <habecker> Choups314: If 'lem : not (not P) -> P' is the law of excluded middle for P and your current goal is P, you can do 'apply lem; intro c.' which will give you an additional hypothesis 'c : not P' and change the goal to 'False'. This is because 'not P' is defined as 'P -> False'
[Sun Nov 30 09:11:36 2014] <Choups314> habecker : I got it ! Thanks :)
[Sun Nov 30 09:11:57 2014] <habecker> :)
[Sun Nov 30 09:23:40 2014] <Choups314> habecker: This is purely naming convention, but I thought the Law of exluded Middle stated "P or not(P)" ? (And the "not (not P)) was the Double Negation Elimination)
[Sun Nov 30 09:31:24 2014] <Choups314> habecker: Nevermind, I understood what you meant ;) (The Law of exluded Middle is required to prove the Double Negation Elimination)
[Sun Nov 30 09:44:41 2014] <habecker> Choups314: Oh yes, you're right, I should have said double negation elimination - but when imposed on all propositions, it is equivalent to the law of excluded middle imposed on all propositions.
[Sun Nov 30 09:45:02 2014] <benzrf> i like how ~~LEM can be proved
[Sun Nov 30 09:45:07 2014] <benzrf> but not LEM
[Sun Nov 30 09:45:15 2014] <benzrf> the ironies
[Sun Nov 30 12:32:17 2014] <nkar> what tactic can I use to discard the '[] = x::xt' goal?
[Sun Nov 30 12:32:37 2014] <nkar> I know that it can be done in the context, using inversion.
[Sun Nov 30 13:52:38 2014] <johnw> nkar: you can't discharge that goal, it's impossible
[Sun Nov 30 13:52:49 2014] <johnw> it's the same as proving False
[Sun Nov 30 13:54:03 2014] <nkar> johnw: I'm proving combine_split from sf.  any suggestions?  do I need to prove a lemma about split and combine?
[Sun Nov 30 13:54:28 2014] <johnw> can you show me that goal again?
[Sun Nov 30 13:55:43 2014] <nkar> Theorem combine_split : forall X Y (l : list (X × Y)) l1 l2, split l = (l1, l2) -> combine l1 l2 = l.  I've tried various things, but all of them lead to something like [] = x::xt in the goal without anything useful in the context.
[Sun Nov 30 13:56:03 2014] <johnw> you are using induction on l?
[Sun Nov 30 13:56:06 2014] <nkar> I've tried to unfold the definitions, but I'm not sure how to work with things inside 'fix'
[Sun Nov 30 13:56:30 2014] <nkar> tried various things, including induction on l.
[Sun Nov 30 13:56:57 2014] <johnw> so, the answer does involve induction on l
[Sun Nov 30 13:57:12 2014] <johnw> what you may be failing to do is to destruct on the right thing after that
[Sun Nov 30 13:57:32 2014] <johnw> when l is broken into x and xs, then you need to know the result of "split xs"
[Sun Nov 30 13:58:34 2014] <nkar> I think I've tried that, too.  I'm disassembling a laptop at the moment, so I'll ask more questions a bit later.
[Sun Nov 30 13:58:39 2014] <johnw> k
[Mon Dec  1 11:33:58 2014] <Rc43> How to simplify only "if" construct with "simpl" or analogue?
[Mon Dec  1 11:40:47 2014] <Rc43> Oh, "cbv iota" does that.
[Mon Dec  1 11:48:52 2014] <Choups314> Hello, how do I rewrite an hypothesis with an equivalent ? For example, if I have an hypothesis H:a<>b, how do I rewrite it to  a<b  (If a is less than b, so a is different of b)
[Mon Dec  1 11:49:59 2014] <ianjneu> Choups314: but that's not equivalent. If a = 1 and b = 0 you don't get that
[Mon Dec  1 11:50:18 2014] <Choups314> Oups :| you are right
[Mon Dec  1 11:50:20 2014] <Choups314> sorry
[Mon Dec  1 11:50:38 2014] <Choups314> But, just
[Mon Dec  1 11:52:26 2014] <ianjneu> rewrite Heq in Htorewrite.
[Mon Dec  1 11:52:38 2014] <Choups314> I mean, it is an hypothesis, so I can create another hypotheses derived from it no ? If the hypothesis states that a<>b, I can choose as a<b or b>a no ?
[Mon Dec  1 11:54:56 2014] <elarnon> you can't choose that
[Mon Dec  1 11:56:24 2014] <elarnon> you can derive [a<b \/ b>a] as long as you have e.g. trichotomy
[Mon Dec  1 11:56:28 2014] <Choups314> elarnon: In fact, I'm trying to prove an equality (my conclusion). For this, I use an absurd reasoning (apply NNPP ; intro.), but then my hypothesis is the difference
[Mon Dec  1 11:57:17 2014] <elarnon> yes but you have to prove it for both cases (a<b and b>a)
[Mon Dec  1 11:57:17 2014] <Choups314> Yes, I have trichotomy (it deals with reals)
[Mon Dec  1 11:58:06 2014] <elarnon> then you can split on your trichotomy hypothesis
[Mon Dec  1 11:58:07 2014] <Choups314> It is not enough to show a contradiction with one case ?
[Mon Dec  1 11:58:21 2014] <elarnon> the case a=b will be easy as you have a<>b, and the cases a<b and b>a will remain
[Mon Dec  1 11:58:31 2014] <elarnon> well no
[Mon Dec  1 11:58:58 2014] <elarnon> if you prove [not (a<b)], this clearly doesn't imply that [a=b]
[Mon Dec  1 11:59:19 2014] <Choups314> Yes you are right ...
[Mon Dec  1 12:00:50 2014] <Choups314> But is it possible to *at least* add an extra condition on the hypothesis, like a<>b such as a<b ?
[Mon Dec  1 12:01:10 2014] <elarnon> yes
[Mon Dec  1 12:01:20 2014] <elarnon> [split name_of_trichotomy_lemma]
[Mon Dec  1 12:02:28 2014] <elarnon> hm wait, does split work for hypotheses
[Mon Dec  1 12:02:47 2014] <Choups314> I don't know
[Mon Dec  1 12:02:52 2014] <elarnon> * have not used coq in several months
[Mon Dec  1 12:02:57 2014] <Choups314> ^^
[Mon Dec  1 12:03:54 2014] <elarnon> you want [destruct name_of_trichotomy_lemma]
[Mon Dec  1 12:03:56 2014] <elarnon> sorry
[Mon Dec  1 12:04:20 2014] <elarnon> but you'll still have to prove your goal for both a<b and a>b
[Mon Dec  1 12:04:55 2014] <elarnon> but you will have these as hypotheses
[Mon Dec  1 12:05:49 2014] <Choups314> hum, I will look for a repeat tactic ;), the variables a and b aren't important in the proof (they can be interchanged)
[Mon Dec  1 12:06:13 2014] <elarnon> if you are looking for automation,  then [repeat] and [match goal with ...] should be of help
[Mon Dec  1 12:06:41 2014] <elarnon> (but maybe some built-in tactic such as [intuition] is enough to solve your goals once the split has been performed?)
[Mon Dec  1 12:07:21 2014] <Choups314> I don't think so, it's a proof of unicity
[Mon Dec  1 12:07:34 2014] <Choups314> This is just the begining of the proof ;)
[Mon Dec  1 12:08:01 2014] <Choups314> And this is more like training, so I want to practice :p
[Mon Dec  1 12:20:12 2014] <johnw> hi elarnon!
[Mon Dec  1 12:34:03 2014] <Choups314> destruct doesn't work with 3 disjunctions ? (with P1 \/ P2 \/ P3 it only generates 2 subgoals ..)
[Mon Dec  1 12:34:43 2014] <jrw> Choups314: one of the subgoals will still have a disjunction in it as a hypothesis, so you have to destruct again. you can use [intuition] to get all the subgoals at once.
[Mon Dec  1 12:34:56 2014] <Choups314> jrw : Ok tanks !
[Mon Dec  1 12:35:01 2014] <Choups314> thanks*
[Mon Dec  1 16:42:02 2014] <Choups314> How do I unfold in an hypothesis ?
[Mon Dec  1 16:42:15 2014] <alkabetz> [unfold foo in H] should do it.
[Mon Dec  1 16:43:09 2014] <Choups314> Ok thanks !
[Mon Dec  1 17:01:22 2014] <alkabetz> You’re welcome.
[Mon Dec  1 20:12:55 2014] <eraserhd> What is the notation like {m} in a parameter list?
[Mon Dec  1 20:16:32 2014] <benzrf> eraserhd: implicit
[Mon Dec  1 20:18:21 2014] <eraserhd> Oh, interesting.
[Mon Dec  1 20:19:13 2014] <eraserhd> In Fin.t, what prevents passing a too-large value?
[Mon Dec  1 20:23:43 2014] <Ptival> eraserhd: a value morally equivalent to the number n can only have type Fin m where m < n
[Mon Dec  1 20:24:59 2014] <Ptival> or dually, a given value of type Fin can only be indexed at a number greater than the one it represents
[Mon Dec  1 20:25:22 2014] <Ptival> F1 can only be indexed at Fin 1, Fin 2, Fin 3, ..., but never at Fin 0
[Mon Dec  1 20:26:02 2014] <Ptival> therefore, (FS F1) can only have type Fin 2, Fin 3, ..., but not Fin 0 or Fin 1
[Mon Dec  1 20:26:10 2014] <eraserhd> Ptival: Hrmm.  I'm not sure how to parse that out of the Inductive statement, is the problem.
[Mon Dec  1 20:26:23 2014] <Ptival> so first look at the type of F1
[Mon Dec  1 20:26:34 2014] <eraserhd> OH!
[Mon Dec  1 20:26:35 2014] <Ptival> F1 : forall {n}, Fin.t (S n)
[Mon Dec  1 20:26:51 2014] <Ptival> so F1 {0} : Fin.t 1
[Mon Dec  1 20:26:59 2014] <Ptival> F1 {1} : Fin.t 2
[Mon Dec  1 20:27:05 2014] <Ptival> F1 {2} : Fin.t 3
[Mon Dec  1 20:27:32 2014] <Ptival> now is there a number n such that F1 {n} : Fin 0   ?
[Mon Dec  1 20:27:40 2014] <Ptival> now is there a number n such that F1 {n} : Fin.t 0   ?
[Mon Dec  1 20:27:44 2014] <eraserhd> Got it.
[Mon Dec  1 20:27:58 2014] <Ptival> clearly not, because the type of the constructor F1 cannot unify with Fin.t 0
[Mon Dec  1 20:28:08 2014] <Ptival> since (S x) cannot unify with O
[Mon Dec  1 20:30:24 2014] <Ptival> then FS just turns a Fin.t n into a Fin.t (n + 1), so it only makes things worse in some sense :)
[Mon Dec  1 20:30:56 2014] <johnw> Ptival: any i : Fin n means i as a nat is < n
[Mon Dec  1 20:31:12 2014] <johnw> you said the opposite when you said that Fin m means m < n
[Mon Dec  1 20:37:01 2014] <Ptival> oh sorry I meant to type m > n
[Mon Dec  1 20:37:17 2014] <Ptival> johnw: thanks
[Mon Dec  1 20:40:43 2014] <eraserhd> Ptival: Oh, and thank you.
[Mon Dec  1 20:42:14 2014] <eraserhd> So, how would one iterate over the possible values of a Fin.t n?  I deduce I must match on the type.
[Mon Dec  1 20:46:32 2014] <johnw> yes
[Mon Dec  1 20:46:47 2014] <johnw> it's basically a form of natural, with constructors F1 and FS
[Mon Dec  1 20:52:31 2014] <eraserhd> Hrmm. I can do it decreasing if I can get the maximal Fin.t n value.
[Mon Dec  1 20:52:56 2014] <eraserhd> E.g. given 3, I have FS (FS F1).
[Mon Dec  1 20:53:06 2014] <johnw> right
[Mon Dec  1 20:53:17 2014] <johnw> there's a function to convert from Fin n to nat
[Mon Dec  1 21:01:29 2014] <eraserhd> I want to keep it as Fin.t, but I guess I need to make a dependent match to get the n, then make a Fin.t n with the right number of FS.
[Mon Dec  1 22:04:39 2014] <nkar> johnw: around?
[Mon Dec  1 22:04:57 2014] <johnw> yes, i'm here what you need?
[Mon Dec  1 22:05:08 2014] <nkar> so, do you suggest to start with induction on l?
[Mon Dec  1 22:05:17 2014] <johnw>  what are we talking about exactly?
[Mon Dec  1 22:05:53 2014] <nkar> about proving 'combine_split' from sf.  we talked about it a couple of days ago.
[Mon Dec  1 22:06:06 2014] <johnw>  yes, the beginning of that proof is to start with induction on l
[Mon Dec  1 22:06:51 2014] <nkar> okay, I've done that.  how do I get rid of combine (y :: yt) l2 = []?
[Mon Dec  1 22:07:05 2014] <nkar> or do I need to destruct the whole thing on the left?
[Mon Dec  1 22:07:38 2014] <johnw> I don't remember exactly anymore, but if you look in my github you can see the steps of the proof as I did it.  Maybe only glance at it briefly so it just gives you a hint
[Mon Dec  1 22:08:11 2014] <nkar> okay, I'll do that.  sorry for wasting your time on this.
[Mon Dec  1 22:08:26 2014] <johnw>  it's no waste of time, i just don't happen to remember that clearly right at this moment
[Mon Dec  1 22:13:20 2014] <nkar> uh, the trick is to simpl the hypothesis to get ([], []) = (l1, l2)
[Tue Dec  2 10:04:02 2014] <benzrf> hey yo
[Tue Dec  2 10:04:04 2014] <benzrf> i have this:
[Tue Dec  2 10:04:05 2014] <benzrf>   H0 : forall i : B, exists p : A, f p = i
[Tue Dec  2 10:04:05 2014] <benzrf>   X : B
[Tue Dec  2 10:04:05 2014] <benzrf>   ============================
[Tue Dec  2 10:04:05 2014] <benzrf>    A
[Tue Dec  2 10:04:19 2014] <benzrf> but:
[Tue Dec  2 10:04:20 2014] <benzrf> > apply H0.
[Tue Dec  2 10:04:20 2014] <benzrf> > ^^^^^^^^
[Tue Dec  2 10:04:20 2014] <benzrf> Error: Case analysis on sort Type is not allowed for inductive definition ex.
[Tue Dec  2 10:04:29 2014] <benzrf> how do i do tihs
[Tue Dec  2 10:23:47 2014] <alkabetz> Coq is assuming [A] and [B] have type [Type].  If they’re type [Prop], this works just fine.  There’s something about destructing an existential in [Type] that breaks predicativity, but I don’t fully understand it; [Prop] is impredicative anyway, so Coq is okay with this.
[Tue Dec  2 10:26:50 2014] <benzrf> alkabetz: yeah, but...
[Tue Dec  2 10:27:00 2014] <Cypi> Wouldn't the problem be that ex is in Prop, so it has to be erasable, so you cannot destruct it to build something in Type ?
[Tue Dec  2 10:27:00 2014] <benzrf> wait
[Tue Dec  2 10:27:07 2014] <benzrf> Cypi: oooooooh
[Tue Dec  2 10:27:08 2014] <benzrf> that blows
[Tue Dec  2 10:27:09 2014] <Cypi> (not sure, actually asking)
[Tue Dec  2 10:27:19 2014] <benzrf> Cypi: that does sound right q_q
[Tue Dec  2 10:27:41 2014] <benzrf> well i went and defined surjectivity using an existential
[Tue Dec  2 10:27:45 2014] <benzrf> er, an existential result
[Tue Dec  2 10:27:49 2014] <benzrf> now what .o.
[Tue Dec  2 10:27:56 2014] <benzrf> is there, like, Type existential
[Tue Dec  2 10:28:26 2014] <alkabetz> Isn’t that a sigma type?
[Tue Dec  2 10:28:26 2014] <Cypi> Yes: sigT
[Tue Dec  2 10:28:40 2014] <Cypi> or sig
[Tue Dec  2 10:29:03 2014] <Choups314> Hi !
[Tue Dec  2 10:29:36 2014] <Choups314> Is it possible to do implicit coercions between naturals/reals, while proving a simple equality ?
[Tue Dec  2 10:29:41 2014] <Choups314> Maybe with C-Corn ?
[Tue Dec  2 10:30:09 2014] <benzrf> what is C-Corn o.O
[Tue Dec  2 10:30:40 2014] <Choups314> http://corn.cs.ru.nl//
[Tue Dec  2 10:31:21 2014] <Choups314> It define reals constructively, (While the standard library define them as axioms)
[Tue Dec  2 10:31:26 2014] <Choups314> It defines*
[Tue Dec  2 11:30:38 2014] <benzrf> how can you constructively define reals in a way that the computer can process?
[Tue Dec  2 11:30:54 2014] <benzrf> functions of digit position??
[Tue Dec  2 11:39:46 2014] <Choups314> benzrf : reals are constructed with cauchy sequences. But when you want to compute with them, you specify an arbitrary precision
[Tue Dec  2 11:42:23 2014] <benzrf> Choups314: ah
[Tue Dec  2 12:05:50 2014] <ianjneu> I was just explaining the reals in terms of Cauchy sequences to my partner last night.
[Tue Dec  2 12:06:12 2014] <ianjneu> Explaining that 1.000... and 0.999... are the exact same number is a bit challenging.
[Tue Dec  2 12:07:02 2014] <ianjneu> but saying that -0.999... = 0 at the end of it got me an, "oh okay, that makes sense."
[Tue Dec  2 12:07:07 2014] <johnw> I bet
[Tue Dec  2 12:07:46 2014] <Cypi> "-0.999... = 0" >> what?
[Tue Dec  2 12:07:58 2014] <ianjneu> ya, I got that one wrong.
[Tue Dec  2 12:08:14 2014] <Cypi> ok
[Tue Dec  2 12:08:21 2014] <ianjneu> haha
[Tue Dec  2 12:08:34 2014] <ianjneu> I had a couple scotches by that time.
[Tue Dec  2 12:12:49 2014] <johnw> "Scotch: Making Cauchy sequences more comprehensible since the 1800s"
[Tue Dec  2 12:15:12 2014] <ianjneu> Yes, officer, I saw the man who hit me and his name was Johnny Walker
[Tue Dec  2 12:30:06 2014] <jn__>  /window move 234234
[Tue Dec  2 14:34:13 2014] <Choups314> What does the classes represent ?
[Tue Dec  2 14:34:36 2014] <johnw> ?
[Tue Dec  2 15:16:54 2014] <adelbertc> i have S (length t) = S n' in my hypothesis and need to prove length t = n'
[Tue Dec  2 15:17:03 2014] <adelbertc> i could've sworn i could do apply f_equal to the hypothesis
[Tue Dec  2 15:17:10 2014] <adelbertc> but i cant seemt o get it to work.. am i imaginign things?
[Tue Dec  2 15:17:33 2014] <johnw> f_equal should do it, I'd have thought
[Tue Dec  2 15:17:33 2014] <johnw> is there an S_inj?
[Tue Dec  2 15:17:40 2014] <Cypi> f_equal gives you [x = y -> f x = f y]
[Tue Dec  2 15:17:48 2014] <Cypi> so when applied to an hypothesis like this, it won't work
[Tue Dec  2 15:18:12 2014] <Cypi> What you can use is inversion
[Tue Dec  2 15:18:39 2014] <adelbertc> ohhhhh yes inversion is what i was thinking of
[Tue Dec  2 15:19:37 2014] <Cypi> If it was the reverse situation, that is, you have to prove [S (length t) = S n'], then f_equal would transform the goal into [length t = n'], indeed
[Tue Dec  2 15:20:07 2014] <adelbertc> ah ok. oh right, i remember something about forward reasoning and stuff
[Tue Dec  2 15:51:20 2014] <johnw> ah, i didn't realize you were talking about something in your context instead of the goal
[Wed Dec  3 00:15:42 2014] <benzrf> is there sth like existentials that produce type instead of prop
[Wed Dec  3 00:16:23 2014] <benzrf> rn i define surjectivity as all-of-codomain-has-a-preimage, but apparently i cant use that to construct an inverse
[Wed Dec  3 00:24:25 2014] <johnw> benzrf: sigT
[Wed Dec  3 00:24:32 2014] <benzrf> s-sigT
[Wed Dec  3 00:24:40 2014] <benzrf> how do i use it
[Wed Dec  3 00:24:46 2014] <johnw> look up sigT
[Wed Dec  3 00:25:12 2014] <johnw> night
[Wed Dec  3 09:43:43 2014] <urgoal> Here’s a math puzzle related to covering numbers.  Show that there exists an infinite subset S of the non-negative integers with the following properties:
[Wed Dec  3 09:43:44 2014] <urgoal> 1) For every positive integer n, there exist integers i and j in S such that i + j = n
[Wed Dec  3 09:43:44 2014] <urgoal> 2) f(S, n) = O(sqrt(n) log^10 n), where f(S, n) = the number of integers less than n in S.
[Wed Dec  3 15:09:24 2014] <benzrf> are sigma types commonly used? is the fact that i ended up needing them a sign that i chose the wrong way of defining sth?
[Wed Dec  3 15:11:18 2014] <johnw> they are very common for me
[Wed Dec  3 15:11:27 2014] <benzrf> ok phew
[Wed Dec  3 15:11:30 2014] <johnw> dependent records are sigmas
[Wed Dec  3 15:12:10 2014] <benzrf> johnw: i assumed that exists works the way it does for a reason so if i have an existential that needs to be a sigT i must be doing soething wrong
[Wed Dec  3 15:12:13 2014] <johnw>  now, that doesn't mean that you're using them incorrectly :-)
[Wed Dec  3 15:12:36 2014] <johnw>  I tend to avoid using sigT to wherever possible, because it doesn't extract is nicely
[Wed Dec  3 15:12:39 2014] <johnw> s/is/as
[Wed Dec  3 15:12:44 2014] <benzrf> :I
[Wed Dec  3 15:12:59 2014] <johnw>  can you show me an example of the code where you need to use sigT?
[Wed Dec  3 15:25:13 2014] <benzrf> johnw: im defining surjectivity as forall codomain exists preimage
[Wed Dec  3 15:25:29 2014] <benzrf> johnw: then im trying to prove that bijective functions have inverses
[Wed Dec  3 15:25:43 2014] <benzrf> but i cannot construct an inverse because the existential is a Prop
[Wed Dec  3 15:34:47 2014] <johnw> show code
[Wed Dec  3 16:03:47 2014] <benzrf> johnw: one sec
[Wed Dec  3 16:08:22 2014] <Choups314> Hello, what does the operator [:>] means ?
[Wed Dec  3 16:08:36 2014] <johnw> sub-typing
[Wed Dec  3 16:08:41 2014] <benzrf> o
[Wed Dec  3 16:08:44 2014] <johnw> A :> B means that an A can be coerced to a B
[Wed Dec  3 16:08:51 2014] <Choups314> Ok :)
[Wed Dec  3 16:08:57 2014] <benzrf> johnw: how does coercion wor
[Wed Dec  3 16:08:57 2014] <benzrf> k
[Wed Dec  3 16:09:00 2014] <johnw> I'm assuming you encountered this is the record syntax
[Wed Dec  3 16:09:04 2014] <benzrf> johnw: similarly defined constructors?
[Wed Dec  3 16:09:08 2014] <johnw> benzrf: it creates a function to do the coercion
[Wed Dec  3 16:09:10 2014] <Choups314> Yes !
[Wed Dec  3 16:09:26 2014] <benzrf> johnw: well i mean how does the function work
[Wed Dec  3 16:09:28 2014] <benzrf> that it generates
[Wed Dec  3 16:09:36 2014] <benzrf> wot it do
[Wed Dec  3 16:09:37 2014] <johnw> you can write one yourself easily
[Wed Dec  3 16:09:43 2014] <johnw> foo (x : A) : B := ...
[Wed Dec  3 16:09:50 2014] <benzrf> oh wait
[Wed Dec  3 16:09:52 2014] <johnw> Coercion foo : A >-> B.
[Wed Dec  3 16:10:04 2014] <benzrf> so you mean like
[Wed Dec  3 16:10:11 2014] <benzrf> there's no impl, it's unsafeCoerce#?
[Wed Dec  3 16:10:18 2014] <johnw> huh?
[Wed Dec  3 16:10:33 2014] <johnw> it's just a function from A -> B
[Wed Dec  3 16:10:36 2014] <benzrf> oh i see
[Wed Dec  3 16:10:40 2014] <benzrf> wait
[Wed Dec  3 16:10:44 2014] <johnw> what it does, can be up to you
[Wed Dec  3 16:10:49 2014] <benzrf> ahhhh you mean that you pass the function to :>
[Wed Dec  3 16:10:54 2014] <johnw> no
[Wed Dec  3 16:11:00 2014] <johnw> in the :> case, it auto-generates the function in question
[Wed Dec  3 16:11:04 2014] <benzrf> johnw: ok, so
[Wed Dec  3 16:11:05 2014] <johnw> I'm not sure what the implementation looks like
[Wed Dec  3 16:11:10 2014] <benzrf> my question was, what does that func do
[Wed Dec  3 16:11:26 2014] <benzrf> what does it map each thing to?
[Wed Dec  3 16:11:26 2014] <johnw> since A is a superset of B, I imagine it constructs a B using the required elements
[Wed Dec  3 16:11:39 2014] <benzrf> required elements?
[Wed Dec  3 16:11:55 2014] <johnw> elements of A that go into B
[Wed Dec  3 16:12:08 2014] <benzrf> hmmm... what does a full declaration look like?
[Wed Dec  3 16:12:20 2014] <johnw> i don't want to type one
[Wed Dec  3 16:12:22 2014] <benzrf> ok
[Wed Dec  3 16:13:04 2014] <benzrf> i dont follow how subtyping works, though... do you specify that you can have these extra constructors too and then the constructors of the supertype can be used for the subtype as well?
[Wed Dec  3 16:13:20 2014] <johnw> i would recommend playing with it, and printing out the generated functions
[Wed Dec  3 16:13:27 2014] <benzrf> do you have one constructor that may hold an element of the supertype?
[Wed Dec  3 16:13:48 2014] <johnw> not sure I understand
[Wed Dec  3 16:13:55 2014] <benzrf> ok, like
[Wed Dec  3 16:14:12 2014] <benzrf> subtypes are supersets aren't they?
[Wed Dec  3 16:14:30 2014] <benzrf> no, wait.....
[Wed Dec  3 16:14:36 2014] <benzrf> damn ive gone and confused myself
[Wed Dec  3 16:30:29 2014] <benzrf> ok
[Wed Dec  3 16:30:34 2014] <benzrf> johnw: sorry it took so long https://gist.github.com/ab638e2e71dc13c52c68
[Wed Dec  3 16:32:37 2014] <johnw> benzrf: Yeah, that looks to be about right
[Wed Dec  3 16:32:46 2014] <johnw> benzrf:  my definition of it is almost the same: Definition Surjective `(f : X → Y) := ∀ y, ∃ x, f x = y.
[Wed Dec  3 16:32:49 2014] <johnw>  except that I'm using Unicode characters
[Wed Dec  3 16:39:30 2014] <benzrf> i and p for image and preimage
[Wed Dec  3 16:39:38 2014] <benzrf> johnw: your ∃ is sigT?
[Wed Dec  3 16:40:21 2014] <johnw> benzrf: no, it's "exists"
[Wed Dec  3 16:40:24 2014] <johnw> sig
[Wed Dec  3 16:40:42 2014] <johnw>  actually, I think that the word exists can be applied for either one
[Wed Dec  3 16:42:15 2014] <benzrf> Coq < Definition eq0 (n : nat) := match n with | O => true | _ => false end.
[Wed Dec  3 16:42:25 2014] <benzrf> > Check ex nat eq0.
[Wed Dec  3 16:42:25 2014] <benzrf> >          ^^^
[Wed Dec  3 16:42:25 2014] <benzrf> Error: The term "nat" has type "Set" while it is expected to have type "?11 -> Prop".
[Wed Dec  3 16:42:28 2014] <benzrf> hmm?
[Wed Dec  3 16:42:34 2014] <benzrf> ex : forall A : Type, (A -> Prop) -> Prop
[Wed Dec  3 16:43:08 2014] <johnw> Check exist _ <some nat> <some property of that nat>
[Wed Dec  3 16:43:28 2014] <johnw> I have never used 'ex' constructor directly
[Wed Dec  3 16:43:32 2014] <Cypi> benzrf : A is implicit
[Wed Dec  3 16:43:46 2014] <Cypi> put a @ if you reall want to specify every parameter
[Wed Dec  3 16:44:41 2014] <benzrf> oh wait that's to bool
[Wed Dec  3 16:44:47 2014] <benzrf> Cypi: thanks though :)
[Wed Dec  3 16:45:40 2014] <benzrf> johnw: is there notation for sig in the prelude (or w/e coq calls it)
[Wed Dec  3 16:46:24 2014] <johnw> { x : nat | odd x }
[Wed Dec  3 16:46:27 2014] <johnw> that's a sig type
[Wed Dec  3 16:46:32 2014] <johnw> { x : nat & odd x }
[Wed Dec  3 16:46:34 2014] <johnw> that's a sigT type
[Wed Dec  3 16:47:12 2014] <johnw> exist odd 1 odd_1 would construct one of the former (assuming you defined odd_1)
[Wed Dec  3 16:47:19 2014] <johnw> existT odd 1 odd_1 would construct one of the latter
[Wed Dec  3 16:47:39 2014] <benzrf> wait, what's the diff
[Wed Dec  3 16:47:48 2014] <johnw> you can typically replace the first parameter when using these constructors with just an underbar
[Wed Dec  3 16:47:52 2014] <johnw> sig vs. sigT
[Wed Dec  3 16:48:47 2014] <benzrf> yeah but uh
[Wed Dec  3 16:48:52 2014] <benzrf> whats the differenence between sig and sigT
[Wed Dec  3 16:49:01 2014] <benzrf> oh ok i see
[Wed Dec  3 16:49:02 2014] <benzrf> derp
[Wed Dec  3 16:50:14 2014] <johnw> you've been saying it all along: Prop versus Type
[Wed Dec  3 16:55:52 2014] <benzrf> heh
[Wed Dec  3 16:58:02 2014] <benzrf> what are the inhabitants of unique
[Wed Dec  3 16:58:11 2014] <johnw> what is unique?
[Wed Dec  3 16:59:20 2014] <benzrf> Coq < Check unique.
[Wed Dec  3 16:59:20 2014] <benzrf> unique : forall A : Type, (A -> Prop) -> A -> Prop
[Wed Dec  3 16:59:37 2014] <benzrf> found it by accident because there's some kind of syntax for exists that involves it
[Wed Dec  3 17:00:10 2014] <johnw>  it says that if a property exists for two different values of A, then those two values are the same value
[Wed Dec  3 17:00:23 2014] <johnw> Definition unique (A : Type) (P : A->Prop) (x:A) := P x /\ forall (x':A), P x' -> x=x'.
[Wed Dec  3 17:00:42 2014] <johnw> I really recommend browsing the standard library documentation online: https://coq.inria.fr/library/Coq.Init.Logic.html
[Wed Dec  3 17:00:49 2014] <johnw> since it can answer a lot of these types of questions
[Wed Dec  3 17:01:18 2014] <benzrf> sry
[Wed Dec  3 17:33:53 2014] <benzrf> yo johnw
[Wed Dec  3 17:34:02 2014] <benzrf> theres problem
[Wed Dec  3 17:34:02 2014] <johnw> yo
[Wed Dec  3 17:34:13 2014] <benzrf> The term "surjective" has type "Type" while it is expected to have type "Prop".
[Wed Dec  3 17:34:22 2014] <benzrf> becaues:
[Wed Dec  3 17:34:23 2014] <benzrf>   Definition bijective := injective /\ surjective.
[Wed Dec  3 17:34:27 2014] <benzrf> oh wait
[Wed Dec  3 17:34:40 2014] <benzrf> yea
[Wed Dec  3 17:35:06 2014] <johnw> you will need to define surjectivity as a property
[Wed Dec  3 17:35:14 2014] <benzrf> heuh
[Wed Dec  3 17:35:23 2014] <benzrf> johnw: btw does it make sense to define them like that
[Wed Dec  3 17:35:29 2014] <benzrf> in a section with the function in question as a variable
[Wed Dec  3 17:35:34 2014] <johnw> i.e., Definition Surjective `(f : X → Y) : Prop  := ∀ y, ∃ x, f x = y.
[Wed Dec  3 17:35:58 2014] <johnw>  actually, that is not going to work.  Let me play around with a here for a second
[Wed Dec  3 17:36:03 2014] <benzrf> :p
[Wed Dec  3 17:36:23 2014] <johnw> no, that does work
[Wed Dec  3 17:38:25 2014] <benzrf> ?
[Wed Dec  3 17:38:43 2014] <benzrf> johnw: but ∃ x, f x = y : Type
[Wed Dec  3 17:38:58 2014] <benzrf> so ∀ y, ∃ x, f x = y : Type
[Wed Dec  3 17:39:27 2014] <johnw> why is it : Type?
[Wed Dec  3 17:41:12 2014] <johnw> benzrf: https://gist.github.com/c3c16a042cfce3546cad
[Wed Dec  3 17:41:15 2014] <johnw> no Type involved, only Prop
[Wed Dec  3 17:42:38 2014] <benzrf> what is move
[Wed Dec  3 17:42:54 2014] <johnw> ignore the contents of the proof
[Wed Dec  3 17:43:29 2014] <benzrf> ok so then we're back at my original problem
[Wed Dec  3 17:43:50 2014] <benzrf> ooooh wait
[Wed Dec  3 17:44:33 2014] <benzrf> johnw: ok but how does this help
[Wed Dec  3 17:46:44 2014] <johnw> how does it help what?  I really have no idea what your issue is at this point
[Wed Dec  3 17:49:13 2014] <benzrf> johnw: i cannot prove surjective functions have inverses because i cannot construct a function based on an ex
[Wed Dec  3 17:49:27 2014] <benzrf> https://gist.github.com/ab638e2e71dc13c52c68
[Wed Dec  3 17:49:34 2014] <benzrf> ^try running that up to where it stops and see the error
[Wed Dec  3 17:54:56 2014] <johnw> you sure that expresses the problem right?
[Wed Dec  3 17:55:01 2014] <johnw> I tried this: https://gist.github.com/1ecb4a49ebbbc2f70c56
[Wed Dec  3 17:55:05 2014] <johnw> gotta go now, dinner calls
[Wed Dec  3 18:27:54 2014] <Cypi> Is there a way to add a new reduction rule to Coq? This isn't useful, but I would've liked to check a few things that could happen if we were to suppose that Coq reduces [nat -> nat] to [nat], for example.
[Wed Dec  3 18:30:54 2014] <benzrf> Cypi: wouldnt real work better
[Wed Dec  3 18:31:17 2014] <Cypi> It's supposed not to work, indeed, that's why I said it wasn't useful :p
[Wed Dec  3 18:31:23 2014] <Cypi> (yes, it would create an inconsistency)
[Wed Dec  3 19:19:27 2014] <nkar> does anyone use ocamlbuild to build coq?
[Wed Dec  3 19:20:03 2014] <nkar> using it on 8.4pl5 fails with an unbound module warning
[Wed Dec  3 19:42:48 2014] <benzrf> what is eexists
[Wed Dec  3 19:44:25 2014] <Cypi> Like exists, but you don't have to specify a witness, Coq can just replace it with an existential (something like ?123) that you will have to instantiate later
[Wed Dec  3 19:44:41 2014] <Cypi> (or it will be automatically instantiated by unification with something else at some point later on)
[Wed Dec  3 19:45:12 2014] <benzrf> oh geez
[Wed Dec  3 19:47:15 2014] <benzrf> what is inversion
[Wed Dec  3 19:57:08 2014] <benzrf> Cypi: how do you instantiate it
[Wed Dec  3 19:57:55 2014] <Cypi> Most of the time, by unification with something else
[Wed Dec  3 20:00:33 2014] <Cypi> Quick and uninteresting example, just to show it: http://lpaste.net/115613
[Wed Dec  3 20:00:51 2014] <Cypi> eassumption is the version of assumption that can deal with these existential variables
[Wed Dec  3 20:01:10 2014] <benzrf> huh
[Wed Dec  3 20:03:26 2014] <Cypi> More directly, you could also use [instantiate (1 := n)] (1 is the position of the existential), but really, I never used it in practice
[Wed Dec  3 21:34:52 2014] <benzrf> ok so
[Wed Dec  3 21:34:53 2014] <benzrf> WHAT
[Wed Dec  3 21:34:54 2014] <benzrf> EXACTLY
[Wed Dec  3 21:34:56 2014] <benzrf> causes
[Wed Dec  3 21:34:56 2014] <benzrf> Error: Case analysis on sort Type is not allowed for inductive definition ex.
[Wed Dec  3 21:35:54 2014] <Cypi> Again the fact that you are destructing something in Prop when your goal is in Type, I guess?
[Wed Dec  3 21:46:04 2014] <johnw> benzrf:  you really need to start accompanying your questions of code, otherwise it is almost impossible to determine what your problem is
[Wed Dec  3 21:46:07 2014] <johnw> s/of/with
[Wed Dec  3 21:46:36 2014] <benzrf> i'm sorry
[Wed Dec  3 21:47:08 2014] <benzrf> johnw: what's inversion, then
[Wed Dec  3 21:47:57 2014] <johnw> It takes a statement in your context, and determines pretty much everything that must be true in order for that statement to be true.  That is just one of the things that it does, it is rather a complex tactic.
[Wed Dec  3 21:48:40 2014] <johnw>  The best that I can recommend is to look at the sections of Software Foundations where they introduce the 'inversion' tactic; they do a bit of explaining there
[Thu Dec  4 08:26:15 2014] <Rc43> Hello.
[Thu Dec  4 08:28:33 2014] <Rc43> (SSReflect) Is there counterpart from "calculation world" for orders?
[Thu Dec  4 08:28:36 2014] <Rc43> I mean there are Prop's /\ and bool's &&, Prop's = and bool's ==.
[Thu Dec  4 08:28:38 2014] <Rc43> Is there something like comparing function (Lt,Gt,Eq) in ssreflect with reflection principles into plain Prop's relations?
[Thu Dec  4 11:24:30 2014] <chris2> is there a ssreflect version of "simpl foo"? i know i can lock the other stuff, but i really just want to evaluate one function one step further
[Thu Dec  4 13:56:40 2014] <adelbertc> what are the implications of using a semicolon vs a period to separate statements?
[Thu Dec  4 14:00:34 2014] <nkar> adelbertc: example?
[Thu Dec  4 14:00:57 2014] <adelbertc> was stepping through this: https://github.com/jwiegley/software-foundations/blob/master/MoreCoq.v#L1124-1128
[Thu Dec  4 14:01:03 2014] <adelbertc> used periods instead of semicolons
[Thu Dec  4 14:01:09 2014] <adelbertc> didnt work. replaced with semicolons. worked.
[Thu Dec  4 14:01:10 2014] <adelbertc> o_O
[Thu Dec  4 14:01:30 2014] <alkabetz> Semicolons have a special meaning in Ltac.
[Thu Dec  4 14:01:59 2014] <alkabetz> If you say 'induction l1. intros.', Coq will do induction on [l1], and then it will descend into the first goal and do 'intros'.
[Thu Dec  4 14:02:13 2014] <alkabetz> If you say 'induction l1; intros.', Coq will do induction on [l1], and then execute 'intros' in *both* generated subgoals.
[Thu Dec  4 14:02:57 2014] <adelbertc> ah.. hm.
[Thu Dec  4 14:03:25 2014] <alkabetz> Did I lose you?
[Thu Dec  4 14:03:37 2014] <adelbertc> no i think i get it
[Thu Dec  4 15:46:34 2014] <nkar> alkabetz: oh, cool.  it hasn't been covered in the book.
[Thu Dec  4 16:43:36 2014] <Choups314> What does IR means in coq ?
[Thu Dec  4 16:44:06 2014] <Choups314> I know CR stand for Computable Reals, but what about IR ?
[Fri Dec  5 01:51:51 2014] <adelbertc> trying to compile some code from SF, but getting "There are pending proofs" yet when I drop into the file, go to the end of file and hit "compile to cursor" everything is OK - any ideas?
[Fri Dec  5 01:51:55 2014] <adelbertc> $ coqc MoreCoq.v
[Fri Dec  5 01:51:55 2014] <adelbertc> Error: There are pending proofs
[Fri Dec  5 02:41:56 2014] <jrw> adelbertc: coqc isn't happy if you haven't matched all your theorems to a Qed (or Admitted (or Defined))
[Fri Dec  5 02:52:09 2014] <adelbertc> jrw: aha. i didnt end with a Qed with one of my proofs. strange how Proof General was OK with ti though
[Fri Dec  5 02:52:11 2014] <adelbertc> thanks!
[Fri Dec  5 08:18:32 2014] <Choups314> Hello ? To solve basic equalities or inequalities over reals (Such as 2.0 < 3.0 for instance), do I have to use CoRN, or there is an easy workaround with coq ?
[Fri Dec  5 09:33:19 2014] <habecker> How can I solve a goal of record type? Say the name of the record is abc with constructor build_abc, I tried 'apply build_abc', but this yields an error. I tried to search for examples, but in the HoTT sources e.g. I can only find applications of build-constructors in handwritten gallina
[Fri Dec  5 09:34:02 2014] <habecker> Ideally, I'd like to have Coq generate successive subgoals for the fields of the record
[Fri Dec  5 09:37:41 2014] <alkabetz> habecker: 'split' ought to do the trick.
[Fri Dec  5 09:40:45 2014] <habecker> alkabetz: This doesn't work for me if the fields of the record depend on each other
[Fri Dec  5 09:41:03 2014] <alkabetz> Oh, yikes
[Fri Dec  5 09:41:08 2014] <alkabetz> Can you paste your script?
[Fri Dec  5 09:44:27 2014] <habecker> alkabetz: sure - http://pastebin.com/NcKN9xM6
[Fri Dec  5 09:55:19 2014] <habecker> alkabetz: do you have any idea what's wrong, or which tactic could be used instead of split of that doesn't support dependent record fields?
[Fri Dec  5 09:56:40 2014] <alkabetz> I don’t know how to destruct dependent records.  I tried Googling around for how to unfold a Π type (to which a dependent record is isomorphic), but I’m still not sure how to do that, either. :/
[Fri Dec  5 09:57:28 2014] <alkabetz> It might be useful to search for dependent records on the coq-club archive, or to ask there.  I think I’m unlikely to be able to be of actual help now, though.  I’m interested to hear what ends up being the answer!
[Fri Dec  5 10:11:07 2014] <habecker> alkabetz: Okay, thank you!
[Fri Dec  5 10:12:03 2014] <habecker> gtg, bye!
[Fri Dec  5 10:12:09 2014] <alkabetz> * waves
[Fri Dec  5 11:30:12 2014] <eraserhd> am I here?
[Fri Dec  5 13:58:15 2014] <Choups314> What is the difference between IR and CR in CoRN ? When should I use one rather than the other ?
[Fri Dec  5 14:57:02 2014] <Choups314> No ideas ? :/
[Fri Dec  5 16:18:50 2014] <habecker> Is it possible to apply the split tactis to goals of dependent record type? If not, how can one solve goals of such types?
[Fri Dec  5 16:22:49 2014] <ianjneu> habecker: evars are the common tool for those I think
[Fri Dec  5 16:30:31 2014] <habecker> ianjneu: ah ok - do you have an example showing how one can use them for solving dependent record type goals?
[Sat Dec  6 00:34:36 2014] <marvimias> "Define an analogous notion of Betti numbers for smooth algebraic varieties of dimension 1 over characteristic p algebraically closed fields."
[Sat Dec  6 00:34:43 2014] <marvimias> Can this be proved in Coq?
[Sat Dec  6 00:36:20 2014] <johnw> marvimias: try it
[Sat Dec  6 00:36:39 2014] <marvimias> johnw, I imagine reals do not work well in Coq
[Sat Dec  6 00:38:19 2014] <johnw> https://www.kevinjsullivan.com/real-numbers-in-coq-a-tutorial
[Sat Dec  6 00:38:26 2014] <johnw> http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.34.6128
[Sat Dec  6 01:08:01 2014] <benzrf> coachy
[Sat Dec  6 01:08:37 2014] <johnw> you mean Cauchy? :)
[Sat Dec  6 01:19:29 2014] <benzrf> johnw: i know what i mean
[Sat Dec  6 01:21:38 2014] <marvimias> Cantor count on that ;)
[Sat Dec  6 06:18:26 2014] <roosbeef> is there a lemma proving decidability of Forall or forall somewhere?
[Sat Dec  6 06:30:35 2014] <marvimias> Okay, here is a puzzle; suppose f,g are in Q[x] such that f(Q) = g(Q).  show that there exist a,b in Q such that f(x) = g(ax + b)
[Sat Dec  6 10:36:42 2014] <Choups314> Anyone using CoRN here ? :)
[Sat Dec  6 14:59:27 2014] <adelbertc> question about SF Rel.v, on transitive relations
[Sat Dec  6 14:59:30 2014] <adelbertc> I have (n m o : nat), (Hnm : n <= m), (Hmo : m <= o) in the context, with n <= o in the goal. Why does `inversion Hmo` give `n <= m` and `n <= S m0` as subgoals? Where did the `o` go?
[Sat Dec  6 15:00:04 2014] <adelbertc> s/induction/inversion
[Sat Dec  6 15:00:17 2014] <adelbertc> wait no, induction is correct.
[Sat Dec  6 15:00:28 2014] <adelbertc> bah. restated
[Sat Dec  6 15:00:35 2014] <adelbertc> I have (n m o : nat), (Hnm : n <= m), (Hmo : m <= o) in the context, with n <= o in the goal. Why does `induction Hmo` give `n <= m` and `n <= S m0` as subgoals? Where did the `o` go?
[Sat Dec  6 15:05:03 2014] <alkabetz> I’m not 100% sure, but I think that in the first goal, Coq set it as equal to m and substituted.  In the second goal, it looks like it got renamed to [m0] for some reason.
[Sat Dec  6 15:05:20 2014] <alkabetz> If you really want to preserve the names, 'induction Hmo as [| o Hmo IH]' looks like it does the trick.
[Sat Dec  6 15:45:04 2014] <Choups314> I don't really understand the constructive definition of binary operations in corn ..
[Sat Dec  6 18:11:06 2014] <adelbertc> has anyone solved lt_trans'' in Rel.v of SF?
[Sat Dec  6 18:11:26 2014] <adelbertc> proving transitivity of lt without using transitive of le
[Sat Dec  6 18:12:04 2014] <johnw> yes, I have
[Sat Dec  6 18:12:18 2014] <johnw> oh, interesting
[Sat Dec  6 18:12:21 2014] <johnw> I guess not
[Sat Dec  6 18:12:22 2014] <johnw> one sec
[Sat Dec  6 18:12:39 2014] <johnw> hmm
[Sat Dec  6 18:12:46 2014] <johnw> I guess using omega for both branches is cheating
[Sat Dec  6 18:13:07 2014] <Cypi> Wow, how did I do exactly the same? oO
[Sat Dec  6 18:13:21 2014] <Cypi> Especially since omega actually immediately solves the goal...
[Sat Dec  6 18:14:14 2014] <johnw> ok, solved it without omega
[Sat Dec  6 18:14:48 2014] <johnw> adelbertc: https://github.com/jwiegley/software-foundations/blob/master/Rel.v#L143
[Sat Dec  6 18:15:12 2014] <adelbertc> johnw: that was quick. dont i feel silly :P
[Sat Dec  6 18:15:29 2014] <johnw> I just used the searching facilities of Coq to find the lemmas I needed
[Sat Dec  6 18:15:37 2014] <adelbertc> SearchAbout?
[Sat Dec  6 18:15:42 2014] <johnw> and SearchIsos
[Sat Dec  6 18:15:55 2014] <johnw> SearchIsos (S _ <= _).
[Sat Dec  6 18:16:02 2014] <adelbertc> oo
[Sat Dec  6 18:16:05 2014] <adelbertc> havent seen SearchIsos yet
[Sat Dec  6 18:16:05 2014] <johnw> to be specific, I used ssreflect's more powerful Search command
[Sat Dec  6 18:16:06 2014] <adelbertc> but nifty.
[Sat Dec  6 18:16:11 2014] <johnw> which subsumes SearchAbout and SearchIsos
[Sat Dec  6 18:17:27 2014] <adelbertc> oh wait, i had gotten that one
[Sat Dec  6 18:17:28 2014] <adelbertc> what of https://github.com/jwiegley/software-foundations/blob/master/Rel.v#L158
[Sat Dec  6 18:18:56 2014] <johnw> adelbertc: solved; refresh
[Sat Dec  6 18:19:21 2014] <johnw> i'm not sure if I'm using things that I shouldn't be or not
[Sat Dec  6 18:19:37 2014] <Cypi> Hmm, solved it without external lemmas, thought it was more in the spirit.
[Sat Dec  6 18:19:52 2014] <johnw> because I see that le_Sn_le isn't yet available
[Sat Dec  6 18:20:15 2014] <johnw> i'll undo those solutions until I do that file properly
[Sat Dec  6 18:21:03 2014] <Cypi> adelbertc : where are you stuck?
[Sat Dec  6 18:22:36 2014] <adelbertc> Cypi: i just unstuck myself
[Sat Dec  6 18:22:41 2014] <adelbertc> used rewrite a lot... maybe thats cheating
[Sat Dec  6 18:23:40 2014] <Cypi> I suppose not :)
[Sat Dec  6 18:24:02 2014] <adelbertc> basically.. transitivity through rewriting
[Sat Dec  6 18:24:03 2014] <adelbertc> heh.
[Sat Dec  6 18:24:26 2014] <Cypi> As long as you didn't use external lemmas, you couldn't have been cheating :p
[Sat Dec  6 18:24:34 2014] <johnw> well, you can always do it with helper lemmas and induction
[Sat Dec  6 18:24:37 2014] <Cypi> (well, I did use le_S, but that's a constructor, not really a lemma)
[Sun Dec  7 00:45:10 2014] <adelbertc> requesting hints/assistance on SF Rel.v, 2nd to last problem https://github.com/adelbertc/software-foundations/blob/master/Rel.v#L359
[Sun Dec  7 00:45:43 2014] <adelbertc> i've tried inversion-ing and induction-ing hypotheses and i think i get somewheere, but i always end up back right where i started (refl_step_closure R x z) only with a bunch of garbage (?) in the context
[Sun Dec  7 00:52:53 2014] <jrw> adelbertc: my guess is that you need to use [generalize dependent] or rearrange the statement of the lemma so that you get a strong enough induction hypothesis (with z universally quantified, if you do induction on the first hypothesis)
[Sun Dec  7 01:24:46 2014] <adelbertc> jrw: aha got it, thanks!
[Sun Dec  7 01:25:45 2014] <jrw> np
[Sun Dec  7 09:38:30 2014] <Choups314> Is there a way to automating every proofs involving the basics operations over Z (Like the ones here https://coq.inria.fr/distrib/current/stdlib/Coq.ZArith.BinInt.html) ?
[Sun Dec  7 09:38:54 2014] <Choups314> By using the fact that (Z, +, x) is a ring perhaps ?
[Sun Dec  7 11:35:18 2014] <Choups314> Is the congruence of two integers (Z) defined is the standard library ?
[Sun Dec  7 12:13:06 2014] <ianjneu> Choups314: Definition int_cong (n m : Z) := (n mod m = 0%Z)
[Sun Dec  7 12:14:01 2014] <ianjneu> ZArith has Z.modulo, which has an infix notation a mod b.
[Sun Dec  7 12:14:11 2014] <Choups314> It's a part of the stdlib ?
[Sun Dec  7 12:14:28 2014] <ianjneu> ZArith is standard, ya.
[Sun Dec  7 12:14:41 2014] <Choups314> oh yes .. thansk ;)
[Sun Dec  7 12:14:44 2014] <Choups314> thanks*
[Sun Dec  7 12:17:03 2014] <Choups314> ianjneu: And for example, do I use this definition to express http://latex.codecogs.com/gif.latex?a%20%5Cequiv%20b%20%5Cmod%20n
[Sun Dec  7 12:17:04 2014] <ianjneu> a equiv b mod n is Definition zcong (a b n : Z) : Prop := (Z.modulo (a - b) n) = 0.
[Sun Dec  7 12:17:21 2014] <Choups314> Ok perfect !
[Sun Dec  7 12:17:49 2014] <Choups314> I never thought of it this way ^^
[Sun Dec  7 12:18:46 2014] <ianjneu> And there are plenty of theorems about Z.modulo in ZArith, so just use SearchAbout.
[Sun Dec  7 12:19:13 2014] <Choups314> Yes, this is why I wanted to use a stdlib definition !
[Sun Dec  7 23:02:49 2014] <eraserhd> Hrmm.
[Sun Dec  7 23:03:28 2014] <eraserhd> Are there boolean equivalents of > or <?
[Sun Dec  7 23:06:57 2014] <amosr> eraserhd: lt_dec etc?
[Sun Dec  7 23:07:05 2014] <amosr> not bools, but sumbools
[Sun Dec  7 23:07:11 2014] <amosr> so probably more useful
[Sun Dec  7 23:20:08 2014] <benzrf> wots a sumbool
[Sun Dec  7 23:26:49 2014] <amosr> benzrf: it’s basically just two properties, either A or B.. with runtime representation of a simple bool
[Sun Dec  7 23:28:00 2014] <amosr> so lt_dec : forall n m, {n < m} + {~ n < m}
[Sun Dec  7 23:28:10 2014] <amosr> where {P} + {Q} is a sumbool
[Sun Dec  7 23:28:30 2014] <amosr> so instead of just getting a bool, you also get some interesting proof
[Sun Dec  7 23:30:57 2014] <benzrf> whats the {} there
[Sun Dec  7 23:31:34 2014] <amosr> just magic notation for sumbool:
[Sun Dec  7 23:31:43 2014] <amosr> > Print sumbool.
[Sun Dec  7 23:31:44 2014] <amosr> Inductive sumbool (A B : Prop) : Set :=
[Sun Dec  7 23:31:45 2014] <amosr>     left : A -> {A} + {B} | right : B -> {A} + {B}
[Sun Dec  7 23:32:10 2014] <benzrf> oh
[Sun Dec  7 23:32:22 2014] <amosr> I’m not really sure why
[Sun Dec  7 23:32:26 2014] <benzrf> so how is sumbool different from just either
[Sun Dec  7 23:33:47 2014] <amosr> so, do you know how/why the universes are divided into Set and Prop?
[Sun Dec  7 23:34:05 2014] <amosr> Sets being computational things, and Props being proofs?
[Sun Dec  7 23:35:44 2014] <amosr> I guess it’s mainly about extracting code, so Sets can be extracted and Props are ignored/erased
[Sun Dec  7 23:36:45 2014] <amosr> so if you extracted a sumbool {P} + {Q}, it’d be erased to something like {} + {} = True | False
[Sun Dec  7 23:37:30 2014] <amosr> but an either wouldn’t erase that
[Sun Dec  7 23:37:33 2014] <amosr> I think
[Mon Dec  8 12:45:40 2014] <benzrf> hmm
[Mon Dec  8 12:46:10 2014] <benzrf> a nonconstructive proof of existence is really more of a threat than a proof
[Mon Dec  8 12:46:22 2014] <benzrf> like, "well if it DOESNT exist then your LOGIC IS INCONSISTENT"
[Mon Dec  8 12:46:40 2014] <benzrf> "i cant SHOW you but it BETTER exist"
[Mon Dec  8 12:47:10 2014] <benzrf> it relies on you choosing to believe that a thing exists rather than that your logic is inconsistent
[Mon Dec  8 12:48:37 2014] <benzrf> it's equally valid to say "no, my logic is inconsistent, and X doesn't exist", but we choose not to because that's what we dont want to think
[Mon Dec  8 12:49:14 2014] <ianjneu> inconsistent means everything is "provable"
[Mon Dec  8 12:49:28 2014] <ianjneu> both X exists and doesn't exist.
[Mon Dec  8 12:50:19 2014] <benzrf> ianjneu: i mean exists in whatever mental model you're using your logic to reason about
[Mon Dec  8 12:50:44 2014] <benzrf> ianjneu: presumably if i prove the well-ordering theorem it corresponds to some idea in my mind about sets as collections of things and putting them in order by settings things in front of each other
[Mon Dec  8 12:51:06 2014] <ianjneu> you can encode False as forall A, A, and True as forall A, A -> A. This is why the Y combinator is very inconsistent - Y : forall A. (A -> A) -> A. basically says "True implies False"
[Mon Dec  8 12:52:21 2014] <benzrf> woah
[Mon Dec  8 12:52:37 2014] <ianjneu> ya.
[Mon Dec  8 12:52:40 2014] <ianjneu> Fun fun.
[Mon Dec  8 12:52:49 2014] <benzrf> ianjneu: wait a sec
[Mon Dec  8 12:53:04 2014] <benzrf> forall A. (A -> A) -> A isnt the same thing as (forall A. A -> A) -> (forall A. A)
[Mon Dec  8 12:53:27 2014] <benzrf> ok be back in a minute i have school stuff igotta do :(
[Mon Dec  8 13:05:19 2014] <benzrf> ianjneu: 01:04 < benzrf> forall A. (A -> A) -> A isnt the same thing as (forall A. A -> A) -> (forall A. A)
[Mon Dec  8 13:17:22 2014] <ianjneu> benzrf: it's a rough understanding of the Y combinator, sure.
[Mon Dec  8 15:20:12 2014] <jgross_> benzrf: That's only accurate in the sets or propositions model.  In the homotopical model, forall A, P A means that P is "continuously" provable of all A, while forall A, || P A || (which is like forall A, ~~P A, but with a better elim) allows discontinuity.  For example, there is always merely a path between any point on the circle and the basepoint, but there is no way of continuously assigning such paths to points.  So you have forall x : S1,
[Mon Dec  8 15:20:12 2014] <jgross_> ~~x = basepoint, but you don't have forall x : S1, x = basepoint. 
[Mon Dec  8 18:16:21 2014] <benzrf> uuh jgross_
[Mon Dec  8 18:16:26 2014] <benzrf> i dont know ANY of this stuff T_T
[Mon Dec  8 18:39:43 2014] <jgross_> benzrf: You should read the HoTT Book (http://homotopytypetheory.org/book/) and/or hang around on ##hott (on freenode).  If you want something concrete to wrap your head around, look at http://math.andrej.com/2007/09/28/seemingly-impossible-functional-programs/; the intuition that allows people to come up with stuff like that comes from a topological interpretation of type theory. 
[Mon Dec  8 18:40:34 2014] <benzrf> bwah
[Mon Dec  8 18:40:39 2014] <benzrf> jgross_: i dont know enough math yet
[Mon Dec  8 18:40:44 2014] <benzrf> i dont know topology
[Mon Dec  8 18:44:20 2014] <jgross_> Munkres' _Topology_ is a good introductory text to point-set topology, if you're looking for a reference.  To understand most of the post, I think all you need is continuity of functions, plus possibly compactness for making it seem less magical. 
[Mon Dec  8 18:50:40 2014] <benzrf> jgross_: i actually started that book
[Mon Dec  8 18:50:51 2014] <benzrf> jgross_: but i kinda petered out while still in the review section
[Mon Dec  8 18:50:56 2014] <benzrf> i keep thinking ill get back to it
[Mon Dec  8 19:02:38 2014] <benzrf> jgross_: question
[Mon Dec  8 19:02:53 2014] <benzrf> cant i make an injection Integer -> Cantor
[Mon Dec  8 19:03:39 2014] <benzrf> no wait
[Mon Dec  8 19:06:18 2014] <benzrf> ok!
[Mon Dec  8 19:06:21 2014] <benzrf> jgross_: you there?
[Mon Dec  8 19:11:39 2014] <benzrf> jgross_: can't i construct a surjection c :: Cantor -> Integer, then for any f and g :: Integer -> Integer check f . c == g . c to show whether f == g?
[Mon Dec  8 19:44:14 2014] <jgross_> benzrf: Cantor = (nat -> bool), and clasically is the size of the reals.  How are you surjecting onto the integers? 
[Mon Dec  8 19:46:16 2014] <benzrf> jgross_: how about, say
[Mon Dec  8 19:46:59 2014] <benzrf> jgross_: first bit is sign, after that doubled 1s and 0s for 1 and 0 as a binary natural, terminate with a 01 or 10, then infinite 0s
[Mon Dec  8 19:47:48 2014] <benzrf> if it's invalidly formatted, 0
[Mon Dec  8 19:48:32 2014] <benzrf> jgross_: oh... is there an issue when it's infinitely long/valid but never terminates
[Mon Dec  8 19:48:35 2014] <benzrf> like 1111111111111111111111111....
[Mon Dec  8 19:52:16 2014] <benzrf> jgross_: damn. is there no total surjection
[Mon Dec  8 21:27:56 2014] <eraserhd> I thought there was a way to specify to rewrite the value for existential variables, but it appears to not be in the docs.  Am I missing something?
[Mon Dec  8 21:29:39 2014] <jrw> eraserhd: do you mean a univerally quantified variable?
[Mon Dec  8 21:29:51 2014] <jrw> you can do that like [rewrite H with (x := val).]
[Mon Dec  8 21:30:28 2014] <eraserhd> Right, that.
[Mon Dec  8 21:38:01 2014] <eraserhd> hrmm, can I ask what is probably a _really_ n00b question?
[Mon Dec  8 21:38:20 2014] <eraserhd> Wait...
[Mon Dec  8 21:38:46 2014] <jrw> eraserhd: go for it
[Mon Dec  8 21:39:15 2014] <eraserhd> OK, I have (26 <= n - 65).
[Mon Dec  8 21:39:26 2014] <eraserhd> I want to rewrite with plus_le_reg_l.
[Mon Dec  8 21:40:01 2014] <eraserhd> When I specify all the things:   rewrite plus_le_reg_l with (n := 26) (m := n - 65) (p := 65)  in ge_proof2.
[Mon Dec  8 21:40:43 2014] <eraserhd> I get a crazy long error "Unable to satisfy rewriting constraints:" ...
[Mon Dec  8 21:41:41 2014] <eraserhd> I'm not even sure where to begin with what I'm missing. :)
[Mon Dec  8 21:42:54 2014] <jrw> eraserhd: yeah that's a horrible error message. what are you trying to do though, because rewrite probably isn't what you meant there
[Mon Dec  8 21:43:07 2014] <eraserhd> Add 65 to both sides.
[Mon Dec  8 21:43:43 2014] <jrw> eraserhd: if this is in a hypothesis, then plus_le_reg_l won't do that.
[Mon Dec  8 21:44:04 2014] <jrw> you would need [n <= m -> p + n <= p + m]
[Mon Dec  8 21:44:24 2014] <eraserhd> I tried that one, it won't match.
[Mon Dec  8 21:44:45 2014] <eraserhd> wait... lemme try again.
[Mon Dec  8 21:45:19 2014] <jrw> [apply plus_le_compat_l with (p := 65) in <whatever>] should do the trick
[Mon Dec  8 21:45:39 2014] <jrw> I'd also point out that if you're trying to cancel the [- 65] this won't work unless you know n >= 65
[Mon Dec  8 21:46:30 2014] <jrw> oh but you do know that. never mind.
[Mon Dec  8 21:47:15 2014] <eraserhd> OK, what is the difference between rewrite and apply?
[Mon Dec  8 21:48:04 2014] <eraserhd> (Feel free to tell me if I'm being too annoying.)
[Mon Dec  8 21:48:26 2014] <jrw> rewrite takes something that ends in an equality and rewrites by that equality. apply takes an implication [P -> Q] and a hypothesis [P] and gives you Q
[Mon Dec  8 21:48:45 2014] <jrw> (you can also rewrite by relations that are not equalities, but you can ignore that for now)
[Mon Dec  8 21:50:02 2014] <eraserhd> OK, so goals and hypotheses are different in what you can do with them?
[Mon Dec  8 21:51:51 2014] <eraserhd> It seems like goal Q needs P -> Q to get goal P, while hypothesis Q needs Q -> P to get P.  Am I confused?
[Mon Dec  8 21:54:04 2014] <jrw> eraserhd: that's roughly right.
[Mon Dec  8 21:54:45 2014] <jrw> in the case of the hypothesis your reasoning forward from what you know. in the case of the goal you're reasoning backwards as in "it suffices to show"
[Mon Dec  8 21:55:44 2014] <eraserhd> OK, cool.  Needed to hear that :)
[Mon Dec  8 22:10:10 2014] <eraserhd> Hahaha.  converting an ascii character to a fin-like letter is done.  It's crazy.  But it's done.
[Mon Dec  8 22:10:16 2014] <eraserhd> Glad I like learning this stuff.
[Mon Dec  8 22:11:24 2014] <eraserhd> jrw: Thanks a lot.
[Mon Dec  8 22:12:27 2014] <jrw> np
[Tue Dec  9 14:37:34 2014] <benzrf> hmmm
[Tue Dec  9 14:37:55 2014] <benzrf> i have a forall to a sigma type
[Tue Dec  9 14:38:21 2014] <benzrf> how can i retrieve a function to the supertype and a theorem about the function
[Tue Dec  9 14:38:44 2014] <benzrf> assert a product?
[Tue Dec  9 14:39:42 2014] <benzrf> o wait
[Tue Dec  9 16:34:31 2014] <xenoslav> Hi. I have a bit silly question about Martin-Lof type theory. Question related to the syntax.
[Tue Dec  9 16:35:35 2014] <xenoslav> When I am reading some old document, like http://www.cip.ifi.lmu.de/~langeh/test/1984%20-%20Loef%20-%20Intuitionistic%20Type%20Theory.pdf, I can see that the system is formulated in a bit different way.
[Tue Dec  9 16:36:38 2014] <xenoslav> For example, Lambda seems to be a constructor parametrized by some meta-level function.
[Tue Dec  9 16:37:16 2014] <xenoslav> For example see rule for beta reduction, it has equation: Ap(\lambda x. b(x), a) = b(a)
[Tue Dec  9 16:37:54 2014] <xenoslav> It looks like: "type ('a, 'b) pi = App of 'a -> 'b" on some meta level.
[Tue Dec  9 16:38:51 2014] <xenoslav> When I am reading some modern article, like http://www.cs.swan.ac.uk/~csarnold/amllcc/files/07-nbemltt.pdf, I see that type theory is formulated in some modern way. We do not have some meta-level language. Lambda is function, not some wraper for some meta-level function.
[Tue Dec  9 16:39:39 2014] <xenoslav> My question is: Does the modern-style formulation of the Martin-Lof type thoery has own name? Could I formulate this theory in style similar to the second article and call it Martin-Lof type theory?
[Tue Dec  9 16:39:55 2014] <xenoslav> Could we call all predicative type theory a Martin-lof type theory?
[Tue Dec  9 16:40:26 2014] <xenoslav> "all" -> "any"
[Tue Dec  9 16:48:54 2014] <benzrf> ööööö
[Tue Dec  9 18:39:34 2014] <benzrf> pls help
[Tue Dec  9 18:39:44 2014] <benzrf> i am doing an assertion to produce a witness for an existential
[Tue Dec  9 18:39:56 2014] <benzrf> but then i cant unfold the asserted thing so i cant prove the constraint
[Tue Dec  9 18:40:07 2014] <benzrf> er, idk if constraint is the right word. but i mean the body of the existential
[Tue Dec  9 18:40:31 2014] <Cypi> Give some code, please :)
[Tue Dec  9 18:41:49 2014] <benzrf> here's where im stuck https://gist.github.com/benzrf/dd48ee2c22f55101f683
[Tue Dec  9 18:43:10 2014] <benzrf> i mean i could manually type out a lambda but that feels so CRUDE
[Tue Dec  9 18:43:13 2014] <benzrf> :v
[Tue Dec  9 18:43:43 2014] <xenoslav> benzrf: Your an_f is a variable, you cannot unfold it.
[Tue Dec  9 18:43:54 2014] <benzrf> xenoslav: that seems to be the problem y e s
[Tue Dec  9 18:44:05 2014] <benzrf> xenoslav: so what /should/ i do
[Tue Dec  9 18:44:17 2014] <benzrf> externally define that bit as a lemma?
[Tue Dec  9 18:44:29 2014] <benzrf> i feel like that shouldnt be necessary
[Tue Dec  9 18:44:38 2014] <xenoslav> You can write term by hand
[Tue Dec  9 18:44:43 2014] <xenoslav> set (an_f := TERM).
[Tue Dec  9 18:44:49 2014] <xenoslav> instead of doing assert.
[Tue Dec  9 18:45:06 2014] <xenoslav> Maybe I am wrong, but I imagine that asserts produces term in this shape:
[Tue Dec  9 18:45:09 2014] <Cypi> I'm trying to find a way to do a transparent assert, but according to http://comments.gmane.org/gmane.science.mathematics.logic.coq.club/6820, it doesn't seem easily doable
[Tue Dec  9 18:45:25 2014] <Cypi> (well, that was in 2011 after all)
[Tue Dec  9 18:45:51 2014] <benzrf> ;-;
[Tue Dec  9 18:45:53 2014] <xenoslav> let asserted_name := [goal from assert] in [rest of the proof].
[Tue Dec  9 18:46:19 2014] <xenoslav> which I imagine as (fun asserted_name in [rest of the proof]) ([goal from assert])
[Tue Dec  9 18:46:37 2014] <xenoslav> the asserted_name is a variable in [rest of the proof], cannot be ''unfolded''.
[Tue Dec  9 18:46:41 2014] <Cypi> So you can use : refine (let an_f' := (_ : B -> A) in _)
[Tue Dec  9 18:46:48 2014] <Cypi> I believe it should work? Maybe.
[Tue Dec  9 18:46:55 2014] <benzrf> * uses set
[Tue Dec  9 18:46:57 2014] <benzrf> how clunky
[Tue Dec  9 18:47:17 2014] <Cypi> With refine you can still use tactics to define your term however you wish
[Tue Dec  9 18:47:37 2014] <benzrf> hmm
[Tue Dec  9 18:49:12 2014] <benzrf> Cypi: your refine has the same issue
[Tue Dec  9 18:49:15 2014] <benzrf> Error: Cannot coerce an_f' to an evaluable reference.
[Tue Dec  9 18:51:04 2014] <Cypi> Hmm. :(
[Tue Dec  9 18:52:29 2014] <xenoslav> I think that computational terms should not be constructed by tactics, but it is philosophy, not strong argument.
[Tue Dec  9 18:52:46 2014] <benzrf> m e h
[Tue Dec  9 18:53:37 2014] <xenoslav> Because tactics are designed to build proofs, in most cases you are not interested in the proof-content. For example, if you have Prf1 : A and Prf : A in a context, then you are really not interested which term was choosen by 'assumption' tactic.
[Tue Dec  9 18:53:54 2014] <xenoslav> But when you are building computational content it is very important.
[Tue Dec  9 18:53:57 2014] <benzrf> bwee
[Tue Dec  9 18:55:27 2014] <xenoslav> For example, when building term of type 'A -> A -> A', by tactics 'intro a; intro b; assumption.', then you do know if you have 'fun a b => a' or 'fun a b => b'.
[Tue Dec  9 18:55:54 2014] <xenoslav> But it is my taste, not strong argument in discussion where tactics should be allowed.
[Tue Dec  9 18:56:54 2014] <xenoslav> do not know*
[Tue Dec  9 19:05:13 2014] <benzrf>   X : forall i : B, {p : A | f p = i}
[Tue Dec  9 19:05:13 2014] <benzrf>   b : B
[Tue Dec  9 19:05:13 2014] <benzrf>   ============================
[Tue Dec  9 19:05:13 2014] <benzrf>    f (let (p, _) := X b in p) = b
[Tue Dec  9 19:05:18 2014] <benzrf> what do x_
[Tue Dec  9 19:05:19 2014] <benzrf> x
[Tue Dec  9 19:05:56 2014] <xenoslav> ?
[Tue Dec  9 19:06:32 2014] <benzrf> how do i proceed
[Tue Dec  9 19:06:40 2014] <xenoslav> try 'destruct X b'
[Tue Dec  9 19:06:54 2014] <xenoslav> or 'destruct (X b)', i do not remember syntax.
[Tue Dec  9 19:07:06 2014] <benzrf> hrm
[Tue Dec  9 19:07:08 2014] <benzrf> cool
[Tue Dec  9 19:07:15 2014] <xenoslav> Coq is cool.
[Tue Dec  9 19:07:17 2014] <benzrf> thanks :)
[Tue Dec  9 19:07:27 2014] <benzrf> that should have been obvious >.<
[Tue Dec  9 19:07:45 2014] <xenoslav> More experience you have, more things are obvious :)
[Tue Dec  9 19:09:37 2014] <benzrf> hmm.
[Tue Dec  9 19:09:42 2014] <benzrf> i feel like i'm doing something wron
[Tue Dec  9 19:10:20 2014] <benzrf> i'm destructing X b twice, but once for the p and once for the f p = i
[Tue Dec  9 19:10:21 2014] <xenoslav> Did you lost proof 'f p = i' ?
[Tue Dec  9 19:10:29 2014] <benzrf> xenoslav: no, the proof worked
[Tue Dec  9 19:10:32 2014] <benzrf> but i didnt save it and undid
[Tue Dec  9 19:10:37 2014] <benzrf> there has to be a more elegant way
[Tue Dec  9 19:10:43 2014] <benzrf> i'm doing
[Tue Dec  9 19:10:51 2014] <benzrf> exists (fun i : B => match X i with exist p _ => p end).
[Tue Dec  9 19:10:53 2014] <benzrf> then
[Tue Dec  9 19:10:57 2014] <benzrf> extensionality b.
[Tue Dec  9 19:11:01 2014] <benzrf> and then i end up where i pasted
[Tue Dec  9 19:11:23 2014] <benzrf> but see i'm using X in my witness to produce the result and then i'm applying X again for the theorem
[Tue Dec  9 19:11:29 2014] <benzrf> i feel like i should only have to do it once!
[Tue Dec  9 19:11:30 2014] <benzrf> >.<
[Tue Dec  9 19:11:30 2014] <xenoslav> Sorry, I cannot now run coq and track your script.
[Tue Dec  9 19:12:21 2014] <xenoslav> I treat Coq like programming, when I am computing something twice, then I am trying to rewrite code to compute it in one place and give name to the result and then use result.
[Tue Dec  9 19:12:43 2014] <benzrf> xenoslav: same
[Tue Dec  9 19:12:46 2014] <benzrf> but i cant figure out how -_-
[Tue Dec  9 19:12:54 2014] <benzrf> i dont get b until i do extensionality b
[Tue Dec  9 19:13:07 2014] <xenoslav> Maybe could you try to do 'set (HXb := X b)' at some moment and use HXb instead of X b later.
[Tue Dec  9 19:13:15 2014] <benzrf> no, see
[Tue Dec  9 19:13:19 2014] <xenoslav> I do not know, I cannot run coq now.
[Tue Dec  9 19:13:31 2014] <benzrf> i dont get b until i introduce the forall that i get from extensionality
[Tue Dec  9 19:13:38 2014] <benzrf> but that's /inside/ the exists
[Tue Dec  9 19:13:51 2014] <benzrf> so i need to produce a witness first
[Tue Dec  9 19:14:08 2014] <xenoslav> ;]
[Tue Dec  9 19:14:11 2014] <benzrf> i tried proving the general case thing but i couldnt figure out how
[Tue Dec  9 19:14:13 2014] <benzrf> T_T
[Tue Dec  9 19:14:20 2014] <xenoslav> keep trying :-)
[Tue Dec  9 19:14:22 2014] <benzrf> 1 sec
[Tue Dec  9 23:06:33 2014] <thinkpad20> Hey guys, if I have a goal state which is an obvious contradiction, how can I complete the proof? If there's a contradiction in a hypothesis, I can use inversion, but I don't know how to do this in a goal. For example right now I have a goal saying that (x :: l' = []), which is clearly not true.
[Tue Dec  9 23:08:09 2014] <jrw> thinkpad20: to prove a false goal your only hope is to find a contradiction in your hypotheses.
[Tue Dec  9 23:08:19 2014] <Cypi> Well, if you have to prove False, but your hypotheses are not inconsistent, you cannot prove it
[Tue Dec  9 23:08:27 2014] <benzrf> thinkpad20: yeah that means your theorem is false
[Tue Dec  9 23:08:27 2014] <Cypi> (what he said)
[Tue Dec  9 23:08:35 2014] <thinkpad20> Well, I do have a contradiction in my hypothesis, but it's hidden.
[Tue Dec  9 23:08:40 2014] <benzrf> thinkpad20: unhide it then
[Tue Dec  9 23:09:00 2014] <thinkpad20> I have a hypothesis stating (rev (x :: l') = []), which is not true. I don't know how to prove this though
[Tue Dec  9 23:09:18 2014] <Cypi> You can start with the tactic exfalso, if you know your hypotheses are inconsistent
[Tue Dec  9 23:09:19 2014] <thinkpad20> Doing `inversion H` only gives me a new goal involving `snoc` which is the simplified form of that hypothesis
[Tue Dec  9 23:09:57 2014] <thinkpad20> I'd love to unhide it; perhaps that's how I should have phrased my question :)
[Tue Dec  9 23:10:34 2014] <Cypi> Then we need more details about your context, I believe.
[Tue Dec  9 23:10:56 2014] <jrw> thinkpad20: destruct l' and then in both cases you should be able to do inversion on that hypothesis
[Tue Dec  9 23:11:35 2014] <thinkpad20> Well to explain a bit: I'm trying to prove (forall (T: Type) (lst: list T), rev l = [] -> l = []).
[Tue Dec  9 23:11:45 2014] <thinkpad20> sorry l not lst there
[Tue Dec  9 23:11:46 2014] <thinkpad20> anyway
[Tue Dec  9 23:11:59 2014] <thinkpad20> that if a list reversed is empty, then the list itself is empty
[Tue Dec  9 23:12:31 2014] <thinkpad20> my tactics so far: `intros. destruct l as [|x l']. reflexivity.`
[Tue Dec  9 23:13:09 2014] <thinkpad20> Now I have the hypothesis `H: rev (x :: l') = []` and the goal `x :: l' = []`.
[Tue Dec  9 23:13:32 2014] <thinkpad20> And here I'm struggling to go forward
[Tue Dec  9 23:13:33 2014] <benzrf> thinkpad20: if you simplify H, you can get a cons as the outer operation
[Tue Dec  9 23:13:41 2014] <benzrf> thinkpad20: then you can probably derive False from that
[Tue Dec  9 23:13:54 2014] <thinkpad20> Doing simpl in H gives me `snov (rev l') x = []`
[Tue Dec  9 23:13:59 2014] <thinkpad20> snoc
[Tue Dec  9 23:14:07 2014] <benzrf> ooh
[Tue Dec  9 23:14:13 2014] <benzrf> /that/ implementation
[Tue Dec  9 23:14:20 2014] <thinkpad20> yeah
[Tue Dec  9 23:14:24 2014] <thinkpad20> this is software foundations
[Tue Dec  9 23:14:26 2014] <benzrf> you may need to use induction
[Tue Dec  9 23:14:41 2014] <thinkpad20> although I'm pretty sure no definition of rev would contain a cons operation... that I can see anyway
[Tue Dec  9 23:14:57 2014] <benzrf> thinkpad20: if you do a wrapper over an accumulator
[Tue Dec  9 23:15:08 2014] <thinkpad20> oh tail-recursive? yeah true
[Tue Dec  9 23:16:15 2014] <thinkpad20> But this is really just an example of a larger problem I keep running into: I can see intuitively that certain things are impossible, and in a hand-written proof I'd just say "clearly the list must be non-empty, because `snoc _ _` is always a non-empty list"
[Tue Dec  9 23:16:31 2014] <thinkpad20> but there's no such magic wand I can identify in coq
[Tue Dec  9 23:16:58 2014] <benzrf> thinkpad20: make a lemma :3
[Tue Dec  9 23:17:07 2014] <benzrf> snoc _ _ is always non empty
[Tue Dec  9 23:17:14 2014] <benzrf> then come back to this and apply it
[Tue Dec  9 23:17:25 2014] <benzrf> that looks like trivial induction to me
[Tue Dec  9 23:17:51 2014] <Cypi> thinkpad20 : in this case, you can destruct, not on l' but on (rev l').
[Tue Dec  9 23:18:17 2014] <benzrf> Cypi: but then what if rev l' is a cons
[Tue Dec  9 23:18:29 2014] <benzrf> oh ait
[Tue Dec  9 23:18:32 2014] <Cypi> :)
[Tue Dec  9 23:18:35 2014] <benzrf> huh, i didnt think of that :D
[Tue Dec  9 23:18:38 2014] <benzrf> nice
[Tue Dec  9 23:18:53 2014] <Cypi> You just have to force one step of recursion out of snoc
[Tue Dec  9 23:19:15 2014] <benzrf> never occurred to me that snoc /directly/ always results in a cons
[Tue Dec  9 23:19:20 2014] <benzrf> forgot it wasnt tail recursive
[Tue Dec  9 23:19:49 2014] <benzrf> hmm... reverse in terms of snoc is O(sumtorial(n)) isnt it
[Tue Dec  9 23:20:22 2014] <Cypi> I didn't know "sumtorial" was an actual word ^^
[Tue Dec  9 23:20:31 2014] <benzrf> that's O(n^2) innit
[Tue Dec  9 23:20:34 2014] <Cypi> yes
[Tue Dec  9 23:20:39 2014] <benzrf> nasty
[Tue Dec  9 23:20:46 2014] <thinkpad20> Sorry can you tell me where I would destruct rev l'?
[Tue Dec  9 23:20:57 2014] <benzrf> thinkpad20: destruct (rev l') in H. i think
[Tue Dec  9 23:20:58 2014] <Cypi> It's not a book about optimized functional programming
[Tue Dec  9 23:21:04 2014] <benzrf> Cypi: i know :3
[Tue Dec  9 23:21:17 2014] <benzrf> still, O(n^2) for reverse is p fuckin harash
[Tue Dec  9 23:21:20 2014] <benzrf> *harsh
[Tue Dec  9 23:21:33 2014] <thinkpad20> Yeah that leads me to `H: snoc [] x = []` which is def not true
[Tue Dec  9 23:21:38 2014] <Cypi> thinkpad20 : after solving the first goal, when you have "the hypothesis `H: rev (x :: l') = []` and the goal `x :: l' = []`", try to destruct (rev l')
[Tue Dec  9 23:21:57 2014] <Cypi> Now you can use inversion, because the snoc calls will simplify into a cons
[Tue Dec  9 23:22:21 2014] <thinkpad20> Yeah, and this is my inexperience with inversion, but it gives me something more complicated
[Tue Dec  9 23:22:33 2014] <Cypi> Oh, does it?
[Tue Dec  9 23:22:40 2014] <thinkpad20> So I have `H: [x] = []` and I do `inversion H`.
[Tue Dec  9 23:23:00 2014] <Cypi> Then it should solve this goal and get you to the next one.
[Tue Dec  9 23:23:14 2014] <Cypi> (because the [destruct (rev l')] generated two goals)
[Tue Dec  9 23:23:18 2014] <thinkpad20> Ohhh right this is the second case of destruct now
[Tue Dec  9 23:23:28 2014] <thinkpad20> ah, Ok well let me see if I can power through this one...
[Tue Dec  9 23:24:11 2014] <thinkpad20> OK two uses of inversion got it. Ugly as hell but... it's proven, haha
[Tue Dec  9 23:24:25 2014] <thinkpad20> now let me see if I can prove what I really wanted to prove, which is that `rev` is injective...
[Tue Dec  9 23:25:03 2014] <benzrf> thinkpad20: heh heh
[Wed Dec 10 09:11:47 2014] <benzrf> hey
[Wed Dec 10 09:12:07 2014] <benzrf> how can i define Variables in a Section to be Implicit
[Wed Dec 10 09:19:00 2014] <benzrf> h-hello?
[Wed Dec 10 09:24:10 2014] <benzrf> anyone home?
[Wed Dec 10 09:24:13 2014] <benzrf> x.x
[Wed Dec 10 09:41:16 2014] <bennofs> Is there a function forall (T:Type), T -> option T -> T  in the coq standard lib?
[Wed Dec 10 11:29:49 2014] <jgross_> benzrf: [Context {foo : bar}.] 
[Wed Dec 10 15:52:07 2014] <benzrf> kk
[Wed Dec 10 15:52:11 2014] <benzrf> jgross_: thanks :)
[Wed Dec 10 15:52:32 2014] <benzrf> can somebody look over this file & critique my choices of definition and proofs https://gist.github.com/benzrf/5da89a781c843a689079
[Wed Dec 10 15:52:46 2014] <benzrf> it's only 57 lines
[Wed Dec 10 15:53:09 2014] <benzrf> in particular i feel like the proof of surj_inv is more complicated than need be
[Wed Dec 10 15:58:18 2014] <ianjneu> your definition of inverse is the definition of a section, really. You need both sides for an inverse.
[Wed Dec 10 16:02:55 2014] <benzrf> ianjneu: oh
[Wed Dec 10 16:02:59 2014] <benzrf> w-what's a section
[Wed Dec 10 16:04:28 2014] <ianjneu> Definition Sect A B (f : A -> B) (g : B -> A) := forall b : B, f (g b) =T b.
[Wed Dec 10 16:05:39 2014] <ianjneu> inverse f g = Sect f g /\ Sect g f.
[Wed Dec 10 16:05:43 2014] <benzrf> huh
[Wed Dec 10 16:05:57 2014] <ianjneu> changfe =T to =.
[Wed Dec 10 16:05:59 2014] <ianjneu> change*
[Wed Dec 10 16:06:15 2014] <benzrf> apart from that, hows my proof of surjective sections
[Wed Dec 10 16:07:05 2014] <ianjneu> a little circuitous. You can reduce it the way that I posted in the comments.
[Wed Dec 10 16:07:24 2014] <benzrf> oh i didnt see there was a comment
[Wed Dec 10 16:07:45 2014] <benzrf> what is hnf
[Wed Dec 10 16:08:09 2014] <benzrf> head normal form?
[Wed Dec 10 16:08:16 2014] <ianjneu> head normal form. It unfolds definitions for you if they're the outermost thing.
[Wed Dec 10 16:08:26 2014] <benzrf> kk
[Wed Dec 10 16:08:44 2014] <ianjneu> more future proof than writing unfold function_name everywhere.
[Wed Dec 10 16:09:05 2014] <ianjneu> but also not a complete replacement since it doesn't go deeper into a term.
[Wed Dec 10 16:09:48 2014] <benzrf> ianjneu: i had something like that but more verbose
[Wed Dec 10 16:10:02 2014] <benzrf> but it felt weird doing two destructions of S thing
[Wed Dec 10 16:10:12 2014] <benzrf> like it could be factored out
[Thu Dec 11 00:11:34 2014] <nkar> how do I [Print] in proofgeneral?
[Thu Dec 11 00:15:55 2014] <nkar> nevermind, it's C-c C-a C-p     coq-Print
[Thu Dec 11 00:36:39 2014] <benzrf> night
[Thu Dec 11 00:37:26 2014] <nkar> sleep well
[Thu Dec 11 22:59:15 2014] <gdsfh1> hello.  I haven't used Coq for some time, and it seems I forgot too much.  "proofs can be eliminated only to build proofs": https://gist.github.com/gdsfh/8ef49723e2c137ef4002 (but both [pr] and [prfix] are in Prop)
[Thu Dec 11 22:59:49 2014] <johnw> right
[Thu Dec 11 22:59:52 2014] <johnw> your pr type is in Prop
[Thu Dec 11 23:00:05 2014] <johnw> so you can only match on it if you are building another Prop
[Thu Dec 11 23:00:29 2014] <johnw> but something in your code wants a Type
[Thu Dec 11 23:02:51 2014] <gdsfh1> I showed the code, don't know what part of it wants any Type.  Also "Definition prdef (p : pr) : Prop := True." is accepted.
[Thu Dec 11 23:04:06 2014] <gdsfh1> "Definition prfix (p : pr) : Prop. induction p." gives "Error: Cannot find the elimination combinator pr_rect, the elimination of the inductive definition pr on sort Type is probably not allowed.".  Maybe it will help to find the source of problem?
[Thu Dec 11 23:07:08 2014] <johnw> can you do on your side: Check True.
[Thu Dec 11 23:09:11 2014] <Cypi> gdsfh1 : Prop is in Type, I believe that's the problem. So indeed, your goal is in Type.
[Thu Dec 11 23:09:34 2014] <Cypi> For example, if your goal is P where P is some Prop, then you are able to destruct.
[Thu Dec 11 23:18:34 2014] <gdsfh1> ok, thanks, seems I need to reformulate things to avoid this problem.
[Fri Dec 12 12:13:31 2014] <roosbeef> anyone worked with multisets in Coq?
[Fri Dec 12 12:13:40 2014] <roosbeef> im looking for the proper union operator
[Fri Dec 12 12:13:48 2014] <roosbeef> seems like union is actually sum
[Fri Dec 12 12:13:57 2014] <roosbeef> for example see http://planetmath.org/operationsonmultisets
[Fri Dec 12 12:14:15 2014] <nkar> roosbeef: iirc there's a page on that in software foundations
[Fri Dec 12 12:14:20 2014] <nkar> search for "bag" or "bags"
[Fri Dec 12 12:14:46 2014] <roosbeef> bag is just another word for multiset, right?
[Fri Dec 12 12:14:51 2014] <nkar> yes
[Fri Dec 12 12:14:59 2014] <nkar> wait, I'll check myself
[Fri Dec 12 12:15:15 2014] <ianjneu> yes, bag = multiset
[Fri Dec 12 12:16:06 2014] <nkar> roosbeef: Multiset [sum] is similar to set [union]: [sum a b] contains...
[Fri Dec 12 12:16:11 2014] <nkar> see the Lists chapter
[Fri Dec 12 12:17:08 2014] <ianjneu> Lists are only multisets if you're proper for the permutation equivalence relation, which is a pain to deal with.
[Fri Dec 12 12:23:21 2014] <roosbeef> nkar is Multiset [sum] defined somewere?
[Fri Dec 12 12:23:58 2014] <roosbeef> nkar do you have an url for that page in software foundations? I dont know what that is :p
[Fri Dec 12 12:24:01 2014] <roosbeef> or im not sure if i do
[Fri Dec 12 12:24:25 2014] <nkar> roosbeef: it's a book, just search for the title
[Fri Dec 12 12:25:11 2014] <roosbeef> and theres a chapter on Lists?
[Fri Dec 12 12:25:25 2014] <roosbeef> ah my bad i see it now
[Fri Dec 12 12:25:29 2014] <nkar> Definition sum : bag -> bag -> bag := app.
[Fri Dec 12 12:26:29 2014] <roosbeef> is there a chapter with the answers to those exercises? :p
[Fri Dec 12 12:27:06 2014] <roosbeef> wait
[Fri Dec 12 12:27:11 2014] <roosbeef> thats the definition of sum
[Fri Dec 12 12:27:31 2014] <roosbeef> so my question is, in Coq it seems like union actually implements sum
[Fri Dec 12 12:28:11 2014] <nkar> roosbeef: no idea, sorry
[Fri Dec 12 12:28:19 2014] <roosbeef> but is there an implementation of "proper" union
[Fri Dec 12 12:28:33 2014] <roosbeef> ?
[Fri Dec 12 12:37:23 2014] <roosbeef> think i got it
[Fri Dec 12 12:37:25 2014] <roosbeef>   Definition union_proper (A : Type) (m1 m2 : Multiset.multiset A) : Multiset.multiset A :=
[Fri Dec 12 12:37:25 2014] <roosbeef>     Multiset.Bag (fun a:A => Max.max (Multiset.multiplicity m1 a)
[Fri Dec 12 12:37:25 2014] <roosbeef>                                      (Multiset.multiplicity m1 a)).
[Fri Dec 12 12:37:47 2014] <roosbeef> that should do what i meant
[Fri Dec 12 12:38:12 2014] <roosbeef> typo, second m1 should be m2
[Fri Dec 12 12:39:45 2014] <ianjneu> {a, a} U {a} = {a, a, a}, not {a, a}.
[Fri Dec 12 12:40:09 2014] <ianjneu> you want +, not max. Intersection will use min.
[Fri Dec 12 12:40:16 2014] <Cypi> That's why he specified "proper" union.
[Fri Dec 12 12:40:28 2014] <ianjneu> ah
[Fri Dec 12 20:17:41 2014] <lpaste> heatsink pasted “LEM with explanation” at http://lpaste.net/116337
[Fri Dec 12 20:18:32 2014] <heatsink> I'm doing the exercises in Software Foundations.  I'm having difficulty explaining one of the proofs.
[Fri Dec 12 20:18:56 2014] <heatsink> Can someone look at the comments in the theorem I pasted, and tell me if there's a better explanation?
[Fri Dec 12 21:20:49 2014] <jgross_> heatsink: An alternative explanation: It is "obvious" that forall A, ~(A /\ ~A).  Since ~(P \/ ~P) is equivalent to ~P /\ ~~P (also relatively obvious), we can plug A := ~P into the first theorem, and hence deduce forall P, ~~(P \/ ~P). 
[Fri Dec 12 21:28:23 2014] <heatsink> Yeh, it's easier to understand after transforming to a conjunction.
[Fri Dec 12 21:29:22 2014] <heatsink> I like that proof.
[Fri Dec 12 21:40:12 2014] <benzrf> my favorite way of seeing it is
[Fri Dec 12 21:40:27 2014] <benzrf> Definition LEM := forall A, A \/ ~A.
[Fri Dec 12 21:40:35 2014] <benzrf> then ~LEM -> LEM
[Fri Dec 12 21:40:53 2014] <benzrf> so you can trivially use the proof of the above to show that ~LEM -> False
[Fri Dec 12 21:40:55 2014] <benzrf> aka ~~LEM
[Sat Dec 13 14:24:18 2014] <adelbertc> has anyone done the b_times2' exercise in ProofObjects.v for SF? https://github.com/adelbertc/software-foundations/blob/master/ProofObjects.v#L294 struggling with the (2 * n = n + n) part. So far I have
[Sat Dec 13 14:24:30 2014] <adelbertc> fun (n : nat) => fun (H : beautiful n) => b_sum n n H H
[Sat Dec 13 14:24:38 2014] <adelbertc> but that gets me beautiful n + n not beautiful (2 * n)
[Sat Dec 13 14:26:24 2014] <jrw> adelbertc: one option is to look at the proof object generated by the tactics. it will be ugly but you will learn something by cleaning it up.
[Sat Dec 13 14:28:57 2014] <adelbertc> ah interesting
[Sat Dec 13 14:28:59 2014] <adelbertc> thanks for the tip
[Sat Dec 13 14:29:45 2014] <jrw> adelbertc: if that doesn't help ask again in here
[Sat Dec 13 14:30:05 2014] <adelbertc> will do
[Sat Dec 13 15:31:48 2014] <Choups314> Hi !
[Sat Dec 13 16:16:46 2014] <Choups314> Is there an algo in the stdlib that allow to compute the prime divisors of an integer ?
[Sun Dec 14 00:06:33 2014] <adelbertc> what differences, if any, are there between Set and Type
[Sun Dec 14 00:09:11 2014] <benzrf> universes
[Sun Dec 14 00:09:12 2014] <benzrf> or
[Sun Dec 14 00:09:13 2014] <benzrf> something
[Sun Dec 14 00:09:29 2014] <adelbertc> * blinks
[Sun Dec 14 07:12:25 2014] <vanila> I'm stuck on the last part of the Imp.v chapter of SF - would anyone like to help me with it?
[Sun Dec 14 07:18:33 2014] <vanila> http://lpaste.net/116421 this is where I'm stuck
[Sun Dec 14 07:19:14 2014] <vanila> i need to show that ceval is deterministic
[Sun Dec 14 07:19:36 2014] <vanila> but I get an infinite loop when I try to show this for the loop construct
[Sun Dec 14 07:20:16 2014] <vanila> it should be provable because if a loop terminates it only took finitely many iterations, but I haven't been able to explain that to Coq
[Sun Dec 14 10:11:12 2014] <Choups314> Hello !
[Sun Dec 14 10:11:37 2014] <Choups314> Is there a good way to "destruct" the congruences of an integer ?
[Sun Dec 14 10:12:20 2014] <Choups314> For example, given an integer n, produce 2 subgoals :  n is even and n is odd
[Sun Dec 14 10:13:23 2014] <Choups314> (This would be for 2, but for 3 it would be :   n match (3k) OR n match (3k+1) OR n match (3k+2) ?
[Sun Dec 14 10:29:42 2014] <roosbeef> Choups314, cut ({Even.even n} + {Even.odd n});[intro C|apply Even.even_odd_dec]. destruct C.
[Sun Dec 14 10:33:36 2014] <Choups314> roosbeef: Ho thanks ! I didn't think to this types ..
[Sun Dec 14 10:34:37 2014] <Choups314> I tought I had to introduce a new [lemma n_2_cases : forall n, even n \/ ~ even n] and destruct it ..
[Sun Dec 14 10:44:34 2014] <roosbeef> decidability lemmas are very useful for case analysis
[Sun Dec 14 10:51:54 2014] <Choups314> roosbeef: If I want to wrap this in a tactic, which one is better ? (Use {}+{} I guess ?)
[Sun Dec 14 10:52:36 2014] <roosbeef> haha to tell you the truth, ive never made a custom tactic :p
[Sun Dec 14 10:53:16 2014] <Choups314> ok ^^
[Sun Dec 14 10:57:33 2014] <vanila> {}+{} is needed if you want to eliminate into Set, \/ for Prop (when you just use it to prove things)
[Sun Dec 14 11:14:43 2014] <vanila> http://lpaste.net/116421 could anyone help me with proving determinism of operation semantics please (from SF Imp.v)
[Sun Dec 14 11:21:40 2014] <jrw> vanila: I would suggest induction on one of the execution derivations instead of on c. that's how to explain that the loop terminates to coq.
[Sun Dec 14 11:22:37 2014] <vanila> thank you
[Sun Dec 14 11:43:27 2014] <bennofs> If I am in a Section, and do Variable T : Type, is it possible to make T be implicit when the section is closed?
[Sun Dec 14 12:09:11 2014] <vanila> jrw, Thank you so much! I've been completely stuck on that for weeks, finally got it :D
[Sun Dec 14 12:09:16 2014] <vanila> thanks to your hint
[Sun Dec 14 12:09:27 2014] <jrw> vanila: nice. np.
[Sun Dec 14 12:33:31 2014] <benzrf> bennofs: i was just asking that the other day
[Sun Dec 14 12:33:33 2014] <benzrf> turns out yes!!
[Sun Dec 14 12:33:42 2014] <bennofs> benzrf: how?
[Sun Dec 14 12:34:03 2014] <benzrf> Context {T : Type}.
[Sun Dec 14 12:34:07 2014] <benzrf> instead of Variable
[Sun Dec 14 12:35:52 2014] <bennofs> benzrf: :o it works, thanks. I was using Global Arguments <function> : default implicits everywhere, but now I can finally remove that!
[Sun Dec 14 12:36:31 2014] <benzrf> thank u based jgross_
[Sun Dec 14 14:40:14 2014] <jgross_> If you just want [: default implicits], you can [Set Implicit Arguments.] 
[Sun Dec 14 15:07:54 2014] <bennofs> Is it possible to re-export a single identifier from an imported module?
[Sun Dec 14 15:08:41 2014] <bennofs> And if yes, how?
[Sun Dec 14 15:54:16 2014] <jgross_> bennofs: [Notation foo := Bar.foo.]? 
[Sun Dec 14 16:19:23 2014] <darthdeus> in proof general, is there a way to run the code in the buffer just to the position of  the cursor?
[Sun Dec 14 16:19:31 2014] <darthdeus> other than using C-c C-n to step manually one line by line
[Sun Dec 14 16:20:43 2014] <bennofs> darthdeus: proof-assert-until-point-interactive   idk what the default binding is for that
[Sun Dec 14 16:20:58 2014] <adelbertc> C-c C-RET
[Sun Dec 14 16:21:06 2014] <adelbertc> if you're in terminal C-RET doesnt work, so i remapped mine to C-c C-m
[Sun Dec 14 16:21:14 2014] <darthdeus> perfect, thanks guys!
[Sun Dec 14 16:21:39 2014] <benzrf> C-c C-c C-ombo breaker
[Sun Dec 14 16:30:32 2014] <darthdeus> is there also a way to go one step back? other than C-c C-u which is undo
[Sun Dec 14 16:30:47 2014] <darthdeus> like the equivalent to go one expression up and C-c RET
[Sun Dec 14 18:22:37 2014] <thinkpad20> hey guys, is there a way to see what actual functions some notation refers to? For example, if I want to know the "real" function being applied to a and b when I write "a + b"?
[Sun Dec 14 18:23:25 2014] <Cypi> You can use: Locate "_ + _".
[Sun Dec 14 18:24:52 2014] <Cypi> You can also disable the usage of notations by Coq with [Unset Printing Notations.], and enable it back with [Set Printing Notations.] if you wish so.
[Sun Dec 14 18:24:53 2014] <thinkpad20> Perfect! Thanks a bunch
[Sun Dec 14 18:24:57 2014] <darthdeus> hey guys, is there a way to do the "andb_eq_orb" proof here https://www.cs.cmu.edu/~emc/15414-s14/assignment/hw2/Basics_w_ans.v without defining the lemmas for each rewrite?
[Sun Dec 14 18:25:02 2014] <thinkpad20> Ah both of those are very useful
[Sun Dec 14 18:25:17 2014] <darthdeus> I mean isn't there a way to just compute & rewrite the value for that?
[Sun Dec 14 18:26:16 2014] <thinkpad20> in general you can write "assert X" to introduce an anonymous lemma X. The goal state will change to a proof of that lemma.
[Sun Dec 14 18:27:50 2014] <Cypi> darthdeus : you can use, in this case, [simpl in H.], and then rewrite with H.
[Sun Dec 14 18:28:10 2014] <thinkpad20> well anonymous is a mistake actually; it just uses a lambda under the hood. What you actually write is "assert (H: some_type)", where some_type is the type of the lemma you want to prove
[Sun Dec 14 18:28:40 2014] <thinkpad20> And then, once "some_type" has been proven, you will have an assumption "H" in your context
[Sun Dec 14 18:29:15 2014] <thinkpad20> http://www.cis.upenn.edu/~bcpierce/sf/current/Induction.html#lab48
[Sun Dec 14 18:29:30 2014] <darthdeus> oh perfect
[Sun Dec 14 18:29:46 2014] <darthdeus> Cypi: simpl in H. works :) thanks
[Sun Dec 14 18:29:55 2014] <darthdeus> gonna take a look at the assert, seems like that would be more general approach
[Mon Dec 15 08:29:00 2014] <schoppenhauer> hello. I just checked out coq from the git repo, and the Makefile.build is wrong, I think.
[Mon Dec 15 08:29:34 2014] <schoppenhauer> well, it is built, of course
[Mon Dec 15 08:29:38 2014] <schoppenhauer> but it behaves wrong
[Mon Dec 15 08:30:46 2014] <schoppenhauer> in the target "install-library", inside "ifeq ($(BEST),opt)", the $(INSTALLBIN) should be $(INSTALLSH) I think.
[Mon Dec 15 08:31:02 2014] <schoppenhauer> line 772
[Mon Dec 15 13:19:22 2014] <darthdeus> probably a dumb question, but how can I prove "n : nat, n > 0 -> (exists m : nat, n = S m)"? if I try induction I'll get stuck immediately at n = 0, and not sure what else to do
[Mon Dec 15 13:36:09 2014] <jrw> darthdeus: you shouldn't need induction. just destruct n. inversion in the first case, eauto in the second case.
[Mon Dec 15 13:37:24 2014] <darthdeus> jrw: cool thanks! didn't know about either of those :)
[Mon Dec 15 13:37:54 2014] <darthdeus> I'm just following Software Foundations and haven't really gotten to existential quantification yet, so wasn't sure how to appraoch it
[Mon Dec 15 13:42:20 2014] <jrw> darthdeus: it might also be a good exercise to do the second case without eauto then.
[Mon Dec 15 13:42:38 2014] <jrw> you can use the [exists foo] tactic to explicitly give the witness foo
[Mon Dec 15 13:42:44 2014] <darthdeus> jrw: yeah, I'm trying that right now :)
[Mon Dec 15 13:42:49 2014] <jrw> then you'll be asked to prove that the witness satisfies the property
[Mon Dec 15 13:43:02 2014] <jrw> which should be easy in this case if you picked the right witness :)
[Mon Dec 15 13:43:49 2014] <darthdeus> yeah then it's just reflexivity
[Mon Dec 15 13:44:17 2014] <darthdeus> though everything still feels a bit like magic
[Mon Dec 15 13:48:52 2014] <johnw> one way to think of exists is that instead of the caller (user of your lemma) passing in the argument, you are passing it locally
[Mon Dec 15 14:18:46 2014] <benzrf> hey guys!
[Mon Dec 15 14:19:05 2014] <johnw> hey benzrf!
[Mon Dec 15 14:19:12 2014] <benzrf> is there any kind of shorthand for doing the reverse of extensionality?
[Mon Dec 15 14:19:34 2014] <benzrf> to be precise, i have a hypothesis f = g and i want to get a hypothesis forall a, f a = g a
[Mon Dec 15 14:19:55 2014] <benzrf> i can just do assert (forall a, f a = g a). rewrite H. reflexivity.
[Mon Dec 15 14:20:00 2014] <benzrf> but i feel like there could be something similar?
[Mon Dec 15 14:20:03 2014] <benzrf> *simpler
[Mon Dec 15 14:20:11 2014] <johnw> check what's in the FunctionalExtensionality module
[Mon Dec 15 14:20:20 2014] <benzrf> johnw: that's not extensionality at all though
[Mon Dec 15 14:20:24 2014] <johnw> I'm pretty sure what you need is there
[Mon Dec 15 14:20:27 2014] <benzrf> that's not proving equality from extensionality, it's the reverse
[Mon Dec 15 14:20:28 2014] <benzrf> oh, ok
[Mon Dec 15 14:21:03 2014] <johnw> "equal_f"
[Mon Dec 15 14:21:13 2014] <johnw> "The converse of functional extensionality"
[Mon Dec 15 14:21:20 2014] <benzrf> another question:
[Mon Dec 15 14:21:22 2014] <johnw> https://coq.inria.fr/library/Coq.Logic.FunctionalExtensionality.html
[Mon Dec 15 14:21:30 2014] <benzrf> oh
[Mon Dec 15 14:21:34 2014] <benzrf> hah
[Mon Dec 15 14:21:34 2014] <benzrf> anyway
[Mon Dec 15 14:21:44 2014] <benzrf> how does false-from-trivially-false-equality work
[Mon Dec 15 14:21:46 2014] <benzrf> what does a proof term look like
[Mon Dec 15 14:21:58 2014] <johnw> print it
[Mon Dec 15 14:22:02 2014] <benzrf> huh
[Mon Dec 15 14:22:14 2014] <johnw> Print <name of proof>.
[Mon Dec 15 14:24:13 2014] <benzrf> what does return do
[Mon Dec 15 14:24:27 2014] <johnw> never heard of it
[Mon Dec 15 14:24:55 2014] <benzrf> im lookin at the proof term and its a hell of a tangle
[Mon Dec 15 14:25:06 2014] <johnw> ohh
[Mon Dec 15 14:25:08 2014] <johnw> *that* return
[Mon Dec 15 14:25:17 2014] <johnw> match <value> return <type> with ... end
[Mon Dec 15 14:25:27 2014] <johnw> determines the type return by match branches
[Mon Dec 15 14:25:27 2014] <benzrf> oh
[Mon Dec 15 14:25:43 2014] <johnw> it can be an arbitrarily complex expression
[Mon Dec 15 14:25:48 2014] <benzrf> what does in do
[Mon Dec 15 14:25:55 2014] <benzrf> H in (_ = y) <- ??
[Mon Dec 15 14:26:02 2014] <benzrf>   match H in (_ = y) return (y = 1 -> False) with
[Mon Dec 15 14:26:15 2014] <johnw> you'll have to check the manual, I haven't used it myself
[Mon Dec 15 14:27:16 2014] <johnw> if you want to be using Coq seriously, I recommend sitting down and reading the manual at some point
[Mon Dec 15 14:27:57 2014] <benzrf> fug
[Mon Dec 15 17:42:13 2014] <johnw> I need to fold over a list where the type of the list is dependent on the variable I'm mutating over the course of the fold
[Mon Dec 15 17:42:57 2014] <benzrf> whoah
[Mon Dec 15 17:43:00 2014] <benzrf> thats nuts
[Mon Dec 15 17:43:02 2014] <notdan> :S
[Mon Dec 15 17:43:06 2014] <johnw> i'm wondering if it's even sane
[Mon Dec 15 17:43:10 2014] <notdan> At first I thought this is #haskell and was like
[Mon Dec 15 17:43:10 2014] <notdan> what
[Mon Dec 15 17:43:14 2014] <notdan> how is that even
[Mon Dec 15 17:43:33 2014] <benzrf> johnw: whats the use case o:
[Mon Dec 15 17:44:39 2014] <johnw> I have a list of [foo X] elements, and I want, for each elements of [foo X], to mutate X through several generations.  I know that each subsequent element of [foo X] will exist within each X', but I'm having a hard time expressing it
[Mon Dec 15 17:44:43 2014] <johnw> benzrf: hard to describe
[Mon Dec 15 17:45:10 2014] <johnw> probably just some heavy transitivity is needed, along with a proof of existence in latter generations
[Mon Dec 15 17:45:28 2014] <johnw> i'll try writing out the type of the fold function
[Mon Dec 15 17:48:08 2014] <johnw> I think something along these lines:
[Mon Dec 15 17:48:09 2014] <johnw> Definition dep_foldl {A : Type} {B : A -> Type} (f : forall b' : A, B b' -> A) (b : A) (v : seq (B b)) : A.
[Mon Dec 15 17:48:36 2014] <johnw> that expresses what I said above
[Mon Dec 15 17:49:07 2014] <johnw> now, can such a thing be written, and what further evidence will it require...
[Mon Dec 15 18:11:10 2014] <johnw> ok, it can be written! needing two helper lemmas to work: https://gist.github.com/4f5a880c8fc16e0e27cd
[Mon Dec 15 19:25:05 2014] <benzrf> how can one do topology in coq?
[Mon Dec 15 19:25:11 2014] <benzrf> it's so set based
[Mon Dec 15 22:40:04 2014] <jgross_> benzrf: You can do classical topology straightforwardly replacing uses of "set" in the textbook with "type" in Coq.  Alternatively, you can do homotopy type theory, where each type comes with a natrual topology. 
[Mon Dec 15 22:40:31 2014] <benzrf> hh
[Mon Dec 15 22:40:35 2014] <benzrf> jgross_: subtypes?
[Mon Dec 15 22:40:57 2014] <jgross_> { x : T | P x } is the "subtype" of T classified by P 
[Mon Dec 15 22:41:06 2014] <benzrf> ah ye
[Mon Dec 15 22:41:09 2014] <benzrf> *ah yes
[Mon Dec 15 22:41:14 2014] <benzrf> sounds clunky :{
[Mon Dec 15 22:41:46 2014] <jgross_> A bit.	It's even more clunky if you want to do anything with the reals or with metric spaces.	But homotopy type theory isn't clunky! 
[Mon Dec 15 22:43:09 2014] <benzrf> i dont think im ready for the homotopy :|
[Mon Dec 15 22:43:19 2014] <benzrf> i just learned what a homeomorphism is, dude
[Mon Dec 15 22:46:45 2014] <jgross_> Part of the beauty of doing math in Coq is that you can use Coq to build your mathematical intuition, and vice-versa.  A homotopy isn't that much more complicated than a homeomorphism.  Once you know homotopies, and groups (from algebra), homotopy groups are only a small step beyond that.  Once you have homotopy groups, that's probably enough to learn basic homotopy type theory (and you might not even need a rigorous understanding of homotopy
[Mon Dec 15 22:46:45 2014] <jgross_> groups). 
[Mon Dec 15 22:47:03 2014] <benzrf> hh
[Mon Dec 15 22:47:22 2014] <benzrf> how do product topologies work
[Mon Dec 15 22:47:29 2014] <benzrf> hold on let me try figurin it out
[Mon Dec 15 22:47:36 2014] <benzrf> i saw the definition of a homotopy somewhere
[Mon Dec 15 22:47:41 2014] <benzrf> so... for that to work...
[Mon Dec 15 22:48:02 2014] <benzrf> i assume the points are pairs
[Mon Dec 15 22:48:11 2014] <benzrf> and the topology is...
[Mon Dec 15 22:48:20 2014] <benzrf> i wanna guess...
[Mon Dec 15 22:48:55 2014] <benzrf> open iff the set of the first components is open in the first factor and same in the 2nd
[Mon Dec 15 22:49:02 2014] <benzrf> ^probably wrong?
[Mon Dec 15 23:01:15 2014] <jgross_> benzrf: See if you can prove that equivalent to the formulation given here: http://mathworld.wolfram.com/ProductTopology.html 
[Tue Dec 16 00:05:38 2014] <benzrf> jgross_: holy shit i think i was right
[Tue Dec 16 00:07:28 2014] <benzrf> night
[Tue Dec 16 07:47:13 2014] <mads-> jgross_: Going to back to what you said about math and Coq - I know that I learned a great deal of math as well when I took a course in Coq
[Tue Dec 16 09:23:40 2014] <benzrf> wait, shit
[Tue Dec 16 09:23:42 2014] <benzrf> no i wasnt right
[Tue Dec 16 09:24:04 2014] <benzrf> the definition is the coarsest such that the projections are continuous
[Tue Dec 16 09:24:15 2014] <benzrf> i had such that the projections are the /inverse/ of continuous
[Tue Dec 16 09:24:27 2014] <benzrf> i.e., open maps to open
[Tue Dec 16 09:24:29 2014] <benzrf> fug
[Tue Dec 16 10:48:45 2014] <roosbeef> forall x y z, (x - (y + z)) = (x - y) - z.
[Tue Dec 16 10:48:50 2014] <roosbeef> whats the name for this law again?
[Tue Dec 16 10:49:59 2014] <roosbeef> nm found it NPeano.Nat.sub_add_distr
[Tue Dec 16 10:50:59 2014] <johnw> ah, I wasn't sure whether that would be call distributive or not
[Tue Dec 16 13:41:10 2014] <darthdeus> hey guys, how can I figure out what is causing the "Error: There are pending proofs" error?
[Tue Dec 16 13:44:16 2014] <ianjneu> darthdeus: you're trying to compile a file that has some unclosed theorems (no Qed or Defined)
[Tue Dec 16 13:45:11 2014] <ianjneu> in terms of finding which one, Coq doesn't have anything built in to help. I think jgross's debugging scripts help, but I haven't personally used them.
[Tue Dec 16 13:47:01 2014] <darthdeus> ianjneu: thanks, found it :)
[Tue Dec 16 16:18:29 2014] <darthdeus> anyone knows why proof general suddenly (after pressing some combination) automatically submits when i press .?
[Tue Dec 16 16:19:15 2014] <ianjneu> I haven't been able to track that down yet. I just restart.
[Tue Dec 16 16:19:47 2014] <ianjneu> Googled. C-c . toggles this
[Tue Dec 16 16:20:10 2014] <ianjneu> darthdeus: ^
[Tue Dec 16 16:20:54 2014] <darthdeus> ianjneu: cool :)
[Tue Dec 16 16:20:56 2014] <darthdeus> thanks
[Tue Dec 16 16:23:32 2014] <benzrf> how does constructive mathematics as in coq handle things like the halting problem
[Tue Dec 16 16:24:11 2014] <benzrf> like classically in math u can show the existence of an uncomputable real number by saying "the nth digit is 0 if the nth turing machine halts, and 1 otherwise"
[Tue Dec 16 16:24:22 2014] <benzrf> does such a number exist in constructive math/
[Tue Dec 16 16:24:29 2014] <ianjneu> benzrf: Assume LEM
[Tue Dec 16 16:24:34 2014] <benzrf> hh
[Tue Dec 16 16:24:38 2014] <benzrf> gross
[Tue Dec 16 16:24:48 2014] <jn__> benzrf: "fixpoint" recursive functions as definable in coq are required to terminate by their structure
[Tue Dec 16 16:24:51 2014] <ianjneu> That's classical math for you.
[Tue Dec 16 16:25:49 2014] <benzrf> aside from that, i was also wondering more generally
[Tue Dec 16 16:26:31 2014] <ianjneu> constructive math isn't hamstrung. It's a discipline that means proofs have canonical forms. If you don't care about that, you can admit more axioms if you so choose.
[Tue Dec 16 16:26:39 2014] <benzrf> a. is there a such thing as real number that cannot be defined from a computable function (in the sense that its digits are "random" in such a way that you cannot specify it in finite space)
[Tue Dec 16 16:26:44 2014] <benzrf> b. if so, how does that work in coq
[Tue Dec 16 16:27:09 2014] <benzrf> would that have something to do with aoc
[Tue Dec 16 16:28:32 2014] <ianjneu> Coq doesn't internally know that its functions are computable. You can't really grasp computability without embedding an entire model.
[Tue Dec 16 16:29:01 2014] <ianjneu> You also can't go meta and say, "there is no Coq program such that X"
[Tue Dec 16 16:31:49 2014] <benzrf> hrgh
[Tue Dec 16 16:32:38 2014] <benzrf> ianjneu: point a is about in classical math i guess
[Tue Dec 16 16:34:37 2014] <ianjneu> benzrf: well if you just say that all Coq programs have an associated natural number that encodes them, you can just reuse the argument that there is no injection from reals to the nats.
[Tue Dec 16 16:37:53 2014] <benzrf> argh
[Tue Dec 16 16:38:01 2014] <benzrf> ;-;
[Tue Dec 16 16:39:13 2014] <benzrf> hmm... so can you prove within coq that `forall (A : Type) (f : Real -> A), ~injective f'
[Tue Dec 16 16:39:17 2014] <benzrf> oh wait no that's absurd
[Tue Dec 16 16:39:44 2014] <benzrf> itd need to be a mapping from the /classical/ reals to coq terms
[Tue Dec 16 16:39:47 2014] <benzrf> not coq reals
[Tue Dec 16 16:40:23 2014] <benzrf> hmm, though
[Tue Dec 16 16:40:41 2014] <benzrf> ianjneu: if you axiomatized the reals in Coq in a way faithful to the classical ones, could it be possible to prove that
[Tue Dec 16 16:40:51 2014] <benzrf> because if so there's an easy inconsistency...
[Tue Dec 16 16:45:31 2014] <ianjneu> Let Real = nat -> Z with the Cauchy condition : forall eps : Z, eps > 0 -> exists N : nat, forall m n : nat, m > N -> n > N -> abs((seq m) - (seq n)) < eps
[Tue Dec 16 16:45:55 2014] <ianjneu> where seq : Real
[Tue Dec 16 16:48:53 2014] <benzrf> wait
[Tue Dec 16 16:48:56 2014] <benzrf> doesnt it need to be nat -> Q
[Tue Dec 16 16:49:52 2014] <ianjneu> oh right, yup.
[Tue Dec 16 16:50:12 2014] <ianjneu> Was thinking "rational" but wrote Z.
[Tue Dec 16 16:50:19 2014] <benzrf> btw can you do something like
[Tue Dec 16 16:51:06 2014] <benzrf> forall (eps, gt) : {n : Q | n > 0}
[Tue Dec 16 16:51:21 2014] <benzrf> hmm i guess that's more redundant
[Tue Dec 16 16:51:25 2014] <benzrf> technically
[Tue Dec 16 16:51:39 2014] <benzrf> just feel as though the constraint should be part of the forall
[Tue Dec 16 16:51:41 2014] <ianjneu> I don't think you can.
[Tue Dec 16 16:52:06 2014] <benzrf> anyway
[Tue Dec 16 16:52:06 2014] <johnw> am I right in thinking that "refinement types" are simply "sig"?
[Tue Dec 16 16:52:41 2014] <benzrf> ianjneu: that definition of the reals is not equivalent to the classical definition
[Tue Dec 16 16:52:45 2014] <ianjneu> johnw: no, refinement types in literature almost always are decidable and don't require explicit proofs.
[Tue Dec 16 16:52:46 2014] <benzrf> since they must be computable
[Tue Dec 16 16:52:50 2014] <benzrf> so...
[Tue Dec 16 16:52:57 2014] <benzrf> wait, hm
[Tue Dec 16 16:53:02 2014] <johnw> ianjneu: ah!  thanks
[Tue Dec 16 16:53:04 2014] <benzrf> hmmmmmmmmmmmmmmmm
[Tue Dec 16 16:53:17 2014] <johnw> yes, the article I read did keep repeating the word decidable
[Tue Dec 16 16:53:21 2014] <benzrf> fuck
[Tue Dec 16 16:53:25 2014] <johnw> language
[Tue Dec 16 16:53:28 2014] <benzrf> sry
[Tue Dec 16 16:53:28 2014] <benzrf> :{
[Tue Dec 16 16:53:42 2014] <ianjneu> benzrf: forget "computable" when thinking within Gallina's logic.
[Tue Dec 16 16:53:59 2014] <benzrf> cant you prove that the ordered field with the least upper bound property is unique
[Tue Dec 16 16:54:15 2014] <benzrf> so if you can prove that your Real definition is an ordered field with least upper bounds
[Tue Dec 16 16:54:23 2014] <benzrf> then
[Tue Dec 16 16:54:29 2014] <benzrf> something fishy is going on...
[Tue Dec 16 16:54:36 2014] <ianjneu> The reals have a countable model.
[Tue Dec 16 16:54:43 2014] <benzrf> ??
[Tue Dec 16 16:54:45 2014] <ianjneu> ya.
[Tue Dec 16 16:55:09 2014] <benzrf> what does that mean
[Tue Dec 16 16:55:16 2014] <benzrf> ok wait can we back up for a second
[Tue Dec 16 16:55:25 2014] <benzrf> my prior mentioned halting real... is there a name for it?
[Tue Dec 16 16:56:40 2014] <ianjneu> I don't know what you mean by halting real.
[Tue Dec 16 16:57:01 2014] <benzrf> the one whose nth binary digit is defined as whether the nth turing machine halts
[Tue Dec 16 16:57:33 2014] <ianjneu> I dunno what to call that.
[Tue Dec 16 16:57:38 2014] <benzrf> ok let's call it H
[Tue Dec 16 16:57:43 2014] <benzrf> so
[Tue Dec 16 16:57:53 2014] <benzrf> H is not an element of your Real definition is it?
[Tue Dec 16 16:59:38 2014] <ianjneu> You would have to translate decimals into partial sum sequences.
[Tue Dec 16 16:59:52 2014] <benzrf> but
[Tue Dec 16 16:59:59 2014] <benzrf> ugh
[Tue Dec 16 17:00:18 2014] <benzrf> ianjneu: the function that generates the partial sums must be a gallina function, right?
[Tue Dec 16 17:00:25 2014] <ianjneu> 0.123... = 1/10 + 2/100 + 3/1000 + ...
[Tue Dec 16 17:00:53 2014] <ianjneu> you can define functions using axioms like LEM, but just don't expect to be able to run them.
[Tue Dec 16 17:00:58 2014] <benzrf> hmm
[Tue Dec 16 17:01:07 2014] <benzrf> ok, let's assume that LEM doesn't apply here
[Tue Dec 16 17:01:15 2014] <benzrf> like
[Tue Dec 16 17:01:17 2014] <benzrf> we're not using LEM
[Tue Dec 16 17:01:23 2014] <benzrf> then there can't be a gallina function that generates partial sums of H, can there?
[Tue Dec 16 19:07:58 2014] <benzrf> shit
[Tue Dec 16 19:48:39 2014] <johnw> language :)
[Tue Dec 16 19:49:14 2014] <benzrf> johnw do you know these things
[Tue Dec 16 19:49:16 2014] <benzrf> ;-;
[Tue Dec 16 19:54:34 2014] <johnw> nope
[Tue Dec 16 19:57:01 2014] <benzrf> tfw
[Tue Dec 16 20:13:25 2014] <johnw>  is there a way to not clear hypothesis but to hide it?
[Tue Dec 16 20:56:36 2014] <nkar> hi, how can I import a module hiding certain things?  like import Foo hiding (foo) in haskell
[Tue Dec 16 20:56:50 2014] <johnw> good question
[Tue Dec 16 20:56:53 2014] <benzrf> nkar: no one knows that
[Tue Dec 16 20:58:43 2014] <nkar> context: I want to solve the 99 haskell questions in coq and (maybe) prove certain things on the go.  I wanted to import things from the stdlib, does it mean that I need to start from scratch?
[Tue Dec 16 20:58:54 2014] <nkar> assuming that hiding is not possible
[Tue Dec 16 21:10:29 2014] <adelbertc> nkar: oo thats a good idea
[Tue Dec 16 21:11:03 2014] <nkar> the wiki contributions are licensed under expat, btw
[Tue Dec 16 21:18:00 2014] <nkar> johnw: did I understand correctly that you abandoned sf in favor of adamc's book?  if so, why?
[Tue Dec 16 21:18:13 2014] <johnw> no, not abandoned at all
[Tue Dec 16 21:18:35 2014] <johnw> I've been reading everything related to Coq that I can get my hands on
[Tue Dec 16 21:30:27 2014] <nkar> where can I read about literate coq (or whatever it's called)?  I'd like to know how to format the comments, so I could generate nice html files (as done in SF).
[Tue Dec 16 21:31:41 2014] <johnw> you mean, coqdoc?
[Tue Dec 16 21:31:45 2014] <johnw> it's in the manual
[Tue Dec 16 21:39:16 2014] <nkar> ah, I didn't know the name, so I couldn't find anything.  thanks
[Tue Dec 16 21:40:58 2014] <johnw> the support for it is pretty spartan, although you can escape to LaTeX
[Tue Dec 16 21:41:07 2014] <johnw> i'd look at the way adamc uses it for his book
[Tue Dec 16 21:41:32 2014] <johnw> or you can check out https://github.com/jwiegley/category-theory
[Tue Dec 16 21:41:46 2014] <nkar> tx
[Tue Dec 16 22:04:53 2014] <nkar> coq doesn't have the 'error' function as haskell, so the solutions are to provide a default element or use the option type, right?
[Tue Dec 16 22:08:32 2014] <johnw> yep
[Tue Dec 16 22:08:46 2014] <johnw> or some kind of Either type that reports an error
[Tue Dec 16 22:08:51 2014] <johnw> s/Either/sum
[Tue Dec 16 22:19:54 2014] <benzrf> nkar: the error function is used to indicate that a function is partial
[Tue Dec 16 22:20:00 2014] <nkar> I'm aware
[Tue Dec 16 22:20:02 2014] <benzrf> nkar: why would you want a partial function in coq??
[Tue Dec 16 22:20:24 2014] <johnw> he's asking how we make all functions total in Coq
[Tue Dec 16 22:20:34 2014] <johnw> since you can't do it the Haskell way
[Tue Dec 16 22:20:51 2014] <nkar> no no, I wanted to solve the exercise the haskell way, (last is partial in haskell), but I ended up using option
[Tue Dec 16 22:20:57 2014] <johnw> ah
[Tue Dec 16 22:21:03 2014] <nkar> :)
[Tue Dec 16 22:23:47 2014] <nkar> new problems...  proofgeneral fails to parse Require Import Coq.Lists.List (only Require Import List is allowed) and it cannot find the list notation, which is in a separate module (Require Import ListNotations) doesn't work.
[Tue Dec 16 22:24:26 2014] <johnw> Module Import LN := ListNotations.
[Tue Dec 16 22:25:23 2014] <nkar> ahem, how does it work?  also, don't I need to use the full module names?
[Tue Dec 16 22:25:45 2014] <johnw> Require Import List.
[Tue Dec 16 22:25:48 2014] <johnw> Module Import LN := ListNotations.
[Tue Dec 16 22:26:00 2014] <johnw> that's all i ever do
[Tue Dec 16 22:26:21 2014] <nkar> yeah, it works, thank you.  my question was about the LN := ListNotations bit, why is := needed?
[Tue Dec 16 22:27:10 2014] <johnw> you are assigning LN as the imported module name
[Tue Dec 16 22:27:18 2014] <johnw> in this case it's meaningless
[Tue Dec 16 22:27:47 2014] <nkar> well, it's not meaningless because it doesn't work without the assignment.  or is it mandatory?
[Tue Dec 16 22:28:01 2014] <johnw> as far as I know it's mandatory, but it doesn't matter what you call it
[Tue Dec 16 22:28:06 2014] <johnw> since you'll never use that prefix
[Tue Dec 16 22:28:16 2014] <nkar> ugly...
[Tue Dec 16 22:28:51 2014] <nkar> meh, the manual is not helpful either.  can't decipher it.
[Tue Dec 16 22:29:29 2014] <nkar> johnw: thanks, it would be much more frustrating without your constant guidance
[Tue Dec 16 22:29:50 2014] <johnw> heh, I endured that frustration so that you won't have to :)
[Tue Dec 16 22:37:35 2014] <johnw> I guess after giving Coq 10 minutes to try and process a Program Fixpoint, I should give up...
[Tue Dec 16 22:40:33 2014] <nkar> ... and ask on the mailing list
[Tue Dec 16 22:40:59 2014] <nkar> maybe it's not hopeless and someone suggests a way to speed it up
[Tue Dec 16 22:44:49 2014] <nkar> why am I getting "no interpretation for string "z" on ["x";"y";"z"]?  I've tried to import String and Ascii.
[Tue Dec 16 22:44:58 2014] <johnw> Open Scope string_scope.
[Tue Dec 16 22:46:03 2014] <nkar> I need chars, so I imported Ascii and used char_scope instead.  is it the right approach?
[Tue Dec 16 22:46:12 2014] <johnw> i've never done it that way
[Tue Dec 16 22:50:46 2014] <nkar> another way to do this is to use "a"%char or "b"%string
[Tue Dec 16 22:51:12 2014] <nkar> now I recall that it's been mentioned in SF
[Tue Dec 16 22:54:40 2014] <johnw> ah, yes
[Tue Dec 16 22:54:47 2014] <johnw> you can always explicitly specify scopes
[Tue Dec 16 22:57:46 2014] <nkar> why can't coq accept myLast [] without an explicit type declaration?  I understand that it cannot infer the X in list X, but I'm interested why it needs to know that.
[Tue Dec 16 23:05:26 2014] <johnw> because you're not using myLast [] in a context where it could infer it
[Tue Dec 16 23:16:13 2014] <nkar> is there a predefined alternative to Case?
[Tue Dec 16 23:16:35 2014] <johnw> no
[Tue Dec 16 23:16:40 2014] <johnw> Case is a clever hack
[Tue Dec 16 23:17:34 2014] <nkar> what do people use outside of SF?
[Tue Dec 16 23:17:46 2014] <johnw> i just use bullets and prooftree
[Tue Dec 16 23:17:49 2014] <johnw> i don't bother with Case anymore
[Tue Dec 16 23:18:09 2014] <johnw>  well, I still use it if I have an inductive type with a lot of constructors
[Tue Dec 16 23:19:20 2014] <nkar> oh, thanks for telling me about bullets
[Tue Dec 16 23:22:03 2014] <johnw> yeah, very useful
[Tue Dec 16 23:22:55 2014] <johnw> whoa, coq segmentation fault
[Tue Dec 16 23:23:22 2014] <nkar> hehe
[Tue Dec 16 23:33:44 2014] <benzrf> johnw: u broke math :(
[Tue Dec 16 23:42:37 2014] <johnw> phew, found a workaround
[Wed Dec 17 00:14:46 2014] <nkar> I cannot find app_comm in the stdlib.  is it really missing?
[Wed Dec 17 00:21:38 2014] <nkar> but app is not commutative, lol
[Wed Dec 17 00:26:36 2014] <johnw> just think, you can be the first to prove it :)
[Wed Dec 17 00:28:31 2014] <nkar> haha
[Wed Dec 17 00:29:14 2014] <nkar> I've been up all night, no wonder I can't think straight
[Wed Dec 17 00:57:07 2014] <nkar> how do I tell coq that yt ++ [x] will never be equal to []?
[Wed Dec 17 00:59:37 2014] <nkar> oh, nevermind, I just destructed the whole thing
[Wed Dec 17 01:06:28 2014] <johnw> coq already knows that, and discrimate can establish it
[Wed Dec 17 01:06:34 2014] <johnw> discriminate
[Wed Dec 17 01:13:34 2014] <nkar> johnw: fyi, the links in the README.md file in the category-theory repo don't work
[Wed Dec 17 01:17:44 2014] <johnw> oh, oops
[Wed Dec 17 01:17:56 2014] <johnw> hmm.. they work here
[Wed Dec 17 01:18:06 2014] <johnw> http://ftp.newartisans.com/pub/hasq/Hasq.pdf
[Wed Dec 17 01:18:14 2014] <johnw> oh, maybe they're just not links
[Wed Dec 17 01:30:08 2014] <nkar> coqdoc fails to render 'inversion IHyt.   (* contradiction *)\napply IHyt.' properly (where \n denotes a newline).  in particular, it shows both tactics on the same line.  the workaround is to move the comment to a separate line, but is there a better way?
[Wed Dec 17 01:33:06 2014] <johnw> the Program environment really is quite cool
[Wed Dec 17 01:33:30 2014] <johnw> nkar: I don't know about embedded comments like that, I don't think
[Wed Dec 17 01:50:22 2014] <nkar> I'm also having problems with << and >>.  It's supposed to be verbatim, but coqdoc keeps stripping off the newlines.
[Wed Dec 17 01:51:47 2014] <nkar> [[ and ]] do the right thing, but they are for coq.
[Wed Dec 17 01:56:43 2014] <johnw> :(
[Wed Dec 17 01:56:48 2014] <nkar> no no
[Wed Dec 17 01:56:52 2014] <nkar> disregard that
[Wed Dec 17 01:56:55 2014] <johnw> i'd post these all as bugs to the bugzill
[Wed Dec 17 01:56:56 2014] <johnw> a
[Wed Dec 17 01:57:43 2014] <nkar> I needed to move << and >> to the left.  turns out it's getting confused by whitespace.
[Wed Dec 17 02:25:09 2014] <johnw> whitespace confuses everyone
[Wed Dec 17 02:34:29 2014] <nkar> pushed the first problem: gitorious.org/99-problems
[Wed Dec 17 08:08:51 2014] <notdan> Hi
[Wed Dec 17 08:35:44 2014] <nkar> hi
[Wed Dec 17 08:40:40 2014] <ianjneu> nkar: 'morning
[Wed Dec 17 08:45:28 2014] <notdan> is there a way to see what induction hypothesis is being generated in Coq, when I do `induction' tactic?
[Wed Dec 17 08:45:45 2014] <notdan> To be more specific, what is being instantiated to `P'
[Wed Dec 17 08:48:36 2014] <ianjneu> notdan: when you finish a proof, you can print the proof term and look for *_ind
[Wed Dec 17 08:50:12 2014] <ianjneu> in terms of what else, I would imagine that P is the rest of the context /after/ the variable inducted on, which then implies the goal.
[Wed Dec 17 08:54:53 2014] <notdan> Yeah, but I can't finish the proof ):
[Wed Dec 17 08:55:18 2014] <notdan> because I don't understand what Coq exactly tries to formulate
[Wed Dec 17 08:58:20 2014] <nkar> notdan: what do you pass an an argument to induction?
[Wed Dec 17 09:00:07 2014] <notdan> Well I just use `induction H', but H is dependent
[Wed Dec 17 09:00:26 2014] <notdan> in the sense that I did `remember x as y in H' before that
[Wed Dec 17 09:00:45 2014] <benzrf> ianjneu: hey
[Wed Dec 17 09:00:52 2014] <benzrf> ianjneu: my number H from yesterday
[Wed Dec 17 09:01:13 2014] <benzrf> ianjneu: it isnt an inhabitant of the type {f : nat -> Q | cauchy f} is it?!
[Wed Dec 17 09:01:39 2014] <benzrf> f must be a gallina function and no gallina function can compute H
[Wed Dec 17 09:02:02 2014] <benzrf> which would mean that the classical reals include members that the coq reals do not
[Wed Dec 17 09:02:03 2014] <benzrf> y/n?
[Wed Dec 17 09:05:33 2014] <benzrf> aaaaaaaaaaaaaaaaaaaa
[Wed Dec 17 09:05:49 2014] <benzrf> ok, wait i have an idea for a solution to the question i was gonna ask
[Wed Dec 17 09:06:20 2014] <benzrf> is anybody with a strong grasp of computability and coq's relationship with classical math??
[Wed Dec 17 09:06:27 2014] <benzrf> *is anybody ... online
[Wed Dec 17 09:35:14 2014] <nkar> ianjneu: I asked johnw about it yesterday, but maybe you know the answer.  why is LN required here: [Module Import LN := ListNotations.]?  Isn't there a better way?
[Wed Dec 17 10:29:43 2014] <notdan> How can I find everything (every lemma) about a particular type in coq?
[Wed Dec 17 10:30:17 2014] <Anarchos> Search ?
[Wed Dec 17 10:34:31 2014] <benzrf> in coq
[Wed Dec 17 10:34:43 2014] <benzrf> how do you do things like prove that an algorithm in a turing-complete language halts
[Wed Dec 17 10:37:20 2014] <benzrf> do you say something like
[Wed Dec 17 10:37:21 2014] <benzrf> exists n : nat, Halted (iterate runStep n startState)
[Wed Dec 17 10:41:21 2014] <notdan> Anarchos: for some reason it seems to search only in the current file
[Wed Dec 17 10:45:54 2014] <ianjneu> nkar: I don't know where "here" is, but you can also write Import ListNotations. to get access to the notations. You don't have to locally bind to a different name.
[Wed Dec 17 10:46:23 2014] <Anarchos> benzrf it is impossible or it would solve the halting problem, which is undecidable
[Wed Dec 17 10:46:55 2014] <ijp> Anarchos: I think benzrf is referring to proving a specific algorithm halts
[Wed Dec 17 10:47:13 2014] <notdan> Is there a way to prove this easier: http://lpaste.net/4056372126016339968 ?
[Wed Dec 17 10:47:23 2014] <Anarchos> ijp oh sorry
[Wed Dec 17 10:48:14 2014] <ijp> benzrf: the general answer is something like find a property X of a loop that gets "smaller" in some sense every time round the loop
[Wed Dec 17 10:49:41 2014] <ijp> http://adam.chlipala.net/cpdt/html/GeneralRec.html shows one such example for mergesort
[Wed Dec 17 10:50:02 2014] <notdan> oops actally I want to prove a different thing, sorry :S
[Wed Dec 17 10:50:54 2014] <nkar> ianjneu: "here" referred to the code inside [].  thanks, the suggested way of importing it is what I've been looking for.
[Wed Dec 17 10:51:31 2014] <notdan> http://lpaste.net/4056372126016339968
[Wed Dec 17 10:51:46 2014] <notdan> Basically, I want to show that S has to be an empty set in this case
[Wed Dec 17 10:51:54 2014] <notdan> but I am not sure how to do this constructively
[Wed Dec 17 10:52:09 2014] <notdan> because the emptiness property is not decidable
[Wed Dec 17 10:52:31 2014] <ianjneu> notdan: what imports do I need to make this denote?
[Wed Dec 17 10:52:48 2014] <notdan> Require Import Coq.Sets.Ensembles.
[Wed Dec 17 10:52:48 2014] <notdan> Require Import Coq.Sets.Constructive_sets.
[Wed Dec 17 10:52:48 2014] <notdan> Require Import Coq.Logic.FunctionalExtensionality.
[Wed Dec 17 10:53:20 2014] <ianjneu> notdan: S can also be the singleton set {y}
[Wed Dec 17 11:05:38 2014] <ianjneu> notdan: I have a proof.
[Wed Dec 17 11:06:13 2014] <ianjneu> Use the fact that the equality implies Same_set, and then use Singleton_inv.
[Wed Dec 17 11:07:39 2014] <lpaste> ianjneu revised “No title”: “singleton add one” at http://lpaste.net/4056372126016339968
[Wed Dec 17 11:30:35 2014] <notdan> ianjneu: oh, thanks!
[Wed Dec 17 11:30:43 2014] <notdan> I didn't manage to find Singleton_inv myself
[Wed Dec 17 12:11:18 2014] <benzrf> ianjneu please help me ;-;
[Wed Dec 17 12:53:10 2014] <ianjneu> wuh?
[Wed Dec 17 12:53:22 2014] <ianjneu> just got back from lunch.
[Wed Dec 17 12:55:38 2014] <ianjneu> benzrf: ^
[Wed Dec 17 12:58:35 2014] <nkar> I'm building coq, and it cannot find camlp5o.  which envvar do I need to set?
[Wed Dec 17 13:02:00 2014] <ianjneu> nkar: when configuring, pass --caml5dir <location>
[Wed Dec 17 13:10:14 2014] <johnw> ianjneu: welcome back
[Wed Dec 17 13:16:51 2014] <ianjneu> johnw: I find it an odd change of pace that I am the person people ask for help with Coq.
[Wed Dec 17 13:17:14 2014] <ianjneu> Meanwhile, I'm writing a proof by hand in LaTeX.
[Wed Dec 17 13:18:07 2014] <johnw> ianjneu:  why is that an odd change of pace?
[Wed Dec 17 13:18:35 2014] <ianjneu> johnw: I still feel like a nub.
[Wed Dec 17 13:19:02 2014] <ianjneu> I can't even install ssreflect, let alone write well-automated proofs.
[Wed Dec 17 13:19:09 2014] <johnw> wow, I had the impression that you are far more advanced than I am
[Wed Dec 17 13:19:32 2014] <johnw> I do love ssreflect
[Wed Dec 17 13:19:54 2014] <johnw> if I would just switch over to n.-tuple's, I wouldn't be importing the stdlib at all in my project
[Wed Dec 17 13:33:20 2014] <notdan> johnw: what do you use ssreflect for, if you don't mind me asking?
[Wed Dec 17 13:33:29 2014] <johnw> https://github.com/jwiegley/linearscan
[Wed Dec 17 13:33:56 2014] <notdan> cool
[Wed Dec 17 13:42:49 2014] <nkar> ianjneu: but then it cannot find camlp5.cma, which is /lib
[Wed Dec 17 13:49:27 2014] <ianjneu> nkar: well that file is supposed to be in the same directory as camlp5
[Wed Dec 17 13:54:03 2014] <nkar> johnw: do you know what ocamlfind is?  (see the 'default.nix' file of coq in nixpkgs)
[Wed Dec 17 13:54:55 2014] <johnw> no
[Wed Dec 17 13:57:49 2014] <nkar> ah, it seems it comes with findlib
[Wed Dec 17 14:57:10 2014] <johnw> Can any ssreflect users here help me to prove the following lemma: subseq (x :: xs) s -> subseq xs s
[Wed Dec 17 14:57:30 2014] <johnw>  it seems like it should be a very easy matter of rewriting, but I'm finding great difficulty with this one.  There doesn't seem to be much in the SSReflect library to help.
[Wed Dec 17 15:03:58 2014] <bennofs> What does "Small Scale Reflection" actually mean?
[Wed Dec 17 15:04:41 2014] <johnw> "The term small-scale reflection, which gives the name to the whole framework of SSReflect, emphasizes the two complementary ways of building proofs: by means of intuitionistic inference (i.e., using the constructors of datatypes defined in Prop) and by means of mere computation (i.e., with bool-returning function). These two ways, therefore, serve as each other’s “reflections” and, moreover, both are implemented within the same system,
[Wed Dec 17 15:04:42 2014] <johnw> without the need to appeal to Coq’s meta-object protocol,1 which makes this reflection small-scale."
[Wed Dec 17 15:05:18 2014] <bennofs> oh, thanks
[Wed Dec 17 15:05:51 2014] <johnw> from the excellent book: http://ilyasergey.net/pnp/pnp.pdf
[Wed Dec 17 15:07:57 2014] <johnw> ah, proved it!
[Wed Dec 17 15:08:34 2014] <johnw> always such a good feeling
[Wed Dec 17 15:08:48 2014] <johnw> benzrf: ping
[Wed Dec 17 15:24:30 2014] <adelbertc> oo coq book
[Wed Dec 17 15:24:33 2014] <adelbertc> * downloads
[Wed Dec 17 15:26:25 2014] <RchrdB> johnw: Coq is actually crack for mathematicians, isn't it?
[Wed Dec 17 15:26:48 2014] <ianjneu> no
[Wed Dec 17 15:27:16 2014] <johnw> it's crack for me, and I'm not a mathematician
[Wed Dec 17 15:27:28 2014] <johnw> i'm a neophyte computer scientist
[Wed Dec 17 15:37:41 2014] <johnw> hmm...   The extraction mechanism does not take advantage of let bindings to avoid redundant computations, since Haskell doesn't always do its own common subexpression elimination
[Wed Dec 17 15:52:33 2014] <adelbertc> how possible is it to extend coq's extraction mechanism to other langs, and if "yes" are there any guides in doing so?
[Wed Dec 17 15:52:50 2014] <johnw> i'm guessing it requires writing OCaml
[Wed Dec 17 15:52:55 2014] <johnw> I haven't come across any guides
[Wed Dec 17 15:53:06 2014] <johnw> i found another bug in the Haskell extractor yesterday
[Wed Dec 17 15:53:11 2014] <johnw> a function was extracted with no body at all
[Wed Dec 17 15:53:15 2014] <johnw> just 'foo = '
[Wed Dec 17 15:53:26 2014] <adelbertc> heh
[Wed Dec 17 15:53:32 2014] <adelbertc> what was the corresponding coq bit
[Wed Dec 17 15:53:36 2014] <johnw> complicated
[Wed Dec 17 15:53:47 2014] <adelbertc> maybe it just gave up :-P
[Wed Dec 17 15:54:04 2014] <johnw> it should have correctly extracted as foo = id or foo x = x
[Wed Dec 17 15:54:21 2014] <johnw> since the body was not computationally relevant
[Wed Dec 17 15:54:26 2014] <adelbertc> i suppose its time for me to learn some ocaml
[Wed Dec 17 15:54:41 2014] <johnw> what language are you intending to extract to?
[Wed Dec 17 15:55:14 2014] <adelbertc> im entertaining the idea of Scala, mostly in the name of "for fun"
[Wed Dec 17 15:55:25 2014] <adelbertc> im aware one exists, not sure how updated/reliable it is, but id also like to try my hand at it myself
[Wed Dec 17 17:29:14 2014] <mankyKitty> adelbertc: be very interested to hear how that goes :P
[Wed Dec 17 17:29:26 2014] <mankyKitty> I think you're mad... But in a good way. :D
[Wed Dec 17 17:32:41 2014] <adelbertc> :-)
[Wed Dec 17 18:22:10 2014] <jgross_> johnw: is there a way to not clear hypothesis but to hide it? <- [Definition hidden' (T : Type) := T.  Notation hidden := (hidden' _). Ltac hide H := idtac; let T := type of H in change (hidden' T) in H.] Not perfect, but almost what you want? 
[Wed Dec 17 18:23:25 2014] <jgross_> nkar: There is no import hiding.  But you can do [Require foo] rather than [Require Import foo], and then you can prefix everything with [foo.].  Alternatively, you can group the things in the file you're importing into their own modules, and then require the file, and import only some of the modules. 
[Wed Dec 17 18:24:20 2014] <jgross_> johnw: Why [Module Import LN := ListNotations] instead of just [Import ListNotations]? 
[Wed Dec 17 18:25:51 2014] <jgross_> johnw: a segfault in Coq is usually just the native-compiled version of a stack overflow in the bytecode version. 
[Wed Dec 17 18:27:31 2014] <jgross_> nkar: report the comment removing newlines in coqdoc as a bug on the bug tracker: https://coq.inria.fr/bugs/enter_bug.cgi 
[Wed Dec 17 18:31:11 2014] <jgross_> benzrf: You seem to be assuming that there is a single classical set that corresponds to "the Coq reals".  There is not.  You might find looking into model theory useful here. 
[Wed Dec 17 18:31:16 2014] <johnw> jgross_: lack of experience
[Wed Dec 17 18:31:32 2014] <johnw> good to see you again jgross_!
[Wed Dec 17 18:32:27 2014] <benzrf> mfw
[Wed Dec 17 18:32:37 2014] <johnw> hey benzrf
[Wed Dec 17 18:32:41 2014] <benzrf> sup
[Wed Dec 17 18:32:45 2014] <jgross_> johnw: Good to see you, too!  I'm probably only going to be around infrequently (and am in fact disappearing momentarily to shower and eat dinner and go square dancing), but if you mention my name, my irc program will highlight it, and I'll notice it. 
[Wed Dec 17 18:32:47 2014] <johnw> I got that wicked dependent fold working
[Wed Dec 17 18:32:48 2014] <benzrf> jgross_: hmm, well
[Wed Dec 17 18:32:53 2014] <johnw> https://gist.github.com/2dc2bd6e169d5995e2fb
[Wed Dec 17 18:32:54 2014] <johnw> it's almost silly
[Wed Dec 17 18:33:04 2014] <johnw> but it gets the job done
[Wed Dec 17 18:33:13 2014] <benzrf> jgross_: doesn't H have a representation in each classical construction of the reals?
[Wed Dec 17 18:33:19 2014] <benzrf> but it isnt in the coq one
[Wed Dec 17 18:40:22 2014] <jgross_> benzrf: Coq is a syntactic language.  You can choose any consistent semantics you want.  You can choose to interpret Coq's type of reals into many models.  You can choose to give it all of the clasical real numbers (but you won't be able to write them all down in Coq).  You can choose to give it a countable model.  You can choose to give it stranger models.  If you embed Coq's syntax in a metatheory (such as Coq itself+some extra universes), you
[Wed Dec 17 18:40:22 2014] <jgross_> can possibly prove that there are inhabitants of the type of real numbers which do not come from any embedded syntactic expression. 
[Wed Dec 17 18:41:49 2014] <benzrf> hrg
[Wed Dec 17 18:42:19 2014] <benzrf> oh man i just realized
[Wed Dec 17 18:42:27 2014] <benzrf> you can't prove the least upper bound property in coq can you
[Wed Dec 17 18:42:36 2014] <benzrf> at least, not in its standard classical form
[Wed Dec 17 23:32:39 2014] <nkar> jgross_: thanks for the tips
[Wed Dec 17 23:32:54 2014] <nkar> I'll report the bug as you suggested
[Thu Dec 18 00:24:37 2014] <johnw> is there anyone here who has experience of the Haskell extraction mechanism that can help me with what looks like a major problem with extraction of a type class instance?
[Thu Dec 18 00:26:36 2014] <jrw> johnw: I have never seen good extraction of type classes.
[Thu Dec 18 00:28:56 2014] <johnw> I'm getting this extraction:
[Thu Dec 18 00:28:56 2014] <johnw> coq_IState_IMonad :: IMonad.IMonad (IState a1 () () ())
[Thu Dec 18 00:29:06 2014] <johnw> which means that the actual types I'm using with IState have been erased
[Thu Dec 18 00:29:17 2014] <johnw> and GHC has no reason not to throw away any interactions with those units
[Thu Dec 18 00:29:39 2014] <johnw> and that's indeed what I'm seeing
[Thu Dec 18 00:29:58 2014] <johnw> I'm mutating the state with "put", but then in the next action that action is undone
[Thu Dec 18 00:31:15 2014] <jrw> johnw: if you're state isn't unit then how does your code typecheck against that signature
[Thu Dec 18 00:31:41 2014] <johnw> stbind =  IMonad.ijoin (unsafeCoerce IState.coq_IState_IMonad)
[Thu Dec 18 00:31:41 2014] <johnw>     (IEndo.imap (unsafeCoerce IState.coq_IState_IFunctor) f (unsafeCoerce x))
[Thu Dec 18 00:32:02 2014] <johnw> these unsafeCoerces are throwing away my information
[Thu Dec 18 00:33:02 2014] <jrw> yeah, that's in line what I've seen
[Thu Dec 18 00:33:06 2014] <johnw> i'll see if I can fix this in the extracted code
[Thu Dec 18 00:33:19 2014] <johnw> if I replace the units with type variables, and remove the unsafeCoerces, it should work
[Thu Dec 18 00:36:27 2014] <johnw> ugh, this is nasty
[Thu Dec 18 00:36:35 2014] <johnw> there are units everywhere where I need type variables
[Thu Dec 18 00:37:36 2014] <johnw> aha, sure enough
[Thu Dec 18 00:37:47 2014] <johnw> my typeclasses' fmap :: (a -> b) -> f a -> f b in Coq
[Thu Dec 18 00:38:00 2014] <johnw> is turning in the Haskell into (() -> ()) -> f -> f
[Thu Dec 18 00:45:21 2014] <jrw> johnw: how much experience do you have extracting typeclasses. if you get it to work, I'd be really interested to hear about it.
[Thu Dec 18 00:45:32 2014] <johnw> it's not working at all
[Thu Dec 18 00:45:40 2014] <jrw> okay good. glad we're on the same page :D
[Thu Dec 18 00:45:40 2014] <johnw> in fact, it may kill this project, since I use them everywhere
[Thu Dec 18 00:45:51 2014] <johnw> I'll try disabling type optimizations and inlining
[Thu Dec 18 00:49:05 2014] <johnw> nope, did not help
[Thu Dec 18 00:49:12 2014] <johnw> (although I know for a fact that that cures other issues)
[Thu Dec 18 00:49:17 2014] <johnw> (just not with typeclasses)
[Thu Dec 18 00:51:12 2014] <jrw> johnw: maybe you could hack the extractor to extract to a fresh polymorphic variable each time instead of unit?
[Thu Dec 18 00:51:19 2014] <jrw> with the casts it already inserts this might work...
[Thu Dec 18 00:51:44 2014] <johnw> you mean, hack the ocaml code?
[Thu Dec 18 00:52:04 2014] <jrw> johnw: probably, yeah.
[Thu Dec 18 00:52:30 2014] <jrw> or maybe a bunch of custom extraction rules at the coq level for every parameterized type in your codebase.
[Thu Dec 18 00:52:59 2014] <jrw> that doesn't really make sense though. I think you'd have to go to ocaml.
[Thu Dec 18 00:57:26 2014] <johnw> is there an ssreflect repo that work against coq trunk?  if so, i could see if anything has improved
[Thu Dec 18 00:59:45 2014] <johnw> hmmm
[Thu Dec 18 00:59:50 2014] <johnw> this is a serious spanner in the works
[Thu Dec 18 01:05:36 2014] <jrw> :(
[Thu Dec 18 01:05:55 2014] <johnw> there is a lower-level layer of my code that uses no type classes
[Thu Dec 18 01:06:06 2014] <johnw> I may have to rewrite the upper layers in Haskell myself, and then use the lower layer from that code
[Thu Dec 18 01:06:11 2014] <jrw> right
[Thu Dec 18 01:06:25 2014] <johnw> to be honest, it would be a relief to do so
[Thu Dec 18 01:06:36 2014] <johnw> the upper layers are becoming too contorted by the dependent typing, too rigid
[Thu Dec 18 01:06:55 2014] <johnw> whereas the lower-level are just data structures, and so very amenable to inductive predicates and proofs
[Thu Dec 18 01:07:27 2014] <johnw> this week I was forced to write a "dependent fold" for the sake of the upper level code that was frankly an abomination
[Thu Dec 18 01:07:45 2014] <johnw> this belongs in a bestiary somewhere: https://gist.github.com/00be21b45348f9eb34e3
[Thu Dec 18 01:27:07 2014] <jrw> oof
[Thu Dec 18 06:04:13 2014] <schoppenhauer> hello. just starting to read cpdt, and on page 20 it sais:
[Thu Dec 18 06:04:17 2014] <schoppenhauer> The important metatheorems
[Thu Dec 18 06:04:20 2014] <schoppenhauer> about CIC have not been extended to the full breadth of the features that go beyond the
[Thu Dec 18 06:04:22 2014] <schoppenhauer> formalized language, but most Coq users do not seem to lose much sleep over this omission.
[Thu Dec 18 06:04:31 2014] <schoppenhauer> - what exactly does that mean?
[Thu Dec 18 06:04:50 2014] <schoppenhauer> what are those extensions?
[Thu Dec 18 09:20:35 2014] <benzrf> does the notion of provability mean anything in coq
[Thu Dec 18 09:20:36 2014] <benzrf> how does it work
[Thu Dec 18 09:20:55 2014] <Fuuzetsu> not seeing you in #agda benzrf
[Thu Dec 18 09:21:00 2014] <benzrf> i dont use agda
[Thu Dec 18 09:21:11 2014] <benzrf> oh that reminds me actually
[Thu Dec 18 09:21:31 2014] <benzrf> there are proofs that things are unprovable
[Thu Dec 18 09:21:40 2014] <benzrf> but you're still in the realm of certainty
[Thu Dec 18 09:21:49 2014] <benzrf> could there be a such thing as an infinite chain of
[Thu Dec 18 09:22:06 2014] <Fuuzetsu> …of?
[Thu Dec 18 09:22:16 2014] <benzrf> X is unprovable and you cannot prove that X is unprovable and you cannot prove that ThAT is unprovable, etc
[Thu Dec 18 09:22:33 2014] <benzrf> i guess that's not really a well defined notion
[Thu Dec 18 09:22:41 2014] <Cypi> "X is un provable" >> so...you've proved hat X is unprovable, right?
[Thu Dec 18 09:22:48 2014] <benzrf> Cypi: what i was about to say :|
[Thu Dec 18 09:23:05 2014] <benzrf> i guess i still have classical notions of inherent truth value in my brain
[Thu Dec 18 09:23:11 2014] <benzrf> :-/
[Thu Dec 18 09:23:26 2014] <Fuuzetsu> (X → ⊥) so (X → ⊥) → ⊥ and so on…?
[Thu Dec 18 09:24:14 2014] <Fuuzetsu> s/so/and/
[Thu Dec 18 09:24:18 2014] <Fuuzetsu> afk
[Thu Dec 18 09:26:19 2014] <benzrf> hmm what is Tor
[Thu Dec 18 09:26:22 2014] <benzrf> wait shit
[Thu Dec 18 09:26:26 2014] <benzrf> i got thoughts and typings confused
[Thu Dec 18 09:26:29 2014] <benzrf> what is Parameter?
[Thu Dec 18 10:04:40 2014] <ianjneu> Fuuzetsu: (X -> bot) -> bot is a monad, so it doesn't get bigger than that.
[Thu Dec 18 10:06:50 2014] <Fuuzetsu> it can, you can just join it ;P
[Thu Dec 18 19:44:42 2014] <darthdeus> is there a way to search for a theorem that would match an expression?
[Thu Dec 18 19:44:57 2014] <darthdeus> for example if I know I have one I could apply, but don't remember its name
[Thu Dec 18 19:54:47 2014] <adelbertc> SearchIsos?
[Thu Dec 18 19:54:57 2014] <adelbertc> C-c C-a C-o
[Thu Dec 18 19:55:37 2014] <adelbertc> (in PG)
[Thu Dec 18 20:08:23 2014] <darthdeus> cool, thanks :)
[Thu Dec 18 20:21:02 2014] <darthdeus> hmm this is weird, i'm not getting any results in the *response* buffer, but if it doesn't find anything it does show an error
[Thu Dec 18 20:54:57 2014] <nkar> johnw: any progress with extraction?  not that I can help, just interested in problem I may run into myself at some point.
[Thu Dec 18 20:55:11 2014] <nkar> problems*
[Thu Dec 18 22:41:01 2014] <johnw> nkar: it wasn't the bug I thought it was
[Thu Dec 18 22:41:07 2014] <johnw> the extracted code actually worked as advertised on the box
[Thu Dec 18 22:44:44 2014] <nkar> johnw: getting a little offtopic, why did you pick coq for linearscan, not idris?  just because coq's not as actively worked on?
[Thu Dec 18 22:44:55 2014] <johnw> idris was too immature, frankly
[Thu Dec 18 22:45:06 2014] <johnw> Coq has the sound metatheory I was looking for, too
[Thu Dec 18 22:45:18 2014] <johnw> I would like to see Idris used more in future
[Thu Dec 18 23:35:58 2014] <hodapp> Idris is immature?
[Thu Dec 18 23:36:09 2014] <hodapp> I've never used it, but it's on my list of things to look at
[Thu Dec 18 23:42:58 2014] <johnw> compared to Coq, yes
[Thu Dec 18 23:43:06 2014] <johnw> for the most part, Coq is a tank
[Thu Dec 18 23:43:28 2014] <johnw> my experiments with Idris left me feeling otherwise; but I intend to use it more as time goes on
[Thu Dec 18 23:51:05 2014] <hodapp> yeah, Coq definitely feels like a tank of sorts, but my knowledge in this area is pretty limited
[Thu Dec 18 23:53:08 2014] <adelbertc> i played around with idris a few days ago, was lots of fun, but didnt feel as refined as coq. granted coq's been around for much longer than idris
[Fri Dec 19 00:30:29 2014] <nkar> is it possible to use custom notation with tactics?  e.g., can I do unfold <-> (unfold iff works fine)?
[Fri Dec 19 00:34:59 2014] <nkar> okay, unfold "<->" does the trick.
[Fri Dec 19 01:47:20 2014] <nkar> could anyone suggest a theorem to test my inductive definition of True?
[Fri Dec 19 02:55:53 2014] <dbelange> what is your definition
[Fri Dec 19 02:59:57 2014] <nkar> dbelange: I'm not sure how to define it, so I tried various definitions.  This is an exercise from Software Foundations, and I'd like to solve it on my own.  I gathred I could use a theorem to check whether any of the definitions I made make sense.
[Fri Dec 19 03:00:55 2014] <nkar> The only hint that the book provides is that it's trivial to give evidence for True.
[Fri Dec 19 03:10:17 2014] <adelbertc> you should be able to give evidence for True with nothing in the context
[Fri Dec 19 03:11:15 2014] <nkar> thanks for the hint, I'll try again later.
[Fri Dec 19 03:11:23 2014] <adelbertc> what chapter is this?
[Fri Dec 19 03:11:31 2014] <nkar> Logic
[Fri Dec 19 03:11:39 2014] <nkar> Search for "Truth"
[Fri Dec 19 03:12:16 2014] <adelbertc> ah found it
[Fri Dec 19 03:13:11 2014] <Anarchos> Turing machines are models of computation without interruptions. Are there modifications of Turing machines who could model computation with interruptions ?
[Fri Dec 19 10:57:42 2014] <Anarchos> make install ====> /bin/sh: ./install.sh: Argument too big
[Fri Dec 19 13:50:06 2014] <darthdeus> is there a lemma for transforming a+1 and 1+a into S a?
[Fri Dec 19 13:50:27 2014] <darthdeus> ah sorry, I meant "a + S b -> S (a + b)"
[Fri Dec 19 13:50:36 2014] <darthdeus> I already have the first one
[Fri Dec 19 13:51:04 2014] <darthdeus> i'm not really sure how to look for there things or where to find them
[Fri Dec 19 13:52:12 2014] <benzrf> darthdeus: induce on a, i think
[Fri Dec 19 13:52:22 2014] <benzrf> oh wait
[Fri Dec 19 13:52:23 2014] <benzrf> nvm
[Fri Dec 19 13:52:30 2014] <johnw> that follows from the definition of "+"
[Fri Dec 19 13:52:33 2014] <johnw> just use simpl
[Fri Dec 19 13:53:10 2014] <darthdeus> johnw: simpl isn't working in my case
[Fri Dec 19 13:53:20 2014] <benzrf> johnw: no it doesnt
[Fri Dec 19 13:53:23 2014] <benzrf> S a + b, maybe
[Fri Dec 19 13:53:57 2014] <darthdeus> yeah but my expression has a + S b in it :P
[Fri Dec 19 13:54:36 2014] <darthdeus> oh wait, I could use plus_comm
[Fri Dec 19 13:54:58 2014] <darthdeus> though can I somehow apply that to just a part of an expression? like if I have  a <= a + S b, and I'd like to apply plus_comm on the (a + S b)
[Fri Dec 19 13:55:14 2014] <johnw> ah
[Fri Dec 19 13:55:18 2014] <johnw> plus_n_Sm is what I was thinking of
[Fri Dec 19 13:55:22 2014] <johnw> plus_n_Sm  forall n m : nat, S (n + m) = n + S m
[Fri Dec 19 13:56:21 2014] <darthdeus> johnw: yes, that one is perfect!
[Fri Dec 19 13:56:26 2014] <darthdeus> now I just need a way to apply it, hmm
[Fri Dec 19 13:56:30 2014] <johnw> rewrite plus_n_Sm
[Fri Dec 19 13:56:41 2014] <johnw> or rewrite <- plus_n_Sm
[Fri Dec 19 13:57:34 2014] <darthdeus> ahh, right
[Fri Dec 19 13:57:37 2014] <darthdeus> thanks
[Sat Dec 20 10:22:15 2014] <Fuuzetsu> what does stuff like foo%functor mean?
[Sat Dec 20 10:22:30 2014] <Fuuzetsu> syntax wise
[Sat Dec 20 10:24:11 2014] <ijp> % says which scope a particular term uses for its syntax
[Sat Dec 20 10:24:47 2014] <Fuuzetsu> ok, thanks
[Sat Dec 20 15:15:27 2014] <notdan> OK, I decided to bite it, and finally read the Chlipala's book
[Sat Dec 20 15:15:37 2014] <notdan> at least like half of it
[Sat Dec 20 15:15:39 2014] <notdan> over the holidays
[Sat Dec 20 15:15:45 2014] <johnw> nice!
[Sat Dec 20 15:15:54 2014] <johnw> I'm on my second reading now, going through more carefully this time
[Sat Dec 20 15:17:13 2014] <notdan> ok, I'll ask you questions then, johnw ;)
[Sat Dec 20 15:18:48 2014] <johnw> shoot
[Sat Dec 20 22:44:31 2014] <benzrf> can i prove that 2 types are equal
[Sat Dec 20 22:44:39 2014] <benzrf> like
[Sat Dec 20 22:45:35 2014] <benzrf> can i prove that {x : nat | x % 10 = 21 % 10} = {x : nat | x % 10 = 31 % 10}
[Sat Dec 20 22:45:45 2014] <benzrf> is that what HoTT does
[Sun Dec 21 01:35:01 2014] <nkar> if I have a theorem like this: [forall P Q : Prop, P -> Q], how should I call (in English) the [intros P] step when doing an informal proof?
[Sun Dec 21 01:36:38 2014] <nkar> if [P] is an equality, I usually say something like "assuming that P holds," but it's not going to work when [P] is, well, [P].
[Sun Dec 21 01:39:09 2014] <dbelange> this theorem looks false.  What do you mean by "informal proof"
[Sun Dec 21 01:41:30 2014] <nkar> dbelange: informal == in english.  that's how the term is used in the software foundations book.  sorry for the sloppy example.  here's a better one: [Theorem double_neg : forall P : Prop, P -> ~~P.]
[Sun Dec 21 01:41:55 2014] <nkar> (I didn't have to prove much when I was in school, so informal proofs are usually harder for me than formal ones because I always need to think whether the words I'm using make sense in the given context.)
[Sun Dec 21 01:41:55 2014] <nkar>  
[Sun Dec 21 01:43:31 2014] <nkar> the coq proof: [intros P H. unfold not. intros G. apply G. apply H. Qed.]
[Sun Dec 21 01:44:42 2014] <nkar> I understand what's going on here, but to explain that we're working backwards I need to reference the P hypothesis somehow, and I don't know how to call the intros step.
[Sun Dec 21 01:46:16 2014] <nkar> (by backwards I mean the apply G step.  we first match on the result)
[Sun Dec 21 01:47:08 2014] <nkar> that's in the logic chapter of the book, btw
[Sun Dec 21 01:48:56 2014] <dbelange> nkar: maybe you want to think about "evidence semantics"
[Sun Dec 21 01:49:51 2014] <dbelange> suppose you have evidence of P.  Produce a function that behaves as:
[Sun Dec 21 01:50:12 2014] <dbelange> INPUT: any function which maps evidence of P to a contradiction. OUTPUT: a contradiction
[Sun Dec 21 01:50:46 2014] <nkar> what's evidence semantics?
[Sun Dec 21 01:51:19 2014] <dbelange> sometimes called BHK semantics, as far as I know it's the usual "informal" way of thinking of these things.  Your book may differ
[Sun Dec 21 01:53:03 2014] <nkar> the web search shows some papers, but nothing introductory, it seems
[Sun Dec 21 01:53:11 2014] <nkar> what does BHK mean?
[Sun Dec 21 01:53:34 2014] <dbelange> brouwer-heyting-kolmogorov, three dudes' names
[Sun Dec 21 01:54:08 2014] <dbelange> anyway, this is how the actual coq proof is structured
[Sun Dec 21 01:54:34 2014] <dbelange> ~P is like having a function which maps elements of P to false
[Sun Dec 21 01:54:40 2014] <dbelange> ~~P is like having a function which maps those functions to false
[Sun Dec 21 01:55:18 2014] <dbelange> if you already have p:P, you can get a function of type ~~P
[Sun Dec 21 01:55:36 2014] <dbelange> by mapping any function f of type ~P to f(p)
[Sun Dec 21 01:56:50 2014] <nkar> I need to take a nap; get back in ~20 minutes
[Sun Dec 21 01:56:59 2014] <dbelange> I guess you could write this as "lambda p:P.lambda f:~P.fp"
[Sun Dec 21 02:26:29 2014] <nkar> sure, but it doesn't show the steps involved.
[Sun Dec 21 02:26:50 2014] <nkar> I could prove it in coq as [intros P H. unfold not. intros G. apply G in H. apply H. Qed.] and would expect to see a different informal proof.
[Sun Dec 21 02:29:05 2014] <nkar> if you look at other informal proofs in the book, they're more focused on the thing I mentioned.
[Sun Dec 21 02:32:19 2014] <nkar> here's what I've written, but I'm not satisfied because it doesn't convey the idea behind the [apply G] step: By the definition of [~], [~~P] can be expanded to (P -> False) -> False We need to show that [False] follows from [P -> False], which requires only [P], which is trivial due to the definition of the theorem.
[Sun Dec 21 02:32:29 2014] <nkar> the last part of the last sentence could use some work too
[Sun Dec 21 09:36:44 2014] <Choups314> Hello, have anyone already used dpgraph ?
[Sun Dec 21 12:24:13 2014] <benzrf> can i prove that {x : nat | x % 10 = 21 % 10} = {x : nat | x % 10 = 31 % 10}
[Sun Dec 21 13:37:58 2014] <alkabetz> I’m not convinced that’s a true statement.  A proof that x % 10 = 21 % 10 is probably not equal to a proof that x % 10 = 31 % 10, right?
[Sun Dec 21 13:45:04 2014] <benzrf> alkabetz: well they certainly imply each other
[Sun Dec 21 13:45:22 2014] <benzrf> alkabetz: the set of actual inhabitants is the same even if the proofs aren't equal
[Sun Dec 21 13:45:40 2014] <benzrf> to be precise im trying to find a way of implementing quotient types :i
[Sun Dec 21 13:53:33 2014] <jgross_> Choups314: Do you mean dpdgraph (https://anne.pacalet.fr/dev/dpdgraph/)? 
[Sun Dec 21 13:57:30 2014] <jgross_> benzrf: Does [reflexivity] prove [21 % 10 = 31 % 10]?  If yes, then [reflexivity] will also prove [{x : nat | x % 10 = 21 % 10} = {x : nat | x % 10 = 31 % 10}].  In any case, if you want quotients, read http://homotopytypetheory.org/2011/04/23/running-circles-around-in-your-proof-assistant/ and look at http://hott.github.io/HoTT/proviola-html/HoTT.hit.quotient.html 
[Sun Dec 21 16:15:58 2014] <nkar> johnw:  https://github.com/jwiegley/software-foundations doesn't work for me anymore.  did you kill it?
[Sun Dec 21 17:43:56 2014] <benzrf> jgross_: god dammit i KNEW this was a HoTT thing
[Sun Dec 21 17:44:50 2014] <benzrf> jgross_: what area of mathematics  would hott be considered part of
[Sun Dec 21 17:50:43 2014] <dbelange> it's the other way round: all mathematics is part of the magical hott foundations
[Sun Dec 21 17:52:42 2014] <benzrf> :^)
[Sun Dec 21 19:41:06 2014] <darthdeus_> hey guys, I'm curious about the assertion here https://github.com/moritanon/Coq_study/blob/master/MoreLogic.v#L63 ... isn't that basically duplicating the initial hypothesis just to apply inversion?
[Sun Dec 21 20:05:02 2014] <darthdeus_> also an unrelated question, why can I use intros on inequality? like if I have "n <> 0", I can do "intros foo" and it will work and extract a negated form as a hypothesis
[Sun Dec 21 20:05:20 2014] <dbelange> that doesn't look like the initial hypothesis
[Sun Dec 21 20:05:24 2014] <dbelange> it looks like excluded middle
[Sun Dec 21 20:06:21 2014] <Cypi> ABout inequality, [a <> b] is just [~ (a = b)], which is just [(a = b) -> False]
[Sun Dec 21 20:06:41 2014] <darthdeus_> Cypi: oh that makes sense, thanks :)
[Sun Dec 21 20:07:05 2014] <darthdeus_> dbelange: yeah, excluded_middle is the initial hypothesis
[Sun Dec 21 20:11:17 2014] <dbelange> darthdeus_: the initial assumption is universally quantified, and this is a specific instance of it
[Sun Dec 21 20:11:42 2014] <darthdeus_> dbelange: that I understand, but does it really have to duplicate the whole body in the assertion?
[Sun Dec 21 20:11:53 2014] <darthdeus_> isnt' there a tactic that just "removes" the universal quantifier?
[Sun Dec 21 20:12:31 2014] <darthdeus_> i mean if I copy paste the assumption without a quantifier, and then just use "apply" to prove it, it can't really go wrong
[Sun Dec 21 20:15:07 2014] <Cypi> You're right, you can just do something like [pose proof (H (P x)).] for example
[Sun Dec 21 20:18:30 2014] <darthdeus_> Cypi: perfect, thanks
[Sun Dec 21 20:36:02 2014] <benzrf> excluded middle can b used to write a surjection from the cantor space to the reals as a regular coq function right
[Sun Dec 21 20:36:45 2014] <benzrf> i'm thinking it's pretty trivial to write a computable surjection from the cantor space to the reals that is undefined at only 1 point
[Sun Dec 21 20:36:59 2014] <benzrf> so then you can apply LEM to check whether the input is equal to that one point
[Sun Dec 21 20:37:02 2014] <benzrf> and proceed
[Sun Dec 21 23:32:58 2014] <nkar> does coq have something like [1..5] in haskell?
[Sun Dec 21 23:38:20 2014] <benzrf> nkar: im sure u can implement it
[Sun Dec 21 23:39:42 2014] <nkar> benzrf: hi!  oh, I'd rather not do it right now.  I just wanted to translate a haskell example to coq, but the .. notation is not the point.
[Sun Dec 21 23:41:33 2014] <benzrf> kk
[Sun Dec 21 23:43:04 2014] <benzrf> is there a ble_nat
[Sun Dec 21 23:50:47 2014] <nkar> do I understand correctly that it's possible to combine patterns inside the match statement if they should result in the same thing?  e.g., match xs with | nil | _::nil => None | x::_::nil => Some x | _::xt => myButLast xt
[Sun Dec 21 23:51:32 2014] <benzrf> nkar: hmm?
[Sun Dec 21 23:51:41 2014] <benzrf> whats bein combined here?
[Sun Dec 21 23:51:52 2014] <nkar> the first two patterns
[Sun Dec 21 23:52:02 2014] <benzrf> oh
[Sun Dec 21 23:52:05 2014] <benzrf> idk :|
[Sun Dec 21 23:52:06 2014] <nkar> I omitted a None after the first nil
[Sun Dec 21 23:52:13 2014] <benzrf> fallthru
[Sun Dec 21 23:52:47 2014] <nkar> well, I proved some theorems about myButLast, so I'm pretty sure it holds
[Mon Dec 22 00:06:40 2014] <benzrf> yay my shitty quotient works
[Mon Dec 22 04:27:01 2014] <thorsten1> Hi, I fail building coq 8.4pl5 on archlinux with ocaml 4.02.1, but it says that tools/compat5.mlp and my pervasives.cmi make inconsistent assumptions: http://pastebin.com/Z1caqDNX
[Mon Dec 22 04:27:14 2014] <thorsten1> Do you have any advice how to fix this?
[Mon Dec 22 04:36:11 2014] <thorsten1> (and the git version ends in some more horrible error: DynLoader.Error ("/usr/lib/ocaml/unix.cma", "interface mismatch on String") -- so the git version does not seem to be an option...)
[Mon Dec 22 07:09:59 2014] <thorsten1> it seems i can get past that point on my other laptop. (also archlinux with ocaml 4.02.1), and I can't tell the difference
[Mon Dec 22 07:59:49 2014] <thorsten1> as it turns out, broken arch packages caused that trouble. downgrading the ocaml and the libabl-gtk2-package to the version a month ago made it work.
[Mon Dec 22 09:57:23 2014] <jgross> thorsten1: That sounds like you still have some files compiled with your old ocaml / gtk2 packages; `make` will not notice that you upgraded things, and thus need to recompile. Did you try (a) make clean, (b) make distclean, or (c) getting a fresh copy of the sources and building from there?  (Feel free to skip (a).) 
[Mon Dec 22 09:58:02 2014] <thorsten1> I always retried it with fresh sources.
[Mon Dec 22 09:58:21 2014] <thorsten1> and as written above, the problem seems to be with the distro-packages for ocaml
[Mon Dec 22 09:59:34 2014] <thorsten1> but independently: how can i define something temporarily within a proof?
[Mon Dec 22 10:00:06 2014] <thorsten1> (i.e. the tactics-equivalence for let...in...)
[Mon Dec 22 10:08:13 2014] <thorsten1> the pose-tactic seems to work.
[Mon Dec 22 10:15:49 2014] <jgross> Yes, [pose (proof-term) as hyp-name] works.  So does [refine (let hyp-name := proof-term in _].  If you're using trunk, you can do [refine (let hyp-name := _ in _)] and then define the body with tactics.  If you don't want the body available, you can do [assert (H : type)], [assert (H : type) by tactics], or [assert (H := proof-term)]. 
[Mon Dec 22 11:12:44 2014] <thorsten1> how can I tell the "Eval compute in.." (or any other evaluation) to unfold tactic-proven theorems?
[Mon Dec 22 11:19:08 2014] <thorsten1> minimal-non-working example: http://pastebin.com/WGxwjCYS
[Mon Dec 22 12:22:47 2014] <benzrf> can i pls have the axiom of choice
[Mon Dec 22 12:23:08 2014] <alkabetz> *snerk*
[Mon Dec 22 12:23:59 2014] <benzrf> [was a joek]
[Mon Dec 22 12:24:14 2014] <benzrf> to be precise i just did
[Mon Dec 22 12:24:15 2014] <benzrf> Definition quot (T : Type) (R : T -> T -> Prop) := {Q : Type | exists d : T, Q = {x : T | R x d}}.
[Mon Dec 22 12:24:29 2014] <benzrf> now if i could only aoc i could have a type inhabited by actual Ts !!
[Mon Dec 22 15:06:28 2014] <johnw> nkar: hi
[Mon Dec 22 15:07:45 2014] <nkar> hey
[Mon Dec 22 15:08:57 2014] <johnw> nkar: so, it was pointed out to me by an instructor of a class on Software Foundations, that the authors of the course wish that answers not be posted online
[Mon Dec 22 15:09:18 2014] <johnw> many of this instructors students were copying from my solutions, which made it more difficult for him to teach effectively
[Mon Dec 22 15:09:26 2014] <johnw> so I agreed to take down the repo
[Mon Dec 22 15:22:56 2014] <nkar> johnw: too bad...  I (and others, I'm pretty sure) been learning by reading them, as I said previously.  also, if some student cheats this way, you can easily find out by asking them to explain what the code is doing.  if they cheated but can explain, I don't see a problem, they learned the material.  so I'll keep publishing my solutions.
[Mon Dec 22 15:23:22 2014] <johnw> I'm happying to e-mail you a copy, nkar
[Mon Dec 22 15:24:47 2014] <johnw> nkar: it's actually the wish of the Software Foundations authors that they not be published: https://gist.github.com/8e4824bbf4204e09d949
[Mon Dec 22 15:28:48 2014] <ystael> johnw: that's regrettable, since github does not offer private repos on the free tier account
[Mon Dec 22 15:35:05 2014] <johnw> it's hard because there are multiple audiences for this material
[Mon Dec 22 15:35:20 2014] <johnw> and a frustrated student with a deadline is unlikely to worsen his grade by not looking
[Mon Dec 22 15:35:42 2014] <nkar> johnw: that's not just about me.  if I get a copy, I'll be faced with a moral dilemma: deny access to education to those who don't have the privilege to study in an ivy league school; or publish the solutions but look like a jerk in your eyes.  so I don't want to have a copy that I won't be able to share, sorry.
[Mon Dec 22 15:36:32 2014] <johnw> fair enough
[Mon Dec 22 15:36:54 2014] <nkar> some of the theorems are in the standard library, should we take it down, too?
[Mon Dec 22 15:37:01 2014] <johnw> I figure if I'm benefiting from all the work the authors of SF put into it, then I'm going to respect their wishes
[Mon Dec 22 15:37:36 2014] <Cypi> I hope the standard library is written in a more efficient style :p
[Mon Dec 22 15:38:12 2014] <nkar> don't get me wrong, I'm grateful to them, but I think this doesn't solve the cause of the problem, just the side effects.
[Mon Dec 22 15:38:34 2014] <johnw> right, the cause is inherently difficult to solve, unfortunately
[Mon Dec 22 15:39:03 2014] <Cypi> Redirect more people to #coq, that's the right thing to do :p
[Mon Dec 22 15:44:17 2014] <adelbertc> :-(
[Mon Dec 22 15:45:19 2014] <ystael> I wonder whether exercise solutions are "derivative works" in the eyes of copyright law?  I don't see a license on the web published version of SF, which I believe means the authors aren't granting any particular permission to publish derivative works
[Mon Dec 22 15:50:28 2014] <nkar> ystael: if you wget the page, you'll get the license.  it's available.
[Mon Dec 22 15:52:56 2014] <ystael> nkar: what page? i don't see it in the source of http://www.cis.upenn.edu/~bcpierce/sf/current/index.html nor toc.html
[Mon Dec 22 15:53:11 2014] <nkar> recursively, I mean
[Mon Dec 22 15:53:17 2014] <nkar> wait, I'll show you the link
[Mon Dec 22 15:53:49 2014] <nkar> http://www.cis.upenn.edu/~bcpierce/sf/current/LICENSE
[Mon Dec 22 15:54:16 2014] <johnw> sounds like a very open, BSD-type license
[Mon Dec 22 15:54:34 2014] <johnw> so legally, one is doing nothing wrong in posting their answers
[Mon Dec 22 15:54:52 2014] <johnw> I'm surprised they don't express their wishes in the LICENSE document
[Mon Dec 22 15:54:58 2014] <johnw> i should mention this to Dr. Pierce
[Mon Dec 22 15:55:14 2014] <vanila> its best that they don't
[Mon Dec 22 15:55:17 2014] <nkar> oh, please don't
[Mon Dec 22 15:55:19 2014] <johnw> why?
[Mon Dec 22 15:55:22 2014] <Cypi> Maybe they didn't expect so many people to publish their solutions at the time, or they don't want to enforce it legally
[Mon Dec 22 15:55:30 2014] <vanila> they should just ask it, not out it in the liscence
[Mon Dec 22 15:55:34 2014] <johnw> i didn't mean mention it as a legal restriction
[Mon Dec 22 15:55:55 2014] <johnw> just "and we while we ask that solutions not be posted, no restrictions are made on the use of derivative works" kindo f thing
[Mon Dec 22 15:56:07 2014] <johnw> just to make it clear
[Mon Dec 22 15:56:07 2014] <ystael> or they could, you know, say so anywhere in the text of the book
[Mon Dec 22 15:56:11 2014] <johnw> true
[Mon Dec 22 15:56:20 2014] <johnw> it's odd that it only appears in the "instructor's version"
[Mon Dec 22 15:56:29 2014] <nkar> johnw: ah, but even then it'll make the situation unclear.
[Mon Dec 22 15:56:38 2014] <vanila> I think that teachers should come to a different solution
[Mon Dec 22 15:56:59 2014] <johnw> I should embed a time-bomb in my solutions so that it screams "CHEATER" when submitted
[Mon Dec 22 15:57:09 2014] <nkar> lol
[Mon Dec 22 15:57:19 2014] <vanila> lol
[Mon Dec 22 15:57:42 2014] <benzrf> i have a idea:
[Mon Dec 22 15:57:51 2014] <benzrf> wait nvm
[Mon Dec 22 15:57:57 2014] <nkar> lol
[Mon Dec 22 15:58:04 2014] <Cypi> don't minding is a good idea
[Mon Dec 22 15:58:15 2014] <Cypi> not minding* probably
[Mon Dec 22 18:23:03 2014] <mattby> hi i'm beginning with Coq and i can#t figure out what's wrong in the following simple definition of even: http://lpaste.net/117042
[Mon Dec 22 18:25:41 2014] <Cypi> It just works here :x
[Mon Dec 22 18:26:44 2014] <mattby> hmm, weird
[Mon Dec 22 18:26:57 2014] <adelbertc> that looks like it should work
[Mon Dec 22 18:27:57 2014] <mattby> weird, i closed the ide and reopened it and now everything is fine..
[Mon Dec 22 18:29:56 2014] <mattby> but thanks for trying
[Mon Dec 22 18:30:19 2014] <benzrf> heh
[Mon Dec 22 19:36:31 2014] <Lewer> Hi, I have  a function f returning an option nat (Some n or None) and g : nat -> Prop. I'd like to define the lemma corresponding to match f x with | Some a => g(a) |None => True
[Mon Dec 22 19:36:55 2014] <Lewer> but I'm not sure that this match with in my lemma is a good idea
[Mon Dec 22 19:37:28 2014] <Lewer> I'm trying to replace it by something like f x <> None => g ...
[Mon Dec 22 19:37:35 2014] <vanila> it's not ideal but I think it's ok - you could try going with it a bit and if its tricky refactor
[Mon Dec 22 19:37:55 2014] <Lewer> but I'm stuck because I don't know how to extract the int inside the Some without a match
[Mon Dec 22 19:37:56 2014] <vanila> you can certainly have a function  forall o : option nat, o <> None -> nat
[Mon Dec 22 19:38:08 2014] <vanila> if you construct that, then use it you could write your lemma in that form
[Mon Dec 22 19:38:32 2014] <Lewer> yeah, ok
[Mon Dec 22 19:38:33 2014] <Lewer> thanks !
[Mon Dec 22 20:38:53 2014] <Lewer> Ok, I'm doing the proof. I have an hypothesis H0 : None = Some n
[Mon Dec 22 20:39:04 2014] <Lewer> I would like to derive absurdity from that
[Mon Dec 22 20:39:16 2014] <johnw> discriminate
[Mon Dec 22 20:39:29 2014] <Lewer> Oh.
[Mon Dec 22 20:39:31 2014] <johnw> now, you can also do it manually
[Mon Dec 22 20:39:33 2014] <Lewer> Thanks a lot !
[Mon Dec 22 20:39:41 2014] <johnw> one sec
[Mon Dec 22 20:40:05 2014] <johnw> go to http://adam.chlipala.net/cpdt/html/InductiveTypes.html
[Mon Dec 22 20:40:13 2014] <johnw> and search for the section "Manual Proofs About Constructors"
[Mon Dec 22 20:40:44 2014] <johnw> read that carefully, and you'll understand how to derive the absurdity yourself
[Mon Dec 22 20:45:47 2014] <johnw> if I have match compute with y => (a y, b y, c y) end, how can I prevent the extraction mechanism from extracting this as (a compute, b compute, c compute)?
[Mon Dec 22 20:45:56 2014] <johnw> I can't find a way to factor out the common subexpression manually
[Mon Dec 22 20:47:32 2014] <johnw> ah, I have to do this:
[Mon Dec 22 20:47:39 2014] <johnw> (fun y => (a y, b y, c y)) compute
[Mon Dec 22 20:49:14 2014] <Lewer> Thanks johnw, the paragraph helped me : by definining a function which maps Some p to True and None to False, I can then change the goal, rewrite and get absurdity
[Mon Dec 22 20:49:27 2014] <johnw> exactly!
[Mon Dec 22 22:05:42 2014] <thorsten1> how can I tell the "Eval compute in.." (or any other evaluation) to unfold tactic-proven theorems? minimal-non-working example: http://pastebin.com/WGxwjCYS
[Mon Dec 22 22:08:32 2014] <jrw> thorsten1: you need to end that definition with Defined. instead of Qed.
[Mon Dec 22 22:10:26 2014] <thorsten1> is there any disadvantage when just writing Defined everywhere instead of Qed?
[Mon Dec 22 22:14:59 2014] <thorsten1> awesome, that works as intended. thank you!
[Mon Dec 22 22:15:40 2014] <jrw> thorsten1: usually you write Qed for things you don't expect to be computationally relevant.
[Mon Dec 22 22:19:51 2014] <thorsten1> Ok sounds reasonable
[Mon Dec 22 22:20:28 2014] <benzrf> thorsten1: there's just Compute
[Mon Dec 22 22:26:32 2014] <thorsten1> thanks, didn't know that
[Mon Dec 22 22:47:03 2014] <Lewer> If k is of type option nat, and I want to destruct k, I will have two branches : one where k has been replaced by None, and one where k has been replaces by Some n. In the branch Some n, is there any possibility to add hypothesis k = Some(n) ?
[Mon Dec 22 22:53:59 2014] <jrw> Lewer: yes, but the method is pretty unintuitive. you can do something like this : http://pastebin.com/TZz99AxQ
[Mon Dec 22 22:54:45 2014] <jrw> in the first branch, H has type [k = Some n] and in the second it has type [k = None]
[Mon Dec 22 22:55:15 2014] <Lewer> wow
[Mon Dec 22 23:12:23 2014] <Lewer> actually I've found how to avoid doing this. I'm almost done, I have to prove p1 = p2 with H: Some (star p1)  = Some (star p2)
[Mon Dec 22 23:12:44 2014] <Lewer> (star is the unique constructor of an inductive type)
[Mon Dec 22 23:13:07 2014] <Lewer> I've tried discriminate, it does'nt work. I've tried also cut (star p1 = star p2)
[Mon Dec 22 23:13:11 2014] <jrw> Lewer: if you're in tactic mode, congruence will do it.
[Mon Dec 22 23:13:48 2014] <Lewer> oh... thanks a lot !
[Mon Dec 22 23:14:18 2014] <Lewer> It worked.
[Mon Dec 22 23:14:31 2014] <Lewer> But do you know why discriminate on star p1 = star p1 didn't ?
[Mon Dec 22 23:14:40 2014] <Lewer> star p1 = star p2
[Mon Dec 22 23:15:03 2014] <jrw> discriminate is usually for deriving a contradiction from an equality
[Tue Dec 23 05:27:30 2014] <spitters> Testing grammar/grammar.cma
[Tue Dec 23 05:27:30 2014] <spitters> Error while loading "parsing/compat.cmo": interface mismatch on Grammar.
[Tue Dec 23 05:28:08 2014] <spitters> Any ideas? I am getting warnings that some files are found in two places.
[Tue Dec 23 05:28:16 2014] <spitters> I am guessing it is a path problem.
[Tue Dec 23 05:28:39 2014] <spitters> As I am experimenting with opam, this could be interfering.
[Tue Dec 23 05:29:06 2014] <spitters> It's the latest coq from git
[Tue Dec 23 08:34:48 2014] <Gab_> Hi. I'm writing a function which should type lambda-terms. When I have an application term t:= t1 t2, let T1T2 be the type of t1, and T1 the type of t2. I would like to do a pattern matching on (T1T2, T1) as (arrow T1 T2, T1)
[Tue Dec 23 08:35:11 2014] <Gab_> But I can't because the two patterns are not independant
[Tue Dec 23 08:35:59 2014] <Gab_> I could do match (T1T2, T1) with (arrow T1 T2, T3) => match T3 with T1 =>
[Tue Dec 23 08:36:06 2014] <Gab_> but it's not really elegant...
[Tue Dec 23 09:32:00 2014] <Gab_> I don't understand how the dependant pattern matchin  "match E in x as y return U with ... " work
[Tue Dec 23 17:33:24 2014] <mattby> hi. i'm trying to prove commutativity of multiplication on natural numbers but i'm looking for a tactic to do the contrary of a simpl. see http://lpaste.net/117122
[Tue Dec 23 17:57:46 2014] <jrw> mattby: that is not "true by definition" since the definition of mult does pattern matching on the second argument, not the first. you'll need a lemma about what happens when the first argument is of the form (S _)
[Tue Dec 23 18:35:35 2014] <mattby> thanks jrw
[Tue Dec 23 18:35:51 2014] <jrw> np
[Tue Dec 23 23:28:31 2014] <nkar> has anyone done the "classical_axioms" exercise from software foundations?
[Tue Dec 23 23:28:37 2014] <nkar> from the logic chapter
[Tue Dec 23 23:29:02 2014] <nkar> it also appears in the Coq'Art book (on page 123)
[Tue Dec 23 23:31:05 2014] <vanila> yeah ive done that form coq'art
[Tue Dec 23 23:31:17 2014] <nkar> oh, cool
[Tue Dec 23 23:31:41 2014] <nkar> let me find my definition, and I'll ask a concrete question.
[Tue Dec 23 23:32:03 2014] <nkar> my biggest problem, basically, is that it doesn't seem to be enough information in the context to prove the goal
[Tue Dec 23 23:32:34 2014] <vanila> ok
[Tue Dec 23 23:32:42 2014] <vanila> do yuo want to look at a specific one
[Tue Dec 23 23:32:59 2014] <vanila> and just to check the idea is that you prove  C1 -> C2. then C2 -> C3 then ... up to Cn -> C1
[Tue Dec 23 23:33:04 2014] <vanila> which shows them all equivalent
[Tue Dec 23 23:33:13 2014] <nkar> yeah, that's what I thought
[Tue Dec 23 23:33:14 2014] <vanila> and you can pick an order you want to do them in of course
[Tue Dec 23 23:33:18 2014] <vanila> ok thats a good start!
[Tue Dec 23 23:33:28 2014] <vanila> ythey are quite difficult, some implications are weirder than others
[Tue Dec 23 23:42:27 2014] <nkar> vanila: http://dpaste.com/3YMTM9Z
[Tue Dec 23 23:42:42 2014] <vanila> oh yeah Pierce!!
[Tue Dec 23 23:42:46 2014] <vanila> That's the most evil one :D
[Tue Dec 23 23:42:48 2014] <nkar> basically, I expand everything I can and don't know what to do about it
[Tue Dec 23 23:42:50 2014] <nkar> lol
[Tue Dec 23 23:42:56 2014] <vanila> Pierce is really strange
[Tue Dec 23 23:43:01 2014] <vanila> its's sort of related to continuations, you know?
[Tue Dec 23 23:43:13 2014] <nkar> oh, interesting
[Tue Dec 23 23:43:26 2014] <nkar> one question
[Tue Dec 23 23:43:39 2014] <nkar> do I need to introduce any lemma, or do I have everything I need?
[Tue Dec 23 23:44:06 2014] <vanila> you shouldn't need any lemmas
[Tue Dec 23 23:44:22 2014] <vanila> do you know ~ ~ P is just syntax for (P -> False) -> False?
[Tue Dec 23 23:44:30 2014] <nkar> yes
[Tue Dec 23 23:44:36 2014] <nkar> I expanded the definition :)
[Tue Dec 23 23:44:39 2014] <vanila> ok great
[Tue Dec 23 23:45:27 2014] <vanila> let me try to prove this..
[Tue Dec 23 23:46:18 2014] <vanila> so (pierce P False) gives you  ((P -> False) -> P) -> P
[Tue Dec 23 23:46:35 2014] <vanila> and your goal is P, so you just need to prove (P -> False) -> P
[Tue Dec 23 23:46:52 2014] <vanila> but you have got (P -> False) -> False, which is stronger than (P -> False) -> P
[Tue Dec 23 23:47:31 2014] <vanila> you can use elimtype False. to change a goal P into False
[Tue Dec 23 23:47:52 2014] <nkar> but elimtype hasn't been covered in sf
[Tue Dec 23 23:48:03 2014] <nkar> ah wait
[Tue Dec 23 23:48:08 2014] <nkar> there's a useful lemma
[Tue Dec 23 23:48:30 2014] <nkar> ex_falso_quodlibet
[Tue Dec 23 23:49:28 2014] <nkar> which does the same when you apply it
[Tue Dec 23 23:50:01 2014] <nkar> now I apply H0.
[Tue Dec 23 23:50:39 2014] <nkar> and get  P -> False in the goal
[Tue Dec 23 23:51:48 2014] <nkar> which is the same as [not]
[Tue Dec 23 23:52:53 2014] <vanila> what is H0?
[Tue Dec 23 23:53:10 2014] <vanila> oh sorry I see
[Tue Dec 23 23:53:10 2014] <nkar> (P -> False) -> False
[Tue Dec 23 23:53:38 2014] <nkar> now I need to get P somewhere
[Tue Dec 23 23:53:45 2014] <nkar> oh wait
[Tue Dec 23 23:53:51 2014] <nkar> I could try intros
[Tue Dec 23 23:53:52 2014] <vanila> the first thing you should do is apply peirces axiom
[Tue Dec 23 23:53:57 2014] <vanila> before elimtype
[Tue Dec 23 23:54:37 2014] <nkar> wait, no more hints please
[Tue Dec 23 23:54:46 2014] <nkar> I'd like to think a bit on my own
[Wed Dec 24 00:01:00 2014] <nkar> lol
[Wed Dec 24 00:01:02 2014] <nkar> I proved it
[Wed Dec 24 00:01:39 2014] <nkar> the funny thing is that I tried to apply peirce's axiom before by specifying Q using :=, but it didn't work the way it should
[Wed Dec 24 00:03:14 2014] <vanila> good job!
[Wed Dec 24 00:03:25 2014] <vanila> so the computational interpretation is to do with continuations
[Wed Dec 24 00:03:28 2014] <vanila> (of pierce)
[Wed Dec 24 00:03:31 2014] <vanila> its really weird
[Wed Dec 24 00:04:40 2014] <benzrf> non delimited ones, i imagine
[Wed Dec 24 00:04:50 2014] <nkar> could you expand on the continuations bit?
[Wed Dec 24 00:05:12 2014] <vanila> ill try :p I don't understand it too twell yet
[Wed Dec 24 00:08:06 2014] <vanila> so in this book what they do is add a new 'proof term' (we have lambda, varables, an application)
[Wed Dec 24 00:08:48 2014] <vanila> with type rules like   x : P -> False |- M : False  ==>  /\x.M : P
[Wed Dec 24 00:09:00 2014] <vanila> so you now have lambda and this /\ thing, which can be used to prove peirces law
[Wed Dec 24 00:10:07 2014] <vanila> then when you look at how it reduces/computes its acting like call-with-current-continuation I think?
[Wed Dec 24 00:10:52 2014] <nkar> vanila: could you say this in english x : P -> False |- M : False  ==>  /\x.M : P?
[Wed Dec 24 00:10:59 2014] <vanila> a related thing is how you can embed classical logic into Coq by double negation -- that's like doing a continuation passing transform, which is how it gives you excluded middle inside there
[Wed Dec 24 00:11:27 2014] <nkar> what does |- mean?
[Wed Dec 24 00:11:47 2014] <vanila> well it's similar to how lambda works, if given x : A, m : B then \x:A. m : A -> B
[Wed Dec 24 00:11:49 2014] <nkar> I'm aware it's widely used in cs, but I'm not familiar with this notation.
[Wed Dec 24 00:12:22 2014] <vanila> you have a context or your assumptions on hte left of |-
[Wed Dec 24 00:12:25 2014] <nkar> because I haven't come across a good online introduction
[Wed Dec 24 00:12:27 2014] <vanila> and the judgement on the right
[Wed Dec 24 00:12:43 2014] <vanila> so x : A |- m : B  means that given that x has type A, you can see that m has type B
[Wed Dec 24 00:12:57 2014] <vanila> but if you changed the type of x it might break, might not typecheck or might have a different one
[Wed Dec 24 00:12:59 2014] <nkar> what does the arrow mean?
[Wed Dec 24 00:13:07 2014] <vanila> ==> is me cheating
[Wed Dec 24 00:13:11 2014] <vanila> its supposed to be
[Wed Dec 24 00:13:18 2014] <vanila> x : P -> False |- M : False
[Wed Dec 24 00:13:20 2014] <vanila> ----------------------
[Wed Dec 24 00:13:27 2014] <vanila>      //\x.M : P
[Wed Dec 24 00:13:33 2014] <vanila> but I didn't want to use up 3 lines
[Wed Dec 24 00:13:34 2014] <vanila> but anyway
[Wed Dec 24 00:13:47 2014] <vanila> what this means is that given the stuff on the top, the thing on the bottom holds
[Wed Dec 24 00:13:53 2014] <vanila> it's actually just like |- again
[Wed Dec 24 00:14:00 2014] <vanila> also this is what you see when you're proving in Coq
[Wed Dec 24 00:14:14 2014] <benzrf> -\
[Wed Dec 24 00:14:20 2014] <benzrf> oop
[Wed Dec 24 00:15:13 2014] <nkar> and how do I read the //\x.M : P?
[Wed Dec 24 00:15:20 2014] <nkar> part*
[Wed Dec 24 00:15:35 2014] <nkar> is it a lambda term of type P?
[Wed Dec 24 00:17:09 2014] <nkar> maybe I shouldn't bother with this for now
[Wed Dec 24 00:18:12 2014] <vanila> its a new binding term, different than lamda
[Wed Dec 24 00:18:49 2014] <vanila> if you add this as a new language construct it lets you prove pierce, and you can study how it acts and it turns out to be a control operator
[Wed Dec 24 00:18:57 2014] <vanila> pretty cool stuff
[Wed Dec 24 00:19:20 2014] <nkar> yes, sounds interesting, but it's probably above my head at the moment
[Wed Dec 24 00:21:18 2014] <nkar> I still struggle with continuations even though I've read quite a bit about them.  especially, call/cc is giving me headaches.  I guess I need to re-read a haskell tutorial on it, and try to expand everything by hand because it looks like magic to me.
[Wed Dec 24 00:21:41 2014] <vanila> yeah they're a really puzzle ^^
[Wed Dec 24 00:21:55 2014] <nkar> how did you learn them?
[Wed Dec 24 00:22:02 2014] <nkar> what did you read? in what language?
[Wed Dec 24 00:22:25 2014] <vanila> the best thing that helped me understand them was continuation passing style
[Wed Dec 24 00:22:34 2014] <vanila> I learned a bit abou tit from some slides about writing scheme compilers
[Wed Dec 24 00:22:42 2014] <nkar> I tried in scheme and in haskell. haskell worked better, but I still need to do what I said.
[Wed Dec 24 00:22:43 2014] <vanila> and then some of olivier danvys papers
[Wed Dec 24 00:23:18 2014] <vanila> i cant say I got my head around it all yet but i feel like I made some steps :)
[Wed Dec 24 00:23:25 2014] <vanila> SHIFT/RESET is really cool to look into too
[Wed Dec 24 00:23:32 2014] <nkar> oh...
[Wed Dec 24 00:23:37 2014] <vanila> they seem more 'pure' simpler than call/cc
[Wed Dec 24 00:23:59 2014] <nkar> did you publish the compilers?
[Wed Dec 24 00:25:04 2014] <vanila> oh i just meant marc feeleys slides
[Wed Dec 24 00:47:12 2014] <nkar> vanila: seems like I'm doing something wrong
[Wed Dec 24 00:47:14 2014] <nkar> Theorem classic_excluded_middle : classic -> excluded_middle. Proof. unfold classic. unfold excluded_middle. unfold "~". intros. left. apply H. intros. Abort.
[Wed Dec 24 00:47:27 2014] <nkar> since I cannot get P anywhere
[Wed Dec 24 00:47:58 2014] <vanila> hmcan you show me the defs of classic and excluded_middle?
[Wed Dec 24 00:48:15 2014] <vanila> oh wait i have them in this file still
[Wed Dec 24 00:48:30 2014] <nkar> yeah, I pasted them
[Wed Dec 24 00:48:52 2014] <vanila> okay so I think the trick for this is related to what I said earlier on
[Wed Dec 24 00:49:05 2014] <vanila> you can embed classical logic in intuitionistic logic by double negation
[Wed Dec 24 00:49:20 2014] <vanila> so this should be a thoerem on its own in Coq:   ~~(P \/ ~P)
[Wed Dec 24 00:49:30 2014] <vanila> and if you have that it's easy to just apply 'classic' to get P \/ ~P
[Wed Dec 24 00:50:01 2014] <vanila> so you might want to try proving ~~(P \/ ~P) as a lemma without any classic logic stuff involved
[Wed Dec 24 00:50:56 2014] <nkar> ah, I've already have the proof
[Wed Dec 24 00:51:03 2014] <vanila> hm I might be wrong about this acutally
[Wed Dec 24 00:53:24 2014] <nkar> though, I don't understand what ~~(P \/ ~P) buys me
[Wed Dec 24 00:54:14 2014] <vanila> yeah I think I made a mistake about that sorry, looking into it
[Wed Dec 24 00:55:54 2014] <vanila> oh no i was right, it's just difficult
[Wed Dec 24 00:56:38 2014] <vanila> want to compare the proofs we came up with?
[Wed Dec 24 00:56:51 2014] <vanila> http://lpaste.net/117136
[Wed Dec 24 00:56:54 2014] <nkar> of ~~(P \/ ~P)?
[Wed Dec 24 00:57:04 2014] <vanila> just of classic -> excluded_middle
[Wed Dec 24 00:57:05 2014] <nkar> sure
[Wed Dec 24 00:57:08 2014] <nkar> ah
[Wed Dec 24 00:57:10 2014] <nkar> okay
[Wed Dec 24 00:57:11 2014] <vanila> of cours eI went via ~~(P \/ ~P)
[Wed Dec 24 00:57:43 2014] <nkar> wait, I haven't proved class->excluded_middle yet :)
[Wed Dec 24 00:57:51 2014] <vanila> alright ^^
[Wed Dec 24 00:58:07 2014] <nkar> that's what I'm asking about, actually
[Wed Dec 24 00:58:13 2014] <benzrf> basically
[Wed Dec 24 00:58:16 2014] <benzrf> ~LEM -> LEM
[Wed Dec 24 00:58:25 2014] <vanila> well classic is  ~~X -> X
[Wed Dec 24 00:58:28 2014] <vanila> so if you prove P \/ ~P
[Wed Dec 24 00:58:31 2014] <vanila> sorry
[Wed Dec 24 00:58:35 2014] <benzrf> ok, so
[Wed Dec 24 00:58:40 2014] <vanila> if you prove ~~(P \/ ~P), thne classic turns that into P \/ ~P
[Wed Dec 24 00:58:43 2014] <benzrf> say foo : ~LEM -> LEM
[Wed Dec 24 00:58:44 2014] <vanila> which completes the proof
[Wed Dec 24 00:58:52 2014] <benzrf> then
[Wed Dec 24 00:59:09 2014] <benzrf> nnlem disproof := disproof (foo disproof)
[Wed Dec 24 00:59:16 2014] <benzrf> nnlem : ~~LEM
[Wed Dec 24 00:59:35 2014] <benzrf> and foo is implementable in vanilla coq
[Wed Dec 24 01:02:31 2014] <nkar> vanila: I understand that you can get P\/~P from  ~~(P \/ ~P) because ~~P -> P, but how can I used it here?
[Wed Dec 24 01:02:46 2014] <nkar> I have P\/~P in the context
[Wed Dec 24 01:02:52 2014] <nkar> so apply wouldn't work
[Wed Dec 24 01:02:59 2014] <nkar> do I need a separate lemma?
[Wed Dec 24 01:03:01 2014] <vanila> you mean just what tactics etc. to use?
[Wed Dec 24 01:03:35 2014] <nkar> oh,wait
[Wed Dec 24 01:03:35 2014] <vanila> well you know if you have a goal  P \/ ~P, then you should be able to apply classic to turn the goal into ~~(P \/ ~P)
[Wed Dec 24 01:03:39 2014] <nkar> I guess I know what to do
[Wed Dec 24 01:03:51 2014] <vanila> you might need to provide it extra vars sometimes
[Wed Dec 24 01:03:55 2014] <nkar> right, it's backwards
[Wed Dec 24 01:04:05 2014] <vanila> yeah the backwards aspect is a bit tricky!
[Wed Dec 24 01:04:19 2014] <vanila> that's why lemmas are nice, you can chain forwards with lemmas - but prove each one backwards
[Wed Dec 24 01:04:27 2014] <vanila> of course its all just preference
[Wed Dec 24 01:15:39 2014] <nkar> I've just proved it, but it was so weird
[Wed Dec 24 01:15:53 2014] <nkar> much weirder than the previous one
[Wed Dec 24 01:16:30 2014] <vanila> its so strange to think about them as functions
[Wed Dec 24 01:16:36 2014] <nkar> yeah
[Wed Dec 24 01:16:38 2014] <vanila> you can Print the proof to see how that looks by the way
[Wed Dec 24 01:18:16 2014] <nkar> lol, I fail to parse the printed function
[Wed Dec 24 01:22:16 2014] <nkar> vanila: oh, your proof is much shorter, but uses intro, exact, and assumption, which I'm not familiar with.
[Wed Dec 24 01:22:26 2014] <nkar> would you like to see mine?
[Wed Dec 24 01:22:31 2014] <vanila> yeah could be interesting
[Wed Dec 24 01:22:43 2014] <vanila> you should know about intro and assumption - i can explain them if you want
[Wed Dec 24 01:24:50 2014] <nkar> vanila: http://dpaste.com/11RZRMM
[Wed Dec 24 01:26:38 2014] <vanila> oh okay, i stepped through it
[Wed Dec 24 01:26:41 2014] <nkar> vanila: I guess I'll read about intro and assumption later.  so I don't have the temptation to use them while solving the exercises.
[Wed Dec 24 01:28:39 2014] <nkar> is there a way to unfold a term using a prettier notation?
[Wed Dec 24 01:28:50 2014] <nkar> I'd like to see ~~P rather than (P -> False) -> False
[Wed Dec 24 01:29:13 2014] <nkar> since the latter makes thinking about these things a bit harder
[Wed Dec 24 01:30:10 2014] <nkar> the theorems are defined using the pretty notation, too
[Wed Dec 24 01:30:52 2014] <vanila> there's definitely a way but I dont know it
[Wed Dec 24 01:32:52 2014] <nkar> vanila: thanks for all the tips.  especially, this one: "well you know if you have a goal  P \/ ~P, then you should be able to apply classic to turn the goal into ~~(P \/ ~P)"
[Wed Dec 24 01:33:00 2014] <nkar> without it I wouldn't be able to prove it
[Wed Dec 24 01:33:08 2014] <vanila> np :)
[Wed Dec 24 10:52:57 2014] <Choups314> Hello
[Wed Dec 24 10:53:17 2014] <Choups314> To prove something like this [forall z:Z, {z=0} + {z<>0}], do I really have to unfold the definition of Z ?
[Wed Dec 24 11:31:18 2014] <Choups314> Also, is there a kind of workaround to use the [cut] tactic in an hypothesis ? (In fact I would like to simplify [a + - a = _] in an hypothesis, so I thought it would be good to use the Zegal_left to do it)
[Wed Dec 24 16:19:27 2014] <benzrf> why is unit tt
[Wed Dec 24 16:19:34 2014] <benzrf> why not unit_val or something
[Wed Dec 24 16:19:35 2014] <benzrf> whats tt
[Wed Dec 24 16:22:52 2014] <jrw> benzrf: the single inhabitant of the type T (aka: top, 1, True) has historically been called tt. in programming that type is more often called unit, but its isomorphic to T, and so the name tt kind of makes sense.
[Wed Dec 24 16:23:03 2014] <benzrf> h-huh
[Wed Dec 24 16:34:15 2014] <nkar> adelbertc: I've been wondering why you called the constructor of True tt.  now I know :)
[Wed Dec 24 16:48:48 2014] <adelbertc> :-)
[Wed Dec 24 16:49:39 2014] <nkar> adelbertc: btw, after you hint, I managed to define it on my own.  thanks!
[Wed Dec 24 17:02:02 2014] <adelbertc> Np!
[Thu Dec 25 07:18:19 2014] <alephnull> I'm in trouble with lambda calculus pls help me: is n f x= f(f(...f x...))(composed n times) is really lambda term?
[Thu Dec 25 07:47:01 2014] <taupe> Could someone please help me with working through this basic proof: Theorem andb_eq_orb : forall (b c : bool), (andb b c = orb b c) -> b = c.
[Thu Dec 25 07:49:11 2014] <taupe> I seem to be falling down when choosing the hypothesis. I would like to be able to assume b = c and then use the destruct tactic
[Thu Dec 25 07:49:50 2014] <taupe> I proved the contrapositive: Lemma andb_eq_orb_inv : forall (b c : bool), (b = c) -> andb b c = orb b c.
[Thu Dec 25 07:49:50 2014] <taupe> Proof. intros. rewrite -> H. destruct c. reflexivity. reflexivity. Qed.
[Thu Dec 25 07:51:49 2014] <taupe> But I am unaware of a way to apply that to the form of the proposition I am trying to solve.
[Thu Dec 25 07:52:06 2014] <taupe> *trying to prove.
[Thu Dec 25 08:16:53 2014] <Cypi> taupe : andb_eq_orb_inv is not the contrapositive, it's the converse of andb_eq_orb
[Thu Dec 25 08:17:14 2014] <Cypi> Anyway, to prove andb_eq_orb, you can still use destruct, by destructing over b and c.
[Thu Dec 25 08:24:20 2014] <taupe> Cypi: Thank you for correcting me. When I tried to do this I get a contradiction.
[Thu Dec 25 08:25:20 2014] <Cypi> If you have to prove something like [false = true], then hopefully your hypotheses are inconsistent. Here, it's the case. If you have an hypothesis like [false = true], you can use the tactic inversion to prove your goal.
[Thu Dec 25 08:33:14 2014] <taupe> intros. destruct b. destruct c. Gives 3 subgoals and one of the subgoals is invalid (it belongs to one of the two cases where orb b c does not equal andb b c) This should be excluded by the constraint (andb b c = orb b c)
[Thu Dec 25 08:33:43 2014] <Cypi> You have to tell Coq thi with inversion
[Thu Dec 25 08:34:01 2014] <Cypi> this*
[Thu Dec 25 08:47:02 2014] <taupe> Cypi: Thanks for your help.
[Thu Dec 25 11:24:10 2014] <hodapp> ooh, Coq'Art is free as a PDF... in French
[Thu Dec 25 11:24:37 2014] <hodapp> I don't grok French though (yeah, that's crazy when I use Coq, I know)
[Thu Dec 25 16:47:51 2014] <adelbertc> found this today if anyone is interested: https://twitter.com/onepaperperday/status/548231212666736641
[Thu Dec 25 16:51:09 2014] <nkar> thanks for sharing, I bookmarked it
[Thu Dec 25 19:05:34 2014] <eraserhd> Anyone want to look at some - probably terrible - newbie Coq code and give feedback or advice?
[Thu Dec 25 19:05:40 2014] <johnw> sure
[Thu Dec 25 19:06:29 2014] <eraserhd> Here is what I have: https://gist.github.com/eraserhd/4faee58869f5c55333b7
[Thu Dec 25 19:06:54 2014] <eraserhd> _Any_ feedback is welcome.
[Thu Dec 25 19:07:01 2014] <eraserhd> er, _All_, I mean.
[Thu Dec 25 19:07:24 2014] <eraserhd> But I'm stumped at trying to prove something forall l : letter.
[Thu Dec 25 19:07:51 2014] <johnw> I think all_nat_ge_0 is already available  as le_O or something
[Thu Dec 25 19:08:22 2014] <johnw> where are you stumped, which line?
[Thu Dec 25 19:08:47 2014] <eraserhd> I seem to have deleted it.
[Thu Dec 25 19:09:04 2014] <johnw> also, maybe just Definition letterT := Fin.t 26.
[Thu Dec 25 19:09:10 2014] <johnw> you don't really need to mirror the type
[Thu Dec 25 19:09:22 2014] <johnw> s/T//
[Thu Dec 25 19:10:13 2014] <eraserhd> Yeah, that makes sense.  I was thinking I could make the 26 not a parameter, but that didn't work.
[Thu Dec 25 19:10:49 2014] <eraserhd> OK, I added the theorem I want to prove at the end.  I can't do "induction l." because it wants something to match letterT 27.
[Thu Dec 25 19:12:36 2014] <johnw> perhaps then induction on b?
[Thu Dec 25 19:12:46 2014] <eraserhd> Er, the error is "Abstracting over terms "26" and "l" leads to a term ... which is ill-typed.
[Thu Dec 25 19:12:48 2014] <johnw> or on "diamond l"
[Thu Dec 25 19:13:06 2014] <eraserhd> Oh.
[Thu Dec 25 19:13:10 2014] <eraserhd> Hrmm.
[Thu Dec 25 19:13:11 2014] <johnw> when you get that error, you can try "dependent induction"
[Thu Dec 25 19:13:22 2014] <eraserhd> What is dependent induction?
[Thu Dec 25 19:13:24 2014] <johnw> you'll have to import Coq.Program.Tactics
[Thu Dec 25 19:13:33 2014] <johnw> it adds some tricks to work around that abstraction problem
[Thu Dec 25 19:13:44 2014] <johnw> it will bring in the JMeq axiom though
[Thu Dec 25 19:13:59 2014] <johnw> no, Coq.Program.Equality
[Thu Dec 25 19:14:06 2014] <johnw> i generally avoid it
[Thu Dec 25 19:14:54 2014] <johnw> gotta head out now
[Thu Dec 25 19:14:59 2014] <johnw> i'll leave the rest to others
[Thu Dec 25 19:15:04 2014] <eraserhd> Neat.  OK.  I think induction on (diamond l) is getting me somewhere.
[Thu Dec 25 19:15:53 2014] <eraserhd> Hrmm.  I didn't look in Fin for useful things.
[Thu Dec 25 19:16:42 2014] <schoppenhauer> is there a list of all axioms of homotopy type theory?
[Thu Dec 25 19:17:02 2014] <schoppenhauer> axioms, derivation rules, etc.
[Thu Dec 25 19:17:46 2014] <schoppenhauer> because in the HoTT book there is a lot, and I have to admit I did not read it entirely. but on-the-fly I could not find such a list.
[Thu Dec 25 19:30:00 2014] <Saizan> schoppenhauer: the appendix has the rules iirc
[Thu Dec 25 19:31:13 2014] <schoppenhauer> Saizan: seems like. I'll read it.
[Thu Dec 25 19:31:24 2014] <schoppenhauer> (I did not expect it to be in the appendix)
[Thu Dec 25 19:39:42 2014] <schoppenhauer> Saizan: ok ... thisis not really what I hoped to find ...
[Thu Dec 25 19:40:32 2014] <schoppenhauer> but well
[Thu Dec 25 19:40:35 2014] <schoppenhauer> probably all there is.
[Thu Dec 25 19:40:41 2014] <schoppenhauer> thx.
[Thu Dec 25 19:45:45 2014] <schoppenhauer> they define natural numbers there ... wtf?
[Thu Dec 25 19:46:20 2014] <schoppenhauer> other inductive types are handled "similar" ...
[Thu Dec 25 21:58:15 2014] <eraserhd> If I have f (match _ with | A => x), how do I rewrite to (match _ with | A => f x)? not lazy beta.
[Thu Dec 25 22:09:37 2014] <benzrf> eraserhd: could you destruct _
[Thu Dec 25 22:13:12 2014] <eraserhd> benzrf: yeah, that's what I'm doing.  I's hoping not to solve so many cases.
[Thu Dec 25 22:14:08 2014] <benzrf> eek
[Thu Dec 25 22:17:32 2014] <eraserhd> ?
[Thu Dec 25 22:18:06 2014] <johnw> he wants to distribute over the 'f'
[Thu Dec 25 23:03:17 2014] <eraserhd> er, it's just unfolding f?
[Thu Dec 25 23:04:07 2014] <eraserhd> No, duh.  Prolly time for me to sleep.
[Thu Dec 25 23:24:03 2014] <jrw> eraserhd: if I wanted to do that rewrite, I'd prove it as a lemma (specific to the discriminated type, unfortunately) and then rewrite with it. the proof of that lemma is by destruct on the discriminee, but when you rewrite with it no destruct is necessary.
[Thu Dec 25 23:53:33 2014] <benzrf> hmm
[Fri Dec 26 11:32:31 2014] <xavierm02> Hi. Is it possible to include a module inside another without explicitly redeclaring all the fields? Thank you in advance for your answers.
[Fri Dec 26 11:41:20 2014] <johnw> xavierm02: sure, use "Include"
[Fri Dec 26 11:48:30 2014] <xavierm02> I hadn't even tried that because it's not listed in coqide >_<. Thanks :)
[Fri Dec 26 12:11:36 2014] <Choups314> Hello !
[Fri Dec 26 12:12:03 2014] <Choups314> Do you know how to specify the semantic of a user-defined tactic (Ltac) ?
[Fri Dec 26 12:13:04 2014] <Choups314> I mean, how do I define a tactic      mytactic  arg1 in arg2  ? (arg1 and arg2 are arguments, and the in  keyword should be always provided)
[Fri Dec 26 12:23:31 2014] <johnw> use Tactic Notation
[Fri Dec 26 12:23:37 2014] <johnw> or Notation Tactic, one of thoes two
[Fri Dec 26 12:28:51 2014] <Choups314> Ok thanks !
[Fri Dec 26 12:39:01 2014] <cmr> I'm getting a syntax error I don't understand with https://gist.github.com/cmr/4a8ecf47ac8f9b0fc325, on line 3 at the =>, "Syntax error: [constr:lconstr] expected after "=>" (in [eqn])."
[Fri Dec 26 12:41:04 2014] <Ptival> cmr: did you Import ListNotations. ?
[Fri Dec 26 12:41:43 2014] <Ptival> [] and :: are notations for nil and cons
[Fri Dec 26 13:08:26 2014] <cmr> Ptival: hm, that does seem to be the problem, since when I use nil/cons explicitly it works fine. I don't see a ListNotations in https://coq.inria.fr/distrib/current/stdlib/ and when I go try to import it I get "ListNotations is not a module"
[Fri Dec 26 13:14:25 2014] <johnw> Require Import List.
[Fri Dec 26 13:14:31 2014] <johnw> Import ListNotations.
[Fri Dec 26 13:14:37 2014] <johnw> then you can use [] and ::
[Fri Dec 26 13:14:53 2014] <johnw> nil and cons are imported by default
[Fri Dec 26 13:15:05 2014] <cmr> indeed
[Fri Dec 26 13:15:07 2014] <cmr> thanks!
[Fri Dec 26 13:20:38 2014] <xavierm02> Hi. I hadn't noticet that FSets didn't have maps so I did stuff with them but now I need maps and since I'd prefer avoiding to redo all the proofs, I'm trying to make a functor that goes from the old OrderedType to the new  one. But I'm not sure of how to use both in the same file. I tried this but it doesnt seem to work : http://pastebin.com/dP1HsvXG Thanks in advance for your answers.
[Fri Dec 26 13:20:55 2014] <johnw> FSets have maps
[Fri Dec 26 13:20:58 2014] <johnw> FSetAVL
[Fri Dec 26 13:21:31 2014] <cmr> -/b 15
[Fri Dec 26 13:28:32 2014] <xavierm02> I meant in Msets. I have modules that verify the interface OrderedType compatible with MSets and I want to be able to use stuff from FSets (maps).
[Fri Dec 26 14:26:05 2014] <xavierm02> Nevermind. I used Module instead of Module Type and that caused the error.
[Sat Dec 27 11:22:25 2014] <eraserhd> Is there a way to apply a tactic like cbv to a sub-expression explicitly?
[Sat Dec 27 17:56:51 2014] <jgross> eraserhd: You can do something like [let x := constr:($subexpression) in let y := (eval cbv in x) in change x with y] 
[Sun Dec 28 00:18:27 2014] <benzrf> how does negation and double negation work with equalities and inequalities in coq
[Sun Dec 28 00:23:43 2014] <jrw> benzrf: what do you mean?
[Sun Dec 28 00:33:52 2014] <benzrf> jrw: what rules of derivation may i use
[Sun Dec 28 00:34:39 2014] <jrw> still not sure what you mean.
[Sun Dec 28 00:34:47 2014] <benzrf> jrw: can i get x > y from ~(x < y \/ x <> y)
[Sun Dec 28 00:34:49 2014] <benzrf> er
[Sun Dec 28 00:34:54 2014] <benzrf> jrw: can i get x > y from ~(x < y) /\ (x <> y)
[Sun Dec 28 00:35:08 2014] <benzrf> jrw: and more generally which conversions am i allowed to do
[Sun Dec 28 00:35:51 2014] <jrw> oh, that's what you meant by "inequality" not a <> b
[Sun Dec 28 00:36:35 2014] <jgross> benzrf: You may be looking for [Locate "<"], [Locate "<>"], and [Print $name_of_constant].  These are all defined inside of Coq, not primitive notions; the rules follow from the general rules about inductive types. 
[Sun Dec 28 00:36:48 2014] <jrw> benzrf: easy answer is you can do any conversion you can prove :)
[Sun Dec 28 00:36:54 2014] <benzrf> jgross: i know, but i'm lazy 8D
[Sun Dec 28 00:37:02 2014] <benzrf> jrw: sorry
[Sun Dec 28 00:37:27 2014] <jrw> benzrf: you may find it instructive to prove some of those conversions you mentioned "by hand"
[Sun Dec 28 00:37:32 2014] <jrw> ie, without omega
[Sun Dec 28 00:38:45 2014] <benzrf> hm
[Sun Dec 28 00:39:43 2014] <jgross> The "cheating" answer is that, with <, <>, etc (for natural numbers), you can do anything you can do classically, because these relations are decidable.  You have double-negation elimination for decidable relations, because LEM -> DNE, even when restricted to individual propositions (that is, forall P, (P \/ ~P) -> (~~P -> P)). 
[Sun Dec 28 00:40:18 2014] <benzrf> aha
[Sun Dec 28 00:41:27 2014] <benzrf> oooh because there is a proof of forall x y : nat, x < y \/ x = y \/ x > y
[Sun Dec 28 00:41:30 2014] <benzrf> neat!
[Sun Dec 28 09:13:37 2014] <Choups314> Hi !
[Sun Dec 28 09:14:12 2014] <Choups314> I have an hypothesis x<>1, and my goal is x=1
[Sun Dec 28 09:14:18 2014] <Choups314> How can I show the contradiction ?
[Sun Dec 28 09:14:52 2014] <Cypi> Basically, you have to prove False. So you'd better have a contradiction in your hypotheses :)
[Sun Dec 28 09:20:50 2014] <Choups314> Cypi: Ho I see what you mean ... that's why  I turned round. ^^
[Sun Dec 28 09:21:04 2014] <notdan> Choups314: what else do you have inyour context?
[Sun Dec 28 09:21:27 2014] <Choups314> notdan: https://imgur.com/fDaowWn
[Sun Dec 28 09:22:38 2014] <notdan> I don't think it's provable
[Sun Dec 28 09:22:55 2014] <Cypi> I think it is, I just don't know how to do it because I never worked with Z in Coq
[Sun Dec 28 09:23:10 2014] <Cypi> H /\ n /\ n0 is indeed inconsistent in Z.
[Sun Dec 28 09:23:20 2014] <notdan> oh
[Sun Dec 28 09:23:25 2014] <notdan> Yeah you are right, sorry
[Sun Dec 28 09:23:42 2014] <notdan> try `omega' or `ring'?
[Sun Dec 28 09:24:31 2014] <Choups314> Actualy, that was my original goal :   forall (x y : Z), x * y = 1 -> ((x = 1) /\ (y = 1)) \/ ((x = -1) /\ (y = -1)).
[Sun Dec 28 09:25:07 2014] <Choups314> So i split in three cases : x=1  |   x=-1  | (x<>1 and x<>-1)
[Sun Dec 28 09:25:22 2014] <Choups314> The first two are easy to prove
[Sun Dec 28 09:25:55 2014] <Choups314> And I think I have to do the same thing with y
[Sun Dec 28 09:26:10 2014] <Choups314> Then it would make 5 cases
[Sun Dec 28 09:37:11 2014] <Choups314> Just forget what I said about these 5 cases ..
[Sun Dec 28 09:37:30 2014] <Choups314> Prove the inconsistency is enough
[Sun Dec 28 09:42:10 2014] <Choups314> notdan : Is it possible to use omega or ring in an hypothesis ?
[Sun Dec 28 09:46:04 2014] <notdan> Hm I don't think so. How would that work?
[Sun Dec 28 09:46:21 2014] <notdan> Hm, weird, I think omega should be able to solve "x * y = 1 -> x = 1 \/ x = -1"
[Sun Dec 28 09:50:03 2014] <notdan> Ok, I might be doing something wrong, because on my set up, omega couldnt even solve x*y = 1 -> y * x = 1
[Sun Dec 28 09:51:25 2014] <Choups314> I don't think omega can solve such an equation, but I don't really now about it ..
[Sun Dec 28 09:53:00 2014] <notdan> Ah, right, omega can only handle addtition ):
[Sun Dec 28 16:52:11 2014] <benzrf> i can think of a few ways of excrutiatingly-manually doing this but does anybody know an elegant method:
[Sun Dec 28 16:52:14 2014] <benzrf>   Trans : transitive T R
[Sun Dec 28 16:52:16 2014] <benzrf>   Equiv : R d d'
[Sun Dec 28 16:52:19 2014] <benzrf>   ============================
[Sun Dec 28 16:52:21 2014] <benzrf>    {x : T | R x d} = {x : T | R x d'}
[Sun Dec 28 16:59:21 2014] <Saizan> you also need simmetry, i think?
[Sun Dec 28 17:00:19 2014] <Saizan> uh, no, i misread
[Sun Dec 28 17:03:31 2014] <benzrf> Saizan: =)
[Sun Dec 28 17:08:15 2014] <benzrf> Saizan: i try to apply (fun x xd => Trans x d d' xd Equiv).
[Sun Dec 28 17:08:25 2014] <benzrf> Saizan: but it's not top-level
[Sun Dec 28 17:08:42 2014] <benzrf> and besides apply probably isnt relevant here
[Sun Dec 28 17:08:48 2014] <benzrf> maybe i should just do it the refine route :\
[Sun Dec 28 17:10:31 2014] <Saizan> it seems like you'd need univalence to me
[Sun Dec 28 17:13:50 2014] <benzrf> Saizan: rly?
[Sun Dec 28 17:14:02 2014] <benzrf> i feel like i asked about this before and managed to prove it
[Sun Dec 28 17:14:13 2014] <benzrf> oh that might have been for a slightly different case...
[Sun Dec 28 17:14:26 2014] <benzrf> * checks
[Sun Dec 28 17:16:48 2014] <benzrf> Saizan: ahh
[Sun Dec 28 17:17:29 2014] <benzrf> Saizan: what i had that worked before was f x = f d :|
[Sun Dec 28 17:17:47 2014] <benzrf> so i generalized it since that was R x d := f x = f d
[Sun Dec 28 17:18:19 2014] <benzrf> to be very specific,
[Sun Dec 28 17:18:24 2014] <benzrf> {x : nat | x % 10 = 21 % 10} = {x : nat | x % 10 = 31 % 10}
[Sun Dec 28 17:20:05 2014] <benzrf> and that's simplifiable
[Sun Dec 28 17:20:24 2014] <benzrf> Saizan: univalence allows P <-> Q -> P = Q or something?
[Sun Dec 28 17:25:58 2014] <Saizan> yeah, when P and Q are propositional
[Sun Dec 28 17:58:27 2014] <benzrf> Saizan: onice
[Sun Dec 28 17:59:01 2014] <benzrf> is there something like extensionality for sigma types
[Sun Dec 28 18:19:37 2014] <benzrf> is coq suited to hott
[Sun Dec 28 21:58:24 2014] <benzrf> h-how do i convert Z -> nat
[Sun Dec 28 22:07:28 2014] <jrw> benzrf: there's something like Z.to_nat iirc
[Sun Dec 28 22:07:43 2014] <jrw> depends on what you want to do about negative elements of Z
[Sun Dec 28 22:07:54 2014] <jrw> I think Z.to_nat sends all negatives to 0
[Sun Dec 28 22:08:45 2014] <benzrf> where do i get Z :|
[Sun Dec 28 22:08:52 2014] <benzrf> what do i import, rather
[Sun Dec 28 22:35:30 2014] <jrw> benzrf: ZArith I think?
[Sun Dec 28 22:35:39 2014] <benzrf> i-i imported that
[Sun Dec 28 22:35:50 2014] <benzrf> Coq < Require Import ZArith.
[Sun Dec 28 22:35:51 2014] <benzrf> Coq < Check Z.to_nat.
[Sun Dec 28 22:35:51 2014] <benzrf> Toplevel input, characters 6-14:
[Sun Dec 28 22:35:53 2014] <benzrf> etc
[Sun Dec 28 22:36:12 2014] <jrw> benzrf: how about [Search (Z -> nat).] ?
[Sun Dec 28 22:36:24 2014] <jrw> or maybe SearchAbout
[Sun Dec 28 22:36:31 2014] <jrw> can never remember when you need one or the other
[Sun Dec 28 22:37:08 2014] <benzrf> huh
[Sun Dec 28 22:37:24 2014] <benzrf> aha
[Sun Dec 28 22:37:29 2014] <benzrf> thanks :-)
[Mon Dec 29 22:51:02 2014] <benzrf> hmm
[Mon Dec 29 22:51:20 2014] <benzrf> is it possible to do something like the berry paradox in coq
[Mon Dec 29 22:51:30 2014] <benzrf> i assume you can't embed coq within coq, but
[Mon Dec 29 22:51:43 2014] <benzrf> maybe if you embed a simpler language?
[Mon Dec 29 22:51:45 2014] <benzrf> :?
[Wed Dec 31 01:54:27 2014] <thorsten`> how can I make an evaluatable definition within a proof? Concrete: my code looks like: Definition unneeded_def: A. Proof. Bla. Defined. Theorem ...Proof. ex_intro with (x := unneeded_def). Defined.   How can i get rid of the name unneeded_def?
[Wed Dec 31 01:55:51 2014] <thorsten`> note that assert (unneeded_def: A). is not enough, because then I can't compute unneeded_def
[Wed Dec 31 01:58:00 2014] <thorsten`> The answer was: the tactic Let does this.
[Wed Dec 31 02:21:25 2014] <nkar> hello
[Wed Dec 31 02:22:13 2014] <benzrf> ellllo
[Wed Dec 31 02:22:18 2014] <nkar> can't I use [inversion P as [HP|NHP] on [forall P : Prop, P \/ ~P]?
[Wed Dec 31 02:22:35 2014] <nkar> ]*
[Wed Dec 31 02:22:54 2014] <nkar> coq complains that H is not inductive
[Wed Dec 31 02:23:30 2014] <benzrf> nkar: isn't that destruct that you want
[Wed Dec 31 02:23:44 2014] <nkar> but it's in the hypothesis
[Wed Dec 31 02:23:56 2014] <nkar> ah wait
[Wed Dec 31 02:24:00 2014] <benzrf> :)
[Wed Dec 31 02:24:20 2014] <benzrf> also,
[Wed Dec 31 02:24:22 2014] <benzrf> >LEM
[Wed Dec 31 02:29:14 2014] <nkar> after [destruct H as [HP|HNP]] coq says it cannot find an instance for [P]
[Wed Dec 31 02:29:26 2014] <nkar> can't it just add a forall?
[Wed Dec 31 02:30:27 2014] <benzrf> hhuh
[Wed Dec 31 02:30:30 2014] <benzrf> wait, what?
[Wed Dec 31 02:30:38 2014] <benzrf> nkar: that's not how it works, bub
[Wed Dec 31 02:30:45 2014] <nkar> anyway, that's probably not what I should do
[Wed Dec 31 02:31:07 2014] <benzrf> nkar: a function from P to P \/ ~P cannot yield a function from P to ~P or a function from P to P
[Wed Dec 31 02:31:16 2014] <benzrf> see how it works
[Wed Dec 31 02:32:09 2014] <nkar> ah, right, you cannot get two at the same time
[Wed Dec 31 02:32:19 2014] <nkar> that's what \/ is for
[Wed Dec 31 02:32:51 2014] <benzrf> nkar: you can destruct the output for some given P
[Wed Dec 31 02:34:23 2014] <nkar> but cannot I consider ~P and P separately?
[Wed Dec 31 02:34:28 2014] <nkar> like with left and right
[Wed Dec 31 02:34:32 2014] <nkar> but in the hypothesis
[Wed Dec 31 02:36:16 2014] <benzrf> nkar: well yes
[Wed Dec 31 02:36:21 2014] <benzrf> nkar: if you apply LEM to something
[Wed Dec 31 02:37:56 2014] <nkar> hm, here's my goal, and I'm not sure how to proceed
[Wed Dec 31 02:38:00 2014] <nkar>    (forall P : Prop, P \/ (P -> False)) -> forall P Q : Prop, ((P -> False) /\ (Q -> False) -> False) -> P \/ Q
[Wed Dec 31 02:38:00 2014] <nkar>  
[Wed Dec 31 02:38:12 2014] <nkar> after intros, I mean
[Wed Dec 31 02:39:05 2014] <benzrf> nkar: personally i'd reason by cases on P and Q
[Wed Dec 31 02:39:10 2014] <benzrf> 's truth values
[Wed Dec 31 02:39:21 2014] <benzrf> destruct (LEM P).
[Wed Dec 31 02:39:54 2014] <benzrf> then destruct (LEM Q).
[Wed Dec 31 02:40:02 2014] <benzrf> in the branches where it becomes necessary
[Wed Dec 31 02:40:32 2014] <benzrf> nkar: so either you end up with a proof of P, a proof of Q, or both, so you can exit
[Wed Dec 31 02:40:42 2014] <benzrf> nkar: or you get ~P /\ ~Q, so you can inversion
[Wed Dec 31 02:41:29 2014] <nkar> ugh, I didn't know you can apply things inside [destruct]
[Wed Dec 31 02:42:40 2014] <benzrf> well, why not?
[Wed Dec 31 02:42:49 2014] <benzrf> you apply it to an expression
[Wed Dec 31 02:42:55 2014] <nkar> yeah, I understand
[Wed Dec 31 02:43:03 2014] <benzrf> kk
[Wed Dec 31 02:43:21 2014] <nkar> I just haven't tought about it and never seen an example of doing so
[Wed Dec 31 02:43:33 2014] <benzrf> hmmmmmmmmmmmm
[Wed Dec 31 02:44:31 2014] <benzrf> night
[Wed Dec 31 02:44:34 2014] <nkar> o/
[Wed Dec 31 02:44:39 2014] <benzrf> \o
[Wed Dec 31 02:44:41 2014] <benzrf> night
[Wed Dec 31 03:10:38 2014] <nkar> benzrf: proved it.  basically, I needed to apply LEM twice: first with (P:=Q), then with (P:=P), so I could get both ~P and ~Q in the hypothesis.  after that the proof is trivial.
[Wed Dec 31 06:18:47 2014] <Choups314> Hi !
[Wed Dec 31 06:21:07 2014] <Choups314> I have a definition like [Definition id : forall (a : Type), predicate a -> Type]
[Wed Dec 31 06:21:51 2014] <Choups314> And I try to define something like : [Definition id2 : id varA.]
[Wed Dec 31 06:22:13 2014] <Choups314> But I don't know how to give the proof of the [predicate a] ..
[Wed Dec 31 06:28:29 2014] <Choups314> Nevermind, It's just like parameters
[Thu Jan  1 07:40:27 2015] <esennesh> hello?
[Thu Jan  1 07:48:00 2015] <esennesh> sorry, I've got a fairly simple question about implementing a module of some given module type.  In the original module type (it's parameterized over some more modules / a functor) I actually define some useful machinery.  When implementing the module type in a real module, how do I access that machinerY/
[Thu Jan  1 07:48:02 2015] <esennesh> *?
[Thu Jan  1 17:08:43 2015] <arvisrend> hi guise
[Thu Jan  1 17:08:48 2015] <arvisrend> any idea why this line:
[Thu Jan  1 17:08:49 2015] <arvisrend> COQC -nois theories/Init/Notations.v
[Thu Jan  1 17:08:57 2015] <arvisrend> is taking eternity when i make-install coq under cygwin?
[Thu Jan  1 17:09:11 2015] <arvisrend> and when i say "taking eternity" i mean "probably freezing"
[Thu Jan  1 17:17:37 2015] <negatratoron> ^ it's the halting problem we face every day
[Thu Jan  1 17:21:20 2015] <osa1_> it's been a while since last time I wrote Coq ... any ideas why I'm not getting inductive hypothesis here http://lpaste.net/117590 ?
[Thu Jan  1 17:43:46 2015] <osa1_> any indeas what kind of relation is it talking about in 0.3 (f) here: http://adam.chlipala.net/cpdt/ex/exercises.pdf ?
[Thu Jan  1 17:52:12 2015] <johnw-> you'll need to define your own function, of type bool -> bool -> Prop
[Thu Jan  1 17:58:00 2015] <osa1_> johnw-: can't I just use eq(=) ?
[Thu Jan  1 17:58:16 2015] <johnw-> "Your proof here should not be about the standard equality =, but rather about some new equality relation that you define"
[Thu Jan  1 17:58:40 2015] <osa1_> I can see that, I'm asking why it has to be a new relation?
[Thu Jan  1 17:58:47 2015] <johnw-> I don't know, ask Adam :)
[Thu Jan  1 17:59:12 2015] <johnw-> i imagine once you try to do it, it may become clearer
[Thu Jan  1 17:59:19 2015] <johnw-> like, do it with eq first
[Thu Jan  1 17:59:24 2015] <johnw-> then see if you can change it to do without
[Thu Jan  1 18:01:45 2015] <osa1_> johnw-: btw, I think type of the equality relation here is not bool -> bool -> Prop, it's tree bool -> tree bool -> Prop.
[Thu Jan  1 18:03:03 2015] <johnw-> ah, fair enough
[Thu Jan  1 18:04:03 2015] <osa1_> I'll need to re-read the coinductive chapter of cpdt
[Thu Jan  1 18:14:26 2015] <hodapp> I really need to read... all chapters of CPDT >_>
[Thu Jan  1 18:14:36 2015] <hodapp> debating that, reading HoTT, or learning about Idris
[Thu Jan  1 20:04:04 2015] <arvisrend> fucking hell
[Thu Jan  1 20:04:17 2015] <arvisrend> now i've taken the current version from github and make install fails at a different point
[Thu Jan  1 20:04:30 2015] <arvisrend> install: cannot stat ‘bin/coqdep.exe’: No such file or directory
[Thu Jan  1 20:04:31 2015] <arvisrend> etc
[Thu Jan  1 20:04:43 2015] <arvisrend> "cannot stat"? how hard can it be to stat something?
[Thu Jan  1 20:45:37 2015] <johnw-> when it doesn't exist, extremely hard
[Fri Jan  2 01:04:10 2015] <johnw> hmm.. I must be missing something.  This is proving tricky: a <> b -> b <> c -> a <> c
[Fri Jan  2 01:08:57 2015] <alkabetz> Probably because it’s not true: Consider a = 0, b = 1, c = 0.
[Fri Jan  2 01:20:52 2015] <johnw> well, there you go
[Fri Jan  2 01:21:14 2015] <johnw> this tells me that bedtime is well past, good night!
[Fri Jan  2 01:21:26 2015] <alkabetz> :) Good night!
[Fri Jan  2 01:22:26 2015] <ijp> Axiom thdp : False.
[Fri Jan  2 16:32:55 2015] <benzrf> why does this complain about exp not being in scope:
[Fri Jan  2 16:32:55 2015] <benzrf> Notation "{exp | a : A, cond}" := (sigf A _ (fun a : A => cond) (fun a : A => exp)).
[Fri Jan  2 16:33:13 2015] <johnw> use a space after {
[Fri Jan  2 16:33:20 2015] <benzrf> o.O
[Fri Jan  2 16:33:20 2015] <johnw> or did you want "{exp" to be the notation?
[Fri Jan  2 16:33:33 2015] <benzrf> interesting
[Fri Jan  2 16:33:38 2015] <benzrf> * doesnt actualoly know the Notation syntax
[Fri Jan  2 16:33:43 2015] <johnw> use spaces around all operators
[Fri Jan  2 16:33:48 2015] <johnw> { exp | a : A , cond }
[Fri Jan  2 16:33:48 2015] <benzrf> ok!
[Fri Jan  2 16:33:57 2015] <benzrf> indicidentally does sigf already exist
[Fri Jan  2 16:34:06 2015] <benzrf> Inductive sigf : forall A B : Type, (A -> Prop) -> (A -> B) -> Type :=
[Fri Jan  2 16:34:06 2015] <benzrf> | existF : forall (A B : Type) (P : A -> Prop) (f : A -> B) (a : A), P a -> sigf A B P f.
[Fri Jan  2 16:34:11 2015] <benzrf> *incidentally
[Fri Jan  2 16:34:20 2015] <johnw> i can't make sense out of it by looking
[Fri Jan  2 16:34:21 2015] <johnw> what does it do?
[Fri Jan  2 16:34:35 2015] <benzrf> it's like sig but the type carries a function that is hypothetically applied to the contents
[Fri Jan  2 16:34:41 2015] <benzrf> like in math you can write something along the lines of
[Fri Jan  2 16:34:53 2015] <benzrf> {x + 1 | x ∈ ℕ, odd x}
[Fri Jan  2 16:35:07 2015] <johnw> ah, a list comprehension basically
[Fri Jan  2 16:35:14 2015] <benzrf> i suppose so!
[Fri Jan  2 16:35:15 2015] <johnw> ssreflect has this
[Fri Jan  2 16:35:20 2015] <benzrf> interesting
[Fri Jan  2 16:35:21 2015] <johnw> I don't think that stdlib does
[Fri Jan  2 16:35:27 2015] <benzrf> to be precise
[Fri Jan  2 16:35:32 2015] <benzrf> i was writing something that was like
[Fri Jan  2 16:35:57 2015] <benzrf> {t : Type | exists d : DataType, t = <type expressoin depending on d>}
[Fri Jan  2 16:36:02 2015] <benzrf> and i wanted to be able to do
[Fri Jan  2 16:36:17 2015] <benzrf> {<type expression depending on d> | d : DataType}
[Fri Jan  2 16:36:28 2015] <benzrf> or something along those lines.
[Fri Jan  2 16:37:05 2015] <benzrf> elements of the type are clearly the same as sig in practice, but then types are distinguished based on the function
[Fri Jan  2 16:37:30 2015] <benzrf> so {x + 1 | x : nat, odd x} is not the same as {x | x : nat, odd x}
[Fri Jan  2 16:39:03 2015] <johnw> why not just map over the latter?
[Fri Jan  2 16:39:15 2015] <johnw> map (plus 1) {x | x : nat, odd x}
[Fri Jan  2 16:47:14 2015] <benzrf> johnw: huh
[Fri Jan  2 16:47:20 2015] <benzrf> th-that's a thing you can do?
[Fri Jan  2 16:47:23 2015] <johnw> why not?
[Fri Jan  2 16:47:27 2015] <benzrf> Error: The reference map was not found in the current environment.
[Fri Jan  2 16:47:43 2015] <johnw> Import List
[Fri Jan  2 16:47:47 2015] <johnw> Require Import List
[Fri Jan  2 16:48:02 2015] <benzrf> map : forall A B : Type, (A -> B) -> list A -> list B
[Fri Jan  2 16:48:19 2015] <benzrf> {x : nat | odd x} : Type
[Fri Jan  2 16:48:31 2015] <johnw> so, what does your syntax represent?
[Fri Jan  2 16:48:40 2015] <johnw> some coinductive list or something?
[Fri Jan  2 16:48:47 2015] <benzrf> no lists involved
[Fri Jan  2 16:48:53 2015] <johnw> rather than ganging everything up into a special notation
[Fri Jan  2 16:49:00 2015] <benzrf> it's just a sigma type
[Fri Jan  2 16:49:04 2015] <johnw> oh
[Fri Jan  2 16:49:07 2015] <johnw> du
[Fri Jan  2 16:49:09 2015] <johnw> duh
[Fri Jan  2 16:49:26 2015] <benzrf> but the type also carries a function whose domain is the type you're constraining
[Fri Jan  2 16:49:37 2015] <johnw> I see now, sorry, I was confused
[Fri Jan  2 16:49:49 2015] <benzrf> it represents the image of the sigma type under the function
[Fri Jan  2 16:49:56 2015] <johnw> you want to return "add 1 to some odd number"
[Fri Jan  2 16:50:08 2015] <benzrf> actually this probably isnt the best way to do it
[Fri Jan  2 16:50:20 2015] <benzrf> 2 nonequal functions could have identical images
[Fri Jan  2 16:50:31 2015] <benzrf> but the types would be considered different
[Fri Jan  2 16:50:33 2015] <benzrf> poo
[Fri Jan  2 16:50:35 2015] <johnw> how about: { x : nat & (odd x * x + 1)%type }
[Fri Jan  2 16:50:54 2015] <benzrf> ?
[Fri Jan  2 16:51:02 2015] <benzrf> x + 1 is not a type
[Fri Jan  2 16:51:07 2015] <johnw> grr
[Fri Jan  2 16:51:12 2015] <johnw> how about: { x : nat & (odd x, x + 1) }
[Fri Jan  2 16:51:15 2015] <johnw> i'm too distracted, I'll stop now
[Fri Jan  2 16:51:26 2015] <johnw> that doesn't work either
[Fri Jan  2 16:52:07 2015] <benzrf> well what i'm really looking for is a type constructor such that 2 fully applied versions of it will be equal iff the sets they are meant to represent are equal
[Fri Jan  2 16:52:21 2015] <benzrf> oh wait
[Fri Jan  2 16:52:25 2015] <benzrf> i know how to do that, duuh
[Fri Jan  2 16:54:23 2015] <benzrf> Definition img {A B} (P : A -> Prop) (f : A -> B) = {i : B | exists p : A, f p = i /\ P p}
[Fri Jan  2 16:54:40 2015] <benzrf> well...
[Fri Jan  2 16:54:45 2015] <benzrf> hm
[Fri Jan  2 16:56:30 2015] <benzrf> oh man
[Fri Jan  2 16:56:37 2015] <benzrf> that's just what i had before :|
[Fri Jan  2 16:56:44 2015] <benzrf> i invented sigf to avoid that >.>
[Fri Jan  2 16:56:47 2015] <benzrf> oh well!
[Fri Jan  2 16:58:15 2015] <johnw> yay, full circle
[Fri Jan  2 17:43:56 2015] <darthdeus_> hey guys, any idea why C-c C-a C-o doesn't show any results when searching for a pattern, but doing SearchRewrite for the same pattern returns results?
[Fri Jan  2 17:45:42 2015] <johnw> did you surround the pattern with parens?
[Fri Jan  2 17:45:48 2015] <johnw> is it a rewrite rule?
[Fri Jan  2 23:24:49 2015] <nkar> how can I specify multiple variables in [destruct ... with ...]?  what's the proper syntax for [destruct H with (P:=P) (Q:=Q)]?
[Fri Jan  2 23:25:04 2015] <johnw> what do P and Q do in this context?
[Fri Jan  2 23:25:17 2015] <johnw> do you mean: destruct (H (P:=P) (Q:=Q))
[Fri Jan  2 23:25:50 2015] <nkar> hi, johnw!
[Fri Jan  2 23:25:52 2015] <nkar> yes, that's probably the same thing.  let me try that
[Fri Jan  2 23:25:58 2015] <nkar> oh, what do you mean by "do"?
[Fri Jan  2 23:26:20 2015] <nkar> wait
[Fri Jan  2 23:26:21 2015] <nkar> lol
[Fri Jan  2 23:26:35 2015] <johnw> I'm not sure how you want to "apply" P and to what
[Fri Jan  2 23:26:45 2015] <johnw> is it an argument to H?
[Fri Jan  2 23:27:01 2015] <nkar> so, [destruct H with (P:=P) (Q:=Q)] is the right syntax.  I discovered it while asking the question :)
[Fri Jan  2 23:27:14 2015] <johnw> ah, ok
[Fri Jan  2 23:27:25 2015] <johnw> the other syntax probably works too
[Fri Jan  2 23:27:50 2015] <nkar> nope, it doesn't
[Fri Jan  2 23:28:03 2015] <johnw> k, good to know :)
[Fri Jan  2 23:31:21 2015] <nkar> unfortunately, that command doesn't do the right thing.  I have this hypothesis: H : forall P Q : Prop, (P -> Q) -> (P -> False) \/ Q and my goal is Q.  can I apply/simplify H somehow?
[Fri Jan  2 23:31:58 2015] <johnw> I don't think you can
[Fri Jan  2 23:32:06 2015] <johnw> since H needs Q in order to prove Q
[Fri Jan  2 23:32:42 2015] <nkar> so, do I need both P and Q in the context?
[Fri Jan  2 23:32:54 2015] <nkar> I have P and (P -> Q) -> P.
[Fri Jan  2 23:32:56 2015] <nkar> right now
[Fri Jan  2 23:33:17 2015] <johnw> I can't see any way of getting Q
[Fri Jan  2 23:34:18 2015] <nkar> okay, I'll figure it out.  it's [implies_to_or -> peirce] from sf if you're interested in trying on your own
[Fri Jan  2 23:34:48 2015] <nkar> oh, you probably already proved it.  I forgot that you're leading this race :)
[Fri Jan  2 23:41:26 2015] <johnw> yeah, so, there's a trick with that one
[Fri Jan  2 23:41:37 2015] <johnw> it lies in the fact that you can say what P is
[Fri Jan  2 23:41:39 2015] <nkar> hmm, turns out I can apply H to (P -> Q) -> P.
[Fri Jan  2 23:41:54 2015] <nkar> (both are in the context)
[Fri Jan  2 23:42:10 2015] <johnw> ah, I see my proof of it
[Fri Jan  2 23:42:21 2015] <johnw> I had to walk away from that one for months before I came back to it and did it
[Fri Jan  2 23:42:32 2015] <johnw> you can also say what Q is
[Fri Jan  2 23:42:37 2015] <nkar> hehe
[Fri Jan  2 23:43:45 2015] <nkar> proving some of these five theorems is mind-blowing in some way, it's like a maze of propositions
[Fri Jan  2 23:44:01 2015] <johnw> yeah
[Fri Jan  2 23:48:17 2015] <benzrf> johnw that's nonsensical
[Fri Jan  2 23:48:42 2015] <benzrf> stop confusing parameter names with types !
[Fri Jan  2 23:48:50 2015] <benzrf> the 2 qs are being used in diferent ways
[Fri Jan  2 23:53:19 2015] <nkar> I have H0: [(P -> Q) -> P] and H: [forall P Q : Prop, (P -> Q) -> (P -> False) \/ Q].  [apply H in H0] results in [((P -> Q) -> False) \/ P], so [Q] gets instantiated to [P], what is the instance of [P]?  how does it work?
[Fri Jan  2 23:53:58 2015] <benzrf> nkar: no, thats not whats hapening
[Fri Jan  2 23:54:08 2015] <nkar> oh, glad that I asked
[Fri Jan  2 23:54:16 2015] <nkar> could you explain then?
[Fri Jan  2 23:54:17 2015] <benzrf> oh, wait
[Fri Jan  2 23:54:26 2015] <benzrf> nkar: yes, Q is instantiated to P
[Fri Jan  2 23:54:39 2015] <benzrf> nkar: P is instantiated to P -> Q
[Fri Jan  2 23:57:27 2015] <nkar> but why?  I don't have [P -> Q], I have [(P -> Q) -> P] and [P] in the context.  and I cannot apply the former to the latter (or the other way around).
[Fri Jan  2 23:57:34 2015] <benzrf> huh?
[Fri Jan  2 23:57:43 2015] <benzrf> nkar: you can appliy H to any 2 propositions
[Fri Jan  2 23:57:45 2015] <benzrf> that's its type
[Fri Jan  2 23:58:02 2015] <benzrf> nkar: a-are you unfamiliar with the curry-howard correspondence
[Fri Jan  2 23:59:29 2015] <nkar> I know what it is, but I cannot say that I'm familiar with it.
[Sat Jan  3 00:00:09 2015] <nkar> also, I understand that I can apply H to any 2 propositions.  that's not what I'm asking about.
[Sat Jan  3 00:00:22 2015] <benzrf> ok..
[Sat Jan  3 00:00:27 2015] <johnw> nkar: remember, P and Q are just names in that hypothesis
[Sat Jan  3 00:00:30 2015] <johnw> free variables
[Sat Jan  3 00:00:36 2015] <nkar> yes, I understand that
[Sat Jan  3 00:00:40 2015] <johnw> you need to prove Q, and it has the form forall P. ... -> P
[Sat Jan  3 00:03:00 2015] <nkar> well, I'm still failing to follow.  could you explain what happens when I apply H to H0?
[Sat Jan  3 00:03:17 2015] <johnw> what I'm saying is, what happens if you pass P:=Q
[Sat Jan  3 00:03:53 2015] <johnw> as in, destruct H with (P:=P) (Q:=P)
[Sat Jan  3 00:03:59 2015] <johnw> err
[Sat Jan  3 00:04:02 2015] <johnw> as in, destruct H with (P:=Q) (Q:=Q)
[Sat Jan  3 00:04:12 2015] <nkar> let me try this
[Sat Jan  3 00:04:17 2015] <johnw> one of those two
[Sat Jan  3 00:05:38 2015] <nkar> I get 3 subgoals either way.  the current goal is either [P->P] or [Q->Q].
[Sat Jan  3 00:06:08 2015] <johnw> well, that should be easy then :)
[Sat Jan  3 00:06:14 2015] <nkar> the other two both Q.
[Sat Jan  3 00:06:34 2015] <benzrf> womp womp
[Sat Jan  3 00:06:43 2015] <johnw> anyway, this is the avenue I went down, so keep pushing
[Sat Jan  3 00:08:38 2015] <nkar> oh, but that doesn't answer my question: "what happens when I apply H to H0?"
[Sat Jan  3 00:08:50 2015] <johnw> I don't know the context to answer that question
[Sat Jan  3 00:08:59 2015] <johnw> i must have missed something
[Sat Jan  3 00:09:34 2015] <nkar> I have H0: [(P -> Q) -> P] and H: [forall P Q : Prop, (P -> Q) -> (P -> False) \/ Q].  [apply H in H0] results in [((P -> Q) -> False) \/ P], so [Q] gets instantiated to [P], what is the instance of [P]?  how does it work?
[Sat Jan  3 00:09:40 2015] <nkar> that's my question
[Sat Jan  3 00:10:06 2015] <benzrf> P is instantiated tp P -> Q
[Sat Jan  3 00:10:27 2015] <johnw> ah, I see
[Sat Jan  3 00:10:30 2015] <johnw> he's right
[Sat Jan  3 00:10:38 2015] <johnw> P:=(P -> Q) Q:=P
[Sat Jan  3 00:11:30 2015] <nkar> but I don't have P->Q in the context.  isn't it required?
[Sat Jan  3 00:11:53 2015] <johnw> oh, maybe P:=((P -> Q) -> P)
[Sat Jan  3 00:12:00 2015] <johnw> actually, that makes more sense
[Sat Jan  3 00:12:10 2015] <johnw> apply H in H0 is the same thing as passing H0 as the first argument to H
[Sat Jan  3 00:12:43 2015] <nkar> okay, let me try to substitute step by step
[Sat Jan  3 00:16:38 2015] <nkar> I get forall Q : Prop, (((P->Q)->P) -> Q) -> (((P->Q)->P) -> False) \/ Q, how does coq instantiate [Q]?  does it use the other hypothesis I have, that is, [H1: P]?
[Sat Jan  3 00:16:51 2015] <johnw> what I'm saying is, don't do that
[Sat Jan  3 00:16:57 2015] <johnw> try: specialize (H P P).
[Sat Jan  3 00:17:20 2015] <johnw> that's another way of passing arguments to a hypothesis with free variables in the context
[Sat Jan  3 00:18:41 2015] <nkar> sure, I can do that, but I'm still interested how it works.
[Sat Jan  3 00:19:22 2015] <nkar> my goal is not to prove this by any means, the process is also important.  otherwise, I won't learn much.
[Sat Jan  3 00:20:11 2015] <johnw> that's the right spirit
[Sat Jan  3 00:20:15 2015] <johnw> so, then I've said enough
[Sat Jan  3 00:20:30 2015] <johnw> you should know enough now to figure it all out from here
[Sat Jan  3 00:20:57 2015] <nkar> lol, okay
[Sat Jan  3 01:10:53 2015] <nkar> okay, I proved it with [destruct with (P:=P) (Q:=P)], but I still don't understand the requirements for the instances of P and Q.  do I need to have them in the context as P:Prop, Q:Prop, or what?
[Sat Jan  3 01:11:23 2015] <nkar> I'm sorry for reiterating, but I'd really like to understand this.
[Sat Jan  3 01:22:20 2015] <benzrf> nkar: H is a function
[Sat Jan  3 01:22:24 2015] <benzrf> you are providing it with arguments
[Sat Jan  3 01:22:42 2015] <benzrf> forall is a keyword used to write function types
[Sat Jan  3 01:25:08 2015] <nkar> this is clear
[Sat Jan  3 01:25:16 2015] <godel> forall = pi
[Sat Jan  3 01:25:26 2015] <godel> maybe you are familiar with that notation
[Sat Jan  3 01:25:31 2015] <nkar> nope
[Sat Jan  3 01:27:16 2015] <benzrf> nkar: were you sarcastically saying "this is clear"
[Sat Jan  3 01:27:17 2015] <benzrf> or
[Sat Jan  3 01:27:20 2015] <benzrf> do you already know this
[Sat Jan  3 01:27:39 2015] <nkar> not sarcastically
[Sat Jan  3 01:34:01 2015] <nkar> okay, I think I got it: I can pass any "combinations" of Props as long I've "considered" them (using [intros])
[Sat Jan  3 01:34:34 2015] <godel> yes
[Sat Jan  3 01:34:50 2015] <godel> you can think about it in two ways:
[Sat Jan  3 01:35:00 2015] <godel> typing
[Sat Jan  3 01:35:39 2015] <godel> and math. Usually you start arguments saying "Let ..."
[Sat Jan  3 01:38:05 2015] <nkar> so, here's my H again: [forall P Q : Prop, (P -> Q) -> (P -> False) \/ Q].  if I use [destruct H with (P:=P->P->P->P) (Q:=Q->Q->Q).], the first subgoal becomes [P->P->P->P->Q->Q->Q], the second becomes [P], and the third also [P], why?
[Sat Jan  3 01:38:40 2015] <nkar> sorry, the first subgoal is [(P->P->P->P)->Q->Q->Q]
[Sat Jan  3 01:39:29 2015] <godel> do you know what destruct does?
[Sat Jan  3 01:40:12 2015] <nkar> performs case analysis, but I was also told that in this case it's the same as applying a function.
[Sat Jan  3 01:40:42 2015] <nkar> [destruct b] where (b:bool) is clear to me, for instance
[Sat Jan  3 01:40:59 2015] <godel> yea, I think it uses recursion on the type
[Sat Jan  3 01:40:59 2015] <nkar> an additional complication might be that we're destructing a hypothesis here
[Sat Jan  3 01:41:02 2015] <nkar> not the goal
[Sat Jan  3 01:41:45 2015] <nkar> I'm familiar with recursion, but what's "recursion on the type"?
[Sat Jan  3 01:42:01 2015] <godel> suppose you have a type A
[Sat Jan  3 01:42:19 2015] <godel> and you have another type, suppose B
[Sat Jan  3 01:42:28 2015] <godel> if you want a function B->A
[Sat Jan  3 01:42:40 2015] <godel> you usually use the recursion of A to construct it
[Sat Jan  3 01:42:53 2015] <godel> something like induction, but nondependent
[Sat Jan  3 01:43:31 2015] <nkar> but a function is not just its type
[Sat Jan  3 01:43:41 2015] <godel> nkar: for example, take the type Nat. it has constructors 0 : Nat, S : Nat->Nat
[Sat Jan  3 01:43:42 2015] <nkar> how can we "construct" it using just the type?
[Sat Jan  3 01:45:38 2015] <nkar> okay, I think I'm starting to understand, but I'm still failing to see how it's relevant to the "subgoals" question.
[Sat Jan  3 01:45:50 2015] <godel> nkar: let me think about it
[Sat Jan  3 01:46:10 2015] <godel> nkar: once you understand what destruct does in general, you will understand it
[Sat Jan  3 01:47:11 2015] <benzrf> nkar: destruct on something that is a function will destruct the result, i believe
[Sat Jan  3 01:47:24 2015] <benzrf> not sure
[Sat Jan  3 01:47:31 2015] <godel> yes
[Sat Jan  3 01:47:48 2015] <godel> destruct lets you "use" the result
[Sat Jan  3 01:48:18 2015] <nkar> yeah, I've done that in the goal before.  maybe it's hard to follow because the hypothesis is too general.
[Sat Jan  3 01:49:08 2015] <nkar> like when I needed to get rid of the match statement.  instead of performing induction on the argument of a function, I just destructed the whole thing.
[Sat Jan  3 01:50:11 2015] <godel> yes, destruct is the nondependent version of the induction, so in finite types it let's you do case analysis; e.g. bool
[Sat Jan  3 01:52:54 2015] <nkar> will it be hard to explain nondependent in this context?  I don't really know what a dependent type is other than quoting "it's a type that depends on its value," which may or may not be wrong.  I haven't encountered any explanation in software foundations so far
[Sat Jan  3 01:53:20 2015] <benzrf> w01:50 < godel> yes, destruct is the nondependent version of the induction, so in finite types it let's you do case  analysis; e.g. bool
[Sat Jan  3 01:53:23 2015] <benzrf> godel: what
[Sat Jan  3 01:53:28 2015] <benzrf> i'm sorry what?
[Sat Jan  3 01:53:33 2015] <benzrf> that's ridiculous
[Sat Jan  3 01:53:40 2015] <godel> benzrf: why?
[Sat Jan  3 01:53:48 2015] <benzrf> it has nothing to do with being dependent
[Sat Jan  3 01:53:55 2015] <godel> maybe I said something stupid, I think that's correct
[Sat Jan  3 01:54:08 2015] <benzrf> destruct vs induction is just induction gives you an induction hypothesis
[Sat Jan  3 01:54:16 2015] <benzrf> nothing to do with dependent types
[Sat Jan  3 01:54:47 2015] <godel> benzrf: I'm speaking strictly from a strictly type theoretically point of view
[Sat Jan  3 01:55:03 2015] <benzrf> * does not know type theory
[Sat Jan  3 01:55:07 2015] <benzrf> seriously, though
[Sat Jan  3 01:55:16 2015] <benzrf> how is induction dependent in a way that destruct isnt ?!
[Sat Jan  3 01:55:42 2015] <godel> benzrf: let me think how to explain (don't know much coq!!)
[Sat Jan  3 01:56:54 2015] <nkar> I have to go, thanks for the interesting conversation, at least for me :)
[Sat Jan  3 01:57:10 2015] <benzrf> bye
[Sat Jan  3 01:59:28 2015] <godel> benzrf: an example of the difference
[Sat Jan  3 01:59:35 2015] <godel> consider the pair type
[Sat Jan  3 01:59:42 2015] <godel> (a,b) : AxB
[Sat Jan  3 01:59:54 2015] <godel> the recursion of that type es
[Sat Jan  3 02:02:17 2015] <godel> rec_AxB : \forall C . (A->B->C) -> AxB -> C
[Sat Jan  3 02:02:49 2015] <godel> so,give me a type C, give me a function of type A->B->C and I give you a function of type AxB -> C
[Sat Jan  3 02:03:14 2015] <godel> That's why I said previously you use recursion to construct functions on the type
[Sat Jan  3 02:04:02 2015] <benzrf> that's not recursion...?
[Sat Jan  3 02:04:03 2015] <godel> now, induction on the other hand, has a much more complicated type signature
[Sat Jan  3 02:04:09 2015] <benzrf> that's a destructor/eliminator
[Sat Jan  3 02:04:19 2015] <godel> ok
[Sat Jan  3 02:04:25 2015] <godel> and what do you call recursion benzrf?
[Sat Jan  3 02:04:34 2015] <benzrf> when you recurse??
[Sat Jan  3 02:04:43 2015] <godel> it's just a name
[Sat Jan  3 02:04:49 2015] <godel> recursion vs. induction
[Sat Jan  3 02:05:07 2015] <benzrf> recursion is when you have a value defined in terms of itself
[Sat Jan  3 02:05:12 2015] <godel> I don't really know the origin of the name, it is called like that
[Sat Jan  3 02:05:17 2015] <benzrf> o.O
[Sat Jan  3 02:05:26 2015] <godel> haha
[Sat Jan  3 02:05:26 2015] <benzrf> anyway, induction is when the handler is passed a base case
[Sat Jan  3 02:05:52 2015] <godel> mh
[Sat Jan  3 02:06:04 2015] <godel> it depends on the type
[Sat Jan  3 02:06:14 2015] <godel> the induction of Nat has a base case
[Sat Jan  3 02:06:26 2015] <godel> the induction of product type (AxB) does not
[Sat Jan  3 02:07:33 2015] <godel> it is not actually a "base case", it's just that way because of how Nat is constructed
[Sat Jan  3 02:07:36 2015] <godel> 0 : Nat
[Sat Jan  3 02:07:40 2015] <godel> S : Nat -> Nat
[Sat Jan  3 02:07:56 2015] <benzrf> er
[Sat Jan  3 02:07:56 2015] <benzrf> shit
[Sat Jan  3 02:07:58 2015] <benzrf> not a base case
[Sat Jan  3 02:08:01 2015] <benzrf> i meant an induction hypothesis
[Sat Jan  3 02:08:18 2015] <godel> what do you mean by that?
[Sat Jan  3 02:08:25 2015] <godel> induction hypotesis
[Sat Jan  3 02:08:30 2015] <benzrf> ach
[Sat Jan  3 02:08:33 2015] <benzrf> i dont have time for this
[Sat Jan  3 02:08:36 2015] <benzrf> i need to sleep
[Sat Jan  3 02:08:37 2015] <godel> haha
[Sat Jan  3 02:08:39 2015] <godel> ok
[Sat Jan  3 02:08:46 2015] <godel> let's continue tomorrow
[Sat Jan  3 02:08:58 2015] <godel> I'm deeply interested on this
[Sat Jan  3 16:20:26 2015] <benzrf> is this a recommended way of approaching topology in coq https://gist.github.com/andrejbauer/d31e9666d5f950dd8ccd
[Sat Jan  3 16:23:51 2015] <godel> benzrf: it seems good
[Sat Jan  3 16:23:57 2015] <godel> you can try HoTT too
[Sun Jan  4 07:52:14 2015] <atzeus> Hiya!
[Sun Jan  4 07:53:54 2015] <atzeus> I have a very basic question : If I try "Section streams.   Variable A : Type.    CoInductive stream : Type :=   | Cons : A -> stream -> stream. End streams.  CoFixpoint trues_falses : stream bool := Cons true falses_trues" I keep getting the error The term "0" has type "nat" while it is expected to have type "Type".
[Sun Jan  4 07:54:26 2015] <atzeus> Even though I got the code from http://adam.chlipala.net/cpdt/html/Coinductive.html
[Sun Jan  4 07:54:36 2015] <atzeus> Anybody know what's wrong?
[Sun Jan  4 07:56:32 2015] <atzeus> Sorry I mean with "CoFixpoint zeroes : stream nat := Cons 0 zeroes. "
[Sun Jan  4 08:02:15 2015] <atzeus> never mind I fixed it :)
[Sun Jan  4 08:15:29 2015] <atzeus> Apperantly it is fixed by set implicit arguments
[Sun Jan  4 11:32:14 2015] <MarcWeber> H: true = false  goal true = false. Which tactic disregards this case because the hypothesis is not satisfied?
[Sun Jan  4 11:33:04 2015] <benzrf> MarcWeber: inversion.
[Sun Jan  4 11:33:53 2015] <benzrf> MarcWeber: but also since the goal is the same as the hypothesis you can just use exact H.
[Sun Jan  4 13:39:12 2015] <nkar> MarcWeber: to elaborate a bit, when a hypothesis doesn't make sense, any goal can be proved, so inversion moves to the next one (if any).
[Sun Jan  4 14:01:15 2015] <johnw> MarcWeber: discriminate
[Sun Jan  4 14:01:37 2015] <johnw>  which I believe inversion applies to every subgoal to eliminate the impossibles
[Sun Jan  4 14:01:59 2015] <johnw> discriminate says that an equality between different constructors is the same as False
[Sun Jan  4 14:02:37 2015] <nkar> hi, johnw.  how's linearscan going?
[Sun Jan  4 14:03:13 2015] <johnw> I'm at the point now of writing tests in Haskell to confirm correctness of the extracted library
[Sun Jan  4 14:03:31 2015] <johnw> I have 9 out of 10 tests working, and after I fixed the 10th one today am going to integrate the library into our real compiler
[Sun Jan  4 14:03:46 2015] <johnw> after that, if it's able to work on simple code examples, I will then start creating trickier tests
[Sun Jan  4 14:03:57 2015] <nkar> which compiler?
[Sun Jan  4 14:04:15 2015] <johnw>  a private in-house compiler at the moment, but which will be released on github at some point soon
[Sun Jan  4 14:04:25 2015] <nkar> sweetness!
[Sun Jan  4 14:04:29 2015] <johnw>  it targets a custom machine architecture that we've been working on
[Sun Jan  4 14:04:54 2015] <nkar> is it releated to the crash-safe project?
[Sun Jan  4 14:05:01 2015] <Anarchos> johnw mmix ? (i dream to see a real one of that !)
[Sun Jan  4 14:05:10 2015] <johnw> haha
[Sun Jan  4 14:05:20 2015] <johnw> no, this: http://www.crash-safe.org
[Sun Jan  4 14:05:42 2015] <nkar> this project is the state of the art
[Sun Jan  4 14:05:47 2015] <nkar> so cool
[Sun Jan  4 14:06:04 2015] <johnw> it was a DARPA contract, in its last months now
[Sun Jan  4 14:24:40 2015] <Anarchos> johnw tagged architecture ,as for the TADD instruction from the SPARC ISA ?
[Sun Jan  4 14:25:14 2015] <johnw> I'm not familiar with that
[Sun Jan  4 14:25:30 2015] <johnw> tagged as in every word in memory has an associated word that contains tagging information
[Sun Jan  4 14:25:55 2015] <johnw> and the CPU has an execution policy that examines tags before executing instructions
[Sun Jan  4 14:26:46 2015] <johnw> things like, "if it's not tagged as a pointer, you can't dereference it; and if it is, the tag indicates the memory block it's allowed to point to"
[Sun Jan  4 14:27:34 2015] <Anarchos> johnw ok. it is the same, originated from the first Lisp machines : the tag were used to identify a content or a pointer to another cell.
[Sun Jan  4 14:27:51 2015] <johnw> yep
[Sun Jan  4 14:27:52 2015] <Anarchos> sadly, the ocaml compiler for sparc doesn't use them.
[Sun Jan  4 15:23:36 2015] <MarcWeber> benzrf, nkar, johnw: both inversion and discriminate worked fine in my case. exact didn't apply because H wasn't the goal exactly.
[Sun Jan  4 15:24:46 2015] <nkar> MarcWeber: if you need more examples of using inversion, the software foundations book has some
[Sun Jan  4 15:25:37 2015] <nkar> (it does more than just disregarding the goal)
[Sun Jan  4 15:55:37 2015] <MarcWeber> I guess there is a long way to go .. Going through: http://www.seas.upenn.edu/~cis500/current/sf/Basics.html at the moment. Will be looking at the software foundations book later.
[Sun Jan  4 15:56:45 2015] <MarcWeber> http://dpaste.com/15FP09J What's wrong with this recursive definition line 17 ?
[Sun Jan  4 15:56:54 2015] <MarcWeber> | TP bn' => bnat_to_nat(T bn') + 1
[Sun Jan  4 16:11:40 2015] <nkar> MarcWeber: in Fixpoint, you're only allowed to perform a recursive call on bn', i.e., something that's less the argument you're matching on.  (I hope I've not worded this poorly.)
[Sun Jan  4 16:12:08 2015] <nkar> it's explained in software foundations when fixpoint is used for the first time
[Sun Jan  4 16:12:09 2015] <MarcWeber> Thus coq forces termination this way?
[Sun Jan  4 16:12:12 2015] <nkar> yes
[Sun Jan  4 16:14:08 2015] <alkabetz> You can also prove to Coq that a function which does not recurse on a structural subterm does terminate, but it’s fairly complicated.  Adam goes into it in the ‘well-founded recursion’ section of CPDT.
[Sun Jan  4 16:15:28 2015] <nkar> cool
[Sun Jan  4 18:42:29 2015] <benzrf> how does derivation of False from O = S O work
[Sun Jan  4 18:42:34 2015] <benzrf> term-wise
[Sun Jan  4 18:42:52 2015] <benzrf> is there an axiom?
[Sun Jan  4 18:43:04 2015] <benzrf> do you match on the eq_refl argument and do something weird with it?
[Sun Jan  4 18:43:55 2015] <Cypi> You can check it if you want: [Goal 0 = 1 -> False. intro H. inversion H. Show Proof.]
[Sun Jan  4 18:44:37 2015] <Ptival> benzrf: it uses the elimination principle of equality to replace O with S O in a dependent pattern match where one of the branch requires a proof of True and the other one a proof of False
[Sun Jan  4 18:44:39 2015] <benzrf> crud
[Sun Jan  4 18:44:50 2015] <Ptival> so you can provide the proof of True (I) to build a proof of False
[Sun Jan  4 18:44:53 2015] <benzrf> Ptival: hmm
[Sun Jan  4 18:45:08 2015] <jgross> benzrf: The trick is to define a function that sends 0 to True and 1 to False.	Since, to prove f 1, it suffices to prove f 0 (assuming 0 = 1), you can prove f 0 = True by I. 
[Sun Jan  4 18:45:50 2015] <benzrf> oh neat
[Sun Jan  4 18:46:32 2015] <benzrf> * ponders for a moment
[Sun Jan  4 18:46:49 2015] <benzrf> jgross: hm, you mean
[Sun Jan  4 18:47:06 2015] <benzrf> by "prove f 1" you mean "proof : f 1"
[Sun Jan  4 18:47:48 2015] <jgross> yes 
[Sun Jan  4 18:49:14 2015] <benzrf> kk
[Sun Jan  4 18:49:17 2015] <benzrf> cool
[Sun Jan  4 18:49:37 2015] <benzrf> so...
[Sun Jan  4 18:50:13 2015] <benzrf> ah, i see
[Sun Jan  4 18:50:27 2015] <benzrf> it only works when you have x = y where x and y may be differentiated by pattern matching
[Sun Jan  4 18:50:32 2015] <benzrf> so you can make one return True and one False
[Sun Jan  4 18:50:47 2015] <jgross> Yes 
[Sun Jan  4 18:50:58 2015] <Cypi> Yes, this is basically what inversion does: if the constructors of x and y are different, it derives False
[Sun Jan  4 18:51:30 2015] <benzrf> sooo
[Sun Jan  4 18:51:41 2015] <benzrf> t := (fun n : nat => match n with | O => True | S _ => False end) O
[Sun Jan  4 18:51:52 2015] <benzrf> proof : t := I
[Sun Jan  4 18:52:32 2015] <benzrf> er, hm
[Sun Jan  4 18:52:36 2015] <benzrf> ok, so from there you can derive False = True
[Sun Jan  4 18:52:43 2015] <benzrf> and from there you can convert types
[Sun Jan  4 18:52:44 2015] <benzrf> coool
[Sun Jan  4 18:53:28 2015] <benzrf> ah, how does one actually implement eq_ind
[Sun Jan  4 18:53:30 2015] <johnw> jgross: hello!
[Sun Jan  4 18:53:36 2015] <jgross> johnw: Hi! 
[Sun Jan  4 18:53:40 2015] <johnw> jgross: are you in Boston area the week of the 26th?
[Sun Jan  4 18:53:45 2015] <benzrf> hey i met both of u irl
[Sun Jan  4 18:54:11 2015] <johnw> benzrf: :)
[Sun Jan  4 18:55:44 2015] <jgross> benzrf: eq_ind is kind-of primitive.  The definition of equality is that, given (x : A), (f : forall y, x = y -> Type), and pf : f x refl, you are given, for any y and (p : x = y), a proof of f y p, and this function is called eq_ind. 
[Sun Jan  4 18:56:14 2015] <jgross> benzrf: In Coq, all of the induction principles are aggregated in terms of the primitive [match] (and [fix], for recursive ones) 
[Sun Jan  4 18:56:31 2015] <benzrf> yeah
[Sun Jan  4 18:56:33 2015] <benzrf> well i mean
[Sun Jan  4 18:56:40 2015] <benzrf> i see that eq_ind is primitive, theory wise
[Sun Jan  4 18:56:49 2015] <benzrf> but in coq specifically, can't you implement it
[Sun Jan  4 18:57:05 2015] <jgross> so eq_ind is just [match (p : x = y) as p' in (_ = y') return (P y' p') with eq_refl => (pf : P x eq_refl) end] 
[Sun Jan  4 18:57:10 2015] <benzrf> hmm
[Sun Jan  4 18:57:29 2015] <benzrf> er, what's the as and in
[Sun Jan  4 18:57:43 2015] <jgross> Things that let you change the return type.  dependent pattern matching 
[Sun Jan  4 18:58:13 2015] <benzrf> how are they used
[Sun Jan  4 18:58:17 2015] <jgross> johnw: I will be away Jan 6 -- Jan 30, in Munich -> Mumbai -> Bristol -> Seattle -> San Francisco 
[Sun Jan  4 18:58:27 2015] <jgross> What's the week of the 26th? 
[Sun Jan  4 18:59:08 2015] <johnw> me visiting Boston
[Sun Jan  4 18:59:15 2015] <johnw> wanted to see if I could grab dinner with you and edwardk
[Sun Jan  4 18:59:41 2015] <benzrf> jgross: th-that seems a little bit roundabout
[Sun Jan  4 19:00:00 2015] <benzrf> er, wait
[Sun Jan  4 19:00:15 2015] <benzrf> what bristol is this
[Sun Jan  4 19:00:49 2015] <jgross> benzrf: [match <arg> as new_arg_name in (<type of arg> <new names for indices>) return (<new type, in terms of new_arg_name and new names for indices>) with constructors => cases (with new time, but with the constructor plugged in) end] 
[Sun Jan  4 19:01:23 2015] <benzrf> :O
[Sun Jan  4 19:01:24 2015] <jgross> benzrf: the one in the UK.  I am going to Mumbai for POPL, and scheduled a bunch of friend-visiting around that. 
[Sun Jan  4 19:01:31 2015] <benzrf> huh
[Sun Jan  4 19:01:53 2015] <jgross> er, s/new time/new type/ 
[Sun Jan  4 19:02:04 2015] <benzrf> it seems like it'd be more convenient to go to bristol, THEN munich
[Sun Jan  4 19:02:14 2015] <benzrf> purely in terms of geographical distance
[Sun Jan  4 19:03:15 2015] <benzrf> jgross: `as' is like @ in haskell?
[Sun Jan  4 19:03:19 2015] <benzrf> er, wait nvm
[Sun Jan  4 19:04:03 2015] <jgross> benzrf: yes, I think so 
[Sun Jan  4 19:04:16 2015] <benzrf> it goes in a different place :u
[Sun Jan  4 19:04:24 2015] <benzrf> what are indicies
[Sun Jan  4 19:04:26 2015] <benzrf> *indices
[Sun Jan  4 19:04:46 2015] <jgross> Well, @ is for binding the name at in each branch, while `as` is for binding it in the type 
[Sun Jan  4 19:05:52 2015] <jgross> quoting http://wiki.portal.chalmers.se/agda/pmwiki.php?n=ReferenceManual.Data, in "data Vec (A : Set) : ℕ → Set where", A is a parameter, (n : ℕ) is an index 
[Sun Jan  4 19:06:06 2015] <jgross> johnw: too bad that I won't be around then 
[Sun Jan  4 19:07:05 2015] <benzrf> hmmmmmmmmm
[Sun Jan  4 19:07:07 2015] <benzrf> ok
[Sun Jan  4 19:07:31 2015] <benzrf> so "in" is for pattern matching on the type of the input?
[Sun Jan  4 19:08:18 2015] <johnw> yes, that is really too bad
[Sun Jan  4 19:08:35 2015] <Ptival> benzrf: no, it's to bind the type indices to use in the return type annotation
[Sun Jan  4 19:09:13 2015] <benzrf> uuuuuh
[Sun Jan  4 19:09:19 2015] <benzrf> hmmmm
[Sun Jan  4 19:09:27 2015] <johnw> match x == y  as E in x + 1 return nat where ...
[Sun Jan  4 19:09:40 2015] <johnw> is that right?
[Sun Jan  4 19:10:06 2015] <benzrf> o.O
[Sun Jan  4 19:10:08 2015] <Ptival> benzrf: about indices, I wrote that answer which might help you http://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Sun Jan  4 19:11:19 2015] <johnw> oh, no, that's not right what I wrote
[Sun Jan  4 19:11:50 2015] <Ptival> when you pattern match a value which belongs in an indexed type family, you can give a name to the index in the "in" clause, so that you can refer to the particular index of that value in the "return" clause
[Sun Jan  4 19:12:51 2015] <Ptival> say: match f in Fin n return Fin (S n)
[Sun Jan  4 19:20:53 2015] <benzrf> o.O
[Sun Jan  4 19:20:59 2015] <benzrf> so..
[Sun Jan  4 19:21:03 2015] <benzrf> 07:07 < benzrf> so "in" is for pattern matching on the type of the input?
[Sun Jan  4 19:21:09 2015] <benzrf> er, not pattern matching
[Sun Jan  4 19:21:19 2015] <benzrf> i meant pattern matching in the sense of
[Sun Jan  4 19:21:32 2015] <benzrf> destructing a value and binding its constituents
[Sun Jan  4 19:24:51 2015] <Ptival> well with in you're really binding the constituents of its type
[Sun Jan  4 19:26:30 2015] <benzrf> i
[Sun Jan  4 19:26:54 2015] <benzrf> Ptival: ye, the value in question is the type of the thing being pattern matched on
[Sun Jan  4 19:29:58 2015] <Ptival> benzrf: oh I see what you mean, I guess yes, but you may only bind indices, not parameters, and it is only binding, there is no pattern
[Sun Jan  4 19:31:12 2015] <benzrf> oh, coq formally differentiates?
[Sun Jan  4 19:45:23 2015] <Ptival> benzrf: well, they feel different, in that the value matching is actually a call to the eliminator, while the return type thing has no computation content and is just there for type-checking?
[Sun Jan  4 19:45:53 2015] <benzrf> Ptival: er, i mean coq formally differentiates between indices and params
[Sun Jan  4 19:46:59 2015] <Ptival> benzrf: oh yes
[Sun Jan  4 19:52:28 2015] <benzrf> Ptival: how so
[Sun Jan  4 20:00:00 2015] <arvisrend> hmm
[Sun Jan  4 20:00:17 2015] <arvisrend> any idea why coqide crashes in the open-file dialog in linux mint cinammon?
[Sun Jan  4 20:02:50 2015] <MarcWeber> If I have a hypothesis for a(x) but x is a term, how to substitute the term to apply the hypothesis?
[Sun Jan  4 20:47:16 2015] <arvisrend> seven hells
[Sun Jan  4 20:47:21 2015] <arvisrend> on linux now, same issue
[Sun Jan  4 20:47:23 2015] <arvisrend> "COQC -nois theories/Init/Notations.v"
[Sun Jan  4 20:47:25 2015] <arvisrend> freezes
[Sun Jan  4 20:47:54 2015] <arvisrend> ah no it works
[Sun Jan  4 20:48:08 2015] <arvisrend> funny
[Sun Jan  4 20:53:47 2015] <arvisrend> uhm
[Sun Jan  4 20:53:47 2015] <arvisrend> File "/home/skraeling/Downloads/coq-8.4pl5/theories/Init/Datatypes.v", line 13, characters 0-38:
[Sun Jan  4 20:53:48 2015] <arvisrend> Error: interface mismatch on Environ
[Sun Jan  4 20:53:49 2015] <arvisrend> wtf
[Sun Jan  4 20:56:20 2015] <jgross> Based on https://github.com/coq/coq/blob/V8.4/theories/Init/Datatypes.v#L13, it sounds like either (a) the version of OCaml you used to compile nat_syntax_plugin is different from the version of OCaml you used to compile Coq, or (b), it's picking up nat_syntax_plugin from a different vesion of Coq than the one you're currently using. 
[Sun Jan  4 20:57:06 2015] <arvisrend> oh
[Sun Jan  4 20:57:08 2015] <arvisrend> thanks a lot
[Sun Jan  4 20:57:20 2015] <arvisrend> i fear i need to update more dependencies
[Sun Jan  4 20:57:30 2015] <jgross> ("Interface mismatch on Environ" translates, roughly, to "I have two components here, both written in OCaml, and they diagree on what Environ is supposed to export") 
[Sun Jan  4 20:58:03 2015] <arvisrend> wut, synaptic shows ocaml as not installed?
[Sun Jan  4 20:58:24 2015] <arvisrend> is 4.01.0-3 correct?
[Sun Jan  4 20:59:31 2015] <jgross> In this case, Environ is kernel/environ.ml(i).	So it means that nat_syntax_plugin and coqc are linking with different versions of the Coq source file kernel/environ.mli. 
[Sun Jan  4 21:00:31 2015] <jgross> What do you mean by "correct"?	Any version is fine (well, as long as it's new enough, and not too new, but 4.01.0-3 is probably fine), as long as you use the same version on all the files.  If you upgraded half way through the build, you'll have to blow away all the old files and rebuild them. 
[Sun Jan  4 21:00:58 2015] <arvisrend> oh
[Sun Jan  4 21:01:10 2015] <arvisrend> hmm
[Sun Jan  4 21:01:17 2015] <arvisrend> ./configure says "You have Objective-Caml 4.01.0. Good!"
[Sun Jan  4 21:01:27 2015] <arvisrend> let's hope it's the right one
[Sun Jan  4 21:02:32 2015] <jgross> (Note that you might have to `make clean`, or even `make distclean`, and not just re-configure and re-make.) 
[Sun Jan  4 21:02:38 2015] <arvisrend> what package should i get to make it recognize lablgtk?
[Sun Jan  4 21:02:42 2015] <arvisrend> i know, i just did the distclean
[Sun Jan  4 21:03:10 2015] <jgross> liblablgtk, or liblablgtk2, IIRC? 
[Sun Jan  4 21:03:51 2015] <arvisrend> oh fuck
[Sun Jan  4 21:03:53 2015] <arvisrend> latex isn't installed :/
[Sun Jan  4 21:03:57 2015] <jgross> Google is suggesting liblablgtk2-ocaml-dev might be the right one. 
[Sun Jan  4 21:04:11 2015] <arvisrend> thank you
[Sun Jan  4 21:04:20 2015] <jgross> Just pass configure, uh, -nodoc?  or was it -doc no?  (--help will tell you) 
[Sun Jan  4 21:04:29 2015] <arvisrend> i'd rather install it
[Sun Jan  4 21:04:48 2015] <arvisrend> ok now that seems to be easier than i thought
[Sun Jan  4 21:15:38 2015] <arvisrend> still getting the mismatch :(
[Sun Jan  4 21:48:53 2015] <hodapp> w00t, ordered HoTT hardcover book. I have already a free digital copy, but in many ways I'm more likely to read a dead tree.
[Mon Jan  5 03:56:05 2015] <johnw> are there any ssreflect users who could help me with the proof of:
[Mon Jan  5 03:56:07 2015] <johnw> forall (a b : eqType) (i : b) (xs : seq (a * b)), all (fun x => (x, i) \in xs) [seq fst x | x <- xs & snd x == i]
[Mon Jan  5 03:56:28 2015] <johnw> I feel like this should be a simple rewriting proof, but I don't know this part of ssreflect very well yet
[Mon Jan  5 07:29:10 2015] <atzeus> Hi all! I have a very basic question, what does "~=" mean and how can I find out?
[Mon Jan  5 07:30:17 2015] <atzeus> It is generated from dependent induction
[Mon Jan  5 07:32:03 2015] <atzeus> Got it "Coq.Program.Equality"
[Mon Jan  5 07:32:19 2015] <atzeus> Still, how do I check the type of an infix operator?
[Mon Jan  5 08:01:54 2015] <atzeus> Anybody know where I can find this lemma: "forall {F : Set -> Set } {x y : Set}, F x = F y -> x = y."
[Mon Jan  5 08:03:47 2015] <Cypi> Is this true? :o
[Mon Jan  5 08:04:05 2015] <atzeus> :P
[Mon Jan  5 08:04:14 2015] <atzeus> Would be suprised if not.
[Mon Jan  5 08:04:42 2015] <atzeus> O wait
[Mon Jan  5 08:04:50 2015] <atzeus> You're right
[Mon Jan  5 08:04:57 2015] <atzeus> only if F is injective...
[Mon Jan  5 08:05:14 2015] <atzeus> hmm
[Mon Jan  5 09:10:47 2015] <benzrf> so
[Mon Jan  5 09:10:57 2015] <benzrf> what does HoTT net you over standard CoC-type stuff
[Mon Jan  5 09:11:09 2015] <benzrf> and at what level of foundation is it?
[Mon Jan  5 09:11:30 2015] <benzrf> like would it replace CoC or would it be a layer on top of it or what?
[Mon Jan  5 09:11:40 2015] <benzrf> * is a total newb
[Mon Jan  5 09:47:28 2015] <arvisrend> jgross: thanks a lot
[Mon Jan  5 09:47:42 2015] <arvisrend> you were right, some remains of a previous install were haunting ocaml
[Mon Jan  5 16:12:20 2015] <benzrf> why cant i extract the value in an eq_refl
[Mon Jan  5 16:12:26 2015] <benzrf> is it because it lives in Prop
[Mon Jan  5 16:13:47 2015] <benzrf> * is trying to trick coq into telling him what value is stored in a proof of x = y
[Mon Jan  5 16:14:51 2015] <benzrf> oooooooooooooooooooooooooohhhhhhhhhhh i see
[Mon Jan  5 16:15:24 2015] <benzrf> there *is* no value in the constructor, it's a parameter and not an index
[Mon Jan  5 16:15:26 2015] <benzrf> right???
[Mon Jan  5 16:33:06 2015] <johnw> a proof of x = y is different from { p : (a * b) | let (x, y) := p in x = y }
[Mon Jan  5 16:33:46 2015] <johnw> although i wonder if you can't get the info back
[Mon Jan  5 16:33:47 2015] <johnw> let me try
[Mon Jan  5 16:34:21 2015] <johnw> actually
[Mon Jan  5 16:34:29 2015] <johnw> in order to even talk about "x = y", you must have x and y in scope
[Mon Jan  5 16:34:42 2015] <johnw> since that type (x = y) depends on those values
[Mon Jan  5 16:34:56 2015] <johnw> benzrf: or is that not your question?
[Mon Jan  5 16:35:41 2015] <benzrf> er, a value of type x = y
[Mon Jan  5 16:35:52 2015] <benzrf> (where x and y are existential, not universal!)
[Mon Jan  5 16:35:58 2015] <benzrf> johnw: the value contains no values, right?
[Mon Jan  5 16:36:03 2015] <benzrf> it's a nullary constructor
[Mon Jan  5 16:36:48 2015] <benzrf> because the value argument is a PARAMETER, not an INDEX
[Mon Jan  5 16:36:54 2015] <benzrf> y/n?
[Mon Jan  5 16:37:48 2015] <johnw> what do you mean by "existential, not universal"?
[Mon Jan  5 16:37:51 2015] <johnw> can you show me code?
[Mon Jan  5 16:38:01 2015] <johnw> code always makes more sense than interpretation
[Mon Jan  5 16:38:01 2015] <benzrf> like x and y are concrete values
[Mon Jan  5 16:38:05 2015] <benzrf> i.e.,
[Mon Jan  5 16:38:17 2015] <benzrf> p : 3 = (2 + 1)
[Mon Jan  5 16:38:17 2015] <johnw> what "value" is it you're looking to find?
[Mon Jan  5 16:38:28 2015] <benzrf> p contains no values
[Mon Jan  5 16:38:31 2015] <benzrf> eq_refl is nullary
[Mon Jan  5 16:38:35 2015] <johnw> right
[Mon Jan  5 16:38:37 2015] <benzrf> kk
[Mon Jan  5 16:38:38 2015] <johnw> but the type refers to values
[Mon Jan  5 16:38:41 2015] <benzrf> yes
[Mon Jan  5 16:38:48 2015] <johnw> and those you can recover
[Mon Jan  5 16:38:52 2015] <benzrf> i mean you can't pattern match on eq_refl to extract the index :)
[Mon Jan  5 16:39:04 2015] <benzrf> because it's a parameter
[Mon Jan  5 16:39:11 2015] <johnw> well
[Mon Jan  5 16:39:16 2015] <johnw> eq_refl has both a parameter *and* an index
[Mon Jan  5 16:39:19 2015] <johnw> Inductive eq (A : Type) (x : A) : A -> Prop :=  eq_refl : x = x
[Mon Jan  5 16:39:28 2015] <johnw> they just have to be the same, per the constructor
[Mon Jan  5 16:39:39 2015] <benzrf> wait, whaa
[Mon Jan  5 16:39:54 2015] <benzrf> oh
[Mon Jan  5 16:39:56 2015] <benzrf> hmmmm
[Mon Jan  5 16:40:17 2015] <benzrf> hhhhhhhmmmmmmmmmmMMMMMMMMMM
[Mon Jan  5 16:40:23 2015] <benzrf> see, i thought it was like:
[Mon Jan  5 16:41:06 2015] <benzrf> er, 1 sec
[Mon Jan  5 16:41:18 2015] <benzrf> Inductive eq : forall A : Type, A -> A -> Prop :=
[Mon Jan  5 16:41:38 2015] <benzrf> | eq_refl : forall (A : Type) (x : A), eq A x x.
[Mon Jan  5 16:41:38 2015] <ianjneu> You can't destruct prop into anything but a prop.
[Mon Jan  5 16:41:59 2015] <johnw> yeah, that's not eq
[Mon Jan  5 16:42:09 2015] <benzrf> it's what i thought it was though :p
[Mon Jan  5 16:42:14 2015] <johnw> why not check the type?
[Mon Jan  5 16:42:25 2015] <johnw> C-c C-a C-p in Emacs
[Mon Jan  5 16:42:28 2015] <benzrf> i did, but i didn't understand indices
[Mon Jan  5 16:42:32 2015] <johnw> ah
[Mon Jan  5 16:42:33 2015] <benzrf> er,
[Mon Jan  5 16:42:37 2015] <benzrf> i checked the type of eq_refl
[Mon Jan  5 16:42:41 2015] <johnw> ianjneu: I've run into that many a time
[Mon Jan  5 16:42:45 2015] <benzrf> but i didnt understand that constructors can have arguments that arent fields
[Mon Jan  5 16:42:54 2015] <johnw> ianjneu: but you're right, I can't just recover the non-Prop value
[Mon Jan  5 16:43:15 2015] <benzrf> i came back to it after reading another page of SF that happened to explain that, and realized 8D
[Mon Jan  5 16:43:28 2015] <ianjneu> The Prop/Type distinction is one of the weakest forms of contextual type.
[Mon Jan  5 19:22:00 2015] <benzrf> question
[Mon Jan  5 19:22:35 2015] <benzrf> could eq as a type somehow be feasible as a means of comparison in a practical dependently-typed language
[Mon Jan  5 19:22:56 2015] <benzrf> like, dispatching on if you can prove equality with a trivial reflexivity attempt?
[Mon Jan  5 19:23:14 2015] <benzrf> well i guess that would be compile time... nvm
[Mon Jan  5 20:23:06 2015] <benzrf> hmmmmmmmmmmm
[Mon Jan  5 20:23:37 2015] <benzrf> it just occurred to me that euclid's proof of the infinitude of primes is by contradiction
[Mon Jan  5 20:24:03 2015] <benzrf> is there a constructive proof or something
[Mon Jan  5 20:26:07 2015] <hodapp> benzrf: there is a constructive proof...
[Mon Jan  5 20:26:10 2015] <hodapp> benzrf: of the last prime.
[Mon Jan  5 20:26:13 2015] <hodapp> * stabs benzrf fatally
[Mon Jan  5 20:27:25 2015] <benzrf> hodapp: that's a joke, right
[Mon Jan  5 20:27:31 2015] <Cypi> This proof is actually constructive, isn't it? Given any finite set of primes, you consider their product plus one. Then you find any prime that divides this number, it's a new prime number.
[Mon Jan  5 20:27:44 2015] <benzrf> Cypi: huh?
[Mon Jan  5 20:27:51 2015] <benzrf> Cypi: hmm
[Mon Jan  5 20:28:02 2015] <benzrf> hmm!
[Mon Jan  5 20:28:05 2015] <hodapp> well, I don't know that that tells you how to construct that number, does it?
[Mon Jan  5 20:28:12 2015] <benzrf> hodapp: no, it does
[Mon Jan  5 20:28:19 2015] <benzrf> hodapp: you only need to scan the section of the nats
[Mon Jan  5 20:28:26 2015] <benzrf> below the product
[Mon Jan  5 20:28:32 2015] <benzrf> and if you find nothing, then it's prime
[Mon Jan  5 20:28:41 2015] <benzrf> either way you have a new prime
[Mon Jan  5 20:29:11 2015] <hodapp> "Although the proof as a whole is not by contradiction (it does not assume that only finitely many primes exist), a proof by contradiction is within it, which is that none of the initially considered primes can divide the number q above."
[Mon Jan  5 20:29:25 2015] <benzrf> hodapp: it doesnt?
[Mon Jan  5 20:29:47 2015] <benzrf> hodapp: anyway DNE works on certain kinds of propositions
[Mon Jan  5 20:29:53 2015] <Cypi> What's the number q in your quote?
[Mon Jan  5 20:30:04 2015] <hodapp> it's from https://en.wikipedia.org/wiki/Euclid%27s_theorem#Euclid.27s_proof
[Mon Jan  5 20:30:07 2015] <benzrf> ~~(x = y) -> x = y where x y : nat
[Mon Jan  5 20:30:15 2015] <benzrf> or so i am told
[Mon Jan  5 20:30:52 2015] <Cypi> How is that a proof by contradiction?
[Mon Jan  5 20:31:10 2015] <jgross> There are two kinds of proofs that start by assuming something, and then concluding absurdity.	Proofs of negations, such as the infinitude of primes, can be constructive; you are proving that "only finitely many primes -> False".	Proofs properly called "by contradiction" use double negation elimination, and tend to not be constructive. 
[Mon Jan  5 20:35:55 2015] <benzrf> jgross: the first time i read the difference i was horribly confused for about 5 minutes before i spotted the DNE
[Mon Jan  5 20:36:29 2015] <eraserhd> What's "DNE"?
[Mon Jan  5 20:39:01 2015] <Cypi> Double Negation Elimination
[Mon Jan  5 20:41:07 2015] <benzrf> Q: why are the chalkboards in the intuitionistic math department always in flux?
[Mon Jan  5 20:41:11 2015] <benzrf> A: they don't believe in DNE
[Mon Jan  5 20:41:24 2015] <benzrf> er, logic
[Mon Jan  5 20:42:21 2015] <eraserhd> Kind of like the joke about the comp sci and math departments.
[Mon Jan  5 20:44:31 2015] <benzrf> eraserhd: oh?
[Mon Jan  5 20:45:48 2015] <eraserhd> The heads of three departments are standing around, and the comp sci person laments, "it is so expensive to run a comp sci program - the lab costs a quarter million dollars for all the computers, the paper, the pencils, the erasers, the wastebaskets"
[Mon Jan  5 20:46:54 2015] <eraserhd> The math person, "what a scam. to run a good math program, all you need is the paper, the pencils, the erasers, and the wastebaskets."
[Mon Jan  5 20:47:08 2015] <eraserhd> The philosophy head said, "heh, you guys need erasers and wastebaskets..."
[Mon Jan  5 20:48:00 2015] <benzrf> lel
[Mon Jan  5 20:48:05 2015] <benzrf> i think i heard that before
[Mon Jan  5 20:48:33 2015] <eraserhd> It's pretty old.
[Tue Jan  6 06:58:48 2015] <arvisrend> gosh... not even sage takes this long to compile :(
[Tue Jan  6 07:33:28 2015] <m4farrel> Can someone explain the channel topic to me? Like the link? I don't understand.
[Tue Jan  6 08:50:27 2015] <arvisrend> m4farrel: the link is probably obsolete
[Tue Jan  6 08:50:38 2015] <arvisrend> but the feit-thompson theorem was formalized in coq by gonthier and his group a while ago
[Tue Jan  6 08:51:04 2015] <arvisrend> see http://mathoverflow.net/questions/164959/how-do-i-verify-the-coq-proof-of-feit-thompson
[Tue Jan  6 09:01:25 2015] <dbelange> how-do-i-verify-coq
[Tue Jan  6 09:04:21 2015] <johnw> arvisrend: wait until you try bedrock
[Tue Jan  6 09:04:32 2015] <johnw> that is my new benchmark for length of compile time
[Tue Jan  6 09:26:31 2015] <arvisrend> the feeling when make is done compiling and you are looking for the error that made it stop
[Tue Jan  6 09:26:52 2015] <johnw> hahaha
[Tue Jan  6 09:26:57 2015] <johnw> some days I live in that state
[Tue Jan  6 09:30:18 2015] <arvisrend> is /usr/coqide the right way to start coqide?
[Tue Jan  6 09:31:21 2015] <johnw> that sounds wrong
[Tue Jan  6 09:31:29 2015] <johnw> I would expect /usr/bin/coqide
[Tue Jan  6 09:33:55 2015] <arvisrend> nope, it's /usr/coqide
[Tue Jan  6 09:34:00 2015] <arvisrend> it just took a minute until it loaded :)
[Tue Jan  6 09:34:04 2015] <arvisrend> maybe i ./configured it wrongly
[Tue Jan  6 09:35:56 2015] <arvisrend> hmm
[Tue Jan  6 09:36:00 2015] <arvisrend> it's taking a minute again
[Tue Jan  6 09:36:01 2015] <arvisrend> not good
[Tue Jan  6 09:38:05 2015] <arvisrend> buggering hell
[Tue Jan  6 09:38:18 2015] <arvisrend> something has snatched the ctrl+alt+down key combo from coqide
[Tue Jan  6 09:38:32 2015] <arvisrend> apparently cinnamon makes it its alt-tab
[Tue Jan  6 09:38:53 2015] <arvisrend> also it doesn't work :(
[Tue Jan  6 09:43:54 2015] <arvisrend> ok, back to binary build
[Tue Jan  6 09:44:01 2015] <arvisrend> coqide still crashes on file/open
[Tue Jan  6 09:44:10 2015] <arvisrend> any idea where and how to report such a thing?
[Tue Jan  6 09:44:24 2015] <arvisrend> funnily, file/save as work
[Tue Jan  6 09:44:30 2015] <arvisrend> but file/open and file/save crash
[Tue Jan  6 09:45:19 2015] <arvisrend> argh
[Tue Jan  6 09:45:30 2015] <arvisrend> it segfaults when not started with superuser rights
[Tue Jan  6 09:45:36 2015] <arvisrend> coqide y u need superuser right
[Tue Jan  6 09:47:54 2015] <johnw> whoa
[Tue Jan  6 09:47:58 2015] <johnw> scary
[Tue Jan  6 09:48:38 2015] <arvisrend> it might be because of some stuff like external drives which pop up in the dialog
[Tue Jan  6 09:48:39 2015] <arvisrend> still weird
[Tue Jan  6 09:48:45 2015] <arvisrend> also i don't think gimp has this issue
[Tue Jan  6 09:49:02 2015] <johnw> that's just wrong
[Tue Jan  6 09:56:35 2015] <arvisrend> https://coq.inria.fr/bugs/show_bug.cgi?id=3902 now
[Tue Jan  6 09:58:15 2015] <johnw> nice :)
[Tue Jan  6 10:04:50 2015] <arvisrend> where does the coq lib usually live under linux?
[Tue Jan  6 10:05:22 2015] <arvisrend> oh /usr/lib/coq
[Tue Jan  6 10:05:27 2015] <arvisrend> at least the binary version does this one right
[Tue Jan  6 10:06:21 2015] <Choups314> Hi ! Is it possible to add an extra HTML header in the coqdoc output ?
[Tue Jan  6 10:06:34 2015] <Choups314> (I would like to add mathjax)
[Tue Jan  6 11:57:14 2015] <arvisrend> can i ignore these?
[Tue Jan  6 11:57:20 2015] <arvisrend> Warning: Overwriting previous delimiting key bool in scope bool_scope
[Tue Jan  6 11:57:21 2015] <arvisrend> Warning: No global reference exists for projection valuefun
[Tue Jan  6 11:57:21 2015] <arvisrend> x : pred
[Tue Jan  6 11:57:21 2015] <arvisrend> _UNBOUND_REL_1 =>
[Tue Jan  6 11:57:21 2015] <arvisrend> x in instance predPredType of topred, ignoring it.
[Tue Jan  6 11:57:26 2015] <arvisrend> when require-importing parts of ssreflect
[Tue Jan  6 11:58:07 2015] <johnw> yeah, I do
[Tue Jan  6 12:18:10 2015] <benzrf> question
[Tue Jan  6 12:18:25 2015] <benzrf> if you say that term s unifies with term t
[Tue Jan  6 12:18:39 2015] <benzrf> does that mean that "the substitutions necessary to turn s into t are valid"?
[Tue Jan  6 12:18:49 2015] <benzrf> or does it mean either that or t into s?
[Tue Jan  6 12:18:54 2015] <benzrf> or something else entirely
[Tue Jan  6 13:27:31 2015] <benzrf> n-never mind
[Tue Jan  6 14:01:20 2015] <arvisrend> File "src/ssrmatching.mli", line 4, characters 0-11:
[Tue Jan  6 14:01:20 2015] <arvisrend> Error: Unbound module Genarg
[Tue Jan  6 15:49:18 2015] <johnw> benzrf: it means that s and t trivially evaluate to equality
[Tue Jan  6 22:21:58 2015] <johnw> roconnor: welcome!
[Tue Jan  6 22:22:15 2015] <johnw> so, I need to model an assembly language IR
[Tue Jan  6 22:22:30 2015] <roconnor> IR?
[Tue Jan  6 22:22:35 2015] <johnw> I have a list of basic blocks, where each block has zero or more instructions (I think I can restruct this to one or more)
[Tue Jan  6 22:22:40 2015] <johnw> intermediate representation
[Tue Jan  6 22:22:45 2015] <johnw> sorry, LLVM calls it an IR
[Tue Jan  6 22:23:02 2015] <roconnor> ok
[Tue Jan  6 22:23:23 2015] <johnw> so, sometimes I want to view this is a list of "blocks containings instructions", and sometimes I want to view it as a "sequence of instructions", like a view over the list of blocks
[Tue Jan  6 22:23:45 2015] <johnw> however, I need to apply some knowledge, like that the "address" of each instruction is one more than the previous one, no matter which block that previous one happens to be in
[Tue Jan  6 22:24:30 2015] <johnw> so, I have a list of ops, and a block with a list of ops, and my thought right now is to parameterize the block on the list of ops, so that i can relate two blocks
[Tue Jan  6 22:24:51 2015] <johnw> and then have a BlockList inductive type which can establish invariants on the whole chain of operations
[Tue Jan  6 22:24:58 2015] <johnw> so my type right now is:
[Tue Jan  6 22:25:02 2015] <johnw> Inductive BlockList : seq { ops : seq (OpData opType) & BlockData ops } -> Prop :=
[Tue Jan  6 22:25:16 2015] <johnw> but I'm at that point of wondering whether I'm inviting a world of pain that I won't know about until next week....
[Tue Jan  6 22:25:23 2015] <johnw> so what would an ssreflecter recommend?
[Tue Jan  6 22:26:25 2015] <johnw> I tried doing this without dependent types, btw, and ran into lots of problems
[Tue Jan  6 22:26:46 2015] <johnw> the resulting BlockList just didn't have enough structure for me to reason about its contents
[Tue Jan  6 22:27:25 2015] <johnw> if this is too out of left field for you to think about right now, just let me know and I'll keep experimenting
[Tue Jan  6 22:27:44 2015] <roconnor> well, the SSReflect approach seems to has been to avoid dependent types at the low level at all costs.
[Tue Jan  6 22:27:56 2015] <roconnor> For example
[Tue Jan  6 22:29:14 2015] <roconnor> The define F_p, the finite field of Z mod p for all integers, even when p is not prime.  When p isn't prime then F_p is defined to be some trivial field like F_2 or something ... I'd have to look it up.
[Tue Jan  6 22:29:33 2015] <roconnor> Then all lemmas about F_p have the hypothesis that p is prime.
[Tue Jan  6 22:30:01 2015] <johnw> that's like breaking out the dependency, right?
[Tue Jan  6 22:30:11 2015] <johnw> pass it as separate evidence?
[Tue Jan  6 22:30:19 2015] <roconnor> right.  SSReflect is done in that style.
[Tue Jan  6 22:30:41 2015] <johnw> what about when you have a list of F _p's
[Tue Jan  6 22:30:53 2015] <johnw> and the status of one needs to relate to the previous member of the list?
[Tue Jan  6 22:31:28 2015] <roconnor> johnw: well I'm not sure I've been in that situation.
[Tue Jan  6 22:32:03 2015] <johnw> I ran into this snafu with my ordered set of instructions, where I needed to verify that each member's address was exactly .+2 of the previous member.  This proved hard to express
[Tue Jan  6 22:32:10 2015] <roconnor> johnw: I'm a bit disinclined to associate absolute addresses to instructions inside blocks.  My Haskell assembler got quite a bit simpler when I made everything relative.
[Tue Jan  6 22:32:21 2015] <johnw> (in the context of that list being segregated into small chunks within a list of blocks)
[Tue Jan  6 22:32:38 2015] <johnw> these addresses are symbolic really
[Tue Jan  6 22:32:47 2015] <johnw> I'm using them to establish interval ranges for a register allocator
[Tue Jan  6 22:32:54 2015] <johnw> in order to compute variable lifetimes
[Tue Jan  6 22:34:07 2015] <roconnor> johnw: can't you remove the redudency of your data so you don't need dependent types to exclude bad data?
[Tue Jan  6 22:34:49 2015] <roconnor> johnw: but if you must, the way SSReflect would typicaly do this is have an external predicate that is used in all lemmas that asserts the instruction addresses are proper.
[Tue Jan  6 22:36:11 2015] <johnw> thanks for the advice roconnor!  I'll give it a lot of thought
[Tue Jan  6 22:36:20 2015] <johnw> I have a feeling that these decision choices are going to decide how the rest of the code looks
[Tue Jan  6 22:37:29 2015] <roconnor> johnw: oh now I remember where I saw your name today.  It says in March 1997 you invented deterministic DSA signatures.
[Tue Jan  6 22:38:03 2015] <johnw> what??
[Tue Jan  6 22:38:12 2015] <roconnor> oh wait it is a different person ...
[Tue Jan  6 22:38:16 2015] <johnw> yeah
[Tue Jan  6 22:38:18 2015] <roconnor> John Wigley
[Tue Jan  6 22:38:20 2015] <johnw> I've never even heard of those :)
[Tue Jan  6 22:38:22 2015] <johnw> oh bizarre
[Tue Jan  6 22:38:32 2015] <roconnor> ah
[Tue Jan  6 22:38:50 2015] <roconnor> I did find it quite surprising.
[Tue Jan  6 23:18:32 2015] <johnw> I found a John Weigley on the web too
[Tue Jan  6 23:22:24 2015] <roconnor> :)
[Tue Jan  6 23:38:52 2015] <benzrf> tfw i will never find a namealike
[Tue Jan  6 23:48:59 2015] <johnw> I thought I never would either
[Tue Jan  6 23:52:48 2015] <benzrf> johnw: yeah my chances are yours squared
[Tue Jan  6 23:52:53 2015] <benzrf> i have TWO last names
[Tue Jan  6 23:52:59 2015] <benzrf> actually no that's naive
[Tue Jan  6 23:53:02 2015] <johnw> and not Ben Jones Smith?
[Tue Jan  6 23:53:19 2015] <benzrf> squaring is the naive version because most ppl dont have 2 last names
[Tue Jan  6 23:53:40 2015] <benzrf> i'd be legitimately shocked if there's a single other person in the world with the same last name as my brother and myself
[Tue Jan  6 23:53:51 2015] <benzrf> hyphenated & neither is that common
[Wed Jan  7 00:37:52 2015] <johnw> why exactly can't I use inversion in a context like this: https://gist.github.com/6671f78dc520958c8b72
[Wed Jan  7 00:38:13 2015] <johnw> is it because it would infer values that are not available outside of Prop?
[Wed Jan  7 00:54:50 2015] <johnw> a different question: if in my context I have an inductive proposition applied to a value for which no constructor exists, how can I infer False?
[Wed Jan  7 13:46:33 2015] <breadmonster> Hey, is there a textbook on coq?
[Wed Jan  7 13:46:52 2015] <johnw> several!
[Wed Jan  7 13:46:58 2015] <johnw> Software Foundations is the best place to start
[Wed Jan  7 13:47:10 2015] <johnw> it teaches Coq at a very nice and enjoyable pace
[Wed Jan  7 13:47:31 2015] <breadmonster> johnw, are you on every pure CS channel?
[Wed Jan  7 13:47:33 2015] <breadmonster> Haha.
[Wed Jan  7 13:47:36 2015] <johnw> I try to be :)
[Wed Jan  7 13:47:37 2015] <breadmonster> But okay, I'll have a look at that.
[Wed Jan  7 13:48:34 2015] <ianjneu> breadmonster: if you know the basics, but want more automation, Ilya Sergey has a book on tactic design. Adam Chlipala does too, but his book is for a different style of proving.
[Wed Jan  7 13:48:57 2015] <breadmonster> ianjneu, I'm...totally new. I'd like to start from the basics.
[Wed Jan  7 13:49:00 2015] <johnw> Ilya's book is quite good
[Wed Jan  7 13:49:08 2015] <johnw> so is Adam's, but I'd read Ilya's first
[Wed Jan  7 13:49:19 2015] <ianjneu> breadmonster: have you read Wadler's propositions as types essay?
[Wed Jan  7 13:49:29 2015] <breadmonster> ianjneu, Nope.
[Wed Jan  7 13:49:38 2015] <breadmonster> Well, that's reading material.
[Wed Jan  7 13:49:39 2015] <ianjneu> maybe that's the very first place to start.
[Wed Jan  7 13:50:05 2015] <ianjneu> to get a taste of how we approach proof in Coq.
[Wed Jan  7 13:50:29 2015] <ianjneu> ...or any other type theory based theorem prover.
[Wed Jan  7 13:55:45 2015] <breadmonster> Hmm, okay.
[Wed Jan  7 13:56:01 2015] <breadmonster> ianjneu, I'm taking an advanced algebra class next semester.
[Wed Jan  7 13:56:13 2015] <breadmonster> And I just wanted Coq to make sure that my proofs are correct.
[Wed Jan  7 13:56:18 2015] <breadmonster> Is that a bit overkill?
[Wed Jan  7 13:56:46 2015] <johnw> that's a neat idea, though the difficulty may get daunting at times
[Wed Jan  7 13:57:17 2015] <johnw>  I'd say that if you find yourself spending too much time trying to verify a proof, just skip that proof until later;  after all, you don't want to miss the forest for the trees
[Wed Jan  7 17:40:40 2015] <benzrf> how do i R
[Wed Jan  7 17:40:45 2015] <benzrf> i imported Reals
[Wed Jan  7 17:40:49 2015] <benzrf> now i can type 3%R
[Wed Jan  7 17:41:03 2015] <benzrf> where's my "is an integer" predicate. how do i indicate ratios
[Wed Jan  7 17:42:56 2015] <johnw> dunno
[Wed Jan  7 17:43:21 2015] <benzrf> im doing a real analysis course-of-sorts and i wanna write my proofs as literate coq
[Wed Jan  7 17:44:53 2015] <johnw> excellent
[Wed Jan  7 17:45:07 2015] <johnw> i don't use Coq for numerics, so I'm bad at these questions
[Wed Jan  7 17:46:53 2015] <benzrf> * has finally buckled and is installing proof general
[Wed Jan  7 17:47:01 2015] <benzrf> is it possible to do literate coq in proof general
[Wed Jan  7 17:49:55 2015] <johnw> what is "literate coq"?
[Wed Jan  7 17:50:08 2015] <johnw> and yay on the proof general :)
[Wed Jan  7 17:50:09 2015] <johnw>  
[Wed Jan  7 17:50:48 2015] <arvisrend> [23:49] johnw: what is "literate coq"?
[Wed Jan  7 17:50:50 2015] <arvisrend> fucking hell
[Wed Jan  7 17:50:57 2015] <arvisrend> it pains me that this is a non-notion
[Wed Jan  7 17:51:22 2015] <johnw> let me rephrase
[Wed Jan  7 17:51:33 2015] <johnw> I'm used to liberally annotating my Coq code using coqdoc notations inside comments
[Wed Jan  7 17:51:44 2015] <johnw> I want to know if he means a special kind of syntax aside from this
[Wed Jan  7 17:51:53 2015] <benzrf> well
[Wed Jan  7 17:52:01 2015] <arvisrend> i have searched for some kind of standards for this for a while
[Wed Jan  7 17:52:08 2015] <arvisrend> nothing, at least nothing that shows up in google
[Wed Jan  7 17:52:15 2015] <benzrf> literally all i mean is being able to put > in front of code lines and otherwise be ignored :)
[Wed Jan  7 17:52:15 2015] <johnw> I've been copying what Adam did to produce his CPDT book
[Wed Jan  7 17:53:32 2015] <johnw> benzrf: every instance of the words "literate coq" that I can find on the Web just refer to comments surrounding Coq code, not to bird-track style syntax
[Wed Jan  7 17:53:36 2015] <arvisrend> oh nice i haven't seen this book so far
[Wed Jan  7 17:53:47 2015] <johnw> it's quite good, arvisrend!  I recommend it
[Wed Jan  7 17:54:05 2015] <johnw> also, if you haven't seen it yet, this one is excellent: http://ilyasergey.net/pnp/
[Wed Jan  7 17:54:16 2015] <benzrf> johnw: i mean that's fine, it's just
[Wed Jan  7 17:54:16 2015] <arvisrend> i hope it's not too emacs-centered though
[Wed Jan  7 17:54:21 2015] <arvisrend> thanks!
[Wed Jan  7 17:54:33 2015] <arvisrend> oh WOW
[Wed Jan  7 17:54:38 2015] <arvisrend> they use ssreflect?
[Wed Jan  7 17:54:43 2015] <johnw> yeah
[Wed Jan  7 17:54:49 2015] <benzrf> johnw: (* is a huge pain to type, having to close all of my comments is annoying, and i'll have far more comment lines than non comment lines
[Wed Jan  7 17:54:52 2015] <benzrf> well
[Wed Jan  7 17:54:53 2015] <benzrf> maybe not FAR more
[Wed Jan  7 17:55:01 2015] <johnw> (* and *) is harder to type than > 18 times?
[Wed Jan  7 17:55:02 2015] <arvisrend> thank you!
[Wed Jan  7 17:55:11 2015] <johnw> arvisrend: you like ssreflect?
[Wed Jan  7 17:55:16 2015] <benzrf> johnw: (* and *) 18 times is harder than > 18 times, yes
[Wed Jan  7 17:55:30 2015] <benzrf> johnw: in fact it would be (* and *) /19/ times because fencepost
[Wed Jan  7 17:55:31 2015] <johnw> use (* *) to enclose the whole documentation block
[Wed Jan  7 17:55:38 2015] <benzrf> johnw: i was thinking interspersed, though
[Wed Jan  7 17:55:41 2015] <benzrf> like,
[Wed Jan  7 17:55:52 2015] <arvisrend> speaking of tutorials, does anyone know of something noob-readable about setoids?
[Wed Jan  7 17:55:59 2015] <johnw> benzrf: so, in Emacs, you type M-; to introduce a comment, which inserts (* *) for you
[Wed Jan  7 17:56:13 2015] <johnw> arvisrend: specifically using setoids in Coq?
[Wed Jan  7 17:56:16 2015] <arvisrend> yes
[Wed Jan  7 17:56:59 2015] <arvisrend> "Linux and Mac OS X users can compile Coq 8.4 and SSReflect from sources, which
[Wed Jan  7 17:56:59 2015] <arvisrend> would take around two hours of their time. "
[Wed Jan  7 17:57:00 2015] <arvisrend> what the hell
[Wed Jan  7 17:57:03 2015] <arvisrend> two hours? two days rather
[Wed Jan  7 17:57:10 2015] <johnw> hahah
[Wed Jan  7 17:57:13 2015] <benzrf> We prove this by functional extensionality
[Wed Jan  7 17:57:13 2015] <benzrf> > extensionality arg.
[Wed Jan  7 17:57:14 2015] <benzrf> ...
[Wed Jan  7 17:57:14 2015] <benzrf> This equality is trivial.
[Wed Jan  7 17:57:15 2015] <benzrf> > reflexivity.
[Wed Jan  7 17:57:17 2015] <johnw> it certainly doesn't take me two days or two hours
[Wed Jan  7 17:57:20 2015] <johnw> it takes about 15 mins
[Wed Jan  7 17:57:33 2015] <arvisrend> wow, then something is seriously fucked with my virtualbox
[Wed Jan  7 17:57:41 2015] <johnw> oh, in virtualbox maybe it would take 2 hours
[Wed Jan  7 17:57:50 2015] <johnw> benzrf: Emacs allows you to automate nearly anything
[Wed Jan  7 17:57:52 2015] <arvisrend> COQC is taking the most time
[Wed Jan  7 17:58:01 2015] <arvisrend> and ocamlopt is installed and is being used
[Wed Jan  7 17:58:26 2015] <johnw> sadly, the only real resource I know of on setoids is the reference manual:
[Wed Jan  7 17:58:27 2015] <johnw> https://coq.inria.fr/refman/Reference-Manual029.html
[Wed Jan  7 17:58:32 2015] <johnw> I wish there was something gentler
[Wed Jan  7 17:58:41 2015] <johnw> perhaps the end of http://www.labri.fr/perso/casteran/CoqArt/TypeClassesTut/typeclassestut.pdf
[Wed Jan  7 17:58:52 2015] <arvisrend> thank you
[Wed Jan  7 17:59:18 2015] <johnw> (* benzrf proves this by functional extensionality *)
[Wed Jan  7 17:59:19 2015] <johnw> extensionality arg.
[Wed Jan  7 17:59:29 2015] <johnw> (* This equality is decidely NOT trivial. *)
[Wed Jan  7 17:59:33 2015] <johnw> hahahah.
[Wed Jan  7 17:59:39 2015] <johnw> tomato tomato
[Wed Jan  7 18:01:01 2015] <benzrf> but johnw
[Wed Jan  7 18:01:12 2015] <johnw> but, but, but, benzrf
[Wed Jan  7 18:01:14 2015] <benzrf> then i have to type (**) for every > i previously had to
[Wed Jan  7 18:01:20 2015] <johnw> don't type (* *)
[Wed Jan  7 18:01:22 2015] <benzrf> god knows im lazy
[Wed Jan  7 18:01:22 2015] <johnw> type M-;
[Wed Jan  7 18:01:28 2015] <benzrf> b-but i use vim
[Wed Jan  7 18:01:33 2015] <johnw> not if you use Proof General
[Wed Jan  7 18:01:54 2015] <benzrf> t_t
[Wed Jan  7 18:23:23 2015] <benzrf> argh
[Wed Jan  7 18:23:28 2015] <benzrf> i dont know any of the keybinds
[Wed Jan  7 18:58:14 2015] <chirpsalot> benzrf: use one of the many vim emulation things in emacs?
[Wed Jan  7 18:58:24 2015] <chirpsalot> Not sure how well they play with ProofGeneral.
[Wed Jan  7 19:01:36 2015] <benzrf> bleh
[Wed Jan  7 19:04:27 2015] <chirpsalot> benzrf: it's probably worth biting the bullet just for ProofGeneral.
[Wed Jan  7 19:05:50 2015] <benzrf> yeah
[Thu Jan  8 09:13:02 2015] <arvisrend> how do i close a Module in coq?
[Thu Jan  8 09:13:38 2015] <arvisrend> ah, "End"
[Thu Jan  8 11:53:56 2015] <Choups314> Hi, is it possible to add extra HTML content (in <header></header>) in the coqdoc output ? (When it generates html pages)
[Thu Jan  8 11:54:21 2015] <Choups314> For example, to include another css file or a javascript file
[Thu Jan  8 12:02:10 2015] <Choups314> Obviously the HTML header is hard-coded in the coqdoc source ..
[Thu Jan  8 14:03:30 2015] <johnw> Coq is really teaching me the express power of relating things to and from natural numbers
[Thu Jan  8 14:03:33 2015] <johnw> expressive
[Thu Jan  8 14:09:22 2015] <dmbaturin> https://bpaste.net/show/8ebaf31dbf29 I'm trying to write a proof that length (xs ++ ys) = length xs + length ys. What is the proper way to introduce the base case here and why I'm getting the "no interpretation for string" error?
[Thu Jan  8 14:10:03 2015] <arvisrend> have you imported the Case voodoo?
[Thu Jan  8 14:12:44 2015] <dmbaturin> I'm a noob, excuse my ignorance. What exactly am I supposed to import?
[Thu Jan  8 14:13:54 2015] <arvisrend> you're reading sf, right?
[Thu Jan  8 14:14:09 2015] <arvisrend> "Require Export Induction." should do it then
[Thu Jan  8 14:14:22 2015] <dmbaturin> Oh, wait. I see what I missed.
[Thu Jan  8 14:14:33 2015] <arvisrend> oh also
[Thu Jan  8 14:14:34 2015] <arvisrend> intros X ?
[Thu Jan  8 14:14:44 2015] <arvisrend> or are types automatically introd?
[Thu Jan  8 14:15:16 2015] <arvisrend> ah no they aren't
[Thu Jan  8 14:15:18 2015] <arvisrend> that's your error
[Thu Jan  8 14:18:10 2015] <dmbaturin> Yes, that's my error too.
[Thu Jan  8 15:07:34 2015] <dmbaturin> https://bpaste.net/show/bb62bfd948d6  Why is it impossible to unify?
[Thu Jan  8 15:10:18 2015] <dmbaturin> On a blackboard I would say it's true because + is commutative, how do I say it in coq?
[Thu Jan  8 15:10:33 2015] <dmbaturin> Or I'm missing something else here?
[Thu Jan  8 15:16:46 2015] <arvisrend> a+b+c means (a+b)+c
[Thu Jan  8 15:16:54 2015] <arvisrend> so you'll have to rewrite both sides by associativity first
[Thu Jan  8 16:12:48 2015] <dmbaturin> arvisrend: How do I apply something to both sides? Also, should I use the plus_assoc lemma from Arith.Plus for rewrites or something else?
[Thu Jan  8 16:14:00 2015] <johnw> "apply something to both sides"?
[Thu Jan  8 16:14:21 2015] <dmbaturin> Coq makes me feel dumb (maybe it's a good thing).
[Thu Jan  8 16:14:39 2015] <johnw> that's a good thing, if you want to be learning
[Thu Jan  8 16:16:01 2015] <arvisrend> rewrite -> or <- plus_assoc
[Thu Jan  8 16:16:02 2015] <dmbaturin> johnw: I'm stuck at "foo x + foo y + 1 = foo x + 1 + foo y" where I want to apply reflexivity.
[Thu Jan  8 16:16:15 2015] <arvisrend> or, if this doesn't do the trick, be more explicit
[Thu Jan  8 16:16:25 2015] <arvisrend> rewrite -> (plus_assoc (foo x) (foo y) 1)
[Thu Jan  8 16:16:31 2015] <arvisrend> rewrite -> (plus_assoc (foo x) 1 (foo y))
[Thu Jan  8 16:16:34 2015] <arvisrend> or <- if this doesn't work
[Thu Jan  8 16:16:44 2015] <arvisrend> (i can't remmeber which side it is)
[Thu Jan  8 16:17:05 2015] <johnw> dmbaturin: plus_assoc, selecting the 2nd instance
[Thu Jan  8 16:17:17 2015] <johnw> then plus_comm, selecting the 4th instance
[Thu Jan  8 16:17:29 2015] <johnw> then <- plus_assoc, and reflexivity
[Thu Jan  8 16:21:15 2015] <dmbaturin> "simpl. rewrite -> IHxs. rewrite <- plus_assoc. reflexivity." gives me the same "Impossible to unify "length xs + 1 + length ys" with "length xs + (length ys + 1)"
[Thu Jan  8 16:21:40 2015] <johnw> you still need plus_comm
[Thu Jan  8 16:21:42 2015] <johnw> and plus_assoc
[Thu Jan  8 16:21:48 2015] <johnw> and, you need to target them to the right places
[Thu Jan  8 16:22:08 2015] <johnw> although, maybe regular Coq is only applying it to the right-hand side
[Thu Jan  8 16:23:30 2015] <dmbaturin> Regular?
[Thu Jan  8 16:23:54 2015] <johnw> i use ssreflect, so the rewriting machinery is a bit different
[Thu Jan  8 16:24:13 2015] <dmbaturin> With simpl. rewrite -> IHxs. rewrite <- plus_assoc. rewrite <- plus_comm. I get Impossible to unify "length xs + 1 + length ys" with "length ys + 1 + length xs".
[Thu Jan  8 16:24:37 2015] <dmbaturin> Which is slightly better though.
[Thu Jan  8 16:24:41 2015] <johnw> you'll need plus_assoc twice
[Thu Jan  8 16:24:48 2015] <johnw> once in -> direction, and once in <-
[Thu Jan  8 16:24:58 2015] <johnw> then, you'll need to specify that you want to rewrite the second instance of plus_comm
[Thu Jan  8 16:25:04 2015] <johnw> you can't just say "rewrite plus_comm"
[Thu Jan  8 16:26:08 2015] <dmbaturin> That's the part I'm lost at. How do I apply the tactic to the second isntance?
[Thu Jan  8 16:26:17 2015] <johnw> probably: rewrite plus_comm at 2
[Thu Jan  8 16:26:36 2015] <johnw> in my world it would be: rewrite [1 + _]plus_comm
[Thu Jan  8 16:27:07 2015] <dmbaturin> <- is LHS and -> is RHS?
[Thu Jan  8 16:27:23 2015] <johnw> of the lemma yes, not of the goal
[Thu Jan  8 16:27:31 2015] <johnw> i.e., rewrite -> with a = b changes a into b
[Thu Jan  8 16:33:37 2015] <dmbaturin> rewrite <- plus_assoc. rewrite <- plus_assoc. rewrite plus_comm. rewrite plus_comm. gives me Impossible to unify "length xs + (1 + length ys)" with "length xs + (length ys + 1)".
[Thu Jan  8 16:33:45 2015] <dmbaturin> Which is almost complete. :)
[Thu Jan  8 16:34:35 2015] <johnw> your two plus_comm's negated each other
[Thu Jan  8 16:34:43 2015] <johnw> you are still not applying plus_comm to the second intsance
[Thu Jan  8 16:34:46 2015] <johnw> rewrite plum_comm at 2
[Thu Jan  8 16:34:53 2015] <johnw> you should only need to apply it the one time
[Thu Jan  8 16:48:31 2015] <dmbaturin> johnw: Found plus_permute lemma in Arith.Plus, looks like I constructed the right rewrite with it.
[Thu Jan  8 16:48:38 2015] <dmbaturin> Now it compiled successfully.
[Thu Jan  8 16:49:53 2015] <johnw> ah, cool
[Thu Jan  8 16:50:27 2015] <johnw> I guess SearchIso would have found that pretty easily
[Thu Jan  8 16:50:35 2015] <johnw> had you used the search: (_ + (_ + _))
[Thu Jan  8 16:50:39 2015] <johnw> SearchIsos
[Thu Jan  8 16:50:43 2015] <johnw> or SearchRewrite
[Thu Jan  8 16:53:32 2015] <dmbaturin> johnw: https://bpaste.net/show/0d6aef030878 This is how it looks now. Does it look sane?
[Thu Jan  8 16:54:00 2015] <dmbaturin> Also, if it compiles, does it always mean that the proof is correct in some sense? :)
[Thu Jan  8 16:54:18 2015] <johnw> reflexivity implies simpl
[Thu Jan  8 16:54:43 2015] <johnw> using plus_permute feels odd
[Thu Jan  8 16:54:44 2015] <johnw> one sec
[Thu Jan  8 16:56:06 2015] <johnw> um, I didn't need any of those rewrites at all
[Thu Jan  8 16:56:11 2015] <johnw> just "simpl. rewrite -> IHxs. reflexivity."
[Thu Jan  8 16:56:22 2015] <johnw> can you give me your definition of append?
[Thu Jan  8 16:56:30 2015] <johnw> I tried just using "app"
[Thu Jan  8 16:56:34 2015] <dmbaturin> The whole thing after IH rewrite feels odd to me. Is fiddling with tactics to make them match the goal a normal thing or something pathological?
[Thu Jan  8 16:56:37 2015] <dmbaturin> Sure, hold on.
[Thu Jan  8 16:56:52 2015] <johnw> well, you are doing too much rewriting, instead of being surgical
[Thu Jan  8 16:56:56 2015] <johnw> otherwise, it's not abnormal
[Thu Jan  8 16:57:24 2015] <benzrf> fun idea: "wlog" tactic that splits a conjunction and then makes tactics afterward be applied to both branches
[Thu Jan  8 16:57:33 2015] <johnw> benzrf: it's in ssreflect
[Thu Jan  8 16:57:38 2015] <johnw> with that very name, in fact
[Thu Jan  8 16:57:40 2015] <benzrf> ahaha
[Thu Jan  8 16:57:43 2015] <dmbaturin> What is ssreflect?
[Thu Jan  8 16:57:49 2015] <benzrf> that was about 50% joking on my part
[Thu Jan  8 16:57:56 2015] <johnw> think of it as a different standard library, with a much better rewriting engine
[Thu Jan  8 16:58:00 2015] <dmbaturin> johnw: https://bpaste.net/show/067f2ab75bb9 The whole thing (except for Case magic from SF).
[Thu Jan  8 16:58:32 2015] <johnw> this still worked for me dmbaturin: https://gist.github.com/3d3f74d3e756cab060d5
[Thu Jan  8 16:58:47 2015] <johnw> also "rewrite ->" is the same as just "rewrite"
[Thu Jan  8 16:58:54 2015] <johnw> after the rewrite IHxs, I get: S (length xs + length ys) = S (length xs + length ys)
[Thu Jan  8 16:58:58 2015] <benzrf> wait, so
[Thu Jan  8 16:59:10 2015] <benzrf> nvm
[Thu Jan  8 16:59:20 2015] <benzrf> was gonna ask what ssreflect was exactly
[Thu Jan  8 16:59:41 2015] <Choups314> Hello, I really need your help ! (It drives me crazy ^^). I have two basics files (with definitions) : one depends on the other. When I import them (Require Import ...), I can use definitions of the first one (With no deps), but in the other one it complains : The reference "..." was not found in the current environment
[Thu Jan  8 17:00:08 2015] <johnw> Require Export
[Thu Jan  8 17:00:18 2015] <johnw> if I understand you correctly
[Thu Jan  8 17:00:20 2015] <dmbaturin> johnw: Interesting. What is your coq version?
[Thu Jan  8 17:00:24 2015] <johnw> 8.4pl4
[Thu Jan  8 17:00:27 2015] <johnw> no, 8.4pl5
[Thu Jan  8 17:00:28 2015] <dmbaturin> This is mine: The Coq Proof Assistant, version 8.4pl4 (June 2014)
[Thu Jan  8 17:01:08 2015] <dmbaturin> Also, ssreflect is to coq as core or batteries are to ocaml? :)
[Thu Jan  8 17:01:19 2015] <johnw> i don't know ocaml at all!
[Thu Jan  8 17:01:49 2015] <johnw> I bet you if I saw any of that code my first reaction would be that it looks like Gallina :)
[Thu Jan  8 17:02:50 2015] <arcatan> core is alternative standard library to ocaml + some tools, so in that way it's similar to ssreflect and coq
[Thu Jan  8 17:02:54 2015] <Choups314> johnw: Here are the files : http://pastebin.com/cT1RaJ7G  http://pastebin.com/ULX10HGX
[Thu Jan  8 17:03:12 2015] <johnw> I still don't understand Choups314
[Thu Jan  8 17:03:20 2015] <johnw> arcatan: ah, that sounds very similar then
[Thu Jan  8 17:03:42 2015] <Choups314> (sorry, there are a lot of comments, I just want to [Require Import sequences] and be able to use the [Un_limit] definition)
[Thu Jan  8 17:03:45 2015] <johnw> also, ssreflect emphasizes the use of computable, decidable predicate, with reflections into Prop, rather than using inductive predicates as much as the stdlib does
[Thu Jan  8 17:04:03 2015] <johnw> Choups314: where and why can't you use it?
[Thu Jan  8 17:04:40 2015] <Choups314> " Error: The reference Un_limit was not found in the current environment. "
[Thu Jan  8 17:05:15 2015] <johnw> what file is saying that?
[Thu Jan  8 17:05:52 2015] <Choups314> Let's say I have a file called tmp.v containing http://pastebin.com/7ZCmJSpe
[Thu Jan  8 17:06:02 2015] <Choups314> This file produces the error
[Thu Jan  8 17:06:26 2015] <johnw> your pastes before didn't have filenames
[Thu Jan  8 17:06:30 2015] <johnw> so I'm sorry, but I'm still very confused
[Thu Jan  8 17:06:42 2015] <Choups314> reals.v : http://pastebin.com/cT1RaJ7G
[Thu Jan  8 17:06:49 2015] <Choups314> sequences.v : http://pastebin.com/ULX10HGX
[Thu Jan  8 17:06:57 2015] <Choups314> Both compile fine
[Thu Jan  8 17:07:01 2015] <johnw> so, sequences defines something
[Thu Jan  8 17:07:06 2015] <johnw> but when you import sequences, you can't see it
[Thu Jan  8 17:07:10 2015] <Choups314> Yes, it defines Un_limit
[Thu Jan  8 17:07:31 2015] <johnw> are you sure you're importing the file that you think you are?
[Thu Jan  8 17:07:37 2015] <johnw> nothing else anywhere on the system has that same name?
[Thu Jan  8 17:07:48 2015] <Choups314> huu ..
[Thu Jan  8 17:07:52 2015] <Choups314> sequences ?
[Thu Jan  8 17:08:01 2015] <johnw> in some Coq library for example
[Thu Jan  8 17:08:21 2015] <Choups314> I check ..
[Thu Jan  8 17:08:26 2015] <johnw> for example, copy sequences.v to FooBarBaz.v
[Thu Jan  8 17:08:33 2015] <johnw> and then import that from your test.v
[Thu Jan  8 17:08:55 2015] <johnw>  because ordinarily, dealing with imports and exports in Coq should be dead simple
[Thu Jan  8 17:09:13 2015] <Choups314> :o That was the problem .. Thanks ! ^^
[Thu Jan  8 17:09:19 2015] <Choups314> It drove me crazy ^^
[Thu Jan  8 17:09:22 2015] <johnw> heh, been there :)
[Thu Jan  8 17:09:58 2015] <Choups314> Probably in the stdlib .. Are the lib filename case-sensitive ?
[Thu Jan  8 17:10:05 2015] <johnw> I don't even know!
[Thu Jan  8 17:10:31 2015] <Choups314> Yeah, "sequences" is a very common name in fact ..
[Thu Jan  8 17:13:35 2015] <dmbaturin> johnw: Tried the same theorem with app and length from the List module, just reflexivity works there.
[Thu Jan  8 17:13:56 2015] <johnw> sometimes the way you write things can make it harder for simplification to do its job
[Thu Jan  8 17:14:10 2015] <dmbaturin> Guess I should go read the module and check what's the difference with my list rewrite.
[Thu Jan  8 17:14:26 2015] <johnw>  I found that with some of my functions, if I take time to rewrite them into the simplest form possible, all of a sudden a lot of my proofs get a lot easier to get through
[Thu Jan  8 17:20:09 2015] <dmbaturin> I'm still to learn to recognize the simplest possible form though, as I'm barely familiar with both the syntax and semantics. :)
[Thu Jan  8 17:22:39 2015] <johnw> yeah, it takes time
[Thu Jan  8 22:23:20 2015] <thinkpad20> Is there a way to prove in Coq that `(forall x, f x = g x) -> f = g`?
[Thu Jan  8 22:25:24 2015] <thinkpad20> I ask because there are times when I'm trying to prove two functions are equal (e.g. `fmap (f . g) = fmap f . fmap g` for functors). It's more elegant to express the theorems point-free, but I'd love something like the above lemma when proving
[Thu Jan  8 22:26:30 2015] <thinkpad20> Because then I could just write `apply function_uniqueness` or whatever and my goal would be changed to `fmap (f . g) x = (fmap f . fmap g) x`, for example
[Thu Jan  8 22:27:55 2015] <vanila> you can't prove that, would have to add it as an axiom
[Thu Jan  8 22:28:30 2015] <vanila> you could maybe define a new operation f == g meaning forall x, f x = g y to write the statements pointfree
[Thu Jan  8 22:28:55 2015] <thinkpad20> Is there a better way to prove equality of functions? Or is it "acceptable" to add that axiom?
[Thu Jan  8 22:29:03 2015] <johnw> prove it?  you cannot
[Thu Jan  8 22:29:09 2015] <johnw> it's acceptable
[Thu Jan  8 22:29:33 2015] <johnw> there are other theories, like HoTT, that will let you prove that theorem; but to do so you'll just need to axiomatize something even more fundamental
[Thu Jan  8 22:29:45 2015] <vanila> adding the axiom doens't make the logic inconsistent
[Thu Jan  8 22:29:51 2015] <thinkpad20> What does HoTT give you that lets you prove that?
[Thu Jan  8 22:29:52 2015] <vanila> but it has no computational content
[Thu Jan  8 22:30:00 2015] <johnw> right, it's a safe axiom to add that most people regard as a no-brainer
[Thu Jan  8 22:30:06 2015] <johnw> the univalence axiom
[Thu Jan  8 22:30:19 2015] <thinkpad20> Oh awesome, it even has a name :)
[Thu Jan  8 22:30:22 2015] <vanila> so its best to avoid it if possible
[Thu Jan  8 22:30:38 2015] <johnw> in my linearscan work, funext is the only axiom I admit
[Thu Jan  8 22:30:46 2015] <thinkpad20> Why is that?
[Thu Jan  8 22:30:54 2015] <thinkpad20> I mean why avoid it
[Thu Jan  8 22:30:54 2015] <johnw> and only because it makes proving the monad laws *so* much more convenient
[Thu Jan  8 22:31:01 2015] <johnw> than having to pull in setoids everywhere, and, bleh
[Thu Jan  8 22:31:04 2015] <johnw> so, my reason was laziness
[Thu Jan  8 22:31:11 2015] <johnw> avoiding axioms is good hygiene
[Thu Jan  8 22:31:25 2015] <johnw> you can ask Coq to tell you what all axioms you've pulled in
[Thu Jan  8 22:31:47 2015] <johnw>  and ask him always makes what you prove, in some sense, conditional
[Thu Jan  8 22:31:51 2015] <johnw> "an axiom"
[Thu Jan  8 22:32:15 2015] <thinkpad20> it certainly seems like a good idea to avoid axioms, but how else to prove function equality? Other than syntactic equality
[Thu Jan  8 22:32:51 2015] <johnw> you can't
[Thu Jan  8 22:32:57 2015] <johnw> because it's an undecidable problem
[Thu Jan  8 22:33:13 2015] <thinkpad20> Ahh, in the general case you mean
[Thu Jan  8 22:33:32 2015] <johnw> The only way to prove that two functions at the same definition, is to prove that for every single argument that have the same result.  But how can you prove that in general?
[Thu Jan  8 22:33:42 2015] <johnw> yeah, exactly :)
[Thu Jan  8 22:33:51 2015] <johnw>  Now, there are other approaches
[Thu Jan  8 22:34:26 2015] <thinkpad20> such as?
[Thu Jan  8 22:34:31 2015] <johnw>  one is to use functional extensionality only in the specific cases where you know the two functions involved.  This is what ssreflect does, to give you something that works just like general functional extensionality most of the time
[Thu Jan  8 22:34:36 2015] <vanila> I showed one way already
[Thu Jan  8 22:34:59 2015] <johnw> another is to take the functional extensionality witness as an argument to your function, rather than axiomatizing it  globally
[Thu Jan  8 22:35:19 2015] <thinkpad20> right thanks vanila
[Thu Jan  8 22:35:33 2015] <johnw> (or, as a Hypothesis within your section)
[Thu Jan  8 22:35:44 2015] <johnw>  that way, it's up to the caller to know whether those two functions are equal
[Thu Jan  8 22:35:58 2015] <thinkpad20> Oh right like proofs that take excluded middle as an argument
[Thu Jan  8 22:36:18 2015] <johnw> yep
[Thu Jan  8 22:36:19 2015] <thinkpad20> (theorems I should say)
[Thu Jan  8 22:36:31 2015] <thinkpad20> by the way is this john from chicago?
[Thu Jan  8 22:36:38 2015] <johnw> I'm John Wiegley from Peoria
[Thu Jan  8 22:36:41 2015] <johnw> south of Chicago
[Thu Jan  8 22:36:53 2015] <thinkpad20> yeah! I was at the Haskell meetup where you talked about coq
[Thu Jan  8 22:37:02 2015] <thinkpad20> I've been hooked ever since
[Thu Jan  8 22:37:12 2015] <johnw> oh, cool!!
[Thu Jan  8 22:37:18 2015] <johnw> what was your name again?
[Thu Jan  8 22:37:22 2015] <thinkpad20> Allen
[Thu Jan  8 22:37:33 2015] <thinkpad20> Friend of David's
[Thu Jan  8 22:37:43 2015] <thinkpad20> he's who got me into Haskell way back when :P
[Thu Jan  8 22:37:48 2015] <johnw> I could sense the appeal of Nix in the room, but I wasn't sure that I had really gotten anyone interested about Coq
[Thu Jan  8 22:37:58 2015] <johnw>  nice to meet you again
[Thu Jan  8 22:38:14 2015] <thinkpad20> yeah it definitely interested me. I'm hoping to go to oregon this summer
[Thu Jan  8 22:38:33 2015] <johnw> oh cool!  I have already told work I intend to go
[Thu Jan  8 22:38:43 2015] <johnw> if so, we'll definitely have to share a few meals
[Thu Jan  8 22:39:03 2015] <thinkpad20> Yeah for sure. I went to their website and it looks like registration isn't open yet... or at least they didn't say anything that I could find
[Thu Jan  8 22:39:45 2015] <thinkpad20> I've been going through a lot of the lectures on youtube, from 2012 I think
[Thu Jan  8 22:39:56 2015] <johnw> that will be good preparation
[Thu Jan  8 22:40:01 2015] <johnw> I went a little too unprepared the first time
[Thu Jan  8 22:40:10 2015] <thinkpad20> it's a little slow going, I'm definitely glad I'm going through it now
[Thu Jan  8 22:40:18 2015] <johnw> it was like the lecturer literally had a firehose and I was trying to stay in my seat
[Thu Jan  8 22:40:27 2015] <thinkpad20> hahaha indeed
[Thu Jan  8 22:40:51 2015] <thinkpad20> Frank's lectures are particularly tough for me
[Thu Jan  8 22:41:07 2015] <thinkpad20> When he was talking about lax truth and such... I had to watch that one a lot of times
[Fri Jan  9 11:39:04 2015] <dmbaturin> I wonder if I should try proving some free theorems for practice.
[Fri Jan  9 11:39:36 2015] <nkar> free theorems?
[Fri Jan  9 11:41:17 2015] <dmbaturin> Those from P. Wadler's "Theorems for free" 1989 paper.
[Fri Jan  9 11:42:11 2015] <nkar> if you're new to coq, I suggest to do the exercises from software foundations.  this way you can at least be sure that you know the material that's required to solve the exercises
[Fri Jan  9 11:43:52 2015] <nkar> otherwise, it may look more like searching the web rather than proving things
[Fri Jan  9 11:44:00 2015] <dmbaturin> Yeah, I'm reading SF and doing exercises too, but I try to also find different to check if I actually can apply what I learned [more or less] independently.
[Fri Jan  9 11:44:08 2015] <dmbaturin> * different examples
[Fri Jan  9 11:44:53 2015] <nkar> then try to solve similar problems but use the standard library instead
[Fri Jan  9 11:45:01 2015] <nkar> that's what I do in gitorious.org/99-problems
[Fri Jan  9 11:45:13 2015] <dmbaturin> Hhm, good point.
[Fri Jan  9 11:45:22 2015] <nkar> not much code there, though
[Fri Jan  9 11:45:38 2015] <nkar> this way you'll learn the stdlib and coqdoc
[Fri Jan  9 11:46:28 2015] <nkar> as a bonus, you could try to extract haskell code from coq and compare it with the answers
[Fri Jan  9 11:46:41 2015] <nkar> I haven't touched the extractor yet
[Fri Jan  9 11:48:44 2015] <dmbaturin> Me neither. I'm more interested in ocaml extraction though.
[Fri Jan  9 12:21:17 2015] <hodapp> are there good references on the code extractor?
[Fri Jan  9 12:21:46 2015] <hodapp> I'm building CompCert now... which I'd assume has to use it, because it appears to just generate C code that it then uses another compiler to build
[Fri Jan  9 12:22:13 2015] <hodapp> but I'm also sort of curious how something like http://plv.csail.mit.edu/bedrock/ fits into this
[Fri Jan  9 12:25:17 2015] <hodapp> perhaps it simply doesn't
[Fri Jan  9 12:50:29 2015] <dmbaturin> nkar: Which 99 problems are you porting to coq in your projects?
[Fri Jan  9 12:51:05 2015] <dmbaturin> I know of several similar but not identical collections under this "trademark".
[Fri Jan  9 13:00:01 2015] <notdan> https://www.haskell.org/haskellwiki/H-99:_Ninety-Nine_Haskell_Problems
[Fri Jan  9 13:02:33 2015] <hodapp> or, maybe I'm an idiot, and Coq doesn't actually extract C code. yes, that is more likely.
[Fri Jan  9 13:04:23 2015] <notdan> I think it only extracts to OCaml, Haskell, and Scheme (?)
[Fri Jan  9 13:05:25 2015] <hodapp> notdan: yes.
[Fri Jan  9 13:05:41 2015] <hodapp> notdan: for some reason I had it in my head that it generated C.
[Fri Jan  9 13:13:23 2015] <johnw> hodapp: bedrock is sort of for writing formalized assembly
[Fri Jan  9 13:13:27 2015] <johnw> there is also Ynot
[Fri Jan  9 13:13:29 2015] <dmbaturin> hodapp: CompCert uses ocaml extraction as I understand.
[Fri Jan  9 13:13:40 2015] <hodapp> dmbaturin: I was confused because it looked for GCC in ./configure.
[Fri Jan  9 13:13:43 2015] <johnw> and definitely check out Verasco too, if you're into CompCert
[Fri Jan  9 13:16:11 2015] <hodapp> johnw: neat, thanks
[Fri Jan  9 13:58:27 2015] <nkar> dmbaturin: notdan is right.  it's mentioned in the readme file
[Fri Jan  9 14:06:12 2015] <jgross> hodapp: We're currently working on integrating higher-level langauges into the pipeline.   See http://plv.csail.mit.edu/fiat/ 
[Fri Jan  9 14:07:23 2015] <hodapp> jgross: PM confused me because I said something in another channel for which your message sort of kind of would have applied :)
[Fri Jan  9 14:08:04 2015] <hodapp> jgross: this looks neat, and good to see that Adam Chlipala is generating yet more work before I've even had a chance to read CPDT
[Fri Jan  9 14:08:26 2015] <johnw> jgross: interesting!  thanks for pointing this out
[Fri Jan  9 14:08:53 2015] <hodapp> I might show this to the Comp Sci professor at university just to annoy him
[Fri Jan  9 14:09:00 2015] <hodapp> he only wants to use Cryptol, ACL2, and SAT/SMT solvers
[Fri Jan  9 14:09:13 2015] <hodapp> anything else is a silly fad
[Fri Jan  9 14:09:13 2015] <johnw> would he like Liquid Haskell then?
[Fri Jan  9 14:09:22 2015] <jgross> There'll be a presentation on it at POPL, and, if all goes well, another paper in PLDI. 
[Fri Jan  9 14:09:23 2015] <hodapp> he'd probably call it a silly fad
[Fri Jan  9 14:10:54 2015] <dmbaturin> nkar: Oh, yeah, I missed it. Thanks.
[Fri Jan  9 14:11:07 2015] <jgross> hodapp: ha!  One of Adam's ideas is that SAT/SMT solvers should be replced by verified roll-your-own synthesized domain-specific compilers/verifiers, and that you shouldn't have to shoehorn your problem into a SAT/SMT problem to get your verifier to accept it. 
[Fri Jan  9 14:11:48 2015] <hodapp> jgross: this professor's life work appears to be SAT/SMT.
[Fri Jan  9 14:12:39 2015] <hodapp> jgross: so the verifiers/compilers themselves should be synthesized?
[Fri Jan  9 14:14:20 2015] <johnw> Ben Delawere would be a perfect person to play a movie adaption of The Count from Sesame Street
[Fri Jan  9 14:14:48 2015] <johnw> I can almost hear him saying, "Two, two verified types!  Muhahahaha"
[Fri Jan  9 14:16:22 2015] <jgross> hodapp: Hmmm, that doesn't seem quite right, so perhaps I'm misrepresenting it.  The current state of the project (or current ideal) is that the compiler should be extensible with custom scripts to synthesize code from your spec, and the framework will be able to glue various bits together automatically, and ensure that everything in the compilation chain is appropriately verified. 
[Fri Jan  9 14:16:25 2015] <Choups314> Is it possible to define a Notation depending on the type ?
[Fri Jan  9 14:16:38 2015] <jgross> johnw: Shall I tell him you said that? :-) 
[Fri Jan  9 14:16:48 2015] <johnw> use your best judgment :)
[Fri Jan  9 14:17:10 2015] <Choups314> (For example, something like : [Notation "a = b" := eq_special a b] only if b has a special type)
[Fri Jan  9 14:17:10 2015] <johnw> he looks like he has a sense of humor
[Fri Jan  9 14:17:54 2015] <jgross> Choups314: Use coercions or typeclasses? See https://github.com/HoTT/HoTT/blob/master/theories/categories/Comma/Core.v#L338 (and below) for the coercions version. 
[Fri Jan  9 14:18:52 2015] <jgross> And here's a variant that uses trunk's tactics-in-terms: https://github.com/JasonGross/HoTT/blob/improve-comma-notation/theories/categories/Comma/Core.v#L284 
[Fri Jan  9 14:19:28 2015] <johnw> jgross: it would be nice if your tarball 1) didn't include ._* files, and 2) unpacked into a "fiat" directory
[Fri Jan  9 14:20:15 2015] <jgross> And here's typeclasses: https://github.com/HoTT/HoTT/blob/master/theories/categories/LaxComma/Core.v#L177 
[Fri Jan  9 14:20:19 2015] <johnw> in just a moment, you'll be packaged in Nix
[Fri Jan  9 14:20:57 2015] <jgross> johnw: I'll let the group know. 
[Fri Jan  9 14:21:14 2015] <johnw> about the packaging, I hope, not about resemblances to certain fictional vampires
[Fri Jan  9 14:21:55 2015] <jgross> Indeed.  I'll share that one only with Ben; I think he'll be amused. 
[Fri Jan  9 14:23:02 2015] <johnw> tell Adam that bedrock is in Nix too
[Fri Jan  9 14:23:08 2015] <johnw> although I had to disable running full tests
[Fri Jan  9 14:23:12 2015] <ezyang> oh nice!
[Fri Jan  9 14:25:03 2015] <hodapp> jgross: ahh, that makes sense then!
[Fri Jan  9 14:26:27 2015] <hodapp> one of these days I need to read about what appeals to people about Nix/NixOS.
[Fri Jan  9 14:26:47 2015] <Choups314> Sorry if you said something, my connection timed out ..
[Fri Jan  9 14:26:49 2015] <johnw> functional, immutable data store, reproducible builds, rollbacks, declarative syntax, etc.
[Fri Jan  9 14:27:03 2015] <johnw> builds are just functions (same inputs give same outputs)
[Fri Jan  9 14:28:26 2015] <jgross> Choups314: Let me resend my answers 
[Fri Jan  9 14:28:49 2015] <jgross> Choups314: Use coercions or typeclasses? See https://github.com/HoTT/HoTT/blob/master/theories/categories/Comma/Core.v#L338 (and below) for the coercions version. 
[Fri Jan  9 14:28:59 2015] <jgross> And here's a variant that uses trunk's tactics-in-terms: https://github.com/JasonGross/HoTT/blob/improve-comma-notation/theories/categories/Comma/Core.v#L284 
[Fri Jan  9 14:29:07 2015] <jgross> And here's typeclasses: https://github.com/HoTT/HoTT/blob/master/theories/categories/LaxComma/Core.v#L177 
[Fri Jan  9 14:30:05 2015] <johnw> jgross: after using all three, which do you prefer and why?
[Fri Jan  9 14:31:08 2015] <dmbaturin> hodapp: Mostly the package manager that makes package installation and upgrade atomic.
[Fri Jan  9 14:31:25 2015] <dmbaturin> At least this is what appeals to me. :)
[Fri Jan  9 14:34:20 2015] <dmbaturin> Can anyone recommend good introductory type theory reading? All my knowledge of type systems is way too informal.
[Fri Jan  9 14:34:44 2015] <ezyang> dependent types or normal types
[Fri Jan  9 14:35:04 2015] <dmbaturin> Starting with normal I guess.
[Fri Jan  9 14:35:56 2015] <johnw> Peirce's book
[Fri Jan  9 14:36:00 2015] <johnw> Types and Programming Languages
[Fri Jan  9 14:36:09 2015] <hodapp> dmbaturin: alright, good to know.
[Fri Jan  9 14:36:11 2015] <johnw> stick through the first three chapters, they are somewhat dry
[Fri Jan  9 14:36:17 2015] <johnw> then it gets really good
[Fri Jan  9 14:36:22 2015] <hodapp> type theory? dry? NEVER!
[Fri Jan  9 14:36:23 2015] <jgross> I think the first chapter or two of the HoTT book might be decent for dependent types?	(Especially if you have a strong mathemtical background) 
[Fri Jan  9 14:36:28 2015] <dmbaturin> Thanks, will have a look.
[Fri Jan  9 14:36:28 2015] <notdan> Yves Girard's Proofs and Types
[Fri Jan  9 14:36:36 2015] <notdan> is a good book
[Fri Jan  9 14:36:40 2015] <hodapp> my copy of HoTT ships soon. My maths background is a bit limited though...
[Fri Jan  9 14:37:00 2015] <hodapp> undergrad was EE, so a lot of calculus and linear algebra
[Fri Jan  9 14:37:11 2015] <johnw> as someone not having a strong mathematical background, I'd say the first two of HoTT is far too dense
[Fri Jan  9 14:37:36 2015] <hodapp> I asked the same old CS professor what he thought of HoTT. He said something along the lines of "BAH HUMBUG".
[Fri Jan  9 14:37:42 2015] <notdan> Type Theory and Functional Programming: https://www.cs.kent.ac.uk/people/staff/sjt/TTFP/ttfp.pdf
[Fri Jan  9 14:39:10 2015] <hodapp> johnw: well, I might end up filling the margins with notes...
[Fri Jan  9 14:39:42 2015] <johnw> I liked HoTT, but the acceleration curve was too steep; TAPL was much more digestible
[Fri Jan  9 14:41:49 2015] <dmbaturin> My math background is, uhm, a bit skewed towards the infinitesimal side.
[Fri Jan  9 14:42:49 2015] <arvisrend> HoTT is surely not an introduction
[Fri Jan  9 14:42:59 2015] <arvisrend> very little of it is about vanilla type theory
[Fri Jan  9 14:48:55 2015] <dmbaturin> In a sense, I'm catching up on CS education I probably would want to receive way earlier. :)
[Fri Jan  9 14:49:08 2015] <johnw> dmbaturin: are you in the US by chance?
[Fri Jan  9 14:49:14 2015] <dmbaturin> No, I'm in .ru
[Fri Jan  9 14:50:14 2015] <johnw> jgross: BookstoreCache.v no es rapido
[Fri Jan  9 14:52:46 2015] <Choups314> Is it possible to define a notation such as "f -x0-> l", where f x0 and l are variables ?
[Fri Jan  9 14:53:24 2015] <Choups314> Is it possible to define a notation such as "f -x0-> l", where f x0 and l are variables ?
[Fri Jan  9 14:53:29 2015] <johnw> Notation "f - x0 -> l" := (...).
[Fri Jan  9 14:53:37 2015] <johnw> then, when you write it, you can omit the spaces around x0
[Fri Jan  9 14:53:45 2015] <johnw> btw, I use -{x0}->, fwiw
[Fri Jan  9 14:54:16 2015] <johnw> to avoid confusing myself if ever reading x = f - x0 -> ...
[Fri Jan  9 14:54:16 2015] <dmbaturin> By the way, is coq parser verified?
[Fri Jan  9 14:54:38 2015] <ezyang> nah
[Fri Jan  9 14:54:50 2015] <johnw> it doesn't really need to be
[Fri Jan  9 14:55:41 2015] <johnw> ezyang: where are you located?
[Fri Jan  9 14:55:47 2015] <ezyang> Stanford
[Fri Jan  9 14:55:50 2015] <dmbaturin> I guess, still it would be nice if it served as an example of a verified parser.
[Fri Jan  9 14:55:56 2015] <johnw> ah, cool
[Fri Jan  9 14:56:10 2015] <dmbaturin> (I guess it would make it way harder to modify though)
[Fri Jan  9 14:56:11 2015] <johnw> ezyang: I got to play at the same park with SPJ's kids as you did when you were working on backpack :)
[Fri Jan  9 14:56:25 2015] <Choups314> johnw: Thanks
[Fri Jan  9 14:56:49 2015] <dmbaturin> johnw: What are you up to? Organizing a theorem proving event?
[Fri Jan  9 14:56:58 2015] <ezyang> hahaha!
[Fri Jan  9 14:57:08 2015] <ezyang> Man, what a park.
[Fri Jan  9 14:57:09 2015] <johnw> dmbaturin: to what do you refer?
[Fri Jan  9 14:57:14 2015] <ezyang> They don't make 'em like that in the States
[Fri Jan  9 14:57:30 2015] <johnw> ezyang: I ended up inadvertantly stealing someone's bag because I thought it was Simon's; but then I rode back and they were still there, so no harm done
[Fri Jan  9 14:57:39 2015] <dmbaturin> johnw: You are asking where people are located, it made me think you are planning some IRL event or something.
[Fri Jan  9 14:58:10 2015] <johnw> ah, no
[Fri Jan  9 14:58:11 2015] <johnw> I just wonder where people are in case I'm visiting their area
[Fri Jan  9 14:58:11 2015] <johnw> I like meeting FP/typetheory/maths people in RL
[Fri Jan  9 14:58:22 2015] <johnw> I've seen ezyang before, though we haven't spoken much
[Fri Jan  9 14:58:50 2015] <ezyang> Unfortunately people don't put their IRC names on their name badges ;)
[Fri Jan  9 14:59:00 2015] <dmbaturin> I always do.
[Fri Jan  9 14:59:03 2015] <johnw> next time I'll introduce myself as johnw :)
[Fri Jan  9 14:59:15 2015] <johnw> ezyang: I've seen you at the last two ICFPs
[Fri Jan  9 14:59:24 2015] <dmbaturin> Although there is no much point in it, as I use initials and last name for the IRC name. :)
[Fri Jan  9 14:59:41 2015] <johnw> well, you'd never guess that my real name is John W., but still, the association doesn't get made
[Fri Jan  9 14:59:50 2015] <ezyang> Your last name is kind of weird
[Fri Jan  9 14:59:56 2015] <ezyang> whereas your IRC handle is pretty generic
[Fri Jan  9 15:04:40 2015] <mads-> But with people from around the globe, it's pretty hard to figure what is a name and what just some online handle chosen at random
[Fri Jan  9 15:11:39 2015] <hodapp> huh, the only FP person I know in real life is probably the aforementioned CS professor. A few others there were also big FP proponents, but have since retired.
[Fri Jan  9 15:11:46 2015] <hodapp> there is a Cincy FP meetup but I've yet to attend
[Fri Jan  9 15:12:51 2015] <dmbaturin> hodapp: That's not bad. I know exactly zero FP users in real life.
[Fri Jan  9 15:15:48 2015] <hodapp> dmbaturin: I'm just glad to have escaped a job full of people who were actively opposed to the idea of FP.
[Fri Jan  9 15:16:23 2015] <notdan> mads-: Max Ads? Is that you?
[Fri Jan  9 15:21:46 2015] <johnw> ok, fiat is in Nix now
[Fri Jan  9 15:21:53 2015] <johnw> minus building of examples
[Fri Jan  9 16:20:42 2015] <mads-> notdan: no. My first name is Mads
[Fri Jan  9 16:28:54 2015] <johnw> I'm hoping that notdan's name is not Dan
[Fri Jan  9 16:51:40 2015] <jgross> johnw: Fiat is awefully experimental to go in Nix, but thanks :-) 
[Fri Jan  9 16:52:19 2015] <johnw> I'm building the examples now for the "testing" phase at least
[Fri Jan  9 16:53:17 2015] <jgross> Yeah, the examples are pretty slow.  An hour or two for them all, if I recall correctly? 
[Fri Jan  9 16:57:40 2015] <johnw> yeah, about that
[Fri Jan  9 16:57:47 2015] <johnw> I enabled parallel building, which helped a lot
[Fri Jan  9 17:20:47 2015] <notdan> mads-: sorry, I was making a stupid joke
[Fri Jan  9 17:21:00 2015] <notdan> johnw: my name *is* Dan!
[Fri Jan  9 17:21:06 2015] <notdan> But i like to prentend that it snot
[Fri Jan  9 18:01:51 2015] <arvisrend> anyone, an idea how this is supposed to be done?
[Fri Jan  9 18:01:52 2015] <arvisrend> (** **** Exercise: 4 stars, optional (app_length_twice)  *)
[Fri Jan  9 18:01:52 2015] <arvisrend> (** Prove this by induction on [l], without using app_length. *)
[Fri Jan  9 18:01:52 2015] <arvisrend> Theorem app_length_twice : forall (X:Type) (n:nat) (l:list X),
[Fri Jan  9 18:01:52 2015] <arvisrend> length l = n ->
[Fri Jan  9 18:01:52 2015] <arvisrend> length (l ++ l) = n + n.
[Fri Jan  9 18:02:00 2015] <arvisrend> this is an exercise in sf
[Fri Jan  9 18:02:26 2015] <arvisrend> i don't see how to prove this even informally without extending the induction claim
[Fri Jan  9 18:03:01 2015] <arvisrend> and if i extend the claim i can just as well prove length(l ++ m) = length l + length m, which the exercise wants me to avoid
[Fri Jan  9 18:03:47 2015] <arvisrend> or maybe it does not
[Fri Jan  9 18:03:57 2015] <arvisrend> though then it would be a stuid exericse?
[Fri Jan  9 18:07:04 2015] <arvisrend> oh
[Fri Jan  9 18:07:06 2015] <arvisrend> i'm misreading the hint
[Fri Jan  9 18:15:56 2015] <arvisrend> anyone else has CoqIDE occasionally crash on "Find"?
[Fri Jan  9 18:17:31 2015] <mads-> arvisrend: During class I heard different people mention different weird crashes in coqIde.
[Fri Jan  9 18:17:50 2015] <mads-> I think the best favor you can do yourself, is to use Emacs with proof general
[Fri Jan  9 18:23:28 2015] <arvisrend> i would normally love being able to work in emacs, but i can't see myself getting there in foreseeable time
[Fri Jan  9 18:23:47 2015] <arvisrend> worst thing is, all the keybindings i am used to from past-1990 editors do something completely different in emacs
[Fri Jan  9 18:50:26 2015] <yukko> i think proof general and emacs are both very approachable, i was able to pick them up and learn the basics in a very short amount of time (ymmv)
[Fri Jan  9 18:56:08 2015] <chirpsalot> I can confirm that first years seem to die less with emacs vs. vim.
[Fri Jan  9 18:56:21 2015] <chirpsalot> Not recommended to mix both. They get very confused :P.
[Fri Jan  9 18:56:44 2015] <benzrf> thats cuz emacs is more similar to traditional editors
[Fri Jan  9 18:56:48 2015] <benzrf> er, traditional as in notepad
[Fri Jan  9 18:57:02 2015] <benzrf> you can get away with learning less at once if you use emacs
[Fri Jan  9 18:58:52 2015] <chirpsalot> Yeah.
[Fri Jan  9 18:59:04 2015] <chirpsalot> It also has options for learning more gradually.
[Fri Jan  9 18:59:36 2015] <chirpsalot> But eh.
[Fri Jan  9 18:59:46 2015] <chirpsalot> Emacs is kind of terrible too.
[Fri Jan  9 19:00:32 2015] <chirpsalot> I hope editors improve more in the future :).
[Fri Jan  9 19:06:46 2015] <mads-> arvisrend: Using proof general will only require you to learn a handful of commands.
[Fri Jan  9 19:06:50 2015] <mads-> Shouldn't be that hard
[Fri Jan  9 19:07:15 2015] <chirpsalot> Yeah, I probably only use ~10 emacs commands.
[Sat Jan 10 09:53:14 2015] <Choups314> Is it possible to add a notation in the default scope ?
[Sat Jan 10 12:26:14 2015] <arvisrend> is the bigop package a proper subset of ssreflect's mathematical components?
[Sat Jan 10 15:32:50 2015] <nkar> anyone want to give me a hint on [Theorem lt_trans''] from software foundations?
[Sat Jan 10 15:33:29 2015] <nkar> it's marked with two stars, but I've been scratching my head for hours
[Sat Jan 10 15:34:15 2015] <nkar> it's in the "Rel" chapter.
[Sat Jan 10 15:38:31 2015] <nkar> I need to prove this by induction on [o]: [Theorem lt_trans'' : transitive lt. Proof. unfold lt. unfold transitive. intros n m o Hnm Hmo.]
[Sat Jan 10 15:39:03 2015] <nkar> where [Definition transitive {X: Type} (R: relation X) := forall a b c : X, (R a b) -> (R b c) -> (R a c).]
[Sat Jan 10 15:39:26 2015] <nkar> and [Definition relation (X: Type) := X->X->Prop.]
[Sat Jan 10 15:40:28 2015] <nkar> no matter what I try, I always end up with something like [S o' <= o'] in the goal.
[Sat Jan 10 15:41:22 2015] <xyh> when I try to quit emacs, it asks "save buffer org-src-fontification:coq-mode?", but I can not see this buffer at all! anyone meet this problem also?
[Sat Jan 10 15:42:56 2015] <nkar> I tried to use [inversion] on the hypotheses and [apply le_n] or [apply le_S] whenever I can.  do I need anything else?
[Sat Jan 10 15:47:27 2015] <notdan> nkar: well, the first case ( o = 0) can be solved using inversion
[Sat Jan 10 15:50:54 2015] <notdan> nkar: I managed to solve the second case (o = So') by using induction on Hmo, but I guess that is kind a cheating?
[Sat Jan 10 15:55:25 2015] <nkar> notdan: yes, the first case is trivial.  my question is about the second case.  don't know whether it's cheating or not.  the exercises only requires me to perform induction on [o].
[Sat Jan 10 15:55:38 2015] <nkar> the exercise*
[Sat Jan 10 15:59:37 2015] <notdan> Well, in that case induction Hmo works
[Sat Jan 10 16:42:58 2015] <nkar> notdan: okay, I'll try that
[Sat Jan 10 16:43:00 2015] <nkar> thanks
[Sat Jan 10 17:48:20 2015] <arvisrend> weird
[Sat Jan 10 17:48:22 2015] <arvisrend> I : ~ (exists y : X, ~ P y)
[Sat Jan 10 17:48:22 2015] <arvisrend> H : exists y : X, ~ P y
[Sat Jan 10 17:48:25 2015] <arvisrend> apply I in H.
[Sat Jan 10 17:48:30 2015] <arvisrend> > Error: Unable to unify.
[Sat Jan 10 17:48:34 2015] <arvisrend> what am i doing wrong_
[Sat Jan 10 17:58:19 2015] <benzrf> Check I H.
[Sat Jan 10 18:06:49 2015] <arvisrend> The term "H" has type "exists y : X, ~ P y" while it is expected to have type
[Sat Jan 10 18:06:49 2015] <arvisrend> "exists y : X, ~ P y".
[Sat Jan 10 18:07:55 2015] <arvisrend> another failure of extensionaltiy?
[Sat Jan 10 18:52:57 2015] <benzrf> dang
[Sat Jan 10 18:53:26 2015] <benzrf> what the heck is this crap
[Sat Jan 10 19:03:45 2015] <arvisrend> lack of extensionality i fear
[Sat Jan 10 19:03:52 2015] <arvisrend> i can get past it using witnesses
[Sat Jan 10 19:03:53 2015] <arvisrend> it's just annoying
[Sat Jan 10 21:39:43 2015] <benzrf> hmmmmmmmmmmm
[Sat Jan 10 21:39:56 2015] <benzrf> in coq, LEM -> ~LEM
[Sat Jan 10 21:40:16 2015] <benzrf> er no wait
[Sat Jan 10 21:40:27 2015] <benzrf> it was ~LEM -> LEM
[Sat Jan 10 21:44:11 2015] <jrw> benzrf: the second one is right. in fact, ~LEM -> False, ie, ~~LEM.
[Sat Jan 10 21:44:25 2015] <benzrf> yeah
[Sat Jan 10 21:44:40 2015] <benzrf> but ~LEM -> False is /because/ ~LEM -> LEM, not vice versa
[Sun Jan 11 00:10:42 2015] <LordBrain> I have little to know familiarity with coq, and have some very basic questions that are actually about theorem provers in general. I am not sure if here is the appropriate place to ask such things. Is it?
[Sun Jan 11 00:12:05 2015] <Cale> LordBrain: I'm sure you could ask
[Sun Jan 11 01:56:22 2015] <LordBrain> thanks Cale, i'm getting help in ##typetheory
[Sun Jan 11 03:56:08 2015] <xyh> what happen when you re-define the type bool and the function andb ?
[Sun Jan 11 03:59:22 2015] <xyh> it simply shadows standard library ?
[Sun Jan 11 09:17:46 2015] <nkar> notdan: how does induction on Hmo work?
[Sun Jan 11 09:19:23 2015] <notdan> I don't remember, let me see
[Sun Jan 11 09:20:43 2015] <notdan> Hmo : S m <= S o'. So, Either S m = S o', or S m <= o', right?
[Sun Jan 11 09:21:07 2015] <notdan> In the first case, we replace our goal S n <= S m.
[Sun Jan 11 09:21:19 2015] <notdan> But we also have Hnm: S n <= m
[Sun Jan 11 09:21:27 2015] <notdan> by using le_S we can solve our goal
[Sun Jan 11 09:21:34 2015] <notdan> Now, in the second case
[Sun Jan 11 09:23:39 2015] <notdan> well, we have S n <= o', f hypothesisby induction
[Sun Jan 11 09:23:47 2015] <notdan> and we apply le_S again
[Sun Jan 11 09:24:15 2015] <notdan> Sorry I am really bad at explaining it. Try stepping through the script yourself: [induction Hmo; apply le_S; assumption.]
[Sun Jan 11 11:59:43 2015] <nkar> notdan: okay, that's cheating.  another solution of that kind is to apply le_trans with the proper arguments.
[Sun Jan 11 12:01:29 2015] <nkar> notdan: I gave up and started to search for the proper solution.  when I found it, I was like "whoa!" because it's so simple.  I'm surprised that I didn't find it myself.
[Sun Jan 11 12:03:33 2015] <nkar> notdan: I sent it to you via /q, so I don't spoil the fun for others.
[Sun Jan 11 18:09:15 2015] <nkar> any hints on how to approach [Theorem le_Sn_n : forall n, ~(S n <= n).]?
[Sun Jan 11 18:11:55 2015] <nkar> the examples shown in the Rel chapter of software foundations so far proved such things by contradiction.  but in this case, when I introduce [S n <= n] to the context, it cannot be applied to something gibberish like [1 <= 0].
[Sun Jan 11 18:12:36 2015] <nkar> it's marked with a single star, but I don't see a way to do it.
[Sun Jan 11 18:16:49 2015] <jrw> nkar: do you have a lemma "S n <= S m -> n <= m"? if so, your lemma should go through by induction, using that lemma in the inductive case.
[Sun Jan 11 18:50:07 2015] <arvisrend> inversion?
[Sun Jan 11 21:24:13 2015] <nkar> I forgot to mention that I don't understand why coq doesn't discard the current goal when I do [inversion H.] where [H] : [S n = n] or [1 = 0].
[Sun Jan 11 21:26:44 2015] <vanila> you have to use induction to get a constradiction from a cycle such as S n = n
[Sun Jan 11 21:26:50 2015] <vanila> 1 = 0 can be discriminated immediately though
[Sun Jan 11 21:28:53 2015] <nkar> hm, maybe I didn't manage to introduce 1 = 0 to the context.
[Sun Jan 11 21:29:03 2015] <nkar> vanila: hi :)
[Sun Jan 11 22:02:33 2015] <nkar> ah, I mean 1 <= 0, not 1 = 0.
[Sun Jan 11 22:03:55 2015] <nkar> wait, it gets discarded, too.
[Sun Jan 11 22:21:44 2015] <arvisrend> yes, 1 <= 0 gets discarded as there is no constructor for it
[Sun Jan 11 22:23:30 2015] <vanila> elimtype False; omega. will solve your goal
[Sun Jan 11 22:25:29 2015] <nkar> how can I use [apply ... with] on a hypothesis?
[Sun Jan 11 22:25:43 2015] <nkar> [apply le_trans in H with (c := b).] doesn't work.
[Sun Jan 11 22:25:57 2015] <nkar> as well as [apply le_trans with (c := b) in H.].
[Sun Jan 11 22:27:28 2015] <vanila> what do you have and what do you want to get?
[Sun Jan 11 22:34:16 2015] <nkar> that's not important, I think.  I'm asking about the proper syntax, basically.
[Sun Jan 11 22:34:48 2015] <vanila> i cant help you because I don't know what you want to do
[Sun Jan 11 22:36:45 2015] <nkar> okay
[Sun Jan 11 23:41:58 2015] <nkar> how can I prove [a <= b -> b <= a -> a = b], that is, the fact that [le] is antisymmetric.  knowing that [a <= b] and [b <= a] is enough to conclude that [a = b].  is there a tactic I could use to express this?  or do I need to approach this differently?
[Sun Jan 11 23:42:39 2015] <vanila> omega will proves things like this instantly
[Sun Jan 11 23:42:54 2015] <vanila> did you want to do it from first principles?
[Sun Jan 11 23:43:30 2015] <nkar> what does "from first principles" mean?
[Sun Jan 11 23:43:45 2015] <nkar> [omega] hasn't been used in sf so far, so I'd rather not use it.
[Sun Jan 11 23:43:45 2015] <vanila> without automatic tactics like omega
[Sun Jan 11 23:43:51 2015] <nkar> yes, see above
[Sun Jan 11 23:44:00 2015] <vanila> see what?
[Sun Jan 11 23:44:40 2015] <nkar> I was saying that I want to do it without [omega].
[Sun Jan 11 23:44:50 2015] <nkar> oh, btw.  I forgot to mention one thing
[Sun Jan 11 23:44:52 2015] <vanila> I don't see that
[Sun Jan 11 23:45:14 2015] <vanila> maybe you said it before I joined
[Sun Jan 11 23:45:34 2015] <nkar> I already have a proof of ~(symmetric le). I wonder if I can use it.
[Sun Jan 11 23:46:16 2015] <nkar> If I use [ex_falso_quodlibet], I can apply it.  but the variables I get in the context will be differnt
[Sun Jan 11 23:46:19 2015] <nkar> different*
[Sun Jan 11 23:47:32 2015] <nkar> I mean the existing hypotheses in the context are not general enough to apply use ~(symmetric le), it seems.
[Sun Jan 11 23:47:49 2015] <nkar> anyway, how would you do it without [omega]?
[Sun Jan 11 23:48:14 2015] <vanila> not sure, im going to try
[Sun Jan 11 23:49:45 2015] <nkar> vanila: it's from the rel chapter of sf.  maybe you'll need to use the definitions from the book.
[Sun Jan 11 23:56:29 2015] <vanila> if you destruct hypotheses you are just left with S (S m) <= m which you can disprove by induction
[Sun Jan 11 23:56:35 2015] <vanila> both hypotheses
[Mon Jan 12 01:12:06 2015] <nkar> vanila: what do I need to do next? [Proof. unfold antisymmetric. intros. destruct H. Case "destruct H". reflexivity. destruct H0. SCase "destruct H0". reflexivity. induction m as [|m']. SSCase "m = 0". inversion H. Abort.]
[Mon Jan 12 01:12:32 2015] <nkar> how do I prove [SSCase "m = S m'".]?
[Mon Jan 12 01:13:28 2015] <vanila> I can't step through your proof since unfold antisymmetric doens't work
[Mon Jan 12 01:13:44 2015] <vanila> oh wait if i ignore that i can
[Mon Jan 12 01:13:57 2015] <vanila>   H : S m0 <= m
[Mon Jan 12 01:13:57 2015] <vanila>   H0 : S m <= m0
[Mon Jan 12 01:13:59 2015] <vanila> at this point
[Mon Jan 12 01:14:17 2015] <vanila> you can can do   assert (S (S m) <= m).
[Mon Jan 12 01:14:31 2015] <vanila> and prove that using le_trans and le_n_S (SearchAbout le to find useful lemmas)
[Mon Jan 12 01:14:41 2015] <vanila> then clear away H, H0 and do the induction
[Mon Jan 12 01:14:56 2015] <vanila> instead of just going straight into the induction
[Mon Jan 12 01:17:14 2015] <nkar> vanila: I cannot apply le_trans: Impossible to unify "transitive le" with "S (S m) <= m".
[Mon Jan 12 01:18:15 2015] <nkar> (le_trans is defined in terms of the transitive relation)
[Mon Jan 12 01:21:01 2015] <nkar> oh, it works if I use [with]
[Mon Jan 12 06:51:05 2015] <schoppenhauer> just tried to compile the current git checkout, and got the error http://lpaste.net/118311
[Mon Jan 12 09:37:21 2015] <dmbaturin> Where do I find the gallina grammar specification?
[Mon Jan 12 09:38:49 2015] <dmbaturin> Curios what else is there but the small part of the language I've already seen. :)
[Mon Jan 12 14:31:56 2015] <Choups314> Is-it possible to save several theorems in a kind of record ?
[Mon Jan 12 14:33:00 2015] <Choups314> Let's assume I have two theorems proving the same thing, but I have to treat two case (Because it is much more easier to express in the theorem hypothesis, and it's easier for the proof too)
[Mon Jan 12 14:34:18 2015] <Choups314> So I create these two theorems (With two different name), but now I would like to be able to use both as one (i.e. apply it with a single name, because it refers to the same theorem)
[Mon Jan 12 14:35:11 2015] <Choups314> Of course, it would create a subgoal (or something like that) to prove why do we use one theorem, and not the other one
[Mon Jan 12 14:35:29 2015] <Choups314> (I don't know if it is really clear .. :s)
[Mon Jan 12 14:35:53 2015] <jrw> Choups314: not really following. is it like you have P -> Q and ~ P -> Q and you want to be able to apply "both" whenever your goal is Q?
[Mon Jan 12 14:53:01 2015] <jrw> Choups314: did you figure out what it was you were trying to do?
[Mon Jan 12 14:54:02 2015] <jrw> oh, I see you posted on coq club
[Mon Jan 12 14:54:13 2015] <Choups314> Yes ;)
[Mon Jan 12 14:54:29 2015] <jrw> Choups314: one idea would be to prove a final theorem that combines theorems by deciding which one to use
[Mon Jan 12 14:54:50 2015] <jrw> (this only works if the predicates that make up the hypotheses are decidable or if you assume lem)
[Mon Jan 12 14:55:09 2015] <Choups314> It is decidable
[Mon Jan 12 14:55:42 2015] <Choups314> In fact, it is just a case : [equal zero or not], for a specific type
[Mon Jan 12 14:56:10 2015] <jrw> so do you see what I mean? if you have [thm1 : P = 0 -> Q] and [thm2 : P <> 0 -> Q] then you can prove [thm : Q] by destructing on P and applything thm1 and thm2 in the two subgoals
[Mon Jan 12 14:56:24 2015] <jrw> and then you just use thm everywhere
[Mon Jan 12 14:56:38 2015] <Choups314> Hooo
[Mon Jan 12 14:56:47 2015] <Choups314> That's good !
[Mon Jan 12 14:56:50 2015] <Choups314> Easy and clear :)
[Mon Jan 12 14:59:19 2015] <Choups314> The case P=0 leads to completely different hypothesis, that's why I wanted two different theorems
[Mon Jan 12 14:59:22 2015] <Choups314> Thanks !
[Mon Jan 12 14:59:45 2015] <jrw> np, glad to help
[Mon Jan 12 15:00:14 2015] <Choups314> I will write your solution on the mailing list, to avoid duplicates ;)
[Tue Jan 13 12:40:34 2015] <chirpsalot> http://en.wikipedia.org/wiki/Calculus_of_constructions#Defining_logical_operators
[Tue Jan 13 13:12:50 2015] <bennofs> Hi, is there a reasson that in Lists, In is defined as a Fixpoint rather than an Inductive definition? Is there any difference between the Fixpoint definition and the Inductive definition?
[Tue Jan 13 13:18:15 2015] <Saizan> bennofs: they should be logically equivalent, but the fixpoint one might work better with Coq's pattern matching
[Tue Jan 13 13:18:43 2015] <Saizan> because you just have to match on the list and the In will be able to simplify
[Tue Jan 13 13:19:21 2015] <bennofs> Ah right, so it avoids needing the `inversion` tactic
[Tue Jan 13 18:40:38 2015] <amosr> is there anything in the standard library that takes a (list Set) and gives a Set of values?
[Tue Jan 13 18:41:29 2015] <amosr> I might mean “Type” instead of “Set”
[Tue Jan 13 18:51:58 2015] <amosr> (I ended up just writing it)
[Tue Jan 13 19:01:49 2015] <benzrf> amosr: wut
[Tue Jan 13 19:01:54 2015] <benzrf> amosr: how does that work
[Tue Jan 13 19:02:14 2015] <amosr> benzrf: I probably just explained it poorly
[Tue Jan 13 19:02:16 2015] <amosr> it’s just this:
[Tue Jan 13 19:02:18 2015] <amosr> Inductive Values : list Type -> Type :=
[Tue Jan 13 19:02:18 2015] <amosr>  | v_nil : Values []
[Tue Jan 13 19:02:19 2015] <amosr>  | v_cons x xs : list x -> Values xs -> Values (x :: xs).
[Tue Jan 13 19:02:50 2015] <benzrf> oh, an HList
[Tue Jan 13 19:03:05 2015] <benzrf> er, well
[Tue Jan 13 19:03:12 2015] <benzrf> an HList of lists
[Tue Jan 13 19:03:18 2015] <amosr> ah, yup
[Wed Jan 14 06:42:00 2015] <schoppenhauer> hm. what would have to be done to be able to utilize multiple cores when compiling coq?
[Wed Jan 14 10:27:08 2015] <jgross> schoppenhauer: run `make -j` or `make -j4` (or however many threads you want) 
[Wed Jan 14 13:59:18 2015] <bennofs> If I have a Definition foo : list int -> int := bar 3, and bar does a `match` on it's argument, is there a tactic that I could use to simplify `foo (x :: xs)`? (without needing to use unfold manually)
[Wed Jan 14 14:01:16 2015] <johnw> just "simpl" should do it, doesn't it?
[Wed Jan 14 14:01:38 2015] <bennofs> johnw: no, simpl will not unfold definitions that don't use match, it seems
[Wed Jan 14 14:01:58 2015] <johnw> then I don't know of any better tactic
[Wed Jan 14 14:02:15 2015] <bennofs> hnf seems to work
[Wed Jan 14 14:02:25 2015] <benzrf> compute?
[Wed Jan 14 14:03:06 2015] <bennofs> benzrf: compute unfold too much in my case, but hnf works fine
[Wed Jan 14 14:03:10 2015] <johnw> computer is nearly always too heavy-handed
[Wed Jan 14 14:03:17 2015] <johnw> ah, yes, hnf
[Wed Jan 14 14:03:23 2015] <johnw> I wonder if "red"would work too
[Wed Jan 14 14:03:35 2015] <bennofs> johnw: red does one step, so I'd need to red; simpl
[Wed Jan 14 14:03:36 2015] <johnw> in ssreflect I'd say "move."
[Wed Jan 14 14:03:56 2015] <johnw> I'm slowly getting disconnected from the standard tactics...
[Wed Jan 14 14:04:09 2015] <johnw>  I can tell you whether that's a good thing or a bad thing.  I guess it all depends on who I might have to collaborate with in the future
[Wed Jan 14 14:04:14 2015] <johnw> s/can/can't
[Wed Jan 14 14:04:15 2015] <bennofs> * should learn ssreflect sometime
[Wed Jan 14 14:04:20 2015] <johnw> i love it
[Wed Jan 14 14:38:30 2015] <schoppenhauer> jgross: thank you. that works.
[Wed Jan 14 14:40:33 2015] <schoppenhauer> another question: I am currently trying to make my code run under the stable coq release (used git so far). Fin.to_nat_inj seems not to be in the stable library yet, what can I use instead?
[Wed Jan 14 14:47:38 2015] <johnw> you can copy it from the unstable version
[Wed Jan 14 14:51:05 2015] <schoppenhauer> ok, did so, thx.
[Wed Jan 14 15:35:10 2015] <arvisrend> is it just me or is the ceval_deterministic exercise in Imp.v of the sf book supposed to take pages of repetitive code?
[Wed Jan 14 15:35:34 2015] <arvisrend> like, induction over one of the conditions and inversion of the others, totalling to some 100 cases?
[Wed Jan 14 17:01:32 2015] <jrw> arvisrend: in the proof given in the book, they use a semicolon to eliminate most of those cases.
[Wed Jan 14 17:01:41 2015] <jrw> are you trying to reproduce a proof without looking at theirs?
[Wed Jan 14 17:04:23 2015] <arvisrend> yes
[Wed Jan 14 17:04:32 2015] <arvisrend> and i can't figure out good ways to use semicolons there
[Wed Jan 14 17:04:45 2015] <arvisrend> i'd need something like "apply all induction hypotheses to whatever seems reasoanble"
[Wed Jan 14 17:04:50 2015] <arvisrend> but wait
[Wed Jan 14 17:04:53 2015] <arvisrend> is there a proof given in the book?
[Wed Jan 14 17:05:01 2015] <arvisrend> or do you have a solutions manual?
[Wed Jan 14 17:05:07 2015] <arvisrend> oooh
[Wed Jan 14 17:05:09 2015] <arvisrend> sorry
[Wed Jan 14 17:05:15 2015] <arvisrend> i'm talking about the exercise ceval_deterministic
[Wed Jan 14 17:05:17 2015] <arvisrend> not the theorem
[Wed Jan 14 17:05:43 2015] <jrw> oh I see.
[Wed Jan 14 17:05:47 2015] <arvisrend> i actually forgot that the theorem existed by the time i came to the exercise
[Wed Jan 14 17:05:49 2015] <jrw> same thing should work though?
[Wed Jan 14 17:05:53 2015] <arvisrend> probably
[Wed Jan 14 17:06:10 2015] <jrw> I would suggested looking at how they set up their induction
[Wed Jan 14 17:07:38 2015] <arvisrend> okay, essentially they automate one of the two inductions, leaving the other one expicit
[Wed Jan 14 17:07:42 2015] <arvisrend> i guess i can do that too, thanks
[Wed Jan 14 17:07:55 2015] <arvisrend> although i hate the way they use automatically generated hypothesis names
[Wed Jan 14 17:11:19 2015] <johnw> arvisrend: you can always use "try"
[Wed Jan 14 17:11:32 2015] <johnw> induction x; try exact foo.
[Wed Jan 14 17:15:41 2015] <arvisrend> yes, but i need to know the names of all the hypotheses
[Wed Jan 14 17:16:01 2015] <arvisrend> and i need to make sure that a tactic that solves one branch doesn't dead-end another
[Wed Jan 14 17:16:27 2015] <johnw> well, exact only fires if it solves that branch
[Wed Jan 14 17:16:33 2015] <johnw> otherwise, it would leave the branch alone
[Wed Jan 14 17:16:41 2015] <johnw> same with the solve tactic
[Wed Jan 14 17:16:57 2015] <arvisrend> hmm solve
[Wed Jan 14 17:17:01 2015] <alkabetz> Yeah, I’d use 'try solve [exact foo]' for this.
[Wed Jan 14 17:17:20 2015] <arvisrend> what exactly does solve do?
[Wed Jan 14 17:17:31 2015] <arvisrend> ah
[Wed Jan 14 17:17:43 2015] <arvisrend> it's something like simple?
[Wed Jan 14 17:17:51 2015] <alkabetz> It takes a pipe-separated list of tactics and tries each one in order.  If one succeeds in solving the current goal, it succeeds; if none succeed, it fails with an error.
[Wed Jan 14 17:18:18 2015] <alkabetz> If you’re writing 'exact foo', though, you might consider writing 'assumption' instead
[Wed Jan 14 17:18:21 2015] <arvisrend> nice, that's helpful
[Wed Jan 14 17:18:39 2015] <alkabetz> 'try solve' makes 'solve' not crash your entire proof script if it fails.
[Wed Jan 14 17:19:44 2015] <arvisrend> is there something like "try to inversion every hypothesis and see if one of them leaves no subgoals"?
[Wed Jan 14 17:19:54 2015] <arvisrend> without knowing the names of the hypotheses
[Wed Jan 14 17:20:04 2015] <arvisrend> something like "assumption"
[Wed Jan 14 17:20:23 2015] <johnw> you could do that with repeat and match goal
[Wed Jan 14 17:20:29 2015] <arvisrend> match goal?
[Wed Jan 14 17:20:50 2015] <johnw> repeat match goal [ H: _ | _] with => solve (inversion H) end
[Wed Jan 14 17:20:57 2015] <johnw> or [inversion H], sorry
[Wed Jan 14 17:21:17 2015] <johnw> repeat match goal with [ H: _ | _] => solve [inversion H] end
[Wed Jan 14 17:21:18 2015] <arvisrend> hmm
[Wed Jan 14 17:21:24 2015] <johnw> here, failures cause the proof search to continue
[Wed Jan 14 17:21:26 2015] <arvisrend> ok i have no idea what it means but i'll try it!
[Wed Jan 14 17:22:03 2015] <alkabetz> I really wish the SF folks weren’t so allergic to automation.
[Wed Jan 14 17:22:24 2015] <alkabetz> Like, obviously, you can use it as a crutch.  But teaching people about Ltac a bit earlier than they do could save a /lot/ of student time
[Wed Jan 14 17:22:24 2015] <arvisrend> allergic?
[Wed Jan 14 17:22:30 2015] <arvisrend> they use it too much :/
[Wed Jan 14 17:22:39 2015] <alkabetz> Wait, really?
[Wed Jan 14 17:22:41 2015] <alkabetz> * looks at Imp.v
[Wed Jan 14 17:22:42 2015] <arvisrend> i wish i had some more stuff to train on manually
[Wed Jan 14 17:22:54 2015] <arvisrend> although i care more for math theorems
[Wed Jan 14 17:23:05 2015] <arvisrend> and math theorems don't tend to have these many branches
[Wed Jan 14 17:23:28 2015] <alkabetz> Ah, [Imp] introduces automation.  Never mind.
[Wed Jan 14 17:23:38 2015] <arvisrend> imp does, although it explains little of it
[Wed Jan 14 17:23:44 2015] <arvisrend> ltac doesn't appear until, i think, much later
[Wed Jan 14 17:24:24 2015] <alkabetz> So, basically, Ltac has this construct 'match goal with [STUFF |- GOAL] => TAC end', which kind of mimics the normal Gallina match construct.
[Wed Jan 14 17:24:29 2015] <alkabetz> (Syntactically, at least.)
[Wed Jan 14 17:24:49 2015] <alkabetz> It lets you pattern-match on your proof state and then take action based on it.
[Wed Jan 14 17:24:52 2015] <arvisrend> ah
[Wed Jan 14 17:25:02 2015] <arvisrend> i thought because of the "goal" word that it would only match the actual GOAL
[Wed Jan 14 17:25:18 2015] <alkabetz> Yeah, it’s poorly named.
[Wed Jan 14 17:25:38 2015] <alkabetz> STUFF gets matched against the context, and GOAL gets matched against the goal.
[Wed Jan 14 17:25:55 2015] <alkabetz> So in johnw’s suggestion, you have '[ H : _ |- _ ]'
[Wed Jan 14 17:25:57 2015] <johnw> i think a different word than match should have been used
[Wed Jan 14 17:26:27 2015] <johnw> ah yes, |-
[Wed Jan 14 17:26:42 2015] <alkabetz> '[ H : _ |- _ ]' will match any hypothesis and any goal.
[Wed Jan 14 17:27:35 2015] <alkabetz> So I think the way johnw’s suggestion is supposed to work is to grab some hypothesis and try solving by inverting it.  If that fails, 'repeat' with the next hypothesis, and so on.
[Wed Jan 14 17:28:02 2015] <johnw> match itself should continue to the next hypothesis
[Wed Jan 14 17:28:12 2015] <johnw> the repeat is there so that if it succeeds, we try again
[Wed Jan 14 17:28:21 2015] <alkabetz> Ah, okay, cool.
[Wed Jan 14 20:24:05 2015] <arvisrend> how readable is sergey's "Programs and Proofs"?
[Wed Jan 14 20:27:26 2015] <johnw> VERY
[Wed Jan 14 20:27:28 2015] <johnw> I love that book
[Wed Jan 14 20:27:53 2015] <johnw> even people who aren't going to use ssreflect should read it, just because it makes so many of the core ideas so much clearer
[Wed Jan 14 20:28:12 2015] <arvisrend> good to hear
[Wed Jan 14 20:28:34 2015] <arvisrend> as it seems to be the only introduction into ssreflect beyond the 40-or so page tutorial
[Wed Jan 14 20:30:48 2015] <johnw> yep, and in fact, it is
[Wed Jan 14 20:31:01 2015] <johnw> it was truly like finding an oasis in a desert
[Wed Jan 14 20:31:11 2015] <johnw> I didn't even grasp what reflection really meant until that book
[Thu Jan 15 09:16:14 2015] <schoppenhauer> is there any standard way of documenting coq code?
[Thu Jan 15 09:16:23 2015] <schoppenhauer> (like javadoc or doxygen)
[Thu Jan 15 09:16:28 2015] <vanila> coqdoc!
[Thu Jan 15 09:24:20 2015] <benzrf> coq doc: the doc for yr coq
[Thu Jan 15 09:24:52 2015] <schoppenhauer> thx
[Thu Jan 15 13:32:38 2015] <m4farrel> spermbank.io
[Thu Jan 15 14:41:55 2015] <ianjneu> m4farrel: your online repository of Coq output?
[Thu Jan 15 17:57:22 2015] <hitchcock.freenode.net> [freenode-info] please register your nickname...don't forget to auto-identify! http://freenode.net/faq.shtml#nicksetup
[Thu Jan 15 18:28:03 2015] <benzrf> hmmmmmm
[Thu Jan 15 18:28:28 2015] <benzrf> you cannot prove things about coq from within coq, right?
[Thu Jan 15 18:28:45 2015] <benzrf> well... dependeing on their generality?
[Thu Jan 15 18:28:59 2015] <johnw> http://www.lix.polytechnique.fr/~barras/publi/coqincoq.pdf
[Thu Jan 15 18:29:22 2015] <johnw>  funny how Google has these things you can search for, isn't it?
[Thu Jan 15 18:31:07 2015] <benzrf> blehh
[Thu Jan 15 19:17:36 2015] <benzrf> anyway i
[Thu Jan 15 19:17:41 2015] <benzrf> was thinking
[Thu Jan 15 19:18:05 2015] <benzrf> coq's lack of turing completeness means that you cannot do things like gödel-number its terms, right
[Thu Jan 15 19:18:15 2015] <benzrf> er, fuck
[Thu Jan 15 19:18:18 2015] <benzrf> i dont know what im doing
[Thu Jan 15 19:30:30 2015] <arvisrend> anyone knows if "extended" induction principles like the gorgeous_ind_max in sf/MoreInd.v are provable in coq?
[Thu Jan 15 19:30:52 2015] <arvisrend> here's the page http://www.cis.upenn.edu/~bcpierce/sf/current/MoreInd.html
[Thu Jan 15 19:32:16 2015] <arvisrend> basically we're inducting over an inductive predicate called "gorgeous", and unlike in the usual induction principle that coq generates from its inductive definition, we want to prove a claim about a piece of evidence for that predicate
[Thu Jan 15 19:32:40 2015] <arvisrend> whereas the usual induction principle only allows proving a claim about the arguments of the predicate
[Thu Jan 15 19:32:44 2015] <arvisrend> if this makes any sense
[Thu Jan 15 20:05:10 2015] <notdan> arvisrend: hm, I think so
[Thu Jan 15 20:05:14 2015] <notdan> let me try
[Thu Jan 15 20:14:41 2015] <notdan> arvisrend: http://lpaste.net/118536
[Thu Jan 15 20:17:54 2015] <arvisrend> nice!
[Thu Jan 15 20:17:55 2015] <arvisrend> thank you
[Thu Jan 15 20:20:34 2015] <arvisrend> so match is a more reliable way to decompose an inductive than induction
[Fri Jan 16 08:28:42 2015] <benzrf> question...
[Fri Jan 16 08:28:55 2015] <benzrf> is it possible to prove that the natural numbers are well-ordered in coq?
[Fri Jan 16 08:28:57 2015] <benzrf> it's not, is it?
[Fri Jan 16 08:36:56 2015] <notdan> I think it is possible
[Fri Jan 16 08:38:00 2015] <benzrf> rly?
[Fri Jan 16 08:41:06 2015] <notdan> let me try
[Fri Jan 16 08:42:24 2015] <schoppenhauer> doesnt this follow by induction?
[Fri Jan 16 08:42:45 2015] <schoppenhauer> (I mean, usually...)
[Fri Jan 16 08:43:05 2015] <vanila> what is it? I just joined
[Fri Jan 16 08:47:23 2015] <notdan> well-orderedness of natural numbers
[Fri Jan 16 08:48:17 2015] <vanila> thats in the standard library (Wf)
[Fri Jan 16 09:00:58 2015] <benzrf> o.O
[Fri Jan 16 09:01:04 2015] <benzrf> vanila: what type is it
[Fri Jan 16 09:06:00 2015] <fisi> benzrf, it's the Lemma lt_wf in https://coq.inria.fr/library/Coq.Arith.Wf_nat.html . The type well_founded (as well as the underlying inductive predicate Acc) is defined in Coq.Init.Wf
[Fri Jan 16 09:25:01 2015] <notdan> ok I did it
[Fri Jan 16 09:25:09 2015] <notdan> oh snap you guys already found the solution :S
[Fri Jan 16 09:25:37 2015] <notdan> Anyway, here is my take https://gist.github.com/co-dan/79f4f67b3f9566a1eb58
[Fri Jan 16 09:30:16 2015] <benzrf> wwwwwwwwwwwwwwwwwwwwwwwwwwww
[Fri Jan 16 09:30:21 2015] <benzrf> oops
[Fri Jan 16 09:32:04 2015] <benzrf> errrrr
[Fri Jan 16 09:32:12 2015] <benzrf> what does well_founded actually do
[Fri Jan 16 09:35:12 2015] <fisi> benzrf, it's defined in terms of Acc. Acc x states that if all elements smaller than x are accessible, then so is x -- this corresponds to a statement that all decreasing chains from x are finite.
[Fri Jan 16 09:35:32 2015] <fisi> and well_founded says this is the case for all x
[Fri Jan 16 09:36:04 2015] <benzrf> o.O
[Fri Jan 16 09:36:08 2015] <benzrf> accessible?
[Fri Jan 16 09:36:19 2015] <fisi> well, yeah, hence Acc
[Fri Jan 16 09:36:25 2015] <benzrf> no, what does that mean
[Fri Jan 16 09:37:29 2015] <benzrf> fisi: well im probably xy'ing over here
[Fri Jan 16 09:37:42 2015] <fisi> I basically wrote out the definition of Acc (specialized to less-than on naturals). An number x is accessible if all smaller numbers are accessible.
[Fri Jan 16 09:37:50 2015] <fisi> s/An/A/
[Fri Jan 16 09:37:57 2015] <Cypi> Maybe you're more used to the definition that says that every non-empty set of integers has a least element, but it's equivalent I believe.
[Fri Jan 16 09:39:34 2015] <fisi> Cypi, that's the thing, classically it definitely is, but here we have subsets and non-emptiness is tricky... I'm not entirely sure what the right formulation of well-ordering would be in the intuitionistic case (and if it'd be equivalent).
[Fri Jan 16 09:40:55 2015] <Cypi> http://lpaste.net/118573 >> would something like that satisfy you in the case of subsets of integers? (don't bother with the proofs I guess, just the types are enough)
[Fri Jan 16 09:43:11 2015] <benzrf> fisi: basically i worked out that im pretty sure in coq you can prove "not exists a least element of the set of natural numbers that cannot be described in under 1000000 digits of coq's gödel-enumeration"
[Fri Jan 16 09:43:27 2015] <benzrf> fisi: and i was wondering if that contradicts the coq formulation of well-ordering
[Fri Jan 16 09:50:11 2015] <fisi> benzrf, I honestly have no clue. Lots of negations, too.
[Fri Jan 16 10:59:51 2015] <arvisrend> what is the difference between Require Import and Require Export?
[Fri Jan 16 11:00:58 2015] <johnw> the latter makes imported symbols available to downstream importers
[Fri Jan 16 11:01:42 2015] <arvisrend> ah!
[Fri Jan 16 14:28:38 2015] <johnw> linearscan was pushed to Hackage today; a Haskell library built entirely in Coq!
[Fri Jan 16 14:32:19 2015] <vanila> awesome!
[Fri Jan 16 14:32:28 2015] <johnw> collaborators welcome at this point too
[Fri Jan 16 14:33:24 2015] <johnw> I've completed the first step of integrating the library with our in-house compiler, but there are some nice optimizations laid out in Wimmer's thesis that I may never have time to implement in Coq
[Fri Jan 16 14:35:18 2015] <vanila> is there a paper on how this was done?
[Fri Jan 16 14:35:38 2015] <johnw> there is an experience report under the doc/ directory on GitHub
[Fri Jan 16 14:35:47 2015] <johnw> or do you mean the allocation algorithm itself?
[Fri Jan 16 14:35:53 2015] <vanila> thats perfect!
[Fri Jan 16 14:36:21 2015] <johnw> with luck, I'll be presenting at NASA Formal Methods, let's hope they accept
[Fri Jan 16 14:37:03 2015] <vanila> best of luck!
[Fri Jan 16 14:37:07 2015] <johnw> thanks, vanila
[Fri Jan 16 14:37:26 2015] <johnw> I think you may be one of the only people who actually gets excited when I mention this library :)
[Fri Jan 16 14:38:02 2015] <vanila> i showed my friend too and they're really impressed
[Fri Jan 16 14:38:23 2015] <vanila> i wonder if there's a master list of haskell libs implemented in coq
[Fri Jan 16 14:38:58 2015] <johnw> I know of another, only I've forgotten the name now
[Fri Jan 16 14:39:07 2015] <johnw>  and they don't implement the entire thing in Coq, just a verified core
[Fri Jan 16 14:49:17 2015] <nkar> johnw: I'm not as experienced as vanila, but I'm very excited, too.  congratulations!
[Fri Jan 16 14:49:23 2015] <johnw> thanks nkar!
[Fri Jan 16 14:50:30 2015] <vanila> you could put it into compcert maybe
[Fri Jan 16 14:50:55 2015] <johnw> perhaps so, if we get to 1.0
[Fri Jan 16 14:51:11 2015] <johnw> next step is to finish implementation of register spilling
[Fri Jan 16 14:54:08 2015] <nkar> johnw: but compcert is proprietary.  I hope you don't change the license.
[Fri Jan 16 14:54:17 2015] <nkar> johnw: will your talk be recorded?
[Fri Jan 16 14:54:39 2015] <johnw> I don't know if they record at that conference; and the license on my side is BSD
[Fri Jan 16 14:55:12 2015] <vanila> compcert is GPL
[Fri Jan 16 14:55:44 2015] <johnw> so, they can use me just fine, I just can't use them, which works in this case
[Fri Jan 16 14:55:48 2015] <nkar> vanila: last time I checked it was for non-commercial use only.  maybe parts of it are gpl'd, though.
[Fri Jan 16 14:56:30 2015] <vanila> oh
[Fri Jan 16 14:56:59 2015] <vanila> thats annoying
[Fri Jan 16 14:58:26 2015] <nkar> johnw: consider announcing the package on haskell-cafe.  maybe it'll inspire others to use coq the way you do
[Fri Jan 16 14:59:21 2015] <johnw> once I get just a bit more of it completed I will
[Fri Jan 16 15:01:19 2015] <johnw> but I am hoping for this to show that Coq can be seriously used to assist Haskell development
[Fri Jan 16 16:14:27 2015] <Choups314> Hi, how can I define a function of type [forall x : T, P x -> T]  (where [T] is a type and [P] a predicate) ?
[Fri Jan 16 16:17:55 2015] <johnw> forall (T : Type) (x : T) (P : T -> Type), P x -> T
[Fri Jan 16 16:18:34 2015] <Cypi> [fun (x : T) (_ : P x) => x] is such a function, for example.
[Fri Jan 16 16:39:24 2015] <johnw> oh, I'm sorry
[Fri Jan 16 16:39:26 2015] <johnw> *define* it
[Fri Jan 16 16:44:41 2015] <Choups314> Thank you @
[Fri Jan 16 16:44:44 2015] <Choups314> !*
[Sat Jan 17 11:13:30 2015] <arvisrend> referencing automatically named hypotheses
[Sat Jan 17 11:13:36 2015] <arvisrend> is it bad or just meh?
[Sat Jan 17 11:13:56 2015] <vanila> the danger is that the name might be different if something minor changes
[Sat Jan 17 11:14:17 2015] <arvisrend> yes, but that's on the other hand relatively easy to bugfix
[Sat Jan 17 11:14:30 2015] <arvisrend> compared to stuff like leaking into another case
[Sat Jan 17 11:14:31 2015] <vanila> in a small development, sure
[Sat Jan 17 11:14:44 2015] <vanila> but in a larger project it could become a real horror
[Sat Jan 17 11:42:20 2015] <arvisrend> are permutations (as maps {1,2,...,n} to {1,2,...,n}) somewhere in coq's library?
[Sat Jan 17 11:42:36 2015] <arvisrend> i see coq has permutations of lists, as inductive predicates, but that's sth different
[Sat Jan 17 11:43:14 2015] <arvisrend> generally, where do i find the idea that a list of length n corresponds to a function {1,2,...,n} to X modulo equality-upon-application
[Sat Jan 17 13:39:48 2015] <arvisrend> fucking hell
[Sat Jan 17 13:39:55 2015] <arvisrend> i feel i'm not getting better but my code is getting uglier :/
[Sat Jan 17 15:07:45 2015] <arvisrend> is there a way to use this http://pierre-yves.strub.nu/ with coqide?
[Sat Jan 17 15:07:50 2015] <arvisrend> the coq bundle imean
[Sat Jan 17 15:11:13 2015] <arvisrend> ah nice it has coqide already
[Sat Jan 17 15:16:20 2015] <arvisrend> should i be worried about it only being 8.4pl2 not 8.4pl5?
[Sat Jan 17 15:16:27 2015] <arvisrend> and ssreflect being 1.4 not 1.5?
[Sat Jan 17 16:43:15 2015] <johnw> I try to avoid auto-named hypotheses as much as possible now
[Sat Jan 17 16:43:18 2015] <johnw> they do get to be a nightmare
[Sat Jan 17 18:03:34 2015] <benzrf> what is -> notation for as a type ctor
[Sat Jan 17 18:03:57 2015] <benzrf> basically is there an expression i can type : Type -> Type -> Type
[Sat Jan 17 18:04:53 2015] <Cypi> Does [fun (x _ : Type) => x] satisfy you?
[Sat Jan 17 18:04:59 2015] <Cypi> (maybe I've not understood what you meant)
[Sat Jan 17 18:06:36 2015] <benzrf> oh bleh
[Sat Jan 17 18:06:41 2015] <benzrf> Cypi: 1 sec
[Sat Jan 17 18:07:38 2015] <benzrf> bluuUUUUUUH
[Sat Jan 17 18:07:43 2015] <benzrf> this is garbage
[Sat Jan 17 18:08:06 2015] <benzrf> i should be doing my homework for once in my life anyway, never mind!!!
[Sat Jan 17 18:58:54 2015] <arvisrend> so what exactly can i do with Set that i can't with Type?
[Sat Jan 17 19:11:21 2015] <benzrf> arvisrend: universe stuff i guess
[Sat Jan 17 19:11:58 2015] <arvisrend> hmm
[Sat Jan 17 19:44:47 2015] <johnw> benzrf: I don't believe that means anything
[Sat Jan 17 19:46:58 2015] <johnw> arvisrend: for one thing, when you deal with Set, it is always something that should be extracted
[Sat Jan 17 19:47:30 2015] <johnw> when you deal with Type, Coq sometimes can't know whether it should or shouldn't be extracted, so it extracts it anyway
[Sat Jan 17 19:47:45 2015] <johnw> plus, as benzrf hinted, Type can occur at many universe levels, but Set at only one
[Sat Jan 17 19:48:34 2015] <johnw> in general, I like to have all of my "data" types in Set, my propositions in Prop, and only use Type if I need to combine the two, or if I need higher universes
[Sat Jan 17 19:48:42 2015] <arvisrend> hmm
[Sat Jan 17 19:48:42 2015] <johnw> more here: http://adam.chlipala.net/cpdt/html/Universes.html
[Sat Jan 17 19:48:44 2015] <arvisrend> ok
[Sat Jan 17 19:48:59 2015] <arvisrend> so subtypes of sets defined by predicates are only types?
[Sat Jan 17 19:49:06 2015] <johnw> ah, now I see what benzrf means by "universe stuff", yes he is right about that
[Sat Jan 17 19:49:43 2015] <johnw> right: Inductive sig (A : Type) (P : A -> Prop) : Type
[Sat Jan 17 19:49:52 2015] <johnw> A there could be Set
[Sat Jan 17 19:49:57 2015] <johnw> but the type of sig would have to be Type
[Sat Jan 17 19:50:04 2015] <arvisrend> thank you
[Sat Jan 17 19:50:17 2015] <arvisrend> how do people in reality work with subtypes defined by predicates?
[Sat Jan 17 19:50:31 2015] <johnw> using predicates
[Sat Jan 17 19:50:35 2015] <arvisrend> like, what if i want to define a map from such a subtype, and i want to encode the fact that it does not depend on the proof of the predicate
[Sat Jan 17 19:50:36 2015] <johnw> that's the beauty of dependent types
[Sat Jan 17 19:50:51 2015] <johnw> you need to import proof irrelevance
[Sat Jan 17 19:51:12 2015] <arvisrend> uhm
[Sat Jan 17 19:51:26 2015] <arvisrend> that's an axiom which maybe does far more than i want?
[Sat Jan 17 19:51:43 2015] <johnw> is this what you mean by a mapping: f : forall a P (x : a), P x -> { x' : a | P x' }
[Sat Jan 17 19:51:55 2015] <johnw> proof irrelevance?  it's a pretty simple axiom
[Sat Jan 17 19:52:10 2015] <arvisrend> basically i want a map from {0,1,...,n-1} to some type T
[Sat Jan 17 19:52:13 2015] <johnw> it just means that all inhabitants of a given Prop type are equivalent
[Sat Jan 17 19:52:34 2015] <arvisrend> as far as i understand {0,1,...,n-1} is the set of all m : nat with lt m n
[Sat Jan 17 19:52:45 2015] <arvisrend> unless there is a better way to define it
[Sat Jan 17 19:52:54 2015] <johnw> f : forall (x n : nat), x < n -> T
[Sat Jan 17 19:52:56 2015] <arvisrend> but now i want to define the notion of a permutation of {0,1,...,n-1}
[Sat Jan 17 19:53:05 2015] <arvisrend> yes
[Sat Jan 17 19:53:32 2015] <arvisrend> but what if i want to show that there are exactly n! permutations
[Sat Jan 17 19:53:45 2015] <arvisrend> of course i'll have to use equality-upon-evaluation instead of equality
[Sat Jan 17 19:53:49 2015] <arvisrend> but i'm not sure if there is enough
[Sat Jan 17 19:53:51 2015] <arvisrend> *that
[Sat Jan 17 19:53:53 2015] <johnw> Lemma permutations : forall x, f x = x!.
[Sat Jan 17 19:54:00 2015] <johnw> or whatever T means
[Sat Jan 17 19:54:18 2015] <johnw> something like this is much simpler with ssreflect, btw
[Sat Jan 17 19:54:28 2015] <arvisrend> in what way?
[Sat Jan 17 19:54:36 2015] <johnw> these sorts of decidable questions involves sets and numbers are computable
[Sat Jan 17 19:54:42 2015] <johnw> involving*
[Sat Jan 17 19:54:56 2015] <johnw> so over there we'd say:
[Sat Jan 17 19:55:19 2015] <johnw> f : forall (x n : nat), x < n -> size (permutations x) == factorial n.
[Sat Jan 17 19:55:21 2015] <johnw> or something like that
[Sat Jan 17 19:55:36 2015] <johnw> that should not be named f, you get the idea
[Sat Jan 17 19:55:51 2015] <arvisrend> yes, but what is "permutations x" precisely?
[Sat Jan 17 19:55:53 2015] <arvisrend> and what is "size"?
[Sat Jan 17 19:55:59 2015] <johnw> size is "length"
[Sat Jan 17 19:56:02 2015] <johnw> the length of the list
[Sat Jan 17 19:56:06 2015] <arvisrend> ok so there is a list?
[Sat Jan 17 19:56:09 2015] <johnw> permutations return a list of lists
[Sat Jan 17 19:56:19 2015] <johnw> yes, ssreflect has a "seq" wrapper around Coq's "list"
[Sat Jan 17 19:56:31 2015] <johnw> it makes working with lists much easier
[Sat Jan 17 19:57:06 2015] <johnw> there may already be code to work with permutations in mathcomp, I don't know
[Sat Jan 17 19:57:16 2015] <johnw> I was proposing a function there that you'd write
[Sat Jan 17 19:57:27 2015] <arvisrend> oh found it
[Sat Jan 17 19:58:08 2015] <arvisrend> Lemma permP s t : s =1 t <-> s = t.
[Sat Jan 17 19:58:08 2015] <arvisrend> Proof. by split=> [| -> //]; rewrite unlock => eq_sv; exact/val_inj/ffunP. Qed.
[Sat Jan 17 19:58:08 2015] <arvisrend> weird
[Sat Jan 17 19:58:18 2015] <arvisrend> does this mean funcext holds here?
[Sat Jan 17 19:58:32 2015] <johnw> yeah, a restricted form of it that does not require the general axiom
[Sat Jan 17 19:58:40 2015] <johnw> =1 means that two functions are definitionally equal
[Sat Jan 17 19:58:42 2015] <arvisrend> hmm i think ssr's permutations are not exactly functions
[Sat Jan 17 19:59:14 2015] <johnw> in ssreflect, sets are functions are predicates
[Sat Jan 17 19:59:37 2015] <arvisrend> in what sense?
[Sat Jan 17 19:59:38 2015] <johnw> so P x and x \in P mean the same thing
[Sat Jan 17 20:00:18 2015] <johnw> so permP is saying that if P and Q match for all arguments, then P is Q
[Sat Jan 17 20:00:22 2015] <johnw> yeah, funext as you said
[Sat Jan 17 20:00:34 2015] <arvisrend> i'm trying to understand how ffun is defined
[Sat Jan 17 20:00:36 2015] <arvisrend> this is weird
[Sat Jan 17 20:00:46 2015] <johnw> it definitely takes getting used to
[Sat Jan 17 20:00:48 2015] <arvisrend> finfun.v is near completely unreadable without knoiwng their design decisions
[Sat Jan 17 20:00:52 2015] <johnw> it's not like the Coq standard library at all
[Sat Jan 17 20:01:03 2015] <johnw> yes, that is completely true
[Sat Jan 17 20:01:12 2015] <johnw> read Programs and Proofs by Ilya Sergey first
[Sat Jan 17 20:01:30 2015] <johnw> but once you get past the glass wall that is the ssreflect learning curve
[Sat Jan 17 20:01:37 2015] <johnw> then certain mathematical things get REALLY easy
[Sat Jan 17 20:01:43 2015] <johnw> that's why they invented it
[Sat Jan 17 20:01:50 2015] <johnw> so as not to go insane working on the four color theorem
[Sat Jan 17 20:01:53 2015] <arvisrend> i'm currently reading sergey
[Sat Jan 17 20:01:58 2015] <arvisrend> though not very far yet
[Sat Jan 17 20:02:17 2015] <johnw> i've read the ssreflect manual page by page four times now
[Sat Jan 17 20:02:24 2015] <johnw> and still a lot of their proofs are pure magic to me
[Sat Jan 17 20:02:38 2015] <johnw> I think sometimes that you have to work an Inria and be engaged in one of their projects to ever truly know the zen of it
[Sat Jan 17 20:02:43 2015] <arvisrend> Inductive finfun_type : predArgType := Finfun of #|aT|.-tuple rT.
[Sat Jan 17 20:03:06 2015] <arvisrend> can it be that their finite functions are wrappers for lists?
[Sat Jan 17 20:03:17 2015] <johnw> aT sounds like a list there
[Sat Jan 17 20:03:22 2015] <johnw> and #|| is probably its magnitude
[Sat Jan 17 20:03:31 2015] <johnw> an n.-tuple is list of size n
[Sat Jan 17 20:03:41 2015] <johnw> FinFun of ... is a data constructor
[Sat Jan 17 20:04:28 2015] <johnw> it looks scary because it's dense, but it's actually simpler in my opinion in the end
[Sat Jan 17 20:04:39 2015] <arvisrend> ok
[Sat Jan 17 20:04:46 2015] <arvisrend> i think
[Sat Jan 17 20:04:58 2015] <johnw> an "n.-tuple a" is a Vector n a
[Sat Jan 17 20:05:06 2015] <arvisrend> so the only way to construct an finfun_type object is from a list of elements of rT of the size of size aT
[Sat Jan 17 20:05:20 2015] <johnw> yep
[Sat Jan 17 20:05:29 2015] <arvisrend> if their maps are glorified lists, then i am not surprised by them satisfying funext at least :)
[Sat Jan 17 20:05:41 2015] <johnw> yeah, it's kind of elegant
[Sat Jan 17 20:05:48 2015] <arvisrend> and all the setoidery can be avoided too
[Sat Jan 17 20:06:02 2015] <johnw> I wish they did more category theory, because I bet their treatment of representable functors would be magical
[Sat Jan 17 20:06:27 2015] <arvisrend> as glorified representing objects?
[Sat Jan 17 20:06:43 2015] <johnw> yeah, because they too are just functions from some domain
[Sat Jan 17 20:06:51 2015] <johnw> (or isomorphic to such)
[Sat Jan 17 20:07:10 2015] <johnw> i'd love a general notion of isomorphism in ssreflect
[Sat Jan 17 20:07:22 2015] <johnw> so that once you'd proven it, you could flexibly shift types aruond
[Sat Jan 17 20:08:05 2015] <arvisrend> what is this lock/unlock stuff?
[Sat Jan 17 20:08:11 2015] <arvisrend> is this about definitions which never unfold?
[Sat Jan 17 20:08:13 2015] <johnw> prevents simplification by "simpl" or "/="
[Sat Jan 17 20:08:17 2015] <arvisrend> ah
[Sat Jan 17 20:08:29 2015] <johnw> it's just a type wrapper, nothing more
[Sat Jan 17 20:08:41 2015] <johnw> i've used it a few times myself in proofs
[Sat Jan 17 20:08:52 2015] <johnw> you can lock down a sub-expression, rather than manually simplifying everything else around it
[Sat Jan 17 20:09:50 2015] <arvisrend> are there parts of the ssr library that are suitable to reading?
[Sat Jan 17 20:10:00 2015] <arvisrend> i see, nice
[Sat Jan 17 20:10:57 2015] <johnw> no, not at all
[Sat Jan 17 20:11:04 2015] <johnw> reading the code is not informative at all in the beginning
[Sat Jan 17 20:11:14 2015] <johnw> it just makes you feel that you don't understand even the things you thought you did
[Sat Jan 17 22:44:35 2015] <Ptival> even the ssr manual is sometimes weird to read :)
[Sun Jan 18 14:16:46 2015] <pyon> Is there any shorthand for "intro n; <whatever>; generalize dependent n." ?
[Sun Jan 18 15:34:10 2015] <Ptival> pyon: not that I know of
[Sun Jan 18 15:52:51 2015] <benzrf> pyon where have i seen u b4
[Sun Jan 18 16:23:15 2015] <chirpsalot> Is there a way to use symmetry with <>?
[Sun Jan 18 16:24:06 2015] <chirpsalot> I.e., I want 2 <> 0 to be 0 <> 2?
[Sun Jan 18 16:31:30 2015] <chirpsalot> Nevermind, auto did it.
[Sun Jan 18 16:32:03 2015] <chirpsalot> Hmmm. I kind of wish ProofGeneral let me see the proof state one step back at the same time.
[Sun Jan 18 16:32:31 2015] <chirpsalot> Maybe it does. I dunno. I always get lost, or often end up asking myself "wait... What did that change?"
[Sun Jan 18 16:49:28 2015] <benzrf> chirpsalot: i thgouht i was in a haskell channel and wsa extremely confused for a mo
[Sun Jan 18 16:50:21 2015] <chirpsalot> Not mappend :P.
[Sun Jan 18 16:54:30 2015] <benzrf> does coq have something analogous to (->)
[Sun Jan 18 17:26:50 2015] <pyon> benzrf: You mean, like, infix symbols?
[Sun Jan 18 17:28:19 2015] <benzrf> pyon: i mean is there an expression in coq that corresponds  to the expression (->) in haskell
[Sun Jan 18 17:28:50 2015] <pyon> You mean, at the type level?
[Sun Jan 18 17:28:58 2015] <pyon> Because (->) is not a value-level expression in Haskell.
[Sun Jan 18 17:29:07 2015] <benzrf> pyon: yeh
[Sun Jan 18 17:29:16 2015] <pyon> benzrf: In Coq, there is no single universe of all types.
[Sun Jan 18 17:29:27 2015] <pyon> benzrf: So that would be ambiguous.
[Sun Jan 18 17:29:41 2015] <benzrf> fug
[Sun Jan 18 17:29:59 2015] <benzrf> what if i wanna write 'category Type (->) compose' tho
[Sun Jan 18 17:30:06 2015] <pyon> benzrf: Definition foo a b := (a -> b)%type.
[Sun Jan 18 17:30:27 2015] <pyon> benzrf: However, foo will be constrained to a single universe.
[Sun Jan 18 17:30:40 2015] <benzrf> pyon: but then compose does not unify because foo a b fails to unify with a -> b
[Sun Jan 18 17:30:45 2015] <benzrf> or like
[Sun Jan 18 17:30:47 2015] <benzrf> something!
[Sun Jan 18 17:31:34 2015] <pyon> Too bad I do not remember the Coq notation for records...
[Sun Jan 18 17:31:41 2015] <pyon> In a past lifetime, I showed that Hask is a category in Coq.
[Sun Jan 18 17:31:50 2015] <benzrf> cool beens
[Sun Jan 18 17:47:35 2015] <pyon> How do I check the associativity and precedence of a stdlib symbol?
[Sun Jan 18 18:04:35 2015] <pyon> benzrf: Compose works just fine: https://gist.github.com/eduardoleon/0bd473804005bfc76f19
[Sun Jan 18 18:04:50 2015] <benzrf> oh my
[Sun Jan 18 18:05:25 2015] <benzrf> what to heck is "Module Type"
[Sun Jan 18 18:05:41 2015] <pyon> benzrf: Think of a module as a record.
[Sun Jan 18 18:06:00 2015] <pyon> In ML, a module is just like a record, except it may contain types as members, and it is not a first-class value.
[Sun Jan 18 18:06:14 2015] <pyon> And a module type... is the type signature of a module.
[Sun Jan 18 18:06:31 2015] <pyon> (Well, all of this is super imprecise, but it was just a quick explanation.)
[Sun Jan 18 18:07:17 2015] <pyon> Sadly, I could not use (.) to denote function composition.
[Sun Jan 18 18:44:25 2015] <pyon> What was the tactic for trying a bunch of possibities? I remember it was something like "<???> [ tac1 | tac2 | tac3 ... ]".
[Sun Jan 18 19:10:01 2015] <pyon> How do I say, in the middle of a proof, "the term 't' has exactly the type required by the goal"?
[Sun Jan 18 19:13:39 2015] <hodapp> exact t?
[Sun Jan 18 19:14:20 2015] <pyon> Ah!
[Sun Jan 18 19:14:22 2015] <pyon> Thanks!
[Sun Jan 18 19:20:04 2015] <pyon> I have a case analysis with two cases: in the first case, I used "foo" and in the second case I used "bar". I should be able to replace this with "first [foo|bar]", right?
[Sun Jan 18 19:20:35 2015] <pyon> Oh, never mind. I was making a silly mistake
[Mon Jan 19 06:44:33 2015] <nkar> I'm proving rsc_trans from software foundations (the "Rel" chapter).  here's my attempt: Theorem rsc_trans : forall (X:Type) (R: relation X) (x y z : X), refl_step_closure R x y -> refl_step_closure R y z -> refl_step_closure R x z. Proof. intros X R x y z H. apply rsc_step. Abort.  the hypothesis is refl_step_closure R x y.  the goal is R x y.  what should be my next step?  I have a Theorem rsc_R : forall (X:Type) (R:relation X) (x y :
[Mon Jan 19 06:44:33 2015] <nkar> X), R x y -> refl_step_closure R x y.  how can I apply it in H?
[Mon Jan 19 06:44:33 2015] <nkar>  
[Mon Jan 19 14:05:17 2015] <pyon> I am stick with one of the exercises from Software Foundations: https://gist.github.com/eduardoleon/2a119e8d89bf956cd212 . I want to prove (line 66) that converting a binary number to unary and then back to binary has the effect of removing leading zeroes. How should I approach this task?
[Mon Jan 19 14:05:20 2015] <pyon> stuck*
[Mon Jan 19 14:07:14 2015] <arvisrend> is that the 5-star one?
[Mon Jan 19 14:07:21 2015] <arvisrend> my proof is a fucking mess
[Mon Jan 19 14:09:16 2015] <pyon> Yes, it is the first 5-star one.
[Mon Jan 19 14:09:24 2015] <pyon> -O
[Mon Jan 19 14:09:26 2015] <pyon> :-O *
[Mon Jan 19 14:10:39 2015] <arvisrend> omg
[Mon Jan 19 14:10:49 2015] <arvisrend> 11 lemmas
[Mon Jan 19 14:10:57 2015] <pyon> Whoa.
[Mon Jan 19 14:11:04 2015] <arvisrend> though i suspect half of them are redundant and i was too lazy to delete them
[Mon Jan 19 14:11:13 2015] <arvisrend> Lemma normalize_E : forall n : bin,
[Mon Jan 19 14:11:14 2015] <arvisrend> normalize (E n) = E (normalize n).
[Mon Jan 19 14:11:20 2015] <arvisrend> Lemma normalize_D: forall (n : bin) (m : nat),
[Mon Jan 19 14:11:20 2015] <arvisrend> bin_to_nat n = S m -> normalize (D n) = D (normalize n).
[Mon Jan 19 14:11:21 2015] <arvisrend> these might be most useful
[Mon Jan 19 14:11:54 2015] <pyon> D is 2x+1, right?
[Mon Jan 19 14:12:04 2015] <arvisrend> hmm
[Mon Jan 19 14:12:06 2015] <arvisrend> my D is 2x
[Mon Jan 19 14:12:11 2015] <arvisrend> and E is 2x+1
[Mon Jan 19 14:12:14 2015] <pyon> Oh.
[Mon Jan 19 14:12:23 2015] <arvisrend> in my first attempt D was 2x+1 and E was 2x+2 but then there would be nothing left to normalize
[Mon Jan 19 14:18:16 2015] <nkar> repeating my question: I'm proving rsc_trans from software foundations (the "Rel" chapter).  here's my attempt: Theorem rsc_trans : forall (X:Type) (R: relation X) (x y z : X), refl_step_closure R x y -> refl_step_closure R y z -> refl_step_closure R x z. Proof. intros X R x y z H. apply rsc_step. Abort.  the hypothesis is refl_step_closure R x y.  the goal is R x y.  what should be my next step?  I have a Theorem rsc_R : forall
[Mon Jan 19 14:18:16 2015] <nkar> (X:Type) (R:relation X) (x y : X), R x y -> refl_step_closure R x y.  how can I apply it in H?
[Mon Jan 19 14:18:39 2015] <johnw> it's a bit hard to read that in IRC
[Mon Jan 19 14:18:45 2015] <arvisrend> yes
[Mon Jan 19 14:18:49 2015] <arvisrend> please pastebin
[Mon Jan 19 14:18:56 2015] <arvisrend> or just multipost
[Mon Jan 19 14:19:29 2015] <johnw> pastebin, always
[Mon Jan 19 14:19:37 2015] <johnw> allows for annotating and edits
[Mon Jan 19 14:19:44 2015] <nkar> okay
[Mon Jan 19 14:20:02 2015] <arvisrend> also, i used induction in that exercise
[Mon Jan 19 14:22:53 2015] <nkar> johnw: http://dpaste.com/2X3T4QD
[Mon Jan 19 14:23:19 2015] <arvisrend> wow dpaste has coq highlighting?
[Mon Jan 19 14:23:19 2015] <johnw> what is a refl_step_closure?
[Mon Jan 19 14:23:21 2015] <arvisrend> ah ocaml
[Mon Jan 19 14:23:40 2015] <johnw> I guess I haven't done this cahpter
[Mon Jan 19 14:23:42 2015] <arvisrend> so yeah i'd say this require sinduction
[Mon Jan 19 14:23:43 2015] <arvisrend> it's rel.v
[Mon Jan 19 14:24:27 2015] <arvisrend> first two lines of my solution -- don't click unless you really want it http://dpaste.com/1TX6HF8
[Mon Jan 19 14:25:19 2015] <benzrf> sinduction?!
[Mon Jan 19 14:25:22 2015] <benzrf> how sinful
[Mon Jan 19 14:25:47 2015] <johnw> it's when you recursively try every sin until you hit rock bottom
[Mon Jan 19 14:26:02 2015] <arvisrend> it's how you generate evil http://comments.gmane.org/gmane.science.mathematics.categories/5459
[Mon Jan 19 14:29:54 2015] <nkar> arvisrend: I don't want to click.  I wonder whether I can apply rsc_R in a hopthesis or not.
[Mon Jan 19 14:30:46 2015] <arvisrend> "in a hypothesis"?
[Mon Jan 19 14:31:03 2015] <arvisrend> but i don't think it is reasonable to apply it
[Mon Jan 19 14:31:23 2015] <arvisrend> it basically goes in the wrong direction
[Mon Jan 19 14:31:38 2015] <arvisrend> you don't know how many R's there are between y and z, so to speak
[Mon Jan 19 14:32:54 2015] <nkar> arvisrend: okay... so, do I need to do anything special in order be able to lift R into relf_step_closure or unlift relf_step_closure into R?
[Mon Jan 19 14:33:10 2015] <arvisrend> as i said, this is basically an induction exercise
[Mon Jan 19 14:33:32 2015] <nkar> do I need to perform it on a hypothesis?
[Mon Jan 19 14:33:32 2015] <arvisrend> the axioms are enough for it
[Mon Jan 19 14:33:35 2015] <arvisrend> yes
[Mon Jan 19 14:34:06 2015] <nkar> I tried that but didn't push too hard.  will try again, thanks.
[Mon Jan 19 14:44:17 2015] <pyon> Is there anything like "simpl", but which lets me control the extent to which the expression is simplified?
[Mon Jan 19 14:44:39 2015] <pyon> (Without having to use stuff like "assert" or "replace", which generate new subgoals.)
[Mon Jan 19 14:47:25 2015] <pyon> Basically, I want something like "simpl the left-hand side only".
[Mon Jan 19 14:48:50 2015] <chirpsalot> pyon: https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_tactic136
[Mon Jan 19 14:49:12 2015] <pyon> Thanks, checking
[Mon Jan 19 14:49:59 2015] <chirpsalot> Looks like it can do what you want.
[Mon Jan 19 14:50:02 2015] <chirpsalot> * hasn't tried.
[Mon Jan 19 14:50:15 2015] <chirpsalot> I was wondering the same thing, but I didn't look it up until now.
[Mon Jan 19 14:50:41 2015] <pyon> Oh, and another thing. I have something like "foo (match bar with | A m n => baz | B p q => qux)". How do I convert it to "match bar with | A m n => foo baz | B p q => foo qux" ?
[Mon Jan 19 14:53:29 2015] <chirpsalot> pyon: I would normally destruct bar and then simpl, I think.
[Mon Jan 19 14:54:04 2015] <chirpsalot> But there is probably a better way!
[Mon Jan 19 14:55:13 2015] <pyon> Ah!
[Mon Jan 19 15:03:49 2015] <chirpsalot> Are you scared, or did you figure it out? :P
[Mon Jan 19 15:05:56 2015] <pyon> I found a way to prove what I needed... but... I do not like my proof.
[Mon Jan 19 15:09:26 2015] <pyon> https://gist.github.com/eduardoleon/2a119e8d89bf956cd212 -- lines 67-76, there has to be a better way
[Mon Jan 19 15:11:21 2015] <johnw> thank goodness for proof irrelevance, he? :)
[Mon Jan 19 15:11:23 2015] <johnw> eh
[Mon Jan 19 15:11:28 2015] <pyon> lol
[Mon Jan 19 15:11:55 2015] <pyon> And this was just warmup for the actual exercise, proving "forall n, normalize n = from_nat (to_nat n)".
[Mon Jan 19 15:12:30 2015] <arvisrend> i feel dirty like that whenever i use try constructs :(
[Mon Jan 19 15:13:01 2015] <arvisrend> something is frighteningly barbaric about this kind of exception catching
[Mon Jan 19 15:14:57 2015] <pyon> Well, how else do I express the fact that, in some branches I need a tactic, and in others I don't?
[Mon Jan 19 15:15:17 2015] <arvisrend> i don't know -- it's a flaw of coq to me
[Mon Jan 19 15:15:58 2015] <pyon> I am decidedly *NOT* happy with the fact that I cannot understand a proof without stepping through it.
[Mon Jan 19 15:21:58 2015] <johnw> pyon:  you could always add comments to your proof that would make it more equivalent to a human readable proof
[Mon Jan 19 15:23:41 2015] <Nik05> Yesterday i started self learning some predicate logic and also trying to proof the problems with coq.
[Mon Jan 19 15:23:53 2015] <Nik05> its pretty fun
[Mon Jan 19 15:24:12 2015] <johnw> Coq is really good with predicate logic
[Mon Jan 19 15:24:22 2015] <johnw> until you discover "intuition" and all your proofs disappear ;)
[Mon Jan 19 15:24:42 2015] <Nik05> :)
[Mon Jan 19 15:24:54 2015] <johnw> maybe even "firstorder" is all you need in that case
[Mon Jan 19 15:25:08 2015] <johnw> jgross__: ping
[Mon Jan 19 15:25:47 2015] <Nik05> Is it also possible to let coq use exists and forall symbols?
[Mon Jan 19 15:25:56 2015] <johnw> yep
[Mon Jan 19 15:26:08 2015] <johnw> Require Export Coq.Unicode.Utf8.
[Mon Jan 19 15:26:11 2015] <johnw> and then just use away
[Mon Jan 19 15:26:13 2015] <Nik05> ah oke
[Mon Jan 19 15:26:22 2015] <johnw> fun x => y turns into λ x, y
[Mon Jan 19 15:26:38 2015] <johnw> s/Export/Import
[Mon Jan 19 15:28:25 2015] <Nik05> Export worked too...
[Mon Jan 19 15:29:02 2015] <johnw>  that's fine, if you don't mind that the imports will propagate to whoever imports you
[Mon Jan 19 15:30:02 2015] <Nik05> but i need to include Coq.Unicode in every "program"?
[Mon Jan 19 15:31:10 2015] <johnw>  you either need to include it in every module they will use the Unicode symbols, or you can do an Export inclusion in some common module that they will all then Import
[Mon Jan 19 15:31:54 2015] <Nik05> oke thank you
[Mon Jan 19 15:32:38 2015] <Nik05> I had no idea it was part of the module, i thought it was just the IDE that could do that
[Mon Jan 19 15:35:35 2015] <johnw>  your actually entering Unicode characters into the source file, so the coqc compiler must be able to interpret what they mean.   I think that the module I mentioned simply contains Notations from those Unicode code points to their related syntactic counterparts.
[Mon Jan 19 15:37:28 2015] <Nik05> johnw, im just using exists and forall but the output of the CoqIDE now uses the symbols
[Mon Jan 19 15:37:42 2015] <johnw> ah, I see
[Mon Jan 19 15:37:54 2015] <johnw> in one project i get to type in ∀ and ∃
[Mon Jan 19 15:38:10 2015] <johnw> but I don't use it for projects where I expect to work with other people
[Mon Jan 19 15:39:55 2015] <Nik05> but how do you type ∀ and ∃
[Mon Jan 19 15:43:33 2015] <Nik05> johnw with compose key?
[Mon Jan 19 15:44:39 2015] <johnw> I type \all in Emacs with Agda input mode
[Mon Jan 19 15:44:54 2015] <Nik05> ah oke :)
[Mon Jan 19 15:45:19 2015] <Nik05> i guess i can use compose key, if i know how to change that
[Mon Jan 19 15:48:11 2015] <Nik05> well i found out i can use the compose key to do this... ☭
[Mon Jan 19 15:50:26 2015] <johnw> heh
[Mon Jan 19 15:50:43 2015] <Nik05> but not ∀, strange
[Mon Jan 19 15:57:36 2015] <Nik05> well thank you for helping johnw, see you later
[Mon Jan 19 15:57:50 2015] <johnw> cya
[Mon Jan 19 17:21:21 2015] <pyon> I have a goal "foo \/ bar", how do I discard one of "foo" or "bar"?
[Mon Jan 19 17:22:59 2015] <pyon> Oh, never mind, "left" and "right".
[Mon Jan 19 17:28:01 2015] <pyon> I have the assumption "moo <> moo", how do I say "from this anything follows"?
[Mon Jan 19 17:28:56 2015] <alkabetz> 'discriminate' should do the trick.
[Mon Jan 19 17:29:28 2015] <pyon> It does not. :-|
[Mon Jan 19 17:30:13 2015] <arvisrend> inversion?
[Mon Jan 19 17:30:15 2015] <alkabetz> Hmm, weird.  What about 'inversion'?
[Mon Jan 19 17:30:25 2015] <arvisrend> well, depends on what type moo is
[Mon Jan 19 17:30:33 2015] <pyon> "moo" is of an inductive type.
[Mon Jan 19 17:30:43 2015] <pyon> But the hypothesis "H : moo <> moo" itself is not.
[Mon Jan 19 17:30:46 2015] <arvisrend> in the worst case, you use exfalso, and then apply the hypothesis
[Mon Jan 19 17:31:01 2015] <pyon> Oh, right.
[Mon Jan 19 17:31:05 2015] <pyon> Thanks!
[Mon Jan 19 17:31:42 2015] <arvisrend> yw
[Mon Jan 19 17:31:53 2015] <arvisrend> though this might not be the most idiomatic way or something, but i never tend to remember those
[Mon Jan 19 17:34:10 2015] <pyon> Basically, in the same problem as before (the 5-star one from SF), I am trying to prove "forall n, normalize n = Z \/ normalize (XO n) = XO (normalize n)". Or, equivalently, "forall n, normalize n <> Z -> normalize (XO n) = XO (normalize n)". After some hacking on my whiteboard, I have a suspicion that this lemma will help me solve the exercise in a simple way.
[Mon Jan 19 17:34:25 2015] <pyon> Errr... I should rather update my gist.
[Mon Jan 19 17:35:07 2015] <pyon> https://gist.github.com/eduardoleon/2a119e8d89bf956cd212 -- line 78
[Mon Jan 19 17:44:15 2015] <arvisrend> what is XO?
[Mon Jan 19 17:44:19 2015] <arvisrend> ah
[Mon Jan 19 17:44:32 2015] <pyon> XO is 2x, XI is 2x+1
[Mon Jan 19 17:44:43 2015] <pyon> X is the prefix of the number O and I are the last digit.
[Mon Jan 19 17:45:18 2015] <pyon> Perhaps I should use a different lemma: "forall m n, normalize (XO m) = XO n -> normalize m = n".
[Mon Jan 19 17:45:59 2015] <arvisrend> i like the version with "or" more than the one with the negative hypothesis
[Mon Jan 19 17:46:03 2015] <arvisrend> but i guess they're equivalent
[Mon Jan 19 17:46:25 2015] <arvisrend> yeah becausewe can match
[Mon Jan 19 17:46:45 2015] <arvisrend> Fixpoint normalize n :=
[Mon Jan 19 17:46:45 2015] <arvisrend> match n with
[Mon Jan 19 17:46:46 2015] <arvisrend> | Z => Z
[Mon Jan 19 17:46:46 2015] <arvisrend> | XO n =>
[Mon Jan 19 17:46:46 2015] <arvisrend> match normalize n with
[Mon Jan 19 17:46:46 2015] <arvisrend> | Z => Z
[Mon Jan 19 17:46:46 2015] <arvisrend> | n => XO n
[Mon Jan 19 17:46:47 2015] <arvisrend> end
[Mon Jan 19 17:46:47 2015] <arvisrend> | XI n => XI (normalize n)
[Mon Jan 19 17:46:48 2015] <arvisrend> end.
[Mon Jan 19 17:46:52 2015] <arvisrend> please give the auxiliary variable a different name
[Mon Jan 19 17:47:38 2015] <pyon> :-O
[Mon Jan 19 17:47:49 2015] <arvisrend> actually you have 2 of them
[Mon Jan 19 17:47:54 2015] <pyon> I like neither the \/ nor the negative.
[Mon Jan 19 17:48:18 2015] <pyon> Oh, you mean the n's in normalize?
[Mon Jan 19 17:48:27 2015] <pyon> Yeah, I guess giving them the same name was a bad thing.
[Mon Jan 19 17:48:46 2015] <arvisrend> yeah there are three of them
[Mon Jan 19 18:47:29 2015] <mbrcknl> pyon: A better way might be to redesign bin so it did not need normalisation. For example, by ensuring that non-zero binary numbers are forced by the Inductive definition to always have a leading one.
[Mon Jan 19 18:52:34 2015] <pyon> mbrcknl: I understand that... but the exercise consists precisely in dealing with this specific representation.
[Mon Jan 19 18:53:39 2015] <pyon> mbrcknl: I could work in terms of a tail, which is essentially a list of bits, and then a binary number is either 1 followed by a tail, or just 0.
[Mon Jan 19 18:54:46 2015] <mbrcknl> pyon: Actually, I thought "Again, feel free to change your earlier definitions if this helps here." was a hint that there was a better representation.
[Mon Jan 19 18:55:12 2015] <pyon> Oh.
[Mon Jan 19 19:16:21 2015] <Nik05> hello, is it possible to use coq without admin rights on windows?
[Mon Jan 19 19:17:26 2015] <Nik05> or is there maybe some online interpreter to do simple stuff on?
[Mon Jan 19 19:19:35 2015] <Nik05> oh i think i found one, proofweb
[Mon Jan 19 19:22:44 2015] <pyon> Wait, Coq needs admin rights on Windows? :-O
[Mon Jan 19 19:31:12 2015] <Nik05> i dont know, the installer wants admin rights. but i just want to run in, when im on a windows system sometimes
[Mon Jan 19 19:31:28 2015] <Nik05> it*
[Mon Jan 19 19:32:20 2015] <Nik05> guess i can try extracting the installer
[Mon Jan 19 21:47:17 2015] <chirpsalot> Nik05: virtual machine, if all else fails?
[Tue Jan 20 10:56:54 2015] <pyon> How do I import all notations defined in another module?
[Tue Jan 20 10:58:15 2015] <johnw> they will automatically be imported, unless they were defined in a sub-module
[Tue Jan 20 11:00:07 2015] <pyon> Oh, by module, I do not mean a "Foo.v", I mean a "Module Foo. (* ... *) End Foo.".
[Tue Jan 20 11:03:14 2015] <johnw> then: Module Import Foo
[Tue Jan 20 11:06:39 2015] <pyon> Never mind, I am splitting my single Everything.v into files for each submodule.
[Tue Jan 20 11:06:42 2015] <pyon> Oh.
[Tue Jan 20 11:22:49 2015] <pyon> How do I prove something about a recursive, higher-order function?
[Tue Jan 20 11:23:39 2015] <pyon> I have a "count {A} p (xs : list A) : nat" function defined in terms of filter and length.
[Tue Jan 20 11:23:46 2015] <pyon> Errr, I have defined filter myself.
[Tue Jan 20 11:23:54 2015] <pyon> length is the one from the stdlib.
[Tue Jan 20 11:24:01 2015] <johnw> usually it's just by induction
[Tue Jan 20 11:24:22 2015] <pyon> I can prove stuff by induction about non-higher-order functions... but for higher-order functions, it is just hard..
[Tue Jan 20 11:24:36 2015] <johnw> well, that's probably true :)
[Tue Jan 20 11:56:27 2015] <pyon> Oh, well, it turned out to be easier than I foresaw.
[Tue Jan 20 12:25:49 2015] <pyon> What is going in here? -- http://i.imgur.com/kZQ3UPI.png -- A term is not equal to itself? :-|
[Tue Jan 20 12:33:47 2015] <ystael> pyon: Perhaps those two ++ are not what they seem?  Try 'Unset Printing Notations.'
[Tue Jan 20 12:34:44 2015] <pyon> Oh.
[Tue Jan 20 12:58:41 2015] <pyon> Say I destruct a bool.
[Tue Jan 20 12:59:02 2015] <pyon> Is there any way to put into the context a hypothesis saying which is the actual value of the bool?
[Tue Jan 20 12:59:26 2015] <pyon> e.g., if I "destruct (foo bar)", I want hypotheses "H : foo bar = true" and "H : foo bar = false".
[Tue Jan 20 12:59:59 2015] <pyon> (Actually, this is not just for bool, but any inductive type... also, not just for "destruct", also for "induction".)
[Tue Jan 20 13:08:20 2015] <arvisrend> does [destruct (foo bar) eqn:H] work?
[Tue Jan 20 13:08:34 2015] <arvisrend> i remember that this [eqn:] construct works for two of destruct, induction, inversion
[Tue Jan 20 13:08:38 2015] <arvisrend> i don't remember which ones :)
[Tue Jan 20 13:08:44 2015] <pyon> Ah, checking!
[Tue Jan 20 13:09:09 2015] <pyon> arvisrend: Yes, worked like a charm!
[Tue Jan 20 13:09:23 2015] <arvisrend> i must say i never fully figured out the difference between destruct and ivnersion
[Tue Jan 20 13:09:54 2015] <pyon> arvisrend: inversion adds induction principles for recursively defined types.
[Tue Jan 20 13:10:07 2015] <arvisrend> really? i thought you need induction for that?
[Tue Jan 20 13:10:13 2015] <pyon> oh, my bad
[Tue Jan 20 13:10:14 2015] <pyon> I misread
[Tue Jan 20 13:10:21 2015] <pyon> I was thinking of destruct vs induction
[Tue Jan 20 13:10:22 2015] <pyon> lol
[Tue Jan 20 13:10:55 2015] <arvisrend> i guess inversion is for equalities
[Tue Jan 20 13:11:00 2015] <pyon> Ah, yes!
[Tue Jan 20 13:11:09 2015] <pyon> Hypotheses that are equalities.
[Tue Jan 20 13:30:33 2015] <pyon> Is there anything like Haskell's "import qualified Whatever as W" ?
[Tue Jan 20 13:31:30 2015] <pyon> I am developing a style in which I write lots of modules with one or two regular definitions, and lots of proofs about them.
[Tue Jan 20 13:31:46 2015] <arvisrend> maybe you can import stuff into a submdoule?
[Tue Jan 20 13:31:54 2015] <pyon> Oh.
[Tue Jan 20 13:32:09 2015] <pyon> That works.
[Tue Jan 20 13:32:17 2015] <arvisrend> not sure if it's any good though
[Tue Jan 20 13:32:33 2015] <pyon> Although I still think "Module Foo. Require Import Foo. End Foo." is rather unpleasant.
[Tue Jan 20 13:33:44 2015] <pyon> Wait, no, it does not work exactly that way.
[Tue Jan 20 13:35:17 2015] <pyon> No functional extensionality is going to be the end of me.
[Tue Jan 20 13:42:06 2015] <Nik05> where can i find info on operator precedence?
[Tue Jan 20 13:42:32 2015] <Nik05> like something nice as http://en.cppreference.com/w/cpp/language/operator_precedence :P
[Tue Jan 20 13:43:44 2015] <pyon> Haaaaaaa!
[Tue Jan 20 13:43:49 2015] <pyon> I would like to know as well.
[Tue Jan 20 13:44:03 2015] <pyon> (But perhaps a better example is ghci's ":i" command.)
[Tue Jan 20 13:44:11 2015] <Nik05> thats nice too :)
[Tue Jan 20 13:53:01 2015] <Nik05> pyon Locate does somethign... but doesnt show precedence ;)
[Tue Jan 20 13:55:50 2015] <Nik05> pyon https://coq.inria.fr/distrib/current/refman/Reference-Manual005.html
[Tue Jan 20 13:56:33 2015] <Nik05> but that table doesnt even have → :S
[Tue Jan 20 13:58:53 2015] <pyon> :-O
[Tue Jan 20 15:07:27 2015] <Nik05> so i just self learning some predicate logic, and tried if i could also solve the problems with coq. But what other stuff can you proof with coq?
[Tue Jan 20 15:08:09 2015] <alkabetz> In theory, you can prove pretty much anything that you could prove with ordinary mathematics.
[Tue Jan 20 15:08:28 2015] <alkabetz> I find Coq really shines at proving properties about computer programs, but then again, that’s my research focus :)
[Tue Jan 20 15:09:32 2015] <pyon> Is Coq equally good at proving properties about entire languages? (not individual programs)
[Tue Jan 20 15:12:08 2015] <alkabetz> I’ve never tried it, but it seems like you ought to be able to build a formal model of your language and punch that through Coq to derive the properties you want.
[Tue Jan 20 15:14:02 2015] <Nik05> thank you alkabetz
[Tue Jan 20 15:14:04 2015] <pyon> Given two lists, how to I perform a "special induction" with three cases: (1) first list is nil, (2) second list is nil, (3) both lists have heads and tails?
[Tue Jan 20 16:36:59 2015] <jrw> pyon: that should be equivalent to [induction l1; destruct l2] modulo goal duplication.
[Tue Jan 20 18:48:27 2015] <pyon> Is there any tactic that lets me simpl a specific subexpression *step by step* ?
[Tue Jan 20 18:48:50 2015] <pyon> "simpl" often goes "all the way", past the point I actually want to get at.
[Tue Jan 20 18:49:21 2015] <pyon> And thus I find myself having to make lots of tiny lemmas whose proof is "reflexivity", just so that I can rewrite them in my main proof.
[Tue Jan 20 18:52:24 2015] <arvisrend> sometimes unfold
[Tue Jan 20 18:52:36 2015] <arvisrend> otherwise i use replace...with...
[Tue Jan 20 18:52:41 2015] <arvisrend> though this is similar to your tiny lemmas
[Tue Jan 20 18:55:00 2015] <pyon> "replace ... with ..." is annoying because it decides when I have to prove that the replacement is valid (after the main goal)...
[Tue Jan 20 18:55:22 2015] <pyon> And now the justification for the replacement is far away from the point where it was actually made.
[Tue Jan 20 19:35:27 2015] <jrw> pyon: you can use "replace ... with ... by (tactic expression)"
[Tue Jan 20 19:36:52 2015] <jrw> to keep the justification close
[Tue Jan 20 19:43:19 2015] <pyon> Ah!
[Tue Jan 20 19:43:25 2015] <pyon> Makes sense!
[Tue Jan 20 19:46:07 2015] <arvisrend> thanks, jrw!this is very nice
[Tue Jan 20 20:21:53 2015] <nkar> so, I solved that exercise from "software foundations" (http://dpaste.com/3HQBJ84) without checking arvisrend's solution.  but I consider it bruteforcing because I don't know what it means to perform induction on H in this case.  I have no idea why these particular subgoals and the induction hypothesis are generated.  I know, however, what it means to perform induction on naturals and lists.  could anyone walk me through this exercise?
[Tue Jan 20 20:26:53 2015] <jrw> nkar: one way to think about it is in terms of proof trees. terms of type [refl_step_closure R x y] are trees of constructors that build up evidence for that proposition. are you familiar with this idea?
[Tue Jan 20 20:27:11 2015] <jrw> induction on H corresponds to structural induction on this tree of evidence.
[Tue Jan 20 20:27:20 2015] <nkar> not really
[Tue Jan 20 20:27:24 2015] <nkar> not at all, actually
[Tue Jan 20 20:27:59 2015] <nkar> I could read something if you know a beginner-friendly source
[Tue Jan 20 20:28:08 2015] <jrw> hm, I thought SF explained this.
[Tue Jan 20 20:28:09 2015] <jrw> one second.
[Tue Jan 20 20:28:37 2015] <jrw> nkar: what chapter is this from?
[Tue Jan 20 20:28:43 2015] <nkar> Rel
[Tue Jan 20 20:29:04 2015] <nkar> second to last exercise
[Tue Jan 20 20:29:35 2015] <jrw> nkar: have you done the Prop chapter?
[Tue Jan 20 20:30:25 2015] <nkar> let me check
[Tue Jan 20 20:30:44 2015] <jrw> in either case, you might want to read/re-read the part about inducting on evidence
[Tue Jan 20 20:30:50 2015] <jrw> and then ask questions in here :)
[Tue Jan 20 20:30:53 2015] <nkar> no, I haven't
[Tue Jan 20 20:31:07 2015] <nkar> read where?
[Tue Jan 20 20:32:06 2015] <jrw> I think you should do the Prop chapter before Rel
[Tue Jan 20 20:34:06 2015] <nkar> well, I've nearly finished the Prop chapte, but I'll look into it, thanks
[Tue Jan 20 20:34:12 2015] <nkar> s/Prop/Rel
[Tue Jan 20 20:52:38 2015] <nkar> jrw: ah, I guess [next_nat_closure_is_le] in the Rel chapter is intended to be a brief introduction to this.
[Tue Jan 20 21:07:37 2015] <pyon> I have proven a "Lemma foo n : bar n <-> baz n", and I need to use the implication in one direction, how do I do it?
[Tue Jan 20 21:23:17 2015] <Cypi> pyon : the apply tactics is usually smart enough to do it right for you. You can also destruct your lemma to get both directions.
[Wed Jan 21 07:09:16 2015] <schoppenhauer> is there something similar to replace (fold_left ?a ?b ?c ?d) with (H3 :: fold_left ?a ?b H2 ?d). possible? that is, replacement with named wildcards?
[Wed Jan 21 08:51:25 2015] <arvisrend> hmm
[Wed Jan 21 08:51:31 2015] <arvisrend> ilya sergey's notes look very nicely written
[Wed Jan 21 08:51:36 2015] <arvisrend> but i'm not sure his exercises are helpful...
[Wed Jan 21 08:57:55 2015] <vanila> thanks arvisrend
[Wed Jan 21 08:58:04 2015] <vanila> he has a bunch of cool stuff
[Wed Jan 21 09:00:28 2015] <arvisrend> thanks for what though?
[Wed Jan 21 09:18:05 2015] <pyon> Is there any shorthand for "induction foo; simpl; <rewrite all inductive hypotheses>; <reflexivity/tauto/whatever>." ? It is a very common pattern.
[Wed Jan 21 09:25:07 2015] <Choups314> Hi, what is the opposite of [apply] ?
[Wed Jan 21 09:25:21 2015] <Choups314> I have a lemma that proves [P -> Q]
[Wed Jan 21 09:25:44 2015] <vanila> into
[Wed Jan 21 09:25:46 2015] <vanila> intro*
[Wed Jan 21 09:25:54 2015] <Choups314> And in a proof, I have the goal [Q], and an hypothesis [P]
[Wed Jan 21 09:26:15 2015] <Cypi> Just [apply] is what you want to use here.
[Wed Jan 21 09:26:21 2015] <Choups314> Ho ok
[Wed Jan 21 09:26:39 2015] <Choups314> I thought it would applied for the goal [Q]
[Wed Jan 21 09:26:47 2015] <Choups314> P*
[Wed Jan 21 09:27:00 2015] <Cypi> If you use [apply lemma], then your goal will be transformed into P, and then you can use your hypothesis
[Wed Jan 21 09:27:13 2015] <Cypi> you can also do [apply lemma in hypothesis] to transform your hypothesis into Q
[Wed Jan 21 09:27:28 2015] <arvisrend> ssreflects really speaks of "behead" instead of "tal"?
[Wed Jan 21 09:27:32 2015] <arvisrend> *"tail"
[Wed Jan 21 09:31:18 2015] <Choups314> Is it possible to use [apply] on every parts of a goal like [part1 \/ part2 \/ part3], or I must destruct it ?
[Wed Jan 21 09:38:24 2015] <ia0> when you try to prove a disjonction, you just need to prove one branch (using left or right IIRC)
[Wed Jan 21 09:38:58 2015] <ia0> so there is no need to apply a lemma to all of them, just the one you are interested in
[Wed Jan 21 09:41:34 2015] <arvisrend> but let me steal his question. what if this is a hypothesis?
[Wed Jan 21 09:47:15 2015] <ianjneu> arvisrend: if you know H : L + R, and you need on L or an R, you have to prove your goal in both cases, by inversion on H.
[Wed Jan 21 09:55:23 2015] <pyon> I want to prove "forall {A} (xs ys : list A), reverse xs = reverse ys -> xs = ys". My idea is as follows: perform induction on both xs and ys. Discard the cases where exactly one of the lists is nil, by using the fact that "reverse" preserves the length of the list (I have this as a separate lemma). Prove the remaining two cases (both nil or both cons) using the inductive hypothesis. How do I do this?
[Wed Jan 21 09:57:30 2015] <pyon> At some point I have the hypothesis: "H : reverse nil = reverse (a :: ys)". I want to transform this into "H' : length (reverse nil) = length (reverse (a :: ys))", and then "H'' : Z = S (length ys)", so that I can finally "discriminate".
[Wed Jan 21 10:00:05 2015] <arvisrend> pyon... sorry to beg your question, but i'd use the involutiveness of reverse
[Wed Jan 21 10:00:11 2015] <arvisrend> you'll have a use for it sooner or later anyway
[Wed Jan 21 10:00:47 2015] <arvisrend> ianjneu: what i want is to apply some transformation to both L and R at the same time without destructing them and +ingthem again
[Wed Jan 21 10:01:01 2015] <pyon> Oh, I already have the involutiveness of reverse.
[Wed Jan 21 10:01:04 2015] <Cypi> I guess your lemma states something like [length (reverse l) = length l]. What you can do is something like [apply (f_equal length) in H] to get your H'
[Wed Jan 21 10:01:13 2015] <pyon> arvisrend: But, still, how do I use it?
[Wed Jan 21 10:01:22 2015] <arvisrend> rewrite the goal using it
[Wed Jan 21 10:01:22 2015] <arvisrend> twice
[Wed Jan 21 10:01:27 2015] <pyon> :-O
[Wed Jan 21 10:02:52 2015] <pyon> Oh, it didn't like "apply (f_equal length) in H" because I made length polymorphic. But "apply (f_equal (fun xs => length xs))" did the trick, nice! :-)
[Wed Jan 21 10:02:59 2015] <arvisrend> :D
[Wed Jan 21 10:03:21 2015] <arvisrend> i also need trial and error every time to find out whether coq wants me to provide type arguments or not
[Wed Jan 21 10:03:48 2015] <Cypi> Does (f_equal (length _)) work, out of curiosity, pyon?
[Wed Jan 21 10:03:49 2015] <pyon> If I am going to apply a lot of tactics on the same hypothesis, is there any shorthand for this?
[Wed Jan 21 10:04:00 2015] <pyon> Cypi: Nope.
[Wed Jan 21 10:04:03 2015] <Cypi> ok :)
[Wed Jan 21 10:04:18 2015] <arvisrend> i thought this is what hint databases are for
[Wed Jan 21 10:04:21 2015] <arvisrend> but i've never used one so far
[Wed Jan 21 10:04:22 2015] <pyon> I am not using "Set Implicit Arguments", I like manually controlling which arguments are explicit.
[Wed Jan 21 10:04:28 2015] <pyon> arvisrend: If I only knew how to use them!
[Wed Jan 21 10:04:37 2015] <pyon> which arguments are implicit*
[Wed Jan 21 10:04:47 2015] <Cypi> Even if an argument is explicit, you can always put a placeholder _ and let Coq try to infer it.
[Wed Jan 21 10:04:57 2015] <Cypi> I was just wondering if it would do it here
[Wed Jan 21 10:06:24 2015] <pyon> Ah.
[Wed Jan 21 10:21:01 2015] <pyon> Is there anything like "induction on lists of equal length" ?
[Wed Jan 21 10:21:18 2015] <pyon> pairs of lists of equal length*
[Wed Jan 21 10:21:57 2015] <pyon> Either they are both nil or they are both cons where the tails are of equal length.
[Wed Jan 21 10:22:04 2015] <pyon> No, wait... perhaps I should prove this as a lemma.
[Wed Jan 21 10:22:19 2015] <arvisrend> i'd induce over the length and use destruct
[Wed Jan 21 10:38:44 2015] <pyon> Apparently there is a subtle difference between "induction xs, ys" and "induction xs; induction ys"... :-|
[Wed Jan 21 10:38:55 2015] <pyon> Regarding how inductive hypotheses are introduced. :-|
[Wed Jan 21 10:39:00 2015] <pyon> Am I right?
[Wed Jan 21 10:39:57 2015] <arvisrend> i didn't even know there is induction xs, ys
[Wed Jan 21 10:39:58 2015] <arvisrend> what does it do?
[Wed Jan 21 10:40:39 2015] <pyon> Induction over multiple things at once.
[Wed Jan 21 10:41:06 2015] <pyon> But, apparently, inductive hypotheses are only generated for the first thing being inducted (induced?) over.
[Wed Jan 21 10:42:58 2015] <arvisrend> https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_tactic71
[Wed Jan 21 10:43:01 2015] <arvisrend> might be variant 8
[Wed Jan 21 10:48:14 2015] <pyon> I was just being stupid. There is a difference between "Theorem foo a : bar" and "Theorem foo : forall a, bar".
[Wed Jan 21 10:50:15 2015] <arvisrend> i have a condition "false" and a goal "False"
[Wed Jan 21 10:50:22 2015] <arvisrend> what is the "idiomatic" way to get a contradiction?
[Wed Jan 21 10:50:38 2015] <arvisrend> (i can inversion the condition, but i'd assume SSR has something better readable for this.)
[Wed Jan 21 10:53:11 2015] <pyon> Ok, this is super dumb, but I have "H : S x = S y", and I need "x = y". What do I do?
[Wed Jan 21 10:53:33 2015] <jrw> pyon: [inversion H]
[Wed Jan 21 10:53:59 2015] <pyon> Slightly modified version of the question.
[Wed Jan 21 10:54:05 2015] <pyon> I obtained this hypothesis by doing "intro".
[Wed Jan 21 10:54:28 2015] <pyon> Instead of "intro H; inversion H", is there any one-step tactic that simplifies this directly in the goal?
[Wed Jan 21 10:54:56 2015] <pyon> Basically, my goal, before "intro H", is "S x = S y -> moo_im_a_cow".
[Wed Jan 21 10:55:05 2015] <pyon> And I want "x = y -> moo_im_a_cow".
[Wed Jan 21 10:56:15 2015] <pyon> If the goal were merely "S x = S y", I could do "f_equal".
[Wed Jan 21 10:59:54 2015] <pyon> Any ideas on how to make this proof better? https://gist.github.com/eduardoleon/8309321c189e4b67fa39
[Wed Jan 21 11:03:29 2015] <ianjneu> pyon: Hint Constructors eq_len. before the theorem, then induction xs; destruct ys; firstorder (inversion H; auto).
[Wed Jan 21 11:04:22 2015] <arvisrend> i wouldn't use any automation in such a proof tbh
[Wed Jan 21 11:06:16 2015] <pyon> :-O
[Wed Jan 21 11:07:18 2015] <pyon> This is almost too magical.
[Wed Jan 21 11:07:51 2015] <pyon> Suddenly all my old proofs seem long and verbose and ugly.
[Wed Jan 21 11:08:46 2015] <pyon> Is there any way to explicitly specify an implicit parameter?
[Wed Jan 21 11:08:57 2015] <ianjneu> pyon: this depends on firstorder introducing "H", so you should probably use match goal to find the = hypothesis.
[Wed Jan 21 11:08:59 2015] <arvisrend> prefix the function with an @
[Wed Jan 21 11:09:06 2015] <arvisrend> like: @cons A h t
[Wed Jan 21 11:09:19 2015] <pyon> Oh.
[Wed Jan 21 11:10:15 2015] <pyon> Is there any way to say "Hint Rewrite <all inductive hypotheses>"?
[Wed Jan 21 11:13:42 2015] <arvisrend> Proof.
[Wed Jan 21 11:13:42 2015] <arvisrend> induction xs as [| hx tx]; destruct ys as [| hy ty].
[Wed Jan 21 11:13:42 2015] <arvisrend> intros _; exact nils.
[Wed Jan 21 11:13:42 2015] <arvisrend> intros H; inversion H.
[Wed Jan 21 11:13:42 2015] <arvisrend> intros H; inversion H.
[Wed Jan 21 11:13:42 2015] <arvisrend> intros H; inversion H as [H1]. exact (conses (IHtx ty H1)).
[Wed Jan 21 11:13:42 2015] <arvisrend> Qed.
[Wed Jan 21 11:13:46 2015] <arvisrend> this is how i'd do that
[Wed Jan 21 11:14:08 2015] <arvisrend> of course it's longer but the structure is clearer (at least if you add whatever case declarations you use)
[Wed Jan 21 11:14:41 2015] <pyon> I do not find any case analyses clear in the tactic language.
[Wed Jan 21 11:15:25 2015] <pyon> In my mind, "case analyses" has to look like pattern matching. (I know that, under the hood, pattern matching is still what is happening... but it is no good if I cannot easily identify the cases visually.)
[Wed Jan 21 11:15:51 2015] <arvisrend> for identifying cases visually, there is the "Case" command from the sf book
[Wed Jan 21 11:16:04 2015] <ianjneu> pyon: there is no metadata on identifiers that are "induction hypotheses" but you can do repeat (match goal with [H : _ |- _] => try rewrite H end).
[Wed Jan 21 11:16:16 2015] <pyon> arvisrend: Yep, but that just adds manual labels.
[Wed Jan 21 11:16:20 2015] <ianjneu> b
[Wed Jan 21 11:17:44 2015] <arvisrend> as i said, "visually"
[Wed Jan 21 11:17:44 2015] <ianjneu> pyon: + and - are other ways to structure proofs, supported by the proof engine (it will focus the current goal).
[Wed Jan 21 11:17:58 2015] <arvisrend> i have no idea what to do to make coq actually verify that the cases are the right ones
[Wed Jan 21 11:19:11 2015] <pyon> Ah...
[Wed Jan 21 11:19:35 2015] <arvisrend> + and -?
[Wed Jan 21 11:19:44 2015] <arvisrend> (sorry but these are hard to google and i want to know)
[Wed Jan 21 11:21:04 2015] <ianjneu> arvisrend: say you do a destruct lst. You have two goals. You can write + before your next tactic, and it will focus the first goal.
[Wed Jan 21 11:21:25 2015] <ianjneu> + and - do the same thing, but are visually distinct to alternate between subgoals.
[Wed Jan 21 11:21:36 2015] <arvisrend> what do you mean by focus the first goal?
[Wed Jan 21 11:21:42 2015] <arvisrend> isn#t the first goal automatically focused?
[Wed Jan 21 11:22:26 2015] <johnw> you can use * too, or { ... }
[Wed Jan 21 11:22:44 2015] <johnw> it focuses the first goal and makes the other goals invisible to you
[Wed Jan 21 11:22:55 2015] <johnw> further, you must resolve the goal in order to work on the next bullet
[Wed Jan 21 11:23:04 2015] <johnw> extremely valuable for multiply nested proofs
[Wed Jan 21 11:23:32 2015] <arvisrend> ah thanks!
[Wed Jan 21 11:23:45 2015] <arvisrend> very useful for future-proofing i guess
[Wed Jan 21 11:23:56 2015] <arvisrend> but how do i "end" a bullet?
[Wed Jan 21 11:24:27 2015] <johnw> it ends when the goal is completed automatically
[Wed Jan 21 11:24:29 2015] <johnw> induction n.
[Wed Jan 21 11:24:32 2015] <johnw> + exact foo.
[Wed Jan 21 11:24:34 2015] <johnw> + exact bar.
[Wed Jan 21 11:24:39 2015] <johnw> (or -)
[Wed Jan 21 11:24:50 2015] <johnw> some tools expect the following bullet order: -, then +, then *
[Wed Jan 21 11:25:10 2015] <johnw> (which visually makes sense)
[Wed Jan 21 11:26:00 2015] <arvisrend> ah!
[Wed Jan 21 11:32:00 2015] <Choups314> any idea how to match an hypothesis (in a [match goal with]) depending on its name ?
[Wed Jan 21 11:32:34 2015] <johnw> no, I don't know how to do that
[Wed Jan 21 11:32:45 2015] <johnw> but, if you know it's name, why do you need to match on it?
[Wed Jan 21 11:33:24 2015] <Choups314> I am trying to make a tactic that works like [rewrite .. in ..] for example (the [in
[Wed Jan 21 11:33:27 2015] <Choups314> part )
[Wed Jan 21 11:33:48 2015] <johnw> ah
[Wed Jan 21 11:34:05 2015] <Choups314> But I don't know what is in this hypothesis :/
[Wed Jan 21 11:34:36 2015] <fisi> you could go [match H with ...], assuming H is your hypothesis
[Wed Jan 21 11:34:41 2015] <Choups314> Is it possible to do [match H with] ? (H is the argument of the tactic) ?]
[Wed Jan 21 11:35:03 2015] <johnw> you can take a context argument
[Wed Jan 21 11:35:09 2015] <johnw> see CPDT, it gives an example of doing this
[Wed Jan 21 11:35:20 2015] <johnw> then, in another Ltac script, you can produce a context narrow to each hypothesis in turn
[Wed Jan 21 11:35:42 2015] <Choups314> CPDT ?
[Wed Jan 21 11:35:52 2015] <johnw> http://adam.chlipala.net/cpdt/cpdt.pdf
[Wed Jan 21 11:36:01 2015] <johnw> anyone who is writing Ltac needs to read that
[Wed Jan 21 11:36:09 2015] <Choups314> Hoo .. :p
[Wed Jan 21 11:36:13 2015] <Choups314> Ok, thanks ;)
[Wed Jan 21 11:37:12 2015] <Choups314> Just another quick question, what is the exact role of the syntax "?x" ? (I'm using it to "introduce" variable names)
[Wed Jan 21 11:38:40 2015] <johnw> ?x introduces a variable name ;)
[Wed Jan 21 11:38:47 2015] <johnw> I don't quite understand the question?
[Wed Jan 21 11:39:03 2015] <pyon> How do I complete this proof using proof automation? https://gist.github.com/eduardoleon/8309321c189e4b67fa39
[Wed Jan 21 11:39:12 2015] <Choups314> I saw someone else using it with [Search]
[Wed Jan 21 11:43:08 2015] <johnw> pyon: induction xs; simpl; try rewrite <- IHxs; auto.
[Wed Jan 21 11:44:00 2015] <pyon> My current "manual" proof is already "induction xs; try (simpl; rewrite length_snoc; rewrite IHxs); reflexivity."
[Wed Jan 21 11:44:11 2015] <johnw> i didn't need to mention length_snoc
[Wed Jan 21 11:44:18 2015] <pyon> The point is getting Coq to figure out all the rewrites.
[Wed Jan 21 11:44:23 2015] <johnw> oh, add Hint Resolve length_snoc.
[Wed Jan 21 11:45:07 2015] <arvisrend> where do i find in ssreflect the fact that x <> y yields (x == y) = false for two nats x and y?
[Wed Jan 21 11:45:25 2015] <johnw> apply/eqP.
[Wed Jan 21 11:45:39 2015] <arvisrend> thank you!
[Wed Jan 21 11:46:05 2015] <arvisrend> hmm
[Wed Jan 21 11:46:10 2015] <arvisrend> "apply/eqP in H" doesn't work for syntax reasons
[Wed Jan 21 11:46:12 2015] <arvisrend> what am i doing wrong?
[Wed Jan 21 11:46:16 2015] <johnw> move/eqP in H
[Wed Jan 21 11:46:26 2015] <arvisrend> ah thank you
[Wed Jan 21 11:46:32 2015] <arvisrend> haven't seen this stuff yet
[Wed Jan 21 11:49:35 2015] <margisd> Asking to prove whether this statement is true or not. http://i.imgur.com/LJBnsko.png Think I've figured this out, if R is '=' or '<' the size of R changes therefore the subset cannot be the size of the set? Anyone at all know if this is the correct train of thought?
[Wed Jan 21 11:50:33 2015] <arvisrend> what is R ; R ?
[Wed Jan 21 11:51:06 2015] <johnw> remember that a relation is a power set
[Wed Jan 21 11:51:35 2015] <johnw> (subset of the power set)
[Wed Jan 21 11:56:47 2015] <ianjneu> R ; R' = R' o R = {(x, z) : (x,y) in R, (y,z) in R'}
[Wed Jan 21 11:57:22 2015] <johnw> ahh, right
[Wed Jan 21 11:57:27 2015] <johnw> I have seen ; used for composition before
[Wed Jan 21 11:57:53 2015] <ianjneu> ; = "then", o = "after"
[Wed Jan 21 11:58:09 2015] <johnw> interesting
[Wed Jan 21 11:58:15 2015] <johnw> in Haskell we've been using & for ;
[Wed Jan 21 11:58:18 2015] <johnw> "and then"
[Wed Jan 21 11:58:24 2015] <johnw> oh, no, never mind
[Wed Jan 21 11:58:26 2015] <johnw> not &
[Wed Jan 21 11:58:38 2015] <johnw> >>>
[Wed Jan 21 11:58:42 2015] <johnw> no mnemonic there
[Wed Jan 21 11:59:23 2015] <margisd> ianjneu, So the answer is no?  R = {(1,0), (0,1)}, yet R;R = {(0,0),(0,1),(1,0),(1,1)}
[Wed Jan 21 12:03:11 2015] <ianjneu> how do you justify (0,1) and (1,0) in R;R? You have to go from 0,1 to 1,0 to get (0,0), or 1,0 to 0,1 to get (1,1). Thus R;R not a subset of R.
[Wed Jan 21 12:05:18 2015] <ianjneu> Just like a single transition in a turing machine is a decidable set, but multiple (unbounded) transitions is not. If you know how to decide -->, but somehow -->;--> subseteq -->, then -->^+ subseteq -->, but then you've solved the halting problem because you can decide start -->^+ end
[Wed Jan 21 12:05:50 2015] <ianjneu> generally not true, and also not true for relation {0,1}
[Wed Jan 21 12:07:18 2015] <margisd> ianjneu, oops, sorry, you're right, but still we get  R;R = {(0,0), (1,1)} which is not a subset of R
[Wed Jan 21 12:07:24 2015] <margisd> Do you agree?
[Wed Jan 21 12:36:55 2015] <schoppenhauer> can one get omega to work with Bignum.N ?
[Wed Jan 21 12:47:11 2015] <jgross__> johnw @ 15:25 1/19: pong (I'm around very sporadically as I'm travelling internationally.) 
[Wed Jan 21 12:47:24 2015] <johnw> jgross__: hi!
[Wed Jan 21 12:47:31 2015] <johnw> jgross__: I was wondering if you'd be in Boston next week Monday
[Wed Jan 21 14:55:18 2015] <Choups314> What am-I doing wrong in this basic [match] : http://pastebin.com/GTyqhVxZ ?
[Wed Jan 21 14:57:04 2015] <johnw> I think you'd need: [ -| context(constr1 ?x ?y) ] => idtac
[Wed Jan 21 14:57:06 2015] <johnw> and then you could refer to y
[Wed Jan 21 14:58:50 2015] <schoppenhauer> can one get omega to work with Bignum.N ?
[Wed Jan 21 14:58:58 2015] <schoppenhauer> I mean, it is presburger arithmetic.
[Wed Jan 21 14:59:16 2015] <johnw> I don't know if the tactic works with that type, though
[Wed Jan 21 15:01:30 2015] <Choups314> johnw : You mean in a match clause ?
[Wed Jan 21 15:06:48 2015] <johnw> yeah
[Wed Jan 21 15:07:37 2015] <Choups314> "Syntax error: [match_rule] expected after '|' (in [match_list])."
[Wed Jan 21 15:07:54 2015] <Choups314> In fact I would like to match an expression like "x < y"
[Wed Jan 21 15:27:10 2015] <Choups314> Is there a way to debug pattern-matchin ?
[Wed Jan 21 15:27:13 2015] <Choups314> matching*
[Wed Jan 21 16:10:55 2015] <jgross__> johnw: Sorry for the delay; I'm slowly catching up on IRC.  I'll be back in Boston on Jan 30, but not before. 
[Wed Jan 21 16:24:18 2015] <johnw> jgross__: ok, thanks!
[Wed Jan 21 17:01:22 2015] <thinkpad20> Hey guys, does anyone know how to disable the automatic indentation in emacs coq mode? It's completely terrible. Always indenting my lines as I'm writing them or after I'm done writing them, and guessing the wrong indentation...
[Wed Jan 21 17:02:00 2015] <jrw> thinkpad20: what do you mean by "automatic"?
[Wed Jan 21 17:02:06 2015] <jrw> are you in electic mode or something?
[Wed Jan 21 17:03:28 2015] <thinkpad20> Automatic as in, I'm not actually doing the indents myself
[Wed Jan 21 17:03:43 2015] <thinkpad20> I'm not sure what mode I'm in... I only use emacs for proof general
[Wed Jan 21 17:05:30 2015] <thinkpad20> It also does this really annoying thing where it moves the cursor back a character when I close a parenthesis or type a period... but I can get rid of that with M-x show-paren-mode
[Wed Jan 21 17:14:00 2015] <johnw> hello, after I use Grab Existential Variables. on the following code: https://gist.github.com/90922142f7c962799bd0, I find that Heqe and Hu disappear from my context.  What is causing this to happen, and how do I keep them there?
[Wed Jan 21 17:17:29 2015] <johnw> n/m
[Wed Jan 21 17:40:01 2015] <thinkpad20> so... no thoughts? any emacs experts here?
[Wed Jan 21 17:53:05 2015] <johnw> I use Emacs heavily, but no thoughts
[Wed Jan 21 18:01:04 2015] <jrw> thinkpad20: are you using emacs in the terminal by any chance?
[Wed Jan 21 18:04:26 2015] <thinkpad20> no, gui
[Wed Jan 21 18:05:24 2015] <thinkpad20> version 24.4.1
[Wed Jan 21 18:05:37 2015] <thinkpad20> i'd note that this doesn't happen on my mac, only on the linux box
[Wed Jan 21 18:06:19 2015] <thinkpad20> does PG do its own indentation magic, or are there any other libraries for it?
[Wed Jan 21 18:13:30 2015] <jrw> thinkpad20: can you try running M-x electric-indent-mode
[Wed Jan 21 18:14:35 2015] <thinkpad20> ah man, that totally did it.
[Wed Jan 21 18:14:40 2015] <jrw> woooo
[Wed Jan 21 18:15:11 2015] <thinkpad20> now it doesn't do any auto indentation at all... which is a little unfortunate, but WAY better than the kind of shenanigans it was doing before :)
[Wed Jan 21 18:15:20 2015] <thinkpad20> thanks a ton!
[Wed Jan 21 18:26:09 2015] <Ptival> is anyone here versed in how proofgeneral interacts with coqtop?
[Wed Jan 21 18:26:31 2015] <Ptival> I'm mostly interested in how they figure out error locations, as it does not seem to be communicated by the -ideslave protocol I am using
[Wed Jan 21 18:26:40 2015] <Ptival> browsing through the sources of proofgeneral now...
[Wed Jan 21 18:55:28 2015] <jrw> Ptival: I don't think pg uses -ideslave
[Wed Jan 21 18:57:04 2015] <johnw> it always feels so weird when a proof works out as:
[Wed Jan 21 18:57:05 2015] <johnw> Proof. case: rd => _ _ _ _ [[[_| ] [_| ]] _] _ // in r *. Qed.
[Wed Jan 21 18:57:13 2015] <johnw> all it cared about was the structure
[Wed Jan 21 19:07:40 2015] <Ptival> jrw: yeah I just came to that conclusion
[Wed Jan 21 19:07:56 2015] <Ptival> their error message comes from toplevel.ml
[Wed Jan 21 19:08:33 2015] <Ptival> and coqtop.ml starts Toplevel.loop when not in -ideslave, and Ide_slave.loop in -ideslave
[Wed Jan 21 19:08:42 2015] <Ptival> so looks like pg does not use -idesalve
[Wed Jan 21 19:08:56 2015] <Ptival> huh I might have to change my full backend @__@
[Wed Jan 21 19:22:14 2015] <Ptival> oh I see they use a Backtrack command
[Wed Jan 21 19:24:53 2015] <Ptival> jrw: do you think/know it uses the -emacs mode for figuring out state numbers?
[Wed Jan 21 19:29:53 2015] <jrw> Ptival: I think it does but I don't know for sure
[Wed Jan 21 19:30:05 2015] <jrw> we looked into it briefly for the ltacular stuff
[Wed Jan 21 19:32:15 2015] <Ptival> jrw: oh it seems it uses -emacs-U
[Wed Jan 21 19:32:44 2015] <johnw> if I have a record of two fields, foo and bar, how do I prove that x = {| foo := foo x; bar := bar x |}?
[Wed Jan 21 19:32:45 2015] <Ptival> which is not documented
[Wed Jan 21 19:33:02 2015] <johnw> that isn't just definitional equality, as reflexivity doesn't like it
[Wed Jan 21 19:33:23 2015] <johnw> oh, "by destruct x" works
[Thu Jan 22 01:41:22 2015] <pyon> Are there any examples of how to use Chlipala-style automation specifically for type safety proofs?
[Thu Jan 22 01:44:17 2015] <vanila> here's his poplmark stuff http://adam.chlipala.net/poplmark/ also examples in lambda tamer
[Thu Jan 22 01:46:08 2015] <pyon> Ah, checking! And thanks!
[Thu Jan 22 05:04:51 2015] <ineol> Is there a function that generates all subsets of a given size in the standard lib ?
[Thu Jan 22 06:28:18 2015] <schoppenhauer> is there a way to drop an assumption in a current goal?
[Thu Jan 22 06:28:37 2015] <Cypi> clear?
[Thu Jan 22 06:29:24 2015] <schoppenhauer> ah, thx
[Thu Jan 22 08:13:34 2015] <schoppenhauer> hm. is there exponentiation for nat?
[Thu Jan 22 08:17:59 2015] <vanila> there should be, check the docs
[Thu Jan 22 08:18:08 2015] <vanila> https://coq.inria.fr/library/Coq.Init.Peano.html
[Thu Jan 22 08:18:21 2015] <vanila> https://coq.inria.fr/library/index.html
[Thu Jan 22 08:19:28 2015] <vanila> doesnt actually look like there is though
[Thu Jan 22 08:19:37 2015] <schoppenhauer> vanila: the only thing I found was https://coq.inria.fr/library/Coq.Numbers.NatInt.NZPow.html but this is not for nat apparently.
[Thu Jan 22 08:19:45 2015] <schoppenhauer> or ... I am not sure how to use this for nat.
[Thu Jan 22 08:21:35 2015] <vanila> I found NPeano.pow from Require Import Arith. then SearchAbout nat.
[Thu Jan 22 08:21:46 2015] <vanila> https://coq.inria.fr/library/Coq.Numbers.Natural.Peano.NPeano.html
[Thu Jan 22 08:21:58 2015] <vanila> this seems to be where they hide all the good bits
[Thu Jan 22 08:22:41 2015] <vanila> so they're defining some kind of "Nat" module
[Thu Jan 22 08:22:45 2015] <schoppenhauer> vanila: thank you.
[Thu Jan 22 08:22:49 2015] <schoppenhauer> this works.
[Thu Jan 22 08:23:06 2015] <vanila> but if you just Require Import NPeano. you can use pow
[Thu Jan 22 08:23:27 2015] <vanila> (although it might be useful to look into the module stuff if you watned to switch out the implementation of nat later)
[Thu Jan 22 09:31:10 2015] <schoppenhauer> is it possible to get omega for N?
[Thu Jan 22 09:36:24 2015] <vanila> no but ring. can help
[Thu Jan 22 09:36:35 2015] <vanila> there may some opther automatic tactics that work on N
[Thu Jan 22 09:36:37 2015] <vanila> presberger amybe
[Thu Jan 22 09:36:53 2015] <vanila> oh wait I think ring does apply to N actually
[Thu Jan 22 09:37:15 2015] <vanila> "Formulas on nat are automatically injected into Z"
[Thu Jan 22 09:37:17 2015] <vanila> https://coq.inria.fr/distrib/current/refman/Reference-Manual023.html
[Thu Jan 22 09:43:55 2015] <schoppenhauer> strangely, I want to derive (a + b) >= 1 from b >= 1, all in N.
[Thu Jan 22 09:44:08 2015] <vanila> yeah that should definitely work
[Thu Jan 22 09:44:14 2015] <schoppenhauer> it doesnt
[Thu Jan 22 09:44:23 2015] <schoppenhauer> even when converting it to Z
[Thu Jan 22 09:44:55 2015] <vanila> http://lpaste.net/118997
[Thu Jan 22 09:44:58 2015] <vanila> this succeeds for me
[Thu Jan 22 09:45:17 2015] <schoppenhauer> vanila: N, not nat
[Thu Jan 22 09:45:23 2015] <vanila> ohh
[Thu Jan 22 09:45:31 2015] <vanila> sorry! I misunderstood
[Thu Jan 22 09:46:56 2015] <schoppenhauer> vanila: I can manage to get (Z.of_N distsuffixbase >= Z.of_N 1)%Z, and as goal (Z.of_N distsuffixnum + Z.of_N distsuffixbase >= Z.of_N 1)%Z, still, omega sais it cannot solve this system
[Thu Jan 22 09:47:05 2015] <schoppenhauer> hm.
[Thu Jan 22 09:47:10 2015] <schoppenhauer> maybe with a lemma ...
[Thu Jan 22 09:47:22 2015] <vanila> im trying to see how you would get this lemma for the generic nat structure
[Thu Jan 22 09:47:30 2015] <vanila> and then the modue thing would let you instance that for N
[Thu Jan 22 09:48:17 2015] <schoppenhauer> wah
[Thu Jan 22 09:48:34 2015] <schoppenhauer> this does not hold for Z  i think
[Thu Jan 22 09:48:38 2015] <vanila> I think it would be good to ask this on Coq club
[Thu Jan 22 09:49:01 2015] <schoppenhauer> no, it is wrong that b >= c implies (a+b >= c) in general
[Thu Jan 22 09:49:07 2015] <vanila> of couse you can prove it by hand pretty easy, but you really want to be able to apply omega
[Thu Jan 22 09:49:07 2015] <schoppenhauer> one needs b >= 0
[Thu Jan 22 09:49:26 2015] <schoppenhauer> so I need Z.of_N distsuffixbase >= 0
[Thu Jan 22 09:50:10 2015] <vanila> wait a sec
[Thu Jan 22 09:50:15 2015] <vanila> are you just using N because it has exponentiation?
[Thu Jan 22 09:50:40 2015] <vanila> it is probably easier to implement that than working around the difficulty of applying omega to N
[Thu Jan 22 09:55:29 2015] <schoppenhauer> vanila: no, I use N at this point since this value is an index of a 32k buffer, and coq warns about possible stack overflows.
[Thu Jan 22 09:55:53 2015] <vanila> ah okay
[Thu Jan 22 09:56:46 2015] <schoppenhauer> I wonder why coq does not have and utilize intrinsics.
[Thu Jan 22 11:06:27 2015] <schoppenhauer> why are there negative cases for N?
[Thu Jan 22 11:09:17 2015] <ianjneu> schoppenhauer: context?
[Thu Jan 22 11:39:05 2015] <schoppenhauer> ianjneu: N.pow_succ_r: forall n p : N, (0 <= p)%N -> (n ^ N.succ p)%N = (n * n ^ p)%N
[Thu Jan 22 11:39:18 2015] <schoppenhauer> ianjneu: isn't 0 <= p unneccessary?
[Thu Jan 22 11:42:04 2015] <arvisrend> from which library?
[Thu Jan 22 11:42:28 2015] <arvisrend> because i see that lemma in Coq.ZArith.BinInt, and there things are scoped to Z
[Thu Jan 22 12:00:08 2015] <pyon> http://adam.chlipala.net/cpdt/html/DataStruct.html -- In the section on heterogeneous lists (hlist), wouldn't it have been easier to define hget in the proof language? e.g. "Definition hget xs (ys : hlist xs) : member xs -> B e. Proof. induction ys; intro; inversion X; firstorder. Defined."
[Thu Jan 22 12:00:12 2015] <pyon> Or is there something I am missing.
[Thu Jan 22 12:00:13 2015] <pyon> ?
[Thu Jan 22 12:00:32 2015] <pyon> AFAICT, this type has exactly one inhabitant.
[Thu Jan 22 12:00:45 2015] <vanila> Part of his philosophy is to define all 'programs' explicitly
[Thu Jan 22 12:01:03 2015] <vanila> in general it's a bad idea to program with tactics, they should only be used to build irrelevant terms
[Thu Jan 22 12:01:22 2015] <pyon> Oh.
[Thu Jan 22 12:01:46 2015] <pyon> If only dependent pattern matching weren't so painful...
[Thu Jan 22 12:02:10 2015] <vanila> yeah coq does not have proper dependent type pattern matching, and that makes doing proper programming in it nearly impossible :(
[Thu Jan 22 12:02:45 2015] <pyon> There has to be some way to prune the impossible cases outside of the tactic language.
[Thu Jan 22 12:03:11 2015] <pyon> I mean, something like what "inversion" can do (at least in many cases) in the tactic language.
[Thu Jan 22 12:03:18 2015] <vanila> one thing that you can do is write the program part of a definition using refine, leaving some holes for proof obligations and then fill them in with tactics
[Thu Jan 22 12:03:41 2015] <vanila> the "Program" thing goes further with this style
[Thu Jan 22 12:04:55 2015] <pyon> To get a taste of it... how would "hget" be defined using Program?
[Thu Jan 22 12:53:11 2015] <schoppenhauer> waaah ... What is the best way to solve finitely many cases of something? I currently use do <large number> (destruct bla as [|bla]; [... | idtac]), and it works, except that when using "Defined." or "Qed." in the end, Coq keeps consuming memory (> 96GiB).
[Thu Jan 22 12:59:01 2015] <ianjneu> schoppenhauer: I think Adam Chlipala had a similar problem a few years ago, where he had a lot of small datastructures that he kept destructing. The solution was to create really wide datastructures.
[Thu Jan 22 13:01:03 2015] <johnw> schoppenhauer: what if you abstract each step?
[Thu Jan 22 13:01:08 2015] <johnw> do <num> (abstract (...))
[Thu Jan 22 13:06:17 2015] <schoppenhauer> johnw: abstract?
[Thu Jan 22 13:06:47 2015] <schoppenhauer> *googles*
[Thu Jan 22 13:07:31 2015] <schoppenhauer> ah, looks useful.
[Thu Jan 22 13:09:20 2015] <johnw> yes
[Thu Jan 22 13:09:31 2015] <johnw> it says "I don't need the proof term for this sub-expression", so it gets freed instantly
[Thu Jan 22 13:09:43 2015] <johnw> Adam mentions it in CPDT
[Thu Jan 22 13:13:54 2015] <schoppenhauer> ok.
[Thu Jan 22 13:14:24 2015] <schoppenhauer> hm. it would be nice if it was possible to parallelize proofs with branches :/
[Thu Jan 22 13:14:32 2015] <schoppenhauer> I have 16 cores with 32 threads ...
[Thu Jan 22 13:15:37 2015] <schoppenhauer> and only 1 is used ...
[Thu Jan 22 13:16:10 2015] <alkabetz> IIRC 8.5 has some work in this department, but unfortunately, the single-threaded assumption is built pretty deep into Coq
[Thu Jan 22 13:16:44 2015] <alkabetz> Performance is not a priority for the Coq devs.
[Thu Jan 22 13:18:05 2015] <pyon> "Implicit Arguments" is deprecated. What is the replacement for it?
[Thu Jan 22 13:18:28 2015] <alkabetz> Just [Arguments], I believe
[Thu Jan 22 13:18:48 2015] <alkabetz> But I don’t remember the syntax off the top of my head.
[Thu Jan 22 13:19:22 2015] <schoppenhauer> johnw: worked, thx.
[Thu Jan 22 13:19:59 2015] <johnw> schoppenhauer: what was the impact?
[Thu Jan 22 13:20:11 2015] <schoppenhauer> johnw: adding abstract.
[Thu Jan 22 13:20:16 2015] <johnw> i mean, did it reduce memory?
[Thu Jan 22 13:37:05 2015] <schoppenhauer> johnw: yes.
[Thu Jan 22 13:37:24 2015] <schoppenhauer> johnw: especially, it terminated in a few minutes, instead of runing for hours :3
[Thu Jan 22 13:42:19 2015] <johnw> sweet!
[Thu Jan 22 13:42:22 2015] <johnw> glad I could help
[Thu Jan 22 13:42:28 2015] <johnw> I thought your problem sounded familiar... :)
[Thu Jan 22 13:44:13 2015] <pyon> Implicit arguments are still explicit in the left-hand side of pattern matching, right?
[Thu Jan 22 13:44:41 2015] <johnw> pyon: it depends
[Thu Jan 22 13:44:57 2015] <pyon> On what? :-O
[Thu Jan 22 13:44:59 2015] <johnw> pyon: implicit parameters, no in 8.4, yes in 8.5; indices, yes in both
[Thu Jan 22 13:45:11 2015] <johnw> 8.5 has a flag to revert to 8.4 behavior
[Thu Jan 22 13:45:43 2015] <johnw> so for example:
[Thu Jan 22 13:45:56 2015] <johnw> match exist _ a b with exist a b => a end
[Thu Jan 22 13:46:04 2015] <johnw> but in 8.5, you'd say: match exist _ a b with exist _ a b => a end
[Thu Jan 22 13:48:07 2015] <pyon> :-O
[Thu Jan 22 14:01:49 2015] <pyon> johnw: Doesn't this make notations less useful in pattern matching?
[Thu Jan 22 14:02:03 2015] <pyon> I mean, notations that stand for constructors with implicit arguments.
[Thu Jan 22 14:02:11 2015] <johnw> I don't know, I haven't used 8.5 enough
[Thu Jan 22 14:33:34 2015] <Choups314> Hi, is there a way to debug match clauses ? (i.e. display what is the expression that is testing)
[Thu Jan 22 14:34:48 2015] <Choups314> Or at least a workaround to use Check in a tactic (in a match clause)
[Thu Jan 22 14:45:00 2015] <jrw> Choups314: you can match on something and then pose it into your context to see its type.
[Thu Jan 22 14:46:38 2015] <Choups314> jrw: Yes it helps, but (it's a different question) is possible to display messages (a kind of user-information messages) ?
[Thu Jan 22 14:47:15 2015] <jrw> depends on the message
[Thu Jan 22 14:47:25 2015] <jrw> you can use idtac to print stuff
[Thu Jan 22 14:47:34 2015] <jrw> but iirc this is broken in proof general
[Thu Jan 22 15:46:27 2015] <thinkpad20> hey guys, if I have a hypothesis like (x <> x), is there a shorthand to prove my goal then and there?
[Thu Jan 22 15:46:57 2015] <vanila> elimtype False; discriminate.
[Thu Jan 22 15:48:18 2015] <thinkpad20> Hmm, that didn't quite work. elimtype False replaced the goal with False, but I still had to do apply H; reflexivity.
[Thu Jan 22 15:48:25 2015] <ianjneu> or match goal with [H: ?x <> ?x |- _] => destruct (H eq_refl) end
[Thu Jan 22 15:48:40 2015] <vanila> oh sorry, congruence.
[Thu Jan 22 15:48:59 2015] <vanila> discriminate would ony work when x is an actual constructor
[Thu Jan 22 15:49:04 2015] <thinkpad20> oh, that worked. What's that doing at a high level?
[Thu Jan 22 15:53:25 2015] <ianjneu> Any x <> x hypothesis you have is a function from x = x -> False. Anything is proven by eliminating (destructing) False, so "destruct (H eq_refl)" destructs the false that H gives from an equality proof.
[Thu Jan 22 15:54:03 2015] <ianjneu> x = x is proven trivially by eq_refl.
[Thu Jan 22 15:55:57 2015] <thinkpad20> cool thanks
[Thu Jan 22 17:34:14 2015] <joklinty> I have a situation I'm confused about: I have a definition const_pt {A B : pType} := fun A B : pType => {| pointed_fun := const (point B); point_eq := 1 |}.  Then I define wedge_map_f A B := (const_pt: pUnit ->* A)  and wedge_map_g A B := (const_pt : pUnit ->* B).  Now Coq can't seem to recognize that for ppushl : (f: X ->* Y) -> (g: X->* Z) -> (Y -> ppushout f g) that ppushl (wedge_map f A B) (wedge_map_g A B) is the same type as pp
[Thu Jan 22 17:34:21 2015] <joklinty> nst_pt : pUnit ->* B)
[Thu Jan 22 17:34:44 2015] <joklinty> The details probably aren't important, just confused because there's two types that I've Defined to be the same
[Thu Jan 22 17:35:00 2015] <joklinty> But when I apply a function to them Coq can't unify the two
[Thu Jan 22 17:35:55 2015] <joklinty> I.e. copying and pasting the definition in place seems to result in a type that doesn't unify with the original
[Thu Jan 22 17:36:32 2015] <joklinty> Any thoughts on what could cause that?
[Thu Jan 22 17:43:01 2015] <joklinty> Nevermind; it was a hidden typo!
[Thu Jan 22 17:43:35 2015] <thinkpad20> Hey guys, if I have a variable defined in a Section, is there a way to automatically make that variable implicit when used outside of that section?
[Thu Jan 22 17:45:13 2015] <thinkpad20> For example I'm writing a bunch of functions that operate over a polymorphic set, like union, intersect etc. I don't want to have to keep on typing up the type parameter so I put these in a section. But then when I'm using these functions I want the parameter to be inferred, not explicitly given. I could just `Arguments union {A} _ _` etc but that's tedious...
[Thu Jan 22 17:45:14 2015] <benzrf> thinkpad20: Context {var}.
[Thu Jan 22 17:45:33 2015] <benzrf> instead of Variable bleh.
[Thu Jan 22 17:46:10 2015] <thinkpad20> sweet! thanks a bunch
[Thu Jan 22 18:45:50 2015] <darthdeus_> hey guys, is there a source from which the online documentation is built?
[Thu Jan 22 18:48:45 2015] <pyon> https://gist.github.com/eduardoleon/caba12251e4cdeffa689 -- How do I rewrite hlist_nil_number without using tactics? (And also without using dependent pattern matching, which is just too unreadable for my eyes.)
[Thu Jan 22 18:49:33 2015] <pyon> hlist_nil_member
[Thu Jan 22 18:57:50 2015] <jrw> pyon: http://pastebin.com/jpyZ2xtP
[Thu Jan 22 18:58:33 2015] <pyon> What if I wanted to inline this inside hget?
[Thu Jan 22 18:58:35 2015] <jrw> I would recommend learning to tolerate both tactics and match annotations :)
[Thu Jan 22 18:58:50 2015] <pyon> What I absolutely cannot tolerate is dependent pattern matching syntax.
[Thu Jan 22 18:58:57 2015] <pyon> I am okay with both programming and proving.
[Thu Jan 22 19:00:18 2015] <jrw> pyon: http://pastebin.com/ZsqHEMxg
[Thu Jan 22 19:00:51 2015] <jrw> yeah, I feel you on the syntax. you get used to it somehow.
[Thu Jan 22 19:05:13 2015] <pyon> Well, thanks! :-)
[Thu Jan 22 19:06:29 2015] <jrw> pyon: by the way, the best way to debug this kind of thing when using Program is to put undercores everywhere
[Thu Jan 22 19:06:35 2015] <jrw> then you get obligations for them
[Thu Jan 22 19:07:25 2015] <pyon> I just realized that, in this case, I could use underscores everywhere without getting any obligations.
[Thu Jan 22 19:07:41 2015] <pyon> I mean, even in the second "match s", in the HCons case.
[Thu Jan 22 19:08:01 2015] <pyon> This type really has only one inhabitant...
[Thu Jan 22 19:08:14 2015] <pyon> No, wait, there is one obligation.
[Thu Jan 22 19:14:57 2015] <pyon> jrw: Just one last question: would it be possible to shift "s" to the topmost argument list [result: "xs (ys : hlist xs) (s : index xs)"], and then pattern-match on "ys, s" ?
[Thu Jan 22 19:16:07 2015] <jrw> pyon: no because of the way coq refines types during dependent pattern matching
[Thu Jan 22 19:16:16 2015] <pyon> Mmm...
[Thu Jan 22 19:16:47 2015] <jrw> since the type of s depends on xs, it has to be in the return type when xs is matched on
[Thu Jan 22 19:50:50 2015] <pyon> ... I still think the extracted code for "Definition hget xs (ys : hlist xs) : index xs -> B e. Proof. induction ys; intro; inversion X; firstorder. Defined." is the best. And it is also what takes the least effort to write. :-|
[Thu Jan 22 19:51:10 2015] <pyon> Err, intro could go before induction ys.
[Fri Jan 23 08:33:19 2015] <pyon> Is there any tactic that means "take all hypotheses [G1,G2...Gm] that are equalities, replace them in all other hypotheses [H1,H2...Hm] (and then possibly discard [G1,G2...Gm]) ?
[Fri Jan 23 08:36:42 2015] <vanila> subst
[Fri Jan 23 08:37:34 2015] <pyon> Ah!
[Fri Jan 23 08:37:38 2015] <pyon> Thanks!
[Fri Jan 23 08:37:58 2015] <pyon> I see that Coq only automatically substs variables inside of sections, right?
[Fri Jan 23 08:38:43 2015] <pyon> That is kinda clever: it alerts me of the fact I haven't wrapped Variable-using code in a section.
[Fri Jan 23 08:56:43 2015] <pyon> Is there any way to say "Variables must become implicit arguments after the end of a section"?
[Fri Jan 23 09:10:00 2015] <pyon> https://gist.github.com/eduardoleon/30da2667dd1465c73c3f -- which one is clearer in STLC.v : termDen or termDenote?
[Fri Jan 23 09:11:23 2015] <vanila> termDenote
[Fri Jan 23 09:13:01 2015] <pyon> I just dislike those "fun xs =>". It like doing "intro xs" immediately after "induction t".
[Fri Jan 23 09:13:05 2015] <pyon> It is*
[Fri Jan 23 10:14:02 2015] <pyon> What exactly does "Obj.magic" do in extracted OCaml code?
[Fri Jan 23 10:14:34 2015] <vanila> its supposd to be the identiry function
[Fri Jan 23 10:14:39 2015] <vanila> its for casting an object from one type to another
[Fri Jan 23 10:14:54 2015] <vanila> when coq knows it is the same thing, but its not clear to the weaker type system
[Fri Jan 23 10:15:26 2015] <pyon> Ah!
[Fri Jan 23 10:23:23 2015] <pyon> Is there any way to provide Coq with information regarding which Variables should be turned into explicit vs. implicit arguments?
[Fri Jan 23 10:24:25 2015] <pyon> Variables are super-convenient, but that convenience is offset by the inconvenience of later on having to specify which variables must be implicit arguments. (Usually, most of them.)
[Fri Jan 23 10:39:32 2015] <thinkpad20> pyon: R.e. your question about implicit arguments after the end of a section, I asked this yesterday. If you write `Context {x:T}.` rather than `Variable x:T.` then it acts the same way inside the Section, but when you leave the section they become implicit rather than explicit arguments.
[Fri Jan 23 10:42:22 2015] <pyon> thinkpad20: Oh!
[Fri Jan 23 10:42:24 2015] <pyon> thinkpad20: Nice!
[Fri Jan 23 10:43:34 2015] <pyon> Now the next tricky question.
[Fri Jan 23 10:44:08 2015] <pyon> Is there any way to control which variables are implicit arguments on a per-definition basis?
[Fri Jan 23 10:44:32 2015] <thinkpad20> you mean inside a section?
[Fri Jan 23 10:44:39 2015] <pyon> Yep.
[Fri Jan 23 10:44:56 2015] <thinkpad20> Hmm, that one's outside my knowledge...
[Fri Jan 23 10:45:05 2015] <pyon> Say, I have a Variable. I want it to be an explicit argument of one definition. But I want it to be an implicit argument in the remainder of the section.
[Fri Jan 23 10:45:06 2015] <pyon> Awww.
[Fri Jan 23 10:45:25 2015] <thinkpad20> Yeah I'm still a beginner
[Fri Jan 23 10:45:47 2015] <thinkpad20> But personally, in that case, I would probably just write different sections
[Fri Jan 23 10:46:20 2015] <thinkpad20> I think the idea behind a Section in the first place is to denote "all of the functions in this section are parameterized by the same set of variables"
[Fri Jan 23 10:46:56 2015] <thinkpad20> buuuut take that with a grain of salt. Hopefully others will chime in and tell you how you can accomplish that
[Fri Jan 23 10:47:24 2015] <pyon> Makes sense.
[Fri Jan 23 10:58:37 2015] <pyon> Is there any way to open a module? (Just like in ML)
[Fri Jan 23 11:09:12 2015] <pyon> Is there any way to tell the extraction facility to use OCaml's built-in "unit" type, rather than create a ridiculous "type unit0 = Tt" ?
[Fri Jan 23 11:12:14 2015] <vanila> yes but i dont remember how
[Fri Jan 23 11:12:16 2015] <Cypi> pyon: [Extract Inductive unit => "unit" [ "()" ].] should do it
[Fri Jan 23 11:13:20 2015] <pyon> Ah! Nice!
[Fri Jan 23 11:13:24 2015] <pyon> ty
[Fri Jan 23 11:30:29 2015] <pyon> Does the standard library contain any module specifying the "obvious" extractions for types such as unit, prod, list, etc.?
[Fri Jan 23 11:30:52 2015] <pyon> In Haskell's case, even "sum" (Either).
[Fri Jan 23 12:04:37 2015] <Choups314> Hello, I would like to apply the same Lemma on several terms at once
[Fri Jan 23 12:04:51 2015] <Choups314> I have an hypothesis like [t1 \/ t2]
[Fri Jan 23 12:05:14 2015] <Choups314> Is it possible, after destructing it, to "reconstruct" it ?
[Fri Jan 23 12:05:33 2015] <Choups314> (I mean, to have a [\/] structure again)
[Fri Jan 23 12:08:35 2015] <thinkpad20> Well I'm not totally sure I understand what you're saying... when you destruct `a \/ b`, you are looking at two cases, one in which `a` is true, and another in which `b` is true. If you're in the case where `a` is true, then `a \/ b` is trivially true for any `b`, but you've necessarily lost any kind of constraint on `b`.
[Fri Jan 23 12:10:13 2015] <Choups314> In fact I would like to rewrite t1 and t2
[Fri Jan 23 12:10:18 2015] <Choups314> (at the same time)
[Fri Jan 23 12:10:56 2015] <Choups314> I don't know if destruct is a good idea :/
[Fri Jan 23 12:11:37 2015] <thinkpad20> Well the problem is that if you have `t1 \/ t2` then there's no guarantee that you have t1 and t2 at the same time. That would be `t1 /\ t2`
[Fri Jan 23 12:12:05 2015] <Choups314> For example, if I have an hypothesis [H : x<y \/ x=y], I would like to rewrite it in [H : x-y<0 \/ x-y=0]
[Fri Jan 23 12:12:24 2015] <thinkpad20> Ohhh, I see.
[Fri Jan 23 12:13:15 2015] <thinkpad20> Well probably what I would do is `assert (H': x -y<0 \/ x-y=0)` and then use the information in `H` to prove that assertion. Then I'd have both.
[Fri Jan 23 12:15:16 2015] <thinkpad20> Just as an aside, though, if you're dealing with `nat`, then it's not the case that `x<y -> x-y<0`.
[Fri Jan 23 12:15:45 2015] <thinkpad20> (unless, of course, your minus function returns an `int`)
[Fri Jan 23 12:16:06 2015] <Choups314> I'm using the CoRN algebra structures (COrdFields) ;)
[Fri Jan 23 12:20:05 2015] <Choups314> thinkpad20: [assert] works well, but I still have to prove the 2 subgoals (I first destruct the hypothesis, and then I used left, right). But it assumes I already now the "final rewrite form" .. and I would really like to do a Ltac for this ^^
[Fri Jan 23 12:20:33 2015] <Choups314> (i.e. just give the tactic an hypothesis and the lemma to use)
[Fri Jan 23 12:24:21 2015] <thinkpad20> yeah I can totally see that. I mean you can easily write a `Lemma apply_or: forall P Q P' Q', P \/ Q -> (P -> P') -> (Q -> Q') -> P' \/ Q'`, which is the propositional logic rule you're using there... maybe that would work? But yeah it seems like a tactic would work for this. The issue is that given some arbitrary P and Q, there are any number of P's and Q's that you could create
[Fri Jan 23 12:25:41 2015] <thinkpad20> If you had that lemma, you could apply it to `H` with the two other lemmas (a proof of `x<y -> x-y<0` and a proof of `x=y -> x-y=0`) and you'd get the desired transformation
[Fri Jan 23 12:26:55 2015] <Choups314> That a good idea !
[Fri Jan 23 12:27:08 2015] <Choups314> that's
[Fri Jan 23 12:27:42 2015] <thinkpad20> Awesome, hope it helps!
[Fri Jan 23 12:28:12 2015] <Choups314> Just in case, do you know if it is possible to define Ltac with an unknow number of arguments ?
[Fri Jan 23 12:28:37 2015] <Choups314> (Like optonial arguments)
[Fri Jan 23 12:30:18 2015] <thinkpad20> Unfortunately I'm a relative newcomer to Coq, and a total neophyte when it comes to writing my own Ltacs. That being said, glancing at the software foundations chapter on tactics (which I haven't gotten to yet), it looks like it is: http://www.cis.upenn.edu/~bcpierce/sf/current/LibTactics.html#lab908
[Fri Jan 23 12:31:14 2015] <Choups314> "List of arguments" sounds good
[Fri Jan 23 12:31:36 2015] <Choups314> I would use it to extend the tactic for constructions like [t1 \/ t2 ... \/ tn]
[Fri Jan 23 12:32:29 2015] <Choups314> ( [intuition] can solve your lemma ^^)
[Fri Jan 23 12:32:40 2015] <thinkpad20> yup, or tauto
[Fri Jan 23 12:34:03 2015] <thinkpad20> And you can write an analogous one for /\ as well :)
[Fri Jan 23 12:34:34 2015] <pyon> Does Coq support quasi-quotation?
[Fri Jan 23 12:34:40 2015] <Choups314> Actually only one will do (match .. with) ;)
[Fri Jan 23 12:35:57 2015] <thinkpad20> pyon: I'm not sure, but between its extensible parser and its dependent types, I think most of the use cases of quasi-quotation are covered by the language itself...
[Fri Jan 23 12:39:03 2015] <pyon> I would like to quote terms from an object language, where the object language has symbols like "=", "+", etc.
[Fri Jan 23 12:39:25 2015] <pyon> Perhaps I would have to define my own scopes and work using those.
[Fri Jan 23 12:40:23 2015] <thinkpad20> I think `Notation`s would be your friend.
[Fri Jan 23 12:40:59 2015] <pyon> Yes, I am already using Notations.
[Fri Jan 23 12:41:10 2015] <thinkpad20> I'm not sure how much work it would be, but you can do pretty amazing things with them. For example: http://research.microsoft.com/en-us/um/people/nick/coqasm.pdf where they write valid x86 assembly directly within coq...
[Fri Jan 23 12:41:36 2015] <pyon> But it sucks to have to do something like "Notation "t1 ⊕ t2" := (Plus t1 t2) (at level 50)."
[Fri Jan 23 12:41:53 2015] <pyon> I want to say "+" means something different than "plus" when used on terms from my abstract syntax.
[Fri Jan 23 12:42:37 2015] <thinkpad20> Yeah I think that's what scopes are for
[Fri Jan 23 12:49:23 2015] <Choups314> I think Notation take the types in account
[Fri Jan 23 12:49:43 2015] <Choups314> into*
[Fri Jan 23 13:05:11 2015] <pyon> Mmm, not directly, but it turns out I can bind scopes to types! :-)
[Fri Jan 23 14:30:01 2015] <pyon> I just noticed that Coq can extract code with different performance characteristics from logically equivalent definitions: https://gist.github.com/eduardoleon/6277d75d56d151fb0636 . Are there any rules for writing Coq code from which "good" code can be extracted?
[Fri Jan 23 14:36:36 2015] <johnw> yeah, there are a few I've discovered
[Fri Jan 23 14:36:51 2015] <johnw> make use the Set/Prop distinction as much as you can
[Fri Jan 23 14:37:05 2015] <johnw> let binding does not translate to let binding (at least, not for Haskell)
[Fri Jan 23 14:37:12 2015] <johnw> so for expensive evaluations I have to write:
[Fri Jan 23 14:37:20 2015] <johnw> let x := foo in ...
[Fri Jan 23 14:37:32 2015] <johnw> as: (fun x => ...)  foo
[Fri Jan 23 14:37:44 2015] <johnw> if x is referenced multiple times, these produce very different results
[Fri Jan 23 14:39:13 2015] <pyon> :-O
[Fri Jan 23 14:39:14 2015] <pyon> I just realized that, at least in some cases, it is easier to get good code extracted from programs written in the tactic language rather than Gallina.
[Fri Jan 23 14:39:32 2015] <johnw> yeah, it's a tradeoff
[Fri Jan 23 14:39:43 2015] <johnw> I've rewritten some tactically coded functions in Gallina to get better results
[Fri Jan 23 14:39:46 2015] <johnw> and the reverse
[Fri Jan 23 14:48:39 2015] <pyon> Is there any single tactic that, given a hypothesis H, does the following: (1) generalize any hypotheses [G1,G2...] that H does not depend on, (2) induction H, (3) re-intro [G1,G2...] ?
[Fri Jan 23 14:49:05 2015] <pyon> This would be really, really, really sweet.
[Fri Jan 23 16:05:29 2015] <Nik05> im really confused by this classic vs intuistic logic :S
[Fri Jan 23 16:05:39 2015] <Nik05> peirce doenst doesnt hold but not not peirce does :S
[Fri Jan 23 16:11:18 2015] <johnw> haha
[Fri Jan 23 16:23:17 2015] <benzrf> Nik05: that confuse you?
[Fri Jan 23 16:23:20 2015] <benzrf> Nik05: even better...
[Fri Jan 23 16:23:36 2015] <benzrf> Nik05: double negation elimination doesnt hold, but doubly negated double negation elimination does >:D
[Fri Jan 23 16:28:14 2015] <jgross__> benzrf, Nik05: no, ~~(~~A -> A) does not hold (rather, is not provable nor disprovable).  ~~~~A -> ~~A (and, in fact, ~~~A -> ~A) is provable.	Similarly, A \/ ~A is not provable, but ~~(A \/ ~A) is. 
[Fri Jan 23 16:30:24 2015] <benzrf> jgross__: wait, really?
[Fri Jan 23 16:30:29 2015] <benzrf> jgross__: oh
[Fri Jan 23 16:30:36 2015] <benzrf> jgross__: does DNE not imply LEM?
[Fri Jan 23 16:31:59 2015] <Nik05> yes this confuses me :P
[Fri Jan 23 16:32:02 2015] <benzrf> jgross__: i thought they were equivalent
[Fri Jan 23 16:33:33 2015] <jgross__> benzrf: DNE implies LEM, and LEM implies DNE.  But ~~LEM does not imply ~~DNE. 
[Fri Jan 23 16:33:46 2015] <benzrf> jgross__: oh, shit
[Fri Jan 23 16:34:19 2015] <benzrf> jgross__: i was thinking of ~LEM -> ~DNE because then LEM and DNE are in an argument position so you can precompose DNE -> LEM
[Fri Jan 23 16:34:22 2015] <benzrf> oops >.<
[Fri Jan 23 16:34:49 2015] <Nik05> ho can ~~(A \/ ~A) hold? :S
[Fri Jan 23 16:34:53 2015] <benzrf> no... no wait
[Fri Jan 23 16:35:04 2015] <benzrf> isnt that the cont functor
[Fri Jan 23 16:35:20 2015] <benzrf> hold on...
[Fri Jan 23 16:35:31 2015] <jgross__> Nik05: Set it up as a goal in Coq, and follow your nose.  The proof is short. 
[Fri Jan 23 16:36:46 2015] <benzrf> jgross__: ok just hold on
[Fri Jan 23 16:36:58 2015] <Nik05> firstorder. Qed. :P
[Fri Jan 23 16:38:11 2015] <jgross__> Nik05: Sure.  Now your challenge is to understand the proof and break it down into the composition of a few obvious lemmas. 
[Fri Jan 23 16:39:30 2015] <benzrf> let nnLEM : ((LEM -> False) -> False) and d2l : LEM -> DNE. then isnt (fun nDNE : ~DNE => nnLEM (nDNE ◦ d2l)) : ~~DNE
[Fri Jan 23 16:40:52 2015] <Nik05> im now at the point that i need to prove p ∨ ¬p, without any hypothesis... but tauto. still proves it
[Fri Jan 23 16:41:59 2015] <Nik05> wait this isnt correct
[Fri Jan 23 16:54:52 2015] <benzrf> Nik05: for the vast majority of values of P, you can prove P ∨ ¬P
[Fri Jan 23 16:54:58 2015] <benzrf> you just cant prove it in the general case
[Fri Jan 23 16:55:38 2015] <Nik05> oke, well i have no idea how to prove ¬¬(p ∨ ¬p)...
[Fri Jan 23 16:56:23 2015] <benzrf> jgross__: whats wrong with my double neg DNE proof
[Fri Jan 23 17:28:45 2015] <jgross__> benzrf: Nevermind, I was wrong.  ~~LEM and ~~DNE are both provable. 
[Fri Jan 23 17:28:55 2015] <benzrf> i knew it!!
[Fri Jan 23 17:30:27 2015] <benzrf> newtype Cont r a = Cont ((a -> r) -> r) -- Cont r is a functor
[Fri Jan 23 17:30:55 2015] <benzrf> therefore, Cont False LEM + LEM -> DNE = Cont False DNE
[Fri Jan 23 18:52:07 2015] <Nik05> anyone know how to get CoqIDE to apply settings in Windows? :P
[Fri Jan 23 18:52:44 2015] <Nik05> i want to change the shortcuts, in Linux i just click apply and then also need to restart the program. But on windows none works
[Fri Jan 23 18:55:03 2015] <Nik05> i guess they didnt verified CoqIDE with coq :P
[Fri Jan 23 18:55:10 2015] <Nik05> verify*
[Fri Jan 23 20:20:07 2015] <Nik05> damn coqide
[Fri Jan 23 20:20:25 2015] <Nik05> still not working, it doesnt save any changes
[Fri Jan 23 20:20:38 2015] <pyon> Have you tried Proof General?
[Fri Jan 23 20:20:45 2015] <Nik05> uh no
[Fri Jan 23 20:20:56 2015] <Nik05> thats emacs right?
[Fri Jan 23 20:21:01 2015] <pyon> Emacs isn't precisely easy to learn, but Proof General is a lot more convenient than CoqIDE.
[Fri Jan 23 20:21:14 2015] <pyon> And, yes, PG is for Emacs.
[Fri Jan 23 20:21:57 2015] <Nik05> installing emacs on windows is probably even worse ;P
[Fri Jan 23 20:58:54 2015] <Nik05> oh i also proved not not lem...
[Fri Jan 23 20:58:58 2015] <Nik05> feels weird
[Fri Jan 23 21:25:36 2015] <benzrf> Nik05: u can prove not not lem cause not lem implies lem
[Fri Jan 23 21:25:42 2015] <benzrf> Nik05: and then from there you get false
[Fri Jan 23 22:51:10 2015] <chirpsalot> Nik05: emacs on Windows isn't actually that bad iirc.
[Sat Jan 24 11:55:49 2015] <Choups314> Hi, is it possible to "evaluate" the result of a Lemma apply call (i.e. get the conclusion of a Lemma in a Ltac) ?
[Sun Jan 25 09:41:05 2015] <Choups314> Is it possible to create tactics in caml ?
[Sun Jan 25 09:41:21 2015] <vanila> yes but its a difficult
[Thu Jan 29 13:19:27 2015] <thinkpad20> how can I automatically add loadpaths to proof general? Are there ways I can do this (a) at runtime, (b) globally with some default paths, and (c) on a per-project basis?
[Thu Jan 29 13:41:31 2015] <thinkpad20> OK, got it... `(set-variable 'coq-load-path '("path/to/stuff"))`
[Thu Jan 29 13:43:20 2015] <thinkpad20> dunno how to switch it at runtime or folder-specific but that still helps
[Thu Jan 29 14:16:10 2015] <bennofs> In Coq, is it possible to rewrite let (a,b) := c in z  such that a is replaced with fst c and b with snd c in z ?
[Thu Jan 29 14:17:00 2015] <bennofs> altneratively, is there a way to simplify snd (let x := ... in (a, b)) to let x := ... in a ?
[Thu Jan 29 14:17:14 2015] <bennofs> that last a is supposed to be a b
[Thu Jan 29 14:38:45 2015] <jrw> bennofs: I'm not quite sure what you're trying to do. does [destruct (...)] do what you want?
[Thu Jan 29 14:44:51 2015] <bennofs> jrw: right, that looks like it could solve my problem. Thanks
[Wed Feb  4 01:09:52 2015] <amosr> if I have “vs : HList [x]” as a hypothesis, and I “inversion” on it, shouldn’t occurences of “vs” in the goal be replaced with the constructor??
[Wed Feb  4 06:30:48 2015] <schoppenhauer> how can I actually compute something in coq?
[Wed Feb  4 06:31:18 2015] <schoppenhauer> I have a function ... but when trying to compute, it always just shows the function, without really computing.
[Wed Feb  4 06:48:22 2015] <Cypi> schoppenhauer : [Eval compute in expr.] ?
[Wed Feb  4 06:54:49 2015] <schoppenhauer> Cypi: no, unfortunately this just shows the function application.
[Wed Feb  4 06:55:00 2015] <schoppenhauer> Cypi: ok, maybe because the function is opaque?
[Wed Feb  4 06:55:07 2015] <schoppenhauer> anyway, I extracted it to haskell.
[Wed Feb  4 06:55:51 2015] <Cypi> If it is opaque, indeed, only the typing information is available.
[Wed Feb  4 06:57:11 2015] <schoppenhauer> well then, thx. does anyone know whether there is 1. a command to add an import declaration to an extracted haskell program, 2. a coq-file with definitions for ascii or strings for haskell (I found http://www.cis.upenn.edu/~bcpierce/sf/current/Extraction.html for ML, and can probably adapt it, but if it already exists, I'd prefer it)
[Wed Feb  4 19:02:21 2015] <kini> can the calculus of inductive constructions be modeled in ZFC?
[Wed Feb  4 19:02:49 2015] <vanila> yes http://www.lix.polytechnique.fr/Labo/Bruno.Barras/proofs/sets-old/sets.pdf
[Wed Feb  4 19:02:56 2015] <kini> cool, thanks :)
[Wed Feb  4 21:19:36 2015] <amosr> anybody able to help with this simple proof? http://lpaste.net/119994
[Wed Feb  4 21:20:50 2015] <amosr> I’m trying to prove that, for some nat-indexed vec type, if it’s indexed by 1, then it must be just (cons blah nil)
[Wed Feb  4 21:21:39 2015] <johnw> let me try
[Wed Feb  4 21:21:56 2015] <amosr> thanks johnw
[Wed Feb  4 21:25:42 2015] <johnw> amosr: here you go: https://gist.github.com/b93cf700f8882e6307d4
[Wed Feb  4 21:26:24 2015] <johnw> I don't know how to do what dependent destruction is doing for you here, without writing a custom induction principle
[Wed Feb  4 21:29:25 2015] <amosr> johnw: woo, thank you!
[Wed Feb  4 21:29:31 2015] <amosr> I didn’t even know about dependent destruction
[Wed Feb  4 21:30:00 2015] <johnw> it comes in handy :)
[Wed Feb  4 21:30:05 2015] <johnw> there is also dependent inductino
[Wed Feb  4 21:30:17 2015] <johnw> there are several Coq.Program modules, and they are all useful
[Wed Feb  4 21:33:33 2015] <amosr> cool, I’ll check them out
[Wed Feb  4 21:34:24 2015] <johnw> be aware, dependent destruction pulls the JMeq axiom into your development
[Wed Feb  4 21:34:38 2015] <johnw> that's why I generally avoid it
[Wed Feb  4 21:35:22 2015] <amosr> hmm. what is JMeq?
[Wed Feb  4 21:37:01 2015] <johnw> John Major equality
[Wed Feb  4 21:37:10 2015] <johnw> https://coq.inria.fr/library/Coq.Logic.JMeq.html
[Wed Feb  4 21:39:28 2015] <amosr> ah, okay. that looks reasonable enough, on first glance
[Wed Feb  4 21:52:42 2015] <arvisrend> i still don't understand what it does
[Wed Feb  4 21:52:51 2015] <arvisrend> not that i care much though as it seems to require an axiom
[Wed Feb  4 21:53:10 2015] <arvisrend> how can two objects of different types be equal?
[Wed Feb  4 21:54:34 2015] <amosr> I think they are the same type?
[Wed Feb  4 21:57:02 2015] <arvisrend> but why the B then?
[Wed Feb  4 21:57:39 2015] <arvisrend> ok i guess i just don't understand the definition of JMeq
[Wed Feb  4 21:58:02 2015] <jrw> amosr: if you want an axiom-free version, see http://pastebin.com/8qxnSBd3 (note that I had to define custom induction (perhaps more accurately in this case: destruction) principles like johnw mentioned)
[Wed Feb  4 21:58:15 2015] <amosr> oh, you’re right. huh
[Wed Feb  4 21:58:15 2015] <jrw> arvisrend: that's because it's confusing at first :)
[Wed Feb  4 21:58:38 2015] <jrw> the basic idea is that JMEq allows you to *pose* the equality of terms of two different types as a proposition
[Wed Feb  4 21:58:42 2015] <arvisrend> what is the role of B?
[Wed Feb  4 21:58:57 2015] <jrw> but you can still only prove equalities between something and itself
[Wed Feb  4 21:58:59 2015] <arvisrend> hmm
[Wed Feb  4 21:59:05 2015] <arvisrend> how does it help proving stuff?
[Wed Feb  4 21:59:08 2015] <jrw> yes
[Wed Feb  4 21:59:11 2015] <jrw> makes things more convenient
[Wed Feb  4 21:59:30 2015] <jrw> when you have lots of dependent types floating around you often have two types that you know are equal, but coq doesn't see that they are
[Wed Feb  4 21:59:40 2015] <arvisrend> aaaaaaah extensionality crap
[Wed Feb  4 21:59:40 2015] <jrw> so you can pose your equality as a JMeq and then prove it
[Wed Feb  4 22:00:12 2015] <jrw> if you don't use jmeq, the problem is that you can't even state the equality as a proposition, much less prove it.
[Wed Feb  4 22:00:18 2015] <arvisrend> i see
[Wed Feb  4 22:00:28 2015] <jrw> dependent destruction uses this internally to "pass evidence" into each branch of a pattern match
[Wed Feb  4 22:00:30 2015] <amosr> okay. that sounds useful for many of the things I’ve been trying to do lately
[Wed Feb  4 22:00:35 2015] <jrw> when different branches have different types
[Wed Feb  4 22:00:54 2015] <arvisrend> wondering if the issue can be resolved using custom equalities though
[Wed Feb  4 22:01:05 2015] <arvisrend> have a good simple example?
[Wed Feb  4 22:01:06 2015] <jrw> amosr: also, if I may make a shameless plug, I talk about how to do this without axioms in a series of blog posts. see http://homes.cs.washington.edu/~jrw12/
[Wed Feb  4 22:01:19 2015] <jrw> arvisrend: what do you mean by custom equalities?
[Wed Feb  4 22:01:52 2015] <arvisrend> something like ssreflect's "equality upon applying to one variable", "equality upon applying to two variables" etc. to get past lack of funcext
[Wed Feb  4 22:02:14 2015] <amosr> jrw: great, thanks!
[Wed Feb  4 22:02:51 2015] <jrw> arvisrend: there are a couple ways to get around this. one is you can use "transport" aka eq_rect
[Wed Feb  4 22:03:11 2015] <jrw> which takes a type-level equality A = B and uses it to convert a term of type A into one of type B
[Wed Feb  4 22:03:15 2015] <arvisrend> hmm
[Wed Feb  4 22:03:19 2015] <jrw> so then instead of saying a = b
[Wed Feb  4 22:03:21 2015] <arvisrend> but that's if i can prove the types are equal
[Wed Feb  4 22:03:31 2015] <jrw> well yeah, but you're going to have to do that at some point
[Wed Feb  4 22:03:53 2015] <arvisrend> i was thinking that with dependent types, the lack of funext takes even that away
[Wed Feb  4 22:04:26 2015] <jrw> I don't really see how funext is relevant
[Wed Feb  4 22:04:40 2015] <jrw> you're proving, eg, Vec 3 = Vec (2 + 1)
[Wed Feb  4 22:04:55 2015] <arvisrend> ok
[Wed Feb  4 22:04:59 2015] <arvisrend> can't i use rewrite?
[Wed Feb  4 22:05:04 2015] <jrw> (which happens to be definitional, so it's easy)
[Wed Feb  4 22:05:20 2015] <jrw> yeah, usually the type-level equality isn't too hard to prove
[Wed Feb  4 22:05:23 2015] <arvisrend> i was thinking about things like forall x : Vec (x+1) vs forall x : Vec(1+x)
[Wed Feb  4 22:05:28 2015] <jrw> exactly
[Wed Feb  4 22:05:48 2015] <arvisrend> which i guess aren't even equal, to coq
[Wed Feb  4 22:05:52 2015] <jrw> they are
[Wed Feb  4 22:05:57 2015] <jrw> but not definitionally :D
[Wed Feb  4 22:06:07 2015] <arvisrend> yeah, that's this =1 equality
[Wed Feb  4 22:06:10 2015] <jrw> oh I see
[Wed Feb  4 22:06:17 2015] <jrw> well in your case, you've got that forall in there
[Wed Feb  4 22:06:23 2015] <jrw> so they're not unless you use =1 or have funext
[Wed Feb  4 22:06:29 2015] <arvisrend> yeah
[Wed Feb  4 22:06:41 2015] <jrw> but you *can* prove, for example [forall A n, Vec A (n + 1) = Vec A (1 + n)]
[Wed Feb  4 22:06:42 2015] <arvisrend> i'm wondering what equality should i expect for elements of those types if the types themselves are only =1
[Wed Feb  4 22:06:44 2015] <vanila> they imply each other
[Wed Feb  4 22:07:04 2015] <arvisrend> who?
[Wed Feb  4 22:07:20 2015] <jrw> well a term of type [forall x, Vec (x + 1)] is a very weird term IMO
[Wed Feb  4 22:07:30 2015] <arvisrend> it's a triangular array of numbers
[Wed Feb  4 22:07:33 2015] <arvisrend> i wouldn't call it weird
[Wed Feb  4 22:07:40 2015] <arvisrend> have these things all the time in combiantorics
[Wed Feb  4 22:07:45 2015] <jrw> yeah
[Wed Feb  4 22:08:10 2015] <jrw> I guess I still think the issue of functional extensionality is orthogonal to the JMeq stuff
[Wed Feb  4 22:08:16 2015] <vanila> (forall x, Vec (x + 1)) <-> (forall x, Vec (1 + x))
[Wed Feb  4 22:08:23 2015] <vanila> you can make a bijection between them
[Wed Feb  4 22:08:27 2015] <arvisrend> ok
[Wed Feb  4 22:08:32 2015] <arvisrend> i see
[Wed Feb  4 22:08:59 2015] <vanila> soy ou might need to work with theorems whose assumptions are of the type
[Wed Feb  4 22:09:10 2015] <vanila> P <-> Q -> (something involving P)
[Wed Feb  4 22:09:30 2015] <vanila> oops
[Wed Feb  4 22:10:03 2015] <vanila> I stated that wrong, what I means is proving things up to bi-implication
[Thu Feb  5 10:30:03 2015] <osa1> any ideas why Coq sometimes gives detailed message for why it's unable to unify and sometimes just says "Unable to unify"?
[Thu Feb  5 12:38:04 2015] <wrengr> I have a bunch of Coq code I'd like to package up as a library to be distributed and used with other code; but I'm not sure how to do that. Is there a tutorial anywhere?
[Thu Feb  5 12:48:15 2015] <wrengr> More particularly, after installing things (via the 'install' target genrated by coq_makefile), how do I actually call in those libraries for client code?
[Thu Feb  5 13:45:16 2015] <ianjneu> wrengr: once you've installed the library, you should be able to just Require its modules. Does that not work for you?
[Thu Feb  5 13:45:53 2015] <ianjneu> Additionally, the user contribution submission form is here Please provide a list of other contributions which are necessary to compile this one (they must be referred to by the name given in the description files.
[Thu Feb  5 13:45:57 2015] <ianjneu> derp,
[Thu Feb  5 13:46:00 2015] <ianjneu> http://www.lix.polytechnique.fr/coq/pylons/contribs/new
[Thu Feb  5 13:50:02 2015] <wrengr> I think the problem is I'm trying to do funny stuff about organizing the repo
[Thu Feb  5 13:51:20 2015] <ianjneu> I don't understand what that means
[Thu Feb  5 13:53:15 2015] <wrengr> When creating a repository for a project, I like to put the code under a subdirectory like ./src so that it's separated from the other stuff in the project; but Coq's standard tooling really doesn't like doing that sort of thing
[Thu Feb  5 13:54:45 2015] <wrengr> I'm getting errors like this: The file /sw/lib/coq/user-contrib/WrengrUtils/Tactics/Core.vo contains library
[Thu Feb  5 13:54:48 2015] <wrengr> Tactics.Core and not library WrengrUtils.Tactics.Core
[Thu Feb  5 14:11:33 2015] <ianjneu> wrengr_away: http://adam.chlipala.net/cpdt/html/Large.html#lab102
[Thu Feb  5 16:16:47 2015] <benzrf> does anybody here know about linear typing >.<
[Thu Feb  5 16:40:43 2015] <johnw> benzrf: know to what extent?
[Thu Feb  5 16:42:45 2015] <benzrf> to answer my questions
[Thu Feb  5 16:42:53 2015] <johnw> you'd have to ask them first :)
[Thu Feb  5 16:43:14 2015] <benzrf> in particular: from looking at linear intuitionistic logic, it looks like you can only use a variable if it's the only one in scope?!
[Thu Feb  5 16:43:44 2015] <johnw> you mean, only use one variable at any given time?
[Thu Feb  5 16:43:49 2015] <benzrf> well
[Thu Feb  5 16:44:15 2015] <benzrf> it doesnt say "Γ, A ⊢ A"
[Thu Feb  5 16:44:19 2015] <benzrf> it says "A ⊢ A"
[Thu Feb  5 16:44:29 2015] <johnw> ah
[Thu Feb  5 16:44:35 2015] <benzrf> which translates to "x : A ⊢ x : A"
[Thu Feb  5 16:44:39 2015] <johnw> that strikes me as odd
[Thu Feb  5 16:44:50 2015] <benzrf> define "at a time"
[Thu Feb  5 16:44:55 2015] <benzrf> what dyou mean by that?
[Thu Feb  5 16:45:07 2015] <johnw> just what you wrote pretty much
[Thu Feb  5 16:45:12 2015] <benzrf> ah, heh
[Thu Feb  5 16:45:55 2015] <benzrf> i guess using shadowing to allow a new variable to be bound is isomorphic to allowing multiple names but you can only use the most recently bound one
[Thu Feb  5 16:47:18 2015] <benzrf> i note that if you're allowed to introduce 1 at any time instead of only from an empty context, you can use cut to use any variable you like :)
[Thu Feb  5 16:56:50 2015] <johnw> writing custom induction hypotheses always feels cool
[Thu Feb  5 17:17:41 2015] <johnw> yay, it worked
[Thu Feb  5 17:17:49 2015] <johnw> elim/list_with_index_rec: xs :)
[Thu Feb  5 17:21:58 2015] <wagle> noob here: install coq8.4pl5 on macosx..  where do I find coqtop?
[Thu Feb  5 17:24:46 2015] <wagle> nm, locate found it
[Thu Feb  5 17:37:44 2015] <wagle> on hold for a second hour..
[Thu Feb  5 17:38:01 2015] <wagle> oops, wrong channel
[Fri Feb  6 01:18:22 2015] <johnw> how exactly would I use elim/seq2_ind, since it seems to only want an equality?
[Fri Feb  6 01:22:15 2015] <johnw> I would have thought it would be "elim/seq2_ind: xs yss / Hsz.", but that says "too many dependent abstractions"
[Fri Feb  6 10:04:50 2015] <schoppenhauer> I want to implement something in coq that extracts to arrays (in haskell, for example). is there any defined way of doing this, or do I need to implement it myself?
[Fri Feb  6 10:16:23 2015] <schoppenhauer> hm. probably fmapavl
[Fri Feb  6 10:25:53 2015] <schoppenhauer> hm. no.
[Fri Feb  6 11:21:39 2015] <benzrf> is Arguments not a command in old versions of coq
[Fri Feb  6 13:37:22 2015] <johnw> schoppenhauer: still here?
[Fri Feb  6 13:37:36 2015] <schoppenhauer> johnw: yes
[Fri Feb  6 13:38:00 2015] <johnw> so, create a wrapper in Coq: Inductive Foo a := mkFoo (list a) : Foo a
[Fri Feb  6 13:38:23 2015] <johnw> and make a set of functions for the accessors you want
[Fri Feb  6 13:38:36 2015] <johnw> then, just tell the extractor to extract that type to an Array, and the functions to the array functions
[Fri Feb  6 13:38:50 2015] <johnw> I do this for IntMaps vs. assoc lists, for example
[Fri Feb  6 13:39:25 2015] <johnw> the idea is that if your array is isomorphic to a list of fixed length, then your proofs transport
[Fri Feb  6 13:49:42 2015] <schoppenhauer> johnw: thank you, I actually had a similar idea.
[Fri Feb  6 13:49:57 2015] <schoppenhauer> maybe it would be nice to have some sort of uniqueness types in coq.
[Fri Feb  6 16:08:32 2015] <johnw> man, some things in Coq you just have to learn by doing, but it would be great if there was a book that covered it
[Fri Feb  6 16:08:47 2015] <johnw> for example, I've discovered the hard way that you can represent an inductive proposition in two very different ways
[Fri Feb  6 16:09:11 2015] <johnw> either as a collection of predicates applied to a data type, or as an inductive proposition whose constructors imply those predicates
[Fri Feb  6 16:09:24 2015] <johnw> and there are definite tradeoffs between those two equivalent representations
[Fri Feb  6 16:10:32 2015] <johnw> I just changed from one to the other in a file of mine, and it greatly simplified many proofs
[Fri Feb  6 16:12:57 2015] <vanila> I thinkt he CPDT book covers that
[Fri Feb  6 16:13:02 2015] <johnw> maybe it does
[Fri Feb  6 16:13:06 2015] <johnw> i haven't finished my second reading
[Fri Feb  6 16:13:06 2015] <vanila> since it defines vector n inductively and as a tuple that it computes
[Fri Feb  6 16:15:29 2015] <johnw> right
[Fri Feb  6 16:15:37 2015] <johnw> I remember that now
[Fri Feb  6 16:15:57 2015] <johnw> I think even software foundations covers this
[Fri Feb  6 16:16:01 2015] <johnw> so maybe it just didn't sink in enough
[Fri Feb  6 16:40:38 2015] <johnw> this proof is screaming for automation so badly I can barely hear myself think: https://gist.github.com/4fe6afa0eb6125686caf
[Fri Feb  6 16:50:41 2015] <benzrf> is Arguments not a command in old versions of coq
[Fri Feb  6 16:55:18 2015] <johnw> i really love ssreflect's "by" tactical
[Fri Feb  6 16:55:26 2015] <johnw> it helps with refactoring quite a ibt
[Fri Feb  6 18:28:35 2015] <benzrf> help :[
[Fri Feb  6 18:28:46 2015] <benzrf> i cannot compile SF because it complains that Arguments is not understood
[Fri Feb  6 18:28:56 2015] <benzrf> i have 8.3pl4
[Fri Feb  6 18:31:00 2015] <darthdeus_> benzrf: SF?
[Fri Feb  6 18:32:31 2015] <benzrf> software foundations
[Fri Feb  6 18:35:50 2015] <fisi> benzrf: it's a command that was added in 8.4. You'll need to upgrade (and it's a really good idea, there are nice, nice features in 8.4)
[Fri Feb  6 18:36:38 2015] <benzrf> tfw debian stable
[Fri Feb  6 18:36:42 2015] <benzrf> i should really upgrade to testing
[Fri Feb  6 18:36:48 2015] <benzrf> do you know what version testing has in the repos
[Fri Feb  6 19:57:42 2015] <fisi> benzrf: sorry, no clue (although I'd expect 8.4, it's been out for years now)
[Fri Feb  6 19:57:58 2015] <benzrf> hh
[Sat Feb  7 02:10:05 2015] <johnw> is there any good way to debug stack overflows in Gallina code?
[Sat Feb  7 02:10:17 2015] <johnw> I mean, at compile-time
[Sat Feb  7 14:39:32 2015] <chirpsalot> benzrf: you could always try nix?
[Sat Feb  7 14:49:05 2015] <copumpkin> I think johnw has made nix's coq support pretty good
[Sat Feb  7 14:49:15 2015] <copumpkin> with actual libraries and such
[Sat Feb  7 17:19:40 2015] <johnw> yep, Nix makes Coq libraries easy to use
[Sat Feb  7 23:19:27 2015] <nkar> how do I change the color of the typechecked area in proofgeneral?
[Sat Feb  7 23:30:56 2015] <ijp> change proof-locked-face
[Sat Feb  7 23:32:25 2015] <nkar> thanks, ijp
[Sat Feb  7 23:32:29 2015] <dbelange> fam I got these proofs on lock
[Sun Feb  8 00:10:52 2015] <nkar> ijp: how do I change it without 'custom'?  I currently have this: (custom-set-variables) (custom-set-faces '(proof-locked-face ((t (:background "midnight blue")))))
[Sun Feb  8 00:10:52 2015] <nkar>  
[Sun Feb  8 00:16:22 2015] <ijp> (set-face-background 'proof-locked-face "midnight blue")
[Sun Feb  8 00:17:58 2015] <ijp> or (set-face-attribute 'proof-locked-face nil :background "midnight blue") which is nicer if you want to set multiple properties at once
[Sun Feb  8 00:23:28 2015] <nkar> ijp: thanks.  after I re-eval'd my .emacs file, proofgeneral doesn't start when I open a .v file.  how do I fix this?  I know that restarting emacs will work, but I'd rather not do that.
[Sun Feb  8 00:24:26 2015] <ijp> I have no idea what can have went wrong, let alone how to fix it
[Sun Feb  8 00:25:12 2015] <nkar> I always had this problem.  for the record, that's what I have in .emacs: (load-file (concat nix-site-lisp "ProofGeneral/generic/proof-site.el"))
[Sun Feb  8 09:15:45 2015] <JanBessai> the current version of the manual states, that type classes are extremely experimental
[Sun Feb  8 09:16:01 2015] <JanBessai> however, the standard library uses them
[Sun Feb  8 09:16:44 2015] <JanBessai> are they stable enough to use in an own project?
[Sun Feb  8 09:16:59 2015] <JanBessai> or should I expect major changes in the near future
[Sun Feb  8 09:20:13 2015] <nkar> JanBessai: iirc johnw experienced problems trying to extract the code using typeclasses to haskell.  not sure what the details are
[Sun Feb  8 09:21:42 2015] <JanBessai> so it is probably better to be conservative, and just include the operations I need in module signatures
[Sun Feb  8 09:23:23 2015] <JanBessai> specifically, I'd just like to have le_trans and le_refl
[Sun Feb  8 09:24:30 2015] <JanBessai> for which it is not to terrible if a user has to state them manually when instantiating the module
[Sun Feb  8 09:24:35 2015] <JanBessai> *too
[Sun Feb  8 15:19:14 2015] <nkar> is there a simple example of parsing in coq?
[Sun Feb  8 15:21:16 2015] <ianjneu> how simple?
[Sun Feb  8 15:21:26 2015] <ianjneu> beyond lexing?
[Sun Feb  8 15:22:01 2015] <ianjneu> Beyond grammar acceptance?
[Sun Feb  8 15:26:41 2015] <vanila> there is a little parser in SF actually, isn't there?
[Sun Feb  8 15:26:44 2015] <vanila> for the WHILE language
[Sun Feb  8 15:26:49 2015] <vanila> but it has no correctness proofs
[Sun Feb  8 15:26:56 2015] <nkar> ianjneu: simple in the sense that it's written for people unfamiliar with coq ecosystem and parsing in coq in general.  I've written only pure code in coq so far and haven't interacted with external libraries at all.
[Sun Feb  8 15:27:18 2015] <nkar> vanila: I haven't reached that part yet.
[Sun Feb  8 15:28:11 2015] <ianjneu> Parsing is a messy business.
[Sun Feb  8 15:28:19 2015] <nkar> vanila: would you suggest not to hurry?  I can parse in haskell using, e.g., attoparsec.  would it be similar in coq besides proofs?
[Sun Feb  8 15:28:44 2015] <vanila> oh! And there is a strongly specified regex example in CPDT!
[Sun Feb  8 15:29:02 2015] <nkar> oh, okay.  I should wait, I guess.
[Sun Feb  8 15:29:13 2015] <vanila> yeah ther is  noneed to rush, but parsing is quite difficult
[Sun Feb  8 15:29:22 2015] <vanila> in haskell you can use combinator parser libraries
[Sun Feb  8 15:29:30 2015] <vanila> but there is no need to justify termination
[Sun Feb  8 15:29:44 2015] <vanila> you have to fully justify termination in coq so it is harder
[Sun Feb  8 15:29:45 2015] <nkar> ah, right
[Sun Feb  8 15:29:49 2015] <vanila> there is an agda paper about this actually
[Sun Feb  8 15:29:59 2015] <nkar> could you find it for me please?
[Sun Feb  8 15:30:08 2015] <ianjneu> termination for parsing is a right foul nuisance with CFG parsing.
[Sun Feb  8 15:31:40 2015] <vanila> http://www.cse.chalmers.se/~nad/publications/danielsson-parser-combinators.pdf
[Sun Feb  8 15:31:50 2015] <nkar> thank you!
[Sun Feb  8 15:31:57 2015] <vanila> this uses coinductive data, im not sure if you should read it
[Sun Feb  8 15:32:07 2015] <vanila> well, it could be interesting
[Sun Feb  8 15:32:30 2015] <vanila> but i haven't really studied it myself so I don't want to put you on the wrong path
[Sun Feb  8 15:33:10 2015] <nkar> vanila: well, I'm not planning to dive deep anyway, just want to get a feeling of it
[Sun Feb  8 15:34:02 2015] <vanila> adam.chlipala.net/cpdt/html/MoreDep.html#lab55
[Sun Feb  8 15:34:06 2015] <vanila> I think this woudl be the best thing to look at
[Sun Feb  8 15:36:40 2015] <Anarchos> * is looking for a parser for math formulas, able to deal with new notations and notation abuse.
[Sun Feb  8 18:24:47 2015] <jrw> can anyone explain coq 8.5's "fast compilation pipeline"? what sequence of make targets should I invoke and what are their guarantees? also I keep getting an uncaught exception when using any of the -schedule-* options to coqc. has anyone else had this problem?
[Sun Feb  8 19:07:43 2015] <jgross> Uncaught exception is a bug, and you should report it on the bug tracker: https://coq.inria.fr/bugs/enter_bug.cgi 
[Sun Feb  8 19:07:54 2015] <jgross> jrw: ^ 
[Sun Feb  8 19:09:19 2015] <jgross> jrw: If you use coq_makefile, you can call `make quick -j` and then, I think `make vio2vo J=4` (or however many cores you have).  If your proofs are relatively fast, though, disk acess might kill you, because the .vio files get pretty huge. 
[Sun Feb  8 19:09:39 2015] <johnw> jgross: this is with 8.5?
[Mon Feb  9 07:57:08 2015] <schoppenhauer> is strong induction in some standard lib?
[Mon Feb  9 08:53:25 2015] <joerisamson> not sure about standard lib, but see here http://stackoverflow.com/questions/20883855/coq-adding-a-strong-induction-tactic
[Mon Feb  9 08:53:52 2015] <schoppenhauer> I found this, but it essentially sais "no". I proved it myself, therefore.
[Mon Feb  9 08:53:57 2015] <schoppenhauer> joerisamson: thx!
[Mon Feb  9 12:57:55 2015] <kba> I don't now if this is an Emacs of Coq-specific question, but when I use Proof General in Emacs, the "marker for what has been processed" is a purple background, but I can't figure out how to change that
[Mon Feb  9 12:58:04 2015] <kba> It doesn't seem to care about any values in change in my theme file
[Mon Feb  9 12:58:10 2015] <kba> my emacs theme file
[Mon Feb  9 12:58:35 2015] <chirpsalot> kba: hmmmm. I feel like there was a way to change that.
[Mon Feb  9 12:59:05 2015] <chirpsalot> http://proofgeneral.inf.ed.ac.uk/htmlshow.php?title=Proof+General+user+manual&file=releases%2FProofGeneral%2Fdoc%2FProofGeneral%2FProofGeneral_9.html
[Mon Feb  9 12:59:32 2015] <chirpsalot> proof-locked-face
[Mon Feb  9 13:01:34 2015] <kba> chirpsalot: got it fixed, thanks :)
[Mon Feb  9 13:01:56 2015] <chirpsalot> kba: no problem!
[Mon Feb  9 13:21:26 2015] <kba> chirpsalot: when I select text that is under proof-locked-face, I can't see my selection
[Mon Feb  9 13:21:29 2015] <kba> Do you have a fix for that?
[Mon Feb  9 13:22:23 2015] <chirpsalot> kba: not sure... You can turn off the highlighting of the proof-locked-face stuff, if you prefer?
[Mon Feb  9 13:22:55 2015] <kba> but then how would I know how much has been evaluated?
[Mon Feb  9 13:23:25 2015] <chirpsalot> kba: isn't there an arrow?
[Mon Feb  9 13:23:41 2015] <kba> well, yeah, there is a small arrow
[Mon Feb  9 13:23:53 2015] <kba> but it's not that visible
[Mon Feb  9 14:40:36 2015] <kba> What is the difference between a semicolon and a period in Coq?
[Mon Feb  9 14:40:49 2015] <kba> Like: a; b.
[Mon Feb  9 14:40:51 2015] <kba> and a. b.
[Mon Feb  9 14:41:54 2015] <kba> never mind! I get it
[Mon Feb  9 14:42:01 2015] <johnw> a; b causes b to be applied to all subgoals
[Mon Feb  9 14:42:11 2015] <johnw> if there's only 1 subgoal, no difference
[Mon Feb  9 14:42:13 2015] <ianjneu> johnw: all subgoals created by a
[Mon Feb  9 14:42:20 2015] <kba> yes :)
[Mon Feb  9 14:42:22 2015] <kba> thanks
[Mon Feb  9 14:42:29 2015] <johnw> right, all subgoals in that context
[Mon Feb  9 14:42:33 2015] <johnw> created by a
[Mon Feb  9 18:39:41 2015] <kba> I have a theorem that goes something like: A -> B or A -> C. In my proof, I need the fact that A -> B.
[Mon Feb  9 18:40:01 2015] <kba> Obviously, Coq won't let me just do that, because maybe it isn't true, maybe A -> C instead.
[Mon Feb  9 18:40:15 2015] <kba> How can I use my theorem, and then prove that A !-> C?
[Mon Feb  9 18:40:29 2015] <benzrf> kba: destruct your theorem
[Mon Feb  9 18:40:43 2015] <benzrf> kba: in the A -> B branch, proceed normally
[Mon Feb  9 18:40:56 2015] <benzrf> kba: in the A -> C branch, show that A doesnt imply C, and use inversion or something
[Mon Feb  9 18:42:24 2015] <vanila> you could do something like make Lemma get_left P Q : P \/ Q -> ~Q -> P. tauto. Qed.
[Mon Feb  9 18:42:54 2015] <vanila> then pose (get_left ...) with some proofs (the or and a proof that ~(A -> C))
[Mon Feb  9 18:43:03 2015] <benzrf> hm wait what is pose
[Mon Feb  9 18:43:53 2015] <vanila> it adds an new hypothesis to your contet
[Mon Feb  9 18:51:29 2015] <kba> thanks, I got it working :)
[Mon Feb  9 18:52:55 2015] <kba> What exactly does 'discriminate X' do?
[Mon Feb  9 18:53:05 2015] <kba> Again, the docs are just nonsense to me
[Mon Feb  9 18:53:34 2015] <kba> I understand from the code i see that it's used to just... solve stuff.
[Mon Feb  9 18:53:42 2015] <kba> So I should be able to write it out as a series of rewrites
[Mon Feb  9 18:55:09 2015] <vanila> ah...
[Mon Feb  9 18:55:12 2015] <vanila> they broke 'info'
[Mon Feb  9 18:56:15 2015] <vanila> well discriminate is used to disprove assumptions of the type A .. = B .. wher A and B are different constructors
[Mon Feb  9 18:56:41 2015] <kba> So if I have a subgoal X and I use 'discriminate Y'
[Mon Feb  9 18:56:50 2015] <kba> I'm saying "not X"?
[Mon Feb  9 18:56:58 2015] <vanila> http://lpaste.net/120239
[Mon Feb  9 18:57:03 2015] <vanila> here's an example
[Mon Feb  9 18:57:17 2015] <vanila> H is a proof that O = S O, but those are different constructors
[Mon Feb  9 18:57:42 2015] <vanila> so discriminate can finish any proof from a false assumption like that
[Mon Feb  9 18:58:16 2015] <kba> Oh, so it's just contradiction?
[Mon Feb  9 18:58:35 2015] <kba> So what we have as a subgoal when we do discriminate
[Mon Feb  9 18:58:40 2015] <kba> Is that actually true or false?
[Mon Feb  9 18:59:10 2015] <vanila> it's not related to subgoals
[Mon Feb  9 18:59:28 2015] <kba> It finishes the entire proof?
[Mon Feb  9 18:59:32 2015] <vanila> yeah
[Mon Feb  9 18:59:43 2015] <kba> So if there's 10 subgoals and I somehow lure Coq into making a false assumption
[Mon Feb  9 18:59:48 2015] <vanila> if you were working inside a subgoal, it would prove the entire subgoal
[Mon Feb  9 18:59:55 2015] <kba> I can just write "discriminate" and be done with it
[Mon Feb  9 19:00:07 2015] <kba> Okay, so it's only the subgoal is finishes
[Mon Feb  9 19:00:41 2015] <kba> Gr, that's so confusing.
[Mon Feb  9 20:37:18 2015] <uucico> when do coq tactics create subproofs, rather than building up the proof term inline?
[Mon Feb  9 21:19:39 2015] <jrw> uucico: only a select few tactics actually create true subproofs. off the top of my head [abstract] and [Program] facilities are the only ones I can think of.
[Mon Feb  9 21:50:48 2015] <uucico> jrw: i thought so too, but then i got this proof that uses only [intuition] and somehow creates a _subproof term..
[Mon Feb  9 21:52:07 2015] <jrw> uucico: [intuition] is short for [intution auto with *], so it's possible that you have a hint that's causing this. for example [Hint Extern _ => abstract omega.] is a common thing to do
[Mon Feb  9 21:53:18 2015] <uucico> oh, good point, that might explain it..
[Mon Feb  9 21:53:49 2015] <uucico> is there any way to inline the proofs that [abstract] constructs?
[Mon Feb  9 21:56:22 2015] <jrw> uucico: not that I know of. why is this important to you?
[Mon Feb  9 22:01:40 2015] <uucico> i'm trying to build proofs in parallel, in a system where there are many theorems per file, and where individual proof scripts take a very long time (minutes), but the final [Qed] is much faster.  so the tentative plan is to spawn a separate coqtop process to run the proof script for each proof, and use [Show Proof] at the end to dump the raw proof term.  then put all raw proof terms back together for a (hopefully faster) compilation and
[Mon Feb  9 22:02:01 2015] <uucico> this actually mostly works, except in a few cases i get proof terms containing references to these abstracted subproofs
[Mon Feb  9 22:26:57 2015] <jrw> uucico: is this related to coq 8.5's parallel proof checking features?
[Mon Feb  9 22:31:32 2015] <uucico> unrelated.  i use parallel proof checking in coqide (where it works pretty well), but using [coqc -quick] doesn't seem to produce the expected result (i.e., [coqc -quick] takes about as long as [coqc] itself).  it might be because i'm using modules, and async proofs are not compatible with modules.  furthermore, since individual proofs are checked at dev time in coqide anyway, one benefit of full compilation is universe checking, which 8
[Tue Feb 10 08:34:46 2015] <schoppenhauer> can I use {measure ...} in the refine-tactic?
[Tue Feb 10 12:41:32 2015] <vanila> what's a good guide for using Acc?
[Tue Feb 10 12:51:20 2015] <ianjneu> vanila: CPDT has some stuff on it.
[Tue Feb 10 12:55:45 2015] <johnw> I've yet to development an intuition for Acc
[Tue Feb 10 12:56:12 2015] <vanila> I'm trying with Program Fixpoint and measure but I can't get a functional induction scheme, so I can't prove anything about the function
[Tue Feb 10 12:56:23 2015] <johnw> can you show me the function?
[Tue Feb 10 12:56:48 2015] <vanila> http://lpaste.net/120292
[Tue Feb 10 12:57:19 2015] <johnw> you could use a double-induction principle
[Tue Feb 10 12:57:20 2015] <johnw> one sec
[Tue Feb 10 12:57:46 2015] <vanila> i think if i switch to acc i can easily do the proper induction scheme, but it's so much work setting Acc up
[Tue Feb 10 12:58:01 2015] <vanila> (especially since I havent done it in forever)
[Tue Feb 10 12:58:01 2015] <johnw> in ssreflect they have one called seq2_ind
[Tue Feb 10 12:59:20 2015] <vanila> seq2_ind looks a little different - but it gives me an idea: I'll try to just prove the induction scheme manually like they have there
[Tue Feb 10 13:01:27 2015] <johnw> aha, found it
[Tue Feb 10 13:01:30 2015] <johnw> https://gist.github.com/10291895f72b5799bc0a
[Tue Feb 10 13:01:39 2015] <johnw> it's like more than you need, so you can delete out the "index" part
[Tue Feb 10 13:01:51 2015] <johnw> and I don't think you'll need the witness either
[Tue Feb 10 13:01:59 2015] <johnw> but anyone, as you can see it's a very simple principle to write
[Tue Feb 10 13:02:12 2015] <johnw> anyway*
[Tue Feb 10 13:02:42 2015] <johnw> oh, duh
[Tue Feb 10 13:02:46 2015] <vanila> I may be misunderstanding but I don't think I can apply that lemma directly
[Tue Feb 10 13:02:48 2015] <johnw> forget that, it was an old version of that function
[Tue Feb 10 13:02:52 2015] <vanila> ill definitely try to follow along those lines though
[Tue Feb 10 13:03:01 2015] <johnw> you need to apply it with "induction using ..."
[Tue Feb 10 13:03:33 2015] <johnw> so, the idea is that if your induction principle takes two lists as arguments, with the initial requirement that they be the same length, then it walks them in lock-step
[Tue Feb 10 13:03:57 2015] <vanila> in my case one of the two lists always gets smaller
[Tue Feb 10 13:04:00 2015] <vanila> but it could be any one of them
[Tue Feb 10 13:04:05 2015] <johnw> oh, I see
[Tue Feb 10 13:04:10 2015] <johnw> an either or scenario
[Tue Feb 10 13:04:13 2015] <vanila> but ill prove an induction scheme like that and try it out
[Tue Feb 10 13:04:31 2015] <vanila> it's  a bit weird how Program stops you getting a functional induction scheme, I thought it generated them for you
[Tue Feb 10 13:04:42 2015] <johnw> you can also try with Function instead
[Tue Feb 10 13:04:58 2015] <johnw> although it's a bit stricter about the syntax to "measure"
[Tue Feb 10 13:05:10 2015] <vanila> That gives me: Error: Recursive argument must be specified -- maybe if I tuple the parameters together it will work
[Tue Feb 10 13:07:26 2015] <vanila> oh... Function gives me: Warning: Cannot define principle(s) for intp
[Tue Feb 10 13:07:48 2015] <vanila> http://lpaste.net/120293
[Tue Feb 10 13:09:14 2015] <johnw> I can live with that
[Tue Feb 10 13:09:35 2015] <johnw> you should be able to manually define that principle if you need it
[Tue Feb 10 13:09:42 2015] <vanila> yeah im doing that now
[Tue Feb 10 13:09:51 2015] <vanila> it's a bit of a hassle trying to actually do anything with Coq :p
[Tue Feb 10 13:09:56 2015] <johnw> hahaha
[Tue Feb 10 13:10:01 2015] <johnw> all depends on what you're trying to do!
[Tue Feb 10 13:10:11 2015] <johnw> fancy recursion is in general tough
[Tue Feb 10 13:11:49 2015] <vanila> ahh
[Tue Feb 10 13:12:00 2015] <vanila> I understand why it can't generate a functional induction scheme automatically
[Tue Feb 10 13:12:09 2015] <johnw> why?
[Tue Feb 10 13:13:18 2015] <vanila> it can't take into account lt_eq_lt_dec
[Tue Feb 10 13:13:24 2015] <johnw> ahh
[Tue Feb 10 13:13:43 2015] <vanila> so there's multiple ways to build up any two lists, that's not true though if the constraints i have are enforced
[Tue Feb 10 13:18:14 2015] <vanila> http://lpaste.net/120296 it's not liking this
[Tue Feb 10 13:19:12 2015] <johnw> fanceh
[Tue Feb 10 13:52:18 2015] <vanila> got it
[Tue Feb 10 18:18:45 2015] <chirpsalot> johnw: does LinearScan provide a way to specify the number of registers that you have to allocate from?
[Tue Feb 10 18:20:52 2015] <chirpsalot> I'm reading up on it, and I'm a bit confused. Can I just say "I have these 64 registers to allocate from, transform my references into physical registers / spills?"
[Tue Feb 10 18:21:35 2015] <chirpsalot> I notice that the Coq code https://github.com/jwiegley/linearscan/blob/master/Allocate.v has "maxReg", but I'm not sure how that's exposed Haskell side?
[Tue Feb 10 18:21:48 2015] <johnw> chirpsalot: hi
[Tue Feb 10 18:21:57 2015] <johnw> chirpsalot: yes, 0.3.0.0 will
[Tue Feb 10 18:22:02 2015] <johnw> it's now a parameter to the allocate function
[Tue Feb 10 18:22:30 2015] <chirpsalot> johnw: ooooh, okay, so the hackage version is a bit out of date with respect to that :).
[Tue Feb 10 18:22:37 2015] <chirpsalot> Awesome!
[Tue Feb 10 18:22:39 2015] <johnw> right, I'm hard at work on the next version
[Tue Feb 10 18:22:45 2015] <johnw> hoping to have it out this week
[Tue Feb 10 18:22:59 2015] <johnw> it will also be pretty much feature complete, missing just most optimizations
[Tue Feb 10 18:23:59 2015] <chirpsalot> Good to know. This is a really awesome project! I'm hoping to use it in a toy MIPS DSL.
[Tue Feb 10 18:26:59 2015] <johnw> awesome!  I would love to know how it works out for you
[Tue Feb 10 18:27:18 2015] <johnw> I've gotten it intergrated into our compiler at work, but I discovered that lifetime allocation was not fine-grained enough, so that's what I'm working on now
[Tue Feb 10 18:27:36 2015] <chirpsalot> Oh, bleh, I was also looking at version 0.1. Looks like it has grown a bit in 0.2 ;).
[Tue Feb 10 18:27:53 2015] <johnw> and will again in 0.3
[Tue Feb 10 18:27:57 2015] <johnw> also, the interface is changing a fair bit
[Tue Feb 10 18:28:01 2015] <johnw> so beware
[Tue Feb 10 18:28:12 2015] <johnw> what is your graph representation?  Are you using Hoopl?
[Tue Feb 10 18:28:18 2015] <chirpsalot> Changing a bit for 0.3?
[Tue Feb 10 18:28:34 2015] <johnw> yes, changing quite a bit for 0.3
[Tue Feb 10 18:29:02 2015] <johnw> if you want to get a leg up on the UI changes, I'd recommend building the GitHub version, even though it won't work yet
[Tue Feb 10 18:29:23 2015] <johnw> (i.e., it fails tests and won't allocate anything, but that's soon to be remedied)
[Tue Feb 10 18:30:19 2015] <chirpsalot> johnw: I'm looking into Hoopl. The DSL is basically going to be straight MIPS assembly, but with register allocation so I don't have to think about it. Basically a poor man's LLVM.
[Tue Feb 10 18:30:41 2015] <johnw> Hoopl just makes it easy to manage block ordering
[Tue Feb 10 18:30:56 2015] <johnw> it uses GADTs to enforce the graph shape at compile-time
[Tue Feb 10 18:30:59 2015] <chirpsalot> So I was also thinking of just generating your BlockInfo types and stuff.
[Tue Feb 10 18:31:03 2015] <johnw> and block labels to determine control flow
[Tue Feb 10 18:31:09 2015] <johnw> ah, I don't use those anymore :)
[Tue Feb 10 18:31:22 2015] <johnw> now BlockInfo is a collection of functions to abstract the representation
[Tue Feb 10 18:31:40 2015] <johnw> my tests use Hoopl, so there's an example there not only of how to use Hoopl
[Tue Feb 10 18:31:50 2015] <johnw> but I even have a Free monad based DSL for writing assembly code in do notation :)
[Tue Feb 10 18:32:21 2015] <johnw> see test/Main.hs
[Tue Feb 10 18:32:38 2015] <johnw> I intend to break out the Hoopl stuff into a separate linearscan-hoopl library
[Tue Feb 10 18:32:42 2015] <johnw> to make it easier for just your scenario
[Tue Feb 10 18:33:36 2015] <chirpsalot> Okay. So, I should really look into Hoopl more! Good to know, thank you!
[Tue Feb 10 18:34:07 2015] <johnw> I think it's worth the investment, plus with my examples you shouldn't have too hard a time of it
[Tue Feb 10 18:36:50 2015] <chirpsalot> Yeah, I was looking at tempest a bit already :). I'll have to finish going through the Hoopl papers. Thanks!
[Wed Feb 11 02:52:14 2015] <wagle> does coqide even work?  should i figure out why it crashes or does nothing?  what else should I use?
[Wed Feb 11 02:59:59 2015] <wagle> (this is on macosx)
[Wed Feb 11 03:00:33 2015] <Adeon> you mean in general? yes it should work
[Wed Feb 11 03:01:11 2015] <Adeon> I don't run it on OS X though
[Wed Feb 11 03:02:02 2015] <wagle> whats the problem with os x?
[Wed Feb 11 03:02:49 2015] <wagle> (seems polished enough to work in general, though maybe a buggy version was released or something0
[Wed Feb 11 03:04:00 2015] <wagle> *thought
[Wed Feb 11 03:04:33 2015] <Adeon> I don't know, I haven't tried it on OS X
[Wed Feb 11 03:04:40 2015] <Adeon> sorry :-<
[Wed Feb 11 03:04:51 2015] <wagle> yeah, misparsed you until just now
[Wed Feb 11 03:04:54 2015] <Adeon> it uses GTK which should not be problematic on OS X though
[Wed Feb 11 03:05:26 2015] <wagle> I just cant get it to Check 0.
[Wed Feb 11 03:13:22 2015] <wagle> i must be very confused..  have the same problem with linux/ubuntu version, exxcept now, coqide has no documentation to not give me
[Wed Feb 11 03:20:40 2015] <wagle> one person seems to cuggest proof general is better
[Wed Feb 11 03:22:35 2015] <wagle> suggest
[Wed Feb 11 03:22:39 2015] <wagle> (wow)
[Wed Feb 11 03:27:54 2015] <wagle> hmm..http://web.cecs.pdx.edu/~apt/coq_hints.html seems good
[Wed Feb 11 03:37:00 2015] <wagle> oh, got it to do something..  the gui is very clunky
[Wed Feb 11 03:43:32 2015] <arcatan> wagle: for me, coqide has trouble finding coqtop, but once the setting is correct, it seems to work.
[Wed Feb 11 03:43:39 2015] <arcatan> mostly i use proof general, though
[Wed Feb 11 03:44:20 2015] <arcatan> (this is coqide 8.4pl5 on os x)
[Wed Feb 11 03:44:22 2015] <wagle> yeah, its the path, i think..  i'm switching to PG
[Wed Feb 11 03:44:49 2015] <wagle> the launcher doesnt really set much in the PATH
[Wed Feb 11 03:45:25 2015] <wagle> s/set/put
[Wed Feb 11 03:46:01 2015] <wagle> thanks
[Wed Feb 11 19:23:54 2015] <vanila> http://coq-blog.clarus.me/a-blog-engine-written-and-proven-in-coq.html
[Wed Feb 11 21:23:19 2015] <edwardk> yes, but is it provable that folks won't get offended at a name like chickblog?
[Wed Feb 11 21:24:27 2015] <edwardk> clearly the author missed a chance at naming it 'nugget' -- easily digestible content
[Wed Feb 11 21:25:10 2015] <benzrf> ayy
[Thu Feb 12 04:50:11 2015] <johnw> chirpsalot: ping
[Thu Feb 12 11:00:41 2015] <chirpsalot> johnw: version 0.3 up? :)
[Thu Feb 12 11:01:08 2015] <chirpsalot> Or working, rather?
[Thu Feb 12 12:37:30 2015] <kba> I have a Definition that says A = B. In my proof, I currently have A = B, so I can just write reflexivity.
[Thu Feb 12 12:37:44 2015] <kba> But it would be nicer I feel if I could rewrite it so it said "B = B" based on my Definition
[Thu Feb 12 12:37:49 2015] <kba> How could I do that?
[Thu Feb 12 12:39:18 2015] <kba> Ah. fold/unfold
[Thu Feb 12 13:30:37 2015] <johnw> chirpsalot: almost
[Thu Feb 12 14:11:11 2015] <benzrf> how do i turn a positive nat into a positive
[Thu Feb 12 14:11:14 2015] <benzrf> alternatively
[Thu Feb 12 14:11:19 2015] <benzrf> how do i do pattern matching on positives
[Thu Feb 12 14:19:27 2015] <jrw> benzrf: what kind of pattern matching?
[Thu Feb 12 14:19:40 2015] <jrw> I assume [match p with ... end] isn't what you're looking for
[Thu Feb 12 14:39:26 2015] <benzrf> jrw: that works too
[Thu Feb 12 14:39:31 2015] <benzrf> but
[Thu Feb 12 14:39:44 2015] <benzrf> basically i want to do natural-style induction
[Thu Feb 12 14:39:54 2015] <benzrf> and the actual ctors are arabic
[Thu Feb 12 14:39:55 2015] <jrw> benzrf: there's a lemma for that
[Thu Feb 12 14:39:59 2015] <benzrf> er, place-value
[Thu Feb 12 14:40:06 2015] <benzrf> jrw: what is
[Thu Feb 12 14:40:10 2015] <jrw> one sec
[Thu Feb 12 14:40:19 2015] <benzrf> to be precise
[Thu Feb 12 14:40:29 2015] <benzrf> i want to define the harmonic sequence and then its sequence of partial sums
[Thu Feb 12 14:40:35 2015] <benzrf> actually, i think it'd be simpler to just convert a nat into a positive
[Thu Feb 12 14:42:03 2015] <jrw> I'm still confused what you're trying to do. but if you [SearchAbout positive] and then look for "peano"
[Thu Feb 12 14:42:18 2015] <jrw> you should get an induction principle that uses the successor function on positives
[Thu Feb 12 14:42:21 2015] <jrw> not sure if this is what you want
[Thu Feb 12 14:42:58 2015] <benzrf> oh good :-)
[Thu Feb 12 18:45:12 2015] <benzrf> hey
[Thu Feb 12 18:46:04 2015] <benzrf> how do i prove 'shift_nat (log2 n) 2 <= Pos.of_nat (S n)'
[Thu Feb 12 18:46:37 2015] <benzrf> hm, < even
[Thu Feb 12 21:03:37 2015] <benzrf> argh
[Thu Feb 12 21:16:51 2015] <benzrf> help please ;-;
[Thu Feb 12 21:54:15 2015] <benzrf> please. how do i prove 'shift_nat (log2 n) 2 <= Pos.of_nat (S n)'
[Fri Feb 13 01:32:22 2015] <johnw> chirpsalot: ping
[Fri Feb 13 09:25:01 2015] <benzrf> hmm
[Fri Feb 13 09:25:30 2015] <benzrf> how do i turn "1#x <= 1#y" into "x >= y"
[Fri Feb 13 09:25:40 2015] <benzrf> i tried SearchAbout but didnt see such a lemma
[Fri Feb 13 10:04:28 2015] <joerisamson> Because it isn't true I guess?
[Fri Feb 13 10:05:21 2015] <joerisamson> Multiply both sides by x and y and you will find what you want (but only if x and y have the same sign)
[Fri Feb 13 10:08:30 2015] <joerisamson> oh, x and y must be both positive, so it's true
[Fri Feb 13 10:37:55 2015] <joerisamson> benzrf: it's easy to prove (once I figured where all the definitions where):   unfold Qle.   simpl. simpl_mult.   repeat rewrite Zmult_1_r. intros. assumption.
[Fri Feb 13 10:40:43 2015] <joerisamson> Ah no, intros must come first.
[Fri Feb 13 10:55:32 2015] <benzrf> ew
[Fri Feb 13 10:55:38 2015] <benzrf> how do i multiply both sides?
[Fri Feb 13 10:56:08 2015] <benzrf> also what tactic for obviously true ineqs, like "x < x + 1"
[Fri Feb 13 11:00:08 2015] <joerisamson> turns out that's already the definition of <= for rationals, so just unfold the definition
[Fri Feb 13 11:02:36 2015] <joerisamson> for your second question, I don't know I've really only worked with nat (I'm new to Coq)
[Fri Feb 13 11:05:39 2015] <ianjneu> benzrf: I use omega
[Fri Feb 13 11:09:45 2015] <joerisamson> http://lpaste.net/120468
[Fri Feb 13 11:12:42 2015] <benzrf> ianjneu: ah yes
[Fri Feb 13 11:21:20 2015] <benzrf> is there a comand to view docu on a tacctic
[Fri Feb 13 13:34:39 2015] <joerisamson> benzrf: it's even simpler 1#x <= 1#y -> (' y <= ' x)%Z is solved just by saying assumption. so you only have to prove that y <= x -> x >= y
[Fri Feb 13 13:36:41 2015] <benzrf> oh how nice
[Fri Feb 13 15:52:06 2015] <Choups314> What is the shortest way to "match on a predicate" ?
[Fri Feb 13 15:52:11 2015] <benzrf> Choups314: explain
[Fri Feb 13 15:52:34 2015] <Choups314> For example, if I have a variable x of type R, I want a match like :
[Fri Feb 13 15:53:26 2015] <Choups314> First case if  [predicate1 x] is True, second case if [predicate2 x] is True and so on ..
[Fri Feb 13 15:53:33 2015] <Choups314> (It's not clear ...)
[Fri Feb 13 15:53:59 2015] <Choups314> A kind of If .. else if .. else ..    but in a definition
[Fri Feb 13 15:54:13 2015] <Choups314> (And the conditions are predicates on the variable [x])
[Fri Feb 13 15:55:12 2015] <benzrf> Choups314: predicate1 : XType -> bool?
[Fri Feb 13 15:55:47 2015] <Choups314> XType -> Prop
[Fri Feb 13 15:57:14 2015] <Choups314> I thought I could use an extra inductive type, with one constructor for each predicates
[Fri Feb 13 15:57:24 2015] <Choups314> And then match on this type in the definition
[Fri Feb 13 15:57:52 2015] <Choups314> But I think it's quite .. *heavy*
[Fri Feb 13 16:14:45 2015] <Choups314> In other words, is it possible to build an object (of an inductive type) depending on the value of a variable ? (i.e. choose the constructor according to a variable value)
[Fri Feb 13 16:37:16 2015] <Choups314> Is it possible to do somethink like this : http://pastebin.com/0ngvi4de ?
[Fri Feb 13 16:37:28 2015] <Choups314> (It complains : Error: This clause is redundant.)
[Fri Feb 13 16:54:49 2015] <johnw> that may be because of the types of P1 x and P2 x
[Fri Feb 13 16:55:03 2015] <johnw> i.e., pattern matching is revealing enough information that it knows one of the cases cannot happen
[Fri Feb 13 17:52:08 2015] <vanila> "From the sounds of it, Coq isn’t quite what I’m really looking for. I might try out some of those really simple proofs you’re talking about to get a feel for it and then move onto learning more about SMT and Idris.
[Fri Feb 13 17:52:08 2015] <vanila> Software verification is definitely the goal, for me :)"
[Fri Feb 13 17:52:25 2015] <chirpsalot> johnw: pong!
[Fri Feb 13 18:16:41 2015] <vanila> this is crazy isnt it?
[Fri Feb 13 18:16:57 2015] <vanila> why do people think you coq isn't the tool for verifying software...
[Fri Feb 13 18:23:16 2015] <mads-> vanila: they might expect something easier or more automated to do it for them
[Fri Feb 13 18:59:19 2015] <benzrf> is there a way to get docu on tactics from coqtop
[Fri Feb 13 18:59:28 2015] <benzrf> also is there a way to search for what a notation means
[Fri Feb 13 19:48:46 2015] <jrw> benzrf: you can use [Locate "<="] to find notations
[Fri Feb 13 19:49:00 2015] <jrw> coqtop doesn't give live documentation as far as I know
[Fri Feb 13 19:49:07 2015] <benzrf> ah thanks :)
[Fri Feb 13 22:21:48 2015] <benzrf> jesus christ
[Fri Feb 13 22:22:04 2015] <benzrf> ive been spending HOURS trying to prove Lemma Qle_den_ge : forall n m, (n <> 0)%nat -> (m <> 0)%nat -> (n >= m)%nat -> 1#Pos.of_nat n <= 1#Pos.of_nat m.
[Fri Feb 13 22:33:48 2015] <johnw> chirpsalot: heya!
[Fri Feb 13 22:33:55 2015] <johnw> chirpsalot: linearscan is passing tests again, I will release 0.3 tonight and then start on writing more tests
[Fri Feb 13 22:38:16 2015] <wagle> anyone use prooftree?  I'm failing to get it to work under macosx
[Fri Feb 13 22:38:17 2015] <chirpsalot> johnw: good to know! I'm working my way through Hoopl right now, and am planning on getting a start to my DSL shortly.
[Fri Feb 13 22:38:48 2015] <chirpsalot> wagle: is it complaining about version differences?
[Fri Feb 13 22:39:02 2015] <wagle> chirpsalot: protocol 2 vs 3
[Fri Feb 13 22:40:12 2015] <wagle> the error message is confusing
[Fri Feb 13 22:40:39 2015] <wagle> Protocol error!
[Fri Feb 13 22:40:39 2015] <wagle> Communication protocol mismatch.
[Fri Feb 13 22:40:39 2015] <wagle> Proof General uses version 02
[Fri Feb 13 22:40:39 2015] <wagle> but this version of Prooftree supports version 03
[Fri Feb 13 22:40:39 2015] <wagle> Closing connection.
[Fri Feb 13 22:40:45 2015] <wagle> eeep
[Fri Feb 13 22:40:54 2015] <chirpsalot> wagle: basically proof general is expecting a different version of proof tree. The protocol doesn't match.
[Fri Feb 13 22:41:09 2015] <chirpsalot> Try getting an older version of proof tree?
[Fri Feb 13 22:41:19 2015] <wagle> really?  ok
[Fri Feb 13 22:41:23 2015] <chirpsalot> Or maybe updating proof general.
[Fri Feb 13 22:41:27 2015] <chirpsalot> Not sure which :).
[Fri Feb 13 22:41:56 2015] <wagle> lemme poke around
[Fri Feb 13 22:42:12 2015] <wagle> i had to work to get a modern version of prooftree
[Fri Feb 13 22:42:41 2015] <chirpsalot> http://askra.de/software/prooftree/
[Fri Feb 13 22:42:44 2015] <chirpsalot> incompatible protocol change: requires Proof General >= 4.3pre130327
[Fri Feb 13 22:43:52 2015] <wagle> egad.  (thanks, didnt think to study that again)
[Fri Feb 13 22:44:15 2015] <chirpsalot> Also "Ready to be used. Prooftree requires Proof General >= 4.3pre130327 and Coq version 8.4beta or greater.
[Fri Feb 13 22:47:28 2015] <chirpsalot> wagle: if you use nix it has proofgeneral_4_3_pre and prooftree. I assume they work.
[Fri Feb 13 22:47:50 2015] <wagle> * has macos/yosemite
[Fri Feb 13 22:48:08 2015] <wagle>   and homebrew
[Fri Feb 13 22:48:37 2015] <wagle> soon my MBP will die and I'll switch to linux for want of a matte screen
[Fri Feb 13 22:48:51 2015] <chirpsalot> wagle: nix works on OSX.
[Fri Feb 13 22:49:39 2015] <wagle> ocaml 4 seems to have broken comments in prooftree
[Fri Feb 13 22:49:49 2015] <wagle> ocaml 4 seems to have broken comments in prooftree/input.ml
[Fri Feb 13 22:50:02 2015] <wagle> but i fixed that
[Fri Feb 13 22:50:16 2015] <wagle> well, hacked along it
[Fri Feb 13 22:50:44 2015] <chirpsalot> o_O?
[Fri Feb 13 22:51:42 2015] <wagle> had three "{foo|not-foo}" like things in the comments
[Fri Feb 13 22:53:59 2015] <benzrf> somebody please help x_x
[Fri Feb 13 22:57:58 2015] <wagle> ask a question that someone might be able to answer
[Fri Feb 13 22:58:06 2015] <benzrf> i pasted it earlier ut ok:
[Fri Feb 13 22:58:14 2015] <benzrf> how the hell do i prove Lemma Qle_den_ge : forall n m, (n <> 0)%nat -> (m <> 0)%nat -> (n  >= m)%nat -> 1#Pos.of_nat n <= 1#Pos.of_nat m.
[Fri Feb 13 22:58:31 2015] <benzrf> i think i might be able to bludgeon something out with 20 or so tactic
[Fri Feb 13 22:58:34 2015] <benzrf> *tactics
[Fri Feb 13 22:58:43 2015] <benzrf> but i feel like there should be something simpler than that -_-
[Fri Feb 13 22:58:56 2015] <johnw> "omega"?
[Fri Feb 13 22:59:04 2015] <wagle> i dunno, I'm still trying to setup a coq environment to do the tutorial with
[Fri Feb 13 23:02:29 2015] <benzrf> johnw: that works on nats doesnt it
[Fri Feb 13 23:02:53 2015] <johnw> it's really really easy to try :)
[Fri Feb 13 23:02:59 2015] <benzrf> i already did
[Fri Feb 13 23:03:00 2015] <benzrf> it doesnt work
[Fri Feb 13 23:17:15 2015] <wagle> looking for a test program to show that prooftree works (I'm starting on the coq tutorial)
[Fri Feb 13 23:19:47 2015] <wagle> (it does nothing for a really simple example)
[Fri Feb 13 23:28:05 2015] <wagle> gotta have a "Proof."
[Fri Feb 13 23:28:15 2015] <wagle> so I got it to work
[Sat Feb 14 06:01:20 2015] <johnw> chirpsalot: you awake?
[Sat Feb 14 06:32:05 2015] <johnw> chirpsalot: 0.3 is released
[Sat Feb 14 06:32:10 2015] <johnw> and is now feature complete
[Sat Feb 14 06:32:32 2015] <johnw> next I begin documenting and testing toward the 1.0 release
[Sat Feb 14 09:55:31 2015] <Choups314> How to deal with hypothesis like  :  [H : forall (x:T), match x with : | c1 => ...  | c2 => ... end] ?
[Sat Feb 14 09:55:41 2015] <Choups314> Is there way to "destruct" it ?
[Sat Feb 14 09:58:18 2015] <Cypi> Choups314 : what you can destruct is (H x) for some x of type T
[Sat Feb 14 09:58:49 2015] <Cypi> Ah wait, that's a match.
[Sat Feb 14 09:58:57 2015] <Choups314> Yeah :/
[Sat Feb 14 09:59:00 2015] <Cypi> Sorry, you cannot destruct a match, you just simply it
[Sat Feb 14 09:59:09 2015] <Choups314> How ?
[Sat Feb 14 09:59:24 2015] <Choups314> With the other hypothesis, only one constructor is possible
[Sat Feb 14 09:59:41 2015] <Choups314> But I don't know how to eliminate the others
[Sat Feb 14 09:59:42 2015] <Cypi> So, if you do have (x:T) in your hypotheses, you can do something like [pose proof (H x) as H'. simpl in H'.]
[Sat Feb 14 09:59:58 2015] <Cypi> Ah. Not [simpl in H'.], rather [destruct x.], if you have to
[Sat Feb 14 10:00:00 2015] <Cypi> (sorry)
[Sat Feb 14 10:00:30 2015] <Choups314> Wait, I'll pastebin the definition ;)
[Sat Feb 14 10:00:36 2015] <Cypi> ok
[Sat Feb 14 10:00:39 2015] <Choups314> (very simple one)
[Sat Feb 14 10:03:01 2015] <Choups314> Cypi : http://pastebin.com/KWQXLWkA
[Sat Feb 14 10:03:56 2015] <Choups314> (The definition may seems weird, but it is the only way I found to "match on a predicate")
[Sat Feb 14 10:05:18 2015] <Choups314> Cypi Sorry, typo : http://pastebin.com/ufLzaJZ8
[Sat Feb 14 10:05:48 2015] <Choups314> So I would like to simplify H0 with  (* stuff 1 *). Is it possible ?
[Sat Feb 14 10:07:22 2015] <Cypi> Yes: pose proof (H0 (pInf x H1)) as blah; simpl in blah
[Sat Feb 14 10:10:03 2015] <Choups314> Cypi: Thanks a lot :)
[Sat Feb 14 10:45:05 2015] <Choups314> Is it possible to hide an hypothesis ?
[Sat Feb 14 11:01:29 2015] <Cypi> Choups314 : you can clear it
[Sat Feb 14 11:01:34 2015] <Cypi> I don't know if you can hide it
[Sat Feb 14 11:40:56 2015] <mads-> Why would you hide it?
[Sat Feb 14 11:58:24 2015] <Choups314> clear is what I wanted ;)
[Sat Feb 14 12:06:33 2015] <mads-> Choups314: Doing Coq for school or interest?
[Sat Feb 14 12:06:44 2015] <Choups314> both ^^
[Sat Feb 14 12:06:50 2015] <Choups314> Not really for school
[Sat Feb 14 12:07:04 2015] <Choups314> But I do what I do in school in coq
[Sat Feb 14 12:07:05 2015] <Choups314> :p
[Sat Feb 14 12:07:08 2015] <Choups314> (I try ^^)
[Sat Feb 14 12:07:41 2015] <mads-> Cool. What are you doing in school?
[Sat Feb 14 12:07:52 2015] <mads-> (Which can be translated to Coq)
[Sat Feb 14 12:07:59 2015] <Choups314> Math
[Sat Feb 14 12:08:08 2015] <Choups314> I am in a french prep school
[Sat Feb 14 12:08:19 2015] <mads-> Coolio.
[Sat Feb 14 12:08:38 2015] <mads-> I got a better understand about math by taking a course on Coq.
[Sat Feb 14 12:08:48 2015] <mads-> Granted, I was pretty bad at math before that :P
[Sat Feb 14 12:09:00 2015] <Choups314> ^^
[Sat Feb 14 12:09:31 2015] <Choups314> For now, the hard point for me is to translate what I know into Coq
[Sat Feb 14 12:09:53 2015] <Anarchos> Choups314 at my time, we just discovered caml light in prepa..... times change !
[Sat Feb 14 12:10:04 2015] <Choups314> Nop :)
[Sat Feb 14 12:10:15 2015] <Choups314> We are still discovering caml there :p
[Sat Feb 14 12:10:33 2015] <Anarchos> Choups314 if you do things in coq you are ahead of your comrades then ;)
[Sat Feb 14 12:10:46 2015] <Choups314> (Coq is not at all in the sylabus ;) )
[Sat Feb 14 12:10:52 2015] <Choups314> Yes, I hope :D
[Sat Feb 14 12:11:21 2015] <Choups314> Do you know if there is a "way" to generate a "free" hypothesis name ?
[Sat Feb 14 12:11:35 2015] <Choups314> (In a Ltac, I need "temporary" steps)
[Sat Feb 14 12:12:06 2015] <Choups314> Anarchos: Now it's ocaml ;)
[Sat Feb 14 12:12:19 2015] <Anarchos> Choups314 yes there is a way to change the hypothesis name
[Sat Feb 14 12:12:43 2015] <Anarchos> never touched to Ltac though …
[Sat Feb 14 12:12:54 2015] <Choups314> I mean, generate a "random" name, just for the internal work of the Ltac
[Sat Feb 14 12:13:20 2015] <Anarchos> Choups314 not found something in the manual ?
[Sat Feb 14 12:13:50 2015] <Choups314> I don't really know what to look for .. a tactic ? oO
[Sat Feb 14 12:15:12 2015] <Anarchos> https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html maybe there ?
[Sat Feb 14 12:15:43 2015] <Anarchos>  intro ident
[Sat Feb 14 12:15:44 2015] <Anarchos>  This applies intro but forces ident to be the name of the introduced hypothesis.
[Sat Feb 14 12:16:29 2015] <Choups314> Anarchos, Exactly, I would like "something" to generate this *ident*
[Sat Feb 14 12:16:33 2015] <Anarchos> or this one : http://stackoverflow.com/questions/22404394/how-to-automatically-generate-good-names-when-decomposing-existential-hypothes
[Sat Feb 14 12:17:39 2015] <Anarchos> let h := fresh "h" in idtac h; intros h;
[Sat Feb 14 12:17:56 2015] <Anarchos> it seems that «fresh» can do the job...
[Sat Feb 14 12:18:56 2015] <Choups314> Yes ! perfect :)
[Sat Feb 14 12:20:08 2015] <Choups314> Here is what I'm doing with Coq : https://github.com/Choups314/SAMPL
[Sat Feb 14 12:21:05 2015] <Choups314> (It's still quite a mess because I started using CoRN, but  I have finally stopped ..)
[Sat Feb 14 12:21:54 2015] <Anarchos> Choups314 good luck :)
[Sat Feb 14 12:22:02 2015] <Choups314> Thanks ;)
[Sat Feb 14 12:22:14 2015] <Anarchos> i work at a lower level : just coding a proof verifier, not in coq, but in ocaml.
[Sat Feb 14 12:22:55 2015] <Choups314> To work with Coq ?
[Sat Feb 14 12:23:08 2015] <Choups314> (I am really new with caml)
[Sat Feb 14 12:23:19 2015] <Anarchos> no a standalone verifier .
[Sat Feb 14 12:36:54 2015] <Choups314> Is it possible to concatenate strings when displaying a message with idtac ?
[Sat Feb 14 12:37:07 2015] <Choups314> (This is probably too python-like)
[Sat Feb 14 12:37:38 2015] <Choups314> (i.e. For example to concatenate a string and an hypothesis name)
[Sat Feb 14 12:59:57 2015] <godel> Hello. Given a Type, how does coq find its induction? Can someone point me to the algorithm or its implementation?
[Sat Feb 14 14:10:59 2015] <Anarchos> Choups314 let me know if you found how to concatenate !
[Sat Feb 14 14:11:43 2015] <Choups314> Anarchos: I guess it is possible in caml, but I'm still searching for Ltac
[Sat Feb 14 14:19:37 2015] <Anarchos> sure it is for caml : it is the «  ^ » operator
[Sat Feb 14 14:35:56 2015] <Anarchos> Choups314 and good luck for your first year of CPGE...
[Sat Feb 14 14:40:15 2015] <Choups314> Thanks :p
[Sat Feb 14 14:40:38 2015] <Choups314> I guess you were in too ?
[Sat Feb 14 14:44:31 2015] <Anarchos> Choups314 95/96 & 96/97
[Sat Feb 14 16:38:18 2015] <Choups314> [exists (x:R), x >= 0 -> ...] does not mean  http://latex.codecogs.com/gif.latex?%5Cexists%20x%20%5Cin%20%5Cmathbb%7BR%7D%5E&plus; right ?
[Sat Feb 14 16:38:34 2015] <Choups314> (If we consider that [R] is the type for real numbers)
[Sat Feb 14 16:41:11 2015] <Choups314> I mean, I'm not sure of the [exists], because when I have an hypothesis [H : exists x:R, x>0 -> ..] I can't destruct it properly
[Sat Feb 14 17:01:01 2015] <Cypi> First of all, you might want to take a look at sig instead of ex, if you want to extrace the value inside H to compute something
[Sat Feb 14 17:01:32 2015] <Cypi> Then, to expresse what you meant, it would probably be something like [exists (x:R), x >= 0 /\ ...]
[Sat Feb 14 17:02:02 2015] <Cypi> (but then again, you might want instead [{x : R | x >= 0 /\ ... }]
[Sat Feb 14 17:02:03 2015] <Cypi> )
[Sat Feb 14 17:03:13 2015] <Cypi> extract*
[Sat Feb 14 17:07:45 2015] <chirpsalot> johnw: congrats! Nicely done :).
[Sat Feb 14 17:08:59 2015] <Choups314> Cypi: Thank you ! That's what I was looking at in the CoRN sources ..
[Sat Feb 14 17:10:00 2015] <Choups314> With an hypothesis [H : exists x:R, x>0 -> ..], it would allow me to "destruct" it as [H1 : x  H2 : x>0   H3 : ...] ?
[Sat Feb 14 17:15:00 2015] <Cypi> If your goal is in Prop, then you can destruct H to get this, indeed.
[Sat Feb 14 17:15:13 2015] <Cypi> If your goal is in Set (or Type), then you won't be able to do so
[Sat Feb 14 17:15:44 2015] <Cypi> If H is instead {x : R | x >= 0 /\ ... }, then you should be able to destruct it in the later case, though.
[Sat Feb 14 18:22:48 2015] <arbelos> Could someone help me understand the difference between these two definitions: http://lpaste.net/120526
[Sat Feb 14 18:25:19 2015] <benzrf> arbelos: https://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Sat Feb 14 18:27:04 2015] <arbelos> benzrf: thanks. I wasn't sure what to search for
[Sat Feb 14 18:27:27 2015] <benzrf> no problem :)
[Sat Feb 14 18:27:38 2015] <benzrf> good questoin
[Sat Feb 14 18:27:42 2015] <benzrf> *question
[Sat Feb 14 18:33:35 2015] <arbelos> So my first type there, u.. fails when I try to implement functions that pattern match on the constructor, like "concat".
[Sat Feb 14 18:36:57 2015] <arbelos> but let me read the answer on SO properly ...
[Sun Feb 15 01:14:14 2015] <johnw> chirpsalot: thanks
[Sun Feb 15 01:14:33 2015] <johnw> chirpsalot: it still doesn't allocate for all our compiler's test programs, so I will be looking into that later tonight
[Sun Feb 15 01:54:28 2015] <chirpsalot> johnw: awesome. I'm slowly working my way through Hoopl and such. It does more with the Haskell type system than I knew about, so I have been getting somewhat distracted :).
[Sun Feb 15 16:00:31 2015] <heinrich5991> hello
[Sun Feb 15 16:00:41 2015] <heinrich5991> I want to prove that `e = e'`
[Sun Feb 15 16:00:54 2015] <Anarchos> intro e; exact e.
[Sun Feb 15 16:01:04 2015] <heinrich5991> to do that I want to do a intermediate step `e = prod e e'` and `prod e e' = e'`
[Sun Feb 15 16:01:09 2015] <Anarchos> should do the trick ?
[Sun Feb 15 16:01:29 2015] <heinrich5991> let me try
[Sun Feb 15 16:01:39 2015] <vanila> you can use the transitivity tactic
[Sun Feb 15 16:02:16 2015] <heinrich5991> vanila: ah that's exactly what I looked for
[Sun Feb 15 16:02:17 2015] <heinrich5991> thanks
[Sun Feb 15 16:06:21 2015] <Anarchos> i may say «auto», but …
[Sun Feb 15 16:09:17 2015] <heinrich5991> Anarchos: would auto do that automatically?
[Sun Feb 15 16:09:35 2015] <Anarchos> heinrich5991 i hope auto is able to prove e=e....
[Sun Feb 15 16:10:15 2015] <heinrich5991> after I applied a relevant property to `e = prod e e'`, it already finished the proof.
[Sun Feb 15 16:15:56 2015] <johnw> Anarchos: or just "exact".
[Sun Feb 15 16:16:20 2015] <Anarchos> johnw my coq skill is a bit rusty.
[Sun Feb 15 16:16:33 2015] <johnw> I may be thinking of the ssreflect version too
[Sun Feb 15 16:17:07 2015] <heinrich5991> how can I define a inverse function for groups?
[Sun Feb 15 16:17:23 2015] <heinrich5991> (I already have the relevant axiom, prod_inverse
[Sun Feb 15 16:17:38 2015] <heinrich5991> : forall x : G, exists y : G, prod x y = e.
[Mon Feb 16 00:46:38 2015] <dramforever> What's the corret <= for int?
[Mon Feb 16 00:46:41 2015] <dramforever> *correct
[Mon Feb 16 00:47:11 2015] <dramforever> hmm...should I have said "hi" first?
[Mon Feb 16 00:47:21 2015] <johnw> hi!
[Mon Feb 16 00:48:25 2015] <dramforever> yes
[Mon Feb 16 00:48:35 2015] <dramforever> what's the correct <= for int?
[Mon Feb 16 00:48:42 2015] <johnw> I don't know
[Mon Feb 16 00:49:34 2015] <dramforever> it's stupid. I'm following the tutorial for why3 and got stuck
[Mon Feb 16 00:49:50 2015] <dramforever> * wonders if there's a coq paste bin
[Mon Feb 16 11:57:43 2015] <kba> what's the difference between destruct, induction and case?
[Mon Feb 16 11:57:47 2015] <kba> I feel like they do the same thing
[Mon Feb 16 11:58:43 2015] <ianjneu> kba: when you define an inductive datatype, Coq creates both dependend and non-dependent eliminators. Induction uses the former, destruction uses the latter.
[Mon Feb 16 12:00:16 2015] <vanila> I thought both destruct and induction were dependent.. but you just don't get induction hyps from destruct
[Mon Feb 16 12:00:45 2015] <kba> ianjneu: What are eliminators?
[Mon Feb 16 12:01:27 2015] <kba> It's so difficult to learn Coq, I can't just google "coq eliminators" and get an explanation like with any other language
[Mon Feb 16 12:01:35 2015] <ianjneu> kba: all types have ways to form elements of the type, introduction rules, and ways to use elements of the type, elimination rules.
[Mon Feb 16 12:02:16 2015] <kba> I'm not sure what that means. What are the introduction rules and eliminators of the natural numbers?
[Mon Feb 16 12:02:16 2015] <ianjneu> roughly, "eta rules" mean elim . intro = identity
[Mon Feb 16 12:04:01 2015] <ianjneu> 0 introduces the zero. S n introduces the sucessor of n. The non-dependent eliminator is nat_fold : forall A : Type, A -> (nat -> A -> A) -> nat -> A.
[Mon Feb 16 12:04:52 2015] <ianjneu> roughly. I'm still a little groggy.
[Mon Feb 16 12:04:56 2015] <vanila> oh yeah, you're right
[Mon Feb 16 12:06:17 2015] <kba> Okay, I understand the introduction rules, but not the eliminator. For some type A, ...
[Mon Feb 16 12:08:51 2015] <ianjneu> Ya I wrote that wrong. Go into coqtop and Print nat_rect.
[Mon Feb 16 12:09:09 2015] <kba> That gives nothing
[Mon Feb 16 12:09:18 2015] <ianjneu> Require Import ZArith. first
[Mon Feb 16 12:09:22 2015] <kba> Ah. .
[Mon Feb 16 12:59:44 2015] <Choups314> Hey !
[Mon Feb 16 12:59:44 2015] <Choups314> Is it possible to prove a contradiction if I have an hypothesis [H : ~ P x], where P is predicate and another hypothesis [H1 : forall (Hx : P x), ..] ?
[Mon Feb 16 13:00:04 2015] <Choups314> I mean, transform H4 into False
[Mon Feb 16 13:00:08 2015] <Anarchos> hi Choups314
[Mon Feb 16 13:00:17 2015] <Choups314> Hi :)
[Mon Feb 16 13:00:49 2015] <vanila> elimtype False.
[Mon Feb 16 13:00:49 2015] <Anarchos> intro H1. intro. contradiction H.
[Mon Feb 16 13:00:54 2015] <vanila> then apply (H H1).
[Mon Feb 16 13:17:29 2015] <Choups314> It's my fault (I didn't write enought), but I have other premises after [forall (Hx : P x), ...] in H1 .. So these tactics don't work :(
[Mon Feb 16 13:17:49 2015] <Choups314> (It took time to understand ^^)
[Mon Feb 16 13:20:24 2015] <vanila> what I said does not work?
[Mon Feb 16 13:20:56 2015] <Choups314> It works if H1 is just [H1 : P x]
[Mon Feb 16 13:21:14 2015] <vanila> ahhh
[Mon Feb 16 13:21:36 2015] <vanila> if you have ~ P x, and  P x -> Q,  that does't imply Q
[Mon Feb 16 13:21:42 2015] <vanila> because we don't have excluded middle
[Mon Feb 16 13:21:59 2015] <Choups314> Let's assume we have it as an axiom ;)
[Mon Feb 16 13:22:16 2015] <Choups314> (It's just a hobby proof)
[Mon Feb 16 13:22:53 2015] <Choups314> For example https://gist.github.com/Choups314/0b7785403d9bac8e5f33
[Mon Feb 16 13:23:42 2015] <Choups314> Is it possible to finish the proof ?
[Mon Feb 16 13:24:02 2015] <Choups314> (If we assume classical logic axioms)
[Mon Feb 16 13:24:17 2015] <vanila> with LEM, ~ P x gives you P x, which lets you get Q
[Mon Feb 16 13:24:33 2015] <vanila> (forall (Hx: P x), 1)  I do not think this is well kinded
[Mon Feb 16 13:25:03 2015] <vanila> maybe Variable Q:Prop, then use (forall (Hx: P x), Q) instead
[Mon Feb 16 13:26:33 2015] <Choups314> The fact that [forall (Hx: P x)] has no witness cannot be used ?
[Mon Feb 16 13:26:42 2015] <Choups314> (To prove False)
[Mon Feb 16 13:27:29 2015] <vanila> I don't understand sorry
[Mon Feb 16 13:28:16 2015] <vanila> you can prove this:  X -> ~ X -> False
[Mon Feb 16 13:30:57 2015] <Choups314> In fact I have a proof that looks like this https://gist.github.com/Choups314/9184ae51d8844f2ade2e (i.e. I don't have 2=2, but another predicate that requires Hx). But I'm not sure if I can finish the proof only with these hypothesis
[Mon Feb 16 13:32:18 2015] <vanila> this isn't true
[Mon Feb 16 13:32:30 2015] <vanila> you wont be able to prove it
[Mon Feb 16 13:50:30 2015] <kba> Im' proving some stuff about even/odd numbers, and in the process I end up with an assumption "H_n : False". Right now, I'm doing: apply (False_ind (1 = 2)) in H_n. discriminate H_n.
[Mon Feb 16 13:50:32 2015] <kba> Which is ugly.
[Mon Feb 16 13:50:49 2015] <kba> Can I somehow do that nicer? It seems stupid that I have H_n : False, and then I just can't "discriminate H_n."
[Mon Feb 16 13:51:01 2015] <kba> but that I have to rewrite it into something silly like 1 = 2 before I can discriminate.
[Mon Feb 16 13:51:09 2015] <jgross> [destruct H_n] and [exfalso; assumption] will both work. 
[Mon Feb 16 13:52:56 2015] <kba> exfalso just gives me "False" as my subgoal
[Mon Feb 16 13:53:15 2015] <kba> destruct H_n gives me 3 other assumptions
[Mon Feb 16 13:54:55 2015] <kba> Oh, no, never mind. Thanks, jgross
[Mon Feb 16 13:55:57 2015] <kba> if I just write "destruct H_n." it all goes away
[Mon Feb 16 13:56:09 2015] <kba> not sure I understand why, though
[Mon Feb 16 13:58:49 2015] <jgross> If you have a hypothesis [H_n : False], then you can solve a subgoal of type [False]. 
[Mon Feb 16 13:59:32 2015] <jgross> Regarding [destruct H_n], you are doing case analysis on your proof of [False].  How many ways (cases) are there to prove [False]?  (You can print them all with [Print False.]) 
[Mon Feb 16 13:59:36 2015] <kba> Okay, but writing `destruct H_n` just solves it automatically
[Mon Feb 16 14:00:29 2015] <kba> You can't prove False, I presume?
[Mon Feb 16 14:00:38 2015] <kba> Also since Print False. gives me nothing
[Mon Feb 16 14:00:57 2015] <jgross> Right.	There are zero cases.  So when you do case analysis, you have zero cases to consider. 
[Mon Feb 16 14:01:10 2015] <kba> Ah! Of course
[Mon Feb 16 14:01:15 2015] <kba> Thanks :)
[Mon Feb 16 14:01:24 2015] <jgross> No problem :-) 
[Mon Feb 16 14:02:35 2015] <kba> Now you inspired me to do "Print True." and I get Inductive True : Prop :=  I : True
[Mon Feb 16 14:02:42 2015] <kba> What does I mean?
[Mon Feb 16 14:02:54 2015] <kba> Something of type True?
[Mon Feb 16 14:03:27 2015] <kba> Or is it like identity?
[Mon Feb 16 14:03:36 2015] <kba> Since proving True is done by just... True
[Mon Feb 16 14:37:22 2015] <Anarchos> kba true is a proposition and there is a proof (the « I ») of it.
[Mon Feb 16 14:37:39 2015] <kba> Is "I" a proof?
[Mon Feb 16 14:37:48 2015] <Anarchos> kba remember that propositions are types of their proofs in the curry-howard correspondance
[Mon Feb 16 14:47:05 2015] <johnw> kba: any value is an existence proof of its type
[Mon Feb 16 14:53:53 2015] <kba> So I is the proof that True is a type? Or?
[Mon Feb 16 14:53:59 2015] <kba> I'm not sure I follow
[Mon Feb 16 14:57:10 2015] <johnw> I is the proof that True is inhabited
[Mon Feb 16 14:57:30 2015] <johnw> any type that is uninhabited is equal to False
[Mon Feb 16 14:57:46 2015] <johnw> so, if you have an inhabitant, you have a proof that your type is not False
[Mon Feb 16 15:03:01 2015] <kba> Okay, that sort of makes sense, I guess. Thanks
[Mon Feb 16 16:05:59 2015] <jgross> johnw: types that are uninhabited are isomorphic to False, but not equal without univalence.  e.g., Empty_set = False is unprovable, even though they're defined as [Inductive Empty_set : Set := .  Inductive False : Prop := .] 
[Mon Feb 16 16:06:15 2015] <johnw> jgross: ah, thank you
[Mon Feb 16 16:06:28 2015] <johnw> i should have said isomorphic
[Mon Feb 16 19:15:42 2015] <benzrf> auuuuugh im going nuts
[Mon Feb 16 19:16:04 2015] <benzrf> why is there no even close to simple way to prove Lemma Qle_den_ge : forall n m, (n >= m)%nat -> 1#Pos.of_nat n <= 1#Pos.of_nat m.
[Mon Feb 16 19:16:07 2015] <benzrf> GOD
[Tue Feb 17 05:07:05 2015] <Choups314> Hi, is it possible to use a previous premise in a definition ? For example with the definition : [Definition test : *premise1* -> *premise2* -> *conclusion*]. Is it possible to use a proof of *premise1* in the conclusion ? (there are all typed Prop)
[Tue Feb 17 05:08:55 2015] <lyxia> Do you mean that you already have a proof of premise1 before that?
[Tue Feb 17 05:09:40 2015] <lyxia> In which case you don't need to make a function of premise1, test : premise2 -> conclusion
[Tue Feb 17 05:11:11 2015] <Choups314> No I don't have it before, but if you use the definition I would have to give the proof right ?
[Tue Feb 17 05:12:04 2015] <lyxia> If you're going to apply test, you will apply it to a proof of premise1 indeed.
[Tue Feb 17 05:13:31 2015] <Choups314> And there is no *workaround* to extract this proof in the conclusion ?  (Still in the Definition)
[Tue Feb 17 05:14:48 2015] <lyxia> you can do pattern matching on the proof
[Tue Feb 17 05:15:20 2015] <lyxia> assuming there is any pattern to match
[Tue Feb 17 05:15:56 2015] <Choups314> For example : Let's assume I'm defining [test], which depends on a variable [x:nat]. In the conclusion of [test] I need a proof that [x<>0], so I thought I could do something like : [Definition test (x:nat), x<>0 -> *conclusion*]. But then in the conclusion I need to *extract* the proof that [x<>0] (still in the definition)
[Tue Feb 17 05:17:13 2015] <vanila> if you start with  intros x xNotZero.   then when you are proving the conclusion you can make use xNotZero as many times as you like
[Tue Feb 17 05:17:54 2015] <Choups314> *conclusion* could be something like : [concl x Hx]  (with Hx the proof) and concl like : [Definition concl : forall (x:nat)(H:x<>0), x>0.]
[Tue Feb 17 05:18:17 2015] <Choups314> Yes, but how do I write the Definition itself ?
[Tue Feb 17 05:18:33 2015] <Choups314> I would need the "proof mode" during the definition ?
[Tue Feb 17 05:19:05 2015] <vanila> oh!
[Tue Feb 17 05:19:13 2015] <vanila> sorry, I thought it was a theorem you wre proving
[Tue Feb 17 05:19:20 2015] <vanila> what you can do in the definitionis
[Tue Feb 17 05:19:24 2015] <vanila> fun x xNotZero => ....
[Tue Feb 17 05:19:34 2015] <vanila> this is equivalent to the doing the intros
[Tue Feb 17 05:23:05 2015] <Choups314> Well this works :).   However, do you know  if I could have a definition like : [Definition test (x:nat), x<>0 /\ *other_predicate* -> *conclusion*] ? (And still in the conclusion I need the proof that [x<>0])
[Tue Feb 17 05:26:46 2015] <Choups314> Probably with proj2 or proj1 lemmas .. Nevermind ;)
[Tue Feb 17 05:51:15 2015] <Choups314> vanila : [fun .. ] works very well, but I can't use it with other predicates :/  For example I can't do : [Definition test := exists (d:nat), d > 0 /\ (fun (x:nat)(Hx:(x<>0 /\ x<> d)) => C x (proj1 Hx)) .]
[Tue Feb 17 05:51:57 2015] <vanila> ah
[Tue Feb 17 05:52:04 2015] <vanila> well maybe you woudl rather define this using tactics
[Tue Feb 17 05:52:09 2015] <vanila> i think it would be easier
[Tue Feb 17 05:53:08 2015] <Choups314> But how do I determine the type of test ?
[Tue Feb 17 05:54:08 2015] <vanila> Definition test := exists (d:nat), d > 0 /\ (forall (x:nat)(Hx1:x<>0)(Hx2:x<> d), C x Hx1).
[Tue Feb 17 05:54:11 2015] <vanila> maybe this way?
[Tue Feb 17 05:57:43 2015] <Choups314> vanila: Actually I already tried this, but the problem is that I can't destruct it properly in a proof :/
[Tue Feb 17 05:58:07 2015] <Choups314> I have to provide a witness for x, Hx1 and Hx2, or I would like to have Hx1 and Hx2 as hypothesis
[Tue Feb 17 05:58:30 2015] <vanila> well im am not too sure what you are doing so maybe if you posted a script with what you awant to do someone could finish it/show how?
[Tue Feb 17 05:58:50 2015] <Choups314> Yep sure
[Tue Feb 17 05:59:51 2015] <Choups314> https://gist.github.com/Choups314/8570912c3d1d53437335
[Tue Feb 17 06:00:06 2015] <Choups314> In the first case  [xReal H]
[Tue Feb 17 06:00:43 2015] <vanila> wow are you doing topology!
[Tue Feb 17 06:00:53 2015] <Choups314> hu just trying ;)
[Tue Feb 17 06:01:21 2015] <vanila> that's quite far outside my knowledge, so i probably wont be able to help much
[Tue Feb 17 06:01:47 2015] <Choups314> The problem is [forall (x : R)(Hx : I x), Rabs (x - x0) < d -> P x Hx]
[Tue Feb 17 06:02:37 2015] <Choups314> In a proof, I end with the hypothesis [H7 : forall (x : R) (Hx : Dom R f x),
[Tue Feb 17 06:02:38 2015] <Choups314>      Rabs (x - x0) < d1 -> *conclusion (predicate)*
[Tue Feb 17 06:06:06 2015] <Choups314> I would like to have something like [H7 : forall (x:R) Dom R f x /\ Rabs (x - x0) < d1 -> *conclusion (predicate)*] instead .. but I still need the proof Hx in the conclusion ..
[Tue Feb 17 06:07:38 2015] <vanila> i thiknk you would be ok to u se just the first H7
[Tue Feb 17 06:07:56 2015] <vanila> it should be easier to work with, since you can apply its parameters one at a time
[Tue Feb 17 08:27:11 2015] <roosbeef> is there a function that returns a specific range from a list?
[Tue Feb 17 08:27:23 2015] <roosbeef> like nth, but for multiple elements?
[Tue Feb 17 08:29:57 2015] <Cypi> You have this: https://coq.inria.fr/library/Coq.Lists.List.html#lab374
[Tue Feb 17 08:30:14 2015] <Cypi> which you can use to implement what you said
[Tue Feb 17 08:30:18 2015] <roosbeef> ha perfect, thank you :)
[Tue Feb 17 09:28:43 2015] <heinrich5991> is `rewrite at` flaky?
[Tue Feb 17 09:29:18 2015] <heinrich5991> `rewrite` works, does two things
[Tue Feb 17 09:29:26 2015] <heinrich5991> `rewrite at 2` only does the second thing
[Tue Feb 17 09:29:46 2015] <heinrich5991> `rewrite at 1` fails, "Tactic failure: Unable to satisfy the rewriting constraints."
[Tue Feb 17 09:36:04 2015] <heinrich5991> are there some useful beginner resources for these kind of start up problems? :)
[Tue Feb 17 10:02:24 2015] <heinrich5991> am I asking the wrong question or providing too little detail?
[Tue Feb 17 10:06:52 2015] <RchrdB> I think the channel is just very low-traffic.
[Tue Feb 17 10:07:16 2015] <vanila> I think that rewrite at is working ok
[Tue Feb 17 10:07:25 2015] <vanila> rewrite at i. should replace the ith occurence
[Tue Feb 17 10:07:38 2015] <vanila> it's not always possible, because there might be a type dependency
[Tue Feb 17 10:25:37 2015] <kcking> Would anyone happen to have an idea why the 8.5beta1 version of coqtop -ideslave prints Fatal error: exception Errors.Anomaly(0, _) on Mac OS X?
[Tue Feb 17 12:04:06 2015] <chirpsalot> kcking: somebody was asking about this earlier (maybe it was you?) I get the same issue. Not sure what it is.
[Tue Feb 17 12:08:17 2015] <chirpsalot> kcking: it happens on Linux as well, if that's any help.
[Tue Feb 17 12:16:30 2015] <kcking> chripsalot: ok thanks, maybe I will email the devs
[Tue Feb 17 17:45:53 2015] <johnw> chirpsalot: ping
[Tue Feb 17 17:46:27 2015] <chirpsalot> johnw: ohai.
[Tue Feb 17 17:47:05 2015] <johnw> so, 0.3 is out, I just have a FEW more tweaks to do, like support register reservation
[Tue Feb 17 17:47:18 2015] <johnw> and there are still a bug in our work test suite I have to track down
[Tue Feb 17 17:47:20 2015] <johnw> but otherwise, nearly there
[Tue Feb 17 17:47:27 2015] <johnw> I also released linearscan-hoopl as a separate library
[Tue Feb 17 17:47:39 2015] <johnw> which includes a dead simple way to construct assembly language DSLs for building Hoopl graphs
[Tue Feb 17 17:47:57 2015] <johnw> if you do that in your code, you wouldn't need to deal with Hoopl at all
[Tue Feb 17 18:03:05 2015] <chirpsalot> johnw: by register reservation do you mean saying "I want this result in R0?"
[Tue Feb 17 18:15:05 2015] <johnw> no, I mean "I'm going to be using register 0 throughout the program, such as for storing the frame pointer, so don't consider it for allocation at all"
[Tue Feb 17 18:15:21 2015] <johnw> you can already say "I want this result in R0" simply by referring to R0
[Tue Feb 17 18:15:29 2015] <johnw> and the allocator will take that into accoutn
[Tue Feb 17 18:15:37 2015] <johnw> a reservation blacks out the register from the allocator's consideration
[Tue Feb 17 19:11:51 2015] <chirpsalot> johnw: okay, I thought you already had "I want this result in R0", which is why I was confused :). I'll check out the Hoopl library. I have gotten through most of the Hoopl stuff, and have gotten distracted with free monads and all manner of fun :).
[Tue Feb 17 19:56:09 2015] <johnw> chirpsalot: I use Free monads to build the assembly DSL
[Tue Feb 17 19:56:39 2015] <chirpsalot> johnw: yep! I noticed, that's why I'm going on the tangent :).
[Tue Feb 17 19:56:43 2015] <johnw> ah
[Tue Feb 17 19:56:52 2015] <johnw> I'd enjoy any questions, if you have
[Tue Feb 17 19:56:58 2015] <chirpsalot> Do you really use hoopl for the register allocation?
[Tue Feb 17 19:57:06 2015] <johnw> no, I use my library silly!
[Tue Feb 17 19:57:25 2015] <johnw> Hoopl just provides a shaped graph
[Tue Feb 17 19:57:27 2015] <chirpsalot> Well, I mean, do you convert the hoopl graph to pass it to your allocator?
[Tue Feb 17 19:57:32 2015] <johnw> no conversion needed
[Tue Feb 17 19:57:44 2015] <johnw> linearscan can operate directly on the Hoopl graph, by way of characterization functions
[Tue Feb 17 19:58:29 2015] <chirpsalot> Characterization functions? So much vocab to catch up on with Haskell ;).
[Tue Feb 17 19:58:39 2015] <johnw> instead of you giving me a structure of a certain type
[Tue Feb 17 19:58:46 2015] <johnw> you give me a function from a -> what_i_want
[Tue Feb 17 20:31:06 2015] <chirpsalot> johnw: isn't that the same as a conversion function?
[Tue Feb 17 20:34:24 2015] <chirpsalot> johnw: oh wow, so linearscan-hoopl literally does most of the work for me :P
[Tue Feb 17 20:40:17 2015] <johnw> chirpsalot: yep :)
[Tue Feb 17 20:40:41 2015] <johnw> it's not the same as a conversion function, because it's not isomorphic
[Tue Feb 17 20:40:49 2015] <johnw> in that, using the function I can determine the information that I need
[Tue Feb 17 20:40:58 2015] <johnw> but it's not enough information to reconsistute your structure
[Tue Feb 17 20:41:02 2015] <johnw> I only need a subset of what you know
[Tue Feb 17 20:47:14 2015] <chirpsalot> johnw: oh, I see what you mean. Fair enough. So much Haskell to learn!
[Tue Feb 17 20:50:58 2015] <johnw> and Coq apparently!
[Tue Feb 17 20:59:15 2015] <chirpsalot> Yeah! So much to learn! Haskell and Coq are kind of humbling.
[Tue Feb 17 20:59:24 2015] <johnw> but in the best way
[Tue Feb 17 21:02:17 2015] <chirpsalot> Yeah, well, it's not a bad thing. You just feel like you know nothing once you discover them, which is daunting. Slowly getting there, though :).
[Tue Feb 17 21:03:02 2015] <benzrf> guys. pls
[Tue Feb 17 21:03:19 2015] <benzrf> why is coq so bad at numbers.
[Tue Feb 17 21:03:26 2015] <benzrf> why is it just the absolute goddamn worst at numbers.
[Tue Feb 17 21:03:40 2015] <chirpsalot> benzrf: because representing numbers as lambda terms kind of sucks?
[Tue Feb 17 21:03:45 2015] <benzrf> like holy shit using coq with numbers is a freaking penance
[Tue Feb 17 21:04:14 2015] <benzrf> i am literally unable to prove Lemma Qle_den_ge : forall n m, (n >= m)%nat -> 1#Pos.of_nat n <= 1#Pos.of_nat m.
[Tue Feb 17 21:04:27 2015] <benzrf> or rather, i keep giving up 30 minutes in after scrolling through 5 pages of SearchAbout results
[Tue Feb 17 21:04:51 2015] <chirpsalot> Inequalities are always the worst thing to prove :(
[Tue Feb 17 21:05:10 2015] <chirpsalot> Also, wait... Is that true?
[Tue Feb 17 21:06:09 2015] <benzrf> uh, yes?
[Tue Feb 17 21:06:28 2015] <benzrf> how could it be false -_-
[Tue Feb 17 21:06:38 2015] <chirpsalot> benzrf: what is 1#Pos.of_nat?
[Tue Feb 17 21:06:59 2015] <benzrf> chirpsalot: function application has higher precedence than #
[Tue Feb 17 21:08:12 2015] <chirpsalot> Okay, well I don't think I know what # is or Pos.of_nat, then!
[Tue Feb 17 21:10:21 2015] <chirpsalot> benzrf: what's # and Pos.of_nat? :(
[Tue Feb 17 21:10:56 2015] <chirpsalot> I'm really bad at searching for Coq stuff...
[Tue Feb 17 21:12:06 2015] <benzrf> ah
[Tue Feb 17 21:12:23 2015] <benzrf> # : Z -> positive -> Q
[Tue Feb 17 21:12:36 2015] <benzrf> Pos.of_nat : nat -> positive
[Tue Feb 17 21:12:42 2015] <benzrf> (adds 1 if 0)
[Tue Feb 17 21:44:29 2015] <chirpsalot> benzrf: oh, I see.
[Tue Feb 17 21:46:43 2015] <chirpsalot> benzrf: okay, that's definitely true then. I have noticed that a fair number of people get stuck trying to prove false things :).
[Tue Feb 17 21:47:39 2015] <chirpsalot> I haven't looked much into the Coq number stuff. Every time I look at it I get really confused. nat is nice enough, though :).
[Tue Feb 17 21:55:54 2015] <benzrf> yeah
[Tue Feb 17 22:09:59 2015] <johnw> benzrf: ssreflect is better at numbers btw
[Tue Feb 17 22:10:07 2015] <benzrf> w-well...
[Tue Feb 17 22:10:19 2015] <benzrf> what exactly is ssreflect again
[Tue Feb 17 22:10:21 2015] <benzrf> and how do you use it
[Tue Feb 17 22:10:35 2015] <johnw> I'm going to leave that to google; it's a big question
[Tue Feb 17 22:11:26 2015] <johnw> but it's what several people who have some serious things to prove about number suse
[Tue Feb 17 22:12:23 2015] <arvisrend> too big for google i fear
[Tue Feb 17 22:25:29 2015] <benzrf> johnw: are you gonna be at the meetup tomorrow
[Tue Feb 17 22:25:43 2015] <johnw> what meetup?
[Tue Feb 17 22:25:51 2015] <benzrf> monthly akamai boston one
[Tue Feb 17 22:26:01 2015] <johnw> no, I'm not in Boston until Sunday
[Tue Feb 17 22:26:06 2015] <benzrf> o
[Tue Feb 17 22:26:19 2015] <benzrf> is there any kind of intro to ssreflect
[Tue Feb 17 22:26:32 2015] <johnw> yeah, "Programs and Proofs" by Ilya Sergey
[Tue Feb 17 22:26:36 2015] <johnw> and the tutorial itself
[Tue Feb 17 23:02:23 2015] <chirpsalot> * adds ssreflect to the list.
[Tue Feb 17 23:02:46 2015] <johnw> it's what linearscan is written with
[Tue Feb 17 23:02:53 2015] <johnw> I really like it
[Tue Feb 17 23:06:14 2015] <chirpsalot> johnw: just in the spec? I assume it's what all this "move=>" stuff is?
[Tue Feb 17 23:07:42 2015] <johnw> yep
[Tue Feb 17 23:07:46 2015] <johnw> I use it everywhere
[Tue Feb 17 23:07:52 2015] <chirpsalot> I should sit down and go through linearscan at some point. It's a bit much for me to chew off right now, though.
[Tue Feb 17 23:08:02 2015] <chirpsalot> Really? I only saw it imported there in my github search.
[Tue Feb 17 23:08:17 2015] <johnw> I have a Ssr.v module that Lib.v re-exports, and everything import Lib.v
[Tue Feb 17 23:08:23 2015] <chirpsalot> Oh, I see.
[Wed Feb 18 06:05:55 2015] <notdan> I have a really annoying problem with proof general.
[Wed Feb 18 06:06:22 2015] <notdan> I don't know what causes it, but some times, when I step into a proof, it "hides" the buffer with the source code and showns only the buffer with the proof status
[Wed Feb 18 06:06:38 2015] <vanila> maybe you could try moviding it to 3 window hybrid mode
[Wed Feb 18 06:06:42 2015] <vanila> I find that best
[Wed Feb 18 06:06:43 2015] <notdan> but when I try to go back to the buffer with the souce code emacs opens a new window
[Wed Feb 18 06:06:49 2015] <notdan> vanila: that's what I am using
[Wed Feb 18 06:07:10 2015] <notdan> https://files.app.net/mq1k0Njf2.png
[Wed Feb 18 06:08:26 2015] <notdan> and now the font is small for some reason and I have to fix it for every buffer
[Wed Feb 18 06:08:27 2015] <notdan> ugh
[Wed Feb 18 06:35:26 2015] <johnw> notdan: I had to hack PG to fix that crazy behavior
[Wed Feb 18 07:16:16 2015] <notdan> johnw: ooh, do you happen to still ahve the patches?
[Wed Feb 18 07:16:21 2015] <notdan> johnw: this drivez me crazy
[Wed Feb 18 07:25:43 2015] <roosbeef> is there a lemma in the stdlib stating forall m n, m > n <-> n < m?
[Wed Feb 18 07:30:50 2015] <nkar> notdan: johnw's config's at github.com/jwiegley
[Wed Feb 18 07:31:22 2015] <nkar> I don't remember the exact place, tho
[Wed Feb 18 07:38:55 2015] <notdan> roosbeef: well `gt' is defined this way
[Wed Feb 18 07:39:02 2015] <notdan>  Definition gt (n m:nat) := m < n.
[Wed Feb 18 07:39:05 2015] <notdan> nkar: thanks
[Wed Feb 18 07:39:33 2015] <roosbeef> oh haha
[Wed Feb 18 07:39:42 2015] <roosbeef> then ill just do split and assumption i guess :P
[Wed Feb 18 07:39:44 2015] <roosbeef> thanks notdan
[Wed Feb 18 07:57:55 2015] <notdan> https://files.app.net/mqs2zvWy9.png ugh I reall have to do something with this proof
[Wed Feb 18 19:11:41 2015] <schoppenhauer> hello. I have the problem that I need a data structure which can contain integers that are so large that coq complains that they can cause stack overflows. on the other hand
[Wed Feb 18 19:12:03 2015] <schoppenhauer> in some other case where I need that structure, the numbers will never grow that big
[Wed Feb 18 19:12:25 2015] <schoppenhauer> can I somehow use some more abstract type instead of nat and N?
[Thu Feb 19 22:41:18 2015] <anderslundstedt> is there a way to create a Setoid instance without getting the == notation for the equivalence relation?
[Fri Feb 20 05:32:09 2015] <cmcl> Hi, does anyone have a reference for handling permutations of binders in the locally nameless representation in a Coq PL formalisation
[Fri Feb 20 13:19:56 2015] <wrengr> ianjneu: thanks :)
[Fri Feb 20 16:39:30 2015] <ianjneu> wrengr_away: whuh? What'd I do?
[Sat Feb 21 11:23:02 2015] <notdan> [6~[6~[6~[6~[6~[6~[6~[6~/sb goto
[Sat Feb 21 11:23:19 2015] <notdan> uh sorry
[Sat Feb 21 11:23:52 2015] <notdan> johnw: ping
[Sat Feb 21 16:35:57 2015] <xpilot> quick coqide question: how do you enable word wrapping in the built-in text editor?
[Sat Feb 21 18:32:36 2015] <johnw> notdan: hi
[Sun Feb 22 00:09:49 2015] <carter> anyone around who can help me with proof general?
[Sun Feb 22 00:13:01 2015] <jrw> carter: what's up?
[Sun Feb 22 00:13:32 2015] <carter> jrw:, i'm trying to get coq setup on my mac so i can work through CPDT
[Sun Feb 22 00:13:39 2015] <jrw> okay
[Sun Feb 22 00:13:44 2015] <carter> but i'm hitting a bit of trouble setting up the path correctly
[Sun Feb 22 00:13:49 2015] <jrw> which path?
[Sun Feb 22 00:13:53 2015] <carter> Require Import Bool Arith List CpdtTactics.
[Sun Feb 22 00:14:00 2015] <carter> i get Require Import Bool Arith List CpdtTactics.
[Sun Feb 22 00:14:03 2015] <carter> eerr
[Sun Feb 22 00:14:06 2015] <carter> Error: Cannot find library CpdtTactics in loadpath
[Sun Feb 22 00:14:22 2015] <carter> but in my .emacs i have
[Sun Feb 22 00:14:23 2015] <carter> (custom-set-variables  '(coq-prog-args '("-emacs-U" "-I" "/Users/carter/local/coq-libs/cpdt/src")))
[Sun Feb 22 00:14:23 2015] <carter> (load-file "/Users/carter/.emacs.d/ProofGeneral-4.2/ProofGeneral-4.2/generic/proof-site.el")
[Sun Feb 22 00:14:36 2015] <carter> as per http://adam.chlipala.net/cpdt/html/Intro.html
[Sun Feb 22 00:15:00 2015] <carter> the cpdt book has a tactics file that it uses for a lotta developments
[Sun Feb 22 00:15:15 2015] <jrw> right
[Sun Feb 22 00:15:15 2015] <carter> so naturally i want to be able to import it when working through the exercise
[Sun Feb 22 00:15:33 2015] <carter> am i making sense?
[Sun Feb 22 00:15:36 2015] <jrw> yes
[Sun Feb 22 00:15:39 2015] <jrw> what version of coq are you using?
[Sun Feb 22 00:15:52 2015] <carter> The Coq Proof Assistant, version 8.4pl5 (February 2015)
[Sun Feb 22 00:15:52 2015] <carter> compiled on Feb 21 2015 23:21:02 with OCaml 4.02.1
[Sun Feb 22 00:16:29 2015] <jrw> and can you confirm that there is a CpdtTactics.vo file in /Users/carter/local/coq-libs/cpdt/src
[Sun Feb 22 00:16:36 2015] <carter> .v yeah
[Sun Feb 22 00:16:40 2015] <carter> no .v0
[Sun Feb 22 00:17:08 2015] <carter> hrmm
[Sun Feb 22 00:17:09 2015] <jrw> okay so you need to build
[Sun Feb 22 00:17:21 2015] <carter> derp
[Sun Feb 22 00:17:22 2015] <carter> :)
[Sun Feb 22 00:17:37 2015] <jrw> cd /Users/carter/local/coq-libs/cpdt; make
[Sun Feb 22 00:17:40 2015] <jrw> should do the trick
[Sun Feb 22 00:17:42 2015] <carter> thanks
[Sun Feb 22 00:17:55 2015] <carter> stuff is happening at lest
[Sun Feb 22 00:18:21 2015] <jrw> the full build might take a while
[Sun Feb 22 00:18:33 2015] <jrw> but the tactics file will be the first one that's done
[Sun Feb 22 00:18:40 2015] <jrw> so you can go ahead and test before it finishes
[Sun Feb 22 00:19:54 2015] <carter> successs
[Sun Feb 22 00:31:48 2015] <carter> jrw: ok, now i have a daft question
[Sun Feb 22 00:32:00 2015] <jrw> carter: go for it
[Sun Feb 22 00:32:06 2015] <carter> so i have
[Sun Feb 22 00:32:33 2015] <carter> http://lpaste.net/120951
[Sun Feb 22 00:32:38 2015] <carter> from the intro materilas
[Sun Feb 22 00:32:47 2015] <jrw> yep
[Sun Feb 22 00:33:02 2015] <carter> but it complains in the fixpoint defn that it cant see the binopDenote function
[Sun Feb 22 00:33:09 2015] <carter> when i try to add the expDenote
[Sun Feb 22 00:33:12 2015] <carter> and i dont understand why
[Sun Feb 22 00:33:18 2015] <carter> because it IS a toplevel defn
[Sun Feb 22 00:34:52 2015] <carter> idk if that makes sense :)
[Sun Feb 22 00:35:17 2015] <jrw> one sec
[Sun Feb 22 00:35:22 2015] <jrw> trying to load it on my machine
[Sun Feb 22 00:35:27 2015] <jrw> haven't looked at cpdt stuff in a while...
[Sun Feb 22 00:35:31 2015] <carter> you can comment out the cpdt tactics bit
[Sun Feb 22 00:35:36 2015] <carter> its not used in that bit
[Sun Feb 22 00:35:38 2015] <jrw> oh that's a good point
[Sun Feb 22 00:36:05 2015] <carter> i'm just like "i really should learn the tactics sledge hammer approach or i may as well use agda "
[Sun Feb 22 00:36:14 2015] <jrw> carter: you misspelled binopDenote :D
[Sun Feb 22 00:36:31 2015] <jrw> missing a trailing e
[Sun Feb 22 00:36:49 2015] <carter> :)
[Sun Feb 22 00:36:53 2015] <carter> woops
[Sun Feb 22 00:36:58 2015] <carter> i thought i checked fo r that
[Sun Feb 22 00:36:59 2015] <carter> thanksee
[Sun Feb 22 00:37:03 2015] <jrw> np
[Sun Feb 22 00:37:51 2015] <carter> jrw: do you have a different suggested resource for learning tactics heavy coq?
[Sun Feb 22 00:38:01 2015] <jrw> no
[Sun Feb 22 00:38:05 2015] <jrw> I learned from cpdt
[Sun Feb 22 00:38:18 2015] <jrw> just be aware that basically nobody except adam (the author) is as extreme
[Sun Feb 22 00:38:26 2015] <carter> i know
[Sun Feb 22 00:38:38 2015] <carter> jrw: i was in a lab for a summer where he was post docking
[Sun Feb 22 00:38:48 2015] <carter> and he kept on automating away everything i was trying to do
[Sun Feb 22 00:38:48 2015] <jrw> carter: oh were you at harvard?
[Sun Feb 22 00:38:52 2015] <carter> for a summer
[Sun Feb 22 00:38:54 2015] <carter> 2008?
[Sun Feb 22 00:38:58 2015] <jrw> cool
[Sun Feb 22 00:39:04 2015] <carter> i got nothing done that summer
[Sun Feb 22 00:39:07 2015] <jrw> haha
[Sun Feb 22 00:39:17 2015] <carter> also proving statful programs correct sucks
[Sun Feb 22 00:39:20 2015] <carter> dont bother
[Sun Feb 22 00:39:25 2015] <jrw> haha
[Sun Feb 22 00:39:26 2015] <carter> too hard
[Sun Feb 22 00:39:31 2015] <carter> pure or fuckit
[Sun Feb 22 00:39:32 2015] <jrw> dare I ask: ynot?
[Sun Feb 22 00:39:35 2015] <jrw> ;)
[Sun Feb 22 00:39:40 2015] <carter> :'|
[Sun Feb 22 00:40:42 2015] <carter> i actually was put off from PL a wee bit after that, because i didn't like the mini fad at the time of "we mechanized X" papers being the bulk of what was going on
[Sun Feb 22 00:40:50 2015] <jrw> yeah for sure
[Sun Feb 22 00:40:57 2015] <jrw> so were you an undergrad then? what are you up to now?
[Sun Feb 22 00:41:05 2015] <carter> yeah
[Sun Feb 22 00:41:11 2015] <carter> well, right now, goofing off
[Sun Feb 22 00:41:46 2015] <jrw> haha, fair enough
[Sun Feb 22 07:01:50 2015] <Choups314> Is it possible to add a ring structure ([Add Ring ..]) for the [ring] tactic, with the real numbers defined in the standard library ?
[Sun Feb 22 07:02:32 2015] <Choups314> (Or it must be computable  ?
[Sun Feb 22 14:35:53 2015] <Silnar> Hi, why P \/ ~ P is an axiom in Coq? Can't it be proved ?
[Sun Feb 22 14:36:34 2015] <vanila> Silnar, it's part of constructive logic that you can't prove that
[Sun Feb 22 14:36:59 2015] <vanila> The idea of \/ in Coq is that the proof actually tells you which side is true
[Sun Feb 22 14:37:26 2015] <vanila> so for example a proof that  forall t : TuringMaching,  halts t \/ ~ halts t  --- would actually be a halting oracle
[Sun Feb 22 14:38:02 2015] <vanila> so you can only prove P \/ ~ P for special types of propositions (decidable ones)
[Sun Feb 22 14:41:53 2015] <Silnar> Can you give me an example of such decidables ? Are True and False one of them ?
[Sun Feb 22 14:42:28 2015] <vanila> an example would be  forall n : Nat, zero n \/ ~ zero n
[Sun Feb 22 14:42:43 2015] <vanila> hmm
[Sun Feb 22 14:42:46 2015] <vanila> i should write that clearer:
[Sun Feb 22 14:42:56 2015] <vanila> forall n : Nat, (n = 0) \/ ~ (n = 0)
[Sun Feb 22 14:43:27 2015] <vanila> you can prove this because it's decidable whether a number of zero or not -- since you can write a function that checks that
[Sun Feb 22 14:48:02 2015] <Silnar> hmm, a function ? I thought that Coq will compare type constructors. So in this example, he will treat 0 as nat O constructor and if I also construct n using O then (n = 0) will be equal by constructor. Am I right ?
[Sun Feb 22 14:49:25 2015] <alkabetz> Yes.  That’s exactly what such a function would do.
[Sun Feb 22 14:50:57 2015] <alkabetz> In this case, the [constructor] tactic is smart enough to do that as well, but that’s beside the point.
[Sun Feb 22 14:54:26 2015] <benzrf> what does the constructor tactic do
[Sun Feb 22 14:55:47 2015] <Silnar> Ok. So there is a function that can compare me two nats, but what type does it returns? This decidable equality function?
[Sun Feb 22 14:57:11 2015] <alkabetz> Silnar: eq_nat_dec : forall n m : nat, {n = m} + {n <> m}.
[Sun Feb 22 14:59:28 2015] <alkabetz> benzrf: AIUI, it tries to apply each of the constructors of the goal type.  For instance, if you do [Definition x : nat.  constructor.  Defined.] and [Print x], you’ll get [x = 0 : nat].
[Sun Feb 22 14:59:51 2015] <benzrf> hrm
[Sun Feb 22 15:00:12 2015] <benzrf> and
[Sun Feb 22 15:00:18 2015] <benzrf> it selects the one with the fewest deps or something?
[Sun Feb 22 15:02:47 2015] <alkabetz> Nope, it selects the first one that works.  It’s kind of stupid that way.
[Sun Feb 22 15:03:06 2015] <alkabetz> (Where by ‘works’, I mean ‘unifies with the goal’, à la [apply].)
[Sun Feb 22 15:06:05 2015] <Silnar> Wow, I'm processing all of this... Thanks for answers btw. :)
[Sun Feb 22 15:07:52 2015] <alkabetz> You’re welcome.
[Sun Feb 22 15:25:22 2015] <fritzo> Question: how can I use rewrite tactics when the goal is an existential? I tried eapply ex_into; rewrite ... but then cannot un-eapply.
[Sun Feb 22 15:26:01 2015] <jgross> Try setoid_rewrite, to rewrite under binders 
[Sun Feb 22 15:26:43 2015] <fritzo> That worked, thanks jgross!
[Sun Feb 22 15:31:29 2015] <benzrf> niice
[Sun Feb 22 15:46:24 2015] <fritzo> What about autorewrite under binders? M. Sozeau recommended to A. Bauer to use clrewrite_strat (bottomup (hints my_hints)), but clrewrite_strat seems to be missing in in 8.4pl5).
[Sun Feb 22 16:12:41 2015] <benzrf> hmmm
[Sun Feb 22 16:12:45 2015] <benzrf> if i say, like
[Sun Feb 22 16:13:19 2015] <benzrf> Inductive bleh : Type -> Type := | baz : forall t, bleh t.
[Sun Feb 22 16:13:28 2015] <benzrf> then if i match on a bleh, i get a type out
[Sun Feb 22 16:13:29 2015] <benzrf> right?
[Sun Feb 22 16:13:34 2015] <benzrf> er, on a baz
[Sun Feb 22 16:13:48 2015] <benzrf> as in "match blehval with | bleh t => ..."
[Sun Feb 22 18:14:49 2015] <carter> jrw: thanks again
[Sun Feb 22 18:15:50 2015] <jrw> carter: np. good to chat with you :)
[Sun Feb 22 18:16:37 2015] <jrw> if you were serious about being interested in distributed systems verification, I'd love to hear any thoughts you have
[Sun Feb 22 18:16:46 2015] <jrw> also be happy to give you a tutorial on verdi sometime
[Sun Feb 22 18:17:24 2015] <carter> jrw: that will be awesome
[Mon Feb 23 02:48:59 2015] <JanBessai> is there a functional equivalent to the rewrite tactic, i.e. rewrite : a = b -> a -> b ?
[Mon Feb 23 02:51:06 2015] <JanBessai> ah eq_rect should do the trick
[Mon Feb 23 02:51:10 2015] <JanBessai> nevermind
[Mon Feb 23 06:57:32 2015] <scott> could anyone provide some background on why Fixpoint is called Fixpoint in Coq?
[Mon Feb 23 10:03:30 2015] <jstolarek> I need help with setting up ProofGeneral
[Mon Feb 23 10:04:04 2015] <vanila> sure
[Mon Feb 23 10:04:20 2015] <jstolarek> I installed development version of PG: 4.3pre150202
[Mon Feb 23 10:05:05 2015] <jstolarek> when I open COq source file and type C-c i get "Proof process not started!" message
[Mon Feb 23 10:05:28 2015] <jstolarek> and I think this is not what should happen
[Mon Feb 23 10:05:38 2015] <jstolarek> oh
[Mon Feb 23 10:06:03 2015] <jstolarek> and I've set-up .dir-locals.el in the directory with Coq source files
[Mon Feb 23 10:06:15 2015] <vanila> you shouldn't need to do that
[Mon Feb 23 10:06:22 2015] <vanila> (load "~/Code/emacs/ProofGeneral-4.2/ProofGeneral-4.2/generic/proof-site.el")
[Mon Feb 23 10:06:22 2015] <jstolarek> why?
[Mon Feb 23 10:06:32 2015] <vanila> I only added this one line to ~/.emacs to get the emacs mode working
[Mon Feb 23 10:06:56 2015] <jstolarek> vanila: author of the source code explicitly stated that this is necessary
[Mon Feb 23 10:07:08 2015] <jstolarek> my .dir-locals.el contains this:
[Mon Feb 23 10:07:09 2015] <vanila> oh so its a specia lib
[Mon Feb 23 10:07:09 2015] <jstolarek> ((coq-mode . ((coq-prog-args . ("-emacs-U" "-I" "/dane/projekty/cpdt/src")))))
[Mon Feb 23 10:07:36 2015] <jstolarek> (as you can guess from the path name I'm reading Certified Programming with Dependent Types"
[Mon Feb 23 10:07:44 2015] <vanila> http://adam.chlipala.net/cpdt/cpdt.tgz  is it this?
[Mon Feb 23 10:07:54 2015] <vanila> http://adam.chlipala.net/cpdt/cpdtlib.tgz  and is this needed too?
[Mon Feb 23 10:08:38 2015] <jstolarek> vanila: Yes to first
[Mon Feb 23 10:08:59 2015] <jstolarek> vanila: the book does not mention the second one and I have not tried to install it
[Mon Feb 23 10:09:08 2015] <vanila> okay, ill try itout
[Mon Feb 23 10:09:12 2015] <jstolarek> thanks
[Mon Feb 23 10:12:53 2015] <vanila> I got cpdt and did Make compiled all the sources. Added '(coq-prog-args '("-I" "/home/vanila/Downloads/cpdt/src"))  inside custom-set-variables  in .emacs <http://lpaste.net/121030>
[Mon Feb 23 10:13:08 2015] <vanila> after that I did  emacs src/StackMachine.v
[Mon Feb 23 10:13:23 2015] <vanila> and I can step through it running the stuff in Coq, so this worked
[Mon Feb 23 10:13:38 2015] <jstolarek> how do you step through the code?
[Mon Feb 23 10:13:52 2015] <vanila> well i have electric terminator mode
[Mon Feb 23 10:13:54 2015] <jstolarek> I only tried using "C-c C-RET" mentioned in the book
[Mon Feb 23 10:13:57 2015] <vanila> so I put the cusor here:
[Mon Feb 23 10:13:59 2015] <vanila> Require Import Bool Arith List CpdtTactics.|
[Mon Feb 23 10:14:00 2015] <vanila> and press .
[Mon Feb 23 10:14:04 2015] <vanila> and it goes blue
[Mon Feb 23 10:14:25 2015] <vanila> I just tried C-c C-RET and that works fine too
[Mon Feb 23 10:14:42 2015] <vanila> did you do 'make' inside cpdt/ ?
[Mon Feb 23 10:14:50 2015] <jstolarek> I believe I did
[Mon Feb 23 10:14:56 2015] <jstolarek> let me check
[Mon Feb 23 10:15:00 2015] <vanila> you could do it again & then set .emacs
[Mon Feb 23 10:15:06 2015] <vanila> I think that will be easier than .dir-locals.el
[Mon Feb 23 10:15:15 2015] <vanila> I pasted the relevant part of my .emacs
[Mon Feb 23 10:15:37 2015] <jstolarek> I fugured that .dir-locals.el is better because it's local to the file I'm working with
[Mon Feb 23 10:16:00 2015] <jstolarek> if I ever start working in a different directory I'll have tochneg my .emacs config, right?
[Mon Feb 23 10:21:44 2015] <jstolarek> vanila: I enabled electric terminator mode and it seems that this works
[Mon Feb 23 10:22:08 2015] <vanila> huh!@
[Mon Feb 23 10:22:16 2015] <vanila> that shouldn't realy affect it, but oh well
[Mon Feb 23 10:22:23 2015] <jstolarek> pressing . creates several buffers (Coq Script, Coq Response), so I guess that's a sign things are working
[Mon Feb 23 10:24:11 2015] <jstolarek> I need to read through PG manual - looks like there are some interesting options disabled by default
[Mon Feb 23 10:24:29 2015] <vanila> what I find really good is hybrid/three window mode
[Mon Feb 23 10:24:39 2015] <vanila> so you can see the code, the proof state and the info window all at once
[Mon Feb 23 10:25:21 2015] <jstolarek> like in CoqIDE?
[Mon Feb 23 10:25:31 2015] <vanila> yeah
[Mon Feb 23 10:26:00 2015] <jstolarek> ok, I'll figure out how to enable that
[Mon Feb 23 11:59:25 2015] <bennofs> another option that isn't enabled in PG by default but I find really useful is hiding of completed proofs (hides everything between Proof. and Qed.)
[Mon Feb 23 12:01:17 2015] <RchrdB> bennofs: oh so THAT's why Fermat thought he could fit that proof into a notebook's margin but only later realised he hadn't room!
[Mon Feb 23 12:01:27 2015] <RchrdB> Editor folding. :)
[Mon Feb 23 12:01:40 2015] <vanila> oh I should try that!
[Mon Feb 23 13:23:34 2015] <benzrf> mfw i try to do HOAS and it complains about non strictly positive and i google non strictly positive and the first result says " This is a bit of a bother for proponents of higher-order abstract syntax (HOAS)"
[Mon Feb 23 15:31:17 2015] <Choups314> Hello, when using [Context ] with generalizable variables, is it possible to specify the name of the implicit arguments ?
[Mon Feb 23 19:07:16 2015] <tonyg> hi all
[Mon Feb 23 19:07:44 2015] <tonyg> I'm hoping someone can help me with what seems like should be a straightforward lemma
[Mon Feb 23 19:07:58 2015] <tonyg> I've been struggling for a while to try to prove forall x xs, x :: xs <> xs
[Mon Feb 23 19:08:09 2015] <vanila> that's actually not too straightward
[Mon Feb 23 19:08:10 2015] <tonyg> I feel like I'm missing something *really* obvious
[Mon Feb 23 19:08:13 2015] <tonyg> oh
[Mon Feb 23 19:08:19 2015] <vanila> you'll have to prove it by induction on xs
[Mon Feb 23 19:09:11 2015] <tonyg> oh heck, sorry, wait, i did manage to prove that one: i'm stuck proving that xs1 ++ ys = xs2 ++ ys -> xs1 = xs2
[Mon Feb 23 19:10:01 2015] <tonyg> it feels like induction over conses is the wrong approach and i want induction over snocs in ys or similar? or something...
[Mon Feb 23 19:10:57 2015] <vanila> I think it would be a lot easier to prove
[Mon Feb 23 19:11:06 2015] <vanila> ys ++ xs1 = y ++ xs2 -> xs1 = xs2
[Mon Feb 23 19:11:13 2015] <vanila> ys*
[Mon Feb 23 19:11:13 2015] <tonyg> yes, that is easier :)
[Mon Feb 23 19:11:35 2015] <tonyg> ohh wait
[Mon Feb 23 19:11:37 2015] <vanila> and reverse is a bijection that you can apply to both sides of an equation
[Mon Feb 23 19:11:59 2015] <johnw> tonyg: induction on ys should make that one pretty easy
[Mon Feb 23 19:12:02 2015] <tonyg> that's a neat idea
[Mon Feb 23 19:12:14 2015] <johnw> on either side
[Mon Feb 23 19:17:43 2015] <tonyg> johnw: thank you for suggesting i take another look at that
[Mon Feb 23 19:17:55 2015] <tonyg> it turned out that (as always) i had the foralls in the wrong order leading to the wrong IH
[Mon Feb 23 19:18:25 2015] <tonyg> vanila: i'll try the reverse idea later :)
[Mon Feb 23 19:18:34 2015] <vanila> try to have the variable you're doing induction on first
[Mon Feb 23 19:18:58 2015] <tonyg> vanila: heh yeah -- it's slowly becoming an instinct, but i find myself making that mistake repeatedly
[Mon Feb 23 19:19:39 2015] <vanila> i wonder if a tactic could be made that does that automatically
[Mon Feb 23 19:24:20 2015] <johnw> you don't always need it first, even though it helps
[Mon Feb 23 19:24:32 2015] <johnw> xs ++ [] = ys ++ [] is easily provable
[Mon Feb 23 19:24:56 2015] <johnw> then you need to  prove that xs ++ (z :: zs) = ys ++ (z :: zs), given xs ++ zs = ys ++ zs
[Mon Feb 23 19:25:19 2015] <johnw> which can be rewrite as rcons xs z ++ zs = rcons ys z ++ zs
[Mon Feb 23 19:25:22 2015] <johnw> rewritten
[Mon Feb 23 19:26:21 2015] <johnw> so, then you just generalize over xs and ys in your IH, and that should be it
[Mon Feb 23 19:26:37 2015] <johnw> or maybe just f_equal; f_equal, can't recal
[Mon Feb 23 19:26:39 2015] <johnw> recall
[Mon Feb 23 19:34:31 2015] <vanila> http://lpaste.net/121054 there's a proof using rev
[Mon Feb 23 19:35:52 2015] <tonyg> vanila: nice! thank you. i shall study that; i haven't yet learned the proper use of pose
[Mon Feb 23 19:40:16 2015] <johnw> tonyg: here it is without rev: https://gist.github.com/120bb70264db18e7571d
[Mon Feb 23 19:43:02 2015] <tonyg> johnw: thanks. i ended up with something similar, but a little more roundabout (essentially, i had a lemma xs ++ a :: ys = (xs ++ [a]) ++ ys, plus a previously-written lemma for xs1 ++ [x1] = xs2 ++ [x2] -> x1 = x2 /\ xs1 = xs2)
[Mon Feb 23 21:55:04 2015] <benzrf> hhh
[Mon Feb 23 22:18:18 2015] <ianjneu> benzrf: triple h is dead. Has been for a while.
[Mon Feb 23 22:20:21 2015] <benzrf> wh-wha?
[Mon Feb 23 22:21:08 2015] <ianjneu> oh wait, nope. I'm thinking of Owen Hart.
[Mon Feb 23 22:21:16 2015] <ianjneu> WWF wrestling.
[Mon Feb 23 22:23:16 2015] <benzrf> ayy lmao
[Tue Feb 24 07:05:59 2015] <schoppenhauer> hello. is there anything that can be used as efficient ringbuffer in coq?
[Tue Feb 24 09:29:58 2015] <benzrf> hi question
[Tue Feb 24 09:30:39 2015] <benzrf> one of the arguments to my function is also used as an index in the type of a later argument
[Tue Feb 24 09:31:14 2015] <benzrf> when i match on the later argument, in one branch i know that the index argument must have a particular constructor, because that's forced by the type of the matched constructor
[Tue Feb 24 09:31:19 2015] <benzrf> but coq doesnt seem to understand tihs
[Tue Feb 24 09:31:22 2015] <benzrf> what do i need to do ?
[Tue Feb 24 09:46:46 2015] <ianjneu> benzrf: have you taken a look at the convoy pattern in CPDT?
[Tue Feb 24 09:49:24 2015] <benzrf> ianjneu: nooo
[Tue Feb 24 09:49:32 2015] <benzrf> havent read cpdt at all
[Tue Feb 24 09:51:39 2015] <benzrf> ianjneu: how do i get this info
[Tue Feb 24 09:51:53 2015] <benzrf> i need to have the knowledge that this list is nonempty!!
[Tue Feb 24 09:54:43 2015] <nkar> benzrf: you seem to write lots of coq, what are you working on?  is it available on the interwebs?
[Tue Feb 24 10:09:56 2015] <Ismael> hello?
[Tue Feb 24 10:16:56 2015] <alkabetz> Ohai there.
[Tue Feb 24 10:36:50 2015] <ianjneu> benzrf: If you have a value v : Ty (cons x l) but the index is some variable l', then you can do match v in (Ty l'') return (l' = l'' -> <your return type>) <cases> end eq_refl l'
[Tue Feb 24 10:37:33 2015] <ianjneu> then you can use the proof of equality to get that l' = cons x l in your cases with a fun H : l' = cons x l => <case code>
[Tue Feb 24 23:50:01 2015] <rola> with the property "forall xs ys: list A, f (xs ++ ys) = f ys ++ f xs", the only function that satifies f is the list reverse function.  is there a name for properties like this whose proofs essentially define the function?
[Wed Feb 25 01:45:41 2015] <jrw> rola: I'm not sure I've ever heard a name for that. closest thing I can think of would be saying that the property "completely characterizes" the rev function
[Wed Feb 25 02:08:42 2015] <rola> cool! maybe totally characterizes
[Wed Feb 25 05:01:38 2015] <roosbeef> how can i apply the same tactic on multiple subgoals?
[Wed Feb 25 08:34:30 2015] <benzrf> gaah
[Wed Feb 25 08:36:22 2015] <benzrf> ok, os
[Wed Feb 25 08:36:24 2015] <benzrf> *so
[Wed Feb 25 08:36:33 2015] <benzrf> i have these hypotheses:
[Wed Feb 25 08:36:35 2015] <benzrf>  l : lam (T :: t) A
[Wed Feb 25 08:36:37 2015] <benzrf>  v : lam t T
[Wed Feb 25 08:36:42 2015] <benzrf> then,
[Wed Feb 25 08:36:44 2015] <benzrf> | var : forall {A : Type} {t : list Type}, lam (cons A t) A
[Wed Feb 25 08:37:15 2015] <benzrf> but if i destruct l, it doesnt seem to know that v can be lam t A
[Wed Feb 25 08:37:19 2015] <benzrf> how can I get that x_x
[Wed Feb 25 08:58:42 2015] <ianjneu> benzrf: did you try inversion?
[Wed Feb 25 08:58:50 2015] <benzrf> on what?
[Wed Feb 25 08:58:50 2015] <ianjneu> inversion introduces equalities.
[Wed Feb 25 08:58:53 2015] <ianjneu> on l
[Wed Feb 25 08:59:14 2015] <benzrf> ianjneu: but l is not necessarily constructed by var
[Wed Feb 25 08:59:21 2015] <benzrf> and if i destruct, l vanishes
[Wed Feb 25 09:00:40 2015] <ianjneu> if lam (T :: t) A can be constructed by multiple functions, you'll have to handle all those cases.
[Wed Feb 25 09:06:21 2015] <benzrf> ahhhh
[Wed Feb 25 09:06:23 2015] <benzrf> nice :D
[Wed Feb 25 09:06:41 2015] <benzrf> ianjneu: so inversion does destruct automtically before pulling out info/
[Wed Feb 25 09:06:43 2015] <benzrf> *?
[Wed Feb 25 09:37:58 2015] <ianjneu> benzrf: inversion introduces equalities between the type family's parameters and what it ends up destructing.
[Wed Feb 25 09:55:48 2015] <jstolarek> I have a question about using proof general
[Wed Feb 25 09:56:11 2015] <jstolarek> In CoqIDE I can use Ctrl+Alt+arrow up/down to step through the proof
[Wed Feb 25 09:56:21 2015] <jstolarek> can I do something similar in ProofGeneral?
[Wed Feb 25 09:58:33 2015] <RchrdB> Yes you can. There is a routine proof-assert-until-point-interactive and another point-retract-until-point-interactive that you can call manually with M-x or bind to keys.
[Wed Feb 25 09:58:59 2015] <RchrdB> so I put my cursor just past the thing I want to feed in, and press the keybind for proof-assert-until-point-interactive
[Wed Feb 25 09:59:35 2015] <RchrdB> also, there is proof-assert-next-command-interactive, which feeds the next command in each time you press the key for it.
[Wed Feb 25 10:00:55 2015] <RchrdB> jstolarek: the default binding for proof-assert-next-command-interactive is C-c C-n
[Wed Feb 25 10:01:18 2015] <jstolarek> RchrdB: thanks.
[Wed Feb 25 10:01:38 2015] <jstolarek> C-c C-n tells me "At end of the locked region, nothing to do to!"
[Wed Feb 25 10:01:52 2015] <RchrdB> pressing "F1" then "f" then typing "proof-assert-next-command-interactive" will cause emacs to pop up a help page describing what proof-assert-next-command-interactive does, and at the bottom, what keys it's bound to
[Wed Feb 25 10:02:13 2015] <RchrdB> the "locked" region is the region that PG has already coloured in because it's all been fed into coq and proved
[Wed Feb 25 10:02:29 2015] <RchrdB> that error message means PG thinks you ran out of assertions to feed into coq :)
[Wed Feb 25 10:02:56 2015] <jstolarek> RchrdB: ok, PG is correct in this case :-)
[Wed Feb 25 10:03:01 2015] <jstolarek> but how do I go back?
[Wed Feb 25 10:03:03 2015] <jstolarek> I mean
[Wed Feb 25 10:03:21 2015] <jstolarek> I used a tactic, which changed my goald
[Wed Feb 25 10:03:25 2015] <RchrdB> Press "F1" then "f" then type "proof-retract" and press tab instead of enter
[Wed Feb 25 10:03:27 2015] <jstolarek> s/goald/goal/
[Wed Feb 25 10:03:45 2015] <RchrdB> Emacs will auto-complete all of the commands/functions whose names start with "proof-retract"
[Wed Feb 25 10:04:29 2015] <RchrdB> proof-retract-until-point-interactive is the one I'd normally use
[Wed Feb 25 10:04:42 2015] <RchrdB> I'm not sure if there are default keybindings for those two?
[Wed Feb 25 10:05:03 2015] <RchrdB> I have, in my .emacs: (defun my-proof-general-keys () (local-set-key (kbd "<C-M-backspace>") 'proof-retract-until-point-interactive) (local-set-key (kbd "<C-M-return>") 'proof-assert-until-point-interactive)) (add-hook 'proof-mode-hook 'my-proof-general-keys)
[Wed Feb 25 10:05:16 2015] <jstolarek> yes, proof-retract-until-point-interactive does what I want
[Wed Feb 25 10:05:29 2015] <RchrdB> to bind them to C-M-backspace and C-M-enter (or "control-alt-backspace" and "control-alt-enter" if you're not used to Emacs keyboard notation)
[Wed Feb 25 10:05:47 2015] <jstolarek> I'll try that, give me a moment
[Wed Feb 25 10:06:36 2015] <RchrdB> Out of curiosity, am I correct in guessing that you're new to Emacs and are learning up Emacs so that you can use proof general?
[Wed Feb 25 10:06:53 2015] <jstolarek> hm... no
[Wed Feb 25 10:07:02 2015] <jstolarek> well
[Wed Feb 25 10:07:05 2015] <RchrdB> Oh, sorry. :)
[Wed Feb 25 10:07:14 2015] <jstolarek> I've been using Emacs for ~3 year
[Wed Feb 25 10:07:23 2015] <jstolarek> not sure if that counts as "new to Emacs" :-)
[Wed Feb 25 10:07:25 2015] <RchrdB> As far as I can remember, PG was the thing that caused me to move over to emacs.
[Wed Feb 25 10:07:48 2015] <jstolarek> oh, I moved to Emacs when learning Scheme
[Wed Feb 25 10:08:17 2015] <jstolarek> but the truth is I still have fairly basic understanding of Emacs' internals
[Wed Feb 25 10:08:21 2015] <RchrdB> Cool. :)
[Wed Feb 25 10:09:58 2015] <jstolarek> ROTFL, C-M-Backspace is a very bad key combination if you're on Linux...
[Wed Feb 25 10:10:11 2015] <jstolarek> it resets the X server
[Wed Feb 25 10:10:52 2015] <RchrdB> jstolarek: oh crap I'm sorry
[Wed Feb 25 10:11:04 2015] <RchrdB> jstolarek: I forgot about that because some distros disable it
[Wed Feb 25 10:11:13 2015] <jstolarek> that's ok
[Wed Feb 25 10:11:35 2015] <jstolarek> I'm working in a tmux session, so nothing's lost :-)
[Wed Feb 25 10:15:15 2015] <jstolarek> ok, I have what I want with C-c C-n and C-c C-p
[Wed Feb 25 10:24:04 2015] <jstolarek> RchrdB: one more question. proof-assert-next-command-interactive works instantaneous, whereas proof-retract-until-point-interactive is very slugish and takes ~1second. Any idea why?
[Wed Feb 25 10:31:35 2015] <jstolarek> ok, nvm. Emacs is playing tricks on me. The command is slow only with the key combination I assigned to it. After assigning a different one it works just as fast
[Wed Feb 25 10:34:34 2015] <RchrdB> I'm very glad you solved that yourself because I had no clue.
[Wed Feb 25 10:42:26 2015] <jstolarek> One more question. How can I run commands like Eval or Check, other than typing them in the .v file I'm currently editing and forcing Coq to evaluate them
[Wed Feb 25 10:43:05 2015] <jstolarek> is there some way to issue these commands so that the result shows up in Coq Response frame?
[Wed Feb 25 10:44:29 2015] <alkabetz> There are bindings that start with C-c C-a for that.  Check is C-c C-a C-c; I don’t remember Eval, though.  (I think you can do C-c C-a C-h for help?)
[Wed Feb 25 10:47:27 2015] <jstolarek> alkabetz: yes, C-c C-a C-c does Check. There seems to be no shortcut for Eval though.
[Wed Feb 25 11:12:53 2015] <lpaste> alkabetz pasted “Proof General shortcut for Eval” at http://lpaste.net/121182
[Wed Feb 25 11:13:03 2015] <alkabetz> jstolarek: Have some Emacs Lisp :)
[Wed Feb 25 11:14:20 2015] <alkabetz> (This is Emacs ≥24.4 only; let me know if you need for <24.4.)
[Wed Feb 25 13:02:45 2015] <gadsdin> Where can I find a good description of the properties that CompCert guarantees?
[Wed Feb 25 13:09:26 2015] <jrw> gadsdin: what exactly are you looking for? perhaps one of the papers would be a good place to start.
[Wed Feb 25 13:11:29 2015] <jstolarek> alkabetz: thanks. Sadly, I have Emacs 24.3 and with-eval-after-load does not exist :-/
[Wed Feb 25 13:14:36 2015] <lpaste> alkabetz pasted “with-eval-after-load for Emacs <24.4” at http://lpaste.net/121185
[Wed Feb 25 13:14:49 2015] <alkabetz> jstolarek: Stick that in your .emacs file as well, and you should be good to go.
[Wed Feb 25 13:16:05 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121186
[Wed Feb 25 13:16:25 2015] <jstolarek> thanks
[Wed Feb 25 13:16:32 2015] <jstolarek> I think I also need some help
[Wed Feb 25 13:16:44 2015] <jstolarek> I can'f figure out what goes wrong inthe code I pasted
[Wed Feb 25 13:18:01 2015] <vanila> could you repost the link?
[Wed Feb 25 13:18:10 2015] <gadsdin> jrw: I've looked at the papers and read the intro one and some of the others. However, the actual definitions of correctness were referred to abstractly or incompletely.
[Wed Feb 25 13:18:36 2015] <jstolarek> vanila: http://lpaste.net/121186
[Wed Feb 25 13:18:46 2015] <gadsdin> jrw: I'd love something like "these are the ANSI C undefined behaviors that we consider unacceptable", or something like that
[Wed Feb 25 13:18:47 2015] <jstolarek> alkabetz: thanks, now Eval works
[Wed Feb 25 13:18:59 2015] <vanila> ah
[Wed Feb 25 13:19:13 2015] <vanila> you need to use a slightly more complicated 'match' features
[Wed Feb 25 13:19:15 2015] <gadsdin> jrw: Or, "we consider all ANSI C undefined behaviors unacceptable"
[Wed Feb 25 13:19:15 2015] <alkabetz> gadsdin: I’m not sure if anybody’s actually written anything down in a nice way, but the guarantees are pretty weak
[Wed Feb 25 13:19:15 2015] <alkabetz> gadsdin: For instance, all bets are off if main takes arguments :)
[Wed Feb 25 13:19:24 2015] <jstolarek> and let me remark that this is not only the code that I came up with, but also the same code is shown in the CPDT book
[Wed Feb 25 13:20:02 2015] <vanila>   match b in tbinop arg1 arg2 res return typeDenote arg1 -> typeDenote arg2 -> typeDenote res with
[Wed Feb 25 13:20:06 2015] <jstolarek> vanila: surprising. would that code work in an older version of Coq
[Wed Feb 25 13:20:07 2015] <jstolarek> ?
[Wed Feb 25 13:20:14 2015] <alkabetz> gadsdin: http://blog.regehr.org/archives/232 has some nice info about how CompCert handles undefined behaviour
[Wed Feb 25 13:20:35 2015] <vanila> i guess
[Wed Feb 25 13:22:47 2015] <alkabetz> I should really learn how to do dependent pattern matching at some point
[Wed Feb 25 13:24:31 2015] <jstolarek> jstolarek: your code works, but something else is amiss... need to investigate
[Wed Feb 25 13:25:01 2015] <jstolarek> I mean if I open the chapter file from CPDT this code works perfectly fines
[Wed Feb 25 13:25:15 2015] <jstolarek> yet it does not work when I wrote it in a separate file
[Wed Feb 25 13:25:26 2015] <vanila> maybe it sets an option or something
[Wed Feb 25 13:25:28 2015] <jstolarek> something else must be different in these files...
[Wed Feb 25 13:25:29 2015] <alkabetz> So something got set in some import somewhere that’s impacting your work
[Wed Feb 25 13:25:56 2015] <jstolarek> I have the same import list and Set Implicit Arguments
[Wed Feb 25 13:26:38 2015] <jstolarek> got it
[Wed Feb 25 13:26:43 2015] <jstolarek> I had
[Wed Feb 25 13:26:57 2015] <jstolarek> Require Import Arith Bool List CpdtTactics.
[Wed Feb 25 13:27:00 2015] <jstolarek> the book had
[Wed Feb 25 13:27:09 2015] <jstolarek> Require Import Bool Arith List CpdtTactics.
[Wed Feb 25 13:27:34 2015] <alkabetz> Welcome to Coq, the proof assistant with mutation :(
[Wed Feb 25 13:27:46 2015] <vanila> seriously? aargh
[Wed Feb 25 13:27:57 2015] <vanila> that's a shame
[Wed Feb 25 13:28:03 2015] <jstolarek> that's definitely tricky
[Wed Feb 25 13:28:12 2015] <vanila> I didn't know order of imports was an issue inc oq
[Wed Feb 25 13:28:29 2015] <jstolarek> vanila: what rang a bell was that after I added your fix the types in the lest branch did not match
[Wed Feb 25 13:28:41 2015] <jstolarek> I mean leb was reported to work on Bools, not Nats
[Wed Feb 25 13:28:53 2015] <alkabetz> vanila: Most definitely an issue.  A whole bunch of Coq state is global and mutable and changed by vernacular commands.
[Wed Feb 25 13:29:23 2015] <alkabetz> Coq does encapsulation poorly, IMO.
[Wed Feb 25 13:30:08 2015] <jstolarek> alkabetz: by "global state" you mean things like scoping (which seems to be the issue with leb) or state as in impure programming?
[Wed Feb 25 13:30:36 2015] <alkabetz> The former.  I mean the state of the proof assistant, not the state of the programs you’re writing in it.
[Wed Feb 25 13:30:49 2015] <jstolarek> right
[Wed Feb 25 13:31:11 2015] <jstolarek> another unpleasent surprise: undo-tree does not seem to work in PG
[Wed Feb 25 13:31:24 2015] <jstolarek> anyone faced that problem before?
[Wed Feb 25 13:31:35 2015] <alkabetz> I have a friend who has, I think.  Let me ask her what she did.
[Wed Feb 25 13:32:06 2015] <gadsdin> alkabetz: thanks :)
[Wed Feb 25 13:32:20 2015] <alkabetz> gadsdin: You’re welcome.
[Wed Feb 25 13:32:49 2015] <jstolarek> alkabetz: thanks. In the meantime I'm googling for a solution
[Wed Feb 25 13:33:57 2015] <alkabetz> jstolarek: Looks like she’s AFK right now; I’ll let you know if I get in touch with her later.
[Wed Feb 25 13:34:25 2015] <jstolarek> that would be nice. thanks
[Wed Feb 25 13:34:31 2015] <alkabetz> You’re welcome.
[Wed Feb 25 13:34:47 2015] <jstolarek> in the meantime I give up on undo-tree - google shows no meanigful results
[Wed Feb 25 13:35:23 2015] <alkabetz> (undo-tree users) ∩ (Proof General users) is probably pretty small
[Wed Feb 25 13:37:14 2015] <jstolarek> maybe I'l try that later
[Wed Feb 25 13:37:28 2015] <jstolarek> for now I'll just try not to make too many mistakes so that undo is not necessary :-D
[Wed Feb 25 14:07:00 2015] <gadsdin> this is a very basic question, but how do I solve the following with a simple tactic?   S (S (n' + n')) = S (n' + S n')
[Wed Feb 25 14:07:22 2015] <gadsdin> simpl does nothing. I'm on the third chapter of Software Foundations, fwiw
[Wed Feb 25 14:07:40 2015] <alkabetz> [omega] works for me.
[Wed Feb 25 14:07:58 2015] <alkabetz> You’ll need [Require Import Omega.] first.
[Wed Feb 25 14:08:23 2015] <vanila> it could also be proved with ring
[Wed Feb 25 14:10:37 2015] <gadsdin> alkabetz: was that directed at me?
[Wed Feb 25 14:10:56 2015] <alkabetz> gadsdin: Yes.
[Wed Feb 25 14:10:59 2015] <gadsdin> If so, I think I should find out how to do it with what's been introduced in the book so far. Which is almost nothing...
[Wed Feb 25 14:11:22 2015] <vanila> SearchAbout plus. will list all the lemmas that have been proved, you might be able to 'apply' one
[Wed Feb 25 14:12:33 2015] <gadsdin> alkabetz: This proof is using induction, if that's useful.
[Wed Feb 25 14:12:36 2015] <gadsdin> vanila: Thanks.
[Wed Feb 25 14:13:58 2015] <gadsdin> vanila: Wouldn't that kind of thing be used with simpl? simpl doesn't do anything, strangely.
[Wed Feb 25 14:14:11 2015] <vanila> + is defined by recursion on the first argument
[Wed Feb 25 14:14:24 2015] <vanila> so  S x + y  would reduce to  x + S y
[Wed Feb 25 14:14:35 2015] <vanila> but you have  n' + S n'  so there's nothing to reduce
[Wed Feb 25 14:18:55 2015] <gadsdin> vanila: I don't think I follow you
[Wed Feb 25 14:19:07 2015] <gadsdin> at least in the context of what I'm trying to solve
[Wed Feb 25 14:19:24 2015] <gadsdin> I just don't get why I can't for starters, strip the outermost S's off
[Wed Feb 25 14:19:26 2015] <vanila> I just explained why simpl has no effect on the goal: S (S (n' + n')) = S (n' + S n')
[Wed Feb 25 14:19:31 2015] <vanila> oh okay
[Wed Feb 25 14:19:44 2015] <vanila> simpl is not really "simplifying" the goal
[Wed Feb 25 14:19:52 2015] <vanila> actually what it's doing is beta-reduction
[Wed Feb 25 14:20:04 2015] <vanila> it tries to rewrite a function application with the result value
[Wed Feb 25 14:20:43 2015] <gadsdin> i see
[Wed Feb 25 14:21:03 2015] <gadsdin> so how do you think I'm supposed to solve this?
[Wed Feb 25 14:21:53 2015] <vanila> if you just do this:  ring.
[Wed Feb 25 14:21:56 2015] <vanila> it should be proved automatically
[Wed Feb 25 14:23:26 2015] <gadsdin> vanila: Thanks. I'm just really perplexed because I know I'm supposed to be using only what's been covered by the book up to this point, and I can't figure out what I'm supposed to use.
[Wed Feb 25 14:30:30 2015] <bennofs> jstolarek: if you get undo-tree to work, ping me :)
[Wed Feb 25 15:54:50 2015] <Silnar> Hi, I'm trying to understand theorems. Am I understanding it right, that theorem is a function declaration (name & type) and proving a theorem is a process of finding a function implementation that satisfies the given function type ?
[Wed Feb 25 15:56:00 2015] <Cypi> Not necessarily a function, but that's the idea, yes
[Wed Feb 25 15:56:17 2015] <Cypi> Types <-> Propositions. And Terms <-> Proofs.
[Wed Feb 25 15:57:27 2015] <Silnar> Terms - you mean code/implementation/function body, yeah ?
[Wed Feb 25 15:57:44 2015] <Cypi> Yes
[Wed Feb 25 15:59:08 2015] <Silnar> What else a theorem can be if you say that it is not always a function ? I assumed it is a function, because always when I print a theorem I get a function-like code in response...
[Wed Feb 25 15:59:26 2015] <vanila> A function type X -> Y is an implication
[Wed Feb 25 15:59:44 2015] <vanila> another type is a predicate e.g.   Prime 7   could be a type
[Wed Feb 25 16:05:00 2015] <Silnar> ahh ok, so for example "Theorem t : True." would also be a type, because it doesn't use implication, yeah ?
[Wed Feb 25 16:05:11 2015] <vanila> yes
[Wed Feb 25 16:05:15 2015] <Silnar> nice :)
[Wed Feb 25 16:06:13 2015] <Silnar> how can I paste some code here ?
[Wed Feb 25 16:06:24 2015] <vanila> lpaste.net is good
[Wed Feb 25 16:06:30 2015] <Silnar> ok, thx
[Wed Feb 25 16:07:02 2015] <schoppenhauer> hm. what is the best way, in coq, to model stateful operations? I know it is purely functional, but I want to verify an imperative algorithm
[Wed Feb 25 16:07:50 2015] <schoppenhauer> I looked at the operational semantics from compcert, but are they the right place to start?
[Wed Feb 25 16:08:17 2015] <vanila> schoppenhauer, you could try something like this http://www.staff.science.uu.nl/~swier004/Publications/HoareLogicStateMonad.pdf
[Wed Feb 25 16:08:35 2015] <alkabetz> Domain-specific imperative languages are the accepted way to do this, so 'sort of'
[Wed Feb 25 16:08:53 2015] <vanila> Ynot may be good to look at too, although maybe there's newer stuff..
[Wed Feb 25 16:09:03 2015] <alkabetz> CompCert's semantics are probably overkill
[Wed Feb 25 16:09:29 2015] <alkabetz> Have you read the Imp chapter in SF?
[Wed Feb 25 16:09:37 2015] <schoppenhauer> SF?
[Wed Feb 25 16:09:59 2015] <schoppenhauer> what's sf?
[Wed Feb 25 16:10:05 2015] <alkabetz> http://www.cis.upenn.edu/~bcpierce/sf/current/
[Wed Feb 25 16:10:26 2015] <schoppenhauer> thx
[Wed Feb 25 16:10:32 2015] <lpaste> Silnar pasted “Theorem: True & False -> False” at http://lpaste.net/121192
[Wed Feb 25 16:10:42 2015] <Silnar> nice, it worked :)
[Wed Feb 25 16:10:55 2015] <alkabetz> schoppenhauer: No problem!
[Wed Feb 25 16:11:11 2015] <schoppenhauer> alkabetz: the advantage of compcert I would hope to gain is that I could pass the code to compcert directly and get compiled code that can be run.
[Wed Feb 25 16:11:58 2015] <schoppenhauer> while defining my own dsl would require me to write a compiler for it
[Wed Feb 25 16:12:12 2015] <alkabetz> Have you read about Bedrock?
[Wed Feb 25 16:12:19 2015] <Choups314> Hello ! Is it possible to use [pattern] with a placeholder ? (Not a "real" placeholder, because it doesn't work, but something similar)
[Wed Feb 25 16:12:25 2015] <schoppenhauer> alkabetz: no.
[Wed Feb 25 16:12:37 2015] <alkabetz> (Shameless plug--it's my group's project)
[Wed Feb 25 16:12:42 2015] <schoppenhauer> ah doch, I read about it ...
[Wed Feb 25 16:12:45 2015] <schoppenhauer> but forgotten.
[Wed Feb 25 16:12:48 2015] <Cypi> Choups314 : do you mean to let Coq choose a name for your variable? If so, you can use ?
[Wed Feb 25 16:13:15 2015] <vanila> Silnar, http://lpaste.net/121192
[Wed Feb 25 16:13:20 2015] <schoppenhauer> alkabetz: ok, looks promising
[Wed Feb 25 16:13:25 2015] <Choups314> For example, pattern every applications of [app] (of a type T->T) in the current goal)
[Wed Feb 25 16:13:38 2015] <vanila> Silnar, I think you should file a bug report about this, if you can be bothered - for now, here's how to write that proof as a definition
[Wed Feb 25 16:14:04 2015] <Cypi> Ah. I believe you'll need to learn about Ltac. What do you want to do exactly?
[Wed Feb 25 16:14:08 2015] <alkabetz> schoppenhauer: You should read Imp and Hoare in SF first, though.
[Wed Feb 25 16:14:22 2015] <schoppenhauer> ok
[Wed Feb 25 16:14:23 2015] <Choups314> Cypi, I'm doing it in a Ltac ;)
[Wed Feb 25 16:14:28 2015] <Choups314> (I'm trying at least)
[Wed Feb 25 16:15:06 2015] <Choups314> Cypi, I would like to rewrite every applications of a given [app : T -> E]
[Wed Feb 25 16:15:48 2015] <Cypi> But rewrite them to what?
[Wed Feb 25 16:16:18 2015] <Choups314> To a term of type [E] (if the application is of type [_ -> E] for example.
[Wed Feb 25 16:17:13 2015] <Choups314> In fact, I would like to rewrite some injections (I [pose] a witness of the target type that has the same value of the witness, and then I rewrite the injections to this new variable)
[Wed Feb 25 16:17:38 2015] <Choups314> Of course it would pattern them only one at once
[Wed Feb 25 16:17:51 2015] <Silnar> vanila: can you tell me how this definition should look like ?
[Wed Feb 25 16:18:01 2015] <Cypi> So if I understand correctly, everytime there is [app t] in the goal, you want to replace it with [t'] where t' is a new variable of type E?
[Wed Feb 25 16:18:16 2015] <Choups314> Yes !
[Wed Feb 25 16:18:32 2015] <Cypi> Hmm, let's see if I can do that, I'm curious :)
[Wed Feb 25 16:18:38 2015] <Choups314> :p
[Wed Feb 25 16:19:43 2015] <Choups314> But in one goal, it's likely there is several applications : [app t] .. [app t2] .. [app t3]  (where t, t2, t3 are different object of the same type) .. that's why I can't use [pattern] :/
[Wed Feb 25 16:20:05 2015] <Ptival> Choups314: can't you repeat? :\
[Wed Feb 25 16:20:50 2015] <Choups314> Ptival, Yes of course :) (I'm not english, so it might be not so clear :s, just say it) :
[Wed Feb 25 16:22:55 2015] <Cypi> (don't worry, neither are we for some :-° )
[Wed Feb 25 16:23:09 2015] <Cypi> Would that do it? http://lpaste.net/121194
[Wed Feb 25 16:23:18 2015] <Choups314> In a goal I have several applications [app t1] .. [app t2] .. [app t3]   (where t, t2, t3 are different object of the same type). For example let's say the type of [app] is [T -> E], t1, t2, t3 have type T.  I would like to rewrite each of these applciations to a corresponding object of type [E]. (So for each of this application, I use [pose t1' : _], and then I can replace the application [app t1] with [t1']
[Wed Feb 25 16:24:02 2015] <Cypi> Ah, you only want to replace one specific [app : T -> E]?
[Wed Feb 25 16:24:30 2015] <schoppenhauer> hm. I don't quite understand, when browsing over the chapter of imp in sf ... this is just a DSL, or can I actually extract from it?
[Wed Feb 25 16:25:23 2015] <Choups314> Cypi, no, every application of type (T->E). You  solution seems to work ! I'm trying ;)
[Wed Feb 25 16:26:02 2015] <alkabetz> schoppenhauer: You can extract it to an AST and write an interpreter for it.  Bedrock, OTOH, compiles down to assembly.
[Wed Feb 25 16:26:04 2015] <Choups314> (But of course, it would be better if I could supply (not in this purpose, but for curiosity ;)) the "occurence number" of the application to replace :p
[Wed Feb 25 16:26:36 2015] <Cypi> The "occurence number"? As in something like [rewrite H at 1] ?
[Wed Feb 25 16:27:02 2015] <Choups314> Yes exactly (I though of [pattern A at 1])
[Wed Feb 25 16:27:38 2015] <Cypi> Well, sorry, I have no idea how to do that :D
[Wed Feb 25 16:27:45 2015] <Choups314> ^^
[Wed Feb 25 16:27:59 2015] <Choups314> I'm not really used with [context] ..
[Wed Feb 25 16:29:29 2015] <Choups314> Someone advised me a reading .. I don't remember the exact title >< .. something like "CP ..." or "CD ..." (only upper case letters)
[Wed Feb 25 16:29:40 2015] <alkabetz> CPDT.
[Wed Feb 25 16:29:48 2015] <Choups314> Thanks ! :)
[Wed Feb 25 16:30:29 2015] <alkabetz> You're welcome!  That's the other major verification-with-Coq textbookv
[Wed Feb 25 16:32:23 2015] <schoppenhauer> alkabetz: thx
[Wed Feb 25 16:34:13 2015] <alkabetz> You're welcome.
[Wed Feb 25 16:34:51 2015] <Choups314> Do you know if it is possible to configure coq_makefile, to generate the .vo files in a separate directory ? I already hacked the generated Makefile to change the directory of the .d files, but there are much more rules for the .vo ... it might break everything if I do the same :|
[Wed Feb 25 16:41:33 2015] <Anarchos> Choups314 computer programming with dependent types ?
[Wed Feb 25 16:41:55 2015] <Choups314> Yes, the name is coherent but I forgot it ;)
[Wed Feb 25 16:43:07 2015] <Anarchos> Certified Programming with Dependent Types - Adam Chlipala
[Thu Feb 26 05:11:53 2015] <nkar> could anyone help me to decipher a sentence from software foundations?
[Thu Feb 26 05:20:04 2015] <nkar> nm
[Thu Feb 26 05:38:38 2015] <nkar> how do I proceed? [Theorem even5_nonsense :  ev 5 -> 2 + 2 = 9. Proof. intros. inversion H. simpl.]
[Thu Feb 26 05:38:38 2015] <nkar>  
[Thu Feb 26 05:39:37 2015] <nkar> The comment above the exercise says that "The [inversion] tactic can also be used to derive goals by showing the absurdity of a hypothesis."
[Thu Feb 26 05:42:42 2015] <vanila> I would have to know how 'ev' is defined to help
[Thu Feb 26 05:43:11 2015] <nkar>  it's from the Prop chapter in sf
[Thu Feb 26 05:43:20 2015] <nkar> but I can paste if you want
[Thu Feb 26 05:43:38 2015] <vanila> oh i'll check it out
[Thu Feb 26 05:43:46 2015] <vanila> that's a chapter i skipped...
[Thu Feb 26 05:43:53 2015] <nkar> why?
[Thu Feb 26 05:44:10 2015] <vanila> was too excited to get to the Imp  stuff :)
[Thu Feb 26 05:44:47 2015] <nkar> yeah, I can't wait to get to the "let's implement a simple language" stuff
[Thu Feb 26 05:46:00 2015] <vanila> well the way I would work at this is try to get the assumption: ev 1 out of ev5
[Thu Feb 26 05:46:49 2015] <vanila> then when you do inversion on that it will see that no possibly constructor of the 'ev' data type could work - so it will discharge the goal
[Thu Feb 26 05:47:02 2015] <vanila> http://lpaste.net/121222   so just this
[Thu Feb 26 05:47:13 2015] <vanila> just keep doing inversion
[Thu Feb 26 05:47:29 2015] <vanila> well   inversion H; subst.   is a common pattern, the subst after clears things up loads
[Thu Feb 26 05:48:00 2015] <nkar> wait, let me try to prove it based on just your advice
[Thu Feb 26 05:52:08 2015] <nkar> vanila: yeah, applying SSSSev__even in H, which gives ev1, works
[Thu Feb 26 05:52:51 2015] <vanila> great :)
[Thu Feb 26 06:33:10 2015] <Anarchos> lots of "Warning : deprecated" when compiling coq.
[Thu Feb 26 07:27:52 2015] <jstolarek> how do I make a single line comment in Coq?
[Thu Feb 26 07:28:05 2015] <vanila> (* ... *)
[Thu Feb 26 07:28:28 2015] <jstolarek> well, that's a block comment
[Thu Feb 26 07:28:51 2015] <jstolarek> I'm looking for a comment that ends automatically with EOL
[Thu Feb 26 07:29:30 2015] <jstolarek> alkabetz: any news from your friend about using undo-tree with Proof General?
[Thu Feb 26 07:29:59 2015] <arcatan> Coq only has block comments
[Thu Feb 26 07:31:10 2015] <jstolarek> arcatan: thanks. That's a bit inconveniet, but I can live with it
[Thu Feb 26 07:34:39 2015] <arcatan> yeah. i wouldn't mind having line comments, either.
[Thu Feb 26 08:41:36 2015] <roosbeef> is it possible to apply the same tactic to multiple subgoals using a single command?
[Thu Feb 26 08:42:09 2015] <vanila> if a generates many subgoals  a; b  will do b to each
[Thu Feb 26 08:49:28 2015] <nkar> jstolarek: what editor do you use?  there's probably a hotkey that'll insert (*  *) for you.
[Thu Feb 26 08:49:36 2015] <nkar> like M-; in emacs
[Thu Feb 26 09:40:15 2015] <benzrf> hey ok im pretty confused
[Thu Feb 26 09:40:37 2015] <benzrf> i saw that one post about how 2^2^N ~ N
[Thu Feb 26 09:40:43 2015] <benzrf> if you accept an independent axiom
[Thu Feb 26 09:41:01 2015] <benzrf> but... i just proved powset_greater : forall s : Type, ~ (exists f : s -> s -> bool, surjective f)
[Thu Feb 26 09:41:11 2015] <benzrf> huh??
[Thu Feb 26 09:41:15 2015] <benzrf>      
[Thu Feb 26 09:43:43 2015] <benzrf> ooh wait
[Thu Feb 26 09:44:01 2015] <rola> ?
[Thu Feb 26 09:44:44 2015] <benzrf> to use that to prove a /double/ power set i'd need to be able to break down the double powerset surjection into two component surjections f : N -> 2^N and g : N -> 2^N
[Thu Feb 26 09:45:15 2015] <benzrf> shit
[Thu Feb 26 09:45:46 2015] <benzrf> so does this mean that smaller-cardinality is not necessarily transitive in constructive math?
[Thu Feb 26 09:45:49 2015] <rola> are you proving cantor's theorem
[Thu Feb 26 09:46:11 2015] <benzrf> yes i did
[Thu Feb 26 09:46:16 2015] <benzrf> but it seems to conflict with this http://math.andrej.com/2009/10/12/constructive-gem-double-exponentials/
[Thu Feb 26 09:46:29 2015] <benzrf> * takes his Q to ##math
[Thu Feb 26 09:47:09 2015] <rola> yeah i think i recall seeing something about that on andrej's blog
[Thu Feb 26 10:15:26 2015] <JanBessai> is there a simple way to convice coq, that tl l is a subterm of l?
[Thu Feb 26 10:15:53 2015] <Anarchos> when running coq i got this : http://pastebin.com/GLQ3nHH0
[Thu Feb 26 10:20:08 2015] <vanila> JanBessai, if you can't match on l to avoid using tl, you might have to use measure and prove the obligations
[Thu Feb 26 10:20:42 2015] <JanBessai> vanila: I have a proof of l = x::l' in my context
[Thu Feb 26 10:21:48 2015] <JanBessai> so I probably should match and eliminate the nil case with that proof
[Thu Feb 26 10:21:50 2015] <JanBessai> thanks
[Thu Feb 26 10:58:42 2015] <benzrf> how does one use measure
[Thu Feb 26 11:31:33 2015] <JanBessai> vanila.. thanks - it finallay worked :)
[Thu Feb 26 11:36:27 2015] <benzrf> is there any notion of decidability that coq itself knows about
[Thu Feb 26 11:37:02 2015] <Cypi> Do you mean this? https://coq.inria.fr/library/Coq.Logic.Decidable.html
[Thu Feb 26 11:38:47 2015] <benzrf> * looks
[Thu Feb 26 15:35:54 2015] <Silnar> Hi, how to return 'forall' value ? http://lpaste.net/121247
[Thu Feb 26 15:37:29 2015] <vanila>   fun x : Prop => or_intror x I.
[Thu Feb 26 15:38:08 2015] <vanila> forall x:A, B   is a generalized version of   A -> B
[Thu Feb 26 15:38:17 2015] <vanila> for either you produce a function to prove it
[Thu Feb 26 15:41:52 2015] <Silnar> ah, ok
[Thu Feb 26 15:42:36 2015] <Silnar> but, how it is that forall x:True, True becomes True -> True ?
[Thu Feb 26 15:43:38 2015] <Silnar> I mean, would it be also possible to convert forall x : Prop, x \/ True into implication ?
[Thu Feb 26 15:45:18 2015] <vanila> A -> B   is for when B does not depend on the value passed in
[Thu Feb 26 15:45:30 2015] <vanila> forall x:A, B[x]  lets the result type depend on the input value
[Thu Feb 26 15:45:48 2015] <vanila> since there's no dependency in forall x:True, True you can write it as True -> True
[Thu Feb 26 15:45:55 2015] <vanila> but forall x : Prop, x \/ True  couldnt be
[Thu Feb 26 15:48:25 2015] <Silnar> ok, and anytime I want to satisfy forall x:A, B[x] I need to write a function fun x:A => return value of type B[x], got it
[Thu Feb 26 15:57:17 2015] <Silnar> when I write 'Definition or_x_t_fun (x:Prop) : (x \/ True) := or_intror x I.', coq prints its type as 'forall x : Prop, x \/ True'. Why did he insert 'forall' here? Because return type depends on argument x value ?
[Thu Feb 26 20:39:25 2015] <benzrf> ok so
[Thu Feb 26 20:39:46 2015] <benzrf> is predicate logic in coq inconsistent w/ traditional predicate logic
[Thu Feb 26 20:43:07 2015] <Cale> benzrf: no
[Thu Feb 26 20:43:22 2015] <Cale> benzrf: It just doesn't make as many assumptions
[Thu Feb 26 20:43:43 2015] <Cale> (In particular, you can't prove LEM, but you also can't refute it)
[Thu Feb 26 20:44:58 2015] <benzrf> ok then
[Thu Feb 26 20:45:20 2015] <benzrf> you can show that a surjection has an injective left inverse in coq
[Thu Feb 26 20:45:27 2015] <benzrf> doesnt that require AC in classical ZFC
[Thu Feb 26 20:45:30 2015] <benzrf> er
[Thu Feb 26 20:45:32 2015] <benzrf> ZF
[Thu Feb 26 20:47:07 2015] <benzrf> Cale: ?
[Thu Feb 26 20:48:15 2015] <Cale> Uh, that's not talking about predicate logic any more. You're interepreting certain implications as functions now.
[Thu Feb 26 20:48:45 2015] <Cale> and types as sets
[Thu Feb 26 20:59:26 2015] <benzrf> ahh
[Thu Feb 26 20:59:44 2015] <benzrf> Cale: can you not eliminate existentials inside a fundef in classical math?
[Thu Feb 26 21:01:55 2015] <Cale> hm?
[Thu Feb 26 21:02:07 2015] <Cale> Well, in ZFC, your functions are particular sets
[Thu Feb 26 21:12:49 2015] <Cale> benzrf: In ZF, knowing that forall x. x in A => exists y. y in B and P(x,y), doesn't give you a way to construct a function f: A -> B such that P(x,f(x)) for every x in A. That's basically what choice is doing for you. The forall doesn't correspond to a function in the sense of ZF.
[Thu Feb 26 21:15:33 2015] <benzrf> well
[Thu Feb 26 21:15:42 2015] <benzrf> hmm
[Thu Feb 26 21:15:45 2015] <Cale> benzrf: It's down at the level of logic, it's not a set, and it's merely true or false, it doesn't have any sort of content.
[Thu Feb 26 21:15:59 2015] <benzrf> hm
[Thu Feb 26 21:16:04 2015] <benzrf> hmmmm
[Thu Feb 26 21:16:17 2015] <benzrf> so you cant do, e.g., existential eliminiation from inside a function
[Thu Feb 26 21:16:26 2015] <benzrf> that only happens at the outer logic level
[Thu Feb 26 21:16:34 2015] <benzrf> er, wait
[Thu Feb 26 21:16:38 2015] <benzrf> hold on.
[Thu Feb 26 21:17:52 2015] <Cale> Yeah, that's right.
[Thu Feb 26 21:18:05 2015] <Cale> If it were only a finite family of sets, you could prove that there's a function
[Thu Feb 26 21:18:19 2015] <Cale> Because you can eliminate all the existentials one by one
[Thu Feb 26 21:18:26 2015] <Cale> But if it's an infinite family of sets, you can't.
[Thu Feb 26 21:19:12 2015] <Cale> (because your proof isn't allowed to be infinitely long, and you can't defer the choices made until you know what the argument of the function is -- you're trying to build the entire graph of the function at once)
[Thu Feb 26 21:19:39 2015] <benzrf> hmm
[Thu Feb 26 21:19:56 2015] <benzrf> interesting
[Thu Feb 26 21:21:51 2015] <Cale> The things which choice lets you do in ZFC are much more powerful than what that easily-provable version of choice in Coq lets you do though.
[Thu Feb 26 21:22:31 2015] <Cale> Note that even in ZF, if you can canonically choose an element from each of an infinite family of sets, you can still build a function.
[Thu Feb 26 21:22:43 2015] <Cale> It's just *only* knowing that the sets are nonempty isn't enough to specify one.
[Thu Feb 26 21:23:06 2015] <Cale> If they were, e.g. sets of natural numbers, you could say "oh, pick the minimum element of each one"
[Thu Feb 26 21:23:28 2015] <Cale> Or in any other case where there's a way to compute an element, you're fine.
[Thu Feb 26 21:23:53 2015] <Cale> When you go to use the theorem of choice in Coq, you basically are required to input such an algorithm for making choices.
[Thu Feb 26 21:24:19 2015] <Cale> Whereas in ZFC, when you apply the axiom of choice, there may not be an algorithm.
[Thu Feb 26 21:25:20 2015] <Cale> So at least in terms of what you can actually do with them, they're quite different
[Thu Feb 26 21:25:33 2015] <Cale> HoTT has a lot to say about this
[Thu Feb 26 21:27:34 2015] <Cale> You can express an axiom of choice with a lot of (perhaps all of?) the power of the classical one using truncations.
[Thu Feb 26 21:27:49 2015] <Cale> But again, it's not provable, you have to add that one as an axiom.
[Thu Feb 26 21:59:42 2015] <benzrf> hhh
[Thu Feb 26 22:00:34 2015] <benzrf> Cale: so using classical logic on ZF[C], applying LEM to the CH doesnt cause weird crap to happen because...
[Thu Feb 26 22:00:51 2015] <benzrf> anything you can apply LEM to has to have no free variables?
[Thu Feb 26 22:01:08 2015] <benzrf> so instead of CH, it's "ZF implies CH"?
[Thu Feb 26 22:01:11 2015] <benzrf> is that right
[Thu Feb 26 22:02:53 2015] <Cale> uhhhh
[Thu Feb 26 22:02:54 2015] <Cale> what?
[Thu Feb 26 22:03:06 2015] <Cale> You're talking about the continuum hypothesis now?
[Thu Feb 26 23:10:00 2015] <benzrf> yes
[Thu Feb 26 23:10:03 2015] <benzrf> >_>
[Thu Feb 26 23:10:11 2015] <benzrf> oh hey that was an hour ago. oops
[Thu Feb 26 23:25:14 2015] <Cale> benzrf: The continuum hypothesis is yet another statement which is independent of ZFC
[Thu Feb 26 23:25:24 2015] <benzrf> i know
[Thu Feb 26 23:25:53 2015] <benzrf> im thinking about how LEM works in the context of independence of statements
[Thu Feb 26 23:26:28 2015] <Cale> Oh, well, okay, you have that CH or not CH is true, but this doesn't tell you which of those options is the case.
[Thu Feb 26 23:29:49 2015] <Cale> One way to think about it is to think about a first order logical theory of groups with just the group axioms
[Thu Feb 26 23:30:05 2015] <Cale> You can't show that there are any elements other than the identity element
[Thu Feb 26 23:30:16 2015] <Cale> and you also can't show that there aren't
[Thu Feb 26 23:31:17 2015] <Cale> But the statement  (exists x. not (x = 1)) or not (exists x. not (x = 1)) is still true
[Thu Feb 26 23:31:31 2015] <benzrf> yeah
[Thu Feb 26 23:31:42 2015] <benzrf> er, wait
[Thu Feb 26 23:31:48 2015] <scott> are you describing why LEM doesn't make sense in constructive logic?
[Thu Feb 26 23:31:55 2015] <benzrf> in any particular model, yes
[Thu Feb 26 23:31:59 2015] <benzrf> interesting...
[Thu Feb 26 23:32:00 2015] <Cale> Well, assuming it's a classical logic
[Thu Feb 26 23:32:05 2015] <benzrf> Cale: yeah
[Fri Feb 27 02:37:13 2015] <JanBessai> Anomaly: Uncaught exception Option.IsNone. Please report.
[Fri Feb 27 02:37:44 2015] <JanBessai> am I doing something wrong or is this a plain bug?
[Fri Feb 27 02:44:10 2015] <JanBessai> ah I see. there is just no induction principle for the type I'm trying to perform induction on
[Fri Feb 27 02:44:49 2015] <JanBessai> so everything is as it should be :)
[Fri Feb 27 02:45:23 2015] <nkar> ugh, how do I prove Theorem ev_plus_plus : forall n m p,  ev (n+m) -> ev (n+p) -> ev (m+p). if I'm allowed only to apply existing lemmas.
[Fri Feb 27 02:45:27 2015] <nkar> ?
[Fri Feb 27 02:46:58 2015] <nkar> and here are the lemmas: http://dpaste.com/1KMPEY4
[Fri Feb 27 02:48:33 2015] <JanBessai> use ev n \/ odd n, then by case analysis inspect the premisses to obtain even and odd information about m and p
[Fri Feb 27 02:48:48 2015] <nkar> I'm not allowed to perform case analysis
[Fri Feb 27 02:49:18 2015] <nkar> that's from software foundations: (** **** Exercise: 3 stars, optional (ev_plus_plus) *) (** Here's an exercise that just requires applying existing lemmas.  No induction or even case analysis is needed, but some of the rewriting may be tedious. *)
[Fri Feb 27 02:50:31 2015] <JanBessai> you might try type inhabitation ;)
[Fri Feb 27 02:50:34 2015] <nkar> I'm not sure how to do it because every lemma involving sum requires me to talk about elements, too.
[Fri Feb 27 02:50:38 2015] <nkar> what's that?
[Fri Feb 27 02:51:49 2015] <nkar> the first link in my search engine is pubmed
[Fri Feb 27 02:52:13 2015] <JanBessai> https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_tactic141
[Fri Feb 27 02:52:38 2015] <JanBessai> i.e. "cheat" using auto
[Fri Feb 27 02:52:45 2015] <nkar> double_even may be useful, but I don't have a lemma allowing me to go from [n + n] to [double n]
[Fri Feb 27 02:52:51 2015] <nkar> oh, it's a tactic
[Fri Feb 27 02:53:11 2015] <nkar> I'm not allowing to use it either.  it hasn't been introduced in the book
[Fri Feb 27 02:53:53 2015] <JanBessai> it might result (if it works) in a solution you can inspect to get an idea
[Fri Feb 27 02:54:05 2015] <JanBessai> btw. the IRC channel is not in the book, too ;)
[Fri Feb 27 02:54:27 2015] <nkar> :(
[Fri Feb 27 03:04:28 2015] <nkar> can I explicitly pick a subgoal to prove?
[Fri Feb 27 03:06:39 2015] <nkar> okay, Focus <Number> does the trick
[Fri Feb 27 03:07:50 2015] <nkar> here's my proof so far: http://dpaste.com/2S2DQH5
[Fri Feb 27 03:11:13 2015] <nkar> wait, turns out I have a lemma: double n = n + n for all n
[Fri Feb 27 03:11:15 2015] <nkar> lol
[Fri Feb 27 03:23:11 2015] <nkar> okay, proved it: http://dpaste.com/0ZG45EP
[Fri Feb 27 11:35:21 2015] <roosbeef> where in the docs can i find more info about modules?
[Fri Feb 27 11:35:35 2015] <roosbeef> theres a small section about them in the tutorial
[Fri Feb 27 11:35:55 2015] <roosbeef> but is there something more in-depth in the documents?
[Fri Feb 27 11:36:57 2015] <ianjneu> modules are a source of much aggravation.
[Fri Feb 27 11:37:48 2015] <ianjneu> adam.chlipala.net/cpdt/html/Large.html#lab101
[Fri Feb 27 11:38:24 2015] <roosbeef> nm found it, section 2.5
[Fri Feb 27 11:42:49 2015] <roosbeef> but yea i remember having a lot of fun with that ;p
[Fri Feb 27 11:43:09 2015] <roosbeef> documenting my code now, want to throw in a couple bookmarks to where the reader can find more info
[Fri Feb 27 20:36:47 2015] <johnw> how do I evaluate the goal by a single step?
[Fri Feb 27 20:37:14 2015] <johnw> i.e., the outermost construction is a match ..., and I want to collapse away the match
[Fri Feb 27 20:44:50 2015] <Cypi> johnw : is [cbv iota] okay.
[Fri Feb 27 20:44:51 2015] <Cypi> ?*
[Fri Feb 27 20:45:03 2015] <johnw> no effect
[Fri Feb 27 20:45:20 2015] <johnw> best I could come up with is to just case analyze on the discriminee, even though it's obvious
[Fri Feb 27 20:45:36 2015] <Cypi> Ah, the discriminee is not destructed yet
[Fri Feb 27 20:45:46 2015] <Cypi> Hmm, does [lazy iota] do anything? ^^'
[Fri Feb 27 20:45:58 2015] <johnw> no
[Fri Feb 27 20:46:12 2015] <johnw> here's the context: https://gist.github.com/13af20acb6d9ada494ed
[Fri Feb 27 20:47:01 2015] <Cypi> Sorry, I don't know then
[Fri Feb 27 20:48:29 2015] <johnw> so, I'm forced to:
[Fri Feb 27 20:48:44 2015] <johnw> case E: (discriminee) => [|? ?]; first by discriminate; rewrite -E.
[Fri Feb 27 20:48:50 2015] <johnw> for what I'd think would happen with "hnf"
[Fri Feb 27 20:49:21 2015] <johnw> oh, at least // discharges it
[Sat Feb 28 11:43:51 2015] <nkar> how much coq do I need to write before I get used to its syntax?
[Sat Feb 28 11:45:46 2015] <carter> however much is needed :)
[Sat Feb 28 12:05:38 2015] <Choups314> Hi, is-it normal that when I use [pattern ..] and then [rewrite ..] it does not "refold" the hypothesis ? (I'm rewriting in an hypothesis)
[Sat Feb 28 12:05:45 2015] <Choups314> (I'm using a custom relation)
[Sat Feb 28 20:31:56 2015] <johnw> I find myself slowly evolving an ever-more-complex wrapper around omega for ssreflect
[Sun Mar  1 10:23:32 2015] <Choups314> Is it possible to define "polymorphic instances" of classes ?
[Sun Mar  1 10:43:19 2015] <ianjneu> Choups314: elaborate
[Sun Mar  1 16:14:44 2015] <Choups314> Is it possible to disable temporarily notations ? (Displayed in the current goal)
[Sun Mar  1 17:18:42 2015] <alkabetz> Choups314: [Unset Printing Notations.  idtac.]  should do the trick.
[Mon Mar  2 04:02:46 2015] <nkar> any hint on proving [Theorem rev_pal : forall (X : Type) (xs : list X), xs = rev xs -> pal xs.]?
[Mon Mar  2 04:02:46 2015] <nkar>  
[Mon Mar  2 04:03:13 2015] <nkar> that's the palindrome_converse ex. from software foundations
[Mon Mar  2 04:04:54 2015] <nkar> the only thing I can think of is doing induction on xs, but I don't how to prove the succ case x :: xs = rev (x :: xs) -> pal (x :: xs)
[Mon Mar  2 04:05:03 2015] <joerisamson> I needed help for that too
[Mon Mar  2 04:05:16 2015] <nkar> :)
[Mon Mar  2 04:05:59 2015] <nkar> I've also tried inversion and induction on the hypothesis.  the former doesn't work, and the latter doesn't yield anything useful
[Mon Mar  2 04:06:39 2015] <joerisamson> In the end what I did was search on google for rev_pal, there was a solution there that had a few ideas that I stole to make my version work
[Mon Mar  2 04:07:31 2015] <nkar> heh, I'm afraid I'll see too much, so it won't be interesting anymore.
[Mon Mar  2 04:08:05 2015] <joerisamson> One trick that seemed necessary was make an intermediate lemma (defined with Fixpoint instead of Lemma) and do structural recursion on the length of l
[Mon Mar  2 04:08:33 2015] <joerisamson> Fixpoint rev_pal' X (l: list X) (len: nat) (leneq: length l = len) (reveq: l = rev l) {struct len}: pal l.
[Mon Mar  2 04:09:23 2015] <joerisamson> The other trick that I needed is that you can do "remember (something) as name", which can help in induction to eliminate impossible cases
[Mon Mar  2 04:09:43 2015] <nkar> I bet that's not the intended solution.  I have no idea what the {struct len} syntax means.
[Mon Mar  2 04:10:32 2015] <joerisamson> I don't know there were other exercises where I had to define Lemmas that were actual later exercises
[Mon Mar  2 04:11:54 2015] <joerisamson> the {struct len} bit tells Coq that len is decreasing, which it can't deduce otherwise (in my proof at least)
[Mon Mar  2 04:13:09 2015] <joerisamson> And yes, I'd like a simpler proof too, but I saw no workaround
[Mon Mar  2 04:13:33 2015] <nkar> for those reading the log: I'd appreciate any hints on how to do it properly.  I'll think about it more later.
[Mon Mar  2 04:13:58 2015] <joerisamson> The problem is that I wanted induction on both ends of the list, and normal induction on lists only takes away the first element
[Mon Mar  2 04:14:48 2015] <joerisamson> and the following is obviously false: pal (x::l) -> pal l
[Mon Mar  2 04:15:07 2015] <joerisamson> I mean pal l -> pal (x::l)
[Mon Mar  2 04:30:12 2015] <Cypi> nkar : 1) It's useful to proceed by strong induction on the length of the list. By that I mean stating a theorem such that [forall X n (l : list X), length l < n -> l = rev l -> pal l]
[Mon Mar  2 04:30:32 2015] <Cypi> You can then use this theorem to easily prove your rev_pal
[Mon Mar  2 04:30:59 2015] <Cypi> 2) Just in case you don't have it, you might need a theorem about length (snoc l v).
[Mon Mar  2 04:40:17 2015] <nkar> Cypi: thank you, I'll try and ask more questions if I get stuck.
[Mon Mar  2 16:02:11 2015] <Choups314> I don't really understand how to define a morphism for setoid_rewrite ..
[Mon Mar  2 16:02:28 2015] <Choups314> For example with this error message : https://gist.github.com/Choups314/8ea62bbcca90aa9a01cf, what instances are missing ?
[Mon Mar  2 16:17:16 2015] <johnw> yeah, those setoid errors can be confusing
[Mon Mar  2 16:17:37 2015] <johnw> it looks like Proper is missing for (<something> ==> <something> ==> flip impl) equiv
[Mon Mar  2 16:19:09 2015] <Choups314> johnw, If I want to rewrite under binders (i.e. if I have [inj x], where [inj] is an application), what do I need to be able to rewrite [x] with an hypothesis [H : x=y] for example, (where [=] is a custom relation) ?
[Mon Mar  2 16:19:40 2015] <johnw> you want to rewrite inside a lambda?
[Mon Mar  2 16:19:59 2015] <Choups314> yes
[Mon Mar  2 16:20:21 2015] <Choups314> Well .. not really. [inj] is a defined application (for example [E->E])
[Mon Mar  2 16:20:48 2015] <johnw> see the manual section titled "Rewriting under binders"?
[Mon Mar  2 16:27:57 2015] <Choups314> Sorry if you said something (or not ^^), I have been disconnected ><
[Mon Mar  2 16:28:28 2015] <johnw> i just said:
[Mon Mar  2 16:28:30 2015] <johnw> 15:20 <johnw> see the manual section titled "Rewriting under binders"?
[Mon Mar  2 16:29:02 2015] <Choups314> Ok I saw this, did you have my messages ?
[Mon Mar  2 16:29:08 2015] <Choups314> (After yours)
[Mon Mar  2 16:29:19 2015] <johnw> no
[Mon Mar  2 16:29:32 2015] <Choups314> "I already read it (you mean chap 26 right ?), but I don't really understand ..
[Mon Mar  2 16:29:32 2015] <Choups314> <Choups314> I know I need to add something like [Add Parametric Morphism  ... with signature], but I don't really understand what is signature ..
[Mon Mar  2 16:29:32 2015] <Choups314> <Choups314> (https://coq.inria.fr/refman/Reference-Manual029.html ?)"
[Mon Mar  2 16:29:45 2015] <johnw> right, that's it
[Mon Mar  2 16:29:52 2015] <johnw> I'm unfortunately no expert on that stuff
[Mon Mar  2 17:18:27 2015] <vanila> Is there any proof assistant that has coq style tactics and induction recursion?
[Mon Mar  2 17:19:16 2015] <benzrf> what is induction recursion :-o
[Mon Mar  2 17:20:05 2015] <vanila> its where you define a data type and a recursive function on it together
[Mon Mar  2 17:20:34 2015] <ystael> vanila: idris has induction-recursion, i don't know if that's tactic-y enough though
[Mon Mar  2 17:20:54 2015] <vanila> the tactics stuff is pretty busted in idris
[Mon Mar  2 17:20:57 2015] <benzrf> vanila: i am confused
[Mon Mar  2 17:21:08 2015] <ystael> vanila: oh :( i haven't been keeping current
[Mon Mar  2 17:21:51 2015] <vanila> i can't understand edwins motivation..
[Mon Mar  2 17:42:29 2015] <vanila> does anyone know what papers are relevant to how functional induction schemes work?
[Mon Mar  2 22:40:23 2015] <jrw> johnw: I have a random software foundations question. what's the best solution you've seen to the 5 star "bin_inverse" exercise in Inductiion.v?
[Mon Mar  2 23:28:49 2015] <johnw> jrw: hi
[Mon Mar  2 23:28:56 2015] <johnw> jrw: that's a really simple proof
[Mon Mar  2 23:29:02 2015] <johnw> jrw: I think it's 5 stars because of where the student is at at that point
[Mon Mar  2 23:29:07 2015] <johnw> but the proof itself is induction and two rewrites total
[Mon Mar  2 23:33:21 2015] <jrw> really? huh.
[Mon Mar  2 23:45:10 2015] <arvisrend> wtf
[Mon Mar  2 23:45:15 2015] <arvisrend> that was my longest proof ever
[Mon Mar  2 23:45:34 2015] <johnw> wait, let me make sure I'm looking at the right thing
[Mon Mar  2 23:45:55 2015] <johnw> is this the theorem: Theorem bin_conv : forall (n : nat), n = binn (nbin n).
[Mon Mar  2 23:46:30 2015] <arvisrend> no
[Mon Mar  2 23:47:33 2015] <arvisrend> or maybe
[Mon Mar  2 23:47:35 2015] <arvisrend> Theorem nat_to_bin_to_nat : forall n : nat,
[Mon Mar  2 23:47:35 2015] <arvisrend> bin_to_nat (nat_to_bin n) = n.
[Mon Mar  2 23:47:42 2015] <arvisrend> ah ok we have different names for that stuff
[Mon Mar  2 23:47:56 2015] <arvisrend> no wait
[Mon Mar  2 23:48:01 2015] <arvisrend> that one is still the easy part
[Mon Mar  2 23:48:03 2015] <arvisrend> the hard one is this:
[Mon Mar  2 23:48:14 2015] <arvisrend> Theorem bin_to_nat_to_bin : forall n : bin,
[Mon Mar  2 23:48:14 2015] <arvisrend> nat_to_bin (bin_to_nat n) = normalize n.
[Mon Mar  2 23:49:20 2015] <johnw> huh
[Mon Mar  2 23:49:27 2015] <johnw> that proof is just "reflexivity" for me
[Mon Mar  2 23:49:35 2015] <johnw> Theorem norm_conv : forall (b : bin), normalize b = nbin (binn b).
[Mon Mar  2 23:49:39 2015] <arvisrend> really?
[Mon Mar  2 23:49:45 2015] <arvisrend> then you defined normalize through it
[Mon Mar  2 23:49:57 2015] <johnw> well, normalize was a one-liner
[Mon Mar  2 23:49:59 2015] <arvisrend> i assume you're suppose to define it inductively inside the type
[Mon Mar  2 23:50:26 2015] <johnw> hmm
[Mon Mar  2 23:50:32 2015] <johnw> maybe that's what made it hard?
[Mon Mar  2 23:50:35 2015] <arvisrend> Fixpoint normalize (n : bin) : bin :=
[Mon Mar  2 23:50:35 2015] <arvisrend> match n with
[Mon Mar  2 23:50:35 2015] <arvisrend> | P => P
[Mon Mar  2 23:50:35 2015] <arvisrend> | D m => match (normalize m) with
[Mon Mar  2 23:50:35 2015] <arvisrend> | P => P
[Mon Mar  2 23:50:35 2015] <arvisrend> | D g => D (D g)
[Mon Mar  2 23:50:35 2015] <arvisrend> | E g => D (E g)
[Mon Mar  2 23:50:36 2015] <arvisrend> end
[Mon Mar  2 23:50:36 2015] <arvisrend> | E m => E (normalize m)
[Mon Mar  2 23:50:37 2015] <arvisrend> end.
[Mon Mar  2 23:50:39 2015] <arvisrend> that's my def
[Mon Mar  2 23:51:00 2015] <johnw> ah, I used: Definition normalize (b : bin) : bin := nbin (binn b). :)
[Mon Mar  2 23:51:00 2015] <arvisrend> if you're supposed to go through nat, i finally understand why the exercise is at that early point
[Mon Mar  2 23:51:17 2015] <johnw> which is why the proof is trivial
[Tue Mar  3 02:16:21 2015] <nkar> Cypi: I'm not looking at the lemma you suggested: [forall X n (l : list X), length l < n -> l = rev l -> pal l]  and I don't get it.  how can length l be less than n forall l and n?  it doesn't hold for, say, l := [1] and n := 0.
[Tue Mar  3 02:18:42 2015] <nkar> s/not/now/
[Tue Mar  3 02:31:41 2015] <irishsultan> that's not what that says
[Tue Mar  3 02:31:55 2015] <nkar> okay, what does it say?
[Tue Mar  3 02:32:55 2015] <nkar> length l < n implies l = rev l implies pal l, right?
[Tue Mar  3 02:34:00 2015] <nkar> still, I'm failing to grasp the use of forall in this context
[Tue Mar  3 02:40:27 2015] <irishsultan> my internet connection to the server where irssi is running is flaky
[Tue Mar  3 02:40:53 2015] <irishsultan> but the overall idea is that it's easier to do induction on (length l) for this theorem
[Tue Mar  3 02:42:01 2015] <irishsultan> because for a list you normally the property rev (x::xs) = x::xs does not imply rev xs = xs
[Tue Mar  3 02:42:22 2015] <irishsultan> and you need to preserve that property
[Tue Mar  3 02:42:43 2015] <irishsultan> at least that's how I remember it
[Tue Mar  3 02:44:04 2015] <nkar> well, but this doesn't answer the initial question.  how would you translate this definition to english?  in particular, what does forall l n, length l < n mean?
[Tue Mar  3 02:44:10 2015] <irishsultan> whereas in the (length l) < n you can add to both ends of the list
[Tue Mar  3 02:44:39 2015] <irishsultan> for all lists l, and numbers n, lenght l is smaller than n
[Tue Mar  3 02:44:48 2015] <irishsultan> but you shouldn't stop reading there
[Tue Mar  3 02:45:36 2015] <irishsultan> the full statement is: forall...., if (length l < n) then (if l = rev l then pal l)
[Tue Mar  3 02:46:20 2015] <nkar> okay, got it
[Tue Mar  3 02:46:59 2015] <nkar> though, I don't see how it's connected to being able to add to both ends of the list.
[Tue Mar  3 02:47:13 2015] <irishsultan> it trivially holds for a list of length 0 and 1
[Tue Mar  3 02:47:13 2015] <nkar> (I understand why we care about adding to both ends)
[Tue Mar  3 02:49:24 2015] <nkar> and how does that property follow from this?
[Tue Mar  3 02:50:12 2015] <irishsultan> because you assume it's true for all lists of smaller length
[Tue Mar  3 02:53:07 2015] <irishsultan> including lists that are 2 elements sho
[Tue Mar  3 02:53:07 2015] <irishsultan> .
[Tue Mar  3 02:53:08 2015] <irishsultan> .
[Tue Mar  3 03:03:49 2015] <irishsultan> Bah, I hate this connection
[Tue Mar  3 03:04:43 2015] <irishsultan> Anyway, the important part is that with induction on list length you can reduce your list of length n+1 to a list of lengtt n-1
[Tue Mar  3 03:09:21 2015] <nkar> irishsultan: I'll just try to prove it/play around instead of asking further questions.
[Tue Mar  3 03:09:26 2015] <nkar> thanks for your help!
[Tue Mar  3 03:21:57 2015] <nkar> irishsultan: so, how is this useful? http://dpaste.com/0FQEM32  n is not referenced anywhere and induction doesn't generate anything useful.
[Tue Mar  3 03:32:34 2015] <irishsultan> that's where the other trick I learned from cheating helped
[Tue Mar  3 03:32:52 2015] <irishsultan> remember(length xs = len)
[Tue Mar  3 03:32:59 2015] <irishsultan> then you can do induction on len
[Tue Mar  3 03:33:08 2015] <nkar> what does it do?
[Tue Mar  3 03:33:39 2015] <irishsultan> correction, remember(length xs) as len
[Tue Mar  3 03:34:03 2015] <irishsultan> it adds a new variable len:nat and a hypothesis (length xs = len)
[Tue Mar  3 03:34:23 2015] <irishsultan> if you do induction on len then you will still have your length that can be used
[Tue Mar  3 03:35:33 2015] <nkar> this does the same: induction (length xs) eqn:foo.
[Tue Mar  3 03:35:42 2015] <irishsultan> ah, good to know
[Tue Mar  3 03:35:44 2015] <nkar> eqn was introduced in the book
[Tue Mar  3 03:35:51 2015] <nkar> but not with induction
[Tue Mar  3 03:36:02 2015] <irishsultan> yeah, but some things I missed. You can also use it with remember
[Tue Mar  3 03:37:03 2015] <irishsultan> if the time between referencing a new tactic/trick and needing it is too long then I'll probably miss it
[Tue Mar  3 03:39:41 2015] <irishsultan> and curse when I finally need it
[Tue Mar  3 03:39:55 2015] <irishsultan> or feel guilty about referencing the manual
[Tue Mar  3 03:58:54 2015] <Cypi> nkar : I would have just done an induction on n, not on (length l), just because it's simpler to me
[Tue Mar  3 04:01:22 2015] <Cypi> and actually it seems necessary
[Tue Mar  3 04:34:40 2015] <irishsultan> ah, you are probably right, as I said I did it in a different way
[Tue Mar  3 04:34:55 2015] <irishsultan> I'm going to try it with the induction and other new knowledge though
[Tue Mar  3 11:16:56 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121501
[Tue Mar  3 11:17:05 2015] <jstolarek> I'm trying to understand this simple proof
[Tue Mar  3 11:17:20 2015] <jstolarek> but I think I don't understand how destruct tactic works
[Tue Mar  3 11:18:44 2015] <jstolarek> I mean I'm looking at the reference manual but I still don't get it :-/
[Tue Mar  3 11:24:40 2015] <JanBessai> jstolarek: try destruct on a natural number
[Tue Mar  3 11:27:50 2015] <JanBessai> you have two constructors: Inductive nat : Set := | O : nat | S : nat -> nat. so for each of them the goal of the current proof (say it is P) will be duplicated. additionally you get all "contents" of the datatype (i.e. constructor arguments) in your current proof context
[Tue Mar  3 11:29:01 2015] <JanBessai> so for the O case, you just have to prove P and for the S case you have to prove P given a natural number that was passed to S (i.e. the predecessor o the number you called destruct on)
[Tue Mar  3 11:29:23 2015] <jstolarek> I need a moment to digest that
[Tue Mar  3 11:30:08 2015] <jstolarek> ok, I still don't follow :-/
[Tue Mar  3 11:30:13 2015] <jstolarek> I mean it must be really trivial
[Tue Mar  3 11:30:33 2015] <jstolarek> I just have problems with understanding this in Coq
[Tue Mar  3 11:30:47 2015] <jstolarek> first of all, how would I call destruct on a nat?
[Tue Mar  3 11:31:16 2015] <JanBessai> if your nat is n and you are in proof mode, you say destrcut n.
[Tue Mar  3 11:31:25 2015] <JanBessai> *destruct
[Tue Mar  3 11:33:01 2015] <Cypi> It's basically a case analysis in maths: "I have a natural number, there are two possible cases : it must be either 0, or the successor of another natural number. If it's 0 then  <proof of your thing>. If it's (S n') then <proof of your thing in this other case>."
[Tue Mar  3 11:33:25 2015] <lpaste> JanBessai pasted “predecessor destruct” at http://lpaste.net/121502
[Tue Mar  3 11:34:17 2015] <jstolarek> hm... why does Definition have a proof?
[Tue Mar  3 11:34:53 2015] <JanBessai> try "Print pred."
[Tue Mar  3 11:35:15 2015] <JanBessai> then you will see that the proof gets compiled into a lambda function
[Tue Mar  3 11:36:21 2015] <JanBessai> it is also informative to see what destruct does - it will create a pattern match on the natural number n
[Tue Mar  3 11:36:39 2015] <jstolarek> give me a moment to play woth this
[Tue Mar  3 11:36:49 2015] <Cypi> jstolarek : Definition, Theorem, Lemma, Example, Corollary are just so many keywords for basically the same thing : you are constructing a term which has a given type. If you do it with tactics or directly in Gallina, it's up to you.
[Tue Mar  3 11:38:11 2015] <jstolarek> ok, so if I write Definition but give only a type, not the body - like JanBessai did with pred - the Coq insists that I construct a proof, ie. create a term of that type
[Tue Mar  3 11:38:14 2015] <jstolarek> correct?
[Tue Mar  3 11:38:20 2015] <alkabetz> Yes, that’s correct.
[Tue Mar  3 11:45:24 2015] <jstolarek> ok, I see how pred works
[Tue Mar  3 11:45:51 2015] <jstolarek> but I still can't figure out the answer for my original question: http://lpaste.net/121501 :-/
[Tue Mar  3 11:47:19 2015] <Cypi> In this case, you're destructing something of the type [P /\ Q]
[Tue Mar  3 11:47:27 2015] <JanBessai> jstolarek: you should first perhaps use intro
[Tue Mar  3 11:47:29 2015] <Cypi> Which is just a notation for [and P Q]
[Tue Mar  3 11:47:37 2015] <Cypi> Inductive and (A B : Prop) : Prop :=  conj : A -> B -> and A B
[Tue Mar  3 11:47:38 2015] <JanBessai> in order to name the thing you get
[Tue Mar  3 11:47:45 2015] <jstolarek> ok, how do I know that 1 refers to /\ ?
[Tue Mar  3 11:48:19 2015] <JanBessai> destruct 1. is the same as: intro. destruct H.
[Tue Mar  3 11:48:20 2015] <irishsultan> I think that 1 refers to the first unnamed hypothesis
[Tue Mar  3 11:48:32 2015] <Cypi> 1 refers to the first non-dependent product :-°
[Tue Mar  3 11:48:45 2015] <Cypi> see [intros until num]
[Tue Mar  3 11:50:01 2015] <jstolarek> ok
[Tue Mar  3 11:50:12 2015] <jstolarek> then why does destruct H0 finish the proof?
[Tue Mar  3 11:51:16 2015] <irishsultan> because there are no way to construct False
[Tue Mar  3 11:52:08 2015] <irishsultan> so it solves the current goal, and replaces it with new goals for all constructors of False
[Tue Mar  3 11:52:23 2015] <irishsultan> which means no more goals
[Tue Mar  3 11:54:25 2015] <jstolarek> I'm not sure what "it solves the current goal" means, but that sounds like a tactic to finish any proof. Obviously what I just said is false, so again I'm not understanding something
[Tue Mar  3 11:55:54 2015] <irishsultan> That is a way to finish any proof, if False is a hypothesis you can prove anything
[Tue Mar  3 11:56:52 2015] <irishsultan> note that in this case you could have used the assumption tactic
[Tue Mar  3 11:57:15 2015] <JanBessai> or "exact H0."
[Tue Mar  3 11:57:43 2015] <jstolarek> ah, ex falso sequitur quodlibet
[Tue Mar  3 11:58:09 2015] <Cypi> Exactly. There is even a tactic called "exfalso" which replaces the current goal with False :p
[Tue Mar  3 12:01:55 2015] <jstolarek> all of this will take some time for me to digest
[Tue Mar  3 12:02:59 2015] <jstolarek> changing the topic, but just slightly:
[Tue Mar  3 12:03:11 2015] <jstolarek> I recall hearing abou a thing called "proof irrelevance"
[Tue Mar  3 12:04:06 2015] <jstolarek> IIRC this meant that if I have two proofs of some fact then these proofs are interchangable
[Tue Mar  3 12:04:11 2015] <jstolarek> not sure it that's correct?
[Tue Mar  3 12:07:53 2015] <Cypi> Hoping you don't find this answer lazy: https://coq.inria.fr/faq#proof-irrelevance
[Tue Mar  3 12:09:29 2015] <jstolarek> that's a very good answer
[Tue Mar  3 12:09:32 2015] <jstolarek> "proof-irrelevance is inconsistent in Set"
[Tue Mar  3 12:09:40 2015] <jstolarek> that was the question I was about to ask
[Tue Mar  3 12:10:01 2015] <jstolarek> I mean that is the answer for the question I was about to ask :-)
[Tue Mar  3 12:11:07 2015] <JanBessai> it is also to be taken with a grain of salt in the real world. since proofs are terms are lambda functions, they may differ in the time you need to execute (normalize) them to the degree that execution theoretically terminates, but practically fails
[Tue Mar  3 12:11:53 2015] <Cypi> Except that terms living in Prop are not supposed to be reduced in the case of Coq, since there are meant to be erasable when you are extracting code.
[Tue Mar  3 12:12:02 2015] <Cypi> s/there/they/
[Tue Mar  3 13:12:16 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121509
[Tue Mar  3 13:12:25 2015] <jstolarek> another question
[Tue Mar  3 13:12:54 2015] <jstolarek> why does or_x_t''' get the type: forall x : Prop, x \/ True
[Tue Mar  3 13:12:57 2015] <jstolarek> and not
[Tue Mar  3 13:13:08 2015] <jstolarek> (x : Prop) -> x \/ True
[Tue Mar  3 13:13:09 2015] <jstolarek> ?
[Tue Mar  3 13:14:58 2015] <Cypi> [(x : Prop) -> x \/ True] is not valid syntax. However, to make a parellel, writing [Prop -> Prop] is the same as writing [forall (_ : Prop), Prop]
[Tue Mar  3 13:16:03 2015] <Cypi> Arrow type and forall are quite the same thing, the difference is that when you write [A -> B], you cannot make B depend on the actual value of type A. But when you write [forall (x : A), B], you can mention the value x in the return type B.
[Tue Mar  3 13:16:07 2015] <Cypi> (not sure if that makes senses)
[Tue Mar  3 13:16:10 2015] <Cypi> (-s)
[Tue Mar  3 13:16:59 2015] <jstolarek> yes, it does
[Tue Mar  3 13:17:16 2015] <jstolarek> from what you're saying it looks that this is only a design choice
[Tue Mar  3 13:17:30 2015] <jstolarek> I mean Agda uses the notation (x : Prop) -> x \/ True
[Tue Mar  3 13:18:00 2015] <jstolarek> Coq uses a different notation, but I don't see a fundamental difference between the two
[Tue Mar  3 13:30:50 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121510
[Tue Mar  3 13:31:06 2015] <jstolarek> I would expect that Eval will result in "1 : nat:
[Tue Mar  3 13:31:15 2015] <jstolarek> but I instead get "const' 0 1 : nat"
[Tue Mar  3 13:31:24 2015] <jstolarek> looks that const' is not simplified. Why
[Tue Mar  3 13:31:25 2015] <jstolarek> ?
[Tue Mar  3 13:31:45 2015] <Cypi> [Eval compute in const' 0 1.]
[Tue Mar  3 13:31:53 2015] <Cypi> The simpl tactic is not agressive enough in this case
[Tue Mar  3 13:32:49 2015] <jstolarek> hm... why?
[Tue Mar  3 13:34:20 2015] <Cypi> You can read the documentation about simpl to know exactly why. But basically, simpl won't unfold a definition if it cannot then do βι-reduction
[Tue Mar  3 13:38:01 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121511
[Tue Mar  3 13:38:11 2015] <jstolarek> ok, another one :-D
[Tue Mar  3 13:38:19 2015] <jstolarek> clearly the functions are slightly different
[Tue Mar  3 13:38:34 2015] <jstolarek> one has inferred arguments, the other does not
[Tue Mar  3 13:38:48 2015] <jstolarek> but Print prints the same code for them :-/
[Tue Mar  3 13:39:34 2015] <Cypi> Why would it print something different? If you do not provide every types, Coq will try to infer what he can from what you told him and generate a complete definition.
[Tue Mar  3 13:40:01 2015] <Cypi> So yes, in the second case, the fact that A and B are of type Type has been inferred, but it doesn't matter after the definition.
[Tue Mar  3 13:40:58 2015] <Cypi> The fact that Coq infers Type is debattable of course, maybe you meant Set or Prop, but that's what it does in this case.
[Tue Mar  3 13:42:16 2015] <jstolarek> well, when I call const' I have to explicitkly give all the arguments
[Tue Mar  3 13:42:23 2015] <jstolarek> whereas in const'' some can be inferred
[Tue Mar  3 13:42:34 2015] <jstolarek> so somehow I expected that the code will somehow differ
[Tue Mar  3 13:42:38 2015] <Cypi> Ah, for this the difference is the fact that you used curly braces { } instead of parentheses ( )
[Tue Mar  3 13:42:45 2015] <jstolarek> yes, I know
[Tue Mar  3 13:43:15 2015] <jstolarek> but somehow I thought that Print gives me some kind of "internal representation" of what I wrote
[Tue Mar  3 13:43:37 2015] <jstolarek> and I thought that inferred arguments will be explicitly marked
[Tue Mar  3 13:43:49 2015] <jstolarek> just like they are marked in the source code using { }
[Tue Mar  3 13:44:34 2015] <Cypi> Print prints the Gallina term that defines your variable.
[Tue Mar  3 13:45:02 2015] <Cypi> In addition, it provides some information such as what arguments will be inferred, this is what the "Arguments A, B are implicit and maximally inserted" is for
[Tue Mar  3 13:45:15 2015] <jstolarek> ok
[Tue Mar  3 13:45:36 2015] <jstolarek> I guess I understand that. It's just that somehow I expected something different :-D
[Tue Mar  3 13:46:08 2015] <Cypi> eh :)
[Tue Mar  3 13:47:38 2015] <jstolarek> perhaps my confusion comes from me being used to Agda
[Tue Mar  3 13:48:41 2015] <Cypi> Maybe, I never used Agda :p
[Tue Mar  3 15:37:20 2015] <pngl> Hi! Is it possible to export implicit types beyond the scope of a .v file?
[Tue Mar  3 20:11:18 2015] <benzrf> hmm.. is Fixpoint necessary,
[Tue Mar  3 20:11:29 2015] <benzrf> couldnt you use induction principles only and have those primitive
[Tue Mar  3 20:11:39 2015] <benzrf> i guess that's a less natural primitive part?
[Tue Mar  3 20:13:00 2015] <jrw> benzrf: Fixpoint is vernacular syntactic sugar over [fix]
[Tue Mar  3 20:14:38 2015] <benzrf> how does fix work
[Tue Mar  3 20:14:50 2015] <benzrf> and i suppose i mean recursive definitions in general
[Tue Mar  3 20:26:26 2015] <jrw> benzrf: what do you mean? fix let's you do recursion. if you understand Fixpoint you understand fix
[Tue Mar  3 20:27:24 2015] <benzrf> hh
[Tue Mar  3 20:27:25 2015] <benzrf> hm
[Tue Mar  3 20:27:28 2015] <benzrf> ok
[Wed Mar  4 11:36:21 2015] <athan> Hi everyone. I've just started toying with Galina, and I see the `Fixpoint` pragma used for recursive definitions. Now, is there also a `Coinductive` pragma for defining coinductive data types? It doesn't sound possible to me, but if it is, would the Fixpoint take the greatest-fixed mapping, while inductive data would take the least fixed mapping?
[Wed Mar  4 11:37:41 2015] <alkabetz> There are CoInductive and CoFixpoint vernacular commands, but I’m sufficiently unfamiliar with them that I can’t meaningfully answer your second question.
[Wed Mar  4 11:45:42 2015] <athan> alkabetz: Ahh okay, thank you!
[Wed Mar  4 12:47:45 2015] <athan> I've been watching the software foundations lectures by B.C.Pierce, and he alluded to haskell programs being /automatically/ created from coq ones. Is this true?
[Wed Mar  4 12:49:20 2015] <Cypi> Yes, that's called extraction: https://coq.inria.fr/refman/Reference-Manual025.html
[Wed Mar  4 13:26:59 2015] <hodapp> pierce has lectures?
[Wed Mar  4 13:40:59 2015] <athan> hodapp: https://www.youtube.com/watch?v=KKrD4JcfW90&list=PLGCr8P_YncjUT7gXUVJWSoefQ40gTOz89&index=1
[Wed Mar  4 13:41:06 2015] <athan> Cypi: Thank you :)
[Wed Mar  4 13:42:57 2015] <hodapp> athan: thanks!
[Wed Mar  4 13:43:05 2015] <athan> :)
[Wed Mar  4 16:04:27 2015] <Choups314> To be able to rewrite under binders/application, I have to define an instance of Proper for all the applications ?
[Wed Mar  4 17:11:16 2015] <schoppenhauer> can I somehow make coq compute an opaque function?
[Wed Mar  4 17:47:57 2015] <johnw> compute in what sense, just get an answer from it?
[Wed Mar  4 17:48:15 2015] <johnw> i'm not sure you can see what the answer is though
[Wed Mar  4 20:40:05 2015] <ccomp> This is probably a basic question, but what's the best way to lex some simple assembly in Coq?
[Wed Mar  4 20:40:31 2015] <ccomp> Basically, if I were trying to lex textual MIPS assembly
[Wed Mar  4 20:53:26 2015] <schoppenhauer> write recursive definitions
[Wed Mar  4 20:53:28 2015] <schoppenhauer> ?
[Wed Mar  4 20:53:45 2015] <schoppenhauer> and maybe combinators?
[Wed Mar  4 20:54:04 2015] <schoppenhauer> (at least that's what I have done so far)
[Thu Mar  5 07:26:55 2015] <jstolarek> does Coq have any way of inferring that a given function is injective, or do I have to prove it by myself?
[Thu Mar  5 07:40:13 2015] <irishsultan> you have to prove it yourself
[Thu Mar  5 07:42:13 2015] <jstolarek> and then appeal to it explicitly whenever it is needed to make progress?
[Thu Mar  5 07:44:19 2015] <irishsultan> yes, although I guess there are ways to automate it
[Thu Mar  5 07:44:25 2015] <irishsultan> haven't really done that yet
[Thu Mar  5 07:44:42 2015] <irishsultan> which function do you need it for?
[Thu Mar  5 07:47:19 2015] <jstolarek> none :-) Just curious
[Thu Mar  5 09:43:29 2015] <jstolarek> Check app_nil_end. tells me:
[Thu Mar  5 09:43:39 2015] <jstolarek> app_nil_end : forall (A : Type) (l : list A), l = l ++ nil
[Thu Mar  5 09:43:58 2015] <jstolarek> then I use app_nil_end like this:
[Thu Mar  5 09:44:14 2015] <jstolarek> rewrite (app_nill_end (some_expr))
[Thu Mar  5 09:44:42 2015] <jstolarek> why is the first argument to app_nil_end omitted in this call to rewrite?
[Thu Mar  5 09:49:21 2015] <ianjneu> jstolarek: if an arugment's type contains a previous type in a function signature, it can always be inferred.
[Thu Mar  5 09:49:52 2015] <ianjneu> list A contains A, so you don't have to write A before you give your expression that is a list A
[Thu Mar  5 09:51:09 2015] <jstolarek> ha, brilliant
[Thu Mar  5 09:51:16 2015] <jstolarek> so this means that if I have
[Thu Mar  5 09:51:36 2015] <ianjneu> It can be a little frustrating if you like to partially apply functions, because the implicit arguments must be inferred from the arguments. You have to supply missing types by using the "uninferring form" of a function name, which has the @ prefix.
[Thu Mar  5 09:52:07 2015] <irishsultan> jstolarek: are you working through software foundations?
[Thu Mar  5 09:52:10 2015] <jstolarek> foo : forall (A : Type) (... : A) (B : Type) (... : B), ... then I can call foo with only 2nd and 4th argument?
[Thu Mar  5 09:52:24 2015] <jstolarek> no, CPDT
[Thu Mar  5 09:53:00 2015] <jstolarek> ianjneu: I'm afraid I don't understand that last part
[Thu Mar  5 09:53:08 2015] <ianjneu> jstolarek: yes, as long as your Coq environment has executed Set Implicit Arguments.
[Thu Mar  5 09:54:22 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/121777
[Thu Mar  5 09:54:29 2015] <jstolarek> ok, one more question
[Thu Mar  5 09:54:42 2015] <jstolarek> why tbinop' (second definition) can't be in Set
[Thu Mar  5 09:54:46 2015] <jstolarek> ?
[Thu Mar  5 09:55:00 2015] <ianjneu> Say you want to pass a partially applied foo to a higher-order function. If the type ordering were foo : forall (A B : Type) (... : A) (... : B)) and you want to just pass the A, the B would be orphaned. You'd have to supply it via (@foo _ some-b-type my-A-expr)
[Thu Mar  5 09:55:28 2015] <jstolarek> ianjneu: that makes sense. thanks.
[Thu Mar  5 09:57:01 2015] <ianjneu> "Type" is subject to what is technically called "typical ambiguity," meaning it really stands for Type_i, where i is some universe level to be figured out by an underlying constraint solver to ensure you don't try to construct the Burali-Forti paradox
[Thu Mar  5 09:57:23 2015] <ianjneu> The universe levels go Prop < Set < Type_0 < Type_1 < ...
[Thu Mar  5 09:58:09 2015] <ianjneu> Set is there mostly historically, but it's also nice to ensure you don't accidentally make "large" constructions, i.e., require going up a universe level.
[Thu Mar  5 09:58:21 2015] <jstolarek> looks like this is above my paygrade :-(
[Thu Mar  5 09:59:02 2015] <ianjneu> jstolarek: nah, typical ambiguity is ambiguous because it usually can be ignored. Don't worry about it.
[Thu Mar  5 09:59:35 2015] <ianjneu> If you're jgross and trying to formalize category theory and "the category of categories" then it slaps you in the face.
[Thu Mar  5 10:00:32 2015] <jstolarek> :-)
[Thu Mar  5 10:01:13 2015] <ianjneu> jstolarek: academia is full of, "CITE ME CITE ME" so easy concepts are given foreboding-sounding names. The Burali-Forti paradox is a restatement of Russell's paradox (ha) in the language of mumble mumble it doesn't matter. It breaks shit.
[Thu Mar  5 10:02:26 2015] <jstolarek> ok :-)
[Thu Mar  5 18:55:56 2015] <benzrf> yes hello i am having an utterly infuriating issue
[Thu Mar  5 18:56:25 2015] <benzrf> http://benzrf.benzrf.com/imgs/90a46b.png
[Thu Mar  5 19:20:49 2015] <benzrf> please help ;-;
[Thu Mar  5 19:24:07 2015] <jrw> benzrf: try [Set Printing All] and then try the rewrite again to get a longer (not necessarily better...) error message
[Thu Mar  5 19:26:36 2015] <benzrf> Found no subterm matching "@cons Type T0
[Thu Mar  5 19:26:38 2015] <benzrf>                             (@Datatypes.app Type e (@cons Type T t))" in X.
[Thu Mar  5 19:26:42 2015] <benzrf> X
[Thu Mar  5 19:26:44 2015] <benzrf>     : lam (@cons Type T0 (@Datatypes.app Type e (@cons Type T t))) A0
[Thu Mar  5 19:27:21 2015] <benzrf> jrw: i see nothing particularly helpful here
[Thu Mar  5 19:27:30 2015] <benzrf> * grinds his teeth
[Thu Mar  5 19:32:07 2015] <jrw> benzrf: if you can post some code I can take a look
[Thu Mar  5 19:32:22 2015] <benzrf> hng
[Thu Mar  5 19:32:27 2015] <benzrf> im ashamed
[Thu Mar  5 20:46:42 2015] <benzrf> hmmm
[Thu Mar  5 20:47:13 2015] <benzrf> if a constructor uses the same thing twice, how do i recover the implied equality when i match on that ctor
[Thu Mar  5 20:47:16 2015] <benzrf> e.g.
[Thu Mar  5 20:47:30 2015] <benzrf> constr : forall n : nat, foo n n
[Thu Mar  5 20:48:12 2015] <benzrf> then later, | constr n => (* somehow can use knowledge that a = b, where my input was of type foo a b *)
[Fri Mar  6 12:31:14 2015] <schoppenhauer> hello. hm, something that frequently happens to me is that I have some theorem about fin's that can just be calculated. in most cases I can hack around with 'do' and 'repeat'. is there any better way?
[Fri Mar  6 13:03:20 2015] <benzrf> what is 'do'
[Fri Mar  6 13:10:56 2015] <schoppenhauer> benzrf: repeat n times.
[Fri Mar  6 13:11:26 2015] <schoppenhauer> is that important?
[Fri Mar  6 13:12:04 2015] <schoppenhauer> anyway .. also, I thought the semantics of (A || B) was to try out A, and if it fails, try B
[Fri Mar  6 13:14:37 2015] <schoppenhauer> apparently it is not.
[Fri Mar  6 13:14:44 2015] <schoppenhauer> so ... what _does_ it do?
[Fri Mar  6 13:47:34 2015] <johnw> schoppenhauer: I thought that's what it did also
[Fri Mar  6 13:47:57 2015] <schoppenhauer> hm. it does. but it interferes with tactics that produce goals strangely
[Fri Mar  6 13:48:28 2015] <schoppenhauer> johnw: is there a "solve" for just one tactic? eG a tactic that that checks whether the next expression solves, and if not, fails?
[Fri Mar  6 13:48:43 2015] <johnw> solve (tactic)?
[Fri Mar  6 13:52:40 2015] <schoppenhauer> hm. ok.
[Fri Mar  6 13:54:18 2015] <schoppenhauer> seems legit
[Fri Mar  6 14:11:53 2015] <Choups314> Hi, is it possible to define "dependent tactics" (Ltac) ?
[Fri Mar  6 14:57:07 2015] <schoppenhauer> where can I see the output of idtac "..."?
[Fri Mar  6 16:45:51 2015] <Choups314> How can I nest a square bracket "[" into a latex documentation ? (for coqdoc)
[Fri Mar  6 16:45:54 2015] <Choups314> The brackets "[" have higher priority (And it then generates coq documentation) ..
[Sat Mar  7 06:02:08 2015] <schoppenhauer> hello. is it possible to extract to coq functions with proofs that these functions really realize the given theorem?
[Sat Mar  7 06:17:02 2015] <johnw> extract from where?
[Sat Mar  7 06:17:21 2015] <johnw> if you're extracting *to* coq, that would have to be the case
[Sat Mar  7 06:56:05 2015] <schoppenhauer> johnw: I have a proposition forall x, exists y, some_prop (x, y) and I want a function f and a proof forall x, y, f (x) = y <-> some_prop (x, y)
[Sat Mar  7 12:06:13 2015] <Choups314> Hi, is it possible to set an automatic coercion from a "full" sigma type to the type itself ? (i.e. a sigma type like { x | True}) ?
[Sat Mar  7 12:36:44 2015] <lpaste> ianjneu pasted “Coerce raises anomaly” at http://lpaste.net/123443
[Sat Mar  7 13:01:08 2015] <Choups314> How can I define a "full sig type" ?
[Sat Mar  7 13:01:40 2015] <Choups314> I'm doing something like  {x | True}, but I don't think it is the better solution
[Sat Mar  7 13:14:22 2015] <ianjneu> Choups314: I don't know what you mean by full.
[Sat Mar  7 13:15:10 2015] <Choups314> ianjneu, Every elements of the subset belong to the "super"set
[Sat Mar  7 13:15:15 2015] <ianjneu> Could you define it simply as your correctness criteria that {x | True} is isomorphic to x?
[Sat Mar  7 13:15:30 2015] <ianjneu> er, {x | P x}
[Sat Mar  7 13:15:52 2015] <ianjneu> {x : A | P x} \cong A
[Sat Mar  7 13:16:16 2015] <Choups314> The problem is that I need a {x | P x} type
[Sat Mar  7 13:17:16 2015] <Choups314> I defined a class that takes a parameter of type {x | P x}. Now I would like to use this class with a "full"subset
[Sat Mar  7 13:17:26 2015] <Choups314> I don't know how to explain it :p
[Sat Mar  7 13:18:17 2015] <Choups314> I defined a math subgroup (algebraic substructure). And I would like for example to prove that R (the reals) is a subgroup of R
[Sat Mar  7 13:18:34 2015] <Choups314> So the second R (the subgroup) must be a sigma type :/
[Sat Mar  7 13:19:03 2015] <ianjneu> And what's breaking?
[Sat Mar  7 13:20:01 2015] <Choups314> Well .. it works but it's really heavy I think :/ (To use something like {x | True})
[Sat Mar  7 13:20:22 2015] <ianjneu> That's the double-edged sword of abstraction.
[Sat Mar  7 13:20:38 2015] <Choups314> :p
[Sat Mar  7 13:21:06 2015] <Choups314> Then I have to unfold/prove everything of the class, while it's obvious that everything is True ..
[Sat Mar  7 13:21:42 2015] <ianjneu> That should all be automatable.
[Sat Mar  7 13:21:54 2015] <ianjneu> Proof. crush. Qed.
[Sat Mar  7 13:22:42 2015] <Choups314> crush ?
[Sat Mar  7 13:22:55 2015] <ianjneu> CPDT's infamous tactic.
[Sat Mar  7 13:23:20 2015] <Anarchos> ianjneu why infamous ?
[Sat Mar  7 13:24:56 2015] <ianjneu> Anarchos: the book forward references so much without a lot of explanation, so you go through several chapters thinking that the lesson has been punted to "magic"
[Sat Mar  7 13:25:18 2015] <ianjneu> "you" being me and other people I know that have tried working through the book.
[Sat Mar  7 13:30:50 2015] <Anarchos> ok
[Sat Mar  7 13:56:27 2015] <benzrf> ianjneu: my experience with crush is
[Sat Mar  7 13:56:46 2015] <benzrf> ianjneu: johnw showed some kind of proof of categoriness or something at hac boston
[Sat Mar  7 13:57:07 2015] <benzrf> ianjneu: and then he scrolled down to the final bit and it was 'crush. crush. crush. crush. crush.' or something
[Sat Mar  7 14:07:25 2015] <ianjneu> benzrf: you're in Boston?
[Sat Mar  7 14:09:28 2015] <ianjneu> as my nick would suggest, I'm at neu in Boston.
[Sat Mar  7 14:10:21 2015] <benzrf> im in maine
[Sat Mar  7 14:12:22 2015] <benzrf> ianjneu: i assumed it was 'ian j neu' or something
[Sat Mar  7 14:12:24 2015] <benzrf> whats neu
[Sat Mar  7 14:12:36 2015] <benzrf> ah
[Sat Mar  7 14:13:04 2015] <ianjneu> Ian Johnson is my name, ya.
[Sat Mar  7 14:13:41 2015] <benzrf> oh
[Sat Mar  7 14:14:01 2015] <ianjneu> I added the neu since ianj was taken on freenode.
[Sun Mar  8 13:23:54 2015] <uucico> is it possible to capture a [let '] pattern in notation?  i'm trying to define notation along the lines of [mylet (a, b, c) x f] for [let '(a, b, c) := x in f].
[Mon Mar  9 11:27:58 2015] <ccomp> schoppenhauer: are you around?
[Mon Mar  9 11:28:17 2015] <ccomp> I didn't see your response last time. Do you have any links to your lexing code?
[Mon Mar  9 11:29:43 2015] <ccomp> is there a generally accepted best way of getting outside code that you're trying to prove things about into Coq?
[Mon Mar  9 11:30:25 2015] <ccomp> I've been looking into different lexing and parsing tools, but pretty much everything is in Ocaml and I don't know of an easy way to either lex and parse in Coq or move lexed/parse Ocaml types and data into Coq
[Mon Mar  9 11:36:05 2015] <johnw> you could axiomatize the function into Coq
[Mon Mar  9 11:36:07 2015] <johnw> prove with those types
[Mon Mar  9 11:36:16 2015] <johnw> and then hook up the axioms to their Ocaml equivalent during extraction
[Mon Mar  9 11:42:59 2015] <ccomp> johnw: I understood some of those words. Do you have a reading suggestion where I could learn more about it?
[Mon Mar  9 11:44:26 2015] <ccomp> Actually, I think I understood most of it. I'm just unfamiliar with axiomatization
[Mon Mar  9 12:37:07 2015] <kba> I have an expression like: (let (acc, _) := fac_v2_acc (S (S n)) 1 1 in acc) =
[Mon Mar  9 12:37:14 2015] <kba> (and more stuff on the other side, ofc)
[Mon Mar  9 12:37:25 2015] <kba> In my proof, I'm going to use the part on the right side of the :=
[Mon Mar  9 12:37:29 2015] <kba> so can I somehow remove the left part?
[Mon Mar  9 12:37:40 2015] <kba> i.e. remove: let (acc, _) :=
[Mon Mar  9 12:38:33 2015] <kba> Does my question make sense?
[Mon Mar  9 14:13:41 2015] <jrw> kba: one way would be [destruct (fac_v2_acc (S (S n)) 1 1)]
[Mon Mar  9 14:24:52 2015] <kba> jrw: that gives me [n0 = S (S n) * (let (acc, _) := fac_v2_acc (S n) 1 1 in acc)]
[Mon Mar  9 14:25:06 2015] <kba> that doesn't really make it much easier for me to proceed, I think
[Mon Mar  9 14:28:47 2015] <jrw> kba: it looks like fac_v2_acc got unfolded or simplified in the process. you can either do another destruct, or try to unfold it in advance. if you post some code I can take a look
[Mon Mar  9 14:32:12 2015] <kba> https://gist.github.com/anonymous/d653f3f9b8976dcd31b4 I think this is the relevant parts, jrw
[Mon Mar  9 14:44:58 2015] <jrw> kba: https://gist.github.com/wilcoxjay/76fe679d68f2ee58d5b3
[Mon Mar  9 14:45:10 2015] <jrw> if you do enough destructs, the lets go away :D
[Mon Mar  9 14:45:25 2015] <jrw> I had to axiomatize your primitive iteration thingie since you didn't include it
[Mon Mar  9 14:45:44 2015] <jrw> you should be able to delete those axioms and replace them with your actual implementation
[Mon Mar  9 14:45:58 2015] <jrw> assuming you have a proof already that primitive iteration meets its spec
[Mon Mar  9 14:47:02 2015] <kba> woah, ok, there's a lot of stuff in there I don't understand. :p
[Mon Mar  9 14:47:05 2015] <kba> What are the -'s for?
[Mon Mar  9 14:47:13 2015] <kba> and the +'s
[Mon Mar  9 14:47:53 2015] <jrw> those are bullets
[Mon Mar  9 14:48:06 2015] <jrw> they're like the "Case foobar" tactics from software foundations
[Mon Mar  9 14:48:09 2015] <jrw> if you're familiar with that
[Mon Mar  9 14:48:19 2015] <kba> Hm, nope
[Mon Mar  9 14:48:25 2015] <jrw> they separate cases
[Mon Mar  9 14:48:33 2015] <jrw> so you don't get confused about which case you're in
[Mon Mar  9 14:48:45 2015] <kba> so it's just for aesthetics?
[Mon Mar  9 14:49:07 2015] <jrw> I guess I would say it's more software engineering than aesthetics, but sure
[Mon Mar  9 14:49:20 2015] <kba> Right
[Mon Mar  9 14:49:24 2015] <jrw> in the same not writing your entire program in main is "just aesthetics"
[Mon Mar  9 14:49:44 2015] <kba> indeed
[Mon Mar  9 14:50:54 2015] <kba> I'm not sure I follow whatever you're doing, especially since there is no H that I can destruct
[Mon Mar  9 14:51:07 2015] <kba> But on line 47
[Mon Mar  9 14:51:10 2015] <kba> is that where you start on fac_v2 (S (S n)) = S (S n) * fac_v2 (S n)?
[Mon Mar  9 14:51:27 2015] <jrw> yeah
[Mon Mar  9 14:51:45 2015] <jrw> the H I destruct is an artifact of the axiomitization of your primitive iteration
[Mon Mar  9 14:51:51 2015] <jrw> you should be able to get rid of it
[Mon Mar  9 14:51:57 2015] <kba> right
[Mon Mar  9 14:52:01 2015] <jrw> then later whenever i rewrite by Hz or Hs
[Mon Mar  9 14:52:14 2015] <jrw> you'll need to have lemmas about primitive iteration to put in there
[Mon Mar  9 14:52:33 2015] <kba> what lemmas?
[Mon Mar  9 14:52:43 2015] <kba> lemmas to unfold the definition?
[Mon Mar  9 14:52:45 2015] <jrw> that your definition of primitive iteration meets the spec you gave me
[Mon Mar  9 14:52:47 2015] <jrw> yeah
[Mon Mar  9 14:52:54 2015] <kba> right, I do have that
[Mon Mar  9 14:57:01 2015] <kba> so what is H here? What can I substitute it with? I'm having a hard time being able to understand what I'm looking at with all this unfolding
[Mon Mar  9 14:57:07 2015] <kba> it's just two big blops to me now :p
[Mon Mar  9 14:58:45 2015] <jrw> yeah, I mean this probably isn't the right way to structure the proof
[Mon Mar  9 14:58:54 2015] <jrw> but it can be done this way
[Mon Mar  9 15:01:53 2015] <kba> Can you explain the [repeat match goal with] thingy?
[Mon Mar  9 15:02:02 2015] <kba> What is it you're destructing?
[Mon Mar  9 15:04:11 2015] <jrw> that looks for all occurences of a "let" and destructs the thing to the right of the ":="
[Mon Mar  9 15:04:22 2015] <jrw> you can get rid of it and do it by hand
[Mon Mar  9 15:06:52 2015] <Anarchos> * is idle: eating
[Mon Mar  9 15:10:50 2015] <kba> jrw: I don't get it. What is being destructed? Can you give an example? What is to the right of := is for instance [pair in (acc * y, S y)) n]
[Mon Mar  9 15:10:57 2015] <kba> that can't be destructed
[Mon Mar  9 15:11:17 2015] <jrw> I mean between the ":=" and the "in"
[Mon Mar  9 15:13:09 2015] <kba> yeah, the line is  let (acc, y) := pair in (acc * y, S y)) n in
[Mon Mar  9 15:13:13 2015] <kba> so that's what I did
[Mon Mar  9 15:13:16 2015] <kba> unless you mean destruct pair
[Mon Mar  9 15:14:22 2015] <kba> but that doesn't make much sense to me either, jrw
[Mon Mar  9 15:16:11 2015] <jrw> yeah, you want to destruct pair
[Mon Mar  9 15:18:46 2015] <kba> I'm not sure how to do that, "Error: Cannot infer the implicit parameter A of pair."
[Mon Mar  9 15:18:51 2015] <kba> That would be acc, no?
[Mon Mar  9 15:19:03 2015] <jrw> haha, what?
[Mon Mar  9 15:19:13 2015] <jrw> I'm confused.
[Mon Mar  9 15:19:17 2015] <kba> Not as much as I
[Mon Mar  9 15:19:26 2015] <kba> I'm trying to turn the code you gave me into something I understand
[Mon Mar  9 15:19:32 2015] <kba> I have no clue how to destruct pair
[Mon Mar  9 15:19:34 2015] <kba> it's just a tuple
[Mon Mar  9 15:19:43 2015] <jrw> can you post what you have?
[Mon Mar  9 15:20:00 2015] <jrw> preferably including the implementation of primitive_iteration
[Mon Mar  9 15:20:14 2015] <jrw> and whatever lemmas you have about it
[Mon Mar  9 15:23:39 2015] <kba> okay, I put everything that's used together https://gist.github.com/anonymous/4871317c6c1e3bd9b75b
[Mon Mar  9 15:24:37 2015] <jrw> unfortunately I have to go
[Mon Mar  9 15:24:40 2015] <jrw> I'll be back in about an hour
[Mon Mar  9 15:24:45 2015] <kba> ah, ok
[Mon Mar  9 15:24:48 2015] <kba> thanks for the help so far
[Mon Mar  9 16:38:13 2015] <jrw> kba: I commented on that gist ( https://gist.github.com/anonymous/4871317c6c1e3bd9b75b )
[Mon Mar  9 16:38:26 2015] <jrw> note that I'm using coq 8.5, so the lemmas may have changed names
[Mon Mar  9 16:38:31 2015] <jrw> but the destruct should be right
[Mon Mar  9 16:43:31 2015] <kba> I finished it using another method; the other stuff seemed like a blind alley ;)
[Mon Mar  9 16:43:37 2015] <kba> but thanks
[Mon Mar  9 18:39:16 2015] <Rc43> Hello.
[Mon Mar  9 18:39:17 2015] <Rc43> What is good introduction to inductives implementation technics?
[Tue Mar 10 06:48:04 2015] <notdan> Hi
[Tue Mar 10 06:48:31 2015] <notdan> What is the way for me to get rid of all the 'exact L's? https://gist.github.com/co-dan/2273b3331292369edee2
[Tue Mar 10 07:51:02 2015] <Cale> notdan: repeat (apply L) seems to work well...
[Tue Mar 10 07:53:09 2015] <notdan> well, only one (apply L)is sufficient
[Tue Mar 10 07:53:19 2015] <notdan> but I will still have to sprinkle that all over the place?
[Tue Mar 10 07:53:50 2015] <notdan> I just don't understand, why can't it find L itself?
[Tue Mar 10 07:58:13 2015] <notdan> Cale: i think i might have to rework my definition of a lattice, but I am not sure
[Tue Mar 10 07:58:30 2015] <Cale> I mean, you can use that in place of the command before it :)
[Tue Mar 10 07:58:50 2015] <Cale> apply is smart enough to work out which part of the record you need, it seems
[Tue Mar 10 08:01:25 2015] <notdan> oooh
[Tue Mar 10 08:01:27 2015] <notdan> wow
[Tue Mar 10 08:01:28 2015] <lpaste> Cale pasted “shorter at least” at http://lpaste.net/124379
[Tue Mar 10 08:01:34 2015] <notdan> I can solve all the goals with just apply L
[Tue Mar 10 08:01:37 2015] <notdan> haha this is great
[Tue Mar 10 08:01:38 2015] <notdan> thanks Cale
[Tue Mar 10 08:02:05 2015] <Cale> and it looks like we can factor even more out...
[Tue Mar 10 08:03:26 2015] <lpaste> Cale revised “shorter at least”: “No title” at http://lpaste.net/124379
[Tue Mar 10 08:03:39 2015] <Cale> now...
[Tue Mar 10 08:09:29 2015] <Cypi> What about this to finish it off? http://lpaste.net/124381
[Tue Mar 10 08:09:34 2015] <Cypi> (bit ugly as it says...)
[Tue Mar 10 08:12:18 2015] <notdan> ahah that's too hardcore :)
[Tue Mar 10 08:14:37 2015] <notdan> there also seems to be something wrong with my coercion
[Tue Mar 10 08:14:47 2015] <notdan> but I don't know much about those :(
[Tue Mar 10 08:16:04 2015] <Cale> oh, that's cute
[Tue Mar 10 08:25:40 2015] <Cale> Cypi: Could you explain why that fail seems to be required?
[Tue Mar 10 08:28:04 2015] <Cypi> If you don't use fail, then the match might use, for example, in the first case : F := join, X := (join x y), Y := z
[Tue Mar 10 08:28:30 2015] <Cypi> So, apply (@transitivity ...) will succeed, then the repeat (apply L) will succeed
[Tue Mar 10 08:28:45 2015] <Cypi> but at this point, the proof will not be finished, because the wrong choice was made in the first place
[Tue Mar 10 08:29:20 2015] <Cypi> however, since we know that the proof could be finished here with the correct choice, adding fail ensures that Coq will try every possible choice until it finds one that completes the proof before the fail
[Tue Mar 10 08:29:28 2015] <Cale> aha, cool
[Tue Mar 10 08:30:10 2015] <notdan> hm I am just not entierly sure what are you talking about
[Tue Mar 10 08:30:15 2015] <notdan> what are F, X, and Y?
[Tue Mar 10 08:30:23 2015] <Cale>     match goal with
[Tue Mar 10 08:30:23 2015] <Cale>     | [ |- context [?F ?X ?Y] ] => apply (@transitivity _ _ _ _ (F X Y)); repeat (apply L); fail
[Tue Mar 10 08:30:23 2015] <Cale>     end.
[Tue Mar 10 08:30:49 2015] <notdan> ah, sorry, I thought you were talking about something else
[Tue Mar 10 08:31:26 2015] <Cypi> More intuitively, this would do the same: solve [apply (@transitivity ...); repeat (apply L)]
[Tue Mar 10 08:40:21 2015] <notdan> What do you folks think about the coercion? Why doesn't it work?
[Tue Mar 10 08:40:50 2015] <Cale> sorry, which coercion?
[Tue Mar 10 08:41:47 2015] <notdan> Coercion lattice_ord_alg
[Tue Mar 10 08:41:48 2015] <notdan> : lattice_order >-> lattice_alg.
[Tue Mar 10 08:42:10 2015] <Cale> oh, right, at the end there, hmm
[Tue Mar 10 08:42:27 2015] <Cale> It seems to be accepted, but with a warning
[Tue Mar 10 08:44:52 2015] <Cale> https://coq.inria.fr/distrib/current/refman/Reference-Manual021.html seems to describe in more detail what the warning means
[Tue Mar 10 08:53:36 2015] <nkar> what's an inductive product?
[Tue Mar 10 08:53:36 2015] <nkar>  
[Tue Mar 10 08:55:18 2015] <nkar> when I try to destruct an inductive definition, I get an error saying that's not an inductive product.
[Tue Mar 10 08:55:45 2015] <Cale> Are you sure that the thing you're trying to destruct is inductively defined?
[Tue Mar 10 08:55:48 2015] <Cale> What is its type?
[Tue Mar 10 08:55:49 2015] <nkar> I expected it to generate n subgoals where n is the number of constructors.
[Tue Mar 10 08:55:56 2015] <nkar> one second
[Tue Mar 10 08:56:29 2015] <Cale> That message usually comes up if you try to apply induction to something which is a function, for example.
[Tue Mar 10 08:57:49 2015] <nkar> Cale: https://gist.github.com/nkaretnikov/3baf1ee07fe0f41646a3
[Tue Mar 10 09:00:55 2015] <nkar> Cale: and I tried [destruct (pal xs)] in [Theorem rev_pal : forall (X : Type) (xs : list X), xs = rev xs -> pal xs.]
[Tue Mar 10 09:01:12 2015] <Cale> pal is a type constructor
[Tue Mar 10 09:01:26 2015] <Cale> If you had a term of type pal xs, you could destruct it
[Tue Mar 10 09:01:40 2015] <Cale> pal xs : Prop
[Tue Mar 10 09:01:54 2015] <Cale> and Prop is not an inductive type
[Tue Mar 10 09:02:53 2015] <nkar> can I do something to [pal] in order to generate subgoals corresponding to value constructors?
[Tue Mar 10 09:04:06 2015] <Cale> You should be trying to destruct xs to decide which constructor of pal to apply.
[Tue Mar 10 09:04:15 2015] <nkar> I understand that the key here is to destruct xs such that the tail is shown too
[Tue Mar 10 09:04:41 2015] <nkar> Cale: if I just destruct xs, it'll generate (x::xs) in the cons case, which is not enough
[Tue Mar 10 09:05:03 2015] <Cale> well, for sure, you need to use init xs
[Tue Mar 10 09:05:10 2015] <nkar> what's init?
[Tue Mar 10 09:05:34 2015] <Cale> uh, I mean the function which removes the last element
[Tue Mar 10 09:07:43 2015] <Cale> It seems like it would be worthwhile to define the function which removes both the first and last element of a nonempty list and the function which adds an element to both the beginning and end of a list, and prove some lemmas about what happens when you compose them
[Tue Mar 10 09:07:47 2015] <nkar> Cale: I don't seem to have it in scope.  and the only way I can define it in Coq (that I know of) is either via Option or by passing the default element in case of [].  how can I state something like: length xs > 1 -> head x, for example?
[Tue Mar 10 09:08:31 2015] <nkar> Cale: interesting
[Tue Mar 10 09:08:35 2015] <nkar> Cale: I'll try that
[Tue Mar 10 09:08:56 2015] <Cale> ah, it's called removelast
[Tue Mar 10 09:09:03 2015] <Cale> (it's called init in Haskell)
[Tue Mar 10 09:09:32 2015] <nkar> Cale: yeah, I know haskell.  just thought you we're referring to some unknown tactic
[Tue Mar 10 09:09:36 2015] <nkar> were
[Tue Mar 10 10:56:01 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/124405
[Tue Mar 10 10:56:23 2015] <jstolarek> I'm trying to understand the second definition
[Tue Mar 10 10:57:00 2015] <jstolarek> here's my reasoning:
[Tue Mar 10 10:57:34 2015] <jstolarek> first argument accepts nat because that's what plus_recursive accepts and returns nat -> nat because that's what plus_recursive returns
[Tue Mar 10 10:58:14 2015] <jstolarek> question: if plus_recursive took more arguments then the first argument would have to be a fun of more arguments?
[Tue Mar 10 10:59:10 2015] <jstolarek> second argument (fun m => m) - that I understand
[Tue Mar 10 10:59:30 2015] <jstolarek> but I'm having trouble wth the third one: (fun _ r m => S (r m))
[Tue Mar 10 11:00:02 2015] <jstolarek> what is the first ignored argument? n : nat quantified with forall in the type of nat_rec?
[Tue Mar 10 11:02:08 2015] <lpaste> jstolarek revised “No title”: “No title” at http://lpaste.net/124405
[Tue Mar 10 11:06:57 2015] <jstolarek> looking at the sugnature of nat_rec I don't see how types match in the last argument...
[Tue Mar 10 11:18:20 2015] <jstolarek> I am also totally surprised by the Theorem - it seems to compare functions for equality!
[Tue Mar 10 11:26:36 2015] <scott> jstolarek: given the P argument (fun _ : nat => nat -> nat), the third argument (forall n : nat, P n -> P (S n)) becomes (forall n : nat, (nat -> nat) -> (nat -> nat)) or (forall _ : nat, (nat -> nat) -> nat -> nat)
[Tue Mar 10 11:26:51 2015] <scott> (fun _ r m => S (r m)) matches _ to the _:nat, r to the nat -> nat, and m to the nat
[Tue Mar 10 11:27:45 2015] <scott> as for that Theorem... I believe that equality will only work if the functions evaluate to completely equivalent terms. they have to unify as terms, not just act the same way on the same arguments
[Tue Mar 10 11:31:08 2015] <scott> so it's an unnecessarily strong form of equality, basically saying the functions have exactly the same implementation
[Tue Mar 10 11:31:49 2015] <scott> after simplification, at least
[Tue Mar 10 11:33:10 2015] <ianjneu> same up to computational algebra
[Tue Mar 10 11:41:19 2015] <schoppenhauer> is there a function that generates the decimal expansion of a nat as a string?
[Tue Mar 10 11:44:59 2015] <ianjneu> schoppenhauer: yes, of course.
[Tue Mar 10 11:45:16 2015] <ianjneu> whether it's a standard library function is a different store.
[Tue Mar 10 11:45:18 2015] <ianjneu> story*
[Tue Mar 10 11:46:13 2015] <schoppenhauer> ...
[Tue Mar 10 11:49:04 2015] <jstolarek> scott: thanks
[Tue Mar 10 11:52:59 2015] <jstolarek> What's the difference between fix and Fixpoint?
[Tue Mar 10 11:54:01 2015] <jstolarek> I suspect that Fixpoint is used in places where Vernacular commands are expected (eg. top-level of a source file)
[Tue Mar 10 11:54:19 2015] <jstolarek> whereas fix is used in places where Gallina terms are expected
[Tue Mar 10 11:54:35 2015] <jstolarek> but other than that these seem to have exactly the same syntax and sematics
[Tue Mar 10 11:54:38 2015] <jstolarek> is that correct?
[Tue Mar 10 11:57:27 2015] <scott> jstolarek: I think Fixpoint is sugar for a Definition involving a fix
[Tue Mar 10 12:01:01 2015] <jstolarek> yes, it's sugar, but I'm trying to figure out the desugaring :-)
[Tue Mar 10 12:06:58 2015] <ianjneu> Fixpoint name (p0 : T0) ... (pn : Tn) := body => Definition name := (fix name (p0 : T0) ... (pn : Tn) := body)
[Tue Mar 10 12:07:36 2015] <ianjneu> or the eta-expansion of that. Not sure.
[Tue Mar 10 12:19:35 2015] <jstolarek> ianjneu: thanks. That's what I suspected
[Tue Mar 10 12:20:00 2015] <jstolarek> sometimes the body of fix end with "for name" - I don't get that part yet
[Tue Mar 10 14:27:05 2015] <benzrf> OH OH
[Tue Mar 10 14:27:20 2015] <benzrf> does rewrite not work right with non Prop s
[Tue Mar 10 14:29:33 2015] <ianjneu> benzrf: probably. eq_ind expects a family of propositions for a motive, right?
[Tue Mar 10 14:32:04 2015] <benzrf> fuck
[Tue Mar 10 14:32:11 2015] <benzrf> it doesnt know to use eq_rect ?
[Tue Mar 10 14:35:15 2015] <ianjneu> ¯\_(ツ)_/¯
[Tue Mar 10 14:36:12 2015] <benzrf> gah
[Tue Mar 10 14:36:23 2015] <benzrf> * uses eq_rect manually
[Tue Mar 10 14:36:27 2015] <ianjneu> I think it does actually. Are you sure it's not something to do with associativity printing ambiguously?
[Tue Mar 10 14:36:36 2015] <benzrf> i turned off notation
[Tue Mar 10 14:36:46 2015] <ianjneu> welp.
[Tue Mar 10 15:00:34 2015] <benzrf> oh christ
[Tue Mar 10 15:00:52 2015] <benzrf> can i get A = B out of (A -> R) = (B -> R)
[Tue Mar 10 15:23:43 2015] <ianjneu> no.
[Tue Mar 10 15:24:09 2015] <ianjneu> I don't think so, anyway.
[Tue Mar 10 15:24:18 2015] <ianjneu> You should try ##hott :P
[Tue Mar 10 15:25:09 2015] <ianjneu> R^A = R^B => A = B in standard algebra, but not sure about generally in category theory.
[Tue Mar 10 15:25:39 2015] <ianjneu> No. That's not right.
[Tue Mar 10 15:26:08 2015] <ianjneu> If R = 1 , then all you have is 1 = 1 => A = B, which is refutable.
[Tue Mar 10 15:32:05 2015] <scott> in other words you can't do it because it could be (A -> ()) = (B -> ()) and this doesn't imply A = B because the argument to the function is ignored?
[Tue Mar 10 15:33:01 2015] <scott> wouldn't A and B have to unify to make that = proof anyway, though? or am I missing something?
[Tue Mar 10 15:33:02 2015] <ianjneu> in so many words, yes.
[Tue Mar 10 15:35:06 2015] <ianjneu> scott: for the = proposition, no.
[Tue Mar 10 15:35:49 2015] <ianjneu> for types A and B, A -> B : Type. So you get (A -> R) = (B -> R) : Type, just like A = B : Type.
[Tue Mar 10 15:55:06 2015] <Cale> ((A -> Type) = (B -> Type)) -> A = B ?
[Tue Mar 10 15:55:17 2015] <Cale> :D
[Tue Mar 10 15:57:38 2015] <benzrf> aaaaaargh
[Tue Mar 10 15:57:49 2015] <benzrf> this was such a lame idea
[Tue Mar 10 15:58:42 2015] <benzrf> in coq doesnt "A = B" mean that they are the same term up to unification
[Tue Mar 10 15:59:02 2015] <benzrf> not necessarily even that they are isomorphic
[Tue Mar 10 15:59:25 2015] <benzrf> so doesnt (nat -> unit) <> (unit -> unit)
[Tue Mar 10 16:03:38 2015] <Cale> benzrf: MLTT is consistent with HoTT, in which the type A = B is isomorphic to the type of equivalences between A and B (roughly isomorphisms)
[Tue Mar 10 16:03:56 2015] <benzrf> a blah
[Tue Mar 10 16:04:04 2015] <Cale> benzrf: But in plain MLTT, you can't prove that
[Tue Mar 10 16:04:18 2015] <benzrf> MLTT?
[Tue Mar 10 16:04:27 2015] <Cale> Martin-Löf type theory
[Tue Mar 10 16:04:47 2015] <benzrf> hrk
[Tue Mar 10 16:04:51 2015] <Cale> Which is almost but not quite the same as what Coq is... close enough.
[Tue Mar 10 16:05:39 2015] <benzrf> is there some kind of connection between co/termination and strict monotonicity
[Tue Mar 10 16:06:19 2015] <ianjneu> benzrf: the Knaster-Tarski theorem?
[Tue Mar 10 16:06:46 2015] <ianjneu> Or as a special, simpilified case, Kleene's theorem
[Tue Mar 10 16:07:40 2015] <ianjneu> Those kinds of termination proofs are the MOST annoying in formal systems.
[Tue Mar 10 16:08:28 2015] <benzrf> * applies google
[Tue Mar 10 16:16:41 2015] <scott> Cale: if HoTT turns out the way people are hoping it turns out, does that mean we'll be able to use isomorphic types more or less interchangeably without friction, or am I misunderstanding the point of univalence? (I'm a pretty amateur type theorist curious how HoTT is expected to impact programming languages)
[Tue Mar 10 16:17:06 2015] <scott> apologies if I'm asking the wrong person :p
[Tue Mar 10 16:18:11 2015] <Cale> scott: "Without friction" is perhaps a *little* much. There's an explicit operation for using equalities.
[Tue Mar 10 16:18:30 2015] <scott> because you have to pick which isomorphism to use, right?
[Tue Mar 10 16:18:45 2015] <Cale> You can think of it that way, yeah.
[Tue Mar 10 16:19:24 2015] <Cale> Of course, MLTT is the same in that regard, but equalities of types aren't necessarily the same thing as isomorphisms -- they're just somewhat hard to obtain.
[Tue Mar 10 16:20:32 2015] <scott> how is that much different from what we can do today? we could already prove isomorphisms and then push things to and from the different types that way
[Tue Mar 10 16:20:52 2015] <scott> does it just remove a bunch of the plumbing when we can treat isomorphic types as equal?
[Tue Mar 10 16:21:07 2015] <Cale> Well, you get lots of nice little results, for example, one of the most elementary things you can do in the logic is to prove:
[Tue Mar 10 16:22:16 2015] <Cale> for all types A, given x, y : A, and C : A -> Type, and given p : x = y, we have p* : C x -> C y
[Tue Mar 10 16:22:41 2015] <Cale> and later (using univalence), we can actually refine that to C x = C y
[Tue Mar 10 16:23:07 2015] <Cale> So, this means if A is the type of groups, say, and C is some construction depending on a choice of group
[Tue Mar 10 16:23:21 2015] <Cale> then we can turn group isomorphisms into isomorphisms of these C constructions
[Tue Mar 10 16:24:35 2015] <Cale> If C is some property of groups, then this says that the property C respects isomorphism of groups
[Tue Mar 10 16:24:56 2015] <Cale> These are things which we'd have to provide special case proofs for if we were using ZFC, for instance.
[Tue Mar 10 16:25:21 2015] <scott> ahh, so you can automatically 'upgrade' isomorphisms between things to isomorphisms between things that depend on those things (roughly speaking)?
[Tue Mar 10 16:25:26 2015] <Cale> yeah
[Tue Mar 10 16:25:51 2015] <Cale> e.g. turn isomorphisms of groups into isomorphisms of their group rings
[Tue Mar 10 16:26:57 2015] <ianjneu> What would be fantastic is a way to separate equalities further along the lines of HTS to bring in a more nuanced view of the more ergonomic OTT.
[Tue Mar 10 16:27:11 2015] <Cale> In ZFC, we often skip the work, but it's formally required to show for every property of groups that we talk about that the property actually respects group isomorphism, and the ZFC proof of that will be different every time, depending on the details of the property.
[Tue Mar 10 16:27:58 2015] <Cale> (of course, nothing special about groups here, I'm just using them as an example)
[Tue Mar 10 16:30:25 2015] <Cale> We use such things all the time in our arguments, and they get in the way of formalisation, because as soon as we want to formalise something in ZFC to the extent that a computer could be convinced, we're faced with a litany of details of this sort where we've implicitly used various isomorphisms to look at our structures a little differently. We're quite good at ignoring them whenever they're sufficiently trivial, but fir
[Tue Mar 10 16:30:25 2015] <Cale> st order logic has no way to deal with them uniformly.
[Tue Mar 10 16:31:15 2015] <scott> so if we wanted to attempt this in regular Coq... we'd be looking at something like: forall A: Type, x, y: A, C: A -> Type, (x <-> y) -> C x -> C y
[Tue Mar 10 16:31:24 2015] <scott> and there's just no way to do that for arbitrary C
[Tue Mar 10 16:32:08 2015] <Cale> (x = y) -> C x -> C y
[Tue Mar 10 16:32:23 2015] <Cale> You can do that in Coq
[Tue Mar 10 16:32:30 2015] <Cale> The part you can't do is get C x = C y
[Tue Mar 10 16:32:32 2015] <scott> yeah, you can do that, but if we wanted to be able to do it without equivalences since we can't upgrade isomorphisms to equivalences
[Tue Mar 10 16:32:52 2015] <Cale> (at least, not without the HoTT stuff)
[Tue Mar 10 16:32:57 2015] <scott> right
[Tue Mar 10 16:34:57 2015] <lpaste> Cale pasted “No title” at http://lpaste.net/124434
[Tue Mar 10 16:35:00 2015] <scott> I'm really curious to see where the HoTT stuff goes from here. before I ever heard of it, the "isomorphic types are equivalent" summary of the univalence axiom was sort of already nagging at my brain
[Tue Mar 10 16:37:16 2015] <scott> one representation might be better than another for computational efficiency, but logically the representation makes no difference
[Tue Mar 10 16:37:48 2015] <johnw> yep
[Tue Mar 10 16:37:59 2015] <scott> does this tie in to proof irrelevancy? you could prove two forms of proof are equivalent
[Tue Mar 10 16:38:10 2015] <johnw> it like a dream platform for Conal's denotational design
[Tue Mar 10 16:38:26 2015] <johnw> yes, I believe proof irrelevancy comes as a theorem from univalence
[Tue Mar 10 16:38:33 2015] <Cale> Well, if you have x, y : A, and p, q : x = y, then p = q is again a type
[Tue Mar 10 16:38:47 2015] <scott> cool
[Tue Mar 10 16:38:55 2015] <Cale> which may or may not be inhabited by elements which again may or may not be equal
[Tue Mar 10 16:39:00 2015] <Cale> and so on and so on
[Tue Mar 10 16:39:02 2015] <johnw> I'm very excited to have an environment based on this theory
[Tue Mar 10 16:39:32 2015] <johnw> it will mean designing and coding using the simplest/best abstraction, and allowing the compiler to choose when/where/why to transform between equivalent representations
[Tue Mar 10 16:39:33 2015] <Cale> HoTT pictures x and y as points, and then p and q as paths between those points, and then elements of p = q are 2D sheets connecting those paths
[Tue Mar 10 16:39:57 2015] <johnw> (or maybe I will need to guide it in places, but I needn't always worry about it)
[Tue Mar 10 16:40:54 2015] <Cale> johnw: I'm not sure that's what it'll really mean in most cases -- maybe eventually.
[Tue Mar 10 16:41:05 2015] <Cale> johnw: But right now, you have to explicitly transport
[Tue Mar 10 16:41:11 2015] <scott> still hard to wrap my head around what is gained...
[Tue Mar 10 16:41:29 2015] <johnw> yes
[Tue Mar 10 16:41:37 2015] <johnw> but in theory, transportation could be determined by the compiler
[Tue Mar 10 16:41:53 2015] <johnw> although, I do wonder if it will be the same sort of problem as automatic paralellization
[Tue Mar 10 16:42:21 2015] <Cale> Well, the problem is, which path you use actually matters
[Tue Mar 10 16:42:23 2015] <johnw> i.e., sometimes frequent transport between certain representations will always be better than persisting in a third representation, and it will be hard to know before executing the code which is better
[Tue Mar 10 16:42:49 2015] <Cale> johnw: I suppose this sort of ties in with what Edward was saying about type classes and canonicity
[Tue Mar 10 16:42:56 2015] <johnw> which Edward?
[Tue Mar 10 16:42:59 2015] <Cale> Kmett
[Tue Mar 10 16:43:08 2015] <scott> it seems like for simple cases, things like (a, ()) could already easily be replaces mechanically by just `a` in all cases, but I guess HoTT would allow you to teach the compiler more such equivalences without built-in understanding/
[Tue Mar 10 16:43:20 2015] <scott> replaced*
[Tue Mar 10 16:43:36 2015] <johnw> scott: right
[Tue Mar 10 16:43:48 2015] <Cale> You'd have a lot of the problems that the other systems with implicit parameter filling have which type classes avoid by uniqueness.
[Tue Mar 10 16:44:01 2015] <johnw> Cale: ah, I see
[Tue Mar 10 16:44:10 2015] <johnw> yeah, HITs have a lot of the feeling of type classes to me
[Tue Mar 10 16:44:18 2015] <Cale> Because you *care* about which proof of equality you use
[Tue Mar 10 16:44:36 2015] <johnw> i.e., you  program to an "interface" abstraction, with the only requirement being that the instances can deform into each oter
[Tue Mar 10 16:44:46 2015] <johnw> yes, in this respect it's very proof relevant
[Tue Mar 10 16:44:47 2015] <Cale> and if you get two proofs of equality between things from different places, you *do not* know they are the same
[Tue Mar 10 16:45:02 2015] <scott> hrm, is it kind of like the program still cares about representation, but univalence lets the type system ignore it to a greater extent?
[Tue Mar 10 16:47:46 2015] <Cale> scott: Well, okay, one thing you gain is that equality has a lot of structure already...
[Tue Mar 10 16:48:13 2015] <Cale> and by turning isomorphisms into equalities, you can take advantage of that structure
[Tue Mar 10 16:49:12 2015] <scott> e.g. making use of the type system's unification algorithm instead of doing all the back-and-forth yourself?
[Tue Mar 10 16:49:14 2015] <johnw> I guess one analogy could be: No matter what language I'm speaking, I'm always the same person, expressing the same ideas; but different languages carry different costs (to effort, to communicability), and I cannot always use my own native language.  So I have to optimize language choice based on circumstances, and this *will* affect how I'm heard, even if the idea in my mind remains uniform.
[Tue Mar 10 16:49:50 2015] <johnw> scott: the paths carry runtime impact as well, since they give you a way to transform data among representations, not just irrelevantly saying "they are transformable"
[Tue Mar 10 16:50:15 2015] <johnw> the type-checker would only care about the latter, but the execution very much requires the formemr
[Tue Mar 10 16:50:27 2015] <johnw> today, you have to express it all manually
[Tue Mar 10 16:50:45 2015] <scott> I guess I need to rethink the runtime representation of paths, too? I can't think of them as just refl and an invocation of unification in the type system
[Tue Mar 10 16:50:54 2015] <Cale> You can inductively give proofs that equality is transitive: that there's a function which given p : y = z and q : x = y, gives you a composite p . q : x = z, that it's symmetric: there's a function which given p : x = y gives you p^-1 : y = x, and then that these satisfy properties, like associativity: p . (q . r) = (p . q) . r, and p . p^-1 = idpath among them
[Tue Mar 10 16:51:11 2015] <johnw> so as with any advance in CS, what we gain is another level of abstraction at the foundationals of our thinking about how to construct programs
[Tue Mar 10 16:51:21 2015] <johnw> right, "just refl" is no longer the case
[Tue Mar 10 16:51:33 2015] <Cale> and then various coherence laws that those things themselves satisfy
[Tue Mar 10 16:51:57 2015] <Cale> That's all stuff which you can prove almost for free about equality
[Tue Mar 10 16:51:58 2015] <johnw> I wonder if refl could be called "equality blindness"
[Tue Mar 10 16:52:14 2015] <Cale> what?
[Tue Mar 10 16:52:25 2015] <Cale> UIP might be called equality blindness
[Tue Mar 10 16:52:29 2015] <johnw> don't you lose the path of the equality?
[Tue Mar 10 16:52:35 2015] <Cale> refl *is* a path
[Tue Mar 10 16:52:44 2015] <johnw> oh, thanks for clarifying that
[Tue Mar 10 16:52:55 2015] <Cale> For each x in A, you have a path  refl x : x = x
[Tue Mar 10 16:53:23 2015] <scott> is refl just the identity path, then, and HoTT lets you move beyond just id?
[Tue Mar 10 16:53:50 2015] <Cale> MLTT already contains within it the potential for non-identity paths
[Tue Mar 10 16:53:58 2015] <Cale> but it doesn't give you any way to get hold of them
[Tue Mar 10 16:54:11 2015] <johnw> Cale: I think I was thinking that in a system where refl is your only proof of equality, then you have equality blindness, but maybe that's just wrong too
[Tue Mar 10 16:54:19 2015] <Cale> In the same way as in the first order theory of groups, you can't prove that there's a non-identity element of your group
[Tue Mar 10 16:55:16 2015] <Cale> but of course, in most groups, there will be non-identity elements, but since in the first order theory of groups, you can only prove things which hold of the elements of an arbitrary group, you have no hope of showing exists x. not (x = 1)
[Tue Mar 10 16:55:22 2015] <johnw> i keep forgetting that we're talking about equivalences, being equivalent to equality, rather than just equality
[Tue Mar 10 16:55:28 2015] <Cale> (because the trivial group is a group)
[Tue Mar 10 16:56:24 2015] <scott> would the representation of path be a bijective function? (or something isomorphic to that representation...)
[Tue Mar 10 16:56:37 2015] <Cale> So the uniqueness of identity paths axiom, that for any type A, and any x, y : A, and p, q: x = y, we have p = q, is kind of like an axiom which in the theory of groups would read  forall x. x = 1
[Tue Mar 10 16:56:39 2015] <scott> or in other words a pair of functions and proofs that they are inverse
[Tue Mar 10 16:57:01 2015] <Cale> oh, I have to go, bbiab
[Tue Mar 10 16:59:12 2015] <johnw> scott: pretty much, a path is an isomorphism
[Tue Mar 10 16:59:30 2015] <johnw> or equivantely, a morphism in a groupoid
[Tue Mar 10 16:59:55 2015] <johnw> and every path has its own identity paths, etc., up to infinity
[Tue Mar 10 17:06:44 2015] <scott> it's kind of curious how the univalence axiom implies something that also looks like the univalence axiom
[Tue Mar 10 17:07:42 2015] <scott> it says identity is equivalent to equivalence, which implies identity is identical to equivalence, or something like that
[Tue Mar 10 17:14:37 2015] <johnw> identity is not identical to every equivalence
[Tue Mar 10 17:14:40 2015] <johnw> it's identical to refl
[Tue Mar 10 17:14:58 2015] <johnw> equivalence is equivalent to every equality, though
[Tue Mar 10 17:15:38 2015] <scott> I guess... we have some notion of equivalence we can build within the type system, and we have a notion of identity/equality built in to the type system, and the univalence axiom asserts that one of these notions is as good as the other
[Tue Mar 10 17:15:57 2015] <johnw> I think that's right
[Tue Mar 10 17:16:20 2015] <scott> I guess UA is a path between an equivalence and the built-in equality?
[Tue Mar 10 17:16:47 2015] <johnw> I _think_ that's right too, I know HoTT chapter 1 speaks to that
[Tue Mar 10 17:19:52 2015] <scott> I'm a bit confused how you would represent UA / what kind of computational meaning it has. is this not an issue? an unsolved issue? or actually already figured out?
[Tue Mar 10 17:20:12 2015] <johnw> I think that's the meat of what they're working on
[Tue Mar 10 17:20:18 2015] <scott> okay, cool
[Tue Mar 10 17:21:22 2015] <AnarchosF> CPDT is not compliant with coq 8.5
[Tue Mar 10 17:21:36 2015] <johnw> AnarchosF: that's not much of a surprise, since 8.5 is very new and CPDT isn't
[Tue Mar 10 17:22:06 2015] <AnarchosF> johnw the implicit arguments behave differently.
[Tue Mar 10 17:22:18 2015] <johnw> they sure do
[Tue Mar 10 17:22:28 2015] <johnw> and arguments to constructors
[Tue Mar 10 17:22:55 2015] <AnarchosF> but cpdt is really nice to read (just a bit too concise).
[Tue Mar 10 17:23:04 2015] <AnarchosF> th first part was really well weird :)
[Tue Mar 10 17:23:12 2015] <johnw> it makes sense the second time you read it
[Tue Mar 10 17:23:21 2015] <johnw> i.e., why it's presented the way it is
[Tue Mar 10 17:23:41 2015] <AnarchosF> johnw that is why i am reading the following parts :) i had to stop at inductive predicates.
[Tue Mar 10 18:11:51 2015] <Anarchos> There should be an option to specify the folder of camlp4 : i had to tweak the configure.ml
[Tue Mar 10 18:35:07 2015] <Cale> scott: There's a sort of partial solution to it -- there's a model of homotopy type theory in terms of something called cubical sets, and then a computational interpretation for cubical sets. What we'd really like to have is an understanding of the computational meaning directly though, as some kind of syntactical reduction, so there's some work on type systems that would allow for such a thing.
[Tue Mar 10 18:36:43 2015] <scott> interesting
[Wed Mar 11 02:46:52 2015] <nkar> Cale: around?
[Wed Mar 11 02:55:07 2015] <nkar> Cale suggested yesterday that in order to prove a theorem, I need to define the function removing the first and last element of a nonempty list.  can I express that a certain function takes a nonempty list?  I don't think so: that'd mean that such a function is partial, which is not allowed, iiuc.  I could probably define a new type for nonempty lists, but that won't help me to prove my theorem since it talks about ordinary lists, and I
[Wed Mar 11 02:55:07 2015] <nkar> cannot go from them to nonempty due to [].  or am I missing something?
[Wed Mar 11 02:57:36 2015] <johnw> instead of just taking a list, you can take a list with a proof that it's size > 0
[Wed Mar 11 02:57:42 2015] <johnw> or, take an element and a list
[Wed Mar 11 02:58:15 2015] <nkar> johnw: could you show how to do the former?
[Wed Mar 11 02:58:31 2015] <nkar> (fyi, I'm currently trying to define it as a theorem)
[Wed Mar 11 02:58:34 2015] <johnw> I can do better than that
[Wed Mar 11 02:58:46 2015] <johnw> https://github.com/jwiegley/linearscan/blob/master/NonEmpty.v
[Wed Mar 11 02:58:52 2015] <nkar> :)
[Wed Mar 11 02:59:01 2015] <johnw> can you show me the type of what you want to prove?
[Wed Mar 11 02:59:13 2015] <nkar> sure, one sec
[Wed Mar 11 02:59:38 2015] <nkar> it's from sf: [Theorem rev_pal : forall (X : Type) (xs : list X), xs = rev xs -> pal xs.]
[Wed Mar 11 02:59:55 2015] <johnw> ah
[Wed Mar 11 03:01:22 2015] <nkar> the trick here is to destruct the list as (x :: xs ++ [y]), which is a challenge
[Wed Mar 11 03:01:42 2015] <johnw> so, yeah, you want a helper lemma of the form: Lemma rev_pal_length : forall X n l, length l <= n -> l = rev l -> pal X l.
[Wed Mar 11 03:02:20 2015] <johnw> for any list whose length is less than some n, we can prove the lemma
[Wed Mar 11 03:02:34 2015] <nkar> someone suggested this already, but I couldn't prove it
[Wed Mar 11 03:02:37 2015] <johnw> this is easier than proving the general case
[Wed Mar 11 03:02:47 2015] <nkar> I don't recall the details
[Wed Mar 11 03:02:49 2015] <johnw> but, using that lemma, you can then prove the general case rather easily
[Wed Mar 11 03:02:57 2015] <johnw> you'll need some other lemmas too
[Wed Mar 11 03:03:09 2015] <johnw> like Lemma length_snoc : forall X x (l : list X), length (snoc l x) = S (length l).
[Wed Mar 11 03:03:14 2015] <johnw> which then needs
[Wed Mar 11 03:03:17 2015] <johnw> Lemma app_length : forall (X:Type) (l1 l2 : list X), length (l1 ++ l2) = length l1 + length l2.
[Wed Mar 11 03:03:32 2015] <johnw> but it's fairly straightforward
[Wed Mar 11 03:03:37 2015] <johnw> one hint is to destruct the (rev l)
[Wed Mar 11 03:03:45 2015] <johnw> that's the only tricky bit I can see
[Wed Mar 11 03:04:36 2015] <nkar> johnw: "instead of just taking a list, you can take a list with a proof that it's size > 0" the link you pasted doesn't show how to do this, does it?  NE_from_list accepts a default value.
[Wed Mar 11 03:05:07 2015] <johnw> ignore my first link
[Wed Mar 11 03:05:12 2015] <johnw> i thought you were after something else
[Wed Mar 11 03:05:19 2015] <nkar> :)
[Wed Mar 11 03:05:33 2015] <nkar> okay, I'll try the suggested lemmas (again)
[Wed Mar 11 03:06:33 2015] <nkar> and thanks!
[Wed Mar 11 03:06:40 2015] <johnw> sure
[Wed Mar 11 04:51:58 2015] <nkar> johnw: how do I get anything useful out of the length hypothesis in rev_pal_length?  how do I keep the initial hypothesis after using inversion on it, for instance?
[Wed Mar 11 09:29:35 2015] <benzrf> hmmmmmmmmm
[Wed Mar 11 09:29:54 2015] <benzrf> is it just me or is it impossible to prove the undecidability of termination in coq?
[Wed Mar 11 09:30:22 2015] <benzrf> er, hold on
[Wed Mar 11 09:31:13 2015] <benzrf> i wrote up the stlc w/ fix & defined a function that performs a reduction step. but from here, at least, i dont think i can do the proof
[Wed Mar 11 09:31:13 2015] <ianjneu> undecidability is not provable unless you build in a deep embedding of some other model of computation. The negation of (P or not P) is refutable, as you may have seen the double negation of LEM: not not (P or not P)
[Wed Mar 11 09:31:26 2015] <benzrf> ah
[Wed Mar 11 09:32:06 2015] <benzrf> was gonna say i needed to be able to do case analysis on the result of the halting-checker
[Wed Mar 11 09:32:10 2015] <ianjneu> The logic is unaware that it is about computable functions.
[Wed Mar 11 09:32:14 2015] <benzrf> indeed
[Wed Mar 11 09:32:25 2015] <benzrf> what if though
[Wed Mar 11 09:32:44 2015] <benzrf> what if i made stlc *without* fix, and then a larger type /with/ fix
[Wed Mar 11 09:33:13 2015] <benzrf> then i could prove that no term of the plain stlc can solve halting for the turing complete stlc, couldnt it?
[Wed Mar 11 09:33:23 2015] <benzrf> but i guess that's considerably weaker than the full theorem
[Wed Mar 11 09:34:27 2015] <benzrf> ianjneu: er maybe i used porr phrasing earlier
[Wed Mar 11 09:34:34 2015] <ianjneu> STLC without fix is terminating by a logical relation argument that I believe is in the software foundations book.
[Wed Mar 11 09:34:40 2015] <benzrf> ianjneu: to be more precise, what i was trying to prove is that
[Wed Mar 11 09:35:54 2015] <benzrf> there doesnt exist a term of the stlc + fix that, when applied to a representation of a lambda term, will terminate as one of two terms that then correlates with the haltingness of the passed term
[Wed Mar 11 09:35:58 2015] <benzrf> so something like
[Wed Mar 11 09:35:59 2015] <ianjneu> The usual construction of undecidability doesn't really work, since your decision comes from the metalanguage, and not the language itself.
[Wed Mar 11 09:36:56 2015] <benzrf> ~exists oracle, forall l, reduces (app oracle (encode l)) lam_true <-> halts l
[Wed Mar 11 09:37:05 2015] <benzrf> ^what i was thinking of
[Wed Mar 11 09:37:12 2015] <ianjneu> You don't get a "halts or not" decision program in STLC + fix, you just get a proposition that says computation reaches a value, or every reachable state of computation has a next step.
[Wed Mar 11 09:37:24 2015] <benzrf> ianjneu: i know
[Wed Mar 11 09:37:42 2015] <ianjneu> l : LC_Term?
[Wed Mar 11 09:37:45 2015] <benzrf> yeah
[Wed Mar 11 09:37:52 2015] <benzrf> oracle also LC_Term
[Wed Mar 11 09:38:22 2015] <benzrf> encode being something that turns an lc term into its church encoding
[Wed Mar 11 09:38:29 2015] <benzrf> as would be needed for an algo to examine it
[Wed Mar 11 09:39:01 2015] <ianjneu> Your statement is too weak. You need to know that the oracle always halts too
[Wed Mar 11 09:39:21 2015] <benzrf> lam_true is normal
[Wed Mar 11 09:39:24 2015] <benzrf> oh i see
[Wed Mar 11 09:39:39 2015] <benzrf> nice
[Wed Mar 11 09:39:52 2015] <benzrf> adding that, though
[Wed Mar 11 09:39:53 2015] <ianjneu> I think you'll need a Scott encoding. Church encodings don't typecheck well.
[Wed Mar 11 09:40:10 2015] <benzrf> ffft
[Wed Mar 11 09:40:14 2015] <benzrf> not the point
[Wed Mar 11 09:40:17 2015] <benzrf> ianjneu: i can't prove that, right?
[Wed Mar 11 09:40:28 2015] <benzrf> oh no wait
[Wed Mar 11 09:40:46 2015] <benzrf> yes, if i have the condition that it halts
[Wed Mar 11 09:40:53 2015] <benzrf> then i /can/ destruct on what it halts at
[Wed Mar 11 09:41:02 2015] <benzrf> oooh
[Wed Mar 11 09:43:21 2015] <ianjneu> How do you encode (if (oracle lc_encoding) omega true)?
[Wed Mar 11 09:43:37 2015] <benzrf> hmm
[Wed Mar 11 09:46:08 2015] <benzrf> sorry im in class brb
[Wed Mar 11 13:01:05 2015] <schoppenhauer> hello. coq keeps complaining about "Wrong" argument names (in implicit arguments that I need to give explicitly), even though the argument names are the ones I declared.
[Wed Mar 11 13:02:22 2015] <schoppenhauer> I can use @Name, but that is ... strange
[Wed Mar 11 14:19:52 2015] <ianjneu> do you give the implicit arguments in the same declared order?
[Wed Mar 11 16:30:04 2015] <benzrf> ianjneu: hi
[Wed Mar 11 16:30:14 2015] <benzrf> 09:43:21       ianjneu │ How do you encode (if (oracle lc_encoding) omega true)?
[Wed Mar 11 16:30:23 2015] <benzrf> ianjneu: i assume exactly like that?
[Wed Mar 11 16:37:20 2015] <ianjneu> benzrf: ya, I didn't get the thought out that I really wanted to get out, which was how to use your statement about omega's functionality to derive False.
[Wed Mar 11 16:38:13 2015] <benzrf> you mean oracle's?
[Wed Mar 11 16:38:21 2015] <ianjneu> yes
[Wed Mar 11 16:39:41 2015] <ianjneu> I'd need ~ exists oracle, (forall v, reduces (app oracle (encode l)) v -> normal_form v -> {v = lam_true \/ v = lam_false}) <-> halts l
[Wed Mar 11 16:39:49 2015] <benzrf> oh right
[Wed Mar 11 16:39:57 2015] <benzrf> ianjneu: wait, normal_form v?
[Wed Mar 11 16:39:59 2015] <benzrf> why?
[Wed Mar 11 16:40:30 2015] <benzrf> hold on i think you mangled that a little
[Wed Mar 11 16:40:33 2015] <ianjneu> whenever oracle terminates (evaluates to a normal form), it produces a boolean.
[Wed Mar 11 16:40:34 2015] <benzrf> let me write what i think is needed
[Wed Mar 11 16:41:10 2015] <ianjneu> oh, right, ya that is mangled a little
[Wed Mar 11 16:42:30 2015] <ianjneu> ~ exists oracle, forall v, normal_form v -> reduces (app oracle (encode l)) v -> (v = lam_true /\ halts l) \/ (v = lam_false /\ ~ halts l)
[Wed Mar 11 16:42:58 2015] <benzrf> ~exists oracle, forall l, halts (app oracle (encode l)) / reduces (app oracle (encode l)) l_true <-> halts l
[Wed Mar 11 16:43:20 2015] <ianjneu> ?
[Wed Mar 11 16:43:24 2015] <benzrf> fuck
[Wed Mar 11 16:43:26 2015] <benzrf> ~exists oracle, forall l, halts (app oracle (encode l)) /\ reduces (app oracle (encode l)) l_true <-> halts l
[Wed Mar 11 16:43:43 2015] <benzrf> my stupid latex notation plugin thing kills backslash-space
[Wed Mar 11 16:44:16 2015] <benzrf> hrm wait im missing something here
[Wed Mar 11 16:44:22 2015] <ianjneu> oracle has to always halt no matter what, so there's still something missing.
[Wed Mar 11 16:44:24 2015] <benzrf> ah no wait
[Wed Mar 11 16:44:33 2015] <benzrf> ianjneu: it does?
[Wed Mar 11 16:44:39 2015] <benzrf> hold up
[Wed Mar 11 16:44:50 2015] <ianjneu> benzrf: ya, it has to be a decision procedure
[Wed Mar 11 16:45:02 2015] <benzrf> wait give me 1 minute
[Wed Mar 11 16:46:13 2015] <benzrf> no yeah pretty sure that's right
[Wed Mar 11 16:47:28 2015] <benzrf> ianjneu: i only need to destruct on the oracle's result when applied to the encoding of contrarian ( good name? )
[Wed Mar 11 16:47:46 2015] <benzrf> ianjneu: so i only need to know that it terminates on that
[Wed Mar 11 16:48:58 2015] <benzrf> * goes back and rewrites his code to use the untyped LC
[Wed Mar 11 16:49:35 2015] <benzrf> my shitty attempt at HOAS ended up requiring so much inversion that my reduction and substition functions are defined using tactic mode :|
[Wed Mar 11 16:50:09 2015] <ianjneu> PHOAS is necessary in a proof environment.
[Wed Mar 11 16:50:22 2015] <ianjneu> otherwise you get exotic terms.
[Wed Mar 11 16:50:37 2015] <ianjneu> (fexpr-like things)
[Wed Mar 11 17:04:02 2015] <benzrf> fexpr
[Wed Mar 11 17:04:05 2015] <benzrf> ah
[Wed Mar 11 17:04:17 2015] <benzrf> wait, fexprs take code and give values right
[Wed Mar 11 17:04:30 2015] <benzrf> just auto-quoting
[Wed Mar 11 17:04:34 2015] <benzrf> or is it values->code
[Wed Mar 11 17:05:56 2015] <schoppenhauer> yay. again I can segfault coq \o/
[Wed Mar 11 17:06:05 2015] <benzrf> good job
[Wed Mar 11 17:09:01 2015] <benzrf> ianjneu: how does that work?
[Wed Mar 11 17:14:12 2015] <benzrf> argh
[Wed Mar 11 17:15:24 2015] <ianjneu> benzrf: PHOAS asserts a parametricity axiom so that you get substution from function application. Adam Chlipala has a few papers on it.
[Wed Mar 11 17:16:28 2015] <ianjneu> Essentially you quantify over the type for names and use a free theorem that the only way to produce a term with the appropriate type is to perform the substitution you mean.
[Wed Mar 11 19:41:41 2015] <schoppenhauer> can I tell coq to extract something different from a constant to some specific term?
[Wed Mar 11 20:35:00 2015] <benzrf> ianjneu: hm
[Wed Mar 11 20:35:13 2015] <benzrf> ianjneu: how can you have exotic terms w/o that
[Wed Mar 11 20:35:18 2015] <benzrf> whats an example?
[Wed Mar 11 21:28:35 2015] <johnw> schoppenhauer: can you give an example of what you mean?
[Wed Mar 11 21:30:52 2015] <schoppenhauer> johnw: I proved something. but its extracted term is too inefficient at present. so for testing, I would like to tell coq to overload function calls to this.
[Wed Mar 11 21:35:07 2015] <johnw> sure you can do that
[Wed Mar 11 21:35:20 2015] <johnw> you can tell Coq to use specific types/constructors, and specific functions
[Wed Mar 11 23:33:22 2015] <benzrf> hey if i import setoid i can rewrite using iff
[Wed Mar 11 23:33:23 2015] <benzrf> whats up with taht
[Wed Mar 11 23:33:26 2015] <benzrf> axioms?
[Wed Mar 11 23:36:41 2015] <johnw> did those three sentences relate to each other?
[Wed Mar 11 23:38:23 2015] <benzrf> hmm uh
[Wed Mar 11 23:38:36 2015] <benzrf> something something iff rewrite needs hott
[Wed Mar 11 23:39:34 2015] <johnw> you should try it
[Wed Mar 11 23:42:07 2015] <benzrf> er, does it?
[Wed Mar 11 23:56:37 2015] <benzrf> tfw coq doesnt allow out-of-order definitions
[Thu Mar 12 00:17:53 2015] <benzrf> night
[Thu Mar 12 04:42:23 2015] <chushumo> Hi
[Thu Mar 12 05:01:38 2015] <stevechu> \exit
[Thu Mar 12 05:01:50 2015] <chushumo> \join haskell
[Thu Mar 12 05:02:07 2015] <stevechu> \join sml
[Thu Mar 12 06:44:56 2015] <nkar> does (rev zs ++ [z]) ++ [y] mean that rev is applied to zs?
[Thu Mar 12 09:17:36 2015] <jstolare1> I'm trying to understand definition of ex
[Thu Mar 12 09:18:06 2015] <jstolare1> what does "exists mean" ?
[Thu Mar 12 09:18:28 2015] <jstolarek> ex_intro : forall x : A, P x -> exists x, P x
[Thu Mar 12 09:19:06 2015] <jstolarek> definition given in CPDT differs slightly, so I assume this must have changed in the recet versions of Coq
[Thu Mar 12 09:23:48 2015] <benzrf> jstolarek: how does it different?
[Thu Mar 12 09:25:25 2015] <jstolarek> ex_intro : forall x : A, P x -> ex P
[Thu Mar 12 09:25:29 2015] <jstolarek> that's the book version
[Thu Mar 12 09:25:45 2015] <jstolarek> both have common signature:
[Thu Mar 12 09:26:04 2015] <jstolarek> Inductive ex (A : Type) (P : A -> Prop) : Prop :=
[Thu Mar 12 09:27:01 2015] <jstolarek> benzrf: ^^^
[Thu Mar 12 09:27:41 2015] <benzrf> jstolarek: oh just a notational difference
[Thu Mar 12 09:27:57 2015] <Cypi> [exists x, P x] is a notation for [ex (fun x => P x)]
[Thu Mar 12 09:28:01 2015] <benzrf> jstolarek: exists x, P x is notation for ex (x => P x) which is then eta equivalent to ex P
[Thu Mar 12 09:29:57 2015] <jstolarek> I see
[Thu Mar 12 09:30:02 2015] <jstolarek> one more question
[Thu Mar 12 09:30:12 2015] <jstolarek> The book proves this theorem:
[Thu Mar 12 09:30:27 2015] <jstolarek> Theorem exist1 : exists x : nat, x + 1 = 2.
[Thu Mar 12 09:30:43 2015] <jstolarek> First step is a tactic "exists 1"
[Thu Mar 12 09:30:53 2015] <jstolarek> could someone explain how that tactic works?
[Thu Mar 12 09:31:11 2015] <jstolarek> I looked at the manual but the explanation was too cryptic for me :-/
[Thu Mar 12 09:32:28 2015] <Cypi> The intended meaning of this tactic is, when the goal is of the form [exists x, P x], you can use [exists y] to say "y is a witness such that P y". So then, you'll have to prove P y.
[Thu Mar 12 09:33:04 2015] <Cypi> So when you want to prove that there exists x such that P x, using [exists y] is like saying "For example, y is such that P y. Now we prove P y."
[Thu Mar 12 09:33:39 2015] <jstolarek> ok, so it's basically like finding a single example that holds?
[Thu Mar 12 09:33:47 2015] <Cypi> yes
[Thu Mar 12 09:33:57 2015] <jstolarek> that makes sense
[Thu Mar 12 09:34:15 2015] <jstolarek> though I'm surprised seeing that the goal gets simplified to 1+1=2
[Thu Mar 12 09:35:02 2015] <Cypi> Well, in this case, [P x] is actually [x + 1 = 2]. So if you assert that 1 is a witness, then you need to prove [P 1], which is [1 + 1 = 2].
[Thu Mar 12 09:35:42 2015] <jstolarek> ah
[Thu Mar 12 09:35:43 2015] <jstolarek> I see
[Thu Mar 12 09:35:50 2015] <jstolarek> when I say
[Thu Mar 12 09:35:55 2015] <jstolarek> exists foo
[Thu Mar 12 09:36:00 2015] <jstolarek> the foo is the witness?
[Thu Mar 12 09:36:33 2015] <Cypi> yes
[Thu Mar 12 09:36:40 2015] <jstolarek> I somehow thought that this 1 refers to the goal number or something like it does in tactics like constructor or destruct
[Thu Mar 12 09:36:46 2015] <Cypi> Not in this case :)
[Thu Mar 12 09:36:54 2015] <jstolarek> that was misleading
[Thu Mar 12 09:36:55 2015] <Cypi> 1 here is really just a nat
[Thu Mar 12 10:42:04 2015] <schoppenhauer> hello. I am trying to use FMapAVL (https://coq.inria.fr/library/Coq.FSets.FMapAVL.html) I need the lemma "add_eq_o", but I cannot figure out how to import and access it.
[Thu Mar 12 10:59:25 2015] <schoppenhauer> can somebody please help me. I have my problems with understanding the module system.
[Thu Mar 12 11:01:01 2015] <benzrf> hmmm
[Thu Mar 12 11:01:19 2015] <benzrf> in my simply typed LC i have an uninhabited type void and then arrow type and that's all
[Thu Mar 12 11:01:31 2015] <benzrf> that kind of makes church encoding tricky since no parametricity
[Thu Mar 12 11:01:49 2015] <benzrf> what should i use instead?
[Thu Mar 12 11:02:01 2015] <schoppenhauer> nvm @ my question
[Thu Mar 12 11:05:09 2015] <ianjneu> benzrf: uninhabited? Not a unit type?
[Thu Mar 12 11:25:49 2015] <schoppenhauer> ok. now ... I don't get the lemma cardinal_2 ... even though I have Module M := FMapAVL.Make(Nat_as_OT) and Module N := FMapFacts.Facts M, it does not find cardinal_2
[Thu Mar 12 11:27:49 2015] <schoppenhauer> SearchAbout M.cardinal only lists M.cardinal_1
[Thu Mar 12 11:40:30 2015] <jstolarek> which command invokes SearchRewrite in Proof General ?
[Thu Mar 12 11:40:46 2015] <jstolarek> It looks like it doesn't have a default binding
[Thu Mar 12 11:41:11 2015] <irishsultan> So does the documentation you linked earlier
[Thu Mar 12 11:44:49 2015] <schoppenhauer> was that @me?
[Thu Mar 12 11:45:28 2015] <benzrf> ianjneu: why would a unit type be useful
[Thu Mar 12 11:45:53 2015] <benzrf> ianjneu: i can accomplish the same thing with (void -> void) and explicit unit would need a new term
[Thu Mar 12 11:47:20 2015] <benzrf> void is only there so that i have somewhere to stop nesting the arrows :)
[Thu Mar 12 11:48:41 2015] <ianjneu> benzrf: okay sure. Are you trying to encode LC terms?
[Thu Mar 12 11:49:04 2015] <benzrf> yeah
[Thu Mar 12 11:49:17 2015] <benzrf> i was thinking of just going with lam_bool as the output type instead of being parametric
[Thu Mar 12 11:49:41 2015] <benzrf> but im not 100% sure that that such an encoding would have as much information as the original term?
[Thu Mar 12 11:50:06 2015] <benzrf> then i thought of lam_list lam_bool as the output type, but how do i do list ;-;
[Thu Mar 12 11:50:41 2015] <irishsultan> schoppenhauer: yes that was to you
[Thu Mar 12 11:51:03 2015] <irishsultan> I can't see it listed there
[Thu Mar 12 11:51:44 2015] <schoppenhauer> irishsultan: under https://coq.inria.fr/library/Coq.FSets.FMapFacts.html section "Cardinal"
[Thu Mar 12 11:51:54 2015] <benzrf> hmm, be back in a bit
[Thu Mar 12 11:51:57 2015] <benzrf> gotta lunch
[Thu Mar 12 12:06:12 2015] <ianjneu> benzrf: a Mogensen-Scott encoding is an n-ary function for n-many variants of a data type DT, where for variant (v_i dt_1 ... dt_j), you have a function fun x_1 ... x_n => x_i (encode dt_1) ... (encode dt_j)
[Thu Mar 12 12:06:12 2015] <irishsultan> schoppenhauer: are you certain that Make isn't giving you this instead https://coq.inria.fr/distrib/current/stdlib/Coq.FSets.FMapList.html
[Thu Mar 12 12:06:50 2015] <schoppenhauer> irishsultan: no.
[Thu Mar 12 12:07:41 2015] <ianjneu> benzrf: https://en.wikipedia.org/wiki/Mogensen%E2%80%93Scott_encoding#Mogensen.E2.80.93Scott_encoding
[Thu Mar 12 14:44:23 2015] <benzrf> i love the irony in how you can prove ~~DNE
[Thu Mar 12 14:44:36 2015] <benzrf> like an ice pick trapped under a layer of ice
[Thu Mar 12 14:45:15 2015] <RchrdB> DNE?
[Thu Mar 12 14:47:27 2015] <benzrf> Definition DNE := forall P, ~~P -> P.
[Thu Mar 12 15:06:21 2015] <RchrdB> Heh.
[Thu Mar 12 15:21:34 2015] <ianjneu> benzrf: any luck with the encoding?
[Thu Mar 12 16:02:18 2015] <benzrf> ianjneu: sorry ive been away for a while now
[Thu Mar 12 16:25:15 2015] <Anarchos> Why does coq have its own virtual machine ?
[Thu Mar 12 16:33:23 2015] <__monty__> Hi, I was wondering why coq focuses on extraction vs compilation. Is it merely because the community is not interested in implementing/maintaining a performant compiler for coq but would still like to be able to run optimized code? Or are there other advantages to extraction?
[Thu Mar 12 16:35:23 2015] <Cale> __monty__: What's the difference? :)
[Thu Mar 12 16:35:30 2015] <Cale> Choice of target language?
[Thu Mar 12 16:43:46 2015] <__monty__> cale: I can see how having your verified code extracted to the language you use to implement the rest of your system is attractive. However, coq is the only language I know of that uses extraction, I'm wondering why?h
[Thu Mar 12 16:44:22 2015] <Cale> __monty__: My point was that every compiler could just as well be called an extractor
[Thu Mar 12 16:44:38 2015] <Cale> __monty__: I don't know why Coq uses that particular term
[Thu Mar 12 16:44:46 2015] <Cale> But it's the same thing as a compiler.
[Thu Mar 12 16:46:36 2015] <ianjneu> Cale: a compiler is a semantics preserving function from Language1 to Language2, albeit most people think of "optimizing compiler" or "bytecode/native code compiler" when they hear the word.
[Thu Mar 12 16:47:45 2015] <ianjneu> the fact that Coq is written in and looks like OCaml makes it tempting to essentially "desugar" or "extract" a coq program to an ocaml program. I imagine the word "transpiler" wasn't popular when Coq first began :P
[Thu Mar 12 16:49:55 2015] <__monty__> ianjneu: Are you referring to me when you say "most people?" Or did you mean to imply that extraction is not a semantics preserving function?
[Thu Mar 12 16:52:52 2015] <ianjneu> I mean to imply that extraction should be understood as a non-optimizing compiler between two "sister" languages.
[Thu Mar 12 16:57:38 2015] <__monty__> One last question: what are your opinions on using coq as a programming language?
[Thu Mar 12 16:59:52 2015] <ianjneu> __monty__: as opposed to a dish towel?
[Thu Mar 12 17:09:50 2015] <__monty__> ianjneu: I was referring to coq being promoted in the first place as a proof assistant, not a programming language. This in contrast to agda and especially idris which are first and foremost programming languages.
[Thu Mar 12 17:11:56 2015] <ianjneu> Coq does not have enough escape hatches to be a useful programming language. Dependent types are nice sometimes, but a pain most other times.
[Thu Mar 12 17:27:54 2015] <hodapp> time till tell if Idris manages to make dependent types less of a pain.
[Thu Mar 12 17:38:32 2015] <ianjneu> hodapp: Whenever you need to know another property of a datatype to prove something, you have to pass around more proofs. Passing around more proofs means a cascading change in all consumers of the type, proof maintenance, and more garbage.
[Thu Mar 12 17:41:52 2015] <__monty__> Ok, Cale, ianjneu thank you for the discussion.
[Thu Mar 12 17:45:25 2015] <Anarchos> ianjneu i am reading the cpdt for some days. really difficult !
[Thu Mar 12 17:47:21 2015] <ianjneu> Anarchos: indeed.
[Thu Mar 12 17:47:53 2015] <__monty__> Anarchos: Did you do Soft. Found.'s already? I think it's very accessible.
[Thu Mar 12 17:50:26 2015] <Anarchos> __monty__ yes i did, but one or two years ago.
[Thu Mar 12 17:50:39 2015] <Anarchos> ianjneu adam write his book as if everything should be intuitive...
[Thu Mar 12 17:53:02 2015] <ianjneu> Anarchos: yup. His writing reflects his character.
[Thu Mar 12 17:53:10 2015] <Anarchos> i have memory troubles, so very difficult to remember the use cases for tactics. Except for apply, simpl. But induction, inversion , destruct .... Could never remember.
[Thu Mar 12 17:53:24 2015] <Anarchos> ianjneu i don't know him by myself :)
[Thu Mar 12 17:53:48 2015] <ianjneu> I've dealt with him before. He's very dismissive.
[Thu Mar 12 17:53:56 2015] <Anarchos> dismissive ?
[Thu Mar 12 17:54:40 2015] <ianjneu> You're having a hard time? Not my fault.
[Thu Mar 12 17:54:55 2015] <Anarchos> i can't understand why people who write books to disseminate science can be dismissive to their readers....
[Thu Mar 12 17:55:10 2015] <__monty__> Anarchos: Have you used coq actively over the course of those 2 years? I was hoping to be able to breeze throug cpdt after finishing sofo?
[Thu Mar 12 17:55:28 2015] <ianjneu> __monty__: hah, it's not breezeable
[Thu Mar 12 17:56:07 2015] <Anarchos> yes i did most of the exercices from SF. But i always ended to do dirty proofs with only apply ; simpl ; elim ; undo; auto. :)
[Thu Mar 12 18:17:24 2015] <benzrf> hmm ianjneu
[Thu Mar 12 18:17:34 2015] <benzrf> scott encoding doesnt look terribly helpful
[Thu Mar 12 18:17:46 2015] <benzrf> the problem continues to be that i dont have parametric polymorphism for the return type
[Thu Mar 12 18:19:05 2015] <johnw> __monty__: I've been using Coq as a prograomming langauge
[Thu Mar 12 18:20:44 2015] <__monty__> johnw: Just to experiment or in a "serious" project? And, do you have any experience with agda or idris?
[Thu Mar 12 18:21:23 2015] <johnw> both
[Thu Mar 12 18:21:24 2015] <johnw> and no
[Thu Mar 12 18:21:44 2015] <johnw> i've been writing a register allocator as my first real programming project in Coq, and it's for a real purpose
[Thu Mar 12 18:25:08 2015] <__monty__> johnw: Why did you choose coq? Was formal verification a requirement or a nice bonus?
[Thu Mar 12 18:28:11 2015] <johnw> I wanted to see what it would be like to develop a formally verified component for a critical piece of a compiler architecture
[Thu Mar 12 18:29:41 2015] <__monty__> Kind of taking compcert one step further?
[Thu Mar 12 18:32:35 2015] <Anarchos> johnw oh i read about an internship at inria doing this kind of thing to replace the call to external register allocator + correction verification postponed
[Thu Mar 12 18:33:40 2015] <johnw> __monty__: I guess it's a step beyond what compcert does, but just for this one little piece
[Thu Mar 12 18:38:06 2015] <__monty__> johnw: And what's your opinion on coq as a programming language? Is it only barely a programming language, useful only when you need to implement something small with strong verification requirements? Or, do think it's ready (doesn't mean tools aren't currently lacking, etc.) for serious development, regardless of the need for verification?
[Thu Mar 12 18:39:04 2015] <Anarchos> __monty__ if you want serious dev without verification, coq is really ocaml alike.
[Thu Mar 12 18:43:10 2015] <johnw> so, Coq as a functional language is just fine
[Thu Mar 12 18:43:20 2015] <johnw> however, it lacks nearly every modern convenience that you can think of
[Thu Mar 12 18:43:29 2015] <johnw> even the type classes support does not extract well to Haskell, preventing me from using it
[Thu Mar 12 18:43:46 2015] <__monty__> Anarchos: I'm actually looking into how usable dependently typed languages are for programming.
[Thu Mar 12 18:43:47 2015] <johnw> (it led to code that would segfault, due to thunks being incorrectly unsafeCoerce'd)
[Thu Mar 12 18:44:05 2015] <alkabetz> __monty__: The rest of us are trying to figure that out too :)
[Thu Mar 12 18:44:22 2015] <alkabetz> __monty__: ‘How useful are depndent types?’ is a big research question right now.
[Thu Mar 12 18:44:30 2015] <johnw> the lack of case guards, view patterns, record access syntax, monads (generally), etc., are a real pain over time
[Thu Mar 12 18:44:37 2015] <johnw> but, I like it as a language per se
[Thu Mar 12 18:44:40 2015] <alkabetz> __monty__: The Agda folks feel very strongly that they are quite useful.
[Thu Mar 12 18:44:53 2015] <johnw> I like being forced to prove totality, to have complete coverage in my "match" statements, etc.
[Thu Mar 12 18:44:54 2015] <alkabetz> __monty__: The Coq folks are generally less convinced.
[Thu Mar 12 18:44:57 2015] <johnw> i can't "get away with anything"
[Thu Mar 12 18:45:01 2015] <__monty__> alkabetz: Surely at least part of the community around coq is interested more in coq "as a proof assistant" than "as a programming language"?
[Thu Mar 12 18:45:45 2015] <alkabetz> __monty__: Absolutely.  I think a large part of the Coq community is interested in Coq as a proof assistant rather than as a programming language.
[Thu Mar 12 18:46:01 2015] <alkabetz> johnw: Sorry, ended up talking over you there :/
[Thu Mar 12 18:46:24 2015] <johnw> n/p
[Thu Mar 12 18:46:48 2015] <johnw> several people in the Coq community are interested in using it as a programming language
[Thu Mar 12 18:46:53 2015] <alkabetz> For what it’s worth, I would consider writing a large program in Coq only if I were going to prove things about it, and I would not use dependent types.
[Thu Mar 12 18:46:55 2015] <johnw> Gonthier may care more about its use as a proof assistant
[Thu Mar 12 18:47:12 2015] <alkabetz> I would consider writing a large program in Agda, possibly using dependent types, even if I weren’t going to prove stuff about it explicitly.
[Thu Mar 12 18:47:14 2015] <johnw> but Morrissett and Chlipala want to use it for real stuff
[Thu Mar 12 18:47:20 2015] <johnw> see Bedrock, Fiat, Ynot, etc.
[Thu Mar 12 18:47:41 2015] <__monty__> johnw: Do you feel like "not getting away with anything" would be a major plus in development projects where possibly large teams work on the code?
[Thu Mar 12 18:47:56 2015] <johnw> it's definitely a plus in terms of correctness and needing to understand your code
[Thu Mar 12 18:48:06 2015] <johnw> if I had it to do all over again, I wouldn't have done this in Coq
[Thu Mar 12 18:48:23 2015] <alkabetz> Looking back a couple minutes, I guess making that Coq-versus-Agda comparison isn’t entirely fair, because Agda’s proof style is heavily based on proof-carrying code, whereas Coq’s is more (usually) explicit and external to the code itself.
[Thu Mar 12 18:48:36 2015] <johnw> I would have written it in Haskell in 1/50th of the time, then written a verifier in Coq that I could extract to Haskell, so that the unit tests would be able to prove that anything that claimed it succeeded actually did succeed
[Thu Mar 12 18:50:56 2015] <__monty__> johnw: Is the code for this project available somewhere?
[Thu Mar 12 18:51:49 2015] <__monty__> alkabetz: Which proofstyle do you believe to be more suited to programming?
[Thu Mar 12 18:53:05 2015] <alkabetz> __monty__: I haven’t developed sufficiently large applications in both styles to really compare them.  Adam Chlipala feels very strongly that the former scales better, and his arguments seem reasonable.
[Thu Mar 12 18:53:59 2015] <alkabetz> Somebody earlier stated the arguments I’m thinking of – namely, that proof-carrying code requires you to carry around a bunch of garbage proof terms at runtime.
[Thu Mar 12 18:54:26 2015] <johnw> __monty__: https://github.com/jwiegley/linearscan
[Thu Mar 12 18:54:31 2015] <johnw> i'm very, very close to the end
[Thu Mar 12 18:54:58 2015] <johnw> one nice thing about having done it in Coq is that there are parts which, once everything is running correctly, should literally never need to be changed
[Thu Mar 12 18:55:28 2015] <alkabetz> __monty__: I would definitely not recommend the proof-carrying code approach in Coq; Coq is simply not designed that way.  With Agda, it’s a bit of a different story.
[Thu Mar 12 18:55:40 2015] <johnw> and that's an intellectual comfort that no other language can provide, unless it also offers the ability to prove properties about the code (and by proof I include encoding properties in types ala Agda)
[Thu Mar 12 18:55:54 2015] <johnw> I use proof-carrying code in Coq sometimes
[Thu Mar 12 18:56:09 2015] <johnw> there are times when it truly is the easiest way to deal with recursion involving complex predicates
[Thu Mar 12 18:56:30 2015] <johnw> i've found that Coq is really bad at "seeing through" fixpoints and folds at times
[Thu Mar 12 18:56:53 2015] <johnw> having each step of the recursion yields the evidence needed by the step higher up is really convenient
[Thu Mar 12 18:57:52 2015] <__monty__> alkabetz: When you said "Chlipala feels strongly..." did you mean proof-carrying by former?
[Thu Mar 12 18:58:27 2015] <alkabetz> No, the opposite.  Adam feels strongly that proof-carrying code is not the right way to do things.
[Thu Mar 12 18:58:51 2015] <__monty__> alkabetz: Ok, that makes more sense.
[Thu Mar 12 19:01:43 2015] <__monty__> johnw, alkabetz: Thank you this was a very fruitful conversation for me. I'm calling it a night.
[Thu Mar 12 19:01:59 2015] <alkabetz> Take care!
[Thu Mar 12 19:11:26 2015] <nkar> johnw: so...  you (and someone else) suggested to use this: Lemma rev_pal_length : forall X n l, length l <= n -> l = rev l -> pal X l.  but how can I get anything useful out of this hypothesis?  how do I keep the initial hypothesis after, say, using inversion on it?
[Thu Mar 12 19:16:27 2015] <Cypi> That was me I believe
[Thu Mar 12 19:16:40 2015] <Cypi> What do you mean by "this hypothesis"?
[Thu Mar 12 19:16:46 2015] <nkar> length l <= n
[Thu Mar 12 19:17:21 2015] <nkar> also, is there a way to prove it by using the init function as Cale suggested?
[Thu Mar 12 19:17:49 2015] <nkar> I spent ~3 hours on it this morning and failed to prove anyway
[Thu Mar 12 19:17:59 2015] <Cypi> This hypothesis is not really useful by itself, it's just a way of expression "I want to do a strong induction on the length of the list"
[Thu Mar 12 19:18:16 2015] <Cypi> btw, I suggested "length l < n", not "length l <= n", the base case is more simple ^^'
[Thu Mar 12 19:18:33 2015] <Cypi> I'm not sure what Cale suggested, I'd have to read it back
[Thu Mar 12 19:18:41 2015] <johnw> nkar: you don't do inversion on it, you simply apply it
[Thu Mar 12 19:18:57 2015] <johnw> remember, it proves that the size of l is <= n, where you get to provide n
[Thu Mar 12 19:19:00 2015] <johnw> hint hint :)
[Thu Mar 12 19:19:48 2015] <Cale> I just gave some vague ideas
[Thu Mar 12 19:20:11 2015] <johnw> you only invert on it to rule out lists who length is > n
[Thu Mar 12 19:20:12 2015] <Cale> That perhaps it would be a good idea to formalise some properties of the function which surrounds a list with an element
[Thu Mar 12 19:20:19 2015] <Cale> and the function which deletes the first and last element
[Thu Mar 12 19:20:35 2015] <johnw> after that, it will become a detail needed by your induction hypothesis
[Thu Mar 12 19:20:54 2015] <Cale> i.e. if we call the first function surround, and the second ablate, then  ablate (surround x xs) should be xs
[Thu Mar 12 19:22:05 2015] <Cale> and if the first and last element of xs are both x, and xs has at least 2 elements, then surround x (ablate x xs) is xs
[Thu Mar 12 19:22:15 2015] <nkar> thanks all, I'll try to digest it next morning, just wanted to get more hints while you all are online :)
[Thu Mar 12 19:22:19 2015] <nkar> timezones :\
[Thu Mar 12 19:22:41 2015] <Cale> This is just general intuition about what sorts of things might be useful to have, I haven't tried to actually do the proof :)
[Thu Mar 12 19:24:23 2015] <Cypi> I used two other lemmas in my proof: one about [rev (snoc x xs)], and one about [length (snoc x xs)]
[Thu Mar 12 19:24:37 2015] <nkar> Cale: I failed to prove it because the recursive axiom for pal is : pal xs -> pal (x :: xs ++ [x]).  I managed to get to pal (x : xs ++ [x]), but that required me to prove pal xs where xs was something like: init (x :: xs), which doesn't hold
[Thu Mar 12 19:25:15 2015] <Cypi> Oh. I expressed pal in terms of snoc
[Thu Mar 12 19:25:37 2015] <nkar> Cypi: you mean the x :: xs ++ [x] part?
[Thu Mar 12 19:25:42 2015] <nkar> I have a snoc_app lemma
[Thu Mar 12 19:26:09 2015] <Cypi> Both are fine anyway
[Thu Mar 12 19:33:39 2015] <benzrf> frick
[Thu Mar 12 19:33:46 2015] <benzrf> how do i prove ~~LEM
[Thu Mar 12 19:34:05 2015] <benzrf> the proof i thought was the right one is for [forall P, ~~(P \/ ~P)]
[Thu Mar 12 19:38:49 2015] <Cypi> Can you?
[Thu Mar 12 19:53:00 2015] <Cypi> benzrf : after trying a little bit, I would be surprised to see it provable :x
[Thu Mar 12 19:53:21 2015] <benzrf> i couldve sworn you can
[Thu Mar 12 19:56:16 2015] <benzrf> hmm
[Thu Mar 12 19:56:20 2015] <benzrf> jgross: are you online?
[Thu Mar 12 20:07:11 2015] <Cale> benzrf: There is a type for which LEM fails in HoTT, so you're going to have a hard time.
[Thu Mar 12 20:07:48 2015] <benzrf> oy
[Thu Mar 12 20:07:53 2015] <benzrf> Cale: which one?
[Thu Mar 12 20:08:00 2015] <Cale> Anything which isn't a set
[Thu Mar 12 20:08:03 2015] <benzrf> hh
[Thu Mar 12 20:08:10 2015] <benzrf> Cale: so ~LEM in hott?
[Thu Mar 12 20:08:15 2015] <Cale> right
[Thu Mar 12 20:08:28 2015] <benzrf> o.o
[Thu Mar 12 20:08:31 2015] <Cale> At least, the super strong LEM you're probably talking about
[Thu Mar 12 20:08:40 2015] <Cale> which the HoTT book calls LEM_infty
[Thu Mar 12 20:08:40 2015] <Cypi> By LEM, we mean [forall (P : Prop), P \/ ~P] I believe
[Thu Mar 12 20:08:42 2015] <Cypi> right?
[Thu Mar 12 20:08:44 2015] <Cale> right
[Thu Mar 12 20:08:54 2015] <Cale> Oh, well, what do you mean by Prop? :)
[Thu Mar 12 20:08:59 2015] <Cypi> I do mean Prop :p
[Thu Mar 12 20:09:14 2015] <Cypi> And I'd think benzrf also meant Prop, but I cannot be sure
[Thu Mar 12 20:09:35 2015] <benzrf> hmm
[Thu Mar 12 20:09:44 2015] <Cale> Well, Coq's Prop doesn't exactly correspond to anything in HoTT
[Thu Mar 12 20:10:10 2015] <Cypi> Oh right, "in HoTT", sorry.
[Thu Mar 12 20:10:21 2015] <Cale> I'm the one who brought up HoTT though
[Thu Mar 12 20:10:33 2015] <Cypi> I misread this "in CPDT" for some reason
[Thu Mar 12 20:11:34 2015] <Cale> benzrf: btw, if you want to see that proof in the HoTT book, see physical page 111 here: https://hottheory.files.wordpress.com/2013/03/hott-online-611-ga1a258c.pdf
[Thu Mar 12 20:13:39 2015] <Cale> But yeah, if you think of the HoTT universe U here as being like an MLTT universe modulo an additional axiom (univalence), then it's clear you shouldn't be able to prove ~~LEM in MLTT.
[Thu Mar 12 20:15:19 2015] <Cale> and that probably doesn't quite get you that you can't prove it in Coq's Prop, because maybe there's some clever use of impredicativity?
[Thu Mar 12 20:16:07 2015] <Cale> But it seems to indicate that at least any proof of it would have to make use of Prop's unique features relative to Type
[Thu Mar 12 20:21:10 2015] <benzrf> huh
[Thu Mar 12 20:21:13 2015] <benzrf> :|
[Thu Mar 12 20:21:23 2015] <benzrf> ive just spent months thinking that you can prove ~~LEM
[Thu Mar 12 20:21:25 2015] <benzrf> ;-;
[Thu Mar 12 20:21:49 2015] <Cale> Well, you can prove forall P, ~~(P \/ ~P)
[Thu Mar 12 20:22:25 2015] <benzrf> yeah
[Thu Mar 12 20:22:50 2015] <benzrf> hmm hmm
[Thu Mar 12 20:23:06 2015] <benzrf> does ~~P / ~~Q -> ~~(P / Q)
[Thu Mar 12 20:23:10 2015] <benzrf> ah
[Thu Mar 12 20:23:11 2015] <benzrf> does ~~P / ~~Q -> ~~(P / Q)
[Thu Mar 12 20:23:14 2015] <benzrf> omg
[Thu Mar 12 20:23:16 2015] <benzrf> does ~~P / ~~Q -> ~~(P /\ Q)
[Thu Mar 12 20:23:24 2015] <Cale> still have a / there
[Thu Mar 12 20:23:29 2015] <benzrf> god dammit
[Thu Mar 12 20:23:29 2015] <jgross> benzrf: [~~forall P, P \/ ~P] <- I don't think that's provable. Knowing [~forall P, P \/ ~P] doesn't really tell you anything.	On the other hand, [~exists P, ~(P \/ ~P)] is provable (in particular, because [forall P, ~~(P \/ ~P)] is provable). 
[Thu Mar 12 20:23:47 2015] <benzrf> ah oh
[Thu Mar 12 20:23:56 2015] <benzrf> frick
[Thu Mar 12 20:24:50 2015] <Cale> http://en.wikipedia.org/wiki/Double-negation_translation#First-order_logic
[Thu Mar 12 20:25:00 2015] <Cale> I think you got confused about how this translation works
[Thu Mar 12 20:25:13 2015] <Cale> especially with respect to quantifiers
[Thu Mar 12 20:32:36 2015] <Cale> (I seem to recall being confused about the same thing at one point)
[Thu Mar 12 20:51:26 2015] <scott> how would you prove forall P, ~~(P \/ ~P) ?
[Thu Mar 12 20:54:33 2015] <Cypi> Just try it with Coq, it's easy enough :)
[Thu Mar 12 20:55:36 2015] <scott> I've been trying in my head with pseudo-Idris :p
[Thu Mar 12 20:56:04 2015] <scott> aha, I do, in fact, have Coq installed on this computer
[Thu Mar 12 21:08:12 2015] <scott> I solved it in one step with `firstorder.` then printed the term and manually simplified. now I think I get it :)
[Thu Mar 12 21:11:57 2015] <scott> the piece I was missing in my head was using ~(P \/ ~P) to prove ~P (which then combined with ~(P \/ ~P) proves ~~(P \/ ~P))
[Thu Mar 12 21:38:03 2015] <Cale> Try it using intro/apply the whole way, with or_intror and or_introl :)
[Thu Mar 12 21:41:34 2015] <scott> I ended up writing the proof term directly without tactics (in Idris, but it would be the same in Coq)
[Fri Mar 13 05:52:25 2015] <lpaste> jstolarek pasted “Stream equality with co-induction” at http://lpaste.net/124819
[Fri Mar 13 05:52:46 2015] <jstolarek> I have problems with conducting a proof of stream equality with coinduction
[Fri Mar 13 05:52:53 2015] <jstolarek> this is basicaly taken from CPDT chapter 5
[Fri Mar 13 05:53:09 2015] <jstolarek> now, the script in the book works without problems
[Fri Mar 13 05:53:11 2015] <jstolarek> mine does not
[Fri Mar 13 05:53:17 2015] <jstolarek> and I can't figure out why
[Fri Mar 13 05:53:34 2015] <jstolarek> obviously, there is *some* difference between my file and the one from the book
[Fri Mar 13 05:53:41 2015] <jstolarek> but I can't figure out what it is
[Fri Mar 13 05:54:34 2015] <jstolarek> it must be something very subtle and I'd like to find out what exactlt that is
[Fri Mar 13 05:56:20 2015] <jstolarek> the last call to apply causes error pasted at the bottom. state of subgoals is given for the last working step of the proof
[Fri Mar 13 05:56:46 2015] <jstolarek> state of the proof looks identical to the one from the book, so my guess would be that it must be some settings of Coq
[Fri Mar 13 05:58:29 2015] <jstolarek> ok, nvm - found it! a typo in Cons_case_tl
[Fri Mar 13 10:42:51 2015] <Rc43> Why type of term-level lambda is type-level lambda, but type of type-level lambda isn't "higher type"-level lambda?
[Fri Mar 13 10:43:37 2015] <Rc43> I mean, type of "fun x => y" is "forall _ : X, Y", but type of "forall (x : X), Y(x)" is plain "Type".
[Fri Mar 13 10:52:29 2015] <ianjneu> pi-type isn't a type-level lambda. It's a dependent product. A type-level lambda is just a lambda that takes and produces types.
[Fri Mar 13 10:53:36 2015] <ccasin> Indeed, a type-level lambda looks like (fun (x:Type) => x)
[Fri Mar 13 10:53:48 2015] <ccasin> and you'll discover that its type is also a pi type, at a higher level.
[Fri Mar 13 10:55:19 2015] <ianjneu> Types are introduceable into the universe(s) of Type(_i). They are not eliminable. They have inhabitants that are terms that have introduction and elimination forms (e.g. lambda introduces, application eliminates)
[Fri Mar 13 10:55:28 2015] <Rc43> ccasin, ianjneu, yep, I understand; just thought that we could treat lambdas and pi-types as the single concept, why not?
[Fri Mar 13 10:55:47 2015] <Rc43> Why we separate terms on functions and terms but don't separate types with this logic?
[Fri Mar 13 10:56:19 2015] <Rc43> ianjneu, ok, so the difference is in elimination logic
[Fri Mar 13 10:56:24 2015] <Rc43> ianjneu, understood, thanks
[Fri Mar 13 10:57:21 2015] <Rc43> I just try to implement very simple deptyped language and thought to describe both "fun" and "forall" as lambda internally.
[Fri Mar 13 10:57:40 2015] <ccasin> Yes, this is a little confusing.
[Fri Mar 13 10:58:19 2015] <ccasin> lambda can take types as arguments (that's a polymorphic function)
[Fri Mar 13 10:58:30 2015] <ccasin> and it's tempting, but I think misleading, to call that a "forall"
[Fri Mar 13 10:58:47 2015] <ccasin> lambda that take term and lambdas that take types are the same thing
[Fri Mar 13 10:58:51 2015] <ccasin> but not lambda and the types of lambda
[Fri Mar 13 10:58:54 2015] <ccasin> *lambdas
[Fri Mar 13 10:58:54 2015] <ianjneu> Pure type systems (PTS) treat them all the same. Application with a "forall" is essentially a logical "cut"
[Fri Mar 13 10:59:19 2015] <ccasin> even in a PTS, lambdas and arrow types are different syntactic things
[Fri Mar 13 10:59:22 2015] <ianjneu> The foundational issues change in ways I'm not intimately familiar with.
[Fri Mar 13 10:59:41 2015] <ccasin> but we can get away with only one kind of lambda and only one kind of arrow type
[Fri Mar 13 10:59:49 2015] <ccasin> even though we have both term-level and type-level lambdas
[Fri Mar 13 11:00:03 2015] <ccasin> does that make sense?
[Fri Mar 13 11:03:35 2015] <ccasin> So if you have a look at page 88 here: http://ttic.uchicago.edu/~dreyer/course/papers/barendregt.pdf
[Fri Mar 13 11:03:53 2015] <ccasin> (this the standard reference for pure type systems)
[Fri Mar 13 11:04:07 2015] <ccasin> You'll see, Definition 5.1.10, that in the lambda cube there is a distinction between Lambda and Pi
[Fri Mar 13 11:04:22 2015] <ccasin> lambdas are functions, pis are the types of functions
[Fri Mar 13 11:05:03 2015] <ccasin> we say this syntax is "collapsed" because: 1) there is only one syntactic category (not separate types and terms) and 2) we just have one lambda syntax, which represents both lambdas that take terms as arguments and lambdas that take types as arguments
[Fri Mar 13 11:05:15 2015] <ccasin> (and similarly for PIs)
[Fri Mar 13 11:05:21 2015] <ccasin> *Pi
[Fri Mar 13 11:05:42 2015] <ccasin> this is certainly confusing, but hopefully that helps a little.
[Fri Mar 13 11:17:33 2015] <Rc43> ianjneu, wow, nice pointer, will dig into PTS
[Fri Mar 13 14:37:38 2015] <Anarchos> i have clone the git repo of coq. How can i get the 8.49l5 version ?
[Fri Mar 13 14:40:13 2015] <pdxleif> You mean 8.4pl5?
[Fri Mar 13 14:40:17 2015] <Anarchos> yes
[Fri Mar 13 14:40:25 2015] <pdxleif> "git checkout V8.4pl5" should work
[Fri Mar 13 14:40:31 2015] <Anarchos> thks a lot
[Fri Mar 13 14:40:35 2015] <pdxleif> It's tagged in the repo: https://github.com/coq/coq/releases
[Fri Mar 13 14:41:00 2015] <Anarchos> pdxleif i didn't know this URL :)
[Fri Mar 13 14:41:57 2015] <pdxleif> It's the "60 releases" link from the bar on top of the home page of the repo on github
[Fri Mar 13 14:45:54 2015] <Anarchos> pdxleif my browser is a little broken to render github. sorry.
[Fri Mar 13 15:24:57 2015] <RchrdB> Anarchos: the other way you can list the releases, from a git repo, is by running "git tag" :)
[Fri Mar 13 15:31:03 2015] <Anarchos> RchrdB thanks too
[Fri Mar 13 15:36:46 2015] <Anarchos> Do i need both camlp4 and camlp5 to compile coq ?
[Fri Mar 13 23:18:18 2015] <ccomp> Has anyone here worked with Menhir's Coq backend? I have a question about it, but it's sufficiently esoteric that I figured I'd check first.
[Sat Mar 14 07:39:37 2015] <Anarchos> i am trying to compile coq 8.4pl5 but i got troubles with q_util.cmo complaining about CompatLoc
[Sat Mar 14 09:03:11 2015] <benzrf> can all classical theorems be proven doubly negated
[Sat Mar 14 09:03:32 2015] <Cypi> http://en.wikipedia.org/wiki/Double-negation_translation
[Sat Mar 14 09:03:39 2015] <Cypi> With enough double negations, yes
[Sat Mar 14 09:03:43 2015] <benzrf> interesting
[Sat Mar 14 09:03:59 2015] <Cypi> But just ~~Theorem won't work in general
[Sat Mar 14 15:47:36 2015] <ccomp> if I'm getting an error like "The term "Gram.EOF't" has type "Gram.terminal'" which should be Set, Prop or Type." in a match statement pattern, what am I doing wrong?
[Sat Mar 14 15:49:35 2015] <ccomp> The error message index tells me that the type's already defined. I'm trying to figure out how that's relevant...
[Sat Mar 14 18:48:39 2015] <nkar`> johnw: could you upload your proof of [Lemma rev_pal_length : forall (X : Type) (n : nat) (xs : list X), length xs <= n -> xs = rev xs -> pal xs.] somewhere?  I've been trying to prove the rev_pal exercise (while asking questions on irc) for about two weeks, I think, and I have no idea how to prove this particular lemma, which is required.  the key here is the [length xs] hypothesis, but I don't know how to transform it to gain
[Sat Mar 14 18:48:39 2015] <nkar`> anything.
[Sat Mar 14 19:14:13 2015] <jrw> nkar`: have you tried inducting on n without introducing xs first (equivalently, using [generalize dependent xs] before inducting)?
[Sat Mar 14 19:15:14 2015] <nkar`> jrw: no I haven't.  let me try that.
[Sat Mar 14 19:23:54 2015] <nkar`> jrw: I always get stuck in the succ case: https://gist.github.com/nkaretnikov/3baf1ee07fe0f41646a3
[Sat Mar 14 19:30:37 2015] <jrw> nkar`: so your first subgoal there has a contradiction in it
[Sat Mar 14 19:30:48 2015] <jrw> because it says xs has length 0, but also that it equals y :: ys
[Sat Mar 14 19:31:02 2015] <jrw> so you need to mess around with it and convince coq that can't happen
[Sat Mar 14 19:31:52 2015] <nkar`> * tries
[Sat Mar 14 19:42:12 2015] <nkar`> jrw: I don't know how to "convince" coq nor have a useful lemma. so I changed <= to < in the definition of the lemma (Cypi suggested that in the past) and used inversion.  but now I have a similar problem in the next case. I still see no way to connect the length of a list with the list itself, so I'm stuck again.
[Sat Mar 14 19:43:58 2015] <jrw> nkar`: you can do that. you could have also proved the lemma "length xs = 0 -> xs = []"
[Sat Mar 14 19:44:22 2015] <jrw> you could also have just destructed xs, and in the cons case you would have gotten 1 <= 0, which is a contradiction
[Sat Mar 14 19:44:41 2015] <nkar`> okay, but what do I need to do now?
[Sat Mar 14 19:44:44 2015] <jrw> but anyways, now you're in the next case? you probably want to destruct xs
[Sat Mar 14 19:44:56 2015] <nkar`> okay, trying
[Sat Mar 14 19:45:08 2015] <jrw> then you'll need a way to take the last element off of a list
[Sat Mar 14 19:45:13 2015] <jrw> that's going to be a separate lemma
[Sat Mar 14 20:05:23 2015] <nkar`> jrw: I updated the gist, still stuck at the cons step
[Sat Mar 14 20:09:32 2015] <jrw> nkar`: you can't apply the induction hypothesis yet
[Sat Mar 14 20:09:42 2015] <jrw> you'll need to take the end off of xs first
[Sat Mar 14 20:10:12 2015] <jrw> something like [forall xs, xs = [] \/ exists xs' x, xs = xs' ++ [x]]
[Sat Mar 14 20:10:20 2015] <jrw> which you'll have to prove
[Sat Mar 14 20:10:52 2015] <nkar`> sf hasn't introduced exists yet
[Sat Mar 14 20:11:07 2015] <nkar`> is there another way?
[Sat Mar 14 20:11:27 2015] <nkar`> I know how to define the init function, for instance.
[Sat Mar 14 20:11:54 2015] <nkar`> which theorems do I need to prove about it in order to use it here?
[Sat Mar 14 20:12:03 2015] <nkar`> or is it a wrong approach?
[Sat Mar 14 20:13:57 2015] <jrw> nkar`: not sure what init is. if you want to avoid exists you could define "last" and "butlast" functions
[Sat Mar 14 20:15:01 2015] <nkar`> jrw: the function that takes all elements except the last one
[Sat Mar 14 20:15:17 2015] <jrw> okay great, that's what I meant by "butlast"
[Sat Mar 14 20:15:34 2015] <jrw> then prove that, when xs is not nil, xs = init xs ++ [last xs]
[Sat Mar 14 20:15:36 2015] <jrw> or something
[Sat Mar 14 20:16:43 2015] <nkar`> aha! so the way to talk about the case when xs is not nil is to use or as you did
[Sat Mar 14 20:17:15 2015] <nkar`> okay, I'll try a bit later since I need to sleep
[Sat Mar 14 20:17:32 2015] <nkar`> thanks for your help (and patience :))
[Sat Mar 14 20:23:36 2015] <jrw> np, good luck!
[Sun Mar 15 01:16:37 2015] <Cypi> nkar` : (I assume you'll read that somewhere later) A way to get the last element of a list is to destruct (rev xs) :)
[Sun Mar 15 01:17:22 2015] <Cypi> However, if you just do [destruct (rev xs)], you will lose some of the information, you need to do [destruct (rev xs) eqn:Hrev] (or any other tactic that allows you to keep that fact)
[Sun Mar 15 02:22:11 2015] <johnw> nkar`: hi, are you still there?
[Sun Mar 15 03:33:10 2015] <nkar`> johnw: yes
[Sun Mar 15 03:33:18 2015] <johnw> hi
[Sun Mar 15 03:33:34 2015] <johnw> nkar`: https://gist.github.com/f4f5a2809edab8153332
[Sun Mar 15 03:34:18 2015] <nkar`> johnw: thank you!  I'll try what jrw suggested first.  if I fail, I'll check your solution.
[Sun Mar 15 03:35:24 2015] <johnw> my solution was ultimately recommended to me by Cale and Basile (who I think isn't here right now)
[Sun Mar 15 03:35:57 2015] <jrw> nkar`: I should mention that the suggestion to [destruct (rev xs) eqn:?] is way better than what I told you to do.
[Sun Mar 15 07:01:06 2015] <marisa__> Hello, I am building a coinductive structure called sequence, which can either be finite and infinite. I also built a taken which pop the first n element (or lesser if it reach end of sequence). How can I prove Theorem In_appear a (s : sequence) n : In a (take_n s n) -> appear a s. ?What should I do after cofix?
[Sun Mar 15 07:44:38 2015] <marisa__> No need for cofix... Just generalize dependent and induction n.
[Sun Mar 15 08:09:46 2015] <schoppenhauer> hello. does anyone know if http://www.math.tau.ac.il/~haimk/adv-ds-2000/jacm-final.pdf has already been implemented in coq somewhere?
[Sun Mar 15 15:49:09 2015] <Anarchos> I need help to compile coq.
[Sun Mar 15 15:57:37 2015] <jrw> Anarchos: what's the problem?
[Sun Mar 15 15:58:17 2015] <Anarchos> Error: Unbound module CompatLoc
[Sun Mar 15 16:47:25 2015] <ptrz> If terminal is an Inductive that takes no args and symbol_semantic type is an Inductive that takes one arg, what exactly is this? Definition token := {t:terminal & symbol_semantic_type (T t)}.
[Sun Mar 15 16:47:54 2015] <ptrz> Where T is a constructor for symbol_semantic_type
[Sun Mar 15 16:49:38 2015] <ianjneu> ptrz: do you have a paste that typechecks?
[Sun Mar 15 16:50:38 2015] <ptrz> ianjneu: I don't, sadly. That's the problem.
[Sun Mar 15 16:51:18 2015] <ptrz> The only known usage of this code actually extracts it to OCaml first and then uses Obj.Magic to construct one
[Sun Mar 15 16:52:13 2015] <ianjneu> When you say an inductive that takes no args, what do you really mean?
[Sun Mar 15 16:52:54 2015] <ianjneu> do you mean `Inductive terminal :=.` ? Do you mean `Inductive terminal := mk_terminal : terminal.` ?
[Sun Mar 15 16:53:05 2015] <ianjneu> something else?
[Sun Mar 15 16:54:24 2015] <ptrz> ianjneu: https://github.com/plsql/verified-parser-example/blob/master/validator/Grammar.v
[Sun Mar 15 16:57:17 2015] <ianjneu> so that would be an element of an alphabet paired with whatever its assigned "semantic type" is. Since this has no uses of the modules, I'm not quite sure of its utility.
[Sun Mar 15 16:58:53 2015] <ptrz> ianjneu: How would I construct a value of that type?
[Sun Mar 15 17:00:04 2015] <ianjneu> existT _ <some terminal> <some element of the semantic type for the terminal>
[Sun Mar 15 17:00:26 2015] <ianjneu> the _ is for the (fun t => symbol_semantic_type (T t)) that should be inferred.
[Sun Mar 15 17:05:18 2015] <ptrz> ianjneu: Thanks. Where does the existT come from?
[Sun Mar 15 17:05:29 2015] <Anarchos> Locate existT ?
[Sun Mar 15 17:05:51 2015] <ptrz> I guess I mean more, why is that the constructor?
[Sun Mar 15 17:05:55 2015] <ianjneu> existT is the introduction form for sigT, the type that { x:A & P x } is sugar for.
[Sun Mar 15 17:06:20 2015] <ptrz> I guess, most generally, I don't know what the curly braces and ampersand syntax means, and wasn't able to find out online
[Sun Mar 15 17:06:22 2015] <ianjneu> sigT (fun x : A => P x) more precisely.
[Sun Mar 15 17:06:47 2015] <ianjneu> ptrz: when in doubt, Set Printing All.
[Sun Mar 15 17:07:29 2015] <Anarchos> ptrz it is a subset, as you would write in ZFC standard maths !
[Sun Mar 15 17:07:47 2015] <Anarchos> ptrz x is in A and P x holds.
[Sun Mar 15 17:07:55 2015] <ptrz> I see. Sorry, I'm very new to Coq and kind of got dropped in head-first
[Sun Mar 15 17:08:07 2015] <ptrz> and thanks for all the help
[Sun Mar 15 17:08:31 2015] <Anarchos> ptrz no troubles, we all were new in some time !
[Sun Mar 15 17:09:13 2015] <ptrz> For what it's worth, my current subproject is to make a minimal example of a formally verified parser using CompCert's implementation
[Sun Mar 15 17:09:24 2015] <ptrz> which just got added to Menhir but is as-of-yet undocumented
[Sun Mar 15 17:10:05 2015] <ptrz> so, I'm working with undocumented research code and a single obfuscated implementation  :-)  Quite a sudden introduction to Coq
[Sun Mar 15 17:10:36 2015] <ianjneu> ptrz: what? The types aren't self-documenting? :P
[Sun Mar 15 17:17:05 2015] <Choups314> I really can't understand this error ... http://pastebin.com/Wv4NXU7N
[Sun Mar 15 17:17:48 2015] <Choups314> On the 10th line, there IS an instance of "Plus L" ..
[Sun Mar 15 17:58:20 2015] <ptrz> ianjneu: are you still around?
[Sun Mar 15 17:58:30 2015] <ianjneu> ptrz: for the time being.
[Sun Mar 15 17:58:54 2015] <ptrz> ianjneu: do you think you could do me a huge favor and show me an example of an expression of type token?
[Sun Mar 15 17:59:02 2015] <ptrz> I'm still having trouble putting it together
[Sun Mar 15 18:00:26 2015] <ptrz> I think that once I have an example to work off of I'll be fine
[Sun Mar 15 18:00:29 2015] <ptrz> that's how it's worked so far
[Sun Mar 15 18:00:32 2015] <ianjneu> it's whatever you create for your Alphs module that you give to Symbol.
[Sun Mar 15 18:01:17 2015] <Choups314> No ideas for my problem ?
[Sun Mar 15 18:01:52 2015] <ianjneu> Choups314: Make sure it's not a notation problem with Set Printing All ?
[Sun Mar 15 18:04:04 2015] <ptrz> HA! I figured it out
[Sun Mar 15 18:04:20 2015] <ptrz> I was just being a dope and using "unit" as the unit value instead of tt
[Sun Mar 15 18:05:20 2015] <ianjneu> if either of you know ghc, I could use some help getting profiling working. #haskell is ignoring me.
[Sun Mar 15 18:10:33 2015] <Choups314> ianjneu, Sorry, I was afk, In fact I just realoaded the buffer (coqide) and now it's working ..
[Sun Mar 15 18:11:34 2015] <ianjneu> I am livid. I can't figure out profiling at all. Nowhere online seems to recount this kind of trouble.
[Sun Mar 15 18:19:18 2015] <ptrz> ianjneu: I haven't worked with it in a very long time, but I once did a fair bit
[Sun Mar 15 18:19:24 2015] <ptrz> what kind of errors are you getting?
[Sun Mar 15 18:21:54 2015] <ianjneu> ptrz: it wants me to have the base library compiled for profiling, but gives no instruction on how to do that. All the stuff online says to use cabal sandbox etc., but I can't find where to get cabal sandbox at all. I've upgraded cabal, I've looked in apt-get, I'm just frustrated.
[Sun Mar 15 18:22:36 2015] <ptrz> ianjneu: Base library? Like, the GHC base library?
[Sun Mar 15 18:22:57 2015] <ianjneu> It's asking for Prelude
[Sun Mar 15 18:23:16 2015] <ianjneu> likely it will ask for more once I give the mouse a cookie.
[Sun Mar 15 18:24:27 2015] <ianjneu> cabal is... still version 1.16. The fuck.
[Sun Mar 15 18:25:25 2015] <ianjneu> thanks debian.
[Sun Mar 15 18:25:34 2015] <ptrz> Yeah, something is very wrong ianjneu
[Sun Mar 15 18:25:37 2015] <ptrz> lol
[Sun Mar 15 18:25:55 2015] <ptrz> that's like GCC asking for glibc
[Sun Mar 15 18:25:58 2015] <ptrz> something is amiss
[Sun Mar 15 18:26:05 2015] <ptrz> how did you install GHC?
[Sun Mar 15 18:26:15 2015] <ianjneu> ptrz: apt
[Sun Mar 15 18:26:23 2015] <ptrz> yeah, bizarre
[Sun Mar 15 18:27:57 2015] <ptrz> ianjneu: I'm seeing a package ghc-prof. You've installed that?
[Sun Mar 15 18:28:17 2015] <ptrz> Also, mentally review whether you've been doing anything weird with GHC config or with library paths
[Sun Mar 15 18:30:07 2015] <ianjneu> I downloaded the updated version of cabal, and it's complaining I don't have libgmp, which I do. The rage. It boils.
[Sun Mar 15 18:33:37 2015] <ianjneu> I had almost forgotten the hell of build systems. I've spent several years in Racket, where I can just run "racket myfile.rkt" and it works.
[Sun Mar 15 18:37:16 2015] <ianjneu> aaaaaand I can't build cabal-install because I can't cabal install Data.Traversable, and cabal doesn't have a 64-bit prebuilt executable for linux
[Sun Mar 15 18:37:19 2015] <ianjneu> WINNING
[Sun Mar 15 18:38:20 2015] <ptrz> ianjneu: Yeah, the Haskell package system is a nightmare
[Sun Mar 15 18:38:36 2015] <ptrz> that whole aspect of the language is really a failure
[Sun Mar 15 18:39:00 2015] <ptrz> ianjneu: Are you sure your LIBDIR isn't poisoned somehow?
[Sun Mar 15 18:39:11 2015] <ptrz> it sounds like things are just generally having a hard time finding libraries
[Sun Mar 15 18:39:38 2015] <ianjneu> no idea.
[Sun Mar 15 18:40:17 2015] <ptrz> check 'env | grep -i lib' in your shell
[Sun Mar 15 18:40:40 2015] <ianjneu> I can go into ghci and import Data.Traversable no problem. This is such bullshit.
[Sun Mar 15 18:41:07 2015] <ianjneu> I don't have a LIBDIR env
[Sun Mar 15 18:41:08 2015] <ptrz> On a separate note, is there a way to list all modules declared in a Coq source file?
[Sun Mar 15 18:42:05 2015] <ianjneu> Print Modules.
[Sun Mar 15 18:43:54 2015] <ptrz> thanks
[Sun Mar 15 18:44:16 2015] <ptrz> ianjneu: What's your uname -a?
[Sun Mar 15 18:46:05 2015] <ianjneu> Linux bruce 3.13.0-46-generic #77-Ubuntu SMP Mon Mar 2 18:23:39 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[Sun Mar 15 18:47:40 2015] <ptrz> I suspect you'll find your answer if you do enough StackOverflow digging
[Sun Mar 15 18:47:55 2015] <ptrz> that said, this kind of stuff happens all the time with Haskell and it's awful
[Sun Mar 15 18:50:11 2015] <ptrz> If you were tinkering with some settings, configs, or internals, cleaning house and reinstalling all your Haskell-related packages is sometimes the easiest approach
[Sun Mar 15 18:53:04 2015] <ianjneu> I got cabal installed miraculously. I have a sandbox created. I am now trying to pull in my dependencies, which ARE written in my .cabal file, but for some reason weren't pulled in with --only-dependencies
[Sun Mar 15 18:56:14 2015] <ianjneu> and now it wants my .cabal file to use "section syntax" which it says is in the user's guide, but isn't.
[Sun Mar 15 19:05:33 2015] <ptrz> Yeah, I wish I had recent enough experience to help you
[Sun Mar 15 19:05:46 2015] <ptrz> I'd probably reinstall if possible
[Sun Mar 15 19:16:52 2015] <ianjneu> ...success? I think?
[Sun Mar 15 19:22:51 2015] <ptrz> ianjneu: nice! what did you do?
[Sun Mar 15 19:24:31 2015] <ianjneu> ptrz: destroyed the sandbox I was in, deleted the old .cabal file, apt-get install'd ghc-prof, did cabal init, cabal install --only-dependencies --enable-library-profiling, cabal build
[Sun Mar 15 19:25:01 2015] <ianjneu> NO SWEAT! Turns out profiling can't be interrupted. Fucking lame.
[Mon Mar 16 08:33:41 2015] <benzrf> ~~~P -> ~P, right
[Mon Mar 16 08:40:22 2015] <Cypi> benzrf : yes
[Mon Mar 16 08:44:15 2015] <benzrf> hmmm
[Mon Mar 16 09:04:52 2015] <benzrf> so...
[Mon Mar 16 09:05:05 2015] <benzrf> ~~LEM \/ ~LEM is a theorem
[Mon Mar 16 09:05:09 2015] <benzrf> but not ~~LEM
[Mon Mar 16 09:06:22 2015] <Cypi> I really don't think so
[Mon Mar 16 09:06:25 2015] <benzrf> oh wait
[Mon Mar 16 09:06:42 2015] <Cypi> if you really mean [~~ (forall P, P \/ ~P) \/ ~ (forall P, P \/ ~P) ]
[Mon Mar 16 09:07:02 2015] <benzrf> hold up
[Mon Mar 16 09:07:05 2015] <benzrf> ah i think i see
[Mon Mar 16 09:07:20 2015] <benzrf> ~~(P \/ Q) does not imply ~~P \/ ~~Q?
[Mon Mar 16 09:08:16 2015] <Cypi> I don't think so
[Mon Mar 16 09:08:27 2015] <benzrf> er, as in, you dont think it implies
[Mon Mar 16 09:08:34 2015] <Cypi> I don't think it implies
[Mon Mar 16 09:11:02 2015] <benzrf> kk
[Mon Mar 16 09:11:37 2015] <benzrf> ah yes you cannot destruct on the disjunction because there's no witness
[Mon Mar 16 09:11:44 2015] <benzrf> did i misuse witness there
[Mon Mar 16 10:07:01 2015] <ianjneu> what's new
[Mon Mar 16 10:08:45 2015] <benzrf> ianjneu: was that a greeting or was it sarcastically mockery like "what else is new"
[Mon Mar 16 10:09:34 2015] <ianjneu> benzrf: a greeting. I just rejoined. What context did I just jump into?
[Mon Mar 16 10:10:09 2015] <benzrf> 09:11:37    benzrf │ ah yes you cannot destruct on the disjunction because there's no witness
[Mon Mar 16 10:10:10 2015] <benzrf> 09:11:43    benzrf │ did i misuse witness there
[Mon Mar 16 10:10:15 2015] <benzrf> i didnt see the join cause bouncer playback
[Mon Mar 16 10:11:47 2015] <ianjneu> witness is usually used for existential (Sigma) types. A disjunction is a simple sum.
[Mon Mar 16 10:11:56 2015] <ianjneu> "witness" I should say.
[Mon Mar 16 10:12:11 2015] <ianjneu> the "use mention distinction" is not "enforced here"
[Mon Mar 16 10:12:55 2015] <ianjneu> You can eliminate a disjunction into a Prop, but you don't get to assume the negation of the other case.
[Mon Mar 16 10:15:13 2015] <ianjneu> ~~LEM is not a theorem because of the quantifier under the ~~. You can prove forall P, ~~(P \/ ~P).
[Mon Mar 16 11:02:02 2015] <benzrf> hhh
[Mon Mar 16 11:06:18 2015] <benzrf> ugh
[Mon Mar 16 11:06:25 2015] <benzrf> i might just use untyped LC after all
[Mon Mar 16 11:06:29 2015] <benzrf> gross
[Mon Mar 16 11:08:14 2015] <benzrf> simply typed looks like its gonna force me to add naturals as a primitive or osmething
[Mon Mar 16 11:24:39 2015] <ianjneu> why?
[Mon Mar 16 16:03:45 2015] <benzrf> ianjneu: so that i can encode data
[Mon Mar 16 16:13:00 2015] <ianjneu> ah. Ya, primitive recursion + stlc > stlc
[Mon Mar 16 16:23:45 2015] <benzrf> oh
[Mon Mar 16 16:23:52 2015] <benzrf> ianjneu: actually im using stlc + fix
[Mon Mar 16 16:24:13 2015] <benzrf> ianjneu: but regardless, the type system is too simple to allow usable data encoding
[Mon Mar 16 16:24:21 2015] <benzrf> afaict anyway :|
[Mon Mar 16 16:53:40 2015] <Saizan> can you quantify over Type in Prop?
[Mon Mar 16 16:54:36 2015] <johnw> Saizan: forall (X : Type) (P : X -> Prop) (x : X), P x?
[Mon Mar 16 16:56:36 2015] <Saizan> johnw: more like,
[Mon Mar 16 16:56:51 2015] <Saizan> johnw: actuaally, what's the sort of that type?
[Mon Mar 16 16:57:09 2015] <johnw> that type is in Type
[Mon Mar 16 16:57:18 2015] <johnw> I think all functions are in Type
[Mon Mar 16 16:57:53 2015] <Saizan> i'd expect P -> Q to be in Prop for P, Q : Prop
[Mon Mar 16 16:58:04 2015] <johnw> let me check
[Mon Mar 16 16:58:19 2015] <johnw> ah, you are right
[Mon Mar 16 16:58:23 2015] <johnw> the sort of that function up above is in Prop
[Mon Mar 16 16:58:49 2015] <johnw> actually, that should have been obvious, because I have pi-types inside of Records that live in Prop just fine
[Mon Mar 16 17:01:31 2015] <Saizan> so i guess an Inductive O : Prop with a contructor lim : forall (X : Type) -> (X -> O) -> O would be fine?
[Mon Mar 16 17:02:09 2015] <johnw> s/->/,/, and yeah
[Mon Mar 16 17:03:25 2015] <Saizan> but there's some restriction on how you can eliminate a Prop
[Mon Mar 16 17:03:33 2015] <johnw> correct
[Mon Mar 16 17:03:49 2015] <johnw> you can't eliminate it in any context which would depend on the value at runtime
[Mon Mar 16 17:05:55 2015] <Saizan> but things like accessibility proofs for well-founded induction go in Prop, right?
[Mon Mar 16 17:06:20 2015] <johnw> yes, because we only need to know that it is accessible, not how
[Mon Mar 16 17:07:50 2015] <Saizan> i guess having only one constructor means there's no way to return different results for different proofs
[Mon Mar 16 17:08:20 2015] <johnw> why would that matter?
[Mon Mar 16 17:08:29 2015] <johnw> you only need the inhabitant, any inhabitant will do
[Mon Mar 16 17:08:32 2015] <johnw> (in Prop)
[Mon Mar 16 17:08:52 2015] <Saizan> well, i mean when you build the well-founded induction principle
[Mon Mar 16 17:09:14 2015] <johnw> so, the induction principle is always in Prop, which shouldn't care
[Mon Mar 16 17:09:15 2015] <Saizan> johnw: anyhow, got a good reference for the rules of Prop?
[Mon Mar 16 17:09:43 2015] <johnw> sadly, I don't
[Mon Mar 16 17:09:50 2015] <johnw> the rec or rect principles will care, on the other hand
[Mon Mar 16 17:09:58 2015] <johnw> which, for your O, can't be generated
[Mon Mar 16 17:10:12 2015] <Saizan> uh, i'd expect to be able to use well-founded induction to define stuff in Set though
[Mon Mar 16 17:10:36 2015] <johnw> oh, sure, the proof of well-foundedness should be in Prop
[Mon Mar 16 17:10:46 2015] <johnw> you just can't use what you learned by proving it in any material way
[Mon Mar 16 17:10:59 2015] <Saizan> yeah
[Mon Mar 16 17:11:58 2015] <Choups314> Hi, if I define an instance (of a class) in a section (assume it depends on an hypothesis), how can I use this instance outside the section ?
[Mon Mar 16 17:12:07 2015] <johnw> say: Global Instance
[Mon Mar 16 17:12:40 2015] <Choups314> But how can I "reconstruct" it, given a proof of the hypothesis ? (Or maybe it's automatic ?)
[Mon Mar 16 17:12:59 2015] <johnw> hmm?  did those questions relate to each other?
[Mon Mar 16 17:13:49 2015] <Choups314> yes ^^, I mean : Does a simple [Context ..] is enough to use the instance outside the section ? (In this case, how do I give the hypothesis proof ?)
[Mon Mar 16 17:14:09 2015] <johnw> you need to use Global in the section to make the instance visible outside of it
[Mon Mar 16 17:14:20 2015] <johnw> after that, you can use Context to introduce it as an implicit argument, sure
[Mon Mar 16 17:14:38 2015] <Choups314> It also works with dependent instances ?
[Mon Mar 16 17:14:44 2015] <johnw> what is a dependent instance?
[Mon Mar 16 17:15:08 2015] <Choups314> I use a [Hypothesis ...] in the section to prove the instance
[Mon Mar 16 17:15:16 2015] <johnw> Saizan: is this of interest? http://homotopytypetheory.org/2012/01/22/univalence-versus-extraction/
[Mon Mar 16 17:15:27 2015] <johnw> Choups314: Hypothesis doesn't prove anything :)
[Mon Mar 16 17:15:45 2015] <johnw> it's a local Axiom, which will turn into an argument to the instance which you use it outside
[Mon Mar 16 17:16:09 2015] <Choups314> johnw, Yea exactly, but I would like to give the proof when using [Context] (or equivalent)
[Mon Mar 16 17:16:17 2015] <johnw> it should just be an argument
[Mon Mar 16 17:16:31 2015] <johnw> Context H : MyInstance arg.
[Mon Mar 16 17:16:31 2015] <Choups314> ok, but then I use the instance name in [context] ?
[Mon Mar 16 17:16:33 2015] <Choups314> Ok
[Mon Mar 16 17:19:08 2015] <Choups314> johnw, But then, [MyInstance arg] does not have a Set,Prop,Type type ?
[Mon Mar 16 17:19:41 2015] <johnw> you can evaluate"'Check MyInstance arg" to see what sort it is
[Mon Mar 16 17:19:53 2015] <Choups314> It is the type of the instance
[Mon Mar 16 17:19:58 2015] <Choups314> (Defined in the section ^^)
[Mon Mar 16 17:20:11 2015] <johnw> then use Check on the name of the class
[Mon Mar 16 17:20:18 2015] <johnw> I'm guessing if you didn't say otherwise, it's in Type
[Mon Mar 16 17:20:31 2015] <Choups314> Yes
[Mon Mar 16 17:22:16 2015] <Choups314> In fact now it complains  "MyInstance arg " has type "ClassName" which should be Set, Prop or Type.
[Mon Mar 16 17:22:46 2015] <johnw> oh, show me the line
[Mon Mar 16 17:23:09 2015] <Choups314> The context line ?
[Mon Mar 16 17:23:11 2015] <johnw> yeah
[Mon Mar 16 17:23:21 2015] <Choups314> Context {Kone : (Fone L Kprop Hone)}.
[Mon Mar 16 17:23:29 2015] <johnw> btw, this will work too: Context `{Fone L Kprop Hone}.
[Mon Mar 16 17:23:29 2015] <Choups314> Fone is the instance defined in a previous section
[Mon Mar 16 17:23:36 2015] <johnw> oh
[Mon Mar 16 17:23:37 2015] <johnw> wait
[Mon Mar 16 17:23:39 2015] <johnw> you can't do that
[Mon Mar 16 17:24:03 2015] <johnw> so, if you want to treat an instance like a record value like this
[Mon Mar 16 17:24:12 2015] <johnw> do: Variable Kone : Fone L Kprop Hone.
[Mon Mar 16 17:24:26 2015] <johnw> now you can call member functions on Kone directly using @
[Mon Mar 16 17:24:31 2015] <johnw> @method Kone args...
[Mon Mar 16 17:24:45 2015] <johnw> which basically begs the question of why are you using type classes then?
[Mon Mar 16 17:25:27 2015] <johnw> Context brings a family of instances into scope, allowing the type class machinery to pick the appropriate instance
[Mon Mar 16 17:25:40 2015] <johnw> hence the sort error
[Mon Mar 16 17:25:56 2015] <Choups314> In fact I'm using MathClasses, and I defined substructures. Now I try to define some vector spaces, but I'm not sure
[Mon Mar 16 17:26:41 2015] <Choups314> if these substructures are well defined (i.e. use well the instances/classes system)
[Mon Mar 16 17:27:29 2015] <Saizan> johnw: yah, "singleton elimination" is what i needed to google for
[Mon Mar 16 17:29:07 2015] <johnw> ah, right
[Mon Mar 16 17:29:13 2015] <johnw> I had thought your "only one constructor" comment sounded familiar
[Mon Mar 16 17:37:19 2015] <Choups314> johnw, The problem if I use [Let] or [Variable] is that there is no such instance defined after .. I would like to use the instance I defined in a previous section, that depend on an argument (i.e. I would like to "import" it in another section, with a certain proof for the argument)
[Mon Mar 16 17:37:45 2015] <johnw> Choups314: can you reduce what you want to a small example?
[Mon Mar 16 17:37:52 2015] <johnw> then maybe I can get it working for you (later tonight)
[Mon Mar 16 17:38:08 2015] <Choups314> johnw, I'll try ;)
[Mon Mar 16 17:38:12 2015] <Choups314> Just a minute ;)
[Mon Mar 16 17:38:28 2015] <johnw> no hurry, I can't do it right now anyway
[Mon Mar 16 17:38:33 2015] <Choups314> ok
[Mon Mar 16 17:38:37 2015] <johnw> but if you ping me again in like 6 hours I'd be more than happy to give it a go
[Mon Mar 16 17:38:51 2015] <Choups314> Ok :)
[Mon Mar 16 17:43:37 2015] <Anarchos> what is the best option to use ocaml/coq on windows to compile compcert ?
[Mon Mar 16 17:44:47 2015] <johnw> Anarchos: you mean, besides a Linux VM?
[Mon Mar 16 17:45:29 2015] <Anarchos> johnw yes
[Mon Mar 16 17:45:45 2015] <johnw> I have never tried to use Coq on Windows...
[Mon Mar 16 17:45:53 2015] <Anarchos> compcert needs ocaml 4.02 but the cygwin version seems to be only 4.01.0
[Mon Mar 16 17:47:17 2015] <johnw> ah
[Mon Mar 16 17:49:30 2015] <Choups314> johnw, https://gist.github.com/Choups314/bd832a56d7253ea2b292
[Mon Mar 16 17:50:29 2015] <Choups314> I will have to go in  10 minutes, so I'll ping you later (tomorrow ?)
[Tue Mar 17 05:30:02 2015] <jstolarek> how can I call Extraction command in Prof General?
[Tue Mar 17 05:30:24 2015] <jstolarek> I know I can type it in a file and evaluate it to get the result
[Tue Mar 17 05:30:39 2015] <jstolarek> but I'd rather use M-x some-command-for-extraction
[Tue Mar 17 05:30:57 2015] <jstolarek> where some-command-for-extraction is the name I don't know
[Tue Mar 17 05:50:29 2015] <jstolarek> I've run into problems using Notation
[Tue Mar 17 05:50:31 2015] <jstolarek> if I say
[Tue Mar 17 05:50:43 2015] <jstolarek> Notation "{ x : A  |  P }" := sig (fun x : A => P)
[Tue Mar 17 05:51:09 2015] <jstolarek> that fails with a syntax error: [syntax_modifier] expected after '('
[Tue Mar 17 05:51:27 2015] <jstolarek> but if I surround that declaration with (** [[ ... ]] *) the it works
[Tue Mar 17 08:39:20 2015] <jgross> jstolarek: the term after the := must be a single "group".  If it's a function application, you need to surround it with parentheses. 
[Tue Mar 17 16:49:28 2015] <Choups314> johnw, Did you my gist yesterday ?
[Tue Mar 17 21:22:40 2015] <johnw> Choups314: hello?
[Wed Mar 18 03:57:04 2015] <hetakuso> Hi. I'm trying to follow Software Foundations and I'm up to chapter "MoreCoq" but I can't compile the prerequisite Poly.v. It's failing at "Arguments nil {X}." with "Error: No focused proof (No proof-editing in progress)."
[Wed Mar 18 03:58:22 2015] <johnw> what versions of Coq and SF?
[Wed Mar 18 03:59:20 2015] <hetakuso> johnw: 8.3pl4 and latest SF. Apparently it's quite ancient... from 2013. Could that be the issue?
[Wed Mar 18 03:59:40 2015] <johnw> the lastet SF is 3.1, from June 2014
[Wed Mar 18 03:59:56 2015] <hetakuso> Oh, I meant that version of coq
[Wed Mar 18 04:00:06 2015] <johnw> ah, 8.3 won't work
[Wed Mar 18 04:00:08 2015] <johnw> 8.4pl5
[Wed Mar 18 04:00:22 2015] <hetakuso> Damnit, Debian...
[Wed Mar 18 04:00:35 2015] <hetakuso> johnw: cool, thanks!
[Wed Mar 18 04:21:31 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/127263
[Wed Mar 18 04:21:48 2015] <jstolarek> I don't understand how that notation works
[Wed Mar 18 04:22:05 2015] <jstolarek> I mean is e2 required to be maybe?
[Wed Mar 18 04:22:30 2015] <jstolarek> or can it be anything? because if it can ba anything then this would mean branches of if have different types
[Wed Mar 18 04:22:46 2015] <jstolarek> I know this is possible with dependent types but still that looks weird...
[Wed Mar 18 04:30:36 2015] <johnw> hi jstolarek
[Wed Mar 18 04:31:15 2015] <johnw> I believe e2 can be anything in terms of _using_ the notation
[Wed Mar 18 04:31:24 2015] <johnw> but the expanded code would be in error unless e2 is what it needs to be
[Wed Mar 18 04:32:14 2015] <jstolarek> johnw: hi
[Wed Mar 18 04:32:29 2015] <jstolarek> but if the else branch is a maybe
[Wed Mar 18 04:32:40 2015] <jstolarek> then doesn't e2 need to be a maybe as well?
[Wed Mar 18 04:32:47 2015] <johnw> it would, yes
[Wed Mar 18 04:32:57 2015] <jstolarek> assuming the condition can evaluate to any of the two constructors
[Wed Mar 18 04:33:13 2015] <jstolarek> ok, that's what I was asking
[Wed Mar 18 04:34:21 2015] <johnw> yeah, the notation doesn't change anything about Gallina
[Wed Mar 18 04:34:25 2015] <johnw> it's just very fancy macros
[Wed Mar 18 04:37:58 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/127264
[Wed Mar 18 04:38:08 2015] <jstolarek> a quick follow-up question
[Wed Mar 18 04:38:34 2015] <jstolarek> Notation clearly shows that Unknown takes one argument, while Found takes 3
[Wed Mar 18 04:38:54 2015] <johnw> ok
[Wed Mar 18 04:39:07 2015] <jstolarek> but how do I know which argument is which?
[Wed Mar 18 04:39:17 2015] <johnw> what do you mean?
[Wed Mar 18 04:39:19 2015] <jstolarek> I mean for Unknown, is the one argument A or P ?
[Wed Mar 18 04:39:50 2015] <johnw> I guess you have automatic implicits turned on, in which case it would be P
[Wed Mar 18 04:39:52 2015] <jstolarek> for Found I guess that first argument is (A : Set), second is (x : A) and the third is (P : A -> Prop)
[Wed Mar 18 04:40:05 2015] <jstolarek> but what's the rule of thumb here?
[Wed Mar 18 04:40:15 2015] <johnw> the rule of thumb here has nothing to do with Notations
[Wed Mar 18 04:40:21 2015] <johnw> A can be determined from any P
[Wed Mar 18 04:40:32 2015] <johnw> if you didn't have auto-implicits on, Unknown would take two arguments
[Wed Mar 18 04:40:37 2015] <jstolarek> right, but notation exposes that nicely :-)
[Wed Mar 18 04:41:15 2015] <johnw> so, a Coq reader would know by printing Unknown
[Wed Mar 18 04:41:31 2015] <johnw> which will say that A is implicit
[Wed Mar 18 04:41:40 2015] <jstolarek> right, that's what it says
[Wed Mar 18 04:41:49 2015] <jstolarek> ok, what about Found ?
[Wed Mar 18 04:41:54 2015] <jstolarek> what confuses me here
[Wed Mar 18 04:42:13 2015] <jstolarek> is that the argument to the type consructor are interleaved with the arguments introduced in forall
[Wed Mar 18 04:42:13 2015] <johnw> somewhere there is a Set Implicit Arguments.
[Wed Mar 18 04:42:29 2015] <johnw> right, all of them are arguments to the constructors
[Wed Mar 18 04:42:42 2015] <jstolarek> yes, I have implictis turned on
[Wed Mar 18 04:42:44 2015] <johnw> some are notionally "indices", and some are "parameters"
[Wed Mar 18 04:42:53 2015] <jstolarek> oh, I just realized
[Wed Mar 18 04:42:54 2015] <johnw> but to Coq, they are pretty much all the same
[Wed Mar 18 04:43:04 2015] <jstolarek> the last argument to Found is not P but (P x)
[Wed Mar 18 04:43:08 2015] <johnw> right
[Wed Mar 18 04:43:16 2015] <johnw> Found's arguments are: P x (_ : P x)
[Wed Mar 18 04:43:46 2015] <johnw> I think that if you also enable Generalizable All Variables., then 'x' would not be needed either there
[Wed Mar 18 04:43:52 2015] <jstolarek> ok, so indices always go first, unless they are implicit?
[Wed Mar 18 04:44:03 2015] <johnw> indices always go first, even if they are implicit
[Wed Mar 18 04:44:06 2015] <johnw> you just don't have to pass them :)
[Wed Mar 18 04:44:21 2015] <jstolarek> ok, that is the rule of thumb I was looking for :-)
[Wed Mar 18 04:44:47 2015] <johnw> actually, Found only truly needs one argument
[Wed Mar 18 04:44:54 2015] <johnw> since that argument will determine x, P, and A
[Wed Mar 18 04:45:06 2015] <johnw> I start every file with this: https://gist.github.com/bc11d379475d54d383eb
[Wed Mar 18 04:45:17 2015] <johnw> (this comes from the ssreflect manual, where they use that convention)
[Wed Mar 18 04:45:50 2015] <Cypi> "< johnw> actually, Found only truly needs one argument" >> is that true?
[Wed Mar 18 04:46:06 2015] <jstolarek> johnw: out of curiosity - are you using coq in a "real" project ?
[Wed Mar 18 04:46:18 2015] <johnw> jstolarek: yes, I am
[Wed Mar 18 04:46:22 2015] <johnw> Cypi: let me verify that
[Wed Mar 18 04:46:56 2015] <johnw> yes, that is correct
[Wed Mar 18 04:47:02 2015] <johnw> only the (_ : P x) argument is needed
[Wed Mar 18 04:47:11 2015] <Cypi> hmm
[Wed Mar 18 04:47:14 2015] <johnw> "For Found: Arguments A, P, x are implicit"
[Wed Mar 18 04:49:05 2015] <jstolarek> johnw: can you give any details? :-)
[Wed Mar 18 04:49:38 2015] <johnw> jstolarek: sure, the code is here: https://github.com/jwiegley/linearscan
[Wed Mar 18 04:49:47 2015] <johnw> it's a register allocator to be used in an in-house compiler at work
[Wed Mar 18 04:49:58 2015] <johnw> I have only two implementation details left
[Wed Mar 18 04:50:30 2015] <johnw> it extracts to a Haskell library that's on Hackage
[Wed Mar 18 04:50:31 2015] <jstolarek> thanks
[Wed Mar 18 04:50:35 2015] <jstolarek> I'll take a look
[Wed Mar 18 04:51:13 2015] <Cypi> johnw : sorry to come back to that, but how can Coq infer A, P and x when you give it, for exemple, [Found I] ?
[Wed Mar 18 04:51:37 2015] <Cypi> [Definition foo : maybe (fun (x : nat) => True) := Found I.] doesn't go well
[Wed Mar 18 04:51:38 2015] <johnw> it couldn't be just I
[Wed Mar 18 04:51:56 2015] <johnw> I is an inhabitant of True, which is of the wrong type
[Wed Mar 18 04:52:08 2015] <johnw> the type of P must be A -> Prop
[Wed Mar 18 04:52:33 2015] <johnw> let me try that
[Wed Mar 18 04:52:44 2015] <Cypi> You said that P was implicit
[Wed Mar 18 04:52:51 2015] <Cypi> the only remaining argument is of type [P x]
[Wed Mar 18 04:53:02 2015] <Cypi> which can be True, like in my example
[Wed Mar 18 04:53:02 2015] <johnw> oh sure, that doesn't mean you can't come up with examples where the inference mechanism can't realize an argument
[Wed Mar 18 04:53:12 2015] <johnw> in those cases, you must use @ or (x:=...)
[Wed Mar 18 04:53:30 2015] <Cypi> So I think I did not understand "< johnw> since that argument will determine x, P, and A"
[Wed Mar 18 04:53:44 2015] <johnw> I'll show you an example
[Wed Mar 18 04:55:24 2015] <johnw> Cypi: https://gist.github.com/72cd5b90e5b25e586a1b
[Wed Mar 18 04:55:43 2015] <johnw> neatO's type "encodes" sufficient information to package up x and P
[Wed Mar 18 04:55:53 2015] <jstolarek> johnw: skimmed the files in your project, they are way above my understanding of Coq
[Wed Mar 18 04:56:05 2015] <johnw> jstolarek: also, it's all in ssreflect style
[Wed Mar 18 04:56:09 2015] <johnw> not the Coq standard library
[Wed Mar 18 04:56:20 2015] <Cypi> I see. Thanks.
[Wed Mar 18 04:56:56 2015] <johnw> in fact, in the definition of "foo" you can just say "maybe _"
[Wed Mar 18 04:57:02 2015] <Cypi> Ok, that's what "Strict Implicit" is for
[Wed Mar 18 04:57:05 2015] <johnw> neatO will provide P there too
[Wed Mar 18 04:57:13 2015] <jstolarek> what's ssreflect style?
[Wed Mar 18 04:57:48 2015] <johnw> ssreflect is an alternate stdlib that focuses on "small scale reflection", where computable boolean predicates can be easily reflected to decidable inductive predicates and back
[Wed Mar 18 04:58:33 2015] <johnw> it makes certain classes of proofs much smaller, and allows you to prove many things using only term rewriting, without need for induction
[Wed Mar 18 04:59:42 2015] <johnw> for more info, see Ilya Sergey's excellent book, "Programs and Proofs": http://ilyasergey.net/pnp/pnp.pdf
[Wed Mar 18 05:00:01 2015] <johnw> not a huge amount of Coq experience is needed to read that book, either
[Wed Mar 18 05:00:01 2015] <jstolarek> hm... I don;t understand what you said - sorry :-(
[Wed Mar 18 05:00:07 2015] <jstolarek> but I'm noting the book reference
[Wed Mar 18 05:00:19 2015] <johnw> jstolarek: the lib was creating to make the Four Color Theorem easier to write, basically
[Wed Mar 18 05:00:24 2015] <jstolarek> at the moment I am reading CPDT so won't be taking a look in a next couple of weeks
[Wed Mar 18 05:00:31 2015] <johnw> and it turns out, if you're writing real programs with Coq, it makes that easier too
[Wed Mar 18 05:00:42 2015] <johnw> ah, ok, CPDT is much more advanced than that book
[Wed Mar 18 05:00:46 2015] <johnw> so you'll breeze through it
[Wed Mar 18 05:02:27 2015] <johnw> jstolarek: what do you plan on using Coq for?
[Wed Mar 18 05:02:33 2015] <jstolarek> um... nothing :-)
[Wed Mar 18 05:02:40 2015] <jstolarek> just learning it for fun
[Wed Mar 18 05:02:48 2015] <johnw> ok, cool!
[Wed Mar 18 05:02:51 2015] <johnw> it is indeed great fun
[Wed Mar 18 05:02:59 2015] <jstolarek> well, fun and curiosity about how it comapres to Agda or Idris
[Wed Mar 18 05:03:18 2015] <johnw> there are large areas of intersection with both, depending on how you use Coq
[Wed Mar 18 05:03:19 2015] <jstolarek> as for CPDT: yeah, it's pretty advanced and unfortunatelly far from being self-contained
[Wed Mar 18 05:03:31 2015] <johnw> so, I would read CPDT at a later date
[Wed Mar 18 05:03:34 2015] <johnw> CPDT has a very specific audience
[Wed Mar 18 05:03:39 2015] <jstolarek> namely?
[Wed Mar 18 05:03:53 2015] <johnw> people are using Coq practically, and who need to know the tricks and techniques to take their use of Coq to the "next level"
[Wed Mar 18 05:04:03 2015] <jstolarek> I've read like 1/3 of the book so far
[Wed Mar 18 05:04:18 2015] <johnw> if you are a practioner who has struggled with certain issues (like, pattern matching on dependent types, or encoding free structures), then CPDT is a gold mine
[Wed Mar 18 05:04:35 2015] <jstolarek> it's a great demonstration of what can be done with Coq, not necearilly an explanation of how it can be done...
[Wed Mar 18 05:04:36 2015] <johnw> but if you are just reading to learn more about Coq, there's too much detail, and it's too dense
[Wed Mar 18 05:04:50 2015] <johnw> the first time I read CPDT, it went right over my head
[Wed Mar 18 05:04:55 2015] <johnw> then, six months after using Coq seriously, I read it again
[Wed Mar 18 05:04:58 2015] <johnw> and it was solid gold
[Wed Mar 18 05:05:38 2015] <jstolarek> well, I don't have any real-life Coq project on the horizon
[Wed Mar 18 05:05:50 2015] <jstolarek> sadly
[Wed Mar 18 05:05:51 2015] <johnw> then you may never take advantage of what's in CPDT
[Wed Mar 18 05:05:56 2015] <jstolarek> maybe
[Wed Mar 18 05:06:07 2015] <johnw> unless you find ways to transport those tricks to Agda, say
[Wed Mar 18 05:06:14 2015] <jstolarek> but the nice thing about CPDT is that it gives also some theoretical insight
[Wed Mar 18 05:06:29 2015] <johnw> he has some pretty cool techniques for modelling turing complete languages in a logic like Coq
[Wed Mar 18 05:06:35 2015] <johnw> true, it does
[Wed Mar 18 05:06:44 2015] <johnw> it's a book worth reading, if one has sufficient time
[Wed Mar 18 05:07:11 2015] <jstolarek> I'm trying to read 1 sub-section a day
[Wed Mar 18 05:07:25 2015] <johnw> has he gotten into language modelling yet?
[Wed Mar 18 05:07:29 2015] <jstolarek> which takes ~3-m-1h
[Wed Mar 18 05:07:46 2015] <jstolarek> there were a couple of examples so far
[Wed Mar 18 05:07:47 2015] <jstolarek> I
[Wed Mar 18 05:07:49 2015] <johnw> I think he starts out with that really early, actually
[Wed Mar 18 05:07:58 2015] <johnw> so, he's going to come back to that, maybe 5 times over
[Wed Mar 18 05:08:03 2015] <jstolarek> I'm reading the type-checking example in chapter 6 at the moment
[Wed Mar 18 05:08:05 2015] <johnw> each time using a different technique
[Wed Mar 18 05:08:21 2015] <jstolarek> :-)
[Wed Mar 18 05:08:26 2015] <jstolarek> ok, I gotta go
[Wed Mar 18 05:08:35 2015] <johnw> please stop by here if you ever have issues or questions
[Wed Mar 18 05:08:42 2015] <johnw> bye jstolarek
[Wed Mar 18 05:08:47 2015] <jstolarek> gotta teach my BcS students how to compile GHC
[Wed Mar 18 05:08:54 2015] <jstolarek> sure, I'll do
[Wed Mar 18 05:08:57 2015] <jstolarek> bye
[Wed Mar 18 08:25:57 2015] <jstolarek> johnw: so if CPDT is too advanced what would you recommend as an introduction to Coq?
[Wed Mar 18 08:26:24 2015] <jstolarek> I'm mostly interested in dependent types (hence CPDT sounds very attractive)
[Wed Mar 18 08:40:59 2015] <RchrdB> jstolarek: Software Foundations by Ben Pierce.
[Wed Mar 18 08:41:26 2015] <RchrdB> (and friends)
[Wed Mar 18 08:41:28 2015] <RchrdB> It's a MUUUCH gentler introduction.
[Wed Mar 18 08:56:00 2015] <jstolarek> RchrdB: thanks
[Wed Mar 18 08:56:22 2015] <jstolarek> I don't mind brutality when it comes to dependent types :-) but a more detailed explanation of Coq itself would be nice
[Wed Mar 18 08:56:49 2015] <jstolarek> BTW. is there a printed version of SF?
[Wed Mar 18 08:57:13 2015] <Cypi> You're supposed to go through SF in a Coq session, so I don't think so
[Wed Mar 18 09:17:36 2015] <jstolarek> too bad. I prefer printed books - much easier to add notes
[Wed Mar 18 09:21:31 2015] <hodapp> You're supposed to be editing the source code anyway as you complete exercises.
[Wed Mar 18 09:21:41 2015] <hodapp> so adding notes there is a matter of moving a few lines away, genearlly.
[Wed Mar 18 09:21:49 2015] <hodapp> s/genearlly/generally/
[Wed Mar 18 09:33:58 2015] <JanBessai> is there any MMap implementation around the corner?
[Wed Mar 18 09:34:07 2015] <JanBessai> google pops up this project https://groups.google.com/forum/?_escaped_fragment_=topic/oplss14/VIBdiX_pG2w#!topic/oplss14/VIBdiX_pG2w
[Wed Mar 18 09:34:20 2015] <JanBessai> but no hints if it has been done yet
[Wed Mar 18 09:35:12 2015] <JanBessai> ah the github repo has it
[Wed Mar 18 09:39:41 2015] <lpaste> Cypi pasted “Need proof irrelevance?” at http://lpaste.net/127273
[Wed Mar 18 09:39:57 2015] <Cypi> In the linked proof, do I really need proof irrelevance to conclude?
[Wed Mar 18 09:40:54 2015] <Cypi> I'm pretty sure I do, but since I know that f goes into something in Type, the return value of f shouldn't depend on the actual value of its argument, right?
[Wed Mar 18 16:51:13 2015] <johnw> jstolarek: probably SF, then Programs and Proofs (although it's geared toward ssreflect), then CPDT
[Wed Mar 18 16:51:17 2015] <johnw> there's not a huge amount of middle ground
[Wed Mar 18 16:54:33 2015] <Anarchos> i resigned today on CPDT.
[Wed Mar 18 16:54:47 2015] <Anarchos> too much tricks and no clear explanation of crush.
[Wed Mar 18 16:59:31 2015] <johnw> Anarchos: see http://jozefg.bitbucket.org/posts/2014-07-09-dissecting-crush.html
[Wed Mar 18 17:03:58 2015] <Anarchos> johnw sure i can find explanation about it somewhere. But hey couldn't Adam do it in his 471pages (or so)  book ?
[Wed Mar 18 17:08:01 2015] <Cypi> Thanks for the link, I actually wondered how it worked too
[Wed Mar 18 17:08:31 2015] <Cypi> I didn't know it used axioms
[Thu Mar 19 06:35:53 2015] <roosbeef> is there some documentation on the fun x => ... notation?
[Thu Mar 19 06:40:38 2015] <roosbeef> the closest i could find is https://coq.inria.fr/refman/Reference-Manual003.html#sec31
[Thu Mar 19 06:40:46 2015] <roosbeef> but thats kinda indirect
[Thu Mar 19 06:41:20 2015] <Cypi> What are you looking for, more precisely?
[Thu Mar 19 06:42:58 2015] <roosbeef> a definition or explanation of the 'fun' construct for referencing
[Thu Mar 19 08:50:51 2015] <benzrf> roosbeef: it is just a lambda term
[Thu Mar 19 08:55:37 2015] <roosbeef> so im looking for the part of the ref manual where it says that :p
[Thu Mar 19 08:57:34 2015] <Cypi> What you linked kind of say that, no? :o Just below it, https://coq.inria.fr/refman/Reference-Manual003.html#sec32
[Thu Mar 19 08:57:59 2015] <Cypi> More precisely, "The expression “fun ident : type => term” defines the abstraction of the variable ident, of type type, over the term term."
[Thu Mar 19 08:58:34 2015] <benzrf> type type term term
[Thu Mar 19 08:59:38 2015] <Cypi> Well, without the italics, it's less readable, sure :p
[Thu Mar 19 09:00:39 2015] <roosbeef> ha, yep
[Thu Mar 19 09:00:43 2015] <roosbeef> thanks Cypi :)
[Thu Mar 19 14:52:34 2015] <Anarchos> * got coq V8.4pl5 working on HaikuOS o/
[Thu Mar 19 15:29:11 2015] <roosbeef> is there a tactic to duplicate a hypothesis?
[Thu Mar 19 15:29:47 2015] <johnw> pose
[Thu Mar 19 15:29:56 2015] <johnw> "pose proof H." will create H0
[Thu Mar 19 16:23:43 2015] <nkar> is there a way to apply the same tactic n times without repeating it?  something like [foo 3 rewrite H.] instead of [rewrite H. rewrite H. rewrite H.]
[Thu Mar 19 16:24:17 2015] <Anarchos> nkar nothing found in the refman ?
[Thu Mar 19 16:24:36 2015] <nkar> I haven't checked, frankly
[Thu Mar 19 16:24:59 2015] <nkar> the question popped up when this buffer was open, so I just typed it
[Thu Mar 19 16:28:33 2015] <Cale> nkar: foo = do
[Thu Mar 19 16:29:09 2015] <Cale> nkar: Also note the existence of repeat, which repeats a tactic as many times as it succeeds
[Thu Mar 19 16:29:10 2015] <nkar> cool
[Thu Mar 19 17:24:42 2015] <benzrf> does constructive logic change anything about russell's paradox
[Thu Mar 19 17:24:48 2015] <benzrf> oh wait hold on
[Thu Mar 19 17:25:35 2015] <benzrf> R P = ~P P
[Thu Mar 19 17:26:04 2015] <benzrf> assuming a type system that would allow that, you need LEM to derive a contra from it, dont you?
[Thu Mar 19 17:27:21 2015] <benzrf> or is any type system that allows that already inconsistent for some other reason
[Thu Mar 19 17:40:39 2015] <ianjneu> "I saw a sign that said falling rocks so I tried and it doesn’t"
[Thu Mar 19 17:41:04 2015] <ianjneu> and wrong channel
[Thu Mar 19 17:41:40 2015] <johnw> haha
[Thu Mar 19 18:09:14 2015] <benzrf> lol
[Thu Mar 19 18:10:32 2015] <Anarchos> * compiled coq and compcert on haikuOS o/
[Fri Mar 20 06:21:18 2015] <roosbeef> johnw, perfect\ thanks!
[Fri Mar 20 14:49:08 2015] <Choups314> johnw, ?
[Fri Mar 20 14:59:20 2015] <johnw> Choups314: hi
[Fri Mar 20 14:59:35 2015] <Choups314> johnw, Did you see my gist last time ?
[Fri Mar 20 14:59:37 2015] <johnw> so, your Context doesn't work for the same reason this doesn't work:
[Fri Mar 20 14:59:42 2015] <johnw> Variable n : 3.
[Fri Mar 20 15:00:21 2015] <Choups314> https://gist.github.com/Choups314/1bd2e9bb65e9fa4e0311
[Fri Mar 20 15:00:26 2015] <Choups314> I change a bit the end
[Fri Mar 20 15:05:58 2015] <Choups314> What does [Program Instance] change ? (instead of [Instance] ?
[Fri Mar 20 15:12:24 2015] <johnw> it involves the Program machinery (see that chapter of manual)
[Fri Mar 20 15:15:08 2015] <Anarchos> Hi everybody, i have a little trouble with an equality predicate.
[Fri Mar 20 15:30:30 2015] <Anarchos> because my inductive type has 256 constant constructors , coqtop takes a long time to finish the proof, and coqc crashes.
[Fri Mar 20 15:31:04 2015] <johnw> can you paste your predicate?
[Fri Mar 20 15:31:54 2015] <Anarchos> Lemma eq_dec : forall n m : mreg, {n=m}+{n<>m}. mreg being my type with 256 consntructors named R0,R1,…,R255
[Fri Mar 20 15:32:28 2015] <Anarchos> johnw i am trying to port compcert to an architecture with 256 registers, so my modifications in the MAchregs.v file.
[Fri Mar 20 15:32:33 2015] <johnw> what if you write an equality function returning bool
[Fri Mar 20 15:32:47 2015] <johnw> and then use: Lemma eq_dec : forall n m : mreg, is_equal n m = true.
[Fri Mar 20 15:33:06 2015] <johnw> where is_equal looks like:
[Fri Mar 20 15:33:08 2015] <johnw> match n, m where
[Fri Mar 20 15:33:13 2015] <johnw> | A, A -> True
[Fri Mar 20 15:33:16 2015] <johnw> | B, B -> True
[Fri Mar 20 15:33:18 2015] <johnw> ...
[Fri Mar 20 15:33:22 2015] <johnw> | _, _ -> False
[Fri Mar 20 15:33:22 2015] <johnw> end
[Fri Mar 20 15:34:19 2015] <Anarchos> johnw so the function will be 256 line long, but it is usable. In the first place i thought to use an inductive definition : Inductive mreg : | R :n -> n<256 -> mreg.
[Fri Mar 20 15:34:21 2015] <ystael> Anarchos: is it crucial to the working of compcert that the mreg type be an inductive type with only constant constructors? or can you give it a field from a finite range type where you know equality is decidable
[Fri Mar 20 15:34:22 2015] <johnw> that's not eq_dec, sorry
[Fri Mar 20 15:34:40 2015] <johnw> is_equal is itself decidable
[Fri Mar 20 15:34:46 2015] <johnw> destruct (is_equal n m) eqn:Heqe.
[Fri Mar 20 15:34:47 2015] <Anarchos> ystael no it is not crucial but i am unable to write it cleanly !
[Fri Mar 20 15:37:16 2015] <ystael> I don't know if the standard library has a type representing {0, 1, 2, ..., N-1} in it
[Fri Mar 20 15:37:26 2015] <ystael> with all the properties you want for that
[Fri Mar 20 15:37:52 2015] <ystael> you'd think it would but i don't actually know
[Fri Mar 20 15:38:10 2015] <Anarchos> ystael i don't think so , cause there seem to be such an implementation in compcert, but i am not 100% sure
[Fri Mar 20 15:45:11 2015] <Choups314> Is there a way to display the current instances ? (I don't know how it is stored internally, but display a kind of stack maybe ..)
[Fri Mar 20 15:56:56 2015] <johnw> I have no idea, but that's a good question
[Fri Mar 20 15:57:32 2015] <Choups314> When doing this : "Instance reflexive proper ‘(Reflexive A R) (x : A) : Proper R x ."
[Fri Mar 20 15:57:35 2015] <Choups314> (from the stdlib)
[Fri Mar 20 15:58:27 2015] <Choups314> Does it means that when an instance of [Proper R x] is automatically defined when required ? (If it can find a proof of [Reflexive A R])
[Fri Mar 20 16:30:35 2015] <Anarchos> nobody knows compcert here ?
[Fri Mar 20 23:15:18 2015] <marisa__> Hello everyone, I got struck on a question recently: How can Coq code in one directory Require Import other Coq code in different directory using relative path? I am looking for something like #include"../../blablabla/whatever" in C++, but I can't find anything after searching on stackoverflow and bing...
[Sat Mar 21 01:35:47 2015] <johnw> marisa__: there is a vernacular command for extending the "load path" for Coq
[Sat Mar 21 04:08:31 2015] <marisa__> johnw: I know I can Add Load Path, but that would make my code only available on my laptop (other people is not going to run Add LoadPath Marisa/Work/Coq_code/blablabla)
[Sat Mar 21 04:08:54 2015] <johnw> don't relative LoadPath's work?
[Sat Mar 21 04:12:10 2015] <marisa__> Nope... Pwd. is /home/marisa, and my code is in /home/marisa/Work/blablabla
[Sat Mar 21 04:12:24 2015] <johnw> ah
[Sat Mar 21 07:12:25 2015] <nkar> johnw: may I ask why you picked coq for the linearscan project as well as the category theory lib?  is it because agda lacks tactics and idris is not mature enough?
[Sat Mar 21 11:34:17 2015] <jgross> marisa__: Add the other path to the COQPATH environment variable, and then [Require Import] it as if it were in the same directory. 
[Sat Mar 21 11:36:20 2015] <marisa__> Thankyou, I will give a try.
[Sat Mar 21 12:27:16 2015] <marisa__> jgross, thx, but how can I enable it in COQIDE?
[Sat Mar 21 13:35:30 2015] <jgross> Does it not work automatically if you set COQPATH system-wide before launching coqide, or if you run `COQPATH=... coqide &`? 
[Sat Mar 21 13:35:35 2015] <jgross> marisa__: ^ 
[Sat Mar 21 16:48:25 2015] <bigos> win 5
[Sat Mar 21 18:09:43 2015] <nkar> jrw: I'm trying to prove [forall (X : Type) (xs : list X), xs = [] \/ xs = init xs ++ [last xs].], which you suggested some time ago.  however, I've just realized that I see no way to define last.  what do I need to return if xs == []?
[Sat Mar 21 18:10:29 2015] <nkar> I mean it can't happen in the theorem, but how do I define the function, which doesn't have this constraint?
[Sat Mar 21 18:10:49 2015] <nkar> alternatively, how do I state that a list is nonempty?
[Sat Mar 21 18:11:59 2015] <nkar> I think I could try to return a list in last. so instead of [last xs], it'll be last xs
[Sat Mar 21 18:12:09 2015] <nkar> not sure whether it's useful, though
[Sat Mar 21 20:06:32 2015] <viatropos> where can i see the tactic implementations in the coq source? specifically for `intros` and `apply`
[Sat Mar 21 20:07:03 2015] <viatropos> if i'm not mistaken this seems to be the implementation for `reflexivity` https://github.com/coq/coq/blob/trunk/tactics/tactics.ml#L4161
[Sat Mar 21 20:07:23 2015] <viatropos> but not sure, and doesn't look like `intros` is in that file
[Sun Mar 22 00:11:44 2015] <johnw> nkar: still there?
[Sun Mar 22 04:21:09 2015] <nkar> johnw: yes
[Sun Mar 22 08:52:18 2015] <marisa__> Hello, what is a good precedence level for function composition operator? I never get how I should set the level...
[Sun Mar 22 12:59:21 2015] <ccomp> What's a good simple way of representing memory in Coq? I'm working with Bedrock and using their Word type where possible, but I'm having trouble figuring out how to make a memory map with type option (word 32) or option nat
[Sun Mar 22 13:17:26 2015] <nkar`> if I have a rule like this [s_rec : forall (x y : X) (xs ys : list X), subseq [x] [y] -> subseq xs ys -> subseq (x::xs) (y::ys).] as a part of the inductive def'n, can I get [subseq [x] [y]] and [subseq xs ys] if I have [subseq (x::xs) (y::ys)] in the hypothesis?
[Sun Mar 22 13:39:24 2015] <lolisa> nkar`, I think it depend on your definition of subseq
[Sun Mar 22 13:40:40 2015] <lolisa> Don't think s_rec can help you prove what you want.
[Sun Mar 22 13:42:29 2015] <nkar`> lolisa: here's my def'n: https://gist.github.com/nkaretnikov/86b84f74ff2cdc216bba
[Sun Mar 22 13:42:42 2015] <nkar`> lolisa: but please don't paste yours
[Sun Mar 22 13:43:09 2015] <nkar`> instead, tell me what's wrong with it it's the case
[Sun Mar 22 13:45:20 2015] <lolisa> OK, I will not paste my.
[Sun Mar 22 13:45:49 2015] <lolisa> But I can't see because gov block gist in China. Can you paste it on github repo?
[Sun Mar 22 13:47:03 2015] <nkar`> they block only the gist subdomain?
[Sun Mar 22 13:47:15 2015] <lolisa> Yes. gov is strange.
[Sun Mar 22 13:47:45 2015] <nkar`> I'll just paste it via /q, okay?
[Sun Mar 22 13:48:06 2015] <lolisa> OK
[Sun Mar 22 13:48:20 2015] <nkar`> done
[Sun Mar 22 13:53:32 2015] <lolisa> Your definition of s_req can be simplified : subseq[x][y] imply x = y
[Sun Mar 22 13:53:33 2015] <lolisa> Goal forall T (l r : T), subseq [l] [r] -> l = r.
[Sun Mar 22 13:53:33 2015] <lolisa>   intros.
[Sun Mar 22 13:53:33 2015] <lolisa>   dependent induction H;
[Sun Mar 22 13:53:33 2015] <lolisa>   trivial.
[Sun Mar 22 13:53:33 2015] <lolisa> Qed.
[Sun Mar 22 13:54:16 2015] <lolisa> So you can reduce your s_rec to : forall (x y : X) (xs ys : list X),
[Sun Mar 22 13:54:16 2015] <lolisa>  x = y -> subseq xs ys -> subseq (x::xs) (y::ys).
[Sun Mar 22 13:54:42 2015] <lolisa> and than  s_rec : forall (x : X) (xs ys : list X), subseq xs ys -> subseq (x::xs) (x::ys).
[Sun Mar 22 13:56:43 2015] <nkar`> as I said privately, I assumed that subseq [x] [y] can match forall xs. subseq nil xs.  I'll try the suggested definition, thanks.
[Sun Mar 22 13:58:19 2015] <lolisa> And than your definition isn't quite right because I think subseq l r <-> exists blablabla, l ++ blablabla = r, which is not the book want
[Sun Mar 22 13:58:47 2015] <lolisa> I think you need more constructors.
[Sun Mar 22 13:59:07 2015] <nkar`> the book says that only three cases are needed.
[Sun Mar 22 13:59:53 2015] <lolisa> Yes, but your two case overlap
[Sun Mar 22 14:00:21 2015] <lolisa> you can get s_one from s_rec and s_nil
[Sun Mar 22 14:01:14 2015] <lolisa> Look at the book example for subsequence. Some of them is unprovable with your definition.
[Sun Mar 22 14:01:33 2015] <lolisa> [1,2,3][1,2,2,3],for example
[Sun Mar 22 14:04:15 2015] <nkar`> hm, I'll think about it later.  thanks for the tips!
[Sun Mar 22 14:05:18 2015] <lolisa> your wellcome! have a github account?
[Sun Mar 22 14:05:46 2015] <nkar`> yes, you can infer it from my gist account.
[Sun Mar 22 14:07:12 2015] <lolisa> You know I can't get on gist...
[Sun Mar 22 14:07:23 2015] <lolisa> Oh I see...
[Sun Mar 22 21:11:53 2015] <johnw> nkar`: hi
[Sun Mar 22 21:22:43 2015] <johnw> nkar`: I chose Coq mostly because it is very mature and has a proven meta-theory behind it, so it seemed like the most solid foundation to build something whose main selling point was formal verification
[Mon Mar 23 01:37:22 2015] <nkar`> johnw: okay, thanks for elaborating.
[Mon Mar 23 03:55:16 2015] <JanBessai> is it possible to define a "Function" inside a section? I keep getting "No such section variable or assumption"
[Mon Mar 23 04:20:29 2015] <JanBessai> ah it seems nested matching causes the error
[Mon Mar 23 04:23:30 2015] <JanBessai> and it is actually reasonable :)
[Mon Mar 23 04:33:39 2015] <JanBessai> or not :/
[Mon Mar 23 04:34:10 2015] <lpaste> JanBessai pasted “Error: No such section variable or assumption: test.” at http://lpaste.net/128311
[Mon Mar 23 04:34:42 2015] <JanBessai> commenting out the match on (1, n) makes the error disappear
[Mon Mar 23 04:35:32 2015] <johnw> that is indeed odd
[Mon Mar 23 04:40:27 2015] <JanBessai> it also works without the second function-call test(l')
[Mon Mar 23 04:41:53 2015] <JanBessai> and if I return a constant
[Mon Mar 23 04:42:31 2015] <JanBessai> but only if I don't match on both arguments o_O
[Mon Mar 23 04:42:48 2015] <JanBessai> "| (1, n)  => 1" is fine
[Mon Mar 23 04:43:05 2015] <JanBessai> "| (1, 1)  => 1" fails
[Mon Mar 23 04:51:03 2015] <JanBessai> with Program Fixpoint everything works
[Mon Mar 23 11:31:25 2015] <benzrf> gaaaaah
[Mon Mar 23 11:31:37 2015] <benzrf> how the fuck do i rewrite ONLY THE FIRST OCCURRENCE of the lhs of an equality
[Mon Mar 23 11:31:39 2015] <benzrf> >_<
[Mon Mar 23 11:32:23 2015] <Cypi> I guess [rewrite foo at 1] did not work.
[Mon Mar 23 11:32:39 2015] <benzrf> it says nothing t rewrite
[Mon Mar 23 11:33:09 2015] <Cypi> But when you do just [rewrite foo], it does rewrite there?
[Mon Mar 23 11:33:13 2015] <Cypi> (among other places)
[Mon Mar 23 11:33:23 2015] <benzrf> yes
[Mon Mar 23 11:33:25 2015] <benzrf> oh my god
[Mon Mar 23 11:33:30 2015] <benzrf> this person to whom i am introducing coq
[Mon Mar 23 11:33:32 2015] <benzrf> just
[Mon Mar 23 11:33:34 2015] <benzrf> sent me this link
[Mon Mar 23 11:33:36 2015] <benzrf> https://privatepaste.com/9dc8c10e94
[Mon Mar 23 11:38:19 2015] <Cypi> and so?
[Mon Mar 23 13:00:46 2015] <lpaste> jstolarek pasted “No title” at http://lpaste.net/128360
[Mon Mar 23 13:01:02 2015] <jstolarek> I'm trying to defint Fibonacci sequence using zipWith
[Mon Mar 23 13:01:07 2015] <jstolarek> in the spirit of Haskell's
[Mon Mar 23 13:01:13 2015] <jstolarek> let fib = zipWith (+) (1:fib) (1:fib)
[Mon Mar 23 13:01:24 2015] <jstolarek> obviously, my definition of zipWith does not work
[Mon Mar 23 13:01:44 2015] <jstolarek> I mean it is correct, but Coq's rules for co-recursion reject it
[Mon Mar 23 13:02:07 2015] <jstolarek> how can I convince Coq that this definition is safe?
[Mon Mar 23 13:02:30 2015] <johnw> jstolarek: well, your zipWith is not obviously a producer
[Mon Mar 23 13:02:39 2015] <johnw> since it recurses on a structural reduction, not on a structural production
[Mon Mar 23 13:03:37 2015] <johnw> I wonder if the Program environment will let you prove that it is productive
[Mon Mar 23 13:04:02 2015] <johnw> but since you aren't wrapping Cons around 'a' or 'b', it's hard for it to see how the inputs relate to the output
[Mon Mar 23 13:04:15 2015] <jstolarek> * is thinking
[Mon Mar 23 13:05:39 2015] <johnw> (or Cons around x and y; I haven't used co-recursion much yet)
[Mon Mar 23 13:06:03 2015] <jstolarek> * is still thinking
[Mon Mar 23 13:07:37 2015] <johnw> oh, I see, zipWith is fine
[Mon Mar 23 13:07:40 2015] <johnw> * lets jstolarek think
[Mon Mar 23 13:09:22 2015] <jstolarek> I can't come up with a different definition of zipWith
[Mon Mar 23 13:09:47 2015] <johnw> that may not be the problem; I'm trying something now
[Mon Mar 23 13:10:38 2015] <jstolarek> sure
[Mon Mar 23 13:14:38 2015] <johnw> ok, I've simplified to this: https://gist.github.com/4f2241d108c65e68f742
[Mon Mar 23 13:14:44 2015] <johnw> here, the unguarded nature of the recursion is more obvious
[Mon Mar 23 13:18:53 2015] <jstolarek> I thought this will be a trivial exercise in co-induction...
[Mon Mar 23 13:19:37 2015] <jstolarek> and I don't see why your definition is rejected...
[Mon Mar 23 13:19:51 2015] <jstolarek> I mean call to zipWith is guarded
[Mon Mar 23 13:20:16 2015] <johnw> hmm
[Mon Mar 23 13:21:58 2015] <johnw> I can do this easily: CoFixpoint fib (a : stream) := Cons 0 (Cons 1 (zipWith plus a (tail a))).
[Mon Mar 23 13:22:08 2015] <johnw> but then this is rejected for the same reason:
[Mon Mar 23 13:22:08 2015] <johnw> t
[Mon Mar 23 13:22:10 2015] <johnw> CoFixpoint fibs := fib fibs.
[Mon Mar 23 13:22:37 2015] <johnw> because it doesn't "see" how fibs is being iterated
[Mon Mar 23 13:22:47 2015] <benzrf> CoFixpoint
[Mon Mar 23 13:22:49 2015] <benzrf> :D
[Mon Mar 23 13:26:31 2015] <benzrf> so up
[Mon Mar 23 13:26:33 2015] <benzrf> *uh
[Mon Mar 23 13:26:40 2015] <benzrf> how much homotopy theory i gotta know to look at hott
[Mon Mar 23 13:26:49 2015] <johnw> not much
[Mon Mar 23 13:26:53 2015] <johnw> hott is a good type theory intro
[Mon Mar 23 13:28:00 2015] <benzrf> ooh
[Mon Mar 23 13:28:07 2015] <johnw> jstolarek: I don't see how CoFixpoint x := ... x ... is ever going to work, because the recursion isn't lazy as it is Haskell
[Mon Mar 23 13:28:08 2015] <benzrf> so the univalence axiom
[Mon Mar 23 13:28:09 2015] <benzrf> let me see if i recall
[Mon Mar 23 13:28:20 2015] <benzrf> isomorphisms are isomorphic to equalities?
[Mon Mar 23 13:28:33 2015] <johnw> it would be "lazy" if the recursive call were a direct argument to Cons
[Mon Mar 23 13:29:24 2015] <jstolarek> * thinks
[Mon Mar 23 13:31:17 2015] <johnw> for example, this works:
[Mon Mar 23 13:31:20 2015] <johnw> CoFixpoint fibs := Cons 0 (Cons 1 fibs).
[Mon Mar 23 13:31:39 2015] <johnw> because we don't need to evaluate fibs to build the Cons
[Mon Mar 23 13:31:49 2015] <benzrf> so in homotopy theory two points that are connected by a path are identical?
[Mon Mar 23 13:31:57 2015] <johnw> benzrf: they are equivalent
[Mon Mar 23 13:32:07 2015] <johnw> and equivalence is equivalent to equality
[Mon Mar 23 13:32:10 2015] <benzrf> equivalent in what sense hmm
[Mon Mar 23 13:32:17 2015] <johnw> well, keep reading :)
[Mon Mar 23 13:32:24 2015] <benzrf> well i mean in the topological thing
[Mon Mar 23 13:32:26 2015] <benzrf> not in hott necessarily
[Mon Mar 23 13:33:13 2015] <johnw> any two points on a sphere to can be made to coincidence by deforming the sphere
[Mon Mar 23 13:33:51 2015] <benzrf> yeeah
[Mon Mar 23 13:34:00 2015] <benzrf> so is a sphere homotopically a 1-point space
[Mon Mar 23 13:34:06 2015] <johnw> yep
[Mon Mar 23 13:34:13 2015] <benzrf> oh
[Mon Mar 23 13:34:17 2015] <benzrf> any path-connected space would be, really
[Mon Mar 23 13:34:21 2015] <johnw> all points in that space are homotopically equivalent
[Mon Mar 23 13:34:24 2015] <benzrf> interesteing
[Mon Mar 23 13:34:31 2015] <johnw> but in a toroidal space, paths have informational content
[Mon Mar 23 13:34:38 2015] <benzrf> hold on
[Mon Mar 23 13:34:41 2015] <johnw> in terms of "which way" the paths connect, out of the two possible ways
[Mon Mar 23 13:36:24 2015] <johnw> jstolarek: ok, now I'm confused, because in the case of using zipWith, we don't need to evaluate fibs either to build the cons...
[Mon Mar 23 13:38:21 2015] <johnw> perhaps the problem here is that we're not allowed to both construct *and* deconstruct?
[Mon Mar 23 13:39:09 2015] <johnw> because Cons 0 (Cons 1 fibs) is only construction, but Cons 0 (Cons 1 (tail fibs )) is construction around a deconstruction
[Mon Mar 23 13:39:21 2015] <johnw> the former is fine, the latter fails for the same reason
[Mon Mar 23 13:39:38 2015] <Cypi> I quote CPDT: "a co-recursive call must be a direct argument to a constructor, nested only inside of other constructor calls or fun or match expressions"
[Mon Mar 23 13:40:41 2015] <johnw> thanks, Cypi
[Mon Mar 23 13:41:10 2015] <johnw> it can be nested in the body of a match, but not be the discriminee
[Mon Mar 23 13:41:29 2015] <Anarchos> if i have an inductive with 256 constant constructors, what is the best method to proove decidable equality on it ? Or should i transform those constructors into a unique constructor parametrized with int ?
[Mon Mar 23 13:41:46 2015] <johnw> Anarchos: the boolean predicate approach didn't work?
[Mon Mar 23 13:42:14 2015] <jstolarek> yeah, what Cypi said
[Mon Mar 23 13:42:17 2015] <Anarchos> johnw i didn't try, but anyway i am sure there is a smarter way to do it.
[Mon Mar 23 13:42:19 2015] <johnw> you made a predicate f : MyType -> bool
[Mon Mar 23 13:43:01 2015] <Anarchos> * has the coolest coq invite : Welcome to Coq shredder:/Data1/coq,(d'etach'e de V8.4pl5) (0ec5646cbcc725dbe1121e24258fc060223e4d51)
[Mon Mar 23 13:44:40 2015] <Cypi> Anarchos : would [Scheme equality for <your inductive.] do it?
[Mon Mar 23 13:44:59 2015] <johnw> and an inductive predicate: Inductive MyType_dec (x : MyType) : bool -> Set := is_eq (f x) true | is_neq (~~ (f x)) false.
[Mon Mar 23 13:45:37 2015] <johnw> now you can destruct MyType_dec eqn:Heqe, which becomes a computable match on true/false, but where you get the witness to the decision
[Mon Mar 23 13:47:15 2015] <johnw> actually, it may only be is_eq x true | is_neq x false
[Mon Mar 23 13:47:20 2015] <Anarchos> Cypi i should try. My type is just Inductive t : R0 | .... | R255.
[Mon Mar 23 13:47:31 2015] <Cypi> Then it should generate what you need automagically, I believe
[Mon Mar 23 13:48:22 2015] <Cypi> Inside a proof, the tactic [decide equality] would be useful too
[Mon Mar 23 13:48:35 2015] <johnw> anyway, Anarchos, this is the ssreflect methodology for setting up computable decidability
[Mon Mar 23 13:48:40 2015] <Anarchos> Cypi decide equality takes way to long on this type.
[Mon Mar 23 13:48:45 2015] <johnw> there are many examples in that library
[Mon Mar 23 13:48:48 2015] <Cypi> Ah, ok :D
[Mon Mar 23 13:49:06 2015] <Anarchos> johnw ok. I would prefer to stuck to the compcert way, but no trouble to use it.
[Mon Mar 23 13:53:19 2015] <Cypi> Welp, nevermind Anarchos, it takes way too long indeed.
[Mon Mar 23 13:53:35 2015] <Cypi> Funny
[Mon Mar 23 13:55:32 2015] <Anarchos> Cypi did you tried ?
[Mon Mar 23 13:55:40 2015] <Cypi> I just did
[Mon Mar 23 13:55:48 2015] <Cypi> Didn't have the patience to wait for Coq to finish computing :p
[Mon Mar 23 13:56:38 2015] <Anarchos> johnw the f predicate should take two MyType parameters , no ?
[Mon Mar 23 13:56:51 2015] <Anarchos> Cypi i did at work but it is not bearable.
[Mon Mar 23 13:57:10 2015] <Anarchos> Cypi strange because there are only 65 536 cases !
[Mon Mar 23 13:58:00 2015] <johnw> Anarchos: full example: https://gist.github.com/f905ff7ced18e6e84487
[Mon Mar 23 13:58:46 2015] <johnw> matchP "pairs up" the witness with the result, while allowing case matching on the result
[Mon Mar 23 13:59:08 2015] <johnw> so at the bottom, the "case" (aka destruct) does a computed branch while provide you with the decidability witness
[Mon Mar 23 14:00:07 2015] <johnw> the advantage of this approach is that BigType can be arbitrarily large and yet the proof terms should be of constant size
[Mon Mar 23 14:00:36 2015] <johnw> since the proof terms only needs to convey a bit and a value, rather than a proof tree branching at every constructor
[Mon Mar 23 14:12:02 2015] <Anarchos> johnw let met read it.
[Mon Mar 23 14:13:28 2015] <Anarchos> johnw did'nt work on my coq 8.4pl5
[Mon Mar 23 14:13:41 2015] <johnw> you probably don't have ssreflect installed?
[Mon Mar 23 14:14:08 2015] <Anarchos> seems so :  Cannot find library Ssreflect.ssreflect in loadpath and so on for all the lib
[Mon Mar 23 14:14:28 2015] <johnw> yes, you'll need that library
[Mon Mar 23 14:14:35 2015] <johnw> i mean, not technically
[Mon Mar 23 14:14:38 2015] <johnw> let me try to remove the depnedency
[Mon Mar 23 14:16:20 2015] <johnw> Anarchos: there, I've updated the gist
[Mon Mar 23 14:16:24 2015] <johnw> now it's plain Coq stdlib
[Mon Mar 23 14:16:31 2015] <Anarchos> johnw wow thanks
[Mon Mar 23 14:17:58 2015] <Anarchos> johnw what means the eqn:E ?
[Mon Mar 23 14:18:12 2015] <Anarchos> it renames the equation producted ?
[Mon Mar 23 14:18:13 2015] <johnw> it preserves the witness in the context
[Mon Mar 23 14:18:22 2015] <Anarchos> ok
[Mon Mar 23 14:18:58 2015] <johnw> without eqn, it would be equivalent to an "if"
[Mon Mar 23 14:19:06 2015] <johnw> with eqn, it's like an "if" with a "and here's why"
[Mon Mar 23 14:19:17 2015] <Anarchos> yes ok ok
[Mon Mar 23 14:20:00 2015] <johnw> note that in a propositional context, you only need destruct (f x) eqn:E
[Mon Mar 23 14:20:08 2015] <johnw> since you don't care about the specifics of the witness
[Mon Mar 23 14:20:18 2015] <johnw> the reason for matchP is that you can recover the information
[Mon Mar 23 14:20:36 2015] <johnw> since true_xor_false has constructor to box the witness
[Mon Mar 23 14:21:07 2015] <johnw> this is why the methodology is named "small scale reflection"
[Mon Mar 23 14:21:27 2015] <johnw> because we are smoothly switching back and forth between inductive predicates in Prop, and computational predicates in Set
[Mon Mar 23 14:21:35 2015] <johnw> without requiring anything beyond ordinary Coq features
[Mon Mar 23 14:22:43 2015] <Anarchos> johnw way beyond my skill yet...
[Mon Mar 23 14:23:09 2015] <johnw> it takes a while to get used to
[Mon Mar 23 14:23:16 2015] <johnw> but it does address the very problem you ran into :)
[Mon Mar 23 14:23:39 2015] <Anarchos> johnw it means i have to write 256 predicates like is_B ??
[Mon Mar 23 14:23:47 2015] <johnw> small scale reflection allows you to transfer the problem to a computable domain where proof terms can be small, and then reflect the answer back when and where you need it
[Mon Mar 23 14:24:02 2015] <johnw> Anarchos: oh no, if you wanted to see what a consturctor was, you'd just destruct x
[Mon Mar 23 14:24:14 2015] <johnw> is_B was just a stupid example of a predicate
[Mon Mar 23 14:24:40 2015] <Anarchos> ok
[Mon Mar 23 14:24:54 2015] <johnw> if you're logic does have you constantly needing to branch on every constructor
[Mon Mar 23 14:25:02 2015] <johnw> well, then you're in CPDT domain and your proof terms will simply be large
[Mon Mar 23 14:25:51 2015] <johnw> in which case the best way to achieve sanity is through proof automation
[Mon Mar 23 14:25:52 2015] <Anarchos> johnw i am not in CPDT, but in compcert ;) I am (trying) to port it to a machine with 256 registers.
[Mon Mar 23 14:26:08 2015] <johnw> I'd have to know more about compcert to give you a reasonable answer, then
[Mon Mar 23 14:27:01 2015] <Anarchos> i modify the file powerpc/Machregs.v
[Mon Mar 23 14:51:21 2015] <lpaste> jstolarek pasted “crash coq” at http://lpaste.net/128366
[Mon Mar 23 14:52:50 2015] <jstolarek> johnw: found a solution in "Using Structural Recursion for Corecursion" and as a side-effect I managed to crash Coq :-)
[Mon Mar 23 14:53:04 2015] <jstolarek> crash = cause a segfault
[Mon Mar 23 14:53:04 2015] <johnw> :(
[Mon Mar 23 14:53:13 2015] <johnw> please report on the bug tracker!
[Mon Mar 23 14:53:15 2015] <johnw> they are pretty responsive
[Mon Mar 23 14:53:34 2015] <johnw> if you want, I can report it fory ou
[Mon Mar 23 14:53:46 2015] <jstolarek> that would be nice - I don't have an account
[Mon Mar 23 14:54:23 2015] <johnw> I only get a stack overflow
[Mon Mar 23 14:54:25 2015] <johnw> reported by Coq
[Mon Mar 23 14:54:58 2015] <jstolarek> hm...
[Mon Mar 23 14:55:11 2015] <jstolarek> I'm running this through proof general
[Mon Mar 23 14:55:16 2015] <johnw> me too
[Mon Mar 23 14:55:24 2015] <johnw> if I change "Eval in compute" to just "Compute", it hangs
[Mon Mar 23 14:55:33 2015] <jstolarek> let me check my versions
[Mon Mar 23 14:56:13 2015] <jstolarek> ok, my Coq is 8.4pl5 (Feb 2015)
[Mon Mar 23 14:56:17 2015] <johnw> same here
[Mon Mar 23 14:57:19 2015] <jstolarek> I'm not sure how to check my PG version
[Mon Mar 23 14:58:13 2015] <jstolarek> but still I'c curious why this does not work
[Mon Mar 23 14:58:14 2015] <johnw> interesting, try this:
[Mon Mar 23 14:58:18 2015] <johnw> Eval hnf in (approx (fib' 1 1) 40).
[Mon Mar 23 14:58:20 2015] <jstolarek> I mean this should be linear
[Mon Mar 23 14:58:24 2015] <johnw> gives 1 :: approx (fib' 1 1) 39.
[Mon Mar 23 14:58:29 2015] <johnw> but Eval hnf in (1 :: approx (fib' 1 1) 39).
[Mon Mar 23 14:58:35 2015] <johnw> just gives that back
[Mon Mar 23 14:58:40 2015] <johnw> oh, never mind
[Mon Mar 23 14:58:43 2015] <johnw> just being stupid for a moment
[Mon Mar 23 14:58:46 2015] <johnw> gotta run
[Mon Mar 23 14:58:56 2015] <jstolarek> sure
[Mon Mar 23 15:00:04 2015] <jstolarek> johnw: for the record: this crash happened on two independent machines
[Mon Mar 23 15:29:01 2015] <johnw> jstolarek: ah, 40 is just too large
[Mon Mar 23 15:29:19 2015] <johnw> because it's a quadratic(?) expansion in the size of the n+m term
[Mon Mar 23 15:29:23 2015] <johnw> 10 works
[Mon Mar 23 15:29:31 2015] <johnw> 1 :: 1 :: 2 :: 3 :: 5 :: 8 :: 13 :: 21 :: 34 :: 55 :: nil
[Mon Mar 23 15:29:54 2015] <johnw> if we had bang patterns here, it would resolve this
[Mon Mar 23 16:10:13 2015] <jstolarek> johnw: I don't see why this is quadratic....
[Mon Mar 23 16:10:28 2015] <jstolarek> looks very linear
[Mon Mar 23 16:10:51 2015] <jstolarek> I mean fib' calls itself only once
[Mon Mar 23 16:15:23 2015] <Anarchos> * has returned
[Mon Mar 23 16:19:08 2015] <johnw> jstolarek: https://gist.github.com/a2637035d3d2503c50d5
[Mon Mar 23 16:20:31 2015] <jstolarek> urgh
[Mon Mar 23 16:20:35 2015] <jstolarek> + is lazy
[Mon Mar 23 16:20:42 2015] <jstolarek> I should have seen this
[Mon Mar 23 23:18:23 2015] <benzrf> so in hott
[Mon Mar 23 23:18:30 2015] <benzrf> if i have a bijection between A and B
[Mon Mar 23 23:18:32 2015] <benzrf> i can get A = B?
[Mon Mar 23 23:19:37 2015] <scott> benzrf: yeah, that's what the univalence axiom states, I think
[Mon Mar 23 23:19:41 2015] <benzrf> neato
[Mon Mar 23 23:20:04 2015] <scott> or it states there's a bijection between (bijections between A and B) and A = B
[Mon Mar 23 23:20:15 2015] <benzrf> yeah
[Tue Mar 24 00:22:28 2015] <johnw> benzrf: A ≈ B is equivalent to A = B
[Tue Mar 24 00:22:42 2015] <johnw> which has some profound implications
[Tue Mar 24 00:22:55 2015] <benzrf> including..?
[Tue Mar 24 00:23:01 2015] <johnw> well, think about referential transparency
[Tue Mar 24 00:23:09 2015] <johnw> if substitutes equals for equals does not change the meaning of an expression
[Tue Mar 24 00:23:17 2015] <johnw> then a compiler is free to choose the best substitution
[Tue Mar 24 00:23:30 2015] <johnw> if we now say that equivalence is equivalent to equality, it opens up a whole world of possibilities
[Tue Mar 24 00:23:36 2015] <johnw> isomorphisms now represent rewriting rules!
[Tue Mar 24 00:24:20 2015] <johnw> imagine a world where, without changing a line of code, you can substitute Map for IntMap where the key is an integer...
[Tue Mar 24 00:24:50 2015] <johnw> or where the compiler can determine that such a substitute would profit whatever optimize strategy you've chosen
[Tue Mar 24 00:25:04 2015] <johnw> substitution* optimization*
[Tue Mar 24 00:25:47 2015] <johnw> we have papers like "Reason Isomorphically!" that extol the power of using isomorphisms to reason about types
[Tue Mar 24 00:26:02 2015] <johnw> HoTT brings this down to a fundamental level, where it becomes our way of thinking about the meaning of identity
[Tue Mar 24 00:26:14 2015] <johnw> it's like our most basic types turn into type classes overnight
[Tue Mar 24 00:26:35 2015] <johnw> because they can have as many representations as we can prove that paths exist to other points in the space
[Tue Mar 24 00:30:04 2015] <benzrf> hmm
[Tue Mar 24 00:32:31 2015] <scott> I wrote something on paper a while ago thinking about this... if you had Nat (unary nats) and Bin (binary nats), then wrote a predicate Even : Nat -> Prop, a function double : Nat -> Nat and a proof forall n : Nat, Even (double n), then you could automatically get Even : Bin -> Prop, double : Bin -> Bin, and the proof forall b : Bin, Even (double b) just by
[Tue Mar 24 00:32:31 2015] <scott> proving the isomorphism between Nat and Bin
[Tue Mar 24 00:32:47 2015] <scott> I don't know if this is the right way to think about it, but it seems cool
[Tue Mar 24 00:33:01 2015] <johnw> yes, Reason Isomorphically! talks about this too, it's a very nice paper
[Tue Mar 24 00:33:11 2015] <johnw> why prove things multiple times, when the *concept* has been proven
[Tue Mar 24 00:33:13 2015] <scott> you would get something like doubleBin b = natToBin (doubleBin (binToNat b))
[Tue Mar 24 00:33:15 2015] <scott> I imagine
[Tue Mar 24 00:33:25 2015] <johnw> now HoTT stands a chance of formalizing this notion
[Tue Mar 24 00:33:34 2015] <scott> s/doubleBin/doubleNat/ on the RHS
[Tue Mar 24 00:35:24 2015] <scott> I guess the compiler can pick the best places to insert the conversion, perhaps
[Tue Mar 24 00:35:40 2015] <johnw> probably only insofar as it can automate parallelization
[Tue Mar 24 00:36:00 2015] <johnw> paths are proof relevant, so the best choice requires understanding
[Tue Mar 24 00:36:03 2015] <scott> the proof part could just be forall b : Bin, Even (double (binToNat b)) delegating to the Nat proof, without using the Bin versions of anything
[Tue Mar 24 00:36:17 2015] <scott> I haven't thought about this much
[Tue Mar 24 05:07:33 2015] <Saizan> scott: now you have a double on binary numbers that has the same complexity as the one on unary ones :)
[Tue Mar 24 05:08:43 2015] <scott> yeah, it doesn't really help you there. maybe it could go deeper and use the implementation of the isomorphism to rewrite the definition of double in a more complicated way somehow?
[Tue Mar 24 05:12:08 2015] <scott> for another example if you had the isomorphism between Bool and Maybe () you could rewrite the pattern matches instead of inserting conversions (sorry for the Haskell types, I've been away from Coq for a while)
[Tue Mar 24 05:12:40 2015] <scott> *an* isomorphism, I should say, since there's two
[Tue Mar 24 05:15:00 2015] <Saizan> yeah, but you wouldn't change anything substantial about the algorithm that way
[Tue Mar 24 10:07:09 2015] <benzrf> the thing about hott
[Tue Mar 24 10:07:10 2015] <benzrf> the thing about hott is
[Tue Mar 24 10:07:30 2015] <benzrf> you can already prove things by isomorphism in standard type theory
[Tue Mar 24 10:07:42 2015] <benzrf> and in hott you still have to specifically perform the rewriting, dont you?
[Tue Mar 24 10:07:51 2015] <benzrf> or, is it just a matter of there being a lot less?
[Tue Mar 24 10:14:00 2015] <Saizan> benzrf: the big advantage i see of univalence is that we can just use the equality type in most places, rather than work with setoids
[Tue Mar 24 10:15:02 2015] <Saizan> benzrf: what you get is that every construction is automatically invariant under isomorphism, no need to prove this or require it as an extra hypothesis for your arguments, etc..
[Tue Mar 24 10:15:37 2015] <benzrf> hmm
[Tue Mar 24 10:16:02 2015] <Saizan> but yeah, it doesn't make the isomorphisms disappear from the computational behaviour
[Tue Mar 24 11:29:34 2015] <scott> ah, yes, that's the piece someone taught me the other day that I quickly forgot
[Tue Mar 24 11:31:35 2015] <scott> the important bit is that something like (A = B -> P A -> P B) which exists today could be used with isomorphisms, too, so e.g. a proof about List Nat would immediately apply for List Bin given an isomorphism between Bin and Nat
[Tue Mar 24 11:32:00 2015] <scott> whereas without univalence it has to be proven for each type individually
[Tue Mar 24 11:32:25 2015] <Saizan> yeah, for each P
[Tue Mar 24 11:55:31 2015] <benzrf> hmm  ah hmm
[Tue Mar 24 13:39:49 2015] <Anarchos> how to specify an inductive type like Inductive T := R n where n <256 ? Should i add a parameter for the proof «n<256» in T or in R ?
[Tue Mar 24 13:43:00 2015] <Saizan> Anarchos: most likely in R? otherwise you would also need to make n an argument of T
[Tue Mar 24 13:43:57 2015] <Cypi> Either [Inductive T := R : forall n, n < 256 -> T.], [Inductive T := R : {n | n < 256} -> T.], or even [Inductive T := R : fin 256 -> T.]
[Tue Mar 24 13:44:02 2015] <Anarchos> Saizan R is modeling a register of a sparc-like machine. Isn't it annoying to carry over the proof that there is no more than 256 registers ?
[Tue Mar 24 13:44:04 2015] <Cypi> I wouldn't know which is better though, sorry
[Tue Mar 24 13:44:45 2015] <Anarchos> Cypi in which lib is fin ?
[Tue Mar 24 13:45:46 2015] <Cypi> https://coq.inria.fr/library/Coq.Vectors.Fin.html apparently. I wasn't sure it was standard
[Tue Mar 24 13:47:05 2015] <Anarchos> I tried Inductive T := R : {n | n < 256} -> T. How to build a value ? R(1,1<256) doesn't work. I can't remember how to construct value in {n|P(n)}
[Tue Mar 24 13:54:21 2015] <Cypi> Again...I'm not sure if it's a good or a bad idea, but something that works is using Program: http://lpaste.net/129122
[Tue Mar 24 13:54:48 2015] <Cypi> (so that you don't have to provide the proof yourself)
[Tue Mar 24 13:55:29 2015] <Cypi> Otherwise, a value is of the shape [R (exist _ n p)] where [p : n < 256]
[Tue Mar 24 13:55:31 2015] <johnw> Anarchos: that type is called 'I_256 in ssreflect, and Fin 256 in stdlib
[Tue Mar 24 13:56:00 2015] <Silnar> hi, is there a way to write '  Definition vec : t bool 1 := cons bool true 0 (nil bool).
[Tue Mar 24 13:56:12 2015] <johnw> Silnar: sure
[Tue Mar 24 13:56:17 2015] <Silnar> shorter
[Tue Mar 24 13:56:21 2015] <johnw> https://gist.github.com/82e11c07626143ff4197
[Tue Mar 24 13:56:24 2015] <johnw> oh, shorter....
[Tue Mar 24 13:56:33 2015] <Silnar> like cons 0 nil
[Tue Mar 24 13:56:39 2015] <Silnar> sorry, like cons true nil
[Tue Mar 24 13:56:39 2015] <Anarchos> Cypi my goal is to have a decidable equality lemma, which doesn't take ages to compile.
[Tue Mar 24 13:56:49 2015] <Silnar> can't coq infer type and n value ?
[Tue Mar 24 13:57:00 2015] <johnw> dunno, I copied that from elsewhere
[Tue Mar 24 13:57:02 2015] <Anarchos> Silnar Set Implicit Arguments ?
[Tue Mar 24 13:57:34 2015] <Silnar> Anarchos: tried, but with no luck
[Tue Mar 24 14:00:06 2015] <Silnar> when I write 'Definition vec2 : t bool 1 := cons true nil.' Coq complains that true has type bool and should have type Type. Implicit Arguments are enabled.
[Tue Mar 24 14:05:04 2015] <Ptival> Silnar: can you paste 'Print t.' somewhere?
[Tue Mar 24 14:05:17 2015] <Ptival> it should tell you which arguments are implicit for each constructor
[Tue Mar 24 14:07:15 2015] <johnw> Anarchos: decidability for Fin should be pretty efficient
[Tue Mar 24 14:07:31 2015] <johnw> Fin is just a dependently typed nat
[Tue Mar 24 14:07:49 2015] <Silnar> Ptival: sure, give a moment...
[Tue Mar 24 14:08:35 2015] <Cypi> Hmm, for the decidability, I believe you actually need proof irrelevance, don't you?
[Tue Mar 24 14:09:17 2015] <johnw> I think decidability for n | n < 256 will be harder, because you could have two numbers of equal n, but unequal n < 256, which then requires you axiomatize proof irrelevance
[Tue Mar 24 14:09:21 2015] <Cypi> http://lpaste.net/129123
[Tue Mar 24 14:09:51 2015] <Cypi> In any case, the extracted code is very simple at least ^^'
[Tue Mar 24 14:10:13 2015] <johnw> Cypi: if your type includes anything from Prop, yes
[Tue Mar 24 14:11:13 2015] <johnw> although, no
[Tue Mar 24 14:11:14 2015] <lpaste> Silnar pasted “Declaring a vector in a short way” at http://lpaste.net/129124
[Tue Mar 24 14:11:27 2015] <johnw> there is some flavor of le_dec in the stdlib
[Tue Mar 24 14:11:46 2015] <Silnar> Ptival: here you have, the whole code
[Tue Mar 24 14:12:09 2015] <johnw> so I think you could do that one without proof irrelevance
[Tue Mar 24 14:12:32 2015] <Cypi> Ah right, probably
[Tue Mar 24 14:19:15 2015] <Anarchos> Cypi your code compiled in 2s, compared to 30min for a naive inductive type with 256 constant constructors :)
[Tue Mar 24 14:26:30 2015] <Cypi> (btw, no need for an induction, that was dumb of me ^^' )
[Tue Mar 24 14:28:11 2015] <Ptival> Silnar: oh, when you set implicit arguments, you set it for the types that will be defined later
[Tue Mar 24 14:28:25 2015] <Ptival> it does not retroactively make implicit the arguments of already existing types
[Tue Mar 24 14:28:31 2015] <Ptival> like the ones in library code
[Tue Mar 24 14:29:38 2015] <Ptival> Silnar: however if you look here https://coq.inria.fr/library/Coq.Vectors.VectorDef.html you will see they define a notation for cons with implicits
[Tue Mar 24 14:31:35 2015] <Ptival> Silnar: http://lpaste.net/129124 so this works (note I import VectorNotations)
[Tue Mar 24 14:32:27 2015] <Anarchos> Cypi May i copy your  http://lpaste.net/129123 into my code ?
[Tue Mar 24 14:32:55 2015] <Cypi> Of course :o (I would just suggest replacing the induction with a simple destruct, that's enough)
[Tue Mar 24 14:36:00 2015] <jgross> johnw: The < type and <= type have provable proof irrelevance. 
[Tue Mar 24 14:36:58 2015] <johnw> jgross: because of the constructors of "le", right?
[Tue Mar 24 14:41:27 2015] <jgross> Because le is decidable and, uh, there are no duplicate constructors, roughly. 
[Tue Mar 24 14:46:55 2015] <johnw> ah, got it
[Tue Mar 24 14:47:10 2015] <Anarchos> Cypi what is the difference between induction, destruct, and inversion ?
[Tue Mar 24 14:50:57 2015] <johnw>  Anarchos: have you done any manual construction of proof terms yet?
[Tue Mar 24 14:51:24 2015] <johnw> if you were writing the proof term yourself
[Tue Mar 24 14:51:31 2015] <johnw> induction would be a recursive call
[Tue Mar 24 14:51:34 2015] <johnw> destruct is a case match
[Tue Mar 24 14:52:18 2015] <johnw> inversion is a bit smarter, it case matches and provides you with the arguments to each constructor in the context, automatically removing impossible branches
[Tue Mar 24 14:52:22 2015] <Silnar> Ptival: wow, thanks, didn't know that 'Set Implicit Arguments' work only for my types
[Tue Mar 24 14:52:45 2015] <johnw> so there are cases where all three will yield a similar result, and cases where all three will behave differently
[Tue Mar 24 14:53:25 2015] <Silnar> Ptival: this blanks (_) in Notation denote implicits, right ?
[Tue Mar 24 14:53:26 2015] <Anarchos> johnw i did some years ago when doing the SF from B.C. Pierce.
[Tue Mar 24 14:53:44 2015] <johnw> though inversion is a bit smarter still, in that inverting (a, b) = (c, d) will give you not just the arguments to =, but also a = c and b = d
[Tue Mar 24 14:54:11 2015] <johnw> I read inversion as "tell me what must have been true for this inhabitant to exist"
[Tue Mar 24 14:55:18 2015] <Anarchos> johnw thanks for the wise explanation of those three tactics ! I actually will retain their different behaviours one day.
[Tue Mar 24 14:55:43 2015] <johnw> my rule of thumb is: use destruct first
[Tue Mar 24 14:56:02 2015] <johnw> if you need to recurse (i.e., you need an induction hypothesis to refer to a prior state), upgrade to induction
[Tue Mar 24 14:56:07 2015] <johnw> if those don't work, try inversion :)
[Tue Mar 24 14:56:27 2015] <Anarchos> johnw yes case match are a very frequent construction in functional languages.
[Tue Mar 24 14:56:33 2015] <johnw> also, sometimes "eqn" on destruct will provide you with the information you might have just used inversion to get at
[Tue Mar 24 14:56:54 2015] <johnw> in fact, "let" and "match" are pretty much *the* constructions :)
[Tue Mar 24 14:57:06 2015] <johnw> you build data, you reduce data
[Tue Mar 24 14:57:22 2015] <johnw> (I'm assuming here that all functions and applications have simply been unfolded)
[Tue Mar 24 15:10:46 2015] <Anarchos> johnw but in the middle of a proof, it is difficult to see what tactics to apply !
[Tue Mar 24 15:11:12 2015] <johnw> you really get a feel for it
[Tue Mar 24 15:11:27 2015] <johnw> my need for inversion is pretty darn rare
[Tue Mar 24 15:12:05 2015] <johnw> destruct and rewrite are 90% of the workload
[Tue Mar 24 15:12:19 2015] <johnw> but then again, I'm using ssreflect, which is optimized so that this is the case
[Tue Mar 24 15:12:25 2015] <johnw> (since destruct and rewrite are both very efficient)
[Tue Mar 24 15:23:36 2015] <ccomp> Is there a good simple way of representing a small statically-sized array?
[Tue Mar 24 15:23:53 2015] <johnw> so, do you need it sized for any reason?
[Tue Mar 24 15:23:54 2015] <ccomp> each index being tupe type option my_set_type
[Tue Mar 24 15:24:05 2015] <johnw> because they are lots of things that are isomorphic to a statically-sized array, like Vector
[Tue Mar 24 15:24:23 2015] <ccomp> johnw: I have exactly 16 indices available in the VM spec (BPF)
[Tue Mar 24 15:24:26 2015] <johnw> or a function that takes a bounds check as a witness
[Tue Mar 24 15:24:33 2015] <ccomp> they all start undefined/uninitialized
[Tue Mar 24 15:24:42 2015] <ccomp> johnw: I could also do that
[Tue Mar 24 15:25:00 2015] <johnw> Definition Sized (a : Type) (n : nat) := forall x, x < n -> a.
[Tue Mar 24 15:25:01 2015] <ccomp> I'm very new to Coq and working on something a non-toy problem, so I'm in a little over my head :P
[Tue Mar 24 15:25:04 2015] <johnw> ah
[Tue Mar 24 15:25:09 2015] <johnw> well, there are lots of ways to do things
[Tue Mar 24 15:25:20 2015] <johnw> and how you do them depends on whether you want code out the other end, or you just want to prove a property
[Tue Mar 24 15:25:32 2015] <ccomp> thanks for that. Where is the state stored in that example?
[Tue Mar 24 15:25:42 2015] <johnw> the state is in the closure
[Tue Mar 24 15:25:48 2015] <ccomp> That's the other thing: I'm extracting this into OCaml and running it
[Tue Mar 24 15:25:58 2015] <johnw> ah, then that representation will not be so good
[Tue Mar 24 15:26:07 2015] <johnw> better to use Vector from the standard library
[Tue Mar 24 15:26:10 2015] <johnw> which is still just a list, though
[Tue Mar 24 15:26:24 2015] <johnw> but I think you should be able to tell the extractor to turn it into a fixed-length Array on the OCaml side
[Tue Mar 24 15:28:03 2015] <johnw> also, an argument of type forall x, x < n is isomorphic to Fin n from the stdlib (though not equal to it)
[Tue Mar 24 15:29:49 2015] <ccomp> thanks
[Tue Mar 24 15:29:54 2015] <ccomp> I'm looking into Vectornow
[Tue Mar 24 15:30:06 2015] <Anarchos> Cypi do you think it is a good idea to import proofirrelevance in compcert this way ?
[Tue Mar 24 15:33:12 2015] <Cypi> Honestly, I don't have enough experience to answer questions starting with "do you think it is a good idea" ^^
[Tue Mar 24 15:33:20 2015] <johnw> it's safe to do, but not a good idea
[Tue Mar 24 15:33:38 2015] <Cypi> But I would say: the less axioms you need the better, and since you can prove proof irrelevance on le, you don't need to axiomatize it
[Tue Mar 24 15:33:48 2015] <johnw> what Cypi said
[Tue Mar 24 15:46:09 2015] <ccomp> Here's a dumb question, but how do I construct a Vector literal? I have a type defined but I'm trying to play with it to get a better feel for how it works?
[Tue Mar 24 15:46:14 2015] <Anarchos> so i should try to do the proof without the Require Import proofirrelevance....
[Tue Mar 24 15:48:37 2015] <johnw> yes, and you should be able to also
[Tue Mar 24 15:48:48 2015] <johnw> if you have difficulties, paste your code here
[Tue Mar 24 15:49:15 2015] <Anarchos> johnw
[Tue Mar 24 15:49:18 2015] <Anarchos> thanks
[Tue Mar 24 16:07:02 2015] <ccomp> Never mind, I just noticed the to_list and from_list functions
[Tue Mar 24 16:09:21 2015] <lpaste> Anarchos pasted “decidable stuck” at http://lpaste.net/129129
[Tue Mar 24 16:11:07 2015] <johnw>  Anarchos: what ist the type of your lemma?
[Tue Mar 24 16:12:31 2015] <Anarchos> no idea, i would say prop.
[Tue Mar 24 16:12:48 2015] <ianjneu> The problem is that Anarchos needs both the eta rule for sig, and equality of the < proofs, which is cause for alarm.
[Tue Mar 24 16:13:41 2015] <ianjneu> Somehow you've stated your property in a proof-relevant way. Likely you didn't mean for that.
[Tue Mar 24 16:14:32 2015] <Anarchos> Theorem T_eq_dec : forall (t1 t2 : T), {t1 = t2} + {t1 <> t2}.
[Tue Mar 24 16:14:51 2015] <johnw> and T is?
[Tue Mar 24 16:18:51 2015] <johnw> Anarchos: please provide enough information for me to try this here
[Tue Mar 24 16:18:55 2015] <Anarchos> Inductive T := R : {n | n < 256} -> T.
[Tue Mar 24 16:20:55 2015] <ianjneu> I would think that nat_le m n is contractible...
[Tue Mar 24 16:22:04 2015] <ianjneu>  le, not nat_le
[Tue Mar 24 16:23:58 2015] <ianjneu> It needs an encode/decode proof. Blech. I never was good at that.
[Tue Mar 24 16:24:33 2015] <ianjneu> (le m n) is an hprop, I should say.
[Tue Mar 24 16:32:12 2015] <ianjneu> no. I must finish writing my defense talk. I will not be distracted! Gah.
[Tue Mar 24 16:36:23 2015] <johnw> Anarchos: https://gist.github.com/197d3f56ecc4e97649ea
[Tue Mar 24 16:37:02 2015] <johnw> that is not how I'd normally write it, but I wanted to do it using the stdlib for you
[Tue Mar 24 16:37:30 2015] <johnw> also so you can step through it easily
[Tue Mar 24 16:38:07 2015] <ianjneu> johnw: oh, Peano.le_unique. Nice.
[Tue Mar 24 16:38:18 2015] <johnw> thank Search for that :)
[Tue Mar 24 16:38:39 2015] <johnw> I started to prove that as another Lemma, and thought, "No, it has to be there..."
[Tue Mar 24 16:39:24 2015] <johnw> the Arith.Compare import is not needed either
[Tue Mar 24 16:39:48 2015] <Anarchos> johnw thanks
[Tue Mar 24 16:40:05 2015] <johnw> updated the gist for you
[Tue Mar 24 16:40:22 2015] <johnw> i don't know if abstract is needed with assert
[Tue Mar 24 16:40:27 2015] <johnw> it's just an omega habit I have
[Tue Mar 24 16:41:09 2015] <Anarchos> johnw i realize, reading that kind of proof for what seemed to be a really simple lemma, that i am really not skilled at all in coq.
[Tue Mar 24 16:41:28 2015] <johnw> oh, I should be using Peano_dec.eq_nat_dec
[Tue Mar 24 16:41:45 2015] <johnw> gist updated again, half the size now :)
[Tue Mar 24 16:42:42 2015] <ianjneu> I never know when to use revert or generalize dependent, ya.
[Tue Mar 24 16:42:54 2015] <johnw> i was unable to rewrite the terms with them in the context
[Tue Mar 24 16:43:01 2015] <johnw> dependency problems
[Tue Mar 24 16:43:24 2015] <johnw> but if everything using the term is generalized, then my context is free
[Tue Mar 24 16:44:44 2015] <johnw> as for generalizing the dependent, I didn't want to prove an induction on x for some particular x0; I needed to prove forall x as well as forall x0
[Tue Mar 24 16:45:21 2015] <johnw> if x0 is in the context, induction thinks that the single inhabitant I want for the induction proof
[Tue Mar 24 16:46:10 2015] <johnw> that that is the*
[Tue Mar 24 16:46:35 2015] <johnw> these types of things (revert, generalize dependent, etc) actually become incredibly clear when you use ssreflect, actually, since they are so much more natural there
[Tue Mar 24 16:46:54 2015] <johnw> I only understand them in stdlib because of that
[Tue Mar 24 16:47:20 2015] <johnw> for example, in ssreflect you'd say: elim: x => [|x IHx] in x0 *.
[Tue Mar 24 16:47:26 2015] <johnw> to mean that your proof ranges forall x0
[Tue Mar 24 16:55:03 2015] <Anarchos> i am back :)
[Tue Mar 24 17:27:08 2015] <johnw> ianjneu: you probably know this already, but here's what generalize dependent "does": https://gist.github.com/c4e4a02bb1f00ad5daed
[Tue Mar 24 17:27:24 2015] <johnw> (even though the proof doesn't need it, but it shows the point)
[Tue Mar 24 17:28:57 2015] <johnw> ev_sum says, "Give me any m, and I'll prove my proposition for all n."  ev_sum' says, "I'll prove that my proposition holds for all m and n"
[Tue Mar 24 17:29:25 2015] <Anarchos> johnw hey you modified my file :/
[Tue Mar 24 17:29:33 2015] <johnw> I did?
[Tue Mar 24 17:30:47 2015] <Anarchos> johnw my inductive type and theorem disappeared :)
[Tue Mar 24 17:31:21 2015] <johnw> https://gist.github.com/jwiegley/197d3f56ecc4e97649ea?
[Tue Mar 24 17:38:31 2015] <Anarchos> johnw ah yes thanks :)
[Tue Mar 24 17:38:48 2015] <Anarchos> * is sad, thinking that A. Chlipala could come with a 3-line proof....
[Tue Mar 24 17:41:32 2015] <johnw> Anarchos: you could also just use:
[Tue Mar 24 17:41:37 2015] <johnw> Definition T := {n | n < 256}.
[Tue Mar 24 17:41:43 2015] <johnw> there is no need for the R constructor wrapper
[Tue Mar 24 17:42:03 2015] <Anarchos> johnw i need it in my code as a reminder for Register.
[Tue Mar 24 17:42:09 2015] <johnw> ah
[Tue Mar 24 17:42:15 2015] <johnw> you mean, to use it?
[Tue Mar 24 17:42:41 2015] <johnw> Definition R (n : nat) (H : n < 256) := exist _ n H.
[Tue Mar 24 17:43:00 2015] <johnw> and then maybe for your sanity, define R0 through R255
[Tue Mar 24 17:47:02 2015] <Anarchos> johnw no cause the "decide equality" tactics takes around 25min for an inductive type with 256 constructors.
[Tue Mar 24 17:47:18 2015] <johnw> no, I mean:
[Tue Mar 24 17:47:26 2015] <johnw> Program Definition R0 := R 0 _.
[Tue Mar 24 17:47:27 2015] <johnw> etc.
[Tue Mar 24 17:47:48 2015] <Anarchos> johnw with this definition, is the decidable equality proof simpler ?
[Tue Mar 24 17:48:00 2015] <johnw> it just removes two destructs is all
[Tue Mar 24 17:48:07 2015] <johnw> but no simpler than that
[Tue Mar 24 17:48:30 2015] <Anarchos> johnw Error: Cannot infer this placeholder.
[Tue Mar 24 17:48:38 2015] <Anarchos> (in the Definition)
[Tue Mar 24 17:56:13 2015] <ianjneu> Anarchos: well, you'll need a canonical structure to actually infer that.
[Tue Mar 24 17:56:44 2015] <ianjneu> See https://hal.inria.fr/hal-00816703v1/document page 8. The EQ case is easily modifiable to the LT case
[Tue Mar 24 17:57:28 2015] <Anarchos> ianjneu which page ?
[Tue Mar 24 17:57:33 2015] <Anarchos> oh sorry you wrote 8.
[Tue Mar 24 17:59:04 2015] <Anarchos> too much difficulties for tonight. Maybe i should begin again with coq with simpler types and proofs....
[Tue Mar 24 18:08:21 2015] <johnw> hacking on compcert is probably not the first project I'd recommend to someone :)
[Tue Mar 24 18:08:39 2015] <johnw> Anarchos: when you get the "Cannot infer" error, try Program.
[Tue Mar 24 18:09:54 2015] <Anarchos> johnw i was just mimicking the MachRegs.v file with 256 registers instead of 10 ...
[Tue Mar 24 18:10:54 2015] <johnw> for my register allocator, instead of fixing the size bound with each register, I use Fin n and a global parameter that n < machineregistercount
[Tue Mar 24 18:11:20 2015] <johnw> Variable maxReg : nat.          (* max number of registers *)
[Tue Mar 24 18:11:20 2015] <johnw> Definition PhysReg : predArgType := 'I_maxReg.
[Tue Mar 24 18:11:33 2015] <johnw> where 'I_maxReg is equivalent to your T
[Tue Mar 24 18:11:52 2015] <johnw> ianjneu: thanks for that link
[Tue Mar 24 18:53:49 2015] <Cale> https://github.com/clarus/falso
[Tue Mar 24 18:54:00 2015] <Cale> :O
[Tue Mar 24 18:56:55 2015] <Cale> Apparently a new proof of False
[Tue Mar 24 18:57:15 2015] <Cale> Does anyone have the 8.5 beta to see if it works there too?
[Tue Mar 24 18:58:16 2015] <Anarchos> Cale i would thought that edge cases are more toroughly tested...
[Tue Mar 24 18:58:42 2015] <Anarchos> not speaking of (1+max_int) < 0 in ocaml , without warning...
[Tue Mar 24 19:00:25 2015] <Cale> Wasn't the last proof of False due to a bug in vm_compute as well?
[Tue Mar 24 19:03:20 2015] <Saizan> shouldn't the kernel checker catch this?
[Tue Mar 24 19:05:04 2015] <Cale> Unable to communicate with coqtop, restarting coqtop.
[Tue Mar 24 19:05:04 2015] <Cale> Error was: Broken pipe
[Tue Mar 24 19:05:23 2015] <Cale> Trying to Eval vm_compute in hard bool.  where hard : forall (A : Type), A.
[Tue Mar 24 19:05:28 2015] <Cale> :D
[Tue Mar 24 19:05:46 2015] <Anarchos> Cale funny i used a type with 256 constructors this week
[Tue Mar 24 19:07:07 2015] <Cale> Eval compute in hard bool. doesn't crash though
[Tue Mar 24 19:07:12 2015] <Cale>      = match (fun (X : Type) (t : X) => t) return (forall A : Type, A) with
[Tue Mar 24 19:07:12 2015] <Cale>        end bool
[Tue Mar 24 19:07:12 2015] <Cale>      : bool
[Tue Mar 24 19:12:30 2015] <vanila> How would you make a better vm_compute that doesn't let you prove false?
[Tue Mar 24 20:42:56 2015] <johnw> vanila: Maybe write one in Coq?
[Tue Mar 24 20:52:17 2015] <johnw> I don't know if it's because of performance issues or something
[Tue Mar 24 20:52:37 2015] <johnw> but it would nice if Coq were hosted in Coq, but they committed the OCaml extracted files so you could bootstrap on new platforms
[Tue Mar 24 20:53:15 2015] <vanila> I'm not sure that woudl work well for the typechecker itsef
[Tue Mar 24 20:55:20 2015] <vanila> but just for a fast evaluator (like vm_compute) it should be really good
[Wed Mar 25 02:58:06 2015] <nkar``> I think I got it right this time: https://gist.github.com/nkaretnikov/86b84f74ff2cdc216bba
[Wed Mar 25 03:36:11 2015] <Cale> nkar``: I think I see a mistake...
[Wed Mar 25 03:36:19 2015] <Cale>   subseq [3] [2,2,3]
[Wed Mar 25 03:36:19 2015] <Cale>   -------------------- (s_same)
[Wed Mar 25 03:36:19 2015] <Cale>   subseq [2,3] [2,2,3]
[Wed Mar 25 03:36:31 2015] <nkar``> thanks
[Wed Mar 25 03:36:52 2015] <nkar``> should be: subseq [3] [2,3]
[Wed Mar 25 03:37:09 2015] <Cale> yeah, you have an extra s_diff step inserted there
[Wed Mar 25 03:37:36 2015] <nkar``> Cale: is there a preferred notation for expressing non-valid cases, like I did with a '!'?
[Wed Mar 25 03:40:41 2015] <Cale> I dunno, you might want not to put a line above the subseq [2,3] [] etc. as that looks like you're saying it's derivable from the empty context
[Wed Mar 25 03:40:55 2015] <Cale> (even though there's (no rule) off to the side)
[Wed Mar 25 03:41:14 2015] <nkar``> okay, I'll do that
[Wed Mar 25 03:41:54 2015] <Cale> nkar``: Who is this for? Just for yourself?
[Wed Mar 25 03:42:10 2015] <Cale> Or are you taking a course?
[Wed Mar 25 03:42:12 2015] <nkar``> Cale: yes, it's from software foundations, which I'm reading
[Wed Mar 25 03:42:20 2015] <nkar``> yes to the first question
[Wed Mar 25 03:45:24 2015] <Cale> btw, did you try proving all these things in Coq?
[Wed Mar 25 03:46:04 2015] <nkar``> I do the provided exercises
[Wed Mar 25 03:46:24 2015] <nkar``> but I haven't proved anything with this def'n of subseq yet
[Wed Mar 25 03:46:37 2015] <nkar``> why are you asking?
[Wed Mar 25 03:47:07 2015] <nkar``> Cale: are you trying to hint that a machine checked proof is better than an informal one?  if so, I'm well aware :)
[Wed Mar 25 03:48:24 2015] <Cale> Well, you could do the very same thing using a sequence of apply steps, and see how the context changes.
[Wed Mar 25 03:49:33 2015] <nkar``> Cale: ah, that's a good idea!
[Wed Mar 25 03:51:34 2015] <nkar``> Cale: but how do I express the impossible cases?  do I need to [Abort.] a proof in such cases?
[Wed Mar 25 03:51:57 2015] <Cale> Well, you could try to prove  not (subseq [1,2,3] [1,2])
[Wed Mar 25 03:52:07 2015] <nkar``> nice!
[Wed Mar 25 03:58:08 2015] <nkar``> how do I properly express this: [Lemma app_cons_snoc : forall (X : Type) (xs : list X) (x : X), xs -> x :: xs ++ [x].]  I know that [xs] needs to be a [Prop] to be used like this, but I'm not sure how to restate it.
[Wed Mar 25 03:58:09 2015] <Cale> (for that, you'll probably want to use inversion a bunch)
[Wed Mar 25 03:58:50 2015] <Cale> What are you trying to prove?
[Wed Mar 25 03:58:57 2015] <Cale> Are you just trying to define the function which does that?
[Wed Mar 25 03:59:26 2015] <nkar``> Cale: I decided to make a few examples for my [pal] definition, which has this rule: [p_rec : forall (x : X) (xs : list X), pal xs -> pal (x :: xs ++ [x]).]  since I don't want to use [replace] every time, I want a lemma.
[Wed Mar 25 03:59:35 2015] <nkar``> so, do I need a function instead?
[Wed Mar 25 03:59:36 2015] <johnw> why are you making "xs" an argument and an argument type?
[Wed Mar 25 04:00:21 2015] <nkar``> johnw: hi!  well, it look like a natural translation of the [pal] rule.  do I need just [x :: xs ++ [x]]?
[Wed Mar 25 04:00:24 2015] <Cale> I'm not sure I understand what you want the lemma to be
[Wed Mar 25 04:00:33 2015] <nkar``> looked*
[Wed Mar 25 04:00:55 2015] <Cale> Can you give more detail about what you're trying to do?
[Wed Mar 25 04:00:59 2015] <nkar``> sure
[Wed Mar 25 04:01:43 2015] <nkar``> Cale: I want to be able to rewrite things like [pal [1;2;3;4;4;3;2;1]] as [pal (1 :: [2;3;4;4;3;2] ++ [1])] by without using [replace], so I could apply my [pal] rule with [apply].
[Wed Mar 25 04:01:55 2015] <nkar``> s/by//
[Wed Mar 25 04:02:26 2015] <nkar``> does this example make it clear?
[Wed Mar 25 04:03:21 2015] <Cale> So you want to apply p_rec?
[Wed Mar 25 04:03:36 2015] <Cale> Or the opposite of p_rec?
[Wed Mar 25 04:04:09 2015] <Cale> forall (x : X) (xs : list X),  pal (x :: xs ++ [x]) -> pal xs ?
[Wed Mar 25 04:04:55 2015] <nkar``> Cale: I want the proof of [Example pal_1_2_3_4_4_3_2_1 : pal [1;2;3;4;4;3;2;1].] be a sequence of [apply]s.  but I need to rewrite the list before I can [apply p_rec].
[Wed Mar 25 04:05:29 2015] <nkar``> I want it to be as transparent as the hand-written inference rule
[Wed Mar 25 04:11:31 2015] <nkar``> Cale: I'm going to paste an example shortly
[Wed Mar 25 04:13:54 2015] <nkar``> Cale, johnw: instead of using [replace]s here, I just want to apply some lemma: https://gist.github.com/nkaretnikov/3baf1ee07fe0f41646a3 (ignore the lemma)
[Wed Mar 25 04:15:17 2015] <nkar``> (so I don't have to prove each [replace] after I applied the rules.)
[Wed Mar 25 04:16:41 2015] <Cypi> You could prove [forall X (xs : list X), length xs > 0 -> pal (head xs :: (middle xs) ++ [last xs]) -> pal xs], where head, middle and last are the correct functions, maybe, something like that.
[Wed Mar 25 04:18:50 2015] <nkar``> Cypi: but how do I define head/last in a total language (without using Option or a default argument)?  I've already asked about this multiple times.
[Wed Mar 25 04:19:08 2015] <nkar``> Cypi: because your def'n implies that I need to return an element of type X.
[Wed Mar 25 04:25:21 2015] <Cale> http://lpaste.net/129502
[Wed Mar 25 04:25:38 2015] <Cale> I actually don't fully know why that works
[Wed Mar 25 04:25:57 2015] <Cale> It does more computation for some reason
[Wed Mar 25 04:26:25 2015] <Cale> I originally intended to put a "simpl in G" in the sapply tactic there
[Wed Mar 25 04:26:43 2015] <Cale> But it turned out not to be required
[Wed Mar 25 04:27:45 2015] <Cale> Oh bizarre
[Wed Mar 25 04:27:51 2015] <Cale> Ltac sapply f := apply f.
[Wed Mar 25 04:27:52 2015] <Cale> also works
[Wed Mar 25 04:28:06 2015] <Cale> errrr
[Wed Mar 25 04:28:09 2015] <Cale> no wait
[Wed Mar 25 04:28:12 2015] <Cale> lol
[Wed Mar 25 04:28:18 2015] <Cale> Why did I think apply wasn't going to work?
[Wed Mar 25 04:28:26 2015] <Cale> apply *does* work
[Wed Mar 25 04:28:58 2015] <Cale> http://lpaste.net/129502 edited :)
[Wed Mar 25 04:32:27 2015] <nkar``> * looks
[Wed Mar 25 04:34:11 2015] <nkar``> Cale: nice, thank you!
[Wed Mar 25 04:35:29 2015] <nkar``> Cale: but I do wonder whether it could be simplified, so you don't have to write down the list every time instead of just applying p_rec.
[Wed Mar 25 04:37:18 2015] <Cale> http://lpaste.net/129519
[Wed Mar 25 04:37:46 2015] <Cale> You can tell it which steps to apply based on the goal
[Wed Mar 25 04:38:53 2015] <nkar``> Cale: oh, that's too advanced for me, and I meant something different. I want to rewrite it as a sequence of [apply p_rec]s.
[Wed Mar 25 04:40:52 2015] <Cale> well, you could have:
[Wed Mar 25 04:40:55 2015] <Cale> Ltac pRec := match goal with
[Wed Mar 25 04:40:55 2015] <Cale>                | [ |- pal (cons ?x ?xs) ] => apply (p_rec x (rev (tl (rev xs)))); simpl
[Wed Mar 25 04:40:55 2015] <Cale>              end.
[Wed Mar 25 04:41:03 2015] <Cale> just the one thing to try
[Wed Mar 25 04:42:37 2015] <Cale> apply isn't smart enough to figure out what the arguments to p_rec ought to be
[Wed Mar 25 04:42:42 2015] <Cale> But we are
[Wed Mar 25 04:43:22 2015] <Cale> In particular apply doesn't know what ++ does.
[Wed Mar 25 04:43:35 2015] <Cale> It could be an arbitrary list function, for all apply knows.
[Wed Mar 25 04:45:05 2015] <nkar``> I don't know Ltac. :\
[Wed Mar 25 04:45:43 2015] <Cale> Well, you're effectively writing in the Ltac language when you give the tactics which are part of your proof.
[Wed Mar 25 04:46:26 2015] <nkar``> well, nevermind, I think it'd be better for me to focus on the things that the book shows
[Wed Mar 25 04:46:29 2015] <Cale> It's just, you can take any command you could have written as part of a proof
[Wed Mar 25 04:46:33 2015] <Cale> and define that as a new thing
[Wed Mar 25 04:46:33 2015] <nkar``> and dive in slowly, step by step
[Wed Mar 25 04:46:56 2015] <Cale> The thing which you're really not familiar with is "match goal with"
[Wed Mar 25 04:47:50 2015] <Cale> which is allowed in ordinary proofs, but not so useful unless you use some tactic which is higher order in some way, or as in this case, as part of a defined tactic
[Wed Mar 25 04:48:53 2015] <Cale> Just to be clear, we could have written this: http://lpaste.net/129534
[Wed Mar 25 04:49:08 2015] <nkar``> Cale: how do I prove the not example here? https://gist.github.com/nkaretnikov/3baf1ee07fe0f41646a3
[Wed Mar 25 04:50:28 2015] <Cypi> nkar`` : about your previous question, you can write something like this: http://lpaste.net/129537
[Wed Mar 25 04:50:39 2015] <Cypi> (the "return" annotation is not necessary, just there for clarity)
[Wed Mar 25 04:50:51 2015] <Cale> nkar``: Well, when you do the inversion H there, do you get any suspicious looking things in the context?
[Wed Mar 25 04:52:32 2015] <nkar``> Cale: I don't see anything useful: [H1 : pal xs;  H0 : x = 1;  H2 : xs ++ [1] = [2; 3; 4; 5]]
[Wed Mar 25 04:52:54 2015] <Cale> xs ++ [1] = [2; 3; 4; 5] -- how plausible does this seem?
[Wed Mar 25 04:53:10 2015] <Cale> Remember: you're trying to prove False
[Wed Mar 25 04:53:18 2015] <nkar``> Cale: well, it's nonsense, but I don't know how to use it.
[Wed Mar 25 04:53:32 2015] <Cale> So the problem is that there's this (++) in the way
[Wed Mar 25 04:53:35 2015] <nkar``> do I need to look for the app lemmas?
[Wed Mar 25 04:53:52 2015] <nkar``> okay, let me think a bit
[Wed Mar 25 04:53:58 2015] <Cale> I mean, what if (++) is a constant function which always gives [2;3;4;5] as its result?
[Wed Mar 25 04:54:18 2015] <Cale> That's not the case, but how do we know that here? How can we get the definition of (++) involved?
[Wed Mar 25 04:54:38 2015] <Cale> We need to be able to unfold it by a step at least
[Wed Mar 25 04:54:57 2015] <Cale> and for that to happen, we need to do a case analysis on xs
[Wed Mar 25 04:55:14 2015] <nkar``> * tries
[Wed Mar 25 05:01:16 2015] <Cale> The proof you get might be fairly long and messy, but it should be extremely repetitive.
[Wed Mar 25 05:02:28 2015] <nkar``> Cale: will it be easier to prove not (pal [1;2]) first?
[Wed Mar 25 05:02:39 2015] <nkar``> (so I don't have to deal with many cases)
[Wed Mar 25 05:03:03 2015] <nkar``> I'm assuming the repetition you're talking about comes from the number of elements
[Wed Mar 25 05:03:14 2015] <nkar``> is it the case?
[Wed Mar 25 05:03:17 2015] <Cale> It does come from the number of elements
[Wed Mar 25 05:03:42 2015] <nkar``> okay, then I'll try that first
[Wed Mar 25 05:03:57 2015] <Cale> You're trying to show that  forall (xs : list nat), not (xs ++ [1] = [2,3,4,5]).
[Wed Mar 25 05:04:33 2015] <Cale> You could do this by a sequence of lemmas, which proved first  forall (xs : list nat), not (xs ++ [1] = []).
[Wed Mar 25 05:04:44 2015] <Cale> and then forall (xs : list nat), not (xs ++ [1] = [5]).
[Wed Mar 25 05:04:46 2015] <nkar``> Cale: thanks for your help, it's been a fruitful discussion (at least for me :))
[Wed Mar 25 05:04:49 2015] <Cale> and so on
[Wed Mar 25 05:21:42 2015] <Cale> Did you manage to get it in the messy way?
[Wed Mar 25 05:21:51 2015] <Cale> nkar``: ^^
[Wed Mar 25 05:23:35 2015] <nkar``> Cale: I proved [not (pal [1;2])] with [Lemma not_xs_1 : forall (xs : list nat), not (xs ++ [1] = []).], now I'm trying to define a more general lemma.
[Wed Mar 25 05:23:44 2015] <nkar``> s/define/prove/
[Wed Mar 25 05:24:53 2015] <nkar``> okay, I've just proved [Lemma not_app_nil : forall (X : Type) (xs ys : list X) (y : X), not (xs ++ y :: ys = []).]
[Wed Mar 25 05:24:53 2015] <nkar``>  
[Wed Mar 25 05:32:16 2015] <nkar``> Cale: woo, I proved [Example not_pal_1_2_3_4_5 : not (pal [1;2;3;4;5]).] using the above lemma!
[Wed Mar 25 05:32:27 2015] <nkar``> indeed, there's a lot of repetition.
[Wed Mar 25 05:34:49 2015] <nkar``> the proof is at the bottom: https://gist.github.com/nkaretnikov/3baf1ee07fe0f41646a3
[Wed Mar 25 05:35:28 2015] <Cale> Now try  not (pal [1;2;3;4;1])  :)
[Wed Mar 25 05:36:32 2015] <nkar``> I wanted to try [not (pal [1,2,3,3,4,3,2,1])], but I'll do the suggested one first
[Wed Mar 25 05:37:16 2015] <Cale> Or maybe even just [1;2;3;1], which is the same but with a little less repetitive portion
[Wed Mar 25 05:37:36 2015] <nkar``> okay :)
[Wed Mar 25 05:38:23 2015] <nkar``> Cale: is there a way to get rid of repetition in [not_pal_1_2_3_4_5] without using Ltac?
[Wed Mar 25 05:38:29 2015] <sgnb> nkar``: why don't you prove "pal x" is equivalent to "x = rev x"?
[Wed Mar 25 05:38:47 2015] <sgnb> (or define it this way)
[Wed Mar 25 05:39:45 2015] <nkar``> sgnb: re: define: the book says: "Define an inductive proposition [pal] on [list X] that captures what it means to be a palindrome. (Hint: You'll need three cases.  Your definition should be based on the structure of the list; just having a single constructor c : forall l, l = rev l -> pal l may seem obvious, but will not work very well.)"
[Wed Mar 25 05:39:47 2015] <Cale> Yeah, I suppose the right way is to do that and then use decidable equality.
[Wed Mar 25 05:40:41 2015] <nkar``> sgnb: I proved [Theorem pal_rev : forall (X : Type) (xs : list X), pal xs -> xs = rev xs.], but couldn't prove the opposite
[Wed Mar 25 05:42:33 2015] <nkar``> Cale: what's decidable equality?  this description is to brief for me: http://ncatlab.org/nlab/show/decidable+equality
[Wed Mar 25 05:42:53 2015] <nkar``> or, rather, how do I use it?
[Wed Mar 25 05:43:43 2015] <Cypi> Having decidable equality for a type T means that you can provide a function [forall (t1 t2 : T), {t1 = t2} + {t1 <> t2}]
[Wed Mar 25 05:43:56 2015] <Cypi> in other words: it is possible to decide if two elements of T are equal or not
[Wed Mar 25 06:12:42 2015] <sgnb> nkar``: https://paste.debian.net/163128/
[Wed Mar 25 06:17:57 2015] <sgnb> nkar``: then all your "pal <constant list>" examples become "apply rev_pal; reflexivity"
[Wed Mar 25 06:19:09 2015] <sgnb> nkar``: and all your "not (pal <constant list>)" examples become "intro H; apply pal_rev in H; disciminate"
[Wed Mar 25 06:21:49 2015] <nkar``> sgnb: interesting, thanks.  but there are tactics, which are not covered in the book, so I'd rather not use this.
[Wed Mar 25 06:26:06 2015] <sgnb> nkar``: well, the key thing here is well founded induction... isn't that covered in your book?
[Wed Mar 25 06:26:38 2015] <nkar``> I don't think so
[Wed Mar 25 06:27:39 2015] <sgnb> that's too bad...
[Wed Mar 25 06:28:11 2015] <sgnb> IMHO, it's torture to prove your "pal <constant list>" examples without using rev_pal
[Wed Mar 25 06:29:08 2015] <sgnb> (and conversely, to prove your "not (pal <constant list>)" examples without using pal_rev)
[Wed Mar 25 06:32:44 2015] <nkar``> sgnb: to be fair, there's an example that requires to prove pal_rev.  it's just that I don't know how to do it using only the covered tactics.  after trying to prove it for two weeks while constantly bugging this channel, I decided to skip it.
[Wed Mar 25 09:19:55 2015] <schoppenhauer> channel list
[Wed Mar 25 09:19:57 2015] <schoppenhauer> chat list
[Wed Mar 25 09:20:01 2015] <schoppenhauer> wah sorry
[Wed Mar 25 09:20:04 2015] <schoppenhauer> wrong channel ...
[Wed Mar 25 09:20:10 2015] <schoppenhauer> (I'm using bitlbee ... :/ )
[Wed Mar 25 09:24:35 2015] <RchrdB> The obvious interpretation is that you mistook the #coq window for your bitlbee chat window.
[Wed Mar 25 09:25:16 2015] <RchrdB> The funnier interpretation is that you're connecting your IRC client to bitlbee and then having bitlbee connect to an IRC server on your behalf.
[Wed Mar 25 12:36:28 2015] <Choups314> Is there an easy way to configure the coq codebase for merlin (in vim) ?
[Wed Mar 25 15:46:42 2015] <benzrf> hhhhhmmmmmm
[Wed Mar 25 15:46:50 2015] <benzrf> how does path relevance in hott work?
[Wed Mar 25 15:47:11 2015] <johnw> hmm?
[Wed Mar 25 15:47:15 2015] <johnw> where do you find that?
[Wed Mar 25 15:47:15 2015] <benzrf> if i can prove nat = bin, how am i not allowed to prove S : bin -> bin
[Wed Mar 25 15:49:14 2015] <scott> you would be allowed to do that, as I understand it
[Wed Mar 25 15:50:08 2015] <scott> it would be a different 'version' of S in my mind, but I actually have no idea how this stuff is going to be implemented
[Wed Mar 25 16:05:34 2015] <johnw> benzrf: who says you're not allowed?
[Wed Mar 25 16:06:03 2015] <benzrf> o-O
[Wed Mar 25 16:06:12 2015] <benzrf> i can do that?
[Wed Mar 25 16:06:27 2015] <johnw> I don't know the answer to that; I want to know why you think you can't
[Wed Mar 25 16:06:31 2015] <benzrf> uh
[Wed Mar 25 16:06:36 2015] <benzrf> i guess it doesnt make sense to me
[Wed Mar 25 16:06:48 2015] <johnw> so, that's way different from "not allowed"
[Wed Mar 25 16:06:55 2015] <benzrf> hha
[Wed Mar 25 16:07:02 2015] <benzrf> oooh
[Wed Mar 25 16:07:04 2015] <benzrf> wait
[Wed Mar 25 16:07:12 2015] <benzrf> i guess the application of the path to S is what has type bin
[Wed Mar 25 16:07:14 2015] <benzrf> not S itself
[Wed Mar 25 16:07:17 2015] <benzrf> which makes sense kind of
[Wed Mar 25 16:07:50 2015] <benzrf> the application of the path would result in S under the isomorphism
[Wed Mar 25 16:07:53 2015] <benzrf> n-neat
[Wed Mar 25 16:09:35 2015] <Anarchos> johnw i kept my inductive type with 256min : the Machregs.v file takes 10 min to compile.
[Wed Mar 25 16:09:48 2015] <Anarchos> johnw but at least it works without modification.
[Wed Mar 25 16:11:48 2015] <johnw> there is that
[Wed Mar 25 16:17:38 2015] <Anarchos> johnw but i decided that no register was destroyed by opcodes in mmix .
[Wed Mar 25 16:37:50 2015] <kba> What do you call the + and -'s you add in front of certain lines to make it more readable?
[Wed Mar 25 16:38:45 2015] <Ptival> bullets
[Wed Mar 25 16:42:09 2015] <kba> Thanks
[Wed Mar 25 19:40:23 2015] <ccomp> I may be making a dumb mistake here, but why can't Coq infer an internal placeholder of type Type? http://pastebin.ubuntu.com/10681202/
[Wed Mar 25 19:44:09 2015] <Cypi> You are not providing any return type for your function, so it could actually be many things (like [list (option A)] or [list (option (option A))] )
[Wed Mar 25 19:44:32 2015] <ccomp> Cypi: right, I was coming to that realization
[Wed Mar 25 19:44:38 2015] <ccomp> that None doesn't give much information
[Wed Mar 25 19:44:41 2015] <Cypi> So have to provide enough hints, e.g. by specifying a return type, or by instantiating nil with some argument
[Wed Mar 25 19:44:46 2015] <Cypi> (or cons, for that matter)
[Wed Mar 25 19:44:56 2015] <ccomp> I have a bad habit of leaving types implicit in Coq because it's sometimes easier
[Wed Mar 25 19:45:13 2015] <Cypi> A return type would be the best thing to do, imo :)
[Wed Mar 25 19:45:27 2015] <ccomp> done, worked, thanks
[Wed Mar 25 19:45:29 2015] <ccomp> :-)
[Wed Mar 25 19:50:08 2015] <ccomp> (fwiw, the Cons None nil should have been just l in the base case, too)
[Wed Mar 25 20:04:40 2015] <johnw> or @None A
[Wed Mar 25 21:25:20 2015] <schoppenhauer> (16
[Thu Mar 26 10:02:29 2015] <benzrf> hmmmmmmmm
[Thu Mar 26 10:02:43 2015] <benzrf> how do you turn, e.g., group isomorphism, into equality in hott
[Thu Mar 26 10:02:54 2015] <benzrf> how do you have a type representing a group such that you can write predicates on that type
[Thu Mar 26 10:03:13 2015] <benzrf> about its group props
[Thu Mar 26 11:22:34 2015] <Saizan> benzrf: a group type would be a record that contains the carrier type (which you should require to be an hSet) and the operations and the laws
[Thu Mar 26 11:23:10 2015] <Saizan> benzrf: then a group isomorphism is defined in the usual way, as an isomorphism that respects the group operations
[Thu Mar 26 11:23:41 2015] <Saizan> benzrf: and through univalence and some congruence proofs you can turn that into an equality of the groups
[Thu Mar 26 11:54:25 2015] <benzrf> hmmmmmm
[Thu Mar 26 11:54:33 2015] <benzrf> hold on
[Thu Mar 26 11:54:35 2015] <benzrf> so like
[Thu Mar 26 11:54:48 2015] <benzrf> Inductive grp : Type :=
[Thu Mar 26 11:55:31 2015] <benzrf> | grp : forall (G : Type) (o : G -> G -> G), formsgroup G o, grp.
[Thu Mar 26 11:55:37 2015] <benzrf> | grp : forall (G : Type) (o : G -> G -> G), formsgroup G o -> grp.
[Thu Mar 26 11:55:42 2015] <benzrf> (the second one is a correction)
[Thu Mar 26 11:56:41 2015] <Saizan> yeah
[Thu Mar 26 11:57:10 2015] <benzrf> er, hold on
[Thu Mar 26 11:57:30 2015] <benzrf> Saizan: grp would have to be parameterized wouldnt it
[Thu Mar 26 11:58:09 2015] <benzrf> * has gone and confused himself
[Thu Mar 26 12:03:55 2015] <Saizan> benzrf: nope
[Thu Mar 26 12:14:45 2015] <johnw> you could move the (G: Type) argument up to an index, if you wanted to
[Thu Mar 26 12:15:01 2015] <johnw> that would make some uses of grp easier
[Thu Mar 26 12:15:10 2015] <johnw> but not necessary
[Thu Mar 26 12:39:33 2015] <benzrf> uhh
[Thu Mar 26 12:39:43 2015] <benzrf> ok then what would a grp iso then equality look like
[Thu Mar 26 12:39:52 2015] <benzrf> argh
[Thu Mar 26 12:39:54 2015] <benzrf> i gotta go
[Thu Mar 26 12:40:02 2015] <benzrf> please answer while im gone, ill read it when back :|
[Thu Mar 26 12:40:11 2015] <benzrf> is htis about custom-defined paths or something?
[Thu Mar 26 12:56:06 2015] <Saizan> http://homotopytypetheory.org/2012/09/23/isomorphism-implies-equality/
[Thu Mar 26 12:56:20 2015] <Saizan> benzrf: no, you don't need an higher inductive type for grp
[Thu Mar 26 12:57:06 2015] <benzrf> what would the isomorphism be between
[Thu Mar 26 12:57:48 2015] <nkar`> benzrf: fwiw, there's ##hott
[Thu Mar 26 12:57:55 2015] <johnw> Saizan: are you Nils?
[Thu Mar 26 12:58:33 2015] <benzrf> let nils = repeat []
[Thu Mar 26 13:00:12 2015] <Saizan> johnw: nope
[Thu Mar 26 13:00:21 2015] <benzrf> hold on though
[Thu Mar 26 13:00:30 2015] <benzrf> does iso-implies-eq hold beyond just plain types
[Thu Mar 26 13:00:38 2015] <Saizan> johnw: nils is in the office in front of mine though :)
[Thu Mar 26 13:00:47 2015] <johnw> ah, cool!
[Thu Mar 26 13:00:58 2015] <johnw> I want to get a better handle on canonical structures
[Thu Mar 26 13:01:26 2015] <johnw> and I still have yet to grasp encoding algebraic signatures with Coq
[Thu Mar 26 13:01:32 2015] <Saizan> benzrf: see the blog post, they define what an iso for an algebraic structure should be
[Thu Mar 26 13:02:09 2015] <Saizan> benzrf: but it's the same thing you'd get from isos in the category of groups, or from universal algebra
[Thu Mar 26 13:03:11 2015] <benzrf> hmmmm hold on
[Thu Mar 26 13:03:14 2015] <benzrf> wait, so
[Thu Mar 26 13:03:32 2015] <benzrf> what would be the type of a group iso under the encoding i posted above
[Thu Mar 26 13:03:40 2015] <benzrf> grp <-> grp?
[Thu Mar 26 13:07:01 2015] <Saizan> GrpIso (grp A Ao p) (grp B Bo p) = Sigma (f : Iso A B), (forall a0 a1, applyIso f (Ao a0 a1) = Bo (applyIso f a0) (applyIso f a1))
[Thu Mar 26 13:07:16 2015] <Saizan> GrpIso (grp A Ao p) (grp B Bo q) = Sigma (f : Iso A B), (forall a0 a1, applyIso f (Ao a0 a1) = Bo (applyIso f a0) (applyIso f a1))
[Thu Mar 26 13:07:22 2015] <Saizan> assuming p and q are propositional
[Thu Mar 26 13:09:58 2015] <benzrf> tfw i cant read agda
[Thu Mar 26 13:10:06 2015] <benzrf> Saizan: good lord
[Thu Mar 26 13:10:47 2015] <Saizan> that's more like informal notation than Agda
[Thu Mar 26 13:11:08 2015] <benzrf> Saizan: ah no
[Thu Mar 26 13:11:13 2015] <benzrf> that was a reponse to your link earlier
[Thu Mar 26 13:11:17 2015] <benzrf> *respones
[Thu Mar 26 13:11:19 2015] <benzrf> god dammit
[Thu Mar 26 13:11:19 2015] <Saizan> ah, fair enough
[Thu Mar 26 13:11:30 2015] <benzrf> wait so
[Thu Mar 26 13:11:43 2015] <benzrf> what constitutes an iso from the POV of the univalence axiom
[Thu Mar 26 13:12:29 2015] <johnw> same things an iso has always been
[Thu Mar 26 13:12:33 2015] <johnw> to . from = id = from . to
[Thu Mar 26 13:12:35 2015] <benzrf> fuck
[Thu Mar 26 13:12:37 2015] <benzrf> be back later ;-;
[Thu Mar 26 14:40:10 2015] <benzrf> johnw: yeah but
[Thu Mar 26 14:40:18 2015] <benzrf> can it be something other than a normal function
[Thu Mar 26 14:40:31 2015] <benzrf> like something in an arbitrary category
[Thu Mar 26 14:40:33 2015] <benzrf> idk
[Thu Mar 26 14:41:27 2015] <ianjneu> johnw: ehhhh no. Quasi-inverse versus bi-inverse is a subtle thing.
[Thu Mar 26 14:42:05 2015] <johnw> every time I answer anything about HoTT, somewhere in the back of my mind there is a little voice that says, "It's probably not as simple as that..."
[Thu Mar 26 14:43:15 2015] <ianjneu> johnw: ya, the subtle ways to shoot yourself with HoTT are reason enough for me to not touch it. It needs more work.
[Thu Mar 26 14:46:29 2015] <johnw> on the plus side, my foot is very well ventilated
[Thu Mar 26 14:46:57 2015] <johnw> reminds me of a comment from Stroustrup about C++
[Thu Mar 26 14:47:13 2015] <johnw> "We don't just let you shoot yourself in the foot, we give you a shotgun so you can take care of the whole leg."
[Thu Mar 26 14:49:56 2015] <hodapp> I'm more a fan of, "C++: An octopus made by nailing extra legs onto a dog."
[Thu Mar 26 14:50:55 2015] <Saizan> ianjneu: you can still turn isomorphisms into equalities
[Thu Mar 26 14:51:57 2015] <Saizan> benzrf: the blog post attaches a proof that just from the univalence axiom about simple isomorphisms of types you can derive the one about grp isomorphism
[Thu Mar 26 14:52:24 2015] <benzrf> i cant read the hardcore agda :|
[Thu Mar 26 14:52:40 2015] <Saizan> that's why i'm telling you what it does :)
[Thu Mar 26 14:52:51 2015] <Saizan> "how" would be a bit long
[Thu Mar 26 14:55:22 2015] <benzrf> hhhh
[Thu Mar 26 14:58:08 2015] <Saizan> but it's all about the equality for dependent products and functions working nicely, they are described in one of the first few chapters of the book
[Thu Mar 26 17:45:35 2015] <Anarchos> * returned to code
[Thu Mar 26 21:47:10 2015] <ccomp> I'm trying to use the following to prove that List's skipn function always reduces the list's size in reasonable circumstances:
[Thu Mar 26 21:47:24 2015] <ccomp> Lemma skipn_dec : forall (n:nat) (l:list A), gt n 0 * gt (length l) 0 -> lt (length (skipn n l)) (length l).
[Thu Mar 26 21:47:43 2015] <ccomp> but it's still trying to get me to prove the case where n = 0. What am I doing wrong? I'm very new to the syntax.
[Thu Mar 26 21:48:25 2015] <ccomp> I'm probably not combining the propositions correctly
[Thu Mar 26 21:50:41 2015] <ccomp> yup, appears it's assuming they're nats... I should probably go read more
[Thu Mar 26 21:52:12 2015] <ccomp> apparently all I needed was 'and' :/
[Thu Mar 26 21:53:49 2015] <alkabetz> Ah, this is [and : Prop -> Prop -> Prop]?
[Fri Mar 27 00:40:16 2015] <benzrf> night
[Fri Mar 27 05:17:45 2015] <jstolarek> I keep reading everywhere that "allowing nontermination allows to prove any theorem"
[Fri Mar 27 05:18:00 2015] <jstolarek> but I have yet not seen an explanation why
[Fri Mar 27 05:18:23 2015] <jstolarek> so, how would that be possible?
[Fri Mar 27 05:20:09 2015] <jstolarek> I was thinking that this onle-liner could be such a simple demonstration:
[Fri Mar 27 05:23:01 2015] <jstolarek> Fixpoint evil (A : Prop) : Prop := evil A.
[Fri Mar 27 05:23:08 2015] <jstolarek> not sure if that makes sense
[Fri Mar 27 05:23:38 2015] <jstolarek> (Of course I realize this definition is rejected, but I want to come up with a definition that, *if accepted* would allow to prove anything).
[Fri Mar 27 05:25:57 2015] <scott> jstolarek: yeah, that's right
[Fri Mar 27 05:26:13 2015] <scott> you can trivially do something like that in Haskell. foo :: a; foo = foo
[Fri Mar 27 05:26:28 2015] <scott> so Haskell's type system corresponds to an inconsistent logic
[Fri Mar 27 05:29:23 2015] <scott> oh, actually the point is that evil could return anything, so maybe something like Fixpoint evil (A : Prop) : A := evil A.
[Fri Mar 27 05:29:56 2015] <scott> evil takes any proposition A and return a proof of that proposition, but it takes forever to produce it :)
[Fri Mar 27 05:33:01 2015] <jstolarek> oh, right, the return type was wrong
[Fri Mar 27 05:33:03 2015] <jstolarek> thanks
[Fri Mar 27 05:45:16 2015] <lolisa> jstolarek, Fixpoint b (n:nat) : False := b 0.
[Fri Mar 27 06:21:38 2015] <lolisa> hello， are there anyone good at equality proving? (JMeq maybe) https://github.com/lolisa/Category_Theory/blob/master/Category_Theory.v How can I prove this? I am stuck, or do I need to restructure automorphism and isomorphism a bit?
[Fri Mar 27 07:32:04 2015] <lolisa>  How can I prove that all isomorphism on the same arrow is unique? Do I need to add more axiom to Category to prove this?
[Fri Mar 27 11:21:21 2015] <benzrf> hmm
[Fri Mar 27 11:21:27 2015] <benzrf> why is × a big deal in hott
[Fri Mar 27 11:21:38 2015] <benzrf> isnt it a degenerate form of Σ
[Fri Mar 27 11:21:47 2015] <benzrf> asking cause its one of the symobols on the cover of the book
[Fri Mar 27 11:23:58 2015] <Saizan> benzrf: it's more traditional than a big deal
[Fri Mar 27 11:26:18 2015] <benzrf> rip
[Fri Mar 27 11:33:13 2015] <sgnb> nkar`: actually, it is possible to prove it without well founded induction: https://paste.debian.net/163528/
[Fri Mar 27 11:34:09 2015] <nkar`> sgnb: thanks for the follow up!
[Fri Mar 27 11:34:11 2015] <nkar`> * looks
[Fri Mar 27 11:35:13 2015] <nkar`> omega, constructor, and assumption have not been covered in the book
[Fri Mar 27 11:35:56 2015] <nkar`> sgnb: would you like to prove it using the covered tactics if I gave you the list?
[Fri Mar 27 11:37:06 2015] <nkar`> sgnb: https://www.cis.upenn.edu/~bcpierce/sf/current/MoreCoq.html#lab182
[Fri Mar 27 11:37:23 2015] <nkar`> replace is missing from the list, though
[Fri Mar 27 11:48:26 2015] <Cale> benzrf: Although the book doesn't say too much about semantics, when you go to talk about categorical semantics of a product, just for the sake of how much more convenient it is, you definitely wouldn't want to treat it as a Sigma type.
[Fri Mar 27 11:48:47 2015] <Cale> benzrf: Compare the diagrams here: http://ncatlab.org/nlab/show/product#relation_to_type_theory with the ones here: http://ncatlab.org/nlab/show/dependent+sum#relation_to_type_theory
[Fri Mar 27 11:51:20 2015] <scott> that's a scary computation rule
[Fri Mar 27 11:54:04 2015] <Cale> It's formed by combining the diagram for intro and the diagram for elim (and adding an arrow)
[Fri Mar 27 11:54:45 2015] <Cale> It's mostly tricky because the type of p_2 is fancy.
[Fri Mar 27 11:54:54 2015] <scott> hmm, is that similar to eta expansion?
[Fri Mar 27 11:56:07 2015] <Cale> It's the beta rule
[Fri Mar 27 11:56:57 2015] <scott> hmm, the combination of introduction + elimination made me think eta
[Fri Mar 27 11:57:12 2015] <Cale> beta and eta both involve an intro and an elim
[Fri Mar 27 11:57:16 2015] <scott> as in something like eta p = (fst p, snd p), but that doesn't define the computation
[Fri Mar 27 11:57:16 2015] <Cale> it's just which way around :)
[Fri Mar 27 11:58:19 2015] <scott> Cale: beta is introduce => eliminate while eta is eliminate => (re-)introduce?
[Fri Mar 27 11:58:27 2015] <Cale> yeah
[Fri Mar 27 11:58:36 2015] <scott> makes sense
[Fri Mar 27 13:15:17 2015] <irishsultan> nkar` I have ha proof which only uses covered tactics
[Fri Mar 27 13:17:44 2015] <irishsultan> except ';' because it's just too handy (it's introduced in Imp.v)
[Fri Mar 27 13:18:18 2015] <irishsultan> I also use a few lemmas from the standard library, but they are mostly similar to properties from later in Prop.v
[Fri Mar 27 13:19:03 2015] <irishsultan> e.g. S n < S m -> n < m
[Fri Mar 27 13:19:43 2015] <irishsultan>  S n < m -> n < m
[Fri Mar 27 13:31:50 2015] <lpaste> irishsultan pasted “proof of rev_pal” at http://lpaste.net/129755
[Fri Mar 27 13:45:36 2015] <Cypi> I allow myself to suggest a shorter proof :p http://lpaste.net/129759
[Fri Mar 27 13:46:50 2015] <Cypi> Oh, right, my definition of pal was not the same, sorry :x
[Fri Mar 27 14:02:08 2015] <irishsultan> Cypi, your definition works, but they warn that it makes things more difficult
[Fri Mar 27 14:02:14 2015] <irishsultan> presumably for other reasons
[Fri Mar 27 14:03:20 2015] <irishsultan> oh, no sorry, it's ok, except it misses an obvious case the empty list
[Fri Mar 27 14:04:52 2015] <irishsultan> ah, no, it doesn't
[Fri Mar 27 14:09:04 2015] <irishsultan> Cypi, your proof works too (after some renaming), it's much better than mine
[Fri Mar 27 14:11:02 2015] <irishsultan> and the reason it works better is that you don't use ';'
[Fri Mar 27 14:11:20 2015] <irishsultan> and destruct things in a different order
[Sat Mar 28 02:35:48 2015] <MegaDork>  سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ
[Sat Mar 28 06:35:20 2015] <p0a> Hello I have some definitions in CoqIde
[Sat Mar 28 06:35:29 2015] <p0a> how can I run some evaluation queries?
[Sat Mar 28 06:35:38 2015] <p0a> Sort of like Eval compute in ex2 4.
[Sat Mar 28 06:35:45 2015] <p0a> (this is not homework)
[Sat Mar 28 06:44:05 2015] <p0a> Also, a definition working in Coq does not work in CoqIde
[Sat Mar 28 06:44:11 2015] <p0a> ah, nevermind. Forgot to require List
[Sun Mar 29 08:42:19 2015] <stoopkid> anybody familiar with HoTT?
[Sun Mar 29 08:45:42 2015] <hodapp> yes... there is also #hott
[Sun Mar 29 08:45:59 2015] <stoopkid> oh nice
[Sun Mar 29 08:54:48 2015] <stoopkid> well, #hott seems pretty empty
[Sun Mar 29 08:54:52 2015] <stoopkid> 1st question about homotopy type theory: the h-levels seem reminiscent to the chain complexes from homology, and they are also describing relationships between boundaries and interiors, is there a connection here?
[Sun Mar 29 08:55:12 2015] <lolisa> are there an IRC for category?
[Sun Mar 29 08:57:06 2015] <stoopkid> 2nd question about HoTT: i'm i correct in informally interpreting a type of h-level N as being *similar* to an (ND + (N-1)D + ... + 2D + 1D + (true/false)D + (singleton)D) "manifold"?
[Sun Mar 29 08:57:15 2015] <stoopkid> am i*
[Sun Mar 29 08:58:15 2015] <stoopkid> i can explain that better if it unintelligible
[Sun Mar 29 08:59:48 2015] <stoopkid> 1st question is just a curiosity, 2nd question is because i'm trying to come up with a data-structure to adequately model the concept of an "event"
[Sun Mar 29 09:02:56 2015] <Saizan> ##hott is the place
[Sun Mar 29 12:18:29 2015] <Choups314> Hi, I see it often, but I don't know what it means ... What does the term "evar" refer to exactly ?
[Sun Mar 29 12:20:14 2015] <ijp> an existential variable: ones that still need to be assigned a value
[Sun Mar 29 12:20:59 2015] <Choups314> ok, thanks ^^
[Sun Mar 29 16:20:15 2015] <osa1> "despite its simplicity the language is complete and universal" <- any ideas what does "complete" mean in this sentence?
[Sun Mar 29 16:20:37 2015] <osa1> e.g. is there a widely used notion of "completeness" in programming languages?
[Sun Mar 29 16:21:11 2015] <osa1> I think universal means turing complete in this sentence, so this completeness should mean something else
[Sun Mar 29 20:02:34 2015] <nkar`> If I define [Inductive total_relation : nat -> nat -> Prop := | tr : forall (x y : nat), total_relation x y.], I can prove [Theorem lt_total : forall (x y : nat), x < y -> total_relation x y. Proof. intros. apply tr. Qed.], which is nonsense since [lt] is not total.  so, is the first definition wrong, or does the second one not imply that [lt] is total?
[Sun Mar 29 20:03:06 2015] <vanila> total_relation doesn't take a relation
[Sun Mar 29 20:03:18 2015] <vanila> so I think both are wrong
[Sun Mar 29 20:03:30 2015] <vanila> you should be proving  Theorem lt_total : total_relation lt.  no?
[Sun Mar 29 20:03:41 2015] <Cypi> total_relation is just some relation on natural numbers which happen to be verified for any pair of nats
[Sun Mar 29 20:03:42 2015] <nkar`> no
[Sun Mar 29 20:04:04 2015] <Cypi> so indeed, you can prove anything of the form [forall x y, _ -> total_relation x y]
[Sun Mar 29 20:04:05 2015] <nkar`> vanila: I'm doing (** **** Exercise: 2 stars (total_relation) Define an inductive binary relation [total_relation] that holds between every pair of natural numbers. *)
[Sun Mar 29 20:04:14 2015] <vanila> oh
[Sun Mar 29 20:04:20 2015] <Cypi> Well, you did it, indeed :)
[Sun Mar 29 20:04:20 2015] <vanila> then total_relation is correct
[Sun Mar 29 20:04:33 2015] <Cypi> The theorem just doesn't prove anything on lt
[Sun Mar 29 20:04:50 2015] <vanila> You co uld also define
[Sun Mar 29 20:04:58 2015] <vanila> Definition total_relation (x y : nat) : Prop := True.
[Sun Mar 29 20:05:43 2015] <vanila> oh but its supposed to be inductive
[Sun Mar 29 20:06:04 2015] <nkar`> Cypi: so this definition can't be used to talk about relations because it doesn't accept a relation, as vanila said.
[Sun Mar 29 20:06:33 2015] <Cypi> Yes. You just defined a relation, not a predicate on relations
[Sun Mar 29 20:06:55 2015] <nkar`> okay
[Sun Mar 29 20:22:42 2015] <bigos> win 1
[Mon Mar 30 12:22:24 2015] <schoppenhauer> hm. does anybody know about the state of https://github.com/trefis/deques/, or the person who programmed it
[Mon Mar 30 14:16:39 2015] <kba> `Error: The reference mod was not found in the current environment.`. How do I use `mod`?
[Mon Mar 30 14:18:25 2015] <kba> I'm using 8.4pl5
[Mon Mar 30 15:40:34 2015] <Choups314> Does the -debug option in the configure enable the debug build (-g) of coq ?
[Mon Mar 30 16:09:08 2015] <benzrf> hmm
[Mon Mar 30 16:09:09 2015] <benzrf> given
[Mon Mar 30 16:09:22 2015] <benzrf> Definition injective {A B} (f : A -> B) : Prop := forall a b : A, f a = b -> a = b.
[Mon Mar 30 16:09:24 2015] <benzrf> and
[Mon Mar 30 16:09:28 2015] <benzrf> Definition injective' {A B} (f : A -> B) : Prop := forall a b : A, a <> b -> f a <> f b.
[Mon Mar 30 16:09:40 2015] <benzrf> then injective f -> injective' f but not vice versa, right?
[Mon Mar 30 16:12:24 2015] <scott> in general A -> B implies ~B -> ~A but not vice versa, so you're right
[Mon Mar 30 16:29:29 2015] <benzrf> goddamn
[Mon Mar 30 16:29:30 2015] <benzrf> i
[Mon Mar 30 16:29:35 2015] <benzrf> totally missed that that was a contrapositive
[Mon Mar 30 16:29:38 2015] <benzrf> o_O
[Mon Mar 30 16:29:50 2015] <benzrf> haha
[Mon Mar 30 16:46:51 2015] <notdan> ianjneu doing his PhD defense live: https://www.youtube.com/watch?v=P7LypmE01VI
[Mon Mar 30 16:46:54 2015] <notdan> :D
[Mon Mar 30 16:46:54 2015] <notdan> tha's pretty cool
[Mon Mar 30 16:47:36 2015] <johnw> ianjneu is doing an impressive imitataion of "Flash player out of date" :)
[Mon Mar 30 16:47:51 2015] <vanila> ol
[Mon Mar 30 16:47:52 2015] <vanila> lol
[Mon Mar 30 16:48:18 2015] <nkar`> johnw: youtube.com/html5 ?
[Mon Mar 30 16:48:20 2015] <vanila> 'livestreamer' command line program might let you watch it without flash
[Mon Mar 30 16:48:34 2015] <nkar`> johnw: youtube-dl?
[Mon Mar 30 16:49:39 2015] <johnw> nkar`: good point
[Mon Mar 30 16:49:59 2015] <notdan> well, I don't know if you can download a livestream
[Mon Mar 30 16:50:45 2015] <nkar`> let me try it
[Mon Mar 30 16:51:21 2015] <nkar`> I got ERROR: m3u8 download detected but ffmpeg or avconv could not be found. Please install one.
[Mon Mar 30 16:51:36 2015] <johnw> updated flash
[Mon Mar 30 16:54:14 2015] <Anarchos> notdan goodluck to him !!
[Mon Mar 30 17:19:41 2015] <c7362def> is there any documentation for what goes into a .vo file?  even pointers to specific Coq source code that exports/imports .vo file contents would be helpful.
[Mon Mar 30 17:28:04 2015] <benzrf> ooh i missed his thesis
[Mon Mar 30 17:30:35 2015] <Anarchos> benzrf neither  i could see it :(
[Tue Mar 31 13:47:01 2015] <kba> I tried making my own definition of mod since I can't seem to find any, https://gist.github.com/anonymous/4393ed91147c9dfcdac6
[Tue Mar 31 13:47:30 2015] <kba> But I get `Error: Cannot guess decreasing argument of fix.` and I can't seem to fix it
[Tue Mar 31 13:48:34 2015] <johnw> yeah, that's not going to work as it stands
[Tue Mar 31 13:48:51 2015] <kba> I understand that it probably doesn't accept "minus"
[Tue Mar 31 13:48:59 2015] <kba> and maybe I should match om something like (minus x d)
[Tue Mar 31 13:49:05 2015] <johnw> no ,the problem is it doesn't see you reducing x or d structurally
[Tue Mar 31 13:49:05 2015] <kba> so it knows what's decreasing
[Tue Mar 31 13:49:13 2015] <kba> yeah
[Tue Mar 31 13:49:24 2015] <johnw> you could say:
[Tue Mar 31 13:49:35 2015] <johnw> Program Fixpoint mod (x d : nat) {measure (minus x d)} ...
[Tue Mar 31 13:49:44 2015] <johnw> then you prove that x - d is smaller at each step
[Tue Mar 31 13:50:07 2015] <kba> Is there another way without measure?
[Tue Mar 31 13:50:16 2015] <kba> One using simpler constructs
[Tue Mar 31 13:50:29 2015] <johnw> well, there whatever construct Program Fixpoint is using
[Tue Mar 31 13:50:39 2015] <johnw> you can look at the resulting definition and see what it looks like
[Tue Mar 31 13:53:03 2015] <kba> I meant if I could do something just using match and stuff, like https://gist.github.com/anonymous/74efc07a6be326d5b4f0
[Tue Mar 31 13:53:13 2015] <kba> I'd prefer not to use measure
[Tue Mar 31 13:53:15 2015] <ianjneu> thanks to those that tuned in yesterday. I passed.
[Tue Mar 31 13:53:25 2015] <johnw> congrats, ianjneu!
[Tue Mar 31 13:53:28 2015] <johnw> I caught the latter half
[Tue Mar 31 13:53:39 2015] <johnw> kba: not without approaching the problem another way
[Tue Mar 31 13:53:52 2015] <kba> like how?
[Tue Mar 31 13:54:03 2015] <johnw> I haven't the free time right now to think that far into it
[Tue Mar 31 13:54:17 2015] <johnw> you'd need a way that does a match on "x" or "d"
[Tue Mar 31 13:54:25 2015] <johnw> not a match on the result of passing those arguments to a function
[Tue Mar 31 13:54:45 2015] <kba> Okay, I figured if I used (minus x d) as a match, it would see I was decreasing something
[Tue Mar 31 13:55:26 2015] <johnw> seeing that requires induction
[Tue Mar 31 13:55:39 2015] <johnw> perhaps minus x 1 would work, for example, but not minus x d for any x and d
[Tue Mar 31 13:55:58 2015] <kba> minus x 1 doesn't work either
[Tue Mar 31 13:56:03 2015] <kba> but matching on (S x') works
[Tue Mar 31 13:56:10 2015] <kba> but again, not the right result I gte
[Tue Mar 31 13:56:29 2015] <kba> and I don't know how to do (S x') a total of d times
[Tue Mar 31 13:57:46 2015] <johnw> that's why I would use Program Fixpoint :)
[Tue Mar 31 13:58:21 2015] <kba> hm
[Tue Mar 31 13:58:52 2015] <kba> never used that, don't know how
[Tue Mar 31 13:59:07 2015] <johnw> I showed you earlier
[Tue Mar 31 13:59:28 2015] <johnw> then, after the definition, type: Obligation 1.
[Tue Mar 31 13:59:34 2015] <johnw> and you'll prove the termination condition
[Tue Mar 31 13:59:50 2015] <kba> You wrote. Program Fixpoint mod (x d : nat) {measure (minus x d)}
[Tue Mar 31 13:59:56 2015] <kba> I don't even know what { } means here
[Tue Mar 31 14:00:07 2015] <johnw> it provides the measure
[Tue Mar 31 14:00:11 2015] <johnw> that's the exact syntax you need
[Tue Mar 31 14:00:20 2015] <kba> Program Fixpoint mod (x d : nat) {measure (minus x d)}.
[Tue Mar 31 14:00:22 2015] <kba> Error: Program Fixpoint needs defined bodies.
[Tue Mar 31 14:00:46 2015] <kba> if I do :=
[Tue Mar 31 14:00:48 2015] <kba> I get Error: Library Coq.Program.Wf has to be required first.
[Tue Mar 31 14:00:56 2015] <kba> If that's actually needed, I think I'm going to opt out ^^
[Tue Mar 31 14:01:11 2015] <johnw> yeah, that is what's needed
[Tue Mar 31 14:01:17 2015] <johnw> Wf is the library for proving well-foundedness
[Tue Mar 31 14:01:22 2015] <johnw> it provides the measure support
[Tue Mar 31 14:01:39 2015] <johnw> fwiw, I use Program Fixpoint pretty regularly
[Tue Mar 31 14:01:39 2015] <kba> okay, well I don't know what I'm doing anymore and how that would work, so I'll stop here
[Tue Mar 31 14:01:44 2015] <johnw> it doesn't introduce any new axioms or anything
[Tue Mar 31 14:01:44 2015] <kba> thanks for the help
[Tue Mar 31 14:02:00 2015] <johnw> you're very close to knowing what you're doing, btw :)
[Tue Mar 31 14:02:05 2015] <johnw> I'm sorry if this strange syntax seems confusing at first
[Tue Mar 31 14:02:20 2015] <kba> I wanted to make some extra for a term project, and we're usually not allowed to use what we haven't been taught
[Tue Mar 31 14:02:25 2015] <kba> so I feel like I'm going beyond that now
[Tue Mar 31 14:02:25 2015] <johnw> ahh
[Tue Mar 31 14:02:43 2015] <johnw> well, think on it more, see if you can find some way to prove it with ordinary structural recursion
[Tue Mar 31 14:03:25 2015] <kba> I had an idea, like when I match on stuff like | (S x) =>
[Tue Mar 31 14:03:29 2015] <kba> that defines a decrement
[Tue Mar 31 14:04:05 2015] <kba> so if I could do something like match with | (plus x' d) =>
[Tue Mar 31 14:04:10 2015] <kba> then that would "give me" the x' I needed
[Tue Mar 31 14:04:53 2015] <kba> because I want to find x' = x - d, which is x' + d = x
[Tue Mar 31 14:05:16 2015] <kba> and as long as d>0, then x' < x
[Tue Mar 31 14:05:57 2015] <kba> but I can't even use plus, Error: Unknown constructor: plus.
[Tue Mar 31 14:08:36 2015] <kba> https://gist.github.com/anonymous/d8e4488e162a25ab74ed
[Tue Mar 31 14:09:04 2015] <johnw> that certainly feels closer
[Tue Mar 31 14:09:15 2015] <johnw> I bet you only need to match on x
[Tue Mar 31 14:09:38 2015] <kba> well, I still get the "Unknown construct plus"
[Tue Mar 31 14:09:51 2015] <johnw> you can't call a function at that position
[Tue Mar 31 14:09:56 2015] <kba> and I felt I needed to match with d = 0, because if d = 0 and I do a recursion, it'll never decrement
[Tue Mar 31 14:10:00 2015] <johnw> constructors only there, like S ' x
[Tue Mar 31 14:10:01 2015] <johnw> S x'
[Tue Mar 31 14:10:04 2015] <kba> the recursion only terminates with d>0
[Tue Mar 31 14:10:12 2015] <johnw> ah ,ok
[Tue Mar 31 14:10:21 2015] <johnw> you should only need to match on one of them
[Tue Mar 31 14:11:12 2015] <kba> well, I have to make sure d>0. Otherwise with a recursive definition that does (mod (x-d) d), that'll just end up going (mod x 0) infinitely
[Tue Mar 31 14:11:50 2015] <kba> so I don't see how I could remove match d
[Tue Mar 31 14:11:59 2015] <kba> and I want to find x-d, so I need match x for that
[Tue Mar 31 14:20:23 2015] <johnw> ok, it may be that you need both
[Tue Mar 31 14:20:39 2015] <johnw> as I said, I havent' the mental space to be sure (I'm on the phone as we chat)
[Tue Mar 31 14:27:04 2015] <kba> I think I'll just skip it, I've already created a ton of stuff other than what was actually asked
[Tue Mar 31 14:27:34 2015] <johnw> :)
[Tue Mar 31 14:27:41 2015] <johnw> nice mind-bending stuff, isn't it
[Tue Mar 31 16:21:31 2015] <nkar`> does writing agda feel different from coq because it lacks tactics?  I'm concerned that tactics may hide a lot of details from me, which are important for learning how to prove things.  is it the case?
[Tue Mar 31 16:23:20 2015] <johnw> that really depends on what you're writing and why
[Tue Mar 31 16:23:30 2015] <johnw> also, you can use tactics less in Coq
[Tue Mar 31 16:23:51 2015] <johnw> and Agda has proving-related macros, like the equational reasoning module
[Tue Mar 31 16:24:08 2015] <nkar`> what do you mean by use less?
[Tue Mar 31 16:24:19 2015] <johnw> you can write proof terms ilterally, as you would in Agda
[Tue Mar 31 16:24:28 2015] <johnw> you just less automation from Emacs with creating them
[Tue Mar 31 16:24:41 2015] <johnw> tactics are only macros to build complex proof terms
[Tue Mar 31 16:24:57 2015] <nkar`> is it considered okay?
[Tue Mar 31 16:25:05 2015] <johnw> okay from what perspective?
[Tue Mar 31 16:25:08 2015] <nkar`> or should it be done only for learning purposes
[Tue Mar 31 16:25:16 2015] <nkar`> in general, I don't know
[Tue Mar 31 16:25:18 2015] <johnw> if you are using Coq to write proofs, it's 100% OK
[Tue Mar 31 16:25:25 2015] <johnw> because the proof term truly doesn't matter
[Tue Mar 31 16:25:43 2015] <johnw> if you're trying to build high-performance verified software, it *might* be OK, if you really have a good understanding of what the tactic will generate
[Tue Mar 31 16:26:05 2015] <johnw> you can also use tactics to write just plain old code
[Tue Mar 31 16:26:33 2015] <johnw> in that respect, it's generally not OK, since it's easy to create something that type checks but which is incorrect (at least, until you prove enough properties to guarantee the specified behavior)
[Tue Mar 31 16:26:39 2015] <nkar`> do you have examples/pointers on using more explicit style?
[Tue Mar 31 16:26:50 2015] <nkar`> oh, that's bad
[Tue Mar 31 16:26:54 2015] <nkar`> then, I'd rather not do it
[Tue Mar 31 16:27:05 2015] <johnw> don't shy away from tactics, they are part of Coq's power
[Tue Mar 31 16:27:29 2015] <johnw> for example, you write your code in Coq instead of assembly language why?
[Tue Mar 31 16:27:36 2015] <johnw> for the abstractions and reasoning power that assembly lacks
[Tue Mar 31 16:27:39 2015] <johnw> same thing with tactics
[Tue Mar 31 16:27:53 2015] <johnw> abstractions are never wrong, if you apply them correctly
[Tue Mar 31 16:28:06 2015] <johnw> I happen to use tactics to write ordinary functions all the time
[Tue Mar 31 16:28:30 2015] <johnw> when you do, it's helpful to also prove some properties about those functions, so that you confirm you understand what the tactics are doing
[Tue Mar 31 16:28:42 2015] <johnw> (plus, that's just good form all around)
[Tue Mar 31 16:28:44 2015] <nkar`> yeah, I understand that it's better to prove things without much effort.  I'm just worried that they prevent me from learning more.
[Tue Mar 31 16:29:26 2015] <johnw> possible
[Tue Mar 31 16:29:36 2015] <johnw> I would suggest then playing with both Coq and Agda, that's what I did
[Tue Mar 31 16:30:06 2015] <nkar`> but I guess I'll just stick to the sf course for now, then read a few more books before trying to experiment.
[Tue Mar 31 16:30:10 2015] <johnw> yes
[Tue Mar 31 16:30:15 2015] <johnw> don't worry about these details at this stage
[Tue Mar 31 16:30:32 2015] <johnw> get comfortable with tactic-driven proof, and you can always get into the gnarlier stuff later
[Tue Mar 31 16:30:44 2015] <johnw> every tactic you use corresponds to one or more things you could have written manually
[Tue Mar 31 16:30:55 2015] <nkar`> okay, thanks for taking the time to discuss this!
[Tue Mar 31 16:30:57 2015] <johnw> destruct is match, induction is recursion, pose is let, etc.
[Tue Mar 31 16:31:17 2015] <nkar`> * goes back to Prop.v
[Tue Mar 31 16:34:14 2015] <johnw> I'm sorry if I sounded condescending just then, that wasn't what I meant
[Tue Mar 31 16:34:36 2015] <nkar`> not at all!
[Tue Mar 31 18:18:49 2015] <benzrf> hmmmm
[Tue Mar 31 18:19:00 2015] <benzrf> if i define functions as kinds of relations
[Tue Mar 31 18:19:15 2015] <benzrf> then i can prove the existence of uncomputable "functions", cant i?
[Tue Mar 31 18:19:28 2015] <benzrf> since relations can be Props instead of computing something
[Tue Mar 31 19:15:19 2015] <johnw> right, CPDT covers this (not that exact example, but something similar)
[Tue Mar 31 19:15:45 2015] <johnw> for example, n / 0 is impossible, but Divide n 0 is clearly expressible
[Tue Mar 31 20:05:42 2015] <ccomp> Can anyone tell me why this weird error is happening on line 69?  http://pastebin.ubuntu.com/10715511/  If you run it from the top, it should happen there.
[Tue Mar 31 20:05:55 2015] <ccomp> (everything after line 69 is junk - ignore it)
[Tue Mar 31 20:06:37 2015] <ccomp> Oh wait... What am I saying.
[Tue Mar 31 20:06:54 2015] <ccomp> I haven't proven that IHn yet, have I?
[Tue Mar 31 20:15:18 2015] <ccomp> (That was more of a statement than a question :P )
[Tue Mar 31 20:23:38 2015] <johnw> the IHn is a given
[Tue Mar 31 20:23:51 2015] <johnw> what is the error?
[Tue Mar 31 20:27:11 2015] <ccomp> johnw: Error:
[Tue Mar 31 20:27:14 2015] <ccomp> Tactic failure:Unable to satisfy the rewriting constraints.
[Tue Mar 31 20:27:16 2015] <ccomp> Unable to satisfy the following constraints:
[Tue Mar 31 20:27:22 2015] <ccomp> followed by EVARS and a bunch of junk
[Tue Mar 31 20:27:45 2015] <ccomp> I was destructing rather inducting on l, which I probably didn't want to do, so I changed dthat
[Tue Mar 31 20:27:48 2015] <ccomp> but the error persists
[Tue Mar 31 20:28:24 2015] <ccomp> It seems that I should be able to use IHn
[Tue Mar 31 20:29:12 2015] <ccomp> johnw: full error: http://pastebin.ubuntu.com/10715646/
[Tue Mar 31 20:31:12 2015] <ccomp> I saw something online about environment pollution or something, and that restarting the IDE solved it. So I commented out all my previous theorems (which aren't used up to that point) and restarted the IDE. No dice.
[Tue Mar 31 20:31:43 2015] <ccomp> (Also, I'm very new to Coq, so it's possible that the problem is obvious and trivial.)
[Tue Mar 31 20:34:25 2015] <ccomp> I've also been trying to apply the above-defined skipn_head, but I'm getting "Error: Unable to find an instance for the variable a."
[Tue Mar 31 20:45:11 2015] <johnw> interesting
[Tue Mar 31 20:45:21 2015] <johnw> you are bringing in the setoid rewriting stuff
[Tue Mar 31 20:45:25 2015] <johnw> is this with 8.4pl5?
[Tue Mar 31 20:50:52 2015] <ccomp> johnw: 8.4pl5 on OpenBSD
[Tue Mar 31 20:51:04 2015] <ccomp> nothing's happening aside from what you see there
[Tue Mar 31 20:51:16 2015] <ccomp> i.e. the command to open coqide is just "coqide"
[Tue Mar 31 20:51:28 2015] <ccomp> I've been experiencing it whenever trying to use an IHn
[Tue Mar 31 20:51:36 2015] <ccomp> in this code, anyway
[Tue Mar 31 20:52:02 2015] <ccomp> again, it could be something very simple. I don't have enough experience to have intuition about the sanity of what I'm doing.
[Tue Mar 31 20:52:52 2015] <johnw> let me try
[Tue Mar 31 20:53:23 2015] <johnw> ok, IHn here is not an equality
[Tue Mar 31 20:53:27 2015] <johnw> it's a relation
[Tue Mar 31 20:55:35 2015] <ccomp> I see. So I'd be applying it, right?
[Tue Mar 31 20:55:55 2015] <johnw> yes, or some other lemma dealing with relations
[Tue Mar 31 20:55:59 2015] <johnw> such as transitivity
[Tue Mar 31 20:57:44 2015] <johnw> so, one hint is that you only need induction on l
[Tue Mar 31 21:04:21 2015] <ccomp> johnw: thanks
[Tue Mar 31 21:04:34 2015] <ccomp> yeah, I've been going at this from about 12 different angles.
[Tue Mar 31 21:04:44 2015] <ccomp> I should probably step back for a minute and think about what I'm doing
[Tue Mar 31 21:19:47 2015] <johnw> ccomp: https://gist.github.com/56d9aba91041ef480aab
[Tue Mar 31 21:20:33 2015] <johnw> the generalize dependent is key here
[Tue Mar 31 21:26:51 2015] <ccomp> johnw: thanks for that
[Tue Mar 31 22:02:09 2015] <ccomp> thanks again johnw, I got the rest of the proof done
[Tue Mar 31 22:08:53 2015] <johnw> great, though I'm not sure I helped with understanding _why_ that was the answer
[Tue Mar 31 22:11:04 2015] <ccomp> No problem - I'm looking into that myself. It's easier with Coq, being able to step through
[Tue Mar 31 22:11:13 2015] <ccomp> (than it is with something like a static language)
[Tue Mar 31 22:11:16 2015] <johnw> true
[Tue Mar 31 22:11:30 2015] <johnw> which is funny, because people usually criticize Coq proofs for being too opaque :)
[Tue Mar 31 22:17:32 2015] <ccomp> I could understand arguing opaqueness in terms of the actual lemmas used at times
[Tue Mar 31 22:18:06 2015] <ccomp> i.e. things like auto and intuition can do black magic that demands more faith in Coq than some people are willing to give
[Tue Mar 31 22:18:22 2015] <ccomp> but yeah, in terms of understanding proof techniques, I find it pretty clear
[Tue Mar 31 22:18:37 2015] <johnw> it shouldn't demand too much faith
[Tue Mar 31 22:18:46 2015] <johnw> there's the CiC and nothing else, if you don't use vm_compute
[Tue Mar 31 22:19:28 2015] <ccomp> hm, I don't know what either of those things mean. Where should I learn?
[Tue Mar 31 22:20:12 2015] <johnw> the Calculus of (Co)Inductive Constructions
[Tue Mar 31 22:20:19 2015] <johnw> is what every Coq term reduces down to
[Tue Mar 31 22:20:33 2015] <johnw> there's a chapter about it in the manual
[Tue Mar 31 22:22:05 2015] <ccomp> nice, thanks
[Tue Mar 31 22:22:23 2015] <johnw> it's the only thing you have to trust
[Wed Apr  1 08:56:11 2015] <benzrf> OMG
[Wed Apr  1 08:56:15 2015] <benzrf> IM READING THE HOTT BOOK
[Wed Apr  1 08:56:17 2015] <benzrf> ITS BLOWING MY FUCKING MIND
[Wed Apr  1 09:11:02 2015] <benzrf> i dont know any real homotopy
[Wed Apr  1 09:11:07 2015] <benzrf> buy
[Wed Apr  1 09:11:10 2015] <benzrf> *but
[Wed Apr  1 09:11:18 2015] <benzrf> from the little ive encountered
[Wed Apr  1 09:11:23 2015] <benzrf> and what this is talking about
[Wed Apr  1 09:11:24 2015] <benzrf> omg
[Wed Apr  1 09:11:42 2015] <benzrf> fuckin ∞-groupoids and cw complexes and stuff
[Wed Apr  1 09:11:47 2015] <benzrf> this is so goddamn cool
[Wed Apr  1 09:12:22 2015] <benzrf> johnw: i want to join you in this world of quotients
[Wed Apr  1 11:33:33 2015] <notdan> johnw: pingue!
[Wed Apr  1 11:52:40 2015] <johnw> benzrf::)
[Wed Apr  1 11:52:43 2015] <johnw> notdan: hi
[Wed Apr  1 12:38:04 2015] <notdan> johnw: I remember you were talking about a script for emacs, that helped you battle with some of the ProofGeneral weirdness
[Wed Apr  1 12:38:20 2015] <johnw> yes, it's called my .emacs ;)
[Wed Apr  1 12:38:31 2015] <johnw> https://github.com/jwiegley/dot-emacs
[Wed Apr  1 12:38:34 2015] <johnw> look for "coq"
[Wed Apr  1 12:38:35 2015] <notdan> johnw: in particular, I want to solve a problem when suddenly ProofGeneral decides to open another separate frame
[Wed Apr  1 12:38:44 2015] <johnw> yeah
[Wed Apr  1 12:38:51 2015] <johnw> also check the coq and pg settings in my settings.el
[Wed Apr  1 12:39:20 2015] <notdan> thanks
[Wed Apr  1 13:38:37 2015] <benzrf> what is Type False
[Wed Apr  1 13:38:41 2015] <benzrf> Void doesnt seem to exist
[Wed Apr  1 13:49:34 2015] <benzrf> ah, nvm
[Wed Apr  1 13:49:36 2015] <benzrf> btw
[Wed Apr  1 13:50:05 2015] <benzrf> is it possible to prove in coq that coconstant morphisms must come from an empty type
[Wed Apr  1 13:51:19 2015] <benzrf> im halfway into a proof and just realized that i think i need decidable equality for the codomain of the coconstant morphism
[Wed Apr  1 13:51:58 2015] <benzrf> because to get a contradiction from an inhabitant of the domain, i need to produce two allegedly equal functions that map the image of the inhabitant to true and false respectively
[Wed Apr  1 13:52:02 2015] <benzrf> but i cant do that w/o decidable equality
[Wed Apr  1 13:52:14 2015] <benzrf> have i misphrased or is coconstancy = initiality not provable in coq
[Wed Apr  1 13:53:56 2015] <benzrf> brb please respond while im gone :I
[Wed Apr  1 13:55:54 2015] <benzrf> er to be clear i mean coconstant /coq/ functions not morphisms in general
[Wed Apr  1 13:56:04 2015] <benzrf> right now i have
[Wed Apr  1 13:56:06 2015] <benzrf> Definition coconstant {A B} (f : A -> B) : Prop := forall R (g g' : B -> R), compose g f = compose g' f.
[Wed Apr  1 13:56:12 2015] <benzrf> Theorem coq_coconstant_initial : forall A, (exists B (f : A -> B), coconstant f) -> (A -> False).
[Wed Apr  1 13:56:17 2015] <benzrf> kk gone for real now. sorry for the spam
[Wed Apr  1 14:25:25 2015] <lpaste> relrod pasted “CPDT compile fail on 8.4pl5” at http://lpaste.net/129980
[Wed Apr  1 14:25:52 2015] <relrod> is this a known thing? Is there a workaround?
[Wed Apr  1 14:48:55 2015] <scott> relrod: the book only says it's tested with 8.4 and 8.4pl1. could be too new
[Wed Apr  1 14:49:38 2015] <relrod> scott: yeah. Works on a friend's box with p3, wondering if there was a regression somewhere.
[Wed Apr  1 17:24:25 2015] <benzrf> hmmm... wtf
[Wed Apr  1 17:24:30 2015] <benzrf> vec_idx
[Wed Apr  1 17:24:33 2015] <benzrf>     : vec ?513 ?514 -> forall i : nat, i < ?514 -> ?513
[Wed Apr  1 17:25:00 2015] <benzrf> but if i do Eval simpl in vec_idx vec_nil 10.
[Wed Apr  1 17:25:13 2015] <benzrf> it does not complain a bit; rather it produces a giant contradiction term
[Wed Apr  1 17:25:17 2015] <benzrf> what the heck?
[Wed Apr  1 17:30:53 2015] <scott> benzrf: what is the type of vec_nil? `vec A 0` for an implicit A: Type? then you would end up with something of type 10 < 0 -> A which is inhabited
[Wed Apr  1 17:31:29 2015] <scott> because you can't produce the necessary 10 < 0 proof to get your A, so it's fine
[Wed Apr  1 17:33:56 2015] <benzrf> oh
[Wed Apr  1 17:33:58 2015] <benzrf> dammit
[Wed Apr  1 17:34:01 2015] <benzrf> wait hold on
[Wed Apr  1 17:34:15 2015] <benzrf> im pretttty sure that the proof arg is implicit
[Wed Apr  1 17:34:34 2015] <benzrf> yeah look:
[Wed Apr  1 17:34:40 2015] <benzrf> Coq < Check vec_idx vec_nil 10.
[Wed Apr  1 17:34:42 2015] <benzrf> vec_idx vec_nil 10
[Wed Apr  1 17:34:44 2015] <benzrf>     : ?534
[Wed Apr  1 17:35:00 2015] <benzrf> and vec_nil
[Wed Apr  1 17:35:03 2015] <benzrf>     : vec ?536 0
[Wed Apr  1 17:40:23 2015] <scott> benzrf: I guess if you tried to use vec_idx vec_nil 10 it would then complain when it tried to resolve the implicit proof or something
[Wed Apr  1 17:40:27 2015] <scott> I'm not familiar with how implicits work
[Wed Apr  1 17:42:05 2015] <scott> Definition false: False := vec_idx vec_nil 10. ought not to work at any rate
[Wed Apr  1 17:42:30 2015] <scott> (modulo any Coq syntax errors I likely made)
[Wed Apr  1 17:48:45 2015] <benzrf> yep, Error: Cannot infer the implicit parameter e of vec_idx.
[Wed Apr  1 18:11:35 2015] <benzrf> th anks!
[Wed Apr  1 18:15:31 2015] <nkar`> could anyone answer the question in this gist? https://gist.github.com/nkaretnikov/0627697c7e2e6ad401c6
[Wed Apr  1 18:16:15 2015] <nkar`> is it because the hypothesis says that I know that both things hold?
[Wed Apr  1 18:17:25 2015] <nkar`> so, it's like having two separate hypotheses such that one of them can be applied, but a bit stronger, right?
[Wed Apr  1 18:18:17 2015] <benzrf> nkar`: i didnt know you could do that :-o
[Wed Apr  1 18:23:07 2015] <nkar`> benzrf: I think my interpretation is correct because I can do this: [inversion IHle as [F G].]
[Wed Apr  1 18:23:19 2015] <nkar`> which splits it apart
[Wed Apr  1 18:27:18 2015] <Cypi> apply is really more clever than just "apply an hypothesis" indeed. It can do basic tricks like splitting on and to get the correct one
[Wed Apr  1 18:27:44 2015] <nkar`> okay
[Wed Apr  1 18:27:55 2015] <Cypi> If you have [H : P <-> Q] and have to prove P, you can also do [apply H] to get Q as a goal, for example
[Wed Apr  1 18:28:41 2015] <nkar`> I usually unfold such things, is it a good practice?
[Wed Apr  1 18:28:54 2015] <nkar`> or do I need to force myself to think in high-level terms?
[Wed Apr  1 18:29:25 2015] <nkar`> right now, if I don't see the plumbing, I can't see how to transform a thing.
[Wed Apr  1 18:29:56 2015] <Cypi> Honestly, do it your way, you'll move by yourself to higher level tactics if you feel like it
[Wed Apr  1 18:30:26 2015] <nkar`> Cypi: could you suggest how to improve the prove in the gist, btw?
[Wed Apr  1 18:30:44 2015] <nkar`> I don't like the repetition in SSCases
[Wed Apr  1 18:31:02 2015] <nkar`> the only way to get rid of it that I can think of is to define a lemma
[Wed Apr  1 18:31:06 2015] <Cypi> Well. The way I would do it now: [eauto with arith]
[Wed Apr  1 18:31:09 2015] <nkar`> given the tactics I know
[Wed Apr  1 18:31:13 2015] <Cypi> But it might now be satisfying :p
[Wed Apr  1 18:31:19 2015] <Cypi> s/now/not
[Wed Apr  1 18:31:51 2015] <nkar`> oh, I'm not "allowed" to use anything advanced.
[Wed Apr  1 18:32:23 2015] <Cypi> I know, sorry :)
[Wed Apr  1 18:32:23 2015] <nkar`> I was asking about re-structuring the proof using the same tactics
[Wed Apr  1 18:32:53 2015] <nkar`> heh, please don't say sorry.  there's nothing to be sorry about :)
[Wed Apr  1 18:34:58 2015] <Cypi> Do you know about eapply or not?
[Wed Apr  1 18:35:26 2015] <Cypi> Also, I'm not sure which lemmas you're allowed to use.
[Wed Apr  1 18:36:12 2015] <nkar`> I don't know about eapply
[Wed Apr  1 18:36:41 2015] <nkar`> nevermind, then.
[Wed Apr  1 18:37:11 2015] <nkar`> I'll try on my own.
[Wed Apr  1 18:42:24 2015] <Cypi> http://lpaste.net/129989 >> this is a short proof, but I'm pretty sure it uses lemmas that you don't know about. To re-structure your proof...maybe you could prove some lemmas indeed, like [forall n1 n2, n1 < S (n1 + n2)]
[Wed Apr  1 18:42:42 2015] <Cypi> (but I guess that's what you were about to do ^^ )
[Wed Apr  1 18:44:40 2015] <nkar`> this is what I meant by using a lemma: https://gist.github.com/nkaretnikov/0627697c7e2e6ad401c6
[Wed Apr  1 18:45:03 2015] <nkar`> I just moved the identical parts out
[Wed Apr  1 18:45:25 2015] <Cypi> That's good I think :)
[Wed Apr  1 20:01:33 2015] <benzrf> 01:50:05 benzrf │ is it possible to prove in coq that coconstant morphisms must come from an empty type
[Wed Apr  1 20:01:44 2015] <benzrf> (morphisms in the Coq category, i mean)
[Wed Apr  1 22:19:41 2015] <benzrf> hey johnw are you around?
[Wed Apr  1 22:19:53 2015] <johnw> indeed
[Wed Apr  1 22:20:23 2015] <benzrf> hey
[Wed Apr  1 22:20:27 2015] <benzrf> On the other hand, consider the law of excluded middle :  “for all A , either A or not A .”  Inter- preting this in the pure propositions-as-types logic yields a statement that is inconsistent with the univalence axiom. For since proving “ A ” means exhibiting an element of it, this assumption would give a uniform way of selecting an element from every nonempty type — a sort of Hilber- tian choice
[Wed Apr  1 22:20:30 2015] <benzrf> operator. Univalence implies that the element of A selected by such a choice operator must be invariant under all self-equivalences of A , since these are identified with self-identities and every operation must respect identity; but clearly some types have automorphisms with no fixed points, e.g. we can swap the elements of a two-element type.
[Wed Apr  1 22:20:34 2015] <benzrf> i dont understand this .-.
[Wed Apr  1 22:20:57 2015] <johnw> keep reading, keep thinking
[Wed Apr  1 22:25:15 2015] <johnw> also, maybe draft the problem in pseudo-Coq
[Wed Apr  1 22:25:23 2015] <johnw> and see if you can identify the exact point where you'd run into this trouble
[Wed Apr  1 22:28:49 2015] <benzrf> oy
[Wed Apr  1 22:29:08 2015] <johnw> or just read on
[Wed Apr  1 22:29:14 2015] <johnw> it should get clearer as you go
[Wed Apr  1 22:29:36 2015] <benzrf> ahh wait i think i might see
[Wed Apr  1 22:29:40 2015] <benzrf> is it becaue
[Wed Apr  1 22:29:43 2015] <benzrf> *because
[Wed Apr  1 22:29:56 2015] <benzrf> any normal instance of an element of some A can be carried along a path
[Wed Apr  1 22:29:59 2015] <johnw> in Coq style Prop proofs, we don't care what the witness is; HoTT does care, and the witness must exhibit certain properties
[Wed Apr  1 22:30:00 2015] <benzrf> so it can respect it
[Wed Apr  1 22:30:16 2015] <benzrf> but for LEM, since there's no actual way to implement it, there's no way to show how it behaves wrt paths?
[Wed Apr  1 22:30:34 2015] <johnw> yeah, that's on the right track
[Wed Apr  1 22:30:39 2015] <benzrf> hmm wait though
[Wed Apr  1 22:30:47 2015] <benzrf> wouldnt that cause problems with extra axioms in general
[Wed Apr  1 22:31:27 2015] <johnw> yeah, in the same way that extracting an axiom from Coq into computationally relevant code will cause an assertion if you try to use the code that required that axiom
[Wed Apr  1 23:07:12 2015] <benzrf> hh-hhhhuh
[Wed Apr  1 23:07:21 2015] <benzrf> huh
[Wed Apr  1 23:07:23 2015] <benzrf> o_O
[Wed Apr  1 23:07:30 2015] <benzrf> johnw: so... hmm
[Wed Apr  1 23:07:46 2015] <benzrf> full types-as-props is not extensible?
[Wed Apr  1 23:12:30 2015] <benzrf> god dammit
[Wed Apr  1 23:12:51 2015] <benzrf> how do i destruct a member of a type that has a filled-in index
[Wed Apr  1 23:12:58 2015] <benzrf> like
[Wed Apr  1 23:13:03 2015] <benzrf> vec 3 nat
[Wed Apr  1 23:13:31 2015] <johnw> why does destruct not work?
[Wed Apr  1 23:14:25 2015] <benzrf> Error: Abstracting over the terms "n" and "y" leads to a term
[Wed Apr  1 23:14:28 2015] <benzrf> "fun (n : nat) (y : vec R n) =>
[Wed Apr  1 23:14:30 2015] <benzrf> forall x : eu n, tail3 (vec_add x y) = vec_add (tail3 x) (tail3 y)"
[Wed Apr  1 23:14:32 2015] <benzrf> which is ill-typed.
[Wed Apr  1 23:15:02 2015] <benzrf> perhaps the problem is that i am explicitly using x and y as 'eu 3'
[Wed Apr  1 23:15:04 2015] <johnw> ok, you need to give more context to your statement
[Wed Apr  1 23:15:12 2015] <johnw> show me the type, and the context
[Wed Apr  1 23:15:23 2015] <johnw> you're not *just* destructing a member of that type
[Wed Apr  1 23:15:27 2015] <johnw> there are other constraints in play
[Wed Apr  1 23:15:52 2015] <benzrf> http://benzrf.benzrf.com/imgs/2acde0.png
[Wed Apr  1 23:16:08 2015] <benzrf> ah crap port forwarding is broken
[Wed Apr  1 23:16:11 2015] <benzrf> 1 sec
[Wed Apr  1 23:16:34 2015] <benzrf> http://i.imgur.com/IsXcQ91.png
[Wed Apr  1 23:17:53 2015] <johnw> and you are destructing x or y I take it
[Wed Apr  1 23:18:43 2015] <benzrf> yeah
[Wed Apr  1 23:18:54 2015] <johnw> which one?
[Wed Apr  1 23:22:52 2015] <benzrf> either
[Wed Apr  1 23:22:57 2015] <benzrf> they both cause the same error
[Wed Apr  1 23:23:19 2015] <benzrf> well, with x and y swapped
[Wed Apr  1 23:24:33 2015] <johnw> which one do YOU want to destruct
[Wed Apr  1 23:26:00 2015] <benzrf> both really
[Wed Apr  1 23:26:13 2015] <benzrf> i am trying to prove that tail3 is linear
[Wed Apr  1 23:26:15 2015] <johnw> if x, try this: revert y; destruct x.
[Wed Apr  1 23:26:48 2015] <benzrf> that does not work
[Wed Apr  1 23:26:52 2015] <johnw> same error?
[Wed Apr  1 23:26:57 2015] <benzrf> yep
[Wed Apr  1 23:27:13 2015] <johnw> try this:
[Wed Apr  1 23:27:20 2015] <johnw> Require Import Coq.Program.Equality.
[Wed Apr  1 23:27:26 2015] <johnw> then, use: dependent destruction x.
[Wed Apr  1 23:27:47 2015] <benzrf> o_o
[Wed Apr  1 23:28:26 2015] <benzrf> it workd =D
[Wed Apr  1 23:28:27 2015] <benzrf> what's that?
[Wed Apr  1 23:28:38 2015] <johnw> well, it uses the JMEq axiom, unfortunately
[Wed Apr  1 23:28:44 2015] <johnw> which is harmless, but it's an axiom
[Wed Apr  1 23:28:53 2015] <benzrf> whats jmeq
[Wed Apr  1 23:28:56 2015] <johnw> I don't know the non-JMEq way to solve this
[Wed Apr  1 23:28:57 2015] <johnw> google it
[Wed Apr  1 23:29:53 2015] <benzrf> rip
[Wed Apr  1 23:30:03 2015] <benzrf> so it's heterogeneous/
[Wed Apr  1 23:30:35 2015] <benzrf> johnw: i assume this is another one of the things that's fixed in hott :p
[Wed Apr  1 23:30:55 2015] <copumpkin> conor has a new blog post on that
[Wed Apr  1 23:31:34 2015] <copumpkin> https://pigworker.wordpress.com/2015/04/01/warming-up-to-homotopy-type-theory/
[Wed Apr  1 23:32:57 2015] <johnw> nice!  thanks copumpkin
[Wed Apr  1 23:37:37 2015] <benzrf> coo
[Wed Apr  1 23:37:40 2015] <benzrf> l
[Wed Apr  1 23:53:48 2015] <benzrf> someday
[Wed Apr  1 23:53:59 2015] <benzrf> someday i will understand the words when conor mcbride talks
[Wed Apr  1 23:54:09 2015] <benzrf> someday i will go on nlab and read a page and understand it
[Wed Apr  1 23:54:16 2015] <benzrf> this, i believe
[Thu Apr  2 00:08:40 2015] <benzrf> night
[Thu Apr  2 03:21:50 2015] <chirpsalot> benzrf: Conor McBride has some pretty accessible talks. They had one on Agda(?) that was great!
[Thu Apr  2 03:22:25 2015] <chirpsalot> Conor does oodles of cool type theory stuff it seems.
[Thu Apr  2 09:12:30 2015] <benzrf> hmm
[Thu Apr  2 09:13:10 2015] <benzrf> there must be some way to invent a UI that lets you generate coqish formal proofs by reasoning using common notation
[Thu Apr  2 09:13:20 2015] <benzrf> ok that was phrased poorly
[Thu Apr  2 09:14:02 2015] <benzrf> but i mean like the way in semiformal math sequences are commonly indicated with some kind of [foo, bar...] and then people reason about them more straightforwardly w/ less induction
[Thu Apr  2 09:14:20 2015] <benzrf> i dunno
[Thu Apr  2 09:14:35 2015] <benzrf> er, the elipses is what i was talking about, in case that was unclear
[Thu Apr  2 11:36:47 2015] <joshcough> can anyone answer a beginner question? i saw a proof that destructed a variable (m) before it was introduced. does destruct m implicitly intro m?
[Thu Apr  2 11:37:09 2015] <lolisa> yes, it has the same effect
[Thu Apr  2 11:37:25 2015] <joshcough> thank you lolisa.
[Thu Apr  2 11:37:28 2015] <lolisa> but, if there is another variable before n, it will be intros.
[Thu Apr  2 11:38:02 2015] <joshcough> ah ok. so if you have variables x y z and you destruct z, all three will be introd
[Thu Apr  2 11:38:05 2015] <lolisa> Some time, you don't want that because you need to do induction. Use generalize dependent to unput it to the goal
[Thu Apr  2 11:38:11 2015] <lolisa> Yep.
[Thu Apr  2 11:38:38 2015] <joshcough> thanks. im just working through the SF chapter where they introduce generalize dependent. not quite there yet though.
[Thu Apr  2 11:39:12 2015] <lolisa> I have a few solution on it on github.com/lolisa/Coq_code :) feel free to take a look
[Thu Apr  2 11:39:49 2015] <joshcough> thanks. i have been trying not to take peeks, but plus_n_n_injective definitely tripped me up.
[Thu Apr  2 11:40:18 2015] <lolisa> try omega :) It will probably solve the equation
[Thu Apr  2 11:40:45 2015] <joshcough> so i looked and found a solution where they delayed introducing the hypothesis until after destructing m, and, im still not sure i totally grasp that.
[Thu Apr  2 11:40:56 2015] <joshcough> not going to use omega. :) i need to understand this stuff.
[Thu Apr  2 11:41:14 2015] <lolisa> A general tip is, try to put as much stuff into the goal before you do induction, so your hypothesis will be more powerful.
[Thu Apr  2 11:41:46 2015] <joshcough> by put do you mean 'keep'?
[Thu Apr  2 11:41:59 2015] <lolisa> :) of course I am kidding about omega.
[Thu Apr  2 11:42:02 2015] <lolisa> Nope.
[Thu Apr  2 11:42:06 2015] <joshcough> by that i mean, doesn't everthing start in the goal?
[Thu Apr  2 11:42:26 2015] <lolisa> Yes, but you can put thing back in the goal.
[Thu Apr  2 11:42:47 2015] <joshcough> ah. ok. so you literally mean put it back with GD
[Thu Apr  2 11:42:52 2015] <lolisa> Basically, intros is reversible by generalize dependent, so you don't need to worry about not introing all the time
[Thu Apr  2 11:43:51 2015] <lolisa> But if keeping it is a option, use it :) generalize dependent is a lot of finger work, and it is unnecessary some time
[Thu Apr  2 11:44:54 2015] <joshcough> ok. it will take some practice to get used to that, im sure.
[Thu Apr  2 11:47:07 2015] <joshcough> anyway, thank you lolisa. this was definitely helpful.
[Thu Apr  2 11:47:47 2015] <lolisa> follow me on github than DAZE =w=
[Thu Apr  2 11:48:21 2015] <lolisa> BTW I have quora account marisa kirisame, If you have more problem you can always PM me :)
[Thu Apr  2 11:49:04 2015] <joshcough> ok thank you, very nice of you.
[Fri Apr  3 04:30:05 2015] <Haskellfant> I'm new to coq and I'm using it with proof general. however I have the problem that if I put my cursor after "Qed." and press C-c C-<RET> the goal doesn't disappear. Only after pressing that three times it disappears. Manually going through each step with C-c C-n works fine. (sorry if this is the wrong channel for that kind of question, I didn't find one for proof general)
[Fri Apr  3 05:35:28 2015] <Haskellfant> interestingly that seem to only happen if I first eval the theorem and then the proof. If I do both at the same time C-c C-RET works fine
[Fri Apr  3 08:49:45 2015] <jstolarek> is there any difference in Coq between: a) putting some definitions in module A and then importing them into module B and
[Fri Apr  3 08:50:05 2015] <jstolarek> copy-pasting definitions from module A intpo module B instead of importing?
[Fri Apr  3 08:52:43 2015] <jstolarek> ok, I'll put it differently, because I just verified that there IS a difference between the two
[Fri Apr  3 08:52:49 2015] <jstolarek> and now the question is why?
[Fri Apr  3 11:46:09 2015] <jgross> Haskellfant: that's just the display not updating.  It's nothing to worry about. 
[Fri Apr  3 11:48:05 2015] <jgross> jstolarek: copy/paste is like an [Include], rather than an [Import] or [Export].  You are probably looking for [Export].  There are three things you might want to do with names in module [A]: you may want to make them available without having to type [A.] before each (this is [Import]), you may want to make them available without having to type [A.] before each to both this module, and any module that imports this one ([Export]), or you may want
[Fri Apr  3 11:48:05 2015] <jgross> to give them new names, replacing [A.] with [B.] ([Include]) 
[Fri Apr  3 14:34:09 2015] <ccomp> I'm having a little trouble figuring out {how to,whether I can} prove a Fixpoint's guardedness manually. It's non-trivial, but it's definitely correct and making it more obvious seriously complicates the entire program
[Fri Apr  3 14:37:10 2015] <jrw> ccomp: yes you can do that. sometimes it's called "general recursion" if you're trying to google for it. there are several different approaches with different trade-offs. I would recommend looking at the [Program] facility first.
[Fri Apr  3 14:37:13 2015] <ccomp> I just found page 401 of the manual, which seems relevant
[Fri Apr  3 14:37:33 2015] <jrw> also if you can say a bit more what you're trying to do, people may be able to make suggestions
[Fri Apr  3 14:38:07 2015] <ccomp> I'm trying to represent a simple virtual machine's state in a record. It can only step forward, so it reduces on the list of remaining instructions with each eval step
[Fri Apr  3 14:45:00 2015] <jrw> ccomp: and the instr list is one of the fields of the record?
[Fri Apr  3 14:45:11 2015] <ccomp> jrw: yeah
[Fri Apr  3 14:45:14 2015] <jrw> I see
[Fri Apr  3 15:12:04 2015] <Haskellfant> jgross: ok thanks
[Fri Apr  3 16:25:03 2015] <yhvh`> so I've been playing with http://stackoverflow.com/a/24827255/3945 (simple graph theory), but I've been stuck trying to define degree, halp?
[Fri Apr  3 16:28:11 2015] <yhvh`> I keep on trying to find the cardinality of a Type, which I think is impossible?
[Fri Apr  3 16:28:24 2015] <vanila> yes
[Fri Apr  3 16:29:18 2015] <vanila> how about implement a graph as a list of nodes and a list of edges
[Fri Apr  3 16:29:33 2015] <vanila> then you can compute degree
[Fri Apr  3 16:30:08 2015] <yhvh`> Yes I should've mentioned I have an implementation of degree where I use sets/lists for verticies/edges
[Fri Apr  3 16:30:10 2015] <vanila> (given decidable equality on node names)
[Fri Apr  3 18:33:28 2015] <nkar`> is there a way to print a theorem as it was stated and proved rather than a sequence of lambdas?
[Fri Apr  3 19:02:09 2015] <benzrf> nkar`: i wanna say that coq throws that info away
[Fri Apr  3 19:02:29 2015] <benzrf> nkar`: like asking for the expression that generated a value, in haskell
[Fri Apr  3 19:02:45 2015] <benzrf> im might be worng, idk
[Fri Apr  3 21:20:32 2015] <johnw> nkar`: it doesn't record the tactics used
[Sat Apr  4 01:42:12 2015] <nkar`> johnw, benzrf: thanks!
[Sat Apr  4 03:13:42 2015] <nkar``> could anyone answer the question in this gist? https://gist.github.com/nkaretnikov/2619738cbb12dca66a4a
[Sat Apr  4 03:15:04 2015] <nkar``> that is, why is it possible to apply [H : ble_nat 0 (S m') = true] to this goal: [ble_nat 0 m' = true]?  is it because forall (n : nat), 0 <= n?
[Sat Apr  4 03:35:14 2015] <Cypi> nkar`` : I don't have the definition of ble_nat, but I guess reflexivity would be enough to conclude?
[Sat Apr  4 03:35:31 2015] <Cypi> apply does do a little bit more than applying ^^
[Sat Apr  4 03:50:07 2015] <nkar``> Cypi: you're right
[Sat Apr  4 03:50:15 2015] <nkar``> thanks!
[Sun Apr  5 02:16:20 2015] <lolisa> How can I add LoadPath in Coq by changing coqc command?
[Sun Apr  5 02:26:06 2015] <lolisa> -I. I get it.
[Sun Apr  5 02:26:40 2015] <lolisa> But I am having trouble with trying to define the Cat category. It tell me that universe is inconsistent. What can I do?
[Sun Apr  5 02:26:49 2015] <lolisa> The term "Category" has type "Type@{max(Category.2+1, Category.3+1)}"
[Sun Apr  5 02:26:50 2015] <lolisa> while it is expected to have type "Type@{Category.2}".
[Sun Apr  5 02:28:55 2015] <lolisa> It turn out I need polymorphism in both CatCategory and Category. Fix it.
[Sun Apr  5 04:28:05 2015] <lolisa> Hi everyone, are there any documentation stating the new features in Coq 8.5 beside the changelog?
[Sun Apr  5 04:29:21 2015] <Cale> there's https://coq.inria.fr/coq-85
[Sun Apr  5 04:30:23 2015] <lolisa> Yes, that's where I get the source and build coq from...
[Sun Apr  5 04:30:36 2015] <Cale> It gives a list of major new things there
[Sun Apr  5 04:30:41 2015] <Cale> I'm not sure what you're looking for :)
[Sun Apr  5 04:31:07 2015] <lolisa> I'm more of looking of a guide with example stating how Coq 8.5 will change our live
[Sun Apr  5 04:33:05 2015] <lolisa> For example Bjarne Stroustrup made a PPT showing how features of C++11 give benefit of programmer... In short I am looking for https://coq.inria.fr/distrib/V8.5beta1/CHANGES with bunch of examples...
[Sun Apr  5 04:43:57 2015] <higos> i <3 coq
[Sun Apr  5 04:43:58 2015] <higos> ty
[Sun Apr  5 04:44:05 2015] <higos> france
[Sun Apr  5 10:22:44 2015] <lolisa> Hi guys, I'd read the CHANGES and I wonder, if I wanted to do an introduction to coq 8.5, how many will be interested? :)
[Sun Apr  5 13:55:23 2015] <zdorovo> hello. I'm using coqide and I'd like it to show a list of all the theorems I've proved so far. Is this something coqide can do?
[Sun Apr  5 20:43:56 2015] <lolisa> BTW are there log on here?
[Sun Apr  5 22:22:49 2015] <benzrf> i log
[Sun Apr  5 22:23:03 2015] <benzrf> lolisa: ^
[Sun Apr  5 22:23:41 2015] <lolisa> Where is i log? Do you just mean you keep the log on your laptop?
[Sun Apr  5 22:24:51 2015] <lolisa> I think it'd be great if we setup something like botbot.me, but I am not the op...
[Sun Apr  5 23:27:55 2015] <kba> I find the documentation very hard to understand. Can somebody briefly explain the inversion and discriminate tactics?
[Sun Apr  5 23:28:51 2015] <lolisa> discriminate prove the goal if there is a a = b hypothesis, where a and b has different constructor
[Sun Apr  5 23:29:11 2015] <kba> What do you mean different constructor?
[Sun Apr  5 23:29:17 2015] <lolisa> inversion... it sort of do the inverse of constructor tactic
[Sun Apr  5 23:29:26 2015] <lolisa> constructor in Algebraic Data Type
[Sun Apr  5 23:29:34 2015] <kba> I don't think I know what a constructor is
[Sun Apr  5 23:29:35 2015] <lolisa> like S is a constructor and O is a constructor
[Sun Apr  5 23:29:40 2015] <kba> Okay
[Sun Apr  5 23:30:08 2015] <lolisa> So in short, discriminate will prove anything if there exists a equality that is obviolusly false, like true = false, O = S n
[Sun Apr  5 23:30:20 2015] <kba> Ah, right. That's what I thought
[Sun Apr  5 23:30:37 2015] <kba> I've just seen "exact" used as well
[Sun Apr  5 23:30:52 2015] <kba> In a proof I just did, I ended up with: `H_more_absurd_left : False` as an assumption
[Sun Apr  5 23:31:00 2015] <kba> then did `exact H_more_absurd_left.`
[Sun Apr  5 23:31:09 2015] <kba> I suppose it would have been nicer to use discriminate?
[Sun Apr  5 23:31:34 2015] <lolisa> I don't know... But I think discriminate only work on equality
[Sun Apr  5 23:32:32 2015] <kba> Oh wait, no, that was inversion I saw worked
[Sun Apr  5 23:32:35 2015] <johnw> kba: you could also have done 'contradiction'
[Sun Apr  5 23:32:37 2015] <kba>   inversion H_more_absurd_left.
[Sun Apr  5 23:32:39 2015] <kba> finishes my goal
[Sun Apr  5 23:33:06 2015] <kba> lolisa: if I go a step back, I have `H_more_absurd_left : e = S e`.
[Sun Apr  5 23:33:20 2015] <kba> That is an equality with different constructors, right?
[Sun Apr  5 23:33:25 2015] <johnw> not quite
[Sun Apr  5 23:33:29 2015] <johnw> e is not a constructor
[Sun Apr  5 23:33:29 2015] <lolisa> what is e?
[Sun Apr  5 23:33:35 2015] <lolisa> if e is a constructor, yes.
[Sun Apr  5 23:33:42 2015] <johnw> inversion solves that goal because it discovers that there are no possible goals remaining
[Sun Apr  5 23:33:43 2015] <lolisa> if e is an unknown stuff, no.
[Sun Apr  5 23:33:51 2015] <kba> It's not, it's a natural number
[Sun Apr  5 23:33:55 2015] <johnw> oh, right, constructors can be lower case in Coq
[Sun Apr  5 23:34:08 2015] <lolisa> than it is not a constructor.
[Sun Apr  5 23:34:22 2015] <kba> I still don't understand exactly what a constructor is, other than O and S, as you said
[Sun Apr  5 23:34:58 2015] <kba> But couldn't I use discriminate in my case, then?
[Sun Apr  5 23:35:00 2015] <kba> Somehow?
[Sun Apr  5 23:35:05 2015] <kba> Or should I just use `exact`?
[Sun Apr  5 23:35:15 2015] <lolisa> constructor is what you define when you define an "Inductive"
[Sun Apr  5 23:35:32 2015] <kba> Okay
[Sun Apr  5 23:35:44 2015] <lolisa> When you define Inductive x, you state how you can get values of x, that's a constructor
[Sun Apr  5 23:39:49 2015] <kba> So when you say 'different constructor' you just mean they aren't 'constructed the same way' in the type and are therefore not equal?
[Sun Apr  5 23:39:59 2015] <lolisa> Yes.
[Sun Apr  5 23:40:05 2015] <kba> the constructor for "e" and "S e" won't be equal then
[Sun Apr  5 23:40:09 2015] <kba> since e is a natural number
[Sun Apr  5 23:40:38 2015] <lolisa> Because when you do match x with ..., x is split into a few constructor. different constructor are inherently different
[Sun Apr  5 23:40:45 2015] <lolisa> e is not a constructor.
[Sun Apr  5 23:41:09 2015] <kba> isn't e just a wrapper for (S (S ... (S O) ... ))
[Sun Apr  5 23:41:15 2015] <lolisa> a natural number is a variable, not a constructor. You cannot match O, but you can match e.
[Sun Apr  5 23:41:25 2015] <kba> hm
[Sun Apr  5 23:41:40 2015] <lolisa> Do you know e is O or S _ without looking at e = S e?
[Sun Apr  5 23:42:09 2015] <kba> I just know that e is a natural number
[Sun Apr  5 23:42:21 2015] <kba> so I know that e is O surrounded by some number of S's
[Sun Apr  5 23:42:47 2015] <lolisa> Yes, but if the number is 0 it isn't surronded by any at all
[Sun Apr  5 23:42:58 2015] <kba> but O is a constructor, too, you said
[Sun Apr  5 23:44:24 2015] <lolisa> Yes, but we don't know e is O or S.
[Sun Apr  5 23:44:49 2015] <kba> We still know they have different constructors, no?
[Sun Apr  5 23:44:50 2015] <lolisa> The rule of thumb of determining a constructor is to just print it's type and see what it has to construct it.
[Sun Apr  5 23:45:11 2015] <kba> "Print nat."?
[Sun Apr  5 23:45:13 2015] <lolisa> Yes, but discriminate don't.
[Sun Apr  5 23:45:16 2015] <lolisa> Yes.
[Sun Apr  5 23:45:32 2015] <lolisa> It give you S and O, and that's the only two constructor of nat. No more.
[Sun Apr  5 23:46:14 2015] <kba> So is it because we could only do this if e = 0?
[Sun Apr  5 23:46:21 2015] <kba> Because (S (S 0)) isn't a constructor?
[Sun Apr  5 23:46:24 2015] <kba> Or what do you mean?
[Sun Apr  5 23:46:33 2015] <kba> It has to be the "base types", not a combination of many S's?
[Sun Apr  5 23:46:51 2015] <kba> becuase if e = 0, then it would say O = S O. And then we could discriminate?
[Sun Apr  5 23:47:03 2015] <lolisa> Then we can discriminate.
[Sun Apr  5 23:47:20 2015] <kba> Hm, ok. I get it
[Sun Apr  5 23:47:25 2015] <lolisa> S (S 0) is a constructor.
[Sun Apr  5 23:47:35 2015] <kba> Wait.
[Sun Apr  5 23:47:43 2015] <kba> But then wh isn't (S e)?
[Sun Apr  5 23:47:52 2015] <kba> e is just a series of (S (S 0))
[Sun Apr  5 23:48:02 2015] <kba> and all of those would be constructors, too
[Sun Apr  5 23:48:05 2015] <lolisa> because we don't know the exact of e.
[Sun Apr  5 23:48:16 2015] <kba> So we can't know if e = S e?
[Sun Apr  5 23:48:23 2015] <kba> is it because it doesn't see the relation between S e and e?
[Sun Apr  5 23:48:34 2015] <kba> Could it be saying "x = S y"?
[Sun Apr  5 23:48:40 2015] <kba> and it would have the same understanding? Is that the problem?
[Sun Apr  5 23:48:53 2015] <kba> It doesn't realize that obviously: e != S e
[Sun Apr  5 23:48:59 2015] <lolisa> Wait... I think S (S O) isn't one... I mess it up
[Sun Apr  5 23:49:22 2015] <kba> okay
[Sun Apr  5 23:49:24 2015] <kba> Either way, I get the idea
[Sun Apr  5 23:49:44 2015] <kba> So what about inversion?
[Sun Apr  5 23:50:24 2015] <kba> If you don't mind explaining that, too? ;)
[Sun Apr  5 23:50:24 2015] <lolisa> I don't really know how it exactly work. I just use it and get the hang of it.
[Sun Apr  5 23:50:40 2015] <lolisa> Sorry:)
[Sun Apr  5 23:50:51 2015] <kba> So how do you use it?
[Sun Apr  5 23:50:59 2015] <kba> I don't need a deep understanding, I just don't have any idea how it works
[Sun Apr  5 23:51:32 2015] <kba> I'm amazed that some people can actually get good at this language with the documentation as it is
[Sun Apr  5 23:51:39 2015] <kba> https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#sec435 this tells me absoluetly nothing
[Sun Apr  5 23:52:01 2015] <lolisa> Well... Go look at Coq Art then, I learn all of it from Coq Art...
[Sun Apr  5 23:52:40 2015] <kba> http://www.labri.fr/perso/casteran/CoqArt/ This one?
[Sun Apr  5 23:53:29 2015] <kba> Oh it's a book
[Sun Apr  5 23:53:42 2015] <kba> My eyes are bleeding
[Sun Apr  5 23:54:08 2015] <lolisa> Yes.
[Sun Apr  5 23:54:16 2015] <lolisa> SoftwareFoundation is also Good.
[Sun Apr  5 23:54:17 2015] <jgross> http://www-verimag.imag.fr/~monin/Proof/SmallInvScalesUp/paper.pdf <- description of a way to write an inversion tactic, roughly 
[Sun Apr  5 23:54:41 2015] <lolisa> If you believe you are a genius or maschoist, try Certificated Programming with Dependent Type
[Sun Apr  5 23:56:02 2015] <kba> thanks both, I'll have a look at http://www.cis.upenn.edu/~bcpierce/sf/current/MoreCoq.html#lab162 for starters
[Mon Apr  6 01:34:27 2015] <kba> When does associativity of append make sense? I mean app_assoc exists and https://cseweb.ucsd.edu/groups/tatami/kumo/exs/list/page1.html also makes it a thing?
[Mon Apr  6 01:34:30 2015] <kba> Why is it a thing?
[Mon Apr  6 01:34:39 2015] <kba> There is no operator between list elements per say
[Mon Apr  6 01:35:27 2015] <kba> It's not like multiplication or something where two elements operator or another. Or... They do, but they just turn into a new list with the two same elements
[Mon Apr  6 01:35:38 2015] <kba> I don't know what kind of answer I'm expecting to this question, admittedly
[Mon Apr  6 01:36:02 2015] <kba> It just seems odd to talk about associativity list append at all
[Mon Apr  6 06:46:55 2015] <xeno> hi, I tried to install Coq on Yosemite - the homebrew version of Coq did not include CoqIde - so I installed through the .dmg, and it doesn't work...
[Mon Apr  6 06:47:44 2015] <xeno> ah, now I got it working...
[Mon Apr  6 06:55:06 2015] <xeno> so, I'm gonna start simple - and prove some properties of eulers graph theorems... are there some relevant proofs I can look at?
[Mon Apr  6 06:55:26 2015] <xeno> I need to define the graph type, the edge type, odd/even, and do quite a bit of induction...
[Mon Apr  6 07:22:17 2015] <Choups314> Hi, what is the best way to represent a set a objects ? (a set of vectors for example)
[Mon Apr  6 07:22:26 2015] <Choups314> (a finite set)
[Mon Apr  6 07:23:36 2015] <Choups314> Mathematically, it would be a cartesian product (E * E ... * E), but I don't know if it possible to define such product in coq (i.e. more that ?
[Mon Apr  6 07:23:50 2015] <Choups314> (i.e. more than a couple)*
[Mon Apr  6 07:43:23 2015] <irishsultan> kba: you care because list append is a monoid operator
[Mon Apr  6 07:43:24 2015] <irishsultan> http://fsharpforfunandprofit.com/posts/monoids-without-tears/
[Mon Apr  6 08:05:20 2015] <lolisa> Choups314, sets are in std lib
[Mon Apr  6 08:05:32 2015] <lolisa> Just look them up (I don't know much
[Mon Apr  6 08:06:37 2015] <Choups314> In fact, I don't know what is the best : use a type [nat->E] (like a sequence) and an hypothesis that states this sequence has a finite number of objects, or either a list of object [list E] ...
[Mon Apr  6 08:07:47 2015] <lolisa> Either assume there's difference in ordering and didn't say any thing about repeat elements.
[Mon Apr  6 12:42:22 2015] <benzrf> i UNDERSTAND
[Mon Apr  6 12:44:40 2015] <johnw> what do you understand benzerf?
[Mon Apr  6 14:06:46 2015] <benzrf> johnw: i do not know that i have been pingd if u misspell :(
[Mon Apr  6 14:07:24 2015] <benzrf> johnw: and that was a mis-send; i meant for ##math (i understoood that möbius strips are fiber bunndles)
[Tue Apr  7 09:37:29 2015] <notdan> How can I specify a type universe in my code?
[Tue Apr  7 09:38:28 2015] <benzrf> notdan: hmm interesting
[Tue Apr  7 09:38:34 2015] <benzrf> there'd need to be a special syntax for it wouldnt there
[Tue Apr  7 09:45:22 2015] <notdan> Yeah. There is a special syntax for printing, but I cannot find special syntax for the input
[Tue Apr  7 09:46:15 2015] <notdan> On a semi-related note, I have a question about a piece of code that I have. http://lpaste.net/4986409841850318848
[Tue Apr  7 09:46:43 2015] <notdan> Am I correct to say that [Fin n] has exactly n (canonical) elements?
[Tue Apr  7 09:47:00 2015] <notdan> And also: why won't [fmax] or [fmax'] typecheck?
[Tue Apr  7 09:47:17 2015] <notdan> I guess I need some sort of theorem to say that (Fin n+1) = Unit + Fin n
[Tue Apr  7 11:12:43 2015] <notdan> uh I think I know what is the problem
[Tue Apr  7 11:17:20 2015] <johnw> notdan: you cannot give a specific universe index
[Tue Apr  7 16:01:27 2015] <kba> What is the difference between a Set and a Type?
[Tue Apr  7 16:07:11 2015] <benzrf> kba: universes, i think
[Tue Apr  7 16:07:26 2015] <alkabetz> How comfortable are you with the universe hierarchy?
[Tue Apr  7 16:07:52 2015] <benzrf> hmm
[Tue Apr  7 16:08:02 2015] <benzrf> a function from a value to its type couldnt have a valid type, right?
[Tue Apr  7 16:08:32 2015] <Cypi> You mean a function that takes any value and return its type?
[Tue Apr  7 16:08:37 2015] <benzrf> yeah
[Tue Apr  7 16:08:53 2015] <ianjneu> that's a notion put forth by "dynamically typed languages"
[Tue Apr  7 16:09:07 2015] <ianjneu> a "type" in the type theory sense is only static.
[Tue Apr  7 16:09:19 2015] <ianjneu> there is no run time representation of a type.
[Tue Apr  7 16:09:41 2015] <Cypi> [Definition f {X : Type} (x : X) : Type := X.]
[Tue Apr  7 16:09:43 2015] <Cypi> There you go :-°
[Tue Apr  7 16:11:09 2015] <ianjneu> Okay, sure. An uninspectable thing. I'm talking more like Inductive Type_representation : Type := pi_type : blah | inductive_type : blah ...
[Tue Apr  7 16:48:30 2015] <kba> benzrf: what is a universe?
[Tue Apr  7 16:48:57 2015] <kba> alkabetz: I don't know what universes are in this sense
[Tue Apr  7 16:50:15 2015] <benzrf> kba: type of types kinda
[Tue Apr  7 16:50:25 2015] <benzrf> kba: the problem is that if there exists a term T such that T : T
[Tue Apr  7 16:50:32 2015] <benzrf> then you have paradoxes oh boy
[Tue Apr  7 16:50:42 2015] <benzrf> so coq, at least, uses infinite regress
[Tue Apr  7 16:51:09 2015] <benzrf> if you use `Check Type.' it may /claim/ that `Type : Type', but the 2nd `Type' is actually not the same as the first
[Tue Apr  7 16:51:17 2015] <benzrf> it's a universe higher
[Tue Apr  7 16:51:25 2015] <benzrf> then the type of THAT `Type' is one higher
[Tue Apr  7 16:51:26 2015] <benzrf> etc
[Tue Apr  7 16:51:42 2015] <benzrf> you can turn on explicit printing of which universe an occurence of `Type' means
[Tue Apr  7 16:52:01 2015] <kba> So it should say Type : SuperType, but it says Type : Type.
[Tue Apr  7 16:52:10 2015] <benzrf> well
[Tue Apr  7 16:52:14 2015] <kba> But what about Set, then? Set says 'Set : Type'. Should that be 'Set : SuperType', too?
[Tue Apr  7 16:52:18 2015] <benzrf> then it'd be SuperType : SuperSuperType
[Tue Apr  7 16:52:22 2015] <kba> or is a Set in fact a subset of Type?
[Tue Apr  7 16:52:24 2015] <benzrf> kba: no! if i recall correctly
[Tue Apr  7 16:52:29 2015] <Cypi> Set is like the lowest Type
[Tue Apr  7 16:52:32 2015] <benzrf> kba: you mean an inhabitant?
[Tue Apr  7 16:52:46 2015] <kba> I'm wondering if Sets are a subset of Types
[Tue Apr  7 16:52:49 2015] <RchrdB> 1 : nat,  nat : Set,  Set : Type,  Type : Type1,  Type1 : Type2, ...?
[Tue Apr  7 16:52:53 2015] <Cypi> Types are stratified, liek benzrf said. So you have Type.1 : Type.2, then Type.2 : Type.3 and so on
[Tue Apr  7 16:52:58 2015] <Cypi> and Set = Type.0
[Tue Apr  7 16:52:58 2015] <benzrf> Coq < Set Printing Universes.
[Tue Apr  7 16:53:02 2015] <benzrf> Coq < Check Type.
[Tue Apr  7 16:53:04 2015] <benzrf> Type (* Top.1 *)
[Tue Apr  7 16:53:06 2015] <benzrf>     : Type (* (Top.1)+1 *)
[Tue Apr  7 16:53:08 2015] <benzrf>  Coq < Check Set.
[Tue Apr  7 16:53:10 2015] <benzrf> Set
[Tue Apr  7 16:53:12 2015] <benzrf>     : Type (* (Set)+1 *)
[Tue Apr  7 16:53:26 2015] <benzrf> RchrdB: yeah
[Tue Apr  7 16:54:53 2015] <kba> Okay, I'll be a bit more concrete... I wrote a definition of a monoid which takes a type. Now I've gotten some feedback and I'm being told that according to the literature I'm using, that's talking about monoids as sets
[Tue Apr  7 16:54:58 2015] <kba> but I'm representing them as types
[Tue Apr  7 16:55:02 2015] <kba> and I'm being asked to justify that
[Tue Apr  7 16:55:28 2015] <kba> and, well, I don't know how this talk about universes is helping me here.
[Tue Apr  7 16:55:36 2015] <kba> I still don't know the relation between sets and types
[Tue Apr  7 16:56:54 2015] <kba> For instance, I'm using nat somewhere as a type
[Tue Apr  7 16:57:01 2015] <kba> But when I do "Check nat.", it says "nat : Set"
[Tue Apr  7 16:57:16 2015] <Cypi> Set is basically the same as Type.0
[Tue Apr  7 16:57:22 2015] <kba> What does Type.0 mean?
[Tue Apr  7 16:57:37 2015] <kba> Is that the "first" Type?
[Tue Apr  7 16:57:58 2015] <kba> If so, that would mean when I write "(T : Type)" in my definition, that is actually a Set?
[Tue Apr  7 16:58:57 2015] <kba> Okay, so Set : Type.
[Tue Apr  7 17:00:49 2015] <Cypi> So. In Coq, there are universes.
[Tue Apr  7 17:01:02 2015] <Cypi> These universes are Prop and Type.n for any natural number n
[Tue Apr  7 17:01:10 2015] <Cypi> Let put Prop aside for now
[Tue Apr  7 17:01:32 2015] <Cypi> We have the property that Type.n is of type Type.(n+1)
[Tue Apr  7 17:01:53 2015] <Cypi> and also that if (t : Type.n), then (t : Type.m) for any m ≥ n
[Tue Apr  7 17:02:03 2015] <Cypi> Now, Set is just Type.0
[Tue Apr  7 17:02:40 2015] <kba> Right, so like inheritance in OO programming languages
[Tue Apr  7 17:02:45 2015] <Cypi> When you write (T : Type) in your definition, the type-checker will actually build something like (T : Type.n)
[Tue Apr  7 17:02:56 2015] <Cypi> where n is some unspecified natural number
[Tue Apr  7 17:04:11 2015] <Cypi> Now, for your original question. The first one, you were talking about Set and Type, which are Coq universes. In the second one, you were talking about sets and types, which can be mathematical or computer science word. Which are you asking about?
[Tue Apr  7 17:04:27 2015] <kba> But how can Set be Type.0? If nat is a type of Set
[Tue Apr  7 17:04:49 2015] <kba> Then if Set = Type.n and nat = Type.m, n >= m
[Tue Apr  7 17:04:50 2015] <Cypi> I didn't say that all types were either Prop or Type.n
[Tue Apr  7 17:05:06 2015] <kba> but if nat is a set, and set is a Type, then nat should be a Type, too
[Tue Apr  7 17:05:20 2015] <Cypi> You don't have nat = Type.m for any m
[Tue Apr  7 17:05:29 2015] <kba> Hm, ok
[Tue Apr  7 17:05:39 2015] <kba> Why not? Does this universe thing only apply to Type and Set?
[Tue Apr  7 17:07:34 2015] <Cypi> Prop, Type and Set are the kinds of Coq. That is, "the types of types"
[Tue Apr  7 17:07:58 2015] <johnw> you could say that Set and Prop are at level 0, and Type[n] is at level n+1, only you only see the 'n' if you enable Set Printing Universes
[Tue Apr  7 17:08:11 2015] <johnw> (universe levels, that is)
[Tue Apr  7 17:35:18 2015] <benzrf> is it possible to get from `n <= m' to `S n <= S m' w/o using induction or a lemma.
[Tue Apr  7 17:35:53 2015] <johnw> you mean, in the goal?
[Tue Apr  7 17:38:25 2015] <vanila> it has to be done using induction
[Tue Apr  7 17:38:43 2015] <benzrf> vanila: thought so
[Tue Apr  7 17:38:46 2015] <benzrf> ok!
[Tue Apr  7 17:38:52 2015] <vanila> the le data type only has a constructor for base case and n <= m -> n <= S m
[Tue Apr  7 17:38:58 2015] <benzrf> yeah
[Tue Apr  7 18:02:08 2015] <nkar`> is there a way to define a structure similar to a haskell record such that some fields of the record must satisfy certain properties?  for example, given a record (using Haskell syntax) data Foo = Foo { one :: (String, Double), two :: (String, Double), three :: (String, Double) }, I want to make sure that the 'Double' in 'three' is always the sum of 'Double's in 'one' and 'two'.  is it possible?
[Tue Apr  7 18:03:10 2015] <vanila> Inductive Foo : Set := Foo : forall (one : Double) (two : Double) (three : Double), one + two = three -> Foo
[Tue Apr  7 18:03:39 2015] <nkar`> vanila: note that I also want to store a string
[Tue Apr  7 18:03:58 2015] <nkar`> vanila: would it be something like snd one + snd two = snd three -> Foo
[Tue Apr  7 18:03:59 2015] <nkar`> ?
[Tue Apr  7 18:04:08 2015] <vanila> yeah
[Tue Apr  7 18:07:22 2015] <nkar`> vanila: is it possible to "lift" string values to the type level, so I don't need to pass them when constructing 'Foo'?  for example, in pseudocode, data Foo = Foo { one :: ("one", Double), two :: ("two", Double), three :: ("three, Double) }?
[Tue Apr  7 18:07:44 2015] <xeno> hi, http://pastebin.com/EHPqfFp5 - in Proof General, I get "Wrong type argument: characterp, \," - how do I find out what's wrong?
[Tue Apr  7 18:07:48 2015] <xeno> I'm pretty new to Coq
[Tue Apr  7 18:07:49 2015] <vanila> im not sure what you mean to do with that
[Tue Apr  7 18:07:50 2015] <nkar`> forgot the quote, but that's not the point
[Tue Apr  7 18:08:41 2015] <nkar`> vanila: I want to make sure that the string value is never changed, but I still need it for documentation purposes, and for pretty-printing later
[Tue Apr  7 18:09:52 2015] <nkar`> vanila: does my explanation help, or do I need to rephrase?
[Tue Apr  7 18:11:40 2015] <vanila> i don't know how to do that
[Tue Apr  7 18:11:55 2015] <nkar`> vanila: in haskell, I could do it with a smart-constructor that sets the right string values, which is exposed instead of 'Foo', but that's not what I want
[Tue Apr  7 18:14:19 2015] <vanila> I'm getting "Error: Cannot find library CpdtTactics in loadpath" when I run make in cpdt/
[Tue Apr  7 18:16:30 2015] <vanila> Added 'Add LoadPath "src".' to DepList.v
[Tue Apr  7 18:17:25 2015] <nkar`> vanila: thanks for your help
[Tue Apr  7 18:21:15 2015] <vanila> hm
[Tue Apr  7 18:21:26 2015] <vanila> xeno, I was able to load your whole file, it gives 42 as the result
[Tue Apr  7 18:21:36 2015] <vanila> in proof general inside emacs
[Tue Apr  7 18:21:43 2015] <xeno> vanila: in proof general? how do you run it?
[Tue Apr  7 18:21:47 2015] <vanila> I'm not sure what's wrong...
[Tue Apr  7 18:22:12 2015] <vanila> if I just click "Use" to load the whole file
[Tue Apr  7 18:22:14 2015] <xeno> vanila: I did "use buffer", and "next step" - both gave the same error
[Tue Apr  7 18:22:23 2015] <nkar`> vanila: what's the coq equivalent of the Double type?
[Tue Apr  7 18:22:39 2015] <vanila> maybe you have a broken version of proof general - you could try to get the version from the site maybe
[Tue Apr  7 18:22:51 2015] <xeno> vanila: I got it from the site
[Tue Apr  7 18:22:58 2015] <xeno> vanila: it's on OS X
[Tue Apr  7 18:23:02 2015] <vanila> sorry im a bit out of ideas then
[Tue Apr  7 18:23:31 2015] <xeno> I guess I'll just go for CoqIDE then - unless there are other viable options?
[Tue Apr  7 18:23:54 2015] <nkar`> you could try coqtop
[Tue Apr  7 18:24:03 2015] <nkar`> but an ide/editor is much better
[Tue Apr  7 18:24:34 2015] <xeno> I'll check if the eclipse support works
[Tue Apr  7 18:25:07 2015] <vanila> "characterp" sounds like elisp
[Tue Apr  7 18:25:26 2015] <vanila> do you have other emacs modes that might be interacting with proof general?
[Tue Apr  7 18:25:47 2015] <vanila> hmm this could be a problem with mac
[Tue Apr  7 18:25:55 2015] <vanila> http://proofgeneral.inf.ed.ac.uk/trac/ticket/496
[Tue Apr  7 18:26:13 2015] <vanila> you could try to disable show-paren-mode? random guess
[Tue Apr  7 18:26:23 2015] <nkar`> xeno: I'd suggest commenting out stuff in your .emacs and see if it'd make a difference
[Tue Apr  7 18:26:54 2015] <nkar`> yeah, I had some problems with show-paren-mode too
[Tue Apr  7 18:26:59 2015] <nkar`> but the error was different, iirc
[Tue Apr  7 18:28:04 2015] <xeno> I run it through coqtop, and then it works fine
[Tue Apr  7 18:29:29 2015] <nkar`> well, re-read what vanila said
[Tue Apr  7 18:29:47 2015] <nkar`> it's something with your emacs configuration
[Tue Apr  7 18:29:53 2015] <nkar`> probably with show-paren-mode
[Tue Apr  7 18:30:01 2015] <xeno> vanila: not really, it's just a plain freshly installed emacs
[Tue Apr  7 18:30:25 2015] <xeno> my .emacs has only 2 statements, both coq-related
[Tue Apr  7 18:30:45 2015] <vanila> hopefully someone who uses mac can give some input
[Tue Apr  7 18:30:48 2015] <nkar`> for example, I had these settings in .emacs: (show-paren-mode 1) (setq show-paren-delay 0), which caused this error: Error running timer `show-paren-function': (wrong-type-argument characterp nil)
[Tue Apr  7 18:30:48 2015] <nkar`>  
[Tue Apr  7 18:31:14 2015] <nkar`> vanila: could you please answer my question regarding the Double type?
[Tue Apr  7 18:31:20 2015] <vanila> no
[Tue Apr  7 18:31:28 2015] <nkar`> you don't know the answer?
[Tue Apr  7 18:31:32 2015] <vanila> yes
[Tue Apr  7 18:31:44 2015] <nkar`> unfortunate
[Tue Apr  7 18:34:19 2015] <xeno> vanila: show-paren-mode was nil, tried to set it to 1 to check if it changed anything, but it didn't...
[Tue Apr  7 19:45:22 2015] <nkar`> vanila: how do I need to change the inductive def'n, so the examples typechecks?  [Inductive Foo : Prop := foo : forall (one : nat) (two : nat) (three : nat), one + two = three -> Foo. Example foo_1_2_3 : foo 1 2 3.]
[Tue Apr  7 19:45:44 2015] <vanila> you need to pass in a proof of one + two = three
[Tue Apr  7 19:45:56 2015] <vanila>  foo 1 2 3 (eq_refl _).  should work i think
[Tue Apr  7 19:46:22 2015] <nkar`> it doesn
[Tue Apr  7 19:46:24 2015] <nkar`> 't
[Tue Apr  7 19:47:46 2015] <Cypi> (foo 1 2 3) is already a value whose type is not Prop/Set/Type, so you can't declare something of type (foo 1 2 3).
[Tue Apr  7 19:48:09 2015] <Cypi> What you can do is declare something of type Foo [Example foo_1_2_3 : Foo.]
[Tue Apr  7 19:48:29 2015] <Cypi> and say that it should be (foo 1 2 3 eq_refl) : [exact (foo 1 2 3 eq_refl).]
[Tue Apr  7 19:50:10 2015] <nkar`> Cypi: can I change the definition such that I could write the example as was shown previously?
[Tue Apr  7 19:52:11 2015] <Cypi> Yes: [Inductive foo (one two three : nat) : Prop := | bar : one + two = three -> foo one two three.]
[Tue Apr  7 19:55:31 2015] <nkar`> it doesn't work, does it?
[Tue Apr  7 19:55:40 2015] <Cypi> It does?
[Tue Apr  7 19:55:40 2015] <nkar`> Example foo_1_2_3 : bar 1 2 3. doesn't typecheck
[Tue Apr  7 19:56:05 2015] <Cypi> You said "as was shown"
[Tue Apr  7 19:56:17 2015] <lpaste> Cypi pasted “No title” at http://lpaste.net/130323
[Tue Apr  7 19:56:18 2015] <nkar`> ah, I meant as was shown (by me)
[Tue Apr  7 19:56:34 2015] <Cypi> Well, yes. What you've shown was "foo 1 2 3" :p
[Tue Apr  7 19:56:54 2015] <nkar`> ah
[Tue Apr  7 19:56:57 2015] <nkar`> hahaha
[Tue Apr  7 19:57:07 2015] <Cypi> You cannot use a constructor of an inductive as a type
[Tue Apr  7 19:57:08 2015] <nkar`> well, that's what I wanted.
[Tue Apr  7 19:57:11 2015] <nkar`> right right
[Tue Apr  7 19:57:34 2015] <nkar`> I just mixed them up in my mind for some reason
[Tue Apr  7 19:57:38 2015] <Cypi> Ok :)
[Tue Apr  7 19:57:41 2015] <nkar`> not enough practice!
[Tue Apr  7 19:58:15 2015] <nkar`> Cypi: does constructor just "unpack" the constructor?
[Tue Apr  7 19:58:30 2015] <Cypi> constructor tries to apply every constructor in order
[Tue Apr  7 19:59:02 2015] <Cypi> in this case there is only one, so it's really just like [apply bar]
[Tue Apr  7 19:59:06 2015] <nkar`> right
[Tue Apr  7 19:59:12 2015] <nkar`> just tried it and it work
[Tue Apr  7 20:00:50 2015] <nkar`> Cypi: on #idris, someone suggested to represent fixed precision using integers.  can I define custom notation such that 10.2 gets translated to 1020 : nat?
[Tue Apr  7 20:01:24 2015] <vanila> why do you want to work with doubles?
[Tue Apr  7 20:01:37 2015] <nkar`> I don't want to work with double any more
[Tue Apr  7 20:01:44 2015] <nkar`> I realized I need fixed precision
[Tue Apr  7 20:03:32 2015] <Cypi> I don't think you can do that easily (as in, just by using Notation), sorry. But I may be wrong, I don't know much about notations :)
[Tue Apr  7 20:05:20 2015] <nkar`> anyway, I don't think I'm going to do it in coq.  in this case, there isn't much gain but a lot of overhead
[Tue Apr  7 20:05:32 2015] <vanila> do what?
[Tue Apr  7 20:05:50 2015] <nkar`> write my program
[Tue Apr  7 20:06:05 2015] <vanila> :/
[Wed Apr  8 07:32:11 2015] <Cypi> http://lpaste.net/130341 >> anyone knows how I could prove this?
[Wed Apr  8 07:32:42 2015] <Cypi> Problem is that I have rewriting rules about a function, but I cannot use them to rewrite the type of a variable in the hypotheses, because said variable is used in the conclusion.
[Wed Apr  8 07:35:01 2015] <lolisa> Assertion work sometimes... I don't know why
[Wed Apr  8 07:35:18 2015] <Cypi> What should I assert?
[Wed Apr  8 07:35:52 2015] <Cypi> Oh, by the way, in this case I could do [exfalso] and then it's easy, but my actual case is more complicated, so please don't do that :D
[Wed Apr  8 07:36:10 2015] <lolisa> assert false.
[Wed Apr  8 07:37:19 2015] <lolisa> Give out your full thing then... I don't know how to state what to do explicitly, I only get the hang of it.
[Wed Apr  8 07:37:55 2015] <lolisa> And sorry about exfalso... Never heard about it
[Wed Apr  8 07:41:41 2015] <Cypi> Giving the full thing is difficult... exfalso is basically just [elimtype False]
[Wed Apr  8 07:43:48 2015] <Cypi> (so in a way it's the same as using [assert False], as you suggested)
[Wed Apr  8 07:44:54 2015] <lolisa> I don't know how to describe the procedure, but I usually juggle it using JMeq, f_equal, eq_trans... It always reach using those...
[Wed Apr  8 07:45:41 2015] <Cypi> Ah, good idea, I'll try using some JMeq
[Wed Apr  8 07:47:08 2015] <lolisa> also, abstraction with sig and sigT sometimes help...
[Wed Apr  8 07:47:19 2015] <lolisa> Good luck :)
[Wed Apr  8 07:47:46 2015] <Cypi> Thanks
[Wed Apr  8 09:04:10 2015] <vanila> hi
[Wed Apr  8 09:04:39 2015] <vanila> http://research.microsoft.com/en-us/um/people/akenn/coq/jartypedsyntax.pdf
[Wed Apr  8 09:04:46 2015] <vanila> im unable to load the code from this paper into coq
[Wed Apr  8 09:05:24 2015] <vanila> http://research.microsoft.com/en-us/um/people/akenn/coq/simplytyped.v.txt
[Wed Apr  8 09:06:18 2015] <vanila> http://lpaste.net/130343 this where it gets stuck, and the proof state
[Wed Apr  8 09:09:42 2015] <vanila> any ideas how to patch this up?
[Wed Apr  8 09:11:50 2015] <Eldar> Can someone help to type check the following function - https://gist.github.com/eldargab/fa7b60dda8db83966054 (currently yields impossible to unify "?9" with "?9")
[Wed Apr  8 09:18:59 2015] <vanila> yeah
[Wed Apr  8 09:23:27 2015] <vanila> its tricky..
[Wed Apr  8 09:23:48 2015] <Eldar> What is tricky?
[Wed Apr  8 09:25:31 2015] <vanila> the thing you asked
[Wed Apr  8 09:28:05 2015] <vanila> bah
[Wed Apr  8 09:28:13 2015] <vanila> i was struggling with convoy pattern stuff but it wasn't needed
[Wed Apr  8 09:28:22 2015] <vanila> http://lpaste.net/130344
[Wed Apr  8 09:28:38 2015] <vanila> was making things harder than they needed to be
[Wed Apr  8 09:29:12 2015] <irishsultan> vanilla: what version of coq are you using?
[Wed Apr  8 09:29:27 2015] <vanila> latest
[Wed Apr  8 09:29:46 2015] <irishsultan> In 8.4p5 the only thing I had to do to make it work was rewriting "Rewrites refl_equal"
[Wed Apr  8 09:29:56 2015] <irishsultan> to "Rewrites idtac"
[Wed Apr  8 09:30:22 2015] <Eldar> Indeed works. Thanks!
[Wed Apr  8 09:30:44 2015] <vanila> where do I put that?
[Wed Apr  8 09:31:22 2015] <vanila> oh that desn't seem to be a probem that's coming up when I try to load it
[Wed Apr  8 09:31:44 2015] <irishsultan> and it didn't get stuck where it got stuck for you
[Wed Apr  8 09:32:23 2015] <vanila> I think they've changed something in the theory about universe levels thats blocking it
[Wed Apr  8 09:36:10 2015] <irishsultan> at least now you know for certain that it worked in some version of Coq
[Wed Apr  8 09:36:18 2015] <irishsultan> and that they weren't making the stuff up
[Wed Apr  8 09:36:23 2015] <vanila> thanks
[Wed Apr  8 09:39:48 2015] <irishsultan> what that dependent destruction is supposed to do is say e = e0
[Wed Apr  8 09:40:00 2015] <irishsultan> and then it replaces all occurrences of e with e0
[Wed Apr  8 09:40:16 2015] <vanila> yeah i've managed to reduce that to this testcase http://lpaste.net/130345
[Wed Apr  8 09:40:24 2015] <vanila> gives me the same universe level problem
[Wed Apr  8 09:45:11 2015] <vanila> disappointing :[
[Wed Apr  8 09:49:17 2015] <lolisa> Try coq8.5?
[Wed Apr  8 09:49:27 2015] <lolisa> in 85, less universe problem.
[Wed Apr  8 09:50:01 2015] <lolisa> For example, id id is OK, and so is my definition of CatCategory, the category of category
[Wed Apr  8 09:50:03 2015] <vanila> well i have the trunk from github
[Wed Apr  8 09:50:12 2015] <lolisa> But beware, a lot of bug.
[Wed Apr  8 09:50:32 2015] <lolisa> I think 8.5 is on coq.inria.fr= =
[Wed Apr  8 09:51:58 2015] <lolisa> Anyway, so ironic that a tool to write bug free program has so much bug on it... You decide. A workaround maybe to write the same thing twice, "building" your own universe, in this way, no problem of universe in 8.4 too, but it is going to look ugly as hell.
[Wed Apr  8 09:53:12 2015] <vanila> haha yeah
[Wed Apr  8 09:53:24 2015] <vanila> it's a bit annoying that they keep changing subtle things to make existing proofs brea
[Wed Apr  8 09:53:26 2015] <vanila> break
[Wed Apr  8 09:55:47 2015] <lolisa> I am ok on this... I rather have them not behave like C++, trying to have 100% compatibility. C++ could look 10 time more beautiful if they dare to make breaking changes.
[Wed Apr  8 09:56:25 2015] <vanila> I just get fed up having to delete _'s and add them in pattern matches
[Wed Apr  8 09:57:11 2015] <lolisa> This also bug me :) so annoying
[Wed Apr  8 11:10:06 2015] <ptrz> why is this evaluating to false? Theorem cons_not_nil : forall A (x:A) (l:list A), (x :: l) <> [].
[Wed Apr  8 11:10:44 2015] <ptrz> specifically, its telling me that the subgoal [x] <> [] is false
[Wed Apr  8 11:16:19 2015] <alkabetz> What do you mean by ‘evaluating to false’?  (Can you paste your work?)
[Wed Apr  8 11:20:34 2015] <ptrz> alkabetz: yeah, that probably wasn't the best way of phrasing it. All I did was make a theorem out of that and run either intuition or destruct l then intuition.
[Wed Apr  8 11:22:45 2015] <alkabetz> Ah, that’s because Coq is converting [(x :: l) <> []] to [~(x :: l) = []], which it in turn simplifies to [x :: l = [] -> False].
[Wed Apr  8 11:23:28 2015] <alkabetz> Basically, Coq is telling you to do proof by contradiction: it’s assuming [x :: l = []] and telling you to find a contradiction (i.e., a proof of [False]).
[Wed Apr  8 11:24:12 2015] <lolisa> discriminate. will get stuff done.
[Wed Apr  8 11:28:10 2015] <ptrz> alkabetz: oh, okay. I didn't know that that was an intuition tactic. Thanks.
[Wed Apr  8 11:29:10 2015] <alkabetz> ptrz: [intuition] does a lot of stuff; converting goals like that is just one of its behaviours.
[Wed Apr  8 11:38:29 2015] <ptrz> I hate to ask, but I've been staring at this for way too long. What am I doing wrong? http://pastebin.ubuntu.com/10774054/
[Wed Apr  8 11:38:54 2015] <ptrz> it seems like I'm missing a parameter to exist, but I can't tell what. I've been reading this: http://adam.chlipala.net/cpdt/html/Subset.html
[Wed Apr  8 11:46:40 2015] <ptrz> (that should run in an IDE as-is)
[Wed Apr  8 11:47:38 2015] <vanila> check the type of exist
[Wed Apr  8 11:47:46 2015] <vanila> you might need to add more underscores
[Wed Apr  8 11:47:53 2015] <vanila> (exist _ _ (a :: rest) cons_not_nil)
[Wed Apr  8 11:47:55 2015] <vanila> (exist _ (a :: rest) _ cons_not_nil)
[Wed Apr  8 11:47:57 2015] <vanila> (exist _ (a :: rest) _ cons_not_nil _)
[Wed Apr  8 11:47:58 2015] <vanila> just try anything
[Wed Apr  8 11:48:03 2015] <lolisa> The constructor exist (in type sig) expects 3 arguments. Clear enough?
[Wed Apr  8 11:48:13 2015] <vanila> oh, or less!
[Wed Apr  8 11:48:16 2015] <vanila> (exist (a :: rest) cons_not_nil)  maybe
[Wed Apr  8 11:49:01 2015] <lolisa> _ l' _ is what you'r lookin for
[Wed Apr  8 11:49:09 2015] <ptrz> vanila: that always seems like the most sensible option, but it gives me "The term "a :: rest" has type "list instr" while it is expected to have type "?35 -> Prop"."
[Wed Apr  8 11:49:51 2015] <ptrz> lolisa: it says it can't infer a second placeholder
[Wed Apr  8 11:50:45 2015] <lolisa> "  match l with    exist _ l' _ => " this? Just checking, this is fine on my Coq
[Wed Apr  8 11:50:54 2015] <ptrz> Yeah, from looking at the "Print sig." output, I'd think that it would take the type implicitly, and then just the list and the prop
[Wed Apr  8 11:51:41 2015] <ptrz> lolisa: doesn't work for me... I'm on the current version in CoqIDE
[Wed Apr  8 11:52:13 2015] <lolisa> I'm on 8.5= =
[Wed Apr  8 11:52:39 2015] <ptrz> ah
[Wed Apr  8 11:53:05 2015] <lolisa> Wait, why don't you do ` l?
[Wed Apr  8 11:53:19 2015] <ptrz> yeah, 8.4pl5 here
[Wed Apr  8 11:53:39 2015] <ptrz> what exactly do you mean by that?
[Wed Apr  8 11:53:57 2015] <lolisa> Require Import Program.
[Wed Apr  8 11:54:10 2015] <lolisa>       match skipn n (` l) with
[Wed Apr  8 11:54:51 2015] <lolisa> basically this take the value out of exists for you. std lib function.
[Wed Apr  8 11:55:41 2015] <ptrz> ah thanks, I had no idea that that was a thing
[Wed Apr  8 11:55:48 2015] <ptrz> As I think is apparent, I'm pretty new to Coq
[Wed Apr  8 11:55:51 2015] <ptrz> :{P
[Wed Apr  8 11:55:53 2015] <ptrz> * :P
[Wed Apr  8 11:55:54 2015] <lolisa> BTW there are something the same for dependent pair {_&_} too, I forgot the name, but Search will give it out.
[Wed Apr  8 11:56:26 2015] <ptrz> hm yeah. I still haven't solved the core problem here.
[Wed Apr  8 11:56:29 2015] <lolisa> :-P going pretty fast, I think it took me 3 month to get where you are because I don't know FP before...
[Wed Apr  8 11:56:32 2015] <ptrz> how to construct this thing
[Wed Apr  8 11:56:50 2015] <lolisa> Some (exist _ (a :: rest) (cons_not_nil _ a rest))
[Wed Apr  8 11:57:21 2015] <ptrz> Awesome! Worked! Thanks so much
[Wed Apr  8 11:57:23 2015] <lolisa> Don't expect too much from type inference engine, when it fail do stuff yourself.
[Wed Apr  8 11:57:38 2015] <ptrz> By the way, how do I figure out what the inferred values there are?
[Wed Apr  8 11:57:41 2015] <ptrz> in the future
[Wed Apr  8 11:58:01 2015] <lolisa> If it is an error, read the error.
[Wed Apr  8 11:58:07 2015] <lolisa> If it pass, Print it.
[Wed Apr  8 11:58:38 2015] <lolisa> If both case fail, do @function, this disable implicit argument so will make things more straight.
[Wed Apr  8 11:59:07 2015] <ptrz> I see. Thanks.
[Wed Apr  8 11:59:23 2015] <lolisa> Have a github account? Let's follow each other
[Wed Apr  8 12:10:48 2015] <ptrz> lolisa: I do - username plsql
[Wed Apr  8 12:10:58 2015] <ptrz> let me know yours
[Wed Apr  8 12:13:07 2015] <lolisa> lolisa :)
[Wed Apr  8 13:44:16 2015] <ptrz> I have a subset type representing non-empty lists. I'm trying to write a head function that returns A instead of option A, because there has to be a head. However, matching doesn't work because Coq doesn't recognize the proof and considers the pattern matching non-exhaustive. What should I do?
[Wed Apr  8 13:45:21 2015] <ptrz> I just found this: http://www.di.ubi.pt/~desousa/2011-2012/ComFia/coq_lesson2.pdf
[Wed Apr  8 14:12:16 2015] <jrw> ptrz: https://gist.github.com/wilcoxjay/7793370578da8154472b
[Wed Apr  8 14:12:21 2015] <jrw> there is one way to do it
[Wed Apr  8 15:57:31 2015] <ptrz> what exactly is the distinction between something like l <> [] and a Prop? I'm sometimes getting one distinguished from the other with no discernable pattern
[Wed Apr  8 15:57:57 2015] <ptrz> as in, I'll take an arg (p:l <> []) and have it sometimes be only a l <> [] and sometimes only a Prop
[Wed Apr  8 15:58:42 2015] <alkabetz> ptrz: Prop is the type of [l <> []].
[Wed Apr  8 15:59:15 2015] <alkabetz> An argument [p : l <> []] is a proof that [l] is nonempty.
[Wed Apr  8 15:59:47 2015] <ptrz> alkabetz: I see. Why is Coq letting me use l <> [] as an arg type, then?
[Wed Apr  8 16:00:15 2015] <alkabetz> ptrz: [l <> []] is the type of proofs that [l] is nonempty.
[Wed Apr  8 16:02:22 2015] <ptrz> alkabetz: Right. I guess my confusion stems from the fact that when I take an arg (p:l <> []) and try to use it as the left-hand side of a -> implies lemma, Coq gives me an error telling me it needs a Prop.
[Wed Apr  8 16:02:43 2015] <alkabetz> ptrz: Can you paste an example?
[Wed Apr  8 16:03:50 2015] <ptrz> Lemma impl_subset : forall (l:list instr) (p:l <> []),
[Wed Apr  8 16:03:52 2015] <ptrz>   p -> length l = length (` (exist _ l p)).
[Wed Apr  8 16:04:53 2015] <alkabetz> ptrz: What’s that backtick for?  I’ve never seen that syntax.
[Wed Apr  8 16:06:46 2015] <ptrz> alkabetz: It's from the Program module in the std lib - it just takes the core value out of a subset type
[Wed Apr  8 16:07:52 2015] <ptrz> like like proj1_sig, iirc
[Wed Apr  8 16:08:00 2015] <ptrz> might actually be a notation synonym
[Wed Apr  8 16:09:35 2015] <alkabetz> ptrz: Looking, hang on.
[Wed Apr  8 16:13:24 2015] <alkabetz> ptrz: Can you say in English what you’re trying to prove?
[Wed Apr  8 16:16:03 2015] <ptrz> that the length of any non-empty list is equal to the length of that list "packed" into the subset type and then "unpacked" from it
[Wed Apr  8 16:16:16 2015] <ptrz> pretty much just a lemma to help prove a larger theorem
[Wed Apr  8 16:17:05 2015] <ptrz> I think I'm going to completely reconsider my approach, though
[Wed Apr  8 16:17:09 2015] <ptrz> I also have to leave
[Wed Apr  8 16:17:14 2015] <ptrz> I appreciate the help, though
[Wed Apr  8 16:17:20 2015] <alkabetz> Not a problem.  Good luck!
[Wed Apr  8 22:18:05 2015] <ptrz> Is there any way to tell Coq that because the function its recursive call arg is wrapped in is a Fixpoint, that it must be a Fixpoint? e.g. if f (x:A) is fixpoint, then g (y:A) is a fixpoint if its recursive call is g (f y), directly or indirectly
[Wed Apr  8 22:39:48 2015] <ptrz> see my attempts at prog_eval here, if you're interested: https://github.com/plsql/Verified-BPF/blob/master/Analysis.v
[Wed Apr  8 23:33:33 2015] <kba> can anybody give a simple explanation of how cofix works? I've tried to read http://www.labri.fr/perso/casteran/RecTutorial.pdf and http://adam.chlipala.net/cpdt/html/Coinductive.html, but it's very confusing
[Wed Apr  8 23:33:53 2015] <kba> using cofix, I can make "infinite proofs", but I'm not exactly sure what that means
[Wed Apr  8 23:34:17 2015] <kba> and when I use cofix, they give me the thing I'm trying to prove as an assumption, but I can't use that assumption, because it's guarded
[Wed Apr  8 23:34:27 2015] <kba> and I'm not exactly sure what guardedness is at all
[Wed Apr  8 23:36:22 2015] <ptrz> kba: I think guardedness relates to fixpoints, no?
[Wed Apr  8 23:36:34 2015] <ptrz> it's the quality that defines something as a fixpoint, iirc
[Wed Apr  8 23:36:37 2015] <kba> cofixpoints
[Wed Apr  8 23:36:42 2015] <ptrz> this is very related to my last question :P
[Wed Apr  8 23:37:10 2015] <ptrz> anyway, it seems that maybe this library lets you write mutually recursive functions?
[Wed Apr  8 23:37:24 2015] <ptrz> that are recognized as fixpoints
[Wed Apr  8 23:37:26 2015] <ptrz> not sure
[Wed Apr  8 23:37:32 2015] <kba> No, co-induction allows induction on infinite structures
[Wed Apr  8 23:37:32 2015] <ptrz> I need to go, anyway
[Wed Apr  8 23:37:53 2015] <ptrz> I see.
[Wed Apr  8 23:38:02 2015] <ptrz> I wish I had more to share
[Wed Apr  8 23:53:42 2015] <Ptival> no, co-induction does not allow induction
[Wed Apr  8 23:58:18 2015] <benzrf> hmm
[Wed Apr  8 23:58:31 2015] <benzrf> is it possible to model coq in coq?
[Wed Apr  8 23:58:33 2015] <benzrf> and if not why not
[Thu Apr  9 00:01:46 2015] <Ptival> there is a paper called Coq in Coq that might enlighten you
[Mon Jul 13 13:16:33 2015] <schoppenhauer> hello. is there a default implementation of diffarrays for coq?
[Tue Jul 14 09:45:57 2015] <hcp_archonn> does anyone else have strange issues when using both Proof General and Paredit?
[Tue Jul 14 09:48:20 2015] <hcp_archonn> like, if you do C-left or C-right,  which are forward barfing and slurping (paredit jargon...) it doesn't work as it should on parenthesis, and it seems to act weird in the presence of the "end" keyword
[Tue Jul 14 10:19:21 2015] <johnw> doesn't paredit only work for Lisp-like languages?
[Tue Jul 14 10:23:00 2015] <hcp_archonn> johnw: not sure about when paredit should work or not, i'm very much new to emacs, but Gallina does use its fair share of parens and it'd be nice to have paredit-like functionality for editing it
[Tue Jul 14 10:42:02 2015] <hcp_archonn> johnw: hey, followup on paredit with proof general - just installed smartparens after searching around, seems to work so far. if you ever catch another newb confused by this on irc, tell them to try out smartparens
[Tue Jul 14 10:45:43 2015] <johnw> hcp_archonn: thanks
[Tue Jul 14 13:18:41 2015] <alkabetz> I have an assumption [f x] and a goal [f y].  What tactic do I use to replace my goal with [x = y]?
[Tue Jul 14 13:20:26 2015] <alkabetz> I guess I can do [(replace y with x by omega); auto].  Is there a cleaner way?
[Tue Jul 14 13:21:52 2015] <Cypi> I think it's fine
[Tue Jul 14 13:22:06 2015] <Cypi> You can replace [auto] by just [assumption] to make sure it does not do too much or something
[Tue Jul 14 14:09:04 2015] <jrw> alkabetz: I sometimes use a tactic like this: https://gist.github.com/wilcoxjay/7d38b42f60218b7e5685
[Tue Jul 14 14:09:34 2015] <jrw> as far as I know there's no built in way to do it, and it's annoying to generalize it to multiple arguments.
[Tue Jul 14 14:44:16 2015] <schoppenhauer> hi. hm. what part of the coq source code contains the structure of proofs?
[Tue Jul 14 14:56:18 2015] <schoppenhauer> hm. probably kernel/constr.v
[Wed Jul 15 08:58:47 2015] <schoppenhauer> is there a priority queue structure in coq?
[Wed Jul 15 10:29:39 2015] <irishsultan> Something like this? https://github.com/jbapple/priority-queues
[Wed Jul 15 10:29:46 2015] <irishsultan> Never used it BTW
[Wed Jul 15 16:13:00 2015] <SrPx> (Cross posting form #haskell-blah) I have a conceptual question about optimal reduction. I've read in a few papers that if a term has a type on elementary affine logic, then you can use the abstract algorithm to normalize that term without need for the oracle/bookkeeping. In order to decide what rule to apply to duplicators you just have to check its "level"...
[Wed Jul 15 16:13:07 2015] <SrPx> The problem is I read it again and again and I don't know what the author means by level... does anyone know or know someone who knows?
[Wed Jul 15 16:17:06 2015] <johnw> SrPx: Do you have a reference to the use of the term?
[Wed Jul 15 16:20:26 2015] <SrPx> pardon?
[Wed Jul 15 16:28:14 2015] <SrPx> * wonders why papers are made purposely so hard to read :(
[Wed Jul 15 16:34:24 2015] <johnw> i mean, I'm not seeing what you're seeing, so I have no idea
[Wed Jul 15 16:42:10 2015] <SrPx> Ahhh... nevermind. I understand it. Labels, not levels. I remember having that explained on the book. Thanks :)
[Wed Jul 15 16:42:29 2015] <SrPx> This was the paper I was talking about: "Optimizing Optimal Reduction: A Type Inference Algorithm for Elementary Affine Logic"
[Wed Jul 15 23:40:30 2015] <benzrf> can u prove LEM from functional-relation-to-function
[Wed Jul 15 23:40:36 2015] <benzrf> they seem about equally nonconstructive >w>
[Thu Jul 16 00:24:43 2015] <jgross> benzrf: Consdier the types [unit] and [P + ~P] for some [P], and the relation [R : unit -> (P + ~P) -> Prop] defined by [R := fun _ _ => True].  Does this example answer your question?  (What, precisely, is the definition of a functional relation?) 
[Thu Jul 16 00:25:16 2015] <benzrf> hmmmmm
[Thu Jul 16 00:26:53 2015] <benzrf> i guess... forall (a : A) (x y : B), R a x -> R a y -> x = y
[Thu Jul 16 00:28:29 2015] <benzrf> oh and i guess you gotta have it cover the whole domain... but then... the proof itself will be a function
[Thu Jul 16 00:28:34 2015] <benzrf> blugh
[Thu Jul 16 05:34:37 2015] <xeno> anyone of you using mac?
[Thu Jul 16 05:35:01 2015] <xeno> I'm trying to get proof general and/or CoqIDE to work with the homebrew installation of coq, and failing
[Thu Jul 16 07:23:40 2015] <xeno> For software foundations, program equivalence, Exercise: 4 stars, advanced, optional (optimize_0plus) <- when it says "extend to handle variables", does it mean that I have to track constants through variables, and eliminate them where the variables are used?
[Thu Jul 16 23:50:15 2015] <viatropos> hello there
[Thu Jul 16 23:50:35 2015] <viatropos> beginner question, been struggling for two days getting modules loading
[Thu Jul 16 23:50:59 2015] <viatropos> in CoqIDE, how do you require modules from some random folder?
[Thu Jul 16 23:53:08 2015] <aj> viatropos: start it as "coqide -I random/folder/" ?
[Thu Jul 16 23:53:30 2015] <viatropos> also, i am on a mac. does that work on a mac?
[Thu Jul 16 23:54:19 2015] <viatropos> here's the basic setup what i'm doing
[Thu Jul 16 23:54:20 2015] <viatropos> (* in /Users/viatropos/desktop/learncoq/example.v *)
[Thu Jul 16 23:54:21 2015] <viatropos> Add LoadPath "/Users/viatropos/dev/coqtest/".
[Thu Jul 16 23:54:22 2015] <viatropos> (* a looks like this:
[Thu Jul 16 23:54:23 2015] <viatropos>   Require Import /Users/viatropos/dev/coqtest/b.v *)
[Thu Jul 16 23:54:24 2015] <viatropos> Load "/Users/viatropos/dev/coqtest/a.v".
[Thu Jul 16 23:54:44 2015] <viatropos> https://gist.github.com/lancejpollard/09b7cc2e8a9d637a190e
[Thu Jul 16 23:56:42 2015] <viatropos> ok updated the example https://gist.github.com/lancejpollard/09b7cc2e8a9d637a190e
[Thu Jul 16 23:57:35 2015] <viatropos> https://cldup.com/cLrpQZ6xp7-1200x1200.png
[Thu Jul 16 23:58:14 2015] <viatropos> i've tried several ways to do this, from the command line, and from CoqIDE, but it gives the same error
[Thu Jul 16 23:58:19 2015] <viatropos> "Error: Cannot find library <x> in loadpath"
[Thu Jul 16 23:58:48 2015] <viatropos> I saw this, but didn't seem to help http://stackoverflow.com/questions/16202666/coqide-cant-load-modules-from-same-folder
[Thu Jul 16 23:59:03 2015] <viatropos> aj: -bash: coqide: command not found
[Fri Jul 17 00:01:20 2015] <aj> viatropos: hmm; Add LoadPath "...".  Load b.   works fine; LoadPath doesn't seem to be passed on to other modules though?
[Fri Jul 17 00:02:46 2015] <viatropos> hmm
[Fri Jul 17 00:02:55 2015] <viatropos> here is an even more basic example demonstrating https://gist.github.com/lancejpollard/0f80152f7b9b453aa1fb
[Fri Jul 17 00:03:24 2015] <viatropos> hmm, what am i doing wrong?
[Fri Jul 17 00:04:19 2015] <aj> oh, have you compiled b.v to b.vo?
[Fri Jul 17 00:04:31 2015] <viatropos> no, is that required?
[Fri Jul 17 00:04:47 2015] <aj> yeah, you can't require import until it's compiled aiui
[Fri Jul 17 00:05:10 2015] <viatropos> oh awesome, ok great that works!
[Fri Jul 17 00:05:11 2015] <viatropos> thanks
[Fri Jul 17 00:05:38 2015] <viatropos> one more question, do you use proof general or the downloaded coq side?
[Fri Jul 17 00:05:40 2015] <viatropos> ide
[Fri Jul 17 00:05:41 2015] <viatropos> *
[Fri Jul 17 00:06:31 2015] <aj> viatropos: i use coqide because it's easy and i'm a newb
[Fri Jul 17 00:06:44 2015] <viatropos> cool. do you use the Compile -> Make makefile menu in the CoqIDE or you write the commands like `coqc` manually
[Fri Jul 17 00:07:01 2015] <viatropos> wondering how you work with many files "properly" in the CoqIDE
[Fri Jul 17 00:07:51 2015] <viatropos> for example
[Fri Jul 17 00:07:58 2015] <viatropos> say i find a coq project like https://github.com/dragonwasrobot/simpl-lang
[Fri Jul 17 00:08:13 2015] <viatropos> what's your workflow for getting it working in the CoqIDE?
[Fri Jul 17 00:08:35 2015] <viatropos> I'm used to just opening a whole folder in a text editor, and browsing the code..
[Fri Jul 17 00:08:55 2015] <viatropos> But since Coq steps through the proofs, you have to start from the files without any `Require` calls
[Fri Jul 17 00:09:05 2015] <viatropos> (it seems)
[Fri Jul 17 04:03:00 2015] <zacts> hi
[Fri Jul 17 05:40:46 2015] <schoppenhauer> hi
[Fri Jul 17 06:02:34 2015] <xeno> hi
[Fri Jul 17 13:48:49 2015] <xeno> hi, how the hell should I proceed from here? http://pastebin.com/T3WGVvya
[Fri Jul 17 13:52:37 2015] <gdsfh> xeno: you'll need fact "forall i, st i = st' i".  Is it true, after all?
[Fri Jul 17 13:55:12 2015] <xeno> gdsfh: st' is (update st v n) and if i = v, then I can do inversion on H.
[Fri Jul 17 13:55:22 2015] <xeno> problem is, how can I construct that fact?
[Fri Jul 17 14:07:05 2015] <gdsfh> xeno: try "rewrite Heqst'" or "rewrite <- Heqst'", it may help (depending on how "update" is defined; maybe you'll be able to unfold it and prove the fact).  (sorry, have to go afk.)
[Fri Jul 17 16:14:06 2015] <newsham> I was asking about C verification here recently.  I stumbled across another related project: http://flint.cs.yale.edu/certikos/
[Fri Jul 17 16:35:14 2015] <hodapp> newsham: huh, neat
[Fri Jul 17 16:35:27 2015] <hodapp> newsham: thus far I'd only seen things like Bedrock and VellVM
[Fri Jul 17 16:43:44 2015] <newsham> have you seen http://vst.cs.princeton.edu/ ?
[Fri Jul 17 16:43:58 2015] <newsham> (there's also sel4, which used isabelle/hol rather than coq)
[Fri Jul 17 16:44:43 2015] <newsham> two practical projects using vst: http://www.cs.princeton.edu/~appel/papers/verified-hmac.pdf and http://www.cs.princeton.edu/~appel/papers/verif-sha.pdf
[Fri Jul 17 16:45:00 2015] <newsham> both verifying parts of the openssl code base (with some modifications)
[Fri Jul 17 19:53:59 2015] <nkaretnikov> when you generate, say, haskell from coq, is there a way to ensure that the translator is correct?  just test it on the haskell side with quickcheck?
[Fri Jul 17 19:54:47 2015] <benzrf> nkaretnikov: its proven probably :>
[Fri Jul 17 19:55:24 2015] <nkaretnikov> well, I recall people saying things like "it's necessary to postprocess the output after translation with sed"
[Fri Jul 17 19:55:30 2015] <nkaretnikov> which is kind of weird
[Fri Jul 17 19:56:10 2015] <benzrf> haha what
[Fri Jul 17 19:56:37 2015] <nkaretnikov> yeah, maybe it was for agda, not coq, but I do remember something like that
[Fri Jul 17 19:57:10 2015] <nkaretnikov> I'm just curious what folks writing high-assurance systems use in such cases
[Fri Jul 17 19:58:53 2015] <nkaretnikov> I think I was quoting wouter swierstra, possibly misquoting, dunno
[Fri Jul 17 20:00:24 2015] <jrw> nkaretnikov, benzrf: the translator is not verified, and yes, there exist coq projects that post process some things with sed :)
[Fri Jul 17 20:01:13 2015] <nkaretnikov> jrw: I think someone was working on the translator.  maybe it was for a different project, though
[Fri Jul 17 20:01:20 2015] <nkaretnikov> I recall reading something on the coq list
[Fri Jul 17 20:01:38 2015] <jrw> maybe so. the one that everyone uses today is not verified
[Fri Jul 17 20:02:05 2015] <jrw> it's not clear to me how to approach verifying such a thing
[Fri Jul 17 20:02:21 2015] <jrw> you need a semantics for the source and destination languages
[Sat Jul 18 00:08:37 2015] <viatropos> any ideas why on CoqIDE_8.4p15 and ssreflect-1.5, getting this error? https://gist.github.com/lancejpollard/1344e996459158eab557
[Sat Jul 18 00:08:45 2015] <viatropos> [Loading ML file z_syntax_plugin.cmxs ... failed]
[Sat Jul 18 00:08:46 2015] <viatropos> Error: implementation mismatch on Notation
[Sat Jul 18 00:10:29 2015] <viatropos> ssreflect is importing successfully, but not ssrnat right after
[Sat Jul 18 00:16:36 2015] <viatropos> super weird error message, whoops. was because i was using the CoqIDE still inside the .dmg, forgot to pull it to Applications folder :p
[Sat Jul 18 14:36:02 2015] <viatropos> hi there, is there a standard workflow for looking up where terms are defined in coq (like a typical IDE or text editor has?) http://stackoverflow.com/questions/31494291/how-do-you-look-up-where-identifiers-are-defined-in-coq-efficiently
[Sat Jul 18 14:43:12 2015] <jgross> Is [Locate] what you're looking for?  (Just posted a slightly extended answer to stack overflow.) 
[Sat Jul 18 14:49:38 2015] <viatropos> jgross: that's close, but Queries -> Locate on `finType` gives this: "Notation Ssreflect.fintype.Finite.Exports.finType" (which is helpful)
[Sat Jul 18 14:49:48 2015] <viatropos> but can it link me to the source code, or the docs somehow?
[Sat Jul 18 14:50:00 2015] <viatropos> so instead it would go to http://coqfinitgroup.gforge.inria.fr/doc/fintype.html#Finite.Exports.finType
[Sat Jul 18 14:50:15 2015] <viatropos> or something along those lines (like the local ssreflect source or something)
[Sat Jul 18 15:19:33 2015] <jgross> No, I don't think there's a way to do that, currently.	The source files don't even get installed, though I think they might be fixing that soon (or in the next beta).  It might be possible to do with https://itu.dk/research/tomeso/coqoon/, though I haven't tried it. 
[Sat Jul 18 15:20:40 2015] <CoqDiffGeo> Hi all, is there any coq library that has tools for working with, say, manifolds?
[Sat Jul 18 15:21:53 2015] <viatropos> jgross: Thanks, good to know.
[Sat Jul 18 15:22:38 2015] <viatropos> jgross: What is your workflow typically for looking up implementation details of some identifier?
[Sat Jul 18 15:26:50 2015] <jgross> viatropos: I use [Locate].  If it's my own file, I open the relevant source file.  If it's Coq.*, I either go to github.coq/coq/coq, or to a local copy of the Coq source code.  If it's a library I installed, I go to the directory I installed it from.  But, more frequently, I just [Print] the identifier, or use [About] or [Check], instead, which gives me the full definition (less any documentation or formatting).  The type signature, plus
[Sat Jul 18 15:26:50 2015] <jgross> sometimes the definition, is often enough. 
[Sat Jul 18 15:28:45 2015] <viatropos> jgross: perfect, that's super helpful, thank you
[Sat Jul 18 16:25:02 2015] <johnw> jgross: are you coming to the conference in SF this week?
[Sat Jul 18 17:24:51 2015] <jgross> johnw: I am not.  Which conference is this? 
[Sat Jul 18 17:30:16 2015] <viatropos> how do you check the [Record] implementation?
[Sat Jul 18 17:30:20 2015] <viatropos> Check Record.
[Sat Jul 18 17:30:25 2015] <viatropos> gives "Error: The reference Record was not found in the current environment."
[Sat Jul 18 17:31:11 2015] <viatropos> yet, i can use `Record` in the local environment: "Record x:Type := {}."
[Sat Jul 18 17:32:17 2015] <viatropos> "Locate Record." -> "No object of basename Record"
[Sat Jul 18 17:41:49 2015] <johnw> jgross: I think CAV, what Adam is going to
[Sat Jul 18 18:05:29 2015] <Anarchos> what is preferred to compile coq ? camlp4 or camlp5 ?
[Sat Jul 18 18:33:33 2015] <sanooj> camlp5 I think
[Sat Jul 18 19:27:17 2015] <viatropos> is there a list of operator precedences in coq?
[Sat Jul 18 19:27:49 2015] <viatropos> As a newb, it's hard to look at something and know how to read the operator precedence. Any suggestions?
[Sat Jul 18 19:30:47 2015] <viatropos> maybe this is it, but doesn't seem to cover everything https://coq.inria.fr/refman/Reference-Manual005.html
[Sat Jul 18 19:56:18 2015] <johnw> viatropos: do you just want the precedence of a specific operator?
[Sat Jul 18 20:01:17 2015] <viatropos> When I navigate forward/backward somewhat quickly (back and forth), CoqIDE gives me different output randomly
[Sat Jul 18 20:01:23 2015] <viatropos> sometimes this: https://cloudup.com/iyPaXA_8_sn
[Sat Jul 18 20:01:33 2015] <viatropos> sometimes this https://cloudup.com/iUVBcb9rTHv
[Sat Jul 18 20:02:08 2015] <viatropos> Do I need to be aware of some implementation detail with the proof checker?
[Sat Jul 18 20:02:34 2015] <viatropos> Doesn't seem very safe if the result of proof checking is variable like this
[Sat Jul 18 20:05:03 2015] <viatropos> Assuming this is just a bug with the IDE, not the compiler
[Sun Jul 19 12:35:32 2015] <viatropos> new question trying to understand why you can't leave out the `forall` in a dependent product type, wondering if someone could point me to clarity on it http://cstheory.stackexchange.com/questions/32027/why-does-the-dependent-product-type-need-forall-in-coq
[Sun Jul 19 12:51:23 2015] <viatropos> moved to math.stackexchange since cstheory seems inactive
[Sun Jul 19 15:42:55 2015] <xeno> I have Hx : X <> X , and X is of type (Id n). How do I do inversion on it, if I try I get "is not inductive"
[Sun Jul 19 15:45:55 2015] <Cypi> "X <> X" is just a notation for "X = X -> False". What you can do is either: 1) [exfalso; apply Hx; reflexivity] 2) [elim Hx; reflexivity] 3) [congruence]
[Sun Jul 19 15:50:45 2015] <xeno> how do I unfold the <> ?
[Sun Jul 19 15:51:18 2015] <Cypi> [unfold not in Hx] will do it
[Sun Jul 19 15:52:37 2015] <Cypi> Also, I was unprecise: [x <> X] is a notation for [not (X = X)], and not is defined as [fun A => A -> False].
[Sun Jul 19 18:44:56 2015] <newsham> https://gilith.wordpress.com/2015/07/19/the-slowest-software-development-methodology-in-the-world/
[Sun Jul 19 18:45:05 2015] <newsham> (not coq, but may be of interest)
[Sun Jul 19 19:37:46 2015] <viatropos> newsham: interesting
[Sun Jul 19 20:27:34 2015] <viatropos> is there a better place for beginners to ask questions about coq?
[Sun Jul 19 20:29:03 2015] <viatropos> or any active places where people hang out?
[Sun Jul 19 20:31:28 2015] <Cypi> viatropos : about your question about random answers from CoqIDE, it's (as far as I know) fixed in Coq 8.5 (well, only the beta version of it is out right now)
[Sun Jul 19 20:31:45 2015] <viatropos> nice
[Sun Jul 19 20:31:45 2015] <Cypi> they changed the way all this works, so it should be really deterministic now
[Sun Jul 19 20:32:28 2015] <viatropos> cool, maybe the home-brew version just needs to catch up
[Sun Jul 19 20:33:40 2015] <Cypi> Your other question was something about forall?
[Sun Jul 19 20:35:33 2015] <Cypi> Ah, it was answered by Ptival, good
[Sun Jul 19 20:37:52 2015] <viatropos> what about, how did you guys learn coq, or how long did it take you?
[Sun Jul 19 20:38:21 2015] <Cypi> I learned Coq mainly by reading Software Foundations. And then, some of Certified Programming with Dependent Types
[Sun Jul 19 20:39:11 2015] <viatropos> cool, ok
[Sun Jul 19 20:40:35 2015] <viatropos> I have this book on "theory of finite automata" that i've been using to learn math the past few months..
[Sun Jul 19 20:40:47 2015] <viatropos> I am hoping to be able to translate some of it into Coq
[Sun Jul 19 20:40:53 2015] <viatropos> Any tips for how to do that?
[Sun Jul 19 20:41:26 2015] <viatropos> Tried starting today with "an alphabet is a finite non-empty set", but the "set" stuff in coq is hard to navigate
[Sun Jul 19 20:42:01 2015] <viatropos> Not sure if I should be translating "non-empty set" and "x is an element of alphabet" to "types", or use some set-theory thing in Coq
[Sun Jul 19 20:42:27 2015] <viatropos> Any recommendations?
[Sun Jul 19 20:46:04 2015] <Cypi> I mainly used Coq for fun and for type-theory-oriented stuff, so I'm not really a competent person in that regard. Anyway, you might find this cheaty or not, but here is a relevent paper on the topic: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.39.5164
[Sun Jul 19 20:46:43 2015] <viatropos> dang, don't have access
[Sun Jul 19 20:46:49 2015] <viatropos> I have seen other related ones
[Sun Jul 19 20:48:37 2015] <Cypi> in this paper, they actually axiomatize what finite sets are. They defined two axioms [fset : Set -> Set] and [member : forall (A : Set), A -> fset A -> Prop].
[Sun Jul 19 20:49:05 2015] <Cypi> You can also (apparently it was done in Nuprl) just say an alphabet is just its cardinal
[Sun Jul 19 20:51:51 2015] <benzrf> hello are there useful coq libraries for proving things about interacting systems and crypto
[Sun Jul 19 20:52:05 2015] <benzrf> like, something you could use to prove the security of diffie helman or something
[Mon Jul 20 03:08:39 2015] <xeno_> hi, in Exercise: 2 stars (hoare_asgn_example4), I got into some trouble because I need to prove that X <> Y... which makes sense, given that they're just numerical Id's, how do I know?
[Mon Jul 20 09:34:17 2015] <ptcek> hi, I want to install coq on CentOS 7 and I'm a bit confused with the dependencies
[Mon Jul 20 09:34:29 2015] <ptcek> Camlp5 (version <= 4.08, or 5.* transitional)
[Mon Jul 20 09:35:40 2015] <ptcek> does it mean it's ok to install
[Mon Jul 20 09:35:59 2015] <ptcek> camlp5-5.15.tgz in transitional "version" ?
[Mon Jul 20 09:38:51 2015] <ptcek> in furhter text it's said "Check that you have Camlp4 installed"
[Mon Jul 20 12:28:05 2015] <ptcek> I've finally got it installed in CentOS 7, ignoring any versions recommendation helped the best :)
[Mon Jul 20 13:16:02 2015] <kclancy> I have a newbie question: what do square brackets mean? I see this in a proof: [idtac|right; ring]. I know what idtac, right, and ring mean, but I'm not sure about the square brackets or the pipe.
[Mon Jul 20 13:30:48 2015] <ianjneu> square brakets mean "apply these tactics to the cases generated" and follow the ordering of generation.
[Mon Jul 20 13:31:18 2015] <ianjneu> Thus if T creates 3 subgoals, T; [T0 | T1 | T2] will apply T0 to the first subgoal, T1 to the second, etc.
[Mon Jul 20 13:31:49 2015] <ianjneu> Square brakets are also used for pattern syntax with intros and other tactics.
[Mon Jul 20 13:32:56 2015] <ianjneu> Additionally, the solve, first, and progress tactics take a [T0 | ... | Tn] list of tactics to try on a single goal.
[Mon Jul 20 13:34:28 2015] <ianjneu> If you can, it's best to avoid T; [ ... ] tactic scripts because they're brittle to refactoring and case additions.
[Mon Jul 20 13:36:45 2015] <kclancy> ianjneu: thanks
[Mon Jul 20 16:53:49 2015] <xeno> what tactic can I use for x <= y -> S x <= S y ?
[Mon Jul 20 17:00:03 2015] <jrw> xeno: [omega] should work. but if you're working through SF and want to use tactics as they're introduced, you probably have a lemma that says that. you can just [apply] it
[Mon Jul 20 17:00:19 2015] <xeno> yeah it worked
[Mon Jul 20 17:00:37 2015] <jrw> xeno: did you figure out how to prove [X <> Y] from last night?
[Mon Jul 20 17:00:50 2015] <xeno> I'm past the switch to SfLib, so all my previous lemmas are left in a ton of files...
[Mon Jul 20 17:01:02 2015] <xeno> it was just inversion, dunno why
[Mon Jul 20 17:02:04 2015] <jrw> yeah, if you have [X = Y] in your context, [inversion] will solve your goal
[Mon Jul 20 17:03:22 2015] <jrw> this is because X and Y are defined to be [Id 0] and [Id 1], where Id is the constructor for the type id.
[Mon Jul 20 17:03:39 2015] <jrw> so [X = Y] is really [Id 0 = Id 1].
[Mon Jul 20 17:03:59 2015] <jrw> and of course 0 is the constructor O of nat, and 1 is [S O]
[Mon Jul 20 17:04:47 2015] <jrw> so inversion is able to deduce [O = S O] from your hypothesis, which is "obviously" false, because two different constructors never yield equal results.
[Mon Jul 20 17:28:27 2015] <xeno> what about y = x + (y - x) ? sam issue there...
[Mon Jul 20 17:28:33 2015] <xeno> omega doesn't catch it
[Mon Jul 20 17:29:15 2015] <johnw> are those nats?
[Mon Jul 20 17:30:27 2015] <johnw> if so, then omega can't solve it unless it knows that y >= x
[Mon Jul 20 17:30:38 2015] <johnw> otherwise, if y is 0, then y - x is also 0, no matter the size of x
[Mon Jul 20 17:30:46 2015] <johnw> i mean, if y < x
[Mon Jul 20 18:25:45 2015] <xeno> johnw: good point
[Mon Jul 20 18:25:57 2015] <xeno> johnw: it is know btw
[Mon Jul 20 18:29:02 2015] <johnw> xeno: and these are Coq stdlib nat's?  not ssreflect nats?
[Mon Jul 20 18:29:07 2015] <xeno> yes
[Mon Jul 20 18:29:11 2015] <johnw> hmm
[Mon Jul 20 18:29:16 2015] <johnw> can you show me the full context and goal?
[Mon Jul 20 18:30:39 2015] <xeno> http://pastebin.com/WDhXhGGg
[Mon Jul 20 18:31:18 2015] <johnw> ok, now convert ble_nat x y = true to x <= y
[Mon Jul 20 18:31:25 2015] <johnw> you should have a theorem for that
[Mon Jul 20 18:31:54 2015] <johnw> because I don't believe those two obviously mean the same to omega
[Mon Jul 20 18:32:49 2015] <xeno> that slved it
[Mon Jul 20 18:32:53 2015] <johnw> great
[Mon Jul 20 20:34:02 2015] <benzrf> hmmm... what the heck
[Mon Jul 20 20:34:13 2015] <benzrf> what is the rule for generating induction principles for Props...??
[Mon Jul 20 20:34:25 2015] <johnw> benzrf: more context
[Mon Jul 20 20:35:20 2015] <benzrf> er, hold on
[Mon Jul 20 20:36:31 2015] <benzrf> ah
[Mon Jul 20 20:36:58 2015] <benzrf> Prop induction principles leave off the actual values as arguments to the predicate...!
[Mon Jul 20 20:37:25 2015] <johnw> still not sure what you mean
[Mon Jul 20 20:38:14 2015] <benzrf> try defining an inductive 'even' predicate twice
[Mon Jul 20 20:38:25 2015] <benzrf> once where the codomain is Prop, one where it's type
[Mon Jul 20 20:38:27 2015] <benzrf> *Type
[Mon Jul 20 20:38:35 2015] <benzrf> then check out the induction principles generated in each case
[Mon Jul 20 20:38:38 2015] <johnw> what do you mean by "inductive 'even' predicate"?  do you mean a function in Prop?
[Mon Jul 20 20:38:51 2015] <benzrf> Inductive even : nat -> Prop :=
[Mon Jul 20 20:38:53 2015] <benzrf> ...
[Mon Jul 20 20:39:03 2015] <johnw> can you pastie the principles in both cases?
[Mon Jul 20 20:39:13 2015] <benzrf> kk
[Mon Jul 20 20:39:16 2015] <johnw> thx
[Mon Jul 20 20:41:12 2015] <benzrf> https://gist.github.com/152539edb40db2f07208
[Mon Jul 20 20:41:31 2015] <benzrf> you might wanna look at the second case first
[Mon Jul 20 20:43:40 2015] <johnw> so, the second principle uses a function n, ev n -> Prop
[Mon Jul 20 20:44:01 2015] <johnw> the first principle doesn't need this, because the data type is already that type of function, and so just nat -> Prop
[Mon Jul 20 20:45:13 2015] <johnw> i.e., the version in Prop doesn't need the evidence; this is what I believe you were getting at?
[Mon Jul 20 20:45:36 2015] <johnw> you could try just writing the second principle yourself for the inductive predicate
[Mon Jul 20 20:48:49 2015] <benzrf> hm?
[Mon Jul 20 20:50:08 2015] <Cypi> https://coq.inria.fr/faq#htoc123
[Mon Jul 20 21:22:55 2015] <jmhodges> hey, i'm working my way through http://www.randomhacks.net/2015/07/19/proving-sorted-lists-correct-using-coq-proof-assistent/ and I can't figure out why the `Fixpoint insert_sorted` bit I've even copied over correctly is failing with coq 8.4pl6. Gist here: https://gist.github.com/jmhodges/33027733dae6b0a6fb1e
[Mon Jul 20 21:29:47 2015] <Cypi> jmhodges : you probably need to "Import ListNotations."
[Mon Jul 20 21:30:01 2015] <Cypi> The notation [] is not available by default
[Mon Jul 20 21:31:30 2015] <jmhodges> Cypi: you are probably correct! now to fix my loadpath
[Mon Jul 20 21:31:54 2015] <Cypi> "Require Import List." if you haven't done it yet :)
[Mon Jul 20 21:32:11 2015] <Cypi> (so: [Require Import List. Import ListNotations.] )
[Mon Jul 20 21:32:27 2015] <jmhodges> the newbiest newb right here
[Mon Jul 20 21:32:54 2015] <Cypi> No worries
[Mon Jul 20 21:33:58 2015] <jmhodges> Cypi: i'm guessing there's a thing to import for <=?, too. i will go hunt it down
[Mon Jul 20 21:34:05 2015] <jmhodges> Cypi: thank you
[Mon Jul 20 21:34:19 2015] <Cypi> There should be, yes, but I don't know where :D
[Mon Jul 20 21:35:03 2015] <Cypi> Ah, no, it was defined directly by the person who wrote the blogpost
[Mon Jul 20 21:35:42 2015] <jmhodges> ah ha that Infix bit
[Mon Jul 20 22:26:38 2015] <benzrf> is there a way to specify the subterm that a rewrite should apply to
[Mon Jul 20 22:44:55 2015] <benzrf> hey so
[Mon Jul 20 22:44:58 2015] <benzrf> here's a thing i just found it.
[Mon Jul 20 22:45:00 2015] <benzrf> *out
[Mon Jul 20 22:45:08 2015] <benzrf> if you do a tactic-based definition of a Fixpoint.
[Mon Jul 20 22:45:19 2015] <benzrf> it doesnt helpfully say "Error: Cannot guess decreasing argument of fix." until you Qed.
[Mon Jul 20 23:02:56 2015] <johnw> benzrf: ssreflect can do that quite easily
[Mon Jul 20 23:03:05 2015] <benzrf> oh shoosh
[Mon Jul 20 23:03:16 2015] <johnw> and yes, how would it know that it can't guess the argument until you've provided all the code?
[Mon Jul 20 23:03:35 2015] <johnw> rewrite [X in _ = foo _ X]some_law.
[Mon Jul 20 23:04:47 2015] <benzrf> true
[Mon Jul 20 23:05:48 2015] <benzrf> augh
[Mon Jul 20 23:05:50 2015] <benzrf> im tryna prove Lemma center_list_ind : forall (X : Type) (P : list X -> Prop), P [] -> (forall (x : X), P [x]) -> (forall (x y : X) (l : list X), P l -> P (x :: snoc l y)) -> forall l : list X, P l.
[Mon Jul 20 23:06:05 2015] <benzrf> t h i s   i s   h e l l
[Mon Jul 20 23:47:48 2015] <benzrf> aHA
[Mon Jul 20 23:47:52 2015] <benzrf> BROKE IT
[Mon Jul 20 23:47:55 2015] <benzrf> EAT THAT
[Tue Jul 21 22:35:05 2015] <viatropos> when using [Print] on a lemma, is it printing the proof too? https://gist.github.com/lancejpollard/f5b43de2e24a25ea2a49
[Tue Jul 21 22:35:24 2015] <viatropos> new to coq, trying to understand what print is actually doing here
[Tue Jul 21 22:36:09 2015] <viatropos> anyone know generally what that output is in the second one?
[Tue Jul 21 23:22:23 2015] <alkabetz> viatropos: Indeed, that’s the proof term corresponding to that proof.  When you use [Admitted], Coq doesn’t bother saving a proof term, so you don’t get anything when you [Print] it.
[Tue Jul 21 23:23:33 2015] <viatropos> alkabetz: Is a lot of that code showing the expanded proof `decide equality.`?
[Tue Jul 21 23:24:16 2015] <alkabetz> [decide equality] isn’t the actual proof.  It’s a Ltac script which constructs the proof.
[Tue Jul 21 23:25:03 2015] <viatropos> interesting, how do i tell that? [About decide equality.] doesn't work
[Tue Jul 21 23:25:45 2015] <alkabetz> Anything between [Proof] and [Qed] (or [Defined]) is interpreted as Ltac.
[Tue Jul 21 23:26:00 2015] <alkabetz> You can expand an Ltac tactic with [Print Ltac], but I think [decide equality] is built-in.
[Tue Jul 21 23:26:06 2015] <viatropos> is there a way to look up where it's defined?
[Tue Jul 21 23:26:45 2015] <viatropos> Similar to how [About bool_rec.] shows you "Expands to: Constant Coq.Init.Datatypes.bool_rec", so you know where it is
[Tue Jul 21 23:26:56 2015] <alkabetz> [Locate] should do the trick here, IIRC
[Tue Jul 21 23:27:27 2015] <alkabetz> On the other hand, [decide equality] is definitely a tactic notation, and the normal way I’d go about this ([Locate "decide equality"]) doesn’t seem to work.  Does anybody else have ideas?
[Tue Jul 21 23:45:22 2015] <viatropos> Anyone know why "Definition id : ID := fun A x => x." is defined in Coq.Init.Datatypes, while "Arguments id {A} x." is defined in Coq.Program.Basics?
[Tue Jul 21 23:46:08 2015] <viatropos> just wondering if something magical is happening because "Arguments id {A} x." is defined in Basics.v (and maybe Arguments only applies to the current file or something)
[Wed Jul 22 00:06:37 2015] <viatropos> In Coq.Init.Logic, there is "Notation "A -> B" := (forall (_ : A), B) : type_scope." and "Definition not (A:Prop) := A -> False."
[Wed Jul 22 00:07:29 2015] <viatropos> but when doing [About not.] with all the Print options turned on, it shows [not : Prop -> Prop]
[Wed Jul 22 00:08:07 2015] <viatropos> is there a way to make it expand the notation, so it shows like [forall (_ : A), False] or something?
[Wed Jul 22 00:08:12 2015] <viatropos> or is this a special internal notation?
[Wed Jul 22 00:08:45 2015] <johnw> Unset Printing Notations.
[Wed Jul 22 00:10:33 2015] <viatropos> johnw: is that different from the CoqIDE menu? https://cloudup.com/iq_2g4cNikc
[Wed Jul 22 00:10:56 2015] <johnw> I really don't know, I've never used CoqIDE before
[Wed Jul 22 00:10:59 2015] <viatropos> ok
[Wed Jul 22 00:12:03 2015] <viatropos> same situation for coqtop https://cloudup.com/iMVRi50irpb (still not expanding notation)
[Wed Jul 22 00:14:03 2015] <viatropos> is -> a "special" notation?
[Wed Jul 22 00:15:36 2015] <johnw> when I use Unset Printing Notations here, with Proof General, and then do Print not., I don't see -> anymore
[Wed Jul 22 00:15:55 2015] <johnw> About not. gives: not : forall _ : Prop, Prop
[Wed Jul 22 00:16:17 2015] <viatropos> interesting
[Wed Jul 22 00:16:23 2015] <viatropos> what version are you using of coq?
[Wed Jul 22 00:16:28 2015] <johnw> 8.5b2
[Wed Jul 22 00:16:40 2015] <viatropos> i
[Wed Jul 22 00:16:48 2015] <viatropos> i'm 8.5, maybe a bug was fixed
[Wed Jul 22 00:16:54 2015] <viatropos> thanks for the help
[Wed Jul 22 00:16:59 2015] <johnw> any time
[Wed Jul 22 01:02:52 2015] <viatropos> Is it explained anywhere why bool "true" and logic "True" are different in coq?
[Wed Jul 22 01:03:31 2015] <viatropos> in programming languages like javascript I am used to `!true` meaning "false" and `!false` meaning "true"
[Wed Jul 22 01:03:38 2015] <viatropos> i.e. not(true), not(false)
[Wed Jul 22 01:04:21 2015] <viatropos> But [not True] and [not False] don't seem to fit that pattern in Coq, seems like that is in Coq.Bool.Bool.
[Wed Jul 22 01:04:29 2015] <viatropos> wondering if i'm missing some reading or something
[Wed Jul 22 01:09:32 2015] <viatropos> nvm will look at andb_prop and related
[Wed Jul 22 01:09:59 2015] <viatropos> http://www.seas.upenn.edu/~cis500/current/sf/Logic.html#lab211
[Wed Jul 22 01:23:51 2015] <viatropos> actually still don't understand http://stackoverflow.com/questions/31554453/why-are-logical-connectives-and-booleans-separate-in-coq
[Wed Jul 22 01:32:03 2015] <aj> viatropos: "not False <-> True" is provable in coq, as distinct from "not False = True". "Prop" is all about provability, which is why it's different to what you see in programming languages (where provability isn't even a thing)
[Wed Jul 22 01:36:00 2015] <aj> viatropos: (you can assume "propositional extensionality" which lets you treat A <-> B as A = B; see Logic/ClassicalFacts
[Wed Jul 22 01:37:32 2015] <viatropos> hmm, will have to think about what you're saying for a bit, thanks
[Wed Jul 22 01:38:22 2015] <viatropos> what about from a practical perspective, like building models on top of the idea of true/false, does it have to be boolean vs. logic?
[Wed Jul 22 01:38:51 2015] <viatropos> seems like you'd do everything with boolean true/false in the typical case, so then it's like what's the use for the logic version
[Wed Jul 22 01:39:46 2015] <viatropos> guess that's what the question is sorta about too
[Wed Jul 22 01:51:15 2015] <aj> viatropos: i think that's something of a stylistic choice? if you start with bool it's easy to convert to prop, not so much the other way around
[Wed Jul 22 01:51:31 2015] <viatropos> ok good to know, thanks
[Wed Jul 22 10:36:52 2015] <nkaretnikov> is there someone who writes lots of coq in vim?  what's your setup?
[Wed Jul 22 12:42:34 2015] <xeno> I'm on http://www.cis.upenn.edu/~bcpierce/sf/current/Hoare.html, Exercise: 4 stars (if1_hoare) - and when I enter the ceval definition, I get that SKIP is expected to have type Imp.com and not com... how come?
[Wed Jul 22 14:22:36 2015] <kclancy> in Coq.Reals.Raxioms, there is an axiom called total_order_T. After applying it to two reals, it yields a ternary disjunction. Is there a way to destruct ternary disjunctions like this in a flat manner? I want to destruct this into three cases, with no nesting.
[Wed Jul 22 14:23:01 2015] <kclancy> It looks like LibTactics has support for n-ary disjunctions, but I don't think I can use it with total_order_T.
[Wed Jul 22 14:25:16 2015] <kclancy> I figured it out. Nevermind.
[Thu Jul 23 00:30:03 2015] <viatropos> trying to better understand Prop in coq, don't quite get yet how to interpret this definition: "Definition relation := A -> A -> Prop"
[Thu Jul 23 00:32:03 2015] <viatropos> can't seem to expand that notation with my version of coq
[Thu Jul 23 00:32:34 2015] <viatropos> but it seems to expand to "Definition relation := forall (_, Type), forall (_, Type), Prop", is that correct?
[Thu Jul 23 00:33:05 2015] <viatropos> how does this actually define a relation?
[Thu Jul 23 00:33:21 2015] <viatropos> i imagine relation to be like "relation(A, B)", between two different types
[Thu Jul 23 00:35:44 2015] <viatropos> nvm, seems to be answered here: "Coq standard library hijacks the generic term "relation" for this specific instance" http://www.cis.upenn.edu/~bcpierce/sf/current/Rel.html
[Thu Jul 23 01:40:07 2015] <Cypi> viatropos : (just in case) this does not define a relation. It defines the type of relations on a type A.
[Thu Jul 23 01:43:05 2015] <Cypi> Also, your expansion is not correct. The correct expansion would be: "Definition relation := forall (A : Type), forall (_ : A), forall (_ : A), Prop", something like that
[Thu Jul 23 01:43:58 2015] <Cypi> Uh, sorry
[Thu Jul 23 01:44:26 2015] <Cypi> "Definition relation := fun (A : Type) => forall (_ : A), forall (_ : A), Prop" rather
[Thu Jul 23 01:46:01 2015] <viatropos> Ah, that makes more sense, thank you
[Thu Jul 23 08:44:39 2015] <EdanCorin> Hey everyone! I was just wondering if there was a list of projects in Coq I could help with? I feel like trying my skills a bit ^^"
[Thu Jul 23 10:04:05 2015] <JanBessai> The term "cEq" has type "@c Γ σ p = @c Γ τ p'" while it is expected to have type "@c Γ σ p = @c Γ τ p'".
[Thu Jul 23 10:04:31 2015] <JanBessai> any idea why such an error would occur?
[Thu Jul 23 10:05:07 2015] <artart78> maybe it's not the same equality?
[Thu Jul 23 10:05:29 2015] <artart78> try 'Set Printing All.'
[Thu Jul 23 10:05:49 2015] <JanBessai> ahhh... thanks
[Thu Jul 23 10:05:55 2015] <JanBessai> I only hat printing Implicits
[Thu Jul 23 10:06:22 2015] <JanBessai> there is a coercion from the eq type :)
[Thu Jul 23 10:06:26 2015] <artart78> 'All' is often overkill but in cases like this, it's very useful
[Thu Jul 23 10:09:14 2015] <JanBessai> wonderful, thanks! :)
[Fri Jul 24 04:59:05 2015] <xeno_> how important is Hoare2 in software foundations? There's hardly any formal exercises there, most are informal...  and I have to admit I struggle a bit with the few formal ones, cause there's so many tactics to remember...
[Fri Jul 24 08:58:19 2015] <schoppenhauer> https://github.com/dasuxullebt/Pheap.v comments?
[Fri Jul 24 15:16:55 2015] <magistr> How to learn abstract nonsense?
[Fri Jul 24 15:26:47 2015] <xeno_> SF, Smallstep, stuck at http://pastebin.com/X3wA0E96 , any tips?
[Fri Jul 24 15:28:56 2015] <magistr> How to learn abstract nonsense?
[Fri Jul 24 15:29:48 2015] <nkaretnikov> magistr: read aluffi's "alegbra: chapter 0"
[Fri Jul 24 15:30:43 2015] <magistr> nkaretnikov, it is a popular?
[Fri Jul 24 15:30:57 2015] <nkaretnikov> it is a good
[Fri Jul 24 15:31:28 2015] <nkaretnikov> but contains a lot of typos, so make sure to read the errata on the author's website
[Fri Jul 24 15:31:49 2015] <nkaretnikov> the author introduces everything in the book without omitting any details
[Fri Jul 24 15:31:55 2015] <nkaretnikov> that's why I like it and recommend it
[Fri Jul 24 15:32:04 2015] <nkaretnikov> there are more popular texts
[Fri Jul 24 15:32:04 2015] <magistr> nkaretnikov, ok, thanks
[Fri Jul 24 15:32:24 2015] <nkaretnikov> let me look it up
[Fri Jul 24 15:32:25 2015] <nkaretnikov> one sec
[Fri Jul 24 15:33:11 2015] <nkaretnikov> magistr: https://www.quora.com/What-is-the-best-textbook-for-Category-theory
[Fri Jul 24 16:51:23 2015] <QuanticPotato> Hi guys !
[Fri Jul 24 16:51:25 2015] <QuanticPotato> Do you know if coq has every been used in physics ?
[Fri Jul 24 16:52:31 2015] <QuanticPotato> ever been*
[Fri Jul 24 17:15:32 2015] <jun> if robots is physics: http://www.cs.cornell.edu/~aa755/ROSCoq/
[Fri Jul 24 17:27:56 2015] <nkaretnikov> they left
[Fri Jul 24 18:30:41 2015] <ianjneu>  /quit
[Fri Jul 24 18:49:39 2015] <newsham> hi.  noob problem: "Cannot find library CpdtTactics in loadpath" in proofgeneral.  I have "(custom-set-variables '(coq-prog-args '("-I" "/tmp/cpdt/src")))" in my ~/.emacs file and /tmp/cpdt/CpdtTactics.v exists
[Fri Jul 24 18:50:42 2015] <artart78> maybe replace /tmp/cpdt/src with /tmp/cpdt ? dunno
[Fri Jul 24 18:50:59 2015] <jrw> newsham: did you compile CpdtTactics.v
[Fri Jul 24 18:51:00 2015] <jrw> ?
[Fri Jul 24 18:51:04 2015] <newsham> no i didnt.
[Fri Jul 24 18:51:14 2015] <newsham> running make now :)
[Fri Jul 24 18:51:49 2015] <newsham> tada.  thank you..  I did say "noob" :)
[Fri Jul 24 18:52:39 2015] <newsham> (apparently not so good at reading either)
[Sat Jul 25 12:11:20 2015] <lolisa> Hey, do anyone know how to do recursive type on Coq?
[Sat Jul 25 12:12:11 2015] <aj> lolisa: infinitely recursive? http://adam.chlipala.net/cpdt/html/Coinductive.html
[Sat Jul 25 12:13:40 2015] <lolisa> not recursive data, but recursive type
[Sat Jul 25 12:14:06 2015] <lolisa> I want to represent the type of UTLC, that is, u t. t -> t (t ~= t -> t) in Coq, but dont know how to do  so... is there any facility?
[Sat Jul 25 12:16:55 2015] <aj> lolisa: probably beyond my knowledge then. what's UTLC?
[Sat Jul 25 12:17:31 2015] <lolisa> UnTyped Lambda Calculus, Sorry...
[Sat Jul 25 12:23:01 2015] <lolisa> Oh, it seems like inductive can handle recursive type... Thx
[Sat Jul 25 12:23:41 2015] <aj> lolisa: yeah, inductive should be fine i think
[Sat Jul 25 12:23:55 2015] <lolisa> nah, dont think it work, thx anyway
[Sat Jul 25 12:26:42 2015] <aj> lolisa: something like https://github.com/pi8027/lambda-calculus might help
[Sat Jul 25 12:38:40 2015] <lolisa> aj, thx, I'll have a look
[Sun Jul 26 14:32:50 2015] <kclancy> What does it mean when a record field is declared with :> rather than :?
[Sun Jul 26 14:33:53 2015] <kclancy> I'm looking at a record definition with the following code: "Record ln_beta_prop x := { ln_beta_val :> Z ; ... }"
[Sun Jul 26 14:34:33 2015] <kclancy> it would make perfect sense to me if it had "ln_beta_val : Z" rather than "ln_beta_val :> Z"
[Sun Jul 26 14:35:20 2015] <kclancy> oh. I think this has something to do with typeclasses.
[Sun Jul 26 14:37:34 2015] <kclancy> I think this site explains the :> notation: https://coq.inria.fr/refman/Reference-Manual022.html
[Sun Jul 26 14:47:48 2015] <kclancy> haven't figured it out yet. Z doesn't seem to be a typeclass.
[Sun Jul 26 14:50:18 2015] <jrw> kclancy: I believe it introduces an implicit coercion between the record type and the field's type
[Sun Jul 26 14:50:24 2015] <jrw> see https://coq.inria.fr/refman/Reference-Manual021.html
[Sun Jul 26 14:50:32 2015] <kclancy> jrw: thanks
[Sun Jul 26 14:50:32 2015] <jrw> search for ":>"
[Sun Jul 26 18:29:59 2015] <newsham> why do I sometimes see programs/proofs that return "True" and "False", which are types?
[Sun Jul 26 18:30:09 2015] <newsham> (instead of, for example, returning I:True)
[Sun Jul 26 18:31:09 2015] <Saizan> maybe they are defining a type by recursion?
[Sun Jul 26 18:32:21 2015] <newsham> for example, defining All (ls : list T) : Prop,  which returns True or False
[Sun Jul 26 18:38:52 2015] <newsham> oh i think i'm getting my levels mixed up :)
[Sun Jul 26 19:10:16 2015] <newsham> what I sometimes get confuseda bout is that I can freely construct True and False.  (but, in moments of clarity I remember that I cant construct a value that inhabits False, but I can use "I : True" for the other)
[Sun Jul 26 21:56:24 2015] <osa1_> does anyone here have algebra: chapter 0 at hand? I have a question about a proof in the book. in second part of proof of prop 2.3, I'm confused how the proof is valid. because there may be some set Z and we may choose some a', a'' : Z -> A for which the implication doesn't hold...
[Sun Jul 26 21:57:01 2015] <osa1_> to be more specific, I don't understand how does that instantiation of Z to singleton sets make sense.
[Mon Jul 27 12:48:50 2015] <stelleg> I'm trying to use eq_nat_is_eq from Arith.EqNat, but I'm getting failure on rewrite, and am a bit lost. here's the coq error: http://sprunge.us/KDZh
[Mon Jul 27 12:51:01 2015] <stelleg> this occurs when I attempt a rewrite <- eq_nat_is_eq on a goal {n = m} + {n <> m} where n m : nat.
[Mon Jul 27 12:51:18 2015] <stelleg> apologies if this is the wrong place for this kind of query
[Mon Jul 27 13:19:33 2015] <sanooj> stelleg: definitely the right place. hang in there.
[Mon Jul 27 13:44:33 2015] <jrw> stelleg: what are you trying to achieve with that rewrite? do you want to replace the goal with {eq_nat n m} + {~ eq_nat n m} ?
[Mon Jul 27 14:18:38 2015] <stelleg> jrw: yep, so that I could use eq_nat_decide directly
[Mon Jul 27 14:18:58 2015] <stelleg> but I did find that eq_nat_dec is defined in Peano_dec, so I'm just using that instead
[Mon Jul 27 14:19:48 2015] <jrw> stelleg: I see, right.
[Mon Jul 27 14:19:50 2015] <jrw> as a first order approximation, you can only rewrite by things that end in an equality.
[Mon Jul 27 14:20:27 2015] <stelleg> jrw: right, I thought that rewrites worked in general for iff as well, but I suppose its a bit more complex?
[Mon Jul 27 14:21:03 2015] <jrw> stelleg: yeah. rewriting by any other relation requires a bunch of side conditions showing that all the relevant parts of your goal respect the relation
[Mon Jul 27 14:21:24 2015] <stelleg> jrw: thanks, that's helpful.
[Mon Jul 27 14:21:45 2015] <jrw> so in this case you'd have to show something like "if x is a program for deciding the proposition P, and if P <-> Q, then x is also a decider for Q"
[Mon Jul 27 14:22:30 2015] <jrw> and then you'd need to register that fact with coq. and then you'd be able to rewrite using iff under goals of the form {P} + {~P}
[Mon Jul 27 14:22:48 2015] <jrw> once you get it all set up, it can be really convenient.
[Mon Jul 27 14:22:55 2015] <jrw> but it's annoying to set up, IMHO
[Mon Jul 27 14:24:16 2015] <stelleg> jrw: good to know, thanks!
[Mon Jul 27 14:25:00 2015] <jrw> stelleg: np. if you want to google for this, the word you're looking for is "setoid"
[Mon Jul 27 14:26:23 2015] <stelleg> jrw: ah I come accross that term when googling the error message. I'll look into it more when I don't have a deadline looming :)
[Mon Jul 27 14:26:34 2015] <jrw> :) good luck!
[Mon Jul 27 14:27:01 2015] <stelleg> thanks!
[Mon Jul 27 15:00:19 2015] <Anarchos> * is compiling CompCert on HaikuOS o/
[Mon Jul 27 23:15:52 2015] <nkaretnikov> does coq have anything similar to haskell iorefs (i.e., mutable containers)?
[Mon Jul 27 23:50:31 2015] <johnw> nkaretnikov: no
[Mon Jul 27 23:50:45 2015] <johnw> nkaretnikov: the Ynot project may have something like that, but not in the Coq stdlib
[Mon Jul 27 23:51:48 2015] <nkaretnikov> johnw: hi, I was just thinking of translating this: https://github.com/FranklinChen/spreadsheet-haskell/blob/master/src/Spreadsheet.hs
[Mon Jul 27 23:51:59 2015] <nkaretnikov> I guess it could be possible without iorefs, but with them that'd be easier
[Mon Jul 27 23:52:30 2015] <johnw> there are way better way to model a spreadsheet than IORefs
[Mon Jul 27 23:52:42 2015] <johnw> google for "spreadsheet loeb function", for example
[Mon Jul 27 23:53:02 2015] <nkaretnikov> okay, noted.
[Tue Jul 28 03:50:47 2015] <JanBessai> where does coq store the equality schemes used for automatic generation?
[Tue Jul 28 03:51:54 2015] <JanBessai> I have a type parameterized over a module variable and I'd like to generate an equality over it
[Tue Jul 28 03:52:32 2015] <JanBessai> the module asks for a hypothesis foo_eq_dec: forall x y : foo, { x = y } + { x <> y }
[Tue Jul 28 03:52:54 2015] <JanBessai> so it should be possible to have an inductive type with auto generated equality, which internally uses foo
[Tue Jul 28 04:20:15 2015] <JanBessai> hmpf seems not even possible for list nat
[Wed Jul 29 03:12:41 2015] <xeno> hi, when I do "Proof with <...>." in Coq, it screws up the intendation for the rest of the file. Am I missing something?
[Wed Jul 29 03:32:59 2015] <benzrf> thatd be an editor issue i think
[Wed Jul 29 05:39:43 2015] <notdan> Hi!
[Wed Jul 29 05:40:11 2015] <notdan> Is there a setoid instance for the identity relation?
[Wed Jul 29 05:42:09 2015] <notdan> I mean it's trivial to write, but I wanted to know if there is a stanard reference
[Wed Jul 29 06:33:37 2015] <xeno> anyone wanna walk me through this one? : match goal with H1: forall x, ?P x -> ?L = ?R, H2: ?P ?X |- _
[Wed Jul 29 06:34:08 2015] <xeno> => rewrite (H1 X H2) in *
[Wed Jul 29 06:37:53 2015] <notdan> It replaces ?L with ?R in your current goal
[Wed Jul 29 06:38:09 2015] <notdan> If you have a hypothesis of the form forall x, P x -> L = R
[Wed Jul 29 06:50:14 2015] <xeno> so basically, if you have H2: ?P ?X, it matches forall x, ?P x, so you can apply it and get ?L = ?R, ...
[Wed Jul 29 06:50:42 2015] <xeno> so it basically takes P x -> A = B  + P x , and provides A = B ?
[Wed Jul 29 08:06:03 2015] <notdan> xeno_: yeah
[Wed Jul 29 09:57:22 2015] <schoppenhauer> is there a possibility to apply omega to N?
[Wed Jul 29 09:57:25 2015] <schoppenhauer> instead of nat?
[Wed Jul 29 11:59:00 2015] <schoppenhauer> hm. I have a proof that uses "do" and takes long. is it possible to output messages while it runs?
[Wed Jul 29 11:59:06 2015] <schoppenhauer> such that I see how far it currently is?
[Wed Jul 29 11:59:27 2015] <schoppenhauer> [especially, I see that it is not trapped in an infinite loop, etc., and estimate the time it needs]?
[Wed Jul 29 13:44:39 2015] <schoppenhauer> hm.
[Wed Jul 29 13:46:46 2015] <schoppenhauer> ok, I have the following problem: I have a finite but large number of cases for a proof. all the cases work similarily.
[Wed Jul 29 13:47:35 2015] <schoppenhauer> it is a proposition of the form "forall n, m1 <= n <= m2 -> A", and I can prove A with a simple strategy.
[Wed Jul 29 13:47:43 2015] <schoppenhauer> provided I have n given.
[Wed Jul 29 13:48:07 2015] <schoppenhauer> n cannot be a nat, because m2 is too large.
[Wed Jul 29 13:48:31 2015] <schoppenhauer> I tried N, but the proof is *slow*.
[Wed Jul 29 13:48:38 2015] <johnw> why is "m2 too large"?
[Wed Jul 29 13:48:41 2015] <schoppenhauer> Now I try int31.
[Wed Jul 29 13:48:51 2015] <schoppenhauer> johnw: m2 = 32768
[Wed Jul 29 13:49:28 2015] <johnw> is it too large because you want to extract the code?
[Wed Jul 29 13:49:34 2015] <schoppenhauer> no.
[Wed Jul 29 13:49:43 2015] <schoppenhauer> it is too large because coq stack-overflows.
[Wed Jul 29 13:49:43 2015] <johnw> for the purposes of your proof, do you even need to know what m2 is?
[Wed Jul 29 13:49:55 2015] <schoppenhauer> johnw: yes.
[Wed Jul 29 13:50:33 2015] <schoppenhauer> johnw: specifically, it is just a finite range of stuff that is given. so the theorem can be proved by just "iterating" through all possibilities.
[Wed Jul 29 13:51:02 2015] <schoppenhauer> (and actually, it cannot be proved much simpler ...()
[Wed Jul 29 13:51:04 2015] <schoppenhauer> )
[Wed Jul 29 13:51:25 2015] <johnw> i'm just wondering if there's a different way of expressing the problem
[Wed Jul 29 13:51:52 2015] <schoppenhauer> probably. but this will only make the case more complicated.
[Wed Jul 29 13:52:15 2015] <schoppenhauer> I actually would prefer to just use the "brute force" method.
[Wed Jul 29 15:21:49 2015] <stelleg> is it possible for coq to fail to find a matching subterm when it's clearly there?
[Wed Jul 29 15:23:21 2015] <benzrf> stelleg: it's happened to me ;-;
[Wed Jul 29 15:23:27 2015] <benzrf> have you tried Set Printing All for debug
[Wed Jul 29 15:24:21 2015] <stelleg> benzrf: ah thanks, looks like maybe a type alias issue
[Wed Jul 29 15:24:26 2015] <benzrf> :]
[Wed Jul 29 15:29:01 2015] <stelleg> benzrf: thanks again, that fixed it.
[Wed Jul 29 15:29:25 2015] <stelleg> was disconcerting seeing that. "but it matches character for character!"
[Wed Jul 29 15:36:31 2015] <schoppenhauer> can I apply omega to N?
[Wed Jul 29 15:36:36 2015] <schoppenhauer> the omega tactic.
[Wed Jul 29 15:39:42 2015] <schoppenhauer> hm. I just use Z
[Wed Jul 29 15:39:44 2015] <schoppenhauer> nvm
[Wed Jul 29 16:40:38 2015] <chattingchatting> anyone out there?
[Wed Jul 29 19:07:06 2015] <benzrf> stelleg: i know that feel
[Thu Jul 30 03:52:33 2015] <JanBessai> any idea, why Coq.MSets.MSetRBT.Make(Nat_as_OT) produces an error about eq_equiv missing in Nat_as_OT?
[Thu Jul 30 03:53:21 2015] <JanBessai> in MSetRBT we have Module Make (X: Orders.OrderedType)
[Thu Jul 30 03:53:55 2015] <JanBessai> and in Structures.OrderedTypeEx there is
[Thu Jul 30 03:53:57 2015] <JanBessai> Module Nat_as_OT <: UsualOrderedType.
[Thu Jul 30 03:56:59 2015] <JanBessai> ah I had to import Coq.MSes.MSets first
[Thu Jul 30 10:27:29 2015] <JanBessai> is it possible to use an MSet with elements and containers in Set instead of Type?
[Fri Jul 31 04:27:16 2015] <Feuerbach> Hi. In this small proof, destruct seems to "drop" H entirely, without introducing any evidence. E.g. in the first subgoal, I'd expect m and n be unified, but that doesn't happen. Can someone please explain what's going on and how to do this properly?
[Fri Jul 31 04:27:20 2015] <Feuerbach> http://lpaste.net/4485317291621220352
[Fri Jul 31 05:01:04 2015] <Feuerbach> I think this addresses my question: https://homes.cs.washington.edu/~jrw12/dep-destruct.html
[Fri Jul 31 16:31:05 2015] <`^_^v> i have a theorem: length (l1 ++ (x :: l2)) = n -> S (length (l1 ++ l2)) = n.
[Fri Jul 31 16:31:17 2015] <`^_^v> why can't i apply it to my goal? length (t ++ h :: t) = S (length (t ++ t))
[Fri Jul 31 16:32:39 2015] <Cypi> Does it go through if you do [symmetry] first?
[Fri Jul 31 16:33:25 2015] <`^_^v> no
[Fri Jul 31 16:55:51 2015] <johnw> what does apply say, after you use symmetry?
[Fri Jul 31 17:02:46 2015] <`^_^v> unable to find an instance for the variable x. but doing apply with (x:=h) actually worked
[Fri Jul 31 17:03:09 2015] <`^_^v> hooray
[Fri Jul 31 17:03:11 2015] <johnw> yeah, was gonna say
[Fri Jul 31 17:03:14 2015] <Cypi> Ah right :)
[Sat Aug  1 23:45:11 2015] <nkaretnikov> fwiw, discovered coquille, a vim mode that works similar to proof general.  haven't used it much, but looks promising based on what i've tried
[Sun Aug  2 07:54:29 2015] <xeno_> hi, SF, STLC final task, I tend to end up with http://pastebin.com/pqgJ1BAF
[Sun Aug  2 07:54:32 2015] <xeno_> how do I prove that?
[Sun Aug  2 07:57:25 2015] <Saizan> induction on T11
[Sun Aug  2 11:42:33 2015] <magistr> what is a existential types?
[Sun Aug  2 12:07:13 2015] <magistr> what nice book to learn type theory?
[Sun Aug  2 12:10:44 2015] <sanooj> some people like https://www.cis.upenn.edu/~bcpierce/tapl/ and its followup https://www.cis.upenn.edu/~bcpierce/attapl/
[Sun Aug  2 12:12:14 2015] <magistr> sanooj, great thank
[Sun Aug  2 12:51:43 2015] <magistr> prolog is nice language?
[Sun Aug  2 14:54:56 2015] <xeno_> magistr: it's a language worth knowing
[Sun Aug  2 14:55:16 2015] <xeno_> TAPL is great
[Sun Aug  2 14:55:38 2015] <xeno_> sanooj: there's also Software Foundations, but types is not the main focus there
[Sun Aug  2 14:56:53 2015] <magistr> xeno_, ok, i must begin on prolog
[Sun Aug  2 15:02:58 2015] <magistr> impication is very weird thing in logic
[Sun Aug  2 15:14:25 2015] <magistr> A->B is not a consequent
[Sun Aug  2 15:14:53 2015] <magistr> A may be a false, but B is true
[Sun Aug  2 15:16:06 2015] <Cypi> What's the matter with falsehood implying truth?
[Sun Aug  2 15:19:30 2015] <magistr> the truth follows from everything
[Sun Aug  2 15:19:59 2015] <magistr> from false or true
[Sun Aug  2 15:27:43 2015] <magistr> it is must be logical AND
[Sun Aug  2 15:34:27 2015] <schoppenhauer> hello. in https://coq.inria.fr/stdlib/Coq.FSets.FMapAVL.html is there anything comparable to List.Forall ?
[Sun Aug  2 15:34:32 2015] <schoppenhauer> for FMapAVL I mean?
[Sun Aug  2 15:40:36 2015] <jrw> schoppenhauer: I don't recall there being one but you could define it using In.
[Sun Aug  2 15:41:18 2015] <schoppenhauer> jrw: I was trying to define it with MapsTo. but probably I should try In.
[Sun Aug  2 15:42:42 2015] <schoppenhauer> jrw: ah. the problem was that In only tells about the keys. I need to quantify over the values.
[Sun Aug  2 15:45:37 2015] <jrw> schoppenhauer: no you're right, you need MapsTo in that case. what went wrong when you tried that?
[Sun Aug  2 15:51:13 2015] <schoppenhauer> jrw: http://lpaste.net/2104595620705599488 I am stuck here.
[Sun Aug  2 15:52:49 2015] <schoppenhauer> it should be something around using one of the MapsTo_$n lemmata
[Sun Aug  2 15:52:56 2015] <schoppenhauer> but I am somehow stuck
[Sun Aug  2 15:55:52 2015] <jrw> schoppenhauer: yeah it looks like there aren't enough lemmas about M.add
[Sun Aug  2 15:56:34 2015] <magistr> what nice book of graph theory?
[Sun Aug  2 15:56:40 2015] <jrw> you need something that says [M.MapsTo k v (M.add k' v' h) -> (k = k' /\ v = v') \/ M.MapsTo k v h]
[Sun Aug  2 15:57:08 2015] <jrw> magistr: not sure this is super on topic, but I like Diestel's GTM "Graph Theory" :)
[Sun Aug  2 15:57:50 2015] <magistr> jrw, ok, i see it, thanks
[Sun Aug  2 16:08:22 2015] <schoppenhauer> jrw: any idea how to get such a thing?
[Sun Aug  2 16:08:59 2015] <schoppenhauer> I'm currently trying myself, but the API is a bit strange.
[Sun Aug  2 16:09:09 2015] <jrw> schoppenhauer: I actually have no idea how to use all the FSet/FMap machinery. from like 2 seconds of looking around it looks like the definition of add is exposed, so you could just prove it yourself.
[Sun Aug  2 16:10:48 2015] <jrw> I'll have a go at it
[Sun Aug  2 16:22:40 2015] <jrw> schoppenhauer: okay I think I got it. something like this? https://gist.github.com/wilcoxjay/88f64f6c2d8574263ef6
[Sun Aug  2 16:25:03 2015] <jrw> updated to clean up the first proof a bit
[Sun Aug  2 16:32:12 2015] <johnw> the FMap stuff is bizarrely difficult to use
[Sun Aug  2 16:32:12 2015] <schoppenhauer> jrw: thx. I had to adapt it slightly, my coq version doesn't automatically unify in the line "apply add_MapsTo in Hadd", but it was a trivial change. thank you!
[Sun Aug  2 16:34:17 2015] <jrw> cool. glad it works
[Sun Aug  2 16:48:10 2015] <nkaretnikov> what does ? mean in intros?
[Sun Aug  2 16:48:20 2015] <nkaretnikov> "I don't care how this arg is named"?
[Sun Aug  2 16:48:38 2015] <Cypi> yup
[Sun Aug  2 16:48:41 2015] <nkaretnikov> k
[Sun Aug  2 16:57:35 2015] <schoppenhauer> hm. I still don't quite understand how these +, *, -, bullets work.
[Sun Aug  2 16:57:42 2015] <schoppenhauer> they are there for focussing subproofs
[Sun Aug  2 16:57:49 2015] <schoppenhauer> as far as I see.
[Sun Aug  2 16:58:02 2015] <schoppenhauer> but what if, for example, I have more than 3 levels?
[Sun Aug  2 16:58:14 2015] <jrw> schoppenhauer: :/ yeah you have to use braces to go deeper
[Sun Aug  2 16:58:21 2015] <jrw> or just don't do that :)
[Sun Aug  2 16:58:39 2015] <schoppenhauer> hm. ok, then I rather use the old ; [ ... | ... ] method
[Sun Aug  2 16:58:47 2015] <Cypi> In 8.5, you can also use ++, **, -- and so on up to 3 or 4 characters ^^'
[Sun Aug  2 16:59:32 2015] <jrw> Cypi: whoa really?
[Sun Aug  2 16:59:34 2015] <jrw> mind blown
[Sun Aug  2 16:59:49 2015] <Cypi> Yeah, technology is amazing these days
[Sun Aug  2 17:00:30 2015] <johnw> Cypi: neat, I didn't know that
[Sun Aug  2 17:00:57 2015] <Cypi> Oh, actually, you seem to be able to use any combination of +/*/- and any number of characters :o . Didn't know that.
[Sun Aug  2 17:01:36 2015] <nkaretnikov> do people really use bullets?
[Sun Aug  2 17:01:41 2015] <johnw> i do, all the time
[Sun Aug  2 17:01:42 2015] <Cypi> I do, yes
[Sun Aug  2 17:01:50 2015] <johnw> anytime I have >2 subgoals
[Sun Aug  2 17:01:56 2015] <schoppenhauer> I don't usually, but I see that they might be useful.
[Sun Aug  2 17:02:09 2015] <johnw> with 2 subgoals, I indent the first only
[Sun Aug  2 17:02:14 2015] <johnw> but with >2, I use a bullet for each
[Sun Aug  2 17:02:17 2015] <nkaretnikov> i find sf's cases much better suited for this sort of thing
[Sun Aug  2 17:02:17 2015] <schoppenhauer> I usually bring all my proofs into braced form afterwards.
[Sun Aug  2 17:02:32 2015] <johnw> I use cases too if it's inductive proposition with a lot of different alternatives
[Sun Aug  2 17:02:45 2015] <nkaretnikov> interesting
[Sun Aug  2 17:02:48 2015] <johnw> since cases make it easier to find breakage due to changes in the data type
[Sun Aug  2 17:03:02 2015] <nkaretnikov> oh, yeah
[Sun Aug  2 17:03:06 2015] <johnw> but using cases everywhere is laborious
[Sun Aug  2 17:03:12 2015] <nkaretnikov> there's an emphasis on that in sf
[Sun Aug  2 17:03:30 2015] <johnw> I never use Case with nat induction, for example
[Sun Aug  2 17:03:38 2015] <johnw> the zero case is almost always so tiny, I just indent that one
[Sun Aug  2 17:03:44 2015] <nkaretnikov> wouldn't indentation work, or are you afraid to misalign things?
[Sun Aug  2 17:03:53 2015] <johnw> what, with 2> subgoals?
[Sun Aug  2 17:03:58 2015] <nkaretnikov> yeah
[Sun Aug  2 17:04:01 2015] <johnw> how do you indent that?
[Sun Aug  2 17:04:06 2015] <Cypi> Insteadof indenting, I sometimes use { } when I generated one tiny subgoal along the proof
[Sun Aug  2 17:04:47 2015] <nkaretnikov> johnw: separate each goal with an empty line plus move stuff further to the right if necessary
[Sun Aug  2 17:04:59 2015] <johnw> isn't that equivalent to using bulletns?
[Sun Aug  2 17:05:05 2015] <johnw> you're just using a blank line as your bullet
[Sun Aug  2 17:05:06 2015] <nkaretnikov> Cypi: what's the rule for {}?
[Sun Aug  2 17:05:15 2015] <Cypi> The rule? What do you mean?
[Sun Aug  2 17:05:24 2015] <nkaretnikov> Cypi: can I use them anywhere?
[Sun Aug  2 17:05:29 2015] <Cypi> I think so?
[Sun Aug  2 17:05:32 2015] <nkaretnikov> k
[Sun Aug  2 17:05:36 2015] <johnw> I think he means where are they syntactically valid...
[Sun Aug  2 17:05:43 2015] <nkaretnikov> yeah that
[Sun Aug  2 17:06:06 2015] <johnw> is it a grouping construct that applies anywhere tactics can be used?
[Sun Aug  2 17:06:18 2015] <johnw> i.e., destruct x; { foo; bar }.
[Sun Aug  2 17:06:19 2015] <Cypi> I believe they are basically the same thing as bullets, except that you have to close it
[Sun Aug  2 17:06:21 2015] <nkaretnikov> johnw: the point I'm trying to make is that bullets add more noise.  though, maybe i'm just not used to thme
[Sun Aug  2 17:06:22 2015] <Cypi> oh, no
[Sun Aug  2 17:06:28 2015] <nkaretnikov> them*
[Sun Aug  2 17:06:35 2015] <johnw> nkaretnikov: "-" adds less noise than a blank line and extra indentation
[Sun Aug  2 17:07:28 2015] <Cypi> johnw : sorry for being unclear, you cannot use them inside of tactics, it's, like bullets, a focusing/unfocusing tool, except that you have to close it yourself.
[Sun Aug  2 17:07:36 2015] <johnw> ah, I see
[Sun Aug  2 17:08:00 2015] <Cypi> So the usage could be [assert (stuff). { proof. of. stuff. with. tactics. } rest. of. the. proof.]
[Sun Aug  2 17:10:53 2015] <xeno> hi, if I have H = foo, and H2 = foo -> bar, and I do "apply H2 in H", then bar replaces foo in H, and H is lost
[Sun Aug  2 17:11:07 2015] <xeno> can I avoid that (and create a new hypothesis), and if not, is there a shortcut to copy H?
[Sun Aug  2 17:11:14 2015] <johnw> pose will copy the proof
[Sun Aug  2 17:11:15 2015] <johnw> pose proof H
[Sun Aug  2 17:11:22 2015] <Cypi> You can do [pose proof (H2 H)] directly
[Sun Aug  2 17:11:23 2015] <johnw> also, you don't need to do the apply
[Sun Aug  2 17:11:27 2015] <johnw> just use (H2 H) where you need to
[Sun Aug  2 17:12:01 2015] <Cypi> Also, if it makes sense in your proof, you can use [specialize (H2 H)] (which will replace H2 instead)
[Sun Aug  2 17:13:25 2015] <xeno> well, I sorta want (H2 H) stored as a new hypothesis, I just don't want to overwrite the old ones... at least I don't wanna overwrite H.
[Sun Aug  2 17:13:31 2015] <xeno> if I replace H2 it would be ok
[Sun Aug  2 17:13:49 2015] <johnw> then pose proof (H2 H)
[Sun Aug  2 17:17:20 2015] <xeno> thanks
[Mon Aug  3 04:37:28 2015] <rks`> hi
[Mon Aug  3 04:38:01 2015] <rks`> is there anyway to tell coq that a section parameter should be considered as an implicit parameter outside the section?
[Mon Aug  3 04:50:12 2015] <rks`> ok, Context!
[Mon Aug  3 04:50:29 2015] <Cypi> You can use curly braces around parameters I believe?
[Mon Aug  3 04:50:45 2015] <Cypi> Nvermind, you can't :D
[Mon Aug  3 04:51:06 2015] <rks`> you can't :)
[Mon Aug  3 04:51:42 2015] <rks`> but apparently you can with Context.. but I'm not sure how it behaves w.r.t sections
[Mon Aug  3 04:55:31 2015] <rks`> seems to behave as expected, great
[Mon Aug  3 13:32:29 2015] <alkabetz> I have a bunch of lemmas, and I’d like Coq to do a breadth-first search over the tree generated by rewriting with each of them, possibly multiple times, and trying to do [reflexivity] at each node.  How do I do so?
[Mon Aug  3 13:40:59 2015] <ianjneu> alkabetz: have you read about autorewrite and tactic databases?
[Mon Aug  3 13:41:07 2015] <newsham> using smt to do static analysis of binaries
[Mon Aug  3 13:41:11 2015] <newsham> http://static1.squarespace.com/static/53a64cc2e4b0c63fc41a3320/t/55763177e4b099e5803400e7/1433809298780/Course+Overview.pdf
[Mon Aug  3 13:54:17 2015] <johnw> alkabetz: I'm sure you've read http://www.cis.upenn.edu/~bcpierce/sf/current/UseAuto.html?
[Mon Aug  3 13:55:33 2015] <alkabetz> ianjneu: I forgot you could provide a specific hint database to autorewrite!  I think that’ll work nicely.  Thanks!
[Mon Aug  3 15:03:53 2015] <Tuplanolla> I have problems getting CoqIDE to work with a dark theme.
[Mon Aug  3 15:04:29 2015] <Tuplanolla> I can't override syntax highlighting with coqide-gtk2rc.
[Mon Aug  3 15:08:09 2015] <Tuplanolla> Editing ide/tags.ml and compiling is not an option, because I don't have the disk space for it.
[Mon Aug  3 15:13:32 2015] <sanooj> could you get Gdk.Color.get_system_colormap() to return something you like?
[Mon Aug  3 15:13:56 2015] <sanooj> then you could make "orange red" map to whatever you want
[Mon Aug  3 15:14:37 2015] <Tuplanolla> Could I perhaps LD_PRELOAD that?
[Mon Aug  3 15:15:11 2015] <sanooj> I expect that's a sledgehammer, but sure you could do that. :)
[Mon Aug  3 15:16:03 2015] <Tuplanolla> What options do I have? I can't lecture the developers on reasonable user interface design and have them fix it on the spot.
[Mon Aug  3 15:17:28 2015] <sanooj> I don't know enough about gtk/gdk to say how gdk_colormap_get_system() works and if it's per-app configurable.
[Mon Aug  3 15:21:22 2015] <Tuplanolla> Do you know the exact name of the procedure?
[Mon Aug  3 15:22:19 2015] <sanooj> gdk_colormap_get_system()
[Mon Aug  3 15:22:51 2015] <sanooj> https://developer.gnome.org/gdk2/stable/gdk2-Colormaps-and-Colors.html
[Mon Aug  3 15:23:01 2015] <Tuplanolla> That seems to be in /usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0 for me. Let's tear it open.
[Mon Aug  3 15:23:11 2015] <sanooj> gtg, it be commutin time.
[Mon Aug  3 15:33:36 2015] <osa1> what is βι-reduction rule? is this any different than β-reduction rule?
[Mon Aug  3 15:35:33 2015] <johnw> it's that just beta followed by iota?
[Mon Aug  3 15:35:53 2015] <johnw> iota "simplifies a single match term by determing which pattern matches"
[Mon Aug  3 15:36:20 2015] <osa1> oh it reduces a known case. OK, thanks.
[Mon Aug  3 15:53:23 2015] <Tuplanolla> I got gdk_color_parse overridden, but apparently CoqIDE only uses that for some of the colors.
[Mon Aug  3 15:59:57 2015] <Tuplanolla> Okay, there we go. I'll put it online in case some of you want it.
[Mon Aug  3 17:57:06 2015] <Tuplanolla> There we go: https://github.com/Tuplanolla/coqidefix
[Tue Aug  4 09:20:52 2015] <schoppenhauer> hi. is anyone here who is familiar with VST?
[Tue Aug  4 09:20:59 2015] <schoppenhauer> I need a bit of ... beginner's help.
[Tue Aug  4 09:44:19 2015] <schoppenhauer> more specifically, I don't even know how to specify what my program does, because I don't get the formalism.
[Tue Aug  4 10:06:14 2015] <schoppenhauer> hm. I'll just ask so
[Tue Aug  4 11:04:14 2015] <Ptival> schoppenhauer: you should use the tag verifiable-c on SO, Andrew Appel follows it I believe
[Tue Aug  4 11:04:31 2015] <schoppenhauer> Ptival: yes, I do.
[Tue Aug  4 11:20:32 2015] <magistr> whats nice material on mathematical logic?
[Tue Aug  4 11:26:28 2015] <Tuplanolla> Here's a good book for basic concepts: http://tellerprimer.ucdavis.edu/
[Tue Aug  4 11:29:20 2015] <magistr> Tuplanolla, thanks
[Tue Aug  4 13:31:07 2015] <magistr> how to learn  Homotopy Type Theory?
[Tue Aug  4 13:40:25 2015] <jrw> magistr: the book is pretty good and readable IMO
[Tue Aug  4 13:41:17 2015] <magistr> jrw, whats book?
[Tue Aug  4 13:45:58 2015] <Tuplanolla> This one: http://homotopytypetheory.org/book/
[Tue Aug  4 13:46:32 2015] <magistr> ok
[Tue Aug  4 14:05:22 2015] <schoppenhauer> ok. so ... my question about vst ... http://stackoverflow.com/questions/31813725/array-range-in-precondition
[Wed Aug  5 07:45:33 2015] <schoppenhauer> still no answers ;_; @ http://stackoverflow.com/questions/31813725/array-range-in-precondition
[Wed Aug  5 08:24:52 2015] <schoppenhauer> hm. different question: What exactly does PArray (in native coq) do? are the created arrays just immutable, or is it some kind of diffarray?
[Wed Aug  5 08:26:57 2015] <schoppenhauer> when looking at kernel/parray.ml, it looks like diffarrays, but not sure (I'm not really familiar with ocaml)
[Wed Aug  5 08:55:59 2015] <schoppenhauer> ok they are diffarrays. thx.
[Thu Aug  6 18:03:25 2015] <schoppenhauer> hi. I'm trying to compile my stuff with native-coq. problem: when trying to compile one of my .v-files, I get the error message "Error: Unbound module Nativevalues"
[Thu Aug  6 18:06:07 2015] <schoppenhauer> do I need to install some external library for ocaml?
[Thu Aug  6 18:37:54 2015] <schoppenhauer> hm. and coqtop works but rejects my destruct ... eqn:...
[Thu Aug  6 18:38:02 2015] <schoppenhauer> it doesn't like eqn:, apparently
[Thu Aug  6 18:53:51 2015] <schoppenhauer> ok, apparently, it wants _eqn:
[Thu Aug  6 18:55:01 2015] <aj> schoppenhauer: "destruct (find_notP x) eqn: Hfound." works fine for me fwiw. _eqn works too though
[Thu Aug  6 18:55:30 2015] <QuanticPotato> Hello
[Thu Aug  6 18:55:43 2015] <schoppenhauer> aj: under native-coq?
[Thu Aug  6 18:55:51 2015] <johnw> hi QuanticPotato
[Thu Aug  6 18:56:04 2015] <QuanticPotato> Do you know if there is any paper dealing with Coq for game AI ?
[Thu Aug  6 18:56:17 2015] <QuanticPotato> (Connect Four for example)
[Thu Aug  6 19:06:30 2015] <QuanticPotato> In fact, do you think it could be interesting to formalize a Connect Four strategy in Coq ? (I'm thinking of the Velena algo)
[Thu Aug  6 19:06:55 2015] <QuanticPotato> (I'm looking for a TIPE subject)
[Thu Aug  6 19:09:17 2015] <artart78> hm, what would you prove about the algorithm?
[Thu Aug  6 19:10:25 2015] <jrw> QuanticPotato: I, for one, would be interested in seeing it. but that's probably because I'm not that familiar with the area itself. I think it would be a good exercise to formalize whatever the results of the area are.
[Thu Aug  6 19:10:42 2015] <QuanticPotato> artart78, I don't really know to be honnest ^^
[Thu Aug  6 19:10:46 2015] <johnw> you could prove if there is or isn't a strategy that can always win
[Thu Aug  6 19:11:19 2015] <QuanticPotato> johnw, That's the interesting point ! The first player *always* win
[Thu Aug  6 19:11:30 2015] <Cypi> Isn't it supposed to be a draw?
[Thu Aug  6 19:11:45 2015] <QuanticPotato> I mean, for Connect Four
[Thu Aug  6 19:11:56 2015] <QuanticPotato> (Not tic tac toe)
[Thu Aug  6 19:12:00 2015] <Cypi> Yes, I meant Connect four
[Thu Aug  6 19:12:39 2015] <QuanticPotato> It is described in this thesis : http://www.informatik.uni-trier.de/~fernau/DSL0607/Masterthesis-Viergewinnt.pdf
[Thu Aug  6 19:12:50 2015] <Cypi> Ok, sorry :)
[Thu Aug  6 19:13:30 2015] <artart78> that would be interesting for sure to show that there is a winning strategy for the first player
[Thu Aug  6 19:13:36 2015] <QuanticPotato> Cypi, No problem, it's quite hard to figure out :p
[Thu Aug  6 19:13:55 2015] <artart78> but maybe it's a bit hard to prove
[Thu Aug  6 19:14:10 2015] <QuanticPotato> Yes, probably :/
[Thu Aug  6 19:14:53 2015] <QuanticPotato> I have using Coq only for one year (Trying to formalize my math courses)
[Thu Aug  6 19:16:43 2015] <QuanticPotato> In the mock TIPE, I tried to prove that the signature of a composition is the product of the signatures (for permutations, but I'm not sure of the names in english)
[Thu Aug  6 19:17:01 2015] <QuanticPotato> It's was too hard (Or at least too long ^^), and the proof was incomplete
[Thu Aug  6 19:18:07 2015] <schoppenhauer> shouldn't "proving" be possible by just brute forcing?
[Thu Aug  6 19:18:17 2015] <Cypi> It might take a long time though.
[Thu Aug  6 19:18:20 2015] <artart78> bleh, you're crazy haha
[Thu Aug  6 19:19:41 2015] <schoppenhauer> but with modern supercomputers?
[Thu Aug  6 19:20:13 2015] <johnw> let's get an FPGA and build a tuned ConnectFour solver
[Thu Aug  6 19:20:52 2015] <schoppenhauer> Nine Men's Morris was solved this way, wasn't it?
[Thu Aug  6 19:27:31 2015] <johnw> ConnectFour has already been proved by brute force
[Thu Aug  6 19:27:33 2015] <johnw> https://en.wikipedia.org/wiki/Connect_Four
[Thu Aug  6 19:30:33 2015] <schoppenhauer> so better concentrate on transfinite games like ordinal chomp
[Thu Aug  6 19:33:19 2015] <Cypi> did not know that game, funny topic
[Thu Aug  6 19:33:40 2015] <Cypi> Brute-forcing would literally take forever in that case indeed.
[Thu Aug  6 19:35:25 2015] <johnw> Cypi: "This took about 40,000 hours of computation on the Sun and SGI workstations at the CWI."
[Thu Aug  6 19:35:45 2015] <johnw> 4.56 years of compute time
[Thu Aug  6 19:35:50 2015] <johnw> < forever
[Thu Aug  6 19:36:05 2015] <Cypi> I'm talkking about ordinal chomp :p
[Thu Aug  6 19:36:08 2015] <Cypi> talking*
[Thu Aug  6 19:36:19 2015] <johnw> ahh
[Thu Aug  6 19:37:43 2015] <johnw> hah, "The case of ω × ω × ω Chomp is a notable open problem; a $100 reward has been offered[1] for finding a winning first move."
[Thu Aug  6 19:37:51 2015] <johnw> money in proofs, hurray
[Thu Aug  6 19:37:54 2015] <Cypi> $100, wouhou
[Thu Aug  6 20:06:46 2015] <nkaretnikov> johnw: have you seen proofmarket.org?
[Thu Aug  6 20:07:30 2015] <nkaretnikov> i like that there's a proof of false :)
[Fri Aug  7 03:43:47 2015] <magistr> what a nice material to learn homology theory?
[Fri Aug  7 05:59:20 2015] <{AS}> Hi, does anyone know if code extractor of Coq (to Caml) has been proven correct?
[Fri Aug  7 08:48:16 2015] <cocreature> is there some easy way to separate A /\ B /\ C /\ D (the number of propositions is just an example) without having to run a bunch of inversions and clearing manually?
[Fri Aug  7 08:49:15 2015] <rks`> intuition might do that for you?
[Fri Aug  7 08:49:22 2015] <rks`> (among other things.)
[Fri Aug  7 08:49:41 2015] <cocreature> ah perfect, thanks a lot
[Fri Aug  7 08:49:56 2015] <Cypi> [repeat match goal with H : _ /\ _ |- _ => destruct H end] can also split everything and will do less than intuition
[Fri Aug  7 08:50:33 2015] <Cypi> and if you just want to split one [H : A /\ B /\ C /\ D], you can do something like [destruct H as [? [? [? ?]]].] I believe? (didn't not test, not sure)
[Fri Aug  7 08:51:24 2015] <Anarchos> cocreature split ?
[Fri Aug  7 08:51:29 2015] <cocreature> oh yeah good point Cypi
[Fri Aug  7 08:52:19 2015] <cocreature> Anarchos: nope, I want to split a hypotheses not the goal
[Fri Aug  7 08:52:29 2015] <cocreature> but the solutions already provided all do the trick
[Fri Aug  7 08:58:21 2015] <Ikyushii> hi
[Fri Aug  7 10:39:14 2015] <habecker> hello everyone! I have a small code snipplet implementing Cantor's diagonal argument, http://pastebin.com/8tCZHJ2b, but I'm wondering why the attempted use of eauto in the end does not work, while an explicit successive invocation of eapply and eauto does.
[Fri Aug  7 11:38:15 2015] <jrw> {AS}: the extractor is not verified. you'd need to verify it wrt a formal semantics of both Coq and OCaml, neither of which exist afaik
[Fri Aug  7 11:38:52 2015] <jrw> habecker: I can't see your paste, but that kind of problem is common and usually comes from the fact that eapply "tries harder" than eauto to unify the lemma with the goal
[Fri Aug  7 11:38:59 2015] <jrw> Ikyushii: hi :)
[Fri Aug  7 11:51:09 2015] <habecker> jrw: ah ok. is there any way to change this?
[Fri Aug  7 12:09:27 2015] <{AS}> jrw: Thanks!
[Fri Aug  7 12:09:58 2015] <{AS}> I would have expected that Gallina at least had a formal semantics :)
[Fri Aug  7 12:12:01 2015] <ianjneu> {AS}: specified in which language?
[Fri Aug  7 12:12:10 2015] <jrw> it probably does on paper
[Fri Aug  7 12:12:19 2015] <jrw> habecker: not that I know of :(
[Fri Aug  7 12:12:59 2015] <{AS}> ianjneu: I would think that Gallina itself would suffice
[Fri Aug  7 12:13:10 2015] <{AS}> F* is self certified
[Fri Aug  7 12:14:54 2015] <{AS}> But as jrw mentioned, pen and paper would be fine too. That is how SML is specified
[Fri Aug  7 12:16:02 2015] <ianjneu> I don't trust anything from the F* crowd. Unethical academic practices.
[Fri Aug  7 12:16:41 2015] <{AS}> ianjneu: I do not know anything about the authors.
[Fri Aug  7 12:17:13 2015] <{AS}> Just thought the project seemed nice
[Fri Aug  7 12:17:35 2015] <ianjneu> I'll just channel Dan Friedman and say, "don't believe anything until you implement it yourself."
[Fri Aug  7 12:21:13 2015] <hodapp> F*?
[Fri Aug  7 12:21:44 2015] <hodapp> ehhh, Microsoft Research
[Fri Aug  7 12:21:46 2015] <{AS}> https://www.fstar-lang.org
[Fri Aug  7 12:26:19 2015] <Anarchos> ianjneu what unethical academic practices did you notice ?
[Fri Aug  7 12:29:26 2015] <ianjneu> They write papers about underpowered languages that they still call "f star" but with lowercase or something, and then later make the claim that what they proved was for the full F*
[Fri Aug  7 12:29:50 2015] <benzrf> lol
[Fri Aug  7 12:30:31 2015] <Anarchos> ianjneu microsoft still case unaware ? :)
[Fri Aug  7 12:30:47 2015] <ianjneu> hah
[Fri Aug  7 12:37:22 2015] <habecker> proofs by overloading notation can be quite powerful
[Fri Aug  7 12:39:44 2015] <ianjneu> habecker: as long as they typecheck.
[Sat Aug  8 22:32:22 2015] <benzrf> what are 'proofs by overloading notation'?
[Sun Aug  9 13:44:06 2015] <schoppenhauer> hi. anyone here who has some initial experience with vst?
[Sun Aug  9 13:44:27 2015] <schoppenhauer> because I currently try to learn it, and I am stuck with an example.
[Sun Aug  9 13:44:38 2015] <schoppenhauer> (another one than the unanswered one I already posted)
[Sun Aug  9 16:29:53 2015] <jrw> schoppenhauer: I am also trying to learn it. what's your question?
[Sun Aug  9 16:43:26 2015] <schoppenhauer> jrw: http://stackoverflow.com/questions/31907414/proving-correctness-of-xor-swapping
[Sun Aug  9 16:43:42 2015] <schoppenhauer> this is interesting because it is a common optimization
[Sun Aug  9 16:44:38 2015] <schoppenhauer> and it took me a day to even figure out the specification in vst. somehow, I don't really get it :\
[Sun Aug  9 16:51:35 2015] <schoppenhauer> one problem is thzat all the examples are either at a much higher level, or just a concatenation of two tactics ...
[Sun Aug  9 16:51:57 2015] <schoppenhauer> and ... in vst 1.5, it appears that lots of stuff is not available.
[Sun Aug  9 16:52:07 2015] <schoppenhauer> from the book PLCC
[Sun Aug  9 16:52:11 2015] <schoppenhauer> or has been renamed
[Sun Aug  9 16:55:24 2015] <jrw> yeah it's rough going
[Sun Aug  9 16:55:40 2015] <jrw> I'm trying to fix my vst installation...
[Sun Aug  9 17:02:05 2015] <schoppenhauer> my installation works.
[Sun Aug  9 17:02:11 2015] <schoppenhauer> I have a nix-expression that installs it.
[Sun Aug  9 17:37:05 2015] <schoppenhauer> jrw: so ... you also have no idea?
[Sun Aug  9 17:37:23 2015] <jrw> schoppenhauer: well I got my VST working :)
[Sun Aug  9 17:37:30 2015] <schoppenhauer> ++
[Sun Aug  9 17:37:35 2015] <jrw> I don't understand why [forward] doesn't work
[Sun Aug  9 17:37:42 2015] <jrw> also do you know what MORE_COMMANDS means?
[Sun Aug  9 17:37:45 2015] <schoppenhauer> me neither.
[Sun Aug  9 17:37:49 2015] <schoppenhauer> no.
[Mon Aug 10 13:53:08 2015] <schoppenhauer> hi. hm. ok, vst again. does anyone know how I can evaluate stuff in SEP (...), which contains eval_binop?
[Mon Aug 10 13:54:12 2015] <benzrf> sounds like that's SEP to me :>
[Mon Aug 10 14:00:44 2015] <schoppenhauer> benzrf: ?
[Mon Aug 10 14:01:11 2015] <benzrf> sep = somebody else's problem
[Mon Aug 10 14:02:01 2015] <johnw> i don't really understand want to acronymize everything, since they end up needing to say the full words anyway
[Mon Aug 10 14:03:58 2015] <benzrf> i dont rly say 'sep'
[Mon Aug 10 14:04:04 2015] <benzrf> i just used it bc schoppenhauer said 'sep' meaning something else
[Mon Aug 10 14:04:16 2015] <johnw> ah, cute!
[Mon Aug 10 14:04:18 2015] <benzrf> im not sure that 'sep' has been used that way outside of h2g2 anyway
[Mon Aug 10 14:04:23 2015] <johnw> I just had a co-worker that used to do that
[Mon Aug 10 14:04:29 2015] <johnw> I never understood what he was saying
[Mon Aug 10 18:14:27 2015] <smearsegu> Hi I have a question regarding proof general and emacs on windows
[Mon Aug 10 18:14:32 2015] <smearsegu> I can't seem to get the loadpath right
[Mon Aug 10 18:14:46 2015] <smearsegu> I have set coq-auto-compile to on
[Mon Aug 10 18:15:06 2015] <smearsegu> and I'm requiring a library in a file
[Mon Aug 10 18:15:11 2015] <smearsegu> this library has a source file in the same folder
[Mon Aug 10 18:15:18 2015] <smearsegu> but proof general can't find it
[Mon Aug 10 22:59:48 2015] <benzrf> arghh
[Mon Aug 10 22:59:52 2015] <benzrf> coq has corrupted me
[Mon Aug 10 23:00:01 2015] <benzrf> i keep trying to end my sql queries with periods ;-;
[Tue Aug 11 00:39:19 2015] <johnw> benzrf: I keep interchanging : and :: in Haskell
[Tue Aug 11 00:39:26 2015] <benzrf> :}
[Tue Aug 11 00:39:35 2015] <johnw> I do it constantly, and it takes me a minute to figure out what's wrong
[Tue Aug 11 00:39:39 2015] <johnw> length (x :: xs)
[Tue Aug 11 00:39:41 2015] <johnw> what's the problem?
[Tue Aug 11 14:36:55 2015] <Arthur_Rainbow> Hi. I've got a question. If I know some coq, is there any project I could join ? Something I could help.
[Tue Aug 11 15:07:07 2015] <jrw> Arthur_Rainbow: what kind of stuff are you interested in?
[Tue Aug 11 15:14:53 2015] <jrw> I would say you should work on whatever is most interesting to you. in my experience, I've learned more from trying to do stuff myself.
[Tue Aug 11 15:15:32 2015] <jrw> but I can understand the appeal of working on something established. I might recommend looking at the verified software tool chain http://vst.cs.princeton.edu/ as an interesting big project
[Tue Aug 11 15:15:51 2015] <jrw> they've designed a verified program logic for a dialect of C that can be compiled by compcert
[Tue Aug 11 15:23:42 2015] <Tuplanolla> There's also this project, but I don't know how accessible it is: http://corn.cs.ru.nl/
[Tue Aug 11 21:44:51 2015] <dramforever> hello? I just downloaded coq8.5 beta 2 and installed it to my home directory
[Tue Aug 11 21:45:06 2015] <dramforever> however there doesn't seem to be syntax highlighting in coqide
[Tue Aug 11 21:46:37 2015] <dramforever> is this expected? because before that I got coq from yum and there seems to be highlighting
[Tue Aug 11 21:46:59 2015] <dramforever> FYI it still colors processed proofs green
[Tue Aug 11 21:47:20 2015] <dramforever>  
[Wed Aug 12 07:57:30 2015] <magistr> How to learn homology theory?
[Wed Aug 12 08:40:07 2015] <nkaretnikov> magistr: are you a bot?  you keep asking "How to learn x?" every day
[Wed Aug 12 08:41:20 2015] <magistr> nkaretnikov, ok, i'm bot, may be i get answer
[Wed Aug 12 08:42:04 2015] <nkaretnikov> what i'm saying is that you shouldn't use this channel for everything
[Wed Aug 12 08:42:11 2015] <nkaretnikov> try #haskell-blah
[Wed Aug 12 08:42:13 2015] <nkaretnikov> or google
[Wed Aug 12 08:42:53 2015] <nkaretnikov> you were asking questions about category theory the other day, have you learned it already?
[Wed Aug 12 08:42:54 2015] <magistr> it is a lot of material on homology and anybody knows nice books
[Wed Aug 12 08:43:21 2015] <magistr> cat theory is a very easy
[Wed Aug 12 08:46:03 2015] <magistr> and axiomatic set theory is more useful
[Wed Aug 12 08:49:09 2015] <magistr> nkaretnikov, and you should ignore me
[Wed Aug 12 08:50:19 2015] <magistr> nkaretnikov, or ask ops
[Wed Aug 12 08:51:20 2015] <nkaretnikov> of course i can ignore you, but i don't want this channel to turn into #emacs.
[Wed Aug 12 08:54:54 2015] <magistr> the knowledge of coq implies rather good mathematical preparation and human factor
[Wed Aug 12 08:57:20 2015] <Tuplanolla> I don't mind off-topic discussion when there's nothing else.
[Wed Aug 12 08:58:18 2015] <nkaretnikov> Tuplanolla: the problem with this is that newcomers may hesitate to ask because the channel is noisy.
[Wed Aug 12 08:58:49 2015] <nkaretnikov> should i start asking irrelevant questions just because no one is talking at the moment?
[Wed Aug 12 08:59:25 2015] <rks`> you should chill.
[Wed Aug 12 09:05:48 2015] <notdan> axiomatic set theory is more useful than category theory?
[Wed Aug 12 09:23:30 2015] <hodapp> nkaretnikov: already banned from #haskell for similar.
[Wed Aug 12 10:18:14 2015] <Arthur_Rainbow> jrw: I do work on my own, trying to prove algorithm I learn or some math properties. But it would be nice to be part of a project, to do some things which as not be done before and which may be used by other people later.
[Wed Aug 12 10:18:23 2015] <Arthur_Rainbow> Thanks for the link, I'll look at them
[Wed Aug 12 11:22:27 2015] <jrw> Arthur_Rainbow: also on a more selfish note, I work on verifying distributed systems in coq. if that kind of thing interests you, we'd be very happy to take contributions. you can checkout https://github.com/uwplse/verdi .
[Wed Aug 12 12:36:58 2015] <stelleg> I'm playing with proving that a relation along with a proof that said relation is a total function can be converted into a coq function, but struggling a bit. Anyone have suggested readings or resources for this area?
[Wed Aug 12 12:39:00 2015] <ianjneu> There are total non-computable functions, so you can't.
[Wed Aug 12 12:39:55 2015] <ianjneu> Showing that a relation is functional doesn't show that it is decidable.
[Wed Aug 12 12:40:27 2015] <stelleg> ianjneu: oh right, good point. thanks for saving me some wasted time!
[Wed Aug 12 12:42:49 2015] <stelleg> for my own understanding, it would be possible to do the conversion to a Haskell function, which lets you write undecideable functions.
[Wed Aug 12 12:42:52 2015] <stelleg> correct?
[Wed Aug 12 12:45:05 2015] <ianjneu> Nope.
[Wed Aug 12 12:46:21 2015] <ianjneu> Unless you can enumerate all elements of the type to do a semidecision infinite crawl looking for the output values.
[Wed Aug 12 12:50:17 2015] <stelleg> Hmm. I'll have to think/read about that some more. Thanks!
[Wed Aug 12 13:35:18 2015] <Tuplanolla> How complicated is Coq's type checking implementation in comparison to, say, GHC's System FC?
[Wed Aug 12 13:38:16 2015] <Tuplanolla> I'm merely looking for an estimate, something on a scale from Scheme interpreter to Risch algorithm.
[Wed Aug 12 13:52:37 2015] <Ptival> Tuplanolla: what kind of measure are you looking for?
[Wed Aug 12 13:52:52 2015] <Tuplanolla> Hand waving is sufficient.
[Wed Aug 12 13:53:58 2015] <Tuplanolla> I'm planning to look into implementing a toy type checker.
[Wed Aug 12 13:54:05 2015] <Ptival> but, lines of code, or number of rules, or...?
[Wed Aug 12 14:42:29 2015] <ianjneu> Tuplanolla: if you want "type-checks + ~type-checks" then it's around 1000 lines. If you want a useful typechecker that has source location information, unification, and useful error messages, you're looking at 10K easy.
[Wed Aug 12 14:43:46 2015] <ianjneu> Just take a look at the cubicaltt repo on github. It's intended to be a toy, but is still fairly large due to trying to be at least a little helpful when something goes wrong.
[Wed Aug 12 14:46:01 2015] <Tuplanolla> I'm also looking at Idris.
[Wed Aug 12 14:46:50 2015] <Tuplanolla> It seems to be at 10 k.
[Wed Aug 12 14:48:36 2015] <ianjneu> Tuplanolla: Edwin claims that you shouldn't approach implementing a dependent type checker on its face. Instead you should write a tactic-based proof assistant and get the type-checking as a side-effect.
[Wed Aug 12 14:49:11 2015] <magistr> fp language needs a lot of math knowledge
[Wed Aug 12 14:49:44 2015] <ianjneu> magistr: nope, just a definition lookup.
[Wed Aug 12 14:50:55 2015] <Tuplanolla> Would it be possible to have optional dependent types?
[Wed Aug 12 14:51:12 2015] <ianjneu> optional or gradual?
[Wed Aug 12 14:51:49 2015] <Tuplanolla> I don't remember the difference, but I mean that you could add types as you go, if you wanted to.
[Wed Aug 12 14:52:21 2015] <ianjneu> Optional: dependency is erased and unchecked with interactions with code that wasn't dependently typed and checked. Just, go.
[Wed Aug 12 14:53:00 2015] <ianjneu> Gradual: types are translated into higher-order assertions called software contracts and enforced at the boundaries between typed/untyped.
[Wed Aug 12 14:53:40 2015] <ianjneu> It's obviously true that optional typing is possible due to the existence of extraction.
[Wed Aug 12 14:54:39 2015] <ianjneu> But your interactions with the code must be with the post-extraction types, which isn't necessarily user-friendly.
[Wed Aug 12 14:55:05 2015] <Tuplanolla> Optional was the right word then. I might want to try it myself.
[Wed Aug 12 14:57:58 2015] <Tuplanolla> I have this silly idea of an educational language that would be easy enough for students to understand and then implement partially.
[Wed Aug 12 14:59:06 2015] <ianjneu> Tuplanolla: Look at Conor McBride's paper on it's simply easy
[Wed Aug 12 14:59:24 2015] <Tuplanolla> What's the title?
[Wed Aug 12 14:59:37 2015] <ianjneu> http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.207.4850
[Wed Aug 12 14:59:54 2015] <ianjneu> Simply eas! - an implementation of a dependently typed lambda calculus.
[Wed Aug 12 15:00:03 2015] <ianjneu> s/eas!/easy!/
[Wed Aug 12 15:00:14 2015] <Tuplanolla> Thank you. Let's see.
[Wed Aug 12 15:02:18 2015] <ianjneu> Andrej Bauer has some blog posts about it too
[Wed Aug 12 15:06:30 2015] <Tuplanolla> This paper does not mention totality. Is it implied or am I missing something?
[Wed Aug 12 15:12:05 2015] <schoppenhauer> hi. where is the calculus of constructions in the way that it is currently used in coq described?
[Wed Aug 12 15:12:27 2015] <Tuplanolla> I think it's mentioned in the faq.
[Wed Aug 12 15:12:58 2015] <Tuplanolla> Here: https://coq.inria.fr/faq#htoc8
[Wed Aug 12 15:13:43 2015] <schoppenhauer> kthx.
[Wed Aug 12 15:35:49 2015] <schoppenhauer> hm. is this let ... in ... construct relevant for the theory? isn't let x := y in T usually just an abbrevitation for (fun x => T) y ?
[Wed Aug 12 15:41:14 2015] <schoppenhauer> or do I miss something?
[Wed Aug 12 15:49:48 2015] <sunnymilk> schoppenhauer yes they are the same if y is pure
[Wed Aug 12 15:51:23 2015] <schoppenhauer> sunnymilk: pure?
[Wed Aug 12 15:52:25 2015] <sunnymilk> has no side effects
[Wed Aug 12 15:52:37 2015] <schoppenhauer> it's coq. it cannot have side effects.
[Wed Aug 12 15:52:40 2015] <schoppenhauer> or can it?
[Wed Aug 12 15:53:00 2015] <sunnymilk> thats true but there are other languages with let constructs that can
[Wed Aug 12 15:53:28 2015] <schoppenhauer> yes, but why does coq have the let construct in its base theory then?
[Wed Aug 12 15:53:41 2015] <schoppenhauer> and not just as a mere abbrevitation
[Wed Aug 12 15:54:00 2015] <ianjneu> It extracts better, I imagine.
[Wed Aug 12 15:54:04 2015] <schoppenhauer> ok
[Wed Aug 12 17:04:24 2015] <sunnymilk> schoppenhauer you may be interested in this: https://coq.inria.fr/refman/Reference-Manual006.html#sec170 , it says ``Remark: We may have let x:=t in u well-typed without having ((λ x:T.  u) t) well-typed (where T is a type of t). This is because the value t associated to x may be used in a conversion rule (see Section 4.3).''
[Wed Aug 12 17:04:50 2015] <schoppenhauer> indeed. thx.
[Thu Aug 13 17:38:00 2015] <stelleg> any idea what the tactic to pull a function into a let body is? e.g. I have f (let a = b in c) = let a = b in (f c).
[Thu Aug 13 17:39:47 2015] <stelleg> maybe a bit more clear: I would like a rule that gives the following implication: "(f (let a = b in c)) -> (let a = b in (f c))"
[Thu Aug 13 17:40:01 2015] <johnw> i recall this being asked not long ago...
[Thu Aug 13 17:40:41 2015] <stelleg> apologies if there are logs I should be searching, didn't see them in the header
[Thu Aug 13 17:40:53 2015] <johnw> well, I can't find it so no problem
[Thu Aug 13 17:41:23 2015] <johnw> i'm guessing simplification is not helping?
[Thu Aug 13 17:41:37 2015] <stelleg> I've only tried simpl
[Thu Aug 13 17:42:07 2015] <stelleg> if there's a more powerful simplification that might do it that would be fine
[Thu Aug 13 17:42:09 2015] <jrw> stelleg: afaik there's no tactic for that. I would prove it as a lemma
[Thu Aug 13 17:42:17 2015] <jrw> simpl is not going to do that for you.
[Thu Aug 13 17:42:38 2015] <stelleg> jrw: ok, thanks
[Thu Aug 13 17:42:51 2015] <johnw> this is trivial to prove
[Thu Aug 13 17:43:09 2015] <johnw> Goal forall A f (a b c : A), (f (let a := b in c)) -> (let a := b in (f c)).
[Thu Aug 13 17:43:09 2015] <johnw> Proof. auto. Qed.
[Thu Aug 13 17:44:33 2015] <stelleg> johnw: thanks
[Thu Aug 13 17:44:46 2015] <stelleg> weird that auto can do it there but not in my special cause
[Thu Aug 13 17:47:17 2015] <jrw> there's something fishy there
[Thu Aug 13 17:48:04 2015] <jrw> because c could depend on a
[Thu Aug 13 17:48:07 2015] <jrw> but that lemma doesn't allow it
[Thu Aug 13 17:48:28 2015] <jrw> that lemma basically shows that it's true in the special case where c doesn't depend on a
[Thu Aug 13 17:50:07 2015] <jrw> and it's goin to be annoying to rewrite by the generalized lemma :/
[Thu Aug 13 17:51:09 2015] <jrw> stelleg: btw, the tactic [cbv zeta] may also work in your case.
[Thu Aug 13 17:53:09 2015] <johnw> ah
[Thu Aug 13 18:03:45 2015] <stelleg> jrw: thanks, i'll try that
[Thu Aug 13 18:20:09 2015] <stelleg> hmm
[Thu Aug 13 18:20:41 2015] <stelleg> so it seem to have issues because of a pattern matched tuple in the let
[Thu Aug 13 18:21:24 2015] <stelleg> using johnw's lemma doesn't seem to unify correctly, and trying to prove it on the more specific case doesn't work
[Thu Aug 13 18:22:08 2015] <stelleg> neither does the [cbv zeta]
[Thu Aug 13 18:29:07 2015] <stelleg> gives this unification error, although it seems as though it should unify succesfully: http://sprunge.us/QHjN
[Thu Aug 13 18:47:58 2015] <jrw> stelleg: oh, yeah. destructing let is totally different unfortunately :(
[Thu Aug 13 18:48:04 2015] <jrw> give me a sec and I'll try to cook something up
[Thu Aug 13 18:51:25 2015] <stelleg> jrw: bummer, but thanks!
[Thu Aug 13 19:07:53 2015] <stelleg> so it looks like you destruct the b in johnw's case above then it works it out
[Thu Aug 13 19:08:15 2015] <jrw> yeah I can't get a nice lemma version of it
[Thu Aug 13 19:08:22 2015] <jrw> but destruct will definitely work
[Thu Aug 13 19:09:54 2015] <stelleg> i ended up with a specialized lemma for exactly what I wanted to do, not ideal but meh: forall x, fst (fmap_succ x) = fst x
[Thu Aug 13 19:11:20 2015] <stelleg> of course now it's not unifying with the hypothesis that it should be :(
[Thu Aug 13 19:14:59 2015] <stelleg> thanks again for the help!
[Thu Aug 13 23:21:56 2015] <viatropos> *almost* understand now how propositions in coq work now, so excited. wondering one thing now about "less than or equal to"
[Thu Aug 13 23:22:17 2015] <viatropos> coq defines it here https://github.com/coq/coq/blob/trunk/theories/Init/Peano.v#L154
[Thu Aug 13 23:22:35 2015] <viatropos> that returns a [nat -> Prop] type
[Thu Aug 13 23:22:45 2015] <viatropos> how do you make this act like a programming language?
[Thu Aug 13 23:23:00 2015] <viatropos> like in javascript, you can create function le(n, m) { return n < m }
[Thu Aug 13 23:23:04 2015] <viatropos> which is a boolean
[Thu Aug 13 23:23:09 2015] <viatropos> true/false
[Thu Aug 13 23:23:13 2015] <viatropos> how do you do that in coq?
[Thu Aug 13 23:23:42 2015] <viatropos> does there need to be a definition that takes the "le as Prop", and maps to true or false?
[Thu Aug 13 23:25:53 2015] <Cypi> viatropos : what you can do is write a function like this one [Definition le_lt_dec n m : {n <= m} + {m < n}.] which will either return a proof that n <= m or a proof that m < n
[Thu Aug 13 23:26:10 2015] <Cypi> you can do this because you can prove that comparison on natural numbers is actually decidable
[Thu Aug 13 23:26:20 2015] <Cypi> (this is not the case for everything in Prop)
[Thu Aug 13 23:26:54 2015] <Cypi> Then you could indeed use the result of this function like boolean carrying a little bit more information
[Thu Aug 13 23:29:47 2015] <viatropos> Cypi: so that expands to something like [Definition le_lt_dec : forall n m : nat, sumbool (le n m) (lt m n)]
[Thu Aug 13 23:30:04 2015] <viatropos> where should i look to learn more?
[Thu Aug 13 23:31:11 2015] <viatropos> why can't u just do [Definition is_le n m : match n with n <= m => True ... ] something like that?
[Thu Aug 13 23:31:28 2015] <Cypi> About le_lt_dec specifically? You could just take a look at its definition in the standard library: [Require Import Arith. Print le_lt_dec.]
[Thu Aug 13 23:31:35 2015] <Cypi> or you could try to write it yourself :p
[Thu Aug 13 23:32:03 2015] <Cypi> You cannot match directly on something in Prop, because you can only match on something which is in an inductive type
[Thu Aug 13 23:32:13 2015] <Cypi> (or coinductive type, but let's put that aside)
[Thu Aug 13 23:32:26 2015] <viatropos> ok cool, well will have to try that then, understanding the implementation of le_lt_dec
[Thu Aug 13 23:34:39 2015] <Cypi> You can try to write it yourself using tactics if you want. Start with [Definition le_lt_dec n m : {n <= m} + {m < n}. Proof. revert m; induction n.]
[Thu Aug 13 23:35:11 2015] <Cypi> (you might need some auxiliary lemmas about basic stuff about <= and <, or you can use directly [auto with arith] instead, as you wish)
[Thu Aug 13 23:36:33 2015] <viatropos> thank you!
[Thu Aug 13 23:37:38 2015] <viatropos> Do you mind explaining in a casual way what is required to have "n <= m" be true/false boolean?
[Thu Aug 13 23:37:50 2015] <viatropos> so first, we have a proposition [le]
[Thu Aug 13 23:38:11 2015] <viatropos> this is just a proposition saying "there are two numbers n and m where n is less than or equal to m", correct?
[Thu Aug 13 23:38:19 2015] <viatropos> it doesn't say anything about true or false booleans
[Thu Aug 13 23:38:30 2015] <Cypi> So for every natural numbers n m, we get a proposition [le n m] (or [n <= m])
[Thu Aug 13 23:38:31 2015] <viatropos> then the next thing is to do something about decidability
[Thu Aug 13 23:38:37 2015] <viatropos> k
[Thu Aug 13 23:38:48 2015] <Cypi> indeed. You need to prove that the proposition [n <= m] is decidable
[Thu Aug 13 23:39:06 2015] <viatropos> why do you need to do that to get true/false booleans?
[Thu Aug 13 23:39:10 2015] <Cypi> and proving this is the same thing as actually giving a function which actually tells if [n <= m] or [~ (n <= m)]
[Thu Aug 13 23:39:57 2015] <viatropos> how did you know that you need to prove if it's decidable?
[Thu Aug 13 23:40:02 2015] <Cypi> This is basically the same thing: if for some proposition P, you can evaluate P to true or false (while respecting the truth/falsehood of P), then P is decidable
[Thu Aug 13 23:40:23 2015] <viatropos> ah
[Thu Aug 13 23:40:25 2015] <viatropos> interesting
[Thu Aug 13 23:41:02 2015] <Cypi> So you could also write some function [Definition foo n m : bool.], and then prove that [foo n m = true <-> n <= m]
[Thu Aug 13 23:43:12 2015] <viatropos> are these ideas sort of encapsulated in this symbol? https://github.com/coq/coq/blob/3fcadca93b8d9dd70d9d93412cbacf8d4e851ed7/theories/Init/Specif.v#L195
[Thu Aug 13 23:43:21 2015] <viatropos> sumbool* (not symbol)
[Thu Aug 13 23:44:15 2015] <Cypi> sumbool is just an enriched booleans: it carries a proof in each branch, not just true/false. So it's not directly related, but they are useful to express decidability of some proposition P.
[Thu Aug 13 23:44:32 2015] <viatropos> ok
[Thu Aug 13 23:44:34 2015] <Cypi> (the decidability of P can just be expressed by [{P} + {~ P}]
[Thu Aug 13 23:44:35 2015] <Cypi> )
[Thu Aug 13 23:45:10 2015] <viatropos> ok this is very helpful, will have to learn more about decidability
[Fri Aug 14 00:11:26 2015] <johnw> viatropos: for example, the type "a = b" has a single inhabitant.  Since a function accepting such an argument is only callable if you have that inhabitant, there's nothing to "decide".  But {P} + {~P} gives you _either_ the witness to the truth of P, or to its falsehood, and this either/or nature of sumbool lets you branch on the difference, i.e., make a decision based on its truth.
[Fri Aug 14 00:12:48 2015] <viatropos> where do i get a good foundation on decidability?
[Fri Aug 14 00:16:03 2015] <johnw> viatropos: https://en.wikipedia.org/wiki/Decidability_(logic)
[Fri Aug 14 00:16:42 2015] <viatropos> oh wondering if there's a particular book with many examples and such
[Fri Aug 14 00:17:00 2015] <johnw> well, it's such a basic idea that I've actually never run into a good discussion about it
[Fri Aug 14 00:17:32 2015] <viatropos> interesting
[Fri Aug 14 00:17:38 2015] <johnw> if you can use a piece of information to decide between multiple courses of action, meaningfully in each direction, then that thing is decidable
[Fri Aug 14 00:18:10 2015] <viatropos> what about, is decidability directly tied to the idea of "booleans"?
[Fri Aug 14 00:18:39 2015] <johnw> booleans are decidable
[Fri Aug 14 00:18:50 2015] <johnw> given some x : bool, you can test whether x is true or not
[Fri Aug 14 00:19:02 2015] <johnw> they just aren't terribly meaningful (boolean blindness)
[Fri Aug 14 00:19:04 2015] <viatropos> but a bool _is_ true by definition (or false)
[Fri Aug 14 00:19:32 2015] <johnw> right, and you can ask which one it is
[Fri Aug 14 00:19:44 2015] <johnw> if a thing is undeciable, you might know it exists, but you can't ask
[Fri Aug 14 00:19:54 2015] <viatropos> so something is decidable if it returns a boolean true or false only?
[Fri Aug 14 00:19:59 2015] <johnw> no
[Fri Aug 14 00:20:19 2015] <viatropos> wikipedia says "an algorithm that can and will return a Boolean true or false value (instead of looping indefinitely)"
[Fri Aug 14 00:20:34 2015] <johnw> take {P} + {~P}, for example
[Fri Aug 14 00:20:47 2015] <johnw> this is really a type: sumbool := inl P | inr (~ P)
[Fri Aug 14 00:20:56 2015] <johnw> it's like an enriched boolean
[Fri Aug 14 00:21:07 2015] <johnw> the trueness or falseness carries evidence of the decision
[Fri Aug 14 00:21:43 2015] <viatropos> i'm not quite there yet, i'm not too familiar with sumbool or inl/inr
[Fri Aug 14 00:21:57 2015] <viatropos> i get a vague sense of what you're saying, but still isn't clicking
[Fri Aug 14 00:24:15 2015] <johnw> if you're googling, also look at descriptions of undecidability
[Fri Aug 14 00:24:22 2015] <johnw> it might make more sense from that perspective
[Fri Aug 14 00:24:42 2015] <viatropos> ok sounds good
[Fri Aug 14 00:29:40 2015] <viatropos> so both decidability / undecidability are about decision problems https://en.wikipedia.org/wiki/Decision_problem
[Fri Aug 14 00:29:54 2015] <viatropos> and they keep saying it leads to a "yes" or "no" answer, which is a boolean basically
[Fri Aug 14 00:30:16 2015] <johnw> other descriptions you'll find say that it consists of being to identify the member of a set
[Fri Aug 14 00:31:41 2015] <viatropos> ah, and the set they're referring to is booleans
[Fri Aug 14 00:31:55 2015] <viatropos> so you decide if something belongs to a set, where the common case is boolean true/false?
[Fri Aug 14 00:31:56 2015] <johnw> yeah, for decision problems it's just yes/no
[Fri Aug 14 00:32:13 2015] <johnw> that's a little less common when doing constructive proofs, but sure
[Fri Aug 14 00:37:30 2015] <viatropos> ok, it's starting to sink in some more
[Fri Aug 14 00:37:37 2015] <viatropos> starting to make sense
[Fri Aug 14 00:40:14 2015] <viatropos> i guess the main thing that's tripping me up is i keep thinking about this thing (function or whatever, that tests if n <= m) is actually doing some computation
[Fri Aug 14 00:40:32 2015] <viatropos> like in javascript, it performs some machine code computation to get the value
[Fri Aug 14 00:40:42 2015] <johnw> n <= m is a type
[Fri Aug 14 00:40:44 2015] <viatropos> but here there's no computation, you are proving
[Fri Aug 14 00:40:47 2015] <viatropos> yeah
[Fri Aug 14 00:41:02 2015] <johnw> now, ssreflect does have a version of <= that is a procedure that returns a boolean
[Fri Aug 14 00:41:06 2015] <johnw> and as a result, it's decidable
[Fri Aug 14 00:41:14 2015] <viatropos> interesting
[Fri Aug 14 00:41:50 2015] <johnw> any function less_than_or_equal (x y : nat) : bool has that property
[Fri Aug 14 00:41:55 2015] <johnw> but (x : n <= m) does not
[Fri Aug 14 00:42:28 2015] <johnw> there's only one inhabitant there, so there is no "yes/no"; if it weren't true, "x" wouldn't exist at all
[Fri Aug 14 00:42:37 2015] <viatropos> why does coq define le like the later, rather than the former?
[Fri Aug 14 00:42:51 2015] <johnw> well, there's a whole lot of power in being able to say that x only *exists* if n <= m
[Fri Aug 14 00:42:59 2015] <johnw> meaning, the function can't even be called if it's not already true
[Fri Aug 14 00:43:06 2015] <johnw> that's something being decided at compile-time, not runtime
[Fri Aug 14 00:43:45 2015] <johnw> a boolean returning function doesn't convey type-level information, unless you reflect it back to the type level by saying less_than_or_equal x y = true
[Fri Aug 14 00:44:15 2015] <johnw> and this sort of "small scale" reflection is what ssreflect was created for
[Fri Aug 14 00:46:28 2015] <viatropos> interesting, what do you mean by reflection here?
[Fri Aug 14 00:46:48 2015] <viatropos> like, from [less_than_or_equal x y = true] you can get the type [x <= y]
[Fri Aug 14 00:46:49 2015] <viatropos> ?
[Fri Aug 14 01:04:46 2015] <johnw> yeah, there is a way to go between them
[Fri Aug 14 10:39:30 2015] <stelleg> one thing I'm stuck on is the inability to use a quantified lemma inside a function body. for a trivial example, trying to use a lemma forall x, id x = x, inside map (fun a => id a). am I missing something?
[Fri Aug 14 10:42:41 2015] <stelleg> it seems to fail to unify the quantified x and a, but I'm not sure why. in my particular case, they even have the exact same concrete type
[Fri Aug 14 10:50:38 2015] <ianjneu> stelleg: do you have Set Implicit Arguments.?
[Fri Aug 14 10:52:20 2015] <ianjneu> Better yet, a proof script showing where you're stuck would help.
[Fri Aug 14 11:09:45 2015] <stelleg> ianjneu: thanks, tried implicit arguments, that didn't seem to help
[Fri Aug 14 11:09:56 2015] <stelleg> here's the simple example: http://sprunge.us/fBKU
[Fri Aug 14 11:12:21 2015] <stelleg> rewrite id_x fails with goal 'map (fun a : A => id a) x = x', with error Error: Found no subterm matching "id ?1195" in the current goal.
[Fri Aug 14 11:15:38 2015] <johnw> stelleg: you typically can't rewrite under binders
[Fri Aug 14 11:15:50 2015] <johnw> induction x; auto; simpl. rewrite IHx. rewrite id_x. reflexivity. solves your goal
[Fri Aug 14 11:17:17 2015] <stelleg> johnw: thanks! I don't quite undersand why you can't rewrite under binders though
[Fri Aug 14 11:17:47 2015] <stelleg> if the variable is quantified over all terms of that type, who cares if it is bound locally?
[Fri Aug 14 11:17:51 2015] <johnw> see https://coq.inria.fr/refman/Reference-Manual029.html, section 26.10
[Fri Aug 14 11:17:56 2015] <stelleg> johnw: thanks!
[Fri Aug 14 14:13:38 2015] <Tuplanolla> Is there a command like Check for tactics?
[Fri Aug 14 14:19:45 2015] <Tuplanolla> Print Ltac trivial. does nothing.
[Fri Aug 14 14:29:15 2015] <Tuplanolla> I'm actually looking for Theorem _: forall x : Prop, x -> x., which is trivial.
[Fri Aug 14 15:07:37 2015] <`^_^v> dumb question -- i have two hypotheses, "if A then B else C" and "A = true", how can i simplify the former to B?
[Fri Aug 14 15:09:09 2015] <`^_^v> never mind, i figured it out. rewrite
[Fri Aug 14 16:14:33 2015] <johnw> Tuplanolla: that should just be "id"
[Fri Aug 14 16:16:12 2015] <Tuplanolla> Oh, of course: intro. apply id. Qed.. Thanks for that.
[Fri Aug 14 20:21:53 2015] <arvisrend> can anyone remind me how to have coq show the defn of a name
[Fri Aug 14 20:21:54 2015] <arvisrend> ?
[Fri Aug 14 20:22:46 2015] <Cypi> [Print name.]
[Fri Aug 14 20:22:59 2015] <arvisrend> thanks
[Fri Aug 14 20:24:37 2015] <arvisrend> is there a version of this which does not do the standard "simplifications"?
[Fri Aug 14 20:27:57 2015] <Cypi> I don't think Print performs any simplification?
[Fri Aug 14 20:28:25 2015] <arvisrend> hmm weird
[Fri Aug 14 20:28:34 2015] <arvisrend> because it prints some huge terms
[Fri Aug 14 20:28:38 2015] <arvisrend> still quite useful
[Fri Aug 14 20:29:03 2015] <Cypi> How are huge terms simplified?
[Fri Aug 14 20:29:16 2015] <Cypi> (I think I misunderstood something)
[Fri Aug 14 20:29:19 2015] <arvisrend> i mean unfolded, sry
[Fri Aug 14 20:30:18 2015] <Cypi> Hmm, again, I did not think Print would unfold anything that wasn't unfolded in the first place
[Fri Aug 14 20:31:20 2015] <arvisrend> ok this is weird http://pastebin.com/fZxCVSYe
[Fri Aug 14 20:31:26 2015] <arvisrend> because i doubt this is how the function was defined
[Fri Aug 14 20:31:56 2015] <Cypi> Ah, I see
[Fri Aug 14 20:32:11 2015] <Cypi> There are 2 things here
[Fri Aug 14 20:32:13 2015] <Cypi> One is the fixpoint
[Fri Aug 14 20:32:27 2015] <Cypi> if you define something using Fixpoint, it will be translated to something with [fix]
[Fri Aug 14 20:32:30 2015] <Cypi> which is the case here
[Fri Aug 14 20:32:37 2015] <arvisrend> yeah that one was clear
[Fri Aug 14 20:32:38 2015] <arvisrend> but wait
[Fri Aug 14 20:32:49 2015] <arvisrend> can it be that there was a compound match construct in the def which has become a nested match?
[Fri Aug 14 20:32:53 2015] <Cypi> The other thing seems to be a pattern-matching on two expressions at the same time
[Fri Aug 14 20:33:02 2015] <Cypi> which is translated, indeed, to successive pattern-matchings
[Fri Aug 14 20:33:07 2015] <arvisrend> right, so it isn't all that different from the definition
[Fri Aug 14 20:33:09 2015] <arvisrend> thank you
[Fri Aug 14 20:33:10 2015] <Cypi> I believe there is actually a printing option for that one
[Fri Aug 14 20:33:37 2015] <Cypi> Set Printing Matching.
[Fri Aug 14 20:33:40 2015] <Cypi> maybe
[Fri Aug 14 20:34:37 2015] <arvisrend> oh right
[Fri Aug 14 20:34:43 2015] <arvisrend> except coqide wants it to be done somehow differently
[Fri Aug 14 20:35:17 2015] <Cypi> It wants you to use the View menu
[Fri Aug 14 20:35:27 2015] <Cypi> but I tried it, and it does not seem to work well actually
[Fri Aug 14 20:36:01 2015] <Cypi> The match has to be unfolded when you first define the constant, so it is then up to the printer to fold it again if the user wants it to. But apparently it does not always succeed
[Fri Aug 14 20:36:33 2015] <arvisrend> yeah :/
[Sat Aug 15 16:26:49 2015] <viatropos> question about proving decidability in coq http://math.stackexchange.com/questions/1398519/do-proof-assistants-like-coq-really-need-to-actually-perform-computations-to-pro
[Sat Aug 15 16:28:16 2015] <vanila> are you the one asking this?
[Sat Aug 15 16:29:12 2015] <viatropos> yeah
[Sat Aug 15 16:29:29 2015] <vanila> i can answer you here, i don't have an account on that site
[Sat Aug 15 16:30:17 2015] <viatropos> ok, that would be very helpful
[Sat Aug 15 16:30:44 2015] <vanila> https://coq.inria.fr/library/Coq.Arith.Le.html
[Sat Aug 15 16:31:05 2015] <vanila> to prove le you need to build up a term with these constructors
[Sat Aug 15 16:31:28 2015] <vanila> there will have to be something like 100000 le_S constructors in your proof term
[Sat Aug 15 16:31:48 2015] <vanila> because it's define in terms of unary natural numbers
[Sat Aug 15 16:32:25 2015] <vanila> when you write 100000 that is just syntactic sugar for S (S (S ...)) with 10000s of constructors
[Sat Aug 15 16:32:43 2015] <vanila> so a direct proof term like this will kill Coq
[Sat Aug 15 16:33:10 2015] <vanila> on the other hand, you could implement base 10 (or binary) numbers and prove that they have a relationship with the unary number system
[Sat Aug 15 16:33:31 2015] <Tuplanolla> Here's a more efficient encoding for natural numbers: Inductive bin : Type := Z : bin | T : bin -> bin | ST : bin -> bin.
[Sat Aug 15 16:33:41 2015] <vanila> then you should easily be able to use computation to prove "100000" < "1000000" as base 10 numbers
[Sat Aug 15 16:33:57 2015] <Tuplanolla> That one is either zero, twice something or the successor of twice something.
[Sat Aug 15 16:35:34 2015] <viatropos> Ok so there are more efficient ways of doing this is what it seems like you're saying
[Sat Aug 15 16:35:59 2015] <viatropos> But you're also saying that you *do* have to actually compute every step for it to be "proven"?
[Sat Aug 15 16:36:11 2015] <vanila> sort of
[Sat Aug 15 16:36:17 2015] <vanila> for a direct proof: yes
[Sat Aug 15 16:36:45 2015] <viatropos> interesting, how can you prove the same thing using something other than direct proof?
[Sat Aug 15 16:36:48 2015] <vanila> but there are indirect proofs which could be done with less computation (like using base 10 for example)
[Sat Aug 15 16:37:40 2015] <viatropos> ok, but even that, you still would do something like 10^2 <= 10^3, 10^3 <= 10^4, etc.
[Sat Aug 15 16:37:48 2015] <viatropos> is there a way to do it in only 1 step?
[Sat Aug 15 16:37:58 2015] <viatropos> or just a few steps, independent of the size of the number?
[Sat Aug 15 16:38:17 2015] <viatropos> like say it was proving 12381871 <= 1874989182 (something arbitrary)
[Sat Aug 15 16:38:50 2015] <Tuplanolla> Encode them as strings and compare lengths for example. Is that one enough step?
[Sat Aug 15 16:39:14 2015] <Tuplanolla> You need to be the clever one here.
[Sat Aug 15 16:39:33 2015] <viatropos> Ah ok, that makes sense
[Sat Aug 15 16:39:43 2015] <viatropos> It's all about being clever then :)
[Sat Aug 15 16:39:57 2015] <viatropos> But you do actually have to perform all the steps
[Sat Aug 15 16:40:22 2015] <vanila> Definition bar : nat := 1874989182.
[Sat Aug 15 16:40:27 2015] <vanila> this crashes Coq
[Sat Aug 15 16:40:39 2015] <vanila> because the object is gigantic: S (S (S ...))
[Sat Aug 15 16:42:00 2015] <vanila> so you can't even really talk about this number as a 'nat' in Coq
[Sat Aug 15 16:44:08 2015] <viatropos> super interesting, starting to make sense now
[Sat Aug 15 16:44:20 2015] <viatropos> so are there standard "efficient" techniques for better defining that number?
[Sat Aug 15 16:44:25 2015] <vanila> you can use BinNat
[Sat Aug 15 16:44:28 2015] <viatropos> like how would you prefer to define that number in coq?
[Sat Aug 15 16:44:30 2015] <viatropos> ah
[Sat Aug 15 16:44:32 2015] <vanila> Definition bar' : N := 1874989182%N.
[Sat Aug 15 16:44:47 2015] <vanila> this should be fine, and using binnat comparison you can use computation to prove the theorem
[Sat Aug 15 16:45:00 2015] <vanila> but le on N is defined different than on nat, so the proof itself is much much shorter
[Sat Aug 15 16:45:43 2015] <vanila> that's why Coq can handle it
[Sat Aug 15 16:46:14 2015] <viatropos> interesting, okay it's starting to make sense, yay
[Sat Aug 15 16:52:31 2015] <viatropos> So then, how would this work in practice? Say you have an expression in a programming language like `n <= m`, and they're of type "natural". But they can be any value, say up to 2147483647. Once the proof assistant or verifier comes to that expression `n <= m`, and knows `n == 21474836400` and `m == 2147483647 `, and that they are natural numbers, would the ideal be that it knows natural number proofs of large values are slow, so it
[Sat Aug 15 16:52:31 2015] <viatropos> instead uses the BinNat proof, knowing there is an already verified proof of the equality between nat and BinNat?
[Sat Aug 15 16:54:12 2015] <vanila> yeah thats right, although it might be even better to use 32 (or whatever) bit numbers, nat and N let you make numbers arbitrarily high
[Sat Aug 15 16:54:20 2015] <vanila> when modelling a programming language
[Sat Aug 15 16:56:49 2015] <viatropos> awesome, thank you
[Sat Aug 15 17:01:55 2015] <viatropos> so then if `nat` is so inefficient in practice, where is it useful?
[Sat Aug 15 17:03:02 2015] <vanila> nat is very useful because it has such a simple induction scheme
[Sat Aug 15 17:06:22 2015] <Tuplanolla> If you read classical mathematics, you'll rarely encounter numbers greater than 8, viatropos.
[Sat Aug 15 17:07:16 2015] <cedric_> For instance, for the Vector type, you do not lose much space by using nat as an index: Inductive Vector (A:Type) : nat -> Type := Nil : Vector A O | Cons : forall n, A -> Vector A n -> Vector A (S n).
[Sat Aug 15 17:08:03 2015] <cedric_> You could use BinNat instead of nat in this definition, but it will be certainly less convenient to use.
[Sat Aug 15 18:17:47 2015] <viatropos> where is @eq defined in [ascii_dec : forall a b : ascii, sumbool (@eq ascii a b) (not (@eq ascii a b))]?
[Sat Aug 15 18:17:51 2015] <viatropos> (in the coq source code)
[Sat Aug 15 18:18:28 2015] <viatropos> [About @eq.] doesn't work
[Sat Aug 15 18:19:51 2015] <viatropos> or what does @eq mean
[Sat Aug 15 18:20:17 2015] <Cypi> @ is just a modifier to say that no arguments should be explicit in the next constant
[Sat Aug 15 18:20:28 2015] <Cypi> so @eq is just like eq, but with no implicit arguments
[Sat Aug 15 18:20:37 2015] <Cypi> that no arguments should be implicit*, sorry
[Sat Aug 15 18:21:16 2015] <Cypi> You can do [Print eq.] if you want, it is just the standard equality
[Sat Aug 15 18:22:20 2015] <viatropos> oh ok, makes sense
[Sat Aug 15 18:44:14 2015] <viatropos> question about symbol, trying to understand it because a lot of the decidability stuff in coq uses it but it's not explained clearly anywhere
[Sat Aug 15 18:44:16 2015] <viatropos> found this http://seb.mondet.org/blog/post/coqtests-02-sumbools.html
[Sat Aug 15 18:44:32 2015] <viatropos> by symbol, i mean sumbool (autocorrect :|)
[Sat Aug 15 18:44:54 2015] <viatropos> is sumbool basically *creating* a boolean type?
[Sat Aug 15 18:45:06 2015] <viatropos> b/c it's of type Set, and it returns a set of 2 items
[Sat Aug 15 18:45:14 2015] <viatropos> and those items are propositions
[Sat Aug 15 18:45:27 2015] <viatropos> so when it's written sumbool ‘is a boolean type equipped with the justification of their value’
[Sat Aug 15 18:45:36 2015] <viatropos> it's not actually of type "bool" in coq
[Sat Aug 15 18:45:41 2015] <Cypi> The keyword "Inductive" introduces the definition of a new inductive type
[Sat Aug 15 18:45:47 2015] <Cypi> so now, it's not actually of type "bool"
[Sat Aug 15 18:45:48 2015] <viatropos> instead, it's creating a custom type similar to bool, but for your 2 propositions
[Sat Aug 15 18:46:13 2015] <Cypi> but since there are 2 constructors, you have a trivial correspondence with the type bool
[Sat Aug 15 18:46:18 2015] <Cypi> yup
[Sat Aug 15 18:46:27 2015] <viatropos> ok awesome, making more sense now
[Sat Aug 15 18:47:16 2015] <Cypi> I believe that when they say "boolean type", they approximately means "a type with two values"
[Sat Aug 15 18:47:26 2015] <viatropos> yeah, that should be clarified haha
[Sat Aug 15 18:47:30 2015] <Cypi> (even though in that case it is really an approximate meaning)
[Sat Aug 15 18:47:31 2015] <viatropos> so confused for a long time
[Sat Aug 15 18:47:50 2015] <Cypi> (because you can have non-equal proof of the same proposition)
[Sat Aug 15 18:48:12 2015] <Cypi> (so you could have some [p : A] and [q : A] such that you cannot prove [left p = left q])
[Sat Aug 15 18:48:32 2015] <Cypi> (but anyway, the spirit is there :D )
[Sat Aug 15 18:48:58 2015] <viatropos> don't quite understand what you mean there yet
[Sat Aug 15 18:49:17 2015] <viatropos> want to get a better sense of how these decidability definitions work, let me try
[Sat Aug 15 18:49:18 2015] <viatropos> so a decidability definition like [le_lt_dec : forall n m : nat, sumbool (le n m) (lt m n)] is says "for all natural numbers n and n, there is a 2-constructor type with the proposition [le n m] and [lt n m]"?
[Sat Aug 15 18:49:35 2015] <viatropos> "natural numbers n and m"
[Sat Aug 15 18:50:10 2015] <Cypi> No, it's better than that. This type exists anyway. But what you need to prove is that this type is inhabited. This is what [le_lt_dec] does.
[Sat Aug 15 18:50:26 2015] <Cypi> For any [n m : nat], it gives you an inhabitant of the type [sumbool (le n m) (lt m n)]
[Sat Aug 15 18:50:43 2015] <viatropos> what "gives an inhabitant", is it the proof?
[Sat Aug 15 18:51:11 2015] <Cypi> Yes. In Coq, proving is the same as giving an inhabitant
[Sat Aug 15 18:51:26 2015] <Cypi> Type <-> Theorems, Terms <-> Proofs
[Sat Aug 15 18:52:49 2015] <viatropos> (going to switch to using ascii_dec as an example, it seems simpler than <= https://coq.inria.fr/library/Coq.Strings.Ascii.html#ascii_dec)
[Sat Aug 15 18:53:09 2015] <viatropos> so where is the proof for ascii_dec that proves the type is inhabited?
[Sat Aug 15 18:53:14 2015] <viatropos> it seems to be defined without a proof
[Sat Aug 15 18:53:38 2015] <Cypi> They skip proofs in the documentation, that's why
[Sat Aug 15 18:54:09 2015] <Cypi> https://github.com/coq/coq/blob/trunk/theories/Strings/Ascii.v#L36 for the proof
[Sat Aug 15 18:54:10 2015] <viatropos> op, sorry https://github.com/coq/coq/blob/trunk/theories/Strings/Ascii.v#L36
[Sat Aug 15 18:54:12 2015] <viatropos> ok
[Sat Aug 15 18:54:15 2015] <viatropos> haha
[Sat Aug 15 18:54:28 2015] <Cypi> but it's really short because it uses a tactics which decides equality when it's easy
[Sat Aug 15 18:54:58 2015] <Cypi> (in that case, the tactic will in turn ask for a proof of the decidability of equality on booleans, which is proved by bool_dec)
[Sat Aug 15 18:55:12 2015] <Cypi> (this is because of the encoding of ascii characters that has been chosen)
[Sat Aug 15 18:57:08 2015] <viatropos> ok
[Sat Aug 15 18:57:21 2015] <viatropos> so is this basically the expanded/complete proof of ascii_dec then? https://cloudup.com/cnTt3cqpvLT
[Sat Aug 15 18:57:58 2015] <viatropos> (that's what the decide equality does?)
[Sat Aug 15 18:59:24 2015] <viatropos> bool_dec is much simpler in that case
[Sat Aug 15 18:59:41 2015] <viatropos> https://cloudup.com/i7JsRQ4PLoQ
[Sat Aug 15 19:03:28 2015] <Cypi> This is what the automatic tactic will produce, yes
[Sat Aug 15 19:04:24 2015] <viatropos> k
[Sat Aug 15 19:04:32 2015] <Cypi> it has to test the equality of 8 successive fields, so yes, it's a little bit big, but it's simple
[Sat Aug 15 19:10:38 2015] <viatropos> why do some decidability definitions use [Decidable.decidable] while others use [sumbool]?
[Sat Aug 15 19:10:41 2015] <viatropos> eg [BinNat.N.lt_decidable: forall n m : BinNums.N, Decidable.decidable (BinNat.N.lt n m)]
[Sat Aug 15 19:10:51 2015] <viatropos> [ascii_dec: forall a b : ascii, sumbool (@eq ascii a b) (not (@eq ascii a b))]
[Sat Aug 15 19:11:14 2015] <viatropos> is that just a refactoring thing or do they mean two different things?
[Sat Aug 15 19:11:42 2015] <viatropos> (wondering if all "decidability definitions" have pretty much the same format)
[Sat Aug 15 19:12:48 2015] <viatropos> it seems like it's two different coding styles i'm guessing
[Sat Aug 15 19:13:18 2015] <Cypi> just a refactoring style, I believe
[Sat Aug 15 19:13:27 2015] <viatropos> ok
[Sat Aug 15 19:13:45 2015] <Cypi> Ah, nevermind
[Sat Aug 15 19:13:52 2015] <Cypi> Decidable.decidable is for things in Prop
[Sat Aug 15 19:14:14 2015] <Cypi> but so is [@eq ascii a b]
[Sat Aug 15 19:14:18 2015] <Cypi> so yeah, refactoring :)
[Sat Aug 15 19:14:24 2015] <viatropos> ok cool
[Sat Aug 15 19:15:54 2015] <Cypi> Uh, I'm terrible. There is another difference.
[Sat Aug 15 19:16:12 2015] <Cypi> Decidable.decidable returns something in Prop, whereas sumbool is in Set
[Sat Aug 15 19:16:54 2015] <Cypi> Decidable.decidable is just defined as [fun (P : Prop) => P \/ ~ P]
[Sat Aug 15 19:17:30 2015] <Cypi> So it's using the inductive type [or], which is exactly the same as [sumbool], except that it lands in Prop, not in Set
[Sat Aug 15 19:17:48 2015] <viatropos> ok, when would you pick one or the other?
[Sat Aug 15 19:18:08 2015] <viatropos> like could the bool_dec be rewritten to use [Decidable.decidable]?
[Sat Aug 15 19:18:22 2015] <Cypi> You could, yes
[Sat Aug 15 19:18:45 2015] <Cypi> If you are just proving stuff, then using things in Prop is fine
[Sat Aug 15 19:18:58 2015] <Cypi> but if you need to compute, like you would do with actual booleans, then you need something in Set
[Sat Aug 15 19:18:59 2015] <viatropos> what is the benefit of using sumbool then?
[Sat Aug 15 19:19:02 2015] <viatropos> ok
[Sat Aug 15 19:22:11 2015] <viatropos> just playing with ideas here, not good at writing this so it works yet, but..
[Sat Aug 15 19:22:25 2015] <viatropos> could you rewrite the original bool_dec [bool_dec: forall b1 b2 : bool, sumbool (@eq bool b1 b2) (not (@eq bool b1 b2))] as...
[Sat Aug 15 19:22:30 2015] <viatropos> [bool_dec: forall b1 b2 : bool, Decidable.decidable (@eq bool b1 b2)]
[Sat Aug 15 19:22:37 2015] <viatropos> and then make
[Sat Aug 15 19:22:39 2015] <viatropos> [bool_dec_computable: sumbool bool_dec]
[Sat Aug 15 19:22:55 2015] <Cypi> [sumbool bool_dec] does not really make much sense
[Sat Aug 15 19:23:17 2015] <viatropos> yeah, don't know how to "wrap" that properly, but the basic idea:
[Sat Aug 15 19:23:22 2015] <viatropos> - write the Prop version
[Sat Aug 15 19:23:31 2015] <viatropos> - use that Prop version to create a "computable" Set version
[Sat Aug 15 19:23:32 2015] <viatropos> ?
[Sat Aug 15 19:23:40 2015] <Cypi> You cannot use something in Prop to compute something in Set, basically, so no
[Sat Aug 15 19:23:50 2015] <viatropos> ok
[Sat Aug 15 19:25:13 2015] <viatropos> wait but sumbool itself uses something in Prop to make a Set https://github.com/coq/coq/blob/trunk/theories/Init/Specif.v#L195
[Sat Aug 15 19:25:17 2015] <viatropos> how is that different?
[Sat Aug 15 19:26:26 2015] <Cypi> It's not computing in that case. To be more specific: you cannot examine the value of some [p : P] if [P : Prop], when what you want to build is in Set
[Sat Aug 15 19:26:57 2015] <Cypi> For instance, consider the type [True \/ False -> nat.]
[Sat Aug 15 19:26:58 2015] <viatropos> k
[Sat Aug 15 19:27:20 2015] <Cypi> it is a perfectly valid type, and you can even build values of that type, such that [fun (P : True \/ False) => 0]
[Sat Aug 15 19:27:41 2015] <Cypi> but what you cannot do is build a function which has this type, and whose return value depends on its input
[Sat Aug 15 19:28:05 2015] <Cypi> so you basically cannot make use of that argument of type [True \/ False] to decide which natural number you should return
[Sat Aug 15 19:28:27 2015] <Cypi> You can try it yourself if you want: [Goal True \/ False -> nat. intros P. destruct P.]
[Sat Aug 15 19:32:06 2015] <viatropos> where is the "decide equality" tactic defined in Coq? https://github.com/coq/coq/blob/trunk/tools/gallina-syntax.el#L266
[Sat Aug 15 19:32:29 2015] <Cypi> Probably directly in OCaml, but I can check this
[Sat Aug 15 19:32:32 2015] <viatropos> can't seem to find it
[Sat Aug 15 19:35:27 2015] <Cypi> https://github.com/coq/coq/blob/trunk/tactics/eqdecide.ml
[Sat Aug 15 19:35:28 2015] <Cypi> there
[Sat Aug 15 19:36:31 2015] <viatropos> thanks
[Sat Aug 15 22:11:56 2015] <wagle> whats best way to set loadpath for coq using proof general?
[Sat Aug 15 22:12:13 2015] <wagle> using chlipala's text
[Sat Aug 15 22:27:19 2015] <viatropos> why does `Max.max_dec` get extracted to this ocaml? [let max_dec0 = Nat.max_dec]
[Sat Aug 15 22:28:00 2015] <viatropos> whereas bool_dec is more readable https://gist.github.com/lancejpollard/dcbc87799d93388b164d
[Sat Aug 15 22:28:21 2015] <Cypi> Max.max_dec is actually defined as Nat.max_dec
[Sat Aug 15 22:28:50 2015] <Cypi> there is probably something to do to tell it to inline the definition, but I'm not really well-versed in extraction :/
[Sat Aug 15 22:31:53 2015] <wagle> moo..  adam's latest tarball is wrong
[Sat Aug 15 22:32:11 2015] <viatropos> [Extraction Nat.max_dec.] goes to [let max_dec = Private_Dec.max_dec]
[Sat Aug 15 22:32:23 2015] <viatropos> where is Private_Dec defined?
[Sat Aug 15 22:33:10 2015] <Cypi> [Print Nat.Private_Dec.max_dec.]
[Sat Aug 15 22:33:27 2015] <Cypi> You can do [Recursive Extraction <stuff>.] if you want every dependency to be extracted
[Sat Aug 15 22:33:31 2015] <Cypi> (it can go a long way, though)
[Sat Aug 15 22:33:33 2015] <viatropos> oh ok
[Sat Aug 15 22:33:35 2015] <viatropos> awesome
[Sat Aug 15 22:33:56 2015] <viatropos> that's perfect
[Sat Aug 15 22:35:03 2015] <Cypi> On the way, note that now that everything in Prop has been erased, the definition of sumbool is actually exactly this of booleans
[Sat Aug 15 22:35:06 2015] <wagle> haha..  the paper book is obselete!
[Sat Aug 15 22:35:20 2015] <Cypi> (you could actually for Coq to extract it to actual OCaml booleans)
[Sat Aug 15 22:35:27 2015] <Cypi> (ask for*)
[Sat Aug 15 23:12:23 2015] <wagle> can you get coq 8.5b2 from opam?
[Mon Aug 17 13:02:58 2015] <schoppenhauer> hello. is anyone using native-coq?
[Mon Aug 17 13:05:11 2015] <schoppenhauer> because it ... doesn't work ... well, it works. but only sort of.
[Mon Aug 17 13:05:51 2015] <schoppenhauer> it seems to call ocamlc
[Mon Aug 17 13:06:26 2015] <schoppenhauer> but ocamlc does not recognize the ocaml libraries
[Mon Aug 17 13:44:42 2015] <schoppenhauer> hm. calling ocamlopt the way strace sais that coqc does works.
[Mon Aug 17 13:44:47 2015] <schoppenhauer> but apparently not inside coq.
[Mon Aug 17 14:12:40 2015] <schoppenhauer> hm. maybe I'll ask coq-club
[Tue Aug 18 06:22:43 2015] <nancy> hi
[Tue Aug 18 06:24:43 2015] <Cypi> That was fast.
[Wed Aug 19 08:37:33 2015] <sanooj> hey all.
[Wed Aug 19 08:38:00 2015] <sanooj> I'm reading through ssreflect's code, and am hitting all sorts of stumbling blocks.
[Wed Aug 19 08:38:51 2015] <sanooj> one is the definition of funcomp in ssrfun.v. it is "Definition funcomp u (f : B -> A) (g : C -> B) x := let tt := u in f (g x)."
[Wed Aug 19 08:39:04 2015] <sanooj> sorry, that's let: instead of let.
[Wed Aug 19 08:39:08 2015] <sanooj> what's the point of the u and tt ?
[Wed Aug 19 08:39:35 2015] <sanooj> it then later defines comp f g to be notation for funcomp tt f g, so it's doubly confusing.
[Wed Aug 19 11:22:58 2015] <schoppenhauer> Hi. is there an implementation of diffarrays for coq? (I asked this in coq-club but got no answer so far.) native-coq had "PArray". I can write bindings myself, but if there was something predefined, I would prefer it.
[Wed Aug 19 20:31:06 2015] <schoppenhauer> *push* Hi. is there an implementation of diffarrays for coq? (I asked this in coq-club but got no answer so far.) native-coq had "PArray". I can write bindings myself, but if there was something predefined, I would prefer it. Someone found https://www.mpi-sws.org/~viktor/arefs/ but the Parrays there extract to "Perarray.t", and I have no idea what that is, ocaml doesn't know it.
[Thu Aug 20 01:04:58 2015] <sanooj> lmgtfy, https://www.mpi-sws.org/~viktor/arefs/Parray.html
[Thu Aug 20 01:05:40 2015] <sanooj> gah. cake on face.
[Thu Aug 20 01:15:12 2015] <sanooj> I have never extracted in my life, but I think Perarray is supposed to be defined by the extraction.
[Thu Aug 20 01:35:07 2015] <sanooj> or not... maybe ask viktor by email?
[Thu Aug 20 01:41:25 2015] <sanooj> maybe he just forgot to include the unsafe parts as a perarray.ml/mli in arefs.zip, with Parray.v only providing the proofs based on the ug* axioms in that file.
[Thu Aug 20 01:43:34 2015] <sanooj> that's probably it, because in the paper he says he assumes the module Parray, implementing functional arrays.
[Thu Aug 20 03:01:19 2015] <sanooj> is there a convenient way to inspect proofs that use long ;-chained things using proofgeneral?
[Thu Aug 20 03:02:54 2015] <sanooj> I've been manually rewriting ;-chains by separating out the individual commands, and for ssreflect, rewriting tactics to use mostly defective tactics.
[Thu Aug 20 03:03:49 2015] <sanooj> C-c C-n goes to the end of the command up to the next period, so something more fine grained than that.
[Thu Aug 20 13:28:40 2015] <pharpend> http://lpaste.net/139278 <- I'm stuck, would someone mind helping?
[Thu Aug 20 13:31:50 2015] <Cypi> pharpend : since you've alread used [firstorder], you can use it again if you want. The more manual solution is to do the only thing you can do: [apply H0; intros]. Then you have [X] and [X -> False] in your environment.
[Thu Aug 20 13:32:22 2015] <pharpend> Cypi: firstorder solves it after the destructs =p. I'm trying to do the type tetris on my own.
[Thu Aug 20 13:32:31 2015] <Cypi> Hmm, I guess that was not a very subtle hint... Maybe a better hint: you don't need H anymore, you can clear it.
[Thu Aug 20 13:38:33 2015] <pharpend> http://lpaste.net/139279 <-- stuck again
[Thu Aug 20 13:39:03 2015] <Cypi> Well, why "right"? :p
[Thu Aug 20 13:39:15 2015] <pharpend> oh I was just trying each branch
[Thu Aug 20 13:39:21 2015] <pharpend> left was a dead-end as well
[Thu Aug 20 13:39:52 2015] <Cypi> Yes, that's normal: let's say that [right] as a first step will work. Then that basically that, assuming Peirce law, every proposition is false :D
[Thu Aug 20 13:40:07 2015] <Cypi> (same for [left], which would prove that every proposition is true)
[Thu Aug 20 13:46:01 2015] <pharpend> Yay figured it out: http://lpaste.net/139285 . Thanks Cypi
[Thu Aug 20 13:46:10 2015] <Cypi> nice :D
[Thu Aug 20 15:02:27 2015] <schoppenhauer> hi. does coq extract int31 to ocaml integers? and ascii strings to native ocaml strings?
[Thu Aug 20 15:17:33 2015] <schoppenhauer> hm. it doesn't.
[Thu Aug 20 15:17:36 2015] <schoppenhauer> but why?
[Thu Aug 20 15:20:53 2015] <schoppenhauer> why doesn't it?
[Thu Aug 20 15:56:19 2015] <schoppenhauer> why doesn't it extract to native int
[Fri Aug 21 14:02:44 2015] <schoppenhauer> where in the coq source code is the definition of proofs?
[Fri Aug 21 14:45:28 2015] <johnw> schoppenhauer: what do you mean?
[Fri Aug 21 14:47:40 2015] <schoppenhauer> johnw: I want to write a custom extraction mechanism. or at least try to do so and fail.
[Fri Aug 21 14:48:34 2015] <johnw> I still don't know what that has to do with "proof definition"
[Fri Aug 21 14:48:47 2015] <johnw> do you mean the Gallina term that witnesses a proof ?
[Fri Aug 21 14:50:21 2015] <schoppenhauer> yes.
[Fri Aug 21 14:51:32 2015] <johnw> so why would that be "in the source code"?
[Fri Aug 21 14:51:46 2015] <johnw> I assume you mean, which variable/map holds the proof terms?
[Fri Aug 21 14:51:57 2015] <johnw> sadly, I don't know the internals of coq yet
[Fri Aug 21 14:52:35 2015] <schoppenhauer> ...
[Fri Aug 28 14:03:27 2015] <Semper> Hi, I'm trying to use CoqIDE without the Prelude
[Fri Aug 28 14:03:34 2015] <Semper> can anyone help me?
[Fri Aug 28 14:07:00 2015] <Semper> Hello?
[Fri Aug 28 14:07:15 2015] <Semper> Does anyone know how I can use Coq without the Prelude
[Fri Aug 28 14:41:16 2015] <arcatan> Semper: try running it with the commandline parameter -nois.
[Fri Aug 28 14:41:18 2015] <arcatan> coqide -nois
[Fri Aug 28 14:57:59 2015] <dmiles> does coq have any examples involving proving gender in a family tree?
[Fri Aug 28 14:58:23 2015] <dmiles> or wolf/cabbage/goat on a boat examples?
[Fri Aug 28 14:58:38 2015] <Tuplanolla> I get the feeling that a SAT solver would fit those purposes better.
[Fri Aug 28 14:59:08 2015] <dmiles> well i want to have proofs of how the solver arrived at such deductions
[Fri Aug 28 14:59:18 2015] <dmiles> but perhaps
[Fri Aug 28 15:00:41 2015] <Tuplanolla> I recently read Software Abstractions and it discussed solutions to both of those problems.
[Fri Aug 28 15:00:55 2015] <Tuplanolla> That's not helpful for learning Coq, but still.
[Fri Aug 28 15:01:59 2015] <dmiles> what resource should i look at for seeing examples of the kinds of problems i can solve using a proof engine ?
[Fri Aug 28 15:03:21 2015] <dmiles> (I used to use CYC as a proof engine. where I'd ask it  questions and it would answer but with 50 step proofs .. is this what a proof engine does sometimes?)
[Fri Aug 28 15:03:58 2015] <dmiles> (if i disagreed with a step in the proof i'd go and modify the mistakes)
[Fri Aug 28 15:04:11 2015] <dmiles> then ask again and get sometimes better answers
[Fri Aug 28 15:04:29 2015] <dmiles> (or worse answers if i messed up!)
[Fri Aug 28 15:05:36 2015] <dmiles> ( proof were a list of axioms and facts )
[Fri Aug 28 15:06:11 2015] <dmiles> typical question might be:  why does john eat fish every day?
[Fri Aug 28 15:06:56 2015] <dmiles> proof might be he was an organic being who lived nearby the ocean where fish was cheap
[Fri Aug 28 15:07:37 2015] <dmiles> then i checnge the fact he lives by the sea and then it might decide he does it becasue tuna is on sale at the supermarket and he was broke
[Fri Aug 28 15:08:25 2015] <Tuplanolla> I don't really understand what you're after.
[Fri Aug 28 15:08:38 2015] <dmiles> if i should expect to do these things with coq
[Fri Aug 28 15:08:59 2015] <dmiles> (of course not in natrual langauge but in logical language)
[Fri Aug 28 15:09:52 2015] <dmiles> after a document that gives an example of asking and then modifying coqs axioms to change its proofs
[Fri Aug 28 16:17:13 2015] <Semper> thanks arcatan
[Fri Aug 28 16:17:23 2015] <Semper> I didnt know coqide had arguments too
[Fri Aug 28 16:17:30 2015] <Semper> but
[Fri Aug 28 16:17:53 2015] <Semper> I was wondering
[Fri Aug 28 16:18:20 2015] <Semper> in Init.Logic it says
[Fri Aug 28 16:18:20 2015] <Semper> Notation "A -> B" := (forall (_ : A), B) : type_scope.
[Fri Aug 28 16:18:53 2015] <Semper> yet I can still use -> normally
[Fri Aug 28 16:19:04 2015] <Semper> does that mean that it still imports Notations
[Fri Aug 28 16:19:15 2015] <Semper> or is this something built into Coq
[Fri Aug 28 16:21:55 2015] <Semper> * slaps arcatan around a bit with a large fishbot
[Fri Aug 28 16:22:00 2015] <Semper> uhhhh
[Fri Aug 28 21:50:12 2015] <mdmkolbe> What lemma lets me transform "f (if x then y else x)" to "if x then (f y) else (f z)"?
[Fri Aug 28 22:07:26 2015] <benzrf> mdmkolbe: idk, but you could just destruct x
[Fri Aug 28 22:50:35 2015] <mdmkolbe> benzrf: destruct x is what I ended up doing
[Fri Aug 28 22:50:54 2015] <benzrf> kk
[Fri Aug 28 22:53:16 2015] <jrw> mdmkolbe: afaik, there's no lemma for that in the stdlib. you could prove your own lemma.
[Sun Aug 30 08:57:40 2015] <vanila> hi
[Sun Aug 30 08:57:48 2015] <vanila> does anyone have ashort confluence proof in coq
[Sun Aug 30 08:57:53 2015] <vanila> for lambda calculus
[Sun Aug 30 09:05:54 2015] <benzrf> confluence
[Sun Aug 30 20:41:44 2015] <RegEchse> hm
[Sun Aug 30 20:43:40 2015] <RegEchse> eauto is annoying me. At the end of the proof i have existential variables left. If i do "Grab Existential Variables." i get 3 subgoals, all of which are "X", all of which are solvable by "assumption." because "X : Type" is in the context.
[Sun Aug 30 20:43:43 2015] <RegEchse> :/
[Sun Aug 30 20:44:03 2015] <RegEchse> that doesn't make sense to me
[Sun Aug 30 21:05:51 2015] <jrw> RegEchse: if you paste your code somewhere I can take a look
[Sun Aug 30 21:13:34 2015] <RegEchse> jrw: thx, but i'm leaving in an instant now.  good night.
[Mon Aug 31 07:12:41 2015] <vanila> my goal has this
[Mon Aug 31 07:12:52 2015] <vanila>    lift (S u) (if le_gt_dec v n then var (S n) else var n) = ...
[Mon Aug 31 07:13:05 2015] <vanila> how do I write a tactic that searches for le_gt_dec ?x ?y and destructs it?
[Mon Aug 31 11:36:01 2015] <jrw> vanila: something like this https://gist.github.com/wilcoxjay/c98e6bb39847bce69065
[Mon Aug 31 11:36:31 2015] <vanila> oh excellent thanks ill try it
[Wed Sep  2 10:26:51 2015] <schoppenhauer> hello. I want to define a datatype that depends on two lists (the list of "done"-objects, and the list of "todo"-objects). the "done" list is only for proving properties, and should *not* be contained in extracted code, while the "todo" one (obviously) is computational. how can I achieve this?
[Wed Sep  2 10:31:48 2015] <jrw> schoppenhauer: unfortunately, the only way I know how to do that is to write the code twice -- once with and once without the stuff that you want erased -- and then prove them equivalent.
[Wed Sep  2 10:32:14 2015] <jrw> alternatively, if you can find a way of encoding what you want as a Prop, then you can do it in one go
[Wed Sep  2 10:32:43 2015] <schoppenhauer> jrw: the definition makes no sense without the stuff I did ("done").
[Wed Sep  2 10:33:00 2015] <schoppenhauer> jrw: what about using "exists ..." ? will this be extracted?
[Wed Sep  2 10:33:25 2015] <schoppenhauer> (normally, exists ... is in prop, iirc.)
[Wed Sep  2 10:34:01 2015] <schoppenhauer> the problem is, I could define an inductive prop IsValid (done : List A) (todo : List A)
[Wed Sep  2 10:35:13 2015] <schoppenhauer> and then a function transform : forall (todo done : List A), IsValid done todo -> { todo2 | exists done2, IsValid done2 todo2 }
[Wed Sep  2 10:35:34 2015] <schoppenhauer> jrw: but then I would still have the "done" as an argument for this function.
[Wed Sep  2 10:36:10 2015] <schoppenhauer> hm. ok. but your suggestion is probably to just write a function List A -> List A, and then prove that everything is valid.
[Wed Sep  2 10:38:08 2015] <Cypi> Maybe you could have the type [transform : forall (todo : List A), (exists (todo : List A), IsValide done todo) -> {todo2 | exists done2, IsValide done2 todo2}] ?
[Wed Sep  2 10:38:54 2015] <Cypi> IsValid*
[Wed Sep  2 10:38:57 2015] <schoppenhauer> you mean done in the first quantor, but yes. this would probably be right.
[Wed Sep  2 10:39:08 2015] <Cypi> and yes, done*, sorry
[Wed Sep  2 10:39:10 2015] <schoppenhauer> `exists` is non-computational, right?
[Wed Sep  2 10:39:21 2015] <schoppenhauer> that is, it will always be extracted to unit.
[Wed Sep  2 10:39:26 2015] <schoppenhauer> or to __ or whatever
[Wed Sep  2 10:39:28 2015] <Cypi> It's in Prop, so yes
[Wed Sep  2 10:39:35 2015] <schoppenhauer> ok then I'll do it this way.
[Wed Sep  2 11:06:35 2015] <lpaste_> gallais pasted “coq:coqide installation fail” at http://lpaste.net/140123
[Wed Sep  2 11:07:02 2015] <gallais> I get this weird error when trying to install coq:coqide using opam. Any clue?
[Wed Sep  2 11:11:46 2015] <Tuplanolla> Trying to find "bin/coqide" catches my eye.
[Wed Sep  2 11:46:04 2015] <gallais> Trying to configure coqide by hand yields an explanation:
[Wed Sep  2 11:46:07 2015] <gallais> Incomplete LablGtk2 (via ocamlfind): no /home/gallais/.opam/system/lib/lablgtk2/gSourceView2.cmi.
[Wed Sep  2 11:47:25 2015] <gallais> Shouldn't the build simply fail at this stage?
[Wed Sep  2 15:13:07 2015] <schoppenhauer> is anyone using proofgeneral-emacs in the terminal?
[Wed Sep  2 15:13:28 2015] <schoppenhauer> because ... I would like to do, but it underlines everything instead of changing its background color.
[Wed Sep  2 15:14:52 2015] <Tuplanolla> Does setting TERM=xterm-256color help?
[Wed Sep  2 15:46:21 2015] <schoppenhauer> Tuplanolla: no
[Wed Sep  2 19:03:05 2015] <benzrf> is it just me or
[Wed Sep  2 19:03:10 2015] <benzrf> is this not a theorem:
[Wed Sep  2 19:03:55 2015] <benzrf> er, wait one sec
[Wed Sep  2 19:05:31 2015] <benzrf> forall seq : nat -> list bool, (forall n : nat, seq n <> nil) -> (forall n : nat, list_subset (seq (S n)) (seq n)) -> exists b : bool, forall n : nat, elem b (s n)
[Wed Sep  2 19:34:43 2015] <jgross> Yeah, that's not a theorem.  It requires an additional hypothesis like [forall b, (forall n, elem b (seq n)) \/ (exists n, ~elem b (seq n))].  There's no constructive way to go from [forall n : nat, P n + ~P n] to [(forall n, P n) + ~(forall n, P n)] (let alone to [(forall n, P n) + (exists n, ~P n)]) 
[Wed Sep  2 19:36:25 2015] <benzrf> jgross: thought so
[Wed Sep  2 21:43:53 2015] <arvisrend> how do i prove an equivalence in SSR?
[Wed Sep  2 21:45:25 2015] <arvisrend> ("split" does the trick, but doesn't look SSR-style to me)
[Wed Sep  2 21:45:51 2015] <arvisrend> (then again maybe it is)
[Wed Sep  2 21:46:15 2015] <arvisrend> ah it is, sorry
[Wed Sep  2 23:39:19 2015] <QF-MichaelK> Is there an online tutorial/REPL?
[Thu Sep  3 12:02:20 2015] <pharpend> Hey, everyone/close
[Thu Sep  3 16:34:02 2015] <nkaretnikov> is there a good tutorial on using the haskell extractor?
[Thu Sep  3 16:34:42 2015] <nkaretnikov> never tried it and too tired to read the wall of text, that is, a manual
[Thu Sep  3 16:35:34 2015] <nkaretnikov> there was a post on haskell planet quite recently but i cannot remember
[Thu Sep  3 16:35:41 2015] <nkaretnikov> who wrote it
[Thu Sep  3 16:39:12 2015] <nkaretnikov> found out that it's covered in the sf book
[Thu Sep  3 16:57:56 2015] <nkaretnikov> ugh
[Thu Sep  3 16:58:02 2015] <nkaretnikov> i don't get it
[Thu Sep  3 16:58:15 2015] <nkaretnikov> how do i extract option as maybe?
[Thu Sep  3 16:58:49 2015] <nkaretnikov> there is an example for the list type, but my adaptation of it doesn't work
[Thu Sep  3 17:00:24 2015] <nkaretnikov> ah. it's parsed top to bottom
[Thu Sep  3 17:00:51 2015] <nkaretnikov> you have to put it before the command that extracts into a file
[Thu Sep  3 17:01:07 2015] <nkaretnikov> doesn't work yet, but at least i can see the output
[Thu Sep  3 17:05:41 2015] <nkaretnikov> oh wow, the order of constructors inside the value constructor list matters
[Thu Sep  3 17:05:55 2015] <nkaretnikov> so you can get nonsense if you mess it up
[Thu Sep  3 17:19:26 2015] <nkaretnikov> how do i change the import list of the generated haskell code?
[Thu Sep  3 17:20:40 2015] <nkaretnikov> i wrote a line that maps option to maybe, but it doesn't export the data declaration itself and the module cannot find a proper library definition because prelude is imported qualified
[Thu Sep  3 17:20:42 2015] <nkaretnikov> halp
[Thu Sep  3 17:23:09 2015] <Tuplanolla> I haven't looked into this yet, but can you use it qualified too?
[Thu Sep  3 17:24:43 2015] <nkaretnikov> i haven't considered this
[Thu Sep  3 17:24:52 2015] <nkaretnikov> it'll probably work
[Thu Sep  3 17:24:57 2015] <nkaretnikov> but it's verbose
[Thu Sep  3 17:25:03 2015] <nkaretnikov> and unnecessary
[Thu Sep  3 17:25:05 2015] <nkaretnikov> for this code
[Thu Sep  3 17:25:50 2015] <nkaretnikov> i'm currently looking at johnw's linearscan trying to understand how things are organized there
[Thu Sep  3 17:31:11 2015] <nkaretnikov> i dont't know perl, but it seems it just substitutes the name like sed
[Thu Sep  3 17:31:56 2015] <nkaretnikov> https://github.com/jwiegley/coq-haskell/blob/a30a8975c524279a009625fd4a53e2fdb9d0b9dc/fixcode.pl
[Thu Sep  3 17:53:21 2015] <nkaretnikov> https://github.com/nkaretnikov/99-problems/commit/7b656c8347c91f36f669c21c2028e272c8c6aa9d here's what i ended up with
[Thu Sep  3 17:53:37 2015] <nkaretnikov> i'll try the notation trick from the repo i linked earlier
[Thu Sep  3 17:53:44 2015] <nkaretnikov> and see whether it'll make things prettier
[Thu Sep  3 21:55:02 2015] <newsham> i want to do a: "unfold func; simpl; fold func", but the func has some implicit type arguments and when I do the "fold func" it says it cant figure out what they are
[Thu Sep  3 21:55:12 2015] <newsham> how can I specify the implicit arguments to the fold tactic?
[Thu Sep  3 21:55:52 2015] <newsham> (I figured out my proof without it, by doing the unfold before induction, so that my IH had the unfolded statement in it, but I imagine this will come up again some time)
[Thu Sep  3 22:11:52 2015] <newsham> hrmm.. "Error: Universe inconsistency"
[Thu Sep  3 22:11:55 2015] <newsham> what did I do to get here? :)
[Thu Sep  3 22:17:32 2015] <newsham> trying to do pierce's SF exercise on church numerals, and for my definition of "succ" I get "Universe inconsentency" when I do: "Check three _ succ".
[Thu Sep  3 22:18:34 2015] <newsham> is this exercise not possible?
[Thu Sep  3 23:35:30 2015] <jrw> newsham: re: fold. sometimes it helps to say [fold (@foo x y z)], so that you can explicitly instantiate the implicit arguments. [fold] is generally not very well behaved IMHO, and I avoid using it.
[Thu Sep  3 23:35:42 2015] <jrw> newsham: re: universes. if you paste some code, I'd be happy to look at it.
[Thu Sep  3 23:59:10 2015] <newsham> jrw: let me put sometihng together ot paste
[Fri Sep  4 00:04:25 2015] <newsham> http://pastebin.com/KcTCAtuf
[Fri Sep  4 00:05:00 2015] <newsham> i imagine i have to do it "the hard way" to avoid the universes problem
[Fri Sep  4 00:12:01 2015] <newsham> (btw, this isn't for a class and I'm not asking for someone to do my hw :)
[Fri Sep  4 00:17:03 2015] <jrw> newsham: okay so like they say you can't iterate over nat because of universe stuff.
[Fri Sep  4 00:17:24 2015] <jrw> but there is an easy way around it.
[Fri Sep  4 00:18:06 2015] <jrw> if I want to do something n + m times, that's the same as doing it m times and then doing it n times again
[Fri Sep  4 00:18:12 2015] <jrw> see how far that gets you.
[Fri Sep  4 00:23:22 2015] <newsham> *nod* I know how to d it without incr.. its just more painful and not particularly enlightening
[Fri Sep  4 00:23:38 2015] <newsham> ditto for mult and exp.
[Fri Sep  4 00:27:25 2015] <jrw> newsham: yeah, it is frustrating, since most people's first instinct is to reuse previous definitions
[Fri Sep  4 00:30:00 2015] <jrw> newsham: one option is to define your succ/plus/mult to have a slightly different type, namely, try my_succ with type [forall X : Type, ((X -> X) -> X -> X) -> ((X -> X) -> X -> X)]
[Fri Sep  4 00:30:14 2015] <jrw> then you'll be able to use that to define plus
[Fri Sep  4 00:33:18 2015] <newsham> interesting
[Fri Sep  4 14:35:53 2015] <newsham> I'm having a hard time with an exercise to prove:  n + n = m + m -> n = m.
[Fri Sep  4 14:36:15 2015] <Tuplanolla> What kind of a hard time?
[Fri Sep  4 14:36:44 2015] <newsham> using induction on n, I can prove the n=0 case by destruct m and then inversion
[Fri Sep  4 14:37:08 2015] <newsham> but for the inductive case where  S n' + S n' = m + m -> S n' = m    I am getting stuck
[Fri Sep  4 14:38:00 2015] <ianjneu> newsham: do you do induction before or after introducing m?
[Fri Sep  4 14:38:14 2015] <newsham> the exercise primed me by doing induction after intorducing n only.
[Fri Sep  4 14:38:20 2015] <newsham> the rest was left to me
[Fri Sep  4 14:38:36 2015] <Tuplanolla> Have you tried destruct m right there?
[Fri Sep  4 14:39:27 2015] <Tuplanolla> That should give you S n' = 0 and S n' = S m, which is much better than S n' = m.
[Fri Sep  4 14:40:02 2015] <newsham> yah, i need to destruc ton m
[Fri Sep  4 14:40:08 2015] <newsham> i just thought of that while asking the question :)
[Fri Sep  4 14:42:51 2015] <Tuplanolla> Extra credit: don't use inversion at all.
[Fri Sep  4 14:43:41 2015] <newsham> ok, got it done.
[Fri Sep  4 14:43:55 2015] <newsham> well the current exercise was to teach us to use inversion
[Fri Sep  4 14:44:04 2015] <Tuplanolla> Do it anyway.
[Fri Sep  4 14:44:55 2015] <newsham> ok, so this worked, but it seems long winded.. am I missing a more elegant solution?  http://pastebin.com/iqNb69Xk
[Fri Sep  4 14:45:52 2015] <newsham> (using earlier: Theorem plus_n_Sm : forall n m : nat, S (n + m) = n + (S m).
[Fri Sep  4 14:46:51 2015] <Tuplanolla> The first branch can be dealt with destruct m. reflexivity. discriminate. to start.
[Fri Sep  4 14:47:33 2015] <Tuplanolla> It's not really more elegant; just shorter.
[Fri Sep  4 14:53:20 2015] <newsham> why do you recommend doing it without inversion?  how would you approach it?
[Fri Sep  4 14:53:51 2015] <Tuplanolla> I don't recommend it. It's just an alternative to look at.
[Fri Sep  4 14:57:56 2015] <Tuplanolla> Here's one way to do it: do 2 rewrite plus_Sn_m in H. do 2 rewrite <- plus_n_Sm in H. do 2 apply eq_add_S in H. apply IHn' in H. apply f_equal. apply H.
[Fri Sep  4 14:58:39 2015] <newsham> ahh,, but f_equal is built using inversion :)
[Fri Sep  4 14:58:54 2015] <newsham> but i see where you're going with that
[Fri Sep  4 14:59:16 2015] <newsham> err. wait..
[Fri Sep  4 14:59:34 2015] <newsham> f_equal does not use inversion.. nevermind
[Fri Sep  4 15:11:22 2015] <newsham> does "intros n m. generalize dependent n."  come up often?  is there a tactic that pulls in intros "over" others?
[Fri Sep  4 16:07:42 2015] <newsham> This is confusing me:  http://pastebin.com/qQgx8dYa
[Fri Sep  4 16:10:11 2015] <Tuplanolla> Do you know the difference between forward and backward reasoning?
[Fri Sep  4 16:11:05 2015] <newsham> yes.  when applying on the goal, "apply" should unify with the RHS of the theorem, and rewrite to the LHS, right?
[Fri Sep  4 16:11:21 2015] <newsham> and applying in a hypothesis would unify LHS and rewrite to RHS
[Fri Sep  4 16:11:35 2015] <Tuplanolla> Indeed. Now take a look at the arrow direction in app_length_cons.
[Fri Sep  4 16:12:32 2015] <newsham> app_length_cons says if I want to prove "S (length (l1 ++ l2)) = n." it suffices to prove "length (l1 ++ (x :: l2)) = n"
[Fri Sep  4 16:13:01 2015] <newsham> and my goal is "S (length (l' ++ x :: l')) = S (n' + S n')"
[Fri Sep  4 16:13:46 2015] <newsham> so shouldnt it rewrite my goal to "length (l' ++ l') = S (n' + S n')"?
[Fri Sep  4 16:15:38 2015] <newsham> oops, i did the rewrite wrong
[Fri Sep  4 16:16:18 2015] <Tuplanolla> It tries to unify S (length (l' ++ x :: l')) = S (n' + S n') with S (length (l1 ++ l2)) = n and fails, because there's no x.
[Fri Sep  4 16:16:44 2015] <Tuplanolla> Hint: assert (Ha : ...).
[Fri Sep  4 16:30:03 2015] <newsham> stuck..
[Fri Sep  4 16:31:50 2015] <Tuplanolla> Further: assert (Ha : forall (l1 l2 : list X), ...).
[Fri Sep  4 16:35:50 2015] <newsham> i dont get what you're getting at
[Fri Sep  4 16:37:05 2015] <Tuplanolla> You need to prove an additional lemma.
[Fri Sep  4 16:38:04 2015] <newsham> btw, they asked us not to use length(l1 ++ l2) == length l1 + length l2.
[Fri Sep  4 16:39:16 2015] <Tuplanolla> That's fine. You just need to get that cons out from the middle of your list.
[Fri Sep  4 16:42:00 2015] <newsham> i'll just make a theory of the other direction of that cons implication
[Fri Sep  4 16:44:29 2015] <Tuplanolla> I was just trying to say that it's more convenient to prove on the spot: assert (Ha : forall (l1 l2 : list X), length (l1 ++ x :: l2) = S (length (l1 ++ l2))).
[Fri Sep  4 16:45:39 2015] <newsham> ahh, got it.
[Fri Sep  4 16:45:52 2015] <newsham> i ended up making the theory with an implication that did the same thing effectively.
[Fri Sep  4 19:37:44 2015] <newsham> Can I use a theory like this in forward reasoning?   IHl1' : forall (l2 : list X) (l : list (X * X)),
[Fri Sep  4 19:37:47 2015] <newsham>           length l1' = length l2 -> combine l1' l2 = l -> split l = (l1', l2)
[Fri Sep  4 19:38:29 2015] <newsham> for example I have an l2 and a theory that "lenght l1 = l2" right now.
[Fri Sep  4 19:40:07 2015] <newsham> s/theory/hypothesis"
[Fri Sep  4 19:40:23 2015] <newsham> and I have another hypothesis that "combine l1' l2' = l'".
[Sat Sep  5 02:21:53 2015] <nkaretnikov> can i make a model in verdi and somehow use it with c?
[Sat Sep  5 14:56:00 2015] <Tuplanolla> If I have a radical equation and I raise both sides to an integer power, is the set of solutions to the resulting equation always a superset of the original?
[Sat Sep  5 14:56:12 2015] <Tuplanolla> Does this theorem perhaps have a name or a known proof?
[Sat Sep  5 14:59:57 2015] <QF-MichaelK> Tuplanolla: Not that I'm an analyst, but you could take any polynomial P(x) = 0 and then take the nth root of both sides.  Should you have fewer solutions?
[Sat Sep  5 15:00:45 2015] <Tuplanolla> Intuition says so, but my common sense license was revoked in 2012, so I can't tell.
[Sat Sep  5 15:00:55 2015] <QF-MichaelK> Similarly if you do P(x)*P(x) = 0... I think each of those zeros will be repeated twice.
[Sat Sep  5 15:01:15 2015] <QF-MichaelK> So, if you do P(x)^n, you'll have n copies of the zeros in P(x)
[Sat Sep  5 15:01:26 2015] <QF-MichaelK> This is multiplicity
[Sat Sep  5 15:02:07 2015] <QF-MichaelK> Does that make sense? Want an example?
[Sat Sep  5 15:02:29 2015] <Tuplanolla> It does, but I'm concerned with sets instead of bags here.
[Sat Sep  5 15:02:54 2015] <Tuplanolla> I see x and x² being a trivial example of that.
[Sat Sep  5 15:03:34 2015] <QF-MichaelK> (x_i - a_i) for x_i = a_i
[Sat Sep  5 15:04:06 2015] <QF-MichaelK> Then you'd just have a_i repeated
[Sat Sep  5 15:04:59 2015] <QF-MichaelK> also, my intuition license was revoked last night... 1 + 2 + 3... = -1/12
[Sat Sep  5 15:05:26 2015] <Tuplanolla> Oh, Ramanujan's sums are fun.
[Sat Sep  5 15:06:48 2015] <QF-MichaelK> I saw a few "proofs" but dang this is nonsense.
[Sat Sep  5 15:07:24 2015] <QF-MichaelK> Any suggestions to get more nonsense like this?
[Sat Sep  5 15:08:23 2015] <Tuplanolla> They seem to come up wherever you look. The axiom of choice is usually involved though.
[Sat Sep  5 15:10:41 2015] <Tuplanolla> Would you like some examples?
[Sat Sep  5 15:17:10 2015] <QF-MichaelK> sure
[Sat Sep  5 15:17:20 2015] <QF-MichaelK> Tuplanolla:
[Sat Sep  5 15:17:54 2015] <Tuplanolla> There's a way to build a compact set that's connected but not path-connected, which involves some limit tricks.
[Sat Sep  5 15:18:06 2015] <Tuplanolla> There's also a way to build a compact set with an infinitely long boundary, which involves taking a Peano curve and making it sparse.
[Sat Sep  5 15:18:52 2015] <QF-MichaelK> Where I learn this, Munkres?
[Sat Sep  5 15:19:30 2015] <Tuplanolla> There are also theorems named after von Neumann, Banach and Tarski, all describing ways to make seemingly impossible reconstructions of geometric objects.
[Sat Sep  5 15:20:34 2015] <Tuplanolla> I don't really know where to look. I usually hear colleagues describe them or find them in shady Wikipedia articles I drift to.
[Sat Sep  5 15:20:42 2015] <QF-MichaelK> I'm familiar with the banach-tasrki paradox
[Sat Sep  5 15:21:36 2015] <QF-MichaelK> The best I've seen before this is the 28 year trip to Andromeda.
[Sat Sep  5 16:29:24 2015] <nkaretnikov> jrw: hi, i have a question about verdi.  is it somehow possible to make the verdi code talk to c?  or are you aware of any tools that can do that?  i know about the promela/spin pair, but they don't allow to generate c.  so you need to write similar code twice.
[Sat Sep  5 16:29:47 2015] <jrw> nkaretnikov: depends on what you mean by "talk to C"
[Sat Sep  5 16:29:58 2015] <jrw> if you mean interface with C code somehow, that shouldn't be too bad
[Sat Sep  5 16:30:03 2015] <jrw> since ocaml has good support for that
[Sat Sep  5 16:30:06 2015] <jrw> and we extract to ocaml
[Sat Sep  5 16:30:17 2015] <nkaretnikov> jrw: integrate that into existing c project
[Sat Sep  5 16:30:18 2015] <jrw> if you mean "generate C code from your Verdi code", that would be hard
[Sat Sep  5 16:30:36 2015] <nkaretnikov> how reliable is the ocaml route?
[Sat Sep  5 16:30:54 2015] <jrw> ocaml itself is awesome
[Sat Sep  5 16:31:04 2015] <nkaretnikov> i've recently tried to extract to haskell (for other purposes), and the result required some modifications
[Sat Sep  5 16:31:07 2015] <jrw> extraction is fragile because it is hacky and syntactic and hard to audit
[Sat Sep  5 16:31:19 2015] <jrw> but we have mostly handled that for you
[Sat Sep  5 16:31:19 2015] <nkaretnikov> will the output be readable?
[Sat Sep  5 16:31:24 2015] <jrw> not really, no.
[Sat Sep  5 16:31:35 2015] <QF-MichaelK> Is there a browser version of coq?
[Sat Sep  5 16:31:38 2015] <nkaretnikov> do you have any pointers?
[Sat Sep  5 16:31:45 2015] <jrw> pointers to what?
[Sat Sep  5 16:31:55 2015] <nkaretnikov> jrw: i've seen something about bytecode or some such
[Sat Sep  5 16:31:59 2015] <nkaretnikov> jrw: ocaml -> c
[Sat Sep  5 16:32:02 2015] <nkaretnikov> extraction
[Sat Sep  5 16:32:11 2015] <nkaretnikov> * has to go now, but i'll read the backlog
[Sat Sep  5 16:33:21 2015] <jrw> QF-MichaelK: you could check out PeaCoq. there's an instance running at http://goto.ucsd.edu:4242/ , but I don't think most people are supposed to know that yet :)
[Sat Sep  5 16:34:00 2015] <jrw> nkaretnikov: I'm still not sure what you mean. extraction is coq -> ocaml. to get the ocaml to talk to C, you would just use the normal ocaml ffi stuff.
[Sat Sep  5 16:34:13 2015] <jrw> ocaml also has a bytecode compiler, but that's mostly orthogonal
[Sat Sep  5 16:34:55 2015] <QF-MichaelK> jrw: I hope someone is working on a scratch*coq system.
[Sat Sep  5 16:35:16 2015] <jrw> QF-MichaelK: not that I know of. how would that work?
[Sat Sep  5 16:35:49 2015] <QF-MichaelK> jrw: Right now the best I have is figuring out the order... of the proof
[Sat Sep  5 16:36:25 2015] <QF-MichaelK> But I imagine in this precise form of proofs that definitions and theorems can be used like lego blocks.
[Sat Sep  5 16:36:51 2015] <QF-MichaelK> But, I don't understand how to modularize proofs.
[Sat Sep  5 16:37:28 2015] <QF-MichaelK> Maybe it would be only useful for already done proofs, but could be a powerful teaching aid with some visualizations
[Sat Sep  5 16:38:36 2015] <jrw> hmm, I think that sounds pretty similar to peacoq's proof mode
[Sat Sep  5 16:42:30 2015] <QF-MichaelK> also, there should be some sample proofs on peacoq
[Sat Sep  5 16:43:30 2015] <QF-MichaelK> I don't know what you mean by proof mode
[Sat Sep  5 16:54:25 2015] <jrw> QF-MichaelK: peacoq is a very early stage project, so I wouldn't expect too much polish out of it yet. it's such a cool idea though.
[Sat Sep  5 16:54:36 2015] <jrw> QF-MichaelK: to see the proof mode just start a proof.
[Sat Sep  5 17:01:29 2015] <QF-MichaelK> jrw: How can I trigger it?
[Sat Sep  5 17:02:44 2015] <jrw> okay so type some text in the box like "Lemma my_nat_fact : forall n, n + 0 = n." and then click the "Next" button
[Sat Sep  5 17:05:07 2015] <QF-MichaelK> Oh, wow
[Sat Sep  5 17:05:13 2015] <QF-MichaelK> not expected
[Sat Sep  5 17:05:22 2015] <QF-MichaelK> It just... did it
[Sat Sep  5 17:05:35 2015] <QF-MichaelK> automated theorem proving?
[Sat Sep  5 17:06:10 2015] <jrw> haha, something like that
[Sat Sep  5 17:06:25 2015] <jrw> it knows about all the tacitcs and which ones might be a good idea in the current goal
[Sat Sep  5 17:06:35 2015] <QF-MichaelK> can't copy paste...
[Sat Sep  5 17:06:55 2015] <jrw> huh, I can.
[Sat Sep  5 17:06:57 2015] <QF-MichaelK> nvm settings
[Sat Sep  5 17:12:37 2015] <QF-MichaelK> jrw: Is this instance yours?
[Sat Sep  5 17:12:48 2015] <jrw> QF-MichaelK: no it's Ptival's
[Sat Sep  5 17:12:52 2015] <jrw> he's the author
[Sat Sep  5 17:13:34 2015] <QF-MichaelK> is there a github for it?
[Sat Sep  5 17:14:04 2015] <jrw> yeah http://goto.ucsd.edu/peacoq/
[Sat Sep  5 17:14:11 2015] <jrw> there's a github link there
[Sat Sep  5 17:14:43 2015] <QF-MichaelK> thanks
[Sat Sep  5 17:17:22 2015] <Tuplanolla> This is dandy.
[Sat Sep  5 17:17:31 2015] <Tuplanolla> It's even got a small Vim in it.
[Sat Sep  5 17:20:53 2015] <jrw> :)
[Sat Sep  5 18:02:50 2015] <nkaretnikov> jrw: okay, i'll take a look
[Sat Sep  5 19:43:24 2015] <arvisrend> what is the ssreflect way to do [inversion]?
[Sun Sep  6 15:05:55 2015] <sanooj> hey guys. I'm still on my headbrick project of understanding ssreflect.
[Sun Sep  6 15:06:41 2015] <sanooj> I'm slowly getting the hang of the basics, although some proofs I'm running through are still giving me the "computer says your thing is proved!" error.
[Sun Sep  6 15:07:31 2015] <sanooj> (... and I don't actually understand why.)
[Sun Sep  6 15:08:05 2015] <sanooj> anyway, I'm going through ssrbool.v atm, and there's this big thing made about collective vs. applicative predicates.
[Sun Sep  6 15:09:01 2015] <sanooj> can someone hold my hand and explain in small words why?
[Sun Sep  6 22:26:03 2015] <johnw> sanooj: hi
[Mon Sep  7 03:02:29 2015] <QF-MichaelK> How would I set up a comparison between definitions?
[Mon Sep  7 03:05:53 2015] <QF-MichaelK> Rather, how do I define a continuous function?
[Mon Sep  7 07:48:04 2015] <riaqn> hello, How can I split a goal A <-> B into two subgoals?
[Mon Sep  7 07:48:11 2015] <asmanur> split
[Mon Sep  7 07:48:40 2015] <riaqn> asmanur: huh. the question is the answer. Thanks!
[Mon Sep  7 10:11:37 2015] <osa1> what's wrong with this definition: http://lpaste.net/140442 ? I'm getting "Last occurrence of "InIdx" must have "n" as 4th argument" error but I don't understand the reason.
[Mon Sep  7 10:12:51 2015] <Cypi> You put [n : nat] as a parameter, wheareas you want an index here
[Mon Sep  7 10:13:03 2015] <Cypi> so just replace the first line by [Inductive InIdx {A : Type} (a : A) (s : Stream A) : nat -> Prop :=]
[Mon Sep  7 10:15:37 2015] <osa1> thanks
[Mon Sep  7 10:58:04 2015] <osa1> how do I pass <= to a function that expects a -> a -> Prop? I think I'm doing the syntax wrong.
[Mon Sep  7 10:58:22 2015] <osa1> I'm trying (<=) but I'm getting Syntax error: [constr:operconstr level 200] expected after '(' (in [constr:operconstr]).
[Mon Sep  7 10:59:01 2015] <Tuplanolla> Refer to its name, le.
[Mon Sep  7 10:59:24 2015] <Tuplanolla> The <= is just notation.
[Mon Sep  7 10:59:25 2015] <osa1> ah right, forgot about "Locate" command.
[Mon Sep  7 10:59:33 2015] <osa1> got it.
[Mon Sep  7 15:21:31 2015] <QF-MichaelK> Is it too much to do something like proving that the topological definition of continuity implies the convergent sequence definition?
[Mon Sep  7 16:14:55 2015] <jrw> QF-MichaelK: the annoying part of that will be writing down all the set theory stuff.
[Mon Sep  7 16:22:17 2015] <QF-MichaelK> jrw: Hm, yeah, I'm not sure where to start, haven't "coded" or "proved" much in this realm.  My analysis skills are also not so good
[Mon Sep  7 16:22:32 2015] <QF-MichaelK> I was hoping it'd be easier to use the "proof assistant"  ^.^
[Mon Sep  7 16:24:44 2015] <Tuplanolla> Ideally working with Coq would be easier than without...
[Mon Sep  7 16:25:04 2015] <QF-MichaelK> indeed
[Mon Sep  7 16:26:34 2015] <QF-MichaelK> I did see some set theory stuff
[Mon Sep  7 16:26:54 2015] <QF-MichaelK> https://gist.github.com/andrejbauer/d31e9666d5f950dd8ccd
[Mon Sep  7 16:27:00 2015] <QF-MichaelK> Not sure if that's reasonable
[Mon Sep  7 16:28:43 2015] <QF-MichaelK> http://geocoq.github.io/GeoCoq/ also not sure how this might mesh, but says except the tarski and hilbert continuities
[Mon Sep  7 16:29:54 2015] <QF-MichaelK> Ah: https://coq.inria.fr/library/ maybe I include some library here
[Mon Sep  7 16:34:32 2015] <QF-MichaelK> http://www.lix.polytechnique.fr/coq/pylons/contribs/files/Topology/v8.3/Topology.Continuity.html
[Mon Sep  7 16:35:03 2015] <QF-MichaelK> sorry... no idea if this is a sane thing to do with limited experience
[Mon Sep  7 16:44:55 2015] <QF-MichaelK> Definition continuous : Prop :=   forall V:Ensemble (point_set Y), open V ->  open (inverse_image f V).   .... I may be dumb but this doesn't look quite the same as: A function $f : X \rightarrow Y$ is said to be continuous if $\forall$ open sets $A\epsilon Y, f^{-1}(A)$ is open in $X.$
[Mon Sep  7 16:47:13 2015] <Tuplanolla> What's this epsilon?
[Mon Sep  7 16:47:26 2015] <QF-MichaelK> inclusino
[Mon Sep  7 16:47:42 2015] <Tuplanolla> That should be $\in$.
[Mon Sep  7 16:47:48 2015] <QF-MichaelK> Ah!  Thanks
[Mon Sep  7 16:47:49 2015] <RegEchse> nope, \subset
[Mon Sep  7 16:48:50 2015] <QF-MichaelK>   A function $f : X \rightarrow Y$ is said to be continuous if $\forall$ open sets $A, y\in A, f^{-1}(A)$ is open in $X.$
[Mon Sep  7 16:49:16 2015] <QF-MichaelK> no
[Mon Sep  7 16:49:17 2015] <RegEchse> what is y
[Mon Sep  7 16:49:19 2015] <QF-MichaelK> you're right
[Mon Sep  7 16:49:34 2015] <RegEchse> just replace your \epsilon by \subset and everything's fine
[Mon Sep  7 16:49:56 2015] <QF-MichaelK> Yeah, thanks
[Mon Sep  7 16:50:07 2015] <RegEchse> or \subseteq  (depending on your intrepretation of \subset and \subseteq)
[Mon Sep  7 16:50:50 2015] <RegEchse> and that's exactly what the 'continuous' definition states, no?
[Mon Sep  7 16:52:15 2015] <QF-MichaelK> eq, yeah, I think so
[Mon Sep  7 16:54:17 2015] <jrw> QF-MichaelK: that looks very reasonable to me. do you know if it's been ported to 8.4 or 8.5?
[Mon Sep  7 16:55:39 2015] <jrw> oh, yeah it's in the contribs. cool.
[Mon Sep  7 16:55:41 2015] <QF-MichaelK> jrw: the 8.3 topology?  No, I'm about as green as grass
[Mon Sep  7 16:55:55 2015] <QF-MichaelK> where?
[Mon Sep  7 16:56:04 2015] <jrw> http://www.lix.polytechnique.fr/coq/pylons/coq/pylons/contribs/list/v8.4
[Mon Sep  7 16:56:44 2015] <QF-MichaelK> 8.4 works but not 8.5 http://www.lix.polytechnique.fr/coq/pylons/contribs/view/Topology/v8.4
[Mon Sep  7 16:57:34 2015] <jrw> QF-MichaelK: this looks cool, but if you're doing it to learn, you might have a better time starting from scratch.
[Mon Sep  7 16:58:34 2015] <QF-MichaelK> jrw: Hm, that's a good point.  But, seeing how other people code helps me learn how I should be coding
[Mon Sep  7 16:58:41 2015] <jrw> that's also true
[Mon Sep  7 16:59:12 2015] <QF-MichaelK> is there an apt-get coq ide?
[Mon Sep  7 16:59:35 2015] <QF-MichaelK> oh, coqide
[Mon Sep  7 16:59:36 2015] <QF-MichaelK> wow
[Mon Sep  7 17:32:00 2015] <lolisa> QF-Michaelk, AFAIK debian and ubuntu does not have 8.5 in their repository, that's why I build them from source. It's also easy to do so
[Mon Sep  7 18:56:55 2015] <QF-MichaelK> Is cow supposed to come with these standard libraries?
[Mon Sep  7 18:57:09 2015] <QF-MichaelK> ex: Require Export Ensembles.
[Mon Sep  7 19:11:22 2015] <RegEchse> mine does
[Mon Sep  7 19:12:18 2015] <RegEchse> you can investigate your installation of coq and look in the "theories" directory
[Mon Sep  7 19:13:32 2015] <RegEchse> QF-MichaelK: also https://coq.inria.fr/distrib/current/stdlib/ lists the complete stdlib
[Mon Sep  7 19:14:25 2015] <RegEchse> you _should_ have those, unless your distro packager removed it or put it into a different package :)
[Mon Sep  7 19:15:21 2015] <psnively> Hello Coquettes!
[Mon Sep  7 19:19:22 2015] <jrw> psnively: hello
[Mon Sep  7 19:19:33 2015] <psnively> jrw: Good afternoon!
[Mon Sep  7 19:20:26 2015] <psnively> I’m afraid I’ve forgotten how to solve pretty basic implications that (look like they) are distributive over disjunctions. Can anyone take 5 minutes to point me in the right direction? I put a pastie at http://lpaste.net/140457
[Mon Sep  7 19:21:31 2015] <psnively> I mean, unfold _says in *; tauto. of course proves it, because it’s a propositional tautology, but I’d like to understand how to use more basic tactics (again).
[Mon Sep  7 19:21:35 2015] <QF-MichaelK> RegEchse: thanks
[Mon Sep  7 19:24:29 2015] <jrw> psnively: there are several ways to approach this. how would you convince me it's true intuitively?
[Mon Sep  7 19:26:20 2015] <psnively> jrw: I’d say: Knight A implies not Knight A or not Knight B. Knight A implies not Knight A is a contradiction, so the not Knight B case is the correct one, therefore Knight A and not Knight B.
[Mon Sep  7 19:27:17 2015] <jrw> okay, good. so let's try to translate that into basic tactics.
[Mon Sep  7 19:27:27 2015] <psnively> jrw: Thanks. :-)
[Mon Sep  7 19:29:09 2015] <jrw> the naive translation would be something like "either Knight A or not (Knight A). consider each case..."
[Mon Sep  7 19:29:18 2015] <jrw> but we don't want to do that in a constructive setting
[Mon Sep  7 19:29:36 2015] <psnively> jrw: Right.
[Mon Sep  7 19:29:55 2015] <jrw> especially since we know [tauto] can solve it, so there *is* a constructive proof out there :)
[Mon Sep  7 19:30:15 2015] <psnively> jrw: I thought about using cut (Knight A), but I’m not convinced I’ll be able to handle the later proof obligation.
[Mon Sep  7 19:30:22 2015] <psnively> +1.
[Mon Sep  7 19:31:04 2015] <jrw> right.
[Mon Sep  7 19:34:59 2015] <psnively> jrw: It does seem like I should be able to distribute Knight A right over the disjunction, i.e. that I should be able to derive (Knight A /\ ~Knight A) \/ (Knight A /\ ~Knight B). Or is that only true classically?
[Mon Sep  7 19:35:41 2015] <psnively> Actually, that’s not even right.
[Mon Sep  7 19:35:59 2015] <jrw> psnively: which disjunction are you talking about?
[Mon Sep  7 19:36:21 2015] <psnively> (Knight A -> ~Knight A) \/ (Knight A -> ~Knight B).
[Mon Sep  7 19:36:48 2015] <psnively> jrw: Sorry, in the hypothesis.
[Mon Sep  7 19:37:18 2015] <jrw> that seems right to me, yeah :)
[Mon Sep  7 19:37:58 2015] <psnively> jrw: Can I rewrite the hypothesis, then?
[Mon Sep  7 19:38:19 2015] <jrw> hmm, well maybe that's not right. now I've gotten myself confused
[Mon Sep  7 19:38:29 2015] <psnively> jrw: Glad it’s not just me. :-D
[Mon Sep  7 19:39:55 2015] <jrw> psnively: okay, yeah, that's not necessarily true in general. but what is true is that if you have [P -> (~ P \/ Q)] then you can get [P -> Q]
[Mon Sep  7 19:40:48 2015] <psnively> jrw: OK. Then it seems like, thanks to the bi-implication, we can get the other way, assuming we can keep P -> Q in the context.
[Mon Sep  7 19:41:21 2015] <psnively> But one step at a time: how do I get P -> Q out of P -> (~P \/ Q)?
[Mon Sep  7 19:41:38 2015] <jrw> I think you should try to prove that as a lemma
[Mon Sep  7 19:41:50 2015] <jrw> [Lemma imp_or_distr : forall P Q : Prop, (P -> ~ P \/ Q) -> (P -> Q).]
[Mon Sep  7 19:41:59 2015] <jrw> if you follow your nose, you should get it.
[Mon Sep  7 19:42:17 2015] <psnively> Hmm. Is that not in the standard library somewhere?
[Mon Sep  7 19:42:40 2015] <psnively> Anyway, I’ll give it a shot. Thanks!
[Mon Sep  7 19:42:40 2015] <jrw> psnively: it might be, but you might learn more by proving it :)
[Mon Sep  7 19:43:07 2015] <psnively> jrw: I was just thinking that. Thanks again!
[Mon Sep  7 19:51:57 2015] <psnively> jrw: And I was hoping to avoid introducing the quantifiers just yet, but oh well.
[Mon Sep  7 19:54:06 2015] <psnively> jrw:
[Mon Sep  7 19:54:07 2015] <psnively> Lemma imp_or_distr : forall P Q : Prop, (P -> ~ P \/ Q) -> (P -> Q).
[Mon Sep  7 19:54:08 2015] <psnively> Proof. intros. pose proof (H H0) as NPQ. inversion NPQ. contradiction. assumption.
[Mon Sep  7 19:54:09 2015] <psnively> Qed.
[Mon Sep  7 19:54:14 2015] <jrw> cool
[Mon Sep  7 19:54:30 2015] <psnively> Yeah, but quantifiers and “pose proof” for something that basic?
[Mon Sep  7 19:55:02 2015] <psnively> jrw: Is this where you tell me it already is in the standard library? :-)
[Mon Sep  7 19:55:07 2015] <jrw> well, there's [tauto] :)
[Mon Sep  7 19:55:19 2015] <psnively> jrw: Yeah, fair enough!
[Mon Sep  7 20:07:10 2015] <jrw> psnively: okay so have you applied that lemma?
[Mon Sep  7 20:07:59 2015] <psnively> jrw: Well, I’m trying to make the lemma a bi-implication.
[Mon Sep  7 20:10:19 2015] <jrw> okay, but I don't think you'll need that
[Mon Sep  7 20:14:14 2015] <psnively> jrw: Really? Hmm.
[Mon Sep  7 20:15:35 2015] <psnively> jrw: OK, took it out...
[Mon Sep  7 20:18:00 2015] <psnively> Now I have...
[Mon Sep  7 20:18:02 2015] <psnively> H : ~ Knight B
[Mon Sep  7 20:18:02 2015] <psnively> H0 : ~ Knight A \/ ~ Knight B -> Knight A
[Mon Sep  7 20:18:03 2015] <psnively> Knight A /\ ~ Knight B
[Mon Sep  7 20:18:21 2015] <psnively> inversion H0 doesn’t work because H0 isn’t inductive...
[Mon Sep  7 20:21:02 2015] <psnively> Ugh… and nevermind… apply imp_or_distr with (Q := ~Knight B) in H also gives me an unbelievably hairy second proof obligation. I think I’m still on the wrong track.
[Mon Sep  7 20:22:45 2015] <Cypi> I'm sorry to barge in in the middle of all this, but you want to prove [Knight A /\ ~ Knight B] with the previous assumptions, right? Why not start with a [split], and then it should be natural.
[Mon Sep  7 20:24:15 2015] <QF-MichaelK> I want to show that topological continuity implies metric continuity, but am having a lot of trouble getting it set up still
[Mon Sep  7 20:29:45 2015] <psnively> Cypi: Sorry, where?
[Mon Sep  7 20:30:39 2015] <Cypi> If you have [H : ~ Knight B] and [H0 : ~ Knight A \/ ~ Knight B -> Knight A] and want to prove [Knight A /\ ~ Knight B], then starting with a [split] might be a good idea
[Mon Sep  7 20:30:46 2015] <psnively> Cypi: Here’s the full starting script: http://lpaste.net/140457
[Mon Sep  7 20:30:48 2015] <Cypi> (sorry if I misunderstood everything)
[Mon Sep  7 20:31:11 2015] <psnively> Cypi: No, it’s not a bad suggestion.
[Mon Sep  7 20:34:23 2015] <psnively> I don’t know. Anytime I actually use imp_or_distr, I get a gargantuan proof obligation I don’t have any idea what to do with.
[Mon Sep  7 20:36:03 2015] <QF-MichaelK> hmmm forward conflict, crtl + alt + down is also a windowing command
[Mon Sep  7 20:37:19 2015] <Cypi> You can configure the "Ctrl + Alt" part in Edit >> Preferences >> Shortcuts
[Mon Sep  7 20:38:46 2015] <osa1> sorry if this is a dumb question, but can anyone give me an example of a system where equality of nats is undecidable? when I read something like "in a system with decidable equality of nats" it makes zero sense to me.
[Mon Sep  7 20:39:42 2015] <QF-MichaelK> Cypi: thanks
[Mon Sep  7 20:42:17 2015] <QF-MichaelK> Cypi: Hm, not sure how to use this... ctl, alt... all over the place here
[Mon Sep  7 20:42:28 2015] <QF-MichaelK> no specific key bindings
[Mon Sep  7 20:42:31 2015] <osa1> like, how can you not decide equality of nats? isn't it just data Nat = Zero | Succ Nat etc.
[Mon Sep  7 20:44:45 2015] <QF-MichaelK> nope, can't seem to use that to change anything
[Mon Sep  7 20:44:45 2015] <Cypi> QF-MichaelK : on the "Modifiers for Navigation Menu", you can choose which combination of modifiers should enable the Navigation shortcuts
[Mon Sep  7 20:44:56 2015] <Cypi> Oh, also, you need to restard CoqIDE
[Mon Sep  7 20:44:58 2015] <Cypi> for reasons...
[Mon Sep  7 20:45:20 2015] <QF-MichaelK> ahhhhh
[Mon Sep  7 20:46:14 2015] <QF-MichaelK> Yes, much better, restarting, silly me
[Mon Sep  7 20:46:30 2015] <QF-MichaelK> Too bad it doesn't say that in the panel
[Mon Sep  7 20:46:50 2015] <Cypi> The UI is not perfect indeed
[Mon Sep  7 20:47:31 2015] <QF-MichaelK> yes, but I'm glad it exists
[Mon Sep  7 21:13:36 2015] <psnively> Can anyone else suggest a “just basic tactics” approach to http://lpaste.net/140457 ? I’m afraid I’m still stuck. :-)
[Mon Sep  7 21:14:27 2015] <Cypi> I started by just proving [Knight A]
[Mon Sep  7 21:15:23 2015] <Cypi> The first step is obvious, and then you have to prove [~ Knight A \/ ~ Knight B]. You cannot prove (~ Knight A] there, but you can prove [~ Knight B]
[Mon Sep  7 21:16:11 2015] <psnively> Cypi: What approach did you take, if I may ask?
[Mon Sep  7 21:16:22 2015] <Cypi> Do you want directly the script?
[Mon Sep  7 21:17:22 2015] <psnively> Well, sure, that’s one way. :-)
[Mon Sep  7 21:17:59 2015] <Cypi> As you wish: http://lpaste.net/140459
[Mon Sep  7 21:18:39 2015] <psnively> Thanks! Ah, using the proof structuring support. Nice.
[Mon Sep  7 21:19:42 2015] <psnively> Yeah, I figured I’d need assert or cut. Very good.
[Mon Sep  7 21:20:59 2015] <osa1> while using auto is there a way to print used tactics?
[Mon Sep  7 21:21:10 2015] <Cypi> You don't _need_ assert/cut, but obviously it's shorter :)
[Mon Sep  7 21:21:29 2015] <Cypi> osa1 : with some luck, [Info 1 auto] might do that. It can also print useless stuff, sadly
[Mon Sep  7 21:21:45 2015] <Cypi> (not every tactic has been transitioned to the new tactics engine, this is why)
[Mon Sep  7 21:25:44 2015] <osa1> thanks, will try that..
[Mon Sep  7 21:31:10 2015] <psnively> Cypi: This is exactly what I was struggling with/wanted. Thanks so much!
[Mon Sep  7 21:41:52 2015] <Big_G> Anyone know of jobs in Coq
[Mon Sep  7 21:52:11 2015] <QF-MichaelK> reading some basics: https://coq.inria.fr/tutorial-nahas
[Mon Sep  7 21:52:43 2015] <QF-MichaelK> I skipped way ahead without understanding this stuff...
[Mon Sep  7 21:53:25 2015] <QF-MichaelK> Big_G: You could presumably make something cool with coq and make it your own job...  Ex: math education for kids  coq*scratch?
[Mon Sep  7 22:03:56 2015] <Big_G> I meant in an established company
[Mon Sep  7 22:04:58 2015] <QF-MichaelK> Big_G: I think not enough people are aware of it yet, and the people who are would mostly be researchers.  Maybe a professorship or math PhD?
[Mon Sep  7 22:05:24 2015] <Big_G> I don't have either
[Mon Sep  7 22:05:57 2015] <QF-MichaelK> I meant to pursue a math PhD... Lots of programs pay PhD students
[Mon Sep  7 22:10:35 2015] <osa1> ohh I think I finally get it... "equality of nats is decidable" <- this basically means that we can have eq_nat_decide in Coq. e.g. I can destruct (eq_nat_decide n1 n2) in my proofs.
[Mon Sep  7 22:11:09 2015] <osa1> although I'm still having trouble imagining a system without that.
[Mon Sep  7 23:05:33 2015] <newsham> osa1: but you could have other types where equality isnt decidable, like constructive reals.
[Mon Sep  7 23:08:32 2015] <newsham> [15:53] < QF-MichaelK> Big_G: You could presumably make something cool with coq and make it your own job...  Ex: math  education for kids  coq*scratch?
[Mon Sep  7 23:08:37 2015] <newsham> are there any kids lessons with coq?
[Mon Sep  7 23:16:47 2015] <QF-MichaelK> newsham: Depends on what you mean by a kid.  But, probably no, I don't suspect it'd be appropriate until there's an associated visual programming language
[Mon Sep  7 23:17:03 2015] <QF-MichaelK> I don't think that is in the works yet.  You should make it!
[Mon Sep  7 23:18:11 2015] <QF-MichaelK> It'd be nice to construct some pictoral representations of states during the proof.  I think this would be part of that goal.
[Tue Sep  8 00:33:45 2015] <newsham> like https://www.cs.washington.edu/verigames ?
[Tue Sep  8 00:48:57 2015] <QF-MichaelK> newsham: Ah, yes, but for math instead of code.  And more geared to making the players become experts than simplifying the problems.
[Tue Sep  8 00:49:04 2015] <QF-MichaelK> thanks for the share!
[Tue Sep  8 05:28:26 2015] <riaqn> hello, I have a H2: 'andb testa testb = true'. how can I get 'testa = true' and 'testb = true'?
[Tue Sep  8 05:30:55 2015] <QF-MichaelK> split H2?
[Tue Sep  8 05:32:03 2015] <riaqn> QF-MichaelK: huh, solved. There's already a theorem defined as (andb b1 b2 = true -> b2 = true)
[Tue Sep  8 05:33:10 2015] <QF-MichaelK> riaqn: so intros?
[Tue Sep  8 05:33:46 2015] <riaqn> QF-MichaelK: so I just apply it. with (b1:=testa) (b2:=testb)
[Tue Sep  8 05:33:47 2015] <QF-MichaelK> Getting started with coq, intros.
[Tue Sep  8 05:34:07 2015] <QF-MichaelK> there's a decent pun in there somewhere
[Tue Sep  8 05:34:25 2015] <QF-MichaelK> ah, yes
[Tue Sep  8 05:34:50 2015] <QF-MichaelK> I'm trying to prove without coq, couldn't figure out how to phrase my problem.
[Tue Sep  8 06:42:07 2015] <QF-MichaelK> same error: http://www.lix.polytechnique.fr/coq/pylons/logs/view/ZornsLemma/-5673840384087064485
[Tue Sep  8 06:43:56 2015] <QF-MichaelK> Trying to get http://www.lix.polytechnique.fr/coq/pylons/contribs/view/Topology/v8.4 to work again...
[Tue Sep  8 06:44:06 2015] <QF-MichaelK> tried http://stackoverflow.com/questions/16202666/coqide-cant-load-modules-from-same-folder
[Tue Sep  8 06:44:29 2015] <QF-MichaelK> make from the directory starts to do stuff then fails with that error
[Tue Sep  8 06:44:52 2015] <QF-MichaelK> tried as in, added: Add LoadPath "<directory-path>".
[Tue Sep  8 07:40:36 2015] <riaqn> hello, in proof general, is there anyway to jump to the definition of a type/function?
[Tue Sep  8 08:05:25 2015] <schoppenhauer> riaqn: I *think* it is M-x . but I am not sure.
[Tue Sep  8 08:05:50 2015] <schoppenhauer> (but it is sure worth a try ;) )
[Tue Sep  8 08:07:18 2015] <schoppenhauer> ok. so I have the following problem: I need to work with a file that should be streamed. so far I did this using lists and relying on haskell's lazyness. but now I want to extract to ocaml. I *could* rewrite everything into thunk encoding, this would be the "obvious" way. but is there another way?
[Tue Sep  8 08:07:31 2015] <riaqn> schoppenhauer: M-x and what? M-x only brings out a prompt for further invocation.
[Tue Sep  8 08:07:52 2015] <schoppenhauer> you go to the name of the definition and do M-x .
[Tue Sep  8 08:08:26 2015] <schoppenhauer> riaqn: ah ok, sry, I mixed it up with SLIME
[Tue Sep  8 08:20:59 2015] <schoppenhauer> I guess you will have to use etags then
[Tue Sep  8 08:21:16 2015] <schoppenhauer> (which I never did ... but gugel probably knows)
[Tue Sep  8 08:37:03 2015] <schoppenhauer> which level does the notation _ :: _ have?
[Tue Sep  8 08:38:49 2015] <riaqn> schoppenhauer: Notation "x :: l" := (cons x l) (at level 60, right associativity).
[Tue Sep  8 08:39:07 2015] <schoppenhauer> riaqn: thx
[Tue Sep  8 08:39:24 2015] <riaqn> it's defined in Lists.v, SF.
[Tue Sep  8 08:45:04 2015] <schoppenhauer> thx
[Tue Sep  8 08:51:45 2015] <schoppenhauer> Some x => unsafeSlowResolveBackRefs r (x :: l)
[Tue Sep  8 08:51:51 2015] <schoppenhauer> wah sorry. window focus fail.
[Tue Sep  8 11:13:47 2015] <schoppenhauer> Is there any tactics library that solves stuff for lists? because ... equalities containing :: and ++ can often be resolved pretty automatically.
[Tue Sep  8 15:31:59 2015] <sanooj> is it just me or has ssreflect jumped over the deep end wrt. notations?
[Tue Sep  8 16:15:22 2015] <QF-MichaelK> I'm having trouble getting zornslemma to compile, help?
[Tue Sep  8 16:15:32 2015] <QF-MichaelK> same as : http://www.lix.polytechnique.fr/coq/pylons/logs/view/ZornsLemma/-5673840384087064485
[Tue Sep  8 17:52:06 2015] <sanooj> woah. reading coq's Bool/*.v is like a leisurely walk in the park on a lazy sunday afternoon compared to ssrbool.
[Tue Sep  8 17:53:15 2015] <johnw> haha
[Tue Sep  8 17:53:25 2015] <johnw> sanooj: ssreflect does have a certain... information density to it
[Tue Sep  8 17:53:53 2015] <sanooj> optimized for terseness. reminds me of forth or j.
[Tue Sep  8 17:55:31 2015] <johnw> I still have yet to master n-tuple's
[Tue Sep  8 17:55:57 2015] <sanooj> so my actual goal is to prove the AKS algorithm correct.
[Tue Sep  8 17:57:00 2015] <sanooj> the basic proof is not all that hard, but it does require a little bit of theory from cyclotomic fields.
[Tue Sep  8 17:57:37 2015] <sanooj> hence, I figured ssreflect + the mathematical components would be just what I need.
[Tue Sep  8 17:57:42 2015] <johnw> sure
[Tue Sep  8 17:58:59 2015] <sanooj> to be honest, the underside of the carpet is frickin scary, I'm not really sure anymore.
[Tue Sep  8 18:00:17 2015] <johnw> it just takes getting used to
[Tue Sep  8 18:00:27 2015] <johnw> I really enjoy ssr+mc, even though I'm still in Padowan stage
[Tue Sep  8 18:01:09 2015] <sanooj> thanks for the encouragement. :)
[Tue Sep  8 18:02:46 2015] <sanooj> but today, the brein is full to the brim with ssrbool already.  must crash and forget some.
[Tue Sep  8 18:02:51 2015] <sanooj> nite
[Tue Sep  8 18:02:53 2015] <johnw> what's cool is thinking you understand it, writing a neat 3 line proof, and then asking Gonthier about it and he sends you back a 1 liner
[Tue Sep  8 18:03:36 2015] <johnw> I feel like I'd need to sit in a Master Class with him for a semester to really know the best way to approach the sorts of problems ssr+mc are good at solving
[Tue Sep  8 18:04:13 2015] <sanooj> I'd settle for "just" a proof. :)
[Tue Sep  8 18:04:27 2015] <sanooj> anyway, must really sleep. ttyl.
[Tue Sep  8 18:04:32 2015] <johnw> sleep well
[Tue Sep  8 18:26:16 2015] <lolisa> do anyone have an idea of what Coq CreateHintDb do? Funny stuff are happening... https://github.com/lolisa/CoqCore/blob/master/MoreJMeq.v  line 42 is doing nothing while it should be at least as powerful as line 43, also removing "discriminated" from line 4 also fix the problem
[Wed Sep  9 05:06:54 2015] <manwaz> I'm trying to build an Inductive type similar to a (list (nat * nat)), but with a further constraint
[Wed Sep  9 05:07:43 2015] <manwaz> the fst natural is increasing [(1,_), (2,_), (3,_)]
[Wed Sep  9 05:08:31 2015] <manwaz> Can I express this constraint in the type itself?
[Wed Sep  9 05:09:07 2015] <manwaz> I would like to say something like:
[Wed Sep  9 05:09:15 2015] <manwaz> [] is a mylist
[Wed Sep  9 05:09:30 2015] <manwaz> [(0, _)] is a mylist
[Wed Sep  9 05:10:25 2015] <asmanur> You can put the start index in the type
[Wed Sep  9 05:10:29 2015] <manwaz> if l = (n, _) :: _ is a mylist, then (S n, _) :: l is a mylist
[Wed Sep  9 05:10:45 2015] <asmanur> have mylist : nat -> Set
[Wed Sep  9 05:11:17 2015] <asmanur> and then do the union (eg. with an exists: mylist' = exists n, mylist n)
[Wed Sep  9 05:13:08 2015] <manwaz> asmanur: thx! I have to try, since I'm not sure to have understood your second hint...
[Wed Sep  9 05:31:48 2015] <xeno> hi, I just tried http://pastebin.com/w9YM0U2j
[Wed Sep  9 05:32:05 2015] <xeno> and then I get the error that "id" has type ID while it should be Set,Prop or Type
[Wed Sep  9 05:32:08 2015] <xeno> why? What?
[Wed Sep  9 05:33:27 2015] <asmanur> how is id defined ?
[Wed Sep  9 05:33:51 2015] <asmanur> in an arrow type you should have types/prop things not values (what is the meaning of 3 -> 2 ?)
[Wed Sep  9 05:34:35 2015] <xeno> I'm just trying to define simple untyped lambda calculus
[Wed Sep  9 05:35:02 2015] <xeno> where x for instance is a valid lambda term, in the form of a symbol
[Wed Sep  9 05:35:31 2015] <asmanur> yes, but how is id defined?
[Wed Sep  9 05:36:06 2015] <asmanur> how it seems it is a Coq builtin for the identity
[Wed Sep  9 05:36:08 2015] <xeno> two secs, it's the builtin definition
[Wed Sep  9 05:36:20 2015] <xeno> ah
[Wed Sep  9 05:36:21 2015] <asmanur> yes it's the identity function, so i don't think you want that here
[Wed Sep  9 05:36:21 2015] <xeno> opps
[Wed Sep  9 05:36:27 2015] <xeno> that's very correct :)
[Wed Sep  9 05:36:52 2015] <xeno> I guess I want it inductive too, Id int ...
[Wed Sep  9 08:05:39 2015] <manwaz> asmanur: my solution http://paste2.org/ByL6INLv
[Wed Sep  9 08:06:51 2015] <asmanur> manwaz: I don't think it's correct. Doesn't it accept [(1, _), (2, _), (1, _), (2, _)] ?
[Wed Sep  9 08:16:22 2015] <manwaz> asmanur: you are right, the recursive step should read indexed t, without the prime
[Wed Sep  9 08:16:43 2015] <asmanur> es
[Wed Sep  9 08:16:44 2015] <asmanur> yes
[Wed Sep  9 08:17:27 2015] <manwaz> how do I check if a list has type mylist?
[Wed Sep  9 08:18:36 2015] <manwaz> Check [(1,2) ; (2, 0) ; (3,99)] gives list (nat * nat)
[Wed Sep  9 08:26:45 2015] <asmanur> well
[Wed Sep  9 08:27:04 2015] <asmanur> elements of type mylist are pairs (liste, proof_that_the_list_is_indexed)
[Wed Sep  9 16:36:15 2015] <heinrich5991> I'd like to write a predecessor function that only works on natural numbers greater than 0
[Wed Sep  9 16:37:40 2015] <heinrich5991> i.e. kind of like Definition pred (n:nat) := match n with S n' => n' end.
[Wed Sep  9 16:38:21 2015] <heinrich5991> that gives a "non exhautive pattern-matching" error
[Wed Sep  9 16:39:01 2015] <jrw> heinrich5991: there are basically two approaches: return a bogus value in the case that shouldn't happen and then all theorems about pred take a hypothesis that the argument is valid, or you can make the type of pred contain the precondition using a [sig] type for the argument.
[Wed Sep  9 16:39:26 2015] <jrw> something like pred : {n : nat | n <> 0} -> nat
[Wed Sep  9 16:40:28 2015] <heinrich5991> I'm interested in the latter approach, since the standard library takes the former
[Wed Sep  9 16:41:34 2015] <jrw> heinrich5991: you might like to look at the Program commands, since they support this style
[Wed Sep  9 16:44:04 2015] <heinrich5991> ok thanks so far, will follow your pointers
[Wed Sep  9 16:46:06 2015] <gallais> Or you may want to have a look at the match...return...with construct. Spoiler: http://lpaste.net/140560
[Wed Sep  9 16:50:37 2015] <heinrich5991> I think false_rect is what I'm looking for
[Wed Sep  9 16:52:06 2015] <heinrich5991> gallais: how did you construct the proof of False for False_rect?
[Wed Sep  9 16:53:51 2015] <johnw> you pass False_rect whatever from your context is False, and you'll get back whatever you want
[Wed Sep  9 16:54:16 2015] <johnw> it's the same as Haskell's "absurd"
[Wed Sep  9 16:54:29 2015] <gallais> The trick is that the "as...return" clause make it so that "m <> 0 -> _" becomes "0 <> 0" in the 0 branch
[Wed Sep  9 17:09:21 2015] <lpaste_> heinrich5991 revised “pred with precondition”: “No title” at http://lpaste.net/140560
[Wed Sep  9 17:10:10 2015] <heinrich5991> gallais: I'm having serious problems understanding this function. do you know where I can read up on "as" or "return"?
[Wed Sep  9 17:10:55 2015] <heinrich5991> (I tried to comment in the paste what I already understand, but it's not much)
[Wed Sep  9 17:15:02 2015] <gallais> npr is the argument of type {n : nat | n <> 0}
[Wed Sep  9 17:16:29 2015] <heinrich5991> what are the elements of the pair
[Wed Sep  9 17:16:31 2015] <heinrich5991> ?
[Wed Sep  9 17:16:42 2015] <heinrich5991> the natural number and a PRoof?
[Wed Sep  9 17:19:10 2015] <gallais> I guess this is a fairly good step by step introduction: http://matthew.brecknell.net/post/pattern-matching-dependent-types-in-coq/
[Wed Sep  9 17:19:38 2015] <gallais> yes: the natural number n and the proof pr that it is different from 0
[Wed Sep  9 17:20:14 2015] <heinrich5991> ok, thanks for the link and your help!
[Wed Sep  9 17:38:38 2015] <gallais> No bother!
[Wed Sep  9 17:57:28 2015] <ianjneu> 5/quit
[Thu Sep 10 07:53:48 2015] <keep_learning> Hello everyone.
[Thu Sep 10 07:54:13 2015] <keep_learning> I am trying to prove http://lpaste.net/140598
[Thu Sep 10 07:55:04 2015] <keep_learning> classical (Definition classic := forall P : Prop,   ~~P -> P.) implies excluded middle ( Definition excluded_middle := forall P:Prop,   P \/ ~P.)
[Thu Sep 10 07:55:36 2015] <keep_learning> but in the proof I am stuck with circular definition
[Thu Sep 10 07:56:12 2015] <keep_learning> could some one please give me some hint how to get out of this circle.
[Thu Sep 10 07:57:21 2015] <aj> keep_learning: after "apply or_introl" you're trying to prove an arbitrary P is true
[Thu Sep 10 08:00:04 2015] <Cypi> To elaborate on that, if you do [apply or_introl], then it means that [classic] implies that any proposition P is true. Similarly, if you do [apply or_intror], then it means that [classic] implies that any proposition P is false. So you have to do something else.
[Thu Sep 10 08:02:17 2015] <keep_learning> aj: Cypi Thank you.
[Thu Sep 10 08:29:20 2015] <keep_learning> Cypi: We can write P \/ Q  as ~P => Q so in this case P \/ ~P is ~P => ~P. is this correct line of thought ?
[Thu Sep 10 08:33:52 2015] <Cypi> This only holds classically, but since you assume a classical axiom, then it's correct, yes
[Thu Sep 10 08:34:11 2015] <Cypi> except that I don't think it will help you prove [classical -> excluded_middle] :)
[Thu Sep 10 08:36:16 2015] <aj> keep_learning: i found "~ (P \/ Q) <-> (~ P) /\ (~ Q)" a helpful lemma fwiw. it's provable with just tauto fwiw
[Thu Sep 10 08:36:57 2015] <keep_learning> Cypi: yes because I am not able to rewrite the goal ( P \/ ~P ) with ~P => ~P
[Thu Sep 10 08:46:52 2015] <RegEchse> keep_learning: you don't have to. [spoiler alert] Note that your hypothesis H applies to _any_ P : Prop, e.g. your current goal. ;)
[Thu Sep 10 08:47:14 2015] <RegEchse> eh, with "current" i meant "initial"
[Thu Sep 10 10:53:58 2015] <schoppenhauer> is it possible in coq to tell that the termination of a function is proved in a second theorem (that is: defining functions that might not terminate)?
[Thu Sep 10 10:54:20 2015] <schoppenhauer> (they terminate, but I want to prove this later, because it makes the term more complicated otherwise)
[Thu Sep 10 10:54:48 2015] <schoppenhauer> (I mean, otherwise I would just pass a dummy-upper-bound that is much too large and use it, but well, that is less beautiful)
[Thu Sep 10 10:55:08 2015] <Cypi> In the built-in stuff, I think Function can do that, right? I never used it though
[Thu Sep 10 10:55:18 2015] <Cypi> Maybe even Program
[Thu Sep 10 10:55:29 2015] <Cypi> (sorry, cannot help much more)
[Thu Sep 10 10:58:00 2015] <rmk0> schoppenhauer: http://adam.chlipala.net/cpdt/html/GeneralRec.html
[Thu Sep 10 10:58:05 2015] <rmk0> "well-founded recursion"
[Thu Sep 10 10:59:49 2015] <schoppenhauer> hm. I know well-founded recursion. ok, according to this text, I will have to introduce a dummy bound.
[Thu Sep 10 10:59:52 2015] <schoppenhauer> then I will do so.
[Thu Sep 10 11:01:28 2015] <schoppenhauer> thx
[Thu Sep 10 11:01:58 2015] <ianjneu> schoppenhauer: your can use Program Fixpoint.
[Thu Sep 10 11:02:13 2015] <ianjneu> s/your/you/
[Thu Sep 10 11:02:29 2015] <schoppenhauer> but program fixpoint has this strange obligation stuff which I do not really like
[Thu Sep 10 11:02:54 2015] <schoppenhauer> I can give an upper bound (something like exp(exp(exp(list-length)))) and thats probably easier.
[Thu Sep 10 11:02:56 2015] <schoppenhauer> but thx.
[Thu Sep 10 11:03:10 2015] <ianjneu> You said you wanted to prove it later. You can admit the obligation for now.
[Thu Sep 10 11:13:54 2015] <Cypi> also, obligations are exactly that: delayed proofs
[Thu Sep 10 13:51:04 2015] <dprt> I'm attempting to build ProofGeneral 4.2 with emacs 24.4.1, but make is reporting that the function 'isar-markup-ml' is undefined. Has anyone encountered this? There is a bug report indicating that this was fixed in the latest ProofGeneral release. Or perhaps a different channel is appropriate?
[Thu Sep 10 13:56:23 2015] <dprt> Nevermind; I apparently missed the link for the latest release of ProofGeneral on the website. Thanks anyways.
[Thu Sep 10 18:09:07 2015] <napping> I'm trying to work on a definition that uses '|-' in a notation, but I can't write "match goal" tactics
[Thu Sep 10 18:09:33 2015] <napping> Is there any way to fix that?
[Thu Sep 10 18:10:14 2015] <napping> that is, the notation is taking precedence over a "[_ |- _]" goal pattern
[Thu Sep 10 18:29:20 2015] <johnw> ah
[Thu Sep 10 18:29:28 2015] <johnw> napping: I've wondered that before myself
[Thu Sep 10 18:29:37 2015] <napping> I've found nothing
[Thu Sep 10 18:30:04 2015] <napping> Looks like the changing to unicode        Γ ⊢ tfalse ∈ TBool
[Thu Sep 10 18:30:07 2015] <napping> works well enough
[Thu Sep 10 18:30:53 2015] <johnw> Unicode is the solution to all problems except itself
[Thu Sep 10 18:31:55 2015] <napping> I guess that was accidental - the html pages of software foundations render it as unicode, but the actual file does say Reserved Notation "Gamma '|-' t '\in' T" (at level 40).
[Thu Sep 10 18:33:38 2015] <napping> A boring '|--' would probably work just as well
[Thu Sep 10 18:34:04 2015] <napping> time for me to head out
[Thu Sep 10 19:17:42 2015] <RegEchse> interesting. ltac expressions seem to ignore notation scopes. Is that a bug? o.o   i mean, if i define |- as notation in "myscope" but do _not_ open that scope, i still can't use |- in match goal afterwards. that's ... strange to me
[Fri Sep 11 08:01:23 2015] <vanila> hi
[Fri Sep 11 08:02:59 2015] <vanila> how do de bruijn substitutions commute?
[Fri Sep 11 13:50:43 2015] <vanila> hooray \o/-
[Fri Sep 11 13:50:51 2015] <vanila> finally completed my proof of confluence
[Fri Sep 11 13:51:05 2015] <vanila> that was hard work
[Fri Sep 11 13:52:28 2015] <ianjneu> vanila: of what TRS?
[Fri Sep 11 13:53:24 2015] <vanila> de brujin terms of lambda calculus
[Fri Sep 11 18:04:21 2015] <benzrf> is there a such thing as a coinduction principle
[Fri Sep 11 18:07:07 2015] <benzrf> also: someone come up with a proper pun involving the duction of coins
[Fri Sep 11 18:22:17 2015] <hodapp> benzrf: I feel as though I've encountered something like this
[Fri Sep 11 18:22:25 2015] <hodapp> perhaps in the paper Total Functional Programming
[Fri Sep 11 19:03:35 2015] <benzrf> what does coinduction on nats look like
[Fri Sep 11 19:03:37 2015] <benzrf> augh
[Fri Sep 11 19:09:03 2015] <benzrf> wait never mind!!!!
[Fri Sep 11 19:09:19 2015] <benzrf> aaaaaaAAAAAAAAAAA I think i might have figured out how to do the thing im trying to figure out :DDD
[Fri Sep 11 20:55:54 2015] <benzrf> if anybody's here
[Fri Sep 11 20:56:09 2015] <benzrf> is it the case that
[Fri Sep 11 20:56:53 2015] <benzrf> ugh, how to put this
[Fri Sep 11 20:57:28 2015] <benzrf> it seems like any proof of ~~P must contain a proof of P, since the only way to get a False to return is to supply a P to the negation argument
[Fri Sep 11 20:58:22 2015] <benzrf> so in the event that ~~P is provable but P is not, that means that it must be possible to construct a P using a ~P, in a way less trivial than explosion
[Fri Sep 11 20:58:32 2015] <benzrf> is that roughly right?
[Fri Sep 11 20:58:41 2015] <dmiles_afk> * hopes to ear an ansewrt
[Fri Sep 11 20:58:50 2015] <dmiles_afk> * hopes to hear an answer to
[Fri Sep 11 21:03:50 2015] <benzrf> 'less trivial than explosion' because you cant get a False until you have a P
[Fri Sep 11 21:13:07 2015] <dmiles_afk> makes me think all logic is auto-epstomologic
[Fri Sep 11 21:17:46 2015] <dmiles_afk> that is that all logics have to be aware of the fact they are part of their own universes and deal with their language...   that mean P and ~P and ~~P must be undertood to be understood outside of just logic
[Fri Sep 11 21:26:28 2015] <dmiles_afk> loves(A,_) => capableOfLove(A).
[Fri Sep 11 21:27:08 2015] <dmiles_afk> ~capableOfLove(rock).
[Fri Sep 11 21:27:29 2015] <dmiles_afk> means: ~loves(rock,_)
[Fri Sep 11 21:28:16 2015] <dmiles_afk> or is already  "loves(rock,_)"  not even wff?
[Fri Sep 11 21:28:33 2015] <dmiles_afk> lets say its wff
[Fri Sep 11 21:29:05 2015] <dmiles_afk> thus ~loves(rock,_) is fine
[Fri Sep 11 21:31:16 2015] <dmiles_afk> benzrf, i think what you are saying is P has to be compatable with negation and say nothing absurd
[Fri Sep 11 21:31:26 2015] <benzrf> uhh
[Fri Sep 11 21:31:43 2015] <dmiles_afk> and say nothing absurd while its both negative or not negatibe both?
[Fri Sep 11 21:32:38 2015] <dmiles_afk> what i mean is that the quantification of the variables inside of P have to continue to make sense
[Fri Sep 11 21:33:25 2015] <dmiles_afk> that somehow double negation has to not accidently lose information
[Fri Sep 11 21:34:48 2015] <dmiles_afk> why would ~P be an explosion?
[Fri Sep 11 21:37:50 2015] <dmiles_afk> or why would P be an explosion?
[Fri Sep 11 21:39:33 2015] <dmiles_afk> to not explode out to the full meaning would to have be akin to "accidently losing information"?
[Fri Sep 11 21:43:30 2015] <dmiles_afk> i guess the bad example i think of is if loves(z,a) is T.. thus I could reduce loves(z,a) to T .. thats what i mean by information loss
[Fri Sep 11 21:44:16 2015] <dmiles_afk> since i lose the interesenting qunatifications of a and z
[Fri Sep 11 21:44:20 2015] <benzrf> uhhh
[Fri Sep 11 21:47:32 2015] <dmiles_afk> benzrf, i am describing a different problem but please descibe yours
[Fri Sep 11 22:50:28 2015] <jgross> benzrf: Yes, that's about right.  Look at the proof that (forall P, ~~P -> P) -> (forall P, P \/ ~P) for inspiration. 
[Fri Sep 11 23:01:31 2015] <benzrf> kk
[Fri Sep 11 23:03:39 2015] <benzrf> jgross: anyway ive been chewing on the proof-by-contradiction in heine-borel, trying to work out if it can be 'inverted' (?) into a proof that directly provides a subcover (albeit probably invoking LEM at some point)
[Fri Sep 11 23:04:11 2015] <benzrf> i tried tracing the usage of the negated argument thru the proof
[Fri Sep 11 23:04:30 2015] <benzrf> it gave me a headache ;-;
[Fri Sep 11 23:05:04 2015] <benzrf> but there seems to be /something/ about the induction involved that's difficult when you do the contrapositive
[Fri Sep 11 23:05:12 2015] <benzrf> augh its all vague hunches
[Sat Sep 12 00:12:03 2015] <dmiles_afk> vague hunches is what i had .. that proof by refutation was not complete
[Sat Sep 12 00:12:30 2015] <dmiles_afk> and maybe even unsound
[Sat Sep 12 00:12:57 2015] <dmiles_afk> i think once i found that anyhting inclomplete was also unsound
[Sat Sep 12 00:13:13 2015] <dmiles_afk> due to the fact i cant do full TMS
[Sat Sep 12 00:14:21 2015] <dmiles_afk> and i may habve axioms in the system that have snuck in that i didnt realize their full potential due to the fact i was not complete
[Sat Sep 12 00:15:18 2015] <dmiles_afk> and now can be sititng there with a database full of unsound things
[Sun Sep 13 03:47:13 2015] <manwaz> I have a strange problem with Notation: http://paste2.org/75bpJcgw
[Sun Sep 13 03:49:09 2015] <manwaz> Maybe I use it in the wrong way, but why 'Check FBAR 42 _ (FBAR 0 _ (FOO 5)).' prints the intended use, while 'Check [[42; 0; 5]]' (the intended use) raises an error?
[Sun Sep 13 04:55:27 2015] <riaqn> Hello, can anyone give me some references about the equality(the = Notation) in coq?
[Sun Sep 13 04:58:58 2015] <riaqn> I 'm writing a proof in a function-like way. And I don't know how to use a Theorem of equality. In Proof-like way I can just use the rewrite tactic.
[Sun Sep 13 05:01:36 2015] <riaqn> OK, so 'Locate "="' prints "x = y" := eq x y. I will dig into that.
[Sun Sep 13 05:07:11 2015] <riaqn> If the only constructor of eq is 'eq_refl : eq A x x', then where comes things like 4 = 2 + 2 ?
[Sun Sep 13 05:43:42 2015] <asmanur> riaqn: because Coq computes 2+2 using the def. of + and ends on four so for Coq those are the same thing (we write 2+2 ≡ 4)
[Sun Sep 13 05:44:20 2015] <asmanur> riaqn: the trick here is that the def. of eq is non-linear (2 occurences of x) and for that to make sense, there needs to be a preexistant notion of equality
[Sun Sep 13 07:15:34 2015] <riaqn> asmanur: Thanks, I think I get it. So there's a built-in equality(based on constructor-tree ? ) in coq, and the eq is just an application of this kind of equality.
[Sun Sep 13 07:17:19 2015] <asmanur> yes
[Sun Sep 13 07:17:31 2015] <asmanur> it's a way to import this builtin equality into a type
[Sun Sep 13 19:25:32 2015] <benzrf> riaqn: at a formal system level
[Sun Sep 13 19:25:42 2015] <benzrf> riaqn: the formal system that coq is based on is a type system
[Sun Sep 13 19:25:59 2015] <benzrf> riaqn: so it has rules like
[Sun Sep 13 19:26:33 2015] <benzrf> Γ ⊢ f : A → B                 Γ ⊢ x : A
[Sun Sep 13 19:26:36 2015] <benzrf> ----------------------------------------------------
[Sun Sep 13 19:26:47 2015] <benzrf>                 \Gamma \vdash f x : B
[Sun Sep 13 19:26:57 2015] <benzrf> argh what
[Sun Sep 13 19:27:15 2015] <benzrf> riaqn: but anyway, this system has a notion of equality
[Sun Sep 13 19:27:39 2015] <benzrf> notably, the provability of any given theorem of this system (that is, a type or equality judgement) is decidable
[Sun Sep 13 19:28:09 2015] <benzrf> so coq can automatically prove or disprove any type judgement that you submit to it
[Sun Sep 13 19:28:28 2015] <benzrf> including ones that rely on rewriting by equality-in-the-type-system
[Sun Sep 13 19:29:22 2015] <benzrf> obviously the fact that the type-system notion of equality is decidable means that it's much weaker than the system-internal notion of equality (e.g., existence of an e such that e : a = b)
[Sun Sep 13 19:34:32 2015] <benzrf> since whether 'a = b' is provable within coq is not generally decidable
[Sun Sep 13 21:58:18 2015] <riaqn> how to solve this? The term "b_sum n n Hn Hn" has type "beautiful (n + n)" while it is expected to have type "beautiful (2 * n)".
[Sun Sep 13 21:58:18 2015] <riaqn>  
[Sun Sep 13 21:58:44 2015] <riaqn> I already have a theorem saying 2 * n = n + n; just don't know how to use it.
[Sun Sep 13 21:59:11 2015] <johnw> riaqn: rewriting doesn't work?
[Sun Sep 13 21:59:35 2015] <riaqn> johnw: I 'm proving a theorem in a functional programming way..
[Sun Sep 13 21:59:51 2015] <riaqn> Definition b_times2': forall n, beautiful n -> beautiful (2*n) := fun n => fun Hn => b_sum n n Hn Hn.
[Sun Sep 13 22:00:06 2015] <johnw> ah
[Sun Sep 13 22:00:11 2015] <johnw> you're writing the proof term yourself
[Sun Sep 13 22:00:29 2015] <riaqn> yep. so no tactics.
[Sun Sep 13 22:00:30 2015] <johnw> in Coq.Program.Equality there is a notation called "rew" that let's you rewrite in terms
[Sun Sep 13 22:01:20 2015] <johnw> what I usually do here is: use the tactics, print the proof term, learn how Coq does it :)
[Sun Sep 13 22:01:36 2015] <johnw> it's probably going to involve a dependent type match
[Sun Sep 13 22:03:03 2015] <riaqn> johnw: Yeah I already have a tactic version. How can I get the proof term? using PG.
[Sun Sep 13 22:07:34 2015] <johnw> Print <name of term>.
[Sun Sep 13 22:07:34 2015] <riaqn> johnw: huh, just Print b_times2. do the trick. Thanks.
[Sun Sep 13 22:21:58 2015] <riaqn> In the end, I understand the proof term generated by tactics. Well, now I know the usefullness of tactics.
[Sun Sep 13 22:22:40 2015] <riaqn> hand-written term is kinds of brain-damaging.
[Sun Sep 13 22:45:18 2015] <johnw> riaqn: It's really useful to know *how* to do it, but always necessary to actually do it :)
[Sun Sep 13 22:45:25 2015] <johnw> not always*
[Sun Sep 13 22:45:34 2015] <johnw> plus, sometimes I even write regular programming terms using tactics
[Sun Sep 13 22:45:36 2015] <johnw> they can be convenient
[Mon Sep 14 08:02:07 2015] <schoppenhauer> what is the delimiting scope for vectors?
[Mon Sep 14 08:02:18 2015] <schoppenhauer> because I normally have list notations [1;2;3;etc.]
[Mon Sep 14 08:02:23 2015] <schoppenhauer> but now I want a single vector
[Mon Sep 14 08:02:43 2015] <schoppenhauer> [1;2;3]%vec %vector %vector_scope ... does all not work
[Mon Sep 14 08:04:39 2015] <schoppenhauer> when using of_list, I get the problem that I always have a "vec.t (length ...)" instead of a "vec.t 3"
[Mon Sep 14 09:00:39 2015] <riaqn> Can we prove nat_ind ourselves?
[Mon Sep 14 09:01:11 2015] <riaqn> in coq, I mean.
[Mon Sep 14 09:01:35 2015] <schoppenhauer> you can use a refiner
[Mon Sep 14 09:01:39 2015] <schoppenhauer> if you want
[Mon Sep 14 09:02:00 2015] <schoppenhauer> but that doesn't really prove nat_ind. as it uses nat_ind in the background.
[Mon Sep 14 09:02:08 2015] <schoppenhauer> (or at least nat_rec9
[Mon Sep 14 09:02:10 2015] <schoppenhauer> )
[Mon Sep 14 09:04:14 2015] <Cypi> riaqn : look at the definition of nat_ind, and then nat_rect
[Mon Sep 14 09:04:23 2015] <Cypi> You can write the term yourself, and boom, you've proved nat_ind
[Mon Sep 14 09:05:21 2015] <schoppenhauer> still, that term will use nat_rec
[Mon Sep 14 09:06:33 2015] <Cypi> Well, no, nat_rect uses a fixpoint
[Mon Sep 14 09:06:58 2015] <riaqn> schoppenhauer: do you mean nat_rect? it seems to be defined(in user space) too.
[Mon Sep 14 09:08:01 2015] <riaqn> silly me, I was going to rave about the incompleteness of coq.
[Mon Sep 14 09:11:28 2015] <riaqn> hmm, I check the nat_rect and it 's quite easy to understand.
[Mon Sep 14 14:44:29 2015] <schoppenhauer> so I have written a priority queue which ist verifiedly correct. the only problem I now have is that removing an element from it does not allow me to make recursive calls, because coq does not recognize it as "smaller".
[Mon Sep 14 14:44:45 2015] <schoppenhauer> can I somehow add a view for it, so coq recognizes it?
[Mon Sep 14 14:44:57 2015] <schoppenhauer> or do I always have to use program fixpoint, and measures?
[Mon Sep 14 14:45:25 2015] <schoppenhauer> [if I wanted to extract to haskell, I'd just convert it to a list, because lazy, but I want to extract to ocaml]
[Mon Sep 14 14:47:11 2015] <johnw> schoppenhauer: you'll need program fixpoint and a measure, as far as I know
[Mon Sep 14 14:47:21 2015] <johnw> because in a way that is the "view"
[Mon Sep 14 14:47:24 2015] <schoppenhauer> ok :(
[Mon Sep 14 14:48:25 2015] <johnw> the alternative is to use a nested fixpoint that recurses on Acc or something
[Mon Sep 14 14:48:31 2015] <johnw> as discussed in http://adam.chlipala.net/cpdt/html/GeneralRec.html
[Mon Sep 14 14:48:44 2015] <johnw> (by nested I just mean "let fix ...")
[Mon Sep 14 14:48:54 2015] <schoppenhauer> hm. probably program fixpoint is easier.
[Mon Sep 14 14:49:01 2015] <johnw> yeah, it's pretty easy to use
[Mon Sep 14 14:49:05 2015] <johnw> I've used it a lot
[Mon Sep 14 14:49:15 2015] <schoppenhauer> but the terms are growsome
[Mon Sep 14 14:49:20 2015] <johnw> haha
[Mon Sep 14 14:49:54 2015] <johnw> you could prove independently that certain functions always reduce the measure
[Mon Sep 14 14:50:03 2015] <johnw> and then use those lemmas in your proof of well-foundedness
[Mon Sep 14 14:50:22 2015] <johnw> alternatively, turn your "let fix..." function into proof-carrying code
[Mon Sep 14 14:50:35 2015] <johnw> so that the base case percolates up evidence about the measure
[Mon Sep 14 15:33:14 2015] <korta> What exactly does JMeq do, it appears to me that it can postulate equality between any two sets, but what does it actually accomplish?
[Mon Sep 14 15:41:18 2015] <johnw> korta: check out the difference between refl and JMeq_refl
[Mon Sep 14 15:41:49 2015] <johnw> check out http://adam.chlipala.net/cpdt/html/Equality.html, under the section "Heterogeneous Equality"
[Mon Sep 14 17:34:05 2015] <johnw> does anyone have a BibTeX database of commonly cited papers about Coq?  For example, I'm looking for a citation for the Coq theorem prover itself
[Mon Sep 14 18:05:21 2015] <johnw> nice, it's in the FAQ
[Tue Sep 15 01:24:11 2015] <newsham> hi.  I'm working through SF exercises and I'm stuck on one.. Any hints?  http://pastebin.com/fJEXn5kz
[Tue Sep 15 01:24:25 2015] <newsham> seems like it should be easy...
[Tue Sep 15 01:27:40 2015] <lolisa> I havent run your code
[Tue Sep 15 01:28:03 2015] <lolisa> But from what I see, you can do a little simpl and than rewrite on Induction Hypothesis is possible.
[Tue Sep 15 01:29:02 2015] <newsham> if I simpl it, I lose the "split" and "combine" in the goal
[Tue Sep 15 01:29:09 2015] <newsham> so I dont see how I can simpl and then use the IH
[Tue Sep 15 01:32:43 2015] <lolisa> simpl;erewrite IHl1';inversion Hlen;trivial.
[Tue Sep 15 01:35:03 2015] <newsham> what is erewrite?
[Tue Sep 15 01:36:26 2015] <lolisa> basically rewrite, but when rewrite find some unspecify variable (those in your forall), instead of failing it generate more hole for you to fill
[Tue Sep 15 01:36:51 2015] <lolisa> you can break ; into . to step through and see what is done
[Tue Sep 15 01:38:37 2015] <lolisa> BTW similarly there is a 'e' version of apply, auto, destruct, and a few more...
[Tue Sep 15 01:38:55 2015] <newsham> we havent been introduced to erewrite at this point. :(
[Tue Sep 15 01:39:49 2015] <lolisa> Yes I know, but you can do the same by rewrite (IHl1' somevar somevar)
[Tue Sep 15 01:41:18 2015] <lolisa> Also I recommend you to not only read the book; also try using coqmanual in the same time, I think it will help :)
[Tue Sep 15 01:43:30 2015] <newsham> can it be done with "apply IHl1' with ..." ?
[Tue Sep 15 01:44:33 2015] <lolisa> I dunno, I already closed it. But I think f_equal will be helpful if you want to do so. go have a try :)
[Tue Sep 15 01:45:03 2015] <newsham> i have tried to use f_equal but it couldnt unify
[Tue Sep 15 01:45:47 2015] <lolisa> after simpl or before simpl?
[Tue Sep 15 01:47:18 2015] <newsham> after simpl.
[Tue Sep 15 01:50:35 2015] <newsham> after "inversion H. rewrite -> H2. simpl" I have goal: " match split l' with | (xs, ys) => (x1 :: xs, x2 :: ys) end = (x1 :: l1', x2 :: l2')"
[Tue Sep 15 01:51:11 2015] <lolisa> Try using assert, the direct route probably isnt gonna work
[Tue Sep 15 01:55:16 2015] <newsham> i wish there were answers for these online.. i would love to see how the author did it with the toosl he's given us
[Tue Sep 15 02:00:42 2015] <newsham> ok, i got it with "assert (split l' = (l1', l2'))."
[Tue Sep 15 02:00:47 2015] <newsham> and lots of other steps :)
[Tue Sep 15 02:00:50 2015] <newsham> ty for the help!
[Tue Sep 15 02:01:16 2015] <newsham> I cant help but think this proof is way longer than what the author had in mind
[Tue Sep 15 02:01:30 2015] <newsham> feels like I'm missing some key insight or proof step
[Tue Sep 15 02:03:36 2015] <lolisa> you're only lacking practice, happen on me when I first learn coq
[Tue Sep 15 02:04:15 2015] <lolisa> do more exercise and all will be fine :)
[Tue Sep 15 02:58:10 2015] <newsham> thank's for the encouragement.
[Tue Sep 15 02:58:16 2015] <newsham> thats one reason i'm doing all the exercises in this.
[Tue Sep 15 02:58:47 2015] <newsham> and hopefully afterwards I'll work through some of the techniques in CPDT (which does a lot more automation)
[Tue Sep 15 12:13:39 2015] <roptat_> hi, I am trying to compile coq from source, but first I need ocaml and camlp5. INSTALL says ocaml >= 3.11.2 and camlp5 <= 4.08 or 5.* transitional but this version won't work with the latest ocaml (and it's old too), can I use camlp5 6.* anyway? and is ocaml 4.* OK?
[Tue Sep 15 12:13:59 2015] <roptat_> I don't understand what transitional means either?
[Tue Sep 15 12:56:04 2015] <roptat_> sorry to have bothered you, I finally found out what this transitional meant, and I could install coq correctly :)
[Tue Sep 15 22:01:07 2015] <newsham> why does inversion on "H: P <-> Q" split it into the two components?
[Tue Sep 15 22:05:49 2015] <newsham> SF says that "rewrite can be used with iff statements, not just equalities" but when I try to use "PISQ : P <-> Q" on goal "P <-> R" with "rewrite -> PISQ" it fails.
[Tue Sep 15 22:05:53 2015] <newsham> is that supposed to work?
[Tue Sep 15 22:12:45 2015] <riaqn> newsham: because the notation P <-> Q is defined as (and P -> Q  Q -> P).
[Tue Sep 15 22:13:23 2015] <riaqn> newsham: Inductive and (P Q : Prop) : Prop :=  conj : P -> Q -> P /\ Q
[Tue Sep 15 22:15:08 2015] <riaqn> so it's split to 'P->Q' and 'Q->P'. (note that the P and Q in these two lines are different)
[Tue Sep 15 22:16:04 2015] <newsham> why does "inversion" on "and (P->Q) (Q->P)" split into the two components?
[Tue Sep 15 22:17:11 2015] <newsham> does "inversion" on any constructor of more than one element split it into all of the elements?
[Tue Sep 15 22:17:27 2015] <riaqn> since we have the evidence of 'and (P->Q) (Q->P)', and the only possible ways to get this evidence is by (conj P->Q Q->P). so we must have the evidence of (P->Q) and (Q->P).
[Tue Sep 15 22:19:07 2015] <newsham> i guess it "makes sense".  i just didnt realize inversion did that
[Tue Sep 15 22:20:57 2015] <riaqn> newsham: yes.
[Tue Sep 15 22:25:07 2015] <newsham> any thoughts on the "rewrite" question?
[Tue Sep 15 22:26:06 2015] <riaqn> newsham: though it's better to say 'inversion on evidence'. since there maybe more than one constructor for a Prop.
[Tue Sep 15 22:53:37 2015] <benzrf> newsham: you cant actually rewrite on a <->
[Tue Sep 15 22:53:43 2015] <benzrf> not without extra axioms
[Tue Sep 15 22:53:52 2015] <benzrf> i think Setoid gives you those
[Tue Sep 15 23:34:54 2015] <newsham> hrmm.. so why did SF say that rewrite works with iff? :(
[Tue Sep 15 23:35:07 2015] <newsham> not that its important.
[Tue Sep 15 23:35:08 2015] <benzrf> idk
[Tue Sep 15 23:35:20 2015] <benzrf> is it in the context of setoids?
[Tue Sep 15 23:35:32 2015] <newsham> no, its an aside after introducing iff.
[Tue Sep 15 23:35:39 2015] <benzrf> huh
[Tue Sep 15 23:35:42 2015] <benzrf> odd
[Tue Sep 15 23:36:14 2015] <newsham> "Some of Coq's tactics treat iff statements specially, thus avoiding the need for some low-level manipulation when reasoning with them. In particular, rewrite can be used with iff statements, not just equalities.
[Tue Sep 15 23:36:21 2015] <newsham> http://www.cis.upenn.edu/~bcpierce/sf/current/Logic.html#lab202
[Tue Sep 15 23:36:32 2015] <benzrf> :\
[Wed Sep 16 22:14:36 2015] <newsham> This exercise is baffling me and I wondering if they intended us to prove it classically or intuitionistically: Theorem excluded_middle_irrefutable: ∀(P:Prop), ¬ ¬ (P ∨ ¬ P).
[Wed Sep 16 22:14:41 2015] <newsham> is that valid in intuitionistic logic?
[Wed Sep 16 22:14:47 2015] <benzrf> it's valid!
[Wed Sep 16 22:14:58 2015] <benzrf> pretty frickin weird
[Wed Sep 16 22:15:12 2015] <benzrf> i dont believe i got that one myself
[Wed Sep 16 22:15:17 2015] <benzrf> in fact i think jgross mightve shown me the answer
[Wed Sep 16 22:17:17 2015] <newsham> i've worked on it for a while and keep getting stuck..
[Wed Sep 16 22:18:01 2015] <benzrf> well
[Wed Sep 16 22:18:03 2015] <benzrf> consider this:
[Wed Sep 16 22:18:18 2015] <benzrf> given the context P : Prop (and ONLY that)
[Wed Sep 16 22:18:26 2015] <benzrf> clearly you cannot prove (P ∨ ¬ P)
[Wed Sep 16 22:18:47 2015] <benzrf> furthermore, any proof of ¬ ¬ (P ∨ ¬ P) must contain a term of type False
[Wed Sep 16 22:19:03 2015] <benzrf> the only way to get a term of type False in that context is to pass a (P ∨ ¬ P) to the 'callback'
[Wed Sep 16 22:19:21 2015] <benzrf> therefore, (P ∨ ¬ P) must be provable in some context within the term
[Wed Sep 16 22:19:33 2015] <newsham> ?djinn ((Either a b) -> Void) -> Void
[Wed Sep 16 22:19:33 2015] <benzrf> if it's provable in that context but not in the context P : Prop
[Wed Sep 16 22:19:37 2015] <benzrf> cheater!!!
[Wed Sep 16 22:19:39 2015] <newsham> djinn wasnt able to do it
[Wed Sep 16 22:19:53 2015] <newsham> oops, i messed it up :)
[Wed Sep 16 22:20:11 2015] <benzrf> did you follow what i was saying
[Wed Sep 16 22:20:15 2015] <newsham> i'm reading now
[Wed Sep 16 22:20:44 2015] <newsham> i dont quite get what you're saying
[Wed Sep 16 22:20:55 2015] <benzrf> sorry let me back up
[Wed Sep 16 22:21:00 2015] <newsham> i do know this is related to callcc and embedding classical logic in intuitionistic
[Wed Sep 16 22:21:03 2015] <newsham> but i'm still confused :)
[Wed Sep 16 22:21:10 2015] <benzrf> ok, the first two lines ok?
[Wed Sep 16 22:22:28 2015] <newsham> i got that i cannot use the excluded middle
[Wed Sep 16 22:22:38 2015] <benzrf> 10:18:18        benzrf │ given the context P : Prop (and ONLY that)
[Wed Sep 16 22:22:39 2015] <benzrf> 10:18:26        benzrf │ clearly you cannot prove (P ∨ ¬ P)
[Wed Sep 16 22:22:40 2015] <newsham> and I got that the NOTs mean an implication of false
[Wed Sep 16 22:24:33 2015] <benzrf> newsham: does that make sense?
[Wed Sep 16 22:24:37 2015] <newsham> yes
[Wed Sep 16 22:24:45 2015] <benzrf> kk
[Wed Sep 16 22:24:48 2015] <newsham> no LEM
[Wed Sep 16 22:24:50 2015] <benzrf> yeah
[Wed Sep 16 22:24:54 2015] <benzrf> so, continuing
[Wed Sep 16 22:25:10 2015] <benzrf> a proof of ~~(P \/ ~P) is a lambda term
[Wed Sep 16 22:25:23 2015] <newsham> I need  (P \/ (P -> False) -> False) -> False   from  "P : Prop" alone.
[Wed Sep 16 22:25:27 2015] <benzrf> yes
[Wed Sep 16 22:25:33 2015] <benzrf> hold on one second
[Wed Sep 16 22:25:47 2015] <benzrf> ok, consider the lambda term you need to create
[Wed Sep 16 22:25:58 2015] <benzrf> since its return type is False, its body must have type False, right?
[Wed Sep 16 22:26:00 2015] <newsham> you're going the curry-howard route.. but... cant this be done with basic tactics?
[Wed Sep 16 22:26:08 2015] <benzrf> * shrugs
[Wed Sep 16 22:27:39 2015] <benzrf> ok, just verified in coq
[Wed Sep 16 22:27:40 2015] <benzrf> it can indeed
[Wed Sep 16 22:30:18 2015] <newsham> i cant see how without perhaps some very clever assertion.
[Wed Sep 16 22:30:29 2015] <benzrf> nah
[Wed Sep 16 22:30:48 2015] <benzrf> super basic tactics
[Wed Sep 16 22:30:55 2015] <newsham> I've tried using Theorem not_both_true_and_false : ∀P : Prop, ¬ (P ∧ ¬P).
[Wed Sep 16 22:30:57 2015] <newsham> somehow
[Wed Sep 16 22:31:00 2015] <newsham> but that didnt seem to help
[Wed Sep 16 22:31:16 2015] <benzrf> just use Goal forall P, ~~(P \/ ~P).
[Wed Sep 16 22:31:24 2015] <benzrf> at each step there will be only a few choices
[Wed Sep 16 22:31:36 2015] <benzrf> usually you will be able to absolutely rule out all but one
[Wed Sep 16 22:31:38 2015] <newsham> heh. i've played with that for an hour already :)
[Wed Sep 16 22:31:43 2015] <benzrf> well
[Wed Sep 16 22:31:49 2015] <benzrf> try again
[Wed Sep 16 22:31:51 2015] <benzrf> and tell me how it goes
[Wed Sep 16 22:31:51 2015] <newsham> i can pretty easily get to the point where its true if LEM :)
[Wed Sep 16 22:31:54 2015] <benzrf> i can give hints :)
[Wed Sep 16 22:33:39 2015] <benzrf> newsham: basically
[Wed Sep 16 22:33:43 2015] <newsham> woot, got it
[Wed Sep 16 22:33:47 2015] <benzrf> oh
[Wed Sep 16 22:33:49 2015] <benzrf> lmao
[Wed Sep 16 22:34:11 2015] <newsham> if I had just tried "left" earlier.. :)
[Wed Sep 16 22:34:16 2015] <newsham> err.. I mean "right"
[Wed Sep 16 22:34:24 2015] <benzrf> thats what i meant by 10:31:36        benzrf │ usually you will be able to absolutely rule out all but one
[Wed Sep 16 22:34:26 2015] <benzrf> :)
[Wed Sep 16 22:34:56 2015] <newsham> I kept freaking out when I got to the point where LEM was the goal
[Wed Sep 16 22:35:01 2015] <benzrf> haha
[Wed Sep 16 22:35:06 2015] <benzrf> what i was explaining earlier is
[Wed Sep 16 22:35:06 2015] <newsham> but its not naked LEM, its LEM iwth assumptions
[Wed Sep 16 22:35:09 2015] <benzrf> yeah
[Wed Sep 16 22:35:20 2015] <benzrf> additionally, it's instantiated LEM
[Wed Sep 16 22:35:29 2015] <benzrf> ~~LEM is not a theorem afaik
[Wed Sep 16 22:36:21 2015] <newsham> djinn can do ~LEM but not ~~LEM
[Wed Sep 16 22:36:27 2015] <newsham> so I assume you're right
[Wed Sep 16 22:37:27 2015] <newsham> I kind of wish this book had been more explicit with examples in doing forward reasoning with or_introl and or_intror.
[Wed Sep 16 22:37:35 2015] <newsham> it took me a long time to realize I can do that
[Wed Sep 16 22:38:01 2015] <newsham> apply or_introl with (Q := ...) in H.
[Wed Sep 16 22:38:52 2015] <benzrf> >djinn can do ~LEM
[Wed Sep 16 22:38:54 2015] <benzrf> wait what
[Wed Sep 16 22:38:57 2015] <benzrf> that shouldnt be possible
[Wed Sep 16 22:39:01 2015] <benzrf> LEM is compatible with coq
[Wed Sep 16 22:40:15 2015] <benzrf> here's my proof btw:
[Wed Sep 16 22:40:17 2015] <benzrf> intros P callback. apply callback. right. intro. apply callback. left. assumption.
[Wed Sep 16 22:43:11 2015] <newsham> unfold not.  intros P H.  apply H.  right.  intros HP.  apply or_introl with (Q := (P -> False)) in HP.  apply H in HP.  inversion HP.
[Wed Sep 16 22:56:24 2015] <newsham> how can I do forward reasoning from "0 = 0 -> P" ?  is there a simple reflexivity rule I can apply?
[Wed Sep 16 22:57:24 2015] <benzrf> ?
[Wed Sep 16 22:57:38 2015] <benzrf> newsham: oh, you mean thats a hypothesis?
[Wed Sep 16 22:57:47 2015] <newsham> in my environment I have "H : 0 = 0 -> P"
[Wed Sep 16 22:57:50 2015] <benzrf> uh
[Wed Sep 16 22:57:54 2015] <benzrf> try 'reflexivity in H'?
[Wed Sep 16 22:57:57 2015] <benzrf> no idea if that would work
[Wed Sep 16 22:58:15 2015] <newsham> nope :(
[Wed Sep 16 22:59:25 2015] <newsham> i can do this iwthout that.. but being able to do this would cover several cases
[Wed Sep 16 23:00:21 2015] <benzrf> * shrugs
[Wed Sep 16 23:00:28 2015] <benzrf> im pretty un-knowledgable about coq tbh
[Wed Sep 16 23:01:46 2015] <johnw> newsham: specialize (H refl) should do it
[Wed Sep 16 23:02:13 2015] <newsham> ty.
[Wed Sep 16 23:02:48 2015] <newsham> is there an easy way to search for theorems by type?  ie "S n = S m -> n = m" ?
[Wed Sep 16 23:02:52 2015] <benzrf> what does specialize do here johnw
[Wed Sep 16 23:02:53 2015] <benzrf> newsham: About
[Wed Sep 16 23:02:55 2015] <benzrf> er, Search
[Wed Sep 16 23:02:58 2015] <johnw> SearchAbout (S _ = S _).
[Wed Sep 16 23:03:05 2015] <benzrf> th-that too
[Wed Sep 16 23:03:07 2015] <benzrf> * clams up
[Wed Sep 16 23:03:18 2015] <johnw> specialize un-generalizes a hypothesis by applying arguments to it
[Wed Sep 16 23:04:07 2015] <newsham> thank you
[Wed Sep 16 23:24:14 2015] <newsham> sweet, chapter done.. enoughof that for now :)
[Wed Sep 16 23:24:17 2015] <newsham> thanks for the help!
[Wed Sep 16 23:34:04 2015] <johnw> any time :)
[Thu Sep 17 12:15:26 2015] <benzrf> johnw: does specialize examine the syntactic form given to it and require that it be application with the deepest function being a variable in scope as a hypothesis?
[Thu Sep 17 13:42:49 2015] <artart78> hello, I'm trying to refine something like (Fix _ _ (match x with | true -> foo | false -> bar)), but the generated goals (which are specified by blanks _ in foo and bar) do not take the fact that 'x = true' (in foo) and 'x = false' (in bar) as an hypothesis, but I do need them
[Thu Sep 17 13:43:09 2015] <artart78> any way to add the x value to the context?
[Thu Sep 17 13:43:18 2015] <artart78> (note that x is an element of a Record, maybe it causes problems)
[Thu Sep 17 13:50:43 2015] <jrw> artart78: you need to introduce that equality explicitly using a return annotation.
[Thu Sep 17 13:51:08 2015] <jrw> this is sometimes called "the convoy pattern", see for example http://adam.chlipala.net/cpdt/html/MoreDep.html
[Thu Sep 17 13:51:24 2015] <jrw> if you post a self-contained code snippet, I can show you how it would work.
[Thu Sep 17 13:54:22 2015] <artart78> aah thanks, let me try by myself first
[Thu Sep 17 14:01:43 2015] <schoppenhauer> Anomaly: add_args : todo. Please report.
[Thu Sep 17 14:01:45 2015] <schoppenhauer> wtf
[Thu Sep 17 14:16:27 2015] <artart78> jrw: ok, I gave up, the record seems to make stuff more complicated, here is a self-contained snippet: http://pastebin.com/RNUvdvJ1
[Thu Sep 17 14:16:43 2015] <artart78> the problem is for the first 'admit': I'd like to know that 'mode st = true'
[Thu Sep 17 14:16:52 2015] <artart78> some help would be very welcome
[Thu Sep 17 14:17:13 2015] <jrw> sure, just let me have a look
[Thu Sep 17 14:20:01 2015] <jrw> artart78: http://lpaste.net/141195
[Thu Sep 17 14:36:03 2015] <schoppenhauer> hm. so I have two definitions of a function. one uses Program Fixpoint, and the functional induction is bloated with existT-stuff... the other one does not, but I cannot define functional induction for it.
[Thu Sep 17 14:40:17 2015] <johnw> benzrf: "deepest function"?
[Thu Sep 17 14:46:05 2015] <artart78> jrw: aaaah very nice, thank you
[Thu Sep 17 16:47:15 2015] <benzrf> johnw: if you have 'f x y' then 'f x' is a function in the expression
[Thu Sep 17 16:47:24 2015] <benzrf> f is the 'deepest' in that it is in the deepest node of the tree
[Thu Sep 17 16:47:41 2015] <johnw> benzrf: ok, can you re-ask your question again in different terms?
[Thu Sep 17 16:47:44 2015] <johnw> I really didn't follow it at all
[Thu Sep 17 16:47:47 2015] <benzrf> er ok
[Thu Sep 17 16:47:57 2015] <benzrf> what terminology should i use to refer to f in an expression like 'f x y'
[Thu Sep 17 16:48:26 2015] <johnw> I don't know, but I know what you mean now
[Thu Sep 17 16:48:31 2015] <johnw> I just don't understand the question overall
[Thu Sep 17 16:48:35 2015] <johnw> what is it that you want to do?
[Thu Sep 17 16:48:55 2015] <benzrf> er
[Thu Sep 17 16:49:34 2015] <benzrf> does the argument to the specialize tactic need to be the application of some function to several arguments, and furthermore that the function in question be syntactically a variable that is in scope as a hypothesis.
[Thu Sep 17 16:49:51 2015] <johnw> ah
[Thu Sep 17 16:49:55 2015] <johnw> I believe the answer is "yes"
[Thu Sep 17 16:49:57 2015] <benzrf> kk
[Thu Sep 17 16:50:03 2015] <johnw> you are refining a hypothesis in the context by applying argument
[Thu Sep 17 16:50:05 2015] <johnw> s
[Thu Sep 17 16:50:16 2015] <benzrf> otherwise im not sure what kind of black magic would be necessary to make it work :>
[Thu Sep 17 16:50:32 2015] <johnw> let's step outside of tactics for a moment
[Thu Sep 17 16:50:39 2015] <johnw> we have "f" want "x" and "y"
[Thu Sep 17 16:50:42 2015] <benzrf> no i understand what it does
[Thu Sep 17 16:50:48 2015] <johnw> here's what specialize (f x) does in non-tactics:
[Thu Sep 17 16:50:49 2015] <benzrf> just wondering how it knows which thing to replace, etc
[Thu Sep 17 16:50:52 2015] <johnw> let f' := f x in
[Thu Sep 17 16:51:02 2015] <johnw> (or let f, and shadowing)
[Fri Sep 18 00:48:54 2015] <riaqn> Hello, what 're some top proceedings in this field(type theory/PL)?
[Fri Sep 18 01:57:13 2015] <johnw> riaqn: check out POPL and ICFP papers, among other related conferences
[Fri Sep 18 04:14:07 2015] <riaqn> johnw: thanks!
[Fri Sep 18 06:15:18 2015] <psnively> Hi everyone! I’m trying to prove http://lpaste.net/141235 with just basic tactics, but I keep boxing myself into a corner. firstorder does it in one shot, so I know I’ve expressed it correctly, but I’m struggling to see how the existential quantifier helps express the contradiction. Can anyone offer a pointer?
[Fri Sep 18 06:31:57 2015] <Cypi> psnively : the reasoning with this one is the following. First of all, either everyone is a Knight, or nobody is. If nobody is, we're already done. If everyone is a Knight, then let's take some native. We know, since he is a Knight, that he doesn't smoke and that someone else smokes
[Fri Sep 18 06:32:42 2015] <psnively> Cypi: Right.
[Fri Sep 18 06:32:44 2015] <Cypi> Now consider that someone else. He's also a Knight, and he smokes. However, he's a Knight, so someone else smokes, and he doesn't smoke: this is a contradiction.
[Fri Sep 18 06:34:14 2015] <psnively> Cypi: yep. I’ve gotten the existential native out of SomeoneElseSmokes, but am having trouble 1) showing he’s a Knight, 2) showing the contradiction.
[Fri Sep 18 06:35:12 2015] <Cypi> The first thing you should do in your proof, is destructing SameType, in order to have either everyone is a Knight, or nobody is a Knight
[Fri Sep 18 06:35:18 2015] <Cypi> if everyone is a Knight, that solves 1)
[Fri Sep 18 06:44:11 2015] <psnively> Cypi: OK, I’ve managed to get both Knight n and Knight x in a context where all natives are Knights.
[Fri Sep 18 06:45:00 2015] <psnively> I’m guessing I need to apply SomeoneElseSmokes, somehow substituting Knight x for Knight n.
[Fri Sep 18 06:45:21 2015] <Cypi> Yup, you'll have to apply twice, for different natives
[Fri Sep 18 06:45:33 2015] <psnively> Then I can break it down to Smokes x -> False, and contradiction.
[Fri Sep 18 06:46:21 2015] <psnively> It tells me it wants a Knight n, not a Knight x. Dependent types FTW!
[Fri Sep 18 06:50:42 2015] <psnively> http://lpaste.net/141235 updated.
[Fri Sep 18 06:53:10 2015] <Cypi> From there, you can do [apply SomeoneElseSmokes in KnightX]
[Fri Sep 18 06:57:38 2015] <psnively> * smacks self.
[Fri Sep 18 06:57:43 2015] <psnively> Thanks!
[Fri Sep 18 07:02:41 2015] <psnively> Cypi: I’m blind and you’re a lifesaver. Thank you so much!
[Fri Sep 18 07:03:30 2015] <Cypi> No probleù
[Fri Sep 18 07:03:34 2015] <Cypi> m*
[Fri Sep 18 16:41:53 2015] <artart78> does anyone know how to use FMap's? I'd like to define something mapping all the integers i = 0..n-1 to some f(i) so that I don't have to calculate them again (I use this for efficiency when extracting)
[Sun Sep 20 21:57:26 2015] <newsham> is there an easy way to specify a specific instance of a rewrite when there are multiple rewrites possible with the "rewrite _" tactic?
[Sun Sep 20 21:57:46 2015] <newsham> instead of forcing it with assert or replace
[Sun Sep 20 23:12:30 2015] <benzrf> newsham: i wish]
[Sun Sep 20 23:12:35 2015] <benzrf> newsham: well there might be, idk
[Sun Sep 20 23:15:14 2015] <riaqn> newsham: https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic113 found this link, but don't know how.
[Mon Sep 21 01:08:24 2015] <newsham> i always seem to get bogged down trying to do assoc and comm over plus in places that seem trivial on paper and pencil
[Mon Sep 21 01:08:44 2015] <newsham> perhaps the better answer would be for me to use mroe tactic automation in the future
[Mon Sep 21 01:10:35 2015] <newsham> any good example of using "rewrite ... at ..." ?
[Mon Sep 21 03:31:16 2015] <sgnb> newsham: http://www.lix.polytechnique.fr/coq/pylons/contribs/view/AACTactics/trunk
[Mon Sep 21 08:31:15 2015] <benzrf> hello is there any uncountable set with decidable equality...
[Mon Sep 21 08:57:44 2015] <dramforever> Question: it seems that a term that pattern matches on opaque proofs doesn't reduce fully. However, if the proof was an equality one, does it still has to be this way?
[Mon Sep 21 08:58:21 2015] <dramforever> I'm kinda bugged by this because if I use opaque proofs from the library in my functions, I get this problem
[Mon Sep 21 08:59:47 2015] <lpaste_> dramforever pasted “My full program, in case you somehow want to look at it” at http://lpaste.net/6588606202886750208
[Mon Sep 21 09:06:13 2015] <sgnb> dramforever: I bet something would go wrong if your equality proof involves a false axiom
[Mon Sep 21 09:06:31 2015] <dramforever> sgnb: hmm....that's more interesting, I haven't thought of it
[Mon Sep 21 09:07:03 2015] <Cypi> You cannot prove, a priori, that an equality proof is equal to the reflexivity
[Mon Sep 21 09:07:17 2015] <Cypi> so in any case, it's normal that you cannot reduce that kind of pattern-matching
[Mon Sep 21 09:07:45 2015] <Cypi> (but you can with additional axioms, it will just imply some rewriting, unless I'm mistaken)
[Mon Sep 21 09:07:53 2015] <dramforever> Cypi: oh okay, I wasn't really expecting that
[Mon Sep 21 09:07:58 2015] <dramforever> sorry
[Mon Sep 21 09:08:15 2015] <dramforever> screw it ignore these three messages
[Mon Sep 21 09:09:34 2015] <dramforever> Cypi: okay, so if I work in a language like Agda where the K rule thing was built in, I'm able to do that?
[Mon Sep 21 09:09:45 2015] <dramforever> I mean, even if the number wasn't known beforehand?
[Mon Sep 21 09:10:04 2015] <Cypi> I don't know if Agda can indeed reduce that judgmentally. Maybe :D
[Mon Sep 21 09:10:14 2015] <Cypi> but yes, you typically need K
[Mon Sep 21 09:11:47 2015] <dramforever> sgnb: hmm wait, so if you make a false axiom like 1 = 0, you'll be able to screw up the type checker if that reduction were allowed?
[Mon Sep 21 09:12:15 2015] <dramforever> if that weren't allowed it would only screw up the logic
[Mon Sep 21 09:13:42 2015] <sgnb> dramforever: yes
[Mon Sep 21 09:13:54 2015] <dramforever> ok, good to know
[Mon Sep 21 09:15:15 2015] <dramforever> now I'll just make do with this, and if I ever need to somehow get rid of it I'll probably read more about those axiom K/UIP/proof irrelevance/... things
[Mon Sep 21 09:15:25 2015] <sgnb> I was thinking more a a false equality between types
[Mon Sep 21 09:15:41 2015] <dramforever> sgnb, Cypi: thanks a lot for clearing things up for now
[Mon Sep 21 09:16:27 2015] <dramforever> sgnb: yeah it would probably allow something like unsafeCoerce in Haskell (if you know what that means)
[Mon Sep 21 09:16:54 2015] <sgnb> exactly
[Mon Sep 21 09:17:03 2015] <dramforever> thanks
[Mon Sep 21 09:19:08 2015] <benzrf> is there any uncountable set with decidable equality tho
[Mon Sep 21 09:36:51 2015] <sgnb> benzrf: I have the feeling that one can construct an enumeration from the decision procedure, but I don't have a formal proof
[Mon Sep 21 09:50:31 2015] <benzrf> sgnb: i'd buy a well-ordering, but a full-on countability proof seems unlikely
[Mon Sep 21 09:50:31 2015] <benzrf> to me at least
[Mon Sep 21 10:10:26 2015] <hcp> chat, how do you use the quote tactic to reify a subterm? as in, if you have an inductive type for a simple AST with nats as leaves, and your goal is an equality of two nats, how do you use the quote tactic to reify just the nats?
[Mon Sep 21 10:11:12 2015] <benzrf> sgnb: yeah
[Mon Sep 21 10:11:26 2015] <benzrf> sgnb: if you have LEM in coq, R doesnt become countable
[Mon Sep 21 10:11:36 2015] <benzrf> sgnb: but LEM definitely gives you "decidable equality" for reals
[Mon Sep 21 10:11:59 2015] <hcp> For example, say you have "Inductive expr  := | plus_exp : expr -> expr -> expr | const_exp : nat -> expr | var_exp : index -> exp." where index comes from the Quote module
[Mon Sep 21 10:12:21 2015] <benzrf> hcp: id help you if i had any knowledge about this whatsoever :}
[Mon Sep 21 10:12:46 2015] <hcp> benzrf: yeah, documentation on Quote is kinda limited
[Mon Sep 21 10:31:48 2015] <sgnb> benzrf: I was thinking about an actual (axiom-free) decision procedure, not LEM
[Mon Sep 21 10:34:53 2015] <benzrf> ah
[Mon Sep 21 10:34:57 2015] <benzrf> so you mean in a metatheoretical sense
[Mon Sep 21 10:49:03 2015] <sgnb> hcp: something like https://paste.debian.net/312740/ ?
[Mon Sep 21 10:53:07 2015] <benzrf> is there a classically countable set that has undecidable equality in coq
[Mon Sep 21 10:53:39 2015] <benzrf> oh wait...
[Mon Sep 21 10:53:42 2015] <benzrf> truth values duh :[
[Mon Sep 21 10:54:51 2015] <johnw> benzrf: what about two functions from bool -> bool?
[Mon Sep 21 10:55:02 2015] <benzrf> oh crap
[Mon Sep 21 10:55:09 2015] <benzrf> i guess i was assuming extensionality
[Mon Sep 21 10:55:10 2015] <benzrf> :v
[Mon Sep 21 10:56:47 2015] <Cypi> How do you prove that [bool -> bool] is classically countable, exactly? (without assuming extensionality)
[Mon Sep 21 10:56:52 2015] <Cypi> (sorry if that's obvious)
[Mon Sep 21 10:57:14 2015] <johnw> I guess I can never decide if they are the identical function
[Mon Sep 21 10:57:39 2015] <johnw> but without assuming extensionality, I can enumerate all inputs and compare all outputs
[Mon Sep 21 10:57:48 2015] <johnw> so, manual extensionality for those two functions
[Mon Sep 21 10:58:17 2015] <Cypi> Oh, you really a meant a set that consists only of those two functions ?
[Mon Sep 21 10:58:21 2015] <Cypi> -a
[Mon Sep 21 10:58:39 2015] <johnw> I see what you mean, Cypi; I guess it's not a countable set
[Mon Sep 21 10:58:46 2015] <johnw> I was thinking of counting the possible behaviors
[Mon Sep 21 11:03:37 2015] <hcp> sgnb: hey, i think that works! thanks for the help with the quote thing
[Mon Sep 21 13:25:55 2015] <newsham> sgnb: thank you
[Mon Sep 21 14:01:15 2015] <vanila> hi
[Mon Sep 21 14:01:39 2015] <vanila> is there any way to reduce typing when proving?
[Mon Sep 21 14:01:46 2015] <vanila> like autocomplete for tactics or something
[Mon Sep 21 14:13:20 2015] <vanila> also is there any way to get a dependency graph of theorems?
[Mon Sep 21 14:15:46 2015] <johnw> vanila: i'd love that too
[Mon Sep 21 23:20:46 2015] <benzrf> Definition a {A} (P : A -> Prop) : Type := {x : A | P x}.
[Mon Sep 21 23:20:55 2015] <benzrf> circle : a manifold
[Tue Sep 22 00:52:31 2015] <johnw> haha
[Tue Sep 22 00:54:16 2015] <johnw> that's pretty cute
[Tue Sep 22 06:17:10 2015] <schoppenhauer> how can I use functional induction on a fixpoint that I defined using refine (...)
[Tue Sep 22 06:17:12 2015] <schoppenhauer> ?
[Tue Sep 22 11:01:00 2015] <schoppenhauer> "Recursive call to e has not enough arguments" how can this even be an error message?
[Tue Sep 22 11:01:04 2015] <schoppenhauer> I mean ...  seriously?
[Tue Sep 22 11:02:41 2015] <sgnb> schoppenhauer: recursive functions must have a decreasing argument... and all recursive calls must have this argument
[Tue Sep 22 11:02:49 2015] <schoppenhauer> sgnb: they do.
[Tue Sep 22 11:03:27 2015] <schoppenhauer> but even if not ... the proof mode should have found out ...
[Tue Sep 22 11:03:55 2015] <sgnb> did you use the "fix" tactic?
[Tue Sep 22 11:04:06 2015] <schoppenhauer> ?
[Tue Sep 22 11:04:11 2015] <schoppenhauer> no, I used refine.
[Tue Sep 22 11:04:37 2015] <sgnb> refine with a fixpoint?
[Tue Sep 22 11:04:42 2015] <schoppenhauer> yes
[Tue Sep 22 11:04:47 2015] <sgnb> it doesn't do much checks
[Tue Sep 22 11:05:30 2015] <sgnb> I would say it's a feature, otherwise you wouldn't be able to do much
[Tue Sep 22 11:19:34 2015] <schoppenhauer> http://lpaste.net/6626105107081592832
[Tue Sep 22 11:19:40 2015] <schoppenhauer> if anyone likes to look at it ...
[Tue Sep 22 11:19:51 2015] <schoppenhauer> the final definition blows.
[Tue Sep 22 11:20:26 2015] <schoppenhauer> but I only call the fixpoint e with its first argument, which is the one in {struct}.
[Tue Sep 22 11:22:09 2015] <schoppenhauer> in fact, there is only one recursive call.
[Tue Sep 22 11:34:28 2015] <schoppenhauer> the recursive call to f did not have its decreasing argument, but it was inferred (and I made it explicit now ...)
[Wed Sep 23 02:37:55 2015] <newsham> blah, stuck again.. tryin to prove "l = rev l -> palindrome l"
[Wed Sep 23 02:38:06 2015] <newsham> but having a hard time figuring out how induction could work.
[Wed Sep 23 02:39:03 2015] <newsham> destruct l and destruct rev l' lets me handle the base cases fine, and get to a point where i need to prove "palindrome l''"  for the inner list
[Wed Sep 23 03:17:59 2015] <sgnb> newsham: prove "forall n, length l <= n -> l = rev l -> palindrome l" instead (by induction on n)
[Wed Sep 23 03:19:48 2015] <sgnb> you have to rephrase somehow your goal since the inner list is not structurally a subterm of the outer list
[Wed Sep 23 03:40:35 2015] <newsham> ty
[Wed Sep 23 08:01:47 2015] <sanooj> host imapmail.intel.com -> 3(NXDOMAIN)
[Wed Sep 23 08:02:12 2015] <sanooj> oops. wrong window.
[Wed Sep 23 13:40:14 2015] <antar> Cannot find Z._ in the environment?
[Wed Sep 23 13:40:20 2015] <antar> How to add Z to the loadpath?
[Wed Sep 23 15:44:12 2015] <newsham> I have "Hlen: S (length l1) <= n'" and I do "inversion Hlen. apply le_n" and for some reason I'm left with "H3: S (length l') <= n'".
[Wed Sep 23 15:44:16 2015] <newsham> wtf?
[Wed Sep 23 15:44:41 2015] <newsham> oops,  "Hlen: S (length l1) <= S n'".
[Wed Sep 23 15:45:55 2015] <newsham> ahh, I wanted le_S_n
[Wed Sep 23 16:23:03 2015] <newsham> if I have "forall n, length l <= n -> P l."  how can I get a proof of "P l" ?
[Wed Sep 23 16:23:17 2015] <newsham> I used the forall n thing to get strong induction on the list.
[Wed Sep 23 16:24:13 2015] <Cypi> newsham : instantiate that proof with [n := length l]
[Wed Sep 23 16:24:22 2015] <Cypi> providing a proof of [length l <= length l] should be trivial then
[Wed Sep 23 16:25:46 2015] <newsham> the part I dont understand is how to whip up an [n := length l] out of thin air
[Wed Sep 23 16:25:50 2015] <newsham> syntax wise
[Wed Sep 23 16:27:38 2015] <newsham> i think I understand how I would do it by defining it as a function, but I dont see how I would do it using tactics
[Wed Sep 23 16:28:02 2015] <Cypi> Say you have [H : forall n, length l <= n -> P l] in your hypotheses
[Wed Sep 23 16:28:53 2015] <Cypi> then you can use the tactics [pose proof (H (length l))] to get a proof of [length l <= length l -> P l], for instance
[Wed Sep 23 16:33:03 2015] <newsham> ahh.. havent learned "pose proof" yet.
[Wed Sep 23 16:33:34 2015] <johnw> or you can use specialize, if you don't need to keep H around
[Wed Sep 23 16:33:36 2015] <Cypi> If your goal is [P l], you can also do something like [apply (H (length l))]
[Wed Sep 23 16:33:50 2015] <Cypi> Or [apply H with (n := length)]
[Wed Sep 23 16:34:46 2015] <newsham> I tried "apply H with (n:=length l)" and it gave me "no such bound variable n"
[Wed Sep 23 16:35:28 2015] <johnw> apply (H (n:=length l))
[Wed Sep 23 16:35:30 2015] <newsham> http://pastebin.com/iQnpcG6U
[Wed Sep 23 16:35:54 2015] <johnw> actually, that should get the same error
[Wed Sep 23 16:36:18 2015] <newsham> diff err "wrong argument name n"
[Wed Sep 23 16:36:39 2015] <Cypi> well, there is no "forall n," in front of your hypothesis :p
[Wed Sep 23 16:36:50 2015] <johnw> what about just apply H with (length l)?
[Wed Sep 23 16:36:54 2015] <Cypi> You should move that "forall n" inside the "length l <= n -> P l"
[Wed Sep 23 16:38:14 2015] <Cypi> currently, your theorem is actually wrong
[Wed Sep 23 16:38:51 2015] <newsham> fixed. ty :)
[Wed Sep 23 16:39:40 2015] <newsham> cool "apply H with (n:=length l). apply le_n" worked.
[Wed Sep 23 16:39:59 2015] <Cypi> Yay :)
[Wed Sep 23 16:42:31 2015] <newsham> now the problem is that what I proved originaly was "Theorem rev_pal_n : forall n X (l : list X), length l <= n -> l = rev l -> pal l."
[Wed Sep 23 16:43:05 2015] <newsham> by induction on n.
[Wed Sep 23 16:44:30 2015] <Cypi> Ah yes, your "induction" principle is probably not very useful, stated as is. I would write it something like: "forall X (P : list X -> Prop), (forall n l, length l <= n -> P l) -> forall l, P l"
[Wed Sep 23 16:45:51 2015] <johnw> oh, the rev_pal thing
[Wed Sep 23 16:45:54 2015] <johnw> man that was a tough one
[Wed Sep 23 16:46:07 2015] <Cypi> There are always a lot of questions on that one, on #coq :p
[Wed Sep 23 16:46:09 2015] <newsham> indeed.
[Wed Sep 23 16:46:25 2015] <newsham> my proof used several theorems proved later in that same exercise.. which seems.. a bit weird.
[Wed Sep 23 16:46:29 2015] <johnw> btw, you don't need to move forall n into the argument
[Wed Sep 23 16:46:39 2015] <johnw> it will work with it on the outside
[Wed Sep 23 16:50:40 2015] <newsham> ok, abstracing out the strong induction stuff is becoming more work than its worth.. but proving rev_pal from rev_pal_n is pretty easy now that I know the "with (n:=length l)" trick
[Wed Sep 23 16:51:13 2015] <newsham> did everyone else do this with the "forall n. length l <= n"/induction on n    method?
[Wed Sep 23 16:52:08 2015] <Cypi> I did it that way, yup
[Wed Sep 23 16:52:25 2015] <Cypi> and that's my advice for anyone who asks for it here :p
[Wed Sep 23 16:52:49 2015] <johnw> newsham: that's exactly how I did it
[Wed Sep 23 16:52:58 2015] <johnw> based on advice from people here :)
[Wed Sep 23 16:53:08 2015] <johnw> some day, someone will discover a new way
[Wed Sep 23 16:53:51 2015] <newsham> seems a little unfair to not have at least broached the subject of strong induction earlier
[Wed Sep 23 16:53:55 2015] <newsham> :)
[Wed Sep 23 16:54:09 2015] <johnw> what is "strong" induction?
[Wed Sep 23 16:54:35 2015] <newsham> when you prove P n based on knowledged that P m is valid for all m<n
[Wed Sep 23 16:54:44 2015] <newsham> instead of just knowledge of P (n-1)
[Wed Sep 23 16:55:37 2015] <newsham> I think this was a fun exercise, but I think they could have prepped people for it a little more (and also included it AFTER you've proven the other le_* theorems that immediately follow  in the chapter)
[Wed Sep 23 16:55:58 2015] <newsham> also I had to go back and generalize some of the proofs that were done earlier over natlist.
[Wed Sep 23 16:56:25 2015] <newsham> like length_snoc, rev_length and rev_injective
[Wed Sep 23 16:56:45 2015] <newsham> </minor nitpick>
[Wed Sep 23 19:44:08 2015] <RegEchse> 22:51:13 newsham | did everyone else do this with the "forall n. length l <= n"/induction on n    method?
[Wed Sep 23 19:44:14 2015] <RegEchse> actually, i can say: no
[Wed Sep 23 19:44:16 2015] <RegEchse> ;D
[Wed Sep 23 19:45:31 2015] <johnw> RegEchse: oh ho, how did you do it?
[Wed Sep 23 19:47:19 2015] <RegEchse> my first solution was via defining a "symmetric list" version if 'list' which made the theorem to prove almost trivial. Then i defined conversion functions between list and slist and proved "that they are isomorphic via these functions" and that they commute with rev (and i don't know whether this would be the correct phrase in terms of type theory, therefore the "").
[Wed Sep 23 19:47:26 2015] <RegEchse> it was quite long and bla
[Wed Sep 23 19:47:40 2015] <RegEchse> but it worked and i liked it from a conceptual point of view :)
[Wed Sep 23 19:48:06 2015] <johnw> cool
[Wed Sep 23 19:49:06 2015] <RegEchse> i can upload the code somewhere, if you want.   Then i was unsatisfied with my way, btw, because i got the feeling that the point of the exercise couldn't be to define a new type and so on. ;D
[Wed Sep 23 19:49:56 2015] <RegEchse> Then i actually _thought_ about the problem, solved it with pen and paper in a way that i could translate to coq and yeah, that also was a "induction over length of the list" solution. :D
[Wed Sep 23 20:04:43 2015] <newsham> RegEchse: interesting.
[Wed Sep 23 20:04:52 2015] <newsham> i guess i could have done that with only techniques already learned
[Wed Sep 23 20:09:36 2015] <newsham> funny that in the end paper and pencil still turns out to be easier sometimes :(
[Wed Sep 23 20:19:56 2015] <RegEchse> yes, i think it only uses techniques one learns in the book up to that point.
[Wed Sep 23 20:20:15 2015] <RegEchse> newsham: what exactly do you mean by your last statement? I mean, p&p proofs are much easier in quite many cases.
[Wed Sep 23 20:21:29 2015] <RegEchse> but then most of the times you don't work in CIC when writing down a proof.
[Wed Sep 23 20:23:37 2015] <RegEchse> e.g. exactly that exercise about rev and pal is an example where most authors would write "trivial" or "left as an exercise"; even if you do some induction in the proof you'd simply "destruct the list from the left and right" ...
[Wed Sep 23 20:24:42 2015] <RegEchse> But doing p&p proofs _that work in coq_, i don't find any "easier". It's just that i can structure my thought better and also that doodling helps my brain to think ... :D
[Wed Sep 23 20:29:50 2015] <benzrf> whats p&p
[Wed Sep 23 20:33:17 2015] <newsham> paper and pencil
[Wed Sep 23 20:33:21 2015] <benzrf> ha
[Wed Sep 23 21:00:58 2015] <RegEchse> sry, i was lazy :/
[Thu Sep 24 00:15:43 2015] <newsham> how come I cant search about "_ ++ _" ?
[Thu Sep 24 00:18:21 2015] <jrw> newsham: iirc, SearchAbout doesn't handle notations. use [Lookup "_ ++ _".] to find its real name and then search about that.
[Thu Sep 24 00:36:33 2015] <newsham> subseq_trans seems like its going to be a tricky one to
[Thu Sep 24 00:36:35 2015] <newsham> too
[Thu Sep 24 01:08:54 2015] <jrw> newsham: yes but not as tricky as the palindrome one :)
[Thu Sep 24 02:08:30 2015] <hamilto-nyan> What was the tactical for repeatedly trying a bunch of tactics (alternatedly, not in sequence) until none succeeds?
[Thu Sep 24 02:11:24 2015] <hamilto-nyan> Alternatively, what's the most efficient way to provide that `a + b + (c + d) = a + c + (b + d)`.
[Thu Sep 24 02:12:02 2015] <hamilto-nyan> (I can do it the hard way manually invoking plus_assoc and plus_comm where necessary, but it feels clumsy.)
[Thu Sep 24 02:42:11 2015] <jrw> hamilto-nyan: unfortunately, plus_comm will happily continue to swap the same plus back and forth, so you can't just wait for it not to succeed
[Thu Sep 24 02:48:00 2015] <asmanur> hamilto-nyan: try `ring`?
[Thu Sep 24 03:30:32 2015] <hamilto-nyan> jrw: Yeah, I have noticed. :-|
[Thu Sep 24 03:30:37 2015] <hamilto-nyan> asmanur: Is that a tactic? :-O
[Thu Sep 24 03:30:40 2015] <hamilto-nyan> asmanur: Where's it defined?
[Thu Sep 24 05:27:20 2015] <sgnb> hamilto-nyan: it depends on the type of your variables... if it's nat, it's available after a mere "Require Import Arith"
[Thu Sep 24 05:28:21 2015] <sgnb> ring is documented in the reference manual
[Thu Sep 24 22:14:48 2015] <majorseitan> hi
[Thu Sep 24 22:17:42 2015] <johnw> hi
[Thu Sep 24 22:17:45 2015] <lolisa> * meow
[Fri Sep 25 15:14:09 2015] <johnw> afternoon, fellow provers
[Fri Sep 25 15:28:39 2015] <RegEchse> good night, johnw ;)
[Fri Sep 25 15:29:36 2015] <johnw> I can prove constructively that it is the afternoon.  hah!
[Fri Sep 25 15:30:06 2015] <RegEchse> :D  i guess it's the context that matters ;)
[Fri Sep 25 15:30:25 2015] <johnw> true, I've axiomatized pacific daylight time
[Sun Sep 27 11:45:39 2015] <vanila> hello
[Sun Sep 27 11:45:52 2015] <vanila> does anyone know how to list the theorems that a theorems proof uses?
[Sun Sep 27 11:46:05 2015] <vanila> (I want to do this recursively to generate a dependency graph of theorems)
[Sun Sep 27 13:05:56 2015] <johnw> vanila: Print Opaque Dependencies will give you some of it
[Sun Sep 27 13:06:02 2015] <johnw> as well as Print Assumptions
[Sun Sep 27 13:21:57 2015] <vanila> thanks!
[Sun Sep 27 13:22:07 2015] <vanila> opaque deps seems to be transitive dependencies
[Sun Sep 27 13:22:18 2015] <vanila> i might need to hack coq to get a way to print a single step of deps..
[Sun Sep 27 14:34:27 2015] <vanila> so what is everyone working on? :)
[Sun Sep 27 14:37:49 2015] <johnw> a theorem in ACL2
[Sun Sep 27 14:38:33 2015] <vanila> interesting, i haven't used ACL2
[Sun Sep 27 14:38:49 2015] <vanila> i wonder if its similar to jbob from the little prover book
[Sun Sep 27 14:41:14 2015] <johnw> it seems that J-Bob can run on ACL2
[Mon Sep 28 10:58:09 2015] <benzrf> hi is it possible to get a version of coq with Type : Type so that i can try russelling it
[Mon Sep 28 10:58:11 2015] <benzrf> c
[Mon Sep 28 11:00:21 2015] <Cypi> There is the flag -type-in-type
[Mon Sep 28 12:22:49 2015] <benzrf> Cypi: is that during compilation?
[Mon Sep 28 12:25:18 2015] <Cypi> You can append this flag to most Coq utilities
[Mon Sep 28 12:25:30 2015] <Cypi> "coqide -type-in-type", "coqc -type-in-type", "coqchk -type-in-type"
[Mon Sep 28 12:25:38 2015] <Cypi> and so on
[Mon Sep 28 12:25:52 2015] <benzrf> [~]$ coqtop -type-in-type
[Mon Sep 28 12:25:55 2015] <benzrf> Don't know what to do with -type-in-type
[Mon Sep 28 12:26:12 2015] <Cypi> Hmm? It works for me
[Mon Sep 28 12:26:19 2015] <Cypi> Maybe it's a 8.5 thing
[Mon Sep 28 12:28:08 2015] <benzrf> is 8.5 the beta version?
[Mon Sep 28 12:28:19 2015] <Cypi> It's still in beta, yes
[Mon Sep 28 12:29:39 2015] <benzrf> kk
[Mon Sep 28 12:30:56 2015] <xandaros> Since I got ignored in #archlinux: I'm trying to install coq, which requires camlp5-transitional. However, when trying to build that, I get shouted at: http://hastebin.com/ahodayejam.txt - I did try to stick -fPIC in various places, but to no avail. What can I do to resolve this issue?
[Mon Sep 28 12:31:05 2015] <johnw> benzrf: 8.5b2 has been working well for me
[Mon Sep 28 12:34:24 2015] <benzrf> johnw: was just wondering why i was a version behind when im on Arch
[Mon Sep 28 12:46:39 2015] <xandaros> Oh, looks like I can use camlp4, which is in an official repo and therefore a binary package! Let's go with that, then :D
[Mon Sep 28 12:47:04 2015] <xandaros> Unfortunately, I get a very similar error when compiling coq -_-
[Mon Sep 28 12:58:16 2015] <johnw> xandaros: I built 8.5b2 with camlp5
[Mon Sep 28 12:58:54 2015] <xandaros> Well, I can't even build camlp5, so that's not an option
[Mon Sep 28 12:59:58 2015] <johnw> oh, hmm
[Mon Sep 28 13:00:10 2015] <johnw> sorry, I have to run now and can't help debug further
[Mon Sep 28 13:01:20 2015] <xandaros> hmm, k
[Mon Sep 28 14:17:52 2015] <RegEchse> xandaros: i can give you my PKGBUILD that i used to build camlp5-t...
[Mon Sep 28 14:18:09 2015] <RegEchse> xandaros: i don't remember exactly but i changed some lines (compared to the aur version) xD
[Mon Sep 28 14:18:37 2015] <RegEchse> ah, diff helps: i just updated it to use version 6.14
[Mon Sep 28 14:19:12 2015] <xandaros> RegEchse: I think I need to compile ocaml with -fPIC for it to work. I'll try it one I get home, on a tram at the moment
[Mon Sep 28 14:19:20 2015] <xandaros> thanks for the offer, though
[Mon Sep 28 14:20:41 2015] <RegEchse> oh sry, i was talking nonsense anyway. Well, nevermind then. good luck
[Mon Sep 28 14:21:25 2015] <xandaros> I do wonder why it doesn't work for me, but does for others, though. always found that curious when compiling
[Mon Sep 28 14:21:42 2015] <xandaros> you'd think it's somewhat consistent, but no...
[Mon Sep 28 14:25:28 2015] <benzrf> is there a such thing as two closed terms that are propositionally but not definitionally equal
[Mon Sep 28 14:25:42 2015] <benzrf> in vanilla coq
[Mon Sep 28 14:55:15 2015] <jrw> benzrf: I don't think so, no.
[Mon Sep 28 14:58:14 2015] <benzrf> hm
[Mon Sep 28 14:58:16 2015] <benzrf> bbl
[Mon Sep 28 14:59:54 2015] <jrw> benzrf: if you have [. |- pf : a = b] then pf must normalize to refl by canonicity, which means a and b must be definitionally equal.
[Mon Sep 28 15:31:26 2015] <johnw> what about fun x => x + 2 = 0 vs. fun x => 2 + x = 0.  is that what you mean?
[Mon Sep 28 16:09:36 2015] <jrw> johnw: can you prove those equal?
[Mon Sep 28 16:09:53 2015] <johnw> sadly I cannot prove it except by extensionality
[Mon Sep 28 16:10:18 2015] <johnw> so I guess by propositionally equal, he meant = equal
[Mon Sep 28 16:10:27 2015] <jrw> right, exactly.
[Mon Sep 28 16:10:36 2015] <jrw> if you add funext, then you break canonicity
[Mon Sep 28 16:10:41 2015] <jrw> and my argument goes out the window
[Mon Sep 28 16:10:45 2015] <johnw> the one thing that always trips me up about type theory is how many equals there are
[Mon Sep 28 16:10:50 2015] <jrw> :D
[Mon Sep 28 16:10:53 2015] <jrw> the more the merrier
[Mon Sep 28 16:10:54 2015] <jrw> or something.
[Mon Sep 28 16:10:57 2015] <johnw> := = == ≡ ≅ ...
[Mon Sep 28 16:11:21 2015] <johnw> have a problem you can't solve, define a new equality!
[Mon Sep 28 16:11:27 2015] <jrw> pretty much
[Mon Sep 28 16:52:41 2015] <xandaros> I got coq to work now, but I can't use arrow keys in coqtop. Is that normal? :(
[Mon Sep 28 16:53:31 2015] <johnw> do you mean, in coqide?
[Mon Sep 28 16:56:12 2015] <xandaros> No, in coqtop
[Mon Sep 28 16:56:21 2015] <xandaros> I like my terminal
[Mon Sep 28 16:59:14 2015] <johnw> oh
[Mon Sep 28 16:59:27 2015] <johnw> um, normal?  You can always use rlwrap to give readline behavior to anything
[Mon Sep 28 17:00:13 2015] <xandaros> Hmm, never heard of that. I'll try
[Mon Sep 28 17:01:07 2015] <johnw> just: rlwrap some-command
[Mon Sep 28 17:02:21 2015] <xandaros> Yeah, need to update my system before I can install rlwrap. It'll take a moment :)
[Mon Sep 28 17:13:28 2015] <xandaros> johnw: This is awesome. It works, thank you! :)
[Mon Sep 28 17:14:26 2015] <benzrf> jrw: yeah, canonicity
[Mon Sep 28 17:14:44 2015] <benzrf> i was thinking about the computational meaning of an equality
[Mon Sep 28 17:45:47 2015] <benzrf> so i was reading this https://www.quora.com/What-is-Girards-paradox and it mostly makes sense, but
[Mon Sep 28 17:46:10 2015] <benzrf> >and  subset:U→P(U)  (subset a  intuitively says "let us think the element a of U as a subset of U")
[Mon Sep 28 17:46:18 2015] <benzrf> i dont follow how this is possible
[Mon Sep 28 17:46:54 2015] <benzrf> there's no decision procedure for whether a given type is a sigma type, let alone extracting its predicate
[Tue Sep 29 01:54:59 2015] <johnw> why does Coq flatten parameterized types in extracted Haskell code?  Are there conflicts etween the type theories if they are kept?
[Tue Sep 29 07:20:37 2015] <vanila> hello
[Tue Sep 29 07:20:46 2015] <vanila> how do we know that excluded middle is independent from coqs theory?
[Tue Sep 29 07:28:33 2015] <KaneTW> vanila: the best i've found was http://cstheory.stackexchange.com/questions/4905/where-is-the-proof-that-coq-excluded-middle-is-consistent
[Tue Sep 29 07:28:44 2015] <KaneTW> so as long you have predicative Set you're fine
[Tue Sep 29 07:30:47 2015] <vanila> thanks
[Tue Sep 29 11:27:52 2015] <kini> Has anyone made an online coqide pastebin kind of thing? I wanted to send a simple coq proof to a non coq user and let them step through it without forcing them to install coq locally
[Tue Sep 29 11:37:39 2015] <kini> oh, I guess it's not so bad. I didn't realize coq had autoinstallers that came with coqide for windows and mac :)
[Tue Sep 29 12:00:46 2015] <KaneTW> that actually sounds interesting
[Tue Sep 29 12:39:28 2015] <newsham> https://ssrg.nicta.com.au/jobs/proof-engineers2015
[Tue Sep 29 12:40:56 2015] <hodapp> can they do it remotely? >_>
[Tue Sep 29 12:41:33 2015] <newsham> not my listing.  i doubt it.
[Tue Sep 29 12:41:38 2015] <hodapp> dang
[Tue Sep 29 12:41:39 2015] <newsham> http://sel4.systems/pipermail/devel/2015-September/000528.html
[Wed Sep 30 12:05:14 2015] <schoppenhauer> hello. what is the best way to extract coq's strings into ocaml? ocaml appears to only have immutable strings.
[Thu Oct  1 15:14:49 2015] <companion_cube> hi, I have a question about universes:  it is only by quantifying over values of type Type_i that the result has type Type_{i+1}, isn't it?
[Thu Oct  1 15:18:08 2015] <benzrf> Coq < Check Type -> Type.
[Thu Oct  1 15:18:10 2015] <benzrf> Type (* Top.1 *) -> Type (* Top.2 *)
[Thu Oct  1 15:18:12 2015] <benzrf>     : Type (* max((Top.1)+1, (Top.2)+1) *)
[Thu Oct  1 15:20:21 2015] <johnw> companion_cube: whenever Type_i must be a subtype of some Type_{i+1}, for example records, functions, product or sum constructions, etc.
[Thu Oct  1 15:20:58 2015] <johnw> Type_i -> Type_j has type Type_{lub{i+j}+1}
[Thu Oct  1 15:23:01 2015] <companion_cube> so, for instance, list : Type_i -> Type_i,  and (Type_i -> Type_i) : Type_{i+1}?
[Thu Oct  1 15:23:18 2015] <companion_cube> so unless I quantify over unary type constructors I can stay in the same univers
[Thu Oct  1 15:23:19 2015] <companion_cube> e
[Thu Oct  1 15:24:13 2015] <johnw> not quite sure what you mean by that
[Thu Oct  1 15:24:20 2015] <johnw> but Type_i -> Type_i is Type_i+1, yes
[Thu Oct  1 15:24:30 2015] <companion_cube> ok, thanks
[Thu Oct  1 15:25:34 2015] <companion_cube> (I'm asking that because I wonder whether "simple" Coq programs typically live in the few lowest universes)
[Thu Oct  1 15:33:39 2015] <johnw> turn on Set Printing Universes.
[Thu Oct  1 15:35:26 2015] <companion_cube> oh, thanks.
[Fri Oct  2 07:30:28 2015] <schoppenhauer> hi. is it possible to extract lists to lazy lists in ocaml?
[Fri Oct  2 07:31:17 2015] <schoppenhauer> because I have an algorithm that reads a file bitwise... and writes it bitwise... which works perfectly in Haskell, but will probably break ocaml.
[Fri Oct  2 07:34:26 2015] <companion_cube> I'm not sure a lazy list is a good way to do IO anyway
[Fri Oct  2 07:34:49 2015] <companion_cube> you mean you read the file bit by bit?
[Fri Oct  2 12:49:41 2015] <suriste> greetings fine people ... how do I export definitions that i made in coqtop
[Fri Oct  2 13:03:46 2015] <suriste> artart78: tag your logs ... i'm here
[Fri Oct  2 15:16:48 2015] <schoppenhauer> companion_cube: yes
[Fri Oct  2 15:17:34 2015] <companion_cube> if you want efficiency, you should rather use bigarrays and Bigarray.Array1.map_file
[Fri Oct  2 15:17:41 2015] <companion_cube> but we should discuss this on #ocaml
[Fri Oct  2 15:26:09 2015] <schoppenhauer> companion_cube: I know that this would be better, but currently I want lazy arrays.
[Sat Oct  3 02:18:17 2015] <sizur> Hi all, I have trouble running example from http://adam.chlipala.net/cpdt/html/Cpdt.StackMachine.html
[Sat Oct  3 02:18:31 2015] <sizur> it says it cannot find the library
[Sat Oct  3 02:19:04 2015] <sizur>  even through i have coq-prog-args set to  ("-emacs-U" "-R" "~/.emacs.d/src/cpdt/src" "Cpdt")
[Sat Oct  3 02:19:18 2015] <sizur> that dir is where the lib is at
[Sat Oct  3 02:19:30 2015] <sizur> make finished without error in it
[Sat Oct  3 02:21:19 2015] <sizur> I do have a warning that proofgeneral is compiled for emacs-24.2, while mine is 24.5
[Sat Oct  3 02:21:31 2015] <sizur> can that be the issue here?
[Sat Oct  3 08:13:02 2015] <riaqn> hello, can someone give reference to Prop, Type, Set, etc? I 'm totally confused.
[Sat Oct  3 08:13:30 2015] <riaqn> sorry, not reference. just some tutorials explaining their relations.
[Sat Oct  3 08:23:19 2015] <riaqn> ok, some tutorials here: http://adam.chlipala.net/cpdt/html/Universes.html
[Sat Oct  3 21:11:43 2015] <sizur> cannot load CpdtTactics :(
[Sat Oct  3 21:12:07 2015] <sizur> Cannot find library Cpdt.CpdtTactics in loadpath
[Sat Oct  3 21:12:39 2015] <sizur> coq-prog-args is a variable defined in `pg-custom.el'.
[Sat Oct  3 21:12:41 2015] <sizur> Its value is ("-emacs-U" "-R" "~/.emacs.d/src/cpdt/src" "Cpdt")
[Sat Oct  3 21:15:37 2015] <johnw> so, what is in that directory?
[Sat Oct  3 21:15:37 2015] <jrw> sizur: can you double check that there is a file CpdtTactics.vo in that directory?
[Sat Oct  3 21:15:43 2015] <johnw> yeah
[Sat Oct  3 21:16:08 2015] <sizur> ls ~/.emacs.d/src/cpdt/src | grep CpdtTactics | column
[Sat Oct  3 21:16:10 2015] <sizur> CpdtTactics.glob        CpdtTactics.v.d
[Sat Oct  3 21:16:12 2015] <sizur> CpdtTactics.v           CpdtTactics.vo
[Sat Oct  3 21:16:41 2015] <sizur> sorry, dont know what happened with that paste, but the file is there
[Sat Oct  3 21:16:48 2015] <johnw> sizur: this is what I would do
[Sat Oct  3 21:16:59 2015] <johnw> in the project where you want to *use* CpdtTactics, make a file called _CoqProject
[Sat Oct  3 21:17:05 2015] <johnw> the first line of this file should be:
[Sat Oct  3 21:17:19 2015] <johnw> -R <HOME>/.emacs.d/src/cpdt/src Cpdt
[Sat Oct  3 21:17:23 2015] <johnw> where <HOME> is expanded by hand there
[Sat Oct  3 21:17:30 2015] <johnw> then, after that line, list every .v file in your project
[Sat Oct  3 21:17:34 2015] <johnw> this is what works for me
[Sat Oct  3 21:18:05 2015] <johnw> proofgeneral knows to parse this file and sniff out the project-specific options
[Sat Oct  3 21:18:18 2015] <johnw> and coq_makefile knows to read it for generating the Makefile.coq
[Sat Oct  3 21:18:34 2015] <sizur> ah, it doesn't expand ~?
[Sat Oct  3 21:18:52 2015] <sizur> then maybe just modifying that in the coq-prog-args should work?
[Sat Oct  3 21:18:59 2015] <johnw> I really don't know
[Sat Oct  3 21:19:07 2015] <sizur> duh, that makes sense, it's not expanded by shell when it's called like that
[Sat Oct  3 21:19:19 2015] <johnw> I've had every kind of failure trying to do it the non-_CoqProject ways, so now I just stick to what works
[Sat Oct  3 21:25:44 2015] <sizur> it's so incredibly frustrating when so many books just skim over the setup step.  if one cannot setup, the rest of the book you spent money on is just trash
[Sat Oct  3 21:26:08 2015] <johnw> so true, sizur
[Sat Oct  3 21:27:36 2015] <sizur> alright, now it works
[Sat Oct  3 21:29:01 2015] <sizur> (load-file "~/.emacs.d/src/ProofGeneral/generic/proof-site.el")
[Sat Oct  3 21:29:03 2015] <sizur> (eval-after-load 'coq
[Sat Oct  3 21:29:05 2015] <sizur>   '(setq coq-prog-args
[Sat Oct  3 21:29:07 2015] <sizur>          `("-emacs-U"
[Sat Oct  3 21:29:09 2015] <sizur>            "-R"
[Sat Oct  3 21:29:11 2015] <sizur>            ,(expand-file-name
[Sat Oct  3 21:29:13 2015] <sizur>              "~/.emacs.d/src/cpdt/src")
[Sat Oct  3 21:29:15 2015] <sizur>            "Cpdt")))
[Sat Oct  3 21:29:30 2015] <sizur> johnw: thank you!
[Sat Oct  3 21:31:16 2015] <sizur> ProofGeneral functions should really expand their filename arguments before useage.
[Sun Oct  4 02:54:32 2015] <tamago> welcome
[Sun Oct  4 02:54:39 2015] <sanooj> heya
[Sun Oct  4 02:54:51 2015] <tamago> Are you good with Coq?
[Sun Oct  4 02:55:10 2015] <sanooj> not really. I'm on a slow train to upload ssreflect into the brain.
[Sun Oct  4 02:55:17 2015] <sanooj> why, you got a problem?
[Sun Oct  4 02:55:26 2015] <tamago> just a newbie struggling to prove things >_<
[Sun Oct  4 02:55:54 2015] <sanooj> welcome. :)
[Sun Oct  4 02:56:25 2015] <sanooj> is anyone else alive at the moment?  probably not. it's usually pretty quiet.
[Sun Oct  4 02:57:20 2015] <sanooj> what are you proving?
[Sun Oct  4 02:57:42 2015] <tamago> I'm trying to show that two functions that sum elements in a tree are equal.
[Sun Oct  4 02:57:50 2015] <tamago> So I have a fold function
[Sun Oct  4 02:57:52 2015] <tamago> Fixpoint fold (alpha : Type) (f : alpha -> Z -> alpha) (a : alpha) (t : inttree) : alpha :=  match t with  | Empty => a  | Node j l r => fold f (fold f (f a j) l) r  end .
[Sun Oct  4 02:58:09 2015] <tamago> Here inttree is
[Sun Oct  4 02:58:10 2015] <tamago> Inductive inttree := | Empty : inttree | Node : Z -> inttree -> inttree -> inttree.
[Sun Oct  4 02:58:19 2015] <tamago> And I want to show these two sum functions are equal
[Sun Oct  4 02:58:26 2015] <tamago> Fixpoint sum1 (x:inttree) : Z :=  match x with  | Empty => 0  | Node j l r => j + (sum1 l) + (sum1 r)  end .
[Sun Oct  4 02:58:35 2015] <tamago> Fixpoint sum2 (x:inttree) : Z :=  fold (fun x y => x + y) 0 x.
[Sun Oct  4 02:59:06 2015] <tamago> in other words
[Sun Oct  4 02:59:17 2015] <tamago> Proposition sum_equivalence : forall x : inttree, sum2 x = sum1 x.
[Sun Oct  4 03:00:13 2015] <tamago> I can do it if I can prove this lemma
[Sun Oct  4 03:00:15 2015] <tamago> Lemma sum2_lemma : forall z : Z, forall x1 x2 : inttree,  sum2 (Node z x1 x2) = z + sum2 x1 + sum2 x2.
[Sun Oct  4 03:00:22 2015] <tamago> But I get tangled up in the definition of fold.
[Sun Oct  4 03:01:06 2015] <sanooj> right. seems like it should go by structural induction pretty easily.
[Sun Oct  4 03:01:56 2015] <tamago> Hmm, what do you mean by that more precisely?
[Sun Oct  4 03:02:06 2015] <tamago> I've tried inducting on everything I could think of
[Sun Oct  4 03:02:31 2015] <sanooj> hang on, I'll get my editor up.
[Sun Oct  4 03:02:36 2015] <tamago> thank you so much
[Sun Oct  4 03:04:27 2015] <tamago> I use this header
[Sun Oct  4 03:04:28 2015] <tamago> Require Import ZArith. Open Scope Z_scope. Require Import Le Gt Minus Bool Setoid. Set Implicit Arguments. Open Scope list_scope.
[Sun Oct  4 03:04:35 2015] <tamago> probably not all required but anyway.
[Sun Oct  4 03:13:36 2015] <sanooj> I think we'd want to show a lemma like forall z, z + (sum2 l) + (sum2 r) = sum2 (Node z l r).
[Sun Oct  4 03:13:41 2015] <sanooj> then the induction is easy.
[Sun Oct  4 03:14:23 2015] <tamago> Lemma sum2_lemma : forall z : Z, forall x1 x2 : inttree,  sum2 (Node z x1 x2) = z + sum2 x1 + sum2 x2.
[Sun Oct  4 03:14:34 2015] <tamago> That's what I was trying.
[Sun Oct  4 03:14:36 2015] <tamago> Yours is the same right?
[Sun Oct  4 03:14:39 2015] <tamago> Let me try that again.
[Sun Oct  4 03:14:56 2015] <sanooj> yeah, the same.
[Sun Oct  4 03:16:39 2015] <tamago> And this is where I drown in definition of fold.
[Sun Oct  4 03:20:58 2015] <sanooj> I see. :)
[Sun Oct  4 03:24:18 2015] <tamago> At least I know I had one thought that might have been on the right track though :)
[Sun Oct  4 03:24:38 2015] <tamago> hey dram
[Sun Oct  4 03:24:52 2015] <dramforever> tamago: hey, but...do I know you?
[Sun Oct  4 03:25:02 2015] <dramforever> do you know me?
[Sun Oct  4 03:25:27 2015] <tamago> I don't know you in particular
[Sun Oct  4 03:25:42 2015] <tamago> Right now everyone is the same to me: someone who knows more :p
[Sun Oct  4 03:26:16 2015] <dramforever> tamago: sorry but you are so friendly that I get a bit confused
[Sun Oct  4 03:26:22 2015] <dramforever> now it's fine, don't worry
[Sun Oct  4 03:26:53 2015] <tamago> lol
[Sun Oct  4 03:34:24 2015] <tamago> Dram are you still there?
[Sun Oct  4 03:34:45 2015] <dramforever> yep
[Sun Oct  4 03:35:35 2015] <tamago> Can I pick your brain on a proof?
[Sun Oct  4 03:35:49 2015] <tamago> It should be easy but I've been working on it for days.
[Sun Oct  4 03:37:09 2015] <dramforever> tamago: perhaps, I'm free for a while
[Sun Oct  4 03:37:22 2015] <tamago> so
[Sun Oct  4 03:37:31 2015] <tamago> here is my code
[Sun Oct  4 03:37:38 2015] <dramforever> It's holiday here in China, but that's not exactly important
[Sun Oct  4 03:37:43 2015] <tamago> Ah
[Sun Oct  4 03:37:51 2015] <tamago> I hope I'm not disturbing anything.
[Sun Oct  4 03:37:58 2015] <tamago> I don't follow holidays :p
[Sun Oct  4 03:38:15 2015] <dramforever> nope, it's fine
[Sun Oct  4 03:38:33 2015] <tamago> Anyway, even hearing if this is hard or not would help
[Sun Oct  4 03:38:36 2015] <tamago> Require Import ZArith. Open Scope Z_scope. Require Import Le Gt Minus Bool Setoid. Set Implicit Arguments. Open Scope list_scope.
[Sun Oct  4 03:38:48 2015] <dramforever> stop, stop pasting
[Sun Oct  4 03:38:54 2015] <tamago> ah I'm sorry
[Sun Oct  4 03:39:00 2015] <sanooj> I think we need to show that fold over an associative function can be rewritten like we want to.
[Sun Oct  4 03:39:04 2015] <dramforever> http://lpaste.net/new/coq maybe?
[Sun Oct  4 03:39:10 2015] <tamago> ah kk thanks
[Sun Oct  4 03:39:25 2015] <tamago> Oh sanooj you're still working on it o.O
[Sun Oct  4 03:39:28 2015] <tamago> Thank you so much
[Sun Oct  4 03:39:33 2015] <tamago> But I don't quite follow >_<
[Sun Oct  4 03:40:23 2015] <dramforever> tamago: wait a sec...I'm not exactly sure it's easy...
[Sun Oct  4 03:41:30 2015] <dramforever> ZArith? Setoid? ok now you can take that statement back because I obviously know less than you
[Sun Oct  4 03:42:03 2015] <sanooj> tamago: before I get into the land of infinite folds I have something like this: fold add 0 (Node z l r) = z + (fold 0 l) + (fold add 0 r), which is just a small step away from the general property of folding over an associative f.
[Sun Oct  4 03:42:36 2015] <tamago> ah no, that was just a header I got from somewhere.
[Sun Oct  4 03:42:37 2015] <sanooj> dramforever: you don't need any of that. I just set Z := nat and got on with it.
[Sun Oct  4 03:42:57 2015] <tamago> I don't use all of that lol.
[Sun Oct  4 03:43:19 2015] <tamago> http://lpaste.net/142274
[Sun Oct  4 03:43:42 2015] <tamago> ZArith I think I need because this is done with Z and not nat.
[Sun Oct  4 03:44:04 2015] <tamago> Then the code uses implicit arguments for the fold function, but I think I don't need the rest.
[Sun Oct  4 03:48:29 2015] <tamago> sanooj I agree with you that seems easier, but I still can't do it :p
[Sun Oct  4 03:49:02 2015] <sanooj> me neither. working on it.
[Sun Oct  4 03:54:59 2015] <tamago> I don't really want to unfold fold, since the definition is gigantic.
[Sun Oct  4 03:55:09 2015] <tamago> But maybe it's unavoidable
[Sun Oct  4 03:58:19 2015] <sanooj> ok, so I have it down to something similar to this: fold f x t = f x (fold f 0 t)
[Sun Oct  4 03:58:45 2015] <tamago> Better than me.
[Sun Oct  4 03:58:54 2015] <tamago> Although I've gotten things that looked like that before.
[Sun Oct  4 03:58:59 2015] <tamago> Try unfold fold?
[Sun Oct  4 03:59:46 2015] <sanooj> I guess I'll start on that as a lemma.
[Sun Oct  4 04:04:15 2015] <dramforever> status report: I was doing induction in different ways. Nothing good so far
[Sun Oct  4 04:04:27 2015] <dramforever> *trying to do induction in...
[Sun Oct  4 04:04:31 2015] <tamago> Same!
[Sun Oct  4 04:04:44 2015] <tamago> Thank you both sooooo much!!!!
[Sun Oct  4 04:04:56 2015] <dramforever> tamago: no I don't deserve any thanks for not helping at all
[Sun Oct  4 04:05:01 2015] <tamago> haha
[Sun Oct  4 04:05:11 2015] <tamago> But you convinced me that the problem is actually tricky.
[Sun Oct  4 04:05:17 2015] <tamago> Which is some sort of progress.
[Sun Oct  4 04:06:23 2015] <dramforever> yeah, so you are not missing anything too obvious
[Sun Oct  4 04:09:02 2015] <tamago> So one idea I had if this simply won't work, is to define inttree as a dependent type in terms of the sum of elements. I'm not sure if that would help.
[Sun Oct  4 04:15:03 2015] <sanooj> I think I'm pretty close with the lemma. just need to coerce coq into doing the rewrites I want.
[Sun Oct  4 04:16:36 2015] <tamago> oh wow!
[Sun Oct  4 04:16:48 2015] <tamago> *bows*
[Sun Oct  4 04:16:57 2015] <sanooj> better wait for it.
[Sun Oct  4 04:25:22 2015] <dramforever> tamago: hey I have an idea: maybe strengthen the induction hypothesis to something like fold (fun x y => x + y) r (Node z x1 x2) = z + sum x1 + sum x2 + r
[Sun Oct  4 04:27:29 2015] <tamago> ah, I want to do something like that
[Sun Oct  4 04:27:49 2015] <tamago> Gotta search for how to strengthen induction >_<
[Sun Oct  4 04:28:05 2015] <dramforever> tamago: just prove another lemma :)
[Sun Oct  4 04:28:17 2015] <tamago> ah, lol
[Sun Oct  4 04:28:25 2015] <tamago> I was thinking there was a keyword
[Sun Oct  4 04:29:42 2015] <tamago> Ah, that's like sanooj was doing.
[Sun Oct  4 04:30:26 2015] <tamago> I worked on this, which is basically the same I think.
[Sun Oct  4 04:30:26 2015] <tamago> Lemma sum2_lemma : forall z : Z, forall x1 x2 : inttree,  sum2 (Node z x1 x2) = z + sum2 x1 + sum2 x2.
[Sun Oct  4 04:31:56 2015] <dramforever> tamago: I think the r might help induction
[Sun Oct  4 04:41:23 2015] <sanooj> mh. I'm stuck reorganizing a sum. :(
[Sun Oct  4 04:43:39 2015] <dramforever> sanooj: try the magical omega
[Sun Oct  4 04:46:14 2015] <sanooj> okay then. magic it is!
[Sun Oct  4 04:47:12 2015] <sanooj> http://pastebin.com/sTBuXtxn
[Sun Oct  4 04:48:07 2015] <sanooj> * hasn't quite gotten the hang of proof golfing.
[Sun Oct  4 04:48:26 2015] <tamago> WOOOOW
[Sun Oct  4 04:48:29 2015] <tamago> Nice!!
[Sun Oct  4 04:48:32 2015] <tamago> Thank you so much!
[Sun Oct  4 04:49:36 2015] <sanooj> you'll need to put the generic into f again, as I simplified it to be over Z always.
[Sun Oct  4 04:49:54 2015] <dramforever> wow
[Sun Oct  4 04:50:14 2015] <tamago> Yea, some details left. I'm going to try to do it for Z also instead of nat.
[Sun Oct  4 04:50:39 2015] <dramforever> so you proved it? too bad can't visit pastebin here
[Sun Oct  4 04:51:15 2015] <dramforever> I would be greatful if you code repaste it here http://lpaste.net/new/coq
[Sun Oct  4 04:51:20 2015] <tamago> Man, some of the stuff sanooj did was pretty close to what I tried. I feel better about myself now.
[Sun Oct  4 04:51:30 2015] <tamago> kk
[Sun Oct  4 04:51:57 2015] <sanooj> http://lpaste.net/142277
[Sun Oct  4 04:52:03 2015] <tamago> http://lpaste.net/142278
[Sun Oct  4 04:52:05 2015] <tamago> oopps lol
[Sun Oct  4 04:52:07 2015] <dramforever> sanooj: thanks...lol
[Sun Oct  4 04:52:16 2015] <dramforever> tamago: thanks for you too
[Sun Oct  4 04:52:54 2015] <tamago> I had done something like in fold_pull_out_plus, but I didn't think to apply the inductive hypotheses twice >_<
[Sun Oct  4 04:53:07 2015] <tamago> I was like "welp that didn't work"
[Sun Oct  4 04:53:09 2015] <sanooj> I expect the expert ssreflectors could slim it down to one line of totally unreadable line noise.
[Sun Oct  4 04:53:49 2015] <dramforever> sanooj: oh that fold_pull_out_plus thing was excellent =P
[Sun Oct  4 04:53:57 2015] <tamago> It's funny to me how languages rise to the heights of well typedness in Coq, only to completely morph back into obfuscation in Ltac.
[Sun Oct  4 04:53:58 2015] <dramforever> freeing us from fold
[Sun Oct  4 04:54:28 2015] <dramforever> tamago: the true magic of coq isn't inside gallina the CIC thing
[Sun Oct  4 04:54:30 2015] <tamago> Yea, part of me thought that just couldn't be done o.O
[Sun Oct  4 04:54:32 2015] <dramforever> it's ltac
[Sun Oct  4 04:54:41 2015] <tamago> True
[Sun Oct  4 04:55:38 2015] <tamago> Man thank you so much again, this is really really nice, despite all what you say about it not being golfy :p
[Sun Oct  4 04:55:39 2015] <dramforever> sanooj: that makes it easier to work with
[Sun Oct  4 04:55:58 2015] <dramforever> sanooj: thanks for you too
[Sun Oct  4 04:56:13 2015] <sanooj> yeah. stumbling on the right thing to factor out was the accident that worked. :)
[Sun Oct  4 04:58:41 2015] <tamago> Ah, and just a few changes and it works for Z as well, not just nat.
[Sun Oct  4 04:59:06 2015] <dramforever> tamago: *that's* what I mean by magical omega :P
[Sun Oct  4 04:59:22 2015] <dramforever> literally suits all your linear integer arithmetic needs
[Sun Oct  4 04:59:33 2015] <tamago> Also sanooj you can use the intuition tactic in some places to be more golfy
[Sun Oct  4 05:00:28 2015] <sanooj> thanks.  although to be honest, I'm not a fan of the automagic bits yet.
[Sun Oct  4 05:00:56 2015] <sanooj> I have almost no feeling for how coq searches for proofs or does type inference.
[Sun Oct  4 05:01:34 2015] <tamago> I like automagic where it's easy to find a long boring proof. I'm a bit more uneasy about the places where I don't know how it actually proved it.
[Sun Oct  4 05:01:42 2015] <sanooj> in my mind it's like a supercharged hindley-milner.
[Sun Oct  4 05:02:24 2015] <tamago> Well I think that example didn't use anything beyond hindley milner
[Sun Oct  4 05:02:48 2015] <tamago> (not counting whatever theory goes into proof terms)
[Sun Oct  4 05:04:28 2015] <sanooj> so I actually popped in here looking for some help understanding the proof od le_irrelevance in ssrnat.v
[Sun Oct  4 05:04:49 2015] <tamago> Ah, well, I can try? :p
[Sun Oct  4 05:04:49 2015] <sanooj> *of le_irrelevance.
[Sun Oct  4 05:05:04 2015] <sanooj> have you used ssreflect before?
[Sun Oct  4 05:05:10 2015] <tamago> nope
[Sun Oct  4 05:06:09 2015] <sanooj> ah, hang on: http://lpaste.net/142279
[Sun Oct  4 05:06:20 2015] <sanooj> so. line noise.
[Sun Oct  4 05:06:44 2015] <sanooj> oops. I've duplicated the first line of the proof. ignore that
[Sun Oct  4 05:07:23 2015] <tamago> wait is this your proof? what is this?
[Sun Oct  4 05:07:28 2015] <tamago> I'm trying to get it to run.....
[Sun Oct  4 05:07:45 2015] <sanooj> oh, you wouldn't be able to. you'd need to get the ssreflect package installed on your system.
[Sun Oct  4 05:08:11 2015] <tamago> ah ic
[Sun Oct  4 05:08:11 2015] <sanooj> that paste was just to see what it looks like.
[Sun Oct  4 05:08:15 2015] <tamago> Okay
[Sun Oct  4 05:09:41 2015] <tamago> Man, I really wish I could understand this.
[Sun Oct  4 05:09:52 2015] <sanooj> so for most ssreflect proofs I've looked at I've been able to deconstruct the noise into its individual components.
[Sun Oct  4 05:10:41 2015] <dramforever> sanooj: also thanks for telling me about the bullets things! they are indeed interesting
[Sun Oct  4 05:11:19 2015] <tamago> bullets?
[Sun Oct  4 05:11:38 2015] <sanooj> the hyphens in the proof.
[Sun Oct  4 05:11:45 2015] <tamago> ah
[Sun Oct  4 05:21:53 2015] <tamago> Well thank you again so much.
[Sun Oct  4 05:22:00 2015] <tamago> I hope to see you guys around.
[Sun Oct  4 05:22:13 2015] <tamago> Sorry I'm not of any use with ssreflect >_<
[Sun Oct  4 05:25:26 2015] <sanooj> np. there's more to upload even if I skip that proof.
[Sun Oct  4 05:46:56 2015] <lpaste> dramforever pasted “As an exercise, I golfed your proof :)” at http://lpaste.net/7157656852409352192
[Sun Oct  4 05:47:10 2015] <dramforever> sanooj: ^
[Sun Oct  4 05:48:07 2015] <dramforever> to me, line 18-19 the pose proof -> congruence is the funniest part
[Sun Oct  4 05:52:10 2015] <sanooj> I get "Omega can't solve this system" when solving doing r = r + 0 in the first omega.
[Sun Oct  4 05:53:00 2015] <dramforever> hmm...that's a bit weird and that's what I get for golfing
[Sun Oct  4 05:53:21 2015] <dramforever> perhaps auto with * could do it?
[Sun Oct  4 05:55:35 2015] <sanooj> mh. fixing that, then I get "congruence failed"
[Sun Oct  4 05:55:54 2015] <dramforever> sanooj: arrgh, the funniest part isn't it
[Sun Oct  4 05:56:15 2015] <dramforever> I'm using coq8.5, perhaps those tactics got waaaay smarter
[Sun Oct  4 05:56:49 2015] <sanooj> perhaps. I'm on 8.4 I think.
[Sun Oct  4 05:57:05 2015] <sanooj> yeah.
[Sun Oct  4 05:57:10 2015] <dramforever> sanooj: tbh I didn't even expect congruence to do that
[Sun Oct  4 05:57:25 2015] <sanooj> heh.
[Sun Oct  4 05:57:54 2015] <sanooj> it's pretty slick.
[Sun Oct  4 05:58:20 2015] <dramforever> sanooj: I guess with coq8.4 you will have to rewrite fold_plus_out twice, like you did it in the original one
[Sun Oct  4 07:58:48 2015] <suriste> pppppppppppp
[Sun Oct  4 09:38:02 2015] <riaqn> hello, how can I write circular definition? https://bpaste.net/show/b3e39a3eab66
[Sun Oct  4 09:42:44 2015] <sanooj> use "with"?
[Sun Oct  4 09:43:30 2015] <riaqn> sanooj: more details please?
[Sun Oct  4 09:44:56 2015] <sanooj> I don't know for sure as I've never done it, but iirc you should be able to just separate your mutually recursive definitions using "with".
[Sun Oct  4 09:45:13 2015] <sanooj> a little googling gives me an example like this:
[Sun Oct  4 09:45:16 2015] <sanooj> Inductive mtree (A : Type) : Type :=
[Sun Oct  4 09:45:16 2015] <sanooj>   mnode : A -> forest A -> mtree A
[Sun Oct  4 09:45:16 2015] <sanooj> with forest (A : Type) : Type := mnil : forest A
[Sun Oct  4 09:45:16 2015] <sanooj>                                | mcons : mtree A -> forest A -> forest A.
[Sun Oct  4 09:45:58 2015] <riaqn> sanooj: awesome! thanks.
[Sun Oct  4 09:46:20 2015] <sanooj> if you look at the manual under the production fix_bodies, it shows about the same thing.
[Sun Oct  4 09:46:35 2015] <sanooj> (figure 1.2)
[Sun Oct  4 09:47:09 2015] <sanooj> or 1.3, syntax of terms.
[Sun Oct  4 09:48:21 2015] <riaqn> where is "production fix_bodies"?
[Sun Oct  4 09:50:04 2015] <sanooj> https://coq.inria.fr/refman/Reference-Manual003.html#sec26
[Sun Oct  4 09:51:18 2015] <sanooj> https://coq.inria.fr/refman/Reference-Manual003.html#sec39 <- described here
[Sun Oct  4 09:52:00 2015] <sanooj> well, I say described, but like a lot of the manual, really more like "eluded to".
[Sun Oct  4 09:53:44 2015] <sanooj> *alluded
[Sun Oct  4 09:54:14 2015] <sanooj> but often it eludes me anyway. :)
[Sun Oct  4 18:20:23 2015] <tsenko> greetings fine people .. what's the -outputstate coqtop option about
[Sun Oct  4 18:28:00 2015] <tsenko> is there a way to save a coqtop session
[Sun Oct  4 18:29:02 2015] <sanooj> you could try some of the unix process saving tools, like hol light does.
[Sun Oct  4 18:29:16 2015] <sanooj> they seemed to work with an ml toplevel reasonably well.
[Sun Oct  4 18:29:44 2015] <sanooj> what is it you want to do?
[Sun Oct  4 18:32:17 2015] <tsenko> wait .. i'll try something
[Sun Oct  4 18:33:24 2015] <sanooj> I used dmtcp on linux with hol light. it was okay.
[Sun Oct  4 18:35:48 2015] <tsenko> i think it worked
[Sun Oct  4 18:36:05 2015] <tsenko> so it's BWrite State "some.file.coq"
[Sun Oct  4 18:36:15 2015] <tsenko> Write State "some.coq"
[Sun Oct  4 18:36:27 2015] <tsenko> and then Restore State "some.coq"
[Sun Oct  4 18:40:10 2015] <tsenko> thank you .. buddha bless you
[Sun Oct  4 18:45:17 2015] <tsenko> also .. i have defined some module in coqtop .. is there a way to export it to a file
[Sun Oct  4 19:07:49 2015] <sanooj> sorry, I don't really use coqtop so much.
[Sun Oct  4 19:08:00 2015] <sanooj> I mainly use proof general through emacs.
[Sun Oct  4 19:20:10 2015] <tsenko> sanooj: i absolve you
[Sun Oct  4 19:31:28 2015] <tsenko> so i have a definition in my current state
[Sun Oct  4 19:31:32 2015] <tsenko> how do i override it
[Sun Oct  4 19:32:17 2015] <johnw>  I think you can Retract the definition
[Sun Oct  4 19:32:25 2015] <johnw> but I'm not entirely sure that's the verb
[Sun Oct  4 20:43:40 2015] <tsenko> so if ident already exists i have to choose another name :\
[Sun Oct  4 22:59:03 2015] <riaqn> hello, I got H: S n = n. How can I skip the goal?  inversion H doesn't help.
[Sun Oct  4 23:02:11 2015] <KaneTW> induction over n
[Sun Oct  4 23:02:34 2015] <riaqn> to prove S n = n -> False?
[Sun Oct  4 23:02:38 2015] <KaneTW> yeah
[Sun Oct  4 23:02:50 2015] <riaqn> ok, I 'll try.
[Sun Oct  4 23:04:57 2015] <KaneTW> (then you can just contradiction once you get False in the context)
[Mon Oct  5 00:06:46 2015] <benzrf> riaqn: thats a valid equality for coinductive nats
[Mon Oct  5 00:06:51 2015] <benzrf> its not a trivial fact w/o induction
[Mon Oct  5 11:39:14 2015] <sanooj> phew. seq.v seems like a normal straightforward file again.
[Mon Oct  5 11:39:32 2015] <sanooj> not quite sure about the seqn_type though.
[Mon Oct  5 11:40:44 2015] <sanooj> it seems to build a kind of curried thing to make seqn n work as advertised.
[Mon Oct  5 11:59:09 2015] <riaqn> how to induction over two circular defined Inductive Type?
[Mon Oct  5 11:59:30 2015] <riaqn> https://bpaste.net/show/231dbba4613a
[Mon Oct  5 12:00:10 2015] <sanooj> you probably need to prove your own induction principle.
[Mon Oct  5 12:00:12 2015] <riaqn> well, maybe my question itself is not clear...what's the meaning of 'induction over two types'
[Mon Oct  5 12:01:16 2015] <riaqn> sanooj: Thanks, I 'll try.
[Mon Oct  5 12:01:43 2015] <sanooj> although your paste does create tree_ind and forest_ind that look normal.
[Mon Oct  5 12:05:59 2015] <riaqn> sanooj: hmm, I don't know how to express my needs. let me do some try and error first.
[Mon Oct  5 13:27:01 2015] <sanooj> seq.v is like ten miles long. I'm not reading all of this!
[Mon Oct  5 13:34:57 2015] <sanooj> mh. coq segfaulted on me.
[Mon Oct  5 13:35:19 2015] <sanooj> Compute (code [:: 1;2;3;4;5]). -> SIGSEGV.
[Mon Oct  5 13:35:42 2015] <sanooj> oh, with unary nats that's going to be a pretty large list.
[Mon Oct  5 13:38:07 2015] <sanooj> about a million entries?
[Mon Oct  5 13:41:59 2015] <sanooj> looks like coq can't deal with unary numbers > about 50k.
[Mon Oct  5 13:45:14 2015] <sanooj> why's it segfaulting? ocaml programs shouldn't be segfaulting like that.
[Mon Oct  5 13:46:30 2015] <rmk0_> may be OS-specific heap and stack limits
[Mon Oct  5 13:49:23 2015] <rmk0_> i think stack overflows are one of the few things that will make compiled ocaml code segfault
[Mon Oct  5 13:51:20 2015] <sanooj> indeed. increasing the stack limit to 16MB fixes that.
[Mon Oct  5 13:52:41 2015] <sanooj> didn't realise I was using coqtop.opt.
[Mon Oct  5 14:39:19 2015] <benzrf> if i constructed CIC-within-coq, and did something like
[Mon Oct  5 14:40:04 2015] <benzrf> Definition provable (p : CICType) := exists e : CICExpr, checks e p.
[Mon Oct  5 14:40:13 2015] <benzrf> and then
[Mon Oct  5 14:40:56 2015] <benzrf> Axiom self_awareness : forall (P : Prop), exists (p : CICType), P <-> provable p.
[Mon Oct  5 14:41:12 2015] <benzrf> can i derive False from this without LEM?
[Mon Oct  5 16:31:46 2015] <vanila> hello - is anyone working on something interesting in coq?
[Mon Oct  5 16:41:51 2015] <johnw> vanila: is it possible to do uninteresting things with coq? :)
[Mon Oct  5 16:42:37 2015] <vanila> touche :)
[Mon Oct  5 16:43:12 2015] <johnw> vanila: have you seen Fiat, from MIT?
[Mon Oct  5 16:43:31 2015] <johnw> that's the next thing I'll be playing with
[Mon Oct  5 16:43:51 2015] <vanila> i read atiny bit about it
[Mon Oct  5 16:44:06 2015] <johnw> oh, and QuickChick
[Mon Oct  5 16:44:06 2015] <vanila> http://sigops.org/sosp/sosp15/current/2015-Monterey/printable/013-chen.pdf
[Mon Oct  5 16:44:09 2015] <vanila> im not sure if this is related
[Mon Oct  5 16:44:42 2015] <johnw> I don't think that's related, but similar team
[Mon Oct  5 16:44:47 2015] <johnw> at least, the Adam aspect :)
[Mon Oct  5 16:56:03 2015] <jrw> vanila: are you looking for something to contribute to? if you say something more about your interests, maybe people can point you to relevant projects.
[Tue Oct  6 08:14:51 2015] <sanooj> gah. ssr's .+ binding tighter than * is pretty confusing.
[Tue Oct  6 08:50:37 2015] <sanooj> choice.v is giving me a headache.
[Tue Oct  6 09:10:39 2015] <sanooj> could someone help me grok how to dig out the proofs in a canonical class structure?
[Tue Oct  6 09:11:50 2015] <sanooj> for example in choice.v the [Lemma correct P n x: find P n = Some x -> P x] seems to be basically giving a name to the unnamed proof of the same fact in the choice Mixin.
[Tue Oct  6 09:12:44 2015] <sanooj> I don't understand how it destructs everything using [by case: T => _ [_[]] in P n x *] and then just *bam* proved.
[Tue Oct  6 09:13:42 2015] <sanooj> usually with these long sequences of case or rewrite I know how to split it up into the individual steps, but everything I've tried with this just comes up with a lot of "you can't do that"
[Tue Oct  6 10:09:59 2015] <benzrf> i kinda wanna try using coq to formalize the topology ive been learning
[Tue Oct  6 10:10:09 2015] <benzrf> but theres a ton of classical logic and set theory and real numbers ;-;
[Tue Oct  6 10:11:03 2015] <benzrf> how painful would it be to build up enough set theoryish general topology stuff to, say, establish the IVT for functions R -> R?
[Tue Oct  6 10:11:13 2015] <benzrf> are there any decent set theory libs for coq?
[Tue Oct  6 10:11:47 2015] <Saizan> i think there are some formalizations of the reals
[Tue Oct  6 10:12:22 2015] <benzrf> yeah but how much do they suck ass to work with
[Tue Oct  6 10:12:42 2015] <hodapp> suck coq*
[Tue Oct  6 10:12:47 2015] <benzrf> :]
[Tue Oct  6 10:14:11 2015] <Saizan> dunno
[Tue Oct  6 11:22:19 2015] <johnw> benzrf: I have some basic set theory stuff that you could hack apart and build upon; it's based on some paper that I read
[Tue Oct  6 11:29:16 2015] <benzrf> hm
[Tue Oct  6 11:29:21 2015] <benzrf> maybe i should check out nuprl :>
[Tue Oct  6 11:29:25 2015] <benzrf> or jonprl
[Tue Oct  6 11:30:01 2015] <johnw> benprl
[Tue Oct  6 11:30:14 2015] <benzrf> wew
[Tue Oct  6 12:08:15 2015] <riaqn> hello, I 've defined two mutual recursive [fix], how can I return F0 /\ F1 ?  a final [for] clause can only return one of them.
[Tue Oct  6 12:11:32 2015] <johnw> riaqn: can you show some code?
[Tue Oct  6 12:12:45 2015] <riaqn> https://bpaste.net/show/3a1b77576c79
[Tue Oct  6 12:14:45 2015] <johnw> I've never seen this use of "for"; what does it do?
[Tue Oct  6 12:14:51 2015] <johnw> sadly, it's incredibly hard to google or search the docs for
[Tue Oct  6 12:14:51 2015] <benzrf> for x in xs:
[Tue Oct  6 12:14:54 2015] <benzrf> ha
[Tue Oct  6 12:15:06 2015] <benzrf> johnw: you could grep the docs for it in code tags
[Tue Oct  6 12:15:14 2015] <johnw> assuming I had that
[Tue Oct  6 12:16:00 2015] <riaqn> johnw: when you define two mutually recursive anonymous functions, you must specify what the definition returns.
[Tue Oct  6 12:16:17 2015] <johnw> oh, that's like "return", but for those two functions
[Tue Oct  6 12:16:39 2015] <johnw> well, /\ wants propositions, but F0 and F1 are both functions
[Tue Oct  6 12:16:43 2015] <riaqn> wondering why I have to 'specify', rather than just return P0 /\ P1.
[Tue Oct  6 12:16:50 2015] <johnw> for (forall t : tree, F0 t /\ F1 t) perhaps
[Tue Oct  6 12:17:14 2015] <riaqn> oh yes.. function is a "proof", isn't it.
[Tue Oct  6 12:18:50 2015] <riaqn> then I want to return [conj F0 F1].
[Tue Oct  6 12:19:20 2015] <johnw> isn't that the exact same thing?
[Tue Oct  6 12:19:26 2015] <johnw> as F0 /\ F1
[Tue Oct  6 12:20:27 2015] <riaqn> I don't think so. (typeof F0) /\ (typeof F1) returns a Prop, while conj F0 F1 returns a proof to that Prop.
[Wed Oct  7 09:15:29 2015] <nicolas12> Hello guys, I have an issue... I need to prove `prod n 0 = 0`, with the following inductive definition for `prod`:
[Wed Oct  7 09:15:42 2015] <nicolas12> Fixpoint prod (n m : nat) : nat :=
[Wed Oct  7 09:15:42 2015] <nicolas12>     match n, m with
[Wed Oct  7 09:15:43 2015] <nicolas12>       _, 0 => 0
[Wed Oct  7 09:15:43 2015] <nicolas12>       | 0, _ => 0
[Wed Oct  7 09:15:43 2015] <nicolas12>       | 1, _ => m
[Wed Oct  7 09:15:43 2015] <nicolas12>       | _, 1 => n
[Wed Oct  7 09:15:43 2015] <nicolas12>       | (S k), _ => sum (prod k m) m
[Wed Oct  7 09:15:43 2015] <nicolas12>     end.
[Wed Oct  7 09:16:50 2015] <nicolas12> I don't know why: `Eval simpl in (forall n: nat, prod n 0 = 0).` doesn't reduce the term `prod n 0` to `0` (`prod 0 n` is reduced to `0`, though)
[Wed Oct  7 09:17:10 2015] <vanila> I think that case there
[Wed Oct  7 09:17:14 2015] <vanila>       | _, 1 => n
[Wed Oct  7 09:17:20 2015] <vanila> is making it much harder than it would be otherwise
[Wed Oct  7 09:17:24 2015] <vanila> what about matching only on n
[Wed Oct  7 09:17:55 2015] <nicolas12> yes, my problem is I have to demonstrate `prod n m = prod m n`
[Wed Oct  7 09:18:11 2015] <vanila> so are you ok t ochange the definition of prod to make the proofs easier?
[Wed Oct  7 09:18:15 2015] <vanila> or would you rather keep it as written
[Wed Oct  7 09:18:27 2015] <nicolas12> and it doesn't evaluate the term `prod n 0` to `0` directly
[Wed Oct  7 09:18:42 2015] <sanooj> why am I getting a complaint about prod k m having type nat instead of Type?
[Wed Oct  7 09:18:44 2015] <Cypi> Even though you wrote a match on n and m simultaneously, it is actually, internally, a match on n followed by a match on m
[Wed Oct  7 09:18:45 2015] <nicolas12> yeah, I just wanted to make easier the proof
[Wed Oct  7 09:18:53 2015] <Cypi> so the first match cannot reduce in the `prod n 0` case
[Wed Oct  7 09:19:06 2015] <vanila> ok so if you change it to  'match n with'
[Wed Oct  7 09:19:15 2015] <vanila> and delete that line _, 1 => n
[Wed Oct  7 09:19:30 2015] <nicolas12> yes, my previous definition was  a match on n
[Wed Oct  7 09:19:34 2015] <vanila> proof by induction on n might work to show  prod n 0 = 0
[Wed Oct  7 09:19:58 2015] <Cypi> You probably only need one destruct on n to prove that with your original definition, no need for induction
[Wed Oct  7 09:19:59 2015] <nicolas12> no, the problem is it wasn't show that in one step
[Wed Oct  7 09:20:35 2015] <nicolas12> ok thanks, yes, with a destruct I can show that
[Wed Oct  7 09:20:35 2015] <Cypi> (maybe 2 destructs because you're matching on 1)
[Wed Oct  7 09:20:45 2015] <Cypi> (but no induction required, as far as I can guess!)
[Wed Oct  7 09:21:03 2015] <vanila> http://lpaste.net/142472
[Wed Oct  7 09:21:15 2015] <vanila> here's a hint how to start off
[Wed Oct  7 09:21:19 2015] <nicolas12> but I was wondering if it's possible to change the definition to show `prod n 0 = 0` in one `simpl`, just like `prod 0 n` does
[Wed Oct  7 09:21:33 2015] <vanila> I don't think that's possible
[Wed Oct  7 09:21:47 2015] <Cypi> nicolas12 : you can, by swapping n and m in the match :p
[Wed Oct  7 09:21:57 2015] <Cypi> But then you lose the reduction of `prod 0 n`, of course
[Wed Oct  7 09:22:09 2015] <nicolas12> Cype: :) yes, haha
[Wed Oct  7 09:22:17 2015] <nicolas12> vanila: thanks !! :)
[Wed Oct  7 09:22:29 2015] <nicolas12> thank you all, you were very helpful
[Wed Oct  7 09:24:07 2015] <sanooj> nicolas12: are you using 8.5?
[Wed Oct  7 09:24:33 2015] <nicolas12> version 8.3pl4 :P
[Wed Oct  7 09:24:54 2015] <sanooj> weird. I'm on 8.4, and coq isn't liking your Fixpoint prod.
[Wed Oct  7 09:26:32 2015] <nicolas12> why is that?
[Wed Oct  7 09:27:00 2015] <sanooj> I don't know. it says 'The term "prod k m" has type "nat" while it is expected to have type "Type"'
[Wed Oct  7 09:27:16 2015] <sanooj> but I thought nats were always Types.
[Wed Oct  7 09:27:16 2015] <nicolas12> ah, I see
[Wed Oct  7 09:27:25 2015] <nicolas12> I have another `sum` defined for nats
[Wed Oct  7 09:27:53 2015] <nicolas12> maybe coq's trying to match the other `sum` from prelude
[Wed Oct  7 09:28:04 2015] <sanooj> yes, but shouldn't it work anyway?
[Wed Oct  7 09:28:16 2015] <Cypi> An inhabitant of nat is not a Type
[Wed Oct  7 09:28:18 2015] <nicolas12> I really don't know
[Wed Oct  7 09:28:19 2015] <sanooj> the sum from the prelude is Type -> Type -> Type.
[Wed Oct  7 09:28:42 2015] <sanooj> Cypi: ah.
[Wed Oct  7 09:28:48 2015] <Cypi> You have [2 : nat] and [nat : Set], but you don't have [2 : Set] for instance
[Wed Oct  7 09:29:04 2015] <sanooj> I see.
[Wed Oct  7 09:31:51 2015] <nicolas12> what's the best tactic for solving something alike: http://lpaste.net/142473?
[Wed Oct  7 09:32:34 2015] <vanila> destruct m.
[Wed Oct  7 09:34:08 2015] <nicolas12> thanks
[Thu Oct  8 08:49:31 2015] <kasabian> Hello people, I have to write an inductive relation on postfix lists, I did the following: http://lpaste.net/142573
[Thu Oct  8 08:51:02 2015] <kasabian> I don't know if that's OK, as I've been stuck in the proof of the lemma and I couldn't continue
[Thu Oct  8 08:55:59 2015] <lolisa> Oh I see what you did wrong here
[Thu Oct  8 08:56:41 2015] <lolisa> A rule of thumb is, when you do induction, you want an inductive hypothesis as generalize as possible, so you want l2 l3 on the forall stack
[Thu Oct  8 08:57:05 2015] <lolisa> So just remove the intro, you will go further]
[Thu Oct  8 09:01:50 2015] <kasabian> thanks lolisa , let me try it out !
[Thu Oct  8 09:03:38 2015] <lolisa> * meow
[Thu Oct  8 09:04:19 2015] <lolisa> Also, when you want to put something back on the forall stack, use generalize dependent n. or revert n m p as much number of ident as you like.
[Thu Oct  8 09:06:58 2015] <kasabian> lolisa, I just updated the paste http://lpaste.net/142573 with your suggestions, the thing is I get the same result
[Thu Oct  8 09:13:59 2015] <lolisa> Yeah, but now youe IHl1 get better - now it is more generalized
[Thu Oct  8 09:14:49 2015] <lolisa> maybe you should try subst; eapply IHl1.
[Thu Oct  8 09:21:45 2015] <lolisa> Oh you need to apply postfixL
[Thu Oct  8 09:23:49 2015] <kasabian> I already solved it: http://lpaste.net/142573
[Thu Oct  8 09:24:02 2015] <kasabian> but I needed to define a helper lemma
[Thu Oct  8 09:24:27 2015] <kasabian> Idk whether or not that's a good resolution
[Thu Oct  8 09:25:53 2015] <lolisa> Good :) BTW you might like to have a look at list at standard library (Require Import List
[Thu Oct  8 09:28:13 2015] <kasabian> lolisa thanks :)
[Thu Oct  8 09:28:38 2015] <kasabian> but it's for a course homework, so we are playing a bit with inductive definitions
[Thu Oct  8 09:29:00 2015] <kasabian> I'll try it though!
[Fri Oct  9 10:42:41 2015] <ianjneu> kini: I forgot what you were working on. Remind me?
[Fri Oct  9 11:47:01 2015] <aochagavia> Hi, I have started learning coq today (using https://www.cis.upenn.edu/~bcpierce/sf/current/index.html) and have a couple of questions
[Fri Oct  9 11:47:19 2015] <aochagavia> I have seen you can use the hypothesis in a proof by typing H
[Fri Oct  9 11:47:56 2015] <aochagavia> is there another letter (or something) to use a sub-hypothesis?
[Fri Oct  9 11:47:57 2015] <aochagavia> for instance
[Fri Oct  9 11:48:06 2015] <aochagavia> if I want to proof that A -> B -> C
[Fri Oct  9 11:48:14 2015] <aochagavia> H = A
[Fri Oct  9 11:48:46 2015] <aochagavia> And I am looking for something like SubH = B
[Fri Oct  9 11:50:28 2015] <Cypi> Let's say your current goal is indeed [A -> B -> C]. When you use the tactic [intros H.], it will give you as a hypothesis [H : A], which is to say : the variable H has type A.
[Fri Oct  9 11:50:41 2015] <Cypi> and then you have to prove [B -> C], with this variable H in your environment
[Fri Oct  9 11:51:14 2015] <Cypi> However, the name H is arbitrary, you could have writtent instead [intros SomethingElse.], and it would have given you the hypothesis [SomethingElse : A]
[Fri Oct  9 11:51:53 2015] <Cypi> So, starting from the goal [B -> C], you can do [intros SubH] if you want to bring the hypothesis [SubH : B] in your context.
[Fri Oct  9 11:52:23 2015] <Cypi> (Note that I'm writing [H : A] and not [H = A], because you are actually bringing in your context something _of type_ A, not something equal to A)
[Fri Oct  9 11:57:11 2015] <aochagavia> thanks!
[Fri Oct  9 11:58:33 2015] <aochagavia> I was stuck at a proof and now I have finished it :)
[Fri Oct  9 14:50:16 2015] <aochagavia> Which tactic can I use to get to a goal from a contradiction?
[Fri Oct  9 14:56:07 2015] <companion_cube> inversion <hypothesis> ?
[Fri Oct  9 14:57:24 2015] <aochagavia> I have the goal false <> true
[Fri Oct  9 14:57:28 2015] <aochagavia> but I don't know how to prove it
[Fri Oct  9 14:58:27 2015] <companion_cube> this goal is not a contradiction
[Fri Oct  9 14:58:30 2015] <companion_cube> simpl.
[Fri Oct  9 14:58:51 2015] <companion_cube> oh, no
[Fri Oct  9 14:59:00 2015] <aochagavia> right ;)
[Fri Oct  9 14:59:15 2015] <companion_cube> unfold not; intro H; inversion H.
[Fri Oct  9 14:59:29 2015] <aochagavia> let's see
[Fri Oct  9 15:00:13 2015] <aochagavia> it works :)
[Fri Oct  9 15:00:25 2015] <aochagavia> now I will have to understand it
[Fri Oct  9 15:00:27 2015] <aochagavia> :p
[Fri Oct  9 15:02:19 2015] <companion_cube> first, `unfold not`  transforms the goal in  `false = true -> False`
[Fri Oct  9 15:02:34 2015] <companion_cube> then `intro H` introduces an hypothesis `false = true`, named H
[Fri Oct  9 15:02:52 2015] <companion_cube> then `inversion H` concludes because the assumption `false = true` is absurd
[Fri Oct  9 15:03:39 2015] <aochagavia> so you can use inversion to take any conclusion from false = true?
[Fri Oct  9 15:03:51 2015] <aochagavia> does it have other uses besides that? The docs say there are many forms of inversion
[Fri Oct  9 15:04:55 2015] <johnw> if you have false = true in your context, then discriminate will always solve the goal
[Fri Oct  9 15:04:58 2015] <companion_cube> in general it deconstructs inductive types in hypothesis, I think
[Fri Oct  9 15:05:36 2015] <aochagavia> hmmm... too much alternatives for a beginner
[Fri Oct  9 15:05:39 2015] <aochagavia> I will have to read more
[Fri Oct  9 15:05:42 2015] <aochagavia> thanks!
[Fri Oct  9 15:10:44 2015] <johnw> the number of alternatives is truly daunting as a beginner
[Fri Oct  9 15:10:55 2015] <johnw> I remember thinking I'd never, ever understand them all, or when to use which
[Fri Oct  9 15:11:15 2015] <johnw> fortunately, you can get pretty far knowing only a subset twlel
[Fri Oct  9 15:11:17 2015] <johnw> well
[Sat Oct 10 09:47:10 2015] <aochagavia> Is there a standard proof that (S n) = (S m) -> n = m?
[Sat Oct 10 09:48:15 2015] <asmanur> injectivity H.
[Sat Oct 10 09:49:49 2015] <aochagavia> do I need to import a module in order to use that?
[Sat Oct 10 09:50:13 2015] <asmanur> no I don't think so
[Sat Oct 10 09:51:16 2015] <aochagavia> I get this: Error: The reference injectivity was not found in the current environment.
[Sat Oct 10 09:52:52 2015] <asmanur> can I see the code ?
[Sat Oct 10 09:53:51 2015] <aochagavia> I am working through the book of Pierce
[Sat Oct 10 09:54:04 2015] <aochagavia> shall I paste it on a GitHub gist?
[Sat Oct 10 09:54:14 2015] <asmanur> in a proof, you should be able to use the tactic injectivity
[Sat Oct 10 09:56:01 2015] <aochagavia> This is it: https://gist.github.com/aochagavia/7b9e62e2853d0f34a5d3
[Sat Oct 10 09:57:12 2015] <asmanur> the syntax is injectivity <name of the hypothesis>
[Sat Oct 10 09:58:44 2015] <aochagavia> ok, thanks!
[Sat Oct 10 10:00:25 2015] <aochagavia> * it looks like the tactic is called injection
[Sat Oct 10 10:03:28 2015] <asmanur> oh yeah
[Sat Oct 10 10:03:35 2015] <asmanur> close enough sorry
[Sat Oct 10 10:06:30 2015] <aochagavia> ;)
[Sat Oct 10 10:33:48 2015] <aochagavia> I want to use list concatenation (++) but I keep gettin "Error: Unknown interpretation for notation "_ ++ _"."
[Sat Oct 10 10:33:58 2015] <aochagavia> any ideas?
[Sat Oct 10 10:35:30 2015] <aochagavia> solved using Local Open Scope list_scope.
[Sat Oct 10 11:17:29 2015] <aochagavia> what is the syntax used to write a function that requires that some property holds?
[Sat Oct 10 11:17:59 2015] <aochagavia> for instance (A -> B), only if P(A)
[Sat Oct 10 11:18:26 2015] <Cypi> You can use dependent sums: {x : A | P x} -> B
[Sat Oct 10 11:19:04 2015] <Cypi> See the type sig
[Sat Oct 10 11:19:52 2015] <aochagavia> thanks!
[Sat Oct 10 11:35:41 2015] <aochagavia> is there any straightforward way to use sig with a tuple?
[Sat Oct 10 11:36:06 2015] <aochagavia> something like { (x : A) (y : B) | P x y }
[Sun Oct 11 08:46:19 2015] <darthdeus> hey guys, I'm having trouble proving that strong antisymmetry -> antireflexivity ... I can do it on paper, but in Coq I end up being stuck at this point http://i.imgur.com/MgeM31E.png ... it seems there should be an obvious contradiction, but I can't figure out how to do it https://gist.github.com/darthdeus/df7850132764fef32c6d
[Sun Oct 11 08:46:35 2015] <darthdeus> trying contradict H or H0 doesn't seem to lead anywhere
[Sun Oct 11 08:46:59 2015] <darthdeus> I mean, I somehow need to say that H0 contradicts H
[Sun Oct 11 08:47:11 2015] <darthdeus> and somehow imply that b=a in that case
[Sun Oct 11 08:47:29 2015] <dramforever> darthdeus: hint: "H0 contradicts H" it doesn't
[Sun Oct 11 08:48:02 2015] <dramforever> because a is one thing and b could potentially be something else
[Sun Oct 11 08:48:11 2015] <darthdeus> dramforever: but if "R a a" is true, then for H I'd get "R a a -> ~ R a a"
[Sun Oct 11 08:48:28 2015] <dramforever> no you don't =)
[Sun Oct 11 08:48:38 2015] <dramforever> R a a by no means imply R a b
[Sun Oct 11 08:48:46 2015] <darthdeus> hmm
[Sun Oct 11 08:48:52 2015] <darthdeus> but R a a doesn't work in H
[Sun Oct 11 08:49:01 2015] <dramforever> exactly
[Sun Oct 11 08:49:21 2015] <darthdeus> then H and H0 can't be true at the same time
[Sun Oct 11 08:49:48 2015] <dramforever> uh wait by "R a a doesn't work in H" you mean they contradict? then no
[Sun Oct 11 08:49:55 2015] <dramforever> like 1 = 1 doesn't mean 1 = 2
[Sun Oct 11 08:50:09 2015] <darthdeus> hmm
[Sun Oct 11 08:50:51 2015] <def`> I commented on your gist, I didn't check, I don't have coq here
[Sun Oct 11 08:52:15 2015] <darthdeus> def`: thanks, I'll check it out
[Sun Oct 11 08:57:27 2015] <darthdeus> hmm interesting, it's much simpler to prove with the different forall placement :)
[Sun Oct 11 08:57:30 2015] <dramforever> Just curious: what do you use coq for? fun? work? university course?
[Sun Oct 11 08:57:52 2015] <darthdeus> dramforever: I'm taking a basic algebra course, and had to do some proofs for assignment, and thought I'd try to do them in coq
[Sun Oct 11 08:58:07 2015] <dramforever> so "fun" I guess
[Sun Oct 11 08:58:09 2015] <darthdeus> yeah
[Sun Oct 11 08:58:53 2015] <darthdeus> thought it might help me adding a bit of rigor to my proofs
[Sun Oct 11 08:58:59 2015] <darthdeus> instead of just trying to wing it
[Sun Oct 11 08:59:30 2015] <def`> darthdeus: Now you can try to prove that your previous theorem was wrong :)
[Sun Oct 11 08:59:40 2015] <def`> (assume it, prove False)
[Sun Oct 11 09:02:10 2015] <dramforever> darthdeus: tip: you could use generalize dependent <var> to put <var> back into a forall.
[Sun Oct 11 09:04:56 2015] <darthdeus> def`: you mean taking just the "forall a b: A, (R a b -> not (R b a)) -> not (R a a)" and proving False from that? :O
[Sun Oct 11 09:07:28 2015] <darthdeus> dramforever: in what case would I want to generalize it again thuogh? maybe for applying an existing more general theorem?
[Sun Oct 11 09:08:10 2015] <dramforever> yep, or doing induction. (pun warning) generally when you need something more general
[Sun Oct 11 09:08:21 2015] <darthdeus> hehe
[Sun Oct 11 09:18:15 2015] <def`> darthdeus: Theorem foo: ~(forall A : Type, forall R : A -> A -> Prop, (forall a b: A, (R a b -> not (R b a)) -> not (R a a))).
[Sun Oct 11 09:19:07 2015] <def`> You have to generalize a bit to prove it was wrong. "for an arbitrary relation" it is false
[Sun Oct 11 09:19:24 2015] <def`> Then you just have to find one relation for which it is wrong.
[Sun Oct 11 09:22:33 2015] <darthdeus> hmm, interesting, I'll give it a try, thanks!
[Sun Oct 11 10:33:03 2015] <Big_G> Has anyone heard of jobs using Coq?
[Sun Oct 11 10:47:19 2015] <nkaretnikov> Big_G: subscribe to the mailing list
[Sun Oct 11 17:54:42 2015] <pumita> Hi people, I have to define the inductive relation `isSet` using the following: http://lpaste.net/142790
[Sun Oct 11 17:55:29 2015] <pumita> Could anyone help me to do it? I don't know how to write `isSetCons` properly
[Sun Oct 11 17:55:42 2015] <pumita> I have to use what is there
[Sun Oct 11 17:57:43 2015] <Cypi> For [consL x l] to be a set, you need the fact that x is not in l. So you need [~ MemL x l].
[Sun Oct 11 17:58:58 2015] <pumita> Cypi thanks, I wrote that but just guessing it, I don't understand what MemL tells me, though
[Sun Oct 11 18:00:29 2015] <Cypi> [MemL x l] expresses "x is in l"
[Sun Oct 11 18:02:09 2015] <pumita> Cypi Oh, I got it. Now I understand what the second constructor does
[Sun Oct 11 18:02:12 2015] <pumita> thanks!!
[Sun Oct 11 19:11:11 2015] <pumita> Hi guys, I don't know how to keep going with this proof : http://lpaste.net/142790
[Sun Oct 11 19:11:17 2015] <pumita> any hint?
[Sun Oct 11 23:54:06 2015] <benzrf> gallina is strong enough to simulate any guaranteed-halting turing machine right
[Mon Oct 12 00:01:44 2015] <mea-culpa> guaranteed-halting?
[Mon Oct 12 00:03:01 2015] <benzrf> er, specific guaranteed-halting programs on a turing machine
[Mon Oct 12 00:03:04 2015] <benzrf> bleh
[Mon Oct 12 00:03:17 2015] <benzrf> i think i went too specific without thinking about what i was specifying :)
[Mon Oct 12 00:03:36 2015] <benzrf> really what i'm asking is. anything that you can do in a turing complete language which will always halt can be done in gallina, right?
[Mon Oct 12 00:04:35 2015] <benzrf> and the extra power you get from turing completeness is simply that it becomes possible to write functions that are not well-defined in general but make sense on some non-decidable part of their domain
[Mon Oct 12 00:13:05 2015] <mea-culpa> benzrf: I think no, since the set of gallina programs is decidable and the set of programs that terminate for all of their inputs is not.
[Mon Oct 12 00:13:26 2015] <benzrf> o
[Mon Oct 12 00:13:54 2015] <benzrf> mea-culpa: could they be equivalent, but not constructively so?
[Mon Oct 12 00:15:12 2015] <mea-culpa> oh, I'm saying foolish things. Don't pay attention to them please. *Since the language codes the programs which always terminate
[Mon Oct 12 00:16:29 2015] <mea-culpa> benzrf: I mean there is a program which cannot be described by Gallina and which always terminates.
[Mon Oct 12 00:17:29 2015] <benzrf> how do u know?
[Mon Oct 12 00:20:47 2015] <mea-culpa> Hmm, maybe I'm wrong...
[Mon Oct 12 02:33:10 2015] <companion_cube> benzrf: termination of some programs is undecidable
[Mon Oct 12 02:33:17 2015] <companion_cube> therefore you cannot write those programs in Coq
[Mon Oct 12 02:33:32 2015] <companion_cube> because Coq asks for a termination proof, so I agree with mea-culpa
[Mon Oct 12 08:07:25 2015] <schoppenhauer> is there some tactic that automatically can convert a proposition about N or Z into a proposition about nat?
[Mon Oct 12 08:10:00 2015] <schoppenhauer> ah. omega can. nice.
[Mon Oct 12 08:13:09 2015] <Saizan> benzrf: there's always a way to describe them, even when they do not terminate, for those that do the termination proof might be arbitrarily large, and for some programs you won't be able to do the termination proof for goedelian reasons
[Mon Oct 12 08:15:19 2015] <benzrf> companion_cube: interesting
[Mon Oct 12 08:15:26 2015] <benzrf> ok
[Mon Oct 12 08:16:57 2015] <Saizan> companion_cube: what's a program for which termination is undecidable?
[Mon Oct 12 08:18:47 2015] <benzrf> hmm
[Mon Oct 12 08:19:00 2015] <benzrf> hold on so
[Mon Oct 12 08:19:17 2015] <benzrf> alright nvm
[Mon Oct 12 08:19:37 2015] <benzrf> Saizan: perhaps something whose termination hinges on a constructively unprovable fact?
[Mon Oct 12 08:21:30 2015] <Saizan> benzrf: could be
[Mon Oct 12 08:21:33 2015] <benzrf> * asks ##math
[Mon Oct 12 08:22:28 2015] <benzrf> wait. im stupid
[Mon Oct 12 08:22:30 2015] <benzrf> omg
[Mon Oct 12 08:22:48 2015] <benzrf> any halting program can be shown to halt simply by enumerating its states
[Mon Oct 12 08:24:44 2015] <Saizan> that tells you that halting is semi-decidable
[Mon Oct 12 08:25:44 2015] <Cypi> benzrf : take the program that takes a program as an argument and executes it. Its termination is undecidable
[Mon Oct 12 08:25:53 2015] <Cypi> (ok, you might find that this is a cheat :p )
[Mon Oct 12 08:26:04 2015] <benzrf> 08:25 <benzrf> oh, well, i was assuming a self-contained program
[Mon Oct 12 08:26:06 2015] <benzrf> 08:25 <zHafydd> benzrf: given by a Turing machine?
[Mon Oct 12 08:26:08 2015] <benzrf> 08:25 <benzrf> i suppose saying 'this function terminates on all inputs' cannot be done that way
[Mon Oct 12 08:26:10 2015] <benzrf> 08:25 <benzrf> 'self-contained' meaning that theres a single initial state that you proceed from, not something parameterized
[Mon Oct 12 08:26:12 2015] <benzrf> hm
[Mon Oct 12 08:40:40 2015] <companion_cube> Saizan: an evaluator
[Mon Oct 12 08:40:45 2015] <companion_cube> I guess
[Mon Oct 12 08:41:02 2015] <companion_cube> for a non terminating language, applied to some program
[Mon Oct 12 08:41:20 2015] <companion_cube> knowing if it will terminate on some input depends on the program, and reduces to the halting problem
[Mon Oct 12 08:50:44 2015] <Saizan> i mean, undecidable in the sense of the halting problem cannot really be applied to a single program
[Mon Oct 12 08:51:46 2015] <Saizan> but fair enough
[Mon Oct 12 08:54:10 2015] <companion_cube> Saizan: eval : program -> input -> output
[Mon Oct 12 08:54:20 2015] <companion_cube> now you apply partially   (eval p) to some program
[Mon Oct 12 08:54:36 2015] <companion_cube> I think the termination of this particular function is undecidable (but it can be terminating)
[Mon Oct 12 08:54:44 2015] <companion_cube> (unlike eval itself which is clearly non terminating)
[Mon Oct 12 23:18:52 2015] <jrw> has anyone ever run into rewrite being too smart? it's rewriting by additional hypotheses without me asking for it. at the very least, this appears to be undocumented. http://lpaste.net/142887
[Tue Oct 13 12:02:19 2015] <pumita> Hi guys, I don't know how to keep going with this proof : http://lpaste.net/142790
[Tue Oct 13 12:02:20 2015] <pumita> any hint?
[Tue Oct 13 12:19:31 2015] <irishsultan> you can use `destruct (equal x a) eqn:xa_equal` to get an equation that knows in which branch you are
[Tue Oct 13 12:21:10 2015] <irishsultan> which means you get an assumption (equal x a = false) at the point where you're stuck
[Tue Oct 13 12:38:34 2015] <pumita> irishsultan thanks for your help, but I don't get it :(
[Tue Oct 13 12:39:08 2015] <pumita> also, it didn't work
[Tue Oct 13 12:41:08 2015] <jrw> pumita: you changed the line [destruct (equal x a)] to [destruct (equal x a) eqn:Hxa] and then what didn't work?
[Tue Oct 13 12:41:48 2015] <pumita> it throws me this: Syntax error: '.' or '...' expected after [tactic:tactic] (in [subgoal_command]).
[Tue Oct 13 12:43:57 2015] <pumita> jrw maybe I'm using an old version
[Tue Oct 13 12:44:13 2015] <jrw> pumita: what version are you using?
[Tue Oct 13 12:44:48 2015] <pumita> 8.3pl4
[Tue Oct 13 12:46:39 2015] <jrw> I've never used 8.3, so I don't know off the top of my head whether eqn: works
[Tue Oct 13 12:47:02 2015] <jrw> one thing would be to explicitly introduce the equality
[Tue Oct 13 12:47:25 2015] <pumita> something like `cut (equal x a)` ?
[Tue Oct 13 12:47:34 2015] <jrw> something like [remember (equal x a) as y] followed by [destruct y]
[Tue Oct 13 12:48:52 2015] <pumita> jrw let me try it out, thanks!
[Tue Oct 13 14:39:51 2015] <benzrf> if i can prove ~P -> ~Q constructively in a way that involves induction, what can i say about reverse engineering a proof of Q -> P?
[Tue Oct 13 14:45:46 2015] <jrw> benzrf: well if you start your proof of [~P -> ~Q] by changing the goal to [Q -> P] and then proceeding by induction, then there's nothing to say.
[Tue Oct 13 15:40:27 2015] <pumita> Ccan the proof in http://lpaste.net/142790 be improved a little? Thanks!
[Tue Oct 13 15:55:17 2015] <benzrf> jrw: :p
[Tue Oct 13 15:55:53 2015] <benzrf> jrw: well to be more precise, i recently spent some time trying to figure out a version of heine-borel that isnt by contradiction
[Tue Oct 13 16:31:52 2015] <jrw> benzrf: on paper or in coq?
[Tue Oct 13 16:32:20 2015] <benzrf> either, reall
[Tue Oct 13 16:32:22 2015] <benzrf> *really
[Tue Oct 13 16:43:50 2015] <jrw> benzrf: well if you're interested in constructive analysis, I recommend bishop's "foundations of constructive analysis"
[Tue Oct 13 16:44:05 2015] <benzrf> that sounds like pain
[Tue Oct 13 16:44:14 2015] <jrw> :)
[Tue Oct 13 16:44:26 2015] <def`> :D
[Tue Oct 13 16:44:44 2015] <jrw> although I believe the usual approach is to *define* compactness (on metric spaces) as "complete and totally bounded"
[Tue Oct 13 16:45:18 2015] <ianjneu> jrw: constructive analysis doesn't use an algebra of infinitesimals, does it?
[Tue Oct 13 16:45:35 2015] <jrw> ianjneu: I don't know what that is :)
[Tue Oct 13 16:46:01 2015] <benzrf> well to be precise
[Tue Oct 13 16:46:10 2015] <benzrf> i was analyzing why contradiction was necessary in the proof they used
[Tue Oct 13 16:46:20 2015] <benzrf> and it seemed to be an induction thing
[Tue Oct 13 16:46:21 2015] <benzrf> i dunno
[Tue Oct 13 16:46:47 2015] <ianjneu> jrw: ACL2(r)'s formalization of real numbers uses a "non-standard" real analysis. Although ACL2 is not a constructive logic, many uses of it is constructive.
[Tue Oct 13 16:47:57 2015] <jrw> interesting. yeah, I think bishop takes a different approach, not using infintesimals
[Tue Oct 13 17:01:06 2015] <pumita> is there a not for bool inductive type?
[Tue Oct 13 17:01:38 2015] <jrw> pumita: yes I think it's called negb
[Tue Oct 13 17:01:56 2015] <pumita> thanks!
[Tue Oct 13 18:14:16 2015] <pumita> Hi, I have to define the following grammar: http://lpaste.net/142964
[Tue Oct 13 18:14:28 2015] <pumita> Do I have to write a constructor for every case?
[Tue Oct 13 18:20:21 2015] <pumita> Is this correct? http://lpaste.net/142964
[Tue Oct 13 18:30:13 2015] <jrw> pumita: looks good
[Tue Oct 13 18:30:45 2015] <pumita> jrw :)
[Tue Oct 13 20:20:37 2015] <QF-MichaelK> is there a visual coq?
[Tue Oct 13 20:40:21 2015] <jrw> QF-MichaelK: you might like to check out http://goto.ucsd.edu/peacoq/
[Tue Oct 13 20:40:50 2015] <jrw> it's still early stage, and I'm not sure it's exactly what you're looking for, but I have found it helps to teach beginners.
[Tue Oct 13 21:25:51 2015] <pumita> Hi guys, I'm struggling a bit with this last proof: http://lpaste.net/142964
[Tue Oct 13 21:26:03 2015] <pumita> any hint? thanks
[Tue Oct 13 21:26:51 2015] <pumita> do I have to consider all the cases?
[Tue Oct 13 22:04:19 2015] <jrw> pumita: I think this will be hard to prove directly by induction.
[Tue Oct 13 22:04:35 2015] <jrw> I believe it follows from the fact that the evaluator is deterministic
[Tue Oct 13 22:04:40 2015] <jrw> which should be provable by induction
[Tue Oct 13 22:06:32 2015] <pumita> Could you explain it? I'm trying it through inversion in H, and I'm about three cases to finish it :P
[Tue Oct 13 22:08:10 2015] <pumita> here it is: http://lpaste.net/142964
[Tue Oct 13 22:08:56 2015] <pumita> I guess the proof is getting a bit long...
[Tue Oct 13 22:11:35 2015] <jrw> pumita: sorry I can't look at it right now :\ I might be able to take a look later
[Tue Oct 13 22:11:57 2015] <pumita> jrw no problem at all ! :)
[Tue Oct 13 22:12:01 2015] <pumita> thanks!
[Tue Oct 13 22:42:46 2015] <jrw> pumita: okay looked at it briefly, I think this approach will not work. you haven't even finished the first top-level subgoal yet.
[Tue Oct 13 22:53:16 2015] <pumita> jrw okay, what would  you suggest me then?
[Tue Oct 13 22:53:30 2015] <jrw> I would prove that evaluation is deterministic.
[Tue Oct 13 22:53:38 2015] <jrw> your result follows from that.
[Tue Oct 13 22:54:09 2015] <pumita> I think I don't get how to prove determinism there :/
[Wed Oct 14 03:55:36 2015] <aochagavia> I have `f h :: map f t`, how can I fold that into `map f (h :: t)`? I am trying (fold map) but it doesn't work.
[Wed Oct 14 04:00:11 2015] <jrw> aochagavia: you will likely have to do it explicitly. something like [change (f h :: map f t) with (map f (h :: t)).]
[Wed Oct 14 04:01:26 2015] <aochagavia> is change a tactic?
[Wed Oct 14 04:01:54 2015] <aochagavia> hmmm I see it in the docs
[Wed Oct 14 04:01:56 2015] <aochagavia> thanks!
[Wed Oct 14 04:14:12 2015] <jrw> aochagavia: change is like replace except that it requires the equality to be provable by reflexivity
[Wed Oct 14 04:20:09 2015] <aochagavia> nice
[Wed Oct 14 05:06:15 2015] <QF-MichaelK> jrw: O
[Wed Oct 14 05:06:30 2015] <QF-MichaelK> I'm thinking of coq + some visual language, particularly scratch
[Wed Oct 14 05:07:27 2015] <QF-MichaelK> So that people can learn without as much for syntax issues
[Wed Oct 14 10:13:19 2015] <schoppenhauer> is there any recommended way of doing file-i/o with coq? so far I always used lazy lists, and wrote the glue in the extracted language (haskell mostly)
[Wed Oct 14 10:29:07 2015] <rmk0> schoppenhauer: i think most axiomatize an i/o monad and then write the instance in ocaml. think lazy i/o tends to be frowned upon because it makes an effectful computation look pure
[Wed Oct 14 10:29:57 2015] <schoppenhauer> rmk0: well, I write something that reads stdin and writes to stdout. I wouldn't call that "effectful".
[Wed Oct 14 10:30:39 2015] <schoppenhauer> rmk0: it explicitly processes a stream.
[Wed Oct 14 10:31:14 2015] <rmk0> i think we could debate this all day
[Wed Oct 14 10:31:38 2015] <schoppenhauer> ok. hm. but IO monad sounds complicated.
[Wed Oct 14 10:37:26 2015] <schoppenhauer> rmk0: the problem is, I need *some* possibility to reason about the output, which is streamed. when writing a lazy list, I can directly reason about that lazy list. all things about IO monads I found so far make this kind of reasoning extremely hard.
[Wed Oct 14 10:38:01 2015] <rmk0> http://coq.io/getting_started.html
[Wed Oct 14 10:38:18 2015] <rmk0> that seems to have appeared recently... it's basically an i/o monad
[Wed Oct 14 10:40:53 2015] <pumita> Hello! how do I define mutually recursive inductive types?
[Wed Oct 14 10:40:55 2015] <companion_cube> this looks nice
[Wed Oct 14 10:42:00 2015] <Cypi> pumita : [Inductive foo := C : bar -> foo with bar := D : foo -> bar.] for instance.
[Wed Oct 14 10:42:23 2015] <Cypi> (those types are empty, but that's just an example)
[Wed Oct 14 10:42:40 2015] <pumita> Cypi thanks, I had forgotten with :)
[Wed Oct 14 10:46:10 2015] <companion_cube> this IO system looks great
[Wed Oct 14 10:51:25 2015] <schoppenhauer> companion_cube, rmk0: I wonder ... there is only one function to read from a file. and it reads the whole file into a string.
[Wed Oct 14 10:51:51 2015] <schoppenhauer> as far as I can tell (because the code is scattered)
[Wed Oct 14 10:52:28 2015] <companion_cube> https://coq-io.github.io/doc/system/2.3.0/Io.System.System.html indeed
[Wed Oct 14 10:52:36 2015] <schoppenhauer> this is *definitely* worse than doing it lazily.
[Wed Oct 14 10:52:42 2015] <schoppenhauer> when you want to be able to stream.
[Wed Oct 14 10:52:44 2015] <companion_cube> but it shouldn't be too hard to add bindings to Lwt
[Wed Oct 14 10:52:50 2015] <companion_cube> I mean bindings to more Lwt functions
[Wed Oct 14 10:53:13 2015] <schoppenhauer> yes, but then you again have the problem: you cannot talk about the contend of the file.
[Wed Oct 14 10:53:19 2015] <schoppenhauer> and the content of the output file.
[Wed Oct 14 10:53:41 2015] <schoppenhauer> because it is not "there" before you finished your computation.
[Wed Oct 14 10:54:12 2015] <companion_cube> I suppose the haskell community has interesting things for pure IO
[Wed Oct 14 10:54:28 2015] <companion_cube> iteratees, etc. might make it possible to reason in a pure way about streams of data
[Wed Oct 14 10:55:23 2015] <rmk0> i think because lazy i/o looks pure, you are not reasoning about what you think you're reasoning about
[Wed Oct 14 10:55:38 2015] <rmk0> oleg is colourful on the subject: http://okmij.org/ftp/Haskell/#lazyIO-not-True
[Wed Oct 14 10:55:49 2015] <companion_cube> I wasn't thinking about lazy IO
[Wed Oct 14 10:55:54 2015] <companion_cube> but iteratees
[Wed Oct 14 10:56:05 2015] <rmk0> yeah, iteratees were oleg's solution to the problem!
[Wed Oct 14 10:57:50 2015] <rmk0> http://okmij.org/ftp/Streams.html#iteratee
[Wed Oct 14 11:04:23 2015] <aochagavia> In a proof, I have `a = b`. How can I rewrite that into `f a = f b`?
[Wed Oct 14 11:05:48 2015] <aochagavia> I found information about f_equal, but I am not sure about how to use it here
[Wed Oct 14 11:06:31 2015] <Cypi> If you haveIf you have the hypothesis [H : a = b], then you can do [apply (f_equal f) in H]
[Wed Oct 14 11:06:42 2015] <Cypi> it will replace it with [H : f a = f b]
[Wed Oct 14 11:07:25 2015] <schoppenhauer> well, it would be nice to have uniqueness types :\
[Wed Oct 14 11:08:35 2015] <pumita> interesting
[Wed Oct 14 11:09:16 2015] <aochagavia> awesome, thanks!
[Wed Oct 14 11:18:35 2015] <schoppenhauer> rmk0: hm. before I try to understand them entierly … do you think it is easier to formalize iteratees in coq, than IO monads?
[Wed Oct 14 11:19:31 2015] <rmk0> i think doing a basic i/o monad is easier, but how you do it probably has a bearing on how much you can reason about it
[Wed Oct 14 11:20:06 2015] <schoppenhauer> well, in the end, it is really just an algorithm that reads stdin and writes stdout.
[Wed Oct 14 11:20:36 2015] <schoppenhauer> in "further work" I want to re-implement it with VST anyway.
[Wed Oct 14 11:21:19 2015] <schoppenhauer> and I have a property "the input list ... corresponds to the output list ..."
[Wed Oct 14 11:25:23 2015] <schoppenhauer> Not sure whether one can reason about the content of a file on the whole.
[Wed Oct 14 11:26:04 2015] <schoppenhauer> My experience sais that it is... Hard in any case.
[Wed Oct 14 12:51:46 2015] <jrw> pumita: btw, I looked at your eval thing again, see http://lpaste.net/142995
[Wed Oct 14 14:21:56 2015] <schoppenhauer> if I say "exists x, ...", then this x will not be computational, right? that is, in extracted code, it will not be calculated?
[Wed Oct 14 14:44:43 2015] <Cypi> schoppenhauer : yup, that will be erased completely
[Wed Oct 14 14:47:41 2015] <schoppenhauer> ++ thx
[Wed Oct 14 16:13:41 2015] <benzrf> is there anything decent in the stdlib for reasoning about lists
[Wed Oct 14 16:13:55 2015] <benzrf> including things like how folds distribute over ++
[Wed Oct 14 16:56:18 2015] <benzrf> and for example that 'sorted under this total order' is a unique property
[Wed Oct 14 16:56:27 2015] <benzrf> more pressingly does omega work on rationals
[Wed Oct 14 19:55:25 2015] <jrw> benzrf: you probably want the [field] tactic
[Wed Oct 14 19:56:25 2015] <benzrf> asf
[Fri Oct 16 17:27:12 2015] <sanooj> next time someone tries to learn ssr and mathcomp you point them at https://hal.inria.fr/hal-00825074/. you point them at that and tell them they just dodged a bullet.
[Fri Oct 16 17:43:04 2015] <benzrf> sanooj: how does this show that theyre bad?
[Fri Oct 16 17:43:27 2015] <benzrf> also unrelated question: how long have proof assistants been around for?
[Fri Oct 16 17:45:16 2015] <johnw> benzrf: ever since that guy who used to go fetch wine for Euclid
[Fri Oct 16 17:45:22 2015] <benzrf> ha
[Fri Oct 16 17:45:27 2015] <companion_cube> https://en.wikipedia.org/wiki/Logic_for_Computable_Functions
[Fri Oct 16 17:45:28 2015] <benzrf> srsly tho
[Fri Oct 16 17:45:42 2015] <companion_cube> at least 1972
[Fri Oct 16 17:45:44 2015] <benzrf> grah
[Fri Oct 16 17:45:55 2015] <companion_cube> but I think there was one earlier,by De Bruijn ("automath"?)
[Fri Oct 16 17:46:06 2015] <benzrf> i was thinking about the sad state of computer proving in general
[Fri Oct 16 17:46:53 2015] <benzrf> and hoping that the problems are eventually tractable & the current clunkiness is just a matter of immaturity of the field
[Fri Oct 16 17:46:55 2015] <benzrf> :I
[Fri Oct 16 17:47:15 2015] <companion_cube> well it's a small area of research, and it's very difficult
[Fri Oct 16 17:47:21 2015] <benzrf> ;-;
[Fri Oct 16 17:47:34 2015] <benzrf> benzrf's wishlist:
[Fri Oct 16 17:48:31 2015] <sanooj> benzrf: ssr and mathcomp are very difficult to get into based on just reading the source.
[Fri Oct 16 17:50:04 2015] <benzrf> - get a hundred billion dollars to pour into setting up a collaborative long term research organization involving mathematicians and computer scientists and linguists and stuff to FUCKING FIGURE OUT how it is that humans are able to intuitively reason about mathematical objects so that we can build something nonshit out of it
[Fri Oct 16 17:50:08 2015] <benzrf> * dreams
[Fri Oct 16 17:50:30 2015] <sanooj> there are lots of papers about individual components, tutorials and manuals of course, but this was the first that gives an appropriate birds eye view.
[Fri Oct 16 17:50:34 2015] <johnw> benzrf: this kind of exists already
[Fri Oct 16 17:50:44 2015] <johnw> sanooj: thanks for that link
[Fri Oct 16 17:50:48 2015] <benzrf> johnw: yeah?
[Fri Oct 16 17:51:14 2015] <johnw> academia + DARPA + INRIA + NICTA + etc.
[Fri Oct 16 17:51:32 2015] <benzrf> those arent hundred billion dollar projects t h o
[Fri Oct 16 17:51:47 2015] <johnw> over time they are
[Fri Oct 16 17:52:15 2015] <benzrf> wot about involvement of ppl versed in How Humans Think as opposed to just ppl versed in the practice of thinking
[Fri Oct 16 17:52:49 2015] <companion_cube> benzrf: would your dream tool check proofs rigorously?
[Fri Oct 16 17:53:11 2015] <benzrf> yes
[Fri Oct 16 17:53:15 2015] <benzrf> sorry i may have been unclear
[Fri Oct 16 17:53:31 2015] <sanooj> I feel like a lot of the coq proofs I've seen, and ssr in particular, could do more to be understandable by humans as well as puters.
[Fri Oct 16 17:53:52 2015] <companion_cube> because the usual mathematician-level proof doesn't specify the details that are required for checking
[Fri Oct 16 17:53:57 2015] <johnw> I think some humans could do more to be understandable by humans
[Fri Oct 16 17:54:10 2015] <companion_cube> so either your tool would infer the missing steps, or it couldn't check properly proofs
[Fri Oct 16 17:54:10 2015] <benzrf> i meant, in particular, an interface-to-a-formal-system like in coq, but with a really fucking well designed interface that matches how human thought works much better
[Fri Oct 16 17:54:31 2015] <companion_cube> yeah, some money could be well used improving the UI of coq
[Fri Oct 16 17:54:32 2015] <benzrf> obviously many many proofs in textbooks are still insufficiently rigorous for any kind of non-sentient program, but
[Fri Oct 16 17:54:52 2015] <sanooj> I read a lot of code. a lot of shit code, some really nice code, and then I met interactive proofs.
[Fri Oct 16 17:54:53 2015] <benzrf> there are a lot of non-reducing-to-hard-ai problems like heuristic search for lemmas that plug gaps
[Fri Oct 16 17:55:44 2015] <benzrf> and finding formal abstractions that are higher level than the existing ones
[Fri Oct 16 17:56:06 2015] <benzrf> like, the way humans think about something as commonplace as /lists/, is clearly much much much much much higher level than anything ive seen in coq
[Fri Oct 16 17:56:50 2015] <benzrf> you can say something like "procedure X will reduce the incidences of subsequence Y by at least 1 and wont introduce any, so a finite number of iterations will remove all instances of Y"
[Fri Oct 16 17:57:01 2015] <benzrf> this is not something that is anywhere near easy to say in coq
[Fri Oct 16 17:57:18 2015] <benzrf> but i think its entirely possible to find formal abstractions that make it almost as easy
[Fri Oct 16 17:57:22 2015] <benzrf> g2g, bbl
[Fri Oct 16 19:35:36 2015] <sanooj> johnw: also, the quotients in mathcomp are apparently based on this: http://perso.crans.org/cohen/papers/quotients.pdf
[Sat Oct 17 02:53:14 2015] <mbrcknl> Something that puzzles me about well-founded induction, as defined in the standard library...
[Sat Oct 17 02:53:14 2015] <mbrcknl> The accessibility relation Acc is defined in Prop, yet Coq generates Acc_rect, and Acc_rect appears to perform elimination from Acc (in Prop) to (P x) which is in Type. I thought that was not allowed.
[Sat Oct 17 02:53:14 2015] <mbrcknl> Usually, when I define an Inductive Foo (...params...) : (...indicies...) -> Prop := ..., I only get Foo_ind, and if I try to define Foo_rect, I get the "incorrect elimination" error. That's what I would have expected for Acc.
[Sat Oct 17 02:53:14 2015] <mbrcknl> What am I missing about the restriction on elimination from Prop to Set/Type?
[Sat Oct 17 02:54:38 2015] <mbrcknl> https://github.com/coq/coq/blob/trunk/theories/Init/Wf.v#L51
[Sat Oct 17 04:42:43 2015] <sanooj> mbrcknl: RecTutorial.pdf says of _rect in a footnote that "whenever possible, Coq generates the weaker principle I_rect, then derives from it the weaker principles I_ind and I_rec."
[Sat Oct 17 04:45:14 2015] <sanooj> what does the comment about Acc_rect being generated because it is a singleton type actually mean?
[Sat Oct 17 04:47:14 2015] <Cypi> If there is only one constructor, you can still derive an elimination principle in Type
[Sat Oct 17 04:51:36 2015] <sanooj> I honestly don't mean to regress back to 5yo, "but why?" :-D
[Sat Oct 17 04:53:28 2015] <Cypi> I would have added a reason if I were sure I know it ^^' . But my guess would be: if there is only one constructor, then you don't need to perform an actual elimination to know the shape of your term, since it can only be an application of that constructor.
[Sat Oct 17 04:53:33 2015] <Cypi> Something along those lines
[Sat Oct 17 04:54:21 2015] <sanooj> fair enough.
[Sat Oct 17 04:56:45 2015] <Cypi> Ah. There are additionnal restrictions actually.
[Sat Oct 17 04:56:57 2015] <Cypi> Every argument of the constructor needs to be in Prop, apparently
[Sat Oct 17 05:00:03 2015] <sanooj> where is this in the code?
[Sat Oct 17 05:01:18 2015] <sanooj> or rather, where did you get that from?
[Sat Oct 17 05:01:59 2015] <Cypi> There is a comment about in https://github.com/coq/coq/blob/trunk/kernel/indtypes.ml#L660
[Sat Oct 17 05:02:06 2015] <Cypi> but I got that from trying myself ^^'
[Sat Oct 17 05:03:04 2015] <Cypi> If you define [Inductive I : Prop := C : True -> I.], then every sort of elimination is allowed, but not with [Inductive I : Prop := C : nat -> I.]
[Sat Oct 17 05:04:09 2015] <sanooj> I'm going to have to eventually learn me some more type theory.
[Sat Oct 17 05:05:32 2015] <sanooj> I guess the reason why the rooster and butterfly paper I linked to before felt so good was that it was in familiar language again.  most of the time it seems like I'm going ass backwards up a tree. :)
[Sat Oct 17 05:07:17 2015] <sanooj> granted, I'm only doing this on random nights when I have time, but still it's taking months and months.
[Sat Oct 17 06:54:33 2015] <mbrcknl> Cypi sanooj: Thanks for your comments. This makes a little more sense now!
[Sun Oct 18 08:32:08 2015] <notdan> How do I temporarily move to a next subgoal?
[Sun Oct 18 08:33:26 2015] <sanooj> Focus <num>. https://coq.inria.fr/distrib/current/refman/Reference-Manual009.html#hevea_command208
[Sun Oct 18 09:08:02 2015] <notdan> Thanks!
[Sun Oct 18 14:39:38 2015] <sanooj> hey, what's https://github.com/math-comp/math-comp ?
[Sun Oct 18 14:41:42 2015] <sanooj> the source directory structure is different from the mathcomp-1.5 I have, and it also includes ssr and feit thompson.  my mathcomp-1.5 is for 8.4 from http://ssr.msr-inria.inria.fr/
[Sun Oct 18 15:32:49 2015] <sanooj> ah right, that's cyril cohen's repo.
[Sun Oct 18 15:34:49 2015] <sanooj> or enrico tassi's.
[Sun Oct 18 16:19:12 2015] <sanooj> why are d and r implicit arguments in mathcomp-1.5/theories/div.v:edivn_eq?
[Sun Oct 18 19:11:40 2015] <Guest56753> Do minor version updates to Coq break all existing proofs? Both the Feit-Thompson and four color theorems are failing to verify in Coq 8.4pl5; anyone had any luck with these?
[Sun Oct 18 19:13:24 2015] <sanooj> haven't been around that long, but breakage seems to be common.
[Sun Oct 18 19:20:33 2015] <sunnymilk> maybe theyre not true theorems anymore, havr you ever considered that
[Sun Oct 18 19:43:55 2015] <benzrf> nice
[Mon Oct 19 19:34:05 2015] <benzrf> someone remind me
[Mon Oct 19 19:34:13 2015] <benzrf> oh, wait
[Mon Oct 19 19:34:17 2015] <benzrf> .v is for 'vernacular', right?
[Tue Oct 20 09:34:49 2015] <benzrf> if i have a goal of C x = C y, how can i shift the goal to x = y?
[Tue Oct 20 09:36:07 2015] <gallais_> you can use f_equal
[Tue Oct 20 09:36:27 2015] <benzrf> ahh nice
[Tue Oct 20 09:36:30 2015] <benzrf> thanks :)
[Tue Oct 20 18:25:47 2015] <benzrf> is there a way to get less computation done when i destruct
[Tue Oct 20 18:25:58 2015] <benzrf> one of the cases has a term that's simplified a bit too far :x
[Tue Oct 20 18:28:35 2015] <jgross> Try case?  Try simple destruct?  Try writing your own term by hand, e.g., [refine (match ... with ... end).]? 
[Tue Oct 20 18:29:43 2015] <benzrf> simple destruct?
[Wed Oct 21 15:54:35 2015] <sunnymilk> hi #coq
[Wed Oct 21 15:55:10 2015] <sunnymilk> i heard that you can define functions that dont pass the coq termination checker, and then prove their totality as a standalone theorem
[Wed Oct 21 15:55:17 2015] <sunnymilk> or something to that effect anyway
[Wed Oct 21 15:55:23 2015] <sunnymilk> does anyone have any information on how to do this?
[Wed Oct 21 16:00:01 2015] <johnw> sunnymilk: sure
[Wed Oct 21 16:00:24 2015] <johnw> sunnymilk: if you use Program Fixpoint, and supply a measure, you'll be required to prove the decreasing nature of the measure before the function is defined.
[Wed Oct 21 16:00:58 2015] <sunnymilk> i see!
[Wed Oct 21 16:00:59 2015] <johnw> another approach is to use a local fixpoint (let fix) that receives an argument of type Acc, and then prove the Accessibility of decreasing arguments
[Wed Oct 21 16:01:20 2015] <johnw> I use the measure approach quite frequently
[Wed Oct 21 16:01:21 2015] <sunnymilk> is there some example code somewhere with either or both of those approaches?
[Wed Oct 21 16:01:28 2015] <johnw> of the former, I have one
[Wed Oct 21 16:01:39 2015] <johnw> for the latter, check Chilpala's book, one sec
[Wed Oct 21 16:01:46 2015] <johnw> http://adam.chlipala.net/cpdt/html/GeneralRec.html
[Wed Oct 21 16:02:39 2015] <johnw> here's the former: https://gist.github.com/a3fc227679ab02f82293
[Wed Oct 21 16:03:00 2015] <johnw> i'm proving that grouping subsets from a list will eventually consider all elements of the list and terminate
[Wed Oct 21 16:03:01 2015] <sunnymilk> thank you very much!!!!
[Wed Oct 21 16:16:08 2015] <KaneTW> i was wonder if you could do that in coq
[Wed Oct 21 16:16:10 2015] <KaneTW> nice
[Fri Oct 23 06:22:52 2015] <sunnymilk> how do i use integers in coq
[Fri Oct 23 06:23:13 2015] <sunnymilk> like, is there a library i can import, where i iwll get a Z type and have +, -, etc be integer operations?
[Fri Oct 23 06:23:55 2015] <sunnymilk> theres ZArith but it doesnt give you nice infix notations
[Fri Oct 23 06:32:55 2015] <RegEchse> sunnymilk: Require ZArith and open the scope Z_scope.  See here https://coq.inria.fr/refman/Reference-Manual005.html (search for Z_scope).
[Fri Oct 23 06:33:45 2015] <RegEchse> also you can do "Print Visibility" in coqtop (after opening Z_scope) to see exactly which notations are provided ...
[Fri Oct 23 06:34:08 2015] <RegEchse> (i gotta go, good luck)
[Fri Oct 23 07:04:26 2015] <sunnymilk> ah!
[Fri Oct 23 07:04:40 2015] <sunnymilk> thank you mysterious and flighty stranger
[Fri Oct 23 07:12:31 2015] <sunnymilk> hm i get an error, Error: Scope Z_Scope is not declared.
[Fri Oct 23 10:53:16 2015] <irishsultan> sunnymilk: did you specify "Require Import ZArith."? because that's the form used in the reference manual
[Fri Oct 23 10:54:54 2015] <sunnymilk> yeah, its Z_scope not Z_Scope
[Fri Oct 23 10:55:06 2015] <sunnymilk> that was my problem
[Sat Oct 24 18:04:36 2015] <osa1> is Scott semantics same thing as denotational semantics?
[Sat Oct 24 19:26:34 2015] <pumita> Hi, I have the hypothesis: x = y -> False
[Sat Oct 24 19:26:54 2015] <pumita> how can I apply symmetry inside that hypothesis, to obtain: y = x -> False
[Sat Oct 24 19:26:54 2015] <pumita> ?
[Sat Oct 24 19:28:11 2015] <Cypi> You could do something like [assert (y = x -> False) by (intro; apply H; symmetry; assumption).], if you have [H : x = y -> False]
[Sat Oct 24 19:28:22 2015] <Cypi> I can't think of a more direct way right now
[Sat Oct 24 19:28:57 2015] <pumita> Cypi thanks! yeah, I was thinking in a more direct way :)
[Sat Oct 24 19:35:54 2015] <lolisa> I'd say you can replace intro;apply... chain by congruence... Or just write a helper lemma
[Sat Oct 24 19:42:32 2015] <pumita> lolisa thanks :)
[Sun Oct 25 04:15:08 2015] <chattered> Hey all. Is it right that primitive recursion in Coq would be a sufficient recursion scheme. It's just inefficient?
[Sun Oct 25 16:27:07 2015] <jrw> chattered: I'm not sure what you mean? the only kind of recursion in coq is structural recursion on some inductive datatype. for the natural numbers, this corresponds roughly with the classical notion of primitive recursion, except that in a higher-order language like coq, you can actually write many more functions than are classically primitive recursive. for example, you can write the ackermann function in coq
[Sun Oct 25 16:27:09 2015] <jrw> but it's not primitive recursive in the classical sense.
[Sun Oct 25 16:42:44 2015] <chattered> jrw: For Ackermann, don't you have to find an appropritae well founded relation?
[Sun Oct 25 16:43:07 2015] <chattered> You can't just do it naively as you would in Ocaml.
[Sun Oct 25 18:13:59 2015] <pumita> Hi, I need some help with this proof: http://lpaste.net/143905
[Sun Oct 25 18:14:58 2015] <pumita> I haven't understood well how to work in Coq with specifications and program extractions, is there a well article where I can read from? thanks
[Sun Oct 25 18:38:43 2015] <pumita> I could prove it :)
[Tue Oct 27 12:43:51 2015] <gwm_> can I get some help with a basic proof?
[Tue Oct 27 12:48:21 2015] <johnw> sure
[Tue Oct 27 12:50:49 2015] <gwm_> Lemma test : (forall x:A, exists y : B, R x y) -> exists y : B, forall x : A, R x y.
[Tue Oct 27 12:51:08 2015] <gwm_> @johnw, thanks it's mainly the relation at the end (R x y) I don't understand how to go about.
[Tue Oct 27 12:51:48 2015] <johnw> I believe "auto" would solve that
[Tue Oct 27 12:52:02 2015] <johnw> since your goal matches the arguments
[Tue Oct 27 12:52:04 2015] <gwm_> have to go about it manually :p
[Tue Oct 27 12:52:18 2015] <johnw> what is "R x y" named in your context?  H?
[Tue Oct 27 12:52:48 2015] <gwm_> R is a A->B->Prop
[Tue Oct 27 12:53:01 2015] <johnw> I mean, you should have something in your context of type "R x y"
[Tue Oct 27 12:53:02 2015] <gwm_> but yeah the first thing I\ve put is intro H
[Tue Oct 27 12:53:10 2015] <johnw> so, it would be: exact (H x y).
[Tue Oct 27 12:53:54 2015] <gwm_> sorry, when you refer to context are you talking inside the lemma
[Tue Oct 27 12:54:03 2015] <gwm_> or where the variables are defined
[Tue Oct 27 12:54:17 2015] <johnw> everything "above the line"
[Tue Oct 27 12:54:37 2015] <gwm_> oh right
[Tue Oct 27 12:54:58 2015] <gwm_> okay
[Tue Oct 27 12:55:06 2015] <gwm_> so I need to destruct the statement to get R x y on it's own
[Tue Oct 27 12:55:34 2015] <johnw> in your context right now there's a function
[Tue Oct 27 12:55:44 2015] <johnw> you just need to call that function to produce the evidence that will satisfy your goal
[Tue Oct 27 12:56:14 2015] <gwm_> there's nothing in my context yet
[Tue Oct 27 12:56:19 2015] <gwm_> besides the variables
[Tue Oct 27 12:56:27 2015] <johnw> theres' a function too
[Tue Oct 27 12:56:34 2015] <johnw> H :  forall x:A, exists y : B, R x y
[Tue Oct 27 12:56:46 2015] <gwm_> okay yeah
[Tue Oct 27 12:57:21 2015] <gwm_> but I can't just apply it straight away
[Tue Oct 27 12:57:29 2015] <johnw> you should, if you supply its argument
[Tue Oct 27 12:57:32 2015] <johnw> apply (H x y).
[Tue Oct 27 12:57:59 2015] <gwm_> reference y not found
[Tue Oct 27 12:58:05 2015] <gwm_> i think i have to go about it manually
[Tue Oct 27 12:58:09 2015] <gwm_> i've never seen that sort of thing
[Tue Oct 27 12:58:18 2015] <johnw> can you use pasting service and show me your entire context and goal?
[Tue Oct 27 12:58:22 2015] <gwm_> okay
[Tue Oct 27 12:58:26 2015] <johnw> I may just have the names wrong
[Tue Oct 27 12:59:14 2015] <gwm_> http://mathb.in/45415
[Tue Oct 27 12:59:19 2015] <gwm_> sorry i've probably being really unclear
[Tue Oct 27 12:59:42 2015] <gwm_> only been learning coq/proofs for like a week so they want us to use stuff like destruct etc
[Tue Oct 27 12:59:42 2015] <johnw> ah, that's not what I meant
[Tue Oct 27 12:59:48 2015] <gwm_> oh
[Tue Oct 27 12:59:49 2015] <gwm_> context
[Tue Oct 27 12:59:50 2015] <gwm_> my bad
[Tue Oct 27 12:59:54 2015] <johnw> I wanted to see what your CoqIDE or Emacs is showing you as your current context, yeah
[Tue Oct 27 13:00:11 2015] <gwm_> http://mathb.in/45416
[Tue Oct 27 13:00:14 2015] <gwm_> like that?
[Tue Oct 27 13:00:21 2015] <johnw> yeah, exactly
[Tue Oct 27 13:01:01 2015] <johnw> so, you need to prove something of type "B"
[Tue Oct 27 13:01:04 2015] <johnw> provide*
[Tue Oct 27 13:01:14 2015] <johnw> but you don't have anything of type B
[Tue Oct 27 13:01:28 2015] <johnw> let me try this here
[Tue Oct 27 13:01:31 2015] <gwm_> okay
[Tue Oct 27 13:05:02 2015] <johnw> this is how the homework assignment is written?
[Tue Oct 27 13:05:38 2015] <johnw> I don't see a way to unify the two existentials
[Tue Oct 27 13:05:41 2015] <gwm_> yeah, just says proove it either intuitionally or classically
[Tue Oct 27 13:05:45 2015] <gwm_> unless its unproovable
[Tue Oct 27 13:05:56 2015] <noze> hmmmmmmm
[Tue Oct 27 13:06:03 2015] <gwm_> brb
[Tue Oct 27 13:06:36 2015] <def`> maybe the converse is provable
[Tue Oct 27 13:13:23 2015] <Cypi> The converse is certainly provable. This however does not look provable, even classically.
[Tue Oct 27 13:18:13 2015] <sunnymilk> if you take R to be x = 2 * y, then H is true but the goal is false
[Tue Oct 27 13:19:39 2015] <sunnymilk> ergo it cannot be true for all R
[Tue Oct 27 13:22:32 2015] <benzrf> if my goal is 'c a = c b', how do i leverage injectivity of constructors to get a goal of 'a = b'
[Tue Oct 27 13:22:56 2015] <vanila> inversion can do it, or f_equal with a function that strips off c
[Tue Oct 27 13:23:17 2015] <benzrf> no, inversion operates on hypotheses
[Tue Oct 27 13:24:45 2015] <vanila> just use f_equal with c then, that doesn't use injectivity
[Tue Oct 27 13:24:55 2015] <benzrf> ohhh right
[Tue Oct 27 14:49:36 2015] <sunnymilk> is there a way to define notation along with a typeclass
[Tue Oct 27 14:50:22 2015] <sunnymilk> something like, Class ... { } where "a + b" := (add a b) (at level 75, right associativity).
[Tue Oct 27 14:50:37 2015] <sunnymilk> (that obviously does not work)
[Tue Oct 27 20:21:28 2015] <benzrf> is there a way to do a reduction such that whenever a given term appears in the process of reducing it gets rewritten by a supplied equality
[Tue Oct 27 20:29:49 2015] <johnw> replace X with Y should replace X wherever it occurs, if they are equal...
[Tue Oct 27 20:30:04 2015] <johnw> so long as it's not under a binder, which requires setoid rewriting
[Tue Oct 27 20:31:59 2015] <benzrf> no, see
[Tue Oct 27 20:32:14 2015] <benzrf> i have an expression that is not expanded and unfolded as much as it could  be
[Tue Oct 27 20:32:24 2015] <benzrf> in it current form, it does not contain the lhs of my equality
[Tue Oct 27 20:32:31 2015] <benzrf> once fully simpl'd, it wont
[Tue Oct 27 20:32:36 2015] <benzrf> *in an intermediate step*, it will
[Tue Oct 27 20:32:48 2015] <johnw> oh, I see what you mean
[Tue Oct 27 20:32:52 2015] <johnw> you want it to try at every step
[Tue Oct 27 20:32:54 2015] <benzrf> yeah
[Tue Oct 27 20:32:56 2015] <benzrf> :|
[Tue Oct 27 20:33:34 2015] <johnw> I'm not sure how to do that; you may want to ask on the list
[Tue Oct 27 20:39:25 2015] <benzrf> :(
[Tue Oct 27 23:28:24 2015] <zv> list /whois cale
[Tue Oct 27 23:28:31 2015] <zv> err
[Tue Oct 27 23:28:31 2015] <Cale> hi
[Tue Oct 27 23:28:41 2015] <zv> I was just interested in what channels you were in
[Tue Oct 27 23:28:48 2015] <zv> I am looking for a channel on SAT solvers
[Tue Oct 27 23:28:50 2015] <Cale> uhh, I'm in a lot of channels :)
[Tue Oct 27 23:28:55 2015] <zv> and I figured I would just whois you
[Tue Oct 27 23:29:00 2015] <Cale> But nothing on SAT solvers in particular
[Tue Oct 27 23:29:03 2015] <zv> but I had a list in front :(
[Tue Oct 27 23:29:12 2015] <Cale> You could ask in #haskell-blah or something
[Tue Oct 27 23:29:27 2015] <zv> hmm, i will do that
[Tue Oct 27 23:29:33 2015] <zv> while you are around though....
[Tue Oct 27 23:29:47 2015] <zv> I have a coq question that I have never thought anyone would answer
[Tue Oct 27 23:29:47 2015] <Cale> I don't actually know much about SAT solvers
[Tue Oct 27 23:30:07 2015] <zv> Fully SAT-unrelated :)
[Tue Oct 27 23:30:21 2015] <Cale> Oh, what's the Coq question? I'm a bit of a noob in Coq as well, but I find it pretty intuitive most of the time
[Tue Oct 27 23:30:42 2015] <Cale> (I didn't so much learn Coq as realise that I already knew how to program in it :P)
[Tue Oct 27 23:31:22 2015] <zv> haha
[Tue Oct 27 23:31:38 2015] <zv> Do you have experience in type or computing theory?
[Tue Oct 27 23:32:09 2015] <Cale> Yeah, I've been programming in Haskell since 2001, often professionally
[Tue Oct 27 23:32:18 2015] <Cale> and I have a degree in pure mathematics
[Tue Oct 27 23:32:29 2015] <Cale> and so I've studied type theory in my free time a bunch
[Tue Oct 27 23:33:00 2015] <zv> i see
[Tue Oct 27 23:33:58 2015] <zv> so i'll try to make this as quick as possible
[Tue Oct 27 23:36:29 2015] <zv> what tactic is available in coq to find the roots of a cubic equation expressed in a closed form
[Tue Oct 27 23:36:56 2015] <zv> (sorry if that is vague or inaccurate, I havent yet attended university)
[Tue Oct 27 23:37:11 2015] <zv> so for example fibonacci
[Tue Oct 27 23:37:23 2015] <zv> but I am actually interested in the fibonacci sequence plus one term
[Tue Oct 27 23:37:42 2015] <zv> i.e f(x) = f(x - 3) + f(x - 2) + f(x - 1)
[Tue Oct 27 23:39:54 2015] <Cale> Oh, hmm
[Tue Oct 27 23:40:07 2015] <Cale> I haven't played around with any of the arithmetic solver things
[Tue Oct 27 23:40:33 2015] <Cale> Usually if there's arithmetic to be manipulated, I just end up with messy complicated proofs and live with it :P
[Tue Oct 27 23:40:47 2015] <Cale> But there are some tactics which can do related things...
[Tue Oct 27 23:41:52 2015] <Cale> Omega won't do it because even the square term is a problem
[Tue Oct 27 23:42:54 2015] <zv> haha
[Tue Oct 27 23:43:31 2015] <Cale> (it's a solver for things in Presburger arithmetic)
[Tue Oct 27 23:46:17 2015] <Cale> There's a tactic called 'ring' which might help sometimes
[Tue Oct 27 23:48:00 2015] <Cale> (and/or field)
[Tue Oct 27 23:48:27 2015] <Cale> https://coq.inria.fr/refman/Reference-Manual027.html
[Tue Oct 27 23:48:58 2015] <Cale> So you could probably pose the solution and prove that it's correct using that
[Tue Oct 27 23:53:28 2015] <johnw> zv: if you want to *find* possible solutions, then SAT
[Tue Oct 27 23:54:06 2015] <zv> johnw: I want the closed form
[Tue Oct 27 23:54:21 2015] <johnw> what does that mean? (I'm not a mathematician)
[Tue Oct 27 23:55:50 2015] <zv> i.e, I want to map f(x) = f(x - 1) + f(x - 2) = k / k^2  - k - q
[Tue Oct 27 23:55:57 2015] <zv> or what I *REALLY* want
[Tue Oct 27 23:56:43 2015] <zv> which is to convert lim x->inf Fib_n+1/Fib_n = sqrt(5) + 1 / 2
[Tue Oct 27 23:56:49 2015] <zv> aka phi or the golden ratio
[Wed Oct 28 00:08:45 2015] <johnw> you mean, you want to prove the equality?
[Wed Oct 28 00:11:49 2015] <zv> no, I want to find the explicit value of the limit as a rational expression
[Wed Oct 28 00:14:06 2015] <zv> and then prove the equality :0
[Wed Oct 28 06:23:36 2015] <sanooj> probably zv would've needed to prove a great deal about the theory of linear recurrences. sounds like a pretty big job.
[Wed Oct 28 16:19:34 2015] <benzrf> ok, here's my situation
[Wed Oct 28 16:19:43 2015] <benzrf> (i xy'd about this the other day a bit)
[Wed Oct 28 16:20:23 2015] <benzrf> i have a slightly complicated recursive function that calls out to a few other sorta complicated recursive functions
[Wed Oct 28 16:20:50 2015] <benzrf> i'm trying to prove a thing involving it that involves working with expressions where it's applied to opaque (b/c universally quantified) variables
[Wed Oct 28 16:21:41 2015] <benzrf> thing is, it produces RIDICULOUS MASSIVE terms because it can do half of the complicated recursive expansion but then simplification gets stuck matching on opaque terms
[Wed Oct 28 16:23:27 2015] <benzrf> i have in context an equality or two saying things along the lines of "complex_test opaque_var = 3", which provide enough info to hypothetically end up with a small result term if applied judiciously during reduction
[Wed Oct 28 16:23:33 2015] <benzrf> what do i do?
[Wed Oct 28 16:23:37 2015] <benzrf> alternatively, what am i doing wrong?
[Wed Oct 28 16:26:00 2015] <sanooj> can you add hints to the simplifier?
[Wed Oct 28 16:27:17 2015] <benzrf> i dunno, never learned about any such thing
[Wed Oct 28 16:27:20 2015] <benzrf> link?
[Wed Oct 28 16:35:01 2015] <sanooj> sorry wasn't paying attention. https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#hevea_command233
[Wed Oct 28 16:40:17 2015] <benzrf> sanooj: this is for auto; you said something about simplifier hints?
[Wed Oct 28 17:07:55 2015] <mdmkolbe> Is there a tactic that gets me from "x : T, H: x = c ... |- ..." to "x : T := c ... |- ..."?  (I tried writting one in Ltac but ran into trouble because I couldn't figure out how to do a "rewrite" for all defined constants in the current context.)
[Wed Oct 28 17:10:13 2015] <companion_cube> I wonder if "subst" does something like this?
[Wed Oct 28 17:14:51 2015] <benzrf> mdmkolbe: i'm fairly sure that you're asking for a way to get a definitional equality from a propositional one
[Wed Oct 28 17:16:07 2015] <mdmkolbe> benzrf: yes
[Wed Oct 28 17:20:15 2015] <mdmkolbe> benzrf: ... but googling around for those terms doesn't seem to turn up anything useful
[Wed Oct 28 17:20:43 2015] <mdmkolbe> companion_cube: it looks like subst doesn't know to replace inside a defined constant
[Wed Oct 28 17:20:58 2015] <benzrf> mdmkolbe: you literally can't do that
[Wed Oct 28 17:21:00 2015] <benzrf> sorry :>
[Wed Oct 28 17:21:09 2015] <companion_cube> I was not sure it would work
[Wed Oct 28 17:21:15 2015] <benzrf> for the same reason that you can't define arbitrary recursive functions
[Wed Oct 28 17:21:18 2015] <benzrf> it causes problems with the theory
[Wed Oct 28 17:21:43 2015] <companion_cube> benzrf: what happens if you destruct x=c? don't you get  Refl, that makes x and c the same?
[Wed Oct 28 17:21:53 2015] <benzrf> oh uh
[Wed Oct 28 17:21:59 2015] <benzrf> wait fff im stupid
[Wed Oct 28 17:22:09 2015] <benzrf> you can't get definitional from propositional *in general*, but
[Wed Oct 28 17:22:25 2015] <benzrf> there are subcases that are useful
[Wed Oct 28 17:22:29 2015] <benzrf> so nvm >_<
[Wed Oct 28 17:23:19 2015] <benzrf> um. s/"there are subcases that are useful"/"there are some use cases that you can accomplish anyway"
[Wed Oct 28 17:27:41 2015] <mdmkolbe> Yeah, "set y := c; [rewrite -/y in H]; rewrite H in A B C" does the trick if x is used only in A, B and C.
[Wed Oct 28 17:28:10 2015] <companion_cube> destruct H.  eliminates x (or c), as far as I can tell
[Wed Oct 28 17:28:19 2015] <benzrf> wait a sec
[Wed Oct 28 17:28:31 2015] <benzrf> what is 'rewrite -/y'
[Wed Oct 28 17:29:15 2015] <mdmkolbe> I wrote a tacktic to do this, but I wanted it to figure out "A B C" for me.  so "rewrite H in * |- *" does the rewrite I want except in the locally defined constants
[Wed Oct 28 17:29:37 2015] <mdmkolbe> "rewrite -/y" is ssreflect notation for folding the definition of y
[Wed Oct 28 17:29:52 2015] <benzrf> * see the word 'ssreflect'
[Wed Oct 28 17:30:01 2015] <benzrf> * recoils as would a vampire from the sun
[Wed Oct 28 17:30:07 2015] <benzrf> but more seriously:
[Wed Oct 28 17:30:20 2015] <mdmkolbe> You could just as easily write "fold y in H" instead of "rewrite -/y in H"
[Wed Oct 28 17:30:21 2015] <benzrf> rewrite does replacement in the *type* of a local var
[Wed Oct 28 17:30:27 2015] <benzrf> soz
[Wed Oct 28 17:30:55 2015] <mdmkolbe> ssreflect's rewrite does fold/unfold when a variable is prefixed with "/"
[Wed Oct 28 17:32:27 2015] <johnw> ssreflect's rewrite tactic is a reason on its own to use it
[Wed Oct 28 17:35:25 2015] <benzrf> eh.
[Wed Oct 28 17:35:27 2015] <benzrf> :]
[Thu Oct 29 02:01:30 2015] <sanooj> benzrf: there are rewrite hints also.
[Thu Oct 29 02:01:48 2015] <sanooj> but yeah, not really sure what you were going for. idle thought.
[Thu Oct 29 14:13:22 2015] <sunnymilk> is there a way to reset coq's state from inside coq? ie, have some directive in a file that completely removes anything in scope including implicit/standard library stuff
[Thu Oct 29 14:14:48 2015] <sunnymilk> i tried creating a state with Save/Restore State and -nois but that didnt work
[Thu Oct 29 14:23:50 2015] <benzrf> i dont know what a rewrite hint is, sanooj
[Thu Oct 29 14:23:52 2015] <benzrf> :>
[Thu Oct 29 14:24:17 2015] <johnw> Hint Rewrite foo.
[Thu Oct 29 14:24:29 2015] <johnw> Hint Rewrite foo in bar.  or something with a database name
[Thu Oct 29 14:25:09 2015] <johnw> anyway, check the manual if you want to know
[Thu Oct 29 14:25:19 2015] <johnw> and also Chlipala's book
[Thu Oct 29 18:52:09 2015] <pumita> Hi guys, could anyone help me with this proof? http://lpaste.net/144217
[Thu Oct 29 18:52:12 2015] <pumita> thanks in advance
[Thu Oct 29 18:53:09 2015] <pumita> I don't know how to proceed after the first case
[Thu Oct 29 18:53:23 2015] <pumita> inside the induction on a
[Thu Oct 29 19:22:34 2015] <gallais> how would you prove this statement on paper? Would you really proceed by a simple induction on a or would you require a more powerful principle?
[Thu Oct 29 19:23:09 2015] <pumita> I guess I'd prove it by induction on a
[Thu Oct 29 19:23:21 2015] <gallais> (also, you should use "destruct x" rather than "elim x": with elim you lose the connection between the x in the goal and the one in the assumption y"
[Thu Oct 29 19:23:27 2015] <pumita> and, actually, I'm asked to do it by induction on a
[Thu Oct 29 19:24:07 2015] <pumita> do you know a tactic for working with lets?
[Thu Oct 29 19:24:21 2015] <pumita> because I don't know how to keep going from there
[Thu Oct 29 19:25:26 2015] <gallais> It's going to be hard to prove that "y : a = b * n + n0 /\ n0 < b" implies "S a = b * n + n0 /\ n0 < b"
[Thu Oct 29 19:26:15 2015] <gallais> that's why I was asking what the on paper proof should be: if you have no idea what the actual proof is, it's way harder to build one in coq
[Thu Oct 29 19:27:10 2015] <pumita> thanks
[Thu Oct 29 19:27:28 2015] <pumita> but it can be proven by induction on a
[Thu Oct 29 19:27:42 2015] <pumita> the problem is that, in the second case of the induction
[Thu Oct 29 19:28:06 2015] <pumita> I have to proceed by cases on r
[Thu Oct 29 19:28:20 2015] <gallais> 23:25 < gallais> It's going to be hard to prove that "y : a = b * n + n0 /\ n0 < b" implies "S a = b * n + n0 /\ n0 < b"
[Thu Oct 29 19:28:21 2015] <pumita> and I don't have it in my scope
[Thu Oct 29 19:28:51 2015] <gallais> if you can prove this, then you have found a contradiction in the system. Hence my "it's going to be hard to prove"
[Thu Oct 29 19:30:00 2015] <pumita> gallais: thanks, maybe if you erase the lasts tactics I've written: http://lpaste.net/144217
[Thu Oct 29 19:30:50 2015] <pumita> that's what I want to prove
[Thu Oct 29 20:15:53 2015] <pumita> Is there a way to show this : S m = m + 1 ??
[Thu Oct 29 20:16:48 2015] <pumita> I'm almost there: http://lpaste.net/144217 :)
[Thu Oct 29 20:17:05 2015] <Cypi> You can prove this by induction over m. Also, there should be a lemma in the standard library, just have to find it :)
[Thu Oct 29 20:19:02 2015] <pumita> yes, I don't want to define another lemma, but I've been looking for and I couldn't find one
[Thu Oct 29 20:19:53 2015] <Cypi> There is [Nat.add_1_r: forall n : nat, n + 1 = S n]
[Thu Oct 29 20:20:06 2015] <pumita> oops, I missed that one
[Fri Oct 30 08:24:57 2015] <benzrf> hi
[Fri Oct 30 08:25:23 2015] <benzrf> is there a tactic that will automatically try to rewrite the goal using available assumptions and then reflexivity?
[Fri Oct 30 08:30:00 2015] <Cypi> Not really, but you can write it quite easily: [repeat (match goal with H : _ |- _ => rewrite H end; try reflexivity).]
[Fri Oct 30 08:30:10 2015] <Cypi> (or something along those lines)
[Fri Oct 30 08:51:17 2015] <lolisa> autorewrite isnt exactly the thing you're looking for, but I think you should have a look
[Sat Oct 31 22:37:07 2015] <benzrf> hey jgross im signing up for mit splash should i take your HoTT class
[Sun Nov  1 07:57:37 2015] <sanooj> löb's theorem sounds interesting.
[Sun Nov  1 13:07:11 2015] <companion_cube> http://coq.io/opam/ btw
[Mon Nov  2 14:10:05 2015] <nonloopy> Is it possible to define mutually recursive inductive data types in Coq?
[Mon Nov  2 14:15:53 2015] <sanooj> yes!
[Mon Nov  2 14:23:19 2015] <gwm_> can I get some help with a simple proof with booleans?
[Mon Nov  2 14:23:30 2015] <gwm_> 'Lemma bool : ~(exists x : bool, forall y : bool, x <> y).'
[Mon Nov  2 14:29:25 2015] <jrw> gwm_: well I think the naive approach should work: do case analysis on x and then in each case show that there is a y that contradicts the hypothesis
[Mon Nov  2 14:30:26 2015] <nonloopy> sanooj: any pointers? My googling is just up function recursion.
[Mon Nov  2 14:31:36 2015] <nonloopy> *turning up
[Mon Nov  2 14:32:42 2015] <gwm_> @jrw - i don't understand how to apply false to the subgoal 'true <> y'
[Mon Nov  2 14:32:48 2015] <gwm_> my current proof is: intro h. destruct h. destruct x.
[Mon Nov  2 14:33:45 2015] <jrw> gwm_: you should have a hypothesis [H : forall y, true <> y] and a goal of False
[Mon Nov  2 14:33:47 2015] <ianjneu> nonloopy: Inductive T := ... with M := ... . and fix f0 (args, ...) := ... with f1(args, ...) := ...
[Mon Nov  2 14:34:15 2015] <gwm_> @jrw yeah, my goal is forall y: bool, true <> y
[Mon Nov  2 14:34:29 2015] <gwm_> what's the next step with 2 sub goals False and False
[Mon Nov  2 14:34:39 2015] <gwm_> i mean't my context*
[Mon Nov  2 14:34:45 2015] <gwm_> my goals are false and false
[Mon Nov  2 14:34:56 2015] <jrw> right
[Mon Nov  2 14:35:07 2015] <jrw> so now your hypothesis is a contradiction
[Mon Nov  2 14:35:18 2015] <jrw> because it can't be the case that for all booleans, they are not equal to true
[Mon Nov  2 14:35:26 2015] <jrw> in particular, it is not the case that true is not equal to true
[Mon Nov  2 14:36:12 2015] <gwm_> i see
[Mon Nov  2 14:36:22 2015] <gwm_> @jrw how do i go about prooving this negation then?
[Mon Nov  2 14:36:31 2015] <gwm_> sry very new to proofs and coq in general
[Mon Nov  2 14:37:02 2015] <jrw> gwm_: you could do it a couple ways. one would be [specialize (H true)]
[Mon Nov  2 14:37:13 2015] <gwm_> haven't learn't that syntax
[Mon Nov  2 14:37:19 2015] <gwm_> perhaps assert?
[Mon Nov  2 14:37:23 2015] <jrw> okay
[Mon Nov  2 14:37:41 2015] <jrw> you could [assert (true <> true)]
[Mon Nov  2 14:37:47 2015] <jrw> which is provable by [apply H]
[Mon Nov  2 14:38:03 2015] <nonloopy> ianjneu: thanks!
[Mon Nov  2 14:38:12 2015] <jrw> and then if you apply the new hypothesis from the assert, you can finish with reflexivity
[Mon Nov  2 14:39:19 2015] <gwm_> @jrw ahh perfect.
[Mon Nov  2 14:39:23 2015] <gwm_> thanks for the help :)
[Mon Nov  2 14:42:46 2015] <ianjneu> gwm_: intros [[t|t]]; [specialize (t true)| specialize (t false)]; destruct t; reflexivity.
[Mon Nov  2 14:42:49 2015] <ianjneu> :)
[Mon Nov  2 14:43:28 2015] <gwm_> @ianjneu seems a lot cleaner but I think we're only allowed to use syntax which has been covered, thanks though I'll look into specialise.
[Mon Nov  2 14:47:51 2015] <ianjneu> gwm_: you can also destruct directly: intros [[t|t]]; [destruct (t true)| destruct (t false)]; reflexivity.
[Mon Nov  2 14:50:48 2015] <gwm_> ahh ok
[Mon Nov  2 16:42:18 2015] <sanooj> nonloopy: use Inductive <def1> with <def2> ... with <def3>.
[Mon Nov  2 16:42:51 2015] <sanooj> sorry wasn't paying attention. :|
[Tue Nov  3 21:52:02 2015] <pumita> Hi guys, I need some help with a proof
[Tue Nov  3 21:52:07 2015] <benzrf> pumita: go on...
[Tue Nov  3 21:52:10 2015] <pumita> http://lpaste.net/144549
[Tue Nov  3 21:52:53 2015] <pumita> I don't understand really well how to start proving well founded relations
[Tue Nov  3 21:56:20 2015] <benzrf> oh wow
[Tue Nov  3 21:56:30 2015] <benzrf> i didnt even realize well_founded was in the default imports
[Tue Nov  3 21:56:32 2015] <benzrf> :D
[Tue Nov  3 21:57:12 2015] <pumita> it's just an extract of my full file though :P
[Tue Nov  3 21:57:47 2015] <pumita> any hint?
[Tue Nov  3 21:59:35 2015] <benzrf> sorry, unfamiliar with coq's well_founded stuff
[Tue Nov  3 21:59:38 2015] <benzrf> im looking right now actually
[Tue Nov  3 22:00:14 2015] <Cypi> pumita : it should go quite easily by induction on a
[Tue Nov  3 22:00:40 2015] <pumita> Cypi: yes, I tried that
[Tue Nov  3 22:00:53 2015] <pumita> but I don't know what to do after
[Tue Nov  3 22:01:02 2015] <Cypi> After, there is only one choice: constructor
[Tue Nov  3 22:01:50 2015] <Cypi> Then in one part of the induction, you should get an impossible hypothesis. In the other one, you should have enough hypotheses to complete the proof.
[Tue Nov  3 22:01:55 2015] <pumita> Cypi : it's looking good ... :), let me try that
[Tue Nov  3 22:02:22 2015] <benzrf> what does the ctor tactic do?
[Tue Nov  3 22:02:55 2015] <Cypi> If your goal is an inductive type, it tries to apply each constructor of this type in order
[Tue Nov  3 22:03:15 2015] <benzrf> oh, handy
[Tue Nov  3 22:03:16 2015] <Cypi> It's just a way to not have to remember the name of a constructor :p (also, serves for some automation, of course)
[Tue Nov  3 22:03:51 2015] <Cypi> There is also [econstructor] which does [eapply] instead of just [apply]. Also, you can do [constructor n] to specifically apply the n-th constructor
[Tue Nov  3 22:04:09 2015] <pumita> if anyone wants to see the proof: http://lpaste.net/144549
[Tue Nov  3 22:04:19 2015] <pumita> Cypi : thanks you a lot! :D
[Wed Nov  4 06:43:07 2015] <sanooj> pumita: very short and sweet proof, nice. :)
[Wed Nov  4 06:43:24 2015] <sanooj> and clear.
[Wed Nov  4 10:32:01 2015] <shlevy> Hi all. Am just getting started with coq, is it common to use proofgeneral for all editing?
[Wed Nov  4 11:58:20 2015] <stelleg> so it looks like the Fin.to_nat function only proves that there exists an i less than n, but doesn't give it to you, any idea why?
[Wed Nov  4 12:14:21 2015] <gallais_> stelleg: you get a pair back. proj1_sig will let you project out the nat
[Wed Nov  4 12:15:05 2015] <sanooj> shlevy: yeah, I think so.
[Wed Nov  4 12:15:47 2015] <sanooj> some people like coqide.
[Wed Nov  4 12:16:27 2015] <stelleg> gallais_: ah thanks!
[Wed Nov  4 13:07:17 2015] <stelleg> is there an term equivalent to admit?
[Wed Nov  4 13:07:27 2015] <stelleg> like undefined in haskell?
[Wed Nov  4 13:08:28 2015] <vanila> you can make it with Axiom
[Wed Nov  4 13:23:58 2015] <sunnymilk> you can use _ for placeholders but it must be able to infer its type
[Wed Nov  4 13:32:10 2015] <stelleg> thanks guys
[Wed Nov  4 14:02:06 2015] <jabesed> in common mathematical writing, how do you usually denote dependent functions? using indexed product notation?
[Wed Nov  4 14:02:16 2015] <jabesed> or some adapted coq like form?
[Wed Nov  4 14:02:42 2015] <vanila> big Pi is good
[Wed Nov  4 14:03:26 2015] <vanila> (Πx:X)A(x)
[Wed Nov  4 14:03:34 2015] <jabesed> vanila: do you know if they are used by non computer science mathematicians these days?
[Wed Nov  4 14:05:27 2015] <jabesed> in other words any mathematician will recognise A^X as the space of functions from A to X... but how about (Πx:X)A(x)
[Wed Nov  4 14:06:27 2015] <jabesed> is that something only a few select CS people will get? or is it something plenty of mathematicians will recognise as a dependent function space
[Wed Nov  4 14:06:30 2015] <vanila> just cite something that introduces type theory
[Wed Nov  4 14:06:54 2015] <jabesed> yeap I will, was just curious about it
[Wed Nov  4 14:07:08 2015] <vanila> I think category theory people will get it
[Wed Nov  4 14:07:12 2015] <jabesed> right
[Wed Nov  4 14:08:42 2015] <jabesed> just one more question, with regards to theoretical introduction, aside from Martin-Lof's "Constructive Mathematics and Programming", are there any other classics I should be awere of?
[Wed Nov  4 14:09:59 2015] <jabesed> *and computer programming
[Wed Nov  4 14:10:02 2015] <sunnymilk> "lectures on the curry-howard isomorphism" ive heard good things about too, although ive only read a bit of it
[Wed Nov  4 14:10:04 2015] <vanila> I think Luo UTT is important
[Wed Nov  4 14:11:21 2015] <jabesed> sunnymilk: ok will get it too
[Wed Nov  4 14:11:38 2015] <jabesed> vanila: Luo UTT?
[Wed Nov  4 14:12:29 2015] <vanila> Z. Luo. Computation and Reasoning: A Type Theory for Computer Science. OUP, 1994.
[Wed Nov  4 14:13:07 2015] <jabesed> vanila: interesting, I didn't know about it
[Wed Nov  4 14:21:02 2015] <jabesed> vanila: is there any practical system based on UTT? e.g. Coq like theorem prover or anything of the sort?
[Wed Nov  4 14:21:25 2015] <jabesed> I'd never heard of unintentional type theory
[Wed Nov  4 14:22:16 2015] <sunnymilk> idris and agda ive heard are based on UTT
[Wed Nov  4 14:22:19 2015] <sunnymilk> but im not sure about that
[Wed Nov  4 14:22:22 2015] <jabesed> oh
[Wed Nov  4 14:23:28 2015] <sunnymilk> https://cstheory.stackexchange.com/questions/22498/rules-about-prop-and-set-in-utt
[Wed Nov  4 14:24:59 2015] <vanila> I think UTT introduced the universe hierarchy we have in coq today
[Wed Nov  4 14:25:44 2015] <vanila> yeah, and impredicative prop like in that link
[Wed Nov  4 14:34:56 2015] <jabesed> I see
[Wed Nov  4 14:35:02 2015] <jabesed> got a lot of reading to do
[Thu Nov  5 09:59:09 2015] <absurdium> hello
[Thu Nov  5 10:00:29 2015] <ianjneu> absurdium: g'day
[Thu Nov  5 10:03:01 2015] <absurdium> I'm an absolute beginner with coq (absolute beginner with proofs too, I have to admit) - is there some resource which shows how normal reasoning in proofs is done in coq?
[Thu Nov  5 10:03:19 2015] <absurdium> e.g. how do I rewrite my goal into contrapositive form
[Thu Nov  5 10:03:46 2015] <absurdium> (if the goal is an implication, of course)
[Thu Nov  5 10:03:48 2015] <ianjneu> absurdium: Software Foundations by Pierce, et. al.
[Thu Nov  5 10:04:13 2015] <ianjneu> http://www.cis.upenn.edu/~bcpierce/sf/current/toc.html
[Thu Nov  5 10:04:18 2015] <absurdium> ianjneu: I hoped I could postpone reading that book for some while
[Thu Nov  5 10:04:43 2015] <absurdium> I'm currently reading "How to Prove it" by Daniel J. Velleman
[Thu Nov  5 10:05:01 2015] <ianjneu> absurdium: you don't have to read it all. It has very beginner exercises bundled with it. Perhaps just step through those
[Thu Nov  5 10:05:02 2015] <absurdium> I wanted to tackle SF after I'm done with "How To Prove It"
[Thu Nov  5 10:05:23 2015] <absurdium> ah, ok
[Thu Nov  5 10:05:27 2015] <ianjneu> How To Prove It is more informal math than it is a constructive approach.
[Thu Nov  5 10:05:55 2015] <vanila> what do you want to do with coq?
[Thu Nov  5 10:06:06 2015] <vanila> or what is your goal more generally?
[Thu Nov  5 10:06:13 2015] <absurdium> vanila: the exercises in How To Prove It which have no solution in the appendix
[Thu Nov  5 10:07:24 2015] <absurdium> ianjneu: what do you mean with a constructive approach?
[Thu Nov  5 10:13:03 2015] <ianjneu> absurdium: Reasoning without the law-of-excluded-middle, considering theorems as proof-transforming functions, logical connectives as various datatypes (conjunction is pairing, disjunction is injection into the Either (AKA Sum) datatype, etc.)
[Thu Nov  5 17:50:06 2015] <vanila> https://www.youtube.com/watch?v=JpK9e__q5Ts
[Thu Nov  5 17:50:30 2015] <vanila> just watching this talk on abstract interp, really nice tool that might be good to do in coq
[Sun Nov  8 20:28:23 2015] <sunnymilk> is there a nice to prove uniqueness of identity for eg multiplication over positive integers
[Sun Nov  8 20:28:36 2015] <sunnymilk> identity as in multiplicative identity
[Sun Nov  8 20:28:55 2015] <sunnymilk> i want to prove forall a. a * a = 1%positive -> a = 1%positive
[Sun Nov  8 20:29:05 2015] <sunnymilk> i kjnow its in the standard library somewhere but i cant find it
[Sun Nov  8 20:38:39 2015] <sunnymilk> in fact how the heck do i convert positive to Z
[Sun Nov  8 20:38:47 2015] <sunnymilk> i cant find a function to do that anywhere
[Sun Nov  8 20:40:54 2015] <sunnymilk> oh its Zpos
[Mon Nov  9 11:09:38 2015] <stelleg> sunnymilk: in module Mult there is mult_is_one : forall n m, n * m = 1 -> n = 1 /\ m = 1.
[Mon Nov  9 11:11:21 2015] <sunnymilk> what type is * over?
[Mon Nov  9 11:13:07 2015] <sunnymilk> ohhh
[Mon Nov  9 11:13:09 2015] <stelleg> oh sorry!
[Mon Nov  9 11:13:10 2015] <stelleg> nats
[Mon Nov  9 11:13:22 2015] <stelleg> didnt see you wanted positives
[Mon Nov  9 11:26:01 2015] <benzrf> hello i am reading https://coq.inria.fr/refman/Reference-Manual006.html
[Mon Nov  9 11:26:11 2015] <benzrf> why are let-terms a primitive syntax
[Mon Nov  9 11:26:36 2015] <benzrf> is [let x := y in z] different from [(fun x => z) y]
[Mon Nov  9 11:34:26 2015] <companion_cube> so, afaik, the difference is that `let x := y in z` doesn't type exactly the same as (fun x => z) y
[Mon Nov  9 11:34:41 2015] <companion_cube> because in the let-case, the typer knows that x converts to y
[Mon Nov  9 14:19:53 2015] <benzrf> companion_cube: so iow the let-case has an additional definitional equality in ctx?
[Mon Nov  9 14:19:57 2015] <benzrf> interesting.
[Mon Nov  9 14:21:13 2015] <companion_cube> yes
[Mon Nov  9 16:18:46 2015] <benzrf> hello
[Mon Nov  9 16:19:29 2015] <benzrf> is there a way to convert the current goal to be a closed term applied to all relevant assumptions in scope
[Mon Nov  9 16:20:58 2015] <benzrf> e.g., if the context is [x : nat; y : nat; H : y = S x] and the goal is [x < y], is there a way to automatically rewrite such that the goal becomes [(fun a b => a < b) x y]
[Mon Nov  9 16:41:53 2015] <jrw> benzrf: in this case, you could do [pattern x; pattern y]
[Mon Nov  9 16:42:02 2015] <jrw> not sure whether that's exactly what you're looking for in general
[Mon Nov  9 16:45:09 2015] <benzrf> hmmmmm
[Mon Nov  9 16:45:22 2015] <benzrf> aaaaahh NICE
[Mon Nov  9 16:45:25 2015] <benzrf> :D
[Mon Nov  9 16:45:26 2015] <benzrf> nice nice
[Tue Nov 10 09:22:44 2015] <benzrf> is there a way to get in Ltac the hypothetical result goal of applying some tactic
[Tue Nov 10 09:22:59 2015] <benzrf> in particular, can i get what the current goal would look like if i applied generalize dependent x
[Tue Nov 10 09:28:23 2015] <companion_cube> I don't know, but isn't it possible to use 'try'?
[Tue Nov 10 09:29:36 2015] <benzrf> * shrugs
[Tue Nov 10 09:29:39 2015] <benzrf> oh wait nvm
[Tue Nov 10 09:29:45 2015] <benzrf> ok real question
[Tue Nov 10 09:29:54 2015] <benzrf> 1 sec...
[Tue Nov 10 09:30:23 2015] <benzrf> guh
[Tue Nov 10 09:30:58 2015] <riaqn> Hello, I 've written a function "factorial". Now how can I prove it DO compute the factorial?
[Tue Nov 10 09:31:13 2015] <benzrf> riaqn: what are you trying to prove?
[Tue Nov 10 09:32:08 2015] <riaqn> benzrf: nothing to prove..just curious.
[Tue Nov 10 09:32:16 2015] <benzrf> umm
[Tue Nov 10 09:32:25 2015] <benzrf> oh
[Tue Nov 10 09:32:39 2015] <benzrf> riaqn: i dont mean the idiom, i mean very literally, what theorem are you trying to prove?
[Tue Nov 10 09:33:16 2015] <riaqn> yeah, I guess to write the theorem is the first and the most hard step.
[Tue Nov 10 09:33:57 2015] <riaqn> Just want to know "how to convince someone that my factorial is correct".
[Tue Nov 10 09:34:25 2015] <benzrf> riaqn: usually you prove that the functions you write satisfy certain propositional properties, or compute things related by an intuitively correct relation
[Tue Nov 10 09:35:06 2015] <benzrf> riaqn: for example, if you write a function that calculates whether a number is even, you could prove that it's "correct" by showing that it says true if and only if there's some x such that the input is x * 2
[Tue Nov 10 09:35:07 2015] <riaqn> benzrf: like "factorial (S n) = (S n) * factorial n"?
[Tue Nov 10 09:35:19 2015] <benzrf> riaqn: exactly
[Tue Nov 10 09:35:22 2015] <benzrf> but the thing is
[Tue Nov 10 09:35:31 2015] <benzrf> your implementation already says that straight up (assuming you implemented factorial the obvious way)
[Tue Nov 10 09:35:38 2015] <benzrf> so there's not much you can usefully prove
[Tue Nov 10 09:35:44 2015] <riaqn> yeah, so it's should very easy to prove.
[Tue Nov 10 09:35:51 2015] <benzrf> well, there's not really any point in proving it
[Tue Nov 10 09:35:56 2015] <riaqn> ok, I see. thank you!
[Tue Nov 10 09:35:57 2015] <benzrf> it's just a reflexivity
[Tue Nov 10 09:35:59 2015] <benzrf> no problem :)
[Tue Nov 10 09:36:24 2015] <benzrf> riaqn: proving that as its own theorem would be kind of like providing an implementation of some type by just setting the implementation to a constructor
[Tue Nov 10 09:36:39 2015] <benzrf> riaqn: like implementing 'zero : nat' by setting 'zero := O'
[Tue Nov 10 09:36:42 2015] <benzrf> there's no real point there
[Tue Nov 10 09:36:54 2015] <benzrf> and similarly there's no real point in proving a theorem that just states your function's definition
[Tue Nov 10 09:37:10 2015] <benzrf> riaqn: that theorem could be interesting if you defined factorial by means of an imperative for loop, or something
[Tue Nov 10 09:38:05 2015] <riaqn> benzrf: so the implementation is so straightforward that it's a copy of definition, which makes it point-less to prove.
[Tue Nov 10 09:38:26 2015] <companion_cube> otoh it can be useful to prove that you compute the Fibonacci function by specifying it naively, but implementing it in a more efficient way
[Tue Nov 10 09:39:52 2015] <riaqn> companion_cube: yes, like some linear algebra tricks.
[Tue Nov 10 09:40:06 2015] <benzrf> riaqn: right
[Tue Nov 10 09:40:08 2015] <benzrf> :)
[Tue Nov 10 09:42:07 2015] <companion_cube> or even the linear version, which is still much better than the direct definition
[Tue Nov 10 12:18:39 2015] <stelleg> is there a way to apply functions to either side of an equality constructor? e.g. I have an axiom H : a = b, and would like H' : f a = f b
[Tue Nov 10 12:19:23 2015] <stelleg> Seems like theres probably a tactic for that but I'm not seeing it
[Tue Nov 10 12:20:49 2015] <johnw> i believe that's equal_f
[Tue Nov 10 12:21:14 2015] <johnw> as in: apply (equal_f f := f) in H. or something along those lines
[Tue Nov 10 12:21:40 2015] <johnw> it requires functional extensionality
[Tue Nov 10 12:30:42 2015] <stelleg> johnw: thanks, trying that. not familiar with the := syntax (and neither is my Coq apparently) though
[Tue Nov 10 12:31:09 2015] <johnw> oh, maybe:
[Tue Nov 10 12:31:18 2015] <johnw> apply (equal_f (f := f)) in H.
[Tue Nov 10 12:32:17 2015] <johnw> oh, never mind
[Tue Nov 10 12:32:28 2015] <johnw> equal_f isn't what I was thinking about
[Tue Nov 10 12:33:55 2015] <johnw> stelleg: you could always assert that forall a b, a = b -> f a = f b, and then apply that to your hypothesis.
[Tue Nov 10 12:33:56 2015] <stelleg> johnw: yeah seems a little stronger than what I need
[Tue Nov 10 12:34:16 2015] <johnw> it amounts to proving f is injective
[Tue Nov 10 12:34:44 2015] <Cypi_> Injectivity is [f a = f b -> a = b], not the other way around
[Tue Nov 10 12:34:52 2015] <Cypi_> [a = b -> f a = f b] is always true
[Tue Nov 10 12:34:59 2015] <johnw> leibnitz equality?
[Tue Nov 10 12:35:07 2015] <johnw> I do get those confused often
[Tue Nov 10 12:35:24 2015] <Cypi_> I would call that the functionality of f, but I don't know :)
[Tue Nov 10 12:35:33 2015] <Cypi_> (in the sense that equal inputs produce equal outputs)
[Tue Nov 10 12:35:49 2015] <johnw> right, what was I thinking
[Tue Nov 10 12:35:57 2015] <johnw> sorry to send you down blind alleys, stelleg
[Tue Nov 10 12:36:12 2015] <stelleg> johnw: no problem, its helpful
[Tue Nov 10 12:36:19 2015] <stelleg> to learn
[Tue Nov 10 12:37:06 2015] <quelu> Cypi_: well, no, the functionality is only the fact that to one output corresponds at most one output
[Tue Nov 10 12:37:30 2015] <quelu> [a = b -> f a = f b] is a property of the equality
[Tue Nov 10 12:37:37 2015] <quelu> (it being a congruence)
[Tue Nov 10 12:37:57 2015] <johnw> stelleg: it's this: apply f_equal with (f := f) in H.
[Tue Nov 10 12:38:05 2015] <johnw> actually tried it here this time
[Tue Nov 10 12:38:40 2015] <stelleg> quelu: congruence is a tactic that worksf or that!
[Tue Nov 10 12:38:47 2015] <stelleg> johnw: oh cool thanks!
[Tue Nov 10 12:38:59 2015] <stelleg> appreciate the help guys
[Tue Nov 10 12:39:54 2015] <stelleg> johnw: oh yeah f_equal is exactly the right theorem, thanks
[Tue Nov 10 12:40:06 2015] <Cypi_> quelu : yes, you're right. I meant "functional" not in a set-theoretical sense, but in a "programming language" sense
[Tue Nov 10 12:43:17 2015] <gallais_> You can write a bit of Ltac doing exactly this: http://lpaste.net/144997
[Tue Nov 10 12:46:54 2015] <stelleg> gallais_: thanks!
[Tue Nov 10 14:54:56 2015] <gwm_> Can somebody explain to me how to solve the definition: (A -> C) -> (B -> A) -> (B -> C) :=
[Tue Nov 10 14:55:07 2015] <gwm_> In terms of sets, have to use curry howard
[Tue Nov 10 14:58:36 2015] <companion_cube> fun f g x => f (g x)
[Tue Nov 10 19:45:29 2015] <sunnymilk> does anyone have any tips for working with different number systems (eg, theorems involving all of natural numbers, integers, positive integers, rationals, etc)
[Tue Nov 10 19:46:21 2015] <sunnymilk> an example of a nic ething i would like is to be able to take a goal/hypotheses and convert them all to a single number system with some additional theorems (ie, if a variable x is of type positive, it would be nice to rewrite everything such that it is now a natural number + a hypothesis that it is non-zero)
[Tue Nov 10 19:46:31 2015] <sunnymilk> that sounds a bit far-fetched though
[Tue Nov 10 19:50:25 2015] <sunnymilk> i dont even really know how to like, rewrite a goal/hypothesis from one number system to another
[Tue Nov 10 19:54:44 2015] <sunnymilk> so i might have some equality about natural numbers, but i cant apply it because my goal is wrapped with Pos.to_nat (Zpos ...)
[Tue Nov 10 21:34:34 2015] <jrw> sunnymilk: might want to check out the "zify" tactic, which converts lots of stuff to Z
[Tue Nov 10 21:37:08 2015] <sunnymilk> ooh
[Tue Nov 10 21:37:09 2015] <sunnymilk> thank you!
[Tue Nov 10 22:07:37 2015] <sunnymilk> is there a nice way to turn (x ?= y)%positive = Lt into (y ?= x)%positive = Gt
[Tue Nov 10 22:08:11 2015] <sunnymilk> i cannot figure it out
[Tue Nov 10 22:51:39 2015] <benzrf> sunnymilk: have you searched for relevant theroms
[Wed Nov 11 10:54:36 2015] <sunnymilk> benzrf yes
[Wed Nov 11 11:38:08 2015] <jabesed> in Martin Lofs "Constructive Mathematics and Computer Programming" isn't the Sigma-elimination rule wrong?
[Wed Nov 11 11:38:22 2015] <jabesed> https://i.imgur.com/JrCC6jg.png
[Wed Nov 11 11:38:58 2015] <jabesed> in the bottom line, shouldn't that `d` be `d((x,y)/z)`
[Wed Nov 11 11:53:03 2015] <gallais_> jabesed: No, it's fine. This is how you'd write it using Coq syntax: http://lpaste.net/145050
[Wed Nov 11 11:53:44 2015] <jabesed> gallais_: hmmm let me see
[Wed Nov 11 11:58:40 2015] <jabesed> gallais_: my doubt is in the definition of `d`
[Wed Nov 11 11:59:33 2015] <jabesed> gallais_: how is your definition equivalent to the one in the rule?
[Wed Nov 11 12:01:12 2015] <jabesed> the one in the rule appears to say `d` has a free var `z`
[Wed Nov 11 12:01:19 2015] <jabesed> not free vars x and y
[Wed Nov 11 12:01:39 2015] <jabesed> wait
[Wed Nov 11 12:01:48 2015] <jabesed> nevermind that's C
[Wed Nov 11 12:02:23 2015] <jabesed> nevermind... I was misreading this, sorry about that
[Wed Nov 11 12:02:38 2015] <jabesed> and thanks for the code!
[Wed Nov 11 13:41:34 2015] <sunnymilk> i spent hours proving that my recursion was well-founded, only to find out that my implementation is actually wrong :(
[Wed Nov 11 13:54:23 2015] <johnw> sunnymilk: that's a pretty common for me too, actually
[Wed Nov 11 13:54:31 2015] <johnw> that's why proof is so good :)
[Wed Nov 11 13:54:53 2015] <johnw> no matter how invested you get in perceiving the quality of your implementation, the type checker just won't accept untruth ;)
[Wed Nov 11 14:01:18 2015] <sunnymilk> hehe
[Wed Nov 11 14:02:18 2015] <sunnymilk> a large part of my proof though was just moving between number types :|
[Thu Nov 12 06:14:02 2015] <jabesed> still on Martin Lofs paper, "Constructive Mathematics and Computer Programming"
[Thu Nov 12 06:14:17 2015] <jabesed> this is how he formulates the axiom of choice: https://i.imgur.com/wm1705d.png
[Thu Nov 12 06:15:18 2015] <jabesed> it's relatively easy to read, given a function from A and returning a dependent pair, he extracts a dependent pair of functions from A
[Thu Nov 12 06:16:31 2015] <jabesed> looking up AC, I get that it states "the Cartesian product of a collection of non-empty sets is non-empty"
[Thu Nov 12 06:17:51 2015] <jabesed> so how does that formula specify the AC?...
[Thu Nov 12 06:18:40 2015] <jabesed> because we are starting with what seems like a choice function from the cartesian product
[Thu Nov 12 06:19:13 2015] <jabesed> and it appears it should be the other way around
[Thu Nov 12 06:21:49 2015] <gallais_> "sigma B C" can be seen as the set of (b : B) such that C(b) holds true
[Thu Nov 12 06:22:51 2015] <gallais_> "pi (x : A) (sigma (y : B (x)) (C x y))" can be seen as "a collection (indexed by A) of non empty sets of elements (y : B(x)) such that C x y"
[Thu Nov 12 06:24:45 2015] <jabesed> hmmm
[Thu Nov 12 06:25:56 2015] <jabesed> right
[Thu Nov 12 06:27:13 2015] <jabesed> I get do that... but it seems like we are showing that given a non-empty cartesian product, each of the sets in the product is non-empty
[Thu Nov 12 06:27:26 2015] <jabesed> while what I wrote above says the reverse
[Thu Nov 12 06:28:03 2015] <jabesed> or is what I wrote above wrong? i.e. that the AC states "the Cartesian product of a collection of non-empty sets is non-empty"
[Thu Nov 12 06:30:23 2015] <jabesed> put simply the formula appears to show that "if AxB non-empty then A non-empty and B non-empty",  and the definition appears to state that if "A non-empty and B non-empty then AxB is non-empty"
[Thu Nov 12 06:31:06 2015] <jabesed> wait
[Thu Nov 12 06:34:40 2015] <gallais_> You could try to replace A with Bool to have a look at a simpler case
[Thu Nov 12 06:35:24 2015] <jabesed> gallais_: so that would give me the binary cartesian product, right?
[Thu Nov 12 06:35:32 2015] <gallais_> Yes
[Thu Nov 12 06:35:39 2015] <jabesed> ok let me see
[Thu Nov 12 06:38:34 2015] <jabesed> ok so the left hand side would represent a product   B_1 x B_2 of sets , whose elements satisfy respectively conditions C_1 and C_2
[Thu Nov 12 06:40:29 2015] <jabesed> and (if that is right) therein lies my problem, that we are starting with the cartesian product
[Thu Nov 12 06:41:19 2015] <jabesed> but let me think, maybe I see what what's wrong
[Thu Nov 12 06:41:23 2015] <jabesed> in my thinking
[Thu Nov 12 06:43:42 2015] <jabesed> I think I see... so the right hand side is a single set (i.e. a cartesian product) because it is defined as having one condition determining what the set it
[Thu Nov 12 06:43:45 2015] <jabesed> *is
[Thu Nov 12 06:44:49 2015] <jabesed> and the left hand side, because there is a condition C x y for each B x, then it is a collection of sets, not a single set (i.e. not a cartesian product)
[Thu Nov 12 06:44:53 2015] <jabesed> is that right?
[Thu Nov 12 06:45:44 2015] <gallais_> Yes: you take "A" sets on the left hand side and spit out a single set on the right hand side
[Thu Nov 12 06:46:08 2015] <jabesed> right, thanks a lot gallais_, that was really helpful
[Thu Nov 12 06:49:18 2015] <gallais_> No bother ;)
[Thu Nov 12 11:44:48 2015] <sunnymilk> what's an induction scheme?
[Thu Nov 12 11:45:55 2015] <sunnymilk> i know a bit about induction, like how every inductive datatype gets an induction axiom (eg, for nat, its forall n (P : nat -> Prop), P 0 -> (P n -> P (S n)) -> P n or something like that
[Thu Nov 12 11:46:20 2015] <sunnymilk> but i dont know too much about things like functional induction
[Thu Nov 12 11:46:54 2015] <sunnymilk> it gives you some extra hypotheses for reasoning about the return values of functions but i dont understand it too well
[Thu Nov 12 11:49:53 2015] <gallais_> If you want to prove that a function satisfies a property, you will often have to repeat the precise sequence of "match...with" used when the function was defined
[Thu Nov 12 11:50:31 2015] <gallais_> (e.g. if you prove properties about addition of natural numbers, you will proceed by induction on *the first argument* because _+_ was defined by inspecting the first argument)
[Thu Nov 12 11:50:42 2015] <sunnymilk> ohhh i see!
[Thu Nov 12 11:50:58 2015] <gallais_> functional induction automates this: it defines an induction principle corresponding to the call graph of the function
[Thu Nov 12 16:47:42 2015] <vanila> hello
[Thu Nov 12 16:47:50 2015] <johnw> hi vanila
[Thu Nov 12 16:48:20 2015] <vanila> I'm stuck with functional induction
[Thu Nov 12 16:48:35 2015] <johnw> paste code, paste error
[Thu Nov 12 16:48:38 2015] <vanila> https://bpaste.net/show/83ca6ecd0b5b
[Thu Nov 12 16:49:07 2015] <vanila> if I just use Fixpoint and no {measure ..} then i can derive a functional scheme, but what do you do when you are using Program and a measure?
[Thu Nov 12 16:50:01 2015] <johnw> {measure n}, and Program should be redundant on that first Fixpoint
[Thu Nov 12 16:50:15 2015] <johnw> it's pretty clear that that is structural induction
[Thu Nov 12 17:06:06 2015] <vanila> any ideas?
[Thu Nov 12 17:42:52 2015] <vanila> I want a functional induction scheme for a function defined with Program
[Thu Nov 12 18:51:07 2015] <vanila> is anyone familiar with coq Program?
[Thu Nov 12 18:51:24 2015] <johnw> I use Program all the time
[Thu Nov 12 18:51:37 2015] <johnw> your question is a bit more specific than that
[Thu Nov 12 18:51:40 2015] <vanila> know how to get functional induction scheme?
[Thu Nov 12 18:53:43 2015] <johnw> no
[Thu Nov 12 18:53:50 2015] <johnw> other than Functional Scheme, as you already put it
[Thu Nov 12 18:56:32 2015] <vanila> so how to prove something about a recursive function defined with program?
[Fri Nov 13 02:12:57 2015] <jrw> in ssreflect what is the idiomatic way of doing case analysis on the result of a boolean expression, so that I get [x = true] and [x = false] in the two subgoals?
[Fri Nov 13 02:13:25 2015] <jrw> normally I would do [destruct x eqn:?] but curious what the ssreflect-ese is for this
[Fri Nov 13 05:34:06 2015] <relrod> ;
[Fri Nov 13 05:34:08 2015] <relrod> gah
[Fri Nov 13 12:58:41 2015] <Cypi_> I have some goal [t = x], and I want to replace that goal by [u = x] and [t = u]. The problem is: the type of [u] is only propositionally equal to the type of [t] and [x]. What can I do?
[Fri Nov 13 12:59:39 2015] <Cypi_> To put it more clearly: [t : A], [x : A], [u : B], [H : A = B], and I want to from [t = x] to something along the lines of [u = x].
[Fri Nov 13 13:14:40 2015] <companion_cube> can you use `subst` to rewrite A into B?
[Fri Nov 13 13:15:32 2015] <Cypi_> A and B are both expressions, not just one variable
[Fri Nov 13 13:19:23 2015] <companion_cube> dependent rewrite <- H in u
[Fri Nov 13 13:41:17 2015] <Cypi> Thanks, I will try that kind of things whenever I can
[Fri Nov 13 13:43:03 2015] <companion_cube> then, I suppose you know how to use trans_eq ;)
[Fri Nov 13 13:45:47 2015] <Cypi> I don't think it will work anyway in my case: u is also some expression, so actually I have [u := expr : B], and when I rewrite, Coq "forgets" u's expression.
[Fri Nov 13 13:52:00 2015] <companion_cube> aww
[Fri Nov 13 16:07:43 2015] <vanila> hello
[Fri Nov 13 16:07:52 2015] <vanila> is anyone good with Program? I can't get functional induction t owork with it
[Fri Nov 13 22:49:57 2015] <Nik05> hello, I would really like to learn logic and I also like programming. So to me Coq sound like a new program to use
[Fri Nov 13 22:50:14 2015] <Nik05> But where do I start learning logic and using Coq?
[Fri Nov 13 22:50:22 2015] <Nik05> Any books you can recommend?
[Fri Nov 13 22:51:05 2015] <Nik05> I have finished Calculus and Linear Algebra courses
[Fri Nov 13 22:51:15 2015] <Nik05> if that is of any help
[Fri Nov 13 22:52:19 2015] <Nik05> Thank you very much
[Fri Nov 13 23:17:52 2015] <jrw> Nik05: have you heard of software foundations by pierce et al?
[Fri Nov 13 23:18:05 2015] <jrw> https://www.cis.upenn.edu/~bcpierce/sf/current/index.html
[Fri Nov 13 23:18:33 2015] <jrw> that's a good intro to coq that focuses on functional programming ang logic
[Sat Nov 14 08:05:38 2015] <Nik05> thank you jrw1
[Sat Nov 14 08:06:13 2015] <Nik05> I will take a look
[Sat Nov 14 09:41:44 2015] <Nik05> jrw1 my little Haskell experience comes to great use :)
[Sat Nov 14 12:59:08 2015] <Nik05> maybe i should stop now :P
[Sat Nov 14 12:59:19 2015] <Nik05> I dont know how to prove false = true -> false = true....
[Sat Nov 14 13:00:02 2015] <Nik05> oh just an intro ofcourse
[Sat Nov 14 13:00:12 2015] <Nik05> but why does reflexivity not work?
[Sat Nov 14 13:02:00 2015] <companion_cube> don't you want symmetry?
[Sat Nov 14 13:02:22 2015] <Nik05> what do you mean?
[Sat Nov 14 13:03:25 2015] <companion_cube> oh sorry, thought the goal was   true = false
[Sat Nov 14 13:03:40 2015] <Nik05> I dont get it anymore... got the Hypothesis : flase = true
[Sat Nov 14 13:03:44 2015] <companion_cube> then you shoudl use assumption, or exact H (where H is the introduced hypothesis)
[Sat Nov 14 13:03:47 2015] <Nik05> and need to prove false = true
[Sat Nov 14 13:04:16 2015] <Nik05> ooh
[Sat Nov 14 13:04:17 2015] <companion_cube> yes, reflexivity is for solving a goal  a=a
[Sat Nov 14 13:05:13 2015] <Nik05> Im followng the book Software Foundations. And it has an exercise i need to solve. But the book didnt talk about exact or assumption yet
[Sat Nov 14 13:06:01 2015] <companion_cube> you also can use inversion there
[Sat Nov 14 13:06:08 2015] <companion_cube> because false=true is absurd
[Sat Nov 14 13:07:02 2015] <Nik05> the book only really talked about intro, rewrite and reflexivity.
[Sat Nov 14 13:07:10 2015] <Nik05> and destruct
[Sat Nov 14 13:07:21 2015] <companion_cube> oohhh
[Sat Nov 14 13:07:26 2015] <companion_cube> rewrite -> H
[Sat Nov 14 13:07:30 2015] <companion_cube> then reflexivity
[Sat Nov 14 13:07:47 2015] <Nik05> ah like that, wow stupid me :P
[Sat Nov 14 13:10:01 2015] <Nik05> how can I apply a command and if it fails, ignore the command?
[Sat Nov 14 13:10:16 2015] <Nik05> I got 4 subgoals, and just need to do a rewrite on 2 of the goals
[Sat Nov 14 13:10:21 2015] <companion_cube> try foo
[Sat Nov 14 13:11:02 2015] <Nik05> thank you :)
[Sat Nov 14 13:12:41 2015] <Nik05> Got a last question: what is the difference between destruct a, b. and destruct a; destruct b. ?
[Sat Nov 14 13:12:56 2015] <companion_cube> no idea, sorry
[Sat Nov 14 13:13:09 2015] <companion_cube> must be explained in the tactics documentation
[Sat Nov 14 13:13:13 2015] <Nik05> oke
[Sat Nov 14 13:14:47 2015] <Nik05> hm it says destruct term1, .., termn is a shortcut for destruct term1; ..; destruct termn
[Sat Nov 14 13:14:59 2015] <Nik05> really strange, because i get different results
[Sat Nov 14 13:15:25 2015] <Nik05> or maybe not...
[Sat Nov 14 13:15:31 2015] <Nik05> oke discard that :P
[Sat Nov 14 13:30:56 2015] <stelleg> so listset seems kind of problematic, e.g. you can't prove that forall A eq (x : A) xs, ~set_In x (set_remove eq x xs). Do people roll their own instead or just use diff instead of remove?
[Sat Nov 14 14:53:38 2015] <vanila> hello
[Sat Nov 14 14:54:05 2015] <vanila> does anyone know an example of getting a functional induction scheme for a Program defined function (with measure)?
[Sat Nov 14 14:54:28 2015] <vanila> I can get it for a normal structurally recursive function but it's not giving me one for Program
[Sat Nov 14 14:58:35 2015] <jrw1> vanila: I don't think Program supports that
[Sat Nov 14 14:58:42 2015] <vanila> oh darn it
[Sat Nov 14 14:58:54 2015] <vanila> I wonder how to get a functional scheme for a function defined with a measure then?
[Sat Nov 14 14:59:11 2015] <vanila> since i don't see how i'll prove facts about such functions otherwise
[Sat Nov 14 14:59:20 2015] <vanila> those induction schemes are very useful
[Sat Nov 14 14:59:32 2015] <jrw> in general, Program is not so good at proving stuff about already defined things
[Sat Nov 14 14:59:40 2015] <vanila> interesting
[Sat Nov 14 14:59:46 2015] <jrw> it works best when you incorporate all the things you want into the type of the function
[Sat Nov 14 14:59:49 2015] <jrw> and then do it all in one go
[Sat Nov 14 14:59:53 2015] <vanila> so I guess people generally use it for strongly specified functions
[Sat Nov 14 14:59:57 2015] <jrw> yep
[Sat Nov 14 15:00:48 2015] <jrw> vanila: you might be able to prove an induction principle using Program itself
[Sat Nov 14 15:01:04 2015] <jrw> i've never tried though
[Sat Nov 14 15:02:50 2015] <vanila> that's a nice idea! i'll try that
[Sat Nov 14 22:05:36 2015] <Nik05> wow finally i proofed it :D
[Sat Nov 14 22:05:58 2015] <Nik05> I should use more Lemmas to prove my theorem
[Sat Nov 14 22:06:04 2015] <Nik05> much easier
[Sat Nov 14 22:06:45 2015] <sunnymilk> who needs lemmas when you have assert
[Sat Nov 14 22:06:47 2015] <sunnymilk> (just kidding)
[Sat Nov 14 22:06:53 2015] <Nik05> ;p
[Sat Nov 14 22:07:23 2015] <Nik05> i was messing around a lot, but i should just create some lemmas...
[Sat Nov 14 22:07:37 2015] <Nik05> well almost finished first chapter of the Software Foundation
[Sat Nov 14 22:08:38 2015] <Nik05> and another thing, dont start proofs with forall if you can just put it as an argument of your theorem
[Sat Nov 14 22:08:59 2015] <Nik05> not sure if i explain this correctly :P
[Sun Nov 15 08:41:08 2015] <Nik05> why is this coqide in windows so shit?
[Sun Nov 15 08:41:30 2015] <Nik05> I cant even write ' or "
[Sun Nov 15 08:41:39 2015] <Nik05> i should switch to linux
[Sun Nov 15 11:30:14 2015] <Nik05> anyone know how to solve this problem with my keyboard in windows?
[Sun Nov 15 11:30:35 2015] <Nik05> If i type " i get this in CoqIDE -> ¨
[Sun Nov 15 11:32:01 2015] <Nik05> and when i type ' i get -> ´
[Sun Nov 15 11:43:39 2015] <sunnymilk> that is strange
[Sun Nov 15 11:43:49 2015] <sunnymilk> i cant really imagine what the problem there would be
[Sun Nov 15 11:43:58 2015] <sunnymilk> make sure unicode mode isnt on?
[Sun Nov 15 12:17:03 2015] <Nik05> sunnymilk how would i do that?
[Sun Nov 15 12:37:23 2015] <Nik05> sunnymilk  i think this is the same problem http://superuser.com/questions/440096/windows-pidgin-gtk-cannot-type-quotes-properly
[Sun Nov 15 14:09:10 2015] <Nik05> sunnymilk i fixed the issue
[Sun Nov 15 14:09:21 2015] <Nik05> looks like CoqIDE always presses <ctrl> + <alt>
[Sun Nov 15 14:11:26 2015] <sunnymilk> ahhh
[Sun Nov 15 19:58:37 2015] <Nik05> how could i prove 0 = b with the hypothesis 1 = S b?
[Sun Nov 15 20:08:26 2015] <zozozo> Nik05: if I remember correctly, you have to use injectivity of inductive type constructors, but I don't remember the name tactic
[Sun Nov 15 20:08:43 2015] <Nik05> oke i will try to find it
[Sun Nov 15 20:09:38 2015] <Nik05> Oh you mean a = b -> S a = S b zozozo ?
[Sun Nov 15 20:12:11 2015] <Nik05> im trying to prove S a = S b -> a = b
[Sun Nov 15 20:14:13 2015] <Nik05> hm i proofed a = b -> S a = S b.
[Sun Nov 15 20:14:23 2015] <Nik05> how do i rewrite 0 = b to 1 = S b?
[Sun Nov 15 20:14:35 2015] <Nik05> rewrite doesnt seem to work
[Sun Nov 15 20:42:35 2015] <Nik05> only auto works :P
[Mon Nov 16 03:55:21 2015] <zyla> Nik05: the tactic is simplify_eq
[Mon Nov 16 05:35:31 2015] <zozozo> Nik05: actually, I was thinking about the "injectivity H" tactic, which given 'S a = S b' as hypothesis, should add 'a = b' to the context
[Mon Nov 16 06:43:15 2015] <Nik05> oh oke thank you zozozo
[Mon Nov 16 06:44:30 2015] <Nik05> and zyla
[Mon Nov 16 06:45:21 2015] <Nik05> hm nice Coq 4.8 in Linux compiles different than 4.8 in Windows
[Mon Nov 16 06:45:45 2015] <Nik05> Compiled library makes inconsistent assumptions over library Coq.Init.Notations
[Mon Nov 16 06:59:50 2015] <Nik05> I guess the Windows version is just broken
[Mon Nov 16 06:59:59 2015] <Nik05> changing shortcuts also doesnt do anything
[Mon Nov 16 07:25:24 2015] <Nik05> I guess I will stay on Linux then :P
[Mon Nov 16 08:04:25 2015] <Nik05> how would you prove something like "b + c + a' * b + a' * c = b + a' * b + c + a' * c"?
[Mon Nov 16 08:04:45 2015] <Nik05> And then I mean, by using tactics. I already proved commutativity of +
[Mon Nov 16 08:06:04 2015] <Nik05> Ah i think it just needs one assert
[Mon Nov 16 08:06:15 2015] <companion_cube> maybe with Ring?
[Mon Nov 16 08:07:55 2015] <Nik05> H : a' * b + c = c + a' * b (* i have just asserted this *)
[Mon Nov 16 08:08:16 2015] <Nik05> but when i try to rewrite my first line i posted here, it says found no subterm match ...
[Mon Nov 16 08:08:50 2015] <Nik05> thank you companion_cube
[Mon Nov 16 08:11:21 2015] <Nik05> I dont get why the rewrite doesnt work
[Mon Nov 16 08:11:51 2015] <Nik05> Error: Found no subterm matching "plus (mult a' b) c" in the current goal.
[Mon Nov 16 08:11:59 2015] <Nik05> @eq nat (plus (plus (plus b c) (mult a' b)) (mult a' c)) (plus (plus (plus b (mult a' b)) c) (mult a' c))
[Mon Nov 16 08:12:02 2015] <Nik05> last one is the goal
[Mon Nov 16 08:12:38 2015] <Nik05> oh huh
[Mon Nov 16 08:13:54 2015] <Nik05> is that my problem?
[Mon Nov 16 08:14:31 2015] <Nik05> its not visible when low-level content is disabled
[Mon Nov 16 08:16:59 2015] <Nik05> oh just when notation is turned off
[Mon Nov 16 08:19:10 2015] <Cypi> http://lpaste.net/145374 >> would anyone know how to complete this proof, or provide an argument as to why it is not provable?
[Mon Nov 16 08:20:39 2015] <companion_cube> :q
[Mon Nov 16 08:20:42 2015] <companion_cube> duh
[Mon Nov 16 08:21:24 2015] <Nik05> why doesnt a rewrite -> H. just work?
[Mon Nov 16 08:22:08 2015] <Cypi> Because you need to abstract the body of g (or f) to do such a rewrite, and the typability of the conclusion relies on the fact that [f true] and [g true] are convertible
[Mon Nov 16 08:23:15 2015] <Nik05> hm oke
[Mon Nov 16 08:25:22 2015] <Nik05> Oke i finished the proof with just 4 rewrite :)
[Mon Nov 16 08:25:29 2015] <Nik05> my own proof, not yours Cypi ...
[Mon Nov 16 08:25:56 2015] <Cypi> ^^'
[Mon Nov 16 08:27:34 2015] <companion_cube> I wonder, doesn't that depend on functional extensionality?
[Mon Nov 16 08:28:25 2015] <Cypi> I can use functional extensionality if needed
[Mon Nov 16 08:28:31 2015] <Cypi> (I already use it somewhere else anyway)
[Mon Nov 16 08:44:46 2015] <Nik05> Oke i do know i should take a break after spending some time on Coq
[Mon Nov 16 08:45:13 2015] <Nik05> The proofs i was stuck on, I just all proved...
[Mon Nov 16 09:42:37 2015] <Nik05> and stuck on another one
[Mon Nov 16 11:57:21 2015] <Nik05> what am i doing... Im proving something really simple and I just got an stack overflow...
[Mon Nov 16 11:57:57 2015] <sanooj> perhaps you're using numbers that are too large.
[Mon Nov 16 11:58:19 2015] <Nik05> oh no i was usng rewrite -> !mult_comm
[Mon Nov 16 11:58:33 2015] <Nik05> guess its applying the theorem on the same part over and over again
[Mon Nov 16 11:58:54 2015] <sanooj> ah, yeah that'd likely do it
[Mon Nov 16 11:59:58 2015] <schoppenhauer> hi. is there any default interface/typeclass for natural numbers/integers in coq? because I want to prove stuff about natural numbers/integers, but in many cases I can just use omega, and I would like to not stick to a certain representation of them.
[Mon Nov 16 12:00:18 2015] <Nik05> there is nat
[Mon Nov 16 12:00:34 2015] <Nik05> i guess there are probably integers as well
[Mon Nov 16 12:00:51 2015] <schoppenhauer> Nik05: nat is one possible representation. but it takes up a lot of space.
[Mon Nov 16 12:01:19 2015] <schoppenhauer> Nik05: I thought maybe something like a typeclass that specifies the peano axioms or so.
[Mon Nov 16 12:01:45 2015] <schoppenhauer> I can write one myself, but if it already exists, then I would take it
[Mon Nov 16 12:03:48 2015] <Nik05> https://coq.inria.fr/library/Coq.Init.Peano.html schoppenhauer
[Mon Nov 16 12:04:45 2015] <schoppenhauer> this has nothing to do with my question
[Mon Nov 16 12:05:14 2015] <Nik05> Sorry I dont know anything about Coq or formal mathematics
[Mon Nov 16 12:07:06 2015] <schoppenhauer> :3
[Mon Nov 16 12:09:02 2015] <Nik05> oh this is nice. I got an error in coq and closed the program -_-
[Mon Nov 16 12:09:14 2015] <Nik05> just because i forgot a .
[Mon Nov 16 12:10:24 2015] <Nik05> And ofcourse i didnt save...
[Mon Nov 16 12:13:02 2015] <Nik05> hm then what does autosave do?
[Mon Nov 16 12:29:57 2015] <ianjneu> Nik05: if you're in emacs and you're editing a file that currently exists on the drive, it will occassionally back it up in filename~
[Mon Nov 16 12:30:21 2015] <ianjneu> if you're in an unsaved buffer, then there it doesn't back that up.
[Mon Nov 16 12:31:10 2015] <Nik05> ianjneu CoqIDE...
[Mon Nov 16 12:32:08 2015] <ianjneu> I have no experience with that.
[Mon Nov 16 12:33:47 2015] <Nik05> I don't got EmacsOS on my pc :P
[Mon Nov 16 14:45:51 2015] <stelleg> there's no lemma in the standard library like "eq_nat_refl_neq (m n : nat) (p : m <> n) : eq_nat_refl m n = right p" is there?
[Mon Nov 16 14:47:10 2015] <stelleg> i ask because it would be nice, given a proof that m <> n, one could say that (if eq_nat_dec m n then a else b) = b
[Mon Nov 16 14:48:11 2015] <ianjneu> doubtful. There aren't many theorems about the structure of proof objects, though the decideable equality for nats should make identity proofs unique.
[Mon Nov 16 14:48:57 2015] <ianjneu> you can use destruct (eq_nat_dec m n) to normalize that.
[Mon Nov 16 14:49:15 2015] <stelleg> ianjneu: oh good point
[Mon Nov 16 14:49:19 2015] <stelleg> duh
[Mon Nov 16 14:49:22 2015] <stelleg> thanks
[Tue Nov 17 13:32:13 2015] <benzrf> yo
[Tue Nov 17 13:32:51 2015] <companion_cube> lo
[Tue Nov 17 13:33:43 2015] <benzrf> is there a tactic that can solve this https://gist.github.com/9f733774915ddc3858d5
[Tue Nov 17 13:34:03 2015] <benzrf> i dont think its too unreasonable to expect a tactic that can solve this :[
[Tue Nov 17 13:34:57 2015] <johnw> intro x H0. rewrite H0. exact.
[Tue Nov 17 13:35:06 2015] <johnw> doesn't "intuition" work here?
[Tue Nov 17 13:35:08 2015] <ianjneu> does firstorder do it?
[Tue Nov 17 13:35:26 2015] <johnw> or yeah, firstorder being a bit lighter-handed than intuition
[Tue Nov 17 13:36:07 2015] <ianjneu> johnw: I thought firstorder was heavier than intuition
[Tue Nov 17 13:36:44 2015] <johnw> hmm
[Tue Nov 17 13:36:50 2015] <johnw> it looks like they are both extensions of tauto
[Tue Nov 17 13:37:03 2015] <johnw> firstorder certainly allows for more syntax, so you are probably right
[Tue Nov 17 13:37:26 2015] <johnw> tauto = intuition fail
[Tue Nov 17 13:39:59 2015] <benzrf> tfw no crush
[Tue Nov 17 14:27:01 2015] <johnw> tfw?
[Tue Nov 17 14:28:02 2015] <ianjneu> "that feel when"
[Tue Nov 17 14:28:10 2015] <ianjneu> or "that feeling when"
[Tue Nov 17 14:28:40 2015] <ianjneu> also FYI, TIL = "today, I learned"
[Tue Nov 17 14:28:45 2015] <johnw> yeah, TIL I know
[Tue Nov 17 14:28:49 2015] <johnw> these young people
[Tue Nov 17 14:28:54 2015] <johnw> TIL TFW
[Tue Nov 17 14:29:09 2015] <ianjneu> smh = "shaking my head"
[Tue Nov 17 14:29:20 2015] <johnw> I have a macro in my IRC called /wtf that decodes most acronyms, but they are being created too rapidly for it to keep up
[Tue Nov 17 16:36:16 2015] <rom1504> make it look it up in urbandictionary
[Tue Nov 17 16:36:57 2015] <johnw> ooh, good idea
[Tue Nov 17 16:49:44 2015] <benzrf> 'tfw' is very much a chan ism
[Tue Nov 17 17:00:12 2015] <sunnymilk> daily reminder to keep your subculture jargon where you found it
[Tue Nov 17 17:02:54 2015] <benzrf> :I
[Tue Nov 17 17:03:02 2015] <ianjneu> sunnymilk: nonsense.
[Tue Nov 17 17:03:24 2015] <benzrf> to be fair
[Tue Nov 17 17:03:28 2015] <benzrf> chans are a pretty shitty subculture
[Tue Nov 17 17:04:13 2015] <ianjneu> use your judgment. "tfw" is not an expression of oppression than chan culture usually nutures.
[Tue Nov 17 17:05:26 2015] <ianjneu> If we mandated all subcultures cloister themselves off, then we get stuff like white supremacy and Jim Crow laws.
[Tue Nov 17 17:06:04 2015] <ianjneu> who defines what's "sub", "lesser", or "unimportant"?
[Tue Nov 17 17:06:37 2015] <sunnymilk> sub as in subset not as in subhuman
[Tue Nov 17 17:07:19 2015] <ianjneu> Then your distinction is moot. All cultures are subsets of "culture"
[Tue Nov 17 17:11:32 2015] <sunnymilk> the point at which you can reasonly expect almost everyone else to not understand your jargon is the point at which you should probably not use it
[Tue Nov 17 17:12:25 2015] <sunnymilk> this point also differentiates between "where you found it" and everywhere else
[Tue Nov 17 17:12:53 2015] <ianjneu> Are you familiar with redlining?
[Tue Nov 17 17:13:07 2015] <sunnymilk> not really
[Tue Nov 17 17:13:36 2015] <ianjneu> It's policy that denied housing to people of color in predominantly white areas. They didn't want them to spread their culture.
[Tue Nov 17 17:13:40 2015] <vanila> it's amazing how everything is about racism somehow
[Tue Nov 17 17:14:16 2015] <sunnymilk> lol
[Tue Nov 17 17:15:03 2015] <benzrf> vanila: if by 'racism' you mean 'human behavior operating under the same kind of dynamics as racism', then yes, it's pretty amazing
[Tue Nov 17 17:15:24 2015] <ianjneu> vanila: Racism is a prime example to illustrate power dynamics that lead to oppression and negative affect. There are plenty of communities that build more negative biases towards and actively push out people of other mindsets, background, group, etc.
[Tue Nov 17 17:15:36 2015] <johnw> wow, so how about that dependent type theory, guys
[Tue Nov 17 17:15:41 2015] <benzrf> :^]
[Tue Nov 17 17:15:51 2015] <vanila> nah this is an interesting discussion johnw
[Tue Nov 17 17:15:52 2015] <vanila> don't ruin it
[Tue Nov 17 17:15:57 2015] <johnw> prove it :)
[Tue Nov 17 17:16:40 2015] <companion_cube> you could create #coq-blah to discuss it, maybe
[Tue Nov 17 17:16:41 2015] <ianjneu> johnw: classic deflection.
[Tue Nov 17 17:17:02 2015] <johnw> ;)
[Tue Nov 17 17:17:16 2015] <johnw> intuististic deflection is hard, because I have to provide an alternate subject
[Tue Nov 17 17:17:26 2015] <sunnymilk> haha
[Tue Nov 17 17:17:28 2015] <benzrf> nice
[Tue Nov 17 17:17:33 2015] <vanila> good one
[Tue Nov 17 17:17:36 2015] <benzrf> hold on a second
[Tue Nov 17 17:18:00 2015] <benzrf> that deflection is ill-formed
[Tue Nov 17 17:18:08 2015] <johnw> uh oh
[Tue Nov 17 17:18:13 2015] <benzrf> you can't just use deflection as the alternate subject in a deflection
[Tue Nov 17 17:18:17 2015] <benzrf> that's ill-founded
[Tue Nov 17 17:18:26 2015] <johnw> I'm using deflection[+1]?
[Tue Nov 17 17:18:41 2015] <benzrf> hmmmmm
[Tue Nov 17 17:18:45 2015] <johnw> * summons the aid of impredicativity
[Thu Nov 19 16:12:39 2015] <nullcatxxx_> hello everyone, i have a quick question about vim setting for coq.
[Thu Nov 19 17:15:53 2015] <sanooj> nullcatxxx_: wwwwwwwwwwwwthe golden rule is to now ask to ask, but just ask.
[Thu Nov 19 17:16:06 2015] <sanooj> ooh. terminal wedge there. anyway, just shoot.
[Thu Nov 19 17:16:28 2015] <sanooj> s/now/not/
[Thu Nov 19 17:16:52 2015] <nullcatxxx_> it's more about vim setting i think. i'd like to have feature described in this issue https://github.com/the-lambda-church/coquille/issues/29
[Thu Nov 19 17:17:19 2015] <nullcatxxx_> i move cursor on a symbol. after some keystrokes, ":Coq Check xxx." is called
[Thu Nov 19 17:17:21 2015] <nullcatxxx_> and i can see the result
[Thu Nov 19 17:17:59 2015] <nullcatxxx_> i don't want to type ":Coq Check abcdefg." everytime
[Thu Nov 19 17:18:02 2015] <nullcatxxx_> or Print
[Thu Nov 19 17:18:13 2015] <sanooj> I go to the church of emacs myself, so I cannot help you infidel.
[Thu Nov 19 17:18:26 2015] <sanooj> * smites nullcatxxx_ !
[Thu Nov 19 17:18:27 2015] <nullcatxxx_> does emacs have this feature..?
[Thu Nov 19 17:19:07 2015] <sanooj> yes, with proofgeneral you can press C-c n and it will take you to the next statement automatically and show you the proof state
[Thu Nov 19 17:19:37 2015] <sanooj> there's probably a key binding you can do with vim.
[Thu Nov 19 17:19:49 2015] <nullcatxxx_> ok
[Thu Nov 19 17:20:26 2015] <sanooj> oh wait, that's not what you actually asked. I do end up writing Check xxx a lot.
[Thu Nov 19 17:20:39 2015] <sanooj> but there's no doubt a key binding for that. :)
[Thu Nov 19 17:23:40 2015] <nullcatxxx_> i'd like to have one...
[Thu Nov 19 17:23:43 2015] <nullcatxxx_> thanks anyway!
[Thu Nov 19 17:27:01 2015] <sanooj> np. glad to have helped the best way I can.
[Thu Nov 19 17:27:11 2015] <nullcatxxx_> sanooj : besides Software Foundations, what other resources do you recommend to learn Coq?
[Thu Nov 19 17:27:14 2015] <sanooj> maybe someone else who lurks and knows shit will pick up on it. :)
[Thu Nov 19 17:27:33 2015] <sanooj> well, I really like SF. I didn't complete all of it, but the bits I did were awesome.
[Thu Nov 19 17:28:08 2015] <sunnymilk> CPDT is great
[Thu Nov 19 17:28:11 2015] <nullcatxxx_> yes, I agree it is an awesomebook
[Thu Nov 19 17:28:16 2015] <nullcatxxx_> oh i see
[Thu Nov 19 17:28:42 2015] <sunnymilk> i highly recommend it
[Thu Nov 19 17:28:51 2015] <sanooj> CPDT is pretty good too. it's a bit like "learn coq the hard way"
[Thu Nov 19 17:29:17 2015] <sanooj> it's highly focused on automating things.
[Thu Nov 19 17:29:23 2015] <nullcatxxx_> i see. i'll finish Pierce's book first.
[Thu Nov 19 17:30:03 2015] <sanooj> I think it depends on what you want to do with coq. if you want to do practical software stuff then those are the way to go probably.
[Thu Nov 19 17:30:39 2015] <nullcatxxx_> i see
[Thu Nov 19 17:31:21 2015] <sanooj> if you want to do every day mathematics, then probably you need to get into things like the mathematical components library or the corn library and the research reports that go with them.
[Thu Nov 19 17:32:14 2015] <nullcatxxx_> emm, one thing I would like to write is formalizing meta-theory of system f-omega
[Thu Nov 19 17:32:16 2015] <nullcatxxx_> for example
[Thu Nov 19 17:32:18 2015] <sanooj> I personally have spen way too much time learning ssreflect and mathematical components. I thought it would be the best fit for my application domain, but honestly I haven't put equivalent time into other roads.
[Thu Nov 19 17:34:02 2015] <sanooj> that's quite out of my field I'm afraid, so I don't have anything useful to say about formalizing system f-omega. :/
[Fri Nov 20 13:36:23 2015] <jrw> johnw: I saw your coq-club post about the register allocator. what exactly did you manage to prove vs what's left to prove?
[Fri Nov 20 13:36:59 2015] <johnw> so, for example, the proof that no register allocations overlap
[Fri Nov 20 13:37:17 2015] <johnw> in the end, this was achieved using decidability in a way that generates an "error result" if they do in fact overlap
[Fri Nov 20 13:37:29 2015] <johnw> I was unable to prove that given the current algorithm, they cannot ever overlap
[Fri Nov 20 13:37:34 2015] <johnw> even though I think this should be possible
[Fri Nov 20 13:37:49 2015] <jrw> I see, makes sense.
[Fri Nov 20 13:38:00 2015] <johnw> in Spill.v and Split.v, you'll see lots of "jww" comments about things I'm deciding on that should be provable
[Fri Nov 20 13:38:20 2015] <jrw> you mentioned in your post something about "coverage". what exactly do you mean by that?
[Fri Nov 20 13:38:23 2015] <johnw> however, determing the evidence required was beyond the context provided (or my skills), which leads me to think that the code needs to become more proof-carrying to allow this
[Fri Nov 20 13:38:39 2015] <johnw> coverage meaning: there is a theorem governing every aspect of the defined semantics
[Fri Nov 20 13:40:59 2015] <jrw> so you're saying that there's code in this program that hasn't had anything proved about it? or is it more that some code hasn't had *everything possible* proved about it?
[Fri Nov 20 13:41:07 2015] <johnw> correct
[Fri Nov 20 13:41:18 2015] <johnw> for example, computing loop depths for basic blocks
[Fri Nov 20 13:41:35 2015] <johnw> that code is purely just a functional algorithm, no proofs whatsoever that the loop depths so computed are correct with respect to the code flow
[Fri Nov 20 13:42:29 2015] <johnw> which might cause us to make a poor choice of where to spill a variable; it won't lead to an incorrect allocation, but technically speaking it's not correct either; they could be random values for all I _know_
[Fri Nov 20 13:43:48 2015] <johnw> another one, and this is much more important, is calculating the live sets for entry and exit of blocks
[Fri Nov 20 13:43:57 2015] <johnw> proofless code, once again
[Fri Nov 20 13:43:58 2015] <jrw> cool. one last question: it sounds so far like nothing you've mentioned can affect correctness per se, because you either error out, in which case the caller will have to handle that error, or you make a suboptimal choice. is that fair? or are there ways in which correctness could be violated?
[Fri Nov 20 13:44:29 2015] <johnw> if live set calculation were wrong, I'd inject an incorrect move resolution, and I wouldn't know that it had happened
[Fri Nov 20 13:44:39 2015] <johnw> the runtime verifier would catch that, but the code wouldn't stop it from happening
[Fri Nov 20 13:45:17 2015] <johnw> I don't even think that proving live set calculation correct is even hard; I just lacked enough days in the week to do it all
[Fri Nov 20 13:45:42 2015] <johnw> the file Spec.v contains all the theorems that were proven about correctness that have no computational bearing on the extraction
[Fri Nov 20 13:47:14 2015] <jrw> do you have any sense of how much more time you would have needed to finish the proofs to your own satisfaction?
[Fri Nov 20 13:47:20 2015] <johnw> my final takeaway: I should have written this in Haskell, and used Coq for the runtime verifier, and then spent the extra time on an exhaustive test suite
[Fri Nov 20 13:47:52 2015] <johnw> to my satisfaction?  Perhaps another six months. I have a feeling that there would need to be some redesign to enable sufficient propagation of the required evidence
[Fri Nov 20 13:48:21 2015] <jrw> cool, it's an interesting project. thanks for sharing :)
[Fri Nov 20 13:48:23 2015] <johnw> note: I am happy with how certain segments of the code turned out
[Fri Nov 20 13:48:40 2015] <johnw> for example, the code dealing with use positions, range and intervals, is 100% proven
[Fri Nov 20 13:49:10 2015] <johnw> and since that's the foundation of the algorithm, it's very valuable to have that level of certainty
[Fri Nov 20 13:49:38 2015] <johnw> the code that allocates registers is also very solid
[Fri Nov 20 13:49:56 2015] <johnw> but the code that assigns registers, and thus generates spills and restores, and resolving moves based on the live set information, that code is the Wild West, effectively
[Fri Nov 20 13:50:47 2015] <johnw> it was also the code "written at the end", when time pressures started forcing me to throw correctness out the window to produce something that functioned
[Fri Nov 20 13:51:26 2015] <johnw> I've written an experience report on this implementation that was rejected for CPP, but hopefully after incorporating the reviewer's feedback, I'll be able to present at another venue next year
[Fri Nov 20 13:51:56 2015] <johnw> thanks for asking, jrw
[Fri Nov 20 13:52:56 2015] <jrw> nice. I'd be interested to look at a draft of the experience report if/when one is available.
[Fri Nov 20 13:53:37 2015] <johnw> jrw: sure, I'll send you one after I've incorporated the recent feedback
[Fri Nov 20 13:53:46 2015] <jrw> thanks :)
[Tue Nov 24 22:16:10 2015] <ThomazL> Is the "induction principle" generated by "Scheme" referring to a proof term?
[Thu Nov 26 15:20:29 2015] <SomeDamnBody> I'm a beginner with coq. I have the term n*1 = n that I want to prove... how can I get coq to see that?
[Thu Nov 26 15:21:40 2015] <SomeDamnBody> nevermind
[Thu Nov 26 15:23:00 2015] <SomeDamnBody> rather, I have n + m = n* 1 + m* 1
[Thu Nov 26 15:23:06 2015] <SomeDamnBody> and I have a lemma that already proves that
[Thu Nov 26 15:23:24 2015] <SomeDamnBody> and I want to rewrite it with something that matches just one of the variables at a time on one side of the =
[Thu Nov 26 17:41:46 2015] <SomeDamnBody> I have this inductive hypothesis in my local context
[Thu Nov 26 17:41:52 2015] <SomeDamnBody> I would like to unify p with S p
[Thu Nov 26 17:41:54 2015] <SomeDamnBody> IHp : (n + m) * p = n * p + m * p
[Thu Nov 26 17:43:36 2015] <SomeDamnBody> because I have something identical, and if I could just rewrite one side they would be reflexive
[Thu Nov 26 20:26:48 2015] <lpaste_> KaneTW pasted “No title” at http://lpaste.net/9193144310428598272
[Thu Nov 26 20:26:56 2015] <KaneTW> i'm trying to prove that ^ is well-founded
[Thu Nov 26 20:27:19 2015] <KaneTW> but i'm kind of stuck. i want to reduce that to well-foundedness of lt
[Mon Dec 21 18:22:42 2015] <Nik05> strange code also doesnt work on linux...
[Mon Dec 21 18:23:49 2015] <Nik05> I got the file Basics.v from Software Foundations which defines evenb for natural numbers
[Mon Dec 21 18:24:25 2015] <Nik05> In the file Induction.v Basics is mentioned in "Require Export Basics."
[Mon Dec 21 18:25:06 2015] <Nik05> When I click on go to end everything goes fine, but if I try to compile the buffer it says. "Error: The reference evenb was not found in the current encironment"
[Mon Dec 21 18:34:43 2015] <MitchellSalad> hi, anyone around?
[Mon Dec 21 18:35:36 2015] <Nik05> hello MitchellSalad
[Mon Dec 21 18:37:58 2015] <MitchellSalad> hi, moment... making an lpaste with my question
[Mon Dec 21 18:39:06 2015] <MitchellSalad> ok: http://lpaste.net/147621
[Mon Dec 21 18:39:48 2015] <MitchellSalad> I'm working through a simple proof that involves unfolding a function definition, and now I want to fold the RHS back up to apply the induction hypothesis
[Mon Dec 21 18:40:28 2015] <MitchellSalad> but I'm getting an error (see paste), and I'm not sure what the right syntax is to get around it, although I do understand the problem
[Mon Dec 21 18:41:40 2015] <Nik05> I don't know much about Coq. But I do know Haskell so folds oke :P
[Mon Dec 21 18:42:15 2015] <MitchellSalad> heh, ok. well this is #coq
[Mon Dec 21 18:42:35 2015] <Nik05> I know :P
[Mon Dec 21 18:45:14 2015] <johnw> hi MitchellSalad
[Mon Dec 21 18:45:24 2015] <MitchellSalad> hi
[Mon Dec 21 18:45:52 2015] <MitchellSalad> did you just join the channel? I have joins turned off. I can re-post my question if you can't see it
[Mon Dec 21 18:45:52 2015] <johnw> there are many times when you can't refold
[Mon Dec 21 18:45:58 2015] <johnw> I'm always here
[Mon Dec 21 18:46:01 2015] <johnw> I see your question
[Mon Dec 21 18:46:04 2015] <MitchellSalad> ok
[Mon Dec 21 18:46:34 2015] <MitchellSalad> so, is this one of those times?
[Mon Dec 21 18:46:58 2015] <johnw> let me check
[Mon Dec 21 18:47:29 2015] <johnw> where is your definition of fold?
[Mon Dec 21 18:48:00 2015] <Nik05> oh im interrested in that as well
[Mon Dec 21 18:48:57 2015] <MitchellSalad> oh, edited the paste. it's just foldr
[Mon Dec 21 18:50:25 2015] <johnw> so, do you want the answer, or just a hint?
[Mon Dec 21 18:50:38 2015] <MitchellSalad> I guess a hint :)
[Mon Dec 21 18:51:00 2015] <MitchellSalad> it seems like I should be able to rewrite the unfolded fold_length as just fold_length, though
[Mon Dec 21 18:51:01 2015] <johnw> instead of refolding fold, thinking about how you could further simplify your goal
[Mon Dec 21 18:51:11 2015] <johnw> alternatively, consider whether you have a rewrite available
[Mon Dec 21 18:51:46 2015] <johnw> because you're one rewrite away from reflexivity, at the point where you are stuck
[Mon Dec 21 18:52:06 2015] <MitchellSalad> i am?
[Mon Dec 21 18:52:09 2015] <johnw> yes
[Mon Dec 21 18:52:24 2015] <MitchellSalad> oh
[Mon Dec 21 18:52:40 2015] <MitchellSalad> got it :D thanks
[Mon Dec 21 18:52:43 2015] <johnw> :)
[Mon Dec 21 18:53:23 2015] <Nik05> oke now im going to try to solve it
[Mon Dec 21 18:56:58 2015] <Nik05> Oh it was that simpl
[Mon Dec 21 18:57:03 2015] <johnw> lol
[Mon Dec 21 18:57:12 2015] <Nik05> simple*
[Mon Dec 21 18:59:04 2015] <Nik05> fold_length (x :: l') = S (fold_length l')
[Mon Dec 21 19:00:48 2015] <Nik05> how can you prove that with just reflexivity?
[Mon Dec 21 19:02:08 2015] <johnw> just unfold fold_length; reflexivity.
[Mon Dec 21 19:03:38 2015] <Nik05> i dont even need to do an unfold
[Mon Dec 21 19:05:41 2015] <Cypi> Nik05 : those two terms are convertible, so reflexivity will solve that. In other words, they have the same normal form
[Mon Dec 21 19:06:03 2015] <Nik05> oke
[Mon Dec 21 19:07:30 2015] <Nik05> when i unfold fold. I see :: is used in my subgoal window instead of cons. How would I be able to use the :: in my script?
[Mon Dec 21 19:07:49 2015] <Nik05> I get Unknow interpretation for notation
[Mon Dec 21 19:07:53 2015] <johnw> import the list notations
[Mon Dec 21 19:08:37 2015] <johnw> Module Import LN := ListNotations.
[Mon Dec 21 19:09:24 2015] <Cypi> or just [Import ListNotations.]
[Mon Dec 21 19:09:30 2015] <johnw> ah, good to know!
[Mon Dec 21 19:09:49 2015] <Nik05> Cypi Error: ListNotations is not a module
[Mon Dec 21 19:10:19 2015] <Cypi> You need [Require Import List.] beforehand, sorry
[Mon Dec 21 19:10:46 2015] <Nik05> Ah oke, I didnt had the Import there
[Mon Dec 21 19:11:00 2015] <Nik05> still trying to do Software Foundations chapter 3...
[Mon Dec 21 19:11:07 2015] <Nik05> But Coq cant compile it :(
[Mon Dec 21 19:11:27 2015] <johnw> can't compile SF, or can't compile what you've added to it?
[Mon Dec 21 19:11:30 2015] <johnw> which version of Coq?
[Mon Dec 21 19:11:38 2015] <Nik05> johnw the beta
[Mon Dec 21 19:11:46 2015] <johnw> 8.5rc1 came out today
[Mon Dec 21 19:11:46 2015] <Nik05> 8.5
[Mon Dec 21 19:11:51 2015] <johnw> good luck getting SF to build with it though
[Mon Dec 21 19:12:10 2015] <Nik05> johnw yes it came out 3 days ago. Had problems on my Windows
[Mon Dec 21 19:12:18 2015] <Nik05> It keeped crashing in Windows
[Mon Dec 21 19:12:24 2015] <johnw> what came out 3 days ago?
[Mon Dec 21 19:12:25 2015] <Nik05> In linux I get the compile errors
[Mon Dec 21 19:12:28 2015] <Nik05> the rc1
[Mon Dec 21 19:12:28 2015] <Cypi> Hmm, I wonder if putting the time to produce a diff for a 8.5 SF would be worth it
[Mon Dec 21 19:12:32 2015] <johnw> ah, I only saw the rc1 announcement today
[Mon Dec 21 19:12:47 2015] <johnw> Cypi: I'd wait until after release
[Mon Dec 21 19:12:59 2015] <johnw> there, Nix is now updated with 8.5rc1
[Mon Dec 21 19:13:08 2015] <johnw> it works with ssreflect 1.6 too, as does 8.4pl6
[Mon Dec 21 19:13:30 2015] <Nik05> But why would it be hard to get SF compiled with it?
[Mon Dec 21 19:13:38 2015] <Nik05> THe first 3 chapters are really basic...
[Mon Dec 21 19:13:40 2015] <Cypi> I don't know if Pierce actually has plans to update SF. Probably?
[Mon Dec 21 19:13:58 2015] <Nik05> And I already get errors when compiling the 2nd chapeter\
[Mon Dec 21 19:14:18 2015] <johnw> I'm sure he will at some point
[Mon Dec 21 19:14:23 2015] <johnw> it's a course they still teach
[Mon Dec 21 19:14:59 2015] <Cypi> Actually, I'm surprised you have trouble compiling
[Mon Dec 21 19:15:19 2015] <Nik05> Is it the Require Export Basics?
[Mon Dec 21 19:15:20 2015] <johnw> -I changed its meaning
[Mon Dec 21 19:15:25 2015] <Nik05> oh
[Mon Dec 21 19:15:25 2015] <johnw> constructors require additional arguments now
[Mon Dec 21 19:15:31 2015] <johnw> there are a few major things that need tightening up
[Mon Dec 21 19:15:32 2015] <Cypi> I just compiled the first files (Basics, Induction, Lists) without any problems
[Mon Dec 21 19:15:38 2015] <Nik05> really Cypi ?
[Mon Dec 21 19:15:41 2015] <johnw> ah, nice
[Mon Dec 21 19:15:48 2015] <Nik05> Error: The reference evenb was not found in the current
[Mon Dec 21 19:15:50 2015] <johnw> maybe they fixed those gratuitous incompatibilities
[Mon Dec 21 19:15:50 2015] <Nik05> environment.
[Mon Dec 21 19:15:59 2015] <Nik05> oh this is beta im on...
[Mon Dec 21 19:16:03 2015] <Nik05> let me get the rc1...
[Mon Dec 21 19:16:04 2015] <Cypi> Well, I think so. Let me make sure I have a fresh version of SF.
[Mon Dec 21 19:17:11 2015] <Cypi> "coqc Basics.v Induction.v Lists.v" just works out of the box for me
[Mon Dec 21 19:17:18 2015] <Nik05> hm strange
[Mon Dec 21 19:17:57 2015] <Cypi> Ah, I start having troubles at Poly.v though :)
[Mon Dec 21 19:17:59 2015] <Nik05> I just downloaded sf again and tried it on a fresh one. Still got the error
[Mon Dec 21 19:18:11 2015] <Cypi> as johnw, because of constructors which require additional arguments
[Mon Dec 21 19:18:17 2015] <Nik05> But what does it mean the reference was not found in the current environment?
[Mon Dec 21 19:18:36 2015] <johnw> there's a way to revert back to the old constructor behavior
[Mon Dec 21 19:18:40 2015] <johnw> it's in the NEWS file
[Mon Dec 21 19:19:04 2015] <Cypi> It basically means that "evenb" is not defined, that's all
[Mon Dec 21 19:19:12 2015] <Cypi> so probably a problem of modules that are not correctly imported
[Mon Dec 21 19:19:18 2015] <Nik05> Oke
[Mon Dec 21 19:19:44 2015] <Nik05> Really strange. In CoqIDE can just proof everything
[Mon Dec 21 19:19:51 2015] <Nik05> but when I compile i get the error
[Mon Dec 21 19:20:02 2015] <Nik05> so CoqIDE knows evenb but the compiler doesnt...
[Mon Dec 21 19:20:09 2015] <Nik05> or something probably the same thing i dont know
[Mon Dec 21 19:20:23 2015] <Cypi> So, if you do "coqc Basics.v Induction.v Lists.v", you get an error? Also, "coqc -v" returns the expected version of Coq?
[Mon Dec 21 19:21:03 2015] <Cypi> h
[Mon Dec 21 19:21:09 2015] <Cypi> Oh, I know, maybe
[Mon Dec 21 19:21:14 2015] <Cypi> have you indeed compiled Basics.v?
[Mon Dec 21 19:21:40 2015] <Cypi> If I just do "coqc Induction.v", I get your error, so I hope that's just that
[Mon Dec 21 19:21:43 2015] <Nik05> Cypi coqc Basics.v Induction.v Lists.v gives no errors
[Mon Dec 21 19:21:50 2015] <Cypi> Well, there you go then ^^'
[Mon Dec 21 19:22:00 2015] <Nik05> but but....
[Mon Dec 21 19:22:14 2015] <Cypi> Don't ask what CoqIDE did, I have no idea I must say :p
[Mon Dec 21 19:22:18 2015] <Nik05> :P
[Mon Dec 21 19:23:45 2015] <Nik05> well it probably cant find Basics or something....
[Mon Dec 21 19:23:56 2015] <Nik05> well atleast I can continue now
[Mon Dec 21 19:24:21 2015] <Nik05> With Lists.v
[Mon Dec 21 19:24:41 2015] <Nik05> nope still not
[Mon Dec 21 19:24:49 2015] <Nik05> Cypi Unable to locate library Induction
[Mon Dec 21 19:24:57 2015] <Nik05> it didnt create the library...
[Mon Dec 21 19:25:42 2015] <Cypi> This is confusing... So, there is no "Inductiion.vo" file in your folder?
[Mon Dec 21 19:25:55 2015] <Cypi> -i
[Mon Dec 21 19:26:00 2015] <Nik05> there is...
[Mon Dec 21 19:26:14 2015] <Cypi> hum.
[Mon Dec 21 19:26:54 2015] <Cypi> Hmm. Maybe the working directory of CoqIDE is not the correct one.
[Mon Dec 21 19:26:55 2015] <Nik05> og wait
[Mon Dec 21 19:27:16 2015] <Nik05> I guess by clicking on Compile -> Compile Buffer, something strange happend again
[Mon Dec 21 19:27:23 2015] <Nik05> so I did another coqc and now it works
[Mon Dec 21 19:28:26 2015] <Cypi> Hum, ok
[Mon Dec 21 19:30:18 2015] <Nik05> thank you Cypi and johnw
[Mon Dec 21 19:30:37 2015] <Nik05> I hope coq in Windows gets fixed as well...
[Mon Dec 21 19:31:11 2015] <Nik05> The bar in the new CoqIDE is really nice
[Tue Dec 22 08:37:57 2015] <Nik05> * just found out about SearchAbout
[Tue Dec 22 08:38:12 2015] <Nik05> Is there a command window in CoqIDE?
[Tue Dec 22 08:38:45 2015] <Nik05> using SearchAbout in script and then remove it after usage is not really prefered
[Tue Dec 22 08:41:15 2015] <Nik05> oh there is Queries -> Search
[Tue Dec 22 08:41:33 2015] <Nik05> but it doesnt work on Notation it seems
[Tue Dec 22 08:41:56 2015] <Nik05> oh SearchAbout also doesnt work on notations
[Tue Dec 22 08:57:57 2015] <Nik05> oke wow
[Tue Dec 22 08:58:20 2015] <Nik05> Sometimes it just goes over Qed. even though the proof has not been given yet
[Tue Dec 22 08:58:37 2015] <Nik05> in the Coq 8.5b3
[Tue Dec 22 08:58:48 2015] <Nik05> strange
[Tue Dec 22 08:59:06 2015] <artart78> what do you mean?
[Tue Dec 22 08:59:58 2015] <Nik05> I got an unfinished proof and I clicked go to end. It goes to the end but does give an error for that proof
[Tue Dec 22 09:00:23 2015] <Nik05> when I got to the proof and use the forward command it just steps over the proof and doesnt give any errors anymore
[Tue Dec 22 09:01:35 2015] <Nik05> And now it doesnt
[Tue Dec 22 09:01:39 2015] <Nik05> its a little bugged
[Tue Dec 22 09:01:49 2015] <Nik05> Oke now it keeps complaining
[Tue Dec 22 09:02:35 2015] <Nik05> artart78 i cant reproduce it now
[Tue Dec 22 09:03:04 2015] <Nik05> But it is pretty nice how it does checks in the future
[Tue Dec 22 09:06:22 2015] <Nik05> artart78 it looked like it was admitting the proof but it marked it as proofed
[Tue Dec 22 09:09:08 2015] <artart78> well if you can't reproduce then that's good lol
[Tue Dec 22 09:13:12 2015] <Nik05> no that is not good :P
[Tue Dec 22 09:13:24 2015] <Nik05> artart78 are you a dev?
[Tue Dec 22 09:14:32 2015] <artart78> nope
[Tue Dec 22 09:14:40 2015] <Cypi> CoqIDE is able to see, sort of, if the content of a proof is independent of the rest of the file
[Tue Dec 22 09:14:54 2015] <Cypi> if so, then it can just assume the proof is correct (even if it is not) to compile the rest of the file
[Tue Dec 22 09:15:03 2015] <Cypi> sometimes it can, sometimes it can't
[Tue Dec 22 09:15:08 2015] <Nik05> Cypi you that is really nice
[Tue Dec 22 09:15:17 2015] <Nik05> but it also gives an error that the proof isnt solved yet
[Tue Dec 22 09:15:27 2015] <Nik05> but i just got that it didnt give an error at all
[Tue Dec 22 09:15:47 2015] <Nik05> but cant reproduce it, it gives errors again, which is good :P
[Tue Dec 22 09:20:22 2015] <Nik05> I have to go, have a good day.
[Tue Dec 22 21:05:55 2015] <elpetrero> Where should I look at if I want to do real analysis on coq?
[Tue Dec 22 21:06:07 2015] <elpetrero> There are some papers about it, but nothing like a tutorial...ç
[Tue Dec 22 21:14:58 2015] <benzrf> elpetrero: it's probably gonna be a pain in the ass, i can tell you that much
[Tue Dec 22 21:15:07 2015] <benzrf> as far as i can tell coq isn't too great at working with very set-y stuff
[Tue Dec 22 21:17:39 2015] <elpetrero> is there another theorem prover more suited for set-y stuff?
[Tue Dec 22 21:19:24 2015] <Nik05> What is set-y stuff?
[Tue Dec 22 21:19:34 2015] <elpetrero> well proof assistant
[Tue Dec 22 21:19:52 2015] <elpetrero> Nik05: standard math basically
[Tue Dec 22 21:19:59 2015] <elpetrero> standard analysis*
[Tue Dec 22 21:20:19 2015] <Nik05> oke
[Tue Dec 22 22:23:11 2015] <Nik05> how would i prove (if c then x + z else y + z) = (if c then x else y) + z ?
[Tue Dec 22 22:24:29 2015] <Cypi> by "destruct c" and then reflexivity?
[Tue Dec 22 22:26:04 2015] <Nik05> ah yes sorry. c = beq_nat a b
[Tue Dec 22 22:26:23 2015] <Cypi> Then "destruct (beq_nat a b)" :p
[Tue Dec 22 22:26:27 2015] <Nik05> oh
[Tue Dec 22 22:26:32 2015] <Nik05> its that simpl
[Tue Dec 22 22:26:39 2015] <Cypi> as long as it's the same 'c' in both sides, that should go fine
[Tue Dec 22 22:26:45 2015] <Nik05> oke
[Tue Dec 22 22:27:21 2015] <Nik05> it worked :)
[Tue Dec 22 22:28:02 2015] <Nik05> Thank you Cypi :P
[Tue Dec 22 22:43:20 2015] <Nik05> Oh man, finding the proof is so hard. Even though the proof can be so simple...
[Tue Dec 22 22:43:42 2015] <Nik05> Wanted to prove this. rev l1 = rev l2 → l1 = l2
[Tue Dec 22 22:44:34 2015] <Nik05> Tried induction, couldn't get it. Turns out it was just 3 rewrites. I had already proven rev rev l = l...
[Tue Dec 22 23:15:20 2015] <Nik05> So what was the thing in Poly.v about constructors that has changed in 8.5?
[Wed Dec 23 08:40:27 2015] <Nik05> So in 8.5 you now need to add an argmument to all your contructors of polymorphic data types?
[Wed Dec 23 12:18:41 2015] <johnw> Nik05: only if you don't enable the compatability flag
[Wed Dec 23 12:18:47 2015] <johnw> or make those arguments implicit some other way
[Wed Dec 23 12:19:01 2015] <Nik05> thank you johnw
[Wed Dec 23 16:22:54 2015] <Nik05> johnw where can i find information on why it is changed?
[Wed Dec 23 16:23:44 2015] <johnw> you could ask on the Coq-club mailing list
[Wed Dec 23 16:23:46 2015] <johnw> I don't know why
[Wed Dec 23 16:23:53 2015] <Nik05> Oke
[Thu Dec 24 15:02:37 2015] <johnw> has anyone else here, not involved with MIT, ever played with Fiat?
[Thu Dec 24 15:07:20 2015] <benzrf> whats that
[Thu Dec 24 15:08:59 2015] <johnw> http://plv.csail.mit.edu/fiat/
[Thu Dec 24 15:09:14 2015] <johnw> it's a program synthesis system built on Coq
[Thu Dec 24 15:10:05 2015] <benzrf> for some reason i thought adam chlipala was xplat
[Thu Dec 24 15:10:07 2015] <benzrf> idk why
[Thu Dec 24 15:10:29 2015] <johnw> he's Smerdyakov on IRC
[Thu Dec 24 15:10:53 2015] <benzrf> is there any docu for this
[Thu Dec 24 15:11:38 2015] <johnw> see the aformentioned URL
[Thu Dec 24 15:12:19 2015] <johnw> they have a POPL paper that is quite good
[Thu Dec 24 15:14:10 2015] <benzrf> m
[Thu Dec 24 15:14:49 2015] <johnw> I was just curious if anyone else had tried using it for anything
[Thu Dec 24 19:28:14 2015] <johnw> Favorite quote of the day from someone's master's thesis: "This may be an instance of a more general phenomenon present when programming with dependent types: subtle friction between what you think you are doing and what you are actually doing often manifests as impossible proof goals."
[Thu Dec 24 19:31:42 2015] <benzrf> nice
[Thu Dec 24 19:31:43 2015] <benzrf> n i ce, nice
[Thu Dec 24 19:32:01 2015] <benzrf> is there a tweet of that i can retweet
[Thu Dec 24 19:33:03 2015] <johnw> no
[Thu Dec 24 19:33:20 2015] <johnw> it's by jgross
[Thu Dec 24 19:38:40 2015] <benzrf> neat
[Thu Dec 24 19:39:47 2015] <benzrf> wait, did he just publish his thesis or did you just read it today
[Thu Dec 24 19:42:44 2015] <johnw> I have a pre-release copy
[Thu Dec 24 19:42:52 2015] <benzrf> cool
[Thu Dec 24 19:42:57 2015] <johnw> it's really good too, look for it when it hits bookstores near you ;)
[Thu Dec 24 19:43:31 2015] <benzrf> as of now ive ran into him 3 times as the teacher of mit esp classes i signed up for
[Thu Dec 24 20:49:34 2015] <benzrf> to what extent does HoTT eliminate the need for sets when talking about quotients
[Thu Dec 24 20:49:47 2015] <benzrf> like, in practice
[Thu Dec 24 20:50:31 2015] <benzrf> if i knew hott properly and i opened up coq in hott, could i go and define the reals using cauchy sequences and then feasibly reason about them without having to resort to manipulating sets?
[Sat Dec 26 11:46:37 2015] <Nik05> Goodmorning
[Sat Dec 26 12:29:16 2015] <benzrf> hey Nik05
[Sat Dec 26 12:30:16 2015] <Nik05> hey benzrf
[Sat Dec 26 19:24:15 2015] <Nik05> Hello
[Sat Dec 26 19:25:55 2015] <Nik05> in the SF there is an exercise to prove forall (n m o p : nat), m = (minustwo o) -> (n + p) = m -> (n + p) = (minustwo o). And it should be done with an `apply with`. But how?
[Sat Dec 26 19:27:18 2015] <Nik05> I can do a rewrite and then an apply...
[Sat Dec 26 19:27:42 2015] <Nik05> * still don't get the usage of apply. Now it just seams like an rewrite. reflexivity.
[Sat Dec 26 20:30:11 2015] <Nik05> oh I guess I know what apply does
[Sat Dec 26 20:30:48 2015] <Nik05> Now inversion, and apply with
[Wed Dec 30 18:54:01 2015] <Nik05> I learned haskell some time ago. I read about Coq also being a functional programming language, but you could prove thing with it. I like it, but I need to know some more theory to understand constructive logic and differnece with classical logic. Does someone have some reading material?
[Wed Dec 30 18:59:13 2015] <jrw> Nik05: you're reading software foundations, right?
[Wed Dec 30 18:59:34 2015] <Nik05> yes
[Wed Dec 30 19:00:25 2015] <jrw> have you done the Logic chapter?
[Wed Dec 30 19:00:38 2015] <Nik05> correct
[Wed Dec 30 19:00:42 2015] <Nik05> uh i mean yes
[Wed Dec 30 19:01:06 2015] <jrw> okay, I feel like that chapter is a decent introduction to the relevant issues. what do you want to know more about?
[Wed Dec 30 19:01:30 2015] <jrw> you did the exercises classical_axioms and excluded_middle_irrefutable?
[Wed Dec 30 19:02:14 2015] <Nik05> I could prove the equivalence of the classical axioms
[Wed Dec 30 19:02:23 2015] <Nik05> I did do the excluded middle irrefutable
[Wed Dec 30 19:02:30 2015] <Nik05> Can we start with the last?
[Wed Dec 30 19:02:38 2015] <Nik05> This theorem implies that it is always safe to add a decidability
[Wed Dec 30 19:02:47 2015] <Nik05> axiom"
[Wed Dec 30 19:03:15 2015] <Nik05> What do they mean there?
[Wed Dec 30 19:03:41 2015] <jrw> they mean that if you add a decidability axiom (an instance of LEM) then the resulting system is still consistent
[Wed Dec 30 19:05:04 2015] <Nik05> How does that theorem imply that?
[Wed Dec 30 19:05:45 2015] <Nik05> oh wait
[Wed Dec 30 19:05:47 2015] <jrw> okay let's say P0 is a particular proposition, and suppose adding P0 \/ ~ P0 as an axiom was inconsistent
[Wed Dec 30 19:06:01 2015] <jrw> then we would have a proof of false based on that axiom
[Wed Dec 30 19:06:03 2015] <Nik05> oke?
[Wed Dec 30 19:06:34 2015] <jrw> so in other words we'd have a proof (P0 \/ ~ P0 -> False), or in yet other words, a proof of ~ (P0 \/ ~ P0)
[Wed Dec 30 19:06:59 2015] <Nik05> ah oke
[Wed Dec 30 19:07:04 2015] <jrw> but the irrefutability of LEM says forall P, ~ (~ (P \/ ~ P))
[Wed Dec 30 19:07:24 2015] <jrw> and the proof of ~ (P0 \/ ~ P0) would contradict that by plugging in P0 for P
[Wed Dec 30 19:07:57 2015] <jrw> so if coq without axioms is consistent, then irrefutability of LEM shows that coq-with-instance-of-LEM is also consistent
[Wed Dec 30 19:08:10 2015] <Nik05> Ah I get it
[Wed Dec 30 19:08:17 2015] <Nik05> thank you jrw
[Wed Dec 30 19:08:21 2015] <jrw> np
[Wed Dec 30 19:08:35 2015] <Nik05> Is it hard to prove the equivalent of the classical axioms?
[Wed Dec 30 19:09:19 2015] <jrw> I thought you said you did it :p
[Wed Dec 30 19:09:31 2015] <Nik05> no i couldnt prove them
[Wed Dec 30 19:09:39 2015] <jrw> oh, okay :) depending on how exactly you go about it, some parts will be easy and some will be hard
[Wed Dec 30 19:10:22 2015] <Nik05> which one is the easiest? :P
[Wed Dec 30 19:10:48 2015] <jrw> to prove 5 things equivalent, the most "efficient" way is to pick an ordering and then to prove the first implies the second, the second implies the third, ... and the fifth implies the first
[Wed Dec 30 19:11:00 2015] <Nik05> that was my idea
[Wed Dec 30 19:11:11 2015] <jrw> some of those implications are harder than others, though
[Wed Dec 30 19:11:32 2015] <Nik05> Yes, do you know which one is not the hardest?
[Wed Dec 30 19:11:35 2015] <jrw> classic -> excluded middle should be relatively easy
[Wed Dec 30 19:11:40 2015] <Nik05> oke
[Wed Dec 30 19:12:03 2015] <Nik05> I tried peirce -> classic, but was stuck
[Wed Dec 30 19:12:12 2015] <jrw> anything with peirce is hard
[Wed Dec 30 19:12:19 2015] <Nik05> oh oke :P
[Wed Dec 30 19:13:19 2015] <Nik05> well thank you jrw, will try to work on it now
[Wed Dec 30 19:13:29 2015] <jrw> cool, good luck!
[Wed Dec 30 19:15:14 2015] <Nik05> oh that one is much easier than perice -> classic
[Wed Dec 30 19:16:38 2015] <jrw> the other thing to remember about all of these is that they all have short proofs, but the proofs are hard to find
[Wed Dec 30 19:16:47 2015] <Nik05> oke
[Wed Dec 30 19:20:54 2015] <johnw> hi Nik05
[Wed Dec 30 19:21:09 2015] <johnw> peirce -> classic is hard, come back to it later
[Wed Dec 30 19:21:25 2015] <johnw> all of those proofs are short, but most of them are highly non-obvious
[Wed Dec 30 19:21:36 2015] <Nik05> Oke thank you
[Wed Dec 30 19:21:51 2015] <johnw> I certainly did not solve them on the first go
[Wed Dec 30 19:21:56 2015] <johnw> more like the 8th attempt a month later :)
[Wed Dec 30 19:26:29 2015] <Nik05> oh, well we will see :)
[Wed Dec 30 19:52:38 2015] <Nik05> how can i specialize an hypothesis and leave the general hypothesis?
[Wed Dec 30 19:53:08 2015] <Nik05> oh a remember works
[Wed Dec 30 19:53:17 2015] <Nik05> oh cant
[Wed Dec 30 19:53:18 2015] <Nik05> wait
[Wed Dec 30 20:02:50 2015] <Nik05> Oke is this my lack in knowledge on Logic or
[Wed Dec 30 20:03:25 2015] <Nik05> johnw oh its johnw not jrw. Why cant i specialize and forall P, ... for a proposition P and one for Q?
[Wed Dec 30 20:04:07 2015] <Nik05> ... i specialize a hypothesis forall ... *
[Wed Dec 30 20:04:30 2015] <johnw> can I see the theorem type?
[Wed Dec 30 20:05:47 2015] <Nik05> (P \/ ~P) -> ~(~P /\ ~Q) -> P\/Q
[Wed Dec 30 20:06:00 2015] <Nik05> is what i want to prove
[Wed Dec 30 20:06:11 2015] <johnw> ok, so what was your question?
[Wed Dec 30 20:07:09 2015] <Nik05> sorry thats not correct (∀P, P \/ ~P) -> ∀P Q, ~(~P /\ ~Q) -> P\/Q
[Wed Dec 30 20:07:31 2015] <Nik05> how can i specialize the hypothesis (∀P, P \/ ~P)?
[Wed Dec 30 20:11:23 2015] <jrw> Nik05: if the hypothesis is named H and you want to specialize it to x, you can say "pose proof H x"
[Wed Dec 30 20:12:01 2015] <jrw> there's probably also a way to do it using only tactics SF has taught you, but I don't remember
[Wed Dec 30 20:12:12 2015] <Nik05> ah oke
[Wed Dec 30 20:12:18 2015] <Nik05> that will help me, thank you
[Wed Dec 30 20:12:27 2015] <Nik05> so what does `specialize` do then?
[Wed Dec 30 20:12:41 2015] <jrw> specialize "updates" H in place
[Wed Dec 30 20:12:51 2015] <Nik05> ah oke
[Wed Dec 30 20:12:52 2015] <jrw> but you want to copy it
[Wed Dec 30 20:13:18 2015] <Nik05> yes, so i tried remember, but that creates a third hypothesis: H = Hspec
[Wed Dec 30 20:15:30 2015] <Nik05> maybe it doesnt help me...
[Wed Dec 30 20:18:53 2015] <johnw> or also: specialize (H x).
[Wed Dec 30 20:25:24 2015] <Nik05> yes i finished it :)
[Wed Dec 30 20:33:16 2015] <Nik05> I like this prove
[Wed Dec 30 20:34:24 2015] <Nik05> http://lpaste.net/6903500333012484096
[Wed Dec 30 20:39:47 2015] <Nik05> but any idea how to do it without pose proof and specialize? Because I havent seen it in SF.
[Wed Dec 30 20:43:25 2015] <jrw> Nik05: one way would be to use assert
[Wed Dec 30 20:43:38 2015] <jrw> you have to write out the conclusion though :\
[Wed Dec 30 20:44:08 2015] <Nik05> ah oke
[Wed Dec 30 20:51:38 2015] <Nik05> oh this one is really simple
[Wed Dec 30 20:52:01 2015] <Nik05> had a pretty long proof but i did some circular things i could remove
[Wed Dec 30 20:52:29 2015] <Nik05> This one is really simple. http://lpaste.net/3668674061090684928
[Wed Dec 30 20:56:01 2015] <Nik05> now the peirce ones
[Wed Dec 30 21:21:12 2015] <Nik05> I like the LEM to de Morgan prove. Peirce I have no idea how.
[Wed Dec 30 21:29:40 2015] <jgross> There's this really neat way of describing the proof of Peirce -> LEM, where you show that, with a time machine, the devil can offer you the deal of either a million dollars, or the granting of any wish for the price of a million dollars (he gets to chose). ^.^ 
[Wed Dec 30 21:30:08 2015] <Nik05> lol
[Wed Dec 30 21:34:31 2015] <Nik05> http://math.stackexchange.com/questions/447098/why-peirces-law-implies-law-of-excluded-middle
[Wed Dec 30 21:35:08 2015] <Nik05> whats all the delta, iota, alpha, gamma etc?
[Wed Dec 30 21:35:28 2015] <Nik05> lambda calculus?
[Wed Dec 30 21:36:54 2015] <johnw> jgross: hello!
[Wed Dec 30 21:37:30 2015] <jgross> johnw: Hi! 
[Wed Dec 30 21:38:02 2015] <johnw> jgross: nice to see you here again ;)
[Wed Dec 30 21:40:32 2015] <jgross> I'm around on-and-off.	Usually if you mention my name, I'll see it ;) 
[Wed Dec 30 21:43:16 2015] <johnw> good to know :)  I'll have questions for you soon
[Wed Dec 30 22:26:42 2015] <Nik05> Oh I just proofed peirce -> classic, its the easiest...
[Wed Dec 30 22:27:21 2015] <Nik05> Solved it in 2 minutes...
[Wed Dec 30 22:28:02 2015] <Nik05> Well before I couldn't solve it. But After I did all the others and tried implies_to_or -> peirce
[Wed Dec 30 22:28:08 2015] <Nik05> so only need to do that one
[Wed Dec 30 22:28:35 2015] <Nik05> jrw one left to prove :)
[Wed Dec 30 22:44:55 2015] <Nik05> oh the tactice contradiction does apply ex_falso_quodlibet. apply .. apply .. for you
[Wed Dec 30 22:45:25 2015] <Nik05> than the proofs are even shorter, well "shorter"
[Wed Dec 30 22:51:21 2015] <Nik05> oh wait i can just use destruct
[Wed Dec 30 22:57:00 2015] <jgross> "shorter": Like [firstorder.]? 
[Wed Dec 30 22:57:15 2015] <Nik05> firstorder doesnt work :P
[Wed Dec 30 23:04:13 2015] <Nik05> feel like im almost there...
[Wed Dec 30 23:04:22 2015] <Nik05> only need to prove False :P
[Wed Dec 30 23:09:34 2015] <Nik05> have a good evening everyone
[Thu Dec 31 10:01:05 2015] <Nik05> goodmorning
[Thu Dec 31 13:29:33 2015] <johnw> Nik05: good morning!
[Thu Dec 31 13:33:57 2015] <Nik05> hey johnw
[Thu Dec 31 13:34:08 2015] <johnw> how're the proofs coming along?
[Thu Dec 31 13:34:42 2015] <Nik05> im stuck with the last one impl_to_or -> peirce
[Thu Dec 31 13:34:56 2015] <johnw> you've done the other 4?
[Thu Dec 31 13:35:06 2015] <Nik05> yes
[Thu Dec 31 13:35:41 2015] <johnw> ah yes, impl_to_or -> peirce was the last one I did too
[Thu Dec 31 13:36:18 2015] <Nik05> turns out peirce to classic was the easiest :P
[Thu Dec 31 13:36:26 2015] <johnw> yes
[Thu Dec 31 13:36:28 2015] <Nik05> looked at it yesterday and solved it really fast
[Thu Dec 31 13:36:32 2015] <johnw> same
[Thu Dec 31 13:36:43 2015] <johnw> the last 3 were the hardest for me
[Thu Dec 31 13:37:19 2015] <Nik05> de_morgan_not_and_not -> implies_to_or was also pretty easy
[Thu Dec 31 13:37:54 2015] <johnw> implies_to_or -> peirce is even a bit easier than that one, once you see it
[Thu Dec 31 13:38:02 2015] <Nik05> oh :P
[Thu Dec 31 13:53:44 2015] <Nik05> oh
[Thu Dec 31 13:53:48 2015] <Nik05> i thnik i got it...
[Thu Dec 31 13:54:07 2015] <Nik05> no...
[Thu Dec 31 13:54:40 2015] <Nik05> what i tried before was apply (P -> Q) -> P before the indcution step...
[Thu Dec 31 13:54:50 2015] <Nik05> changed those around and proof...
[Thu Dec 31 13:59:50 2015] <Nik05> and now I forgot what inversion does again...
[Thu Dec 31 14:00:28 2015] <johnw> basically it takes a hypothesis, and renders it into the truth necessary to allow that hypothesis
[Thu Dec 31 14:00:43 2015] <johnw> i.e., "what you can deduce from the hypothesis"
[Thu Dec 31 14:01:06 2015] <johnw> thus, inverting S n = S m, you know that n = m
[Thu Dec 31 14:02:04 2015] <Nik05> right oke
[Thu Dec 31 14:02:46 2015] <Nik05> they are all pretty simple except for excluded_middle -> de_morgan_not_and_not
[Thu Dec 31 14:02:59 2015] <Nik05> or maybe I just did it the hard way
[Thu Dec 31 14:03:27 2015] <johnw> that one is just as trivial as implies_to_or -> peirce
[Thu Dec 31 14:04:16 2015] <Nik05> well oke, you are right
[Thu Dec 31 14:05:31 2015] <Nik05> Oke now im at Prop.v and after that MoreLogic
[Thu Dec 31 20:40:17 2015] <Nik05> Happy New Year ##coq
[Thu Dec 31 22:10:46 2015] <tejing> This seems like I should be able to prove it, but I'm stuck... am I wasting my time? http://pastebin.com/MBWb5FFc
[Thu Dec 31 23:12:02 2015] <benzrf> tejing: this is interesting
[Thu Dec 31 23:16:55 2015] <tejing> benzrf: any progress?
[Thu Dec 31 23:17:44 2015] <benzrf> not really
[Thu Dec 31 23:17:47 2015] <benzrf> im gonna get up and think about it a lil
[Thu Dec 31 23:19:14 2015] <benzrf> all i can think is that this would presumably be trivial in extensional type theory :|
[Fri Jan  1 00:55:42 2016] <benzrf> tejing: had any luck?
[Fri Jan  1 00:55:45 2016] <benzrf> this is now bugging me
[Fri Jan  1 05:09:10 2016] <tejing> benzrf: nope I'm still stuck
[Fri Jan  1 16:28:04 2016] <jrw> tejing: http://pastebin.com/Afqmgivf
[Fri Jan  1 18:48:35 2016] <tejing> jrw: aha, thanks :-)
[Sat Jan  2 13:39:22 2016] <johnw> jgross_: ping
[Sat Jan  2 13:41:02 2016] <johnw> is there any way to "admit with existentials"?
[Sat Jan  2 13:42:37 2016] <johnw> ah, SF has just the thing: skip_with_existential
[Sat Jan  2 14:45:11 2016] <jgross_> johnw: [exfalso; clear; admit]? 
[Sat Jan  2 14:45:27 2016] <johnw> jgross_: hello!
[Sat Jan  2 14:45:38 2016] <jgross_> johnw: hi! 
[Sat Jan  2 14:45:42 2016] <johnw> jgross_: I had a question for you about why finish honing wasn't passing, but it was a problem with my abstraction relation
[Sat Jan  2 14:45:54 2016] <johnw> now my only proof left is that carried addition is associativity, and this example is done
[Sat Jan  2 14:47:20 2016] <jgross_> Nice!  What example are you working on?  And what were you changing the representation to? 
[Sat Jan  2 14:47:32 2016] <johnw> https://gist.github.com/22918b08df887deaf7a4
[Sat Jan  2 14:47:49 2016] <johnw> just something simple and yet more difficult to a Fiat newbie than working with plain sets
[Sat Jan  2 16:24:20 2016] <johnw> how do I change some EXPR as NAME throughout the goal?
[Sun Jan  3 00:48:17 2016] <tejing> is it possible to create a local hypothesis in a proof that has implicit arguments? some variation on assert?
[Sun Jan  3 01:02:08 2016] <tejing> to be clear, I mean the hypothesis has implicit arguments, not the proof.
[Sun Jan  3 01:06:19 2016] <johnw> assert (forall {n a} (x : Vec n a), ...) as H.
[Sun Jan  3 01:06:21 2016] <johnw> you mean like that?
[Sun Jan  3 01:09:28 2016] <tejing> johnw: yes, like that, but if I do that then try to use H the argument isn't actually implicit.
[Sun Jan  3 01:09:53 2016] <johnw> I would just pass "_" for the arguments you don't want to spcify
[Sun Jan  3 01:11:25 2016] <tejing> johnw: I'm looking at a case with like 6 implicit arguments, and I use it about 100 times in the proof... could get awful wordy. Right now it's a separate lemma, but this proof is the only place I use it, so I'd sort of prefer not to pollute the namespace.
[Sun Jan  3 01:11:39 2016] <johnw> put it into a Section
[Sun Jan  3 01:11:49 2016] <johnw> or, just use "Lemma" inside the proof itself
[Sun Jan  3 01:12:12 2016] <johnw> sorry, it wolud have to be in a Module, not a Section, to avoid being visible outside
[Sun Jan  3 01:14:15 2016] <tejing> johnw: hmm, I'll have to think about how I want it structured I guess
[Sun Jan  3 03:27:20 2016] <rrika> Hi, I'm currently working through https://www.cis.upenn.edu/~bcpierce/sf/current/Basics.html (Exercise andb_eq_orb)
[Sun Jan  3 03:27:26 2016] <rrika> There it says "Remember that you do not have to introduce all hypotheses at the same time."
[Sun Jan  3 03:27:29 2016] <rrika> What does that mean?
[Sun Jan  3 03:30:08 2016] <rrika> Also, what do I do when I have:
[Sun Jan  3 03:30:14 2016] <rrika>   H : false = true
[Sun Jan  3 03:30:16 2016] <rrika>   ====
[Sun Jan  3 03:30:19 2016] <rrika>   true = false
[Sun Jan  3 03:30:23 2016] <rrika> in proof general?
[Sun Jan  3 03:30:55 2016] <rrika> (Oh, figured it out, nevermind)
[Sun Jan  3 03:53:14 2016] <rrika> Also, if I have to inductive types in scope. How do I disambiguate in case their constructors have the same names?
[Sun Jan  3 03:53:22 2016] <rrika> *have two inductive types
[Sun Jan  3 07:43:49 2016] <nkaretnikov> rrika: not sure if someone already answered, but you can do something like intros H. instead of just intros. or intros H G K.
[Sun Jan  3 07:44:19 2016] <nkaretnikov> ah, just read your "nevermind" comment :)
[Sun Jan  3 12:46:58 2016] <johnw> rrika: "discriminate"
[Sun Jan  3 12:47:10 2016] <johnw> rrika: whenever you have an obvious inequality being expressed as an equality
[Sun Jan  3 12:47:28 2016] <johnw> e.g., two things that cannot be equal due to injectivity of constructors
[Sun Jan  3 13:41:27 2016] <johnw> how can I avoid Stack_overflow when using large natural numbers?  I'd like to just give Coq 8G of stack, is there an option for that?
[Sun Jan  3 13:46:01 2016] <jgross_> johnw: Use binary numbers rather than unary ones. 
[Sun Jan  3 13:46:10 2016] <johnw> well
[Sun Jan  3 13:46:34 2016] <johnw> I wanted to use [nat] in my Fiat spec specifically to show that the specification can be liberated from all performance concerns
[Sun Jan  3 13:46:51 2016] <johnw> in order to establish the meaning of the "result domain", I have an axiom
[Sun Jan  3 13:46:51 2016] <jgross_> Why are you using large numbers, then? 
[Sun Jan  3 13:46:58 2016] <johnw> I want to test that axiom using QuickChick
[Sun Jan  3 13:47:12 2016] <johnw> which wants to round-trip through up to 2^31 in the naturals
[Sun Jan  3 13:47:26 2016] <johnw> my refinement uses binary numbers
[Sun Jan  3 13:48:43 2016] <jgross_> Use the native version rather than the bytecode version?  I think the native version spins where the bytecode version stack overflows? 
[Sun Jan  3 13:48:56 2016] <johnw> how do I use a bytecode version?
[Sun Jan  3 13:49:15 2016] <jgross_> coqtop.opt vs coqtop.byte, I think 
[Sun Jan  3 13:50:00 2016] <johnw> i don't even know
[Sun Jan  3 13:50:08 2016] <nkaretnikov> johnw: Fiat as in the car brand?
[Sun Jan  3 13:50:09 2016] <johnw> I'm just using "coqtop"
[Sun Jan  3 13:50:21 2016] <johnw> no, Fiat as in the program synthesis framework from MIT
[Sun Jan  3 13:50:33 2016] <nkaretnikov> johnw: check your PATH
[Sun Jan  3 13:50:38 2016] <nkaretnikov> i have coqtop.opt etc
[Sun Jan  3 13:50:50 2016] <johnw> ah, I do too
[Sun Jan  3 13:50:50 2016] <nkaretnikov> coq<tab> lists them
[Sun Jan  3 13:50:52 2016] <johnw> which should I be using?
[Sun Jan  3 13:54:00 2016] <jgross_> johnw: See if using coqtop.opt instead makes it work better. 
[Sun Jan  3 13:54:50 2016] <johnw> same overflow
[Sun Jan  3 13:54:56 2016] <johnw> I mean granted, these are possibly HUGE naturals
[Sun Jan  3 13:55:00 2016] <johnw> so maybe this isn't even worth attempting
[Sun Jan  3 13:55:35 2016] <johnw> I'll try constraining it to a sub-domain
[Sun Jan  3 13:56:14 2016] <jgross_> Yeah, try keeping it below 20000 
[Sun Jan  3 13:59:27 2016] <johnw> yeah, that does work, it just makes for a pretty weak test :(
[Sun Jan  3 14:01:08 2016] <sunnymilk> im a finitist i dont believe in numbers greater than 20000
[Sun Jan  3 14:01:23 2016] <sunnymilk> i mean have you ever tried counting that high
[Sun Jan  3 14:01:30 2016] <johnw> haha
[Sun Jan  3 14:02:17 2016] <johnw> induction on int31 numbers is not fun
[Sun Jan  3 14:36:19 2016] <johnw> is there a good way of inducting over something like N, but as if it were a natural?  That is, I want to use the equivalence to prove in terms of naturals, and have the proof apply to N.  induction x using as_a_natural.
[Sun Jan  3 14:37:01 2016] <johnw> a generic tactic like "induction_as Type x", provided proofs of equivalence are available, would be neat
[Sun Jan  3 14:38:45 2016] <jgross_> You can prove N_as_nat_rect : forall (P : N -> Type), P 0 -> (forall x, P x -> P (x + 1)%N) -> forall x, P x. 
[Sun Jan  3 14:39:11 2016] <johnw> how is that N_as_nat?
[Sun Jan  3 14:39:23 2016] <jgross_> That's the induction principle for nat 
[Sun Jan  3 14:39:27 2016] <johnw> I mean, I want P : nat -> Type
[Sun Jan  3 14:39:45 2016] <johnw> ending as forall x, P (N.to_nat x) or something
[Sun Jan  3 14:39:53 2016] <johnw> except that of course this doesn't apply
[Sun Jan  3 14:40:05 2016] <jgross_> Are you looking for https://github.com/HoTT/HoTT/blob/master/theories/Tactics/EquivalenceInduction.v ? 
[Sun Jan  3 14:40:33 2016] <johnw> thats' a lot of code, but it feels about right
[Sun Jan  3 14:40:47 2016] <johnw> especially the example at the end
[Sun Jan  3 14:40:56 2016] <johnw> equiv_induction!  but I'd need a ton of HoTT machinery?
[Sun Jan  3 14:41:46 2016] <jgross_> You need HoTT.Basics and HoTT.Types 
[Sun Jan  3 16:57:18 2016] <rrika> how would I go about proving "forall q p, S q = S p -> q = p"?
[Sun Jan  3 16:57:32 2016] <johnw> inversion on the hypothesis
[Sun Jan  3 16:57:50 2016] <johnw> since constructors are known to always be injective, it can deduce q = p from it
[Sun Jan  3 16:58:26 2016] <johnw> if it had been a function, like foo q = foo p, you'd need a proof like inj_foo to show this fact
[Sun Jan  3 16:59:02 2016] <rrika> does the proof of injectivity of constructors have a name, by which I can refer to it?
[Sun Jan  3 16:59:16 2016] <johnw> it's a feature of CiC, there is no proof
[Sun Jan  3 16:59:47 2016] <rrika> I see. So what tactic would be useful here?
[Sun Jan  3 16:59:59 2016] <johnw> intros q p H; inversion H.
[Sun Jan  3 17:00:22 2016] <johnw> rrika: see http://stackoverflow.com/questions/32662889/how-do-we-know-all-coq-constructors-are-injective-and-disjoint
[Sun Jan  3 17:00:54 2016] <rrika> I see, thank you.
[Sun Jan  3 17:02:44 2016] <Cypi> "there is no proof" >> what of the proof term that "Show Proof." shows? Is that not a proof?
[Sun Jan  3 17:04:20 2016] <johnw> it's a proof term that relies on a fact of the environment, though, what does that tell you?
[Sun Jan  3 17:06:29 2016] <Cypi> I'm not sure what you mean. Just to be clear, [fun q p H => f_equal (fun e => match e with O => q | S n => n end) H] is a term that has the type [forall q p, S q = S p -> q = p]. Is that not a proof of the injectivity of S?
[Sun Jan  3 17:07:25 2016] <johnw> yes, but doesn't that proof rely on the definitional equality provided by CiC from the eq_refl constructor?
[Sun Jan  3 17:08:19 2016] <johnw> in which case, you're relying on the machinery of CiC to establish the equality for you, which is to say that you didn't define the semantics of constructor injecitivity yourself
[Sun Jan  3 17:08:49 2016] <johnw> although, I guess in the end everything arrives at an axiom, so maybe there's no point to be made here
[Sun Jan  3 17:09:06 2016] <johnw> "Why are constructors injective in Coq? Because they are."
[Sun Jan  3 17:09:26 2016] <rrika> Show Proof. is pretty cool
[Sun Jan  3 17:09:32 2016] <rrika> though a bit verbose
[Sun Jan  3 17:09:41 2016] <rrika> more similar to what I'm used to from LEAN
[Sun Jan  3 17:10:41 2016] <Cypi> "the definitional equality provided by CiC from the eq_refl constructor" >> which definitional equality do you mean?
[Sun Jan  3 17:10:46 2016] <rrika> is there a way to hover over something like "f_equal" and get the signature displayed? (in emacs)
[Sun Jan  3 17:10:51 2016] <johnw> Cypi: if you look at how f_equal is defined
[Sun Jan  3 17:10:59 2016] <Cypi> Yes, I expanded that definition
[Sun Jan  3 17:11:15 2016] <Cypi> It just relies on pattern-matching
[Sun Jan  3 17:11:20 2016] <johnw> it just does a match on eq_refl; there's no *code* there, just computation happening at the type -level
[Sun Jan  3 17:11:50 2016] <johnw> hmm
[Sun Jan  3 17:12:00 2016] <johnw> I could be totally wrong here, Cypi, just ignore me and I'll think on this for a while
[Sun Jan  3 17:12:12 2016] <Cypi> I don't know either, just wondering :)
[Sun Jan  3 17:12:45 2016] <johnw> when you have H : foo x = foo y, I can't just do inversion H, I have to apply inj_foo that proves the injectivity
[Sun Jan  3 17:12:52 2016] <johnw> but when I Have H : S x = S y, I can just inversion H
[Sun Jan  3 17:13:05 2016] <johnw> since I never proved inj_S, it's a fact that I get from defining "nat"
[Sun Jan  3 17:13:33 2016] <johnw> and I don't think this proof is one of the definition generated by Inductive either; I think it's just a consequence of it being an inductive datatype
[Sun Jan  3 17:13:57 2016] <johnw> that's the only distinction I meant to point out
[Sun Jan  3 17:14:00 2016] <Cypi> Indeed: you can pattern-match on an inductive datatype, and S is one of its constructors, that's why it works
[Sun Jan  3 17:14:23 2016] <johnw> injectivity of constructors is something you get from CiC by definition, it's not its own proof term
[Sun Jan  3 17:14:46 2016] <johnw> i.e., what would inj_S look it?  it would just be a match on eq_refl
[Sun Jan  3 17:14:51 2016] <johnw> s/look it/look like
[Sun Jan  3 17:16:41 2016] <johnw> but inj_foo would have a term behind it with some code (assuming foo isn't just calling constructors)
[Sun Jan  3 17:20:29 2016] <Cypi> I still feel like "there is no proof" is technically incorrect, since there is an actual proof which relies solely on the typing of pattern-matching in general.
[Sun Jan  3 17:20:55 2016] <rrika> I don't know the exact syntax of match yet, but it seems to me that that's where the magic is happening.
[Sun Jan  3 17:21:01 2016] <rrika> unifying S x with S y
[Sun Jan  3 17:21:15 2016] <Cypi> Yes, dependent pattern-matching is complicated ^^'
[Sun Jan  3 17:21:21 2016] <Cypi> (I think)
[Sun Jan  3 17:21:25 2016] <rrika> "match H in (_ = y) return (y = S p -> q = p) with | eq_refl =>"
[Sun Jan  3 17:21:45 2016] <rrika> (using p and q here instead of x and y)
[Sun Jan  3 17:24:50 2016] <Cypi> johnw : actually, now that I think about it, it works because we can define some function f such that [f (S q) = q] forall q...which is another way of saying that S is injective. And we can define this function easily by pattern-matching. So in some sense you're right, the injectivity of constructors is given by CiC because we're allowed to pattern-match on inductive datatypes.
[Sun Jan  3 17:35:57 2016] <johnw> that makes sense
[Sun Jan  3 17:37:23 2016] <johnw> I guess an interesting point here would be to do a pen-and-paper proof of the injectivity of constructors, and see what it is necessary to assume to make that possible
[Sun Jan  3 18:07:59 2016] <jgross_> So, the inversion of S is really easy, it's just (f_equal pred).  The inversion of more complicated types basically involves defining a function that tells you which ones you have.  There's some work on describing how to do these kinds of things in general in the HoTT book, under the encode-decode method. 
[Mon Jan  4 03:53:14 2016] <jstolarek> http://lpaste.net/148409
[Mon Jan  4 03:53:34 2016] <jstolarek> I don't understand the definition of `semantics` in my paste
[Mon Jan  4 03:54:03 2016] <jstolarek> waht is the curly braces notation? And what does & mean ?
[Mon Jan  4 04:03:54 2016] <companion_cube> I suspect { } is the dependent product and & the Set-level conjunction (whereas /\ is for Prop)
[Mon Jan  4 04:24:30 2016] <jstolarek> companion_cube: thanks.
[Mon Jan  4 04:24:45 2016] <jstolarek> Locate "&" tells me: "{ x : A  & P }" := sigT (fun x : A => P)
[Mon Jan  4 04:25:29 2016] <companion_cube> oh I see, it's part of the { }
[Mon Jan  4 04:29:33 2016] <jstolarek> and is there a way to check the type of P ?
[Mon Jan  4 04:29:58 2016] <jstolarek> or, in general, binders introduced using fun
[Mon Jan  4 04:31:19 2016] <companion_cube> the type of  fun x:A => P   is, in general,    forall x:A, type_of_p
[Mon Jan  4 04:31:29 2016] <companion_cube> where x:A |- P : type_of_p
[Mon Jan  4 04:33:41 2016] <jstolarek> right, but if I have "fun a => ..." how do I learn the type of "a" ?
[Mon Jan  4 04:33:52 2016] <jstolarek> or, in your example
[Mon Jan  4 04:34:15 2016] <jstolarek> if the source code contains "fun x => P" how do I learn that x : A ?
[Mon Jan  4 04:34:44 2016] <companion_cube> it's inferred by Coq
[Mon Jan  4 04:34:50 2016] <companion_cube> (inference can fail)
[Mon Jan  4 04:35:04 2016] <companion_cube> but for instance, if you write    fun x -> x /\ ~x
[Mon Jan  4 04:35:10 2016] <companion_cube> Coq can infer that  x : Prop
[Mon Jan  4 04:35:40 2016] <jstolarek> but in general, for a definition of a lambda is there a way to ask Coq what types did it infer for the binders?
[Mon Jan  4 04:35:59 2016] <jstolarek> so in  my example:
[Mon Jan  4 04:36:00 2016] <jstolarek> fun P s => { p : pre pt s & subset (post pt s p) P }
[Mon Jan  4 04:36:10 2016] <jstolarek> I want to ask Coq what types for P and s did it infer
[Mon Jan  4 04:36:20 2016] <jstolarek> and I want it to tell me that P : Type and s : P
[Mon Jan  4 04:36:26 2016] <jstolarek> can I do that somehow?
[Mon Jan  4 04:38:39 2016] <companion_cube> I don't know how to do it directly
[Mon Jan  4 04:38:57 2016] <companion_cube> you can use    Check (fun P s => { p : ....... }).
[Mon Jan  4 04:39:02 2016] <companion_cube> it will give you the result type
[Mon Jan  4 08:50:56 2016] <rrika> I just proved 'mult_comm' from Software Foundations/Induction but it turned out to be quite ugly. Anyone have an elegant solution for it?
[Mon Jan  4 10:48:32 2016] <rrika> I'm trying to write a recursive function that returns a tuple of two natural numbers
[Mon Jan  4 10:48:37 2016] <rrika> I wrote "Fixpoint log2_and_remainder (n unit: nat) : (nat, nat) := …"
[Mon Jan  4 10:48:48 2016] <rrika> Gave me: The term "(nat, nat)" has type "(Set * Set)%type" which should be Set, Prop or Type.
[Mon Jan  4 10:49:03 2016] <rrika> what does that mean?
[Mon Jan  4 10:51:16 2016] <Cypi> The type that you are looking for is "nat * nat"
[Mon Jan  4 10:51:45 2016] <rrika> ah
[Mon Jan  4 10:51:59 2016] <Cypi> (a, b) is an inhabitant of some type A * B, which is why Coq is complaining: (nat, nat) is an inhabitant of Set * Set (because nat has type Set)
[Mon Jan  4 10:52:11 2016] <rrika> right, makes sense
[Mon Jan  4 11:08:33 2016] <rrika> Is there anyway to show Fixpoint that an argument is decreasing?
[Mon Jan  4 11:10:54 2016] <rrika> Fixpoint foobar (n : nat) : … := … (foobar (decrement n))…
[Mon Jan  4 11:12:31 2016] <Cypi> You can add {struct n} to your definition to specifiy which argument is decreasing
[Mon Jan  4 11:12:46 2016] <Cypi> Fixpoint foobar (n : nat) {struct n} : ... := ...
[Mon Jan  4 11:12:51 2016] <Cypi> but maybe that's not what you asked for
[Mon Jan  4 11:13:26 2016] <rrika> yeah, that doesn't help here
[Tue Jan  5 09:58:46 2016] <tbelaire> Hey, I've worked on the vim plugin that talks to coqtop, what's changed in 8.5?
[Tue Jan  5 09:59:02 2016] <tbelaire> Is there a summary of the changes that impact the protocall?
[Tue Jan  5 10:04:07 2016] <rks`> https://github.com/coq/coq/blob/trunk/CHANGES#L503
[Tue Jan  5 10:04:17 2016] <rks`> is the best you're going to get I think
[Tue Jan  5 10:08:46 2016] <rks`> I'd maybe look at the -toploop option if I were you
[Tue Jan  5 10:47:46 2016] <tbelaire> I did look at that changelog.  Where can I read more about how toploop is supposed to work?
[Tue Jan  5 10:51:41 2016] <rks`> in the source code...
[Tue Jan  5 10:51:57 2016] <rks`> or send an email to coq-club (or coq-dev?)
[Tue Jan  5 11:00:44 2016] <tbelaire> Sure.
[Tue Jan  5 12:58:10 2016] <Fuco> so I have: assert (inv x * (x * y) = inv x * (x * z)) as Hinv.  then when I try "rewrite assoc in Hinv." on next line it complains that hypothesis Hinv doesn't exist.  What am I doing wrong?
[Tue Jan  5 12:58:59 2016] <Cypi> First you have to prove your hypothesis. When it's proven, then you can use it (use Hinv) to prove your original goal
[Tue Jan  5 13:01:18 2016] <Fuco> oh I see
[Tue Jan  5 13:01:31 2016] <Fuco> I can only rewrite that term after I prove it
[Tue Jan  5 13:03:43 2016] <Fuco> Cypi: thanks, now I understand how it is supposed to be used :)
[Tue Jan  5 13:04:12 2016] <Fuco> I skipped ahead in my infinite wisdom and assumed things which aren't true
[Tue Jan  5 13:35:29 2016] <Fuco> I used 'elim' to break apart a conjunctive assumption, then the tutorial mentions 'split', but why would I used that over simply 'intros' to pull in the two parts
[Tue Jan  5 14:32:56 2016] <Fuco> anyone knows how I re-run a proof in Proof General (in emacs) C-c C-p tells me no proof is focused, and I don't know how to focus it
[Tue Jan  5 15:30:08 2016] <Fuco> I have H : A -> B and H0 : A, how do I do modus ponens?
[Tue Jan  5 15:30:51 2016] <Cypi> [apply H in H0] or [specialize (H H0)] or [pose proof (H H0) as H1] depending on how you want to manage your hypotheses.
[Tue Jan  5 15:30:59 2016] <Cypi> (the "as H1" is optional)
[Tue Jan  5 15:32:09 2016] <Fuco> thanks
[Tue Jan  5 15:35:21 2016] <Fuco> I'm getting a bit confused about apply reasoning "backwards", but I suppose I'll get used to it.
[Tue Jan  5 15:35:32 2016] <Fuco> well... it can go both ways
[Tue Jan  5 15:43:50 2016] <johnw> backwards is going from what you have to what you need to have it
[Tue Jan  5 15:44:01 2016] <johnw> forward is going from what is needed to what results from it
[Tue Jan  5 15:44:22 2016] <johnw> actually, backwards is going from what is needed to what you need to obtain it
[Tue Jan  5 15:47:18 2016] <Fuco> Yes. I mean I know how it works just the UI seems a bit confusing :P
[Tue Jan  5 15:47:30 2016] <Fuco> I have the proof on paper on 3 lines and in coq on 20 :D
[Tue Jan  5 15:47:40 2016] <johnw> show me yoru proof?
[Tue Jan  5 15:47:52 2016] <Fuco> I'm just doing simple stuff about groups, I started with Coq today
[Tue Jan  5 15:47:57 2016] <Fuco> I need to get more familiar with it
[Tue Jan  5 15:48:05 2016] <johnw> I'm pretty sure the 20 lines isn't Coq's fault then :)
[Tue Jan  5 15:48:14 2016] <Fuco> it's not indeed
[Tue Jan  5 15:48:22 2016] <Fuco> as I said I just started today
[Tue Jan  5 15:48:44 2016] <Fuco> someone in #haskell linked an interesting post so I said what the hell, let's see what the fuss is about :D
[Tue Jan  5 15:49:05 2016] <johnw> so, if you show me the proof, I could help reduce its size
[Tue Jan  5 15:49:27 2016] <Fuco> I already got it down to 3 after figuring apply can do this backward chaining
[Tue Jan  5 15:49:31 2016] <Fuco> or whatever we call it
[Tue Jan  5 15:49:53 2016] <Fuco> what I did was 'assert' lots of inbetween results I proved separately and then applied modus ponens
[Tue Jan  5 15:50:04 2016] <johnw> ah
[Tue Jan  5 15:50:26 2016] <johnw> what was the theorem you were trying to prove?
[Tue Jan  5 15:50:37 2016] <Fuco> that x-1-1 = x
[Tue Jan  5 15:51:03 2016] <Fuco> in the end I just used uniqueness of inverse element and left inverse law and that's it
[Tue Jan  5 15:51:05 2016] <johnw> I guess I don't know what - means
[Tue Jan  5 15:51:11 2016] <johnw> oh, x^-1^-1
[Tue Jan  5 15:51:16 2016] <Fuco> x^-1, yea sorry
[Tue Jan  5 15:51:22 2016] <Fuco> somehow that got lost
[Tue Jan  5 15:51:36 2016] <Fuco> iow inversion is involution
[Tue Jan  5 15:51:48 2016] <johnw> involutive
[Tue Jan  5 15:51:52 2016] <johnw> right?
[Tue Jan  5 15:52:02 2016] <Fuco> a function is involution if f(f(x)) = x
[Tue Jan  5 15:52:14 2016] <johnw> oh, I've always said "a function is involutive if..."
[Tue Jan  5 15:52:17 2016] <Fuco> https://en.wikipedia.org/wiki/Involution_(mathematics)
[Tue Jan  5 15:52:32 2016] <Fuco> both are OK, one is noun and the other adjective
[Tue Jan  5 15:53:06 2016] <Fuco> foote and mac lane use involution at least, so that's what I use :P
[Tue Jan  5 15:54:03 2016] <johnw> but they don't say "is involution"
[Tue Jan  5 15:54:10 2016] <johnw> maybe "is _an_ involution"
[Tue Jan  5 15:55:07 2016] <Fuco> I guess proper english would be with an article, sure
[Tue Jan  5 15:56:44 2016] <Fuco> when I have "x * y * inv y * inv x = e" and a theorem "foreach x: x * inv x = e", how would I apply that to the y * inv y in the middle?
[Tue Jan  5 15:56:52 2016] <Fuco> forall*
[Tue Jan  5 15:57:37 2016] <johnw> you'd need to exactly apply assocativity theorems for * until you had x * (y * inv y) * inv x
[Tue Jan  5 15:57:46 2016] <Fuco> bleh
[Tue Jan  5 15:57:56 2016] <Fuco> let's left and right multiply then
[Tue Jan  5 15:58:17 2016] <johnw> then a commutitivity, another assocativity, and you'd have e * (x * inv x) = e
[Tue Jan  5 15:58:29 2016] <Fuco> commutativity isn't free
[Tue Jan  5 15:58:40 2016] <johnw> ah
[Tue Jan  5 15:58:48 2016] <johnw> i guess then just x * e = x, right?
[Tue Jan  5 15:58:56 2016] <johnw> so then you'd have x * inv x = e, and you'd be done
[Tue Jan  5 15:59:01 2016] <Fuco> yea
[Tue Jan  5 16:03:57 2016] <Fuco> when I have a rule R, a = b and I do 'rewrite R' it replaces a with b, how can I use the substitution b = a?
[Tue Jan  5 16:05:12 2016] <Cypi> 'rewrite <- R'
[Tue Jan  5 16:44:36 2016] <Fuco> so this is how I defined groups: http://sprunge.us/EiNg, now how would I define something like a group homomorphism?
[Tue Jan  5 16:44:48 2016] <Fuco> I guess this definition is too simplistic to allow that, but that's what the tutorial started with
[Tue Jan  5 16:45:01 2016] <Fuco> I need to get some solid book on this... the internet is surprsingly useless
[Tue Jan  5 16:46:28 2016] <johnw> so, you can do something like this in several different ways
[Tue Jan  5 16:46:35 2016] <johnw> module types, as you've started here
[Tue Jan  5 16:46:38 2016] <johnw> type classes, ala Haskell
[Tue Jan  5 16:46:42 2016] <johnw> and canonical structures
[Tue Jan  5 16:47:52 2016] <johnw> there are lots of math libraries out in the wild, you could derive inspiritaion for how to deal with homomorphisms from one of them
[Tue Jan  5 16:50:55 2016] <Cypi> Are "canonical structures" Records in practice?
[Tue Jan  5 16:52:27 2016] <johnw> they use records, but that's not the whole story
[Tue Jan  5 16:52:39 2016] <johnw> it's what ssreflect uses for its algebraic structures
[Tue Jan  5 16:52:54 2016] <johnw> more info here: https://hal.inria.fr/hal-00816703/en
[Tue Jan  5 16:53:01 2016] <johnw> "Canonical Structures for the working Coq user"
[Tue Jan  5 16:53:04 2016] <johnw> that describes their motivation and approach
[Tue Jan  5 16:55:18 2016] <Cypi> Thanks
[Wed Jan  6 04:03:18 2016] <paldepind> I'm reading "Software Foundations" and I've just proved `andb b c = true -> c = true`. I used `destruct b` and was asked to prove `c = true` for both `b = true` and `b = false`. But when `b = false` the hypothesis is `andb false c = true`. But that is clearly false. Why should I do a proof when the hypothesis is false?
[Wed Jan  6 04:03:54 2016] <paldepind> Here is my proof: http://lpaste.net/148516
[Wed Jan  6 04:05:24 2016] <QF-MichaelK> paldepind: disproving things is just as important
[Wed Jan  6 04:06:02 2016] <QF-MichaelK> You can just consider negating the statement and proving that
[Wed Jan  6 04:08:22 2016] <paldepind> QF-MichaelK, but if I did the proof on paper then for `b = false` I'd say that the goal `andb b c = true -> c = true` is equal to `andb b c != true \/ c = true`, and `b = false` so `andb b c = false`.
[Wed Jan  6 04:08:32 2016] <paldepind> Does that make sense? Can I do the same in Coq?
[Wed Jan  6 04:09:43 2016] <companion_cube> if you have  `andb false c = true`, you could `destruct c` and disprove each case
[Wed Jan  6 04:11:21 2016] <paldepind> companion_cube, I did complete the proof by doing `destruct c`. But it seems a bit unnatural to me.
[Wed Jan  6 04:12:03 2016] <companion_cube> well, it is 'clearly false' only because you know the truth table by heart :)
[Wed Jan  6 04:12:16 2016] <companion_cube> I suspect there are already some lemmas proving this kind of stuff, though
[Wed Jan  6 04:12:37 2016] <paldepind> But I can get the goal down to `false = true -> c = true`. That's obviously true.
[Wed Jan  6 04:13:24 2016] <paldepind> That is `false != true \/ c = true`.
[Wed Jan  6 04:13:43 2016] <companion_cube> no, that is not the same thing (-> is intuitionistic implication)
[Wed Jan  6 04:13:57 2016] <companion_cube> for  `false = true -> c = true`, you can    `intro H; inversion H.`
[Wed Jan  6 04:15:10 2016] <paldepind> So what I'm saying is only true in classical logic?
[Wed Jan  6 04:15:39 2016] <companion_cube> `A -> B` is only the same as `~A \/ B` in classical logic, yes
[Wed Jan  6 04:16:48 2016] <paldepind> Ok. Then that is probably why I am confused. I think classical logic is what I've learned.
[Wed Jan  6 04:17:26 2016] <companion_cube> intuitionistic logic is a subset of classical logic, it should not be too surprising; but indeed  ->  is much more important
[Wed Jan  6 04:18:50 2016] <paldepind> Does that mean that in intuitionistic logic `->` has a different truth table?
[Wed Jan  6 04:19:16 2016] <tejing> paldepind: lose the idea of truth tables... they implicitly assume the law of the excluded middle :-)
[Wed Jan  6 04:20:23 2016] <companion_cube> yeah, I was talking about the truth table of andb, earlier, not of /\
[Wed Jan  6 04:21:54 2016] <paldepind> tejing, ok. I'll try to forget about them.
[Wed Jan  6 07:16:20 2016] <wouter__> Hi. I am trying to prove this: {a = a0 \/ List.In a l} + {~ (a = a0 \/ List.In a l)} given: X : forall x y : A, {x = y} + {x <> y}
[Wed Jan  6 07:18:33 2016] <wouter__> I would like to have the goal {a = a0} + {~ a = a0} \/ {List.In a l} + {~ List.In a l}
[Wed Jan  6 07:18:44 2016] <wouter__> But I dont know how to get there
[Wed Jan  6 07:19:15 2016] <wouter__> Can someone help?
[Wed Jan  6 07:31:58 2016] <artart78> wouter__: maybe rewrite negb_orb? not sure if this ~ is negb though
[Wed Jan  6 07:33:44 2016] <Cypi> This second goal does not have a valid type. A \/ B requires A and B to be Prop, which is not the case here
[Wed Jan  6 07:34:08 2016] <wouter__> ah owke
[Wed Jan  6 07:34:59 2016] <Cypi> You could probably [destruct (X a a0)] and do the same with your induction hypothesis (I suppose you have one), and select accordingly which side of the goal you can prove
[Wed Jan  6 07:37:02 2016] <wouter__> destruct (X a a0) helps
[Wed Jan  6 07:37:07 2016] <wouter__> thank you
[Wed Jan  6 07:47:14 2016] <Fuco> is there some point of using (A /\ B) -> C instead of A -> B -> C ?
[Wed Jan  6 07:48:35 2016] <Fuco> this is basically result of 'curry' on the first "type"
[Wed Jan  6 07:48:58 2016] <Fuco> so there is maybe some case where that form is superior, but when
[Wed Jan  6 09:24:11 2016] <Anarchos> Who does use compcert ?
[Wed Jan  6 10:28:45 2016] <sgnb> Anarchos: I heard Airbus was interested
[Wed Jan  6 10:36:23 2016] <sgnb> there must be commercial users: http://www.absint.com/compcert/
[Wed Jan  6 13:44:06 2016] <bollu> hello all
[Wed Jan  6 13:44:20 2016] <bollu> I want to run the Coq interpreter from the command line, but I want to import a file as well
[Wed Jan  6 13:44:23 2016] <bollu> like GHCI's :load
[Wed Jan  6 13:44:26 2016] <bollu> is it possible?
[Wed Jan  6 13:44:45 2016] <johnw> let me see
[Wed Jan  6 13:45:00 2016] <johnw> go into the SF directory
[Wed Jan  6 13:45:02 2016] <johnw> run "coqtop"
[Wed Jan  6 13:45:07 2016] <johnw> then type "Require Import Prop."
[Wed Jan  6 13:45:23 2016] <johnw> (for example)
[Wed Jan  6 13:46:43 2016] <bollu> johnw: I think Require Import "Basics." worked :)
[Wed Jan  6 13:46:45 2016] <bollu> thanks a lot!
[Wed Jan  6 13:46:48 2016] <johnw> sure
[Wed Jan  6 13:46:53 2016] <johnw> although, really, Proof General is the way to go
[Wed Jan  6 13:46:57 2016] <johnw> (in Emacs)
[Wed Jan  6 13:47:07 2016] <bollu> oh, I tried looking for it in MELPA and it wasn't there
[Wed Jan  6 13:47:16 2016] <bollu> I assumed it was discontinued or something
[Wed Jan  6 13:47:19 2016] <bollu> I'll install it
[Wed Jan  6 13:54:27 2016] <johnw> a friend of mine just mentioned that fact yesterday
[Wed Jan  6 13:54:34 2016] <johnw> also, install the development version, 4.3pre
[Wed Jan  6 14:01:09 2016] <Fuco> the released version doesn't build on newer emacsen yea... if at all :/
[Wed Jan  6 15:06:04 2016] <Fuco> I think I don't understand how introducing variables works... I have 'Variable G : Set.' and then define some group stuff with that.  BUt how would I add another group without redefining all the properties with 'H'?
[Wed Jan  6 15:06:34 2016] <johnw> not *entirely* clear on what you mean
[Wed Jan  6 15:06:45 2016] <johnw> the Section should group all definitions that rely on a common G
[Wed Jan  6 15:06:48 2016] <Fuco> I now want to prove something involving two groups
[Wed Jan  6 15:06:55 2016] <johnw> you put definitions that don't after the close of that section
[Wed Jan  6 15:06:56 2016] <Fuco> but I always only used forall x : G ...
[Wed Jan  6 15:07:04 2016] <Fuco> now I need forall G, H : "GROUP"
[Wed Jan  6 15:07:11 2016] <johnw> just add an H parameter then
[Wed Jan  6 15:07:19 2016] <johnw> and leave G to come from the environment
[Wed Jan  6 15:07:56 2016] <Fuco> right, but I have no "group" type, that's my issue I guess
[Wed Jan  6 15:08:10 2016] <Fuco> and if I just add H : Set it doesn't have the group laws on it, or the operation
[Wed Jan  6 15:08:24 2016] <Fuco> I have "Variable mult : G -> G -> G" but how would I get a mult for H?
[Wed Jan  6 15:09:21 2016] <Fuco> all links I found online mentioning groups are either dead or completely over my head (like the Lagrange's theorem proof which is 2000 lines or something... it's fairly simple theorem!)
[Wed Jan  6 15:13:12 2016] <johnw> this isn't making enough sense for me to have a reasonable suggestion for you
[Wed Jan  6 15:13:17 2016] <johnw> if you show me some code, that would help
[Wed Jan  6 15:20:58 2016] <Fuco> johnw: https://gist.github.com/Fuco1/4532228923c0249faecf  I have more theorems later which aren't relevant.  Now I want to define for example what is a subgroup
[Wed Jan  6 15:21:02 2016] <Fuco> how would I do that/
[Wed Jan  6 15:21:38 2016] <Fuco> I need two objects of type "group", but I don't even understand if I am defining a type like that anywhere... or if that is how things are done in Coq
[Wed Jan  6 15:21:43 2016] <johnw> one sec
[Wed Jan  6 15:28:48 2016] <johnw> Fuco: https://gist.github.com/1a2bbec51df2956daab6
[Wed Jan  6 15:28:55 2016] <johnw> you may find this much easier to work with
[Wed Jan  6 15:30:44 2016] <Fuco> johnw: that seems like what I was after, thanks
[Wed Jan  6 15:30:51 2016] <Fuco> johnw: one question, what is group_scope?
[Wed Jan  6 15:31:02 2016] <johnw> well, you are overloading the definition of *
[Wed Jan  6 15:31:12 2016] <johnw> so defining a scope allows user to clarify which version of % they want
[Wed Jan  6 15:31:22 2016] <johnw> (x * y)%group_scope vs. (x * y)%N_scope, etc.
[Wed Jan  6 15:31:32 2016] <johnw> which version of *, I meant
[Wed Jan  6 15:31:38 2016] <Fuco> I see
[Wed Jan  6 15:31:44 2016] <johnw> opening the scope makes it the default from that point forward
[Wed Jan  6 15:31:59 2016] <johnw> you'll see that in normal developments, "+" has like 5 meanings, one of which is always the default
[Wed Jan  6 18:39:33 2016] <Nik05> can someone help me with a SF exercise?
[Wed Jan  6 18:39:42 2016] <benzrf> Nik05: probably!
[Wed Jan  6 18:39:43 2016] <Nik05> found one i didnt solve
[Wed Jan  6 18:40:36 2016] <Nik05> It's theorem ev_plus_plus : forall n m p, ev (n+m) -> ev (n+p) -> ev (m+p). And the exercise says to don't use any induction or case analysis. but just application and rewriting
[Wed Jan  6 18:41:41 2016] <Nik05> I have this theorem to use ev_sum: ∀ n m : nat, ev n → ev m → ev (n + m)
[Wed Jan  6 18:41:52 2016] <Nik05> And this one ev_ev__ev: ∀ n m : nat, ev (n + m) → ev n → ev m
[Wed Jan  6 18:42:28 2016] <Nik05> oh wait what
[Wed Jan  6 18:43:31 2016] <benzrf> /no/ case anal?
[Wed Jan  6 18:43:32 2016] <Nik05> oh right correct sorry, read the last one wrong
[Wed Jan  6 18:43:51 2016] <Nik05> o induction or even case analysis is needed
[Wed Jan  6 18:43:58 2016] <Nik05> Thats what it says
[Wed Jan  6 18:44:01 2016] <benzrf> huh
[Wed Jan  6 18:44:23 2016] <Nik05> And I got the plus theomres like n + S m = S (n + m), etc
[Wed Jan  6 18:44:39 2016] <benzrf> ooh i got an idea
[Wed Jan  6 18:44:44 2016] <benzrf> not sure it's right
[Wed Jan  6 18:45:58 2016] <Nik05> So first applying ev_plus_plus doesnt work because you need to prove ev m and ev p. And they could be odd. So then we have the ev_ev__ev
[Wed Jan  6 18:46:24 2016] <benzrf> gimme a minute =p
[Wed Jan  6 18:46:31 2016] <Nik05> oke :)
[Wed Jan  6 18:47:23 2016] <benzrf> Nik05: are those the only two theorems?
[Wed Jan  6 18:47:55 2016] <benzrf> do you have something like forall n, ev (n + n)
[Wed Jan  6 18:48:04 2016] <Nik05> yes got that one too
[Wed Jan  6 18:48:11 2016] <benzrf> i know how to do it then c=
[Wed Jan  6 18:48:17 2016] <benzrf> that might be the only clue you need
[Wed Jan  6 18:49:09 2016] <Nik05> oh dont got it but, can try
[Wed Jan  6 18:49:27 2016] <Nik05> oh i got itdouble_even: ∀ n : nat, ev (double n)
[Wed Jan  6 18:57:36 2016] <Nik05> benzrf just apply and rewrite?
[Wed Jan  6 18:57:46 2016] <benzrf> yep
[Wed Jan  6 18:57:49 2016] <benzrf> roughly
[Wed Jan  6 18:58:02 2016] <benzrf> maybe an assert or two, but
[Wed Jan  6 18:58:11 2016] <Nik05> oke
[Wed Jan  6 18:58:53 2016] <Nik05> thank you, will look again :p
[Wed Jan  6 18:58:57 2016] <benzrf> kk
[Wed Jan  6 19:03:13 2016] <Nik05> benzrf where should i begin? apply to hypotesis or to the goal?
[Wed Jan  6 19:03:25 2016] <benzrf> one sec
[Wed Jan  6 19:03:28 2016] <benzrf> im trying to get mine working
[Wed Jan  6 19:07:46 2016] <johnw> you very rarely should need intermediate asserts
[Wed Jan  6 19:08:19 2016] <Nik05> oke
[Wed Jan  6 19:09:03 2016] <benzrf> grrr
[Wed Jan  6 19:09:08 2016] <benzrf> how do you rewrite only one occurence >:O
[Wed Jan  6 19:09:16 2016] <johnw> rewrite foo at <N>.
[Wed Jan  6 19:09:25 2016] <johnw> or, use replace X with Y.
[Wed Jan  6 19:09:32 2016] <Nik05> hi johnw
[Wed Jan  6 19:09:39 2016] <johnw> hi Nik05!
[Wed Jan  6 19:10:03 2016] <benzrf> johnw: tyvm
[Wed Jan  6 19:12:46 2016] <benzrf> ok ye i proved it
[Wed Jan  6 19:12:57 2016] <benzrf> the part that i had trouble with was some extremely finicky rewriting
[Wed Jan  6 19:13:07 2016] <benzrf> which wouldve been trivial to any human ;-;
[Wed Jan  6 19:13:42 2016] <Nik05> the plus associativity and commutivity?
[Wed Jan  6 19:14:46 2016] <Nik05> oh man i just dont see it :P
[Wed Jan  6 19:15:06 2016] <Nik05> and im not missing some theorem. I can do it with apply ev_ev__ev and ev_sum?
[Wed Jan  6 19:17:11 2016] <Nik05> well and double you said
[Wed Jan  6 19:21:43 2016] <johnw> Nik05: if you can show me, I could offer a hint
[Wed Jan  6 19:22:03 2016] <Nik05> Starting over, i have no idea what im doign
[Wed Jan  6 19:23:07 2016] <pumita> elo guys, i want to define partial mappings like this: f : a -> option b
[Wed Jan  6 19:23:37 2016] <pumita> what woukd be the best way to do it in coq?
[Wed Jan  6 19:24:41 2016] <pumita> I mean, I'd like to have an operator like "|->", that will work just like "->" does
[Wed Jan  6 19:25:04 2016] <pumita> and define the partial functions as f : A |-> B
[Wed Jan  6 19:25:20 2016] <pumita> f : A |-> B would be equivalent to say f : A -> option B
[Wed Jan  6 19:26:31 2016] <johnw> you could do it exactly as you've described
[Wed Jan  6 19:26:42 2016] <johnw> Definition partial (A B : Type) := A -> option B.
[Wed Jan  6 19:26:51 2016] <johnw> Infix "|->" := partial.
[Wed Jan  6 19:32:40 2016] <Nik05> oh maybe i got it
[Wed Jan  6 19:37:19 2016] <Nik05> im almost there
[Wed Jan  6 19:37:28 2016] <pumita> johnw: thank you :), it works like a charm!
[Wed Jan  6 19:40:40 2016] <Nik05> benzrf how do you rewrite ev (n + n + m + p + (m + p)) to ev((n+n)+(m+m)+(p+p)) ? :P
[Wed Jan  6 19:41:07 2016] <benzrf> Nik05: it's not easy
[Wed Jan  6 19:41:51 2016] <johnw> that's actually fairly straightforward
[Wed Jan  6 19:42:17 2016] <Nik05> oh
[Wed Jan  6 19:43:04 2016] <johnw> so, NPeano.Nat.add_shuffle1 has type: forall n m p q : nat, n + m + (p + q) = n + p + (m + q)
[Wed Jan  6 19:43:28 2016] <johnw> which is exactly what you need; you just have to use associativity to move the initial "n + n" out of it
[Wed Jan  6 19:43:41 2016] <johnw> it's also called: plus_permute_2_in_4  forall n m p q : nat, n + m + (p + q) = n + p + (m + q)
[Wed Jan  6 19:43:58 2016] <johnw> but I imagine that if this is for SF, you'll need to write it yourself
[Wed Jan  6 19:45:00 2016] <benzrf> johnw: jesus christ how horrifying
[Wed Jan  6 19:45:19 2016] <johnw> why is that horrifying?
[Wed Jan  6 19:45:29 2016] <benzrf> random special-case equalities like that
[Wed Jan  6 19:45:52 2016] <johnw> must be useful more often than you'd think, or why would it be in the stdlib in two places :)
[Wed Jan  6 19:45:54 2016] <benzrf> when i go to college my research project will be investigating how human understanding of algebra works & developing better tools for this kind of nonsense
[Wed Jan  6 19:46:00 2016] <Nik05> :P
[Wed Jan  6 19:46:12 2016] <benzrf> johnw: no the horrifying thing is that it's the Right Solution
[Wed Jan  6 19:46:18 2016] <johnw> well, "omega" is the real answer here
[Wed Jan  6 19:46:26 2016] <benzrf> doesn't that just do inequalities
[Wed Jan  6 19:46:26 2016] <johnw> "f_equal; omega" will solve Nik05's goal
[Wed Jan  6 19:46:37 2016] <johnw> it solves math equality like this too
[Wed Jan  6 19:47:05 2016] <johnw> but you don't learn anything
[Wed Jan  6 19:51:56 2016] <Nik05> now i dont even get my prove when i try to go over it again...
[Wed Jan  6 20:06:49 2016] <Nik05> oke now i dont understand apply
[Wed Jan  6 20:07:03 2016] <Nik05> So I got ev_ev__ev: ∀ n m : nat, ev (n + m) → ev n → ev m
[Wed Jan  6 20:07:10 2016] <Nik05> Hnm : ev (n + n + m + p)
[Wed Jan  6 20:07:18 2016] <Nik05> And my goal is ev (m + p)
[Wed Jan  6 20:07:36 2016] <Nik05> So I apply ev_ev__ev with (m:=m+p).
[Wed Jan  6 20:07:57 2016] <Nik05> This give me the hypotheis m + p
[Wed Jan  6 20:08:17 2016] <Nik05> and i can prove my goal with this, and it gives a subgoal
[Wed Jan  6 20:08:42 2016] <Nik05> But I would think the subgoal would be prove ev (n + n), but i need to prove ev (n + n + m + p + (m + p))
[Wed Jan  6 20:08:45 2016] <Nik05> what is happening there?
[Wed Jan  6 20:10:10 2016] <Nik05> I apply ev_ev__ev in Hnm ofcourse.
[Wed Jan  6 20:18:50 2016] <Nik05> johnw still here?
[Wed Jan  6 20:20:13 2016] <Nik05> or benzrf ?
[Wed Jan  6 20:21:07 2016] <benzrf> hey Nik05
[Wed Jan  6 20:21:30 2016] <benzrf> Nik05: im reading now
[Wed Jan  6 20:21:36 2016] <Nik05> Can you help me whats going on when i apply ev_ev__ev to Hnm, oke thank you
[Wed Jan  6 20:22:09 2016] <benzrf> Nik05: are you applying it to Hnm, or to your goal?
[Wed Jan  6 20:22:23 2016] <Nik05> yeah that was my mistake, im applying it to Hnm
[Wed Jan  6 20:28:11 2016] <benzrf> Nik05: it works now?
[Wed Jan  6 20:28:24 2016] <Nik05> well the proof works, but i dont get how :P
[Wed Jan  6 20:28:29 2016] <Nik05> i was just lucky
[Wed Jan  6 20:29:25 2016] <Nik05> http://lpaste.net/1932201908391378944
[Wed Jan  6 20:29:30 2016] <Nik05> I dont get line 7
[Wed Jan  6 20:31:20 2016] <Nik05> After line 6 I got Hnm : ev ( n + n + m + p )
[Wed Jan  6 20:31:41 2016] <Nik05> when i apply ev_ev__ev : ∀ n m : nat, ev (n + m) → ev n → ev m
[Wed Jan  6 20:32:22 2016] <Nik05> i would expect ev (n' + m') == ev ( (n + n) + (m + p))
[Wed Jan  6 20:32:42 2016] <Nik05> which then gives me ev (n + n) -> ev (m + p)
[Wed Jan  6 20:32:55 2016] <Nik05> i dont get it now
[Wed Jan  6 20:36:07 2016] <Nik05> i can prove (ev (m + p)), but why do i need to prove ev (n + n + m + p + (m + p)) instead of ev (n + n)?
[Wed Jan  6 20:37:10 2016] <Nik05> like how ev_sum gets appled in line 5
[Wed Jan  6 20:37:37 2016] <Nik05> So my question is, why is my 2nd subgoal not ev (n + n)?
[Wed Jan  6 20:37:58 2016] <Nik05> Maybe its relaly obvious and i should just take a break...
[Wed Jan  6 20:42:40 2016] <benzrf> maybe!
[Wed Jan  6 20:43:20 2016] <Nik05> no wait now it works...
[Wed Jan  6 20:43:21 2016] <Nik05> :S
[Wed Jan  6 20:43:47 2016] <benzrf> ahah
[Wed Jan  6 20:43:52 2016] <benzrf> eugh
[Wed Jan  6 20:44:00 2016] <benzrf> meant to type 'haha'
[Wed Jan  6 20:44:06 2016] <benzrf> the guy i know who says 'ahah' is awful
[Wed Jan  6 20:44:08 2016] <Nik05> http://lpaste.net/5058733706680729600
[Wed Jan  6 20:44:23 2016] <Nik05> so whhy doesnt this do the same :S
[Wed Jan  6 20:44:26 2016] <Nik05> this is much easier...
[Wed Jan  6 20:44:55 2016] <Nik05> Im think this should be equivalent :p
[Wed Jan  6 20:45:40 2016] <Nik05> oke im doing something stupid with (m:=m+p) when apply ev_e...
[Wed Jan  6 20:46:03 2016] <Nik05> but what? :S
[Wed Jan  6 20:46:34 2016] <Nik05> ho sorry for my indentations in my pastes...
[Wed Jan  6 20:58:39 2016] <Nik05> http://lpaste.net/4521939266573434880 but benzrf is your proof like this as well?
[Wed Jan  6 20:59:17 2016] <Nik05> I would like to use Case to make it a little more clear what im doing, but how to name these cases?
[Wed Jan  6 21:00:16 2016] <Nik05> After the first apply what would be an appropriated case name?
[Wed Jan  6 21:00:40 2016] <benzrf> Nik05: sorry let me check
[Wed Jan  6 21:01:11 2016] <Nik05> And then still my question, but doesnt line 7 work with "with (m:=m+p)" ?
[Wed Jan  6 21:01:40 2016] <Nik05> its not even that much rewrite in this proof
[Wed Jan  6 21:01:41 2016] <benzrf> ummmm why dont i just paste what i did do you can compare c:
[Wed Jan  6 21:01:50 2016] <benzrf> i dont feel like going to the trouble to read proof scripts :>
[Wed Jan  6 21:02:47 2016] <Nik05> :P
[Wed Jan  6 21:03:08 2016] <Nik05> I guess i dont know how the "with" syntax works in apply
[Wed Jan  6 21:04:25 2016] <benzrf> http://lpaste.net/148565
[Wed Jan  6 21:05:53 2016] <Nik05> thank you benzrf
[Wed Jan  6 21:15:41 2016] <benzrf> np
[Wed Jan  6 21:47:02 2016] <Nik05> have a good night everyone
[Wed Jan  6 21:47:06 2016] <Nik05> thank you benzrf :)
[Wed Jan  6 21:50:57 2016] <benzrf> np
[Thu Jan  7 09:12:45 2016] <pumita> Hi guys, I defined in a separated file an infix operator named "|->
[Thu Jan  7 09:12:50 2016] <pumita> "|->"
[Thu Jan  7 09:13:10 2016] <pumita> the thing is, when I import the file inside another one, I can't use that operator
[Thu Jan  7 09:13:15 2016] <pumita> it throws me the following: Syntax error: '.' expected after [vernac:gallina] (in [vernac_aux]).
[Thu Jan  7 09:13:35 2016] <pumita> but, if I define the operator inside the same file I use it, it works
[Thu Jan  7 09:13:43 2016] <pumita> do you know why is that happening? thanks
[Thu Jan  7 12:20:51 2016] <pumita> "|->"
[Thu Jan  7 12:21:00 2016] <pumita> Hi guys, I defined in a separated file an infix operator named "|->
[Thu Jan  7 12:21:08 2016] <pumita> the thing is, when I import the file inside another one, I can't use that operator
[Thu Jan  7 12:21:13 2016] <pumita> it throws me the following: Syntax error: '.' expected after [vernac:gallina] (in [vernac_aux]).
[Thu Jan  7 12:21:20 2016] <pumita> but, if I define the operator inside the same file I use it, it works
[Thu Jan  7 12:21:24 2016] <pumita> do you know why is that happening? thanks
[Thu Jan  7 12:26:50 2016] <ianjneu> pumita: It's been a while since I've done this, but you might need to define your operator in a specified "Scope" and in your importing module, use "Open Scope scope_name."
[Thu Jan  7 12:31:51 2016] <ianjneu> pumita: see the uses of Infix and : X_scope in https://github.com/coq/coq/blob/trunk/theories/Init/Datatypes.v
[Thu Jan  7 12:34:27 2016] <ianjneu> The Bind Scope command is useful if you plan on not overloading that notation https://coq.inria.fr/distrib/current/refman/Reference-Manual014.html#hevea_default799
[Thu Jan  7 12:36:44 2016] <pumita> Thanks ianjneu
[Thu Jan  7 12:36:52 2016] <pumita> how do you declare a scope?
[Thu Jan  7 12:37:30 2016] <pumita> because I did basically what's on Datatypes.v, and it throws me "Error: Scope maps_scope is not declared."
[Thu Jan  7 12:37:39 2016] <pumita> when I do "Open Scope maps_scope"
[Thu Jan  7 12:41:36 2016] <ianjneu> did you do the Infix ... : maps_scope, or Bind Scope maps_scope with your_map_type before the open?
[Thu Jan  7 12:42:55 2016] <pumita> yes
[Thu Jan  7 12:43:03 2016] <pumita> I did that in the separated file Maps.v
[Thu Jan  7 12:43:19 2016] <ianjneu> Did you compile Maps.v?
[Thu Jan  7 12:43:22 2016] <pumita> Infix "|->" := partial (at level 62, left associativity) : maps_scope.
[Thu Jan  7 12:43:26 2016] <pumita> yes
[Thu Jan  7 12:44:14 2016] <ianjneu> Can you do Local Open Scope maps_scope in Maps.v after your Infix just for a sanity check?
[Thu Jan  7 12:45:02 2016] <pumita> yes, that works
[Thu Jan  7 12:45:50 2016] <ianjneu> Do you Require or Require Import Maps.v?
[Thu Jan  7 12:46:09 2016] <pumita> Require Import
[Thu Jan  7 12:48:21 2016] <ianjneu> Before you open the scope, what does the command Print Visibility maps_scope. give you?
[Thu Jan  7 12:49:03 2016] <pumita> Error: Scope maps_scope is not declared.
[Thu Jan  7 12:49:18 2016] <ianjneu> Does Print Scopes. contain maps_scope?
[Thu Jan  7 12:50:13 2016] <pumita> no :(, it contains others though
[Thu Jan  7 12:50:55 2016] <jrw> pumita: is the infix command in a section?
[Thu Jan  7 12:51:21 2016] <pumita> jrw yes! maybe that's the problem
[Thu Jan  7 12:51:36 2016] <ianjneu> right, they don't survive sections, just modules.
[Thu Jan  7 12:51:45 2016] <jrw> try redeclaring infix after the section
[Thu Jan  7 12:52:08 2016] <pumita> that was the problem
[Thu Jan  7 12:52:18 2016] <pumita> thanks ianjneu and jrw :) !
[Thu Jan  7 12:56:32 2016] <jrw> np
[Thu Jan  7 20:36:43 2016] <tswett> So I've defined a record called Category. How can I get a list of all the identifiers which this definition has produced?
[Thu Jan  7 20:38:43 2016] <Cypi> Something like [Search Category] or [SearchAbout Category] might do it
[Thu Jan  7 20:38:55 2016] <Cypi> (I never remember the difference between the two, if any)
[Thu Jan  7 20:39:16 2016] <tswett> Mostly unrelated: the "Show" family of commands is only used during an interactive proof, right?
[Thu Jan  7 20:39:57 2016] <tswett> Looks like both of your commands do the trick. Thanks!
[Thu Jan  7 20:40:18 2016] <Cypi> Most of them yes. There is [Show Obligation Tactic] which is related to Program
[Thu Jan  7 20:43:35 2016] <tswett> I'm a little surprised that although the record's constructor and destructors are now named constants, there are no named constants which relate the constructor and destructors.
[Thu Jan  7 20:44:28 2016] <jrw> tswett: what kind of relation are you looking for?
[Thu Jan  7 20:45:21 2016] <jrw> my guess is that what you're looking for is captured by computation, so you should be able to prove it directly with [reflexivity.], for example.
[Thu Jan  7 20:45:37 2016] <tswett> Things saying that applying destructors to the output of the constructor gives you back the original arguments, and applying the constructor to the outputs of all the destructors will give you the original Category.
[Thu Jan  7 20:45:40 2016] <tswett> You're probably right.
[Thu Jan  7 20:45:42 2016] <jrw> or, in the context of a larger proof, you should be able to use [simpl] to do the rewrite you're looking for
[Thu Jan  7 20:45:49 2016] <Cypi> Note that you can print said destructors if you want. Nothing special about them, it's just handled by Coq
[Thu Jan  7 21:07:52 2016] <tswett> What's the command to enable universe polymorphism in 8.5beta1?
[Thu Jan  7 21:10:04 2016] <Cypi> [Set Universe Polymorphism] or just add [Polymorphic] before some definition
[Thu Jan  7 21:13:56 2016] <tswett> Cool, thanks.
[Thu Jan  7 21:14:27 2016] <tswett> That makes this file complete.
[Thu Jan  7 21:14:35 2016] <tswett> A definition of what a category is, in only 41 lines!
[Thu Jan  7 21:50:05 2016] <benzrf> tswett: "a collection of 'objects', a collection of 'morphisms' for each pair of objects, & an associative, unital operation whose type rules are analogous to that of function composition"
[Thu Jan  7 21:50:10 2016] <benzrf> 1 line
[Thu Jan  7 21:50:13 2016] <benzrf> c=
[Thu Jan  7 21:51:03 2016] <tswett> https://pastebin.mozilla.org/8856164 - my definition is clearly much better than yours.
[Thu Jan  7 21:57:08 2016] <benzrf> 'arrows'
[Thu Jan  7 21:57:11 2016] <benzrf> not 'morphisms'
[Thu Jan  7 21:57:12 2016] <benzrf> smh
[Thu Jan  7 21:57:43 2016] <Cypi> You don't like the word?
[Thu Jan  7 21:59:35 2016] <benzrf> just being fractios
[Thu Jan  7 22:00:08 2016] <benzrf> *fractious
[Thu Jan  7 22:01:53 2016] <tswett> Hey, I never used the word "arrows" once in my definition!
[Fri Jan  8 13:17:25 2016] <rrika> how can I split the proof in two cases where in one branch I assume x and in one I assume ¬x
[Fri Jan  8 13:20:55 2016] <tejing> rrika: you have to prove decidability for the proposition in question. once you've done that you simply destruct that proof. (or you have to take the law of the excluded middle as an axiom)
[Fri Jan  8 13:23:02 2016] <rrika> how does that work?
[Fri Jan  8 13:23:29 2016] <rrika> basically I'm trying to prove: f x = f y → x = y
[Fri Jan  8 13:23:47 2016] <rrika> And for that, handle the cases x = y and x != y
[Fri Jan  8 13:24:01 2016] <rrika> Not even sure if that leads anywhere, just trying out stuff
[Fri Jan  8 13:25:21 2016] <sgnb> rrika: what is the type of x and y ?
[Fri Jan  8 13:25:24 2016] <ianjneu> Perhaps just admit a proposition T_dec: forall x y : (type of x and y), {x=y}+{x<>y}. and use that in your proof attempt.
[Fri Jan  8 13:25:27 2016] <tejing> rrika: you'd need a proof of "forall x y : <type of x and y above>, x = y \/ x <> y", which for simple types is usually easy enough to prove by induction
[Fri Jan  8 13:25:42 2016] <rrika> sgnb, x and y are of the same inductive type I defined
[Fri Jan  8 13:25:49 2016] <ianjneu> tejing: or just the "decide equality" tactic.
[Fri Jan  8 13:25:58 2016] <tejing> or that
[Fri Jan  8 13:26:04 2016] <sgnb> right
[Fri Jan  8 13:26:04 2016] <rrika> (specifically the binary number as linked list type from that manual)
[Fri Jan  8 13:26:28 2016] <rrika> ianjneu, what does "+" do here?
[Fri Jan  8 13:26:50 2016] <ianjneu> + is a sum type constructor. Either the left or right proposition.
[Fri Jan  8 13:26:52 2016] <rrika> tejing, and then destruct on that?
[Fri Jan  8 13:26:59 2016] <tejing> rrika: it's a notation for 'sumbool'... it's like \/, but the result is a type, not a prop
[Fri Jan  8 13:27:16 2016] <rrika> what's the difference between prop and type?
[Fri Jan  8 13:27:56 2016] <ianjneu> Prop is not allowed to be inspected for constructing anything other than another prop
[Fri Jan  8 13:28:24 2016] <ianjneu> It's a syntactic restriction for extraction.
[Fri Jan  8 13:28:27 2016] <rrika> Are Types and Props disjunct or subset of each other?
[Fri Jan  8 13:28:30 2016] <tejing> rrika: yes. apply it to the x and y in your specific situation, then destruct it... as for prop and type, the main thing to know is that you cannot pattern match on a prop to produce a type, unless it's a prop with only 1 constructor. that's so that extraction works, since it leaves out anything in prop
[Fri Jan  8 13:30:46 2016] <rrika> >you'd need a proof of "forall x y : <type of x and y above>, x = y \/ x <> y"
[Fri Jan  8 13:31:09 2016] <ianjneu> In models of the gallina logic, Prop is considered the smallest type, followed by Set then Type. Type is ramified behind the scenes to an unbounded tower of Type0 < Type1 < Type2 ...
[Fri Jan  8 13:31:12 2016] <rrika> if I have a case of an inductive type with 0 arguments, shouldn't "casename <> casename" simplify to false?
[Fri Jan  8 13:31:28 2016] <rrika> ianjneu, I see.
[Fri Jan  8 13:31:52 2016] <ianjneu> It would not simplify to false since they are equivalent but not equal types.
[Fri Jan  8 13:32:26 2016] <rrika> huh? their type should be the same
[Fri Jan  8 13:33:14 2016] <ianjneu> False is an inductive type with 0 constructors. x = y -> False is a function.
[Fri Jan  8 13:34:18 2016] <rrika> does false also exist as value, not as type?
[Fri Jan  8 13:34:49 2016] <tejing> rrika: of type bool, yes
[Fri Jan  8 13:35:04 2016] <ianjneu> false is a bool, but equality is a proposition.
[Fri Jan  8 13:35:10 2016] <rrika> Oh, = is a function building expressions, not actually comparing things
[Fri Jan  8 13:35:35 2016] <tejing> rrika: = is a binary predicate... so it's more like a function building types
[Fri Jan  8 13:35:35 2016] <ianjneu> It is the identity type constructor, yes.
[Fri Jan  8 13:35:45 2016] <ianjneu> It's not binary.
[Fri Jan  8 13:35:53 2016] <ianjneu> er, 2-ary yes.
[Fri Jan  8 13:36:13 2016] <ianjneu> but really it takes the type of the following two arguments, so 3-ary.
[Fri Jan  8 13:36:36 2016] <ianjneu> (I was thinking binary as in LEM)
[Fri Jan  8 13:37:18 2016] <tejing> ianjneu: technically, true... I still think it's valid to call it binary though. (and yea, I meant 2-ary, not LEM)
[Fri Jan  8 13:39:56 2016] <ianjneu> binary presentation with Set Implicit Arguments, sure.
[Fri Jan  8 13:40:58 2016] <ianjneu> arity is not an internally expressible notion in gallina, so "valid" is an informal concept.
[Fri Jan  8 21:57:02 2016] <vanila> hi
[Fri Jan  8 21:57:07 2016] <vanila> https://www.youtube.com/watch?v=zmhd8clDd_Y
[Fri Jan  8 21:57:14 2016] <vanila> was watching this video and i had a question
[Fri Jan  8 21:57:30 2016] <vanila> since excluded middle is independent, can we add an axiom ~(forall P : Prop, P \/ ~P)  consistently? what would it mean
[Fri Jan  8 23:16:59 2016] <sclv> well it makes more sense to add axioms that violate EM, rather than just its negation
[Fri Jan  8 23:18:18 2016] <sclv> an example of an axiom that violates EM is the kock-lawvere axiom: https://ncatlab.org/nlab/show/Kock-Lawvere+axiom
[Fri Jan  8 23:19:49 2016] <sclv> i think some continuity axioms are anti-classical too
[Fri Jan  8 23:22:58 2016] <sclv> here's a blog post discussing that http://math.andrej.com/2009/10/12/constructive-gem-double-exponentials/
[Fri Jan  8 23:24:16 2016] <sclv> church's thesis ("all functions are computable") is also anti-classical i think: https://en.wikipedia.org/wiki/Church%27s_thesis_(constructive_mathematics)
[Fri Jan  8 23:25:18 2016] <vanila> thanks!
[Sat Jan  9 08:42:04 2016] <Fuco> how can I use numbers in coq? Normal integers, 1, 2,3... not 'nat'
[Sat Jan  9 08:47:07 2016] <rrika> Fuco, is there anything you can't do with nats?
[Sat Jan  9 08:47:49 2016] <Fuco> -4
[Sat Jan  9 11:56:29 2016] <Nik05> Anyone an hint on how to proof palindrome_converse : ∀ X (l : list X), l = rev l -> pal l from SF?
[Sat Jan  9 11:56:30 2016] <Fuco> when I have a goal S m = S n, how do I simplify it to m = n?
[Sat Jan  9 11:57:17 2016] <vanila> Fuco, inversion
[Sat Jan  9 11:57:20 2016] <Nik05> ah
[Sat Jan  9 11:57:25 2016] <Nik05> just too late :P
[Sat Jan  9 11:57:34 2016] <Nik05> I had the same question few weeks back :P
[Sat Jan  9 11:57:53 2016] <Nik05> Fuco or you can apply f_equal
[Sat Jan  9 11:58:14 2016] <Fuco> what do you mean inversion?
[Sat Jan  9 11:58:37 2016] <Nik05> vanila, isnt that when the hypothesis is S m = S n?
[Sat Jan  9 11:58:45 2016] <Nik05> Fuco apply f_equal on your goal
[Sat Jan  9 11:58:53 2016] <Fuco> yes
[Sat Jan  9 11:59:17 2016] <Fuco> I have no idea how people read the documentation, it's so chaotic :/
[Sat Jan  9 11:59:35 2016] <vanila> H : S m = S n
[Sat Jan  9 11:59:37 2016] <vanila> inversion H.
[Sat Jan  9 11:59:53 2016] <Fuco> it's the goal not hypothesis
[Sat Jan  9 12:00:03 2016] <vanila> oh okay
[Sat Jan  9 12:02:28 2016] <rrika> Fuco, if you have a helper theorem like
[Sat Jan  9 12:02:29 2016] <rrika> Lemma strip_s : forall q p, q = p -> S q = S p.
[Sat Jan  9 12:02:35 2016] <rrika> you can then "apply strip_s"
[Sat Jan  9 12:02:45 2016] <Nik05> rrika its called f_equal
[Sat Jan  9 12:02:56 2016] <rrika> Nik05, so "apply f_equal"?
[Sat Jan  9 12:03:06 2016] <rrika> should've read the log
[Sat Jan  9 12:06:22 2016] <Nik05> :)
[Sat Jan  9 12:07:08 2016] <rrika> how can I move a function application out of a match
[Sat Jan  9 12:07:09 2016] <rrika> as in
[Sat Jan  9 12:07:40 2016] <rrika> match x with | y => f(1) | z => f(2) end → f (match x with | y => 1 | z => 2 end)
[Sat Jan  9 12:09:38 2016] <vanila> is that term your goal
[Sat Jan  9 12:10:30 2016] <vanila> oh I was going to say the 'change' tactic but it wont work, you would have to these two terms equal by case on x
[Sat Jan  9 12:10:49 2016] <rrika> the match is one on side of a "=" that is my goal
[Sat Jan  9 12:11:12 2016] <rrika> … = match … f() f() → … = f ( match … () ())
[Sat Jan  9 12:11:24 2016] <vanila> maybe just destruct x
[Sat Jan  9 12:11:51 2016] <rrika> IIRC it doesn't let me
[Sat Jan  9 12:11:55 2016] <rrika> x is a complex expression
[Sat Jan  9 12:12:10 2016] <vanila> you could make a lemma where x really is just a variable
[Sat Jan  9 12:12:12 2016] <vanila> then apply that
[Sat Jan  9 12:12:49 2016] <rrika> oh, "destruct" works, should've used () with destruct.
[Sat Jan  9 14:11:28 2016] <rrika> how can I split a<->b into a->b and b->a?
[Sat Jan  9 14:11:58 2016] <vanila> destruct
[Sat Jan  9 14:12:10 2016] <rrika> destruct with what argument?
[Sat Jan  9 14:12:15 2016] <vanila> H : a<->b
[Sat Jan  9 14:12:17 2016] <vanila> destruct H
[Sat Jan  9 14:12:21 2016] <rrika> ah
[Sat Jan  9 14:12:35 2016] <rrika> oh, what if it's my goal though?
[Sat Jan  9 14:13:13 2016] <Cypi> Then "split"
[Sat Jan  9 14:13:29 2016] <rrika> Cypi, thank you
[Sat Jan  9 14:16:17 2016] <rrika> can infinite terms exist in coq?
[Sat Jan  9 14:16:19 2016] <rrika> in other words
[Sat Jan  9 14:16:26 2016] <rrika> is (S x) = x provable?
[Sat Jan  9 14:16:55 2016] <Cypi> You can prove "forall x, ~ (S x = x)" actually
[Sat Jan  9 14:17:09 2016] <Cypi> Infinite terms do exist, but only in the context of coinductive definitions
[Sat Jan  9 14:17:17 2016] <rrika> I see.
[Sat Jan  9 14:17:26 2016] <Cypi> So if you were to define coinductive natural numbers, then yes, you would have some x such that S x = x
[Sat Jan  9 14:23:31 2016] <tejing> if I have a hypothesis H : eq_rect _ _ constr1 _ p = constr2, where constr1 and constr2 are have different annotation terms, how can I generate a contradiction? I'm basically trying to do 'discriminate H' but it's complicated by the eq_rect, and I can't use decideable equality to remove it because constr1 = constr2 cannot be proposed.
[Sat Jan  9 14:23:45 2016] <tejing> s/are have/have/
[Sat Jan  9 14:50:44 2016] <tejing> got it... need to transform it into existT _ _ constr1 = existT _ _ constr2 then discriminate.
[Sat Jan  9 15:01:35 2016] <rrika> how do I prove "1 <> 0"
[Sat Jan  9 15:03:12 2016] <vanila> congruence
[Sat Jan  9 15:03:18 2016] <Cypi> Pick what you prefer: "discriminate", "congruence", "intros H; inversion H", ...
[Sat Jan  9 15:03:43 2016] <rrika> cool, thank you
[Sat Jan  9 18:45:25 2016] <Nik05> Can someone give a hint on how to proof ∀l, l = rev l -> palindrome l? Where palindrome is inductively defined := | p_nil : palindrome [] | p_one : ∀x, palindrome [x] | p_cc ∀x l, palindrome -> palindrome (x :: snoc l x).
[Sat Jan  9 18:45:53 2016] <Nik05> lets abbreviate to pal, like SF does
[Sat Jan  9 19:15:10 2016] <jrw> Nik05: that one is tricky, especially given what the book has taught you at the point when the exercise is assigned. what have you tried so far to solve it?
[Sat Jan  9 19:40:04 2016] <Nik05> jrw inductions on l but then im stuck with pal (x :: l')
[Sat Jan  9 19:40:32 2016] <Nik05> inversions to proof subgoals
[Sat Jan  9 19:40:38 2016] <Nik05> but stuck every time
[Sat Jan  9 19:41:03 2016] <jrw> Nik05: okay good. I assume you believe it to be true informally? do you have an informal argument as to why it's true?
[Sat Jan  9 19:42:13 2016] <Nik05> I do believe its true :P
[Sat Jan  9 19:42:25 2016] <jrw> good :)
[Sat Jan  9 19:42:28 2016] <jrw> what about an argument?
[Sat Jan  9 19:42:28 2016] <Nik05> let me think about the informal proof
[Sat Jan  9 19:42:32 2016] <jrw> okay
[Sat Jan  9 19:47:08 2016] <Nik05> jrw i would say i could do it with induction on l
[Sat Jan  9 19:47:27 2016] <Nik05> well maybe not wait
[Sat Jan  9 19:47:35 2016] <jrw> :D
[Sat Jan  9 19:48:03 2016] <Nik05> just induction on l is not possible
[Sat Jan  9 19:48:08 2016] <jrw> okay why?
[Sat Jan  9 19:50:06 2016] <Nik05> uhm
[Sat Jan  9 19:51:27 2016] <Nik05> well you get the induction hypothesis l' = rev l' -> pal l'. To proof pal (x :: l')
[Sat Jan  9 19:51:29 2016] <Nik05> which is not possible
[Sat Jan  9 19:53:25 2016] <Nik05> induction on rev l isnt possible either
[Sat Jan  9 19:54:37 2016] <Nik05> No idea how to do this informally
[Sat Jan  9 19:55:50 2016] <jrw> okay good
[Sat Jan  9 19:55:58 2016] <jrw> first step is figuring out how to do it informally
[Sat Jan  9 19:56:03 2016] <jrw> no hope of doing it in coq otherwise
[Sat Jan  9 19:56:06 2016] <Nik05> oke
[Sat Jan  9 19:56:25 2016] <jrw> it might help to think a bit *more* informally
[Sat Jan  9 19:56:38 2016] <Nik05> oke will try that
[Sat Jan  9 19:56:42 2016] <jrw> it looks to me like you basically tried to do as much detail as possible on paper, roughly the level of coq detail
[Sat Jan  9 19:56:52 2016] <jrw> instead, start from the other end of the spectrum, all the way at "why is this true?"
[Sat Jan  9 19:58:06 2016] <jrw> letting yourself use whatever reasoning principles you are comfortable with, even if you don't know how to formalize them in coq
[Sat Jan  9 19:59:26 2016] <Nik05> Oke i will try to write something down
[Sat Jan  9 20:13:30 2016] <Nik05> This is confusing. Because well l = rev l is the definition of a palindrome.
[Sat Jan  9 20:14:13 2016] <Nik05> I thought about doing an inevrsion on H, but how
[Sat Jan  9 20:14:35 2016] <jrw> ah, yeah, that's confusing.
[Sat Jan  9 20:16:07 2016] <jrw> it might be helpful to think of "palindrome l" as meaning "l consists of the same first and last element, and the middle is also a palindrome"
[Sat Jan  9 20:16:24 2016] <jrw> which is just an englishification of the inductive definition
[Sat Jan  9 20:18:19 2016] <Nik05> well yes thats how i defined pal
[Sat Jan  9 20:18:42 2016] <jrw> right, so we're taking that as the definition of palindrome, and not rev l = l
[Sat Jan  9 20:20:23 2016] <jrw> one place to start would be to prove (informally) that if rev l = l then l is either empty, a singleton, or can be written in the form [x] ++ l' ++ [x] for some x and l'
[Sat Jan  9 20:21:39 2016] <Nik05> and then we are doing a induction
[Sat Jan  9 20:23:03 2016] <jrw> if you mean we could prove that by induction on l, then yes, that sounds good.
[Sat Jan  9 20:23:26 2016] <jrw> if you mean something else, then that also potentially sounds good
[Sat Jan  9 20:23:42 2016] <Nik05> No i meant you are already doing an induction
[Sat Jan  9 20:23:52 2016] <Nik05> or case analysis, not sure what it is
[Sat Jan  9 20:24:21 2016] <Nik05> l = rev l, so for l is empty: [] = rev [] -> pal [], true by definition
[Sat Jan  9 20:24:34 2016] <Nik05> [x] = rev [x] -> pal [x], true by definition
[Sat Jan  9 20:26:08 2016] <jrw> right
[Sat Jan  9 20:26:14 2016] <Nik05> and we have [x] ++ l' ++ [x] = rev "" -> pal [x] ++ l' ++ [x]
[Sat Jan  9 20:26:32 2016] <Nik05> with the induction hypothesis l' = rev l' -> pal l'
[Sat Jan  9 20:26:39 2016] <jrw> right, nice.
[Sat Jan  9 20:26:43 2016] <Nik05> but
[Sat Jan  9 20:28:09 2016] <jrw> so, that's a nice informal argument. let's analyze the principles behind it.
[Sat Jan  9 20:28:57 2016] <jrw> first thing I notice is that you're using a slightly nontrivial form of case analysis, which is like the lemma I suggested above, that splits into empty, singleton, or equal-front-and-back-plus-a-middle-bit
[Sat Jan  9 20:29:35 2016] <jrw> do you notice anything about the inductive hypothesis?
[Sat Jan  9 20:30:01 2016] <Nik05> it's what we want to proof
[Sat Jan  9 20:30:45 2016] <jrw> okay, sure
[Sat Jan  9 20:31:09 2016] <Nik05> uh what do you mean? :P
[Sat Jan  9 20:31:11 2016] <jrw> the thing I was noticing was that usually when you do a proof by (structural) induction, you have a head and a tail, and you get the inductive hypothesis about the tail
[Sat Jan  9 20:31:19 2016] <jrw> but here we get it about the middle
[Sat Jan  9 20:31:29 2016] <Nik05> yes
[Sat Jan  9 20:32:28 2016] <Nik05> I tried to write a inductive, sorry not sure how to say this
[Sat Jan  9 20:32:44 2016] <jrw> so when formalizing this argument, we're going to have to figure out how to convince coq to give us such a hypothesis
[Sat Jan  9 20:33:05 2016] <Nik05> ah oke, so we have to go this way
[Sat Jan  9 20:33:10 2016] <Nik05> already tried to do this
[Sat Jan  9 20:33:25 2016] <Nik05> Noticed coq writes these induction axioms, and tried to write my own...
[Sat Jan  9 20:33:34 2016] <jrw> nice
[Sat Jan  9 20:34:29 2016] <Nik05> oh wait SF mentions them aswell
[Sat Jan  9 20:35:07 2016] <jrw> I think a custom induction principle is a really elegant way of phrasing this proof, but the hard part is proving the principle
[Sat Jan  9 20:35:59 2016] <Nik05> oke
[Sat Jan  9 20:36:46 2016] <jrw> so if you want to start thinking about that, I would recommend thinking about why such a principle is valid
[Sat Jan  9 20:39:22 2016] <Nik05> oh SF was just updated, the chapters are all merged and it has editting annotations...
[Sat Jan  9 20:39:26 2016] <Nik05> oke i will jrw
[Sat Jan  9 20:43:32 2016] <jrw> also it might be helpful to remind yourself why "normal" list induction is valid
[Sat Jan  9 20:45:15 2016] <Nik05> normal list induction i get
[Sat Jan  9 20:45:30 2016] <Nik05> but how exactly do we do the head-tail induction?
[Sat Jan  9 20:45:40 2016] <Nik05> or head-end*
[Sat Jan  9 20:46:05 2016] <jrw> what do you mean?
[Sat Jan  9 20:46:16 2016] <jrw> I mean, what do you mean by "how do we do it"?
[Sat Jan  9 20:46:53 2016] <Nik05> So we proof it holds for [], [x], and do the induction step x ++ l ++ y?
[Sat Jan  9 20:47:04 2016] <Nik05> [x], [y]*
[Sat Jan  9 20:47:50 2016] <jrw> that's the principle that we want to justify, yes
[Sat Jan  9 20:48:17 2016] <Nik05> oke i get why it works
[Sat Jan  9 20:48:51 2016] <Nik05> same for "normal" induction on lists like natural numbers
[Sat Jan  9 20:49:37 2016] <jrw> okay, right. can you say a bit more about why normal induction works, if you're claiming this works for the same reason?
[Sat Jan  9 20:51:55 2016] <Nik05> First we proof a base case. And the second step is to proof the inductive step l -> x :: l.
[Sat Jan  9 20:52:34 2016] <Nik05> if we have [] as the base case, with the inductive step we can proof al possible lists
[Sat Jan  9 20:52:47 2016] <Nik05> damn explaining is hard
[Sat Jan  9 20:52:49 2016] <jrw> :)
[Sat Jan  9 20:53:28 2016] <jrw> maybe another way to ask it is, "how would you *prove* that 'normal' induction on lists is true, if you were doing paper-and-pencil math?"
[Sat Jan  9 20:55:16 2016] <Nik05> uh
[Sat Jan  9 20:56:44 2016] <Nik05> the proving of induction oh uh
[Sat Jan  9 20:57:58 2016] <Nik05> If you assume the proof holds for some l' and we can prove it holds forall x, x :: l'. And we can proof a base case we can proof it for all lists of lengthe >= base list
[Sat Jan  9 20:58:02 2016] <Nik05> but how to proof that
[Sat Jan  9 20:58:39 2016] <jrw> ah, okay, nice, you mentioned length
[Sat Jan  9 20:58:43 2016] <jrw> can you run with that?
[Sat Jan  9 20:58:59 2016] <Nik05> what do you mean?
[Sat Jan  9 21:00:10 2016] <jrw> well, one way to prove 'normal' induction on lists is to use so-called "mathematical" induction (ie, induction on the natural numbers)
[Sat Jan  9 21:00:20 2016] <jrw> basically by inducting on the length of the list
[Sat Jan  9 21:00:31 2016] <Nik05> oh oke
[Sat Jan  9 21:01:45 2016] <Nik05> so we can do the same for natural numbers if we proof two consecutive base cases and the inductive step n' -> SS n'
[Sat Jan  9 21:01:48 2016] <Nik05> ?
[Sat Jan  9 21:02:19 2016] <Nik05> and with that proof the head-end induction of lists?
[Sat Jan  9 21:03:42 2016] <jrw> right, that's not a bad idea
[Sat Jan  9 21:04:56 2016] <Nik05> but is it a good idea? :P
[Sat Jan  9 21:05:38 2016] <jrw> I'm checking :D
[Sat Jan  9 21:05:50 2016] <jrw> it was different from the way I was planning, but I like it better because you came up with it :)
[Sat Jan  9 21:11:09 2016] <jrw> yeah, I think this works
[Sat Jan  9 21:11:16 2016] <Nik05> what is nat_rect? Do i need that?
[Sat Jan  9 21:15:35 2016] <jrw> that's the induction principle for natural numbers. it's what gets used when you say "induction n"
[Sat Jan  9 21:15:38 2016] <jrw> when n is a nat
[Sat Jan  9 21:15:58 2016] <Nik05> oke then what is nat_ind?
[Sat Jan  9 21:16:08 2016] <Nik05> isnt that the principle?
[Sat Jan  9 21:18:22 2016] <jrw> yeah, they're related
[Sat Jan  9 21:18:32 2016] <jrw> there's a separate one for Prop, Set, and Type
[Sat Jan  9 21:19:22 2016] <Nik05> oh oke
[Sat Jan  9 21:19:47 2016] <Nik05> and how would I do the induction with my own inductive principle?
[Sat Jan  9 21:21:36 2016] <jrw> you're going to use normal induction to prove your principle
[Sat Jan  9 21:21:59 2016] <jrw> it's a good idea to look at the type of nat_ind, so you know what an induction principle typically looks like
[Sat Jan  9 21:22:17 2016] <jrw> it starts with a property P that you want to prove for all elements of a type
[Sat Jan  9 21:22:23 2016] <jrw> in this case nat, so P has type nat -> Prop
[Sat Jan  9 21:22:51 2016] <jrw> then it takes a proof of the base case, P 0, and a proof of the inductive case, forall n, P n -> P (S n)
[Sat Jan  9 21:23:05 2016] <jrw> finally, it returns a proof for all nats, forall n, P n
[Sat Jan  9 21:24:15 2016] <Nik05> Just a Definition right?
[Sat Jan  9 21:25:51 2016] <jrw> sure, or a lemma
[Sat Jan  9 21:28:04 2016] <Nik05> oke
[Sat Jan  9 21:35:09 2016] <Nik05> my inductive principle can be proven, right jrw ? :P
[Sat Jan  9 21:46:47 2016] <jrw> Nik05: I proved the P n -> P (S (S n)) one, yeah
[Sat Jan  9 21:46:59 2016] <Nik05> oke
[Sat Jan  9 21:47:12 2016] <Nik05> This is the correct lemma right? Lemma nat_indSS : ∀ (P : nat -> Prop), P 0 -> P 1 -> (∀ n, P n -> P (S (S n))) -> ∀ n, P n.
[Sat Jan  9 23:15:10 2016] <Nik05> jrw thank you very much for helping. I will look into it later.
[Sat Jan  9 23:15:13 2016] <Nik05> Have a good night
[Sun Jan 10 00:14:48 2016] <jrw> Nik05: that's the right lemma
[Sun Jan 10 08:45:05 2016] <Nik05> thank you jrw
[Sun Jan 10 16:05:34 2016] <jrw> Nik05: how's it going?
[Sun Jan 10 16:05:57 2016] <Nik05> hey jrw
[Sun Jan 10 16:06:36 2016] <Nik05> stuck with proofing things about <= and stuck with the palindrome :)
[Sun Jan 10 16:07:29 2016] <jrw> cool. is the <= stuff related to the palindrome or is it a separate exercise?
[Sun Jan 10 16:07:36 2016] <Nik05> its seperate
[Sun Jan 10 16:12:34 2016] <Nik05> Im already stuck with proofing the natural induction with two base cases
[Sun Jan 10 16:23:51 2016] <jrw> Nik05: okay, can you say why you're stuck?
[Sun Jan 10 16:26:54 2016] <Nik05> jrw because i have to base cases i think i have to do two inductions but in the final induction step im left with P (S (S n''))
[Sun Jan 10 16:27:15 2016] <Nik05> and my induction hypothesis are P (S n'') and P n'' -> P (S n'')
[Sun Jan 10 16:29:20 2016] <jrw> right, so if you just try to proceed by induction on n, you'll get stuck because you'll have P (S n') and need to prove P (S (S n')) but you won't have anything about P n'
[Sun Jan 10 16:30:12 2016] <jrw> but if you think about induction as a process of building up a proof from the base cases, then it seems like it should work, because when you're trying to prove P (S (S n')), you have "already proved" P n' two iterations ago
[Sun Jan 10 16:30:16 2016] <jrw> but you've just "forgotten" it
[Sun Jan 10 16:30:19 2016] <jrw> and can't reuse it
[Sun Jan 10 16:30:44 2016] <jrw> this is one of those cases where you actually need to prove something stronger in order to get induction to work
[Sun Jan 10 16:31:32 2016] <jrw> so instead of trying to prove ... -> forall n, P n, you need to prove something that "remembers" the previous proof
[Sun Jan 10 16:31:36 2016] <jrw> is this making any sense?
[Sun Jan 10 18:06:37 2016] <Nik05> sorry jrw, had a visitor
[Sun Jan 10 18:06:44 2016] <jrw> no worries
[Sun Jan 10 18:07:05 2016] <Nik05> well should have told you
[Sun Jan 10 18:08:07 2016] <Nik05> "you need to prove somethign that remembeers the previous proof"
[Sun Jan 10 18:10:46 2016] <jrw> right, you want to rephrase the statement of the theorem so that the induction hypothesis will give you the proof not only from "last time" but also from "two times ago"
[Sun Jan 10 18:13:39 2016] <Nik05> jrw i dont know what you mean
[Sun Jan 10 18:13:51 2016] <Nik05> is my lemma not provable?
[Sun Jan 10 18:14:31 2016] <jrw> it is proveable, but not directly by induction
[Sun Jan 10 18:14:56 2016] <jrw> you need to prove something slightly different by induction, and your lemma will follow
[Sun Jan 10 18:15:01 2016] <Nik05> oh oke
[Sun Jan 10 18:17:45 2016] <jrw> I can give you slightly more to go on if you're stuck
[Sun Jan 10 18:18:50 2016] <Nik05> Oke just a little :)
[Sun Jan 10 18:21:01 2016] <jrw> change your lemma to ... -> forall n, P n /\ P (S n) and see what happens
[Sun Jan 10 18:22:10 2016] <Nik05> hm interesting
[Sun Jan 10 18:23:46 2016] <Nik05> Now it is really easy
[Sun Jan 10 18:25:08 2016] <Nik05> jrw thank you, this is an interesting way to look at a proof
[Sun Jan 10 18:25:27 2016] <jrw> now you should be able to prove the old version of the lemma as a consequence of the new version
[Sun Jan 10 18:26:40 2016] <Nik05> solved
[Sun Jan 10 18:26:47 2016] <jrw> I have to go at the moment, but you should be able to finish the palindrome exercise now by inducting on the length
[Sun Jan 10 18:26:50 2016] <jrw> keep me posted!
[Sun Jan 10 18:27:01 2016] <Nik05> thank you very much jrw
[Sun Jan 10 18:27:10 2016] <Nik05> oh how do you do the induction on the length?
[Sun Jan 10 18:27:34 2016] <jrw> you can say "remember (length l) as n"
[Sun Jan 10 18:27:40 2016] <jrw> and then "generalize dependent l"
[Sun Jan 10 18:27:41 2016] <Nik05> oke thank you
[Sun Jan 10 18:27:51 2016] <jrw> and then "induction n using my_new_lemma"
[Sun Jan 10 18:28:01 2016] <jrw> or just apply your new lemma
[Sun Jan 10 18:28:09 2016] <Nik05> oke, thank you :)
[Sun Jan 10 18:28:17 2016] <jrw> np, good luck!
[Sun Jan 10 21:56:53 2016] <Nik05> have a good night
[Sun Jan 10 22:11:35 2016] <Nik05> jrw http://www.labri.fr/perso/casteran/CoqArt/inductive-prop-chap/SRC/palindrome.v in Coq d'Art they have a long proof for the head tail induction... Is it possible flr me to do it with my induction principle?
[Sun Jan 10 22:12:21 2016] <jrw> Nik05: yes, I did it your way last night
[Sun Jan 10 22:12:25 2016] <jrw> it was much nicer than that proof
[Sun Jan 10 22:12:36 2016] <Nik05> oh oke
[Sun Jan 10 22:13:02 2016] <Nik05> oh i see they also have the proof por palindrome, but im not going to look at it
[Sun Jan 10 22:14:33 2016] <Nik05> i tried proving it but was stuck with provkng n = length l with a hypothesis SS n = length l
[Sun Jan 10 22:14:57 2016] <Nik05> guess i need to do the same trick as with the natural induction principle
[Sun Jan 10 22:17:12 2016] <jrw> Nik05: did you generalize dependent?
[Sun Jan 10 22:17:21 2016] <jrw> if not, you need to do that before induction
[Sun Jan 10 22:17:50 2016] <Nik05> yes i did
[Sun Jan 10 22:17:51 2016] <jrw> if you did do that and still get that subgoal, then you're picking the wrong value for l in the inductive hypothesis when you try to use it
[Sun Jan 10 22:18:42 2016] <Nik05> oh do i need to generalize n as well?
[Sun Jan 10 22:20:02 2016] <Nik05> i generalized l...
[Sun Jan 10 22:21:15 2016] <jrw> no you only need to generalize l
[Sun Jan 10 22:21:37 2016] <jrw> but then when you use the induction hypothesis, you have a to pick a value for l that is exactly two shorter than the "current" one
[Sun Jan 10 22:22:59 2016] <Nik05> hm, there was no picking...
[Sun Jan 10 22:26:14 2016] <Nik05> jrw i will try again tomorrow. i have to go now
[Sun Jan 10 22:26:23 2016] <Nik05> thank you for helping, have a nice day
[Mon Jan 11 01:29:28 2016] <rrika> How can I state that a value will not be a certain case of an inductive type. Like a <> S _.
[Mon Jan 11 01:29:41 2016] <rrika> Without having to specific arguments to construct an S-value.
[Mon Jan 11 01:32:52 2016] <sunnymilk> you could go the other way, and say that it has a certain form (rather than saying the inverse)
[Mon Jan 11 01:34:14 2016] <sunnymilk> in general its better to state things in the positive
[Mon Jan 11 01:35:26 2016] <sunnymilk> but how to do exactly what you said, i dont really know, except with something convoluted like "forall n. ((fn n' => match n' with Z => true | _ => false) n) = true, ...
[Mon Jan 11 01:36:42 2016] <sunnymilk> you could also define another inductive type without the case in question
[Mon Jan 11 01:41:50 2016] <rrika> <sunnymilk> you could go the other way, and say that it has a certain form (rather than saying the inverse)
[Mon Jan 11 01:41:56 2016] <rrika> it has more than two cases
[Mon Jan 11 01:42:10 2016] <rrika> I'll go with the bool thing
[Mon Jan 11 02:06:53 2016] <Cypi> rrika : is there a problem with "forall b, a <> S b"?
[Mon Jan 11 02:07:59 2016] <rrika> oh, I should learn the syntax
[Mon Jan 11 02:08:21 2016] <rrika> thanks
[Mon Jan 11 02:11:22 2016] <rrika> is tauto for tautology or for t-automatic?
[Mon Jan 11 02:28:44 2016] <sunnymilk> oh thats even better
[Mon Jan 11 04:01:29 2016] <rrika> I found a weird bug in proof general. Sometimes I try "simpl in H." and it doesn't modify H. Only when I change it to "in *" and back to "in H" it works.
[Mon Jan 11 04:14:14 2016] <rrika> oh, silly me, I confused "simpl H" with "simpl in H".
[Mon Jan 11 08:58:36 2016] <Nik05> jrw how would i choose this l that is 2 shorter?
[Mon Jan 11 09:03:59 2016] <Nik05> i only got l, nothing else
[Mon Jan 11 09:08:33 2016] <Nik05> oh maybe i can do it with a replace
[Mon Jan 11 09:08:43 2016] <Nik05> ooh
[Mon Jan 11 09:17:29 2016] <Nik05> i guess not
[Mon Jan 11 09:24:01 2016] <Nik05> jrw I got the induction hypothesis ∀ l : list X, n = length l → P l
[Mon Jan 11 12:21:16 2016] <benzrf> rrika: what would 'simpl H' do?
[Mon Jan 11 12:31:37 2016] <jrw> Nik05: right, so notice that hypothesis is for all l, so you have to pick l.
[Mon Jan 11 12:31:55 2016] <jrw> now, your proof may not make it seem like you're picking l, but you are
[Mon Jan 11 12:36:00 2016] <jrw> for example, your goal may have been "P foo and you did "apply IH", that's picking l to be foo
[Mon Jan 11 12:38:06 2016] <jrw> intuitively, you need to peel off the head and tail of the list before applying the IH
[Mon Jan 11 12:39:07 2016] <Nik05> jrw my goal is P l, just l
[Mon Jan 11 12:39:14 2016] <Nik05> i cant peel off anything else
[Mon Jan 11 12:39:50 2016] <jrw> okay but that l probably doesn't have the right length right?
[Mon Jan 11 12:40:11 2016] <jrw> you probably need to figure out a way to pull off the *last* element
[Mon Jan 11 12:40:35 2016] <Nik05> oke
[Mon Jan 11 13:06:46 2016] <Nik05> jrw do you mean to jse skmething like the "init" function frlm haskell?
[Mon Jan 11 13:06:56 2016] <Nik05> use something*
[Mon Jan 11 13:07:21 2016] <jrw> something like that would work, yes
[Mon Jan 11 13:07:32 2016] <jrw> I think it should also work to just "destruct (rev l)"
[Mon Jan 11 13:07:54 2016] <rrika> benzrf, it does nothing in my case, but it's accepted syntactically.
[Mon Jan 11 13:10:55 2016] <Nik05> ah oke destruct l and its rev. thank you hrw
[Mon Jan 11 13:11:08 2016] <Nik05> mobile typing is not easy
[Mon Jan 11 14:21:34 2016] <Nik05> jrw im back behind a pc. But how would i destruct (rev l) if i dont got any rev l?
[Mon Jan 11 14:24:58 2016] <johnw> you can destruct anything you like
[Mon Jan 11 14:25:24 2016] <johnw> if it doesn't relate to anything in the context or the goal, you'll end up with the same goal
[Mon Jan 11 14:25:30 2016] <Nik05> yes
[Mon Jan 11 14:31:20 2016] <Nik05> but i dont got anything related to rev l...
[Mon Jan 11 14:31:49 2016] <johnw> well, it wasn't in your goal or context
[Mon Jan 11 14:32:02 2016] <johnw> so it's branching on the list constructors, but you won't see any "effect" of that
[Mon Jan 11 15:47:33 2016] <rrika> how can I swap a=b in the goal?
[Mon Jan 11 15:47:50 2016] <companion_cube> apply symmetry
[Mon Jan 11 15:47:56 2016] <companion_cube> or symetry, I don't recall
[Mon Jan 11 15:48:05 2016] <Nik05> symmetry
[Mon Jan 11 15:48:32 2016] <rrika> ah thanks
[Mon Jan 11 15:48:43 2016] <companion_cube> just "symmetry" actually, it's not a lemma
[Mon Jan 11 15:50:50 2016] <rrika> if I have a rewrite rule with too many placeholders and coq can't infer the values, how can I help it out?
[Mon Jan 11 15:51:32 2016] <companion_cube> you can probable specify the variables, check the tactics list
[Mon Jan 11 15:52:09 2016] <companion_cube> https://coq.inria.fr/distrib/current/refman/Reference-Manual010.html#sec381
[Mon Jan 11 15:52:13 2016] <rrika> thank you
[Mon Jan 11 15:52:52 2016] <companion_cube> i suppose you can also write intermediate steps with assert
[Mon Jan 11 15:53:23 2016] <companion_cube> like, to rewrite a into c, you might assert (a = b), prove it, then assert (b=c), prove it, and rewrite
[Mon Jan 11 15:53:44 2016] <Nik05> or replace
[Mon Jan 11 16:33:40 2016] <jrw> Nik05: you should try "remember (rev l) as foo. destruct foo." or "destruct (rev l) eqn:?"
[Mon Jan 11 16:41:13 2016] <Nik05> jrw oh what does the eqn:? do?
[Mon Jan 11 16:41:37 2016] <johnw> eqn:NAME remember the relation of the original subject of destruction to each case it generates
[Mon Jan 11 16:41:44 2016] <Nik05> oh right
[Mon Jan 11 16:41:50 2016] <jrw> Nik05: it basically gives you an equality for each case
[Mon Jan 11 16:41:54 2016] <Nik05> ah that is it
[Mon Jan 11 16:42:06 2016] <jrw> the "remember ..." is a manual way of doing the same thing
[Mon Jan 11 16:42:17 2016] <Nik05> oke
[Mon Jan 11 16:49:03 2016] <Nik05> jrw I got the hypothesis rev l = []. Why cant i reduce this to l = [] with inversion?
[Mon Jan 11 16:49:59 2016] <companion_cube> you need to prove this, I think
[Mon Jan 11 16:50:02 2016] <companion_cube> rev is not a constructor
[Mon Jan 11 16:50:05 2016] <jrw> Nik05: inversion doesn't typically work with functions, only with constructors. you can either destruct l or prove a lemma
[Mon Jan 11 16:50:16 2016] <Nik05> oh oke
[Mon Jan 11 16:55:02 2016] <johnw> ironically, I always forget about the remember tactic
[Mon Jan 11 16:55:09 2016] <johnw> I end up using pose proof ... as instead
[Mon Jan 11 16:57:59 2016] <companion_cube> :D
[Mon Jan 11 16:58:11 2016] <Nik05> now i feel so stupid
[Mon Jan 11 17:03:38 2016] <Nik05> i cant even proof rev l = [] -> l = []
[Mon Jan 11 17:17:43 2016] <johnw> just destructing l, simplifying and using discriminate for the cons case should do it
[Mon Jan 11 17:21:38 2016] <companion_cube> what does discriminate do?
[Mon Jan 11 17:22:31 2016] <johnw> any obvious inequalities in the context are resolved ex nihilo
[Mon Jan 11 17:22:47 2016] <johnw> that is, they can be rewritten as derivations of False, and thus trivial
[Mon Jan 11 17:31:24 2016] <companion_cube> well it doesn't seem to work, there
[Mon Jan 11 17:31:32 2016] <companion_cube> the hypothesis contains a ++
[Mon Jan 11 17:32:27 2016] <johnw> ah, right
[Mon Jan 11 17:32:40 2016] <johnw> induction then
[Mon Jan 11 17:35:39 2016] <companion_cube> even then, it's not trivial going from   rev tail ++ head :: nil  to the induction hypothesis
[Mon Jan 11 17:35:49 2016] <companion_cube> I suspect you need a lemma for that
[Mon Jan 11 17:37:29 2016] <johnw> true
[Mon Jan 11 17:40:14 2016] <johnw> ah, no, no other lemmas needed
[Mon Jan 11 17:40:26 2016] <johnw> the trick is to destruct twice
[Mon Jan 11 17:40:56 2016] <johnw> first destruct l to get the bogus hypothesis of rev l ++ [a] = [], then destruct (rev l) to show that no matter what it returns, the hypothesis is false (via discriminate)
[Mon Jan 11 17:43:25 2016] <Nik05> johnw it doesnt do it...
[Mon Jan 11 17:43:42 2016] <johnw> Nik05: https://gist.github.com/87e2928b29761e17b427
[Mon Jan 11 17:44:06 2016] <Nik05> oh
[Mon Jan 11 17:44:35 2016] <johnw> in fact, the "simpl; " can be deleted too
[Mon Jan 11 17:46:11 2016] <Nik05> So discriminate does the same as inversion H?
[Mon Jan 11 17:46:32 2016] <johnw> it requires an inequality, in this case: cons _ _ = nil
[Mon Jan 11 17:46:44 2016] <johnw> or rather, an equality that cannot be true
[Mon Jan 11 17:46:59 2016] <johnw> inversion could work here too, hadn't tried
[Mon Jan 11 17:47:05 2016] <johnw> (might work here too)
[Mon Jan 11 17:47:13 2016] <rrika> >(** **** Exercise: 3 stars (binary_commute)  *)
[Mon Jan 11 17:47:21 2016] <rrika> Either I'm missing the obvious or this should be 5 stars.
[Mon Jan 11 17:47:29 2016] <Nik05> johnw yes inversion works
[Mon Jan 11 17:47:35 2016] <rrika> Solved everything before that really quickly.
[Mon Jan 11 17:47:57 2016] <rrika> Oh, I read the wrong header. >(** **** Exercise: 5 stars, advanced (binary_inverse)  *)
[Mon Jan 11 17:48:00 2016] <rrika> 5 stars after all
[Mon Jan 11 17:48:05 2016] <Nik05> rrika is it from SF?
[Mon Jan 11 17:48:07 2016] <rrika> yes
[Mon Jan 11 17:48:11 2016] <Nik05> oke
[Mon Jan 11 17:48:12 2016] <johnw> rrika: there are times when the stars won't match your individual experience
[Mon Jan 11 17:48:31 2016] <johnw> sort of depends on your background
[Mon Jan 11 17:48:34 2016] <companion_cube> oh nice
[Mon Jan 11 17:48:39 2016] <rrika> I'm much further than yesterday. :)
[Mon Jan 11 17:49:16 2016] <rrika> Todays breakthrough was not intro-ing everything, do induction, then intro the rest.
[Mon Jan 11 17:50:25 2016] <Nik05> rrika which chapter are you doing?
[Mon Jan 11 17:50:55 2016] <johnw> rrika: and you learned why not intro-ing everything works?
[Mon Jan 11 17:51:23 2016] <rrika> Nik05, I'm at the bottom of Inductions.v
[Mon Jan 11 17:51:29 2016] <Nik05> ah oke
[Mon Jan 11 17:52:16 2016] <Nik05> for me it started to become difficult with proving classical logic in Logic.v and Prop.v now...
[Mon Jan 11 17:55:05 2016] <rrika> johnw, to be honest, I don't know. Now that I think about it, it shouldn't matter.
[Mon Jan 11 17:55:23 2016] <rrika> uh, damn, just when I thought I had it nailed.
[Mon Jan 11 17:55:30 2016] <johnw> well, it's a fine point, but a very good one to understand thoroughly
[Mon Jan 11 17:55:40 2016] <johnw> what language are you used to coding in?
[Mon Jan 11 17:55:48 2016] <rrika> you mean other than coq?
[Mon Jan 11 17:55:50 2016] <johnw> yes
[Mon Jan 11 17:55:55 2016] <rrika> python, c++
[Mon Jan 11 17:56:04 2016] <Nik05> here C++ and some haskell
[Mon Jan 11 17:56:14 2016] <rrika> (I also did Rust and Prolog before)
[Mon Jan 11 17:56:46 2016] <johnw> when you "intro" too much, you take away variables from your hypotheses, fixing them to specific values
[Mon Jan 11 17:57:04 2016] <companion_cube> but then you have generalize, right?
[Mon Jan 11 17:57:11 2016] <johnw> right, generializing goes in the other directiosn
[Mon Jan 11 17:57:21 2016] <johnw> in a lot of cases, it doesn't matter
[Mon Jan 11 17:57:32 2016] <companion_cube> the  destruct (rev l) was brilliant
[Mon Jan 11 17:57:37 2016] <johnw> the more general version always works when the less general version works
[Mon Jan 11 17:57:46 2016] <johnw> but the converse is not true, and that's when it matters
[Mon Jan 11 17:58:02 2016] <rrika> shouldn't every occurance of the induction variable get replaced for the case I'm currently in. regardless if in hypothesis or goal.
[Mon Jan 11 17:58:22 2016] <johnw> yes, it's the *other* variables that are in play that this is concerning
[Mon Jan 11 17:58:31 2016] <johnw> say you have two lists, xs and ys
[Mon Jan 11 17:58:40 2016] <johnw> forall xs ys, rev xs = rev ys -> xs = ys
[Mon Jan 11 17:58:47 2016] <johnw> and you use "intros."
[Mon Jan 11 17:59:16 2016] <Nik05> just use inversion :P
[Mon Jan 11 17:59:39 2016] <johnw> now your hypothesis says that rev xs = rev ys. If you induct on xs, then you have to prove that rev [] = rev ys
[Mon Jan 11 18:00:02 2016] <johnw> sorry, you have to prove [] = ys, given rev [] = rev ys
[Mon Jan 11 18:00:16 2016] <johnw> one sec, this may not be a case where it matters
[Mon Jan 11 18:00:17 2016] <rrika> that's the problem I ran into a lot
[Mon Jan 11 18:00:19 2016] <johnw> let me find one that does
[Mon Jan 11 18:00:39 2016] <rrika> don't bother too much actually, I've got plenty of opportunity to mess up my intros.
[Mon Jan 11 18:00:45 2016] <Nik05> johnw im working on one where it matters
[Mon Jan 11 18:00:47 2016] <rrika> and analyze
[Mon Jan 11 18:00:50 2016] <Nik05> Lemma list_ind_middle : ∀ X (P : list X -> Prop), P [] -> (∀ x, P [x]) -> (∀l, P l -> ∀ x y, P (x :: snoc l y)) -> ∀ l, P l.
[Mon Jan 11 18:00:53 2016] <Nik05> :)
[Mon Jan 11 18:01:26 2016] <johnw> ah, right it does matter here
[Mon Jan 11 18:01:33 2016] <johnw> so, in the "cons" case, we end up with this:
[Mon Jan 11 18:01:36 2016] <johnw>   H : rev (a :: xs) = rev ys
[Mon Jan 11 18:01:37 2016] <johnw>   IHxs : rev xs = rev ys -> xs = ys
[Mon Jan 11 18:01:41 2016] <johnw> well, that's never going to be provable
[Mon Jan 11 18:01:44 2016] <johnw> what we *wanted* was this:
[Mon Jan 11 18:01:52 2016] <johnw>   H : rev (a :: xs) = rev ys
[Mon Jan 11 18:02:00 2016] <johnw>   IHxs : forall ys, rev xs = rev ys -> xs = ys
[Mon Jan 11 18:02:14 2016] <johnw> to say that if rev xs = rev something, then xs = that something
[Mon Jan 11 18:02:21 2016] <johnw> the "intros." took the "ys" away from our IHxs
[Mon Jan 11 18:03:37 2016] <johnw> if that doesn't make sense, just let it sit in the back of your brain, it'll came back later
[Mon Jan 11 18:03:43 2016] <rrika> will do
[Mon Jan 11 18:18:38 2016] <companion_cube> how do you go from the goal  a::l1 = b::l2  to  goals  a=b, l1=l2 ?
[Mon Jan 11 18:18:46 2016] <johnw> f_equal
[Mon Jan 11 18:19:22 2016] <companion_cube> so, this is a lemma?
[Mon Jan 11 18:19:34 2016] <Nik05> yes
[Mon Jan 11 18:19:36 2016] <johnw> a very simple one, yes
[Mon Jan 11 18:19:51 2016] <companion_cube> weird
[Mon Jan 11 18:19:52 2016] <companion_cube> thanks
[Mon Jan 11 18:20:11 2016] <companion_cube> the proof of  rev l1=rev l2 -> l1=l2 was a bit cumbersome...
[Mon Jan 11 18:20:17 2016] <Nik05> It's just: x = y → f x = f y
[Mon Jan 11 18:21:06 2016] <Nik05> dont you ned f_equal2?
[Mon Jan 11 18:21:41 2016] <companion_cube> oh in this case I actually had  a :: l1 = a :: l2 ;)
[Mon Jan 11 18:21:58 2016] <companion_cube> so I got lucky that f_equal worked well with currying (I guess)
[Mon Jan 11 18:34:42 2016] <Nik05> jrw still have no idea how to get this
[Mon Jan 11 18:34:48 2016] <johnw> get what?
[Mon Jan 11 18:35:20 2016] <johnw> companion_cube: that rev proof required also proving "app_inj_tail", which was much more cumbersome
[Mon Jan 11 18:35:33 2016] <companion_cube> :s
[Mon Jan 11 18:35:36 2016] <companion_cube> I did use it
[Mon Jan 11 18:35:40 2016] <johnw> since it involved a lot of sub-destructions and eliminating impossible hypothesis
[Mon Jan 11 18:36:04 2016] <johnw> companion_cube: https://github.com/jwiegley/notes/blob/master/ListRev.v
[Mon Jan 11 18:36:23 2016] <johnw> where app_inv = app_inj_tail
[Mon Jan 11 18:36:41 2016] <companion_cube> eww
[Mon Jan 11 18:37:08 2016] <Nik05> hm i need that proof actually...
[Mon Jan 11 18:37:09 2016] <companion_cube> http://vrac.cedeela.fr/lists.v mine
[Mon Jan 11 18:37:31 2016] <johnw> intros ... x. generalize dependent x. == intros ....
[Mon Jan 11 18:37:43 2016] <johnw> just don't intros the variable you want to be generalized
[Mon Jan 11 18:37:46 2016] <companion_cube> yeah yeah right
[Mon Jan 11 18:39:43 2016] <Nik05> johnw im trying to proof the middle induction principle for lists
[Mon Jan 11 18:40:15 2016] <johnw> custom induction principles are fun
[Mon Jan 11 18:40:28 2016] <Nik05> no :P
[Mon Jan 11 18:40:47 2016] <Nik05> im stuck for a few days :P
[Mon Jan 11 18:41:11 2016] <Nik05> Have found the proof in Coq d'Art, but its really ugly :P
[Mon Jan 11 18:41:33 2016] <Nik05> so im trying to proof it with another custom induction principle on natural numbers
[Mon Jan 11 18:41:39 2016] <Nik05> jrw already solved it a few days ago :)
[Mon Jan 11 18:41:57 2016] <companion_cube> Coq isn't ready yet for daily usage by mathematicians, I'm afraid :/
[Mon Jan 11 18:42:44 2016] <johnw> companion_cube: see the mathcomp project; or did you mean non-compsci mathematicians?
[Mon Jan 11 18:44:07 2016] <companion_cube> I mean mathematicians who aren't interested in Coq in itself, but just want to prove their stuff
[Mon Jan 11 18:45:49 2016] <Nik05> luckely im not a mathematician :P
[Mon Jan 11 18:47:05 2016] <companion_cube> well even a computer scientist might not care about type theory :)
[Mon Jan 11 18:49:05 2016] <benzrf> Nik05: no?
[Mon Jan 11 18:49:10 2016] <benzrf> then why are you messing with coq?
[Mon Jan 11 18:49:21 2016] <Nik05> benzrf i think its interesting
[Mon Jan 11 18:49:31 2016] <benzrf> well what do you consider to be the meaning of 'mathematician'
[Mon Jan 11 18:50:20 2016] <Nik05> people that work with math on a daily basis
[Mon Jan 11 18:50:32 2016] <Nik05> no wait i do that too... but not this kind of math
[Mon Jan 11 18:51:26 2016] <Nik05> Im just using math for engineering and describing some physics
[Mon Jan 11 18:51:48 2016] <Nik05> maybe i should have studied mathematics
[Mon Jan 11 19:08:18 2016] <Nik05> I think i just need to proof rev xs = ys -> xs = rev ys
[Mon Jan 11 19:09:02 2016] <johnw> Nik05: isn't that the same as saying rev (rev xs) = xs?
[Mon Jan 11 19:09:07 2016] <johnw> aka, rev_involutive
[Mon Jan 11 19:09:34 2016] <Nik05> oh already proved rev_involutive
[Mon Jan 11 19:09:58 2016] <Nik05> but how is that the same?
[Mon Jan 11 19:09:59 2016] <johnw> that should make "rev xs = ys -> xs = rev ys" trivial
[Mon Jan 11 19:10:00 2016] <johnw> one sec
[Mon Jan 11 19:12:07 2016] <johnw> forall (H : rev xs = ys), xs = rev ys. Proof. rewrite <- H.
[Mon Jan 11 19:12:13 2016] <johnw> that leaves you at "xs = rev (rev xs)". :)
[Mon Jan 11 19:12:18 2016] <Nik05> oh :P
[Mon Jan 11 19:12:27 2016] <Nik05> oh damn
[Mon Jan 11 19:12:40 2016] <Nik05> im thinking way to hard :P
[Mon Jan 11 19:12:53 2016] <Nik05> was doing all these inductions... its just a simple rewrite
[Mon Jan 11 19:12:55 2016] <johnw> usually if you see f x = y -> x = g y, it's the same as f (g x) = x
[Mon Jan 11 19:13:28 2016] <johnw> that's how I noticed it
[Mon Jan 11 19:13:45 2016] <Nik05> yes :)
[Mon Jan 11 19:16:48 2016] <Nik05> Looks like my Search isnt working at all...
[Mon Jan 11 19:16:55 2016] <Nik05> Search length rev, i get nothing
[Mon Jan 11 19:17:11 2016] <johnw> as a hint, ssreflect's Search (provided by its ssrmatching plugin) is all kinds of better
[Mon Jan 11 19:17:28 2016] <johnw> after you install ssreflect 1.6, you put:
[Mon Jan 11 19:17:29 2016] <johnw> Require Import mathcomp.ssreflect.ssreflect.
[Mon Jan 11 19:17:29 2016] <johnw> From mathcomp Require Export ssrmatching.
[Mon Jan 11 19:17:34 2016] <Nik05> oh oke
[Mon Jan 11 19:17:37 2016] <johnw> and now "Search (length (rev _))".
[Mon Jan 11 19:17:54 2016] <johnw> actually, I think you only need the second line
[Mon Jan 11 19:18:33 2016] <johnw> it immediately finds:
[Mon Jan 11 19:18:34 2016] <johnw> rev_length  forall (A : Type) (l : list A), length (rev l) = length l
[Mon Jan 11 19:18:44 2016] <Nik05> maybe i should recompile everything...
[Mon Jan 11 19:20:56 2016] <Nik05> wtf Error: The reference rev_length was not found in the current environment.
[Mon Jan 11 19:21:23 2016] <johnw> did you Require Import List.?
[Mon Jan 11 19:21:51 2016] <Nik05> johnw im not using any Coq libraries everything from proofed myself or preproven in SF
[Mon Jan 11 19:21:56 2016] <johnw> ah, ok
[Mon Jan 11 19:22:10 2016] <Nik05> and SF should import everything recursively
[Mon Jan 11 19:23:35 2016] <Nik05> Result for command Search rev length . :
[Mon Jan 11 19:23:37 2016] <Nik05> i dont get it
[Mon Jan 11 19:24:56 2016] <Nik05> :S
[Mon Jan 11 19:25:20 2016] <Nik05> oh maybe because its in a Module?
[Mon Jan 11 19:25:36 2016] <johnw> hmm?
[Mon Jan 11 19:25:47 2016] <johnw> is it in a module that's not imported?
[Mon Jan 11 19:25:58 2016] <Nik05> maybe it is
[Mon Jan 11 19:26:12 2016] <Nik05> how do i know if its in a module?
[Mon Jan 11 19:26:27 2016] <johnw> that's a great quetsion
[Mon Jan 11 19:26:52 2016] <Nik05> ;p
[Mon Jan 11 19:27:55 2016] <Nik05> so strange, because rev_involutive is just below it
[Mon Jan 11 19:30:00 2016] <Nik05> :S
[Mon Jan 11 19:31:04 2016] <Nik05> really strange that SF put it in a module, thats why its not shown
[Mon Jan 11 19:31:16 2016] <Nik05> and rev_involutive is in two .v files
[Mon Jan 11 19:32:36 2016] <Nik05> oh wait rev_length is just for list of natural numbers -_-
[Mon Jan 11 19:33:31 2016] <Nik05> all these theorems are missing
[Mon Jan 11 19:38:25 2016] <Nik05> well atleast i can solve these really easy
[Mon Jan 11 19:40:13 2016] <Nik05> jrw finally I proofed it :P
[Mon Jan 11 19:40:24 2016] <Nik05> list_ind_middle is defined
[Mon Jan 11 19:40:30 2016] <Nik05> thank you johnw
[Mon Jan 11 19:41:33 2016] <Nik05> now to the proving of ∀ (X : Type) (l : list X), l = rev l → pal l
[Mon Jan 11 19:42:33 2016] <johnw> oh, that's an unpleasant one
[Mon Jan 11 19:42:43 2016] <johnw> I never could do it entirely on my own
[Mon Jan 11 19:42:52 2016] <johnw> i should try again
[Mon Jan 11 19:46:01 2016] <Nik05> wait i now have this custom inductive principle, but how does the naming with as work?
[Mon Jan 11 19:48:53 2016] <Nik05> ah now it works better
[Mon Jan 11 20:10:11 2016] <Nik05> oh f_equal is a tactic. I was doing apply f_equal all the time
[Mon Jan 11 20:33:13 2016] <benzrf> Nik05: it's both
[Mon Jan 11 20:34:28 2016] <Nik05> i know now :)
[Mon Jan 11 20:38:48 2016] <Nik05> I only need to proof this: snoc l1 x = snoc l2 x -> l1 = l2 Am I thinking to hard?
[Mon Jan 11 20:39:36 2016] <benzrf> Nik05: no, that's nontrivial
[Mon Jan 11 20:39:52 2016] <benzrf> Nik05: you need to know that snoc partially applied on its second arg is injective
[Mon Jan 11 20:41:24 2016] <Nik05> yes
[Mon Jan 11 20:41:31 2016] <Nik05> But how? :)
[Mon Jan 11 20:41:48 2016] <benzrf> probably induction on l1
[Mon Jan 11 20:42:00 2016] <Nik05> tried induction on l1, on (snoc l1 x)
[Mon Jan 11 20:42:51 2016] <benzrf> 1 sec
[Mon Jan 11 20:43:58 2016] <jrw> Nik05: should follow by induction on l1 provided you haven't intros'd l2 (or just do "generalize dependent l2" before inducting)
[Mon Jan 11 20:44:18 2016] <Nik05> oke
[Mon Jan 11 20:45:17 2016] <Nik05> ah hey jrw
[Mon Jan 11 20:45:25 2016] <jrw> hey :)
[Mon Jan 11 20:45:39 2016] <Nik05> I proofed my induction principle, finally
[Mon Jan 11 20:46:16 2016] <jrw> nice
[Mon Jan 11 20:55:27 2016] <Nik05> i dont see how i can use the induction hypothesis in this proof
[Mon Jan 11 21:08:44 2016] <Nik05> palindrome_converse is defined
[Mon Jan 11 21:09:01 2016] <Nik05> still need to proof the injectivity of snoc...
[Mon Jan 11 21:52:17 2016] <jrw> Nik05: what's the definition of snoc again?
[Mon Jan 11 21:57:39 2016] <Nik05> jrw snoc l v = match l with | [] => v | h :: t => h :: snoc t v
[Mon Jan 11 21:57:57 2016] <jrw> ah okay, one sec
[Mon Jan 11 21:59:07 2016] <jrw> Nik05: I was able to prove it by induction on l1
[Mon Jan 11 21:59:17 2016] <jrw> you need to make sure l2 is *not* intro'd
[Mon Jan 11 21:59:57 2016] <Nik05> hm that fast...
[Mon Jan 11 22:01:23 2016] <Nik05> but the second goal is x :: l1' = l2 with the hypothesis snoc (x1 :: l1') x = snoc l2 x
[Mon Jan 11 22:01:56 2016] <jrw> right, so you'll need to destruct l2
[Mon Jan 11 22:02:07 2016] <Nik05> to use the induction hypotehesis i have to somehow remove x1...
[Mon Jan 11 22:02:34 2016] <Nik05> yes thats what i have here as well
[Mon Jan 11 22:04:15 2016] <jrw> if l2 is [], you should be able to derive a contradiction
[Mon Jan 11 22:04:44 2016] <jrw> if it is x2 :: l2', then you can simplify the hypothesis and use inversion to get x1 = x2
[Mon Jan 11 22:04:55 2016] <jrw> then f_equal will reduce the goal to the induction hypothesis
[Mon Jan 11 22:05:12 2016] <Nik05> this is ofcourse a contradiction: snoc l1' x = [ ]
[Mon Jan 11 22:07:22 2016] <Nik05> oh wait got it :P
[Mon Jan 11 22:07:40 2016] <Nik05> got a sublemma to proof snoc l x = [] -> False
[Mon Jan 11 22:07:51 2016] <Nik05> But why can't inversion figure this out?
[Mon Jan 11 22:08:07 2016] <johnw> you could "destruct l; discriminate"
[Mon Jan 11 22:08:42 2016] <Nik05> oh
[Mon Jan 11 22:08:51 2016] <johnw> inversion isn't so great at seeing through fixpoints
[Mon Jan 11 22:09:05 2016] <Nik05> yes you told this earlier today :P
[Mon Jan 11 22:09:34 2016] <Nik05> oh right, thats it...
[Mon Jan 11 22:13:36 2016] <Nik05> oh man, the proof was really simple...
[Mon Jan 11 22:14:07 2016] <Nik05> just shortend my proof by moving a inversion upwards
[Mon Jan 11 22:15:38 2016] <Nik05> Thank you jrw and johnw
[Mon Jan 11 22:15:59 2016] <jrw> Nik05: np. does that mean you finished a complete proof of the pal thing?
[Mon Jan 11 22:16:32 2016] <Nik05> yes jrw :P
[Mon Jan 11 22:17:00 2016] <jrw> cool. congrats!
[Mon Jan 11 22:17:14 2016] <Nik05> thank you
[Mon Jan 11 22:17:16 2016] <jrw> this is the first "new" solution to that exercise I've seen in ~5 years
[Mon Jan 11 22:17:26 2016] <Nik05> cool
[Mon Jan 11 22:18:17 2016] <Nik05> what is the normal way to do it?
[Mon Jan 11 22:21:18 2016] <jrw> Nik05: the way I've always seen people do it is by so-called "strong induction" on the length
[Mon Jan 11 22:21:30 2016] <jrw> which is where you prove the following related lemma:
[Mon Jan 11 22:21:47 2016] <jrw> forall n l, length l <= n -> rev l = l -> pal l
[Mon Jan 11 22:21:50 2016] <jrw> by induction on n
[Mon Jan 11 22:22:00 2016] <jrw> (without introducing l)
[Mon Jan 11 22:22:09 2016] <Nik05> oh <= n...
[Mon Jan 11 22:22:12 2016] <jrw> your induction hypothesis then says something about every list of any smaller length
[Mon Jan 11 22:22:22 2016] <jrw> so when you peel the head and the end of the list off
[Mon Jan 11 22:22:33 2016] <jrw> you just prove it's shorter, and you get the induction hypothesis
[Mon Jan 11 22:24:05 2016] <Nik05> trying to do it in my head now
[Mon Jan 11 22:26:25 2016] <Nik05> who found out to do induction on less than or equal the length of the list?
[Mon Jan 11 22:26:59 2016] <Nik05> oh you already said "strong induction", will search for it
[Mon Jan 11 22:27:20 2016] <jrw> "strong induction" just means you get to assume the IH for all smaller values, not just the previous one
[Mon Jan 11 22:27:49 2016] <jrw> modifying the theorem to include a hypothesis of the form ... <= n, and then inducting on n is a way to achieve strong induction in coq
[Mon Jan 11 22:31:03 2016] <Nik05> and then just do a destruct on l and you have proven the first step
[Mon Jan 11 23:15:24 2016] <johnw> i wonder how anyone is supposed to do rev_pal knowing only what SF has taught them up to that point
[Mon Jan 11 23:15:57 2016] <johnw> both the custom induction principle, and the "length trick" would be beyond anyone at that point in the text, as far as I can tell
[Mon Jan 11 23:19:37 2016] <jrw> yeah I have no idea
[Mon Jan 11 23:19:48 2016] <jrw> you don't need the custom induction principle
[Mon Jan 11 23:19:54 2016] <jrw> you can just do it "inline"
[Mon Jan 11 23:20:08 2016] <jrw> but you definitely need something like the length trick to get a stronger IH
[Mon Jan 11 23:30:18 2016] <johnw> yeah, tried another few hours, I give up again (on doing it without the length trick)
[Mon Jan 11 23:35:23 2016] <jrw> what other approaches are there?
[Mon Jan 11 23:35:52 2016] <johnw> I'm wondering which approach the SF authors had in mind
[Mon Jan 11 23:37:18 2016] <johnw> https://stackoverflow.com/questions/24363319/proving-that-a-reversible-list-is-a-palindrome-in-coq
[Mon Jan 11 23:37:23 2016] <johnw> the standard two approaches :(
[Mon Jan 11 23:37:34 2016] <johnw> I'll ask Pierce the next time I see him
[Mon Jan 11 23:40:23 2016] <jrw> johnw: you going to POPL?
[Mon Jan 11 23:40:27 2016] <johnw> sadly, no
[Mon Jan 11 23:40:39 2016] <jrw> :\
[Tue Jan 12 00:16:17 2016] <jrw> johnw: okay here's a third way https://gist.github.com/wilcoxjay/3657f69f0168a223d930
[Tue Jan 12 00:16:39 2016] <jrw> I think this might be the most "elementary"
[Tue Jan 12 00:16:44 2016] <jrw> though it's long-winded
[Tue Jan 12 00:17:12 2016] <jrw> basic idea is to define an inductive type with nil, singleton, and add-to-front-and-back-at-once constructors
[Tue Jan 12 00:17:18 2016] <jrw> convert back and forth to regular lists
[Tue Jan 12 00:17:25 2016] <jrw> use that to prove induction principle
[Tue Jan 12 01:14:51 2016] <johnw> that's the "custom induction principle" approach though
[Tue Jan 12 01:15:01 2016] <johnw> one of the two approaches I know of so far, that I wouldn't have known up until that point in the text
[Tue Jan 12 01:21:26 2016] <jrw> I'm not sure the custom induction principle is fundamental
[Tue Jan 12 01:21:50 2016] <jrw> I'm pretty sure I could redo that proof to get rid of the principle and just use its proof inline
[Tue Jan 12 01:22:18 2016] <johnw> what I wonder is, would you, as an SF student, have known how to do this then
[Tue Jan 12 01:22:48 2016] <jrw> hell no
[Tue Jan 12 01:23:14 2016] <jrw> maybe it's different for people who actually take the class in person
[Tue Jan 12 01:23:20 2016] <johnw> that could be
[Tue Jan 12 02:02:59 2016] <Cypi> I believe the "length trick" is in the realm of what you can do at this point, as long as you already know about strong induction (which you usually do?)
[Tue Jan 12 02:15:30 2016] <johnw> I don't think I did, then...
[Tue Jan 12 02:15:33 2016] <johnw> anyway, night all
[Tue Jan 12 03:29:43 2016] <rrika> Lesson learned: removing an surjective function with apply f_equal is a good way to get into the position of having to prove impossible things.
[Tue Jan 12 14:29:52 2016] <Nik05> goodmorning
[Tue Jan 12 15:02:27 2016] <tbelaire> I've noticed that a lot of my proofs seem to be "assert (H : foo). exact (bar _ _ _)."
[Tue Jan 12 15:02:44 2016] <tbelaire> Is that an idiomatic style, or is there a better way usually?
[Tue Jan 12 15:06:13 2016] <jrw> tbelaire: you can also use "assert ... by exact ... ." to connect the two statements together. or use "pose proof (bar ...) as H" as an alternative
[Tue Jan 12 15:06:53 2016] <tbelaire> okay.
[Tue Jan 12 15:20:21 2016] <Cypi> tbelaire : if you just use exact, you can directly do: "assert (H := bar ...)" too
[Tue Jan 12 15:20:37 2016] <Cypi> ah, nevermind, did not see the "pose proof" suggestion, which does basically the same
[Tue Jan 12 15:20:37 2016] <tbelaire> ah, nice
[Tue Jan 12 15:58:36 2016] <johnw> pose proof is what I would use too
[Tue Jan 12 19:09:18 2016] <Nik05> jrw are you here?
[Tue Jan 12 19:09:27 2016] <jrw> Nik05: yep
[Tue Jan 12 19:10:11 2016] <Nik05> Im now trying to prove basic things about <=, but I don't really see what to do. On which argument i should use induction on
[Tue Jan 12 19:10:46 2016] <jrw> how is <= defined?
[Tue Jan 12 19:10:51 2016] <jrw> and what properties are you proving?
[Tue Jan 12 19:11:41 2016] <Nik05> Inductive le (n : nat) : nat → Prop := le_n : n ≤ n | le_S : ∀ m : nat, n ≤ m → n ≤ S m
[Tue Jan 12 19:11:59 2016] <jrw> okay
[Tue Jan 12 19:12:14 2016] <jrw> so then you probably want to induct on the proof of le itself, rather than an argument
[Tue Jan 12 19:12:29 2016] <Nik05> I proofed ∀n 0 <= n, and n <= m -> S n <= S m
[Tue Jan 12 19:12:50 2016] <jrw> okay, which one are you stuck on?
[Tue Jan 12 19:13:04 2016] <Nik05> oh
[Tue Jan 12 19:13:19 2016] <Nik05> forall m n o, m <= n -> n <= o -> m <= o and Sn_le_Sm__n_le_m
[Tue Jan 12 19:13:27 2016] <Nik05> but the last one i can solve with the first
[Tue Jan 12 19:16:01 2016] <Nik05> oh sorry the last one is S n <= S m -> n <= m.
[Tue Jan 12 19:16:12 2016] <jrw> right
[Tue Jan 12 19:16:48 2016] <jrw> so, the general advice is to just try everything
[Tue Jan 12 19:17:01 2016] <jrw> making sure to leave as many things generalized/not-intros'd as possible
[Tue Jan 12 19:17:21 2016] <Nik05> oke :P
[Tue Jan 12 19:17:22 2016] <jrw> more specific than that, there are a few heuristics that I use, but I always fall back on trying everything if they fail
[Tue Jan 12 19:17:42 2016] <jrw> one is to induct on hypotheses themselves instead of arguments
[Tue Jan 12 19:20:15 2016] <jrw> if you're stuck on a specific thing and can tell me what you've tried, I can give you more hints
[Tue Jan 12 19:20:16 2016] <Nik05> oh already got it...
[Tue Jan 12 19:20:23 2016] <Nik05> ah thank you :)
[Tue Jan 12 19:20:39 2016] <Nik05> I had such a long proof with multiple inductions etc
[Tue Jan 12 19:20:51 2016] <Nik05> but it was just an induction the hypothesis with o
[Tue Jan 12 19:21:33 2016] <Nik05> not even a generalisation was needed
[Tue Jan 12 19:22:24 2016] <johnw> it's very rare to need more than one induction
[Tue Jan 12 19:22:31 2016] <johnw> it's common to need an induction + one or more destructions
[Tue Jan 12 19:22:40 2016] <Nik05> oke
[Tue Jan 12 19:22:58 2016] <johnw> in programming terms, an induction is a recursive call, while a destruction is merely a "case" pattern match
[Tue Jan 12 19:23:25 2016] <johnw> (well, induction case matches too, but then recurses in some of the branches, if the constructor at that branch is recursive)
[Tue Jan 12 19:23:32 2016] <jrw> that's great advice
[Tue Jan 12 19:23:41 2016] <Nik05> ah oke
[Tue Jan 12 19:24:17 2016] <jrw> nested inductions are like nested while loops or nested letrecs
[Tue Jan 12 19:24:30 2016] <johnw> further, if you never use your induction hypothesis, you can safely downgrade to a destruct
[Tue Jan 12 19:24:44 2016] <jrw> they occasionally show up, but rarely, especially in exercises :)
[Tue Jan 12 19:25:46 2016] <Cypi> and when they do, you probably want to split that in another lemma :p
[Tue Jan 12 19:26:57 2016] <Nik05> My proof of n <= m -> S n <= S m uses two inductions :P
[Tue Jan 12 19:27:11 2016] <Nik05> But proofed that before i proofed le_trans...
[Tue Jan 12 19:29:16 2016] <Nik05> oh no
[Tue Jan 12 19:29:25 2016] <Nik05> that is also just a induction on a hypothesis
[Tue Jan 12 19:30:24 2016] <Nik05> oh jrw I had a question about custom induction principles. How can i give my own names to the variables it uses?
[Tue Jan 12 19:30:30 2016] <Nik05> using induction as
[Tue Jan 12 19:32:32 2016] <jrw> does "as" not work?
[Tue Jan 12 19:32:57 2016] <Nik05> I tried but I have no idea how the syntax works with my custom principle
[Tue Jan 12 19:33:27 2016] <jrw> should be something like "induction x as [a | b c] using my_ind."
[Tue Jan 12 19:34:02 2016] <Nik05> ah wait it follows the order of my forall arguments
[Tue Jan 12 19:34:40 2016] <Nik05> i got it i think
[Tue Jan 12 19:43:00 2016] <Nik05> I proofed them all
[Tue Jan 12 19:44:30 2016] <jrw> nice :)
[Tue Jan 12 19:45:57 2016] <Nik05> earlier i was laying in bed trying to figure out on how to do the induction on the arguments...
[Tue Jan 12 19:46:20 2016] <Nik05> just trying in my head if it made any sense...
[Tue Jan 12 23:26:34 2016] <noob0> how to do dependent destruction manually
[Tue Jan 12 23:28:15 2016] <noob0> or how to tell the dependent destruction tactic that the indices have decidable equality
[Tue Jan 12 23:59:27 2016] <jrw> noob0: I have a blog post about how to write the matches manually: http://homes.cs.washington.edu/~jrw12/dep-destruct.html
[Tue Jan 12 23:59:42 2016] <noob0> lol i am reading it now
[Tue Jan 12 23:59:45 2016] <jrw> :D
[Tue Jan 12 23:59:46 2016] <noob0> about cardinals
[Tue Jan 12 23:59:53 2016] <noob0> good good ..
[Wed Jan 13 00:00:06 2016] <jrw> if you post an example of where you're stuck, I can take a look
[Wed Jan 13 00:00:21 2016] <noob0> dependent destruction is the most powerful and also the most nasty thing in coq
[Wed Jan 13 00:01:16 2016] <noob0> .. it is strange that even CPDT settle with his wrapper dep_destruct around dependent destruction instead of addressing the real problem
[Wed Jan 13 00:04:17 2016] <jrw> what is the real problem?
[Wed Jan 13 00:09:22 2016] <noob0> well how to tell the dependent destruction tactic that the indices have decidable equality
[Wed Jan 13 00:09:39 2016] <noob0> or how to write specialized dependent destruction
[Wed Jan 13 00:11:16 2016] <noob0> by the way the last goal in    refine (match x as x' in ... => _ | => _ end eq_refl _) is simply eq_refl... because eq_rect eq_refl is identity
[Wed Jan 13 00:18:09 2016] <jrw> noob0: I'm not sure what you mean, are you saying I can get rid of the convoy?
[Wed Jan 13 00:18:53 2016] <noob0> I just say you could put eq_relf instead of the final _
[Wed Jan 13 00:19:48 2016] <jrw> oh, totally
[Wed Jan 13 00:21:20 2016] <noob0> jrw: yeah hehe
[Wed Jan 13 00:29:26 2016] <noob0> haha you talk about dep_destruct (cfold e1) of CPDT hehe great great
[Wed Jan 13 00:31:12 2016] <noob0> jrw: haha yeah haha clap clap
[Wed Jan 13 01:09:24 2016] <noob0> jrw: at the end in term_case you are a bit confused..
[Wed Jan 13 01:10:12 2016] <noob0> jrw: the decidable equality thing and inversion pf happen in the tactic AFTER you have applied term_case
[Wed Jan 13 01:11:02 2016] <noob0> because inside term_case we know eq_rect eq_refl is identity
[Wed Jan 13 01:11:42 2016] <jrw> noob0: can you tell me what part of the post you're talking about?
[Wed Jan 13 01:12:01 2016] <noob0> at the end Lemma term_case :
[Wed Jan 13 01:13:17 2016] <noob0> there are basically two ideas : 1. the destruction principle 2. the auxilliary tactic that does pattern; apply des_principle; transport along any pf is identity by decidability of indices
[Wed Jan 13 01:13:42 2016] <jrw> right
[Wed Jan 13 01:14:33 2016] <jrw> I'm still not seeing what's wrong?
[Wed Jan 13 01:14:39 2016] <jrw> do I get them confused somewhere?
[Wed Jan 13 01:16:35 2016] <noob0> yes for example in the proof of term_case  you specialize say X1 with eq_refl.. therefore we know stuff is identity
[Wed Jan 13 01:23:16 2016] <jrw> noob0: right, but I don't know before I do the destruct that it's going to work out, right?
[Wed Jan 13 01:24:50 2016] <noob0> jrw: well the way you state your lemma is so that it work out, right?
[Wed Jan 13 01:25:23 2016] <jrw> noob0: sure, but I don't see any other way to state the lemma
[Wed Jan 13 01:25:33 2016] <jrw> I guess I'm asking, how would you write it differently?
[Wed Jan 13 01:26:34 2016] <noob0> jrw: instead of rewrite <- decstuffstuff .. you may do simpl in X0.
[Wed Jan 13 01:26:47 2016] <jrw> ah
[Wed Jan 13 01:26:51 2016] <jrw> cool
[Wed Jan 13 01:27:20 2016] <jrw> so you're saying there's only need for transport in the aux tactic, never in the destruction principle?
[Wed Jan 13 01:27:27 2016] <noob0> those decstuffstuff happen outside at the time that you do your auxilliary tactic
[Wed Jan 13 01:27:36 2016] <noob0> yep
[Wed Jan 13 01:27:38 2016] <jrw> nice
[Wed Jan 13 01:27:48 2016] <jrw> can I acknowledge you in an updated version of the post?
[Wed Jan 13 01:28:02 2016] <noob0> lol 1337777
[Wed Jan 13 01:28:15 2016] <noob0> nah forget
[Wed Jan 13 01:28:55 2016] <jrw> you sure?
[Wed Jan 13 01:29:41 2016] <noob0> the little piece which is lacking is to write clearly your auxilliary tactic and I am too lazy to write it for you
[Wed Jan 13 01:31:16 2016] <jrw> when I originally wrote the post I did write the tactic, just didn't include it in the published part
[Wed Jan 13 01:31:29 2016] <jrw> I wanted to make sure that the CPDT proof went through with the new tactic
[Wed Jan 13 01:31:31 2016] <jrw> and it did
[Wed Jan 13 01:31:59 2016] <noob0> yes
[Wed Jan 13 01:32:22 2016] <noob0> all I did was remind you hehe
[Wed Jan 13 01:32:44 2016] <jrw> well it was useful :)
[Wed Jan 13 01:33:02 2016] <jrw> I would prefer to mention you, but you'd rather I not, that's fine too
[Wed Jan 13 01:33:12 2016] <noob0> haaa this was good read.. YOU MUST ask this to be included in CPDT !!
[Wed Jan 13 01:34:36 2016] <jrw> glad you enjoyed it :)
[Wed Jan 13 01:35:16 2016] <noob0> hehe zleep time
[Wed Jan 13 02:53:05 2016] <joco42> does the mac CoqIDE have a REPL ? I am just getting started with Software Foundations...
[Wed Jan 13 03:42:14 2016] <arcatan> i just write the stuff in the ide (or proof general) and jump back and forth
[Wed Jan 13 04:42:12 2016] <joco42> ok, right
[Wed Jan 13 12:15:36 2016] <tbelaire> What's the way to get a contradiction out of "S n = n"?
[Wed Jan 13 12:17:11 2016] <tbelaire> discriminate?
[Wed Jan 13 12:17:51 2016] <tbelaire> What does "No primitive equality found" mean?
[Wed Jan 13 12:19:43 2016] <sgnb> tbelaire: by induction on n
[Wed Jan 13 12:40:48 2016] <tbelaire> How do I use the injective property of constructors?  E.g. n <> n' -> S n <> S n' ?
[Wed Jan 13 12:47:39 2016] <joco42> in https://www.cis.upenn.edu/~bcpierce/sf/current/Basics.html#lab22 it is written :
[Wed Jan 13 12:48:04 2016] <joco42> https://www.irccloud.com/pastebin/XatQIoUD/
[Wed Jan 13 12:48:18 2016] <joco42> what does it mean to -step through- ?
[Wed Jan 13 12:48:21 2016] <joco42> how ?
[Wed Jan 13 12:48:35 2016] <joco42> i am using coqide on mac
[Wed Jan 13 12:48:58 2016] <tbelaire> is it f2, f3, f4?
[Wed Jan 13 12:49:16 2016] <tbelaire> To step {back, forward} and to the cursor
[Wed Jan 13 12:49:23 2016] <joco42> ahha
[Wed Jan 13 12:49:24 2016] <joco42> ok i try
[Wed Jan 13 12:50:12 2016] <joco42> i see :)
[Wed Jan 13 12:50:15 2016] <tbelaire> :)
[Wed Jan 13 12:50:20 2016] <joco42> ctrl+cmd+down
[Wed Jan 13 12:51:18 2016] <tbelaire> ah, okay.
[Wed Jan 13 12:51:27 2016] <tbelaire> I am using coquille (the vim plugin)
[Wed Jan 13 12:52:00 2016] <joco42> hmmm... well, maybe terminal is better...
[Wed Jan 13 12:53:33 2016] <tbelaire> Unfortunately 8.5rc broke the plugin.  There are changes to the ipc protocall.
[Wed Jan 13 12:53:57 2016] <joco42> what about emacs?
[Wed Jan 13 12:57:50 2016] <joco42> i cannot explain why that happens...
[Wed Jan 13 12:57:59 2016] <joco42> https://www.irccloud.com/pastebin/XatQIoUD/
[Wed Jan 13 12:58:07 2016] <joco42> why ?
[Wed Jan 13 13:00:58 2016] <joco42> commutativity?
[Wed Jan 13 13:03:24 2016] <tbelaire> emacs works well with proof general
[Wed Jan 13 13:03:56 2016] <tbelaire> + is defined by induction on the first variable, right?
[Wed Jan 13 13:04:21 2016] <joco42> yeah
[Wed Jan 13 13:04:55 2016] <tbelaire> but we don't have any information about the first variable, only the second
[Wed Jan 13 13:05:02 2016] <tbelaire> so it fails to simplify
[Wed Jan 13 13:05:19 2016] <joco42> hmm, interesting, thanks
[Wed Jan 13 13:31:54 2016] <tbelaire> Ah, "unfold not. inversion." did what I needed.
[Wed Jan 13 16:14:11 2016] <johnw> tbelaire: for S n = n, you'd need: destruct n; discriminate
[Wed Jan 13 16:14:30 2016] <johnw> actually, that might not work either; it might need to be an induction
[Wed Jan 13 16:15:04 2016] <tbelaire> unfold not. then an inversion did the trick
[Wed Jan 13 16:15:14 2016] <johnw> yeah, that will work too
[Wed Jan 13 16:17:05 2016] <johnw> so, other ways to solve that: omega, intuition, auto, unfold not; intro; inversion H; contradiction, unfold not; intro; contradiction H; assumption
[Wed Jan 13 16:17:08 2016] <johnw> I'm sure there are others
[Wed Jan 13 16:17:42 2016] <johnw> jgross_: ping
[Wed Jan 13 16:19:13 2016] <tbelaire> omega?
[Wed Jan 13 16:19:30 2016] <johnw> omega solves basic algebra
[Wed Jan 13 16:23:16 2016] <tbelaire> New question.  I'm trying to show a particular expression is in normal form
[Wed Jan 13 16:23:18 2016] <tbelaire> Example mistyped_program_can_go_wrong :
[Wed Jan 13 16:23:20 2016] <tbelaire>     normal_form (tm_succ tm_true).
[Wed Jan 13 16:23:44 2016] <tbelaire> (Where normal form is ~ exists t', eval t t')
[Wed Jan 13 16:24:57 2016] <tbelaire> And I do     unfold normal_form.  unfold not.  intros H.  induction H.
[Wed Jan 13 16:25:03 2016] <tbelaire> and things are looking okay
[Wed Jan 13 16:25:19 2016] <johnw> why induction on H?
[Wed Jan 13 16:25:33 2016] <tbelaire> bring out the existential
[Wed Jan 13 16:25:38 2016] <johnw> just destruct
[Wed Jan 13 16:25:42 2016] <tbelaire> sure
[Wed Jan 13 16:25:52 2016] <tbelaire> have some x, and H : eval (tm_succ tm_true) x
[Wed Jan 13 16:26:03 2016] <tbelaire> but if I try and induct on the possible ways H is created
[Wed Jan 13 16:26:07 2016] <tbelaire> I just got
[Wed Jan 13 16:26:17 2016] <tbelaire> t2: tm, t2: tm ========== False
[Wed Jan 13 16:26:19 2016] <johnw> so you tried inversion on H?
[Wed Jan 13 16:26:42 2016] <tbelaire> That's something
[Wed Jan 13 16:26:44 2016] <tbelaire> hmm
[Wed Jan 13 16:27:39 2016] <tbelaire> Yes, that helps
[Wed Jan 13 16:28:34 2016] <tbelaire> Alright, off to make some "well typed" proposition
[Wed Jan 13 16:28:40 2016] <johnw> :)
[Wed Jan 13 18:24:10 2016] <benzrf> does coq have dicts in the stdlib
[Wed Jan 13 18:43:43 2016] <johnw> yes
[Wed Jan 13 18:43:45 2016] <johnw> FMap
[Wed Jan 13 18:44:12 2016] <johnw> please, write a tutorial on how to use them once you figure it out :)
[Wed Jan 13 18:44:21 2016] <johnw> for the sake of proof, Ensemble (K * V) is better
[Wed Jan 13 19:12:43 2016] <Nik05> strange SF says that is easiest to use induction on m in theorems ble_nat_true le_ble_nat
[Wed Jan 13 19:13:03 2016] <Nik05> I tried that, couldn't proof it. So I tried induction on n and it was relaly easy
[Wed Jan 13 19:19:18 2016] <Nik05> Oke solved everything for le. Went really fast now.
[Wed Jan 13 19:29:00 2016] <johnw> congrats
[Wed Jan 13 19:29:41 2016] <johnw> jgross_: ping
[Wed Jan 13 19:30:08 2016] <Nik05> thank you
[Wed Jan 13 19:33:13 2016] <jgross_> johnw: pong 
[Wed Jan 13 19:33:24 2016] <johnw> that last tactic was no go either
[Wed Jan 13 19:33:30 2016] <johnw> exact same end situation
[Wed Jan 13 19:33:43 2016] <johnw> i just can't seem to prevent the "empty" case from taking over the evar
[Wed Jan 13 19:33:58 2016] <johnw> do you have ssreflect installed?  do you want to play with my example?
[Wed Jan 13 19:36:44 2016] <johnw> jgross_: is it hurting me that my abstract representation is dependently typed?
[Wed Jan 13 19:36:58 2016] <jgross_> I don't have ssr installed on the machine I'm using right now (but it's not too much trouble to install it), and am not sure I'll get a chance to play with it tonight, but I'll see if I can figure it out when I get a chance. 
[Wed Jan 13 19:37:33 2016] <jgross_> In the meantime, see if you can prove intermediate refinement lemmas, without destructing any variable in the main refinement proof. 
[Wed Jan 13 19:37:35 2016] <johnw> ok, I've tried everything I can think of, but I'm not understanding something fundamental about these refinement proofs; and grokking that will be far more valuable than simply getting this dummy example to work
[Wed Jan 13 19:37:46 2016] <johnw> jgross_: oh hey, that's a good idea
[Wed Jan 13 19:38:49 2016] <johnw> jgross_: hmmm
[Wed Jan 13 19:38:55 2016] <johnw> jgross_: something about my initial goal actually looks fishy to me now
[Wed Jan 13 19:39:01 2016] <johnw> https://gist.github.com/bc1d18af7991b87c6939
[Wed Jan 13 19:39:11 2016] <johnw> note what I'm returning at the bottom: (r_n', r_o'.2)
[Wed Jan 13 19:39:19 2016] <johnw> it shouldn't be mixing representations like that, should it?
[Wed Jan 13 19:39:32 2016] <johnw> that is, all my picks should be choosing r_n-based values, and never r_o-based values
[Wed Jan 13 19:40:14 2016] <johnw> but then again, I'm not sure
[Wed Jan 13 19:53:09 2016] <jgross_> No, your statement looks fine.	I think the issue is just that you're not allowed to destruct anything in the middle of refinement without jumping through a lot of hoops. 
[Wed Jan 13 19:53:20 2016] <johnw> why is that?
[Wed Jan 13 19:58:04 2016] <jgross_> Because you're essentially trying to do this: Goal forall n, exists x, match n with 0 => 0 | S _ => 1 end = x. Proof.	intro n.   eexists.   destruct n.   reflexivity. 
[Wed Jan 13 19:58:53 2016] <johnw> ahhhh
[Wed Jan 13 19:58:57 2016] <johnw> now that makes sense!
[Wed Jan 13 19:59:15 2016] <johnw> the unification from the first branch is deciding the evar
[Wed Jan 13 19:59:22 2016] <johnw> so then I have to prove it also holds for the next case
[Wed Jan 13 19:59:34 2016] <johnw> this a perfect example, I'll use it in the docs, thanks
[Wed Jan 13 20:00:01 2016] <jgross_> No problem. :) 
[Wed Jan 13 20:00:12 2016] <johnw> now, what's the right answer :)
[Wed Jan 13 20:00:28 2016] <johnw> I need the branch is exist within my evar as well
[Wed Jan 13 20:00:35 2016] <johnw> which we've done with your new tactic
[Wed Jan 13 20:00:43 2016] <johnw> but at the very end, it still isn't happy
[Wed Jan 13 20:04:06 2016] <johnw> DelegateImpls : forall idx : Fin.t 0,  seems to imply that this same issue pertains
[Wed Jan 13 20:04:31 2016] <johnw> (oh, never mind, that's unrelated to my vector)
[Wed Jan 13 20:08:21 2016] <jgross_> Something like this? https://gist.github.com/JasonGross/ddaeb29c1a29fe819883 (I modified my tactic slightly.  It's still kind-of fiddly.  Works better for finite types like bool.) 
[Wed Jan 13 20:09:36 2016] <johnw> huh, let me try
[Wed Jan 13 20:12:59 2016] <johnw> same result
[Wed Jan 13 20:13:10 2016] <johnw> here's how I'm using it now: https://gist.github.com/d2ae978997c950e95212
[Wed Jan 13 20:13:49 2016] <johnw> do I have to destruct on r_n, and not n, because n doesn't exist in the concrete representation?
[Wed Jan 13 20:13:53 2016] <johnw> I'll try n now jic
[Wed Jan 13 20:17:11 2016] <johnw> how do I ask for the type of an existential?
[Wed Jan 13 20:31:15 2016] <johnw> Error: Instance is not well-typed in the environment of ?634
[Wed Jan 13 20:31:20 2016] <johnw> is there any way to get the actual type error?
[Wed Jan 13 20:31:32 2016] <johnw> "I expected FOO but you gave me BAR"?
[Wed Jan 13 20:32:40 2016] <jrw> johnw: in the case of existentials, those errors are almost always caused by using something that wasn't in scope when the existential was introduced
[Wed Jan 13 20:32:53 2016] <johnw> ahh
[Wed Jan 13 20:32:57 2016] <jrw> so what you're really looking for is an error message like "you used variable x which wasn't in scope"
[Wed Jan 13 20:33:02 2016] <jrw> now, I don't know how to get such a msg
[Wed Jan 13 20:33:03 2016] <johnw> so, here's my problem
[Wed Jan 13 20:33:12 2016] <jrw> but maybe looking for that kind of error in your code will help
[Wed Jan 13 20:33:18 2016] <johnw> my "push" specification branches on n, but my implementation will branch on the concrete list representation
[Wed Jan 13 20:33:34 2016] <jrw> okay
[Wed Jan 13 20:34:39 2016] <johnw> in fact, that's the only way I can get the honing through
[Wed Jan 13 20:34:55 2016] <johnw> but honed that way, I end up with an unresolved goal after finishing the sharpening
[Wed Jan 13 20:35:27 2016] <jrw> so, keeping in mind that I have no idea what you're talking about, I would suggest trying to express the value of the existential that you want manually in the context where you introduce it
[Wed Jan 13 20:35:35 2016] <jrw> if you can't figure out what it should look like, then that's a fundamental problem
[Wed Jan 13 20:35:42 2016] <jrw> not any sort of problem that the right tactic will fix
[Wed Jan 13 20:35:56 2016] <johnw> jrw: https://gist.github.com/3d9d43579cc84218bdef
[Wed Jan 13 20:36:01 2016] <johnw> this is all about "push"
[Wed Jan 13 20:36:32 2016] <jrw> okay, one sec
[Wed Jan 13 20:36:39 2016] <johnw> jrw: ok, let me try expressing the existential manually
[Wed Jan 13 20:36:59 2016] <jrw> in the early context, not where you got stuck!
[Wed Jan 13 20:37:00 2016] <jrw> :)
[Wed Jan 13 20:37:05 2016] <johnw> right
[Wed Jan 13 20:37:08 2016] <johnw> at the very beginning
[Wed Jan 13 20:37:14 2016] <jrw> yep
[Wed Jan 13 20:38:37 2016] <johnw> ok, check this out:
[Wed Jan 13 20:39:06 2016] <johnw> https://gist.github.com/63cae8f0fdbd9f5a1b34
[Wed Jan 13 20:39:19 2016] <johnw> I've instantiated exactly what I want the refinement to end up being
[Wed Jan 13 20:39:24 2016] <johnw> and it shows me that now in the final goal
[Wed Jan 13 20:40:18 2016] <johnw> but I still end up with:
[Wed Jan 13 20:42:31 2016] <johnw> added another note there
[Wed Jan 13 20:42:35 2016] <jrw> yeah I see it
[Wed Jan 13 20:43:06 2016] <jrw> unfortunately this looks like I'd have to understand the library you're using to help further :\
[Wed Jan 13 20:43:25 2016] <johnw> you mean, the vectors?
[Wed Jan 13 20:43:31 2016] <johnw> that should be the only library code I'm using
[Wed Jan 13 20:43:40 2016] <johnw> i'm not using any ssreflect tactics
[Wed Jan 13 20:43:50 2016] <johnw> it's just that Vectors was built using ssreflect ordinals, and I was too lazy to rewrite it
[Wed Jan 13 20:44:22 2016] <jrw> no I mean wherever the custom tactics like "finish honing" are coming from
[Wed Jan 13 20:44:29 2016] <johnw> oh, ignoring those
[Wed Jan 13 20:44:41 2016] <johnw> it's just subst_evars; higher_order_reflexivity
[Wed Jan 13 20:44:55 2016] <johnw> you might need to know finish_SharpeningADT_WithoutDelegation
[Wed Jan 13 20:45:17 2016] <johnw> that's what might be biting me
[Wed Jan 13 20:45:31 2016] <johnw> i'll try poking around there
[Wed Jan 13 20:45:33 2016] <johnw> thanks, jgross_!
[Wed Jan 13 20:45:50 2016] <jrw> I thought you might have me confused with him :)
[Wed Jan 13 20:46:01 2016] <johnw> oh, haha
[Wed Jan 13 20:46:08 2016] <johnw> the whole time I thought you were still him
[Wed Jan 13 20:46:12 2016] <jrw> lol
[Wed Jan 13 20:46:32 2016] <jrw> too many nicks starting with j
[Wed Jan 13 20:47:26 2016] <johnw> digging into this library is a fun but deep rabbit hole :)
[Wed Jan 13 20:47:46 2016] <johnw> it's for doing program synthesis: going from a mathematically specified program to an optimized implementation by a series of provable refinement steps
[Wed Jan 13 20:48:18 2016] <jrw> this is fiat?
[Wed Jan 13 20:48:21 2016] <johnw> in this case, I'm building a Stack library based on sized vectors, and refining to an implementation based on linked lists
[Wed Jan 13 20:48:22 2016] <johnw> yes
[Wed Jan 13 20:48:24 2016] <jrw> cool
[Wed Jan 13 20:49:15 2016] <jrw> johnw: does it require 8.4pl2?
[Wed Jan 13 20:49:27 2016] <johnw> pl2-pl6 is fine
[Wed Jan 13 20:49:30 2016] <johnw> almost works with 8.5
[Wed Jan 13 20:51:50 2016] <jrw> johnw: are you using this at bae or just on your own?
[Wed Jan 13 20:52:02 2016] <johnw> bae
[Wed Jan 13 20:52:05 2016] <jrw> cool
[Wed Jan 13 20:52:32 2016] <johnw> we intend to use this for building real software someday
[Wed Jan 13 20:52:35 2016] <jrw> I'm impressed that bae does stuff like this
[Wed Jan 13 20:52:46 2016] <johnw> yes, I like the research group there
[Wed Jan 13 20:52:57 2016] <johnw> it's not hard to get them excited about cool stuff in PL and type theory
[Wed Jan 13 20:56:30 2016] <benzrf> johnw: what is Ensemble
[Wed Jan 13 20:56:37 2016] <johnw> mathematical sets
[Wed Jan 13 20:56:52 2016] <johnw> membership, but no equality tests
[Wed Jan 13 20:56:59 2016] <johnw> it's the A -> Bool type of set, but A -> Prop in this case
[Wed Jan 13 20:57:03 2016] <johnw> so really not computable
[Wed Jan 13 21:03:02 2016] <johnw> jgross_: did it!
[Wed Jan 13 21:36:36 2016] <benzrf> is there a 'dependent split'
[Wed Jan 13 22:05:40 2016] <benzrf> given [x : Fin (S n)], how can i get out a [Fin n + x = of_nat n]
[Wed Jan 13 22:05:54 2016] <benzrf> (that's a type [+] there, not a nat [+] )
[Wed Jan 13 22:11:25 2016] <jrw> benzrf: check out the lemmas with "caseS" in their name
[Wed Jan 13 22:11:36 2016] <jrw> it's not exactly what you're looking for, but I think it implies your thing
[Wed Jan 13 22:20:46 2016] <benzrf> jrw: not really
[Wed Jan 13 22:36:13 2016] <benzrf> shit how do i eliminate [x < 0]
[Wed Jan 13 22:38:36 2016] <benzrf> oh no can i not implement, say, 'forall A : Type, 1 < 0 -> A'
[Thu Jan 14 00:29:44 2016] <johnw> benzrf: 'forall A : Type, 1 < 0 -> A is just "omega", isn't it?
[Thu Jan 14 01:08:44 2016] <jgross_> johnw: To get better error messages, switch to 8.5.  (You should be able to build enough of Fiat to get the relevant refinement goals in there, probably.)  Then you get messages like "cannot instantiate ?X because "x" is not in its scope (variables in its scope are "a", "b", "c")." 
[Thu Jan 14 01:08:57 2016] <johnw> jgross_: hey there
[Thu Jan 14 01:09:10 2016] <johnw> I'm looking forward to moving up to coq 8.5 once Ben is ready
[Thu Jan 14 01:11:48 2016] <jgross_> Hey!  Sorry I disappeared earlier. 
[Thu Jan 14 01:12:00 2016] <johnw> no problem, it worked out
[Thu Jan 14 01:12:06 2016] <johnw> and solving it myself was worthwhile
[Thu Jan 14 01:12:25 2016] <jgross_> ^.^ 
[Thu Jan 14 01:12:25 2016] <johnw> now I get both why destruction was failing, and why it wasn't happy after getting the evar right
[Thu Jan 14 01:12:59 2016] <jgross_> Yeah, I'm looking forward to 8.5 too.  They're planning the first stable release this weekend. 
[Thu Jan 14 01:13:12 2016] <johnw> what I need now is a DSL for describing what resource metrics matter, and then how to parameterize refinements based on what was specified
[Thu Jan 14 01:13:16 2016] <jgross_> (There's still one major bug that I know of, where you can get [assert True] to fail with a unification error: https://coq.inria.fr/bugs/show_bug.cgi?id=4415) 
[Thu Jan 14 01:14:13 2016] <johnw> jgross_: fwiw, I'd also like to see progress on the Javascript parser :)
[Thu Jan 14 01:14:33 2016] <johnw> I'm going to want to start writing an HTML4 parser soonish
[Thu Jan 14 01:16:11 2016] <jgross_> I recently (like, two days ago) got the synthesized (ab)* parser to be the same speed as my hand-written one. 
[Thu Jan 14 01:16:28 2016] <jgross_> (I've been dealing with a lot of painful evar issues myself, recently.) 
[Thu Jan 14 01:16:58 2016] <johnw> yeah, I saw your msg to the fiat mailing list; congrats!
[Thu Jan 14 01:17:02 2016] <jgross_> Thanks! 
[Thu Jan 14 01:17:10 2016] <johnw> will you be at MIT on Feb 11?  I'm planning to come that day
[Thu Jan 14 01:19:35 2016] <jgross_> So now I'm going to go back to working on moving closer to JavaScript for a bit (next up, I think, is coding up whitespace and comments and string literals, and a full arithmetical expression grammar; I think the only thing that'll need a new building block is combining comments with the arithmetical expression grammar).  I am worried that the more interesting grammars are still going to be horrendously slow. 
[Thu Jan 14 01:20:00 2016] <jgross_> Alas, I'll be in NY 2/10-2/15; I'm mentoring a CFAR Workshop (rationality.org). 
[Thu Jan 14 01:20:01 2016] <johnw> btw, how do I specify newline as a token?
[Thu Jan 14 01:20:10 2016] <jgross_> What are you coming for? 
[Thu Jan 14 01:20:18 2016] <johnw> Fiat discussions
[Thu Jan 14 01:20:53 2016] <johnw> i'll be in town that week meeting with various team members, but I want to spend time with just Clémente and Ben on Thu
[Thu Jan 14 01:21:11 2016] <johnw> well, and you if you'd been there :(
[Thu Jan 14 01:21:19 2016] <johnw> anyway, I'm heading off to finish reading your thesis now :)
[Thu Jan 14 01:21:33 2016] <jgross_> newline: [Eval compute in String.String (ascii_of_nat 13) (String.String (ascii_of_nat 10) EmptyString)]? 
[Thu Jan 14 01:21:52 2016] <johnw> i mean, matching it in your parser grammar
[Thu Jan 14 01:22:31 2016] <johnw> [[[ ("newline" ::== << $< ascii_of_nat 13 >$ >>) ]]]%grammar?
[Thu Jan 14 01:22:42 2016] <jgross_> Yeah, something like that 
[Thu Jan 14 01:22:57 2016] <johnw> nice, good to know!  I didn't know if you pre-absorbed whitespace or something
[Thu Jan 14 01:23:12 2016] <jgross_> (If you have suggestions for better notations, feel free to suggest them / make a pull request.) 
[Thu Jan 14 01:23:48 2016] <johnw> this BNF syntax is a bit... syntax heavy... but not sure if I can do much better
[Thu Jan 14 01:23:53 2016] <jgross_> Nope, I don't.	You can see all the definitions in Parsers/ContextFreeGrammar/Core.v; that defines what a parse tree is, and how a grammar defines a parse tree. 
[Thu Jan 14 01:23:57 2016] <johnw> too bad Coq doesn't support quasi-quoting
[Thu Jan 14 01:24:10 2016] <johnw> or have decent string handling
[Thu Jan 14 01:24:14 2016] <jgross_> What do you want to quasiquote? 
[Thu Jan 14 01:24:25 2016] <johnw> specify the BNF is a textual block that looks like a yacc BNF
[Thu Jan 14 01:24:37 2016] <johnw> then translate to this form
[Thu Jan 14 01:24:49 2016] <jgross_> What does a yacc BNF look like? 
[Thu Jan 14 01:25:01 2016] <johnw> ("nat"    ::== << $< "digit" >$ | $< "digit" $ "nat" >$ >>)
[Thu Jan 14 01:25:09 2016] <johnw> would be: nat := digit | digit nat
[Thu Jan 14 01:25:26 2016] <jgross_> Also, re timing, yeah, I'm disappointed, too, that the timing won't work out for us seeing each other.	(But feel free to ask any questions about my thesis, or whatever, remotely.) 
[Thu Jan 14 01:25:45 2016] <johnw> some day you and Ed and I can hang out
[Thu Jan 14 01:25:53 2016] <jgross_> Yeah, I'd like that! 
[Thu Jan 14 01:26:55 2016] <johnw> jgross_: example yacc grammar: https://www.lysator.liu.se/c/ANSI-C-grammar-y.html
[Thu Jan 14 01:27:26 2016] <johnw> you can attribute grammers by putting { CODE } after any right-side terminal or non-terminal
[Thu Jan 14 01:27:43 2016] <jgross_> Hrm, you might be able to do "nat" := "digit" | "digit" "nat".... if you define a coercion from strings to items (via nonterminals), and define a coercion from item to production, and a coercion from production to Funclass which is concatenation, and then define | as an infix operator on production, and define := appropriately in the right context... 
[Thu Jan 14 01:28:00 2016] <johnw> hmm.. that could work
[Thu Jan 14 01:28:35 2016] <jgross_> The reason I don't do this is that I don't have a way to distinguish terminals from nonterminals. 
[Thu Jan 14 01:29:02 2016] <johnw> what about "digit" for non-terminal, and #"digit" for terminal, as you have been doing?
[Thu Jan 14 01:29:07 2016] <jgross_> But I could do something silly like disallowing single-character terminals and having the notation go to a terminal if it is a single character, or a nonterminal if its multiple characters 
[Thu Jan 14 01:29:19 2016] <johnw> that could work too
[Thu Jan 14 01:30:17 2016] <jgross_> Which do you think is better? 
[Thu Jan 14 01:30:31 2016] <johnw> i think special handling of single-character is better
[Thu Jan 14 01:31:00 2016] <johnw> being single should be indication enough that it's terminal
[Thu Jan 14 01:33:37 2016] <johnw> jgross_: good night!
[Thu Jan 14 01:35:58 2016] <jgross_> johnw: goodnight!  I'll probably have the new notation pushed within half an hour. 
[Thu Jan 14 02:38:08 2016] <jgross_> johnw: Pushed.	Now you can write things like "(ab)*" ::== "" || "a" "b" "(ab)*" 
[Thu Jan 14 03:11:37 2016] <joco42> why does this work :
[Thu Jan 14 03:11:41 2016] <joco42> https://www.irccloud.com/pastebin/7Ksot22U/
[Thu Jan 14 03:11:46 2016] <joco42> but this does not :
[Thu Jan 14 03:12:00 2016] <joco42> https://www.irccloud.com/pastebin/Pfr7T3Hb/
[Thu Jan 14 03:12:15 2016] <joco42> from https://www.cis.upenn.edu/~bcpierce/sf/current/Basics.html#lab15
[Thu Jan 14 03:12:45 2016] <joco42> the difference is in the direction in "rewrite -> plus_1_l." vs "rewrite <- plus_1_l."
[Thu Jan 14 03:13:14 2016] <joco42> the <- direction give :
[Thu Jan 14 03:13:19 2016] <joco42> https://www.irccloud.com/pastebin/ZrwhjDPO/
[Thu Jan 14 03:13:30 2016] <joco42> but the -> direction gives:
[Thu Jan 14 03:13:52 2016] <joco42> Error: Tactic generated a subgoal identical to the original goal.
[Thu Jan 14 03:14:09 2016] <joco42> https://www.irccloud.com/pastebin/JDc3vmV0/
[Thu Jan 14 03:14:38 2016] <joco42> so why is it so that (1+n) in "S n * (1 + n) = S n * S n" cannot be replaced with "S n " ?
[Thu Jan 14 03:14:56 2016] <joco42> why only the other way works ?
[Thu Jan 14 03:17:04 2016] <tejing> joco42: i'm not sure, but I wonder if rewrite is correctly finding the argument, try specifying it "rewrite -> (plus_1_l n)"
[Thu Jan 14 03:17:40 2016] <joco42> ahh
[Thu Jan 14 03:17:42 2016] <joco42> thanks
[Thu Jan 14 03:17:56 2016] <tejing> np
[Thu Jan 14 03:18:02 2016] <joco42> that works :)
[Thu Jan 14 03:18:51 2016] <joco42> what is the difference between "rewrite -> (plus_1_l n)" and "rewrite -> plus_1_l." ?
[Thu Jan 14 03:20:24 2016] <tejing> joco42: rewrite can ultimately only work on equalities, so if you give it a universally quantified equality it has to try to find the instantiation that you meant... I think it does this by something to do with existential variables, but I'm honestly not sure.
[Thu Jan 14 03:21:54 2016] <Cypi> joco42 : (1 + n) is literally the same as (S n), which is why it's sometimes having trouble to rewrite with (1 + n = S n)
[Thu Jan 14 03:22:07 2016] <Cypi> You can actually just do "reflexivity" instead of a rewrite with plus_1_l
[Thu Jan 14 03:22:12 2016] <tejing> ah, hadn't thought of that
[Thu Jan 14 03:22:50 2016] <Cypi> (just to be clear, (1+n) is not syntactically the same as (S n), but they are convertible)
[Thu Jan 14 03:29:45 2016] <joco42> tejing:  thanks
[Thu Jan 14 03:30:03 2016] <joco42> Cypi:  thanks, i try that
[Thu Jan 14 03:31:31 2016] <joco42> ok, reflexivity works :)
[Thu Jan 14 04:11:24 2016] <joco42> is the pattern match in coq lazy ?
[Thu Jan 14 04:11:32 2016] <joco42> it seems so
[Thu Jan 14 04:11:53 2016] <Cypi> Coq supports several reduction strategies
[Thu Jan 14 04:12:10 2016] <joco42> aham, ok :)
[Thu Jan 14 04:12:23 2016] <joco42> i was looking at this example from SF:
[Thu Jan 14 04:12:26 2016] <joco42> https://www.irccloud.com/pastebin/sxxuBrvW/
[Thu Jan 14 04:12:36 2016] <joco42> and from this it seems that it is lazy...
[Thu Jan 14 04:13:15 2016] <Cypi> Why?
[Thu Jan 14 04:13:32 2016] <joco42> because n' is not "evaluated"
[Thu Jan 14 04:13:51 2016] <joco42> or reduced
[Thu Jan 14 04:14:05 2016] <joco42> the 7th line
[Thu Jan 14 04:14:26 2016] <Cypi> What is there to reduce?
[Thu Jan 14 04:16:28 2016] <joco42> well if n' were some more complex expression
[Thu Jan 14 04:16:31 2016] <joco42> i suppose
[Thu Jan 14 04:16:56 2016] <joco42> i am only having this idea because it reminds me of haskell evaluation
[Thu Jan 14 04:17:02 2016] <Cypi> I'm not sure I understand where you would think Coq could/should do something differently
[Thu Jan 14 04:18:18 2016] <joco42> i was just trying to draw an analogy between haskell lazy evaluation and the reduction i see in coq - my question was if it makes sense to draw such analogy
[Thu Jan 14 04:18:20 2016] <joco42> or not ?
[Thu Jan 14 04:18:30 2016] <tejing> joco42: reductions in coq can be done in any order, and will both always terminate, and always reach the same normal form.. both properties are vital to the logic represented in coq being consistent.
[Thu Jan 14 04:18:46 2016] <Cypi> As I said, you can ask Coq to to call-by-value or call-by-name if you want to. As it supports full-beta reduction, it does not matter
[Thu Jan 14 04:18:51 2016] <Cypi> to do*
[Thu Jan 14 04:19:03 2016] <joco42> hmm
[Thu Jan 14 04:19:09 2016] <tejing> joco42: in coq, unlike in haskell, reduction MUST actually be done in the presence of free variables... this changes the dynamic in important ways
[Thu Jan 14 04:19:10 2016] <Cypi> (or any other strategy, for that matter)
[Thu Jan 14 04:19:14 2016] <joco42> from SF: What we need is to be able to consider the possible forms of n separately. If n is O, then we can calculate the final result of beq_nat (n + 1) 0 and check that it is, indeed, false. And if n = S n' for some n', then, although we don't know exactly what number n + 1 yields, we can calculate that, at least, it will begin with one S, and this is
[Thu Jan 14 04:19:14 2016] <joco42> enough to calculate that, again, beq_nat (n + 1) 0 will yield false.
[Thu Jan 14 04:19:44 2016] <joco42>  it will begin with one S, and this is _enough_ to calculate that, again, beq_nat (n + 1) 0 will yield false.
[Thu Jan 14 04:20:04 2016] <joco42> ahh
[Thu Jan 14 04:20:15 2016] <joco42> ok, so the point is having free variables
[Thu Jan 14 04:20:42 2016] <joco42> i was missing that
[Thu Jan 14 04:20:49 2016] <joco42> n is a free variable here
[Thu Jan 14 04:21:43 2016] <tejing> joco42: in any dependently typed language this difference becomes important, since computation must be done at compile time by the typechecker, and thus must be done in the presence of unknown values/free variables
[Thu Jan 14 04:22:01 2016] <joco42> ok, thanks for pointing that out
[Thu Jan 14 04:22:24 2016] <joco42> i keep this in mind
[Thu Jan 14 05:12:20 2016] <Fuco> johnw: Is there any good literature on Coq you could recommend?  The things I'm reading are either very basic or uncomprehensible :D.  I don't need explanation on math, I just need explanation on coq.
[Thu Jan 14 05:12:33 2016] <Fuco> johnw: you seem to be very knowledgable so I'd like some opinions :)
[Thu Jan 14 05:17:09 2016] <sgnb> Fuco: https://coq.inria.fr/documentation (section "Other documentation")
[Thu Jan 14 08:53:00 2016] <rrika> I thought I could compare to values with "match a, b with | x, x => (* they're equal *) | _, _ => (* they're not *) end"
[Thu Jan 14 08:53:09 2016] <rrika> Gives me errors though, what do?
[Thu Jan 14 08:55:24 2016] <Cypi> You probably have to prove that the type of a and b has decidable equality
[Thu Jan 14 08:56:03 2016] <rrika> hm, they're nats
[Thu Jan 14 08:56:07 2016] <Cypi> So either directly prove "forall (a b : T), {a = b} + {a <> b}", or have a function "T -> T -> bool" with some properties that prove that this function is correct
[Thu Jan 14 08:56:14 2016] <Cypi> then you already have that in the stdlib, a second
[Thu Jan 14 08:56:46 2016] <Cypi> eq_nat_dec in Arith, or Nat.eq_dec provides the former
[Thu Jan 14 08:57:00 2016] <Cypi> So you can match on "eq_nat_dec a b"
[Thu Jan 14 08:58:53 2016] <rrika> I see, thank you
[Thu Jan 14 09:07:00 2016] <tejing> rrika: coq would interpret what you wrote as two binds of the same variable x, not a requirement that b have the same value as a, so the first case of your match would always fire. (if coq didn't disallow it because they were the same variable anyway)
[Thu Jan 14 09:30:17 2016] <rrika> how do I use a sumbool value?
[Thu Jan 14 09:31:14 2016] <rrika> with "if" apparently
[Thu Jan 14 09:41:14 2016] <redlizard_> Greetings.
[Thu Jan 14 09:41:37 2016] <redlizard_> I'm trying to define an apparantly-incomplete recursive function, that I can prove to be complete due to some lemma.
[Thu Jan 14 09:42:51 2016] <redlizard_> Specifically, I have a Record consisting of a list of items, along with an axiom saying that at least one item with some property P exists in the list, and I want to define a function that --given the struct-- returns a list item that satisfies P.
[Thu Jan 14 09:43:15 2016] <redlizard_> I haven't been able to find any documentation on how to do this.
[Thu Jan 14 09:43:24 2016] <redlizard_> Are there some clues I could look at?
[Thu Jan 14 10:11:56 2016] <rrika> redlizard_, what do you mean by incomplete?
[Thu Jan 14 10:13:02 2016] <rrika> you're not removing one link from the list with each call?
[Thu Jan 14 10:19:31 2016] <Nik05> rrika it has to be obviously complete
[Thu Jan 14 10:19:52 2016] <Nik05> really obviously
[Thu Jan 14 10:20:37 2016] <Nik05> Forexample, this is not possible:
[Thu Jan 14 10:20:38 2016] <Nik05> merge [] ys = ys
[Thu Jan 14 10:20:39 2016] <Nik05> merge (x:xs) ys = x:merge ys xs
[Thu Jan 14 10:21:33 2016] <rrika> it looks complete to me
[Thu Jan 14 10:21:40 2016] <redlizard_> rrika: I mean that when searching in this list, I don't want to define a value for the function for the empty list.
[Thu Jan 14 10:21:44 2016] <rrika> oh, it'd need one "merge" with match
[Thu Jan 14 10:21:56 2016] <rrika> I'm no expert on coq but I'm curious. Do you have example source?
[Thu Jan 14 10:23:21 2016] <redlizard_> rrika: Something like `Fixpoint search_P (mylist: list T): T := match mylist with |cons l ll => if P(l) then l else search_P ll end.`
[Thu Jan 14 10:23:28 2016] <redlizard_> Note the incomplete matching.
[Thu Jan 14 10:23:37 2016] <redlizard_> Because I don't want to define this function on the empty list.
[Thu Jan 14 10:23:48 2016] <rrika> redlizard_, if a list that contains one element that fulfills (P elem) you could say it fulfills (Q list), and then for all lists you say ((not (P head)) and Q list implies Q tail)
[Thu Jan 14 10:24:05 2016] <rrika> And if a list that fulfills Q has one element left, then it obviously fulfills P.
[Thu Jan 14 10:24:19 2016] <redlizard_> rrika: Sure. But how do you define the function in the first place?
[Thu Jan 14 10:24:37 2016] <redlizard_> Reasoning about the list containing a P isn't the problem.
[Thu Jan 14 10:24:41 2016] <redlizard_> Defining the search function is.
[Thu Jan 14 10:25:09 2016] <rrika> you could have the function take a value of the return type, that it uses in case it reaches a nil branch
[Thu Jan 14 10:25:21 2016] <rrika> like
[Thu Jan 14 10:25:58 2016] <rrika> pop_element (in_case_of_end: E) (list: List_of E) := match list with | head :: tail => head | [] => in_case_of_end end
[Thu Jan 14 10:37:26 2016] <Nik05> oke its really annoying that split intros the forall variables...
[Thu Jan 14 10:37:38 2016] <Nik05> trying to do a prooof... stuck on induction
[Thu Jan 14 10:38:04 2016] <Nik05> Just had to generalize
[Thu Jan 14 10:42:12 2016] <rrika> redlizard_, I almost got it I think.
[Thu Jan 14 10:45:49 2016] <rrika> how can I specify a type that includes values of another type that fulfill a certain criterium?
[Thu Jan 14 10:56:21 2016] <rrika> redlizard_, I see your problem now
[Thu Jan 14 11:21:09 2016] <rrika> I was thinking maybe you could use (mylist: list T | mylist <> nil)
[Thu Jan 14 11:21:15 2016] <rrika> but I don't know how to go from there
[Thu Jan 14 11:28:02 2016] <joco42> coqide tells me on mac os: "Error: Cannot find library Induction in loadpath"- what should i do ?
[Thu Jan 14 11:29:31 2016] <joco42> http://stackoverflow.com/questions/16202666/coqide-cant-load-modules-from-same-folder
[Thu Jan 14 11:29:33 2016] <joco42> found it
[Thu Jan 14 12:19:53 2016] <rrika> redlizard_, I found something: http://seb.mondet.org/blog/post/coqtests-01-subsets.html
[Thu Jan 14 12:20:07 2016] <rrika> this seems like exactly what you need
[Thu Jan 14 12:23:28 2016] <redlizard_> rrika: This seems to mess with the codomain though.
[Thu Jan 14 12:23:41 2016] <rrika> @_@ codomain?
[Thu Jan 14 12:24:04 2016] <redlizard_> rrika: I want the function to actually return an argument.
[Thu Jan 14 12:24:08 2016] <redlizard_> Not a wrapper around one.
[Thu Jan 14 12:24:17 2016] <redlizard_> Or I would juse use Maybe.
[Thu Jan 14 12:24:45 2016] <rrika> I think it's possible using this, though I still need to read more about it
[Thu Jan 14 12:35:14 2016] <jrw> redlizard_: what about something like this? https://gist.github.com/wilcoxjay/91615af74c1c6cbdaf56
[Thu Jan 14 12:35:20 2016] <rrika> Can I within one branch of a "match" get access to the proposition that the current pattern has matched, and none of the before?
[Thu Jan 14 12:35:59 2016] <rrika> What's the difference between False_rec and False_rect (used in the gist)
[Thu Jan 14 12:36:11 2016] <jrw> rrika: yes, sort of. you can use the "convoy pattern" to get an equality in each branch
[Thu Jan 14 12:36:30 2016] <rrika> how does that worK?
[Thu Jan 14 12:36:37 2016] <jrw> rrika: no real difference, they have slightly different types that have different consequences as far as universes are concerned
[Thu Jan 14 12:37:09 2016] <jrw> rrika: search for "convoy" in this page: http://adam.chlipala.net/cpdt/html/MoreDep.html
[Thu Jan 14 12:37:17 2016] <rrika> thank you
[Thu Jan 14 12:38:46 2016] <rrika> how does the second gap in False_rect get filled here?
[Thu Jan 14 12:39:12 2016] <jrw> rrika: the second gap is asking for a proof of False, which is the first goal after the refine. I solved it with firstorder
[Thu Jan 14 12:39:37 2016] <jrw> you could also solve it more directly by pulling out the contradiction from the fact that the list is empty
[Thu Jan 14 12:40:46 2016] <rrika> that's where I was going with the question about match.
[Thu Jan 14 12:41:52 2016] <jrw> right, so in this case coq noticed that the discriminee (the thing being matched on) appears in the type of the proposition that's the second argument to getP', and so it refines the type in each branch to be that case
[Thu Jan 14 12:42:04 2016] <jrw> one thing you can never do in coq is "leave out" a case of a match
[Thu Jan 14 12:42:14 2016] <jrw> instead you have to go inside the case and then prove a contradiction
[Thu Jan 14 12:42:16 2016] <rrika> is there a way to do this without using any tactics
[Thu Jan 14 12:42:29 2016] <jrw> rrika: of course, there's always a way because tactics generate programs
[Thu Jan 14 12:42:30 2016] <rrika> by saying Fixpoint … := match … False_rec … (*False here*)
[Thu Jan 14 12:42:36 2016] <jrw> and programs don't use tactics
[Thu Jan 14 12:42:47 2016] <jrw> if you just do Print getP'
[Thu Jan 14 12:42:53 2016] <jrw> you'll get a (bad) tacticless version
[Thu Jan 14 12:42:55 2016] <rrika> ooh
[Thu Jan 14 12:43:00 2016] <jrw> you could also clean it up by hand
[Thu Jan 14 12:43:03 2016] <rrika> right, the same thing as "Show Proof."
[Thu Jan 14 12:43:12 2016] <redlizard_> Ooh, I managed something.
[Thu Jan 14 12:43:32 2016] <rrika> nice
[Thu Jan 14 12:44:13 2016] <rrika> welp, this is really long
[Thu Jan 14 12:44:33 2016] <jrw> rrika: yeah, I warned you :)
[Thu Jan 14 12:45:02 2016] <redlizard_> I defined a recursive function, that for the undefined case calls itself.
[Thu Jan 14 12:45:25 2016] <redlizard_> I then used wellfoundedness termination on some random function parameter.
[Thu Jan 14 12:45:34 2016] <rrika> redlizard_, show source
[Thu Jan 14 12:45:54 2016] <redlizard_> Eh
[Thu Jan 14 12:46:23 2016] <redlizard_> My actual work is confidential.
[Thu Jan 14 12:46:28 2016] <redlizard_> Maybe I can write up a quick example, sec.
[Thu Jan 14 12:51:13 2016] <jrw> rrika: here's a cleaned up one without tactics: https://gist.github.com/wilcoxjay/6089b2c0d386275d6b19
[Thu Jan 14 12:52:10 2016] <rrika> Thanks you!
[Thu Jan 14 12:52:13 2016] <rrika> -s
[Thu Jan 14 12:55:46 2016] <redlizard_> rrika, jrw: http://pastebin.com/jsshyJUY
[Thu Jan 14 12:57:01 2016] <redlizard_> It's a function listhead: (T: Type) (l: list T) (not_empty: length l > 0): T.
[Thu Jan 14 12:57:33 2016] <redlizard_> This is not the actual search function I implemented, but the essence is the same.
[Thu Jan 14 13:01:14 2016] <redlizard_> There really should be a tactic or module for resolving this nasty hack though.
[Thu Jan 14 13:06:39 2016] <rrika> >Definition falseP (T: Type) (t1: T) (t2: T): Prop := False.
[Thu Jan 14 13:06:52 2016] <rrika> so this discards its arguments T, t1 and t2?
[Thu Jan 14 13:06:58 2016] <redlizard_> Indeed.
[Thu Jan 14 13:07:03 2016] <redlizard_> It's a trivial relation.
[Thu Jan 14 13:13:54 2016] <redlizard_> I have to run. Thanks for the help, all./
[Thu Jan 14 14:00:42 2016] <johnw> Fuco: hi!
[Thu Jan 14 14:00:48 2016] <johnw> Fuco: SF, "Programs and Proofs" by Ilya Sergey, CPDT by Chlipala, and other articles written about various aspects of Coq
[Thu Jan 14 14:02:18 2016] <johnw> jgross_: awesome!
[Thu Jan 14 15:22:22 2016] <chrisbarrett> hey all. beginner question. How do I construct a set using the modules here? https://coq.inria.fr/library/Coq.MSets.MSetInterface.html
[Thu Jan 14 15:22:36 2016] <johnw> chrisbarrett: hi!
[Thu Jan 14 15:22:46 2016] <johnw> chrisbarrett: you need to instantiate the module for your carrier type
[Thu Jan 14 15:23:15 2016] <chrisbarrett> *frantic googling*
[Thu Jan 14 15:23:52 2016] <chrisbarrett> cool, thanks :)
[Thu Jan 14 15:25:08 2016] <johnw> I have an example use, I believe
[Thu Jan 14 15:25:18 2016] <johnw> I symphathize, it's impenetrable if you haven't done it before
[Thu Jan 14 15:26:44 2016] <chrisbarrett> oh, an example would be welcome if you have one handy :D
[Thu Jan 14 15:26:53 2016] <johnw> sure, let me write one, since I seem to have lost the earlier one I had
[Thu Jan 14 15:28:42 2016] <johnw> aha, found my old example
[Thu Jan 14 15:33:46 2016] <johnw> chrisbarrett: https://gist.github.com/e3bdfe2db692b91184a9
[Thu Jan 14 15:33:52 2016] <johnw> chrisbarrett: ok, here's what's happening
[Thu Jan 14 15:34:03 2016] <johnw> first, you define your type and Ord on it, basically
[Thu Jan 14 15:34:23 2016] <johnw> then you instantiatate the OrderedType module, to prove that your type is well ordered
[Thu Jan 14 15:35:20 2016] <johnw> once you have that, you can instantiate MSet (either the list-based version, or the AVL-based version) on your proof of well-orderedness
[Thu Jan 14 15:35:33 2016] <johnw> this give you a module, S, whose type S.t, is the MSet of your type
[Thu Jan 14 15:35:58 2016] <johnw> now you can use this type and know that sets of such types are ordered, which comes with all the helper proofs and utility functions available
[Thu Jan 14 15:41:43 2016] <chrisbarrett> great!
[Thu Jan 14 15:42:00 2016] <chrisbarrett> so the ordering requirement is an implementation detail, ala Haskell?
[Thu Jan 14 15:42:39 2016] <johnw> yes, almost exactly in the same way that Data.Set in Haskell has an Ord constraint
[Thu Jan 14 15:42:52 2016] <johnw> except that here, you must provide proof that it fulfills this constraint
[Thu Jan 14 15:43:06 2016] <johnw> note that this work was done prior to typeclasses, which is why it uses Modules like this and will appear totally unfamiliar to a Haskell programmer
[Thu Jan 14 15:43:19 2016] <johnw> in future, there may be a type-classes based Set and Map, which would look and feel very much like the Haskell versions
[Thu Jan 14 15:43:33 2016] <johnw> (in fact, it wouldn't be terribly hard to retrofit such an interface on top of this one)
[Thu Jan 14 15:46:38 2016] <chrisbarrett> cool, good to know
[Thu Jan 14 15:46:59 2016] <chrisbarrett> thanks for your time :D
[Thu Jan 14 15:47:43 2016] <johnw> no problem, this was already written, I found it in the Git history for one of my projects
[Thu Jan 14 15:47:48 2016] <johnw> chrisbarrett: what are you using Coq for?
[Thu Jan 14 15:48:30 2016] <chrisbarrett> I've just read through TAPL, now I want to go back over it doing the full proofs
[Thu Jan 14 15:49:12 2016] <johnw> ooh, nice
[Thu Jan 14 15:49:36 2016] <chrisbarrett> my pie-in-the-sky dream is to implement a System FC -> Elisp Lapcode compiler
[Thu Jan 14 15:49:51 2016] <johnw> that shouldn't be too hard, actually
[Thu Jan 14 15:49:52 2016] <chrisbarrett> but lots of foundations to get to grips with ;)
[Thu Jan 14 15:50:13 2016] <johnw> there already exist formalizations of System FC you can crib from too, I believe in HOL?
[Thu Jan 14 15:51:36 2016] <chrisbarrett> oh cool, that'll help a lot
[Thu Jan 14 15:52:13 2016] <johnw> ha, even better: http://www.seas.upenn.edu/~cse400/CSE400_2014_2015/reports/11_report.pdf
[Thu Jan 14 15:52:15 2016] <johnw> in Coq :)
[Thu Jan 14 15:52:27 2016] <chrisbarrett> hah! YUSS
[Thu Jan 14 15:52:30 2016] <johnw> https://github.com/zilberstein/system-fc-coq
[Thu Jan 14 15:53:03 2016] <chrisbarrett> bookmarked for later plundering
[Thu Jan 14 16:02:21 2016] <lingxiao> anyone here?
[Thu Jan 14 16:02:25 2016] <johnw> hi
[Thu Jan 14 16:03:40 2016] <lingxiao> oh nice
[Thu Jan 14 16:03:58 2016] <lingxiao> I'm installing coqide and would like some help with trouble shooting if anyone has some time ! :D
[Thu Jan 14 16:04:11 2016] <johnw> I know zero about coqide
[Thu Jan 14 16:04:27 2016] <lingxiao> oh so you use emacs?
[Thu Jan 14 16:04:36 2016] <lingxiao> and proof general?
[Thu Jan 14 16:04:36 2016] <johnw> yes
[Thu Jan 14 16:05:46 2016] <lingxiao> may i ask you to walk me thru the installationa nd getting started process?
[Thu Jan 14 16:05:50 2016] <lingxiao> I'm pretty new to emacs
[Thu Jan 14 16:06:00 2016] <johnw> I'm afraid that would take more time than I have available today
[Thu Jan 14 16:06:19 2016] <lingxiao> ok all good thanks!
[Thu Jan 14 17:25:07 2016] <johnw> jgross_: ping
[Thu Jan 14 19:36:23 2016] <jgross_> johnw: pong 
[Thu Jan 14 19:50:38 2016] <johnw> jgross_: hi
[Thu Jan 14 19:50:42 2016] <johnw> jgross_: still there?
[Thu Jan 14 19:55:46 2016] <benzrf> dont you love when that happens
[Thu Jan 14 19:56:26 2016] <johnw> he'll be back :)
[Thu Jan 14 19:56:40 2016] <jgross_> johnw: I'm here intermittantly. 
[Thu Jan 14 19:56:53 2016] <johnw> jgross_: so, I really have no idea what your e-mail was about; should I have known?
[Thu Jan 14 19:57:04 2016] <johnw> I know your parsers stuff as far as specifying a grammar right now, but no further
[Thu Jan 14 19:57:16 2016] <jgross_> I guess I worded it poorly 
[Thu Jan 14 19:58:02 2016] <jgross_> Do you have any examples where you'd use the parsers stuff as part of something larger, rather than to synthesize a standalone parser? 
[Thu Jan 14 19:58:17 2016] <johnw> yes, that's how I'm using it now actually
[Thu Jan 14 19:58:30 2016] <johnw> although I haven't written the ADT yet that "binds" the parser ADT to the query structures ADT
[Thu Jan 14 19:59:34 2016] <jgross_> Okay, I was just asking for an example like that, where you get to some point in the refinement proof, and you have a Pick, and you think "gee, it'd be nice if there were a tactic that synthesized a parser here inline, so I don't have to factor out separate lemmas and such", because I want to write that tactic, and it'll be easier if I have an example to work from. 
[Thu Jan 14 20:00:45 2016] <johnw> ah, ok
[Thu Jan 14 20:00:54 2016] <johnw> I'll see how far I can get this weekend; will you be around here then?
[Thu Jan 14 20:02:13 2016] <jgross_> It doesn't have to be a very interesting example.  I'm just looking to know what goal is like when you get to the point that you want a parser. 
[Thu Jan 14 20:02:25 2016] <jgross_> I'll be around a little bit this weekend, but not very much. 
[Thu Jan 14 20:02:48 2016] <johnw> can I hide a Module in Coq?
[Thu Jan 14 20:02:50 2016] <jgross_> (And I'm currently trying to synthesize a JSON parser, but running into troubles with term size and rewriting and simpl) 
[Thu Jan 14 20:02:57 2016] <jgross_> What do you mean by hide? 
[Thu Jan 14 20:03:02 2016] <johnw> not see it
[Thu Jan 14 20:03:12 2016] <johnw> Print Foo. is printing out a module definition
[Thu Jan 14 20:03:15 2016] <johnw> I want to undefine it
[Thu Jan 14 20:03:46 2016] <johnw> or, can I import a module under a binding name
[Thu Jan 14 20:03:46 2016] <jgross_> You don't get to remove names from the kernel, nor overwrite absolute names.  That could introduce soundness bugs. 
[Thu Jan 14 20:03:48 2016] <johnw> like Require Foo as F?
[Thu Jan 14 20:04:11 2016] <johnw> mainly, I have two Monad abstractions fighting with each other
[Thu Jan 14 20:04:39 2016] <jgross_> Require Foo. Module F. Include Foo. End F. will almost do what you want.  Or Require Foo. Module F := Foo. 
[Thu Jan 14 20:04:52 2016] <johnw> ah, ok
[Thu Jan 14 20:05:00 2016] <johnw> should have thought of that
[Thu Jan 14 20:05:19 2016] <jgross_> Unless you're trying to hide typeclass instances or something.	The fact that hints follow Require rather than Import is terrible. 
[Thu Jan 14 20:06:00 2016] <johnw> well, here's what I want to do
[Thu Jan 14 20:06:20 2016] <johnw> instead of working with Comp A in refinemetns
[Thu Jan 14 20:06:47 2016] <johnw> I'd like to work with CompT m A, where m is any monad in the specification, but where a particular monad (like Either) can be chosen at refinement time
[Thu Jan 14 20:06:53 2016] <johnw> thus allowing me to parameterize error handling
[Thu Jan 14 20:07:43 2016] <johnw> i mean, I can do it all manually, but making a Comp transformer would give me back the nice bind notation
[Thu Jan 14 20:07:52 2016] <jgross_> What are the semantics of refinement w.r.t. errors? 
[Thu Jan 14 20:08:09 2016] <johnw> at refinement time, you're dealing with a concrete transformer stack
[Thu Jan 14 20:08:14 2016] <johnw> so, however that stack defines bind
[Thu Jan 14 20:09:29 2016] <jgross_> And you're saying that you want a method that returns Error T rather than T, and you want to be able to use monad syntax inside that method? 
[Thu Jan 14 20:09:34 2016] <johnw> example: x <- mzero; ret x.  Where mzero is "failure".  If at refinement I choose the Maybe monad, then this becomes: x <- ret None; match x with None => ret None | Some x => ret (Some x)
[Thu Jan 14 20:09:52 2016] <johnw> jgross_: instead of working with rep -> A -> rep * B
[Thu Jan 14 20:09:58 2016] <johnw> I'd like to work with A -> DSL B
[Thu Jan 14 20:10:17 2016] <johnw> where DSL is effectively "StateT rep m" for some 'm' to be chosen at refinement time
[Thu Jan 14 20:10:30 2016] <johnw> and so during refinement, just imagine all binds have been unfolded down to the Comp monad
[Thu Jan 14 20:11:20 2016] <jgross_> You want this only for notation, or for some other reason? 
[Thu Jan 14 20:11:24 2016] <johnw> in the case of the Maybe/Either monad as a choice for 'm', it will mean a ton of 'match' statements
[Thu Jan 14 20:11:34 2016] <johnw> I want it for the abstraction in the denotational specification
[Thu Jan 14 20:11:43 2016] <johnw> since the spec shouldn't care about which 'm' is used
[Thu Jan 14 20:11:49 2016] <johnw> that's a computational context decided by refinement
[Thu Jan 14 20:11:58 2016] <jgross_> Can't you just parameterize your own spec over a monad? 
[Thu Jan 14 20:12:15 2016] <johnw> you mean: rep -> A -> m (rep * B)?
[Thu Jan 14 20:13:07 2016] <jgross_> No, rep -> A -> rep * m B.  I don't think it'll let you do rep -> A -> m (rep * B), and for good reason; you don't get to destroy your state just by wrapping your method in a monad. 
[Thu Jan 14 20:13:16 2016] <johnw> yeah, it won't
[Thu Jan 14 20:13:56 2016] <johnw> so, then I'd need to either have two bind notations, one for Comp and one for the 'm' layer, or literally call "bind" for the 'm' layer, or unify them somehow?
[Thu Jan 14 20:14:17 2016] <johnw> I suppose that does work
[Thu Jan 14 20:14:21 2016] <johnw> Comp A becomes Comp (m A)
[Thu Jan 14 20:14:43 2016] <jgross_> Yeah, the notation is annoying.  You could make a Monad typeclass and bind the notation to that, and that'll probably work? 
[Thu Jan 14 20:14:59 2016] <johnw> yeah, I have that already, hence my module hiding questions :)
[Thu Jan 14 20:15:08 2016] <johnw> Fiat's >>= notation is colliding with my own
[Thu Jan 14 20:15:37 2016] <jgross_> Feel free to submit a pull request where all of the Comp notation goes through a typeclass (as long as it doesn't slow things down significantly). 
[Thu Jan 14 20:15:44 2016] <johnw> if I can instance Monad Comp, then it should all work
[Thu Jan 14 20:16:08 2016] <johnw> ouch, then Fiat would have to deal with instance lookup
[Thu Jan 14 20:16:09 2016] <jgross_> Put your notation in a different scope, and open that? 
[Thu Jan 14 20:16:20 2016] <johnw> yeah, the scoping suggestion is the right one
[Thu Jan 14 20:16:24 2016] <johnw> Fiat should be a fiat_scope too
[Thu Jan 14 20:16:30 2016] <johnw> there's already a comp_scope
[Thu Jan 14 20:16:36 2016] <johnw> I wonder if it's being auto-opened
[Thu Jan 14 20:16:39 2016] <johnw> one sec
[Thu Jan 14 20:16:43 2016] <jgross_> Close Scope comp_scope? 
[Thu Jan 14 20:16:58 2016] <benzrf> jgross_: hey so i volunteered to remote participate in the mystery hunt tomorrow - dont suppose you have any idea if there might be any type theory related puzzles :V
[Thu Jan 14 20:17:31 2016] <johnw> jgross_: even when I close the scope, the fact that our bind exist at different levels makes the parser unhappy
[Thu Jan 14 20:17:35 2016] <jgross_> benzrf: I'm doubtful that there will be type theory puzzles, but I'm not writing it, so I don't know 
[Thu Jan 14 20:17:47 2016] <jgross_> Oh, yeah, don't put your bind at a different level :P 
[Thu Jan 14 20:17:52 2016] <johnw> ugh
[Thu Jan 14 20:18:02 2016] <johnw> how much thought went into choosing Fiat's levels?
[Thu Jan 14 20:18:09 2016] <johnw> changing all my levels will be non-trivial
[Thu Jan 14 20:18:11 2016] <jgross_> If Fiat's bind clashes with, e.g., ssr, or mathclasses, or whatever, feel free to change Fiat's levels. 
[Thu Jan 14 20:18:16 2016] <johnw> (this is the coq-haskell library that I'm trying to use with Fiat)
[Thu Jan 14 20:18:32 2016] <johnw> my own levels weren't chosen from the perspective of an expert
[Thu Jan 14 20:18:47 2016] <jgross_> Not all that much thought went into Fiat's Comp levels.  Some, but not a great deal.  Feel free to make a pull request that changes them, so long as it all builds. 
[Thu Jan 14 20:20:13 2016] <johnw> jgross_: oh, the "_ <- _ ; _" notation should run afoul of ssreflect's seq notation
[Thu Jan 14 20:20:21 2016] <johnw> though maybe mine did because of bad levels, checking now
[Thu Jan 14 20:43:19 2016] <johnw> how does one go about proving something like: (exists a0 : a, x a0 /\ Singleton a a0 z) = x z
[Thu Jan 14 20:46:19 2016] <jgross_> You can prove it by induction on z, or using the univalence axiom, or it's unprovable. 
[Thu Jan 14 20:46:31 2016] <johnw> z is an unknown type
[Thu Jan 14 20:46:35 2016] <johnw> and, lol at UA
[Thu Jan 14 20:46:46 2016] <johnw> not something I can easily bring in here ;)
[Thu Jan 14 20:46:59 2016] <johnw> in ordinary stdlib Coq is there a way?
[Thu Jan 14 20:47:04 2016] <jgross_> You can use propositional extensionality from the stdlib instead.  :P 
[Thu Jan 14 20:47:11 2016] <johnw> ah, ok
[Thu Jan 14 20:47:14 2016] <jgross_> It's UA restricted to Props 
[Thu Jan 14 20:48:38 2016] <johnw> my z is:   a : Type, x : Comp a, z : a
[Thu Jan 14 20:48:39 2016] <johnw>  
[Thu Jan 14 20:48:52 2016] <johnw> trying to apply proof_irrelevance, I get Cannot unify Type with Prop
[Thu Jan 14 20:50:00 2016] <johnw> ah, I see
[Thu Jan 14 20:50:48 2016] <jgross_> You want something of type prop_extensionality from https://coq.inria.fr/library/Coq.Logic.ClassicalFacts.html 
[Thu Jan 14 20:50:53 2016] <johnw> no, right, I got it
[Thu Jan 14 20:51:07 2016] <johnw> that did the trick
[Thu Jan 14 21:28:45 2016] <redlizard> Greetings.
[Thu Jan 14 21:28:47 2016] <redlizard> I'm trying to get this function definition to work: http://pastebin.com/YStZsx1U
[Thu Jan 14 21:28:48 2016] <redlizard> But coq doesn't accept it, because in the Foo match rule, (state w) has type WidgetState (widgetTypes w) instead of bool -- even though this rewrites to bool after substituting Foo for (widgetTypes w).
[Thu Jan 14 21:28:50 2016] <redlizard> I've seen several references to the difficulties with dependent matching, but they were all about the case in which the result type of the match depends on the matched value, which is not the case here.
[Thu Jan 14 21:28:51 2016] <redlizard> Any clues as to the magic incantations I need to get this to work?
[Thu Jan 14 21:30:20 2016] <redlizard> I've tried some blind shotgunning of magic keywords, but to no avail, and I don't really understand them properly.
[Thu Jan 14 21:32:43 2016] <redlizard> Undoubtedly one of the mysterious match annotations is involved, but I don't know which one, or why exactly.
[Thu Jan 14 21:34:10 2016] <benzrf> hey redlizard
[Thu Jan 14 21:34:19 2016] <redlizard> Yo.
[Thu Jan 14 21:34:20 2016] <tejing> pass 'state w' as an argument to the output of the match, and use return type specialization
[Thu Jan 14 21:35:28 2016] <redlizard> tejing: Can you elaborate?
[Thu Jan 14 21:35:38 2016] <benzrf> redlizard: this function doesnt make sense
[Thu Jan 14 21:35:52 2016] <benzrf> no wait nvm i misread >.<
[Thu Jan 14 21:36:32 2016] <benzrf> redlizard: you can do definitions with tactics, which might help
[Thu Jan 14 21:36:40 2016] <benzrf> i don't know if that's a /good/ way to do it
[Thu Jan 14 21:36:48 2016] <tejing> 'match widgetTypes w as w' return WidgetState w' -> with Foo => fun statew => statew | Bar => fun _ => true end (state w)'
[Thu Jan 14 21:36:59 2016] <tejing> oops
[Thu Jan 14 21:37:14 2016] <tejing> s/->/-> bool/
[Thu Jan 14 21:39:11 2016] <redlizard> tejing: That seems to do the job. Let me state at it a bit until I understand it.
[Thu Jan 14 21:43:03 2016] <tejing> w' is a new name for (widgetTypes w) which is only in scope in the return annotation, and gets specialized appropriately on each branch
[Thu Jan 14 21:44:28 2016] <redlizard> Right.
[Thu Jan 14 21:45:02 2016] <redlizard> tejing: Do you know why coq can't just substitute the matched term inside the entirity of the rhs expansion?
[Thu Jan 14 21:45:24 2016] <redlizard> That doesn't look undecidable to me.
[Thu Jan 14 21:46:35 2016] <redlizard> That is to say, I understand the solution, but I don't understand why the problem is there in the first place.
[Thu Jan 14 21:47:28 2016] <tejing> some use cases wouldn't be writable that way I think... one of the things one often does is carry in an equality between the original form of the matched term and the specialized form. what you said would convert both sides of the equality, making it useless
[Thu Jan 14 21:48:55 2016] <redlizard> But coq does most of such substitutions already, doesn't it?
[Thu Jan 14 21:49:03 2016] <redlizard> It seems it doesn't do it only for dependent types.
[Thu Jan 14 21:51:23 2016] <tejing> without any dependent types, there's no need for the different branches of the match to have different types, so the whole issue doesn't exist...
[Thu Jan 14 21:52:05 2016] <redlizard> But different branches of the match DON'T have different types in my original example.
[Thu Jan 14 21:54:16 2016] <tejing> in this situation, what is determined about the value of w by a match on widgetTypes w is straightforward, but 'widgetTypes' could be an arbitrarily complex calculation... coq would need to understand how to invert that function, no matter how complicated it is
[Thu Jan 14 21:56:57 2016] <redlizard> Why does it need to invert anything?
[Thu Jan 14 21:57:16 2016] <redlizard> All it needs to do is substitute the entire term (widgetTypes w) in the right hand side.
[Thu Jan 14 21:57:48 2016] <tejing> redlizard: to know if 'state w' is well-typed
[Thu Jan 14 21:58:03 2016] <redlizard> That is, rewrite (widgetTypes w) -> Foo in (any expansions of) the rhs of the Foo case.
[Thu Jan 14 21:58:30 2016] <redlizard> tejing: Yet I get the following error:
[Thu Jan 14 21:58:41 2016] <redlizard> > The term "state w" has type "WidgetState (widgetTypes w)" while it is expected to have type "bool".
[Thu Jan 14 21:58:53 2016] <redlizard> So all it needs to do is perform the substitution during this check.
[Thu Jan 14 21:59:36 2016] <redlizard> That doesn't take inversion, does it?
[Thu Jan 14 22:00:46 2016] <tejing> in this case, no, it can get by without inverting, but only because the situation happens to line up that way... and personally, I'd rather have the behavior be simple than have it try to be smart in all kinds of edge cases
[Thu Jan 14 22:01:51 2016] <redlizard> But isn't this exactly the type of substitution coq already does in non-dependent matchings?
[Thu Jan 14 22:03:44 2016] <redlizard> That is to say, it would seem that coq performs a certain set of heuristics or incomplete simplifications only in the nondependent case, even though some of them could apply in some of the dependent cases.
[Thu Jan 14 22:03:55 2016] <redlizard> Which means coq is being more conservative than it needs to be.
[Thu Jan 14 22:04:38 2016] <tejing> redlizard: yes, except it's no longer guaranteed that inversion won't be an issue, and doing that substitution could make it impossible to write something you want to be able to write
[Thu Jan 14 22:04:59 2016] <redlizard> Hm. Okay.
[Thu Jan 14 22:05:39 2016] <redlizard> I'm not sure I understand that, which probably means I should stop arguing about it and concede the point :)
[Thu Jan 14 22:05:46 2016] <tejing> redlizard: hehe
[Thu Jan 14 22:06:13 2016] <redlizard> In any case, thanks for the help, this trick seems to the the job.
[Thu Jan 14 22:08:00 2016] <tejing> redlizard: coq also just isn't built for ease of dependently typed programming. it's built for proving things with tactics. there are certainly a lot of things that could be made more elegant in that regard.
[Thu Jan 14 22:08:39 2016] <redlizard> I did notice.
[Thu Jan 14 22:10:12 2016] <redlizard> Earlier I tried to define a function: forall a: A, P a -> B, with an incomplete definition that covers all `a` for which `P a` holds.
[Thu Jan 14 22:10:26 2016] <redlizard> I managed eventually but it was a complete pain in the butt.
[Thu Jan 14 22:12:12 2016] <redlizard> That's the sort of thing you would hope to be easier in a system really designed for dependently typed programming.
[Thu Jan 14 22:24:58 2016] <redlizard> Okay, I have to run.
[Thu Jan 14 22:25:03 2016] <redlizard> tejing: Thanks for all the help :)
[Thu Jan 14 22:25:16 2016] <tejing> redlizard: np :-)
[Thu Jan 14 22:30:16 2016] <benzrf> hmmm, hold on
[Thu Jan 14 22:30:22 2016] <benzrf> so when you do a match
[Thu Jan 14 22:30:41 2016] <benzrf> it releases a definitional equality?
[Thu Jan 14 23:13:13 2016] <lingxiao> hey man
[Thu Jan 14 23:13:13 2016] <lingxiao> anyone around?
[Thu Jan 14 23:55:16 2016] <benzrf> hi lpaste
[Thu Jan 14 23:55:20 2016] <benzrf> ling oh wait
[Thu Jan 14 23:57:05 2016] <artart78> rule n°1 of the IRC: if someone asks "anyone here" just after coming, it means they'll be left before you can answer
[Thu Jan 14 23:59:01 2016] <benzrf> im guilty of that :D
[Fri Jan 15 00:37:29 2016] <johnw> redlizard: it actually does get easier if you use Program Definition
[Fri Jan 15 00:38:05 2016] <johnw> redlizard: when you match on 'a', just use "_" for the cases that are absurd (although, granted it would be better to just not have to state them at all), and they should be provided automatically
[Fri Jan 15 00:49:53 2016] <johnw> jgross_: ping
[Fri Jan 15 01:57:14 2016] <joco42> is there any reason why coqIDE 8.4pl5 should crash while importing String ?
[Fri Jan 15 01:58:03 2016] <joco42> in :
[Fri Jan 15 01:58:08 2016] <joco42> https://www.irccloud.com/pastebin/LlF4UtdC/
[Fri Jan 15 01:58:31 2016] <joco42> does anyone else experiencing crashes like that ?
[Fri Jan 15 01:58:38 2016] <joco42> on - Require String.
[Fri Jan 15 01:58:46 2016] <joco42> mac os ?
[Fri Jan 15 02:21:53 2016] <johnw> try Require Import String.
[Fri Jan 15 02:22:06 2016] <johnw> anyone know how to match goal on: exists a0 : a, In a x a0 /\ In a (ret a0) z
[Fri Jan 15 02:22:18 2016] <johnw> I've tried [ |- ex _ _ ] and [ |- ex _ ], but nothing matches
[Fri Jan 15 02:23:05 2016] <johnw> ahh
[Fri Jan 15 02:23:12 2016] <johnw> ex ?X
[Fri Jan 15 02:36:29 2016] <joco42> thanks
[Fri Jan 15 02:41:15 2016] <jgross_> johnw: Goal forall a x (a0 : nat) ret, exists a0 : a, List.In a x /\ List.In a (ret a0). Proof.   intros.   match goal with   | [ |- ex _ ] => idtac   end. works fine for me.	Maybe try [Set Printing All]? 
[Fri Jan 15 02:41:30 2016] <joco42> johnw:  that crashes too
[Fri Jan 15 02:41:38 2016] <johnw> jgross_: I got it working, thanks
[Fri Jan 15 02:41:59 2016] <johnw> jgross_: so, rep -> (rep * m a) isn't going to work
[Fri Jan 15 02:42:09 2016] <johnw> I can't write join for that
[Fri Jan 15 02:42:15 2016] <johnw> joco42: :(
[Fri Jan 15 02:42:32 2016] <joco42> i guess i just use proof general then
[Fri Jan 15 02:42:38 2016] <johnw> joco42: does it crash if you use coqtop from the comman-dline?
[Fri Jan 15 02:42:58 2016] <joco42> lemme try
[Fri Jan 15 02:46:10 2016] <joco42> coqtop -l Induction.v , this does not crash, <  johnw
[Fri Jan 15 02:46:28 2016] <johnw> how about coqtop, and then at the prompt: Require String.
[Fri Jan 15 02:46:59 2016] <joco42> lemme see
[Fri Jan 15 02:47:10 2016] <joco42> no problem
[Fri Jan 15 02:47:15 2016] <joco42> apparently
[Fri Jan 15 02:47:30 2016] <joco42> but i have no idea how to use coqtop
[Fri Jan 15 02:49:05 2016] <johnw> so, if that worked, Proof General should work
[Fri Jan 15 02:49:12 2016] <johnw> I know nothing about coqide
[Fri Jan 15 02:51:11 2016] <joco42> coqtop is not doing anything... except when i hit ctrl-D...
[Fri Jan 15 02:51:31 2016] <jgross_> johnw: rep -> m (rep * a) is impossible to implement generically. Consider the reader monad, implemented as m T = R -> T.  rep -> (R -> rep * a) isn't the type of a method.  One way or another, you need to specify the state at the end of execution. 
[Fri Jan 15 02:51:35 2016] <joco42> is there a simple way to test coqtop?
[Fri Jan 15 02:51:57 2016] <joco42> what should i type/press to get some/any response from coqtop ?
[Fri Jan 15 02:52:21 2016] <jgross_> joco42: Type "Check True." and then press enter 
[Fri Jan 15 02:52:28 2016] <joco42> ahh
[Fri Jan 15 02:52:29 2016] <joco42> ok
[Fri Jan 15 02:52:34 2016] <joco42> maybe the dot was missing
[Fri Jan 15 02:52:46 2016] <joco42> that worked
[Fri Jan 15 02:52:52 2016] <jgross_> Yes, coqtop waits until you finish a command before giving you any feedback. 
[Fri Jan 15 02:52:54 2016] <johnw> jgross_: rep -> rep * m a will require m to be distributive, I think
[Fri Jan 15 02:53:19 2016] <joco42> Require String. works fine...
[Fri Jan 15 02:53:37 2016] <joco42> maybe i just use emacs then
[Fri Jan 15 03:21:20 2016] <johnw> jgross_: actually, 'm' just needs to be Traversable, which works for me
[Fri Jan 15 04:15:09 2016] <johnw> jgross_: ack, nothing worse than importing a module and getting just "Universe inconsistency."
[Fri Jan 15 06:25:35 2016] <redlizard> johnw: Ah, that program definition worked! That's great :)
[Fri Jan 15 08:16:31 2016] <rrika> Can I have a Fixpoint decrease on an argument like (l: list T | foobar l = true) ?
[Fri Jan 15 10:55:41 2016] <lingxiao> hey all
[Fri Jan 15 10:55:47 2016] <lingxiao> does anyone have compnay-coq?
[Fri Jan 15 11:37:47 2016] <jgross_> johnw: When you [Set Printing Universes], which universe variable do you get?  You can try using the bug minimizer to find which imports break things. 
[Fri Jan 15 11:40:42 2016] <cpitclaudel> lingxiao: Sure, I wrote it.
[Fri Jan 15 12:38:11 2016] <rrika> coq tells me "Error: Only structural decreasing is supported for a non-Program Fixpoint"
[Fri Jan 15 12:38:15 2016] <rrika> what's a "program fixpoint"
[Fri Jan 15 12:39:49 2016] <jrw> rrika: "Program Fixpoint" is a command that let's you do general recursion and prove termination separately
[Fri Jan 15 12:40:08 2016] <jrw> as opposed to "Fixpoint" which is the usual way to define recursive functions, which only supports structural recursion
[Fri Jan 15 12:40:41 2016] <jrw> also, to answer your earlier question, no, you cannot do structural recursion on a type like {l : list T | P l}
[Fri Jan 15 12:41:02 2016] <jrw> because that type is not recursively defined the way you want it to be
[Fri Jan 15 12:41:14 2016] <jrw> you need to separate the list from the proof and then do recursion on the list
[Fri Jan 15 12:46:06 2016] <dash_> Hi
[Fri Jan 15 12:46:20 2016] <jrw> dash_: hi
[Fri Jan 15 12:47:29 2016] <dash_> i got a problem which seems trivial and yet i haven't found a solution for an hour or so, maybe somebody here can help...
[Fri Jan 15 12:48:59 2016] <dash_> during a proof i have proposition in my context "~(exists n, (exists m, P m n))" (note the nested quantifiers)"... somehow this is syntactically different from "~exists n m, P m n"
[Fri Jan 15 12:49:32 2016] <dash_> is there a way to "transform" the first to the latter?
[Fri Jan 15 12:50:35 2016] <dash_> since I can't apply (for example) "not_ex_all_not" on the first one
[Fri Jan 15 12:50:47 2016] <dash_> as a consequence
[Fri Jan 15 12:54:49 2016] <redlizard> dash_: Yes you could.
[Fri Jan 15 12:55:01 2016] <redlizard> `apply not_ex_all_not; intros; apply not_ex_all_not` should work fine.
[Fri Jan 15 12:55:53 2016] <dash_> I mean in proposition in my context
[Fri Jan 15 12:56:28 2016] <redlizard> Ah.
[Fri Jan 15 12:56:46 2016] <dash_> :)
[Fri Jan 15 12:57:04 2016] <jrw> dash_: those are not syntactically different for me.
[Fri Jan 15 12:57:07 2016] <tejing> dash_: the notations mean the same expression
[Fri Jan 15 12:57:09 2016] <tejing> just tested it
[Fri Jan 15 12:57:17 2016] <jrw> yeah
[Fri Jan 15 12:57:18 2016] <dash_> i be right back (have to disconnect for a minute...)
[Fri Jan 15 12:57:31 2016] <dash_> library's closing :)
[Fri Jan 15 13:02:38 2016] <Nik05> morning
[Fri Jan 15 14:08:30 2016] <johnw> jgross_: I really need to master the use of your bug minimizer
[Fri Jan 15 14:14:12 2016] <johnw> redlizard: nice!
[Fri Jan 15 14:36:35 2016] <redlizard> johnw: Much better than my attempt involving a recursive function with a nonterminating recursive call for the absurd cases, proved terminating by a trivial well-founded relation.
[Fri Jan 15 14:36:57 2016] <johnw> lol
[Fri Jan 15 14:37:07 2016] <redlizard> It was the only thing I could think of...
[Fri Jan 15 14:37:19 2016] <redlizard> In it did in fact work, but ew.
[Fri Jan 15 14:38:43 2016] <rrika> redlizard, it is quite effective IMO
[Fri Jan 15 14:38:46 2016] <rrika> and not too long
[Fri Jan 15 14:38:55 2016] <redlizard> rrika: What is?
[Fri Jan 15 14:39:09 2016] <rrika> your use of the relation that is False all the time for well-founded ness
[Fri Jan 15 14:39:19 2016] <redlizard> Well, it works.
[Fri Jan 15 14:39:26 2016] <redlizard> But the Program Definition solution is much much better.
[Fri Jan 15 14:40:04 2016] <johnw> programs is great for "something goes here, I'll prove it after"
[Fri Jan 15 14:41:44 2016] <rrika> redlizard, out of curiosity I'm still trying to get my own version to work.
[Fri Jan 15 14:42:01 2016] <rrika> but I still have a custom induction
[Fri Jan 15 14:42:05 2016] <rrika> (non structural)
[Fri Jan 15 15:23:32 2016] <rrika> What's a short way to turn (x : false = true) into (x : False)?
[Fri Jan 15 15:23:42 2016] <rrika> Without tactics that is.
[Fri Jan 15 15:23:53 2016] <johnw> you can find that technique in CPDT
[Fri Jan 15 15:24:01 2016] <johnw> on how to manually build the discriminate tactic
[Fri Jan 15 15:24:45 2016] <rrika> thank you, I didn't want to start two books at the same time, so…
[Fri Jan 15 15:25:18 2016] <johnw> what book are you reading now?
[Fri Jan 15 15:25:51 2016] <johnw> rrika: check out http://adam.chlipala.net/cpdt/html/InductiveTypes.html, search for "Manual Proofs About Constructors"
[Fri Jan 15 15:26:07 2016] <johnw> "It can be useful to understand how tactics like discriminate and injection work, so it is worth stepping through a manual proof of each kind. We will start with a proof fit for discriminate."
[Fri Jan 15 15:26:21 2016] <rrika> johnw, finished the Basics and Inductions chapters of SF (including the five star exercise though)
[Fri Jan 15 15:28:15 2016] <Nik05> nice riaqn
[Fri Jan 15 15:28:17 2016] <johnw> if you plan to use Coq seriously, CPDT is an excellent text
[Fri Jan 15 15:28:18 2016] <Nik05> rrika
[Fri Jan 15 15:29:42 2016] <rrika> ack
[Fri Jan 15 15:30:23 2016] <Nik05> i almost finished Prop...
[Fri Jan 15 15:31:46 2016] <johnw> I lost my will to get all the way through SF, even though there's great stuff in the latter half
[Fri Jan 15 15:32:50 2016] <johnw> maybe because some of my real world tasks are in the same vein; but still, I'd love to get back to it at some point
[Fri Jan 15 15:49:21 2016] <rrika> okay, I'm getting really weird error messages for the last match in https://gist.github.com/rrika/60cd2db31b4c8a3949c7
[Fri Jan 15 15:49:47 2016] <johnw> what's the error?
[Fri Jan 15 15:50:13 2016] <rrika> Error: Found a constructor of inductive type sig while a constructor of list is expected.
[Fri Jan 15 15:50:20 2016] <rrika> but 'sig' is the right type here
[Fri Jan 15 15:50:27 2016] <johnw> don't use Program
[Fri Jan 15 15:51:18 2016] <johnw> Program tries to save you from certain things
[Fri Jan 15 15:51:18 2016] <johnw> one sec
[Fri Jan 15 15:52:29 2016] <johnw> never mind my previosu comment, the error isn't where I thought it was
[Fri Jan 15 15:58:28 2016] <johnw> rrika: I have no idea yet
[Fri Jan 15 16:01:20 2016] <johnw> rrika: this makes part of the problem easier to see: https://gist.github.com/fece350593c1bcb8a4a7
[Fri Jan 15 16:01:55 2016] <johnw> that let fix will need to be factored out to its own Program Fixpoint, though, since it's not structurally recursive
[Fri Jan 15 16:04:49 2016] <rrika> Maybe "Program" does weird things with arguments of type "sig"
[Fri Jan 15 16:05:03 2016] <johnw> that doesn't seem to be it
[Fri Jan 15 16:05:29 2016] <rrika> well, unlike lean, I can't just hover over "li" and see the type coq belives it has.
[Fri Jan 15 16:05:42 2016] <rrika> "Check" in the middle of an expression doesn't work either.
[Fri Jan 15 16:08:03 2016] <johnw> rrika: ok: https://gist.github.com/c1d0844d0a9d5df661f6
[Fri Jan 15 16:08:07 2016] <johnw> prove those two obligations and you're good
[Fri Jan 15 16:09:09 2016] <johnw> what are you trying to prove here, btw?
[Fri Jan 15 16:09:34 2016] <rrika> what redlizard described 1-2 days ago
[Fri Jan 15 16:09:43 2016] <rrika> trying to do it without tactics
[Fri Jan 15 16:09:52 2016] <johnw> what did he describe 2 days ago? :)
[Fri Jan 15 16:10:12 2016] <rrika> basically the signature of search_P_int describes the task
[Fri Jan 15 16:10:24 2016] <rrika> returning an element from a list that fulfills a "P"
[Fri Jan 15 16:10:38 2016] <rrika> using the fact that one element in the list HAS to fulfill it
[Fri Jan 15 16:10:45 2016] <rrika> so the return value is not
[Fri Jan 15 16:10:52 2016] <rrika> maybe E
[Fri Jan 15 16:10:55 2016] <rrika> but E
[Fri Jan 15 16:11:05 2016] <rrika> or even {x : E | P x}
[Fri Jan 15 16:11:25 2016] <johnw> ah, so:
[Fri Jan 15 16:11:25 2016] <johnw> Definition find_P {A} (P : A -> Prop) (xs : list A) : { x : A | P x }.
[Fri Jan 15 16:11:45 2016] <rrika> what does {A} do?
[Fri Jan 15 16:11:54 2016] <johnw> introduces an implicit variable
[Fri Jan 15 16:12:05 2016] <rrika> and ": Type" is implicit too?
[Fri Jan 15 16:12:17 2016] <rrika> because of "list"?
[Fri Jan 15 16:12:29 2016] <johnw> it's implicit too, just because
[Fri Jan 15 16:12:39 2016] <rrika> kk
[Fri Jan 15 16:13:50 2016] <johnw> actually, I think the type has to be:
[Fri Jan 15 16:13:51 2016] <johnw> Definition find_P {A} (P : A -> Prop) (xs : list A)
[Fri Jan 15 16:13:51 2016] <johnw>   (H : exists x : A, List.In x xs /\ P x) : { x : A | P x }.
[Fri Jan 15 16:13:55 2016] <johnw> to fully match your specification
[Fri Jan 15 16:14:13 2016] <johnw> that should be trivial
[Fri Jan 15 16:16:46 2016] <johnw> well, this is too easy in fact
[Fri Jan 15 16:17:03 2016] <johnw> if you give me evidence that the element exists, and the goal of find_P is to return such an element, then you've given me what you want me to return
[Fri Jan 15 16:17:54 2016] <johnw> i.e., https://gist.github.com/f5bbfde3b670027a4a9f
[Fri Jan 15 16:18:31 2016] <rrika> indeed
[Fri Jan 15 16:18:49 2016] <rrika> is my Q similarly trivial?
[Fri Jan 15 16:19:16 2016] <johnw> well, your Q is a fixpoint, so that's not as trivial
[Fri Jan 15 16:33:47 2016] <rrika> the last obligation seems very hard to prove
[Fri Jan 15 17:02:20 2016] <redlizard> johnw: Now assume you want the *first* item in the list that satisfies P, not just any of them.
[Sun Jan 17 03:49:43 2016] <noob0> ping: jrw
[Sun Jan 17 03:49:50 2016] <noob0> jrw: ping
[Sun Jan 17 18:47:05 2016] <johnw> jgross_: ping?
[Sun Jan 17 20:42:52 2016] <rrika> How can I do induction over something like (n : nat | evenb n = true)?
[Sun Jan 17 20:43:00 2016] <rrika> (If at all)
[Sun Jan 17 20:43:41 2016] <rrika> I thought I could do "induction n" followed by "destruct (evenb n)" but that gives me 'ill-typed expressions'
[Sun Jan 17 20:47:08 2016] <rrika> sorry, "induction n", "induction x", "destruct (evenb n)".
[Sun Jan 17 20:52:23 2016] <tejing> rrika: I would write a custom induction principle with a zero case and a double successor case, or prove the logical equivalence of 'evenb n = true' and an inductively defined 'even' predicate, then induct on the proof of the predicate.
[Sun Jan 17 21:27:13 2016] <jgross_> johnw: pong 
[Sun Jan 17 21:27:28 2016] <johnw> hey, I forgot what I was going to ask :)
[Sun Jan 17 21:32:13 2016] <johnw> jgross_: so, I'm trying to build an ADT that combines two other ADTs
[Sun Jan 17 21:32:31 2016] <johnw> jgross_: is there a way to do this so that I can "refine the composition", rather than simplify combining two already-refined implementations?
[Sun Jan 17 21:32:39 2016] <johnw> s/simplify/simply
[Sun Jan 17 21:35:44 2016] <johnw> jgross_: example question: is it possible within an ADT method to "call" another ADT method, and then in refinement, refine to a CallMethod of a cADT for that "call"?  If that even made sense
[Sun Jan 17 21:36:00 2016] <johnw> I want a non-deterministic equivalent of CallMethod for ADTs
[Sun Jan 17 21:36:14 2016] <johnw> ahh, callADTMethod
[Sun Jan 17 22:04:29 2016] <lingxiao> could someone give me some tips on this proof?
[Sun Jan 17 22:04:34 2016] <johnw> sorry, heading to dinner :)
[Sun Jan 17 22:04:42 2016] <johnw> I didn't mean to be mean, literally my wife just called me
[Sun Jan 17 22:04:44 2016] <johnw> but I'll be back
[Sun Jan 17 22:04:45 2016] <lingxiao> I understand the logic "on paper" but not in coq
[Sun Jan 17 22:04:49 2016] <lingxiao> lol all good thanks man!
[Sun Jan 17 22:09:57 2016] <lingxiao> Cale here's the lpaste: http://lpaste.net/150112
[Sun Jan 17 22:10:17 2016] <lingxiao> and this:
[Sun Jan 17 22:10:19 2016] <lingxiao> f (f b) = f b] ==> [f b = b]  by the fact that [f b = b]
[Sun Jan 17 22:10:19 2016] <lingxiao> k_bx has joined (~k_bx@100-169-94-178.pool.ukrtel.net)
[Sun Jan 17 22:10:20 2016] <lingxiao> lingxiao
[Sun Jan 17 22:10:21 2016] <lingxiao> then I have [f b = b] ==> [b = b] by the previous fact again
[Sun Jan 17 22:11:02 2016] <Cale> okay
[Sun Jan 17 22:11:19 2016] <lingxiao> and I see this at the current state of my proof:
[Sun Jan 17 22:11:20 2016] <lingxiao> http://lpaste.net/150113
[Sun Jan 17 22:11:42 2016] <lingxiao> see I want to do something like [rewrite f] so that I get [f b = b]
[Sun Jan 17 22:11:43 2016] <Cale> I would have named it P rather than x
[Sun Jan 17 22:11:46 2016] <Cale> but okay
[Sun Jan 17 22:11:49 2016] <lingxiao> but that's not going to work...
[Sun Jan 17 22:11:54 2016] <lingxiao> what's P?
[Sun Jan 17 22:12:04 2016] <Cale> P : forall x : bool, f x = x
[Sun Jan 17 22:12:05 2016] <lingxiao> like what does it stand for?
[Sun Jan 17 22:12:18 2016] <Cale> It's a function which given some x : bool, gives you the equality f x = x
[Sun Jan 17 22:12:30 2016] <Cale> (i.e. the proof of that equality)
[Sun Jan 17 22:12:48 2016] <lingxiao> ok wait could we back up
[Sun Jan 17 22:12:57 2016] <lingxiao> how should i read the propositon in egnlish?
[Sun Jan 17 22:13:28 2016] <lingxiao> is it forall f of type Bool -> Bool,  `and` forall x of type bool so that f x = x
[Sun Jan 17 22:14:05 2016] <Cale> I think you understand the proposition, but you could read it as saying that for any function f of type bool -> bool, if, for every x of type bool, we have f x = x, then for every b of type bool, we have f (f b) = b
[Sun Jan 17 22:14:22 2016] <Cale> your layout is a little weird
[Sun Jan 17 22:14:35 2016] <lingxiao> hmm? what layout? of my proof?
[Sun Jan 17 22:14:38 2016] <lingxiao> like it's not on one line?
[Sun Jan 17 22:14:41 2016] <Cale> of the statement
[Sun Jan 17 22:14:56 2016] <lingxiao> or prposition .. oh yeah Im not familiar so I indented it by some whim
[Sun Jan 17 22:15:36 2016] <Cale> but yeah, it's a little funny because of the nested foralls, it's hard to pick something really nice
[Sun Jan 17 22:16:39 2016] <lingxiao> so the "if, for every x of type bool, we have f x = x," is the proof P?
[Sun Jan 17 22:16:50 2016] <Cale> Theorem identity_fn_applied_twice (f : bool -> bool) (P : forall x : bool, f x = x) (b : bool) : f (f b) = b. -- we could write it like this if we like
[Sun Jan 17 22:16:51 2016] <lingxiao> so proof by assumption right?
[Sun Jan 17 22:17:18 2016] <lingxiao> oh so yo named it in the statement
[Sun Jan 17 22:17:24 2016] <Cale> yeah
[Sun Jan 17 22:17:34 2016] <lingxiao> and again `P`roof by assumption
[Sun Jan 17 22:17:43 2016] <Cale> I don't know what proof by assumption really means
[Sun Jan 17 22:17:52 2016] <lingxiao> sorry true by assumption
[Sun Jan 17 22:17:58 2016] <Cale> but this P is indeed an assumption
[Sun Jan 17 22:18:14 2016] <Cale> that we need to satisfy if we want to apply our theorem
[Sun Jan 17 22:18:45 2016] <Cale> If we want to later make use of identity_fn_applied_twice, we need to provide a proof P that forall x : bool, f x = x
[Sun Jan 17 22:18:46 2016] <lingxiao> wait I though we're proving this part?
[Sun Jan 17 22:18:53 2016] <lingxiao> forall (b:bool), f (f b) = b
[Sun Jan 17 22:18:57 2016] <Cale> yep
[Sun Jan 17 22:19:08 2016] <lingxiao> but your'e saying we need to satisfy P if we want to apply our theorem?
[Sun Jan 17 22:19:20 2016] <lingxiao> aren't we using P to prove forrall (b:bool), f (f b) = b
[Sun Jan 17 22:19:20 2016] <Cale> We're just proving the theorem, not applying it :)
[Sun Jan 17 22:19:40 2016] <Cale> But if we wanted to apply it, we'd need to construct a proof that we could supply as the P argument to this
[Sun Jan 17 22:20:08 2016] <Cale> which would be a function that given x : bool, would produce a proof that f x = x
[Sun Jan 17 22:20:32 2016] <Cale> That's what the type  forall x : bool, f x = x  is
[Sun Jan 17 22:20:44 2016] <lingxiao> so the type is a proposition
[Sun Jan 17 22:20:44 2016] <Cale> forall x : A, B x
[Sun Jan 17 22:20:51 2016] <Cale> is the type of functions which given some x of type A
[Sun Jan 17 22:20:56 2016] <Cale> produce a result of type B x
[Sun Jan 17 22:20:57 2016] <lingxiao> and we need to implement a type as a witness right
[Sun Jan 17 22:21:01 2016] <lingxiao> so ie P true = true
[Sun Jan 17 22:21:03 2016] <lingxiao> P false = false
[Sun Jan 17 22:21:10 2016] <Cale> P true won't be a bool
[Sun Jan 17 22:21:25 2016] <Cale> It'll be some term of type f x = x
[Sun Jan 17 22:21:28 2016] <lingxiao> oh opse P : bool
[Sun Jan 17 22:21:40 2016] <Cale> hm?
[Sun Jan 17 22:21:44 2016] <lingxiao> so f x = x : Bool right?
[Sun Jan 17 22:21:48 2016] <Cale> no
[Sun Jan 17 22:21:57 2016] <Cale> f x = x is itself a type
[Sun Jan 17 22:22:17 2016] <lingxiao> so what's an insatnce of that type?
[Sun Jan 17 22:22:37 2016] <Cale> Well, I can't write one without knowing what f is :)
[Sun Jan 17 22:22:50 2016] <lingxiao> so let f = id
[Sun Jan 17 22:24:29 2016] <Cale> Coq < Inductive eq (A:Type) (x:A) : A -> Prop :=
[Sun Jan 17 22:24:29 2016] <Cale> Coq <     eq_refl : eq A x x.
[Sun Jan 17 22:24:34 2016] <Cale> (from the manual)
[Sun Jan 17 22:24:50 2016] <lingxiao> oh boy I can't read that
[Sun Jan 17 22:24:53 2016] <Cale> eq_refl is a data constructor of this type eq (which is the desugaring of =)
[Sun Jan 17 22:24:54 2016] <lingxiao> I'm very green to this
[Sun Jan 17 22:25:02 2016] <Cale> okay
[Sun Jan 17 22:25:21 2016] <Cale> So, when you write  f x = x
[Sun Jan 17 22:25:37 2016] <Cale> It really means  eq bool (f x) x
[Sun Jan 17 22:25:59 2016] <lingxiao> so eq is just `=` correct?
[Sun Jan 17 22:26:01 2016] <lingxiao> what's bool?
[Sun Jan 17 22:26:04 2016] <Cale> (actually, you can't write that, because the first argument to eq is implicit, so you have to make it not implicit)
[Sun Jan 17 22:26:10 2016] <Cale> @eq bool (f x) x
[Sun Jan 17 22:26:14 2016] <Cale> if we want to be picky
[Sun Jan 17 22:26:19 2016] <lingxiao> ok so what's eq
[Sun Jan 17 22:26:25 2016] <lingxiao> what's its arity?
[Sun Jan 17 22:26:34 2016] <lingxiao> what is bool?
[Sun Jan 17 22:26:38 2016] <lingxiao> is that a type?
[Sun Jan 17 22:26:39 2016] <Cale> eq is a data type which is parameterised over some type A
[Sun Jan 17 22:26:48 2016] <Cale> and a value x of type A
[Sun Jan 17 22:27:23 2016] <Cale> and produces a type function A -> Prop
[Sun Jan 17 22:27:37 2016] <Cale> i.e. given some type A and some value x : A
[Sun Jan 17 22:27:42 2016] <lingxiao> so eq is a type costructor?
[Sun Jan 17 22:27:43 2016] <Cale> eq A x y : Prop
[Sun Jan 17 22:27:45 2016] <Cale> yeah
[Sun Jan 17 22:27:56 2016] <lingxiao> what's  prop?
[Sun Jan 17 22:27:56 2016] <Cale> and it has one data constructor
[Sun Jan 17 22:27:58 2016] <lingxiao> is that a type?
[Sun Jan 17 22:28:03 2016] <Cale> Prop is the type of all propositions
[Sun Jan 17 22:28:19 2016] <lingxiao> aren't all type signatures propositions?
[Sun Jan 17 22:28:23 2016] <Cale> which is similar to a universe of types
[Sun Jan 17 22:28:35 2016] <lingxiao> so is it like kind *?
[Sun Jan 17 22:28:48 2016] <Cale> yeah, a bit
[Sun Jan 17 22:28:52 2016] <lingxiao> but * is unary types only?
[Sun Jan 17 22:28:57 2016] <lingxiao> is there a Prop -> Prop and so on?
[Sun Jan 17 22:29:03 2016] <Cale> but there are some differences when it comes to what's allowed, such that when you extract executable code from Coq, all the stuff of type Prop can be thrown out
[Sun Jan 17 22:29:37 2016] <Cale> You're not allowed to pattern match on values of a type which is in Prop in order to compute a result of a type which is in Type
[Sun Jan 17 22:29:49 2016] <Cale> (in general)
[Sun Jan 17 22:30:01 2016] <Cale> You can pattern match on them to make other Props
[Sun Jan 17 22:30:14 2016] <Cale> It's just a weird Coq thing, kinda :)
[Sun Jan 17 22:30:32 2016] <Cale> There's some other cute differences, the main thing being something called impredicativity
[Sun Jan 17 22:30:41 2016] <Cale> But it's technical
[Sun Jan 17 22:30:54 2016] <Cale> I would actually prefer just to be able to say here that eq A x x : Type
[Sun Jan 17 22:31:11 2016] <Cale> In most other settings, that would be the case :P
[Sun Jan 17 22:31:31 2016] <lingxiao> wait so in eq A x y, we have x, y : A right?
[Sun Jan 17 22:31:35 2016] <Cale> yeah
[Sun Jan 17 22:31:48 2016] <lingxiao> ok great i'm learning a lot already thanks :)
[Sun Jan 17 22:31:56 2016] <lingxiao> so syntax weise i still dont get it
[Sun Jan 17 22:31:57 2016] <Cale> and eq_refl gives you a value of type  eq A x x for any x you like
[Sun Jan 17 22:32:11 2016] <lingxiao> what's eq_refl
[Sun Jan 17 22:32:14 2016] <lingxiao> equality relfection?
[Sun Jan 17 22:32:16 2016] <Cale> the data constructor
[Sun Jan 17 22:32:22 2016] <Cale> for this type
[Sun Jan 17 22:32:36 2016] <Cale> (or Prop, if you must)
[Sun Jan 17 22:32:41 2016] <lingxiao> what's the value of eq Bool x x
[Sun Jan 17 22:32:46 2016] <lingxiao> or a value
[Sun Jan 17 22:32:52 2016] <Cale> Well, we know that eq_refl is
[Sun Jan 17 22:33:16 2016] <Cale> There may be others, but it's actually impossible to prove that there's anything other than eq_refl in plain Coq
[Sun Jan 17 22:33:17 2016] <lingxiao> so it goes term, type, prop in hiearchy of sets?
[Sun Jan 17 22:33:54 2016] <lingxiao> sorry my questions are all over the place lol
[Sun Jan 17 22:34:03 2016] <Cale> There are three "sorts", Set, Prop, and Type
[Sun Jan 17 22:34:17 2016] <lingxiao> hmm which on is on the bottome?
[Sun Jan 17 22:34:23 2016] <Cale> Prop is the universe of logical propositions
[Sun Jan 17 22:34:35 2016] <Cale> Set is the universe of program types
[Sun Jan 17 22:34:41 2016] <Cale> and then Type is the type of Set and Prop
[Sun Jan 17 22:35:18 2016] <lingxiao> wait is Prop and Set mutally exclusive?
[Sun Jan 17 22:35:22 2016] <Cale> yeah
[Sun Jan 17 22:35:39 2016] <Cale> There's actually a little more going on, which I should probably say something about
[Sun Jan 17 22:35:43 2016] <lingxiao> so what is Nat?
[Sun Jan 17 22:35:48 2016] <lingxiao> is that a type?
[Sun Jan 17 22:35:56 2016] <lingxiao> Type*
[Sun Jan 17 22:36:09 2016] <lingxiao> so for example 12 is Nat right
[Sun Jan 17 22:36:11 2016] <Cale> If you type  Check nat.
[Sun Jan 17 22:36:17 2016] <Cale> and run it
[Sun Jan 17 22:36:22 2016] <Cale> Coq will tell you :)
[Sun Jan 17 22:36:57 2016] <lingxiao> ah it's a Set
[Sun Jan 17 22:36:59 2016] <lingxiao> which makes sense
[Sun Jan 17 22:37:09 2016] <lingxiao> Set is a type
[Sun Jan 17 22:37:19 2016] <lingxiao> type is  type
[Sun Jan 17 22:37:19 2016] <Cypi> (actually, Prop and Set are not mutually exclusive. Everything in Prop is also in Type. Not that it matters, really.)
[Sun Jan 17 22:37:31 2016] <Cypi> (also in Set*)
[Sun Jan 17 22:37:42 2016] <Cale> Oh, interesting
[Sun Jan 17 22:38:01 2016] <lingxiao> interesting that Type is a Type?
[Sun Jan 17 22:38:02 2016] <lingxiao> yeah ..
[Sun Jan 17 22:38:23 2016] <Cale> lingxiao: Oh, hah, I meant the inclusion of Prop in Set
[Sun Jan 17 22:38:32 2016] <Cale> lingxiao: The Type : Type thing is actually a slight lie
[Sun Jan 17 22:38:45 2016] <lingxiao> oh how so?
[Sun Jan 17 22:38:57 2016] <Cale> if you turn on the option "display universe levels" in the view menu in coqide
[Sun Jan 17 22:39:06 2016] <Cale> and run  Check Type.  again
[Sun Jan 17 22:39:27 2016] <Cale> You'll see something like  Type (* Top.2 *) : Type (* (Top.2)+1 *)
[Sun Jan 17 22:39:56 2016] <Cale> where it's inserted these usually-invisible universe levels as comments, haha
[Sun Jan 17 22:40:03 2016] <lingxiao> what Top?
[Sun Jan 17 22:40:10 2016] <lingxiao> or what does it stand for?
[Sun Jan 17 22:40:23 2016] <Cale> Just read that Top.2 thing as a variable, I'm not actually sure what it stands for
[Sun Jan 17 22:40:34 2016] <lingxiao> oh i thought it mean toplogy haha
[Sun Jan 17 22:40:39 2016] <lingxiao> just kidding ..
[Sun Jan 17 22:40:45 2016] <lingxiao> anyways so set is a type
[Sun Jan 17 22:40:50 2016] <lingxiao> is there another example of type?
[Sun Jan 17 22:40:53 2016] <Cale> but there's like an infinite sequence, for each natural number i, there's Type i
[Sun Jan 17 22:41:00 2016] <lingxiao> yeah that make sense
[Sun Jan 17 22:41:01 2016] <Cale> and we have  Type i : Type (i+1)
[Sun Jan 17 22:41:15 2016] <Cypi> (Top is just the placeholder module name for the toplevel stuff. If a universe comes from some specific module, its name might be prefixed by this module's name)
[Sun Jan 17 22:41:24 2016] <lingxiao> ah i see
[Sun Jan 17 22:41:25 2016] <Cale> ah
[Sun Jan 17 22:41:28 2016] <lingxiao> that's really nifty acutally
[Sun Jan 17 22:41:46 2016] <Cale> but Coq hides this universe level stuff from you and just checks that the universe levels work out behind the scenes
[Sun Jan 17 22:41:54 2016] <Cale> A lot of the time, that's nice
[Sun Jan 17 22:41:58 2016] <lingxiao> oh great that's neat yeah
[Sun Jan 17 22:41:59 2016] <Cale> sometimes, it's a total pain
[Sun Jan 17 22:42:15 2016] <lingxiao> I'm just a baby at this, so I'll put that in the back of my mind for now
[Sun Jan 17 22:42:27 2016] <lingxiao> wait aren't sets like types?
[Sun Jan 17 22:42:35 2016] <lingxiao> sets in the math sense ...
[Sun Jan 17 22:42:38 2016] <Cale> kinda, yeah
[Sun Jan 17 22:42:52 2016] <Cale> Sets in the ZFC sense are pretty weird things
[Sun Jan 17 22:42:53 2016] <lingxiao> so why is a Set an instance of Type?
[Sun Jan 17 22:43:09 2016] <lingxiao> what when I declare nat as a Set, is that a ZFC set?
[Sun Jan 17 22:43:12 2016] <Cale> Well, it's sort of like the bottom of the hierarchy
[Sun Jan 17 22:43:15 2016] <Cale> no
[Sun Jan 17 22:43:20 2016] <Cale> This isn't ZFC :)
[Sun Jan 17 22:43:29 2016] <Cale> It's a completely separate formalism of its own
[Sun Jan 17 22:44:00 2016] <lingxiao> so really we have Set is Type0, and Type is Type1, so Type0 : Type1
[Sun Jan 17 22:44:10 2016] <Cale> yeah, pretty much that's the idea
[Sun Jan 17 22:44:12 2016] <lingxiao> and Set and Type are just like word?
[Sun Jan 17 22:44:17 2016] <lingxiao> words*  oh ok great
[Sun Jan 17 22:44:24 2016] <lingxiao> now it makese more sense
[Sun Jan 17 22:44:35 2016] <Cale> and there's cumulativity, so if you have A : Type i, then A : Type (i+1) as well, iirc
[Sun Jan 17 22:44:44 2016] <Cale> (but not the other way around)
[Sun Jan 17 22:44:47 2016] <lingxiao> right irc as well
[Sun Jan 17 22:45:02 2016] <lingxiao> from a model theory class that I promptly forgot
[Sun Jan 17 22:45:25 2016] <Cale> and yeah, there's this universe Prop at the bottom
[Sun Jan 17 22:45:41 2016] <Cale> which has some additional weird properties that the other universes don't share
[Sun Jan 17 22:45:55 2016] <lingxiao> oh so Prop is the lowest ? Prop < Set < Type < Type + 1 < ...
[Sun Jan 17 22:46:10 2016] <Cale> in particular, you might notice that you can write things like  (forall (P : Prop), P -> P) : Prop
[Sun Jan 17 22:47:31 2016] <Cale> Whereas if you tried to write this type (and displayed universe levels), replacing Prop with Set or Type, then you'd see that it lives in a higher universe
[Sun Jan 17 22:48:01 2016] <Cale> Prop is sort of weird in that you're allowed to quantify over propositions and just have simple propositions in the same universe, and not a higher one
[Sun Jan 17 22:48:17 2016] <lingxiao> so the key here is the forall right?
[Sun Jan 17 22:49:12 2016] <lingxiao> with out it, if we just had (S : Set, S -> S) : Set
[Sun Jan 17 22:49:19 2016] <lingxiao> that would be ok
[Sun Jan 17 22:49:38 2016] <Cale> uh
[Sun Jan 17 22:49:47 2016] <Cale> S won't be in scope in the second part of that pair
[Sun Jan 17 22:49:52 2016] <Cale> Did you mean a dependent pair?
[Sun Jan 17 22:51:44 2016] <lingxiao> er nvm haha
[Sun Jan 17 22:51:59 2016] <lingxiao> wait so here [ (forall (x : bool), f x = x) -> ...]
[Sun Jan 17 22:52:22 2016] <lingxiao> I see dont see why f x = x is a type?
[Sun Jan 17 22:52:36 2016] <Cale> Well, it's actually a Prop
[Sun Jan 17 22:52:42 2016] <Cale> but Props are a kind of type :)
[Sun Jan 17 22:53:07 2016] <Cale> But yeah, it had better be a type of some sort, because it's the body of a forall
[Sun Jan 17 22:53:16 2016] <Cale> forall (x : A), B x
[Sun Jan 17 22:53:19 2016] <Cale> is the type of functions
[Sun Jan 17 22:53:25 2016] <Cale> which given some x of type A
[Sun Jan 17 22:53:30 2016] <Cale> produce a result of type B x
[Sun Jan 17 22:54:22 2016] <lingxiao> is somethine like this expressible in haskells' tyepsystem?
[Sun Jan 17 22:54:27 2016] <lingxiao> if so how would it be expressed?
[Sun Jan 17 22:54:27 2016] <Cale> no
[Sun Jan 17 22:54:32 2016] <lingxiao> oh ok haha
[Sun Jan 17 22:54:38 2016] <Cale> This is exactly what Haskell's type system is missing
[Sun Jan 17 22:54:49 2016] <lingxiao> what is this called?
[Sun Jan 17 22:54:55 2016] <lingxiao> this thing that's missing
[Sun Jan 17 22:55:00 2016] <Cale> In Haskell, you can quantify over types
[Sun Jan 17 22:55:19 2016] <Cale> These are called Pi-types, it's often written Pi (x : A), B x  instead
[Sun Jan 17 22:55:36 2016] <Cale> (often with a big capital Greek letter Pi)
[Sun Jan 17 22:55:45 2016] <Cale> (and the x : A just goes underneath)
[Sun Jan 17 22:56:00 2016] <Cale> Or dependent function types
[Sun Jan 17 22:56:03 2016] <Cale> is another term
[Sun Jan 17 22:56:14 2016] <Cale> the type of the result of the function depends on the value of its argument
[Sun Jan 17 22:56:47 2016] <lingxiao> so forall here translates to Pi?
[Sun Jan 17 22:56:52 2016] <Cale> yeah
[Sun Jan 17 22:56:54 2016] <lingxiao> as in multicpliaction?
[Sun Jan 17 22:57:03 2016] <Cale> I mean, it's suggestive of that
[Sun Jan 17 22:57:05 2016] <lingxiao> which is a product? why is not a sum
[Sun Jan 17 22:57:17 2016] <lingxiao> theres also Sigma (x :A) B x right?
[Sun Jan 17 22:57:24 2016] <Cale> Because it's like you're taking the Cartesian product of the types B x for each x
[Sun Jan 17 22:57:41 2016] <Cale> (a giant Cartesian product)
[Sun Jan 17 22:57:54 2016] <lingxiao> so we have B x1  * B x2 * ...
[Sun Jan 17 22:57:56 2016] <Cale> and applying the function picks out the appropriate component, indexed by the value of type A
[Sun Jan 17 22:58:00 2016] <Cale> yeah
[Sun Jan 17 22:58:08 2016] <Cale> and yeah, there's also Sigma types
[Sun Jan 17 22:58:12 2016] <lingxiao> what function? the depnendent typed function
[Sun Jan 17 22:58:15 2016] <Cale> Sigma (x:A), B x
[Sun Jan 17 22:58:27 2016] <Cale> is the type of pairs whose first component is some x of type A
[Sun Jan 17 22:58:33 2016] <Cale> and whose second component is of type B x
[Sun Jan 17 22:58:57 2016] <lingxiao> why is it a pair? and not like (_, _, _, ... )?
[Sun Jan 17 22:59:40 2016] <Cale> Well, the idea is that we're taking a disjoint union of the types B x over all x
[Sun Jan 17 23:00:04 2016] <Cale> and so you say which component of the disjoint union you're in, and then you say which element of that component
[Sun Jan 17 23:00:14 2016] <Cale> Or thinking logically
[Sun Jan 17 23:00:18 2016] <Cale> Pi (x:A), B x
[Sun Jan 17 23:00:29 2016] <Cale> says "for all x of type A, we have B x"
[Sun Jan 17 23:00:41 2016] <Cale> So this is a function which given x of type A, will provide a proof of B x
[Sun Jan 17 23:00:55 2016] <Cale> That is, that's what a term of this type denotes
[Sun Jan 17 23:01:06 2016] <Cale> while
[Sun Jan 17 23:01:11 2016] <Cale> Sigma (x:A), B x
[Sun Jan 17 23:01:21 2016] <Cale> says "there exists an x of type A, such that B x"
[Sun Jan 17 23:01:38 2016] <Cale> so a proof of this is a pair consisting of the witness x, together with a proof that B x
[Sun Jan 17 23:02:00 2016] <lingxiao> ahh ok great that really clears it up
[Sun Jan 17 23:02:30 2016] <lingxiao> so when we see doubly nested forall
[Sun Jan 17 23:03:01 2016] <Cale> So, going back to your example...
[Sun Jan 17 23:03:04 2016] <lingxiao> forall f : A (forall x : B, f x = x)
[Sun Jan 17 23:03:15 2016] <lingxiao> that trnaslates to  a nested product right?
[Sun Jan 17 23:03:45 2016] <Cale> yeah, or you can think of it as a function of two arguments
[Sun Jan 17 23:04:01 2016] <Cale> it's going to take some f of type A
[Sun Jan 17 23:04:02 2016] <lingxiao> what's the function and what are the args?
[Sun Jan 17 23:04:03 2016] <Cale> and an x of type B
[Sun Jan 17 23:04:09 2016] <Cale> and produce some result of type f x = x
[Sun Jan 17 23:04:35 2016] <lingxiao> ohh that's what you meant a long while back haha
[Sun Jan 17 23:04:48 2016] <lingxiao> ok see it was all syntax to me
[Sun Jan 17 23:05:14 2016] <Cale> forall (f : bool -> bool), (forall (x : bool), f x = x) -> forall (b : bool), f (f b) = b.
[Sun Jan 17 23:05:18 2016] <Cale> We had this type
[Sun Jan 17 23:05:25 2016] <Cale> So a function of this type
[Sun Jan 17 23:05:33 2016] <Cale> takes an argument f of type bool -> bool
[Sun Jan 17 23:05:44 2016] <Cale> and produces a function
[Sun Jan 17 23:06:07 2016] <Cale> which takes a function which accepts an argument x of type bool, and produces a result of type f x = x
[Sun Jan 17 23:06:31 2016] <Cale> and produces a function which accepts an argument b of type bool, and produces a result of type f (f b) = b.
[Sun Jan 17 23:06:59 2016] <Cale> I chose to name that function argument "P"
[Sun Jan 17 23:07:22 2016] <Cale> i.e. we could also write this using more foralls, without the ->
[Sun Jan 17 23:07:46 2016] <Cale> forall (f : bool -> bool), forall (P : forall (x : bool), f x = x), forall (b : bool), f (f b) = b.
[Sun Jan 17 23:07:58 2016] <Cale> A -> B
[Sun Jan 17 23:08:02 2016] <Cale> is the same thing as
[Sun Jan 17 23:08:06 2016] <Cale> forall (x:A), B
[Sun Jan 17 23:08:15 2016] <Cale> where B doesn't depend on x
[Sun Jan 17 23:09:38 2016] <Cale> We can also give the arguments to the theorem directly when we're defining it, which means about the same thing:
[Sun Jan 17 23:09:44 2016] <Cale> Theorem identity_fn_applied_twice (f : bool -> bool) (P : forall x : bool, f x = x) (b : bool) : f (f b) = b.
[Sun Jan 17 23:09:51 2016] <lingxiao> is that why A -> B  is the same as A^B ?
[Sun Jan 17 23:10:05 2016] <Cale> B^A you mean
[Sun Jan 17 23:10:10 2016] <lingxiao> ops yeah
[Sun Jan 17 23:10:24 2016] <Cale> and I guess you can kind of think of it like that, with respect to why we use the notation
[Sun Jan 17 23:10:30 2016] <Cale> I wouldn't say it's the reason why
[Sun Jan 17 23:12:00 2016] <Cale> A more straightforward reason why we'd use the notation is that if A is a finite set with n elements, and B is a finite set with m elements, then B^A, the set of functions A -> B, has m^n elements.
[Sun Jan 17 23:12:58 2016] <Cale> The reason why A -> B "is" B^A sounds like a philosophical one -- you probably have to provide a bunch more context about what you mean in order to really answer the question.
[Sun Jan 17 23:13:24 2016] <lingxiao> oh ok I'll veer away from that for now haha :D
[Sun Jan 17 23:14:14 2016] <Cale> So let's try to prove this. The easiest way is to use the rewrite tactic.
[Sun Jan 17 23:14:22 2016] <lingxiao> yes finally haha!
[Sun Jan 17 23:15:17 2016] <Cale> Theorem identity_fn_applied_twice : forall (f : bool -> bool), (forall (x : bool), f x = x) -> forall (b : bool), f (f b) = b. -- let's preserve your original version
[Sun Jan 17 23:15:33 2016] <Cale>   intros f P b.
[Sun Jan 17 23:15:42 2016] <Cale> and you should see in the context:
[Sun Jan 17 23:15:47 2016] <Cale> f : bool -> bool
[Sun Jan 17 23:15:47 2016] <Cale> P : forall x : bool, @eq bool (f x) x
[Sun Jan 17 23:15:47 2016] <Cale> b : bool
[Sun Jan 17 23:15:57 2016] <Cale> oh, let me turn back on the notations :)
[Sun Jan 17 23:16:05 2016] <Cale> f : bool -> bool
[Sun Jan 17 23:16:05 2016] <Cale> P : forall x : bool, f x = x
[Sun Jan 17 23:16:05 2016] <Cale> b : bool
[Sun Jan 17 23:16:12 2016] <lingxiao> yup i see that
[Sun Jan 17 23:16:34 2016] <Cale> so, we can apply P to b, and we'll have P b : f b = b
[Sun Jan 17 23:16:56 2016] <Cale> yeah?
[Sun Jan 17 23:17:01 2016] <lingxiao> yup that makese sense
[Sun Jan 17 23:17:48 2016] <Cale> and if we apply the rewrite tactic to that, it will go looking for an occurrence of f b in our goal, and use an operation to substitute across the equality, replacing that with b
[Sun Jan 17 23:17:57 2016] <Cale>   rewrite (P b).
[Sun Jan 17 23:18:03 2016] <Cale> and our goal becomes f b = b
[Sun Jan 17 23:18:26 2016] <Cale> Well, we certainly know how to prove that!
[Sun Jan 17 23:18:34 2016] <Cale>   exact (P b).
[Sun Jan 17 23:18:37 2016] <Cale> and we're done
[Sun Jan 17 23:18:46 2016] <Cale> or, you can choose to rewrite (P b). again
[Sun Jan 17 23:18:55 2016] <Cale> and that'll get you the goal  b = b
[Sun Jan 17 23:19:09 2016] <Cale> and you can use reflexivity to handle that
[Sun Jan 17 23:19:35 2016] <lingxiao> ahh ok i got
[Sun Jan 17 23:19:49 2016] <lingxiao> however ... when i say rewrite (P b)  on [f (f b) = b]
[Sun Jan 17 23:19:53 2016] <lingxiao> what is happening here?
[Sun Jan 17 23:20:06 2016] <lingxiao> the inner (f b) is being reduced right?
[Sun Jan 17 23:20:23 2016] <lingxiao> but what is happening "behind the scenes"
[Sun Jan 17 23:21:18 2016] <Cale> okay, so we can see what's taking place by finishing up our proof using  Defined.
[Sun Jan 17 23:21:28 2016] <Cale> and then  Print identity_fn_applied_twice.
[Sun Jan 17 23:21:41 2016] <Cale> and it will print the code which was generated
[Sun Jan 17 23:22:09 2016] <Cale> identity_fn_applied_twice =
[Sun Jan 17 23:22:09 2016] <Cale> fun (f : bool -> bool) (P : forall x : bool, f x = x) (b : bool) =>
[Sun Jan 17 23:22:09 2016] <Cale> eq_ind_r (fun b0 : bool => f b0 = b) (P b) (P b)
[Sun Jan 17 23:22:09 2016] <Cale>      : forall f : bool -> bool,
[Sun Jan 17 23:22:09 2016] <Cale>        (forall x : bool, f x = x) -> forall b : bool, f (f b) = b
[Sun Jan 17 23:22:25 2016] <lingxiao> woa that's cool
[Sun Jan 17 23:22:27 2016] <Cale> So it's using this thing  eq_ind_r
[Sun Jan 17 23:22:55 2016] <lingxiao> yeah what's ind stand for?
[Sun Jan 17 23:22:59 2016] <Cale> induction
[Sun Jan 17 23:23:06 2016] <lingxiao> oh and r? right?
[Sun Jan 17 23:23:16 2016] <Cale> yeah, it's a specialisation of eq_ind
[Sun Jan 17 23:23:30 2016] <lingxiao> what's fun? function?
[Sun Jan 17 23:23:43 2016] <Cale> yeah, lambda basically
[Sun Jan 17 23:23:43 2016] <lingxiao> is it coq that's output?
[Sun Jan 17 23:23:47 2016] <Cale> yes
[Sun Jan 17 23:23:56 2016] <lingxiao> can i get it to output haskell for example?
[Sun Jan 17 23:24:18 2016] <Cale> Um... maybe not for this type...
[Sun Jan 17 23:24:49 2016] <lingxiao> hm but to prove forall n m : nat, n = m -> n + n = m + m
[Sun Jan 17 23:24:54 2016] <lingxiao> that's possible right?
[Sun Jan 17 23:25:01 2016] <Cale> yeah, that's possible
[Sun Jan 17 23:25:23 2016] <lingxiao> ah great
[Sun Jan 17 23:25:31 2016] <lingxiao> so looking at the printed output theres this fat arrow =>
[Sun Jan 17 23:25:46 2016] <Cale> yeah, it's  fun <args> => <body>
[Sun Jan 17 23:26:04 2016] <lingxiao> ah so what is being output?
[Sun Jan 17 23:26:08 2016] <lingxiao> a function?
[Sun Jan 17 23:26:11 2016] <Cale> In Haskell, fun is \
[Sun Jan 17 23:26:14 2016] <Cale> and => is ->
[Sun Jan 17 23:26:20 2016] <lingxiao> ah ok that makese sense
[Sun Jan 17 23:26:29 2016] <lingxiao> so to prove this proposition which is a type
[Sun Jan 17 23:26:36 2016] <lingxiao> we show it's inhanbited by this function?
[Sun Jan 17 23:26:40 2016] <Cale> yeah
[Sun Jan 17 23:26:42 2016] <lingxiao> and that's what's being output ..
[Sun Jan 17 23:26:45 2016] <lingxiao> i see cool
[Sun Jan 17 23:27:13 2016] <Cale> and the tactic language is just a baroque syntax for constructing terms in this lambda calculus
[Sun Jan 17 23:27:38 2016] <Cale> (one which can do fun things like searching through the context or goal for certain bits and making the code it generates depend on that)
[Sun Jan 17 23:27:49 2016] <lingxiao> ohhh that's cool
[Sun Jan 17 23:28:39 2016] <Cale> 'intros' basically makes a lambda :)
[Sun Jan 17 23:28:50 2016] <lingxiao> oh that makese sense
[Sun Jan 17 23:28:54 2016] <Cale> and fills the body of the lambda with whatever the rest of the proof constructs
[Sun Jan 17 23:29:12 2016] <lingxiao> what about rewrite? is it like function application?
[Sun Jan 17 23:29:18 2016] <Cale> rewrite does something more fancy
[Sun Jan 17 23:29:31 2016] <Cale> I couldn't really tell you what it does in very precise terms...
[Sun Jan 17 23:29:51 2016] <lingxiao> oh haha it's all good
[Sun Jan 17 23:29:55 2016] <lingxiao> i'm learning a ton as is
[Sun Jan 17 23:29:59 2016] <Cale> But more or less, it uses this equality induction function (or one of its friends)
[Sun Jan 17 23:30:27 2016] <lingxiao> man this stuff is pretty wild
[Sun Jan 17 23:30:27 2016] <Cale> I know how to use eq_ind, and I know how to use rewrite, but I'd have to think hard about how to write rewrite itself :)
[Sun Jan 17 23:30:41 2016] <lingxiao> lol yeah guess lots of people did
[Sun Jan 17 23:31:24 2016] <Cale> It has to go structurally digging through the goal recursively, and find an occurrence of the left hand side of the equality
[Sun Jan 17 23:32:09 2016] <Cale> and then supply a function to eq_ind (or one of its variants, based on some stuff...) based on that
[Sun Jan 17 23:33:16 2016] <Cale> yeah, if you look here:
[Sun Jan 17 23:33:21 2016] <Cale> eq_ind_r (fun b0 : bool => f b0 = b) (P b) (P b)
[Sun Jan 17 23:33:39 2016] <lingxiao> yup i see it
[Sun Jan 17 23:33:41 2016] <Cale> the function it's passing expresses that we're replacing the "b0" part
[Sun Jan 17 23:33:53 2016] <Cale> b0 will be the lhs of the equality
[Sun Jan 17 23:34:01 2016] <johnw> Cale: how much do you use Coq?
[Sun Jan 17 23:34:06 2016] <Cale> johnw: Only a little
[Sun Jan 17 23:34:20 2016] <Cale> johnw: I did a bunch of HoTT related stuff in it which I didn't really distribute
[Sun Jan 17 23:34:26 2016] <johnw> ah, ok
[Sun Jan 17 23:34:47 2016] <Cale> johnw: I woke up one morning and realised that I already knew how to program in Coq
[Sun Jan 17 23:34:53 2016] <Cale> and I have no idea how it happened
[Sun Jan 17 23:35:01 2016] <lingxiao> not (story of my life)
[Sun Jan 17 23:35:24 2016] <Cale> lingxiao: I think if you hang around in functional programming circles for a decade and read papers and stuff
[Sun Jan 17 23:35:43 2016] <Cale> eventually even if you haven't seen much Coq before, it sort of makes sense
[Sun Jan 17 23:35:56 2016] <lingxiao> lol yes maybe im on the path who knows hah
[Sun Jan 17 23:36:18 2016] <johnw> lingxiao: did you finally finish this proof?
[Sun Jan 17 23:36:26 2016] <lingxiao> yup it ended up being really short
[Sun Jan 17 23:36:45 2016] <lingxiao> but  really theres a lot going on both from  the semantics perspective
[Sun Jan 17 23:37:02 2016] <johnw> I had: intros; rewrite (H (f b)); apply H.
[Sun Jan 17 23:37:07 2016] <lingxiao> and just peripheral stuff having to do with coq that i'm still trying to appreicatate
[Sun Jan 17 23:37:21 2016] <lingxiao> oh havn't learn apply yet
[Sun Jan 17 23:37:31 2016] <johnw> apply is one of the most fundamental ones
[Sun Jan 17 23:37:37 2016] <Cale> johnw: We had   intros f P b. rewrite (P b). exact (P b).
[Sun Jan 17 23:37:42 2016] <johnw> it's function application, hence the name
[Sun Jan 17 23:37:56 2016] <lingxiao> oh that would be very useful haha
[Sun Jan 17 23:37:57 2016] <johnw> so P -> Q can turn a P into a Q, or in the goal, go from needing a Q to needing a P
[Sun Jan 17 23:38:07 2016] <Cale> Yeah, apply is a little more magical than exact
[Sun Jan 17 23:38:19 2016] <Cale> It can go looking for what to apply your hypothesis to :)
[Sun Jan 17 23:38:38 2016] <johnw> oh, intros; rewrite (H b); apply H. works too, thanks
[Sun Jan 17 23:39:12 2016] <johnw> or just s/apply H/auto
[Sun Jan 17 23:39:26 2016] <Cale> Yeah, auto is the next level of magic
[Sun Jan 17 23:42:21 2016] <lingxiao> opse
[Sun Jan 17 23:43:19 2016] <lingxiao> haha will stay away from auto for now then
[Sun Jan 17 23:43:38 2016] <johnw> think of "auto" as "do the obvious stuff"
[Sun Jan 17 23:43:41 2016] <johnw> it can never hurt
[Sun Jan 17 23:43:45 2016] <Cale> Another fun thing we could do is to use repeat:   repeat (rewrite (P b)).   will apply the rewrite (P b) tactic until it fails.
[Sun Jan 17 23:44:11 2016] <Cale> Which will get you straight to b = b
[Sun Jan 17 23:44:15 2016] <lingxiao> ooo that's fun
[Sun Jan 17 23:44:31 2016] <Cale> (silly in this case, but if there were more occurrences of f, maybe we'd be happy with this)
[Sun Jan 17 23:45:15 2016] <Cale> Some tactics will produce multiple goals, and sometimes you'll want to do a similar thing at the start of solving each goal
[Sun Jan 17 23:45:19 2016] <lingxiao> yeah I'll keep that in mind
[Sun Jan 17 23:45:23 2016] <lingxiao> ther's a lot of tactices
[Sun Jan 17 23:45:25 2016] <Cale> For that, using ; is useful
[Sun Jan 17 23:45:32 2016] <Cale> t1 ; t2
[Sun Jan 17 23:45:41 2016] <johnw> although there's a lot of tactics, there aren't really a lot of tactics
[Sun Jan 17 23:45:43 2016] <Cale> will apply the tactic t2 to each of the goals generated by t1
[Sun Jan 17 23:45:46 2016] <johnw> it just looks and feels that way
[Sun Jan 17 23:46:06 2016] <johnw> almost always you're doing introduction, elimination, and reasoning using equalities, in some form or another
[Sun Jan 17 23:46:21 2016] <Cale> You can get by with a tiny subset of the available tactics
[Sun Jan 17 23:46:25 2016] <johnw> (oh, and function application)
[Sun Jan 17 23:46:46 2016] <johnw> yeah, the ssreflect library has just 4 core tactics
[Sun Jan 17 23:46:50 2016] <Cale> and some books that teach Coq do this and choose a pretty awkward subset :D
[Sun Jan 17 23:47:08 2016] <Cypi> "refine" and that's it? :D
[Sun Jan 17 23:47:32 2016] <lingxiao> ok so ; is a tactice as well?
[Sun Jan 17 23:47:36 2016] <lingxiao> just sugared?
[Sun Jan 17 23:47:44 2016] <lingxiao> or it's more like control flow ...
[Sun Jan 17 23:47:48 2016] <johnw> ; composes tactics
[Sun Jan 17 23:47:54 2016] <lingxiao> oh ok make sense
[Sun Jan 17 23:47:58 2016] <Cypi> It's what is called a tactical: so a "tactic" which acts on tactics
[Sun Jan 17 23:47:58 2016] <johnw> a ; b says "do a, then apply b to all goals it generates"
[Sun Jan 17 23:47:59 2016] <Cale> Yeah, it's part of the tactic language
[Sun Jan 17 23:48:10 2016] <lingxiao> hm ok great thanks!@
[Sun Jan 17 23:48:44 2016] <johnw> a ; [ b | c ] is another tactical: "do a, then apply b to its first sub-goal, and c to its second".
[Sun Jan 17 23:49:06 2016] <johnw> although that one is much more often seen in scripts
[Sun Jan 17 23:49:16 2016] <lingxiao> whats scripts
[Sun Jan 17 23:49:26 2016] <johnw> another time :)
[Sun Jan 17 23:49:35 2016] <lingxiao> oh haha yeah theres'  alot to larn
[Sun Jan 17 23:49:37 2016] <lingxiao> learn*
[Sun Jan 17 23:49:52 2016] <johnw> scripts let you write your own tactics
[Sun Jan 17 23:49:59 2016] <johnw> by combining other ones
[Sun Jan 17 23:50:02 2016] <Cale> a || b  will try to apply a, and if it fails to make progress using that, it will then try b
[Sun Jan 17 23:50:11 2016] <johnw> writing a truly new tactic requires rewriting a plugin with ocaml
[Sun Jan 17 23:50:19 2016] <lingxiao> like or
[Sun Jan 17 23:50:42 2016] <Cale> which is sometimes nice on the right side of ; when you have a bunch of goals that you're applying the tactic to
[Sun Jan 17 23:50:57 2016] <johnw> Cale: wow, I totally forgot about ||
[Sun Jan 17 23:50:59 2016] <Cale> and they're all solved by one or the other
[Sun Jan 17 23:51:07 2016] <johnw> I always use first, even with two tactics
[Sun Jan 17 23:53:23 2016] <Cale> It would be kind of cool if there were a way to see the generated proof terms as you wrote the script, and have your current goal also highlighted as a hole in the proof term
[Sun Jan 17 23:53:59 2016] <Cale> But I suppose it's not terribly straightforward all the time
[Sun Jan 17 23:54:14 2016] <johnw> Cale: funny you should ask... :)
[Sun Jan 17 23:54:17 2016] <Cypi> Hmm. Why wouldn't it be actually?
[Sun Jan 17 23:54:29 2016] <johnw> Clémente has a prototype of exactly that working in company-coq
[Sun Jan 17 23:54:43 2016] <johnw> and you described its operation to a T
[Sun Jan 17 23:55:38 2016] <Cypi> Would that be very different of outputting what [Show Proof] gives, plus highlighted the currently focused goal as a hole?
[Sun Jan 17 23:55:45 2016] <Cypi> hilighting*
[Sun Jan 17 23:55:58 2016] <lingxiao> ok thanks Cale for all your help!
[Sun Jan 17 23:56:00 2016] <Cypi> highlighting*. Gah.
[Sun Jan 17 23:56:07 2016] <lingxiao> I will prob be back fro more in the coming weeks :)
[Sun Jan 17 23:56:11 2016] <lingxiao> and you too johnw!
[Sun Jan 17 23:56:14 2016] <lingxiao> night gusy!
[Sun Jan 17 23:56:28 2016] <johnw> Cale: https://asciinema.org/a/bb3fxq5k9cdekaxnb07owf4gn
[Sun Jan 17 23:56:35 2016] <johnw> ^-- Clémente's demo
[Sun Jan 17 23:56:44 2016] <Cale> Cypi: Well, maybe it is straightforward after all, but I can imagine that there would be some cases where the goal didn't necessarily correspond to a single place in the syntax tree... maybe that doesn't come up
[Sun Jan 17 23:57:00 2016] <johnw> it's showing the extraction
[Sun Jan 17 23:57:06 2016] <johnw> not the proof term
[Sun Jan 17 23:57:15 2016] <johnw> but I wonder if he's thought of it yet
[Sun Jan 17 23:57:57 2016] <Cale> But yeah, that's pretty close to what I was envisioning :)
[Mon Jan 18 00:14:24 2016] <johnw> jgross_: how do I use a splitter ADT as if it were a parser?
[Mon Jan 18 00:14:42 2016] <johnw> ah, that's what your e-mail was about :)
[Mon Jan 18 00:15:14 2016] <jgross_> johnw: Yep :)  There's a `make_parser` tactic, though, which you can use for now. 
[Mon Jan 18 00:15:23 2016] <johnw> within my composing spec?
[Mon Jan 18 00:15:30 2016] <johnw> and I'm on a different branch now
[Mon Jan 18 00:15:54 2016] <jgross_> Well, actually, my email was asking for the example from even earlier, before you have the splitter adt in hand. 
[Mon Jan 18 00:16:09 2016] <johnw> oh, with just the grammar
[Mon Jan 18 00:16:14 2016] <johnw> that's even better, actually
[Mon Jan 18 00:18:02 2016] <jgross_> `make_parser` takes an argument which is a splitter, and solves a goal of type string -> bool.	You can look at it's implementation to see what it does to extract the relevant bit, the basic idea is that there's a function of type Splitter -> Parser, and it uses this function, and then does a bunch of reductions so that the extracted code runs fast. 
[Mon Jan 18 00:18:43 2016] <johnw> jgross_: Do you have an example of writing a recursive evaluator for a parse tree?
[Mon Jan 18 00:19:00 2016] <johnw> I'm trying to write a spec in terms of a grammar; or should I write it in terms of the splitter?
[Mon Jan 18 00:19:03 2016] <johnw> I guess the latter makes sense
[Mon Jan 18 00:19:11 2016] <johnw> no reason I need to refine these in combination
[Mon Jan 18 00:25:02 2016] <jgross_> Write the spec in terms of the grammar. 
[Mon Jan 18 00:25:10 2016] <johnw> ok
[Mon Jan 18 00:26:16 2016] <jgross_> You can write it in terms of the splitter if you need to do fine-grained work on either the splitter or the parser (i.e., if you're writing code to add to the parser library).  But if your goal is just "I need to parse this string", then you shouldn't need to know that splitters exist. 
[Mon Jan 18 00:26:30 2016] <johnw> excellent, that's what I had hoped
[Mon Jan 18 01:35:58 2016] <johnw> jgross_: ping
[Mon Jan 18 02:03:18 2016] <jgross_> johnw: pong 
[Mon Jan 18 02:04:21 2016] <johnw> jgross_: oh hey, thought you went to sleep
[Mon Jan 18 02:04:28 2016] <johnw> jgross_: sent you mail via the ML
[Mon Jan 18 02:11:29 2016] <jgross_> I saw; I'm responding to it now (sleeping soon) 
[Mon Jan 18 04:59:04 2016] <rrika> does it make sense to use an axiom that says (exist A B X = exist A B Y)?
[Mon Jan 18 04:59:18 2016] <rrika> is there such a thing in the standard library?
[Mon Jan 18 05:02:01 2016] <rrika> Or rather
[Mon Jan 18 05:02:12 2016] <rrika> exist A B X = exist A C Y → B =C
[Mon Jan 18 05:27:10 2016] <sgnb> rrika: "exist A B X = exist A C Y" is usually not well typed
[Mon Jan 18 05:27:30 2016] <sgnb> rrika: could you be more explicit on the types of A, B, X, C, Y?
[Mon Jan 18 05:28:31 2016] <rrika> exist (fun x : nat => evenb x = true) (double n) (doubles_are_even n) =
[Mon Jan 18 05:28:31 2016] <rrika> exist (fun x : nat => evenb x = true) (double m) (doubles_are_even m)
[Mon Jan 18 05:29:31 2016] <rrika> (Also, I made a mistake again, the direction "exist A B X = exist A C Y → B = C" is easy, the other direction is the one I'm asking about)
[Mon Jan 18 05:55:42 2016] <sgnb> rrika: use the "rewrite" tactic?
[Mon Jan 18 05:56:25 2016] <rrika> when I use rewrite on the goal I get an "ill typed expression"
[Mon Jan 18 05:56:44 2016] <rrika> when I use rewrite on "B" it fails because it's used in the goal
[Mon Jan 18 05:57:52 2016] <rrika> oh, I just shouldn't intro B and C before B=C
[Mon Jan 18 05:58:49 2016] <rrika> and then I do X = Y using proof irrelevance
[Mon Jan 18 06:00:09 2016] <sgnb> rrika: it would help if you gave a self-contained example of what you're trying to achieve on e.g. paste.debian.net
[Mon Jan 18 06:00:15 2016] <sgnb> rrika: as in https://paste.debian.net/366421/
[Mon Jan 18 06:16:01 2016] <noob0> toc toc mutual recursion definition: start in product type or start separate? then how does it affect unfolding later.
[Mon Jan 18 06:16:26 2016] <noob0> jrw: ping
[Mon Jan 18 06:17:19 2016] <rrika> sgnb: will try next time. what you posted is how I resolved it now.
[Mon Jan 18 06:18:17 2016] <rrika> (what I didn't notice was that while rewriting it for IRC I brought it into a more easily provable form DX)
[Mon Jan 18 14:22:58 2016] <johnw> hello Coq fans
[Mon Jan 18 22:26:26 2016] <noob0> jrw: ping
[Mon Jan 18 22:27:11 2016] <noob0> has the bug about auto's apply not traversing conjunction, but manual apply do traverse conjunction?
[Tue Jan 19 02:30:03 2016] <johnw> is there a difference between Hint Resolve foo and Hint Extern 1 => apply  foo?
[Tue Jan 19 02:39:12 2016] <johnw> ugh, "Error: Conversion test raised an anomaly"
[Tue Jan 19 02:40:04 2016] <johnw> Related to universe polymorphism it would appear
[Tue Jan 19 03:29:59 2016] <rrika> I'm stuck at SF chapter "MoreCoq" at "combine_split".
[Tue Jan 19 03:30:12 2016] <rrika> I think it has to do with the body of "split" being missing.
[Tue Jan 19 03:30:33 2016] <rrika> At least when I do "Print split" before the theorem it shows me ":= admit"
[Tue Jan 19 06:12:18 2016] <dredozubov> Hi!
[Tue Jan 19 06:12:30 2016] <dredozubov> I wonder if someone have some recommendation for learning coq.
[Tue Jan 19 06:12:59 2016] <dredozubov> i'm reading coq'art and i really like it, but at some point i felt like i still can't do anything :)
[Tue Jan 19 06:13:01 2016] <companion_cube> http://www.cis.upenn.edu/~bcpierce/sf/current/index.html is a good book, from the computer science side
[Tue Jan 19 06:13:11 2016] <companion_cube> (book as in exercises)
[Tue Jan 19 06:13:33 2016] <dredozubov> i went through the first chapter
[Tue Jan 19 06:13:36 2016] <dredozubov> it felt nice
[Tue Jan 19 06:13:50 2016] <dredozubov> do you think it's a good idea to learn it before coq'art?
[Tue Jan 19 06:15:22 2016] <dredozubov> i have a haskell background and what i really want to do is grasp dependent types and differences to compose a bigger picture of typed functional programming
[Tue Jan 19 06:17:53 2016] <rrika> I started with SF (six chapters in). It's doable.
[Tue Jan 19 06:21:03 2016] <dredozubov> http://www.amazon.com/Certified-Programming-Dependent-Types-Introduction/dp/0262026651/ref=sr_1_1?ie=UTF8&qid=1453202454&sr=8-1&keywords=certified+programming+with+dependent+types anyone read this?
[Tue Jan 19 06:22:27 2016] <companion_cube> http://adam.chlipala.net/cpdt/ this ? you can also use the html version
[Tue Jan 19 06:22:28 2016] <artart78> I heard it's nice but more advanced (I just checked a few parts I needed myself)
[Tue Jan 19 06:24:12 2016] <dredozubov> companion_cube: oh, cool
[Tue Jan 19 06:24:32 2016] <dredozubov> i'll probably buy the hardcover anyway, would like to see that on my shelf
[Tue Jan 19 06:24:44 2016] <dredozubov> i'm a little old-fashioned in this matter
[Tue Jan 19 06:25:24 2016] <dredozubov> also i'm interested if anyone tried to learn CT/abstract algebra concepts with coq?
[Tue Jan 19 06:25:27 2016] <rrika> dredozubov, when working through SF I found it really useful to have all the text and exercises in emacs, to work on them right when I read the accompanying text.
[Tue Jan 19 06:25:46 2016] <dredozubov> does it make sense to postpone learning math to have a background with coq?
[Tue Jan 19 06:26:08 2016] <dredozubov> rrika: i'm downloading it right now to have exactly that!
[Tue Jan 19 06:26:21 2016] <dredozubov> proof general looks pretty nice
[Tue Jan 19 06:29:56 2016] <rrika> I haven't tried coqtop, but I guess the interaction style would be similar.
[Tue Jan 19 06:30:28 2016] <dredozubov> afaik proof general uses coqtop under the hood. Is that right?
[Tue Jan 19 06:30:47 2016] <rks_> yes
[Tue Jan 19 06:30:51 2016] <rrika> One of the coq binaries runs in background.
[Tue Jan 19 06:31:29 2016] <dredozubov> btw is it possible to evaluate statements until line number or cursor in proof general?
[Tue Jan 19 06:31:46 2016] <dredozubov> i see the options to do it one by one and altogether
[Tue Jan 19 06:32:14 2016] <rrika> Ctrl+C Ctrl+Enter
[Tue Jan 19 06:32:57 2016] <dredozubov> oh, cool!
[Tue Jan 19 06:32:58 2016] <dredozubov> thanks
[Tue Jan 19 06:35:50 2016] <rrika> You might also find the "Electric Terminator" option useful. It will submit everything to coq everytime you type "."
[Tue Jan 19 06:35:56 2016] <rrika> Toggle with: Ctrl+C .
[Tue Jan 19 06:36:05 2016] <rrika> (not Ctrl+C Ctrl+.)
[Tue Jan 19 07:18:22 2016] <dredozubov> coq indentation rules in emacs seem broken
[Tue Jan 19 07:18:30 2016] <dredozubov> any ideas how to fix that?
[Tue Jan 19 10:48:02 2016] <dredozubov> is there any way ot print what auto tactic did during some step?
[Tue Jan 19 10:50:20 2016] <sgnb> dredozubov: "info auto"
[Tue Jan 19 10:51:30 2016] <RegEchse> is "info auto" repaired in 8.5?
[Tue Jan 19 10:51:37 2016] <sgnb> it does not work, but suggests replacements
[Tue Jan 19 10:51:37 2016] <RegEchse> it doesn't work in 8.4, iirc
[Tue Jan 19 10:51:42 2016] <sgnb> such as info_auto
[Tue Jan 19 10:51:45 2016] <dredozubov> Warning: The general "info" tactic is currently not working. There is an
[Tue Jan 19 10:51:45 2016] <dredozubov>  "Info" command to replace it.
[Tue Jan 19 10:51:45 2016] <dredozubov>  Some specific verbose tactics may also exist, such as info_eauto.
[Tue Jan 19 10:52:11 2016] <dredozubov> so, info_eauto then
[Tue Jan 19 10:52:28 2016] <dredozubov> i don't see any output though
[Tue Jan 19 10:52:38 2016] <dredozubov> info_eauto works just like auto
[Tue Jan 19 10:52:56 2016] <dredozubov> i'm using 8.4
[Tue Jan 19 10:53:26 2016] <sgnb> I'm using 8.4 and info_eauto seems to work as I expect
[Tue Jan 19 10:53:39 2016] <dredozubov> do you use proof general?
[Tue Jan 19 10:53:49 2016] <sgnb> oh, I was using coqide
[Tue Jan 19 10:54:04 2016] <dredozubov> :(
[Tue Jan 19 10:54:28 2016] <sgnb> I just checked; it works also in PG
[Tue Jan 19 10:54:35 2016] <dredozubov> is it possible that i should enable something else for it to work?
[Tue Jan 19 10:55:03 2016] <dredozubov> where should info output appear?
[Tue Jan 19 10:56:10 2016] <sgnb> buffer *response*
[Tue Jan 19 10:57:28 2016] <Cypi> RegEchse : the replacement, which is kind of working at the moment, is "Info n auto" where n is some depth level (for instance 1)
[Tue Jan 19 10:57:41 2016] <Cypi> Oh sorry, it was answered.
[Tue Jan 19 10:57:49 2016] <dredozubov> sgnb: it's empty :(
[Tue Jan 19 10:58:11 2016] <dredozubov> sgnb: have you tried it with coq 8.4?
[Tue Jan 19 11:01:04 2016] <sgnb> dredozubov: I'm using coq 8.4pl4
[Tue Jan 19 11:01:52 2016] <dredozubov> weird
[Tue Jan 19 11:02:00 2016] <dredozubov> 8.4pl5 here
[Tue Jan 19 11:02:25 2016] <sgnb> maybe it works only on the trivial case I'm testing
[Tue Jan 19 11:03:19 2016] <dredozubov> Info n auto works silently too.
[Tue Jan 19 11:03:36 2016] <dredozubov> maybe it's misconfigured somehow, i don't have a clue
[Tue Jan 19 11:16:42 2016] <jrw> smerdyakow: pong?
[Tue Jan 19 11:19:15 2016] <smerdyakow> pong hehe
[Tue Jan 19 11:19:15 2016] <smerdyakow> has the bug about auto's apply not traversing conjunction, but manual apply do traverse conjunction?
[Tue Jan 19 11:19:35 2016] <jrw> yes that is a known issue
[Tue Jan 19 11:19:49 2016] <jrw> it's not a bug in the sense that I don't think there are any plans to change the behavior
[Tue Jan 19 11:20:18 2016] <jrw> the problem is that auto is traversing potentially large hint databases, so I guess it might be expensive to try traversing conjunctions for all of them
[Tue Jan 19 11:20:24 2016] <jrw> but with apply you only have a single option
[Tue Jan 19 14:27:40 2016] <tbelaire> Anyone set up spacemacs with proof general?
[Tue Jan 19 14:28:07 2016] <tbelaire> I might try it, instead of spending more time fixing up the vim plugin
[Tue Jan 19 15:14:27 2016] <jrw> tbelaire: you can also check out epdtry's plugin for neovim https://github.com/epdtry/neovim-coq
[Tue Jan 19 15:15:11 2016] <tbelaire> Interesting
[Tue Jan 19 15:16:40 2016] <tbelaire> ooh, uses async and await python features
[Tue Jan 19 15:16:52 2016] <tbelaire> I wonder if they have non-blocking mode
[Tue Jan 19 15:22:03 2016] <tbelaire> aahah, that fakeroot.  That's clever. https://github.com/epdtry/neovim-coq/blob/master/xmlutil.py#L12
[Tue Jan 19 15:22:38 2016] <tbelaire> Coq really should have a slightly different design so that isn't necessary.
[Tue Jan 19 15:22:50 2016] <tbelaire> But that is one way to handle it
[Tue Jan 19 15:22:52 2016] <johnw> tbelaire: um, patches welcome? :)
[Tue Jan 19 15:23:44 2016] <tbelaire> I don't want to touch the protocal, since that would require fixing the CoqIDE and Emacs pluginsa nd everyone else who has plugins's code
[Tue Jan 19 15:24:01 2016] <tbelaire> it's unfortunate, but I don't think it's better to fix it now
[Tue Jan 19 15:24:12 2016] <tbelaire> I did poke around there
[Tue Jan 19 15:24:54 2016] <tbelaire> What was really annoying was sending <msg></msg> <msg></msg> <value></value> as "one" response
[Tue Jan 19 15:25:18 2016] <tbelaire> It would have been nice if there was a wrapper element around that
[Tue Jan 19 15:25:45 2016] <tbelaire> so you can just stop pulling from the pipe once you get a full, balanced element.
[Tue Jan 19 15:26:19 2016] <rrika> I wish I could do "destruct" on a list, except I split off the last element.
[Tue Jan 19 15:26:32 2016] <rrika> (I'm doing the palindrome_reverse exercise)
[Tue Jan 19 15:26:43 2016] <tbelaire> rrika: I sometimes see that under the name "snoc"
[Tue Jan 19 15:26:47 2016] <tbelaire> cons backwards
[Tue Jan 19 15:26:59 2016] <tbelaire> if you're trying to search for something
[Tue Jan 19 15:27:09 2016] <rrika> yeah, I know about that.
[Tue Jan 19 15:27:13 2016] <rrika> just trying to express that in tactics
[Tue Jan 19 15:27:26 2016] <rrika> consider that either l = [] or l = (snoc l' x)
[Tue Jan 19 15:28:38 2016] <tbelaire> build a new induction principle?
[Tue Jan 19 15:29:32 2016] <rrika> I did "apply f_equal with (f:=rev) in H." and it looks promising-
[Tue Jan 19 15:29:45 2016] <rrika> (where H was something involving l)
[Tue Jan 19 15:29:55 2016] <tbelaire> cool
[Tue Jan 19 16:07:44 2016] <johnw> jgross_: how do I use your bug minifier again?
[Tue Jan 19 16:09:27 2016] <rrika> I must be missing something obvious, how do I show that "ble_nat (S n) m = true →  ble_nat n m = true"
[Tue Jan 19 16:11:32 2016] <johnw> induction on n
[Tue Jan 19 16:13:05 2016] <rrika> I get no useful IH.
[Tue Jan 19 16:13:15 2016] <johnw> show me
[Tue Jan 19 16:13:29 2016] <johnw> also, did you first generalize m?
[Tue Jan 19 16:13:30 2016] <rrika> IHn: ble_nat (S n) m = true -> ble_nat n m = true
[Tue Jan 19 16:13:33 2016] <rrika> oh
[Tue Jan 19 16:13:35 2016] <rrika> right
[Tue Jan 19 16:19:54 2016] <johnw> i wonder if that proof is easier inducting on m too
[Tue Jan 19 16:20:02 2016] <johnw> not sure
[Tue Jan 19 16:23:22 2016] <rrika> I'm reaching 2 screen pages of length but I think my proof of palindrome_converse is finally reaching its conclusion.
[Tue Jan 19 19:31:21 2016] <jgross_> johnw: there should be an invocation in the readme 
[Tue Jan 19 20:19:50 2016] <johnw> If I have a parameter in a module (not a module type), how do I provide a definition for that parameter when I import the module?
[Tue Jan 19 23:50:15 2016] <lingxiao> anyone around?
[Tue Jan 19 23:51:19 2016] <jrw> lingxiao: people are always around :)
[Tue Jan 19 23:51:23 2016] <jrw> or reading the logs later
[Tue Jan 19 23:51:31 2016] <lingxiao> oh great thanks!
[Tue Jan 19 23:51:38 2016] <lingxiao> I'd like a little help navigating this proof
[Tue Jan 19 23:52:04 2016] <lingxiao> I can't seem to express my logic using just intros and destruct
[Tue Jan 19 23:52:10 2016] <lingxiao> maybe rewrite
[Tue Jan 19 23:52:36 2016] <lingxiao> and reflexivity
[Tue Jan 19 23:52:52 2016] <lingxiao> forall b c : bool, b && c = true -> c = true
[Tue Jan 19 23:53:13 2016] <lingxiao> see b && c = true  iff  b = true
[Tue Jan 19 23:53:28 2016] <lingxiao> so then trivially   true && c = true  iff  c = true
[Tue Jan 19 23:53:42 2016] <lingxiao> but when I destruct b  I get both casese where b = true and b = false
[Tue Jan 19 23:53:49 2016] <lingxiao> I want to say the case where b = false cannot happen
[Tue Jan 19 23:54:08 2016] <lingxiao> and when i desttruct c i get c = true, which satisfies the conclusion
[Tue Jan 19 23:54:36 2016] <lingxiao> and c = false, which I want to say does not satisfy hypothesis
[Tue Jan 19 23:54:46 2016] <lingxiao> but i cant navigate this using the tactics given
[Tue Jan 19 23:58:07 2016] <jrw> lingxiao: do you know inversion yet?
[Tue Jan 19 23:58:15 2016] <lingxiao> nope but I'll use it!
[Tue Jan 19 23:58:45 2016] <lingxiao> i mean if i only used [rewrite, intros, destruct, reflexivity] is it possible to prove it?
[Tue Jan 19 23:58:53 2016] <jrw> lingxiao: if you have something like [H : false = true] in your context, you can do [inversion H] to get rid of the whole case
[Tue Jan 19 23:59:10 2016] <lingxiao> I'm very much at the clumsly finangle results using the language here
[Tue Jan 19 23:59:16 2016] <lingxiao> hmm let me tryy
[Wed Jan 20 00:00:25 2016] <lingxiao> I'll be damned
[Wed Jan 20 00:00:33 2016] <lingxiao> so what does inversion do?
[Wed Jan 20 00:01:11 2016] <lingxiao> what I ended up using
[Wed Jan 20 00:01:12 2016] <lingxiao> http://lpaste.net/150289
[Wed Jan 20 00:03:33 2016] <jrw> lingxiao: looks reasonable. without stepping through the proof, I'm just guessing that you can get rid of the second [destruct c] and just immediately do [inversion H]
[Wed Jan 20 00:04:24 2016] <jrw> lingxiao: how inversion in full generality is a bit complicated, but for now just think about it as saying if you have a hypothesis that is an equation between constructors of this type, it reasons "backwards" to figure out what must have been true to make that equality true
[Wed Jan 20 00:04:39 2016] <lingxiao> why does inversion H take a long time?
[Wed Jan 20 00:04:41 2016] <jrw> so in the case where you have *different* constructors equated, it just derives a contradiction for you immediately
[Wed Jan 20 00:04:46 2016] <lingxiao> hmm so its some higher level magic
[Wed Jan 20 00:05:04 2016] <jrw> when you have something like [H : S a = S b] then inversion would give you [H1 : a = b]
[Wed Jan 20 00:05:35 2016] <lingxiao> so inversion creates a new hypothesis by backward induction?
[Wed Jan 20 00:05:41 2016] <lingxiao> but only one steop
[Wed Jan 20 00:05:46 2016] <jrw> it reasons backwards one step
[Wed Jan 20 00:05:54 2016] <jrw> it may create 0, 1, or many hypotheses
[Wed Jan 20 00:06:06 2016] <jrw> for example with [false = true] it creates 0 because it just finishes right away
[Wed Jan 20 00:06:14 2016] <jrw> with [S a = S b] it makes one
[Wed Jan 20 00:06:44 2016] <jrw> and for lists with constructor cons, you could have [cons x xs = cons y ys], then inversion would give you two equations [x = y] and [xs = ys]
[Wed Jan 20 00:11:35 2016] <lingxiao> its so weird at first it worked
[Wed Jan 20 00:11:49 2016] <lingxiao> now it seems to be stuck in some infinte loop
[Wed Jan 20 00:13:51 2016] <lingxiao> yeah stuck on the part where true = false for c
[Wed Jan 20 00:14:31 2016] <jrw> lingxiao: that's weird, I've never seen inversion go into a loop
[Wed Jan 20 00:14:41 2016] <lingxiao> yeah it def worked the first time for me lol!
[Wed Jan 20 00:14:52 2016] <lingxiao> but in all subsequent times it does not seem to terminate
[Wed Jan 20 00:49:32 2016] <johnw> if I find myself repeating a bunch of Context lines, can I turn that into a private command or something?
[Wed Jan 20 01:42:13 2016] <johnw> I was at least able to reduce it down to one Context line
[Wed Jan 20 09:05:45 2016] <dredozubov> can i search for relevant lemmas/theorems somehow?
[Wed Jan 20 09:06:07 2016] <rrika> ctrl+c ctrl+a ctrl+a in proof general
[Wed Jan 20 09:06:34 2016] <dredozubov> cool
[Wed Jan 20 09:06:43 2016] <dredozubov> can i search by type somehow?
[Wed Jan 20 09:07:07 2016] <dredozubov> let's imagine i want to gather all of the proved knowledge for the nats
[Wed Jan 20 09:07:10 2016] <dredozubov> e.g.
[Wed Jan 20 09:07:16 2016] <dredozubov> how can i do that?
[Wed Jan 20 09:07:16 2016] <rrika> SearchAbout [ name ]. does the same as ctrl+c ctrl+a cltr+a
[Wed Jan 20 09:07:32 2016] <rrika> do exactly that search with "nats"
[Wed Jan 20 09:07:43 2016] <rrika> eh, "nat"
[Wed Jan 20 09:08:15 2016] <rrika> It depends on how much you've "Required" at the beginning though.
[Wed Jan 20 09:08:17 2016] <rrika> I think.
[Wed Jan 20 09:08:39 2016] <dredozubov> hmm
[Wed Jan 20 09:08:40 2016] <rrika> https://coq.inria.fr/library/
[Wed Jan 20 09:08:42 2016] <dredozubov> i see a lot of stuff
[Wed Jan 20 09:08:43 2016] <rrika> ^ search for "nat there
[Wed Jan 20 09:08:49 2016] <dredozubov> not sure what's relevant
[Wed Jan 20 09:08:54 2016] <rrika> what do you want to show?
[Wed Jan 20 09:08:55 2016] <dredozubov> i'm going through the SF book
[Wed Jan 20 09:09:08 2016] <rrika> What exercise are you at?
[Wed Jan 20 09:09:11 2016] <dredozubov> it uses it's own nat implementation through the course
[Wed Jan 20 09:09:27 2016] <dredozubov> Induction.v: mult_comm
[Wed Jan 20 09:10:05 2016] <dredozubov> after some assertions i came to the point where i want to show that S b = S c -> b = c
[Wed Jan 20 09:10:17 2016] <dredozubov> it is pretty obvious, when you look at it
[Wed Jan 20 09:10:28 2016] <dredozubov> can't explain to it to coq though
[Wed Jan 20 09:10:42 2016] <rrika> I could tell you the tactic to resolve this, but I don't know if you're supposed to know at this stage.
[Wed Jan 20 09:10:48 2016] <Nik05> dredozubov you can use inversion on the hypothesis
[Wed Jan 20 09:10:50 2016] <rrika> And looking at my solution I didn't need it.
[Wed Jan 20 09:11:07 2016] <Nik05> i had the same problem
[Wed Jan 20 09:11:08 2016] <dredozubov> Nik05: i think i'm not supposed to do it at this point :)
[Wed Jan 20 09:11:11 2016] <rrika> What Nik05 said, "inversion" will do that.
[Wed Jan 20 09:11:23 2016] <Nik05> im working on SF myself as well
[Wed Jan 20 09:12:37 2016] <dredozubov> i guess i'll try it
[Wed Jan 20 09:12:42 2016] <Nik05> dredozubov you can proof mult_comm with some other lemma's
[Wed Jan 20 09:12:44 2016] <rrika> dredozubov, how does your proof look like so far?
[Wed Jan 20 09:12:49 2016] <dredozubov> so far my proofs look disgusting
[Wed Jan 20 09:12:53 2016] <rrika> no worries
[Wed Jan 20 09:13:00 2016] <rrika> in fact the three lemmas above mult_comm are directly useful
[Wed Jan 20 09:13:02 2016] <dredozubov> i'd rather not show :D
[Wed Jan 20 09:13:14 2016] <rrika> Is it over 200 lines?
[Wed Jan 20 09:13:15 2016] <rrika> :P
[Wed Jan 20 09:13:20 2016] <dredozubov> not _yet_
[Wed Jan 20 09:13:25 2016] <dredozubov> :P
[Wed Jan 20 09:13:25 2016] <rrika> lol, I know that feeling.
[Wed Jan 20 09:13:31 2016] <Nik05> i used 3 lemma's for it :P
[Wed Jan 20 09:13:46 2016] <Nik05> additional lemma's i proofed specially for that one
[Wed Jan 20 09:13:54 2016] <dredozubov> i tried to show that p + n = n + p.
[Wed Jan 20 09:14:05 2016] <dredozubov> it's pretty obvious
[Wed Jan 20 09:14:14 2016] <dredozubov> then forall a b c, a + b = a + c -> b = c
[Wed Jan 20 09:14:23 2016] <dredozubov> and i probably don't need forall there
[Wed Jan 20 09:14:25 2016] <dredozubov> :\
[Wed Jan 20 09:14:31 2016] <rrika> You do
[Wed Jan 20 09:14:39 2016] <rrika> You already defined the first one in a previous SF chapter I think.
[Wed Jan 20 09:14:39 2016] <dredozubov> then i came to S b = S c -> b = c
[Wed Jan 20 09:14:42 2016] <rrika> Called plus_comm.
[Wed Jan 20 09:15:03 2016] <Nik05> but for mult_comm. You need to do an induction on n or m. And then just use some rewrites
[Wed Jan 20 09:15:18 2016] <Nik05> oh maybe another induction on something you assert
[Wed Jan 20 09:15:42 2016] <dredozubov> oops, i used induction
[Wed Jan 20 09:15:49 2016] <dredozubov> and i don't supposed to
[Wed Jan 20 09:15:52 2016] <Nik05> ?
[Wed Jan 20 09:16:05 2016] <dredozubov> just re-read the exercise text for the plus_swap
[Wed Jan 20 09:16:29 2016] <Nik05> yes, you can just do a rewrite with plus_comm
[Wed Jan 20 09:16:30 2016] <dredozubov> i guess i'll look around for the relevant lemmas :P
[Wed Jan 20 09:16:39 2016] <rrika> Good luck
[Wed Jan 20 09:16:54 2016] <Nik05> use `Search`
[Wed Jan 20 09:16:59 2016] <dredozubov> thanks!
[Wed Jan 20 09:17:23 2016] <Nik05> if you want to search for lemmas with plus and mult, `Search plus mult`
[Wed Jan 20 09:17:41 2016] <dredozubov> should it work like full text search?
[Wed Jan 20 09:18:00 2016] <Nik05> What do you mean?
[Wed Jan 20 09:18:16 2016] <rrika> For SearchAbout, "plus" doesn't match "plus_foobar"
[Wed Jan 20 09:18:23 2016] <rrika> I don't know about Search.
[Wed Jan 20 09:18:30 2016] <Nik05> SearchAbout is deprecated i think
[Wed Jan 20 09:18:34 2016] <rrika> good to know.
[Wed Jan 20 09:18:43 2016] <dredozubov> i see SearchAbout in proof general
[Wed Jan 20 09:18:49 2016] <dredozubov> was it deprecated in 8.5?
[Wed Jan 20 09:18:58 2016] <dredozubov> Nik05: nvm
[Wed Jan 20 09:19:39 2016] <Nik05> uh maybe its not deprecated... I thought i saw it somewhere
[Wed Jan 20 09:21:32 2016] <dredozubov> SearchAbout works kinda strange
[Wed Jan 20 09:21:52 2016] <dredozubov> i see all kinds of definitions whatever i search about
[Wed Jan 20 09:22:46 2016] <dredozubov> it says: "SearchAbout (ex "eq_" eq -bool) (default nil):"
[Wed Jan 20 09:22:55 2016] <dredozubov> i enter "eq_" and get a warning
[Wed Jan 20 09:23:10 2016] <dredozubov> The reference eq_ was not found
[Wed Jan 20 09:23:11 2016] <Nik05> i have to go, see you later and good luck
[Wed Jan 20 09:23:25 2016] <dredozubov> Nik05: good luck. see you
[Wed Jan 20 09:24:17 2016] <rrika> dredozubov, you can't search for incomplete names
[Wed Jan 20 09:24:19 2016] <rrika> though
[Wed Jan 20 09:24:26 2016] <rrika> (a = b) is just a notation for (eq a b)
[Wed Jan 20 09:24:40 2016] <rrika> so searching for "eq" will show you everything that deals with an "eq" at somepoint
[Wed Jan 20 09:24:41 2016] <dredozubov> it looks like i was searching for C-c C-f
[Wed Jan 20 09:24:59 2016] <dredozubov> i can do C-c C-f nat
[Wed Jan 20 09:25:11 2016] <dredozubov> and i'm getting pretty much what i was expecting to see
[Wed Jan 20 09:25:53 2016] <dredozubov> rrika: i'm not sure how "=" notation is relevant here
[Wed Jan 20 09:26:34 2016] <rrika> ><dredozubov> i enter "eq_" and get a warning
[Wed Jan 20 09:26:52 2016] <rrika> I thought you were looking for things relating to "="
[Wed Jan 20 09:27:10 2016] <dredozubov> nope, i just entered what was suggested in the prompt
[Wed Jan 20 09:27:16 2016] <dredozubov> > it says: "SearchAbout (ex "eq_" eq -bool) (default nil):"
[Wed Jan 20 09:27:34 2016] <rrika> * misunderstood
[Wed Jan 20 09:27:45 2016] <dredozubov> no worries
[Wed Jan 20 09:28:18 2016] <dredozubov> oh!
[Wed Jan 20 09:28:24 2016] <dredozubov> C-c C-t is cool
[Wed Jan 20 09:28:46 2016] <rrika> oh, cool
[Wed Jan 20 09:28:59 2016] <dredozubov> it shows the whole proof context
[Wed Jan 20 09:31:05 2016] <Nik05> what does it do?
[Wed Jan 20 09:31:32 2016] <dredozubov> i guess it shows all the definitions in the current scopw
[Wed Jan 20 09:31:35 2016] <dredozubov> scope*
[Wed Jan 20 09:32:51 2016] <Nik05> Command: proof-ctxt
[Wed Jan 20 09:32:52 2016] <Nik05> Show the current context.
[Wed Jan 20 09:33:00 2016] <Nik05> Oke, now im really gone. Bye :P
[Wed Jan 20 13:23:08 2016] <lingxiao> hey all
[Wed Jan 20 13:23:17 2016] <lingxiao> I have a question about an odd behavior in my proof
[Wed Jan 20 13:25:08 2016] <Nik05> lingxiao post the question :)
[Wed Jan 20 13:25:27 2016] <lingxiao> yup here;s the code
[Wed Jan 20 13:25:27 2016] <lingxiao> http://lpaste.net/150320
[Wed Jan 20 13:25:40 2016] <lingxiao> the problem is the Theorem pathIndependence at the bottom
[Wed Jan 20 13:26:17 2016] <lingxiao> so I have intros b. destruct b as [|b'|b']. reflexivity. reflexivity. reflexivity. Qed
[Wed Jan 20 13:26:23 2016] <lingxiao> on the third reflexivity I'm getting
[Wed Jan 20 13:26:32 2016] <lingxiao> Toplevel input, characters 0-11:
[Wed Jan 20 13:26:32 2016] <lingxiao> Error: Impossible to unify "1 + bin_un (Odd b')" with
[Wed Jan 20 13:26:33 2016] <lingxiao>  "bin_un (incr_bin (Odd b'))".
[Wed Jan 20 13:26:43 2016] <lingxiao> even though it's bascially the same as the other two cases
[Wed Jan 20 13:26:45 2016] <lingxiao> what gives?
[Wed Jan 20 13:27:18 2016] <Cypi> Where you try "reflexivity", you can try to do "simpl" first, just to see which terms you are trying to unify
[Wed Jan 20 13:28:13 2016] <Cypi> In that case, you want to prove that "bin_un (incr_bin b') + bin_un (incr_bin b')" and "S (S (bin_un b' + bin_un b'))" are equal.
[Wed Jan 20 13:29:27 2016] <Cypi> Now you can see that you need some kind of relation between "bin_un (incr_bin b')" and "bin_un b'" to prove that. So maybe a simple "destruct b" at the beginning of the proof won't be enough
[Wed Jan 20 13:30:57 2016] <Nik05> yes use induction hypothesis and rewrite S S (a + b) to S a + S b
[Wed Jan 20 13:35:01 2016] <lingxiao> ok let me try tthat
[Wed Jan 20 14:06:11 2016] <Nik05> lingxiao working?
[Wed Jan 20 14:07:35 2016] <lingxiao> actually no
[Wed Jan 20 14:07:47 2016] <lingxiao> but if i changed the definition of bin_un a little it does
[Wed Jan 20 14:07:59 2016] <lingxiao> not sure why exactly, i have some vague notions
[Wed Jan 20 14:09:09 2016] <lingxiao> like t his:
[Wed Jan 20 14:09:09 2016] <lingxiao> http://lpaste.net/150321
[Wed Jan 20 14:09:35 2016] <lingxiao> introduce the function double, then it works
[Wed Jan 20 14:10:07 2016] <lingxiao> so in [bin_un] we have [Even n' => double (bin_un n')] instead of [Even n' = bin_un n' + bin_un n']
[Wed Jan 20 14:10:18 2016] <lingxiao> but addition is also inductively defind
[Wed Jan 20 14:13:15 2016] <lingxiao> Nik05 I don't know if you might elucidate?
[Wed Jan 20 14:18:24 2016] <lingxiao> that is how I would do it using the original definiton  of [bin_un] with [Even n' = bin_un n' + bin_un n'] insetad
[Wed Jan 20 14:48:59 2016] <Cale> lingxiao: http://lpaste.net/150326
[Wed Jan 20 14:52:34 2016] <lingxiao> thanks Cale! I'll take alook!
[Wed Jan 20 16:44:53 2016] <johnw> the R type only really works propositionally, right?
[Wed Jan 20 16:47:14 2016] <johnw> oh, Rle_dec is what I was looking for
[Wed Jan 20 17:10:43 2016] <dredozubov> finally proved plus_comm
[Wed Jan 20 17:10:49 2016] <dredozubov> had to cheat a little
[Wed Jan 20 17:11:11 2016] <dredozubov> correct lemma formulation wasn't so obvious
[Wed Jan 20 17:11:53 2016] <dredozubov> you don't really need inversion to prove this theorem
[Wed Jan 20 18:26:28 2016] <Nik05> dredozubov what do you mean with lemma formulation? a + b -> b + a?
[Wed Jan 20 18:29:04 2016] <dredozubov> we discussed the proof of mult_comm earlier
[Wed Jan 20 18:29:41 2016] <dredozubov> you were saying that inversion would be helpful
[Wed Jan 20 18:30:58 2016] <dredozubov> in the end i managed not to use it
[Wed Jan 20 18:31:06 2016] <dredozubov> that's all i'm saying :)
[Wed Jan 20 18:37:07 2016] <Nik05> oke
[Wed Jan 20 18:38:35 2016] <Nik05> dredozubov i used lemma's mult_l_0 and mult_a_Sb : a * S b = a + a * b
[Wed Jan 20 18:39:36 2016] <Nik05> and in the latter i used plus_swap
[Wed Jan 20 18:40:27 2016] <johnw> jgross_: ping
[Wed Jan 20 18:59:05 2016] <rrika> dredozubov, nice
[Wed Jan 20 22:25:23 2016] <jgross_> johnw: pong 
[Thu Jan 21 01:02:46 2016] <johnw> jgross_: hi!
[Thu Jan 21 08:05:49 2016] <Saizan> how does the coq kernel implement conversion checking? normalizing in call-by-value style?
[Thu Jan 21 08:06:34 2016] <companion_cube> there are several reduction machines, afaik
[Thu Jan 21 08:06:44 2016] <companion_cube> but it computes the strong normal form, in any case
[Thu Jan 21 08:09:39 2016] <Saizan> how do you control which one is used?
[Thu Jan 21 08:10:01 2016] <companion_cube> http://gallium.inria.fr/blog/coq-eval/
[Thu Jan 21 08:10:27 2016] <companion_cube> (otherwise I don't really know, sorry)
[Thu Jan 21 08:11:07 2016] <Saizan> that talks about explicitly computing or evaluating stuff not what the core typechecker is doing
[Thu Jan 21 08:13:05 2016] <companion_cube> well it's the same mechanisms
[Thu Jan 21 08:20:27 2016] <Saizan> but since there's more than one it doesn't tell me which one is actually used, by default at least :)
[Thu Jan 21 10:41:05 2016] <jgross_> johnw: hi!  Most responses of mine will be delayed, since I'm at POPL. 
[Thu Jan 21 11:17:23 2016] <Nik05> jgross_ oh all the way in India, cool at Tata
[Thu Jan 21 12:48:59 2016] <johnw> Nik05: POPL is in Florida this year
[Thu Jan 21 12:50:06 2016] <Nik05> oh johnw :P
[Thu Jan 21 12:50:19 2016] <Nik05> oh right its 2016...
[Thu Jan 21 14:21:13 2016] <rrika> heh, you get to know all the exciting things first hand
[Thu Jan 21 14:58:18 2016] <rrika> Is there a fast way to run coq in the browser?
[Thu Jan 21 14:58:54 2016] <rrika> I've seeen this: https://x80.org/rhino-coq/ is there a faster way too?
[Thu Jan 21 14:59:19 2016] <rrika> Like implementing some bytecode directly in JS instead of using the ocaml to js thing
[Thu Jan 21 15:18:24 2016] <dredozubov> i'm getting Error: Cannot guess decreasing argument of fix.
[Thu Jan 21 15:18:59 2016] <rrika> dredozubov, can you paste the code somewhere?
[Thu Jan 21 15:19:00 2016] <dredozubov> is Fixpoint definition gets rewritten with a fix-point combinator and the error is telling me about it?
[Thu Jan 21 15:19:19 2016] <dredozubov> it looks like i should convince coq that arguments get structurally smaller
[Thu Jan 21 15:19:24 2016] <dredozubov> any hints?
[Thu Jan 21 15:19:30 2016] <rrika> that's correct
[Thu Jan 21 15:20:00 2016] <rrika> you can define a custom relation that describes which terms are smaller than others
[Thu Jan 21 15:20:11 2016] <dredozubov> https://gist.github.com/dredozubov/2c686df6ca6c50fc80b7
[Thu Jan 21 15:20:16 2016] <rrika> and then after defining the fixpoint it will ask you to show that each recursive call fulfills that
[Thu Jan 21 15:20:32 2016] <rrika> though if you can show it by structure it will be much easier
[Thu Jan 21 15:21:18 2016] <rrika> hm, yeah, it will be easier if you can avoid swapping the first and second argument
[Thu Jan 21 15:21:26 2016] <dredozubov> i know the general idea, but it's not obvious how can i do expose that fact
[Thu Jan 21 15:21:43 2016] <rrika> I think even a custom relation doesn't help here since you span multiple arguments
[Thu Jan 21 15:22:01 2016] <dredozubov> i think it'll require one more argument
[Thu Jan 21 15:22:09 2016] <rrika> dredozubov, you can do without extra argument
[Thu Jan 21 15:22:26 2016] <rrika> each invocation of alternate could add two values to the result
[Thu Jan 21 15:22:29 2016] <rrika> then it can work
[Thu Jan 21 15:22:46 2016] <dredozubov> good idea
[Thu Jan 21 15:23:34 2016] <dredozubov> it works now :)
[Thu Jan 21 15:24:21 2016] <dredozubov> i don't really get what you mean by custom relation though
[Thu Jan 21 15:25:03 2016] <rrika> well, the idea is that the terms to the recursive function get smaller, and that the function eventually terminates
[Thu Jan 21 15:25:36 2016] <rrika> so you can make a "X -> X -> Prop"
[Thu Jan 21 15:27:02 2016] <rrika> (called R) and then show that all chains  R a b, R b c, R c d, eventually end in a R x y which can't be fulfilled for any 'y'
[Thu Jan 21 15:27:08 2016] <rrika> that's where it "stops"?
[Thu Jan 21 15:27:18 2016] <rrika> (I'm not sure if I haven't mixed up left and right in this case)
[Thu Jan 21 15:27:20 2016] <rrika> https://coq.inria.fr/library/Coq.Init.Wf.html
[Thu Jan 21 15:27:28 2016] <rrika> Look at "Inductive Acc"
[Thu Jan 21 15:27:47 2016] <rrika> And "Definition well_founded"
[Thu Jan 21 15:29:19 2016] <dredozubov> interesting
[Thu Jan 21 15:29:46 2016] <rrika> You can read more about it here: http://adam.chlipala.net/cpdt/html/GeneralRec.html
[Thu Jan 21 15:30:49 2016] <rrika> actually, consult a different source, I just found this via google, and it doesn't seem that on-topic after all
[Thu Jan 21 15:31:32 2016] <dredozubov> i guess i'll get to it, when i'll encounter this problem again in the future
[Thu Jan 21 15:31:52 2016] <dredozubov> it's interesting to see how different programming becomes with totality restriction :)
[Thu Jan 21 15:32:19 2016] <rrika> The syntax of Fixpoint allows "Fixpoint (arg1:Type1) {XXX} : ReturnType" where XXX can be "struct arg1" if you have a structurally decreasing argument or "wf TheRelation arg1" if you use the custom approach.
[Thu Jan 21 15:32:28 2016] <rrika> that's all I think
[Thu Jan 21 15:32:35 2016] <companion_cube> oh, coqtop is now colored
[Thu Jan 21 15:33:31 2016] <dredozubov> can i make a local fixpoint definition within the other fixpoint definition?
[Thu Jan 21 15:43:14 2016] <dredozubov> is there a shortcut for "Proof. reflexivity. Qed."?
[Thu Jan 21 15:43:52 2016] <dredozubov> * is copy-pasting it all over the place
[Thu Jan 21 15:44:20 2016] <rrika> I'm copy pasting it too.
[Thu Jan 21 15:47:06 2016] <Nik05> dredozubov that is just the beginning of SF :P
[Thu Jan 21 15:47:36 2016] <Nik05> i just copy pasted them
[Thu Jan 21 15:47:50 2016] <Nik05> or do a replace of Abort :P
[Thu Jan 21 15:48:04 2016] <Nik05> /s/Abort/Admitted/
[Thu Jan 21 15:48:28 2016] <dredozubov> Admitted will propagate errors in logic ;)
[Thu Jan 21 15:48:39 2016] <dredozubov> Proof. reflexivity. Qed. will not
[Thu Jan 21 15:49:13 2016] <rrika> JsCert uses Admitted. instead of Qed. to save computation time according to their website. They say that replacing it all by Qed. will still compile.
[Thu Jan 21 16:08:10 2016] <rrika> <dredozubov> can i make a local fixpoint definition within the other fixpoint definition?
[Thu Jan 21 16:08:27 2016] <rrika> maybe with "fix fixname arg := body"
[Thu Jan 21 16:22:00 2016] <johnw> dredozubov: do you use Emacs?
[Thu Jan 21 16:22:15 2016] <rrika> he does IIRC
[Thu Jan 21 16:22:28 2016] <dredozubov> johnw: yes, i am
[Thu Jan 21 16:22:51 2016] <johnw> are you familiar with abbrev?
[Thu Jan 21 16:23:18 2016] <johnw> type "refl" and then C-x a i l, and then type "Proof. reflexivity. Qed."
[Thu Jan 21 16:23:28 2016] <johnw> Now in future when you type "refl.", it will expand to that
[Thu Jan 21 16:23:32 2016] <johnw> (s/Qed./Qed/)
[Thu Jan 21 16:25:04 2016] <dredozubov> nice tip, thanks
[Thu Jan 21 16:25:35 2016] <dredozubov> recently switch to emacs from vim, haven't known that
[Thu Jan 21 16:25:40 2016] <dredozubov> switched*
[Thu Jan 21 16:26:08 2016] <johnw> oh, "." is over-loaded, you'll need to use "refl<RET>" and do keep the "Qed."
[Thu Jan 21 16:26:11 2016] <dredozubov> can't use it without evil-mode now, hehe
[Thu Jan 21 16:27:05 2016] <rrika> I wish there was coq-integration for sublime text
[Thu Jan 21 16:27:10 2016] <rrika> (and that sublime text was open source)
[Thu Jan 21 16:30:25 2016] <johnw> dredozubov: yasnippet is another great way to automate common things you'll type in Coq
[Thu Jan 21 16:31:00 2016] <dredozubov> i guess i'll play with it tomorrow, too sleepy to try something meaningful now :)
[Thu Jan 21 16:34:11 2016] <johnw> dredozubov: if you want to lose sleep, then check out company-coq :)
[Thu Jan 21 20:06:56 2016] <johnw> all I want for Christmas is for my universe to be consistent
[Fri Jan 22 00:32:53 2016] <johnw> Coq 8.5 is out: https://coq.inria.fr/news/128.html
[Fri Jan 22 01:50:00 2016] <Saizan> excellent phrasing from the Coq team
[Fri Jan 22 01:57:02 2016] <johnw> Saizan: how do you mean?
[Fri Jan 22 02:18:27 2016] <Saizan> just another Coq joke, nvm
[Fri Jan 22 02:32:08 2016] <johnw> Saizan: in a public place I told my wife that I'm excited that my work pays me to play with Coq
[Fri Jan 22 02:32:18 2016] <johnw> it's hard to remember sometimes
[Fri Jan 22 02:34:19 2016] <johnw> context is everything
[Fri Jan 22 02:39:21 2016] <sunnymilk> when im out and talking about it i generally call it "proof assistant"
[Fri Jan 22 02:39:46 2016] <sunnymilk> or try to say it with a french accident (am not very good at this)
[Fri Jan 22 02:40:55 2016] <johnw> yeah, I call it "proof language" when there are many ears around
[Fri Jan 22 03:05:48 2016] <dredozubov> johnw: cool, i was wondering if it's possbile to get paid for it :)
[Fri Jan 22 03:09:41 2016] <Saizan> johnw: heh, it wasn't a complaint anyhow
[Fri Jan 22 11:18:08 2016] <tbelaire> I am trying to just work through a concrete case, and I'm having some problems
[Fri Jan 22 11:18:42 2016] <tbelaire> If I do Definition example_list := A :: B :: nil. (where A and B are already defined)
[Fri Jan 22 11:19:08 2016] <tbelaire> but now I'm trying to prove a lemma "Lemma directed_ex : directed example_list."
[Fri Jan 22 11:19:23 2016] <tbelaire> I don't actually bring the body of my example list into scope
[Fri Jan 22 11:19:37 2016] <tbelaire> and I can't prove anything about it
[Fri Jan 22 11:20:47 2016] <Cypi> 'example_list' is still convertible to 'A :: B :: nil', and if you want to explicit that, you can do [unfold example_list.] to replace it by its definition
[Fri Jan 22 11:21:29 2016] <tbelaire> ah
[Fri Jan 22 11:21:56 2016] <tbelaire> great, I was trying destruct, but that got me no where
[Fri Jan 22 11:23:34 2016] <tbelaire> Ah, my example is not even true, oops
[Fri Jan 22 11:24:15 2016] <tbelaire> This is exactly why I wanted to do a concrete example
[Fri Jan 22 13:42:22 2016] <johnw> in a notation, how do I capture a subexpression?  for example, I have:
[Fri Jan 22 13:42:24 2016] <johnw> Notation "X <- A ; B" := (A >>= (fun p => match p with X => B end)).
[Fri Jan 22 13:42:28 2016] <johnw> and I like to be able to write:
[Fri Jan 22 13:42:35 2016] <johnw> (x, y) <- pure (10, 20) ; pure x
[Fri Jan 22 13:42:48 2016] <johnw> but it's telling me that (x, y) must be a name
[Fri Jan 22 13:58:39 2016] <irishsultan> what happens if you use small letters for the subexpressions?
[Fri Jan 22 14:00:19 2016] <johnw> no difference; why would there have been?
[Fri Jan 22 14:06:18 2016] <jrw> cpitclaudel: after upgrading to github PG, coq 8.5, and the latest melpa package for company-coq, I get an error "Company: Back-end company-coq-master-backend error "Wrong type argument: listp, "is"" with args (candidates ...)"
[Fri Jan 22 14:06:23 2016] <jrw> any idea what's causing that?
[Fri Jan 22 14:06:35 2016] <jrw> if you're still at POPL I can also track you down in person and show you
[Fri Jan 22 16:49:42 2016] <lingxiao> hey all i have a syntax question
[Fri Jan 22 17:52:29 2016] <johnw> ask away
[Fri Jan 22 17:57:51 2016] <benzrf> heh
[Fri Jan 22 17:58:15 2016] <benzrf> this buffer is adjacent to #Mandarin, and lingxiao looks like mandarin, and i misinterpreted that as being about linguistic syntax
[Sat Jan 23 11:46:22 2016] <rrika> Can someone explain to me why in
[Sat Jan 23 11:46:23 2016] <rrika>   Inductive foobar (x:nat) : nat -> Type := constructor : foobar (S x) (S x).
[Sat Jan 23 11:46:36 2016] <rrika> the first (S x) is a problem (and should be 'x') but the second is not?
[Sat Jan 23 12:05:01 2016] <blop_> the first one is a "parameter" (and must remain the same); the second is an "index" and can vary
[Sat Jan 23 12:10:30 2016] <rrika> Is there some document that focuses on that distinction?
[Sat Jan 23 12:12:11 2016] <rrika> (also do the jscert people have an IRC channel?)
[Sat Jan 23 14:09:27 2016] <cocreature> when do I need to start a proof using "Proof."? the docs make it seem like this is always necessary but when I just start typing in tactics after a theorem it seems to work as well
[Sat Jan 23 14:11:33 2016] <chris2> its not necessary afaiu
[Sat Jan 23 14:11:51 2016] <cocreature> alright thanks
[Sat Jan 23 14:16:12 2016] <johnw> rrika: Chlipala's book, CPDT, discusses the distinction a fair bit
[Sat Jan 23 14:17:07 2016] <johnw> basically, arguments may vary by constructor, parameters cannot
[Sat Jan 23 14:17:49 2016] <rrika> An explanation that shows what would break if parameters varied would be nice.
[Sat Jan 23 14:17:59 2016] <rrika> I think I have a rough idea by now
[Sat Jan 23 15:11:15 2016] <johnw> rrika: equality would break :)
[Sat Jan 23 15:11:57 2016] <johnw> (eq a b) works as a type, because it fixes 'a' and then provides you with a single constructor that must then simplify to 'eq a a'
[Sat Jan 23 15:12:14 2016] <johnw> if both 'a' and 'b' were fluid, it would be trivial to use eq_refl, and it wouldn't mean anything
[Sat Jan 23 15:12:22 2016] <rrika> Some inductive declarations just want to see the world burn.
[Sat Jan 23 15:13:11 2016] <johnw> for example, if you wrote: "eq_refl x : eq x x", that's trivially satisfiable
[Sat Jan 23 15:14:23 2016] <johnw> but eq A (x : A) : A -> Prop := eq_refl  : eq x x, that can only happen if the argument to eq_refl is exactly x
[Sat Jan 23 15:16:26 2016] <johnw> consider this definition:
[Sat Jan 23 15:16:30 2016] <johnw> Inductive eq' A : A -> A -> Prop := eq_refl x : A -> A -> eq' x x.
[Sat Jan 23 15:16:39 2016] <johnw> Compute eq' 10 20.
[Sat Jan 23 15:16:42 2016] <johnw> works without a hitch
[Sat Jan 23 15:17:13 2016] <johnw> sorry, that was a wrong example
[Sat Jan 23 15:17:32 2016] <johnw> err, I have this wrong, never mind me; too early yet :)
[Sat Jan 23 15:17:46 2016] <rrika> I was about to say
[Sat Jan 23 15:17:46 2016] <rrika> Inductive lol {A}: forall (a b:A), Prop := eq : forall x, eq x x.
[Sat Jan 23 15:17:48 2016] <rrika> works
[Sat Jan 23 15:19:20 2016] <rrika> In coq "match" only considers parameters, but in lean you can match both paramters and indices.
[Sat Jan 23 15:19:26 2016] <rrika> That's interesting
[Sat Jan 23 15:19:31 2016] <johnw> rrika: http://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Sat Jan 23 15:23:49 2016] <johnw> my eq example was completely the wrong one, even :)
[Sat Jan 23 15:24:04 2016] <johnw> the inhabitants may never vary in type
[Sat Jan 23 15:24:06 2016] <johnw> sigh
[Sat Jan 23 15:27:46 2016] <johnw> rrika: actually, the eq example is not entirely wrong: https://gist.github.com/e78da5b9b2cb0597f4e5
[Sat Jan 23 15:28:19 2016] <johnw> using a parameter, the first argument to eq provides you with information about the argument, since it cannot vary, making the first proof possible; using only arguments, there is not enough information to complete the proof.
[Sat Jan 23 15:29:05 2016] <rrika> I get »The term "x" has type "A" while it is expected to have type  "Type"«
[Sat Jan 23 15:29:19 2016] <rrika> Did you forget to copy something above that snippet?
[Sat Jan 23 15:29:46 2016] <johnw> rrika: yes, one moment
[Sat Jan 23 15:30:05 2016] <johnw> add: Set Implicit Arguments.
[Sat Jan 23 15:30:20 2016] <johnw> or put "A" after eq' in the constructor definition
[Sat Jan 23 15:31:00 2016] <rrika> yeah, that's it!
[Sat Jan 23 15:31:15 2016] <rrika> inversion only works with parameters
[Sat Jan 23 15:31:32 2016] <johnw> after destruction, all I know is that I have an "x", but it doesn't relate to the type strongly enough
[Sat Jan 23 15:31:50 2016] <rrika> if inversion introduced indices you could get a proof of existence that's wrong
[Sat Jan 23 15:32:05 2016] <johnw> yes, the index would tell me exactly what the argument *must* be
[Sat Jan 23 15:32:10 2016] <johnw> since it cannot vary
[Sat Jan 23 15:32:19 2016] <johnw> the type informs us about the value
[Sat Jan 23 15:32:39 2016] <johnw> or conversely, the value tells us about the type
[Sat Jan 23 15:33:04 2016] <johnw> with the non-index version, we only know that the value is an inhabitant of that type
[Sat Jan 23 15:34:19 2016] <johnw> oops, I think we're still off the mark
[Sat Jan 23 15:34:23 2016] <johnw> Lemma should_be_true : forall A (x y : A), eq' A x y -> x = y.
[Sat Jan 23 15:34:29 2016] <johnw> that was easily provable just now
[Sat Jan 23 15:34:31 2016] <johnw> :(
[Sat Jan 23 15:34:39 2016] <johnw> and using that, the other proof is easy too
[Sat Jan 23 15:34:46 2016] <johnw> clearly I need to study up on this myself
[Sat Jan 23 15:37:04 2016] <rrika> I was thinking about
[Sat Jan 23 15:37:05 2016] <rrika>   Inductive example (x:nat) : nat -> Type := square : forall (y:nat), lol x (y*y).
[Sat Jan 23 15:37:39 2016] <rrika> Where in "example x y" x can be any value, but y can only be the square of a natural number
[Sat Jan 23 15:38:28 2016] <rrika> Maybe the rules try to avoid getting "squareness" proofs because 'y' doesn't cover all nats
[Sat Jan 23 15:38:29 2016] <rrika> while x does
[Sat Jan 23 15:39:19 2016] <johnw> have to run now, rrika.  good luck, and sorry if I further confused the issue
[Sat Jan 23 15:39:34 2016] <rrika> ahaha, no worries, thanks for thinking about it too, see ya.
[Sat Jan 23 15:39:44 2016] <johnw> I updated the gist, if you want to play with it further
[Sat Jan 23 15:41:50 2016] <cocreature> what does the "birdface operator" ie :> mean? I found https://coq.inria.fr/distrib/current/refman/Reference-Manual026.html#ProgramSyntax but I am not sure how that relates to the use in typeclasses and records.
[Sat Jan 23 15:50:03 2016] <johnw> it's the typeclass and module one :>?
[Sat Jan 23 15:50:07 2016] <johnw> s/it's/isn't
[Sat Jan 23 15:50:19 2016] <johnw> oh, modules is <:
[Sat Jan 23 15:50:34 2016] <johnw> record coercion is :>
[Sat Jan 23 15:50:46 2016] <johnw> I'm unfamiliar with the one you're pointing to
[Sat Jan 23 15:51:31 2016] <cocreature> that was just the first link to docs when I searched. I’m actually looking for the one you’re using in coq-haskell
[Sat Jan 23 15:51:51 2016] <cocreature> e.g. is_functor :> Functor f; for applicative
[Sat Jan 23 15:52:50 2016] <cocreature> ah that looks better https://coq.inria.fr/distrib/current/refman/Reference-Manual021.html
[Sat Jan 23 15:53:29 2016] <johnw> right; given any Applicative, it lets you reference the Functor laws implicitly
[Sat Jan 23 15:54:41 2016] <cocreature> alright, thanks
[Sat Jan 23 16:20:20 2016] <cocreature> what is =1 in coq-haskell? extensional equality? turns out it’s not that easy to search for that :)
[Sat Jan 23 17:12:27 2016] <benzrf> what
[Sat Jan 23 17:12:38 2016] <benzrf> how did i install ssreflect
[Sat Jan 23 17:26:08 2016] <rrika> I forgot how I get access to a value of type (0 = n) in "match n with | 0 => (*here*) | S _ => (*don't care*)"
[Sat Jan 23 20:23:05 2016] <jrw> rrika: something like "match n as n0 return n0 = n -> _ with | 0 => fun H : 0 = n => (* ... *) | S n' => fun _ => (* ... *) end eq_refl"
[Sat Jan 23 20:24:14 2016] <rrika> jrw, I found out the hard way x_x
[Sat Jan 23 20:24:19 2016] <rrika> what does return do?
[Sat Jan 23 20:24:29 2016] <rrika> just specify the type of the expression that match will return?
[Sat Jan 23 20:24:41 2016] <jrw> rrika: exactly
[Sat Jan 23 20:26:08 2016] <jrw> the "as n0" part gives a new name for n. then, in the return annotation, n refers to the "unmatched" version, while n0 refers to the matched version, which is different in each case
[Sat Jan 23 20:26:41 2016] <jrw> so the return annotation adds an argument (the match returns a function) that is a proof that the matched and unmatched values are equal.
[Sat Jan 23 20:27:11 2016] <jrw> this is easy to provide, since the argument is type checked in a context where n0 is replaced by n
[Sat Jan 23 20:27:15 2016] <jrw> so eq_refl works
[Sat Jan 23 21:54:13 2016] <martintesleft> i am martin
[Sat Jan 23 21:54:46 2016] <martintesleft> in ubuntu 12 virtual machine using ocqml 3.12.1 but install coq 8.0 got error as stated  before.
[Sat Jan 23 21:54:46 2016] <martintesleft> in ubuntu 14, have 8.4pl6 , have error , so i change to ubuntu 12 machine , then have installation error for coq 8.0.
[Sat Jan 23 21:54:46 2016] <martintesleft> martin@ubuntu:~$ ocaml -version
[Sat Jan 23 21:54:46 2016] <martintesleft> The OCaml toplevel, version 4.01.0
[Sat Jan 23 21:54:46 2016] <martintesleft> martin@ubuntu:~$ coqc -version
[Sat Jan 23 21:54:46 2016] <martintesleft> coqc: -version: no such file or directory
[Sat Jan 23 21:54:46 2016] <martintesleft> martin@ubuntu:~$ coqc --version
[Sat Jan 23 21:54:47 2016] <martintesleft> The Coq Proof Assistant, version 8.4pl6 (December 2015)
[Sat Jan 23 21:54:47 2016] <martintesleft> compiled on Dec 18 2015 23:12:11 with OCaml 4.01.0
[Sat Jan 23 21:54:48 2016] <martintesleft> martin@ubuntu:~$
[Sat Jan 23 21:55:34 2016] <martintesleft> i follow
[Sat Jan 23 21:55:35 2016] <martintesleft> http://www.lix.polytechnique.fr/~barras/mpri/notes/cours007.html
[Sat Jan 23 21:55:35 2016] <jrw> martintesleft: welcome :)
[Sat Jan 23 21:55:36 2016] <martintesleft> Preuve de programmes fonctionnels - lix.polytechnique.fr
[Sat Jan 23 21:55:36 2016] <martintesleft> www.lix.polytechnique.fr
[Sat Jan 23 21:55:36 2016] <martintesleft> Cours 7 Preuve de programmes fonctionnels. Dans ce cours, nous nous intéressons à la spécification et à la preuve de programmes purement fonctionnels.
[Sat Jan 23 21:55:36 2016] <martintesleft> got  error  when  run in coqtop
[Sat Jan 23 21:59:00 2016] <jrw> martintesleft: it can be helpful to use a pastebin instead of pasting directly in here
[Sat Jan 23 21:59:03 2016] <jrw> so that you don't get kicked
[Sat Jan 23 22:00:20 2016] <martintesleft> i get it
[Sat Jan 23 22:01:11 2016] <martintesleft> https://gist.github.com/LovelyYanki/1853a3c6ff4360ef3ca3#file-gistfile1-txt
[Sat Jan 23 22:02:40 2016] <jrw> looking
[Sat Jan 23 22:08:56 2016] <martintesleft> https://gist.github.com/LovelyYanki/bc4fa5b19b513e6767a8#file-gistfile1-txt
[Sat Jan 23 22:09:02 2016] <jrw> martintesleft: okay, so it looks like that website may be out of date or using a different version of coq than you. but it should be possible to proceed by annotation y to have type Z
[Sat Jan 23 22:11:24 2016] <jrw> martintesleft: actually, try this: https://gist.github.com/wilcoxjay/349557a4e5a9083588df
[Sat Jan 23 22:11:31 2016] <jrw> I just added an "Open Scope Z" to the top
[Sat Jan 23 22:15:12 2016] <martintesleft> after tried , https://gist.github.com/LovelyYanki/13b9e84fa24904a12b39#file-gistfile1-txt
[Sat Jan 23 22:16:45 2016] <martintesleft> error at final line generalize (compare_spec x z); destruct (compare x z).
[Sat Jan 23 22:16:45 2016] <martintesleft> error at final line, generalize (compare_spec x z); destruct (compare x z).
[Sat Jan 23 22:17:51 2016] <jrw> martintesleft: that line should be part of a proof of mem_correct
[Sat Jan 23 22:18:24 2016] <jrw> the page you're following suggests to start the proof with "inductsion s" and then do a few other things before doing the generalize step
[Sat Jan 23 22:22:20 2016] <jrw> martintesleft: have you considered trying a different book?
[Sat Jan 23 22:22:32 2016] <jrw> and also using proof general or coqide instead of raw coqtop?
[Sat Jan 23 22:27:50 2016] <martintesleft> i do not understand how to do a few other things before doing generalize step
[Sat Jan 23 22:30:01 2016] <martintesleft> it said to specify an axiom, which axiom?
[Sat Jan 23 22:30:24 2016] <jrw> martintesleft: by "axiom" it meant the hypothesis thing
[Sat Jan 23 22:30:29 2016] <jrw> you got that part just fine
[Sat Jan 23 22:31:44 2016] <jrw> it says to start by induction on s
[Sat Jan 23 22:31:55 2016] <jrw> then finish the first case on your own (it's supposed to be easy)
[Sat Jan 23 22:32:08 2016] <jrw> then in the second case, use the "generalize ..." stuff
[Sat Jan 23 22:33:20 2016] <martintesleft> https://gist.github.com/LovelyYanki/37871508ff81dfa28685#file-gistfile1-txt
[Sat Jan 23 22:34:09 2016] <martintesleft> i first run to Hypothesis compare_spec first and then run induction s.
[Sat Jan 23 22:34:56 2016] <jrw> martintesleft: so far so good
[Sat Jan 23 22:35:53 2016] <jrw> martintesleft: from the way the text is written there, it sounds like the author expects you to be able to do the base case by yourself. have you read the rest of the book?
[Sat Jan 23 22:37:09 2016] <martintesleft> is the Hypothesis compare_spec already written in the page ? or i should write another hypothesis?
[Sat Jan 23 22:38:23 2016] <jrw> martintesleft: just the one on the page
[Sat Jan 23 22:38:32 2016] <jrw> you don't need it for the first case though
[Sat Jan 23 22:39:31 2016] <martintesleft> do you mean this book Interactive Theorem Proving and Program Development ?
[Sat Jan 23 22:41:07 2016] <jrw> also called coq'art, yeah, that would be one place to start
[Sat Jan 23 22:41:16 2016] <jrw> or https://www.cis.upenn.edu/~bcpierce/sf/current/index.html
[Sat Jan 23 22:43:42 2016] <martintesleft> i still have not read, i just google verify program in google, then the first page i find is course 007
[Sat Jan 23 22:44:18 2016] <martintesleft> is it possible to generate system from verification rules in coq?
[Sat Jan 23 22:44:55 2016] <martintesleft> is Extraction command for this purpose?
[Sat Jan 23 22:45:04 2016] <jrw> yes, extraction is the usual way
[Sat Jan 23 22:45:17 2016] <jrw> there are more advanced techniques as well, but this is still an active area of research
[Sat Jan 23 22:45:49 2016] <martintesleft> where can find existing verification rules or do verification myself with tutorials?
[Sat Jan 23 22:45:55 2016] <jrw> martintesleft: if you're just getting started with coq, I highly recommend the software foundations book that I linked above
[Sat Jan 23 22:46:26 2016] <jrw> it has many examples and exercises
[Sat Jan 23 22:46:32 2016] <jrw> that's where I first learned coq
[Sat Jan 23 22:46:44 2016] <martintesleft> i downloaded all pages of the web, i would like to see and feel the verification rules first
[Sat Jan 23 22:47:09 2016] <jrw> martintesleft: what do you mean by "verification rules"?
[Sat Jan 23 22:47:36 2016] <martintesleft> yes
[Sat Jan 23 22:48:01 2016] <martintesleft> are axioms and verification rules the same thing?
[Sat Jan 23 22:48:18 2016] <jrw> I don't know what "verification rules" are, so I'm not sure
[Sat Jan 23 22:50:07 2016] <martintesleft> i guess something like Theorem is_empty_correct
[Sat Jan 23 22:50:26 2016] <martintesleft> in the course 0007
[Sat Jan 23 22:51:53 2016] <jrw> oh okay, is_empty_correct is a theorem, which is a logical statement that you can try to prove in coq
[Sat Jan 23 22:52:23 2016] <martintesleft> it seems need to translate haskell or ocaml program into coq syntax first, is there any fast method to translate this to coq for verify?
[Sat Jan 23 22:52:45 2016] <jrw> not that I know of
[Sat Jan 23 22:53:08 2016] <jrw> usually because the proof is so hard, it is worth it to rewrite the code from scratch
[Sat Jan 23 22:53:14 2016] <martintesleft> if verify linux kernel which is c language, how do people do?
[Sat Jan 23 22:53:16 2016] <jrw> to make it as simple and easy to prove as possible
[Sat Jan 23 22:53:37 2016] <jrw> no one has verified linux, but there is https://sel4.systems/ which is a verified kernel
[Sat Jan 23 22:53:57 2016] <jrw> that project uses isabelle/hol, which is a different proof assistant from coq
[Sat Jan 23 22:56:00 2016] <sunnymilk> has anyone here used Isabella/HOL? whats it like?
[Sat Jan 23 22:56:05 2016] <martintesleft> i know , i see that some post in email list said that there are 1000 people have ability verify system in the world
[Sat Jan 23 22:56:34 2016] <martintesleft> i am interested in knowing what system they verify.
[Sat Jan 23 22:56:47 2016] <martintesleft> if not linux, what system they verify?
[Sat Jan 23 22:58:42 2016] <jrw> martintesleft: it is an L4-like microkernel
[Sat Jan 23 22:59:56 2016] <martintesleft> can we install L4 like microkernel in VMware ?
[Sat Jan 23 23:01:18 2016] <martintesleft> i feel that Isabella do not have extraction function like in coq, i give up using it
[Sat Jan 23 23:02:28 2016] <jrw> martintesleft: I have never tried to install seL4, so I can't help you there.
[Sat Jan 23 23:02:39 2016] <jrw> isabelle does have extraction, it's just a little different
[Sat Jan 23 23:06:56 2016] <martintesleft> thank you, i go to have lunch now , see you
[Sat Jan 23 23:18:13 2016] <johnw> cocreature: =1 is extensionally equal, from ssreflect
[Sat Jan 23 23:19:00 2016] <lingxiao> hey johnw is there anyway to declare variables in a proof?
[Sat Jan 23 23:19:17 2016] <lingxiao> say my hypothesis is that f (a + b) = f a + f b
[Sat Jan 23 23:19:38 2016] <lingxiao> and I have as a goal:  f ((x + y) + z) = f (x + y) + f (z)
[Sat Jan 23 23:19:55 2016] <lingxiao> can i say let a = (x+y), let b = z, so we have the goal ?
[Sat Jan 23 23:20:22 2016] <johnw> replace (x+y) with a.
[Sat Jan 23 23:20:27 2016] <johnw> except you'll have to proof that they're equal
[Sat Jan 23 23:20:35 2016] <jrw> lingxiao: if your hypothesis is universally quantified, then [apply H] should work
[Sat Jan 23 23:20:50 2016] <jrw> where H is the name of the hypothesis
[Sat Jan 23 23:21:17 2016] <lingxiao> unfortnatly no its not, the H here is the inductive hypotheiss
[Sat Jan 23 23:21:22 2016] <lingxiao> and I tried .. it didnt work
[Sat Jan 23 23:21:54 2016] <johnw> I can't help just now, but tomorrow I can
[Sat Jan 23 23:23:26 2016] <jrw> lingxiao: can you paste the full context somewhere?
[Sat Jan 23 23:23:31 2016] <lingxiao> yup here it is
[Sat Jan 23 23:23:32 2016] <lingxiao> http://pastebin.com/ZZHY7rae
[Sat Jan 23 23:23:38 2016] <lingxiao> lpaste is borken i think
[Sat Jan 23 23:23:44 2016] <lingxiao> great thank you!
[Sat Jan 23 23:24:08 2016] <lingxiao> [nonzeros_app] is where I am stuck
[Sat Jan 23 23:24:30 2016] <lingxiao> after [rewrite -> cons_app_equiv.] I can [simpl.], but that gives me a giant case staement
[Sat Jan 23 23:24:35 2016] <lingxiao> and I dont know how to reduce that jrw
[Sat Jan 23 23:24:56 2016] <johnw> lingxiao: also, consider the difference in meaning between these two types:
[Sat Jan 23 23:25:15 2016] <johnw> forall x y z a b, f (a + b) = f a + f b -> f ((x + y) + z) = f (x + y) + f (z)
[Sat Jan 23 23:25:25 2016] <johnw> and: forall x y z, (forall a b. f (a + b) = f a + f b) -> f ((x + y) + z) = f (x + y) + f (z)
[Sat Jan 23 23:25:38 2016] <johnw> in what you asked, the latter is what you need, but the former is what you have (I'm guessing)
[Sat Jan 23 23:26:00 2016] <johnw> in Haskell, the second would be called a 'Rank-2 type'
[Sat Jan 23 23:27:03 2016] <johnw> ok, gotta run now :)
[Sat Jan 23 23:27:08 2016] <jrw> lingxiao: that example isn't self contained so I can't step through it, but I don't think you should need cons_app_equiv
[Sat Jan 23 23:27:55 2016] <jrw> should be something like [simpl. rewrite IH. reflexivity.]
[Sat Jan 23 23:28:04 2016] <jrw> for the indutive case
[Sat Jan 23 23:28:50 2016] <lingxiao> hmm i cant' do [reflexviity] after [rewrite IH]
[Sat Jan 23 23:29:15 2016] <jrw> what's left?
[Sat Jan 23 23:29:22 2016] <lingxiao> http://pastebin.com/6kZYw3XT
[Sat Jan 23 23:29:33 2016] <lingxiao> a case statement
[Sat Jan 23 23:29:58 2016] <lingxiao> acutally this case statement thing has happend sereval times by now
[Sat Jan 23 23:31:05 2016] <jrw> lingxiao: looks to me like you have a bug in the definition of ++
[Sat Jan 23 23:31:08 2016] <jrw> can you show me?
[Sat Jan 23 23:31:51 2016] <lingxiao> http://pastebin.com/24Jzmjtq
[Sat Jan 23 23:33:20 2016] <jrw> oh, right. I wasn't actually reading the goal.
[Sat Jan 23 23:33:28 2016] <jrw> :)
[Sat Jan 23 23:33:38 2016] <jrw> the match statement is coming from the nonzeros thing
[Sat Jan 23 23:33:52 2016] <jrw> just [destruct x] and you're done
[Sat Jan 23 23:33:56 2016] <lingxiao> yeah is there a better def i can give tht'll simplify it?
[Sat Jan 23 23:33:59 2016] <lingxiao> hmm ok let me see
[Sat Jan 23 23:35:20 2016] <lingxiao> ahh great thanks!!
[Sat Jan 23 23:36:30 2016] <lingxiao> may I ask you another question jrw?
[Sat Jan 23 23:37:07 2016] <lingxiao> it's this one if you have a minute: http://pastebin.com/AD6EXaqM
[Sat Jan 23 23:41:57 2016] <jrw> lingxiao: would you mind pasting the whole file?
[Sat Jan 23 23:42:17 2016] <lingxiao> yup!
[Sat Jan 23 23:42:17 2016] <lingxiao> http://pastebin.com/uwvzUhqe
[Sat Jan 23 23:42:30 2016] <lingxiao> it's way twoars the bottom
[Sat Jan 23 23:44:44 2016] <jrw> okay got it, looking now
[Sat Jan 23 23:44:59 2016] <lingxiao> thanks!
[Sat Jan 23 23:46:21 2016] <jrw> lingxiao: okay, so your lemma rev_involutive_1 is on the right track, but you're doing induction on l which is inside a rev before its inside the ++
[Sat Jan 23 23:46:35 2016] <jrw> so in the case when l is cons, you can't really do anything
[Sat Jan 23 23:46:58 2016] <jrw> instead, you can do induction on [rev l] or, even better, generalize your lemma to get rid of the inner rev
[Sat Jan 23 23:47:01 2016] <jrw> and then induct on l
[Sat Jan 23 23:48:46 2016] <lingxiao> wait so are you saying: rev (l ++ [x]) = [x] ++ rev l?
[Sat Jan 23 23:48:58 2016] <jrw> yep
[Sat Jan 23 23:49:00 2016] <lingxiao> or indeed [rev (xs ++ ys) = rev ys ++ rev xs]
[Sat Jan 23 23:49:10 2016] <jrw> yep
[Sat Jan 23 23:49:10 2016] <lingxiao> yeah stuck there too haha ... :(
[Sat Jan 23 23:49:18 2016] <lingxiao> with [rev_distrb]
[Sat Jan 23 23:49:29 2016] <jrw> okay, well those ones should be pretty easy
[Sat Jan 23 23:49:31 2016] <jrw> lets see
[Sat Jan 23 23:50:23 2016] <jrw> in rev_distrib, you might need to use the lemma app_nil_r
[Sat Jan 23 23:50:33 2016] <jrw> it looks like you got distracted trying to prove that in line
[Sat Jan 23 23:51:05 2016] <lingxiao> oh man you're right!
[Sat Jan 23 23:51:07 2016] <lingxiao> it is there ahah
[Sat Jan 23 23:51:15 2016] <lingxiao> im so sleepy i cant even remember what i read
[Sat Jan 23 23:51:24 2016] <jrw> lingxiao: also, do you have a lemma app_assoc?
[Sat Jan 23 23:51:36 2016] <lingxiao> yes i do
[Sat Jan 23 23:51:52 2016] <jrw> okay, you'll need that in the induction step of rev_distrib
[Sat Jan 23 23:52:04 2016] <jrw> but otherwise you should be good to go
[Sat Jan 23 23:52:07 2016] <lingxiao> ahh that's really helpfull let me see
[Sat Jan 23 23:52:34 2016] <lingxiao> ahh got it!
[Sat Jan 23 23:52:34 2016] <lingxiao> :D
[Sat Jan 23 23:52:37 2016] <jrw> nice
[Sat Jan 23 23:52:45 2016] <lingxiao> oh boy it's just a matter of knowing the right lemmas haha
[Sat Jan 23 23:52:47 2016] <lingxiao> thanks man!
[Sat Jan 23 23:54:24 2016] <jrw> np
[Sat Jan 23 23:54:46 2016] <jrw> lingxiao: this is something that SF does not teach well: how to know when to look for a lemma
[Sat Jan 23 23:54:56 2016] <lingxiao> whats SF?
[Sat Jan 23 23:55:00 2016] <jrw> software foundations
[Sat Jan 23 23:55:05 2016] <lingxiao> oh right haha yup
[Sat Jan 23 23:55:11 2016] <lingxiao> have you gone thru the class?
[Sat Jan 23 23:55:13 2016] <jrw> when I looked at your problem, I didn't solve it because i remembered the right lemmas, but because I was looking for them
[Sat Jan 23 23:55:25 2016] <jrw> yeah, like 5 or 6 years ago now
[Sat Jan 23 23:55:37 2016] <lingxiao> boy you have a good memory
[Sat Jan 23 23:55:42 2016] <jrw> no!
[Sat Jan 23 23:55:52 2016] <jrw> that's my point
[Sat Jan 23 23:56:15 2016] <lingxiao> oh ops read the sentence you wrote wrong haha
[Sat Jan 23 23:56:52 2016] <jrw> I feel like SF really teaches you to just grind and not think, and you end up not even noticing the lemma you need was the previous exercise.
[Sat Jan 23 23:57:20 2016] <lingxiao> yeah im beginning to see that kind of :( makes me wonder if I should go thru it at all
[Sat Jan 23 23:57:29 2016] <lingxiao> I was hoping to learn type theory actually haha
[Sat Jan 23 23:57:53 2016] <lingxiao> which Im guessing would not be this course
[Sun Jan 24 00:00:15 2016] <jrw> to be clear, I think SF is awesome and I learned a lot from it
[Sun Jan 24 00:00:47 2016] <lingxiao> what did you learn if I could ask?
[Sun Jan 24 00:00:55 2016] <jrw> well I learned coq
[Sun Jan 24 00:01:08 2016] <jrw> but it also was a good jumping off point to learn dependent type theory
[Sun Jan 24 00:01:22 2016] <lingxiao> haha true .. oh good thats what I was hoping to learn
[Sun Jan 24 00:01:57 2016] <jrw> lingxiao: do you know about OPLSS?
[Sun Jan 24 00:02:20 2016] <lingxiao> no do you mean :Oregon Programming Languages Summer School?
[Sun Jan 24 00:02:25 2016] <jrw> yeah
[Sun Jan 24 00:02:35 2016] <lingxiao> oo lots of videos i see
[Sun Jan 24 00:02:44 2016] <jrw> yeah, too many to choose from :)
[Sun Jan 24 00:02:47 2016] <jrw> but they're really good
[Sun Jan 24 00:02:50 2016] <lingxiao> thats really neat thanks!
[Sun Jan 24 00:03:09 2016] <lingxiao> will def be taking a look!
[Sun Jan 24 02:49:37 2016] <cocreature> johnw: thanks for the answer!
[Sun Jan 24 11:22:35 2016] <pmetzger> Hey, could I impose on someone to add keywords "haspatch maintainer" to https://trac.macports.org/ticket/50428 ? I forgot when I created the ticket. (Or even just apply the patch. :) )
[Sun Jan 24 12:38:19 2016] <pmetzger> also, can we close https://trac.macports.org/ticket/22726 ?
[Sun Jan 24 16:38:11 2016] <pharpend> Hey guys
[Sun Jan 24 16:39:41 2016] <pharpend> Is there a way to get coqc to backtrack through the Requirements in a directory? So, if X.v requires Y.v; I order compilation of X.v; coqc is smart and compiles Y.v first.
[Sun Jan 24 16:46:35 2016] <pharpend> oh goddammit
[Sun Jan 24 16:46:48 2016] <pharpend> the newest coq doesn't work with sf
[Sun Jan 24 16:47:08 2016] <pharpend> or rather, sf doesn't work with the latest version
[Sun Jan 24 16:49:43 2016] <jrw> pharpend: sf hasn't been updated to 8.5, which was just released a few days ago. my guess is that it will be ported sometime in the next year.
[Sun Jan 24 16:50:15 2016] <jrw> pharpend: about dependency tracking, usually people use coqdep and coq_makefile for this
[Sun Jan 24 16:51:05 2016] <pharpend> well, it's a moot point now, because silly Arch Linux decided I need the latest version of Coq
[Sun Jan 24 16:51:41 2016] <jrw> you can see an example of coq_makefile at https://github.com/uwplse/verdi/blob/master/core/Makefile
[Sun Jan 24 16:52:53 2016] <jrw> pharpend: I haven't used arch in a year or so, but I wouldn't be surprised if someone has a package for coq 8.4
[Sun Jan 24 16:53:02 2016] <companion_cube> is 8.5 really that not backward compatible?!
[Sun Jan 24 16:53:06 2016] <pharpend> yep
[Sun Jan 24 16:55:32 2016] <pharpend> jrw: I'm emailing Benjamin Pierce, on the off chance 100 other Arch users haven't emailed him already
[Sun Jan 24 16:57:26 2016] <companion_cube> 100 Coq users that would also be on arch? that's a lot!
[Sun Jan 24 16:57:41 2016] <pharpend> I suppose there aren't many Coq users
[Sun Jan 24 16:58:17 2016] <pharpend> There are a lot of Arch users, though, it's one of the more popular Linux distributions
[Sun Jan 24 16:58:41 2016] <companion_cube> I use arch, but have actually Coq installed through opam
[Sun Jan 24 16:58:47 2016] <pharpend> hmm
[Sun Jan 24 16:59:00 2016] <pharpend> I used to use Gentoo, and I could just impose version locks
[Sun Jan 24 16:59:09 2016] <pharpend> I don't have time to compile everything, though
[Sun Jan 24 16:59:19 2016] <pharpend> Let me try the opam method
[Sun Jan 24 16:59:41 2016] <companion_cube> with opam you can install an older version, indeed
[Sun Jan 24 17:02:37 2016] <companion_cube> looks like 8.5 also broke Coquille :?
[Sun Jan 24 17:02:38 2016] <companion_cube> :/
[Sun Jan 24 17:04:08 2016] <pharpend> companion_cube: what's that
[Sun Jan 24 17:04:18 2016] <companion_cube> a small plugin to vim
[Sun Jan 24 17:04:33 2016] <pharpend> I found coquillo, which is completely unrelated software
[Sun Jan 24 17:04:53 2016] <pharpend> I don't know about Vim, I use Emacs
[Sun Jan 24 17:06:12 2016] <companion_cube> I use vim, and the Coq ecosystem isn't very supportive :p
[Sun Jan 24 17:06:37 2016] <pharpend> ProofGeneral is pretty nice
[Sun Jan 24 17:06:43 2016] <pharpend> I could never get around to figuring out CoqIDE
[Sun Jan 24 17:07:39 2016] <companion_cube> well that's nice, but it requires using emacs...
[Sun Jan 24 17:07:49 2016] <pharpend> You can make Emacs usable
[Sun Jan 24 17:07:51 2016] <companion_cube> same for company-coq, it looks awesome but not for me
[Sun Jan 24 17:07:54 2016] <pharpend> it's difficult
[Sun Jan 24 17:07:57 2016] <pharpend> but you can
[Sun Jan 24 17:08:10 2016] <pharpend> I spent several years doing so;
[Sun Jan 24 17:08:27 2016] <pharpend> There are a number of alternate "distributions" of Emacs that are *much* nicer
[Sun Jan 24 17:09:00 2016] <companion_cube> yeah but vim is in my muscle memory :/
[Sun Jan 24 17:09:04 2016] <pharpend> One of them, spacemacs I think it's called, has all the vim emulation set up out of the box
[Sun Jan 24 17:09:33 2016] <pharpend> so all of your muscle memory would be intact. Your vim extensions wouldn't work, but there are more than likely equivalent extensions to Emacs
[Sun Jan 24 17:11:01 2016] <pharpend> okay yay! I installed 8.4, everything works again!
[Sun Jan 24 17:11:09 2016] <companion_cube> :D
[Sun Jan 24 17:12:57 2016] <pharpend> The key to having a stable system is to compile everything by hand
[Sun Jan 24 17:13:06 2016] <pharpend> otherwise, when you update your software, everything breaks
[Sun Jan 24 17:13:22 2016] <pharpend> so if you compile everything by hand, and never update it, you'll be golden
[Sun Jan 24 17:14:38 2016] <pharpend> I learned that the hard way back when I used Gentoo, and I foolishly tried to do a system update
[Mon Jan 25 11:54:05 2016] <johnw> pharpend: or use Nix, which only does atomic upgrades, and supports system rollbacks
[Mon Jan 25 12:23:10 2016] <hodapp> I want to use Nix more, but Arch Linux is making that difficult -_-
[Mon Jan 25 12:23:23 2016] <hodapp> so I've a NixOS VM in QEMU, and Nix on my Macbook
[Mon Jan 25 12:51:17 2016] <johnw> how does arch make it difficult?
[Mon Jan 25 12:52:18 2016] <hodapp> johnw: I keep running into https://github.com/NixOS/nix/issues/599 or possibly unrelated issues discussed therein
[Mon Jan 25 12:53:24 2016] <johnw> oh, yuck
[Mon Jan 25 12:53:56 2016] <hodapp> some Nix folks had solutions that "should" "work"
[Mon Jan 25 12:54:01 2016] <hodapp> but none of it worked right for me
[Mon Jan 25 14:38:55 2016] <pharpend> johnw: I've always had trouble with Nix. I tried to use the whole NixOS once, but I had some blocker issue, I can't remember what it was. I haven't tried just-nix-the-package-manager in a while. My memory is, it generally creates problems on Arch
[Mon Jan 25 14:39:23 2016] <pharpend> johnw: Although, maybe in my current line of work, I should switch to a different distribution. Arch seems to be causing many problems recently
[Mon Jan 25 14:40:57 2016] <pharpend> I've used Arch for the longest time, mostly because when I get a new computer, Arch is the only distribution that supports the hardware, Arch being super up-to-date and all
[Mon Jan 25 14:41:20 2016] <pharpend> I've been on my current set of hardware for some months now, so Debian likely supports it
[Mon Jan 25 14:41:22 2016] <pharpend> well
[Mon Jan 25 14:41:28 2016] <pharpend> Debian unstable, maybe
[Mon Jan 25 14:41:38 2016] <pharpend> In 15 years, Debian stable might work
[Mon Jan 25 14:46:30 2016] <sunnymilk> hahaha
[Mon Jan 25 14:48:49 2016] <hodapp> Nix & NixOS worked fine for me outside of Arch
[Mon Jan 25 14:48:56 2016] <hodapp> and outside of my RasPi which had its own set of issues o_O
[Mon Jan 25 15:27:22 2016] <johnw> I like Nix (the package manager) especially for keeping separate envirnoments around to run Coq 8.4, Coq 8.5, and Coq HEAD
[Mon Jan 25 15:27:33 2016] <johnw> I just start Emacs up inside which environment is relative to the day's work
[Mon Jan 25 23:07:07 2016] <lingxiao> h3y all
[Mon Jan 25 23:07:13 2016] <lingxiao> coudl someone help me prove this?
[Mon Jan 25 23:07:57 2016] <lingxiao> http://lpaste.net/150880
[Mon Jan 25 23:08:24 2016] <lingxiao> i know of no tactics of how to reduce the fucntion!
[Mon Jan 25 23:13:16 2016] <artart78> lingxiao: unfold fold_length. maybe?
[Mon Jan 25 23:13:52 2016] <lingxiao> so what does unfold do? I see it's expanded the def of fold_length
[Mon Jan 25 23:13:56 2016] <lingxiao> but what is it in principle
[Mon Jan 25 23:13:57 2016] <lingxiao> ?
[Mon Jan 25 23:14:49 2016] <artart78> it.. unfolds the definitions :D it's just replacing something with its definition
[Mon Jan 25 23:16:11 2016] <lingxiao> ah great thansk!
[Mon Jan 25 23:16:18 2016] <lingxiao> maybe i ask you one more question?
[Mon Jan 25 23:16:21 2016] <lingxiao> I m realy lost here
[Mon Jan 25 23:16:50 2016] <lingxiao> http://lpaste.net/
[Mon Jan 25 23:16:53 2016] <lingxiao> the last therorem
[Mon Jan 25 23:25:36 2016] <artart78> lingxiao: sure, try giving the correct url though :D
[Mon Jan 25 23:25:52 2016] <lingxiao> http://lpaste.net/150881
[Mon Jan 25 23:25:53 2016] <lingxiao> sorry!
[Mon Jan 25 23:26:38 2016] <artart78> what do you want to know?
[Mon Jan 25 23:29:31 2016] <lingxiao> how to complete the last proof
[Mon Jan 25 23:29:50 2016] <lingxiao> once the fold_length def is expanded i am stuck
[Mon Jan 25 23:33:15 2016] <artart78> can you give a full file? I'm lacking cons_app_equiv and app_assoc
[Mon Jan 25 23:36:23 2016] <lingxiao> yup here it is
[Mon Jan 25 23:36:24 2016] <lingxiao> http://lpaste.net/150882
[Mon Jan 25 23:36:34 2016] <lingxiao> however cons_app_equiv may not be needed
[Mon Jan 25 23:36:48 2016] <lingxiao> I was just flailing about
[Mon Jan 25 23:50:39 2016] <artart78> lingxiao: damn, sorry, it seems my Coq version is not compatible with software foundations, so I'm just going to say how the proof should go on:
[Mon Jan 25 23:50:55 2016] <artart78> the l1 = nil case should be trivial
[Mon Jan 25 23:51:24 2016] <artart78> then you have l1 = h :: q, you should rewrite (l1 ++ l2) ie ((h :: q) ++ l2) in (h :: (q ++ l2))
[Mon Jan 25 23:51:57 2016] <artart78> that way, you can put 'h' aside using the definition, and use the induction hypothesis on 'q ++ l
[Mon Jan 25 23:52:02 2016] <artart78> on q and l2*
[Mon Jan 25 23:52:14 2016] <artart78> you shouldn't need an induction on l2
[Tue Jan 26 00:07:33 2016] <jrw> lingxiao: still there?
[Tue Jan 26 00:07:43 2016] <lingxiao> yup! will try it out now
[Tue Jan 26 00:07:45 2016] <lingxiao> thank you!
[Tue Jan 26 11:32:10 2016] <lingxiao> anyone here?
[Tue Jan 26 11:45:09 2016] <johnw> hi lingxiao
[Tue Jan 26 11:45:27 2016] <lingxiao> hey man I'm super stuck on a proof and I'm wondering if you might help me?
[Tue Jan 26 11:45:31 2016] <johnw> sure
[Tue Jan 26 11:47:08 2016] <lingxiao> http://lpaste.net/150932
[Tue Jan 26 11:47:12 2016] <lingxiao> it's all the way at the bottom
[Tue Jan 26 11:47:18 2016] <lingxiao> [lemma fold_len_distr]
[Tue Jan 26 11:47:37 2016] <lingxiao> now the final goal is to prove [fold_length_correct], so if we can do it w/o the lemma it's also ok
[Tue Jan 26 11:47:41 2016] <lingxiao> hold brb moving computer
[Tue Jan 26 12:04:04 2016] <johnw> back
[Tue Jan 26 12:04:31 2016] <johnw> evaluating this is the sf directory, I get "Error: Unknown interpretation for notation "_ && _"."
[Tue Jan 26 12:04:38 2016] <johnw> not sure what's going on, and I'm a bit short on time
[Tue Jan 26 12:05:31 2016] <lingxiao> no its all good!
[Tue Jan 26 12:06:57 2016] <johnw> ah, I was able to skip it
[Tue Jan 26 12:09:59 2016] <johnw> lingxiao: https://gist.github.com/e2f2a45005af3b74b860
[Tue Jan 26 12:12:14 2016] <lingxiao> johnw thanks! I'll take a look at it now!!
[Tue Jan 26 12:14:03 2016] <johnw> lingxiao: the reason I unfolded is that you don't have any helper lemmas defined in terms of fold_length, the definition of fold_length is trivial, and we want simplification to result in terms of the same "shape" as the induction hypothesis
[Tue Jan 26 12:14:42 2016] <johnw> higher level definitions are very convenient, but never feel obligation to prove things in terms of them
[Tue Jan 26 12:16:15 2016] <lingxiao> when it says [unfold fold_length in *.]
[Tue Jan 26 12:16:19 2016] <lingxiao> what is the [*]
[Tue Jan 26 12:16:31 2016] <johnw> "unfold it everywhere"
[Tue Jan 26 12:16:31 2016] <lingxiao> does that mean pattern match for fold_length whereever it appears?
[Tue Jan 26 12:16:34 2016] <lingxiao> ahh ok
[Tue Jan 26 12:16:43 2016] <lingxiao> yeah I was trying to do that lol
[Tue Jan 26 12:16:49 2016] <lingxiao> my vocab is very limited in coq ahha
[Tue Jan 26 12:17:22 2016] <lingxiao> ahh it worked!
[Tue Jan 26 12:17:23 2016] <lingxiao> thanks man!
[Tue Jan 26 12:17:33 2016] <lingxiao> learned a new tactic today
[Tue Jan 26 12:31:14 2016] <tbelaire1> If I have a inductive typing rule for a language
[Tue Jan 26 12:31:35 2016] <tbelaire1> and I want to have a proposition for "the typing rule doesn't contain downcasts"
[Tue Jan 26 12:31:46 2016] <tbelaire1> what would be the cleanest way to write that?
[Tue Jan 26 12:32:31 2016] <tbelaire1> I could make a new inductive type over expressions, just without those rules, and a projecting into the more permissive typing rules
[Tue Jan 26 12:32:46 2016] <tbelaire1> or I could make a proposition over typing rules
[Tue Jan 26 12:38:03 2016] <tbelaire> And I have a similar thing were I want to extend the expression language with a new term LIB, and have some lemmas relating the evaluation of the two
[Tue Jan 26 12:38:14 2016] <tbelaire> I could make a separate inductive type
[Tue Jan 26 12:38:27 2016] <tbelaire> but that sounds like I'd need to write all the proofs again
[Tue Jan 26 12:38:39 2016] <tbelaire> and all the typing rules too
[Tue Jan 26 12:38:51 2016] <tbelaire> which doesn't sound fun
[Tue Jan 26 12:38:55 2016] <johnw> tbelaire: it's called "the expression problem"
[Tue Jan 26 12:38:59 2016] <johnw> see much research :)
[Tue Jan 26 12:39:09 2016] <tbelaire> Thanks, now I know what to google
[Tue Jan 26 12:39:11 2016] <johnw> there are ways to build compositional expression languages
[Tue Jan 26 12:39:24 2016] <johnw> tbelaire: for example: https://www.google.com/search?q=data%20types%20a%20la%20carte
[Tue Jan 26 12:39:43 2016] <tbelaire> nice
[Tue Jan 26 12:39:45 2016] <tbelaire> thanks
[Tue Jan 26 12:40:53 2016] <tbelaire> :D
[Tue Jan 26 12:54:27 2016] <johnw> tbelaire: also note that while the Free monad won't work in Coq, the Freer monad will (see the Free I define in coq-haskell, which is actually Freer)
[Tue Jan 26 12:54:50 2016] <tbelaire> okay
[Tue Jan 26 13:13:18 2016] <tbelaire> I am working off an existing formalization of featherweight java, so translating everything into the freer monad is a bit more invasive than I'd like
[Tue Jan 26 13:13:23 2016] <tbelaire> I have another idea
[Tue Jan 26 13:13:46 2016] <tbelaire> But I have a feeling it might be too clever for it's own good
[Tue Jan 26 13:14:21 2016] <tbelaire> extend my expression type with a parameter a, then have the lib constructor take an a
[Tue Jan 26 13:14:58 2016] <tbelaire> to get the version of expr without lib, we pass False in as a, so you can never construct a lib expr
[Tue Jan 26 13:15:09 2016] <tbelaire> and with lib pass in ()
[Tue Jan 26 13:53:52 2016] <johnw> you could certainly make your expr language conditional
[Tue Jan 26 14:18:16 2016] <tbelaire> I'm a little afraid of the aphorism "Debugging is always harder than coding.  If are as clever as you can be when writing your code, how will you debug it?"
[Tue Jan 26 14:18:36 2016] <tbelaire> But I think I'll give it a try and see how that works
[Wed Jan 27 12:06:33 2016] <lingxiao_> hey is anyone around?
[Wed Jan 27 12:07:32 2016] <lingxia__> ping connection
[Wed Jan 27 12:10:32 2016] <ianjneu> Pong
[Wed Jan 27 12:12:21 2016] <lingxia__> sweet!
[Wed Jan 27 12:12:32 2016] <lingxia__> I am stuck on a proof, I am wondering if you might be of some help?
[Wed Jan 27 12:12:33 2016] <lingxia__> :)
[Wed Jan 27 12:13:05 2016] <ianjneu> Depends on how much context I'd need to consume. If you're in a CompCert proof, I can't help you.
[Wed Jan 27 12:14:07 2016] <lingxia__> huh? im guesing not haha
[Wed Jan 27 12:14:21 2016] <lingxia__> but here it is
[Wed Jan 27 12:14:23 2016] <lingxia__> https://github.com/lingxiao/CIS500/blob/master/hw2/Induction.v
[Wed Jan 27 12:14:35 2016] <lingxia__> line 647, but you only have to read a few lines to figure out what's going on
[Wed Jan 27 12:15:16 2016] <ianjneu> You at UPenn?
[Wed Jan 27 12:16:43 2016] <lingxia__> yup
[Wed Jan 27 12:16:48 2016] <lingxia__> acgtually that link is out of data
[Wed Jan 27 12:16:50 2016] <lingxia__> date*
[Wed Jan 27 12:16:59 2016] <lingxia__> or er it should be up to date if you refresh it
[Wed Jan 27 12:17:27 2016] <lingxia__> ianjneu did you go here?
[Wed Jan 27 12:18:27 2016] <ianjneu> lingxia__: no, I got my PhD at Northeastern. We're good friends with UPenn.
[Wed Jan 27 12:18:48 2016] <ianjneu> I know "CIS" is the course prefix at UPenn too.
[Wed Jan 27 12:18:49 2016] <lingxia__> oh nice that makes us best of buddies then haha
[Wed Jan 27 12:19:02 2016] <lingxia__> yeah its either that or CS, are the two that I know of
[Wed Jan 27 12:20:31 2016] <ianjneu> Sorry, but this is a bit too much to consume to help with while at work. I have to leave in 10 too. I'll give it a go until then.
[Wed Jan 27 12:21:46 2016] <lingxia__> ok great thanks for even considering !
[Wed Jan 27 12:40:20 2016] <ianjneu> lingxiao: try "forall b, bin_un' b = bin_un b", "forall b, un_bin (bin_un (incr_bin b)) = incr_bin (un_bin (bin_un b))"
[Wed Jan 27 12:42:53 2016] <lingxiao> i'km sorry how does [un_bin (bin_un (incr_bin b)) = incr_bin (un_bin (bin_un b))] come into play in [bin_un_norm_roundrip]
[Wed Jan 27 12:43:15 2016] <lingxiao> btw the assetion is really: [forall b : bin,  un_bin (bin_un' b) = normalize b.]
[Wed Jan 27 13:31:53 2016] <lingxiao> hey all
[Wed Jan 27 13:32:04 2016] <lingxiao> true by definiition
[Wed Jan 27 13:32:15 2016] <lingxiao> how would i say in a proof that something is true by defnitiion
[Wed Jan 27 13:34:08 2016] <lingxiao> actually nvm
[Wed Jan 27 13:40:37 2016] <Nik05> cool 8.5 is out already
[Wed Jan 27 14:04:22 2016] <Nik05> just got into debian
[Wed Jan 27 22:22:55 2016] <acertain> does anyone know of performance comparisons between different combinations of {explicit substitutions, hash consing, memoization, etc} for typechecking?
[Thu Jan 28 03:21:36 2016] <johnw> dependent types are driving me nuts
[Thu Jan 28 03:21:58 2016] <Cypi> eh
[Thu Jan 28 03:22:13 2016] <johnw> for example, I can prove this easily:
[Thu Jan 28 03:22:14 2016] <johnw> forall (Heqe : x = y), H = rew <- Heqe in J -> existT P x H = existT P y J.
[Thu Jan 28 03:22:25 2016] <johnw> but the existence of "rew <- Heqe" in there is causing me enormous difficult
[Thu Jan 28 03:22:29 2016] <johnw> y
[Thu Jan 28 03:22:47 2016] <johnw> because H is dependent on x, and J is dependent on y
[Thu Jan 28 03:23:57 2016] <johnw> basically I want an f_equal3 that works on existT
[Thu Jan 28 03:26:41 2016] <Cypi> What do you mean by 'the existence of "rew <- Heqe"'?
[Thu Jan 28 03:26:58 2016] <johnw> I start from a goal of existT P x H = existT P y
[Thu Jan 28 03:27:06 2016] <johnw> now I have to prove H = rew <- Heqe in J
[Thu Jan 28 03:27:11 2016] <johnw> not sure how to do that
[Thu Jan 28 03:30:54 2016] <Cypi> I guess it depends on H and J. You certainly cannot prove that in general, can you?
[Thu Jan 28 03:31:23 2016] <johnw> well, in my current case, J = fmap id H
[Thu Jan 28 03:32:51 2016] <johnw> anyway, I'm trying to prove that a certain sigT is a functor
[Thu Jan 28 03:32:59 2016] <johnw> and this dependency is stopping me cold
[Thu Jan 28 03:33:32 2016] <johnw> it's like "dependent equality", if that makes sense
[Thu Jan 28 03:35:11 2016] <johnw> oh, hey, EqdepFacts uses the same trick in eq_dep1_dep
[Thu Jan 28 03:35:19 2016] <johnw> so maybe I'm not too far off the rails
[Thu Jan 28 10:11:51 2016] <lingxiao> hey all
[Thu Jan 28 10:11:57 2016] <lingxiao> is anyone around and would liek to help me with a couple of questions?
[Thu Jan 28 10:59:47 2016] <rrika> lingxiao, ask head
[Thu Jan 28 11:00:36 2016] <lingxiao> great!
[Thu Jan 28 11:00:38 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw3/Poly.v
[Thu Jan 28 11:00:58 2016] <lingxiao> search for [exp (n m : nat)] all the way at the bottom
[Thu Jan 28 11:01:08 2016] <lingxiao> its basically exponentitation in church numuerals
[Thu Jan 28 11:01:17 2016] <lingxiao> this one's really grinding me rrika
[Thu Jan 28 11:14:04 2016] <rrika> lingxiao, I see
[Thu Jan 28 11:14:07 2016] <rrika> I'm suprised though
[Thu Jan 28 11:14:15 2016] <rrika> that your definition of exp does not build upon "mult"
[Thu Jan 28 11:14:15 2016] <lingxiao> how so?
[Thu Jan 28 11:14:24 2016] <lingxiao> oh i tried that one too
[Thu Jan 28 11:14:26 2016] <lingxiao> but no good
[Thu Jan 28 11:14:44 2016] <rrika> I think you should try that again
[Thu Jan 28 11:15:09 2016] <lingxiao> was this at one point [Definition exp (n m : nat) : nat := fun X f x => m X ((mult n n) X f) x. ]
[Thu Jan 28 11:15:24 2016] <lingxiao> which makes no sense since I imeidately get mult n n
[Thu Jan 28 11:15:46 2016] <lingxiao> i could do [m X f (somewith mult n) ]
[Thu Jan 28 11:15:48 2016] <rrika> ah you need a lamdba
[Thu Jan 28 11:15:56 2016] <rrika> m X (fun … somethingmult) …
[Thu Jan 28 11:16:19 2016] <rrika> basically
[Thu Jan 28 11:16:24 2016] <rrika> 3^5 =
[Thu Jan 28 11:16:35 2016] <rrika> times3 (times3 (times3 (times3 ( 3 ) ) ) )
[Thu Jan 28 11:16:44 2016] <rrika> And times3 takes an argument
[Thu Jan 28 11:17:04 2016] <rrika> which is the argument to the fun that you apply "m X" to
[Thu Jan 28 11:17:21 2016] <rrika> "times_n" would be more accurate
[Thu Jan 28 11:22:24 2016] <rrika> lingxiao, I gotta go, I'll be back in a few hours
[Thu Jan 28 11:22:33 2016] <rrika> maybe see if "m N … one" gets you anywhere
[Thu Jan 28 11:22:36 2016] <lingxiao> great thanks!
[Thu Jan 28 11:22:44 2016] <lingxiao> I'll keep trying
[Thu Jan 28 11:22:55 2016] <rrika> (I tried this but got a "universe inconsistency" so IDK)
[Thu Jan 28 11:27:13 2016] <tbelaire> I'm currently passing a "flag : Set" into my datastructure to enable/disable a particular case, by passing Empty_set or unit
[Thu Jan 28 11:27:30 2016] <tbelaire> is there  a way to constrain the flag to only being one or the other, and not any set?
[Thu Jan 28 11:30:33 2016] <tbelaire> I would try an inductive type, but I don't see how it would work
[Thu Jan 28 11:36:48 2016] <mortberg> is there some way of making coq not write ... when printing too long lines?
[Thu Jan 28 11:39:07 2016] <mortberg> nvm, Set Printing Depth seems to be what I'm looking for
[Thu Jan 28 18:11:20 2016] <lingxiao> hey is someone around?
[Thu Jan 28 19:04:14 2016] <jrw> lingxi___: someone is always here :)
[Thu Jan 28 20:05:00 2016] <Nik05> lingxiao are you at the church numerals?
[Thu Jan 28 20:05:47 2016] <Nik05> oh isnt here
[Thu Jan 28 20:06:20 2016] <Nik05> but exp := λm.λn.n m
[Thu Jan 28 20:10:25 2016] <Nik05> im going to do rel.v tomorrow i think
[Thu Jan 28 20:10:44 2016] <Nik05> but first i need to read a little anout sets and relations
[Fri Jan 29 07:41:05 2016] <irishsultan> :q
[Fri Jan 29 07:41:31 2016] <irishsultan> that was obviously not intended for this channel
[Sat Jan 30 08:20:50 2016] <Nik05> What to do with Anomaly: File "stm/stm.ml", line 1860, characters 53-59: Assertion failed.
[Sat Jan 30 08:21:00 2016] <Nik05> Please report. ?
[Sat Jan 30 08:26:38 2016] <Nik05> im using the latest Coq
[Sat Jan 30 09:03:29 2016] <sgnb> Nik05: https://coq.inria.fr/bugs/
[Sat Jan 30 09:19:53 2016] <Nik05> thank you sgnb
[Sun Jan 31 03:52:29 2016] <benzrf> if you model coq in coq, can you prove that LEM is not a theorem of the model
[Sun Jan 31 03:52:53 2016] <benzrf> (i'm using model as an english word, not as in model theory)
[Sun Jan 31 17:47:37 2016] <Talia> does anyone know where i can find the terms (just syntax) of CIC written out symbolically e.g. t := Prop | Set | Type | .... ? I see 4.1.3. of http://flint.cs.yale.edu/cs428/coq/doc/Reference-Manual006.html#Cic but I'd rather have a formal definition
[Sun Jan 31 18:39:23 2016] <jgross> Talia: Is appendices A.1 and A.2 of the HoTT Book (http://homotopytypetheory.org/book/) what you're looking for? 
[Sun Jan 31 18:51:16 2016] <rribeiro> Hello to all! I'm having a little trouble in how to import a (compiled) file. I'm formalizing some stuff and, for organization, I've put some files in separate folders, like Data, Tactics and Functions, all in the same root directory. How can use a file in Data folder in a file in Functions folder?
[Mon Feb  1 11:51:44 2016] <tbelaire> Is there a nice way to get a Type consisting of two Sets, one being isomorphic to unit and the other to emptyset?
[Mon Feb  1 11:52:40 2016] <benzrf> tbelaire: well, coq's type system doesn't do subtyping
[Mon Feb  1 11:52:51 2016] <benzrf> what do you mean by a type consisting of two sets exactly
[Mon Feb  1 11:59:26 2016] <Cypi> tbelaire : do you mean something like "unit + Empty"? Problem is that this type is isomorphic to unit, of course.
[Mon Feb  1 11:59:38 2016] <tbelaire> Yeah
[Mon Feb  1 12:00:03 2016] <tbelaire> I wanted to help the inference of my implicit parameters
[Mon Feb  1 12:00:12 2016] <tbelaire> when it could only be one or the other
[Mon Feb  1 12:00:43 2016] <Saizan> maybe a typeclass then? with just those two instances? not sure if it actually helps
[Mon Feb  1 12:01:00 2016] <tbelaire> https://gist.github.com/tbelaire/b77620217d543134bf0c
[Mon Feb  1 12:01:23 2016] <tbelaire> I haven't touched typeclasses in Coq yet...
[Mon Feb  1 12:01:41 2016] <tbelaire> I guess I want True + False
[Mon Feb  1 12:01:54 2016] <tbelaire> so, Bool instead of bool
[Mon Feb  1 12:02:00 2016] <tbelaire> if that makes any sense
[Mon Feb  1 12:02:11 2016] <Cypi> (I meant "unit + Empty_set" above, not Empty)
[Mon Feb  1 12:48:03 2016] <benzrf> Cypi: [unit + Empty_set] is wrong, the elements are elements of the types, not the types themselves
[Mon Feb  1 12:50:12 2016] <Cypi> So... {S : Set | S = unit \/ S = Empty_set}? That looks very strange. Well, nevermind, I'm not sure I understand the problem anyway
[Mon Feb  1 12:52:54 2016] <benzrf> Cypi: that's what i would've answered if my goal were to get instant "yeah i think that's what I'm looking for", but i doubt it's what tbelaire was looking for
[Mon Feb  1 12:53:32 2016] <tbelaire> Well, that's actually reasonable, I think
[Mon Feb  1 12:53:49 2016] <tbelaire> lets see if it fixes the inference problems I've been having
[Mon Feb  1 12:54:59 2016] <benzrf> tbelaire: unit : that_type will not check
[Mon Feb  1 12:55:09 2016] <tbelaire> yeah
[Mon Feb  1 12:55:20 2016] <tbelaire> I don't mind wrapping it
[Mon Feb  1 12:55:32 2016] <benzrf> there's probably a better way to accomplish whatever you're doing :v
[Mon Feb  1 12:55:51 2016] <tbelaire> That's a common feeling for all my work in Coq
[Mon Feb  1 12:55:59 2016] <benzrf> :)
[Mon Feb  1 12:56:13 2016] <tbelaire> also, if I do Definition HasLib : Type := (*the above*).
[Mon Feb  1 12:56:35 2016] <tbelaire> I'm getting an error when I try and take it as a constructor argument
[Mon Feb  1 12:56:37 2016] <tbelaire> with The term "with_lib" has type "HasLib" which should be Set, Prop or Type.
[Mon Feb  1 12:57:12 2016] <tbelaire> when with_lib : HasLib
[Mon Feb  1 12:57:29 2016] <tbelaire> oh, wait okay, I get it
[Mon Feb  1 12:57:33 2016] <benzrf> told you :P
[Mon Feb  1 12:57:45 2016] <tbelaire> HasLib is an element of Type, not Type itself
[Mon Feb  1 12:57:47 2016] <tbelaire> okay
[Mon Feb  1 12:57:48 2016] <benzrf> tbelaire: hold on, why are you using it as a constructor argument
[Mon Feb  1 12:57:49 2016] <tbelaire> yeah
[Mon Feb  1 12:57:58 2016] <tbelaire> The gist from above
[Mon Feb  1 12:58:03 2016] <benzrf> * scrolls up
[Mon Feb  1 12:58:25 2016] <tbelaire> I've trying to have a particular expression statically ruled out
[Mon Feb  1 12:58:46 2016] <tbelaire> since I don't want to have two parallel types and repeat allllll the proofs again
[Mon Feb  1 12:59:15 2016] <benzrf> tbelaire: why don't you do this:
[Mon Feb  1 12:59:24 2016] <benzrf> er, 1 second
[Mon Feb  1 12:59:26 2016] <tbelaire> sure
[Mon Feb  1 12:59:50 2016] <benzrf> oh wait shit
[Mon Feb  1 12:59:54 2016] <benzrf> nvm x_X
[Mon Feb  1 12:59:59 2016] <benzrf> tbelaire: well, why not just use bool?
[Mon Feb  1 13:00:22 2016] <tbelaire> how?
[Mon Feb  1 13:00:35 2016] <tbelaire> I want True + False, not true + false
[Mon Feb  1 13:00:40 2016] <benzrf> replace [{with_lib : Set}] with [{with_lib : bool}]
[Mon Feb  1 13:00:47 2016] <benzrf> then replace
[Mon Feb  1 13:00:49 2016] <benzrf> | tm_lib : with_lib -> tm_helper
[Mon Feb  1 13:00:51 2016] <benzrf> with
[Mon Feb  1 13:00:59 2016] <tbelaire> ooooh
[Mon Feb  1 13:01:01 2016] <tbelaire> ight
[Mon Feb  1 13:01:02 2016] <benzrf> | tm_lib : (if with_lib then unit else False_set) -> tm_helper
[Mon Feb  1 13:01:03 2016] <tbelaire> this is not haskell
[Mon Feb  1 13:01:06 2016] <benzrf> :)
[Mon Feb  1 13:01:13 2016] <benzrf> or even:
[Mon Feb  1 13:01:18 2016] <benzrf> | tm_lib : tm_helper true
[Mon Feb  1 13:01:28 2016] <tbelaire> that works
[Mon Feb  1 13:01:30 2016] <tbelaire> yeah
[Mon Feb  1 13:01:33 2016] <tbelaire> dang
[Mon Feb  1 13:01:34 2016] <benzrf> oh, er
[Mon Feb  1 13:01:42 2016] <tbelaire> trying it
[Mon Feb  1 13:01:44 2016] <benzrf> that would require that with_lib be an argument, not an index
[Mon Feb  1 13:02:02 2016] <benzrf> s/argument/parameter
[Mon Feb  1 13:02:51 2016] <tbelaire> ?
[Mon Feb  1 13:03:20 2016] <benzrf> do you know the difference between parameters and indices in an inductive type definition?
[Mon Feb  1 13:03:27 2016] <tbelaire> no
[Mon Feb  1 13:03:29 2016] <benzrf> hoo bo
[Mon Feb  1 13:03:31 2016] <benzrf> y
[Mon Feb  1 13:03:41 2016] <benzrf> i'm not sure i'm the best person to explain since I only 75% understand them myself
[Mon Feb  1 13:03:45 2016] <benzrf> but basically
[Mon Feb  1 13:03:45 2016] <tbelaire> I'll read something if you've got a reference
[Mon Feb  1 13:03:51 2016] <benzrf> let me google =p
[Mon Feb  1 13:03:53 2016] <johnw> indices may vary across constructors, parameters may not
[Mon Feb  1 13:04:09 2016] <benzrf> johnw: i don't think that's a very helpful intro
[Mon Feb  1 13:04:11 2016] <johnw> this affects the inversion tactic, for example
[Mon Feb  1 13:04:28 2016] <tbelaire> okay
[Mon Feb  1 13:04:30 2016] <tbelaire> reading http://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Mon Feb  1 13:04:56 2016] <tbelaire> Yes, I want to index
[Mon Feb  1 13:05:28 2016] <benzrf> tbelaire: syntactically speaking, [Inductive foo (bar : X) : Type] declares a parameter, while [Inductive foo : X -> Type] declares an index
[Mon Feb  1 13:05:39 2016] <tbelaire> cool
[Mon Feb  1 13:06:00 2016] <benzrf> tbelaire: if you do the former, the result type of each of your constructors /must/ use 'bar'
[Mon Feb  1 13:06:03 2016] <benzrf> like so:
[Mon Feb  1 13:06:18 2016] <benzrf> Inductive foo (bar : int) : Type := foo_con : foo bar.
[Mon Feb  1 13:06:22 2016] <benzrf> this is invalid: Inductive foo (bar : int) : Type := foo_con : foo 3.
[Mon Feb  1 13:06:38 2016] <benzrf> otoh, indices may be filled in with anything in scope of the type expression
[Mon Feb  1 13:06:40 2016] <tbelaire> Can I do a forall?
[Mon Feb  1 13:06:50 2016] <benzrf> yeah, this is fine:
[Mon Feb  1 13:07:05 2016] <benzrf> wait
[Mon Feb  1 13:07:09 2016] <benzrf> tbelaire: that depends on what you mean
[Mon Feb  1 13:07:11 2016] <benzrf> can you be more specific
[Mon Feb  1 13:07:19 2016] <tbelaire> | tm_false : forall b: bool, tm_helper b
[Mon Feb  1 13:07:23 2016] <tbelaire> kinda deal
[Mon Feb  1 13:07:31 2016] <tbelaire> which looks like it's working
[Mon Feb  1 13:07:41 2016] <benzrf> yes, that's fine as long as the first argument to tm_helper is an index
[Mon Feb  1 13:08:16 2016] <johnw> | tm_false : tm_helper false
[Mon Feb  1 13:08:21 2016] <benzrf> you'll note that in vanilla Haskell, there are only parameters
[Mon Feb  1 13:08:31 2016] <johnw> think Haskell GADTs...
[Mon Feb  1 13:08:38 2016] <benzrf> data Foo x = FooCon x Int
[Mon Feb  1 13:08:46 2016] <tbelaire> yeah
[Mon Feb  1 13:08:58 2016] <tbelaire> I wanted something like GADTs
[Mon Feb  1 13:08:59 2016] <benzrf> the type of 'FooCon' is automatically filled in with the assumption that x is a parameter
[Mon Feb  1 13:09:19 2016] <tbelaire> let me play around with this a bit
[Mon Feb  1 13:09:24 2016] <benzrf> the induction principles that an Inductive declaration generates will treat indices and parameters differently
[Mon Feb  1 13:09:24 2016] <tbelaire> see if it's working
[Mon Feb  1 13:09:49 2016] <benzrf> try defining lists twice, with the element type first as a parameter and then as an index
[Mon Feb  1 13:09:56 2016] <benzrf> and look at the differene between the induction principles it gives you
[Mon Feb  1 13:11:38 2016] <benzrf> (er, by 'defining lists' i mean making a definition for the list type)
[Mon Feb  1 13:11:44 2016] <tbelaire> yeah
[Mon Feb  1 13:12:02 2016] <benzrf> kk, just realized it could be parsed as meaning [Definition l1 := [1, 2, 3].]
[Mon Feb  1 13:13:44 2016] <tbelaire> alright looks like it can infer the types well enough
[Mon Feb  1 13:13:50 2016] <tbelaire> that's helpful
[Mon Feb  1 13:14:12 2016] <tbelaire> now I need to mark all those "forall b,"s as implicit
[Mon Feb  1 13:15:52 2016] <tbelaire> uh, is there a better way than doing Argument tm_true [_]. and so on for each constructor?
[Mon Feb  1 13:17:42 2016] <Cypi> In the definition of each constructor, you can write "forall {b}, ..."
[Mon Feb  1 13:17:47 2016] <Cypi> should work
[Mon Feb  1 13:17:48 2016] <tbelaire> oh, okay
[Mon Feb  1 13:18:11 2016] <Cypi> or even directly " | tm_true {b} : tm_helper b " I believe
[Mon Feb  1 13:18:17 2016] <benzrf> Cypi: ooh, nice
[Mon Feb  1 13:18:43 2016] <tbelaire> ooh
[Mon Feb  1 13:35:43 2016] <johnw> tbelaire: if that doesn't work, then after the inductive definition: Arguments tm_true : default implicits.
[Mon Feb  1 13:36:01 2016] <tbelaire> It does work nicely, thanks
[Mon Feb  1 13:36:45 2016] <benzrf> hold on
[Mon Feb  1 13:37:43 2016] <benzrf> tbelaire: isn't the only constructor that takes a bool as an argument, tm_lib?
[Mon Feb  1 13:38:14 2016] <tbelaire> the others are b: bool -> tm_helper b
[Mon Feb  1 13:38:28 2016] <tbelaire> generic in having any lib expressions or not
[Mon Feb  1 13:38:48 2016] <benzrf> ah
[Mon Feb  1 13:39:49 2016] <johnw> tbelaire: I've used this boolean index trick before too
[Mon Feb  1 13:40:06 2016] <johnw> rather than having separate "raw" and "cooked" types
[Mon Feb  1 13:40:52 2016] <tbelaire> great
[Mon Feb  1 13:40:59 2016] <tbelaire> anything to keep in mind?
[Mon Feb  1 13:41:34 2016] <benzrf> hmm, this seems slightly off
[Mon Feb  1 13:42:01 2016] <benzrf> i'm looking at the gist again and i can't quite infer what you're trying to do
[Mon Feb  1 13:42:24 2016] <benzrf> which is usually a sign of some kind of confusion on the part of the author, or that the code is above my level
[Mon Feb  1 13:42:51 2016] <tbelaire> I've updated the gist
[Mon Feb  1 13:42:53 2016] <tbelaire> https://gist.github.com/tbelaire/b77620217d543134bf0c
[Mon Feb  1 13:43:22 2016] <tbelaire> I'm hoping I can keep all the proofs somewhat generic over both
[Mon Feb  1 13:43:27 2016] <tbelaire> to avoid repeating them
[Mon Feb  1 13:44:08 2016] <benzrf> ah, so, the point of b is that if there's a lib anywhere then the index is forced?
[Mon Feb  1 13:44:16 2016] <tbelaire> exactly
[Mon Feb  1 13:44:22 2016] <tbelaire> Hmm, anyone know where to read more on existT?
[Mon Feb  1 13:44:47 2016] <benzrf> so then you plan on demanding false in the index to ensure the nonpresence of lib?
[Mon Feb  1 13:44:55 2016] <tbelaire> yup
[Mon Feb  1 13:45:09 2016] <benzrf> kk
[Mon Feb  1 14:51:15 2016] <ell> Hi folks
[Mon Feb  1 14:51:47 2016] <benzrf> hey
[Mon Feb  1 14:52:58 2016] <ell> Are there rules for this chat?
[Mon Feb  1 14:55:40 2016] <rrika> no puns
[Mon Feb  1 14:55:49 2016] <ell> I'm trying to prove commutativity for natural numbers
[Mon Feb  1 14:55:55 2016] <ell> I'm not sure how :P
[Mon Feb  1 14:56:00 2016] <ianjneu> ell: If you mean a Coq CoC, I don't think there is an official one. I would recommend Rust's CoC as a good starting point.
[Mon Feb  1 14:56:03 2016] <ell> this is my definition of Nat and a start: https://dpaste.de/q0Mk
[Mon Feb  1 14:56:23 2016] <ell> I just mean "no posting links" or "don't ask to ask, just ask", etc. :)
[Mon Feb  1 14:57:13 2016] <ianjneu> We use links all the time primarily for pastes. Sometimes we talk politics when no one is looking for help.
[Mon Feb  1 14:57:41 2016] <ianjneu> Primarily we reason with Coq's logic. We don't admit ad_hominem.
[Mon Feb  1 14:58:00 2016] <rrika> ell, you can define add by just matching on a
[Mon Feb  1 14:58:07 2016] <rrika> and then do induction on only one of the two
[Mon Feb  1 15:00:48 2016] <ell> Ah yeah of course
[Mon Feb  1 15:00:51 2016] <ell> I'll try that
[Mon Feb  1 15:02:26 2016] <ell> like this: https://dpaste.de/7AQ5?
[Mon Feb  1 15:02:56 2016] <rrika> yeah, looks good
[Mon Feb  1 15:03:09 2016] <ell> well that simplifies it a lot :)
[Mon Feb  1 15:03:51 2016] <rrika> what tutorial are you working with?
[Mon Feb  1 15:03:57 2016] <ell> I'm not :P
[Mon Feb  1 15:04:02 2016] <ell> well
[Mon Feb  1 15:04:09 2016] <ell> I've looked through https://coq.inria.fr/tutorial-nahas
[Mon Feb  1 15:04:18 2016] <ell> I managed to define associativity of addition earlier
[Mon Feb  1 15:04:29 2016] <ell> but I have changed my definition of nat a few times since and it no longer worked
[Mon Feb  1 15:04:34 2016] <ell> so I'm just starting afresh now
[Mon Feb  1 15:04:47 2016] <ell> but I want to prove all of the properties really
[Mon Feb  1 15:04:50 2016] <rrika> Well, "Software Foundations" helps you step by step in these scenarios
[Mon Feb  1 15:05:01 2016] <rrika> because early exercises happen to be building blocks for later ones
[Mon Feb  1 15:05:19 2016] <rrika> doing all kinds of Nat stuff is in the first two chapters IIRC
[Mon Feb  1 15:06:17 2016] <ell> ah thanks
[Mon Feb  1 15:06:22 2016] <ell> I hadn't seen that book
[Mon Feb  1 15:07:27 2016] <rrika> That and http://adam.chlipala.net/cpdt/html/toc.html are two often mentioned ones.
[Mon Feb  1 15:09:06 2016] <ell> thanks
[Mon Feb  1 15:17:08 2016] <ell> I guess I'll go read that :P
[Mon Feb  1 15:17:10 2016] <ell> Bye now :)
[Tue Feb  9 20:06:25 2016] <Smerdyakov> I'm having trouble with this code in Coq 8.5: https://github.com/wangpengmit/6887psets/tree/master/pset0
[Tue Feb  9 20:07:18 2016] <Smerdyakov> It builds with 'make', but then I can't get [Require Pset0Sig] to work in another file in the same directory, from Proof General.
[Tue Feb  9 20:07:46 2016] <Smerdyakov> I can fix the problem "manually" by running the command lines that 'make' runs, but with these arguments removed: -R "." Top
[Tue Feb  9 20:07:51 2016] <Smerdyakov> Anyone know what's up with that?
[Tue Feb  9 22:19:58 2016] <benzrf> is [forall P, ~~P = P] consistent with coq
[Tue Feb  9 22:21:37 2016] <sunnymilk> i think so but i do not have a proof of that
[Tue Feb  9 22:22:01 2016] <sunnymilk> wait a sec, equals?
[Tue Feb  9 22:22:06 2016] <sunnymilk> i dont know about that at all
[Tue Feb  9 22:46:53 2016] <sunnymilk> in fact thats an inconsistancy i think, ~~P = (P -> False) -> False, which starts with the function constructor, whereas P doesnt necessarily have a function constructor in it
[Tue Feb  9 22:47:16 2016] <sunnymilk> so if theyre equal then you have two things with different constructors being reflexively equal
[Tue Feb  9 22:53:54 2016] <Cypi> benzrf : see proof degeneracy in https://coq.inria.fr/library/Coq.Logic.ClassicalFacts.html . This would suggest that it is consistent.
[Tue Feb  9 22:54:07 2016] <Cypi> propositional degeneracy*
[Tue Feb  9 22:54:47 2016] <benzrf> sunnymilk: yeah, but you can't distinguish them can you
[Tue Feb  9 22:56:52 2016] <benzrf> sunnymilk: HoTT is presumably consistent, and in hott bool -> bool = fin 4
[Wed Feb 10 10:49:28 2016] <accname> Hi there does somebody has experience with profiling ocaml toplevel programs? to be more specific HOL Light
[Wed Feb 10 11:02:56 2016] <ianjneu> I haven't read the paper in a while, but maybe there's some reporting on that in the results of the flyspeck project.
[Wed Feb 10 11:44:27 2016] <accname> thank I will look into that :)
[Wed Feb 10 12:30:09 2016] <tbelaire> What's the command to go from H: A /\ B  and prove B?
[Wed Feb 10 12:30:30 2016] <tbelaire> ah, tauto. does it.
[Wed Feb 10 12:31:32 2016] <Nik05> destruct H as [HA HB]. exact HB.
[Wed Feb 10 12:54:31 2016] <tbelaire> Hmm.  I'm trying to prove that if (x \in E) and (y \in F) and (no_dups (E ++ F)) then x <> y.
[Wed Feb 10 12:54:48 2016] <tbelaire> this is surprisingly difficult :/
[Wed Feb 10 12:56:12 2016] <Cypi> What are E and F? Lists? If so, how are no_dups and \in defined?
[Wed Feb 10 12:56:51 2016] <tbelaire> They are technically association lists, and x, and y are keys
[Wed Feb 10 12:58:16 2016] <tbelaire> no_dups is inductive, either nil or | forall E x, ok E -> ~ In x E -> no_dups (x :: E)
[Wed Feb 10 12:58:28 2016] <tbelaire> when I translate away from that into just plain lists
[Wed Feb 10 12:58:59 2016] <tbelaire> Actual def'ns here https://github.com/tbelaire/FJ-Formalization/blob/master/FJ_Definitions.v
[Wed Feb 10 12:59:27 2016] <tbelaire> and \in is just In
[Wed Feb 10 12:59:39 2016] <tbelaire> but infix
[Wed Feb 10 13:11:32 2016] <Cypi> tbelaire : alright, an induction on E seemed to work
[Wed Feb 10 13:11:46 2016] <Cypi> I just needed one auxiliary lemma, saying "{A : Type} (E F : list A) (x : A) : In x F -> In x (E ++ F)
[Wed Feb 10 13:12:13 2016] <tbelaire> Yeah, I got that lemma already
[Wed Feb 10 13:12:18 2016] <tbelaire> I'll try again
[Wed Feb 10 13:12:55 2016] <Cypi> In your definition of no_dups, for the cons case, there is actually the hypothesis "no_dups E", right?
[Wed Feb 10 13:13:08 2016] <tbelaire> yeah, sorry
[Wed Feb 10 13:13:20 2016] <Cypi> It's ok, just making sure
[Wed Feb 10 13:13:25 2016] <tbelaire> I picked a better name for irc than "ok", but missed one spot
[Wed Feb 10 13:16:42 2016] <tbelaire> How does your induction work?
[Wed Feb 10 13:19:56 2016] <Cypi> The case E = [] is trivial. Then for the second one, you consider two cases: either x is the head of E. Then the auxiliary lemma is useful; or x is in the tail of E, and the induction hypothesis applies directly
[Wed Feb 10 13:22:32 2016] <tbelaire> k
[Wed Feb 10 13:50:55 2016] <tbelaire> How do you simplify something like " if y == y then true else false " to true?
[Wed Feb 10 13:52:24 2016] <Cypi> Depends on '=='
[Wed Feb 10 13:52:39 2016] <tbelaire> I know it's decidable
[Wed Feb 10 13:53:54 2016] <Cypi> Do you have any lemma on this '=='? Like "(x == y) = true" <-> x = y?
[Wed Feb 10 13:55:32 2016] <tbelaire> yeah
[Wed Feb 10 13:55:34 2016] <tbelaire> oh I see now
[Wed Feb 10 13:55:36 2016] <tbelaire> thanks
[Wed Feb 10 13:55:37 2016] <Cypi> (the most simple would be a lemma that states the reflexivity of this '==' of course)
[Wed Feb 10 13:55:43 2016] <Cypi> Ah, ok :)
[Wed Feb 10 14:04:16 2016] <tbelaire> Is it possible to "unfold" only one step?
[Wed Feb 10 14:06:39 2016] <tbelaire> eh, unfold get; fold get. normalized the goal in the same way, don't need it
[Wed Feb 10 14:09:18 2016] <tbelaire> Is there a way to "unsplit" a split goal?
[Wed Feb 10 14:10:07 2016] <tbelaire> I needed to apply a tactic to one leaf, but now the induction hypothises is X -> A /\ B when both A and B are goals.
[Wed Feb 10 14:45:29 2016] <ianjneu> no there isn't, but you can pose your IH on a proof of X and destruct it to get at either A or B.
[Wed Feb 10 14:46:00 2016] <ianjneu> set (spec := IH x); destruct spec as [a b].
[Wed Feb 10 16:45:47 2016] <tbelaire> I'm getting ( Impossible to unify "ok_type D" with "ok_type D".)
[Wed Feb 10 16:45:55 2016] <tbelaire> Is there a way to display implicit parameters
[Wed Feb 10 16:48:54 2016] <ianjneu> tbelaire: Set Printing All.
[Wed Feb 10 16:49:51 2016] <tbelaire> Error: in CoqIde: Use CoqIDE display menu instead
[Wed Feb 10 16:49:56 2016] <tbelaire> ehh, what?
[Wed Feb 10 16:50:14 2016] <tbelaire> I'm using the vim coquille plugin
[Wed Feb 10 16:50:21 2016] <tbelaire> Coq 8.4
[Wed Feb 10 16:50:33 2016] <tbelaire> same protocall as CoqIDE
[Wed Feb 10 16:50:44 2016] <ianjneu> o_O uhh, that's just a vernacular command.
[Wed Feb 10 16:51:15 2016] <tbelaire> nope, can't execute it :(
[Wed Feb 10 16:52:39 2016] <ianjneu> Try "Set Printing Implicit."
[Wed Feb 10 16:53:02 2016] <tbelaire> nope
[Wed Feb 10 16:53:14 2016] <tbelaire> it's trying to protect me from setting it while in coqide I guess
[Wed Feb 10 16:53:21 2016] <tbelaire> instead of using the menu
[Wed Feb 10 16:53:28 2016] <tbelaire> but I'm in VIM and don't have the menu
[Wed Feb 10 16:53:30 2016] <tbelaire> sigh
[Wed Feb 10 16:56:57 2016] <lingxiao> hey all I am stuck on what should be a simple proof due to lack of familiarltiy with tactics
[Wed Feb 10 16:57:03 2016] <tbelaire> Hi
[Wed Feb 10 16:57:07 2016] <tbelaire> I know that feeling
[Wed Feb 10 16:57:53 2016] <lingxiao> haha yeah ...
[Wed Feb 10 16:58:07 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v
[Wed Feb 10 16:58:10 2016] <lingxiao> search for ev_sum
[Wed Feb 10 16:59:35 2016] <tbelaire> You can link to line numbers
[Wed Feb 10 16:59:36 2016] <tbelaire> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L466
[Wed Feb 10 16:59:53 2016] <tbelaire> by clicking on the left hand side line numbers first
[Wed Feb 10 17:00:10 2016] <lingxiao> ahhh that's so cool nv noticed that
[Wed Feb 10 17:02:33 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L467
[Wed Feb 10 17:02:53 2016] <lingxiao> so the issue is no matter what I do my proof state reduces to this: http://lpaste.net/152078
[Wed Feb 10 17:03:08 2016] <lingxiao> which is really no better than were we started
[Wed Feb 10 17:03:15 2016] <tbelaire> Hmm
[Wed Feb 10 17:03:22 2016] <tbelaire> I tried induction on H1
[Wed Feb 10 17:03:27 2016] <tbelaire> right at the start
[Wed Feb 10 17:03:32 2016] <tbelaire> and that seems promising
[Wed Feb 10 17:03:39 2016] <tbelaire> no inversions though
[Wed Feb 10 17:05:39 2016] <tbelaire> https://gist.github.com/14e5fdbf7fd60ac3d0bf
[Wed Feb 10 17:07:42 2016] <tbelaire> lingxiao: hows that look?
[Wed Feb 10 17:07:51 2016] <lingxiao> taking a look at it now
[Wed Feb 10 17:09:19 2016] <lingxiao> ahh you can do induction on [ev] directly
[Wed Feb 10 17:09:30 2016] <tbelaire> yeah
[Wed Feb 10 17:09:43 2016] <tbelaire> advanced technique :P
[Wed Feb 10 17:10:03 2016] <lingxiao> haha funny thing is the ex right above the problem deals iwth it
[Wed Feb 10 17:10:56 2016] <lingxiao> got it! this is what i ended up with http://lpaste.net/152080
[Wed Feb 10 17:11:36 2016] <lingxiao> thanks!
[Wed Feb 10 17:11:40 2016] <tbelaire> np!
[Wed Feb 10 17:21:50 2016] <porton> I wrote a 353 pages research monograph. How much work it would take to rewrite it with Gallinna+Isar?
[Wed Feb 10 17:22:18 2016] <lingxiao> tbelaire can i ask you another one?
[Wed Feb 10 17:22:29 2016] <porton> Some things are not convenient to formalize in English and may be better in Coq. By the way, Coq helps against errors
[Wed Feb 10 17:22:36 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L485
[Wed Feb 10 17:23:29 2016] <porton> If I work 8 hours per weekday to rewrite my book in Coq, how much months could it take?
[Wed Feb 10 17:23:35 2016] <lingxiao> my proof state is this: http://lpaste.net/152081
[Wed Feb 10 17:23:35 2016] <lingxiao> it seems liek the only thin i can do is [inversion IHev].
[Wed Feb 10 17:23:52 2016] <lingxiao> but eventually i encounter this case: http://lpaste.net/152082
[Wed Feb 10 17:23:58 2016] <lingxiao> and I dont know what to do about ev' 4
[Wed Feb 10 17:29:01 2016] <porton> is there any hope that a Coq expert will help me to formalize my book?
[Wed Feb 10 17:48:22 2016] <lingxiao> hey is there anyone around that'd like to walk me thru a proof?
[Wed Feb 10 17:48:47 2016] <rrika> porton, this is a slow channel
[Wed Feb 10 17:49:03 2016] <rrika> just out of curiousity, what did you write about?
[Wed Feb 10 17:50:04 2016] <porton> rrika: I generalized general topology. My book describes basics of general topology with something I call "funcoids" instead of topological spaces. The theory in the volume 1 is very basic (not categorical limits, not traditional pointfree topology, etc.)
[Wed Feb 10 17:50:36 2016] <porton> rrika: I don't have a scientific degree but have some discoveries in pure math
[Wed Feb 10 17:50:58 2016] <rrika> I don't even understand half of the words…
[Wed Feb 10 17:51:05 2016] <rrika> * is beginner level
[Wed Feb 10 17:51:27 2016] <rrika> hope you find someone though
[Wed Feb 10 17:51:35 2016] <porton> rrika: all my words except "funcoids" are widely known, every math graduate knows them
[Wed Feb 10 17:52:00 2016] <rrika> I didn't graduate in math
[Wed Feb 10 17:58:35 2016] <lingxiao> rrika want to take a crack at my proof?
[Wed Feb 10 17:58:45 2016] <rrika> lingxiao, let me see
[Wed Feb 10 17:59:05 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L490
[Wed Feb 10 17:59:07 2016] <lingxiao> ev'_ev
[Wed Feb 10 18:01:15 2016] <lingxiao> stuck here: http://lpaste.net/
[Wed Feb 10 18:01:20 2016] <lingxiao> nothing in context is helping e
[Wed Feb 10 18:01:22 2016] <lingxiao> me*
[Wed Feb 10 18:01:22 2016] <lingxiao> but I
[Wed Feb 10 18:01:29 2016] <lingxiao> also cant think of anoteher route to take
[Wed Feb 10 18:03:49 2016] <rrika> lingxiao, the lpaste link is lacking an id
[Wed Feb 10 18:04:11 2016] <lingxiao> http://lpaste.net/152084
[Wed Feb 10 18:06:33 2016] <rrika> * apply ev'_sum with (n:=2). apply ev'_2. apply ev'_2.
[Wed Feb 10 18:08:57 2016] <lingxiao> what does apply ev'_sum with (n:=2) do?
[Wed Feb 10 18:10:39 2016] <rrika> well, you're trying to unify (_ + _) from ev'_sum with 4
[Wed Feb 10 18:10:49 2016] <rrika> which could be anything from 0+4, 1+3, to 4+0
[Wed Feb 10 18:10:55 2016] <lingxiao_> so we have ev'_sum 2   := forall m. ev' m -> ev' (2 + m) ??
[Wed Feb 10 18:10:55 2016] <lingxiao_> but what does that mean?
[Wed Feb 10 18:11:26 2016] <rrika> it means that if you try to unify (ev' 2+m) with (ev' 4), m will be inferred as 2
[Wed Feb 10 18:11:34 2016] <rrika> you could be fully explicit and say
[Wed Feb 10 18:11:39 2016] <rrika> with (n:=2) (m:=2)
[Wed Feb 10 18:12:11 2016] <lingxiao_> so there's two ev'2 gnerenated as goals
[Wed Feb 10 18:12:12 2016] <rrika> so it will behave as if you tried to apply "ev' 2 -> ev' 2 -> ev' (2+2)"
[Wed Feb 10 18:12:15 2016] <rrika> yes
[Wed Feb 10 18:12:22 2016] <lingxiao_> the first one is to prove n:=2 and second one is that m:=2 ?
[Wed Feb 10 18:13:15 2016] <rrika> well, to apply something the last part of the A→B→C→D chain (D) must match your goal after simplification
[Wed Feb 10 18:13:26 2016] <rrika> n+m doesn't simplify to 4
[Wed Feb 10 18:13:45 2016] <rrika> but S (S _) and S (S (S (S O))) can be matched
[Wed Feb 10 18:14:10 2016] <rrika> so by explicitly mentioning n, you make the last part of the chain match the goal
[Wed Feb 10 18:14:23 2016] <rrika> apply (ev'_sum 2). would've worked too Ithink
[Wed Feb 10 18:17:19 2016] <lingxiao_> hm yup it did
[Wed Feb 10 18:17:25 2016] <lingxiao_> and im equally stuck in this case: http://lpaste.net/152085
[Wed Feb 10 18:17:40 2016] <lingxiao_> inversion IHev1 deosnt seem to help
[Wed Feb 10 18:17:41 2016] <rrika> lingxiao_, this one is easy though
[Wed Feb 10 18:17:52 2016] <lingxiao_> wait could you give me a hint
[Wed Feb 10 18:17:54 2016] <rrika> you only need apply from here on
[Wed Feb 10 18:17:54 2016] <lingxiao_> first
[Wed Feb 10 18:18:15 2016] <rrika> that's the hint
[Wed Feb 10 18:18:30 2016] <lingxiao_> nothing in contet applies to each other though
[Wed Feb 10 18:18:36 2016] <lingxiao_> and none of them apply to the goal directly
[Wed Feb 10 18:18:53 2016] <rrika> then try random things that have worked before
[Wed Feb 10 18:19:22 2016] <lingxiao_> i see that S S (n+m)  = k + (n+ m)
[Wed Feb 10 18:19:22 2016] <rrika> as in
[Wed Feb 10 18:19:28 2016] <rrika> yeah
[Wed Feb 10 18:19:35 2016] <lingxiao_> or  S S 0 + (n + m)
[Wed Feb 10 18:19:41 2016] <lingxiao_> so that's the ev'_sum case
[Wed Feb 10 18:20:11 2016] <rrika> both expression simplify to the same
[Wed Feb 10 18:22:45 2016] <lingxiao_> ok now i see this caes: http://lpaste.net/152086
[Wed Feb 10 18:23:11 2016] <rrika> uh, the first one is literally just ev'_sum
[Wed Feb 10 18:23:38 2016] <lingxiao_> ahh i see
[Wed Feb 10 18:24:30 2016] <lingxiao_> got it!
[Wed Feb 10 18:24:33 2016] <rrika> can I see the whole line?
[Wed Feb 10 18:24:41 2016] <lingxiao_> yeah using propositions as functions with params is killer
[Wed Feb 10 18:24:54 2016] <lingxiao_> http://lpaste.net/152087
[Wed Feb 10 18:24:58 2016] <lingxiao_> is what i ended up with
[Wed Feb 10 18:25:36 2016] <rrika> * apply ev'_sum with (n:=2). apply ev'_2. apply ev'_2.
[Wed Feb 10 18:25:36 2016] <rrika>           * apply ev'_sum with (n:=2). apply ev'_2. apply ev'_sum.
[Wed Feb 10 18:25:36 2016] <rrika>             apply IHev1. apply IHev2.
[Wed Feb 10 18:25:38 2016] <rrika> is mine
[Wed Feb 10 18:26:42 2016] <rrika> you don't need to "replace"
[Wed Feb 10 18:27:04 2016] <rrika> apply ev'_sum will operate on the goal "ev' (S (S (n+m)))"
[Wed Feb 10 18:27:38 2016] <lingxiao_> ohh
[Wed Feb 10 18:27:41 2016] <lingxiao_> haha did not know that
[Wed Feb 10 18:27:54 2016] <lingxiao_> or i guess that's the def of +
[Wed Feb 10 18:28:00 2016] <rrika> yes
[Wed Feb 10 18:28:11 2016] <lingxiao_> i guess i shouldv known when i proved that replace by reflexivity.
[Wed Feb 10 18:28:17 2016] <rrika> yes
[Wed Feb 10 18:28:54 2016] <lingxiao_> thanks!
[Wed Feb 10 18:29:11 2016] <lingxiao_> Its like i have an inteaticve theorem prover in coq
[Wed Feb 10 18:29:23 2016] <lingxiao_> and interative theorem proover proover in rrika :)
[Wed Feb 10 18:29:30 2016] <rrika> ^_^
[Wed Feb 10 18:33:06 2016] <lingxiao_> alright i'm off thanks! and porton you might have some luck in #haskell
[Wed Feb 10 18:33:16 2016] <lingxiao_> alot of people know coq there but dont hang out here
[Thu Feb 11 09:30:43 2016] <tbelaire> How do I go from (A, B, C) = (A', B', C') to A = A'?
[Thu Feb 11 09:32:37 2016] <Cypi> with "inversion"
[Thu Feb 11 09:33:51 2016] <tbelaire> Nice
[Thu Feb 11 09:33:56 2016] <tbelaire> makes sense
[Thu Feb 11 11:20:24 2016] <lingxiao> hey all
[Thu Feb 11 11:20:37 2016] <lingxiao> anyone care to take a look at this proof? https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L793
[Thu Feb 11 11:58:36 2016] <tbelaire> sure
[Thu Feb 11 11:58:42 2016] <tbelaire> I've got my own question
[Thu Feb 11 11:58:45 2016] <tbelaire> too
[Thu Feb 11 12:00:16 2016] <tbelaire> I have a setup where I have H : P( x : lst),  H2 : In y lst.  And I do case analysis in H, case one, x:lst = nil, but it doesn't become false rihgt away
[Thu Feb 11 12:00:28 2016] <tbelaire> oh, inversion
[Thu Feb 11 12:00:31 2016] <tbelaire> I bety
[Thu Feb 11 12:03:37 2016] <tbelaire> Error: The reference double was not found in the current environment.
[Thu Feb 11 12:03:51 2016] <tbelaire> err, does that depend on something? trying to view your proof
[Thu Feb 11 12:03:59 2016] <tbelaire> gets stuck way earlier
[Thu Feb 11 12:05:55 2016] <tbelaire> okay, cloned your repo
[Thu Feb 11 12:06:03 2016] <tbelaire> wonder why coq didn't throw some inport error
[Thu Feb 11 12:07:18 2016] <tbelaire> If you've got conflicting hypothesis, try doing exfalso. then showing a contradiction
[Thu Feb 11 12:07:21 2016] <tbelaire> ?
[Thu Feb 11 12:09:19 2016] <tbelaire> oh, or you need to generalize your induction hypothesis
[Thu Feb 11 12:09:23 2016] <tbelaire> so it says
[Thu Feb 11 12:09:59 2016] <tbelaire> (forall s, s =~ foo s2 -> s = s2)
[Thu Feb 11 12:10:25 2016] <tbelaire> then use it and cons back on the missing bit
[Thu Feb 11 12:10:37 2016] <tbelaire> uh, something something, use generalize before induction
[Thu Feb 11 12:10:55 2016] <tbelaire> maybe do each half of the proof on it's own
[Thu Feb 11 12:12:13 2016] <tbelaire> no, you're already doing that
[Thu Feb 11 12:13:54 2016] <tbelaire>   + (* -> *)
[Thu Feb 11 12:13:57 2016] <tbelaire>   generalize s1; clear s1.
[Thu Feb 11 12:13:59 2016] <tbelaire>   induction s2 as [|s s2']; intros s1.
[Thu Feb 11 12:14:01 2016] <tbelaire>     - intros H. inversion H. reflexivity.
[Thu Feb 11 12:14:03 2016] <tbelaire>     - intros H.
[Thu Feb 11 12:14:05 2016] <tbelaire> Here, try that
[Thu Feb 11 12:14:21 2016] <tbelaire> lingxiao: take a look
[Thu Feb 11 12:21:05 2016] <tbelaire> You'll need to destruct s1 and then take apart =~ and put it back together again
[Thu Feb 11 12:21:14 2016] <tbelaire> but I 'think it'll work eventually
[Thu Feb 11 13:32:46 2016] <stelleg> is there a generic way to map w
[Thu Feb 11 13:32:59 2016] <stelleg> whoops
[Thu Feb 11 13:33:51 2016] <stelleg> is there a generic way to bind a proof of the specific case deconstruction equality in a match expression?
[Thu Feb 11 13:34:39 2016] <stelleg> so e.g. match a with | \Some x => \p : a = Some x -> ...
[Thu Feb 11 13:35:33 2016] <johnw> do you mean the convey pattern?
[Thu Feb 11 13:36:11 2016] <stelleg> ah thanks, looking at that now
[Thu Feb 11 13:36:27 2016] <johnw> sorry, convoy pattern
[Thu Feb 11 13:36:32 2016] <johnw> it's described in depth in CPDT
[Thu Feb 11 13:36:39 2016] <stelleg> yeah google corrected it for me :)
[Thu Feb 11 13:36:47 2016] <stelleg> yeah thats what I'm looking at now, thanks
[Thu Feb 11 15:45:13 2016] <stelleg> thanks johnw, came up with this: match a as o return a = o -> ... with | Some k => fun p => ... end eq_refl
[Thu Feb 11 15:48:20 2016] <stelleg> have a feeling I'll use that a fair amount
[Fri Feb 12 10:28:52 2016] <lingxiao> hey all
[Fri Feb 12 10:29:01 2016] <lingxiao> could someone help me thru a proof? I'm really struggling!
[Fri Feb 12 10:29:44 2016] <lingxiao> this one: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L807
[Fri Feb 12 10:47:12 2016] <Cypi> lingxiao : try to do an induction on s2 instead (also, don't forget to generalize as much as possible before doing the induction)
[Fri Feb 12 10:47:51 2016] <lingxiao> Cypi I tried that and was stuck on the inductive case.
[Fri Feb 12 10:47:55 2016] <lingxiao> my proof state is:
[Fri Feb 12 10:48:37 2016] <lingxiao> http://lpaste.net/152275
[Fri Feb 12 10:49:02 2016] <lingxiao> or rather: http://lpaste.net/152276
[Fri Feb 12 10:49:20 2016] <lingxiao> and it makes no sense. if I use the ihnduction hypothesis, then I get s1 = s2'
[Fri Feb 12 10:49:31 2016] <lingxiao> which makes the goal s1 = s :: s2'  ==>   s1 = s :: s1
[Fri Feb 12 10:49:51 2016] <Cypi> You need to use the hypothesis H first
[Fri Feb 12 10:50:11 2016] <Cypi> The right-hand-side has a specific shape, which allows to deduce things from it
[Fri Feb 12 10:50:27 2016] <lingxiao> so you mean indution on H?
[Fri Feb 12 10:51:10 2016] <Cypi> Just inversion
[Fri Feb 12 10:52:05 2016] <lingxiao> hmm ok i see this: http://lpaste.net/152277
[Fri Feb 12 10:52:29 2016] <lingxiao> which makes ore sense, ie s0 match char s and s2 matches reg_exp of s2'
[Fri Feb 12 10:53:03 2016] <lingxiao> but I'm not sure how to use those premises
[Fri Feb 12 10:54:53 2016] <Cypi> First, you might want to simplify that kind of context by just using "subst"
[Fri Feb 12 10:55:09 2016] <Cypi> (it will look for equalities like "x = t" where x is a variable, and replace the variable with the term t)
[Fri Feb 12 10:55:37 2016] <Cypi> Then, you can now do what you wanted to do before: use the induction hypothesis.
[Fri Feb 12 10:55:45 2016] <Cypi> This will get you something more useful
[Fri Feb 12 10:59:37 2016] <lingxiao> ahh so i see this in context: http://lpaste.net/152278
[Fri Feb 12 10:59:49 2016] <lingxiao> now i just have to show s0 = s
[Fri Feb 12 10:59:59 2016] <lingxiao> and the context says s0 matches Char s
[Fri Feb 12 11:00:06 2016] <lingxiao> also we have H
[Fri Feb 12 11:01:49 2016] <lingxiao> but we already used that
[Fri Feb 12 11:02:07 2016] <Cypi> H3 should be enough
[Fri Feb 12 11:02:11 2016] <lingxiao> yup got it!
[Fri Feb 12 11:02:33 2016] <lingxiao> [subst] is a good trick! thank you!
[Fri Feb 12 11:13:57 2016] <lingxiao> Hey Cypi this proof state makes a lot of sense but I'm not sure what to do with it
[Fri Feb 12 11:14:11 2016] <lingxiao> http://lpaste.net/152279
[Fri Feb 12 11:15:30 2016] <Cypi> So in that case, you would like to apply the constructor MApp
[Fri Feb 12 11:16:10 2016] <Cypi> Coq will be annoying about it though, because on the left-hand-side, you have "s :: s2" and not something which has the shape "[s] ++ s2", even though both are convertible
[Fri Feb 12 11:17:02 2016] <Cypi> An easy fix is to just do "apply (MApp [s])" instead of just "apply MApp", this will help Coq instantiate MApp with the correct terms
[Fri Feb 12 11:17:18 2016] <lingxiao> ahhh i see it!
[Fri Feb 12 11:18:07 2016] <lingxiao> ok great thank you!
[Fri Feb 12 13:14:39 2016] <nullcatxxx_> what's the coq equivalent of ocamlbuild?
[Fri Feb 12 13:15:04 2016] <nullcatxxx_> or I have to build dependencies using coqc manually?
[Fri Feb 12 13:15:56 2016] <rrika> there is coqdep to figure out dependencies
[Fri Feb 12 18:08:56 2016] <lingxiao> I have a stupid syntax question
[Fri Feb 12 18:10:35 2016] <johnw> lingxiao: it's better to just ask, rather than announce the question first
[Fri Feb 12 18:11:00 2016] <lingxiao> ok great johnw: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L905
[Fri Feb 12 18:11:25 2016] <lingxiao> so [re_not_empty] should check if some regex re matches some string xs
[Fri Feb 12 18:11:46 2016] <lingxiao> but there is no parameter to take in a strng ... and the function of type : reg_exp T -> bool
[Fri Feb 12 18:11:54 2016] <lingxiao> so I can't output lambda that takes in some string
[Fri Feb 12 18:12:00 2016] <lingxiao> am I understand the  fucntion wrong?
[Fri Feb 12 18:12:19 2016] <johnw> you're proving that the regular expression can match "some string"
[Fri Feb 12 18:12:21 2016] <johnw> any string
[Fri Feb 12 18:12:25 2016] <johnw> that it doesn't only match empty strings
[Fri Feb 12 18:12:56 2016] <lingxiao> ok so by def EmptySet is false
[Fri Feb 12 18:13:04 2016] <lingxiao> and emptyStr is true or false?
[Fri Feb 12 18:13:11 2016] <johnw> I don't see emptyStr
[Fri Feb 12 18:13:30 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L565
[Fri Feb 12 18:14:08 2016] <johnw> i don't know
[Fri Feb 12 18:14:14 2016] <johnw> i haven't done that exercise I don't think
[Fri Feb 12 18:14:18 2016] <lingxiao> yeah it's new
[Fri Feb 12 18:14:24 2016] <lingxiao> I'm not really sure what it's askng
[Fri Feb 12 18:14:40 2016] <lingxiao> so suppose EmptyStr is false, then all the other cases just recurse, and Char is always true
[Fri Feb 12 18:14:42 2016] <johnw> it's asking if emptyStr is capable of matching non-empty string
[Fri Feb 12 18:15:20 2016] <lingxiao> huh? wait based on this lemma [(exists s, s =~ re) <-> re_not_empty re = true.]
[Fri Feb 12 18:15:23 2016] <lingxiao> then empty string should be true
[Fri Feb 12 18:15:32 2016] <lingxiao> or [EmptyStr => true]
[Fri Feb 12 18:16:12 2016] <johnw> ok
[Fri Feb 12 18:16:22 2016] <johnw> you'll find out soon enough when you do some proofs :)
[Fri Feb 12 18:16:33 2016] <johnw> that's why I love Coq; lies don't last
[Fri Feb 12 18:16:54 2016] <lingxiao> hahah they changed a bunch of stuff and I wish it was a bit more polished before they published it
[Fri Feb 12 18:17:00 2016] <lingxiao> what a beautiful sentence
[Fri Feb 12 18:19:09 2016] <hodapp> the Coq is a lie?
[Fri Feb 12 18:21:27 2016] <lingxiao> oh haha nothing
[Fri Feb 12 18:22:10 2016] <hodapp> nevermind, it was a "the cake is a lie" pun
[Fri Feb 12 21:05:00 2016] <lingxiao> hey all
[Fri Feb 12 21:07:12 2016] <lingxiao> I have a proof in mind but I dont have the tactics to navigate it
[Fri Feb 12 21:07:36 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L918
[Fri Feb 12 21:08:11 2016] <lingxiao> in the <- case I want to say that the premise [ re_not_empty re = true ] implies several cases as describe in re_not_empty above
[Fri Feb 12 21:08:36 2016] <lingxiao> and I want to examine each one in turn, and each one will give me a witness for the exits s : list T, s =~re statement
[Fri Feb 12 21:09:31 2016] <lingxiao> oh wait ..
[Fri Feb 12 21:10:18 2016] <lingxiao> nvm doing induction on re
[Fri Feb 12 21:13:22 2016] <lingxiao> ok actually anotehr problem
[Fri Feb 12 21:13:34 2016] <lingxiao> in this state: http://lpaste.net/152288
[Fri Feb 12 21:13:51 2016] <lingxiao> I do not know how to produce a witness [s] so that [s =~ char t]
[Fri Feb 12 21:14:33 2016] <lingxiao> ahh nvm haha
[Fri Feb 12 21:18:50 2016] <lingxiao> hm ok now i see this state: http://lpaste.net/152289
[Fri Feb 12 21:19:12 2016] <lingxiao> actually not sure what to do here since there's no t : T in context to get rid of the exisential in  H1 H2 and the goal
[Fri Feb 12 21:19:28 2016] <Cypi> Why would you need a "t : T"?
[Fri Feb 12 21:19:54 2016] <lingxiao> not sure how to deal with the exists s otherwise
[Fri Feb 12 21:20:06 2016] <Cypi> You can destruct existantials in your hypothesis
[Fri Feb 12 21:20:18 2016] <Cypi> hypotheses* existentials*
[Fri Feb 12 21:20:19 2016] <lingxiao> aahh
[Fri Feb 12 21:23:24 2016] <lingxiao> ok in this state Cypi: http://lpaste.net/152290
[Fri Feb 12 21:23:36 2016] <lingxiao> why doesn't [apply (MApp x re1 x0 re2 H H0).] work?
[Fri Feb 12 21:24:33 2016] <Cypi> Because (MApp x re1 x0 re2 H H0) proves "x ++ x0 =~ App re1 re2", not "x =~ App re1 re2"
[Fri Feb 12 21:24:42 2016] <Cypi> You probably provided the wrong witness
[Fri Feb 12 21:26:35 2016] <lingxiao> ahh
[Fri Feb 12 21:31:30 2016] <lingxiao> Thanks Cypi!
[Fri Feb 12 22:25:41 2016] <lingxiao> hey all
[Fri Feb 12 22:25:50 2016] <lingxiao> I'm writing my first inductively defined Prop
[Fri Feb 12 22:25:58 2016] <lingxiao> and I would like a second eye on it and help with a proof
[Fri Feb 12 22:26:24 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1197
[Fri Feb 12 22:26:40 2016] <lingxiao> in [pal_app_rev] I'm stuck on [apply (pal_cons x1 l IHl).]
[Fri Feb 12 22:26:47 2016] <lingxiao> I'd like to use the IHl but its type is wrong
[Fri Feb 12 22:27:14 2016] <lingxiao> so either i'm not massaging it enough or my def of [pal] is wrong
[Fri Feb 12 22:30:28 2016] <Cypi> Two things here
[Fri Feb 12 22:30:40 2016] <lingxiao> yup?
[Fri Feb 12 22:31:19 2016] <Cypi> 1) You're not massaging enough: what you want to get as a goal is "pal ([x1] ++ ((x2 :: l) ++ rev (x2 :: l)) ++ [x1])"
[Fri Feb 12 22:31:23 2016] <Cypi> (notice the added parentheses)
[Fri Feb 12 22:31:52 2016] <lingxiao> oh ops i did that.. must've not git pushed
[Fri Feb 12 22:32:31 2016] <lingxiao> ok pushed again
[Fri Feb 12 22:34:19 2016] <Cypi> Ok, now the only thing is that you're instantiating pal_cons with l instead of "(x2 :: l) ++ rev (x2 :: l)"
[Fri Feb 12 22:34:48 2016] <Cypi> note that you could just do "apply pal_cons", since the shape of the goal is enough to determine every argument of pal_cons
[Fri Feb 12 22:35:26 2016] <Cypi> 2) Your definition is good enough for those two theorems, but it will not suffice for the next one: you actually only characterize the palindromes of even length
[Fri Feb 12 22:35:40 2016] <lingxiao> yeah I originall had pal_one : forall x, pal [x]
[Fri Feb 12 22:35:48 2016] <Cypi> Which is indeed what you want
[Fri Feb 12 22:36:06 2016] <Cypi> (no need for pal_two, which is just a special case of pal_cons and pal_nil)
[Fri Feb 12 22:36:24 2016] <lingxiao> ahh ok great . that makes more sense. could you repeat what you said about pal_cons?
[Fri Feb 12 22:36:49 2016] <lingxiao> this part: now the only thing is that you're instantiating pal_cons with l instead of "(x2 :: l) ++ rev (x2 :: l)"
[Fri Feb 12 22:37:26 2016] <Cypi> You wrote "apply (pal_cons x1 l IHl)", but the list to which you want to concatenate [x] on both sides is not l, it is ((x2 :: l) ++ rev (x2 :: l))
[Fri Feb 12 22:39:31 2016] <lingxiao> ahh got it!
[Fri Feb 12 22:39:32 2016] <lingxiao> thanks!
[Fri Feb 12 22:51:43 2016] <lingxiao> Cypi is it possible to [induction l .. ] by taking apart the front and the end of a list?
[Fri Feb 12 22:52:04 2016] <lingxiao> so l as    elem1 : xs ++ [elemn]
[Fri Feb 12 22:54:23 2016] <lingxiao> i'm looking at [palindrome_converse]
[Fri Feb 12 22:54:23 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1244
[Fri Feb 12 22:54:38 2016] <lingxiao> and doing induction on l as [x1 | [x2 | l]] doesnt seem to help
[Fri Feb 12 22:59:33 2016] <Cypi> So, this exercise has been the bane of several people ^^
[Fri Feb 12 22:59:44 2016] <Cypi> I know of two main ways of doing it, let's look at what you suggested
[Fri Feb 12 23:00:07 2016] <Cypi> It is indeed possible to do the induction that you described, but you have to prove it first
[Fri Feb 12 23:01:00 2016] <Cypi> You can take a look at the type of list_rect, which is the induction principle for lists (used under the hood by the 'induction' tactic), and try to see which should be the type of your custom induction principle.
[Fri Feb 12 23:02:01 2016] <lingxiao> harhar .. actually not sure how to prove what I'm suggsting
[Fri Feb 12 23:02:15 2016] <lingxiao> like wouldnt even know where to start .. do i write down an inductive property first?
[Fri Feb 12 23:03:14 2016] <Cypi> I guess that would be yet another way to do this: define another inductive type which has the correct induction principle, and prove the equivalence between the two types.
[Fri Feb 12 23:03:58 2016] <lingxiao> where do i find the type for list_rect?
[Fri Feb 12 23:04:12 2016] <lingxiao> where do i find any documentation for coq for that mattter?
[Fri Feb 12 23:04:31 2016] <lingxiao> is this good: https://coq.inria.fr/distrib/current/files/Reference-Manual.pdf ?
[Fri Feb 12 23:05:14 2016] <Cypi> You won't find that type directly in the documentation (probably not), but you can just ask Coq: "Check list_rect."
[Fri Feb 12 23:05:57 2016] <lingxiao> ok so what's the difference between the inductive def of list and list_rect conceptually?
[Fri Feb 12 23:06:05 2016] <lingxiao> I see they're different in terms of syntax
[Fri Feb 12 23:07:31 2016] <lingxiao> oh wait i see it for nat_rect
[Fri Feb 12 23:07:34 2016] <lingxiao> which is easier to digest
[Fri Feb 12 23:07:54 2016] <lingxiao> foo_rect is teh inductive principle for foo right?
[Fri Feb 12 23:07:57 2016] <Cypi> yes
[Fri Feb 12 23:09:22 2016] <lingxiao> so i might write
[Fri Feb 12 23:10:03 2016] <lingxiao> forall X P, p [] -> forall x1 x2 l, p l -> p ([x1] ++ l ++ [x2]) -> forall l, P l
[Fri Feb 12 23:10:35 2016] <lingxiao> or also insert forall x, p [x] after the empty case
[Fri Feb 12 23:10:57 2016] <Cypi> Yup, with the "forall x, p [x]"
[Fri Feb 12 23:11:21 2016] <lingxiao> huh so after i do that i can write induction on list as [...] using my principle
[Fri Feb 12 23:11:46 2016] <lingxiao> but before that I need to prove they're equivalent? I've never seen such a proof before not sure how t proceed
[Fri Feb 12 23:11:49 2016] <lingxiao> I guess i can admit it
[Fri Feb 12 23:13:35 2016] <Cypi> You "just" need to prove that induction principle, which is not an easy task (this exercise is a 5 stars after all). One intermediate lemma I might suggest is the following:
[Fri Feb 12 23:14:28 2016] <Cypi> "forall X P, (P []) -> (forall x l, P (rev l) -> P (rev (x :: l))) -> forall l, P (rev l)"
[Fri Feb 12 23:14:49 2016] <Cypi> so basically, sort of another induction principle but about the function rev
[Fri Feb 12 23:15:14 2016] <Cypi> Even with that it will require some other lemmas about rev and app
[Fri Feb 12 23:15:53 2016] <lingxiao> hmm ok so this : "forall X P, (P []) -> (forall x l, P (rev l) -> P (rev (x :: l))) -> forall l, P (rev l)"
[Fri Feb 12 23:16:09 2016] <lingxiao> is something i'd need to prove the other inductive principle?
[Fri Feb 12 23:16:15 2016] <Cypi> Yes
[Fri Feb 12 23:16:23 2016] <lingxiao> if I just work with the regular stuff w/o rolling a new machinary ..
[Fri Feb 12 23:16:30 2016] <lingxiao> is the path "easier"?
[Fri Feb 12 23:17:00 2016] <Cypi> i think so ^^
[Fri Feb 12 23:17:10 2016] <lingxiao> harhar
[Fri Feb 12 23:17:13 2016] <lingxiao> hints?
[Fri Feb 12 23:17:19 2016] <Cypi> the other path is less computer science and more math
[Fri Feb 12 23:18:01 2016] <Cypi> Basically, the problem with just a simple induction is that the induction hypothesis only gives a fact about the tail of l, whereas there you would like a fact about l, with its head and its last element
[Fri Feb 12 23:18:29 2016] <Cypi> so what you can do is generalize a little bit the theorem so that the induction hypothesis gives you a fact about every list smaller than l
[Fri Feb 12 23:19:16 2016] <lingxiao> so every list smaller than l would include the very last element in its own list?
[Fri Feb 12 23:19:35 2016] <lingxiao> when you say: generalize a little bit the theorem, do you mean palindrom_converse?
[Fri Feb 12 23:20:28 2016] <Cypi> Yes. I mean adding stuff in front of the goal, basically. It won't make it stronger, but it will make the induction hypothesis stronger.
[Fri Feb 12 23:20:51 2016] <Cypi> And by "smaller", I really mean "smaller by length"
[Fri Feb 12 23:23:06 2016] <lingxiao> hmm ok I'll have to think about it for a while
[Fri Feb 12 23:23:13 2016] <lingxiao> when I'm more awake
[Fri Feb 12 23:56:55 2016] <lingxiao> thanks a lot Cypi!
[Sat Feb 13 16:00:38 2016] <TxmszLou> If I have a hypothesis that two constant functions are equal (fun _ => x = fun _ => x'), is there a way that I can deduce that the two constants are equal (x = x')?
[Sat Feb 13 16:02:24 2016] <Cypi> Only if you can apply the functions to something.
[Sat Feb 13 16:04:42 2016] <Cypi> and if you can apply them to some term t then it's easy, because "x = x'" is the same thing as "f t = f' t", and you can then rewrite
[Sat Feb 13 16:04:52 2016] <Cypi> (where f and f' are your two constant functions)
[Sat Feb 13 16:07:08 2016] <TxmszLou> Thanks! did it by change tactic
[Sat Feb 13 21:16:04 2016] <lingxiao> hey all
[Sat Feb 13 21:16:13 2016] <lingxiao> I'd like some advice on definiing this propsition
[Sat Feb 13 21:16:29 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1598
[Sat Feb 13 21:16:56 2016] <lingxiao> the problem is that i'm saying if l1 is a subsequence of l2, then l1 subsequence of [x] ++ l2 ++ [y], essentially
[Sat Feb 13 21:17:32 2016] <lingxiao> but I dont know how to say something about the possiblity that if l2 = l3 ++ l4, and l1 subsequence of l2, then l1 subsequence of l3 ++ [x] ++ l4
[Sat Feb 13 21:17:58 2016] <lingxiao> or something like that .. this case:  [1;2;3] <: [1;2;7;3]
[Sat Feb 13 21:22:17 2016] <lingxiao> i could say something like : http://lpaste.net/152382
[Sat Feb 13 21:22:22 2016] <lingxiao> but the hint says 3 cases
[Sat Feb 13 21:22:28 2016] <lingxiao> and that solution looks pretty bad
[Sat Feb 13 21:22:38 2016] <lingxiao> as in verbose
[Sat Feb 13 21:23:29 2016] <lingxiao> and I suppose hd and tl are just special cases of mid where l3 is [] or l4 is []
[Sat Feb 13 21:23:56 2016] <lingxiao> and when i do proofs i have to find some witness to the fact that l2 = l3 ++ l4?
[Sat Feb 13 21:24:00 2016] <lingxiao> that sounds no fun
[Sat Feb 13 21:31:26 2016] <jrw> lingxiao: think about processing one of the lists element-by-element
[Sat Feb 13 21:31:39 2016] <jrw> almost like you were writing a recursive function
[Sat Feb 13 21:32:05 2016] <lingxiao> so if l1 <: l2
[Sat Feb 13 21:32:11 2016] <lingxiao> then i should destruct l2?
[Sat Feb 13 21:32:25 2016] <jrw> sure try that and see what happens
[Sat Feb 13 21:39:29 2016] <lingxiao> jrw so I'm essentially converting this: http://lpaste.net/152384
[Sat Feb 13 21:39:34 2016] <lingxiao> into a Prop?
[Sat Feb 13 21:42:46 2016] <jrw> lingxiao: yep
[Sat Feb 13 21:42:56 2016] <jrw> notice the three cases :)
[Sat Feb 13 21:43:25 2016] <lingxiao> yeah it's odd haha
[Sat Feb 13 21:43:33 2016] <lingxiao> but how would i express the false case?
[Sat Feb 13 21:43:40 2016] <jrw> actually now that I think about it it's not quite the same cases
[Sat Feb 13 21:43:47 2016] <jrw> the false case doesn't get translated
[Sat Feb 13 21:43:51 2016] <lingxiao> i tried [ rt_nil : forall l, subseq l [] -> Fasle]
[Sat Feb 13 21:43:51 2016] <jrw> and the if becomes 2
[Sat Feb 13 21:44:02 2016] <lingxiao> yeah that did not work .. oh hmm.
[Sat Feb 13 21:45:56 2016] <lingxiao> so jrw like this: http://lpaste.net/152385
[Sat Feb 13 21:46:05 2016] <lingxiao> except how do you say x not equal to y?
[Sat Feb 13 21:46:48 2016] <lingxiao> ~(x=y) right?
[Sat Feb 13 21:46:51 2016] <johnw> x <> y
[Sat Feb 13 21:46:55 2016] <johnw> is the same as ~(x=y)
[Sat Feb 13 21:48:07 2016] <jrw> lingxiao: it looks backwards to me
[Sat Feb 13 21:49:33 2016] <lingxiao> jrw this: http://lpaste.net/152386 ??
[Sat Feb 13 21:49:48 2016] <lingxiao> this aint quite as mind bending as when I touched functional programming the first time
[Sat Feb 13 21:49:55 2016] <lingxiao> but the manner of thought is somewhat new haha
[Sat Feb 13 21:50:18 2016] <lingxiao> I think i used forward logic when I shouldv used backward logic correct?
[Sat Feb 13 21:50:18 2016] <jrw> yeah that looks pretty good
[Sat Feb 13 21:52:52 2016] <lingxiao> hmm pretty nifty
[Sat Feb 13 21:53:14 2016] <lingxiao> although the boolean function looks much more readble to me
[Sat Feb 13 21:53:25 2016] <lingxiao> what is the advantage of a Prop over just a bool again?
[Sat Feb 13 21:53:35 2016] <lingxiao> aside from the fact that they are different concepts (?)
[Sat Feb 13 21:53:48 2016] <johnw> lingxiao: it allows more directly inspection (via case matching) of _how_ it's a subseq
[Sat Feb 13 21:53:57 2016] <johnw> but you could also write a boolean-returning subseq, and just say:
[Sat Feb 13 21:54:00 2016] <johnw> subseq xs ys = true
[Sat Feb 13 21:54:03 2016] <johnw> lifting it back into Prop
[Sat Feb 13 21:58:21 2016] <lingxiao> wait could you say that again?
[Sat Feb 13 21:58:31 2016] <lingxiao>  did you mean True?
[Sat Feb 13 21:58:45 2016] <lingxiao> how does subseq xs ys = True lift it into prop?
[Sat Feb 13 22:02:55 2016] <lingxiao> also jrw or johnw I'm stuck in this case of a proof: http://lpaste.net/152387
[Sat Feb 13 22:03:19 2016] <lingxiao> in this proof: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1633
[Sat Feb 13 22:03:54 2016] <jrw> lingxiao: that should follow from your second constructor
[Sat Feb 13 22:05:23 2016] <lingxiao> jrw ithought so too so i did this: [ apply (x_eq_y (y :: l2) (y :: l0)). ]
[Sat Feb 13 22:05:33 2016] <lingxiao> but I'm getting can't unify error
[Sat Feb 13 22:05:42 2016] <jrw> lingxiao: why not just try [apply x_eqy] ?
[Sat Feb 13 22:06:41 2016] <lingxiao> oh because it gave me some case statement haha
[Sat Feb 13 22:06:47 2016] <lingxiao> but it's good it means it works
[Sat Feb 13 22:08:11 2016] <lingxiao> yea it unfold the [++] function for some reason
[Sat Feb 13 22:08:14 2016] <lingxiao> or app
[Sat Feb 13 22:08:18 2016] <lingxiao> which is ++ i believe
[Sat Feb 13 22:08:53 2016] <jrw> lingxiao: if you [simpl.] first that shouldn't happen
[Sat Feb 13 22:09:26 2016] <lingxiao> hmm your right thats werid
[Sat Feb 13 22:09:30 2016] <lingxiao> why did it do that?
[Sat Feb 13 22:09:46 2016] <lingxiao> unfodl the ++ in this cse [y :: l1 <: (y :: l2) ++ l3 ]
[Sat Feb 13 22:09:48 2016] <lingxiao> case*
[Sat Feb 13 22:10:34 2016] <jrw> lingxiao: basically because it had to do a simpl for you, and it's overly agressive
[Sat Feb 13 22:10:38 2016] <jrw> so it goes ahead and unfolds
[Sat Feb 13 22:10:53 2016] <lingxiao> oh ... so many magic going on
[Sat Feb 13 22:36:17 2016] <lingxiao> anyone know what to do in this state? http://lpaste.net/152429
[Sat Feb 13 22:36:24 2016] <lingxiao> further inversion on H does no good
[Sat Feb 13 22:36:32 2016] <lingxiao> the context is clearly contradictiroy with p and not p
[Sat Feb 13 22:36:58 2016] <lingxiao> proof hree: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1748
[Sat Feb 13 22:49:10 2016] <jrw> lingxiao: you can do [contradiction p] or [congruence] or [exfalso. apply H0. apply p.]
[Sat Feb 13 22:49:50 2016] <lingxiao> why is that [exfalso. apply H0] make ~P into P?
[Sat Feb 13 22:50:27 2016] <jrw> it doesn't what do you mean?
[Sat Feb 13 22:50:36 2016] <lingxiao> no it does
[Sat Feb 13 22:50:39 2016] <lingxiao> but I'm wondering why
[Sat Feb 13 22:50:49 2016] <lingxiao> what's exfalos anyways. i see what it does
[Sat Feb 13 22:51:02 2016] <lingxiao> and whats congrence? does it just check of the context is consistent ?
[Sat Feb 13 22:52:50 2016] <lingxiao> jrw I'm sorry exfalose turns the goal to False, then apply H0 turns the goal into P
[Sat Feb 13 22:52:56 2016] <jrw> congruence implements the congruence closure algorithm. it's good at reasoning over equalities
[Sat Feb 13 22:53:32 2016] <jrw> but it will also find stuff like your thing where you have P and ~ P
[Sat Feb 13 22:54:43 2016] <lingxiao> hmm so heuristically speaking when do i use congruence?
[Sat Feb 13 22:55:04 2016] <lingxiao> i guess i could read thru this haha: http://www.cse.chalmers.se/~laurako/links/ARVSlides/arv-l6.pdf
[Sat Feb 13 22:57:00 2016] <jrw> you'll get the hang of when to use it after awhile. basically if your goal follows from only rewriting without any quantifiers then congruence can do it
[Sat Feb 13 23:09:11 2016] <lingxiao> jrw hmm ok i'll start using it whenever i can@
[Sun Feb 14 10:54:01 2016] <Nik05> i have some Goal A ∨ B and I want to apply a constructor to A. How can i do that?
[Sun Feb 14 10:54:09 2016] <Nik05> or isn't this logically possible at all?
[Sun Feb 14 10:58:29 2016] <Nik05> My Goal is: x ϵ (x' :: xs') ∨ x ϵ ys
[Sun Feb 14 10:59:30 2016] <Nik05> And I would like to apply in_later : ∀ b l, a ϵ l → a ϵ b :: l
[Sun Feb 14 11:08:11 2016] <Nik05> i thought maybe rewrite could do this
[Sun Feb 14 11:08:25 2016] <Nik05> Error: Cannot find an homogeneous relation to rewrite.
[Sun Feb 14 11:10:01 2016] <Nik05> Oh I just used `firstorder` no idea it would do anything at all, but it rewrote my hypothesis to what i need
[Sun Feb 14 11:11:16 2016] <Nik05> Wtf is firstorder doing...
[Sun Feb 14 11:15:08 2016] <Nik05> does firstorder try destructs on or or something?
[Sun Feb 14 11:18:54 2016] <Nik05> Well I finished the proof without firstorder by applying the construct on hypothesis, but could I do it on my goal as well?
[Sun Feb 14 13:39:27 2016] <lingxiao> hey al
[Sun Feb 14 13:39:35 2016] <lingxiao> could someone take a look at my proof state and suggest a pathway forward?
[Sun Feb 14 13:39:52 2016] <lingxiao> http://lpaste.net/152448
[Sun Feb 14 13:39:55 2016] <lingxiao> proof state --^
[Sun Feb 14 13:40:20 2016] <lingxiao> proof: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1846
[Sun Feb 14 13:40:24 2016] <lingxiao> [filter_l]
[Sun Feb 14 13:42:55 2016] <lingxiao> also i'm not confident in my def of [in_order_merge] prop
[Sun Feb 14 14:46:46 2016] <Nik05> lingxiao i finished the inorder proofs last week i think
[Sun Feb 14 14:46:57 2016] <lingxiao> oh great!
[Sun Feb 14 14:47:04 2016] <lingxiao> so you're just one week ahead of me haah
[Sun Feb 14 14:47:15 2016] <Nik05> not really
[Sun Feb 14 14:47:26 2016] <Nik05> im at the next exercise :P
[Sun Feb 14 14:47:56 2016] <Nik05> in_order_merge l1 l2 l -> filter test l1 = l1 -> filter test l2 = [] -> filter test l = l1.
[Sun Feb 14 14:48:01 2016] <Nik05> are you proving that?
[Sun Feb 14 14:50:12 2016] <lingxiao> yup
[Sun Feb 14 14:50:27 2016] <lingxiao> but first i'm not sure my ind prop of in_order_merge is well stated
[Sun Feb 14 14:50:32 2016] <lingxiao> or correct even
[Sun Feb 14 14:51:45 2016] <Nik05> lingxiao i got 4 constructors
[Sun Feb 14 14:51:59 2016] <lingxiao> hmm what were your cases?
[Sun Feb 14 14:52:01 2016] <Nik05> you dont need the nils
[Sun Feb 14 14:52:14 2016] <lingxiao> yeh its a combo of the other two right?
[Sun Feb 14 14:52:19 2016] <Nik05> yes
[Sun Feb 14 14:52:39 2016] <lingxiao> hm ok i'll get rid of that
[Sun Feb 14 14:52:43 2016] <Nik05> and not sure if the l1 = l -> is useful
[Sun Feb 14 14:53:19 2016] <lingxiao> but does by x_eq_z and z_neq_z cases look helpful?
[Sun Feb 14 14:53:23 2016] <lingxiao> or correct i mean
[Sun Feb 14 14:53:35 2016] <lingxiao> hmm how do you approach doing these?
[Sun Feb 14 14:53:36 2016] <Nik05> and i dont get your last two constructors, why do you cons int he first term?
[Sun Feb 14 14:53:46 2016] <lingxiao> becuase I just write out a regular function returning a boolean first
[Sun Feb 14 14:53:48 2016] <Nik05> iom_cons1 : ∀ x l1 l2 l, in_order_merge l1 l2 l -> in_order_merge (x :: l1) l2 (x :: l)
[Sun Feb 14 14:53:51 2016] <Nik05> thats what i used
[Sun Feb 14 14:53:53 2016] <lingxiao> then translate it back into prop
[Sun Feb 14 14:54:55 2016] <lingxiao> oh much better stated haha
[Sun Feb 14 14:55:33 2016] <Nik05>   | iom_nil1 : ∀ l, in_order_merge [] l l
[Sun Feb 14 14:56:06 2016] <Nik05> maybe yours is more useful in coq, i dont know
[Sun Feb 14 14:56:59 2016] <Nik05> and to proof it i used that the length of filter f l is less than or equal to the length of l
[Sun Feb 14 14:57:09 2016] <Nik05> but maybe you can just do induction on the length of l
[Sun Feb 14 14:57:09 2016] <lingxiao> no luck proving stuff with it so so far not useful
[Sun Feb 14 15:02:10 2016] <Nik05> lingxiao not with induction?
[Sun Feb 14 15:02:29 2016] <lingxiao> oh i mean my construction of in_order_merge
[Sun Feb 14 15:02:34 2016] <lingxiao> with tings like x = y
[Sun Feb 14 15:02:41 2016] <lingxiao> i didnt realize you can just write x twice haha
[Sun Feb 14 15:05:12 2016] <lingxiao> ok doing indction on the prop now in the proof
[Sun Feb 14 15:06:09 2016] <lingxiao> in this state: http://lpaste.net/152453
[Sun Feb 14 15:07:15 2016] <lingxiao> Nik05 did you do induction on the def of In_order_merge at all?
[Sun Feb 14 15:07:28 2016] <Nik05> yes
[Sun Feb 14 15:07:34 2016] <Nik05> you can proof this right?
[Sun Feb 14 15:07:46 2016] <lingxiao> hm going thru it now. tbd haha
[Sun Feb 14 15:08:05 2016] <Nik05> i think my proof is too long
[Sun Feb 14 15:08:23 2016] <lingxiao> this is where I am at now: http://lpaste.net/152454
[Sun Feb 14 15:08:30 2016] <lingxiao> i think mine will be long too maybe
[Sun Feb 14 15:08:51 2016] <Nik05> oh why?
[Sun Feb 14 15:10:10 2016] <lingxiao> not sure ... i'm about to do [destruct l] given this goal:  filter test (x :: l) = filter test (x :: l1)
[Sun Feb 14 15:10:18 2016] <lingxiao> and a bunch of premises that I dont know how to  use
[Sun Feb 14 15:10:27 2016] <Nik05> i did a destruct on (test x)
[Sun Feb 14 15:11:55 2016] <lingxiao> ahh i see this as the goal: [   x :: filter test l = x :: filter test l1]
[Sun Feb 14 15:27:54 2016] <Nik05> got it lingxiao ?
[Sun Feb 14 15:29:03 2016] <lingxiao> nope not yet still on that line haha
[Sun Feb 14 15:30:57 2016] <lingxiao> here : http://lpaste.net/152458
[Sun Feb 14 15:31:44 2016] <Nik05> lingxiao remove x :: from both sides
[Sun Feb 14 15:31:52 2016] <Nik05> then aply the induction hypothesis
[Sun Feb 14 15:32:11 2016] <lingxiao> you need a lemma to remove the x right?
[Sun Feb 14 15:32:25 2016] <Nik05> f_equal?
[Sun Feb 14 15:38:24 2016] <Nik05> lingxiao do you see it?>
[Sun Feb 14 15:39:09 2016] <lingxiao> ahh very need
[Sun Feb 14 15:39:11 2016] <lingxiao> neat*
[Sun Feb 14 15:40:19 2016] <lingxiao> my ind hypo is this thougH;
[Sun Feb 14 15:40:20 2016] <lingxiao>   IHin_order_merge : filter test l1 = l1 ->
[Sun Feb 14 15:40:20 2016] <lingxiao>                      filter test l2 = [] -> filter test l = l1
[Sun Feb 14 15:40:27 2016] <lingxiao> so doesnt directly apply
[Sun Feb 14 15:41:51 2016] <Nik05> why noy/
[Sun Feb 14 15:41:53 2016] <Nik05> not?
[Sun Feb 14 15:42:50 2016] <Nik05> simpl in H2. destruct (test x) with test x -> True you can proof your goal with (test x -> False) you have  a contradiction
[Sun Feb 14 15:47:47 2016] <lingxiao> how di you appy f_equal in [  H : x :: filter test l1 = x :: l1] though
[Sun Feb 14 15:49:01 2016] <lingxiao> ah nvm i just replaced it
[Sun Feb 14 15:49:06 2016] <lingxiao> ill worry about it later
[Sun Feb 14 15:49:35 2016] <lingxiao> wait no i didnt haha
[Sun Feb 14 15:49:37 2016] <lingxiao> oh boy
[Sun Feb 14 15:49:42 2016] <lingxiao> the syntax is very obtuse
[Sun Feb 14 16:34:39 2016] <Nik05> im back ling oh gone
[Sun Feb 14 16:35:56 2016] <rrika> keeps happening
[Sun Feb 14 16:45:07 2016] <Nik05> hey rrika
[Sun Feb 14 16:45:19 2016] <rrika> hi
[Sun Feb 14 16:45:31 2016] <rrika> what's new?
[Sun Feb 14 16:46:23 2016] <Nik05> nothing cant proof it
[Sun Feb 14 16:47:01 2016] <rrika> talking about lingxiao's thing?
[Sun Feb 14 16:47:11 2016] <Nik05> no my own :p
[Sun Feb 14 20:28:38 2016] <benzrf> i keep seeing 'lingxiao' and thinking i tabbed to #Mandarin
[Sun Feb 14 23:31:12 2016] <lingxiao> hey does anyone know why I cant do this: http://lpaste.net/152483
[Sun Feb 14 23:31:34 2016] <lingxiao> in the state above, i can't do [apply IHin_order_merge in H0]
[Sun Feb 14 23:35:50 2016] <lingxiao> or better yet in this proof state: http://lpaste.net/152484
[Sun Feb 14 23:36:01 2016] <lingxiao> I'd like to turn H2 into [filter test l1 = l1] using [f_equal]
[Sun Feb 14 23:36:04 2016] <lingxiao> but how would I do it?
[Sun Feb 14 23:59:11 2016] <lingxiao> anyon around?
[Mon Feb 15 03:11:15 2016] <ondra1> hello. Anyone using emacs & ProofGeneral? Is there a way how to create new line after issuing C-c C-n on a line before Qed.? Otherwise I have to do <RET>C-p<TAB> to create new line and add indentation after every C-c C-n when writing a new proof.
[Mon Feb 15 03:31:35 2016] <ondra1> I am actually using the electric mode, this might have easier solution.
[Mon Feb 15 06:14:00 2016] <Nik05> ling* inversion H2....
[Mon Feb 15 11:03:32 2016] <lingxiao_> hey all
[Mon Feb 15 11:03:42 2016] <lingxiao_> could someone help me with this proof?
[Mon Feb 15 11:03:51 2016] <lingxiao_> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1883
[Mon Feb 15 11:04:22 2016] <lingxiao_> it's disconcerning that I am not using icons1 and icons2 form [in_order_merge] in my proof
[Mon Feb 15 11:04:41 2016] <lingxiao_> either I'm not seeing it or my construction of in_order_merge needs some tweaking
[Mon Feb 15 11:05:11 2016] <lingxiao_> and the other case in [ filter_cons] should not occur but there's no contradiction that I can invert
[Mon Feb 15 11:15:06 2016] <ianjneu> lingxiao_: I'm not able to advance the state to that line. Which version of Coq are you using?
[Mon Feb 15 11:15:30 2016] <lingxiao_> how do i check ianjneu?
[Mon Feb 15 11:15:59 2016] <ianjneu> coqtop -v
[Mon Feb 15 11:16:15 2016] <ianjneu> I'm using 8.4pl3
[Mon Feb 15 11:16:31 2016] <lingxiao_> updated link
[Mon Feb 15 11:16:43 2016] <lingxiao_> 8.4pl6
[Mon Feb 15 11:16:49 2016] <lingxiao_> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1876
[Mon Feb 15 11:17:07 2016] <lingxiao_> really my lack of confidence starts with in_order_merge
[Mon Feb 15 11:17:23 2016] <lingxiao_> then it goes to [filter_cons], im not sure how to finish the admitted case
[Mon Feb 15 11:18:01 2016] <lingxiao_> that case should not happen, but I can't find a way to state that using inversion
[Mon Feb 15 11:18:19 2016] <lingxiao_> in the context i see this: http://lpaste.net/152509
[Mon Feb 15 11:18:37 2016] <lingxiao_> ie: so Hx and H are contradicting each other, but I dont know how to state that
[Mon Feb 15 11:21:26 2016] <lingxiao_> ianjneu does [filter_cons] work for you?
[Mon Feb 15 11:22:57 2016] <ianjneu> No, I can't get the list notation to work o_O
[Mon Feb 15 11:23:16 2016] <lingxiao_> oh i think it's because I have dependencies that specify the notatioin
[Mon Feb 15 11:23:28 2016] <lingxiao_> changing the (::) to cons and [] to nil will work I believe
[Mon Feb 15 11:26:14 2016] <ianjneu> You'll probably want to prove something like In x l -> In x (filter test l) <-> test x = true
[Mon Feb 15 11:27:02 2016] <lingxiao_> is this for filter_cons or filter_l?
[Mon Feb 15 11:27:57 2016] <ianjneu> Both
[Mon Feb 15 12:02:19 2016] <Seyaryuki> What is the simplest way to tell Coq that recursion should be on a subterm of an argument of the recursive calls?
[Mon Feb 15 12:03:14 2016] <ianjneu> You can't express that in the logic itself.
[Mon Feb 15 12:03:36 2016] <ianjneu> But you can create functional induction schemes from a Fixpoint definition, if that's what you want.
[Mon Feb 15 12:05:21 2016] <Seyaryuki> Yes, or I'm also happy to use the Program construct, if that helps
[Mon Feb 15 13:12:01 2016] <Nik05> lingxiao inversion
[Mon Feb 15 13:12:05 2016] <Nik05> before you are gone again :P
[Mon Feb 15 13:12:49 2016] <Nik05> you had something like x :: foo = x :: bar, use inversion on it
[Mon Feb 15 13:22:56 2016] <Nik05> and he is gone again :P
[Mon Feb 15 13:59:08 2016] <johnw> Hi Nik05
[Mon Feb 15 13:59:14 2016] <johnw> inversion will tell from that that foo = bar
[Mon Feb 15 14:00:23 2016] <johnw> oh, you're telling linTghe
[Mon Feb 15 14:00:32 2016] <johnw> you're telling lingxiao
[Mon Feb 15 14:02:26 2016] <Nik05> hi johnw
[Mon Feb 15 14:02:29 2016] <johnw> Hi Nik05
[Mon Feb 15 14:02:43 2016] <Nik05> yes lingxiao asked 2 days ago, and yesterday again
[Mon Feb 15 14:02:43 2016] <Nik05> :P
[Mon Feb 15 15:42:59 2016] <miles> How can I rename a term? I have a really hairy term, and just want to henceforth refer to it as "g". Is there a tactic like "name (x + y) as g"?
[Mon Feb 15 15:47:08 2016] <rrika> miles, there's "set"
[Mon Feb 15 15:47:23 2016] <rrika> I think "set (g := (x + y))"
[Mon Feb 15 15:48:20 2016] <rrika> miles, see https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic44
[Mon Feb 15 15:49:49 2016] <miles> oh you are my hero! thanks :)
[Mon Feb 15 15:53:10 2016] <lingxiao> hey rrika could you help me a bit more with the proof we had yesterday?
[Mon Feb 15 15:53:28 2016] <lingxiao> this one: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1875
[Mon Feb 15 15:55:29 2016] <rrika> <Nik05> [19:08:37] lingxiao inversion <Nik05> [19:08:41] before you are gone again :P
[Mon Feb 15 15:55:45 2016] <rrika> gotta go shower, I hope ↑ helps
[Mon Feb 15 15:56:08 2016] <lingxiao> hey sorry ! I thought you left!
[Mon Feb 15 16:08:48 2016] <lingxiao> anyone know what to do in this proof state: http://lpaste.net/152542?
[Mon Feb 15 16:09:19 2016] <lingxiao> doing destruct H0 twice gives me two lists to use as witnesses, but applying them to the goal leads to wrong conclusions
[Mon Feb 15 16:34:11 2016] <rrika> lingxiao, where in IndProp?
[Mon Feb 15 16:43:43 2016] <lingxiao> hey rrika here it is:
[Mon Feb 15 16:44:05 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L2126
[Mon Feb 15 16:44:13 2016] <lingxiao> [in_split]. the last case
[Mon Feb 15 16:46:38 2016] <rrika> that doesn't look provable
[Mon Feb 15 16:46:48 2016] <rrika> that very last state I mean
[Mon Feb 15 16:47:01 2016] <lingxiao> yeah i think so too
[Mon Feb 15 16:47:10 2016] <lingxiao> so it boggles my mind that i can arrive at unprovable states
[Mon Feb 15 16:47:17 2016] <lingxiao> while doing nothing wrong in particular
[Mon Feb 15 16:47:36 2016] <lingxiao> does induction on l make sense? I can't think of another thing to induct on ... maybe In?
[Mon Feb 15 16:47:51 2016] <rrika> I'm currently checking if there are better values for the last two "exists"
[Mon Feb 15 16:48:49 2016] <lingxiao> except H is a function retrning a property ... not an inductive property
[Mon Feb 15 16:49:22 2016] <rrika> yeah, is that the point of the exercise?
[Mon Feb 15 16:49:42 2016] <rrika> (just curious, it seems worth practicing)
[Mon Feb 15 16:50:14 2016] <lingxiao> hm? no in_split seems almost like a throwaway easy thing to do, so i imagine it's not tehre to practice induction on props
[Mon Feb 15 16:50:24 2016] <lingxiao> there are many ones above that are for that purpose
[Mon Feb 15 16:50:27 2016] <lingxiao> and are freaking hard lol
[Mon Feb 15 16:50:30 2016] <rrika> okay, lingxiao
[Mon Feb 15 16:50:45 2016] <rrika> after the two exacts you need only three more steps to finish
[Mon Feb 15 16:50:58 2016] <lingxiao> oo wati what exact?
[Mon Feb 15 16:51:03 2016] <rrika> eh, exists
[Mon Feb 15 16:51:04 2016] <rrika> sorry
[Mon Feb 15 16:51:22 2016] <lingxiao> ok just to be sure I see this after two exists:
[Mon Feb 15 16:51:27 2016] <lingxiao> http://lpaste.net/152544
[Mon Feb 15 16:51:48 2016] <rrika> you need to choose two different values
[Mon Feb 15 16:52:30 2016] <lingxiao> rrika before my exists?
[Mon Feb 15 16:52:45 2016] <lingxiao> or after the exists in the state as I see it ..
[Mon Feb 15 16:52:49 2016] <rrika> exists 1. exists 2.
[Mon Feb 15 16:52:55 2016] <rrika> '1' and '2' need to be changed.
[Mon Feb 15 16:53:01 2016] <rrika> is what I mean
[Mon Feb 15 16:53:04 2016] <lingxiao> ok great that makes sense
[Mon Feb 15 16:53:17 2016] <lingxiao> so we are at this state: http://lpaste.net/152545
[Mon Feb 15 16:54:18 2016] <rrika> keep in mind that you don't have to aim for the goal being showable through reflexivity.
[Mon Feb 15 16:54:25 2016] <rrika> it's okay to rely on the assumtions you have in context
[Mon Feb 15 16:54:31 2016] <rrika> especially H0
[Mon Feb 15 16:54:34 2016] <lingxiao> oo ok that's interesting havnt considered that ..
[Mon Feb 15 16:54:43 2016] <lingxiao> so H0 says l' = x0 ++ x :: x1 right?
[Mon Feb 15 16:54:48 2016] <rrika> yes
[Mon Feb 15 16:55:55 2016] <lingxiao> and goals says exists l1 l2. a :: l' = l1 ++ x :: l2
[Mon Feb 15 16:56:07 2016] <rrika> yes
[Mon Feb 15 16:56:16 2016] <lingxiao> so that means :   a :: (x0 ++ x :: x1) = l1 ++ x :: l2
[Mon Feb 15 16:56:25 2016] <lingxiao> so  a::x0 = l1
[Mon Feb 15 16:56:27 2016] <lingxiao> x1 = l2
[Mon Feb 15 16:56:52 2016] <rrika> basically
[Mon Feb 15 16:56:55 2016] <rrika> yes
[Mon Feb 15 16:57:15 2016] <lingxiao> got it!
[Mon Feb 15 16:57:30 2016] <lingxiao> thanks a lot! it really helps to talk this thru and get hints on what to focus on in context
[Mon Feb 15 16:59:06 2016] <lingxiao> btw rrika have you done NoDup ?
[Mon Feb 15 16:59:19 2016] <lingxiao> and where it says pick an interesting theoremo relationg disjoint nodup and ++
[Mon Feb 15 16:59:50 2016] <lingxiao> my section of that look like this: http://lpaste.net/152546
[Mon Feb 15 16:59:56 2016] <rrika> Doesn't exist in my copy of SF
[Mon Feb 15 17:00:04 2016] <lingxiao> hmm are you doing the most recent one?
[Mon Feb 15 17:00:10 2016] <lingxiao> or the one from 2013
[Mon Feb 15 17:00:23 2016] <rrika> I think I downloaded the most recent one
[Mon Feb 15 17:00:31 2016] <rrika> not sure anymore
[Mon Feb 15 17:00:33 2016] <lingxiao> this one: http://www.seas.upenn.edu/~cis500/current/sf/IndProp.html
[Mon Feb 15 17:00:38 2016] <lingxiao> note the ..../current/....
[Mon Feb 15 17:00:56 2016] <rrika> well, that seems to be your university's edition
[Mon Feb 15 17:00:59 2016] <lingxiao> it's a mess btw, it's like a live google doc. all these comments saying stuff doesnt belong or things are just dumped there
[Mon Feb 15 17:01:03 2016] <lingxiao> yeah haha ... sure is
[Mon Feb 15 17:01:16 2016] <lingxiao> and the comments really gives me confidence in the system
[Mon Feb 15 17:02:15 2016] <rrika> oh, I'm doing one from 2015 apparently
[Mon Feb 15 17:02:18 2016] <rrika> "version 3.2"
[Mon Feb 15 17:02:27 2016] <rrika> as opposed to your "version 4.0"
[Mon Feb 15 17:03:37 2016] <lingxiao> yeah it's like i'm doing some nonstable version or something
[Mon Feb 15 17:03:41 2016] <lingxiao> #cuttingEdge  #foreFront
[Mon Feb 15 17:03:49 2016] <lingxiao> :(
[Mon Feb 15 17:04:16 2016] <rrika> where is the "official" one?
[Mon Feb 15 17:04:30 2016] <lingxiao> but yea let me know if you want to try it
[Mon Feb 15 17:04:42 2016] <lingxiao> it's a super fascinating problem i swear
[Mon Feb 15 17:04:48 2016] <lingxiao> here: http://www.seas.upenn.edu/~cis500/current/index.html#schedule
[Mon Feb 15 17:04:54 2016] <lingxiao> has all the latest ones
[Mon Feb 15 17:05:07 2016] <lingxiao> i noticed that given any link ot lecture: ie http://www.seas.upenn.edu/~cis500/current/sf/IndProp.html
[Mon Feb 15 17:05:27 2016] <lingxiao> if you just delete the bit in the url that says 2015 or w/e and put in current
[Mon Feb 15 17:05:40 2016] <lingxiao> you might end up with the current one if its released
[Mon Feb 15 17:20:24 2016] <lingxiao> rrika do you have the pigeon hole principle one in yours?
[Mon Feb 15 17:21:31 2016] <rrika> yes
[Mon Feb 15 17:21:36 2016] <rrika> but I haven't done any of these exercises yet
[Mon Feb 15 17:26:44 2016] <lingxiao> ok thanks!
[Mon Feb 15 23:14:13 2016] <lingxiao> hey all
[Mon Feb 15 23:14:33 2016] <lingxiao> how come I cannot destruct (beq_id x x') in this case?
[Mon Feb 15 23:14:42 2016] <lingxiao> http://lpaste.net/152572
[Mon Feb 15 23:14:52 2016] <lingxiao> is it because x' is not in context?
[Mon Feb 15 23:15:39 2016] <lingxiao> proof here for anyone intersted : https://github.com/lingxiao/CIS500/blob/master/hw5/Maps.v#L248
[Mon Feb 15 23:25:40 2016] <jrw> lingxiao: yes, because x' is not in context
[Mon Feb 15 23:25:53 2016] <jrw> more generally you cannot really work under binders very easily in coq
[Mon Feb 15 23:26:22 2016] <lingxiao> hmm ok i see
[Mon Feb 15 23:26:28 2016] <lingxiao> what's the startegy for this proof then?
[Mon Feb 15 23:26:47 2016] <lingxiao> map is defined as follows: Definition total_map (A:Type) := id -> A.
[Mon Feb 15 23:26:53 2016] <jrw> lingxiao: unfortunately that goal is not provable without axioms :(
[Mon Feb 15 23:27:13 2016] <lingxiao> hmm hint says use : functional extensionality axiom
[Mon Feb 15 23:27:19 2016] <jrw> lingxiao: well there you go :)
[Mon Feb 15 23:27:28 2016] <jrw> strategy is to use that axiom then
[Mon Feb 15 23:27:35 2016] <lingxiao> haha not sure how it applies though?
[Mon Feb 15 23:27:46 2016] <lingxiao> Axiom functional_extensionality : ∀{X Y: Type}
[Mon Feb 15 23:27:46 2016] <lingxiao>                                     {f g : X → Y},
[Mon Feb 15 23:27:46 2016] <lingxiao>   (∀(x:X), f x = g x) → f = g.
[Mon Feb 15 23:28:10 2016] <lingxiao> I see here that f is t_update m x (m x)
[Mon Feb 15 23:28:13 2016] <lingxiao> and g is m
[Mon Feb 15 23:28:14 2016] <jrw> literally [apply functional_extensionality.]
[Mon Feb 15 23:30:55 2016] <lingxiao> ahh great now i'm at this state: http://lpaste.net/152573
[Mon Feb 15 23:31:34 2016] <lingxiao> or backup , after applying that theorem we have this as the goal:
[Mon Feb 15 23:31:35 2016] <lingxiao> forall x0 : id, t_update m x (m x) x0 = m x0
[Mon Feb 15 23:32:14 2016] <lingxiao> i do [intros x'. unfold t_update] and we have:
[Mon Feb 15 23:32:23 2016] <lingxiao>    (if beq_id x x' then m x else m x') = m x'
[Mon Feb 15 23:32:45 2016] <jrw> yep
[Mon Feb 15 23:33:13 2016] <jrw> okay so when you destruct you're going to lose information
[Mon Feb 15 23:33:42 2016] <jrw> so either do [destruct (beq_id x x' eqn:Hfoo).]
[Mon Feb 15 23:34:04 2016] <jrw> or do [remember (beq_id x x') as b. destruct b.]
[Mon Feb 15 23:34:19 2016] <jrw> in either case you'll get an equation in your context that will help you
[Mon Feb 15 23:34:26 2016] <lingxiao> ahh got it!
[Mon Feb 15 23:36:33 2016] <lingxiao> Thanks!
[Mon Feb 15 23:39:26 2016] <lingxiao> any tips on thisone:
[Mon Feb 15 23:39:39 2016] <lingxiao> http://lpaste.net/152574
[Mon Feb 15 23:39:44 2016] <lingxiao> theres no reason why the goal should be true
[Mon Feb 15 23:39:56 2016] <lingxiao> the proof: https://github.com/lingxiao/CIS500/blob/master/hw5/Maps.v#L278
[Mon Feb 15 23:41:47 2016] <lingxiao> ping jrw
[Mon Feb 15 23:43:04 2016] <jrw> lingxiao: you have a contradiction in your context
[Mon Feb 15 23:43:11 2016] <jrw> because you have [x1 <> x2]
[Mon Feb 15 23:43:26 2016] <lingxiao> how does that contradict things?
[Mon Feb 15 23:43:30 2016] <jrw> but also (via the beq hypotheses and transitivity) [x1 = x2]
[Mon Feb 15 23:43:53 2016] <lingxiao> ahh Hb1 and Hb2 -> x1 = x2
[Mon Feb 15 23:44:10 2016] <lingxiao> hmm how would i use this contradiction though?
[Mon Feb 15 23:44:17 2016] <lingxiao> so far I only know inversion ...
[Mon Feb 15 23:44:28 2016] <lingxiao> i guess i could do a bunch of rewrites ...
[Mon Feb 15 23:45:16 2016] <jrw> lingxiao: well for sure you're going to have to use a lemma that tells you that [beq a b = true -> a = b]
[Mon Feb 15 23:45:35 2016] <lingxiao> jrw yup i did that and now i see this: http://lpaste.net/152575
[Mon Feb 15 23:45:50 2016] <jrw> after that, the most basic way to leverage a contradiction like this is to do [exfalso.] to convert your goal to False, and then [apply H.] where [H : a <> b]
[Mon Feb 15 23:46:04 2016] <jrw> and then [apply H'.] where [H' : a = b]
[Mon Feb 15 23:46:17 2016] <lingxiao> ok i'm still confused about that  since iv used it
[Mon Feb 15 23:46:26 2016] <lingxiao> so I do exfalos, stating my goal is false right?
[Mon Feb 15 23:46:27 2016] <jrw> I believe SF has their own version of exfalso if you'd prefer to use that
[Mon Feb 15 23:46:40 2016] <jrw> lingxiao: no, not quite, it means "from False, anything follows"
[Mon Feb 15 23:46:40 2016] <lingxiao> yeah it's soem longer latin i cant remmeber haha
[Mon Feb 15 23:46:48 2016] <jrw> ex_falso_quod_libet probably
[Mon Feb 15 23:47:06 2016] <jrw> it means "from False, anything follows" :)
[Mon Feb 15 23:47:19 2016] <lingxiao>  ahh cools
[Mon Feb 15 23:47:25 2016] <jrw> so no matter what your goal is, if you can prove False, you can prove your goal
[Mon Feb 15 23:47:30 2016] <lingxiao> so i apply [H : x <> x] to False
[Mon Feb 15 23:47:35 2016] <lingxiao> ok i see .. so that becomes x = x
[Mon Feb 15 23:47:56 2016] <lingxiao> ok i see the gist now thans!
[Mon Feb 15 23:47:58 2016] <jrw> remember that "a <> b" is defined to be [a = b -> False]
[Mon Feb 15 23:48:13 2016] <jrw> so your just applying that like normal
[Mon Feb 15 23:48:24 2016] <lingxiao> ahh so apply [ a = b -> False] False    ===> a = b right?
[Mon Feb 15 23:48:28 2016] <lingxiao> ok cools
[Mon Feb 15 23:48:30 2016] <lingxiao> thansk!
[Mon Feb 15 23:48:31 2016] <jrw> if you have [H : A -> B] and a goal of [B] then [apply H] converts your goal to A
[Mon Feb 15 23:48:34 2016] <jrw> right
[Mon Feb 15 23:48:43 2016] <lingxiao> ok great explanation that actually cleared it up thank you!
[Mon Feb 15 23:49:20 2016] <jrw> np
[Mon Feb 15 23:51:21 2016] <lingxiao> btw jrw this statement is true right:
[Mon Feb 15 23:51:23 2016] <lingxiao>  forall (X : Type) (test : X -> bool) (l : list X) (x : X),
[Mon Feb 15 23:51:23 2016] <lingxiao>   filter test (x :: l) = x :: l -> filter test l = l.
[Mon Feb 15 23:51:36 2016] <jrw> yes
[Mon Feb 15 23:51:42 2016] <lingxiao> ok hewww haha
[Mon Feb 15 23:52:13 2016] <jrw> but you might not be able to prove it directly by induction
[Mon Feb 15 23:52:17 2016] <lingxiao> because i'm in this state for some reason and it's contradictory: http://lpaste.net/152576
[Mon Feb 15 23:52:20 2016] <lingxiao> oh boy ..
[Mon Feb 15 23:52:38 2016] <lingxiao> I destructed (test x)
[Mon Feb 15 23:52:45 2016] <jrw> haven't we talked about this before?
[Mon Feb 15 23:52:57 2016] <lingxiao> heres the proof:https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1867
[Mon Feb 15 23:53:16 2016] <lingxiao> i dont think so?
[Mon Feb 15 23:53:22 2016] <lingxiao> I wrote this today ...
[Mon Feb 15 23:53:36 2016] <lingxiao> i was trying to do this:
[Mon Feb 15 23:53:38 2016] <lingxiao> (* todo: seem to be taking the hard way around ... *)
[Mon Feb 15 23:53:38 2016] <lingxiao> Theorem filter_spec : forall (X : Type) (test : X -> bool) (l l1 l2 : list X),
[Mon Feb 15 23:53:40 2016] <lingxiao>   in_order_merge l1 l2 l -> filter test l1 = l1 -> filter test l2 = [] ->
[Mon Feb 15 23:53:42 2016] <lingxiao>   filter test l = l1.
[Mon Feb 15 23:53:53 2016] <lingxiao> errr .. that came out bad .. it's the next theorem in the link i provided
[Mon Feb 15 23:54:16 2016] <jrw> okay, I must have been chatting with someone else with the same question :)
[Mon Feb 15 23:54:31 2016] <lingxiao> yeah rrika was doing the same thing haha
[Mon Feb 15 23:54:40 2016] <jrw> anyway, the easiest way to get a contradiction there is to prove that fileter can't increase the length of the list
[Mon Feb 15 23:54:41 2016] <lingxiao> althoguh i dont really understand her proof so theres that
[Mon Feb 15 23:55:03 2016] <jrw> in other words, [length (filter p l) <= length l]
[Mon Feb 15 23:55:07 2016] <lingxiao> so bascially we should have [filter test l = x :: l = false]
[Mon Feb 15 23:55:18 2016] <lingxiao> or [filter test l = x :: l  -> false ]
[Mon Feb 15 23:55:19 2016] <jrw> it implies False, yes.
[Mon Feb 15 23:55:32 2016] <jrw> (false is a boolean in coq; False is the proposition)
[Mon Feb 15 23:55:43 2016] <lingxiao> yup muscle memory slipped back in
[Mon Feb 15 23:55:52 2016] <lingxiao> believe it or not that's one of the few things i know about coq haha
[Mon Feb 15 23:55:59 2016] <lingxiao> noob otherwise
[Mon Feb 15 23:55:59 2016] <jrw> :)
[Mon Feb 15 23:56:38 2016] <jrw> so it does imply False, and the easiest way to prove that it does is to use that lemma about the length of a filter
[Mon Feb 15 23:56:55 2016] <jrw> because if you have that lemma, then you can apply it to get [S n <= n]
[Mon Feb 15 23:57:20 2016] <jrw> which implies False
[Mon Feb 15 23:57:42 2016] <jrw> now all that being said, I think your definition of in_order_merge is overly complex
[Mon Feb 15 23:57:49 2016] <jrw> and you are running into a lot of trouble because of that
[Mon Feb 15 23:58:03 2016] <lingxiao> ok but i cannot apply [leamm :  length (filter p l) <= length l.] to [H filter test l = x :: l]?
[Mon Feb 15 23:58:09 2016] <lingxiao> and YES! That was my actual question
[Mon Feb 15 23:58:19 2016] <lingxiao> i feel like im stating it in a not so good manner
[Mon Feb 15 23:58:24 2016] <lingxiao> suggestions :) ?
[Mon Feb 15 23:58:40 2016] <lingxiao> i even wrote: (* todo: seem to be taking the hard way around ... *)
[Mon Feb 15 23:59:11 2016] <lingxiao> or i mean: (* todo: is this well stated? seems to be really hard to prove things with this *)
[Mon Feb 15 23:59:24 2016] <lingxiao> see jrw i just write the regular recursive function that returns a bool
[Mon Feb 15 23:59:29 2016] <lingxiao> and then translate it Prop
[Mon Feb 15 23:59:41 2016] <lingxiao> but i have no intution for what makes a well state prop otherwise
[Tue Feb 16 00:00:32 2016] <jrw> lingxiao: I think your two constructors l1_nil and l2_nil are redundant
[Tue Feb 16 00:00:55 2016] <jrw> I can replace them by starting with [nils] and building up a bunch of uses of either [icons1] or [icons2]
[Tue Feb 16 00:00:58 2016] <lingxiao> so i only need nils  and icons1 and icons2 ?
[Tue Feb 16 00:01:00 2016] <jrw> yes
[Tue Feb 16 00:03:21 2016] <lingxiao> hmm but fi they're redudant they dont really do much right?
[Tue Feb 16 00:03:42 2016] <lingxiao> eg i didnt use l2_nil or l1_nil in my main proof at all
[Tue Feb 16 00:04:12 2016] <jrw> lingxiao: yeah but they make you have a bunch of extra cases when you induct
[Tue Feb 16 00:04:24 2016] <lingxiao> hmm i see
[Tue Feb 16 00:04:45 2016] <lingxiao> do you think my [in_order_merge] is sufficent with just nils and icons1 and icons2 then?
[Tue Feb 16 00:05:30 2016] <jrw> yes
[Tue Feb 16 00:05:51 2016] <lingxiao> but when i took the case out of my function  b_inOrder below they fail the tests?
[Tue Feb 16 00:07:04 2016] <jrw> lingxiao: well your definition of b_inOrder isn't correct if you just delete the corresponding cases
[Tue Feb 16 00:07:08 2016] <jrw> you need to restructure the cons case
[Tue Feb 16 00:07:21 2016] <jrw> because you were overly aggressive in matching all three against cons
[Tue Feb 16 00:07:35 2016] <jrw> instead, only match the third one against cons, leaving the first two as variables
[Tue Feb 16 00:08:10 2016] <lingxiao> wait you mean so i should have:  l1, l2,  z :: l3'  ?
[Tue Feb 16 00:08:16 2016] <lingxiao> but then what would z match against?
[Tue Feb 16 00:11:16 2016] <lingxiao> ok followed your advice and delete those two cases!
[Tue Feb 16 00:11:31 2016] <lingxiao> I'll rework my bool function until it works so I understand what you're saying
[Tue Feb 16 00:13:13 2016] <jrw> lingxiao: right, the point is that you can't know what z will match against. it could match against the head of either l1 or l2. but in the case it maches the head of l1, l2 could very well be nil, but your definition wouldn't allow that.
[Tue Feb 16 00:13:40 2016] <lingxiao> ahh i see, you mean after i delete the two redudance cases
[Tue Feb 16 00:14:05 2016] <lingxiao> so I should really just do match l3 with:   []  => match l1 l2 with ...
[Tue Feb 16 00:14:16 2016] <lingxiao> z :: l3'  => match l1 l2 with
[Tue Feb 16 00:14:23 2016] <lingxiao> or l3 is l in this case
[Tue Feb 16 00:14:38 2016] <lingxiao> so check l first, then on each branch check l1 and l2?
[Tue Feb 16 00:19:19 2016] <lingxiao> or I'm going to bed now but I'll think about what you said tomorrow! Thank you for all your help!!
[Tue Feb 16 09:35:02 2016] <ondra1> hello, anyone using emacs and proofgeneral?
[Tue Feb 16 10:57:06 2016] <lingxiao> hey all
[Tue Feb 16 10:57:10 2016] <lingxiao> coudl someone walk me thru this proof?
[Tue Feb 16 10:57:24 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1878
[Tue Feb 16 10:57:31 2016] <lingxiao> it's day 3 now :(
[Tue Feb 16 11:16:21 2016] <lingxiao> actually that one i just did!
[Tue Feb 16 11:17:11 2016] <lingxiao> it's this one now: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1866
[Tue Feb 16 12:08:24 2016] <lingxiao> hey all
[Tue Feb 16 12:08:52 2016] <lingxiao> anyone around?
[Tue Feb 16 12:09:15 2016] <lingxiao> and want to take a look at this: https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1862
[Tue Feb 16 12:52:01 2016] <Nik05> hey lingxiao
[Tue Feb 16 12:52:03 2016] <Nik05> yes im here :P
[Tue Feb 16 12:52:08 2016] <lingxiao> oh great thanks!
[Tue Feb 16 12:52:24 2016] <lingxiao> yeah [filter_len] is really givingme a lot trouble!
[Tue Feb 16 12:52:27 2016] <Nik05> lol same proof? :P
[Tue Feb 16 12:52:39 2016] <Nik05> i already gave you the answer i think 4 days ago :P
[Tue Feb 16 12:52:43 2016] <Nik05> just inversion
[Tue Feb 16 12:53:29 2016] <lingxiao> oh no this stateement: [filter test l = x :: l -> False.]
[Tue Feb 16 12:53:33 2016] <lingxiao> this is new ..
[Tue Feb 16 12:53:37 2016] <lingxiao> or kind of
[Tue Feb 16 12:54:07 2016] <Nik05> what course is that CIS500?
[Tue Feb 16 12:54:11 2016] <lingxiao> yup
[Tue Feb 16 12:54:25 2016] <Nik05> oh its the course from zdancewic
[Tue Feb 16 12:54:27 2016] <lingxiao> this is the state i see: http://pastebin.com/42TamR16
[Tue Feb 16 12:54:29 2016] <lingxiao> ypu
[Tue Feb 16 12:54:31 2016] <lingxiao> yup*
[Tue Feb 16 12:54:48 2016] <lingxiao> I can [simpl.] here
[Tue Feb 16 12:55:00 2016] <Nik05> thats a long course
[Tue Feb 16 12:55:23 2016] <lingxiao> yeah oh boy
[Tue Feb 16 12:55:32 2016] <lingxiao> and IndProp.v is a long doc
[Tue Feb 16 12:55:37 2016] <Nik05> yeah :p
[Tue Feb 16 12:55:45 2016] <Nik05> oh right its now called IndProp
[Tue Feb 16 12:55:50 2016] <Nik05> oh huh wait
[Tue Feb 16 12:55:57 2016] <Nik05> in mine its MoreLogic.v
[Tue Feb 16 13:03:45 2016] <Nik05> fuck
[Tue Feb 16 13:03:54 2016] <Nik05> i have overwritten my Prop.v....
[Tue Feb 16 13:03:55 2016] <Nik05> shit
[Tue Feb 16 13:03:57 2016] <Nik05> ebverything gone
[Tue Feb 16 13:04:04 2016] <Nik05> well i still got the .vo file :P
[Tue Feb 16 13:05:09 2016] <Nik05> I should use git...
[Tue Feb 16 13:07:17 2016] <lingxiao> oh no!
[Tue Feb 16 13:07:22 2016] <lingxiao> yeah he changed a bunch of stuff this year
[Tue Feb 16 13:07:40 2016] <Nik05> i changed Prop.v to PropInd.v
[Tue Feb 16 13:07:49 2016] <Nik05> then i moved Prop.vo to PropInd.v .... oops
[Tue Feb 16 13:08:20 2016] <Nik05> can i disassemble a vo file? :P
[Tue Feb 16 13:10:35 2016] <Nik05> Oh Prop.v isnt that large in my version
[Tue Feb 16 13:10:55 2016] <Nik05> oh maybe it is...
[Tue Feb 16 13:22:19 2016] <Nik05> shit fuck
[Tue Feb 16 13:22:30 2016] <Nik05> My complete Prop.v is gone
[Tue Feb 16 13:41:55 2016] <Nik05> running recovery software...
[Tue Feb 16 14:00:48 2016] <Nik05> ling i think i found it back on my harddisk :D
[Tue Feb 16 14:02:09 2016] <Nik05> oke i got it back :)
[Tue Feb 16 14:02:20 2016] <Nik05> luckely there is somethign as a journal in filesystems
[Tue Feb 16 16:45:42 2016] <lingxiao> hey does anyone know how I can get rid of this state?
[Tue Feb 16 16:45:48 2016] <lingxiao> which has a false coclusion in it:
[Tue Feb 16 16:46:00 2016] <lingxiao> http://lpaste.net/152604
[Tue Feb 16 16:47:38 2016] <jrw> lingxiao: remember that false conclusions do you know good
[Tue Feb 16 16:47:54 2016] <jrw> when you see that your conclusion is false, you should get scared. your only hope is to find a contradiction in your hypotheses.
[Tue Feb 16 16:48:18 2016] <jrw> in this case, I don't see that you have one
[Tue Feb 16 16:48:24 2016] <lingxiao> yeah that's the issue :(
[Tue Feb 16 16:48:40 2016] <lingxiao> here's the proof:
[Tue Feb 16 16:48:42 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1855
[Tue Feb 16 16:48:46 2016] <lingxiao> [filter_len]
[Tue Feb 16 16:48:48 2016] <lingxiao> I know it's correct
[Tue Feb 16 16:48:56 2016] <lingxiao> Im just trying to find  a way to prove it
[Tue Feb 16 16:49:23 2016] <jrw> I thought we already talked about this
[Tue Feb 16 16:49:34 2016] <jrw> but yeah, your statement of filter_len is not proveable directly by induction
[Tue Feb 16 16:49:44 2016] <jrw> you need to generalize
[Tue Feb 16 16:49:55 2016] <lingxiao> we did and im still struggling
[Tue Feb 16 16:50:01 2016] <lingxiao> im really struggling on this proof tbh
[Tue Feb 16 16:50:12 2016] <lingxiao> i feel like a chicken w/ my head cut off
[Tue Feb 16 16:50:16 2016] <jrw> haha
[Tue Feb 16 16:50:28 2016] <jrw> that means you're in a good place to learn something from this one :)
[Tue Feb 16 16:50:54 2016] <lingxiao> i dont know how to relate something like length (l) < length ( x:: l) to the actual bit of thing I have in my main theorem
[Tue Feb 16 16:51:03 2016] <lingxiao> yeah im def strugggling not sure about learning
[Tue Feb 16 16:51:20 2016] <jrw> lingxiao: okay why don't you try doing it as two lemmas
[Tue Feb 16 16:51:29 2016] <rrika> lingxiao, I was once stuck on a two star exercise for two days
[Tue Feb 16 16:51:34 2016] <jrw> so you've got the thing about length (filter p l) <= length l right?
[Tue Feb 16 16:51:35 2016] <rrika> always something to learn from it
[Tue Feb 16 16:51:57 2016] <lingxiao> no but i can put it back
[Tue Feb 16 16:52:13 2016] <jrw> and then you should prove a second lemma that says that filter p l = x :: l -> False
[Tue Feb 16 16:53:26 2016] <lingxiao> jrw suppose if i back up for a second and Im looking at this sate: http://lpaste.net/152605
[Tue Feb 16 16:53:41 2016] <lingxiao> my goal contradicts my premis H, and premis H is wrong
[Tue Feb 16 16:53:45 2016] <lingxiao> how do I get out of here
[Tue Feb 16 16:53:56 2016] <jrw> we're going to show that H is wrong
[Tue Feb 16 16:54:12 2016] <lingxiao> because if I can do it w/o lemma : filter test l = x :: l -> False then that's great
[Tue Feb 16 16:54:18 2016] <lingxiao> yeaht that 's what im trying to do
[Tue Feb 16 16:54:39 2016] <lingxiao> tbh i think the problems im creating are due to my own stupididy and theres nothing to learn from this other than dont be stupid in this very particular case
[Tue Feb 16 16:56:11 2016] <lingxiao> or jrw better yet if we see this in the context: [  Hl1 : filter test (x :: l1) = x :: l1 ]
[Tue Feb 16 16:56:34 2016] <lingxiao> how do i change Hl1 to [filter test l1 = l1]
[Tue Feb 16 16:56:40 2016] <lingxiao> because that's all i really wanted to do.
[Tue Feb 16 16:56:48 2016] <lingxiao> and I think im creating so much problems for myself
[Tue Feb 16 16:56:54 2016] <lingxiao> also rrika if you know please chime in!
[Tue Feb 16 16:57:11 2016] <jrw> lingxiao: so I've already described a strategy that will do this
[Tue Feb 16 16:57:25 2016] <jrw> proceed just like you did to destruct the test
[Tue Feb 16 16:57:38 2016] <jrw> in the first case you did the right thing and reduced it like you wanted
[Tue Feb 16 16:57:44 2016] <lingxiao> you mean destruct the hyothesis Hl1?
[Tue Feb 16 16:57:47 2016] <jrw> in the second case, we're going to derive a contradiction
[Tue Feb 16 16:57:50 2016] <jrw> no
[Tue Feb 16 16:59:00 2016] <jrw> when you simpl in Hl1 you will get an if
[Tue Feb 16 16:59:06 2016] <jrw> then you destruct (test x) or something
[Tue Feb 16 16:59:32 2016] <lingxiao> jrw what do you mean 2dn step?
[Tue Feb 16 16:59:54 2016] <lingxiao> so we have Hl1 in the main proof [filter_spec]
[Tue Feb 16 16:59:54 2016] <lingxiao> youo're saying *dont* destruct there right
[Tue Feb 16 17:02:49 2016] <lingxiao> or you're saying get rid of filter len : filter test l = x :: l -> False.
[Tue Feb 16 17:03:01 2016] <lingxiao> and instead   hav lemma : filter test l = x :: l -> False
[Tue Feb 16 17:03:33 2016] <lingxiao> wait that is filter_len!!
[Tue Feb 16 17:04:01 2016] <jrw> lingxiao: okay let me start from the beginning
[Tue Feb 16 17:04:09 2016] <lingxiao> yes plese
[Tue Feb 16 17:04:39 2016] <jrw> part of the problem is there are many ways of doing this
[Tue Feb 16 17:04:51 2016] <jrw> and you have asked several people over several days and gotten conflicting advice
[Tue Feb 16 17:05:01 2016] <jrw> and you have implemented some sort of union of these approaches
[Tue Feb 16 17:05:04 2016] <jrw> and it is very messy
[Tue Feb 16 17:05:05 2016] <lingxiao> yeah pretty much .. and I have no vision of how to go about it
[Tue Feb 16 17:05:08 2016] <lingxiao> yes i ag ree
[Tue Feb 16 17:05:13 2016] <lingxiao> or it must be the case
[Tue Feb 16 17:05:25 2016] <jrw> now all that being said, I don't want to do the exercise for you
[Tue Feb 16 17:05:34 2016] <jrw> I could show you what I mean by showing you a proof of this exercise
[Tue Feb 16 17:05:38 2016] <jrw> but that wouldn't be very fun
[Tue Feb 16 17:05:54 2016] <lingxiao> this one gave me tons of fun so far
[Tue Feb 16 17:06:06 2016] <lingxiao> tbh the fruastrating is that I'm not actually learning any new concepts
[Tue Feb 16 17:06:14 2016] <jrw> lingxiao: I promise you're learning :)
[Tue Feb 16 17:06:16 2016] <lingxiao> just a new way to state a lemma that's obv true, but not provable
[Tue Feb 16 17:06:21 2016] <jrw> it may not seem like it, but you are.
[Tue Feb 16 17:06:27 2016] <lingxiao> and there are inf any lemmas liek that
[Tue Feb 16 17:06:32 2016] <lingxiao> :\ i hope so
[Tue Feb 16 17:06:35 2016] <jrw> this is a perfect example of a true fact that is not directly proveable by induction
[Tue Feb 16 17:06:39 2016] <jrw> there are many such facts
[Tue Feb 16 17:06:50 2016] <lingxiao> you mean this fact : filter test l = x :: l -> False.
[Tue Feb 16 17:06:53 2016] <jrw> right
[Tue Feb 16 17:07:12 2016] <jrw> one of the most important skills in verification is being able to recognize those facts and also being able to come up with a different fact that is directly proveable by induction and implies the original fact
[Tue Feb 16 17:07:19 2016] <jrw> you are learning that skill
[Tue Feb 16 17:08:08 2016] <lingxiao> hm ok great thanks for that
[Tue Feb 16 17:08:12 2016] <lingxiao> at least it justifies the struggle
[Tue Feb 16 17:08:14 2016] <jrw> :)
[Tue Feb 16 17:08:21 2016] <jrw> okay
[Tue Feb 16 17:08:31 2016] <jrw> so all that meta-level discussion aside, where should we start?
[Tue Feb 16 17:08:34 2016] <lingxiao> so i need to find some Fact -> ( filter test l = x :: l -> False)
[Tue Feb 16 17:08:39 2016] <lingxiao> or i dont know tbh
[Tue Feb 16 17:08:39 2016] <jrw> yep
[Tue Feb 16 17:08:43 2016] <jrw> that's right
[Tue Feb 16 17:08:57 2016] <jrw> now, I have already proposed such a fact, do you remember?
[Tue Feb 16 17:09:23 2016] <lingxiao> too many have beeen suggested so not really:
[Tue Feb 16 17:09:26 2016] <lingxiao> something about length
[Tue Feb 16 17:09:41 2016] <jrw> exactly
[Tue Feb 16 17:09:59 2016] <homevillageness> Hi, I wondered if someone could point me to some resources to learning coq and/or other proof verification languages
[Tue Feb 16 17:10:07 2016] <jrw> my proposal is Fact : forall blah blah blah, length (filter p l) <= length l
[Tue Feb 16 17:10:26 2016] <jrw> homevillageness: welcome :) I recommend starting with "software foundations" if you want to learn coq
[Tue Feb 16 17:10:36 2016] <jrw> homevillageness: https://www.cis.upenn.edu/~bcpierce/sf/
[Tue Feb 16 17:10:38 2016] <lingxiao> ok so say i have [length (filter p l) <= length l]
[Tue Feb 16 17:10:59 2016] <jrw> lingxiao: now your first job is to convince your self that that implies filter test l = x :: l -> False
[Tue Feb 16 17:11:00 2016] <lingxiao> then how do i use that in this context: http://lpaste.net/152607
[Tue Feb 16 17:11:08 2016] <jrw> wait wait let's not get to code quite yet
[Tue Feb 16 17:11:53 2016] <lingxiao> so you're saying i  should have statement:    filter test l = x :: l -> false
[Tue Feb 16 17:12:11 2016] <homevillageness> Also, are there any libraries for general purpose mathematics, e.g. analysis, topology, group theory, algebra?
[Tue Feb 16 17:12:17 2016] <lingxiao> and use lemma : length (filter p l ) <= length l   in the proof of statement above to show that?
[Tue Feb 16 17:12:27 2016] <jrw> lingxiao: yes that would work or you can do it in line.
[Tue Feb 16 17:12:37 2016] <jrw> lingxiao: but right now I want you to convince me that you've convinced yourself that it is true
[Tue Feb 16 17:12:42 2016] <jrw> just on an intuitive level
[Tue Feb 16 17:12:45 2016] <jrw> what is the reason?
[Tue Feb 16 17:13:25 2016] <jrw> homevillageness: yes, there are several. the most famous one is probably the mathematical components library. see http://math-comp.github.io/math-comp/
[Tue Feb 16 17:13:50 2016] <lingxiao> length of filter test l is at most length of l
[Tue Feb 16 17:13:51 2016] <jrw> homevillageness: it has been used to verify the four color theorem of graph theory and the feit-thompson theorem of finite group theory.
[Tue Feb 16 17:14:00 2016] <lingxiao> and length of x :: l is   S (length l)
[Tue Feb 16 17:14:37 2016] <jrw> lingxiao: exactly!!!
[Tue Feb 16 17:14:42 2016] <jrw> contradiction!
[Tue Feb 16 17:14:57 2016] <lingxiao> yeah i mean that's obivous but i dont know how to arrive at that using coq's magic encantations
[Tue Feb 16 17:15:06 2016] <jrw> okay that I'm happy to help with
[Tue Feb 16 17:15:13 2016] <lingxiao> which is pretty much what they are so far as im concnered modulo some shallow understanding
[Tue Feb 16 17:15:21 2016] <jrw> :)
[Tue Feb 16 17:15:30 2016] <lingxiao> ok so I'm loooking at this:
[Tue Feb 16 17:15:43 2016] <lingxiao> [filter_len filter test l = x :: l -> False.]
[Tue Feb 16 17:16:06 2016] <homevillageness> is this all in constructive logic or in classical logic?
[Tue Feb 16 17:16:22 2016] <homevillageness> the math comp?
[Tue Feb 16 17:16:36 2016] <lingxiao> jrw and this is my state: http://lpaste.net/152609
[Tue Feb 16 17:16:36 2016] <jrw> homevillageness: mostly constructive I believe.
[Tue Feb 16 17:17:37 2016] <jrw> homevillageness: if you're interested in analysis, take a look at http://corn.cs.ru.nl/ as well
[Tue Feb 16 17:17:44 2016] <homevillageness> As I want to learn proof assistants/checkers as a tool for mathematics
[Tue Feb 16 17:18:09 2016] <homevillageness> My study is mostly in the geometry part of mathematics
[Tue Feb 16 17:18:45 2016] <homevillageness> So Algebraic geometry/topology and differential geometry
[Tue Feb 16 17:18:46 2016] <jrw> lingxiao: okay, first thing I would do is introduce the equality as a hypothesis using intros
[Tue Feb 16 17:19:04 2016] <homevillageness> So I will see a lot of analysis in the differential topology
[Tue Feb 16 17:19:11 2016] <lingxiao> ok jrw so im just left with false
[Tue Feb 16 17:19:16 2016] <lingxiao> as a goal
[Tue Feb 16 17:19:35 2016] <lingxiao> and inversion [H : filter test l = x :: l] doesnt do anyting
[Tue Feb 16 17:19:57 2016] <lingxiao> i can do induction l
[Tue Feb 16 17:19:58 2016] <jrw> lingxiao: right. okay now let's introduce a use of filter_len
[Tue Feb 16 17:20:02 2016] <jrw> lingxiao: no induction!
[Tue Feb 16 17:20:21 2016] <lingxiao> this is my prob, even though you said cant prove by induction i know of nothing else
[Tue Feb 16 17:20:32 2016] <lingxiao> whati what's filter_len?
[Tue Feb 16 17:20:37 2016] <jrw> the lemma
[Tue Feb 16 17:20:40 2016] <lingxiao> my filter_len is just :   filter test l = x :: l -> False.
[Tue Feb 16 17:20:47 2016] <lingxiao> do you mean length (filter p l ) <= length l.
[Tue Feb 16 17:20:50 2016] <jrw> yes
[Tue Feb 16 17:20:56 2016] <jrw> sorry, that second one
[Tue Feb 16 17:21:00 2016] <lingxiao> ok how do i introduce that
[Tue Feb 16 17:21:02 2016] <jrw> lingxiao: to use the lemma you can say something like [assert (length (filter test l) <= length l)]
[Tue Feb 16 17:21:09 2016] <jrw> and then apply the lemma
[Tue Feb 16 17:21:54 2016] <lingxiao> ok i did it
[Tue Feb 16 17:22:16 2016] <lingxiao> now i have this: http://lpaste.net/152612
[Tue Feb 16 17:22:20 2016] <lingxiao> which is where i satarted
[Tue Feb 16 17:22:44 2016] <lingxiao> w/ the lemma now in context
[Tue Feb 16 17:23:09 2016] <jrw> great
[Tue Feb 16 17:23:22 2016] <jrw> now [rewrite H in H0]
[Tue Feb 16 17:23:40 2016] <lingxiao> why does that work?
[Tue Feb 16 17:23:49 2016] <lingxiao> oh wait i see why
[Tue Feb 16 17:24:13 2016] <lingxiao> ok i did that and simpl
[Tue Feb 16 17:24:22 2016] <lingxiao> and i have [S (length l) <= length l]
[Tue Feb 16 17:24:24 2016] <jrw> yay
[Tue Feb 16 17:24:30 2016] <lingxiao> which is obv false but inverting it gets me nowhere
[Tue Feb 16 17:24:34 2016] <jrw> right
[Tue Feb 16 17:24:39 2016] <lingxiao> this is what i mean by magic
[Tue Feb 16 17:24:41 2016] <jrw> okay now I don't know what kind of lemmas you have about <=
[Tue Feb 16 17:25:50 2016] <lingxiao> hmm none that seem useful
[Tue Feb 16 17:26:06 2016] <jrw> okay, well let's prove a new one that says [forall n, S n <= n -> False]
[Tue Feb 16 17:27:07 2016] <lingxiao> it's kind of fraustrating that there isnt an obvious way to get just say contradiciton
[Tue Feb 16 17:27:50 2016] <homevillageness> jrw, thanks for the pointers. I will be reading the book and taking a closer look at those libraries
[Tue Feb 16 17:28:34 2016] <jrw> homevillageness: unfortunately I think the state of the art in formalizing geometry is not great. I found this paper http://arxiv.org/pdf/1201.3731.pdf and this elementary library http://geocoq.github.io/GeoCoq/
[Tue Feb 16 17:29:36 2016] <homevillageness> Maybe I can add something there. I saw a topology library but it did not compile with the instructions given in the git readme
[Tue Feb 16 17:30:32 2016] <jrw> homevillageness: coq versions in general are not forwards or backwards compatible, so if the library is at all older, you'll need to compile it with the version of coq they need
[Tue Feb 16 17:31:01 2016] <jrw> lingxiao: I feel you that it can be frustrating, but just remember how stupid Coq is. the only contradiction it knows about is literally a proof of False.
[Tue Feb 16 17:31:18 2016] <jrw> lingxiao: so it's not so hard to see why it doesn't know what to do with S n <= n
[Tue Feb 16 17:31:34 2016] <lingxiao> ok and im stupid since i cant even proove that
[Tue Feb 16 17:31:50 2016] <lingxiao> stuckin this stat: http://lpaste.net/152613
[Tue Feb 16 17:32:42 2016] <lingxiao> I want to say [S (S n) <= S n  -> S n <= n ]
[Tue Feb 16 17:32:46 2016] <lingxiao> but again no lemmas for that either
[Tue Feb 16 17:33:05 2016] <lingxiao> its silly that its called a proof assistant becuase so far it's beena  proof resistant
[Tue Feb 16 17:33:08 2016] <homevillageness> That might explain, this is for coq 8.4 and my installation is the 8.5
[Tue Feb 16 17:33:53 2016] <homevillageness> the libary I found was: https://github.com/dschepler/coq-topology
[Tue Feb 16 17:39:09 2016] <jrw> lingxiao: okay prove that as a lemma too :)
[Tue Feb 16 17:39:24 2016] <lingxiao> jrw i feel like im going down the 'wrong' path
[Tue Feb 16 17:39:34 2016] <lingxiao> i shouldnt have to build the house to prove one little thing
[Tue Feb 16 17:40:54 2016] <jrw> lingxiao: okay well I should mention that in practice you would have all these lemmas about <= already
[Tue Feb 16 17:41:08 2016] <jrw> lingxiao: the other thing is that you formalized filter_spec differently than I would have
[Tue Feb 16 17:41:16 2016] <rrika> <lingxiao> I want to say [S (S n) <= S n  -> S n <= n ]
[Tue Feb 16 17:41:22 2016] <rrika> these is such a thing in the standard library
[Tue Feb 16 17:41:33 2016] <jrw> rrika: yeah but he's doint SF
[Tue Feb 16 17:41:39 2016] <lingxiao> rrrika how did you formalize it
[Tue Feb 16 17:41:43 2016] <jrw> they have their own redefinition of le
[Tue Feb 16 17:41:54 2016] <lingxiao> and it's woefully incompletee
[Tue Feb 16 17:42:01 2016] <rrika> jrw, I'm using lingxiao's copy of SF
[Tue Feb 16 17:42:06 2016] <rrika> and proof general reported to me
[Tue Feb 16 17:42:11 2016] <rrika> that it has such a theorem available
[Tue Feb 16 17:42:24 2016] <jrw> great! then lingxiao should use it
[Tue Feb 16 17:42:28 2016] <rrika> just C-C C-A C-A for 'le'
[Tue Feb 16 17:42:34 2016] <lingxiao> what is the name of the lemma?
[Tue Feb 16 17:42:34 2016] <jrw> I just figured it wasn't there because lingxiao said it wasn't
[Tue Feb 16 17:42:38 2016] <lingxiao> because I see 10000000000 lemmas
[Tue Feb 16 17:42:42 2016] <rrika> me too
[Tue Feb 16 17:42:43 2016] <rrika> scroll
[Tue Feb 16 17:42:49 2016] <lingxiao> and rrika how did you formalize it?
[Tue Feb 16 17:42:53 2016] <rrika> okay, hint, it has an "lr_" prefix
[Tue Feb 16 17:42:54 2016] <rrika> *ke
[Tue Feb 16 17:42:56 2016] <rrika> *le
[Tue Feb 16 17:42:57 2016] <lingxiao> because maybe that's whats giving me trouble
[Tue Feb 16 17:43:06 2016] <rrika> lingxiao, I only have that helper theorem so far
[Tue Feb 16 17:43:13 2016] <rrika> <lingxiao> I want to say [S (S n) <= S n  -> S n <= n ]
[Tue Feb 16 17:43:16 2016] <rrika> oops
[Tue Feb 16 17:43:26 2016] <jrw> for filter_spec, I would have said something like (forall x, In x l1 -> test x = true) instead of filter test l1 = l1
[Tue Feb 16 17:43:27 2016] <rrika> clipboard error
[Tue Feb 16 17:43:28 2016] <lingxiao> filter_spec i mean
[Tue Feb 16 17:43:41 2016] <rrika> I have: length (filter test l) <= length l.
[Tue Feb 16 17:44:02 2016] <lingxiao> [filter_spec] ??
[Tue Feb 16 17:44:20 2016] <lingxiao> thats the one thats says if l1 pass the filter and non of l2 passes then filter l = l1
[Tue Feb 16 17:44:24 2016] <lingxiao> where l = l1 ++ l2
[Tue Feb 16 17:44:50 2016] <rrika> lingxiao, what's the current state?
[Tue Feb 16 17:45:04 2016] <lingxiao> of what?
[Tue Feb 16 17:45:05 2016] <rrika> trying to get from Sx <= Sy to x<=y still?
[Tue Feb 16 17:45:30 2016] <lingxiao> yeah pretty much
[Tue Feb 16 17:45:43 2016] <lingxiao> wait how did you formalize filter_spec?
[Tue Feb 16 17:45:52 2016] <lingxiao> it's not:
[Tue Feb 16 17:45:54 2016] <lingxiao>   in_order_merge l1 l2 l -> filter test l1 = l1 -> filter test l2 = [] ->
[Tue Feb 16 17:45:55 2016] <lingxiao>   filter test l = l1.
[Tue Feb 16 17:48:08 2016] <lingxiao> and rrika i dont see anything with an lr prefix
[Tue Feb 16 17:48:35 2016] <rrika> I'm sorry "le_"
[Tue Feb 16 17:48:48 2016] <rrika> typo
[Tue Feb 16 17:48:50 2016] <lingxiao> this one: le_Sn_le: forall n m : nat, S n <= m -> n <= m
[Tue Feb 16 17:48:51 2016] <lingxiao> ?
[Tue Feb 16 17:49:08 2016] <rrika> for example
[Tue Feb 16 17:49:13 2016] <rrika> there are many similar ones
[Tue Feb 16 17:49:34 2016] <rrika> there's le_S_n.
[Tue Feb 16 17:49:44 2016] <rrika> there's le_n_S.
[Tue Feb 16 17:50:20 2016] <lingxiao> ok that one worked heww ..
[Tue Feb 16 17:51:40 2016] <lingxiao> andwhat's the strategy in this caes: http://lpaste.net/152614
[Tue Feb 16 17:51:51 2016] <lingxiao> i cant do rewrite since i have a <= not an =
[Tue Feb 16 17:52:01 2016] <lingxiao> and saying n1 <= n2 -> n1 = n2 \/ n1 < n2
[Tue Feb 16 17:52:02 2016] <lingxiao> doesnt help
[Tue Feb 16 17:52:18 2016] <lingxiao> since i have to show the second case n1 < n2 which cant be shown
[Tue Feb 16 17:52:35 2016] <jrw> lingxiao: that's another lemma.
[Tue Feb 16 17:52:38 2016] <jrw> :D
[Tue Feb 16 17:52:47 2016] <lingxiao> im saying : n1 <= n2 -> n1 = n2 \/ n1 < n2
[Tue Feb 16 17:52:49 2016] <lingxiao> doesnt help me
[Tue Feb 16 17:53:01 2016] <jrw> no but in your lpaste
[Tue Feb 16 17:53:06 2016] <jrw> I think you can use the lemma le_n_S
[Tue Feb 16 17:56:24 2016] <lingxiao> ahh got it! but why cant' i use reflesxivity in this case: http://lpaste.net/152616
[Tue Feb 16 17:56:31 2016] <lingxiao> length l' <= S (length l')
[Tue Feb 16 17:57:43 2016] <jrw> lingxiao: reflexivity is for proving [e = e]
[Tue Feb 16 17:57:50 2016] <jrw> and for nothing else
[Tue Feb 16 17:58:01 2016] <jrw> (this is not quite true, but it's a good first order approximation)
[Tue Feb 16 17:58:16 2016] <lingxiao> so if an inequality is obv true how should i prove it?
[Tue Feb 16 17:59:08 2016] <lingxiao> aside from induction on l in this case
[Tue Feb 16 17:59:10 2016] <rrika> lingxiao, I found all theorems I needed for "le" in the search
[Tue Feb 16 17:59:43 2016] <lingxiao> so i can read length l' <= S (length l') as   n <= S n right?
[Tue Feb 16 17:59:47 2016] <lingxiao> since they have the same type
[Tue Feb 16 17:59:54 2016] <rrika> no
[Tue Feb 16 17:59:55 2016] <rrika> but
[Tue Feb 16 17:59:58 2016] <lingxiao> is that how aply works?
[Tue Feb 16 18:00:01 2016] <rrika> there are therems that take an argument
[Tue Feb 16 18:00:14 2016] <rrika> apply will figure it out for you
[Tue Feb 16 18:00:15 2016] <rrika> so
[Tue Feb 16 18:00:27 2016] <rrika> it's just "apply theorem_name."
[Tue Feb 16 18:00:39 2016] <rrika> where theorem has the type
[Tue Feb 16 18:00:40 2016] <rrika>  forall n : nat, n <= S n
[Tue Feb 16 18:01:53 2016] <lingxiao> oh so le_n_Sn
[Tue Feb 16 18:02:04 2016] <rrika> yes
[Tue Feb 16 18:02:05 2016] <lingxiao> so there needs to be a theorem for that ..
[Tue Feb 16 18:02:12 2016] <lingxiao> what does reflexivity do
[Tue Feb 16 18:02:19 2016] <lingxiao> just check they are syntacitcally equal?
[Tue Feb 16 18:02:22 2016] <lingxiao> w/o doing any computations?
[Tue Feb 16 18:02:24 2016] <rrika> apply (forall a: a = a).
[Tue Feb 16 18:02:32 2016] <rrika> ah
[Tue Feb 16 18:02:35 2016] <rrika> not quite
[Tue Feb 16 18:02:46 2016] <rrika> but basically if your goal has the form "a = a", it will remove the goal from the stack
[Tue Feb 16 18:03:04 2016] <rrika> it does simplifications before
[Tue Feb 16 18:03:25 2016] <rrika> imagine doing simpl. and then syntactic equality
[Tue Feb 16 18:03:46 2016] <lingxiao> ok i see
[Tue Feb 16 18:03:59 2016] <lingxiao> ok ifnally finished
[Tue Feb 16 18:04:16 2016] <lingxiao> but w/o triumph since i got so much help  and it still took me so long :(
[Tue Feb 16 18:04:44 2016] <rrika> :/ well, there's others exercises still
[Tue Feb 16 18:05:09 2016] <lingxiao> haha yeah im on pigeon hole now
[Tue Feb 16 18:05:17 2016] <lingxiao> this one really was the hardest for me by far
[Tue Feb 16 18:06:30 2016] <lingxiao> but thank you rrika and jrw!
[Tue Feb 16 18:06:35 2016] <lingxiao> Im going to take a break from all this
[Tue Feb 16 18:06:45 2016] <lingxiao> coudlnt have done it w/o you guys!
[Wed Feb 17 00:36:14 2016] <anelson> hey guys, I'm having trouble using list_scope. I have `Open Scope list_scope` in my file, but when I try to write for example `Check [1]` I get 'Syntax error: [constr:lconstr] expected after 'Check' (in [vernac:check_command]).'
[Wed Feb 17 00:36:57 2016] <anelson> (and similar syntax also doesn't work)
[Wed Feb 17 00:39:15 2016] <johnw> you also need: Import ListNotations.
[Wed Feb 17 00:39:35 2016] <johnw> the list notations are hidden in a sub-module of the List library
[Wed Feb 17 00:39:47 2016] <anelson> ahh, sweet yeah that did it
[Wed Feb 17 00:40:01 2016] <anelson> thanks!
[Wed Feb 17 00:40:03 2016] <johnw> that's a pretty common practice
[Wed Feb 17 00:40:12 2016] <johnw> there are other notations that do this too, although not all do
[Wed Feb 17 00:41:48 2016] <anelson> good to know. Scopes are kinda confusing to me
[Wed Feb 17 00:42:01 2016] <johnw> what do you find confusing about them?
[Wed Feb 17 00:42:34 2016] <anelson> Well I guess the notation system in general. I'm just not that familiar with it
[Wed Feb 17 00:42:50 2016] <johnw> ah
[Wed Feb 17 00:43:21 2016] <johnw> it allows you to extend Coq's syntax, with extension confined to "scopes" that might automatically apply depending on the context
[Wed Feb 17 00:44:12 2016] <anelson> It's pretty miraculous actually. I've written a lot of parsers but I wouldn't know how to write something like the Coq parser, which is arbitrarily extendable
[Wed Feb 17 00:44:36 2016] <johnw> yeah, I haven't encountered extensible parsers like this in the wild before either
[Wed Feb 17 00:45:11 2016] <anelson> It seems like it'd be pretty easy to break the parser by writing some notations that, e.g. have mismatched parentheses, overload some keywords, etc
[Wed Feb 17 00:45:25 2016] <johnw> sure, you can write notations that make normal code fail to parse
[Wed Feb 17 00:45:29 2016] <johnw> that's not even hard to do :)
[Wed Feb 17 00:45:36 2016] <anelson> haha yeah seems like it
[Wed Feb 17 11:04:43 2016] <Nik05> 22:46 < lingxiao> http://lpaste.net/152604
[Wed Feb 17 11:04:45 2016] <lpaste> heatsink pasted “Proof with existentials” at http://lpaste.net/152662
[Wed Feb 17 11:04:47 2016] <Nik05> 22:48 < jrw> in this case, I don't see that you have one
[Wed Feb 17 11:04:56 2016] <Nik05> the Hypothesis H is a contradiction
[Wed Feb 17 11:06:39 2016] <heatsink> I'm having trouble writing proofs involving existentials.  I wrote a proof term for this one.  I'd like to know how to solve it uisng the proof language.
[Wed Feb 17 11:09:13 2016] <Cypi> heatsink : in general, a match corresponds to a destruct, so your first match would be equivalent to "destruct (IHa1 l) as [m m1]."
[Wed Feb 17 11:09:18 2016] <Cypi> likewise for the second match
[Wed Feb 17 11:10:16 2016] <Cypi> Then, you use the "ex_intro" constructor to prove the existential. The tactic "exists" is a facility to do just this, so the equivalent way to do it would be to write "exists n." ('n' being your witness), then to prove that your witness is indeed correct
[Wed Feb 17 11:10:47 2016] <Cypi> This last proof is your "R_Compose m1 m2", so you can then conclude with "exact (R_Compose m1 m2)" for instance
[Wed Feb 17 11:11:27 2016] <heatsink> Great, thanks!
[Wed Feb 17 11:12:46 2016] <heatsink> I didn't think of using destruct.  Then I couldn't do the later steps because they use those existential variables.
[Wed Feb 17 11:13:01 2016] <heatsink> So, destruct does a match.
[Wed Feb 17 11:14:11 2016] <Cypi> yup
[Wed Feb 17 13:56:35 2016] <jrw> Nik05: right, good point!
[Wed Feb 17 13:57:35 2016] <jrw> but since he was in the middle of trying to prove length (filter p l) = S (length l) is a contradiction, I'm not sure how much help it would have been
[Wed Feb 17 13:57:46 2016] <jrw> I think he figured it out by another way though
[Thu Feb 18 00:39:58 2016] <miles> How do you find out what a tactic like `trivial` did under the hood? For example, if I simply have to prove `True` and use the `trivial` tactic, but want to know what tactic might be more specific.
[Thu Feb 18 09:53:21 2016] <dexterph> miles: you can use `info trivial'  or `info_trivial'
[Thu Feb 18 09:53:52 2016] <dexterph> or Show Proof could help
[Thu Feb 18 13:12:41 2016] <johnw> miles: the most specific in that case would be "exact I" (capital i)
[Thu Feb 18 18:04:58 2016] <johnw> jgross: hi :)
[Thu Feb 18 20:19:48 2016] <tswett> morphism_preserves_identity : morphism_functor (monoid_identity domain_monoid) = monoid_identity codomain_monoid
[Thu Feb 18 20:19:52 2016] <tswett> Maybe I'm being a little verbose here.
[Thu Feb 18 20:22:02 2016] <johnw> hi tswett
[Thu Feb 18 20:22:10 2016] <tswett> (That should be morphism_function, not morphism_functor.)
[Thu Feb 18 20:22:12 2016] <tswett> Hi johnw.
[Thu Feb 18 20:22:22 2016] <johnw> you'll find explicit terms mostly easy to write, until you need to deal with rewriting or dependently-typed terms
[Thu Feb 18 22:52:05 2016] <enolan> anyone have git proof general working with use-package?
[Thu Feb 18 22:52:31 2016] <enolan> it's loading coq mode, but I think the generic stuff isn't getting loaded
[Thu Feb 18 22:52:44 2016] <enolan> like none of the proof-foo commands are available
[Fri Feb 19 08:54:54 2016] <cocreature> enolan: I actually just realized mine was broken, but it seems to be working now. here’s the relevant part of my config https://github.com/cocreature/dotfiles/blob/master/emacs/.emacs.d/emacs.org#proofgeneral
[Fri Feb 19 12:22:58 2016] <dogui> Hi all, I'm having a weird problem like this: The term "Ha0" has type "I a = I P" while it is expected to have type "I a = I P".
[Fri Feb 19 12:23:19 2016] <dogui> Has anyone seen something like that before? Is there any way to print less-sugared type or something?
[Fri Feb 19 12:34:03 2016] <Cypi> There are a lot of options such as "Set Printing Notations.", "Set Printing All.", "Set Printing Implicit." and so on
[Fri Feb 19 12:34:26 2016] <Cypi> Your IDE can probably do that too (especially if you're using CoqIDE, these commands won't work, you have to use the "View" menu)
[Fri Feb 19 12:36:49 2016] <dogui> Cypi: thanks!
[Fri Feb 19 12:37:41 2016] <dogui> Now I can see those equalities are of different universes, which doesn't make much sens to me but at least it's something :)
[Fri Feb 19 15:02:21 2016] <johnw> dogui: if they are in different universes, it mean they are not both terms at the same level
[Fri Feb 19 15:02:32 2016] <johnw> for example "nat" and "Set" cannot be compared
[Fri Feb 19 15:02:42 2016] <johnw> even though they are both types, and there terms of a higher level, they are not terms at the same level
[Fri Feb 19 15:02:48 2016] <johnw> s/there/therefore
[Fri Feb 19 15:24:31 2016] <johnw> how do I import a module with a conflicting notation?  I don't want the notations in the module, just the definitions
[Sat Feb 20 14:53:39 2016] <stelleg> do many people use opam to install coq libraries?
[Sat Feb 20 15:14:54 2016] <johnw> I don't, I use Nix
[Sat Feb 20 15:34:05 2016] <stelleg> johnw: hm, thanks. will have to try Nix at some point, heard a lot of good things
[Sat Feb 20 15:52:15 2016] <johnw> I do most of the Coq-related packaging in Nix, so let me know if there are problems
[Sun Feb 21 13:20:27 2016] <miles> What is a "binder"? Or where can I find good introductory documentation on binders.
[Sun Feb 21 13:21:32 2016] <benzrf> miles: something that binds a variable
[Sun Feb 21 13:25:49 2016] <miles> benzrf: Ok, thanks. I'm looking at Record's grammar. Do you happen to know why there is a difference between "binder" and "ident
[Sun Feb 21 13:25:55 2016] <miles> " as grammar rules?
[Mon Feb 22 06:28:25 2016] <dredozubov> there was a way of search for relevant lemmas/thorems in proof general, can't find it for some reason
[Mon Feb 22 06:38:48 2016] <Fare> hi
[Mon Feb 22 06:39:06 2016] <Fare> What is "the" proper way to represent categories in Coq?
[Mon Feb 22 06:39:31 2016] <Fare> and/or subsets of categories, and full subsets in particular
[Mon Feb 22 06:46:45 2016] <Fare> I see Adam Chlipala seems to have one of the many category theory coq theories
[Mon Feb 22 07:37:23 2016] <notdan> Fare: what do you mean by subsets of categories?
[Mon Feb 22 07:38:58 2016] <notdan> I would say that *a* proper way to represent categories would be to use typeclasses, like I did: http://repos.covariant.me/browse?r=cat;a=tree
[Mon Feb 22 07:39:05 2016] <notdan> but the HoTT library for example uses records
[Mon Feb 22 08:18:11 2016] <Fare> notdan: an arbitrary subset of arrows in a category.
[Mon Feb 22 08:20:48 2016] <Fare> what's that backquote notation?
[Mon Feb 22 08:22:11 2016] <Fare> (I haven't use Coq in 10 years)
[Mon Feb 22 08:26:16 2016] <Fare> * goes read about Type Classes in Coq...
[Mon Feb 22 08:54:01 2016] <schoppenhauer> hi. from what coq version on, deeper nestings than +, - and * (I think I've seen ++, --, **, etc.) are supported?
[Mon Feb 22 09:02:37 2016] <chris2> 8.5
[Mon Feb 22 09:02:50 2016] <chris2> 8.4 only has 1 char bullets (but {} which is probably better?)
[Mon Feb 22 09:37:00 2016] <schoppenhauer> chris2: what's {}? (I always use [ | ... | ] which is not convenient at all.)
[Mon Feb 22 09:42:22 2016] <chris2> groups bullets?
[Mon Feb 22 09:46:50 2016] <schoppenhauer> chris2: hm?
[Mon Feb 22 09:47:01 2016] <chris2> for nesting
[Mon Feb 22 09:47:09 2016] <chris2> } errors if not all goals are done
[Mon Feb 22 09:47:17 2016] <schoppenhauer> ok.
[Mon Feb 22 09:47:25 2016] <schoppenhauer> can I use + inside { ... } ?
[Mon Feb 22 09:47:28 2016] <chris2> yes
[Mon Feb 22 09:47:31 2016] <schoppenhauer> ok
[Mon Feb 22 09:47:37 2016] <schoppenhauer> never seen this.
[Mon Feb 22 09:47:40 2016] <schoppenhauer> *tries*
[Mon Feb 22 09:47:42 2016] <chris2> also 8.4 iirc
[Mon Feb 22 09:48:02 2016] <schoppenhauer> (well, I try it as soon as I slaughtered the last subgoal now ...)
[Mon Feb 22 09:49:18 2016] <schoppenhauer> chris2: can {} be used in interactive mode? (because that was one advantage of just nesting +, ... )
[Mon Feb 22 09:49:35 2016] <chris2> no idea, but i guess it does
[Mon Feb 22 09:56:23 2016] <dredozubov> Does coq have true(coherent) typeclasses like haskell? I've heard that it doesn't, but i don't know for sure.
[Mon Feb 22 10:02:01 2016] <dredozubov> https://gist.github.com/dredozubov/647ccf8634f5da975f47 i get this from `Info 1 auto` with coq 8.5
[Mon Feb 22 10:02:15 2016] <dredozubov> does it seem like a proof general issue? I have no clue.
[Mon Feb 22 10:09:31 2016] <riaqn> Well. Still not understand why all dependent literatures introduce sigma type and pi type as if they are symmetry and primitive.
[Mon Feb 22 10:10:44 2016] <riaqn> while sigma is representable by pi, moreover functional type seems more primitive than existential type.
[Mon Feb 22 10:18:07 2016] <asmanur> how do you represent sigma types using pi types ?
[Mon Feb 22 10:32:55 2016] <riaqn> asmanur maybe I misunderstand the whole thing. but I saw coq standard lib has this: Inductive sig (A:Type) (P:A -> Prop) : Type :=
[Mon Feb 22 10:32:55 2016] <riaqn> 0811 <riaqn>     exist : forall x:A, P x -> sig P.
[Mon Feb 22 10:34:29 2016] <asmanur> riaqn: yes but here you are using inductive types as well
[Mon Feb 22 10:34:59 2016] <asmanur> and inductive types are nothing but sigma types + sum types
[Mon Feb 22 10:35:09 2016] <asmanur> (+ recursion)
[Mon Feb 22 10:35:33 2016] <riaqn> asmanur but this definition doesn't use the other features
[Mon Feb 22 10:35:49 2016] <riaqn> or it does?
[Mon Feb 22 10:36:16 2016] <asmanur> it uses inductive types
[Mon Feb 22 11:20:44 2016] <tbelaire> Hi, I've successfully defined a custom induction principle (for Java Classes w.r.t. inheritance), P: class -> Prop, but I can't seem to define it for Type or Set.
[Mon Feb 22 11:21:37 2016] <tbelaire> From the examples in cpdt, it looks like the _ind and _rec principles are usually defined in terms of _rect, but I can't seem to do it that way
[Mon Feb 22 11:22:25 2016] <tbelaire> I have some hypothesis, such as "The ClassTable is well formed", that live in Prop
[Mon Feb 22 11:23:42 2016] <tbelaire> would I only be able to define a recursion principle if I instead added these as conditions to the inductive ClassTable type? (Not really feasible, it's currently a list of pairs, and it'd be hard to redefine it now)
[Mon Feb 22 11:25:42 2016] <Cypi> tbelaire : you can't in general define an induction principle into Set or Type if your inductive type lives in Prop
[Mon Feb 22 11:26:05 2016] <Cypi> because you are not allowed to destruct something that lives in Prop to compute something that lives in Set or Type
[Mon Feb 22 11:26:48 2016] <tbelaire> ... and I need to destruct a proof of well formedness in my principle
[Mon Feb 22 11:26:49 2016] <tbelaire> ok
[Mon Feb 22 11:28:19 2016] <tbelaire> Is there a downside to trying to move everything to Set (not being possible is a downside)
[Mon Feb 22 11:28:24 2016] <tbelaire> would that solve this?
[Mon Feb 22 11:28:38 2016] <tbelaire> I'm not super clear on the distinction
[Mon Feb 22 11:29:00 2016] <tbelaire> Is it only for the ability to strip proofs from progorams?
[Mon Feb 22 11:29:07 2016] <tbelaire> or is it more meaningful?
[Mon Feb 22 11:30:41 2016] <Cypi> I'm not very clear on that myself :/ . Prop brings impredicativity, which can be useful. In your case you could probably lift everything to Type, but it sure looks better to keep separated what is to be computed from that which only serves for proofs
[Mon Feb 22 11:31:10 2016] <Cypi> Are you sure that you actually need to define your induction principle into Type/Set?
[Mon Feb 22 11:31:39 2016] <Cypi> Hmm, unless I misunderstood your initial question.
[Mon Feb 22 11:39:42 2016] <tbelaire> Not really sure yet
[Mon Feb 22 11:40:30 2016] <tbelaire> I think I wanted to do method lookup, and I think it'd be nicer if it's phrased with respect to the same induction principle
[Mon Feb 22 11:41:28 2016] <tbelaire> I also have a workaround to get `method` working, by first getting a list of ancestors, then doing a finite recursion on that list
[Mon Feb 22 11:41:36 2016] <tbelaire> but it's a pain to prove anything about
[Mon Feb 22 12:05:18 2016] <dredozubov> can i use "nested" bullets to structure proofs somehow?
[Mon Feb 22 12:05:28 2016] <johnw> yes
[Mon Feb 22 12:05:30 2016] <johnw> and braces
[Mon Feb 22 12:05:32 2016] <dredozubov> i'm getting Error: Wrong bullet - : Current bullet - is not finished.
[Mon Feb 22 12:05:39 2016] <johnw> use -, then + then *
[Mon Feb 22 12:05:52 2016] <johnw> braces reset the order
[Mon Feb 22 12:05:54 2016] <dredozubov> oh, cool
[Mon Feb 22 12:06:10 2016] <dredozubov> do you mean i have to use braces to go deeper?
[Mon Feb 22 12:06:21 2016] <johnw> than 3? yes
[Mon Feb 22 12:06:25 2016] <dredozubov> got it
[Mon Feb 22 12:07:40 2016] <dredozubov> i used to print relevant theorems somehow in PG and i can't remember how i did that
[Mon Feb 22 12:08:11 2016] <dredozubov> installed company-coq, got a lot of new toys, but still don't know how to get to the relevant stuff
[Mon Feb 22 12:08:23 2016] <johnw> C-s C-a C-a
[Mon Feb 22 12:08:41 2016] <dredozubov> do you mean C-c C-a C-a?
[Mon Feb 22 12:08:47 2016] <johnw> yes!
[Mon Feb 22 12:09:29 2016] <dredozubov> that's not it ;(
[Mon Feb 22 12:09:46 2016] <johnw> hmm
[Mon Feb 22 12:10:06 2016] <dredozubov> there was some magic hotkey that made me happy
[Mon Feb 22 12:11:29 2016] <johnw> I'm not sure what it would have been then
[Mon Feb 22 12:12:43 2016] <dredozubov> going through the PG documentation, it's the only way to find it again ;|
[Mon Feb 22 12:15:58 2016] <dredozubov> i'm probably mad, cant' seem to find anything more useful
[Mon Feb 22 12:17:44 2016] <dredozubov> can't*
[Mon Feb 22 13:11:42 2016] <dredozubov> i'm going through SF, not sure how to proceed further
[Mon Feb 22 13:11:43 2016] <dredozubov> https://gist.github.com/dredozubov/f273f2c966259d1e4cd8
[Mon Feb 22 13:12:09 2016] <johnw> you need to generalize dependent n before doing your induction
[Mon Feb 22 13:12:24 2016] <johnw> (of m)
[Mon Feb 22 13:12:35 2016] <johnw> otherwise, you pin yourself into an unsolvable situation
[Mon Feb 22 13:13:14 2016] <johnw> plus, don't do double induction; only use induction for the outermost (m)
[Mon Feb 22 13:13:36 2016] <johnw> lastly, this is allowed synatx: rewrite A, B, C.
[Mon Feb 22 13:17:12 2016] <dredozubov> what do you mean by generalizing dependent n? don't introduce it with intros?
[Mon Feb 22 13:17:34 2016] <johnw> you have to un-introduce it
[Mon Feb 22 13:17:37 2016] <johnw> or, drops the "intros" line altogether
[Mon Feb 22 13:18:52 2016] <dredozubov> is there a tactic for un-introducing it or is done manually with asserts?
[Mon Feb 22 13:19:04 2016] <johnw> "generalize dependent n"
[Mon Feb 22 13:19:18 2016] <rrika> dredozubov, if you have (n m: nat), you can do "intros n m. … generalize dependent n." to only introduce m. but your case is easier
[Mon Feb 22 13:20:34 2016] <dredozubov> so it's basically the same as doing 'intros x m' in this case?
[Mon Feb 22 13:20:52 2016] <johnw> in this case, the same effect is achieved by just deleting your intros line altogether
[Mon Feb 22 13:20:58 2016] <dredozubov> johnw: it never occured to me i should do it literally :)
[Mon Feb 22 13:22:33 2016] <dredozubov> is there a rule of thumb on when i want to do intros? I tend to always do it >_>
[Mon Feb 22 13:22:48 2016] <johnw> "induction x" will auto-intro in everything up to x
[Mon Feb 22 19:13:42 2016] <tswett> Time to define some notations for equalities!
[Mon Feb 22 19:14:22 2016] <tswett> "at p in g p replace f x with y using my_theorem"
[Mon Feb 22 19:32:16 2016] <johnw> huh?
[Mon Feb 22 19:32:34 2016] <johnw> can you show me an example of when you'd use that?
[Mon Feb 22 19:42:50 2016] <tswett> You'd use that in the same place that you'd use "f_equal g my_theorem".
[Mon Feb 22 19:43:14 2016] <johnw> i'm just wondering whether setoid rewriting wouldn't be a lot easier
[Mon Feb 22 19:45:22 2016] <johnw> jgross: ping
[Mon Feb 22 19:45:33 2016] <tswett> Setoid rewriting?
[Mon Feb 22 19:45:48 2016] <johnw> tswett: yeah; can you show me an example hypothesis and goal where you would use your notation?
[Mon Feb 22 19:46:35 2016] <tswett> Axiom fx_y : f x = y. Axiom gy_z : g y = z. Goal g (f x) = z.
[Mon Feb 22 19:46:51 2016] <johnw> wouldn't that just be "congruence"?
[Mon Feb 22 19:47:26 2016] <tswett> Ah...
[Mon Feb 22 19:47:37 2016] <tswett> I never mentioned I'm not using the proof language.
[Mon Feb 22 19:47:48 2016] <johnw> that would really help :)
[Mon Feb 22 19:48:24 2016] <tswett> I guess the concise way to put that would be: "eq_trans (f_equal g fx_y) gy_z".
[Mon Feb 22 19:48:55 2016] <tswett> Which isn't necessarily hard to read.
[Mon Feb 22 20:03:13 2016] <tswett> There's got to be a way to come up with an expression by first writing an expression with holes in it, and then being given the types required to fill those holes—isn't there?
[Mon Feb 22 20:07:08 2016] <tswett> There's "Program". Is that the only way?
[Mon Feb 22 20:07:53 2016] <Cypi> Inside a proof, refine also does that: it will generate as many subgoals as there are holes.
[Mon Feb 22 20:08:09 2016] <Cypi> (but it is the proof language)
[Mon Feb 22 20:08:16 2016] <johnw> Program can be used with refine btw
[Mon Feb 22 20:08:22 2016] <johnw> Program Definition foo.
[Mon Feb 22 20:08:25 2016] <Cypi> Otherwise, well, what's the matter with Program? :)
[Mon Feb 22 20:08:27 2016] <johnw>   refine (my code _).
[Mon Feb 22 20:08:29 2016] <johnw> Defined.
[Mon Feb 22 20:08:53 2016] <johnw> the CPDT book uses this approach quite often
[Mon Feb 22 20:10:50 2016] <benzrf> what does Program do
[Mon Feb 22 20:11:48 2016] <tswett> Program does kind of a lot. But in short...
[Mon Feb 22 20:12:08 2016] <tswett> Program lets you write code by defining functions first and proving that they work right later.
[Mon Feb 22 20:12:43 2016] <tswett> 'Error: Illegal application: The term "element_type" of type "Monoid -> Type" cannot be applied to the term "monoid2" : "Monoid" This term has type "Monoid@{Top.35}" which should be coercible to "Monoid@{Top.49}".'
[Mon Feb 22 20:12:48 2016] <tswett> Oh, good, my favorite kind of error.
[Mon Feb 22 20:13:06 2016] <Cypi> "Set Universe Polymorphism." :-°
[Mon Feb 22 20:13:14 2016] <Cypi> (but maybe you don't want it)
[Mon Feb 22 20:13:41 2016] <tswett> I have that written at the beginning of this module.
[Mon Feb 22 20:13:53 2016] <Cypi> Ah. Well, sorry then.
[Mon Feb 22 20:15:26 2016] <tswett> Waitamo.
[Mon Feb 22 20:15:36 2016] <tswett> If I just use an underscore, Coq gives this error message...
[Mon Feb 22 20:16:09 2016] <tswett> 'Error: Cannot infer this placeholder of type "compose morphism2 morphism1 (identity monoid1) = identity monoid3" in environment: monoid3 : Monoid / monoid2 : Monoid / monoid1 : Monoid / morphism2 : Morphism monoid2 monoid3 / morphism1 : Morphism monoid1 monoid2
[Mon Feb 22 20:16:50 2016] <tswett> That's exactly what I wanted in the first place!
[Mon Feb 22 20:16:57 2016] <tswett> I guess I overlooked it since it came in the form of an error message.
[Mon Feb 22 20:19:58 2016] <Cypi> Ah. Sometimes it does not work well enough, so another trick for this is to define [Axiom magic : forall A, A.], and then write "magic _" wherever you want to put a hole. Then, when you Print the proof term, you see the type nicely written.
[Mon Feb 22 20:20:13 2016] <Cypi> (I don't remember how the "Cannot infer this placeholder" error did not help though)
[Mon Feb 22 20:21:19 2016] <tswett> Huh.
[Mon Feb 22 20:21:28 2016] <tswett> Yeah, that'll work.
[Mon Feb 22 20:21:50 2016] <tswett> All right, so I want to define a notation that looks like this: 'focus' var 'at' expr 'with' proof
[Mon Feb 22 20:22:03 2016] <tswett> And another notation that looks like this: 'focus' var 'at' expr 'with' inner_proof 'endfocus' outer_proof
[Mon Feb 22 20:22:37 2016] <tswett> Coq doesn't like that. If I try to use the first notation, it expects the second notation to follow.
[Mon Feb 22 20:23:20 2016] <tswett> I could just add another token at the end of the first notation... at least, I think that will work. But I don't want to have to do that.
[Mon Feb 22 20:24:35 2016] <tswett> First, let me see if that will even work.
[Mon Feb 22 20:25:17 2016] <tswett> Yeah, that works fine.
[Mon Feb 22 20:30:42 2016] <tswett> Maybe what I'm trying to do just can't be done.
[Tue Feb 23 01:56:36 2016] <gfixler> so where do I enter my Eval in CoqIde?
[Tue Feb 23 01:57:09 2016] <gfixler> Days of the Week just tells me to do it, as though I know how. http://www.cis.upenn.edu/~bcpierce/sf/current/Basics.html
[Tue Feb 23 02:03:13 2016] <Cypi> gfixler : just literally write "Eval ... ." in the text buffer
[Tue Feb 23 02:04:49 2016] <gfixler> Cypi: ah, tried that and got a warning about not doing it :)
[Tue Feb 23 02:06:42 2016] <Cypi> Indeed, but that's ok ^^ . You can also enter it in the query pane, which you can open with F1, iirc
[Tue Feb 23 02:08:39 2016] <gfixler> got it working - thanks, Cypi
[Tue Feb 23 05:11:44 2016] <schoppenhauer> hi. so I have some axioms which I need to realize. they contain Prop-parts (as requirements), and I am not quite sure what their extracted type would be. is it possible to show the type of an extracted Axiom, that is, the type that a term would have to have to be correct in the extracted program as a realizer for an axiom?
[Tue Feb 23 05:12:11 2016] <schoppenhauer> as a mere guideline how to realize the axiom
[Tue Feb 23 05:17:08 2016] <Cypi> Can't you just extract your axiom alone?
[Tue Feb 23 05:18:04 2016] <Cypi> "Axiom foo : nat -> False -> nat. Extraction foo." gives me the following for instance: (** val foo : nat -> nat **) let foo = failwith "AXIOM TO BE REALIZED"
[Tue Feb 23 05:37:32 2016] <schoppenhauer> Cypi: yes. thx.
[Tue Feb 23 05:37:39 2016] <schoppenhauer> i didnt think of this.
[Tue Feb 23 07:14:07 2016] <riaqn> asmanur:  sorry that I didn't reply you last night. I came up with a sigma type implemented Pi type today.
[Tue Feb 23 07:14:40 2016] <asmanur> ah?
[Tue Feb 23 07:14:57 2016] <riaqn> asmanur: how about this? \Sigma_{x:A} B(x) = \Pi_{C:*} (\Pi_{x:A} B(x)->C) -> C
[Tue Feb 23 07:15:42 2016] <riaqn> that is, it received a type C as return type, then it receive a function A->B->C, and apply two part of the sigma type to that function, and return the C.
[Tue Feb 23 07:16:28 2016] <asmanur> iirc if you do that, you don't have all the computation rules
[Tue Feb 23 07:16:41 2016] <asmanur> and your quantification over * is problematic
[Tue Feb 23 07:16:52 2016] <asmanur> it means either it is prop (then Aand B(x) have to live in prop)
[Tue Feb 23 07:16:57 2016] <asmanur> or you cannot eliminate to itself
[Tue Feb 23 07:19:58 2016] <riaqn> asmanur: well.. I 'm not expert of coq, could you explain in more details? sorry if it sounds silly..
[Tue Feb 23 07:20:39 2016] <asmanur> with your encoding you cannot define A x B → B x A assuming B does not depend on A
[Tue Feb 23 07:21:42 2016] <asmanur> for point (1) in coq you must have pair (pi1 t, pi2 t) = t
[Tue Feb 23 07:21:50 2016] <asmanur> but you cannot derive this with your definitions
[Tue Feb 23 07:26:12 2016] <riaqn> asmanur: for point 1, do you mean that we cannot get the type A and B from a Sigma type encoding in this way?
[Tue Feb 23 07:28:49 2016] <riaqn> it seems more a violation to the convention of coq? or a violation to the type theory itself?
[Tue Feb 23 07:38:18 2016] <asmanur> no, with your encoding
[Tue Feb 23 07:38:19 2016] <asmanur> try to prove
[Tue Feb 23 07:38:24 2016] <asmanur> pair (pi1 t, pi2 t) = t
[Tue Feb 23 07:38:40 2016] <asmanur> you'll see that you cannot do it on the judgemental equality level
[Tue Feb 23 07:41:00 2016] <riaqn> asmanur: thanks, I 'll check it.
[Tue Feb 23 09:13:27 2016] <SkySkimmer> What happens when I do the following: `Class bob : Type := bob_in : bob.`? I expected some sort of parsing error but I get `Error: Unbound reference: The reference 1 is free.`
[Tue Feb 23 09:24:15 2016] <dredozubov> i was checking out solutions to the SF and it seems that https://github.com/chrisbarrett/software-foundations/blob/master/Lists.v#L860 no longer works
[Tue Feb 23 09:25:04 2016] <dredozubov> looks like something changed with coq 8.5 in simpl/rewrite
[Tue Feb 23 09:26:35 2016] <dredozubov> i'm getting Error: Found no subterm matching "nonzeros (xs ++ 0 :: ys)" in the current goal.
[Tue Feb 23 09:26:38 2016] <dredozubov> any ideas why?
[Tue Feb 23 09:32:46 2016] <Nik05> no idea, but that solution is more complicated than it needs to be
[Tue Feb 23 09:34:12 2016] <Nik05> oh i proofed another lemma before it too simpify
[Tue Feb 23 09:34:21 2016] <Nik05> dredozubov for me the proof works fine in 8.5
[Tue Feb 23 09:34:34 2016] <dredozubov> weird
[Tue Feb 23 09:34:39 2016] <dredozubov> it doesn't for me
[Tue Feb 23 09:37:54 2016] <dredozubov> hmmm, if i copy the whole file then it works
[Tue Feb 23 09:38:09 2016] <dredozubov> if i check only one theorem, it doesn't
[Tue Feb 23 17:05:00 2016] <Nik05> The link in the topic is pointing somewhere else I think
[Tue Feb 23 17:05:34 2016] <Nik05> and 8.5 is out alread
[Wed Feb 24 05:13:58 2016] <dredozubov> is there a variant of rewrite tactic to target some specific subterm?
[Wed Feb 24 12:15:22 2016] <Nik05> morning
[Wed Feb 24 12:56:24 2016] <johnw> dredozubov: in ssreflect there is
[Wed Feb 24 12:56:30 2016] <johnw> it has a very powerful rewriting syntax
[Wed Feb 24 13:36:52 2016] <johnw> jgross: ping
[Wed Feb 24 13:49:23 2016] <GLM> Hey all, I was wondering if there are any open source projects (preferably using coq) that deal with code synthesis
[Wed Feb 24 14:08:51 2016] <johnw> hi GLM!
[Wed Feb 24 14:08:58 2016] <johnw> so, the one I'm using is actually open source
[Wed Feb 24 14:09:28 2016] <johnw> https://github.com/JasonGross/fiat
[Wed Feb 24 14:11:02 2016] <lingxiao> hey all
[Wed Feb 24 14:21:21 2016] <GLM> johnw:Thanks. So that is the core of your project?
[Wed Feb 24 14:21:35 2016] <johnw> it is one aspect of it, but not even the largest part
[Wed Feb 24 14:30:46 2016] <GLM> What is the largest part then>
[Wed Feb 24 14:31:18 2016] <johnw> many pieces make up the largest part :)
[Wed Feb 24 14:31:29 2016] <johnw> I'd estimate that what I'm doing is a nicely sized chunk, though
[Wed Feb 24 14:46:35 2016] <ryanakca> I'm having a hard time extracting a witness out of an existential, presumably because I'm trying to use it as a value for something of sort Type. Is there any way to achieve what I'm trying to do here? http://paste.debian.net/403117/ (in essence, I just want to pull out the function from the definition of Surjection f: (forall b : B, exists a : A, f a = b) morally gives a fuction g : B -> A, where b : B gets
[Wed Feb 24 14:46:41 2016] <ryanakca>  mapped to the witness for the existential.
[Wed Feb 24 14:49:03 2016] <johnw> you can't "pull it out" unless you make the resulting Universe Prop
[Wed Feb 24 14:50:46 2016] <johnw> conceptually, you only know that the witness exists, not what it does
[Wed Feb 24 14:51:09 2016] <johnw> I run into this same issue in my library for working with propositional isomorphisms
[Wed Feb 24 14:53:37 2016] <johnw> ryanakca: for example, in the definition of BijectionHasInverse, if you use {A B : Prop}, then you can destruct
[Wed Feb 24 14:59:21 2016] <ryanakca> Indeed, but this is just a simple example, what I'm actually trying to get to is showing that being isomorphic is an equivalence relation, where A and B are isomorphic if there exists a structure preserving bijection between the two. Showing symmetry requires me to be able to somehow extract the inverse from the surjection claim.
[Wed Feb 24 15:04:57 2016] <jrw> ryanakca: short answer is no, you can't do that. here is a reformulation that might work for you: http://paste.debian.net/403124/
[Wed Feb 24 15:08:18 2016] <ryanakca> jrw: Thanks :)
[Wed Feb 24 15:38:09 2016] <johnw> ryanakca: see also https://github.com/jwiegley/coq-haskell/blob/master/src/Control/Iso.v
[Wed Feb 24 15:38:26 2016] <johnw> I define a proposition isomorphic, and then establish it as a parametric relation, parametric over various constructions
[Wed Feb 24 15:38:29 2016] <jgross> johnw: pong 
[Wed Feb 24 15:38:37 2016] <johnw> so that after the basics are laid down, you can prove isomorphisms mostly by rewriting
[Wed Feb 24 15:38:39 2016] <johnw> jgross: hi!
[Wed Feb 24 15:38:47 2016] <johnw> jgross: are you anywhere that you could talk on the phone for a bit?
[Wed Feb 24 15:41:35 2016] <jgross> Is ~4:15-4:30 a good time-slot? (35 minutes from now) 
[Wed Feb 24 17:18:52 2016] <ryanakca> johnw: Thanks.
[Wed Feb 24 17:19:01 2016] <johnw> sure
[Wed Feb 24 17:19:14 2016] <johnw> setoids take a bit to get used to, but they are actually quite straightforward
[Wed Feb 24 19:02:33 2016] <Nik05> anyone got a clue on the pigeonhole_principle from SF MoreLogic.v?
[Wed Feb 24 19:04:21 2016] <jrw> Nik05: are you trying to do the classical or intuitionistic version?
[Wed Feb 24 19:05:31 2016] <Nik05> well until now i havent used the excluded_middle axiom
[Wed Feb 24 19:05:46 2016] <Nik05> but i think i want to do both
[Wed Feb 24 19:06:33 2016] <johnw> to do intuitionistic, I think you'd need decidable equality, wouldn't you?
[Wed Feb 24 19:08:07 2016] <Nik05> let me read about decidability
[Wed Feb 24 19:08:35 2016] <Nik05> oh oke uh
[Wed Feb 24 19:11:20 2016] <jrw> Nik05: I'd recommend doing it classically first. where are you stuck?
[Wed Feb 24 19:11:24 2016] <Nik05> jrw is the classical easier?
[Wed Feb 24 19:11:27 2016] <jrw> yes
[Wed Feb 24 19:11:46 2016] <jrw> classical in this context basically just means "we can assume everything is decidable"
[Wed Feb 24 19:11:50 2016] <Nik05> oh i need to do an inversion the it
[Wed Feb 24 19:12:07 2016] <jrw> so in particular, at any point in the proof you can do case analysis on "is x in the list l?"
[Wed Feb 24 19:12:22 2016] <jrw> which is not valid intuitionistically unless the type of x has decidable equality
[Wed Feb 24 19:12:28 2016] <johnw> decidable really just means "you can do an if test, and know something what you have based on the truth of it"
[Wed Feb 24 19:13:12 2016] <Nik05> so when does a type have decidable equality?
[Wed Feb 24 19:13:49 2016] <johnw> if you use Set Decidable Equality Schemes.
[Wed Feb 24 19:14:12 2016] <johnw> (one sec)
[Wed Feb 24 19:15:01 2016] <johnw> a type T is decidable for propert P, if there exists a procedure to go from some x : T to {P x} + {~ P x}
[Wed Feb 24 19:15:22 2016] <Nik05> oh i get how do the classical now
[Wed Feb 24 19:15:38 2016] <johnw> Set Decidable Equality Schemes will auto-generate such a procedure for you in terms of equality, and Set Boolean Equality Schemes will auto-generate a "boolean blind" procedure for equality
[Wed Feb 24 19:15:58 2016] <Nik05> hm i dont really get it
[Wed Feb 24 19:16:04 2016] <johnw> sorry, too much info probably
[Wed Feb 24 19:16:16 2016] <johnw> you'll need to add a parameter to your theorem
[Wed Feb 24 19:16:28 2016] <johnw> that says that for any proposition P, one can determine P \/ ~P
[Wed Feb 24 19:16:39 2016] <jrw> johnw: he doesn't need to add it it's already there.
[Wed Feb 24 19:16:40 2016] <Nik05> {P x} + {~P x} isn't P x ∨ ~ P x?
[Wed Feb 24 19:16:58 2016] <jrw> johnw: not to be rude, but I feel like you're kind of going off the deep end here
[Wed Feb 24 19:17:21 2016] <johnw> I'm sorry, I did go off the deep end
[Wed Feb 24 19:17:25 2016] <Nik05> :P
[Wed Feb 24 19:17:28 2016] <johnw> please ignore all of what I was just saying
[Wed Feb 24 19:17:28 2016] <jrw> :)
[Wed Feb 24 19:18:11 2016] <jrw> Nik05: they have already given you excluded middle. you will want to use that to make the proof easy.
[Wed Feb 24 19:18:21 2016] <jrw> why don't you try that and see if you can get it.
[Wed Feb 24 19:18:23 2016] <Nik05> yes I got how to do it now
[Wed Feb 24 19:18:27 2016] <jrw> good
[Wed Feb 24 19:20:57 2016] <Nik05> H2 : appears_in x l1'
[Wed Feb 24 19:20:57 2016] <Nik05> ______________________________________(1/2)
[Wed Feb 24 19:20:58 2016] <Nik05> repeats (x :: l1')
[Wed Feb 24 19:21:15 2016] <Nik05> guess i can proof that :)
[Wed Feb 24 19:22:45 2016] <jrw> looks good to me
[Wed Feb 24 19:23:10 2016] <Nik05> oh wait a second, i think my definition of repeats is wrong...
[Wed Feb 24 19:23:57 2016] <johnw> and if ever, some day, you find yourself mechanically writing decidable equality procedures, you'll remember me in my deep abyss of impractical knowledge and I will be redeemed
[Wed Feb 24 19:24:07 2016] <Nik05> ;p
[Wed Feb 24 19:25:58 2016] <jrw> haha :D
[Wed Feb 24 19:26:09 2016] <jrw> johnw: I actually didn't know about those options so thanks for that :)
[Wed Feb 24 19:28:50 2016] <Nik05> oh no im stuck at the same place as i was without using classic:P
[Wed Feb 24 19:32:13 2016] <Nik05> i now need to proof repeats (x :: l1'), with H : ~ appears_in x l1'
[Wed Feb 24 19:44:17 2016] <Nik05> i think i will look into it tomorrow
[Wed Feb 24 19:44:24 2016] <Nik05> thank you jrw and johnw
[Wed Feb 24 19:44:29 2016] <johnw> um, sure? :)
[Wed Feb 24 19:44:31 2016] <Nik05> have a good evening
[Wed Feb 24 19:44:37 2016] <Nik05> yes im not feeling that well
[Wed Feb 24 19:44:40 2016] <johnw> you too Nik05
[Wed Feb 24 19:44:43 2016] <johnw> feel better
[Wed Feb 24 19:44:47 2016] <Nik05> thank you
[Thu Feb 25 07:58:17 2016] <Nik05> hm still cant seem to proof it
[Thu Feb 25 08:00:23 2016] <Nik05> I tried to proof with excluded_middle and without but with both i get stuck at H0 : length l2 < length (x :: l1') to proof length l2 < length l1'
[Thu Feb 25 08:00:59 2016] <Nik05> SF tells to use induction on l1, should i try something else/
[Thu Feb 25 09:49:01 2016] <ryanakca> Hmmm, /topic should probably be updated to read [...] - 8.5 is out: https://coq.inria.fr/news/128.html - [...]
[Thu Feb 25 09:56:04 2016] <Nik05> yes same for Feit-Thompson link
[Thu Feb 25 10:04:56 2016] <notdan> yep
[Thu Feb 25 12:02:00 2016] <m1dnight_> Can I ask beginner's questino about proofs here?
[Thu Feb 25 12:02:08 2016] <Nik05> yes m1dnight_
[Thu Feb 25 12:03:03 2016] <m1dnight_> In a simple proof (proving forall n, m: n =m -> n + n = m+ m), when I type "rewrite -> H", is that like the induction step in proof by induction? i.e., "assume the hypothesis is true" ?
[Thu Feb 25 12:04:30 2016] <Nik05> You do an intro of H : n = m
[Thu Feb 25 12:04:45 2016] <Nik05> and then you rewrite n to m in your goal
[Thu Feb 25 12:04:52 2016] <Nik05> what do you mean with induction step?
[Thu Feb 25 12:12:51 2016] <m1dnight_> assuming the hypothesis to be true, but that would be "intros H." (which comes directly before "rewrite -> H"
[Thu Feb 25 12:16:37 2016] <m1dnight_> Well, nvm. I think Im a few miles off getting it.
[Thu Feb 25 12:17:01 2016] <Nik05> sorry i dont know the theories behind this
[Thu Feb 25 12:25:19 2016] <m1dnight_> aha I think I got it by trying to make it prove something that was wrong :>
[Thu Feb 25 12:25:33 2016] <Nik05> like what?
[Thu Feb 25 12:27:41 2016] <m1dnight_> https://www.refheap.com/115196
[Thu Feb 25 12:28:19 2016] <m1dnight_> I now figured out that rewrite does *magic* and notices that I have `n = m` in my hypothesis and as such can change n into m and vice versa (depending on the arrow of `rewrite`)
[Thu Feb 25 12:28:55 2016] <Nik05> well thats not exactly *magic*
[Thu Feb 25 12:29:09 2016] <m1dnight_> By magic I mean, I dont fully understand it yet :)
[Thu Feb 25 12:32:27 2016] <Nik05> well its sort of magic :P
[Thu Feb 25 12:32:32 2016] <Nik05> λ (n m : nat) (H : n = m), eq_ind_r (λ n0 : nat, n0 + n0 = m + m) eq_refl H : ∀ n m : nat, n = m → n + n = m + m
[Thu Feb 25 12:35:19 2016] <Nik05> oh right you can also do it another way
[Thu Feb 25 12:35:49 2016] <m1dnight_> I think I understand most of that :>
[Thu Feb 25 12:37:34 2016] <Nik05> but look indeed like some induction principle of eq
[Thu Feb 25 13:22:56 2016] <ondra1> hello. I want to try the first example of this book http://adam.chlipala.net/cpdt/ (source code in tar there, I downloaded it and compiled). When I run coqc StackMachine.v I get "Cannot find library Cpdt.CpdtTactics in loadpath", however when I edit the import from "Cpdt.CpdtTactics" to "CpdtTactics" I get the following after calling coqc: "CpdtTactics.vo contains library
[Thu Feb 25 13:23:20 2016] <ondra1> Cpdt.CpdtTactics and not library CpdtTactics". Any guesses why the first doesn't work but with the other command it knows where the library is?
[Thu Feb 25 13:23:48 2016] <ondra1> * the import in StackMachine.v
[Thu Feb 25 14:00:09 2016] <ondra1> well putting the CpdtTactics.vo file in Cptd/CpdtTactics.vo helped
[Thu Feb 25 14:01:03 2016] <m1dnight_> ping 192.168.1.120
[Thu Feb 25 14:01:26 2016] <Nik05> PING 192.168.1.120 (192.168.1.120): 56 data bytes
[Thu Feb 25 14:05:08 2016] <m1dnight_> :D wrong window, sorry
[Thu Feb 25 14:08:00 2016] <Nik05> --- 192.168.1.120 ping statistics ---
[Thu Feb 25 14:08:07 2016] <Nik05> 100 packets transmitted, 0 packets received, 100% packet loss
[Thu Feb 25 14:08:10 2016] <Nik05> :P
[Thu Feb 25 15:30:43 2016] <Nik05> johnw or jrw here?
[Thu Feb 25 15:30:51 2016] <jrw> Nik05: what's up?
[Thu Feb 25 15:30:56 2016] <Nik05> hello jrw
[Thu Feb 25 15:31:14 2016] <Nik05> about yesterday the pidgeonhole principle
[Thu Feb 25 15:31:32 2016] <Nik05> do you need to do some "strong"  induction or what am i missing?
[Thu Feb 25 15:35:31 2016] <johnw> hi
[Thu Feb 25 15:47:47 2016] <jrw> Nik05: no the induction they set up for you works
[Thu Feb 25 15:48:16 2016] <jrw> Nik05: when you apply the induction hypothesis, you need to apply it with a smaller l2 than the one you're given
[Thu Feb 25 15:48:26 2016] <jrw> so that you can satisfy the length requirement
[Thu Feb 25 15:49:08 2016] <Nik05> hm oke
[Thu Feb 25 15:50:00 2016] <Nik05> yes right
[Thu Feb 25 15:50:07 2016] <Nik05> a smaller l2, hm
[Thu Feb 25 16:17:34 2016] <johnw> Nik05: ok, I just proved it again from the beginning, and jrw is right
[Thu Feb 25 16:18:32 2016] <Nik05> i cant seem to find out how to do it
[Thu Feb 25 16:19:11 2016] <johnw> so, you'll reach a point where you have something like this in your context:
[Thu Feb 25 16:19:12 2016] <johnw> H0 : forall x0 : X, appears_in x0 (x :: xs) -> appears_in x0 l2
[Thu Feb 25 16:19:19 2016] <Nik05> yes
[Thu Feb 25 16:19:19 2016] <johnw> fairly early on
[Thu Feb 25 16:19:27 2016] <johnw> and you'll have a way to satisfy the arguments to this
[Thu Feb 25 16:19:37 2016] <johnw> the key to all of this is using what you know about appears_in and app
[Thu Feb 25 16:21:58 2016] <Nik05> oh like that
[Thu Feb 25 16:26:05 2016] <johnw> Nik05: for comparison later: https://gist.github.com/7fa959a318b578656d2a
[Thu Feb 25 16:29:31 2016] <Nik05> 22:19 < johnw> H0 : forall x0 : X, appears_in x0 (x :: xs) -> appears_in x0 l2
[Thu Feb 25 16:29:49 2016] <Nik05> But i can never use that one, when i apply the induction hypothesis with a smaller l2
[Thu Feb 25 17:20:10 2016] <johnw> you'll need to use it before, and after
[Thu Feb 25 17:20:25 2016] <johnw> with two separate proofs
[Thu Feb 25 17:20:31 2016] <johnw> one for ai_here, one for ai_there
[Thu Feb 25 17:20:41 2016] <johnw> there's a symmetry throughout this proof, in fact
[Thu Feb 25 17:21:33 2016] <johnw> this should really be a 5 star exercise, IMHO
[Thu Feb 25 17:21:41 2016] <johnw> it's one of the hardest
[Thu Feb 25 17:21:55 2016] <johnw> for those of us not used to doing pen-and-paper proofs in logic class
[Thu Feb 25 18:10:31 2016] <Nik05> still dont got it :(
[Thu Feb 25 18:15:37 2016] <johnw> check out the solution I posted for a brief hint perhaps?
[Thu Feb 25 18:16:05 2016] <Nik05> oke
[Thu Feb 25 18:17:30 2016] <Nik05> this line?  destruct (appears_in_app_split _ _ _ (Happ x (ai_here _ _))) as [? Hsplit].
[Thu Feb 25 18:18:12 2016] <Nik05> i dont even get the syntax
[Thu Feb 25 18:18:27 2016] <johnw> so, destruct H destructions a term in the context
[Thu Feb 25 18:18:40 2016] <johnw> destruct (H a) destructs a functions in the context, passing it an argument
[Thu Feb 25 18:18:49 2016] <johnw> the '_' just says "figure out this argument for me"
[Thu Feb 25 18:18:58 2016] <johnw> the 'as' assigns names to destructed components
[Thu Feb 25 18:19:02 2016] <johnw> where ? means "just make up a name"
[Thu Feb 25 18:19:09 2016] <Nik05> oke
[Thu Feb 25 18:24:16 2016] <Nik05> destruct (ExM (appears_in x l2)) as [Hx_in_l2 | Hnot_x_in_l2]. apply appears_in_app_split in Hx_in_l2. destruct Hx_in_l2 as [l2' [l2'' Hx_in_l2']].
[Thu Feb 25 18:24:19 2016] <Nik05> does the same as that
[Thu Feb 25 18:24:47 2016] <Nik05> which i already had in my proof
[Thu Feb 25 18:24:51 2016] <johnw> well, not exactly the same as that
[Thu Feb 25 18:25:05 2016] <Nik05> oh?
[Thu Feb 25 18:25:15 2016] <johnw> you're destructing on LEM there
[Thu Feb 25 18:25:22 2016] <johnw> you didn't include the code where I do that in what you pasted above
[Thu Feb 25 18:25:28 2016] <johnw> so it's not an exact comparison
[Thu Feb 25 18:26:13 2016] <Nik05> oh wait
[Thu Feb 25 18:27:40 2016] <Nik05> hm
[Thu Feb 25 18:29:20 2016] <Nik05> i still dont get your line then
[Thu Feb 25 18:32:20 2016] <johnw> what aobut it?
[Thu Feb 25 18:36:38 2016] <Nik05> well hard to ask about it :P
[Thu Feb 25 18:39:54 2016] <Nik05> where does it get the information about l2 from?
[Thu Feb 25 18:40:48 2016] <Nik05> I guess it comes from Happ x (ai_here _ _)
[Thu Feb 25 18:42:13 2016] <Nik05> oke that creates : appears_in x l2
[Thu Feb 25 18:42:28 2016] <Nik05> but how
[Thu Feb 25 18:43:33 2016] <Nik05>   pose proof (Happ x (ai_here _ _)).
[Thu Feb 25 18:43:36 2016] <Nik05> i dont get this
[Thu Feb 25 18:46:17 2016] <Nik05> What do you apply to Happ to get appears_in x l2?
[Thu Feb 25 18:46:39 2016] <Nik05> i guess you need to apply it to appears_in x (x :: xs)
[Thu Feb 25 18:46:50 2016] <Nik05> but your hypothesis H is ~ appears_in x xs
[Thu Feb 25 18:54:17 2016] <benzrf> is there some kind of well-known algorithm for pattern matching and substitution and stuff
[Thu Feb 25 18:54:26 2016] <benzrf> er ok that was an incredibly unclear question
[Thu Feb 25 18:55:29 2016] <benzrf> basically i want to write some kind of graphical program for manipulating expressions rigorously such that you can never end up with a false equation
[Thu Feb 25 18:56:00 2016] <benzrf> so i'd need to be able to do things like, given some expression and an equation with some universally quantified variables in it, figure out how the rewriting applies
[Thu Feb 25 18:56:09 2016] <benzrf> what would be a good resource for that?
[Thu Feb 25 18:58:15 2016] <Nik05> johnw could you ellaborate a little on that?
[Thu Feb 25 19:00:03 2016] <Nik05> all these short cuts :p
[Thu Feb 25 19:00:40 2016] <Nik05> apply repeats_head. exact H. you write as exact (repeats_head x xs H)
[Thu Feb 25 19:01:02 2016] <Nik05> i guess thats explained more in ProofObjects.v
[Thu Feb 25 19:01:13 2016] <Nik05> which comes after MoreLogic.v
[Thu Feb 25 19:01:57 2016] <johnw> exact TERM says that TERM is exactly what is needed to satisfy the goal
[Thu Feb 25 19:02:07 2016] <johnw> apply uses heuristics to determine arguments, but exact doesn't do this
[Thu Feb 25 19:03:37 2016] <Nik05> i get that one, but not your long destruct that gives you ∃ l1 l3, l2 = l1 ++ x :: l3
[Thu Feb 25 19:04:02 2016] <johnw> I guess just ignore it then, there are many ways to accomplish the same thing
[Thu Feb 25 19:04:20 2016] <Nik05> but how could i accomplish it without your one liner?
[Thu Feb 25 19:04:37 2016] <johnw> pose proof (Happ x (ai_here _ _)) as H'.
[Thu Feb 25 19:04:48 2016] <johnw> apply appears_in_app_split in H'.
[Thu Feb 25 19:04:53 2016] <Nik05> yes
[Thu Feb 25 19:04:57 2016] <Nik05> but i dont get the first line
[Thu Feb 25 19:05:08 2016] <johnw> what about it?
[Thu Feb 25 19:05:09 2016] <Nik05> seems like you get information from nothing
[Thu Feb 25 19:06:01 2016] <johnw> you get information from Happ
[Thu Feb 25 19:06:07 2016] <johnw> Happ takes a variable, here passed as x
[Thu Feb 25 19:06:12 2016] <johnw> now it wants evidence that is trivial to generate
[Thu Feb 25 19:06:59 2016] <Nik05> how do you generate that evidence?
[Thu Feb 25 19:07:08 2016] <johnw> (ai_here _ _ )
[Thu Feb 25 19:07:09 2016] <johnw> is that evidene
[Thu Feb 25 19:07:51 2016] <Nik05> :P
[Thu Feb 25 19:07:57 2016] <Nik05> sorry i still dont get it
[Thu Feb 25 19:08:34 2016] <Nik05> pose proof (ai_here x xs). how does this work?
[Thu Feb 25 19:08:46 2016] <Nik05> oooh
[Thu Feb 25 19:08:48 2016] <Nik05> -_-
[Thu Feb 25 19:08:48 2016] <johnw> ai_here x xs says that appears_in x (x :: xs)
[Thu Feb 25 19:08:55 2016] <johnw> which is simply evident by definition
[Thu Feb 25 19:08:58 2016] <Nik05> oke thats pretty self evident :P
[Thu Feb 25 19:09:03 2016] <Nik05> sorry im stupid
[Thu Feb 25 19:09:06 2016] <johnw> that's OK
[Thu Feb 25 19:09:16 2016] <johnw> ai_here _ _ just says "you can figure out which arguments I mean"
[Thu Feb 25 19:09:27 2016] <johnw> type inference is very powerful
[Thu Feb 25 19:09:46 2016] <Nik05> yes i knew it would mean something like (ai_here x (x :: xs))
[Thu Feb 25 19:09:59 2016] <johnw> just ai_here x xs
[Thu Feb 25 19:10:05 2016] <Nik05> or not like that, yes that
[Thu Feb 25 19:10:53 2016] <Nik05> | ai_here : forall l, appears_in a (a::l)
[Thu Feb 25 19:10:55 2016] <Nik05> right oke
[Thu Feb 25 19:11:15 2016] <Nik05> oh thats what i didnt get from your proof, felt like you made something from nothing
[Thu Feb 25 19:11:35 2016] <johnw> I only made something from the definitionally obvious :)
[Thu Feb 25 19:11:42 2016] <Nik05> right :)
[Thu Feb 25 19:13:24 2016] <Nik05> pose proof (ai_here x l1'). apply Hai in H. apply appears_in_app_split in H. destruct H.
[Thu Feb 25 19:13:30 2016] <Nik05> so that is what your one liner does
[Thu Feb 25 19:13:39 2016] <johnw> yes, exactly that
[Thu Feb 25 19:15:25 2016] <Nik05> couldnt you also merge it with the next destruct?
[Thu Feb 25 19:15:44 2016] <Nik05> as [? [? Hsplit]?
[Thu Feb 25 19:16:14 2016] <johnw> sure!
[Thu Feb 25 19:18:51 2016] <Nik05> why do you clear IHxs?
[Thu Feb 25 19:18:58 2016] <Nik05> i guess i can work further now
[Thu Feb 25 19:19:04 2016] <Nik05> totally looked over it
[Thu Feb 25 19:26:26 2016] <Nik05> oke i think i will get there now :)
[Thu Feb 25 19:26:29 2016] <Nik05> thank you very much johnw
[Thu Feb 25 19:30:12 2016] <Nik05> strange cant appleay appears_in_app for some reason
[Thu Feb 25 19:30:59 2016] <Nik05> oh i need app_appears_in -_-
[Thu Feb 25 19:31:24 2016] <johnw> yeah
[Thu Feb 25 19:40:57 2016] <Nik05> H2 : x0 :: l = l2' ++ x :: l2''
[Thu Feb 25 19:41:08 2016] <Nik05> need to proof : appears_in x0 l2'
[Thu Feb 25 19:42:12 2016] <Nik05> oh wait l2' could be [] ofcourse
[Thu Feb 25 19:42:55 2016] <Nik05> thank you johnw, i now know how to go further
[Thu Feb 25 19:42:57 2016] <Nik05> have a nice evening
[Thu Feb 25 19:43:37 2016] <johnw> you too!
[Fri Feb 26 10:01:29 2016] <lingxiao> hey all
[Fri Feb 26 10:01:34 2016] <benzrf> hey
[Fri Feb 26 10:01:43 2016] <lingxiao> I'm stuck on a proof and would like some tips
[Fri Feb 26 10:02:23 2016] <lingxiao> this one: https://github.com/lingxiao/CIS500/blob/master/hw6/Imp.v#L864
[Fri Feb 26 10:02:39 2016] <lingxiao> my proof state is as follows: http://lpaste.net/153410
[Fri Feb 26 10:03:08 2016] <lingxiao> I  need to get the goal to a state that looks like:  [ BEq e1 e2 // beq_nat n1 n2]
[Fri Feb 26 10:03:30 2016] <lingxiao> but see no clear path to do so, the theorem [aeval_iff_aevalR] doesn't seem to help me here
[Fri Feb 26 10:03:55 2016] <lingxiao> destructing [a] and [a0] does not seem like the way to go
[Fri Feb 26 10:04:51 2016] <lingxiao> so benzrf i dont know if you see a path forward
[Fri Feb 26 10:06:43 2016] <benzrf> sorry back
[Fri Feb 26 10:06:52 2016] <benzrf> lingxiao: i can take a look but i'm not super knowledgeable about oq
[Fri Feb 26 10:06:53 2016] <benzrf> *coq
[Fri Feb 26 10:07:10 2016] <lingxiao> any help is appreicated thank you!
[Fri Feb 26 10:08:06 2016] <benzrf> yeah i didn't even get that far in sf >.>
[Fri Feb 26 10:08:25 2016] <lingxiao> oh haha yeah the course can be fraustrating
[Fri Feb 26 10:10:18 2016] <benzrf> oh
[Fri Feb 26 10:10:21 2016] <benzrf> no, i just kind of
[Fri Feb 26 10:10:29 2016] <benzrf> gradually stopped doing it
[Fri Feb 26 10:10:35 2016] <benzrf> my attention drifted elsewhere
[Fri Feb 26 10:11:03 2016] <lingxiao> haha i feel you man
[Fri Feb 26 13:20:10 2016] <Nik05> hey lingxiao
[Fri Feb 26 13:20:20 2016] <lingxiao> hey I figured it out!
[Fri Feb 26 13:20:26 2016] <Nik05> what did you figure out lingxiao ?
[Fri Feb 26 13:20:34 2016] <lingxiao> oh the question i was asking here
[Fri Feb 26 13:20:40 2016] <lingxiao> or were you going to talk about someting else?
[Fri Feb 26 13:20:44 2016] <lingxiao> haha sorry !
[Fri Feb 26 13:21:53 2016] <Nik05> oh no not really :)
[Fri Feb 26 13:22:34 2016] <Nik05> see you later
[Fri Feb 26 13:29:05 2016] <lingxiao> oh ok yup see you later too thanks!
[Fri Feb 26 14:21:57 2016] <johnw> morning all
[Fri Feb 26 16:48:08 2016] <Nik05> morning johnw
[Fri Feb 26 17:56:05 2016] <Nik05> johnw im looking into the pigeons again :P
[Fri Feb 26 17:56:14 2016] <johnw> cool
[Fri Feb 26 17:56:23 2016] <johnw> good to keep doing it until it makes sense
[Fri Feb 26 17:59:47 2016] <Nik05> johnw im stuck on something really simple :)
[Fri Feb 26 17:59:55 2016] <johnw> what?
[Fri Feb 26 18:00:05 2016] <Nik05> oh wait maybe i got it
[Fri Feb 26 18:00:35 2016] <Nik05> i took a look at your proof and you just do "assumption" at line 23. But that didnt seem to work for me
[Fri Feb 26 18:00:48 2016] <johnw> you're using 8.4pl6?
[Fri Feb 26 18:00:53 2016] <Nik05> no 8.5
[Fri Feb 26 18:00:59 2016] <johnw> that could be why
[Fri Feb 26 18:01:04 2016] <johnw> i haven't tried SF with 8.5
[Fri Feb 26 18:01:10 2016] <johnw> try just applying the matching hypothesis?
[Fri Feb 26 18:01:33 2016] <Nik05> so assumption in 8.4 does a better job than in 8.5?
[Fri Feb 26 18:01:41 2016] <Nik05> ooooh
[Fri Feb 26 18:01:47 2016] <Nik05> i see what you did :)
[Fri Feb 26 18:01:50 2016] <johnw> ah
[Fri Feb 26 18:02:08 2016] <Nik05> destruct (long thing) as *[| H2]* that part :P
[Fri Feb 26 18:02:12 2016] <Nik05> is another destruct ofcourse
[Fri Feb 26 18:02:16 2016] <johnw> yeah
[Fri Feb 26 18:04:46 2016] <Nik05> no sure how your "assumption" works there though
[Fri Feb 26 18:04:59 2016] <Nik05> not*
[Fri Feb 26 18:08:10 2016] <Nik05> hm your 23-26 are 20 lines for me or something :S
[Fri Feb 26 18:22:32 2016] <Nik05> johnw i proof it...
[Fri Feb 26 18:22:37 2016] <Nik05> ed
[Fri Feb 26 18:22:52 2016] <johnw> cool; show me?
[Fri Feb 26 18:23:08 2016] <Nik05> i did something totally wrong but i proofed it :P
[Fri Feb 26 18:23:45 2016] <lpaste> Nik05 pasted “A little long...” at http://lpaste.net/5004518003790839808
[Fri Feb 26 18:24:09 2016] <Nik05> my line 31-64 is your lines 23-26...
[Fri Feb 26 18:24:35 2016] <johnw> huh
[Fri Feb 26 18:24:44 2016] <Nik05> :P
[Fri Feb 26 18:25:04 2016] <Nik05> and my proof is unreadable...
[Fri Feb 26 18:28:41 2016] <Nik05> oh wait a second
[Fri Feb 26 18:29:24 2016] <Nik05> im doing something wrong there :P
[Fri Feb 26 18:30:30 2016] <Nik05> i guess i dont know what this does :P destruct (appears_in_app _ _ _ _ (Happ _ (ai_later _ _ _ H0)))
[Fri Feb 26 18:32:48 2016] <Nik05> its a miracle my proof works i guess
[Fri Feb 26 18:33:55 2016] <johnw> well, keep in mind that proofs are just implementations of functions
[Fri Feb 26 18:34:05 2016] <johnw> all i'm doing is calling a function to produce evidence, and than doing a case analysis on that evidence
[Fri Feb 26 18:36:06 2016] <Nik05> i dont get where the evidence is coming from
[Fri Feb 26 18:37:50 2016] <Nik05> oke this has to be self evident again...
[Fri Feb 26 18:38:28 2016] <Nik05> ooooooooooh
[Fri Feb 26 18:39:15 2016] <johnw> the evidence is return from the function, provided you give it the evidence that IT wants
[Fri Feb 26 18:39:20 2016] <johnw> which we derive from the context
[Fri Feb 26 18:39:29 2016] <johnw> all functions are evidence transformations
[Fri Feb 26 18:39:37 2016] <johnw> and all evidence is just an inhabitant of a type
[Fri Feb 26 18:39:43 2016] <Nik05> i get that
[Fri Feb 26 18:40:06 2016] <Nik05> just not how you know what functions to apply
[Fri Feb 26 18:40:15 2016] <johnw> i know what return value I want
[Fri Feb 26 18:40:23 2016] <johnw> so I ask, is there a function that returns it?
[Fri Feb 26 18:40:27 2016] <johnw> if so, what does it need?
[Fri Feb 26 18:40:34 2016] <Nik05> how do you search for that?
[Fri Feb 26 18:40:46 2016] <johnw> I use SearchAbout, SearchConstant, SearchRewrite
[Fri Feb 26 18:40:54 2016] <Nik05> oke
[Fri Feb 26 18:42:56 2016] <lpaste> Nik05 pasted “Better” at http://lpaste.net/191237602152546304
[Fri Feb 26 18:44:27 2016] <johnw> yeah, that's effectively the same proof
[Fri Feb 26 18:52:48 2016] <Nik05> yes
[Fri Feb 26 18:53:22 2016] <Nik05> i did inversion on the app version of l2...
[Fri Feb 26 19:07:59 2016] <johnw> inversion and destruct are sometimes interchangeable (and sometimes not)
[Fri Feb 26 19:12:47 2016] <Nik05> johnw i can do another proof now as well :)
[Fri Feb 26 19:12:53 2016] <Nik05> thanks to you
[Fri Feb 26 19:13:05 2016] <Nik05>  disjoint l1 l2 -> no_repeats l1 -> no_repeats l2 -> no_repeats (l1 ++ l2).
[Fri Feb 26 19:13:05 2016] <johnw> yay!
[Fri Feb 26 19:13:15 2016] <Nik05> pose proof (H x (ai_here _ _)). magic :D
[Fri Feb 26 19:16:35 2016] <lpaste> Nik05 pasted “Done” at http://lpaste.net/5503864237497253888
[Fri Feb 26 19:16:40 2016] <Nik05> That went a lot faster :)
[Fri Feb 26 19:25:35 2016] <Nik05> johnw im now going to do ProofObjects.v
[Sat Feb 27 02:55:14 2016] <artart78> "All the remaining goals are on the shelf." "Error: Attempt to save a proof with shelved goals"
[Sat Feb 27 02:55:20 2016] <artart78> erm.. how do I "unshelf" these goals?
[Sat Feb 27 02:55:38 2016] <artart78> I don't understand the purpose of "hiding" some goals that I have to prove anyway
[Sat Feb 27 02:57:54 2016] <Cale> Unshelve. apparently
[Sat Feb 27 03:03:03 2016] <artart78> oh, thanks!
[Sat Feb 27 03:03:51 2016] <Cale> artart78: I believe it's mostly useful when you're writing a tactic, and expect that some of the goals generated will be solved by unification when the other goals are solved.
[Sat Feb 27 03:04:07 2016] <Cale> It's probably not so useful interactively.
[Sat Feb 27 03:06:18 2016] <Cale> Apparently refine uses shelve_unifiable to leave fewer goals visible afterward.
[Sat Feb 27 03:10:50 2016] <artart78> oh ok
[Sat Feb 27 03:27:20 2016] <johnw> Hi Cale!
[Sat Feb 27 03:31:19 2016] <Cale> hi
[Sat Feb 27 03:51:03 2016] <johnw> Cale: I don't see you in #coq as often
[Sat Feb 27 03:51:11 2016] <johnw> though I guess you're usually here
[Sat Feb 27 03:51:14 2016] <Cale> I'm always here, just not always talking :)
[Sat Feb 27 03:58:30 2016] <johnw> Cale: are you an extraction wizard?
[Sat Feb 27 03:58:40 2016] <johnw> I'd like to know how to extract "foo" as just "foo"
[Sat Feb 27 03:59:06 2016] <johnw> instead of Cons0 (Ascii .....) (Cons0 (Ascii ....) ...)
[Sat Feb 27 06:28:52 2016] <dredozubov> johnw: saw your post on coq-club. I guess it's awkward to even talk about proof relevance with this kind of extracted terms.
[Sat Feb 27 07:11:51 2016] <Nik05> johnw do you know where i can get some information on Search* ?
[Sat Feb 27 07:12:56 2016] <Nik05> Oh SearchAbout is just Search now
[Sat Feb 27 07:13:34 2016] <Nik05> I dont see SearchConstant in the manual though
[Sat Feb 27 07:31:42 2016] <dredozubov> Is it possible to utilize free theorems in coq?
[Sat Feb 27 14:53:27 2016] <Nik05> good evening
[Sat Feb 27 15:15:55 2016] <Cale> johnw: I don't really know anything about extraction, haven't actually tried it.
[Sat Feb 27 15:16:21 2016] <Cale> johnw: But that seems like a good question :)
[Sat Feb 27 16:28:04 2016] <Nik05> Im reading ProofObjects.v and im at exercise 2 now (** Give a proof object corresponding to the theorem [b_times2] from Prop.v *) But what do they want I do?
[Sat Feb 27 16:28:25 2016] <Nik05> they havent spoken about induction or rewrites in ProofObjects where I am now
[Sat Feb 27 16:34:36 2016] <jrw> Nik05: then hopefully you won't need either of those :)
[Sat Feb 27 16:35:17 2016] <Nik05> The Theorem is beautiful n -> beautiful (2 * n)
[Sat Feb 27 16:35:34 2016] <jrw> right
[Sat Feb 27 16:35:39 2016] <Nik05> by definition beautiful n -> beautiful (n + n)
[Sat Feb 27 16:35:52 2016] <jrw> yep
[Sat Feb 27 16:36:16 2016] <Nik05> so then i need to rewrite (2 * n) to (n + n) or?
[Sat Feb 27 16:36:44 2016] <jrw> right, so that's one way
[Sat Feb 27 16:36:51 2016] <jrw> but you can do it without rewriting
[Sat Feb 27 16:36:56 2016] <Nik05> oh
[Sat Feb 27 16:37:00 2016] <jrw> what does [2 * n] simplify to by itself?
[Sat Feb 27 16:38:00 2016] <Nik05> jrw how do i print the definition of *?
[Sat Feb 27 16:38:27 2016] <jrw> well * is a notation, so you have to say [Locate "*".] to get its real name
[Sat Feb 27 16:38:33 2016] <jrw> which is "mult" I believe
[Sat Feb 27 16:38:44 2016] <jrw> and then you say [Print mult.]
[Sat Feb 27 16:39:21 2016] <Nik05> well oke i tried Print mult but it dhoes give the definition
[Sat Feb 27 16:39:34 2016] <Nik05> It only gives this: Notation mult := Nat.mul
[Sat Feb 27 16:40:01 2016] <Nik05> which is really strange because i didnt include the Nat libraary
[Sat Feb 27 16:41:02 2016] <Nik05> jrw so it simplifies to n + (n + 0)?
[Sat Feb 27 16:41:11 2016] <Nik05> i did Print Nat.mul
[Sat Feb 27 16:41:27 2016] <Nik05> no idea where Nat.mul is defined
[Sat Feb 27 16:41:49 2016] <Nik05> jrw so how do you simplify with proof objects?
[Sat Feb 27 16:41:51 2016] <jrw> Nik05: I don't have SF installed locally so I can't check exactly what's different there from the standard library
[Sat Feb 27 16:42:08 2016] <jrw> good question. simplification basically comes for free in proof objects
[Sat Feb 27 16:42:14 2016] <Nik05> oh oke
[Sat Feb 27 16:42:42 2016] <jrw> so in a proof object you can treat [2 * n] as the same thing as [n + (n + 0)] and it will work
[Sat Feb 27 16:43:02 2016] <Nik05> oh oke thank you jrw
[Sat Feb 27 16:43:11 2016] <jrw> so the theorem is the same as proving [beautiful n -> beautiful (n + (n + 0))]
[Sat Feb 27 16:43:22 2016] <jrw> and now hopefully you see how you don't need any rewrites :)
[Sat Feb 27 16:43:44 2016] <Nik05> well dont i need to rewrite (n + 0) to n?
[Sat Feb 27 16:44:07 2016] <jrw> again, you *could* do that
[Sat Feb 27 16:44:13 2016] <Nik05> :P
[Sat Feb 27 16:44:22 2016] <jrw> but why not just try to prove [beautiful (n + 0)] "directly"
[Sat Feb 27 16:44:33 2016] <Nik05> oh right
[Sat Feb 27 16:44:42 2016] <Nik05> :)
[Sat Feb 27 16:45:00 2016] <jrw> :)
[Sat Feb 27 16:45:05 2016] <Nik05> oke my client cant handle netsplits
[Sat Feb 27 16:45:17 2016] <Nik05> brb jrw, everything is slow now
[Sat Feb 27 16:45:20 2016] <jrw> k
[Sat Feb 27 16:47:20 2016] <Nik05>   λ n H, b_sum n (n + 0) H (b_sum n 0 H b_0).
[Sat Feb 27 16:47:23 2016] <Nik05> is that it jrw ?
[Sat Feb 27 16:47:44 2016] <jrw> Nik05: looks good
[Sat Feb 27 16:47:48 2016] <jrw> does it typecheck?
[Sat Feb 27 16:47:56 2016] <Nik05> it compiles :)
[Sat Feb 27 16:48:02 2016] <jrw> nice
[Sat Feb 27 16:48:39 2016] <Nik05> john told about using Search to find objects to use, but I havent found out how to use it correctly
[Sat Feb 27 16:48:45 2016] <Nik05> can you maybe give an example?
[Sat Feb 27 16:50:17 2016] <Nik05> jrw has netsplit?
[Sat Feb 27 16:50:27 2016] <Nik05> oh guess im back
[Sat Feb 27 16:50:37 2016] <jrw> Nik05: what do you mean about Search?
[Sat Feb 27 17:13:27 2016] <Nik05> jrw sorry, johnw helped me with a proof yesterday and day before. And he used a lot of proof object. He said he used SearchAbout, SearchRewrite, etc. to find which proof objects he has to proof something and then look at what else he has to proof.
[Sat Feb 27 17:17:27 2016] <jrw> Nik05: [SearchAbout foo.] will show you all lemmas about foo
[Sat Feb 27 17:17:27 2016] <jrw> so if you do [SearchAbout beautiful.] you'll see b_0, b_sum, etc
[Sat Feb 27 17:22:08 2016] <Nik05> oke
[Sat Feb 27 21:25:36 2016] <lingxiao> hey all
[Sat Feb 27 21:25:40 2016] <lingxiao> i have a syntax question about a tactic
[Sat Feb 27 21:27:34 2016] <lingxiao> http://pastebin.com/vxMurqrS
[Sun Feb 28 06:25:23 2016] <schoppenhauer> hi. I am currently stuck with something that *should* be easy. I have a function f : forall (n : nat), {m : nat | A(m, n)}. Now I want a function f_ : nat -> nat which is essentialls projT1 ° f, and I want forall n, A (f_ n, n). somehow I am stuck deriving this.
[Sun Feb 28 06:25:30 2016] <schoppenhauer> can sb help plz?
[Sun Feb 28 06:31:50 2016] <schoppenhauer> so essentially: http://lpaste.net/153530
[Sun Feb 28 06:32:16 2016] <schoppenhauer> I need to prove this goal
[Sun Feb 28 06:33:57 2016] <schoppenhauer> ok, I knew I would find the solution as soon as I ask here ^^. got it, thx.
[Sun Feb 28 06:34:51 2016] <rrika> schoppenhauer, I tried it too just now. How many lines did it take?
[Sun Feb 28 06:35:08 2016] <schoppenhauer> 2
[Sun Feb 28 06:35:18 2016] <schoppenhauer> but I didn't think I could just apply projT2
[Sun Feb 28 06:35:28 2016] <rrika> you did apply projT2?
[Sun Feb 28 06:35:30 2016] <schoppenhauer> this idea came just now. i thought too complicated.
[Sun Feb 28 06:35:33 2016] <schoppenhauer> yes.
[Sun Feb 28 06:35:34 2016] <rrika> mine: intros. destruct (f n). exact a.
[Sun Feb 28 06:36:06 2016] <schoppenhauer> intros A f n. apply projT2.
[Sun Feb 28 06:36:30 2016] <schoppenhauer> yes, it's easy. but I somehow couldn't manage it ... sometimes it's the easy things that take their time, u know.
[Sun Feb 28 06:36:43 2016] <rrika> I know.
[Sun Feb 28 06:39:45 2016] <rrika> what's the difference between { x : A | P } and { x : A & P }?
[Sun Feb 28 06:40:22 2016] <schoppenhauer> i think in the latter, P can have computational content
[Sun Feb 28 07:32:02 2016] <Nik05> morning lingxiao
[Sun Feb 28 10:53:41 2016] <schoppenhauer> https://blog.uxul.de/e?e=ex_in_coq opinions?
[Mon Feb 29 06:35:42 2016] <riaqn> hello, here is my status: https://bpaste.net/show/94a29b1ebf01 , how can I get 'x = pi1 s' ?
[Mon Feb 29 06:41:23 2016] <riaqn> OK, I think I can't. Because the 's' just return a C, so in these case I can only get a Prop, but the value may not be 'x = pi1 s'.
[Mon Feb 29 07:06:08 2016] <riaqn> anyone know any good reading materials about equality(definitial, prospositional, etc)?
[Mon Feb 29 07:50:11 2016] <m1dnight_> Hrm, I've been stuck on an exercise from the software foundations book :<
[Mon Feb 29 07:50:30 2016] <Nik05> m1dnight_ which one?
[Mon Feb 29 07:51:04 2016] <m1dnight_> proving `and b c = ordb b  c`
[Mon Feb 29 07:51:25 2016] <m1dnight_> I can "prove" it on paper. It's getting it into Coq thats difficult.
[Mon Feb 29 07:51:36 2016] <Nik05> how is that equal?
[Mon Feb 29 07:51:57 2016] <m1dnight_> oh, i forgot a piece.sorry I was distracted.
[Mon Feb 29 07:52:20 2016] <m1dnight_> https://www.refheap.com/115342
[Mon Feb 29 07:52:25 2016] <m1dnight_> This is where I got so far..
[Mon Feb 29 07:56:27 2016] <m1dnight_> The problem I think is, when I have the intros of b and c, I should be able to assume that `and b c` is true. then from that derive that b and c are true, then rewrite the left hand side  of `and b c = or b c` to true.
[Mon Feb 29 07:56:43 2016] <m1dnight_> But I cant seem to be able to split the `and b c = or b c` in two parts.
[Mon Feb 29 08:03:35 2016] <Nik05> m1dnight_ you can just do a case analysis on b and c
[Mon Feb 29 08:10:02 2016] <Nik05> oh and m1dnight_ if you do destruct (andb b c) eqn:Hbeqc. you get b = c in your context
[Mon Feb 29 08:36:59 2016] <m1dnight_> Hmm, Ive been trying with destruct on b and c but Im stuck when I have to prove its *not* the case.
[Mon Feb 29 08:37:07 2016] <m1dnight_> I might need a lemma for this, I think.
[Mon Feb 29 08:37:39 2016] <Nik05> well you can proof a lemma andb  b c = true -> b = c
[Mon Feb 29 08:38:03 2016] <Nik05> wait
[Mon Feb 29 08:38:09 2016] <Nik05> well yes you can
[Mon Feb 29 08:42:21 2016] <m1dnight_> Yes, that's true but I figured that is basically the same as the definition of and, no?
[Mon Feb 29 08:42:45 2016] <m1dnight_> https://www.refheap.com/115345
[Mon Feb 29 08:43:14 2016] <m1dnight_> This is where Im stuck. I am trying to prove false = true here :) I should be able to say "This is not possible, but thats the point"
[Mon Feb 29 08:44:55 2016] <Nik05> m1dnight_ your hypothesis is false here
[Mon Feb 29 08:45:01 2016] <Nik05> and false can proof everything
[Mon Feb 29 08:45:28 2016] <m1dnight_> That's true  >:)
[Mon Feb 29 08:45:46 2016] <m1dnight_> Im going to try with the lemma first. See where I end up.
[Mon Feb 29 08:46:03 2016] <Nik05> 14:42 < m1dnight_> Yes, that's true but I figured that is basically the same as  the definition of and, no?
[Mon Feb 29 08:46:12 2016] <Nik05> no its not by definition
[Mon Feb 29 08:46:47 2016] <Nik05> definition is that andb b c = true when b and c are true
[Mon Feb 29 09:08:49 2016] <Nik05> m1dnight_ got it?
[Mon Feb 29 09:09:12 2016] <m1dnight_> Well, Im trying :D Not going to ask too much questions. Trying to figure out on my own atm.
[Mon Feb 29 09:09:45 2016] <Nik05> oke good
[Mon Feb 29 09:11:13 2016] <Nik05> m1dnight_ in Prop.v or IndProp now i think, they talk about the difference between computation and inductive definitions
[Mon Feb 29 09:11:26 2016] <Nik05> andb and orb are computational definitions
[Mon Feb 29 10:09:31 2016] <m1dnight_> fieuw, Ive got it.
[Mon Feb 29 10:09:47 2016] <m1dnight_> Well, at least `and b c = true -> b = true`
[Mon Feb 29 10:49:38 2016] <m1dnight_> Al. Most. :>
[Mon Feb 29 10:50:34 2016] <deeglaze> m1dnight_: Ltac identifiers?
[Mon Feb 29 10:50:57 2016] <deeglaze> Proof with There. Al. Most. There... Qed.
[Mon Feb 29 10:53:41 2016] <m1dnight_> It was more an expression of my dissipating courage :D
[Mon Feb 29 10:54:15 2016] <deeglaze> That is a familiar feeling.
[Mon Feb 29 11:00:52 2016] <m1dnight_> https://www.refheap.com/115359 <- the first lemma works and executes fine. For the second lemma I get the error when I try the `reflexivity` step. The context, stack and goal are almost identical. I really don't see why it works in the first but not the second case :/
[Mon Feb 29 11:02:39 2016] <m1dnight_> The only difference is that the operand which is still a variable in the and is now in the first position and not in the second one. However, the error clearly states that it can not unify the two left hand sides (of H and goal)
[Mon Feb 29 11:02:45 2016] <m1dnight_> Why would it work in the previous lemma then.
[Mon Feb 29 11:19:24 2016] <deeglaze> m1dnight_: taking a look.
[Mon Feb 29 11:21:19 2016] <deeglaze> m1dnight_: you need to destruct b for the b && false to evaluate to false in both cases.
[Mon Feb 29 11:21:27 2016] <deeglaze> destruct b; reflexivity. will do it.
[Mon Feb 29 12:18:22 2016] <Nik05> m1dnight_ got it?
[Mon Feb 29 12:28:12 2016] <m1dnight_> Thats odd, though. Ill try that approach on the first lemma as well.
[Mon Feb 29 12:28:48 2016] <m1dnight_> Yep, worked in the first lemma as well.
[Mon Feb 29 12:28:56 2016] <m1dnight_> Well, I think I get it though.
[Mon Feb 29 12:29:06 2016] <m1dnight_> Thanks for the help already guys, really appreciate it! :)
[Mon Feb 29 12:35:35 2016] <Nik05> m1dnight_ you could proof your original by destructing on both b and c
[Mon Feb 29 12:36:05 2016] <m1dnight_> Im back at that proof now, confident as ever :D
[Mon Feb 29 12:37:21 2016] <stelleg> \
[Mon Feb 29 12:37:38 2016] <stelleg> whoops
[Mon Feb 29 12:37:42 2016] <Nik05> hello stelleg
[Mon Feb 29 12:37:48 2016] <stelleg> howdy
[Mon Feb 29 12:46:16 2016] <Nik05> Is there a notation for matching that is a little shorter?
[Mon Feb 29 12:47:11 2016] <Cypi_> If you only have one constructor, a let-in might work
[Mon Feb 29 12:47:16 2016] <Nik05> Forexample for conj there is just one contructor if i have a (H : Q ∧ P) can i write it in something like ((conj HQ HP) : Q ∧ Q)
[Mon Feb 29 12:47:31 2016] <Nik05> ah oke Cypi
[Mon Feb 29 12:53:45 2016] <m1dnight_> Ah, I think I have it. I should have written my lemma's the other way around. I.e., `forall b c: bool, c = true -> and c b = true.
[Mon Feb 29 12:53:49 2016] <m1dnight_> this is fun :>
[Mon Feb 29 12:54:02 2016] <Nik05> well thats not correct
[Mon Feb 29 12:54:53 2016] <m1dnight_> Ugh, I meant orb. Sorry
[Mon Feb 29 12:55:04 2016] <m1dnight_> I just noticed while typing it out
[Mon Feb 29 12:55:12 2016] <Nik05> you mean ∀ b c, b = true -> c = true -> andb b c = true
[Mon Feb 29 12:58:18 2016] <m1dnight_> No. I'm back at the original proof again and I have a goal `true = false` and my H = `andb true c = orb true c`. So I figured that I'd prove `b = true -> orb b c = true`, then I can rewrite my LHS to `orb true c` and use reflexivity.
[Mon Feb 29 12:59:20 2016] <Nik05> just use simpl on H
[Mon Feb 29 12:59:24 2016] <Nik05> its by definition
[Mon Feb 29 12:59:33 2016] <Nik05> andb true c = c
[Mon Feb 29 12:59:38 2016] <Nik05> and orb true c = true
[Mon Feb 29 12:59:44 2016] <m1dnight_> Oh, I thought that once it was above the bar I couldn't change it anymore
[Mon Feb 29 13:00:12 2016] <Nik05> no you can use `in` to apply a tactic on a hypothesis
[Mon Feb 29 13:07:27 2016] <m1dnight_> `andb_eq_orb is defined`
[Mon Feb 29 13:07:30 2016] <m1dnight_> SUCCES!
[Mon Feb 29 13:07:33 2016] <Nik05> :)
[Mon Feb 29 13:07:49 2016] <m1dnight_> With the simpl in H. it was actually very very easy.
[Mon Feb 29 13:11:12 2016] <Nik05> johnw are you here?
[Mon Feb 29 13:11:21 2016] <Nik05> got a question about proof objects :)
[Mon Feb 29 13:14:45 2016] <Nik05> Cypi how could i write it as a let binding?
[Mon Feb 29 13:15:33 2016] <Cypi> I'm not entirely sure what you asked for. But if you're writing directly the proof-term, you could have written: "let (HQ, HP) := H in ..."
[Mon Feb 29 13:15:48 2016] <Cypi> in a proof, using "destruct H as [HQ HP]" is probably the easiest way
[Mon Feb 29 13:16:37 2016] <Nik05> oke thank yo
[Mon Feb 29 13:18:55 2016] <Nik05> Cypi it worked, but using match gives me an error :p;
[Mon Feb 29 13:19:15 2016] <Nik05> Error: The constructor conj (in type and) expects 4 arguments.
[Mon Feb 29 13:19:27 2016] <Nik05> match HPQ with | conj HP _ =>
[Mon Feb 29 13:19:40 2016] <Nik05> let (HP, _) := HPQ in (* works just fine
[Mon Feb 29 13:20:08 2016] <Nik05> oh
[Mon Feb 29 13:27:30 2016] <stelleg> Nik05: you may be aware, but you also can use the projections proj1 and proj2 in that case
[Mon Feb 29 13:46:57 2016] <Nik05> stelleg oh thank you
[Mon Feb 29 13:48:32 2016] <Nik05> stelleg any idea why my Coq says it needs 4 arguments for conj in pattern matching?
[Mon Feb 29 13:49:02 2016] <Nik05> although when i write proj1 myself coq generates a proof using just 2 arguments
[Mon Feb 29 13:49:11 2016] <Nik05> conj_left =
[Mon Feb 29 13:49:11 2016] <Nik05> λ (P Q : Prop) (H : P ∧ Q),
[Mon Feb 29 13:49:11 2016] <Nik05> match H with
[Mon Feb 29 13:49:11 2016] <Nik05> | Init.Logic.conj H0 H1 => Init.Logic.conj H1 H0
[Mon Feb 29 13:49:15 2016] <Nik05> end
[Mon Feb 29 13:49:23 2016] <Nik05> im sorry thought it would be one line
[Mon Feb 29 13:50:36 2016] <stelleg> Nik05: yeah sorry not sure why it's asking for the type arguments, they should be implicit
[Mon Feb 29 13:51:47 2016] <johnw> Nik05: the left one should only need the indices; the right one needs anything that's not implicit
[Mon Feb 29 13:52:18 2016] <johnw> unless you're on 8.5
[Mon Feb 29 13:53:03 2016] <Nik05> lpaste not here?
[Mon Feb 29 13:53:10 2016] <Nik05> http://lpaste.net/1607022061736165376
[Mon Feb 29 13:53:20 2016] <Nik05> johnw i am on 8.5
[Mon Feb 29 13:53:30 2016] <johnw> ok, in 8.5 both sides of the => need 4 arguments
[Mon Feb 29 13:53:42 2016] <johnw> unless you turn on the backward compatability flag
[Mon Feb 29 13:54:17 2016] <johnw> "Set Asymmetric Patterns"
[Mon Feb 29 13:54:19 2016] <Nik05> http://lpaste.net/153595 johnw Coq doesnt use it
[Mon Feb 29 13:54:31 2016] <Nik05> it only uses 2 arguments
[Mon Feb 29 13:54:37 2016] <johnw> try Set Printing All before printing
[Mon Feb 29 13:54:48 2016] <johnw> what you see without Printing All is not necessarily what you need to input
[Mon Feb 29 13:54:57 2016] <Nik05> same johnw
[Mon Feb 29 13:54:57 2016] <johnw> (unfortunately)
[Mon Feb 29 13:55:01 2016] <johnw> interesting!
[Mon Feb 29 13:55:07 2016] <johnw> that could be a bug, actually
[Mon Feb 29 13:55:21 2016] <Nik05> oh oke
[Mon Feb 29 13:55:26 2016] <johnw> i'm lookign now
[Mon Feb 29 13:56:13 2016] <Nik05> johnw and when using let i can just use 2 arugments? why not 4 there as well?
[Mon Feb 29 13:56:28 2016] <stelleg> johnw: so the LHS of a pattern match has different implicitness rules than the RHS in general?
[Mon Feb 29 13:57:08 2016] <johnw> the CHANGES file for 8.5 says: "Constructors in pattern-matching patterns now respect the same rules regarding implicit arguments as in applicative position."
[Mon Feb 29 13:57:40 2016] <johnw> before, I think it was treating the constructor as if default implicits had been turned on at definition time or something
[Mon Feb 29 13:57:59 2016] <stelleg> cool
[Mon Feb 29 13:58:15 2016] <stelleg> now someone just needs to update coquille to work with 8.5 :(
[Mon Feb 29 13:58:17 2016] <johnw> Nik05: I'd report this to either the bug tracker or the mailing list; in general, whenever possible, a Print'd term should evaluate when fed back into Coq
[Mon Feb 29 13:58:26 2016] <johnw> although notations can definitely screw that up
[Mon Feb 29 13:58:43 2016] <johnw> (because a notation may make some arguments implicit that are required for type inference to work in certain situations)
[Mon Feb 29 13:59:29 2016] <Nik05> oh oke
[Mon Feb 29 14:01:34 2016] <Nik05> Definition conj_fact : forall P Q R, P /\ Q -> Q /\ R -> P /\ R := λ _ _ _ HPQ HQR, conj _ _ (proj1 _ _ HPQ) (proj2 _ _ HQR).
[Mon Feb 29 14:01:41 2016] <Nik05> So this is how to do it?
[Mon Feb 29 14:01:48 2016] <Nik05> pretty ugly with all the `_`
[Mon Feb 29 14:02:04 2016] <johnw> there are some terms that aren't often used in Gallina, but mainly only in tactics
[Mon Feb 29 14:02:19 2016] <johnw> but yeah, that's what I'd expect to see
[Mon Feb 29 14:02:22 2016] <johnw> you can always do this:
[Mon Feb 29 14:02:26 2016] <johnw> Arguments conj : default implicits.
[Mon Feb 29 14:02:28 2016] <johnw> etc.
[Mon Feb 29 14:02:36 2016] <johnw> to tell Coq to re-assign the implicit arguments
[Mon Feb 29 14:02:41 2016] <Nik05> oke
[Mon Feb 29 14:03:02 2016] <Nik05> when would you even want to use nondefault arguements in conj?
[Mon Feb 29 14:03:22 2016] <johnw> to guide type inference for surrounding code
[Mon Feb 29 14:03:32 2016] <johnw> in this case you know the types because of the return type of the function
[Mon Feb 29 14:03:35 2016] <johnw> but it's not always so clear
[Mon Feb 29 14:03:39 2016] <Nik05> oke
[Mon Feb 29 14:04:13 2016] <Nik05> and if you use default implicits, how can you override them?
[Mon Feb 29 14:06:27 2016] <johnw> the Arguments commands changes the role of arguments
[Mon Feb 29 14:06:30 2016] <johnw> and you are free to use it at any time
[Mon Feb 29 14:07:57 2016] <Nik05> thank you, will look it up in the manual
[Mon Feb 29 14:10:19 2016] <Nik05> How do i find the definition of a notation?>
[Mon Feb 29 14:10:42 2016] <johnw> I believe: LocateNotation ">>=".
[Mon Feb 29 14:10:48 2016] <Nik05> thank you johnw :)
[Mon Feb 29 14:11:00 2016] <johnw> in proof general, that's C-c C-a C-n
[Mon Feb 29 14:13:13 2016] <Nik05> sorry johnw i still need to learn EmacsOS :P
[Mon Feb 29 14:17:27 2016] <johnw> there's time :)
[Mon Feb 29 14:20:42 2016] <johnw> hmm.. "Anomaly: unknown meta ?21873. Please report."
[Mon Feb 29 14:22:03 2016] <Cypi> How did you get that? x)
[Mon Feb 29 14:22:07 2016] <Nik05> johnw 8.5?
[Mon Feb 29 14:22:13 2016] <johnw> no, 8.4pl6
[Mon Feb 29 14:22:16 2016] <Nik05> oh
[Mon Feb 29 14:25:20 2016] <Nik05> oh wow or has really nice constructor names...
[Mon Feb 29 14:26:14 2016] <Cypi> Yup, really short :-°
[Mon Feb 29 14:32:25 2016] <Nik05> (** Try to write down an explicit proof object for [or_commut] (without using [Print] to peek at the ones we already defined!). *)
[Mon Feb 29 14:32:30 2016] <Nik05> cant use Print :(
[Mon Feb 29 14:33:29 2016] <Nik05> thought it was just one pattern match with 2 cases and then apply the other constructor
[Mon Feb 29 14:33:52 2016] <Nik05> get large error with funny names ?P3@{h0:= nice names
[Mon Feb 29 14:39:27 2016] <Nik05> lpaste test
[Mon Feb 29 14:39:33 2016] <Nik05> lpaste is broken
[Mon Feb 29 14:40:10 2016] <Nik05> http://lpaste.net/153618
[Mon Feb 29 14:42:53 2016] <Nik05> Anyone a small hint on what im doing wrong?
[Mon Feb 29 14:48:13 2016] <Nik05> Oke i just used Print... but I did exactly the same thing :S
[Mon Feb 29 14:48:19 2016] <Nik05> johnw is this a bug as well?
[Mon Feb 29 14:48:52 2016] <Nik05> http://lpaste.net/5071629083993964544
[Mon Feb 29 14:49:32 2016] <johnw> no
[Mon Feb 29 14:49:39 2016] <johnw> use "fun", not "forall", to begin your definition
[Mon Feb 29 14:49:45 2016] <johnw> and change , to =>
[Mon Feb 29 14:51:11 2016] <Nik05> oh
[Mon Feb 29 14:51:18 2016] <Nik05> haha
[Mon Feb 29 14:51:35 2016] <Nik05> need a lambda ofcourse
[Mon Feb 29 14:52:25 2016] <Nik05> Error: Found a constructor of inductive type or while a constructor of Init.Logic.or is expected.
[Mon Feb 29 14:52:37 2016] <Nik05> Software Foundations is strange
[Mon Feb 29 14:52:54 2016] <Nik05> it doesnt import any libraries from Coq and I still get things like Init.Logic
[Mon Feb 29 15:09:57 2016] <johnw> there are some default imports
[Mon Feb 29 15:10:15 2016] <Nik05> oh oke
[Mon Feb 29 15:10:23 2016] <johnw> not sure why exactly
[Mon Feb 29 15:10:28 2016] <johnw> but i've noticed that too
[Mon Feb 29 15:10:34 2016] <Nik05> so i implicitly used Init.Logic.or?
[Mon Feb 29 15:10:49 2016] <johnw> maybe: try "Locate or."
[Mon Feb 29 15:11:06 2016] <Nik05> Inductive Logic.or
[Mon Feb 29 15:11:07 2016] <Nik05> Inductive Coq.Init.Logic.or
[Mon Feb 29 15:11:18 2016] <Nik05> strange
[Mon Feb 29 15:12:01 2016] <Nik05> so its both in Logic.v and Coq.Init.Logic
[Mon Feb 29 15:12:16 2016] <johnw> ah, maybe that's how it came in
[Mon Feb 29 15:12:25 2016] <Nik05> oh i know why...
[Mon Feb 29 15:12:34 2016] <Nik05> Coq.Unicode.Utf8
[Mon Feb 29 15:18:13 2016] <Nik05> johnw so when i use ∨ ∧ etc im using the Coq. or and and...
[Mon Feb 29 15:18:24 2016] <johnw> ah
[Mon Feb 29 15:18:27 2016] <johnw> that makes sense
[Mon Feb 29 15:18:36 2016] <johnw> so it's not a default import thing then
[Mon Feb 29 15:18:44 2016] <Nik05> let me check
[Mon Feb 29 15:18:59 2016] <Nik05> not sure
[Mon Feb 29 15:20:13 2016] <Nik05> johnw when I execute Locate or in an empty document it still finds Inductive Coq.Init.Logic.or
[Mon Feb 29 15:20:27 2016] <johnw> :(
[Mon Feb 29 15:20:39 2016] <johnw> i wonder if that can be disabled
[Mon Feb 29 15:27:35 2016] <Nik05> -q
[Mon Feb 29 15:27:36 2016] <Nik05> Do not to load the default resource file.
[Mon Feb 29 15:27:42 2016] <Nik05> could that be it johnw ?
[Mon Feb 29 15:27:51 2016] <johnw> maybe!
[Mon Feb 29 15:27:57 2016] <johnw> i've never researched how to actually disable it
[Mon Feb 29 15:30:23 2016] <johnw> jgross: ping
[Mon Feb 29 15:31:23 2016] <Nik05> lpaste ping
[Mon Feb 29 15:31:28 2016] <Nik05> all broken
[Mon Feb 29 15:32:05 2016] <johnw> dada
[Mon Feb 29 15:32:06 2016] <johnw> haha
[Mon Feb 29 16:26:14 2016] <jgross> johnw: pong 
[Mon Feb 29 16:36:15 2016] <johnw> jgross: one sec, on phone
[Mon Feb 29 17:08:08 2016] <johnw> jgross: I'm back, if you're still here
[Mon Feb 29 17:09:58 2016] <benzrf> ghhghh i went and decided it would be a good idea to try implementing the CoC from scratch
[Mon Feb 29 17:10:09 2016] <johnw> benzrf: in what language/theory?
[Mon Feb 29 17:10:18 2016] <benzrf> purescript
[Mon Feb 29 17:10:32 2016] <johnw> having fun writing a dependent type checker?
[Mon Feb 29 17:10:45 2016] <benzrf> then about 20 lines in i decided to implement the checking logic in prolog to make sure i understood how it worked
[Mon Feb 29 17:10:56 2016] <johnw> ooh, yak recursion
[Mon Feb 29 17:11:23 2016] <benzrf> did i mention that when starting out i decided that i wouldn't use de bruijn indices this time around, it would be nice to just use variables again for the first time in years
[Mon Feb 29 17:11:28 2016] <benzrf> fml
[Mon Feb 29 17:13:36 2016] <benzrf> * goes back and uses some fucking indices
[Mon Feb 29 17:13:45 2016] <benzrf> of course then it's complicated by using names for globals and stuff
[Mon Feb 29 17:13:47 2016] <benzrf> gaaaah
[Mon Feb 29 17:15:21 2016] <benzrf> johnw: what's the practical purpose of having both P and T
[Mon Feb 29 17:16:30 2016] <johnw> I have no clue what P and T are
[Mon Feb 29 17:16:58 2016] <benzrf> Prop and Type*
[Mon Feb 29 17:17:55 2016] <benzrf> i can never remember this shit
[Mon Feb 29 17:17:57 2016] <benzrf> >.>
[Mon Feb 29 17:18:38 2016] <johnw> read CPDT
[Mon Feb 29 17:18:48 2016] <johnw> it goes into great thing in describing the difference, and why they exist
[Mon Feb 29 17:18:53 2016] <johnw> s/thing/length
[Mon Feb 29 17:19:03 2016] <benzrf> bah
[Mon Feb 29 17:19:16 2016] <benzrf> well, are they relevant to CoC without inductive decls
[Mon Feb 29 17:19:43 2016] <notdan> yeah
[Mon Feb 29 17:19:48 2016] <benzrf> how so?
[Mon Feb 29 17:20:21 2016] <notdan> Prop is an impredicative type for propositions, and Type is for everything else
[Mon Feb 29 17:20:24 2016] <notdan> sort of
[Mon Feb 29 17:20:32 2016] <notdan> hm i think i read something nice about this topic recently
[Mon Feb 29 17:23:03 2016] <notdan> but yeah i think this is the gist
[Mon Feb 29 17:24:28 2016] <benzrf> i mean
[Mon Feb 29 17:24:32 2016] <benzrf> what's the *practical* purpose
[Mon Feb 29 17:24:36 2016] <benzrf> what does it change, in practice
[Mon Feb 29 17:24:55 2016] <johnw> impredicative prop is what allows (P Q : Prop), (P \/ Q) /\ (Q \/ P)
[Mon Feb 29 17:25:19 2016] <notdan> well it means you can define certain connectives in terms of others
[Mon Feb 29 17:25:20 2016] <johnw> it's a convenience for keeping proofs within Prop, even if they refer to other proofs
[Mon Feb 29 17:25:29 2016] <notdan> i think thats how it was done in coc
[Mon Feb 29 17:25:55 2016] <benzrf> johnw: oh
[Mon Feb 29 17:26:28 2016] <benzrf> the formulation on wikipedia seems to only have one Type instead of a hierarchy:
[Mon Feb 29 17:26:32 2016] <benzrf> https://en.wikipedia.org/wiki/Calculus_of_constructions
[Mon Feb 29 17:26:41 2016] <notdan> johnw: why do you need an impredicative prop for that?
[Mon Feb 29 17:27:02 2016] <johnw> notdan: oh, maybe I don't need it for that...
[Mon Feb 29 17:27:08 2016] <johnw> anyway, CPDT goes into depth on this exact subject
[Mon Feb 29 17:27:12 2016] <johnw> so no reason to repeat it all here
[Mon Feb 29 17:27:16 2016] <benzrf> aw
[Mon Feb 29 17:27:41 2016] <benzrf> in a functional language what's the best approach to doing type checking, given that type systems are given as deductive rules
[Mon Feb 29 17:28:01 2016] <benzrf> er, by "best approach" i mean what type signatures should i be trying to implement
[Mon Feb 29 17:28:20 2016] <benzrf> hasType :: Context -> Term -> Term -> Bool?
[Mon Feb 29 17:28:28 2016] <benzrf> typeOf :: Context -> Term -> Term?
[Mon Feb 29 17:28:33 2016] <notdan> Ctx -> Term -> Type -> m Bool?
[Mon Feb 29 17:28:44 2016] <notdan> i mean it depends on what algorithm are you using really
[Mon Feb 29 17:28:54 2016] <benzrf> i don't know any algorithms :>
[Mon Feb 29 17:29:02 2016] <notdan> in bi-directional type checking you need both of those functions
[Mon Feb 29 17:29:07 2016] <benzrf> ;-;
[Mon Feb 29 17:29:10 2016] <notdan> one sec
[Mon Feb 29 17:29:29 2016] <notdan> http://www.cs.cmu.edu/~fp/courses/15312-f04/handouts/15-bidirectional.pdf
[Mon Feb 29 17:29:32 2016] <benzrf> also, where can i find a proper complete formulation of the CoC
[Mon Feb 29 17:30:08 2016] <notdan> that's a harder question :)
[Mon Feb 29 17:30:22 2016] <benzrf> * rests his head in his hands
[Mon Feb 29 17:30:28 2016] <benzrf> I JUST WANTED TO WRITE A RIGOROUS CAS
[Mon Feb 29 17:31:43 2016] <stelleg> the original CoC paper is linked from the wikipedia page, but it doesn't include inductive types, and is behind a paywall I think
[Mon Feb 29 17:31:49 2016] <stelleg> http://www.sciencedirect.com/science/article/pii/0890540188900053
[Mon Feb 29 17:31:57 2016] <benzrf> :\
[Mon Feb 29 17:31:58 2016] <Nik05> i can get it for you
[Mon Feb 29 17:32:02 2016] <benzrf> i don't need/want inductive types
[Mon Feb 29 17:32:25 2016] <benzrf> i'd just like a clean presentation of the basic CoC in full precision
[Mon Feb 29 17:32:27 2016] <notdan> http://www.cse.chalmers.se/~coquand/meta.pdf here's another one
[Mon Feb 29 17:32:34 2016] <Nik05> stelleg you can download it from sceincedirect right?
[Mon Feb 29 17:32:42 2016] <notdan> but the one stelleg linked to might be more consice
[Mon Feb 29 17:33:05 2016] <stelleg> Nik05: yeah I have a copy if someone wants it
[Mon Feb 29 17:33:45 2016] <stelleg> it also doesn't have a universe heirarchy in that presentation
[Mon Feb 29 17:33:55 2016] <Nik05> stelleg doesnt look like its behind a wall
[Mon Feb 29 17:34:03 2016] <Nik05> or maybe its because im already logged in
[Mon Feb 29 17:36:00 2016] <benzrf> maybe i'll try using "pure type system"
[Mon Feb 29 17:36:36 2016] <stelleg> benzrf: if you're wanting to implement a simple dependent type system theres this: http://strictlypositive.org/Easy.pdf
[Mon Feb 29 17:37:08 2016] <benzrf> ty :)
[Mon Feb 29 17:37:15 2016] <stelleg> it's quite close to the CoC
[Mon Feb 29 17:37:53 2016] <benzrf> side note:
[Mon Feb 29 17:37:58 2016] <benzrf> i'm looking at this page: https://ncatlab.org/nlab/show/pure+type+system
[Mon Feb 29 17:38:13 2016] <benzrf> it says CoC has (□,□)
[Mon Feb 29 17:38:19 2016] <benzrf> but doesn't that give Type-in-Type?
[Mon Feb 29 17:38:48 2016] <benzrf> oh, wait
[Mon Feb 29 17:38:51 2016] <benzrf> never mind >.<
[Mon Feb 29 17:42:18 2016] <stelleg> Nik05: I assumed it was behind a wall because my institution shows in the upper right
[Mon Feb 29 17:42:31 2016] <stelleg> could be wrong though
[Mon Feb 29 17:42:58 2016] <Nik05> stelleg im not logged in right now, and i can just download it :)
[Mon Feb 29 17:43:11 2016] <stelleg> cool, glad to hear it
[Mon Feb 29 17:43:14 2016] <stelleg> its a good paper :)
[Mon Feb 29 17:49:45 2016] <Nik05> johnw didnt you say yesterday that you get "simpl" for free in proof objects?
[Mon Feb 29 17:50:40 2016] <Nik05> but why do we not get simpl free when using tactics?
[Mon Feb 29 17:52:08 2016] <stelleg> you do with some tactics, but I think you have to be careful because evaluation can explode the tactic search space
[Mon Feb 29 17:52:16 2016] <stelleg> johnw please correct me if that's wrong
[Mon Feb 29 17:54:19 2016] <stelleg> so I think you "get it for free", but don't want to use it in a lot of cases because it won't help and can actually hurt
[Mon Feb 29 17:54:31 2016] <Nik05> oh oke
[Mon Feb 29 18:02:13 2016] <stelleg> again that could be wrong, so if someone knows better than I please correct me
[Mon Feb 29 18:04:28 2016] <johnw> I don't think it's "for free" either
[Mon Feb 29 18:04:31 2016] <johnw> not sure when I might have said that...
[Mon Feb 29 18:04:40 2016] <Nik05> oh maybe it was jrw
[Mon Feb 29 18:05:25 2016] <stelleg> I just presumed that meant "without having to prove termination"
[Mon Feb 29 18:41:16 2016] <jrw> Nik05: I said that, yeah
[Mon Feb 29 18:41:25 2016] <Nik05> ah hello jrw
[Mon Feb 29 18:44:51 2016] <jrw> Nik05: so I'm not exactly sure what you mean by not getting it for free in tactics. it sort of boils down to syntax vs semantics. many tactics work by looking fairly naively at the syntax of the context and goal.
[Mon Feb 29 18:46:11 2016] <Nik05> but if the underlying system can workout the simplifications, why cant it do that as well for tactics?
[Mon Feb 29 18:46:43 2016] <jrw> well so it's an issue of partial proof/proof search vs checking a complete proof
[Mon Feb 29 18:47:13 2016] <jrw> tactics are generally alergic to normalizing everything because things blow up
[Mon Feb 29 18:47:29 2016] <jrw> so they avoid simplifying things
[Mon Feb 29 18:48:45 2016] <jrw> also there's the issue of partial computation. so if I have a goal G that normalizes to Gn, but there's some intermediate state Gi that I want to apply a rewrite to, that's very hard
[Mon Feb 29 18:49:24 2016] <Nik05> Oké i think i get it
[Mon Feb 29 18:49:57 2016] <Nik05> simpl altough its called simpl[ify] doesn't simplify most of the time
[Mon Feb 29 18:50:45 2016] <Nik05> and with using proof object you can give the type checker the type you want it simplified to but with tactics this isnt possible
[Mon Feb 29 18:51:06 2016] <Nik05> no idea if this makes any sense but im my head it does :)
[Mon Feb 29 18:52:30 2016] <jrw> that sounds roughly right
[Mon Feb 29 23:28:40 2016] <benzrf> hmmmmmm
[Mon Feb 29 23:28:52 2016] <benzrf> am i reading this right: https://ncatlab.org/nlab/show/pure+type+system
[Mon Feb 29 23:29:00 2016] <benzrf> cause
[Mon Feb 29 23:29:16 2016] <benzrf> it looks to me like if you have "x : Type" in your context, you can't conclude x : Type
[Mon Feb 29 23:29:26 2016] <benzrf> b/c Type is not a well-typed term
[Tue Mar  1 01:14:01 2016] <benzrf> > hasType Data.StrMap.empty (App (App leibRefl pnat') (peano 3)) (App (App (App leib pnat') (App (App peanoAdd (peano 1)) (peano 2))) (App (App peanoAdd (peano 2)) (peano 1)))
[Tue Mar  1 01:14:03 2016] <benzrf> true
[Tue Mar  1 01:14:06 2016] <benzrf> this is kind of working c=
[Tue Mar  1 01:17:21 2016] <benzrf> also i shouldve named that 'church' rather than 'peano' :I
[Tue Mar  1 08:27:18 2016] <benzrf> hello, anyone there?
[Tue Mar  1 08:27:20 2016] <benzrf> johnw, jgross?
[Tue Mar  1 08:27:23 2016] <benzrf> :>
[Tue Mar  1 08:34:46 2016] <benzrf> putting my question out there: in the vanilla CoC, am i supposed to not be able to define things with a type like ((Prop -> Prop) -> Prop)
[Tue Mar  1 08:35:28 2016] <benzrf> er, hold on
[Tue Mar  1 08:37:39 2016] <benzrf> god dammit now i've lost track of what my problem was :(
[Tue Mar  1 08:38:08 2016] <benzrf> ok got it
[Tue Mar  1 08:38:57 2016] <benzrf> it seems that I can't type things like (Type -> whatever), because i can only type a variable if i can type its type, and Type is untypeable in vanilla CoC... as far as I can tell?
[Tue Mar  1 08:39:29 2016] <benzrf> but this seems to be a problem, because then I can't use a church boolean to pick a Prop, which i need to do fun things like proving that false <> true
[Tue Mar  1 08:40:09 2016] <benzrf> or rather, i can do that if i make non-polymorphic church bools that pick out Props only, but then I can't prove false <> true for ordinary ones
[Tue Mar  1 08:49:49 2016] <notdan> benzrf: what do you mean by using a "Church boolean to pick a Prop"?
[Tue Mar  1 08:50:05 2016] <notdan> Also what do you mean by Type is untypable?
[Tue Mar  1 09:49:56 2016] <johnw> benzrf: are you lacking universes?
[Tue Mar  1 10:13:08 2016] <benzrf> johnw: yeah
[Tue Mar  1 10:13:17 2016] <benzrf> i'm going off the definition of CoC that uses just P and T
[Tue Mar  1 10:13:40 2016] <benzrf> equivalently, the one that you get by using a pure type system with * and [] and... etc
[Tue Mar  1 10:13:45 2016] <benzrf> er, just * and []
[Tue Mar  1 11:24:27 2016] <benzrf> johnw: any further comment :I?
[Tue Mar  1 13:52:12 2016] <jrw> benzrf: I don't really know what I'm talking about, but my understanding is that in the PTS presentation of vanila CoC, Type is not something you really use in the term language. it's just there so that Prop can be used in the term language.
[Tue Mar  1 13:53:18 2016] <jrw> so you shouldn't really think of Prop in that presentation of CoC as irrelevant or erasable. instead, everything is in Prop.
[Tue Mar  1 14:07:51 2016] <tbelaire1> I have an induction principle for Classes, which I've proven, but because it destructs a proof term, it only works on propositions
[Tue Mar  1 14:08:00 2016] <tbelaire1> I would like to define computations in terms of it
[Tue Mar  1 14:08:24 2016] <tbelaire1> so I'm attempting to just change the proof term's definition so that it's in Set
[Tue Mar  1 14:08:33 2016] <tbelaire1> Does that sound reasonable?
[Tue Mar  1 14:08:55 2016] <tbelaire1> And how do I keep the same default names?
[Tue Mar  1 14:09:25 2016] <johnw> i don't think you can, without explicit naming
[Tue Mar  1 14:09:45 2016] <tbelaire1> When ok_type C : Prop, whenever I intros. it, it start with an H.  Now that it is in Set, I get "o"
[Tue Mar  1 14:09:52 2016] <tbelaire1> and I don't want to have to fix all the proofs
[Tue Mar  1 14:09:57 2016] <johnw> yep
[Tue Mar  1 14:11:12 2016] <tbelaire1> sigh
[Tue Mar  1 14:14:34 2016] <tbelaire1> How about changing my computations to be prolog style?  Instead of lineage CT C = [A;B;C], write "lineage' CT C [A;B;C]" holds?
[Tue Mar  1 14:14:48 2016] <tbelaire1> so I can define it in terms of the induction principle?
[Tue Mar  1 15:06:58 2016] <johnw> tbelaire1: I don't really understand what you mean
[Tue Mar  1 15:07:04 2016] <johnw> who's induction principle?
[Tue Mar  1 15:59:42 2016] <benzrf> jrw: yeah, that's the impression i've gotten
[Tue Mar  1 15:59:59 2016] <benzrf> the problem is that anything that returns a Prop is in Type, and then you lose the ability to pass it around
[Tue Mar  1 16:01:28 2016] <tbelaire1> johnw: in essence, if P Object, and (Extends C D -> P D -> P C), then P C
[Tue Mar  1 16:02:10 2016] <tbelaire1> so I can use the chains of subclassing that end on Object to prove things about all classes
[Tue Mar  1 16:05:47 2016] <stelleg> does anyone ever have issues with the induction tactic?
[Tue Mar  1 16:06:21 2016] <stelleg> i have a case where the induction principle looks correct, and inversion will give me something that looks good for the non-recursive references, but induction gives me garbage
[Tue Mar  1 16:07:21 2016] <tbelaire> You can see what the induction principle for a type is by addending _ind to it's name
[Tue Mar  1 16:07:35 2016] <benzrf> stelleg: could it be an issue of indices vs arguments?
[Tue Mar  1 16:07:45 2016] <stelleg> tbelaire: yeah I've done that, and it looks right to me
[Tue Mar  1 16:07:47 2016] <tbelaire> so, for lists, you can check with Check list_ind.
[Tue Mar  1 16:07:49 2016] <tbelaire> dang
[Tue Mar  1 16:07:54 2016] <stelleg> thanks though
[Tue Mar  1 16:08:18 2016] <stelleg> benzrf: hm, maybe. I don't know anything about indices
[Tue Mar  1 16:10:04 2016] <stelleg> i see "indices" used in the coq reference, but not defined
[Tue Mar  1 16:11:38 2016] <benzrf> stelleg: when you do an inductive definition
[Tue Mar  1 16:11:51 2016] <benzrf> indices are parameters of the type that are declared to the left of the :
[Tue Mar  1 16:12:02 2016] <stelleg> benzrf: ah, thanks!
[Tue Mar  1 16:12:04 2016] <benzrf> they behave differently from arguments declared on the right
[Tue Mar  1 16:12:13 2016] <benzrf> e.g.
[Tue Mar  1 16:12:31 2016] <benzrf> Inductive Foo (A : Type) : nat -> Type
[Tue Mar  1 16:12:59 2016] <benzrf>                ^index        ^argument
[Tue Mar  1 16:13:07 2016] <stelleg> good to know, thanks
[Tue Mar  1 16:13:14 2016] <benzrf> ya
[Tue Mar  1 16:57:00 2016] <benzrf> bleh
[Tue Mar  1 16:57:07 2016] <benzrf> i just tried to write 'match ... with' in purescript :x
[Tue Mar  1 16:57:52 2016] <stelleg> hah, I have the same problem switching between haskell and coq
[Tue Mar  1 16:57:58 2016] <johnw> benzrf: I think it's ^parameter ^index
[Tue Mar  1 16:58:21 2016] <stelleg> is there a way around the variable scoping issue for apply t with (y:=...) where y is in scope?
[Tue Mar  1 16:58:42 2016] <rrika> has matching changed in the latest version of coq?
[Tue Mar  1 16:58:47 2016] <benzrf> johnw: shit, is it?
[Tue Mar  1 16:58:50 2016] <benzrf> >_
[Tue Mar  1 16:58:52 2016] <benzrf> >_<
[Tue Mar  1 16:59:27 2016] <benzrf> god dammit
[Tue Mar  1 16:59:31 2016] <benzrf> how do i keep getting this wrong
[Tue Mar  1 16:59:42 2016] <benzrf> PARAMETERS are PARAMETRIC
[Tue Mar  1 16:59:46 2016] <benzrf> i should be able to remember that
[Tue Mar  1 17:03:41 2016] <stelleg> http://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Tue Mar  1 17:22:28 2016] <tbelaire> How do you work backwards from equalities
[Tue Mar  1 17:22:34 2016] <tbelaire> I want to show that C = D
[Tue Mar  1 17:23:07 2016] <tbelaire> and I have C :: xs = lineage D, and head (lineage D) = D
[Tue Mar  1 17:23:20 2016] <tbelaire> I can't seem to put the pieces together
[Tue Mar  1 17:23:39 2016] <tbelaire> Is there a way to map `head` over both halves of an equality?
[Tue Mar  1 17:23:43 2016] <Cypi> You can probably "destruct (lineage D)" first, since you need to chop the head off "lineage D"
[Tue Mar  1 17:23:56 2016] <johnw> tbelaire: usually "congruence" solves those
[Tue Mar  1 17:24:16 2016] <johnw> though you may need the destruct first, as Cypi said
[Tue Mar  1 17:24:36 2016] <tbelaire> destructing requies induciton over another parameter (that I didn't show)
[Tue Mar  1 17:24:48 2016] <tbelaire> in a really ugly way
[Tue Mar  1 17:25:02 2016] <tbelaire> lineage is basically doing a lookup in a linear table
[Tue Mar  1 17:25:04 2016] <Cypi> Or maybe you can just use "C :: xs = lineage D" to rewrite in "head (lineage D) = D" actually
[Tue Mar  1 17:25:12 2016] <benzrf> tbelaire: rewrite <- equality1 in equality2
[Tue Mar  1 17:25:16 2016] <benzrf> simpl in equality2
[Tue Mar  1 17:25:17 2016] <benzrf> :)
[Tue Mar  1 17:25:55 2016] <tbelaire> I need to go from C :: xs = lineage D to head (C :: xs) = head (lineage D(
[Tue Mar  1 17:25:57 2016] <tbelaire> ))
[Tue Mar  1 17:26:06 2016] <tbelaire> which is totally true
[Tue Mar  1 17:26:11 2016] <tbelaire> is that a list theorem?
[Tue Mar  1 17:26:22 2016] <tbelaire> I didn't see in on https://coq.inria.fr/distrib/current/stdlib/Coq.Lists.List.html
[Tue Mar  1 17:26:35 2016] <benzrf> f_equal,
[Tue Mar  1 17:26:40 2016] <benzrf> but i already told you one approach :o
[Tue Mar  1 17:27:00 2016] <benzrf> f_equal head in the_equality
[Tue Mar  1 17:28:49 2016] <tbelaire> oh
[Tue Mar  1 17:28:53 2016] <tbelaire> I didn't understand
[Tue Mar  1 17:29:00 2016] <tbelaire> oh
[Tue Mar  1 17:29:04 2016] <tbelaire> that's much more general
[Tue Mar  1 17:29:10 2016] <tbelaire> oh, yeah, that's great okay
[Tue Mar  1 17:29:22 2016] <tbelaire> I guess that didn't actually have anything to do wiht lists
[Tue Mar  1 17:42:32 2016] <benzrf> :)
[Tue Mar  1 17:42:49 2016] <benzrf> i used coq on and off for several months before finding out about f_equal
[Tue Mar  1 17:42:56 2016] <benzrf> and i'd /looked/ a few times
[Tue Mar  1 17:43:08 2016] <johnw> :)
[Tue Mar  1 17:43:09 2016] <benzrf> er, looked for something that does what f_equal does, i mean
[Tue Mar  1 17:43:25 2016] <johnw> I use f_equal pretty often
[Tue Mar  1 17:43:26 2016] <benzrf> actually maybe it was more like a year, but "on and off" was mostly off
[Tue Mar  1 17:43:45 2016] <johnw> benzrf: there's also f_equiv
[Tue Mar  1 17:44:05 2016] <benzrf> right now im busy in another window implementing f_equal by writing out a proof term by hand as its AST in purescript
[Tue Mar  1 17:44:08 2016] <benzrf> ~fun~
[Tue Mar  1 17:44:26 2016] <benzrf> i *think* i finally got it to work
[Tue Mar  1 17:44:31 2016] <benzrf> it typechecked anyway
[Tue Mar  1 17:48:20 2016] <benzrf> WOO
[Tue Mar  1 17:48:21 2016] <benzrf> > has f_equal $ Pi "A" Small $ Pi "B" Small $ Pi "f" (Var "A" `arr` Var "B") $ Pi "x" (Var "A") $ Pi "y" (Var "A") $ (leib `App` Var "A" `App` Var "x" `App` Var "y") `arr` (leib `App` Var "B" `App` (Var "f" `App` Var "x") `App` (Var "f" `App` Var "y"))
[Tue Mar  1 17:48:23 2016] <benzrf> true
[Tue Mar  1 17:49:02 2016] <benzrf> welp, time to scrap my hacky-ass CoC implementation and read up on how to do it nonterribly
[Tue Mar  1 17:49:04 2016] <Cypi> There are probably more readable ways of proving that :-°
[Tue Mar  1 17:49:11 2016] <benzrf> Cypi: that's not the proof, silly
[Tue Mar  1 17:49:16 2016] <benzrf> here's the proof:
[Tue Mar  1 17:49:17 2016] <Cypi> Oh, sorry :D
[Tue Mar  1 17:49:18 2016] <benzrf> let f_equal = Abs "A" Small $ Abs "B" Small $ Abs "f" (Var "A" `arr` Var "B") $ Abs "x" (Var "A") $ Abs "y" (Var "A") $ Abs "e" (App (App (App leib (Var "A")) (Var "x")) (Var "y")) $ App (App (Var "e") (Abs "z" (Var "A") (App (App (App leib (Var "B")) (App (Var "f") (Var "x"))) (App (Var "f") (Var "z"))))) (App (App leibRefl (Var "B")) (App (Var "f") (Var "x")))
[Tue Mar  1 17:49:22 2016] <Cypi> That's better
[Tue Mar  1 18:22:27 2016] <johnw> jgross: ping
[Tue Mar  1 18:35:56 2016] <jgross> johnw: pong, but I'm disappearing pretty soon 
[Tue Mar  1 18:36:05 2016] <johnw> query jgross
[Tue Mar  1 21:05:51 2016] <tswett> So I realized just the other day that you can't really construct free groups in Coq (without any axioms).
[Tue Mar  1 21:07:02 2016] <tswett> If you want to perform the free group construction without normalizing the elements, you need equivalence classes. If you want to perform the free group construction with normalizing the elements, you need decidable equality.
[Tue Mar  1 21:16:29 2016] <tswett> Unrelated...
[Tue Mar  1 21:17:01 2016] <tswett> I can't quite figure out how to get a Coq project with modules working.
[Tue Mar  1 21:18:10 2016] <tswett> Does my project have to have a name for me to stick onto the beginning of all my module paths?
[Tue Mar  1 21:18:39 2016] <tswett> And if so, do my .v files have to be in a directory of the same name?
[Tue Mar  1 21:23:22 2016] <arvisrend> hmm free commutative monoids should have the same problem, right?
[Tue Mar  1 21:23:43 2016] <arvisrend> seems that only free monoids avoid it, due to lists being somehow hard-coded in the inductive definition system
[Tue Mar  1 21:27:06 2016] <tswett> Yeah, same problem. I can't imagine that monoids are the *only* algebraic structure without that problem...
[Tue Mar  1 21:27:09 2016] <tswett> (Well, the only common one.)
[Tue Mar  1 21:28:59 2016] <tswett> I guess commutativity and inverses both introduce the problem. Monoids have both of the "usual" axioms that avoid the problem: associativity and identity.
[Tue Mar  1 21:31:52 2016] <tswett> But you can do free categories.
[Tue Mar  1 21:33:32 2016] <tswett> I figured out the modules thing, by the way. I am not specifying a name for the project, and I'm sticking "Top." onto the beginning of all my module paths.
[Tue Mar  1 23:57:52 2016] <benzrf> is it possible to prove [true <> false] in the CoC with only Prop and Type, where true and false are polymorphic church bools?
[Tue Mar  1 23:58:06 2016] <benzrf> er, and with leibniz equality, and false is forall A : Prop, A
[Wed Mar  2 00:02:50 2016] <jrw> benzrf: so your CoC has equality built in?
[Wed Mar  2 00:02:55 2016] <benzrf> no
[Wed Mar  2 00:02:59 2016] <benzrf> leibniz eq
[Wed Mar  2 00:03:21 2016] <benzrf> leib = Abs "A" Small $ Abs "x" (Var "A") $ Abs "y" (Var "A") $ Pi "P" (Var "A" `arr` Small) $ App (Var "P") (Var "x") `arr` App (Var "P") (Var "y")
[Wed Mar  2 00:04:23 2016] <jrw> ah ok church encoding of eq
[Wed Mar  2 00:05:17 2016] <jrw> benzrf: what is Small?
[Wed Mar  2 00:05:38 2016] <benzrf> Prop
[Wed Mar  2 00:05:41 2016] <jrw> ok
[Wed Mar  2 00:05:50 2016] <benzrf> I called Prop and Type "Small" and "Large"
[Wed Mar  2 00:05:56 2016] <jrw> sounds good
[Wed Mar  2 00:05:58 2016] <benzrf> since Prop and Type are not reflective names in this context
[Wed Mar  2 00:06:03 2016] <jrw> yes I think it should be possible
[Wed Mar  2 00:07:16 2016] <benzrf> i cant figure out how
[Wed Mar  2 00:07:32 2016] <jrw> benzrf: what's your encoding of bool?
[Wed Mar  2 00:07:45 2016] <jrw> ah yeah, this is tough without builtin bool
[Wed Mar  2 00:07:53 2016] <jrw> church bools won't cut it
[Wed Mar  2 00:08:01 2016] <jrw> you need the dependent eliminator
[Wed Mar  2 00:08:04 2016] <benzrf> :(
[Wed Mar  2 00:09:20 2016] <jrw> well, hm let me think
[Wed Mar  2 00:09:27 2016] <benzrf> honestly i have to sleep
[Wed Mar  2 00:09:31 2016] <jrw> :) ok
[Wed Mar  2 00:09:33 2016] <benzrf> perhaps you're not in EST, but it's just past midnight
[Wed Mar  2 00:09:38 2016] <benzrf> ty for looking though!
[Wed Mar  2 00:09:38 2016] <jrw> PST here
[Wed Mar  2 00:09:45 2016] <jrw> I'll ping you tomorrow
[Wed Mar  2 00:09:51 2016] <benzrf> ty
[Wed Mar  2 00:09:55 2016] <benzrf> see you
[Wed Mar  2 00:10:06 2016] <Cypi> I'm not sure, maybe I did not understand anything, but would that satisfy you benzrf? http://lpaste.net/153843
[Wed Mar  2 00:10:09 2016] <Cypi> Oops, too late
[Wed Mar  2 00:11:01 2016] <jrw> the usual proof is something like: \H : true = false. eq_elim bool (\z:bool. if z then True else False) true tt false H.
[Wed Mar  2 00:11:51 2016] <jrw> Cypi: that looks right to me
[Wed Mar  2 10:46:53 2016] <tswett> I'm pondering whether or not I want to admit uniqueness of identity proofs as an axiom.
[Wed Mar  2 10:48:29 2016] <tswett> On the one hand, my original plan here was to use no axioms. Doing it all without axioms seems a lot more interesting and educational.
[Wed Mar  2 10:50:19 2016] <tswett> On the other paw, proving equalities between equalities sounds like it could be a huge headache.
[Wed Mar  2 10:54:30 2016] <tswett> I dunno. I think I'll try going without it for a while... but it's going to be tough, isn't it?
[Wed Mar  2 15:23:12 2016] <johnw> how do I define things in a module such that clients of the module can never see them?  I remember seeing code that did this using an "exports" section, but I can't find that reference anymore
[Wed Mar  2 15:29:43 2016] <johnw> ah, Programs and Proofs uses this
[Wed Mar  2 18:20:33 2016] <spacekitteh> hey so uh, how do i debug plugins with ocamldebug?
[Wed Mar  2 18:20:46 2016] <spacekitteh> i can't set breakpoints
[Wed Mar  2 18:20:48 2016] <spacekitteh> etc
[Wed Mar  2 18:23:31 2016] <Chouhartem> if it typechecks, it's correct
[Wed Mar  2 18:24:41 2016] <spacekitteh> Chouhartem: are you talking to me?
[Wed Mar  2 18:28:26 2016] <Cypi> spacekitteh : the way I did it is to create a custom coqtop by using coqmktop, and adding the files of your plugin
[Wed Mar  2 18:28:36 2016] <spacekitteh> hmmm
[Wed Mar  2 18:35:51 2016] <spacekitteh> i don't think coqmktop is working. keeps complaining about now finding threads.cma
[Wed Mar  2 18:38:11 2016] <spacekitteh> not*
[Wed Mar  2 19:11:13 2016] <spacekitteh> the commands in the reference manual for coqmktop don't work :<
[Wed Mar  2 19:14:17 2016] <rrika> someone here said they were doing something with 'fiat'
[Wed Mar  2 19:14:27 2016] <rrika> I tried downloading it and running make
[Wed Mar  2 19:14:45 2016] <rrika> it spends 15+minutes on examples/Bookstore.v
[Wed Mar  2 19:14:49 2016] <rrika> is that normal?
[Wed Mar  2 19:56:20 2016] <johnw> hi
[Wed Mar  2 19:56:32 2016] <johnw> rrika: depends on your machine
[Wed Mar  2 19:56:44 2016] <johnw> it doesn't take 15 mins to build for me, I don't think
[Wed Mar  2 20:02:59 2016] <tswett> I'm gonna go ahead and use UIP. I'm trying to study categories and groups and whatnot, not higher categories and higher groups and whatnot.
[Wed Mar  2 20:03:40 2016] <johnw> tswett: I'd first read the CPDT section that discusses UIP
[Wed Mar  2 20:03:56 2016] <johnw> and how Adam avoids axioms in same cases that would use it
[Wed Mar  2 20:16:54 2016] <tswett> Note that I'm planning on having a lot of things be opaque.
[Wed Mar  2 20:18:17 2016] <tswett> My implementation of free monoids, for instance. The FreeMonoid type will, of course, have a definition, but I'm not going to allow the definition to be used outside of that module.
[Wed Mar  2 20:18:50 2016] <tswett> Of course, that means that you can't use the definition of the identity and multiplication operations, either.
[Wed Mar  2 20:37:38 2016] <johnw> I'd be interested to learn how you achieve your abstraction
[Wed Mar  2 21:53:36 2016] <spacekitteh> anyone got any ideas on how to debug a plugin?
[Wed Mar  2 21:53:46 2016] <spacekitteh> * is trying to make the haskell code extraction better
[Wed Mar  2 23:35:12 2016] <spacekitteh> anyone know how? :(
[Wed Mar  2 23:47:38 2016] <johnw> spacekitteh: oh cool, what have you tried?
[Wed Mar  2 23:47:45 2016] <johnw> I would like to improve Haskell extraction as well
[Wed Mar  2 23:48:08 2016] <spacekitteh> johnw: i'm trying to make extraction of typeclasses better, for starters
[Wed Mar  2 23:48:23 2016] <johnw> better?  you mean it exists at all?
[Wed Mar  2 23:48:26 2016] <spacekitteh> but i can't figure out the right combination of type variables etc to print out
[Wed Mar  2 23:48:35 2016] <spacekitteh> it exists in that it extracts dictionaries as datastructures
[Wed Mar  2 23:48:55 2016] <spacekitteh> so you can use typeclasses in coq but it won't create typeclasses in haskell
[Wed Mar  2 23:49:11 2016] <johnw> right
[Wed Mar  2 23:49:16 2016] <johnw> it's doing what Haskell is doing behind the scenes
[Wed Mar  2 23:49:27 2016] <johnw> which makes sense, since instance resolution isn't exactly the same
[Wed Mar  2 23:50:43 2016] <spacekitteh> indeed
[Wed Mar  2 23:51:02 2016] <spacekitteh> but it could probably be made to behave similarly
[Wed Mar  2 23:51:34 2016] <johnw> I very much doubt that
[Wed Mar  2 23:51:45 2016] <johnw> Coq allows for things like instance preferences
[Wed Mar  2 23:51:49 2016] <johnw> that Haskell never will
[Wed Mar  2 23:52:07 2016] <johnw> so, to ensure that what you typecheck in Coq is what you'll get in the extraction, you need to take Haskell out of the loop, so to speak
[Wed Mar  2 23:52:24 2016] <johnw> and just treat Haskell as a capable lambda calculus
[Wed Mar  2 23:53:06 2016] <spacekitteh> i'm thinking about using edkmett's reflection package to emulate it
[Wed Mar  2 23:53:27 2016] <spacekitteh> where you reify a manually made dictionary into a type class instance
[Wed Mar  2 23:53:43 2016] <johnw> i'm interested to see how it works out for you
[Wed Mar  2 23:53:48 2016] <spacekitteh> so am i ahaha
[Wed Mar  2 23:53:56 2016] <johnw> I spend a lot of time fine-tuning Haskell extraction
[Wed Mar  2 23:54:02 2016] <johnw> but not at the Ocaml level yet
[Wed Mar  2 23:54:49 2016] <spacekitteh> * nodnods
[Wed Mar  2 23:54:59 2016] <spacekitteh> this is just a sideproject for me though
[Wed Mar  2 23:55:04 2016] <spacekitteh> we use isabelle at work, not coq
[Wed Mar  2 23:55:08 2016] <spacekitteh> much to my chagrin
[Wed Mar  2 23:56:53 2016] <johnw> some of my co-workers use isabelle too
[Wed Mar  2 23:56:56 2016] <johnw> but I haven't yet
[Wed Mar  2 23:57:43 2016] <spacekitteh> what do you do?
[Wed Mar  2 23:59:13 2016] <johnw> I'm working on DARPA contracts with BAE Systems
[Wed Mar  2 23:59:36 2016] <johnw> so we use formal methods are various kinds in many ways
[Wed Mar  2 23:59:41 2016] <johnw> my last project used ACL2
[Wed Mar  2 23:59:47 2016] <spacekitteh> i think we are on the same project hahaha
[Wed Mar  2 23:59:54 2016] <johnw> but I prefer Coq so far the most
[Wed Mar  2 23:59:55 2016] <spacekitteh> HACCM/SMACCM?
[Thu Mar  3 00:00:05 2016] <johnw> we did work on HACCMs, yes
[Thu Mar  3 00:00:08 2016] <johnw> not me directly though
[Thu Mar  3 00:00:10 2016] <spacekitteh> ah
[Thu Mar  3 00:00:29 2016] <johnw> which company are you with?
[Thu Mar  3 00:00:37 2016] <spacekitteh> nicta/data61
[Thu Mar  3 00:00:40 2016] <johnw> ahh
[Thu Mar  3 00:00:43 2016] <johnw> very cool
[Thu Mar  3 00:00:50 2016] <johnw> so in a sense we're very much "industry adjacent" :)
[Thu Mar  3 00:00:57 2016] <spacekitteh> indeed :V
[Thu Mar  3 00:01:14 2016] <spacekitteh> even though i'm just an aerospace engineering undergrad lmfao
[Thu Mar  3 00:01:49 2016] <johnw> i'm an ex-compiler engineer
[Thu Mar  3 00:02:25 2016] <spacekitteh> cool
[Thu Mar  3 00:02:32 2016] <spacekitteh> i'm working on a hott compiler
[Thu Mar  3 00:02:38 2016] <spacekitteh> trying to do the core in coq and extract it to haskell
[Thu Mar  3 00:02:43 2016] <johnw> nice
[Thu Mar  3 00:02:45 2016] <johnw> using 8.5?
[Thu Mar  3 00:02:49 2016] <spacekitteh> ye
[Thu Mar  3 00:02:54 2016] <spacekitteh> well, trunk
[Thu Mar  3 00:02:56 2016] <johnw> the Haskell extraction is much better there
[Thu Mar  3 00:02:59 2016] <johnw> I'm still on 8.4
[Thu Mar  3 00:03:08 2016] <spacekitteh> oh god, it was worse in 8.4?
[Thu Mar  3 00:03:33 2016] <johnw> oh, FAR worse
[Thu Mar  3 00:03:47 2016] <johnw> i spent several days last week tracking down a SEGV due to a misplaced unsafeCoerce
[Thu Mar  3 00:04:05 2016] <johnw> I use a Perl file called "fixcode.pl" to correct all the errors I find
[Thu Mar  3 00:04:10 2016] <johnw> in 8.5, it's most unnecessary
[Thu Mar  3 00:08:13 2016] <spacekitteh> oh dear
[Thu Mar  3 01:20:14 2016] <rrika> anyone know when SF will reach version 4 officially?
[Thu Mar  3 01:28:55 2016] <jrw> rrika: I heard it would probably this summer
[Thu Mar  3 01:29:28 2016] <jrw> they usually teach the course in the fall each year, so they will have to have it ready in time for that
[Thu Mar  3 01:29:46 2016] <rrika> i see.
[Thu Mar  3 01:31:58 2016] <johnw> right, changing it mid-semester would be insanity
[Thu Mar  3 14:46:38 2016] <tbelaire> I need some help.
[Thu Mar  3 14:47:00 2016] <tbelaire> I've sucessfully creating my induction principle for chains of inheritence
[Thu Mar  3 14:47:02 2016] <tbelaire> https://github.com/tbelaire/FJ-Formalization/blob/master/FJ_Definitions.v#L447
[Thu Mar  3 14:47:05 2016] <tbelaire> Hurah
[Thu Mar  3 14:47:21 2016] <tbelaire> but now I've tried to define method lookup in terms of it
[Thu Mar  3 14:47:29 2016] <tbelaire> which also worked and looked solid
[Thu Mar  3 14:47:42 2016] <tbelaire> https://github.com/tbelaire/FJ-Formalization/blob/master/FJ_Definitions.v#L733
[Thu Mar  3 14:48:13 2016] <tbelaire> It works and doesn't have to deal with recursing over the list directly
[Thu Mar  3 14:48:16 2016] <tbelaire> which is great
[Thu Mar  3 14:48:46 2016] <tbelaire> but now I'm trying to prove that mresolve2 CT m Object = None
[Thu Mar  3 14:48:51 2016] <tbelaire> for all things
[Thu Mar  3 14:49:10 2016] <tbelaire> and I have no idea how to go about proving it
[Thu Mar  3 14:49:16 2016] <johnw> hi
[Thu Mar  3 14:49:26 2016] <tbelaire> really, I guess I'd hoped that it'd apply the P Object case
[Thu Mar  3 14:49:29 2016] <tbelaire> find that it's null
[Thu Mar  3 14:49:36 2016] <tbelaire> and be done
[Thu Mar  3 14:49:38 2016] <johnw> where is the proof attempt?
[Thu Mar  3 14:49:40 2016] <tbelaire> but it's trying to run list_ind first
[Thu Mar  3 14:49:45 2016] <tbelaire> 1660
[Thu Mar  3 14:50:42 2016] <johnw> are you familiar with "induction X using Y"?
[Thu Mar  3 14:50:47 2016] <tbelaire> Not really
[Thu Mar  3 14:50:59 2016] <johnw> you shouldn't need to apply ClassTable_rect directly
[Thu Mar  3 14:51:06 2016] <johnw> however, that's not the problem at 1660
[Thu Mar  3 14:51:19 2016] <johnw> what I think you'd need to do here is destruct CT
[Thu Mar  3 14:51:28 2016] <johnw> to get the various branches of ClassTable_rect to "fire" and simplify to their contents
[Thu Mar  3 14:51:35 2016] <johnw> rather than unfolding ClassTable_rect
[Thu Mar  3 14:52:22 2016] <tbelaire> lets see okay
[Thu Mar  3 14:53:33 2016] <tbelaire> it's getting stuck on eq_rect_r
[Thu Mar  3 14:53:41 2016] <johnw> ah!
[Thu Mar  3 14:53:57 2016] <johnw> there's a section in CPDT about proofs involving such equalities
[Thu Mar  3 14:54:06 2016] <johnw> can you show me the new proof and context+goal?
[Thu Mar  3 14:55:11 2016] <tbelaire> https://gist.github.com/tbelaire/d1dbe5c41a35c4accd8f
[Thu Mar  3 14:55:53 2016] <johnw> I would just do:
[Thu Mar  3 14:56:02 2016] <johnw> induction CT0; simpl; intros.
[Thu Mar  3 14:56:09 2016] <johnw> well, maybe first an unfold mresolve2
[Thu Mar  3 14:56:27 2016] <johnw> so, eq_rect_r is the term level expression of a rewrite
[Thu Mar  3 14:56:38 2016] <johnw> (a rewrite <-, to be precise)
[Thu Mar  3 14:57:02 2016] <johnw> apparently "ok_obj nil" is the same thing as None?
[Thu Mar  3 14:57:39 2016] <tbelaire> that's not right...
[Thu Mar  3 14:58:01 2016] <tbelaire> this (fun _ : ok_type_ nil Object => None)
[Thu Mar  3 14:58:10 2016] <tbelaire> is where I'd expect None to come from
[Thu Mar  3 15:00:29 2016] <tbelaire> since that's the P argument to eq_rect_r
[Thu Mar  3 15:01:45 2016] <tbelaire> anyways, even if I solve the nil case, the inductive case has a goal over 900 lines long, after I run simpl
[Thu Mar  3 15:02:49 2016] <johnw> that's odd
[Thu Mar  3 15:02:55 2016] <johnw> you'd think that case wouldn't even happen
[Thu Mar  3 15:03:05 2016] <tbelaire> well
[Thu Mar  3 15:03:22 2016] <johnw> the induction hypothesis should be a clear inequality
[Thu Mar  3 15:03:23 2016] <tbelaire> It could happen that we're proving something about Object while we have a non-empty class table
[Thu Mar  3 15:04:30 2016] <tbelaire> I mean, I was hoping to define things in terms of ClassTable_rect to avoid needing to induction on the class table in every proof
[Thu Mar  3 15:04:47 2016] <tbelaire> and instead show things for just the important cases
[Thu Mar  3 15:04:55 2016] <tbelaire> in the chains of inheritance
[Thu Mar  3 15:05:45 2016] <johnw> ahh
[Thu Mar  3 15:05:47 2016] <tbelaire> If I need to induct on CT anyways, well there isn't that much of a point
[Thu Mar  3 15:06:00 2016] <johnw> you want to use recursors
[Thu Mar  3 15:06:09 2016] <tbelaire> cool, what's that?
[Thu Mar  3 15:06:17 2016] <johnw> ClassTable_rect
[Thu Mar  3 15:06:26 2016] <johnw> it's when you represent your data type as the closure of a fold
[Thu Mar  3 15:06:41 2016] <johnw> in which case I then ask, why have the ClassType inductive type at all?
[Thu Mar  3 15:06:44 2016] <johnw> just use its final encoding
[Thu Mar  3 15:06:57 2016] <johnw> where is ClassTable defined?
[Thu Mar  3 15:07:31 2016] <johnw> with a final encoding, you drop constructors, and values of your data type become closures
[Thu Mar  3 15:07:51 2016] <johnw> you lose the ability to easily pattern match, but you also avoid direct recursion in your proofs
[Thu Mar  3 15:07:56 2016] <tbelaire> hmm
[Thu Mar  3 15:08:09 2016] <johnw> for example, Inductive List a := Nil | Cons a (List a)
[Thu Mar  3 15:08:11 2016] <johnw> has the final form
[Thu Mar  3 15:08:24 2016] <johnw> Definition ListFinal a := forall r, r -> (a -> r -> r) -> r.
[Thu Mar  3 15:08:30 2016] <tbelaire> this is flists?
[Thu Mar  3 15:08:32 2016] <johnw> and these two can be proven to be isomorphic
[Thu Mar  3 15:08:38 2016] <tbelaire> yeah I've seen that for lists before
[Thu Mar  3 15:08:55 2016] <johnw> i don't know what an flist is
[Thu Mar  3 15:09:05 2016] <johnw> and google isn't telling me quickly
[Thu Mar  3 15:09:17 2016] <tbelaire> ah, maybe that was just the term used on the exam
[Thu Mar  3 15:09:22 2016] <tbelaire> it's just exactly that
[Thu Mar  3 15:09:37 2016] <johnw> so, any algebraic inductive type has a trivial final encoding
[Thu Mar  3 15:09:50 2016] <johnw> however, I'm not sure that is what you need or want
[Thu Mar  3 15:10:06 2016] <tbelaire> so, the class table is a list of tuples
[Thu Mar  3 15:10:17 2016] <tbelaire> with more condidtions imposed
[Thu Mar  3 15:10:40 2016] <tbelaire> as we want to look up each ancestor for a class
[Thu Mar  3 15:11:13 2016] <tbelaire> but I really would like to hide that representation
[Thu Mar  3 15:11:18 2016] <tbelaire> a little from the proofs
[Thu Mar  3 15:11:31 2016] <johnw> how about if you just:
[Thu Mar  3 15:11:31 2016] <tbelaire> and just talk about each class's ancestor
[Thu Mar  3 15:11:37 2016] <johnw> induction CT using ClassTable_rect?
[Thu Mar  3 15:11:51 2016] <tbelaire> it claims there are not enough parameters
[Thu Mar  3 15:12:01 2016] <johnw> I think it's because of your "ok_type_ CT C" argument
[Thu Mar  3 15:12:10 2016] <johnw> so try:
[Thu Mar  3 15:12:13 2016] <tbelaire> Error: in _: Not the right number of induction arguments.
[Thu Mar  3 15:12:16 2016] <johnw> induction CT using (ClassTable_rect X)
[Thu Mar  3 15:12:21 2016] <johnw> where X is of type ok_type_ CT C
[Thu Mar  3 15:12:41 2016] <tbelaire>  Cannot recognize an induction scheme.
[Thu Mar  3 15:12:57 2016] <johnw> hmm
[Thu Mar  3 15:13:08 2016] <johnw> you've got too many arguments there I think still
[Thu Mar  3 15:13:12 2016] <johnw> like "directed_ct CT"
[Thu Mar  3 15:13:15 2016] <johnw> it's not fitting the "shape"
[Thu Mar  3 15:13:53 2016] <tbelaire> trying to fill them in
[Thu Mar  3 15:15:19 2016] <tbelaire> I've been considering doing a refactoring to replace all the cnames with dependent tuples of { C;  ok_type C}
[Thu Mar  3 15:15:23 2016] <tbelaire> would that help the shape?
[Thu Mar  3 15:15:44 2016] <johnw> you'd only be able to induct over such things
[Thu Mar  3 15:16:16 2016] <tbelaire> yeah, but that's fine, I only care about classes that exist in the class table anyways
[Thu Mar  3 15:17:11 2016] <tbelaire> I'm just concerned that that'll strengthen the requirement to call some lemmas if I do it uniformly
[Thu Mar  3 15:17:17 2016] <tbelaire> and cause problems
[Thu Mar  3 15:17:27 2016] <johnw> so, here's a way to think about custom induction principles
[Thu Mar  3 15:17:40 2016] <johnw> refine (Class_rect _ _).
[Thu Mar  3 15:17:48 2016] <johnw> where each "_" represent a "branch" of the induction
[Thu Mar  3 15:17:49 2016] <tbelaire> we should be able to do the same thing as induction _ using _. using apply
[Thu Mar  3 15:17:52 2016] <tbelaire> yup
[Thu Mar  3 15:17:55 2016] <johnw> this will generate two goals, one for each branch
[Thu Mar  3 15:18:02 2016] <johnw> which is pretty much what "induction using" is going to do
[Thu Mar  3 15:18:12 2016] <tbelaire> but I don't really want to induct, as that'll erase information I need here
[Thu Mar  3 15:18:16 2016] <johnw> ah
[Thu Mar  3 15:18:20 2016] <tbelaire> what I really want is some sort of inversion
[Thu Mar  3 15:18:32 2016] <johnw> you could write a custom inversion principle
[Thu Mar  3 15:18:40 2016] <tbelaire> ah, good idea
[Thu Mar  3 15:18:42 2016] <tbelaire> that's what I need
[Thu Mar  3 15:18:44 2016] <johnw> that is, given a CT, what truth can be determined from it
[Thu Mar  3 15:19:06 2016] <johnw> Coq's stdlib has lots of these, actually, they are usually named "..._inv" or "..._impl"
[Thu Mar  3 15:19:31 2016] <tbelaire> let me look for some examples of those
[Thu Mar  3 15:19:40 2016] <johnw> look at List.Forall
[Thu Mar  3 15:21:01 2016] <tbelaire> sure
[Thu Mar  3 15:23:30 2016] <tbelaire>      Lemma Forall_inv : forall (a:A) l, Forall (a :: l) -> P a.
[Thu Mar  3 15:23:32 2016] <tbelaire> ?
[Thu Mar  3 15:23:43 2016] <johnw> exactly
[Thu Mar  3 15:23:55 2016] <johnw> something that you'd expect "inversion" to provide
[Thu Mar  3 15:24:10 2016] <johnw> although, there are some cases where what inversion does isn't quite what you want to happen
[Thu Mar  3 15:24:17 2016] <johnw> so these custom inversion function can be very handy
[Thu Mar  3 15:25:06 2016] <tbelaire> wait, I can't want inversion, since I don't have it as a hypothesis
[Thu Mar  3 15:25:13 2016] <johnw> ah
[Thu Mar  3 15:25:26 2016] <tbelaire> yeah I just need to let simpl work
[Thu Mar  3 15:25:28 2016] <tbelaire> brb
[Thu Mar  3 15:37:00 2016] <tbelaire> hmm, I could try and simplify the definition of ClassTable_rect
[Thu Mar  3 15:37:12 2016] <tbelaire> but I'm not sure if that will actaully help
[Thu Mar  3 15:37:52 2016] <tbelaire> I don't really want to have to deal with the internals at all.
[Thu Mar  3 15:42:03 2016] <tbelaire> I'm going to try something simpler
[Thu Mar  3 15:42:08 2016] <tbelaire> just the number of ancestors
[Thu Mar  3 15:42:17 2016] <tbelaire> and see if I can prove anything about it
[Thu Mar  3 15:50:06 2016] <tbelaire> nah, can't
[Thu Mar  3 15:50:16 2016] <tbelaire> I'll try and remove that ok_type_ requirement
[Thu Mar  3 15:50:21 2016] <tbelaire> see if I can prove it without that
[Thu Mar  3 15:53:08 2016] <tbelaire> that really doesn't work
[Thu Mar  3 15:53:24 2016] <tbelaire> since I can't assume the class is one I know anything about
[Thu Mar  3 15:53:52 2016] <tbelaire> lets try that dependant type pair idea
[Thu Mar  3 15:55:04 2016] <johnw> aka sigma
[Thu Mar  3 16:00:27 2016] <stelleg> is there a way to skip the assert and just define a term and add it to your hypotheses? I vaugely recall being able to do this but can't remember how
[Thu Mar  3 16:02:45 2016] <stelleg> e.g. instead of assert nat as N. apply 0. is there a way to just say define N 0?
[Thu Mar  3 16:07:36 2016] <stelleg> ah set (N:=0).
[Thu Mar  3 16:13:59 2016] <tbelaire> Definition Class_ (CT:ctable) := forall C : cname, {C : cname | ok_type_ CT C}.
[Thu Mar  3 16:14:06 2016] <tbelaire> is that reasonable?
[Thu Mar  3 16:14:21 2016] <tbelaire> if I want to have cnames where I know they are ok_type
[Thu Mar  3 16:14:25 2016] <johnw> you don't need the forall
[Thu Mar  3 16:14:38 2016] <tbelaire> how do I get the C in scope?
[Thu Mar  3 16:14:47 2016] <tbelaire> oh
[Thu Mar  3 16:14:48 2016] <johnw> { C : cname
[Thu Mar  3 16:14:49 2016] <tbelaire> it is
[Thu Mar  3 16:14:51 2016] <tbelaire> magic
[Thu Mar  3 16:15:15 2016] <johnw> forall C : cname and { C : cname even mean exactly opposite things :)
[Thu Mar  3 16:15:25 2016] <johnw> one is "defined for any C" and the other is "defined for some C"
[Thu Mar  3 16:15:34 2016] <tbelaire> sure, yes
[Thu Mar  3 16:16:03 2016] <tbelaire> now, I want to construct a value for Object
[Thu Mar  3 16:16:15 2016] <tbelaire> given proof of okayness (ok_obj CT)
[Thu Mar  3 16:16:22 2016] <tbelaire> Definition Object_ (CT:ctable) : Class_ CT :=
[Thu Mar  3 16:16:24 2016] <tbelaire>     exist Object (ok_obj CT).
[Thu Mar  3 16:16:26 2016] <tbelaire> doesn't work
[Thu Mar  3 16:16:49 2016] <johnw> exist _ Object (ok_obj CT)
[Thu Mar  3 16:17:23 2016] <tbelaire> what's the _?
[Thu Mar  3 16:17:28 2016] <tbelaire> oh
[Thu Mar  3 16:17:30 2016] <tbelaire> P
[Thu Mar  3 16:17:33 2016] <tbelaire> I see now
[Thu Mar  3 16:26:01 2016] <spacekitteh> good morning, fellow proof assistant comrades
[Thu Mar  3 16:26:07 2016] <johnw> good morning, spacekitteh!
[Thu Mar  3 16:26:12 2016] <johnw> how is Australia today?
[Thu Mar  3 16:26:19 2016] <spacekitteh> it's okay
[Thu Mar  3 16:26:23 2016] <spacekitteh> kinda warm still
[Thu Mar  3 16:26:30 2016] <spacekitteh> fuck global warming
[Thu Mar  3 16:26:39 2016] <spacekitteh> how's the US
[Thu Mar  3 16:26:42 2016] <tbelaire> Good morning
[Thu Mar  3 16:26:47 2016] <johnw> pretty nice today
[Thu Mar  3 16:26:52 2016] <tbelaire> Canada's got snow everywhere
[Thu Mar  3 16:26:56 2016] <spacekitteh> jelly
[Thu Mar  3 16:27:24 2016] <tbelaire> it's not actually nice outside
[Thu Mar  3 16:27:35 2016] <spacekitteh> i love snow tho
[Thu Mar  3 16:27:40 2016] <tbelaire> though I do agree that too cold is more fixable than too warm
[Thu Mar  3 16:27:46 2016] <tbelaire> you can keep adding layers
[Thu Mar  3 16:28:01 2016] <spacekitteh> i have had snowball fights with swedes where i was just in cargo pants and a tank top
[Thu Mar  3 16:28:13 2016] <spacekitteh> and they were like "wtf why isn't she freezing"
[Thu Mar  3 16:29:16 2016] <spacekitteh> i am not suited to australian weather :(
[Thu Mar  3 16:33:06 2016] <johnw> spacekitteh: where are you from, besides space?
[Thu Mar  3 16:33:15 2016] <spacekitteh> straya
[Thu Mar  3 16:33:23 2016] <johnw> where is straya?
[Thu Mar  3 16:33:24 2016] <stelleg> she sounds too tough for a queenslander :)
[Thu Mar  3 16:33:31 2016] <johnw> ah
[Thu Mar  3 16:33:31 2016] <spacekitteh> i am indeed a queenslander
[Thu Mar  3 16:33:34 2016] <spacekitteh> just moved to sydney though
[Thu Mar  3 16:33:51 2016] <stelleg> still to hot for you down there?
[Thu Mar  3 16:33:58 2016] <spacekitteh> yeah.
[Thu Mar  3 16:34:03 2016] <spacekitteh> anything over 20c = GTFO
[Thu Mar  3 16:34:16 2016] <spacekitteh> autism is a hell of a drug
[Thu Mar  3 16:34:59 2016] <stelleg> yeah sounds like you are on the wrong continent
[Thu Mar  3 16:35:22 2016] <stelleg> maybe we can trade
[Thu Mar  3 16:35:25 2016] <stelleg> i love queensland
[Thu Mar  3 16:35:29 2016] <spacekitteh> heh
[Thu Mar  3 16:35:44 2016] <spacekitteh> gimme 1980s east berlin and you got yourself a deal
[Thu Mar  3 16:35:59 2016] <stelleg> hah
[Thu Mar  3 16:36:20 2016] <stelleg> high desert in SW USA close enough?
[Thu Mar  3 16:36:51 2016] <spacekitteh> i guess
[Thu Mar  3 17:18:26 2016] <stelleg> curious how everyone builds their coq projects
[Thu Mar  3 17:18:51 2016] <stelleg> i ended up using shake and coqdep after not having much luck with coq_makefile
[Thu Mar  3 17:19:11 2016] <johnw> I use coq_makefile, with a Makefile around it
[Thu Mar  3 17:19:23 2016] <jrw> stelleg: I use coq_makefile with a _CoqProject file
[Thu Mar  3 17:19:27 2016] <johnw> yeah, and _CoqProject
[Thu Mar  3 17:19:36 2016] <johnw> stelleg: https://gist.github.com/851503119553cdcd2808
[Thu Mar  3 17:19:40 2016] <johnw> that's my current project's Makefile
[Thu Mar  3 17:20:53 2016] <stelleg> johnw: cool, thanks
[Thu Mar  3 17:22:57 2016] <stelleg> fixcode.pl :)
[Thu Mar  3 17:24:01 2016] <spacekitteh> so does anyone have any idea how to debug plugins?
[Thu Mar  3 17:26:11 2016] <stelleg> * has yet to install a plugin
[Thu Mar  3 17:28:32 2016] <johnw> spacekitteh: no idea at all
[Thu Mar  3 17:28:42 2016] <spacekitteh> =[
[Thu Mar  3 17:53:10 2016] <stelleg> jrw: thanks for _CoqProject tip
[Thu Mar  3 17:53:49 2016] <johnw> stelleg: https://gist.github.com/870023c358a27a2737a6
[Thu Mar  3 17:53:58 2016] <johnw> that's my _CoqProject that goes with the Makefile
[Thu Mar  3 17:54:08 2016] <johnw> and works for both 8.4 and 8.5
[Thu Mar  3 17:56:15 2016] <stelleg> johnw: thanks
[Thu Mar  3 18:00:11 2016] <stelleg> johnw: do you use proof general?
[Thu Mar  3 18:00:43 2016] <johnw> yes
[Thu Mar  3 18:01:28 2016] <stelleg> did the move to 8.5 cause any issues?
[Thu Mar  3 18:01:48 2016] <johnw> no
[Thu Mar  3 18:01:54 2016] <johnw> not from the PG perspective
[Thu Mar  3 18:02:03 2016] <johnw> i still use 8.4 on this particular project
[Thu Mar  3 18:02:06 2016] <johnw> but 8.5 on others
[Thu Mar  3 18:03:55 2016] <stelleg> ok thanks, I think I'll take a swing at moving coquille (a vim-coq plugin) work with 8.5
[Fri Mar  4 06:08:21 2016] <riaqn> asmanur: hi, remember that sigma vs pi type? can you recommend some material to help understand why they are both necessary and be "dual"?
[Fri Mar  4 06:08:54 2016] <asmanur> they are not really dual
[Fri Mar  4 06:09:27 2016] <riaqn> asmanur: hmm, I heard it's a concept in category theory, so I have to learn category to understand it?
[Fri Mar  4 06:09:39 2016] <asmanur> but I don't know anything in particular in the literature
[Fri Mar  4 06:09:43 2016] <asmanur> weellll
[Fri Mar  4 06:09:57 2016] <asmanur> yeah, it's not dual it's adjoint
[Fri Mar  4 06:10:47 2016] <asmanur> but yeah I find the categorical intepretation quite enlightening
[Fri Mar  4 06:11:34 2016] <riaqn> OK I guess I have to learn some category theory.
[Fri Mar  4 06:22:07 2016] <asmanur> but your question is a bit orthogonal to dependant types, the situation kind of already happens in the simply typed setting
[Fri Mar  4 06:23:43 2016] <riaqn> huh? you mean A->B and A*B?
[Fri Mar  4 08:52:49 2016] <Biv> hello there
[Fri Mar  4 09:04:24 2016] <asmanur> riaqn: yes
[Fri Mar  4 13:58:17 2016] <johnw> riaqn: in Coq they are not both necessary
[Fri Mar  4 13:58:43 2016] <johnw> riaqn: using pi types alone, you can express sigma types
[Fri Mar  4 13:59:30 2016] <johnw> for example, a sigma { n : nat | n < 10 } could be encoded as a function forall r, (forall n : nat, n < 10 -> r) -> r
[Fri Mar  4 14:52:12 2016] <johnw> jgross: ping
[Fri Mar  4 17:50:40 2016] <riaqn> johnw: yeah, that's what I thought, and it has been haunted me for days.
[Fri Mar  4 17:52:09 2016] <riaqn> johnw: but asmanur told me that it's impossible to derive some rules by this encoding.
[Fri Mar  4 17:53:16 2016] <riaqn> johnw: but I still doesn't understand why. until yesterday I found this link: http://math.stackexchange.com/questions/661511/is-it-possible-to-express-sigma-type-in-martin-l%C3%B6f-type-theory-with-other-constr
[Fri Mar  4 17:54:33 2016] <riaqn> or this: http://mathoverflow.net/questions/16442/can-dependent-sums-be-encoded-as-dependent-products
[Fri Mar  4 18:14:15 2016] <riaqn> oh, sorry for the numerous grammar errors above.
[Fri Mar  4 18:48:23 2016] <benzrf> is there some nice haskell or purescript implementation of the CoC or some similar consistent type theory
[Fri Mar  4 18:48:29 2016] <benzrf> lambda-pi has type in type i think
[Fri Mar  4 18:50:12 2016] <riaqn> what's lambda-pi? could you give me some links?
[Fri Mar  4 18:50:21 2016] <notdan> you mean forall-pi?
[Fri Mar  4 18:52:12 2016] <riaqn> ok I guess (s)he means this: https://www.andres-loeh.de/LambdaPi/
[Fri Mar  4 19:00:00 2016] <notdan> ah
[Sat Mar  5 03:58:13 2016] <johnw> riaqn: given pi types and inductive data types, we can represent sigma using the introduction rule for some "sig" data type, giving you an induction principle
[Sat Mar  5 03:58:53 2016] <johnw> but then we're using more than pi-types
[Sat Mar  5 03:59:14 2016] <johnw> however, Coq acquired inductive data types partly because of this shortcoming of the Church encoding, or recursors only, approach
[Sat Mar  5 03:59:25 2016] <johnw> which, btw, Lean is apparently trying, so I wonder how they'll resolve this
[Sat Mar  5 04:06:46 2016] <rrika> johnw, what do you mean exactly?
[Sat Mar  5 04:19:42 2016] <riaqn> johnw: lean is trying what? using only pi types?
[Sat Mar  5 04:21:04 2016] <rrika> Lean implements its sigma in the standard lib using a single case inductive data type: structure sigma {A : Type} (B : A → Type) := mk :: (pr1 : A) (pr2 : B pr1)
[Sat Mar  5 04:21:11 2016] <rrika> if I'm not mistaken
[Sat Mar  5 04:22:29 2016] <riaqn> rrika: my impression is that inductive type is a kind of superset to sigma type, so the fact that it can be encoded is not surprising.
[Sat Mar  5 06:04:10 2016] <riaqn> hello, how can I prove this one? https://bpaste.net/show/089664465d6f
[Sat Mar  5 06:09:51 2016] <rrika> riaqn, if you use inversion instead of induction you get many more facts
[Sat Mar  5 06:11:00 2016] <riaqn> rrika: but I feel needing to induction over H.
[Sat Mar  5 06:26:49 2016] <rrika> riaqn, if you figure it out tell me.
[Sat Mar  5 06:26:56 2016] <rrika> I've been trying to solve it until now.
[Sat Mar  5 06:27:36 2016] <rrika> one thing I noticed is that nothing prevents you from having values of both (multi X t_true) and (multi X t_false).
[Sat Mar  5 06:27:46 2016] <rrika> at least you can not easily derive False from two such values.
[Sat Mar  5 06:28:16 2016] <rrika> the definition of small and multi should be enough to show that it can only be either one or the other.
[Sat Mar  5 06:35:57 2016] <riaqn> rrika let me know if you solve it,i
[Sat Mar  5 06:36:05 2016] <riaqn> I have given up
[Sat Mar  5 06:36:24 2016] <rrika> where is this task from?
[Sat Mar  5 06:37:32 2016] <riaqn> from tapl chapter 3, but not an exercise
[Sat Mar  5 06:41:26 2016] <riaqn> rrika page 34, it's called small step operational semantics
[Sat Mar  5 06:41:35 2016] <rrika> I only read a part of SF
[Sat Mar  5 06:49:37 2016] <rrika> riaqn, is it intentional that small t_true t_true -> False?
[Sat Mar  5 06:49:57 2016] <rrika> 'small' has nothing indicating that literals evaluate to themselves
[Sat Mar  5 06:57:16 2016] <riaqn> rrika where do you derive that t_true t_true -> False?
[Sat Mar  5 06:57:30 2016] <rrika> inversion
[Sat Mar  5 06:58:07 2016] <rrika> Theorem small_true_true :
[Sat Mar  5 06:58:07 2016] <rrika>   small t_true t_true -> False.
[Sat Mar  5 06:58:07 2016] <rrika> Proof.
[Sat Mar  5 06:58:07 2016] <rrika>   intros.
[Sat Mar  5 06:58:07 2016] <rrika>   inversion H.
[Sat Mar  5 06:58:08 2016] <rrika> Qed.
[Sat Mar  5 06:58:42 2016] <riaqn> yes, it's international
[Sat Mar  5 06:58:54 2016] <riaqn> oh I mean intentional
[Sat Mar  5 06:59:14 2016] <rrika> So small makes sure its first argument is never true or false but always cond
[Sat Mar  5 06:59:21 2016] <rrika> And multi has two cases
[Sat Mar  5 06:59:37 2016] <rrika> the tautology X → X
[Sat Mar  5 07:00:07 2016] <rrika> and a multi transformation followed by a small transformation
[Sat Mar  5 07:00:24 2016] <rrika> which means that multi can only have X → X or (endless tree of conds with no leaves) → X
[Sat Mar  5 07:00:45 2016] <rrika> → not in the function signature sense, bad choice of symbol of me
[Sat Mar  5 07:01:22 2016] <rrika> Maybe there is an error in my reasoning.
[Sat Mar  5 07:52:50 2016] <rrika> riaqn, nevermind I was wrong
[Sat Mar  5 07:52:53 2016] <rrika> also I solved it
[Sat Mar  5 08:18:36 2016] <rrika> riaqn, https://bpaste.net/show/c38e0e25a139
[Sat Mar  5 08:36:34 2016] <riaqn> rrika huh, not as easy as it seems
[Sat Mar  5 08:38:49 2016] <rrika> my style is a bit roundabout.
[Sat Mar  5 19:25:50 2016] <spacekitteh> so for the last week or so i've been getting this error while trying to compile coq trunk:
[Sat Mar  5 19:25:54 2016] <spacekitteh> File "./theories/Init/Logic.v", line 541, characters 24-25:
[Sat Mar  5 19:25:55 2016] <spacekitteh> Syntax error: [tactic:binder_tactic] or [tactic:tactic_expr] or [tactic_then_locality] expected after ";" (in [tactic:tactic_expr]).
[Sat Mar  5 19:26:18 2016] <spacekitteh> since there's been like a dozen commits after it first started i'm wondering if it's on my end.
[Sat Mar  5 19:50:27 2016] <Nik05> spacekitteh can you paste the context?
[Sat Mar  5 19:50:50 2016] <spacekitteh> COQC  -noinit theories/Init/Notations.v
[Sat Mar  5 19:50:51 2016] <spacekitteh> COQC  -noinit theories/Init/Logic.v
[Sat Mar  5 19:50:51 2016] <spacekitteh> File "./theories/Init/Logic.v", line 541, characters 24-25:
[Sat Mar  5 19:50:51 2016] <spacekitteh> Syntax error: [tactic:binder_tactic] or [tactic:tactic_expr] or [tactic_then_locality] expected after ";" (in [tactic:tactic_expr]).
[Sat Mar  5 19:50:53 2016] <spacekitteh> Makefile.build:591: recipe for target 'theories/Init/Logic.vo' failed
[Sat Mar  5 19:50:56 2016] <spacekitteh> make[1]: *** [theories/Init/Logic.vo] Error 1
[Sat Mar  5 19:51:42 2016] <Nik05> spacekitteh and the context?
[Sat Mar  5 19:51:48 2016] <spacekitteh> what do you mean
[Sat Mar  5 19:51:48 2016] <Nik05> please use lpaste
[Sat Mar  5 19:51:51 2016] <Nik05> the code
[Sat Mar  5 19:53:28 2016] <spacekitteh> https://github.com/coq/coq/blob/trunk/theories/Init/Logic.v#L541
[Sat Mar  5 19:56:46 2016] <Cypi> Looks like I can compile trunk just fine on my end :x
[Sat Mar  5 19:57:00 2016] <Cypi> (not helping much though)
[Sat Mar  5 19:57:11 2016] <spacekitteh> no that does help cypi
[Sat Mar  5 19:57:24 2016] <spacekitteh> what's the result of your .configure?
[Sat Mar  5 19:58:07 2016] <spacekitteh> (i ran ./configure -debug -local)
[Sat Mar  5 19:59:24 2016] <Cypi> http://lpaste.net/154084
[Sat Mar  5 20:00:02 2016] <Cypi> Maybe a difference in the Camlp4/5 version used? (I have no idea how these work though)
[Sat Mar  5 20:00:46 2016] <spacekitteh> hmm, i'm using camlp4. i'll try with p5
[Sat Mar  5 20:03:41 2016] <spacekitteh> ok it looks like it was camlp4 that was the problem.
[Sat Mar  5 21:02:57 2016] <spacekitteh> sup nerds
[Sat Mar  5 21:54:05 2016] <jrw> riaqn: it's often convenient to use a different encoding of the transitive closure than the one your using. I think it will make this particular proof easier as well.
[Sat Mar  5 21:59:35 2016] <jrw> if you just change the type of m_S to be [small t1 t2 -> multi t2 t3 -> multi t1 t3] then the proof goes through with two inversions.
[Sat Mar  5 21:59:56 2016] <jrw> you can prove that the two definitions are equivalent, since sometimes one is more convenient than the other
[Sun Mar  6 12:55:25 2016] <andorp_> hi! I need some help with the installation coq, ProofGeneral, emacs on NixOS, anyone could help?
[Sun Mar  6 14:17:55 2016] <johnw> rrika: someone had told me that Lean uses recursors, and not inductive data types, in its meta-theory
[Sun Mar  6 14:22:43 2016] <rrika> johnw, I'm very weak on the theory behind all this
[Sun Mar  6 14:23:04 2016] <rrika> what is meant by recursors anyway?
[Sun Mar  6 14:23:21 2016] <johnw> it would mean that a user-facing construction like "inductive list a := nil | cons a (list a)"
[Sun Mar  6 14:23:36 2016] <johnw> would construct terms of the form ∀ r. r -> (a -> r -> r) -> r
[Sun Mar  6 14:23:49 2016] <johnw> and that elimination would consist of calling this somehow
[Sun Mar  6 14:24:01 2016] <johnw> I *think*
[Sun Mar  6 14:24:12 2016] <rrika> well, coq offers both match and a function for that, doesn't it?
[Sun Mar  6 14:24:22 2016] <rrika> and lean gives you a recursor but also a match
[Sun Mar  6 14:24:24 2016] <johnw> yes, but the core meta-theory actually has inductive constructions
[Sun Mar  6 14:24:36 2016] <johnw> it doesn't try to reduce an inductive type further down to plain functions
[Sun Mar  6 14:24:52 2016] <rrika> I don't know if it's defined by its recursor, or just has a recursor
[Sun Mar  6 14:24:54 2016] <rrika> 2meta4me
[Sun Mar  6 14:24:59 2016] <johnw> haha
[Sun Mar  6 14:25:07 2016] <rrika> Does it make a difference for the definition of sigma though?
[Sun Mar  6 14:25:21 2016] <rrika> Whether it's based on a "true" inductive data type or a recursor
[Sun Mar  6 14:25:58 2016] <johnw> not a whole lot; I was just mentioning that we don't need anything but pi to encode it
[Sun Mar  6 14:27:48 2016] <rrika> because a recursor is a pi type?
[Sun Mar  6 14:27:57 2016] <rrika> *is of a
[Sun Mar  6 14:28:01 2016] <johnw> yes
[Sun Mar  6 16:03:33 2016] <spacekit1eh> good morning fellow workers
[Sun Mar  6 16:17:56 2016] <johnw> hello, kitten of the vast outer reaches
[Sun Mar  6 16:20:01 2016] <benzrf> helo
[Sun Mar  6 16:33:04 2016] <spacekit1eh> so like
[Sun Mar  6 16:33:06 2016] <spacekit1eh> this is my first ever job
[Sun Mar  6 16:33:11 2016] <spacekit1eh> haven't even got a degree
[Sun Mar  6 16:33:19 2016] <spacekit1eh> mum said "don't get involved in office politics"
[Sun Mar  6 16:33:25 2016] <spacekit1eh> three months later i'm the union delegate
[Sun Mar  6 16:33:25 2016] <spacekit1eh> hah
[Sun Mar  6 16:34:48 2016] <rrika> what kind of job?
[Sun Mar  6 16:37:31 2016] <spacekit1eh> proof engineering
[Sun Mar  6 16:39:19 2016] <rrika> nice
[Sun Mar  6 16:39:28 2016] <spacekit1eh> indeed :)
[Sun Mar  6 16:39:31 2016] <rrika> close to home, or did you have to move?
[Sun Mar  6 16:41:00 2016] <spacekit1eh> had to move
[Sun Mar  6 16:42:55 2016] <spacekit1eh> i was on welfare prior to it
[Sun Mar  6 16:43:02 2016] <spacekit1eh> what with increased rent here and so on
[Sun Mar  6 16:43:11 2016] <johnw> how did you land the job?
[Sun Mar  6 16:43:12 2016] <spacekit1eh> i only make a profit of about $150/fortnight, lol
[Sun Mar  6 16:43:28 2016] <spacekit1eh> johnw: applied for it!
[Sun Mar  6 16:43:41 2016] <spacekit1eh> there was an open listing for it
[Sun Mar  6 16:44:21 2016] <rrika> spacekit1eh, what technologies do you get to work with?
[Sun Mar  6 16:44:37 2016] <rrika> (coq y/n?, others?)
[Sun Mar  6 16:45:02 2016] <spacekit1eh> isabelle :(
[Sun Mar  6 16:45:05 2016] <spacekit1eh> + haskell
[Sun Mar  6 16:45:15 2016] <spacekit1eh> but i'm working on coq stuff on my spare time
[Sun Mar  6 16:45:18 2016] <spacekit1eh> which is a LOT
[Sun Mar  6 16:49:18 2016] <johnw> spacekit1eh: good job finding that; proof engineering jobs are kind of rare
[Sun Mar  6 16:49:30 2016] <johnw> and so, hard to build up working experience in
[Sun Mar  6 16:51:19 2016] <spacekit1eh> yeah lol
[Sun Mar  6 16:52:29 2016] <rrika> I also moved for my first ever job without a degree. Trying to learn coq and other proving stuff on the side.
[Sun Mar  6 21:15:30 2016] <benzrf> what has been written on the topic of equipping systems like the CoC with "native" types and functions
[Sun Mar  6 21:15:57 2016] <benzrf> i.e. like how Int, (+), etc are in Haskell
[Mon Mar  7 10:23:32 2016] <johnw> benzrf: I don't think you ever need that to be in the meta-theory
[Mon Mar  7 10:24:08 2016] <johnw> benzrf: for Coq, "Int" is just an ordinary inductive data type, while constants like "12" reduce down to a series of constructor calls.  But none of this occurs at the CiC layer.
[Mon Mar  7 11:49:15 2016] <stelleg> johnw: I have some vague recollection of you mentioning that you maintain most of the coq nix packages
[Mon Mar  7 11:50:44 2016] <stelleg> ah nevermind, i figured out the issue
[Mon Mar  7 11:51:26 2016] <stelleg> nix seems pretty nice
[Mon Mar  7 11:57:52 2016] <tbelaire> is there a nice way to simplify the goal if it's a match?
[Mon Mar  7 11:58:27 2016] <tbelaire> in particular, is it possible to reduce match expressions with only one arm to their arm in a goal
[Mon Mar  7 11:58:42 2016] <tbelaire> or does that break dependant typing?
[Mon Mar  7 11:59:11 2016] <Cypi> You will need to destruct on the variable being matched on in any case
[Mon Mar  7 11:59:43 2016] <Cypi> Even with only one branch. In some cases it might not even be provable that you can just reduce it to its branch (as you said, dependent typing makes everything more complicated)
[Mon Mar  7 11:59:45 2016] <tbelaire> I'm trying to do: https://gist.github.com/aa17a372450bf1beb58e
[Mon Mar  7 12:00:04 2016] <tbelaire> I can't destruct on the variable, it lead to "ill typed term"
[Mon Mar  7 12:01:58 2016] <tbelaire> https://github.com/tbelaire/FJ-Formalization/blob/wip/FJ_Definitions.v#L586
[Mon Mar  7 12:04:03 2016] <johnw> what was your destruct command?
[Mon Mar  7 12:04:29 2016] <tbelaire> destruct H_ok.
[Mon Mar  7 12:04:46 2016] <johnw> try "dependent destruction H_ok"
[Mon Mar  7 12:04:51 2016] <tbelaire> okay
[Mon Mar  7 12:05:07 2016] <johnw> there are non-axiomy ways around using that, but they are somewhat involved
[Mon Mar  7 12:05:44 2016] <tbelaire> Syntax error: 'generalize_eqs_vars' or 'generalize_eqs' or 'rewrite' or 'simple' 'inversion' expected after 'dependent'
[Mon Mar  7 12:06:42 2016] <johnw> you'll have to import something
[Mon Mar  7 12:06:43 2016] <tbelaire> Coq 8.4pl6, and I can't upgrade because they broke the vim plugin
[Mon Mar  7 12:06:47 2016] <tbelaire> ah, okay
[Mon Mar  7 12:07:04 2016] <johnw> Require Import Coq.Logic.JMeq.
[Mon Mar  7 12:07:05 2016] <johnw>  
[Mon Mar  7 12:07:29 2016] <Cypi> (Note that this would most probably introduce an axiom)
[Mon Mar  7 12:07:36 2016] <tbelaire> I'm okay with that
[Mon Mar  7 12:08:15 2016] <tbelaire> fixed
[Mon Mar  7 12:08:21 2016] <tbelaire> but it was Require Import Program.
[Mon Mar  7 12:08:32 2016] <tbelaire> but thanks, that's some progress
[Mon Mar  7 12:09:35 2016] <tbelaire> uh, how do you deal with 'match ! in ...'
[Mon Mar  7 12:09:45 2016] <tbelaire> or match False_Ind
[Mon Mar  7 12:10:16 2016] <johnw> I don't see "match !" anywhere in your paste
[Mon Mar  7 12:11:14 2016] <Cypi> You don't have to tbelaire, your context should be inconsistent there
[Mon Mar  7 12:11:30 2016] <Cypi> (I thought "dependent destruction" would actually see that)
[Mon Mar  7 12:11:47 2016] <tbelaire> oh, that was after the dependent destruction
[Mon Mar  7 12:12:14 2016] <johnw> note that I'm not actually doing this in Coq over here, so I don't see what you see after executing the tactic
[Mon Mar  7 12:12:35 2016] <tbelaire> ah, I did have an inconsistent context
[Mon Mar  7 12:12:52 2016] <tbelaire> thanks
[Mon Mar  7 12:13:12 2016] <Cypi> The second branch of the induction looks funnier, have fun :o
[Mon Mar  7 12:15:48 2016] <tbelaire> It's done.  Destruct (A == Object), then apply IHCT.
[Mon Mar  7 12:15:53 2016] <Cypi> Ah, cool :)
[Mon Mar  7 12:16:09 2016] <tbelaire> I was very afraid that it wouldn't work
[Mon Mar  7 12:16:25 2016] <tbelaire> but that whole lemma is a base case
[Mon Mar  7 12:16:31 2016] <tbelaire> next is the inductive case
[Mon Mar  7 12:16:58 2016] <johnw> if you Print Assumptions on that proof now
[Mon Mar  7 12:17:03 2016] <johnw> you'll see that it depends on JMeq
[Mon Mar  7 12:17:24 2016] <tbelaire> yeah, I know about that.  This post was informative https://homes.cs.washington.edu/~jrw12/dep-destruct.html
[Mon Mar  7 12:17:26 2016] <johnw> read https://homes.cs.washington.edu/~jrw12/dep-destruct.html to learn how to avoid that necessity, if such freedom is important
[Mon Mar  7 12:17:30 2016] <tbelaire> haha
[Mon Mar  7 12:17:37 2016] <tbelaire> yes
[Mon Mar  7 12:17:42 2016] <tbelaire> that page exactly
[Mon Mar  7 12:17:55 2016] <tbelaire> took me a day to read though
[Mon Mar  7 12:18:01 2016] <johnw> CPDT also discusses this in depth
[Mon Mar  7 12:18:02 2016] <tbelaire> I really like how the page is interactive
[Mon Mar  7 12:18:44 2016] <tbelaire> Maybe I should steal that tech, so my gists are easier to read
[Mon Mar  7 12:19:07 2016] <johnw> if you ever make it easy to paste interactive Coq pastes, please share :)
[Mon Mar  7 12:19:18 2016] <tbelaire> maybe next weekend :)
[Mon Mar  7 12:20:00 2016] <tbelaire> doesn't sound crazy hard if he already did all the hard work
[Mon Mar  7 12:20:02 2016] <johnw> i do intend to incorporate such technology into my Hakyll system
[Mon Mar  7 12:20:09 2016] <johnw> since I hadn't started blogging about Coq yet
[Mon Mar  7 13:51:00 2016] <tbelaire> Ahrg, that's going to be harder than I thought.
[Mon Mar  7 13:51:13 2016] <tbelaire> Is there documentation on the new Toplevel stuff anywhere?
[Mon Mar  7 14:02:29 2016] <tbelaire> Also, is there any way to find out why "fold" isn't firing?
[Mon Mar  7 14:02:51 2016] <tbelaire> I'm trying to unfold then refold a definition to expose only a little bit of work
[Mon Mar  7 14:03:01 2016] <tbelaire> but it's stuck as a 3000 line goal statement
[Mon Mar  7 14:03:43 2016] <tbelaire> Do I just have to write "abstract <tatic>" in the intial proof more?
[Mon Mar  7 14:08:04 2016] <johnw> if it unfolded to an anonymous "fix", you can't re-fold
[Mon Mar  7 14:08:10 2016] <johnw> at least, I haven't figured out how to do that yet
[Mon Mar  7 14:16:25 2016] <tbelaire> It does not, it's unfolding to a list_rec
[Mon Mar  7 14:16:40 2016] <tbelaire> but one with a very large inductive case
[Mon Mar  7 14:17:02 2016] <tbelaire> hmm, mabye I can name that inductive case when writing the definition
[Mon Mar  7 14:17:07 2016] <tbelaire> as a lemma first
[Mon Mar  7 14:17:09 2016] <tbelaire> ...
[Mon Mar  7 14:23:14 2016] <jgross> johnw@14:52, 3/4: pong (I was away square dancing all weekend) 
[Mon Mar  7 15:16:35 2016] <tbelaire> How do you debug Hint Extern rules not firing?
[Mon Mar  7 15:20:42 2016] <tbelaire> oh hey, it seems to work for eauto....
[Mon Mar  7 15:21:46 2016] <johnw> jgross: have fun?
[Mon Mar  7 15:24:13 2016] <tbelaire> If I have 'Hint Extern 1 <pattern> => <tactic>', auto fails to work, but if I leave off <pattern>, it does
[Mon Mar  7 15:24:26 2016] <tbelaire> so I think that means my pattern is wrong, right?
[Mon Mar  7 15:24:34 2016] <tbelaire> but it's just
[Mon Mar  7 15:24:36 2016] <tbelaire>  Cask 'coqide' definition is invalid: Bad header line: parse failed
[Mon Mar  7 15:24:38 2016] <tbelaire> no
[Mon Mar  7 15:24:40 2016] <tbelaire> Hint Extern 1 (extends_ _ _ _) => unfold_extends.
[Mon Mar  7 15:24:51 2016] <tbelaire> do you need ?s or something?
[Mon Mar  7 15:25:45 2016] <stelleg> do you mean to have a space between extends and the first underscore?
[Mon Mar  7 15:30:04 2016] <tbelaire> no, I have two versions of that function, it's intentional
[Mon Mar  7 15:30:08 2016] <johnw> if you have a <pattern>, the head must match
[Mon Mar  7 15:30:13 2016] <johnw> maybe it's not matching due to an existential?
[Mon Mar  7 15:30:23 2016] <tbelaire> what does that mean?
[Mon Mar  7 15:30:31 2016] <johnw> not sure without looking at your context and goal
[Mon Mar  7 15:30:35 2016] <tbelaire> Sure
[Mon Mar  7 15:31:08 2016] <tbelaire> H : extends_ nil C D
[Mon Mar  7 15:31:10 2016] <tbelaire> ======================== ( 1 / 1 )
[Mon Mar  7 15:31:12 2016] <tbelaire> False
[Mon Mar  7 15:31:34 2016] <johnw> so, False != extends _ _
[Mon Mar  7 15:31:46 2016] <johnw> or does the Hint Extern pattern match anything in the context too?
[Mon Mar  7 15:32:00 2016] <tbelaire> oh, I want it to match agaist the context in a hypothesis
[Mon Mar  7 15:32:08 2016] <johnw> you can do that with
[Mon Mar  7 15:32:22 2016] <johnw> Hint Extern => match goal with [ H : extends _ _ |- _ ] => <tactic>.
[Mon Mar  7 15:32:29 2016] <johnw> just move the match into the hint
[Mon Mar  7 15:32:39 2016] <tbelaire> okay, I do have that too
[Mon Mar  7 15:32:54 2016] <tbelaire> I didn't realize the pattern for Hint Extern was only the goal
[Mon Mar  7 15:33:03 2016] <tbelaire> that solves it, thansk
[Mon Mar  7 17:10:35 2016] <tbelaire> Is there a way to duplicate a Hypothesis?
[Mon Mar  7 17:11:10 2016] <tbelaire> Ah, don't need it anymore
[Mon Mar  7 18:11:32 2016] <johnw> pose proof H.
[Mon Mar  7 21:31:22 2016] <jgross> johnw: I did! 
[Tue Mar  8 12:46:46 2016] <rrika_mobile> lingxiao, you've surely done the subseq task from SF.
[Tue Mar  8 12:46:52 2016] <rrika_mobile> I'm stuck
[Tue Mar  8 12:47:05 2016] <lingxiao> hey yup which on are you talking about?
[Tue Mar  8 12:47:11 2016] <lingxiao> i dno aobut surely... but I'll try!
[Tue Mar  8 12:47:20 2016] <rrika_mobile> oh, wait, I don't need to ask you, you put everything on github anyway
[Tue Mar  8 12:47:27 2016] <rrika_mobile> in Prop.v
[Tue Mar  8 12:47:57 2016] <lingxiao> haha yeah here: https://github.com/lingxiao/CIS500
[Tue Mar  8 12:48:05 2016] <lingxiao> but i stopped doing the advanced problem lately though
[Tue Mar  8 12:48:23 2016] <lingxiao> I think it's called IndProp.v for me
[Tue Mar  8 12:48:25 2016] <lingxiao> in hw5
[Tue Mar  8 12:49:00 2016] <lingxiao> let me know if you have questions !
[Tue Mar  8 12:49:11 2016] <rrika_mobile> I found it. Intesting, I didn't make proofs for head1 = head2 and head1 <> head2 arguments for the constructor.
[Tue Mar  8 12:49:54 2016] <lingxiao> im sorry which problem are you talking about?
[Tue Mar  8 12:50:35 2016] <rrika_mobile> https://github.com/lingxiao/CIS500/blob/master/hw5/IndProp.v#L1613
[Tue Mar  8 12:52:16 2016] <lingxiao> oh how did you specify the inductive casese then?
[Tue Mar  8 12:54:02 2016] <rrika_mobile> https://gist.github.com/rrika/367bbbb95a3bed91101a
[Tue Mar  8 12:55:19 2016] <lingxiao> ahh that looks like it could work too!
[Tue Mar  8 12:55:44 2016] <rrika_mobile> induction on that type gives me stuff I can't proove
[Tue Mar  8 12:55:49 2016] <rrika_mobile> *prove
[Tue Mar  8 12:55:59 2016] <lingxiao> and i thnk in my x_eq _y case i couldve writen:  forall l1 l2 x, subseq l1 l2 -> subseq (x::l1) (x::l2)
[Tue Mar  8 12:56:28 2016] <lingxiao> ohh you know what i think in your ct case you do need to decompose the p in subseq p (x::q)
[Tue Mar  8 12:56:51 2016] <lingxiao> otherwise you have the second list that is destructing as you step through the proof, and the first case that's not destructing
[Tue Mar  8 12:57:15 2016] <lingxiao> so [ ct :: forall x y p q, subseq p q -> x <> y -> subseq (y::p) (x::q)
[Tue Mar  8 12:57:27 2016] <lingxiao> the [x <> y] is needed in your proof
[Tue Mar  8 12:57:33 2016] <lingxiao> as an assumption in your proof *
[Tue Mar  8 12:57:56 2016] <rrika_mobile> well, your approach makes the matching unambiguous
[Tue Mar  8 12:58:00 2016] <lingxiao> first list that is not destructing *
[Tue Mar  8 12:58:10 2016] <rrika_mobile> that is there is only one way to show that [1 2 3] in [1 2 2 3]
[Tue Mar  8 12:59:19 2016] <lingxiao> hey sorry not clear on the question are you saying that adding x <> y makes the matching unambious
[Tue Mar  8 12:59:19 2016] <lingxiao> ?
[Tue Mar  8 12:59:25 2016] <rrika_mobile> yes
[Tue Mar  8 12:59:38 2016] <rrika_mobile> you can not skip the '2'
[Tue Mar  8 12:59:44 2016] <rrika_mobile> because you can't provide a proof that 2<>2
[Tue Mar  8 13:01:22 2016] <lingxiao> yeah i think w/o specifiying x <> y it's actually possible that x = y
[Tue Mar  8 13:08:28 2016] <Nik05> morning
[Tue Mar  8 13:08:47 2016] <Nik05> lingxiao working on subseq? :)
[Tue Mar  8 13:09:13 2016] <lingxiao> hey yup i worked on it a bit ago, but i think i remmeber enough to answer questisons :)
[Tue Mar  8 13:10:43 2016] <rrika_mobile> I'll do it my way
[Tue Mar  8 13:10:44 2016] <rrika_mobile> without <>
[Tue Mar  8 13:10:47 2016] <rrika_mobile> it must work
[Tue Mar  8 13:10:54 2016] <Nik05> which proof rrika_mobile ?
[Tue Mar  8 13:11:15 2016] <rrika_mobile> forall (a b: list nat) (x: nat), subseq (x::a) b -> subseq a b.
[Tue Mar  8 13:11:29 2016] <rrika_mobile> some helper theorem I want to prove
[Tue Mar  8 13:12:13 2016] <rrika_mobile> gotta go offline. I have 5% battery and way too many tabs open that I still need.
[Tue Mar  8 13:12:17 2016] <rrika_mobile> :P
[Tue Mar  8 13:13:26 2016] <Nik05> rrika oke i got the same helper theorem
[Tue Mar  8 13:13:36 2016] <lingxiao> :)
[Tue Mar  8 13:14:28 2016] <Nik05> hm im not using it though :P
[Tue Mar  8 13:14:36 2016] <Nik05> well its not so hard to proof
[Tue Mar  8 15:29:28 2016] <rrika> ><Nik05> [19:10:36] well its not so hard to proof
[Tue Mar  8 15:29:37 2016] <rrika> ;_;
[Tue Mar  8 15:30:15 2016] <rrika> how do I use the decidable equality of nat?
[Tue Mar  8 15:34:43 2016] <rrika> kinda annoying though that I have to resort to that.
[Tue Mar  8 15:38:01 2016] <spacekitteh> sup nerds
[Tue Mar  8 15:38:42 2016] <rrika> failing at SF
[Tue Mar  8 15:39:25 2016] <spacekitteh> oh no
[Tue Mar  8 15:39:41 2016] <rrika> how do I show that (S b = b) can't be true.
[Tue Mar  8 15:41:00 2016] <spacekitteh> uniqueness theorems for inductor constructors
[Tue Mar  8 15:41:39 2016] <rrika> yeah, how does that work in coq
[Tue Mar  8 15:41:53 2016] <spacekitteh> dunno :V
[Tue Mar  8 15:42:15 2016] <spacekitteh> "constructor" is a tactic apparently
[Tue Mar  8 15:42:39 2016] <rrika> not the one I need apparently.
[Tue Mar  8 15:42:41 2016] <spacekitteh> constr_eq
[Tue Mar  8 15:54:48 2016] <stelleg> rrika: I suppose using n_Sn from the prelude would be cheating
[Tue Mar  8 15:55:13 2016] <rrika> stelleg, i'm currently trying to do it myself, but knowing where do find it in the prelude is just as important.
[Tue Mar  8 15:55:24 2016] <rrika> oh
[Tue Mar  8 15:55:31 2016] <rrika> I figured it out btw
[Tue Mar  8 15:55:38 2016] <rrika> discriminate and congruence didn't work
[Tue Mar  8 15:55:46 2016] <rrika> because 'b' obviously has no indication what case it is
[Tue Mar  8 15:55:55 2016] <rrika> but if I do induction, it works.
[Tue Mar  8 15:57:40 2016] <rrika> btw, is there a tacic for turning reducing "A → B" to "B" in the context?
[Tue Mar  8 15:58:08 2016] <rrika> s/i.*ng/ing/
[Tue Mar  8 15:58:51 2016] <johnw> "apply in" or specialize, if you have an A
[Tue Mar  8 15:59:34 2016] <rrika> specialize is exactly what I was looking for, thanks.
[Tue Mar  8 16:00:39 2016] <rrika> johnw, do you know something like inversion which clears the original item?
[Tue Mar  8 16:00:54 2016] <stelleg> destruct is similar
[Tue Mar  8 16:01:04 2016] <johnw> there's always "clear"
[Tue Mar  8 16:01:12 2016] <rrika> yeah, but my code is cluttered with manual clears
[Tue Mar  8 16:01:17 2016] <rrika> I have S a = S b
[Tue Mar  8 16:01:21 2016] <rrika> inversion gives me an additional a = b
[Tue Mar  8 16:01:25 2016] <rrika> I just want to replace the original H.
[Tue Mar  8 16:01:40 2016] <rrika> destruct just clears without giving me a = b
[Tue Mar  8 16:02:52 2016] <rrika> >inversion_clear
[Tue Mar  8 16:02:55 2016] <rrika> well that was easy
[Tue Mar  8 16:03:11 2016] <rrika> where are two big savings in proof size to me
[Tue Mar  8 16:03:12 2016] <rrika> :)
[Tue Mar  8 16:04:16 2016] <johnw> a lot of us use: Ltac inv H := inversion H; clear H; subst.
[Tue Mar  8 16:04:24 2016] <johnw> I see that often
[Tue Mar  8 16:04:42 2016] <rrika> inversion_clear doesn't do what I want after all.
[Tue Mar  8 16:04:45 2016] <rrika> ah, never got to Ltac.
[Tue Mar  8 16:04:49 2016] <rrika> I will use this
[Tue Mar  8 16:05:17 2016] <rrika> what does plain subst do?
[Tue Mar  8 16:07:34 2016] <johnw> "apply all equalities that you can"
[Tue Mar  8 16:17:38 2016] <rrika> in which direction?
[Tue Mar  8 16:17:47 2016] <rrika> Also, order matters.
[Tue Mar  8 16:17:56 2016] <rrika> (I think)
[Tue Mar  8 16:40:00 2016] <rrika> just why did I name my variables p b and q.
[Tue Mar  8 16:40:05 2016] <rrika> too confusable
[Tue Mar  8 16:48:21 2016] <notdan> .ц 30
[Tue Mar  8 16:48:25 2016] <notdan> oops, sorry
[Tue Mar  8 18:44:21 2016] <Nik05> hi rrika
[Tue Mar  8 18:44:25 2016] <Nik05> proofed it?
[Tue Mar  8 19:02:03 2016] <Nik05> have a good night
[Tue Mar  8 20:37:17 2016] <rrika> Nik05, still on it
[Tue Mar  8 20:37:26 2016] <rrika> discovery of today:
[Tue Mar  8 20:37:35 2016] <rrika> refine (fix go … := _).
[Tue Mar  8 20:38:03 2016] <rrika> Disadvantage: I have to read Qed. before the system will tell me that my arguments aren't decreasing.
[Tue Mar  8 20:38:07 2016] <rrika> But it makes things so much easier
[Tue Mar  8 20:38:38 2016] <jgross> rrika: You might be interested in the [Guarded] vernacular.  Also the [fix] tactic. 
[Tue Mar  8 20:40:52 2016] <rrika> interesting
[Tue Mar  8 20:41:37 2016] <rrika> very nice
[Tue Mar  8 20:41:44 2016] <rrika> is it possible to have a function type like
[Tue Mar  8 20:41:58 2016] <rrika> A → (A → (A → …)) → B
[Tue Mar  8 20:42:12 2016] <rrika> that I call like f f g
[Tue Mar  8 20:42:16 2016] <rrika> probably not
[Tue Mar  8 20:42:44 2016] <rrika> was trying to create the type in tactic mode using
[Tue Mar  8 20:42:48 2016] <rrika> assert Type.
[Tue Mar  8 20:42:52 2016] <rrika> refine (A → _ → B).
[Tue Mar  8 20:42:54 2016] <rrika> apply X.
[Tue Mar  8 20:43:05 2016] <rrika> but it won't let me put a placeholder there.
[Tue Mar  8 20:53:10 2016] <jrw> rrika: what do your ellipses mean?
[Tue Mar  8 20:56:02 2016] <rrika> it's self referential
[Tue Mar  8 20:56:17 2016] <rrika> oh, it's lacking
[Tue Mar  8 20:56:29 2016] <rrika> A → (A → (A → … → B) →B) → B
[Tue Mar  8 20:57:45 2016] <jrw> rrika: I see. no I don't think that's possible. that looks like a full-on recursive type, which in general introduces non-termination.
[Tue Mar  8 20:58:01 2016] <rrika> makes sense
[Tue Mar  8 20:58:13 2016] <jrw> you can define a finite version of that by introducing a "depth" argument
[Tue Mar  8 20:58:24 2016] <jrw> and then abstracting over it if you want to work on arbitrary depth
[Tue Mar  8 21:00:40 2016] <rrika> I was just trying weird approaches. My recursion depth would've been one.
[Tue Mar  8 21:01:14 2016] <rrika> the tactic fix gives me a "Not enough abstractions in the definition."
[Tue Mar  8 21:01:41 2016] <rrika> I don't know, but it's already very abstract for me.
[Tue Mar  8 22:05:17 2016] <benzrf> lol
[Wed Mar  9 02:09:21 2016] <johnw> evening
[Wed Mar  9 06:29:53 2016] <Nik05> rrika just use induction?
[Wed Mar  9 08:05:52 2016] <Slice^> do I need to know math to be able to use coq?
[Wed Mar  9 08:06:53 2016] <vanila> yes
[Wed Mar  9 08:07:04 2016] <Slice^> how much math?
[Wed Mar  9 08:07:21 2016] <vanila> proof by induction
[Wed Mar  9 08:07:34 2016] <Slice^> isn't that really simple?
[Wed Mar  9 08:07:55 2016] <vanila> yeah
[Wed Mar  9 08:46:33 2016] <Slice^> is there a proof for Ukkonen's algorithm in Coq?
[Wed Mar  9 15:31:18 2016] <Nik05> Slice^ where do you want to use Coq for?
[Wed Mar  9 15:31:42 2016] <Slice^> systems and application programming
[Wed Mar  9 15:32:00 2016] <Slice^> say, driver, web server or browser
[Wed Mar  9 15:32:02 2016] <johnw> Slice^: very nice
[Wed Mar  9 15:32:08 2016] <johnw> Slice^: that's more of what I'm using it for
[Wed Mar  9 15:32:16 2016] <Nik05> Slice^ and you can program?
[Wed Mar  9 15:32:30 2016] <Slice^> well, I've written a few
[Wed Mar  9 15:32:37 2016] <Slice^> nothing big
[Wed Mar  9 15:33:40 2016] <Slice^> mostly uni coursework
[Wed Mar  9 15:34:04 2016] <Nik05> Don't you get math courses at uni?
[Wed Mar  9 15:34:23 2016] <Slice^> we had like 2 theory courses
[Wed Mar  9 15:34:33 2016] <Slice^> just basic propositional and predicate logic
[Wed Mar  9 15:34:46 2016] <Slice^> intro computability and complexity theory
[Wed Mar  9 15:47:16 2016] <Nik05> hello johnw :)
[Wed Mar  9 15:48:51 2016] <johnw> hi
[Wed Mar  9 22:30:07 2016] <lambda-11235> How do I prove something by contrdiction? More specifically, how would I change the goal from A to ~A -> False (if possible)?
[Wed Mar  9 22:32:44 2016] <Cale> lambda-11235: Do you have the law of excluded middle or some other classical axiom?
[Wed Mar  9 22:33:35 2016] <Cale> lambda-11235: Doing that is not intuitionistically valid. If A is already negated though, you just unfold not.
[Wed Mar  9 22:34:38 2016] <Cale> ~A is defined as A -> False
[Wed Mar  9 22:35:34 2016] <lambda-11235> Cale: No to the law question, and I'm trying to prove (~A -> B) -> (B -> A) -> A, so I can't unfold.
[Wed Mar  9 22:37:21 2016] <Cale> You can unfold not in the hypothesis, but it just means you have a function (A -> False) -> B
[Wed Mar  9 22:38:16 2016] <lambda-11235> Cale: Don't see how that would help.
[Wed Mar  9 22:38:23 2016] <Cale> right, it doesn't
[Wed Mar  9 22:39:42 2016] <Cale> That statement doesn't seem provable.
[Wed Mar  9 22:40:48 2016] <lambda-11235> Cale: I may have to include A = ~~A as an axiom then.
[Wed Mar  9 22:40:54 2016] <Cale> yeah
[Wed Mar  9 22:41:03 2016] <lambda-11235> Is it already in the standard library?
[Wed Mar  9 22:42:54 2016] <Cale> http://lpaste.net/154396
[Wed Mar  9 22:44:04 2016] <Cale> Coq.Logic.Classical seems to export relevant stuff
[Wed Mar  9 22:44:18 2016] <Cale> Specifically in Coq.Logic.Classical_Prop
[Wed Mar  9 22:44:25 2016] <Cale> Axiom classic : forall P:Prop, P \/ ~ P.
[Wed Mar  9 22:44:25 2016] <Cale> Lemma NNPP : forall p:Prop, ~ ~ p -> p.
[Wed Mar  9 22:46:15 2016] <Cale> * sheds a tear for Lemma proof_irrelevance : forall (P:Prop) (p1 p2:P), p1 = p2.
[Wed Mar  9 22:46:32 2016] <Cale> So much destruction of beautiful structure
[Wed Mar  9 22:53:42 2016] <lambda-11235> Cale: Thanks, I think the classic axiom is what I was looking for.
[Wed Mar  9 22:57:08 2016] <lambda-11235> Why is proof_irrelevance bad?
[Wed Mar  9 22:59:58 2016] <Cale> lambda-11235: It completely obliterates the interpretation of identity types as path spaces, i.e. homotopy type theory's interpretation of what's going on in the type system
[Wed Mar  9 23:01:52 2016] <Cale> lambda-11235: You can think of types A as being spaces (up to homotopy), and their term inhabitants x y : A as being points in those spaces, and then proofs of equality p: x = y as being paths from x to y
[Wed Mar  9 23:01:56 2016] <Cale> in the space
[Wed Mar  9 23:02:20 2016] <Cale> and proof_irrelevance identifies all those paths
[Wed Mar  9 23:02:48 2016] <Cale> So you can't have something like a circle any more, it collapses
[Wed Mar  9 23:05:04 2016] <Cale> (the loop which goes around the circle once from a point to itself is identified with the path which stays at that point and doesn't go anywhere)
[Wed Mar  9 23:14:39 2016] <sunnymilk> what do you get out of seeing types as spaces?
[Wed Mar  9 23:35:03 2016] <lambda-11235> sunnymilk: Confused. :)
[Wed Mar  9 23:36:49 2016] <lambda-11235> Disclaimer: I don't actually know anything about HoTT, or much of type theory for that matter.
[Wed Mar  9 23:56:38 2016] <sunnymilk> lol
[Thu Mar 10 00:34:13 2016] <lambda-11235> So all propositions in Coq are singly inhabited? That is (A : Prop) only contains a single value?
[Thu Mar 10 00:34:27 2016] <lambda-11235> Cale: Is that the problem?
[Thu Mar 10 03:35:42 2016] <Cale> sunnymilk: You get a whole other way of using type theory -- you can use it to study homotopy theory directly. Apart from that, homotopy theory can inform our understanding of type theory, by making it clearer what things are possible or not through that model, and suggesting interesting directions in which to take the language (for example, higher inductive types are like inductive types, but they allow additional new sor
[Thu Mar 10 03:35:42 2016] <Cale> ts of constructors for equalities (paths) between constructed terms, and then paths between paths and so on). It becomes very natural to handle groups and groupoids.
[Thu Mar 10 06:22:34 2016] <Nik05> Cale wait what is proof_irrelevance?
[Thu Mar 10 06:23:26 2016] <Nik05> oh i should scroll further :)
[Thu Mar 10 06:28:10 2016] <Nik05> oh i read it wrong
[Thu Mar 10 06:28:24 2016] <Nik05> so p1 and p2 are proofs of P, and they are the same? :S
[Thu Mar 10 06:29:05 2016] <Nik05> oh no not proof
[Thu Mar 10 06:29:08 2016] <Nik05> s
[Thu Mar 10 06:46:33 2016] <Cypi> Yes, proofs
[Thu Mar 10 06:46:57 2016] <Cypi> It basically amounts to saying that a proof of P has no other content than the fact that it is a proof of P
[Thu Mar 10 07:24:16 2016] <dredozubov> Nik05: 1) it doesn't matter how you proved some proposition 2) considering the relevant/irrelevant proofs, it may mean that it have/haven't to be represented in runtime
[Thu Mar 10 17:07:08 2016] <rrika> why is a → {b | P b}, Set and not Prop?
[Thu Mar 10 17:10:16 2016] <Cypi> It depends on a and b. If they are both in Prop, then it will be Prop
[Thu Mar 10 17:10:34 2016] <Cypi> (actually, if b is in Prop, then it's in Prop)
[Thu Mar 10 17:11:05 2016] <rrika> b is bool
[Thu Mar 10 17:12:07 2016] <Cypi> Then it's natural that a function that returns something in Set is at least in Set
[Thu Mar 10 17:12:09 2016] <johnw> a -> exists b, P b is all in Prop
[Thu Mar 10 17:12:27 2016] <johnw> but your original function type returns a "b" in Set
[Thu Mar 10 17:12:45 2016] <rrika> hm, I could make pbool, which is in Prop.
[Fri Mar 11 05:15:55 2016] <jstolarek> how do I tell Coq to perform beta reduction on the goal?
[Fri Mar 11 05:16:25 2016] <Cypi> If you literally only want beta, "cbv beta"
[Fri Mar 11 05:16:34 2016] <Cypi> If you actually want to normalize your term, "compute"
[Fri Mar 11 05:17:16 2016] <Cypi> "simpl" is a milder middle-ground
[Fri Mar 11 05:17:30 2016] <jstolarek> right
[Fri Mar 11 05:17:33 2016] <jstolarek> well
[Fri Mar 11 05:17:38 2016] <jstolarek> I have such goal:
[Fri Mar 11 05:17:49 2016] <jstolarek> S m = S (m + 0)
[Fri Mar 11 05:17:57 2016] <jstolarek> and inductove hypothesis:
[Fri Mar 11 05:18:03 2016] <jstolarek> 0 + m = m + 0
[Fri Mar 11 05:18:22 2016] <jstolarek> I'd like to simplify IH and then tell Coq to ise it under S constructor
[Fri Mar 11 05:18:55 2016] <Cypi> "simpl in H" will simplify the left-hand side of IH
[Fri Mar 11 05:19:30 2016] <Cypi> and you can use the tactic "f_equal" to express what you said next
[Fri Mar 11 05:19:43 2016] <Cypi> (or just rewrite with the hypothesis H)
[Fri Mar 11 05:19:52 2016] <Cypi> Sorry, "simpl in IH"*
[Fri Mar 11 05:21:10 2016] <jstolarek> ah, f_equal. Thanks
[Fri Mar 11 05:21:12 2016] <jstolarek> that works
[Fri Mar 11 05:30:50 2016] <jstolarek> If I have a goal a = b and I have a lemma that proves b = a, how do I tekl Coq to use that lemma?
[Fri Mar 11 05:31:18 2016] <Cypi> You can rewrite with your hypothesis, or you can use "symmetry" to swap the terms in your goal
[Fri Mar 11 05:34:58 2016] <jstolarek> oh, I wasn't aware that rewrite is aware of symmetry.
[Fri Mar 11 05:35:27 2016] <Cypi> It's not really aware of symmetry, it's just that it will find a 'b' in the goal, and replace it with 'a'
[Fri Mar 11 05:35:37 2016] <Cypi> So the goal would become "a = a", which is trivial
[Fri Mar 11 05:37:45 2016] <jstolarek> what if I want it the other way around
[Fri Mar 11 05:37:56 2016] <jstolarek> what if I want my goal to be rewritten to b = b ?
[Fri Mar 11 05:38:02 2016] <Cypi> "rewrite <- lemma"
[Fri Mar 11 05:38:39 2016] <jstolarek> ah, that's what <- means
[Fri Mar 11 05:39:16 2016] <jstolarek> that works, thanks
[Fri Mar 11 06:33:52 2016] <jstolarek> rewrite errors if it generates subgoal identical to original goal. Is there a way to ignore that?
[Fri Mar 11 06:35:50 2016] <Cypi> You can always "try rewrite ..." so that it just doesn't do anything if it fails
[Fri Mar 11 06:37:01 2016] <jstolarek> yeah, that works :-)
[Fri Mar 11 06:37:05 2016] <jstolarek> thanks
[Fri Mar 11 09:14:01 2016] <jstolarek> is there a proof of commutativity of multiplication somewhere in the standard library?
[Fri Mar 11 09:21:03 2016] <Cypi> jstolarek : yes, it's called 'mult_comm' and is available in Arith
[Fri Mar 11 09:22:23 2016] <jstolarek> Cypi: where exactly in Arith?
[Fri Mar 11 09:22:43 2016] <jstolarek> I tried looking in Arith.PeanoNat but couldn't locate it :-/
[Fri Mar 11 09:22:50 2016] <jstolarek> and I can;t find it in the lemma index
[Fri Mar 11 09:24:59 2016] <Cypi> Nevermind, mult_comm is actually an alias for Nat.mul_comm
[Fri Mar 11 09:25:06 2016] <Cypi> (notice the lack of 't' for some reason)
[Fri Mar 11 09:25:26 2016] <jstolarek> still, mul_comm is also not listed in Lemma list'
[Fri Mar 11 09:25:37 2016] <jstolarek> unless I don't know how to use Coq's online reference
[Fri Mar 11 09:27:00 2016] <Anarchos> jstolarek:  did you try the Locate command ?
[Fri Mar 11 09:28:29 2016] <jstolarek> Anachros: I did
[Fri Mar 11 09:28:52 2016] <jstolarek> again, I get pointed to Arith.NPeano.Nat
[Fri Mar 11 09:29:04 2016] <Cypi> So The actual definition seems to be buried in a ton of modules :/
[Fri Mar 11 09:29:08 2016] <Cypi> Looking for it...
[Fri Mar 11 09:35:59 2016] <Cypi> https://coq.inria.fr/library/Coq.Numbers.NatInt.NZMul.html#
[Fri Mar 11 09:36:01 2016] <Cypi> there...
[Fri Mar 11 09:36:07 2016] <Cypi> not very useful to know the precise location though
[Fri Mar 11 09:36:18 2016] <Cypi> But I must say it makes for a confusing online reference :/
[Fri Mar 11 09:39:17 2016] <jstolarek> is there a way to actually look at the source?
[Fri Mar 11 09:39:29 2016] <jstolarek> I'm trying to figure out how to prove commutativity of multiplication
[Fri Mar 11 09:40:47 2016] <Cypi> You can download the sources, yes, or just look at them on Github for instance: https://github.com/coq/coq/blob/trunk/theories/Numbers/NatInt/NZMul.v#L30
[Fri Mar 11 09:41:12 2016] <Cypi> but honestly, I don't think this would help you, since they try to express everything in a sort of modular way
[Fri Mar 11 09:41:17 2016] <Cypi> it can make for strange proofs
[Fri Mar 11 09:41:38 2016] <jstolarek> right
[Fri Mar 11 09:41:55 2016] <Cypi> (in this case it's actually ok)
[Fri Mar 11 13:46:10 2016] <dfranke> I'm having trouble getting ltac sequencing to do what I want. I've defined:
[Fri Mar 11 13:46:13 2016] <dfranke> Tactic Notation "strengthen" constr(H) "by" tactic(T) := (cut H; [ solve [T] | ]).
[Fri Mar 11 13:47:45 2016] <dfranke> then I can prove something by 'strengthen H by firstorder. <other tactic>.'. But if I change the period to a semicolon, I get an error.
[Fri Mar 11 13:49:12 2016] <dfranke> I want my 'strengthen' notation to solve the first subgoal produced by cut, and then hand off the second subgoal to the next thing in the sequence.
[Fri Mar 11 13:49:44 2016] <dfranke> but that doesn't seem to be what's happening. I think ';' is trying to something further on the first subgoal even though it's already been solved.
[Fri Mar 11 13:52:13 2016] <Cypi> If you write '(strengthen H by firstorder); <other tactic>', does that work?
[Fri Mar 11 13:52:23 2016] <Cypi> Just to understand the problem (which is probably in the parsing of the tactic T)
[Fri Mar 11 13:52:38 2016] <dfranke> ah, yup!
[Fri Mar 11 13:52:48 2016] <dfranke> so I guess I just have a precedence problem.
[Fri Mar 11 13:55:56 2016] <Cypi> Looks like writing "tacticn(T)" for n <= 3 works, but I don't really know much about tactic levels
[Fri Mar 11 13:56:04 2016] <Cypi> (so 'tactic3(T)' for instance)
[Fri Mar 11 13:59:58 2016] <johnw> i didn't know about tactic levels either
[Fri Mar 11 14:00:07 2016] <johnw> in some ways Coq is small, but in other ways it's not at all
[Fri Mar 11 16:05:36 2016] <isheff> Coq novice here - CoqIDE seems to have difficulty with "Require Export" statements. I've been working through Pierce's "software foundations" in CoqIDE, and for example, I can make each chapter with "make" or manually with "coqc", but when I go to work in CoqIDE, and ask it to run "Poly.v", it claims "Error:  File …Lists.vo
[Fri Mar 11 16:05:36 2016] <isheff> has bad magic number. It is corrupted or was compiled with another version of
[Fri Mar 11 16:05:36 2016] <isheff> Coq."
[Fri Mar 11 16:06:54 2016] <isheff> Alternatively, I can compile each buffer itself in CoqIDE, but in, say Induction.v, I can interactively work through the whole file with no problem, but when I go to compile buffer, it declares "Compilation output:
[Fri Mar 11 16:06:54 2016] <isheff> File "…/Induction.v", line 378, characters 2-14:
[Fri Mar 11 16:06:54 2016] <isheff> Error: The reference Basics.evenb was not found in the current environment." (again, not a problem in interactive mode)
[Fri Mar 11 16:06:59 2016] <isheff> Any advice?
[Fri Mar 11 16:07:43 2016] <jrw> isheff: if you downloaded the tarball, it might contain pre-built .vo files that are confusing things?
[Fri Mar 11 16:07:49 2016] <jrw> you could try `make clean`
[Fri Mar 11 16:08:14 2016] <isheff> jrw: I made the ".vo" files myself with coqc
[Fri Mar 11 16:08:29 2016] <isheff> jrw: and also tried the given makefile - same results
[Fri Mar 11 16:09:37 2016] <jrw> isheff: so the bad magic number error fundamentally means somebody is passing you .vos from a different version of coq
[Fri Mar 11 16:09:51 2016] <jrw> do you have multiple versions of coq on your machine?
[Fri Mar 11 16:10:05 2016] <isheff> jrw: erm . . . not that I know of . . .
[Fri Mar 11 16:11:15 2016] <jrw> isheff: did you install coqide separately from coq itself?
[Fri Mar 11 16:15:16 2016] <isheff> jrw: well, this machine is running osx, so I went to https://coq.inria.fr/download , and downloaded the given osx file, which is a .dmg containing just coqide.app. Now that you mention it, this begs the question of where my command-line installation came from. "coqc —version" turns up that it's 8.4, whereas coqide is 8.5, and thus a different version (as you said). Now, I'm still working on where that 8.4 installation came from...
[Fri Mar 11 16:15:48 2016] <jrw> ah, well that explains the symptoms at least :)
[Fri Mar 11 16:15:55 2016] <jrw> possibly you tried to install coq a long time ago
[Fri Mar 11 16:17:41 2016] <isheff> jrw: Thanks! It's true that I had, which begs the question of how I did that back then. If the "given" osx installer is actually just coqide, where did I get those binaries? Perhaps I compiled them . . .
[Fri Mar 11 16:19:23 2016] <jrw> isheff: the dmg includes both coqide and the command line tools. it sounds like your PATH is set to point to the 8.4 command line tools.
[Fri Mar 11 16:19:34 2016] <jrw> you may have an 8.4 version of coqide hidden somewhere
[Fri Mar 11 16:20:19 2016] <isheff> apparently
[Fri Mar 11 16:20:35 2016] <isheff> thanks for your help, I'll take a look at what's haunting my PATH
[Fri Mar 11 17:35:59 2016] <Nik05> good evening jrw
[Fri Mar 11 17:36:21 2016] <jrw> Nik05: hello
[Sat Mar 12 20:12:22 2016] <athan> Can anyone suggest a good strategy for defining a greatest common divisor algorithm over nats? :)
[Sat Mar 12 20:12:42 2016] <johnw> how would you do it on paper?
[Sat Mar 12 20:13:36 2016] <athan> I'm not sure anymore haha
[Sat Mar 12 20:13:38 2016] <athan> sorry
[Sat Mar 12 20:13:46 2016] <johnw> forall x y, exists p q n, (x = p/n) /\ (y = q/n)
[Sat Mar 12 20:14:03 2016] <johnw> if you can demonstrate that, then 'n' is your GCD
[Sat Mar 12 20:14:18 2016] <athan> An intersection of prime factors?
[Sat Mar 12 20:14:25 2016] <johnw> I don't know about that
[Sat Mar 12 20:14:40 2016] <johnw> my method is probably very dumb, I just read the English description on Wikipedia
[Sat Mar 12 20:14:49 2016] <athan> sure, i feel like that would probably be the best implementation
[Sat Mar 12 20:15:02 2016] <athan> a multiset of prime factors, then take the intersection of the two sets
[Sat Mar 12 20:15:08 2016] <athan> (for the binary gcd operation)
[Sat Mar 12 20:15:26 2016] <athan> then just to a mass-product on that, then bam, gcd
[Sat Mar 12 20:17:54 2016] <Cypi> What's the matter with Euclidean algorithm?
[Sat Mar 12 20:20:05 2016] <athan> Cypi: Ahh woah I forgot about that property... thank you :)
[Sat Mar 12 20:20:48 2016] <Cypi> (there is also Nat.gcd which is defined in the stdlib, but I don't know if you wanted to redefine it yourself)
[Sat Mar 12 20:23:54 2016] <athan> agh crud, sorry I'm still finding my way around. In this link, https://coq.inria.fr/library/ Numbers > Natural doesn't really show Nat
[Sat Mar 12 20:24:07 2016] <athan> I'm a klutz sorry
[Sat Mar 12 20:24:37 2016] <Cypi> Nah, it's actually complicated :/ . This defines some operations on a type that would verify some properties of the natural numbers
[Sat Mar 12 20:24:54 2016] <Cypi> it is then instantiated to create the Nat module
[Sat Mar 12 20:25:05 2016] <Cypi> (as well as a lot of other modules which are simlarly abstracted)
[Sat Mar 12 20:25:21 2016] <Cypi> It makes for a confusing documentation sadly
[Sat Mar 12 20:26:43 2016] <athan> hmm, that's very different to what I'm used to haha. So module-level metaprogramming?
[Sat Mar 12 20:26:52 2016] <Cypi> I guess so
[Sat Mar 12 20:27:07 2016] <athan> I come from a Haskell background, so seeing these `Module Type Foo` declarations are a bit intimidating
[Sat Mar 12 20:27:21 2016] <athan> I really need to dig into software foundations more
[Sat Mar 12 20:27:50 2016] <Cypi> Software Foundations won't talk about this
[Sat Mar 12 20:28:25 2016] <Cypi> I would say this is not really essential to Coq
[Sat Mar 12 20:29:01 2016] <athan> hmm, I think I understand why it makes sense
[Sat Mar 12 20:29:11 2016] <athan> for different fast implementations I mean
[Sat Mar 12 20:29:57 2016] <athan> I hate to ask arbitrary questions, but does coq have `let` statements? Or `where` statements? So we can build more local definitions. Right now my only idea is `match complicatedExpression with | x => ` haha
[Sat Mar 12 20:30:32 2016] <Cypi> There is a "let x := t in u" construct, yes
[Sat Mar 12 20:30:47 2016] <Cypi> 'where', I don't know, I don't come from Haskell :/
[Sat Mar 12 20:31:49 2016] <johnw> there are no where statements
[Sat Mar 12 20:32:34 2016] <johnw> athan: you can go a *long* way without ever dealing with module functors (Module Type, and where the word "functor" means something different from its Haskell/CT meaning)
[Sat Mar 12 20:41:21 2016] <athan> johnw: Sorry, my internet is a bit flakey. That's interesting though - I think I've heard functor used that way with ML, at least I think :s
[Sat Mar 12 20:41:24 2016] <athan> or OCaml maybe
[Sat Mar 12 20:41:48 2016] <Cypi> Indeed
[Sat Mar 12 20:41:48 2016] <athan> Cypi: Thank you :)
[Sat Mar 12 20:42:12 2016] <athan> How can I find this `Nat` module's documentation?
[Sat Mar 12 20:42:16 2016] <athan> the instantiated one, I mean
[Sat Mar 12 20:43:54 2016] <Cypi> The operations over nat are defined in https://coq.inria.fr/library/Coq.Init.Nat.html# and the module itself is instantiated in https://coq.inria.fr/library/Coq.Arith.PeanoNat.html
[Sat Mar 12 20:45:26 2016] <Cypi> The problem is that all the lemmas that derive from these are hidden in a cascade of modules
[Sat Mar 12 20:47:03 2016] <athan> o.O man...
[Sat Mar 12 20:47:18 2016] <Cypi> Yeah, confusing, as I said :/
[Sat Mar 12 20:47:33 2016] <athan> hmm... How do I import Nat's utilities? `Require Import Nat.` seems to show that Nat isn't known of in the import path
[Sat Mar 12 20:48:43 2016] <Cypi> Nat is already available by default. If you want to bring everything in Nat in the global namespace, you can use `Import Nat.`
[Sat Mar 12 20:49:44 2016] <athan> ahhh crap, okay sorry. I'll read software foundations ._.
[Sat Mar 12 20:50:10 2016] <Cypi> Hmm, apparently you still need to `Require Import Arith.` to have access to all the lemmas, otherwise you only have the axioms, basically
[Sat Mar 12 20:50:59 2016] <athan> hmm, is a lemma similar to a definition?
[Sat Mar 12 20:51:27 2016] <athan> hrm, `Import Nat.` => `Nat is not a module` :(
[Sat Mar 12 20:51:41 2016] <Cypi> Are you using the 8.5 version?
[Sat Mar 12 20:52:03 2016] <Cypi> And yes, lemmas and definitions are basically the same. It is just that usually, a lemma is an opaque proof of a statement, whereas a definition is a transparent definition of some object. But they are in essence the same.
[Sat Mar 12 20:53:09 2016] <athan> Cypi: hmm, okay
[Sat Mar 12 20:53:44 2016] <athan> Ahh, I'm using 8.4, blasted ubuntu
[Sat Mar 12 20:53:58 2016] <Cypi> Ah well, then maybe everything I told you about Nat is wrong for 8.4, I don't know :D
[Sat Mar 12 20:55:04 2016] <athan> D:
[Sat Mar 12 20:55:22 2016] <athan> I'm going to build from source now, hopefully that will help
[Sat Mar 12 22:20:30 2016] <burzos> https://coq.inria.fr/cocorico/Configuration%20of%20CoqIDE I'm trying to follow the instructions here for changing the coq keybindings.  Putting the keybindings file in the correct directory doesn't seem to effect CoqIDE. When CoqIDE closes it then overwrites the file.  I'm running coq compiled from the V8.5 tag.
[Sat Mar 12 22:25:46 2016] <burzos> Change the binding from within coq worked fine.
[Sun Mar 13 03:23:01 2016] <spacekitteh> how can i turn a plugin into something which is built into the toplevel?
[Sun Mar 13 09:37:50 2016] <mettekou> Are there any papers or is there any documentation on how Coq implements Notation?
[Sun Mar 13 09:41:05 2016] <rrika> there's the reference manual: https://coq.inria.fr/refman/Reference-Manual014.html
[Sun Mar 13 09:42:02 2016] <mettekou> rrika: Uhu, that's what I was checking out. But I was wondering if there was anything else around.
[Sun Mar 13 09:44:23 2016] <rrika> I don't know much about coq or its source code. The manual says: "Coq extensible parsing is performed by Camlp5 which is essentially a LL1 parser."
[Sun Mar 13 12:39:12 2016] <Smerdyakov> Does anyone have pointers to serious bugs in Coq extraction from the past?
[Sun Mar 13 13:46:30 2016] <jgross> Smerdyakov: Are you looking for something more interesting than http://tinyurl.com/jv4ae7o , the list of the 84 bugs on the bug tracker matching "extraction"? 
[Sun Mar 13 13:47:03 2016] <Smerdyakov> jgross, not sure.  Clement was thinking about sprucing up a paper with a list of scary bugs.
[Sun Mar 13 13:47:34 2016] <benzrf> jgross: hey can i ask you some questions about denotational semantics?
[Sun Mar 13 13:53:16 2016] <jgross> Smerdyakov: I bet Maxime Denes and Pierre-Marie Pedrot (probably also Hugo) would have a good sense of what all the serious bugs have been. 
[Sun Mar 13 13:53:39 2016] <jgross> benzrf: Sure, but I'm about to run off to teach two hours of classes for Spark, so you won't get any answers from me for a few hours ^.^ 
[Sun Mar 13 13:53:46 2016] <benzrf> D:
[Sun Mar 13 13:53:55 2016] <benzrf> do you know if there's anybody else here i can talk to, then?
[Mon Mar 14 09:24:28 2016] <johnw> benzrf: what was your question?
[Mon Mar 14 09:26:11 2016] <benzrf> johnw: does denotational semantics for the untyped lambda calculus generally just look like "the denotation of a halting term is the normal form; the denotation of a non halting term is bottom"
[Mon Mar 14 09:27:01 2016] <johnw> although that sounds right, I guess you do need to ask Jason :)
[Mon Mar 14 09:27:39 2016] <benzrf> he kicked me out of his HoTT class at splash because it was actually introductory to type theory as a whole ;-;
[Mon Mar 14 09:27:58 2016] <johnw> huh, he "kicked you out"?
[Mon Mar 14 09:28:05 2016] <benzrf> not entirely literally
[Mon Mar 14 09:28:14 2016] <benzrf> but he told me that there was nothing for me here
[Mon Mar 14 12:21:12 2016] <notdan> benzrf: re: your question about denotation semantics, it can completely depend on a model. There is a trivial model, where everything is just bottom. Then there is the Scott model which is kinda weird, in which terms are interpreted as certain functions from natural numbers. Then there is a model on P(N) -- powerset of natural numbers with a special topology
[Mon Mar 14 15:21:39 2016] <kish> * going to bed
[Mon Mar 14 16:05:35 2016] <homevillageness> Am having problems loading a library, does someone want to help me with that?
[Mon Mar 14 16:24:09 2016] <homevillageness> Is there a way to install user contributions via coq/ocaml?
[Mon Mar 14 16:25:39 2016] <benzrf> notdan: interesting
[Mon Mar 14 16:26:39 2016] <benzrf> is there some kind of api for coq
[Mon Mar 14 16:26:51 2016] <benzrf> can i import it as a package in another program & call into it
[Mon Mar 14 16:27:00 2016] <benzrf> if i wanted to, say, make another interface for it
[Mon Mar 14 17:27:03 2016] <nkaretnikov> hi, i need a motivational short example for an intro talk on formal methods.  my idea is to solve the same problem in python, haskell, and coq.  of course, i want haskell to beat python and coq to beat haskell.  any ideas?
[Mon Mar 14 17:27:16 2016] <homevillageness> How to fix the error: Eroor: The file *file* contains library path.lib and not library lib
[Mon Mar 14 17:28:42 2016] <nkaretnikov> i've been thinking of implementing an ordinary zip in python, then  a number-parameterized version in haskell, but i don't know how to improve a haskell version in coq
[Mon Mar 14 17:30:02 2016] <johnw> nkaretnikov: hi
[Mon Mar 14 17:30:14 2016] <johnw> nkaretnikov: that should be a pretty easy example to construct
[Mon Mar 14 17:30:57 2016] <nkaretnikov> johnw: hi, i know it's easy.  i don't know how i can improve a haskell version in coq
[Mon Mar 14 17:31:06 2016] <johnw> nkaretnikov: for example, a function that wants its input list in sorted order.  With Python, and even Haskell, the only way to guarantee that that's always true is to perform a sort before calling.
[Mon Mar 14 17:31:07 2016] <nkaretnikov> what can coq bring to the table in this case?
[Mon Mar 14 17:31:21 2016] <johnw> but in Coq, if you can verify that the list is always sorted, you avoid the sort
[Mon Mar 14 17:31:31 2016] <nkaretnikov> but i want the same example in three langs :)
[Mon Mar 14 17:31:42 2016] <nkaretnikov> the audience is not very familiar with programming
[Mon Mar 14 17:31:45 2016] <johnw> sure, write a function that uses a sorted list
[Mon Mar 14 17:31:55 2016] <johnw> in Python, you're not even sure that it *is* a list
[Mon Mar 14 17:32:08 2016] <johnw> in Haskell you know it's a list, but you can't guarantee that it's sorted, without always sorting it
[Mon Mar 14 17:32:10 2016] <nkaretnikov> hm!
[Mon Mar 14 17:32:23 2016] <johnw> in Coq, the typechecker ensures that all code paths leading to your function pass in a sorted list
[Mon Mar 14 17:32:24 2016] <nkaretnikov> i think it's a great example
[Mon Mar 14 17:32:32 2016] <nkaretnikov> thank you :)
[Mon Mar 14 17:32:36 2016] <johnw> sure thing!
[Mon Mar 14 18:26:01 2016] <rrika> I'm trying to prove the pidgeonhole principle.
[Mon Mar 14 18:26:15 2016] <rrika> I'm stuck but I want to solve it myself :[
[Mon Mar 14 18:28:54 2016] <johnw> it's a tough one
[Mon Mar 14 18:31:14 2016] <rrika> really, I think I got through the few tasks about it just by luck
[Mon Mar 14 18:31:19 2016] <rrika> *above it
[Mon Mar 14 18:31:37 2016] <rrika> subseq was near impossible for me
[Mon Mar 14 18:31:43 2016] <rrika> subseq_trans that is
[Mon Mar 14 21:48:27 2016] <Nik05> good evning
[Mon Mar 14 21:48:37 2016] <Nik05> rrika its though
[Mon Mar 14 21:48:56 2016] <Nik05> im back again, got new gpu and had kernel errors
[Mon Mar 14 21:49:04 2016] <rrika> nice
[Mon Mar 14 21:49:06 2016] <rrika> what will you do
[Mon Mar 14 21:49:08 2016] <Nik05> using the latest kernel it boots :)
[Mon Mar 14 21:49:25 2016] <rrika> encode videos, do trendy machine learning, just play games at 2000x1000 pixels?
[Mon Mar 14 21:49:39 2016] <Nik05> oh uh
[Mon Mar 14 21:49:59 2016] <Nik05> all
[Mon Mar 14 21:50:24 2016] <rrika> nice, I want to do machine learning but I never get around to getting the hardware for it
[Mon Mar 14 21:50:36 2016] <rrika> and games, of course.
[Mon Mar 14 21:50:47 2016] <rrika> well, who doesn't want a super computer
[Mon Mar 14 21:50:55 2016] <Nik05> good luck with the pidgeonhole principle :P
[Mon Mar 14 21:51:45 2016] <rrika> I've given up for day.
[Mon Mar 14 21:52:05 2016] <rrika> Tomorrow with fresh mind.
[Mon Mar 14 21:57:52 2016] <Nik05> :)
[Mon Mar 14 22:02:28 2016] <Nik05> have a good night
[Mon Mar 14 22:04:00 2016] <rrika> same
[Mon Mar 14 23:58:10 2016] <nkaretnikov> what's HdRel in Coq.Sorting.Sorted?  what does Hd stand for?
[Tue Mar 15 00:42:06 2016] <nkaretnikov> ah, it's probably head
[Tue Mar 15 01:37:27 2016] <nkaretnikov> johnw: https://gist.github.com/nkaretnikov/ad9dba77a9eafcc2d752
[Tue Mar 15 07:36:32 2016] <jstolare1> http://lpaste.net/6947765245217603584
[Tue Mar 15 07:36:52 2016] <jstolarek> how do I prove this goal given the inudctive hypothesis?
[Tue Mar 15 07:37:17 2016] <jstolarek> if IH was quantified I'd say "rewrite (IHn' (S n''))"
[Tue Mar 15 07:37:38 2016] <jstolarek> but it's not quantified and so I don;t know how to substitute n'' into it
[Tue Mar 15 08:10:45 2016] <Cypi> jstolarek : since you need an induction hypothesis on (n-2) and not on (n-1), you might need to do a stronger induction.
[Tue Mar 15 08:12:53 2016] <jstolarek> what do you mean by stronger?
[Tue Mar 15 08:13:32 2016] <jstolarek> Cypi: ^^^
[Tue Mar 15 08:13:54 2016] <Cypi> For instance, instead of stating "forall n, P n" (where 'P' is the proposition you want to prove), you could say "forall m n, n < m -> P m", and then do an induction on m.
[Tue Mar 15 08:14:06 2016] <Cypi> What is sometimes called "strong" induction on natural numbers
[Tue Mar 15 08:16:10 2016] <jstolarek> but the first claim seems to be more general then the second one
[Tue Mar 15 08:16:28 2016] <jstolarek> I don't see how they are equivalent
[Tue Mar 15 08:18:22 2016] <Cypi> sorry, for the second one I meant n < m -> P n
[Tue Mar 15 08:18:37 2016] <Cypi> Let's say I have a proof of "forall m n, n < m -> P n" and I want to prove "forall n, P n". I can instantiate the first one with (m := S n) and (n := n) to get "n < S n -> P n", which gets you "P n"
[Tue Mar 15 08:19:43 2016] <Cypi> In Coq terms: http://lpaste.net/154728
[Tue Mar 15 08:22:47 2016] <jstolarek> Cypi: hm... that sounds smart :-) but TBH I'm not sure how to use this info to make progress :(
[Tue Mar 15 08:25:32 2016] <jstolarek> oh, got it
[Tue Mar 15 08:25:42 2016] <jstolarek> I just realized I have an extra lemma that I can use :-)
[Tue Mar 15 12:01:59 2016] <stelleg> so I've noticed that induction does pretty poorly with a constructor applied to its arguments, e.g. doing induction on inductive_prop (constructor a b) fails to generate a useful induction predicate, while doing induction on inductive_prop c /\ c_a = a generates the desired induction predicate
[Tue Mar 15 12:02:53 2016] <stelleg> but that can make lemmas pretty clunky looking
[Tue Mar 15 12:04:05 2016] <stelleg> anyone else have this issue and have a nicer solution?
[Tue Mar 15 18:22:29 2016] <johnw> stelleg: your question is lacking enough context for me to understand it
[Tue Mar 15 18:22:36 2016] <johnw> what in the heck is c_a, etc.
[Tue Mar 15 18:23:48 2016] <stelleg> johnw: sorry, I'll try and come up with a simple example and paste it
[Tue Mar 15 19:02:20 2016] <stelleg> example: http://lpaste.net/154757
[Tue Mar 15 19:02:22 2016] <stelleg> not that short :(
[Tue Mar 15 19:03:29 2016] <stelleg> there's the two different attempts at the bottom
[Tue Mar 15 19:05:36 2016] <stelleg> worth noting I haven't tried it in 8.5
[Tue Mar 15 19:14:37 2016] <rrika> stelleg, does inversion help here?
[Tue Mar 15 19:16:29 2016] <rrika> also, you can't all quantify both your program and the result of the program
[Tue Mar 15 19:16:49 2016] <rrika> else, you'll end up having to prove that (2 2 +) can result in stack [5]
[Tue Mar 15 19:16:55 2016] <rrika> (at least I think so)
[Tue Mar 15 19:18:09 2016] <stelleg> rrika: I don't think so, because you're just showing that if the transitive closure of the step relation holds for some result, then the evaluator will evaluate to that result
[Tue Mar 15 19:18:26 2016] <rrika> oh right
[Tue Mar 15 19:18:36 2016] <rrika> you're proving a proof that it already has evaluated to that value
[Tue Mar 15 19:18:37 2016] <stelleg> as for inversion, I think you  need induction here
[Tue Mar 15 19:18:45 2016] <stelleg> right
[Tue Mar 15 19:18:58 2016] <stelleg> I think you need induction because `multi` is recursive
[Tue Mar 15 19:19:07 2016] <stelleg> and you will need that induction hypothesis
[Tue Mar 15 19:20:08 2016] <stelleg> (but I'll check quickly)
[Tue Mar 15 19:22:39 2016] <rrika> is that a task from some book?
[Tue Mar 15 19:24:02 2016] <stelleg> its very close to what's described in the Imp and Smallstep chapters of SF
[Tue Mar 15 19:24:17 2016] <rrika> I haven't gotten that far yet
[Tue Mar 15 19:24:48 2016] <stelleg> it's pretty great
[Tue Mar 15 19:29:00 2016] <rrika> have you tried induction on a term that's not a single variable?
[Tue Mar 15 19:30:57 2016] <stelleg> not sure I follow
[Tue Mar 15 19:31:20 2016] <rrika> I'm trying induction (compile e) right now
[Tue Mar 15 19:32:28 2016] <jrw> stelleg: this is a known and very common problem with the induction tactic. usually I use the [remember] tactic to transform the goal before doing induction
[Tue Mar 15 19:32:37 2016] <jrw> that way you can keep the clean statement of the lemma, and still get the right IH
[Tue Mar 15 19:32:46 2016] <stelleg> jrw: cool, thanks!
[Tue Mar 15 19:32:58 2016] <jrw> it is also possible to automate the remembering
[Tue Mar 15 19:33:02 2016] <rrika> jrw, what kind of transformation exactly?
[Tue Mar 15 19:33:09 2016] <rrika> because I've been running into this issue too
[Tue Mar 15 19:33:16 2016] <jrw> let me post an example
[Tue Mar 15 19:33:54 2016] <stelleg> rrika, jrw: thanks, will check back a bit later
[Tue Mar 15 19:34:07 2016] <rrika> cya
[Tue Mar 15 19:34:21 2016] <jrw> btw, I'm not convinced this is going to be provable, but I can help fix the surface issue of induction misbehaving
[Tue Mar 15 19:34:38 2016] <jrw> there is also a deeper issue of the statement not being general enough to be proved by induction
[Tue Mar 15 19:35:49 2016] <jrw> http://lpaste.net/154757
[Tue Mar 15 19:35:56 2016] <jrw> I guess it let me just edit the paste?
[Tue Mar 15 19:36:07 2016] <jrw> sorry :\
[Tue Mar 15 19:36:18 2016] <rrika> oops
[Tue Mar 15 19:37:01 2016] <rrika> remember will replace the term in other hypothesis?
[Tue Mar 15 19:37:18 2016] <rrika> oh wow this looks clean
[Tue Mar 15 19:37:44 2016] <jrw> [remember complexExpression] finds all occurrences of the expression replaces them with a fresh variable
[Tue Mar 15 19:37:49 2016] <jrw> which is constrained with an equality
[Tue Mar 15 23:51:02 2016] <stelleg> jrw: perfect, this is exactly what I was looking for
[Tue Mar 15 23:51:05 2016] <stelleg> thanks!
[Tue Mar 15 23:51:17 2016] <jrw> np
[Tue Mar 15 23:51:27 2016] <stelleg> and yeah I'm not sure its provable, just threw it together in a few minutes
[Tue Mar 15 23:53:22 2016] <stelleg> I find it somewhat amusing that "lambda pastebin" is mutable :)
[Tue Mar 15 23:55:07 2016] <jrw> haha, yeah
[Tue Mar 15 23:55:23 2016] <jrw> I clicked "edit" figuring it really meant "make a copy"
[Wed Mar 16 03:37:29 2016] <johnw> I'm defining a function using proof scripting, where I "pose" the definition and then perform multiple unfoldings and simplifications; however, these operations are not being retained in the final definition. Is there a trick for making them stick?
[Wed Mar 16 04:20:41 2016] <johnw> turns out I need to use Eval compute [terms...] in foo.
[Wed Mar 16 04:20:50 2016] <johnw> in order to ensure that the terms are unfolded in the definition
[Wed Mar 16 08:06:23 2016] <jstolarek> http://lpaste.net/154800
[Wed Mar 16 08:06:55 2016] <jstolarek> based on the definition of normalize the RHS of my goal can be reduced to "twice (normalize (twice b'))"
[Wed Mar 16 08:07:07 2016] <jstolarek> which tactics do I use to do that?
[Wed Mar 16 08:07:37 2016] <jstolarek> I tried beta reduction with "cbv beta" but that does nothing :(
[Wed Mar 16 09:17:28 2016] <benzrf> jgross: you about?
[Wed Mar 16 12:53:32 2016] <jgross> benzrf: What's up? 
[Wed Mar 16 13:44:17 2016] <stelleg> jstolarek: you can always just assert (twice (normalize (twice b')) = normalize (twice (twice b'))). reflexivity.
[Wed Mar 16 13:44:21 2016] <stelleg> not sure about a quicker way
[Wed Mar 16 13:45:52 2016] <benzrf> jgross: do you know anything about endowing implementations of the CoC with functions and types implemented in the host language without breaking the system's properties in unexpected ways?
[Wed Mar 16 14:05:53 2016] <johnw> jstolarek: you can say "replace (twice (normalize (twice b'))) with (normalize (twice (twice b'))) by reflexivity", which is sort of an ad-hoc rewrite
[Wed Mar 16 14:25:01 2016] <stelleg> as usual johnw's answer is better
[Wed Mar 16 14:36:45 2016] <rrika_mobile> stelleg: how is your compile_correct proof going?
[Wed Mar 16 14:40:25 2016] <stelleg> rrika_mobile: well the one I'm actually working on is going painfully slowly. bigstep -> smallstep wasn't too bad, but smallstep -> bigstep is proving quite difficult
[Wed Mar 16 14:40:52 2016] <stelleg> rrika_mobile: may go back and try and prove that toy one i posted yesterday as practice
[Wed Mar 16 14:43:17 2016] <rrika_mobile> I began by proving lots of properties about multistep/step but haven't really gotten closer to showing anything about compile: https://gist.github.com/rrika/ce36a9098586fd1ce1ed
[Wed Mar 16 14:43:39 2016] <rrika_mobile> I wonder which of these are useful for later and which not.
[Wed Mar 16 14:44:26 2016] <stelleg> rrika_mobile: very nice, you've convinced me to go back and play with that :)
[Wed Mar 16 14:44:34 2016] <rrika_mobile> haha
[Wed Mar 16 14:44:50 2016] <rrika_mobile> especially the first proofs are very nice
[Wed Mar 16 14:44:53 2016] <rrika_mobile> using ; constructor. just covers all instructions
[Wed Mar 16 14:45:11 2016] <rrika_mobile> (I don't even understand why, lol)
[Wed Mar 16 14:47:43 2016] <rrika_mobile> what are you dealing with now?
[Wed Mar 16 14:47:43 2016] <rrika_mobile> if this is a toy one
[Wed Mar 16 14:47:54 2016] <rrika_mobile> what are you dealing with now?
[Wed Mar 16 14:48:27 2016] <stelleg> proving that a small-step and big step implementation of call by need are equivalent
[Wed Mar 16 14:48:43 2016] <stelleg> for a particular abstract machine I've come up with
[Wed Mar 16 14:49:51 2016] <rrika_mobile> I see.
[Wed Mar 16 14:50:00 2016] <stelleg> I'd rather not share the code here yet, its quite hideous :)
[Wed Mar 16 14:50:05 2016] <rrika_mobile> haha
[Wed Mar 16 14:51:24 2016] <rrika_mobile> well, if I get over the pidgeon hold principle in SF I can finally move on to the Imp chapter
[Wed Mar 16 14:53:17 2016] <stelleg> you're more dedicated than I am apparently
[Wed Mar 16 14:53:32 2016] <stelleg> I skipped large chunks to get to the parts I was interested in
[Wed Mar 16 14:54:02 2016] <rrika_mobile> I try to have every single task solved
[Wed Mar 16 14:54:13 2016] <rrika_mobile> (it's the reason why it's taking me months)
[Wed Mar 16 14:54:22 2016] <rrika_mobile> (hard tasks making me stop for weeks)
[Wed Mar 16 15:30:56 2016] <johnw> rrika: if you leave the hard ones until later, they become easier due to the new insights you gain from later exercises
[Wed Mar 16 15:31:21 2016] <johnw> I don't think there's much didactic benefit from forcing linearity
[Wed Mar 16 15:42:16 2016] <rrika> johnw, I can't resist the challenge.
[Wed Mar 16 15:42:30 2016] <rrika> I know, some are marked as optional
[Wed Mar 16 15:51:59 2016] <johnw> with Coq, most everything gets easier with time and more experience
[Wed Mar 16 15:52:24 2016] <johnw> the other day I found myself doing a proof, and just as I was finishing I realized that I was proving the exact same thing (fairly easily) that it had taken me 40 hours to do two years ago
[Wed Mar 16 15:53:03 2016] <rrika> haha
[Wed Mar 16 15:53:08 2016] <rrika> I had the same the other way round too
[Wed Mar 16 15:53:15 2016] <rrika> I tried to solve something the second time
[Wed Mar 16 15:53:20 2016] <rrika> and it took me three screen pages
[Wed Mar 16 15:53:25 2016] <stelleg> johnw: that is very good to hear
[Wed Mar 16 15:53:26 2016] <rrika> when my first attempt was ~8 lines
[Wed Mar 16 15:53:58 2016] <stelleg> rrika: that's been my experience a few times
[Wed Mar 16 15:54:01 2016] <stelleg> deeply depressing
[Wed Mar 16 15:54:17 2016] <rrika> I think the trend is still towards shorter and better proofs
[Wed Mar 16 15:54:33 2016] <stelleg> true
[Wed Mar 16 15:54:39 2016] <rrika> it just shows that the new information I've received hasn't quite found its place in my brain yet
[Wed Mar 16 15:56:26 2016] <johnw> it took me a while to get fully past the "whack-a-mole" phase
[Wed Mar 16 15:56:35 2016] <johnw> where you keep trying different tactics to see what makes progress
[Wed Mar 16 15:56:56 2016] <johnw> "Oh, not induction? maybe inversion? maybe destruct?"
[Wed Mar 16 15:57:51 2016] <johnw> I think that it requires an understanding of how tactics relate to terms, and what the proof terms mean; I mean, we're really just writing programs within a different domain (Prop), and so all the tactics we use have an analog to things we're mostly familiar with in programming
[Wed Mar 16 16:11:23 2016] <stelleg> I'm definitely still in whack-a-mole phase
[Wed Mar 16 16:23:36 2016] <stelleg> just getting better at hitting the moles
[Wed Mar 16 16:26:38 2016] <rrika> ^
[Wed Mar 16 17:18:42 2016] <rrika> okay, can someone give me a hint for the pidgeon hole principle?
[Wed Mar 16 17:19:53 2016] <jrw> rrika: which version are you doing and what have you tried?
[Wed Mar 16 17:20:23 2016] <rrika> 8.4
[Wed Mar 16 17:20:42 2016] <jrw> rrika: no I mean what statement of the pigeonhole principle are you trying to prove?
[Wed Mar 16 17:20:45 2016] <jrw> the one from SF?
[Wed Mar 16 17:20:51 2016] <rrika> yes
[Wed Mar 16 17:21:01 2016] <rrika> I don't even know what my IH should be
[Wed Mar 16 17:21:10 2016] <rrika> SF suggests I do induction over l1
[Wed Mar 16 17:22:48 2016] <jrw> rrika: you're planning on assuming excluded middle or decidable equality right?
[Wed Mar 16 17:25:45 2016] <rrika> Well, I want to do without, but by now I'm ready to include that too
[Wed Mar 16 17:29:32 2016] <jrw> rrika: the proof without is fundamentally different from the one with, and you need to restructure the theorem statements. so I recommend doing it with decidable equality first
[Wed Mar 16 17:29:41 2016] <jrw> so what have you tried? where are you stuck?
[Thu Mar 17 04:18:59 2016] <jstolarek> I have a goal that is clearly false and I have a premise that is also false. How do I proceed in such a case? exfalse replaces the goal with False but I'm not sure what the next steps should be :-/
[Thu Mar 17 04:19:23 2016] <Cypi> It depends how you can deduce False from your premise
[Thu Mar 17 04:19:49 2016] <Cypi> "inversion H" on your premise might work if it's an impossible case in an inductive type for instance
[Thu Mar 17 04:20:21 2016] <jstolarek> TBH I am not yet sure how to deduce false from the premise
[Thu Mar 17 04:20:51 2016] <jstolarek> the goal is obviously false: [] = n :: l
[Thu Mar 17 04:21:11 2016] <jstolarek> but the premise is: [] = snoc (rev l2) n
[Thu Mar 17 04:25:04 2016] <jstolarek> hm... if I have a premise that says "a = b" can I apply a function to both sides so that the premise says "f a = f b" ?
[Thu Mar 17 04:25:24 2016] <jstolarek> that would allow me to use an earlier lemma and make progress
[Thu Mar 17 04:25:30 2016] <Cypi> "apply f_equal f in H"
[Thu Mar 17 04:25:30 2016] <rrika> you could do induction on l2 I think
[Thu Mar 17 04:25:40 2016] <rrika> (regarding [] = snoc (rev l2) n)
[Thu Mar 17 04:25:53 2016] <rrika> there may be a simpler way
[Thu Mar 17 04:26:07 2016] <Cypi> I guess you want to use length. That looks like a simple idea :)
[Thu Mar 17 04:27:00 2016] <jstolarek> Cypi: I was thinking about using rev and then applying rev (rev l) = l
[Thu Mar 17 04:27:14 2016] <jstolarek> hm.. getting syntax error from apply f_equal
[Thu Mar 17 04:27:27 2016] <jstolarek> rrika: I tried that, but I get stuck later on :(
[Thu Mar 17 04:27:32 2016] <Cypi> "apply (f_equal f) in H" probably
[Thu Mar 17 04:28:15 2016] <jstolarek> oh, silly me
[Thu Mar 17 04:28:31 2016] <rrika> "apply (f_equal _ _ f) in H"
[Thu Mar 17 04:33:19 2016] <rrika> jstolarek, you can do it both via length and destruct
[Thu Mar 17 04:38:41 2016] <jstolarek> rrika: you mean "destruct H" ?
[Thu Mar 17 04:38:48 2016] <jstolarek> where H is a false premise
[Thu Mar 17 04:38:50 2016] <jstolarek> ?
[Thu Mar 17 04:39:13 2016] <rrika> ah, no
[Thu Mar 17 04:39:22 2016] <rrika> destruct the list into its nil and cons case
[Thu Mar 17 04:39:31 2016] <rrika> the question is just which list
[Thu Mar 17 04:39:34 2016] <jstolarek> ah, that
[Thu Mar 17 04:39:43 2016] <rrika> basically, snoc will always return some kind of cons
[Thu Mar 17 04:39:55 2016] <jstolarek> yes, I destructed the second list
[Thu Mar 17 04:40:04 2016] <jstolarek> now I'm struggling with this:
[Thu Mar 17 04:40:04 2016] <rrika> which second list?
[Thu Mar 17 04:40:16 2016] <jstolarek> my theorem is about two lists :-)
[Thu Mar 17 04:40:21 2016] <rrika> oh, okay
[Thu Mar 17 04:40:22 2016] <jstolarek> now I have a premise H : length (snoc (rev l1) n) = 0
[Thu Mar 17 04:40:33 2016] <jstolarek> and I just proved blt_nat 0 (length (snoc l n)) = true.
[Thu Mar 17 04:40:34 2016] <Cypi> Oh yes, you could actually just "destruct (rev l2)"
[Thu Mar 17 04:40:39 2016] <rrika> ^
[Thu Mar 17 04:40:48 2016] <Cypi> not even using length or anything
[Thu Mar 17 04:40:50 2016] <rrika> is what I was thinking of
[Thu Mar 17 04:40:54 2016] <jstolarek> ah
[Thu Mar 17 04:41:04 2016] <jstolarek> I haven't thought about doing that
[Thu Mar 17 04:41:12 2016] <jstolarek> I'll try that in a moment
[Thu Mar 17 04:41:43 2016] <jstolarek> but now, given my false premise H and my lemma that "blt_nat 0 (length (snoc l n)) = true" how can I use that lemma to show contradiction
[Thu Mar 17 04:41:46 2016] <jstolarek> ?
[Thu Mar 17 04:42:10 2016] <jstolarek> it looks pretty obvious to me as a human being that these two are contradictory but I don't know how to convince Coq about it :-)
[Thu Mar 17 04:47:32 2016] <rrika> well, there are tactics that can use a contradiction in the premises to prove any current goal
[Thu Mar 17 04:47:48 2016] <rrika> inversion H. or congruence.
[Thu Mar 17 04:48:05 2016] <rrika> ah, you're doing the length approach
[Thu Mar 17 04:50:18 2016] <rrika> ah
[Thu Mar 17 04:50:45 2016] <rrika> you make sure that "blt_nat 0 (…) = true" turns into "blt_nat 0 (S (…))"
[Thu Mar 17 04:51:10 2016] <rrika> so if you can somehow turn "length (snoc l n)" into "S (length l)"
[Thu Mar 17 04:51:54 2016] <rrika> "blt_nat 0 (S …)" will turn into true when you do "simpl." on it I think
[Thu Mar 17 04:51:57 2016] <jstolarek> rrika: I managed to do that, although I feel there must be a better approach than the one I used
[Thu Mar 17 04:52:07 2016] <rrika> show your whole thing
[Thu Mar 17 04:52:15 2016] <jstolarek> sure
[Thu Mar 17 04:53:00 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/154839
[Thu Mar 17 04:53:21 2016] <jstolarek> working on the last case
[Thu Mar 17 04:53:46 2016] <jstolarek> but I don't like where this is going - it feels like there's a better way
[Thu Mar 17 04:56:06 2016] <rrika> jstolarek, rev_injective can be done without any induction
[Thu Mar 17 04:56:20 2016] <rrika> avoiding induction will make it much cleaner too
[Thu Mar 17 04:56:30 2016] <rrika> (basically you already did the induction it needs in rev_involutive)
[Thu Mar 17 04:57:40 2016] <jstolarek> ah, got it.
[Thu Mar 17 04:58:09 2016] <rrika> jstolarek, I see you try to turn "rev []" into "[]" in your premises
[Thu Mar 17 04:58:19 2016] <rrika> you can just use "simpl." for that
[Thu Mar 17 04:58:23 2016] <rrika> "simpl in H."
[Thu Mar 17 04:58:54 2016] <rrika> oh, that also affects the other side
[Thu Mar 17 04:58:55 2016] <rrika> nvm
[Thu Mar 17 04:59:12 2016] <rrika> jstolarek, how does the new one look like?
[Thu Mar 17 04:59:49 2016] <lpaste> jstolarek annotated “No title” with “No title (annotation)” at http://lpaste.net/154839#a154840
[Thu Mar 17 04:59:59 2016] <jstolarek> rrika: ^^^
[Thu Mar 17 05:02:05 2016] <rrika> jstolarek, cool
[Thu Mar 17 05:02:28 2016] <rrika> did you notice how your "apply (f_equal rev) in H. repeat (rewrite rev_involutive in H)." does exactly what you want to show?
[Thu Mar 17 05:02:57 2016] <rrika> turning a "H : rev (n :: l1) = rev l2" into "H : rev (n :: l1) = rev l2"
[Thu Mar 17 05:03:11 2016] <rrika> oops, copied wrong text
[Thu Mar 17 05:03:22 2016] <rrika> turning a "H : rev (n :: l1) = rev l2" into "H :  n :: l1 = l2"
[Thu Mar 17 05:03:29 2016] <jstolarek> yes :-)
[Thu Mar 17 05:03:41 2016] <jstolarek> I'm now trying to figure out a way to avoid the repetition
[Thu Mar 17 05:03:56 2016] <jstolarek> last two goals are solve with the same chain of tactics
[Thu Mar 17 05:04:00 2016] <rrika> try without destruction.
[Thu Mar 17 05:05:39 2016] <jstolarek> yup, that works :-)
[Thu Mar 17 05:07:00 2016] <jstolarek> wow, that was enlightening
[Thu Mar 17 05:07:13 2016] <rrika> got to go to work now, have fun
[Thu Mar 17 06:32:32 2016] <jstolarek> is there a way to avoid matching on parameters of an inductive data type?
[Thu Mar 17 06:32:58 2016] <jstolarek> eg. if I have inductive definition of a list and would like to match on "nil" instead of "nil _"
[Thu Mar 17 06:33:55 2016] <jstolarek> Software Foundations says this should simply work, ut it does not work for me under Coq 8.5 - I have to include an underscore to match the parameter of list data type
[Thu Mar 17 06:34:37 2016] <Cypi> "Set Asymmetric Patterns"
[Thu Mar 17 06:34:47 2016] <Cypi> Write that for instance at the top of your file
[Thu Mar 17 06:39:53 2016] <jstolarek> Cypi: thanks. Now I see that I am prohibited from matching on paremeters
[Thu Mar 17 06:40:19 2016] <Cypi> Yes indeed :)
[Thu Mar 17 06:43:37 2016] <jstolarek> I wonder if there are situations where this becomes a problem
[Thu Mar 17 06:44:09 2016] <jstolarek> meaning, if there might be a single place where for some reason I'd like to match on a parameter
[Thu Mar 17 06:44:13 2016] <Cypi> Parameters cannot be refined by knowing which constructors you actually have
[Thu Mar 17 06:44:15 2016] <Cypi> so no
[Thu Mar 17 06:44:22 2016] <Cypi> You can always deduce the actual parameter from the type
[Thu Mar 17 06:44:37 2016] <Cypi> that is what distinguish parameters from indices
[Thu Mar 17 06:51:43 2016] <jstolarek> right
[Thu Mar 17 06:51:49 2016] <jstolarek> that makes sense
[Thu Mar 17 07:11:23 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/154850
[Thu Mar 17 07:11:39 2016] <jstolarek> The term "combine X Y l1' l2'" has type "list (X * Y)" while it is expected to have type "list (X * Y)".
[Thu Mar 17 07:11:53 2016] <jstolarek> Am I missing something or is that error message bogus?
[Thu Mar 17 07:12:54 2016] <Cypi> Hmm, it just works here :o
[Thu Mar 17 07:14:03 2016] <Cypi> It could be a problem of universes in your case (which would explain the sort of bogus error message). But still, it's strange that there is even an error
[Thu Mar 17 07:14:47 2016] <jstolarek> ok, this means something else must be wrong in my source file...
[Thu Mar 17 07:28:49 2016] <jstolarek> Cypi: which Coq version do you have?
[Thu Mar 17 07:29:05 2016] <Cypi> 8.5
[Thu Mar 17 07:31:04 2016] <jstolarek> same here... strange
[Thu Mar 17 07:34:49 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/154852
[Thu Mar 17 07:35:09 2016] <jstolarek> smae problem with split
[Thu Mar 17 07:35:16 2016] <jstolarek> well, almost the same
[Thu Mar 17 07:35:28 2016] <Cypi> Again, it just works here :/
[Thu Mar 17 07:35:53 2016] <jstolarek> * is puzzled
[Thu Mar 17 07:36:04 2016] <Cypi> Hmm, have you defined the notation "_ * _" for types yourself, for instance?
[Thu Mar 17 07:36:10 2016] <jstolarek> yes
[Thu Mar 17 07:36:26 2016] <jstolarek> Notation "( X * Y )" := (prod X Y) : type_scope.
[Thu Mar 17 07:36:56 2016] <Cypi> Still works
[Thu Mar 17 07:36:59 2016] <jstolarek> I have also defined this:
[Thu Mar 17 07:37:00 2016] <jstolarek> Notation "( x , y )" := (pair x y).
[Thu Mar 17 08:15:02 2016] <Cypi> Sorry, I don't know what could be wrong, it just works here :(
[Thu Mar 17 09:18:25 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/154858
[Thu Mar 17 09:19:23 2016] <jstolarek> Cypi: does the above work for you?
[Thu Mar 17 09:21:04 2016] <jstolarek> it's a minimal working example (or rather: non-working example)
[Thu Mar 17 09:21:08 2016] <Cypi> No, it does not. Ok, I see, I don't know why Coq is confused with its notations
[Thu Mar 17 09:21:20 2016] <Cypi> If you just disable the notations, you'll see: The term "combine X Y l1' l2'" has type "list (Datatypes.prod X Y)" while it is expected to have type "list (prod X Y)"
[Thu Mar 17 09:22:05 2016] <Cypi> Either not specifiying the return type and letting Coq infer it, or specifying explicitely "list (prod X Y)" will work
[Thu Mar 17 09:22:14 2016] <Cypi> But it's not ideal...
[Thu Mar 17 09:22:43 2016] <Cypi> Ah
[Thu Mar 17 09:22:50 2016] <Cypi> Notation "X * Y" := (prod X Y) : type_scope.
[Thu Mar 17 09:22:52 2016] <Cypi> this works better
[Thu Mar 17 09:23:03 2016] <jstolarek> ah
[Thu Mar 17 09:23:08 2016] <jstolarek> that was tricky
[Thu Mar 17 09:23:13 2016] <Cypi> Notations are :/
[Thu Mar 17 09:23:43 2016] <jstolarek> * thinks many things in Coq are :/
[Thu Mar 17 09:24:10 2016] <jstolarek> I once spend 30 minute strying to figure out why the code from CPDT does not work when I type it in
[Thu Mar 17 09:24:32 2016] <jstolarek> and the reason was I imported two modules in different order
[Thu Mar 17 09:24:34 2016] <jstolarek> I mean
[Thu Mar 17 09:24:46 2016] <jstolarek> Require Import A B instead of Require Import B A
[Thu Mar 17 14:53:46 2016] <johnw> Cypi: or: Infix "*" := prod : type_scope.
[Thu Mar 17 16:14:40 2016] <stelleg> rrika: i managed to prove that toy example compiler correct if you want unreadable spoilers
[Fri Mar 18 02:45:14 2016] <riaqn> Hello, after I prove a theorem T, how can I get the proof of that T?
[Fri Mar 18 02:45:29 2016] <riaqn> i.e., I want to get the such t that t : T.
[Fri Mar 18 02:45:38 2016] <sunnymilk> theorems are just terms
[Fri Mar 18 02:45:55 2016] <sunnymilk> Definition and Theorem mean the same thing
[Fri Mar 18 02:46:03 2016] <riaqn> well, I just want to get the proof of that theorem.
[Fri Mar 18 02:46:20 2016] <sunnymilk> so when you do Theorem t : <theorem>, t IS the proof
[Fri Mar 18 02:46:30 2016] <sunnymilk> you can even print it
[Fri Mar 18 02:46:34 2016] <sunnymilk> with Print t.
[Fri Mar 18 02:46:41 2016] <riaqn> Oh right! I forgot it, sorry.
[Fri Mar 18 02:47:20 2016] <sunnymilk> its actually very interesting to look at proof terms
[Fri Mar 18 02:47:41 2016] <riaqn> yeah, constructive proof is very amusing to look at.
[Fri Mar 18 02:47:58 2016] <sunnymilk> whenever you use induction for example youll see the induction hypothesis of the type you did the induction on there as a function call
[Fri Mar 18 02:48:05 2016] <sunnymilk> and etc
[Fri Mar 18 02:58:39 2016] <riaqn> OK, another question: when I 'Check t', how to print a simplified version?
[Fri Mar 18 06:21:17 2016] <Nik05> riaqn make a simpler proof...
[Fri Mar 18 08:02:10 2016] <jstolarek> I have a premise (a = b), where a and b are nats, and a goal S a = S b.
[Fri Mar 18 08:02:20 2016] <jstolarek> what would be the best way of dealing with this?
[Fri Mar 18 08:02:27 2016] <jstolarek> rewrite and then reflexivity?
[Fri Mar 18 08:02:58 2016] <jstolarek> I'm interested if there is a common convention for dealing with such goals
[Fri Mar 18 08:48:02 2016] <dredozubov> i do exactly that
[Fri Mar 18 08:52:49 2016] <dredozubov> jstolarek: you can use congruence, it seems
[Fri Mar 18 08:53:20 2016] <dredozubov> Lemma nat_inj { n m : nat } : n = m -> S n = S m. Proof with (intros; congruence).
[Fri Mar 18 08:53:44 2016] <dredozubov> actually, intros is not needed
[Fri Mar 18 09:00:48 2016] <Cypi> I would [f_equal; assumption], but really, any choice is good
[Fri Mar 18 12:55:42 2016] <jstolarek> I have a lemma that says: a = n -> b = n. Based on that lemma I want to prove a = b. I feel there is an easy way of doing this but I just can't see it :-/
[Fri Mar 18 14:16:09 2016] <silver> symmetry, transitivity?
[Fri Mar 18 15:59:59 2016] <athan> Hi everyone. Is there a `rational` data type in the standard library? I was thinking of defining my own - just a signed pair of naturals, representing the numerator and denomonator (where the denom. is actually `S d`, to ensure there's no division by zero)
[Fri Mar 18 16:03:50 2016] <jrw> athan: there is a type called "Q" in the stdlib that implements rational numbers. I haven't used it much, but you could get started by doing [Require Import QArith.]
[Fri Mar 18 16:04:35 2016] <dredozubov> i think you want Coq.QArith.QArith_base
[Fri Mar 18 16:04:49 2016] <dredozubov> https://coq.inria.fr/library/Coq.QArith.QArith_base.html
[Fri Mar 18 16:06:56 2016] <athan> Oh shoot, I haven't learned positive yet. What is `xH` exactly? `1` or something?
[Fri Mar 18 16:07:16 2016] <jrw> dredozubov: QArith imports QArith_base and other helpful things
[Fri Mar 18 16:07:16 2016] <sunnymilk> you canalso make rationals out of two integers
[Fri Mar 18 16:07:18 2016] <sunnymilk> with no sign
[Fri Mar 18 16:07:24 2016] <sunnymilk> since the integers carry the sign
[Fri Mar 18 16:07:34 2016] <athan> sunnymilk: But it's still allows 0 as the denom.
[Fri Mar 18 16:07:45 2016] <sunnymilk> oh thats true
[Fri Mar 18 16:07:50 2016] <athan> I don't think that's the rational I'm looking for :\
[Fri Mar 18 16:08:12 2016] <athan> hm... so they say that `x0 (xI xH)` represnts 6... how? :s
[Fri Mar 18 16:08:41 2016] <athan> oh crap, it says in the docs that xH is 1 >< sorry all, I'll keep reading
[Fri Mar 18 16:09:02 2016] <dredozubov> positive is strictly positive
[Fri Mar 18 16:09:07 2016] <dredozubov> as name implies
[Fri Mar 18 16:09:47 2016] <athan> Oh crap, positive is strictly in base 2, now I understand
[Fri Mar 18 16:10:06 2016] <athan> man, that seems like it would be a pain to prove over :\
[Fri Mar 18 16:22:29 2016] <athan> I've asked here before if there's a `gcd` implementation for nats, and I guess there is... but I have no idea how to import it :\
[Fri Mar 18 16:24:17 2016] <jrw> athan: I don't think you need to import anything. "Nat.gcd" should just be available
[Fri Mar 18 16:24:59 2016] <athan> oh wait, this is only available for Coq >= 8.5, I forgot ><
[Fri Mar 18 17:29:49 2016] <athan> Is there a way to set multiple `let` statements in one? So that way I don't need to do `let ... in let ... in let ... in`?
[Fri Mar 18 17:40:21 2016] <athan> In software foundations, there's advocation of equality definitions to be named in the form (for naturals) `beq_nat`, however I can't seem to find that definition. After a bit of exploring, I found some usage where the type is a paramter to `eq` - something like `eq bool b1 b2` works fine. However, `eq nat n1 n2` doesn't seem to work.. there's some term names being generated by coq that I can't really inspect (
[Fri Mar 18 17:40:27 2016] <athan> skolemized variables, maybe?)
[Fri Mar 18 17:40:34 2016] <athan> Really, my question is: "How do I test equality over naturals?" :)
[Fri Mar 18 17:40:56 2016] <athan> I've seen some usage of `eq-refl`, maybe I should be using that for naturals because they're such a simple structure?
[Fri Mar 18 17:41:30 2016] <athan> I can show you some (really terrible) code if you'd like :)
[Fri Mar 18 17:42:13 2016] <athan> http://lpaste.net/155033
[Fri Mar 18 17:47:05 2016] <rrika> athan, they SF later uses a different style of equalities
[Fri Mar 18 17:47:21 2016] <rrika> first it's a function that takes to values and returns a boolean
[Fri Mar 18 17:47:58 2016] <rrika> later they formulate it using inductive propositions for which you can only get proof, if they're actually equal
[Fri Mar 18 17:48:00 2016] <rrika> plus an additional thing that shows that it's decidable
[Fri Mar 18 17:48:15 2016] <rrika> which in the end will be quite similar to the bool returning one
[Fri Mar 18 17:48:19 2016] <rrika> :P
[Fri Mar 18 17:48:44 2016] <athan> rrika: but... but... why read when you can be impatient? :D
[Fri Mar 18 17:48:52 2016] <athan> sorry, thanks rrika.
[Fri Mar 18 17:49:01 2016] <rrika> oops, spoiler
[Fri Mar 18 17:49:01 2016] <rrika> :P
[Fri Mar 18 17:49:01 2016] <rrika> nothing to be sorry about
[Fri Mar 18 17:52:14 2016] <rrika> athan, if you're at this point in SF how do you know about {| |}?
[Fri Mar 18 17:54:28 2016] <athan> rrika: I'm just clawing at whatever I can grab right now
[Fri Mar 18 17:54:38 2016] <athan> I'm familiar with Haskell, with all the record sytnax stuff
[Fri Mar 18 17:55:24 2016] <rrika> oh, I knew neither haskell nor ocaml
[Fri Mar 18 17:55:27 2016] <rrika> (beyond a tutorial)
[Fri Mar 18 17:56:15 2016] <rrika> athan, just out of curiosity, whtat do you want to use coq for?
[Fri Mar 18 17:58:37 2016] <athan> rrika: Proving that robert bland's finite pivoting method for his simplex algorithm is terminating (which will be hard), and actually optimizes
[Fri Mar 18 17:59:05 2016] <athan> It will also help me expand his alg. a bit, while being confident that I don't bork it's meaning
[Fri Mar 18 17:59:24 2016] <athan> see this is what confuses me: https://coq.inria.fr/library/Coq.Arith.EqNat.html
[Fri Mar 18 17:59:25 2016] <rrika> * understood nothing really
[Fri Mar 18 17:59:32 2016] <athan> eq_nat is nowhere in scope :(
[Fri Mar 18 18:00:15 2016] <athan> rrika: Simplex algorithms are used for linear optimization - like a bunch of linear constraints (over Rationals) and an objective function that needs to get optimized in the feasible rejion
[Fri Mar 18 18:00:19 2016] <athan> region*
[Fri Mar 18 18:00:34 2016] <rrika> i see
[Fri Mar 18 18:00:44 2016] <athan> his algorithm "walks the corners" of the feasible region / simplex, or something like that, based on a wonky-ass method that I'm trying to prove as correct :\
[Fri Mar 18 18:01:24 2016] <rrika> If I do "Import Coq.Arith.EqNat", eq_nat is in my scope.
[Fri Mar 18 18:01:24 2016] <rrika> uh "Require Import", not "Import"
[Fri Mar 18 18:03:05 2016] <athan> aie karumba, sorry ><
[Fri Mar 18 18:04:26 2016] <athan> crap, so `bool` is junk, and I should really be testing for inhabitance. Got it :)
[Fri Mar 18 18:04:55 2016] <rrika> it's really easy to convert though
[Fri Mar 18 18:05:07 2016] <rrika> (beq x y = true)
[Fri Mar 18 18:05:44 2016] <rrika> ^ this expression as a type
[Fri Mar 18 18:06:26 2016] <athan> oh!! = is a data constructor! Awesome
[Fri Mar 18 18:06:49 2016] <athan> PAJAMAS! It's working! Thank you rrika!
[Fri Mar 18 18:24:48 2016] <johnw> heh
[Fri Mar 18 19:56:01 2016] <athan> Hi everyone. Anybody here know how to abbreviate excessive `let ... in let ... in let ... in` statements?
[Fri Mar 18 19:56:38 2016] <johnw> you could use functions
[Fri Mar 18 19:56:44 2016] <johnw> (fun a b c => ...) a b c
[Fri Mar 18 19:56:54 2016] <johnw> that's what let desugars into, pretty much
[Fri Mar 18 19:59:59 2016] <athan> johnw: Hmm, okay! Thank you!
[Fri Mar 18 20:01:30 2016] <athan> "no local fields allowed in a record construction" - what does this mean, exactly? What makes a field... local?
[Fri Mar 18 20:01:43 2016] <johnw> can you show me the record?
[Fri Mar 18 20:02:38 2016] <athan> johnw: sure! http://lpaste.net/155046
[Fri Mar 18 20:03:00 2016] <athan> I'm getting the error on lines 19-22 :\
[Fri Mar 18 20:03:01 2016] <johnw> I don't think you mean to use := in your record
[Fri Mar 18 20:03:07 2016] <johnw> just :
[Fri Mar 18 20:03:12 2016] <athan> ? I thought that was the correct syntax
[Fri Mar 18 20:03:21 2016] <johnw> it is correct, but for a different purpose
[Fri Mar 18 20:03:24 2016] <athan> https://coq.inria.fr/refman/Reference-Manual004.html#Record
[Fri Mar 18 20:03:27 2016] <johnw> it sets a "local field"
[Fri Mar 18 20:03:40 2016] <johnw> just s/:=/: three times and you'll be fine
[Fri Mar 18 20:03:45 2016] <athan> ohhh man I'm silly, okay
[Fri Mar 18 20:04:12 2016] <athan> man that's different
[Fri Mar 18 20:04:34 2016] <athan> perfect! Thank you!!
[Sat Mar 19 06:23:33 2016] <rrika> >The term "H" has type "x <> x'" while it is expected to have type "x <> x'".
[Sat Mar 19 11:53:22 2016] <stelleg> rrika: whoops. can you show the context which gave that error?
[Sat Mar 19 11:56:23 2016] <rrika> stelleg, SF redefined False and <>
[Sat Mar 19 11:56:46 2016] <rrika> exfalso. uses the build in false, while <> gave me SF's false
[Sat Mar 19 11:58:08 2016] <Cypi> You can use "elimtype False" with SF's False if you want to do exactly what "exfalso" does
[Sat Mar 19 11:58:45 2016] <rrika> thanks for the tip
[Sat Mar 19 12:00:54 2016] <stelleg> notations are weird
[Sun Mar 20 00:31:46 2016] <athan> Does `True = True`?
[Sun Mar 20 00:33:43 2016] <athan> O_O `/\` is not reflexive?
[Sun Mar 20 00:34:46 2016] <jgross> athan: [Check eq_refl : True = True.] 
[Sun Mar 20 00:35:21 2016] <jgross> athan: If `/\` were reflexive, that would mean that `forall x, x /\ x`, which is certainly not the case.  Perhaps you're thinking of "symmetric"? 
[Sun Mar 20 00:35:32 2016] <athan> How do I "augment" /\ to be reflexive from the Setoid library?
[Sun Mar 20 00:35:51 2016] <athan> oh shoot you're right, sorry
[Sun Mar 20 00:36:12 2016] <athan> I must be abusing fixityu
[Sun Mar 20 00:37:46 2016] <athan> no I guess I'm not. How is `foo = foo /\ bar = bar` not `= True`?
[Sun Mar 20 00:39:13 2016] <athan> hmm, `(True = True) = True` does not unify
[Sun Mar 20 00:39:48 2016] <athan> something something intensional...
[Sun Mar 20 02:28:41 2016] <burzos> Anyone around that has worked through Software Foundations? I'm stuck on the very last exercise in Poly (https://www.cis.upenn.edu/~bcpierce/sf/current/Poly.html#lab141); how to define 'exp'.
[Sun Mar 20 02:29:53 2016] <burzos> Intuitively I understand that the algorithm must be similar to the additional algorithm, except we want to do a multiplication in the loop.
[Sun Mar 20 02:30:23 2016] <burzos> But it seems like the value being passed through the loop must be type X and I don't see how to multiply that with a nat.
[Sun Mar 20 03:52:19 2016] <athan> Does = have a type signature?
[Sun Mar 20 09:21:40 2016] <homevillageness> Can someone help with this problem: Running make on the Makefile generated by coq does not generate .vo files
[Sun Mar 20 09:23:48 2016] <homevillageness> I want to build the following coq contributions: Algebra, Topology, ZornsLemma
[Sun Mar 20 09:24:12 2016] <homevillageness> For algebra the standard makefile suffices, but for the other two there are no .vo files generated
[Sun Mar 20 12:18:11 2016] <yasu> exit
[Sun Mar 20 15:38:29 2016] <spacekitteh> comrades, is there any plan to overhaul the coqide to something like what Isabelle has with jEdit?
[Sun Mar 20 16:01:42 2016] <athan> Hi everyone. How would you try to reduce an idempotency sub goal? I've got something like `reduce x = reduce (reduce x)`
[Sun Mar 20 16:02:07 2016] <athan> I'm trying the `compute` tactic, but it's just exploding my subgoal. simpl doesn't do anything either :\
[Sun Mar 20 16:05:24 2016] <athan> Hmm... is there a way to name decomposed records? Like `destruct x as ...`?
[Sun Mar 20 16:06:02 2016] <rrika> apply f_equal.
[Sun Mar 20 16:06:31 2016] <athan> rrika: O_O that is awesome
[Sun Mar 20 16:06:32 2016] <athan> thank you!
[Sun Mar 20 16:06:38 2016] <rrika> <athan> [05:34:54] hmm, `(True = True) = True` does not unify
[Sun Mar 20 16:06:49 2016] <rrika> left side is of type "prop" right is of type "bool"
[Sun Mar 20 16:07:00 2016] <rrika> (a = b) is the same as (eq a b)
[Sun Mar 20 16:07:04 2016] <rrika> you can find out with:
[Sun Mar 20 16:07:06 2016] <rrika> Locate =
[Sun Mar 20 16:07:08 2016] <rrika> or
[Sun Mar 20 16:07:11 2016] <rrika> Locate "=".
[Sun Mar 20 16:07:11 2016] <rrika> not sure
[Sun Mar 20 16:07:17 2016] <athan> thank you :)
[Sun Mar 20 16:07:33 2016] <rrika> the type signature of eq can be found out with "Check eq."
[Sun Mar 20 16:07:40 2016] <rrika> or more specifically @eq
[Sun Mar 20 16:07:46 2016] <rrika> (which also shows you implicit arguments)
[Sun Mar 20 16:07:54 2016] <athan> rrika: And this does not work with infix operators, does it
[Sun Mar 20 16:07:59 2016] <athan> hmm!!
[Sun Mar 20 16:08:09 2016] <rrika> are you using emacs?
[Sun Mar 20 16:08:12 2016] <rrika> and proof general?
[Sun Mar 20 16:08:31 2016] <athan> I'm using coqide right now, just to get my head around the language
[Sun Mar 20 16:08:39 2016] <athan> I don't quite want to integrate into emacs yet
[Sun Mar 20 16:09:01 2016] <rrika> I like emacs more than coqide
[Sun Mar 20 16:09:07 2016] <rrika> I was new to both
[Sun Mar 20 16:09:44 2016] <athan> hmm, I don't think `apply f_equal` is sound in this case
[Sun Mar 20 16:09:53 2016] <rrika> I doesn't matter much, I just know the shortcut for checking notations (such as =) is ctrl+c cltr+a ctrl+n
[Sun Mar 20 16:09:53 2016] <athan> because then it would just assume `x = reduce x`
[Sun Mar 20 16:10:32 2016] <rrika> well, do you have a proof or want to create a proof of reduce's idemoptency
[Sun Mar 20 16:10:54 2016] <athan> I want to create a proof :\
[Sun Mar 20 16:11:10 2016] <rrika> what is reduce exactly?
[Sun Mar 20 16:11:25 2016] <athan> Is there a tactic to evaluate `f ... = f ...` in parallel?
[Sun Mar 20 16:11:39 2016] <athan> rrika: It's for my own rational number, to simplify fractions
[Sun Mar 20 16:12:02 2016] <athan> but specifically _only_ `f` on each side
[Sun Mar 20 16:12:16 2016] <rrika> f ... = f ... is your goal?
[Sun Mar 20 16:12:19 2016] <rrika> or in your premises?
[Sun Mar 20 16:12:21 2016] <Nik05> hey rrika
[Sun Mar 20 16:12:24 2016] <rrika> hi Nik
[Sun Mar 20 16:12:28 2016] <athan> rrika: It's my goal
[Sun Mar 20 16:12:46 2016] <athan> actually I think I want something like `f x = f (g x)`, where I want to evaluate `g`
[Sun Mar 20 16:12:48 2016] <rrika> well there's "simpl"
[Sun Mar 20 16:12:56 2016] <rrika> "unfold g." too maybe
[Sun Mar 20 16:12:56 2016] <athan> rrika: simpl does nothing :\
[Sun Mar 20 16:13:10 2016] <rrika> it would if 'x' was more specific
[Sun Mar 20 16:13:11 2016] <athan> hmm... the issue is that `f` and `g` are actually using the same name haha
[Sun Mar 20 16:13:29 2016] <athan> so I would need to destruct `x`?
[Sun Mar 20 16:13:43 2016] <rrika> if that is sufficient for your proof
[Sun Mar 20 16:13:55 2016] <rrika> oh reduce does the fraction simplification…
[Sun Mar 20 16:13:58 2016] <rrika> right?
[Sun Mar 20 16:14:09 2016] <athan> yes :)
[Sun Mar 20 16:14:45 2016] <rrika> maybe you can prove a idempotency property for gcd or whatever property you use
[Sun Mar 20 16:14:47 2016] <rrika> and then work from there
[Sun Mar 20 16:14:57 2016] <athan> hmm...
[Sun Mar 20 16:15:06 2016] <athan> rrika: Would you be willing to take a peek at my code? http://lpaste.net/155547
[Sun Mar 20 16:15:16 2016] <rrika> in 45min
[Sun Mar 20 16:15:43 2016] <athan> :)
[Sun Mar 20 16:16:00 2016] <rrika> * is watching the matrix reloaded for the first time. priorities, you see.
[Sun Mar 20 16:16:12 2016] <athan> I still haven't :o
[Sun Mar 20 16:39:17 2016] <spacekitteh> the matrix series is obviously a metaphor for being transgender
[Sun Mar 20 16:39:36 2016] <spacekitteh> it was obvious even before both of the wachowskis came out
[Sun Mar 20 16:39:37 2016] <spacekitteh> :D
[Sun Mar 20 16:53:53 2016] <rrika> spacekitteh, the people I watched it wanted to play "spot the indicators"
[Sun Mar 20 16:53:57 2016] <rrika> >* athan has quit
[Sun Mar 20 16:53:59 2016] <rrika> noooo
[Sun Mar 20 16:54:19 2016] <rrika> but I'm just too oblivious for these games
[Sun Mar 20 16:58:59 2016] <rrika> *the people I watched it with
[Sun Mar 20 17:08:38 2016] <spacekitteh> heh
[Sun Mar 20 17:09:08 2016] <spacekitteh> * laughs her ass off at the thoguht of /r/theredpill reacting to the metaphor
[Sun Mar 20 17:10:18 2016] <rrika> Do I want to read that reddit?
[Sun Mar 20 17:10:20 2016] <rrika> *subreddit
[Sun Mar 20 17:11:17 2016] <spacekitteh> not unless you're into super intense misogyny and rape advice
[Sun Mar 20 17:18:54 2016] <mettekou> rrika: Yes.
[Sun Mar 20 17:45:05 2016] <athan> Help rrika, you're my only hope D:
[Sun Mar 20 17:47:47 2016] <athan> Hmm, so f_equal is like a transpose over application or something
[Sun Mar 20 17:54:22 2016] <jrw> athan: f_equal the lemma is [x = y -> f x = f y]
[Sun Mar 20 17:54:42 2016] <jrw> to put it in english I would say something like "a function applied to equal arguments yields equal results"
[Sun Mar 20 17:54:56 2016] <jrw> or maybe "equality is a congruence for function application"
[Sun Mar 20 17:55:44 2016] <jrw> f_equal is also the name of a tactic which will work for functions of any number of arguments.
[Sun Mar 20 17:56:21 2016] <athan> jrw: Ahh wow that makes complete sense
[Sun Mar 20 17:56:57 2016] <athan> so that would also imply that if `f x = f y` and `f_equal f`, then `x = y`, correct?
[Sun Mar 20 17:57:23 2016] <jrw> er, I'm not really sure what you mean, but I think the answer is "no"
[Sun Mar 20 17:57:40 2016] <jrw> [f x = f y -> x = y] means that f is injective
[Sun Mar 20 17:57:49 2016] <athan> >< sorry haha
[Sun Mar 20 18:11:31 2016] <stelleg> is there a quick way to do multiple ex_intro? nothing's jumping out at me, and it's a bit tedious to write out apply ex_intro with (x:=...) for each one
[Sun Mar 20 18:16:16 2016] <jrw> stelleg: if your goal is [exists x y z, ...] you can say [exists foo, bar, baz.] to give the witnesses
[Sun Mar 20 18:16:29 2016] <jrw> so, "exists" is also a tactic name that does exactly what you want
[Sun Mar 20 18:18:04 2016] <rrika> athan
[Sun Mar 20 18:18:23 2016] <rrika> I guess it's helpful to show that the gcd will be one after you do reduction
[Sun Mar 20 18:18:53 2016] <rrika> two steps: first show that the result of reduction has a gcd of one between numerator and denominator
[Sun Mar 20 18:19:06 2016] <rrika> second show that reduction leaves numbers untouched if the gcd is one
[Sun Mar 20 18:20:30 2016] <stelleg> jrw: thanks!
[Sun Mar 20 18:20:45 2016] <jrw> np!
[Sun Mar 20 18:22:46 2016] <rrika> athan, you there?
[Sun Mar 20 18:26:42 2016] <athan> rrika: Yes! How was the flick? Should I have high hopes?
[Sun Mar 20 18:26:54 2016] <athan> sorry, knee deep in tactics :|
[Sun Mar 20 18:27:47 2016] <rrika> It was about as good as the first part I guess.
[Sun Mar 20 18:27:53 2016] <rrika> athan, what approach are you taking?
[Sun Mar 20 18:28:10 2016] <rrika> also where does gcd come from, (what kinds of imports)
[Sun Mar 20 18:29:16 2016] <athan> gcd comes from... Nat :|
[Sun Mar 20 18:29:32 2016] <athan> I'm not exactly sure. This syntax only worked in coq >= 8.5 if that helps :s
[Sun Mar 20 18:29:35 2016] <rrika> oh
[Sun Mar 20 18:29:40 2016] <rrika> there's my problem :P
[Sun Mar 20 18:29:50 2016] <athan> shoot
[Sun Mar 20 18:34:08 2016] <lilred> So I'm a newcomer to Coq, and I'm a bit miffed because of how it separates Type from Prop. Can someone explain the rationale to me?
[Sun Mar 20 18:35:43 2016] <lilred> Is it because you use tactics to instantiate members of propositions but you need to explicitly construct members of types?
[Sun Mar 20 18:36:09 2016] <rrika> the idea is that all values of a prop type are equal
[Sun Mar 20 18:36:29 2016] <lilred> rrika: but only if you accept UIP
[Sun Mar 20 18:36:47 2016] <lilred> rrika: no way to use Coq without UIP?
[Sun Mar 20 18:38:10 2016] <jrw> you can absolutely use it without UIP
[Sun Mar 20 18:39:14 2016] <lilred> Then I'm confused. Do you know a good read on the topic?
[Sun Mar 20 18:39:29 2016] <jrw> Prop in coq is used/useful for several things: 1) the extraction mechanism erases props when generating code 2) it makes it easy to add axioms in Prop and then not having to realize them. 3) Prop is impredicative.
[Sun Mar 20 18:40:21 2016] <rrika> so that different proofs for the same prop can exchangable
[Sun Mar 20 18:40:24 2016] <rrika> Isn't UIP just a consequence of proof irrelevance?
[Sun Mar 20 18:40:27 2016] <rrika> I had my introduction to prop/type etc. through the manual for LEAN
[Sun Mar 20 18:40:48 2016] <lilred> Alright. Do you know if there's a successful Coq-style proof assistant/programming language without that distinction? I heard NuPRL did
[Sun Mar 20 18:41:04 2016] <jrw> NuPRL is quite different from Coq for other reasons
[Sun Mar 20 18:41:06 2016] <lilred> Oh right LEAN
[Sun Mar 20 18:41:19 2016] <lilred> I'll refresh myself on that, thanks
[Sun Mar 20 18:41:35 2016] <jrw> I'm not super familiar with Lean, but Agda is similar and does not have this distinction
[Sun Mar 20 18:42:23 2016] <lilred> Thanks, I'll do some Agda then!
[Sun Mar 20 18:43:28 2016] <rrika> Lean has two modes, one in which there are numbered type universes and the lowest one (type_0) is also known as prop and has proof-irrelevance.
[Sun Mar 20 18:43:32 2016] <rrika> And one based on HoTT which I don't quite understand yet.
[Sun Mar 20 18:43:57 2016] <rrika> they idea is that they want to remove the special-casing of type_0
[Sun Mar 20 18:44:07 2016] <rrika> *the idea
[Sun Mar 20 18:44:20 2016] <rrika> as far as I understand anyway
[Mon Mar 21 06:06:50 2016] <jstolarek> I have (a,b,c,d)=(f,g,h,i) as my goal and I have premises H1:a=f, H2:b=g, H3:c=h and H4:d=i. Now I can prove the goal by "rewrite H1. rewrite H2. rewrite H3. rewrite H4." but that's redious. Is there a tactic that would do it automatically?
[Mon Mar 21 06:11:23 2016] <dogui> jstolarek: try "subst"
[Mon Mar 21 07:56:28 2016] <jstolarek> dogui: subst does all the substitutions. It does not solve the goal, but it's much better than doing the rewrote manually
[Mon Mar 21 07:56:31 2016] <jstolarek> thanks
[Mon Mar 21 07:59:36 2016] <Cypi> jstolarek : [congruence] will solve it automatically
[Mon Mar 21 07:59:39 2016] <Cypi> (probably)
[Mon Mar 21 08:15:09 2016] <jstolarek> Cypi: yup, congurence works :-)
[Mon Mar 21 08:15:32 2016] <jstolarek> what if I have some premises and I want to apply somethingt to all of them
[Mon Mar 21 08:15:41 2016] <jstolarek> how do I iterate over them?
[Mon Mar 21 08:16:40 2016] <jstolarek> with simpl I can for example do "simpl in * |- *".
[Mon Mar 21 08:16:46 2016] <jstolarek> this does not seem to work for apply
[Mon Mar 21 08:20:02 2016] <Cypi> You might have to do some Ltac scripting to achieve this. See for instance http://lpaste.net/155662
[Mon Mar 21 08:20:40 2016] <Cypi> Note that this is quite brutal, you have to take care yourself of problems such as termination of Ltac and so on
[Mon Mar 21 08:26:48 2016] <jstolarek> Cypi: right. I though there is a way of doing this without Ltac.
[Mon Mar 21 10:54:33 2016] <benzrf> blargh
[Mon Mar 21 10:54:41 2016] <benzrf> does anyone know anything about endowing implementations of the CoC with functions and types implemented in the host language without breaking the system's properties in unexpected ways?
[Mon Mar 21 10:55:34 2016] <benzrf> i want to write a coc-driven math tool that has a 'native' numerical type so that you can do calculations and simplifications with it
[Mon Mar 21 11:40:57 2016] <bitemyapp> benzrf: word you want is probably primitive, cf. https://coq.inria.fr/files/coq5_submission_2.pdf
[Mon Mar 21 11:41:19 2016] <bitemyapp> benzrf: http://www.maximedenes.fr/download/coq_primitives.pdf
[Mon Mar 21 11:41:55 2016] <benzrf> thanks!
[Mon Mar 21 11:42:33 2016] <bitemyapp> np
[Mon Mar 21 13:38:04 2016] <jstolarek> (x :: fst (split (combine l1 l2)), x0 :: snd (split (combine l1 l2))) = (x :: l1, x0 :: l2)
[Mon Mar 21 13:38:11 2016] <jstolarek> this is my goal
[Mon Mar 21 13:38:19 2016] <jstolarek> and I'd like to split it into two goals:
[Mon Mar 21 13:38:27 2016] <jstolarek> fst (split (combine l1 l2)) = l1
[Mon Mar 21 13:38:33 2016] <jstolarek> snd (split (combine l1 l2)) = l2
[Mon Mar 21 13:38:37 2016] <jstolarek> how do I do that?
[Mon Mar 21 13:39:21 2016] <Cypi> With some luck "f_equal" will give you that immediately
[Mon Mar 21 13:39:29 2016] <Cypi> if not, then "f_equal; f_equal" will I guess
[Mon Mar 21 13:40:53 2016] <jstolarek> ah
[Mon Mar 21 13:40:57 2016] <jstolarek> silly me
[Mon Mar 21 13:41:13 2016] <jstolarek> I tried "apply f_equal"
[Mon Mar 21 14:09:54 2016] <jstolarek> I have a premise that says "beq_nat a a = false"
[Mon Mar 21 14:09:59 2016] <jstolarek> obviously, that is False
[Mon Mar 21 14:10:12 2016] <jstolarek> but I don't know how to convince Coq :-/
[Mon Mar 21 14:10:32 2016] <jstolarek> I was hoping that I can somehow use beq_nat_true to rewrite to true = false and then use inversion
[Mon Mar 21 14:10:39 2016] <jstolarek> but that rewrite fails :(
[Mon Mar 21 14:11:50 2016] <arcatan> jstolarek: maybe beq_nat_refl instead of beq_nat_true?
[Mon Mar 21 14:12:13 2016] <stelleg> ^
[Mon Mar 21 14:13:08 2016] <jstolarek> ah
[Mon Mar 21 14:13:13 2016] <jstolarek> >_<
[Mon Mar 21 14:13:48 2016] <arcatan> :)
[Mon Mar 21 14:13:49 2016] <jstolarek> obviously, yes
[Mon Mar 21 17:40:53 2016] <stelleg> so I'm in a state where I have 0 subgoals, but when I try and Qed, I get: Error: Attempt to save a proof with existential variables still non-instantiated
[Mon Mar 21 17:41:18 2016] <jrw> stelleg: you can do [Grab Existential Variables.] to see what's left
[Mon Mar 21 17:41:36 2016] <jrw> once you figure it out, I recommend going back to where that evar was introduced and solving it there
[Mon Mar 21 17:41:51 2016] <jrw> leaving Grab Existential Variables commands in finished proofs is bad style IMO
[Mon Mar 21 17:42:11 2016] <stelleg> jrw: thanks, I'll try and figure out where it was introduced
[Mon Mar 21 17:42:52 2016] <stelleg> I think I may have introduced it in a proof equality
[Mon Mar 21 17:44:36 2016] <stelleg> maybe you or someone else has a better solution to the problem than what I came up with, which requires proof irrelevance
[Mon Mar 21 17:44:45 2016] <jrw> stelleg: post some code?
[Mon Mar 21 17:44:59 2016] <stelleg> jrw: on its way
[Mon Mar 21 17:47:27 2016] <stelleg> actually, looking back at it now I think I should just switch from using eq_nat_dec to beq_nat
[Mon Mar 21 17:48:10 2016] <stelleg> basically have a lemma that uses proof irrelevance to show that x <> y -> eq_nat_dec x y = right p
[Mon Mar 21 17:49:19 2016] <stelleg> but it uses proof irrelevance
[Mon Mar 21 17:51:02 2016] <stelleg> not actually sure where the evar is being introduced
[Mon Mar 21 17:51:38 2016] <stelleg> don't have any eapplys in my code
[Mon Mar 21 17:51:58 2016] <jrw> yeah, it's tempting to want that lemma, but usually it means you're doing something wrong, in my experience
[Mon Mar 21 17:52:09 2016] <jrw> if you show me the code I can try to point out the evar
[Mon Mar 21 18:01:45 2016] <stelleg> http://lpaste.net/155833
[Mon Mar 21 18:01:57 2016] <stelleg> apologies for the paragraph-style proofs
[Mon Mar 21 18:06:14 2016] <jrw> stelleg: what version of coq are you using?
[Mon Mar 21 18:06:29 2016] <stelleg> 8.4pl6
[Mon Mar 21 18:07:09 2016] <jrw> okay, well I'm on 8.5 and no evar is introduced
[Mon Mar 21 18:07:16 2016] <jrw> let me see if I have 8.4 somewhere...
[Mon Mar 21 18:08:05 2016] <stelleg> yeah I'd make the switch, but I'm pretty stuck in my vim ways
[Mon Mar 21 18:08:12 2016] <stelleg> and no coquille support for 8.5
[Mon Mar 21 18:08:29 2016] <jrw> :\ yeah the vim situation is quite bad
[Mon Mar 21 18:08:39 2016] <jrw> I have a labmate who hacked his own vim mode
[Mon Mar 21 18:08:47 2016] <jrw> it's pretty primitive though from what I've heard
[Mon Mar 21 18:09:17 2016] <jrw> okay I found an installation of 8.4 and it does produce an evar
[Mon Mar 21 18:09:53 2016] <jrw> stelleg: it's the [rewrite eq_nat_dec_neq]
[Mon Mar 21 18:10:11 2016] <stelleg> jrw: yeah that's what I suspected
[Mon Mar 21 18:10:39 2016] <stelleg> I think I'll just make the switch to beq_nat
[Mon Mar 21 18:10:42 2016] <stelleg> should solve the issue
[Mon Mar 21 18:11:00 2016] <stelleg> I'll let you know though
[Mon Mar 21 18:11:08 2016] <jrw> that sounds reasonable
[Mon Mar 21 18:11:10 2016] <jrw> good luck!
[Mon Mar 21 18:11:22 2016] <stelleg> thanks for the help!
[Mon Mar 21 18:14:29 2016] <stelleg> yep that fixed it
[Mon Mar 21 18:14:53 2016] <stelleg> thanks again though, now I know about those hidden evars, wasn't even aware of that possiblity
[Mon Mar 21 18:15:05 2016] <jrw> usually they aren't that hidden :)
[Mon Mar 21 18:15:15 2016] <jrw> but yeah, it's annoying
[Mon Mar 21 18:15:39 2016] <stelleg> are they just unification variables?
[Mon Mar 21 18:16:49 2016] <jrw> not exactly. evars are an internal detail of the coq implementation. I'm not super familiar with the specifics, but I usually think about them as just a hole to be filled in later.
[Mon Mar 21 18:22:04 2016] <stelleg> cool thanks
[Tue Mar 22 00:22:28 2016] <johnw> evars are pretty useful
[Tue Mar 22 00:22:34 2016] <johnw> took me a while to become friendly with them though
[Tue Mar 22 06:36:21 2016] <jstolarek> invoking coqc on a source file gives me "Error: There are pending proofs"
[Tue Mar 22 06:36:27 2016] <jstolarek> I believe this is bogus
[Tue Mar 22 06:36:43 2016] <jstolarek> is there a way of asking coqc which proofs it considers still pending?
[Tue Mar 22 06:54:26 2016] <dredozubov> the simplest way that comes to mind is going through them interactively
[Tue Mar 22 06:55:53 2016] <jstolarek> but all the proofs are finished
[Tue Mar 22 06:56:06 2016] <jstolarek> that's why I said that I think the error is bogus
[Tue Mar 22 06:56:51 2016] <Cypi> jstolarek : try "Show."
[Tue Mar 22 06:56:59 2016] <Cypi> It should print any pending goal
[Tue Mar 22 06:57:38 2016] <jstolarek> ah, got it
[Tue Mar 22 06:57:39 2016] <jstolarek> thanks
[Tue Mar 22 06:57:47 2016] <jstolarek> indeed, I have an unfisnished proof
[Tue Mar 22 06:58:25 2016] <dredozubov> coq supports nested theorems
[Tue Mar 22 06:58:28 2016] <dredozubov> i guess it's the reason
[Tue Mar 22 06:58:48 2016] <dredozubov> you can go to the end of buffer/file interactively and still have an unfinished proof
[Tue Mar 22 14:20:31 2016] <vorgang> I'm looking for help with ZModulo. How to write, say, the number 2 in the field Z/7 ?
[Tue Mar 22 14:56:38 2016] <jrw> vorgang: I've never used that file, but it looks to me like it's for reasoning modulo a power of 2
[Tue Mar 22 14:56:48 2016] <jrw> see https://coq.inria.fr/distrib/current/stdlib/Coq.Numbers.Cyclic.Abstract.CyclicAxioms.html
[Tue Mar 22 14:58:30 2016] <vorgang> I see. Well I'm looking for Z/n where n is prime
[Tue Mar 22 14:59:07 2016] <vorgang> maybe something in theories folder?
[Tue Mar 22 14:59:27 2016] <vorgang> otherwise I'd go with 3rd party lib
[Tue Mar 22 15:00:25 2016] <vorgang> or write it myself, but it's probably beyond my knowledge
[Tue Mar 22 16:17:54 2016] <vorgang> ok I guess a Record can be used for that
[Tue Mar 22 17:40:40 2016] <johnw> can I "apply" an hypothesis to the goal, but leave the goal is the converted form rather than solving it?
[Tue Mar 22 17:40:47 2016] <johnw> I guess that's what change does?
[Tue Mar 22 17:42:18 2016] <johnw> ah, etransitivity does what I need
[Tue Mar 22 18:49:26 2016] <mettekou> Could Coq's Notation be (ab)used to create custom definition keywords such as Inductive, Definition, Keyword...? Or can it only transform terms?
[Tue Mar 22 18:49:47 2016] <mettekou> Oops, Keyword had to be Fixpoint in the list of examples.
[Tue Mar 22 18:51:03 2016] <johnw> I don't think you can introduce new vernacular without writing OCaml
[Tue Mar 22 18:52:53 2016] <mettekou> johnw: You sir, have just saved my master's thesis. :P
[Tue Mar 22 18:53:06 2016] <johnw> how did I do that??
[Tue Mar 22 18:53:38 2016] <mettekou> I implemented a minimal calculus of inductive constructions (Giménez style, recursive schemes) in order to build DSLs on top of it for theorem proving in specific domains.
[Tue Mar 22 18:53:54 2016] <johnw> miniCoq!
[Tue Mar 22 18:53:57 2016] <mettekou> But a guy at my lab argued that I could have done it on top of Coq.
[Tue Mar 22 18:54:05 2016] <mettekou> So that my efforts were useless.
[Tue Mar 22 18:54:30 2016] <johnw> so, you can't introduce new vernacular
[Tue Mar 22 18:54:36 2016] <mettekou> But you'd need fully-blown macros for that, Notation isn't that.
[Tue Mar 22 18:54:36 2016] <johnw> but that doesn't mean you can't use a deep embedding
[Tue Mar 22 18:54:46 2016] <Cypi> Well, you could have written a plugin on top of Coq, as johnw said :p
[Tue Mar 22 18:54:52 2016] <johnw> i.e., instead of creating a new Inductive command, using type-indexed lists to construct a representation of an inductive type
[Tue Mar 22 18:55:30 2016] <johnw> then you can reflect on your representation and use it for your DSL as a declared inductive type; notations make it easy to write things down in this form
[Tue Mar 22 18:55:35 2016] <mettekou> Cypi: I can motivate my own implementation by arguing that 1) it allowed me to quickly understand the CoIC; 2) it prevented me from having to dig through Coq's implementation and understand it.
[Tue Mar 22 18:55:45 2016] <johnw> well, there is that
[Tue Mar 22 18:55:58 2016] <Cypi> 2) is a strong argument :-°
[Tue Mar 22 18:56:23 2016] <mettekou> Also: my OCaml is rusty, my Haskell (in which I implemented my language) isn't.
[Tue Mar 22 18:58:10 2016] <Cypi> I wonder if OCaml and Haskell are easy to interoperate?
[Tue Mar 22 18:58:30 2016] <mettekou> Cypi: Through Haskell's C FFI I guess? :P
[Tue Mar 22 18:58:43 2016] <Cypi> Precisely, I have no idea x)
[Tue Mar 22 18:59:50 2016] <Cypi> Maybe there would be people interested in a Haskell API to develop Coq plugins.
[Tue Mar 22 19:00:08 2016] <johnw> man, I sure would be
[Tue Mar 22 19:00:18 2016] <Cypi> Well, there should be a clear OCaml API first for this to be even conceivable
[Tue Mar 22 19:00:23 2016] <mettekou> If they haven't flocked to Agda or *gasp* Idris.
[Tue Mar 22 19:00:27 2016] <Cypi> and this is a work-in-progress
[Tue Mar 22 19:00:59 2016] <johnw> we may need to write an Ocaml plugin at work, and I'm not looking forward to that
[Tue Mar 22 19:01:16 2016] <Cypi> It takes a little getting used to, but it's not so bad after some time
[Tue Mar 22 19:01:23 2016] <johnw> yeah, "after some timE"
[Tue Mar 22 19:01:33 2016] <johnw> i've never written a line of OCaml
[Tue Mar 22 19:01:37 2016] <Cypi> The code base is kind of a mess though, I cannot deny that :/
[Tue Mar 22 19:01:42 2016] <Cypi> Ah x)
[Wed Mar 23 01:36:51 2016] <vorgang> When trying to step through Znumtheory.v in emacs proofgeneral (using C-c C-n), I get the following error on the first line (Require Import ZArith.base):
[Wed Mar 23 01:36:54 2016] <vorgang> Error: The file coq/theories/ZArith/ZArith_base.vo contains library Coq.ZArith.ZArith_base and not library ZArith_base
[Wed Mar 23 02:01:09 2016] <vorgang> ok got it solved, I copy the file to a diffent place (outside of coq source tree) and then it works
[Wed Mar 23 02:01:21 2016] <vorgang> there's probably a more elegant way
[Wed Mar 23 06:25:18 2016] <jstolarek> I have premises H1 : P -> Q and H2 : Q -> R. How do I prove P -> R ? This must be trivial but I just can figure it out :-/
[Wed Mar 23 06:26:51 2016] <jstolarek> ah, got it
[Wed Mar 23 06:27:07 2016] <jstolarek> ok, I have a more ambitious question
[Wed Mar 23 06:28:02 2016] <jstolarek> say a tactic t generates several goals, each of which can be solved (completely or up to some point) by application of tactics a, b and c.
[Wed Mar 23 06:28:26 2016] <jstolarek> in such a situation I can say: t; a; b; c. to apply tactics a, b and c to each subgoal generated by t
[Wed Mar 23 06:29:19 2016] <jstolarek> now, say that t generates several subgoals and each of these goals needs a different treatment up to a point, but then every goal can be finished by applying a, b and c.
[Wed Mar 23 06:29:31 2016] <jstolarek> I figured out I can do it using:
[Wed Mar 23 06:29:47 2016] <jstolarek> t; [ t1 | t2 | ... ]; a; b; c.
[Wed Mar 23 06:29:57 2016] <jstolarek> is that idiomatic way of doing this?>
[Wed Mar 23 06:31:51 2016] <Cypi> If you know exactly which treatment each subgoal needs and it's not too much of a bother to write each t1, t2, ..., then yes it's fine
[Wed Mar 23 06:33:03 2016] <Cypi> If the treatment will fail on the subgoal that are not concerned, you can do something like: t; (t1 || t2 ...); a; b; c
[Wed Mar 23 06:33:43 2016] <Cypi> If the treatment will make the goal unsolvable on the subgoals that are not concerned, then you can do (even though it will be less efficient): t; (t1 + t2 + ...); solve [a; b; c]
[Wed Mar 23 06:34:29 2016] <jstolarek> I'm not familiar with taht last notation
[Wed Mar 23 06:34:39 2016] <jstolarek> can you poingt me to relevant section of coq's manual?
[Wed Mar 23 06:35:12 2016] <Cypi> https://coq.inria.fr/refman/Reference-Manual011.html#hevea_tactic204
[Wed Mar 23 06:37:40 2016] <jstolarek> thanks
[Wed Mar 23 06:40:00 2016] <jstolarek> * finds tacticals to be very subtle
[Wed Mar 23 06:43:36 2016] <jstolarek> I am reading Software Foundations and I see that whenever there is a premise H that directly proves the goal they use "apply H".
[Wed Mar 23 06:43:42 2016] <jstolarek> I wonder why not use "assumption"
[Wed Mar 23 06:44:11 2016] <jstolarek> isn't it better? It does not reuquire to explicitly name which of the premises we want to use.
[Wed Mar 23 07:17:17 2016] <Cypi> It's a matter of style I believe, that's all
[Wed Mar 23 07:17:28 2016] <Cypi> you could even use "easy" or "auto" to be even more abstract
[Wed Mar 23 08:22:45 2016] <jstolarek> * wonder why easy is not listed at online tactics reference
[Wed Mar 23 08:22:52 2016] <jstolarek> s/wonder/wonders/
[Wed Mar 23 08:23:57 2016] <Cypi> https://coq.inria.fr/library/Coq.Init.Tactics.html They say it's "experimental" apparently, so it may for this reason
[Wed Mar 23 08:24:00 2016] <Cypi> or just an oversight
[Wed Mar 23 08:24:10 2016] <Cypi> (there is also "now t" which is a notation for "t; easy")
[Wed Mar 23 10:01:11 2016] <johnw> jstolarek: even better in that case is "exact H", so that the proof breaks if it no longer solves the goal at that point
[Wed Mar 23 10:51:55 2016] <jstolarek> johnw: right. I forgot about exact
[Wed Mar 23 10:52:49 2016] <johnw> jstolarek: what I really like is the "by" tactical from ssreflect
[Wed Mar 23 10:53:03 2016] <johnw> where "by foo" is effectively solve [ foo ]
[Wed Mar 23 10:53:28 2016] <johnw> by closing off every goal using either exact or by, you know immediately when a proof needs updating, and more precisely where
[Wed Mar 23 10:53:50 2016] <johnw> and proofgeneral can even helpfully highlight the words "exact" and "by" in red, to show this role
[Wed Mar 23 10:54:38 2016] <johnw> and then there is Adam's approach, which I'm slowly warming to more and more
[Wed Mar 23 10:55:18 2016] <johnw> I'm not yet at the "single-line proof" stage that he advocates, but I include more and more automation in my proofs now, to make them adaptable
[Wed Mar 23 10:55:57 2016] <jstolarek> I'm still learning the basics
[Wed Mar 23 10:56:03 2016] <jstolarek> working my way through SF
[Wed Mar 23 10:56:14 2016] <johnw> sure, that's still the best beginning out there
[Wed Mar 23 10:56:37 2016] <jstolarek> but looking at how unreadable proof scripts are once they are finished I really see merit in Adam's approach
[Wed Mar 23 10:56:52 2016] <jstolarek> BTW I'm hitting more and more silliness in Coq
[Wed Mar 23 10:56:58 2016] <johnw> what kind of silliness?
[Wed Mar 23 10:57:09 2016] <jstolarek> I kept getting "Syntax Error: Lexer: Unterminated string" error from coqc
[Wed Mar 23 10:57:19 2016] <jstolarek> reported at the end of file
[Wed Mar 23 10:57:27 2016] <johnw> do you have an unclosed "?
[Wed Mar 23 10:57:43 2016] <jstolarek> after carefully scanning my file it turned out that I did
[Wed Mar 23 10:57:53 2016] <jstolarek> which would be a good enough reason to report an error
[Wed Mar 23 10:58:00 2016] <jstolarek> if the string were not in a comment!
[Wed Mar 23 10:58:24 2016] <jstolarek> but it was in a comment so everything worked with ProofGeneral but not with Coqc
[Wed Mar 23 10:58:43 2016] <johnw> error reporting is not Coq's strong suit
[Wed Mar 23 10:58:43 2016] <johnw> I have many gripes there
[Wed Mar 23 10:58:43 2016] <johnw> best thing to do is to report a bug: Please let me know the line/character of the unclosed terminator when reporting this error.
[Wed Mar 23 10:59:03 2016] <johnw> there are lots of errors in Coq that give you absolutely no clue as what to do next
[Wed Mar 23 10:59:09 2016] <johnw> "Cannot instantiate evar"
[Wed Mar 23 10:59:13 2016] <johnw> "Universe inconsistency"
[Wed Mar 23 10:59:18 2016] <jstolarek> yeah
[Wed Mar 23 10:59:31 2016] <johnw> "Wrong type for instantiation"
[Wed Mar 23 10:59:35 2016] <jstolarek> I guess that with some experience these are a tad bit easier to figure out
[Wed Mar 23 10:59:37 2016] <johnw> all without any indication of even the context of the error
[Wed Mar 23 10:59:46 2016] <jstolarek> but for a beginner these are really horrible
[Wed Mar 23 10:59:57 2016] <johnw> even for an expert it is like being in the 1950s
[Wed Mar 23 11:00:06 2016] <johnw> but I've resolved to start reporting these as bugs
[Wed Mar 23 11:00:15 2016] <johnw> because the compiler knows more than it's telling us
[Wed Mar 23 11:00:18 2016] <jstolarek> * is going for a lunch and than back to SF
[Wed Mar 23 11:00:22 2016] <jstolarek> does that help?
[Wed Mar 23 11:00:25 2016] <johnw> enjoy jstolarek
[Wed Mar 23 11:00:29 2016] <jstolarek> meaning do the bugs get fixed?
[Wed Mar 23 11:00:35 2016] <johnw> yes, it does help
[Wed Mar 23 11:00:44 2016] <johnw> the Coq crew is interested in attracted more industrial users
[Wed Mar 23 11:00:45 2016] <jstolarek> then perhaps I should start doing the same
[Wed Mar 23 11:01:07 2016] <johnw> some of us (Adam included) have different goals than the mathematical crowd
[Wed Mar 23 11:01:17 2016] <johnw> and our only voice is to raise the issues we care about loudly
[Wed Mar 23 11:01:25 2016] <jstolarek> right
[Wed Mar 23 11:01:34 2016] <johnw> we want performance, good debugging tools, better error reporting, etc.
[Wed Mar 23 11:01:48 2016] <jstolarek> * now really goes afk for a while
[Wed Mar 23 11:55:17 2016] <johnw> k
[Wed Mar 23 16:56:26 2016] <vorgang> what's an easy way to prove that some small number, say 5 or 7, is prime? thanks
[Wed Mar 23 16:57:38 2016] <sunnymilk> you can compute its prime factorization, or maybe try solve 6k +/- 1 = p for p your prime number if you know its greater than 3
[Wed Mar 23 16:57:39 2016] <benzrf> vorgang: like, an existing tactic or something?
[Wed Mar 23 16:57:51 2016] <vorgang> there's prime_2 and prime_3 in Znumtheory.v but I don't fully understand the proofs and can't extend them to other numbers
[Wed Mar 23 16:58:19 2016] <benzrf> sunnymilk: hmm what is 6k +/- 1 = p a prime thing?
[Wed Mar 23 16:58:36 2016] <sunnymilk> well all primes are of that form
[Wed Mar 23 16:59:33 2016] <vorgang> anyway I don't really care, it's just something I need for some other project. I'd be happy to just grab the code from somewhere
[Wed Mar 23 16:59:55 2016] <vorgang> I can't believe I'm stuck on this for a day now
[Wed Mar 23 17:00:11 2016] <vorgang> coq just won't believe me when I say 7 is prime
[Wed Mar 23 17:01:06 2016] <sunnymilk> maybe its not
[Wed Mar 23 17:01:20 2016] <vorgang> last time I checked, it was
[Wed Mar 23 17:02:35 2016] <sunnymilk> "everything changes and nothing stands still" - heraclitus
[Wed Mar 23 17:02:39 2016] <sunnymilk> sorry im just being silly :p
[Wed Mar 23 17:02:44 2016] <sunnymilk> i think number theory is quite hard in coq
[Wed Mar 23 17:03:06 2016] <vorgang> but this is basic stuff and someone must have done it already
[Wed Mar 23 17:04:09 2016] <benzrf> vorgang: what if...
[Wed Mar 23 17:04:12 2016] <vorgang> it's a bit frustrating, coming from java where you can find anything on stackoverflow instantly
[Wed Mar 23 17:04:14 2016] <notdan> hm shouldn't you be able to solve something like this with omega?
[Wed Mar 23 17:04:29 2016] <sunnymilk> well, you could define some things like euclid's totient function, and then define prime-ness in terms of that
[Wed Mar 23 17:04:31 2016] <benzrf> could you write a naive function that (slowly) computes the nth prime, and prove that its outputs are always prime?
[Wed Mar 23 17:04:36 2016] <benzrf> sunnymilk: *euler?
[Wed Mar 23 17:04:49 2016] <sunnymilk> the keys are right next to each other ;-;
[Wed Mar 23 17:05:01 2016] <sunnymilk> but yeah then youll have a ince decidable way of telling if a specific number is prime
[Wed Mar 23 17:05:07 2016] <sunnymilk> without having to worry about prime factorization or something
[Wed Mar 23 17:05:11 2016] <benzrf> then you can just use the fact that [nth_prime 4] is prime, and just simpl out
[Wed Mar 23 17:05:28 2016] <sunnymilk> benzrf youd have to prove that theres no gaps
[Wed Mar 23 17:05:43 2016] <benzrf> why
[Wed Mar 23 17:05:45 2016] <sunnymilk> eg, that it comptues only primes, and there are no primes it doesnt compute, and its in order
[Wed Mar 23 17:06:03 2016] <benzrf> if you need [prime 7], you just do, like
[Wed Mar 23 17:06:19 2016] <sunnymilk> ohh wait i dont tihnk you need that
[Wed Mar 23 17:06:21 2016] <benzrf> uh, i dont recall the tactic, but
[Wed Mar 23 17:06:37 2016] <benzrf> you make an assumption of [prime (nth_prime 4)]
[Wed Mar 23 17:06:41 2016] <benzrf> and then simpl in that assumption
[Wed Mar 23 17:06:59 2016] <benzrf> it doesn't matter if there are gaps, you just want to get [prime 7] and *you* know that nth_prime 4 is 7
[Wed Mar 23 17:07:13 2016] <sunnymilk> yeah youre rght
[Wed Mar 23 17:07:47 2016] <benzrf> :)
[Wed Mar 23 17:13:26 2016] <vorgang> I mean there is coqprime, if all else fails, but pocklinton certificates seem a bit overkill for this
[Wed Mar 23 17:13:44 2016] <benzrf> coqprime?
[Wed Mar 23 17:14:25 2016] <vorgang> http://coqprime.gforge.inria.fr/
[Wed Mar 23 17:19:19 2016] <vorgang> coqprime doesn't compile. woohoo
[Thu Mar 24 11:13:43 2016] <stelleg> I have a goal that seems like it should be reducible, but neither simpl nor compute will apply the function to its arguments: http://lpaste.net/156583
[Thu Mar 24 11:15:02 2016] <stelleg> I would like to be doing case analysis on beq_nat ne f
[Thu Mar 24 11:15:38 2016] <stelleg> but for some reason it won't do that application
[Thu Mar 24 11:15:56 2016] <stelleg> compute will unfold beq_nat, and simpl will do nothing
[Thu Mar 24 11:16:57 2016] <stelleg> any thoughts?
[Thu Mar 24 11:20:47 2016] <stelleg> to clarify, I would like it to beta apply (fix clu ...) x ne (f..)
[Thu Mar 24 11:28:15 2016] <Cypi> You cannot reduce an application of a fixpoint to something that is not a constructor
[Thu Mar 24 11:28:25 2016] <Cypi> otherwise you would lose strong normalization quite easily
[Thu Mar 24 11:28:35 2016] <Cypi> (since, you would be able to unfold a fixpoint indefinitely)
[Thu Mar 24 11:29:29 2016] <stelleg> Cypi: thanks
[Thu Mar 24 11:31:02 2016] <stelleg> I thought you could manually unfold when you needed to
[Thu Mar 24 11:33:01 2016] <stelleg> but that solves my problem, thanks
[Thu Mar 24 16:13:27 2016] <tbelaire> I'm thinking of replacing my class-name parameters with a dependant pair of class-name and proof that the class exists in the class table (or is Object).
[Thu Mar 24 16:13:35 2016] <tbelaire> This has some downsides though
[Thu Mar 24 16:14:39 2016] <tbelaire> I haven't used dependant pairs much (ever) and was wondering if anyone had tried working with them extensively
[Thu Mar 24 16:14:50 2016] <tbelaire> and if there is anything I should look out for
[Thu Mar 24 16:15:23 2016] <tbelaire> I'm mostly concerned that it's going to be a pain to keep boxing and unboxing these
[Thu Mar 24 16:16:22 2016] <tbelaire> is there a way to do something to automatically project out the first part when needed?
[Thu Mar 24 17:02:34 2016] <johnw> yes, you can define a coercion
[Thu Mar 24 17:03:29 2016] <johnw> Coercion proj_sig1 : forall A P, sig A P >-> A.
[Thu Mar 24 18:02:16 2016] <johnw> is there a way to see what "simpl" is doing, when it takes a huge amountof time to run?
[Thu Mar 24 18:06:03 2016] <benzrf> what's a coercion?
[Thu Mar 24 18:06:29 2016] <johnw> see object of type X, invisibly apply accessor to get object of type Y
[Thu Mar 24 18:08:36 2016] <benzrf> oooh niiiice
[Thu Mar 24 18:15:23 2016] <johnw> boxing, however, will always require evidence
[Thu Mar 24 19:00:57 2016] <wedify> what do you guys think of this idea? when you type a function name the agda-mode automatically inserts holes for each of the arguments
[Thu Mar 24 19:01:40 2016] <johnw> how does that help Coq users?
[Thu Mar 24 19:01:53 2016] <wedify> oh sorry wrong channel
[Thu Mar 24 19:09:00 2016] <rrika_> I should make a mobile game out of coq.
[Thu Mar 24 19:09:02 2016] <rrika_> tap to apply tactics
[Thu Mar 24 19:09:03 2016] <rrika_> $0.50 for ";"
[Thu Mar 24 19:09:43 2016] <rrika> sell it as "puzzle"
[Thu Mar 24 19:49:00 2016] <benzrf> ive thought of something similar :>
[Sat Mar 26 17:50:40 2016] <twryst> Hello #coq! I am a cognitive/computer scientist in an abstract reasoning modeling lab, and I think my model could be used to drive Coq's interactive theorem proving capabilities to accomplish fully automated theorem proving. Is there an already existing tool for getting the proof state from Coq during the proving process? Like when it's waiting in Emacs for you to tell it "trivial"or "intros" etc
[Sat Mar 26 17:52:29 2016] <twryst> I figure there should already exist an API but I'm not finding it with a cursory look-over of the repo or inria site
[Sat Mar 26 18:17:49 2016] <sunnymilk> im not exactly sure how it does that - look into the proof general code maybe?
[Sat Mar 26 18:18:09 2016] <sunnymilk> i dont thin ktheres an "api" for it though, i think it just gets it as text output
[Sat Mar 26 18:18:39 2016] <sunnymilk> eg, emacs/proof general might not know about the strucutre of a proof state any deeper than "its a blob of text"
[Sat Mar 26 18:18:51 2016] <sunnymilk> but i may be completely wrong on that
[Sat Mar 26 18:39:02 2016] <benzrf> it would be extremely nice to have an api
[Sat Mar 26 19:13:22 2016] <johnw> twryst: I would think you could develop something in OCaml, since it has access to the current proof tree
[Sat Mar 26 19:31:43 2016] <twryst> @johnw In what context? as a branch off the coq git repo? or a new plugin to coq?
[Sat Mar 26 19:31:50 2016] <johnw> plugin to coq
[Sat Mar 26 19:32:00 2016] <johnw> OCaml tactics can reflect on the current proof state
[Sat Mar 26 19:32:12 2016] <johnw> http://gallium.inria.fr/blog/your-first-coq-plugin/
[Sat Mar 26 19:46:46 2016] <twryst> @johnw hm, so that lets me get the proof state, and I can hand it off to my model using ocaml's open_process, but what my model will be outputting is the tactic that we want coq to use
[Sat Mar 26 19:47:00 2016] <johnw> btw, on IRC we use "johnw: "
[Sat Mar 26 19:47:06 2016] <johnw> if you say @johnw, it makes me think I have my op-flag on
[Sat Mar 26 19:47:24 2016] <johnw> twryst: your model would need to output the replacement proof state
[Sat Mar 26 19:47:43 2016] <johnw> i'm not sure if you'd be able to recursively make use of tactics within such a plugin, but maybe it's possible; the coq-club mailing list would know
[Sat Mar 26 19:49:49 2016] <twryst> johnw: interesting, thank you. Maybe I can look at the first step of implementation of the various tactics to see if I can hand off immediately after where Coq would do string-matching? I'll ask on the mailing list, thank you for the help
[Sat Mar 26 19:50:03 2016] <johnw> sure, good luck!
[Sat Mar 26 19:50:08 2016] <johnw> I'm always interested in better automation :)
[Sat Mar 26 21:23:04 2016] <jgross> twryst: If you grep the Coq source code for tclTHEN (the internal equivalent of ";", the Ltac sequencing operation), you'll see how internal code calls various tactics. 
[Sat Mar 26 22:48:40 2016] <twryst> jgross: excellent, thank you
[Sun Mar 27 14:31:04 2016] <akira42> hello; I'm a beginner with coq (I worked through the first chapters of "Software Foundations"), could someone point me into a direction how one uses simple sets with coq?
[Sun Mar 27 14:31:32 2016] <benzrf> akira42: not me, sorry
[Sun Mar 27 14:31:36 2016] <akira42> the listings in the standard library rather confuse me
[Sun Mar 27 14:32:30 2016] <akira42> benzrf: well, I just want to formalize simple proofs involving set theory (I'm a beginner with general proofs, too)
[Sun Mar 27 14:33:24 2016] <rrika> akira42, do you have an example of something you want to prove?
[Sun Mar 27 14:35:01 2016] <akira42> rrika: I'm using the book "How To Prove It", so all proofs in it - for example, suppose A B C are sets, the intersection of A and C is included in B, a is a element of C, prove that a is not an element of A minus B.
[Sun Mar 27 14:35:46 2016] <akira42> I tried using some modules of the library found that rather confusing
[Sun Mar 27 14:37:18 2016] <rrika> I don't know the "proper" way, but I guess you could get there with axioms.
[Sun Mar 27 14:37:46 2016] <rrika> Define "intersection" and "minus" by specifying how what is included in the results of these operations
[Sun Mar 27 14:38:10 2016] <rrika> akira42, have you learned about inductive propositions?
[Sun Mar 27 14:38:26 2016] <rrika> they'll appear later in SF but will probably help you with that
[Sun Mar 27 14:38:30 2016] <akira42> rrika: yes, but I would rather try to avoid 'rolling my own'
[Sun Mar 27 14:38:50 2016] <rrika> idk, you can always turn these into aliases for some library you find later
[Sun Mar 27 14:40:24 2016] <akira42> mh, true
[Sun Mar 27 14:40:40 2016] <akira42> gonna try that - thanks
[Sun Mar 27 14:40:49 2016] <rrika> I mean, you'll have some kind of type, "IsIn element set"
[Sun Mar 27 14:40:55 2016] <rrika> oh good bye then
[Sun Mar 27 15:06:47 2016] <Aelita_> I'm trying to get into Coq lately, I hope you won't mind a few beginner questions
[Sun Mar 27 15:06:52 2016] <Aelita_> Can the apply tactic be used in an hypothesis the same way as it is used in a goal? ie if H:B->C is an hypothesis and a lemma states that A->B there a direct way to obtain A->C as an hypothesis?
[Sun Mar 27 15:07:25 2016] <Aelita_> (oh and sorry, I meant to say hello first but i forgot)
[Sun Mar 27 15:07:57 2016] <rrika> Hi Aelita_
[Sun Mar 27 15:07:59 2016] <rrika> you could use
[Sun Mar 27 15:08:13 2016] <rrika> assert (A->C).
[Sun Mar 27 15:08:22 2016] <rrika> apply H.
[Sun Mar 27 15:08:26 2016] <rrika> apply a.
[Sun Mar 27 15:08:32 2016] <rrika> I'm wondering if there's something shorter
[Sun Mar 27 15:08:44 2016] <rrika> pose proof (fun a => H a).
[Sun Mar 27 15:09:16 2016] <Aelita_> Thanks! The first version is good enough for me :)
[Sun Mar 27 15:09:25 2016] <rrika> np, enjoy
[Sun Mar 27 15:43:40 2016] <vorgang> Hello, I'm trying to define a finite field type Z/p where p is prime. And then also operations add, sub mult. Here's a start: http://pastebin.com/wsQmQG16
[Sun Mar 27 15:44:14 2016] <vorgang> sorry I don't know how to do proper sytax highlighting coq code on pastebin
[Sun Mar 27 15:46:13 2016] <vorgang> However I'm not happy with that approach: The second argument to pf_add "comp" is a necessary compatibility condition, and this will creep into all subsequent lemmas and proofs and cause lots of work
[Sun Mar 27 15:48:44 2016] <vorgang> I have an idea how to do it better, by defining prime_field not as a plain record but a "parameterized type". However I can't figure out the right syntax. Can someone give a hint? Thanks
[Sun Mar 27 15:50:54 2016] <rrika> vorgang, you don't even use comp in pf_add
[Sun Mar 27 15:51:23 2016] <vorgang> right
[Sun Mar 27 15:51:52 2016] <vorgang> but I use (f x) and it just wouldn't make sense if (f x) != (f y)
[Sun Mar 27 15:52:03 2016] <rrika> hm
[Sun Mar 27 15:55:10 2016] <vorgang> I wanted to do something similar to Vector and define prime_field not as one Record, but a family of types, parameterized by, say, Z.
[Sun Mar 27 15:55:53 2016] <rrika> if you put 'f' between prime_field and ':'
[Sun Mar 27 15:55:54 2016] <rrika> does that work?
[Sun Mar 27 15:56:11 2016] <vorgang> uh, let's see
[Sun Mar 27 15:58:14 2016] <rrika> >Definition prime := {f | prime f}.
[Sun Mar 27 15:58:14 2016] <rrika> >Record prime_field (f: prime) : Set := pf_make {n: Z}.
[Sun Mar 27 15:58:28 2016] <rrika> wait, I'm redefining the name here
[Sun Mar 27 16:02:11 2016] <rrika> vorgang, if you wait a bit more I can send you a snippet
[Sun Mar 27 16:03:07 2016] <vorgang> cool, looks good to me. Now for the definition of pf_add...
[Sun Mar 27 16:03:59 2016] <rrika> Definition pf_add {p: prime_z} (x y : prime_field p) :=
[Sun Mar 27 16:04:00 2016] <rrika>   pf_make p ((n p x) + (n p y)).
[Sun Mar 27 16:04:34 2016] <rrika> you can even do
[Sun Mar 27 16:04:34 2016] <rrika> Definition pf_add {p: prime_z} (x y : prime_field p) :=
[Sun Mar 27 16:04:35 2016] <rrika>   pf_make p ((n _ x) + (n _ y)).
[Sun Mar 27 16:06:16 2016] <vorgang> Neat! What kind of syntax is (n p x), or (n _ x)?
[Sun Mar 27 16:07:11 2016] <vorgang> So far I've only used (n x) "field access"
[Sun Mar 27 16:07:22 2016] <rrika> it's not really any different from a function call
[Sun Mar 27 16:07:32 2016] <rrika> defining that record added a function n to your scope
[Sun Mar 27 16:07:47 2016] <rrika> that can extract that field from a value of that record-type
[Sun Mar 27 16:07:54 2016] <vorgang> yes, but now it's taking one more argument
[Sun Mar 27 16:08:05 2016] <rrika> yes, that one comes from the type
[Sun Mar 27 16:08:21 2016] <rrika> the (f: prime) of "Record prime_field (f: prime) :"
[Sun Mar 27 16:08:31 2016] <rrika> not really sure why
[Sun Mar 27 16:08:43 2016] <vorgang> tricky stuff. Thanks!
[Sun Mar 27 16:08:44 2016] <rrika> but since it can be inferred from the later argument you pass (namely x) you can leave a placeholder
[Sun Mar 27 16:09:07 2016] <vorgang> Glad I asked. I would have been stuck.
[Sun Mar 27 16:09:12 2016] <rrika> :)
[Sun Mar 27 16:10:22 2016] <rrika> you could try replacing "(f: prime)" by "{f: prime}"
[Sun Mar 27 16:10:31 2016] <rrika> so it will be implicit where possible
[Mon Mar 28 03:43:50 2016] <jstolarek> Say I have a hypothesis H represented by an inductive data type
[Mon Mar 28 03:44:05 2016] <jstolarek> what is the difference between "induction H" and "inversion H"?
[Mon Mar 28 04:55:59 2016] <jstolarek> say I have a hypothesis "H : and b c = true" and I need to learn that this implies "b = true" and "c = true"
[Mon Mar 28 04:56:26 2016] <jstolarek> I can "apply andb_true_elim1" to get "b = true" but that also deletes the original hypothesis
[Mon Mar 28 04:56:50 2016] <jstolarek> so I no longer have "andb b c = true" on which I could apply andb_true_elim2
[Mon Mar 28 04:57:10 2016] <jstolarek> can I make apply not remove the original goal?
[Mon Mar 28 05:01:48 2016] <rrika> you can make a copy with "pose proof H."
[Mon Mar 28 05:01:58 2016] <rrika> but even better
[Mon Mar 28 05:02:03 2016] <rrika> "apply andb_true_iff"
[Mon Mar 28 05:02:10 2016] <rrika> if I remember correctly this will give you
[Mon Mar 28 05:02:14 2016] <rrika> b = true /\ c = true
[Mon Mar 28 05:02:45 2016] <rrika> which you can split into two using destruct
[Mon Mar 28 05:02:51 2016] <rrika> jstolarek, ^
[Mon Mar 28 05:05:41 2016] <jstolarek> rrika : andb_prop :-)
[Mon Mar 28 05:06:13 2016] <jstolarek> so if I want to maintain the original hypothesis then I am forced to copy it explicitly?
[Mon Mar 28 05:06:43 2016] <rrika> I think you can tell apply to make a copy too.
[Mon Mar 28 05:08:06 2016] <jstolarek> but how? I looked at the manual but didn't find anyting :(
[Mon Mar 28 05:10:17 2016] <rrika> I can't find anything either now.
[Mon Mar 28 05:10:37 2016] <rrika> something else you could do is
[Mon Mar 28 05:10:40 2016] <rrika> assert (b=true).
[Mon Mar 28 05:10:50 2016] <rrika> apply (andb_true_elim1 H).
[Mon Mar 28 05:10:52 2016] <rrika> assert (c=true).
[Mon Mar 28 05:10:56 2016] <rrika> apply (andb_true_elim2 H).
[Mon Mar 28 05:12:08 2016] <rrika> actually, just pose "proof (andb_true_elim1 H). pose proof (andb_true_elim2 H)."
[Mon Mar 28 05:16:37 2016] <jstolarek> ok
[Mon Mar 28 07:58:09 2016] <stelleg> is there a way to do an apply and leave particular arguments as a goal?
[Mon Mar 28 07:58:56 2016] <stelleg> for example, apply (f _ x) is telling coq to try to infer the first parameter of f, but what if I'd like to leave that as a goal?
[Mon Mar 28 08:03:16 2016] <Cypi> refine (f _ x) if "f _ x" is the complete term
[Mon Mar 28 08:04:20 2016] <stelleg> Cypi: oh right, thanks
[Mon Mar 28 09:10:59 2016] <jstolarek> I have a hypothesis that says "H : forall x0 : X, ..." and I have a particular x in the context. How can I apply x to H0? I want to do this to show contradiction (x is a counter-example for claim made by H0)
[Mon Mar 28 09:13:41 2016] <Cypi> "specialize (H x)" is a way
[Mon Mar 28 09:13:54 2016] <Cypi> If he contradiction is immediate, "inversion (H x)" could work
[Mon Mar 28 09:13:56 2016] <Cypi> the*
[Mon Mar 28 09:22:23 2016] <jstolarek> thanks :-)
[Mon Mar 28 10:22:37 2016] <Aelita_> Hi! Could someone please tell me how to do the obvious simplification here? http://pastebin.com/SgmQ3mu2
[Mon Mar 28 10:23:09 2016] <Cypi> "rewrite H; simpl"
[Mon Mar 28 10:23:39 2016] <Aelita_> Thanks!
[Mon Mar 28 12:24:48 2016] <ryanakca> I'm working on a formalisation of posets, implemented as a record PO. I have a notion of lower sub poset (LowerSubPo), (i.e., a lower-closed subset) and want to show that its complement is also a poset. The catch is that the way I implemented "p is a subposet of q" is by means of there is an isomorphic image of p in q. So the natural way to implement the complement of p is via a sig where the inhabitants
[Mon Mar 28 12:24:54 2016] <ryanakca> are all of those q' in q that are not in the image of p, and q1 <= q2 iff proj1_sig q1 <= proj1_sig q2. The difficulty is anti-symmetry. Antisymmetry in q gives me that the first projections are equal, but I also need to show that the proofs are equal, which doesn't strike me as true in general.
[Mon Mar 28 12:25:43 2016] <ryanakca> I've looked at Coq.Logic.EqdepFacts, but can't seem to make much sense of it. Here's what I have so far: http://www.cs.cmu.edu/~rkavanag/pomset.v . The relevant definitions are PO, LowerSubPo, and SubPoComplement.
[Mon Mar 28 12:29:33 2016] <ryanakca> Any thoughts on how to get around this snag? I'm starting to think that I should have stuck with Coq.Sets.Partial_Order and Ensembles as carriers, instead of Types, though I'm not sure how one would encode a map of Ensembles? A map from P -> Q, where P : Ensemble U and Q : Ensemble V would be an f : U -> V s.th. forall u : U, In P u -> In Q (f u) ?
[Mon Mar 28 12:41:42 2016] <johnw> hi
[Mon Mar 28 12:42:12 2016] <johnw> what is the snag exactly?
[Mon Mar 28 12:43:34 2016] <johnw> does "inversion e" not give you x = y?
[Mon Mar 28 13:12:44 2016] <ryanakca> johnw: No, it just gives me a new hypothesis "H : proj1_sig x = proj1_sig y".
[Mon Mar 28 13:13:55 2016] <ryanakca> johnw: Because, I assume, forall x : { x : T | P x }, x = y <-> (proj1_sig x = proj1_sig y /\ proj2_sig x = proj2_sig y).
[Mon Mar 28 13:16:14 2016] <ryanakca> I have that the first projections are equal, but there's no reason for the second projections to be equal. I think EqdepFacts is supposed to help with this by introducing proof irrelevance.
[Mon Mar 28 14:00:51 2016] <johnw> try this:
[Mon Mar 28 14:00:54 2016] <johnw> dependent rewrite H
[Mon Mar 28 14:01:01 2016] <johnw> i don't think that will work, never mind
[Mon Mar 28 14:01:21 2016] <johnw> ah, of course, this isn't true
[Mon Mar 28 14:01:32 2016] <johnw> it's only true under propositional extensionality
[Mon Mar 28 14:02:06 2016] <johnw> that is, if the 1st parts of two sigs are the same, their related proofs are only inferrably equal by propositional extensionality
[Mon Mar 28 16:45:56 2016] <tbelaire> Hi.  I've just done an induction and for a hypothesis of the form D0 := D : typ
[Mon Mar 28 16:45:59 2016] <tbelaire> what's up with that?
[Mon Mar 28 16:46:07 2016] <tbelaire> haven't seen that before and it really hard to google :=
[Mon Mar 28 16:51:53 2016] <titanium17> Hi guys
[Mon Mar 28 16:52:18 2016] <johnw> hi tbelaire
[Mon Mar 28 16:52:22 2016] <titanium17> I am almost through the Software foundations coursework and was thinking about doing a small proof apart from the exercises in there
[Mon Mar 28 16:52:31 2016] <johnw> tbelaire: I didn't really understand your question; can you show me some code?
[Mon Mar 28 16:52:36 2016] <johnw> titanium17: nice
[Mon Mar 28 16:52:46 2016] <titanium17> Is there a good starting point for something easy? Just to get my feet wet?
[Mon Mar 28 16:52:56 2016] <johnw> oh, you just want a general problem to solve?
[Mon Mar 28 16:53:10 2016] <titanium17> yeah, something not too complex, and that can be proved by coq
[Mon Mar 28 16:53:24 2016] <johnw> are you interested in heading toward mathematics, or engineering?
[Mon Mar 28 16:53:45 2016] <jrw> titanium17: my favorite problem at roughly that level of difficulty is "write a compiler from a simple arithmetic expression language to a simple stack machine and prove it correct"
[Mon Mar 28 16:53:47 2016] <titanium17> err.. engineering interests me more than pure math
[Mon Mar 28 16:53:54 2016] <titanium17> I might offend some people with that statement
[Mon Mar 28 16:53:57 2016] <titanium17> :E
[Mon Mar 28 16:54:00 2016] <johnw> then I suggest getting started with software modeling
[Mon Mar 28 16:54:02 2016] <johnw> for example
[Mon Mar 28 16:54:12 2016] <johnw> pick some language, any language, like simple math or lambda calculus
[Mon Mar 28 16:54:20 2016] <johnw> and build the data representation for terms of that language
[Mon Mar 28 16:54:42 2016] <johnw> then provide a denotation for your language into Gallina, to state what various terms mean
[Mon Mar 28 16:54:56 2016] <tbelaire> johnw: I can, but I don't have a minimal example
[Mon Mar 28 16:54:58 2016] <johnw> finally, write proves about things implied by your denotation, or the correctness of certain transformations
[Mon Mar 28 16:55:08 2016] <johnw> tbelaire: I'm not sure what you're inducting on, or what the question is...
[Mon Mar 28 16:55:40 2016] <titanium17> So if I were to venture into something along the lines of proving that inheritance in java preserves type safety...
[Mon Mar 28 16:55:51 2016] <tbelaire> yeah.  Question is, what does A := B : C mean when it shows up as a hypothesis
[Mon Mar 28 16:55:52 2016] <titanium17> Would I be able to find some specification of Java in coq online?
[Mon Mar 28 16:55:57 2016] <tbelaire> Java?
[Mon Mar 28 16:55:58 2016] <johnw> titanium17: well, sure, although that's biting off a LOT
[Mon Mar 28 16:55:59 2016] <tbelaire> ooh
[Mon Mar 28 16:56:00 2016] <titanium17> or would I have to start from scratch?
[Mon Mar 28 16:56:11 2016] <tbelaire> I've been working on Featherweight java all term
[Mon Mar 28 16:56:12 2016] <tbelaire> uh
[Mon Mar 28 16:56:16 2016] <tbelaire> not a small project
[Mon Mar 28 16:56:20 2016] <tbelaire> but
[Mon Mar 28 16:56:21 2016] <johnw> I started trying to model Emacs Lisp, for example
[Mon Mar 28 16:56:33 2016] <titanium17> haha ok, I am just throwing ideas around. Sorry!!
[Mon Mar 28 16:56:46 2016] <tbelaire> github.com/tbelaire/FJ-Formalization/
[Mon Mar 28 16:56:55 2016] <tbelaire> started from someone elses project
[Mon Mar 28 16:57:01 2016] <johnw> titanium17: here's what the start of it looks like: https://github.com/jwiegley/notes/blob/master/EmacsLisp.v
[Mon Mar 28 16:57:33 2016] <johnw> I'm having an issue right now evaluations that should result yet again in s-expressions
[Mon Mar 28 16:57:36 2016] <johnw> but the basic idea is similar
[Mon Mar 28 16:58:08 2016] <johnw> titanium17: see also this material: https://frap.csail.mit.edu/main
[Mon Mar 28 16:58:15 2016] <johnw> it uses SQL as the "example language"
[Mon Mar 28 16:58:19 2016] <johnw> but the concept is exactly the same
[Mon Mar 28 16:58:33 2016] <johnw> <and well, a rough approximation of part of SQL>
[Mon Mar 28 16:58:55 2016] <johnw> if you want to do engineering in Coq, becoming familiar with Adam and his approach is a good idea anyway
[Mon Mar 28 16:59:28 2016] <titanium17> The E-lisp looks surprisingly "comprehendable" for lack of a better word
[Mon Mar 28 16:59:40 2016] <johnw> comprehensible? :)
[Mon Mar 28 16:59:46 2016] <titanium17> yeah, that :P
[Mon Mar 28 17:00:29 2016] <titanium17> thanks peeps, I shall look at more of such stuff. Both your links are very interesting!
[Mon Mar 28 17:00:58 2016] <titanium17> Also, would proving correctness of certain algorithms be good starting point?
[Mon Mar 28 17:01:11 2016] <titanium17> Although I am afraid that it might involve more mathy stuff
[Mon Mar 28 17:01:30 2016] <johnw> sure
[Mon Mar 28 17:01:36 2016] <johnw> proving the correctness of a sorting algorithm is interesting
[Mon Mar 28 17:01:43 2016] <johnw> it involves reasoning about permutations and orders
[Mon Mar 28 17:02:07 2016] <titanium17> Hmm, that might work. Something not too mathematical to put me off completely...
[Mon Mar 28 18:42:56 2016] <benzrf> what happened to nat_iter?
[Mon Mar 28 18:43:15 2016] <johnw> hmm?
[Mon Mar 28 18:46:32 2016] <benzrf> i have some old code that wont compile anymore since i updated
[Mon Mar 28 18:46:39 2016] <benzrf> it complains of the nonexistence of nat_iter
[Mon Mar 28 18:47:00 2016] <johnw> "updated"?
[Mon Mar 28 18:47:08 2016] <johnw> assume I don't know what you're thinking :)
[Mon Mar 28 18:47:08 2016] <benzrf> updated coq
[Mon Mar 28 18:47:15 2016] <johnw> from 8.4 to 8.5?
[Mon Mar 28 18:47:18 2016] <benzrf> probably
[Mon Mar 28 18:50:06 2016] <Cypi> There is a commit that says "nat_iter n f x -> nat_rect _ x (fun _ => f) n"
[Mon Mar 28 18:50:28 2016] <benzrf> great...
[Mon Mar 28 18:50:39 2016] <benzrf> so then where do i get nat_iter_plus
[Mon Mar 28 18:51:24 2016] <Cypi> and there is the notation "iter_nat"
[Mon Mar 28 18:51:38 2016] <benzrf> where?
[Mon Mar 28 18:51:46 2016] <benzrf> also, there seems to be an "iter" function
[Mon Mar 28 18:51:48 2016] <Cypi> In Arith.Wf_nat
[Mon Mar 28 18:51:50 2016] <benzrf> but no iter_plus or anything :I
[Mon Mar 28 18:51:55 2016] <Cypi> (just Arith will import it)
[Mon Mar 28 18:52:20 2016] <benzrf> Error: The reference nat_iter was not found in the current environment.
[Mon Mar 28 18:52:21 2016] <Cypi> There is a nat_rect_plus
[Mon Mar 28 18:52:26 2016] <benzrf> oh!
[Mon Mar 28 18:52:28 2016] <benzrf> ty!
[Mon Mar 28 18:52:30 2016] <Cypi> iter_nat I said, not nat_iter :p
[Mon Mar 28 18:52:36 2016] <benzrf> oh derp x_x
[Mon Mar 28 18:52:51 2016] <benzrf> ok, this looks like it'll work :)
[Mon Mar 28 19:45:50 2016] <benzrf> i have False as a goal
[Mon Mar 28 19:45:56 2016] <benzrf> how do i move backward to 'true = false' as a goal?
[Mon Mar 28 19:46:04 2016] <benzrf> i could do an assert, but is there something more compact?
[Mon Mar 28 19:47:50 2016] <johnw> yeah, one sec
[Mon Mar 28 19:49:15 2016] <johnw> you could: cut (true = false); [intros;discriminate|].
[Mon Mar 28 19:49:26 2016] <benzrf> tad long :v
[Mon Mar 28 19:49:48 2016] <johnw> write a helper lemma true = false -> False, and apply it
[Mon Mar 28 19:49:48 2016] <benzrf> what does discriminate do
[Mon Mar 28 19:49:52 2016] <benzrf> ha
[Mon Mar 28 19:49:57 2016] <johnw> discriminate says true = false is obviously False
[Mon Mar 28 19:50:16 2016] <benzrf> so like a special case of inversion?
[Mon Mar 28 19:50:26 2016] <benzrf> automatically on relevant hypothesis?
[Mon Mar 28 19:50:34 2016] <johnw> it uses the obvious inequality of injective constructor (functions)
[Mon Mar 28 19:54:12 2016] <benzrf> johnw: in an ltac expression, can i use .
[Tue Mar 29 00:19:04 2016] <benzrf> is transfinite induction not computationally sound
[Tue Mar 29 10:46:36 2016] <Ainieco> hello
[Tue Mar 29 10:47:51 2016] <Ainieco> why i can't rewrite -> "H : 0 * p = 0" in "n' * 0 = n' * 0 * p" ?
[Tue Mar 29 10:55:49 2016] <dogui> Ainieco: probably because '*' associates to the left?
[Tue Mar 29 10:55:57 2016] <dogui> So you don't actually have (0 * p) anywhere
[Tue Mar 29 11:05:18 2016] <Ainieco> dogui: doh!
[Tue Mar 29 11:05:41 2016] <Ainieco> dogui: thank you!
[Tue Mar 29 11:07:22 2016] <dogui> Ainieco: you're welcome!
[Tue Mar 29 15:43:29 2016] <stelleg> is there a way to rewrite let bound variables, e.g. I have goal (reflexive_predicate t t') and hypothesis t:=t', and would like to get reflexive_predicate t' t'
[Tue Mar 29 15:46:00 2016] <johnw> unfold t
[Tue Mar 29 15:46:44 2016] <stelleg> thanks!
[Tue Mar 29 16:27:17 2016] <benzrf> isn't there some tactic that clears an equality and erases the variable on one side
[Tue Mar 29 16:27:19 2016] <benzrf> or something
[Tue Mar 29 18:50:27 2016] <benzrf> gah
[Tue Mar 29 18:50:42 2016] <benzrf> why do intros, induction, and inversion all start with 'in'
[Tue Mar 29 18:52:00 2016] <johnw> haha
[Tue Mar 29 18:52:17 2016] <benzrf> maybe i should just learn ssreflect already >w>
[Tue Mar 29 19:48:15 2016] <benzrf> can the descending argument of a fixpoint have a type that's dependent on a previous argument.
[Tue Mar 29 19:59:08 2016] <johnw> how would that be possible?
[Tue Mar 29 19:59:17 2016] <johnw> your argument would need to refer to the function you're defining
[Tue Mar 29 20:03:20 2016] <benzrf> johnw: huh?
[Tue Mar 29 20:04:18 2016] <johnw> show me the type you'd want to write
[Tue Mar 29 20:04:41 2016] <benzrf> actually let me just try writing something :v
[Tue Mar 29 20:08:40 2016] <benzrf> johnw: it works
[Tue Mar 29 20:08:44 2016] <johnw> kk
[Tue Mar 29 20:08:51 2016] <johnw> isn't that more satisfying than asking here? :)
[Tue Mar 29 20:08:56 2016] <benzrf> it took longer :(
[Tue Mar 29 20:08:58 2016] <benzrf> Fixpoint last (n : nat) (v : natvec n) : nat :=
[Tue Mar 29 20:09:03 2016] <johnw> but more rewarding
[Tue Mar 29 20:09:04 2016] <johnw> ahh
[Tue Mar 29 20:09:07 2016] <johnw> *that's* what you meant
[Tue Mar 29 20:20:08 2016] <benzrf> johnw: so can i do induction over, say, the 3rd parameter, while keeping the 1st and 2nd arguments generalized?
[Tue Mar 29 20:32:55 2016] <johnw> try it :)
[Tue Mar 29 20:44:41 2016] <benzrf> i dont know how
[Tue Mar 29 20:44:48 2016] <benzrf> induction introduces automatically i think
[Tue Mar 29 21:26:19 2016] <johnw> you have to intros, then generalize dependent on each of the others
[Tue Mar 29 21:31:30 2016] <benzrf> johnw: that de-assumption-ifies the thing i want to induct over tho
[Tue Mar 29 21:31:34 2016] <benzrf> since it dpeends
[Tue Mar 29 21:31:36 2016] <benzrf> *depends
[Tue Mar 29 21:36:27 2016] <johnw> well, of course
[Tue Mar 29 21:36:29 2016] <johnw> there is no way around that
[Tue Mar 29 21:36:34 2016] <johnw> other than to reorder your arguments
[Wed Mar 30 05:12:25 2016] <Ainieco> for some reason havin trouble poving multiplication assoc, sigh
[Wed Mar 30 06:01:30 2016] <Ainieco>  i did, wow
[Wed Mar 30 06:01:31 2016] <Ainieco> i did it(
[Wed Mar 30 06:01:36 2016] <Ainieco> i did it*
[Wed Mar 30 06:02:37 2016] <rrika> gj
[Wed Mar 30 06:04:02 2016] <Ainieco> rrika: thanks
[Wed Mar 30 06:50:36 2016] <Ainieco> how do you make foralls/arrows/etc unicode in proof general?
[Wed Mar 30 06:54:36 2016] <rrika> Ainieco, Menu "Proof-General" → "Quick Options" → "Display" → "Unicode Tokens"
[Wed Mar 30 06:55:51 2016] <Ainieco> rrika: thank you, for some reason it displays weird char on the end of each line, is this a known thing?
[Wed Mar 30 06:56:09 2016] <rrika> I don't see that
[Wed Mar 30 06:56:26 2016] <rrika> only when you turn it on, or always?
[Wed Mar 30 06:56:33 2016] <rrika> Can you make a screenshot?
[Wed Mar 30 06:57:03 2016] <Ainieco> rrika: only when i turn it on(proof-unicode-tokens-toggle)
[Wed Mar 30 06:57:11 2016] <Ainieco> rrika: sure, one sec
[Wed Mar 30 07:00:08 2016] <Ainieco> rrika: https://i.imgur.com/89cuTzG.png
[Wed Mar 30 07:01:11 2016] <rrika> I've never seen this symbol before
[Wed Mar 30 07:01:34 2016] <Ainieco> yeah, me too
[Wed Mar 30 11:40:02 2016] <stelleg> so I'm starting to have some issues with switching between Prop and Type/Set contexts, generally getting errors about not being able to do case analysis on sort Type (or Set) for inductive propositions, any general suggestions for how to avoid these?
[Wed Mar 30 11:41:56 2016] <stelleg> I've already invested fairly heavily in a few inductive propositions, and would rather not have to rewrite all of them to be of type Type, as some of them, e.g. `In` are in the prelude
[Wed Mar 30 11:47:09 2016] <johnw> hi stelleg
[Wed Mar 30 11:47:45 2016] <johnw> it's fairly easy to avoid Prop/Set collision, it's often a matter of separation at the right places
[Wed Mar 30 11:48:08 2016] <johnw> where exactly are you experiencing these issues?  While defining functions, or while defining types?
[Wed Mar 30 11:50:00 2016] <stelleg> johnw: for example, something like In a (domain xs) -> exists x, lookup a xs = x
[Wed Mar 30 11:50:19 2016] <stelleg> thats fine
[Wed Mar 30 11:50:22 2016] <johnw> defining that type, or that function?
[Wed Mar 30 11:50:59 2016] <stelleg> so I can write that as a lemma just fine, but if I want to use that lemma to define a total lookup function I'm not sure how to
[Wed Mar 30 11:51:11 2016] <stelleg> sorry that should be exists x, lookup a xs = Some x
[Wed Mar 30 11:51:35 2016] <johnw> right, you can only use a lemma of that type within another propositional context, where you are discharging a proof burden
[Wed Mar 30 11:51:46 2016] <stelleg> right
[Wed Mar 30 11:51:48 2016] <johnw> you cannot use it to determine what the "x" actually is in a computable context
[Wed Mar 30 11:52:01 2016] <johnw> however, you *could* do that by stating:
[Wed Mar 30 11:52:12 2016] <johnw> In a (domain xs) -> { x | lookup a xs = x }
[Wed Mar 30 11:52:17 2016] <johnw> such a function is usable in Set
[Wed Mar 30 11:52:37 2016] <stelleg> true, but I struggled to write that function for the same reason
[Wed Mar 30 11:53:07 2016] <johnw> that mean that while writing such a function, you attempt to derive your answer from a propositional value
[Wed Mar 30 11:53:37 2016] <stelleg> I'll take another swing at it
[Wed Mar 30 11:53:47 2016] <johnw> if you can show me that function, I can tell you why it failed exactly
[Wed Mar 30 11:54:18 2016] <stelleg> thanks, I'll take another look at it and post it shortly
[Wed Mar 30 12:02:43 2016] <stelleg> here's the basic issue: http://lpaste.net/157662
[Wed Mar 30 12:03:17 2016] <johnw> you write all your proofs on one line? :)
[Wed Mar 30 12:03:23 2016] <stelleg> sorry :(
[Wed Mar 30 12:03:36 2016] <johnw> hey, more power to you
[Wed Mar 30 12:03:38 2016] <johnw> i'd get lost
[Wed Mar 30 12:03:47 2016] <johnw> ah, right
[Wed Mar 30 12:04:05 2016] <stelleg> yeah I don
[Wed Mar 30 12:04:23 2016] <stelleg> 't get much from reading nicely indented proofs
[Wed Mar 30 12:04:38 2016] <stelleg> I think I'm not clever enough, I get much more stepping through the steps
[Wed Mar 30 12:04:50 2016] <stelleg> seeing how the goals change
[Wed Mar 30 12:06:36 2016] <stelleg> so that fails on destruct H, because In is a fixpoint proposition, which in the case of a cons simplifies to an Or, which we can't destruct in sort Type
[Wed Mar 30 12:06:47 2016] <stelleg> and I'm not sure how to get around that
[Wed Mar 30 12:06:53 2016] <johnw> trying no
[Wed Mar 30 12:06:53 2016] <johnw> w
[Wed Mar 30 12:13:57 2016] <johnw> stelleg: https://gist.github.com/8b8a705280a80dbcc6aadd845e0b6e6e
[Wed Mar 30 12:14:21 2016] <johnw> the idea here is to move the propositional work out into its own helper lemma
[Wed Mar 30 12:14:26 2016] <johnw> but maybe I can do it within still
[Wed Mar 30 12:15:04 2016] <stelleg> johnw: cool, thanks!
[Wed Mar 30 12:15:16 2016] <johnw> i've updated the gist
[Wed Mar 30 12:15:21 2016] <johnw> so
[Wed Mar 30 12:15:29 2016] <johnw> lines 13-17 are in a propositional context
[Wed Mar 30 12:15:38 2016] <johnw> line 4-12 are in a non-propositional context
[Wed Mar 30 12:16:02 2016] <johnw> "intuition" is destructing the \/ and automatically solving the right branch
[Wed Mar 30 12:16:11 2016] <johnw> but you should be able to destruct H there too
[Wed Mar 30 12:16:18 2016] <johnw> yes, indeed you can
[Wed Mar 30 12:16:34 2016] <johnw> so your only problem is that you were trying to destruct it *before* applying the induction hypothesis
[Wed Mar 30 12:16:46 2016] <johnw> when you can only destruct it *after*, to satisfy the hypothesis' antecedents
[Wed Mar 30 12:16:54 2016] <stelleg> ahhh
[Wed Mar 30 12:16:57 2016] <stelleg> that makes sense
[Wed Mar 30 12:17:13 2016] <stelleg> because then you're not in sort Type anymore
[Wed Mar 30 12:17:16 2016] <johnw> exactly
[Wed Mar 30 12:17:24 2016] <stelleg> great, thanks a lot johnw
[Wed Mar 30 12:17:27 2016] <johnw> when put in a position that you need to provide *evidence*, you're in Prop
[Wed Mar 30 12:17:41 2016] <johnw> when you're in a position that you need to provide *implementation* of a procedure, you're in Set/Type
[Wed Mar 30 12:18:04 2016] <stelleg> gotcha
[Wed Mar 30 12:18:13 2016] <stelleg> very helpful, thanks
[Wed Mar 30 12:18:26 2016] <johnw> as another example: if you ever find yourself caring what the proof term looks like (as in, how did it implement foo : option a?, by picking None?), you're clearly thinking in Set
[Wed Mar 30 12:18:39 2016] <johnw> but if you really don't care at all, and might even "abstract" it away to save memory, that's clearly in Prop
[Wed Mar 30 12:19:36 2016] <johnw> stelleg: since I use Coq for engineering, and not math, I deal with Prop vs. Set continually :)
[Wed Mar 30 12:19:44 2016] <johnw> it has a huge impact on the performance of extracted code
[Wed Mar 30 12:25:00 2016] <stelleg> johnw: yeah I bet
[Wed Mar 30 12:25:19 2016] <stelleg> also I didn't know about that destruct _ eqn:Heqe, that's really great
[Wed Mar 30 12:25:24 2016] <johnw> just the other day I had to change several uses of {P}+{~P} to just "bool", because it was extracting more information than I needed
[Wed Mar 30 12:25:48 2016] <stelleg> johnw: I actually did the exact same
[Wed Mar 30 12:25:52 2016] <johnw> yes, eqn:Heqe is useful when the value you're destructing yields no evidence of its own
[Wed Mar 30 12:26:19 2016] <johnw> destruct (b : bool) eqn:Heqe is the same as destruct (p : {b = true} + {b = false}))
[Wed Mar 30 12:27:25 2016] <stelleg> right, I've been going in a roundabout way by using destruct (eq_nat_dec n m), then beq_refl etc
[Wed Mar 30 12:27:32 2016] <stelleg> which is much slower
[Wed Mar 30 12:27:54 2016] <stelleg> where eq_nat_dec : {n = m} + {n <> m}
[Wed Mar 30 12:28:08 2016] <stelleg> so thanks agian
[Wed Mar 30 12:29:29 2016] <johnw> ahh, right
[Wed Mar 30 12:29:46 2016] <johnw> without eqn: you'd need to always use decidability lemmas that present you with the evidence
[Wed Mar 30 12:29:53 2016] <johnw> which is probably how it's implemented
[Wed Mar 30 13:12:00 2016] <johnw> learned a new tactic form today:
[Wed Mar 30 13:12:02 2016] <johnw> remember (origRep _) as L in * at 1.
[Wed Mar 30 13:12:13 2016] <johnw> the "in * at 1" is called a "goal occurrence"
[Wed Mar 30 16:29:10 2016] <johnw> if I have a term which satisfies the goal, how do I apply that term without "yet" satisfying the goal, because I want to rewrite the shape of the term before finally allowing it through
[Wed Mar 30 16:30:06 2016] <johnw> I have the term already defined, but I want to massage it before accepting it as the answer to my definition
[Wed Mar 30 16:30:44 2016] <johnw> I've tried pose, pose proof, set, evar, but none of them give me the exact control I'm looking for (or at least, I'm using them incorrectly if they should be)
[Wed Mar 30 16:33:22 2016] <Cypi> refine is the most control youn can have
[Wed Mar 30 16:33:36 2016] <Cypi> Would it be easy to give a more precise example?
[Wed Mar 30 16:33:48 2016] <johnw> actually, I found my answer!
[Wed Mar 30 16:33:53 2016] <Cypi> Ah, nice :)
[Wed Mar 30 16:33:54 2016] <johnw> funny how asking does that
[Wed Mar 30 16:33:57 2016] <johnw> here's the solution:
[Wed Mar 30 16:34:05 2016] <johnw>   let term := OLD_TERM in
[Wed Mar 30 16:34:21 2016] <johnw>   assert { term' : <typeOf term> & term = term' }.
[Wed Mar 30 16:34:35 2016] <johnw>   exact (projT1 H).
[Wed Mar 30 16:34:43 2016] <johnw> I'm hoping it retains my rewrites because I'm in Set.
[Wed Mar 30 16:36:22 2016] <johnw> yay, indeed it did
[Wed Mar 30 16:36:38 2016] <johnw> I'll just Ltac this now
[Wed Mar 30 16:39:56 2016] <johnw> Ltac adjust term :=
[Wed Mar 30 16:39:57 2016] <johnw>   let T := constr:term in
[Wed Mar 30 16:39:57 2016] <johnw>   assert { T' : _ & T = T'} as T'; [eexists| apply (projT1 T')].
[Wed Mar 30 16:40:01 2016] <johnw> that works nicely, should anyone else need to do this
[Wed Mar 30 16:40:36 2016] <johnw> the new goal becomes an equality of term with an existential, which you finish after rewriting with just "reflexivity"
[Wed Mar 30 16:57:33 2016] <rrika> is "<typeOf term>" coq syntax or did you literally type the type?
[Wed Mar 30 16:57:47 2016] <johnw> 8.5 has a way to determine the type, but I just literally typed the type
[Wed Mar 30 16:57:52 2016] <johnw> however, _ is sufficient
[Wed Mar 30 19:33:37 2016] <johnw> is there a way to prevent the extraction of certain terms, when recursively extracting?
[Thu Mar 31 12:05:02 2016] <stelleg> is there a way to generalize everything execept a term and what it's dependent on?
[Thu Mar 31 12:05:18 2016] <stelleg> like the opposite of generalize dependent
[Thu Mar 31 12:05:32 2016] <stelleg> would be useful for some induction cases
[Thu Mar 31 12:30:01 2016] <jrw> stelleg: something like this maybe? https://github.com/wilcoxjay/tactics/blob/master/JRWTactics.v#L316-L327
[Thu Mar 31 12:30:09 2016] <jrw> see also [prep_induction] below it
[Thu Mar 31 12:32:21 2016] <stelleg> jrw: awesome, I'll try that out. Thanks!
[Thu Mar 31 14:21:04 2016] <benzrf> the dimension of force is ML/TT
[Thu Mar 31 14:21:16 2016] <benzrf> more proof that type theory is what unites all things
[Thu Mar 31 14:21:18 2016] <benzrf> :]
[Fri Apr  1 05:18:39 2016] <jstolarek> I have a theorem in Nat namespace. When I want to apply it I say "apply Nat." and at that moment ProofGeneral complains that Nat is not a visible reference (because I typed in a dot).
[Fri Apr  1 05:18:46 2016] <jstolarek> is there a workaround?
[Fri Apr  1 12:31:24 2016] <stelleg> jrw: thanks for the pointer to your tactics, the prep_induction tactic has been great
[Fri Apr  1 12:33:52 2016] <stelleg> * feels increasing pressure to give in and learn Ltac
[Fri Apr  1 14:41:52 2016] <jrw> dash_: the way I would do that is to actually implement the function, and then prove the relation equivalent to the function.
[Fri Apr  1 14:42:05 2016] <jrw> is there some reason you can't implement it and need to appeal to an axiom?
[Fri Apr  1 15:44:29 2016] <stelleg> oh boy, this is a weird one: The term "H3" has type "In n (map (fst (B:=expr.tm)) x)" while it is expected to have type "In n (map (fst (B:=expr.tm)) x)".
[Fri Apr  1 15:44:50 2016] <stelleg> don't think there's even any Notation's in use there
[Fri Apr  1 15:46:47 2016] <stelleg> I think I recall there's a way to print types without any pretty printing, anyone recall that?
[Fri Apr  1 15:56:32 2016] <dash_> jrw: yeah the relation asserts the existence of something (shortest path to be precise) which would be too complicated to implement
[Fri Apr  1 15:56:54 2016] <jrw> stelleg: you want [Set Printing All.]
[Fri Apr  1 15:57:00 2016] <stelleg> jrw: thanks!
[Fri Apr  1 15:58:32 2016] <jrw> dash_: ah, makes sense. what did you mean above about not being able to instantiate the axiom?
[Fri Apr  1 16:00:32 2016] <dash_> jrw: i want to have a function delta : nat -> nat that allows me to formulate lemmas.. For example forall v, delta v <= some_approx v.
[Fri Apr  1 16:01:19 2016] <jrw> right
[Fri Apr  1 16:01:32 2016] <jrw> and the axiom gives you such a function, no?
[Fri Apr  1 16:02:23 2016] <dash_> right, it does, but with an existential quantification...
[Fri Apr  1 16:03:01 2016] <jrw> ah, okay. I guess I would just directly axiomitize the function itself then.
[Fri Apr  1 16:04:42 2016] <dash_> That's what i did (at least i guess...)
[Fri Apr  1 16:04:55 2016] <dash_> something like 'Variable delta_ok : forall v, delta_prop g v (delta v).'
[Fri Apr  1 16:06:05 2016] <dash_> but the downside is, that it is difficult to keep track what this all assumes...
[Sun Apr  3 16:15:02 2016] <ryanakca> How can I reason about about Equivalence over dependent types? In particular, suppose I have a "P : Type -> Type" and an "Equiv {U V} (A : P U) (B : P V) : Prop". Then I can have a proposition of type "forall U, Reflexive (P U) Equiv". However, I'm not sure how to get an analog for Symmetric: "forall U, Symmetric (P U) Equiv" limits me to a single U, while it's possible for x : P U and y : P V to be
[Sun Apr  3 16:15:08 2016] <ryanakca> equivalent under Equiv.
[Sun Apr  3 16:29:02 2016] <johnw> ryanakca: have you seen https://coq.inria.fr/library/Coq.Logic.EqdepFacts.html#?
[Sun Apr  3 16:31:25 2016] <ryanakca> johnw: Yes, I was trying to get that work last week for proof irrelevance with sigT and decided to abandon it and tweak some initial defitions to circumvent the issue. I don't quite understand it, but it seems to deal more with equality than equivalence.
[Sun Apr  3 16:33:18 2016] <johnw> that's true, it does
[Sun Apr  3 16:33:34 2016] <johnw> you'd need a different version of eq_dep
[Sun Apr  3 16:33:39 2016] <johnw> say, equiv_dep
[Sun Apr  3 16:33:43 2016] <johnw> to build it up on top of Equivalence
[Sun Apr  3 16:37:13 2016] <ryanakca> johnw: I see, so I'd build a theory similar to Equivalence, but using my analog of eq_dep instead?
[Sun Apr  3 16:37:41 2016] <johnw> I believe so
[Sun Apr  3 16:37:54 2016] <johnw> not everywhere in the coq stdlib do they offer both facilities
[Sun Apr  3 16:38:00 2016] <johnw> but sometimes they do, like f_equal and f_equiv
[Sun Apr  3 17:09:04 2016] <ryanakca> johnw: Thanks
[Mon Apr  4 03:29:16 2016] <jstolarek> I'm trying to write an Ltac procedure and I see that it is not possible to combine tactics using a dot. This makes me think that what I'm trying to do should not be done using Ltac
[Mon Apr  4 03:30:20 2016] <jstolarek> so I wonder if I should use Tactic Notation
[Mon Apr  4 03:30:24 2016] <jgross> jstolarek: Try using a semicolon. 
[Mon Apr  4 03:31:05 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/158352
[Mon Apr  4 03:31:23 2016] <jstolarek> jgross: yes, but semicolon is not always what I want or need
[Mon Apr  4 03:31:30 2016] <jstolarek> the above is my use case
[Mon Apr  4 03:33:07 2016] <jgross> jstolarek: try using "foo; [ bar | .. ]" 
[Mon Apr  4 03:35:42 2016] <jgross> How about repeat "do 30 try first [ reflexivity | progress simpl | rewrite plus_0_r | progress trivial | edestruct a_optimizer | match goal with | [ n : nat |- _ ] => destruct n end ]"? 
[Mon Apr  4 03:37:02 2016] <jstolarek> * needs to think about it for a longer time
[Mon Apr  4 03:37:17 2016] <jstolarek> what does "do 30 try ..." mean?
[Mon Apr  4 03:47:27 2016] <jstolarek> I am calling "destruct (a_optimizer aexpr) as [ n | a1' a2' | a1' a2' | a1' a2']" in an Ltac procedure
[Mon Apr  4 03:47:42 2016] <jstolarek> how do I ensure that the names generated by destruct are fresh?
[Mon Apr  4 03:48:02 2016] <jstolarek> I think I could use "fresh" for that but putting it in front of every variable name seems tedious
[Mon Apr  4 05:09:32 2016] <drninjabatman> hello, is there a way to pattern match a type argument in coq. (match T with Type -> Type => t | Type => f end.) ?
[Mon Apr  4 05:11:01 2016] <notdan> hm I don't think you can do that directly
[Mon Apr  4 05:11:09 2016] <notdan> maybe you can use reflection?
[Mon Apr  4 05:14:40 2016] <drninjabatman> * googling
[Mon Apr  4 05:21:42 2016] <jstolarek> I'm calling "destruct h" and that generates several goals for different forms of h
[Mon Apr  4 05:21:55 2016] <jstolarek> Say one form is "Foo a b" and another is "Bar c d"
[Mon Apr  4 05:22:17 2016] <jstolarek> I want to call an Ltac procedure on each such subexpression, ie:
[Mon Apr  4 05:22:32 2016] <jstolarek> my_ltac (Foo a b). my_ltac (Bar c d).
[Mon Apr  4 05:22:53 2016] <jstolarek> how can I do that without writing all subcases manually?
[Mon Apr  4 05:23:35 2016] <`rks> "destruct h; my_ltac." ?
[Mon Apr  4 05:30:08 2016] <jstolarek> `rks: nope, that does not seem to work
[Mon Apr  4 05:30:17 2016] <jstolarek> hm...
[Mon Apr  4 05:30:33 2016] <jstolarek> destruct generates for cases
[Mon Apr  4 05:30:35 2016] <drninjabatman> I am looking for some documentation on how the arrow (->) works on different contexts in coq, can someone help?
[Mon Apr  4 05:30:55 2016] <jstolarek> first one is a special case, which I do with a proof script, the remaining three are identical and dealt with by an Ltac procedure
[Mon Apr  4 05:31:27 2016] <`rks> jstolarek: yes, "; foo" works only if "foo" applies to each subgoal
[Mon Apr  4 05:31:46 2016] <`rks> have a look at the "solve" tactic jstolarek
[Mon Apr  4 05:32:57 2016] <jstolarek> ok
[Mon Apr  4 05:33:09 2016] <jstolarek> well, to be price
[Mon Apr  4 05:33:18 2016] <jstolarek> I do "destruct h; try my_ltac".
[Mon Apr  4 05:33:21 2016] <jstolarek> so that should works
[Mon Apr  4 05:33:26 2016] <jstolarek> s/works/work/
[Mon Apr  4 05:33:42 2016] <`rks> sure
[Mon Apr  4 05:33:49 2016] <jstolarek> oh, got it - I placed "try my_ltac" after incorrect destruct
[Mon Apr  4 05:36:24 2016] <jstolarek> no, for some reason doing "destruct h; my_ltac" does not work :-/
[Mon Apr  4 05:38:24 2016] <rrika> drninjabatman, do you want to match your own functions or existing ones?
[Mon Apr  4 05:39:30 2016] <drninjabatman> rrika: I want to make a function that given a type will find it's arity
[Mon Apr  4 05:39:45 2016] <drninjabatman> rrika: eg. arity (Type -> Type) = 2
[Mon Apr  4 05:39:55 2016] <drninjabatman> rrika: eg. arity (Type) = 1
[Mon Apr  4 05:40:14 2016] <jstolarek> `rks: perhaps an important piece of information is that in my case "Foo a b" and "Bar c d" are not the goals to be proved, but *part* of the goals (meaning, they are somewhere in a branch of a match)
[Mon Apr  4 05:41:27 2016] <`rks> best of luck :)
[Mon Apr  4 05:41:48 2016] <rrika> drninjabatman, I think it's not possible, but I'm not sure.
[Mon Apr  4 05:42:12 2016] <rrika> you can only match on inductive types afaik. (where you can handle every case)
[Mon Apr  4 05:42:18 2016] <`rks> jstolarek: "destruct h; my_ltac (Foo a b) || my_ltac (Bar c d)." perhaps?
[Mon Apr  4 05:42:35 2016] <rrika> but new types can always be created.
[Mon Apr  4 05:42:43 2016] <rrika> making your match not handle one case
[Mon Apr  4 05:42:58 2016] <drninjabatman> rrika: can I at least prove that a function has equal arity to another function?
[Mon Apr  4 05:44:56 2016] <rrika> you can specify something has at least 1,2,3,… arguments
[Mon Apr  4 05:45:03 2016] <rrika> {A B C} (f: A→B→C)
[Mon Apr  4 05:45:35 2016] <rrika> ^ saying you know nothing about the argument types but 'f' takes at least two arguments
[Mon Apr  4 05:46:19 2016] <rrika> drninjabatman, in what context do you need it?
[Mon Apr  4 05:47:29 2016] <drninjabatman> rrika: I am trying to prove that ((.).(.) ... n times ... (.).(.)) f g = \a1, .. ,aN -> f( g a1 ... aN)
[Mon Apr  4 05:47:57 2016] <notdan> Another problem might be that Type_i and Type_i -> Type_i could be in different universes.
[Mon Apr  4 05:48:01 2016] <notdan> but again, i am not sure
[Mon Apr  4 05:48:37 2016] <drninjabatman> I should probably redefine (A -> B)
[Mon Apr  4 05:54:30 2016] <drninjabatman> how would one go about defining a list of types? The end goal would be to define a type that would represent function signatures as lists of types so I can reason about the arity
[Mon Apr  4 05:57:02 2016] <Cypi> I don't know if it helps, but you could define "Fixpoint arity (n : nat) : Type := match n with O => Type | S n => Type -> arity n end." so that elements of the types "arity n" are functions of arity (at least) n
[Mon Apr  4 05:57:30 2016] <Cypi> (you will probably have some universes problems if "arity" is not defined as being universe-polymorphic)
[Mon Apr  4 06:00:22 2016] <drninjabatman> Cypi: that was my initial approach. Indeed I couldn't make it work due to universe problems...
[Mon Apr  4 06:01:05 2016] <drninjabatman> Cypi: I don't know what universe-polymorphic means and how to take advantage of it
[Mon Apr  4 06:01:29 2016] <drninjabatman> (found a paper about it)
[Mon Apr  4 07:07:04 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/158424
[Mon Apr  4 07:07:09 2016] <jstolarek> halp!
[Mon Apr  4 07:07:23 2016] <jstolarek> I'm doing some silly mistake
[Mon Apr  4 07:07:42 2016] <jstolarek> prove_aminus is my Ltac procedure
[Mon Apr  4 07:08:08 2016] <jstolarek> I can't see why the secnd version fails :-/
[Mon Apr  4 07:21:23 2016] <Cypi> jstolarek : maybe "prove_aminus" does some work that is not being reverted because the tactic succeeds, even though it does not solve the goal?
[Mon Apr  4 07:21:42 2016] <Cypi> You could try with "try solve [prove_aminus a2]" instead of just "try ..."
[Mon Apr  4 07:26:48 2016] <jstolarek> ok
[Mon Apr  4 17:51:45 2016] <GLM> Would anyone have good resources for an intro to formal methods (model checking in particular)?
[Mon Apr  4 18:08:08 2016] <johnw> GLM: part of Software Foundations covers that
[Tue Apr  5 03:46:50 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/158600
[Tue Apr  5 03:47:55 2016] <jstolarek> can someone tell me why this ^^^ code does not work ?
[Tue Apr  5 08:14:22 2016] <drninjabatman> hello, how would existentially quantify a list on n elements?
[Tue Apr  5 08:15:38 2016] <jstolarek> is that a valid Ltac construct: match goal with | [ N : nat |- _ ] => destruct N; ....
[Tue Apr  5 08:16:25 2016] <jstolarek> meaning: is it possible to match on a nat type and will N bind hypothesis name even if the actual name is different in the environment?
[Tue Apr  5 08:39:07 2016] <drninjabatman> thanks jstolarek
[Tue Apr  5 09:00:28 2016] <jun> jstolarek: yes
[Tue Apr  5 09:01:04 2016] <jun> but it's probably not solid
[Tue Apr  5 09:03:31 2016] <jun> you may be interested in http://adam.chlipala.net/cpdt/html/Match.html
[Tue Apr  5 09:05:44 2016] <jstolarek> jun: yup, I've read CPDT :-) Ltac looks simple on paper but practice turns out to be surprisingly difficult
[Wed Apr  6 07:46:18 2016] <jstolarek> is there a way to see output of idtac inside ProofGeneral?
[Wed Apr  6 09:15:43 2016] <jstolarek> how do I gain access to Integers?
[Wed Apr  6 09:16:06 2016] <jstolarek> Coq'Art mentions Z_scope and %Z suffix but that does not seem to work
[Wed Apr  6 09:21:00 2016] <jstolarek> to be more specific
[Wed Apr  6 09:21:24 2016] <jstolarek> I want to run do tactical a numbver of times specified by the argument to an Ltac procedure
[Wed Apr  6 09:21:28 2016] <jstolarek> so for example
[Wed Apr  6 09:21:44 2016] <jstolarek> Ltac foo n := do n idtac
[Wed Apr  6 09:22:00 2016] <jstolarek> and then use "foo 2"
[Wed Apr  6 09:22:17 2016] <jstolarek> but that does not work and produces following error message:
[Wed Apr  6 09:22:32 2016] <jstolarek> Ltac variable n is bound to a term which cannot be coerced to an integer
[Wed Apr  6 14:31:06 2016] <za> Hello!
[Wed Apr  6 14:31:25 2016] <za> I have a short question about Reals from Coq standard library.
[Wed Apr  6 14:31:31 2016] <za> There is an axiom
[Wed Apr  6 14:31:34 2016] <za> Axiom total_order_T : forall r1 r2:R, {r1 < r2} + {r1 = r2} + {r1 > r2}.
[Wed Apr  6 14:32:12 2016] <za> Why is it a sumbool? Simple disjunctions are enough for all possible needs, in my opinion.
[Wed Apr  6 14:32:49 2016] <johnw> hi za
[Wed Apr  6 14:33:06 2016] <johnw> za: by simple disjunction you mean \/?
[Wed Apr  6 14:33:16 2016] <za> That is, Axiom total_order: ∀ r1 r2, r1 < r2 ∨ r1 = r2 ∨ r2 < r1.
[Wed Apr  6 14:33:19 2016] <za> Yes.
[Wed Apr  6 14:33:26 2016] <johnw> that would only be usable in proofs
[Wed Apr  6 14:33:31 2016] <johnw> not Set computations
[Wed Apr  6 14:33:50 2016] <za> Hmm... How can I compute with reals?
[Wed Apr  6 14:33:58 2016] <johnw> you can extract them to a similar type
[Wed Apr  6 14:34:17 2016] <johnw> you could, for example, state that reals are Double in Haskell, and that < maps to <, etc.
[Wed Apr  6 14:34:23 2016] <za> Ah... Now I got it.
[Wed Apr  6 14:34:29 2016] <johnw> of course, it would be wrong in the edge cases, but it would work for most code
[Wed Apr  6 14:34:58 2016] <johnw> I did this just recently, but then I switched to rationals
[Wed Apr  6 14:35:14 2016] <za> Still feels a bit wrong but I can get a motivation now. :)
[Wed Apr  6 14:35:22 2016] <johnw> yeah, it IS a bit wrong :)
[Wed Apr  6 14:35:22 2016] <za> Thank you!
[Wed Apr  6 14:35:26 2016] <johnw> sure thing
[Wed Apr  6 16:55:16 2016] <Onemorenickname> Le français est ok ?
[Wed Apr  6 17:27:19 2016] <johnw> it's OK, but many of us do not speak it
[Wed Apr  6 17:27:32 2016] <johnw> (but I know that several do)
[Wed Apr  6 17:28:01 2016] <johnw> c'est bien... mais je ne parle pas Français
[Thu Apr  7 12:10:06 2016] <EvanR> johnw: so... coq or agda
[Thu Apr  7 12:10:13 2016] <johnw> EvanR: hi!
[Thu Apr  7 12:10:42 2016] <johnw> I would say that agda is better at just writing dependently-typed programs, and that Coq is better at working on proofs
[Thu Apr  7 12:10:50 2016] <johnw> however, either can do both
[Thu Apr  7 12:10:58 2016] <johnw> and if you develop the skill, you can get just as good in either one
[Thu Apr  7 12:11:06 2016] <johnw> so partly it's a matter of preference
[Thu Apr  7 12:11:20 2016] <johnw> in Agda, you build proof terms manually.  You _can_ do that in Coq too, but the tactics are usually easier.
[Thu Apr  7 12:11:32 2016] <EvanR> so agda doesn't have the tactics workflow
[Thu Apr  7 12:11:46 2016] <johnw> not yet, although I've heard it's gaining a bit of it
[Thu Apr  7 12:11:57 2016] <johnw> also, Agda has the equational reasoning module
[Thu Apr  7 12:12:05 2016] <johnw> which Coq also does, in the form of a plugin :)
[Thu Apr  7 12:12:11 2016] <johnw> lots of cross-pollination
[Thu Apr  7 12:12:19 2016] <EvanR> equational reasoning module?
[Thu Apr  7 12:12:21 2016] <johnw> Agda seems to be more focused on type theoretical research
[Thu Apr  7 12:12:30 2016] <johnw> and Coq on proof and the soundness of its meta-theory
[Thu Apr  7 12:13:16 2016] <johnw> EvanR: foswiki.cs.uu.nl/foswiki/pub/DTP/PresentationSlides/eqreasoning.pdf
[Thu Apr  7 12:14:30 2016] <EvanR> i don't seem to know a lot of these symbols
[Thu Apr  7 12:14:37 2016] <EvanR> ≡
[Thu Apr  7 12:14:54 2016] <johnw> usually that means "definitionally equal"
[Thu Apr  7 12:15:08 2016] <johnw> "i don't seem to know a lot of these symbols" <-- my experience learning Agda ;)
[Thu Apr  7 12:15:28 2016] <EvanR> is that different from propositional equality
[Thu Apr  7 12:15:56 2016] <johnw> yes
[Thu Apr  7 12:16:07 2016] <johnw> propositionally equal terms just have to have the same type
[Thu Apr  7 12:16:13 2016] <johnw> they needn't have the same definition at all
[Thu Apr  7 12:16:24 2016] <johnw> at least, that's in Coq
[Thu Apr  7 12:16:34 2016] <EvanR> n + 0 ≡ n
[Thu Apr  7 12:16:51 2016] <johnw> ah, I see
[Thu Apr  7 12:16:58 2016] <EvanR> and there is a proof
[Thu Apr  7 12:17:01 2016] <johnw> you may want to ask this in #agda
[Thu Apr  7 12:17:12 2016] <EvanR> * bouncing around like pinball
[Thu Apr  7 12:18:19 2016] <johnw> n + 0 and n are provably equal.  but I'm not sure that means you can't recover information from the difference between ((n + 0) + 0) + 0 and n + 0
[Thu Apr  7 12:18:37 2016] <johnw> although, that may not relate to propositional equality
[Thu Apr  7 12:18:43 2016] <johnw> when I hear that type, I think "equal in Prop"
[Thu Apr  7 12:19:23 2016] <EvanR> what does equal in equal in Prop mean
[Thu Apr  7 12:19:59 2016] <johnw> actually, without additional axioms, I guess it means the same thing, now that I think about it
[Thu Apr  7 12:20:26 2016] <EvanR> creating new "definitional equalities" out of actual definitions seems weird
[Thu Apr  7 12:20:43 2016] <EvanR> wouldnt that lead to everything that is ever equal being definitionally equal
[Thu Apr  7 12:21:09 2016] <johnw> I know that 0 + n = n is a definitional equality, by the definition of plus
[Thu Apr  7 12:21:15 2016] <EvanR> right
[Thu Apr  7 12:21:19 2016] <johnw> essentially, if "just unfolding" brings you to an equality
[Thu Apr  7 12:21:26 2016] <johnw> but n + 0 = n requires induction to prove
[Thu Apr  7 12:21:34 2016] <johnw> so I don't think it is a definitional equality
[Thu Apr  7 12:21:51 2016] <EvanR> so maybe theres some slop going on ;)
[Thu Apr  7 12:22:01 2016] <johnw> slop in terminology?
[Thu Apr  7 12:22:11 2016] <EvanR> i guess choosing the symbols
[Thu Apr  7 12:22:39 2016] <johnw> ah
[Thu Apr  7 12:23:01 2016] <EvanR> this is a huge side track... so I guess I start on the software foundations book
[Thu Apr  7 12:23:07 2016] <johnw> it's quite fun
[Thu Apr  7 12:23:15 2016] <johnw> and the knowledge/techniques are transferrable to Agda
[Thu Apr  7 12:23:19 2016] <EvanR> do I need emacs or an IDE
[Thu Apr  7 12:23:38 2016] <johnw> there is coqide, and there is using Proof General in Emacs
[Thu Apr  7 12:23:42 2016] <johnw> you'll need one of them
[Thu Apr  7 12:52:07 2016] <zb> Dropping this proof here.
[Thu Apr  7 12:52:19 2016] <zb> test
[Thu Apr  7 12:53:06 2016] <zb> first row second row
[Thu Apr  7 12:53:15 2016] <zb> okay, no newlines
[Thu Apr  7 12:53:41 2016] <rrika> zb if you want to paste longer text use a service like gist.github.com
[Thu Apr  7 12:55:01 2016] <zb> https://gist.github.com/anonymous/cf7699c80474645b69823a31e67a9dc8
[Thu Apr  7 12:55:18 2016] <zb> Thank you
[Thu Apr  7 13:33:40 2016] <tbelaire> How do you fix:  Not the right number of induction arguments. when defining your own induction schemes?
[Thu Apr  7 13:34:55 2016] <tbelaire> I'm not sure how to poke it to fix that.
[Thu Apr  7 13:38:25 2016] <tbelaire> I did read: http://adam.chlipala.net/cpdt/html/InductiveTypes.html
[Thu Apr  7 13:39:19 2016] <tbelaire> which is the only place I've even *seen* "induction _ using _" at all
[Thu Apr  7 13:39:38 2016] <tbelaire> but I have a slightly different thing and it's not working
[Thu Apr  7 13:39:57 2016] <tbelaire> and I'm not sure if it just need an extra argument or if it's fundamentally doomed
[Thu Apr  7 13:42:26 2016] <johnw> hi
[Thu Apr  7 13:42:31 2016] <johnw> tbelaire: can you show me your induction scheme?
[Thu Apr  7 13:44:15 2016] <tbelaire> https://gist.github.com/d4818e22da5dd0139d89ed479c73872a
[Thu Apr  7 13:44:37 2016] <tbelaire> What's going on is that there was two separate types
[Thu Apr  7 13:45:04 2016] <tbelaire> but they could be unified by passing an "envmode" parameter
[Thu Apr  7 13:45:43 2016] <tbelaire> Before, wf_stack and wf_store were two separate inductive types
[Thu Apr  7 13:45:54 2016] <tbelaire> and the type of wf_stack_ind is unchanged
[Thu Apr  7 13:46:14 2016] <tbelaire> from when wf_stack was inductively defined vs a specialization of wf
[Thu Apr  7 13:46:47 2016] <tbelaire> and if I have a proof that does "induction Wf" for some wf_stack term, I would like to be able to say
[Thu Apr  7 13:46:56 2016] <tbelaire> induction Wf using wf_stack_ind.
[Thu Apr  7 13:47:05 2016] <tbelaire> and not need to change the proof much
[Thu Apr  7 13:47:16 2016] <tbelaire> since it's actually the same theorem as before being applied
[Thu Apr  7 13:47:38 2016] <tbelaire> (if I was using `apply` instead of `induction`, there would be no change at all)
[Thu Apr  7 14:03:42 2016] <johnw> back
[Thu Apr  7 14:03:57 2016] <johnw> and how are you trying to use it?
[Thu Apr  7 14:04:31 2016] <johnw> also, maybe try making some of those arguments implicit
[Thu Apr  7 14:38:01 2016] <tbelaire> I updated the gist
[Thu Apr  7 14:38:26 2016] <tbelaire> before the unifications, the `refine` was just `induction`
[Thu Apr  7 14:38:36 2016] <tbelaire> Sorry I don't have a minimal example
[Thu Apr  7 14:38:43 2016] <johnw> so, in this line: forall (c : ctx) (s : sigma) (s0 : stack), wf env_stack c s s0 -> P c s s0.
[Thu Apr  7 14:38:48 2016] <johnw> what if you had:
[Thu Apr  7 14:38:49 2016] <tbelaire> How would making the arguments implicit help?
[Thu Apr  7 14:38:56 2016] <johnw> forall {c : ctx} {s : sigma} {s0 : stack}, wf env_stack c s s0 -> P c s s0.
[Thu Apr  7 14:39:03 2016] <johnw> well, I think the induction tactic is expected you to give those arguments
[Thu Apr  7 14:39:08 2016] <johnw> as in: induction x using (foo a b c)
[Thu Apr  7 14:39:13 2016] <johnw> expecting*
[Thu Apr  7 14:39:17 2016] <tbelaire> okay
[Thu Apr  7 14:39:23 2016] <johnw> just a guess
[Thu Apr  7 14:58:50 2016] <tbelaire> What does Error: in _: Cannot recognize an induction scheme. mean
[Thu Apr  7 14:59:09 2016] <tbelaire> Do I have to register my theorem using Scheme somehow
[Thu Apr  7 14:59:11 2016] <tbelaire> ?
[Thu Apr  7 15:13:12 2016] <johnw> I wouldn't have thought so
[Thu Apr  7 15:13:16 2016] <johnw> but at this point, you may want to ask Coq-club
[Thu Apr  7 15:14:20 2016] <tbelaire> ?
[Thu Apr  7 15:14:26 2016] <johnw> I don't know the answer
[Thu Apr  7 15:14:27 2016] <tbelaire> What's that?
[Thu Apr  7 15:14:32 2016] <johnw> the Coq mailing list
[Thu Apr  7 15:14:35 2016] <tbelaire> Ah, okay
[Fri Apr  8 14:03:04 2016] <tbelaire> What's the story with Hints inside modules?
[Fri Apr  8 14:03:13 2016] <tbelaire> Do they go away afterwards like in sections?
[Fri Apr  8 14:13:39 2016] <johnw> not sure, you might just need to test that
[Fri Apr  8 14:16:24 2016] <tbelaire> ah, good idea
[Sat Apr  9 16:27:30 2016] <zc_> Hello!
[Sat Apr  9 16:27:45 2016] <johnw> hello!
[Sat Apr  9 16:28:07 2016] <zc_> If I have proof, for example: apply xyz; [auto
[Sat Apr  9 16:28:11 2016] <zc_> sorry
[Sat Apr  9 16:29:45 2016] <zc_> So, I have joined many proof steps into one proof step. Like this: apply xyz; [auto | apply mult_comm; auto].
[Sat Apr  9 16:30:07 2016] <johnw> ok
[Sat Apr  9 16:30:26 2016] <johnw> Btw, that is equivalent to: apply xyz; [| apply mult_comm]; auto.
[Sat Apr  9 16:30:26 2016] <zc_> But, for example, I want to show all steps one by one, ... is it possible without rewriting the proof.
[Sat Apr  9 16:30:27 2016] <zc_> ?
[Sat Apr  9 16:30:40 2016] <johnw> no, you cannot step through proofs once you start using ";"
[Sat Apr  9 16:31:03 2016] <zc_> Oh, okay.
[Sat Apr  9 16:33:26 2016] <zc_> Thank you!
[Sat Apr  9 16:39:47 2016] <sanooj> just rewrite the proof. it'll cost you nothing and help everyone.
[Sat Apr  9 16:40:04 2016] <sanooj> well, it'll cost you that code-golfing satisfaction.
[Sat Apr  9 16:44:59 2016] <johnw> another way to write it is this:
[Sat Apr  9 16:45:02 2016] <johnw> apply xyz; auto.
[Sat Apr  9 16:45:05 2016] <johnw> apply mult_comm; auto.
[Sat Apr  9 16:45:11 2016] <johnw> that gives you both simplicitly, and steppability
[Sat Apr  9 16:45:21 2016] <johnw> and I'm guessing you only need "trivial", not full "auto"
[Sun Apr 10 20:04:27 2016] <titanium17> Hi guys. In Coq, how do I define an equality type? For example, if I have a type Bool with constructors true and false, and I want to define bool_equal, I want to say bool_equal b b. How do I write this down in coq?
[Sun Apr 10 20:04:32 2016] <titanium17> Im sorry if this is really basic
[Sun Apr 10 20:11:20 2016] <jrw> titanium17: do you want to write it yourself or have coq generate it for you?
[Sun Apr 10 20:12:05 2016] <titanium17> I want to write it myself
[Sun Apr 10 20:12:50 2016] <titanium17> something like Inductive bool_equals : Type := | eq : (forall b : bool), bool_equals b b.
[Sun Apr 10 20:13:08 2016] <titanium17> I want to know the proper syntax for this
[Sun Apr 10 20:29:10 2016] <titanium17> anyone here?
[Sun Apr 10 20:56:32 2016] <jun> Inductive bool_equals : bool -> bool -> Type := ... should work
[Sun Apr 10 20:56:54 2016] <titanium17> jun,  thanks, just figured that out!
[Mon Apr 11 07:55:56 2016] <bernalex> starting out with the tutorial, the very first thing actually fails for me. https://coq.inria.fr/tutorial/1-basic-predicate-calculus
[Mon Apr 11 07:56:23 2016] <bernalex> oh. no it doesn't. it actually says O no 0. so yeah. OK...
[Mon Apr 11 07:56:55 2016] <bernalex> maybe put the warning pre-use. and maybe use a font in the warning that distinguishes 0 from O, heh.
[Mon Apr 11 11:19:16 2016] <tbelaire> Is there a way to sort my givens?
[Mon Apr 11 11:19:34 2016] <tbelaire> Even alphabetically would work
[Mon Apr 11 11:19:49 2016] <tbelaire> or by outermost constructor name
[Mon Apr 11 13:16:46 2016] <tbelaire> Whoa, I'm getting something weird
[Mon Apr 11 13:16:48 2016] <tbelaire> https://github.com/tbelaire/FJ-Formalization/blob/wip/FJ_Definitions.v#L1326
[Mon Apr 11 13:16:57 2016] <tbelaire> When I do an induction
[Mon Apr 11 13:17:25 2016] <tbelaire> some instances of C are replaced with t1, and some are replaced with C0, and C0 := C is added to my givens
[Mon Apr 11 13:17:43 2016] <tbelaire> but I don't get that t1 = C0, or t1 = C anywhere
[Mon Apr 11 13:17:49 2016] <tbelaire> and it breaks my proof
[Mon Apr 11 13:17:56 2016] <tbelaire> anyone know what can cause that?
[Mon Apr 11 13:18:28 2016] <tbelaire> I am sorry I can't make a minimal example, but it goes away with less complex proofs for some reason
[Mon Apr 11 13:29:41 2016] <tbelaire> I have a workaround by manually applying the induction principle with refine, but that's *ugly*
[Mon Apr 11 13:40:33 2016] <tbelaire> ok, I think I know why
[Mon Apr 11 13:41:26 2016] <tbelaire> ssub__ind takes in a CT, but in this case, that is (C, (F, fs2, ms2)) :: CT, and that means that C isn't entirely eliminated from scope inside the induction
[Mon Apr 11 13:41:30 2016] <tbelaire> gah
[Mon Apr 11 13:42:21 2016] <rrika> tbelaire, where is your CpdtTactics from?
[Mon Apr 11 13:42:43 2016] <rrika> oh, you found your answer
[Mon Apr 11 13:42:46 2016] <tbelaire> well
[Mon Apr 11 13:42:52 2016] <tbelaire> I found the problem
[Mon Apr 11 13:42:58 2016] <tbelaire> I haven't found an answer
[Mon Apr 11 13:43:11 2016] <tbelaire> other than maybe trying to prove a more general induction principle???
[Mon Apr 11 13:43:19 2016] <rrika> this file is longer than anything I've read before
[Mon Apr 11 13:44:00 2016] <tbelaire> pushed the ctptTactics
[Mon Apr 11 13:44:08 2016] <tbelaire> yeah, it keeps growing
[Mon Apr 11 13:44:26 2016] <tbelaire> as I have to prove obvious but not trivial things
[Mon Apr 11 13:45:03 2016] <tbelaire> like if A is a subclass of B with classtable CT, then if I add some C to the classtable that isn't A or B, then A is still a subclass of B
[Mon Apr 11 13:45:12 2016] <tbelaire> which is what I'm working on now
[Mon Apr 11 13:45:37 2016] <tbelaire> intuitively it's quite obvious
[Mon Apr 11 13:45:43 2016] <tbelaire> but it's so hard to proooooooove
[Mon Apr 11 13:46:57 2016] <rrika> what fs and ms?
[Mon Apr 11 13:47:03 2016] <tbelaire> fields and methods
[Mon Apr 11 13:47:08 2016] <rrika> oh
[Mon Apr 11 13:47:09 2016] <tbelaire> don't care about them at all right now
[Mon Apr 11 13:47:19 2016] <tbelaire> can treat them as opaque
[Mon Apr 11 13:47:53 2016] <tbelaire> So if you check sub__ind
[Mon Apr 11 13:47:55 2016] <tbelaire> ssub__ind
[Mon Apr 11 13:47:57 2016] <tbelaire>      : forall (CT : ctable) (P : typ -> typ -> Prop),
[Mon Apr 11 13:47:59 2016] <tbelaire>        (forall t1 t2 t3 : typ,
[Mon Apr 11 13:48:01 2016] <tbelaire>         ssub_ CT t1 t2 -> P t1 t2 -> ssub_ CT t2 t3 -> P t2 t3 -> P t1 t3) ->
[Mon Apr 11 13:48:03 2016] <tbelaire>        (forall t1 t2 : cname, extends_ CT t1 t2 -> P t1 t2) ->
[Mon Apr 11 13:48:05 2016] <tbelaire>        forall t t0 : typ, ssub_ CT t t0 -> P t t0
[Mon Apr 11 13:48:40 2016] <tbelaire> The problem is when t is part of CT
[Mon Apr 11 13:49:07 2016] <tbelaire> which is scoped outside of the t
[Mon Apr 11 13:52:28 2016] <tbelaire> aaaah
[Mon Apr 11 13:52:33 2016] <tbelaire> so
[Mon Apr 11 13:52:37 2016] <tbelaire> ahhh
[Mon Apr 11 13:53:30 2016] <tbelaire> I guess I need to push around the order of arguments in the definition of ssub_
[Mon Apr 11 13:54:23 2016] <tbelaire> does that ruin everything?
[Mon Apr 11 13:54:55 2016] <rrika> I have no clue, I have to read more, later.
[Mon Apr 11 13:55:06 2016] <tbelaire> cya
[Mon Apr 11 13:59:33 2016] <tbelaire> yes
[Mon Apr 11 13:59:43 2016] <tbelaire> everything does break a little
[Mon Apr 11 13:59:59 2016] <tbelaire> induction generalizes over the CT expression now
[Mon Apr 11 14:00:04 2016] <tbelaire> eating my information away
[Mon Apr 11 14:03:30 2016] <johnw> pacman induction
[Mon Apr 11 17:10:28 2016] <Nik05> hello, got some time again to check out coq
[Mon Apr 11 17:13:16 2016] <benzrf> cool
[Mon Apr 11 17:14:19 2016] <Nik05> hello benzrf
[Mon Apr 11 17:18:58 2016] <johnw> Nik05: nice, welcome back
[Mon Apr 11 17:19:08 2016] <Nik05> hey johnw :)
[Tue Apr 12 06:05:12 2016] <zd_> Hello!
[Tue Apr 12 06:05:50 2016] <zd_> Why is it so difficult (for beginner) to prove, for example, that two proofs of  le x y  are equal?
[Tue Apr 12 06:09:00 2016] <Cypi> because it probably is not provable in general
[Tue Apr 12 06:10:26 2016] <zd_> Yes, that I know. But in this case and similar ones there is only one way how to construct a proof, as I understand.
[Tue Apr 12 06:14:49 2016] <zd_> Anyway, looking now at the existing proof of proof irrelevance for le with hopes to learn general way of proving such things.
[Tue Apr 12 12:08:53 2016] <jstolarek> does anyone now how to install Coq documentation so that company-coq mode for Emacs sees it?
[Tue Apr 12 12:49:24 2016] <tbelaire> is there a way to specify a Scheme directly instead of having coq generate it?
[Tue Apr 12 12:49:59 2016] <Cypi> You mean like nat_ind and such?
[Tue Apr 12 12:51:19 2016] <johnw> you generate a scheme from a function
[Tue Apr 12 12:51:23 2016] <johnw> you can write the scheme directly
[Tue Apr 12 12:52:23 2016] <tbelaire> yeah
[Tue Apr 12 12:52:30 2016] <tbelaire> so I've created a schemem using Lemma
[Tue Apr 12 12:52:34 2016] <tbelaire> rather than function
[Tue Apr 12 12:52:39 2016] <tbelaire> is that a problem?
[Tue Apr 12 12:52:42 2016] <johnw> no
[Tue Apr 12 12:52:57 2016] <tbelaire> okay, let me try something
[Tue Apr 12 12:56:01 2016] <tbelaire> wait, how
[Tue Apr 12 12:56:12 2016] <tbelaire> The Functional Scheme command is a high-level experimental tool for generating automatically induction principles corresponding to (possibly mutually recursive) functions. Its syntax follows the schema:
[Tue Apr 12 12:56:25 2016] <tbelaire> I don't want to generate induction principles
[Tue Apr 12 12:56:29 2016] <tbelaire> I have an induction princible
[Tue Apr 12 12:56:45 2016] <johnw> if you have function of the correct type, it can serve as an induction principle
[Tue Apr 12 12:56:53 2016] <tbelaire> I just want to have it registered so `induction foo using bar`
[Tue Apr 12 12:56:57 2016] <johnw> right
[Tue Apr 12 12:57:03 2016] <johnw> that only requires "bar" to have the right type
[Tue Apr 12 12:58:04 2016] <johnw> for example, see http://www.cs.cornell.edu/~clarkson/courses/sjtu/2014su/terse/MoreInd.html
[Tue Apr 12 12:58:15 2016] <tbelaire> okay
[Tue Apr 12 12:59:14 2016] <tbelaire> huh
[Tue Apr 12 12:59:45 2016] <tbelaire> it does work in this case
[Tue Apr 12 12:59:53 2016] <tbelaire> could have sworn it was failing
[Tue Apr 12 13:00:38 2016] <tbelaire> I have seen a bunch of: cannot identify induction scheme errors before
[Tue Apr 12 13:00:42 2016] <tbelaire> with my other one
[Tue Apr 12 13:02:48 2016] <tbelaire> what is the way "correct type" is defined?
[Tue Apr 12 13:10:02 2016] <Cypi> https://github.com/coq/coq/blob/trunk/tactics/tactics.ml#L3162
[Tue Apr 12 13:10:08 2016] <Cypi> I'm assuming that this is the definition
[Tue Apr 12 13:19:13 2016] <tbelaire> cool
[Tue Apr 12 13:22:39 2016] <tbelaire> AH
[Tue Apr 12 13:22:45 2016] <tbelaire> I wish I saw that a month ago
[Tue Apr 12 13:22:56 2016] <tbelaire> I think I can get everything working if I re-order parameters
[Tue Apr 12 13:23:02 2016] <Cypi> Is it that enlightening?
[Tue Apr 12 13:23:04 2016] <Cypi> Ah, good :)
[Tue Apr 12 13:23:13 2016] <tbelaire> This should be in the main documentation
[Tue Apr 12 13:23:15 2016] <tbelaire> aaaahhhh
[Tue Apr 12 13:23:33 2016] <tbelaire> so much time spend with `refine (foo_ind ...).`
[Tue Apr 12 13:27:48 2016] <tbelaire> hmm
[Tue Apr 12 13:28:11 2016] <tbelaire> lets see how I need to put things for my ClassTable_ind to work...
[Tue Apr 12 13:30:33 2016] <tbelaire> I wish there was more examples for what I'm trying to do
[Tue Apr 12 13:31:29 2016] <tbelaire> which is hide the actual representation of my datastructure away, and expose a more convenient induction scheme that can do everything
[Tue Apr 12 14:03:15 2016] <johnw> (on phone, will be back)
[Tue Apr 12 14:41:20 2016] <johnw> tbelaire: hi, I'm back
[Tue Apr 12 14:41:42 2016] <johnw> tbelaire: so, *actual* hiding is currently impossible, unless you use module functors
[Tue Apr 12 14:41:52 2016] <tbelaire> the hiding isn't super important
[Tue Apr 12 14:41:59 2016] <tbelaire> I just want a nicer interface
[Tue Apr 12 14:42:08 2016] <johnw> so you're just wanting to create recursors as an alternative to pattern matching?
[Tue Apr 12 14:42:10 2016] <tbelaire> ah, I'm just trying to add in some extra error information to be printed and recompiling coq
[Tue Apr 12 14:42:50 2016] <johnw> oh wow, that's gangster
[Tue Apr 12 14:42:54 2016] <tbelaire> not even that, since the ClassTable I'm wrapping is just a list, I just want to induct on chains of subclassing
[Tue Apr 12 14:43:05 2016] <tbelaire> instead of the number of classes defined
[Tue Apr 12 14:43:08 2016] <johnw> tbelaire: and what problem are you facing now?
[Tue Apr 12 14:43:11 2016] <tbelaire> uh
[Tue Apr 12 14:43:15 2016] <tbelaire> findlib is missing
[Tue Apr 12 14:43:20 2016] <tbelaire> compiling that now
[Tue Apr 12 14:43:27 2016] <johnw> I use Nix to build Coq
[Tue Apr 12 14:43:31 2016] <tbelaire> hmm
[Tue Apr 12 14:43:49 2016] <tbelaire> I've been using homebrew
[Tue Apr 12 14:44:01 2016] <tbelaire> but also have a git clone locally
[Tue Apr 12 14:44:04 2016] <johnw> probably good enough
[Tue Apr 12 14:44:09 2016] <tbelaire> actually, can I tell homebrew to build from source
[Tue Apr 12 14:44:13 2016] <tbelaire> I have done this before
[Tue Apr 12 14:44:21 2016] <tbelaire> so I dunno why its failing now anyways
[Tue Apr 12 14:46:58 2016] <johnw> show me the failure?
[Tue Apr 12 14:47:06 2016] <johnw> or are you talking about findlib
[Tue Apr 12 14:47:10 2016] <johnw> about which I know nothing
[Tue Apr 12 14:49:07 2016] <tbelaire> oh
[Tue Apr 12 14:49:14 2016] <tbelaire> Error: Not the right number of induction arguments (expected 1 parameter and
[Tue Apr 12 14:49:16 2016] <tbelaire> 4 arguments).
[Tue Apr 12 14:49:25 2016] <johnw> ok, can you reduce it something I can evaluate here?
[Tue Apr 12 14:49:27 2016] <johnw> i'd like to figure this out too
[Tue Apr 12 14:49:34 2016] <tbelaire> I had to separately install coq-8.5
[Tue Apr 12 14:49:41 2016] <tbelaire> but the vim plugin for that is brokwn
[Tue Apr 12 14:49:59 2016] <tbelaire> otherwise it doesn't even say how many parameters and arguments it expects
[Tue Apr 12 14:50:23 2016] <johnw> ah
[Tue Apr 12 14:50:35 2016] <johnw> that would be a nice patch to submit to the bug tracker
[Tue Apr 12 14:50:40 2016] <johnw> I really want to see improved error reporting
[Tue Apr 12 14:51:06 2016] <tbelaire> so it is a little better for coq 8.5
[Tue Apr 12 14:51:10 2016] <tbelaire> compared to 8.4
[Tue Apr 12 14:51:23 2016] <johnw> yes
[Tue Apr 12 14:51:24 2016] <tbelaire> but I would like to see more
[Tue Apr 12 14:51:28 2016] <johnw> but some errors are still *terrible*
[Tue Apr 12 14:51:28 2016] <tbelaire> so that's what I'm doing now
[Tue Apr 12 14:51:34 2016] <tbelaire> but I can't compile
[Tue Apr 12 14:51:36 2016] <tbelaire> ahg
[Tue Apr 12 14:51:39 2016] <johnw> are you at MIT?
[Tue Apr 12 14:52:33 2016] <tbelaire> UWaterloo
[Tue Apr 12 14:53:54 2016] <tbelaire> I'm an undergrad working for Ondrej https://plg.uwaterloo.ca/~olhotak/
[Tue Apr 12 14:54:15 2016] <tbelaire> ends in a few weeks
[Tue Apr 12 14:54:26 2016] <johnw> what will you do after?
[Tue Apr 12 14:54:51 2016] <johnw> tbelaire: do you go to conferences like ICFP?
[Tue Apr 12 14:55:01 2016] <tbelaire> I have not
[Tue Apr 12 14:55:09 2016] <johnw> if you ever do, say hi :)
[Tue Apr 12 14:55:16 2016] <johnw> I won't be in Japan this year, but I try to attend every year
[Tue Apr 12 14:55:35 2016] <tbelaire> Yeah, it'd be col
[Tue Apr 12 14:55:37 2016] <tbelaire> cool
[Tue Apr 12 14:55:47 2016] <tbelaire> I might actually go to linuxcon http://events.linuxfoundation.org/events/linuxcon-north-america/program/cfp
[Tue Apr 12 14:55:56 2016] <tbelaire> as it's close and my dad's going
[Tue Apr 12 14:56:05 2016] <johnw> I've never gone to a Linux conf
[Tue Apr 12 14:56:07 2016] <tbelaire> I've also been working on a linux driver in Rust
[Tue Apr 12 14:56:07 2016] <johnw> I'm a Mac user
[Tue Apr 12 14:56:26 2016] <tbelaire> me too,
[Tue Apr 12 14:56:39 2016] <tbelaire> well, I've got the 3 OSes running
[Tue Apr 12 14:56:54 2016] <tbelaire> lappy is OSX, desktop is Linux/Windows (for games)
[Tue Apr 12 14:57:16 2016] <tbelaire> hmm?  why does it seem like brew install coq --build-from-source works
[Tue Apr 12 14:57:22 2016] <tbelaire> but I can't build it myself
[Tue Apr 12 14:57:31 2016] <tbelaire> gah
[Tue Apr 12 14:57:59 2016] <johnw> they might be applying patches
[Tue Apr 12 14:58:01 2016] <johnw> or doing other funny thing
[Tue Apr 12 14:58:44 2016] <tbelaire> `brew edit coq` doesn't show anything too fancy
[Tue Apr 12 14:59:22 2016] <tbelaire> maybe the camlp5_lib dir thing
[Tue Apr 12 14:59:25 2016] <tbelaire> :q
[Tue Apr 12 14:59:30 2016] <tbelaire> oops
[Tue Apr 12 15:01:30 2016] <tbelaire> :(
[Tue Apr 12 15:01:33 2016] <tbelaire> nope
[Tue Apr 12 15:14:20 2016] <tbelaire> okay, build ocamlfind
[Tue Apr 12 15:14:26 2016] <tbelaire> and building coq now :)
[Tue Apr 12 15:15:12 2016] <tbelaire> I was considering gradschool, but this term hasn't been that much fun.
[Tue Apr 12 15:15:29 2016] <tbelaire> working with coq all day seems better in theory than in practice
[Tue Apr 12 15:15:35 2016] <tbelaire> also I miss code review
[Tue Apr 12 15:16:09 2016] <johnw> haha
[Tue Apr 12 15:16:19 2016] <johnw> I guess we all have different preferences
[Tue Apr 12 15:16:40 2016] <johnw> I work all day in Coq too, but I'm loving it so far; this is the type of stuff I used to spend my free time on
[Tue Apr 12 15:16:57 2016] <johnw> but it's definitely at a certain remove from reality
[Tue Apr 12 15:17:03 2016] <tbelaire> I'm still happy I spend a term on it
[Tue Apr 12 15:17:23 2016] <johnw> do you have your induction theorem in a form that I can evaluate here?
[Tue Apr 12 15:18:27 2016] <tbelaire> I didn't quite get that
[Tue Apr 12 15:18:34 2016] <tbelaire> uh
[Tue Apr 12 15:18:36 2016] <johnw> your induction theorem that you can't apply
[Tue Apr 12 15:18:45 2016] <johnw> is it in a file that I can evaluate here, to see why it doesn't work?
[Tue Apr 12 15:19:04 2016] <tbelaire> It's not very self contained
[Tue Apr 12 15:19:11 2016] <tbelaire> but one sec, I'll push to github
[Tue Apr 12 15:19:57 2016] <johnw> btw, https://github.com/JasonGross/coq-tools
[Tue Apr 12 15:20:07 2016] <johnw> can be used to reduce Coq file to a minimum reproducing example
[Tue Apr 12 15:20:20 2016] <johnw> by our very own jgross
[Tue Apr 12 15:21:22 2016] <tbelaire> https://github.com/tbelaire/FJ-Formalization/blob/wip/FJ_Definitions.v#L696
[Tue Apr 12 15:21:28 2016] <tbelaire> ooh
[Tue Apr 12 15:21:43 2016] <rrika> johnw, that's cool
[Tue Apr 12 15:21:53 2016] <rrika> does it try random stuff or do dependency tracking?
[Tue Apr 12 15:22:28 2016] <johnw> rrika: I'm not sure exactly how it works
[Tue Apr 12 15:22:37 2016] <johnw> tbelaire: ok, that reproduces here, with 8.4 no less
[Tue Apr 12 15:22:52 2016] <tbelaire> yeah, I'm working on 8.4 normally
[Tue Apr 12 15:23:01 2016] <tbelaire> breaking out 8.5 because slightly more information
[Tue Apr 12 15:23:48 2016] <tbelaire> I'm just trying to re-order how the arguments are to get that to apply nicely
[Tue Apr 12 15:23:51 2016] <tbelaire> it's weird
[Tue Apr 12 15:24:13 2016] <tbelaire> should it be parametrized on both CT and C?
[Tue Apr 12 15:24:28 2016] <tbelaire> I'm not quite sure what would make `induction` happy
[Tue Apr 12 15:24:42 2016] <tbelaire> but the theorem itself is useful for a number of proofs
[Tue Apr 12 15:24:42 2016] <johnw> one sec
[Tue Apr 12 15:29:44 2016] <johnw> well, of course this cannot work!
[Tue Apr 12 15:29:49 2016] <johnw> you're induction over a list with a predicate on cnames
[Tue Apr 12 15:29:52 2016] <johnw> inducting*
[Tue Apr 12 15:30:00 2016] <johnw> forall C : cname, P C
[Tue Apr 12 15:30:09 2016] <johnw> that needs to be:
[Tue Apr 12 15:30:18 2016] <johnw> forall (L : list (atom * (cname * flds * mths))), P L
[Tue Apr 12 15:30:20 2016] <johnw> at the very least
[Tue Apr 12 15:30:33 2016] <johnw> tbelaire: ^
[Tue Apr 12 15:30:44 2016] <tbelaire> ah
[Tue Apr 12 15:30:52 2016] <tbelaire> true
[Tue Apr 12 15:31:29 2016] <tbelaire> hmm
[Tue Apr 12 15:32:12 2016] <tbelaire> but I do actually want to fix a particular classtable
[Tue Apr 12 15:32:30 2016] <johnw> you mean, the induction only applies if X?
[Tue Apr 12 15:32:31 2016] <tbelaire> since nothing is true over all the classtables
[Tue Apr 12 15:32:39 2016] <tbelaire> hmm
[Tue Apr 12 15:32:47 2016] <tbelaire> okay, true I think
[Tue Apr 12 15:32:53 2016] <johnw> then maybe something of the form forall L, Q L -> P L
[Tue Apr 12 15:32:54 2016] <tbelaire> lets see how that goes
[Tue Apr 12 15:33:01 2016] <johnw> then you can only induct if you supply the evidence
[Tue Apr 12 15:34:38 2016] <tbelaire> what do I want this to say...
[Tue Apr 12 15:37:50 2016] <tbelaire> oh cool, my patch worked
[Tue Apr 12 15:37:59 2016] <tbelaire> coq finished compiling and it *worked*
[Tue Apr 12 15:38:01 2016] <tbelaire> nice
[Tue Apr 12 15:38:25 2016] <tbelaire> lets see if I can make it nicer
[Tue Apr 12 15:38:29 2016] <tbelaire> nice enough to upstream
[Tue Apr 12 15:46:08 2016] <tbelaire> alright, fixing that gives me
[Tue Apr 12 15:46:14 2016] <tbelaire> expeted 5 arguments got 1
[Tue Apr 12 15:46:18 2016] <tbelaire> expected
[Tue Apr 12 15:46:31 2016] <tbelaire> (The got 1 part is the code I added
[Tue Apr 12 15:46:33 2016] <tbelaire> )
[Tue Apr 12 15:46:52 2016] <tbelaire> lets see if I can drop the types of the arguments too
[Tue Apr 12 15:46:54 2016] <tbelaire> that would help
[Tue Apr 12 15:48:08 2016] <tbelaire> Do you know how to print types?
[Tue Apr 12 15:50:55 2016] <johnw> tbelaire: here's an example of your 'bug' minified: https://gist.github.com/3b1626b90beeeb1689ff942164178336
[Tue Apr 12 15:51:00 2016] <johnw> tbelaire: Print <name of type>.
[Tue Apr 12 15:51:12 2016] <tbelaire> from ocaml code :P
[Tue Apr 12 15:51:20 2016] <johnw> I know absolutely 0 about OCaml
[Tue Apr 12 15:51:31 2016] <tbelaire> aww nice
[Tue Apr 12 15:51:35 2016] <tbelaire> I like the minifier
[Tue Apr 12 15:51:56 2016] <tbelaire> okay, I'm just trying to expand the error until a normal human can read it
[Tue Apr 12 15:51:58 2016] <tbelaire> then read it
[Tue Apr 12 16:04:43 2016] <tbelaire> gah, implicit typing is dumb, I can't just search up the types
[Tue Apr 12 16:15:03 2016] <tbelaire> anyone know why there are not .annot files generated?
[Tue Apr 12 16:15:13 2016] <tbelaire> when coq is build from source?
[Tue Apr 12 16:36:30 2016] <tbelaire> alright, got ",t" to print out ocaml types!
[Tue Apr 12 16:36:32 2016] <tbelaire> nice
[Tue Apr 12 16:37:55 2016] <tbelaire> only to realize that the variable I'm looking for is called the same name in both places
[Tue Apr 12 16:38:04 2016] <tbelaire> and I don't really need to play type tetris at alll
[Tue Apr 12 16:46:08 2016] <jgross> rrika: The bug-minimizer (https://github.com/JasonGross/coq-tools) takes a file that produces the error, uses the .glob file that coqc outputs to get the file's dependencies, and then tries ~brute-force removal of lines, together with inlining dependencies by wrapping them in nested modules, running coqc after each change to make sure the error message hasn't changed. 
[Tue Apr 12 16:48:32 2016] <rrika> nice
[Wed Apr 13 03:57:25 2016] <Nik05> goodmorning
[Wed Apr 13 05:55:01 2016] <Cypi> Do you know of a way to replace the type of a variable in the environment by something that is convertible to it?
[Wed Apr 13 05:55:26 2016] <Cypi> Say, I know that t and u are convertible, and I have "foo : t" in my environment. I'd like to have "foo : u" instead, without modifying the proof term
[Wed Apr 13 12:11:24 2016] <tbelaire> Are there any examples using functional induction?
[Wed Apr 13 12:12:13 2016] <tbelaire> I'm just trying to use the example on
[Wed Apr 13 12:12:14 2016] <tbelaire> one
[Wed Apr 13 12:12:16 2016] <tbelaire> https://gist.github.com/f2ca462d304a2f907030f0000a996645
[Wed Apr 13 12:12:29 2016] <tbelaire> https://coq.inria.fr/refman/Reference-Manual015.html#sec573
[Wed Apr 13 12:12:43 2016] <tbelaire> They give an example using Scheme to define schemes
[Wed Apr 13 12:12:48 2016] <tbelaire> but not on using said scheme
[Wed Apr 13 12:39:10 2016] <johnw> Cypi: you want something akin to "coercion"?
[Wed Apr 13 12:39:29 2016] <johnw> I would imagine you just need a function t -> u, no?
[Wed Apr 13 12:40:46 2016] <Cypi> No. I just want to do it once, and this should not have any impact on the proof-term
[Wed Apr 13 12:41:18 2016] <Cypi> For instance, let's say I have "x : nat", and for some reason I want to have "x : (fun T => T) nat" instead
[Wed Apr 13 12:42:45 2016] <johnw> you can rewrite within the type
[Wed Apr 13 12:43:03 2016] <johnw> given a left_id law of id x = x, then rewrite <- left_id in x; unfold id in x should do that
[Wed Apr 13 12:43:10 2016] <Cypi> If I rewrite, then it will add this rewrite to the proof-term
[Wed Apr 13 12:43:25 2016] <Cypi> (and also, in my case, I actually have "x := t : nat", so you can't rewrite without losing 't'
[Wed Apr 13 12:43:26 2016] <johnw> i don't see any way around that
[Wed Apr 13 12:44:00 2016] <johnw> the type can't change spontaneously, as far as I know
[Wed Apr 13 12:44:24 2016] <Cypi> The type does not change, as far as the type system is concerned, since my two types are convertible
[Wed Apr 13 12:44:26 2016] <johnw> you'll end up involving eq_rect
[Wed Apr 13 12:44:35 2016] <Cypi> I have a way actually, it's just very tedious.
[Wed Apr 13 12:44:43 2016] <johnw> well, but they aren't the same type, are they?
[Wed Apr 13 12:44:48 2016] <Cypi> Syntaxically, no
[Wed Apr 13 12:45:05 2016] <johnw> in HoTT I'd think what you're saying is directly expressible
[Wed Apr 13 12:45:17 2016] <Cypi> It's just like using the tactic change: you change the goal, but it won't do anything to the proof-term
[Wed Apr 13 12:45:43 2016] <Cypi> you are basically just picking another representant of the class of types beta-equivalent to your goal
[Wed Apr 13 12:45:58 2016] <johnw> what is your tedious solution?
[Wed Apr 13 12:46:54 2016] <Cypi> If I want to keep 't': substituting t for x everywhere, then do "set (x := t : T) in *" where T is my new type. And then "cbv zeta in x" to remove the coercion
[Wed Apr 13 12:47:08 2016] <Cypi> (I use 'zeta' juste because in my case, it's the least likely to reduce anything else)
[Wed Apr 13 12:47:14 2016] <Cypi> (I haven't found "just the coercions")
[Wed Apr 13 12:47:16 2016] <johnw> so, "equal up to zeta equivalence"?
[Wed Apr 13 12:47:36 2016] <Cypi> I could use "cbv iota" or whatever, it's just to reduce the coercion and nothing else
[Wed Apr 13 12:48:36 2016] <Cypi> Hmm. Actually I guess that substituting and then using set will modify the proof term, so it doesn't answer exactly what I wanted
[Wed Apr 13 12:49:34 2016] <johnw> even if I use "apply (fun x : nat => x : id nat) in t", the proof term has a call to "id" in it
[Wed Apr 13 12:50:23 2016] <johnw> Cypi: but if I do this... https://gist.github.com/4a55b0a1dbd47eec4d84d6c4f5c113fe
[Wed Apr 13 12:50:32 2016] <johnw> then while Cypi has the extra id in it, Cypi' does not
[Wed Apr 13 12:50:53 2016] <johnw> (I don't think the cbv there is actually doing anything)
[Wed Apr 13 12:51:26 2016] <Cypi> Alright, see this: http://lpaste.net/159701
[Wed Apr 13 12:51:46 2016] <Cypi> In the first lemma, using change will change what type is displayed for n, without adding anything to the proof term
[Wed Apr 13 12:51:55 2016] <Cypi> In the second one, I can't even use change, but I would like too.
[Wed Apr 13 12:53:09 2016] <johnw> the apply way of doing it works in that case also
[Wed Apr 13 12:53:44 2016] <Cypi> Except that it will lose the term t, and modify the proof term
[Wed Apr 13 12:54:01 2016] <Cypi> (in that case, I will lose the fact that n is actually 0)
[Wed Apr 13 12:54:22 2016] <johnw> I don't see that being lost in the proof term
[Wed Apr 13 12:54:30 2016] <johnw> bar = let n := 0 in (fun _ : id nat => I) n : let n := 0 in True
[Wed Apr 13 12:54:55 2016] <johnw> I do lose it after Eval compute [bar], because n is never used
[Wed Apr 13 12:55:23 2016] <johnw> in what context is this significant for you?
[Wed Apr 13 12:55:25 2016] <Cypi> Then let's change the goal to "n = 0" instead of "True" I guess
[Wed Apr 13 12:55:58 2016] <Cypi> In the context of trying to understand clearer what happens in a proof involving equalities and terms with types that are way too big for me, and that I would like to reduce part by part
[Wed Apr 13 12:57:02 2016] <Cypi> Oh wait... "change nat with (id nat)" works exactly as I'd like it
[Wed Apr 13 12:57:09 2016] <johnw> ah, nice
[Wed Apr 13 12:57:14 2016] <Cypi> I guess I just need to specify the original type, which can be made easy with some Ltac.
[Wed Apr 13 12:57:25 2016] <Cypi> Ok, I hadn't even tried this. Thanks
[Wed Apr 13 12:57:36 2016] <johnw> glad to have .... helped? :)  you answered yourself
[Wed Apr 13 12:58:01 2016] <Cypi> Discussing helps
[Wed Apr 13 12:58:04 2016] <johnw> true
[Wed Apr 13 12:58:16 2016] <johnw> I'm trying to build a library right now for reasoning with units in coq
[Wed Apr 13 12:58:21 2016] <johnw> and am a bit surprised it hasn't been done already
[Wed Apr 13 12:58:40 2016] <Cypi> units? As in physical units?
[Wed Apr 13 12:58:46 2016] <johnw> I want unitized values that may only be combined in type-safe ways, where dividing meters by seconds synthesizes a new unit "meters / seconds"
[Wed Apr 13 12:59:39 2016] <Cypi> That sounds cool. I guess there aren't many physicists that have an interest in Coq yet.
[Wed Apr 13 13:00:10 2016] <johnw> I'm not using it for physics, just program metrics where I want to build a DSL for specifying constraint boundaries on program behaviors
[Wed Apr 13 13:00:38 2016] <johnw> like "this function is unhealthy if it produces fewer than X results per second"
[Wed Apr 13 13:00:59 2016] <johnw> and then I'd export the DSL term to something that can be used to construct an external process that will do the measuring
[Wed Apr 13 13:01:08 2016] <johnw> Coq is just giving me the type-safe language to talk about these terms
[Wed Apr 13 13:02:02 2016] <Cypi> I see
[Wed Apr 13 16:33:20 2016] <reuben364> Where can one get a copy of coq'art?
[Wed Apr 13 16:39:37 2016] <_y> reuben364, here http://www.labri.fr/perso/casteran/CoqArt/ ?
[Wed Apr 13 16:39:56 2016] <_y> (found from https://coq.inria.fr/documentation)
[Wed Apr 13 16:47:15 2016] <reuben364> thanks
[Wed Apr 13 19:20:18 2016] <Murad> Hi. How is one supposed to use Set Automatic Coercions Import if Require commands are supposed to be at the beginning of the file?
[Wed Apr 13 19:34:37 2016] <jrw> Murad: presumably you should Set the option above the Require commands
[Wed Apr 13 19:37:01 2016] <Murad> jrw: Yes, that's the only way it works. However, is that not at odds with the the fact that Require commands are, themselves, supposed to be above all other commands?
[Wed Apr 13 19:38:13 2016] <Murad> In particular, I thought the Require commands at the top were parsed in a special manner for something I don't remember.
[Wed Apr 13 19:38:29 2016] <Murad> Dependency discovery or something.
[Wed Apr 13 19:40:36 2016] <jrw> I've never had a problem with Requires not being at the very top for coqdep, but maybe you're right, you'll just have to test
[Wed Apr 13 19:41:48 2016] <Murad> jrw: Thanks.
[Thu Apr 14 05:26:16 2016] <jstolarek> which theorem says: forall a b, a /\ b -> a ?
[Thu Apr 14 05:27:13 2016] <Cypi> proj1
[Thu Apr 14 05:28:59 2016] <jstolarek> how could I figure it out if I know the theorem?
[Thu Apr 14 05:29:23 2016] <Cypi> I don't understand the question
[Thu Apr 14 05:30:06 2016] <jstolarek> If I know what the theorem states, how can I find it's name?
[Thu Apr 14 05:36:56 2016] <Cypi> I don't, sorry :/
[Thu Apr 14 05:59:52 2016] <jstolarek> I have premises A and B and a constructor C of type I that takes A and B as parameters. How do I apply C to both A and B to produce a value of type I as my premise?
[Thu Apr 14 06:02:19 2016] <Cypi> exact (C A B)
[Thu Apr 14 06:02:48 2016] <Cypi> Ah, sorry, I is not your goal
[Thu Apr 14 06:02:57 2016] <Cypi> then "pose proof (C A B)"
[Thu Apr 14 06:03:21 2016] <jstolarek> I think I can also do "apply (C A) in H", where H : B
[Thu Apr 14 07:45:13 2016] <_y> hello! might be a newbie question: http://paste.awesom.eu/0e2K&ln
[Thu Apr 14 07:46:51 2016] <_y> how do i tell coq that its automatic variable n0 is in fact what i called m?
[Thu Apr 14 07:48:33 2016] <_y> actually in this example i can make the problem simply disappear by moving the parameter n out of the constructor, but i’m still interested in understanding how it works
[Thu Apr 14 07:49:00 2016] <_y> i guess there are cases where you can’t do this
[Thu Apr 14 07:50:16 2016] <Cypi> Welcome to the world of dependent types. So, n0 comes from the underscore in your pattern. Outside the match, it's obvious that n0 and m should be the same, because m is the index of 'value'. But inside the match, n0 and m are completly unrelated.
[Thu Apr 14 07:54:10 2016] <Cypi> A way to solve this is to "convey" proof_m_lt_n inside the pattern-matching, so that it's obvious that the types are, in fact, correct. See: http://lpaste.net/159982
[Thu Apr 14 07:55:01 2016] <Cypi> (you actually don't need the annotations on the match, but it's just to make it clearer)
[Thu Apr 14 08:37:22 2016] <Guest3495> HelloIs there a some very easy recipe for Coq developments in one folder with subfolders?
[Thu Apr 14 08:37:32 2016] <Guest3495> * Hello!
[Thu Apr 14 08:37:40 2016] <Guest3495> * Is there a some very easy recipe for Coq developments in one folder with subfolders?
[Thu Apr 14 09:18:55 2016] <Cypi> _y : "unifying" is complicated in general. In this case, m is just an index, so it's easy. But it could be a constructor, an application of a function to another variable, anything basically.
[Thu Apr 14 09:19:56 2016] <Cypi> Agda has a stronger pattern-matching which allows for such unification in more cases, but it comes with its own problems (for a while, it allowed to prove the axiom K, which is not something that we want by default)
[Thu Apr 14 09:22:57 2016] <_y> constructors are easy to unify through
[Thu Apr 14 09:23:23 2016] <_y> but indeed, if you can have any term as an index…
[Thu Apr 14 11:44:08 2016] <johnw> jstolarek: I don't think SearchPattern is bound to a key
[Thu Apr 14 11:45:09 2016] <johnw> jstolarek: Ah, PG calls it coq-SearchIsos, and it's bound to C-c C-a C-o
[Thu Apr 14 13:45:21 2016] <johnw> if I have two types, X Y : Type, is there any way to tell if the types are the same Inductive type?
[Thu Apr 14 13:52:00 2016] <Cypi> johnw : with Ltac you mean?
[Thu Apr 14 13:55:33 2016] <johnw> I mean generically
[Thu Apr 14 13:55:42 2016] <johnw> so, I have a function foo (U T : Type) := ....
[Thu Apr 14 13:55:50 2016] <johnw> where I need to do one thing if U = T, but something else if not
[Thu Apr 14 13:56:10 2016] <johnw> so I need decidable equality on types, which I think doesn't (and can't) exist
[Thu Apr 14 13:56:20 2016] <Cypi> Ah. Then no, I don't think that you can get anything close
[Thu Apr 14 13:56:20 2016] <johnw> since the decision would happen at runtime, but the types don't exist then
[Thu Apr 14 13:57:16 2016] <johnw> yeah, I'd be relying on information across a boundary
[Thu Apr 14 13:57:18 2016] <johnw> hmm
[Thu Apr 14 13:57:21 2016] <johnw> so, here's my problem
[Thu Apr 14 13:57:41 2016] <johnw> I have a system of Units devised now, so that an inhabitant of Units (Distance / Time) can only be something like Meters / Seconds.
[Thu Apr 14 13:57:56 2016] <johnw> what I need to write is multiplication between units
[Thu Apr 14 13:58:11 2016] <johnw> such that Units Time * Units (Distance / Time) would have type Units Distance
[Thu Apr 14 13:58:27 2016] <johnw> with the appropriate conversions happening if the first value is in Hours, and the second value is in Meters / Seconds
[Thu Apr 14 13:58:51 2016] <johnw> well, that logic depends very much on exactly which units are being multipled
[Thu Apr 14 13:59:03 2016] <johnw> Units Time * Units Distance is very different from Units Time * Units Time
[Thu Apr 14 14:00:38 2016] <johnw> I'm finding that function very hard to write...
[Thu Apr 14 14:03:32 2016] <Cypi> hmm
[Thu Apr 14 14:05:35 2016] <Cypi> How does your model work? You have some inductive type for the basic SI quantities like Distance, Time, Mass and so on. And then, another inductive type called Units, parametrized by a quantity, which instantiates units such as Meters, Seconds, ... ?
[Thu Apr 14 14:07:28 2016] <johnw> actually, a friend had a solution: use a generic type, since all of these are just sums in the end
[Thu Apr 14 14:51:25 2016] <johnw> Cypi: I don't have a single inductive type for SI quantities, since the ultimate use of this is not for physics.  It's an open units system, where you can introduce new types of quantities.
[Fri Apr 15 14:11:45 2016] <johnw> can I create Ltac scripts that accept a pattern as an argument?
[Fri Apr 15 17:08:40 2016] <tbelaire> I don't think so,
[Fri Apr 15 17:08:45 2016] <tbelaire> but what does that mean exactly?
[Fri Apr 15 17:09:29 2016] <tbelaire> A pattern usually binds some variables, but if the pattern were outside your Ltac function, you would not know which variables are bound.
[Fri Apr 15 17:09:59 2016] <tbelaire> and if you just want to bind against a particular constructor, that is possible by taking the constructor as an argument
[Fri Apr 15 17:10:31 2016] <tbelaire> though if you wanted to take a whole expression I think you are out of luck.
[Sat Apr 16 07:48:46 2016] <Nik05> mornign
[Sat Apr 16 07:49:16 2016] <rrika> hi hi
[Sat Apr 16 08:42:43 2016] <Nik05> im studying some game theory, just beginning
[Sat Apr 16 08:43:01 2016] <Nik05> hopefully something comes up to investigate a little with coq
[Sat Apr 16 13:08:12 2016] <johnw> tbelaire: hi
[Sat Apr 16 13:08:20 2016] <tbelaire> hi
[Sat Apr 16 13:08:34 2016] <johnw> so, I want to rewrite on a term under a binder
[Sat Apr 16 13:08:41 2016] <johnw> (fun n => 1 + (n + 2))
[Sat Apr 16 13:08:48 2016] <johnw> which I can do, with the right setoids
[Sat Apr 16 13:08:57 2016] <johnw> so my macro wants to look like this: zoom [_ + 2].
[Sat Apr 16 13:09:07 2016] <johnw> which would make a new goal, n + 2 = ?1
[Sat Apr 16 13:09:13 2016] <johnw> which, when completed, replaces the term under the binder
[Sat Apr 16 13:09:19 2016] <johnw> so far, the best I can do is this:
[Sat Apr 16 13:09:21 2016] <tbelaire> pardon, what's a setoid?
[Sat Apr 16 13:09:23 2016] <johnw> zoom (fun n => n + 2)
[Sat Apr 16 13:09:34 2016] <johnw> a setoid is any set equipped with a notion of equivalence
[Sat Apr 16 13:09:43 2016] <tbelaire> ah, okay
[Sat Apr 16 13:09:43 2016] <johnw> (S,==,equivalence laws for ==)
[Sat Apr 16 13:10:01 2016] <johnw> once you establish a setoid in Coq, it can be used for rewriting with the "rewrite" tactic
[Sat Apr 16 13:10:14 2016] <johnw> in this case, I'm saying that functions are equivalent under functional extensionality
[Sat Apr 16 13:10:16 2016] <tbelaire> Alright
[Sat Apr 16 13:10:23 2016] <tbelaire> and zoom?
[Sat Apr 16 13:10:23 2016] <johnw> which will make rewriting under binders suddenly OK (given that axiom)
[Sat Apr 16 13:10:29 2016] <johnw> zoom is a tactic I've written
[Sat Apr 16 13:10:33 2016] <tbelaire> okay
[Sat Apr 16 13:10:40 2016] <johnw> https://gist.github.com/91d4c2f497e841bcc88be7499a649a0c
[Sat Apr 16 13:10:45 2016] <johnw> it actually works fairly well so far
[Sat Apr 16 13:10:58 2016] <johnw> example: https://gist.github.com/fa3eb4cad428c721e3c357c2250b85ce
[Sat Apr 16 13:12:25 2016] <tbelaire> I'm getting an error...
[Sat Apr 16 13:12:31 2016] <tbelaire> Tactic failure:setoid rewrite failed: Unable to satisfy the rewriting constraints.
[Sat Apr 16 13:12:34 2016] <johnw> yes, you don't have the setoids defined
[Sat Apr 16 13:12:54 2016] <tbelaire> err, after that
[Sat Apr 16 13:13:10 2016] <johnw> the rewriting constraints are things that need to be defined for it to work
[Sat Apr 16 13:13:11 2016] <tbelaire> Do I also need to do something with function extensionality
[Sat Apr 16 13:13:13 2016] <tbelaire> okay
[Sat Apr 16 13:13:19 2016] <johnw> I wouldn't try too hard to get the example working
[Sat Apr 16 13:13:23 2016] <johnw> it was just to show what I want
[Sat Apr 16 13:13:42 2016] <tbelaire> sure
[Sat Apr 16 13:14:38 2016] <tbelaire> So after you run zoom (1 + 2). you get what goal exactly?
[Sat Apr 16 13:14:44 2016] <johnw> 1 + 2 = ?1
[Sat Apr 16 13:14:54 2016] <johnw> allow you to redefine the equality by rewriting
[Sat Apr 16 13:15:02 2016] <tbelaire> okay
[Sat Apr 16 13:15:12 2016] <johnw> then you use 'reflexivity' to end the goal at any time
[Sat Apr 16 13:15:20 2016] <johnw> and it rewrites with the new form on the left hand side
[Sat Apr 16 13:15:40 2016] <johnw> where zoom can "reach to" depends on what setoids are in scope
[Sat Apr 16 13:15:58 2016] <johnw> otherwise, it's just like any rewrite, except that it gives you some focus
[Sat Apr 16 13:16:09 2016] <johnw> (so that maybe you don't need to use occurence selectors so often, such as "at 1")
[Sat Apr 16 13:16:19 2016] <tbelaire> okay
[Sat Apr 16 13:17:03 2016] <tbelaire> and you want to use zoom (n + 2) instead of zoom (1 + 2)
[Sat Apr 16 13:17:15 2016] <johnw> well, zoom (_ + 2), yeah
[Sat Apr 16 13:18:05 2016] <tbelaire> is it possible to create a new evar and use that?
[Sat Apr 16 13:18:12 2016] <johnw> it won't match up :(
[Sat Apr 16 13:18:23 2016] <tbelaire> how would you do that anyways?
[Sat Apr 16 13:18:32 2016] <johnw> evar (n : nat). zoom (n + 2).
[Sat Apr 16 13:18:45 2016] <johnw> it's an existential, though
[Sat Apr 16 13:18:56 2016] <johnw> so it doesn't unify with "anything at all"
[Sat Apr 16 13:20:43 2016] <tbelaire> how about 'exists m, m + 2' or something
[Sat Apr 16 13:20:50 2016] <tbelaire> well
[Sat Apr 16 13:21:02 2016] <tbelaire> likely generated in the ltac somehow
[Sat Apr 16 13:21:33 2016] <tbelaire> because you can unify those, once
[Sat Apr 16 13:23:31 2016] <tbelaire> maybe something like
[Sat Apr 16 13:23:33 2016] <tbelaire>   instantiate (1:=1) in (Value of n).
[Sat Apr 16 13:23:44 2016] <tbelaire> after creating it with evar
[Sat Apr 16 13:24:06 2016] <johnw> so, you mean the zoom statement would be: zoom (exists n, n + 2)?
[Sat Apr 16 13:24:12 2016] <tbelaire> I'm not sure yet
[Sat Apr 16 13:24:41 2016] <tbelaire> the variables behind `exists` are rather different from those created by `evar`
[Sat Apr 16 13:24:59 2016] <tbelaire> are they completely different?
[Sat Apr 16 13:25:05 2016] <tbelaire> I've never been clear on that
[Sat Apr 16 13:25:17 2016] <tbelaire> or are they just the same thing, presented differently?
[Sat Apr 16 13:25:59 2016] <johnw> well, the one behind "exists" is an existential within the ex_intro constructor
[Sat Apr 16 13:26:18 2016] <tbelaire> ah, so they are fundementally the same
[Sat Apr 16 13:26:20 2016] <tbelaire> cool
[Sat Apr 16 13:27:50 2016] <tbelaire> I wasn't sure if it was  a meta-level vs a term level distinction
[Sat Apr 16 13:29:10 2016] <tbelaire> we want to talk about n, but it's not in scope, and we can't simply intros it into scope
[Sat Apr 16 13:29:39 2016] <johnw> we actually want to talk about "any n", not just some n
[Sat Apr 16 13:29:49 2016] <johnw> because the term we're rewriting in is a lambda
[Sat Apr 16 13:29:54 2016] <tbelaire> what if you did zoom (fun n, stuff + (n + 2)). intros n. zoom (n+2).
[Sat Apr 16 13:29:57 2016] <tbelaire> ?
[Sat Apr 16 13:30:02 2016] <tbelaire> would that work?
[Sat Apr 16 13:30:08 2016] <johnw> zoom (fun n => n + 2) does work
[Sat Apr 16 13:30:12 2016] <johnw> so that's my solution for now
[Sat Apr 16 13:30:17 2016] <tbelaire> ah, okay
[Sat Apr 16 13:30:21 2016] <johnw> what would have been cool is if [_ + 2] just expanded to that
[Sat Apr 16 13:30:27 2016] <johnw> the way it does in some places in ssreflect
[Sat Apr 16 13:30:40 2016] <johnw> set f := _ + 2 in ssreflect is equivalent to set f := forall x, x + 2.
[Sat Apr 16 13:30:47 2016] <tbelaire> write the tactic as a ML extension? :P
[Sat Apr 16 13:30:52 2016] <johnw> yeah, I'd have to I think
[Sat Apr 16 13:31:03 2016] <tbelaire> and use their machinery
[Sat Apr 16 13:36:34 2016] <tbelaire> if the ML to do this was straightforward, would you want to use it?
[Sat Apr 16 13:36:40 2016] <tbelaire> or do you want to say in pure ltac?
[Sat Apr 16 13:36:54 2016] <johnw> I'd be fine either way, if the ML was easy to write
[Sat Apr 16 13:36:57 2016] <tbelaire> and not need to do any compiling of things
[Sat Apr 16 13:37:08 2016] <tbelaire> okay, I might poke my nose into it
[Sat Apr 16 13:37:27 2016] <johnw> don't feel that you should, tbelaire, the fun _ => _ syntax is fine for now
[Sat Apr 16 13:37:32 2016] <tbelaire> but I think I'm going to read more of Scott Aaronson's book first
[Sat Apr 16 13:37:40 2016] <tbelaire> yeah, but I'm curious
[Sat Apr 16 13:38:02 2016] <tbelaire> I might not get around to it,  I do have actual things I need to work on
[Sat Apr 16 13:53:14 2016] <johnw> it would be nice to see your ML plugin as a template for future such work, though :)
[Sat Apr 16 13:53:22 2016] <tbelaire> yeah
[Sat Apr 16 13:53:35 2016] <tbelaire> but in order to construct one, I'll first scour the web for examples :P
[Sat Apr 16 13:53:49 2016] <tbelaire> at which point, I could just point you there
[Sat Apr 16 13:54:02 2016] <tbelaire> actually doing original work is, well, work
[Sat Apr 16 13:54:04 2016] <tbelaire> :P
[Sun Apr 17 12:39:49 2016] <_y> i have trouble with matching and “unification” again
[Sun Apr 17 12:41:00 2016] <_y> http://paste.awesom.eu/pvt2&ln
[Sun Apr 17 12:42:17 2016] <_y> here, you have to write the return value ‘eq_refl x’, ‘eq_refl y’ leads to this error message
[Sun Apr 17 12:42:59 2016] <_y> and i don’t see why
[Sun Apr 17 12:45:22 2016] <_y> the way i understand it is: when i destruct ‘H : eq x y’ into ‘eq_refl x0 : eq x0 x0’ (x0 being the placeholder _ in my code), Coq sees x is actually x0, and y is actually x0
[Sun Apr 17 12:47:51 2016] <_y> moreover, since in the definition of eq, the parameter x is outside the constructor eq_refl, x0 must remain implicit and is automatically inferred to be x
[Sun Apr 17 12:49:26 2016] <_y> (as opposed to ‘Definition test : nat -> nat -> Prop := | test_refl : forall x, test x x.’, for which i have to write ‘match H with | test_refl x0 -> test_refl x0’ and nothing else)
[Sun Apr 17 13:06:09 2016] <_y> sorry, did i miss a message?
[Sun Apr 17 13:06:31 2016] <_y> i do not even know if all my messages where sent
[Sun Apr 17 16:27:29 2016] <johnw> _y: hi
[Sun Apr 17 16:33:39 2016] <johnw> _y: try @eq_refl nat x, instead of eq_refl y
[Sun Apr 17 23:37:13 2016] <benzrf> what in fuck
[Sun Apr 17 23:39:39 2016] <benzrf> how can eq eliminate to Type
[Sun Apr 17 23:39:39 2016] <benzrf> is this the 1-ctor trick thing?
[Sun Apr 17 23:51:44 2016] <benzrf> johnw: ping?
[Sun Apr 17 23:57:08 2016] <benzrf> augh i need some hepl
[Mon Apr 18 00:33:17 2016] <Cale> benzrf: hm?
[Mon Apr 18 00:35:08 2016] <benzrf> hey Cale!
[Mon Apr 18 00:35:19 2016] <Cale> benzrf: What was your question about?
[Mon Apr 18 00:35:32 2016] <benzrf> how can i eliminate an impossible Prop to get an inhabitant of a Type
[Mon Apr 18 00:37:04 2016] <Cale> Can that be done?
[Mon Apr 18 00:37:19 2016] <benzrf> oh, figured it out
[Mon Apr 18 00:37:55 2016] <benzrf> assert False as foo. inversion H. inversion foo.
[Mon Apr 18 00:38:49 2016] <Cale> ah, look at the type of False_rect
[Mon Apr 18 00:39:28 2016] <benzrf> found it :]
[Mon Apr 18 04:31:02 2016] <_y> johnw, yes, i knew it works with ‘eq_refl x’ instead, my question was:
[Mon Apr 18 04:31:28 2016] <_y> > the way i understand it is: when i destruct ‘H : eq x y’ into ‘eq_refl x0 : eq x0 x0’ (x0 being the placeholder _ in my code), Coq sees x is actually x0, and y is actually x0
[Mon Apr 18 04:31:36 2016] <_y>  why is this sort of “asymetric” unification x0 ← x and x0 ← y, where x0 can be written where x or y is expected, but not the converse?
[Mon Apr 18 04:34:21 2016] <Cypi> _y : this kind of unification can only unify an index with something else, never a parameter
[Mon Apr 18 04:34:46 2016] <Cypi> In this case, the type of H is (x = y), where 'x' is a parameter and 'y' is an index
[Mon Apr 18 08:43:56 2016] <zf> Hello!
[Mon Apr 18 08:44:20 2016] <zf> I have integer division function defined using wf_nat_rec.
[Mon Apr 18 08:44:33 2016] <zf> * lt_wf_rec
[Mon Apr 18 08:44:59 2016] <zf> The problem is I don't know how to prove any of it properties. :(
[Mon Apr 18 08:47:14 2016] <zf> There is a gist: https://gist.github.com/anonymous/b955c883fbf2da7a69fd3139abe7573e
[Mon Apr 18 08:47:58 2016] <zf> For example, I can't even prove that for a < b  a/b = 0.
[Mon Apr 18 08:49:01 2016] <zf> Theorem div_lt (a b: nat) (H: 0 < b) (H0: a < b): div a H = 0.    ....
[Mon Apr 18 09:39:25 2016] <jun__> you can unfold down to the real induction principle : https://gist.github.com/JoeDralliam/581e2164aa67e991e547cd3c5d42b669
[Mon Apr 18 09:51:53 2016] <zf> Big thank you!
[Mon Apr 18 12:22:18 2016] <johnw> benzrf: hi
[Mon Apr 18 14:13:03 2016] <cg> Hello again.
[Mon Apr 18 14:14:34 2016] <cg> Question about the same integer division function (https://gist.github.com/anonymous/b955c883fbf2da7a69fd3139abe7573e#file-div-v)
[Mon Apr 18 14:15:31 2016] <cg> I tried to prove in the same way (unfold div and induction principle until well_founded_induction_type) but without success this theorem:
[Mon Apr 18 14:15:38 2016] <cg> Definition fin_step (a b: nat) (H: 0 < b) (H0: b ≤ a): div a H = S (div (a - b) H).
[Mon Apr 18 14:16:35 2016] <cg> Any ideas about what I am missing?
[Mon Apr 18 14:19:22 2016] <cg> * until Acc_rect.
[Mon Apr 18 17:22:06 2016] <zg__> Is it possible to see history of this chat a few hours ago?
[Mon Apr 18 17:30:18 2016] <rom1504> no
[Mon Apr 18 17:30:25 2016] <rom1504> get a bouncer
[Mon Apr 18 17:38:07 2016] <zg__> Thanks, will check it
[Tue Apr 19 10:13:29 2016] <mettekou> Are there papers around on the implementation of Coq? So not just about the calculus of inductive constructions, but rather from a software engineering standpoint.
[Tue Apr 19 21:53:58 2016] <dexterph> are logs kept for this channel anywhere?
[Tue Apr 19 21:58:22 2016] <benzrf> im here almost 24/7 on my bouncer & i log
[Tue Apr 19 21:58:24 2016] <benzrf> why?
[Tue Apr 19 21:59:37 2016] <dexterph> wondering if they were publicly available anywhere, someone asked earlier if there were any publications about the "software engineering" of coq, and I missed if anyone ever answered
[Tue Apr 19 22:00:38 2016] <Cypi> Nobody answered
[Tue Apr 19 22:00:55 2016] <dexterph> alright thanks
[Tue Apr 19 22:00:57 2016] <Cypi> But as far as I know, there are no really precise documents about this
[Tue Apr 19 22:01:38 2016] <Cypi> There was one start of a "tutorial" about it (I'm trying to find it again). There are some documents in the /dev/ folder, and that's about it :/
[Tue Apr 19 22:02:32 2016] <dexterph> i'll check out the folder
[Tue Apr 19 22:03:14 2016] <Cypi> (/dev/doc/ to be precise)
[Tue Apr 19 22:04:19 2016] <Cypi> https://github.com/wjzz/Coq-Developers-Manual >> alright, it was this one. It's very incomplete though, and quite visibly not up-to-date
[Wed Apr 20 07:28:05 2016] <jstolarek> I have a hypothesis H : forall n, ...
[Wed Apr 20 07:28:19 2016] <jstolarek> can I call intro on that hypothesis?
[Wed Apr 20 07:28:50 2016] <jstolarek> I means I want Coq to assume some particular n1 and specialize hypothesis for n1
[Wed Apr 20 07:52:47 2016] <Cypi> jstolarek : "intros H; specialize (H n1)"
[Wed Apr 20 12:59:14 2016] <tbelaire> I'm curious, do people still use the induction tactic for all their proofs, or are you forced to use refine (foo_ind ...) for larger ones?
[Wed Apr 20 12:59:34 2016] <tbelaire> because I've run into a number of problems where I was forced to use refine
[Wed Apr 20 12:59:44 2016] <tbelaire> and it's not very pretty
[Wed Apr 20 12:59:59 2016] <tbelaire> and I was wondering if that was normal
[Wed Apr 20 13:04:28 2016] <tbelaire> Is there a way to clear a term and all the hypothesis it's used in?
[Wed Apr 20 13:06:23 2016] <tbelaire> clear dependent foo.
[Thu Apr 21 00:30:20 2016] <johnw> jstolarek: I think you want: evar (n : nat); specialize (H n)?
[Thu Apr 21 09:26:23 2016] <hodapp> ls
[Thu Apr 21 09:26:27 2016] <hodapp> ...disregard that.
[Thu Apr 21 11:04:22 2016] <tbelaire> hey, I tried to write up my experience from the other day with index types
[Thu Apr 21 11:04:24 2016] <tbelaire> http://csclub.uwaterloo.ca/~tbelaire/blog/posts/coq-index-vs-parameter.html
[Thu Apr 21 11:05:02 2016] <tbelaire> and I would appreciate feedback, especially corrections
[Thu Apr 21 11:05:15 2016] <tbelaire> wait, I should get comments working on the blog
[Thu Apr 21 14:59:16 2016] <kxiw> Good evening
[Thu Apr 21 15:00:06 2016] <kxiw> Can someone help with such proof: https://gist.github.com/zaarcis/421b60757979bdb12308f640f25119ca
[Thu Apr 21 15:22:11 2016] <anishath_> Random question: I'm working on a proof where I have a goal of the form `f x`, and I've proved the lemma 'f_dec', `forall x, {f x} + {~ f x}.`
[Thu Apr 21 15:22:29 2016] <anishath_> How do I actually apply this lemma to finish the proof?
[Thu Apr 21 15:22:59 2016] <deeglaze> destruct (f_dec x)
[Thu Apr 21 15:23:15 2016] <deeglaze> but you'll have a case where the decision procedure determines ~ f x
[Thu Apr 21 15:25:08 2016] <anishath_> hmm so if I have concrete arguments
[Thu Apr 21 15:25:15 2016] <anishath_> like a goal of the form `f 1234`
[Thu Apr 21 15:25:24 2016] <anishath_> Is there a way to get it to just compute?
[Thu Apr 21 15:27:14 2016] <rrika> f_dec 1234 will return either a value of f 1234 or ~f 1234
[Thu Apr 21 15:28:51 2016] <anishath_> so f_dec just says that either f x or ~ f x, but it can't be applied by coq to concrete arguments to actually run the decision procedure?
[Thu Apr 21 15:29:47 2016] <anishath_> Right now, I've implemented a parallel thing that returns a bool, and so I convert to that, and then `simpl; reflexivity`
[Thu Apr 21 15:30:02 2016] <rrika> if it's not too difficult can you paste your code somewhere?
[Thu Apr 21 15:32:01 2016] <anishath_> okay, so I have this: https://gist.github.com/4ae377582b69561e52f4653a3a1addf5 (id is basically a wrapper around Z)
[Thu Apr 21 15:32:11 2016] <anishath_> and I want to prove `ring_between 1 2 3`
[Thu Apr 21 15:32:38 2016] <tbelaire> I've written some ltac which needs to convert from exists x, ... to x := ?1 |- ... with evar
[Thu Apr 21 15:32:43 2016] <tbelaire> but I want to convert back at the end
[Thu Apr 21 15:32:54 2016] <anishath_> I guess I can do it with `unfold ring_between; simpl; omega.`
[Thu Apr 21 15:32:59 2016] <tbelaire> is there a nice way to undo "evar (x: ty); exists x"
[Thu Apr 21 15:36:23 2016] <rrika> anishath_, you have "f : nat -> bool" and "f_dec : forall x, {f x}+{~f x}" and nothing more?
[Thu Apr 21 15:36:43 2016] <anishath_> um well the specific example is what I wrote above
[Thu Apr 21 15:36:47 2016] <anishath_> > okay, so I have this: https://gist.github.com/4ae377582b69561e52f4653a3a1addf5 (id is basically a wrapper around Z)
[Thu Apr 21 15:36:51 2016] <anishath_> > and I want to prove `ring_between 1 2 3`
[Thu Apr 21 15:36:55 2016] <anishath_> > I guess I can do it with `unfold ring_between; simpl; omega.`
[Thu Apr 21 15:36:58 2016] <rrika> what are you deciding in the specific example though?
[Thu Apr 21 15:37:20 2016] <anishath_> Lemma easy : ring_between 1 2 3.
[Thu Apr 21 15:39:46 2016] <kxiw> About the gist previously. I did it.
[Thu Apr 21 15:40:08 2016] <anishathalye> kxiw: does it use syntax in coq 8.5? (couldn't get it to run in 8.4p5)
[Thu Apr 21 15:40:11 2016] <anishathalye> just curious
[Thu Apr 21 15:40:28 2016] <kxiw> The gist? Yes, it does.
[Thu Apr 21 15:42:37 2016] <kxiw> Theorem first_and_tail has such "body" between Proof and Qed:   refine (match L with cons a t => _ | nil _ => _ end);   compute; auto.
[Thu Apr 21 15:45:02 2016] <kxiw> Somehow usual destruct didn't work.
[Thu Apr 21 15:45:47 2016] <kxiw> But this try with refine (and IDProp) did.
[Thu Apr 21 16:10:32 2016] <tbelaire> How do you solve "Instance is not well-typed in the environment of ?...." arising from evars
[Thu Apr 21 16:11:03 2016] <johnw> tbelaire: hi
[Thu Apr 21 16:11:07 2016] <johnw> Coq 8.4?
[Thu Apr 21 16:11:08 2016] <tbelaire> I'm trying to go from exists x, .. to x := ?.. |- .. and then back
[Thu Apr 21 16:11:09 2016] <tbelaire> yeah
[Thu Apr 21 16:11:15 2016] <johnw> ok
[Thu Apr 21 16:11:23 2016] <johnw> so what this means is that early in your proof, you created a "hole"
[Thu Apr 21 16:11:30 2016] <johnw> then you introduced some new terms
[Thu Apr 21 16:11:38 2016] <johnw> and now you're trying to reference these terms in your instantiation
[Thu Apr 21 16:11:43 2016] <tbelaire> yup
[Thu Apr 21 16:11:50 2016] <johnw> but since they didn't exist when the hole was created, you're not allowed to
[Thu Apr 21 16:11:53 2016] <tbelaire> yup
[Thu Apr 21 16:12:02 2016] <johnw> Coq 8.5 has some fixes to this logic, that make more instantiations possible
[Thu Apr 21 16:12:16 2016] <johnw> but until then, you have to delay creating your evar, or you have to introduce those terms earlier
[Thu Apr 21 16:12:50 2016] <tbelaire> The reason I created the evar was to keep working under a exists in Ltac
[Thu Apr 21 16:13:05 2016] <johnw> but you're creating information the evar is unaware of
[Thu Apr 21 16:13:05 2016] <tbelaire> there's a rewrite rule we want to apply
[Thu Apr 21 16:13:59 2016] <tbelaire> so, we have exists S, P.  we want exists S, P'
[Thu Apr 21 16:14:19 2016] <johnw> is the proof small?  can I see it?
[Thu Apr 21 16:14:48 2016] <tbelaire> but we can't do match goal with | context ctx[foo ?S ] end.
[Thu Apr 21 16:14:54 2016] <tbelaire> as you can't match open terms
[Thu Apr 21 16:15:25 2016] <tbelaire> but converting the exists with evars lets us create S:=?123 |= P'
[Thu Apr 21 16:15:27 2016] <tbelaire> and we are stuck
[Thu Apr 21 16:17:53 2016] <tbelaire> it's not that small
[Thu Apr 21 16:18:16 2016] <johnw> I've been doing a lot of work with evars lately
[Thu Apr 21 16:18:19 2016] <johnw> I wanted to try out some tricks
[Thu Apr 21 16:18:33 2016] <tbelaire> ok, I'll show it to you
[Thu Apr 21 16:19:29 2016] <tbelaire> https://gist.github.com/tbelaire/cdb9f164a7b4d06d37aadb09062e8b64#file-dot_top_bot_mut-v-L766
[Thu Apr 21 16:19:53 2016] <johnw> do I need the LibLN source?
[Thu Apr 21 16:20:17 2016] <tbelaire> uh
[Thu Apr 21 16:20:37 2016] <tbelaire> yeah, that's libtlc
[Thu Apr 21 16:20:39 2016] <tbelaire> oh
[Thu Apr 21 16:21:02 2016] <tbelaire> https://github.com/amaurremi/dot-calculus
[Thu Apr 21 16:21:29 2016] <tbelaire> is the rest of the files, with this being in dev/lf/dot_top_bot_mut.v
[Thu Apr 21 16:21:49 2016] <johnw> ok
[Thu Apr 21 16:22:20 2016] <tbelaire> trying to just make a minimal counter example with numbers, one sec
[Thu Apr 21 16:22:20 2016] <johnw> it's evaluating
[Thu Apr 21 16:22:29 2016] <tbelaire> ah, yes
[Thu Apr 21 16:22:36 2016] <johnw> I get "impossible to unify" on line 924
[Thu Apr 21 16:23:11 2016] <tbelaire> error should be on this line
[Thu Apr 21 16:23:12 2016] <tbelaire> https://gist.github.com/tbelaire/cdb9f164a7b4d06d37aadb09062e8b64#file-dot_top_bot_mut-v-L779
[Thu Apr 21 16:23:18 2016] <tbelaire> how are you below that?
[Thu Apr 21 16:23:32 2016] <johnw> which branch are you on?
[Thu Apr 21 16:23:36 2016] <johnw> i don't have that code at that line
[Thu Apr 21 16:24:54 2016] <tbelaire> pushed the breaking version to github
[Thu Apr 21 16:24:56 2016] <tbelaire> pull?
[Thu Apr 21 16:25:08 2016] <tbelaire> sorry bout that
[Thu Apr 21 16:25:17 2016] <johnw> ok, have it now
[Thu Apr 21 16:26:14 2016] <tbelaire> the idea with the assert was to then apply it right away
[Thu Apr 21 16:26:22 2016] <tbelaire> to get the goal in the right shape
[Thu Apr 21 16:26:28 2016] <tbelaire> and maybe work this into the ltac
[Thu Apr 21 16:26:38 2016] <johnw> ah
[Thu Apr 21 16:26:42 2016] <johnw> yes, this cannot ever work
[Thu Apr 21 16:26:48 2016] <tbelaire> dang
[Thu Apr 21 16:26:51 2016] <johnw> you're trying to identify one existential with another
[Thu Apr 21 16:27:01 2016] <johnw> but that's the whole purpose of existentials
[Thu Apr 21 16:27:06 2016] <johnw> you only know that they exist, not what they are
[Thu Apr 21 16:27:14 2016] <johnw> if H1 accepted "forall", then you could do this
[Thu Apr 21 16:27:23 2016] <tbelaire> yeah
[Thu Apr 21 16:27:40 2016] <johnw> effectively you're saying: I have some number, and this hypothesis is proven in terms of some number; how do I state that these two numbers are the same number?
[Thu Apr 21 16:27:55 2016] <johnw> with decidable equality you can test for that
[Thu Apr 21 16:28:04 2016] <johnw> but you can't say it for all numbers you might have, and that H1 might have
[Thu Apr 21 16:28:31 2016] <tbelaire> do you have a better idea than using evar in the ltac to get around not being able to for match to grab them?
[Thu Apr 21 16:28:39 2016] <johnw> let me see
[Thu Apr 21 16:38:23 2016] <johnw> how do you know that S = S1 & l ~ T & S2 for some S1 and S2?
[Thu Apr 21 16:39:37 2016] <skuesx> Hello
[Thu Apr 21 16:40:01 2016] <tbelaire>  & is concat and ~ creates a binding
[Thu Apr 21 16:40:05 2016] <skuesx> A question about opacity of theorems from standard library...
[Thu Apr 21 16:40:18 2016] <johnw> but how do you know that's true for any S, l and T?
[Thu Apr 21 16:40:25 2016] <johnw> skuesx: sure
[Thu Apr 21 16:40:50 2016] <skuesx> I would want to make them transparent but that is impossible, as far as I know.
[Thu Apr 21 16:40:56 2016] <johnw> you can
[Thu Apr 21 16:41:01 2016] <johnw> Local Transparent "name of theorem"
[Thu Apr 21 16:41:18 2016] <tbelaire> I dunno, it's not my file :P
[Thu Apr 21 16:41:31 2016] <tbelaire> it was proven with a different proof
[Thu Apr 21 16:41:32 2016] <skuesx> Error: Cannot make Nat.add_comm transparent because it was declared opaque.
[Thu Apr 21 16:41:38 2016] <skuesx> :(
[Thu Apr 21 16:41:44 2016] <johnw> tbelaire: so, if you can prove that, then you have the first part of the conjunction
[Thu Apr 21 16:42:52 2016] <skuesx> I wanted to use, for example, this theorem in eq_rect, where I need its 'computational content'.
[Thu Apr 21 16:43:21 2016] <tbelaire> give me a minute, and I'll put up an example with integers
[Thu Apr 21 16:43:43 2016] <johnw> k
[Thu Apr 21 16:43:52 2016] <johnw> oh, I see
[Thu Apr 21 16:50:20 2016] <tbelaire> Ltac foo := match goal with
[Thu Apr 21 16:50:21 2016] <tbelaire> | |- context ctx [S ?n] => idtac n
[Thu Apr 21 16:50:23 2016] <tbelaire> end.
[Thu Apr 21 16:50:25 2016] <tbelaire> Lemma bar : 2 = 1 + 1.
[Thu Apr 21 16:50:27 2016] <tbelaire> Proof.
[Thu Apr 21 16:50:29 2016] <tbelaire> foo.
[Thu Apr 21 16:50:31 2016] <tbelaire> reflexivity.
[Thu Apr 21 16:50:33 2016] <tbelaire> Qed.
[Thu Apr 21 16:50:35 2016] <tbelaire> Lemma baz : exists n:nat, S n = S n.
[Thu Apr 21 16:50:37 2016] <tbelaire> Proof.
[Thu Apr 21 16:50:39 2016] <tbelaire>     foo. (* fails to match *)
[Thu Apr 21 16:50:41 2016] <tbelaire> Qed.
[Thu Apr 21 16:50:43 2016] <tbelaire> no, I copied the gist
[Thu Apr 21 16:50:45 2016] <tbelaire> https://gist.github.com/2ab40b3b2a76a0a7ce6a8f9117096638
[Thu Apr 21 16:50:47 2016] <tbelaire> oops
[Thu Apr 21 16:50:49 2016] <tbelaire> that's really the problem we wanted to solve
[Thu Apr 21 16:51:49 2016] <tbelaire> where we want to have a more complicated tactic than idtac :P
[Thu Apr 21 16:52:06 2016] <johnw> eexists; foo
[Thu Apr 21 16:52:26 2016] <tbelaire> yeah
[Thu Apr 21 16:52:37 2016] <tbelaire> and then turn it back
[Thu Apr 21 16:52:44 2016] <tbelaire> into a goal with exists n,  ...
[Thu Apr 21 16:52:54 2016] <johnw> set_evars
[Thu Apr 21 16:52:59 2016] <tbelaire> set_evars?
[Thu Apr 21 16:53:01 2016] <johnw> (does that exist in Coq?)
[Thu Apr 21 16:53:02 2016] <tbelaire> what magic is this
[Thu Apr 21 16:53:03 2016] <johnw> one sec
[Thu Apr 21 16:53:17 2016] <johnw> Ltac set_evars :=
[Thu Apr 21 16:53:17 2016] <johnw>   repeat match goal with
[Thu Apr 21 16:53:17 2016] <johnw>          | [ |- appcontext[?E] ] => is_evar E; let H := fresh in set (H := E)
[Thu Apr 21 16:53:19 2016] <johnw>          end.
[Thu Apr 21 16:53:21 2016] <johnw>  
[Thu Apr 21 16:53:29 2016] <skuesx> For now my "solution" for problem of opaque theorems from standard library is to ignore them and re-derive them again, this time with Defined.
[Thu Apr 21 16:54:02 2016] <skuesx> Also using Local Definition to hide them from outside, probably.
[Thu Apr 21 16:55:09 2016] <tbelaire> yeah
[Thu Apr 21 16:55:15 2016] <tbelaire> does that help?
[Thu Apr 21 16:55:25 2016] <johnw> checking
[Thu Apr 21 16:56:48 2016] <skuesx> Still... rederiving parts of existing library just because I need them to be transparent is bad code smell
[Thu Apr 21 16:57:11 2016] <tbelaire> we have a theorem we want to apply on the transformed version that outputs a exists S, ... type goal
[Thu Apr 21 16:59:38 2016] <johnw> so, you want to rewrite "under the exists"?
[Thu Apr 21 17:00:02 2016] <johnw> i.e., you have exists n, f n = f' n, and you just want to apply transformations to the equality?
[Thu Apr 21 17:00:19 2016] <tbelaire> exactly
[Thu Apr 21 17:00:32 2016] <johnw> ok, one second
[Thu Apr 21 17:02:16 2016] <skuesx> Local Lemma aux0 n: n + 1 = S n. Proof. induction n; simpl; auto. Defined.
[Thu Apr 21 17:02:35 2016] <skuesx> Definition add_to_end A n (L: list A n) (x: A): list A (S n) := eq_rect (L ++ x :: nil) (aux0 n).
[Thu Apr 21 17:03:43 2016] <skuesx> Eval compute in (add_to_end (1 :: 2 :: 3 :: nil) 4).
[Thu Apr 21 17:03:56 2016] <skuesx> = 1 :: 2 :: 3 :: 4 :: nil      : list nat 4
[Thu Apr 21 17:04:06 2016] <skuesx> This time it works.
[Thu Apr 21 17:13:30 2016] <johnw> tbelaire: ok
[Thu Apr 21 17:13:34 2016] <tbelaire> cool
[Thu Apr 21 17:13:51 2016] <johnw> https://gist.github.com/ff0e1404c0b608ef03cceb357345507d
[Thu Apr 21 17:13:56 2016] <johnw> that will let you rewrite under exists
[Thu Apr 21 17:14:13 2016] <tbelaire> Add Parametric Morphism
[Thu Apr 21 17:14:16 2016] <tbelaire> what is this?
[Thu Apr 21 17:14:20 2016] <johnw> setoid rewriting machinery
[Thu Apr 21 17:14:39 2016] <johnw> it says that exists is an equivalence for a setoid, and that we can rewrite using that equivalence
[Thu Apr 21 17:14:51 2016] <johnw> or rather, exists *respects* the equivalence of a setoid
[Thu Apr 21 17:14:57 2016] <johnw> the setoid where iff is the equivalence
[Thu Apr 21 17:14:57 2016] <tbelaire> okay neat
[Thu Apr 21 17:15:12 2016] <tbelaire> I guess I should read a little about set setoids
[Thu Apr 21 17:15:23 2016] <johnw> for this to work, there needs to also be a Parametric Relation, defining the equivalence
[Thu Apr 21 17:15:27 2016] <johnw> but this already exists for both eq and iff
[Thu Apr 21 17:17:18 2016] <johnw> yes, they are quite useful for building smarter rewriting tactics
[Thu Apr 21 17:17:30 2016] <johnw> I'm using a setoid library right now for "refinement" relations
[Thu Apr 21 17:17:47 2016] <tbelaire> do you know of any good introductions to setoid things?
[Thu Apr 21 17:17:56 2016] <johnw> sadly, no
[Thu Apr 21 17:18:02 2016] <johnw> there is a chapter in the manual about them
[Thu Apr 21 17:18:07 2016] <tbelaire> okay
[Thu Apr 21 17:18:08 2016] <johnw> and I recommend reading it and rereading it
[Thu Apr 21 17:18:16 2016] <johnw> I do have a nice working example for you
[Thu Apr 21 17:18:20 2016] <johnw> which is what I used to get familiar with them
[Thu Apr 21 17:18:28 2016] <tbelaire> oh cool
[Thu Apr 21 17:18:32 2016] <johnw> https://github.com/jwiegley/coq-haskell/blob/master/src/Control/Iso.v
[Thu Apr 21 17:18:42 2016] <johnw> this creates a type relation called "isomorphic"
[Thu Apr 21 17:18:47 2016] <johnw> defines it as an equivalence relation
[Thu Apr 21 17:19:02 2016] <johnw> and then state that certain terms respect this relation
[Thu Apr 21 17:19:16 2016] <johnw> so that as you go further down the file, I can start proving type isomorphisms using plain rewriting
[Thu Apr 21 17:19:28 2016] <tbelaire> hey, just out of curiosity, do you have any examples that use functional induction.  The manual defines one, but doesn't use it
[Thu Apr 21 17:19:37 2016] <tbelaire> okay I'll read it
[Thu Apr 21 17:19:38 2016] <johnw> not yet, I've never used it myself
[Thu Apr 21 17:19:44 2016] <tbelaire> ok
[Thu Apr 21 17:19:56 2016] <tbelaire> I feel like it might be a solution to a problem I have
[Thu Apr 21 17:20:04 2016] <tbelaire> but I'm out of time to explore
[Thu Apr 21 17:20:25 2016] <tbelaire> they stop paying me tomorrow to work on coq and I'm back to being a student
[Thu Apr 21 17:20:31 2016] <johnw> oh :(
[Thu Apr 21 17:20:55 2016] <johnw> will we lose your cheerful presence here?
[Thu Apr 21 17:21:17 2016] <tbelaire> I'll stick around in the channel
[Thu Apr 21 17:21:26 2016] <tbelaire> but likely you'll see me less
[Thu Apr 21 17:21:45 2016] <tbelaire> I'm going to try and write up another blog post tomorrow about what I was working on
[Thu Apr 21 17:21:46 2016] <johnw> I just simplified Iso.v
[Thu Apr 21 17:21:57 2016] <johnw> tbelaire: cool!  please let me know
[Thu Apr 21 17:22:15 2016] <tbelaire> I did write up : http://csclub.uwaterloo.ca/~tbelaire/blog/posts/coq-index-vs-parameter.html
[Thu Apr 21 17:22:25 2016] <tbelaire> that index vs parameter for subsets
[Thu Apr 21 17:22:45 2016] <tbelaire> is it true that indexed types are just more general?
[Thu Apr 21 17:22:47 2016] <johnw> it hath been queued for reading
[Thu Apr 21 17:22:52 2016] <tbelaire> nice :D
[Thu Apr 21 17:23:08 2016] <johnw> i don't know enough to say yes or no to that statement
[Thu Apr 21 17:23:11 2016] <tbelaire> okay
[Thu Apr 21 17:23:20 2016] <johnw> inversion yields better information about parameters
[Thu Apr 21 17:23:37 2016] <tbelaire> I could prove the induction statement for the parameterized version from the indexed version
[Thu Apr 21 17:23:43 2016] <tbelaire> but I failed to do it the other way around
[Thu Apr 21 17:23:45 2016] <johnw> ah
[Thu Apr 21 17:23:53 2016] <tbelaire> which is different from a proof that it can't be done of course
[Thu Apr 21 17:23:53 2016] <johnw> they should be in bijection, no?
[Thu Apr 21 17:23:59 2016] <tbelaire> I don't think so
[Thu Apr 21 17:24:10 2016] <johnw> the set of inhabitants is different?
[Thu Apr 21 17:24:15 2016] <tbelaire> yeah
[Thu Apr 21 17:24:59 2016] <tbelaire> on some edge cases like sub_ ((C, (D, fs, ms)) :: CT) C D
[Thu Apr 21 17:25:12 2016] <tbelaire> where the CT really did depend on the choice of C and D
[Thu Apr 21 17:25:23 2016] <tbelaire> and the induction for the parameterized version wasn't working
[Thu Apr 21 17:25:25 2016] <tbelaire> I thin
[Thu Apr 21 17:25:46 2016] <johnw> I'm away for a bit...
[Thu Apr 21 17:25:49 2016] <tbelaire> I could take another attempt at proving it only using parameterized tyeps
[Thu Apr 21 17:25:53 2016] <tbelaire> alrigh ttyl
[Thu Apr 21 17:54:46 2016] <skuesx> Apologies for asking again. How can I get transparent versions of theorems from standard library.
[Thu Apr 21 17:55:20 2016] <skuesx> If it's possible without proving them again with Defined
[Thu Apr 21 18:03:27 2016] <johnw> skuesx: I'm not sure that you can :(
[Thu Apr 21 18:06:11 2016] <skuesx> johnw: Okay, thanks.
[Thu Apr 21 18:06:21 2016] <johnw> you could always ask on the Coq-club mailing list
[Thu Apr 21 18:53:56 2016] <rrika> k
[Fri Apr 22 03:52:25 2016] <jstolarek> I have a module Foo in source file Bar. Inside Foo I declare inductive data type Baz. In another source file I say "Require Export Bar". How do I refer to Baz without qualifying it with Foo. module prefix ?
[Fri Apr 22 03:54:45 2016] <Cypi> Does "Import Foo." work?
[Fri Apr 22 03:58:41 2016] <jstolarek> Cypi: yes, that seems to work
[Fri Apr 22 03:59:29 2016] <jstolarek> is there a good resource that would explain how this works?
[Fri Apr 22 03:59:53 2016] <jstolarek> eg. what are difference between "Import" and "Require Import" or "Require Export" ?
[Fri Apr 22 04:00:20 2016] <jstolarek> I only found tutorials on advanced features of module system (functors and so on)
[Fri Apr 22 04:01:42 2016] <Cypi> Probably the reference manual.
[Fri Apr 22 04:01:50 2016] <Cypi> https://coq.inria.fr/distrib/current/refman/Reference-Manual008.html#compiled and https://coq.inria.fr/distrib/current/refman/Reference-Manual004.html#hevea_command54
[Fri Apr 22 04:03:58 2016] <jstolarek> oh, that looks good. I only found the chapter on typing modules
[Fri Apr 22 10:58:07 2016] <alafont> Hello! Is there a way to write a notation that takes a pattern as an argument ?
[Fri Apr 22 19:46:47 2016] <johnw> huh, alafont asked my same question, almost word-for-word
[Sun Apr 24 14:01:39 2016] <benzrf> does transfinite induction have a computational interpretation?
[Sun Apr 24 14:02:06 2016] <benzrf> oh hmm i think
[Sun Apr 24 15:14:46 2016] <benzrf> is it possible to reopen a section in coq
[Sun Apr 24 15:15:26 2016] <Nik05> hey hey
[Sun Apr 24 15:39:01 2016] <benzrf> what the fuck does "Error: Type not allowed in recursive notation." mean :(
[Sun Apr 24 17:26:43 2016] <Nik05> im going to try to implement the Extensive and Normal model of Game Theory...
[Sun Apr 24 17:26:48 2016] <Nik05> lets hope something works
[Sun Apr 24 17:27:46 2016] <Nik05> well lets first do the Normal form
[Sun Apr 24 17:56:27 2016] <Nik05> maybe i should wait with this...
[Sun Apr 24 18:37:49 2016] <finnnt> Good day
[Sun Apr 24 18:38:03 2016] <finnnt> I compiled last version of Coq.
[Sun Apr 24 18:38:20 2016] <finnnt> "coqc -v" gives back normal answer
[Sun Apr 24 18:38:29 2016] <finnnt> The Coq Proof Assistant, version 8.5pl1 (April 2016) compiled on Apr 25 2016 0:17:7 with OCaml 4.02.3
[Sun Apr 24 18:39:03 2016] <finnnt> But "coqide &" results in "Error: host:port or stdfds expected after option -control-channel gdk_window_set_icon_list: icons too large Fatal error: exception Failure("The spawned process did not connect back in 2.0s")"
[Sun Apr 24 18:40:22 2016] <finnnt> What did I wrong?
[Sun Apr 24 18:41:34 2016] <finnnt> * What did I do wrong?
[Sun Apr 24 18:53:08 2016] <finnnt> Oh well.
[Sun Apr 24 18:53:38 2016] <Nik05> guess its a little late here ;)
[Sun Apr 24 18:54:22 2016] <finnnt> Yes, probably. :)
[Sun Apr 24 20:53:46 2016] <anishathalye> Any coquille users here?
[Sun Apr 24 20:56:45 2016] <anishathalye> Any idea how much work it would be to patch it to work with Coq 8.5?
[Sun Apr 24 22:57:48 2016] <tbelaire> hi
[Sun Apr 24 22:58:10 2016] <tbelaire> I want to do this very much, and might actually be working on this soon
[Sun Apr 24 22:58:19 2016] <tbelaire> but I'm afraid I don't know how to patch it
[Sun Apr 24 22:58:33 2016] <tbelaire> and would need to reverse engineer the changes made to figure it out
[Mon Apr 25 09:57:48 2016] <benzrf> so here's a question
[Mon Apr 25 09:58:19 2016] <benzrf> if i write up the zfc axioms in coq and import LEM, will i get something consistent with classical first-order logic + zfc?
[Mon Apr 25 09:58:32 2016] <benzrf> or would i need to manually define FOL within coq?
[Mon Apr 25 10:06:06 2016] <benzrf> unrelated question:
[Mon Apr 25 10:08:31 2016] <benzrf> i have an inductive type representing untyped lambda terms, whose "variable" constructor contains a nat (de bruijn index). sometimes i want to be able to define recursive functions on terms which additionally recurse on the index of a variable. unfortunately, this means that i have to factor out the var case, since [var n] is not a subterm of [var (S n)] and i can't recurse on it. this tends to complicate
[Mon Apr 25 10:08:33 2016] <benzrf> everything, because proving stuff about the functions now requires a whole separate subsection for the separate function. is there a nice approach to this?
[Mon Apr 25 10:09:04 2016] <benzrf> one thing i previously tried is having a constructor for [var O] and then having a 'shift' constructor which represents increasing all free variables in the subterm, but that complicates reduction a loooot
[Mon Apr 25 11:15:51 2016] <benzrf> yet another question: if i make a section w/ axioms & so on, is there a way to open it back up later in coqtop
[Mon Apr 25 11:15:54 2016] <benzrf> or in another file
[Mon Apr 25 11:16:39 2016] <benzrf> e.g. i define zfc in a section using [Variable set : Type.]; now i want to be able to reason with [set] in scope from the repl or another file
[Mon Apr 25 11:18:48 2016] <benzrf> firstorder is cool :)
[Mon Apr 25 14:49:23 2016] <tbelaire> I don't think it's possible to reopen a section
[Mon Apr 25 14:49:38 2016] <tbelaire> modules work I think
[Mon Apr 25 14:49:54 2016] <tbelaire> but you'd structure it differently
[Mon Apr 25 14:50:03 2016] <tbelaire> with an "assumptions_sig" module
[Mon Apr 25 14:50:11 2016] <tbelaire> which both would be parameterized on
[Mon Apr 25 14:50:30 2016] <tbelaire> But I'm no expert on modules
[Mon Apr 25 14:54:44 2016] <benzrf> :(
[Mon Apr 25 17:33:14 2016] <titanium17> Hi guys
[Mon Apr 25 17:33:36 2016] <titanium17> I'm trying to define an evaluation context. I have this so far, but the fixpoint is not going through
[Mon Apr 25 17:33:37 2016] <titanium17> http://pastebin.com/id2t42b5
[Mon Apr 25 17:34:04 2016] <titanium17> Coq complains :
[Mon Apr 25 17:34:04 2016] <titanium17> Syntax error: '|' or '=>' expected (in [eqn]).
[Mon Apr 25 17:34:20 2016] <titanium17> where am I going wrong?
[Mon Apr 25 17:35:02 2016] <rrika> no comma after evalContext in line 7
[Mon Apr 25 17:35:11 2016] <rrika> oh, you don't need one, silly me
[Mon Apr 25 17:35:47 2016] <titanium17> the evalContext goes through
[Mon Apr 25 17:36:00 2016] <titanium17> its the "plug" im trying to define that is broken
[Mon Apr 25 17:39:02 2016] <rrika> titanium17, when I try to run it I get "Error: The constructor Ev_App2 expects 3 arguments." for line 17
[Mon Apr 25 17:39:04 2016] <rrika> which makes sense
[Mon Apr 25 17:39:05 2016] <Cypi> Is that really your current version? It looks like the order of some arguments are reversed between evalContext and plug. Also, could you add the definition of "exp"?
[Mon Apr 25 17:39:28 2016] <rrika> I used this btw: Variable exp: Type. Variable isValue: exp -> Prop. Variable E_App: exp -> exp -> exp.
[Mon Apr 25 17:39:36 2016] <Cypi> (I assumed something like "Inductive exp : Type := E_App : exp -> exp -> exp | E_Merge : exp -> exp -> exp.")
[Mon Apr 25 17:40:21 2016] <titanium17> Cypi, rrika thanks guys. My exp is quite straightforward --> http://pastebin.com/HvNadMJq
[Mon Apr 25 17:41:04 2016] <titanium17> What I mean to do with Ev_App2 is get 2 arguments, and ensure that the first is a value
[Mon Apr 25 17:41:11 2016] <titanium17> Maybe my definition is wrong?
[Mon Apr 25 17:41:40 2016] <rrika> your match has "Ev_App2 E' v "
[Mon Apr 25 17:42:04 2016] <rrika> but the signature of Ev_App2 is "forall e, isValue e -> evalContext ->evalContext"
[Mon Apr 25 17:42:12 2016] <rrika> e→E'
[Mon Apr 25 17:42:18 2016] <rrika> isValue e → v
[Mon Apr 25 17:42:23 2016] <rrika> ???? → evalContext
[Mon Apr 25 17:42:29 2016] <rrika> it's complaining that the third binding is missing
[Mon Apr 25 17:42:45 2016] <Cypi> http://lpaste.net/161430 >> this goes through, but I have no idea if that's what you want :p (the recursive are missing I guess)
[Mon Apr 25 17:43:09 2016] <rrika> what Cypi said
[Mon Apr 25 17:43:43 2016] <titanium17> Err.. I'm not sure about my evalContext definition anymore
[Mon Apr 25 17:43:57 2016] <Cypi> Nah, it looks ok
[Mon Apr 25 17:44:00 2016] <titanium17> Like I said, I only want Ev_App2 to have 2 arguments, similar to Ev_App1
[Mon Apr 25 17:44:06 2016] <titanium17> but I want the exp to be a value
[Mon Apr 25 17:44:21 2016] <Cypi> The proof that it is a value is an argument in itself, you cannot avoid that
[Mon Apr 25 17:44:30 2016] <Cypi> you _can_ pack it in a {e : exp | isValue e}
[Mon Apr 25 17:45:01 2016] <titanium17> Oh, Cypi so is Ev_App2 now a 3 argument constructor of (exp, proof of value, evalContext)?
[Mon Apr 25 17:45:25 2016] <titanium17> or do I lose the exp itself by having that 'isValue e' there?
[Mon Apr 25 17:45:55 2016] <Cypi> No, what you said: it takes arguments of type (e : exp), then (isValue e), then (evalContext)
[Mon Apr 25 17:46:38 2016] <Cypi> If you want only 2 arguments at all cost, there is the {e : exp | isValue e} solution.
[Mon Apr 25 17:46:51 2016] <titanium17> well 3 arguments wont hurt
[Mon Apr 25 17:47:00 2016] <titanium17> but I just want to be sure it is actually what I want
[Mon Apr 25 17:47:43 2016] <titanium17> I guess 3 arguments makes sense now, If I were to make a Ev_App2 evalContext, I'd have to prove that what I'm giving it is a value in the first place
[Mon Apr 25 17:47:50 2016] <titanium17> Thanks Cypi rrika
[Mon Apr 25 17:47:57 2016] <titanium17> I shall try something else now! :D
[Mon Apr 25 17:51:31 2016] <titanium17> Welp! The error persists..
[Mon Apr 25 17:51:55 2016] <titanium17> Its Strange, even if I have only the Ev_EmptyHole, Coq complains!
[Mon Apr 25 17:52:08 2016] <Cypi> Are you sure there is no insecable space or something in there? ^^'
[Mon Apr 25 17:52:18 2016] <Cypi> (I don't know...)
[Mon Apr 25 17:52:28 2016] <titanium17> Ill retype it and check
[Mon Apr 25 17:52:31 2016] <Cypi> non-breaking space* I mean
[Mon Apr 25 17:52:34 2016] <titanium17> thanks for your help Cypi
[Mon Apr 25 22:05:03 2016] <benzrf> so because im a masochist ive decided to try doing set theory in coq
[Mon Apr 25 22:05:23 2016] <benzrf> but coq's logic is not the same as the logic assumed in typical set theory
[Mon Apr 25 22:05:28 2016] <benzrf> right??
[Tue Apr 26 04:47:26 2016] <arcatan> i guess that usually the ZFC set theory is stated in the context of classical logic, where you have the law of excluded middle
[Tue Apr 26 04:47:39 2016] <arcatan> which you do not have in Coq by default
[Tue Apr 26 08:32:13 2016] <Onemorenickname_> Hi guys
[Tue Apr 26 08:32:36 2016] <Onemorenickname_> In coq, I need to talk about finite decreasing sequences
[Tue Apr 26 08:32:48 2016] <Onemorenickname_> I thought about using functions from nat->option A
[Tue Apr 26 08:33:24 2016] <Onemorenickname_> And say, that, from a given n, there are only Nones, and that forall m < n, (f m) > (f (S m))
[Tue Apr 26 08:33:55 2016] <Onemorenickname_> But it's a bit heavy for my demonstrations
[Tue Apr 26 08:34:33 2016] <Onemorenickname_> I also thought about using lists, but I don't know how to express that the list is decreasing
[Tue Apr 26 08:34:55 2016] <Onemorenickname_> Do you have any idea ? (I guess it's easy, but I'm new to coq)
[Tue Apr 26 09:32:46 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/161598
[Tue Apr 26 09:33:38 2016] <jstolarek> I'm trying to write an Ltac procedure to automate the shown proof
[Tue Apr 26 09:34:30 2016] <jstolarek> for some reason the last step in the match branch - exists (C t') - fails
[Tue Apr 26 09:34:35 2016] <jstolarek> I have no idea why. Help?
[Tue Apr 26 09:40:31 2016] <jstolarek> the precise error I get is: "Not an inductive goal with 1 constructor"
[Tue Apr 26 09:43:29 2016] <jstolarek> oh, got it
[Tue Apr 26 09:43:58 2016] <benzrf> arcatan: there's some other things though
[Tue Apr 26 09:44:55 2016] <benzrf> arcatan: i'm nowhere near certain, but i think, iirc, you can prove choice from ZF if you use ordinary coq logic
[Tue Apr 26 09:45:03 2016] <benzrf> er, wait... hmmm...
[Tue Apr 26 09:45:26 2016] <benzrf> ah, i mightve been conflating coq functions with theory-internal functions
[Tue Apr 26 09:45:30 2016] <benzrf> now i'm entirely unsure :v
[Tue Apr 26 10:12:40 2016] <arcatan> i'd be very surprised if that was the case
[Tue Apr 26 10:17:15 2016] <mettekou> Is there any literature (or informal reading) around on implementing guarded-by-destructors/structurally smaller calls for inductive types? I've tried to do so myself based on (Giménez, 1994), but translating the predicate directly to a functional language leads to messy and buggy code.
[Tue Apr 26 18:01:56 2016] <GLM> Is anyone familiar with tools filling the same need as Liquid Haskell but for the Java ecosystem?
[Tue Apr 26 18:11:36 2016] <jrw> GLM: no :( closest thing I can think of would be esc/java
[Tue Apr 26 18:18:54 2016] <GLM> jrw: Do you know if there are any development interests in a project like that? Could be a good side project for me
[Tue Apr 26 18:20:10 2016] <jrw> sounds cool to me! not sure about, like, industry interest or anything.
[Tue Apr 26 18:20:47 2016] <GLM> I would hope there would be enough Java projects to use it on
[Tue Apr 26 18:30:59 2016] <benzrf> arcatan: i figured it out, you're right
[Tue Apr 26 18:31:24 2016] <benzrf> arcatan: i confused myself b/c i forgot that the axiom schema of specification only gives you comprehension for formulas *in the language of the model*
[Tue Apr 26 18:31:41 2016] <benzrf> *of the theory, i guess
[Tue Apr 26 18:34:57 2016] <rrika> Onemorenickname_, are you still there?
[Tue Apr 26 18:35:15 2016] <Onemorenickname_> rrika, yep
[Tue Apr 26 18:35:30 2016] <Onemorenickname_> if you have a solution, i could never thank you enough
[Tue Apr 26 18:35:46 2016] <rrika> let me upload it
[Tue Apr 26 18:37:32 2016] <rrika> Onemorenickname_, https://gist.github.com/rrika/2422439491bf7f9a0c22670d87321b17
[Tue Apr 26 18:37:47 2016] <rrika> if you want an explanation ask ahead
[Tue Apr 26 18:38:37 2016] <Onemorenickname_> so
[Tue Apr 26 18:39:01 2016] <Onemorenickname_> when you write forall a
[Tue Apr 26 18:39:04 2016] <Onemorenickname_> how is a quantified ?
[Tue Apr 26 18:39:09 2016] <Onemorenickname_> over what ?
[Tue Apr 26 18:39:20 2016] <rrika> oh, I left out the types because they can be inferred
[Tue Apr 26 18:39:23 2016] <rrika> but it'S
[Tue Apr 26 18:39:42 2016] <rrika> forall (a: nat) (b: nat) (c: list nat) (d: decreasing (cons b c))
[Tue Apr 26 18:41:14 2016] <rrika> Onemorenickname_, should I go over it from top to bottom?
[Tue Apr 26 18:41:47 2016] <Onemorenickname_> I'm back
[Tue Apr 26 18:41:51 2016] <Onemorenickname_> so, it's only for nat
[Tue Apr 26 18:42:02 2016] <rrika> well, you can replace the relation ">" by something else
[Tue Apr 26 18:42:24 2016] <Onemorenickname_> so i give it a set, a relation, and then i can quantify elements over this set, and use this relation
[Tue Apr 26 18:42:35 2016] <Onemorenickname_> (i'm really new to coq D: )
[Tue Apr 26 18:42:36 2016] <benzrf> Onemorenickname_: yeah :)
[Tue Apr 26 18:42:39 2016] <rrika> yes
[Tue Apr 26 18:43:01 2016] <Onemorenickname_> then, d0 says that every list of one element is a decreasing
[Tue Apr 26 18:43:10 2016] <rrika> yes
[Tue Apr 26 18:43:19 2016] <benzrf> fyi, the set and relation should be parameters rather than indices
[Tue Apr 26 18:43:34 2016] <Onemorenickname_> benzrf, i only know parameters, what are indices ?
[Tue Apr 26 18:43:44 2016] <rrika> Inductive decreasing : list nat -> Prop
[Tue Apr 26 18:43:45 2016] <rrika> vs
[Tue Apr 26 18:43:54 2016] <rrika> Inductive decreasing (foo: list nat) : Prop
[Tue Apr 26 18:44:10 2016] <benzrf> believe it or not, those are semantically different
[Tue Apr 26 18:44:14 2016] <Onemorenickname_> then, it says that if we have a decreasing list, and a bigger than the first element, then we have an other decreasing list
[Tue Apr 26 18:44:23 2016] <rrika> yes
[Tue Apr 26 18:44:28 2016] <Onemorenickname_> it's so logic
[Tue Apr 26 18:44:34 2016] <Onemorenickname_> i feel bad for not having found it ha ha
[Tue Apr 26 18:45:13 2016] <rrika> Onemorenickname_, if you put the "list nat" before the ":" in the first line you'd be talking about a proposition for all lists
[Tue Apr 26 18:45:20 2016] <rrika> but not all lists are decreasing
[Tue Apr 26 18:45:23 2016] <rrika> so you put it after the ":"
[Tue Apr 26 18:45:32 2016] <rrika> that's the difference between parameters and indices
[Tue Apr 26 18:45:44 2016] <benzrf> Onemorenickname_: basically, a parameter is a special kind of argument in an Inductive definition, with the property that the type of each constructor must allow you to instantiate the parameter to anything
[Tue Apr 26 18:46:37 2016] <benzrf> Onemorenickname_: so you couldn't make your [list nat] a parameter, because your constructors' types specify information about the structure of that argument to their return type,
[Tue Apr 26 18:46:58 2016] <Onemorenickname_> that's why i couldnt do it
[Tue Apr 26 18:47:09 2016] <benzrf> for example, you can't specialize dO to return "decreasing (cons 1 (cons 2 nil))"
[Tue Apr 26 18:47:50 2016] <benzrf> if you declare one of your arguments as a parameter, you're forced to let it be instantiatable to anything, in the types of your constructors, but it also changes how the induction principle works
[Tue Apr 26 18:47:53 2016] <benzrf> in a way that can be helpful
[Tue Apr 26 18:48:27 2016] <benzrf> you can also just leave everything as indices (arguments after the colon), but you may get less helpful induction principles
[Tue Apr 26 18:49:24 2016] <Onemorenickname_> I see
[Tue Apr 26 18:49:34 2016] <Onemorenickname_> So, when I can, I put it as a parameter
[Tue Apr 26 18:49:58 2016] <benzrf> i'm not experienced enough to tell you if that's *always* a good idea, but i think so
[Tue Apr 26 18:50:29 2016] <Onemorenickname_> I'll take it with a grain of salt then ^^
[Tue Apr 26 18:50:32 2016] <benzrf> so, consider the type list
[Tue Apr 26 18:50:43 2016] <benzrf> er, type constructor, i guess
[Tue Apr 26 18:50:51 2016] <benzrf> its constructors are nil and cons
[Tue Apr 26 18:51:09 2016] <benzrf> [nil : forall A : Type, list A] and [cons : forall A : Type, A -> list A -> list A]
[Tue Apr 26 18:51:49 2016] <benzrf> notice that in both cases, in the final return type of both constructors, it's possible to fill in the first argument to the type as anything you, the user, want
[Tue Apr 26 18:52:14 2016] <benzrf> if i have some type X, i can specialize either nil or cons to have a return type of [list X]
[Tue Apr 26 18:52:27 2016] <benzrf> although that doesn't mean that i can actually use them
[Tue Apr 26 18:52:57 2016] <benzrf> i can specialize cons to have a return type of [list False], but my type is still going to be [False -> list False -> list False], which is unusable
[Tue Apr 26 18:53:37 2016] <Onemorenickname_> I see
[Tue Apr 26 18:53:41 2016] <benzrf> but the point is that since the argument to list is specializable to anything in the return types of its constructors, it can be declared using as a parameter
[Tue Apr 26 18:53:48 2016] <benzrf> (of course it can also be declared as an index)
[Tue Apr 26 18:54:23 2016] <benzrf> since [dO : forall a, decreasing (cons a nil)], it's impossible to specialize dO to have a return type of [decreasing (cons 1 (cons 2 nil))]
[Tue Apr 26 18:54:40 2016] <Onemorenickname_> indeed
[Tue Apr 26 18:54:40 2016] <benzrf> so that means i can't declare that argument to decreasing using a parameter
[Tue Apr 26 18:54:49 2016] <Onemorenickname_> we want it to be a certain way
[Tue Apr 26 18:54:53 2016] <benzrf> right
[Tue Apr 26 18:55:18 2016] <Onemorenickname_> btw, i have a question about the sample
[Tue Apr 26 18:55:35 2016] <Onemorenickname_> when we write  (d: decreasing (cons b c)
[Tue Apr 26 18:55:48 2016] <Onemorenickname_> its syntactic sugar for "decreasing (cons b c)" ?
[Tue Apr 26 18:55:59 2016] <benzrf> to declare an argument as a parameter, you put it *before* the colon and give it a name, like in a function definition
[Tue Apr 26 18:56:28 2016] <benzrf> then that name is in scope through the whole Inductive declaration, and you *must* use that name as the appropriate argument in the return type
[Tue Apr 26 18:56:33 2016] <benzrf> example https://coq.inria.fr/library/Coq.Init.Datatypes.html#list
[Tue Apr 26 18:56:50 2016] <rrika> Onemorenickname_, I use 'd' later in the same line
[Tue Apr 26 18:56:52 2016] <benzrf> Onemorenickname_: no, that lets you bind d as the name of the argument
[Tue Apr 26 18:56:56 2016] <rrika> I need to name it
[Tue Apr 26 18:57:06 2016] <benzrf> Onemorenickname_: like [forall (n : nat), ...] vs [nat -> ...]
[Tue Apr 26 18:57:09 2016] <rrika> ^
[Tue Apr 26 18:57:56 2016] <Onemorenickname_> rrika, i don't see wherei t is used
[Tue Apr 26 18:58:18 2016] <rrika> ah, right, my bad
[Tue Apr 26 18:58:24 2016] <rrika> I could've left it out then
[Tue Apr 26 18:58:37 2016] <rrika> giving it a name that is
[Tue Apr 26 18:58:44 2016] <rrika> forall a b c (d: decreasing (cons b c)), a > b -> decreasing (cons a (cons b c)).
[Tue Apr 26 18:58:51 2016] <rrika> forall a b c, decreasing (cons b c) -> a > b -> decreasing (cons a (cons b c)).
[Tue Apr 26 18:59:28 2016] <Onemorenickname_> i see
[Tue Apr 26 18:59:40 2016] <Onemorenickname_> well, thank you for your thorough help
[Tue Apr 26 18:59:42 2016] <benzrf> Onemorenickname_: if anything, [foo -> bar] is syntactic sugar for [forall _ : foo, bar]
[Tue Apr 26 18:59:45 2016] <benzrf> no problem :)
[Tue Apr 26 18:59:59 2016] <Onemorenickname_> I'm always happy when random strangers help fellow random strangers
[Tue Apr 26 19:01:37 2016] <Onemorenickname_> Gives me faith, hope, things like this, or at least joy
[Tue Apr 26 19:01:40 2016] <benzrf> :D
[Tue Apr 26 19:01:57 2016] <rrika> the world needs to know about coq
[Tue Apr 26 19:02:11 2016] <Onemorenickname_> ofc it does
[Tue Apr 26 19:02:19 2016] <Onemorenickname_> it's like i can truly tell my computer what I think
[Tue Apr 26 19:07:39 2016] <benzrf> well
[Tue Apr 26 19:07:43 2016] <benzrf> its not like coq is the only proof assistant
[Tue Apr 26 19:08:01 2016] <benzrf> the language coq is written in is a descendent of a language created to write tactics for some other ancient proof assistant :D
[Tue Apr 26 19:08:13 2016] <benzrf> s/written in/implemented in/
[Tue Apr 26 19:09:39 2016] <_y> so the circle is complete :-)
[Tue Apr 26 19:11:34 2016] <rrika> I feel there is a bit of a gap between the currently available tools and the applications at the moment
[Tue Apr 26 19:11:34 2016] <rrika> maybe I just haven't done enough research yet
[Tue Apr 26 19:12:45 2016] <Onemorenickname_> before coq, i only knew programming language
[Tue Apr 26 19:12:50 2016] <Onemorenickname_> or sat
[Tue Apr 26 19:16:04 2016] <benzrf> sat?
[Tue Apr 26 19:17:02 2016] <Onemorenickname_> you put in some boolean equation system, and it solves it
[Tue Apr 26 19:19:23 2016] <benzrf> o
[Tue Apr 26 19:26:09 2016] <Onemorenickname_> (i dont know how its called)
[Tue Apr 26 19:26:34 2016] <Onemorenickname_> It works !
[Tue Apr 26 19:26:37 2016] <Onemorenickname_> Thanks !
[Tue Apr 26 19:28:17 2016] <benzrf> yea!
[Tue Apr 26 19:30:49 2016] <Onemorenickname_> Basic question
[Tue Apr 26 19:30:50 2016] <Onemorenickname_> But
[Tue Apr 26 19:31:10 2016] <Onemorenickname_> Why "hd" is not defined in the current environment ?
[Tue Apr 26 19:32:07 2016] <Onemorenickname_> found
[Tue Apr 26 19:32:13 2016] <Onemorenickname_> i opened the wrong thing
[Tue Apr 26 19:32:47 2016] <rrika> If you do "Require Import List." you'll have "hd"
[Tue Apr 26 19:35:06 2016] <Onemorenickname_> rrika, yep !
[Tue Apr 26 19:35:17 2016] <Onemorenickname_> but i get an error i dont understand
[Tue Apr 26 19:35:30 2016] <Onemorenickname_> there return type of hd (x: list A) is not A ?
[Tue Apr 26 19:36:41 2016] <Cypi> Yes it is. But it is also expecting something to return if the list is empty
[Tue Apr 26 19:38:49 2016] <rrika> the 'hd' in 'List' will take a default value before taking the list, so it can return an 'A' in any case
[Tue Apr 26 19:38:53 2016] <rrika> hd 3 [] = 3
[Tue Apr 26 19:38:57 2016] <rrika> hd 3 [99] = 99
[Tue Apr 26 19:39:23 2016] <rrika> Onemorenickname_, can you show us the result of "Check hd."?
[Tue Apr 26 19:40:03 2016] <Onemorenickname_> A -> list A -> A
[Tue Apr 26 19:40:16 2016] <Onemorenickname_> I thought I had to pass it A, in fact it was a proof of A
[Tue Apr 26 19:40:42 2016] <rrika> indeed
[Tue Apr 26 19:41:07 2016] <Onemorenickname_> However, I dont understand Check hd(0,cons(2,cons(False, nil))).
[Tue Apr 26 19:41:47 2016] <rrika> no ()
[Tue Apr 26 19:41:54 2016] <rrika> or rather no ","
[Tue Apr 26 19:42:57 2016] <Onemorenickname_> oh
[Tue Apr 26 19:42:59 2016] <Onemorenickname_> .-.
[Tue Apr 26 19:44:24 2016] <Cypi> That's the trouble coming from more imperative programming languages: you're used to parentheses for function calls. In Coq you would write this "hd 0 (cons 2 (cons False nil))"
[Tue Apr 26 19:44:38 2016] <Cypi> Function application is just the space between two terms, no need for parentheses
[Tue Apr 26 19:44:49 2016] <Onemorenickname_> In fact, I'm used to Ocaml
[Tue Apr 26 19:44:52 2016] <Cypi> Oh x)
[Tue Apr 26 19:44:54 2016] <Onemorenickname_> It's because of the forall , ,
[Tue Apr 26 19:45:24 2016] <Onemorenickname_> well, because of forall, exists, forall etc.
[Tue Apr 26 19:45:41 2016] <Onemorenickname_> so i got mixed up (i'm easily confused, if you didnt notice :D)
[Tue Apr 26 19:46:12 2016] <Nik05> strange Coq's tutorial says "We shall now prove a well-known fact from first-order logic: a universal pred-
[Tue Apr 26 19:46:15 2016] <Nik05> icate is non-empty, or in other terms existential quantification follows from univer-
[Tue Apr 26 19:46:19 2016] <Nik05> sal quantification."
[Tue Apr 26 19:46:20 2016] <Nik05> sorry
[Tue Apr 26 19:46:44 2016] <Nik05> and then they define a element in the Set and proof it :P
[Tue Apr 26 19:48:27 2016] <Onemorenickname_> x)
[Tue Apr 26 19:48:34 2016] <Nik05> oh because that is needed in Coq
[Tue Apr 26 19:48:53 2016] <Nik05> But in classic logic a universal predicate is non-empty?
[Tue Apr 26 19:53:14 2016] <benzrf> link?
[Tue Apr 26 19:53:49 2016] <Nik05> https://coq.inria.fr/distrib/V8.5pl1/files/Tutorial.pdf
[Tue Apr 26 19:55:43 2016] <johnw> I never met a predicate that I didn't either like or dislike.
[Tue Apr 26 19:59:03 2016] <Nik05> hm i think im under standing the Drinker "paradox"
[Tue Apr 26 20:00:35 2016] <rrika> Theorem johnw_pref_dec (p: Predicate) : {likes p} + {¬likes p}.
[Tue Apr 26 20:01:38 2016] <Cypi> More like the double-negation of this
[Tue Apr 26 20:02:01 2016] <Nik05> quadruple negation of it
[Tue Apr 26 20:02:37 2016] <Cypi> That's the same thing :p
[Tue Apr 26 20:02:45 2016] <Nik05> ;p
[Tue Apr 26 20:02:49 2016] <Nik05> really?
[Tue Apr 26 20:03:04 2016] <Cypi> Yes
[Tue Apr 26 20:03:16 2016] <Cypi> [forall P, ~~~P -> ~P] is provable
[Tue Apr 26 20:03:27 2016] <Nik05> oke
[Tue Apr 26 20:03:43 2016] <Onemorenickname_> btw, I do not understand "universal predicate is non-empty"
[Tue Apr 26 20:03:43 2016] <Nik05> ~~P -> P?
[Tue Apr 26 20:03:53 2016] <Cypi> Nik05 : this is classical
[Tue Apr 26 20:04:08 2016] <Onemorenickname_> if we pick an empty set, then, forall x : P x is true, but exists x : P x is false
[Tue Apr 26 20:04:09 2016] <Cypi> (so not provable in Coq without axioms)
[Tue Apr 26 20:06:40 2016] <Nik05> ah right
[Tue Apr 26 20:10:18 2016] <johnw> rrika: ;)
[Tue Apr 26 20:17:59 2016] <benzrf> rrika, you're doing induction, and not the math kind
[Tue Apr 26 20:18:07 2016] <benzrf> surely you can't generalize to that from his statement
[Tue Apr 26 20:19:02 2016] <lingxiao> hey all
[Tue Apr 26 20:19:11 2016] <lingxiao> I have a question that may need a clever and as yet unknown to me tactic
[Tue Apr 26 20:21:51 2016] <Nik05> there are people online lingxiao ;)
[Tue Apr 26 20:22:25 2016] <lingxiao> oh wow awesome ok i'll send the link
[Tue Apr 26 20:22:53 2016] <lingxiao> https://github.com/lingxiao/CIS500/blob/master/hw12/Sub.v#L1147
[Tue Apr 26 20:23:18 2016] <lingxiao> there are a bunch of cases that are clearly false but i could not prove them so
[Tue Apr 26 20:24:05 2016] <lingxiao> some help would be really helpful :D
[Tue Apr 26 20:26:22 2016] <Nik05> hm you are way a head from me now :P
[Tue Apr 26 20:27:51 2016] <benzrf> lingxiao: 你的名字的意思是什么？
[Tue Apr 26 20:28:27 2016] <lingxiao> means I can't do coq that's what it means :(
[Tue Apr 26 20:30:14 2016] <benzrf> i tried to find 'ling xiao' but nothing
[Tue Apr 26 20:31:10 2016] <Nik05> have a good night everyone
[Tue Apr 26 20:31:18 2016] <benzrf> night
[Tue Apr 26 20:32:16 2016] <jrw> lingxiao: would mind pasting the context for one of the cases that you want to prove is false?
[Tue Apr 26 20:33:10 2016] <lingxiao> jrw here: http://lpaste.net/161635
[Tue Apr 26 20:33:47 2016] <johnw> how does S = TProd T1 T2 relate to S <: TProd T1 T2?
[Tue Apr 26 20:33:56 2016] <johnw> if you can establish identity between them, it is trivially proven
[Tue Apr 26 20:34:12 2016] <johnw> otherwise, maybe your induction hypothesis is too general
[Tue Apr 26 20:34:17 2016] <lingxiao> it means TProd T1 T2 <: S
[Tue Apr 26 20:34:22 2016] <lingxiao> but how does that help me?
[Tue Apr 26 20:35:24 2016] <johnw> well, from your context you need to show that S = TProd T1 T2
[Tue Apr 26 20:35:32 2016] <johnw> because you have all the other pieces of evidence that you need
[Tue Apr 26 20:35:52 2016] <johnw> either that, or redo your induction so that it's not generalized over that equality (if that's even possible)
[Tue Apr 26 20:36:21 2016] <lingxiao> well i thought the rpoblem is that i need to show tabs x T0 t0 = tpair t1 t2
[Tue Apr 26 20:36:24 2016] <lingxiao> which is clearly false
[Tue Apr 26 20:36:34 2016] <lingxiao> so i need a way to prove that
[Tue Apr 26 20:36:43 2016] <johnw> that's easy though
[Tue Apr 26 20:36:46 2016] <lingxiao> I have Gamma |- tabs x T0 t0 \in S <: S <: TProd T1 T2
[Tue Apr 26 20:36:46 2016] <jrw> lingxiao: well the conclusion of your IH is also a contradiction
[Tue Apr 26 20:36:48 2016] <johnw> it's in your induction hypothesis
[Tue Apr 26 20:36:57 2016] <lingxiao> yeah so I apply induction hypothesis and get :
[Tue Apr 26 20:36:58 2016] <johnw> exact (IHHt ? Hv).
[Tue Apr 26 20:37:07 2016] <johnw> the ? is what we can't provide
[Tue Apr 26 20:37:08 2016] <jrw> lingxiao: have you tried using the lemma [sub_inversion_prod]?
[Tue Apr 26 20:37:10 2016] <lingxiao> http://lpaste.net/161636
[Tue Apr 26 20:37:16 2016] <johnw> exactly
[Tue Apr 26 20:37:28 2016] <johnw> lingxiao: this is what I've been saying
[Tue Apr 26 20:37:52 2016] <johnw> let me see if I can build this here
[Tue Apr 26 20:38:16 2016] <johnw> not a small repo
[Tue Apr 26 20:38:28 2016] <lingxiao> jrw I need canonical forms of pair in sub inversion prod
[Tue Apr 26 20:38:38 2016] <lingxiao> yeah .. haha :( thanks for trying to buidl it
[Tue Apr 26 20:38:56 2016] <lingxiao> yeah so im not sure how to to show that S :> TProd t1 t2
[Tue Apr 26 20:39:23 2016] <lingxiao> imean theres not reason why that should even be true
[Tue Apr 26 20:39:26 2016] <jrw> isn't it the other way around?
[Tue Apr 26 20:39:44 2016] <johnw> ok, I'm at that goal lingxiao
[Tue Apr 26 20:39:51 2016] <lingxiao> awesome thanks johnw!
[Tue Apr 26 20:40:16 2016] <johnw> lingxiao: before your induction, do "clear HeqT"
[Tue Apr 26 20:40:23 2016] <johnw> then that goal will be trivial
[Tue Apr 26 20:40:59 2016] <jrw> well but that will make other cases impossible
[Tue Apr 26 20:41:04 2016] <johnw> true
[Tue Apr 26 20:41:11 2016] <johnw> but I hadn't been asked about those yet :)
[Tue Apr 26 20:41:34 2016] <johnw> lingxiao: I can't get to a point that shows exactly the goal you're looking at
[Tue Apr 26 20:41:41 2016] <johnw> do you have a different version of this proof now?
[Tue Apr 26 20:41:57 2016] <johnw> oh, I see
[Tue Apr 26 20:42:03 2016] <johnw> never, just doing the clear is not enough
[Tue Apr 26 20:42:04 2016] <lingxiao> johnw ok i did clear HeqT.
[Tue Apr 26 20:42:07 2016] <jrw> what about starting from the top and doing inversion on the [value s] hypothesis
[Tue Apr 26 20:42:51 2016] <johnw> trying
[Tue Apr 26 20:43:03 2016] <lingxiao> ok looking at this: http://lpaste.net/161637
[Tue Apr 26 20:43:09 2016] <lingxiao> oh boy ok i can try that
[Tue Apr 26 20:45:29 2016] <johnw> oh, yeah sub_inversion_prod
[Tue Apr 26 20:45:48 2016] <lingxiao> ok hmm intersting ..
[Tue Apr 26 20:45:48 2016] <lingxiao> http://lpaste.net/161638
[Tue Apr 26 20:46:00 2016] <lingxiao> but inversion on Ht does me no good
[Tue Apr 26 20:46:16 2016] <lingxiao> it should be false so gets rid of case for me
[Tue Apr 26 20:50:12 2016] <lingxiao> johnw any progress? what did you mean by sub_inversion_prod
[Tue Apr 26 20:51:05 2016] <johnw> n/m me
[Tue Apr 26 20:51:09 2016] <johnw> i don't understand this code well enough
[Tue Apr 26 20:52:48 2016] <lingxiao> yeah boy this one is tough
[Tue Apr 26 20:53:26 2016] <johnw> lingxiao: what about this: https://gist.github.com/9c1b12df2bc1afceb0a22ca16cd19383
[Tue Apr 26 20:53:29 2016] <johnw> does that look solvable to you?
[Tue Apr 26 20:54:42 2016] <lingxiao> no the problem is this: Ht : Gamma |- tabs x T t \in TProd T1 T2
[Tue Apr 26 20:55:07 2016] <lingxiao> inversion on this does not falsify [exists t1 t2 : tm, tabs x T t = tpair t1 t2]
[Tue Apr 26 20:55:12 2016] <lingxiao> as it should without subtyping
[Tue Apr 26 20:55:19 2016] <lingxiao> but subtyping complictest things
[Tue Apr 26 21:00:14 2016] <lingxiao> does that make sense johnw?
[Tue Apr 26 21:00:25 2016] <johnw> yeah, so I'm afraid I'm not much help here
[Tue Apr 26 21:01:29 2016] <riaqn> Wow so many Chinese speaker here? another here.
[Tue Apr 26 21:01:32 2016] <lingxiao> yeah :( thanks though!
[Tue Apr 26 21:01:52 2016] <riaqn> benzrf: I guess lingxiao is just the pinyin of his/her name.
[Tue Apr 26 21:02:12 2016] <lingxiao> yeah it is
[Tue Apr 26 21:02:15 2016] <lingxiao> i was really creative here
[Tue Apr 26 21:02:50 2016] <benzrf> o
[Tue Apr 26 21:03:17 2016] <lingxiao> yup
[Tue Apr 26 21:05:00 2016] <johnw> lingxiao: is this solvable: https://gist.github.com/23f0225fe0c6c0e1f3c47d56832c6cf7
[Tue Apr 26 21:46:52 2016] <lingxiao> johnw i beleive it is?!
[Tue Apr 26 21:46:59 2016] <lingxiao> coudl i ask how you got there?
[Tue Apr 26 22:47:05 2016] <tosun> Hi everyone. I’m trying to port Agda code to Coq and ran into a problem. I’ve implented the `thin` function here https://github.com/pepijnkokke/FirstOrderUnificationInAgda/blob/master/Unification.agda#L97 like this: http://lpaste.net/161648 but it doesn’t typecheck for some reason.
[Tue Apr 26 22:47:12 2016] <tosun> What am I doing wrong?
[Tue Apr 26 23:47:08 2016] <benzrf> tosun: er,
[Tue Apr 26 23:47:12 2016] <benzrf> shouldnt you be matching on n?
[Tue Apr 26 23:47:22 2016] <benzrf> oh, wait
[Tue Apr 26 23:49:58 2016] <benzrf> tosun: i really, really, really doubt this will do anything, but just out of curiosity, could you try flipping x and y in the match?
[Tue Apr 26 23:50:09 2016] <benzrf> so you match on y, x and then flip the patterns accordingly
[Tue Apr 26 23:57:30 2016] <tosun> benzrf: I did, now getting this: http://lpaste.net/161652
[Tue Apr 26 23:58:02 2016] <tosun> benzrf: that wasn’t supposed to change anything though
[Tue Apr 26 23:58:14 2016] <benzrf> yeah :X
[Tue Apr 26 23:58:28 2016] <benzrf> (i'm pretty amateur at coq fyi)
[Wed Apr 27 00:01:05 2016] <tosun> benzrf: maybe I’m getting the behavior of `match x,y with` wrong since that did change something.
[Wed Apr 27 00:03:01 2016] <benzrf> mhm
[Wed Apr 27 00:03:18 2016] <benzrf> uh
[Wed Apr 27 00:03:20 2016] <benzrf> what does thin do exactly
[Wed Apr 27 00:03:25 2016] <benzrf> im kind of tired and having trouble thinking it through
[Wed Apr 27 00:57:42 2016] <tosun> benzrf: it’s kind of complicated
[Wed Apr 27 00:57:58 2016] <tosun> benzrf: it “collects the other n elements of Fin sn as the image of an embedding, thin x from Fin n, “diluting” Fin n with x”
[Wed Apr 27 00:58:29 2016] <tosun> benzrf: explained in McBride’s paper “first-order unification by structural recursion”
[Wed Apr 27 13:33:56 2016] <Nik05> do they read their own tutorial? on page 40 below "Oops!", that part is obsolete
[Wed Apr 27 13:35:38 2016] <Cypi> Ahah, indeed
[Wed Apr 27 13:36:25 2016] <Cypi> Well, either something about typing or Check got changed, and they didn't think of looking at that part in the tutorial
[Wed Apr 27 13:49:30 2016] <Nik05> will make a bugreport later :P
[Wed Apr 27 14:29:00 2016] <tbelaire> Onemorenickname_: Inductive foo : value -> Prop | bar : forall v, is_good v -> foo v
[Wed Apr 27 14:29:04 2016] <tbelaire> I think that works
[Wed Apr 27 14:29:31 2016] <tbelaire> I'm not sure if it should be in Prop or Set
[Wed Apr 27 17:34:47 2016] <Nik05> do we have a coqbot like geordi or the haskell bot?
[Wed Apr 27 17:36:26 2016] <Cypi> What would that bot do?
[Wed Apr 27 17:36:55 2016] <benzrf> today i tried to show coq to one of the math teachers at my school
[Wed Apr 27 17:37:06 2016] <benzrf> i mean i *did* show him it, but,
[Wed Apr 27 17:37:18 2016] <benzrf> i somehow decided that a good thing to go with was proving uniqueness of inverses in a group
[Wed Apr 27 17:37:33 2016] <benzrf> and i ended up confusing myself about the algebra >.>
[Wed Apr 27 17:37:50 2016] <benzrf> not to mention that equality is one of the subtler aspects of coq
[Wed Apr 27 17:38:30 2016] <Cypi> How did you go? Have you axiomatized group theory? Or something else?
[Wed Apr 27 17:39:05 2016] <benzrf> defined a module type containing a type and operation and axioms, then parameterized another module over it
[Wed Apr 27 17:40:19 2016] <benzrf> oooooh i figured out how i tripped up
[Wed Apr 27 17:40:51 2016] <benzrf> when i wrote down the algebra with conventional reasoning i did some standard habitual elisions
[Wed Apr 27 17:41:06 2016] <benzrf> then i confused myself b/c i forgot that i couldn't apply an axiom or tactic to jump immediately to the next stage
[Wed Apr 27 18:21:56 2016] <Nik05> Cypi dont know really :P guess it can only show basic stuff
[Wed Apr 27 18:22:44 2016] <Cypi> I mean, what do geordi or the haskell bot do? ^^'
[Wed Apr 27 18:38:17 2016] <benzrf> is there a coq api at all?
[Wed Apr 27 18:38:33 2016] <Cypi> weeeell...
[Wed Apr 27 18:38:37 2016] <benzrf> is it embeddable
[Wed Apr 27 18:38:44 2016] <benzrf> can i use only some parts of it
[Wed Apr 27 19:54:08 2016] <Cypi> Nik05 : in case you do plan to make a bug report, you can mention that https://github.com/coq/coq/commit/cfff8f introduced this discrepancy. (For some reason, since then, Check performs beta-iota reduction on the type of the term.)
[Wed Apr 27 19:54:19 2016] <Cypi> [yay git-bisect]
[Thu Apr 28 07:51:32 2016] <Nik05> thank you Cypi :)
[Thu Apr 28 07:52:30 2016] <Nik05> i think i red another obsolete text somewhere
[Thu Apr 28 07:54:27 2016] <Nik05> huh i think i already filed a bug before... dont know my adres :(
[Thu Apr 28 07:54:44 2016] <Nik05> or maybe it was anonymous
[Thu Apr 28 07:54:51 2016] <Nik05> oh no its not
[Thu Apr 28 08:07:30 2016] <Nik05> Cypi found another one
[Thu Apr 28 08:34:39 2016] <lorozic> hi guys, can anyone recommend some materials on Ltac? as in tutorials?
[Thu Apr 28 09:14:52 2016] <jstolarek> lorozic: chapters 14 and 15 (IIRC) of CPDT ?
[Thu Apr 28 09:20:44 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/161716
[Thu Apr 28 09:21:17 2016] <jstolarek> I am struggling with this silly error. I have absolutely no idea why this gives me a syntax error, especially that the code is copied from Software Foundations
[Thu Apr 28 09:25:32 2016] <jstolarek> oh, got it. Notations again :-/
[Thu Apr 28 09:44:59 2016] <lorozic> jstolarek: already seen that one but didn't sit well for some reason. I'll give it another chance.
[Fri Apr 29 04:42:23 2016] <dogui> Hi, is there a way to add hints to make Coq work better with conjunction? For example I want it to prove A /\ B -> B /\ A with just auto..
[Fri Apr 29 04:42:54 2016] <dogui> "Hint Constructors and" does a bit in this sense, I don't need to do split. However can I add a hint to destruct conjunctions?
[Fri Apr 29 07:25:24 2016] <arcatan> Maybe add proj1/proj2 as hints?
[Fri Apr 29 08:07:28 2016] <Cypi> Is there any knowledgeable person about writing a plugin for Coq in OCaml? Specifically, my question is: I have a [constr] with some evars, and I know that one of these evars could be determined uniquely from the type (just what "refine" would do if it was a hole). How can I get the inference mechanism to resolve the content of this evar for me?
[Fri Apr 29 17:14:36 2016] <pyon> Is there some centralized repository of theories formalized in Coq? :-O
[Fri Apr 29 17:16:24 2016] <johnw> no
[Fri Apr 29 17:16:41 2016] <johnw> lots of repositories of theories, but opam is the closest you'll get, and I doubt it aggregates even the majority of them
[Fri Apr 29 17:16:49 2016] <pyon> Ah...
[Fri Apr 29 17:23:52 2016] <pyon> I want an existing formalization of System Fω, to see if I can extend it as proposed here: http://cstheory.stackexchange.com/questions/34567/ (incomplete sketch)
[Fri Apr 29 17:24:12 2016] <johnw> system fc has been formalized
[Fri Apr 29 17:30:38 2016] <pyon> System FC seems to have a feature that I don't really want or need (first-class type equality witnesses), and I have no idea how this would interact with subtyping. :-|
[Fri Apr 29 20:00:04 2016] <Nik05> in A tutorial on [co-]inductive types in coq
[Fri Apr 29 20:00:33 2016] <Nik05> what are they doing on page 16 (3.2.1 example)
[Fri Apr 29 20:00:58 2016] <Nik05> they define pred_spec with set notation, and then define `predecessor`, what is happening there?
[Fri Apr 29 20:04:34 2016] <Cypi> It seems like they first define the spec of the `predecessor` function, so what should be the relationship between its input and its output
[Fri Apr 29 20:04:57 2016] <Cypi> and then they define the `predecessor` function itself, while proving that it conforms to this spec.
[Fri Apr 29 20:06:29 2016] <Nik05> oh pred_spec is not a function?
[Fri Apr 29 20:08:16 2016] <Cypi> Well, it is a function, that takes an argument (n : nat), and returns the expect return type of the `predecessor` function.
[Fri Apr 29 20:08:58 2016] <Cypi> They could have written directly "Definition predecessor : forall (n : nat), {m : nat | n = 0 /\ m = 0 \/ n = S m}."
[Fri Apr 29 20:09:39 2016] <Cypi> To be clearer: pred_spec is a function, but it is certainly not a function that computes the predecessor of an integer. It's just a function that returns a type.
[Fri Apr 29 20:10:05 2016] <Nik05> returns just a type oh
[Fri Apr 29 20:10:52 2016] <Nik05> what type does it return?
[Fri Apr 29 20:11:05 2016] <Cypi> It returns the type {m : nat | n = 0 /\ m = 0 \/ n = S m}
[Fri Apr 29 20:11:13 2016] <Cypi> This is its definition.
[Fri Apr 29 20:22:16 2016] <pyon> I'm defining a theory with multiple sorts (variances, kinds, types with kind K), and I want each sort to have an associated partial order relation. However, calling these types “v_inclusion”, “k_inclusion” and “t_inclusion” quickly gets annoying. Is there some way I can reuse the name “inclusion” for all three relations?
[Fri Apr 29 20:25:00 2016] <mietek> Could you help me read this line?
[Fri Apr 29 20:25:02 2016] <mietek> match A as X return int_type2 X -> term X with ... end.
[Fri Apr 29 20:25:35 2016] <mietek> I’m not sure what “return” does there
[Fri Apr 29 20:26:15 2016] <pyon> mietek: It's the return type of the whole “match” expression.
[Fri Apr 29 20:26:38 2016] <mietek> Line 136 of https://www.lri.fr/~keller/Documents-etudes/Categories/godel.v
[Fri Apr 29 20:27:13 2016] <mietek> (which is a formalisation of Coquand-Dybjer 1993)
[Fri Apr 29 20:27:33 2016] <mietek> 1997*
[Fri Apr 29 20:27:50 2016] <mietek> (https://www.dropbox.com/s/aam7zd1b2is3qe2/CoquandDybjer1997.pdf if anyone is curious)
[Fri Apr 29 20:28:46 2016] <mietek> pyon: doesn’t this basically restate the line above?
[Fri Apr 29 20:28:58 2016] <mietek> Fixpoint quote (A: type) : int_type2 A -> term A :=
[Fri Apr 29 20:28:58 2016] <mietek>   match A as X return int_type2 X -> term X with
[Fri Apr 29 20:29:39 2016] <mietek> If so, why is it significant to write it this way?
[Fri Apr 29 20:30:06 2016] <mietek> (I speak Agda reasonably fluently)
[Fri Apr 29 20:31:31 2016] <pyon> mietek: I don't really know either Coq or Agda terribly well, but IIUC, Coq's type inference is “less smart” than Agda's.
[Fri Apr 29 20:31:44 2016] <mietek> Ah.
[Fri Apr 29 20:31:52 2016] <pyon> mietek: Consider what would happen if instead of “match A”, you had “match complicated_expression”.
[Fri Apr 29 20:32:15 2016] <mietek> Guiding type inference makes sense, I suppose.
[Fri Apr 29 20:32:19 2016] <mietek> Thanks.
[Fri Apr 29 20:32:20 2016] <pyon> Yep.
[Fri Apr 29 22:11:12 2016] <pyon> Is there some way to tell Coq not to use the standard library, except for a few primitives (Set, Prop, function types)?
[Fri Apr 29 22:17:55 2016] <pyon> Also, is there some way to define an Inductive type and a notation for it simultaneously?
[Fri Apr 29 23:08:59 2016] <pyon> Is there some command for checking which notations are in scope?
[Fri Apr 29 23:09:16 2016] <pyon> Or for expanding an expression containing notations into an expression not containing them.
[Sat Apr 30 01:13:03 2016] <pyon> Why can't I do “fun (x, y) => ...” to define an anonymous function of a tuple?
[Sat Apr 30 01:14:09 2016] <pyon> I want to do the equivalent of the following OCaml code: “List.map (fun (k, v) -> k, v_inv v)”.
[Sat Apr 30 04:40:54 2016] <riaqn> hello, what 's the relation between the underlying theories of NuPRL and Coq? I 'm really confused.
[Sat Apr 30 04:41:42 2016] <riaqn> One is "Computational type theory" and the other "Calculus of construction", both of which seems related to MLTT.
[Sat Apr 30 06:49:26 2016] <Nik05> thank you cypi
[Sat Apr 30 06:51:32 2016] <Nik05> still dont get it
[Sat Apr 30 06:51:36 2016] <Nik05> haha
[Sat Apr 30 11:03:03 2016] <Nik05> Cypi so the type of pred_spec is nat -> { m : nat | n = 0 /\ m = 0 \/ n = S m }
[Sat Apr 30 11:03:30 2016] <Nik05> and the type of predecessor is forall n : nat, pred_spec n
[Sat Apr 30 11:03:47 2016] <Nik05> i dont see what the purpose is of predecessor
[Sat Apr 30 11:08:10 2016] <Cypi> Ah non x)
[Sat Apr 30 11:08:16 2016] <Cypi> The type of pred_spec is nat -> Set
[Sat Apr 30 11:08:37 2016] <Cypi> Its definition is "pred_spec n := { m : nat | n = 0 /\ m = 0 \/ n = S m }
[Sat Apr 30 11:09:01 2016] <Nik05> yes?
[Sat Apr 30 11:09:43 2016] <Nik05> but none of these give you the answer like pred 10 = 9 or somethign
[Sat Apr 30 11:09:51 2016] <Cypi> predecessor does!
[Sat Apr 30 11:10:11 2016] <Nik05> = exist
[Sat Apr 30 11:10:11 2016] <Nik05>          (fun m : nat => 10 = 0 /\ m = 0 \/ 10 = S m)
[Sat Apr 30 11:10:11 2016] <Nik05>          9 (or_intror eq_refl)
[Sat Apr 30 11:10:13 2016] <Nik05>      : pred_spec 10
[Sat Apr 30 11:10:22 2016] <Nik05> well there is a 9 in there but :P
[Sat Apr 30 11:10:28 2016] <Cypi> More precisely, "predecessor 10" would evaluate to the pair formed by 9 and a proof that 9 is the predecessor of 10
[Sat Apr 30 11:10:39 2016] <Nik05> oh oke
[Sat Apr 30 11:11:07 2016] <Nik05> so 9 is the predecessor and (or_intror eq_refl) is the proof?
[Sat Apr 30 11:11:15 2016] <Cypi> You can see it in the term you quoted. There is a 9, and "or_intror eq_refl" has the type "10 = 0 /\ 9 = 0 \/ 10 = S 9"
[Sat Apr 30 11:11:19 2016] <Cypi> yes!
[Sat Apr 30 11:11:22 2016] <Nik05> ah oke
[Sat Apr 30 11:11:56 2016] <Nik05> oh maybe im getting it
[Sat Apr 30 11:12:01 2016] <Nik05> needs to sink in :P
[Sat Apr 30 11:14:13 2016] <Nik05> thank you Cypi :)
[Sat Apr 30 12:32:01 2016] <Nik05> when is this helpful?
[Sat Apr 30 13:35:35 2016] <Nik05> oh i hadnt noticed but only predecessors type is defined
[Sat Apr 30 14:19:09 2016] <Nik05> oh wow my brain
[Sat Apr 30 14:19:18 2016] <Nik05> same for the le_lt_dec, mind is blown
[Sat Apr 30 19:20:33 2016] <pyon> Is there some way to “overload notations”?
[Sat Apr 30 19:40:06 2016] <johnw> sure
[Sat Apr 30 19:40:12 2016] <johnw> they can each be in a different scope
[Sat Apr 30 19:40:18 2016] <johnw> and scopes can be triggered on the type context
[Sat Apr 30 19:54:06 2016] <pyon> Scopes are associated to individual types, right?
[Sat Apr 30 19:54:38 2016] <pyon> I'd like to select notations based on the expected type of an expression.
[Sat Apr 30 19:57:55 2016] <johnw> they can be
[Sat Apr 30 19:58:01 2016] <johnw> yeah, that's right
[Sat Apr 30 19:58:07 2016] <johnw> you "delimit" the scope based on a type
[Sat Apr 30 19:58:12 2016] <johnw> and if the expression has that type, it'll use that scope
[Sat Apr 30 19:58:31 2016] <johnw> plus, you can switch scopes manually anywhere
[Sat Apr 30 19:58:33 2016] <johnw> (foo)%scope
[Sat Apr 30 19:58:39 2016] <johnw> or: Open Scope foo_scope.
[Sat Apr 30 19:58:49 2016] <pyon> Ah, nice.
[Sat Apr 30 20:06:08 2016] <pyon> Okay, so this is what I have so far: https://gist.github.com/eduardoleon/2d2c93892b70cbebb6823f567f5d8225 . Coq's complaining that the scope “var” doesn't exist. :-|
[Sat Apr 30 20:06:33 2016] <johnw> right, you haven't declared that scope
[Sat Apr 30 20:06:58 2016] <johnw> Delimit Scope var_scope with var.
[Sat Apr 30 20:07:16 2016] <pyon> Oh.
[Sat Apr 30 20:07:18 2016] <johnw> Bind Scope var_scope with var.
[Sat Apr 30 20:07:26 2016] <johnw> Delimit gives you %var
[Sat Apr 30 20:07:31 2016] <pyon> And Bind?
[Sat Apr 30 20:07:34 2016] <johnw> Bind associates var_scope with expressions of type var
[Sat Apr 30 20:07:44 2016] <johnw> i.e., implicit delimiting
[Sat Apr 30 20:07:51 2016] <pyon> Ah, makes sense!
[Sun May  1 13:43:51 2016] <mettekou> To the people familiar with the calculus of inductive constructions: is there informal reading on implementing guarded-by-destructors (Giménez, 1994) out there? I've tried to translate the predicate from the paper to Haskell, but as I don't fully understand it yet, failed. 😝
[Mon May  2 04:19:42 2016] <phdoerfler> hi! I am sort of stuck with a proof in coq and was hoping someone could help me: http://pastie.org/private/syosbfctgnvt5jlkjjt5zg
[Mon May  2 04:20:14 2016] <phdoerfler> natlist is a list of nat and I am trying to rewrite the goal so that "n ::" is outside of the two "rev" invocations
[Mon May  2 04:20:35 2016] <phdoerfler> I spent hours on this already and just get stuck all the time
[Mon May  2 04:20:52 2016] <phdoerfler> (rev reverses a list)
[Mon May  2 04:24:24 2016] <sanooj> have you looked at Lists/List.v in the coq distribution?
[Mon May  2 04:26:22 2016] <phdoerfler> no I haven't
[Mon May  2 04:27:26 2016] <phdoerfler> I shall take a look
[Mon May  2 04:30:02 2016] <phdoerfler> thanks! I think rev_unit looks very much like what I was missing
[Mon May  2 05:37:00 2016] <Nik05> hello phdoerfler has quit
[Mon May  2 06:42:18 2016] <Nik05> oh wow i just found out that the syntax for a proof is "Theorem Name : What to proof" ... -_-
[Mon May  2 06:42:26 2016] <Nik05> as in Name has type what to proof
[Mon May  2 09:42:06 2016] <benzrf> i have a mutual inductive declaration
[Mon May  2 09:42:36 2016] <benzrf> i'm trying to define something which destructs on type A, getting out a B, then destructs on the B, getting out an A, which I recurse on
[Mon May  2 09:42:41 2016] <benzrf> how do i do that?
[Mon May  2 09:46:30 2016] <benzrf> oh - i tried actually googling >w>
[Mon May  2 10:01:44 2016] <riaqn> Anyone familliar with Hott? Do I have to learn a lot about Algebraic topology before I read the Hott book?
[Mon May  2 10:02:10 2016] <benzrf> riaqn: i don't know as much about hott as i would like to
[Mon May  2 10:02:29 2016] <benzrf> i think you'd get more out of hott if you knew AT, kind of like how you get more out of category theory if you know a few fields of math already
[Mon May  2 10:02:48 2016] <benzrf> but that's not based on much, so trust probably literally anybody else ove rme
[Mon May  2 10:03:20 2016] <riaqn> benzrf: Yeah, but I get lost even before chapter 2. I don't understand the path induction.
[Mon May  2 10:03:50 2016] <benzrf> algebraic topology often tends to be extremely algebraic
[Mon May  2 10:03:57 2016] <riaqn> namely, it's stated that not all terms in eq is refl.
[Mon May  2 10:04:09 2016] <benzrf> i think (again, trust probably literally anybody else over me) hott is kind of, like
[Mon May  2 10:04:36 2016] <riaqn> benzrf: well I 'm not math genius and I 'm still learning point set topology. I guess I have to learn algebraic after that.
[Mon May  2 10:04:37 2016] <benzrf> *only* algebraic, but the algebra involved is stuff that's mostly inspired by or useful-in-the-context-of algebraic topology that does involve some topology
[Mon May  2 10:04:55 2016] <benzrf> riaqn: if you're interested in math i'd really recommend branching out more and doing less of the kind of
[Mon May  2 10:05:21 2016] <benzrf> "i have a Driving Goal which is extremely advanced and i'm taking the shortest path thru the topic graph to that goal"
[Mon May  2 10:06:25 2016] <riaqn> huh, that was I think.(and still thinking). Although I don't have such a roadmap for Hott. So I'm learning from the very begining all the things.
[Mon May  2 10:06:28 2016] <benzrf> i was kind of doing that a while back and then i realized that it's better in a number of ways to reorient yourself with math in general as what you're working at, and then follow a broader & more convnentional path, while maybe being guided a little bit by HoTT or whatever
[Mon May  2 10:06:59 2016] <benzrf> and now ive learned that manifolds are fun even when they have nothing at all to do with types :-)
[Mon May  2 10:07:40 2016] <benzrf> just learn math, and maybe add a specific topic every so often if it happens to be within reach and happens to lead toward whatever you originally were interested in
[Mon May  2 10:07:50 2016] <riaqn> yeah now I think learning more math(any kind) is always good for every STEM students.
[Mon May  2 10:08:02 2016] <benzrf> hmmmm, i dunno
[Mon May  2 10:08:09 2016] <benzrf> i think its more complex than that
[Mon May  2 10:08:20 2016] <riaqn> huh, at least for theoretical CS.
[Mon May  2 10:08:23 2016] <benzrf> pure math isnt so directly applicable to any other STE field
[Mon May  2 10:11:40 2016] <benzrf> so hows point-set going
[Mon May  2 10:12:01 2016] <benzrf> i cant say im a huge fan of topology that isnt somehow tied to the reals
[Mon May  2 10:12:08 2016] <benzrf> (that i've seen, anyway)
[Mon May  2 10:12:36 2016] <riaqn> Well I 'm just begining and I 'm using munkres 2nd. Just learnd the metric topology.
[Mon May  2 10:12:51 2016] <riaqn> to be honest I don't see the connection to the type theory.
[Mon May  2 10:14:10 2016] <riaqn> I think the person who related these two things must have some imagination.
[Mon May  2 10:14:52 2016] <benzrf> well, it's kind of like you're learning arithmetic because algebra makes the most sense when you start off of arithmetic and you want to know algebra because you're working up to understanding finite fields so you can talk about crypto
[Mon May  2 10:14:55 2016] <benzrf> :)
[Mon May  2 10:15:12 2016] <benzrf> there's entire branches of math that stem off from where you are, and one of them has some parts that are connected
[Mon May  2 10:17:44 2016] <riaqn> benzrf: let's see if I can relates these things finally. :)
[Mon May  2 10:18:27 2016] <benzrf> riaqn: have you been fully absorbing what you're reading or have you been "skimming to get to the point"
[Mon May  2 10:19:23 2016] <riaqn> benzrf: I read all theorems, proofs, and did ever exercise.
[Mon May  2 10:20:19 2016] <riaqn> of course there were some exercise too hard, in which case I search it on the web, understand it and paraphase it myself.
[Mon May  2 10:20:49 2016] <benzrf> nice!
[Mon May  2 10:21:30 2016] <riaqn> yeah otherwise I may just "float" on the text and get lost halfway. I had such experience.
[Mon May  2 10:21:42 2016] <riaqn> exercise is vital.
[Mon May  2 10:21:46 2016] <benzrf> would i be correct in guessing that the definition of topological spaces is maybe a little seemingly pointless, or?
[Mon May  2 10:23:21 2016] <riaqn> yes in the begining. But after seeing the real analysis as a special case of topology, I thought it's really cool.
[Mon May  2 10:31:37 2016] <benzrf> neat
[Mon May  2 10:31:48 2016] <benzrf> i was just gonna mention an alternative formulation of topologies that i like
[Mon May  2 17:31:05 2016] <benzrf> why do matches sometimes fail to release a definitional equality
[Mon May  2 17:33:55 2016] <johnw> have you read CPDT?
[Mon May  2 17:35:01 2016] <johnw> if I understand your meaning of "release" correctly
[Mon May  2 17:35:23 2016] <benzrf> i have not :>
[Mon May  2 17:35:37 2016] <johnw> I'll start answering questions again after you have :)
[Mon May  2 17:35:55 2016] <benzrf> but i keep wanting to write things as expressions rather than with tactics, and I'm unable to because things wont unify
[Mon May  2 17:35:56 2016] <benzrf> :(
[Mon May  2 17:36:10 2016] <Nik05> hello benzrf and johnw
[Mon May  2 17:36:11 2016] <johnw> now you know where the answer is :)
[Mon May  2 17:36:20 2016] <benzrf> man
[Mon May  2 17:36:28 2016] <benzrf> i just wanna do some set theory in coq
[Mon May  2 17:36:30 2016] <benzrf> not all this
[Mon May  2 17:36:33 2016] <benzrf> "dependent types" shit
[Mon May  2 17:37:50 2016] <benzrf> smdh
[Mon May  2 17:37:51 2016] <johnw> fwiw, what you're asking about is answered by the "convey pattern"
[Mon May  2 17:37:57 2016] <johnw> which CPDT covers in like 6 places
[Mon May  2 17:38:03 2016] <johnw> convoy pattern
[Mon May  2 17:38:11 2016] <benzrf> maybe i should check out agda one of these days
[Mon May  2 17:38:15 2016] <johnw> hi Nik05!
[Mon May  2 17:38:26 2016] <benzrf> i hear it's possible to write functions in it the normal way without ripping your hair out
[Mon May  2 17:38:28 2016] <johnw> agda is good at straight up dependently typed programming
[Mon May  2 17:38:38 2016] <johnw> their dot patterns especially are cool
[Mon May  2 17:39:00 2016] <benzrf> i'll probably *have* to check it out anyway if im gonna be using it as an embedded thingy
[Mon May  2 17:39:04 2016] <benzrf> which i vaguely plan to
[Mon May  2 17:40:17 2016] <benzrf> coinductive types are defined as the terminal type-equipped-with-a-destructor for the destructor implied by the constructors you list, yeah?
[Mon May  2 17:40:42 2016] <johnw> i really don't know what you just said
[Mon May  2 17:40:47 2016] <benzrf> uh
[Mon May  2 17:40:48 2016] <benzrf> wel
[Mon May  2 17:40:50 2016] <benzrf> *well
[Mon May  2 17:41:20 2016] <benzrf> arent inductive types characterized as initial objects in a category of diagrams of their constructors
[Mon May  2 17:42:24 2016] <benzrf> e.g. (nat, O, S) is the initial object in the category of diagrams w/ an endomorphism and a morphism from unit
[Mon May  2 17:42:58 2016] <johnw> i haven't read up on that, so I can't say
[Mon May  2 17:43:06 2016] <benzrf> o
[Mon May  2 17:43:29 2016] <benzrf> well i'm 90% sure that the last line was correct
[Mon May  2 17:44:38 2016] <benzrf> i should come down to boston haskell again sometime soon :]
[Mon May  2 17:44:57 2016] <benzrf> maybe i will finally be able to bicker w/ edwardk and know what the hell im talking about
[Mon May  2 17:45:17 2016] <johnw> where are you now?
[Mon May  2 17:45:26 2016] <benzrf> maine, same as usual
[Mon May  2 17:45:49 2016] <benzrf> convoy pattern looks ugly as all hell
[Mon May  2 17:47:42 2016] <johnw> good lobster?
[Mon May  2 17:48:02 2016] <benzrf> never eaten it
[Mon May  2 17:48:06 2016] <johnw>  WHAT?
[Mon May  2 17:48:18 2016] <benzrf> C:
[Mon May  2 17:48:20 2016] <johnw> that's like living in a place called Chocolopolis and never eating chocolate
[Mon May  2 17:48:30 2016] <benzrf> i dunno, never bothered
[Mon May  2 17:48:35 2016] <johnw> well, do
[Mon May  2 17:56:30 2016] <sanooj> hey
[Mon May  2 17:56:35 2016] <johnw> hi sanooj
[Mon May  2 17:56:52 2016] <sanooj> I'm getting back into my project after a long hiatus
[Mon May  2 17:57:20 2016] <sanooj> I wasn't following the 8.5 stuff nor math-comp/ssreflect-1.6
[Mon May  2 17:57:44 2016] <sanooj> still getting headaches. :)
[Mon May  2 18:00:57 2016] <johnw> i'm dealing with upgrade headaches too
[Mon May  2 18:01:28 2016] <sanooj> is there any reason not to upgrade to 8.5pl1?
[Mon May  2 18:01:39 2016] <johnw> i can't think of one
[Mon May  2 18:01:41 2016] <sanooj> or ssr/mathcomp-1.6?
[Mon May  2 18:01:50 2016] <johnw> 1.6 is a nice upgrade, and is backward compatible
[Mon May  2 18:01:57 2016] <sanooj> I like the new organization in the source repo for 1.6
[Mon May  2 18:04:05 2016] <sanooj> although now that they've merged the code again and shuffled bits around, it turns out I'm still reading ssreflect and haven't clawed myself into mathcomp proper yet. :)
[Mon May  2 18:04:18 2016] <sanooj> I finished binomial.v the other day.
[Mon May  2 18:07:56 2016] <benzrf> how can i "reopen" a module
[Mon May  2 18:08:10 2016] <benzrf> i.e. go back and continue to develop in its scope, from the REPL or another module
[Mon May  2 18:08:12 2016] <benzrf> er, another file
[Mon May  2 18:12:01 2016] <sanooj> can't you juse Open Scope again?
[Mon May  2 18:12:33 2016] <johnw> you can't re-open a module
[Mon May  2 18:12:38 2016] <johnw> you can just make a new module that extends it
[Mon May  2 18:12:46 2016] <johnw> by Include'ing the original module
[Mon May  2 18:12:54 2016] <benzrf> poo
[Mon May  2 18:30:08 2016] <sanooj> mh. mathcomp doesn't seem to actually support parallel makes like make -j4 even though the README says to use it
[Mon May  2 18:30:44 2016] <sanooj> there's just one coqtop process running at a time.
[Mon May  2 19:22:01 2016] <benzrf> johnw: so youve never seen the characterization of the naturals as the initial (S, S -> S, 1 -> S) structure?
[Mon May  2 20:00:41 2016] <Nik05> whete can i find what the "in" in "match .. in .. return .. with" does?
[Mon May  2 21:00:15 2016] <jrw> Nik05: cpdt is the best resource I know of. did you have any specific questions?
[Mon May  2 22:02:00 2016] <benzrf> is there any type in vanilla coq + extensionality which is a model of ZFC
[Mon May  2 22:02:12 2016] <benzrf> ± choice
[Mon May  2 22:40:52 2016] <Quiark> anybody here uses (or understands) F*? :)
[Tue May  3 01:53:25 2016] <sanooj> https://team.inria.fr/marelle/en/advanced-coq-winter-school-2016/ woot
[Tue May  3 03:41:19 2016] <notdan> sanooj: this already happened?
[Tue May  3 03:46:03 2016] <sanooj> yes in january. the lecture notes and exercises are online though
[Tue May  3 04:00:43 2016] <Nik05> thank you jrw
[Tue May  3 04:07:44 2016] <Nik05> not really soecific
[Tue May  3 04:07:56 2016] <Nik05> specific
[Tue May  3 07:26:20 2016] <Onemorenickname> Hi guys
[Tue May  3 07:26:32 2016] <Onemorenickname> I was wondering how I could define a set by specification in coq
[Tue May  3 07:27:11 2016] <Onemorenickname> (as, I have a A:Set, and I want to define B:Set as the elements of A such as P a (for a given P:A->Prop))
[Tue May  3 07:32:10 2016] <Cypi> Maybe {x : A | P x} is what you want
[Tue May  3 07:32:17 2016] <Cypi> (the name of this type is "sig")
[Tue May  3 07:37:46 2016] <Onemorenickname> Cypi : Can I cast a sig to set ?
[Tue May  3 07:38:13 2016] <Cypi> If you mean the "Set" of Coq, then you already have "{x : A | P x} : Set" whenever "A : Set"
[Tue May  3 07:38:36 2016] <Onemorenickname> Cypi : Oh, I didnt know
[Tue May  3 07:40:41 2016] <Onemorenickname> Cypi : Thanks !
[Tue May  3 07:40:44 2016] <Onemorenickname> hm
[Tue May  3 07:41:09 2016] <Onemorenickname> Let's say I have B = {x:A|P x}, if I have X:A->Prop, I cant use it on y:B
[Tue May  3 07:47:26 2016] <Cypi> B is indeed a different type. You have to go through "proj1_sig" to get back an A that you can apply X on. If you still want the convenience of writing "X y" directly, you can also do this: http://lpaste.net/162345
[Tue May  3 07:51:37 2016] <Onemorenickname> Oh, nice.
[Tue May  3 07:51:49 2016] <Onemorenickname> I did not know you could do that kind of convenience things
[Tue May  3 07:52:15 2016] <Onemorenickname> Thank you
[Tue May  3 07:53:01 2016] <Onemorenickname> What does mean "@" ?
[Tue May  3 07:53:13 2016] <Cypi> @ is to make every argument explicit
[Tue May  3 07:53:57 2016] <Onemorenickname> i see
[Tue May  3 07:54:05 2016] <Cypi> otherwise, the arguments 'A' and 'P' of "proj1_sig" are implicit, but you cannot really write directly "Definition BtoA : B -> A := proj1_sig."
[Tue May  3 07:54:21 2016] <Cypi> You could also eta-expand this, that would work: "Definition BtoA : B -> A := fun y => proj1_sig y."
[Tue May  3 07:54:47 2016] <Onemorenickname> I understand
[Tue May  3 07:54:48 2016] <Cypi> (in this case, Coq knows that the implicit arguments of "proj1_sig" should be inferred, and it manages to do so thanks to the type of 'y')
[Tue May  3 07:55:20 2016] <Onemorenickname> I dont know how "Parameter" works
[Tue May  3 07:55:27 2016] <Onemorenickname> It does for all A:Set ?
[Tue May  3 07:55:37 2016] <Onemorenickname> Or it's just an example ?
[Tue May  3 07:55:43 2016] <Onemorenickname> (So we have a given A)
[Tue May  3 07:55:47 2016] <Cypi> It's essentially the same as "Axiom" in this case.
[Tue May  3 07:55:57 2016] <Cypi> So yes, just a given A that we know nothing about, except its type
[Tue May  3 07:56:17 2016] <Onemorenickname> Ok, I see
[Tue May  3 07:56:25 2016] <Onemorenickname> Can I do a coercion in a middle of a demonstration ?
[Tue May  3 07:57:01 2016] <Onemorenickname> in fact, I have the goal "exists F:nat->A", but I can only prove "exists F:nat->B", where B is a subset of A.
[Tue May  3 07:57:08 2016] <Onemorenickname> And I'd like the coercion to be done automatically
[Tue May  3 07:57:25 2016] <Onemorenickname> Maybe it requires a tactic, if so, I'll do it by hand
[Tue May  3 08:00:40 2016] <Cypi> Hmm. Wherever you have to give a "nat -> A", giving a "nat -> B" is enough, and the coercion will be introduced automatically
[Tue May  3 08:00:58 2016] <Cypi> so it depends exactly what you mean by "I can only prove "exists F:nat->B"".
[Tue May  3 08:02:22 2016] <Cypi> This works, for instance: http://lpaste.net/162346
[Tue May  3 08:03:22 2016] <Onemorenickname> I see
[Tue May  3 08:03:50 2016] <Onemorenickname> So, in fact, I will have to put the coercion in the middle of the demonstration, and then, i'll be able to do so
[Tue May  3 08:06:16 2016] <Onemorenickname> When I do a definition in a middle of my demonstration (as Definition wtvr (a:A)) and I have A in my hypothesis, I get "The reference A was not found"
[Tue May  3 08:06:31 2016] <Onemorenickname> I think I'll do the demonstration by hand, I'm too new to coq
[Tue May  3 08:07:05 2016] <Cypi> Ah, I misunderstood what you meant. Putting a Definition inside a proof should be considered bad practice, for quick testing
[Tue May  3 08:07:27 2016] <Cypi> and yes, if you do write a Definition in your proof, then it should be closed, as if it was written outside of the proof
[Tue May  3 08:08:06 2016] <Onemorenickname> Cypi : I didnt know it was bad practice
[Tue May  3 08:08:09 2016] <Onemorenickname> Thank you ^^
[Tue May  3 08:14:44 2016] <Onemorenickname> Cypi, given a:A, and P a, how can I get the element of (sig A P), I cant find on https://coq.inria.fr/library/Coq.Init.Specif.html
[Tue May  3 08:23:40 2016] <Cypi> "exist"exist : forall x:A, P x -> sig P.
[Tue May  3 08:23:43 2016] <Cypi> oops. "exist : forall x:A, P x -> sig P.
[Tue May  3 08:24:04 2016] <Cypi> Sorry, wrong manipulation. You're looking for "exist : forall x:A, P x -> sig P"
[Tue May  3 08:27:23 2016] <Onemorenickname> Cypi : That's what I thought
[Tue May  3 08:27:37 2016] <Onemorenickname> I define my set by "Definition nonAcceSet (A:Set) (R:A->A->Prop) : Set := {a : A|~(Acce A R a)}."
[Tue May  3 08:28:08 2016] <Onemorenickname> But when I do "exist (~ Acce A R b)"
[Tue May  3 08:28:15 2016] <Onemorenickname> I get a type error
[Tue May  3 08:29:10 2016] <Cypi> "exist (fun a => ~ (Acce A R a)) a H" where (a : A) and (H : ~ (Acce A R a))
[Tue May  3 08:31:08 2016] <Onemorenickname> oh
[Tue May  3 08:31:16 2016] <Onemorenickname> But, I don't understand why we have to pass that function too
[Tue May  3 08:32:08 2016] <Cypi> You could probably ask Coq to infer it actuall: "exist _ a H"
[Tue May  3 08:32:17 2016] <Cypi> In most cases it will work
[Tue May  3 08:32:26 2016] <Cypi> in some cases, you'll still have to help it
[Tue May  3 08:32:32 2016] <Onemorenickname> I see
[Tue May  3 08:34:04 2016] <Onemorenickname> Thank you for everything ^^
[Tue May  3 08:34:26 2016] <Onemorenickname> In fact, I don't know how I can learn coq .-.
[Tue May  3 08:34:48 2016] <Cypi> I found Software Foundations to be a good introduction
[Tue May  3 08:40:01 2016] <reuben364> Hello. I'm struggling to prove this basic lemma:
[Tue May  3 08:40:23 2016] <reuben364> Theorem bounded_nat_dec : forall (P : nat -> Prop) (p : nat), (forall q, q < p -> {P q} + {~ P q}) -> {forall q, q < p -> P q} + {~ forall q, q < p -> P q}.
[Tue May  3 08:40:23 2016] <reuben364>  
[Tue May  3 08:41:18 2016] <reuben364> plain induction doesn't work.
[Tue May  3 08:42:04 2016] <reuben364> at least on p.
[Tue May  3 08:45:35 2016] <reuben364> or perhaps it does and I'm a noob.
[Tue May  3 08:47:41 2016] <Cypi> Trying it at the moment, I think it should work
[Tue May  3 08:48:44 2016] <Cypi> Yup, it does. Where were you stuck?
[Tue May  3 08:50:43 2016] <reuben364> I guess it is just a logistic thing of getting {(forall q : nat, q < p -> P q)} + {~ (forall q : nat, q < p -> P q)} as assumption from the hypothesis.
[Tue May  3 08:52:05 2016] <Cypi> I just did an "assert (forall q : nat, q < p -> {P q} + {~ P q})."
[Tue May  3 08:52:19 2016] <Cypi> and then "specialize (IHp H0)" (with the correct names for your case)
[Tue May  3 08:52:53 2016] <reuben364> Ah. Thanks
[Tue May  3 08:53:08 2016] <reuben364> I am not familiar with all the tactics.
[Tue May  3 15:57:55 2016] <johnw> sanooj: sounds like a notational misinterpretation to me
[Tue May  3 15:58:12 2016] <johnw> try using explicit scopes: (p ==> ...)%type
[Tue May  3 16:03:07 2016] <sanooj> coq's CHANGES file says ==> is now right associative at level 55 in signature_scope. lemme check what it is in mathcomp
[Tue May  3 16:06:05 2016] <sanooj> same.
[Tue May  3 16:06:56 2016] <sanooj> except it's in bool_scope.
[Tue May  3 16:09:07 2016] <sanooj> mh, and the CHANGES entry is under 8.1 -> 8.2 :|
[Tue May  3 16:19:53 2016] <johnw> right, ==> only comes in if you import the right module though, I thought
[Tue May  3 16:20:01 2016] <johnw> I use it for defining setoid morphism signatures
[Tue May  3 16:54:25 2016] <sanooj> it's in ssrbool, so it's not exactly an obscure module.
[Tue May  3 17:06:05 2016] <johnw> oh, I see
[Tue May  3 17:06:10 2016] <johnw> it's a notation from ssreflect
[Tue May  3 17:06:21 2016] <johnw> do this: Locate Notation "==>".
[Tue May  3 17:06:31 2016] <johnw> see which one you're actually using in that lemma
[Tue May  3 17:10:09 2016] <sanooj> Locate Notation doesn't work for me, but Locate "==>" give me this: http://pastebin.ca/3590051
[Tue May  3 17:10:18 2016] <sanooj> I think that says ==> should be from ssrbool.
[Tue May  3 17:10:24 2016] <johnw> hmm
[Tue May  3 17:10:47 2016] <johnw> why then is it inferring the type of p to be Type?
[Tue May  3 17:10:57 2016] <johnw> try an explicit type annotation (p : bool)
[Tue May  3 17:12:16 2016] <sanooj> if you have math-comp installed you can try it yourself: http://pastebin.ca/3590053
[Tue May  3 17:12:31 2016] <sanooj> yeah, adding (p:bool) works fine, but I don't think that's what ought to be happening.
[Tue May  3 17:13:16 2016] <johnw> what do you think should be happening?
[Tue May  3 17:13:39 2016] <sanooj> I think the ==> notation should be read as implb and that should trigger p to be inferred as bool.
[Tue May  3 17:14:48 2016] <johnw> try replacing the notation with implb
[Tue May  3 17:14:51 2016] <johnw> and see if that actually happens
[Tue May  3 17:15:39 2016] <sanooj> oh, it doesn't...
[Tue May  3 17:16:13 2016] <sanooj> it again says the same error: The term "p" has type "Type" while it is expected to have type "bool".
[Tue May  3 17:17:35 2016] <johnw> do a Print implb
[Tue May  3 17:17:44 2016] <johnw> make sure there isn't a parameter there that should be implicit
[Tue May  3 17:18:37 2016] <sanooj> doesn't look like it. it says "implb  = fun b1 b2 : bool => if b1 then b2 else true : bool -> bool -> bool"
[Tue May  3 17:19:22 2016] <sanooj> the "p -> ..." part is likely intended to be read as "(is_true p) -> ..."
[Tue May  3 17:19:42 2016] <sanooj> if I actually replace the p -> with (is_true p) -> then coq is happy.
[Tue May  3 17:19:52 2016] <johnw> hmm
[Tue May  3 17:20:00 2016] <sanooj> so probably not a notations issue after all.
[Tue May  3 17:20:38 2016] <sanooj> did you get 8.5 installed?
[Tue May  3 17:22:39 2016] <johnw> yeah, I have 8.5pl1 and mathcomp-1.6
[Tue May  3 17:22:51 2016] <johnw> but I'm working on an issue with an 8.4 project right now
[Tue May  3 17:22:57 2016] <sanooj> ok.
[Tue May  3 17:52:03 2016] <Nik05> Cypi and Onemorenickname ah i missed the talk about Sets. Cypi any specific documentation on this?
[Tue May  3 17:52:45 2016] <Nik05> Sofware Foundations is a good introduction to this?
[Tue May  3 17:55:54 2016] <johnw> not sure that SF goes into sets
[Tue May  3 17:55:57 2016] <johnw> Coq calls them Ensembles
[Tue May  3 18:01:31 2016] <Nik05> thank you johnw
[Tue May  3 18:02:12 2016] <Nik05> nice french name :P
[Tue May  3 18:03:25 2016] <Nik05> and { a | P b } is not an ensemble?
[Tue May  3 18:03:34 2016] <johnw> no, that's a sigma type
[Tue May  3 18:03:39 2016] <johnw> type "sig"
[Tue May  3 18:03:44 2016] <johnw> just "P" would be the ensemble
[Tue May  3 18:03:49 2016] <johnw> an esemble is also a predicate
[Tue May  3 18:03:55 2016] <johnw> since it predicates the members of the set
[Tue May  3 18:04:01 2016] <Nik05> oke
[Tue May  3 18:04:30 2016] <johnw> so, Ensembles.In _ x xs is identical to "xs x"
[Tue May  3 18:04:34 2016] <johnw> it takes some getting used to :)
[Tue May  3 18:04:37 2016] <Nik05> How does this correlate with mathematical sets?
[Tue May  3 18:04:48 2016] <johnw> the only thing you can know about a mathematical set is its membership
[Tue May  3 18:04:54 2016] <johnw> so, that's the only information an Ensemble can give you
[Tue May  3 18:05:05 2016] <johnw> however, you can't enumerate an Ensemble
[Tue May  3 18:05:22 2016] <Nik05> oke, and coq's Sets are?
[Tue May  3 18:05:33 2016] <johnw> Set is a "sort", a universe of type
[Tue May  3 18:05:35 2016] <johnw> s
[Tue May  3 18:06:25 2016] <johnw> it's also related to mathematical sets
[Tue May  3 18:06:38 2016] <Nik05> Oké :P
[Tue May  3 18:06:47 2016] <johnw> think of an Ensemble as a reified set, though, something you can treat as a value
[Tue May  3 18:07:17 2016] <johnw> well, in a way
[Tue May  3 18:07:23 2016] <johnw> Ensembles have no computational meaning
[Tue May  3 18:08:12 2016] <Nik05> oh sig, stands for signature
[Tue May  3 18:08:29 2016] <Nik05> Im reading some wikipedia
[Tue May  3 18:08:46 2016] <johnw> does it?
[Tue May  3 18:08:52 2016] <Nik05> I think it does
[Tue May  3 18:08:57 2016] <johnw> I thought it stood for sigma
[Tue May  3 18:08:58 2016] <Nik05> It does not?
[Tue May  3 18:09:00 2016] <Nik05> oh
[Tue May  3 18:09:28 2016] <Nik05> Oh it does
[Tue May  3 18:11:10 2016] <johnw> the two basic dependent types are Pi and Sigma
[Tue May  3 18:11:26 2016] <johnw> although, in Coq's type theory, Sigma can be expressed in terms of Pi, because it has inductive types
[Tue May  3 18:11:39 2016] <Nik05> What is Pi?
[Tue May  3 18:11:44 2016] <johnw> "forall"
[Tue May  3 18:11:48 2016] <johnw> universal quantification
[Tue May  3 18:12:03 2016] <johnw> also written Π a b, a → b
[Tue May  3 18:12:05 2016] <johnw> in some texts
[Tue May  3 18:12:25 2016] <johnw> if you read the HoTT book, you'll see Π and Σ everywhere, meaning "forall" and "exists"
[Tue May  3 18:13:31 2016] <Nik05> oh oke, thank you
[Tue May  3 18:17:27 2016] <Nik05> Why do they use set notation for sigma types and are sets called ensembles? :P
[Tue May  3 18:18:07 2016] <johnw> well, it's not really set notation
[Tue May  3 18:18:19 2016] <johnw> { x | x < 10 } doesn't mean all numbers less than ten
[Tue May  3 18:18:28 2016] <johnw> it means just one number less than 10
[Tue May  3 18:18:34 2016] <johnw> I agree it _looks_ like set notation
[Tue May  3 18:18:54 2016] <johnw> and in a sense it's similar, because as an existential you don't know which number it is, so in a way it refers to all of them
[Tue May  3 18:18:54 2016] <Nik05> so ∃ x, x < 10 ?
[Tue May  3 18:18:57 2016] <johnw> maybe that's the connection
[Tue May  3 18:18:58 2016] <johnw> yeah
[Tue May  3 18:19:05 2016] <johnw> there are three sigmas in Coq
[Tue May  3 18:19:06 2016] <Nik05> its the same?
[Tue May  3 18:19:07 2016] <johnw> exists x, x < 10
[Tue May  3 18:19:10 2016] <johnw> {x | x < 10}
[Tue May  3 18:19:13 2016] <johnw> {x & x < 10}
[Tue May  3 18:19:23 2016] <johnw> they are all different in their relationship to Type and Prop
[Tue May  3 18:19:32 2016] <johnw> but they all effectively just mean "exists"
[Tue May  3 18:19:44 2016] <Nik05> strange
[Tue May  3 18:20:27 2016] <Nik05> or is the a { x : x < 10 }, oh wait cant use : for this :P
[Tue May  3 18:20:32 2016] <johnw> to say "every number less than 10" as an Ensemble, you'd just write this:
[Tue May  3 18:20:43 2016] <johnw> Definition less_than (n : nat) : Prop := n < 10.
[Tue May  3 18:20:55 2016] <Nik05> ah right
[Tue May  3 18:21:10 2016] <johnw> because that uses "forall", not "exists"
[Tue May  3 18:22:11 2016] <Nik05> But in mathematics this is noted as { n ε N : n < 10 } right?
[Tue May  3 18:22:17 2016] <Nik05> sorry cant find the right epsilon
[Tue May  3 18:22:31 2016] <johnw> ∈
[Tue May  3 18:22:46 2016] <Nik05> its somewhere in my compose key list :)
[Tue May  3 18:23:01 2016] <johnw> I type "\in"
[Tue May  3 18:24:23 2016] <Nik05> ϵ
[Tue May  3 18:24:27 2016] <Nik05> looks different
[Tue May  3 18:24:29 2016] <johnw> yeah
[Tue May  3 18:25:01 2016] <Nik05> ah for me its WIN -> i -> n
[Tue May  3 18:25:03 2016] <Nik05> in :P
[Tue May  3 18:25:06 2016] <Nik05> ∈
[Tue May  3 18:25:19 2016] <johnw> ah
[Tue May  3 18:25:29 2016] <Nik05> ∉
[Tue May  3 18:25:33 2016] <johnw> lol
[Tue May  3 18:26:09 2016] <Nik05> ∋ win -> n -> i
[Tue May  3 18:26:48 2016] <Nik05> what that is how they note it, right?
[Tue May  3 18:26:50 2016] <johnw> that's cute, \ni works too
[Tue May  3 18:26:54 2016] <Nik05> :P
[Tue May  3 18:27:09 2016] <johnw> { x | x ∈ ℕ, x < 10 }
[Tue May  3 18:27:22 2016] <Nik05> oh right
[Tue May  3 18:27:49 2016] <Nik05> oke I have to remove this from my head, { x | P x} is not set notation in qoq
[Tue May  3 18:28:31 2016] <Nik05> well thank you johnw
[Tue May  3 18:28:38 2016] <johnw> sure
[Tue May  3 21:20:25 2016] <benzrf> hi, any clever ppl willing to explain to me how natural induction follows from initiality as an algebra
[Tue May  3 21:25:36 2016] <johnw> benzrf: isn't induction in that sense just a catamorphism?
[Tue May  3 21:25:47 2016] <benzrf> whats a catamorphism
[Tue May  3 21:25:53 2016] <johnw> more reading for you!
[Tue May  3 21:25:57 2016] <benzrf> in the category sense i mean
[Tue May  3 21:26:05 2016] <benzrf> im vaguely aware that its a term related to structural induction
[Tue May  3 21:26:09 2016] <johnw> it's a morphism in the category of F-Algebras
[Tue May  3 21:26:17 2016] <benzrf> just any one?
[Tue May  3 21:26:19 2016] <johnw> from the initial object
[Tue May  3 21:26:34 2016] <johnw> so, for lists, it's foldr
[Tue May  3 21:26:47 2016] <johnw> and if your result type is Prop, then foldr is induction
[Tue May  3 21:26:53 2016] <benzrf> hm
[Tue May  3 21:27:02 2016] <johnw> induction is nothing special
[Tue May  3 21:27:12 2016] <benzrf> yeah
[Tue May  3 21:27:17 2016] <johnw> which is kind of awesome
[Tue May  3 21:27:24 2016] <benzrf> hold on tho
[Tue May  3 21:28:59 2016] <benzrf> how does that play with dependent product in a way that gets you induction and not just a boring non dependent fold
[Tue May  3 21:29:31 2016] <johnw> by being a dependent fold
[Tue May  3 21:29:35 2016] <johnw> look at the type of "nat_ind", for example
[Tue May  3 21:29:47 2016] <benzrf> i know
[Tue May  3 21:29:51 2016] <benzrf> im asking how does this work categorically
[Tue May  3 21:30:03 2016] <johnw> then I don't understand the question
[Tue May  3 21:30:33 2016] <benzrf> hmm, maybe im really asking "how do you do dependent stuff from a categorical perspective"
[Tue May  3 21:30:53 2016] <johnw> you pick a category that has dependent products
[Tue May  3 21:31:41 2016] <johnw> https://ncatlab.org/nlab/show/categorical+model+of+dependent+types
[Tue May  3 21:31:50 2016] <benzrf> * clicks with trepidation
[Tue May  3 21:33:57 2016] <riaqn> johnw: recently I reads about topology/algebra/category/type theory on web, and it gave me the feeling that they 're all inter connected...
[Tue May  3 21:34:08 2016] <johnw> they most certainly are
[Tue May  3 21:34:35 2016] <benzrf> "topology/algebra" is like an appreciable portion of "math"
[Tue May  3 21:36:03 2016] <riaqn> so I feel overwhelmed that I have to learn so many things, to know type theory.
[Tue May  3 21:36:21 2016] <johnw> or rather, think that life has many interesting evenings ahead of you
[Tue May  3 21:36:34 2016] <johnw> whatever you think you don't know now, will seem like nothing soon
[Tue May  3 21:37:47 2016] <riaqn> I believe so. :-)
[Tue May  3 21:41:40 2016] <johnw> fortunately, as it all starts connecting together, it starts becoming true that learning one thing is actually learning 10 things at once
[Tue May  3 21:50:04 2016] <benzrf> >That is, if a type A corresponds to an object in some category, then a dependent type (x:A)⊢(B(x)type) (x:A) \;\vdash\; (B(x) \;type) corresponds to a morphism B→A in that category.
[Tue May  3 21:50:06 2016] <benzrf> ??????
[Tue May  3 21:51:09 2016] <johnw> why is that a problem?
[Tue May  3 21:52:04 2016] <benzrf> i dont understand at all what this means
[Tue May  3 21:54:13 2016] <benzrf> ok this is all way over my head
[Tue May  3 21:54:16 2016] <johnw> bear in mind that morphisms can have as much structure as you like
[Tue May  3 21:54:29 2016] <johnw> so long as they honor the composition and identity laws
[Tue May  3 21:56:44 2016] <benzrf>  i kno
[Tue May  3 21:56:53 2016] <benzrf> its not that i couldnt unwind the definitions if i absolutely had  to
[Tue May  3 21:57:09 2016] <benzrf> its just that theres entire towers of abstraction here that i havent wrapped my head around
[Tue May  3 21:57:18 2016] <benzrf> so even if i did work out the actual definitions, theyd be meaningless to me
[Tue May  3 21:58:01 2016] <johnw> well, if that's the case, I can't unwind them for you in a few lines on IRC
[Tue May  3 21:58:04 2016] <johnw> you'll have to work these out
[Tue May  3 21:58:41 2016] <benzrf> well, i wasnt asking you to :P
[Tue May  3 22:02:43 2016] <johnw> well, in that case, m'k :)
[Wed May  4 00:34:35 2016] <johnw> b.org
[Wed May  4 07:40:03 2016] <jstolarek> I have a hypothesis H : forall x, ... and I want to do "induction (H e)" where e is a unification variable
[Wed May  4 07:40:09 2016] <jstolarek> how can I achieve that?
[Wed May  4 07:42:32 2016] <Cypi> Maybe "einduction H" ?
[Wed May  4 07:43:43 2016] <jstolarek> Ha! I should have thought about it ...
[Wed May  4 21:15:54 2016] <Fare> Hi.
[Wed May  4 21:16:41 2016] <Fare> I haven't used Coq in over ten years, and want to use it to prove some trivial theorems about operational semantics.
[Wed May  4 21:17:02 2016] <Fare> I'd like to model my operational semantics as categories.
[Wed May  4 21:17:18 2016] <Fare> What is the correct place to start from?
[Wed May  4 21:17:43 2016] <Fare> I see that the HoTT variant of Coq seems to have much more theories for Categories.
[Wed May  4 21:19:02 2016] <benzrf> Fare: well, then you'll have to learn HoTT :)
[Thu May  5 16:43:15 2016] <reuben364> Where in the coq libraries could forall a b : nat, {a < b} + {b <= a} be found? I could only find lt_ge_cases in Prop.
[Thu May  5 16:45:10 2016] <benzrf> reuben364: you can try [SearchAbout le.] to get a massive scrollback-filling list of definitions whose type uses le
[Thu May  5 16:45:18 2016] <benzrf> and then ctrl+f for 'dec' (decidable)
[Thu May  5 16:45:22 2016] <arcatan> reuben364: le_lt_dec https://coq.inria.fr/library/Coq.Arith.Compare_dec.html
[Thu May  5 16:45:37 2016] <benzrf> there's probably a better way to search but i'm not the most knowledgable :>
[Thu May  5 16:46:01 2016] <reuben364> Ah. Thanks arcatan and benzrf.
[Thu May  5 16:46:44 2016] <arcatan> the problem with the search commands is that you have to have imported the module you're looking for
[Thu May  5 16:47:33 2016] <arcatan> i don't know a good solution for searching all the modules
[Thu May  5 16:48:13 2016] <arcatan> (btw, i wrote this short tutorial about coq search commands: http://quanttype.net/posts/2016-04-19-finding-that-lemma.html)
[Thu May  5 16:48:33 2016] <benzrf> actually! you only need to have the module loaded somewhere
[Thu May  5 16:48:39 2016] <benzrf> you don't need to import it yourself
[Thu May  5 16:48:44 2016] <arcatan> right, loaded, not imported
[Thu May  5 16:48:59 2016] <benzrf> that's important, cause
[Thu May  5 16:49:15 2016] <benzrf> if you import, say, Nat, it'll require a bunch of other modules while it's at it
[Thu May  5 16:49:33 2016] <benzrf> and then if you SearchAbout, you'll probably find what you're looking for (if it's mostly about nats)
[Thu May  5 16:50:38 2016] <arcatan> yea
[Thu May  5 16:57:40 2016] <reuben364> Also, is there a shorter way of auto solving a trival goal when specializing an assumption instead of: assert a : A. auto. specialize (H a). clear a.
[Thu May  5 16:58:57 2016] <jrw> reuben364: you could try [specialize (H ltac:(auto)).]
[Thu May  5 16:59:12 2016] <jrw> (requires coq 8.5)
[Thu May  5 16:59:18 2016] <benzrf> ohh!!
[Thu May  5 16:59:26 2016] <reuben364> So you can embed tactics in gallina terms. Exactly what I was hoping for.
[Thu May  5 16:59:31 2016] <benzrf> i was actually thinking the other day about if it was possibe to embed tactics
[Thu May  5 16:59:32 2016] <benzrf> nice
[Thu May  5 16:59:38 2016] <jrw> yeah, new in 8.5
[Thu May  5 17:00:23 2016] <benzrf> reuben364: could you do specialize (@H A _)
[Thu May  5 17:00:55 2016] <reuben364> Wouldn't that have to be solved with unification?
[Thu May  5 17:02:48 2016] <benzrf> what do you mean
[Thu May  5 17:05:51 2016] <reuben364> Underscores in gallina terms mean that argument can be resolved using type inference, so it won't try a proof-search or introduce a new subgoal.
[Thu May  5 17:08:07 2016] <benzrf> i think it's actually more powreful than that... one sec, let me try something
[Thu May  5 17:09:04 2016] <benzrf> ok nvm looks like you're right >.<
[Thu May  5 17:09:06 2016] <benzrf> kk
[Thu May  5 17:13:21 2016] <johnw> reuben364: there's also: evar (a : A). specialize (H a).
[Thu May  5 17:14:01 2016] <reuben364> johnw: awesome
[Thu May  5 18:12:42 2016] <stelleg> ls
[Thu May  5 18:12:47 2016] <stelleg> whoops
[Fri May  6 03:37:21 2016] <jstolarek> Reserved Notation "Gamma '|-' t '\in' T" (at level 40).
[Fri May  6 03:37:34 2016] <jstolarek> Software Foundations introduces notation above
[Fri May  6 03:38:14 2016] <jstolarek> unfortunatelly, use of '|-' collides with Ltac's match goal [ H : ... |- _ ] => ...
[Fri May  6 03:38:32 2016] <jstolarek> Is there a ways to resolve this ambiguity without changing the notation?
[Fri May  6 04:42:29 2016] <jstolarek> * also needs help with this : http://stackoverflow.com/questions/37067923/matching-on-unary-data-constructors-in-ltac
[Fri May  6 04:45:56 2016] <Cypi> jstolarek : in your third branch, would it work to add "match ?C with _ _ => fail end; ..." ?
[Fri May  6 04:46:21 2016] <Cypi> (for the notation, I have no idea, I already had this problem :/ )
[Fri May  6 04:47:43 2016] <jstolarek> * tries
[Fri May  6 04:48:21 2016] <Cypi> I meant "match C with", no '?'
[Fri May  6 04:49:23 2016] <jstolarek> Cypi: no, that does not seem to work
[Fri May  6 04:49:32 2016] <jstolarek> unless I've made some mistake
[Fri May  6 04:49:52 2016] <Cypi> Hmm. Let me try to put together some code so that I can actually test it ^^
[Fri May  6 04:49:56 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/162548
[Fri May  6 04:50:06 2016] <jstolarek> is that what you meant?
[Fri May  6 04:50:15 2016] <Cypi> that's what I meant, yes
[Fri May  6 04:50:36 2016] <Cypi> Ah wait, of course that cannot work. Now the third branch is never taken I guess, right?
[Fri May  6 04:51:31 2016] <jstolarek> yes
[Fri May  6 04:52:01 2016] <Cypi> So, maybe: match C with _ _ => fail 1 | _ => idtac end
[Fri May  6 04:52:13 2016] <Cypi> (yup, that does seem convoluted, maybe there is a batter way, but I don't know it...)
[Fri May  6 04:53:05 2016] <jstolarek> yes, that works
[Fri May  6 04:53:11 2016] <jstolarek> but that makes me think
[Fri May  6 04:53:24 2016] <jstolarek> what is the semantics of pattern matching in Ltac? :-/
[Fri May  6 04:54:06 2016] <Cypi> I couldn't do a detailed explanation, but if you have a precise question (regarding this example in particular), maybe I can answer it
[Fri May  6 04:54:49 2016] <jstolarek> well, why does ?C ?t match a binary constructor?
[Fri May  6 04:55:30 2016] <jstolarek> another question is why does your solution work, ie. what is  the meaning of _ _ in the pattern match ?
[Fri May  6 04:56:11 2016] <Cypi> If your term is "C1 a b" (with C1 a binary constructor), then ?C ?t will bind C to "C1 a" and t to "b", because it sees the term as ((C1 a) b)
[Fri May  6 04:56:34 2016] <Cypi> A function applied to two arguments, is the same as a function applied to one argument, which is then applied to another argument
[Fri May  6 04:56:42 2016] <jstolarek> ok, I understand, but this is horrible...
[Fri May  6 04:57:00 2016] <Cypi> The meaning of "_ _" is basically the same as "?C ?t": it's trying to destruct C further into an application
[Fri May  6 04:57:13 2016] <jstolarek> but
[Fri May  6 04:57:18 2016] <Cypi> if we can do it, then it means that we were having at least two applied arguments originally
[Fri May  6 04:57:22 2016] <jstolarek> ah, I see
[Fri May  6 04:57:27 2016] <jstolarek> makes sense
[Fri May  6 04:57:37 2016] <jstolarek> but again, this is just horrible...
[Fri May  6 04:57:38 2016] <Cypi> I don't think it's horrible, this is basically currying
[Fri May  6 04:57:54 2016] <jstolarek> I wouldn't expect that from pattern matching
[Fri May  6 04:57:57 2016] <Cypi> Functions with two arguments are just a special case of functions with one argument
[Fri May  6 04:58:03 2016] <jstolarek> perhaps I've spent too much time with Haskell
[Fri May  6 04:58:35 2016] <Cypi> Hmm, I get your meaning. But still, I think doing the opposite would be just as bad or even worse
[Fri May  6 04:59:10 2016] <Cypi> Sometimes I want to match on a function applied to some arguments, but I don't know if it will be applied to more arguments or not (and I don't care)
[Fri May  6 05:00:00 2016] <jstolarek> I guess the best solution would be to have some control over that
[Fri May  6 05:01:07 2016] <Cypi> On the other hand, I don't think it would be difficult to implement some "exact number of arguments" match
[Fri May  6 05:01:53 2016] <jstolarek> meaning as an Ltac tactic?
[Fri May  6 05:02:26 2016] <Cypi> I was thinking more of something in OCaml to add a syntax for that to Ltac
[Fri May  6 05:02:50 2016] <jstolarek> that's above my paygrade
[Fri May  6 05:02:59 2016] <Cypi> Ahah, I wasn't suggesting you should do it :p
[Fri May  6 05:03:04 2016] <jstolarek> :-)
[Fri May  6 05:03:23 2016] <jstolarek> Anyway, I extracted your solution as an "assert_unary" Ltac procedure
[Fri May  6 05:03:32 2016] <jstolarek> should make my life easier
[Fri May  6 05:06:51 2016] <Cypi> You could actually write a tactic in Ltac that succeeds only if you have the correct number of arguments: http://lpaste.net/162550
[Fri May  6 05:07:01 2016] <Cypi> (this is just a more general version of this match)
[Fri May  6 05:07:14 2016] <Cypi> of course it won't do any bindings, it just acts as a check
[Fri May  6 05:10:12 2016] <jstolarek> done :-)
[Fri May  6 06:09:57 2016] <jstolarek> can I somehow inspect contents of Hint databases?
[Fri May  6 06:11:05 2016] <arcatan> maybe Print Hint * or Print HintDb name
[Fri May  6 06:17:07 2016] <jstolarek> I was thinking about inspecting hints in an Ltac procedure
[Fri May  6 06:17:17 2016] <jstolarek> but perhaps that's not the best idea
[Fri May  6 06:17:23 2016] <jstolarek> anyway
[Fri May  6 06:17:46 2016] <jstolarek> I have formulated a theorem that says something leads to False
[Fri May  6 06:18:07 2016] <jstolarek> now I would like Coq to automatically spot situations where that something appears as a premise
[Fri May  6 06:18:26 2016] <jstolarek> and apply my theorem to introduce False as a premise and then do inversion on False
[Fri May  6 06:18:30 2016] <jstolarek> how can I do that?
[Fri May  6 06:18:36 2016] <Nik05> morgen
[Fri May  6 06:25:26 2016] <Cypi> jstolarek : maybe this works for you? http://lpaste.net/162554
[Fri May  6 06:26:35 2016] <Cypi> Well, at this point I guess even this would work:
[Fri May  6 06:26:36 2016] <Cypi> solve [repeat (intro; try now elim foo_False)].
[Fri May  6 06:28:58 2016] <jstolarek> Cypi: yes, that would work
[Fri May  6 06:29:20 2016] <jstolarek> but what I am looking for is a way to use my theorem with auto/eauto
[Fri May  6 06:29:31 2016] <Cypi> oh x)
[Fri May  6 06:29:35 2016] <jstolarek> I mean
[Fri May  6 06:30:31 2016] <jstolarek> I was thinking of some way where I would not have to explicitly insert my lemma into a proof
[Fri May  6 06:30:48 2016] <jstolarek> hoping that it gets picked up from the hint database by auto
[Fri May  6 06:32:22 2016] <Cypi> So, the dirty solution "Hint Extern 1 => solve [repeat (intro; try now elim foo_False)]." would work.
[Fri May  6 06:32:29 2016] <Cypi> It means that auto will try this anytime you call it
[Fri May  6 06:33:21 2016] <Cypi> you can wrap the solve in a "match goal with |- context [foo] => ... end" to make it more efficient (it will only try it if "foo" appears somewhere in the goal)
[Fri May  6 06:33:37 2016] <jstolarek> yes, I guess that would work :-)
[Fri May  6 06:33:53 2016] <Cypi> It's not perfect, it will attempt this even if "foo" is in a positive position, but well...
[Fri May  6 06:34:48 2016] <jstolarek> btw
[Fri May  6 06:34:54 2016] <jstolarek> what is "now" ?
[Fri May  6 06:34:59 2016] <jstolarek> in "try now"
[Fri May  6 06:36:20 2016] <Cypi> "now t" is a tactic notation for "t; easy", and easy is a simpler version of auto to finish trivial proofs
[Fri May  6 06:36:31 2016] <Cypi> now will fail if it cannot finish the proof
[Fri May  6 06:37:04 2016] <Cypi> It's actually implemented with Ltac, so it's readable ^^' https://github.com/coq/coq/blob/trunk/theories/Init/Tactics.v#L169
[Fri May  6 06:37:26 2016] <jstolarek> thanks :-)
[Fri May  6 06:37:31 2016] <jstolarek> is auto also implemented in Ltac?
[Fri May  6 06:37:37 2016] <Cypi> no
[Fri May  6 06:38:46 2016] <jstolarek> :<
[Fri May  6 06:39:29 2016] <Cypi> I don't think you can do things as complicated as going through Hint databases and such in Ltac
[Fri May  6 06:40:43 2016] <jstolarek> too bad
[Fri May  6 06:40:50 2016] <jstolarek> that would be a way to write a custom auto
[Fri May  6 06:41:18 2016] <Cypi> Some people think and work towards having an actual programming language instead of Ltac, but it's still a complicated and open-ended matter
[Fri May  6 06:41:48 2016] <Cypi> (I mean, transforming Ltac into an actual programming language, not embedding another programming language)
[Fri May  6 06:42:38 2016] <jstolarek> what do you mean by embedding?
[Fri May  6 06:42:55 2016] <jstolarek> (I am unfamiliar with internal implementation of Coq but I'm curious)
[Fri May  6 06:43:31 2016] <Cypi> I mean you could say "Well, let's take something like Ruby, put together an API for manipulating the current goal and state of the proof, and there you go, the user can write some Ruby instead of tactics." It would one possible solution, but I don't think those people want that
[Fri May  6 13:28:47 2016] <schoppenhauer> per default, coq does not have functional extensionality, right?
[Fri May  6 13:29:07 2016] <schoppenhauer> (except probably for the HOTT-patches)
[Fri May  6 13:45:06 2016] <benzrf> schoppenhauer: it does not
[Fri May  6 13:45:21 2016] <benzrf> i think it's in the stdlib though
[Fri May  6 13:45:29 2016] <benzrf> (as an importable axiom, i mean)
[Fri May  6 13:58:39 2016] <schoppenhauer> ok.
[Fri May  6 13:58:40 2016] <schoppenhauer> thx.
[Fri May  6 14:02:07 2016] <benzrf> np
[Sat May  7 01:48:41 2016] <Fare> hi again
[Sat May  7 15:05:06 2016] <pyon> Is total induction defined anywhere as a tactic?
[Sat May  7 15:05:38 2016] <pyon> Or perhaps as a theorem.
[Sat May  7 15:07:29 2016] <pyon> As in, “Theorem total_ind p : (forall n, (forall m, m < n -> p m) -> p n) -> (forall n, p n).”, with a corresponding proof, of course.
[Sat May  7 15:37:23 2016] <jrw> pyon: not sure if it's in the stdlib, but you can prove it like this http://lpaste.net/162627
[Sun May  8 13:20:07 2016] <benzrf> the [Function] command is so neat
[Sun May  8 16:08:14 2016] <mietek> https://www.ps.uni-saarland.de/autosubst/
[Sun May  8 16:08:16 2016] <mietek> This seems nice
[Mon May  9 05:38:26 2016] <jstolarek> I have a hypothesis H : true = true -> A \/ B
[Mon May  9 05:38:31 2016] <jstolarek> and my goal is A
[Mon May  9 05:38:42 2016] <jstolarek> how do I prove my goal?
[Mon May  9 05:39:00 2016] <jstolarek> I feel this is trivial but I don't see a way to use H :-/
[Mon May  9 05:42:22 2016] <Cypi> If you just have this, you cannot prove your goal, since you cannot know if you actually have A or B
[Mon May  9 05:42:42 2016] <jstolarek> hm... good point
[Mon May  9 05:42:55 2016] <jstolarek> but still
[Mon May  9 05:43:07 2016] <Cypi> To use H, you could do "destruct (H eq_refl)"
[Mon May  9 05:43:23 2016] <jstolarek> is there a way to somehow simplify H to get rid of the trivialy true premise (true=true)?
[Mon May  9 05:43:31 2016] <jstolarek> ah, eq_refl
[Mon May  9 05:43:39 2016] <Cypi> If you just want to remove the premise, "specialize (H eq_refl)" for instance
[Mon May  9 05:46:01 2016] <jstolarek> ok, thanks
[Tue May 10 07:42:34 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/162789
[Tue May 10 07:43:03 2016] <jstolarek> Coq just gave me this result as a list of goals produced be a tactic
[Tue May 10 07:43:13 2016] <jstolarek> this looks like some sort of bug...
[Tue May 10 07:44:59 2016] <jstolarek> and if I type Focus 2 I get "No such goal error"
[Tue May 10 16:39:41 2016] <jrw> jstolarek: what tactic produced that?
[Tue May 10 21:22:36 2016] <johnw> sanity check: should this be provable?  ~ (forall x, P x) <-> exists x, ~ P x
[Tue May 10 21:23:25 2016] <johnw> heh: http://pldev.blogspot.com/2012/03/coq-proving-duality-between-forall-and.html
[Tue May 10 21:26:07 2016] <Cypi> I can confirm that this should not be provable (only the <- part)
[Tue May 10 21:26:22 2016] <Cypi> Ah well, everything is detailed in this blogpost, ok :D
[Tue May 10 21:26:22 2016] <johnw> I can do it easily with Classical.Peirce, but not otherwise
[Tue May 10 21:29:36 2016] <johnw> you mean, only the -> part is not provable
[Tue May 10 21:29:40 2016] <johnw> the <- part is just "firstorder"
[Tue May 10 21:51:03 2016] <jrw> uwverdi
[Tue May 10 21:51:07 2016] <jrw> oops.
[Wed May 11 10:01:53 2016] <jstolarek> jrw: my custom Ltac procedure.  This was some sort of error - I restarted Coq and the proof went through without problems.
[Wed May 11 11:53:17 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/163019
[Wed May 11 11:53:31 2016] <jstolarek> I need some help woith the above
[Wed May 11 11:53:50 2016] <jstolarek> I feel the answer is simple but it eludes me :-/
[Wed May 11 11:54:08 2016] <jstolarek> I have a piece of Ltac code that automates the first proof
[Wed May 11 11:54:37 2016] <jstolarek> and then I have a slightly more complicated proof which I want to automate
[Wed May 11 11:55:30 2016] <jstolarek> one of the problems in the second case is that the order of `destruct (...)` matters
[Wed May 11 13:25:36 2016] <johnw> jstolarek: hi
[Wed May 11 13:40:39 2016] <cswords_> Hi, can someone help me? Coq is complaning that omega was not found in the current environment when I try to compile a file.
[Wed May 11 13:50:24 2016] <johnw> hi cswords_
[Wed May 11 13:50:28 2016] <johnw> did you upgrade to 8.5?
[Wed May 11 13:55:10 2016] <johnw> if you did, just "Require Omega"
[Wed May 11 13:55:16 2016] <johnw> in 8.4, it was visible by default
[Wed May 11 14:21:45 2016] <cswords_> Thanks!
[Thu May 12 13:25:42 2016] <aupiff> hey all, I am going through software foundations and I'm confused by a universe inconsistency errors I'm getting with the `plus'` function defined here: http://lpaste.net/163065
[Thu May 12 13:26:38 2016] <aupiff> I've defined addition on church encoded nats in two different ways which I think should both work, but only the first alternative `plus` seems to do the trick
[Thu May 12 13:39:28 2016] <johnw> hi aupiff!
[Thu May 12 13:40:06 2016] <johnw> aupiff: you can avoid this by lifting the X out of your definition of nat, making it a parameter
[Thu May 12 13:40:08 2016] <johnw> for example:
[Thu May 12 13:40:29 2016] <johnw> https://gist.github.com/9b771ab8d309cbc4d4970573fbeae5b3
[Thu May 12 13:41:08 2016] <johnw> now, the next question is why you're getting the inconsistency
[Thu May 12 13:41:21 2016] <johnw> it's because you've created a scenario where X could be "nat" itself
[Thu May 12 13:41:27 2016] <Cypi> I don't think this work though, since you cannot instantiate X by nat then, if you lift it outside of the definition.
[Thu May 12 13:41:47 2016] <johnw> and the first use of "nat" (the outer use) fixed the universe level of your Type
[Thu May 12 13:41:52 2016] <johnw> Cypi: ah, maybe, I didn't try to use it
[Thu May 12 13:42:07 2016] <johnw> if you have 8.5, you could "Set Universe Polymorphism"
[Thu May 12 13:42:21 2016] <johnw> so that there are dynamically infinitely many versions of "nat", one for each universe level needed
[Thu May 12 13:42:39 2016] <johnw> then nat2 can include nat1, etc.
[Thu May 12 13:42:40 2016] <Cypi> Or just "Polymorphic Definition nat := ... " is enough
[Thu May 12 13:42:50 2016] <johnw> Cypi: is that a new thing in 8.5?
[Thu May 12 13:42:58 2016] <johnw> is that how you set UP for just one definition?
[Thu May 12 13:43:01 2016] <Cypi> Just like universe polymorphism, yes
[Thu May 12 13:43:03 2016] <Cypi> Indeed
[Thu May 12 13:43:13 2016] <johnw> sweet!!
[Thu May 12 13:43:13 2016] <johnw> TIL
[Thu May 12 13:43:14 2016] <johnw> thanks
[Thu May 12 13:43:18 2016] <Cypi> The other way is to make use of the impredicativity of Prop, and making all these definitions in Prop instead of Type
[Thu May 12 13:43:29 2016] <johnw> sure
[Thu May 12 13:44:31 2016] <aupiff> hi johnw! long time no see. thanks for the explanation.
[Thu May 12 13:45:35 2016] <johnw> hi aupiff!  yes, ltns
[Thu May 12 14:50:40 2016] <lorozic> hi, i'm checking out some code in the FCF library and have found a line "eauto with typeclass_instances". It doesn't seem typeclass_instances is part of the library, however I can't seem to find anything in the coq docs. Anyone have any ideas what it means?
[Thu May 12 15:21:02 2016] <cocreature> Hey I’m trying to prove that some datatype is finite but I am getting a weird error http://lpaste.net/163072
[Thu May 12 15:22:08 2016] <cocreature> ah I forgot the name …
[Fri May 13 06:12:03 2016] <jstolarek> johnw: blah, missed your ping yesterday :-)
[Fri May 13 11:13:49 2016] <picolino> Hi there !
[Fri May 13 11:15:00 2016] <picolino> does someone know if  there is a way to control the directory in which coq extract ml files from a _CoqProject file ?
[Fri May 13 12:07:25 2016] <johnw> jstolarek: hi
[Fri May 13 16:38:15 2016] <benzrf> does [Function] generate a theorem to the effect of
[Fri May 13 16:38:38 2016] <benzrf> [your_function x y z = your_function_F your_function x y z]
[Sat May 14 13:12:50 2016] <egdfffghff> Is there coq for android?
[Sat May 14 13:16:24 2016] <RegEchse> i don't know if you mean "as an android app", but in case your question rather is "can i run coq on an android device" the answer is "yes" (i do)
[Sat May 14 13:17:26 2016] <RegEchse> egdfffghff: ^
[Sat May 14 13:17:35 2016] <egdfffghff> How?
[Sat May 14 13:17:53 2016] <RegEchse> using a linux distribution in a chroot environment ...
[Sat May 14 13:18:05 2016] <RegEchse> (i need root access, though)
[Sat May 14 13:18:05 2016] <egdfffghff> I know people installing Debian on their smart phones
[Sat May 14 13:18:12 2016] <RegEchse> yes, for example
[Sat May 14 13:18:18 2016] <egdfffghff> Ah, as I thought, sigh.
[Sat May 14 13:18:28 2016] <egdfffghff> Thanks for sharing anyway.
[Sat May 14 13:18:40 2016] <RegEchse> i sense that's not what you were looking for?
[Sat May 14 13:19:11 2016] <egdfffghff> Yup, android app would much more appealing. :)
[Sat May 14 13:19:30 2016] <RegEchse> anyway, i don't think there is an actual android coq app (but i'm just guessing)
[Sat May 14 13:20:48 2016] <egdfffghff> Would be great to sit on train and work through SF. :)
[Sat May 14 13:20:59 2016] <egdfffghff> Laptops are cumbersome.
[Sat May 14 13:22:04 2016] <RegEchse> Then print it ... :D
[Sat May 14 15:57:43 2016] <benzrf> what approach is generally taken in proof assistants based on undecidable systems?
[Sat May 14 15:57:51 2016] <benzrf> e.g. PRLs
[Sat May 14 15:58:06 2016] <benzrf> rejection of some valid inputs? or failure to halt on some? something else?
[Sun May 15 21:53:54 2016] <tobiasBora> Hello,
[Sun May 15 21:54:14 2016] <tobiasBora> I have an hypothesis "forall P0 Q : Prop, ((P0 -> Q) -> P0) -> P0"
[Sun May 15 21:54:26 2016] <tobiasBora> (it it called pe)
[Sun May 15 21:54:59 2016] <tobiasBora> and I would like to replace the "forall P0" with P (there is an hypothesis P:Prop)
[Sun May 15 21:55:02 2016] <tobiasBora> How could I do that ?
[Sun May 15 23:29:44 2016] <jun__> use tactic "specialize"
[Mon May 16 03:37:50 2016] <tobiasBora> jun__: Great thank you !
[Mon May 16 03:38:13 2016] <tobiasBora> However I don't manage to replace the second variable :
[Mon May 16 03:38:19 2016] <tobiasBora> If I do "  specialize (pe P).
[Mon May 16 03:38:22 2016] <tobiasBora> "
[Mon May 16 03:38:32 2016] <tobiasBora> it does it for the first variable,
[Mon May 16 03:40:19 2016] <tobiasBora> If I do :
[Mon May 16 03:40:22 2016] <tobiasBora>   specialize pe with (Q := P).
[Mon May 16 03:40:43 2016] <tobiasBora> It doesn't do anything
[Mon May 16 03:40:53 2016] <tobiasBora> (no error but no replace)
[Mon May 16 03:42:12 2016] <jun__> i think you have to create a new hypothesis
[Mon May 16 03:42:43 2016] <jun__> something like "pose (pe' := fun P0 => pe P0 P)"
[Mon May 16 03:44:34 2016] <tobiasBora> Hum the result is pretty strange : pose (pe' := fun P0 => pe P0 P)
[Mon May 16 03:45:24 2016] <jun__> ?
[Mon May 16 03:47:28 2016] <tobiasBora> jun__: sorry, this is the result :
[Mon May 16 03:47:30 2016] <tobiasBora> pe' := fun P0 : Prop => pe P0 P : forall P0 : Prop, ((P0 -> P) -> P0) -> P0
[Mon May 16 03:47:49 2016] <jun__> it is what you expected
[Mon May 16 03:48:39 2016] <jun__> to parse it more easily you can ignore it's value (the part between := and the first colon)
[Mon May 16 03:48:47 2016] <jun__> *its
[Mon May 16 03:50:01 2016] <jun__> maybe I didn't understand your problem
[Mon May 16 03:50:07 2016] <tobiasBora> Hum... It's right that it's the more general case...
[Mon May 16 03:51:04 2016] <tobiasBora> jun__: The thing is that since forall commute, I expected a "forall P0 : ((P0 -> P) -> P0) -> P0
[Mon May 16 03:51:25 2016] <jun__> it does not really "commute"
[Mon May 16 03:51:42 2016] <tobiasBora> Is it possible to force the commute ?
[Mon May 16 03:51:57 2016] <tobiasBora> Why doesn't it commute ?
[Mon May 16 03:52:14 2016] <jun__> a proof of type "forall (a : A) (b : B), C" cannot be of type "forall (b : B) (a: A), C"
[Mon May 16 03:52:27 2016] <tobiasBora> forall x y, x > y isn't the same as forall y x, x > y ?
[Mon May 16 03:52:41 2016] <jun__> there are equivalent
[Mon May 16 03:53:04 2016] <jun__> ie there is an implication in both direction
[Mon May 16 03:53:32 2016] <jun__> but basically forall proofs are functions
[Mon May 16 03:53:47 2016] <tobiasBora> And can I do the traduction with "apply XXX in H" ?
[Mon May 16 03:54:08 2016] <jun__> and you cannot freely swap the argument order in a function
[Mon May 16 03:55:31 2016] <jun__> you can do "apply XXX with Q:=P in pe"
[Mon May 16 03:56:43 2016] <tobiasBora> jun__: Ok, thank you.
[Mon May 16 03:57:18 2016] <tobiasBora> By apply, I mean, does a lemma/tactic/... already exists to produce pe'' from pe such that forall are exchanged ?
[Mon May 16 03:57:48 2016] <tobiasBora> Or should I write the proof by myself ?
[Mon May 16 04:00:45 2016] <jun__> I'm not sur if there is
[Mon May 16 04:01:02 2016] <tobiasBora> I need to go, but I will come back earlier so that I can read your answer (if any), so don't worry if I don't answer right now. Anyway, that you so much for your help, it was really usefull !
[Mon May 16 04:01:08 2016] <tobiasBora> jun__: Ok thank you !
[Mon May 16 06:47:14 2016] <gdsfh> hello.  I'm looking for smallest lambda term for "pred_pf n : { n' : nat | n = S n'} + {n = O}".  My version is http://pastebin.com/PWqG5iVB , it uses convoy pattern.  Is it possible to avoid convoy here?  (why smallest? -- I need to evaluate these terms in coq, small -> low memory usage.)
[Mon May 16 06:56:21 2016] <Cypi> Yes gdsfh, you can avoid it in this case. Just remove the "n = n' -> " and the "fun eq =>"
[Mon May 16 06:56:36 2016] <Cypi> as you can see, you haven't used at all "eq" in the two branches
[Mon May 16 07:01:43 2016] <gdsfh> Cypi: thank you!  (really.  feeling dumb.)
[Mon May 16 07:16:04 2016] <jstolarek> johnw: :-) I guess the best way of reaching me is via email, not IRC ;-)
[Mon May 16 13:46:13 2016] <tobiasBora> Hum... Really coq doesn't like me !
[Mon May 16 13:46:55 2016] <tobiasBora> I would like to proove that (not (P -> Q)) -> P /\ not Q.
[Mon May 16 13:47:42 2016] <tobiasBora> * is thinking
[Mon May 16 13:47:52 2016] <Cypi> You can't :)
[Mon May 16 13:49:44 2016] <Cypi> This statement is classical, and by default, Coq is only intuitionnistic
[Mon May 16 13:58:13 2016] <tobiasBora> Cypi: Well, I'm trying to use "Definition classic := forall P:Prop, ~~ P -> P." in addition... But I'm a bit confused...
[Mon May 16 13:58:24 2016] <johnw> you can't Axiom that in
[Mon May 16 13:58:27 2016] <johnw> but you can't prove it
[Mon May 16 13:58:35 2016] <johnw> just defining "classic" won't help you
[Mon May 16 13:59:03 2016] <tobiasBora> johnw: I can't try to prove this :
[Mon May 16 13:59:04 2016] <tobiasBora> Lemma not_imply : classic -> forall (P Q:Prop), not (P -> Q) -> P /\ not Q.
[Mon May 16 13:59:06 2016] <tobiasBora> ?
[Mon May 16 13:59:12 2016] <johnw> oh, you could prove that, sure
[Mon May 16 13:59:18 2016] <tobiasBora> Ok
[Mon May 16 13:59:20 2016] <johnw> it's tricky, but not hard
[Mon May 16 13:59:37 2016] <tobiasBora> Well I tried to use absurd (P -> Q) to do so
[Mon May 16 13:59:48 2016] <johnw> remember: you get to choose P and Q to be whatever you want
[Mon May 16 13:59:52 2016] <tobiasBora> but I don't understand why absurd doesn't put in goal "False"
[Mon May 16 14:00:10 2016] <johnw> use contradiction <name of hypothesis>
[Mon May 16 14:01:14 2016] <tobiasBora> johnw: What should it do ?
[Mon May 16 14:01:35 2016] <johnw> contradiction H assumes that H is something -> False, and then makes something your goal
[Mon May 16 14:01:46 2016] <johnw> where ~ H is the same as H -> False
[Mon May 16 14:01:50 2016] <tobiasBora> Oh...
[Mon May 16 14:02:03 2016] <tobiasBora> I understand a bit better
[Mon May 16 14:02:21 2016] <tobiasBora> And what is the difference between contradiction and absurd ?
[Mon May 16 14:02:26 2016] <johnw> i've never used absurd, actually
[Mon May 16 14:02:49 2016] <tobiasBora> Hum ok.
[Mon May 16 14:03:32 2016] <tobiasBora> * thinks again
[Mon May 16 14:04:30 2016] <stelleg> I have to say I don't see that 'forall P Q, (not (P -> Q)) -> P /\ not Q' holds even with double negation as an axiom
[Mon May 16 14:05:06 2016] <tobiasBora> stelleg: Double negation isn't equivalent to classical logic ?
[Mon May 16 14:05:59 2016] <stelleg> tobiasBora: no idea, I am referring to your definition of "classic" though
[Mon May 16 14:06:18 2016] <stelleg> but if johnw says it's provable it probably is :)
[Mon May 16 14:06:25 2016] <johnw> let me check actualy
[Mon May 16 14:06:34 2016] <johnw> I don't know about ~ (P -> Q) -> P /\ ~ Q
[Mon May 16 14:07:09 2016] <stelleg> yeah
[Mon May 16 14:07:38 2016] <stelleg> I don't think that classic -> ~ (P -> Q) -> P /\ ~ Q.
[Mon May 16 14:07:50 2016] <benzrf> do case analysis on P and Q, treating connectives as boolean operators - does it hold?
[Mon May 16 14:10:03 2016] <johnw> yeah, I can't prove it
[Mon May 16 14:11:05 2016] <tobiasBora> Really ?
[Mon May 16 14:11:16 2016] <tobiasBora> So there is something I don't understand :
[Mon May 16 14:11:21 2016] <johnw> https://gist.github.com/ac4d1ab496bcfe976ffb99ba15b82530
[Mon May 16 14:11:32 2016] <johnw> given classic, here's what I can prove:
[Mon May 16 14:11:33 2016] <johnw> Definition peirce                := forall P Q: Prop, ((P->Q)->P)->P.
[Mon May 16 14:11:35 2016] <johnw> Definition excluded_middle       := forall P :  Prop, P \/ ~P.
[Mon May 16 14:11:37 2016] <johnw> Definition de_morgan_not_and_not := forall P Q: Prop, ~(~P /\ ~Q) -> P\/Q.
[Mon May 16 14:11:38 2016] <johnw> Definition implies_to_or         := forall P Q: Prop, (P->Q) -> (~P\/Q).
[Mon May 16 14:12:07 2016] <johnw> but not ~ (P -> Q) -> P /\ ~Q.  Is that supposed to be an inverted form of implies_to_or?
[Mon May 16 14:12:08 2016] <benzrf> no, it's true
[Mon May 16 14:12:20 2016] <benzrf> from a boolean standpoint
[Mon May 16 14:13:08 2016] <johnw> oh, duh!
[Mon May 16 14:13:11 2016] <johnw> it's provable
[Mon May 16 14:13:11 2016] <benzrf> =)
[Mon May 16 14:13:14 2016] <benzrf> told you~
[Mon May 16 14:13:16 2016] <johnw>   contradiction H0.
[Mon May 16 14:13:16 2016] <johnw>   apply H1.
[Mon May 16 14:13:17 2016] <johnw> Abort.
[Mon May 16 14:13:18 2016] <johnw>  
[Mon May 16 14:13:21 2016] <johnw> sorry,
[Mon May 16 14:13:23 2016] <johnw> https://gist.github.com/99bb58cce5dd08b1140f88cb84e1ef1d
[Mon May 16 14:13:25 2016] <johnw> thanks, benzrf, for keeping me sane
[Mon May 16 14:13:28 2016] <benzrf> no problem :D
[Mon May 16 14:13:57 2016] <tobiasBora> * is studing the proof
[Mon May 16 14:16:20 2016] <tobiasBora> johnw: Where is imply_to_and defined ?
[Mon May 16 14:16:26 2016] <tobiasBora> sorry
[Mon May 16 14:16:48 2016] <johnw> Coq.Logic.Classical
[Mon May 16 14:17:59 2016] <tobiasBora> johnw: In fact I'm trying to show that all definitions are equivalents, that's why I wanted to proof that ^^
[Mon May 16 14:20:10 2016] <tobiasBora> * is re-re-thinking
[Mon May 16 17:43:19 2016] <tobiasBora> I have prooved the property :
[Mon May 16 17:43:21 2016] <tobiasBora> forall P:Prop, (~ (~ ~ P -> P)) /\ (~ P) -> False.
[Mon May 16 17:43:35 2016] <tobiasBora> And in my hypothesis I have :
[Mon May 16 17:44:12 2016] <tobiasBora> H : ~ (~ ~ P -> P)
[Mon May 16 17:44:14 2016] <tobiasBora> H0 : ~ P
[Mon May 16 17:44:41 2016] <tobiasBora> How could I use the above lemma to show that there is a contradiction in my hypothesis
[Mon May 16 17:44:58 2016] <Cypi> You  can start with "exfalso; apply <name of your lemma>"
[Mon May 16 17:45:07 2016] <Cypi> (or, more directly, "elim <name of your lemma>")
[Mon May 16 17:49:33 2016] <tobiasBora> Cypi: I tried but it doesn't work... (or I think I did the wrong thing) You can find my proof here : http://pastebin.com/V2TEg9E6
[Mon May 16 17:50:12 2016] <tobiasBora> And "elim neg_abs" fail with the error : "Error: Unable to find an instance for the variable P."
[Mon May 16 17:50:39 2016] <tobiasBora> and same thing with   exfalso; apply neg_abs.
[Mon May 16 17:51:01 2016] <Cypi> Ah, yes, that's because doesn't know what to put for the variable P here. So, two ways of dealing with it
[Mon May 16 17:51:29 2016] <Cypi> 1) Just specify yourself which one you want: "elim (neg_abs P)" or "exfalse; apply (neg_abs P)"
[Mon May 16 17:52:13 2016] <Cypi> 2) Let Coq put an existential here, which is a way of saying "You don't know yet what to put in here, but some time later in the proof, it will become obvious", by using eelim or eapply
[Mon May 16 17:54:44 2016] <tobiasBora> Cypi: Yeeeeahhhh it works !!! I'm working on this proof for several hours... Thank you :D
[Mon May 16 17:55:10 2016] <Cypi> :)
[Mon May 16 18:01:16 2016] <tobiasBora> Cypi: Elim works with theorems that looks like "prop -> False" ?
[Mon May 16 18:01:55 2016] <Cypi> Yes. Just like apply, it will try to do some clever things when the shape of your theorem isn't directly what is expected
[Mon May 16 18:02:17 2016] <Cypi> like asking you to prove some premises
[Mon May 16 18:04:07 2016] <tobiasBora> Ok ! And when the theorem isn't like "prop -> False" I can't do anything with it using elim or it's more general ?
[Mon May 16 18:05:04 2016] <Cypi> It's more general. Actually, elim is some more basic variant of destruct I believe
[Mon May 16 18:05:21 2016] <Cypi> in your case, "edestruct neg_abs" would have worked just the same
[Mon May 16 18:07:22 2016] <Cypi> (I don't know why I picked up the habit of using "elim H" specifically when H ends with False)
[Mon May 16 18:07:50 2016] <tobiasBora> what does this "e..." means ?
[Mon May 16 18:07:57 2016] <tobiasBora> I see it very often
[Mon May 16 18:08:26 2016] <Cypi> e means existential
[Mon May 16 18:16:35 2016] <tobiasBora> Ok great thank you !
[Mon May 16 19:14:12 2016] <tobiasBora> Is it possible to have info from "tauto" ?
[Mon May 16 19:14:33 2016] <tobiasBora> I tried "info_tauto" and "info tauto".
[Mon May 16 19:17:29 2016] <Cypi> You can try "Info 1 tauto", but I'm not sure you will get much :)
[Mon May 16 19:17:52 2016] <Cypi> The info_* stuff is supposed to be deprecated in 8.5, to be replaced with "Info <level> <tactic>."
[Mon May 16 19:23:26 2016] <tobiasBora> Cypi:   Info 1 tauto. ==> "Error: The reference Info was not found in the current environment."
[Mon May 16 19:23:49 2016] <tobiasBora> Hum
[Mon May 16 19:23:57 2016] <tobiasBora> I'm running 8.4
[Mon May 16 19:26:27 2016] <Cypi> Ah, then you probably cannot. (But then again, don't worry, even in 8.5 I don't know if it gives much ^^ )
[Mon May 16 19:29:35 2016] <Cypi> (Ah well, I stand corrected, it can give some information: http://lpaste.net/163550
[Mon May 16 19:29:55 2016] <Cypi> but it's not very readable nor very reusable
[Tue May 17 07:40:36 2016] <tobiasBora> Ok thank you !
[Tue May 17 10:14:40 2016] <amaurremi> hello! given two variables x and y, how can I split my goal into two, where the first one considers the case when x = y, and the second one considers x <> y?
[Tue May 17 10:15:13 2016] <benzrf> amaurremi: you can't in general unless you have a decision procedure for equality on values of their type
[Tue May 17 10:15:25 2016] <benzrf> the law of excluded middle doesn't hold by default in coq.
[Tue May 17 10:15:41 2016] <benzrf> crap i gotta go - but somebody else will probably help oyu :)
[Tue May 17 10:15:43 2016] <benzrf> *you
[Tue May 17 10:15:50 2016] <amaurremi> right, okay, that makes sense, thanks
[Tue May 17 10:16:32 2016] <benzrf> np
[Tue May 17 10:19:14 2016] <amaurremi> given the goal: (exists x, P1 /\ P2), is it possible to split it up into two goals, (exists x, P1) and (exists x, P2)?
[Tue May 17 10:20:31 2016] <amaurremi> sorry, I guess not, because it has to be the same x. never mind
[Tue May 17 13:54:50 2016] <tobiasBora> A little question : I defined a recursive object, lets call it myobject. When I run "Check myobject_ind", I have the definition that appears, but when I run "Search my_object" I do not have the my_object_ind function
[Tue May 17 13:55:19 2016] <tobiasBora> Is there a way to display this kind of function during searching ?
[Tue May 17 13:59:56 2016] <Cale> tobiasBora: Perhaps SearchAbout myobject. ?
[Tue May 17 17:19:12 2016] <tobiasBora> Cale: I tried but same resul...
[Tue May 17 17:20:40 2016] <tobiasBora> And I have another problem : I have an expression which returns a Prop, like :
[Tue May 17 17:20:46 2016] <tobiasBora> 2 <= 1 \/ ((2 <= 1 -> False) /\ (2 <= 1 -> False)) /\ 5 <= 5
[Tue May 17 17:21:34 2016] <tobiasBora> And I would like to evaluate it to get a bool (false or true)
[Tue May 17 17:22:09 2016] <tobiasBora> I tried Eval compute in, but it doesn't work. Is there anything else I could try ?
[Tue May 17 17:27:41 2016] <benzrf> tobiasBora: Props are not bools
[Tue May 17 17:28:13 2016] <benzrf> coq doesn't run on truth values
[Tue May 17 17:28:54 2016] <benzrf> that expression is already in normal form
[Wed May 18 13:51:30 2016] <jstolarek> if I say:
[Wed May 18 13:51:35 2016] <jstolarek> remember A as B
[Wed May 18 13:51:57 2016] <jstolarek> Coq creates B and extra equality hypithesis H : A = B
[Wed May 18 13:52:07 2016] <jstolarek> can I somehow stop it from creating H ?
[Wed May 18 13:52:54 2016] <Cypi> You can just do "pose proof A as B"
[Wed May 18 13:53:07 2016] <Cypi> or "assert (B := A)"
[Wed May 18 13:57:38 2016] <jstolarek> how does pose proof exactly work?
[Wed May 18 13:58:00 2016] <jstolarek> I'm unable to comprehend the description in the user manual :-/
[Wed May 18 13:58:26 2016] <Cypi> "pose proof t" will really just creates a new hypothesis of the same type as t
[Wed May 18 13:58:35 2016] <Cypi> This is basically an opaque set
[Wed May 18 13:58:59 2016] <Cypi> ("set" as in the tactic)
[Wed May 18 14:01:26 2016] <johnw> I really liked ssreflect's set tactic
[Wed May 18 14:01:29 2016] <johnw> it was beatiful
[Wed May 18 14:01:39 2016] <jstolarek> ok, that makes much more sense than what the user manual says
[Wed May 18 14:07:38 2016] <jstolarek> "Anomaly: variable H unbound. Please report."
[Wed May 18 14:07:49 2016] <jstolarek> sounds like something that shouldn't happen
[Wed May 18 14:08:18 2016] <Cypi> Indeed
[Wed May 18 14:08:24 2016] <Cypi> How did you do that? ^^'
[Wed May 18 14:08:36 2016] <Cypi> Also, are you using 8.5? (I don't remember)
[Wed May 18 14:09:00 2016] <jstolarek> 8.5, yes
[Wed May 18 14:09:04 2016] <jstolarek> you want to see the code?
[Wed May 18 14:09:31 2016] <Cypi> Why not. Anomalies are not supposed to happen :)
[Wed May 18 14:10:00 2016] <jstolarek> give me a moment then. But first let me try an old trick of restaring Coq
[Wed May 18 14:10:03 2016] <jstolarek> sometimes that helps
[Wed May 18 14:11:44 2016] <jstolarek> Cypi: code is here:
[Wed May 18 14:11:46 2016] <jstolarek> https://github.com/jstolarek/sandbox/blob/master/coq/sf/MoreStlc.v
[Wed May 18 14:11:55 2016] <jstolarek> now, three interesting places in that code
[Wed May 18 14:12:06 2016] <jstolarek> Line 446: here's where the error is reported
[Wed May 18 14:12:52 2016] <jstolarek> line 402: here's that tactic that causes the error
[Wed May 18 14:13:23 2016] <jstolarek> previous version of that tactic that used to work began with "subtype_cases ..." and what is now H was passed as an argument
[Wed May 18 14:13:55 2016] <Cypi> Let me clone that and see if I can reproduce it
[Wed May 18 14:13:58 2016] <jstolarek> lines 452-455 show how the previous version of solve_inversion_lemma_binary was used
[Wed May 18 14:15:15 2016] <jstolarek> my goal was to include intro and generalize dependent stuff in the tactic itself, as they are repeated in every proof
[Wed May 18 14:17:29 2016] <Cypi> Well, at this point in your proof, H doesn't exist anymore, so it's kind of normal that it doesn't work
[Wed May 18 14:17:36 2016] <Cypi> (H has been generalized back in the goal)
[Wed May 18 14:18:12 2016] <jstolarek> hm...
[Wed May 18 14:18:25 2016] <jstolarek> need to think about it for a moment
[Wed May 18 14:18:29 2016] <Cypi> Although it shouldn't raise an anomaly anyway
[Wed May 18 14:19:20 2016] <jstolarek> ok, I see what happens
[Wed May 18 14:19:40 2016] <jstolarek> that was not a very useful error message but thanks for pointing out my mistake :-)
[Wed May 18 14:50:39 2016] <johnw> please actively report bad diagnostics problems; that's my current crusade
[Wed May 18 14:50:51 2016] <johnw> not to fix them, just to make sure enough reports get generated :)
[Wed May 18 14:55:09 2016] <jstolarek> is there an easy way to generate fresh names in Ltac?
[Wed May 18 14:55:12 2016] <jstolarek> for example
[Wed May 18 14:55:13 2016] <jstolarek> I say
[Wed May 18 14:55:20 2016] <jstolarek> remember A as B
[Wed May 18 14:55:32 2016] <Cypi> "let B := fresh "B" in ..."
[Wed May 18 14:55:45 2016] <Cypi> (or just "let B := fresh in ..." iirc)
[Wed May 18 14:55:46 2016] <jstolarek> ah
[Wed May 18 14:55:57 2016] <Cypi> (if you don't care about the prefix)
[Thu May 19 03:32:05 2016] <jstolarek> I just learned that Hint Immediate and Hint Resolve will use simple apply rather than apply
[Thu May 19 03:32:16 2016] <jstolarek> this forces me to use Hint Extern
[Thu May 19 03:32:35 2016] <jstolarek> is there a way to force Hint Immediate and Hint Resolve to use apply and not simple apply?
[Thu May 19 13:46:38 2016] <johnw> jstolarek: I can't find the answer by simple search; maybe ask the ML?
[Thu May 19 16:07:39 2016] <johnw> jstolarek: I couldn't find the answer for this researching online; the best way might be to send a message to the Coq mailing list
[Fri May 20 14:59:13 2016] <johnw> dependently typed programming in Coq without tactics can feel very strange
[Sun May 22 14:00:51 2016] <fds> So, I'm working through Software Foundations, and I'm trying to state the following theorem: Theorem bag_theorem : forall (v : nat) (s1 : bag) (s2 : bag), member v s1 /\ subset s1 s2 -> member v s2.
[Sun May 22 14:01:00 2016] <fds> And I'm getting the error: The term "member v s1" has type "bool" while it is expected to have type "Prop".
[Sun May 22 14:01:09 2016] <fds> What am I doing wrong?
[Sun May 22 14:04:54 2016] <fds> Hm, I've just realised I can solve it by adding `= true' three times.
[Sun May 22 14:05:05 2016] <fds> Still, is there a better way?
[Sun May 22 14:10:51 2016] <fds> And now I've no idea how to prove this theorem. :-D
[Sun May 22 14:24:07 2016] <benzrf> fds: i think there might be a function bool -> Prop in the stdlib
[Sun May 22 14:24:13 2016] <benzrf> which basically just does = true
[Sun May 22 14:25:12 2016] <fds> I see.
[Sun May 22 14:25:42 2016] <fds> I suppose I'll just leave it like this then.
[Sun May 22 14:25:51 2016] <fds> Now I'm practising with unfold. :-)
[Mon May 23 13:02:46 2016] <johnw> it's called "is_true"
[Tue May 24 12:38:04 2016] <Drup> Is there a version of the code in sofware fundation that works with coq 8.5 or should I downgrade back to 8.4 ?
[Tue May 24 12:38:15 2016] <johnw> I'm not aware of the 8.5 port having been announced yet
[Tue May 24 12:38:20 2016] <johnw> but it is being worked on
[Tue May 24 12:39:24 2016] <Drup> ok, downgrading it is, then
[Tue May 24 12:39:36 2016] <Drup> 8.4.6 is ok ?
[Tue May 24 12:39:54 2016] <johnw> sure
[Tue May 24 18:25:48 2016] <steshaw> Drup: there's a 4.0 beta version of SF that works with 8.5 http://www.cis.upenn.edu/%7Ebcpierce/sf/sf-4.0/
[Tue May 24 18:59:17 2016] <gallabytes> Has anyone recreated the results from Chapman's Levitation paper in Coq?
[Tue May 24 19:00:59 2016] <gallabytes> I've been experimenting with different ways of encoding inductive types so I can replicate Godelian results, and the Levitation paper seems like the simplest way to do it
[Tue May 24 19:15:20 2016] <benzrf> gallabytes: never heard of it :)
[Tue May 24 19:19:12 2016] <gallabytes> benzrf: https://jmchapman.github.io/papers/levitation.pdf
[Tue May 24 19:19:31 2016] <gallabytes> Its a schema for inductive definitions that's strong enough to encode itself
[Tue May 24 19:20:16 2016] <gallabytes> Most of the definitions go through in Coq, but the fixpoint definition fails the positivity checker
[Tue May 24 19:20:23 2016] <gallabytes> (it passes the one in Agda though)
[Wed May 25 11:33:03 2016] <mietek> https://github.com/FormalTheology/GoedelGod
[Wed May 25 11:35:53 2016] <benzrf> lol
[Wed May 25 14:10:56 2016] <z2> any good channels for the discussion of formal verification?
[Wed May 25 14:20:47 2016] <johnw> this is a good one, I'd think
[Wed May 25 14:21:47 2016] <mietek> Also ##typetheory
[Fri May 27 22:30:42 2016] <riaqn> Hello, is there some comparison between CoC(as in coq) and CTT(as in nuprl)?
[Sat May 28 00:18:11 2016] <steshaw> riaqn: you might try asking over at ##typetheory
[Sat May 28 00:19:30 2016] <steshaw> pretty sure that jonsterling's your man
[Sat May 28 01:05:22 2016] <riaqn> steshaw: thx
[Sat May 28 11:44:39 2016] <benzrf> is there any typical approach in coq to finite multisets
[Sat May 28 11:44:53 2016] <benzrf> i'm thinking about prime factorization in particular
[Tue May 31 18:50:14 2016] <eraserhd> hello
[Tue May 31 18:52:12 2016] <eraserhd> Say I'm working with strings, and I want to prove this: forall a b c : string, (a ++ b)%string <> (a ++ c)%string -> b <> c
[Tue May 31 18:52:49 2016] <eraserhd> Induction on a.  The empty case is easy.
[Tue May 31 18:53:22 2016] <eraserhd> But then I get:  String a (...) <> String a (...) -> b <> c
[Tue May 31 18:53:48 2016] <eraserhd> Which seems obvious from structural equality.  But I don't know how to eliminate the "String a" part.
[Tue May 31 18:56:33 2016] <jrw> eraserhd: I don't think you need induction for this at all.
[Tue May 31 18:56:47 2016] <eraserhd> jrw: not surprised, actually :)
[Tue May 31 18:57:08 2016] <jrw> it suffices to prove [b = c -> a ++ b = a ++ c], which could be done with [intros; subst; reflexivity]
[Tue May 31 19:10:01 2016] <eraserhd> ok, neat
[Tue May 31 21:38:33 2016] <eraserhd> I would love a way where, instead of case analysis on a match variable, I can make each match case a subgoal.
[Tue May 31 21:39:14 2016] <eraserhd> (because there are fewer match cases than constructors).
[Tue May 31 21:55:42 2016] <Cale> eraserhd: Can you give an example of the situation you're in? I'm not sure I clearly understand from that description what you want, but I believe you can do that.
[Tue May 31 22:00:09 2016] <Cale> eraserhd: You can do something like refine (match foo with | pat1 => _ | pat2 => _ | ... end).
[Tue May 31 22:00:30 2016] <Cale> eraserhd: and you'll get subgoals for each blank
[Tue May 31 22:02:30 2016] <eraserhd> Cale: https://gist.github.com/eraserhd/f86f86bb58c71765881529c16b05556f
[Tue May 31 22:02:57 2016] <eraserhd> case a makes eight booleans, each of which makes 256 cases.
[Tue May 31 22:04:45 2016] <Cale> ugh, that's not a very pretty looking type...
[Tue May 31 22:05:02 2016] <eraserhd> heh.
[Tue May 31 22:05:04 2016] <Cale> But you should be able to write a match return...
[Tue May 31 22:05:08 2016] <Cale> hm
[Tue May 31 22:05:41 2016] <Cale> Is there some simpler way to write that goal?
[Tue May 31 22:06:59 2016] <eraserhd> That's the result of 'compute'.  It was this: https://gist.github.com/eraserhd/d348ac42dd450088cca705fd36a34f7a
[Tue May 31 22:07:12 2016] <Cale> ah, okay
[Tue May 31 22:07:41 2016] <eraserhd> I'm trying to prove that pipe_escape is injective.  Also, I'm a noob.
[Tue May 31 22:08:57 2016] <eraserhd> I have it working with induction a; induction b0; induction b1; induction b2; ...; discriminate.  But ick.
[Tue May 31 22:09:30 2016] <Cale> haha
[Tue May 31 22:10:10 2016] <Cale> Well, do you want to handle each of these cases individually?
[Tue May 31 22:11:30 2016] <eraserhd> er... no?  If it's possible to not handle them individually, I'd prefer not to.
[Tue May 31 22:13:01 2016] <Cale> http://lpaste.net/164952 -- does this command actually work? :)
[Tue May 31 22:15:06 2016] <Cale> eraserhd: (I'm just curious)
[Tue May 31 22:15:58 2016] <eraserhd> it runs :)
[Tue May 31 22:16:03 2016] <Cale> But you can probably write something which does those inductions... can I have enough of your file to be able to play around with it?
[Tue May 31 22:16:36 2016] <Cale> So yeah, you should get a whole bunch of goals then, one for each of the right hand sides of that match
[Tue May 31 22:16:43 2016] <Cale> But that seems... not so fun.
[Tue May 31 22:17:03 2016] <eraserhd> Yeah.  But it works if I add "; discriminate" to the end.
[Tue May 31 22:17:16 2016] <Cale> ah, cool
[Tue May 31 22:17:49 2016] <eraserhd> wait a minute...
[Tue May 31 22:18:00 2016] <Cale> Does discriminate work on its own? :)
[Tue May 31 22:18:55 2016] <Cale> oh, I guess you might not have a hypothesis in scope which is discriminable
[Tue May 31 22:19:30 2016] <Cale> I wonder what ediscriminate a. would get you
[Tue May 31 22:21:21 2016] <eraserhd> I actually forgot to recurse in pipe_escape.  So it looks worse now :)
[Tue May 31 22:21:48 2016] <eraserhd> Welp.  Time for bed.
[Tue May 31 22:21:56 2016] <eraserhd> Cale: g'night and thanks.
[Tue May 31 22:22:00 2016] <Cale> g'night
[Wed Jun  1 00:41:07 2016] <penlu> Hello
[Wed Jun  1 00:41:21 2016] <penlu> I have a syntax question
[Wed Jun  1 00:41:39 2016] <penlu> Is this a good place to ask?
[Wed Jun  1 00:46:04 2016] <penlu> ah! sorry, I think I have figured out my problem
[Wed Jun  1 01:22:01 2016] <jrw> penlu: for future reference, this is a good place to ask :)
[Wed Jun  1 05:05:07 2016] <steshaw> Is there a way to Print a term without using notations?
[Wed Jun  1 05:07:13 2016] <steshaw> ah, "Eval compute in x" worked for me
[Wed Jun  1 05:44:55 2016] <Cypi> steshaw : you can also use "Unset Printing Notations." before printing, or the corresponding option in the "View" menu if you're using CoqIDE
[Wed Jun  1 05:45:25 2016] <steshaw> Cypi: thanks
[Wed Jun  1 05:47:19 2016] <steshaw> "Eval compute in x" wasn't working for all the cases I had
[Wed Jun  1 05:51:29 2016] <Cypi> It will actually reduce the term to its normal form, but if the normal form matches some notations it will use them to print it
[Wed Jun  1 05:56:06 2016] <steshaw> I didn't have an calculations to perform AFAICT. However, there were definitions to substitute. That's why I thought it was working.
[Wed Jun  1 05:56:37 2016] <steshaw> None of the notations were actually expanded using Eval only.
[Wed Jun  1 05:56:42 2016] <steshaw> Thanks for you help.
[Wed Jun  1 16:43:12 2016] <eraserhd> How would I "split" a hypothesis (a conjunction), such that I have two hypotheses.
[Wed Jun  1 16:43:14 2016] <eraserhd> ?
[Wed Jun  1 16:43:49 2016] <jrw> eraserhd: "destruct H." where H is the hypothesis name should do it.
[Wed Jun  1 16:44:18 2016] <eraserhd> jrw: I swear I did this!  But it works.
[Wed Jun  1 18:21:15 2016] <eraserhd> How would you proceed with this?: https://gist.github.com/eraserhd/40e25f309cb1d2bc81b943af734630cb
[Wed Jun  1 18:21:34 2016] <eraserhd> Also, any sort of feedback is welcome.  I'm certain it's overcomplicated so far.
[Wed Jun  1 19:01:48 2016] <roboguy`> eraserhd: well, you can intro more at that point. I'm not an expert, but I might also try to avoid expand pipe_escape unless it's necessary (your inductive hypotheses are in terms of pipe_escape and it's easier to read)
[Wed Jun  1 19:04:22 2016] <eraserhd> * just found `functional induction`.  Yay.
[Wed Jun  1 19:08:09 2016] <roboguy`> huh, never knew about that one
[Thu Jun  2 00:20:48 2016] <penlu> Hello
[Thu Jun  2 00:21:03 2016] <penlu> I am wondering if coq has any facilities for modules as in the mathematical object
[Thu Jun  2 00:21:55 2016] <penlu> I've found rings and fields in the standard library but they were a little obscure and module is a bad keyword when it comes to coq so I was wondering if I missed anything
[Thu Jun  2 01:58:20 2016] <jrw> penlu: I would suggest taking a look at the mathematical components library/extension to coq at https://github.com/math-comp/math-comp
[Thu Jun  2 02:00:10 2016] <penlu> Thanks!
[Thu Jun  2 02:02:51 2016] <jrw> in particular I believe the algebra/ssralg.v file defines modules over a ring
[Thu Jun  2 09:34:02 2016] <Drup> Does anyone knows an example of a formalization of a staged calculus in Coq/Locally nameless ?
[Thu Jun  2 14:27:27 2016] <eraserhd> Hrmm.  I have [ H : a0 <> b0 |- a0 = b0 ], but "contradiction" doesn't do anything.  What am I doing wrong?
[Thu Jun  2 14:32:24 2016] <eraserhd> Ooh, "injection" is what I was looking for yesterday.
[Thu Jun  2 15:32:08 2016] <ampere> Hello all. Is this an appropriate place to ask for short form pointers on Coq issues I'm stuck on (and have already researched as best I know how)?
[Thu Jun  2 15:52:12 2016] <relrod> ampere: ask away!
[Thu Jun  2 19:19:57 2016] <relrod> Does Z -> string exist anywhere? If not, how might I go about doing that (taking an integer and getting its string representation)?
[Fri Jun  3 09:01:42 2016] <lpaste> jstolarek pasted “No title” at http://lpaste.net/165168
[Fri Jun  3 09:02:16 2016] <jstolarek> it seems that the last part in the match branch - `unfold extend in E
[Fri Jun  3 09:02:21 2016] <jstolarek> does not work
[Fri Jun  3 09:02:44 2016] <jstolarek> I know that hypothesis generated by inversion contains "extend"
[Fri Jun  3 09:03:18 2016] <jstolarek> but after the "match goal..." `extend` is still folded
[Fri Jun  3 09:03:45 2016] <Cypi> Is it possible to have slightly more code, to be able to try it myself?
[Fri Jun  3 09:06:15 2016] <jstolarek> just a sec
[Fri Jun  3 09:07:45 2016] <jstolarek> Cypi: https://github.com/jstolarek/sandbox/blob/master/coq/sf/MoreStlc.v#L896
[Fri Jun  3 09:11:21 2016] <jstolarek> this fragment of code is in a flux - I'm trying to make it work, so subsequent lines of code might require some minor editing
[Fri Jun  3 09:12:44 2016] <Cypi> I don't see a problem. E is H0, so there is nothing to unfold
[Fri Jun  3 09:13:23 2016] <Cypi> I guess you should do something like "inversion H0 as [? E]"
[Fri Jun  3 09:13:33 2016] <Cypi> since apparently there is a first variable before the one you're interested in
[Fri Jun  3 09:15:02 2016] <Cypi> (quick tip: I just added "idtac E" at the end of the tactic to check what was the name bound to E)
[Fri Jun  3 09:16:26 2016] <jstolarek> oh
[Fri Jun  3 09:16:33 2016] <jstolarek> you are of course right
[Fri Jun  3 09:16:35 2016] <jstolarek> thanks!
[Fri Jun  3 09:16:46 2016] <jstolarek> I knew it must be some silly mistake
[Fri Jun  3 15:17:07 2016] <eraserhd> Yay, back to hacking on Coq.
[Fri Jun  3 15:17:19 2016] <eraserhd> I mean a Coq proof.  I can't actually hack on Coq.
[Fri Jun  3 15:22:55 2016] <eraserhd> how to eliminate a <-> in a goal?
[Fri Jun  3 15:23:27 2016] <eraserhd> why, `unfold iff` of course.
[Fri Jun  3 15:31:38 2016] <benzrf> you can also just [split] directly :)
[Fri Jun  3 15:42:12 2016] <eraserhd> benzrf: Cool.
[Fri Jun  3 15:42:52 2016] <eraserhd> I can't remember how to search for things or run a command-line (like Check) with Proof General.  Anyone know off the top of their head?
[Fri Jun  3 15:48:23 2016] <Drup> C-c C-a C-c
[Fri Jun  3 15:48:33 2016] <Drup> and C-c C-a C-p for print
[Fri Jun  3 15:49:08 2016] <eraserhd> Drup: Ah, thanks!
[Fri Jun  3 15:50:12 2016] <eraserhd> actually, what is the emacs command for mode help?  I basically only use emacs for Coq.
[Fri Jun  3 15:50:24 2016] <eraserhd> (and can't remember a lot of it :)
[Fri Jun  3 15:52:15 2016] <eraserhd> Oh, I just found a vim plugin.  Makes me wonder why i'm using emacs. :/
[Fri Jun  3 16:06:12 2016] <eraserhd> and... it needs me to downgrade Coq.  Nevermind.
[Fri Jun  3 16:21:02 2016] <eraserhd> Is it possible to run `injection` in a hypothesis?
[Sat Jun  4 16:10:43 2016] <KaneTW> @pl \s -> fmap (first f) (runParser a s)
[Sat Jun  4 16:10:47 2016] <KaneTW> whoops
[Sun Jun  5 15:06:29 2016] <benzrf> this is unprovable, right? [forall P P' : nat -> Type, (forall x, P x) = (forall x', P' x') -> P O = P' O]
[Sun Jun  5 15:55:08 2016] <Nik05> looks like it benzrf
[Sun Jun  5 15:55:17 2016] <benzrf> Kk
[Sun Jun  5 22:35:36 2016] <lpaste> relrod pasted “Why does this fail with a stack overflow?” at http://lpaste.net/165528
[Sun Jun  5 22:35:47 2016] <relrod> That's the smallest repro I could come up with I think
[Sun Jun  5 22:36:32 2016] <relrod> Am I just doing something silly?
[Sun Jun  5 22:43:08 2016] <Cale> relrod: It's the extra parameter to BlahInstance
[Sun Jun  5 22:43:51 2016] <Cale> relrod: It results in an infinite loop, looking for an instance of Blah to fill the C parameter, and then attempting to use the very same instance, resulting in another C parameter which needs to be filled...
[Sun Jun  5 22:44:27 2016] <Cale> Usually Haskell would complain at you for writing this, but Coq's type class mechanism is a bit less picky.
[Sun Jun  5 22:45:28 2016] <Cale> Well, it would be weird writing this in Haskell in the first place, because the class has no parameters.
[Sun Jun  5 22:46:17 2016] <Cale> but it's like writing  instance Blah => Blah where ...
[Sun Jun  5 22:49:14 2016] <relrod> Cale: What if I want to refer to something from C in the instance though? (I'm just kind of playing around and I'm really new to this and probably getting it all wrong, but...)
[Sun Jun  5 22:49:47 2016] <Cale> Probably first of all your class should have a parameter.
[Sun Jun  5 22:50:10 2016] <relrod> https://bitbucket.org/amintimany/categories/src/bd56bc28cc67507707453794efbdf4a78f632d0a/Category/Opposite.v?at=master&fileviewer=file-view-default -- Taking this for inspiration; they do something similar
[Sun Jun  5 22:50:59 2016] <Cale> It's kind of funny that Coq has all this machinery to ensure that things terminate, and then doesn't do even a little bit of it when checking type classes / instances. :)
[Sun Jun  5 22:52:19 2016] <relrod> Yeah, I'm still getting used to all the semantics.
[Sun Jun  5 22:53:02 2016] <relrod> Cale: In that file I linked, they do something similar, implementing an instance of their Category class, which also takes no parameters. That's why I did it this way (ultimately I'm trying to implement a tiny CT lib just for learning. I was referring to theirs as needed.)
[Sun Jun  5 22:53:23 2016] <Cale> yeah, that's interesting
[Sun Jun  5 22:55:13 2016] <Cale> Perhaps they're taking advantage of the order in which type class instances are attempted
[Sun Jun  5 22:56:16 2016] <Cale> yeah, if you insert another instance, like  Instance BaseBlah : Blah := { ob := bool }.
[Sun Jun  5 22:56:25 2016] <Cale> then it no longer loops
[Sun Jun  5 22:59:08 2016] <relrod> I just found https://github.com/amintimany/Categories/blob/master/Category/Opposite.v which is apparently more recent, and they use Definition instead of Instance.... which makes more sense to me I think.
[Sun Jun  5 22:59:41 2016] <relrod> But what do I know :)
[Sun Jun  5 22:59:53 2016] <relrod> Not much. Yet. :)
[Sun Jun  5 23:00:26 2016] <Cale> yes, that makes much more sense
[Sun Jun  5 23:00:57 2016] <Cale> You would want it to try to automatically use the opposite category when it needed a category
[Sun Jun  5 23:04:41 2016] <relrod> Cale: thanks for your help :)
[Sun Jun  5 23:34:48 2016] <Cale> er, I just realised I automatically said the opposite of what I meant
[Sun Jun  5 23:35:01 2016] <Cale> wouldn't* :)
[Sun Jun  5 23:35:10 2016] <relrod> Yeah I knew what you meant :)
[Fri Oct  7 16:30:20 2016] <napping> Can coqdoc and coq-tex be used together?
[Fri Oct  7 16:41:37 2016] <napping> Is there any way to get results like coq-tex in coqdoc output?
[Fri Oct  7 17:48:42 2016] <napping> It seems coq-tex does not like bullets
[Sat Oct  8 10:29:28 2016] <vramesh> Is there a way to make the rewrite tactic only apply to a specific subterm? What is the general rule that the rewrite tactic uses if there are multiple matching subterms?
[Sat Oct  8 10:31:20 2016] <modulus> one thing you can do is use replace tactic, or assert the specific rewrite you want
[Sat Oct  8 10:32:53 2016] <vramesh> Thank you, modulus. I will look into the replace tactic and asserting rewrites.
[Sat Oct  8 10:33:19 2016] <modulus> replace is like replace (x) with (y), and it sets that as a proof obligation, and replaces it on the goal.
[Sat Oct  8 10:33:44 2016] <modulus> assert (H:x = y) will set that as a new proof obligation, and once proven presents as a hypothesis H which you can do rewrite H with.
[Sat Oct  8 10:34:36 2016] <vramesh> Great, I understand now. Thanks again.
[Sat Oct  8 10:34:50 2016] <modulus> yw
[Sat Oct  8 12:34:43 2016] <vramesh> If one of the hypotheses in the context is identical to the goal is there a tactic for asserting the goal being just a hypothesis/axiom.
[Sat Oct  8 12:35:02 2016] <vramesh> For example, if A -> B is a goal and A -> B is a hypothesis in the context.
[Sat Oct  8 12:38:02 2016] <vramesh> Sorry, I just figured out the answer to my question. Do you use exact?
[Sat Oct  8 12:44:38 2016] <Cypi> vramesh : "assumption"
[Sat Oct  8 12:44:56 2016] <Cypi> It will do just that: look in the context for a hypothesis which is exactly the goal
[Sat Oct  8 12:45:13 2016] <Cypi> you can also use "exact H" if you want to specify which hypothesis you use, indeed
[Sat Oct  8 12:50:02 2016] <vramesh> Cypi: Thank you very much - did not know about "assumption".
[Sat Oct  8 13:21:26 2016] <modulus> on the sofwtrae ofudnaitosn logic chapter ,i' mtyrin gto do the tr_erv exerciess, whic hinovvles:
[Sat Oct  8 13:21:26 2016] <modulus> Lemma tr_rev_correct : forall X, @tr_rev X = @rev X.
[Sat Oct  8 13:22:03 2016] <modulus> i'm introing X, then applying functional extensionality. then induction on x. and there i get stuck. i can't get anything useful out of rev_append, which unfolds from tr_rev. any clues?
[Sat Oct  8 13:22:39 2016] <modulus> also apologies, my keybaord is doin gsoemhting weird.
[Sun Oct  9 20:28:49 2016] <riaqn> benzrf: wondering which channel you meant originally.
[Sun Oct  9 20:29:58 2016] <benzrf> just one i talk to friends in
[Sun Oct  9 22:35:16 2016] <benzrf> does the term "inhabitant" generally refer to expressions, or to specifically semantic objects
[Sun Oct  9 22:37:48 2016] <johnw> benzrf: an inhabitant is a member of a type
[Sun Oct  9 22:38:33 2016] <benzrf> johnw: so - an expression?
[Sun Oct  9 22:42:08 2016] <johnw> every expression must evaluate to an inhabitant
[Sun Oct  9 22:42:50 2016] <Cypi> in my sense, "be an inhabitant of" is literally a synonym for "have type", so the former. Maybe other people give a more specific sense to it
[Sun Oct  9 22:42:51 2016] <johnw> and since "1 + 1" and 2 denote the same thing
[Sun Oct  9 22:43:20 2016] <johnw> yeah, "have a type" is a pretty good rule of thumb
[Sun Oct  9 22:43:37 2016] <johnw> given some x and T such that x : T, then x is an inhabitant of T
[Sun Oct  9 22:44:31 2016] <johnw> it's less interesting to ask what form it takes, expression or naked constructor, etc.
[Sun Oct  9 22:56:51 2016] <benzrf> johnw: well - is False inhabited in haskell?
[Sun Oct  9 23:02:33 2016] <johnw> False in Haskell is really False⊥
[Sun Oct  9 23:02:48 2016] <johnw> so yes, it's inhabited there, by ⊥
[Sun Oct  9 23:03:14 2016] <benzrf> so then inhabitants are semantical objects, not expressions
[Sun Oct  9 23:03:22 2016] <benzrf> and not this: 10:43:37         johnw │ given some x and T such that x : T, then x is an inhabitant of T
[Sun Oct  9 23:03:37 2016] <johnw> ?
[Sun Oct  9 23:03:43 2016] <johnw> what is a "semantical object" and what is an "expression"?
[Sun Oct  9 23:04:06 2016] <benzrf> i mean - you can define a language and a type system without giving it semantics...
[Sun Oct  9 23:04:15 2016] <benzrf> "⊥" is not a haskell expression
[Sun Oct  9 23:04:24 2016] <benzrf> but ":" is a relation between expressions and types
[Sun Oct  9 23:04:32 2016] <johnw> do you mean, a language that is purely syntax?
[Sun Oct  9 23:05:02 2016] <benzrf> well, this isnt a terribly important question
[Sun Oct  9 23:05:04 2016] <benzrf> its ok
[Sun Oct  9 23:05:07 2016] <johnw> ok
[Sun Oct  9 23:05:18 2016] <johnw> you sound like you need a precise answer, but I don't understand the question well enough
[Mon Oct 10 13:06:03 2016] <Ptival> benzrf: I would also say the latter
[Mon Oct 10 13:06:42 2016] <Ptival> but then I'd use it loosely with expressions
[Mon Oct 10 13:08:08 2016] <Ptival> but I'd say the inhabitants are the canonical values of the type
[Mon Oct 10 17:40:51 2016] <napping> Can proof general work on a coq-tex input file?
[Tue Oct 11 12:09:00 2016] <napping> does anyone use coq-tex?
[Tue Oct 11 12:40:44 2016] <napping> Is coq-tex the best way to show intermediate goals of a proof in a document?
[Tue Oct 11 13:00:14 2016] <johnw> so far i've found coq-tex to be fairly unsatisfying; I'd be interested to see what you come up with
[Tue Oct 11 13:05:30 2016] <notdan> wrengr_away: congruence is the one ive been looking for :)
[Tue Oct 11 13:08:42 2016] <napping> So far I've just been looking for some way to step through only the code of a coq-tex input file with coq-mode in emacs, rather than replacing coq-tex itself
[Tue Oct 11 13:09:16 2016] <napping> I did notice that coq-tex itself is a self-contained and fairly small ocaml program, so it might not be so bad
[Tue Oct 11 16:58:01 2016] <napping> johnw: I at least got ProofGeneral working on coq-tex files by extending it's comment regex to count the \begin{coq_...} makers as ending comments, and \end{coq...} as starting a comment
[Tue Oct 11 17:38:38 2016] <KaneTW> is there a tactic to prove a goal by contradiction when there's a hypothesis like S n = n
[Tue Oct 11 17:39:02 2016] <modulus> inversion
[Tue Oct 11 17:39:12 2016] <Cypi> no, you need to do an induction for this
[Tue Oct 11 17:39:15 2016] <KaneTW> just gives you another hypothesis
[Tue Oct 11 17:39:22 2016] <Cypi> (or use something like omega probably)
[Tue Oct 11 17:39:29 2016] <KaneTW> omega is prob the easy way
[Tue Oct 11 17:39:32 2016] <Cypi> there is nothing built-in for acyclicity
[Tue Oct 11 17:39:34 2016] <modulus> hmm
[Tue Oct 11 17:39:37 2016] <KaneTW> or intuition
[Tue Oct 11 17:39:55 2016] <napping> I don't think intuition works. omega might do it?
[Tue Oct 11 17:40:02 2016] <KaneTW> yeah intuition doesn't work
[Tue Oct 11 17:40:10 2016] <Cypi> omega works
[Tue Oct 11 17:40:10 2016] <KaneTW> omega owrks
[Tue Oct 11 17:40:16 2016] <modulus> yeah S n = 0 would but not = n i guess, silly me.
[Tue Oct 11 17:40:17 2016] <napping> I think there is a theorem like that already
[Tue Oct 11 17:40:38 2016] <KaneTW> Nat.neq_succ_diag_l: forall n : nat, S n <> n
[Tue Oct 11 17:41:03 2016] <napping> Conor McBride's "A Few Constructions on Constructors" describes a general approach for proving acyclicity theorems
[Wed Oct 12 08:40:42 2016] <ankitk> Hi, I am trying to write a function, which returns a proof of n<m
[Wed Oct 12 08:40:52 2016] <ankitk> Please look at my code here : http://pastebin.com/1nJW5hjY
[Wed Oct 12 08:41:03 2016] <ankitk> Can you suggest the last entry?
[Wed Oct 12 08:44:52 2016] <notdan> ankitk: what should happen if you feed n = 1, m = 0 in your function?
[Wed Oct 12 08:45:21 2016] <ankitk> my fixpoint function needs to return proof of  1 < 0
[Wed Oct 12 08:45:29 2016] <ankitk> but that is not possible!
[Wed Oct 12 08:45:34 2016] <notdan> yeah
[Wed Oct 12 08:45:40 2016] <notdan> so you cannot write such a function
[Wed Oct 12 08:45:46 2016] <ankitk> oh
[Wed Oct 12 08:46:12 2016] <ankitk> but the Vector library expects proofs, such as p < m
[Wed Oct 12 08:46:33 2016] <ankitk> when we want to get pth term from a vector of length m
[Wed Oct 12 08:46:40 2016] <ankitk> how to provide that?
[Wed Oct 12 08:46:41 2016] <notdan> But you cannot really provide such a proof if p is not less than m
[Wed Oct 12 08:46:49 2016] <ankitk> right
[Wed Oct 12 08:47:08 2016] <notdan> What you can write is a function with the type forall (n m: nat) : (n < m) + (n >= m)
[Wed Oct 12 08:47:35 2016] <notdan> in fact, such a function/theorem is probably somewhere in the standard library
[Wed Oct 12 08:48:15 2016] <notdan> so if you have specific n and m for which you know that n > m, you can use the decidability of > to provide a proof [n > m]
[Wed Oct 12 08:48:54 2016] <ankitk> that is there, but then then the functions replace_order and nth_order expect only (H : p < n)
[Wed Oct 12 08:49:17 2016] <ankitk> do i need to hand construct the proof before calling such functions?
[Wed Oct 12 08:51:58 2016] <notdan> hm there should be a better way
[Wed Oct 12 08:52:11 2016] <notdan> unfortuntely, i am not very familiar with dependent type programming myself
[Wed Oct 12 08:52:20 2016] <ankitk> okk
[Wed Oct 12 08:52:44 2016] <ankitk> Thanks @notdan
[Wed Oct 12 08:53:41 2016] <notdan> maybe you can put a placeholder _ where the proof (p < n) is expected. albeit i doubt that it can figure out the proof automatically.
[Wed Oct 12 09:01:18 2016] <ankitk> i will try yhat
[Wed Oct 12 09:01:21 2016] <ankitk> that
[Wed Oct 12 09:02:31 2016] <ankitk> it works :)
[Wed Oct 12 09:02:38 2016] <ankitk> Thanks
[Wed Oct 12 09:02:52 2016] <ankitk> so coq handles it on its own
[Wed Oct 12 09:03:02 2016] <notdan> cool :)
[Wed Oct 12 09:18:55 2016] <osa1> hi all. I wrote thousands of lines of Coq in the past but it's been a while and apparently I forgot all the cool commands (for searching in library etc.) and even the syntax. what's a good quick tutorial these days as a refresher?
[Wed Oct 12 09:27:06 2016] <ankitk> https://cel.archives-ouvertes.fr/file/index/docid/459139/filename/coq-hurry.pdf
[Wed Oct 12 09:27:18 2016] <ankitk> osal this paper is a good refresher
[Wed Oct 12 09:29:46 2016] <osa1> ankitk: thanks, will take a look
[Wed Oct 12 13:14:52 2016] <wrengr> KaneTW: afaict, there's no general tactic that'll turn cyclic equality proofs into falsum. But you can do it yourself by reimplementing structural induction with wf-induction
[Wed Oct 12 13:16:29 2016] <wrengr> notdan: glad I could help
[Wed Oct 12 14:30:24 2016] <mooe> hi anyone up for stepping through a small proof. i face a problem regarding use of unfold/fold?
[Wed Oct 12 14:53:12 2016] <johnw> sure
[Thu Oct 13 06:40:22 2016] <ankitk> Hi, I am trying to write the TAL-0 language in coq (assembly with types)
[Thu Oct 13 06:40:42 2016] <ankitk> code is here : https://github.com/ankitku/awotap/blob/master/TAL.v
[Thu Oct 13 06:41:26 2016] <ankitk> I am having trouble using the apply tactic with R_IJmp_Succ
[Thu Oct 13 06:42:14 2016] <ankitk> on using with in this apply in  ieval_example1 , I am getting error "Not the right number of missing arguments (expected 0)."
[Thu Oct 13 06:42:49 2016] <ankitk> Please help, note to compile this , you will need to compile (coqc Maps.v) first
[Thu Oct 13 12:19:12 2016] <Ptival> ankitku: which argument are you trying to fill?
[Thu Oct 13 12:19:44 2016] <Ptival> you should say "with (name := ...)", otherwise it will think you're trying to fill some remaining arguments after having inferred the ones you cared for
[Thu Oct 13 12:20:30 2016] <ankitku> ok, I am trying to give intermediate step for  R_IJmp_Succ
[Thu Oct 13 12:20:50 2016] <Ptival> but you're trying to give a state
[Thu Oct 13 12:21:12 2016] <ankitku> because in R_IJmp_Succ st1 st2,  st2 will not match the final state I am trying to prove
[Thu Oct 13 12:21:18 2016] <Ptival> but R_IJmp_Succ doesn't take a state as input
[Thu Oct 13 12:21:21 2016] <ankitku> yes, a state
[Thu Oct 13 12:21:40 2016] <ankitku> so, I am giving st2'
[Thu Oct 13 12:22:03 2016] <ankitku> what will the name in (name := ) be?
[Thu Oct 13 12:22:19 2016] <Ptival> well it won't be anything because there is no state to fill
[Thu Oct 13 12:23:12 2016] <Ptival> you might have made your semantics too specific to be practical to use
[Thu Oct 13 12:23:52 2016] <Ptival> here your R_IJmp_Succ rule won't apply unless you can first show
[Thu Oct 13 12:24:06 2016] <Ptival> (t_update init_regs (Id 3) 0 = final_regs
[Thu Oct 13 12:24:10 2016] <Ptival> t_update init_regs (Id 3) 0 = final_regs
[Thu Oct 13 12:24:26 2016] <ankitku> yes, but that won't happen now
[Thu Oct 13 12:24:37 2016] <ankitku> final regs will be after running of the loop
[Thu Oct 13 12:24:52 2016] <ankitku> so, i need to give an intermediate step
[Thu Oct 13 12:25:37 2016] <Ptival> well then your semantics are wrong
[Thu Oct 13 12:25:43 2016] <ankitku> in the code, I have given the intermediate state after keyword "with"
[Thu Oct 13 12:25:54 2016] <Ptival> ieval (IJmp (ANum v)) (St H R (IJmp (ANum v))) (St H R I')
[Thu Oct 13 12:26:04 2016] <Ptival> you have the same R before and after the step it seems
[Thu Oct 13 12:26:42 2016] <Ptival> or your theorem is wrong
[Thu Oct 13 12:28:08 2016] <ankitku> well R will be same, registers won't change after the jump
[Thu Oct 13 12:28:37 2016] <ankitku> In the theorem I have given the final state, i.e. after the whole loop for calculating product has run
[Thu Oct 13 12:28:53 2016] <ankitku> program finds product of 1 and 2
[Thu Oct 13 12:30:11 2016] <ankitku> R_ISeq case works perfectly, but i am getting stuck in R_IJmp case
[Thu Oct 13 12:30:20 2016] <Ptival> well, I believe that you made a mistake somewhere, maybe in your very first proof step
[Thu Oct 13 12:32:07 2016] <ankitku> hm, but it works as expected
[Thu Oct 13 12:33:58 2016] <ankitku> if you copy the state after "with" in R_IJmp_Succ and paste it in the theorem,instead of the final state, the proof completes
[Thu Oct 13 13:13:39 2016] <Ptival> yeah, because that theorem is correct
[Thu Oct 13 13:13:45 2016] <Ptival> but the one you wrote isn't necessarily
[Thu Oct 13 13:14:47 2016] <Ptival> ieval (IJmp (ANum 2))
[Thu Oct 13 13:14:47 2016] <Ptival>      (St init_heap (t_update (t_update (t_update empty_regs (Id 1) 1) (Id 2) 2) (Id 3) 0)
[Thu Oct 13 13:14:51 2016] <Ptival>         (IJmp (ANum 2)))
[Thu Oct 13 13:14:53 2016] <Ptival>      (St init_heap (t_update (t_update (t_update empty_regs (Id 1) 0) (Id 2) 2) (Id 3) 2)
[Thu Oct 13 13:14:56 2016] <Ptival>         (IJmp (ANum 4)))
[Thu Oct 13 13:14:59 2016] <Ptival> does this look right?
[Thu Oct 13 13:15:18 2016] <Ptival> it seems like the register contents are different to me
[Thu Oct 13 16:02:51 2016] <antonv> hello
[Thu Oct 13 16:03:09 2016] <antonv> what book on Coq you like and recommend?
[Thu Oct 13 16:05:14 2016] <RegEchse> depends on what you want to do with coq.
[Thu Oct 13 16:08:30 2016] <antonv> RegEchse: I want to fully understand the underlying theory and have maximum ability to use it practically
[Thu Oct 13 16:16:04 2016] <johnw> antonv: start with Software Foundations, then Certified Programming with Dependent Types
[Thu Oct 13 16:16:27 2016] <johnw> also, what are you going to use Coq for?
[Thu Oct 13 16:16:30 2016] <johnw> math? program semantics?
[Thu Oct 13 16:17:45 2016] <antonv> johnw: thanks for recommendations. My primary desire is to understand it fully.
[Thu Oct 13 16:19:15 2016] <johnw> if you're interested in the type theory behind it, and the Calculus of Constructions, there are other resources, mostly academic articles
[Thu Oct 13 16:29:07 2016] <antonv> johnw: ideally I'd like a book fully self-contained, not requiring prior expertise
[Thu Oct 13 16:29:16 2016] <antonv> academic articles might use specific
[Thu Oct 13 16:29:29 2016] <antonv> might assume substantial knowledge.
[Thu Oct 13 16:29:52 2016] <johnw> I'm not aware of any such book
[Thu Oct 13 16:32:50 2016] <modulus> software foundations starts more or less from zero but probably doesn't cover all of coq
[Thu Oct 13 16:33:13 2016] <modulus> how's coq.art?
[Thu Oct 13 16:55:22 2016] <antonv> ok, maybe not fully self-contained, but let's assume a reader has some basic understanting of logic (logical entailment, resolution, induction).
[Thu Oct 13 16:56:26 2016] <antonv> Are there books which explain the remaining parts of type theories and coq?
[Thu Oct 13 17:55:08 2016] <antonv>  the "Certified Programming with Dependent Types" seems close to that...
[Thu Oct 13 17:55:13 2016] <antonv> thanks for the reference
[Thu Oct 13 17:55:26 2016] <johnw> CPDT is an excellent text for the working Coq user
[Thu Oct 13 17:55:44 2016] <johnw> if your intention is to use it practically, that's a good one
[Thu Oct 13 17:56:07 2016] <johnw> the main thing is that there are several ways of approaching problems in Coq, and choosing the way appropriate to your problem is a huge part of finding success
[Thu Oct 13 17:57:23 2016] <antonv> johnw: how do you use Coq? (for what purpose?)
[Thu Oct 13 17:57:47 2016] <johnw> I use it at work for formalizing software semantics
[Thu Oct 13 17:58:03 2016] <johnw> I'm also using it for provably correct program synthesis, from those semantics
[Thu Oct 13 17:59:32 2016] <antonv> when one mastered coq, how long / expencise it is to formalize some software module? Say some scheduler which distributes work from a queue to workers.
[Thu Oct 13 17:59:50 2016] <antonv> Is it a project for a month, for 6 month, a year, 3 years?
[Thu Oct 13 18:00:34 2016] <modulus> depends on what properties you want to prove.
[Thu Oct 13 18:01:15 2016] <antonv> well, theat the tasks is always handled, that the queue doesn't become too long, that the task is given to a less loaded worker, etc, etc.
[Thu Oct 13 18:01:52 2016] <antonv> well, maybe my question is too vague...
[Thu Oct 13 18:02:25 2016] <antonv> I'm just thinking how realistic it is to hope to use Coq for the existing java system I'm working on now.
[Thu Oct 13 18:03:41 2016] <antonv> Can I hope to have benefits from Coq in that usual java project, or in the current state of certified programming thechnology it's only practical for very specific projects, which can afford huge investments.
[Thu Oct 13 18:04:48 2016] <johnw> if it's a first time, and the project would have taken you a month in your language of choice, assume a year for Coq
[Thu Oct 13 18:05:01 2016] <johnw> I doubt it will help you in the usual java project anytime soon
[Thu Oct 13 18:05:09 2016] <johnw> unless you have one core component that it's important to verify
[Thu Oct 13 18:05:51 2016] <johnw> Coq is a fantastic for modeling, and models can be made applicable to literally anything, given the effort.  Use Coq as a programming language is not so fantastic, but still doable.  Integrating Coq as a programming langauge with other modern systems in currently a herculean exercise.
[Thu Oct 13 18:06:24 2016] <antonv> part of the problem is that the behaviour is spread over several modules (programs)
[Thu Oct 13 18:06:38 2016] <johnw> you can model the network of modules
[Thu Oct 13 18:06:51 2016] <johnw> it's all about defining which semantics you care about, and how closely you need your model to approach real behavior
[Thu Oct 13 18:07:17 2016] <antonv> yes, but how to apply the model? I mean, how to ensure my java implementation corresponds to the model?
[Thu Oct 13 18:07:33 2016] <johnw> for example, you can model information flow control for security, by just stating "we assume that this module does not leak information".  You don't need to prove it then, you simply increase your trusted code base.
[Thu Oct 13 18:07:39 2016] <johnw> "ensure" here is the key word
[Thu Oct 13 18:07:57 2016] <johnw> the weakest statement is "provided I followed practices X, Y and Z, my code must be correct"
[Thu Oct 13 18:08:24 2016] <johnw> the strongest statement is "Here I have a trusted version of the JVM in Coq, and I've shown that no possible execution path in my program can violate the necessary properties."
[Thu Oct 13 18:09:24 2016] <johnw> it's all about time investment proportional to reward
[Thu Oct 13 18:09:44 2016] <johnw> if you're building control software for a space probe that must run for 50 years unattended, then you spend years perfecting your model
[Thu Oct 13 18:10:05 2016] <johnw> if you're building Web server software that may disappear in 6 months, maybe you only want to verify things about behavior allowed by your server protocol
[Thu Oct 13 18:11:28 2016] <antonv> my case is closer to the second (it's not going to dissappear in 6 months, but it's being changed all the time and we often have bugs).
[Thu Oct 13 18:12:26 2016] <johnw> then identify which exactly it is about the system that you want to prove properties about
[Thu Oct 13 18:12:48 2016] <johnw> "general correctness" is a chimera, since pratically no model will include the execution semantics of the processor you run on
[Thu Oct 13 18:12:54 2016] <johnw> so everything is a decision in terms of how far you go
[Thu Oct 13 18:13:16 2016] <johnw> if the goal is to eliminate bugs, pick which kinds of bugs to eliminate
[Thu Oct 13 18:13:17 2016] <johnw> etc.
[Thu Oct 13 18:13:30 2016] <antonv> So we could specify properties the system should guarantee, and then certify that if we use this algorithm, then the properties will hold.
[Thu Oct 13 18:13:48 2016] <antonv> And then implement this algoritm manually in java, right?
[Thu Oct 13 18:14:30 2016] <johnw> that's way one; draft the algorithm in Coq, then transcode it to Java
[Thu Oct 13 18:15:17 2016] <johnw> or program the important parts of your Java program in a simplified subset of Java that can be read into Coq as an AST
[Thu Oct 13 18:15:43 2016] <johnw> if it fits within the space of Featherweight Java, then you'd have existing tools for stating properties about that AST
[Thu Oct 13 18:16:02 2016] <johnw> I'm really interested, btw, in using Coq to prove properties of real world programs in languages like Java
[Thu Oct 13 18:16:21 2016] <johnw> I just haven't attempted to tackle that problem yet because it's so hard for the benefit gained
[Thu Oct 13 18:16:33 2016] <rrika> If there's haskell for the jvm, that could be another approach
[Thu Oct 13 18:16:45 2016] <rrika> Extraction then translation
[Thu Oct 13 18:16:49 2016] <johnw> It's much easier to start from a clean slate, and build software that only needs to _interoperate_ with Java
[Thu Oct 13 18:16:55 2016] <johnw> right
[Thu Oct 13 18:17:01 2016] <rrika> (there seems to be ocaml for jvm too)
[Thu Oct 13 18:17:09 2016] <rrika> (in alpha stage)
[Thu Oct 13 18:18:02 2016] <antonv> yes, in alpha - I checked this option before
[Thu Oct 13 18:18:22 2016] <antonv> thinking about your previous suggestions...
[Thu Oct 13 18:18:36 2016] <johnw> there's this: bentnib.org/coqjvm.pdf
[Thu Oct 13 18:20:02 2016] <johnw> see also things like research.microsoft.com/en-us/um/people/nick/coqasm.pdf
[Thu Oct 13 18:20:12 2016] <johnw> which formalizes a subset of the Intel x86 execution architecture
[Thu Oct 13 18:20:31 2016] <johnw> there are tradeoffs, though: formalizing the low-level is simpler, but loses important high-level structure
[Thu Oct 13 18:21:12 2016] <johnw> and formalizing at a high-level often includes insane amounts of functionality, since modern languages enjoy adding new semantics through custom syntax, where the true underlying semantics is only completely defined by the compiler implementation
[Thu Oct 13 18:21:30 2016] <antonv> hm
[Thu Oct 13 18:22:22 2016] <johnw> I know a PhD student at UCSD doing his thesis research on this very question :)
[Thu Oct 13 18:22:28 2016] <johnw> so, there's no simple answer today
[Thu Oct 13 18:22:29 2016] <antonv> I'm trying to understand how the low-level models (jvm, x86) can be useful. Do you mean to verify the compiled code?
[Thu Oct 13 18:22:40 2016] <johnw> yes
[Thu Oct 13 18:22:43 2016] <antonv> Not the java sources, but compiled java bytecode?
[Thu Oct 13 18:22:49 2016] <johnw> for example, I could verify a Haskell program by verifying the resulting GHC Core
[Thu Oct 13 18:22:50 2016] <antonv> that's interesting
[Thu Oct 13 18:22:59 2016] <johnw> or a C program by verifying LLVM output
[Thu Oct 13 18:23:35 2016] <johnw> I lose the notion of "structs" and "enums", but I keep the notion of pointers and address regions
[Thu Oct 13 18:23:52 2016] <antonv> cool
[Thu Oct 13 18:24:18 2016] <antonv> ok
[Thu Oct 13 18:24:30 2016] <antonv> now I'm reading your previous suggestions...
[Thu Oct 13 18:27:33 2016] <antonv> so, extraction is already implemented not only for ocaml, but also for haskell?
[Thu Oct 13 18:27:37 2016] <johnw> and scheme, yes
[Thu Oct 13 18:27:42 2016] <antonv> And I see here https://coq.inria.fr/refman/Reference-Manual026.html
[Thu Oct 13 18:27:46 2016] <johnw> and writing new extractors is not terribly difficult either
[Thu Oct 13 18:27:47 2016] <antonv> yes, for scheme!
[Thu Oct 13 18:27:57 2016] <johnw> I started to write one for Emacs Lisp, but then woke up
[Thu Oct 13 18:28:06 2016] <antonv> scheme for JVM exists for sure.
[Thu Oct 13 18:29:25 2016] <antonv> now trying to comprehend what you said about AST andFeatherweight Java
[Thu Oct 13 18:30:04 2016] <johnw> it's all about scoping; code in a subset, and proofs get easier
[Thu Oct 13 18:30:42 2016] <johnw> see also projects like http://why3.lri.fr/
[Thu Oct 13 18:31:48 2016] <rrika> there was some caveat with scheme extraction
[Thu Oct 13 18:35:36 2016] <rrika> you need some extra definitions for the extracted code to work (https://www.irif.fr/~letouzey/scheme/) I'm suprised this is not included in the coq repo
[Thu Oct 13 18:37:14 2016] <antonv> rrika: thanks
[Thu Oct 13 18:37:34 2016] <rrika> antonv, for the scheme case that is
[Thu Oct 13 18:37:46 2016] <rrika> ah, it's visible in the url anyway, nevermind
[Thu Oct 13 18:37:50 2016] <antonv> johnw: yes. I was just trying to understan, how practical it is to use arbitrary AST (java subset)
[Thu Oct 13 18:38:14 2016] <antonv> what Coq tools exists for Featherweight Java?
[Thu Oct 13 18:38:57 2016] <johnw> google: featherweight java coq
[Thu Oct 13 18:39:01 2016] <johnw> there's a few papers on it
[Thu Oct 13 18:39:37 2016] <antonv> doing that now
[Thu Oct 13 18:41:22 2016] <antonv> I found some
[Thu Oct 13 18:41:47 2016] <antonv> Ok, thanks for the chat.
[Thu Oct 13 18:41:54 2016] <johnw> good luck!
[Thu Oct 13 18:41:54 2016] <antonv> A lot of interesting informatio for me.
[Thu Oct 13 19:52:25 2016] <rrika> anyone know a simple way to transform the following in my premises
[Thu Oct 13 19:52:53 2016] <rrika> x := match … with | … y … => constructor (… y …) end
[Thu Oct 13 19:52:54 2016] <rrika> into
[Thu Oct 13 19:53:01 2016] <rrika> x := constructor (match … with | … y … => (… y …) end)
[Thu Oct 13 20:00:42 2016] <johnw> i do it with helper lemmas
[Thu Oct 13 20:04:15 2016] <rrika> my expressions are big though
[Thu Oct 13 20:04:36 2016] <rrika> (I'm playing with why3/frama-c and it gave me a Map.get (Map.set (Map.set t_1 a_1 x) a x_1) a_1
[Thu Oct 13 20:04:43 2016] <rrika> where Map.set unfolds into something big
[Thu Oct 13 20:05:10 2016] <rrika> Map set always puts its first argument in "match ↓ with" position
[Thu Oct 13 20:05:24 2016] <rrika> so as soon as one of them is not transformed to move the constructor outside it blocks all further simplification
[Thu Oct 13 20:05:41 2016] <rrika> I have a helper lemma now but I feel this should be easier.
[Thu Oct 13 20:06:26 2016] <johnw> rrika: can I see your code?
[Thu Oct 13 20:07:57 2016] <rrika> johnw, https://gist.github.com/rrika/4b8562a3e259f27571b7f6e535f09177
[Thu Oct 13 20:08:06 2016] <rrika> you won't be able to run it though, it seems to depend on a lot of stuff
[Thu Oct 13 20:08:11 2016] <rrika> my code is at the bottom
[Thu Oct 13 20:20:32 2016] <rrika> oh god this is so tedious, all I'm trying to prove is that "temp = *a; *a = *b; *b = temp" conforms to the spec of "swap"
[Thu Oct 13 20:20:41 2016] <rrika> well, it's for learning
[Thu Oct 13 20:30:15 2016] <rrika> whoo, I did it
[Thu Oct 13 20:30:28 2016] <rrika> without helper theorems
[Thu Oct 13 20:54:30 2016] <rrika> johnw, do you know http://krakatoa.lri.fr/ ?
[Thu Oct 13 21:11:44 2016] <johnw> i didn't until a minute ago :)
[Thu Oct 13 21:12:37 2016] <rrika> I guess antonv would've been interested in this
[Thu Oct 13 21:12:43 2016] <rrika> though the workflow looks a bit painful
[Thu Oct 13 21:12:43 2016] <johnw> yes
[Thu Oct 13 21:12:47 2016] <johnw> and yes :)
[Thu Oct 13 21:12:49 2016] <rrika> importing it into an old version of why
[Thu Oct 13 21:12:55 2016] <rrika> then transforming it to a new version, etc.
[Fri Oct 14 15:35:14 2016] <rrika> does anyone here have experience with showing that some assembly corresponds to some C code?
[Fri Oct 14 15:35:24 2016] <rrika> (doesn't have to be using coq)
[Fri Oct 14 15:35:53 2016] <rrika> I'm mostly wondering about the issue that sideeffects from the C perspective do not include stack manipulation like spilling reigsters.
[Fri Oct 14 15:45:30 2016] <rrika> hi antonv
[Fri Oct 14 15:45:48 2016] <rrika> I found http://krakatoa.lri.fr/ yesterday. Might be relevant to you.
[Fri Oct 14 15:51:37 2016] <antonv> rrika: thanks a lot, let me check it
[Fri Oct 14 16:04:24 2016] <Ptival> rrika: if you look into CompCert, you can propably devise a way to simulate an execution from the CompCert C subset of the C language to x86/PowerPC asm
[Fri Oct 14 16:04:43 2016] <rrika> I have no choice over the compiler
[Fri Oct 14 16:04:53 2016] <rrika> I want to confirm that a decompilation is correct
[Fri Oct 14 16:05:13 2016] <rrika> the stacklayout choices have already been made
[Fri Oct 14 16:05:42 2016] <rrika> I'm currently flipping through a slidedeck called "Translation Validation for a Verified OS Kernel"
[Fri Oct 14 16:05:48 2016] <rrika> (it's about sel4)
[Fri Oct 14 16:06:30 2016] <rrika> (http://www.nicta.com.au/publications/research-publications/?pid=6449)
[Fri Oct 14 16:09:59 2016] <antonv> rrika: your link is a whole new stratum of information for me, thanks again
[Fri Oct 14 16:11:18 2016] <rrika> :3
[Fri Oct 14 16:22:04 2016] <Ptival> rrika: I did not mean to use the compiler part, just the semantics
[Fri Oct 14 16:22:13 2016] <Ptival> but indeed seL4 might have something better :)
[Fri Oct 14 16:22:39 2016] <rrika> Ptival, ah, tbh, both are huge projects and "using a part of it" is probably non-trivial
[Fri Oct 14 16:23:54 2016] <Ptival> yeah :\
[Fri Oct 14 16:24:12 2016] <Ptival> I'm familiar with CompCert's codebase
[Fri Oct 14 16:24:16 2016] <Ptival> can't help with seL4's
[Fri Oct 14 16:24:38 2016] <rrika> https://github.com/SEL4PROJ/graph-refine
[Fri Oct 14 16:24:49 2016] <rrika> Ptival, how come you know compcert?
[Fri Oct 14 16:24:58 2016] <rrika> I mean, know it more in depth
[Fri Oct 14 16:25:01 2016] <Ptival> I've worked on it and with it
[Fri Oct 14 16:25:04 2016] <rrika> oh, cool
[Fri Oct 14 16:27:15 2016] <rrika> oh, actually, graph-refine looks very applicable to what I'm trying to do
[Fri Oct 14 16:55:04 2016] <Ptival> neat
[Fri Oct 14 17:43:27 2016] <rrika> ugh, the repo is incomplete
[Fri Oct 14 17:43:38 2016] <rrika> lacks some programs
[Sun Oct 16 04:03:56 2016] <ankitku> Hi
[Sun Oct 16 04:04:05 2016] <ankitku> I need a universally unifiable term
[Sun Oct 16 04:04:08 2016] <ankitku> in Coq
[Sun Oct 16 04:05:07 2016] <ankitku> such that I can state that : universally_unifiable t -> t = f (t)
[Sun Oct 16 04:05:54 2016] <ankitku> how can I create one?
[Sun Oct 16 13:58:09 2016] <rrika> I just had a look at http://www.rntz.net/files/icfp2016-datafun-presentation.pdf
[Sun Oct 16 13:58:45 2016] <rrika> I was wondering if that type system could be embedded in coq and a "fix" operator that automatically derives the well foundedness relation could be provided
[Sun Oct 16 13:58:52 2016] <rrika> need to understand it more first though
[Mon Oct 17 16:29:15 2016] <modulus> Anyone can give me some hints on reg_exp_of_list_spec lemma, from software foundations?
[Mon Oct 17 16:29:58 2016] <modulus> I'm trying induction on the lists but i get to something like [] = X s1 and the hypotheses don't seem useful.
[Mon Oct 17 16:58:19 2016] <Cypi> modulus: for the -> direction, you should probably be able to do an induction directly on the "... ~= ..." hypothesis
[Mon Oct 17 16:58:31 2016] <Cypi> for the <- direction, I don't think you have a choice: induction on the lists it is
[Mon Oct 17 16:58:48 2016] <Cypi> make sure that the second list is generalized when do the induction on the first one though, it's probably safer
[Mon Oct 17 17:00:08 2016] <modulus> hmm
[Mon Oct 17 17:02:13 2016] <modulus> ok, i think what i was doing wrong is i was starting to induct on s2 and s2 after doing the split. but you can induct on H right from the split.
[Mon Oct 17 17:02:25 2016] <modulus> but now it remains to be seen if this way round works :-)
[Mon Oct 17 17:03:49 2016] <modulus> hmm no...
[Mon Oct 17 17:04:36 2016] <modulus> when i do generalize dependent s1 or s2 it gets out the H from the hypotheses too so it won't let me generalize on those and induce on H.
[Mon Oct 17 17:18:09 2016] <modulus> ok, i found a solution online.
[Mon Oct 17 17:18:35 2016] <modulus> seems i was failing to see possibilities of inversion for one of the hypotheses.
[Tue Oct 18 00:27:48 2016] <keep_learning> Hi every one
[Tue Oct 18 00:27:56 2016] <keep_learning> Could some one please have a look https://gist.github.com/mukeshtiwari/06c1c80df64fcd68b51c08b1a0831391
[Tue Oct 18 00:28:14 2016] <johnw> "congruence"
[Tue Oct 18 00:28:30 2016] <keep_learning> johnw: I was about to write
[Tue Oct 18 00:28:35 2016] <keep_learning> congruence is not working
[Tue Oct 18 00:28:37 2016] <johnw> haha
[Tue Oct 18 00:28:45 2016] <johnw> what does this say: rewrite H in Hk
[Tue Oct 18 00:29:12 2016] <keep_learning> Found no subterm matching "Fixpoints.iter (O k) (length v) (fun _ : cand * cand => false) (c, d)" in Hk.
[Tue Oct 18 00:29:29 2016] <keep_learning> I tried all this before coming here :)
[Tue Oct 18 00:29:44 2016] <johnw> now check with Set Printing All
[Tue Oct 18 00:29:48 2016] <johnw> they won't be identical then
[Tue Oct 18 00:30:13 2016] <johnw> and I wonder if "simpl in *" makes them identical
[Tue Oct 18 00:32:54 2016] <keep_learning> johnw: Thanks
[Tue Oct 18 06:38:31 2016] <notdan> hi
[Tue Oct 18 11:04:06 2016] <lpaste> dg pasted “ 【美国文凭】密歇根大学-安娜堡分校毕业证,成绩单/Q/微320865551制作UMich毕业证成绩单真实可查的教育部认证回国人员证明文凭University of Michigan Ann Arbor” at http://lpaste.net/4716211765631778816
[Tue Oct 18 11:06:20 2016] <lpaste> dg pasted “【美国文凭】莱斯大学毕业证,成绩单/Q/微320865551制作毕业证成绩单真实可查的教育部认证回国人员证明文凭Rice University” at http://lpaste.net/3476341452731056128
[Tue Oct 18 11:07:36 2016] <lpaste> dg pasted “ 【美国文凭】乔治城大学毕业证,成绩单/Q/微320865551制作毕业证成绩单真实可查的教育部认证回国人员证明文凭Georgetown University” at http://lpaste.net/8955378438500253696
[Tue Oct 18 11:07:50 2016] <lpaste> dg pasted “【美国文凭】塔夫斯大学毕业证,成绩单/Q/微320865551制作毕业证成绩单真实可查的教育部认证回国人员证明文凭Tufts University” at http://lpaste.net/4481412771212165120
[Tue Oct 18 12:03:55 2016] <johnw> whom do I ask to get #ops in this channel?
[Tue Oct 18 13:49:12 2016] <modulus> hints? https://paste.debian.net/883392/
[Tue Oct 18 17:35:48 2016] <eternaleye> Hi, I'm getting a test failure with the 8.5pl2 release, on `success/Nsatz.v` - full build log: http://ix.io/1xnR
[Tue Oct 18 17:36:04 2016] <eternaleye> (Currently working on packaging Coq for Exherbo)
[Tue Oct 18 17:36:40 2016] <eternaleye> Any thoughts as to the cause, or how I could resolve it?
[Tue Oct 18 17:37:33 2016] <eternaleye> (Or any further information I can provide - I have the build dir preserved)
[Wed Oct 19 11:34:40 2016] <pgiarrusso> Hi all! I have CoqIDE FAQ #1 and can’t find an answer through googling
[Wed Oct 19 11:35:19 2016] <pgiarrusso> namely, I have some Coq projects that work under ProofGeneral’s “Compile before Require” behavior
[Wed Oct 19 11:35:30 2016] <pgiarrusso> how do I get them to work with CoqIDE?
[Wed Oct 19 11:35:59 2016] <pgiarrusso> in particular, I’d like “Require Import Foo.” to work once Foo.v exists in the same folder.
[Wed Oct 19 11:36:31 2016] <pgiarrusso> I can’t find an answer in either of https://coq.inria.fr/faq#htoc172 http://stackoverflow.com/questions/16202666/coqide-cant-load-modules-from-same-folder http://blog.zhenzhang.me/2016/09/19/coq-dev.html
[Wed Oct 19 13:39:15 2016] <roconnor> AFAIU, you need to compile Foo.v with something like `coqc Foo.v`
[Wed Oct 19 13:57:23 2016] <pgiarrusso> and for the current folder I don’t need any `-I .` option by default?
[Wed Oct 19 13:58:25 2016] <pgiarrusso> also, is it right that there’s no way to have CoqIDE compile dependencies automatically? I need to do that externally, by hand or through Makefiles?
[Wed Oct 19 13:59:18 2016] <johnw> i've never tried using it
[Wed Oct 19 14:01:27 2016] <eternaleye> pgiarusso: Looking at the CoqIDE UI, it seems to have "Make Makefile" under "Compiling", which I suspect runs "coq_makefile" - that may automate the process of specifying dependencies by using coqdep.
[Wed Oct 19 14:04:32 2016] <eternaleye> *pgiarrusso ^^
[Wed Oct 19 14:07:27 2016] <pgiarrusso> eternaleye: interesting, but that uses `-R "." Top -I “.”` which breaks things
[Wed Oct 19 14:09:00 2016] <pgiarrusso> ah wait, it works if I clean the project first
[Wed Oct 19 14:10:48 2016] <pgiarrusso> eternaleye: OK, this workflow seems reasonable, if only one discovers it :-)
[Wed Oct 19 14:11:41 2016] <pgiarrusso> I retract, since CoqIDE doesn’t know about this default and complains the compiled code uses Top.Foo instead of Foo :-|
[Wed Oct 19 14:11:53 2016] <eternaleye> Mm
[Wed Oct 19 14:12:22 2016] <pgiarrusso> I can make it work via make COQLIBS=‘’ and then loading a file
[Wed Oct 19 14:12:25 2016] <eternaleye> * just installed Coq yesterday, but spent the past week getting it packaged, and so has a better idea of the build process than any of the actual features at this point :P
[Wed Oct 19 14:16:38 2016] <eternaleye> You might be able to do something via creating a _CoqProject file at the top level
[Wed Oct 19 14:17:53 2016] <eternaleye> pgiarrusso: https://coq.inria.fr/refman/Reference-Manual017.html#Makefile
[Wed Oct 19 14:18:13 2016] <eternaleye> According to the docs, CoqIDE respects that when generating makefiles
[Wed Oct 19 14:21:32 2016] <pgiarrusso> So now I have to maintain the list of source files by hand?
[Wed Oct 19 14:22:17 2016] <pgiarrusso> I don’t mean to complain against anybody
[Wed Oct 19 14:22:42 2016] <pgiarrusso> but I’m trying to figure out whether CoqIDE can be configured to “just work” like ProofGeneral
[Wed Oct 19 14:23:25 2016] <pgiarrusso> And I’m fine with “don’t expect it to really work well without integration” — I’m fine with using Proof General myself
[Wed Oct 19 14:24:09 2016] <pgiarrusso> but today I tried installing Coq for a fellow PhD student and directed him to CoqIDE, and I’m fine with concluding “that was a mistake”
[Wed Oct 19 14:24:22 2016] <pgiarrusso> or “everybody uses ProofGeneral”
[Wed Oct 19 14:28:10 2016] <pgiarrusso> eternaleye roconnor: to be sure, thanks both of you for your help :-)
[Wed Oct 19 21:20:39 2016] <benzrf> 02:12:25             * │ eternaleye just installed Coq yesterday, but spent the past week getting it packaged, and so has a better idea of the
[Wed Oct 19 21:20:52 2016] <benzrf> eternaleye: what OS do you use that you had to do that?
[Wed Oct 19 21:21:36 2016] <eternaleye> benzrf: Well, it took me about 20min to write the package, and a week to discover that -datadir /usr/share is not a good thing to pass to configure
[Wed Oct 19 21:21:53 2016] <eternaleye> Which was a bit of a surprise, coming from Autotools
[Wed Oct 19 21:21:57 2016] <benzrf> but... what OS do you use that you had to do that?
[Wed Oct 19 21:22:04 2016] <eternaleye> Exherbo
[Wed Oct 19 21:22:19 2016] <eternaleye> Small source-based distro, somewhat cousin-like relation to Gentoo
[Wed Oct 19 21:22:22 2016] <eternaleye> I'm a dev
[Wed Oct 19 21:22:47 2016] <eternaleye> Coq was already packaged, but it was 8.4, and was a bit crufty
[Wed Oct 19 21:23:49 2016] <eternaleye> So I revamped the package definition, bumped it to 8.5pl2, and added -scm packages for 8.5 HEAD and trunk HEAD for impatient people
[Wed Oct 19 21:24:23 2016] <eternaleye> (it being a source distro, on each build it would fetch up-to-date source from git for those)
[Wed Oct 19 21:26:13 2016] <benzrf> o:
[Wed Oct 19 21:26:20 2016] <benzrf> u should just use nix :}
[Wed Oct 19 21:26:25 2016] <benzrf> nix is fun & good
[Wed Oct 19 21:31:10 2016] <johnw> I use Nix for everything Coq-related too; very nice to use, once you get it all working
[Wed Oct 19 22:55:39 2016] <eternaleye> I've looked at Nix; I agree there are some things it does very well, but I also feel there are things it could stand to do better that Exherbo does well.
[Wed Oct 19 22:56:02 2016] <eternaleye> Also, I'm familiar with Exherbo, Coq is a hobby right now, and I don't have enough leisure time to experiment with distros _and_ Coq.
[Wed Oct 19 22:56:36 2016] <eternaleye> (And as I said, I'm a _dev_ on Exherbo. If I don't like something there, I have push access)
[Wed Oct 19 23:37:53 2016] <benzrf> well
[Wed Oct 19 23:37:59 2016] <benzrf> you can use nix on any OS
[Wed Oct 19 23:38:03 2016] <benzrf> i run arch myself
[Wed Oct 19 23:39:08 2016] <benzrf> what does exherbo do that nix doesnt do well?
[Thu Oct 20 00:02:33 2016] <eternaleye> Well, one is that cross-compilation is natively supported to the point that it's used for 32-bit compat on 64-bit systems, with full coinstall capability. Another is that it's considerably closer to FHS in layout, and thus software (especally binary software) needs far, far less massaging to fit. A third is that it has a trivial command (cave import) to take manually-built code (DESTDIR-like) and create an ephemeral package
[Thu Oct 20 00:02:34 2016] <eternaleye> from it, such that its dependencies and files can be tracked natively, without needing to write a single line of code. A fourth is that Exherbo _doesn't_ try to make the package manager responsible for all configuration of the installed packages, which I consider to be a futile/sisyphean task which reduces generality. A fifth is that while nix-env blocks collisions, it (at least defaults to) permitting multiple versions of
[Thu Oct 20 00:02:35 2016] <eternaleye> the same package to be installed. This is unsafe in the general case, due to data structure and symbol isolation problems that are insoluble in the C model of compilation where one dependency can link to foo.so.1 and another can link to foo.so.2. Exherbo defaults to a package _not_ being mutually installable with other versions, unless explicitly permitted via the "slots" mechanism.
[Thu Oct 20 00:03:33 2016] <eternaleye> Also, my repeated experience with Nix has been being told I should switch to it and that it's better than X, _after_ I've said I'm a developer for a distribution. This tends to come across as rude.
[Thu Oct 20 00:04:40 2016] <eternaleye> I do think Nix does many things right - pure package specifications generating build instructions in particular, as well as the immutable store - but I'd much rather examine it for lessons than switch to it.
[Thu Oct 20 12:08:42 2016] <r_rios> Hello, all. Is it possible to prove that forall x: T, ~P x -> ~exists x: T, P x?
[Thu Oct 20 12:08:51 2016] <r_rios> I managed to prove the opposite
[Thu Oct 20 12:09:43 2016] <zozozo> well, you'd have to prove that there exists at least one x: T
[Thu Oct 20 12:10:19 2016] <zozozo> hm.; nevermind, I'm tired
[Thu Oct 20 12:10:54 2016] <Cypi> You need more parentheses, but yes, it's provable
[Thu Oct 20 12:11:10 2016] <Cypi> By that I mean: you probably want (forall x: T, ~P x) -> ~exists x: T, P x
[Thu Oct 20 12:12:07 2016] <r_rios> Yeah, that
[Thu Oct 20 12:12:19 2016] <r_rios> Thx
[Thu Oct 20 12:18:01 2016] <r_rios> Is it possible to use exists for a generic type?
[Thu Oct 20 12:18:27 2016] <Cypi> What do you mean?
[Thu Oct 20 12:19:59 2016] <r_rios> Nvm, the docs answered me: https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic20
[Thu Oct 20 12:20:13 2016] <r_rios> "This applies only if I has a single constructor."
[Thu Oct 20 12:20:32 2016] <Cypi> oooh, you meant the tactic
[Thu Oct 20 17:10:29 2016] <r_rios> I have a hypothesis H1: P and H2: P -> Q. If I apply H2 in H1, I get H1: Q and lose P. The problem is that I need P further down the proof. Is there a way I can apply H2 in H1 without losing my original proposition? Or am I thinking of this the wrong way?
[Thu Oct 20 17:10:41 2016] <r_rios> (Sorry, my connection went down)
[Thu Oct 20 17:11:07 2016] <Cypi> If you don't mind losing H2, you can do "specialize (H2 H1)"
[Thu Oct 20 17:11:29 2016] <Cypi> more generally, you could do "pose proof (H2 H1)" which would create a whole new hypothesis
[Thu Oct 20 17:21:37 2016] <r_rios> Cypi: can I give the new hypothesis a custom name?
[Thu Oct 20 17:22:12 2016] <Cypi> "pose proof (H2 H1) as your_name"
[Thu Oct 20 17:22:33 2016] <KaneTW> i've also been using set (Hnew := H2 H1) sometimes
[Thu Oct 20 17:22:36 2016] <r_rios> Thanks
[Thu Oct 20 17:23:23 2016] <Cypi> set keeps the body of the hypothesis though, which might or might not like
[Thu Oct 20 20:00:30 2016] <keep_learning> Hello everyone
[Thu Oct 20 20:00:34 2016] <keep_learning> I am stuck with https://gist.github.com/mukeshtiwari/86d63bf2efb5db89cb7fceeddcedd772
[Thu Oct 20 20:00:59 2016] <keep_learning> A hint would be great
[Thu Oct 20 20:04:53 2016] <johnw> hi keep_learning
[Thu Oct 20 20:05:01 2016] <keep_learning> Hi johnw
[Thu Oct 20 20:05:25 2016] <Cypi> You need to make your statement more general to be able to prove it
[Thu Oct 20 20:05:40 2016] <Cypi> specifically, the second argument to s_execute
[Thu Oct 20 20:05:48 2016] <johnw> a general rule of thumb is to avoid constants in theorems statements as much as possible
[Thu Oct 20 20:06:02 2016] <johnw> so, instead of [], use xs with some statement about its properties if necessary
[Thu Oct 20 20:06:30 2016] <johnw> probably the right-hand side will need to be different as well
[Thu Oct 20 20:09:55 2016] <keep_learning> Cypi: <Cypi> specifically, the second argument to s_execute.  You mean change empty list ([]) in s_execute st [] (s_compile e) = [ aeval st e ] to more general one ?
[Thu Oct 20 20:10:04 2016] <johnw> yes
[Thu Oct 20 20:10:11 2016] <johnw> the specificity of [] is hampering you
[Thu Oct 20 20:10:19 2016] <johnw> this is a general rule of thumb
[Thu Oct 20 20:10:44 2016] <Cypi> notice that as johnw said, there is also an empty list constant hidden in the right-hand side that you will need to change for it to be correct
[Thu Oct 20 20:11:00 2016] <johnw> in fact, there's a section in CPDT about this
[Thu Oct 20 20:11:19 2016] <keep_learning> Thank you Cypi johnw
[Thu Oct 20 20:11:32 2016] <keep_learning> Theorem s_compile_correct : forall (st : state) (e : aexp) (l : list nat),   s_execute st l (s_compile e) = [ aeval st e ] ++ l.
[Thu Oct 20 20:12:05 2016] <johnw> see section 2.1.4 of CPDT, where Chlipala says: Though a pencil-and-paper proof might clock out at this point, writing “by a routine induction on e,” it turns out not to make sense to attack this proof directly. We need to use the standard trick of strengthening the induction hypothesis.
[Thu Oct 20 20:12:24 2016] <johnw> it's that trick which you need here
[Thu Oct 20 20:13:24 2016] <keep_learning> johnw: Yes, it the particular instance of empty list [] is making the situation impossible to prove this
[Thu Oct 20 20:13:51 2016] <johnw> keep_learning: I've run into this so many times, that I now instinctively look for non-variables in my theorems :)
[Thu Oct 20 20:14:18 2016] <johnw> in fact, it hit me again two days ago
[Thu Oct 20 20:14:43 2016] <keep_learning> johnw: I tried CPDT in past, but it was very to grasp every thing and too much for me.
[Thu Oct 20 20:14:57 2016] <keep_learning> Time to read it again
[Thu Oct 20 20:15:45 2016] <keep_learning> it was very *hard to grasp every thing.
[Thu Oct 20 20:15:53 2016] <johnw> yes, it deserves multiple reads
[Thu Oct 20 20:16:06 2016] <johnw> and its usefulness relates to how much you intend to really use Coq
[Thu Oct 20 21:21:24 2016] <benzrf> hmm
[Thu Oct 20 21:21:35 2016] <benzrf> i wonder if i could do a tutorial request and work through CPDT for credits 8D
[Thu Oct 20 21:23:54 2016] <r_rios> How can I pass an implicit parameter explicitly to a constructor?
[Thu Oct 20 21:24:02 2016] <johnw> two ways
[Thu Oct 20 21:24:05 2016] <johnw> @ctor param
[Thu Oct 20 21:24:12 2016] <johnw> or: ctor (name:=param)
[Thu Oct 20 21:24:29 2016] <johnw> the latter is often better  than @ctor _ _ _ _ _ _ _ param :)
[Thu Oct 20 21:24:40 2016] <benzrf> actor!
[Thu Oct 20 21:24:56 2016] <johnw> ?
[Thu Oct 20 21:25:29 2016] <r_rios> I'll try that, thanks
[Thu Oct 20 21:27:37 2016] <r_rios> I really don't know what I was doing wrong. Thanks
[Thu Oct 20 21:30:00 2016] <benzrf> johnw: @ctor
[Thu Oct 20 21:39:05 2016] <r_rios> Hey, you folks are very supportive and very quick to answer. Thanks a lot :)
[Thu Oct 20 21:48:38 2016] <johnw> we're here to help :)
[Thu Oct 20 22:08:12 2016] <benzrf> quick to answer???
[Thu Oct 20 22:08:14 2016] <benzrf> #coq ???
[Thu Oct 20 22:08:18 2016] <benzrf> impossible
[Thu Oct 20 22:55:36 2016] <eternaleye> Definition coq_channel(quick_to_answer: True) -> False. Proof. trivial. Qed.
[Thu Oct 20 22:55:39 2016] <eternaleye> :P
[Thu Oct 20 23:08:00 2016] <benzrf> do you mean ": False" o:
[Thu Oct 20 23:11:42 2016] <eternaleye> Well, I did just install Coq two days ago :P
[Thu Oct 20 23:11:57 2016] <eternaleye> Still getting the hang of it
[Thu Oct 20 23:22:49 2016] <benzrf> 00:03 <eternaleye> Also, my repeated experience with Nix has been being told I should switch to it and that it's better than X, _after_ I've said I'm a developer for a distribution. This tends to come across as rude.
[Thu Oct 20 23:22:52 2016] <benzrf> hehe
[Thu Oct 20 23:22:54 2016] <benzrf> sorry
[Fri Oct 21 00:03:41 2016] <eternaleye> It's fine
[Fri Oct 21 00:11:13 2016] <r_rios> #gcc
[Fri Oct 21 00:11:18 2016] <r_rios> Whoops
[Fri Oct 21 00:12:46 2016] <r_rios> How do I use the "reverse" of an iff? I mean, I just proved A <-> B, but I can only manage to apply A -> B, not the other way around
[Fri Oct 21 00:15:22 2016] <roconnor> It's a hidden conjunction.  One way is to split it.
[Fri Oct 21 00:16:23 2016] <r_rios> How, exactly? split theorem_name?
[Fri Oct 21 00:16:35 2016] <johnw> you can also: proj1 theorem_name or proj2 theorem_name
[Fri Oct 21 00:17:41 2016] <r_rios> Do I need to import something?
[Fri Oct 21 00:18:02 2016] <johnw> no
[Fri Oct 21 00:20:33 2016] <r_rios> >= 8.5?
[Fri Oct 21 00:20:41 2016] <r_rios> I'm still in 8.4
[Fri Oct 21 00:21:07 2016] <johnw> proj1 is in Coq.Init.Logic
[Fri Oct 21 00:21:13 2016] <johnw> so it should be available by default
[Fri Oct 21 00:21:25 2016] <johnw> maybe that changed in 8.4, I don't know
[Fri Oct 21 00:21:53 2016] <roconnor> johnw means `apply (proj2 theorem_name)`
[Fri Oct 21 00:21:57 2016] <johnw> yes
[Fri Oct 21 00:22:40 2016] <r_rios> Ah
[Fri Oct 21 00:25:32 2016] <r_rios> The term "andb_ab" has type "forall a b : bool, a && b = true <-> a = true /\ b = true" while it is expected to have type "?2206 /\ ?2207".
[Fri Oct 21 00:36:43 2016] <modulus> not sure what you're doing but may it be you wante rewrite <- theorem?
[Fri Oct 21 02:33:10 2016] <keep_learning> Could some one please have a look at https://gist.github.com/mukeshtiwari/e4a19f08114658c21ea703ad11f3bc41
[Fri Oct 21 02:33:38 2016] <keep_learning> I am trying to prove while_break_true
[Fri Oct 21 02:33:45 2016] <keep_learning> but stuck with last goal
[Fri Oct 21 03:14:37 2016] <keep_learning> Please leave you answer as a comment.
[Fri Oct 21 08:56:15 2016] <schoppenhauer> what typeclass do I have to implement to apply the omega tactic to some structure I define?
[Sat Oct 22 07:58:29 2016] <rrika> I found a source file in an odd language: https://github.com/hbr/albatross/blob/master/example/list_sort.al
[Sat Oct 22 07:58:36 2016] <rrika> Anyone know this?
[Sat Oct 22 08:57:54 2016] <KaneTW> rrika: it's literally right there
[Sat Oct 22 08:58:03 2016] <KaneTW> "The Albatross Programming Language"
[Sat Oct 22 08:58:26 2016] <rrika> I can see the name. I mean more the context of the language.
[Sat Oct 22 08:58:42 2016] <rrika> I'm assuming the language designer already knew existing languages in that area.
[Sat Oct 22 08:59:07 2016] <rrika> But it chose to be different from them in some regards.
[Sat Oct 22 08:59:13 2016] <rrika> I just wanted to know the reasons behind those decisions
[Sat Oct 22 08:59:36 2016] <KaneTW> i've never heard of it before
[Sat Oct 22 08:59:52 2016] <rrika> for example, in some other files in the repo you can see properties about relations
[Sat Oct 22 08:59:57 2016] <rrika> (like is_reflexive)
[Sat Oct 22 09:00:20 2016] <rrika> but they're written to return bool instead of {p}+{¬p} which I know from coq
[Sat Oct 22 09:01:43 2016] <ankitku> Hi, I have to disprove that : AReg r = ANum 0
[Sat Oct 22 09:01:48 2016] <ankitku> given the definition
[Sat Oct 22 09:02:00 2016] <ankitku> Inductive aexp : Type :=
[Sat Oct 22 09:02:00 2016] <ankitku> | ANum : nat -> aexp
[Sat Oct 22 09:02:00 2016] <ankitku> | AReg : nat -> aexp
[Sat Oct 22 09:02:14 2016] <KaneTW> inversion?
[Sat Oct 22 09:02:28 2016] <ankitku> But inversion works only on Hypothesis
[Sat Oct 22 09:02:42 2016] <ankitku>  AReg r = ANum 0 is in my goal
[Sat Oct 22 09:02:49 2016] <KaneTW> then it's unprovable
[Sat Oct 22 09:02:50 2016] <rrika> you can't prove it
[Sat Oct 22 09:03:00 2016] <rrika> you have to show that something else in your premises is contradictory
[Sat Oct 22 09:03:08 2016] <ankitku> ohk
[Sat Oct 22 09:03:15 2016] <ankitku> thanks :)
[Sat Oct 22 09:06:48 2016] <rrika> ankitku, you can run "apply False_rect" to remind yourself to not worry about the goal
[Sat Oct 22 09:06:53 2016] <rrika> it will replace the goal by false
[Sat Oct 22 09:07:12 2016] <ankitku> ok, thanks rrika
[Sat Oct 22 12:11:59 2016] <KaneTW> exfalso is a shorthand for elimtype False
[Sat Oct 22 12:16:29 2016] <KaneTW> (and elimtype False does the same thing as apply False_rect)
[Sat Oct 22 12:53:16 2016] <rrika> KaneTW, I vaguely remembered something like that and tried "ex_falso", saw that it didn't work and doubted my memory
[Sat Oct 22 15:42:16 2016] <ankitku> Hi
[Sat Oct 22 15:42:23 2016] <ankitku>  CVL : exists (i : instr) (l : nat),
[Sat Oct 22 15:42:24 2016] <ankitku>           ihas_type Psi Gamma i (code Gamma) -> v = l -> Some i = H (Id l)
[Sat Oct 22 15:42:24 2016] <ankitku>   ============================
[Sat Oct 22 15:42:25 2016] <ankitku>    Some I2 = H (Id v)
[Sat Oct 22 15:42:56 2016] <ankitku> i need to apply CVL to the goal, with appropriate bindings, but I am not able to
[Sat Oct 22 15:43:03 2016] <ankitku> pls help
[Sat Oct 22 15:57:38 2016] <jrw> ankitku: CVL proves that there exists an i such that
[Sat Oct 22 15:57:56 2016] <jrw> blah, but you need to know that it holds for I2
[Sat Oct 22 15:58:21 2016] <ankitku> yes, so can i instantiate it with I2?
[Sat Oct 22 16:00:35 2016] <jrw> ankitku: no, that's not what "there exists" means. you don't get to instantiate it, you just have to deal with whatever is in there.
[Sat Oct 22 16:00:49 2016] <ankitku> okk
[Sat Oct 22 16:01:00 2016] <ankitku> thanks :)
[Sat Oct 22 23:25:57 2016] <benzrf> so it looks as though agda's coinductive types fully take the approach of the user providing destructors
[Sat Oct 22 23:26:02 2016] <benzrf> why did coq do it the way it did?
[Sun Oct 23 09:11:45 2016] <rrika> I forgot how to move a subexpression to the assumptions
[Sun Oct 23 09:11:47 2016] <rrika> like
[Sun Oct 23 09:12:03 2016] <rrika> |- P (x+3)
[Sun Oct 23 09:12:03 2016] <rrika> into
[Sun Oct 23 09:12:14 2016] <rrika> temp := x+3 : nat |- P temp
[Sun Oct 23 09:12:21 2016] <Cypi> set (temp := x+3)
[Sun Oct 23 09:12:48 2016] <rrika> ah, thank you very much Cypi
[Sun Oct 23 09:45:51 2016] <rrika> Okay, I ran into a very weird situation.
[Sun Oct 23 09:46:01 2016] <rrika> Inductive clos_refl (A : Type) (R : relation A) (x : A) : A -> Prop :=
[Sun Oct 23 09:46:01 2016] <rrika>     r_step : forall y : A, R x y -> clos_refl A R x y
[Sun Oct 23 09:46:01 2016] <rrika>   | r_refl : clos_refl A R x x
[Sun Oct 23 09:46:09 2016] <rrika> this is from Coq.Relations.Relations.
[Sun Oct 23 09:47:11 2016] <rrika> oh nevermind, I had a mistake in my reasoning
[Sun Oct 23 09:48:38 2016] <rrika> rubber duck debugging but with roosters
[Sun Oct 23 12:44:44 2016] <modulus> I have a question. I have a hypothesis like this: H0 : (P -> False) /\ ((P -> False) -> False)
[Sun Oct 23 12:44:54 2016] <modulus> and a goal of False.
[Sun Oct 23 12:45:19 2016] <modulus> if I apply H0, the goal becomes p -> False. and if I apply it again it tells me no goals left. this is puzzling me a little.
[Sun Oct 23 12:46:59 2016] <modulus> I understand solving this by destructing H0 and applying one goal on the other, then I get a false hypothesis and it's  done, but this double application thing, I don't get why it works.
[Sun Oct 23 12:47:25 2016] <rrika> modulus, I guess apply destructs internally and tries applying each of the sides of the /\
[Sun Oct 23 12:47:39 2016] <rrika> during the first part it doesn't apply the whole H but the right part
[Sun Oct 23 12:47:45 2016] <rrika> *during the first step
[Sun Oct 23 12:48:00 2016] <modulus> so the first apply works on the right side of the conj and the next apply on the left?
[Sun Oct 23 12:48:07 2016] <rrika> apparently
[Sun Oct 23 12:48:18 2016] <modulus> that seems a bit magic to me tbh.
[Sun Oct 23 12:48:26 2016] <rrika> there's a lot of magic in coq
[Sun Oct 23 12:48:26 2016] <modulus> like it's great that it works, but it is a bit odd.
[Sun Oct 23 12:48:38 2016] <rrika> many tactics do "intro" for example
[Sun Oct 23 12:48:54 2016] <modulus> true, like unduction, destruct.
[Sun Oct 23 12:50:24 2016] <modulus> tbh what i would have expected is, it sees that both sides of the conj have a false on the right, and it would produce p /\ p -> false.
[Sun Oct 23 12:52:51 2016] <modulus> but now i think about it this seems sensible, since H0 is asserting both sides are true so it shouldn't require you to prove them both.
[Sun Oct 23 12:54:33 2016] <rrika> what *is* surprising is that given the choice to use either it picks the right one
[Sun Oct 23 12:54:54 2016] <modulus> i think because only the right one has the right type on the conclusion.
[Sun Oct 23 12:55:09 2016] <modulus> wait no, both do.
[Sun Oct 23 12:55:58 2016] <modulus> yeah, if it went with the left one you'd be stuck with P on the goal and couldn't go on.
[Sun Oct 23 12:57:23 2016] <rrika> modulus, if you swap the sides of /\ it fails
[Sun Oct 23 12:57:35 2016] <rrika> I think it prefers the right side
[Sun Oct 23 12:57:47 2016] <modulus> Heh, how fortuitous.
[Sun Oct 23 12:58:20 2016] <modulus> Might be something on how conj is constructed, idk.
[Sun Oct 23 12:59:11 2016] <rrika> even in the simple case apply tries multiple times and goes with the first match
[Sun Oct 23 12:59:15 2016] <modulus> Anyway, I guess it's just a funny coincidence. I'll remember that when applying a conjunctive hypothesis it will try the right side first.
[Sun Oct 23 12:59:20 2016] <rrika> H: a → b → c
[Sun Oct 23 12:59:36 2016] <rrika> it will try to match the goal with (a→b→c), (b→c), (c)
[Sun Oct 23 13:00:08 2016] <modulus> odd.
[Sun Oct 23 13:00:36 2016] <rrika> so I guess while recursing down the ast whatever gets found first sticks
[Tue Oct 25 04:45:04 2016] <petercommand> how can I proof something like (i ?= 0) = Lt where i : Z?
[Tue Oct 25 18:54:13 2016] <stupified> hi, i'm trying to learn coq, does anyone know how one might solve the following lemma in a simple manner?
[Tue Oct 25 18:54:16 2016] <stupified> Lemma unique_succ : forall a : positive, exists! b : nat, S b = Pos.to_nat a.
[Tue Oct 25 18:54:47 2016] <ezyang> stupified: what's the definition of positive
[Tue Oct 25 18:54:49 2016] <stupified> by hand, i proved this using induction on b... but doing so in coq leads to a bunch of cases with terms I am unable to eliminate
[Tue Oct 25 18:55:10 2016] <stupified> positive - set Z+ of integers {1, 2, ...}
[Tue Oct 25 18:55:19 2016] <stupified> nat = {0, 1, 2, ...}
[Tue Oct 25 18:55:37 2016] <ezyang> stupified: No, I know what positive numbers are; what I need to know, is what the inductive encoding of the concept you are using is ;)
[Tue Oct 25 18:57:05 2016] <stupified> ah, I believe I am using the definition in binNums - https://coq.inria.fr/distrib/8.5pl2/stdlib/Coq.Numbers.BinNums.html
[Tue Oct 25 18:58:11 2016] <stupified> I am importing Coq.PArith.PArith, at least
[Tue Oct 25 18:58:59 2016] <jrw> stupified: I don't understand how you can proceed by induction on b for this lemma. b is existentially quantified in the conclusion.
[Tue Oct 25 18:59:27 2016] <ezyang> Do induction on positive
[Tue Oct 25 18:59:28 2016] <jrw> the straightforward thing to try is induction on a
[Tue Oct 25 18:59:30 2016] <jrw> yeah
[Tue Oct 25 18:59:49 2016] <ezyang> it might be a bit finicky in the xO case but eh
[Tue Oct 25 19:02:00 2016] <stupified> you're right. I probably mistranslated my proposition into logic. I started with the sentence "Let a be a positive number. Then there exists exactly one natural number b such that S(b) = a".
[Tue Oct 25 19:02:42 2016] <jrw> sounds right to me
[Tue Oct 25 19:09:05 2016] <stupified> so, that decomposes the proof into three cases. the first of which is exists ! b : nat, S b = Pos.to_nat a~1
[Tue Oct 25 19:09:21 2016] <stupified> am i right in saying that reads as there is a unique nat b such that S(b) = a, a not equal to 1?
[Tue Oct 25 19:12:13 2016] <ezyang> I am not sure where the ! came from
[Tue Oct 25 19:15:36 2016] <stupified> part of the original statement was that there is exactly one natural number b. So I wrote that using exists!, which I think is notation for "there exists a unique..."
[Tue Oct 25 19:15:40 2016] <jrw> stupified: no, a~1 is notation for the xI constructor
[Tue Oct 25 19:15:53 2016] <jrw> ! is defined in the stdlib as a notation for "unique"
[Tue Oct 25 19:16:31 2016] <jrw> unique P x := P x /\ (forall x', P x' -> x = x')
[Tue Oct 25 19:16:45 2016] <jrw> so exists! x, P x does the right thing
[Tue Oct 25 19:17:59 2016] <jrw> stupified: (spoilers!) here's one way to do it https://gist.github.com/wilcoxjay/e913b5f8533831ad963da0383f401a89
[Tue Oct 25 19:21:26 2016] <stupified> thanks jrw. i'll take a close look at it. spoilers are fine, haha, i'm trying to learn coq, not reprove my real analysis notes from years ago ;p
[Tue Oct 25 19:22:02 2016] <jrw> note that I used the omega tactic, but not really in any interesting way. it should be possible to replace it in all cases with simpler tactics if you want.
[Tue Oct 25 19:22:42 2016] <stupified> yes, i will probably try to do that once i understand the proof. omega is very mysterious to me
[Tue Oct 25 19:39:46 2016] <modulus> is there a concise way to say propositions p1...p5 are equivalent, or do i need to do p1<->p2/\p2<->p3 etc?
[Tue Oct 25 19:44:07 2016] <rrika> modulus, you could make a helper proposition that says that all props in a list are equivalent
[Tue Oct 25 19:44:19 2016] <modulus> ah, that sounds reasonable.
[Tue Oct 25 19:52:49 2016] <rrika> modulus, you can also do this
[Tue Oct 25 19:52:49 2016] <rrika> Definition allEquivTo (A: Prop) (l: list Prop) :=
[Tue Oct 25 19:52:49 2016] <rrika>   fold_left and (map (fun Z => A<->Z) l) True.
[Tue Oct 25 19:52:57 2016] <rrika> take a list of Z1 Z2 Z3 Z4
[Tue Oct 25 19:53:01 2016] <rrika> use map to turn them into
[Tue Oct 25 19:53:06 2016] <rrika> A<->Z1 A<->Z2 A<->Z3
[Tue Oct 25 19:53:12 2016] <rrika> then link them all with "and"
[Tue Oct 25 19:53:56 2016] <rrika> though I guess this exposes the internals a lot
[Tue Oct 25 19:54:02 2016] <rrika> so having a helper proposition is probably nicer
[Tue Oct 25 21:35:33 2016] <pedroabreu> Hi. I'm working on the formalization of this Language (https://www.cis.upenn.edu/~bcpierce/papers/fj-toplas.pdf). But I'm stuck in a step which he does not prove that the typing context remains consistent when applying , is it common a paper
[Tue Oct 25 21:37:09 2016] <pedroabreu> remains consistent when applying a context weakening lemma. is it common a paper skip this part of the proof and let the reader work the details?
[Tue Oct 25 21:38:02 2016] <pedroabreu> I mean, I'm not even sure that the step is correct.
[Tue Oct 25 21:39:03 2016] <pedroabreu> Well, if anyone is interesting in taking a look, it is at the page 33 of the pdf 2nd line, applying Lemma A.1.3
[Wed Oct 26 00:03:59 2016] <eternaleye> Hey, is there any syntax to define a fixpoint as a member of a typeclass instance, without having a Fixpoint vernacular command at the top level defining the function which the Instance simply aliases?
[Wed Oct 26 00:05:00 2016] <eternaleye> This is my current code: http://ix.io/1zy4
[Wed Oct 26 00:05:26 2016] <eternaleye> I'd prefer to write the body of `splitter` directly as the body of `splits`, eliding `splitter` entirely
[Wed Oct 26 00:10:52 2016] <Cypi> You can always use the actual Gallina construct which corresponds to Fixpoint: fix
[Wed Oct 26 00:11:44 2016] <Cypi> it would go something like: splits := fix splitter I (inputi: Input I) (s: nat) (i: I) {struct s} := match s with ... end
[Wed Oct 26 00:26:28 2016] <eternaleye> Thanks!
[Wed Oct 26 00:27:00 2016] <eternaleye> I'm just starting out with Coq, so I haven't learned many of the vernacular <-> gallina correspondences yet.
[Wed Oct 26 00:27:34 2016] <eternaleye> Figured I'd start with a real project I actually want to use for something, so I'm working towards a range concatenation grammar implementation
[Wed Oct 26 00:29:52 2016] <eternaleye> Ah, and there we go! http://ix.io/1zyg
[Wed Oct 26 00:30:03 2016] <eternaleye> Cypi: Thank  you, that worked like a charm
[Wed Oct 26 00:30:26 2016] <Cypi> good :)
[Wed Oct 26 04:47:10 2016] <flxw> oops, wrong channel. Sorry. :-)
[Thu Oct 27 21:10:55 2016] <keep_learning> Hello everyone
[Thu Oct 27 21:11:11 2016] <keep_learning> Could some one please have a look https://gist.github.com/mukeshtiwari/5d524ad4a49abeb40573c629e5e392e1
[Thu Oct 27 21:11:31 2016] <keep_learning> I am stuck with goal NoDup a
[Thu Oct 27 21:13:13 2016] <keep_learning> I am just looking for hint.
[Thu Oct 27 21:51:57 2016] <benzrf> does omega not know about distributivity
[Thu Oct 27 22:03:37 2016] <rrika> is there a way to see the ast of coq functions from within coq?
[Thu Oct 27 22:03:50 2016] <rrika> I guess you could rebuild the ast with a custom tactic
[Thu Oct 27 22:12:04 2016] <rrika> oh, that's literally what http://adam.chlipala.net/cpdt/html/Reflection.html does
[Thu Oct 27 22:12:10 2016] <rrika> should finally read that
[Thu Oct 27 23:41:28 2016] <benzrf> heh
[Thu Oct 27 23:56:16 2016] <benzrf> aw i was thinking about exactly this sort of thing the other day as a potential interesting thing to do
[Fri Oct 28 00:02:42 2016] <johnw> rrika: Chlipala and others go into that technique in much greater depth here: http://adam.chlipala.net/papers/MirrorShardITP14/
[Fri Oct 28 00:02:57 2016] <johnw> also, Adam's Facade project at MIT also reifies most of Coq syntax, except via plugin
[Fri Oct 28 03:01:49 2016] <eternaleye> Does anyone know if the various theorems for list have been replicated for string anywhere? I'm finding it irritatingly difficult to do things like prove that `forall s: string, forall: n: nat, forall H: (n < =length string), length (substr 0 n) = n`
[Fri Oct 28 03:02:05 2016] <eternaleye> When that's absolutely trivial to do using list's firstn and skipn
[Fri Oct 28 04:33:59 2016] <jrw> eternaleye: whenever I want to do nontrivial string manipulation, I usually convert to a list of ascii representation and use list functions
[Fri Oct 28 04:34:04 2016] <jrw> maybe not the answer your were hoping for thought :\
[Fri Oct 28 04:38:56 2016] <eternaleye> Eh, it's about what I suspected; just wondered if anyone had anything better.
[Fri Oct 28 04:39:15 2016] <eternaleye> * might take a stab at porting over the theorems
[Fri Oct 28 07:05:02 2016] <mettekou_> Does anyone know of a paper or other resource which describes the algorithm to derive recursive schemes from inductive types as in Coq? Codifying Guarded Definitions with Recursive Schemes by Eduardo Giménez only informally describes it for a simple example.
[Fri Oct 28 07:10:40 2016] <rrika> johnw, I was thinking about this in the context of hardware description. If you have a model that includes a computation like (x+y)*(a+b), and you want to associate this with hardware blocks they are run on.
[Fri Oct 28 07:10:49 2016] <rrika> (and in this case you want to do the two additions on the same block in sequence)
[Fri Oct 28 07:11:11 2016] <rrika> then tactics could be used to match a certain subexpression and insert something like a call to "id" but with metadata
[Fri Oct 28 07:15:17 2016] <rrika> johnw, thanks for the link
[Fri Oct 28 08:35:04 2016] <kakadu> Hey. I have heard htat coq is the last big user  of camlp5. How is it going? Does camlp5 have know long-living issues that poison your life?
[Fri Oct 28 09:07:06 2016] <johnw> rrika: how funny you should say that, since I'm working on something right now based on reflection that may end up doing just that
[Fri Oct 28 09:24:11 2016] <rrika> johnw, oh, tell more
[Fri Oct 28 09:27:01 2016] <johnw> rrika: later today, after my early meetings, but I'd love to talk about it moer
[Fri Oct 28 09:40:49 2016] <johnw> in short, I'm using Fiat to refine specifications into programs, and one of the types of "programs" are encodings of operational semantics by way of a DSL, for example a circuit description
[Fri Oct 28 11:23:28 2016] <rrika> johnw, by refining specifications you mean finding a value for "forall a:A, exists b:B, solution_ok a b"?
[Fri Oct 28 11:23:31 2016] <rrika> or something more general?
[Fri Oct 28 11:24:03 2016] <rrika> ah, exists is in prop isn't it? then the non-prop version of it.
[Fri Oct 28 14:16:22 2016] <johnw> rrika: yes, just that
[Fri Oct 28 14:16:37 2016] <johnw> rrika: { f : A -> B & forall a : A, exists b : B, R a b }
[Fri Oct 28 14:16:50 2016] <johnw> where R is now the "specification", and f is the implementation
[Fri Oct 28 14:17:18 2016] <johnw> between these two can be infinite partial specifications, going from some R to R', given that: forall (a : A) (b : B), R' a b -> R a b
[Sun Oct 30 19:35:31 2016] <gargawel> Hi, I'm struggling to understand the following: https://gist.github.com/anonymous/d81add97a0928eb756b8a7290ae1ae8f
[Sun Oct 30 19:36:24 2016] <gargawel> I would expect the two definitions of type T in the Gist to be strictly equivalent, but that doesn't seem to be the case
[Sun Oct 30 19:36:41 2016] <gargawel> For the record, I'm using Coq 8.5pl2
[Sun Oct 30 19:36:55 2016] <gargawel> Am I missing something obvious ?
[Sun Oct 30 19:56:23 2016] <jrw> gargawel: I get an error when trying the alternate definition because the first argument to sig is implicit. if I fix that (by saying "@sig" instead of "sig") then the whole file goes through without error for me.
[Sun Oct 30 19:57:01 2016] <gargawel> jrw: Hum :/ I don't have the same experience.
[Sun Oct 30 19:57:51 2016] <gargawel> Are you also using 8.5pl2 ?
[Sun Oct 30 19:58:03 2016] <jrw> yes
[Sun Oct 30 19:58:14 2016] <jrw> are you importing any other files not shown in the gist?
[Sun Oct 30 19:59:15 2016] <gargawel> No
[Sun Oct 30 20:00:46 2016] <gargawel> Ok, now that's strange ; I indeed have some code before that one that is completely irrelevant to the gist and does not import anything
[Sun Oct 30 20:00:57 2016] <gargawel> if I comment it I get the same results as you
[Sun Oct 30 20:01:01 2016] <gargawel> let me check again...
[Sun Oct 30 20:01:34 2016] <gargawel> Ok, forget it :D I was in fact redefining sig, just to check how things work...
[Sun Oct 30 20:01:42 2016] <gargawel> I guess I should go to sleep
[Sun Oct 30 20:02:46 2016] <gargawel> Thanks for your help !
[Sun Oct 30 20:18:03 2016] <jrw> np
[Mon Oct 31 09:32:01 2016] <modulus> Software foundations Imp chapter says "repeat simpl" will loop forever. This doesn't seem to hold for coq 8.5pl2. any good way to let authors know?
[Mon Oct 31 10:47:42 2016] <notdan> email?
[Tue Nov  1 00:12:01 2016] <andromeda-galaxy> Are there any definitions for injective/surjective/etc functions in the standard library?
[Tue Nov  1 00:14:27 2016] <Cypi> There are some here https://coq.inria.fr/library/Coq.Logic.FinFun.html
[Tue Nov  1 00:14:45 2016] <Cypi> but I don't know if they are really that standard, or just used in that file
[Tue Nov  1 00:15:45 2016] <andromeda-galaxy> Cypi: I saw that, but it looks like they are only good for AxA functions, where A is finite?
[Tue Nov  1 00:16:31 2016] <Cypi> Well, the first definitions are general. The properties that are proved afterwards, less so, indeed
[Tue Nov  1 00:16:58 2016] <andromeda-galaxy> ah, okay - not sure how I missed that. I guess I'll try that for now, thanks!
[Tue Nov  1 00:17:14 2016] <andromeda-galaxy> As a hobby I am trying to formalize some of the definitions from an undergraduate level discrete math class in Coq and Isabelle
[Tue Nov  1 00:18:17 2016] <andromeda-galaxy> By the way, is there a general opinion on the mathematical proof syntax (what used to be called Czar)?
[Tue Nov  1 00:18:27 2016] <andromeda-galaxy> I know a few years ago, new users were warned to stay away from it...
[Tue Nov  1 01:19:33 2016] <andromeda-galaxy> do you have any suggestions for how to navigate the standard library?
[Tue Nov  1 01:21:18 2016] <andromeda-galaxy> Starting out, it is difficult to figure out stuff like - should I use Coq.ZArith.ZArith, or Coq.Numbers.Something?
[Tue Nov  1 01:21:38 2016] <andromeda-galaxy> Why do I need to say 'Z.mul_comm', but 'div' by itself is okay?
[Tue Nov  1 01:22:01 2016] <andromeda-galaxy> Where wound I find the need to do stuff like 'Open Scope Z_scope' in the package documentation for ZArith?
[Tue Nov  1 06:34:45 2016] <modulus> someone should change the topic to add 8.5pl3, no?
[Tue Nov  1 11:00:10 2016] <osa1> can anyone help me findint Coq 8.4 sources? https://coq.inria.fr/download <- seems to be removed from there
[Tue Nov  1 12:53:43 2016] <mettekou> osa1: https://github.com/coq/coq/releases
[Tue Nov  1 12:53:54 2016] <mettekou> Oh, he already left.
[Tue Nov  1 13:13:04 2016] <andromeda-galaxy>  How do you prove a trivial inequality in coq? Like 3<>0?
[Tue Nov  1 13:15:24 2016] <modulus> convert to 3 = 0 -> False, introduce it as a hypothesis and do inversion on it.
[Tue Nov  1 13:16:41 2016] <Cypi> in other words: "inversion 1" will do it
[Tue Nov  1 13:17:30 2016] <modulus> nice, i didn't know you could do that. i'd have done unfold not. intros. inversion H.
[Tue Nov  1 13:45:44 2016] <andromeda-galaxy> Cypi, modulus: sorry for the delay, thanks greatly!
[Tue Nov  1 13:46:28 2016] <andromeda-galaxy> Relatedly, 'rewrite Z_div_mult_full in H0. rewrite Z_div_mult_full in H0' works for me, but 'repeat (rewrite Z_div_mult_full in H0)' never terminates - any suggestions?
[Tue Nov  1 13:47:10 2016] <Cypi> What's the question?
[Tue Nov  1 13:47:25 2016] <andromeda-galaxy> Just - why doesn't the repeat work & is there a similarly succinct way to write it?
[Tue Nov  1 13:47:51 2016] <Cypi> if rewrite finds something to rewrite at each step, it's normal it never terminates: it will just rewrite indefinitely
[Tue Nov  1 13:48:22 2016] <Cypi> if you already know how many times you want to rewrite, you can do: do 2 rewrite Z_div_mult_full in H0
[Tue Nov  1 13:49:10 2016] <andromeda-galaxy> hmm, interesting - that works, but it makes 3 "3 <> 0" subgoals, instead of 2
[Tue Nov  1 13:50:09 2016] <Cypi> Ah, right
[Tue Nov  1 13:50:10 2016] <andromeda-galaxy> basically, I have http://lpaste.net/322211 - and I would really appreciate suggestions on ways to make it more idiomatic of a proof
[Tue Nov  1 13:50:27 2016] <Cypi> that's because it's equivalent to rewrite Z_div_mult_full in H0; rewrite Z_div_mult_full in H0, which is not the same
[Tue Nov  1 13:50:48 2016] <andromeda-galaxy> ah, I see.
[Tue Nov  1 13:51:06 2016] <andromeda-galaxy> why does 'rewrite Z_div_mult_full in H0; inversion 1' not solve the generated subgoal?
[Tue Nov  1 13:52:05 2016] <Cypi> because it can only solve the "3 <> 0" subgoal, not the other one
[Tue Nov  1 13:52:43 2016] <Cypi> If you really want something more compact, you can write: do 2 (rewrite Z_div_mult_full in H0; try inversion 1).
[Tue Nov  1 13:53:01 2016] <andromeda-galaxy> that makes sense. Do you think that that would be more or less idiomatic?
[Tue Nov  1 13:53:07 2016] <Cypi> or slightly better I guess: do 2 (rewrite Z_div_mult_full in H0; [|inversion 1]).
[Tue Nov  1 13:53:49 2016] <Cypi> I think my personal preference would be to write twice "rewrite Z_div_mult_full in H0; [|inversion 1]." (not with the "do 2")
[Tue Nov  1 13:54:08 2016] <Cypi> but honestly, I don't know how valuable my opinion is, I'm not such an expert ^^
[Tue Nov  1 13:54:20 2016] <andromeda-galaxy> okay, that makes sense - thanks for the disclaimer!
[Tue Nov  1 13:54:50 2016] <andromeda-galaxy> Do you have any other suggestions for the other part(s) of that proof? I feel like all of my coq ends up looking more verbose than the stuff that I see "in the wild", although I'm not totally sure...
[Tue Nov  1 13:55:00 2016] <modulus> in the end so long as the proof is reasonably readable it's fine. the generated terms are the same anyway.
[Tue Nov  1 13:55:22 2016] <andromeda-galaxy> that's true...
[Tue Nov  1 13:55:31 2016] <andromeda-galaxy> modulus: what do you think of the mathematical proof language for making proofs more readable?
[Tue Nov  1 13:55:37 2016] <modulus> well, some people (ab?)use tacticals to the point that their proofs are a bit dense to read, to me anyway.
[Tue Nov  1 13:55:42 2016] <andromeda-galaxy> I come from an Isabelle/HOL background...
[Tue Nov  1 13:55:57 2016] <Cypi> Well, people like more or less automatization, that's the main difference
[Tue Nov  1 13:56:10 2016] <modulus> andromeda-galaxy - there are a couple of attempts on this line. there is the other notation for proofs, which does look more meaningful than tactics.
[Tue Nov  1 13:56:10 2016] <Cypi> for instance, after the "unfold f", you could just do "omega"
[Tue Nov  1 13:56:15 2016] <Cypi> it would solve the goal
[Tue Nov  1 13:56:16 2016] <modulus> there's also Mtac
[Tue Nov  1 13:56:45 2016] <andromeda-galaxy> It seems like even a readable coq proof you kind of have to step through and think about the way that the proof state changes, whereas you can (maybe) hopefully get an idea of the high-level thinking just on reading without even worrying about the state
[Tue Nov  1 13:56:57 2016] <modulus> right, the difference is if you want to convey that something is true, or also how/why it is true.
[Tue Nov  1 13:57:05 2016] <andromeda-galaxy> modulus: I think that is what I meant by the "mathematical proof language"? - used to be called Czar?
[Tue Nov  1 13:57:07 2016] <modulus> omega is basically saying "by presburger arithmetic"
[Tue Nov  1 13:57:33 2016] <andromeda-galaxy> Ah, that makes sense.
[Tue Nov  1 13:58:27 2016] <modulus> yes, but the alternative mathematical notation thing is not well documented (ime) and it is not as well developed and hard to automate.
[Tue Nov  1 13:58:53 2016] <modulus> it might be useful to use on some particular branches of a proof where you want to show the work perhaps, but i wouldn't use it often.
[Tue Nov  1 13:59:15 2016] <andromeda-galaxy> ah, okay. thanks, I'd been wondering about the state of that
[Tue Nov  1 13:59:46 2016] <andromeda-galaxy> in Isabelle lots of proofs are written that way, so I was rather curious
[Tue Nov  1 13:59:46 2016] <modulus> state is not very good, it's easy to get yourself to a position where you screw yourself out of the capacity to finish the proof.
[Tue Nov  1 13:59:48 2016] <modulus> and it can only work on focused goals etc.
[Tue Nov  1 14:00:31 2016] <andromeda-galaxy> are we agreeing that that makes a declarative style nice?
[Tue Nov  1 14:00:45 2016] <modulus> yeah, i never used isabelle so i can't really compare, but the advantage with the tactical approach is you can write new tactics and automate to quite an amazing extent, with things like omega or crush that are really semi-automatic solvers for at least some domains.
[Tue Nov  1 14:01:26 2016] <modulus> i like declarative style for reading proofs, that's for sure. unfold meh. apply foo. rewrite bar. reflexivity. doesn't make for very meaningful scripts.
[Tue Nov  1 14:01:51 2016] <andromeda-galaxy> yeah, exactly. In the sort of proofs that I was writing with Isabelle, at least, tactics are still used to go between each step in the declarative reasoning
[Tue Nov  1 14:02:16 2016] <andromeda-galaxy> so you could write down each major equation that you would have written in a paper-and-pen proof and then go between them with tactics like "by presburger" "by metis" "by smt", that sort of thing
[Tue Nov  1 14:02:29 2016] <andromeda-galaxy> so you could get a fair bit of automation with (hopefully) more readable proofs
[Tue Nov  1 14:02:36 2016] <andromeda-galaxy> (and then of course, there is the infamous sledgehammer)
[Tue Nov  1 14:02:53 2016] <modulus> aha, that does sound like it would make for more readability. my understanding is isabelle has other disadvatanges but that sounds like a pro.
[Tue Nov  1 14:03:52 2016] <andromeda-galaxy> yeah - the logics are mostly classical and non-dependent, which is a big reason that I am now learning Coq.
[Tue Nov  1 14:03:55 2016] <modulus> that said, as one learns coq it's my experience that one gets better at simulating the tactics.
[Tue Nov  1 14:04:42 2016] <andromeda-galaxy> hmm, that indeed makes sense
[Tue Nov  1 14:04:59 2016] <andromeda-galaxy> oh well, maybe some day we'll finish Czar and have the best of both worlds
[Tue Nov  1 14:05:08 2016] <modulus> we can hope :-)
[Tue Nov  1 14:06:03 2016] <andromeda-galaxy> indeed :-)
[Tue Nov  1 14:10:50 2016] <andromeda-galaxy> hmm, now I am trying to prove ~ (Surjective f). - any tips for how to approach the negation of a quantified statement?
[Tue Nov  1 14:11:48 2016] <modulus> put it on a hypothesis, and assert something false that you can prove with it.
[Tue Nov  1 14:11:55 2016] <modulus> then invert on the assertion.
[Tue Nov  1 14:13:14 2016] <andromeda-galaxy> okay, I think that that vaguely makes sense. Like in this case I would 'intros. assert (2 mod 3 = 0) { proof }.' or something like that
[Tue Nov  1 14:13:22 2016] <andromeda-galaxy> and then somehow derive void from false assertion
[Tue Nov  1 14:13:31 2016] <modulus> right.
[Tue Nov  1 14:14:02 2016] <andromeda-galaxy> hmm, do De Morgan's Laws for quantifiers hold in CiC? why not have a tactic for that?
[Tue Nov  1 14:14:13 2016] <modulus> well, then the assert goes into the context, say as assert (C: 2 mod 3 = 0), once you prove it you can inversion C.
[Tue Nov  1 14:14:37 2016] <modulus> de morgan's laws are non-constructive, theyr'e equivalent to excluded middle.
[Tue Nov  1 14:16:02 2016] <andromeda-galaxy> oh right, of course - how embarassing to forget that. Too much time in Isabelle recently, I guess.
[Tue Nov  1 14:16:09 2016] <modulus> np :-)
[Tue Nov  1 14:16:09 2016] <andromeda-galaxy> maybe ClassicalFacts should include something
[Tue Nov  1 14:16:31 2016] <andromeda-galaxy> okay, thanks for all the help/suggestions/etc.! I think I have a better handle on this now
[Tue Nov  1 14:16:37 2016] <modulus> yeah, i am a noob and i don't know the theory library much, but on classical logic module you may have something, idk.
[Tue Nov  1 14:16:48 2016] <modulus> yw, hth, gl.
[Tue Nov  1 14:20:51 2016] <andromeda-galaxy> thanks!
[Tue Nov  1 14:30:13 2016] <andromeda-galaxy> hmm, I am still having trouble understanding the right way to prove stuff like '0 <= 0 < 3', for example...
[Tue Nov  1 14:30:57 2016] <Cypi> "repeat constructor" might do it?
[Tue Nov  1 14:31:04 2016] <Cypi> otherwise, stuff like "omega"
[Tue Nov  1 14:32:06 2016] <andromeda-galaxy> aha, thanks - looks like "repeat constructor; inversion 1' works
[Tue Nov  1 14:32:59 2016] <modulus> repeat constructor alone works for me on 0 <= 0 < 3.
[Tue Nov  1 14:33:55 2016] <andromeda-galaxy> hmm, weird - I got an extra '0 <= 0' subgoal when I tried it
[Tue Nov  1 14:34:34 2016] <modulus> that's odd, constructor solves that one.
[Tue Nov  1 14:35:01 2016] <andromeda-galaxy> so I had to use 'elim H.' to change an existential quantifier in a hypothesis but I didn't really understand what that did - do you have any suggestions for where to look into better ways to do that?
[Tue Nov  1 14:35:33 2016] <andromeda-galaxy> hmm, I get "The type has no constructors"
[Tue Nov  1 14:35:40 2016] <andromeda-galaxy> oh, I am using Zarith - are you using nat?
[Tue Nov  1 14:36:20 2016] <modulus> ah, yes, sorry, i was using nat.
[Tue Nov  1 14:36:42 2016] <andromeda-galaxy> that must be it, I guess
[Tue Nov  1 14:51:42 2016] <andromeda-galaxy> agh, why is there no (a*b)/a = b in Coq.NArith.BinNat?
[Tue Nov  1 14:53:37 2016] <andromeda-galaxy> or in fact (a*b/b) = a, is what I need, I guess
[Tue Nov  1 14:54:10 2016] <modulus> can't you use associativity?
[Tue Nov  1 14:54:34 2016] <andromeda-galaxy> for a*(b/b), probably - but there's no (a*b)/b = a in the first place!
[Tue Nov  1 14:55:24 2016] <modulus> it seems to me if you can rewrite into (a*(b/b)) should be possible to get a out of it easily.
[Tue Nov  1 14:56:34 2016] <andromeda-galaxy> hmm, maybe - I can't find a lemma for b/b = 1, though
[Tue Nov  1 15:00:04 2016] <__monty__> May be a stupid question but what about 0?
[Tue Nov  1 15:03:59 2016] <modulus> good point, i guess it'd be undefined for 0.
[Tue Nov  1 15:46:10 2016] <KaneTW> andromeda-galaxy: Lemma div_same : forall a, 0<a -> a/a == 1.
[Tue Nov  1 15:46:33 2016] <KaneTW> Lemma div_mul : forall a b, 0<=a -> 0<b -> (a*b)/b == a.
[Tue Nov  1 15:46:47 2016] <KaneTW> oh
[Tue Nov  1 15:46:48 2016] <KaneTW> binnat
[Tue Nov  1 15:46:50 2016] <KaneTW> reading is hard
[Tue Nov  1 15:46:52 2016] <KaneTW> sorry
[Tue Nov  1 15:47:23 2016] <KaneTW> that'll work anyways though i think
[Tue Nov  1 15:49:08 2016] <KaneTW> Coq < Check N.div_mul.
[Tue Nov  1 15:49:10 2016] <KaneTW> N.div_mul
[Tue Nov  1 15:49:12 2016] <KaneTW>      : forall a b : N, b <> 0%N -> (a * b / b)%N = a
[Tue Nov  1 16:05:24 2016] <andromeda-galaxy> modulus, __monty__: good point, that's an easy obligation to discharge in this case
[Tue Nov  1 16:06:26 2016] <andromeda-galaxy> KaneTW: hmm, thanks - not sure how I missed those..
[Tue Nov  1 16:06:40 2016] <andromeda-galaxy> KaneTW: where is N.div_mul defined?
[Tue Nov  1 16:08:06 2016] <modulus> Coq < Locate N.div_mul.
[Tue Nov  1 16:08:07 2016] <modulus> Constant Coq.NArith.BinNat.N.div_mul
[Tue Nov  1 16:08:14 2016] <andromeda-galaxy> oh cool! thanks!
[Tue Nov  1 16:08:24 2016] <andromeda-galaxy> I can't seem to get the hang of rewriting in subterms..
[Tue Nov  1 16:09:02 2016] <modulus> if rewrite is misbehaving remember you can use replace (x) with (y) and then discharge x = y.
[Tue Nov  1 16:10:01 2016] <andromeda-galaxy> hmm.. okay, I think that makes sense..
[Tue Nov  1 16:10:08 2016] <andromeda-galaxy> my goal is y * 2 / 2 = y
[Tue Nov  1 16:10:26 2016] <andromeda-galaxy> rewrite N.div_same and N.div_mul both don't work on that
[Tue Nov  1 16:10:32 2016] <andromeda-galaxy> whichever the associativity is it doesn't work
[Tue Nov  1 16:11:00 2016] <modulus> hmm i'm not familiar with BinNat in particular but you should have associativity rewrites to change it.
[Tue Nov  1 16:11:24 2016] <andromeda-galaxy> I mean, if it is associated as (y*2)/2 then shouldn't div_mul work?
[Tue Nov  1 16:11:34 2016] <andromeda-galaxy> and if it's y * (2/2), then shouldn't div_same work?
[Tue Nov  1 16:13:17 2016] <modulus> have you tried apply N.div_mul ?
[Tue Nov  1 16:13:41 2016] <andromeda-galaxy> yes: Unable to unify "(?M1792 * ?M1793 / ?M1793)%N = ?M1792" with
[Tue Nov  1 16:13:41 2016] <andromeda-galaxy> "y * 2 / 2 = y".
[Tue Nov  1 16:14:12 2016] <andromeda-galaxy> this is inside a "Open Scope nat_Scope" and after "Close Scope Z_Scope"
[Tue Nov  1 16:14:23 2016] <andromeda-galaxy> although I don't really understand scopes...
[Tue Nov  1 16:14:31 2016] <modulus> then no idea what is happening, sorry.
[Tue Nov  1 16:14:59 2016] <modulus> presumably those terms are of type N?
[Tue Nov  1 16:16:05 2016] <andromeda-galaxy> oh, oops. that's it - they are nats
[Tue Nov  1 16:16:34 2016] <andromeda-galaxy> like I mentioned yesterday, I don't really understand all the kinds of numbers, so I'm probably using the wrong ones
[Tue Nov  1 16:17:42 2016] <andromeda-galaxy> I just have a function that in math notation is \mathbb{N} -> \mathbb{N} so I wrote it as nat to nat
[Tue Nov  1 16:21:51 2016] <andromeda-galaxy> modulus: any suggestions for better numbers and/or whether that lemma works with nat?
[Tue Nov  1 16:34:36 2016] <andromeda-galaxy> What are the differences between Modules and Sections?
[Tue Nov  1 16:46:40 2016] <modulus> sections are just bits where you can declare variables and things, use them in lemmas, and when you close the section the lemmas will generalize on those variables.
[Tue Nov  1 16:47:09 2016] <modulus> modules i don't understand them fully. i use them for namespace issues but i am aware they do more things, but i don't know what they are.
[Tue Nov  1 16:47:44 2016] <andromeda-galaxy> ah, okay - do sections provide any namespacing isolation?
[Tue Nov  1 16:48:03 2016] <andromeda-galaxy> I am just trying to figure out how to structure a file with nested scopes so that I can define "f" a few times in different contexts
[Tue Nov  1 16:48:11 2016] <modulus> also you can put a section in a module but not a module i a section.
[Tue Nov  1 16:48:27 2016] <andromeda-galaxy> and am not sure if I should use 'Section Thing1' or 'Module Thing1' inside my file
[Tue Nov  1 16:48:29 2016] <andromeda-galaxy> hmm, interesting
[Tue Nov  1 16:48:44 2016] <modulus> i'd go for modules
[Tue Nov  1 16:48:46 2016] <modulus> they nest well.
[Tue Nov  1 16:49:08 2016] <Cypi> Sections don't provide namespacing anyway, you are right
[Tue Nov  1 16:49:13 2016] <andromeda-galaxy> cool, I'll do that then - thanks
[Tue Nov  1 16:49:42 2016] <modulus> section is like, say you're going to prove a few theorems about  n m o: nat and p q r s:Prop, you can declare those propositions so you don't need to do the forall p q r s :Prop thing every time.
[Tue Nov  1 16:51:47 2016] <andromeda-galaxy> ahh, okay
[Tue Nov  1 16:52:22 2016] <andromeda-galaxy> I got confused by having heard that Chapter is like Section, so I assumed that they would be good for like writing a book where I might want to use the same names in different chapters
[Tue Nov  1 16:56:10 2016] <modulus> way i've seen it described in the tutorial is section is to define a universe of discourse where you're going to prove things on. just to save you the trouble of reintroducing it in every lemma. then when you do End Whatever,  the lemmas get generalized to the variables you declared in the section.
[Tue Nov  1 16:57:21 2016] <andromeda-galaxy> okay, right, that makes more sense, thanks
[Tue Nov  1 17:06:51 2016] <andromeda-galaxy> is Couple somehow used for the cartesian product of Ensembles?
[Tue Nov  1 17:09:04 2016] <andromeda-galaxy> how to Ensemble unions not double count the intersection?
[Tue Nov  1 17:22:57 2016] <andromeda-galaxy> hmm. I want to write a function which,given two sets, is a funciton from the powerset of their union to the product of their powersets
[Tue Nov  1 17:24:01 2016] <andromeda-galaxy> but I can't use Ensembles and say, e.g. 'Definition f (x : Power_set U (Union U A B))' because Power_set U (Union U A B) has type Ensemble not type Set
[Tue Nov  1 17:26:23 2016] <modulus> you sure that's how you want to declare the type of x?
[Tue Nov  1 17:26:57 2016] <andromeda-galaxy> well it definitely isn't since it gives (x : (y : Ensemble U)) which doesn't work - but I'm not sure what the correct way to model the function is
[Tue Nov  1 17:50:48 2016] <andromeda-galaxy> modulus: How would I model a function whose domain is the powerset of another set?
[Tue Nov  1 17:54:18 2016] <modulus> well, a powerset is a set, no?
[Tue Nov  1 17:54:57 2016] <andromeda-galaxy> indeed, but this function is intended to take only sets that are powersets of another one - not any Ensemble (Ensemble U)
[Tue Nov  1 17:55:49 2016] <andromeda-galaxy> f : P(A union B) -> something
[Tue Nov  1 17:56:03 2016] <andromeda-galaxy> I mean, not any Ensemble U
[Tue Nov  1 17:56:06 2016] <modulus> i don't know, not sure how one would represent that as a type. my instinct is that may be easier to represent as a relation.
[Tue Nov  1 17:56:28 2016] <andromeda-galaxy> represent as a relation?esent as a relation
[Tue Nov  1 17:56:42 2016] <andromeda-galaxy> (sorry about the doubling there, I have bad network connectivity)
[Tue Nov  1 17:57:10 2016] <modulus> instead of a funciton i mean.
[Tue Nov  1 17:57:33 2016] <andromeda-galaxy> hmm. it is just that it is a function, and I want to show whichever injectivity/surjectivity properties it might have
[Tue Nov  1 17:59:07 2016] <andromeda-galaxy> it also produces output that is restricted like that - the cartesian product of powersets
[Tue Nov  1 17:59:29 2016] <Cypi> f : {x : U | In x P(A union B)} -> something
[Tue Nov  1 17:59:35 2016] <Cypi> wouldn't that be the correct type for such a function?
[Tue Nov  1 17:59:43 2016] <andromeda-galaxy> Cypi: how does that bar work?
[Tue Nov  1 17:59:53 2016] <Cypi> (I meant "In P(A union B) x")
[Tue Nov  1 18:00:00 2016] <andromeda-galaxy> probably it would
[Tue Nov  1 18:00:22 2016] <andromeda-galaxy> if the result type can also be like that
[Tue Nov  1 18:00:27 2016] <Cypi> sure
[Tue Nov  1 18:00:46 2016] <andromeda-galaxy> Cypi: those look like refinement types to me?
[Tue Nov  1 18:00:52 2016] <andromeda-galaxy> I didn't know coq had that syntax
[Tue Nov  1 18:01:01 2016] <Cypi> It's just a notation for sig
[Tue Nov  1 18:01:07 2016] <Cypi> not really refinement types, these are dependent pairs
[Tue Nov  1 18:01:31 2016] <andromeda-galaxy> ohhh dependent pair of some value x and a proof that it is an element... I see
[Tue Nov  1 18:01:53 2016] <Cypi> I don't know much about Ensembles, but I would guess this is a way of speaking of the elements of an Ensemble
[Tue Nov  1 18:01:59 2016] <andromeda-galaxy> hmm, I will try that
[Tue Nov  1 18:02:08 2016] <Cypi> but maybe what you actually want is to represent your functions are actual Ensemble, I don't know
[Tue Nov  1 18:02:12 2016] <Cypi> s/are/as
[Tue Nov  1 18:14:04 2016] <andromeda-galaxy> Cypi: sorry for the big delay. That is probably what I really want, actually...
[Tue Nov  1 18:14:38 2016] <Cypi> It all depends if you want to talk about Coq functions, or functions in the realm of Ensembles
[Tue Nov  1 18:14:43 2016] <andromeda-galaxy> (I mean, the version that you provided)
[Tue Nov  1 18:14:49 2016] <Cypi> ok, good then :)
[Tue Nov  1 18:15:01 2016] <andromeda-galaxy> I should try to figure out the distinction better, though
[Tue Nov  1 18:15:10 2016] <andromeda-galaxy> basically I am just translating some old exercises that I did in Isabelle into Coq
[Tue Nov  1 18:15:40 2016] <andromeda-galaxy> (exercises from some old book) - doing them in Isabellle is really nasty, and I was hoping that Coq would be better
[Tue Nov  1 18:15:55 2016] <modulus> how is it going so far?
[Tue Nov  1 18:16:06 2016] <andromeda-galaxy> so all that really matters is that it is a function from elements of that powerset to elements of the other powerset, and that I can show wthat it is injective, whatever
[Tue Nov  1 18:16:34 2016] <andromeda-galaxy> okay, I think - I haven't had too much time since Cypi suggested it since I had to suddenly walk between buildings and then reboot my machine when its network died
[Tue Nov  1 18:19:27 2016] <andromeda-galaxy> hmm, { x : U | In x (Power_set U (Union U A B)) gives The texm "x" has type "U" while it is expected to have type "Type"
[Tue Nov  1 18:19:32 2016] <modulus> i meant generally rewriting isabelle exercises in coq.
[Tue Nov  1 18:19:49 2016] <andromeda-galaxy> oh wait, I understand why, I made a type
[Tue Nov  1 18:20:09 2016] <Cypi> (also, In probably needs U as an argument)
[Tue Nov  1 18:20:11 2016] <andromeda-galaxy> modulus: hmm, pretty okay so far - some are better, some are worse, some are just different. The declarative vs. tactic proof styles are very different
[Tue Nov  1 18:20:26 2016] <andromeda-galaxy> Cypi: what is the syntax for using that construction in an argument of a Definition?
[Tue Nov  1 18:21:37 2016] <Cypi> What do you mean?
[Tue Nov  1 18:22:13 2016] <andromeda-galaxy> it should just be like "Definition f (n : { x : U | In ...})" right?
[Tue Nov  1 18:22:16 2016] <Cypi> {x : U | In U (Power_Set U (Union U A B)) x} is just a type (it has literally type Type), you can use it wherever you can use a type
[Tue Nov  1 18:22:20 2016] <Cypi> Yes, for instance
[Tue Nov  1 18:22:58 2016] <andromeda-galaxy> there, this is it I think: (n : { x : Ensemble U | In (Ensemble U) (Power_set U (Union U A B)) x })
[Tue Nov  1 18:23:50 2016] <andromeda-galaxy> hmm, what is the type for generally the cross product?
[Tue Nov  1 18:24:47 2016] <Cypi> Do you just mean "prod"?
[Tue Nov  1 18:26:41 2016] <andromeda-galaxy> Maybe! but I think it needs to be product of ensembles, because I want to say roughly { x : ??? | In x (??? (Power_set A) (Power_set B))
[Tue Nov  1 18:28:03 2016] <andromeda-galaxy> what exactly does Couple do?
[Tue Nov  1 18:28:28 2016] <andromeda-galaxy> but basically I need to fill in the two blanks to say that it is in the cross product of the two powersets, which are ensembles, right?
[Tue Nov  1 18:35:09 2016] <andromeda-galaxy> actually maybe I need some way of doing this without Ensembles - like to prove this one in full generality, I don't need to restrict A and B to having the same universe
[Tue Nov  1 18:35:43 2016] <Cypi> Meh, this stdlib seems to be lacking basic stuff like products, functions, etc... Not sure what its intended scope is
[Tue Nov  1 18:35:58 2016] <Cypi> certainly not set theory
[Tue Nov  1 18:37:13 2016] <andromeda-galaxy> indeed...
[Tue Nov  1 18:37:45 2016] <andromeda-galaxy> any suggestions for a better library/modules to use?
[Tue Nov  1 18:41:28 2016] <Cypi> Maybe this one is more usable? https://github.com/coq-contribs/zfc (I don't really know better than you, just looking up stuff)
[Tue Nov  1 18:57:04 2016] <andromeda-galaxy> Cypi: looks promising, I'll try it
[Tue Nov  1 18:57:20 2016] <andromeda-galaxy> I may take a break and do some less set-theoretic stuff when I find out
[Tue Nov  1 18:57:28 2016] <andromeda-galaxy> *before I look at that
[Tue Nov  1 22:08:42 2016] <keep_learning> Hello everyone
[Tue Nov  1 22:09:30 2016] <keep_learning> I am trying to prove ceval_deterministic https://gist.github.com/mukeshtiwari/047b46f9ded7aa1e0cd1f27d1f090370
[Tue Nov  1 22:09:41 2016] <keep_learning> But stuck with goal
[Tue Nov  1 22:09:50 2016] <keep_learning> Could some one please have a look
[Tue Nov  1 22:11:20 2016] <keep_learning> I can prove only when we have st' = st'0
[Tue Nov  1 22:11:36 2016] <keep_learning> But I don't see any relation to connect these two states
[Tue Nov  1 22:43:11 2016] <keep_learning> Now I am stuck with while loop https://gist.github.com/mukeshtiwari/13e5210a7d590a021a84b3a1e70063ea
[Tue Nov  1 22:43:21 2016] <keep_learning> Any idea how to solve this goal
[Wed Nov  2 00:27:58 2016] <milodavis> #hacks
[Wed Nov  2 00:34:20 2016] <andromeda-galaxy> hmm, so I have  proof right now that looks like 'assume foo. { ... } rewrite SomeLemma. assumption. apply foo.'
[Wed Nov  2 00:34:48 2016] <andromeda-galaxy> is there some way to combine those things together more idiomatically
[Wed Nov  2 00:35:58 2016] <andromeda-galaxy> (apart from just replacing the apply foo with the assume foo)?
[Wed Nov  2 00:36:32 2016] <andromeda-galaxy> specifically, this feels like it is in kind of the wrong order to me
[Wed Nov  2 00:36:51 2016] <andromeda-galaxy> I would like to read the proof as 'rewrite SomeLemma, which works because { proof block }. Then it's just an assumption
[Wed Nov  2 00:36:54 2016] <andromeda-galaxy> '
[Wed Nov  2 00:37:58 2016] <andromeda-galaxy> (or, if there is a more idiomatic way to read/write that, I'd like to do that...)
[Wed Nov  2 11:42:54 2016] <andromeda-galaxy> How do you write tactics taking a constr_list in Ltac?
[Thu Nov  3 05:25:19 2016] <modulus> doing the Imp chapter of software foundations, sometimes it requires manually formulating fairly long terms for apply S_Eq with (_)
[Thu Nov  3 05:25:31 2016] <modulus> is there any way to avoid having to write these terms by hand?
[Thu Nov  3 05:53:11 2016] <Cypi> modulus: it's possible that "eapply S_Eq" will generate goals to build those terms. I don't know for your specific example.
[Thu Nov  3 05:54:22 2016] <modulus> thanks, i'll give it a shot.
[Thu Nov  3 16:41:00 2016] <qwerty2016> is anyone aware of a library of c-zar proofs? I'd like to start learning how to use that style but there are precious few examples to learn from
[Thu Nov  3 16:42:32 2016] <qwerty2016> http://math.stackexchange.com/questions/1037997/status-of-declarative-proof-languages-in-proof-assistants has no answer :/
[Thu Nov  3 18:09:30 2016] <chris2> qwerty2016: lean has such a syntax too. and ssreflect for coq can be readable if you are used to it
[Thu Nov  3 18:27:43 2016] <qwerty2016> lean looks cool, but i am wary of learning a new language. I am not sure how it is better than Coq or Isobelle
[Thu Nov  3 18:27:52 2016] <qwerty2016> i will take a long look at ssreflect though
[Thu Nov  3 18:32:19 2016] <rrika> qwerty2016, I learned lean before learning coq, it's not too much to learn, especially if you know a similar language already
[Thu Nov  3 18:32:54 2016] <rrika> same keywords even
[Thu Nov  3 18:33:36 2016] <rrika> the lean tutorial places a much bigger focus on constructing the proof terms manually, instead of letting tactics do it (but they do have tactics)
[Thu Nov  3 18:34:02 2016] <rrika> and the interaction style is a bit different
[Thu Nov  3 18:34:09 2016] <chris2> real tactics are only coming in lean3 now
[Thu Nov  3 18:34:17 2016] <chris2> or, composable tactics that is
[Thu Nov  3 18:34:20 2016] <rrika> instead of being displayed your assumptions and your goal you place a "_" and hover over it
[Thu Nov  3 18:34:44 2016] <rrika> and to find your assumption you just look left of your cursor and find all your (fun x => …)
[Thu Nov  3 18:35:05 2016] <rrika> o/ chris2
[Thu Nov  3 18:35:11 2016] <chris2> hey
[Thu Nov  3 18:35:31 2016] <chris2> #leanprover is a subset of #coq :D
[Thu Nov  3 18:35:49 2016] <rrika> indeed
[Thu Nov  3 18:42:43 2016] <qwerty2016> so... lean is basically coq, but with nicer syntax and quality of life improvements? but fewer libraries?
[Thu Nov  3 18:43:45 2016] <rrika> qwerty2016, the stdlib of lean feels more cleaned up to me
[Thu Nov  3 18:44:05 2016] <rrika> in coq, I never know which of le_n_S, le_S, etc. I Need
[Thu Nov  3 18:44:29 2016] <rrika> but it's smaller I guess
[Thu Nov  3 18:45:50 2016] <Cypi> There are some "ethical" differences in the treatment of inductive types also, I guess: in Lean you only have eliminators, in Coq you derive the eliminators from pattern-matching
[Thu Nov  3 18:47:03 2016] <rrika> Cypi, what are the consequences of this?
[Thu Nov  3 18:47:08 2016] <Cypi> I have no clue :D
[Thu Nov  3 18:47:10 2016] <rrika> haha
[Thu Nov  3 18:47:30 2016] <Cypi> Hmm, actually I can mention one consequence
[Thu Nov  3 18:47:43 2016] <Cypi> that means that by default, with only eliminators, you are forced to recurse on the very next subterm
[Thu Nov  3 18:48:05 2016] <Cypi> You need to put a little more work to recurse on a deeper subterm
[Thu Nov  3 18:48:21 2016] <rrika> you mean you can't do match x with S (S x) => …?
[Thu Nov  3 18:48:25 2016] <rrika> without "match"ing twice
[Thu Nov  3 18:48:36 2016] <Cypi> You cannot do that and then a recursive call on that x
[Thu Nov  3 18:48:52 2016] <rrika> oops, I used x twice here
[Thu Nov  3 18:48:59 2016] <Cypi> on the inner x
[Thu Nov  3 18:49:13 2016] <rrika> eh, why not?
[Thu Nov  3 18:49:36 2016] <Cypi> Because you wouldn't write a match with an eliminator, you would write something using the equivalent of nat_rect
[Thu Nov  3 18:49:53 2016] <Cypi> forall P : nat -> Type, P 0 -> (forall n : nat, P n -> P (S n)) -> forall n : nat, P n
[Thu Nov  3 18:49:54 2016] <rrika> eliminators are not something like "rect"?
[Thu Nov  3 18:49:58 2016] <Cypi> They are
[Thu Nov  3 18:50:15 2016] <Cypi> and in the successor branch, you have to prove P (S n) only knowing P n
[Thu Nov  3 18:50:41 2016] <Cypi> ("P n" would be the recursive call)
[Thu Nov  3 18:51:10 2016] <rrika> Cypi, the coq equivalent also has the non S (S x) arm, that can return something of the same type as the S (S x) arm
[Thu Nov  3 18:51:23 2016] <rrika> so you could return that in the O case of the inner match
[Thu Nov  3 18:51:29 2016] <rrika> "match"
[Thu Nov  3 18:51:32 2016] <rrika> eliminator
[Thu Nov  3 18:52:09 2016] <Cypi> Hmm. I'd have to try to do it precisely, but I think you need a little bit of work to formulate correctly the "P" for the inner eliminator
[Thu Nov  3 18:52:18 2016] <Cypi> if what you are suggesting is nesting two eliminators
[Thu Nov  3 18:52:27 2016] <rrika> yeah
[Thu Nov  3 18:52:33 2016] <rrika> maybe I didn't think this through
[Thu Nov  3 18:52:40 2016] <rrika> iirc lean has match anyway
[Thu Nov  3 18:52:41 2016] <rrika> as syntactic sugar
[Thu Nov  3 18:54:04 2016] <Cypi> Oh you're right, it looks like that actually have full-fledged dependent pattern-matching, structural recursion and so on
[Thu Nov  3 18:54:14 2016] <Cypi> I don't know if it's compiled away and in what manner though
[Thu Nov  3 18:54:26 2016] <rrika> yeah, I think with 8.5 they are on par but 8.4 was actually a bit more tedious
[Thu Nov  3 18:54:35 2016] <rrika> Cypi, it's turned into eliminators I thinik
[Thu Nov  3 18:54:51 2016] <rrika> qwerty2016, another thing about lean is that the author apparently cares about supporting hott stuff
[Thu Nov  3 18:54:55 2016] <rrika> if you're into that
[Thu Nov  3 18:55:48 2016] <rrika> (which is another thing I don't quite get)
[Thu Nov  3 18:56:15 2016] <chris2> lean elaborates dependent pattern matching really well ime
[Thu Nov  3 18:56:32 2016] <chris2> you dont need to do it yourself
[Thu Nov  3 19:02:05 2016] <qwerty2016> well, i guess i can read over the tutorial. at first glance it seemed to be the not-invented-here child of coq and mizar
[Thu Nov  3 19:02:47 2016] <rrika> qwerty2016, even if it added nothing to coq other than prefixing the cases of an inductive type, I'd take it
[Thu Nov  3 19:02:50 2016] <rrika> this namespace clutter is terrible
[Thu Nov  3 19:03:36 2016] <rrika> (I thought about patching that into coq for fun, but I'd have to learn french first :P)
[Thu Nov  3 19:03:47 2016] <Cypi> Why French?
[Thu Nov  3 19:04:01 2016] <Cypi> Well ok, _some_ part of the codes still have French in them :p
[Thu Nov  3 19:04:07 2016] <Cypi> parts* code*
[Thu Nov  3 19:04:29 2016] <Cypi> But really, you shouldn't need any French to contribute :)
[Thu Nov  3 19:04:44 2016] <rrika> Cypi, it's more the usual problems of finding your way in a huge code base but I also did stumble upon french parts without looking for them.
[Thu Nov  3 19:05:26 2016] <Cypi> Also, I wonder how the devteam would feel about such a change. It would break probably every single script out there
[Thu Nov  3 19:05:39 2016] <rrika> Cypi, it's a "python with braces" kind of idea
[Thu Nov  3 19:05:59 2016] <rrika> only realistic way is a per file opt-in
[Thu Nov  3 19:06:02 2016] <Cypi> but I do agree that I always have to come up with terrible names for constructors :p
[Thu Nov  3 19:06:56 2016] <Cypi> On the other hand, this is a problem that shouldn't exist too much with nice use of modules
[Thu Nov  3 19:07:12 2016] <Cypi> (and just having several files, not using "Require Import" but just "Require")
[Thu Nov  3 19:07:56 2016] <rrika> Would be nice to have a cheatsheet/faq for the module system because I always put everything in a single file to avoid having to think about it too much
[Thu Nov  3 19:08:07 2016] <rrika> then again, I don't work on any serious project with coq
[Thu Nov  3 19:30:32 2016] <johnw> rrika: very much agreed
[Thu Nov  3 19:30:48 2016] <johnw> rrika: every time I want to do something serious with modules, I find myself reading the 3 scant resources that exist over and over
[Thu Nov  3 19:32:47 2016] <rrika> haha
[Thu Nov  3 19:33:45 2016] <Cypi> Just read the source code, and then write an explanation of it for everyone else :>
[Thu Nov  3 19:34:02 2016] <Cypi> (there is a myth that nobody quite understands the code managing modules)
[Fri Nov  4 19:40:26 2016] <johnw_> anyone here coming to the presentation at Santa Clara University this evening?
[Sun Nov  6 02:24:52 2016] <benzrf> johnw: apparently not
[Sun Nov  6 11:44:57 2016] <pozQXGWoinsRd> https://www.youtube.com/watch?v=3EsJLNGVJ7E & https://wikileaks.org/podesta-emails/emailid/15893, http://www.reuters.com/article/us-usa-election-foundation-idUSKBN12Z2SL & https://wikileaks.org/podesta-emails/emailid/3774 (ctrl+f qatar) - please don't let these be buried
[Wed Nov  9 04:12:53 2016] <JanBessai> when including a module type, I can override a single definition using "Include M with Definition Foo := 42.". Is there a way to do this with multiple definitions?
[Thu Nov 10 09:37:35 2016] <rrika> I was thinking about doing a proof that an algorithm that cuts polygons with axis-aligned edges into rectangles works correctly.
[Thu Nov 10 09:37:48 2016] <rrika> Was wondering what kind of field deals with such questions.
[Thu Nov 10 09:38:44 2016] <rrika> Because I could take some ad-hoc approach but the task seems simple enough that someone else must've thought about it already.
[Fri Nov 11 06:06:18 2016] <r_rios> Hello all. How do I specialize a forall hypothesis to some specific value?
[Fri Nov 11 06:07:24 2016] <r_rios> For example, I have H: forall x, P x and want to create an H0: P n for a specific n: nat
[Fri Nov 11 06:11:35 2016] <dmiles> To stack up the questions.. can Coq be used as a theorem prover?
[Fri Nov 11 06:17:27 2016] <zozozo> r_rios: iirc, (H n) should be a proof of H0
[Fri Nov 11 06:21:16 2016] <Cypi> You can use "specialize (H n)" if you want to replace H with the new hypothesis, or "pose proof (H n)" to create a new hypothesis
[Fri Nov 11 06:21:53 2016] <Cypi> dmiles: what do you mean? An automatic theorem prover?
[Fri Nov 11 06:22:04 2016] <Cypi> If yes, in some extent, with the right tactics
[Fri Nov 11 06:22:24 2016] <Cypi> to* some extent
[Fri Nov 11 06:22:27 2016] <modulus> it's not really thought out as an entirely automatic solver.
[Fri Nov 11 06:22:35 2016] <modulus> it can do some of it but it's not what it is good at.
[Fri Nov 11 06:23:13 2016] <dmiles> ok, well that is a start :P
[Fri Nov 11 06:23:31 2016] <dmiles> this is realitively new in the last 4 years?
[Fri Nov 11 06:24:11 2016] <dmiles> (the tactic managment being usefull for doing small bits of inferenceing)
[Fri Nov 11 06:25:28 2016] <dmiles> well sorry i am probably mixing a few things up it coudls sound like: inferncing and automated solving
[Fri Nov 11 06:25:42 2016] <zozozo> dmiles: for the record there exists some automated theorem provers which can output coq proofs (for instance, Zenon)
[Fri Nov 11 06:26:05 2016] <Cypi> It's not really new. Coq "always" had some (basic) automated tactics like auto, intuition, omega and so on, and some people always tried to have more complicated tactics
[Fri Nov 11 06:26:48 2016] <dmiles> since such provers exist that produce Coq output i suppose a nomral step is to let provers be embeded in some ways
[Fri Nov 11 06:27:11 2016] <dmiles> (or at least an interface to runing them?)
[Fri Nov 11 06:28:43 2016] <zozozo> right, but I d'ont remember if such a fonctionnality has already been implemented in Coq (btw, that's what the sledgehammer tool does in isabelle)
[Fri Nov 11 06:29:57 2016] <r_rios> zozozo: specialize is what I was looking for
[Fri Nov 11 06:30:18 2016] <r_rios> Thanks, Cypi and zozozo
[Fri Nov 11 06:30:53 2016] <dmiles> What i am evetually really after is to find out if deductive FOPL data files if i convert to a format someone likes can bbe used to forward anf backchain to deduce new states and facts.. this might be done using OWL files or perhaps KIF files like https://github.com/ontologyportal/sumo/blob/master/Merge.kif
[Fri Nov 11 06:31:40 2016] <dmiles> wondering what sort of tools exists in Coq's orbit for such things
[Fri Nov 11 06:34:18 2016] <dmiles> normally tools i use are LarKC, CYC and Ontolingua
[Fri Nov 11 06:34:52 2016] <dmiles> but there seems to be this whole other world in which Coq plays a big role in
[Fri Nov 11 06:36:13 2016] <dmiles> in whaty way is Coq differnt than Isabelle?
[Fri Nov 11 06:36:22 2016] <dmiles> from*
[Fri Nov 11 06:37:34 2016] <modulus> the logic is different. isabelle is classical high order logic.
[Fri Nov 11 06:37:51 2016] <modulus> coq is  (by default) intuitionistic/constructive.
[Fri Nov 11 06:38:43 2016] <dmiles> i think the logic of KIF might be called sequent logic.. I thought somehow it is constructive logic in that it builds up sentences
[Fri Nov 11 06:39:18 2016] <dmiles> but constructive logic is ot about constructing new sentences right?
[Fri Nov 11 06:40:18 2016] <dmiles> but constructive logic is about constructing new sentences without trying to make up T/F deductions right?
[Fri Nov 11 06:40:33 2016] <modulus> constructive logic is that if you have something saying there exists x, such that bla bla, if the logic is constructive you can get the x.
[Fri Nov 11 06:40:40 2016] <modulus> well, (an) x.
[Fri Nov 11 06:43:01 2016] <dmiles> i like that constructive logic does not cowtow to the ideas of excluding middle
[Fri Nov 11 06:43:30 2016] <dmiles> in that this is term rewriting without some notion of truth values?
[Fri Nov 11 06:43:39 2016] <dmiles> (sort of like prolog?)
[Fri Nov 11 06:45:22 2016] <rrika> dmiles, if you have a proof for "a=b" you can turn "x : … a …" into "x : … b …"
[Fri Nov 11 06:46:02 2016] <dmiles> nice, " double negation can be introduced, but it cannot be eliminated "   I always thought  double negation elimination was a bad idea
[Fri Nov 11 06:47:09 2016] <dmiles> since normally the two negations are in separated domains .. for exmaple    ~ ~ P migh tmean   never is it ture that P is false.. yet that doesnt say ever that P is true
[Fri Nov 11 06:47:45 2016] <dmiles>   ~ ~ P might mean  never is it true that P is disproven .. yet that doesnt say ever that P is true
[Fri Nov 11 06:48:04 2016] <rrika> and for your own data types you can define the constructors in a way that restricts which types are inhabited
[Fri Nov 11 06:49:45 2016] <dmiles> so Coq is very good at disproving types are compatible when they are not?
[Fri Nov 11 06:49:59 2016] <rrika> what do you mean by "are compatible"?
[Fri Nov 11 06:51:03 2016] <rrika> you can derive an contradiction if you have a proof of equality between values which you can tell apart
[Fri Nov 11 06:51:20 2016] <dmiles> For exampe i have  type: PortableObject  and various Types like : BigHouse and SMallCupcake..   BitgHouse is not Cpatable with ProtableObject
[Fri Nov 11 06:51:35 2016] <rrika> what kinds of things are these
[Fri Nov 11 06:52:10 2016] <dmiles>  IF X is type BigHouse is not X is not comaptible with PortableObject
[Fri Nov 11 06:52:23 2016] <rrika> I guess it's hard to disprove such things. You can always introduce an axiom later that says they *are* the same.
[Fri Nov 11 06:52:23 2016] <dmiles> they are datatypes  in a MUD i am writing
[Fri Nov 11 06:53:06 2016] <dmiles> they MUD rejects a user trying to pick up a box containing a BigHouse
[Fri Nov 11 06:53:13 2016] <rrika> oh I see
[Fri Nov 11 06:53:42 2016] <dmiles> so i use deduction to descide what is possible for players and NPCs
[Fri Nov 11 06:53:58 2016] <rrika> all the checks in coq I can think of are done ahead of time
[Fri Nov 11 06:54:07 2016] <rrika> using "pick" on a house is a dynamic error
[Fri Nov 11 06:54:15 2016] <rrika> so I guess you'll have to do the check yourself
[Fri Nov 11 06:55:03 2016] <dmiles> i am fine with these checks runing at runtime
[Fri Nov 11 06:55:22 2016] <dmiles> or i mean requesting these checks be done that is
[Fri Nov 11 06:55:52 2016] <rrika> but even then you want to specify a behavior what to do if they don't match
[Fri Nov 11 06:56:04 2016] <rrika> at that point why not just do the check yourself
[Fri Nov 11 06:58:00 2016] <dmiles> what i was thinking Coq was good at detecting disjointedness of sets of composite types
[Fri Nov 11 06:58:29 2016] <rrika> I don't know enough to answer that
[Fri Nov 11 06:58:31 2016] <dmiles> some sort of  set theory ++ :P
[Fri Nov 11 07:01:51 2016] <dmiles> i create composite types like here:  https://github.com/TeamSPoon/PrologMUD/blob/master/pack/prologmud/games/src_game_nani/objs_misc_household.pfc.pl#L133-L160
[Fri Nov 11 07:02:15 2016] <rrika> genls meaning?
[Fri Nov 11 07:02:22 2016] <dmiles> genls means if X is arg1 then X is Arg2
[Fri Nov 11 07:02:32 2016] <rrika> oh
[Fri Nov 11 07:03:03 2016] <rrika> does genls form a tree or a graph?
[Fri Nov 11 07:03:15 2016] <dmiles> the *Able types are what NPCs can nomrally do with things
[Fri Nov 11 07:03:29 2016] <dmiles> someehat if a graph
[Fri Nov 11 07:03:41 2016] <dmiles> someehat of a graph .. hoping to tree-ify it
[Fri Nov 11 07:04:17 2016] <dmiles> (assuming tree-ify means i resolve the world into non circular terms)
[Fri Nov 11 07:04:20 2016] <rrika> things you do have in coq:
[Fri Nov 11 07:04:22 2016] <rrika> logic programming to generate terms
[Fri Nov 11 07:04:30 2016] <rrika> records that can hold functions (like vtables)
[Fri Nov 11 07:04:46 2016] <rrika> automatic "casts"
[Fri Nov 11 07:05:49 2016] <rrika> ^ if you have a record B that contains (base: A, health: nat) then the function "base" which takes a B and returns an A, when declared as "coercion" will allow the use of objects of type B where A is expected
[Fri Nov 11 07:06:46 2016] <dmiles> ahah good.  coercian for me is very important.. I describe quite a bit in it
[Fri Nov 11 07:07:19 2016] <rrika> you have no way to get back from A to B though
[Fri Nov 11 07:07:44 2016] <dmiles> I coerce  (pathFn kitchen north)   to a lookAble that rturns  (a path leads normth_
[Fri Nov 11 07:08:25 2016] <dmiles> I coerce  (PathFn kitchen north)   to a 'lookAble' (was a path) that returns  and object that can be seen
[Fri Nov 11 07:09:06 2016] <dmiles> mainly i am sort of reassigning the expected uses the code has with a datatype.. that it can start to be used with code that used differnt types
[Fri Nov 11 07:10:51 2016] <dmiles> typeProps(tBroccoli,[mudColor(vGreen),mudSize(vSmall),mudShape(isLikeFn(mudShape,tTree))]).    so an isntance of broccoli normally only good for energy can be coerced to tArt that looks like a tree
[Fri Nov 11 07:11:09 2016] <rrika> prolog seems to be a nice language to prototype stuff like that
[Fri Nov 11 07:11:18 2016] <dmiles> and somone miight paint snow on it (based on the tree-ness)
[Fri Nov 11 07:11:28 2016] <dmiles> (green tree-nees)
[Fri Nov 11 07:12:28 2016] <dmiles> prolog allows so many decrees of freedom .. you almost need a theorem prover to manage all of your code and data :P
[Fri Nov 11 07:12:42 2016] <dmiles> not almost .. you do
[Fri Nov 11 07:12:52 2016] <rrika> okay, here's a problem I see
[Fri Nov 11 07:12:59 2016] <rrika> coq only allows complete functions
[Fri Nov 11 07:13:08 2016] <dmiles> (whyy i am seeking tools outside prolog)
[Fri Nov 11 07:13:11 2016] <rrika> so if you define a function: AnyType -> option Carryable
[Fri Nov 11 07:13:23 2016] <rrika> at that point you already need to deal with all possible inputs
[Fri Nov 11 07:13:36 2016] <rrika> if your "type" hierarchy is extendable you could break that
[Fri Nov 11 07:14:07 2016] <dmiles> ahah.  atp-haskell is all AnyType
[Fri Nov 11 07:14:32 2016] <rrika> so you'll need an enum/inductivedatatype to list all possible types you have
[Fri Nov 11 07:14:52 2016] <rrika> *"types"
[Fri Nov 11 07:15:00 2016] <rrika> they're only types from the gamers perspective
[Fri Nov 11 07:15:17 2016] <rrika> dmiles, if you want to check out another language but not wander too far way from prolog check out mercury
[Fri Nov 11 07:15:26 2016] <dmiles> so eventualyl we get some support from the language?
[Fri Nov 11 07:15:58 2016] <dmiles> (i mena eventually we stop being the "gamers types" and finnaly get to use outr types)
[Fri Nov 11 07:17:24 2016] <dmiles> eventually we stop being the "gamers types" and finnaly get to use our types such as dynamicGamerType systemEnumeablePErcent , actionBackedByCode types
[Fri Nov 11 07:18:19 2016] <dmiles> (sort of like if you implement edenbouroh prolog in mercury .. you will have a type called  compound,  databaseTerm, etc)
[Fri Nov 11 07:19:01 2016] <dmiles> (even though the runner of your prolog will have their own system they are thinking in)
[Fri Nov 11 07:20:18 2016] <dmiles> secretly i hoping that somehow if their is finnally a ontology of types the systenm discovers that the gamer doesnt have to
[Fri Nov 11 07:20:23 2016] <dmiles> there*
[Fri Nov 11 07:20:34 2016] <rrika> I gotta go. Hope you find what you need.
[Fri Nov 11 07:20:54 2016] <dmiles> thx.. i should get to work to..
[Fri Nov 11 07:23:20 2016] <dmiles> "so you'll need an enum/inductivedatatype"  percisly the type of deduction system...   perhaps i am looking for the Quine that produces typetheory and coding it in typethoery
[Fri Nov 11 07:23:37 2016] <dmiles> or ATP encoded in ATP
[Fri Nov 11 07:25:02 2016] <dmiles> for exmaple.. my TimeSices are never going to be typecompable with the type system (that is a good thing)
[Fri Nov 11 07:25:33 2016] <dmiles> time-intervals will stay disjoint form npcs and disjoint from actions
[Sat Nov 12 08:58:06 2016] <shlevy> In case anyone's interested: I've created an unofficial discussion channel for fiat at ##fiat
[Sat Nov 12 09:03:17 2016] <Nik05> sorry shlevy i dont drive a fiat
[Sat Nov 12 09:03:57 2016] <Nik05> I read into category theory and I understand Coq a lot more now.
[Sat Nov 12 11:30:14 2016] <napping> In 8.5 constructor patterns must now mention parameters of their type?
[Mon Nov 14 14:53:06 2016] <aspiwack[m]> napping: only if they are not declared as implicit.
[Mon Nov 14 14:53:22 2016] <aspiwack[m]> Just like in expressions.
[Tue Nov 15 21:31:33 2016] <keep_learning> Hello everyone
[Tue Nov 15 21:31:40 2016] <keep_learning> I am trying to prove this https://gist.github.com/mukeshtiwari/6eb4267771c444efff6a0321159e353f
[Tue Nov 15 21:32:19 2016] <keep_learning> But my problem is I don't have instance of cand variable in context
[Tue Nov 15 21:32:32 2016] <keep_learning> Any idea if it provable or not ?
[Tue Nov 15 21:37:01 2016] <rrika> keep_learning, I think it's provable
[Tue Nov 15 21:37:45 2016] <keep_learning> rrika: Any point on how to proceed
[Tue Nov 15 21:38:10 2016] <Ptival> ha, I was going to say I felt like it wasn't
[Tue Nov 15 21:38:17 2016] <Cypi> I'm trying to do it by induction on cand_all, somehow
[Tue Nov 15 21:38:19 2016] <rrika> if you can recurse down cand_all and show that you can't reach the end without having found a matching candidate (because you have cand_fin) you can show that "forall c: cand, p c > 0" is convertable to a chain of ands and conversely
[Tue Nov 15 21:38:23 2016] <rrika> maybe I haven't thought this throuhg
[Tue Nov 15 21:38:28 2016] <rrika> * starts emacs to prototype
[Tue Nov 15 21:38:40 2016] <Cypi> but I'm not convinced yet that this is provable either :)
[Tue Nov 15 21:39:02 2016] <Cypi> (note that cand_fin is in Prop by the way, which doesn't help)
[Tue Nov 15 21:39:12 2016] <Ptival> why is cand_all relevant?
[Tue Nov 15 21:39:13 2016] <rrika> okay, okay, consider it unprovable until I know more
[Tue Nov 15 21:39:34 2016] <rrika> Ptival, it is finite
[Tue Nov 15 21:39:35 2016] <Cypi> Ptival: it is supposed to contain every cand there is
[Tue Nov 15 21:39:37 2016] <Ptival> it seems to me this just says "for any function from an arbitrary type to nat, I can decide whether that function always return strictly positive"
[Tue Nov 15 21:39:50 2016] <Cypi> from an arbitrary finite type to nat
[Tue Nov 15 21:40:06 2016] <Ptival> oh, didn't see that
[Tue Nov 15 21:40:14 2016] <Ptival> ok that seems provable then :)
[Tue Nov 15 21:54:43 2016] <Cypi> Ok, can confirm
[Tue Nov 15 21:55:00 2016] <Cypi> Hint: I first proved the following lemma:
[Tue Nov 15 21:55:13 2016] <Cypi> forall (b : ballot) (l : list cand), {forall c : cand, In c l -> b c > 0} + {~ forall c : cand, In c l -> b c > 0}
[Tue Nov 15 21:57:14 2016] <keep_learning> Cypi: Thank you.
[Tue Nov 15 21:57:53 2016] <keep_learning> and instantiating l with cand_all in this lemma ?
[Tue Nov 15 21:58:01 2016] <Cypi> yes
[Tue Nov 15 21:58:28 2016] <keep_learning> Cypi: Thanks again
[Tue Nov 15 22:03:50 2016] <rrika> ugh, I'm twenty lines of helper theorems in and not near yet
[Tue Nov 15 22:10:08 2016] <keep_learning> rrika: and I have proved forall b : ballot, {ballot_valid b} + {~ballot_valid b}. assuming forall b : ballot, {ballot_valid b} + {~ballot_valid b}.
[Tue Nov 15 22:10:39 2016] <rrika> did you just paste the same thing twice?
[Tue Nov 15 22:10:48 2016] <keep_learning> rrika: Yeah
[Tue Nov 15 22:11:01 2016] <Cypi> Now just apply any fixpoint combinator!
[Tue Nov 15 22:11:11 2016] <keep_learning> proved forall b : ballot, {ballot_valid b} + {~ballot_valid b}.  assuming  forall (b : ballot) (l : list cand),       {forall c : cand, In c l -> b c > 0} + {~ forall c : cand, In c l -> b c > 0}.
[Tue Nov 15 22:16:31 2016] <keep_learning> Cypi: https://gist.github.com/mukeshtiwari/8aa739f48bd993b573c2ec6898ba8423
[Tue Nov 15 22:17:32 2016] <keep_learning> Cypi: Any hint for this goal
[Tue Nov 15 22:47:40 2016] <keep_learning> rrika: Did you finish the proof. I am stuck with c = a case
[Tue Nov 15 22:48:00 2016] <rrika> I got as far as you did, using Cypi's hint, now back to fixing my own proof
[Tue Nov 15 22:48:17 2016] <rrika> I used a slightly modified version of Cypi's lemma.
[Tue Nov 15 22:48:24 2016] <rrika> forall (b : ballot) (l := cand_all), {forall c : cand, In c l -> b c > 0} + {~ forall c : cand, In c l -> b c > 0}
[Tue Nov 15 22:48:34 2016] <rrika> maybe that's a bad idea, idk
[Tue Nov 15 22:51:43 2016] <keep_learning> Now only Cypi can tell us about the proof.
[Tue Nov 15 23:24:06 2016] <keep_learning> rrika: I guess I am only stuck with c = a https://gist.github.com/mukeshtiwari/e4f958dff0b8609404f740f51abb1d7c
[Tue Nov 15 23:30:01 2016] <johnw> hi guys
[Tue Nov 15 23:30:58 2016] <johnw> I'll need more definitions to try this here
[Tue Nov 15 23:31:06 2016] <rrika> johnw, challenge of the day: <keep_learning> I am trying to prove this https://gist.github.com/mukeshtiwari/6eb4267771c444efff6a0321159e353f
[Tue Nov 15 23:35:00 2016] <keep_learning> johnw: We have proof of valid_or_invalid_ballot : forall b : ballot, {ballot_valid b} + {~ballot_valid b}. assuming forall (b : ballot) (l : list cand), {forall c : cand, In c l -> b c > 0} + {~(forall c : cand, In c l -> b c > 0)}.
[Tue Nov 15 23:35:24 2016] <keep_learning> but stuck with forall (b : ballot) (l : list cand), {forall c : cand, In c l -> b c > 0} + {~(forall c : cand, In c l -> b c > 0)}. :)
[Tue Nov 15 23:38:30 2016] <johnw> I don't think this is provable
[Tue Nov 15 23:38:51 2016] <modulus> i've been trying to prove the ceval_deterministic theorem from Imp.BreakImp on Software Foundations for a couple of weeks now.
[Tue Nov 15 23:39:22 2016] <modulus> can anyone give me hints on it? i can post details but it depends on quite a few definitions.
[Tue Nov 15 23:39:52 2016] <johnw> I can take a look at where you're stuck
[Tue Nov 15 23:39:56 2016] <modulus> sure, sec
[Tue Nov 15 23:40:02 2016] <johnw> keep_learning: there isn't enough information to prove this, from what I can see
[Tue Nov 15 23:41:28 2016] <keep_learning> Thanks johnw, but could you please elaborate bit more.
[Tue Nov 15 23:41:28 2016] <johnw> it's saying that either every candidate had at least one vote, or no candidates had any votes?  Is that what ballot means?
[Tue Nov 15 23:41:54 2016] <keep_learning> ballot is a function from finite type to natural number
[Tue Nov 15 23:42:04 2016] <modulus> This is my current script so far.
[Tue Nov 15 23:42:05 2016] <modulus> https://paste.debian.net/896080/
[Tue Nov 15 23:42:20 2016] <johnw> ah
[Tue Nov 15 23:42:48 2016] <modulus> i'm stuck on the induction, when it takes place over WHILE b DO c END.
[Tue Nov 15 23:43:27 2016] <johnw> i don't know if I can evaluate SF up to this point...
[Tue Nov 15 23:43:30 2016] <johnw> i'll try
[Tue Nov 15 23:43:46 2016] <modulus> I can paste the judgement.
[Tue Nov 15 23:44:12 2016] <johnw> oh, I got there
[Tue Nov 15 23:44:46 2016] <johnw> we must have differences, though, your proof script breaks for me about 12 lines in
[Tue Nov 15 23:44:51 2016] <modulus> i'm not sure induction on that is the way to do it but it's the one that came to mind.
[Tue Nov 15 23:45:06 2016] <modulus> hmm odd
[Tue Nov 15 23:45:12 2016] <johnw> I'm using Coq 8.5pl3
[Tue Nov 15 23:45:23 2016] <modulus> ah, i'm on pl2
[Tue Nov 15 23:45:41 2016] <modulus> can a single patch level break things much?
[Tue Nov 15 23:45:52 2016] <johnw> so...
[Tue Nov 15 23:45:57 2016] <johnw> i just solved it in one-line
[Tue Nov 15 23:46:03 2016] <modulus> loool
[Tue Nov 15 23:46:15 2016] <modulus> presumably other than Admitted ;-)
[Tue Nov 15 23:46:18 2016] <johnw> yeah
[Tue Nov 15 23:46:31 2016] <johnw> so, maybe you're overthinking it
[Tue Nov 15 23:46:34 2016] <modulus> hmm so any hints?
[Tue Nov 15 23:46:50 2016] <johnw> sure, the same tactic can several every sub goal after inducting and splitting
[Tue Nov 15 23:46:55 2016] <johnw> well, same set of tactics
[Tue Nov 15 23:47:03 2016] <johnw> total script is 52 characters
[Tue Nov 15 23:47:11 2016] <modulus> lol i can't believe that.
[Tue Nov 15 23:47:12 2016] <johnw> and I don't think I'm using anything fancy, aside from "auto"
[Tue Nov 15 23:47:32 2016] <johnw> oh, 59 chars, I forget one thing
[Tue Nov 15 23:47:34 2016] <modulus> * still very noobish, clearly.
[Tue Nov 15 23:47:44 2016] <johnw> keep at it
[Tue Nov 15 23:47:53 2016] <johnw> my first real proof took me literally 40 man hours
[Tue Nov 15 23:48:11 2016] <johnw> then, 2 years later I ended up doing the same proof in just a few minutes, and it occurred to me, "Hey, what a minute, this is that same proof!!!"
[Tue Nov 15 23:48:18 2016] <modulus> heh
[Tue Nov 15 23:48:29 2016] <modulus> i noticed that with some of teh miniproofs like plus_comm
[Tue Nov 15 23:49:56 2016] <johnw> one key to all of this is that everything boils down to pretty much three operations: introducing data through constructors, eliminating data through destructors, and function calls.  The real trick, of course, is know how to formulate types to say what you really want them to say, and which functions to call. :)
[Tue Nov 15 23:50:37 2016] <johnw> every tactic is just a shorthand for those things
[Tue Nov 15 23:50:51 2016] <modulus> so when you say in one line you mean from the start of the proof or from where my script left of?
[Tue Nov 15 23:51:03 2016] <modulus> or in other words should i try to continue banging on my script or start from zero?
[Tue Nov 15 23:51:08 2016] <johnw> i mean, from "Proof. <59 chars>. Qed."
[Tue Nov 15 23:51:27 2016] <modulus> damn
[Tue Nov 15 23:51:40 2016] <johnw> you had started out right
[Tue Nov 15 23:52:03 2016] <johnw> I think some of your induction hypothesis applications might not have the right arguments
[Tue Nov 15 23:52:27 2016] <johnw> and usually all rewriting by equalities can be replaced with "subst"
[Tue Nov 15 23:52:41 2016] <johnw> we've now said in this channel every tactic that is needed :)
[Tue Nov 15 23:52:47 2016] <johnw> and even some that aren't
[Tue Nov 15 23:56:51 2016] <keep_learning> johnw: https://gist.github.com/mukeshtiwari/6eb4267771c444efff6a0321159e353f. I have added the the proof so far I have completed
[Tue Nov 15 23:57:37 2016] <keep_learning> I am just stuck at one point where a = c in context
[Tue Nov 15 23:57:58 2016] <keep_learning> Going out and will be back in 1 hour
[Tue Nov 15 23:58:54 2016] <modulus> i've tried induction c; inversion H; inversion H0; auto. but that's not quite it.
[Tue Nov 15 23:59:37 2016] <modulus> maybe need to induce on on  of the hypotheses.
[Wed Nov 16 00:01:20 2016] <johnw> you're just missing one tactic there
[Wed Nov 16 00:01:29 2016] <johnw> no, two
[Wed Nov 16 00:01:37 2016] <johnw> the 4 you have are right, and in the right order
[Wed Nov 16 00:01:40 2016] <johnw> just insert 2 more and you're done
[Wed Nov 16 00:01:50 2016] <johnw> now, to understand WHY and where, that is the thing :)
[Wed Nov 16 00:04:12 2016] <modulus> lol
[Wed Nov 16 00:06:20 2016] <modulus> ok, i do need split before auto.
[Wed Nov 16 00:06:26 2016] <modulus> but other than that...
[Wed Nov 16 00:16:23 2016] <johnw> hint: subst
[Wed Nov 16 00:16:54 2016] <johnw> alternatively (and SF may not have covered this yet), just "congruence"
[Wed Nov 16 00:17:07 2016] <johnw> congruence says "solve this equation using knowledge of all equalities in the context"
[Wed Nov 16 00:19:57 2016] <modulus> hmm subst.
[Wed Nov 16 00:20:44 2016] <modulus> nah, i can't do this.... urgh.
[Wed Nov 16 00:21:02 2016] <modulus> yeah, congruence hasn't been shown yet.
[Wed Nov 16 00:25:40 2016] <johnw> induction c; split; inversion H; inversion H0; subst; auto.
[Wed Nov 16 00:25:50 2016] <johnw> the split could move anywhere
[Wed Nov 16 00:26:18 2016] <modulus> no, 23 sugoals left.
[Wed Nov 16 00:26:25 2016] <johnw> interesting
[Wed Nov 16 00:26:31 2016] <johnw> I wonder why it solves it here?
[Wed Nov 16 00:26:54 2016] <johnw> I just have: Proof. induction c; split; inversion H; inversion H0; congruence. Qed.
[Wed Nov 16 00:27:07 2016] <johnw> for the theorem on line 1674, [ceval_deterministic]
[Wed Nov 16 00:27:25 2016] <modulus> i'll try congruence.
[Wed Nov 16 00:28:32 2016] <modulus> is this the goal of the theorem? forall (c : com) (st st1 st2 : state) (s1 s2 : status), c / st \\ s1 / st1 -> c / st \\ s2 / st2 -> st1 = st2 /\ s1 = s2
[Wed Nov 16 00:30:29 2016] <johnw> https://gist.github.com/jwiegley/80b39aefca77e7d28da14e389f0f9958
[Wed Nov 16 00:31:27 2016] <rrika> keep_learning, I did it, I think
[Wed Nov 16 00:31:36 2016] <modulus> wtf that is weird.
[Wed Nov 16 00:32:30 2016] <modulus> i gues the terms mustn't have the same definitions somehow.
[Wed Nov 16 00:32:37 2016] <modulus> * sighs
[Wed Nov 16 00:33:22 2016] <rrika> keep_learning, https://gist.github.com/rrika/c0b49bc88bfc1ffbc293492f0aa43514
[Wed Nov 16 00:33:41 2016] <modulus> with congruence it tells me tried to save incomplete proof.
[Wed Nov 16 00:39:22 2016] <rrika> keep_learning, where you do "destruct IHz. left." instead of left I do "destruct (le_gt_dec (b a) 0)." and go into right and the left depending on that.
[Wed Nov 16 01:17:50 2016] <keep_learning> rrika: Thank you.
[Wed Nov 16 01:18:35 2016] <keep_learning> johnw: I was tried this proof twice https://github.com/mukeshtiwari/Coq/blob/master/software-foundation-8.5/Imp.v#L737
[Wed Nov 16 01:19:04 2016] <keep_learning> still not able to finish it, and your proof is just a line :)
[Wed Nov 16 01:19:22 2016] <rrika> keep_learning, I tried shortening my proof a bit.
[Wed Nov 16 01:20:15 2016] <rrika> randomly added "firstorder." and "auto." and looked at how much it helped :P
[Wed Nov 16 01:21:52 2016] <keep_learning> rrika: I do that very often :)
[Wed Nov 16 01:22:05 2016] <keep_learning> Use it and see if it is working or not
[Wed Nov 16 01:46:14 2016] <johnw> rrika: nicely done
[Wed Nov 16 01:46:41 2016] <rrika> ^_^ thanks
[Wed Nov 16 01:53:29 2016] <johnw> rrika: https://gist.github.com/jwiegley/cf02c7380be2ee45bf9fbdcfded79a8e
[Wed Nov 16 01:53:47 2016] <johnw> it never occurred to me to drop the In down into the two sides; I'll remember that trick
[Wed Nov 16 01:53:56 2016] <rrika> of course you'd golf it
[Wed Nov 16 01:54:04 2016] <johnw> it's all I can do at this point :)
[Wed Nov 16 01:54:43 2016] <johnw> consider it an offer of admiration :)
[Wed Nov 16 01:54:45 2016] <rrika> johnw, the funny thing is Cypi, looked at it for five minutes came up with that, left a cryptic hint and left. I and keep_learning failed to reproduce it so I tried all kinds of approaches, only to see that it ended up being what Cypi described
[Wed Nov 16 01:57:11 2016] <rrika> what does "cut" do?
[Wed Nov 16 01:57:17 2016] <modulus> johnw - a bit at end of tethre with this ceval_deterministic thing, could i show you my definition of ceval to see if it's the same you have?
[Wed Nov 16 01:57:29 2016] <johnw> it says: prove that you can solve the goal assuming X, then prove X
[Wed Nov 16 01:57:55 2016] <johnw> it's the reverse order of using assert
[Wed Nov 16 01:58:22 2016] <rrika> ooh, nice
[Wed Nov 16 01:58:26 2016] <johnw> modulus: sure
[Wed Nov 16 01:59:07 2016] <rrika> firstorder sure takes long
[Wed Nov 16 01:59:17 2016] <rrika> on my slow cpu I can see the difference clearly
[Wed Nov 16 02:02:40 2016] <modulus> https://paste.debian.net/896102/
[Wed Nov 16 02:02:47 2016] <modulus> ok, do your defs look like this?
[Wed Nov 16 02:02:53 2016] <johnw> yeah, firstorder is always my last choice
[Wed Nov 16 02:02:58 2016] <rrika> anyway, your version is very nice to read.
[Wed Nov 16 02:03:10 2016] <rrika> bedtime
[Wed Nov 16 02:03:36 2016] <johnw> I have a fast version now
[Wed Nov 16 02:03:48 2016] <johnw> https://gist.github.com/jwiegley/cf02c7380be2ee45bf9fbdcfded79a8e
[Wed Nov 16 02:04:41 2016] <rrika> is auto or intuition faster?
[Wed Nov 16 02:04:51 2016] <johnw> than firstorder? always
[Wed Nov 16 02:05:20 2016] <johnw> modulus: ah, that was it!
[Wed Nov 16 02:05:26 2016] <johnw> modulus: forget everything I told you; trying now
[Wed Nov 16 02:05:46 2016] <modulus> hah
[Wed Nov 16 02:05:46 2016] <johnw> I have 27 goals now too
[Wed Nov 16 02:05:55 2016] <modulus> lol that starts to make sense :-)
[Wed Nov 16 02:06:04 2016] <johnw> well, 15 if I try congruence
[Wed Nov 16 02:06:43 2016] <modulus> still a good bunch left.
[Wed Nov 16 02:10:25 2016] <reuben364> is there anything that explains coq's assortment of tactics like auto, omega, congruence, firstorder, nsatz for mere mortals like me?
[Wed Nov 16 02:37:13 2016] <johnw> modulus: I don't know what to do with these WHILE_DO_END blocks either
[Wed Nov 16 02:37:26 2016] <johnw> reuben364: I don't know of any really good resource, unfortunately
[Wed Nov 16 02:38:05 2016] <modulus> yeah, i suspect the general strategy is wrong, of inducti on c.
[Wed Nov 16 02:38:15 2016] <modulus> unfortunately i haven't come up with anything better.
[Wed Nov 16 02:38:29 2016] <reuben364> johnw: okay, thanks.
[Wed Nov 16 02:57:41 2016] <johnw> modulus: well, I'm kind of close
[Wed Nov 16 02:57:56 2016] <johnw> modulus: maybe you know what to do now
[Wed Nov 16 02:58:17 2016] <johnw> modulus: https://gist.github.com/jwiegley/07352c4e464f5bbd78650fa9ccf0ede9
[Wed Nov 16 03:37:38 2016] <modulus> johnw - thanks!
[Wed Nov 16 03:38:55 2016] <modulus> lol, no; i don't know most of those tactics. i've no idea how to continue it :-)
[Wed Nov 16 03:39:22 2016] <johnw> the goal at that admit is pretty simple
[Wed Nov 16 03:39:33 2016] <johnw> I feel like we need to know something more about WHILE
[Wed Nov 16 03:40:00 2016] <johnw> that if WHILE X / st \\ SContinue / st1 and WHILE X / st \\ SContinue / st2, then st1 = st2
[Wed Nov 16 03:40:15 2016] <johnw> that's all that's left, but even as a separate theorem I couldn't find the way to break it apart
[Wed Nov 16 03:40:49 2016] <modulus> yeah, to be quite honest i'm not sure it is true
[Wed Nov 16 03:41:48 2016] <modulus> at least i get feeling that it could be different number of rounds of the while
[Wed Nov 16 03:42:03 2016] <johnw> it's the same predicate, and the same body
[Wed Nov 16 03:43:01 2016] <modulus> hmm yes, it ought to be true.
[Wed Nov 16 03:45:08 2016] <modulus> SF imo has some exercises that are not really well balanced.
[Wed Nov 16 03:45:24 2016] <modulus> the previous 2-3 exercises on ceval i did trivially, and this one is basically impossible for me.
[Wed Nov 16 03:56:06 2016] <johnw> yeah, there's some trick here we're missing
[Wed Nov 16 03:56:22 2016] <johnw> anyway, that's it for me; good night!
[Wed Nov 16 06:31:47 2016] <Cypi> johnw: if you want to do the exact reverse of assert, there is "enough"
[Wed Nov 16 06:31:59 2016] <Cypi> (this will introduce the new hypothesis in the goal, whereas cut doesn't)
[Wed Nov 16 08:37:40 2016] <rrika> Are goals like "False_rect … = …" usually provable?
[Wed Nov 16 08:54:52 2016] <Cypi> If False_rect is fully applied, then sure: the second argument to False_rect has type False
[Wed Nov 16 09:00:22 2016] <rrika> Cypi, what kind of tactic would help me with this
[Wed Nov 16 09:01:30 2016] <Cypi> If you have "False_rect P t = …", then "elim t" should do it
[Wed Nov 16 09:01:37 2016] <rrika> thank you
[Wed Nov 16 09:01:40 2016] <Cypi> (or "destruct" if you prefer)
[Wed Nov 16 09:18:56 2016] <rrika> so if there's any term inside the goal which I know can't have a value I can use destruct to dismiss the goal?
[Wed Nov 16 09:19:01 2016] <rrika> (or elim)
[Wed Nov 16 09:19:57 2016] <rrika> goal: f (is_odd 2) (…) = g …
[Wed Nov 16 09:20:03 2016] <rrika> elim (is_odd 2)
[Wed Nov 16 09:20:05 2016] <rrika> ?
[Wed Nov 16 09:21:01 2016] <Cypi> yes
[Wed Nov 16 09:21:14 2016] <Cypi> well, if Coq can determine that it's empty indeed
[Wed Nov 16 09:23:28 2016] <rrika> if it can't can I have it give me "supposedly_emtpy |- False" as goal?
[Wed Nov 16 09:27:45 2016] <Cypi> You can always do something like "pose proof (supposedly_empty); exfalso"
[Wed Nov 16 09:31:02 2016] <rrika> oh, right, I don't even need to interact with the goal
[Wed Nov 16 10:14:39 2016] <GoGi> To implement coq in set theory, do we really need inaccessible cardinals, or would something like feferman's set theory ZFC/S which has some reflection principle but is conservative over ZFC suffice?
[Wed Nov 16 10:55:46 2016] <aspiwack[m]> GoGi: I think there hasn't been much investigation into this sort of things since: http://www.lix.polytechnique.fr/~werner/publis/tacs97.pdf . None that I'm aware of at least.
[Wed Nov 16 10:56:20 2016] <aspiwack[m]> Mmm… there's Bruno Barras's work.
[Wed Nov 16 10:57:08 2016] <aspiwack[m]> http://www.lix.polytechnique.fr/~barras/proofs/sets/index.html
[Wed Nov 16 10:57:20 2016] <aspiwack[m]> It uses IZF but probably inaccessible cardinals as well.
[Wed Nov 16 11:02:59 2016] <Cypi> Also, http://www.lix.polytechnique.fr/~barras/habilitation/ for the inductive types
[Wed Nov 16 11:27:08 2016] <johnw> Cypi: nice!  Never even heard of 'enough'
[Wed Nov 16 12:42:03 2016] <GoGi> in 5.4.2, the habilitation you refered to says
[Wed Nov 16 12:42:06 2016] <GoGi> We have chosen to model the universes of ECC as Grothendieck universes, which
[Wed Nov 16 12:42:06 2016] <GoGi> are the intuitionistic counterparts of inaccessible cardinals.  It is known that it is not
[Wed Nov 16 12:42:06 2016] <GoGi> necessary to resort to such powerful axioms, since Luo’s proof of strong normalization
[Wed Nov 16 12:42:06 2016] <GoGi> proof of ECC [35], based on quasi-normalization, is expressed within ZF.
[Wed Nov 16 12:42:17 2016] <GoGi> what does this mean?
[Wed Nov 16 13:04:33 2016] <aspiwack[m]> GoGi: basically that proving the consistency/termination of calculus of construction + universes (ECC) doesn't require inaccessible cardinals. That being said, Coq has inductive types with strong elimination, this may require more (though Barras seems to believe it). I wouldn't be surpris in Luo's model is not very natural. But it would be best to read his proof.
[Wed Nov 16 19:21:54 2016] <Ptival> so, what's the general approach to solving something where dependent types prevent you from doing a destruct/induction?
[Wed Nov 16 19:22:13 2016] <Ptival> w/o using Program
[Wed Nov 16 19:34:26 2016] <johnw> Ptival: https://homes.cs.washington.edu/~jrw12/dep-destruct.html
[Wed Nov 16 19:35:54 2016] <rrika> Ptival, like what?
[Wed Nov 16 19:37:25 2016] <Ptival> rrika: I am trying to prove a bunch of properties about some encoding of extensible records, and most proofs end up in a place where I'm stuck because of dependent types
[Wed Nov 16 19:38:13 2016] <jrw> Ptival: I don't know if there is a fully general strategy. I have memorized a few tricks and I just blindly apply them until I get it or get frustrated or convince myself it's not provable
[Wed Nov 16 19:38:33 2016] <jrw> if you can share code I'd be happy to try my tricks on it :)
[Wed Nov 16 19:40:02 2016] <Ptival> jrw: are most of your tricks writing a dependent pattern match using refine?
[Wed Nov 16 19:40:28 2016] <jrw> there's that
[Wed Nov 16 19:40:32 2016] <jrw> there's generalizing stuff that seems like it can be generalized
[Wed Nov 16 19:40:40 2016] <Ptival> yeah :)
[Wed Nov 16 19:40:46 2016] <Ptival> ok I think I have the same tricks haha
[Wed Nov 16 19:40:48 2016] <jrw> there's pulling out a subterm and working on it independently from the big term
[Wed Nov 16 19:40:59 2016] <Ptival> but it always feels like I'm doing something specific and not seeing the pattern :)
[Wed Nov 16 19:41:04 2016] <Ptival> yeah
[Wed Nov 16 19:41:44 2016] <Ptival> basically massaging things to remove the constraint on the type index
[Wed Nov 16 19:41:55 2016] <jrw> yeah
[Wed Nov 16 19:42:07 2016] <jrw> "oh you have this dependent problem. what if you made it... less dependent?"
[Wed Nov 16 19:43:23 2016] <Ptival> jrw: trying to prove http://paste.awesom.eu/7mRl where Records is coq-extensible-records
[Wed Nov 16 19:44:40 2016] <jrw> cool, I'll take a look. are these records what you guys are using to model states in the TLA implementation as well?
[Wed Nov 16 19:47:32 2016] <Ptival> we're trying to switch to those yes, in the current implementation we use "state: string -> R", but it doesn't give us nice composability
[Wed Nov 16 19:48:46 2016] <jrw> right, makes sense.
[Wed Nov 16 19:50:11 2016] <Ptival> https://github.com/UCSD-PL/kraken/commit/7601bc <- back when I had to write crazy refines, I would factor them out and name them "ridiculous_lemma_n"
[Wed Nov 16 19:50:42 2016] <jrw> hahahaha
[Wed Nov 16 19:50:59 2016] <Ptival> ll 1836+ have an insane refine
[Wed Nov 16 19:51:10 2016] <Ptival> that's how I learned the hard way to not bite more than I could chew :(
[Wed Nov 16 19:51:23 2016] <jrw> best refine
[Wed Nov 16 19:58:41 2016] <jrw> sigh I'm getting a bunch of weird errors that make me think I'm hitting coq bugs.
[Wed Nov 16 19:58:56 2016] <jrw> Ptival: what version of coq should I use with this? (or should it not matter?)
[Wed Nov 16 20:17:24 2016] <jrw> Ptival: so I tried proving it using `dependent destruct` just to get some intuition for how it should go, and I finished it, but can't get it to Qed because of a "block" artifact from the internals of Program. I've never seen this before, but I wonder if this is a bad sign for making the proof go through event without Program. ("too much dependency" or something...)
[Wed Nov 16 21:18:17 2016] <vilhelm_s> I import a library which defines a notation (without putting it in any scope). Is there any way I can get rid of it?
[Wed Nov 16 21:19:29 2016] <vilhelm_s> Well, I guess I can define a new one which overrides it, that’s probably good enough…
[Wed Nov 16 22:18:21 2016] <Ptival> jrw: :s
[Wed Nov 16 22:18:36 2016] <Ptival> let me give it a try too :3
[Wed Nov 16 22:19:00 2016] <Ptival> maybe the pmr <> pmw hypothesis can be expressed in a different way
[Wed Nov 16 22:19:24 2016] <Ptival> I just want to know that the updated field is not the field being read
[Wed Nov 16 23:14:21 2016] <jrw> Ptival: can you get decidable equality on `member` and then have a general lemma that uses an `if` expression to describe write-over-read?
[Thu Nov 17 01:02:18 2016] <tomjack> does AC_fun here https://coq.inria.fr/library/Coq.Logic.ChoiceFacts.html#FunctionalChoice_on hold for finite A?
[Thu Nov 17 01:05:13 2016] <Ptival> jrw: according to gmalecha, I should not use equality and instead write a discriminating function
[Thu Nov 17 02:03:58 2016] <tomjack> ok, I am thinking AC probably does hold for finite sets, but trying to derive it has been difficult for me (Coq newbie): http://lpaste.net/1637040481521106944
[Thu Nov 17 02:04:16 2016] <tomjack> I admitted computation rules for fin_case from https://homes.cs.washington.edu/~jrw12/dep-destruct.html :(
[Thu Nov 17 02:23:26 2016] <Cypi> jrw: if there is a "block" remaining and the Qed doesn't go through, I believe it's a bug. If you wouldn't mind reporting it, that would be nice :)
[Thu Nov 17 02:24:19 2016] <Cypi> (I mean, if a "block" appears in the context at some point it's a bug, or if the Qed doesn't go through it's a bug too)
[Thu Nov 17 02:28:53 2016] <Cypi> tomjack: the first step is to replace the two previous "Qed" by "Defined"
[Thu Nov 17 02:29:16 2016] <Cypi> then you'll discover the joy of working with equalities
[Thu Nov 17 02:29:53 2016] <Cypi> at some point you'll need to prove stuff like Eqdep_dec.eq_rect_eq_dec PeanoNat.Nat.eq_dec Fin F0 eq_refl = eq_refl, which is provable
[Thu Nov 17 02:30:04 2016] <Cypi> sadly I don't have time right now to give a hint or something :s
[Thu Nov 17 02:33:08 2016] <tomjack> thanks! no problem :)
[Thu Nov 17 02:34:00 2016] <tomjack> I had hoped that fin_case could be avoided but didn't know it would cause this much ..joy
[Thu Nov 17 03:17:58 2016] <tomjack> it seems much easier with Fin defined as a Fixpoint with sum unit
[Thu Nov 17 12:16:16 2016] <Cypi> tomjack : alright, see http://lpaste.net/8088061667688054784 for an axiom-less proof
[Thu Nov 17 12:16:30 2016] <Cypi> it's not veeery pretty I would say, though
[Thu Nov 17 12:23:32 2016] <Cypi> (It's still sort of in beta, but there is a plugin called Equations that actually perform this kind of stuff way better in most cases. In this case, the proof could be this: http://lpaste.net/1501733622829285376 (notice the "depelim x", which is similar to "dependent destruct x", but can be configured not to use heterogeneous equality))
[Thu Nov 17 12:29:08 2016] <tomjack> ah, wow, thank you! I will try to understand that :). I ended up abandoning the Inductive Fin: http://lpaste.net/3292157475368730624
[Thu Nov 17 17:17:41 2016] <osa1> when working with tactics how do I introduce a stream like `Let inf_str := Cons x inf_str` ?
[Thu Nov 17 17:22:40 2016] <osa1> nvm, I used a CoFixpoint definition
[Thu Nov 17 17:22:50 2016] <osa1> and then `pose proof mk_inf_str x as inf_str.`
[Thu Nov 17 17:25:26 2016] <Cypi> "let inf_str := constr:(cofix str : Stream A := Cons A x str) in idtac inf_str." to do it inline
[Thu Nov 17 17:25:34 2016] <Cypi> (the point is the cofix construction)
[Fri Nov 18 00:10:10 2016] <keep_learning> Hello everyone
[Fri Nov 18 00:10:21 2016] <keep_learning> https://gist.github.com/mukeshtiwari/191e94a9f4b4a8ff800341df3c99acb6
[Fri Nov 18 00:10:32 2016] <keep_learning> Why omega is not able to solve this goal
[Sat Nov 19 06:03:39 2016] <pete_8> Hi, does coq support "parametric types", and if so: how do i use it? Eg. how do i define "map", "fold" and other common operators to work on lists?
[Sat Nov 19 06:23:18 2016] <Cypi> pete_8: Fixpoint map (A B : Type) (f : A -> B) (l : list A) : list B := match l with | nil => nil | cons x l' => cons (f x) (map A B f l') end
[Sat Nov 19 06:23:26 2016] <Cypi> this kind of things
[Sat Nov 19 06:23:56 2016] <Cypi> See the https://www.cis.upenn.edu/~bcpierce/sf/current/Poly.html chapter of Software Foundations for more
[Sat Nov 19 06:26:48 2016] <pete_8> Aha, thanks a bunch!
[Sat Nov 19 12:12:58 2016] <zfm> I've got "H : ~ ~ ((a -> b) \/ a) /\ ~ ((b -> a) \/ b)" as an assumption. How can I reduce the double negation?
[Sat Nov 19 12:13:37 2016] <zfm> I tried "assert (((a -> b) \/ a) /\ ~ ((b -> a) \/ b)) as C; apply NNPP; exact H", but that gives me an error saying that their types are not equal. The latter one has more parentheses.
[Sat Nov 19 12:13:44 2016] <zfm> Shouldn't they be ignored anyway?
[Sat Nov 19 12:15:48 2016] <rrika> what's NNPP?
[Sat Nov 19 12:16:08 2016] <modulus> maybe stupid comment but you can't generally eliminate double negation, but if it is decidable you can.
[Sat Nov 19 12:16:37 2016] <zfm> That's the elimination of negation.
[Sat Nov 19 12:16:51 2016] <zfm> I use classical logic, so A or ~A.
[Sat Nov 19 12:16:57 2016] <modulus> ahh.
[Sat Nov 19 12:17:52 2016] <zfm> I thought using "Require Import Classical_Prop." is sufficient for this property to appear.
[Sat Nov 19 12:18:22 2016] <modulus> i've not done uch with classical logic in coq so can't say.
[Sat Nov 19 12:18:30 2016] <rrika> zfm, use "unfold not in *." to see the problem better
[Sat Nov 19 12:19:09 2016] <rrika> the double neg is in the left branch of /\ but you're applying it to the whole thing
[Sat Nov 19 12:19:30 2016] <zfm> Where exactly should I put unfold not in *.?
[Sat Nov 19 12:19:39 2016] <zfm> "unfold not in *." after the Require above gives me a syntax error
[Sat Nov 19 12:19:45 2016] <rrika> apply NNPP.
[Sat Nov 19 12:19:52 2016] <zfm> ah never mind in the proof section
[Sat Nov 19 12:20:03 2016] <rrika> I split up your assert/apply/exact into three tactics with "."
[Sat Nov 19 12:23:08 2016] <zfm> Ah thanks
[Sat Nov 19 12:23:25 2016] <rrika> I was going to try "replace (~ ~ ((a -> b) \/ a)) with ((a -> b) \/ a) in H."
[Sat Nov 19 12:23:31 2016] <rrika> but that requires a slightly different axiom
[Sat Nov 19 12:23:38 2016] <rrika> not ~~P→P but ~~P=P
[Sat Nov 19 12:23:42 2016] <rrika> so probably not a good way
[Sat Nov 19 12:23:56 2016] <zfm> But now I've got a related problem. "H0 : ~ ~ ((a -> b) \/ a). assert ((a->b) \/ a) as C. exact H0." also gives me a type error
[Sat Nov 19 12:24:00 2016] <zfm> where H0 is now another assumption
[Sat Nov 19 12:25:05 2016] <zfm> Actually I am supposed to hand in a Fitch proof, which I try to check in Coq.
[Sat Nov 19 12:25:14 2016] <rrika> you need to do "apply NNPP" before doing exact H0.
[Sat Nov 19 12:26:07 2016] <zfm> Ah works! Thanks
[Sat Nov 19 19:18:01 2016] <benzrf> is there a notion of, like
[Sat Nov 19 19:19:03 2016] <benzrf> if there's a theorem, and you can write a program that fulfills the theorem, but you can only prove classically that the program will definitely halt
[Sat Nov 19 19:19:17 2016] <benzrf> so it's not actually "constructively provable"
[Sat Nov 19 19:23:06 2016] <rrika> I read that as "is there a notation of like" so I thought:
[Sat Nov 19 19:23:07 2016] <rrika> Notation "A ♥ B" := (like A B) (at level 36, left associativity).
[Sat Nov 19 19:23:32 2016] <benzrf> hah
[Sat Nov 19 19:23:41 2016] <benzrf> why 36 :)
[Sat Nov 19 19:23:54 2016] <rrika> between unary minus and multiplication
[Sat Nov 19 19:24:01 2016] <rrika> because love binds even stronger than multiplication
[Sat Nov 19 19:24:03 2016] <rrika> obv
[Sat Nov 19 19:24:43 2016] <rrika> as for the constructively provable thing
[Sat Nov 19 19:24:49 2016] <rrika> there's "Print Assumptions x." to list axioms IIRC
[Sat Nov 19 19:25:02 2016] <rrika> so you can manually check if something used classical logic
[Sat Nov 19 19:26:38 2016] <rrika> But a proof that something can't be proven without a certain axiom… I don't know if you can do it within coq.
[Sat Nov 19 19:29:42 2016] <rrika> That is, without reasoning over coq asts instead of using the native objects.
[Sat Nov 19 19:29:53 2016] <rrika> Someone more knowledgeable than me answer this.
[Sat Nov 19 19:31:16 2016] <rrika> benzrf, though, if you have a program, aren't you dealing with types with decidable equality most of the time anyway?
[Sat Nov 19 19:31:33 2016] <benzrf> i dont see how thats relevant.?
[Sat Nov 19 19:31:54 2016] <rrika> maybe I misunderstand
[Sat Nov 19 19:32:54 2016] <rrika> I'm curious about the specific thing that is only classically provable.
[Sat Nov 19 19:40:01 2016] <benzrf> the fact that the algo in question halts
[Sat Nov 19 19:40:29 2016] <benzrf> like - in an inconsistent version of CoC with unbounded recursion -
[Sat Nov 19 19:40:47 2016] <benzrf> i can prove proposition X, but in particular, i can classically prove that my proof always does halt
[Sat Nov 19 19:40:57 2016] <benzrf> then maybe i can't take that proof and bring it back to normal CoC, even though it always halts
[Sat Nov 19 19:41:05 2016] <benzrf> because i can't intuitionistically prove that it will halt
[Sat Nov 19 19:44:45 2016] <tomjack> maybe you have some relation on which you'd like to do well-founded induction, but you cannot constructively prove that the relation is well-founded? so you can postulate or hypothesize its well-foundedness or enough classical axioms to prove its well-foundedness
[Sat Nov 19 19:49:29 2016] <rrika> Axiom eq_wf : well_founded (@eq nat).
[Sat Nov 19 19:49:29 2016] <rrika> Definition this_hangs_coq := @Fix nat eq eq_wf (fun a => nat) (fun (x:nat) (rec : forall (y:nat), R y x -> nat) => (S (rec x (CR x x))) 0.
[Sat Nov 19 19:54:33 2016] <tomjack> hmm, yes, the program will not run even if the relation really is well-founded?
[Sat Nov 19 23:09:49 2016] <benzrf> fwiw, i ask because i read about bar induction
[Sat Nov 19 23:10:33 2016] <benzrf> i tried writing down the types in Idris and implementing them, and figured out that i can write something which will necessarily terminate but which im not sure i can prove termiantes
[Sat Nov 19 23:10:38 2016] <benzrf> without proof by contradiction
[Sun Nov 20 07:59:43 2016] <pete_8> Notation "x |> f" := (apply f x) (at level 50, left associativity).
[Sun Nov 20 07:59:49 2016] <pete_8> Definition a := s1 |> f |> map g |> h.
[Sun Nov 20 07:59:56 2016] <pete_8> This works, but why?
[Sun Nov 20 08:00:06 2016] <pete_8> For example, naively starting to place parenthesis I could end up with:
[Sun Nov 20 08:00:13 2016] <pete_8> ((s1 |> f) |> map) g |> h
[Sun Nov 20 08:00:37 2016] <pete_8> Which is wrong. What am I not getting?
[Sun Nov 20 08:00:54 2016] <Cypi> Why is it wrong?
[Sun Nov 20 08:01:19 2016] <pete_8> g is the first argument to map, the thing coming from the pipe is the second
[Sun Nov 20 08:01:22 2016] <Cypi> oh, nevermind, I missed the "map g" thing
[Sun Nov 20 08:01:35 2016] <Cypi> Probably that simple application has a higer priority
[Sun Nov 20 08:01:55 2016] <Cypi> So you get (map g) first and then it's easy
[Sun Nov 20 08:03:56 2016] <pete_8> Aha, seems plausible.
[Sun Nov 20 08:08:32 2016] <pete_8> Is there some way to find out for sure? I did not manage to make Google answer this... Perhaps you have some keywords or document name that could help? :)
[Sun Nov 20 08:09:38 2016] <Cypi> not especially, sorry :/
[Sun Nov 20 08:10:10 2016] <pete_8> np, just found a list :)
[Mon Nov 21 00:50:20 2016] <petercommand> how to prove "(if Z_lt_dec i 0 then Vundef else y) = y" with the assumption "H : i >= 0"?
[Mon Nov 21 00:50:47 2016] <petercommand> I tried using elim H, but it doesn't seem to be the correct way of doing it
[Mon Nov 21 00:52:08 2016] <petercommand> with "unfold Z_le_dec. elim H.", I get a new goal "(i ?= 0) = Lt"
[Mon Nov 21 00:53:41 2016] <petercommand> hmm...shouldn't use elim
[Mon Nov 21 00:54:28 2016] <petercommand> any ideas on this?
[Mon Nov 21 00:55:42 2016] <Cypi> petercommand: "destruct (Z_lt_dec i 0)", and then you'll get one branch which is trivial, and the other which contains a contradiction
[Mon Nov 21 00:58:00 2016] <petercommand> Cypi: oh..I see
[Mon Nov 21 00:59:52 2016] <petercommand> How do I apply the absurd pattern?
[Mon Nov 21 01:01:35 2016] <Cypi> you could do "absurd (i < 0)%Z"
[Mon Nov 21 01:02:00 2016] <petercommand> what does the %Z mean?
[Mon Nov 21 01:02:18 2016] <Cypi> "parse this expression in the Z scope", you may not need it in your case
[Mon Nov 21 01:02:26 2016] <Cypi> so juste "absurd (i < 0)"
[Mon Nov 21 01:02:29 2016] <petercommand> ok
[Mon Nov 21 01:03:11 2016] <Cypi> not that you have in your context two hypotheses H1 and H2 such that "H1 : P" and "H2 : ~ P", literally. So you can just use the tactic "contradiction", it will figure out what the contradiction is.
[Mon Nov 21 01:03:15 2016] <Cypi> note*
[Mon Nov 21 01:04:50 2016] <petercommand> hoew does it know that ~ (i >= 0) is (i < 0) ?
[Mon Nov 21 01:05:26 2016] <petercommand> I assume it is some sort of search database?
[Mon Nov 21 01:05:44 2016] <Cypi> This is just the definitions Z.ge and Z.lt
[Mon Nov 21 01:06:18 2016] <Cypi> "Z.ge x y" is "(x ?= y) <> Lt", while "Z.lt x y" is "(x ?= y) = Lt"
[Mon Nov 21 01:07:04 2016] <petercommand> oh, I see
[Mon Nov 21 01:08:52 2016] <petercommand> thanks!
[Mon Nov 21 03:42:15 2016] <olivierverdier> roconnor__: isn't the Feit-Thompson link wrong?
[Mon Nov 21 07:19:27 2016] <schoppenhauer> hi. is there a possibility to define algorithms that have "undefined behavior" if something occurs, and then proving afterwards that these cases will never occur?
[Mon Nov 21 07:20:17 2016] <schoppenhauer> for example, if I have formalized arrays and do not want to do a bounds check because I can prove that my access is in-bounds, but I do want to prove this afterwards rather than directly in the function definition, how can I do that?
[Mon Nov 21 07:21:46 2016] <modulus> you could use a function that returns undefined for out of bounds and show that it won't happen.
[Mon Nov 21 07:21:56 2016] <modulus> or an option etc.
[Mon Nov 21 07:22:14 2016] <schoppenhauer> modulus: but then that function would have to check whether it is in-bounds
[Mon Nov 21 07:22:32 2016] <schoppenhauer> and the function calling it could check whether it returns "undefined"
[Mon Nov 21 07:25:11 2016] <Cypi> I guess it depends how you formalized your arrays, and so on your specific example
[Mon Nov 21 07:25:33 2016] <Cypi> sometimes it just does not make sense to have an "undefined behavior" easily
[Mon Nov 21 07:26:10 2016] <schoppenhauer> Cypi: normally I just have some "n < size a" argument. is it possible to define a function with a placeholder at this point, saying "I will prove that later"? I know refine can do something similar, but refine is part of the function definition.
[Mon Nov 21 07:27:07 2016] <Cypi> "prove that later": do you mean that in a proof-writing sense, or an algorithmic sense? For the latter, you could hoist the "n < size a" argument further up
[Mon Nov 21 07:27:25 2016] <schoppenhauer> hoist?
[Mon Nov 21 07:27:48 2016] <Cypi> I mean, if you need to provide a "n < size a" proof, you can place here some hypothesis H that your function being defined also takes as an argument
[Mon Nov 21 07:28:21 2016] <Cypi> but if you meant in a proof-writing sense, you could use Program for instance: it will generate an obligation that you will have to prove later
[Mon Nov 21 07:28:37 2016] <Cypi> (but you do need to prove it to be able to define the function fully, still)
[Mon Nov 21 07:28:43 2016] <Cypi> (I don't think there is a way around that)
[Mon Nov 21 07:30:07 2016] <schoppenhauer> ok
[Mon Nov 21 09:35:19 2016] <schoppenhauer> hm. somehow my definition makes coq compute a lot. I defined a Program Fixpoint with a nontrivial measure. I am pretty sure it will not automatically find a proof. Is it possible to tell it not to search for it (I guess this is what it tries to do) but just drop an obligation?
[Mon Nov 21 09:40:27 2016] <schoppenhauer> Local Obligation Tactic := idtac.
[Mon Nov 21 09:40:30 2016] <schoppenhauer> worked
[Mon Nov 21 09:51:48 2016] <schoppenhauer> hm.
[Mon Nov 21 09:51:56 2016] <schoppenhauer> why do I have to prove that lt is well_founded?
[Mon Nov 21 09:52:55 2016] <Cypi> The usual way of defining a recursive functions based on a measure is to say 1) The measure decreases at each recursive call and 2) It is well-founded
[Mon Nov 21 09:53:13 2016] <Cypi> if you do not have 2), you might have infinite decreasing chains in your measure
[Mon Nov 21 09:53:40 2016] <Cypi> (but if it is indeed a measure, so going in nat, this should not be a problem)
[Mon Nov 21 10:02:00 2016] <schoppenhauer> Cypi: it is a funktion list → nat
[Mon Nov 21 10:02:20 2016] <schoppenhauer> Cypi: and for some reason, coq wants me to prove that lt with my function applied is well-founded
[Mon Nov 21 10:03:40 2016] <schoppenhauer> not sure why this does not follow from wf_lt
[Mon Nov 21 10:03:46 2016] <schoppenhauer> but apparently it doesn't.
[Mon Nov 21 10:03:48 2016] <schoppenhauer> or so
[Mon Nov 21 10:03:57 2016] <Cypi> It does. If you used MR to apply your function, there is the lemma measure_wf that proves it
[Mon Nov 21 10:05:19 2016] <Cypi> (it's in Program.Wf)
[Mon Nov 21 10:06:39 2016] <schoppenhauer> ok, seems to work.
[Mon Nov 21 10:06:52 2016] <schoppenhauer> but somehow the thing I defined really makes coq crunch.
[Mon Nov 21 10:12:16 2016] <schoppenhauer> "Defined." hangs
[Mon Nov 21 10:12:35 2016] <Cypi> hmm, strange... Any way to provide some code, or is it too involved?
[Mon Nov 21 10:13:15 2016] <schoppenhauer> I'll try
[Mon Nov 21 10:17:16 2016] <schoppenhauer> Cypi: http://lpaste.net/7461210550886727680
[Mon Nov 21 10:17:48 2016] <Cypi> Oh, I see
[Mon Nov 21 10:18:18 2016] <schoppenhauer> what do you see?
[Mon Nov 21 10:18:21 2016] <Cypi> I'm pretty sure omega generates huge terms every time, and since everything is transparent
[Mon Nov 21 10:18:35 2016] <Cypi> the final term is possibly quite huge
[Mon Nov 21 10:18:46 2016] <schoppenhauer> I used Qed.
[Mon Nov 21 10:18:48 2016] <schoppenhauer> it was the same.
[Mon Nov 21 10:19:22 2016] <schoppenhauer> the last one warns me that "Error: Obligation should be transparent but was declared opaque."
[Mon Nov 21 10:19:27 2016] <Cypi> you're right. (also, just writing "abstract omega" generates a universe inconsistency error, not sure if it's related...)
[Mon Nov 21 10:20:11 2016] <schoppenhauer> it doesnt generate one for me …
[Mon Nov 21 10:20:14 2016] <schoppenhauer> but defined still hangs
[Mon Nov 21 10:20:42 2016] <schoppenhauer> I don't *need* omega at this point, the inequalities are trivial
[Mon Nov 21 10:20:46 2016] <schoppenhauer> but it is handy
[Mon Nov 21 10:21:44 2016] <Cypi> It's probably not related anyway since it hangs even with Qed
[Mon Nov 21 10:21:50 2016] <schoppenhauer> yes
[Mon Nov 21 10:22:20 2016] <schoppenhauer> hm. any suggestions?
[Mon Nov 21 10:22:26 2016] <schoppenhauer> or should I ask the mailinglist maybe?
[Mon Nov 21 10:22:31 2016] <schoppenhauer> ah, I'll try the git version of coq first
[Mon Nov 21 10:23:35 2016] <Cypi> I'm trying to tweak it to see if I can make go through a slightly different definition
[Mon Nov 21 10:23:51 2016] <Cypi> (but if you want to fetch some more help, don't hesitate, there is no guarantee I'll be able to do it :) )
[Mon Nov 21 10:25:09 2016] <schoppenhauer> I'll wait for you first
[Mon Nov 21 10:33:14 2016] <Cypi> I would blame Program...
[Mon Nov 21 10:33:42 2016] <Cypi> http://lpaste.net/1981498748445917184 here is a Program-free version
[Mon Nov 21 10:33:48 2016] <Cypi> using instead refine and Fix
[Mon Nov 21 10:34:13 2016] <Cypi> (and MR to define a relation on SequenceWIthBackRefs)
[Mon Nov 21 10:35:09 2016] <Cypi> It may be still worth posting the version with Program somewhere, since it looks like a bug
[Mon Nov 21 10:37:36 2016] <schoppenhauer> hm. yes, especially my definition looks more readable. but I first try it in the current git version
[Mon Nov 21 10:37:53 2016] <schoppenhauer> (which currently compiles)
[Mon Nov 21 10:40:09 2016] <Cypi> Oh, strange. Just doing "simpl" right at the start of the last obligation seems to hang
[Mon Nov 21 10:40:35 2016] <schoppenhauer> yes.
[Mon Nov 21 10:40:44 2016] <schoppenhauer> even "unfold MR" takes ages.
[Mon Nov 21 10:40:48 2016] <schoppenhauer> but terminates.
[Mon Nov 21 10:42:05 2016] <Cypi> Looks like the goal is just huge because of the sheer number of arguments it puts in this nested telescope
[Mon Nov 21 10:42:12 2016] <Cypi> (even though it only needs one)
[Mon Nov 21 10:42:37 2016] <Cypi> [you can display implicit arguments and even disable notations to see how big this type is]
[Mon Nov 21 10:43:49 2016] <schoppenhauer> but why does it?
[Mon Nov 21 10:44:32 2016] <schoppenhauer> l does not depend on them
[Mon Nov 21 10:45:04 2016] <schoppenhauer> neither do the other variables there
[Mon Nov 21 10:46:35 2016] <Cypi> I agree...
[Mon Nov 21 10:47:06 2016] <schoppenhauer> I'll ask the mailinglist.
[Mon Nov 21 10:51:13 2016] <Cypi> Reading the code, looks like there was no effort made to select a subset of the arguments, indeed :o
[Mon Nov 21 10:51:18 2016] <Cypi> (or I misunderstand the code)
[Mon Nov 21 10:57:19 2016] <modulus> what is smurf naming?
[Mon Nov 21 10:59:17 2016] <schoppenhauer> instead of using some namespace (or even though), prefixing every name with smurf_ and the like
[Mon Nov 21 10:59:36 2016] <schoppenhauer> it's a common antipattern
[Mon Nov 21 10:59:47 2016] <modulus> ahhh
[Tue Nov 22 02:22:42 2016] <nathann> im an undergraduate student studying mathematics, and i want to learn about automated theorem proving and proof assistants
[Tue Nov 22 02:22:50 2016] <nathann> basically i read this article: https://en.wikipedia.org/wiki/QED_manifesto
[Tue Nov 22 02:22:53 2016] <nathann> and it looked cool
[Tue Nov 22 02:23:01 2016] <nathann> but i have no experience at all in cs
[Tue Nov 22 02:23:17 2016] <nathann> where do i start?
[Tue Nov 22 02:25:27 2016] <kadoban> nathann: I've been very slowly working my way through https://www.cis.upenn.edu/~bcpierce/sf/current/index.html and it seems quite interesting
[Tue Nov 22 02:26:24 2016] <nathann> looking over it i think i should probably go back and read a book on mathematical logic
[Tue Nov 22 02:27:06 2016] <nathann> thx i bookmarked it
[Tue Nov 22 02:28:29 2016] <kadoban> I personally wouldn't think you have to know too much. I'm absolute shit at math and I haven't yet gotten into too bad of a corner.
[Tue Nov 22 02:30:57 2016] <nathann> alright
[Tue Nov 22 05:34:14 2016] <schoppenhauer> hm. I have two versions of coq. one insists on an argument to Vector.nil (a type argument), the other one does not accept this argument. what can I do?
[Tue Nov 22 05:34:21 2016] <schoppenhauer> I use a notation "Vnil" for Vector.nil
[Tue Nov 22 05:34:30 2016] <schoppenhauer> can I somehow overload this notation depending on the version?
[Tue Nov 22 05:37:38 2016] <aspiwack[m]> schoppenhauer: if the problem shows up in patterns, you have three choices: either fiddle with the `Asymetric Patterns` option, make sure that the first argument of `Vector.nil` is implicit (using the `Argument` command), or define `Notation Vnil := (@Vector.nil _)`. If it shows up in expressions as well, only the latter two choices are available.
[Tue Nov 22 05:40:19 2016] <schoppenhauer> aspiwack[m]: Hm. I tried Notation Vnil A := (@Vector.nil A), is this correct too?
[Tue Nov 22 05:40:22 2016] <schoppenhauer> ah, apparently not
[Tue Nov 22 05:40:50 2016] <aspiwack[m]> That would be `Notation Vnil := (@Vector.nil)`.
[Tue Nov 22 05:41:26 2016] <schoppenhauer> ah ok
[Tue Nov 22 05:41:27 2016] <aspiwack[m]> Or you could define Vnil as a token, and do `Notation "'Vnil' A" := (@Vector.nil A)`, but I would not advise it.
[Tue Nov 22 05:41:34 2016] <schoppenhauer> yes
[Tue Nov 22 09:08:59 2016] <notdan> Hi
[Tue Nov 22 09:09:12 2016] <notdan> Is there a way to print currently available/visible instances?
[Tue Nov 22 16:34:42 2016] <benzrf> im thinkin maybe next year ill work thru cpdt for credit~
[Tue Nov 22 16:38:16 2016] <johnw> benzrf: good idea
[Tue Nov 22 16:39:39 2016] <benzrf> but i never got that far in software foundations >w>
[Tue Nov 22 16:39:46 2016] <benzrf> does sf work with latest coq
[Tue Nov 22 16:40:09 2016] <modulus> mostly yes
[Tue Nov 22 16:40:29 2016] <benzrf> cool
[Tue Nov 22 16:40:48 2016] <modulus> only issue i have noticed is some modules may conflict with coq theories, like lists and basics.
[Tue Nov 22 16:40:59 2016] <modulus> personally i renamed them just in case.
[Tue Nov 22 17:17:17 2016] <Ptival> is there a way to start using a notation within a section, but also have it survive the end of the section?
[Tue Nov 22 17:18:45 2016] <jrw> Ptival: not that I know of. I always repeat myself when I want to do that.
[Tue Nov 22 17:20:10 2016] <Ptival> jrw: so do you rather (close section, define notation, open similar section) or (define notation, finish section, define similar global notation)?
[Tue Nov 22 17:20:48 2016] <jrw> well honestly what I usually do is decide I don't *really* need the notation inside the section, so I just go without it and define it after ending the section.
[Tue Nov 22 17:20:59 2016] <jrw> if I do feel like I really need it, then I just define it twice
[Tue Nov 22 17:21:14 2016] <Ptival> hehe
[Tue Nov 22 17:21:17 2016] <Ptival> thought about it
[Tue Nov 22 17:21:29 2016] <Ptival> but all those theorems will look so sad without the notation :(
[Tue Nov 22 17:21:51 2016] <jrw> well they'll only look sad in the source, they'll look nice in the output of search about if you have the notation in scope
[Tue Nov 22 17:22:40 2016] <jrw> btw did you figure out that extensible records thing you were working on a while back?
[Tue Nov 22 17:23:27 2016] <jrw> I stopped working on it after I realized there was a bug in coq... (I subitted it and it turned out to be universe related; matthieu fixed it)
[Tue Nov 22 17:55:09 2016] <Ptival> cool, yeah I fixed it, but using Program
[Tue Nov 22 17:55:54 2016] <Ptival> jrw: https://github.com/dricketts/dL/blob/ext-records/theories/RecordsFacts.v#L42-L56 I think it was this one?
[Tue Nov 22 17:59:17 2016] <jrw> nice
[Tue Nov 22 17:59:27 2016] <jrw> is the member_to_pos thing essential?
[Tue Nov 22 17:59:46 2016] <jrw> or does the same proof work without it?
[Tue Nov 22 18:03:58 2016] <gancherj> Hi all, does anybody know if it is possible to automate proofs of decidable equality? The proof length (as I'm writing it right now) of eqb x y = true <-> x = y is basically quadratic in the number of constructors of the inductive type.
[Tue Nov 22 18:06:22 2016] <roboguy`> gancherj: does "decide equality" work?
[Tue Nov 22 18:06:31 2016] <roboguy`> (how's that for automation, if it does!)
[Tue Nov 22 18:08:07 2016] <gancherj> ..it did! :)
[Tue Nov 22 18:08:39 2016] <gancherj> thanks, I knew it would be obvious
[Tue Nov 22 18:16:38 2016] <Ptival> jrw: the member_to_pos helps get rid of some dependent type constraints, not sure if necessary but it definitely simplifies things
[Tue Nov 22 18:17:18 2016] <Ptival> as opposed to writing (diff: pmr <> pmw) and then have a weird heterogeneous equality when you start destructing either pmr or pmw
[Tue Nov 22 18:17:36 2016] <Ptival> it might be necessary actually
[Tue Nov 22 18:18:05 2016] <Ptival> you need some sort of hypothesis like pmr <> pmw, but that will allow their type to change
[Tue Nov 22 18:18:32 2016] <Ptival> unless you can dependent destruct the equality?
[Tue Nov 22 18:19:03 2016] <Ptival> nah nvm
[Tue Nov 22 18:22:35 2016] <jrw> iirc I got the proof to work with `pmr <> pmw` modulo coq universe bugs
[Thu Nov 24 13:06:22 2016] <pete_8> What is a good way to do this:
[Thu Nov 24 13:06:28 2016] <pete_8> match (p, s) with
[Thu Nov 24 13:06:36 2016] <pete_8> | (String h p', String h s')
[Thu Nov 24 13:07:28 2016] <pete_8> I get "Error: The variable h is bound several times in pattern."
[Thu Nov 24 13:10:29 2016] <modulus> do you need the value of h?
[Thu Nov 24 13:10:51 2016] <pete_8> yes
[Thu Nov 24 13:12:11 2016] <modulus> seems a bit annoying but maybe you could match on p first, then on s.
[Thu Nov 24 13:13:01 2016] <pete_8> yes, I can do that.
[Thu Nov 24 13:13:16 2016] <pete_8> but was hoping for a "nicer" solution :)
[Thu Nov 24 13:13:55 2016] <modulus> is it a constraint that h for p and h for s are the same, or do you know already that they will be same?
[Thu Nov 24 13:14:08 2016] <modulus> if you know that they will be same you could use _ on the second slot
[Thu Nov 24 13:14:13 2016] <modulus> otherwise no idea
[Thu Nov 24 13:16:06 2016] <pete_8> yes, it is a constraint
[Thu Nov 24 13:19:04 2016] <pete_8> Hmm, it seems I can't match one one and then the other either ...
[Thu Nov 24 13:19:43 2016] <pete_8> If I do "match p with | String h pt => match s with | EmptyString => ... | String h st => ... | _ => ..."
[Thu Nov 24 13:19:58 2016] <pete_8> I get the error "Error: This clause is redundant."
[Thu Nov 24 13:20:08 2016] <pete_8> So it appears the "second h" is considered a fresh variable?
[Thu Nov 24 13:20:25 2016] <Cypi> You need some kind of decidable equality on h, and then do something like: match (p, s) with (String h1 p', h2 s') -> if eq_dec h1 h2 then ... else ... end
[Thu Nov 24 13:21:15 2016] <modulus> yeah it shadows
[Thu Nov 24 13:21:27 2016] <pete_8> aha, ok
[Thu Nov 24 13:21:32 2016] <modulus> right, the issue is you're hiding an equality comparison in there
[Thu Nov 24 13:22:07 2016] <pete_8> thanks both of you!
[Sat Nov 26 18:17:08 2016] <noze> is it possible to (locally) deactivate all/some coercions?
[Tue Nov 29 19:00:25 2016] <benzrf> are there any nonstandard models of peano arith that you can constructively define, e.g. in vanilla coq
[Thu Dec  1 18:46:16 2016] <CrawfordC> Is there a coq bot?
[Fri Dec  2 17:32:27 2016] <johnw> I guess it hasn't been proven to exist?
[Fri Dec  2 17:40:59 2016] <hodapp> johnw: *slow clap*
[Fri Dec  2 18:08:53 2016] <johnw> hodapp: now when I see your name, I wonder if it means "hold the app"
[Fri Dec  2 18:12:50 2016] <hodapp> don't remind me of one of the sorrier deaths in 2016 :(
[Sun Dec  4 22:22:58 2016] <keep_learning> johnw: Hi John
[Sun Dec  4 22:23:14 2016] <keep_learning> Which version of Coq you are using
[Sun Dec  4 22:23:16 2016] <keep_learning> https://gist.github.com/jwiegley/80b39aefca77e7d28da14e389f0f9958
[Sun Dec  4 22:24:12 2016] <keep_learning> I am  using Welcome to Coq 8.5pl2 (July 2016), and when trying your solution
[Sun Dec  4 22:24:18 2016] <keep_learning> it is not accepted
[Sun Dec  4 22:49:42 2016] <Cypi> Hmm, it works here, with a Coq8.5pl2 from October 2016
[Sun Dec  4 22:49:51 2016] <Cypi> (so basically pl2 with a few added patches which shouldn't matter)
[Sun Dec  4 22:50:28 2016] <Cypi> Could you detail a little bit more what fails? Replace the "congruence" with "try congruence" and see what goals are left
[Sun Dec  4 23:09:07 2016] <keep_learning> Cypi: https://gist.github.com/mukeshtiwari/b063970860df57673aec1e366d27461b
[Sun Dec  4 23:10:42 2016] <Cypi> This is strange. Are you sure that you're doing "induction c; split; inversion H; inversion H0" right at the start, when the goal is "forall (c : com) (st st1 st2 : state) (s1 s2 : status), c / st || s1 / st1 -> c / st || s2 / st2 -> st1 = st2 /\ s1 = s2" ?
[Sun Dec  4 23:12:16 2016] <Cypi> Oh wait. Ahah, I see
[Sun Dec  4 23:12:25 2016] <keep_learning>  Theorem ceval_deterministic: forall (c:com) st st1 st2 s1 s2,      c / st \\ s1 / st1  ->      c / st \\ s2 / st2 ->      st1 = st2 /\ s1 = s2.
[Sun Dec  4 23:12:32 2016] <Cypi> Could you provide your definition of ceval? If we are not even working on the same definitions, that won't work :)
[Sun Dec  4 23:13:46 2016] <keep_learning> Cypi: https://gist.github.com/mukeshtiwari/b063970860df57673aec1e366d27461b
[Sun Dec  4 23:16:06 2016] <keep_learning> Cypi: I wrote it months back, so I don't remeber all the details.
[Sun Dec  4 23:16:44 2016] <keep_learning> But now I think that my definition of ceval is not correct
[Sun Dec  4 23:18:29 2016] <Cypi> What I'm trying currently: "induction c; split; try solve [inversion H; inversion H0; congruence]." and then dealing with the remaining goals
[Sun Dec  4 23:18:42 2016] <Cypi> I'll see if I encounter a problem that seems to be related to the definition :)
[Sun Dec  4 23:32:46 2016] <Cypi> ah right, I very vaguely remember this one...I actually had some problems with the WHILE case
[Sun Dec  4 23:34:55 2016] <keep_learning> Cypi: Yes
[Sun Dec  4 23:35:13 2016] <keep_learning> The WHILE case looks scary :)
[Sun Dec  4 23:35:43 2016] <Cypi> I remember finding a trick that made it natural, but I forgot the trick -.-
[Sun Dec  4 23:36:53 2016] <keep_learning> Cypi: May I see your code ?
[Sun Dec  4 23:37:24 2016] <Cypi> if only I still had it :D
[Sun Dec  4 23:38:13 2016] <keep_learning> Cypi: :)
[Mon Dec  5 00:03:59 2016] <Cypi> Ok, I somehow managed to prove it, but it's ugly...
[Mon Dec  5 00:04:38 2016] <keep_learning> Cypi: Something is better than nothing
[Mon Dec  5 00:04:52 2016] <Cypi> Let me rephrase it a tiny bit and I'll paste that.
[Mon Dec  5 00:17:06 2016] <Cypi> keep_learning : https://gist.github.com/cmangin/5fadf6e2754f767021cfbfb55a8d7276
[Mon Dec  5 00:17:12 2016] <Cypi> have fun with that...
[Mon Dec  5 00:20:26 2016] <keep_learning> Cypi: Thank you
[Mon Dec  5 01:04:51 2016] <keep_learning> Cypi: We need some kind of induction, because we don't know how many E_WhileLoopNormal steps were taken.
[Mon Dec  5 01:05:00 2016] <keep_learning> I think this is what I was missing
[Mon Dec  5 01:05:06 2016] <keep_learning> Thanks again
[Mon Dec  5 07:19:09 2016] <eternaleye> Is there a way to associate a proof requirement with a typeclass? As a trivial example, let's say I have `Class BinaryOp (F: Type) (T: Type) := { apply (f: F) (x: T) (y: T): T; }.` and I want to define a `Class AssociativeBinaryOp (F: Type) (T: Type) {BinaryOp F T} := { ... }.`, such that in order to implement `AssociativeBinaryOp F T`, you must prove that `forall f: F, forall x: T, forall y: T, apply f x y = apply f y x`
[Mon Dec  5 07:21:02 2016] <eternaleye> (If anyone's curious as to motivation, I'm wanting to play around with the idea of a generic CRDT combinators framework)
[Mon Dec  5 07:22:16 2016] <eternaleye> But of course, CRDTs require a merge function that is associative, commutative, and idempotent
[Mon Dec  5 08:24:57 2016] <Cypi> eternaleye: you can write basically exactly what you wanted. For instance: Class AssociativeBinaryOp (F: Type) (T: Type) `{BinaryOp F T} := { associative_ax (f : F) (x : T) (y : T) : apply f x y = apply f y x }.
[Mon Dec  5 08:25:21 2016] <Cypi> (notice the backtick in front of {BinaryOp F T}, it's just a way to say this is an implicit argument whose name we don't care about)
[Mon Dec  5 08:25:30 2016] <Cypi> (it's often use for typeclasses, precisely)
[Mon Dec  5 08:25:51 2016] <eternaleye> Cypi: Huh, in my experience, curly braces do that on their own?
[Mon Dec  5 08:27:00 2016] <Cypi> curly braces alone will treat the identifiants inside the braces as single variables
[Mon Dec  5 08:27:05 2016] <Cypi> which are deemed implicit
[Mon Dec  5 08:27:25 2016] <Cypi> so {BinaryOp F T} will actually declare 3 additionnal parameters
[Mon Dec  5 08:27:27 2016] <eternaleye> Also, the problem with framing it that way is that when I try to instantiate the typeclass (for a trivial instantiation where T = unit), and I bind associative_ax f x y := apply f x y = apply f y x, it complains that it expected something of type apply f x y = apply f y x, but got something of type Prop
[Mon Dec  5 08:27:40 2016] <eternaleye> Mm
[Mon Dec  5 08:27:43 2016] <Cypi> (it will fail somewhere along the road, but well, in this case, the error messages are not very useful)
[Mon Dec  5 08:28:46 2016] <Cypi> if you want to build an instance of this class, then you need to provide a proof of "apply f x y = apply f y x"
[Mon Dec  5 08:29:21 2016] <eternaleye> I suppose my problem is I've not yet worked with constructing proofs without the Theorem vernacular helping me
[Mon Dec  5 08:29:54 2016] <eternaleye> If I just close out the class, would it drop me into proof-editing mode for that?
[Mon Dec  5 08:30:08 2016] <Cypi> It can still help you, Instance can work just the same as Theorem
[Mon Dec  5 08:30:20 2016] <Cypi> just end the statement with a dot instead of the := to declare a term
[Mon Dec  5 08:30:36 2016] <eternaleye> Mm, cool.
[Mon Dec  5 08:30:57 2016] <eternaleye> What if the class has both function-like members and proof-like members? Can I specify only the former?
[Mon Dec  5 08:31:45 2016] <Cypi> Hmm, using Program, probably. Something like "Program Instance", then you go on and define the instance entirely, but whenever there are proof-like members, just write an underscore _
[Mon Dec  5 08:32:15 2016] <eternaleye> Mm, that sounds like a plan
[Mon Dec  5 08:32:15 2016] <Cypi> it will then generate obligations that you can prove one by one with "Next Obligation. (* your proof *) Qed." and so on
[Mon Dec  5 08:32:33 2016] <eternaleye> * might use that anyway, since I like the look of that syntax better
[Mon Dec  5 08:32:46 2016] <eternaleye> Makes it more explicit exactly what's being left out
[Mon Dec  5 08:33:41 2016] <Cypi> What is "BinaryOp F T" supposed to mean? I'm not sure I quite understand :o
[Mon Dec  5 08:36:18 2016] <eternaleye> Cypi: You'd use it like "apply Add 1 2" or "apply Sub 4 1"
[Mon Dec  5 08:36:33 2016] <eternaleye> Cypi: F is just to disambiguate multiple instances for the same T
[Mon Dec  5 08:36:57 2016] <eternaleye> I just use newtypes of unit
[Mon Dec  5 08:37:40 2016] <eternaleye> There's probably a more clever way, due to instances being named, but I'm not aware of it
[Mon Dec  5 08:38:01 2016] <Cypi> Ok, so it means that for any (f : F), there exists a function T -> T -> T basically, I see. You wanted to index your functions by some type. Ok :)
[Mon Dec  5 08:38:39 2016] <Cypi> AssociateBinaryOp would then mean that _all_ these functions are symmetric, right?
[Mon Dec  5 08:39:30 2016] <eternaleye> No, it'd mean that any BinaryOp F T that also implements AssociateBinaryOp F T is symmetric
[Mon Dec  5 08:40:15 2016] <eternaleye> If you want a function to only accept symmetric binary ops, for example, you'd specify a parameter of type "AssociateBinaryOp F T"
[Mon Dec  5 08:41:03 2016] <Cypi> Yeah, but to provide a "AssociateBinaryOp F T", wouldn't you have to prove that all the "apply f" functions are symmetric? For any (f : F) ?
[Mon Dec  5 08:41:41 2016] <eternaleye> I don't think so? Since F and T are already bound - you're instantiating AssociateBinaryOp for _concrete_ F and T
[Mon Dec  5 08:41:50 2016] <eternaleye> You just have to prove for all f, x, and y
[Mon Dec  5 08:42:30 2016] <Cypi> Yes, that's what I was meaning to say. So if you have "Add" and "Sub" in your F, as you were saying, you would have trouble
[Mon Dec  5 08:42:34 2016] <eternaleye> So I'd instantiate AssociateBinaryOp Add nat
[Mon Dec  5 08:42:46 2016] <eternaleye> Oh, yes
[Mon Dec  5 08:42:55 2016] <Cypi> Ah well no. You wrote "apply Add 1 2", so Add is of type F for some (F : Type)
[Mon Dec  5 08:43:00 2016] <eternaleye> Which is why I use distinct newtypes of unit for each
[Mon Dec  5 08:43:25 2016] <eternaleye> As I said, I'm sure there's a more elegant way, but...
[Mon Dec  5 08:43:42 2016] <eternaleye> For my uses, F is always a newtype of unit
[Mon Dec  5 08:44:04 2016] <Cypi> Oh well, ok, as long as it works
[Mon Dec  5 08:44:42 2016] <eternaleye> I'd love to know if there's a better way to 1.) define multiple instances with the same parameters and 2.) select which one to call functions from
[Mon Dec  5 08:45:05 2016] <eternaleye> As I'm currently just hacking it so that they have different parameters :P
[Mon Dec  5 08:46:13 2016] <eternaleye> Maybe I could do something with modules
[Mon Dec  5 09:52:53 2016] <eternaleye> Cypi: Aha! This works much better: http://ix.io/1KhS
[Wed Dec  7 10:59:21 2016] <benzrf> what are the limits of self-interpreters in consistent languages?
[Wed Dec  7 10:59:33 2016] <benzrf> consistent meaning, having a type system that acts as a consistent logic
[Wed Dec  7 10:59:59 2016] <benzrf> thinking of dependently typed languages in particular, where it makes sense to, e.g., have a function like "TypeRep -> Type" (obv not surjective)
[Fri Dec  9 11:34:07 2016] <mjacob> i have a more general question about type theory; i hope it's fine to ask here
[Fri Dec  9 11:34:26 2016] <mjacob> if i understood correctly, dependent sum types are generalizations of product types and dependent product types are generalizations of function types
[Fri Dec  9 11:34:32 2016] <mjacob> this seems unintuitive - i would have expected dependent product types to be generalizations of product types
[Fri Dec  9 11:34:35 2016] <mjacob> what am i missing?
[Fri Dec  9 12:41:45 2016] <Cypi> mjacob: you're not missing anything. The name of "product type" is rather unintuitive, as it is a special case of a dependent sigma (or sum) type
[Fri Dec  9 12:44:21 2016] <benzrf> mjacob: it's because it's a "dependent" product
[Fri Dec  9 12:44:56 2016] <benzrf> mjacob: like this: https://wikimedia.org/api/rest_v1/media/math/render/svg/cd6a5719f5cda293cd79836a3c90f59e7447557e
[Fri Dec  9 12:45:39 2016] <benzrf> a normal product is the same as an indexed sum where the terms are always the same no matter the index
[Fri Dec  9 12:45:51 2016] <benzrf> a normal exponent is the same as an indexed product where the terms are always the same no matter the index
[Fri Dec  9 12:46:10 2016] <benzrf> a dependent product is not a "product of the domain and codomain" - it's a product of all of the possible codomains together
[Fri Dec  9 12:50:52 2016] <mjacob> Cypi: so which name do you think is unintuitive - "product type" or "depedent product type"?
[Fri Dec  9 12:52:05 2016] <mjacob> benzrf: so you mean it's like "2 * 3 = Σ i from 1 to 2, 3"? (sorry for the bad notation, i hope you understand what i mean)
[Fri Dec  9 12:53:26 2016] <mjacob> well, that's basically exactly what you said ;)
[Fri Dec  9 12:53:31 2016] <benzrf> yup!
[Fri Dec  9 12:54:31 2016] <benzrf> "exists n : nat, int" <- this is "Σ_{n in nat}, int"
[Fri Dec  9 12:54:34 2016] <benzrf> a.k.a. nat * int
[Fri Dec  9 12:54:43 2016] <mjacob> thank you, that makes sense; and now i also understand why people use exponentials to express function types
[Fri Dec  9 12:54:47 2016] <benzrf> yup :)
[Fri Dec  9 13:11:47 2016] <Cypi> mjacob: "product type", but benzrf's explanation makes sense :)
[Tue Dec 13 04:22:46 2016] <JanBessai> I've formalized and proven something about F-Algebras for a functor F encoded as a record (basically equvialent to using nested sigT, dependent functions and vectors). Now I wonder how to present this correctly in "normal" pen and paper math. I can write down the Functor pretty easily as sums and products, but I'm not sure which category to put on it
[Tue Dec 13 04:24:29 2016] <JanBessai> I just care that sums and products are there and behave like coq types. Is it ok to just write everything happens in Set?
[Tue Dec 13 04:33:00 2016] <JanBessai> I know there is "Coq in Sets, Sets in Coq" and a follow up talk (http://www.lix.polytechnique.fr/Labo/Bruno.Barras/talks/model-cic-2011.pdf) from the author, Bruo Barras, explaining some ideas how to do CIC
[Tue Dec 13 04:33:15 2016] <JanBessai> *Bruno
[Tue Dec 13 04:45:02 2016] <JanBessai> Or can I even write something along the line of "fix some locally cartesian closed category C"? My proofs live in a module taking a carrier in Type as parameter.
[Tue Dec 13 06:33:07 2016] <stoopkid> "but I'm not sure which category to put on it" not sure what you mean; wouldn't it be the category induced by F-algebra homomorphisms?
[Tue Dec 13 06:34:02 2016] <stoopkid> @ JanBessai
[Tue Dec 13 06:42:22 2016] <JanBessai> @stoopkid: for the F-Algebra morphism "F" needs to be an endofunctor in some category C
[Tue Dec 13 06:42:31 2016] <JanBessai> and I'm wondering, what to say about C
[Tue Dec 13 06:45:10 2016] <stoopkid> hrm, what else do you need to say about it besides for that it's a category?
[Tue Dec 13 06:46:33 2016] <JanBessai> I also need sums and products to define F
[Tue Dec 13 06:49:13 2016] <stoopkid> ah is this for polynomial functors?
[Tue Dec 13 06:49:52 2016] <JanBessai> exactly
[Tue Dec 13 06:50:41 2016] <JanBessai> my problem is sort of similar to the issues with haskell. people just use "Hask" without ever saying what it is: http://math.andrej.com/2016/08/06/hask-is-not-a-category/
[Tue Dec 13 06:52:33 2016] <stoopkid> i've been working on the same thing in agda actually. i started by formalizing F-algebras for arbitrary functors and categories and now i'm aiming to handle polynomial functors as a special case
[Tue Dec 13 06:53:38 2016] <JanBessai> my stuff is just one special polynomial functor for term signatures with some bells and whistles
[Tue Dec 13 06:57:32 2016] <JanBessai> @stoopkid: how do you deal for example with extensionality?
[Tue Dec 13 06:57:45 2016] <JanBessai> are you using hot, setoids or something like that?
[Tue Dec 13 06:58:20 2016] <stoopkid> i hadn't run into it as an issue yet
[Tue Dec 13 06:58:28 2016] <stoopkid> where's it coming up?
[Tue Dec 13 06:59:25 2016] <JanBessai> to be a category, one needs (f compose g) compose h = f compose (g compose h), which usually requires functional extensionality
[Tue Dec 13 07:00:05 2016] <JanBessai> or f compose id = f
[Tue Dec 13 07:00:26 2016] <stoopkid> ah
[Tue Dec 13 07:01:58 2016] <stoopkid> i don't think function extensionality is necessary for this, but i've been running into the issue of possibly needing the K rule to prove that F-algebra homomorphisms satisfy the associativity and identity laws
[Tue Dec 13 07:02:30 2016] <stoopkid> because F-algebra homomorphisms keep track of a commuting diagram
[Tue Dec 13 07:03:58 2016] <stoopkid> i imagine it would be a similar situation in other cases too, so i've been thinking about how to weaken the definitions
[Tue Dec 13 07:08:16 2016] <stoopkid> but, for example, i was able to prove that each set-level in agda forms a category: http://pastebin.com/h7NkXabL
[Tue Dec 13 07:17:12 2016] <stoopkid> a couple ways i can think to approach the situation where the homomorphisms carry extra information like the commuting diagrams in F-algebra homomorphisms without adding either K-rule or univalence: a) use squash types to eliminate the proof information for the commuting diagrams, or b) weaken the definitions of associativity and identity to those described
[Tue Dec 13 07:17:12 2016] <stoopkid> here: https://ncatlab.org/nlab/show/monoidal+category
[Tue Dec 13 07:18:05 2016] <stoopkid> squash types seem like the intuitively correct choice
[Tue Dec 13 07:19:02 2016] <stoopkid> we don't care about the structure of our proof that the diagram commutes, we only care *that* the diagram commutes
[Tue Dec 13 15:39:43 2016] <tcog> Hi, everyone!
[Tue Dec 13 15:41:09 2016] <tcog> I'm getting an error: Error: Compiled library Foo.Bar.vo makes inconsistent assumptions over library Coq.Init.Logic.
[Tue Dec 13 15:41:47 2016] <tcog> Where Foo.Bar is a project I've installed with `make install`, from a Makefile produced by `coq_makefile`.
[Tue Dec 13 15:42:32 2016] <tcog> I would like to understand if `coqc` will print out the exact file path of Foo.Bar.vo so that I can understand from where it is trying to load the module from.
[Tue Dec 13 15:43:43 2016] <tcog> Or to put it in another way, how can I know which paths does `coqc` is using to look for modules?
[Tue Dec 13 15:44:34 2016] <tcog> My module `Foo.Bar` is being installed in `.opam/system/lib/coq/user-contrib`, but apparantly `coqc` is not picking it up.
[Tue Dec 13 16:13:55 2016] <Cypi> tcog: it seems like Foo.Bar.vo was compiled with a different version of Coq than what you are using now. Would you have a way to recompile it?
[Tue Dec 13 16:14:23 2016] <Cypi> (as for your precise question, sorry, I don't really know how to have Coq to print this exact file :/ )
[Tue Dec 13 16:14:59 2016] <tcog> Thanks, Cypi. I figured out that the culprit file was located in ~/.local/share/coq
[Tue Dec 13 16:16:39 2016] <tcog> Which means that, for future reference, `coqc` uses `~/.local/share/coq first` and then `~/.opam/system/lib/coq/user-contrib`.
[Tue Dec 13 16:26:18 2016] <tcog> This is more of a general question (not troubleshooting). I am wondering what is the rule of thumb when writing Coq libraries. To me it appears very difficult to maintain a Coq library because any change in any lemma will break the public interface and therefore not be backwards compatible. Are there any tricks or good practices you guys use to ameliorate this problem?
[Tue Dec 13 16:28:19 2016] <tcog> One technque I follow is to use Let to hide lemmas from the public API, the caveat is that adding many lets in a section will slow compilation down and make some of the proofs implicit (if using auto).
[Tue Dec 13 18:06:14 2016] <jgross> [Local Definition] is also a thing, and makes a name not be unqualified on [Import]. 
[Tue Dec 13 18:17:40 2016] <johnw> hi jgross!
[Fri Dec 16 06:37:46 2016] <JanBessai> @stoopkid: perhaps you already know all this, but continuing our discussion from two days ago: I find the original paper on locally cartesian closed categories (LCCCs) by Seely (http://www.math.mcgill.ca/rags/LCCC/LCCC.pdf) and the follow ups by hofmann (https://www.irif.fr/~mellies/mpri/mpri-ens/articles/hofmann-syntax-and-semantics-of-dependent-types.pdf) and Curien, Garner and Hofmann
[Fri Dec 16 06:37:52 2016] <JanBessai> (https://www.tcs.ifi.lmu.de/mitarbeiter/martin-hofmann/publikationen-pdfs/j36-RevisitingCategoricalInterpretation.pdf) helpful. While I'm still not sure how to present it in my context, it seems ok to give set based examples and refer to LCCCs as the general case for which the proofs in coq/agda hold
[Fri Dec 16 06:40:16 2016] <JanBessai> if one is to be extremely nit-picky, there is some care to be taken to adress the differences between variations of dependent type theory, but for something using it just as a tool, LCCCs with sums and products ought to be fine
[Fri Dec 16 06:40:38 2016] <JanBessai> (I at least hope so)
[Fri Dec 16 08:53:23 2016] <stoopkid> JanBessai: idk if you'd need LCCCs unless you're trying to do dependent polynomial functors
[Fri Dec 16 08:54:02 2016] <stoopkid> regular polynomial functors should work for any category with sums & products, afaict
[Fri Dec 16 08:56:48 2016] <stoopkid> i haven't really studied dependent polynomial functors yet though, so i'm not sure if the category itself has to be an LCCC or if you just need the dependencies to exist in the type theory where the functor is being described
[Fri Dec 16 09:11:17 2016] <JanBessai> stoopkid: I think I need LCCCs, because I'm using dependencies all over the place - a simplified version of the functor I use would be F(C)(s) = Sigma_{op | range(op) = s} Pi_{i=1}^{arity(op)} C(pi_i(domain(op)))
[Fri Dec 16 09:11:46 2016] <JanBessai> with Sigma and Pi being dependent sums and products
[Fri Dec 16 09:15:18 2016] <JanBessai> basically I just want to say "Pi_x P(x)" is "forall x, P x" in coq or a family of sets on paper and "Sum_x P(x)" is "{ x: _ & P(x) }" in coq or a disjoint tagged set union on paper
[Fri Dec 16 09:15:59 2016] <JanBessai> and if I understand Seely correctly, one can get away with that without worry
[Fri Dec 16 09:17:28 2016] <JanBessai> (at least if only the direction coq -> paper is used; just using arbitrary non constructive set stuff and claiming paper -> coq is a bad idea, of course)
[Fri Dec 16 09:18:16 2016] <stoopkid> i see
[Fri Dec 16 09:19:31 2016] <stoopkid> yea i'll have to think about that. i can try working out some stuff in Agda a bit later, i'll need to review seely's paper and test some things out
[Fri Dec 16 09:26:01 2016] <JanBessai> what currently escapes me, is the part about second projections of coproducts/sums (pi' in SigmaE). Seely writes they are "essentially" the identity map, turning "projT2: forall (s: { x: _ & P (x) }), P (projT1 s)" into a morphism "Sig_{x}P(x) -> Sig_{x}P(x)"
[Fri Dec 16 09:28:55 2016] <JanBessai> while I get the rational of not being able to have dependently typed morphisms, I don't quite get, why the identiy map is a way out of the dilemma
[Fri Dec 16 09:38:45 2016] <JanBessai> (on a side note: it is incredible, to imagine all of this being done completely without computer interaction in '83 - even before nuprl )
[Fri Dec 16 17:32:41 2016] <benzrf> is there a coq tactic that inserts fst and snd
[Fri Dec 16 21:35:13 2016] <Big_G> Does anyone know where the best place to find the formal verification community is?
[Fri Dec 16 21:41:42 2016] <jrw> Big_G: what are you going to do to them when you find them?
[Fri Dec 16 21:43:37 2016] <Big_G> Mainly ask what the best way to get into the field is. I haven't seen a ton of resources (beyond some textbooks) for getting into the field as well as where to find work in it.
[Fri Dec 16 21:47:38 2016] <jrw> Big_G: oh okay :) well, what kind of formal verification stuff are you interested in?
[Fri Dec 16 21:48:52 2016] <Big_G> I'm at the stage where I don't know what I don't know so I can only guess. Proof assistants seem interesting, I like the idea behind dependent types, and I like the concept of having some form of model that can "guarantee" properties.
[Fri Dec 16 21:53:25 2016] <jrw> Big_G: sounds good. if you want to learn proof assistants, in my opinion the best resource is still "software foundations".
[Fri Dec 16 21:55:36 2016] <jrw> a lot of formal verification work is being done in the PL community, so you could have a look at conferences like POPL, PLDI, ICFP, and OOPSLA.
[Fri Dec 16 21:55:59 2016] <jrw> if you want somewhere to start with research papers, I'd recommend looking at the compcert papers.
[Fri Dec 16 21:56:07 2016] <jrw> I can be more specific if you want.
[Fri Dec 16 21:56:45 2016] <Big_G> I'm sure I'll need that at some point but only after some more research
[Fri Dec 16 21:59:54 2016] <jrw> Big_G: if you do decide to learn coq, I'd recommend coming back here and asking questions!
[Fri Dec 16 22:00:59 2016] <Big_G> I've been meaning to for quite some while. I just have difficulty spending time on stuff after work without a clear purpose.
[Fri Dec 16 22:01:40 2016] <Big_G> Not to say that Coq isn't cool, just that I won't be able to use it in my life as a Java coder
[Fri Dec 16 22:02:26 2016] <jrw> that's understandable. if you can find an hour or so to get started, you might find that the exercises in software foundations are sufficiently addicting to keep you coming back
[Fri Dec 16 22:03:59 2016] <Big_G> That's how they get you. The first proof is always free.
[Fri Dec 16 22:04:14 2016] <jrw> haha :)
[Sat Dec 17 03:54:08 2016] <JanBessai> is the code / "upcoming publication" mentioned in "Buisse, A., & Dybjer, P. (2008). The Interpretation of Intuitionistic Type Theory in Locally Cartesian Closed Categories–an Intuitionistic Perspective. Electronic Notes in Theoretical Computer Science, 218, 21-32." (http://www.cse.chalmers.se/~peterd/papers/Philadelphia2008.pdf) available somewhere?
[Wed Dec 21 21:30:21 2016] <keep_learning> Hello everyone
[Wed Dec 21 21:30:56 2016] <keep_learning> I am trying to use constructive_indefinite_ground_description from  https://coq.inria.fr/library/Coq.Logic.ConstructiveEpsilon.html
[Wed Dec 21 21:31:11 2016] <keep_learning> The type A is Z in my case
[Wed Dec 21 21:32:07 2016] <keep_learning> and I have to give two function f : Z -> nat and g : nat -> Z with proof that Hypothesis gof_eq_id : forall x : A, g (f x) = x.
[Wed Dec 21 21:32:33 2016] <keep_learning> Could some one please give a idea about writing these two functions
[Wed Dec 21 22:02:17 2016] <benzrf> johnw, stoopkid: one reason nuprl is relatively unpopular just might be the fact that the most standard way to run it is to download a VM image
[Thu Dec 22 03:04:19 2016] <petercommand> how to do inequality case splits in coq? i want to split into two cases: i < j or i >= j
[Thu Dec 22 03:05:15 2016] <petercommand> i, j : Z
[Thu Dec 22 03:18:05 2016] <petercommand> hmm.. seems that I should use <=?
[Thu Dec 22 03:18:23 2016] <petercommand> "<=?"
[Thu Dec 22 03:28:46 2016] <JanBessai> petercommand: it depends on whether you have "(i < j) \/ (i >= j)" or "{i < j} + {i >= j}". You can just pattern match on them, or in tactics use destruct, case or inversion.
[Thu Dec 22 03:33:56 2016] <petercommand> JanBessai: thx, i'll try that
[Thu Dec 22 03:34:49 2016] <JanBessai> there is also "if ... then ... else ..."  as described in https://coq.inria.fr/refman/Reference-Manual004.html#Extensions-of-match
[Thu Dec 22 13:00:03 2016] <Ptival> is there a tactic to specialize a hypothesis with underscores and prove them as subgoals?
[Thu Dec 22 13:56:39 2016] <johnw> you mean, you have an hypothesis of the form "forall x, f x"
[Thu Dec 22 13:56:52 2016] <johnw> and you want it to become "f ?x" with a new subgoal to prove ?x
[Thu Dec 22 13:56:54 2016] <johnw> ?
[Thu Dec 22 14:07:29 2016] <johnw> is anyone else seeing "Unbound module Gramext" when building mathcomp-1.6.1 using Coq 8.6?
[Thu Dec 22 16:37:55 2016] <Ptival> johnw: yes
[Thu Dec 22 16:37:59 2016] <Ptival> often it's
[Thu Dec 22 16:38:16 2016] <Ptival> H: forall x, P x -> Q x
[Thu Dec 22 16:38:23 2016] <Ptival> and I have the x but not the (P x)
[Thu Dec 22 16:38:57 2016] <Ptival> and I want the Q x for something else
[Thu Dec 22 16:53:30 2016] <johnw> Ptival: you can do this:
[Thu Dec 22 16:53:38 2016] <johnw> cut (x : T).
[Thu Dec 22 16:53:42 2016] <johnw>   specialize (H x).
[Thu Dec 22 16:53:44 2016] <johnw>   ...
[Thu Dec 22 16:53:50 2016] <johnw> <now prove that x : T exists>
[Thu Dec 22 16:54:09 2016] <johnw> or use assert, if you prefer that ordering
[Thu Dec 22 19:07:57 2016] <keep_learning> Hello everyone
[Thu Dec 22 19:08:01 2016] <keep_learning> https://gist.github.com/mukeshtiwari/74de0dcb50f4160870714707e6ee7db1
[Thu Dec 22 19:09:43 2016] <keep_learning> I am trying to prove that f_nat_Z  and f_Z_nat are inverse of each other
[Thu Dec 22 19:10:18 2016] <keep_learning> but lost in symbol manipulation of library https://coq.inria.fr/library/Coq.ZArith.Znat.html
[Thu Dec 22 19:11:00 2016] <keep_learning> Could some one please have a look and give some hints
[Thu Dec 22 19:12:34 2016] <keep_learning> I am trying to prove that integers are countable infinite https://proofwiki.org/wiki/Integers_are_Countably_Infinite
[Fri Dec 23 02:46:48 2016] <Ptival> johnw: I guess the last constraint would have been "without having to type P" because it's long
[Fri Dec 23 02:46:58 2016] <Ptival> I think I had made a tactic for this now that I think about it
[Fri Dec 23 05:53:10 2016] <schoppenhauer> hi. can types with one element have computational content?
[Fri Dec 23 05:53:24 2016] <schoppenhauer> I think they can, but then, under what conditions?
[Fri Dec 23 05:54:30 2016] <schoppenhauer> the examples I can think of where they have computational content employ proof irrelevance. in absence of proof irrelevance, can they have computational content?
[Fri Dec 23 06:25:03 2016] <JanBessai> schoppenhauer: can you say what you mean by computational content?
[Fri Dec 23 06:25:57 2016] <schoppenhauer> JanBessai: it cannot be erased when extracting. like, for example, Prop will be.
[Fri Dec 23 06:26:32 2016] <schoppenhauer> JanBessai: and branches with the empty type and the unit type
[Fri Dec 23 06:29:01 2016] <asmanur> well type is one element are isomorphic to unit right?
[Fri Dec 23 06:29:33 2016] <schoppenhauer> not sure.
[Fri Dec 23 06:30:38 2016] <asmanur> yeah no, it's a fact
[Fri Dec 23 06:30:51 2016] <schoppenhauer> for example, { x : nat | "x is the smallest prime larger than m" } would contain one element (in presence of proof irrelevance)
[Fri Dec 23 06:31:22 2016] <asmanur> yes, but you prove it has one element by proving it is isomorphic to unit
[Fri Dec 23 06:31:37 2016] <schoppenhauer> still, it has computational content
[Fri Dec 23 06:33:03 2016] <JanBessai> I'm not sure.. perhaps it is the projection into nat, which has computational content
[Fri Dec 23 06:35:43 2016] <schoppenhauer> hm. ok. yes.
[Fri Dec 23 06:35:54 2016] <schoppenhauer> it would be a function that depends on m.
[Fri Dec 23 06:36:09 2016] <schoppenhauer> ok, interesting.
[Fri Dec 23 06:37:51 2016] <schoppenhauer> but yes, this makes sense … it is a pair (nat, _), and to get the nat, one has to use the recursion operator on pairs.
[Fri Dec 23 06:38:02 2016] <schoppenhauer> i still find this counter-intuitive somehow …
[Fri Dec 23 06:38:30 2016] <JanBessai> perhaps I'm wrong (I don't have any formal proof or reference for that)
[Fri Dec 23 06:38:53 2016] <schoppenhauer> maybe I'll ask math.stackexchange or something.
[Fri Dec 23 06:40:45 2016] <schoppenhauer> but it makes sense in the sense that the result of the recursion operator only depends on m.
[Fri Dec 23 06:41:36 2016] <schoppenhauer> on the other hand … this should probably be undecidable in general. so this is not really a "practical" notion of computational content.
[Fri Dec 23 06:42:21 2016] <JanBessai> maybe it boils down to the questions: given (S : Type) (singleton: Singleton S) (A: S -> Type), Lemma erase: JMEq (forall (s: S), A s) (forall (u: unit), A (unit_isomorphism u)).
[Fri Dec 23 06:42:51 2016] <JanBessai> with JMeq being john major equality, because the functions have different types
[Fri Dec 23 06:43:42 2016] <JanBessai> and unit_isomorphism being unit <-> S from the singleton proof
[Fri Dec 23 06:45:40 2016] <JanBessai> (or similar non dependent versions, if that is easier and enough)
[Fri Dec 23 06:45:59 2016] <JanBessai> i.e. JMeq (S -> A) (unit -> A)
[Fri Dec 23 06:47:46 2016] <JanBessai> is there a JMeq analogon of functional extensionality? forall A B C (f: A -> C) (g: B -> C), JMeq A B -> JMeq f g.
[Fri Dec 23 06:48:09 2016] <JanBessai> ohh one moment.. wrong definition
[Fri Dec 23 06:49:02 2016] <JanBessai> forall A B C D (f: A -> C) (g: B -> D), (forall (x: A) (y: B), JMeq x y -> JMeq (f x) (g y)) -> JMeq f g.
[Fri Dec 23 06:50:29 2016] <JanBessai> hmmm on the other hand not even sure that would be enough: unit and singleton types have different inhabitant terms
[Fri Dec 23 06:53:19 2016] <JanBessai> I recently encountered a similar question for False. you can have Inductive False1 : Type :=. Inductive False2 : Type :=. and it is not the case that False1 = False2 (even though that would be true in Set theory).
[Fri Dec 23 07:59:36 2016] <schoppenhauer> JanBessai: shouldn't False1 = False2 at least hold in HoTT? because they are clearly isomorphic?
[Fri Dec 23 07:59:45 2016] <schoppenhauer> ah ok no
[Fri Dec 23 07:59:49 2016] <schoppenhauer> not clearly
[Fri Dec 23 08:00:22 2016] <schoppenhauer> only with function extensionality
[Fri Dec 23 10:52:21 2016] <evgeniy_> Hello gentlemen! I have a question regarding Ltrac matching mechanism. It fails for my case but I cant figure why. Is it alright to ask such a question here?
[Fri Dec 23 10:52:29 2016] <evgeniy_> *Ltac
[Fri Dec 23 10:54:36 2016] <evgeniy_> No one complained, so I guess it means ok :-)
[Fri Dec 23 10:55:42 2016] <evgeniy_> Lets say I have the following code:
[Fri Dec 23 11:09:11 2016] <evgeniy_> Ok, I found a solution -) Thanks anyway.
[Fri Dec 23 11:10:43 2016] <Cypi> I was waiting for the code :(
[Fri Dec 23 12:15:09 2016] <M6PIC> I am relatively new to Coq! I am stuck proving http://pastebin.com/fKAguHvg. What is some advice on how to prove Sorted_cdr?
[Fri Dec 23 12:21:02 2016] <artart78> do you know how you'd do it on paper?
[Fri Dec 23 12:28:30 2016] <M6PIC> If t::L is sorted and if L is a::b::L' (if L is empty or a single item then it is trivial) then you have to prove R a b and b::L' is sorted, which you have to somehow 'extract' from the proof of Sorted t::L. This is my intuition. (I am not a trained mathematician/computer scientist).
[Fri Dec 23 12:34:43 2016] <Cypi> "'extract' from the proof of Sorted t::L" >> that's the right idea. You have a proof of t::L, and there are just a few ways you could have that (by singleton_sorted or by cons_sorted). The way to explain that in Coq is "inversion H"
[Fri Dec 23 12:36:59 2016] <M6PIC> Thanks for the help Cypi. Will give that a go.
[Fri Dec 23 12:38:48 2016] <M6PIC> It worked! (Probably no surprise to you!) Thanks! Now to go and read the documentation for the "inversion" tactic.
[Fri Dec 23 23:00:21 2016] <benzrf> schoppenhauer: function extensionality is a theorem in hott
[Fri Dec 23 23:00:51 2016] <schoppenhauer> benzrf: I know
[Fri Dec 23 23:01:16 2016] <modulus> i didn't, cool to know. i thought it had to be an axiom.
[Fri Dec 23 23:01:34 2016] <schoppenhauer> benzrf: but it is not "clear" how to use this here. that was what I meant
[Fri Dec 23 23:01:50 2016] <benzrf> oh
[Fri Dec 23 23:03:41 2016] <schoppenhauer> modulus: you need univalence. and I dont know how it is proved.
[Fri Dec 23 23:03:49 2016] <schoppenhauer> but probably benzrf knows
[Sat Dec 24 15:42:43 2016] <benzrf> i kind of do
[Sat Dec 24 15:42:51 2016] <benzrf> i know how to prove funext in cubical type theory
[Sat Dec 24 15:42:56 2016] <benzrf> im not sure how to do it just from univalence
[Sun Dec 25 11:12:32 2016] <tcog> Hey, everyone. I'm trying to understand how to handle warnings of this kind: Warning: Cannot build inversion information [funind-cannot-build-inversion,funind]
[Sun Dec 25 11:13:08 2016] <tcog> Why isn't Coq able to build inversion info. Is there anything I can do to help it?
[Sun Dec 25 18:29:02 2016] <pedroabreu> supose I have an Inductive for lambda terms (https://gist.github.com/pedrotst/6a5af9f6fc162f31af59902b274b66f0). How do I state the lemma "all terms that does not contain application satisfies blah"?
[Sun Dec 25 18:29:27 2016] <pedroabreu> that does not contain application as subterm* actually
[Sun Dec 25 18:30:52 2016] <Cypi>  You need a predicate to express "that does not contain application"
[Sun Dec 25 18:31:36 2016] <Cypi> two approaches I can see: 1) The simple but more redundant one: having another inductive predicate which expresses directly this property (you will basically have one constructor for each constructor of tm except app
[Sun Dec 25 18:32:01 2016] <Cypi> 2) Rewrite your inductive definition of tm so that it's indexed by a boolean which indicates if the term contains an app somewhere or not
[Sun Dec 25 18:32:33 2016] <Cypi> (2) is less redundant, but the type is more dependent, and also, maybe this boolean is not relevant for other theorems)
[Sun Dec 25 18:37:40 2016] <pedroabreu> those are nice ideas, thanks
[Sun Dec 25 18:37:52 2016] <pedroabreu> unfortunately I don't think they fit my need
[Sun Dec 25 18:38:33 2016] <pedroabreu> I pretty much need to check if a term contains some sort of subterm, and if thats the case, state a property about it
[Sun Dec 25 18:39:02 2016] <Cypi> Ah, youm
[Sun Dec 25 18:39:03 2016] <pedroabreu> maybe the example I used isn't the best, let me think
[Sun Dec 25 18:39:10 2016] <Cypi> Ah, you mean that it's not "an application" in general
[Sun Dec 25 18:39:31 2016] <pedroabreu> let's change "its not an application" to it's actually an aplication
[Sun Dec 25 18:39:38 2016] <pedroabreu> that that aplication must satisfy such and such
[Sun Dec 25 18:40:19 2016] <Cypi> So... "every application node in the term satisfies such property"?
[Sun Dec 25 18:40:25 2016] <pedroabreu> yes
[Sun Dec 25 18:40:40 2016] <Cypi> Then I would write it as a Fixpoint, probably
[Sun Dec 25 18:41:07 2016] <pedroabreu> you mean a lemma as a fixpoint?
[Sun Dec 25 18:41:21 2016] <Cypi> Not the lemma, the type of the lemma :)
[Sun Dec 25 18:41:33 2016] <pedroabreu> oh yeah haha, awesome
[Sun Dec 25 18:42:42 2016] <pedroabreu> gees, thats beyond my knowledge right now. Do you think if I finish Certified Programming with Dependent Types I`ll be able to come up with that naturally?
[Sun Dec 25 18:43:12 2016] <Cypi> As a more simple example, let's just take a list, and say we want to prove the property P for every element of the list. You could start by defining: "Fixpoint All {A : Type} (P : A -> Prop) (l : list A) : Prop := match l with nil => True | cons x l' => P x /\ All P l' end."
[Sun Dec 25 18:43:40 2016] <Cypi> and then have the type of your lemma be "All P l" for the right P and l
[Sun Dec 25 18:43:47 2016] <Cypi> CPDT is quite advanced, sure
[Sun Dec 25 18:44:19 2016] <Cypi> In the case of your terms, this is essentially the same kind of Fixpoint, just slightly more complicated because it's a tree
[Sun Dec 25 18:46:29 2016] <pedroabreu> I'll give it a go. Thanks a lot!
[Wed Dec 28 00:44:10 2016] <modulus> Turns out god exists: http://page.mi.fu-berlin.de/cbenzmueller/compmeta/htdocs/poster2.pdf :-)
[Wed Dec 28 09:37:28 2016] <Ptival> rrika: is there a technique to go past through goals like the final one here? http://paste.awesom.eu/5N42
[Wed Dec 28 09:37:32 2016] <Ptival> this is so convoluted :(
[Thu Dec 29 16:47:13 2016] <matsuura> Cale, jesus dude.. You're in every single channel I'd ever think to join.
[Thu Dec 29 16:48:58 2016] <matsuura> If I wanted to learn more about System U, which channel would be most helpful? I'd think #Coq, possibly #haskell, even #hott, but I'm a little flustered at the moment.
[Thu Dec 29 18:15:25 2016] <johnw> what is System U?
[Thu Dec 29 21:41:13 2016] <rrika> Ptival, is this based on your earlier code?
[Thu Dec 29 21:41:38 2016] <rrika> oh, you managed to do without my "match goal with |- context [ Fix_sub ?A_ ?R_ ?Rwf_ ?P_ ?f_ ?x_ ] =>"
[Thu Dec 29 21:41:48 2016] <rrika> interesting will have to look at that…
[Thu Dec 29 21:50:43 2016] <rrika> Ptival, when I try to load your file I get an error.
[Thu Dec 29 21:50:59 2016] <rrika> >Cannot infer the type of I in pmconcat
[Thu Dec 29 21:53:38 2016] <rrika> okay I used (I: {i: nat & i > 0})
[Thu Dec 29 22:10:47 2016] <rrika> … I don't quite get the idea behind pmconcat. Also coq uses 20% of my RAM now.
[Fri Dec 30 04:19:41 2016] <Ptival> rrika: yeah like this it looks dumb, it's actually a stand-in for a version that would be parallelized in practice
[Fri Dec 30 04:20:10 2016] <Ptival> and you match goal was just to make things more readable/short no?
[Fri Dec 30 16:47:41 2016] <Nik05> Does someone know some literature about logic and curry-howard correspondence?
[Fri Dec 30 16:47:52 2016] <Nik05> Topic should als be updated, 8.6 is out
[Sun Jan  1 10:00:26 2017] <arvisrend> are people familiar with https://x80.org/collacoq/ here?
[Sun Jan  1 10:00:38 2017] <arvisrend> it's doing weird things on my chrome, and i'm not sure whether they are bugs
[Sun Jan  1 10:00:55 2017] <arvisrend> like, trying to automatically compile all the time, thus messing up my edits
[Sun Jan  1 10:01:08 2017] <arvisrend> or capturing the Ctrl+V key binding for "paste"
[Sun Jan  1 14:38:46 2017] <matsuura> 明けましておめでとうございます
[Mon Jan  2 08:37:43 2017] <arvisrend> does anyone know how to prove a goal of the form "  0 < p <= m" in mathcomp?
[Mon Jan  2 08:37:56 2017] <arvisrend> i think it's an /\, but i'm not sure how to deconstruct it
[Mon Jan  2 09:56:01 2017] <artart78> arvisrend: it's (0 < p) && (p <= m) I think
[Mon Jan  2 09:56:15 2017] <artart78> so you have to use "apply/andP." to turn it into a /\ before you can use "split"
[Mon Jan  2 09:56:50 2017] <artart78> well I'm a bit late so maybe you already found lol
[Mon Jan  2 10:01:26 2017] <arvisrend> thanks
[Mon Jan  2 10:01:31 2017] <arvisrend> yeah i did find it
[Mon Jan  2 10:01:49 2017] <arvisrend> just getting confused by the fact that tutorials always lag behind the libs
[Mon Jan  2 10:36:37 2017] <arvisrend> is it common that you say "rewrite X" instead of saying "rewrite the goal using X"?
[Mon Jan  2 10:36:45 2017] <arvisrend> i'm finding it quite confusing
[Mon Jan  2 10:36:51 2017] <arvisrend> i mean in text, not in code
[Mon Jan  2 10:37:21 2017] <artart78> that's probably SSR users writing "rewrite theorem." so often it becomes natural language :D
[Mon Jan  2 10:37:41 2017] <artart78> also, about that "0 < p <= m", you could've found using: Locate "_ < _ <= _".
[Mon Jan  2 10:38:18 2017] <arvisrend> ah, locate!
[Mon Jan  2 10:38:19 2017] <arvisrend> thanks
[Mon Jan  2 10:38:42 2017] <arvisrend> so far it's been mostly a game of chance if i got the Check/Locate/Search right
[Mon Jan  2 15:40:06 2017] <cic> Hi, I have a very basic question. I have "Notation "~ x" := (not x) : type_scope." (from the software foundations book), and in the proofs they use "unfold not", but is it possible to use something like "unfold ~" instead? "unfold ~" does not work so I guess some kind of escaping or something like that is needed? Or maybe it's not the correct "scope"?
[Mon Jan  2 15:40:32 2017] <johnw> unfold "~"
[Mon Jan  2 15:41:52 2017] <cic> johnw: That worked, haha, thank you.
[Mon Jan  2 15:41:56 2017] <cic> I only tried (
[Mon Jan  2 15:41:58 2017] <cic> ops
[Mon Jan  2 15:42:04 2017] <cic> (~)
[Mon Jan  2 18:19:49 2017] <keep_learning> Hello everyone
[Mon Jan  2 18:20:06 2017] <keep_learning> Wish you all a very happy new year
[Mon Jan  2 18:20:32 2017] <keep_learning> May your year be filled with Qed :)
[Mon Jan  2 19:41:38 2017] <keep_learning> Hello everyone
[Mon Jan  2 19:42:00 2017] <keep_learning> I am trying to prove that integer in countble infinite https://gist.github.com/mukeshtiwari/bb7e2ea056e9229cc8ad630457ee872c
[Mon Jan  2 19:42:22 2017] <keep_learning> *countably infinite
[Mon Jan  2 19:43:19 2017] <keep_learning> But stuck with goal.
[Mon Jan  2 19:45:06 2017] <keep_learning> I have proof sketch also. For any v = Pos.to_nat p, 2 * v - 1 > 0 and we can write it S (2 * (v - 1))
[Mon Jan  2 19:46:01 2017] <keep_learning> After simplification, it will go second branch of f_nat_Z  | _ => if even n then  -1 * Z.of_nat (div n 2) else Z.of_nat ((div (S n) 2))
[Mon Jan  2 19:47:03 2017] <keep_learning> and clearly  S (2 * (v - 1)) is odd so we go to else branch
[Mon Jan  2 19:48:41 2017] <keep_learning> My only problem is I am not able to convice Coq accroding to my thinking because of my lack of inexperience with ZArith.
[Mon Jan  2 19:49:51 2017] <keep_learning> I would be more than happy to read Coq code if there is any such proof on github (I tried to search but could not locate any)
[Mon Jan  2 19:57:48 2017] <Cypi> keep_learning: looks "just" like some annoying manipulations to prove simple arithmetic facts. I'm trying to do it at the moment... (not very used to ZArith either)
[Mon Jan  2 19:58:37 2017] <keep_learning> Cypi: Yeah. I am also trying but not able to see the directon of proof.
[Mon Jan  2 20:00:27 2017] <Cypi> Well, for instance, the steps I took after where you left at: "destruct v", then prove that v = O is absurd, and so on...
[Mon Jan  2 20:11:16 2017] <Cypi> keep_learning: there you go http://lpaste.net/350789
[Mon Jan  2 20:11:20 2017] <Cypi> it's probably very ugly though
[Mon Jan  2 20:14:17 2017] <keep_learning> Cypi: Thank you.
[Mon Jan  2 20:15:59 2017] <keep_learning> I am trying different route https://gist.github.com/mukeshtiwari/bb7e2ea056e9229cc8ad630457ee872c
[Mon Jan  2 21:54:10 2017] <keep_learning> Cypi: Thanks again. Finally I completed my own version of proof by using your tactics. https://gist.github.com/mukeshtiwari/bb7e2ea056e9229cc8ad630457ee872c
[Tue Jan  3 13:11:48 2017] <arvisrend> what's the state of the art for using mathcomp on windows?
[Tue Jan  3 16:00:49 2017] <cic> hm, is there some way of showing the level and associativity of an operator (in proof general in emacs)? i tried print, check, locate notation etc. but nothing shows the things i want to know, :(.
[Tue Jan  3 16:19:24 2017] <johnw> I also wish there were
[Wed Jan  4 07:03:54 2017] <phi_> In first order logic I'd like to prove "(exists x:D, phi \/ psi) -> ((exists x: D, phi) \/ (exists x: D, psi))". How can I tell Coq that phi and psi might well be dependent on x? Currently, I have declared them as a simple Prop.
[Wed Jan  4 07:07:11 2017] <zozozo> phi_: I don't think that you can express that in first-order logic because you'd have to quantify over phi and psi (which would then need to be of type D -> Prop)
[Wed Jan  4 07:07:53 2017] <zozozo> though you can probably prove it for any instance of phi and psi
[Wed Jan  4 07:13:51 2017] <phi_> It seems that our lecture notes tried to prove ∃ elimination by means of expressing ∃ through ~(forall: ~phi). But isn't this inherently the same - a quantification over phi?
[Wed Jan  4 07:14:01 2017] <phi_> How could I proove it for any instance?
[Wed Jan  4 07:16:47 2017] <zozozo> well, quantify over phi and psi ? but then it's not really first-order anymore
[Wed Jan  4 07:22:45 2017] <phi_> It worked! Thanks!
[Wed Jan  4 07:38:48 2017] <phi_> There is really strange bug: you can never save your _scratch_ files in any subdirectory on your OneDrive folder. However, once you open an already saved file there, you can arbitrarily save it again under the same name.
[Wed Jan  4 15:08:54 2017] <cic> Hm, regarding my previous question about escaping operators. unfold "~" works, but unfold "<>" does not work. Coq says that it's unable to interpret "<>" as a reference. Is there some extra escaping needed here?
[Wed Jan  4 15:18:09 2017] <benzrf> maybe unfold "_ <> _"?
[Wed Jan  4 15:18:11 2017] <benzrf> dunno
[Wed Jan  4 15:18:13 2017] <benzrf> cic^
[Wed Jan  4 15:22:36 2017] <cic> benzrf: same error :(
[Wed Jan  4 15:23:28 2017] <benzrf> shrug
[Wed Jan  4 15:23:30 2017] <benzrf> sorry
[Wed Jan  4 15:25:18 2017] <artart78> cic: I'm not sure you can do anything, because 'Locate "_ <> _".' gives that "x <> y" is a notation for "not (eq x y)"
[Wed Jan  4 15:25:49 2017] <artart78> and AFAIK "unfold" is for unfolding definitions (in that case, "not") and not detailing notations
[Wed Jan  4 15:26:48 2017] <artart78> you can use "Unset Printing Notations." but that will hide all the notations
[Wed Jan  4 15:27:11 2017] <Cypi> You'll notice that [unfold "~"] will actually also "unfold" anything involving <>, since it seems to be just the same as [unfold not]
[Wed Jan  4 15:35:12 2017] <cic> The strange this is that "~" is also a notation, but unfold "~" works. :/
[Wed Jan  4 15:36:21 2017] <Cypi> The tactic mechanism probably recognized "~" as being a literal synonym for "not", whereas "_ <> _" is a more complicated expression
[Wed Jan  4 15:36:27 2017] <cic> Maybe the problem is that we have this:
[Wed Jan  4 15:36:29 2017] <cic> Notation "x <> y :> T" := (~ x = y :>T) : type_scope.
[Wed Jan  4 15:36:32 2017] <cic> Notation "x <> y" := (x <> y :>_) : type_scope.
[Wed Jan  4 15:36:53 2017] <cic> "<>" is a notation for another notation ...
[Wed Jan  4 15:38:02 2017] <cic> but, yeah, as you say, "unfold not" works. i was only wondering because unfold <any notation> is easier when you do not know the definition of some notation thing.
[Wed Jan  4 15:39:04 2017] <artart78> cic: https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic145
[Wed Jan  4 15:39:07 2017] <artart78> "unfold string: If string denotes the discriminating symbol of a notation (e.g. "+") or an expression defining a notation (e.g. "_ + _"), and this notation refers to an unfoldable constant, then the tactic unfolds it."
[Wed Jan  4 15:39:30 2017] <Cypi> notations are just a display thing, whereas "unfold" actually replaces a constant by its definition
[Wed Jan  4 15:39:49 2017] <artart78> here, <> is not an unfoldable *constant*
[Wed Jan  4 15:40:18 2017] <benzrf> are there ABT-like tools for coq
[Wed Jan  4 15:40:28 2017] <cic> and what is the definition of unfoldable? :p
[Wed Jan  4 15:40:36 2017] <benzrf> i wanna try messing around with formalizing some logic stuff, but im not super interested in the details of substitution atm
[Wed Jan  4 15:41:32 2017] <Cypi> a constant can be unfoldable or not. For instance, a lemma proved with a "Qed." at the end is opaque/non unfoldable.
[Wed Jan  4 15:41:46 2017] <Cypi> (but if you finish the prove with "Defined.", then it's transparent/unfoldable)
[Wed Jan  4 15:45:18 2017] <cic> hm, the error message didn't say anything about <> being non-unfoldable, it said something about being unable to interpret <> as a reference
[Wed Jan  4 15:45:41 2017] <Cypi> artart78 did insist on the word *constant*
[Wed Jan  4 15:46:04 2017] <Cypi> in this case, the problem is not the unfoldability of a constant; it is that the notation "_ <> _" does not refer to any constant
[Wed Jan  4 15:48:08 2017] <cic> sorry but why isn't it a constant, it refers to another notation that is simply a notation for "not (x = y)" and some bird smiley (:>)?
[Wed Jan  4 15:48:31 2017] <cic> I guess the bird thing is from the definition of eq/=.
[Wed Jan  4 15:48:47 2017] <Cypi> what we call a constant is a name, basically
[Wed Jan  4 15:48:55 2017] <cic> oh, where "x = y :> A" := (@eq A x y) : type_scope.
[Wed Jan  4 15:49:19 2017] <Cypi> There is not a single name that is tied to the notation "_ <> _", but a more complex expression
[Wed Jan  4 15:49:37 2017] <Cypi> To show the difference, you could do this:
[Wed Jan  4 15:50:04 2017] <Cypi> Definition neq {A : Type} (x y : A) := ~ x = y. Notation "x <=> y" := (neq x y) (at level 20).
[Wed Jan  4 15:50:17 2017] <Cypi> Now "<=>" is a notation referring to the constant "neq"
[Wed Jan  4 15:50:35 2017] <Cypi> so [unfold "<=>"] will work
[Wed Jan  4 15:56:31 2017] <cic> hm, ok, and "x <> y" is not a constant because the _ part in the definition?
[Wed Jan  4 15:57:20 2017] <Cypi> No, simply because the expression that "x <> y" refers to is "not (x = y)", which is a compound expression, not just the application of a constant to the arguments
[Wed Jan  4 15:57:39 2017] <Cypi> What constant would be "x <> y" referring to? (remember, "constant" means one single name)
[Wed Jan  4 16:00:47 2017] <cic> hm, this seems like a fairly arbitrary limitation to me, other parts of the system can understand this notation ... but thanks for the explanations.
[Wed Jan  4 16:01:32 2017] <Cypi> It's more like an expansion of what "unfold" is capable to handle. In its most simple form, it just takes a constant as an argument and nothing else (so no notation).
[Wed Jan  4 16:02:02 2017] <Cypi> It happens that they extented it so that it can also take notations that are synonymous to a constant as an argument
[Fri Jan  6 13:05:12 2017] <benzrf> 15:40 <benzrf> are there ABT-like tools for coq
[Fri Jan  6 13:05:14 2017] <benzrf> 15:40 <benzrf> i wanna try messing around with formalizing some logic stuff, but im not super interested in the details of substitution atm
[Fri Jan  6 13:05:48 2017] <benzrf> oh, this looks relevant https://www.ps.uni-saarland.de/autosubst/
[Fri Jan  6 13:05:50 2017] <benzrf> :|
[Fri Jan  6 15:34:26 2017] <mettekou> I always thought the parameters to inductive types (and bound for constructors) defined through the Vernacular "Inductive" were syntactic sugar for functions wrapping the constructors, e. g.: "Inductive list : (A : Set) := | nil : list A | cons : A -> list A -> A." = "Inductive list : Set -> Set := | nil : (fun A : Set => list A) | cons : (fun A : Set => A -> list A -> list A)." But apparently this is not the case, as Coq does not
[Fri Jan  6 15:34:26 2017] <mettekou>  accept the second definition. Unless it is implicitly doing some binding itself?
[Fri Jan  6 15:36:33 2017] <mettekou> It could of course be a single function wrapping the inductive type as in Eduardo Giménez's 1994 paper.
[Fri Jan  6 16:23:07 2017] <mettekou> Never mind, I was being silly, a function is of a function type, which is not a valid kind.
[Fri Jan  6 16:50:19 2017] <benzrf> mettekou: hmm, whta?
[Fri Jan  6 16:50:26 2017] <benzrf> coq doesn't have kinds that are separate from types
[Fri Jan  6 16:50:28 2017] <benzrf> there are just types, the end
[Fri Jan  6 16:52:53 2017] <mettekou> benzrf: Not separate from types, but they are there. By "not a valid kind", I meant to say "not a proper kind". The types of every constructor for an inductive type need to be in Set (Giménez, 1994), which is why I was concerned about the implementation of inductively defined types with parameters.
[Fri Jan  6 16:53:56 2017] <benzrf> oh wait, i see what you meant
[Fri Jan  6 16:54:00 2017] <benzrf> oops just misread
[Fri Jan  6 16:54:17 2017] <benzrf> thought you meant that something of an ordinary function type couldnt be a "type constructor" because function types arent constructor kinds
[Fri Jan  6 16:54:20 2017] <benzrf> which would be wrong
[Fri Jan  6 16:55:33 2017] <mettekou> benzrf: Constructors don't need to be in Set (or Prop or Type, I only mentioned Set because Giménez does not concern himself with computational relevance and universe hierarchies in his paper) then?
[Fri Jan  6 16:56:05 2017] <benzrf> er... i don't think so
[Fri Jan  6 16:56:10 2017] <benzrf> i don't know a ton about the universe hierarchy ,sorry
[Fri Jan  6 16:56:13 2017] <mettekou> benzrf: Do you have an example of a constructor of which the type is not in Set (or Prop or Type), modulo the parameters of the inductive type?
[Fri Jan  6 16:56:33 2017] <benzrf> i don't know, sorry :P
[Fri Jan  6 16:56:41 2017] <benzrf> it's not an important thing, nvm
[Fri Jan  6 16:57:04 2017] <mettekou> It is when you're implementing the calculus of inductive constructions yourself, as I am.
[Fri Jan  6 16:57:36 2017] <benzrf> i meant that my complaint and note weren't important :)
[Fri Jan  6 16:58:46 2017] <mettekou> Well they were valid, I misspoke, I meant to say "proper kind" instead of "valid kind".
[Fri Jan  6 23:30:38 2017] <Cypi> benzrf: for the record, Coq does have a concept of kinds/sorts, which are Prop/Set/Type
[Sun Jan  8 11:53:40 2017] <Ptival> is anyone knowledgeable about proving things about programs written using dependent destruction? In particular, my proof starts looking like (solution_left ...) from Program.Equality and I'm not quite sure how to proceed from here...
[Sun Jan  8 11:55:24 2017] <Cypi> Usually, the lemmas like solution_left and such will simplify if they are given eq_refl. So you might want to eliminate the equality that solution_left uses. However it might not be easy to do, so really, it might depend on your case...
[Sun Jan  8 11:56:05 2017] <Cypi> Also some lemmas are more complicated to eliminate: it won't necessarily compute (for instance if it uses K as an axiom), but you might still be able to prove propositionally what you want
[Sun Jan  8 11:57:28 2017] <Cypi> (solution_left/right are really just eq_rect by the way)
[Sun Jan  8 12:12:09 2017] <Ptival> Cypi: if you'd like to see my current problem (self-contained, skip to (*** PROBLEM ***) for the important context): http://paste.awesom.eu/1mqb
[Sun Jan  8 12:15:45 2017] <Cypi> Weeell, just "reflexivity" does the job actually
[Sun Jan  8 12:15:57 2017] <Cypi> you're in a case where everything computes just fine
[Sun Jan  8 12:16:51 2017] <Cypi> more step-by-step: unfold solution_left, eq_rect_r, eq_rect., you can see a match on "eq_sym eq_refl", so this should simplify (and it does, "simpl" works at this point)
[Sun Jan  8 12:56:35 2017] <Ptival> thanks, didn't realize that...
[Sun Jan  8 13:01:04 2017] <Ptival> other question: how do I get access to the commutative without having to unpack the class? http://paste.awesom.eu/IyN4 do I need some sort of Coercion? or some different way of defining the hierarchy?
[Sun Jan  8 17:56:31 2017] <benzrf> how do i use a tactic in an expression, again?
[Sun Jan  8 18:48:19 2017] <johnw> ltac:(tactic)
[Sun Jan  8 18:48:26 2017] <johnw> if you have Coq 8.5
[Sun Jan  8 18:55:16 2017] <rrika> (3 + ((fun a => ltac:(apply a)) 10))
[Sun Jan  8 18:55:17 2017] <rrika> this is fun
[Sun Jan  8 20:25:18 2017] <benzrf> thx johnw
[Sun Jan  8 20:25:28 2017] <benzrf> hey, anyone know about modules?
[Sun Jan  8 20:25:34 2017] <benzrf> i am having a confusion
[Sun Jan  8 20:25:37 2017] <johnw> better to just ask your question :)
[Sun Jan  8 20:25:54 2017] <benzrf> ok well
[Sun Jan  8 20:25:59 2017] <benzrf> i am doing this:
[Sun Jan  8 20:26:02 2017] <benzrf> Module Type Theory (Sig : Signature).
[Sun Jan  8 20:26:04 2017] <benzrf>   Module Lang := FOLLang Sig.
[Sun Jan  8 20:26:06 2017] <benzrf>   Import Lang.
[Sun Jan  8 20:26:23 2017] <benzrf> but then when i try to do a module later to instantiate this type, it complains that i am not defining the Lang field!
[Sun Jan  8 20:26:38 2017] <benzrf> so apparently this creates a field 'Lang' that it wants me to fill
[Sun Jan  8 20:26:40 2017] <benzrf> huh??
[Sun Jan  8 20:26:53 2017] <johnw> interesting
[Sun Jan  8 20:36:09 2017] <benzrf> johnw: plz help :(
[Sun Jan  8 20:36:37 2017] <johnw> it doesn't ring any bells here
[Sun Jan  8 20:36:55 2017] <johnw> don't do that?
[Sun Jan  8 20:37:18 2017] <johnw> why are you importing a module into a module type anyway, rather than into a regular functor?
[Sun Jan  8 20:37:38 2017] <benzrf> because theories are parameterized over signatures
[Sun Jan  8 20:37:57 2017] <benzrf> i cant define the theory of peano arithmetic except as a theory over the relevant signature
[Sun Jan  8 20:37:58 2017] <johnw> but do theories usually import modules?
[Sun Jan  8 20:38:14 2017] <johnw> i know functors do, but theories?
[Sun Jan  8 20:38:26 2017] <benzrf> huh?
[Sun Jan  8 20:38:50 2017] <johnw> can you ask a question to clarify what didn't make sense?
[Sun Jan  8 20:39:04 2017] <benzrf> i dont have to import it, but i dont think i can avoid defining it if i want to reference Lang.formula
[Sun Jan  8 20:39:15 2017] <johnw> why are you using Module Type Theory (Sig : Signature). instead of Module Theory (Sig : Signature).
[Sun Jan  8 20:39:41 2017] <benzrf> because i have
[Sun Jan  8 20:39:49 2017] <benzrf> Module Deduction (Thy : Theory).
[Sun Jan  8 20:40:46 2017] <johnw> that's not a reason
[Sun Jan  8 20:40:49 2017] <johnw> you can do:
[Sun Jan  8 20:40:52 2017] <johnw> Module Deduction.
[Sun Jan  8 20:40:57 2017] <johnw> Module Import Thy := Theory.
[Sun Jan  8 20:41:34 2017] <johnw> I need to know why you need it to be a module type, not just beacuse you're trying to use it as one
[Sun Jan  8 20:41:50 2017] <benzrf> i dont know what Module Import does
[Sun Jan  8 20:41:59 2017] <johnw> module types usually just contain a bunch of parameters and axioms
[Sun Jan  8 20:42:03 2017] <benzrf> yes
[Sun Jan  8 20:42:10 2017] <johnw> Module Import is the same as Module followed by Import
[Sun Jan  8 20:42:11 2017] <benzrf> that's what Theory contains
[Sun Jan  8 20:42:22 2017] <johnw> it contains more than that, because you're importing a module into it!
[Sun Jan  8 20:42:34 2017] <benzrf> Module Type Theory (Sig : Signature).
[Sun Jan  8 20:42:37 2017] <benzrf>   Module Lang := FOLLang Sig.
[Sun Jan  8 20:42:39 2017] <benzrf>   Parameter axiom  : Type.
[Sun Jan  8 20:42:41 2017] <benzrf>   Parameter ax_inj : axiom -> Lang.formula.
[Sun Jan  8 20:42:43 2017] <benzrf> End Theory.
[Sun Jan  8 20:43:01 2017] <johnw> that's a lot more than just parameters
[Sun Jan  8 20:43:09 2017] <johnw> that two parameters plus the whatever Lang contains
[Sun Jan  8 20:43:28 2017] <johnw> anyway, try doing this without use a module type
[Sun Jan  8 20:43:32 2017] <johnw> just use module functors
[Sun Jan  8 20:43:34 2017] <benzrf> i
[Sun Jan  8 20:43:37 2017] <benzrf> what?
[Sun Jan  8 20:43:56 2017] <benzrf> then how do i do Module Deduction (Thy : Theory)
[Sun Jan  8 20:44:04 2017] <johnw> you wouldn't
[Sun Jan  8 20:44:25 2017] <johnw> here's another way
[Sun Jan  8 20:44:29 2017] <johnw> Module Type Theory (Sig : Signature).
[Sun Jan  8 20:44:38 2017] <johnw>   Parameter formula : Type.
[Sun Jan  8 20:44:43 2017] <johnw>   Parameter axiom : Type.
[Sun Jan  8 20:44:50 2017] <johnw>   Parameter ax_inj : axiom -> formula.
[Sun Jan  8 20:44:51 2017] <johnw> End Theory.
[Sun Jan  8 20:44:55 2017] <benzrf> but then i don't get to assume that formula is as i defined it
[Sun Jan  8 20:45:34 2017] <johnw> you can instantiate the module signature by plugging in Lang.formula for formula
[Sun Jan  8 20:46:29 2017] <johnw> i've got to go, good luck
[Sun Jan  8 20:46:38 2017] <benzrf> i dont understand
[Sun Jan  8 20:46:59 2017] <benzrf> augh
[Mon Jan  9 08:44:00 2017] <Ptival> so it seems a new behavior when using e-tactics is to shelve the dependent premises, and I find it annoying, is there a way around this?
[Mon Jan  9 08:44:32 2017] <Ptival> for instance if need to construct a record { plus: T -> T -> T; prop: SomethingAbout plus; }
[Mon Jan  9 08:44:46 2017] <Ptival> where building the plus would be easier done in tactic mode
[Mon Jan  9 08:45:31 2017] <Ptival> and Unshelve does not bring the goal forward :(
[Mon Jan  9 10:06:01 2017] <Cypi> Ptival: you can use "unshelve tac" to immediately unshelve anything that the tactic generated and shelved
[Mon Jan  9 10:23:14 2017] <mettekou_> Is there a good resource out there on the implementation of Ltac? There's a paper describing the operational semantics and properties of Mtac, but I can't seem to find such a paper (or even a less formal resource) on Ltac's semantics or implementation.
[Mon Jan  9 15:25:32 2017] <benzrf> are there any experts on modules here
[Mon Jan  9 15:26:07 2017] <benzrf> i am extremely confused as to the mechanics of unification of stuff defined in various modules
[Mon Jan  9 15:26:17 2017] <benzrf> which should absolutely be definitionally equal
[Mon Jan  9 15:46:28 2017] <benzrf> unrelated, but i also have a question about binding levels and stuff, if anyone can answer
[Mon Jan  9 15:55:03 2017] <benzrf> :I
[Mon Jan  9 16:07:53 2017] <benzrf> [G |- forall1, b -> P] should be parsed as [(G |- (forall1, b)) -> P], but it seems to be parsed as [G |- ((forall1, b) -> P)]
[Mon Jan  9 16:08:21 2017] <benzrf> [Reserved Notation "G |- p" (at level 75)] and [Notation "'forall1' , p" := (uni p) (at level 80)]
[Mon Jan  9 16:09:20 2017] <benzrf> (when i say 'should be', i mean that i want it to be parsed that way)
[Mon Jan  9 16:14:53 2017] <benzrf> ...huh. i made "|-" at 85, and that seems to have fixed it
[Mon Jan  9 16:14:58 2017] <benzrf> i don't understand why, though!
[Mon Jan  9 22:04:13 2017] <benzrf> omg i hate this
[Mon Jan  9 22:04:23 2017] <benzrf> wrote up a whole function but its not clear enough that the argument is decreasing
[Mon Jan  9 22:04:26 2017] <benzrf> ahghgh
[Tue Jan 10 00:48:50 2017] <keep_learning> benzrf: You can use Program construct https://coq.inria.fr/refman/Reference-Manual027.html and see goals are solved automatically or not.
[Tue Jan 10 00:49:10 2017] <keep_learning> benzrf: I haven't experimented much with this
[Tue Jan 10 01:03:45 2017] <benzrf> https://scontent-ord1-1.xx.fbcdn.net/v/t31.0-8/15391486_219157441863379_3019041884290281398_o.jpg?oh=1a0af7c83076ca5ac5b9e89853846057&oe=58DA761D
[Tue Jan 10 09:01:06 2017] <Ptival> is there a known thing about type classes not resolving past depth 10?
[Tue Jan 10 11:05:20 2017] <mettekou> Does anyone know why Coq accepts the first definition, but rejects the second? https://gist.github.com/mettekou/00a03d98eeb1037056fe7d543138a480
[Tue Jan 10 11:07:16 2017] <Cypi> http://adam.chlipala.net/cpdt/html/Universes.html look for your error message. You can also check another explanation at https://coq.inria.fr/refman/Reference-Manual006.html
[Tue Jan 10 11:08:28 2017] <Cypi> The problem is that in the second case, "A : Set" is an actual argument for the constructors (and Set is in Type). In the first case, it is just a parameter for the whole inductive type
[Tue Jan 10 11:09:43 2017] <Cypi> parameters are nicer to use, since you have the guarantee that they are uniform over all constructors. So defining an inductive type with a parameter is really the same as defining as many inductive types as there are possible values for this parameter
[Tue Jan 10 11:10:31 2017] <Cypi> and you can consider each of these inductive types individually and it makes sense on its own. With indices (your second case), this is not necessarily the case: considering just one possible index does not make sense in general
[Tue Jan 10 11:11:38 2017] <Cypi> For instance, if you take "Inductive vect : nat -> Set := nil : vect O | cons : forall n, nat -> vect n -> vect (S n).", it does not really make sense to consider only the elements of "vect 1" without talking about the elements of "vect O"
[Tue Jan 10 11:31:20 2017] <mettekou> Cypi: My confusion wasn't from the standpoint of a user of Coq, but came from misreading part of Codifying Guarded Definitions with Recursive Schemes (Giménez, 1994). I didn't understand how a parameter to an inductive type, desugared as a lambda abstraction over that inductive type played nicely with top-level definitions of constructors. But I see which trick the parser and type checker use now. Thanks!
[Tue Jan 10 18:38:31 2017] <Talia> hi all, I'm trying to understand terms generated by omega (i have a real reason, i promise) -- but as part of these terms I get these periods, e.g. "(fun x : Z => (0 <= x + .)%Z -> False)"
[Tue Jan 10 18:38:56 2017] <Talia> does anyone know what these are? if i try to write it as a definition i can't get it to even lex, and type inference fails if i try placeholders
[Tue Jan 10 18:39:27 2017] <Talia> set printing all also doesn't expand them in any way
[Tue Jan 10 18:39:46 2017] <Cypi> Do you have a (preferably small) example of this? I'm curious
[Tue Jan 10 18:40:53 2017] <Talia> The omega term isn't small but if you can reproduce it locally:
[Tue Jan 10 18:41:32 2017] <Talia> (this is a purposely dumb theorem and proof): Theorem OmegaBasic:  forall (n m p : nat), n <= m ->  m <= p -> n <= p + 17. Proof.  intros. omega. Qed.
[Tue Jan 10 18:41:39 2017] <Cypi> thanks
[Tue Jan 10 18:42:00 2017] <Talia> i am in coqide, so it could also be coqide, curious if you're in ProofGeneral if it actually expands it
[Tue Jan 10 18:42:51 2017] <benzrf> hey, if i have a type like so:
[Tue Jan 10 18:42:53 2017] <Cypi> I'm in CoqIDE, and I don't get anything strange
[Tue Jan 10 18:43:08 2017] <Cypi> I can copy/paste what "Show Proof" gives me and give it to "exact"
[Tue Jan 10 18:43:19 2017] <benzrf> Inductive tree := | leaf : nat -> tree | node : list tree -> tree.
[Tue Jan 10 18:43:28 2017] <benzrf> can i somehow generate an induction principle that actually works?
[Tue Jan 10 18:43:44 2017] <Cypi> benzrf: you can't easily generate it, but you can certainly write one yourself
[Tue Jan 10 18:43:49 2017] <benzrf> :\
[Tue Jan 10 18:44:00 2017] <benzrf> man... that's irritating
[Tue Jan 10 18:44:16 2017] <Cypi> It's not that easy to know automatically what's a relevant induction principle for nested inductive types
[Tue Jan 10 18:44:30 2017] <benzrf> can't i nudge coq using some command?
[Tue Jan 10 18:44:33 2017] <Talia> Cypi really? can you send me your term? I have periods in there that break the lexer, even if I pass it to exact
[Tue Jan 10 18:45:05 2017] <Cypi> http://lpaste.net/351088 here it is
[Tue Jan 10 18:45:08 2017] <Talia> thanks
[Tue Jan 10 18:45:16 2017] <benzrf> (relatedly, it is also a huge pain to define recursive functions over this type)
[Tue Jan 10 18:45:23 2017] <Cypi> benzrf: not currently I don't think
[Tue Jan 10 18:45:32 2017] <Talia> huh, your term is different from mine
[Tue Jan 10 18:45:56 2017] <Cypi> I'm in 8.5
[Tue Jan 10 18:46:28 2017] <Cypi> 8.5pl3 to be precise (I think it's the .dev version, not exactly pl3, but close enough)
[Tue Jan 10 18:46:31 2017] <Talia> OK -- it looks actually like your periods are just expanded. maybe i'll need to upgrade coq. good to know. thanks!
[Tue Jan 10 18:46:46 2017] <Cypi> So I'm curious: what are they expanded to?
[Tue Jan 10 18:47:48 2017] <Talia> i wish the answer to that were short, but pretty everything fast_Zred_factor6 is applied to
[Tue Jan 10 18:48:11 2017] <Cypi> ok
[Tue Jan 10 18:48:22 2017] <Cypi> strange
[Tue Jan 10 18:48:25 2017] <Talia> like, I have:
[Tue Jan 10 18:49:16 2017] <Talia> http://lpaste.net/351089
[Tue Jan 10 18:50:15 2017] <Cypi> I wonder if it might just be the printer, but that would be strange
[Tue Jan 10 18:50:25 2017] <Cypi> I mean, in the sense that it doesn't want to printe something to deep or something
[Tue Jan 10 18:50:27 2017] <Cypi> I don't know :)
[Tue Jan 10 18:51:05 2017] <Talia> it looks like they are different in more ways on close look actually, so i can't control for that vs. different versions of omega
[Tue Jan 10 18:51:15 2017] <Talia> mysterious
[Tue Jan 10 18:52:24 2017] <Talia> while i wait to install 8.5, would you be willing to send me the term you get when the conclusion is n <= p instead of n <= p + 17?
[Tue Jan 10 18:53:05 2017] <Talia> i know there's a lemma for it, just comparing omega terms as a learning experience
[Tue Jan 10 18:53:59 2017] <Cypi> http://lpaste.net/351090
[Tue Jan 10 18:54:10 2017] <Talia> thanks a ton
[Tue Jan 10 18:54:20 2017] <Cypi> no problem
[Tue Jan 10 18:55:41 2017] <benzrf> this sucks so much
[Tue Jan 10 18:56:30 2017] <Talia> It looks like it is the printer -- the term you sent works fine, but when I print it i get the same periods in my term
[Tue Jan 10 18:57:34 2017] <benzrf> Cypi: if i write my own induction principle, will i be able to invoke it with [induction] or something, or will i need to use super verbose [apply]
[Tue Jan 10 18:58:52 2017] <Cypi> benzrf: you can use "induction ... using ..."
[Tue Jan 10 18:59:04 2017] <Cypi> it expects a certain shape for the induction principle, but I don't remember what it is x)
[Tue Jan 10 18:59:28 2017] <benzrf> you sure there's nothing straightforward for nested types? :(
[Tue Jan 10 18:59:34 2017] <Cypi> I'm not sure, no
[Tue Jan 10 18:59:39 2017] <benzrf> heuh
[Tue Jan 10 18:59:47 2017] <Cypi> but I'd be surprised
[Tue Jan 10 19:02:18 2017] <benzrf> hmm... i see "inversion using" but not "induction using"
[Tue Jan 10 19:03:00 2017] <Cypi> https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic79 in the variants of "induction", there is "induction term1 using term2"
[Tue Jan 10 19:03:16 2017] <benzrf> ah! thanks
[Wed Jan 11 00:15:25 2017] <benzrf> is there a Type version of Vector.Forall
[Wed Jan 11 08:42:01 2017] <lthm> hi
[Wed Jan 11 15:10:21 2017] <earnestly> (Linux, ocaml 4.04, coq from git) When attempting to run ./configure or ocaml configure.ml I immediately get the following exception: https://ptpb.pw/8dof
[Wed Jan 11 15:11:41 2017] <johnw> i'd report a bug on the issue tracker
[Wed Jan 11 15:11:43 2017] <johnw> or ask teh ML
[Wed Jan 11 15:12:24 2017] <earnestly> Hm, okay thanks
[Wed Jan 11 15:22:01 2017] <earnestly> johnw: https://coq.inria.fr/bugs/show_bug.cgi?id=5307
[Wed Jan 11 15:40:40 2017] <johnw> someone should see it fairly soon
[Wed Jan 11 16:02:42 2017] <earnestly> Hopefully it's just a small oversight in the latest development code
[Wed Jan 11 16:11:56 2017] <johnw> i'm sure that's it
[Thu Jan 12 03:07:12 2017] <lthms> hi
[Thu Jan 12 03:32:58 2017] <lthms> I have been playing with Program and vector and I think I found some inconsistencies
[Thu Jan 12 03:33:20 2017] <lthms> some errors suggest coq generate mistyped code
[Thu Jan 12 03:34:44 2017] <Cypi> As long as it generates mistyped code but recognizes afterwards that it's mistyped, it's "fine" (still a bug, but not a severe one)
[Thu Jan 12 03:35:03 2017] <Cypi> I wouldn't be surprised if Program could generate wrong terms indeed. Do you have an example though?
[Thu Jan 12 03:41:22 2017] <lthms> yes
[Thu Jan 12 03:43:01 2017] <lthms> https://gist.github.com/lethom/8d76dddecb8b343a9e7592764d42fa87
[Thu Jan 12 03:43:19 2017] <lthms> the (dummy) implementation of map2 (at the very end)
[Thu Jan 12 03:45:40 2017] <Cypi> hmm, yes, looks like a straight bug in De Bruijn indices manipulation :/
[Thu Jan 12 03:46:32 2017] <lthms> I imagined something like that (minus the De Bruijn clue :p)
[Thu Jan 12 03:48:57 2017] <lthms> What is the best way to report that? Github?
[Thu Jan 12 03:49:15 2017] <Cypi> https://coq.inria.fr/bugs/ the official bug-tracker
[Thu Jan 12 03:50:00 2017] <lthms> it makes sense, thank you (I could have look
[Thu Jan 12 03:50:04 2017] <lthms> ed a little more)
[Thu Jan 12 03:50:20 2017] <Cypi> no problem
[Thu Jan 12 03:50:40 2017] <Cypi> Hmm, even what I believe would be a correct version of map2 does not go through, that's annoying :/
[Thu Jan 12 03:51:14 2017] <lthms> I was able to implement something, using nested pattern matching
[Thu Jan 12 03:51:32 2017] <lthms> and by avoiding placeholders
[Thu Jan 12 03:51:44 2017] <Cypi> good then :)
[Thu Jan 12 03:52:03 2017] <lthms> my issue was the extracted code was a bit disappointing
[Thu Jan 12 03:53:24 2017] <Cypi> not close enough to what you would have written directly?
[Thu Jan 12 03:53:54 2017] <lthms> well there is two issues I found and I do not
[Thu Jan 12 03:54:02 2017] <lthms> know if it is possible to avoid them
[Thu Jan 12 03:55:18 2017] <lthms> but the main one is that it wraps the result in some Exist types
[Thu Jan 12 03:55:30 2017] <lthms> actually the same way the commented version of map2 does
[Thu Jan 12 03:57:23 2017] <lthms> (actually, not quite the same, sorry..(
[Thu Jan 12 03:59:00 2017] <Cypi> If I extract the version you commented, I actually get something quite good enough
[Thu Jan 12 03:59:11 2017] <Cypi> (after inlining a few other definitions...)
[Thu Jan 12 04:02:01 2017] <lthms> can you give me your extraction calls?
[Thu Jan 12 04:02:49 2017] <Cypi> Unset Extraction SafeImplicits. Extraction Inline solution_left solution_right simplification_heq map2_obligation_1. Extraction map2.
[Thu Jan 12 04:03:03 2017] <Cypi> I'm no expert on extraction, so I'm not even sure why I need the first command :)
[Thu Jan 12 04:04:27 2017] <lthms> It is my fault, actually (I tried to make the first argument of vcons implicit but it is not that simple)
[Thu Jan 12 04:04:36 2017] <lthms> thanks!
[Thu Jan 12 04:04:45 2017] <lthms> https://gist.github.com/lethom/11f938f54ba3462e44703f85cbca8409 what I ran into
[Thu Jan 12 04:05:18 2017] <Cypi> I wonder, which version of Coq are you using?
[Thu Jan 12 04:05:57 2017] <lthms> the trunk version of January 2nd
[Thu Jan 12 04:06:08 2017] <Cypi> ok :o
[Thu Jan 12 04:07:21 2017] <lthms> thanks for the inlining tip
[Thu Jan 12 04:08:08 2017] <Cypi> oh, the Admitted seem to mess up with it though
[Thu Jan 12 04:08:35 2017] <Cypi> Hopefully when you'll complete your definition, the extraction will be better
[Thu Jan 12 04:08:53 2017] <lthms> Oh, it is good to know
[Thu Jan 12 04:10:57 2017] <lthms> I had some trouble completing the obligation though, but I didn'try for a while
[Thu Jan 12 04:11:10 2017] <lthms> thanks four your help anyway
[Thu Jan 12 09:42:37 2017] <schoppenhauer> hi. is there a complete formal specification of coq's type system?
[Thu Jan 12 10:20:32 2017] <benzrf> schoppenhauer: depends on "complete formal", but yes i think so!
[Thu Jan 12 10:20:41 2017] <schoppenhauer> benzrf: where?
[Thu Jan 12 10:20:46 2017] <benzrf> 1 sec
[Thu Jan 12 10:22:01 2017] <benzrf> schoppenhauer: chapter 4 https://coq.inria.fr/distrib/current/files/Reference-Manual.pdf
[Thu Jan 12 10:23:08 2017] <schoppenhauer> benzrf: thank you
[Thu Jan 12 10:23:16 2017] <benzrf> np
[Thu Jan 12 10:51:16 2017] <schoppenhauer> ok, on https://coq.inria.fr/distrib/current/files/Reference-Manual.pdf page 122, there is some {\cal S} out of nowhere. what does it mean? (In the rule W-Local-Assum, for example)
[Thu Jan 12 10:53:44 2017] <benzrf> schoppenhauer: defined on page 119
[Thu Jan 12 10:53:47 2017] <benzrf> right at the bottom
[Thu Jan 12 10:56:00 2017] <schoppenhauer> benzrf: ah thx. I overread this.
[Thu Jan 12 10:57:39 2017] <benzrf> heh
[Sat Jan 14 11:45:18 2017] <Dinno> Hello!
[Sat Jan 14 11:47:17 2017] <Dinno> Does somebody read me?
[Sat Jan 14 11:48:06 2017] <artart78> yes
[Sat Jan 14 11:48:54 2017] <artart78> usually on IRC you don't expect people to answer to just "Hello!", just ask your question :P
[Sat Jan 14 11:49:29 2017] <Dinno> Thanks. I am learning Coq, and was searching for like minded people. :)
[Sat Jan 14 11:50:41 2017] <Dinno> Last time when I used irc was long time ago :), so I should be excused for my ignorance
[Sat Jan 14 11:51:34 2017] <artart78> no problem :)
[Sat Jan 14 11:55:39 2017] <earnestly> Dinno: https://www.xkcd.com/1782/
[Sat Jan 14 11:56:10 2017] <Dinno> Does somebody use Coq for programming? I mean certifying of programs
[Sun Jan 15 22:05:52 2017] <benzrf> is there something like non-generative modules/functors that i can use, that won't suck
[Tue Jan 17 02:42:39 2017] <lthms> hi
[Tue Jan 17 07:49:06 2017] <notdan> hi
[Tue Jan 17 11:01:43 2017] <schoppenhauer> hi. does anyone know an example where the usage of a tactic blows up an extracted algorithm?
[Tue Jan 17 11:04:01 2017] <Cypi> You mean a "usual" tactic?
[Tue Jan 17 11:04:13 2017] <Cypi> because you could certainly write one that makes your algorithm blows up
[Tue Jan 17 11:06:41 2017] <schoppenhauer> yes, I mean a usual one. one argument against program extraction is often that you can have blowups … but I never had one, but that is because I mainly use tactics on stuff that has no computational content.
[Tue Jan 17 11:07:37 2017] <Cypi> I wasn't really aware of this argument. If you mean to extract your program, then it seems obvious to me that you should be somewhat careful of you write it
[Tue Jan 17 11:07:51 2017] <schoppenhauer> me too
[Tue Jan 17 11:08:05 2017] <Cypi> I cannot be sure, but there may be cases where using inversion or intuition might make terms bigger than they should be
[Tue Jan 17 11:08:26 2017] <Cypi> I mean, I'm pretty sure there are such cases, but I don't think I'd be able to build one right now :)
[Tue Jan 17 11:08:54 2017] <Cypi> (but again, using intuition while building a proof whose term is of some importance seems bad)
[Tue Jan 17 11:08:56 2017] <schoppenhauer> probably, but bigger terms are not really a problem. I mean the argument that "the extracted algorithms are not readable" is stupid imho, because you can usually not read the assembly that haskell generates, too. for me, extraction is a form of compilation.
[Tue Jan 17 11:10:12 2017] <schoppenhauer> I think I'll try something with omega first
[Tue Jan 17 11:10:23 2017] <Cypi> as long as bigger doesn't mean slower, then yes
[Tue Jan 17 11:10:48 2017] <Cypi> omega only solves goal in Prop, doesn't it?
[Tue Jan 17 11:11:00 2017] <Cypi> (since they are equality/comparisons and so on of integers)
[Tue Jan 17 11:11:09 2017] <schoppenhauer> not sure
[Tue Jan 17 11:11:22 2017] <schoppenhauer> i thought there can be existential quantifiers in some situations
[Tue Jan 17 11:11:54 2017] <Cypi> omega does not even solve "exists n, n = 0"
[Tue Jan 17 11:11:57 2017] <Cypi> so I doubt it
[Tue Jan 17 11:12:40 2017] <Cypi> does not solve it even if you do "eexists" first, it will not trigger a unification of the existential variable and 0
[Tue Jan 17 11:12:52 2017] <schoppenhauer> hm.
[Tue Jan 17 11:12:54 2017] <schoppenhauer> ok, you are right.
[Tue Jan 17 11:14:52 2017] <schoppenhauer> Well, I never liked this argument anyway, because being able to make inefficient programs look efficient is something you can always do with abstraction.
[Tue Jan 17 11:18:45 2017] <Cypi> Sure, but having something readable, and not only readable, something which is what you would have written yourself, is a convincing argument for the efficiency of your program
[Tue Jan 17 11:19:30 2017] <Cypi> When I wrote a fairly complicated substitution function whose type proved its correctness and termination, I was quite happy to see that it extracted to what I would have written directly in OCaml
[Tue Jan 17 11:38:30 2017] <benzrf|> ok, so here's the problem i'm having.
[Tue Jan 17 11:38:42 2017] <benzrf|> i'm defining a module functor which contains an inductive typedef
[Tue Jan 17 11:39:01 2017] <benzrf|> let's call it F
[Tue Jan 17 11:39:13 2017] <benzrf|> but then - suppose i want to define two other functors over the same type of argument, call them A and B
[Tue Jan 17 11:39:43 2017] <benzrf|> and it turns out that A depends on stuff in F, and B depends on stuff in A
[Tue Jan 17 11:39:57 2017] <benzrf|> er, B depends on F as well, oops
[Tue Jan 17 11:40:21 2017] <benzrf|> but this is unworkable, because in order to define stuff in A i have to apply F to an argument and then work over the result module
[Tue Jan 17 11:40:38 2017] <benzrf|> and then i need to do the same in B; apply both F and A to my argument
[Tue Jan 17 11:41:47 2017] <benzrf|> but then i can't use the stuff from F and from A together, because A also manually applies F, so it gets its own version of the inductive type which won't unify with the version from the F application in B
[Tue Jan 17 11:41:53 2017] <benzrf|> let me see about writing up a minimal example...
[Tue Jan 17 11:42:31 2017] <benzrf|> (i'm gonna rename these A, B, C)
[Tue Jan 17 12:00:10 2017] <benzrf|> https://gist.github.com/e933faa3b014123eb3c116c8129cf6a5
[Tue Jan 17 12:01:11 2017] <benzrf|> johnw: there's an example of the issue i was struggling with, which i tried to ask about ^
[Tue Jan 17 12:02:10 2017] <johnw> correct, this is expected behavior
[Tue Jan 17 12:02:12 2017] <johnw> modules are generative
[Tue Jan 17 12:02:21 2017] <johnw> there really are two definitions of A
[Tue Jan 17 12:02:45 2017] <johnw> I posted this same type of question to Coq-club last year
[Tue Jan 17 12:04:08 2017] <benzrf|> that's what i found out by googling :\
[Tue Jan 17 12:04:15 2017] <benzrf|> so - what should i do instead, then?
[Tue Jan 17 12:04:22 2017] <benzrf|> how do i approach this pattern?
[Tue Jan 17 12:05:03 2017] <johnw> use sections and variables, instead of modules, if you need only one 'foo'
[Tue Jan 17 12:06:08 2017] <benzrf|> but if i have more than one section, i can't pleasantly use the stuff in the old one with variables in the new one...
[Tue Jan 17 12:06:43 2017] <johnw> you can if you redefine them in the new section
[Tue Jan 17 12:07:07 2017] <benzrf|> can you link an example or something?
[Tue Jan 17 12:07:14 2017] <johnw> I don't have anything handy
[Tue Jan 17 12:07:25 2017] <benzrf|> well, i just mean -
[Tue Jan 17 12:07:44 2017] <benzrf|> even if i redefine variables in the new section, the definitions in the old section will need to be explicitly passed the new variables
[Tue Jan 17 12:07:47 2017] <benzrf|> which is a pain
[Tue Jan 17 12:20:05 2017] <johnw> I mean, repeat the old definitions
[Tue Jan 17 12:20:25 2017] <johnw> Section foo.  Variable x. Definition Blah. End Foo. Section new. Variable y. Definition Blah := Blah y. End new.
[Tue Jan 17 12:20:47 2017] <benzrf|> oh
[Tue Jan 17 12:20:49 2017] <benzrf|> ew :|
[Tue Jan 17 12:20:52 2017] <johnw> it works
[Tue Jan 17 12:21:00 2017] <benzrf|> yeah, but what if i have a whole lot of definitions?
[Tue Jan 17 12:21:09 2017] <johnw> find an editor that has macros
[Tue Jan 17 12:21:18 2017] <benzrf|> that's kind of a hack solution
[Tue Jan 17 12:21:22 2017] <johnw> well, you're not going to be able to change how modules behave
[Tue Jan 17 12:22:58 2017] <benzrf|> ;-;
[Tue Jan 17 13:42:34 2017] <benzrf|> i'm getting a type error but the two types seem to obviously reduce to the same thing
[Tue Jan 17 13:42:41 2017] <benzrf|> i think it might involve existentials
[Tue Jan 17 13:43:09 2017] <benzrf|> any suggestions? the two types are [Fin.t (S v)] and [Fin.t (term_free ?t@{t1:=& v})]
[Tue Jan 17 13:43:22 2017] <benzrf|> [term_free &v] immediately reduces to S v
[Tue Jan 17 13:44:33 2017] <johnw> i've found that when dependent types are involved, two types that are "equal up to simpl" are not necessarily found to be equal, except by JMeq
[Tue Jan 17 13:44:39 2017] <benzrf|> :(
[Tue Jan 17 13:44:55 2017] <benzrf|> but i literally don't see why this would be an issue
[Tue Jan 17 13:45:05 2017] <benzrf|> it previously typechecked when i was using modules - now i'm using sections and it breaks
[Tue Jan 17 13:45:29 2017] <benzrf|> so im squinting leerily a bit at implicits and existentiald
[Tue Jan 17 13:45:32 2017] <benzrf|> *existentials
[Tue Jan 17 13:46:03 2017] <johnw> the types are as equal as you think, there's a layer in between that simpl is able to get rid of, but type equality doesn't necessarily "run simpl"
[Tue Jan 17 13:46:07 2017] <johnw> aren't*
[Tue Jan 17 13:46:57 2017] <benzrf|> ehhhhhhh
[Tue Jan 17 13:47:37 2017] <johnw> I don't understand fully why, I've just noticed this before
[Tue Jan 17 13:48:27 2017] <benzrf|> my experience has usually been that when it seems like two things should unify but they don't, it's because there's a variable that isn't being "expanded" on the inside of a match
[Tue Jan 17 13:48:53 2017] <benzrf|> like [S x] won't unify with [y] even though the expression where it needs to unify is inside a clause where i've matched [y] with [S x]
[Tue Jan 17 13:49:00 2017] <benzrf|> but this isn't a case like that
[Tue Jan 17 13:51:30 2017] <benzrf|> i don't need *any* kind of external knowledge about what any of the variables are, to know that these reduce correctly, except for the definition of term_free, which is not opaque
[Tue Jan 17 13:52:43 2017] <benzrf|> wtf
[Tue Jan 17 13:52:49 2017] <benzrf|> if i add an annotation the problem vanishes
[Tue Jan 17 13:52:53 2017] <benzrf|> seriously w t f
[Tue Jan 17 13:54:16 2017] <johnw> "annotation"?
[Tue Jan 17 13:54:22 2017] <benzrf|> oh, and.
[Tue Jan 17 13:54:31 2017] <benzrf|> there was a type error in the other branch because i forgot to bind a variable
[Tue Jan 17 13:54:36 2017] <benzrf|> and once i fixed that i dont even need an annotation
[Tue Jan 17 13:54:38 2017] <benzrf|> ?!?!?
[Tue Jan 17 13:54:49 2017] <benzrf|> er, like (3 : nat) instead of 3
[Tue Jan 17 13:57:08 2017] <johnw> are there multiple notational definitions for 3 in scope?  Do you have N or Z or Q imported?
[Tue Jan 17 13:57:42 2017] <benzrf|> that was just an example
[Tue Jan 17 13:57:47 2017] <johnw> ah
[Tue Jan 17 13:57:51 2017] <benzrf|> wait, you can override nat notation?
[Tue Jan 17 13:57:58 2017] <benzrf|> oh, just by rebinding S?
[Tue Jan 17 13:58:01 2017] <johnw> huh?
[Tue Jan 17 13:58:05 2017] <johnw> "3" is not a nat
[Tue Jan 17 13:58:12 2017] <johnw> 3%Z is a Z
[Tue Jan 17 13:58:15 2017] <benzrf|> yeah but i mean
[Tue Jan 17 13:58:23 2017] <benzrf|> i didnt know you could override numeral notation
[Tue Jan 17 13:58:30 2017] <johnw> yeah, you can do it in OCaml
[Tue Jan 17 13:58:33 2017] <benzrf|> oh
[Tue Jan 17 13:58:42 2017] <johnw> there's no Vernacular way to do it, unfortunately
[Tue Jan 17 13:59:03 2017] <johnw> however, I think you could write a plugin if you need other numeral literal types
[Tue Jan 17 14:00:26 2017] <benzrf|> o
[Tue Jan 17 14:00:42 2017] <johnw> I guess it doesn't come up often enough :)
[Tue Jan 17 14:42:09 2017] <Cypi> There should be soon a way to do it directly on the Coq-side though
[Tue Jan 17 14:42:19 2017] <Cypi> * checks if it's not already in 8.6...
[Tue Jan 17 14:43:09 2017] <Cypi> Hmm, ok, maybe it wasn't done yet :/
[Tue Jan 17 14:46:11 2017] <Cypi> Ah right: https://github.com/coq/coq/pull/156
[Tue Jan 17 14:46:24 2017] <Cypi> so according to the label, it should be planned for 8.7
[Tue Jan 17 15:06:25 2017] <johnw> cool
[Tue Jan 17 15:23:13 2017] <bitemyapp> A researcher is looking for examples where a small change broke all your proofs: https://twitter.com/TaliaRinger/status/821444419677130752
[Tue Jan 17 15:54:45 2017] <jgross> benzrf, johnw: You can stick the parameterized inductive outside the module, and then use modulues and functors for the definitions. 
[Tue Jan 17 15:59:55 2017] <rrika> has anyone here used coq for hardware description before?
[Tue Jan 17 16:00:41 2017] <rrika> (I know there's FeSi)
[Tue Jan 17 16:05:56 2017] <jgross> johnw, benzrf: Also, re unificaiton, higher order unification is undecidable (related bugs: 5264, 5199, 5198, 5107, 5049, 4931, 4821, 4644, 4631, 4490, 4484, 4415, 4413, 4384 (this one is fun), 4231, 4154, 3515, 3445, 3419, 3395, 3284, 3141).  The unification strategy that says "first run simpl" is not complete, and can be slow.  It's a hard problem. 
[Tue Jan 17 16:06:38 2017] <jgross> Oh, and [Notation "'3'" := foo.] is totally valid. :P  You just can't write notations for all the numerals without OCaml yet. 
[Tue Jan 17 18:31:42 2017] <benzrf> WHY ARE NESTED RECURSIVE FIELDS MADE OF PAIN
[Tue Jan 17 18:31:51 2017] <benzrf> * rocks back and forth, sobbing
[Tue Jan 17 18:37:23 2017] <johnw> i'm hoping you aren't using Coq because someone promised you pleasure
[Tue Jan 17 18:37:50 2017] <johnw> what it does is make the rest of life seem easier
[Tue Jan 17 18:46:22 2017] <benzrf> lmao
[Tue Jan 17 20:27:22 2017] <roconnor> anyone here using VST?
[Tue Jan 17 20:36:11 2017] <roconnor> anyone here using VST? -- repeating due to netsplit
[Wed Jan 18 09:45:46 2017] <benzrf|> hey!
[Wed Jan 18 09:46:15 2017] <benzrf|> suppose i have an inductive type with a fairly large number of constructors, and one of the leaf constructors contains, say, a nat
[Wed Jan 18 09:47:22 2017] <benzrf|> then i want to do induction over the type, but i particularly want to know in this leaf-constructor's case, that the nat is <= the max leaf nat
[Wed Jan 18 09:48:10 2017] <benzrf|> i could of course write a max-leaf-nat functoin manually, prove a custom induction principle manually, and then manually apply that custom induction principle, but there would be an awful lot of repeated logic since there's a lot of constructors
[Wed Jan 18 09:48:18 2017] <benzrf|> is there any nice way to handle this kind of situation?
[Wed Jan 18 17:20:16 2017] <Ptival> is there a way to recover the old non-shelving behavior for evars?
[Wed Jan 18 17:24:47 2017] <Ptival> also, is it possible to disable all automatic indentation for ProofGeneral? I'm so tired of the default indenting rules...
[Wed Jan 18 18:17:45 2017] <johnw> benzrf: it sounds like you're describing induction-recursion
[Wed Jan 18 18:18:01 2017] <johnw> which Coq doesn't support :(
[Wed Jan 18 18:18:12 2017] <Cypi> Soon(-ish)!
[Wed Jan 18 18:18:16 2017] <johnw> ooh, nice!
[Wed Jan 18 18:18:30 2017] <Cypi> Don't take my word for it. There is already an experimental branch that implements it
[Wed Jan 18 18:18:40 2017] <johnw> i've really wanted it exactly once
[Wed Jan 18 18:19:48 2017] <johnw> benzrf: can you break your data type up into two parts?
[Wed Jan 18 18:20:00 2017] <Cypi> Ptival: I don't think so (about evars) :( . Locally, you can prefix the tactic by "unshelve ..."
[Wed Jan 18 18:20:06 2017] <johnw> the core datatype, and then a "constructor" data type, that inductively predicates how your core datatype may be lawfully constructed
[Wed Jan 18 18:20:18 2017] <johnw> that way, you can do recursion on the first data type from the constructors of the second
[Wed Jan 18 18:20:50 2017] <johnw> so, a Foo might have bad leaves, but a Good Foo cannot
[Wed Jan 18 18:21:19 2017] <Cypi> If I understand their problem correctly, they don't have "correct" values, they are all correct, they just want a practical way to have a proof that the "nat" from a leaf is <= to the max of every leaves
[Wed Jan 18 18:21:35 2017] <Cypi> (which will always be the case of course, it's just not immediate)
[Wed Jan 18 18:21:48 2017] <johnw> if it's inferrably always the case, then a separate proof should be sufficient, no?
[Wed Jan 18 18:22:40 2017] <Cypi> that basically amounts to what they wrote next I think? ("i could of course write a max-leaf-nat function manually...")
[Wed Jan 18 18:22:52 2017] <Cypi> but yes, that is what I would do
[Wed Jan 18 18:34:03 2017] <Ptival> Cypi: I found out I could use "simple refine"
[Wed Jan 18 18:34:52 2017] <Ptival> other question, is there a way to have "Definitions" whose names are local to a section?
[Wed Jan 18 18:35:10 2017] <benzrf> Let
[Wed Jan 18 18:35:16 2017] <Ptival> it's really annoying to prefix everything to avoid conflicts for stuff that I don't even intend to be visible outside
[Wed Jan 18 18:35:19 2017] <Ptival> ah
[Wed Jan 18 18:37:02 2017] <Ptival> benzrf: ah yeah, but with Let, the body gets immediately unfolded in proofs :\
[Wed Jan 18 18:37:31 2017] <Ptival> in the context
[Wed Jan 18 18:38:14 2017] <benzrf> ah
[Wed Jan 18 18:38:17 2017] <benzrf> then Local
[Wed Jan 18 18:38:18 2017] <benzrf> i think
[Wed Jan 18 18:38:32 2017] <benzrf> *Local Definition
[Wed Jan 18 18:38:48 2017] <benzrf> oops that's for modules
[Wed Jan 18 18:38:49 2017] <Ptival> no that does not work I think :(
[Wed Jan 18 18:38:54 2017] <Ptival> ah yeah
[Wed Jan 18 18:38:59 2017] <Ptival> I think for sections I'm doomed
[Wed Jan 18 18:39:01 2017] <Ptival> huh
[Wed Jan 18 18:39:23 2017] <Ptival> yeah I can't use Let, these functions are like 100 lines so my context becomes unreadable
[Wed Jan 18 18:39:29 2017] <benzrf> haha
[Wed Jan 18 18:39:43 2017] <Ptival> I'm really tired of the way context printing can't be hacked
[Wed Jan 18 18:39:49 2017] <Ptival> should keep working on my frontend :(
[Wed Jan 18 19:50:53 2017] <Ptival> is anyone familiar with the whole .class .class_of .Pack way of building canonical structures?
[Wed Jan 18 19:51:32 2017] <Ptival> in particular, I want to use some operations that have been defined with Context {G : AbelianGroup} when I have in context something that contains an AbelianGroup.class_of somewhere
[Wed Jan 18 19:51:36 2017] <johnw> Ptival: I believe there's a paper about it
[Wed Jan 18 19:51:55 2017] <Ptival> johnw: yeah I think I know which ones (the math-comp ones?)
[Wed Jan 18 19:52:04 2017] <johnw> yeah
[Wed Jan 18 19:54:45 2017] <Ptival> I think my problem is that in definitions such as http://coquelicot.saclay.inria.fr/html/Coquelicot.Hierarchy.html#AbelianGroup1
[Wed Jan 18 19:55:33 2017] <Ptival> you can only mention zero when you have a concrete AbelianGroup, not when you have a hypothetical AbelianGroup.class_of T
[Thu Jan 19 00:28:55 2017] <jgross> Ptival: Context hacking: Definition hide {T} {x : T} := x.  Arguments hide {_ _}, {_} _.  Let foo := hide (foo_body). 
[Thu Jan 19 15:45:17 2017] <Ptival> jgross: clever :)
[Thu Jan 19 19:33:27 2017] <jgross> Ptival: Another useful trick is "Notation hide := (some_head_constant _)." 
[Mon Jan 23 19:16:33 2017] <tcog> Hi, everyone. I was using an alternative set of keybindings, but since 8.6 these seem to get overwritten. <https://coq.inria.fr/cocorico/Configuration%20of%20CoqIDE> Are these still supported?
[Tue Jan 24 08:54:07 2017] <evgeny_> Hello! I have a question regarding 'autorewrite' tactic & ltac
[Tue Jan 24 08:55:10 2017] <evgeny_> Ltac autorw base:= autorewrite with base.
[Tue Jan 24 08:55:16 2017] <evgeny_> autorw fsmrw.
[Tue Jan 24 08:55:48 2017] <evgeny_> Error: rewrite base base does not exist.
[Tue Jan 24 08:56:30 2017] <Cypi> rewriting bases are not something that you can bind with Ltac
[Tue Jan 24 08:56:37 2017] <evgeny_> I understand that 'base' is identifier, not an expression, so substitution does not take place here. But how can I accomplish this?
[Tue Jan 24 08:56:49 2017] <Cypi> I don't know much about autorewrite, but I don't think you can accomplish this actually
[Tue Jan 24 08:57:03 2017] <evgeny_> Are there any ways to construct Ltac at runtime ?
[Tue Jan 24 08:59:04 2017] <Cypi> You can always do stuff like "let autorw := autorewrite with fsmrw in ....", but I guess it's still not enough for what you want
[Tue Jan 24 09:00:49 2017] <evgeny_> Let construct does not do substitution for 'base' , I've tried that
[Tue Jan 24 09:01:03 2017] <Cypi> Yeah it's the same: you can't bind a rewrite base
[Tue Jan 24 09:01:15 2017] <evgeny_> Thats really dissappoiting.
[Tue Jan 24 09:01:20 2017] <Cypi> (unless there is a trick I don't know of)
[Tue Jan 24 09:08:56 2017] <evgeny_> Well, thanks anyway. As for know it means a lot of boilerplate tactic soup to come in my development.
[Tue Jan 24 09:09:55 2017] <evgeny_> If someone have a solution to this problem please let me know: evgeniy.shishkin@gmail.com
[Wed Jan 25 05:57:57 2017] <thibm> re
[Wed Jan 25 06:55:44 2017] <Nik05> I have a question about existential variables. What premise do you need to proof P ?x. Or is this impossible?
[Wed Jan 25 06:56:21 2017] <Nik05> * Or is this impossible, and you need more in the goal to instantiate ?x ?
[Wed Jan 25 13:43:16 2017] <Ptival> Nik05: well, if you have some proof of (H : P y) for any given y, you can try to "apply H"
[Wed Jan 25 13:44:27 2017] <Ptival> it will succeed unless there is a hidden thing about ?x that the given y does not satisfy (for instance, if ?x is expected to be at a lower universe than y, or if there are implicit arguments to P that differ)
[Wed Jan 25 14:03:20 2017] <Cypi> or if some stuff in y has been defined after the evar as been defined
[Wed Jan 25 14:03:26 2017] <Cypi> has*
[Wed Jan 25 14:14:01 2017] <Nik05> ok thank you Ptival
[Wed Jan 25 14:17:12 2017] <Nik05> Ptival Cypi oke when I apply something like H : P x, it says
[Wed Jan 25 14:17:25 2017] <Nik05> Unable to unify ?x with "x"
[Wed Jan 25 14:18:13 2017] <Nik05> because "x" is not in its scope
[Wed Jan 25 14:18:24 2017] <Cypi> that means this 'x' was introduced after the evar was created
[Wed Jan 25 14:20:31 2017] <Nik05> Oké, thank you Cypi
[Wed Jan 25 14:21:18 2017] <Nik05> I guess this cannot be proven with intuistic logic
[Wed Jan 25 14:21:57 2017] <Nik05> it's about swapping forall and exists
[Wed Jan 25 14:22:37 2017] <Nik05> or not sure which logic it is, the one which says that if you have a forall x, P x then there exists an x : P x
[Wed Jan 25 14:22:55 2017] <Cypi> I'm pretty sure there is no logic that tells you that
[Wed Jan 25 14:23:14 2017] <johnw> example: forall x : False, P x
[Wed Jan 25 14:23:17 2017] <Cypi> since you can easily prove "forall (x : False), P x" for any
[Wed Jan 25 14:23:20 2017] <johnw> hehe
[Wed Jan 25 14:23:20 2017] <Cypi> eh
[Wed Jan 25 14:23:23 2017] <modulus> that's maybe predicativity?
[Wed Jan 25 14:23:40 2017] <modulus> i never quite sure what predicativity is/does though.
[Wed Jan 25 14:24:46 2017] <johnw> "A definition is said to be impredicative if it generalizes over a totality to which the entity being defined belongs. Otherwise the definition is said to be predicative."
[Wed Jan 25 14:25:00 2017] <Nik05> sorry "exists an x : P x" -> "exists x, P x"
[Wed Jan 25 14:28:08 2017] <Cypi> I'm sorry, didn't you write twice the same thing? Maybe I'm parsing this wrong
[Wed Jan 25 14:28:43 2017] <Ptival> yeah this looks wrongly-written
[Wed Jan 25 14:28:55 2017] <Ptival> "x : P x" in particular
[Wed Jan 25 17:07:53 2017] <Nik05> Cypi with : i meant such that not is of type
[Wed Jan 25 17:08:49 2017] <Cypi> So you mean "exists x, (P x -> exists x, P x)"?
[Wed Jan 25 17:09:42 2017] <Nik05> I don't think so
[Wed Jan 25 17:09:50 2017] <Cypi> If that's what you mean, then once again, there is no logic when that can hold in general
[Wed Jan 25 17:09:58 2017] <Cypi> where*
[Wed Jan 25 17:10:05 2017] <Cypi> (I mean, no consistent logic)
[Wed Jan 25 17:10:12 2017] <Nik05> That can not hold?
[Wed Jan 25 17:10:57 2017] <Cypi> Not for every type and predicate: consider any (P : False -> Type), and now you can prove False
[Wed Jan 25 17:11:47 2017] <Nik05> becase there exists no x in False?
[Wed Jan 25 17:12:05 2017] <Cypi> Hopefully
[Wed Jan 25 17:12:45 2017] <Cypi> I mean, there _should_ exist no x in False, but if you admit "exists x, (P x -> exists x, P x)" for any P, then you can build a term of type False by considering any (P : False -> Type)
[Wed Jan 25 17:13:16 2017] <Nik05> Oké that makes sense for me now
[Wed Jan 25 17:14:50 2017] <Nik05> I haven't studied logic, but I thought there are two logics that are different in the existence of . Oh wait
[Wed Jan 25 17:16:09 2017] <Nik05> Something like "all flying teapots around Mars have the colour blue", in one logic this is a perfect sentence, while it isnt in the other.
[Wed Jan 25 17:16:43 2017] <Nik05> Not sure if this has anything to do with anything I said earlier
[Wed Jan 25 17:17:33 2017] <Cypi> What you said is basically "forall (x : False), P x" (there are no flying teapots around Mars, and we can assume anything about them)
[Wed Jan 25 17:17:44 2017] <Cypi> and that, specifically, is provable
[Wed Jan 25 17:19:17 2017] <Nik05> Oké, but isnt there also a logic that says there has to be a x such that P x?
[Wed Jan 25 17:19:43 2017] <Cypi> I don't know, sorry
[Wed Jan 25 17:19:48 2017] <Nik05> Oké
[Thu Jan 26 10:10:48 2017] <companion_cube> hi, I'm trying to write a plugin for 8.6, and I get a weird linking error when the .cmxs is loaded: "no implementation available for Declarations"
[Thu Jan 26 10:11:17 2017] <companion_cube> I used coq-makefile to build, no idea what the makefile does exactly
[Fri Jan 27 09:34:08 2017] <companion_cube> no one has had issues with their plugins on 8.6? :/
[Fri Jan 27 12:45:18 2017] <schoppenhauer> https://www.irif.fr/~letouzey/types2014/abstract-18.pdf ← is there any full version of this?
[Fri Jan 27 23:37:59 2017] <Ptival> companion_cube: haven't tried yet, sorry :\
[Mon Jan 30 01:10:24 2017] <keep_learning> Hello everyone
[Mon Jan 30 01:11:11 2017] <keep_learning> I have m, n of type Z and hypothesis H : m < n
[Mon Jan 30 01:11:40 2017] <keep_learning> I am looking for lemma which says Z.max m n = n
[Mon Jan 30 01:12:21 2017] <keep_learning> All the lemma https://coq.inria.fr/library/Coq.ZArith.BinInt.html
[Mon Jan 30 01:13:22 2017] <keep_learning> under specification of minimum and maximum asks for equality
[Mon Jan 30 02:02:14 2017] <keep_learning> Please leave your comment here. https://gist.github.com/mukeshtiwari/ae79fc3aacf6e694252b5ff176a04e93
[Mon Jan 30 02:37:06 2017] <Cale> keep_learning: commented.
[Mon Jan 30 18:51:12 2017] <keep_learning> Cale: Thank you
[Mon Jan 30 18:51:27 2017] <keep_learning> Hello everyone.
[Mon Jan 30 18:51:37 2017] <keep_learning> I am trying to prove this lemma https://gist.github.com/mukeshtiwari/60f7628e1044874bb6a4cf1411675029
[Mon Jan 30 18:52:21 2017] <keep_learning> I have finished maxlist (map f l) >= s -> exists (x:A), In x l /\ f x >= s except couple of admits.
[Mon Jan 30 18:53:33 2017] <keep_learning> When I am trying to simplify maxlist (f a :: map f l), I am getting something different than Z.max (f a) (maxlist (map f l))
[Mon Jan 30 18:54:07 2017] <keep_learning> It is clear that l is not empty from context l = l1 + [x]
[Mon Jan 30 18:54:43 2017] <keep_learning> so simplification should go in 3rd branch of maxlist definition
[Mon Jan 30 18:55:09 2017] <keep_learning> Could some one please tell me what is wrong with my understanding and Coq simplification.
[Mon Jan 30 18:55:37 2017] <ezyang> keep_learning: provable l is not empty != definitional equality
[Mon Jan 30 18:55:49 2017] <ezyang> in this case if you case on l1 you should be able to get it to simplify
[Mon Jan 30 18:56:18 2017] <keep_learning> ezyang: You mean destruct l1 ?
[Mon Jan 30 18:56:22 2017] <ezyang> yeah
[Mon Jan 30 18:56:48 2017] <keep_learning> ezyang: Thank you.
[Tue Jan 31 02:21:52 2017] <piyush-kurur> hi a simple question regarding coqdoc. How do I ensure that coqdoc passes what ever latex commands are present in the comments to the output tex file
[Tue Jan 31 02:22:28 2017] <piyush-kurur> currently if I write \myfunnycommand{foo} coq doc converts it to \symbol{92}myfunnycommand{foo}
[Tue Jan 31 02:32:05 2017] <piyush-kurur> sorry I got the answer my self %\myfunncycommand{foo}%
[Tue Jan 31 10:34:54 2017] <benzrf> i remembered a little while back that in like 6th grade i had this frustrating, half-formed concept in my head of some kind of unified notation or programming language for expressing all math concepts, not just simple expressions but ones where you normally have to use auxiliary english explanations
[Tue Jan 31 10:34:56 2017] <benzrf> and yknow, i think things like coq are almost exactly what i knew i wanted but couldnt quite understand
[Tue Jan 31 10:35:01 2017] <benzrf> :}
[Wed Feb  1 08:52:13 2017] <schoppenhauer> what do I have to do to make my project usable with opam? I probably have to set up an opam repo for it (?)
[Wed Feb  1 11:12:29 2017] <schoppenhauer> is it possible to have a field of a record of type Set being computationally irrelevant?
[Wed Feb  1 11:12:55 2017] <schoppenhauer> in theory, having "exists x, Type" should be enough for that, but this seems horrible to handle with
[Wed Feb  1 17:29:44 2017] <schoppenhauer> is anybody here?
[Wed Feb  1 17:29:59 2017] <modulus> exists person.
[Wed Feb  1 17:30:11 2017] <Cypi> Yup, but I don't really know the answers to your question :)
[Wed Feb  1 17:30:19 2017] <modulus> same
[Wed Feb  1 17:30:47 2017] <Cypi> Well, I'll give it a try anyway: for the first one, my guess would be that you need to take a look at how https://github.com/coq/opam-coq-archive works, and probably send a PR there
[Wed Feb  1 17:30:58 2017] <Cypi> (maybe)
[Wed Feb  1 17:31:36 2017] <schoppenhauer> ok, then new question: is there an emacs mode that can automatically change the depths of +, ++, ++++, *, ...? like M-x indent-region does for indentions, etc.?
[Wed Feb  1 17:31:54 2017] <Cypi> For the second one...hmm.
[Wed Feb  1 17:32:03 2017] <Cypi> looks like the inductive type inhabited could be the right way?
[Wed Feb  1 17:32:21 2017] <Cypi> "Inductive inhabited (A : Type) : Prop :=  inhabits : A -> inhabited A" (it's present by default)
[Wed Feb  1 17:33:08 2017] <schoppenhauer> hm.
[Wed Feb  1 17:33:21 2017] <schoppenhauer> makes sense.
[Wed Feb  1 17:38:26 2017] <schoppenhauer> thx
[Thu Feb  2 05:36:09 2017] <companion_cube> should I open a bug report about coq eating all the RAM when compiled wiht flambda?
[Thu Feb  2 06:08:02 2017] <leah2> go xb
[Thu Feb  2 06:08:20 2017] <leah2> companion_cube: i noticed that too
[Thu Feb  2 21:41:04 2017] <keep_learning> Hi everyoen
[Thu Feb  2 21:41:20 2017] <keep_learning> *everyone
[Thu Feb  2 21:41:40 2017] <keep_learning> Could some one please tell me how to write this function using refine https://gist.github.com/mukeshtiwari/66555dd59ff886bfc6c51e580a5491ab
[Thu Feb  2 21:44:36 2017] <rrika> keep_learning, why is this a fixpoint if it isn't self-referential?
[Thu Feb  2 21:44:43 2017] <rrika> "MM" doesn't appear anywhere
[Thu Feb  2 21:44:57 2017] <rrika> ah, that should be "M" I guess
[Thu Feb  2 21:46:50 2017] <keep_learning> rrika: Yes
[Thu Feb  2 21:46:56 2017] <keep_learning> Updated
[Thu Feb  2 21:48:21 2017] <rrika> are you just asking for the syntax?
[Thu Feb  2 21:48:22 2017] <rrika> Theorem M : forall (n : nat) (c d : Evote.cand), n <> O -> Z.
[Thu Feb  2 21:48:22 2017] <rrika> 	refine (fix MM (n : nat) (c d : Evote.cand) => ... ).
[Thu Feb  2 21:49:03 2017] <rrika> where ... can be the body you used before, or _.
[Thu Feb  2 21:49:53 2017] <keep_learning> Yes, I am asking for syntax. Thank you
[Thu Feb  2 21:49:58 2017] <keep_learning> I was looking for fix
[Thu Feb  2 21:56:01 2017] <keep_learning> rrika: https://gist.github.com/mukeshtiwari/66555dd59ff886bfc6c51e580a5491ab
[Thu Feb  2 21:56:12 2017] <keep_learning> I am getting syntax error.
[Thu Feb  2 21:56:25 2017] <keep_learning> Could you please have a look.
[Thu Feb  2 22:02:16 2017] <rrika> oops it's ":=" not "=>"
[Thu Feb  2 22:02:34 2017] <rrika> keep_learning, ^
[Thu Feb  2 22:07:25 2017] <keep_learning> rrika: Thank you
[Thu Feb  2 22:30:15 2017] <keep_learning> rrika: For me (newbie in coq) it looks impossible to write this definition https://github.com/mukeshtiwari/formalized-voting/blob/master/schulze-count.v#L222 using refine tactic https://gist.github.com/mukeshtiwari/66555dd59ff886bfc6c51e580a5491ab
[Thu Feb  2 22:31:09 2017] <keep_learning> I am trying to avoid n = 0 case and my base case should be n = 1
[Thu Feb  2 22:32:45 2017] <keep_learning> but stuck with proof n' <> 0
[Thu Feb  2 22:34:03 2017] <rrika> you're lacking the assumtion that S n' = n
[Thu Feb  2 22:34:43 2017] <rrika> keep_learning, you could try refining only the fix
[Thu Feb  2 22:34:50 2017] <rrika> refine (fix MM (n : nat) (c d : Evote.cand) := _).
[Thu Feb  2 22:34:57 2017] <rrika> then use destruct tactic on n.
[Thu Feb  2 22:35:17 2017] <rrika> that way you can outsource some of the more tedious tracking to coq, iirc.
[Thu Feb  2 22:35:45 2017] <keep_learning> rrika: Thank you
[Thu Feb  2 22:37:01 2017] <rrika> keep_learning, let me know if it works, and what context you end up with in the last case
[Thu Feb  2 23:04:20 2017] <keep_learning_> rrika: Could you please have a look https://gist.github.com/mukeshtiwari/66555dd59ff886bfc6c51e580a5491ab
[Thu Feb  2 23:04:43 2017] <keep_learning_> I am not sure if both N and M are same.
[Thu Feb  2 23:05:20 2017] <keep_learning_> Because in N function I don't have base case
[Thu Feb  2 23:15:05 2017] <rrika> basically you want (N 5 a b (5<>0)) = (M 4 a b)?
[Thu Feb  2 23:22:18 2017] <keep_learning_> rrika: Yes, because M the recursion goes upto depth of (n + 1) and terminates when n = 0, but I want it to be terminate at n = 1
[Thu Feb  2 23:22:35 2017] <rrika> can't you just wrap M and call it with (n-1)?
[Thu Feb  2 23:24:41 2017] <keep_learning_> rrika: That's what I have done in my proofs, but I was thinking to implement it using refine.
[Thu Feb  2 23:25:00 2017] <keep_learning_> rrika: Thank you very much
[Thu Feb  2 23:25:13 2017] <rrika> keep_learning_, https://gist.github.com/rrika/42679641037b80b51aa79f65e4a94410
[Thu Feb  2 23:25:55 2017] <rrika> it's dangerous though, because being in proof mode makes you think getting rid of all goals means that you did the right stuff.
[Thu Feb  2 23:26:11 2017] <rrika> but your return value is Z, so your goal is Z, so even "exact 42." will remove a Z goal
[Thu Feb  2 23:26:41 2017] <keep_learning_> rrika: Thank you.
[Thu Feb  2 23:27:08 2017] <rrika> don't worry
[Thu Feb  2 23:29:02 2017] <keep_learning_> I think I was missing   this point   destruct n as [|[|n'']]
[Thu Feb  2 23:29:37 2017] <rrika> yeah, you destructed on n before intro-ing the H: n<>0
[Thu Feb  2 23:30:03 2017] <rrika> when you intro first, you can destruct n, do congruence on the first goal, and then destruct n again to distinguish S O and S n'
[Thu Feb  2 23:30:09 2017] <rrika> but destruct n as [|[|n'']] is shorter :P
[Thu Feb  2 23:31:57 2017] <keep_learning_> destruct n as [|[|n'']] is elegant also
[Thu Feb  2 23:35:02 2017] <rrika> btw, if you want a third way to do it
[Thu Feb  2 23:35:30 2017] <rrika> https://gist.github.com/rrika/fe89b48887994fa1e56e1bfc3c6459b7
[Thu Feb  2 23:36:11 2017] <rrika> (program fixpoint tends to generate very messy terms though)
[Thu Feb  2 23:36:33 2017] <rrika> ~magic~
[Thu Feb  2 23:40:13 2017] <keep_learning_> rrika: You call to (M (S n') x d)) in S (S n') branch  is intended or it should be call back again N ?
[Thu Feb  2 23:40:26 2017] <rrika> oops
[Thu Feb  2 23:40:39 2017] <rrika> ooh, that's why it worked so easily
[Thu Feb  2 23:42:45 2017] <keep_learning_> rrika: :)
[Thu Feb  2 23:51:54 2017] <keep_learning_> rrika: https://gist.github.com/mukeshtiwari/8ea564b77d2bdf69d5f0d741a56f2b5d
[Thu Feb  2 23:52:14 2017] <rrika> yeah, that works
[Fri Feb  3 00:08:54 2017] <rrika> keep_learning_, if I understand correctly, this will be the real challenge: https://gist.github.com/rrika/7add43807be38ec35f6aa4e4ed80babe
[Fri Feb  3 00:16:09 2017] <keep_learning_> rrika: Yes
[Fri Feb  3 00:16:55 2017] <keep_learning_> I did not know that doing pattern matching on natural number is this hard :)
[Fri Feb  3 11:54:51 2017] <schoppenhauer> can I create records in coq more nicely than using mkRecordName ...? like, actually using the field names?
[Fri Feb  3 16:23:44 2017] <cocreature> is a partial map such as the one found in “software foundations” somewhere in the standard library or do I need to define my own/copy the one from sf?
[Fri Feb  3 16:30:13 2017] <ubsan> help! I'm trying to prove that `h ∘ g ∘ f = h ∘ (g ∘ f)`
[Fri Feb  3 16:30:21 2017] <ubsan> and I can't figure out what to do :(
[Fri Feb  3 16:30:27 2017] <benzrf> try reflexivity
[Fri Feb  3 16:30:31 2017] <ubsan> (I'm going through HoTT and using coq as a theorem prover)
[Fri Feb  3 16:30:44 2017] <ubsan> benzrf: ah, thanks!
[Fri Feb  3 16:30:46 2017] <benzrf> lmao
[Fri Feb  3 16:31:06 2017] <ubsan> benzrf: why does that work?
[Fri Feb  3 16:31:10 2017] <ubsan> what does reflexivity do?
[Fri Feb  3 16:31:27 2017] <benzrf> it attempts to use eq_refl as a proof of the goal
[Fri Feb  3 16:32:25 2017] <ubsan> cool
[Fri Feb  3 16:41:23 2017] <ubsan> benzrf: is there a way to like... apply a function?
[Fri Feb  3 16:41:45 2017] <ubsan> I'm trying to check something out
[Fri Feb  3 16:41:45 2017] <benzrf> f x
[Fri Feb  3 16:41:55 2017] <ubsan> but like, unfold f
[Fri Feb  3 16:41:57 2017] <ubsan> kind of thing
[Fri Feb  3 16:42:00 2017] <benzrf> unfold
[Fri Feb  3 16:42:01 2017] <benzrf> f
[Fri Feb  3 16:42:09 2017] <ubsan> but it's not working...
[Fri Feb  3 16:42:09 2017] <benzrf> wait, what do you mean
[Fri Feb  3 16:42:26 2017] <ubsan> one sec, I'll show you
[Fri Feb  3 16:43:00 2017] <ubsan> benzrf: https://gist.github.com/ubsan/bad1e66a48ee08ddbd4edf3d1374b6e6
[Fri Feb  3 16:43:20 2017] <ubsan> I'd like p1 to become fun x => h (g x)
[Fri Feb  3 16:44:05 2017] <benzrf> oh
[Fri Feb  3 16:44:13 2017] <benzrf> fold, perhaps
[Fri Feb  3 16:44:27 2017] <ubsan> no :(
[Fri Feb  3 16:44:31 2017] <ubsan> it just stays the same
[Fri Feb  3 16:44:35 2017] <benzrf> fold p1?
[Fri Feb  3 16:44:41 2017] <ubsan> yeah
[Fri Feb  3 16:44:49 2017] <ubsan> > p1 := h ∘ g : B -> D
[Fri Feb  3 16:44:55 2017] <ubsan> with unfold changed to fold
[Fri Feb  3 16:45:04 2017] <benzrf> it folds it on my end
[Fri Feb  3 16:45:08 2017] <benzrf>   ============================
[Fri Feb  3 16:45:09 2017] <benzrf>   h ∘ (g ∘ f) = p1 ∘ f
[Fri Feb  3 16:45:23 2017] <ubsan> oh!
[Fri Feb  3 16:45:25 2017] <ubsan> I see
[Fri Feb  3 16:47:24 2017] <ubsan> benzrf: I'd like it to become fun x => g (f x) though
[Fri Feb  3 16:47:40 2017] <ubsan> as opposed to the other way
[Fri Feb  3 16:48:31 2017] <benzrf> compute in p1
[Fri Feb  3 16:48:37 2017] <benzrf> compute is the hardcore version of simpl
[Fri Feb  3 16:49:15 2017] <ubsan> benzrf: ah!
[Fri Feb  3 16:49:18 2017] <ubsan> thanks so much :D
[Fri Feb  3 16:51:00 2017] <benzrf> np
[Fri Feb  3 17:13:41 2017] <ubsan> how do I explicify implicit parameters?
[Fri Feb  3 17:14:05 2017] <ubsan> like {a = foo} in idris
[Fri Feb  3 17:18:45 2017] <ubsan> ah, (a:=foo)
[Sat Feb  4 12:18:47 2017] <shlevy> When would I want to use a type class instead of module types and functors? Just to make the resolution implicit, or are there other differences?
[Sat Feb  4 12:27:22 2017] <notdan> hey folks
[Sat Feb  4 12:27:50 2017] <notdan> shlevy: i'd say logical programming
[Sat Feb  4 12:28:03 2017] <notdan> you sort of need automatic resolution there
[Sat Feb  4 12:28:42 2017] <notdan> E.g. for some type class C : Prop -> Prop, you can make an instance for C (P /\ Q), given you have instances for C P and C Q
[Sat Feb  4 12:29:04 2017] <notdan> also typeclasses are often used for overloading
[Sat Feb  4 14:39:12 2017] <shlevy> Are there any good library types for representing bytes (or, really, arbitrary fixed-length binary numbers)?
[Sat Feb  4 14:52:54 2017] <shlevy> Are there any good style guides/naming conventions?
[Sat Feb  4 14:54:57 2017] <cocreature> Hey, I was trying to change the notation of my typing derivations to use "|--" instead of "|-" to avoid the collision with |- used in ltac. However I am getting an error about a missing parsing rule http://lpaste.net/352087 and I can’t figure out what I need to do about this
[Sat Feb  4 14:57:42 2017] <shlevy> I'm guessing this just isn't possible, but I'm trying to use https://coq.inria.fr/library/Coq.Numbers.NaryFunctions.html#nfun to define an arbitrary-length bytes type: Inductive bytes (n : nat) : Type := mk_bytes : byte ^^ n --> bytes n.
[Sat Feb  4 14:58:32 2017] <shlevy> This is failing because coq doesn't know that the type of mk_bytes ends in bytes n, but of course in this case it always should.
[Sat Feb  4 14:58:47 2017] <shlevy> Is there any way to do this? variable-length constructors are probably verboten :D
[Sat Feb  4 14:59:40 2017] <shlevy> If not, does coq have macros or anything similar? I don't need functions that abstract over the size of the byte buffer in my use
[Sat Feb  4 15:07:00 2017] <cocreature> nvm, I had a reserved notation above that code
[Sat Feb  4 15:07:04 2017] <cocreature> after changing that too everything works
[Sat Feb  4 15:13:15 2017] <shlevy> Is there ever a reason to define an inductive type in Type if the definition is accepted in Set?
[Sat Feb  4 15:27:12 2017] <shlevy> Why does sigT2 exist?
[Sat Feb  4 16:01:44 2017] <notdan> shlevy: my suggestion be to use vectors and have mk_bytes : vVec btyete n -> bytes n
[Sat Feb  4 16:02:08 2017] <notdan> the induction principle that you'll get will be useless but you should be able to roll your own i ugess
[Sat Feb  4 16:06:33 2017] <shlevy> notdan: Yeah, that's what I've got :)
[Sat Feb  4 16:15:20 2017] <notdan> so I remember I read a paper on modelling assembly in Coq, and they used ssreflect's n-tuples of bools to model bytes, words, dwords etc
[Sat Feb  4 16:17:04 2017] <shlevy> Yeah, I've got something isomorphic
[Sat Feb  4 16:17:38 2017] <shlevy> bit := B0 | B1, byte := mk_byte : bit ^^ 8 --> byte.
[Sat Feb  4 18:02:59 2017] <Ptival> shlevy: I worked on that Coq assembly project and your trouble rings a bell
[Sat Feb  4 18:06:57 2017] <Ptival> huh I think the code is gone tho :(
[Sat Feb  4 18:07:24 2017] <Ptival> but I guess the vector suggestion was good
[Sat Feb  4 18:08:21 2017] <notdan> what project was that Ptival, if you don't mind me asking?
[Sat Feb  4 18:08:48 2017] <Ptival> notdan: oh the project from the paper, I worked a bit on it after the paper, but nothing that ended up published
[Sat Feb  4 18:09:44 2017] <Ptival> pretty sure the project died soon after
[Sun Feb  5 04:14:33 2017] <ubsan> how do I use exists?
[Sun Feb  5 04:14:53 2017] <ubsan> specifically, I have `n0 : nat`
[Sun Feb  5 04:15:07 2017] <ubsan> and a goal, `exists m : nat, S n0 = S m`
[Sun Feb  5 04:15:17 2017] <ubsan> how would I say "m is n0, trivial"
[Sun Feb  5 04:16:04 2017] <ubsan> oh, the exists tactic
[Sun Feb  5 04:16:06 2017] <ubsan> woot!
[Sun Feb  5 04:20:15 2017] <ubsan> okay, new question
[Sun Feb  5 04:20:16 2017] <ubsan> https://gist.github.com/ubsan/6c1cbaefec3197cdaa6c7170317759ca
[Sun Feb  5 04:20:22 2017] <ubsan> still going through HoTT
[Sun Feb  5 04:23:17 2017] <ubsan> doing one of the exercises, which is "why can't you provide a function `f : Pi(x : A) Pi(p : x = x) p = eq_refl` using `f(x, refl[x]) := refl[refl[x]]
[Sun Feb  5 04:23:32 2017] <ubsan> or translated to coq like you see in the link
[Sun Feb  5 08:45:59 2017] <notdan> ubsan: try to write it out explicitly using the J elimination rule for the identity
[Sun Feb  5 08:46:32 2017] <notdan> ubsan: the problem is that you can only use id-recursion if both "endpoints" of the equality p : x = y are free
[Sun Feb  5 08:46:53 2017] <notdan> in this example you have [p : x = x] , so the final endpoint should be the same as the initial endpoint
[Sun Feb  5 08:47:53 2017] <notdan> see also https://homotopytypetheory.org/2011/04/10/just-kidding-understanding-identity-elimination-in-homotopy-type-theory/
[Sun Feb  5 13:04:52 2017] <cocreature> Is there some clever tactic to destruct "exists x y, A /\ B /\ C" such that I have two new variables and A, B & C separately?
[Sun Feb  5 13:07:26 2017] <cocreature> ah "do 4 destruct H as [? H]" does the job
[Sun Feb  5 13:07:40 2017] <cocreature> I forgot that I can just name the resulting hypothesis to avoid this breaking
[Sun Feb  5 19:18:01 2017] <Ptival> cocreature: usually I do "destruct H as [? [? [A [B C]]]]."
[Sun Feb  5 19:18:05 2017] <Ptival> it's a little tedious
[Mon Feb  6 00:56:35 2017] <cocreature> Ptival: ah that’s more readable than destruct 4
[Mon Feb  6 17:18:16 2017] <houli> Bit of an odd one but my coqide renders some of the menus in japanese on my mac. I assume it's because I have japanese input methods enabled. is there a config file or option somewhere to change this?
[Mon Feb  6 20:42:08 2017] <rgrinberg> Is there a way to do Eval with proof general?
[Mon Feb  6 20:56:55 2017] <rrika> rgrinberg, you can type C-c C-a ? to list available shortcuts
[Mon Feb  6 20:57:06 2017] <rrika> (eval is not among them)
[Mon Feb  6 20:59:20 2017] <rgrinberg> rrika: I see. thanks
[Mon Feb  6 21:00:28 2017] <rrika> but you can always just put a line in your buffer and run it with C-c C-n
[Mon Feb  6 21:00:37 2017] <rrika> but you were looking to avoid that, I guess
[Mon Feb  6 21:03:21 2017] <rgrinberg> rrika: Yeah, exactly.
[Mon Feb  6 22:12:05 2017] <shlevy> Can you generate arbitrary coq terms with ltac? e.g. could I "prove" an inhabitant of Set by defining an Inductive type in tactics?
[Mon Feb  6 22:12:24 2017] <shlevy> (I'm trying to get a sense for the metaprogramming/macro facilities available)
[Mon Feb  6 22:13:04 2017] <Cypi> Sadly not, inductive types could in theory be first-class inhabitant, but they are not at the moment
[Mon Feb  6 22:13:33 2017] <Cypi> But I believe everything else (so no (co-)inductive type definitions) can be built using tactics
[Mon Feb  6 22:14:20 2017] <shlevy> OK
[Mon Feb  6 22:14:43 2017] <shlevy> Ah, right, Inductive declarations are treated as assumptions in the global environment right?
[Mon Feb  6 22:15:35 2017] <Cypi> You can see it like that (they are not actual assumptions in the same sense that an axiom is, they are part of the logic in any case; but you still can only define them in the global environment)
[Mon Feb  6 22:15:50 2017] <Cypi> (but as I said, it's a technical point, not a theoretical one)
[Mon Feb  6 22:16:28 2017] <shlevy> Are alpha-equivalent inductive definitions equivalent?
[Mon Feb  6 22:17:53 2017] <Cypi> They are not. But I don't know the answer to the question "Should they be?"
[Mon Feb  6 22:18:19 2017] <Cypi> I mean, they are equivalent in a sense (you can prove an equivalence between them), but they are not equal or interchangeable
[Mon Feb  6 22:18:37 2017] <shlevy> I mean in the reduction of theh calculus
[Mon Feb  6 22:19:46 2017] <Cypi> Inductive foo : Prop := . Inductive bar : Prop := . Goal foo = bar. Fail reflexivity.
[Mon Feb  6 22:19:50 2017] <Cypi> does that answer your question?
[Mon Feb  6 22:19:54 2017] <shlevy> Yep
[Mon Feb  6 22:20:26 2017] <shlevy> So that's a theoretical difference between (at least one possible impl) of first-class inductive terms
[Mon Feb  6 22:20:45 2017] <Cypi> Indeed. Hence the "Should they be?" that I don't know the answer to
[Tue Feb  7 11:32:30 2017] <roconnor> shlevy: It might be possible to make a generic Inductive type, which sort of lets you make first class inductive types from it.
[Tue Feb  7 11:33:07 2017] <Cypi> That's called W-types
[Tue Feb  7 11:34:00 2017] <roconnor> Ah, that's right.  Ugh, and they have extensionality issues.  I remember now.
[Tue Feb  7 11:34:33 2017] <Cypi> "Inductive W (A : Type) (B : A -> Type) : Type := sup : forall (a : A), B a -> W A B." basically subsumes every inductive type.
[Tue Feb  7 17:20:50 2017] <dolio> roconnor: You can make a more complicated generic inductive type that has fewer extensionality issues than W-types.
[Tue Feb  7 17:54:42 2017] <roconnor> oh really?
[Tue Feb  7 17:55:19 2017] <roconnor> maybe by augmenting the B with a vector of types?
[Fri Feb 10 04:05:36 2017] <LudvikGalois> Is it hard to add a new language for program extraction to Coq? The language I have in mind is Elm, which is syntactically similar to Haskell, but being strict would benefit from the kind of optimisations that Coq does when extracting for OCaml
[Sun Feb 12 12:27:08 2017] <benzrf> Suppose you have a predicate P on, say, natural numbers. Then proving P decidable takes two parts: A function [decide : nat -> bool], and a proof [decide_correct : forall n, P n <-> decide n = true]
[Sun Feb 12 12:27:51 2017] <benzrf> Is there some P such that we can define [decide] in vanilla Coq, but we can't prove [decide_correct] without LEM?
[Sun Feb 12 12:28:08 2017] <benzrf> i.e., we have a constructive decision procedure, but it's only classically provable that it's correct
[Sun Feb 12 12:28:19 2017] <benzrf> so we can effectively decide, but we can't constructively prove that it's decidable
[Sun Feb 12 13:33:20 2017] <jgross> benzrf: Fix an encoding of Turing machines as [nat]s, and let [H n] be the proposition that the Turing machine represented by [n] halts.  Set [P n := H n \/ ~H X], and let [decide n := true].  Then you can prove that [LEM -> decide_correct], but if [decide_correct] were provable, you could replace [Prop] with [Set] and pass -impredicative-set and extract to OCaml, and you'd get a solution to the Halting problem. 
[Sun Feb 12 13:34:10 2017] <benzrf> ahh, ok
[Sun Feb 12 13:35:37 2017] <jgross> If you hadn't said that [P] had to be on [nat], then you get a simpler solution: let [P p := p \/ ~p] and set [decide p := true].  Then [decide_correct] is equivalent to LEM. 
[Sun Feb 12 13:35:46 2017] <benzrf> yeah :P
[Sun Feb 12 13:36:15 2017] <jgross> Or, oh, here's an easy one: take [P n := forall X : Prop, X \/ ~X], and set [decide n := true].  Then [decide_correct] is equivalent to LEM :P 
[Sun Feb 12 13:36:42 2017] <benzrf> * swats jgross with a rolled up newspaper
[Sun Feb 12 13:37:54 2017] <benzrf> hmmmmmm... so are there models of CoC which don't validate "all turing machines halt or dont halt"?
[Sun Feb 12 13:37:56 2017] <jgross> * redefines the tactic generating newspapers to be [idtac], and recompiles reality 
[Mon Feb 13 09:41:30 2017] <schoppenhauer>     exists (Some reason). ← how deep.
[Mon Feb 13 20:12:57 2017] <keep_learning> Hi everyone
[Mon Feb 13 20:13:22 2017] <keep_learning> How to instantiate ?n in goal with x ? https://gist.github.com/mukeshtiwari/9fee46749b77c835698159eaa2e6ecc8
[Mon Feb 13 20:22:30 2017] <johnw> instantiate (1:=x).
[Mon Feb 13 20:22:39 2017] <johnw> or: apply H0
[Mon Feb 13 20:22:43 2017] <johnw> or: eassumption
[Mon Feb 13 20:22:45 2017] <johnw> or: eauto
[Mon Feb 13 20:32:14 2017] <keep_learning> johnw: I am getting Error: Instance is not well-typed in the environment of ?X106 when using instantiate (1 := x)
[Mon Feb 13 20:32:59 2017] <keep_learning> Unable to unify "?n" with "x" (cannot instantiate "?n" because "x" is not in its scope: available arguments are "dec_cand" "cand_fin" "cand_not_nil" "wins" "loses" "is_marg"  "k" "c" "d" "H"). when apply H0
[Mon Feb 13 20:33:54 2017] <keep_learning> I am trying to convert Prop level path to Type level path using previous existing lemmas
[Mon Feb 13 20:34:09 2017] <keep_learning> https://github.com/mukeshtiwari/formalized-voting/blob/master/Schulze_Dirk_Z.v
[Mon Feb 13 20:34:28 2017] <johnw> so, you introduced x after the existential was created
[Mon Feb 13 20:35:32 2017] <johnw> imagine if you had match-analyzed a variable, and then tried to refer to the results of the match before it had happened
[Mon Feb 13 20:36:53 2017] <keep_learning> johnw: Thank you. I got your point.
[Mon Feb 13 22:33:53 2017] <benzrf> is there a theorem somewhere that preorder closure preserves monotonicity?
[Mon Feb 13 22:34:10 2017] <benzrf> in the sense that  f monotonic for R -> f monotonic for R*
[Mon Feb 13 22:34:44 2017] <benzrf> i guess it wouldnt be hard to prove but it seems like something that would be in the stdlib
[Wed Feb 15 17:02:11 2017] <stelleg> is there any support for deriving decidable equality in a similar way to haskell?
[Wed Feb 15 17:04:45 2017] <johnw> yes
[Wed Feb 15 17:05:51 2017] <johnw> Set Decidable Equality Schemes.
[Wed Feb 15 17:05:55 2017] <johnw> before the type definition
[Wed Feb 15 17:06:01 2017] <stelleg> johnw: you're my hero
[Wed Feb 15 17:06:54 2017] <johnw> there's also Set Boolean Equality Schemes.
[Wed Feb 15 17:07:34 2017] <stelleg> johnw: awesome. I'm assuming it generates a standard name in a similar way to the inductive hypotheses?
[Wed Feb 15 17:07:39 2017] <johnw> yes
[Wed Feb 15 17:17:37 2017] <stelleg> hm, seems like the decidable equality schemes only generated boolean equality (t -> t -> bool) with the ugly name internal_t_beq
[Wed Feb 15 17:17:50 2017] <stelleg> at least according to SearchAbout
[Wed Feb 15 17:18:25 2017] <stelleg> boolean equality schemes generated t_beq, which is fine for my purposes
[Wed Feb 15 17:18:27 2017] <stelleg> thanks again
[Wed Feb 15 17:31:40 2017] <Tuplanolla> I've now spent a few hours on this and it's not going anywhere: http://tuplanolla.no-ip.org/tmp/Destutter.v
[Wed Feb 15 17:31:48 2017] <Tuplanolla> Any clues on how to finish the proof?
[Wed Feb 15 17:58:11 2017] <johnw> stelleg: that's the boolean one; there is also the Decidable one
[Wed Feb 15 17:58:14 2017] <johnw> maybe it couldn't generate it
[Wed Feb 15 18:57:53 2017] <Cypi> Tuplanolla: a useful intermediate lemma could be "forall x y xs ys, destutter (x :: xs) = y :: ys -> x = y"
[Wed Feb 15 18:58:34 2017] <Cypi> that would allow you to destruct "destutter (y :: ys)" while keeping the information that this term starts with y
[Wed Feb 15 18:59:10 2017] <Tuplanolla> That could work.
[Wed Feb 15 19:05:02 2017] <stelleg> seems a little weird that it would succeed in generating boolean equality but not decidable
[Wed Feb 15 19:06:09 2017] <Tuplanolla> I don't know how to prove something like that either though.
[Wed Feb 15 19:07:12 2017] <Cypi> by induction on xs. But I guess you did that, so where did you get stuck?
[Wed Feb 15 19:08:47 2017] <Tuplanolla> Manipulating hypotheses instead of goals, but I'll figure it out.
[Wed Feb 15 19:34:44 2017] <Tuplanolla> You can see my progress in the file.
[Wed Feb 15 19:35:53 2017] <Cypi> You don't want to apply your induction hypothesis from the get-go
[Wed Feb 15 19:36:07 2017] <Cypi> it will only be useful in the case x :: x :: zs
[Wed Feb 15 19:36:30 2017] <Tuplanolla> Should I start inside E?
[Wed Feb 15 19:37:20 2017] <Cypi> you should start with the case on (eq_dec x z), and then rewrite in E accordingly
[Wed Feb 15 19:37:39 2017] <Tuplanolla> So yes.
[Wed Feb 15 19:52:35 2017] <Tuplanolla> Back to the theorem then.
[Wed Feb 15 20:06:39 2017] <Tuplanolla> The implication seems to be going in the wrong direction in the lemma.
[Wed Feb 15 20:07:57 2017] <Cypi> I managed to prove the theorem using this lemma.
[Wed Feb 15 20:08:25 2017] <Cypi> Right where you were stuck, the next step was to destruct (destutter (y :: ys)) (and keeping an equation between this and the result, to be used with the new lemma)
[Wed Feb 15 20:08:39 2017] <Tuplanolla> With the other direction I could just say "apply destutter_head_reverse; reflexivity" and it would be done.
[Wed Feb 15 20:09:05 2017] <Cypi> The other direction is false though
[Wed Feb 15 20:09:39 2017] <Tuplanolla> It's because of the quantifiers.
[Wed Feb 15 20:09:53 2017] <Tuplanolla> I shall work with what I had then.
[Wed Feb 15 20:15:26 2017] <Tuplanolla> There we go. Thanks for the clues, Cypi.
[Wed Feb 15 20:18:00 2017] <Tuplanolla> Is there some kind of deeper structure in theorems that mandates how many times one needs to use the induction principle to prove them?
[Wed Feb 15 20:18:29 2017] <Tuplanolla> When I started this problem, I had the feeling that one use without lemmas ought to be enough.
[Wed Feb 15 20:28:32 2017] <johnw> usually you use induction to prove some core relational theorems, and from then on you can mostly use rewriting
[Thu Feb 16 06:00:49 2017] <aochagavia> how do I import a library from the standard library? I have found the documentation here: https://coq.inria.fr/library/Coq.Lists.List.html
[Thu Feb 16 06:01:12 2017] <aochagavia> using Import Coq.Lists.List. gives an error
[Thu Feb 16 06:01:18 2017] <aochagavia> Error: Coq.Lists.List is not a module
[Thu Feb 16 06:04:40 2017] <modulus> Require Coq.Lists.List.
[Thu Feb 16 06:07:03 2017] <aochagavia> great
[Thu Feb 16 06:07:04 2017] <aochagavia> thanks
[Thu Feb 16 12:17:36 2017] <roconnor> Does the standard library have an inductive family for differences of integers?  Something like:
[Thu Feb 16 12:19:51 2017] <roconnor> Inductive diff : Z -> Z -> Type | diff0 : forall z : diff z z | diffNeg : forall z1 z2. z1 < z2 -> diff (Zsucc z1) z2 -> diff z1 z2 | diffPos : forall z1 z2. z1 > z2 -> diff z1 (Zsucc z2) -> diff z1 z2.
[Thu Feb 16 12:25:55 2017] <roconnor> oh, I actually want it for Nat rather than Z.
[Thu Feb 16 14:23:16 2017] <dolio> roconnor: But integers are the differences between Nats. :P
[Thu Feb 16 14:24:40 2017] <roconnor> yes, but integers are not parameterized by two nats.
[Thu Feb 16 14:25:04 2017] <roconnor> What I'm imagining is isomorphic to the intergers when you forget the paramters.
[Fri Feb 17 10:12:52 2017] <aochagavia> I am having trouble with the module system... I want to use the `divide` definition in Coq.Arith.PeanoNat. I tried Require Coq.Arith.PeanoNat but I keep getting the error "The reference divide was not found in the current environment."
[Fri Feb 17 10:13:12 2017] <aochagavia> any ideas on how to import this correctly?
[Fri Feb 17 10:14:37 2017] <Cypi> aochagavia : either use Nat.divide, or add "Import nat."
[Fri Feb 17 10:14:55 2017] <Cypi> Notice in the first few lines of https://coq.inria.fr/library/Coq.Arith.PeanoNat.html, there is "Module Nat ..." which opens a module
[Fri Feb 17 10:15:16 2017] <aochagavia> so what is the difference between Require and Import?
[Fri Feb 17 10:17:02 2017] <aochagavia> (I added Import Nat, but I keep getting the error)
[Fri Feb 17 10:17:35 2017] <aochagavia> the code is here, in case you want to see it: https://gist.github.com/aochagavia/72f8088b0789261525c2cd429ea2b48a
[Fri Feb 17 10:17:40 2017] <Cypi> Ah, yes. "Require Coq.Arith.PeanoNat" will just require the file and put everything it defines in a submodule
[Fri Feb 17 10:17:44 2017] <aochagavia> just 3 lines
[Fri Feb 17 10:17:58 2017] <Cypi> "Require Import Coq.Arith.PeanoNat" will do that, and then import everything at top-level
[Fri Feb 17 10:19:09 2017] <Cypi> You could do "Import PeanoNat.Nat."
[Fri Feb 17 10:19:16 2017] <Cypi> to reference the module Nat which is defined inside PeanoNat
[Fri Feb 17 10:19:30 2017] <Cypi> (apparently there is another module called Nat which is defined elsewhere...)
[Fri Feb 17 10:23:09 2017] <aochagavia> thanks
[Fri Feb 17 19:03:34 2017] <rrika> If I want to have a monad for manipulation of a graph data structure that has (among other things) an add and remove operation, how can I make sure that only operation sequences that remove existing nodes are expressible.
[Fri Feb 17 19:08:58 2017] <rrika> I can't locally know if a removal is valid, I have to know if a node creation will be prepended to it
[Fri Feb 17 19:31:28 2017] <johnw> you'll need to represents the structure in the type somehow, so that the constructor for Removal : forall (g : Graph), isNonEmpty g -> GraphOp g
[Fri Feb 17 19:31:55 2017] <johnw> probably end that with GraphOp (remove n g), and declare n too
[Fri Feb 17 19:32:17 2017] <johnw> in other words, "GraphOp g" is the type of correct operations on a graph, where g is the correctly operated on graph
[Fri Feb 17 19:33:46 2017] <rrika> johnw, what would the body of "remove" be?
[Fri Feb 17 19:33:56 2017] <johnw> your remove operation on the graph
[Fri Feb 17 19:34:08 2017] <johnw> which presumably would require a g, NonEmpty g
[Fri Feb 17 19:35:00 2017] <johnw> the idea here is to have two data types
[Fri Feb 17 19:35:02 2017] <johnw> is the type of graphs
[Fri Feb 17 19:35:22 2017] <johnw> the next is the type of a DSL representing all lawful operations on graphs
[Fri Feb 17 19:35:41 2017] <johnw> then you bake the requirements into the constructors of the DSL term, and it becomes a propositional predicate for a "correctly operated on graph"
[Fri Feb 17 19:35:54 2017] <johnw> another term for this might be "a good graph client"
[Fri Feb 17 19:36:11 2017] <rrika> hm, I'll try something like that.
[Fri Feb 17 19:36:23 2017] <johnw> I've used this trick many times, it generally works out well
[Fri Feb 17 19:36:49 2017] <johnw> because it allows you to still operate on plain graphs, so long as you can prove that those operations maintain correct construction
[Fri Feb 17 19:36:56 2017] <johnw> i.e., rather than having a dependent type that must *always* be correct
[Fri Feb 17 19:37:10 2017] <rrika> I want to avoid implementing the graph ops
[Fri Feb 17 19:37:16 2017] <johnw> hmm?
[Fri Feb 17 19:37:26 2017] <rrika> The idea is that I extract to something that can do graph mutation natively.
[Fri Feb 17 19:37:40 2017] <rrika> basically, not emulate a mutable graph with an immutable datastructure
[Fri Feb 17 19:37:58 2017] <rrika> I'd just state the important properties about add/remove: Everything but the element in question stays the same
[Sat Feb 18 04:42:35 2017] <notdan> hi
[Sat Feb 18 04:46:28 2017] <johnw> hi notdan
[Sat Feb 18 16:09:01 2017] <shlevy> I vaguely recall reading a paper about why pattern-matching + recursion is much nicer to work with as the primitives than induction principles. Does anyone know what I might be talking about? :D
[Sat Feb 18 18:11:37 2017] <shlevy> I was looking for "Codifying guarded definitions with recursive schemes" I think
[Sun Feb 19 12:40:01 2017] <johnw> hi shlevy
[Sun Feb 19 12:40:30 2017] <johnw> shlevy: I think I know, but I'm not sure of the context in which you ask
[Sun Feb 19 12:41:13 2017] <johnw> shlevy: are you talking about the difference in coding style between writing a recursive function that pattern matches on its list argument, rather than a function that just calls list_rect?
[Sun Feb 19 17:08:12 2017] <shlevy> Looking at the definition of Well_founded.Acc (https://coq.inria.fr/distrib/current/stdlib/Coq.Init.Wf.html#Acc), why is 'x' allowed to be a parameter? It doesn't really seem to be uniform...
[Sun Feb 19 17:09:05 2017] <shlevy> Is the uniformness only required for the final type of the constructor?
[Sun Feb 19 17:15:11 2017] <johnw> Acc x means that x is Accessible from every other value of the same type, under the relation R
[Sun Feb 19 17:15:20 2017] <johnw> for example, every number reduces to 0, every list reduces to [], etc.
[Sun Feb 19 17:15:24 2017] <shlevy> Sure
[Sun Feb 19 17:15:38 2017] <johnw> so, in Acc x, x is the value representing the base case for the relation R
[Sun Feb 19 17:15:43 2017] <shlevy> I'm asking about the difference between a parameter and an index
[Sun Feb 19 17:15:46 2017] <shlevy> Acc was just an example
[Sun Feb 19 17:15:48 2017] <johnw> ahh
[Sun Feb 19 17:15:59 2017] <johnw> parameters can't vary
[Sun Feb 19 17:16:02 2017] <johnw> indices can
[Sun Feb 19 17:16:29 2017] <shlevy> Right, but what does 'vary' mean specifically? In this case, it seems to me like 'x' varies
[Sun Feb 19 17:16:42 2017] <shlevy> But it's there as a parameter
[Sun Feb 19 17:16:46 2017] <johnw> for the parameter Foo (x : A), it means every constructor's type will be Foo x
[Sun Feb 19 17:16:59 2017] <shlevy> But the recursive arguments are allowed to be Foo y
[Sun Feb 19 17:17:20 2017] <johnw> that's an instance of the type, not the type of the constructor
[Sun Feb 19 17:17:26 2017] <shlevy> Right
[Sun Feb 19 17:17:26 2017] <shlevy> OK
[Sun Feb 19 17:17:39 2017] <shlevy> So it's not *quite* as if the inductive definition existed behind a lambda
[Sun Feb 19 17:17:51 2017] <johnw> not quite sure what you mean by that...
[Sun Feb 19 17:20:31 2017] <shlevy> I mean if coq had anonymous inductive definitions, you can implement list like: fun (A : Type) => ind l := [(nil : l) (cons : A -> l -> l)] or whatever
[Sun Feb 19 17:21:00 2017] <shlevy> But you can't do something similar for Acc, you'd need the anonymous inductive type definition to have built-in support for parameters as well as indices
[Sun Feb 19 17:21:45 2017] <johnw> i'm not sure what your syntax is supposed to represent
[Sun Feb 19 17:22:03 2017] <johnw> ind l is taking... a type as a parameter within a lambda?
[Sun Feb 19 17:22:07 2017] <shlevy> The type of that whole expression is Type -> Type
[Sun Feb 19 17:22:31 2017] <shlevy> ind is some imagined syntax for defining an inductive type family
[Sun Feb 19 17:22:36 2017] <johnw> are you talking about a recursor, like the type of list_rec?
[Sun Feb 19 17:22:40 2017] <shlevy> No
[Sun Feb 19 17:22:44 2017] <Cypi> (l is just a name I believe)
[Sun Feb 19 17:23:15 2017] <shlevy> yes, l is a name, like how with 'fix' you define a name that's usable in the body
[Sun Feb 19 17:23:24 2017] <shlevy> really it should be something like ind (l : Type) := ...
[Sun Feb 19 17:23:37 2017] <shlevy> But anyway, I think I understand the answer to my question even if I can't phrase it well :D
[Sun Feb 19 17:32:57 2017] <roconnor> shlevy: uniformness is only required for the final type of the constructor.
[Sun Feb 19 17:33:11 2017] <shlevy> OK, cool
[Sun Feb 19 17:34:14 2017] <roconnor> there are actually three types of parameters: uniform parmameter, non-uniform parameters, and indices.
[Sun Feb 19 17:34:42 2017] <shlevy> So list has a uniform parameter and Acc has anon-uniform parameter?
[Sun Feb 19 17:34:46 2017] <shlevy> Or is that something different?
[Sun Feb 19 17:34:49 2017] <roconnor> I think my complain a while back prompted the existance of non-uniform parameters.
[Sun Feb 19 17:35:14 2017] <roconnor> I wonder if the type of paremeter of Acc has changed.
[Sun Feb 19 17:35:37 2017] <shlevy> What's the formal difference?
[Sun Feb 19 17:36:28 2017] <roconnor> between non-uniform and uniform parameters?
[Sun Feb 19 17:36:36 2017] <shlevy> Yeah
[Sun Feb 19 17:37:59 2017] <roconnor> There might be a paper on this topic.
[Sun Feb 19 17:40:13 2017] <roconnor> do they generate different induction principles?
[Sun Feb 19 17:40:34 2017] <roconnor> the unform parameters might fully abstract the parameter.
[Sun Feb 19 17:40:41 2017] <roconnor> in the induction principle.
[Sun Feb 19 17:40:44 2017] <roconnor> Not sure.
[Sun Feb 19 17:40:55 2017] <johnw> shlevy: why do you want this construction, btw?
[Sun Feb 19 17:41:50 2017] <Cypi> There is a thread on coq-club about this: https://sympa.inria.fr/sympa/arc/coq-club/2011-11/msg00411.html (not pointing to a specific mail in the thread). The take-away seems to be that non-uniform parameters behave like indices w.r.t recursive schemes (what you said), and like parameters w.r.t dependent pattern-matching
[Sun Feb 19 17:44:00 2017] <roconnor> Yes, the definition of Acc has changed since coq 8.0pl3
[Sun Feb 19 17:44:09 2017] <roconnor>  Inductive Acc : A -> Prop :=
[Sun Feb 19 17:44:10 2017] <roconnor>      Acc_intro : forall x:A, (forall y:A, R y x -> Acc y) -> Acc x.
[Sun Feb 19 17:44:33 2017] <johnw> I wonder where shlevy copied his definition from then...
[Sun Feb 19 17:44:44 2017] <shlevy> johnw: I linked it :D
[Sun Feb 19 17:44:49 2017] <johnw> ah
[Sun Feb 19 17:44:55 2017] <shlevy> current stdlib I think
[Sun Feb 19 17:45:00 2017] <johnw> indeed you did
[Sun Feb 19 17:45:04 2017] <Cypi> No, it's the definition that roconnor copied which is the old one ^^
[Sun Feb 19 17:45:08 2017] <johnw> aha
[Sun Feb 19 17:45:13 2017] <roconnor> non-uniform inductive parameters were introduced in 8.1
[Sun Feb 19 17:45:20 2017] <roconnor> I pasted the definition from 8.0pl3
[Sun Feb 19 17:46:17 2017] <shlevy> OK
[Sun Feb 19 17:47:10 2017] <shlevy> So non-uniform parameters are the same thing as indices in a calculus with recursion principles as the primitive instead of fixpoints/matches?
[Sun Feb 19 17:47:13 2017] <johnw> shlevy: why do you want this?
[Sun Feb 19 17:47:44 2017] <shlevy> Trying out an idea for an alternative kernel
[Sun Feb 19 17:47:51 2017] <johnw> have you looked at lean?
[Sun Feb 19 17:48:01 2017] <shlevy> Yeah
[Sun Feb 19 17:48:05 2017] <johnw> i know that it does inductive types differently
[Sun Feb 19 17:49:07 2017] <roconnor> shlevy: the primary reason I wanted non-uniform parameters was to avoid raising the universe level.
[Sun Feb 19 17:49:12 2017] <shlevy> Aaah
[Sun Feb 19 17:49:14 2017] <shlevy> Interesting
[Sun Feb 19 17:49:56 2017] <shlevy> roconnor: Can you give an example where it matters?
[Sun Feb 19 17:51:06 2017] <roconnor> yes
[Sun Feb 19 17:59:09 2017] <roconnor> maybe
[Sun Feb 19 17:59:54 2017] <roconnor> So the section on Non-unform De Bruijn Indices in https://coq.inria.fr/cocorico/UntypedLambdaTerms  was my motivation at the time
[Sun Feb 19 18:01:35 2017] <roconnor> This is the thread that I believe prompted the existance of non-uniform indices: https://sympa.inria.fr/sympa/arc/coq-club/2005-03/msg00006.html
[Sun Feb 19 18:01:54 2017] <roconnor> There could have been other motivations that I wasn't are of though.
[Sun Feb 19 18:02:48 2017] <roconnor> shlevy: I think the above link clearly demonstrates the issue.
[Sun Feb 19 18:06:35 2017] <shlevy> Thanks
[Sun Feb 19 18:07:06 2017] <roconnor> also https://sympa.inria.fr/sympa/arc/coq-club/2005-03/msg00017.html
[Sun Feb 19 18:07:46 2017] <roconnor> though perhaps that pitfall has been fixed.
[Sun Feb 19 18:13:10 2017] <ChanServ> roconnor set flags +o on johnw
[Sun Feb 19 18:13:31 2017] <ChanServ> roconnor set flags +ARefirstv on johnw
[Sun Feb 19 18:50:37 2017] <shlevy> roconnor: Can you give an intuition why a non-recursive parmeter need not raise the universe level but an index must?
[Sun Feb 19 18:50:41 2017] <shlevy> erm, non-uniform
[Sun Feb 19 19:04:53 2017] <roconnor> hmm, Christine Paulin doesn't seem to have any publications on the topic
[Sun Feb 19 19:05:06 2017] <roconnor> Christine Paulin-Mohring
[Sun Feb 19 19:07:25 2017] <roconnor> maybe this message / thread can help: https://sympa.inria.fr/sympa/arc/coq-club/2011-11/msg00465.html
[Sun Feb 19 19:08:01 2017] <roconnor> though it doesn't help md. :(
[Sun Feb 19 19:08:04 2017] <roconnor> *me
[Sun Feb 19 19:09:40 2017] <roconnor> https://sympa.inria.fr/sympa/arc/coq-club/2011-11/msg00323.html
[Sun Feb 19 19:13:33 2017] <roconnor> but honestly I have little understanding of universe levels.
[Mon Feb 20 10:55:44 2017] <notdan> Hm, what is the best way to debug tactics?
[Mon Feb 20 10:56:40 2017] <notdan> I have a very silly problem: if I inline the definition of an ltac, then Coq eats it up and everything is fine. If I put the tactic in a separate ltac, then Coq complains
[Mon Feb 20 10:56:59 2017] <notdan> is there difference in backtracking w.r.t. inlined tactics and calls to tactics/tacticals?
[Mon Feb 20 10:58:43 2017] <notdan> Oh, actually if I move that ltac definition into a Section where the proof is located, then it works fine...
[Mon Feb 20 10:58:43 2017] <notdan> wtf
[Mon Feb 20 13:03:09 2017] <notdan> Ah I see, I had a problem with scopeing in Tactic Notation
[Tue Feb 21 16:47:13 2017] <erisco> what is a rudimentary way to do IO with Coq?
[Tue Feb 21 16:47:46 2017] <johnw> how rudimentary do you need?
[Tue Feb 21 16:47:56 2017] <erisco> my main method would be to generate code for any serious IO application
[Tue Feb 21 16:48:03 2017] <erisco> but I at least need to be able to output things
[Tue Feb 21 16:48:18 2017] <johnw> if you just want to "model effects", you can use a Free grammar, whose terms you would evaluate at runtime using some other language
[Tue Feb 21 16:48:23 2017] <erisco> and very likely read some things. Just file IO
[Tue Feb 21 16:48:27 2017] <johnw> if you want to "program with IO in Coq", try Ynot
[Tue Feb 21 16:48:46 2017] <johnw> or what this guy does: https://github.com/coq-concurrency/pluto
[Tue Feb 21 16:49:05 2017] <erisco> "whose terms you would evaluate at runtime using some other language" I don't understand
[Tue Feb 21 16:49:21 2017] <johnw> erisco: if my main = print 'Hello'
[Tue Feb 21 16:49:30 2017] <johnw> i'd compile that to a term like; Call (Print "Hello")
[Tue Feb 21 16:49:38 2017] <erisco> how?
[Tue Feb 21 16:49:40 2017] <johnw> then I'd produce that term in, say, Haskell (via extraction)
[Tue Feb 21 16:49:48 2017] <johnw> are you familiar with free grammars?
[Tue Feb 21 16:50:06 2017] <johnw> Inductive EffectsF r := Print : string -> r -> EffectsF r
[Tue Feb 21 16:50:10 2017] <erisco> no, but I am mainly curious about how you're getting something out of Coq and into something else
[Tue Feb 21 16:50:18 2017] <johnw> Definition Effects (A : Type) := Free EffectsF A.
[Tue Feb 21 16:50:24 2017] <johnw> main : Effects unit
[Tue Feb 21 16:50:37 2017] <johnw> main := liftF (Print "Hello" tt).
[Tue Feb 21 16:50:50 2017] <erisco> my knowledge of Coq is just about zero so this doesn't mean anything to me :P I just want to check that it is capable of my end goal before I get started
[Tue Feb 21 16:51:00 2017] <johnw> if you use the Haskell extraction from Coq, it will generate a Haskell definition for EffectsF and Effects
[Tue Feb 21 16:51:10 2017] <johnw> allowing you to construct the Effects term in Coq, and then hand it over to Haskell for evaluation
[Tue Feb 21 16:51:21 2017] <johnw> there are multiple ways to reach your end goal
[Tue Feb 21 16:51:26 2017] <johnw> but they will all require some work
[Tue Feb 21 16:51:33 2017] <johnw> this is not the 'natural mode' for Coq programmers
[Tue Feb 21 16:51:36 2017] <erisco> okay, so there is some Coq tool I can run on the Coq program to produce Haskell code? this is called "Haskell extraction"?
[Tue Feb 21 16:51:45 2017] <erisco> I am guessing it is just the data definitions, or something like that
[Tue Feb 21 16:51:46 2017] <Tuplanolla> It's built-in, erisco.
[Tue Feb 21 16:51:46 2017] <johnw> yes
[Tue Feb 21 16:52:17 2017] <johnw> if all you want to do is dependently-typed programming, though, you may prefer Agda
[Tue Feb 21 16:52:19 2017] <erisco> I suppose the data definitions plus the actual data constructions you make
[Tue Feb 21 16:52:30 2017] <johnw> Agda has IO, and more directly links to Haskell
[Tue Feb 21 16:52:38 2017] <erisco> no no… I've been unhappy with that
[Tue Feb 21 16:52:53 2017] <johnw> well, I'd hate to say, but you're likely to be more unhappy with Coq then
[Tue Feb 21 16:53:00 2017] <erisco> I had an easier time doing DT with Haskell and singletons =\
[Tue Feb 21 16:53:09 2017] <johnw> hmm
[Tue Feb 21 16:53:29 2017] <erisco> when it came to type inference, type refinement particularly, it was just a nightmare
[Tue Feb 21 16:53:45 2017] <erisco> well I was using Idris, but apparently the way Idris is working in some areas comes from Agda
[Tue Feb 21 16:53:49 2017] <erisco> so I don't want to continue with either
[Tue Feb 21 16:53:52 2017] <johnw> that's often just "DT"
[Tue Feb 21 16:54:15 2017] <johnw> gotta run
[Tue Feb 21 16:54:25 2017] <erisco> well, when the Haskell version is easier then their version is just wrong for me
[Tue Feb 21 16:54:41 2017] <erisco> the only problem I ran into with Haskell was that DataKinds is unable to suitably promote some things
[Tue Feb 21 16:55:12 2017] <erisco> well, it cannot promote constraints, and then additionally you cannot use data families in type families
[Tue Feb 21 16:55:22 2017] <erisco> so there was too much friction and issue there as well
[Tue Feb 21 16:55:28 2017] <erisco> maybe in a few versions oO
[Tue Feb 21 16:55:36 2017] <erisco> so I've buckled into trying Coq again
[Tue Feb 21 16:58:54 2017] <erisco> johnw, well I'd have to guess that the "natural mode" does not involve IO at all
[Tue Feb 21 16:59:33 2017] <erisco> but I am a programmer, not a mathematician, so I want to prove things about programs
[Tue Feb 21 16:59:54 2017] <erisco> and, you know, run them :P
[Tue Feb 21 17:02:19 2017] <Tuplanolla> I tried the same thing a few years ago.
[Tue Feb 21 17:03:27 2017] <erisco> Tuplanolla, how did it go?
[Tue Feb 21 17:03:39 2017] <Tuplanolla> In addition to proving theorems and extracting them, you have add extraction rules to get quality code out. This of course means that you also have to ensure your extraction rules are correct.
[Tue Feb 21 17:04:07 2017] <Tuplanolla> It was enlightening, so I'm not saying it was useless.
[Tue Feb 21 17:05:12 2017] <erisco> I am expecting that part of things to be quite difficult, or at least to require a lot of time
[Tue Feb 21 17:05:49 2017] <erisco> not even looking forward to the build script to duct tape Coq and Haskell together
[Tue Feb 21 17:06:15 2017] <Tuplanolla> I have some lecture notes on basic proofs and program extraction here: http://users.jyu.fi/~sapekiis/ties350/
[Tue Feb 21 17:06:36 2017] <Tuplanolla> Alas it was just a brief introduction.
[Tue Feb 21 17:08:07 2017] <erisco> it is a starting point. Thanks
[Tue Feb 21 17:10:17 2017] <erisco> reading through the intro… there are many things I have yet to understand, but this one in particular is most puzzling
[Tue Feb 21 17:10:22 2017] <erisco>   ∀ x y : Z, x * y = 0 -> x = 0 \/ y = 0   what is the = 0 about?
[Tue Feb 21 17:10:41 2017] <erisco> that is the implementation of   ∀ A B : Prop, A /\ B -> B \/ B
[Tue Feb 21 17:12:15 2017] <erisco> johnw, it was particular issues that really set me off. I'll know soon enough if Coq possesses those too
[Tue Feb 21 17:12:44 2017] <erisco> johnw, and if it does then, well, I guess I just have to learn the unfortunate idiosyncrasies
[Tue Feb 21 17:12:57 2017] <Tuplanolla> What's the issue with that proposition?
[Tue Feb 21 17:13:15 2017] <Tuplanolla> It says that if a product is zero, either operand must be zero.
[Tue Feb 21 17:13:54 2017] <erisco> oh, I must have grossly misunderstood
[Tue Feb 21 17:14:23 2017] <erisco> I thought   ∀ A B : Prop, A /\ B -> B \/ B  was like a type decl and    ∀ x y : Z, x * y = 0 -> x = 0 \/ y = 0  was the definition/implementation
[Tue Feb 21 17:14:29 2017] <erisco> but they're separate examples, aren't they
[Tue Feb 21 17:14:39 2017] <Tuplanolla> They are.
[Tue Feb 21 17:15:50 2017] <erisco> so, ∀ A B  is introducing variables A and B
[Tue Feb 21 17:15:56 2017] <erisco> what universe are these in?
[Tue Feb 21 17:16:20 2017] <erisco> is the whole thing  ∀ A B : Prop  which is saying A and B are Props?
[Tue Feb 21 17:16:33 2017] <Tuplanolla> They're of type `Prop`, which is of some other type.
[Tue Feb 21 17:17:00 2017] <erisco> okay, so ∀ x y : Z  is saying x and y have type Z i.e. are integers
[Tue Feb 21 17:17:24 2017] <erisco> is this equivalent to ∀ x : Z ∀ y : Z ?
[Tue Feb 21 17:17:33 2017] <erisco> I suppose I should download Coq and find a way to try that
[Tue Feb 21 17:17:44 2017] <Tuplanolla> You forgot a comma, but yes.
[Tue Feb 21 17:21:41 2017] <erisco> lol, seems the installer cannot handle paths with spaces in it
[Tue Feb 21 17:21:55 2017] <erisco> get a proof on that
[Tue Feb 21 17:26:39 2017] <erisco> doesn't help that it boots in command prompt which doesn't support unicode
[Tue Feb 21 17:27:16 2017] <Tuplanolla> You'll want CoqIDE or Proof General.
[Tue Feb 21 17:27:37 2017] <erisco> seems I already have CoqIDE. Maybe that came with the install
[Tue Feb 21 17:28:00 2017] <erisco> man, an IDE? I really am spoiled
[Tue Feb 21 17:29:56 2017] <erisco> so lets say I want to check that  ∀ A B : Prop, A /\ B -> B \/ B  is syntactically valid. How do I do that with this IDE?
[Tue Feb 21 17:30:14 2017] <Tuplanolla> Slap it into the buffer, save it and advance the checker to that line.
[Tue Feb 21 17:32:25 2017] <erisco> I don't know… I have it saved, I click the "go to cursor" button when my cursor is at the start of the line
[Tue Feb 21 17:32:43 2017] <Tuplanolla> Move it to the end first.
[Tue Feb 21 17:32:46 2017] <erisco> I click "fully check the document" but despite the line containing garbage there is no error
[Tue Feb 21 17:33:11 2017] <Tuplanolla> It goes to the first full stop before the cursor.
[Tue Feb 21 17:33:41 2017] <erisco> hm, no dice
[Tue Feb 21 17:34:44 2017] <Tuplanolla> Does `Check 42.` produce anything?
[Tue Feb 21 17:35:05 2017] <erisco> yes
[Tue Feb 21 17:35:49 2017] <erisco> oh, I need a period I suppose
[Tue Feb 21 17:36:08 2017] <Tuplanolla> I guess I shouldn't call it a full stop then.
[Tue Feb 21 17:36:10 2017] <erisco> so it complains ∀ is an undefined token
[Tue Feb 21 17:36:32 2017] <erisco> I know what a full stop is but I thought it as a line return anyways :P
[Tue Feb 21 17:36:46 2017] <Tuplanolla> The top level is actually reserved for Vernacular, so you can't write Gallina there.
[Tue Feb 21 17:37:54 2017] <Tuplanolla> Try `Theorem whatever : forall A B : Prop, A /\ B -> B \/ B.`.
[Tue Feb 21 17:38:15 2017] <erisco> does Vernacular just introduce definitions?
[Tue Feb 21 17:38:32 2017] <Tuplanolla> It manages imports, definitions, extraction and all that.
[Tue Feb 21 17:39:11 2017] <erisco> alright, I got something with that
[Tue Feb 21 17:39:17 2017] <erisco> now why "forall" and not "∀"?
[Tue Feb 21 17:39:23 2017] <Tuplanolla> Because I'm lazy.
[Tue Feb 21 17:39:27 2017] <Tuplanolla> Now get proving!
[Tue Feb 21 17:39:33 2017] <erisco> ∀ does not work for me
[Tue Feb 21 17:40:07 2017] <erisco> I've gone through all this effort of setting up a compose key and I want to use it :P
[Tue Feb 21 17:40:15 2017] <erisco> (ノಠ益ಠ)ノ彡┻━┻
[Tue Feb 21 17:40:29 2017] <Tuplanolla> How did you compose that one?
[Tue Feb 21 17:40:45 2017] <erisco> up up down down left right left right b a
[Tue Feb 21 17:45:27 2017] <erisco> I am guessing that I want this https://coq.inria.fr/library/Coq.Unicode.Utf8_core.html
[Tue Feb 21 17:46:03 2017] <erisco> I can copy it in and it works, but Import Coq.Unicode.Utf8_core. complains it is not a module
[Tue Feb 21 17:46:06 2017] <erisco> is there a package manager?
[Tue Feb 21 17:46:14 2017] <Tuplanolla> Say `Require Import`.
[Tue Feb 21 17:47:50 2017] <erisco> I love that Coq even ships with fonts that support the characters. Someone has put a lot of work into this
[Tue Feb 21 17:54:28 2017] <erisco> "or a form of subset types called Σ-types, e.g. the type of even natural numbers:   {n : N | even n}"
[Tue Feb 21 17:54:36 2017] <erisco> is that read "sum types" or "sigma types" ?
[Tue Feb 21 17:55:01 2017] <erisco> and are these also called "refinement types" ?
[Tue Feb 21 17:55:06 2017] <Tuplanolla> Rather "dependent pair types".
[Tue Feb 21 17:56:54 2017] <erisco> can't say I've understood what that is
[Tue Feb 21 18:04:53 2017] <erisco> if we have {x:t} -> r as part of the language already then don't we already have dependent pairs?
[Tue Feb 21 18:05:48 2017] <erisco> because I can just write a constructor C : {x : t} -> F x -> Pair t F
[Tue Feb 21 18:07:50 2017] <erisco> is the {n : N | even n} feature just an ad hoc / convenient way to define these?
[Tue Feb 21 18:08:29 2017] <Tuplanolla> If you take a look at `exists`, it's not actually primitive either.
[Tue Feb 21 18:08:53 2017] <erisco> where?
[Tue Feb 21 18:09:01 2017] <Tuplanolla> In Coq.
[Tue Feb 21 18:09:16 2017] <erisco> I haven't seen it yet
[Tue Feb 21 18:10:11 2017] <erisco> by "either" do you mean to say that {n : N | even n} is not a primitive feature?
[Tue Feb 21 18:10:33 2017] <erisco> well, I presume it is syntactically, but you can achieve the same without
[Tue Feb 21 18:14:13 2017] <Cypi> Indeed, {n : N | even n} is just another inductive type. Like you say, it has one constructor of type " forall x : A, P x -> {x : A | P x}"
[Tue Feb 21 18:16:26 2017] <erisco> no x argument?
[Tue Feb 21 18:16:48 2017] <Cypi> In "forall x : A, P x -> {x : A | P x}", the first argument is x
[Tue Feb 21 18:16:55 2017] <Cypi> (unless I misunderstood what you just meant)
[Tue Feb 21 18:17:06 2017] <erisco> okay, I wasn't aware
[Tue Feb 21 18:17:13 2017] <erisco> I do not fully understand the notation yet
[Tue Feb 21 18:17:45 2017] <Cypi> Well, "forall (x : A), B" is the type of functions that take an argument x of type A, and return something of type B (which might mention x)
[Tue Feb 21 18:17:48 2017] <erisco> in Haskell the forall is apart
[Tue Feb 21 18:18:03 2017] <Cypi> I think you wrote that {x : A} -> B earlier
[Tue Feb 21 18:18:13 2017] <erisco> well that'd be the Idris version
[Tue Feb 21 18:35:13 2017] <erisco> Cypi, it is strange to me why the introduction of variables is followed by a comma rather than →
[Tue Feb 21 18:35:25 2017] <erisco> if they are also parameters
[Tue Feb 21 18:36:12 2017] <Cypi> Well, that's on the level of types. A term of type "forall x : A, B" could have the shape "fun x : A => t"
[Tue Feb 21 18:37:05 2017] <erisco> λ (A B : Prop) (H : A ∧ B), and_ind (λ (_ : A) (H1 : B), or_introl H1) H
[Tue Feb 21 18:37:06 2017] <erisco>      : ∀ A B : Prop, A ∧ B → B ∨ B
[Tue Feb 21 18:37:13 2017] <erisco> so it seems the commas can be used in terms as well
[Tue Feb 21 18:37:31 2017] <Cypi> It's just syntax anyway
[Tue Feb 21 18:37:44 2017] <erisco> yes but I am still trying to grapple with it
[Tue Feb 21 18:37:46 2017] <Cypi> What you pasted use a notation though, "fun x : A => t" is the primitive way
[Tue Feb 21 18:39:05 2017] <Cypi> By the way, you also have "A -> B" which is a notation for "forall _ : A, B", meaning that the return type does not depend on the input (so "A -> B" is just the type of normal functions from A to B)
[Tue Feb 21 18:42:01 2017] <erisco> can you interactively do a proof with CoqIDE?
[Tue Feb 21 18:42:59 2017] <Cypi> Yes, that's the point. You can step through a proof using the arrows at the top (or rather the keyboard shortcuts in the "Navigation" menu).
[Tue Feb 21 18:43:35 2017] <Cypi> So you can state some theorem, and then CoqIDE will show you the current goal, you can input some tactics, step through them, CoqIDE will show you the current goal(s) after execution of these tactics, and so on
[Tue Feb 21 18:44:49 2017] <erisco> okay, so if you could clear this up for me it would help a lot
[Tue Feb 21 18:45:37 2017] <erisco> I realise that fundamentally we're writing a proof like we would a program (the Curry-Howard correspondence)
[Tue Feb 21 18:45:56 2017] <erisco> but then to make this less tedious there are tactics
[Tue Feb 21 18:46:14 2017] <erisco> so say I have   Theorem test : ∀ A B : Prop, A ∧ B → B ∨ B.
[Tue Feb 21 18:46:40 2017] <erisco> how does this compare to declaring a function "test" with type ∀ A B : Prop, A ∧ B → B ∨ B  ?
[Tue Feb 21 18:47:09 2017] <Tuplanolla> You can pry the actual function out of the finished proof.
[Tue Feb 21 18:47:18 2017] <Cypi> The end-result is basically the same: in both cases, you are writing a term (either directly or with tactics) whose type is "forall A B : Prop, A /\ B -> B \/ B""
[Tue Feb 21 18:47:30 2017] <Tuplanolla> In CoqIDE it's behind one of F1 to F4.
[Tue Feb 21 18:49:38 2017] <erisco> can functions be defined or just theorems?
[Tue Feb 21 18:50:14 2017] <erisco> okay let me ask this a different way
[Tue Feb 21 18:50:17 2017] <Cypi> I'm not sure I understand the question. Theorems are just terms like any others.
[Tue Feb 21 18:50:25 2017] <erisco> say I just wanted to do it as rudimentary as possible
[Tue Feb 21 18:50:36 2017] <Cypi> (except that we usually only care for the type of a theorem, not the actual term)
[Tue Feb 21 18:50:44 2017] <erisco> so I just want to declare that "test" has a type, and then I want to write the proof term for it without tactics
[Tue Feb 21 18:52:01 2017] <Cypi> Definition test : forall A B : Prop, A /\ B -> B \/ B := fun (A B : Prop) (H : A /\ B) => match H with conj _ H' => or_introl H' end.
[Tue Feb 21 18:52:06 2017] <Cypi> You could write it like that
[Tue Feb 21 18:55:27 2017] <erisco> is there any interactive option with this approach? say I could leave one or more holes
[Tue Feb 21 18:56:03 2017] <Cypi> Yup
[Tue Feb 21 18:56:27 2017] <Cypi> Definition test : forall A B : Prop, A /\ B -> B \/ B. Proof. refine (fun (A B : Prop) (H : A /\ B) => _). ...
[Tue Feb 21 18:56:35 2017] <Cypi> so using the tactic "refine" for instance
[Tue Feb 21 18:56:49 2017] <Cypi> another way would to use the Program facility and writing stuff like:
[Tue Feb 21 18:57:09 2017] <Cypi> Program Definition test : forall A B : Prop, A /\ B -> B \/ B := fun (A B : Prop) (H : A /\ B) => _ .
[Tue Feb 21 18:57:14 2017] <Cypi> and it will generate subproofs for you
[Tue Feb 21 18:57:29 2017] <Cypi> (but I wouldn't advise learning this first, Program is not primitive at all)
[Tue Feb 21 18:58:23 2017] <erisco> I appreciate avoiding any complications for now, thanks
[Tue Feb 21 18:58:44 2017] <Cypi> refine, on the contrary, is very primitive: this is the basic building block of any tactic
[Tue Feb 21 18:59:26 2017] <erisco> what do I import to get that?
[Tue Feb 21 18:59:32 2017] <Cypi> refine? Nothing
[Tue Feb 21 18:59:41 2017] <erisco> Error: The reference refine was not found in the current environment.
[Tue Feb 21 19:00:14 2017] <erisco> oh that is because I was still using :=
[Tue Feb 21 19:00:28 2017] <Cypi> Yes, refine is still a tactic, so you need to be in proof-mode
[Tue Feb 21 19:02:51 2017] <erisco> okay, so now what is the difference between "Theorem" and "Definition"?
[Tue Feb 21 19:03:13 2017] <Cypi> Not much really. With Definition you can use :=, whereas with Theorem you can't.
[Tue Feb 21 19:03:28 2017] <Cypi> But if you go in proof-mode, then I don't think there is any difference.
[Tue Feb 21 19:05:30 2017] <erisco> http://lpaste.net/352827 what is this error message about?
[Tue Feb 21 19:05:39 2017] <erisco> is it trying to synthesize the term?
[Tue Feb 21 19:06:07 2017] <Cypi> Yes. You wrote an incomplete definition, and it needs to be complete (because not using the facilities of Program), so Coq is trying to infer it
[Tue Feb 21 19:06:39 2017] <Cypi> In some cases it can (mainly if it's a type annotation which is missing), but there it won't be able to do it trivially, so it won't do it at all
[Tue Feb 21 19:07:54 2017] <erisco> Tuplanolla, F1 brings up the query pane
[Tue Feb 21 19:08:27 2017] <erisco> so I Print test. ?
[Tue Feb 21 19:11:21 2017] <erisco> Cypi, so this interactive proof with refine is still using the same imperative proof method
[Tue Feb 21 19:11:24 2017] <erisco> but that is alright I suppose
[Tue Feb 21 19:11:58 2017] <Cypi> I find it to be alright. I mean, it basically does what you wanted: you provide a proof term with holes in it, and then you need to provide another proof term for each of these holes and so on
[Tue Feb 21 19:14:23 2017] <erisco> okay awesome, thanks
[Tue Feb 21 19:14:35 2017] <erisco> I'll have a hundred more questions but this should be enough to get me started
[Tue Feb 21 19:14:57 2017] <erisco> I'll have a peer through the available libraries to see what I won't have to define myself
[Tue Feb 21 19:15:35 2017] <erisco> but first a little test…
[Tue Feb 21 19:32:13 2017] <erisco> ah, so Coq doesn't do this either, hrm
[Tue Feb 21 19:32:16 2017] <erisco> it is really quite frustrating
[Tue Feb 21 19:32:58 2017] <Cypi> do what?
[Tue Feb 21 19:33:03 2017] <erisco> this is a ported example so don't expect amazing Coq code, but this is what I'm talking about http://lpaste.net/352830
[Tue Feb 21 19:33:36 2017] <erisco> in Haskell when you pattern match on "n" it refines the type of n
[Tue Feb 21 19:34:10 2017] <erisco> well, in Haskell we'd be pattern matching on a singleton but same idea
[Tue Feb 21 19:34:24 2017] <erisco> so it learns that n = 0 in the first case and n = S n' in the second
[Tue Feb 21 19:34:31 2017] <erisco> none of Coq, Agda, or Idris do this
[Tue Feb 21 19:34:35 2017] <Cypi> Ah yes, so, this is slightly complicated...
[Tue Feb 21 19:34:59 2017] <erisco> but there is an insane example of it surprisingly working in Idris
[Tue Feb 21 19:35:14 2017] <erisco> based on some crazy rules
[Tue Feb 21 19:35:21 2017] <Cypi> You can have the fact that "n = 0" in the first branch of your match, but you still cannot really unify n and 0: you only know that they are equal propositionally
[Tue Feb 21 19:35:59 2017] <Cypi> So if you really want to write something like this, you will need some rewriting, and this is clearly cumbersome to write (and use)
[Tue Feb 21 19:36:14 2017] <Cypi> (by "rewriting" I mean using a proof of equality to rewrite the type of something)
[Tue Feb 21 19:37:03 2017] <erisco> what does "propositionally equal" mean?
[Tue Feb 21 19:37:55 2017] <Cypi> It means that you have a proof of the equality between n and 0
[Tue Feb 21 19:38:08 2017] <Cypi> So literally, you have in your context an hypothesis of type "n = 0"
[Tue Feb 21 19:38:26 2017] <erisco> well, then what is the problem with "only" having propositional equality?
[Tue Feb 21 19:38:56 2017] <Cypi> The problem is that Coq won't be able to unify n and 0, which is why it complains in your example
[Tue Feb 21 19:39:14 2017] <erisco> why not? what does it require for that?
[Tue Feb 21 19:39:39 2017] <erisco> that is exactly what would happen in Haskell and so I've already got my mind set in a certain way
[Tue Feb 21 19:39:53 2017] <Cypi> It would require for n and 0 to be _definitionally_ equal. For instance, "1 + 1" and "2" are definitionally equal
[Tue Feb 21 19:40:10 2017] <Cypi> (to see what I meant about rewriting, this definition works: http://lpaste.net/352831 )
[Tue Feb 21 19:40:30 2017] <Cypi> (disclaimer: it's more complicated :p )
[Tue Feb 21 19:41:23 2017] <erisco> look at this Idris example https://github.com/idris-lang/Idris-dev/issues/3659
[Tue Feb 21 19:41:34 2017] <erisco> does that make any sense to you? I reported that as a possible bug and apparently it is not
[Tue Feb 21 19:42:11 2017] <Cypi> Actually, it makes sense! Let me write something similar in Coq
[Tue Feb 21 19:42:24 2017] <Cypi> (it won't be exactly the same, because Coq's pattern-matching is more primitive in a sense)
[Tue Feb 21 19:42:28 2017] <erisco> oh god -.-
[Tue Feb 21 19:42:41 2017] <erisco> * *sighs*
[Tue Feb 21 19:42:47 2017] <erisco> I don't know if I can take it! but I'll try
[Tue Feb 21 19:42:58 2017] <erisco> you have to understand that that violates such basic principles
[Tue Feb 21 19:43:21 2017] <erisco> let x = y in m  if I cannot substitute x for y in m and have it be the same then something is horribly wrong
[Tue Feb 21 19:43:59 2017] <Cypi> http://lpaste.net/352832
[Tue Feb 21 19:44:04 2017] <erisco> I cannot even imagine any sane reasoning behind that not being the case… but I guess I am about to find out
[Tue Feb 21 19:44:26 2017] <Cypi> So, in Coq it might be more obvious why it works
[Tue Feb 21 19:44:52 2017] <erisco> not in the slightest I am afraid
[Tue Feb 21 19:45:04 2017] <Cypi> The trick is that on the outside, the term 'y' has the type "Sing n". But inside each branch, it has type "Sing 0" and "Sing (S n')" respectively
[Tue Feb 21 19:45:13 2017] <Cypi> which is why you can write the "eqOnly ..." stuff
[Tue Feb 21 19:46:27 2017] <erisco> sure, but it doesn't make any sense to me why that works and the other doesn't
[Tue Feb 21 19:46:33 2017] <Cypi> The same with more type annotations: http://lpaste.net/352833
[Tue Feb 21 19:47:10 2017] <Cypi> In your first example (the one that doesn't work), instead of 'y', you have directly "MkSing n", whose type is "Sing n" and stays "Sing n" all along
[Tue Feb 21 19:47:28 2017] <Cypi> In the example that does work, the type of 'y' is changed through the pattern-matching
[Tue Feb 21 19:47:41 2017] <Cypi> [to be faire, dependent pattern-matching is complicated]
[Tue Feb 21 19:47:44 2017] <Cypi> [fair*]
[Tue Feb 21 19:48:36 2017] <Cypi> "< erisco> let x = y in m  if I cannot substitute x for y in m and have it be the same then something is horribly wrong" notice that in Coq, you are right, it doesn't work. If I don't add the trick of passing 'y' as an argument to the match, then it won't compile
[Tue Feb 21 19:50:42 2017] <erisco> I did not notice. So then the let/in part is unnecessary
[Tue Feb 21 19:51:09 2017] <erisco> you've done the equivalent of  let x = y in m ≡ (\x -> m) y
[Tue Feb 21 19:51:18 2017] <erisco> though I guess this doesn't work in Coq
[Tue Feb 21 19:51:30 2017] <erisco> all the basic stuff I know doesn't work anymore and that bothers me
[Tue Feb 21 19:52:31 2017] <Cypi> You are right, the let-in is unnecessary, you can do the substitution and it doesn't change anything: http://lpaste.net/352834
[Tue Feb 21 19:52:53 2017] <erisco> it isn't a valid one in Coq
[Tue Feb 21 19:52:56 2017] <Tuplanolla> What is this singleton business about?
[Tue Feb 21 19:52:58 2017] <erisco> it doesn't work the other way at least
[Tue Feb 21 19:53:01 2017] <Cypi> What I just pasted is valid
[Tue Feb 21 19:53:11 2017] <erisco> Tuplanolla, it is just a ported example I had from Idris
[Tue Feb 21 19:53:13 2017] <Cypi> Notice that you cannot substitue the y inside the match, this is not the same
[Tue Feb 21 19:53:17 2017] <Cypi> substitute*
[Tue Feb 21 19:53:21 2017] <erisco> where the Sing stuff is further ported from Haskell lol
[Tue Feb 21 19:53:36 2017] <Tuplanolla> I looked at Hackage and found automatically generated instance vomit.
[Tue Feb 21 19:53:56 2017] <erisco> yes it is awful in that way
[Tue Feb 21 19:54:05 2017] <erisco> I just rewrote the parts I cared about by hand so it wasn't so arcane
[Tue Feb 21 19:54:43 2017] <erisco> they have a feature where using TH you can promote regular Haskell code
[Tue Feb 21 19:54:56 2017] <erisco> and that is where the vomit comes from because they in turn define a bunch of things using their TH
[Tue Feb 21 20:01:41 2017] <erisco> Cypi, I wish I could understand why it makes sense…
[Tue Feb 21 20:02:24 2017] <erisco> let me try sticking holes in some places and maybe that reveals something
[Tue Feb 21 20:02:29 2017] <Cypi> Why it makes sense that your first example does not work, you mean?
[Tue Feb 21 20:02:40 2017] <erisco> why the first doesn't work
[Tue Feb 21 20:03:28 2017] <Cypi> The typing in Coq is actually quite easy to follow (sort of). So at some point it needs to typecheck the term "eqOnly n (MkSing 0) (MkSing n)"
[Tue Feb 21 20:03:52 2017] <Cypi> due to the type of MkSing, you know that "(MkSing 0)" has type "Sing 0", and that "(MkSing n)" has type "Sing n"
[Tue Feb 21 20:04:21 2017] <Cypi> but these types need to be exactly the same for this to typecheck. And they are not. End of story in this case.
[Tue Feb 21 20:05:03 2017] <Cypi> The fact that you could, at this point in the program, have a proof of "n = 0", does not change anything to the fact that "Sing 0" and "Sing n" cannot be unified
[Tue Feb 21 20:05:47 2017] <erisco> which is mind-numbingly confusing
[Tue Feb 21 20:05:53 2017] <erisco> but okay, why does it work in the other case
[Tue Feb 21 20:06:14 2017] <Cypi> So, let's take this one http://lpaste.net/352833
[Tue Feb 21 20:07:02 2017] <Cypi> At some point, it needs to typecheck the term "eqOnly 0 (MkSing 0) y". The type of (MkSing 0) is (Sing 0), and the type of y is (Sing 0), so they are the same, good, it typechecks!
[Tue Feb 21 20:07:19 2017] <Cypi> Same for the other branch. So each branch can be typechecked
[Tue Feb 21 20:07:29 2017] <erisco> why is the type of y Sing 0
[Tue Feb 21 20:07:56 2017] <Cypi> Well, locally, very simply because I have written "fun (y : Sing 0) => eqOnly 0 (MkSing 0) y", so you are in a function and y is an argument of type (Sing 0)
[Tue Feb 21 20:08:10 2017] <Cypi> Now the tricky part is: why does it make sense for these two branches to have different types?
[Tue Feb 21 20:08:32 2017] <Cypi> The first one has the type "Sing 0 -> nat", while the second one has the type "Sing (S n') -> nat"
[Tue Feb 21 20:09:02 2017] <Cypi> [now, as I said, what follows is tricky, especially since I probably don't explain it that well]
[Tue Feb 21 20:09:22 2017] <Cypi> Now you need to take notice of the "return" annotation in the match
[Tue Feb 21 20:09:51 2017] <Cypi> This is the expect type of the whole match, which in this case is "Sing n' -> nat", where you can see that n' is bound just before by the "as n'" clause
[Tue Feb 21 20:09:56 2017] <Cypi> expected*
[Tue Feb 21 20:10:07 2017] <erisco> why is "n as n'" necessary
[Tue Feb 21 20:10:14 2017] <erisco> can you not just use n?
[Tue Feb 21 20:10:21 2017] <Cypi> It is not actually, in this case you could just use case
[Tue Feb 21 20:10:30 2017] <Cypi> just use n*
[Tue Feb 21 20:10:44 2017] <Cypi> but in general, you might do the match on a more complicated term, and then you need a name to refer to the whole term
[Tue Feb 21 20:10:59 2017] <Cypi> "as n'" introduces such a name
[Tue Feb 21 20:11:09 2017] <erisco> okay
[Tue Feb 21 20:11:19 2017] <Cypi> So, we state that "Sing n' -> nat" is the expected type of the match, where n' stands for the term being matched on
[Tue Feb 21 20:11:32 2017] <erisco> so how does it accept that Sing 0 and Sing (S n') unifies with Sing n
[Tue Feb 21 20:11:47 2017] <Cypi> For this to typecheck, Coq checks that each branch has this type, but where n' is replaced by 0 and (S n') respectively
[Tue Feb 21 20:12:02 2017] <Cypi> (it is replaced by what is before the "=>" in each branch of the match, basically)
[Tue Feb 21 20:12:24 2017] <Cypi> So the first branch needs to have the type "Sing 0 -> nat", and the second branch needs to have the type "Sing (S n') -> nat"
[Tue Feb 21 20:12:37 2017] <Cypi> This is exactly what we have, so Coq is happy and can typecheck the whole match
[Tue Feb 21 20:13:17 2017] <erisco> well that's funny, because it seems to be using the fact that n = 0 to substitute n for 0
[Tue Feb 21 20:13:26 2017] <erisco> and that n = S n' similarly
[Tue Feb 21 20:13:35 2017] <erisco> so I still fail to see the difference
[Tue Feb 21 20:13:43 2017] <erisco> other than they chose it to work in this one case and not the other
[Tue Feb 21 20:14:26 2017] <Cypi> In the example that fails, this is more complicated: you are already inside the match, and suddenly you need to remember that this term of type "Sing n" can actually be seen as having type "Sing 0"
[Tue Feb 21 20:14:51 2017] <Cypi> I believe this would easily be undecidable (what if there are several nested match and so on? I don't know)
[Tue Feb 21 20:15:22 2017] <erisco> someone said the same thing and I don't get that either
[Tue Feb 21 20:15:25 2017] <Cypi> Whereas what I described is very mechanical: there is stuff that happens only at the match itself, and then we can just continue and forget that we are even in a match, it does not matter
[Tue Feb 21 20:15:32 2017] <erisco> if I saw an example where it is undecidable that would help
[Tue Feb 21 20:15:40 2017] <erisco> but it seems plain as day to me
[Tue Feb 21 20:16:53 2017] <Cypi> I'm not quite sure, I'm no expert in this kind of stuff. But I believe that it would be like accumulating rewriting rules "n <-> 0" and so on for each match that you go through
[Tue Feb 21 20:17:05 2017] <Cypi> and then try to tell if two terms are equal modulo these rewriting rules
[Tue Feb 21 20:17:16 2017] <Cypi> I think that's undecidable? Not entirely sure as I said
[Tue Feb 21 20:17:23 2017] <Cypi> but it certainly looks more complicated to me
[Tue Feb 21 20:19:26 2017] <erisco> okay, I am on the cusp of understanding this, but I need to mull it over
[Tue Feb 21 20:25:12 2017] <erisco> how do you focus on a subgoal?
[Tue Feb 21 20:28:20 2017] <Cypi> You can use "Focus 2" to focus on the second subgoal
[Tue Feb 21 20:28:24 2017] <Cypi> is that what you mean?
[Tue Feb 21 20:29:38 2017] <erisco> yes thanks
[Tue Feb 21 20:33:10 2017] <erisco> so it is actually an error for one of the branches to have type Sing n -> nat
[Tue Feb 21 20:34:48 2017] <Cypi> Indeed
[Tue Feb 21 20:35:12 2017] <erisco> but valid if they both have that type
[Tue Feb 21 20:35:43 2017] <Cypi> Well if they both have that type, and this is the expected type of the match, then yes
[Tue Feb 21 20:36:00 2017] <erisco> I don't get how that works
[Tue Feb 21 20:36:29 2017] <Cypi> if you keep the explicit (Sing n' -> nat) as in my example, then having both branch with the type (Sing n -> nat) would be an error
[Tue Feb 21 20:36:35 2017] <erisco> I can see the match substituting n, in the type, everywhere
[Tue Feb 21 20:37:02 2017] <erisco> but that doesn't explain why both branches with type Sing n -> nat works
[Tue Feb 21 20:37:07 2017] <erisco> n shouldn't exist anymore
[Tue Feb 21 20:37:21 2017] <Cypi> It works only if the return type of the match is (Sing n -> nat), and not (Sing n' -> nat)
[Tue Feb 21 20:37:24 2017] <Cypi> n still exists
[Tue Feb 21 20:37:27 2017] <erisco> and if it does then I don't understand why just one of the branches can't have that type
[Tue Feb 21 20:37:48 2017] <Cypi> because inside the match, there is no link anymore between n and 0 or n and (S n'))
[Tue Feb 21 20:39:16 2017] <erisco> why is that relevant
[Tue Feb 21 20:40:21 2017] <erisco> this is so confusing
[Tue Feb 21 20:40:32 2017] <erisco> let me paste another example
[Tue Feb 21 20:42:02 2017] <erisco> oh I think I had an issue with shadowing just then
[Tue Feb 21 20:42:39 2017] <Cypi> It's possible. That's why I tried to introduce the "as n'" clause even though it's unnecessary for instance. (and actually, I should have called that m, since it's not the same n' as in the "S n' => ..." case)
[Tue Feb 21 20:44:31 2017] <erisco> lpaste isn't working again just a minute
[Tue Feb 21 20:45:42 2017] <erisco> you can choose between an ad-laden site or one which goes down every hour
[Tue Feb 21 20:46:44 2017] <erisco> know any good ones?
[Tue Feb 21 20:47:19 2017] <Cypi> You can use this temporarily https://paste.isomorphis.me/
[Tue Feb 21 20:47:34 2017] <erisco> https://paste.isomorphis.me/ufh
[Tue Feb 21 20:47:40 2017] <Cypi> (I don't know how resillient it is though, since I think it's kind of a private server)
[Tue Feb 21 20:48:05 2017] <Cypi> So, in order.
[Tue Feb 21 20:48:28 2017] <Cypi> 1) The type of each branch needs to be the same as "Sing nn -> nat", where nn is replaced by 0 and (S n') respectively
[Tue Feb 21 20:48:47 2017] <Cypi> The second branch is correct, but the type of the first branch needs to be "Sing 0 -> nat", which is not the case
[Tue Feb 21 20:49:21 2017] <Cypi> 2) The type of each branch needs to be the same as "Sing n -> nat", where nn is replaced by 0 and (S n') respectively
[Tue Feb 21 20:49:33 2017] <Cypi> (no typo in my sentence, I am just trying to be as mechanical as possible)
[Tue Feb 21 20:50:10 2017] <Cypi> The first branch is correct, but the type of the second branch needs to be "Sing n -> nat", whereas it is "Sing (S n') -> nat"
[Tue Feb 21 20:51:02 2017] <erisco> okay, so I think I get this much of it
[Tue Feb 21 20:51:05 2017] <Cypi> 3) Here, this is because the annotations are not explicit enough. This is actually the same case at the first one. The "n" in the return clause is not the same "n" which is defined elsewhere
[Tue Feb 21 20:51:19 2017] <erisco> when we use "x as y" we're introducing a name y which is explicitly rewritten in the return type
[Tue Feb 21 20:51:42 2017] <Cypi> yup
[Tue Feb 21 20:51:58 2017] <erisco> okay, let me predict something that will work then
[Tue Feb 21 20:53:12 2017] <erisco> okay, so this alias is not in scope in the branch expressions
[Tue Feb 21 20:53:43 2017] <erisco> I predicted this to work https://paste.isomorphis.me/4uR
[Tue Feb 21 20:54:24 2017] <Cypi> It wouldn't make much sense to have it in scope. This "alias" is part of the type annotations, you couldn't for instance return it
[Tue Feb 21 20:55:26 2017] <erisco> return it?
[Tue Feb 21 20:55:59 2017] <Cypi> Writing something like "match n as m with 0 => m | S n' => m end" wouldn't make a lot of sense
[Tue Feb 21 20:56:04 2017] <Cypi> (that's what I meant by "return it")
[Tue Feb 21 20:56:20 2017] <erisco> I don't see why not but I guess that's just Coq
[Tue Feb 21 20:56:38 2017] <Cypi> Well, ultimately, what you are computing with are terms, not their types
[Tue Feb 21 20:57:28 2017] <erisco> so the type inference when we give none of these annotations is doing a lot
[Tue Feb 21 20:57:30 2017] <erisco> or so it seems
[Tue Feb 21 20:58:02 2017] <Cypi> It is, and it has improved a lot in the last version of Coq. But sometimes it will just fail and you will have to prived these annotations
[Tue Feb 21 20:58:12 2017] <Cypi> last versions* even
[Tue Feb 21 20:58:24 2017] <erisco> it has to take  Sing 0  and Sing (S n')  and figure out… I don't know what
[Tue Feb 21 20:58:29 2017] <Cypi> and provide* (sorry, I can't write tonight)
[Tue Feb 21 21:00:27 2017] <Cypi> Well, in this case, it knows that the whole match needs to have the type (Sing n -> nat), because it is applied to the term "y" which has type (Sing n)
[Tue Feb 21 21:00:53 2017] <erisco> ah yes, that is a help
[Tue Feb 21 21:01:45 2017] <Cypi> So it is looking for some predicate (P m) ("match n as m return P m with ... end"), such that (P n) is exactly (Sing n -> nat), (P 0) is exactly (Sing 0 -> nat), and (P (S n')) is exactly (Sing (S n') -> nat)
[Tue Feb 21 21:01:51 2017] <Cypi> in this case it's not too difficult
[Tue Feb 21 21:04:40 2017] <erisco> this is really obscured in Idris
[Tue Feb 21 21:04:49 2017] <erisco> like, invisible
[Tue Feb 21 21:05:11 2017] <Cypi> The pattern-matching in Idrid (and Agda) is more powerful. It will actually rewrite some types in the context
[Tue Feb 21 21:05:37 2017] <Cypi> So in this case, if there is something of type "Sing n" in the context, its type will be rewritten to "Sing 0" and "Sing (S n')" respectively
[Tue Feb 21 21:05:43 2017] <Cypi> in Coq you need to make that explicit
[Tue Feb 21 21:05:55 2017] <Cypi> (both have their pros and cons)
[Tue Feb 21 21:11:08 2017] <erisco> and it only ever rewrites in types
[Tue Feb 21 21:13:11 2017] <erisco> well that is a bit of a moot point seeing as how it works
[Tue Feb 21 21:13:30 2017] <Cypi> (I need to go, sorry. Good luck for the rest!)
[Tue Feb 21 21:13:30 2017] <erisco> anyways, alright, I think I see what is going on
[Tue Feb 21 21:13:37 2017] <erisco> yes thank-you for the help and have a good night
[Tue Feb 21 21:14:40 2017] <erisco> now I am having a hard time recovering how I was confused
[Wed Feb 22 12:29:06 2017] <johnw> is Gregory Malecha here?
[Wed Feb 22 13:18:08 2017] <erisco> what is the difference between Inductive and Structure? Is the only difference that Structure is products where as Inductive is products and sums?
[Wed Feb 22 13:18:21 2017] <erisco> and maybe Structures cannot be recursive whereas Inductive can but I am not sure
[Wed Feb 22 13:19:33 2017] <johnw> Record/Structure is equivalent to a chain of sigmas, so it's a special case of what you *could* do with Inductive
[Wed Feb 22 13:20:40 2017] <erisco> what feature does it miss?
[Wed Feb 22 13:21:05 2017] <johnw> it's non-recursive
[Wed Feb 22 13:21:08 2017] <johnw> it doesn't do sums
[Wed Feb 22 13:21:19 2017] <johnw> you pretty much nailed it before
[Wed Feb 22 13:21:22 2017] <erisco> I thought sigma gave you sums
[Wed Feb 22 13:21:41 2017] <johnw> only if you already have a sum
[Wed Feb 22 13:21:49 2017] <johnw> { b : bool | if b then X else Y }
[Wed Feb 22 13:22:16 2017] <erisco> right, okay
[Wed Feb 22 13:23:41 2017] <erisco> are Record and Structure synonymous
[Wed Feb 22 13:24:01 2017] <johnw> yes
[Wed Feb 22 13:27:27 2017] <erisco> what is the naming convention? it seems to be snake case
[Wed Feb 22 13:27:39 2017] <johnw> whatever you prefer
[Wed Feb 22 13:27:43 2017] <johnw> I think the stdlib is mostly snake
[Wed Feb 22 13:28:02 2017] <johnw> but since there's no large community of library developers, there's not much collision
[Wed Feb 22 13:28:40 2017] <erisco> should anything start with a capital?
[Wed Feb 22 13:28:53 2017] <johnw> Coq doesn't care
[Wed Feb 22 13:28:59 2017] <erisco> I know
[Wed Feb 22 13:29:04 2017] <johnw> the only thing that must start with a capital is a Vernacular command
[Wed Feb 22 13:29:43 2017] <erisco> I haven't used snake in a long time so maybe I'll use that for fun
[Wed Feb 22 13:30:05 2017] <erisco> I use one style for a year and then I think the grass is greener on the other side
[Wed Feb 22 13:36:22 2017] <erisco> can Structure/Record not take parameters?
[Wed Feb 22 13:37:29 2017] <erisco> when I satisfy the grammar I then am told a sort was expected
[Wed Feb 22 13:37:53 2017] <johnw> it can
[Wed Feb 22 13:38:06 2017] <johnw> Record Foo (A : Type) : Type -> Type := { ... }.
[Wed Feb 22 13:38:19 2017] <johnw> hmm
[Wed Feb 22 13:38:22 2017] <johnw> maybe it can't take indices
[Wed Feb 22 13:38:23 2017] <johnw> let me try
[Wed Feb 22 13:38:38 2017] <johnw> yeah, no indices
[Wed Feb 22 13:38:40 2017] <johnw> just parameters
[Wed Feb 22 13:38:46 2017] <johnw> another restriction
[Wed Feb 22 13:39:03 2017] <erisco> what is an index?
[Wed Feb 22 13:39:11 2017] <johnw> in the above, "Type ->"
[Wed Feb 22 13:39:40 2017] <erisco> well what is (A : Type) ?
[Wed Feb 22 13:39:44 2017] <johnw> a parameter
[Wed Feb 22 13:39:53 2017] <erisco> I am confused
[Wed Feb 22 13:39:58 2017] <johnw> what is the confusion?
[Wed Feb 22 13:40:09 2017] <erisco> I actually don't know what (A : Type) is there
[Wed Feb 22 13:40:17 2017] <johnw> it's a parameter to Foo
[Wed Feb 22 13:40:21 2017] <erisco> I thought things were introduced with ∀/forall/λ
[Wed Feb 22 13:40:23 2017] <johnw> just like a parameter to a function
[Wed Feb 22 13:40:36 2017] <johnw> sometimes you can do either
[Wed Feb 22 13:40:45 2017] <erisco> either what?
[Wed Feb 22 13:40:47 2017] <johnw> Definition foo (A : Type) : Type
[Wed Feb 22 13:40:55 2017] <johnw> Definition foo : forall (A : Type), Type
[Wed Feb 22 13:41:35 2017] <erisco> but I thought that (A : Type) (B : Type), Type  was the same as (A : Type) : Type -> Type
[Wed Feb 22 13:41:43 2017] <johnw> it almost is
[Wed Feb 22 13:41:58 2017] <johnw> depends on the context
[Wed Feb 22 13:42:04 2017] <johnw> for an Inductive type, it's very different
[Wed Feb 22 13:42:16 2017] <johnw> Inductive Foo (A : Type) : Type -> Type.
[Wed Feb 22 13:42:19 2017] <johnw> is quite different from
[Wed Feb 22 13:42:24 2017] <johnw> Inductive Foo (A : Type) (B : Type) : Type.
[Wed Feb 22 13:42:30 2017] <erisco> why?
[Wed Feb 22 13:42:34 2017] <johnw> it moves an index to a parameter
[Wed Feb 22 13:42:49 2017] <erisco> I don't know the difference between indices and parameters then
[Wed Feb 22 13:43:17 2017] <johnw> https://stackoverflow.com/questions/24600256/difference-between-type-parameters-and-indices
[Wed Feb 22 13:44:19 2017] <erisco> okay, well, I might ahve guessed that much, but I am still confused
[Wed Feb 22 13:44:45 2017] <erisco> (n : nat) (m : Fin n), Type   isn't this indexed?
[Wed Feb 22 13:44:47 2017] <johnw> I don't really have time just now to repeat the material that exists on this, so I recommend to keep reading.
[Wed Feb 22 13:45:53 2017] <erisco> what you described as indices and parameters I thought was the other way around
[Wed Feb 22 13:46:08 2017] <erisco> that to the left are the indices (or potentially) and to the right are only parameters
[Wed Feb 22 13:46:24 2017] <johnw> parameters are left, and to the left of the colon
[Wed Feb 22 13:46:35 2017] <johnw> are fixed*
[Wed Feb 22 13:46:39 2017] <johnw> indices may vary by constructor, and are to the right of the colon
[Wed Feb 22 13:47:10 2017] <erisco> okay but we have to introduce the index before it is used, right
[Wed Feb 22 13:47:19 2017] <johnw> yes
[Wed Feb 22 13:47:33 2017] <erisco> we introduce something with the shape (x : t) and then later use this as p x (or something like this)
[Wed Feb 22 13:47:45 2017] <erisco> but we cannot put anything of the form (x : t) to the right
[Wed Feb 22 13:47:50 2017] <erisco> and so this has to be on the left
[Wed Feb 22 13:47:55 2017] <erisco> and so the indexes have to be on the left
[Wed Feb 22 13:48:12 2017] <erisco> meaning parameters are on the right
[Wed Feb 22 13:49:36 2017] <johnw> from Chlipala's book: " Parameters are those arguments declared with section variables or with entries to the left of the first colon in an inductive definition."
[Wed Feb 22 13:51:30 2017] <erisco> I'll have to remain confused on this for now then
[Wed Feb 22 13:51:54 2017] <johnw> I don't know what you meant by "we introduce something with the shape (x : t)"
[Wed Feb 22 13:52:00 2017] <johnw> or what it had to do with inductive parameters...
[Wed Feb 22 13:52:27 2017] <erisco> inductive parameters? oO
[Wed Feb 22 13:52:50 2017] <johnw> Inductive Foo (parameter : Type) : forall index : Type, Type.
[Wed Feb 22 13:54:40 2017] <erisco> ah, I think I am just misunderstanding the notation
[Wed Feb 22 13:55:44 2017] <erisco> I was thinking of what goes before and after the comma, not the colon
[Wed Feb 22 13:55:54 2017] <erisco> I wasn't seeing that the colon was a different thing altogether
[Wed Feb 22 13:56:01 2017] <erisco> I haven't a clue what the colon is about
[Wed Feb 22 13:56:11 2017] <johnw> it's the usual "type" colon
[Wed Feb 22 13:56:11 2017] <erisco> seems redundant for all I can tell
[Wed Feb 22 13:56:44 2017] <erisco> Structure colour : ∀ (n : nat) (m : Fin n), Set  and  Structure colour (n : nat) (m : Fin n) : Set   both compile
[Wed Feb 22 13:56:52 2017] <erisco> are these any different?
[Wed Feb 22 13:56:52 2017] <notdan> the way I think about it, an inductive type with parameters is an inductive family. If you have Inductive Foo (n : nat) : Type , you have a family of types Foo 0, Foo 1, Foo 2.. etc. And the constctors for them are uniform in the sense that you can only write Inductive Foo (n : nat) := mkFoo : bla -> Foo n. If you were to write Inductive Foo : nat -> Type, then you could have a constructor bar : forall n, P n -> Foo n, or something like this.
[Wed Feb 22 13:57:36 2017] <notdan> or the List example at that stackoverflow link that johnw has posted
[Wed Feb 22 13:58:24 2017] <notdan> it actually explains why you want to define the type of vectors as Vec (T : Type) : nat -> Type
[Wed Feb 22 13:58:44 2017] <notdan> T (the paramter) stays the same but the natural number (the index) may vary
[Wed Feb 22 13:59:45 2017] <erisco> wait what… CoqIDE you're being weird on me again XD
[Wed Feb 22 14:00:01 2017] <erisco> Fin doesn't exist yet it gave me the green light more than once
[Wed Feb 22 14:00:03 2017] <erisco> now just to tell me it fails
[Wed Feb 22 14:00:16 2017] <erisco> why do they call it "t"? geez
[Wed Feb 22 14:00:23 2017] <erisco> how is that not going to collide all over the place
[Wed Feb 22 14:00:31 2017] <johnw> because you almost always refer to it as Fin.t
[Wed Feb 22 14:00:34 2017] <johnw> it's within a module
[Wed Feb 22 14:00:49 2017] <johnw> usually when a module defines an algebraic theory over a type, the type is just called 't'
[Wed Feb 22 14:01:27 2017] <erisco> okay, so the version with ∀ actually fails
[Wed Feb 22 14:01:41 2017] <erisco> I don't exactly see why that should be, but I suppose that is just the syntax they've chosen
[Wed Feb 22 14:05:12 2017] <notdan> Well, what sort of behaviour would you expect?
[Wed Feb 22 14:05:32 2017] <erisco> I'd just expect them to be equivalent
[Wed Feb 22 14:05:33 2017] <notdan> You are defining a new type that lives in T = forall n (m : Fin n), Set
[Wed Feb 22 14:05:57 2017] <notdan> but what you actually want to do is to define a family of colors for each n and (m : Fin n), I guess
[Wed Feb 22 14:06:08 2017] <notdan> so that you can use n and m in the fields of your structure
[Wed Feb 22 14:06:10 2017] <erisco> what is the :t of Coq?
[Wed Feb 22 14:06:27 2017] <notdan> Check?
[Wed Feb 22 14:06:48 2017] <notdan> As in [Check (1+1)]
[Wed Feb 22 14:06:59 2017] <erisco> colour
[Wed Feb 22 14:06:59 2017] <erisco>  : ∀ n : nat, t n → Set
[Wed Feb 22 14:07:19 2017] <erisco> see? so they'd be the same, other than that isn't the syntax they prescribe
[Wed Feb 22 14:07:24 2017] <erisco> which is fine, it is just inconsistent
[Wed Feb 22 14:07:40 2017] <notdan> What is the full definition of colour tho?
[Wed Feb 22 14:07:51 2017] <erisco> Structure colour (n : nat) (m : Fin.t n) : Set := {
[Wed Feb 22 14:07:51 2017] <erisco> }.
[Wed Feb 22 14:08:01 2017] <notdan> yeah, it should be equivalent
[Wed Feb 22 14:08:10 2017] <notdan> Probably an artefact of the old times
[Wed Feb 22 14:08:20 2017] <notdan> s/old times/past/
[Wed Feb 22 14:08:39 2017] <erisco> every project has it
[Wed Feb 22 14:09:05 2017] <erisco> so two things… how do I get "t" out of scope? is there a way to do qualified imports? import aliases?
[Wed Feb 22 14:09:29 2017] <erisco> I am not seeing anything in the docs for Require Import
[Wed Feb 22 14:09:31 2017] <notdan> ohh.. that is a touchy subject for me
[Wed Feb 22 14:09:46 2017] <notdan> there is no qualified import. in general module system in coq sucks
[Wed Feb 22 14:10:12 2017] <erisco> uh, hm
[Wed Feb 22 14:10:47 2017] <erisco> so we're a bit above C's #include but not so much
[Wed Feb 22 14:10:57 2017] <notdan> Maybe you can put your whole definition in the module and import Fin in that module only. Then, when you close the module, t should be out of scope
[Wed Feb 22 14:11:24 2017] <notdan> hehe that might be an apt comparison erisco
[Wed Feb 22 14:15:53 2017] <erisco> at least there is the option of incrementally qualifying the name, even though you cannot take the unqualified name out of scope
[Wed Feb 22 14:16:20 2017] <erisco> I worry about some accidental typos in the future
[Wed Feb 22 14:16:28 2017] <erisco> especially with things like "t" being in scope
[Wed Feb 22 14:21:04 2017] <johnw> "t" has never been a problem for me
[Wed Feb 22 14:36:02 2017] <erisco> I do not understand the type of get_colour here http://lpaste.net/352886
[Wed Feb 22 14:36:24 2017] <erisco> or actually not that
[Wed Feb 22 14:36:32 2017] <erisco> just, what is the constructor of colour called?
[Wed Feb 22 14:37:23 2017] <erisco> there is "colour" which is the type constructor
[Wed Feb 22 14:37:30 2017] <erisco> and "get_colour" which is the projector
[Wed Feb 22 14:40:31 2017] <erisco> ah ha, Build_colour
[Wed Feb 22 14:44:40 2017] <erisco> I read the docs 5 times and missed the one sentence that said this every time :P
[Wed Feb 22 15:46:51 2017] <erisco> Require Import Coq.MSets.MSets.  MSets.t  is not in scope
[Wed Feb 22 15:47:08 2017] <erisco> then I try  Require Import Coq.MSets.MSetAVL.  and MSetAVL.t  is not in scope
[Wed Feb 22 15:47:20 2017] <erisco> docs mention "t" but clicking on it doesn't take me to where it is defined
[Wed Feb 22 15:47:20 2017] <johnw> it's a module functor
[Wed Feb 22 15:47:40 2017] <johnw> you need to instantiate it with the module it requires
[Wed Feb 22 15:47:57 2017] <johnw> it wants to know something about the key type
[Wed Feb 22 16:16:03 2017] <erisco> okay, um, hm… so say I want an MSetList of Fin.t n
[Wed Feb 22 16:16:31 2017] <erisco> first, it seems like there is some interface to sets I am supposed to use? but I don't quite get how to
[Wed Feb 22 16:17:14 2017] <erisco> I can see Module XSet = Coq.MSets.MSetList Y  where Y is the implemented of OrderedType for X
[Wed Feb 22 16:23:02 2017] <johnw> yes
[Wed Feb 22 16:24:48 2017] <erisco> but what is MSetInterface about?
[Wed Feb 22 16:26:09 2017] <johnw> if you write code in a module functor against MSetInterface, it will work for any MSet
[Wed Feb 22 16:26:19 2017] <johnw> so it's for library writers, not users
[Wed Feb 22 16:26:28 2017] <johnw> or anyone who wants to generalize their implementation
[Wed Feb 22 16:29:59 2017] <erisco> am I right that there is no OrderedType implementation here? https://coq.inria.fr/distrib/current/stdlib/Coq.Vectors.Fin.html
[Wed Feb 22 16:30:42 2017] <johnw> what did you want to be ordered?
[Wed Feb 22 16:30:52 2017] <erisco> Fin n
[Wed Feb 22 16:30:52 2017] <johnw> Fin.t?
[Wed Feb 22 16:30:55 2017] <erisco> yes
[Wed Feb 22 16:31:13 2017] <johnw> i don't think you can use Fin n as a key for an MSet
[Wed Feb 22 16:31:21 2017] <erisco> but why? :s
[Wed Feb 22 16:31:25 2017] <johnw> unless you package it in an existential
[Wed Feb 22 16:31:28 2017] <johnw> { n & Fin n }
[Wed Feb 22 16:31:34 2017] <johnw> otherwise, the types of the keys vary
[Wed Feb 22 16:31:48 2017] <johnw> or, if you fix n
[Wed Feb 22 16:32:00 2017] <johnw> for some n, MSet (Fin n)
[Wed Feb 22 16:32:10 2017] <johnw> so I don't know which your trying to use
[Wed Feb 22 16:32:11 2017] <erisco> a particular set will only have Fin n for some n
[Wed Feb 22 16:32:14 2017] <johnw> ah, ok
[Wed Feb 22 16:32:21 2017] <johnw> that should be easy to define an OrderedType for
[Wed Feb 22 16:32:58 2017] <johnw> here's all you need to write:
[Wed Feb 22 16:32:58 2017] <johnw> https://gist.github.com/b2f3f60ab30602cd41c4e95f9123acfb
[Wed Feb 22 16:33:05 2017] <johnw> of course, change all the definitions
[Wed Feb 22 16:33:31 2017] <erisco> uh, what? :s
[Wed Feb 22 16:33:41 2017] <johnw> defining an OrderedType for Fin n
[Wed Feb 22 16:33:53 2017] <erisco> it just says "morked I"
[Wed Feb 22 16:33:59 2017] <johnw> hmm
[Wed Feb 22 16:34:16 2017] <johnw> https://gist.github.com/df9650284e55044a5fe51fcc268e1e67
[Wed Feb 22 16:35:19 2017] <erisco> thanks for the example
[Wed Feb 22 20:03:13 2017] <erisco> too bad there isn't newtype deriving :P
[Wed Feb 22 20:04:06 2017] <johnw> hahaha
[Wed Feb 22 20:04:15 2017] <johnw> if you think that's missing, just you wait
[Wed Feb 22 20:04:29 2017] <erisco> not sure which way to take that
[Wed Feb 22 20:04:40 2017] <johnw> programming in Coq is no easy thing, if you're used to Haskell
[Wed Feb 22 20:04:46 2017] <johnw> there's a TON of convenience features missing
[Wed Feb 22 20:04:51 2017] <johnw> stuff you may take for granted by now
[Wed Feb 22 20:05:16 2017] <johnw> usually you choose Coq because you need it, and because it's such an excellent tool for what it does well -- which is _not_ to act as a replacement for languages like Haskell
[Wed Feb 22 20:05:18 2017] <erisco> I may be persuaded to return to Idris but right now I don't know
[Wed Feb 22 20:05:45 2017] <erisco> well I cannot prove things in Haskell all that well, yet
[Wed Feb 22 20:05:54 2017] <johnw> have you actually tried Agda yet?
[Wed Feb 22 20:06:01 2017] <erisco> no
[Wed Feb 22 20:06:11 2017] <johnw> in some ways it's much more mature than Idris
[Wed Feb 22 20:06:27 2017] <erisco> I was quickly turned off because everything I tried to find on it seemed to be based on deprecated versions
[Wed Feb 22 20:06:35 2017] <erisco> so it seemed like a complete nightmare of an ecosystem
[Wed Feb 22 20:06:46 2017] <johnw> no worse than Coq
[Wed Feb 22 20:07:14 2017] <johnw> also, it's better at dependently-typed programming
[Wed Feb 22 20:08:02 2017] <erisco> how much is really missing?
[Wed Feb 22 20:08:21 2017] <johnw> the big thing: dependently-typed pattern matching
[Wed Feb 22 20:08:23 2017] <erisco> the tactics are a plus
[Wed Feb 22 20:08:48 2017] <erisco> the "with" stuff?
[Wed Feb 22 20:09:00 2017] <johnw> yeah
[Wed Feb 22 20:09:13 2017] <erisco> that was so insanely confusing I don't see how I can go back to that
[Wed Feb 22 20:09:14 2017] <johnw> when you match in Coq, you don't gain inferred equalities in the environment
[Wed Feb 22 20:09:24 2017] <erisco> if I had someone who could explain it to me in person, at length, then maybe
[Wed Feb 22 20:09:33 2017] <erisco> but to get there on my own I need to work with DT a lot more
[Wed Feb 22 20:09:34 2017] <johnw> you have provide those equalities for yourself manually, using something called the cargo pattern
[Wed Feb 22 20:10:03 2017] <johnw> well, whatever pain you experienced with 'with', doing dependently-typed programming in Coq is going to hurt more
[Wed Feb 22 20:10:17 2017] <johnw> really the only way to do it sanely is using tactics, but many times the resulting code kind of sucks
[Wed Feb 22 20:10:24 2017] <erisco> I couldn't even make sense of the scoping rules
[Wed Feb 22 20:10:35 2017] <erisco> though I was informed in the case of Idris that I encountered at least one bug
[Wed Feb 22 20:10:56 2017] <johnw> I hope Idris does well, it presents a nice possible future
[Wed Feb 22 20:11:45 2017] <erisco> right, well, by the time I figure out the redundant work in Coq I will better understand what these other languages are doing
[Wed Feb 22 20:11:58 2017] <johnw> well, maybe
[Wed Feb 22 20:11:59 2017] <erisco> I can use simplicity right now
[Wed Feb 22 20:12:10 2017] <johnw> the dot patterns in Agda are very cool
[Wed Feb 22 20:12:17 2017] <johnw> really nothing equivalent in Coq
[Wed Feb 22 20:16:29 2017] <johnw> dinner time now, good luck
[Thu Feb 23 13:29:22 2017] <jerryj> Hi everyone, I have 27 subgoals that I think can all be solved with a "- intros. apply H.".  I forget how to ask Coq to try to do that for each goal without typing it in 27 times. Does anyone know what I'm talking about?
[Thu Feb 23 13:32:04 2017] <artart78> you have to chain your tactic producing the 27 subgoals with "; intros; apply H."
[Thu Feb 23 13:32:13 2017] <artart78> ";" means "apply the rest to all the subgoals"
[Thu Feb 23 13:34:07 2017] <johnw> you can also use: all:(intros; apply H) after the fact
[Thu Feb 23 13:34:18 2017] <johnw> but it's more typical to say <tactics>;intros;apply H.
[Thu Feb 23 13:36:51 2017] <jerryj> artart78: johnw: Thanks! worked like a charm :)
[Thu Feb 23 13:38:46 2017] <johnw> and often if it's as easy as that, you can just use "; auto"
[Thu Feb 23 13:38:53 2017] <johnw> which has the benefit of continuing to work, even if H changes its name
[Thu Feb 23 13:42:26 2017] <jerryj> johnw: I'm not quite that lucky today, it seems :)
[Thu Feb 23 13:50:02 2017] <johnw> here's the scale of "figure it out for me!": assumption, trivial, auto, intuition, eauto, firstorder, crush (if you happen to have Adam's crash tactic available)
[Thu Feb 23 13:50:55 2017] <benzrf> ADAM CRUSH
[Thu Feb 23 13:51:10 2017] <johnw> exactly
[Thu Feb 23 13:51:21 2017] <johnw> crush is nice in the way that it interacts with hint databases
[Thu Feb 23 13:52:29 2017] <benzrf> adam chlipala had a job in a computer science department. then one day, there was an accident, and he was bombarded with beta[-reduction] rays
[Thu Feb 23 13:53:08 2017] <benzrf> now, when he becomes - well, not enraged, but fed the fuck up with irritating repetition - he transforms
[Thu Feb 23 13:55:13 2017] <johnw> first he transforms, then the goal transforms
[Thu Feb 23 13:55:27 2017] <johnw> the harder it gets, the stronger he becomes.  Hope that he never is asked to prove False.
[Thu Feb 23 13:55:38 2017] <jerryj> lmbo
[Thu Feb 23 13:58:06 2017] <stelleg> you either die a hero, or live long enough to write ltac
[Thu Feb 23 14:00:51 2017] <benzrf> anyone who willingly writes ltac is a hero imo
[Thu Feb 23 14:00:56 2017] <benzrf> by saving others from having to write it
[Thu Feb 23 14:03:52 2017] <jerryj> Would anyone be willing look at this code and advise me on the approach i'm taking so far? I'm really just trying to relearn the basics of Coq after being out of it a while, and i'm stuck on proving if a simple relation is transitive :(.  https://gist.github.com/jerry-james/5d912c639bf70f65a76730ae80279d43
[Thu Feb 23 14:05:08 2017] <johnw> many of these definitions are already in the stdlib
[Thu Feb 23 14:05:45 2017] <jerryj> oh good!
[Thu Feb 23 14:05:47 2017] <johnw> also, *is* it transitive?
[Thu Feb 23 14:06:10 2017] <jerryj> hmm...
[Thu Feb 23 14:06:47 2017] <jerryj> in my inductive type `r`, I intent the `r_t` constructor to make it transitive..
[Thu Feb 23 14:06:59 2017] <johnw> but transitivity must take into account every constructor
[Thu Feb 23 14:07:14 2017] <johnw> because it's the type that has to be transitive, not just one class of values of that type
[Thu Feb 23 14:07:53 2017] <johnw> the subtype { x : r | match x with r_t => True | _ => False end  } is most certainly transitive
[Thu Feb 23 14:09:59 2017] <jerryj> hmm.. i think i understand what you mean, but i'm not sure how to validate my understanding.  i'm not sure what to change to force the relation `r` to be transitive
[Thu Feb 23 14:11:13 2017] <johnw> for example, given two values (r_a : r B B) and (r_b :: r B B), what value do they give rise to?
[Thu Feb 23 14:12:15 2017] <jerryj> hmm.. Some x : B
[Thu Feb 23 14:12:24 2017] <johnw> (should have said r_a : r x y and r_b : r y z
[Thu Feb 23 14:12:29 2017] <johnw> r_? : r x z
[Thu Feb 23 14:12:44 2017] <johnw> oh, I see
[Thu Feb 23 14:12:47 2017] <johnw> that's what you inted r_t to do
[Thu Feb 23 14:13:27 2017] <johnw> then just do this:
[Thu Feb 23 14:13:30 2017] <jerryj> yeah, its kind of a mickey mouse file, i don't think i even need to to the theorems because that inductive `r` definition is basically trying to say "this is the way it is"
[Thu Feb 23 14:13:30 2017] <johnw> Proof. unfold transitive; intros; eapply r_t; eauto. Qed.
[Thu Feb 23 14:13:43 2017] <johnw> r_t is your reifed transitivity property, for all constructions
[Thu Feb 23 14:13:54 2017] <johnw> the same trick will work for r_s and r_r
[Thu Feb 23 14:14:14 2017] <jerryj> Wow!
[Thu Feb 23 14:14:28 2017] <jerryj> I need to read up on this magical `eapply` and `eauto`
[Thu Feb 23 14:14:44 2017] <johnw> eapply says "replace missing terms with evars (holes, essentially)"
[Thu Feb 23 14:14:58 2017] <johnw> eauto says "do what auto does, but try to invent/find terms to fill the holes"
[Thu Feb 23 14:15:14 2017] <jerryj> aaah amazing!
[Thu Feb 23 14:15:32 2017] <johnw> now, if all you want to do is to reify the equivalence relation
[Thu Feb 23 14:15:38 2017] <johnw> you could do that with a separate, helper structure
[Thu Feb 23 14:15:48 2017] <johnw> called "requiv", parameterized over the relation
[Thu Feb 23 14:16:11 2017] <johnw> Inductive requiv {A : Type} (r : relation A) := r_r | r_s | r_t.
[Thu Feb 23 14:16:30 2017] <johnw> now "requiv r" is trivially an equivalence, because what you've done is define the "free equivalence"
[Thu Feb 23 14:16:48 2017] <johnw> the problem will come when you try to interpret values of type "requiv r"
[Thu Feb 23 14:16:48 2017] <jerryj> ah that is the equivalence closure i need
[Thu Feb 23 14:17:00 2017] <johnw> because then you'll need to establish a meaning for r/s/t for r
[Thu Feb 23 14:17:35 2017] <jerryj> is that a result of some poor choice i've already made?
[Thu Feb 23 14:18:06 2017] <johnw> no, you've just "deferred the laws" in a sense
[Thu Feb 23 14:18:20 2017] <jerryj> i mean -- haven't i already defined a meaning for r/s/t over r?
[Thu Feb 23 14:18:33 2017] <johnw> you've simply encoded them
[Thu Feb 23 14:18:46 2017] <johnw> your evaluate, when it reaches an r_t value, will need to know what to do
[Thu Feb 23 14:18:55 2017] <johnw> evaluator*
[Thu Feb 23 14:19:04 2017] <jerryj> ooh gotcha -- the semantics aren't present here, no
[Thu Feb 23 14:19:07 2017] <johnw> right
[Thu Feb 23 14:19:12 2017] <johnw> which is the whole beauty of free constructions
[Thu Feb 23 14:19:27 2017] <jerryj> free constructions? i'm not familiar with that term
[Thu Feb 23 14:19:53 2017] <johnw> when you reify an algebra (like you're doing here for the equivalence algebra), you're create the free construction of that algebra
[Thu Feb 23 14:20:07 2017] <jerryj> is that the constructors in r?
[Thu Feb 23 14:20:11 2017] <johnw> often, free construction give rise to recognizable data structures; the free monoid is what computer scientist call a "list"
[Thu Feb 23 14:20:16 2017] <johnw> yes, r_r/r_s/r_t
[Thu Feb 23 14:21:05 2017] <johnw> I haven't encountered the free equivalence before, but I think sure it represents a graph
[Thu Feb 23 14:21:19 2017] <jerryj> ah okay -- so when i need to interpret `requiv r` i'll need some fixpoint function or something to do something with it? did i understand?
[Thu Feb 23 14:21:22 2017] <johnw> since it gives you identity, composition, and inversion
[Thu Feb 23 14:21:31 2017] <johnw> jerryj: yes, exactly
[Thu Feb 23 14:21:44 2017] <johnw> semantics are applied to a free construction by an evaluator, also called a fold
[Thu Feb 23 14:22:20 2017] <jerryj> :)
[Thu Feb 23 14:22:57 2017] <jerryj> the free equivalence is... let me guess... the equivalence closure over all free constructors?
[Thu Feb 23 14:23:13 2017] <johnw> i'm not that familiar with the term closure (I'm no mathematician)
[Thu Feb 23 14:23:24 2017] <jerryj> or maybe i'm out in space now, i haven't heard of the free equivalence before, either
[Thu Feb 23 14:23:35 2017] <johnw> I believe the free equivalence here is basically a free groupoid
[Thu Feb 23 14:23:39 2017] <jerryj> johnw: you aren't a mathematician!? i disagree...
[Thu Feb 23 14:24:05 2017] <johnw> I come at all of this from a CS perspective; if I can't code it, I don't really understand it
[Thu Feb 23 14:24:50 2017] <jerryj> oh i learned one sense of the word "closure" from "semantics engineering with plt redex", i think it means the r/s/t that closes the group with an operator, in this case r
[Thu Feb 23 14:25:13 2017] <johnw> ah, ok
[Thu Feb 23 14:25:15 2017] <jerryj> aaah gotcha -- i am the same way, but my math isn't where it needs to be yet.
[Thu Feb 23 14:25:32 2017] <johnw> for me, it just means a lambda that captures variables from the lexical scope, but I'd like to understand the math definition
[Thu Feb 23 14:26:35 2017] <jerryj> johnw: thank you so much for your help -- i have to run, even though i'd like to stay longer and learn more :)
[Thu Feb 23 14:26:45 2017] <jerryj> have a good day/night/evening!
[Thu Feb 23 14:26:52 2017] <johnw> you too, good luck!
[Thu Feb 23 14:28:56 2017] <johnw> https://ncatlab.org/nlab/show/groupoid mentions free equivalence relations, btw
[Fri Feb 24 11:16:02 2017] <johnhw>  In the first theorem of http://www.cs.cmu.edu/~rwh/papers/chitt/popl17.pdf, what does the notation bool [\cdot] mean?
[Fri Feb 24 11:16:54 2017] <johnhw> Context: If M ∈ bool [·] then either M ⇓ true
[Fri Feb 24 13:04:49 2017] <jrw> johnw: I believe it means that there are no free dimension symbols in M
[Fri Feb 24 13:08:55 2017] <jrw> the [.] notation supposed to represent the empty dimension context. in general, the dimension context is represented by the metavariable \Psi in the rest of that paper
[Fri Feb 24 14:18:46 2017] <stelleg> if anyone is interested I have the coq mode for vim mostly working on 8.6: github.com/stelleg/coquille
[Fri Feb 24 14:39:07 2017] <johnw> johnhw... no, not confusing at all :)
[Fri Feb 24 16:46:01 2017] <stelleg> I think I remember seeing something along the lines of forall a b, (x:a) (a=b) : b in the standard library
[Fri Feb 24 16:46:20 2017] <stelleg> anyone know off the top of their head if that's there and what its called
[Fri Feb 24 16:46:37 2017] <stelleg> * continues to wish for coogle
[Fri Feb 24 16:47:51 2017] <rrika> stelleg, eq_rect?
[Fri Feb 24 16:49:43 2017] <stelleg> rrika: ah thanks, that should work
[Fri Feb 24 16:49:46 2017] <rrika> eq_rect
[Fri Feb 24 16:49:46 2017] <rrika>      : forall (A : Type) (x : A) (P : A -> Type),
[Fri Feb 24 16:49:46 2017] <rrika>        P x -> forall y : A, x = y -> P y
[Fri Feb 24 16:49:50 2017] <rrika> where P is the identity
[Fri Feb 24 16:49:52 2017] <stelleg> yeah
[Fri Feb 24 18:07:52 2017] <stelleg> anyone know if there's anything relating nfuns to Vectors in the standard library?
[Fri Feb 24 18:08:04 2017] <stelleg> been doing some of that myself for fun
[Fri Feb 24 18:08:20 2017] <stelleg> but if it's there I should probably use it
[Fri Feb 24 18:18:24 2017] <stelleg> ho boy
[Fri Feb 24 18:18:35 2017] <stelleg> im regrestting trying to use eq_rect
[Fri Feb 24 22:51:45 2017] <benzrf> stelleg: loooool
[Fri Feb 24 22:52:02 2017] <benzrf> that's the coq user's slogan
[Fri Feb 24 22:52:41 2017] <benzrf> HAS PLT GONE TOO FAR???? https://twitter.com/warrendhatton/status/835305173220151296
[Sat Feb 25 10:23:24 2017] <xiabalkan> Hi, Can I prove (nat = Z -> False) in Coq?
[Sat Feb 25 10:46:59 2017] <modulus> pretty sure you can
[Sat Feb 25 10:52:49 2017] <xiabalkan> inversion doesn't works. Can you explain a bit more please?
[Sat Feb 25 10:56:49 2017] <modulus> http://stackoverflow.com/questions/12224318/how-to-solve-goals-with-invalid-type-equalities-in-coq
[Sat Feb 25 10:56:52 2017] <modulus> check the second answer
[Sat Feb 25 10:56:57 2017] <modulus> the first answer is in my view confusing
[Sat Feb 25 10:57:37 2017] <modulus> turns out it is harder than i thought
[Sat Feb 25 11:45:25 2017] <xiabalkan> Thanks a lot!! I read it and understood.
[Sat Feb 25 11:51:31 2017] <xiabalkan> Again, thanks for your help! I just removed my admit XD
[Sat Feb 25 15:54:19 2017] <roconnor> benzrf: there is already a game written in Coq.
[Sat Feb 25 15:54:24 2017] <roconnor> It's called Coqoban
[Sat Feb 25 15:57:26 2017] <johnw> does it come with a proof that you'll have fun playing it?
[Sat Feb 25 15:57:55 2017] <roconnor> It is just a sokoban clone.
[Sat Feb 25 15:58:11 2017] <roconnor> But proofs are involved.
[Sat Feb 25 15:58:42 2017] <roconnor> Each level is a conjecture that the level is solvable, and each level you solve results in a proof that the level is solvable.
[Sat Feb 25 16:03:34 2017] <johnw> nice
[Sat Feb 25 16:58:33 2017] <RegEchse> fun fact: somewhere in the readme to the game roconnor mentioned, the author says he was interested in knowing whether someone has written an automatic solver/proof generator for the levels. As i had read this, i was inclined to give it a try ("just for fun" i thought) ...  until i discovered how hard it is to write a good sokoban solver. Then i quickly let go of the idea ... ;D
[Sat Feb 25 16:59:07 2017] <RegEchse> anyway, good night.
[Sat Feb 25 17:50:27 2017] <benzrf> roconnor: jesus
[Sun Feb 26 11:54:25 2017] <Fare> Is there any small yet semi-usable virtual machine with its small step semantics formalized in Coq? If possible a virtual machine that is itself the target of a simple verified functional language compiler?
[Sun Feb 26 11:55:05 2017] <modulus> if someone finds this out i'd like to know too.
[Sun Feb 26 14:46:15 2017] <andrejbauer> anyone here to answer a quick question about Ltac "match goal with"?
[Sun Feb 26 14:51:08 2017] <andrejbauer> Any idea how to make the application of ltac "cow" work in lemma "tail" (it works in lemma horns): http://pastebin.com/rJzr37bn
[Sun Feb 26 15:17:03 2017] <RegEchse> andrejbauer: as you correctly recognized, it won't unfold X without you telling Ltac to do so. If all you want is delta expansion (i.e. replacing transparent definitions with their bodies) you can stick a 'cbv delta' in somewhere ...
[Sun Feb 26 15:18:11 2017] <RegEchse> try something like   |- ?X -> ?P => match eval cbv delta in X with True =>
[Sun Feb 26 15:18:29 2017] <RegEchse> unfortunately, i have to leave now. So, good luck! ;)   bye
[Sun Feb 26 15:18:33 2017] <andrejbauer> Where exactly would I stick it? I don't actually want to cbv delta the goal itself, I just want the reduced goal to be used for matching
[Sun Feb 26 15:18:45 2017] <andrejbauer> ok, I'll try that.
[Sun Feb 26 15:18:48 2017] <andrejbauer> It's ugly.
[Sun Feb 26 15:19:12 2017] <andrejbauer> tnx
[Sun Feb 26 19:13:17 2017] <cq1> I'm trying to compile Coq 8.6 with OCaml 4.04.0, and I'm getting "Error: Unbound module Toploop" on the command "COQMKTOP -o bin/coqtop.byte" from make. Anyone know what's going on?
[Mon Feb 27 02:22:14 2017] <bollu> what is the correct way to encode a theory in Coq?
[Mon Feb 27 02:22:28 2017] <bollu> do I create a typeclass, or is there some notion of "instantiation of a module"?
[Mon Feb 27 02:22:32 2017] <johnw> the stdlib uses both modules and typeclasses
[Mon Feb 27 02:22:40 2017] <bollu> I see
[Mon Feb 27 02:22:44 2017] <bollu> what are the pros and cons?
[Mon Feb 27 02:23:08 2017] <johnw> the fine points can get into a lot of subtleties, not all of which I'm fully cognizant of
[Mon Feb 27 02:23:27 2017] <johnw> personally, I'd try a module first, then move to a typeclass if it's not giving you the flexibility you want
[Mon Feb 27 02:23:38 2017] <johnw> but there are other ways too
[Mon Feb 27 02:23:56 2017] <johnw> canonical structures is another
[Mon Feb 27 02:24:56 2017] <johnw> modules may feel more natural, though, since the names you work with feel like they're at "global scope"
[Mon Feb 27 02:25:08 2017] <johnw> typeclasses need to be passed as implicit arguments (ala Constraints)
[Mon Feb 27 02:25:09 2017] <bollu> I see
[Mon Feb 27 02:25:17 2017] <johnw> and canonical structures I've never fully figured out
[Mon Feb 27 02:25:19 2017] <bollu> can you give me a link on using a module for this?
[Mon Feb 27 02:25:26 2017] <bollu> and, like, modules are parametrised too, right?
[Mon Feb 27 02:25:35 2017] <johnw> you have module types, which are like typeclasses
[Mon Feb 27 02:25:36 2017] <bollu> as in, I can define a theory in a module and instantiate it against multiple things?
[Mon Feb 27 02:25:54 2017] <johnw> you have module functors, which are like parameterized modules
[Mon Feb 27 02:25:56 2017] <johnw> and you have modules
[Mon Feb 27 02:26:05 2017] <johnw> usually your algebraic theory would go into a module type
[Mon Feb 27 02:26:13 2017] <johnw> and your generic code would go into a module functor that depends on that type
[Mon Feb 27 02:26:26 2017] <johnw> and your specific code would go into a module that instantiate the functor and type
[Mon Feb 27 02:26:29 2017] <bollu> I see, like the ML idea? (which I am vaguely familiar with)
[Mon Feb 27 02:26:37 2017] <johnw> I haven't used any of the ML family
[Mon Feb 27 02:26:40 2017] <bollu> OK
[Mon Feb 27 02:26:43 2017] <johnw> Coq modules are dumber though, I've heard
[Mon Feb 27 02:26:50 2017] <bollu> hm, so, is there a small example of this entire thing?
[Mon Feb 27 02:26:54 2017] <bollu> module + functor + instantiation
[Mon Feb 27 02:27:03 2017] <bollu> I was leaning towards typeclasses since I understand them better :)
[Mon Feb 27 02:27:17 2017] <johnw> https://coq.inria.fr/cocorico/ModuleSystemTutorial
[Mon Feb 27 02:27:29 2017] <bollu> thanks!
[Mon Feb 27 02:27:36 2017] <johnw> you can use them too, but they don't operate identically to Haskell
[Mon Feb 27 02:27:54 2017] <johnw> you'll run into weird cases of how instances are resolved, if you expect them to work out just like Haskell
[Mon Feb 27 02:28:07 2017] <bollu> I see
[Mon Feb 27 02:28:11 2017] <johnw> but, they can often be used in place of modules
[Mon Feb 27 02:28:23 2017] <johnw> so, just try things out, see what fits bets
[Mon Feb 27 02:28:36 2017] <bollu> cool, thanks :)
[Mon Feb 27 02:28:39 2017] <bollu> much appreciated
[Mon Feb 27 02:29:19 2017] <bollu> johnw: what is a "Parameter"?
[Mon Feb 27 02:29:32 2017] <bollu> oh, just the parameters of the module
[Mon Feb 27 02:29:32 2017] <bollu> OK
[Mon Feb 27 02:32:57 2017] <bollu> Infix "≤" := le : order_scope. what exactly is order_scope?
[Mon Feb 27 02:33:06 2017] <bollu> I notice that they do an Open Scope order_scope.
[Mon Feb 27 02:33:08 2017] <johnw> a syntactic scope
[Mon Feb 27 02:34:04 2017] <bollu> which means..?
[Mon Feb 27 02:34:13 2017] <johnw> how much have you used Coq?
[Mon Feb 27 02:34:20 2017] <bollu> nope :)
[Mon Feb 27 02:34:25 2017] <bollu> I have read through software foundations
[Mon Feb 27 02:34:31 2017] <bollu> not all of it
[Mon Feb 27 02:34:34 2017] <bollu> till ~chapter 5
[Mon Feb 27 02:34:41 2017] <johnw> I'm just thinking we might have a long stream of questions here :)
[Mon Feb 27 02:34:43 2017] <bollu> xD
[Mon Feb 27 02:34:44 2017] <bollu> ah
[Mon Feb 27 02:34:52 2017] <bollu> sorry about that :)
[Mon Feb 27 02:34:58 2017] <bollu> I would be cool with going and reading about it
[Mon Feb 27 02:35:07 2017] <johnw> that's ok, but maybe there's a better resource than IRC right before I head to bed
[Mon Feb 27 02:35:33 2017] <bollu> heh, fair point
[Mon Feb 27 02:35:45 2017] <bollu> but I couldn't really find one
[Mon Feb 27 02:35:58 2017] <johnw> scopes are pretty well documented in the Coq reference manual
[Mon Feb 27 02:36:04 2017] <johnw> I wouldn't worry about them
[Mon Feb 27 02:36:11 2017] <johnw> just do it all at module scope for now
[Mon Feb 27 02:36:21 2017] <bollu> OK
[Mon Feb 27 02:36:26 2017] <bollu> so I don't bother with the scope stuff?
[Mon Feb 27 02:36:34 2017] <johnw> nope, ignore it
[Mon Feb 27 02:36:38 2017] <bollu> OK, thanks!
[Mon Feb 27 02:36:56 2017] <bollu> my problem with the reference manual is that they often document using type theory. Which is nice if you're a type theorist..
[Mon Feb 27 02:37:14 2017] <johnw> https://coq.inria.fr/refman/Reference-Manual014.html
[Mon Feb 27 02:44:17 2017] <johnw> g'night
[Mon Feb 27 02:45:55 2017] <bollu> night :)
[Mon Feb 27 03:01:47 2017] <bollu> how do I instantiate reflexitivity of =?
[Mon Feb 27 03:01:49 2017] <bollu> given a : A
[Mon Feb 27 03:01:52 2017] <bollu> I want a term (a = a)
[Mon Feb 27 03:02:31 2017] <asmanur> IIRC, `refl a' does the job
[Mon Feb 27 03:02:35 2017] <Cypi> "eq_refl a" is such a term
[Mon Feb 27 03:02:47 2017] <bollu> thanks
[Mon Feb 27 03:02:49 2017] <bollu> :)
[Mon Feb 27 03:03:04 2017] <asmanur> oh my memory is fading away :-(
[Mon Feb 27 04:09:12 2017] <bollu> proving in coq feels so strange
[Mon Feb 27 04:09:14 2017] <bollu> usually in math
[Mon Feb 27 04:09:23 2017] <bollu> I start from my assumptions and mutate them to reach the goal
[Mon Feb 27 04:09:24 2017] <bollu> i.e
[Mon Feb 27 04:09:26 2017] <bollu> if I have a -> b
[Mon Feb 27 04:09:32 2017] <bollu> I mutate a to reach b
[Mon Feb 27 04:09:41 2017] <bollu> in coq, I seem to be mutating b to unify with a
[Mon Feb 27 04:10:10 2017] <lpaste_> bollu pasted “coq-group-encoding” at http://lpaste.net/353019
[Mon Feb 27 04:10:37 2017] <bollu> if someone could show me how to write this more idiomatically, it would help a lot :) It's an encoding of some simple group theory theorems in Coq
[Mon Feb 27 04:37:46 2017] <cocreature> bollu: you can actually operate in both directions. you can apply things to your goal and you can apply them to assumptions
[Mon Feb 27 04:38:08 2017] <bollu> cocreature: I tried using "rewrite" on my assumptions, but it fails to unify correctly
[Mon Feb 27 04:38:56 2017] <cocreature> bollu: rewrite is only for rewriting equalities, if you have something like "a -> b" and an assumption "a" you want to use "apply"
[Mon Feb 27 04:39:02 2017] <bollu> ah
[Mon Feb 27 04:39:59 2017] <bollu> cocreature: can you show me how to do this? g * h = g * k, then g^-1 * g * h = g^-1 *  g * k => h = k
[Mon Feb 27 04:40:06 2017] <bollu> cocreature: I want the "proof flow" to be in that direction
[Mon Feb 27 04:42:51 2017] <cocreature> sry I’m busy atm
[Mon Feb 27 04:42:58 2017] <bollu> ah, OK
[Mon Feb 27 04:43:10 2017] <bollu> cocreature: can you tell me where there are some examples of apply being used? other than the guide, that is
[Mon Feb 27 04:43:28 2017] <cocreature> I’m pretty sure "apply" is used all over the place in sf
[Mon Feb 27 04:45:36 2017] <bollu> OK
[Mon Feb 27 04:45:38 2017] <bollu> I shall check
[Mon Feb 27 04:45:40 2017] <bollu> thanks
[Mon Feb 27 05:37:25 2017] <bollu> what is the difference between apply and apply_with
[Mon Feb 27 05:39:23 2017] <bollu> as in
[Mon Feb 27 05:39:41 2017] <bollu> what is the difference between apply (f x y z) versus apply f with x y z
[Mon Feb 27 12:35:37 2017] <johnw> does anyone know if someone has written a script to compile the Coq documentation for dash?
[Mon Feb 27 13:06:47 2017] <Fare> what's dash?
[Mon Feb 27 13:08:37 2017] <johnw> a documentation browser on macOS
[Mon Feb 27 13:08:43 2017] <johnw> Zeal is the free Linux clone
[Tue Feb 28 03:08:09 2017] <itihas> if I have something in the context with an exists, can I i eliminate the exists and get a useful instance?
[Tue Feb 28 03:08:33 2017] <Cypi> you can "destruct" the something
[Tue Feb 28 03:08:43 2017] <Cypi> (only if your goal is in Prop, not in Type)
[Tue Feb 28 03:08:57 2017] <itihas> it is not a goal, it's in the context
[Tue Feb 28 03:09:55 2017] <Cypi> You can still destruct it
[Tue Feb 28 03:10:02 2017] <Cypi> I still meant everything I said x)
[Tue Feb 28 03:10:22 2017] <itihas> http://lpaste.net/6834486449153245184
[Tue Feb 28 03:10:32 2017] <itihas> Cypi: hm, that is interesting :)
[Tue Feb 28 03:11:04 2017] <itihas> yes, it works, thanks a ton!
[Tue Feb 28 03:11:15 2017] <itihas> also, is there some sort of quick reference for things like this?
[Tue Feb 28 03:11:23 2017] <itihas> I do not think the Coq manual counts ;)
[Tue Feb 28 03:12:17 2017] <modulus> the ttorial perhaps
[Tue Feb 28 03:12:51 2017] <Cypi> I think destructing stuff comes with some amount of experience. "destruct" is one of the basic tactics that you can use all the time. In this case "exists ..." is an inductive type like any other, so you can destruct it. So, if you wanted a "reference", I would say any course about Coq, and then you'll never forget it :)
[Tue Feb 28 03:12:55 2017] <modulus> https://coq.inria.fr/tutorial-nahas
[Tue Feb 28 03:14:28 2017] <Cypi> (Also, your goal will not be provable without some classical stuff. The -> direction is provable, but not the <- direction which is classical.)
[Tue Feb 28 03:14:48 2017] <Cypi> (Well, unless you have other assumptions about R, F and W that I do not see of course)
[Sat Mar 18 22:49:52 2017] <pedroabreu> Why can't I use the negation of a relation in its own definition? (example here https://gist.github.com/pedrotst/14296c346957f823ca2bced84bb90953)
[Sat Mar 18 23:20:38 2017] <benzrf> a riff on a facebook meme https://i.imgur.com/atfWJua.png
[Sat Mar 18 23:21:07 2017] <benzrf> pedroabreu: because it is non strictly positive
[Sat Mar 18 23:21:13 2017] <benzrf> [~Foo] means [Foo -> False]
[Sat Mar 18 23:21:16 2017] <benzrf> so it's in a domain position
[Sat Mar 18 23:25:22 2017] <pedroabreu> well, the error message says non strictly positive, but I have no idea what that means :(
[Sat Mar 18 23:25:34 2017] <pedroabreu> what do you mean by 'its in a domain position'?
[Sat Mar 18 23:34:08 2017] <benzrf> pedroabreu: basically there are restrictions on where a type can appear in its own definition
[Sat Mar 18 23:34:19 2017] <benzrf> in particular, it can't be the domain of a function which is an argument to a constructor
[Sat Mar 18 23:34:49 2017] <benzrf> i think it can be the domain of the domain though, i.e. ((Type -> Something) -> Otherthing) as a constructor arg is OK
[Sat Mar 18 23:35:17 2017] <benzrf> er never mind that's not ok
[Sat Mar 18 23:35:39 2017] <benzrf> i guess it cant appear anywhere in a domain...? not clear on the details myself, sorry
[Sat Mar 18 23:35:39 2017] <pedroabreu> hmm, got it
[Sat Mar 18 23:35:42 2017] <benzrf> :)
[Sat Mar 18 23:36:02 2017] <benzrf> allowing unrestricted reference here allows paradoxes i believe
[Sat Mar 18 23:36:09 2017] <benzrf> for example, consider
[Sat Mar 18 23:36:19 2017] <benzrf> Inductive foo := bar : ~foo -> foo.
[Sat Mar 18 23:36:40 2017] <benzrf> i don't know that this is a problem in and of itself, but it definitely blows up if we have LEM
[Sat Mar 18 23:38:18 2017] <pedroabreu> yeah, but axioms are always risky to be assumed
[Sat Mar 18 23:38:32 2017] <pedroabreu> oh, I guess you mean the LEM for foo only
[Sat Mar 18 23:38:34 2017] <pedroabreu> ok
[Sat Mar 18 23:41:28 2017] <pedroabreu> well thank you :)
[Mon Mar 20 09:56:37 2017] <Evgeny_> Hello. Are there any ways to calculate Coq's term size in some units?
[Mon Mar 20 10:00:18 2017] <Cypi> In Coq directly? Not really, since it doesn't really make sense from a computational viewpoint
[Mon Mar 20 10:00:40 2017] <Cypi> In OCaml, sure. In Ltac, probably.
[Mon Mar 20 10:06:31 2017] <Evgeny_> Not in Gallina directly, but maybe using Coqs Vernacular. Ready-to-use ltac will do.
[Tue Mar 21 21:55:47 2017] <penlu> I have a question about the use of the field tactic
[Tue Mar 21 21:56:26 2017] <penlu> how might I pass it a list of hypotheses that I have constructed automatically? I am not sure how to cope with `field [H1 H2 H3 ...]`
[Wed Mar 22 04:33:36 2017] <xiabalkan> Hi, I have "a := b" in my premise, and "a" in my goal. I want to replace "a" into "b" in my goal. I can use "unfold a" to do this. Can I do this without explicitly mentioning "a"?
[Wed Mar 22 04:34:17 2017] <xiabalkan> I tried "context[?x := ?y]" in ltac match, but it gives Syntax error.
[Wed Mar 22 12:13:31 2017] <jacobian> I'm trying to write the strongly specified assoc function forall (x:A) (l: assoc_list), {y | In (x,y) l} + {forall (y:B), ~In (x,y) l}. using tactics.
[Wed Mar 22 12:13:40 2017] <jacobian> It's very easy to get the correct answer using induction on l.
[Wed Mar 22 12:14:08 2017] <jacobian> However, the structure of the term itself does the recursive call prior to checking if the key is in the head of the list.
[Wed Mar 22 12:14:40 2017] <jacobian> Trying to change the order of this has proved a little confusing for me in using the tactics language. Obviously I can just use refine and fix and get what I want.
[Wed Mar 22 12:15:27 2017] <jacobian> But I wonder if there is a technique that could help me here. I imagine it has something to do with case_eq to remember the decomposition of the list, and then doing induction later and eliminating the nil case, but I keep getting an inductive hypothesis that is insufficiently abstract.
[Fri Mar 24 10:23:12 2017] <arjen> I have a goal with an equality [] = xs ++ ys, I need to get xs = [] and ys = [] from that, which is an inversion lemma when the order of the arguments of = are reversed (i.e. app_eq_nil). I even proved that x = y-> y = x, and tried to rewrite an assumption in that way, but according to Coq it wouldn't do anything, which is true in a certain sense. The problem, however remains.
[Fri Mar 24 10:25:11 2017] <Cypi> "symmetry in H; apply app_eq_nil in H"
[Fri Mar 24 10:26:01 2017] <Cypi> "x = y -> y = x" already exists, it's called "eq_sym", and symmetry will basically apply this in your hypothesis
[Fri Mar 24 10:26:01 2017] <arjen> Cypi: thanks.
[Fri Mar 24 10:29:06 2017] <arjen> Cypi: how do I convert H: a /\ b  to H1:a, H:b?
[Fri Mar 24 10:29:22 2017] <Cypi> "destruct H"
[Fri Mar 24 10:31:40 2017] <arjen> I also seem to get expressions like 0 + x a lot in my goals. If I want to get rid of those, the only way is basically to use Ltac like CPDT describes?
[Fri Mar 24 10:32:47 2017] <mortberg> did you try with ring?
[Fri Mar 24 10:35:03 2017] <arjen> mortberg: Error: cannot find relation
[Fri Mar 24 10:35:31 2017] <arjen> I just want to rewrite x + 0 to x.
[Fri Mar 24 10:35:42 2017] <cic> doesn't simpl do that?
[Fri Mar 24 10:35:50 2017] <cic> oh, not x + 0
[Fri Mar 24 10:35:57 2017] <cic> but 0 + x as you said before
[Fri Mar 24 10:36:28 2017] <arjen> I tried rewrite plus_0_r.
[Fri Mar 24 10:36:53 2017] <arjen> cic: no.
[Fri Mar 24 10:37:44 2017] <arjen> Already got this to work.
[Fri Mar 24 10:49:21 2017] <arjen> I now have x = a :: xs  -> <elided>. The premise is equivalent to false, but how do I explain that to Coq? It's some kind of discrimination, but what's a good way to only focus on the premise?
[Fri Mar 24 10:49:39 2017] <arjen> I meant xs = a :: xs
[Fri Mar 24 10:51:52 2017] <Cypi> You can prove by induction on xs
[Fri Mar 24 10:52:02 2017] <Cypi> (I'm surprised there isn't a lemma in the stdlib for this, maybe I missed it)
[Fri Mar 24 10:52:25 2017] <Cypi> in any case: "intros H; exfalse; induction xs; inversion H; auto" or something along those lines should be enough
[Fri Mar 24 10:52:27 2017] <arjen> Cypi: can that be done without introducing an extra lemma?
[Fri Mar 24 10:52:36 2017] <Cypi> sure
[Fri Mar 24 10:52:54 2017] <Cypi> exfalso*, not exfalse
[Fri Mar 24 10:55:30 2017] <arjen> Cypi: exfalso is for the whole goal, I only have H: xs = a :: xs -> <elided>.
[Fri Mar 24 10:55:53 2017] <Cypi> Oh. I'm sorry, I thought this was your goal, not a hypothesis
[Fri Mar 24 10:55:56 2017] <arjen> Cypi: so, the idea is that I want to conclude <elided>.
[Fri Mar 24 10:56:08 2017] <Cypi> If that's a hypothesis, then you can't do anything with it
[Fri Mar 24 10:56:09 2017] <arjen> Since I believe that <elided> is close to the real goal.
[Fri Mar 24 10:56:30 2017] <Cypi> it's the same as having "False -> <elided>", which is useless
[Fri Mar 24 10:56:40 2017] <Cypi> To use it, you'd have to prove False, which would solve the goal anyway
[Fri Mar 24 10:56:53 2017] <arjen> Cypi: ok
[Sat Mar 25 10:05:23 2017] <arjen> I tried to do https://homes.cs.washington.edu/~jrw12/InductionExercises.html, but I find even the first exercise hard. A natural way to think about the problem to me seems to be the observation that acc in ith iteration = sum_j=0^i xs[j]. This should imply that after n iterations, acc contains sum xs. However, a solution which I found somewhere online seems to require an inductive hypothesis that seems to come from nowhere (i.e., requires "
[Sat Mar 25 10:06:35 2017] <arjen> Now, in the code provided there is no variable "i" in scope, so it's already a slightly different problem, but I suppose there are ways to define the function such that it does and extract a version which doesn't mention "i".
[Sat Mar 25 10:10:01 2017] <arjen> The proposed solution reimplements 'sum' with an accumulator in one of the most unnatural ways possible (not the usual tail recusive accumulator). It seems completely artificially defined only to move the proof further.
[Sat Mar 25 10:11:16 2017] <arjen> It's quite "nice" that the author of this solution managed to solve the problem without any concept of "iteration", but it doesn't seem that this approach can possibly scale to any larger problems.
[Sat Mar 25 10:26:15 2017] <arjen> Or, perhaps more formally: forall k l acc, sum_tail' l acc = sum_tail' (drop k l) (sum (take k l)). seems like a useful lemma to prove.
[Sat Mar 25 10:26:54 2017] <arjen> This is, however completely not what the author of the exercise intended, AFAIK.
[Sat Mar 25 15:39:37 2017] <Ptival> is there a way to define an inductive and simultaneously a definition over the type defined?
[Sat Mar 25 15:39:40 2017] <Ptival> can't find the syntaax
[Sat Mar 25 16:09:48 2017] <jrw> Ptival: do you mean induction-recursion? in coq, no, I don't think so. agda has this, but I'm having trouble digging up documentation on it.
[Sat Mar 25 16:23:51 2017] <jrw> arjen really needs to get a bouncer.
[Sat Mar 25 19:45:51 2017] <Ptival> jrw: no no, something much simpler
[Sat Mar 25 19:46:14 2017] <Ptival> Inductive foo := Constructor : foolist -> foo   with   foolist := list foo.
[Sat Mar 25 19:46:36 2017] <jrw> ah, like SML's withtype.
[Sat Mar 25 19:46:49 2017] <jrw> can you use a notation for this?
[Sat Mar 25 19:46:52 2017] <Ptival> harder question: is there a nice way of defining an indexed family such that indices easily specify allowed/disallowed constructors?
[Sat Mar 25 19:47:07 2017] <Ptival> jrw: yeah a notation would work, I was trying to have a definition though
[Sat Mar 25 19:48:04 2017] <jrw> the only way I know how to do that is to inline the definition and then define it separately. this is not exactly the same, since the inductive contains the inlined definition, not the folded version.
[Sat Mar 25 19:48:05 2017] <Ptival> http://paste.awesom.eu/74qp I tried this but it's very unwieldy
[Sat Mar 25 19:48:57 2017] <jrw> what's the intended meaning of the indices there?
[Sat Mar 25 19:49:00 2017] <Ptival> (the idea being, type "rv" should be all constructors, "rvx" only the first four, "rx" only the first two)
[Sat Mar 25 19:49:27 2017] <Ptival> they only serve to mark what constructors are allowed for particular types
[Sat Mar 25 19:49:34 2017] <jrw> hmm
[Sat Mar 25 19:49:55 2017] <Ptival> each index describes a type-to-be
[Sat Mar 25 19:50:16 2017] <Ptival> a quantified bool indicates the constructor is allowed
[Sat Mar 25 19:50:21 2017] <Ptival> a "false" indicates it's disallowed
[Sat Mar 25 19:50:33 2017] <Ptival> then types are defined by putting a "true" in their slot
[Sat Mar 25 19:50:39 2017] <Ptival> it's hacky and impractical
[Sat Mar 25 19:50:43 2017] <jrw> would it be cleaner to define a separate "tag" type to use as the index?
[Sat Mar 25 19:50:49 2017] <jrw> or is that different somehow
[Sat Mar 25 19:53:11 2017] <Ptival> that would be nicer-looking but idk about usability
[Sat Mar 25 19:58:51 2017] <Ptival> I'm not sure how to express the overlaps
[Sat Mar 25 19:59:41 2017] <Ptival> I want : T1 = {C1, C2, C3, C4, C5}, T2 = {C1, C2, C3, C4}, T3 = {C1, C2}, T4 = {C1}
[Sat Mar 25 20:00:03 2017] <Ptival> (Ts are types, Cs are their allowed constructors)
[Sat Mar 25 20:01:11 2017] <Ptival> here I guess it's easy because they are strictly ordered
[Sat Mar 25 20:03:06 2017] <Ptival> so I could do the "Fin" trick to restrict constructors
[Sun Mar 26 02:13:04 2017] <jrw> Ptival: I stumbled across this francois pottier paper today that uses a similar trick, but with GADTs, to restrict the types: http://gallium.inria.fr/~fpottier/publis/fpottier-regis-gianas-typed-lr.pdf (see section 7)
[Sun Mar 26 11:58:22 2017] <vorgang> When defining an inductive family "Foo", I automatically get a bunch of functions, such as Foo_ind and Foo_rect. Is there a specification of what exactly happens when you define an inductive family? Thanks
[Sun Mar 26 20:12:03 2017] <jrw> vorgang: what level of specification are you looking for? what coq does in particular, or the general idea of inductive families?
[Sun Mar 26 23:12:52 2017] <vorgang> jrw: anything, really, but coq-specific would be nice
[Mon Mar 27 06:18:49 2017] <Evgeny_> Good day! Please remind me by which means we replace propositions of the form: A /\ True -> B with a simplier ones A -> B ?
[Mon Mar 27 06:24:04 2017] <Evgeny_> (Without proving an auxilary lemma)
[Mon Mar 27 06:28:25 2017] <Cypi> I don't think I know anything simpler that proving it with assert (or providing directly a proof-term, but that's not really simpler)
[Mon Mar 27 06:28:39 2017] <Cypi> do you mean replacing _all_ these propositions? Just one? In the context of an interactive proof?
[Mon Mar 27 06:29:54 2017] <Evgeny_> Replace all such (obvious) propositions with simplier ones in call hypothesis in a context.
[Mon Mar 27 06:30:05 2017] <Evgeny_> *in all hyp
[Mon Mar 27 06:30:57 2017] <Evgeny_> I think Coq users would like to have some "rewrite" for this kind of props.
[Mon Mar 27 06:31:02 2017] <Evgeny_> or "simpl"
[Mon Mar 27 06:32:10 2017] <Cypi> Sorry, I don't know of an easy vanilla way of doing it (apart from a few lines of Ltac)
[Mon Mar 27 06:32:26 2017] <modulus> you can destruct the hypothesis.
[Mon Mar 27 06:32:32 2017] <modulus> and clear the true term.
[Mon Mar 27 06:32:40 2017] <Cypi> Also, it might prove a little bit more complicated if some other hypotheses depend on these "A /\ True -> B" hypotheses
[Mon Mar 27 06:42:07 2017] <Evgeny_> Are you sure that destruct is able to "destruct" implication? And why is it so, because implication is not encoded as inductive type or where am I missing?
[Mon Mar 27 06:42:27 2017] <Evgeny_> I have tried to destruct "A /\ True -> B" and failed with error "Not an inductive type"
[Mon Mar 27 06:43:39 2017] <modulus> no, you can't destruct the impl
[Mon Mar 27 06:43:52 2017] <modulus> i meant you can intros the premise
[Mon Mar 27 06:43:57 2017] <Cypi> It won't work, you don't need to destruct anything because the /\ is in the domain position. If you have "H : A /\ True -> B", then the term "fun (x : A) => H (conj x I)" has type "A -> B"
[Mon Mar 27 06:43:58 2017] <modulus> and then destruct that
[Mon Mar 27 06:44:24 2017] <Evgeny_> Oh, well in my case I have (A /\ True -> B) as a hypothesis.
[Mon Mar 27 06:45:25 2017] <Evgeny_> I had to mention this in the first place. Sorry.
[Mon Mar 27 06:46:53 2017] <Evgeny_> Ok, thanks everyone. I would try to do something with it.
[Mon Mar 27 06:48:12 2017] <Cypi> What you could do is this (warning: Ltac incoming):
[Mon Mar 27 06:48:39 2017] <Cypi> repeat match goal with H : ?A /\ True -> ?B |- _ => let H' := fresh H in assert (A -> B) as H' by exact (fun x => H (conj x I)); clear H; rename H' into H end.
[Mon Mar 27 06:49:09 2017] <Cypi> but of course, it works only very specifically for "A /\ True -> B", and nothing else which would be also trivial
[Mon Mar 27 06:49:25 2017] <Cypi> ("True /\ A -> B" won't be simplified for instance)
[Mon Mar 27 07:10:43 2017] <Evgeny_> Cypi: Thanks!
[Mon Mar 27 09:31:03 2017] <jstolarek> which of Coq commands can I use to search theorems by their conclusions? Eg. I want to locate a theorem that concludes "n = n + 0" and possibly has some premises
[Mon Mar 27 09:31:55 2017] <Cypi> In this case, "Search (_ = _ + 0)." will work
[Mon Mar 27 09:32:22 2017] <Cypi> you'll have to check the refman to know the actual behavior of "Search" and related commands, I don't know that precisely
[Mon Mar 27 09:32:40 2017] <Cypi> (also, underscores are just wildcards, they don't check that it's the same term on both sides of the equality)
[Mon Mar 27 09:32:58 2017] <jstolarek> ah, parens
[Mon Mar 27 09:33:06 2017] <jstolarek> I was struggling trying to use quotes
[Mon Mar 27 09:34:10 2017] <jstolarek> thanks
[Mon Mar 27 13:05:35 2017] <jrw> vorgang: unfortunately, I don't know of any good coq-specific resources. however, I have found it helpful to understand inductive families in general, for example by reading the papers of peter dybjer.
[Mon Mar 27 13:05:59 2017] <jrw> while there are things that coq does differently, you can get pretty far by thinking of coq as "just" an implementation of these ideas.
[Mon Mar 27 16:19:56 2017] <Ptival> jstolarek: you need quotes for finding notations with Locate
[Mon Mar 27 16:20:06 2017] <Ptival> and parens to find terms with Search
[Mon Mar 27 17:40:34 2017] <benzrf> peano arithmetic is just a theory!
[Mon Mar 27 17:41:17 2017] <modulus> a theory full of Suc!
[Mon Mar 27 18:40:59 2017] <Ptival> damn, it's annoying that you can't use some Vernacular tokens...
[Mon Mar 27 18:41:12 2017] <Ptival> like you can't have a file Variable.v of type called Variable
[Tue Mar 28 18:12:44 2017] <vorgang> jrw: ugh, Peter Dybjer has published quite a few papers. Which one specifically would you recommend?
[Tue Mar 28 18:19:54 2017] <vorgang> unfortunately, some of the links to papers on his chalmers.se home page are dead
[Tue Mar 28 18:31:29 2017] <mortberg> vorgang: https://ncatlab.org/nlab/show/inductive+family#history
[Tue Mar 28 19:19:18 2017] <jrw> vorgang: I recommend starting by reading section 3 of this: http://www.cse.chalmers.se/~peterd/papers/Inductive_Families.pdf
[Tue Mar 28 19:19:39 2017] <jrw> the notation may take a bit of getting used to, but it should become clear if you work through the examples included there.
[Tue Mar 28 19:50:13 2017] <pedroabreu> when I have an instance of a class, how do I fetch its name in an Ltac? I mean, you can't find it matching against the goal.
[Tue Mar 28 20:02:44 2017] <johnw> the instance value will either be in the local proof context, or the global context
[Tue Mar 28 20:11:57 2017] <pedroabreu> let me send an example
[Tue Mar 28 20:13:18 2017] <pedroabreu> https://gist.github.com/pedrotst/a1294868bbb89d6ac65ba13ce5e0f41d
[Tue Mar 28 20:22:48 2017] <johnw> interesting
[Tue Mar 28 20:25:45 2017] <johnw> why do you need to do that at all?
[Tue Mar 28 20:25:51 2017] <johnw> this works for me: Ltac find_dec_tac L i:= edestruct (find_dec L).
[Tue Mar 28 20:25:58 2017] <johnw> it finds the needed instance
[Tue Mar 28 20:30:27 2017] <pedroabreu> I'm getting to the next level in my proofs Chlipala style and trying to get rid of the references to local variable names in my proofs
[Tue Mar 28 20:30:58 2017] <pedroabreu> I'm in the beginning, lerning Ltac and all that
[Tue Mar 28 20:31:14 2017] <pedroabreu> that seemed like a good automation
[Tue Mar 28 20:31:27 2017] <johnw> it's just not buying you anything
[Tue Mar 28 20:31:54 2017] <johnw> you're asking to see the chosen instance, and then turning around an explicitly trying to use that instance.  Better automation would be to have no explicit reference at all.
[Tue Mar 28 20:32:07 2017] <johnw> let instance lookup work for you
[Tue Mar 28 20:34:32 2017] <pedroabreu> yes, but I'd have to get that to the next level and make a through proof automation, since I might have several instances that match
[Tue Mar 28 20:34:51 2017] <johnw> wouldn't you be using the same intance either way?
[Tue Mar 28 20:35:06 2017] <johnw> I don't yet see how assigning a name to the instance helps...
[Tue Mar 28 20:35:39 2017] <pedroabreu> yeah, I think I can drop that
[Tue Mar 28 20:36:23 2017] <pedroabreu> Ltac find_dec_tac L i:= edestruct (find_dec L i). worked nicely thanks
[Tue Mar 28 20:36:39 2017] <pedroabreu> I didn't know edestruct was smart like that
[Tue Mar 28 20:37:31 2017] <johnw> i'm not sure you even need it
[Tue Mar 28 20:37:41 2017] <johnw> maybe regular destruct will work here too
[Tue Mar 28 20:38:21 2017] <pedroabreu> geez, it works! I've been wraping my head for nothing
[Tue Mar 28 20:38:23 2017] <pedroabreu> haha
[Wed Mar 29 01:05:51 2017] <vorgang> jrw: thanks
[Thu Mar 30 14:05:36 2017] <stelleg_web> could someone explain why an nary inductive type doesn't seem to be allowed, e.g. Inductive rel_n : forall n, nary bool n Prop := ...? It fails with the error 'Not an arity' on the type of the relation.
[Thu Mar 30 14:06:42 2017] <stelleg_web> works fine to do the equivalent rel_n_v : forall n, Vector.t bool n -> Prop, but I have an aesthetic preference for the nary version
[Thu Mar 30 14:06:52 2017] <johnw> i'd never heard of nary
[Thu Mar 30 14:07:56 2017] <stelleg_web> ah, sorry: https://coq.inria.fr/library/Coq.Numbers.NaryFunctions.html
[Thu Mar 30 14:08:19 2017] <johnw> ah, cool
[Thu Mar 30 14:08:32 2017] <johnw> nprod is just what I'm using for vector
[Thu Mar 30 14:11:27 2017] <stelleg_web> cool, hadn't seen that. I'm guessing nprod (S n) a := prod a (nprod n a)?
[Thu Mar 30 14:11:34 2017] <johnw> yep
[Thu Mar 30 17:16:08 2017] <Ptival> is there a way to write a tactic like "t := match goal with [ H : ... ] => ... end" such that "t; u" can change the choice of H in t when u fails?
[Thu Mar 30 17:18:04 2017] <Ptival> or do I need to pass `u` as a continuation to `t` so that its failure is understood by `t`?
[Thu Mar 30 17:20:46 2017] <Ptival> hmmm, even using a continuation I can't seem to
[Thu Mar 30 17:54:22 2017] <Ptival> nvm
[Thu Mar 30 17:57:43 2017] <Cypi> Ptival: I'm not sure, but isn't multimatch what you're looking for, maybe?
[Fri Mar 31 03:14:05 2017] <raduom> Hi. How should I fix the verilog vs coq proof general issue?
[Fri Mar 31 03:14:33 2017] <raduom> (emacs thinks my .v files are verilog, rather then coq files)
[Fri Mar 31 09:18:09 2017] <FUZxxl> Hello!
[Fri Mar 31 09:18:35 2017] <FUZxxl> I have two hypotheses of the form H0: x <= y, H1: y < z.
[Fri Mar 31 09:18:45 2017] <FUZxxl> sorry, not hypotheses but rather goals
[Fri Mar 31 09:18:59 2017] <FUZxxl> how do I combine them into a singel x <= y < z?
[Fri Mar 31 09:24:19 2017] <rrika> FUZxxl, if you do 'Locate "_ <= _ < _".' you can see that it's only an alias for "and (le x y) (lt y z)" anyway
[Fri Mar 31 09:24:37 2017] <rrika> so if you link the two propositions with /\ you're done
[Fri Mar 31 09:25:03 2017] <FUZxxl> rrika: how do I do that?
[Fri Mar 31 09:25:16 2017] <rrika> what exactly?
[Fri Mar 31 09:25:33 2017] <FUZxxl> rrika: combine two goals into one with a logical and
[Fri Mar 31 09:25:58 2017] <rrika> hm, are you in the middle of a proof right now?
[Fri Mar 31 09:26:03 2017] <FUZxxl> rrika: yes
[Fri Mar 31 09:26:08 2017] <rrika> what's your current goal?
[Fri Mar 31 09:26:21 2017] <rrika> just one half?
[Fri Mar 31 09:26:23 2017] <FUZxxl> I have two goals: x <= y and y < z
[Fri Mar 31 09:26:39 2017] <FUZxxl> and I want to apply a lema which proves (x <= y /\ y < z)
[Fri Mar 31 09:26:45 2017] <rrika> ah, okay
[Fri Mar 31 09:27:06 2017] <FUZxxl> but coq won't let me, so want to combine the two goals and see if that works
[Fri Mar 31 09:27:07 2017] <rrika> okay, so before you get to the point where you split into these two cases, you do "enough (x <= y /\ y < z)"
[Fri Mar 31 09:27:25 2017] <rrika> that will give you that as hypothesis and you can continue with that, and later you have to prove it
[Fri Mar 31 09:27:28 2017] <rrika> but your goal will have both
[Fri Mar 31 09:27:50 2017] <FUZxxl> ok
[Fri Mar 31 09:27:54 2017] <rrika> (assert (x <= y /\ y < z) does the same in reverse order, first you prove it's correct, then you can use it)
[Fri Mar 31 09:28:03 2017] <Cypi> You can also just apply your lemma which proves (x <= y /\ y < z)
[Fri Mar 31 09:28:19 2017] <Cypi> you won't be able to really reunite your two goals, but you can apply your lemma separately in each
[Fri Mar 31 09:28:49 2017] <rrika> apply is that clever?
[Fri Mar 31 09:28:55 2017] <FUZxxl> Cypi: that's what I tried first but I get unification problems.
[Fri Mar 31 09:29:10 2017] <Cypi> In most cases, apply is able to go through conjonctions, yes
[Fri Mar 31 09:29:22 2017] <rrika> another thing you could do is get the proof for (x <= y /\ y < z) and then destruct it and throw away one half with "clear"
[Fri Mar 31 09:29:36 2017] <rrika> (if it doesn't work automatically)
[Fri Mar 31 09:29:54 2017] <FUZxxl> Basically, I start with an inequality of the form (x <= y < w) which I want to refine to (x <= y < z) using a hypothesis.
[Fri Mar 31 09:30:16 2017] <FUZxxl> so I split that goal and applied transitivity
[Fri Mar 31 09:30:22 2017] <FUZxxl> but then I can't combine it again!
[Fri Mar 31 09:30:43 2017] <FUZxxl> somewhere in the documentation it is said that you never actually need assert
[Fri Mar 31 09:30:52 2017] <FUZxxl> which is why I was wondering how to do that
[Fri Mar 31 09:31:21 2017] <rrika> I guess the full signature is (x <= y < w) → (w < z) → (x <= y < z) ?
[Fri Mar 31 09:31:44 2017] <FUZxxl> rrika: of what?
[Fri Mar 31 09:32:03 2017] <FUZxxl> ah yeah, you can assume that
[Fri Mar 31 09:32:09 2017] <FUZxxl> (in ZArith)
[Fri Mar 31 09:34:27 2017] <rrika> ah, so you have something that when applied gives you (x <= y < w) but not (x <= y < w) itself?
[Fri Mar 31 09:34:42 2017] <FUZxxl> no
[Fri Mar 31 09:34:47 2017] <FUZxxl> I do have x <= y < w
[Fri Mar 31 09:35:07 2017] <FUZxxl> but it won't let me apply Zlt_trans to it to reach x <= y < z
[Fri Mar 31 09:36:52 2017] <FUZxxl>  get unification errors
[Fri Mar 31 09:36:57 2017] <rrika> yeah, Zlt_trans expects single inequalites, not combined ones
[Fri Mar 31 09:37:05 2017] <rrika> (forall n m p : Z, (n < m)%Z -> (m < p)%Z -> (n < p)%Z)
[Fri Mar 31 09:37:26 2017] <FUZxxl> so alternatively, how can I apply Zlt_trans to just part of the inequality?
[Fri Mar 31 09:38:36 2017] <rrika> destruct (x <= y < w) into (x <= y) and (y < w), then split your goal from (x <= y < z) to (x <= y) and (y < z) using "apply conj." the left one you can show with "assumption", the other one with "Zlt_trans"
[Fri Mar 31 09:40:10 2017] <FUZxxl> sadly, this doesn't solve my full problem
[Fri Mar 31 09:41:40 2017] <rrika> sorry, I guess I misunderstood, what else is there?
[Fri Mar 31 09:41:53 2017] <FUZxxl> my problem is: I have the goal (x <= y < z) and I want to use the hypothesis (w < z) to get the goal (x <= y z) so I can apply some lemma. Can this be done without using assert. etc.? I am interested in this because the manual claims that assert is never truly needed to prove things.
[Fri Mar 31 09:42:10 2017] <FUZxxl> my problem is: I have the goal (x <= y < z) and I want to use the hypothesis (w < z) to get the goal (x <= y < w) so I can apply some lemma. Can this be done without using assert. etc.? I am interested in this because the manual claims that assert is never truly needed to prove things.
[Fri Mar 31 09:42:42 2017] <rrika> the last approach I described doesn't need assert
[Fri Mar 31 09:42:59 2017] <rrika> and it's true, you can rebuild parts of your proof in each branch of it when you need it
[Fri Mar 31 09:43:14 2017] <rrika> sometimes it's convenient to prove something earlier so you can reuse it in the different branches
[Fri Mar 31 09:43:37 2017] <FUZxxl> true. However, I wasn't able to rebuild the part of the proof I needed as applying that lemma in each branch failed.
[Fri Mar 31 09:43:52 2017] <FUZxxl> (unable to unify)
[Fri Mar 31 09:44:35 2017] <rrika> can you paste your whole proof state + error online somewhere, my imagination is failing
[Fri Mar 31 09:45:02 2017] <FUZxxl> sorry
[Fri Mar 31 09:45:07 2017] <FUZxxl> let's see.
[Fri Mar 31 10:08:52 2017] <FUZxxl> I found my problem. There was a typo. Sorry for wasting your time, rrika.
[Fri Mar 31 10:10:53 2017] <rrika> haha, oh well, happens
[Fri Mar 31 10:12:24 2017] <FUZxxl> (basically, I used lt_trans instead of le_lt_trans)
[Fri Mar 31 10:12:59 2017] <rrika> heh
[Fri Mar 31 10:13:30 2017] <rrika> I need to go to work (should've gone hours ago) byebye and good luck
[Fri Mar 31 10:14:18 2017] <FUZxxl> see you
[Sat Apr  1 15:19:15 2017] <rrika> what does "by intros [|]." do?
[Sat Apr  1 15:25:10 2017] <rrika> oh, the reason I can't find it in the manual is because this source I have defines it itself, nevermind.
[Sat Apr  1 16:56:58 2017] <dredozubov> I have hypotheses `IHl : All P l -> forall x : T, In x l -> P x` and `All P l`. I expected `apply IHl in IHl.` to rewrite H2, but i'm getting `unable to unify`
[Sat Apr  1 17:04:13 2017] <dredozubov> oops, i meant `apply IHl in H2`
[Sat Apr  1 17:04:31 2017] <dredozubov> and it seems like in this case i'm getting Error: Unable to find an instance for the variable x.
[Sat Apr  1 17:07:20 2017] <modulus> you need a with clause to pass a value for x in there.
[Sat Apr  1 17:12:27 2017] <dredozubov> it works with `apply IHl with (x:=x0) in H2`, but i don't get why coq can't unify it
[Sat Apr  1 17:16:24 2017] <dredozubov> i expected it to rewrite H2 to `forall x : T, In x l -> P x`
[Sat Apr  1 18:25:36 2017] <RegEchse> dredozubov: that has somehow to do with how apply's "matching" works (but i can't explain any details). Note, however, that using apply here is somewhat bizarre anyway because you say like "find me a way to fit these two things together and then do it"; but in fact you know exactly what you want, namely just the term  IHl H2.
[Sat Apr  1 18:26:11 2017] <RegEchse> you can do  `assert (H2' := IHl H2).`  to introduce that into the context (if you really want)
[Sat Apr  1 18:31:13 2017] <rrika> how can I elegantly show "c = d" from "a b = Some c" and "a b = Some d"
[Sat Apr  1 18:33:51 2017] <modulus> are you allowed functional extensionality?
[Sat Apr  1 18:34:41 2017] <rrika> no, some is a constructor though, not a function
[Sat Apr  1 18:35:05 2017] <modulus> ah... that was the direction of my thought :-(
[Sat Apr  1 18:35:11 2017] <rrika> I did it with "rewrite H1 in H2" and "inversion" on the resulting (Some c = Some d) and "reflexivity" after the goal turned into "d = d"
[Sat Apr  1 18:35:18 2017] <rrika> it's not very nice thouhg
[Sat Apr  1 18:35:38 2017] <Cypi> I would have done that too
[Sat Apr  1 18:35:43 2017] <rrika> okay, that's reassuring
[Sat Apr  1 18:36:06 2017] <rrika> I'm poking around ch2o and am too lazy to install coq8.5 again (after I upgraded to 8.6)
[Sat Apr  1 18:36:08 2017] <rrika> so I'm porting it now
[Sat Apr  1 18:36:21 2017] <rrika> very weird in which ways proofs break
[Sat Apr  1 18:36:57 2017] <rrika> another weirdness was "tactic1; tactic2" going into an infinite loop, but if I copy paste tactic2 as many times as tactic1 gives goals, it works
[Sun Apr  2 12:01:19 2017] <rrika> can I make local definitions in an 'Inductive'?
[Sun Apr  2 12:04:53 2017] <rrika> I guess not.
[Sun Apr  2 12:04:55 2017] <rrika> https://coq.inria.fr/refman/Reference-Manual003.html
[Sun Apr  2 12:05:07 2017] <rrika> inductive	::=	Inductive ind_body with … with ind_body, …
[Sun Apr  2 12:32:19 2017] <RegEchse> rrika: you can use a Section together with Let; after closing the section, the Let idents will be replaced by their definition. E.g.  `Section TMP. Let t := (my long term that i don't want to repeat). Inductive Foo := X : t -> Foo | Y : t -> t -> Foo. End TMP.`
[Sun Apr  2 12:32:53 2017] <rrika> RegEchse, the long term can't depend on Foo though, right?
[Sun Apr  2 12:33:17 2017] <rrika> well, I can pass it in myself.
[Sun Apr  2 12:33:18 2017] <RegEchse> yes, that won't be possible. :/
[Sun Apr  2 12:33:27 2017] <rrika> won't be as short, but acceptable
[Sun Apr  2 19:21:08 2017] <Ptival> yeah, that's not possible, I was trying the other day I think :(
[Sun Apr  2 19:21:14 2017] <Ptival> same with Records + Inductive
[Mon Apr  3 04:39:36 2017] <xiabalkan> Hi
[Mon Apr  3 04:40:11 2017] <xiabalkan> I want to destruct "match X as __ return", but destruct X gives me "Error: Abstracting over the term "o" leads to a term" this error.
[Mon Apr  3 04:41:17 2017] <xiabalkan> Definition is made with "Program Definition". What I typed was normal pattern match, but it is changed into dependent pattern match (with variable name "anonymous") for the obligation proof.
[Mon Apr  3 04:41:45 2017] <xiabalkan> I do not understand dependent pattern match in deep. How can I solve this problem?
[Mon Apr  3 06:15:05 2017] <augae> Where can I find in the reference manual that "eval delta [H] in H." is a valid RHS of an Ltac definition? Specifically '[H]' is nowhere to be found as being valid, yet it does work.
[Mon Apr  3 06:16:27 2017] <Cypi> What does it do? I wasn't aware of this syntax :o
[Mon Apr  3 06:16:39 2017] <augae> Cypi: I have no clue.
[Mon Apr  3 06:16:51 2017] <augae> augae: well, I can guess.
[Mon Apr  3 06:17:18 2017] <augae> Cypi: but I don't like to guess, so let's not go there.
[Mon Apr  3 06:17:39 2017] <Cypi> Even "delta" is not supposed to be valid, according to the documentation
[Mon Apr  3 06:17:49 2017] <Cypi> "where redexpr is a reduction tactic among red, hnf, compute, simpl, cbv, lazy, unfold, fold, pattern."
[Mon Apr  3 06:18:22 2017] <augae> Cypi: heh, I even overlooked that one.
[Mon Apr  3 06:18:30 2017] <augae> Cypi: I just think this is super sloppy.
[Mon Apr  3 06:18:57 2017] <augae> It makes Coq a language which can only be used by the magicians who made it with their secret incantations ;)
[Mon Apr  3 06:19:25 2017] <Cypi> I mean, there are some secret incantations, but they are not necessary (or at least I hope so)
[Mon Apr  3 06:21:13 2017] <augae> Cypi: I was hoping to find someone here who does know what it means.
[Mon Apr  3 06:21:25 2017] <Cypi> I'm looking at the source code. What is your version of Coq?
[Mon Apr  3 06:22:27 2017] <augae> 8.6
[Mon Apr  3 06:22:58 2017] <augae> I was also able to make CoqIDE crash by merely loading a previously saved file (few hundred lines).
[Mon Apr  3 06:23:05 2017] <Cypi> Hmm. Do you have any plugin? It doesn't seem to be valid syntax on my end :o
[Mon Apr  3 06:23:47 2017] <augae> Cypi: Ltac get_value H := eval cbv delta [H] in H.
[Mon Apr  3 06:24:06 2017] <Cypi> ah, you did not mention the "cbv" part!
[Mon Apr  3 06:24:19 2017] <Cypi> https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic145
[Mon Apr  3 06:24:23 2017] <Cypi> there you go, all specified :)
[Mon Apr  3 06:24:43 2017] <Cypi> (I meant to link the "cbv" section)
[Mon Apr  3 06:24:59 2017] <Cypi> (specifically, "The delta flag itself can be refined into delta [qualid1…qualidk] ...")
[Mon Apr  3 06:26:06 2017] <Cypi> combined with this https://coq.inria.fr/refman/Reference-Manual011.html#sec481 which explains the "eval ... in ..." part
[Mon Apr  3 06:26:10 2017] <augae> Cypi: thanks
[Mon Apr  3 06:26:48 2017] <augae> Cypi: eval (cbv (delta [H])) in H. would have been simpler.
[Mon Apr  3 06:27:05 2017] <augae> Cypi: can I print expressions with all parens somehow?
[Mon Apr  3 06:27:24 2017] <augae> Cypi: I meant definitions.
[Mon Apr  3 06:27:25 2017] <Cypi> I don't know that. I'm not even sure parens are allowed here actually
[Mon Apr  3 06:28:43 2017] <augae> Cypi: they are not.
[Mon Apr  3 06:29:49 2017] <augae> Cypi: perhaps they hate Lisp.
[Mon Apr  3 07:34:52 2017] <dredozubov> https://github.com/mukeshtiwari/Coq/blob/master/software-foundation-8.5/IndProp.v#L352 what does `induction 2` do here?
[Mon Apr  3 07:35:38 2017] <Cypi> induction on the second non-dependent hypothesis
[Mon Apr  3 07:35:49 2017] <Cypi> ("non-dependent" meaning that the rest of the goal does not depend on it)
[Mon Apr  3 07:36:18 2017] <dredozubov> can't wrap my head around "non-dependent" part still
[Mon Apr  3 07:36:35 2017] <dredozubov> is it induction on 'n <= o'?
[Mon Apr  3 07:36:39 2017] <Cypi> yes
[Mon Apr  3 07:36:57 2017] <Cypi> It basically means "the second non-named hypothesis", if you want to see it like that
[Mon Apr  3 07:37:04 2017] <dredozubov> can you show an example where it won't be non-dependent?
[Mon Apr  3 07:37:29 2017] <Cypi> In your example, m n and o are hypotheses that would be "dependent"
[Mon Apr  3 07:38:14 2017] <dredozubov> is it fair to say that it becomes dependent when it's explicitly quantified?
[Mon Apr  3 07:38:35 2017] <Cypi> Does "explicitly quantified" means that it has an apparent name?
[Mon Apr  3 07:38:37 2017] <Cypi> mean*
[Mon Apr  3 07:40:02 2017] <dredozubov> i mean that there's quantifier with a name to the left
[Mon Apr  3 07:40:53 2017] <Cypi> Then yes, I guess. If you can remove the name and still have a goal that makes sense, then it's non-dependent; otherwise, if you need a name, it's dependent
[Mon Apr  3 07:41:20 2017] <Cypi> [the documentation talks about "non-dependent product", it's more correct than the term "non-dependent hypothesis" that I was using]
[Mon Apr  3 07:43:19 2017] <dredozubov> can i rewrite this proof by explicitly stating i want to apply induction tactic on `n <= o`?
[Mon Apr  3 07:43:38 2017] <dredozubov> i get an error: "Not an inductive product" when i try to do that
[Mon Apr  3 07:44:02 2017] <Cypi> You could first intros everything manually and then do an induction: "intros m n o Hmn Hno. induction Hno."
[Mon Apr  3 07:44:33 2017] <Cypi> you cannot write directly "induction (n <= o)" because you don't want to do an induction on the term "n <= o", you want to do an induction on a term _whose type is_ "n <= o"
[Mon Apr  3 07:44:36 2017] <dredozubov> hmm, i can do that if i "intro" that hypothesis, the do "induction Hnlto"
[Mon Apr  3 14:58:11 2017] <chatter29> hey guys
[Mon Apr  3 14:58:13 2017] <chatter29> allah is doing
[Mon Apr  3 14:58:20 2017] <chatter29> sun is not doing allah is doing
[Mon Apr  3 14:58:25 2017] <chatter29> to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger
[Mon Apr  3 15:06:13 2017] <johnw> he's definitely reduced the volume of his contribution each time
[Mon Apr  3 17:29:04 2017] <Ptival> :)
[Mon Apr  3 20:52:45 2017] <rrika> …
[Mon Apr  3 21:32:14 2017] <significance> When you use the "exists" tactic, does the name passed to it have to be unique from any previous name?
[Mon Apr  3 21:34:54 2017] <jrw> significance: I'm not exactly sure what you mean. exists takes an argument that is the "witness" for the existential. the witness can be any term, not just a name.
[Mon Apr  3 21:35:21 2017] <jrw> and exists doesn't add any new things to your context, so you shouldn't need to worry about uniqueness of names or anything.
[Mon Apr  3 21:35:50 2017] <jrw> it is true that for some of the other tactics that do introduce new things into the context, you do need to provide fresh names or it will complain.
[Mon Apr  3 21:36:05 2017] <significance> jrw: ahh, it makes a lot more sense now. thank you!
[Mon Apr  3 21:39:43 2017] <significance> is there a difference between running <tactic 1>.\n<tactic 2>. and <tactic 1>; <tactic 2>. ?
[Mon Apr  3 21:43:53 2017] <rrika> significance, yes, tactic 2 will be applied to each resulting goal of tactic 1.
[Mon Apr  3 21:44:02 2017] <significance> rrika: thank you!
[Mon Apr  3 21:45:04 2017] <significance> is there a way to Show in coqtop in between semicolon-ed tactics?
[Mon Apr  3 21:45:36 2017] <rrika> significance, I don't know how to do that. I'm asking myself that as well.
[Mon Apr  3 21:45:51 2017] <significance> rrika: huh -- no worries! thank you :)
[Mon Apr  3 21:59:55 2017] <jrw> there's no way of doing that, unfortunately.
[Mon Apr  3 22:12:04 2017] <significance> jrw: bummer -- thank you!
[Mon Apr  3 22:20:12 2017] <rrika> are there any tools to pinpoint sources of performance problems in coq?
[Mon Apr  3 22:20:21 2017] <rrika> proofs taking forever to check, or taking up 8GB while checking
[Tue Apr  4 11:37:29 2017] <lpaste> cocreature pasted “No title” at http://lpaste.net/354277
[Tue Apr  4 11:38:00 2017] <cocreature> Hey, I’m trying to figure out how to make my adt so that it only allows constructing pairs if the arguments are values
[Tue Apr  4 11:38:22 2017] <cocreature> however I fail to define the mutually recursive types because "Expr was not found in the current environment"
[Tue Apr  4 11:38:26 2017] <cocreature> any ideas?
[Tue Apr  4 11:43:35 2017] <Cypi> So, what you are trying to do is called induction-induction, and it's currently not supported by Coq
[Tue Apr  4 11:44:07 2017] <cocreature> Cypi: oh ok, well I guess the good thing is that it’s at least not me being stupid
[Tue Apr  4 11:44:22 2017] <cocreature> I’ll just add the value condition to my step relation instead of to the adt
[Tue Apr  4 11:44:29 2017] <cocreature> thanks!
[Wed Apr  5 07:46:56 2017] <cocreature> is there any way to automatically generate stronger induction hypothesis in particular for propositions with lists? I found https://stackoverflow.com/questions/39976451/induction-principle-for-propositions-with-lists-or-lnr-for-expressions-with-ne and I was able to adapt it to my own types but it seems kind of annoying to have to write and prove these lemmas for every type like this.
[Wed Apr  5 07:50:06 2017] <cocreature> or maybe there is away to avoid these predicates altogether and replace them by equivalent predicates that don’t require custom induction principles?
[Wed Apr  5 09:35:30 2017] <jstolarek> how do I turn premise H: a < b into H0: b > a ?
[Wed Apr  5 09:52:44 2017] <rrika> jstolarek, you can do the reverse with "unfold gt in H0"
[Wed Apr  5 09:53:10 2017] <notdan> then maybe fold (gt b a) in H0 would work?
[Wed Apr  5 09:53:35 2017] <rrika> yep
[Wed Apr  5 09:53:43 2017] <rrika> didn't know about 'fold'
[Wed Apr  5 09:53:50 2017] <notdan> Is there any way to manipulate identifiers as strings in Ltac? Suppose I have a variable x and I want to create an identifier "Hyp_x"
[Wed Apr  5 10:00:14 2017] <jstolarek> thanks
[Wed Apr  5 10:00:21 2017] <jstolarek> I went with:
[Wed Apr  5 10:00:32 2017] <jstolarek> assert (H0: b > a) by omega
[Wed Apr  5 10:05:42 2017] <rrika> notdan, do you think this is related? https://stackoverflow.com/questions/22404394/how-to-automatically-generate-good-names-when-decomposing-existential-hypothes
[Wed Apr  5 10:06:20 2017] <rrika> though it seems they only pick an existing name, not build a completely new one
[Wed Apr  5 10:07:28 2017] <rrika> actually, "fresh" is exactly there to concat names, it seems
[Wed Apr  5 10:07:31 2017] <rrika> I need to test this
[Wed Apr  5 10:10:24 2017] <rrika> notdan,
[Wed Apr  5 10:10:25 2017] <rrika> Ltac add a b := let n := (fresh a b) in pose (n := a+b).
[Wed Apr  5 10:10:25 2017] <rrika> Goal nat -> nat -> nat. intros. add H H0. assumption. Qed.
[Wed Apr  5 11:00:27 2017] <jstolarek> is there a tactic that allows me to go from (x + 1) to ((fun y => y + 1) x)
[Wed Apr  5 11:00:29 2017] <jstolarek> ?
[Wed Apr  5 11:01:09 2017] <notdan> hm interesting rrika
[Wed Apr  5 11:01:18 2017] <notdan> I will test if it works in my case
[Wed Apr  5 11:01:38 2017] <rrika> jstolarek, something something generalize maybe? sorry, need to go
[Wed Apr  5 11:02:22 2017] <notdan> jstolarek: you  can either do a [change] or use [eta_expansion]
[Wed Apr  5 11:02:36 2017] <notdan> (the later being a lemma, so you rewrite using it)
[Wed Apr  5 11:05:04 2017] <jstolarek> is that descriebed anywhere in the manual?
[Wed Apr  5 11:35:59 2017] <notdan> dunno
[Wed Apr  5 11:51:34 2017] <cocreature> is there some induction principle for doing induction on two lists of the same length simultaneously in the standard library?
[Wed Apr  5 12:26:34 2017] <notdan> You can either use well-founded induction or write an inductive predicate expressing the fact that the lists have the same length
[Wed Apr  5 12:26:47 2017] <notdan> then you can use the induction principle for that inductive predicate
[Wed Apr  5 12:27:57 2017] <cocreature> notdan: I was mostly being lazy and hoped that the right induction principle is already somewhere in the standard library :)
[Thu Apr  6 00:44:56 2017] <keep_learning> Hi Everyone
[Thu Apr  6 00:45:19 2017] <keep_learning> I am extracting Haskell code https://github.com/mukeshtiwari/formalized-voting/blob/master/paper-code/Extraction.v
[Thu Apr  6 00:46:55 2017] <keep_learning> In extracted code at line 441, type Cand = (), cand_all = Prelude.error "realize it"  https://github.com/mukeshtiwari/formalized-voting/blob/master/paper-code/schulze-voting/src/Lib.hs#L441
[Thu Apr  6 00:47:58 2017] <keep_learning> I have change it manually to data Cand = A | B | C | D | E and cand_all = Cons A (Cons B (Cons C (Cons D (Cons E NIl)))))
[Thu Apr  6 00:48:58 2017] <keep_learning> I am looking for way to do this while code extraction rather than doing it manually.
[Thu Apr  6 00:49:11 2017] <keep_learning> it is possible or any work around ?
[Fri Apr  7 09:38:52 2017] <piyush-kurur> question regarding modules
[Fri Apr  7 09:50:51 2017] <piyush-kurur> If I have a module type MT where I have used a Definition, i.e something like Module Type MT. Parameter foo : Type. Definition bar : foo -> fo. End MT.
[Fri Apr  7 09:51:28 2017] <piyush-kurur> Then when I define a module M of type MT, I always need to also write the Definition bar. Why is that the case?
[Fri Apr  7 09:54:08 2017] <piyush-kurur> Here is the code in gist https://gist.github.com/piyush-kurur/e4be87b4d86d90eb1296d1b1faeaefc5
[Sat Apr  8 07:22:13 2017] <pedroabreu> is it possible to instance the same type class twice?
[Sun Apr  9 09:02:33 2017] <dredozubov> i think i had to do manual rewriting in other occurences, don't understand why it work as it is: https://gist.github.com/dredozubov/a3ef6603d30998c44a97776106edb0ad
[Sun Apr  9 10:21:39 2017] <cocreature> dredozubov: I would assume it works because [x] ++ y just simplifies to x :: y. you don’t need to prove and use some rewriting lemma here. but then again I don’t know much about how apply works internally so take that with a grain of salt :)
[Mon Apr 10 10:13:09 2017] <FUZxxl> Hello!
[Mon Apr 10 10:13:34 2017] <FUZxxl> After doing "compute." I am left with the goal "Lt = Gt -> False"
[Mon Apr 10 10:13:37 2017] <FUZxxl> How do I prove that?
[Mon Apr 10 10:14:10 2017] <cocreature> FUZxxl: "intros H. inversion H." should work I think
[Mon Apr 10 10:14:33 2017] <FUZxxl> cocreature: thanks
[Mon Apr 10 10:14:45 2017] <cocreature> I guess congruence works too
[Mon Apr 10 10:14:54 2017] <FUZxxl> cocreature: is there a way to make coq evaluate numeric expressions in Zarith?
[Mon Apr 10 10:15:12 2017] <FUZxxl> So, e.g. if I have (1 + 2 * 3 ^ 4) I want to evaluate that expression to its value
[Mon Apr 10 10:15:18 2017] <cocreature> simpl?
[Mon Apr 10 10:15:26 2017] <cocreature> or compute?
[Mon Apr 10 10:15:28 2017] <modulus> or compute
[Mon Apr 10 10:15:35 2017] <FUZxxl> simpl doesn't help with pow
[Mon Apr 10 10:15:38 2017] <FUZxxl> apparently
[Mon Apr 10 10:16:19 2017] <FUZxxl> and compute creates very complex expressions when not the entire thing can be evaluated
[Mon Apr 10 10:16:32 2017] <FUZxxl> I'm honestly not good at coq
[Mon Apr 10 10:18:08 2017] <cocreature> simpl seems to work for me
[Mon Apr 10 10:18:19 2017] <cocreature> at least for something like "Goal 1 + 2 + 3 ^ 4 = 84."
[Mon Apr 10 10:18:34 2017] <FUZxxl> strange
[Mon Apr 10 10:18:44 2017] <cocreature> FUZxxl: do you have that in the goal or in a hypothesis?
[Mon Apr 10 10:18:49 2017] <FUZxxl> I have (0 <= 2 ^ 7)%Z in my goal
[Mon Apr 10 10:18:59 2017] <FUZxxl> when I type simpl. I get (0 <= Z.pow_pos 2 7)%Z
[Mon Apr 10 10:19:19 2017] <FUZxxl> cocreature: I am also interested in how to evaluate things in hypotheses if possible
[Mon Apr 10 10:19:20 2017] <cocreature> oh I can reproduce that
[Mon Apr 10 10:19:36 2017] <cocreature> FUZxxl: you can do "simpl in *" or "simpl in HypothesisName"
[Mon Apr 10 10:19:44 2017] <FUZxxl> cocreature: let's see...
[Mon Apr 10 10:20:06 2017] <FUZxxl> cocreature: that does something but doesn't get rid of Z.pow_pos
[Mon Apr 10 10:20:13 2017] <cocreature> FUZxxl: "unfold Z.pow_pos." helps
[Mon Apr 10 10:20:15 2017] <FUZxxl> is it because Z.pow_pos is recursive?
[Mon Apr 10 10:23:09 2017] <cocreature> I’m not sure why it requires an explicit unfold. even "Hint Unfold Z.pow_pos" and "Transparent Z.pow_pos" don’t help
[Mon Apr 10 10:24:51 2017] <cocreature> cbn works
[Mon Apr 10 10:25:52 2017] <cocreature> FUZxxl: I suppose simpl probably considers 128 to be a more complex term than "Z.pow_pos 2 7" and thereby the heuristic for simplifying is not triggered. but I’ve never bothered to read the docs on simpl to figure out how exactly it decides when to simplify :)
[Mon Apr 10 10:26:10 2017] <FUZxxl> cocreature: okay, I'll try cbn, too. Thanks.
[Mon Apr 10 10:27:49 2017] <FUZxxl> shit
[Mon Apr 10 10:27:57 2017] <FUZxxl> I accidentally deleted my last half hour of work
[Tue Apr 11 11:58:09 2017] <cocreature> Hey, I have the following state http://lpaste.net/354517 and I’m trying to use "rewrite <- H6". However, that complains that there is no matching subterm in my goal. but it seems like there is one in the condition of the if clause? what am I missing here?
[Tue Apr 11 12:05:31 2017] <cocreature> ah "Set Printing All." shows a difference. now I only need to figure out where that comes from :)
[Tue Apr 11 16:00:18 2017] <Ptival> what are people's take on whether Coq file names should be like_this.v or LikeThis.v or something else?
[Tue Apr 11 16:01:00 2017] <Ptival> I used to do the upper-case thing like the standard library, but it clashes with Vernacular a lot, so you can't name a file Variable.v because then you can't import it : >:(
[Tue Apr 11 16:32:55 2017] <johnw> hi
[Tue Apr 11 16:33:13 2017] <johnw> I use LikeThis names, and just avoid syntactic conflicts :)
[Tue Apr 11 16:48:16 2017] <Ptival> yeah, I think I'll get back to this
[Tue Apr 11 18:26:59 2017] <bbaren> It looks like `Import M` makes M’s names available unprefixed, while `Include M` actually copies all the bindings from M into the current module. Is that correct?
[Tue Apr 11 19:52:34 2017] <johnw> that sounds right
[Tue Apr 11 19:52:48 2017] <johnw> Module M := FooModule.
[Tue Apr 11 19:52:52 2017] <johnw> should make it available prefixed
[Tue Apr 11 19:52:57 2017] <jgross> bbaren: That is almost correct.  However, [constr_eq] considers the "copied" bindings from [Include] to be syntactically equal to the original bindings. Including for inductive types.  Despite the fact that they will print with different names, and [Compute] will not normalize one name to the other. 
[Tue Apr 11 19:52:58 2017] <johnw> Module Import M := FooModule.
[Tue Apr 11 19:53:03 2017] <johnw> gives you both prefixed and unprefixed
[Tue Apr 11 19:53:12 2017] <johnw> hi jgross!
[Tue Apr 11 19:53:23 2017] <jgross> hi johnw! 
[Wed Apr 12 05:33:26 2017] <sathi> Hello, where can I find the definition of the constructors O and S for natural numbers.
[Wed Apr 12 05:33:58 2017] <sathi> I mean something like O = 0 and S n = n + 1
[Wed Apr 12 05:34:08 2017] <notdan> You can use [Locate] to find the definitions of various indentifiers.
[Wed Apr 12 05:34:26 2017] <notdan> In this particular case O and S do not really have a definition in the sense that you wrote
[Wed Apr 12 05:34:47 2017] <notdan> rather the type nat of natural numbers is defined by constructors O and S
[Wed Apr 12 05:35:37 2017] <sathi> I would assume there is somewhere in the code that coq converts O to a zero, is that not so?
[Wed Apr 12 05:36:20 2017] <notdan> sathi: no, because "zero" is precisely O
[Wed Apr 12 05:36:59 2017] <notdan> there are no built-in integers in Coq
[Wed Apr 12 05:37:24 2017] <notdan> rather the type [nat] defines the natural numbers
[Wed Apr 12 05:38:37 2017] <sathi> From Init/Datatypes.v:
[Wed Apr 12 05:38:38 2017] <sathi> Inductive nat : Set :=
[Wed Apr 12 05:38:38 2017] <sathi>   | O : nat
[Wed Apr 12 05:38:39 2017] <sathi>   | S : nat -> nat.
[Wed Apr 12 05:39:26 2017] <sathi> But O could map to any integer (for example, 1) and S could be any function (maybe S n = n + 2)
[Wed Apr 12 05:41:23 2017] <sathi> So I would assume somewhere in the source code these are defined.
[Wed Apr 12 05:42:33 2017] <sathi> But I am not able to locate these in the source code.
[Wed Apr 12 05:44:23 2017] <modulus> not exactly how inductive types work
[Wed Apr 12 05:44:28 2017] <modulus> constructors are opaque
[Wed Apr 12 05:44:43 2017] <modulus> like, S O is just S O
[Wed Apr 12 05:47:16 2017] <sathi> If I define my own inductive type for even numbers like so:
[Wed Apr 12 05:47:16 2017] <notdan> sathi: what do you mean by O being mapped somewhere?
[Wed Apr 12 05:47:17 2017] <sathi> Inductive even_nat : Type :=
[Wed Apr 12 05:47:18 2017] <sathi>   | two : even_nat
[Wed Apr 12 05:47:19 2017] <sathi>   | next_even : even_nat -> even_nat.
[Wed Apr 12 05:47:25 2017] <notdan> At which point do you expect it to be mapped and why?
[Wed Apr 12 05:49:10 2017] <sathi> I can see that the parser is treating the symbols O and S differently, i.e., resolving these to the numeric 0 and S such that S n = n + 1
[Wed Apr 12 05:50:53 2017] <sathi> So I was expecting this to be defined somewhere in the source code, maybe kernel/constr.ml or kernel/inductive.ml
[Wed Apr 12 05:51:06 2017] <sathi> And I looked into the code, but could not find it.
[Wed Apr 12 05:51:37 2017] <modulus> it's just a printing thing afaik
[Wed Apr 12 05:53:21 2017] <notdan> Yes it is just a pretty-printing mechanism.
[Wed Apr 12 05:54:31 2017] <notdan> and it is defined here: https://github.com/coq/coq/blob/trunk/plugins/syntax/nat_syntax.ml
[Wed Apr 12 06:03:48 2017] <sathi> Can you tell me what I need to do to define an inductive type for even numbers
[Wed Apr 12 06:03:59 2017] <sathi> Inductive even_nat : Type :=
[Wed Apr 12 06:03:59 2017] <sathi>   | two : even_nat
[Wed Apr 12 06:04:00 2017] <sathi>   | next_even : even_nat -> even_nat.
[Wed Apr 12 06:16:49 2017] <notdan> that could work, but I would suggest starting with zero
[Wed Apr 12 06:17:00 2017] <notdan> alternatively, you can define an inductive predicate on natural numbers: https://coq.inria.fr/library/Coq.Arith.Even.html#even
[Wed Apr 12 06:18:09 2017] <sathi> Thanks notdan for your help!! I will read up a bit on coq + ocaml and come back in a day or so.
[Wed Apr 12 07:23:47 2017] <cocreature> is there some builtin tactic that, if the goal is A, searches for an assumption of the form B -> A and applies it automatically?
[Wed Apr 12 07:25:27 2017] <rrika> cocreature, yeah, it's called "auto"
[Wed Apr 12 07:25:56 2017] <cocreature> rrika: that doesn’t seem to work if I don’t have a B assumption
[Wed Apr 12 07:26:58 2017] <rrika> oh
[Wed Apr 12 07:31:02 2017] <cocreature> I guess reorganizing my proof to first get B is probably easier anyway
[Wed Apr 12 07:33:28 2017] <rrika> cocreature, I guess the issue is kinda that there are so many things of the form -> A and so it needs some kind of hint that you want B
[Wed Apr 12 07:33:44 2017] <rrika> but I guess you're trying to make a proof more terse here.
[Wed Apr 12 07:34:12 2017] <cocreature> rrika: I’m fine if it only searches the local assumptions, in fact I want it to only search those and it doesn’t seem that uncommon that you only have one hypothesis that matches in that case
[Wed Apr 12 07:45:16 2017] <rrika> cocreature, idk about built-ins then but this works: Ltac apply_hyp := match goal with [ H: ?P->?X |- ?X ] => apply H end.
[Wed Apr 12 07:45:40 2017] <cocreature> rrika: yeah that’s what I came up with myself, thanks :)
[Wed Apr 12 07:50:17 2017] <rrika> cocreature, I just realized an interesting thing btw, if you have (C->B->A) and (B->A) in your hypotheses, then no matter what order they are in, this ltac will always focus on the easier one
[Wed Apr 12 07:50:31 2017] <rrika> I wonder if this is some kind of heuristic based on number of generated goals
[Wed Apr 12 07:54:14 2017] <cocreature> rrika: C -> B -> A simply doesn’t match ?P->?X
[Wed Apr 12 07:54:30 2017] <rrika> P can't be C->B?
[Wed Apr 12 07:54:43 2017] <cocreature> no C -> B -> A is C -> (B -> A)
[Wed Apr 12 07:54:50 2017] <cocreature> which is different from (C -> B) -> A
[Wed Apr 12 07:55:13 2017] <rrika> *facepalm* you're right
[Wed Apr 12 07:55:37 2017] <rrika> how does one match a function of any arity resulting in A in ltac then?
[Wed Apr 12 07:55:43 2017] <cocreature> I have no idea :)
[Wed Apr 12 07:55:48 2017] <rrika> it's a mystery
[Wed Apr 12 07:55:50 2017] <cocreature> let me know if you figure it out :)
[Wed Apr 12 07:55:53 2017] <rrika> sure
[Wed Apr 12 07:57:50 2017] <Cypi> 1) You could blindly do "match goal with H : _ |- _ => apply H end."
[Wed Apr 12 07:58:30 2017] <Cypi> 2) You could write another tactic that takes some term X and succeeds (with an "idtac") if and only if it is a product of any arity that results in A
[Wed Apr 12 07:59:21 2017] <rrika> Cypi, thank you
[Wed Apr 12 07:59:42 2017] <Cypi> Both approaches have the problem that they don't look very efficient though, I'm not sure what would be best :/
[Wed Apr 12 08:00:20 2017] <rrika> Cypi, i guess apply will already recursively traverse the H term, so using a second tactic means you traverse it twice?
[Wed Apr 12 08:00:59 2017] <Cypi> The first one would certainly be preferable if you don't mind it to work for hypotheses where you need some unifying to make it work
[Wed Apr 12 08:01:15 2017] <Cypi> something like "H : forall x, P x -> Q x" when the goal is "Q y"
[Wed Apr 12 08:01:42 2017] <Cypi> (which would not work with the second approach, or what you seemed to be looking for initially)
[Wed Apr 12 08:01:54 2017] <rrika> oh, right
[Wed Apr 12 08:10:53 2017] <rrika> there is a variant of apply that never unifies iirc
[Wed Apr 12 08:11:40 2017] <rrika> *never instantiates
[Wed Apr 12 08:11:50 2017] <rrika> "simple apply H."
[Wed Apr 12 12:02:41 2017] <bbaren> Am I correct in observing an isomorphism between Ensembles and Σ types?  For example, I can define the set of naturals less than ten either with [Definition digits := {n | n < 10}.] or with [Inductive digits : Ensemble nat := digit : forall n, n < 10 -> In _ digits n.].
[Wed Apr 12 12:05:43 2017] <bbaren> I guess a Σ type actually has the condition for membership built into the type, whereas Ensembles build the condition into the constructor.
[Wed Apr 12 19:26:53 2017] <benzrf> bbaren: umm, i'm not sure
[Wed Apr 12 19:27:11 2017] <benzrf> what if you say something like
[Wed Apr 12 19:27:24 2017] <benzrf> nonzero_ctor : forall n, nonzero (S n)
[Wed Apr 12 19:46:23 2017] <bbaren> benzrf: I’m confused. What is nonzero_ctor for?
[Wed Apr 12 19:54:31 2017] <Cypi> bbaren: maybe they meant, what if you consider the type [Inductive nonzeros : Ensemble nat := nonzero : forall n, In _ nonzeros (S n).], how does it translate into sigma-types?
[Wed Apr 12 19:55:42 2017] <Cypi> also, what if you have several constructors?
[Wed Apr 12 20:25:52 2017] <benzrf> Cypi: for future reference, im fine with "he" pronouns :)
[Wed Apr 12 21:15:52 2017] <bbaren> benzrf, Cypi: Ah, cool! I knew I was missing something. Thanks.
[Wed Apr 12 23:46:47 2017] <jgross> bbaren: [digits] and [fun n => n < 10] both have type [nat -> Prop], and, under univalence or prop-extensionality+function-extensionality, are equal.  Given an [Ensemble T], you can pass it to the partially-applied type constructor [@sig T], to make a type.  So [sig] has type [forall T, Ensemble T -> Type].  However, it doesn't really make sense to talk about arrows the other way, I think?  Certainly, you have a function [Type -> { T : Type &
[Wed Apr 12 23:46:47 2017] <jgross> Ensemble T }], namely, the identity on types and the always-true on ensembles, and it might be the case (though I'm not sure) that, under univalence, [{ T : Type & Ensemble T }] is isomorphic to [Type].  Does this give you more clarity? 
[Thu Apr 13 10:02:02 2017] <bbaren> jgross: Yep, that’s quite useful. Thanks.
[Thu Apr 13 10:47:11 2017] <pedroabreu> hi guys! Anyone here attending OPLSS this year?
[Thu Apr 13 11:59:56 2017] <cocreature> is there some way to make tactics local to the current proof?
[Thu Apr 13 14:25:44 2017] <bbaren> cocreature: You can write [let my_tac := ... in ...].
[Thu Apr 13 14:26:12 2017] <bbaren> e.g., [Goal 3 = 3. let t := reflexivity in t. Qed.]
[Thu Apr 13 15:39:53 2017] <cocreature> bbaren: ah nice, thanks!
[Thu Apr 13 18:38:33 2017] <johnw> can I ask Coq to simplify away transparent coercion function that I've marked as "Arguments /"?
[Thu Apr 13 18:38:58 2017] <johnw> in my case H = coerce F, but rewriting can't see through 'coerce', althugh simpl collapses this to H = H
[Thu Apr 13 18:39:16 2017] <johnw> I end up needed to pose my rewrite rules into the context, run simpl on all of them, and then they work
[Fri Apr 14 06:28:33 2017] <lpaste> jstolarek pasted “No title” at http://lpaste.net/354578
[Fri Apr 14 06:28:51 2017] <jstolarek> I'm struggling to prove this theorem.
[Fri Apr 14 06:29:56 2017] <jstolarek> It's an exercise from Verified Functional Algorithms, only 2-star difficulty so it should be simple and yet I am spending second day on this and just don't see a way forward
[Fri Apr 14 06:30:24 2017] <jstolarek> there's a hint in the exercise saying that it should require a single induction
[Fri Apr 14 06:51:55 2017] <Cypi> jstolarek: make sure you're doing your induction on the right thing
[Fri Apr 14 06:52:23 2017] <Cypi> the exercise is easy if you do the right induction, and (looks) very difficult otherwise
[Fri Apr 14 06:53:13 2017] <jstolarek> ah, got it! Indeed, I was doing induction on the wrong thing.
[Fri Apr 14 06:53:32 2017] <jstolarek> but I only realized that after finding a proof in Idris here: http://www.ben-sherman.net/posts/2014-09-20-quicksort-in-idris.html
[Fri Apr 14 06:54:13 2017] <Cypi> I find that it's most of the time way better to do an induction on the inductive properties of the objects rather than the objects themselves
[Fri Apr 14 06:54:27 2017] <Cypi> it gives more structure, and in this case, it even gives "for free" the relationships between your objects
[Fri Apr 14 06:55:38 2017] <jstolarek> Cypi: what do you mean by "inductive properties of the objects rather than objects themselves"?
[Fri Apr 14 06:56:11 2017] <jstolarek> as in: do induction on a property of a list rather than the list itself?
[Fri Apr 14 06:56:15 2017] <Cypi> yes
[Fri Apr 14 06:56:37 2017] <Cypi> It's not always better, but when what you want to prove relies on this property, it probably is
[Fri Apr 14 07:01:13 2017] <jstolarek> I have  H : length (x :: y :: l)  and I want to simplify it to  H : S (length (y :: l))
[Fri Apr 14 07:01:19 2017] <jstolarek> so just a single step of a reduction
[Fri Apr 14 07:01:28 2017] <jstolarek> how can I do that?
[Fri Apr 14 07:01:44 2017] <jstolarek> simpl in H.  results in H : S (S (length l))
[Fri Apr 14 07:18:21 2017] <Cypi> jstolarek: you can do it very manually, using the "change" tactic :/
[Fri Apr 14 07:18:29 2017] <Cypi> but yeah, controlling reduction is difficult
[Fri Apr 14 07:23:43 2017] <jstolarek> Cypi: thanks. I realized I can also do it with "replace". Is there a difference between "change" and "replace"?
[Fri Apr 14 07:39:38 2017] <Cypi> replace will do a rewriting (so it will change the proof term), whereas change asserts that your two terms are convertible
[Fri Apr 14 07:41:40 2017] <Cypi> In other words, in my opinion, "change" is better (it's just another view of your current goal/context, and does not add anything to the proof term), but "replace" will work in more cases (sometimes you can prove that two terms are propositionally equal even if they are not definitionally equal)
[Fri Apr 14 07:41:58 2017] <Cypi> if you don't care about the proof term, then it doesn't matter anyway :)
[Sat Apr 15 14:12:26 2017] <tyrokroketa> Hey everyone, apologies in advance if what I'm about to ask is something obvious.
[Sat Apr 15 14:12:40 2017] <tyrokroketa> I have the following in my stack:
[Sat Apr 15 14:12:47 2017] <tyrokroketa> P: nat -> Prop, Px: Px : forall x : nat, (forall y : nat, y < x -> P y) -> P x
[Sat Apr 15 14:12:55 2017] <tyrokroketa> and x: nat
[Sat Apr 15 14:13:09 2017] <tyrokroketa> And the goal left is P x.
[Sat Apr 15 14:13:33 2017] <tyrokroketa> A solution starts with this: move: {-2}x (leqnn x).
[Sat Apr 15 14:14:09 2017] <tyrokroketa> Can anyone explain how this works? I'm using the Mathematical Components library and I cannot figure out this pattern.
[Sat Apr 15 14:37:17 2017] <RegEchse> it's certainly not "obvious" ... ;)
[Sat Apr 15 14:38:05 2017] <RegEchse> but it's quite straight forward once you get familiar with the ssr tactic(al)s
[Sat Apr 15 14:38:12 2017] <RegEchse> so:
[Sat Apr 15 14:39:11 2017] <RegEchse> the : tactical discharges the rhs items right to left(!) and then calls the tactic to its left (i.e. "move" here, which basically does nothing).
[Sat Apr 15 14:40:04 2017] <RegEchse> thus, a more streamlined version of the above would be:   move: (leqnn x).  move: {-2}x.
[Sat Apr 15 14:40:39 2017] <RegEchse> the first move pushes the lemma 'leqnn' applied to 'x' onto the goal stack.
[Sat Apr 15 14:41:32 2017] <RegEchse> the second move generalizes the goal over the variable x, omitting the second occurrence (that's the work of the {-2}).
[Sat Apr 15 14:41:36 2017] <RegEchse> tyrokroketa: ^
[Sat Apr 15 14:44:10 2017] <tyrokroketa> RegEchse: Ah, I was missing the right-to-left part, so I was going the wrong way "streamlining" it to understand it better
[Sat Apr 15 14:44:15 2017] <tyrokroketa> Thanks a lot! :)
[Sat Apr 15 14:45:42 2017] <RegEchse> you're welcome :)
[Sun Apr 16 03:38:25 2017] <johnw> can one prove that symmetry (symmetry f) = f?
[Tue Apr 18 17:14:06 2017] <benzrf> yall are missing a huge xy problem
[Tue Apr 18 17:14:12 2017] <benzrf> jeez
[Tue Apr 18 17:14:21 2017] <benzrf> dont tell someone to use LEM when what they wanna prove is clearly constructively valid!
[Tue Apr 18 18:15:39 2017] <schoppenhauer> benzrf: if the proof is c/i and gets much shorter?
[Tue Apr 18 18:43:36 2017] <rrika> cocreature, are you trying to add H' to the context with that?
[Tue Apr 18 18:43:41 2017] <rrika> you could use pose/pose proof
[Tue Apr 18 18:46:21 2017] <rrika> cocreature, "assert (A := B)." = "pose proof (B) as A."
[Tue Apr 18 19:16:41 2017] <pedroabreu> when I wanna do that I use lets from libtatics of software foundations. The full command becomes `lets ?H: H.`
[Tue Apr 18 22:08:54 2017] <glguy> When I use Coq via Spacemacs/company-coq/evil-mode and I exit insert mode, something is causing autocompletion to fire. For example if I type "intros s"ESC it replaces with "intros simpl" Any ideas how I might fix that or what I should be looking for?
[Wed Apr 19 02:48:20 2017] <cocreature> rrika: thanks, pose is what I’m looking for. I was trying to duplicate a hypothesis that was already in my context because I wanted to apply two separate things to it (yes I know I can usually reorganize the proof to avoid that but it seemed like the simplest solution here)
[Wed Apr 19 05:28:31 2017] <lpaste> jstolarek pasted “No title” at http://lpaste.net/354726
[Wed Apr 19 05:29:09 2017] <jstolarek> how to use union_comm to rewrite (union (singleton y) (singleton x)) on the LHS?
[Wed Apr 19 05:29:23 2017] <jstolarek> I know I can use rewrite
[Wed Apr 19 05:29:38 2017] <jstolarek> sorry, replace, not rewrite
[Wed Apr 19 05:30:22 2017] <jstolarek> replace (union (singleton y) (singleton x)) with (union (singleton x) (singleton y)) by (apply union_comm).
[Wed Apr 19 05:30:30 2017] <jstolarek> but that is very verbose
[Wed Apr 19 07:00:20 2017] <Cypi> jstolarek : "rewrite (union_comm (singleton y) (singleton x))" should work?
[Wed Apr 19 07:00:52 2017] <Cypi> or "rewrite union_comm with (a := singleton y) (b := singleton x)" or anything similar (probably even just "rewrite (union_comm (singleton y))"
[Wed Apr 19 10:34:53 2017] <benzrf> hey, has anyone here used Bedrock?
[Wed Apr 19 10:35:07 2017] <benzrf> im trying to get it set up and i'm having a weird issue
[Wed Apr 19 10:35:48 2017] <benzrf> i used the nixpkgs derivation - it built successfully, but when i try to do [Require Import Bedrock.],  it says "Error: Cannot find library Bedrock.ILTac in loadpath"
[Wed Apr 19 10:35:55 2017] <benzrf> and if i check the loadpath, it seems there's a .v but not a .vo
[Wed Apr 19 18:37:13 2017] <benzrf> so what happens to known indices of a thing's type in a [return] clause of a [match]
[Wed Apr 19 18:37:17 2017] <benzrf> that is to say
[Wed Apr 19 18:37:28 2017] <benzrf> uh, let me make an example really quick
[Wed Apr 19 18:37:50 2017] <johnw> yeah, that would help :)
[Wed Apr 19 18:38:43 2017] <benzrf> johnw: https://gist.github.com/a7ee7e8ac26bf9df2e5eb3c32963d808
[Wed Apr 19 18:39:43 2017] <benzrf> (im pretty sure the Goal isn't actually provable, but thats not my question exactly)
[Wed Apr 19 18:40:21 2017] <benzrf> note that it says this: The term "e0" has type "a = a0" while it is expected to have type "a = a".
[Wed Apr 19 18:40:34 2017] <benzrf> but the thing i'm matching on is known to have type [a = a]
[Wed Apr 19 18:40:49 2017] <benzrf> it seems to have "generalized" the index (although not the parameter)
[Wed Apr 19 18:41:30 2017] <Cypi> "e : a = a" has one two parameters (which are A and a) and an index (which is a). When you match on it, the return clause of the match is understood to be expressed under new binders for every index and one new binder for the term itself. So in this case, a fresh a0 is introduced, and a fresh e0 of type "@eq A a a0"
[Wed Apr 19 18:41:40 2017] <Cypi> (that's two parameters, not "one two")
[Wed Apr 19 18:43:01 2017] <Cypi> When you write some return clause "R", it actually requires that the term [fun (a0 : A) (e0 : @eq A a a0) => R] typechecks
[Wed Apr 19 18:44:39 2017] <Cypi> (You can make all these fresh names appear by the way: refine (match e in _ = a0 as e0 return P e0 with eq_refl => _ end. )
[Wed Apr 19 18:44:54 2017] <benzrf> aww what
[Wed Apr 19 18:45:00 2017] <benzrf> why does it work this way?
[Wed Apr 19 18:45:25 2017] <benzrf> what does the [in] clause do btw
[Wed Apr 19 18:45:42 2017] <Cypi> It does just that: binds the name of the indices so that you can use them in the return clause
[Wed Apr 19 18:45:55 2017] <benzrf> o
[Wed Apr 19 18:45:56 2017] <Cypi> I mean, it binds the indices to some names
[Wed Apr 19 18:47:05 2017] <benzrf> btw, while i have ppl's attention
[Wed Apr 19 18:47:14 2017] <benzrf> has anybody used bedrock? im having issues with its build
[Wed Apr 19 18:47:16 2017] <benzrf> kinda
[Wed Apr 19 18:48:21 2017] <Cypi> "why does it work this way?": well, if you wanted it to work otherwise, you would need e0 to have exactly the same type as e. So actually, e0 would be useless, you would just need e0. But then, what is e0 used for? When you want to automatically unify it with the constructors of the inductive types in the return type of the different branches of the match.
[Wed Apr 19 18:49:20 2017] <Cypi> Then the follow-up question should be "why can't you do that directly with e?". The answer to this is that to do it, you need a theory that allows you to unify an arbitrary term ("e" in this case, but it could be more complicated) with some other arbitrary term (the constructor)
[Wed Apr 19 18:49:50 2017] <Cypi> Coq doesn't have this.
[Wed Apr 19 18:50:32 2017] <benzrf> um
[Wed Apr 19 18:50:34 2017] <benzrf> hm
[Wed Apr 19 18:50:59 2017] <Cypi> [it's a lot of "this" and "that", sorry for my poor English, hopefully I can explain anything that wasn't clear ^^' ]
[Wed Apr 19 18:52:33 2017] <benzrf> is ^^ a french thing o=
[Wed Apr 19 18:53:14 2017] <Cypi> It might be
[Thu Apr 20 11:15:12 2017] <benzrf> is this provable? https://gist.github.com/d86ab6174fe0f4b3b91b710794f1edee
[Thu Apr 20 17:39:15 2017] <benzrf> why on earth is this coq project taking an hour to compile a single file
[Thu Apr 20 18:00:13 2017] <anishathalye> I'm trying to use ltac to solve goals of this form (simplified example): `Last login: Sun Apr  9 11:07:10 on ttys004
[Thu Apr 20 18:00:31 2017] <anishathalye> oh dear, that paste didn't go as expected
[Thu Apr 20 18:01:10 2017] <anishathalye> `Goal exists x : (nat * nat * nat), fst (fst x) = 1 /\ snd (fst x) = 2 /\ snd x = 3.
[Thu Apr 20 18:02:29 2017] <anishathalye> If I just `eexists; ...`, the automation machinery can't solve it, but if I `eexists ((_, _), _); intuition; auto`, then it can be simplified and solved
[Thu Apr 20 18:02:46 2017] <anishathalye> And so I'm trying to automate this -- the best I have currently is https://gist.github.com/anishathalye/5edecd0bb3cfef0f333d526e6d949672
[Thu Apr 20 18:03:07 2017] <anishathalye> if this is totally insane and there's a better way of doing this, I'd appreciate some help/feedback
[Thu Apr 20 18:04:53 2017] <jrw> anishathalye: yeah, this is challenging to automate. I think what you've got is about as good as it gets.
[Thu Apr 20 19:49:27 2017] <Cypi> anishathalye: for the record, another approach could be this one http://lpaste.net/354786
[Thu Apr 20 19:50:01 2017] <Cypi> not saying it's better, just different (also, I wish there was a better way of doing what I did in the [instantiate_pair] tactic, if anyone is aware of any trick...)
[Thu Apr 20 20:09:50 2017] <Cypi> benzrf: isn't your [root_main] definition the wrong way around? Because currently it looks like your theorem is just false
[Thu Apr 20 20:10:08 2017] <Cypi> for instance with [
[Thu Apr 20 20:10:10 2017] <Cypi> Definition my_p (c : conat) : bool := match c with cO => true | _ => false end.]
[Thu Apr 20 20:10:36 2017] <Cypi> (but even with a fixed definition, I have no idea how to go about such a proof, I do not necessarily expect it to be provable)
[Thu Apr 20 22:00:51 2017] <anishathalye> Cypi: oh, that's pretty cool! In my actual use case (not the simple example), I can't match on e.g. `fst`
[Thu Apr 20 22:01:39 2017] <anishathalye> But I did take inspiration from your solution to make my ltac cleaner, so thanks for the help!
[Thu Apr 20 22:48:47 2017] <Cypi> benzrf: about your conat stuff, you can try to take a look at http://lpaste.net/raw/354794 . I don't know how to use co-inductives really, so I don't know if it's any close to what someone else might have written.
[Thu Apr 20 22:49:06 2017] <Cypi> There is one lemma which is Admitted because I'm tired, but it _should_ be provable.
[Thu Apr 20 22:49:51 2017] <Cypi> And there are two axioms that I don't think you can prove (one of them looks quite classical, the other should hold only because your [p] is supposed to be constructive)
[Thu Apr 20 22:51:20 2017] <Cypi> In any case, good luck.
[Fri Apr 21 00:12:20 2017] <benzrf> Cypi: o heck i think i got it backawrds yeah
[Fri Apr 21 23:32:07 2017] <chatter29> hey guys
[Fri Apr 21 23:32:11 2017] <chatter29> allah is doing
[Fri Apr 21 23:32:17 2017] <chatter29> sun is not doing allah is doing
[Fri Apr 21 23:32:19 2017] <chatter29> to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger
[Fri Apr 21 23:55:38 2017] <benzrf> ?????
[Fri Apr 21 23:59:09 2017] <rrika> it keeps happening
[Sat Apr 22 04:44:34 2017] <cocreature> is there a variant of Forall parametrized over (P : A -> Type) instead of (P : A -> Prop) somewhere in the standard library?
[Sat Apr 22 11:17:13 2017] <benzrf> cocreature: for lists, you mean?
[Sat Apr 22 11:17:37 2017] <cocreature> benzrf: yep
[Sat Apr 22 11:18:05 2017] <benzrf> not personally sure, sorry
[Sat Apr 22 11:19:06 2017] <cocreature> np, I just keep using my own version for now
[Sat Apr 22 17:56:59 2017] <jrw> cocreature: that construction is sometimes called an hlist, and it is not in the standard library, though many people have rolled their own. for example, see https://github.com/coq-ext-lib/coq-ext-lib/blob/v8.5/theories/Data/HList.v
[Sat Apr 22 22:15:44 2017] <johnw> cocreature: not everything has a constructive variant
[Sat Apr 22 22:16:13 2017] <johnw> some things do, though, like I just found out about crelations and how they fit into the rewriting system
[Sun Apr 23 13:01:58 2017] <abysslurker> Hello. I have a simple question about Coq. I have been searching Google for a while now, but I can't find the answer.
[Sun Apr 23 13:02:31 2017] <abysslurker> I have the goal a \/ b \/ c, and I have a lemma which of the form _ -> b \/ a
[Sun Apr 23 13:02:41 2017] <abysslurker> *which is of the form
[Sun Apr 23 13:03:10 2017] <abysslurker> I'm unable to get to this form by using just lefts and rights.
[Sun Apr 23 13:03:51 2017] <abysslurker> How can change my goal to b \/ a?
[Sun Apr 23 13:07:06 2017] <Cypi> You could use the "or_assoc" and "or_comm" lemmas to get the form that you want (for instance, "apply or_assoc; left; apply or_comm")
[Sun Apr 23 13:10:50 2017] <abysslurker> Ah, thanks!
[Sun Apr 23 18:02:32 2017] <Ptival> so, I'm trying to do this proof on a small-step operational semantics
[Sun Apr 23 18:03:48 2017] <jrw> Ptival: oh, haha, hi! I actually meant uwplse's slack channel #coq, but this works too :)
[Sun Apr 23 18:03:58 2017] <Ptival> ah :p
[Sun Apr 23 18:04:02 2017] <Ptival> didn't know about it
[Sun Apr 23 18:04:38 2017] <Ptival> well, at some point I have some "Eval (Lam xs e) -> Eval (subst xs vs e)"
[Sun Apr 23 18:05:00 2017] <Ptival> but my induction hypothesis only tells me something about "e", not about "subst ... e"
[Sun Apr 23 18:05:21 2017] <Ptival> so I need an induction scheme that captures something about substitution
[Sun Apr 23 18:06:00 2017] <jrw> okay, that's what I figured. this is... kind of the whole ballgame in PL.
[Sun Apr 23 18:06:14 2017] <jrw> like, if this were easy, proving termination would be easy.
[Sun Apr 23 18:07:06 2017] <Ptival> so is there a trick to deal with this? I seems to remember the problem being mentioned in some books but can't recall where and how to deal with it
[Sun Apr 23 18:07:09 2017] <Ptival> :)
[Sun Apr 23 18:07:17 2017] <jrw> well it depends on your exact instance
[Sun Apr 23 18:07:38 2017] <jrw> in the general case, all the solutions I know of involve inducting on something else. eg, logical relations induct on types, or step-indexing methods induct on the index.
[Sun Apr 23 18:07:59 2017] <jrw> sometimes if you're only substituting things of known size, you can get around that.
[Sun Apr 23 18:09:16 2017] <Ptival> ah yeah, well, my setting is untyped at the moment, and I don't think I can size the things I am substituting :(
[Sun Apr 23 18:09:35 2017] <jrw> Ptival: it might help to know a bit more about what exactly you're trying to do, if you can share.
[Mon Apr 24 03:50:22 2017] <keep_learning> Hi Everyone
[Mon Apr 24 03:50:30 2017] <keep_learning> https://gist.github.com/mukeshtiwari/884304d724fbc33d9f117b58b77092c9
[Mon Apr 24 03:51:22 2017] <keep_learning> I have written partial_count_all_counted in proof mode, and now trying rewrite it using refine tactic.
[Mon Apr 24 03:51:50 2017] <keep_learning> When I am writing Fixpoint partial_count_all_counted : forall bs u inbs m, Count bs (partial (u, inbs) m) -> existsT i m, (Count bs (partial ([], i) m)).
[Mon Apr 24 03:52:18 2017] <keep_learning> It says It says Error: A fixpoint needs at least one parameter, so I changed it to
[Mon Apr 24 03:52:32 2017] <keep_learning> Fixpoint partial_count_all_counted bs : forall u inbs m, Count bs (partial (u, inbs) m) -> existsT i m, (Count bs (partial ([], i) m)).
[Mon Apr 24 03:53:10 2017] <keep_learning> According to my understanding, inside refine it should be
[Mon Apr 24 03:53:58 2017] <keep_learning> refine (fix u inbs m Hc := match u with match u with
[Mon Apr 24 03:53:58 2017] <keep_learning>                 | [] =>  existT _ inbs (existT _ m _)
[Mon Apr 24 03:53:58 2017] <keep_learning>                 | t :: ts => _
[Mon Apr 24 03:53:58 2017] <keep_learning> end).
[Mon Apr 24 03:57:27 2017] <keep_learning> But this gives error
[Mon Apr 24 03:58:16 2017] <keep_learning> Sorry for complicated description of problem
[Mon Apr 24 03:59:04 2017] <keep_learning> I am just looking for one example to change proof mode program to change into refine mode.
[Mon Apr 24 04:04:19 2017] <cocreature> keep_learning: you can print your lemma to see the proof term generated in proof mode and then plug that into refine
[Mon Apr 24 04:07:16 2017] <keep_learning> cocreature: https://gist.github.com/mukeshtiwari/884304d724fbc33d9f117b58b77092c9
[Mon Apr 24 04:07:51 2017] <keep_learning> I have done that, but I am wondering about my what is wrong with my thinking
[Mon Apr 24 04:09:07 2017] <cocreature> keep_learning: why did you change Lemma to Fixpoint?
[Mon Apr 24 04:10:41 2017] <keep_learning> cocreature:  To get the induction principal like I am getting with list_rect, but it was just intuition and I am not sure if intuition is correct or not
[Mon Apr 24 04:11:43 2017] <Cypi> I'm pretty sure that the parameter you are doing a recursion on should be in the parameters of the Fixpoint
[Mon Apr 24 04:11:47 2017] <Cypi> (not 100% sure, but pretty sure)
[Mon Apr 24 04:12:14 2017] <cocreature> ou can indicate the parameter you’re doing recursion on via the struct argument afaik
[Mon Apr 24 04:12:18 2017] <cocreature> *you
[Mon Apr 24 04:13:09 2017] <cocreature> keep_learning: it would be helpful if you could provide a self-contained example so I can load it into coq and play around with it
[Mon Apr 24 04:14:32 2017] <keep_learning> cocreature: https://github.com/mukeshtiwari/formalized-voting/tree/master/SchulzeCounting
[Mon Apr 24 04:14:45 2017] <keep_learning> all code is in this directory.
[Mon Apr 24 04:15:13 2017] <keep_learning> You can run coqc ListLemma.v
[Mon Apr 24 04:16:35 2017] <keep_learning> and partial_count_all_counted is in https://github.com/mukeshtiwari/formalized-voting/blob/master/SchulzeCounting/SchulzeSynthesis.v#L671
[Mon Apr 24 04:25:00 2017] <cocreature> keep_learning: I’m not sure I understand what exactly you are trying to do but maybe start like this? http://lpaste.net/354878
[Mon Apr 24 04:29:44 2017] <keep_learning> cocreature: Thank you. I will think more to express the problem in more clear way.
[Mon Apr 24 05:06:19 2017] <keep_learning> cocreature: Thank you very much for your code. Now I understand and rewrote it https://github.com/mukeshtiwari/formalized-voting/blob/master/SchulzeCounting/SchulzeSynthesis.v#L690
[Tue Apr 25 10:29:19 2017] <lorozic> does anyone know how to print notation definitions in proof-general?
[Tue Apr 25 10:31:33 2017] <lorozic> nevermind, found it
[Tue Apr 25 12:58:19 2017] <cocreature> is there some tactic that generates subgoals for things that can’t be unified? e.g. I have the goal "tlist (a :: elements) = tlist (t :: elements1)" and I want the subgoals a = t and elements = elements1
[Tue Apr 25 14:08:46 2017] <jrw> cocreature: may not be exactly what you're looking for but try the tactic "f_equal".
[Tue Apr 25 14:56:09 2017] <cocreature> jrw: oh I didn’t know there was a tactic for that. I only knew about the lemma which only supports functions in one argument. thanks!
[Tue Apr 25 15:24:13 2017] <anishathalye> cocreature: Coq has lemmas `f_equal` up to `f_equal5` for functions from 1 to 5 arguments
[Mon May  1 11:54:14 2017] <noze> _o/
[Mon May  1 11:55:02 2017] <noze> who can recommend me a library for working with binders?
[Mon May  1 11:55:13 2017] <noze> extra points if you're not one of the authors
[Mon May  1 11:55:25 2017] <noze> brownie points if you actually used it
[Mon May  1 11:57:14 2017] <cocreature> noze: I’ve been quite happy with https://www.ps.uni-saarland.de/autosubst/ and I’m not the author :)
[Mon May  1 12:22:27 2017] <noze> cheers, cocreature
[Wed May  3 11:15:37 2017] <benzrf> is there anything much in the standard distribution for automating trivial steps in induction over inductive Props with a ton of constructors
[Wed May  3 11:15:40 2017] <benzrf> to be precise -
[Wed May  3 11:16:04 2017] <benzrf> i'm trying to work with a big inductive Prop for deduction in classical propositional logic
[Wed May  3 11:16:19 2017] <benzrf> it has 12 constructors
[Wed May  3 11:16:27 2017] <benzrf> when i do induction, theres usually only like 2 cases that are at all interesting
[Wed May  3 11:17:03 2017] <benzrf> but just [constructor] is too stupid to figure out the right constructor, since technically the "assumption from the context" constructor can match almost anything
[Wed May  3 11:47:22 2017] <jrw> benzrf: here's a hacky trick I sometimes use: put the problematic constructor last. since the constructor tactic tries constructors in order, it will try everything else first.
[Wed May  3 12:02:28 2017] <anishathalye> benzrf: you could add the constructors to the hint database and then the `auto` machinery (or similar) might be able to easily dispatch your goals
[Wed May  3 12:04:23 2017] <anishathalye> e.g. https://pastebin.com/mnhvjgGA
[Wed May  3 21:22:15 2017] <keep_learning> Hi everyone. I am extracting a function m from proof https://github.com/mukeshtiwari/formalized-voting/blob/master/SchulzeCounting/SchulzeSynthesis.v#L792
[Wed May  3 21:22:49 2017] <keep_learning> of type m : cand -> cand -> Z
[Wed May  3 21:24:44 2017] <keep_learning> This function is very computational intensive and I want to cache the result so that if this function is called at some other place with same parameter then it returns the cached value rather than computing again.
[Wed May  3 21:26:10 2017] <keep_learning> I think the exact word is functional memoization.
[Wed May  3 21:26:11 2017] <benzrf> jrw: eek
[Wed May  3 21:26:20 2017] <benzrf> anishathalye: intrestng thanks
[Wed May  3 21:28:18 2017] <keep_learning> I need some sort of  F : (cand -> cand -> Z) -> (cand -> cand -> Z) such that F m is same type of function with cached behavior enabled.
[Wed May  3 21:28:49 2017] <keep_learning> Is it doable in Coq ?
[Wed May  3 21:30:23 2017] <benzrf> keep_learning: wouldn't that necessarily involve either side effects or changes to the implementation?
[Wed May  3 21:33:39 2017] <keep_learning> benzrf: I can not change the implementation of m because it is handed to me by Coq https://github.com/mukeshtiwari/formalized-voting/blob/master/SchulzeCounting/SchulzeSynthesis.v#L645
[Wed May  3 21:33:53 2017] <benzrf> i mean changes to the implementation of the evaluator
[Wed May  3 21:35:49 2017] <keep_learning> benzrf:  Yeah, I extracted OCaml code and tried with memoization but I am looking for a way to do this in Coq
[Wed May  3 21:36:44 2017] <keep_learning> so rather than changing code in OCaml, it should be extracted from Coq
[Wed May  3 21:42:22 2017] <anishathalye> benzrf: why not just write a wrapper function in OCaml that just implements memoization but calls the function extracted from Coq for evaluation?
[Wed May  3 21:42:44 2017] <anishathalye> or do you have other extracted code calling that function or something?
[Wed May  3 21:43:31 2017] <keep_learning> anishathalye: Second case. Extracted code calling m
[Wed May  3 21:44:57 2017] <keep_learning> All I have is ballots and I am extracting m after counting ballots.
[Thu May  4 08:44:56 2017] <tyrokroketa> Hi everyone, this is for people using mathcomp:
[Thu May  4 08:45:21 2017] <tyrokroketa> is there a way to show that, given a column vector b, (row i b) is equivalent to (b i 0) ?
[Thu May  4 08:51:20 2017] <mortberg_> tyrokroketa: many years since I did any mathcomp now, but maybe using colP could work?
[Thu May  4 08:51:36 2017] <mortberg_> or rowP
[Thu May  4 12:22:36 2017] <tyrokroketa> mortberg_: Thanks, I ended up casting to scalar matrices and using congr1
[Thu May  4 12:29:28 2017] <tyrokroketa> Another question: I have a hypothesis stating that [forall i0: 'I_m, P i0], and my goal is P i. Is there a view for this?
[Thu May  4 12:36:02 2017] <mortberg_> forallP maybe?
[Thu May  4 12:38:36 2017] <tyrokroketa> mortberg_: Thanks! :)
[Thu May  4 12:40:07 2017] <mortberg_> they have very good naming conventions so you can usually guess that you need a view for "thing" the lemma is probably called "thingP"
[Thu May  4 16:58:49 2017] <benzrf> is compactness of the cantor set computationally valid
[Thu May  4 16:58:57 2017] <benzrf> or does that depend on your choices of definition
[Thu May  4 17:00:36 2017] <jrw> does anyone have experience writing code intended to be extracted to machine words in a safe-ish way?
[Thu May  4 17:01:06 2017] <jrw> in other words, I don't want to just extract nat -> machine int or whatever, since that's not even sound in principle.
[Thu May  4 17:01:20 2017] <jrw> but I don't want to work with big ints. what do I do at the coq level?
[Thu May  4 17:01:32 2017] <benzrf> ...bedrock, maybe? :>
[Thu May  4 17:02:05 2017] <jrw> yeah, it would be fast :) seems like overkill though. I just want to generate some ocaml or haskell code that uses machine ints instead of big ints.
[Thu May  4 17:02:52 2017] <jrw> johnw: I feel like you might have some insight about this?
[Thu May  4 18:22:39 2017] <johnw> jrw: hi
[Thu May  4 18:22:45 2017] <jrw> hi!
[Thu May  4 18:23:21 2017] <jrw> I was looking through your coq-haskell repo and didn't see anything about machine ints. do you have a preferred approach to that?
[Thu May  4 18:23:28 2017] <johnw> at the coq level you can work with bounded binary-encoded integers
[Thu May  4 18:23:42 2017] <jrw> right, a la compcert ints
[Thu May  4 18:23:45 2017] <johnw> I use Fiat to refine my nat or N specified programs to 32-bit or 64-bit bounded words
[Thu May  4 18:24:09 2017] <johnw> or, I just extract to a bounded word and hope for the best sometimes
[Thu May  4 18:24:12 2017] <jrw> :D
[Thu May  4 18:24:24 2017] <johnw> I generally prefer N, or in some cases Z
[Thu May  4 18:24:32 2017] <johnw> it allows for efficient large constant
[Thu May  4 18:24:41 2017] <jrw> what does the fiat refinement step usually look like?
[Thu May  4 18:25:32 2017] <johnw> the abstraction relation would be: nat -> Word32 -> Prop, saying something like every Word32 chosen is representable in nat
[Thu May  4 18:25:48 2017] <johnw> then, in the refinement script, you have to decide what the answer becomes when the bounds are exceeded for any particular value
[Thu May  4 18:26:13 2017] <johnw> so, your specification may need to parameterize the return type, so that you can downgrade  to "option Word32"
[Thu May  4 18:26:18 2017] <johnw> let me show an example
[Thu May  4 18:26:24 2017] <jrw> ok that'd be great, thanks
[Thu May  4 18:32:26 2017] <johnw> https://gist.github.com/1cbcd5c4582ad24888a49b6f4f10c6a0
[Thu May  4 18:32:38 2017] <johnw> this uses module functors to abstract the target numerical type
[Thu May  4 18:33:04 2017] <johnw> how you specify to_nat and from_nat is the key
[Thu May  4 18:33:15 2017] <johnw> I give an example for bounded 31-bit integers
[Thu May  4 18:33:47 2017] <johnw> this example also shows the use of QuickChick to do QuickCheck-style testing, since I had trouble with the proofs and ran out of time :)
[Thu May  4 18:34:14 2017] <johnw> which is why from_to_nat is not a proof, just a QuickChick test
[Thu May  4 18:34:22 2017] <johnw> but it certainly should be provable
[Thu May  4 18:35:13 2017] <johnw> another way to specify the idea:
[Thu May  4 18:35:14 2017] <johnw> https://gist.github.com/ae333c61da1f3ed8926da5f5264a3a67
[Thu May  4 18:35:21 2017] <johnw> this enriches the functor to talk about bounds explicitly
[Thu May  4 18:35:26 2017] <johnw> simplifies the refinement work
[Thu May  4 18:35:34 2017] <jrw> thanks! looking...
[Thu May  4 18:39:55 2017] <jrw> have you ever tried to extract from the Cyclic library directly?
[Thu May  4 18:44:07 2017] <johnw> no
[Thu May  4 18:44:15 2017] <johnw> but shouldn't be hard to make the mappings
[Thu May  4 18:44:21 2017] <johnw> I have lots of mapping from nat, Z and N to work with
[Thu May  4 18:44:47 2017] <johnw> e.g., https://github.com/jwiegley/bytestring-fiat/blob/master/extract/ByteStringExt.v#L99
[Thu May  4 18:45:30 2017] <johnw> gotta run now
[Thu May  4 18:46:12 2017] <jrw> thanks!
[Fri May  5 11:27:44 2017] <tyrokroketa> Suppose I have a goal in the form a && b, but I need a to prove b
[Fri May  5 11:28:15 2017] <tyrokroketa> Is there a tactic/pattern to store it as a hypothesis after proving it?
[Fri May  5 11:35:49 2017] <cic> assert (A := a), and then you can use it as many times you want. but there might be some prettier way of doing it.
[Fri May  5 11:52:49 2017] <tyrokroketa> cic: After I prove a, A dissapears
[Fri May  5 12:00:05 2017] <tyrokroketa> Ah, nevermind, I had to do it before the split. Thanks!
[Sun May  7 16:53:47 2017] <mjacob> how can i express "pair of two numbers; second is smaller than first" in coq?
[Sun May  7 16:56:04 2017] <mjacob> where number = natural number
[Sun May  7 17:15:00 2017] <Cale> mjacob: http://lpaste.net/355302
[Sun May  7 17:15:05 2017] <Cale> Something like that perhaps?
[Sun May  7 17:15:18 2017] <Cale> oh, you wanted second smaller than first
[Sun May  7 17:15:49 2017] <Cale> Feel free to adjust the definition :)
[Sun May  7 17:25:13 2017] <mjacob> Cale: it turns out that i need something more like "natural numbers from 0 to n (exclusive)"
[Sun May  7 17:25:37 2017] <mjacob> Cale: the Fin type is almost what i need, except that it goes from 1 to n inclusive
[Sun May  7 17:39:07 2017] <Cale> mjacob: Well, that's little more than a relabelling of the constructors.
[Sun May  7 17:43:37 2017] <mjacob> Cale: yes, i'll try that, hoping that i won't need to duplicate most of the rest of the module as well
[Sun May  7 17:44:43 2017] <mjacob> thank you
[Sun May  7 17:53:17 2017] <Cypi> mjacob: despite what they say at the top of the module, you'll notice that "to_nat F1" returns 0 (and some proof)
[Sun May  7 17:53:37 2017] <Cypi> so it does not really represent 1 to n or 0 to n, it does not really matter what the constructors are labelled
[Sun May  7 18:16:21 2017] <mjacob> Cypi: ah, good to know (although it is rather unintuitive)
[Mon May  8 11:05:41 2017] <katja> Heelo, is anyone there to help with a quick question?
[Mon May  8 11:06:07 2017] <modulus> give it a shot
[Mon May  8 11:06:25 2017] <katja> oops, sorry, house on fire must attend to that first
[Mon May  8 11:06:26 2017] <katja> bye
[Wed May 10 07:44:37 2017] <cocreature> is there any way to avoid having a large number of empty cases in the intro_pattern of inversion when I know that only one case is possible?
[Wed May 10 17:55:26 2017] <lilred> hi folks, I've been googling everywhere but I can't find an answer to this. From H:0 = 1, how can I conclude False?
[Wed May 10 17:57:21 2017] <lilred> found it - "discriminate"
[Wed May 10 18:24:37 2017] <johnw> yep :)
[Wed May 10 19:25:18 2017] <johnw> apparently Arguments support multiple argument specifications, but this doesn't seem to be documented anywhere?
[Thu May 11 00:35:25 2017] <dh`> what (if any) are the current upstream plans regarding the string library?
[Thu May 11 01:17:27 2017] <johnw> I haven't heard anything
[Thu May 11 01:25:12 2017] <dh`> I have been preparing a pile of StringFacts to send upstream :-)
[Thu May 11 01:55:05 2017] <johnw> :)
[Thu May 11 01:55:08 2017] <johnw> it's needed
[Thu May 11 01:55:16 2017] <johnw> get us really good extraction to Haskell while you're doing it
[Thu May 11 01:55:25 2017] <johnw> and better pattern matching on string constants if you can
[Thu May 11 03:38:54 2017] <dh`> haskell and I don't really get along any more
[Thu May 11 03:39:27 2017] <dh`> but having an equivalence between strings and lists of chars would probably help that
[Thu May 11 03:51:50 2017] <johnw> yes, right now they're lists of lists of booleans, which is painful in the extreme
[Thu May 11 04:24:59 2017] <dh`> I have a thing that makes them into pairs of pairs of pairs of booleans, which is a lot less painful
[Thu May 11 04:25:13 2017] <dh`> or rather, that makes such things and constructs some equivalences
[Thu May 11 04:25:45 2017] <dh`> but they aren't lists, they're their own inductive that's isomorphic to lists
[Thu May 11 04:26:00 2017] <dh`> so you can't use any of the list lemmas.
[Thu May 11 10:24:36 2017] <tyrokroketa> Hey, I have a set defined as S := [set i : T | P i], where T is a finType, but cannot find any lemma stating that S \subset T
[Thu May 11 10:24:58 2017] <tyrokroketa> I'm using mathcomp library, btw
[Thu May 11 12:44:01 2017] <tyrokroketa> nevermind, subset_predT did the trick
[Thu May 11 20:11:32 2017] <Warrigal> Hey there.
[Thu May 11 20:12:31 2017] <Warrigal> Just downloadin' Coq. Not sure what I'll end up doing with it.
[Thu May 11 20:15:07 2017] <benzrf> hi
[Thu May 11 20:21:39 2017] <Warrigal> Hey there.
[Thu May 11 20:21:52 2017] <Warrigal> I could... try to implement the entirety of homotopy type theory in it? :D
[Thu May 11 20:26:19 2017] <Warrigal> banseljaj: oh hi!
[Thu May 11 20:26:38 2017] <Warrigal> Dang, I was so eager to get home and play with Coq, and now I don't even know what I want to do with it.
[Thu May 11 20:28:30 2017] <Warrigal> I guess I'll start by defining categories. That's always a good start.
[Thu May 11 20:29:22 2017] <Warrigal> Come to think of it, I'm gonna set a goal... let's go with proving the fundamental theorem of arithmetic.
[Thu May 11 20:29:45 2017] <Warrigal> Stated as...
[Thu May 11 20:30:06 2017] <Warrigal> "The multiplicative monoid of the positive integers is a free commutative monoid."
[Thu May 11 21:04:35 2017] <johnw> Warrigal: should be pretty achievable
[Thu May 11 21:04:43 2017] <johnw> i'm doing CT in Coq too
[Fri May 12 00:45:17 2017] <banseljaj> hi Warrigal
[Sun May 14 11:27:11 2017] <dh`> is there a standard mechanism for stating equivalence between data types?
[Tue May 16 09:58:06 2017] <BernhardPosselt> hi, what does coq add that allows it to prove theorems? dependent types?
[Tue May 16 10:00:12 2017] <BernhardPosselt> compared to other languages like haskell
[Tue May 16 10:51:48 2017] <notnotdan> BernhardPosselt: yes, dependent types and strong normalisation
[Tue May 16 10:53:00 2017] <BernhardPosselt> notnotdan: ty :)
[Tue May 16 11:55:54 2017] <chatter29> hey guys
[Tue May 16 11:55:56 2017] <chatter29> allah is doing
[Tue May 16 11:56:01 2017] <chatter29> sun is not doing allah is doing
[Tue May 16 11:56:04 2017] <chatter29> to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger
[Tue May 16 11:57:12 2017] <modulus> proof script or gtfo.
[Tue May 16 11:59:13 2017] <Tjis> they're still going
[Tue May 16 11:59:20 2017] <Tjis> amazing
[Tue May 16 12:00:36 2017] <modulus> i expect it's automated.
[Tue May 16 15:41:12 2017] <dtornabene> hey all, does anyone know of a general english language introduction to the coqide that comes with the installation on Unix?
[Tue May 16 15:53:36 2017] <dtornabene> .....bueller?
[Tue May 16 16:24:18 2017] <dtornabene> does anybody know how to use it and maybe answer a couple of questions?
[Tue May 16 16:33:48 2017] <diginet> modulus: hey, at least we have proof God exists with Coq!
[Tue May 16 16:33:57 2017] <diginet> okay not *reeeeaaalllly*
[Tue May 16 16:34:05 2017] <diginet> but it was still a pretty monumental undertaking
[Tue May 16 21:47:59 2017] <dh`> nobody seems to talk in here :(
[Tue May 16 22:30:01 2017] <jrw> dh`: lots of lurkers :)
[Wed May 17 08:20:12 2017] <tyrokroketa> Hello again everyone
[Wed May 17 08:20:54 2017] <tyrokroketa> Is it possible to create a coq toplevel with a set of automatic imports (from compiled Coq files containing theorems,defs etc.) using coqmktop?
[Wed May 17 08:26:37 2017] <tyrokroketa> I know you can build a wrapper script that invokes coqtop -load-vernac-source (or -require [path]), but I was just curious
[Fri May 19 07:17:08 2017] <shlevy> Is there an equivalent (automated or some step-by-step process) to "cabal init" for starting a new coq project?
[Fri May 19 09:44:22 2017] <shlevy> In emacs/PG, how do I make "Require Import<RET>Foo" just indent Foo 2 spaces instead of 8?
[Fri May 19 09:44:36 2017] <shlevy> I've searched through the mode customization and can't see where the 8 is coming from
[Fri May 19 10:56:35 2017] <notnotdan> Is there any way to check whether a goal (or some other term) has a certain variable free?
[Fri May 19 10:56:40 2017] <notnotdan> Using Ltac that is
[Fri May 19 10:57:09 2017] <dh`> I expect ordinary patterns would do that
[Fri May 19 10:57:23 2017] <dh`> well, making sure that it's free might be annoying
[Fri May 19 11:01:26 2017] <notnotdan> dh`: how one would do that with ordinary patterns?
[Fri May 19 11:02:29 2017] <notnotdan> Currently I am using a quite ugly semi-solution which does `generalize dependent x; match goal with | [ |- _ -> ?P ] => ... | [ |- forall x, P ] => ... end; intro x'
[Fri May 19 11:02:33 2017] <notnotdan> which only works with the goal
[Fri May 19 20:59:29 2017] <cq11> Hey folks. I've been struggling for a while with what seems to be really easy. My goal contains a subterm that is a fix, and I'd like to unrwap it by one step.
[Fri May 19 20:59:33 2017] <cq11> Here's a minimalish example: https://pastebin.com/ft07g0v3
[Fri May 19 20:59:59 2017] <cq11> Oh, crap, sorry.
[Fri May 19 21:00:10 2017] <cq11> I'll correct it, then paste the correct one.
[Fri May 19 21:02:19 2017] <cq11> Well, okay, the theorem listed there is false, because I got the argument order wrong, but it doesn't really matter. The gist is the same -- I need to unwrap the term (fix f ...) so that it contains the (fix f ...) in place of f.
[Mon May 22 21:51:28 2017] <shlevy> Is there a way to teach the coq flycheck checker to use the _CoqProject file?
[Mon May 22 21:52:23 2017] <shlevy> johnw: ^
[Tue May 23 09:31:26 2017] <jakub_> Hi, I am total beginner and am completely lost in tutorials, but how would one prove in coq "forall i : Z. exists j : Z. i < j"? I thought I would unify j with i+1 and invoke lt_succ_r, but how, my assistant hates me and refuses to cooperate :)
[Tue May 23 09:37:27 2017] <Saizan> jakub_: "intro. eexists. eapply lt_succ_r." might work
[Tue May 23 09:38:49 2017] <jakub_> Saizan: thanks, coq: attempting to save an incomplete proof
[Tue May 23 09:40:54 2017] <jakub_> I couldn't even spot these tactics among all the rest, at least now it makes a bit of sense, although I have no idea what is missing in that proof
[Tue May 23 09:41:12 2017] <Saizan> jakub_: ok, sorry, maybe you have to be more specific, something like "intro i. exists (i+1). ..."
[Tue May 23 09:42:09 2017] <Saizan> jakub_: another way might be "intro i. eexists. eapply (lt_succ_r i)."
[Tue May 23 09:43:00 2017] <jakub_> is there a way to learn what exactly is missing? because none of the above worked
[Tue May 23 09:43:11 2017] <Saizan> hah
[Tue May 23 09:43:44 2017] <Saizan> i guess with Show Proof. you might get some info
[Tue May 23 09:44:46 2017] <Saizan> the "e.." tactics make it so you can leave arguments unspecified until later
[Tue May 23 09:46:22 2017] <jakub_> the coq reference-manual could use some examples
[Tue May 23 09:47:05 2017] <jakub_> do I write "Show Proof." instead of "Proof." ? because if so, then it printed the veru useful line "?Goal" in blue and that's it :)
[Tue May 23 09:47:14 2017] <jakub_> *very
[Tue May 23 09:48:31 2017] <Saizan> no, your leave Proof. there
[Tue May 23 09:48:45 2017] <Saizan> you can use Show Proof. in the middle of it to see the proof term generated so far
[Tue May 23 09:49:31 2017] <Saizan> jakub_: well, the reference manual is not meant to be a tutorial i guess
[Tue May 23 09:50:26 2017] <Saizan> http://covariant.me/stuff/coq/cheatsheet.pdf <- this is quite helpful though
[Tue May 23 09:51:31 2017] <jakub_> thanks
[Tue May 23 10:35:20 2017] <Nk_> http://lpaste.net/355769 What makes O the number 0? I really cannot wrap my head around this.
[Tue May 23 10:36:51 2017] <Nk_> Please someone guide me in this
[Tue May 23 10:44:21 2017] <Cypi> Nk_: what do you mean?
[Tue May 23 10:44:52 2017] <Cypi> 0 is a notation for O, if that's what you mean. Or do you mean, in a more "philosophical" way, why is the constructor O the same as what we usually call 0?
[Tue May 23 10:45:25 2017] <Nk_> Not in philosophical way
[Tue May 23 10:46:24 2017] <Nk_> In the book Software foundations it says it does not matter whether we write O or tick or any variable.
[Tue May 23 10:46:52 2017] <Nk_> I cannot understand if O represent natural number then how come it becomes only 0?
[Tue May 23 10:48:47 2017] <Cypi> I don't understand "it becomes only 0". Do you mean, how come that when we speak about O, then Coq prints 0?
[Tue May 23 10:49:07 2017] <Cypi> jakub_: if it helps, the following works in 8.6 http://lpaste.net/355770
[Tue May 23 10:49:37 2017] <Cypi> (the %Z are there to make sure the symbols < and + are interpreted properly (otherwise Coq expect them to talk about nat, not Z))
[Tue May 23 10:50:42 2017] <Nk_> Cypi: Yes exactly
[Tue May 23 10:53:44 2017] <Cypi> Then it's just a matter of printing and notations. Somewhere in Coq, it knows that when it has to print O or (S (S ... (S O) ...)), it has to replace it with 0 or the natural number it correponds to
[Tue May 23 10:55:15 2017] <Cypi> If you are using CoqIDE, you can uncheck "Display notations" in the "View" menu to see the actual terms. Without CoqIDE, you can use the "Unset Printing Notations." to get the same result.
[Tue May 23 10:55:17 2017] <Nk_> oh ok
[Tue May 23 10:55:46 2017] <Cypi> So 0 is not an actual term, it is just a notation, which might be translated to O (and vice-versa)
[Tue May 23 10:56:45 2017] <Nk_>  thank you
[Tue May 23 11:04:14 2017] <jakub_> Cypi: thank you so much, it works with lt_succ_r too, the missing piece seems to have been reflexivity... I still don't quite see why
[Tue May 23 11:08:33 2017] <Cypi> In my proof, what you need to prove at the end is (0 < 1)%Z
[Tue May 23 11:09:20 2017] <Cypi> The way < is defined on Z is that "x < y" is the same as "(x ?= y) = Lt", where "x ?= y" is some function that compares x and y
[Tue May 23 11:09:44 2017] <Cypi> so in the case where we compare 0 and 1, this function returns Lt, therefore what we have to prove is the same as proving "Lt = Lt"
[Tue May 23 11:09:49 2017] <Cypi> which is done through reflexivity
[Tue May 23 20:47:42 2017] <tsw_ett> So I'm thinking about theory here...
[Tue May 23 20:48:11 2017] <tsw_ett> Coq has this thing called the "universe", I suppose. The axioms of the universe happen to be a conservative extension of the axioms of a category.
[Tue May 23 20:48:51 2017] <tsw_ett> If I declare some types (representing objects) and functions (representing arrows), I will end up with all of the functions generated by the axioms of a category, but no additional functions.
[Tue May 23 20:49:48 2017] <tsw_ett> Now, there are various axioms I can add that extend the universe in various interesting ways, like...
[Tue May 23 20:50:08 2017] <tsw_ett> Axiom peirce : forall a b : Set, ((a -> b) -> a) -> a.
[Tue May 23 20:50:51 2017] <tsw_ett> So my question is, then...
[Tue May 23 20:51:02 2017] <tsw_ett> I don't suppose there's a way to have *multiple different* "universes" like this?
[Tue May 23 20:51:35 2017] <tsw_ett> Maybe I want two different versions of Set, one where Peirce's law holds and one where it does not.
[Tue May 23 20:56:46 2017] <tsw_ett> I'd like to be able to do something like...
[Tue May 23 20:56:54 2017] <tsw_ett> Axiom MyUniverse : Universe.
[Tue May 23 20:56:54 2017] <tsw_ett>  Axiom peirce : forall a b : MyUniverse, ((a -> b) -> a) -> a.
[Tue May 23 20:57:06 2017] <tsw_ett> Of course, there's no such type as "Universe".
[Tue May 23 20:58:31 2017] <tsw_ett> I should probably stop using the word "universe", since Coq uses that word to mean something else.
[Tue May 23 21:01:20 2017] <tsw_ett> Maybe I'll call it a "world". A "world" is a type which other types can be values of, and which supports all the usual primitives for constructing types.
[Tue May 23 21:02:04 2017] <tsw_ett> Coq gives you three worlds: Set, Prop, and Type. It seems like Coq does not give you any way to create more worlds.
[Tue May 23 21:02:06 2017] <tsw_ett> Right?
[Tue May 23 21:04:26 2017] <tsw_ett> Looks like the correct word in Coq is actually "sort".
[Tue May 23 21:38:17 2017] <tsw_ett> Then again...
[Tue May 23 21:39:05 2017] <tsw_ett> Universe M. Definition MySort := Type@{M}. Opaque MySort.
[Tue May 23 21:39:51 2017] <tsw_ett> Now MySort acts a lot like a sort like Set and Prop.
[Wed May 24 03:26:02 2017] <dh`> you can generate arbitrarily many more layers of Prop, but I don't think that's what you want
[Wed May 24 03:47:24 2017] <jakub_> how could I state a forall-introduction rule in coq? (something that takes a formula phi over some term t and produces an equivalent formula (forall x. x = t -> phi') where phi' is phi[x/t]
[Wed May 24 08:12:41 2017] <Coqnoob> I just started learning Coq. I want to know why do we need a programming language to prove Theorems? Is Coq only for mathematical people or does it have a use in software industry
[Wed May 24 08:27:44 2017] <Cale> Coqnoob: Well, while writing practical software in Coq still requires heroic levels of effort (it is possible though, see CompCert for an example of a nontrivial project), the idea of being able to prove theorems expressed by types should be of general interest to software developers
[Wed May 24 08:28:04 2017] <modulus> it's primarily for maths but it has use for software too, because programs and proofs are equivalent. it can be used to prove correctness of programs, extract programs that are correct by construction etc.
[Wed May 24 08:28:12 2017] <Cale> We like to know that our programs actually compute the things they're supposed to compute
[Wed May 24 08:30:51 2017] <Coqnoob> Somewhat similar to Software testing?
[Wed May 24 08:31:15 2017] <Cale> Except better, because you can know that some property holds for all possible inputs.
[Wed May 24 08:31:20 2017] <modulus> a step up from testing.
[Wed May 24 08:35:37 2017] <Coqnoob> ok got you. Also need to dive deeper in Coq to get the obscurity out of my mind.
[Wed May 24 08:36:53 2017] <Cale> Coqnoob: It's also more than just equational properties, for example, it's possible to have so-called "session types" which express a network protocol, and only programs which follow the protocol will typecheck.
[Wed May 24 08:43:30 2017] <Coqnoob> hmm i see. I also started learning haskell and type theory intrigued me to learn Coq too but man I find Coq tough than Haskell.
[Wed May 24 08:52:57 2017] <benzrf> Coqnoob: it is, dw
[Wed May 24 09:03:49 2017] <tyrokroketa> Hey everyone
[Wed May 24 09:04:13 2017] <tyrokroketa> is there some easy way to "prove" a forall over an empty set?
[Wed May 24 09:04:45 2017] <Cypi> Prove that the set is empty
[Wed May 24 09:04:46 2017] <tyrokroketa> I am using mathcomp and have to prove something like "forall i: 'I_m, P i", but m = 0 in a certain case
[Wed May 24 09:04:48 2017] <benzrf> tyrokroketa: what kind of empty set
[Wed May 24 09:05:26 2017] <benzrf> tyrokroketa: the emptiness of the set is demonstrated by deriving a contradiction from having an element of it, so you're really asking a circular question :p
[Wed May 24 09:05:30 2017] <Cypi> "forall (t : Empty_set), 0 = 1" would be proved by "intros H; inversion H" for instance, but it depends on your specific case
[Wed May 24 09:05:40 2017] <benzrf> if you meant "empty" in the sense of "inductive type with 0 constructors", that would be inversion, but
[Wed May 24 09:44:49 2017] <tot> In nat type definition I understand that S :nat ->nat take a number and return a number , but how does it returns a next number?
[Wed May 24 09:45:25 2017] <tot> O is 0 how does S gives 1?
[Wed May 24 09:55:28 2017] <Igloo> 'S' is short for 'successor'. So 'S O' means 'the successor of O', or 'the number after 0'.
[Wed May 24 10:02:01 2017] <tot> Igloo: So S is not just a variable that can be replaced by anything if I want to implement nat type myself
[Wed May 24 10:02:03 2017] <benzrf> tot: 1 is just notation
[Wed May 24 10:02:29 2017] <benzrf> tot: when you write something like "3", coq expands it to "S (S (S O))" before almost anything else, as i understand it
[Wed May 24 10:02:33 2017] <benzrf> it's just syntactic sugar
[Wed May 24 10:02:46 2017] <benzrf> then it does the reverse when printing
[Wed May 24 10:03:08 2017] <benzrf> but nats in coq ARE literally just the inductive type with S and O - digits are purely an interface thing
[Wed May 24 10:03:27 2017] <benzrf> it's like how in haskell or ml, [1, 2, 3] is just short for 1:2:3:[]
[Wed May 24 10:05:26 2017] <tot> ok so O means 0 in Coq and S O is 1 . This is how it was implemented internally in  Coq?
[Wed May 24 10:05:59 2017] <benzrf> no, it's the other way around
[Wed May 24 10:05:59 2017] <benzrf> 0 means O
[Wed May 24 10:06:36 2017] <benzrf> think how in C, you can write 'a' for 0x61
[Wed May 24 10:06:46 2017] <benzrf> but really, that's just syntax, it's still a byte either way
[Wed May 24 10:07:02 2017] <benzrf> in coq, you can write 3 for S (S (S O)), but it's still the latter either way
[Wed May 24 10:07:03 2017] <tot> oh ok
[Wed May 24 10:07:20 2017] <benzrf> it's just a bit more confusing because coq prints out S (S (S O)) as "3" for convenience
[Wed May 24 10:07:28 2017] <benzrf> but if you run "Unset Printing Notations." you can see what's really going on
[Wed May 24 10:08:05 2017] <tot> ok thank you very much
[Wed May 24 10:08:08 2017] <benzrf> np :)
[Wed May 24 10:08:17 2017] <benzrf> tot: https://i.imgur.com/7uZiT7O.png
[Wed May 24 10:49:46 2017] <coqnoob> I want to make a function that checks if two numbers are equal or not . I thought if n-m =0 then they are equal so i wrote this http://lpaste.net/355816 but it give error "Cannot guess decreasing argument of fix."
[Wed May 24 10:50:26 2017] <coqnoob> Can I do something that use minus function to check equality?
[Wed May 24 11:09:22 2017] <coqnoob> Please someone take a look at my code.
[Wed May 24 11:16:28 2017] <dh`> are you using nat or z?
[Wed May 24 11:18:49 2017] <dh`> also, remember that in coq every function has to be guaranteed to terminate
[Thu May 25 14:09:46 2017] <qwe> I am very new to Coq and kinda just stumbled upon the language. I don't know exactly when and why to use this language but it seems interesting to me. So when do you guys think learning Coq is essential and benefit someone
[Thu May 25 14:24:36 2017] <qwe> anyone?
[Thu May 25 14:30:49 2017] <tautologico> coq is an interactive theorem prover
[Thu May 25 14:31:17 2017] <tautologico> mostly used for verifying computer programs, or formalizing mathematics
[Thu May 25 14:31:55 2017] <tautologico> or writing certified programs
[Thu May 25 16:55:19 2017] <shlevy> Is there some setting in my _CoqProject or coq_makefile to have docs built and installed with make?
[Thu May 25 16:55:27 2017] <shlevy> Or add a "doc" make target at least?
[Thu May 25 17:32:40 2017] <johnw> hi shlevy!
[Thu May 25 17:32:47 2017] <johnw> you can use coq-doc
[Thu May 25 18:06:00 2017] <shlevy> johnw: Hey!
[Thu May 25 18:06:11 2017] <shlevy> johnw: I was trying to figure out the Right Way to incorporate it into my makefile
[Thu May 25 18:11:20 2017] <johnw> The One True Way
[Thu May 25 18:17:13 2017] <shlevy> johnw: Is there a way in a Makefile that includes my _CoqProject Makefile to easily get all of the coq files and build the HTML or LaTeX for them and install them?
[Thu May 25 18:18:02 2017] <johnw> what are you expecting to see?
[Thu May 25 18:18:04 2017] <johnw> the source code?
[Thu May 25 18:18:24 2017] <shlevy> The stuff generated with coqdoc
[Thu May 25 18:18:33 2017] <shlevy> I'm adding coqdoc comments and all that
[Thu May 25 18:19:00 2017] <johnw> looks like coq-makefile creates an "html" target in the resulting makefile
[Thu May 25 18:19:07 2017] <shlevy> Ah!
[Thu May 25 18:19:10 2017] <shlevy> Awesome :D
[Thu May 25 18:19:12 2017] <shlevy> Thank you
[Thu May 25 21:07:58 2017] <tswe_tt> Hey, I'm wondering if I can write out a universe constraint explicitly. What I want to write is...
[Thu May 25 21:08:28 2017] <tswe_tt> Definition Space := Type@{B}, where B is any universe greater than or equal to the global universe A.
[Thu May 25 21:45:14 2017] <tswe_tt> Hmm. I wanted to write this record:
[Thu May 25 21:46:02 2017] <tswe_tt> Record Unique (A : Space) := {unique_value :> A; unique_uniqueness : forall x : A, x = unique_value}.
[Thu May 25 21:46:31 2017] <tswe_tt> But it looks like defining :> as a coercion is not allowed because A doesn't have a constant at the head.
[Thu May 25 21:46:52 2017] <tswe_tt> Is that right?
[Fri May 26 06:30:23 2017] <shlevy> tswe_tt: https://coq.inria.fr/refman/Reference-Manual032.html#hevea_default1067 Have you seen this?
[Fri May 26 10:40:59 2017] <johnw> tswe_tt: another trick that I use is "Space := (Type : Type)"
[Fri May 26 10:41:07 2017] <johnw> ensure you get a larger type than the "global Type"
[Fri May 26 10:41:14 2017] <johnw> or rather, smaller
[Fri May 26 21:05:06 2017] <tswe_tt> shlevy: have I seen the Universe command? Yeah, that's how I got the global universe A in the first place.
[Fri May 26 21:07:43 2017] <tswe_tt> Note that I'm using Set Universe Polymorphism.
[Fri May 26 21:08:48 2017] <tswe_tt> Fwiw, I'm using a couple of "rules of thumb" in the stuff I'm writing...
[Fri May 26 21:10:28 2017] <tswe_tt> Never use the tactic proof system; and make almost everything opaque.
[Fri May 26 21:19:48 2017] <tswe_tt> By the way, is it possible to rearrange the panes in CoqIde? I'd like to have the editor take up the entire left half of the screen, while the Messages tab and the query pane are stacked vertically on the right half.
[Fri May 26 21:42:47 2017] <benzrf> thats what it looks like for me :D
[Fri May 26 21:52:53 2017] <tswe_tt> benzrf: whelp... how do I get it that way?
[Fri May 26 21:53:19 2017] <benzrf> dunno
[Fri May 26 21:53:23 2017] <benzrf> thats how it shipped for me i think
[Fri May 26 21:53:25 2017] <benzrf> unsure
[Fri May 26 22:16:16 2017] <tswe_tt> You know, it's a pretty remarkable coincidence that the capital letters pi and sigma, which can be used to denote dependent products and sums, resemble the letters A and E, for "all" and "exists".
[Fri May 26 22:39:26 2017] <dh`> I would like to have the following haskell typeclass in coq, but I can't figure out the syntax:
[Fri May 26 22:39:27 2017] <dh`> class Expr t where
[Fri May 26 22:39:28 2017] <dh`>    step :: (Expr t' => t -> t')
[Fri May 26 22:42:44 2017] <jrw> dh`: I don't think that's supported by Coq, if I understand correctly.
[Fri May 26 22:43:15 2017] <tswe_tt> That's an interesting one.
[Fri May 26 22:43:24 2017] <tswe_tt> What I want to say is...
[Fri May 26 22:43:54 2017] <dh`> it's supposed to return a value of a potentially (but not necessarily) different type that's also an expression
[Fri May 26 22:44:14 2017] <dh`> (why do I have different types of expressions? because I'm doing something marginally crazy for other reasons)
[Fri May 26 22:44:32 2017] <tswe_tt> Record Expr (t : Type) := { step : forall t' : Type, Expr t' -> t -> t' }.
[Fri May 26 22:44:41 2017] <tswe_tt> Pretty sure Coq won't allow that because it's recursive.
[Fri May 26 22:45:03 2017] <dh`> yeah
[Fri May 26 22:45:33 2017] <tswe_tt> dh`: so when I'm implementing Expr t, do I have to implement step for all possible t' or just one?
[Fri May 26 22:45:43 2017] <dh`> only one.
[Fri May 26 22:46:01 2017] <tswe_tt> In that case, replace "forall" with "exists" in my record type.
[Fri May 26 22:46:04 2017] <tswe_tt> It's still recursive, of course.
[Fri May 26 22:46:09 2017] <dh`> right
[Fri May 26 22:46:52 2017] <dh`> amusingly(?) if you try to write it as a Class it tells you "Records declared with the keywords Record or Structure cannot be recursive," and you have to know that classes are magic records
[Fri May 26 22:47:11 2017] <dh`> although that message points out that you can have recursive records with Inductive
[Fri May 26 22:48:40 2017] <tswe_tt> Hmm, I feel like I know what here...
[Fri May 26 22:48:42 2017] <dh`> it gives "the term Expr t' -> t -> t'" has type Type while it is expected to have type Prop
[Fri May 26 22:48:57 2017] <dh`> er, wrong quotes, but anyway
[Fri May 26 22:49:15 2017] <dh`> I think I already tried that. :-/
[Fri May 26 22:50:13 2017] <dh`> forall doesn't do that, but with forall and Inductive it complains about a non-strictly-positive occurrence of Expr
[Fri May 26 22:51:16 2017] <tswe_tt> Inductive Expr : Type -> Type := step_to_Expr : forall (t t' : Type), Expr t' -> (t -> t') -> Expr t.
[Fri May 26 22:51:18 2017] <dh`> the conclusion I came to yesterday was that it wasn't going to work, but I was hoping just that I haven't tried all the possible syntaxes yet
[Fri May 26 22:54:00 2017] <tswe_tt> So the good news is, I think that's exactly what you asked for (save for the fact that it's not a typeclass)?
[Fri May 26 22:54:17 2017] <tswe_tt> The bad news is, there's no way to ever get an Expr.
[Fri May 26 22:54:27 2017] <dh`> heh
[Fri May 26 22:55:32 2017] <dh`> it's not really what I want because it allows any function to become a step
[Fri May 26 23:02:25 2017] <dh`> e.g. if I use nat as the type for constant expressions, then e.g. 2 steps to 3 using that and S
[Fri May 26 23:02:31 2017] <dh`> which is not really what one wants
[Fri May 26 23:06:17 2017] <dh`> one could stop that by introducing a class on t -> t' functions, I guess
[Fri May 26 23:07:50 2017] <dh`> but there's also the problem that which type an expression steps to isn't really static
[Fri May 26 23:08:38 2017] <dh`> e.g. an operator application steps to either itself (while it's stepping its contents) or to a constant
[Fri May 26 23:10:00 2017] <dh`> oh well
[Fri May 26 23:10:03 2017] <dh`> thanks for the suggestions.
[Fri May 26 23:34:15 2017] <dh`> (also it looks like without the class it's not polymorphic enough)
[Sat May 27 19:46:49 2017] <shlevy> Is there a good preexisting lib for possibly terminating streams? e.g. Coq.List.Streams but with a 'nil' constructor?
[Sat May 27 20:13:21 2017] <johnw> hmm
[Sat May 27 20:13:31 2017] <johnw> don't know the answer to that one
[Sat May 27 20:18:59 2017] <shlevy> OK. I know I can construct a coinductive predicate that such a pt-stream is non-terminating and I think I can use that to transport proofs about streams to the relevant pt-stream, and similarly an inductive predicate that such a pt-stream is terminating. Now to see if I can inhabit the sum of those two predicates from any given pt-stream
[Sat May 27 20:19:55 2017] <shlevy> I don't know if the sum of an inductive and coinductive prop is something that you can even reasonably work with though :o
[Sat May 27 20:37:58 2017] <johnw> actually, there's a paper about mixing inductive and coinductive types
[Sat May 27 20:55:38 2017] <johnw> shlevy: https://github.com/jwiegley/fiat-rel :)
[Sat May 27 20:57:50 2017] <johnw> and you should join the Fiat mailing list
[Sat May 27 21:40:41 2017] <shlevy> johnw: :o didn't know there was a mailing list@
[Sat May 27 21:40:50 2017] <shlevy> johnw: Link?
[Sat May 27 21:43:49 2017] <shlevy> johnw: Oooh may have to wait for tomorrow to dig more intot his but it looks really interesting! I think RelatedTheory might fill a hole in some of my planning for the cat project :)
[Sat May 27 22:01:16 2017] <shlevy> I think I may have asked this at one point, but is there a recommended style guide?
[Sat May 27 22:45:31 2017] <shlevy> Is there a way to teach coqdoc to do hyperlinks to dependencies found in COQPATH?
[Sat May 27 22:50:23 2017] <shlevy> johnw: And we're started https://github.com/shlevy/cat-fiat
[Sat May 27 23:15:43 2017] <johnw> shlevy: yes to the coqdoc and hyperlinks, it should be in the docs
[Sat May 27 23:15:49 2017] <johnw> yay to cat-fiat!
[Sun May 28 03:38:54 2017] <cocreature> what’s the best way to apply a tactic to all assumptions that match some pattern? "match goal" only applies it once and "repeat match goal" is an infinite loop if I don’t remove those assumptions afterwards (which I don’t want to do)
[Sun May 28 03:47:52 2017] <cocreature> ah in this case I could get it to work by checking if I had already operated on that assumption and "fail"ing in that case
[Mon May 29 05:48:39 2017] <lthms> This is annoying. I am using Emacs with evil and since a few days, Proof General wants to expand what is under my cursor when I hit Escap (and I do that quite often)
[Mon May 29 05:48:56 2017] <lthms> For instance it turns `(A: Type)` into `(AUTO: Type)`
[Mon May 29 05:49:13 2017] <lthms> Any advice on this matter?
[Mon May 29 06:00:20 2017] <lthms> found that: https://github.com/syl20bnr/spacemacs/issues/8853
[Mon May 29 23:44:21 2017] <dh`> grr
[Mon May 29 23:45:09 2017] <dh`> I wish there were a way to stick "assert (x1 = x2)" into the middle of a function and prove it afterwards
[Mon May 29 23:46:49 2017] <dh`> or more accurately, "assert (t1 = t2)" where t1 t2: Type
[Mon May 29 23:47:06 2017] <dh`> this seems to come up a lot, or maybe it's just the way I write things
[Mon May 29 23:55:26 2017] <Cypi> If you are using Program, you can stick an underscore somewhere and prove afterwards what is needed
[Tue May 30 00:48:46 2017] <dh`> that never seems to work, but maybe I'm doing it wrong
[Tue May 30 00:48:51 2017] <dh`> (also in this case I'm not using Program)
[Tue May 30 00:49:03 2017] <dh`> (not that this is necessarily important)
[Tue May 30 04:24:25 2017] <notnotdan> dh`: what about [enough (t1 = t2)]?
[Tue May 30 10:31:13 2017] <nohTo> Hello everyone. Recently I became interested in homotopy type theory and would like to play around with it. Maybe this is the wrong place to ask, because you might be biased, but how can I decide between learning Agda vs learning Coq?
[Tue May 30 10:41:31 2017] <nohTo> Or can anyone recommend a good way to learn coq? :-)
[Tue May 30 10:42:41 2017] <modulus> software foundations is one way
[Tue May 30 10:42:56 2017] <modulus> but that said that's thought out for learning coq for program verification and such
[Tue May 30 10:43:25 2017] <modulus> though of course much of it is applicable to other things, but if you are more interested in other bits, it may not be the shortest path.
[Tue May 30 10:51:25 2017] <nohTo> modulus: Thank you very much, I will check that book out.
[Tue May 30 10:51:43 2017] <modulus> yw, hth.
[Tue May 30 10:52:29 2017] <modulus> also i'm not myself following HoTT but most I hear about developments in it are in coq so that may be a reason to choose it.
[Tue May 30 10:56:53 2017] <nohTo> I see. And as a general question: I heard that you can extract code from coq, how well does that work? I mean in theory, since you can proof properties of your code the "compiler" can go completely crazy with optimizations. Is that actually happening?
[Tue May 30 10:59:44 2017] <shlevy> nohTo: IIUC the extraction removes proofs but that's it. You can, of course, "go completely crazy" yourself with proofs all along the way verifying it
[Tue May 30 11:00:18 2017] <shlevy> nohTo: And then only extract the optimized version
[Tue May 30 11:01:38 2017] <nohTo> shlevy: Ah, you mean optimize yourself and prove correctness?
[Tue May 30 11:02:11 2017] <shlevy> Yep, and you can automate or semi-automate that process. See e.g. http://plv.csail.mit.edu/fiat/
[Tue May 30 11:03:22 2017] <Cypi> To be clear, there is no built-in optimization done by the extractor. What it does is a very direct translation, with only some criterion to erase everything Prop-related
[Tue May 30 11:09:26 2017] <nohTo> I guess it makes sense, because the extractor cannot guess what you want to optimize for
[Tue May 30 16:13:56 2017] <johnw> plus, the extractor is already untrusted; letting it do program transformations just makes that situation much, much worse
[Tue May 30 16:14:20 2017] <johnw> ideally it conveys my Coq terms as literally as possible in whatever the target language is
[Tue May 30 16:14:33 2017] <johnw> but even then, I have to hand-tune the translations, and even use Perl scripts to fix the result in places
[Tue May 30 17:27:54 2017] <markhkim> This is a silly question, but I can't seem to find the answer anywhere obvious: what's the CoqIDE shortcut for compile buffer?
[Tue May 30 17:28:28 2017] <johnw>  if you look up in the menus, it shows the keys for the shortcut
[Tue May 30 17:28:37 2017] <johnw>  I can never remember what it is though
[Tue May 30 17:28:51 2017] <markhkim> Yes, I know, but it doesn't show a key for compile buffer.
[Tue May 30 17:28:59 2017] <markhkim> which is strange
[Tue May 30 17:29:04 2017] <johnw> huh
[Tue May 30 17:29:38 2017] <johnw> you can create a configuration file that will allow you to bind keys
[Tue May 30 17:29:41 2017] <johnw> for example https://github.com/yurug/coqepit/blob/master/installation/coqide-configuration/coqide.keys
[Tue May 30 17:30:00 2017] <markhkim> I take it there's no canonical reference for shortcut keys.
[Tue May 30 17:30:18 2017] <johnw> F8?
[Tue May 30 17:30:20 2017] <johnw> https://coq.inria.fr/cocorico/Configuration%20of%20CoqIDE
[Tue May 30 17:31:44 2017] <markhkim> ah ok. I'll try that alternative config file.
[Tue May 30 17:36:53 2017] <markhkim> Huh, strange. I modified the bindings on ~/.config/coq/coqide.keys but my modifications are rolled back whenever I open up coqide.
[Tue May 30 19:57:13 2017] <Warrigal> Hey there. I wrote an expression with a placeholder (an underscore) in it, because I wasn't sure what to write there.
[Tue May 30 19:57:38 2017] <Warrigal> As I expected, I got a "cannot infer this placeholder" error, telling me the type needed for the placeholder and the environment.
[Tue May 30 19:58:41 2017] <Warrigal> Now I'm wondering if there's a way to set that as a goal so I can try some tactics.
[Tue May 30 19:59:45 2017] <Cypi> If you wrote something like "Definition foo := some_term _ .", try "Program Definition foo := some_term _ ."
[Tue May 30 20:00:14 2017] <Cypi> a more manual way of doing it would be to just take the expected type of the placeholder, and set that as a goal
[Tue May 30 20:00:19 2017] <Cypi> (like, copy-paste it)
[Tue May 30 20:02:08 2017] <johnw> Warrigal: how did you write it?
[Tue May 30 20:02:16 2017] <johnw> often, refine or eapply can turn placeholders into goals
[Tue May 30 20:02:44 2017] <Warrigal> I wrote it inside a definition like Cypi wrote.
[Tue May 30 20:03:13 2017] <johnw> then either use Program
[Tue May 30 20:03:21 2017] <johnw> or say: Definition foo. refine (...).
[Tue May 30 20:05:09 2017] <Warrigal> Nice. I like that "Definition foo. refine" technique.
[Tue May 30 20:05:10 2017] <Warrigal> Thanks!
[Tue May 30 20:05:46 2017] <johnw> it's much-used in CPDT
[Tue May 30 20:06:20 2017] <johnw> as a way of writing most-Gallina definitions, but while still in a proof environment, in cases where Program isn't exactly what you need
[Tue May 30 20:06:24 2017] <johnw> I tend to use Program a lot, though
[Tue May 30 20:06:38 2017] <johnw> if I call a function and it can't guess the hole, I just do _ (func foo _ bar)
[Tue May 30 20:06:45 2017] <johnw> to see if it can make a goal for what I'd need to do further
[Tue May 30 20:26:58 2017] <Warrigal> Hmm. I see that Opaque doesn't do nearly what I thought it did.
[Tue May 30 20:27:40 2017] <Warrigal> I thought it would make a constant non-unfoldable. It doesn't do that.
[Tue May 30 20:31:34 2017] <Warrigal> Indeed, it looks like it's not possible to make a constant defined with "Definition" non-unfoldable.
[Tue May 30 20:33:31 2017] <Warrigal> The general thing I want to do is to define a constant, prove some things about it, and then make the constant non-unfoldable so that its implementation is no longer visible.
[Tue May 30 20:34:49 2017] <Warrigal> I'm trying to implement homotopy type theory, so an example would be that I define the path composition function, then prove that reflexivity is an identity for it, then make the function non-unfoldable.
[Tue May 30 20:50:45 2017] <t_swett> Now I'm wondering what kinds of suites of opaque constants you'd need to match a transparent one.
[Tue May 30 20:51:33 2017] <t_swett> Suppose you've got compose : (x = y) -> (y = z) -> (x = z) as an opaque constant. It's hard to prove stuff about that.
[Tue May 30 20:52:14 2017] <t_swett> So let's introduce new opaque constants: compose_refl_left p : compose refl p = p and compose_refl_right p : compose p refl = p.
[Tue May 30 20:52:45 2017] <t_swett> Great, but now we have no way to prove that compose_refl_left refl = compose_reft_right refl (they both assert that compose refl refl = refl).
[Tue May 30 20:53:15 2017] <t_swett> So we introduce a *fourth* opaque constant: compose_refl_coherence : compose_refl_left refl = compose_refl_right refl.
[Tue May 30 20:58:05 2017] <t_swett> I feel like we're done at that point; we have everything we need in order to prove "everything".
[Wed May 31 00:25:43 2017] <t_swett> So the documentation says: "Notations do not survive the end of sections. They survive modules unless the command Local Notation is used instead of Notation."
[Wed May 31 00:25:49 2017] <t_swett> I must be misunderstanding something...
[Wed May 31 00:26:08 2017] <t_swett> I have a Module Type TPaths that defines a notation, and a Module Legacy (Paths : TPaths).
[Wed May 31 00:26:23 2017] <t_swett> Inside of Legacy, I can't see the notations defined in TPaths.
[Wed May 31 00:27:16 2017] <t_swett> If notations "survive modules", shouldn't I be able to see those notations? Maybe that's saying that they only survive actual modules, not module types?
[Wed May 31 00:27:34 2017] <t_swett> Or maybe the notation is available inside Legacy somehow, but I need to "import" it or something?
[Wed May 31 00:31:28 2017] <t_swett> Ah, here we go. "Import Paths" makes the notations visible.
[Wed May 31 01:36:24 2017] <dh`> speaking of notations, is there a paper on how they're set up?
[Wed May 31 07:42:57 2017] <lthms> hi all
[Wed May 31 07:51:03 2017] <lthms> I was wondering, do you all know if there is a way to deal with the “issue” describe into the following SO question: https://stackoverflow.com/questions/27322979/why-coq-doesnt-allow-inversion-destruct-etc-when-the-goal-is-a-type
[Wed May 31 07:51:22 2017] <lthms> that is, basically use `inverse` when the goal is something like `Prop` or a Type
[Wed May 31 07:52:58 2017] <Cypi> I mean, everything seems to be in the question and the answer: you can't, unless it's supposed to discharge the goal because you're inverting an absurdity, in which case you can do "exfalso" first
[Wed May 31 07:56:03 2017] <lthms> well the question is from 2014
[Wed May 31 07:56:11 2017] <lthms> I was hoping maybe it had changed
[Wed May 31 07:56:42 2017] <Cypi> It won't change, it is not some limitation or something, it is a specific intention that you cannot eliminate something in Prop when building something in Set/Type
[Wed May 31 07:57:23 2017] <Cypi> (It would probably make the logic inconsistent, even though I am no expert; at the very least, it would make it inconsistent with proof irrelevance)
[Wed May 31 07:58:45 2017] <lthms> I see
[Wed May 31 07:59:07 2017] <lthms> It does not work either when the goal is `Prop`, though
[Wed May 31 07:59:23 2017] <Cypi> Prop has type Type
[Wed May 31 07:59:24 2017] <lthms> but I can guess why it is not allowed
[Wed May 31 07:59:30 2017] <Cypi> You need a goal whose type is Prop
[Wed May 31 07:59:36 2017] <Cypi> (for instance, "False" has type Prop)
[Wed May 31 08:00:42 2017] <lthms> Okay I see, thanks
[Wed May 31 08:01:37 2017] <lthms> I will try a different approach, then
[Wed May 31 08:44:30 2017] <markhkim> I'm trying to define a key mapping for compile buffer on coqide. I modified ~/.config/coq/coqide.keys, but it rolls back every time I run coqide. Any idea as to what's going on?
[Wed May 31 09:42:10 2017] <dsm__> ;o;
[Thu Jun  1 04:50:38 2017] <dtornabene> does anyone have a good recomendation for a tutorial about the coqide or proof general with coq? Googling has turned up things that are either too general (pun not intended) or not relevant
[Thu Jun  1 17:08:42 2017] <Cale> Anyone know if there's a way to ask Coq to apply only a single particular conversion rule (e.g. just β or just ι)? It would be nice to be able to illustrate the βιδζη rules separately.
[Thu Jun  1 17:17:07 2017] <Cypi> cbv can take flags, see https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic132
[Thu Jun  1 17:30:30 2017] <Cale> Cypi: ahh, thanks!
[Thu Jun  1 23:03:12 2017] <relrod> I'm attempting an implementation of difference lists just for practice/learning. Having trouble proving to_from_id here, can someone point me in the right direction? https://gist.github.com/relrod/078228e200e90c4e59a4733068843545
[Fri Jun  2 00:34:23 2017] <dh`> hmm lemme see
[Fri Jun  2 00:49:24 2017] <dh`> I think the problem is that it's not true.
[Fri Jun  2 00:50:27 2017] <dh`> nothing says the xs that you passed to toList has to have been created with fromList, so it can have any function inside it.
[Fri Jun  2 00:51:58 2017] <cocreature> you should be able to prove something like toList xs = toList (fromList (toList xs))
[Fri Jun  2 00:52:35 2017] <dh`> he's already got toList (fromList xs) = xs
[Fri Jun  2 00:52:50 2017] <cocreature> oh right
[Fri Jun  2 00:56:11 2017] <jrw> relrod: I commented on the gist with a proof that your theorem is false.
[Fri Jun  2 00:57:52 2017] <relrod> jrw, dh`, cocreature: Oops, thank you! That wouldn't certainly explain why I can't prove it. :)
[Fri Jun  2 00:58:41 2017] <dh`> try this:
[Fri Jun  2 00:58:42 2017] <dh`> Definition wonkyList {a: Set} (l: list a) : DList a :=
[Fri Jun  2 00:58:42 2017] <dh`>   DL a (fun k => l ++ k ++ l).
[Fri Jun  2 00:58:44 2017] <dh`> :-)
[Fri Jun  2 00:59:03 2017] <relrod> yeah. Hrm.
[Fri Jun  2 01:01:56 2017] <dh`> the other issue is, if I understand what difference lists are supposed to be
[Fri Jun  2 01:02:09 2017] <dh`> that even if you sort out this administrative problem, it still won't be true
[Fri Jun  2 01:02:44 2017] <dh`> inasmuch as the point of difference lists seems to be that they're a lazy representation of a list construction that you eventually evaluate
[Fri Jun  2 01:03:09 2017] <dh`> once you evaluate it, the thing that you get is structurally different and so not equal, even if it represents the same list.
[Fri Jun  2 01:03:50 2017] <dh`> and so fromList (toList xs) will not be the same as xs because it's done this step.
[Fri Jun  2 01:04:40 2017] <dh`> equality in coq is structural, so you'll need instead to define a concpt of equivalence for difference lists
[Fri Jun  2 01:05:01 2017] <dh`> and prove enough stuff about that to be useful
[Fri Jun  2 01:05:24 2017] <dh`> (symmetric, reflexive, and transitive is a good start)
[Fri Jun  2 01:06:05 2017] <relrod> dh`: Okay. There's a chance I'm getting ahead of myself and should go back to CPDT (or SF - I'd been bouncing between them a while back). Just wanted to try something different and experiment.
[Fri Jun  2 01:06:19 2017] <relrod> I really appreciate the explanation!
[Fri Jun  2 01:06:28 2017] <dh`> I dunno, you might or might not be. It seems like a tractable exercise, but perhaps larger than you expected...
[Fri Jun  2 01:07:41 2017] <dh`> well, assuming you can sort out the administrative problem.
[Fri Jun  2 01:07:50 2017] <dh`> I'm not absolutely sure how to do that.
[Fri Jun  2 01:11:28 2017] <relrod> * nods
[Fri Jun  2 01:11:38 2017] <relrod> Alright, I'll keep playing and see what I can do
[Fri Jun  2 01:15:26 2017] <dh`> hmm
[Fri Jun  2 01:15:51 2017] <dh`> you'll need to not have a function inside the DList, since it basically needs to always (implicitly) be ++
[Fri Jun  2 01:16:06 2017] <dh`> and anything else will cause it to all go off the rails
[Fri Jun  2 01:16:22 2017] <cocreature> since relrod has already imported FunctionalExtensionality, shouldn’t dlists be equal if you use extensional equality?
[Fri Jun  2 01:16:53 2017] <dh`> I wonder if equivalence of DLists is adequately stated by saying they toList to the same list
[Fri Jun  2 01:18:02 2017] <relrod> dh`: that's what they do in the Haskell one: http://hackage.haskell.org/package/dlist-0.8.0.2/docs/src/Data-DList.html#line-221
[Fri Jun  2 01:19:13 2017] <relrod> Of course that doesn't mean much
[Fri Jun  2 01:22:04 2017] <jrw> relrod: I pushed an implementation here: https://github.com/wilcoxjay/notes/blob/master/DiffLists.v
[Fri Jun  2 01:22:26 2017] <jrw> the idea is that not just any function is allowed as a difference list, it has to be one that is a "prepender"
[Fri Jun  2 01:22:35 2017] <dh`> it means it worked for them...
[Fri Jun  2 01:22:39 2017] <dh`> anyway it seems to work
[Fri Jun  2 01:22:41 2017] <jrw> once you have that (and proof irrelevance), everything works.
[Fri Jun  2 01:23:17 2017] <dh`> I just did one based on this:
[Fri Jun  2 01:23:18 2017] <dh`> Inductive DList (a: Set) :=
[Fri Jun  2 01:23:18 2017] <dh`> | DLnil: DList a
[Fri Jun  2 01:23:18 2017] <dh`> | DLprepend: list a -> DList a -> DList a
[Fri Jun  2 01:23:18 2017] <dh`> .
[Fri Jun  2 01:23:37 2017] <jrw> it is a direct corollary of to_from_id that DLists are equal just when their toLists are equal.
[Fri Jun  2 01:23:52 2017] <dh`> but that's not very general.
[Fri Jun  2 01:25:57 2017] <dh`> yours uses a lot of hammers though, I wonder if I can simplify that :-)
[Fri Jun  2 01:26:26 2017] <relrod> jrw: Thank you :)
[Fri Jun  2 01:48:45 2017] <relrod> Thanks again for all the help, folks! :)
[Fri Jun  2 02:12:11 2017] <dh`> yeah, provided you're willing to have a DListEq instead of using =, it works out decently
[Fri Jun  2 02:15:42 2017] <dh`> http://codepad.org/46q5VciT
[Fri Jun  2 02:16:06 2017] <dh`> it's fairly clear where functional extensionality and proof irrelevance come in if you want to use =
[Fri Jun  2 02:19:02 2017] <relrod> dh`: is one approach more commonly accepted in practice than the other?
[Fri Jun  2 02:19:20 2017] <dh`> well, maybe
[Fri Jun  2 02:19:42 2017] <dh`> functional extensionality is a big hammer
[Fri Jun  2 02:20:11 2017] <dh`> also it seems inelegant to many people.
[Fri Jun  2 02:20:51 2017] <dh`> there is absolutely nothing *wrong* with it, but people still like to not use it if they don't need to.
[Fri Jun  2 02:20:59 2017] <relrod> * nods
[Fri Jun  2 02:22:15 2017] <dh`> on the other hand, being able to state x = y has a lot of advantages, because you can use "rewrite" freely
[Fri Jun  2 02:23:10 2017] <dh`> you can use rewrite with your own equivalences, but it requires typeclass instances to show that what you've got is actually an equivalence, and, more annoyingly, an additional instance for every context in which the rewrite is admissible
[Fri Jun  2 02:25:54 2017] <relrod> dh`: I guess I'm trying to figure out which is nicer to people, if the goal is a general purpose library that people can use (and not just writing it as part of some bigger project or something)
[Fri Jun  2 02:28:07 2017] <relrod> But I guess there's no "one size fits all" answer - if people hate extensionality, I guess they'll avoid using a library that depends on it. And if they require heavy use of rewrite, the other solution is a nonstarter.
[Fri Jun  2 02:33:31 2017] <dh`> it's not clear
[Fri Jun  2 02:33:48 2017] <dh`> designing libraries is hard in general, and designing libraries for coq is harder still.
[Fri Jun  2 02:40:50 2017] <dh`> it's hard to know even what functions to put in (e.g. there should obviously be a Definition fromItem A (x: A) := DL A (cons x) (cons_prepender A x).
[Fri Jun  2 02:40:55 2017] <dh`> but what else?
[Fri Jun  2 02:41:52 2017] <dh`> and figuring out what lemmas to include is a lot worse.
[Fri Jun  2 02:43:45 2017] <dh`> in principle you'd probably want every lemma defined on lists, but many of them will be intractable.
[Fri Jun  2 02:55:03 2017] <dh`> Another thing is, functional extensionality is one of those things you can sometimes avoid by rephrasing things slightly
[Fri Jun  2 02:58:47 2017] <relrod> dh`: as far as functions, I was roughly thinking: Most of the functions that the Haskell one has. But a lot of those seem to piggyback off of List
[Fri Jun  2 03:00:21 2017] <dh`> my advice would be: don't try to design a library just yet; it's good to think about this but do some other stuff first and come back to it
[Fri Jun  2 03:01:39 2017] <relrod> Fair enough. I'll start bouncing off CPDT and SF again and try not to get ahead of myself.
[Fri Jun  2 05:42:21 2017] <dtornabene> is anyone awake here?
[Fri Jun  2 05:43:57 2017] <dtornabene> getting a weird msg in proof general that wasn't showing up yesterday, not sure whats happening.  Its not recognizing coq files despite the files being from Software Foundations and are very much legit coq  scripts
[Fri Jun  2 05:46:25 2017] <dtornabene> fwiw proof general is loading I get the splash screen, but when I try basic commands I get "Proof Process not started!"
[Fri Jun  2 05:50:54 2017] <dtornabene> nothing?
[Fri Jun  2 12:47:17 2017] <jrw> dtornabene: have you loaded at least one line from the file? that error message indicates that PG just hasn't been fully initialized yet.
[Fri Jun  2 12:47:51 2017] <dtornabene> jrw: hey! thanks for responding, yeah it was that exactly
[Fri Jun  2 12:49:06 2017] <dtornabene> jrw: i'm *just* getting into using proof general and still very much in the stumbling around phase.  I didn't realize that despite the splash screen PG needs further initialization
[Fri Jun  2 12:54:53 2017] <jrw> glad you got it to work!
[Fri Jun  2 13:00:03 2017] <dtornabene> thanks, me too!
[Mon Jun  5 20:20:59 2017] <Cale> hmm :)
[Mon Jun  5 20:21:09 2017] <Cale> So I saw this question by zachk in #idris
[Mon Jun  5 20:21:12 2017] <Cale> <zachk> in the algebraic expression: (n * (n + 1))/2 where n is a Nat, how would I prove the numerator is always even or divisible by 2, and how would I prove the division by 2 is total in idris
[Mon Jun  5 20:21:30 2017] <Cale> and I decided just for fun to do it in Coq, because I was bored
[Mon Jun  5 20:22:09 2017] <Cale> http://lpaste.net/356060
[Mon Jun  5 20:22:27 2017] <Cale> The interesting thing is at the very end, when I try to compute using this
[Mon Jun  5 20:22:37 2017] <Cale> *some* triangular numbers will compute just fine
[Mon Jun  5 20:22:46 2017] <Cale> others result in an un-reduced mess :)
[Mon Jun  5 20:24:10 2017] <Cale> Oh, I can be more specific about that: for odd n, triangular n seems to compute okay
[Mon Jun  5 20:24:56 2017] <Cale> But even triangular 0 seems to get stuck.
[Mon Jun  5 20:57:11 2017] <roconnor> Cale: in zachk it does case analysis on even_adjacency
[Mon Jun  5 20:57:29 2017] <roconnor> essentially for odd numbers it does one branch and for even numbers it does another branch.
[Mon Jun  5 20:57:42 2017] <roconnor> only one of the two branches calls mult_comm
[Mon Jun  5 20:58:04 2017] <roconnor> mult_comm call a bunch of opaque lemmas such as mult_n_O and mult_n_Sm that do not reduce.
[Mon Jun  5 20:58:27 2017] <roconnor> plus_comm has similar opaque lemmas.
[Mon Jun  5 21:04:53 2017] <Cale> ahh
[Mon Jun  5 21:05:01 2017] <Cale> They're opaque, right
[Mon Jun  5 21:18:38 2017] <Cale> Yeah, that fixed it :)
[Mon Jun  5 21:18:58 2017] <Cale> annoying that even very basic things in the library are opaque
[Tue Jun  6 04:30:43 2017] <dh`> Cale: I'd go so far as to say as extracting code from theorems isn't a great plan
[Tue Jun  6 04:30:51 2017] <dh`> even when it works
[Tue Jun  6 04:33:25 2017] <dh`> better to write an explicit half function and then prove what you want to know about it
[Tue Jun  6 04:39:09 2017] <dh`> because I'm a nerd: http://codepad.org/SD7RSU2o
[Tue Jun  6 04:39:18 2017] <dh`> (with four different versions of half)
[Tue Jun  6 04:39:50 2017] <dh`> the dependently-typed one that knows it can't be passed odd numbers is a pain and a half to work with, though.
[Tue Jun  6 21:10:45 2017] <b7de> stupid question: I'm trying to prove associativity of addition, and I have this
[Tue Jun  6 21:10:51 2017] <b7de> a : NatPos
[Tue Jun  6 21:10:59 2017] <b7de> IHa : forall b c : NatPos, plus (plus a b) c = plus a (plus b c)
[Tue Jun  6 21:11:08 2017] <b7de> want to show
[Tue Jun  6 21:11:09 2017] <b7de> forall b c : NatPos, S (plus (plus a b) c) = S (plus a (plus b c))
[Tue Jun  6 21:11:16 2017] <b7de> you would just apply S to both sides of IHa
[Tue Jun  6 21:11:19 2017] <b7de> but I can't figure out how to do that
[Tue Jun  6 21:11:42 2017] <b7de> how should I prove this?
[Tue Jun  6 21:22:01 2017] <jrw> b7de: you can use the tactic f_equal to reduce your goal to your hypothesis.
[Tue Jun  6 21:22:10 2017] <b7de> thanks
[Tue Jun  6 21:23:15 2017] <dh`> that's a large hammer :-) there's a lemma about S x = S y -> x = y
[Tue Jun  6 21:23:23 2017] <dh`> try Search (S _ = S _).
[Tue Jun  6 21:23:42 2017] <dh`> (also one for x = y -> S x = S y)
[Tue Jun  6 21:26:07 2017] <b7de> it's my own custom S though
[Tue Jun  6 21:30:25 2017] <jrw> just use f_equal
[Tue Jun  6 21:31:30 2017] <b7de> ok
[Tue Jun  6 21:33:01 2017] <Cale> Uh... I don't think you should need f_equal.
[Tue Jun  6 21:33:13 2017] <Cale> What's your induction hypothesis say?
[Tue Jun  6 21:33:49 2017] <Cale> Well, I suppose it's fine to use f_equal, because it gets you to something which ought to be exactly your induction hypothesis
[Tue Jun  6 21:34:04 2017] <Cale> But you can probably also just rewrite by the induction hypothesis, and then use reflexivity.
[Tue Jun  6 21:48:53 2017] <Cale> .oO(Can we prove these two proofs of associativity are themselves equal, for each choice of a, b and c?)
[Tue Jun  6 21:50:14 2017] <Cypi_> Yes you can, because nat is an h-set (any two proofs of a = b are equal for any nat a and b)
[Tue Jun  6 22:49:58 2017] <Cale> right
[Tue Jun  6 22:50:58 2017] <Cale> At least, in principle we ought to be able to -- I'm not sure how to carry it out in plain Coq in detail.
[Tue Jun  6 22:53:02 2017] <Cypi_> One of the easy ways of proving this is to prove that equality is decidable (which it is for natural numbers)
[Tue Jun  6 22:53:05 2017] <Cypi_> See https://coq.inria.fr/library/Coq.Logic.Eqdep_dec.html
[Tue Jun  6 23:08:54 2017] <roconnor> That is a facinating file to rewrite.  If you want a bit of fun, start trying to do some of those proofs without looking at the solution; then once you give up copy out their solution to see what it is like.
[Wed Jun  7 07:16:42 2017] <piyush-kurur> I found the section on recursive Notation quite hard to follow in the reference manual. Is there any other source where I can read it from?
[Thu Jun  8 13:26:29 2017] <pete_8> I would like to install coq 8.4 on a fedora machine. How do I do that?
[Thu Jun  8 13:30:35 2017] <pete_8> Are there packages for the older versions of coq somewhere? Or, do I have to download the source code and build it myself?
[Fri Jun  9 08:28:51 2017] <heinrich5991> how do you model relations in coq?
[Fri Jun  9 08:29:03 2017] <heinrich5991> currently using a function A -> A -> bool.
[Fri Jun  9 08:29:20 2017] <heinrich5991> is there some way to express it as a subset of A * A?
[Fri Jun  9 08:29:57 2017] <Cypi> In the stdlib, relations are defined as A -> A -> Prop
[Fri Jun  9 08:30:00 2017] <Cypi> as in https://coq.inria.fr/library/Coq.Relations.Relation_Definitions.html
[Fri Jun  9 08:30:31 2017] <Cypi> yours would be decidable relations
[Fri Jun  9 08:31:10 2017] <heinrich5991> yes, in my case I'd prefer decidable relations I think
[Fri Jun  9 08:31:15 2017] <heinrich5991> trying to model finite graphs
[Fri Jun  9 08:32:07 2017] <piyush-kurur> Cypi: is there a better source (other than reference manual) for Notations involving recursion
[Fri Jun  9 08:32:08 2017] <heinrich5991> mh. is there a shorter version of `== true` for booleans?
[Fri Jun  9 08:32:26 2017] <piyush-kurur> I found the section all most ununderstandable
[Fri Jun  9 08:33:28 2017] <Cypi> heinrich5991: do you mean something like "is_true"?
[Fri Jun  9 08:33:39 2017] <Cypi> (it's just the function "fun b => b = true")
[Fri Jun  9 08:33:46 2017] <heinrich5991> yes
[Fri Jun  9 08:33:53 2017] <heinrich5991> ok, thanks
[Fri Jun  9 08:34:20 2017] <Cypi> piyush-kurur: I don't know, sorry. I'm using few notations in Coq, since I also find them to be complicated.
[Fri Jun  9 14:39:26 2017] <heinrich5991> I have a file CpdtTactics.v. I'd like to include it
[Fri Jun  9 14:39:40 2017] <heinrich5991> Require Import CpdtTactics. doesn't seem to work, even though I'm in the correct directory
[Fri Jun  9 14:53:43 2017] <heinrich5991> .
[Fri Jun  9 14:54:32 2017] <heinrich5991> unrelated: I have forall and existence quantors over finite types.
[Fri Jun  9 14:54:40 2017] <heinrich5991> can I ask coq to just check all possible cases?
[Fri Jun  9 14:55:07 2017] <modulus> you could destruct perhaps?
[Fri Jun  9 14:57:22 2017] <heinrich5991> I have something like forall x forall y forall z
[Fri Jun  9 14:59:34 2017] <heinrich5991> when I destruct, only the first variable is split up
[Fri Jun  9 15:01:09 2017] <modulus> destruct x; destruct y; destruct z.?
[Fri Jun  9 15:01:54 2017] <heinrich5991> ah great, thanks
[Fri Jun  9 15:01:57 2017] <heinrich5991> didn't know about ;
[Fri Jun  9 15:04:02 2017] <modulus> yw, hth. it's auseful tactical for things that branch a lot.
[Fri Jun  9 15:11:32 2017] <heinrich5991> can False -> (anything) be proven in coq?
[Fri Jun  9 15:12:12 2017] <modulus> False -> False can, i think, be proven.
[Fri Jun  9 15:12:46 2017] <modulus> actually False -> anything can be proven yeah.
[Fri Jun  9 15:14:06 2017] <modulus> use intro to get False as a  hypothesis, then destruct the hypothesis and you get it.
[Fri Jun  9 15:16:06 2017] <heinrich5991> mh. my situation is a tiny bit more complicated. I have true = false => (something)
[Fri Jun  9 15:16:12 2017] <heinrich5991> (the booleans true and false)
[Fri Jun  9 15:16:37 2017] <modulus> you should be able to apply simpl on that to get true = false as False
[Fri Jun  9 15:16:41 2017] <modulus> I think.
[Fri Jun  9 15:19:50 2017] <heinrich5991> how do I apply "simpl" to a hypothesis?
[Fri Jun  9 15:20:17 2017] <modulus> simpl in hypothesis, but i was wrong, simpl won't do it.
[Fri Jun  9 15:20:21 2017] <modulus> but inversion will.
[Fri Jun  9 15:20:25 2017] <modulus> so inversion in H or whatever
[Fri Jun  9 15:24:45 2017] <heinrich5991> yea, works
[Fri Jun  9 15:33:32 2017] <heinrich5991> so forall can be nicely destructed using `destruct`
[Fri Jun  9 15:33:49 2017] <heinrich5991> do you know what could be done for `exists`?
[Fri Jun  9 15:34:02 2017] <heinrich5991> I'd like coq to just try all the possible things.
[Fri Jun  9 15:44:55 2017] <johnw> what do you mean by "forall can be nicely destructed using `destruct`"?
[Fri Jun  9 16:24:36 2017] <heinrich5991> johnw: I mean that I get a hypothesis for each possible x:(finiteset)
[Fri Jun  9 16:24:45 2017] <heinrich5991> I'd like to get something similar for a `exists` clause
[Fri Jun  9 16:26:47 2017] <johnw> I still don't know what you mean, sorry
[Fri Jun  9 16:27:08 2017] <johnw> if you have H : exists x, ... in your context, then you can destruct H
[Fri Jun  9 16:27:48 2017] <heinrich5991> suppose I have an exists x:bool, x=true.
[Fri Jun  9 16:28:02 2017] <heinrich5991> I'd like coq to try x:=false and x:=true
[Fri Jun  9 16:28:13 2017] <johnw> you can then do: eexists; reflexivity
[Fri Jun  9 16:28:17 2017] <johnw> and it will pick "true"
[Fri Jun  9 18:03:24 2017] <heinrich5991> mh.
[Fri Jun  9 18:03:46 2017] <heinrich5991> my term is more complicated
[Fri Jun  9 18:03:51 2017] <heinrich5991> like
[Fri Jun  9 18:04:17 2017] <heinrich5991> Lemma a: exists b:bool, negb b = true.
[Fri Jun  9 18:04:28 2017] <heinrich5991> eexists works there, but I'm not sure what to do next.
[Fri Jun  9 18:43:02 2017] <jrw> heinrich5991: maybe something like this will do what you want: unshelve eexists; [constructor|]; reflexivity.
[Fri Jun  9 18:43:15 2017] <jrw> it's pretty fragile though
[Fri Jun  9 19:01:58 2017] <Cale> heinrich5991: exists false.
[Fri Jun  9 19:02:11 2017] <Cale> (and then reflexivity will finish)
[Fri Jun  9 19:23:53 2017] <jrw> Cale: he wants coq to search over all values of a finite type and see which one works.
[Sat Jun 10 04:01:52 2017] <heinrich5991> I'm not sure what you mean with [constructor|]
[Sat Jun 10 04:02:05 2017] <heinrich5991> in Lemma a: exists b:bool, neg b = true.
[Sat Jun 10 04:02:49 2017] <heinrich5991> I tried [constructor|], [true|], [bool|]. coq didn't like either of these, responding with a syntax error
[Sat Jun 10 04:07:08 2017] <johnw> does anyone know of a computational reflection tactic for finite FMaps whose structure is known?
[Sat Jun 10 04:07:33 2017] <johnw> i.e., a solver for statements of the form M.In x m, where m is a chain of M.add calls ending in M.empty
[Sat Jun 10 04:23:40 2017] <heinrich5991> ah, figured it out, you mean the tactic "constructor"
[Sat Jun 10 04:28:23 2017] <heinrich5991> Lemma ntrue : exists b:bool, negb b = true.
[Sat Jun 10 04:28:29 2017] <heinrich5991> unshelve eexists. constructor.
[Sat Jun 10 04:28:32 2017] <heinrich5991> 1 subgoal:
[Sat Jun 10 04:28:35 2017] <heinrich5991> negb true = true
[Sat Jun 10 04:29:33 2017] <heinrich5991> seems like coq decided to choose the wrong constructor
[Sat Jun 10 04:44:12 2017] <heinrich5991> ah, but with ; instead of . it works
[Sat Jun 10 04:44:19 2017] <heinrich5991> weird
[Sat Jun 10 04:49:55 2017] <heinrich5991> is there no tactic that transforms
[Sat Jun 10 04:50:24 2017] <heinrich5991> exists b:bool, notb b = true
[Sat Jun 10 04:50:26 2017] <heinrich5991> into
[Sat Jun 10 04:50:41 2017] <heinrich5991> (notb true = true) or (notb false = true)
[Sat Jun 10 04:53:24 2017] <cocreature> heinrich5991: what do you expect that to do if instead of bool you have some recursive type and there is an infinite number of possibilities?
[Sat Jun 10 04:56:08 2017] <heinrich5991> I only expect it to work for finite, non-recursive types
[Sat Jun 10 04:57:51 2017] <cocreature> fair enough. I don’t think there is something builtin for that
[Sat Jun 10 05:03:21 2017] <heinrich5991> how hard is it to build something like that? is it harder than easy?
[Sat Jun 10 05:05:00 2017] <johnw> it's not hard at all
[Sat Jun 10 05:05:19 2017] <johnw> now you're entering into Ltac territory
[Sat Jun 10 05:05:32 2017] <johnw> I don't know about "for any finite non-recursive type"
[Sat Jun 10 05:05:40 2017] <johnw> but for a known finite non-recursive type, certainly
[Sat Jun 10 05:06:20 2017] <Cypi> Where do you paste code? lpaste seems to be down
[Sat Jun 10 05:06:27 2017] <johnw> I like gists
[Sat Jun 10 05:07:15 2017] <Cypi> https://gist.github.com/cmangin/2ea76c4cac53606267502dbbd437c3a7
[Sat Jun 10 05:07:27 2017] <Cypi> this is basic, but this could work
[Sat Jun 10 05:07:43 2017] <Cypi> (even for an infinite type, if it explores it in the correct order)
[Sat Jun 10 05:08:12 2017] <johnw> neat
[Sat Jun 10 05:08:14 2017] <Cypi> "kont" is expected to fail if the instantiation is wrong (otherwise there is no way to tell if we chose the right argument for eexists)
[Sat Jun 10 05:09:46 2017] <heinrich5991> hm. should I try to understand this or just copy-paste it? ^^
[Sat Jun 10 05:10:03 2017] <heinrich5991> this declares new tactics, I guess
[Sat Jun 10 05:10:15 2017] <heinrich5991> what is generate_all supposed to do?
[Sat Jun 10 05:10:53 2017] <Cypi> Just read it, it's not very complicated :) . The only thing to know is that Ltac has a backtracking semantics. So when you write "idtac + generate_all", it first tries to apply "idtac" (which does nothing), proceeds with the rest of the tactics, and if the following tactics fail, it will try with "generate_all" instead
[Sat Jun 10 05:11:30 2017] <Cypi> To reformulate, if you write "(tac1 + tac2); tac", then Coq will try to do "tac1; tac", and if this fails it will do "tac2; tac"
[Sat Jun 10 05:12:02 2017] <Cypi> So in this case, generate_all is supposed to try any combination of constructors
[Sat Jun 10 05:13:02 2017] <heinrich5991> so this is something like constructor; (nothing; constructor; (nothing; constructor; ...)))
[Sat Jun 10 05:13:11 2017] <Cypi> yup
[Sat Jun 10 05:13:36 2017] <heinrich5991> so what does constructor; constructor do? use the second constructor?
[Sat Jun 10 05:13:40 2017] <Cypi> constructor is also backtracking, so actually it will try every combination of constructors in a sort of breadth-first fashion
[Sat Jun 10 05:13:46 2017] <Cypi> it applies one constructor, then another constructor
[Sat Jun 10 05:13:59 2017] <Cypi> (well, not "another")
[Sat Jun 10 05:14:09 2017] <heinrich5991> so it would be recursive, like the second constructor would try things like "S(S 0)"?
[Sat Jun 10 05:15:04 2017] <Cypi> The second constructor would try either "S O" or "S (S ?)"
[Sat Jun 10 05:15:57 2017] <Cypi> Just to be clear: generate_all is exactly equivalent to "constructor + (constructor; constructor) + (constructor; constructor; constructor) + ..."
[Sat Jun 10 05:16:05 2017] <heinrich5991> yes
[Sat Jun 10 05:16:27 2017] <Cypi> and constructor itself will try every constructor in order (again, with this backtracking semantics of Ltac)
[Sat Jun 10 05:16:41 2017] <heinrich5991> so "constructor" will already try both?
[Sat Jun 10 05:16:58 2017] <Cypi> both constructors, yes
[Sat Jun 10 05:17:01 2017] <heinrich5991> ah, and check if the further applied tactics (after ;) are ok
[Sat Jun 10 05:17:10 2017] <Cypi> in the case of your finite types this is probably enough, if they are not recursive
[Sat Jun 10 05:17:15 2017] <heinrich5991> yes
[Sat Jun 10 05:17:49 2017] <heinrich5991> can I nest try_all?
[Sat Jun 10 05:17:53 2017] <Cypi> nest?
[Sat Jun 10 05:18:04 2017] <heinrich5991> try_all (try_all reflexivity) and try_all try_all reflexivity don't seem to work
[Sat Jun 10 05:18:20 2017] <heinrich5991> for two existentials
[Sat Jun 10 05:18:56 2017] <Cypi> try_all ltac:(try_all reflexivity)
[Sat Jun 10 05:19:10 2017] <Cypi> you need to indicate to Coq that is a Ltac term, not a Gallina term
[Sat Jun 10 05:19:19 2017] <Cypi> (quotations are kind of messed up in Ltac currently)
[Sat Jun 10 05:19:43 2017] <heinrich5991> The reference try_all was not found in the current environment.
[Sat Jun 10 05:19:54 2017] <heinrich5991> nvm
[Sat Jun 10 05:19:58 2017] <heinrich5991> missed the colon
[Sat Jun 10 05:22:25 2017] <Cypi> If your types are not recursive, honestly you can be more simple: just write "unshelve eexists; [constructor|]; reflexivity" like it was suggested earlier
[Sat Jun 10 05:22:49 2017] <heinrich5991> true
[Sat Jun 10 05:22:56 2017] <heinrich5991> I'm still trying to figure out the final tactic
[Sat Jun 10 05:23:12 2017] <Cypi> also, you don't need try_all to take a continuation, since it really only uses it at the end, you could write "Ltac try_all := unshelve eexists; [solve[generate_all]|]." and then do "try_all; try_all; reflexivity"
[Sat Jun 10 05:23:35 2017] <heinrich5991> it's a term of the form fn1 a b = true /\ fn2 b a = true.
[Sat Jun 10 05:23:51 2017] <heinrich5991> auto etc. don't fail if they can't reduce the term
[Sat Jun 10 05:24:08 2017] <heinrich5991> but auto solves the goal if it can reduce it
[Sat Jun 10 05:24:26 2017] <heinrich5991> so I'm currently trying to find a tactic that fails if it can't evaluate the term
[Sat Jun 10 05:24:36 2017] <Cypi> wouldn't "split; reflexivity" work?
[Sat Jun 10 05:25:16 2017] <heinrich5991> yes
[Sat Jun 10 05:25:33 2017] <heinrich5991> (you see that I'm not very familiar with coq :/ )
[Sat Jun 10 05:27:14 2017] <Cypi> (it's alright, we all were there at some point :) )
[Sat Jun 10 05:30:37 2017] <heinrich5991> so.... I have a three proposition joined with conjunction, not two
[Sat Jun 10 05:30:47 2017] <heinrich5991> I tried split; [split|]; reflexivity
[Sat Jun 10 05:32:40 2017] <Cypi> you could even do "repeat split; reflexivity" to be a little bit more extensible
[Sat Jun 10 05:33:03 2017] <heinrich5991> oh, I forgot the line: but it doesn't work
[Sat Jun 10 05:33:14 2017] <Cypi> hmm
[Sat Jun 10 05:33:14 2017] <heinrich5991> it says "no applicable tactic"
[Sat Jun 10 05:33:27 2017] <heinrich5991> but yours does
[Sat Jun 10 05:34:24 2017] <Cypi> ah right, it should have been [|split] instead of [split|]
[Sat Jun 10 05:34:34 2017] <Cypi> because the split remains in the second subgoal, not the first one
[Sat Jun 10 05:34:58 2017] <heinrich5991> [a|b] doesn't mean "try a and b"?
[Sat Jun 10 05:35:12 2017] <Cypi> no, it means "do a on first subgoal, do b on second subgoal"
[Sat Jun 10 05:35:17 2017] <heinrich5991> ah
[Sat Jun 10 05:35:23 2017] <Cypi> "try a and if it fails b" is "a + b"
[Sat Jun 10 05:35:50 2017] <Cypi> "a || b" is also "try a and if it fails b", but it is not backtracking
[Sat Jun 10 05:40:15 2017] <heinrich5991> where do you learn these tactic combinators?
[Sat Jun 10 05:40:29 2017] <heinrich5991> (also: I now found a error in my hypothesis :) )
[Sat Jun 10 05:40:59 2017] <Cypi> Well, some are taught about in various books (like Software Foundations). There is also this https://coq.inria.fr/refman/tactic-index.html which is a very useful index
[Sat Jun 10 05:46:15 2017] <heinrich5991> hm
[Sat Jun 10 05:47:08 2017] <heinrich5991> it works now
[Sat Jun 10 05:47:46 2017] <heinrich5991> definitely thanks for your help, I wouldn't have made it this far :)
[Wed Jun 14 08:59:23 2017] <cocreature> Hey, is there some tactic that can solve https://gist.github.com/cocreature/ee620862ecd8c4c3b6b7fe1bb59e6d27 automatically?
[Wed Jun 14 08:59:34 2017] <cocreature> so some kind of auto that automatically deals with <->?
[Wed Jun 14 09:03:07 2017] <cocreature> I guess I could just write my own that first destructs all equivalences and then calls eauto
[Wed Jun 14 09:04:03 2017] <modulus> not sure, would substs help?
[Wed Jun 14 09:04:26 2017] <artart78> hm I thought about 'congruence' but it might only handle equalities
[Wed Jun 14 09:04:45 2017] <cocreature> artart78: yeah I tried that already and sadly it doesn’t work
[Wed Jun 14 09:05:07 2017] <cocreature> modulus: "substs"? do you mean "subst"? if so that only handles equalities (afaik) and doesn’t work here (I tried it)
[Wed Jun 14 09:05:33 2017] <artart78> but how many such goals do you have cocreature?
[Wed Jun 14 09:06:13 2017] <cocreature> artart78: not that many but it’s a pattern I’ve seen come up several times and it seems simple enough that there might be builtin automation for it (yes I’m lazy)
[Wed Jun 14 09:06:16 2017] <modulus> yes sorry, i did mean subst.
[Wed Jun 14 09:08:31 2017] <artart78> if you split the equivalence you should be able to do "apply (H H1)" which doesn't take much characters (or you could put it in the context when H1 is introduced)
[Wed Jun 14 09:08:58 2017] <cocreature> artart78: if I split the equivalence I can also just use eauto :)
[Wed Jun 14 09:09:18 2017] <cocreature> and even without splitting "apply H; eauto" works
[Wed Jun 14 09:09:37 2017] <artart78> did you try tauto, firstorder?
[Wed Jun 14 09:09:42 2017] <cocreature> yep
[Wed Jun 14 09:10:10 2017] <artart78> ok, too bad :p
[Wed Jun 14 09:10:26 2017] <cocreature> it’s no big deal, thanks for your help anyway :)
[Wed Jun 14 15:05:53 2017] <zachk> yay proofs in Coq seem much easier now that I am getting the hang of it,
[Wed Jun 14 15:06:09 2017] <zachk> though a google search for coq ring (tactic) showed some bad images :(
[Thu Jun 15 04:48:21 2017] <cocreature> what exactly am I supposed to pass for the relation argument in "setoid_replace t with t' using relation rel"?
[Thu Jun 15 04:49:09 2017] <cocreature> ah it’s the name of the actual relation that is an instance of Equivalence not the name declared in "Add Parametric Relation"
[Fri Jun 16 01:21:24 2017] <johnw> just finished a bunch of proofs that drained a TON of life away this past wee
[Fri Jun 16 01:21:30 2017] <johnw> that feeling is why we do it
[Fri Jun 16 02:32:07 2017] <johnw> does any know of code for computing the congruence closure of equivalences over list membership?
[Fri Jun 16 09:27:28 2017] <andrejbauer> Anyone out there?
[Fri Jun 16 10:49:02 2017] <dredozubov_> Require Import Coq.omega.Omega.  works fine, but then on `assert (Hle': i1' <= i2') by omega.` I get `Error: The reference omega was not found in the current environment. `
[Fri Jun 16 10:49:42 2017] <dredozubov_> any ideas how to fix that?
[Fri Jun 16 10:53:22 2017] <dredozubov_> retracting the whole module helped for some reason
[Fri Jun 16 10:53:38 2017] <dredozubov_> i guess i've stumbled upon a PG bug or something
[Fri Jun 16 11:02:27 2017] <modulus> isn't it Omega?
[Fri Jun 16 16:31:17 2017] <hanshansen> when I use the Mathematical proof language (chaper 11 in the coq manual) and proof something simple like  Lemma Bla (A : Prop): A -> A.
[Fri Jun 16 16:31:20 2017] <hanshansen> like this :
[Fri Jun 16 16:31:35 2017] <hanshansen> assume A. thus thesis. end proof.
[Fri Jun 16 16:32:14 2017] <hanshansen> coq tells me: No more subgoals, but there are non-instantiated existential variables
[Fri Jun 16 16:32:39 2017] <hanshansen> why is that so ? did I miss something ? Or is that normal ?
[Fri Jun 16 16:48:58 2017] <hanshansen> well and the message also contains :
[Fri Jun 16 16:49:00 2017] <hanshansen> ?Goal : [a : Prop  _hyp : a |- a]
[Fri Jun 16 16:49:10 2017] <hanshansen> You can use Grab Existential Variables.
[Fri Jun 16 22:00:09 2017] <pacak> Is it possible to make output from coqc  a bit more verbose? Currently it says "There are pending proofs" and that's not helpful at all.
[Fri Jun 16 23:53:28 2017] <colonelj> hi I'm reading https://spin.atomicobject.com/2012/11/11/unifying-programming-and-math-the-dependent-type-revolution/
[Fri Jun 16 23:53:57 2017] <colonelj> it says that in dependent types you can use a constant 2 and % (remainder) operator to create a type of odd numbers
[Fri Jun 16 23:54:11 2017] <colonelj> how is this possible in Coq?
[Sat Jun 17 00:09:02 2017] <colonelj> is it just made up bollocks and this sort of thing isn't possible?
[Sat Jun 17 01:00:40 2017] <colonelj> the closest thing I can find is like on here (second answer) https://stackoverflow.com/questions/10834168/how-to-define-a-limited-domain-in-coq
[Sat Jun 17 01:01:13 2017] <colonelj> where you could have { x : nat | is_odd x }
[Sat Jun 17 02:03:00 2017] <dh`> you can probably write { x : nat | x % 2 = 1 }
[Sat Jun 17 04:12:40 2017] <cocreature> How can I see the precedence of a notation? "Print Visibility", "Print Scopes", "Locate notation" all don’t seem to include that info
[Sat Jun 17 19:49:59 2017] <hcp> hi irc, just a quick question. if you define "eq" with one less parameter, i'm pretty sure you get an equivalent type (as in, if you were to do "Inductive eq (A:Type) : A -> A -> Prop := ..." it works out fine), but does it work if you do it with no parameters at all? or do you define a weaker equality if you do so?
[Sat Jun 17 19:53:52 2017] <Cypi> You can prove they are equivalent: http://lpaste.net/356317
[Sat Jun 17 19:54:39 2017] <hcp> oh hey, thanks!
[Sat Jun 17 19:54:49 2017] <hcp> i'm gonna take a better look at this.
[Mon Jun 26 21:15:29 2017] <lambda-11235> How would I prove 0 <> 1 using tactics.
[Mon Jun 26 21:21:36 2017] <benzrf> lambda-11235: you can't, it's false
[Mon Jun 26 21:23:15 2017] <benzrf> oh wait im a moron
[Mon Jun 26 21:24:00 2017] <benzrf> lambda-11235: intro, then inversion on the hypothesis
[Mon Jun 26 21:24:07 2017] <pacak> intros H, inversion H.
[Mon Jun 26 21:25:10 2017] <pacak> you can "unfold not." as the first step to make it less magical.
[Mon Jun 26 21:27:02 2017] <lambda-11235> benzrf, pacak: Thanks.
[Mon Jun 26 23:30:21 2017] <dh`> for 0 <> 1, just "discriminate" is likely sufficient
[Tue Jun 27 03:03:24 2017] <malkss> Anyone think they can break my hashing function? (this is just a fun challenge I made): http://ideone.com/nSJa45 Goal: Determine the plaintext of the following hash: d0c0c93dcff308d1
[Tue Jun 27 03:03:32 2017] <malkss> This is an attempt to solve it: https://pastebin.com/raw/5cWSdmxe and another attempt: https://gist.github.com/arisada/122658db10c0868bba00c6f87547896b
[Tue Jun 27 03:03:47 2017] <malkss> 100USD to anyone who manages to solve/break it! :)
[Tue Jun 27 03:07:53 2017] <pacak> this spammer again....
[Tue Jun 27 03:08:18 2017] <malkss> I keep disconnecting
[Tue Jun 27 13:10:50 2017] <kdridi> hey guys! i'm trying to train myself with frama-c + wp by implementing exercizes on hackerrank. it's quite difficult for a newbie like me. do you know any github repository that tries to do that ?
[Wed Jun 28 00:59:39 2017] <dh`> if I have some random theorem about a type foo, is there any way to write down something generic that matches the theorem's type?
[Wed Jun 28 00:59:48 2017] <dh`> something like foo -> Prop, except that doesn't work
[Wed Jun 28 01:39:27 2017] <dh`> Error: Not the right number of induction arguments (expected ).
[Wed Jun 28 01:39:32 2017] <dh`> lovely
[Wed Jun 28 01:43:31 2017] <pacak> Yea, error messages are terrible :(
[Wed Jun 28 01:44:24 2017] <dh`> is there something in the manual somewhere that documents how custom induction hypotheses need to be laid out and then how to use them?
[Wed Jun 28 01:44:33 2017] <dh`> I have been unable to find anything, but maybe I'm dumb
[Wed Jun 28 01:44:48 2017] <dh`> and it's really unrewarding to experiment by trial and error
[Wed Jun 28 01:45:28 2017] <pacak> Manuals are also bad :)
[Wed Jun 28 01:45:59 2017] <pacak> dh`: software foundations shows some nice examples for induction hypotheses
[Wed Jun 28 01:46:11 2017] <dh`> I have some examples :-/
[Wed Jun 28 01:46:36 2017] <dh`> the first time I did it, I spent hours arguing with "cannot recognize the branches of an induction hypothesis"
[Wed Jun 28 01:47:05 2017] <pacak> With explanations. At least after reading those I was able to write some of my own. But it might be related to my experience with haskell and other stuff.
[Wed Jun 28 01:47:10 2017] <dh`> right now I'm trying to write something that uses two props
[Wed Jun 28 01:48:01 2017] <dh`> I wrote the thing and proved it, trying to use it gives various brokenness but the one that seems to go farthest gives "Unable to find an instance for the variable P"
[Wed Jun 28 01:48:34 2017] <dh`> oh well, I'll have a look
[Wed Jun 28 01:54:26 2017] <dh`> ...so I try using "my_ind (fun _ => Prop)" and now it tells me that it can't unify (fun _ => Prop) x with string
[Wed Jun 28 02:46:03 2017] <dh`> that was unfortunately not that helpful
[Wed Jun 28 02:46:03 2017] <dh`> oh well
[Wed Jun 28 02:46:05 2017] <dh`> time to sleep
[Wed Jun 28 03:01:38 2017] <dh`> although the stuff about applying induction hypotheses directly without the induction tactic was kinda interesting
[Wed Jun 28 03:02:28 2017] <dh`> but I don't understand something
[Wed Jun 28 03:03:19 2017] <dh`> if you can apply a theorem of the form forall (P: thing -> Prop), stuff -> forall x, P x
[Wed Jun 28 03:03:37 2017] <dh`> to a goal of the form e.g. forall x, x = thingy
[Wed Jun 28 03:03:59 2017] <dh`> and it instantiates P with x = thingy
[Wed Jun 28 03:04:29 2017] <dh`> why... waitasec
[Wed Jun 28 03:25:29 2017] <johnw> still have a question?
[Wed Jun 28 10:09:20 2017] <yhhko> i'm getting started with coq (having a background in agda). what is the resource that you use for day-to-day referencing? e.g. what certain coq commands or tactics do?
[Wed Jun 28 10:11:05 2017] <benzrf> the regular old coq documentation website is pretty decent
[Wed Jun 28 10:11:34 2017] <yhhko> also, what does the postfix @{} mean in "Lemma MyLemma@{} : SomeTime."?
[Wed Jun 28 10:11:42 2017] <yhhko> sometype*
[Wed Jun 28 10:12:17 2017] <yhhko> benzrf: okay, so you'd have a browser in the background with the list of all tacics open or something?
[Wed Jun 28 10:12:24 2017] <yhhko> or you just kinda know them by heart
[Wed Jun 28 10:15:08 2017] <benzrf> re: @{}, im not sure, i havent seen that
[Wed Jun 28 10:15:21 2017] <benzrf> i mostly pull up the tactic list when i need to check something
[Wed Jun 28 10:15:24 2017] <benzrf> the basic ones stick with u
[Wed Jun 28 10:44:07 2017] <yhhko> what are the exclamation marks i see in front of some types and terms?
[Thu Jun 29 01:03:01 2017] <dh`> johnw: not last night :-)
[Thu Jun 29 01:03:30 2017] <dh`> although I do now
[Thu Jun 29 01:03:44 2017] <johnw> hi
[Thu Jun 29 01:03:53 2017] <johnw> I'm here this time, ask away
[Thu Jun 29 01:04:41 2017] <dh`> I can write "remember (fun (l m n: list A) => l ++ m ++ n = (l ++ m) ++ n) as P
[Thu Jun 29 01:04:52 2017] <dh`> and instantiate it with app_assoc when needed
[Thu Jun 29 01:05:45 2017] <dh`> but I don't suppose there's any way to transform that construct
[Thu Jun 29 01:06:07 2017] <dh`> e.g. if I were writing stuff on paper I might say P[B/A] to make a different prop that's about lists of B
[Thu Jun 29 01:06:32 2017] <johnw> I'm not following you
[Thu Jun 29 01:06:44 2017] <dh`> well, I can write that and get P
[Thu Jun 29 01:07:03 2017] <dh`> what I'd like to do is generate a Q that's the same except with, actually, list ascii replaced by string
[Thu Jun 29 01:07:21 2017] <dh`> (I'm still trying to find a general way to use list lemmas to prove string lemmas)
[Thu Jun 29 01:08:04 2017] <dh`> I can write down fun (l m n: string) => (l ++ m ++ n)%string = ((l ++ m) ++ n)%string
[Thu Jun 29 01:08:10 2017] <dh`> but that doesn't actually help
[Thu Jun 29 01:08:18 2017] <johnw> ++ in those two cases are different functions
[Thu Jun 29 01:08:21 2017] <dh`> (by the time you do that, you might as well just go and prove it directly)
[Thu Jun 29 01:08:47 2017] <dh`> yeah, so it actually needs to substitute both the type and the function
[Thu Jun 29 01:09:08 2017] <dh`> but I could still write that on paper as P[string/list ascii][append/app]
[Thu Jun 29 01:11:20 2017] <johnw> are you asking for a way to automatically transport proofs into proofs on other types and functions?
[Thu Jun 29 01:11:20 2017] <dh`> I can't do it as tactics using rewrite because one has to do both substitutions at once.
[Thu Jun 29 01:11:24 2017] <dh`> yeah
[Thu Jun 29 01:11:32 2017] <johnw> wrong type theory :)
[Thu Jun 29 01:11:38 2017] <dh`> heh, figures
[Thu Jun 29 01:12:12 2017] <johnw> there's a thing called heterogenous relations that will do what you wan
[Thu Jun 29 01:12:13 2017] <johnw> t
[Thu Jun 29 01:12:18 2017] <johnw> but, you'll still have to prove all the correspondences
[Thu Jun 29 01:23:42 2017] <dh`> last night's questions were prompted by trying to do an induction scheme using two props
[Thu Jun 29 01:23:49 2017] <dh`> (couldn't get it to go)
[Thu Jun 29 01:25:00 2017] <dh`> what I was hoping to do there was to be able to change a string goal to a related one about lists (or vice versa)
[Thu Jun 29 01:26:06 2017] <dh`> but even after I stopped trying to make the induction tactic accept my crazy things and just started applying them directly, I couldn't find a useful way to relate the prop on strings to the corresponding propon lists.
[Thu Jun 29 01:26:11 2017] <johnw> that can be done with a soundness proof
[Thu Jun 29 01:26:33 2017] <johnw> the relating can be done with heterogeneous relatinos
[Thu Jun 29 01:27:10 2017] <dh`> if you construct one from the other by applying the function that converts strings to lists of char... then all you get out is the original goal
[Thu Jun 29 01:27:13 2017] <johnw> you relate two domains, type A and B, with a series of proofs A -> B -> Prop that show how operations relate to each other.  And then show that a proof on B can be satisfied by a proof on A.
[Thu Jun 29 01:27:36 2017] <dh`> that's what I've been trying to do! but apparently I suck
[Thu Jun 29 01:27:48 2017] <johnw> so, you want to do it with list ascii and string, right?
[Thu Jun 29 01:27:53 2017] <dh`> yeah
[Thu Jun 29 01:28:00 2017] <johnw> one sec
[Thu Jun 29 01:28:24 2017] <johnw> oh, a string is bijective with a list of ascii
[Thu Jun 29 01:28:28 2017] <johnw> so this is easy
[Thu Jun 29 01:30:55 2017] <dh`> maybe if you have the right angle to look at it from :-/
[Thu Jun 29 01:33:13 2017] <johnw> does this help get you started: https://gist.github.com/becb22998827cba09a94e379c24a9643
[Thu Jun 29 01:33:34 2017] <johnw> you should be able to write an induction principle for strings that inducts them as lists of ascii, etc.
[Thu Jun 29 01:34:50 2017] <johnw> that soundness proof is needless complicated, btw
[Thu Jun 29 01:35:04 2017] <dh`> I did not think of that denote_sound, let me see if that helps
[Thu Jun 29 01:35:06 2017] <dh`> already have the rest
[Thu Jun 29 01:36:04 2017] <johnw> these same tricks work even if there's only an adjunction, so it's a useful trick to play with
[Thu Jun 29 01:58:39 2017] <dh`> this doesn't seem to lead anywhere better :(
[Thu Jun 29 02:00:11 2017] <johnw> I think the kind of automation you're hoping for isn't something you're going to find
[Thu Jun 29 02:00:25 2017] <johnw> without doing just as much work as you're hoping to avoid
[Thu Jun 29 02:05:30 2017] <dh`> it's not so much work I'm hoping to avoid (already done most of it) as trying to come up with a tidy library
[Thu Jun 29 02:06:02 2017] <dh`> even if I can get something to work though I don't think it's going to be clean enough to put in the standard string library
[Thu Jun 29 02:12:22 2017] <dh`> everything I've come up with so far requires giving a string -> Prop and a list ascii -> Prop and a proof that they're equivalent... which in general seems to subsume the proof of the string prop
[Thu Jun 29 02:13:48 2017] <dh`> which is where the question about substitutions comes in: if I can make the list ascii -> Prop out of the string -> Prop then I can do that and supply a proof of the list prop
[Thu Jun 29 02:14:03 2017] <dh`> and since they're structurally equivalent it seems like it *ought* to be possible...
[Thu Jun 29 02:14:10 2017] <dh`> but it doesn't seem to actually work.
[Thu Jun 29 02:15:25 2017] <johnw> you should be able to turn any string -> Prop into a list ascii -> Prop just using composition
[Thu Jun 29 02:33:34 2017] <dh`> you can, but it doesn't get you any traction on anything
[Thu Jun 29 02:35:20 2017] <dh`> e.g. if you do that and try to prove append_assoc, what it does is change the goal (a ++ b ++ c)%string = ((a ++ b) ++ c)%string to (denote xs ++ denote ys ++ denote zs)%string = ((denote xs ++ denote ys) ++ denote zs)%string
[Thu Jun 29 02:35:36 2017] <dh`> which accomplishes roughly less than O(nothing)
[Thu Jun 29 02:54:28 2017] <johnw> I guess I'd need a real example at this point
[Thu Jun 29 03:05:49 2017] <dh`> I have ~400 lines of crap but nothing worth sharing
[Thu Jun 29 03:06:55 2017] <dh`> basically the goal is to prove this by using app_assoc:
[Thu Jun 29 03:06:56 2017] <dh`> Lemma append_assoc:
[Thu Jun 29 03:06:56 2017] <dh`>    forall s t u,
[Thu Jun 29 03:06:56 2017] <dh`>    (s ++ (t ++ u)%string)%string = ((s ++ t)%string ++ u)%string.
[Thu Jun 29 03:07:15 2017] <dh`> although it's probably a bad choice since it has three strings in it
[Thu Jun 29 03:07:16 2017] <johnw> ah, I see
[Thu Jun 29 03:07:33 2017] <johnw> let me try
[Thu Jun 29 03:07:59 2017] <dh`> maybe app_comm_cons would be easier
[Thu Jun 29 03:08:42 2017] <dh`> or rather
[Thu Jun 29 03:08:54 2017] <dh`> prove that by using app_assoc by applying generic machinery of some kind
[Thu Jun 29 03:08:58 2017] <dh`> you can do it directly
[Thu Jun 29 03:09:44 2017] <dh`> given
[Thu Jun 29 03:09:45 2017] <dh`> Lemma append_is_app:
[Thu Jun 29 03:09:46 2017] <dh`>    forall s t,
[Thu Jun 29 03:09:46 2017] <dh`>    string_of_charlist (charlist_of_string s ++ charlist_of_string t) =
[Thu Jun 29 03:09:47 2017] <dh`>       (s ++ t)%string.
[Thu Jun 29 03:10:48 2017] <dh`> you rewrite with that, then use charlist_of_string (string_of_charlist cs) = cs
[Thu Jun 29 03:10:54 2017] <dh`> and that gets you something you can use app_assoc on
[Thu Jun 29 03:11:00 2017] <johnw> https://gist.github.com/1c13db1b314bb743d7e41d54a2b1703d
[Thu Jun 29 03:11:01 2017] <dh`> but that isn't generic
[Thu Jun 29 03:11:45 2017] <johnw> reify_append is a heterogenous relation
[Thu Jun 29 03:11:58 2017] <johnw> relating a function string -> string -> string to ...
[Thu Jun 29 03:12:03 2017] <johnw> but like I said
[Thu Jun 29 03:12:10 2017] <johnw> you don't get this for free, without building up the theory
[Thu Jun 29 03:12:35 2017] <johnw> for example, this lib makes things a bit easier: https://github.com/CertiKOS/coqrel
[Thu Jun 29 03:12:42 2017] <johnw> but it doesn't give you the library of theory that you'll need
[Thu Jun 29 03:12:50 2017] <dh`> hrmm
[Thu Jun 29 03:13:24 2017] <dh`> so
[Thu Jun 29 03:14:11 2017] <dh`> why didn't I write down reify_append last night in place of the append_is_app thing I posted above?
[Thu Jun 29 03:14:17 2017] <dh`> because I'm an idiot, apparently
[Thu Jun 29 03:14:31 2017] <dh`> * blames it on lack of sleep and trying to do this stuff at 3am
[Thu Jun 29 03:14:41 2017] <johnw> well, i've been working on computational reflection procedures for the last two weeks, so this is how I think about things right now
[Thu Jun 29 03:23:30 2017] <dh`> that's not an excuse :-) I know how to write the definition of a homomorphism
[Thu Jun 29 03:24:48 2017] <dh`> although actually I think what you've got there and what I had yesterday before I started screwing around with induction schemes aren't actually that different
[Thu Jun 29 03:26:22 2017] <dh`> and neither is very generic in the sense that I'm chasing after
[Thu Jun 29 03:26:28 2017] <dh`> I think what I'm chasing after isn't possible
[Thu Jun 29 03:26:43 2017] <johnw> at least for now I think you're right, but I could be convinced
[Thu Jun 29 03:27:43 2017] <dh`> (what I'm after is a proof of that with something like "induction s using magic. apply app_assoc."
[Thu Jun 29 03:27:49 2017] <dh`> )
[Thu Jun 29 03:31:42 2017] <dh`> or as close to that as possible
[Thu Jun 29 03:31:56 2017] <dh`> I was thinking that yours is more ltac'able than my version, but I'm not sure it actually is
[Thu Jun 29 03:32:25 2017] <johnw> it's pretty ltac'able
[Thu Jun 29 03:32:37 2017] <dh`> why is apply denote_sound twice a nop?
[Thu Jun 29 03:32:38 2017] <johnw> you just need to recurse over the terms and break down all the possible operations
[Thu Jun 29 03:33:15 2017] <dh`> istm that it ought to tack on another denote (reify _) on each application
[Thu Jun 29 03:33:28 2017] <johnw> it's a bi-implication at the moment
[Thu Jun 29 03:34:07 2017] <dh`> even so, shouldn't it always go forward by default?
[Thu Jun 29 03:34:16 2017] <johnw> dunno
[Thu Jun 29 03:35:09 2017] <dh`> you can't rewrite with it even though it's a <->, at least in that context, so there must be something about matching the prop that's not behaving the way I expect
[Thu Jun 29 03:35:36 2017] <dh`> anyway I think I'll stop chasing this particular windmill
[Thu Jun 29 03:36:35 2017] <dh`> thanks for your help :-)
[Thu Jun 29 03:36:55 2017] <johnw> if you can call it that :)
[Thu Jun 29 12:37:14 2017] <mjacob> is there any documentation on coq's type inference?
[Sun Jul  9 02:38:14 2017] <qwertyyyy> is there a theorem in the library that basically rewrite stuff like this :  S n = 1 + n (I can't seem to find it ...)
[Sun Jul  9 02:42:48 2017] <modulus> reflexivity will solve that goal. if you need to do a rewrite you could assert it by reflexivity.
[Sun Jul  9 02:42:59 2017] <Cypi> "S n" is definitionally the same as "1 + n". But you do have "plus_n_Sm: forall n m : nat, S (n + m) = n + S m" and "plus_Sn_m: forall n m : nat, S n + m = S (n + m)". In particular, "plus_Sn_m 0 n : 1 + n = S n"
[Sun Jul  9 02:44:33 2017] <Cypi> Nat.add_1_l: forall n : nat, 1 + n = S n
[Sun Jul  9 02:44:33 2017] <Cypi> Nat.add_1_r: forall n : nat, n + 1 = S n
[Sun Jul  9 02:44:37 2017] <Cypi> These two seem to exist, too
[Sun Jul  9 02:45:09 2017] <modulus> hmm i tried search about and didn't find those, nice.
[Sun Jul  9 02:45:23 2017] <qwertyyyy> ok thank you both :)
[Sun Jul  9 05:59:15 2017] <cocreature> is there some way to check if a tactic has changed something? e.g. I have some match goal ltac and in one of the cases I do a "simpl in H". for various reasons that can’t be the last case but sometimes this is a noop which results in "repeat mytactic" repeatedly running into that case and doing nothing
[Sun Jul  9 06:00:01 2017] <cocreature> so I’d like to call "fail 1" if it doesn’t simpl anything
[Sun Jul  9 06:02:38 2017] <cocreature> ah I think I can use progress
[Sun Jul  9 06:04:52 2017] <cocreature> yep that works
[Sun Jul  9 11:20:09 2017] <ertes> hi…  could someone explain the differences between the various *Arith trees in the standard library?
[Sun Jul  9 11:28:25 2017] <ertes> ah, nevermind, figured it out
[Sun Jul  9 15:44:58 2017] <cocreature> how can I get the term associated with a name in an ltac macro? If I define "Ltac mytac H := match H with …" and then pass the name of a hypothesis to mytac it doesn’t match on the hypothesis but on the name itself
[Sun Jul  9 15:46:33 2017] <Cypi> let t := type of H in match t with ..."
[Sun Jul  9 15:46:36 2017] <Cypi> "
[Sun Jul  9 15:46:42 2017] <Cypi> Is that what you need?
[Sun Jul  9 15:47:33 2017] <cocreature> Cypi: perfect, thanks!
[Sun Jul  9 15:47:59 2017] <cocreature> makes sense now that I think about it
[Mon Jul 10 03:05:40 2017] <rain1> http://iris-project.org/
[Mon Jul 10 03:05:49 2017] <rain1> what would be a simple explanation of what iris really is?
[Mon Jul 10 03:05:58 2017] <rain1> the documentation is a bit over my head
[Mon Jul 10 03:07:09 2017] <rain1> I guess it's a construction of a category with limits that lets you model computation, has fixed points and an = operator that looks past computing steps roughly..?
[Mon Jul 10 12:13:20 2017] <ertes-w> hi…  is there a way to "open"/instantiate a whole Section?
[Mon Jul 10 12:13:50 2017] <ertes-w> like opening EqualityModulo for a specific N
[Mon Jul 10 12:37:19 2017] <jrw> ertes-w: no. sections get "erased" as soon as you close them, by adding all the Variables/Hypotheses to each definition.
[Mon Jul 10 12:40:54 2017] <ertes-w> jrw: is there a way to achieve that kind of abstraction?  perhaps through the module system?
[Mon Jul 10 12:41:09 2017] <jrw> ertes-w: yes, you could use a functor for that.
[Mon Jul 10 12:41:39 2017] <ertes-w> jrw: what is the usual way to do this?  or is it generally not done?
[Mon Jul 10 12:41:55 2017] <jrw> but you'd have to rewrite the library to be a functor instead of a section.
[Mon Jul 10 12:43:09 2017] <jrw> I'll cook up an example, one sec.
[Mon Jul 10 12:48:31 2017] <jrw> ertes-w: https://github.com/wilcoxjay/notes/blob/master/FunctorExample.v
[Mon Jul 10 12:50:50 2017] <ertes-w> jrw: thanks!
[Mon Jul 10 12:51:48 2017] <ertes-w> is Module Type necessary?  agda lets one just parameterise modules the way you parameterise everything
[Mon Jul 10 12:51:52 2017] <ertes-w> which is really convenient
[Mon Jul 10 12:52:03 2017] <jrw> afaik, it is required.
[Mon Jul 10 12:52:39 2017] <ertes-w> ok, thanks a lot for your help
[Mon Jul 10 14:01:07 2017] <dh`> sounds like agda is smarter
[Mon Jul 10 14:01:42 2017] <dh`> coq modules are like ml modules; they're (gratuitously) different from other program elements, so functor application is gratuitously different from other application
[Mon Jul 10 16:20:40 2017] <argent0> hi, i want to probe the target: S (pn + pn * m + m) = S (pn + m + pn * m) I've a proof that plus is commutative but can't get it to apply to the second sum.
[Mon Jul 10 16:20:49 2017] <argent0> How can I do that?
[Mon Jul 10 16:22:15 2017] <argent0> I want: S (pn + m + pn * m) = S (pn + m + pn * m). But if I 'rewrite plus_comm', I get S (m + (pn + pn * m)) = S (pn + m + pn * m)
[Mon Jul 10 16:26:09 2017] <jrw> argent0: the issue is that + is left associative, so pn + pn * m + m means (pn + pn * m) + m. one option is to first rewrite by associativity, and then use commutativity.
[Mon Jul 10 16:28:42 2017] <argent0> jrw: ok, thanks for the heads up.
[Mon Jul 10 17:04:02 2017] <argent0> * finishes ½ hour later
[Tue Jul 11 00:34:42 2017] <qwertyyyy> is there a way to multiply an equation on both sides with a nat ?(I want to get rid of a fraction)
[Tue Jul 11 00:41:47 2017] <qwertyyyy> and is there an automation mechanism that can handle fractions with variables ?
[Tue Jul 11 00:46:21 2017] <pacak> f_equal?
[Tue Jul 11 00:50:32 2017] <qwertyyyy> pacak: yes , thank you :)
[Tue Jul 11 06:39:15 2017] <tyrokroketa> Hi, is there a way to create an Ordinal option from a nat in mathcomp?
[Tue Jul 11 06:40:39 2017] <tyrokroketa> I am trying to write a specification that takes a nat x and a range [0, ..., n-1], and if (x < n) outputs Some (Ordinal (x < n)), otherwise None
[Wed Jul 12 04:23:42 2017] <cocreature> why does "clear - H" sometimes do nothing instead of clearing everything except for H?
[Wed Jul 12 04:25:19 2017] <cocreature> ah I think it’s dependencies
[Wed Jul 12 04:26:11 2017] <cocreature> so is there something like "clear -" that errors if clearing all hypothesis except for H is not possible instead of silently doing nothing?
[Wed Jul 12 04:30:24 2017] <cocreature> nvm, that doesn’t help me either
[Wed Jul 12 19:47:07 2017] <qwertyyyy> what is the way to type annotate something that has parateterized type (like a list) ?
[Wed Jul 12 19:48:18 2017] <johnw> do you mean: [1; 2] : list nat?
[Wed Jul 12 19:50:19 2017] <qwertyyyy> ah ok , then I have a follow up question : what is the "%" used for (I thought this was used for type annotation)?
[Wed Jul 12 19:57:10 2017] <johnw> that's a notation scope
[Wed Jul 12 19:57:18 2017] <johnw> it indicates how syntax should be interpreted by the parser
[Wed Jul 12 19:57:26 2017] <johnw> [1%nat; 2%nat] : list nat
[Wed Jul 12 19:57:37 2017] <johnw> that would work even if the nat_scope was not open
[Wed Jul 12 19:58:30 2017] <qwertyyyy> ok thank you :)
[Wed Jul 12 21:08:53 2017] <keep_learning> Hi Everyone
[Wed Jul 12 21:09:15 2017] <keep_learning> I am trying to prove Lemma paul_alt : forall (a:R) (b:R) (eps:R),
[Wed Jul 12 21:09:15 2017] <keep_learning>     (eps >= 0 -> a <= b + eps) -> a <= b.
[Wed Jul 12 21:09:26 2017] <keep_learning> http://lpaste.net/356902
[Wed Jul 12 21:09:57 2017] <keep_learning> But I have feeling that it is not true statement, but not sure.
[Wed Jul 12 21:31:13 2017] <Cypi> That's not true, indeed
[Wed Jul 12 21:32:08 2017] <Cypi> This should be better: "Lemma paul_alt : forall (a:R) (b:R), (forall (eps:R), eps >= 0 -> a <= b + eps) -> a <= b."
[Wed Jul 12 21:32:22 2017] <Cypi> but this is also not very interesting, since just taking "esp = 0" would prove easily the goal
[Wed Jul 12 21:32:32 2017] <Cypi> now with "eps > 0", that would be more interesting x)
[Wed Jul 12 21:33:18 2017] <keep_learning> Cypi: Thank you.
[Thu Jul 13 02:42:31 2017] <dh`> bah
[Thu Jul 13 02:42:45 2017] <dh`> is there any way to put constructors in a typeclass?
[Thu Jul 13 02:43:42 2017] <dh`> (as in, the class is a class of types that have constructors of these forms...)
[Thu Jul 13 02:43:55 2017] <dh`> you can enter them as functions, but then you can't match.
[Thu Jul 13 02:45:24 2017] <dh`> I suppose it's problematic
[Thu Jul 13 02:47:49 2017] <johnw> dh`: you can go the universal algebra route
[Thu Jul 13 02:47:56 2017] <johnw> describe them using sorts and arities
[Thu Jul 13 02:49:59 2017] <johnw> an example, from Conor McBride: https://gist.github.com/a8d31300233746453f5f3b76c0834c48
[Thu Jul 13 02:58:50 2017] <dh`> I think that makes my head hurt
[Thu Jul 13 02:58:53 2017] <dh`> :-)
[Thu Jul 13 02:59:20 2017] <dh`> (it doesn't look like it's actually all that complicated, but coq notation isn't being friendly to it)
[Thu Jul 13 02:59:39 2017] <johnw> it made my brain hurt a lot too
[Thu Jul 13 02:59:50 2017] <johnw> but mainly because I hadn't yet read any universal algebra when I first encountered it
[Thu Jul 13 03:00:07 2017] <johnw> think of it as "reifying interfaces", which avoids the function type matching problem you mentioned
[Thu Jul 13 03:00:28 2017] <johnw> you're turning a description of the type class constructors into a list of values
[Thu Jul 13 03:00:44 2017] <johnw> which you can denote back to function types
[Thu Jul 13 03:08:17 2017] <dh`> I'm trying something else, namely a member "matchme" whose type is t -> {t = ctor1 ...} + {t = ctor2 ...}
[Thu Jul 13 03:08:29 2017] <dh`> but it's not working
[Thu Jul 13 03:09:18 2017] <dh`> I can successfully match and get left P or right Q, but I don't see how to extract the constructor expression from P
[Thu Jul 13 03:09:39 2017] <dh`> (it's there in the typeclass, but the pattern match syntax won't do it)
[Thu Jul 13 03:09:52 2017] <dh`> or I'm doing it worng
[Thu Jul 13 03:41:21 2017] <dh`> all right, this doesn't work and I need to sleep
[Thu Jul 13 03:41:41 2017] <johnw> sleep helps, where Coq is concerned
[Thu Jul 13 19:48:47 2017] <argent0> hi, I have 'Fixpoint split ...' and in a proof I want to `unfold` it. And I get "Cannot coerce split to an evaluable reference."
[Thu Jul 13 19:50:28 2017] <argent0> I believe that it is a confusion with the split tactic (related to the constructor tactic). Is there a way to make explicity that I'm refering to the fixpoint?
[Thu Jul 13 19:50:46 2017] <argent0> other than renaming the fixpoint
[Thu Jul 13 19:54:27 2017] <Cypi> it should not be the problem. It looks more like "split" is opaque in your case
[Thu Jul 13 19:54:56 2017] <Cypi> Could you maybe provide more details?
[Thu Jul 13 19:55:49 2017] <Cypi> See http://lpaste.net/356920 for instance
[Thu Jul 13 19:55:57 2017] <Cypi> after calling "Opaque split.", I cannot unfold it anymore
[Thu Jul 13 19:56:22 2017] <argent0> Cypi: well, I'm following the software foundations book. And I had defined split in the wrong file. So it was something like: Fixpoint split ... Admitted. Sorry
[Thu Jul 13 19:56:38 2017] <Cypi> Oh, alright
[Thu Jul 13 19:56:46 2017] <argent0> Thanks anyway
[Fri Jul 14 03:08:11 2017] <cocreature> I’m trying to "fold to_tpair_list" in a goal but for some reason nothing happens. what could be causing this? you can see the goal and the definition here http://lpaste.net/356931
[Sat Jul 15 12:33:03 2017] <dh`> opaque is really opaque, right?
[Sat Jul 15 12:33:16 2017] <dh`> as in, if I wrote
[Sat Jul 15 12:33:18 2017] <dh`> Definition ZZ := 0.
[Sat Jul 15 12:33:18 2017] <dh`> Definition SS x: nat := x.
[Sat Jul 15 12:33:18 2017] <dh`> Opaque ZZ.
[Sat Jul 15 12:33:18 2017] <dh`> Opaque SS.
[Sat Jul 15 12:33:47 2017] <dh`> and then wrote down a bunch of arithmetic stuff about SS and ZZ, such that unfolding SS and ZZ would easily let me prove False, it's still safe
[Sat Jul 15 12:34:49 2017] <dh`> (that would be a silly thing to do, but I'm thinking about modeling concurrency where life is a lot harder)
[Sat Jul 15 12:36:37 2017] <benzrf> that seems like a bad idea to me...
[Sat Jul 15 12:36:40 2017] <benzrf> i don't know the answer, though
[Sat Jul 15 12:41:16 2017] <dh`> nobody does :-)
[Sat Jul 15 12:42:15 2017] <dh`> basically if you want to model something concurrent as coq code (rather than as abstract syntax) you need to be able to destroy state at times
[Sat Jul 15 12:42:57 2017] <dh`> and so you need: Definition havoc: {T: Type} (x: T) := x.
[Sat Jul 15 12:43:13 2017] <dh`> but if it's not really and truly opaque it exposes that you haven't changed the value of x.
[Sat Jul 15 12:43:36 2017] <dh`> (the intent is to destroy existing knowledge about the value)
[Sat Jul 15 13:27:20 2017] <benzrf> w-what
[Sat Jul 15 13:27:26 2017] <benzrf> oh i see
[Sat Jul 15 13:27:41 2017] <benzrf> well... don't model something concurrent as coq code rather than as abstract syntax
[Sat Jul 15 13:27:43 2017] <benzrf> >:[
[Sat Jul 15 13:29:23 2017] <benzrf> or perhaps do something like
[Sat Jul 15 13:29:39 2017] <benzrf> Axiom havoc : forall T, T -> T.
[Sat Jul 15 14:00:54 2017] <dh`> hmm, that's probably a better idea
[Sat Jul 15 14:01:52 2017] <dh`> and should ultimately be equivalent
[Sun Jul 16 00:26:42 2017] <dh`> meh:
[Sun Jul 16 00:26:43 2017] <dh`> Require Import OrderedType OrderedTypeEx.
[Sun Jul 16 00:26:43 2017] <dh`> Require MSetAVL.
[Sun Jul 16 00:26:43 2017] <dh`> Module NatSet := MSetAVL.Make Nat_as_OT.
[Sun Jul 16 00:26:43 2017] <dh`> Error: The field eq_equiv is missing in Coq.Structures.OrderedTypeEx.Nat_as_OT.
[Sun Jul 16 00:27:17 2017] <dh`> is that because it needs Orders and OrdersEx?
[Sun Jul 16 00:27:44 2017] <dh`> hmm, apparently so
[Sun Jul 16 00:55:28 2017] <dh`> ...why, if you have a system of Inductives on say expressions and statements and declarations and whatnot
[Sun Jul 16 00:55:41 2017] <dh`> (that are mutually recursive so they have to be one group)
[Sun Jul 16 00:55:59 2017] <dh`> does coq insist that the arguments to each inductive be the same?
[Sun Jul 16 00:56:07 2017] <dh`> or, I think, just the arity be the same?
[Sun Jul 16 00:56:17 2017] <dh`> this seems extremely stupid and it's extremely annoying
[Sun Jul 16 00:56:31 2017] <dh`> (since typically expressions are typed and statements aren't)
[Sun Jul 16 13:56:39 2017] <jrw> dh`: what do you mean? different inductive definitions within a mutual group can have different types/arities.
[Tue Jul 18 12:19:43 2017] <tyrokroketa> I have some goals (introduced by a parametricity tactic) in my context, which are named like _x_, _y_, etc. Can I somehow refer to them without Coq complaining about reserved identifiers?
[Tue Jul 18 12:20:02 2017] <tyrokroketa> Sorry, not goals, terms
[Tue Jul 18 12:21:23 2017] <dh`> probably at worst you can write an ltac that matches their names and renames them
[Tue Jul 18 12:28:38 2017] <tyrokroketa> dh`: Thanks! Any references/examples around?
[Tue Jul 18 12:28:47 2017] <dh`> dunno sorry :(
[Tue Jul 18 12:28:59 2017] <tyrokroketa> no problem
[Wed Jul 19 15:45:06 2017] <lfish> hi, I have a beginner's question, I don't know if this is the palce to ask... I'm trying to prove a theorem about an inductively defined proposition, but the statement of the theorem rules out the base case. However, induction asks me to prove it and gives me no assumptions to work with, any suggestions?
[Wed Jul 19 15:58:26 2017] <cocreature> lfish: can you show us what you currently have?
[Wed Jul 19 15:58:56 2017] <cocreature> I suspect that you need to use a combination of "remember" and "generalize dependent" or alternatively "dependent induction" but I’m not entirely sure I understand your problem
[Wed Jul 19 16:00:50 2017] <lfish> <cocreature> yes, the statement of the theorem is Theorem subseq_cons__subseq : forall (X : Type) (x : X) (xs l : list X),     subseq (x :: xs) l -> subseq xs l.
[Wed Jul 19 16:01:27 2017] <lfish> and the case that's troubling me is from Inductive subseq {X : Type} : list X -> list X -> Prop := | empty_subseq : forall l, subseq [] l | cons_seq_subseq : forall (x : X) (s l : list X),     subseq s l -> subseq s (x :: l) | cons_both_subseq : forall (x : X) (s l : list X),     subseq s l -> subseq (x :: s) (x :: l).
[Wed Jul 19 16:01:47 2017] <cocreature> can you add your Coq file to some pastebin service and give us the link?
[Wed Jul 19 16:02:05 2017] <cocreature> reading things without linebreaks and indentation is hard :)
[Wed Jul 19 16:02:14 2017] <lfish> I'm sorry, I'm new at this
[Wed Jul 19 16:02:47 2017] <cocreature> paste your code here http://lpaste.net/ and then give us the link
[Wed Jul 19 16:05:05 2017] <lfish> This seems to work. https://pastebin.com/Ks6f216X
[Wed Jul 19 16:10:19 2017] <lfish> http://lpaste.net/357049 that's in lpaste in case the other one didn't work
[Wed Jul 19 16:10:29 2017] <cocreature> give me a minute
[Wed Jul 19 16:11:57 2017] <cocreature> alright, so I guess you are trying to do induction on "subseq (x :: xs) l"?
[Wed Jul 19 16:19:25 2017] <cocreature> time to go to bed for me so I can’t walk you through the solution but http://lpaste.net/357050 works
[Fri Jul 21 11:23:04 2017] <cocreature> is there an induction lemma for lists somewhere in the standard library which gives me an "In x original_list" in the cons case?
[Fri Jul 21 11:38:57 2017] <cocreature> hm actually I’d like something like http://lpaste.net/357089 but I’m too stupid to prove that :/
[Fri Jul 21 11:39:37 2017] <cocreature> I need to strengthen something somewhere :)
[Fri Jul 21 12:34:22 2017] <jrw> cocreature: how about this? https://github.com/wilcoxjay/notes/blob/master/ListInductionWithPrefix.v
[Fri Jul 21 12:36:17 2017] <cocreature> jrw: perfect, thanks a ton!
[Fri Jul 21 12:57:47 2017] <Cale> cocreature: I was able to do it directly without thinking too hard, just applying whatever seemed like it would solve the goal http://lpaste.net/357092
[Fri Jul 21 13:06:34 2017] <cocreature> Cale: huh right, now I feel silly for not figuring out that myself. I guess I didn’t get enough sleep last night :) thanks!
[Sat Jul 22 21:02:15 2017] <__marioxcc> Hello.
[Sat Jul 22 21:03:03 2017] <__marioxcc> What is the benefit of a using constructive framework for the logic system of Coq? I am new to proof verifiers/assistants and I am honestly not very interested in constructive logic. "Should" I learn Coq or look for something else?
[Sat Jul 22 22:03:31 2017] <Cale> __marioxcc: Coq is a good one to learn.
[Sat Jul 22 22:04:10 2017] <__marioxcc> Cale: How does it compare with other proof assistants/verifiers?
[Sat Jul 22 22:04:14 2017] <Cale> The reason is that we'd like for the logic to also be a programming language. There's a lot of benefit in general to regarding proofs of theorems as programs.
[Sat Jul 22 22:04:46 2017] <__marioxcc> Does that have any practical use if one is not interested in program extraction?
[Sat Jul 22 22:05:24 2017] <__marioxcc> I am interested in writing a formalization of chemical notation (since the current standard is full of nosense; I believe only a formal and computer-verified definition will be satisfactory).
[Sat Jul 22 22:05:34 2017] <Cale> Well, if you think about it, we actually do this all the time in mathematics
[Sat Jul 22 22:05:41 2017] <Cale> Though we think about it a little differently
[Sat Jul 22 22:06:09 2017] <Cale> Often you'll see someone refer to "the such and such thing which whose existence was guaranteed by Theorem 3.5"
[Sat Jul 22 22:06:31 2017] <Cale> So we sort of use theorems as if they were functions quite a bit
[Sat Jul 22 22:07:04 2017] <__marioxcc> Ugh. I really have a hard time seeing it that way.
[Sat Jul 22 22:07:12 2017] <lambda-11235> One interesting thing is that the underlying theory is a higher order logic instead of a first order logic.
[Sat Jul 22 22:07:53 2017] <__marioxcc> but computerized higher order logic is basically obligued to use Henkin semantics, which make it more or less equivalent to first order logic.
[Sat Jul 22 22:07:53 2017] <Cale> __marioxcc: Maybe it'll help to explain the connection between logic and lambda calculus a bit :)
[Sat Jul 22 22:08:07 2017] <Cale> (Unless you're already familiar with it?)
[Sat Jul 22 22:08:57 2017] <__marioxcc> Not familiar, but I know what the Howard-Curry correspondency is about.
[Sat Jul 22 22:09:06 2017] <Cale> okay
[Sat Jul 22 22:09:13 2017] <Cale> So in logic, if we want to prove A -> B, we start by assuming that A holds, and try to form a proof of B from there, and if we succeed, natural deduction says we can conclude A -> B
[Sat Jul 22 22:10:04 2017] <Cale> In lambda calculus, if we want to construct a function of type A -> B, we start by introducing a variable x : A, and try to form a term e : B, and if we succeed, then λ(x:A).B : A -> B
[Sat Jul 22 22:10:06 2017] <__marioxcc> I think you mean Hedlund theorem.
[Sat Jul 22 22:10:43 2017] <__marioxcc> Natural deduction is the style of deduction systems where assuming A and then proving B actually proves directly A -> B, AFAIK.
[Sat Jul 22 22:10:54 2017] <__marioxcc> But I get the point. :)
[Sat Jul 22 22:11:03 2017] <Cale> Yeah, that's sort of what I'm talking about
[Sat Jul 22 22:11:19 2017] <Cale> Sometimes that's a metatheorem, sometimes it's just how we formulate the logical rule
[Sat Jul 22 22:11:26 2017] <__marioxcc> Right.
[Sat Jul 22 22:11:35 2017] <Cale> In logic, if we have both that A -> B, and that A, we may conclude B (modus ponens)
[Sat Jul 22 22:11:51 2017] <Cale> In lambda calculus, if we have f: A -> B, and x: A, we can construct f x: B
[Sat Jul 22 22:12:42 2017] <__marioxcc> Yes.
[Sat Jul 22 22:12:49 2017] <Cale> All the other logical connectives have similar connections: conjunction /\ corresponds to product types, and disjunction corresponds to sum types (discriminated unions)
[Sat Jul 22 22:13:19 2017] <__marioxcc> What about "non-logical" axioms like ZF separation, choice, large cardinals and so on?
[Sat Jul 22 22:14:09 2017] <Cale> So, in MLTT and systems like the one Coq is based on, there's enough expressive power to do quite a lot of mathematics without any axioms at all -- you just need the logical rules which come in corresponding introduction/elimination pairs
[Sat Jul 22 22:14:23 2017] <Cale> But adding in axioms is something you can do
[Sat Jul 22 22:15:45 2017] <Cale> However, it spoils the computational nature of the logic, because the rules correspond nicely to things with universal mapping properties if you're thinking categorically, and that lets you "simplify" proofs which introduce and then eliminate them
[Sat Jul 22 22:15:59 2017] <__marioxcc> Ugh, that is something I don't like.
[Sat Jul 22 22:16:24 2017] <__marioxcc> I have the idea that logic should have weak consistency strenght, so it shouldn't be possible to do "interesting" things with it without further axioms.
[Sat Jul 22 22:17:16 2017] <__marioxcc> Is there any sense in which "proofs are programs and programs are proofs" with "non-constructive" axioms like "there exist an unreachable cardinal from aleph_0"?
[Sat Jul 22 22:17:18 2017] <Cale> Well, mainly what gets you the additional strength is dependent types: Pi and Sigma
[Sat Jul 22 22:17:28 2017] <Cale> which in some sense correspond to forall and exists in logic
[Sat Jul 22 22:17:39 2017] <__marioxcc> Ok.
[Sat Jul 22 22:17:53 2017] <Cale> But since types sort of keep track of *which* proofs exist, they also behave a lot like sets
[Sat Jul 22 22:18:52 2017] <Cale> Where when we're thinking in a purely "logical" way, we might ignore everything about that set apart from whether or not it's inhabited
[Sat Jul 22 22:19:52 2017] <Cale> It just turns out that once you start keeping track of the reasons for things everywhere, you get something which looks very similar to set theory (only a little different)
[Sat Jul 22 22:21:04 2017] <__marioxcc> I guess I will understand that only after learning how to actually use it.
[Sat Jul 22 22:21:10 2017] <Cale> The main difference between saying that x has type A and x is an element of A being that x doesn't necessarily belong to any other type at all.
[Sat Jul 22 22:21:52 2017] <__marioxcc> Yes, I know that in simple type theory variables can only belong to a single type.
[Sat Jul 22 22:22:38 2017] <Cale> So, if we want to express something like "The even natural numbers" as a type, we're more likely to use something like
[Sat Jul 22 22:22:39 2017] <__marioxcc> Cale: What are the practical differences between Coq and other proof assistants? Since I am unfamiliar with all of them, I have only had time so far to glance at the tutorials of some of them (Coq, HOL-Light and HOL4)
[Sat Jul 22 22:22:44 2017] <Cale> Sigma (n:Nat), Even n
[Sat Jul 22 22:22:55 2017] <Cale> where Even n is the type of proofs that n is an even natural number
[Sat Jul 22 22:23:37 2017] <Cale> and Sigma (x:A), B(x) is the type of pairs (a,p) where a : A and p : B a, that is the type of the second part of the pair depends on the value of the first
[Sat Jul 22 22:23:51 2017] <__marioxcc> Ok, that is completely new for me.
[Sat Jul 22 22:24:09 2017] <__marioxcc> Cale: Have you used any of the HOL* family?
[Sat Jul 22 22:24:12 2017] <Cale> So, we'd have a type of natural numbers, paired up with proofs that they're even
[Sat Jul 22 22:24:21 2017] <Cale> I haven't yet actually
[Sat Jul 22 22:24:27 2017] <Cale> I've used Coq and Agda
[Sat Jul 22 22:24:41 2017] <Cale> and to some extent Idris (though it's more of a programming language than a proof assistant)
[Sat Jul 22 22:24:53 2017] <__marioxcc> I see.
[Sat Jul 22 22:24:59 2017] <Cale> and I've looked at other things but I don't really have a lot of experience using them
[Sat Jul 22 22:25:07 2017] <__marioxcc> *why* did you choose Coq and Agda instead of other proof assistant?
[Sat Jul 22 22:25:29 2017] <__marioxcc> That's the main question for me. I'd like to know how they compare in practice.
[Sat Jul 22 22:25:40 2017] <Cale> Well, I just woke up one day after programming in Haskell for a decade or so, and just realised that I already knew how to use Coq.
[Sat Jul 22 22:26:15 2017] <Cale> Just through random exposure to bits and pieces
[Sat Jul 22 22:27:01 2017] <__marioxcc> I see. I know the basics of Haskell but I have not written anything non-trivial with it.
[Sat Jul 22 22:27:07 2017] <Cale> Agda is also very similar in nature to Coq and Haskell -- it sort of looks like Haskell with a fancy type system and a standard library filled with unicode symbols
[Sat Jul 22 22:27:44 2017] <Cale> Coq tends to look different, in that you write proofs using "tactics", but the underlying type system is very similar
[Sat Jul 22 22:28:14 2017] <__marioxcc> Is there no "tactics" automation in Agda?
[Sat Jul 22 22:28:15 2017] <lambda-11235> Isn't HOL still based on type theory?
[Sat Jul 22 22:28:27 2017] <Cale> Not as far as I'm aware
[Sat Jul 22 22:28:52 2017] <Cale> It's something that would make sense adding to Agda, but culturally, Agda is sort of an experiment in where you can get just writing proof terms directly.
[Sat Jul 22 22:29:07 2017] <__marioxcc> Ok.
[Sat Jul 22 22:29:41 2017] <__marioxcc> lambda-11235: HOL4 describes the underlying logic as a specific type theory.
[Sat Jul 22 22:29:57 2017] <__marioxcc> http://sourceforge.net/projects/hol/files/hol/kananaskis-11/kananaskis-11-logic.pdf/download
[Sat Jul 22 22:35:50 2017] <Cale> __marioxcc: One nice thing is that apart from having a model in sets, dependent type theories can also have a models in other locally Cartesian closed categories. Homotopy type theory explores the idea that type theory can be used to study homotopy types
[Sat Jul 22 22:36:20 2017] <__marioxcc> I see, but I don't know any category theory.
[Sat Jul 22 22:36:21 2017] <Cale> So there, they tend to regard types not only as logical propositions, but more generally as something like topological spaces up to homotopy equivalence
[Sat Jul 22 22:36:42 2017] <__marioxcc> Ok, that makes a bit more sense for me. :)
[Sat Jul 22 22:37:03 2017] <Cale> and then the identity type Id A x y, which we'd usually regard as the proposition that x = y in the type A, can be interpreted as the space of paths between x and y in A.
[Sat Jul 22 22:37:53 2017] <Cale> and anything which can be carried out in plain type theory automatically turns into the construction of points in a particular space
[Sat Jul 22 22:38:15 2017] <__marioxcc> That sounds nice.
[Sat Jul 22 22:38:20 2017] <__marioxcc> Where can I read more about it?
[Sat Jul 22 22:38:26 2017] <__marioxcc> I am familiar with elementary topology.
[Sat Jul 22 22:38:32 2017] <Cale> https://homotopytypetheory.org/
[Sat Jul 22 22:38:35 2017] <Cale> there's a book there
[Sat Jul 22 22:38:40 2017] <Cale> https://homotopytypetheory.org/book/
[Sat Jul 22 22:39:50 2017] <__marioxcc> Thanks you.
[Sat Jul 22 22:40:31 2017] <Cale> A really interesting little thing about it is that if you try to incorporate the law of excluded middle as an axiom (in its most general form), it kills this interpretation by making all your spaces discrete
[Sat Jul 22 22:40:43 2017] <Cale> But there are more restricted forms of LEM which still work
[Sat Jul 22 22:41:37 2017] <__marioxcc> I see.
[Sat Jul 22 22:42:07 2017] <__marioxcc> Too bad that this nice connection with topology trivializes under classical mathematics.
[Sat Jul 22 22:42:40 2017] <Cale> It's still expected that most or all of classical mathematics should be formalisable in here, with a little tweaking
[Sat Jul 22 22:43:32 2017] <Cale> Like, you might not get LEM for *all* types, but there's a class of types which are especially proposition-like (those types P which for any x and y of type P, we have x = y)
[Sat Jul 22 22:43:58 2017] <__marioxcc> Ok.
[Sat Jul 22 22:43:59 2017] <Cale> and LEM will hold for those, and you can also have a classical-style Axiom of Choice for set-like types without spoiling things
[Sat Jul 22 22:44:14 2017] <Cale> Or rather LEM won't immediately hold for those, but you can add an axiom to make it hold
[Sat Jul 22 22:44:34 2017] <__marioxcc> Cale: Why not add the ZF(C) axioms to Coq and then use the rest as the underlying logic?
[Sat Jul 22 22:45:28 2017] <Cale> Something like that is doable -- you can pose an element-of relation and the ZFC axioms for it
[Sat Jul 22 22:45:37 2017] <__marioxcc> Ok.
[Sat Jul 22 22:45:37 2017] <Cale> It's just... ZFC isn't really terribly usable in reality
[Sat Jul 22 22:46:17 2017] <Cale> If you actually want to formalise a significant amount of stuff, first order set theory gets really tedious.
[Sat Jul 22 22:46:41 2017] <__marioxcc> Well, metamath has formalized a non-trivial part of mathematics using only ZFC (with proper classes as an extension) http://us.metamath.org/mpeuni/mmset.html
[Sat Jul 22 22:46:51 2017] <Cale> We sort of pretend in mathematics that everything ought to be formalisable in ZFC, but rarely do we actually *do* it.
[Sat Jul 22 22:47:22 2017] <Cale> Yeah, metamath changes the underlying logic a bit from how ZFC is usually described, but it's pretty close
[Sat Jul 22 22:47:24 2017] <__marioxcc> Could you point to something that can be formalized within ZF(C) in principle, but it is impractical?
[Sat Jul 22 22:47:41 2017] <Cale> However, I wouldn't hold it up as an argument against the idea that it's tedious :)
[Sat Jul 22 22:47:49 2017] <__marioxcc> Metamath uses *exactly* ZFC as far as I can tell.
[Sat Jul 22 22:47:53 2017] <__marioxcc> Yes, it is tedious indeed.
[Sat Jul 22 22:48:59 2017] <Cale> Like, most of the stuff they've already accomplished with metamath, I would consider extremely impractical as it is.
[Sat Jul 22 22:49:09 2017] <__marioxcc> There is really no built-in underlying logic for Metamath, but the "set.mm" database uses an ordinary formalization of classical propositional and first order logic.
[Sat Jul 22 22:50:01 2017] <__marioxcc> I agree that metamath is impractical, but is it because it uses ordinary first order logic (in set.mm) or is it because it has virtually no automation?
[Sat Jul 22 22:50:22 2017] <__marioxcc> Basically the only automation is proving the well-formedness of the terms that appear in a proof.
[Sat Jul 22 22:50:58 2017] <__marioxcc> So I'm not sure that Metamath is impractical because it uses ZFC with classical logic.
[Sat Jul 22 22:51:40 2017] <__marioxcc> Bear in mind that Metamath is intended to be minimalistic, It has only substitution of variable as built-in logic, not even propositional logic is built-in.
[Sat Jul 22 22:51:55 2017] <Cale> It's a bit of both. Agda has very little automation as well, and accomplishing similar goals in that will generally be much easier just because it's got nice ways of structuring things.
[Sat Jul 22 22:52:35 2017] <Cale> (though the automation which is there in Agda you'll generally want to use too -- it can help you deal with splitting cases, and finding things in scope which have the right type and so on)
[Sat Jul 22 22:52:57 2017] <Cale> Come to think of it, those bits of automation are only possible because of the types
[Sat Jul 22 22:53:12 2017] <__marioxcc> Ok.
[Sat Jul 22 22:53:30 2017] <__marioxcc> Well, I have to go to sleep. It's 21:53 here and I have to wake early tomorrow.
[Sat Jul 22 22:53:36 2017] <Cale> All right, see you around!
[Sat Jul 22 22:53:40 2017] <__marioxcc> Thanks for the information!. Good bye!
[Sun Jul 23 18:43:31 2017] <ertes> a few weeks ago i investigated the 'lean' proof assistant…  it seemed to be much smarter about automating things, but was otherwise very similar to coq
[Sun Jul 23 18:49:26 2017] <ertes> i've also looked HOL light, but even though it seems to have a vast library of predefined stuff and i liked the way "tactics" are really just functions, it was really awkward to use
[Sun Jul 23 18:49:35 2017] <ertes> *looked into
[Mon Jul 24 09:30:10 2017] <ertes-w> is there a tactic to do ring *rewrites*?
[Mon Jul 24 09:30:27 2017] <ertes-w> like rewrite 8 to 3 + 1*5
[Mon Jul 24 09:31:15 2017] <cocreature> ertes-w: "replace 8 with (3 + 1*5) by omega"?
[Mon Jul 24 09:32:31 2017] <ertes-w> oh, nice
[Mon Jul 24 09:32:43 2017] <ertes-w> thanks
[Mon Jul 24 09:32:45 2017] <cocreature> you need to import omega from somewhere
[Mon Jul 24 09:33:10 2017] <ertes-w> yeah, i just did…  so is omega the "just do it" tactic?  i have used 'ring' so far
[Mon Jul 24 09:33:24 2017] <cocreature> I’ve actually never used ring :)
[Mon Jul 24 09:33:29 2017] <cocreature> so not sure
[Mon Jul 24 09:34:16 2017] <cocreature> looks like omega is only for presburger arithmetic
[Mon Jul 24 09:34:52 2017] <cocreature> and only for nat and Z
[Mon Jul 24 09:35:21 2017] <cocreature> although in your case since everything is constant "by reflexivity" should work too
[Mon Jul 24 09:36:12 2017] <ertes-w> ah, i think i'm starting to understand how "rewrite … by" works
[Mon Jul 24 09:36:30 2017] <ertes-w> so yeah, ring seems to be more powerful in fact
[Mon Jul 24 09:38:17 2017] <cocreature> not sure about that. omega is a decision procedure so it should always work when it’s applicable. afaict ring is based on a bunch of simplifications followed by a syntactic equality check so I wouldn’t be surprised if there are things omega can solve that ring can’t solve
[Mon Jul 24 09:53:17 2017] <ertes-w> so far whenever i thought, "this should follow from the ring axioms", 'ring' worked
[Mon Jul 24 09:54:30 2017] <ertes-w> apparently it rewrites the expressions to a polynomial that is unique modulo the ring axioms, and if the results are syntactically equal, it uses reflexivity
[Mon Jul 24 09:54:42 2017] <ertes-w> which is exactly what i need most of the time
[Mon Jul 24 11:04:22 2017] <jrw> one example of a difference: omega understands less-than but ring doesn't.
[Mon Jul 24 11:39:38 2017] <ertes-w> ah
[Mon Jul 24 19:45:43 2017] <ertes> dot_assoc : forall {A B C D} (f : Hom C D) (g : Hom B C) (h : Hom A B), dot (dot f g) h = dot f (dot g h)
[Mon Jul 24 19:46:13 2017] <ertes> is there any way to shorten this?  i thought something like:  forall f g h, dot (dot f g) h = dot f (dot g h)
[Mon Jul 24 19:46:31 2017] <ertes> but coq doesn't seem to want to invent implicit arguments
[Mon Jul 24 19:47:43 2017] <ertes> also is the following good enough?  Class Category (Ob : Type) (Hom : Ob → Ob → Type) …
[Mon Jul 24 19:47:43 2017] <ertes>  
[Mon Jul 24 19:47:51 2017] <ertes> i feel like i'm running into a universe problem there
[Mon Jul 24 19:48:12 2017] <ertes> but i don't really know how coq deals with universes and universe polymorphism
[Mon Jul 24 19:51:03 2017] <ertes> ok, i can abbreviate (g : Hom B C) to just g
[Mon Jul 24 19:51:12 2017] <ertes> but that's not really the point
[Mon Jul 24 20:11:30 2017] <quotation> Hi, this link does not work :-( https://www.msr-inria.fr/news/feit-thomson-proved-in-coq/
[Wed Jul 26 21:21:39 2017] <Dodek> hi, I'm very new to Coq, so I apologize if my question is stupid. I was trying to prove something, and I needed to rewrite (foo x + 0) to foo x
[Wed Jul 26 21:21:55 2017] <Dodek> i was looking for an appropriate lemma, and found https://coq.inria.fr/library/Coq.Arith.Plus.html
[Wed Jul 26 21:22:00 2017] <Dodek> Notation plus_0_r := Nat.add_0_r (compat "8.4").
[Wed Jul 26 21:22:27 2017] <Dodek> but when I click on the Nat.add_0_r, there's no such thing in the documentation
[Wed Jul 26 21:22:39 2017] <Dodek> can anyone explain to me what's going on?
[Wed Jul 26 21:27:52 2017] <Cypi> You are right, this is very confusing, because of the way Nat is implemented. This is a module with a few basic definitions and axioms, the rest is derived through generic functors and stuff
[Wed Jul 26 21:28:15 2017] <Cypi> The actual definition of add_0_r would be in https://coq.inria.fr/library/Coq.Numbers.NatInt.NZAdd.html I think
[Wed Jul 26 21:28:20 2017] <Cypi> (but it doesn't really help to know that)
[Wed Jul 26 21:37:06 2017] <Dodek> ah, i see. i mean, i don't see it, but looks like i cannot help it.
[Wed Jul 26 21:39:10 2017] <Dodek> now i'm looking for a lemma saying that (S n) = (S m) -> n = m
[Wed Jul 26 21:39:27 2017] <Dodek> in haskell one had a nice search engine that allowed you to search for functions matching given type signature
[Wed Jul 26 21:39:36 2017] <Dodek> is there something like this for coq?
[Wed Jul 26 21:40:22 2017] <Cypi> Search (S _ = S _ -> _ = _).
[Wed Jul 26 21:42:11 2017] <Dodek> that's exactly what i was looking for!
[Wed Jul 26 21:42:26 2017] <Dodek> thank you :)
[Wed Jul 26 21:47:06 2017] <Dodek> actually, if i wanted to use the add_0_r, how do I import it?
[Wed Jul 26 21:49:44 2017] <Cypi> If you do "Require Import Arith.", then "Nat.add_0_r" is available
[Wed Jul 26 21:49:57 2017] <Cypi> if you want to just write "add_0_r", you can do "Import Nat."
[Wed Jul 26 21:51:12 2017] <Dodek> hm, Require Import Arith. works fine, but then it cannot find Nat
[Wed Jul 26 21:51:26 2017] <Cypi> What is your version of Coq?
[Wed Jul 26 21:51:34 2017] <Dodek> 8.4
[Wed Jul 26 21:51:39 2017] <Cypi> ah
[Wed Jul 26 21:51:44 2017] <Dodek> looks like it's pretty old
[Wed Jul 26 21:51:57 2017] <Dodek> it came with my distribution though
[Wed Jul 26 21:52:02 2017] <Dodek> should I update?
[Wed Jul 26 21:52:11 2017] <Cypi> I don't know the corresponding lemma, but what you can is try to locate it, using Search
[Wed Jul 26 21:52:29 2017] <Cypi> I would advise updating if it's easy enough for you, I guess, but it's up to you
[Wed Jul 26 21:53:20 2017] <Dodek> I will probably update at some point then, but I can use plus_0_r from Plus module for now
[Wed Jul 26 21:53:28 2017] <Cypi> good then :)
[Wed Jul 26 21:53:31 2017] <Dodek> :)
[Wed Jul 26 21:54:06 2017] <Dodek> this whole thing is really fun
[Wed Jul 26 21:54:38 2017] <Dodek> I had fun proving logical tautologies using natural deduction years ago at university, and it's kinda like this
[Thu Jul 27 09:18:48 2017] <hackedy_> Dodek: proving something like (S n) = (S m) -> n m is possible just using the `congruence` tactic
[Thu Jul 27 09:18:59 2017] <hackedy_> you might find these slides helpful https://coq.inria.fr/files/coq-itp-2015/CoqSurvivalKit.pdf
[Thu Jul 27 12:25:52 2017] <Dodek> hackedy_: thanks! i also learned other ways to prove it in the meantime
[Thu Jul 27 12:26:09 2017] <Dodek> i have now something like 5 times as much experience as i had when asking that question
[Thu Jul 27 15:15:19 2017] <Dodek> hm, so I have the following definition:
[Thu Jul 27 15:15:22 2017] <Dodek> Definition fold_length {X : Type} (l : list X) : nat := fold (fun _ n => S n) l 0.
[Thu Jul 27 15:15:40 2017] <Dodek> i want to prove that forall l, fold_length l  = length l
[Thu Jul 27 15:16:01 2017] <Dodek> so i do induction over l, and in the nontrivial case i need to prove
[Thu Jul 27 15:16:15 2017] <Dodek> fold_length (h :: t) = S (length t)
[Thu Jul 27 15:16:52 2017] <Dodek> i want to expand the fold_length definition, to use the second case from fold definition to obtain
[Thu Jul 27 15:18:38 2017] <Dodek> (fun _ n => S n) h (fold (fun _ n => S n) t) = S (length t)
[Thu Jul 27 15:18:50 2017] <Dodek> this would allow me to simplify and apply the induction hypothesis
[Thu Jul 27 15:19:11 2017] <Dodek> but i am not able to reduce fold_length (h :: t), simpl. does nothing. why?
[Thu Jul 27 15:22:56 2017] <Dodek> okay, i found unfold tactic
[Thu Jul 27 17:42:23 2017] <moneyinyourpocke> Currently looking for anyone who is experienced in CoQ or ACL2 that is looking to pick up an extra project on the side. First will be a few projects, but can lead to a full time remote job. Anyone interested?
[Thu Jul 27 18:55:20 2017] <moneyinyourpocke> Currently looking for anyone who is experienced in CoQ or ACL2 that is looking to pick up an extra project on the side. First will be a few projects, but can lead to a full time remote job. Anyone interested?
[Fri Jul 28 07:33:23 2017] <nimaai> Hi. I have just started reading SF and learning Coq.
[Fri Jul 28 07:33:51 2017] <nimaai> I am stuck with the following error message:
[Fri Jul 28 07:33:53 2017] <nimaai> Error: Illegal application (Non-functional construction):  The expression "bool" of type "Set" cannot be applied to the term  "match b1 with   | true => false   | false => negb b2   end" : "bool"
[Fri Jul 28 07:37:52 2017] <nimaai> negb and bool type are defined as in: https://softwarefoundations.cis.upenn.edu/current/Basics.html#lab17
[Fri Jul 28 07:40:08 2017] <nimaai> any hint would be appreciated
[Fri Jul 28 07:51:08 2017] <lyxia> nimaai: what did you write
[Fri Jul 28 08:13:21 2017] <nimaai> lyxia: I figured it out; missed ":=" in the function definition. Thanks
[Sat Jul 29 15:08:46 2017] <Dodek> het
[Sat Jul 29 15:09:02 2017] <Dodek> hey
[Sat Jul 29 15:09:14 2017] <Dodek> (i'm working through software foundations book)
[Sat Jul 29 15:09:20 2017] <Dodek> i have the following definition:
[Sat Jul 29 15:09:22 2017] <Dodek> Inductive R : nat -> nat -> nat -> Prop := | c1 : R 0 0 0 | c2 : forall m n o, R m n o -> R (S m) n (S o) | c3 : forall m n o, R m n o -> R m (S n) (S o) | c4 : forall m n o, R (S m) (S n) (S (S o)) -> R m n o | c5 : forall m n o, R m n o -> R n m o.
[Sat Jul 29 15:09:32 2017] <Dodek> oops, shouldn't have gone in a single line
[Sat Jul 29 15:09:40 2017] <Dodek> Inductive R : nat -> nat -> nat -> Prop :=
[Sat Jul 29 15:09:44 2017] <Dodek>    | c1 : R 0 0 0
[Sat Jul 29 15:09:48 2017] <Dodek>    | c2 : forall m n o, R m n o -> R (S m) n (S o)
[Sat Jul 29 15:09:52 2017] <Dodek>    | c3 : forall m n o, R m n o -> R m (S n) (S o)
[Sat Jul 29 15:09:56 2017] <Dodek>    | c4 : forall m n o, R (S m) (S n) (S (S o)) -> R m n o
[Sat Jul 29 15:09:59 2017] <Dodek>    | c5 : forall m n o, R m n o -> R n m o.
[Sat Jul 29 15:10:52 2017] <Dodek> it is clearly just a good old plus relation
[Sat Jul 29 15:10:58 2017] <Dodek> and that's what i'm trying to prove
[Sat Jul 29 15:11:38 2017] <Dodek> i'm having trouble though with doing any proofs whatsoever on this type -- the c4 constructor gives me a hard time.
[Sat Jul 29 15:13:15 2017] <Dodek> e.g. suppose I want to prove that forall n, R 0 0 n -> n = 0. i intro the n and the assumption H: R 0 0 n, but when I do an inversion on H, i get a case of R 1 1 (S (S n)) -> R 0 0 n, and i have no idea how to deal with it.
[Sat Jul 29 15:14:02 2017] <Dodek> the induction on n doesn't work for the same reason
[Sat Jul 29 15:18:27 2017] <Dodek> here's a simpler case:
[Sat Jul 29 15:18:41 2017] <Dodek> Inductive Q : nat -> Prop :=
[Sat Jul 29 15:18:44 2017] <Dodek> | q0 : Q 0
[Sat Jul 29 15:18:47 2017] <Dodek> | q2 : forall n, Q (S n) -> Q n.
[Sat Jul 29 15:18:58 2017] <Dodek> how to prove the following theorem:
[Sat Jul 29 15:19:18 2017] <Dodek> Theorem Q_triv : forall n, Q n <-> n = 0.
[Sat Jul 29 15:22:06 2017] <Cypi> This kind of constructor definitely complicates things. In your simple case, you can do this: http://lpaste.net/357281
[Sat Jul 29 15:22:57 2017] <Dodek> ah, i just figured out simple case too
[Sat Jul 29 15:23:34 2017] <Dodek> i also did induction on Q n
[Sat Jul 29 15:23:56 2017] <Dodek> i wonder if it's gonna work on R too.
[Sat Jul 29 15:23:57 2017] <Cypi> I do wonder: why not get rid of the constructors c4 and c5? They don't bring anything more in the relation, right?
[Sat Jul 29 15:24:06 2017] <Dodek> yeah, they don't
[Sat Jul 29 15:24:15 2017] <Dodek> the SF book even asks whether they bring anything
[Sat Jul 29 15:24:24 2017] <Dodek> but i think that's the whole point.
[Sat Jul 29 15:24:40 2017] <Cypi> ah right, I forgot about this exercise then :)
[Sat Jul 29 15:27:35 2017] <Dodek> a funny thing is this
[Sat Jul 29 15:28:03 2017] <Dodek> i don't see any way to prove that ~(Q 1) other than proving Q n <-> n = 0
[Sat Jul 29 15:28:12 2017] <Dodek> or am i missing anything?
[Sat Jul 29 15:29:23 2017] <Cypi> Not missing anything, I think. There is no simple proof, because you have to explain that "Q 1" would be an infinite chain of applications of q2
[Sat Jul 29 15:42:35 2017] <Dodek> i'm now trying to prove that R 0 0 n -> n = 0
[Sat Jul 29 15:43:02 2017] <Dodek> but the induction on R 0 0 n introduces some unexpected cases to me, and i don't know how to deal with thosee
[Sat Jul 29 15:43:48 2017] <Dodek> i am wondering if this is also the case like with ~(Q 1) above -- maybe i do really need to consider all of the variables at the same time.
[Sat Jul 29 15:48:50 2017] <Dodek> e.g. I have assumption H: R 0 0 n, and I have goal n = 0.
[Sat Jul 29 15:49:04 2017] <Dodek> I do induction H.
[Sat Jul 29 15:49:15 2017] <Dodek> first case, c1, is trivial, so reflexivity deals with it.
[Sat Jul 29 15:49:27 2017] <Dodek> but then c2 generates something weird:
[Sat Jul 29 15:49:37 2017] <Dodek>   n0 := 0 : nat
[Sat Jul 29 15:49:37 2017] <Dodek>   m : nat
[Sat Jul 29 15:49:37 2017] <Dodek>   n : nat
[Sat Jul 29 15:49:37 2017] <Dodek>   o : nat
[Sat Jul 29 15:49:37 2017] <Dodek>   H : R m n o
[Sat Jul 29 15:49:39 2017] <Dodek>   IHR : o = n
[Sat Jul 29 15:49:42 2017] <Dodek>   ============================
[Sat Jul 29 15:49:44 2017] <Dodek>    S o = n
[Sat Jul 29 15:50:29 2017] <Dodek> why is o = n? why did it introduce m n even though R 0 0 n is not of this form?
[Sat Jul 29 15:50:54 2017] <Dodek> inversion would figure it out, but how can I do inversion when doing induction?
[Sat Jul 29 15:51:19 2017] <Dodek> and why is the goal S o = n? the goal was n = 0 before, what happened?
[Sat Jul 29 16:24:49 2017] <artart78> Dodek: try "destruct" instead of "induction"
[Sat Jul 29 16:25:03 2017] <artart78> hmmm
[Sat Jul 29 16:25:13 2017] <artart78> actually how would you do the proof on paper?
[Sat Jul 29 16:26:50 2017] <artart78> nvm about the "destruct", didn't do Coq in a few months and I think I'm already rusty lol
[Sat Jul 29 16:32:30 2017] <artart78> Dodek: anyway IIRC the base 'induction' tactic will generalize everything
[Sat Jul 29 16:35:03 2017] <artart78> it works for example if you do "forall m p, m = 0 -> p = 0 -> R m p n -> n = 0" (but then you have a problem with c4)
[Sat Jul 29 16:41:28 2017] <artart78> I have no idea how to handle c4, but actually c5 can also be tricky as a simple induction cannot do it.. good luck heh
[Sat Jul 29 18:31:21 2017] <Dodek> artart78: if i do induction on R m p n in your theorem, it wants me to prove that S o = 0 in the c2 case
[Sat Jul 29 18:32:36 2017] <artart78> hm but you have a contradicting hypothesis in your context, no?
[Sat Jul 29 18:41:49 2017] <Dodek> doesn't look like it
[Sat Jul 29 18:41:58 2017] <Dodek> consider my context above
[Sat Jul 29 18:42:26 2017] <Dodek> where it asks me to prove that S o = n, with assumption that o = n
[Sat Jul 29 18:42:36 2017] <Dodek> i mean, yes, it is a contradicting hypothesis
[Sat Jul 29 18:42:52 2017] <Dodek> but it only means that i cannot derive the goal
[Sat Jul 29 18:43:06 2017] <Dodek> unless there's a false assumption, but it doesn't look like it.
[Sat Jul 29 18:45:16 2017] <Dodek> anyway
[Sat Jul 29 18:45:29 2017] <Dodek> i just directly proved that R n m o <-> n + m = o
[Sat Jul 29 18:45:34 2017] <Dodek> with a very simple proof
[Sat Jul 29 18:45:49 2017] <Dodek> but I couldn't seem to prove any other thing about R.
[Sat Jul 29 18:50:43 2017] <artart78> hm sorry I don't remember what I did, I'm starting to feel asleep now lol
[Sat Jul 29 18:51:03 2017] <artart78> but to be honest I think it's not possible to do it using just an induction
[Sat Jul 29 18:52:37 2017] <artart78> so yeah you'll probably need to be more pedestrian (doesn't that n + m = o characterization solve what you want?)
[Sat Jul 29 18:54:31 2017] <Dodek> sure, once I prove that R n m o <-> n + m = o, everything else follows from facts I proved about +
[Sat Jul 29 18:54:54 2017] <Dodek> but I find it confusing that it's much easier to prove that equivalence than, say, to prove that R 0 0 n -> n = 0.
[Sat Jul 29 18:55:23 2017] <artart78> that often happens: for example, needing to generalize inductions in order to prove a simpler goal
[Sat Jul 29 18:55:35 2017] <Dodek> but I guess it makes some sense -- to prove it using pen and paper, you have to consider also c constructor
[Sat Jul 29 18:55:38 2017] <Dodek> c4 i mean
[Sat Jul 29 18:55:50 2017] <Dodek> and then how could we have gotten an argument to c4 and so on
[Sat Jul 29 18:57:09 2017] <artart78> yeah you could probably prove the equivalence with R without c4 and c5 and then it would be easy
[Sat Jul 29 19:01:37 2017] <Dodek> okay, I'm doing subsequent exercises in that book now
[Sat Jul 29 19:01:40 2017] <Dodek> and they sem sooo easy
[Sat Jul 29 19:01:44 2017] <Dodek> seem
[Sat Jul 29 19:09:26 2017] <artart78> maybe we missed something haha
[Sat Jul 29 21:20:15 2017] <Dodek> so i can use -, +, and * to manage the focus of the proof
[Sat Jul 29 21:20:35 2017] <Dodek> but what if i need more levels? obviously I could try to extract lemmas, but if there's nothing suitable to extract?
[Sat Jul 29 21:20:38 2017] <Dodek> what are my other options?
[Sat Jul 29 21:21:37 2017] <Cypi> you can use --, ++, ** and so on
[Sat Jul 29 21:25:31 2017] <Dodek> oh. what's the order?
[Sat Jul 29 21:25:57 2017] <Cypi> there is no set order, you can use them however you want
[Sat Jul 29 21:27:22 2017] <Dodek> oh, i see
[Sat Jul 29 21:27:24 2017] <Dodek> thanks!
[Sat Jul 29 22:07:44 2017] <Dodek> what the hell is this omega tactic
[Sat Jul 29 22:08:20 2017] <Dodek> The tactic omega, due to Pierre Crégut, is an automatic decision procedure for Presburger arithmetic.
[Sat Jul 29 23:46:53 2017] <benzrf> Dodek: is that clarifying enough?
[Sun Jul 30 00:41:19 2017] <Dodek> it is
[Sun Jul 30 00:41:24 2017] <Dodek> actually i'm fucking pissed right now
[Sun Jul 30 00:41:50 2017] <Dodek> i spent way too much time trying to prove that n + m + n + k = n + n + m + k yesterday
[Sun Jul 30 00:42:13 2017] <Dodek> just kidding, it's a great tactic
[Sun Jul 30 19:57:45 2017] <dh`> according to something I saw somewhere, you should use bullets in the order - * + -- ** ++ etc. if you want proof general to do something-or-other optimally
[Sun Jul 30 19:57:51 2017] <dh`> (real specific, eh?)
[Sun Jul 30 20:16:35 2017] <rain1> hello
[Sun Jul 30 20:16:53 2017] <rain1> what would you recommend to use to write and prove correct a C program in coq?
[Mon Jul 31 06:33:05 2017] <petercommand> are coq 8.4pl*  compatible with the 8.4 release
[Mon Jul 31 06:33:08 2017] <petercommand> ?
[Mon Jul 31 06:33:28 2017] <petercommand> or are they not compatible
[Mon Jul 31 10:33:03 2017] <rain1> how do i configure coq loadpath or other variables to set it up?
[Mon Jul 31 10:33:12 2017] <rain1> i built and installed it locally ot a folder out/
[Mon Jul 31 10:33:20 2017] <rain1> so i add out/bin to PATH but when I launch coqtop i get a lot of errors
[Mon Jul 31 10:33:56 2017] <rain1> warnings about things being remapped, and Error: Cannot load Coq.Init.Notations: no physical path bound to Coq.Init
[Mon Jul 31 19:10:17 2017] <benzrf> when did the proof general logo turn into an anime girl
[Mon Jul 31 19:10:29 2017] <benzrf> what weeb took over
[Mon Jul 31 19:40:57 2017] <Cale> http://zermelo.dcs.ed.ac.uk/releases/ProofGeneral-3.3/doc/ProofGeneral.jpg used to be this guy
[Mon Jul 31 19:40:58 2017] <Cale> haha
[Mon Jul 31 19:42:52 2017] <Cale> benzrf: http://mzp.hatenablog.com/entry/2012/09/26/232857
[Mon Jul 31 19:43:42 2017] <benzrf> oh no
[Mon Jul 31 20:20:58 2017] <KaneTW> no cigars
[Mon Jul 31 20:21:01 2017] <KaneTW> heresy.
[Mon Jul 31 20:21:10 2017] <KaneTW> love a good cigar
[Tue Aug  1 07:10:57 2017] <rain1> hello
[Tue Aug  1 07:11:15 2017] <rain1> any advice for running coq after building it into a local prefix?
[Tue Aug  1 07:47:00 2017] <petercommand> I use proof general
[Tue Aug  1 07:47:36 2017] <petercommand> I just append emacs exec-path with that particular prefix
[Tue Aug  1 07:47:47 2017] <Cypi> You can just launch ./bin/coqide if you prefer CoqIDE to Proof General
[Tue Aug  1 07:50:23 2017] <rain1> my problem is coqtop wont work even in the terminal, let alone proof general
[Tue Aug  1 07:50:38 2017] <Cypi> Oh. What does "wont work" mean?
[Tue Aug  1 07:51:51 2017] <rain1> https://bpaste.net/show/5a39e498a651 these are the errors i get
[Tue Aug  1 07:53:30 2017] <Cypi> hmm, if you add "-coqlib <dir>" to the command line (where <dir> is whatever directory you are building in)
[Tue Aug  1 07:54:45 2017] <rain1> thanks! tried it, it didn't change anything
[Tue Aug  1 07:55:42 2017] <Cypi> then I don't think I can help you, sorry :/
[Tue Aug  1 07:56:40 2017] <rain1> how I built it was ./configure then it asks for the directories
[Tue Aug  1 07:56:56 2017] <rain1> and i just kep putting /my/path/out/coq /my/path/out/bin etc.
[Tue Aug  1 07:57:15 2017] <rain1> i can delete this whole thing and build it again, but does anyone know the right way to install it locally so i dont' have to use root?
[Tue Aug  1 07:57:16 2017] <Cypi> If you just do "./configure -local", does it ask for anything?
[Tue Aug  1 07:57:40 2017] <Cypi> Well, that's the way I usually do it: "./configure -local && make"
[Tue Aug  1 07:57:52 2017] <Cypi> It gives me working binaries in the ./bin/ directory
[Tue Aug  1 07:58:01 2017] <rain1> nice let me try!
[Tue Aug  1 07:58:07 2017] <Cypi> but it doesn't ask for any directory, the "./configure -local" just succeeds
[Tue Aug  1 07:58:11 2017] <rain1> it says
[Tue Aug  1 07:58:16 2017] <rain1>   OCaml binaries in           : /usr/bin/
[Tue Aug  1 07:58:16 2017] <rain1>   OCaml library in            : /usr/lib/ocaml
[Tue Aug  1 07:58:29 2017] <Cypi> hmm
[Tue Aug  1 07:58:32 2017] <rain1> oh nvm, thats not where it's going to put things
[Tue Aug  1 07:58:41 2017] <Cypi> yeah, that looks fine
[Tue Aug  1 08:07:21 2017] <rain1> awesome now it works! cheers
[Tue Aug  1 08:07:28 2017] <Cypi> good!
[Tue Aug  1 08:59:54 2017] <rain1> woo just compiled all of VST!
[Tue Aug  1 09:00:01 2017] <rain1> went without a hitch
[Tue Aug  1 09:14:20 2017] <cocreature> is there something like “generalize … at …” which allows me to keep assumptions about the thing I’m generalizing?
[Tue Aug  1 09:14:35 2017] <cocreature> I’m trying to generalize something so that two things which are currently the same can be different but I need the assumptions for both
[Tue Aug  1 09:14:42 2017] <Cypi> looks like remember?
[Tue Aug  1 09:15:05 2017] <Cypi> If they are currently the same, you might need to tweak it more manually though
[Tue Aug  1 09:15:18 2017] <Cypi> (because Coq won't magically select the correct one for each variable)
[Tue Aug  1 09:16:04 2017] <cocreature> is there something like the "at" for "remember" or do I need to do that manually?
[Tue Aug  1 09:17:12 2017] <cocreature> ah looks like I can do that using the goal_occurences stuff
[Tue Aug  1 09:17:55 2017] <cocreature> perfect that works, thanks Cypi!
[Tue Aug  1 09:18:10 2017] <Cypi> really? You can select an occurrence position with this?
[Tue Aug  1 09:18:26 2017] <Cypi> (I was about to suggest using "set", which supports "at", and then clear its body)
[Tue Aug  1 09:18:30 2017] <cocreature> "remember xs' as xs'' in |- * at 1" seems to work
[Tue Aug  1 09:18:38 2017] <Cypi> oh, nice
[Tue Aug  1 09:18:47 2017] <cocreature> found it here https://coq.inria.fr/refman/Reference-Manual010.html#Occurrences_clauses
[Tue Aug  1 09:19:51 2017] <Cypi> thanks, learned something too :)
[Tue Aug  1 10:13:16 2017] <benzrf> in proof general, can i get electric terminator to produce a new line instead of just moving to the next one
[Tue Aug  1 10:13:25 2017] <benzrf> when editing a proof in the middle of a file
[Tue Aug  1 12:32:42 2017] <benzrf> what's the nicest way to prove this? https://i.imgur.com/FFzTh1u.png
[Tue Aug  1 12:33:00 2017] <benzrf> i guess i could just do two destructs, but i feel like there's something more elegant
[Tue Aug  1 13:30:27 2017] <Cale> benzrf: You could write  do 2 (destruct n; inversion G).  if that's any better
[Tue Aug  1 13:31:35 2017] <benzrf> eh
[Tue Aug  1 13:32:27 2017] <Cale> In my experience it's always kind of bleh turning equalities of bool values into something usable.
[Tue Aug  1 13:35:59 2017] <benzrf> :[
[Tue Aug  1 21:12:13 2017] <dh`> benzrf: the only ways I know are destructing and writing a lemma with that specific pattern and then applying it
[Tue Aug  1 21:12:36 2017] <dh`> both of which are messy
[Tue Aug  1 21:12:37 2017] <benzrf> :\
[Tue Aug  1 21:13:13 2017] <dh`> it seems to me that coq ought to either reduce those itself somehow or have a tactic specifically for it
[Tue Aug  1 21:13:38 2017] <Cypi> out of curiosity, if you could write something like "destruct (st X) as [0 | 1 | S (S _)]", would that be satisfying?
[Tue Aug  1 21:13:51 2017] <Cypi> or is it too much input?
[Tue Aug  1 21:14:07 2017] <dh`> not really
[Tue Aug  1 21:14:23 2017] <dh`> it would be an improvement, I guess
[Tue Aug  1 21:15:00 2017] <dh`> but it still generates the cases for the non-matching values
[Tue Aug  1 21:15:08 2017] <Cypi> The non-matching values?
[Tue Aug  1 21:15:21 2017] <dh`> the ones that reduce to true = false
[Tue Aug  1 21:15:24 2017] <Cypi> Ah, you meant for this specific pattern where you have an equality
[Tue Aug  1 21:15:33 2017] <dh`> which in this case can be retired with discriminate, but it isn't always that nice
[Tue Aug  1 21:15:54 2017] <dh`> I've been mucking with something that generates ~850 cases
[Tue Aug  1 21:16:06 2017] <dh`> and they don't all retire nicely up front
[Tue Aug  1 21:16:17 2017] <Cypi> What can be expected from baseline Coq all depends on how you derive your absurdity
[Tue Aug  1 21:16:24 2017] <Cypi> in this case it's easy, as you say
[Tue Aug  1 21:17:12 2017] <dh`> it begins like this:
[Tue Aug  1 21:17:13 2017] <dh`>    intros.
[Tue Aug  1 21:17:14 2017] <dh`>    inversion H; inversion H0; subst; simpl; auto.
[Tue Aug  1 21:17:14 2017] <dh`>    3,7,11,15,19,27,29-36,43: destruct r0.
[Tue Aug  1 21:17:14 2017] <dh`>    21-26,75-80: destruct r4.
[Tue Aug  1 21:17:14 2017] <dh`>    93-104: destruct r3.
[Tue Aug  1 21:17:15 2017] <dh`>    (* whee 239 cases *)
[Tue Aug  1 21:17:41 2017] <Cypi> glad the extendedd goal selectors are of use at least :p
[Tue Aug  1 21:18:17 2017] <dh`> they are, it would be impossible without
[Tue Aug  1 21:18:41 2017] <dh`> it goes on with
[Tue Aug  1 21:18:42 2017] <dh`>    (* some instances of H1 have multiple alts in them *)
[Tue Aug  1 21:18:42 2017] <dh`>    all: try (apply match_alt in H1; destruct H1); auto.
[Tue Aug  1 21:18:42 2017] <dh`>    all: try (apply match_alt in H1; destruct H1); auto.
[Tue Aug  1 21:18:42 2017] <dh`>    all: try (apply match_star_alternate in H1; destruct H1; subst); auto.
[Tue Aug  1 21:18:42 2017] <dh`>    (* wheeeeee 839 cases *)
[Tue Aug  1 21:19:16 2017] <dh`> and then I have 28 versions of all: try (...).
[Tue Aug  1 21:19:35 2017] <dh`> and it goes through, but in addition to being a monumental pain it takes like five minutes to compile this lemma
[Tue Aug  1 21:19:47 2017] <Cypi> yeah, I can understand :/
[Tue Aug  1 21:19:54 2017] <Cypi> the "all: try" are probably really bad
[Tue Aug  1 21:20:49 2017] <dh`> it's a lemma that shows that an optimization pass on a r1|r2 regexp preserves matching semantics
[Tue Aug  1 21:20:52 2017] <dh`> yeah, they are.
[Tue Aug  1 21:21:25 2017] <Cypi> Is your code publicly available somewhere?
[Tue Aug  1 21:21:34 2017] <dh`> not yet
[Tue Aug  1 21:21:36 2017] <Cypi> ok
[Tue Aug  1 21:21:39 2017] <dh`> and it's kinda half baked
[Tue Aug  1 21:21:47 2017] <dh`> but i can stick it somewhere temporarily if you're curious
[Tue Aug  1 21:21:58 2017] <Cypi> I might be curious, but don't expect anything x)
[Tue Aug  1 21:22:13 2017] <Cypi> (don't want to get your hopes up, I will probably not be able to do anything good)
[Tue Aug  1 21:22:36 2017] <dh`> don't waste your time on it
[Tue Aug  1 21:23:04 2017] <dh`> it remains to be seen if the logic that uses the pass is going to be any use
[Tue Aug  1 21:23:37 2017] <dh`> it is trying to match regexps without compiling them by peeling single matched characters off the front of the regexp
[Tue Aug  1 21:23:54 2017] <Cypi> I see
[Tue Aug  1 21:24:16 2017] <dh`> and the basic problem is that the canonicalization pass needed to do that peeling requires 3-4 layer deep matching on the regexp
[Tue Aug  1 21:24:33 2017] <dh`> which means 3-4 layers of destruct, and regexps have lots of cases (six now and potentially more later)
[Tue Aug  1 21:24:50 2017] <Cypi> yeah, I get the idea :/
[Tue Aug  1 21:25:08 2017] <dh`> all the cases go through easily, there are just so damn many and just creating that many cases seems to be slow.
[Tue Aug  1 21:25:54 2017] <dh`> before I split the matching for sequences and alternates off into a separate definition it was far, far worse.
[Tue Aug  1 21:26:05 2017] <Cypi> scary
[Tue Aug  1 21:27:24 2017] <dh`> then just compiling the Function that did the work took forever
[Tue Aug  1 21:27:36 2017] <dh`> not sure why
[Tue Aug  1 21:27:56 2017] <dh`> seems like something must be cubic or worse in the number of nested matches
[Tue Aug  1 21:28:08 2017] <Cypi> You wrote "Function", are you actually using "Function"?
[Tue Aug  1 21:28:14 2017] <dh`> yeah
[Tue Aug  1 21:28:15 2017] <Cypi> or was that just a random capitalization?
[Tue Aug  1 21:28:16 2017] <Cypi> ok
[Tue Aug  1 21:28:51 2017] <dh`> Function seems to be strictly preferable to Fixpoint except when you have something ratty where it doesn't work
[Tue Aug  1 21:30:14 2017] <Cypi> Well, Fixpoint is simple, it doesn't do anything fancy. Function is...more complicated
[Tue Aug  1 21:31:00 2017] <dh`> (and the one of those I've had since I learned enough to have any idea what I was doing... I never got to work)
[Tue Aug  1 21:33:35 2017] <dh`> being able to do functional induction is occasionally critical
[Tue Aug  1 21:33:50 2017] <dh`> also being able to do "rewrite foo_equation" is nice except that I have no idea why foo_equation only appears sometimes
[Tue Aug  1 21:34:41 2017] <Cypi> good to know these features are useful x)
[Tue Aug  1 21:36:32 2017] <dh`> heh :-)
[Tue Aug  1 21:38:03 2017] <dh`> I wonder how feasible it would be to take that match expression and turn it into a big disjunction
[Tue Aug  1 21:39:43 2017] <dh`> something like ((st X = 0) /\ (false = true) \/ ((st X = 1) /\ (false = true)) \/ ((exists k, st X = S (S k)) /\ true = true))
[Tue Aug  1 21:40:03 2017] <dh`> seems probably kinda beyond ltac
[Tue Aug  1 21:40:25 2017] <Cypi> hmm
[Tue Aug  1 21:40:49 2017] <dh`> and not necessarily a big improvement, but then it's at least in a form you can do rewrites on
[Tue Aug  1 21:40:50 2017] <Cypi> in Ltac it looks difficult, indeed
[Tue Aug  1 21:41:56 2017] <Cypi> the problem is being general enough about patterns in the match, so that you can generate "exists k, ..." and so on, don't think you can do that
[Tue Aug  1 21:42:10 2017] <Cypi> in OCaml it shouldn't be too hard though
[Tue Aug  1 21:42:58 2017] <dh`> oh, that reminds me, I had a bug report to file on congruence
[Tue Aug  1 21:43:04 2017] <dh`> I should actually file it.
[Tue Aug  1 21:45:23 2017] <dh`> oh actually that transform would help my cases a lot
[Tue Aug  1 21:45:47 2017] <dh`> I keep getting cases where there's a match on the six regexp constructors and five of the six cases are identical
[Tue Aug  1 21:46:52 2017] <dh`> well, except that the constructors will still end up the logic. pah
[Tue Aug  1 21:47:59 2017] <dh`> I wonder how hard it would be to specifically thread discriminate through that to eliminate all the false = true cases directly
[Tue Aug  1 21:49:40 2017] <dh`> it's a common enough pattern. :-/
[Tue Aug  1 21:50:17 2017] <Cypi> Sorry, I don't have any good suggestion :/
[Tue Aug  1 21:50:27 2017] <dh`> also there's a problem; it won't work if the match cases aren't strictly disjoint
[Tue Aug  1 21:51:26 2017] <dh`> then again, coq doesn't allow that, does it?
[Tue Aug  1 21:51:33 2017] <dh`> anyway I need to make dinner
[Tue Aug  1 21:51:42 2017] <Cypi> match cases that aren't strictly disjoint? It does allow it
[Tue Aug  1 21:51:49 2017] <Cypi> the first case takes precedence
[Tue Aug  1 21:52:06 2017] <Cypi> you can write "match x with O => foo | O => bar | S _ => blah end"
[Tue Aug  1 21:52:11 2017] <dh`> at least sometimes it complains about redundant cases, or is that only if one is entirely unreachable?
[Tue Aug  1 21:52:27 2017] <Cypi> hmm. It may be a Function thing, too
[Tue Aug  1 21:53:12 2017] <Cypi> oh nevermind
[Tue Aug  1 21:53:19 2017] <Cypi> you're right, you actually cannot write what I just wrote
[Tue Aug  1 21:53:37 2017] <Cypi> But still, don't think they need to be strictly disjoint...
[Tue Aug  1 21:57:13 2017] <dh`> I can write
[Tue Aug  1 21:57:14 2017] <dh`> Definition bar (x y: nat): nat := match x, y with
[Tue Aug  1 21:57:14 2017] <dh`> | S a, b => 1 + a * b
[Tue Aug  1 21:57:14 2017] <dh`> | a, S b => 2 + a * b
[Tue Aug  1 21:57:14 2017] <dh`> | 0, 0 => 0
[Tue Aug  1 21:57:17 2017] <dh`> end.
[Tue Aug  1 21:57:21 2017] <dh`> but it expands it internally
[Tue Aug  1 21:58:45 2017] <Cypi> yeah, the only pattern-matching the kernel is aware of is the very basic one: one variable, and an exhaustive list of cases
[Tue Aug  1 21:58:50 2017] <Cypi> (and no deep patterns)
[Tue Aug  1 21:58:57 2017] <Cypi> everything else is compiled down to something like this
[Tue Aug  1 22:00:22 2017] <dh`> in that case it should be ok by the time one tries to apply this hypothetical tactic to a proof
[Tue Aug  1 22:03:48 2017] <dh`> then again, the fragment that started this contains S (S _) and not "match k with | 0 => false | S k' => match k' with 0 => false | S k'' => true"
[Tue Aug  1 22:05:08 2017] <dh`> so it must be getting refolded at least for display
[Tue Aug  1 22:05:26 2017] <dh`> anyway, dinnertime
[Tue Aug  1 22:06:05 2017] <Cypi> There are still some stuff in place so that it can be refolded, yes
[Tue Aug  1 22:06:44 2017] <Cypi> is*
[Tue Aug  1 22:41:37 2017] <dh`> hrm, is ocaml hiding a unicode string module somewhere? the docs have Uchar but no strings for them
[Tue Aug  1 22:42:57 2017] <dh`> apparently not
[Tue Aug  1 22:42:58 2017] <dh`> sigh.
[Wed Aug  2 00:42:41 2017] <dh`> is there a tactic like discriminate that instead rewrites true = false (or whatever) to False?
[Wed Aug  2 11:58:59 2017] <rain1> are VST and guru related? what other tools are used to write and verify C programs?
[Wed Aug  2 14:26:49 2017] <ertes-w> how do i apply an implicit argument explicitly?
[Wed Aug  2 14:38:22 2017] <notnotdan> ertes-w: you can use the @ notation
[Wed Aug  2 14:38:27 2017] <ertes-w> ah, thanks
[Wed Aug  2 14:38:30 2017] <notnotdan> apply (@lem x1 x2 .. ).
[Wed Aug  2 14:38:58 2017] <ertes-w> also is there a way to have anonymous sections?  i mostly use Section for Context and Variable
[Wed Aug  2 14:39:52 2017] <notnotdan> Not as far as I know.
[Wed Aug  2 14:43:32 2017] <ertes-w> hmm, too bad…  thanks
[Wed Aug  2 14:45:48 2017] <ertes-w> what's the syntax to give a particular implicit argument by name?  basically the equivalent to agda's "f {x = y}"
[Wed Aug  2 14:49:39 2017] <notnotdan> Sometimes when I do `apply (f (x:=y))` and it works
[Wed Aug  2 14:49:57 2017] <notnotdan> but sometimes I do something like that and it doesn't work :]
[Wed Aug  2 14:50:13 2017] <notnotdan> I think the order of argument is also important
[Wed Aug  2 14:52:16 2017] <ertes-w> hah, that worked =)
[Wed Aug  2 14:52:17 2017] <ertes-w> thanks
[Wed Aug  2 14:53:49 2017] <ertes-w> i'm probably doing this a lot more complicated than necessary
[Wed Aug  2 14:54:40 2017] <ertes-w> http://lpaste.net/8833383740748070912
[Wed Aug  2 14:57:37 2017] <ertes-w> my Category class is basically parameterised over equivalence and composition, because everything else follows from those, at least in theory
[Wed Aug  2 14:58:42 2017] <ertes-w> (if a semigroupoid is a category, it's easy to prove that it's a *unique* category)
[Wed Aug  2 14:59:53 2017] <ertes-w> (and yes, my Semigroupoid class isn't complete yet…  i'm missing one further axiom)
[Wed Aug  2 21:25:07 2017] <erisco> are there examples of using Coq as a service for another program? somewhat like Z3 in the sense you can throw stuff at it and it gives you answers
[Wed Aug  2 21:25:30 2017] <erisco> so for Coq I want to throw programs at it and have it tell me either the type errors or that it is good
[Wed Aug  2 21:29:03 2017] <erisco> probably this can be done with any sort of IDE support program, if Coq has one
[Wed Aug  2 21:38:34 2017] <erisco> yes, you could just invoke the Coq compiler, but the issue is having machine readable output, especially for errors
[Thu Aug  3 04:12:33 2017] <cocreature> I’ve probably asked this before but I don’t think I’ve gotten an answer so I’ll try again: Is there a way to name the results of an inversion by providing only a list of names for the cases that I know can occur instead of a list for all cases?
[Thu Aug  3 04:12:50 2017] <cocreature> it’s annoying to write a really long list if I know there will be only one case
[Thu Aug  3 04:40:01 2017] <dh`> not that I know of, but that doesn't prove much
[Thu Aug  3 04:45:12 2017] <cocreature> I guess for the very common cases I could use separate lemmas that cover only that one case but that’s a bit annoying
[Fri Aug  4 00:01:04 2017] <ringer1> New to coq and want to give a tern a name
[Fri Aug  4 00:02:16 2017] <ringer1> I have a Hypothoses in the same form as my goal but theres a simple name in the Hyp, and a term (always the same) in all the same places of the goal
[Fri Aug  4 00:02:59 2017] <ringer1> Anyone here?
[Fri Aug  4 00:04:15 2017] <Cypi> "set (name := term)." can do the job
[Fri Aug  4 00:04:20 2017] <Cypi> (if I got your question right)
[Fri Aug  4 00:04:43 2017] <ringer1> like set m := n + 1.    ??
[Fri Aug  4 00:05:11 2017] <Cypi> for You need the parentheses
[Fri Aug  4 00:05:15 2017] <Cypi> -for
[Fri Aug  4 00:05:23 2017] <Cypi> So "set (m := n + 1).", for instance
[Fri Aug  4 00:05:37 2017] <ringer1> let me try that and see if I make progress.
[Fri Aug  4 00:05:38 2017] <ringer1> thx
[Fri Aug  4 00:05:50 2017] <Cypi> but to be able to apply yor hypothesis, you will still need to have a reason for the name in your hypothesis and this term to be equal
[Fri Aug  4 00:07:49 2017] <ringer1> That did exactly what I intended but my thinking was wrong as it didn't seem to help.
[Fri Aug  4 00:08:54 2017] <ringer1> I have a hypo, that has the same form as the goal, but the variables have differnt names -- though they match as a pattern. I though this would let me must do:  assumption. but it doesn't work.
[Fri Aug  4 00:09:31 2017] <Cypi> If your hypothesis is saying something about a specific variable, it has no reason to be true about any other variable/term
[Fri Aug  4 00:09:56 2017] <Cypi> For instance you can't prove: "forall n m, n = 0 -> m = 0"
[Fri Aug  4 00:10:09 2017] <Cypi> If in your context you have "H : n = 0", it doesn't say anything about m
[Fri Aug  4 00:11:21 2017] <ringer1> I wanted to do something like  "H: fun1 n = fun2 n      and the goal is like:    fun1 m = fun2 m.
[Fri Aug  4 00:11:37 2017] <ringer1> I changed it some but that's the type of pattern match I have.
[Fri Aug  4 00:11:51 2017] <Cypi> Same thing, H is talking about n, not m
[Fri Aug  4 00:12:17 2017] <Cypi> If you want to be more specific about what you are trying to prove, don't hesitate. Maybe you can prove it differently (or maybe you can't, it happens)
[Fri Aug  4 00:12:23 2017] <ringer1> well thx , that will at least keep me from driving myself nuts
[Fri Aug  4 00:13:07 2017] <ringer1> I was being a bit vague because I didn't want the answer, hacking my way through Software Founddations CH.4 induction
[Fri Aug  4 00:13:19 2017] <Cypi> Ah right :)
[Fri Aug  4 00:13:34 2017] <Cypi> at least you know it's provable if it says so
[Fri Aug  4 00:14:46 2017] <ringer1> I have IH:   double n' = n' + n'          Goal:  double (S n') = S n' + S n'     or      double m = m + m (after that set you gave me)
[Fri Aug  4 00:15:23 2017] <ringer1> I can see perfectly well it's true but can't figure out how to make progress on it.
[Fri Aug  4 00:15:54 2017] <Cypi> what you can do is start by simplifying your goal
[Fri Aug  4 00:16:05 2017] <Cypi> the term "double (S n')" can be evaluated to something better
[Fri Aug  4 00:16:22 2017] <ringer1> ok, let me try -- I stopped that because simpl. made it look worse.
[Fri Aug  4 00:24:14 2017] <ringer1> simpl. added S around left and combined the right.  I don't have very good intuitions yet but looks a lot worse to me.
[Fri Aug  4 00:24:42 2017] <Cypi> You should be at something like "S (S (double n')) = S (n' + S n')", right?
[Fri Aug  4 00:24:50 2017] <ringer1> S (S (double n')) = S (n' + S n') is now the goal.
[Fri Aug  4 00:24:57 2017] <ringer1> Yes
[Fri Aug  4 00:25:05 2017] <Cypi> Now, the good thing is that you can use your induction hypothesis
[Fri Aug  4 00:25:16 2017] <Cypi> since it talks precisely about "double n'"
[Fri Aug  4 00:25:20 2017] <ringer1> Every time I reached here, I gave up.
[Fri Aug  4 00:25:42 2017] <ringer1> ok, trying
[Fri Aug  4 00:35:41 2017] <ringer1> First goal after the induction was trivial, but the 2nd looks like I am just going in a circle with different variable names
[Fri Aug  4 00:37:00 2017] <Cypi> What did you do, from "S (S (double n')) = S (n' + S n')"?
[Fri Aug  4 00:38:47 2017] <ringer1> induction n' as [|m IHm].   1) trivial goal  2) looks worse
[Fri Aug  4 00:39:32 2017] <Cypi> I meant, after the simpl, you have "S (S (double n')) = S (n' + S n')", and then I suggested you used your induction hypothesis
[Fri Aug  4 00:39:36 2017] <Cypi> so what did you try?
[Fri Aug  4 00:39:58 2017] <ringer1> that induction
[Fri Aug  4 00:40:06 2017] <ringer1> induction n' as [|m IHm].
[Fri Aug  4 00:40:29 2017] <ringer1> Goal became:  S (S (double (S m))) = S (S m + S (S m)
[Fri Aug  4 00:40:35 2017] <Cypi> Well, that's not using your induction hypothesis. In this case, you don't need to do another induction, as you say you would just be going in circle
[Fri Aug  4 00:41:02 2017] <Cypi> In your context you know that "IH: double n' = n' + n'". So what you can do is rewrite "double n'" to "n' + n'" in your goal
[Fri Aug  4 00:41:06 2017] <ringer1> oh, I misunderstood and use the tactic --
[Fri Aug  4 00:42:26 2017] <ringer1> I may have it now, but I though this was something I tried a long time ago.
[Fri Aug  4 00:44:44 2017] <ringer1> rewriting removed the double so now I just have a bunch of S terms.....working on it.
[Fri Aug  4 00:45:01 2017] <ringer1> Ok, got it.  thx.  I had two lemmas already that simplified that out for me
[Fri Aug  4 00:45:11 2017] <ringer1> thx.
[Fri Aug  4 00:45:14 2017] <Cypi> Yup, I think this was intended by the book :)
[Fri Aug  4 00:45:37 2017] <ringer1> One of them I built myself for remove outer S () = S ()
[Fri Aug  4 00:45:56 2017] <Cypi> Just in case, there is a tactic for that: f_equal
[Fri Aug  4 00:45:57 2017] <ringer1> Not sure if I really needed it but it seemed simpler to me
[Fri Aug  4 00:46:22 2017] <Cypi> whenever you need to prove "f x y z = f x' y' z'", the tactic f_equal will ask you to prove the goals "x = x'", "y = y'" and so on
[Fri Aug  4 00:46:40 2017] <ringer1> cool, it did the same thing as what I built.
[Fri Aug  4 00:47:10 2017] <ringer1> That sort of makes me feel better if I am building and using things that are standard without first knowing about them.
[Fri Aug  4 00:47:25 2017] <ringer1> FYI:  I am not in school, but I am trying to do this without cheating.
[Fri Aug  4 00:49:05 2017] <ringer1> Ok, mine were exact, so f_equal just removed the wrap for me
[Fri Aug  4 00:49:33 2017] <ringer1> but I see how it would do what you say if they weren't obviously equal in each variable
[Fri Aug  4 00:50:15 2017] <ringer1> So, I didn't build exactly f_equal, just a very special case
[Fri Aug  4 00:51:29 2017] <ringer1> thx Cypi -- must appreciated.  Going to bed now, have a good one.
[Fri Aug  4 00:51:46 2017] <ringer1> s/must/much/  appreciated.
[Fri Aug  4 00:53:35 2017] <Cypi> No problem, good night
[Fri Aug  4 01:02:06 2017] <ringer1> what part of the world are you in?
[Fri Aug  4 09:58:04 2017] <ringer1> I prefer not to use auto. because I am learning, but I have been using it to check if there was likely an easy way forward.  Reading last chapters in SF/Pierce indicates auto ONLY does reflexivity, assumption, and apply so it would seem if auto works then at least one of these (followed by others) much work, correct?
[Fri Aug  4 10:06:04 2017] <benzrf> ringer1: i think it depends on some stuff, but im no expert on how auto works
[Fri Aug  4 10:11:16 2017] <Cypi> assumption is just apply an hypothesis, and reflexivity is applying eq_refl, so you can subsume this by: auto uses apply with a number of terms, including hypotheses in context, and a bunch of other lemmas
[Fri Aug  4 10:12:27 2017] <Cypi> If you want to know what auto did instead of guess, you can either use "info_auto", or take a look at the term that was produced with "Show Proof."
[Fri Aug  4 10:21:04 2017] <ringer1> Cypi thx, I was looking for Show Proof but I don't seem to understand where/how to execute info_auto
[Fri Aug  4 10:22:04 2017] <Cypi> Instead of auto
[Fri Aug  4 10:22:14 2017] <Cypi> You just write info_auto where you would have written auto
[Fri Aug  4 10:23:47 2017] <ringer1> Show Proof, I didn't fully understand hte output but it showed me a lamba:  (fun (n m : nat) (H: S n = S m) => eq_add_S n am H)
[Fri Aug  4 10:23:55 2017] <ringer1> Ok, instead of auto.
[Fri Aug  4 10:24:21 2017] <Cypi> So, unless it's you, auto probably used eq_add_S
[Fri Aug  4 10:24:34 2017] <ringer1> Ok, that made more sense.  apply eq_add_S was the key
[Fri Aug  4 10:25:01 2017] <ringer1> auto did that -- I didn't know eq_add_S or remember it if I did.
[Fri Aug  4 10:25:38 2017] <Cypi> So lemmas are added by default to the set of lemmas that auto can use
[Fri Aug  4 10:25:40 2017] <Cypi> Some*
[Fri Aug  4 10:27:05 2017] <ringer1> I had used "auto" to prove something and wanted to remove it -- I did that now with your help to apply eq_add_S.  Not sure where ea_add_S came from though.
[Fri Aug  4 10:27:32 2017] <ringer1> wanted to remove auto, and have a proof I understood.
[Fri Aug  4 11:26:23 2017] <dh`> eq_add_S is from the standard library; you can find it with Search (S _ = S _).
[Fri Aug  4 11:26:43 2017] <dh`> also, as a general matter of convenience I wish auto also did "try discriminate; try contradiction"
[Fri Aug  4 13:21:37 2017] <ringer1> dh` thanks to you also
[Sat Aug  5 00:29:25 2017] <ringer1> Still hacking my way through SF/LF Chapter 4.  Wonder how much I am really learning by hacking at these problem until I get them. Any thoughts?
[Sat Aug  5 00:31:50 2017] <efm> ringer1: that's a good way to learn. reading without doing leads to faux learning
[Sat Aug  5 00:36:53 2017] <ringer1> thx efm -- It's at least true that I'm learning MORE than if I were only reading
[Sat Aug  5 00:37:23 2017] <johnw> ringer1: you're learning if you're paying attention to why and how you're able to get through
[Sat Aug  5 00:38:10 2017] <ringer1> johnw ok, I suppose it's going to be necessary to run through them all again from scratch
[Sat Aug  5 00:38:23 2017] <johnw> or find other, more interesting problems to tackle
[Sat Aug  5 00:38:35 2017] <johnw> I never finished SF because I find real things to hack on instead
[Sat Aug  5 00:38:40 2017] <johnw> but it's a great place to start
[Sat Aug  5 00:38:54 2017] <ringer1> I was wondering about that -- or easier ones -- although these are probably pretty easy even if difficult for me
[Sat Aug  5 00:39:59 2017] <ringer1> Our Haskell group started a Proofs/Type/CatTheory study group using SF first -- I'd been working on learning Categories for a few months so joined
[Sat Aug  5 00:40:36 2017] <ringer1> I had no idea really WHY to do this, but in some ways it's fun -- would be more fun if I could see ahead a step or two more.
[Sat Aug  5 00:41:57 2017] <johnw> there's a pretty big world of verified software out there
[Sat Aug  5 00:42:10 2017] <ringer1> Please don't tell answer:  just tell me if this is progress -- it looks circular to me   plus_comm
[Sat Aug  5 00:42:11 2017] <johnw> that's what the recent DeepSpec summer school was all about; and it's course videos are available online now
[Sat Aug  5 00:42:26 2017] <johnw> why is plus_comm circular?
[Sat Aug  5 00:43:04 2017] <ringer1> Prove: n + m = m + n      versus my current   S n + S n' = S n' + Sn
[Sat Aug  5 00:43:16 2017] <ringer1> (I hadn't finished question sorry)
[Sat Aug  5 00:43:46 2017] <ringer1> To me that looks like I am just proving the same thing I started to prove (after a bunch of work)
[Sat Aug  5 00:44:04 2017] <johnw> looks like you inducted on both n and m
[Sat Aug  5 00:44:24 2017] <ringer1> I did, is that generally?  a mistake?
[Sat Aug  5 00:44:46 2017] <johnw> yeah, it's pretty rare to need double induction
[Sat Aug  5 00:45:05 2017] <johnw> the first induction gives you something you can rewrite with, if you just prepare the goal for it to work
[Sat Aug  5 00:45:08 2017] <ringer1> Ok, I'll retry -- maybe that's the source of much of my trouble -- I did that in a lot of them.
[Sat Aug  5 00:45:18 2017] <ringer1> retrying...
[Sat Aug  5 00:45:24 2017] <johnw> if you think of programming, induction is like a recursive call
[Sat Aug  5 00:45:33 2017] <johnw> usually you just recurse on one argument, not multiple
[Sat Aug  5 00:54:47 2017] <ringer1> johnw thx. ok, makes sense.  went back with single induction and only flailed a little proving plus_comm.  Pretty straightfoward compared with earlier attempts.
[Sat Aug  5 00:55:33 2017] <ringer1> Pierce said, "hacking is ok, about 5 minutes" :) so it took me 9 minutes -- probably 5 just hacking a bit. :)
[Sat Aug  5 00:56:03 2017] <johnw> you could also try doing it without tactics, though using the eq_ind function directly takes some getting used to
[Sat Aug  5 00:58:16 2017] <ringer1> I have not idea how to do that (I could learn but it means nothing to me right now)
[Sat Aug  5 00:58:21 2017] <ringer1> no idea
[Sat Aug  5 00:58:47 2017] <johnw> the only reason I say is that it's very helpful to know what tactics are actually doing
[Sat Aug  5 00:58:55 2017] <johnw> makes it easier to pick them, or intuit how they should be used
[Sat Aug  5 00:59:15 2017] <ringer1> Makes sense -- are there any sources that teach that explicitly do you know?
[Sat Aug  5 00:59:33 2017] <johnw> not really, actually
[Sat Aug  5 00:59:45 2017] <johnw> this is something that would be valuable to write up
[Sat Aug  5 01:03:04 2017] <ringer1> I found a couple of tutorials that said things like "If you have this, use this..." which is sort of that you are saying but WITH tactics
[Sat Aug  5 01:03:10 2017] <johnw> right
[Sat Aug  5 01:03:16 2017] <ringer1> BTW, I walked through the next proof pretty easily
[Sat Aug  5 01:03:27 2017] <ringer1> 4 minutes this time
[Sat Aug  5 01:03:39 2017] <ringer1> plus_assoc
[Sat Aug  5 01:03:58 2017] <ringer1> so the suggestion to stop doing multiple induction was probably much of my problem
[Sat Aug  5 01:04:11 2017] <ringer1> It worked once and I just kept doing it.
[Sat Aug  5 01:04:18 2017] <ringer1> thx
[Sat Aug  5 01:06:35 2017] <johnw> sure
[Sat Aug  5 01:12:13 2017] <johnw> here's the proof without tactics: https://gist.github.com/1ecdd0106959044a233a9e8a8223b31b
[Sat Aug  5 01:12:26 2017] <johnw> I included one use of eq_ind instead of the notation 'rew' just to show what 'rew' desugars into
[Sat Aug  5 01:12:46 2017] <johnw> that's what gets called when you use "rewrite" in a propositional context
[Sat Aug  5 01:13:03 2017] <johnw> but you can see the "induction hypothesis" being used here, it's just a recursive call
[Sat Aug  5 01:14:54 2017] <ringer1> ok, reading it now
[Sat Aug  5 01:17:15 2017] <johnw> night time for me; enjoy!
[Sat Aug  5 01:17:25 2017] <ringer1> the underscores on the right let coq fill in types (mostly?)
[Sat Aug  5 01:17:43 2017] <ringer1> Me too, I only stayed to talk -- night, thx again
[Sat Aug  5 02:00:55 2017] <dh`> often if you think you need to induct on two things, it's sufficient to induct on one and destruct the other
[Sat Aug  5 02:04:55 2017] <dh`> also, if you're getting useless induction hypotheses (e.g. things like x :: xs = xs -> ...)
[Sat Aug  5 02:05:43 2017] <dh`> most of the time these can be rectified by manipulating which things are intro'd
[Sat Aug  5 07:33:35 2017] <ringer1> thx dh`
[Sat Aug  5 17:29:19 2017] <ringer1> In CoqIde, I wrote and assert with {curly braces} which turns YELLOW after the closing brace but the runs the next tactic just fine (green).  What does this mean?  I believe I made an error but haven't seen this before.
[Sat Aug  5 17:29:58 2017] <Cypi> Something hilighted in yellow means that it was admitted. Have you used "admit" or something like this?
[Sat Aug  5 17:30:16 2017] <Cypi> highlighted*
[Sat Aug  5 17:30:24 2017] <ringer1> No.  did not visibly or intentionally use admit.
[Sat Aug  5 17:31:42 2017] <Cypi> Hmm. Then I am not sure
[Sat Aug  5 17:31:46 2017] <ringer1> did only a rewrite with previously proven theorem in the curly braces:  { rewrite mult_S_1. }  closing brace and space to left turned yellow
[Sat Aug  5 17:32:01 2017] <Cypi> might just be a bug of CoqIDE
[Sat Aug  5 17:32:27 2017] <ringer1> It acts like it wants something in there, but the closing . period is present and it greens up otherwise.
[Sat Aug  5 17:32:30 2017] <Cypi> somtimes the coloring and the text are out-of-sync, and it is fixed if you just change a bit the lines
[Sat Aug  5 17:33:00 2017] <ringer1> Ok, already put it on separate line and all the spaces to the close brace went yellow also.
[Sat Aug  5 17:33:30 2017] <ringer1> I might be stuck, and it looked like maybe i'd done something wrong to get there.
[Sat Aug  5 17:34:01 2017] <ringer1> thx
[Sat Aug  5 17:34:58 2017] <dh`> try restarting coqide?
[Sat Aug  5 17:35:10 2017] <dh`> it's not 100% bug-free
[Sat Aug  5 17:38:03 2017] <ringer1> ok
[Sat Aug  5 17:40:02 2017] <ringer1> same thing, it also looks like I've ended up with an impossible to prove goal
[Sat Aug  5 17:40:53 2017] <ringer1> I think    m = S n would need to be true of all m n and that makes no sense to me
[Sat Aug  5 17:53:33 2017] <tyrokroketa> Is it possible to prove that BigQ.eq_bool x y -> Logic.eq x y ?
[Sat Aug  5 17:54:20 2017] <tyrokroketa> I'm trying to prove that BigQ is a MathComp eqType, but I haven't been able to find any related lemma
[Sat Aug  5 17:58:39 2017] <Cypi> I've never really used BigQ, but it seems to be defined as "Inductive t_ : Type :=  Qz : bigZ -> BigQ.t_ | Qq : bigZ -> bigN -> BigQ.t_". So no, without an axiom it is not possible to prove
[Sat Aug  5 17:59:04 2017] <Cypi> (because for instance 1/2 == 2/4, but 1/2 <> 2/4)
[Sat Aug  5 18:00:07 2017] <tyrokroketa> Ah, that's right
[Sat Aug  5 18:03:36 2017] <dh`> it would be nice if there were an intermediate concept of equality between the strict structural equality and what you can do with Equivalence
[Sat Aug  5 18:03:50 2017] <dh`> but I'm not sure what or how to frame it :-)
[Sat Aug  5 18:06:46 2017] <Cypi> ideally, you could have a higher inductive type so that you can directly define the relevant equality for your type
[Sat Aug  5 18:06:50 2017] <Cypi> but it's complicated :)
[Sat Aug  5 18:09:14 2017] <dh`> that sounds likely to make my head hurt :-)
[Sat Aug  5 18:10:58 2017] <dh`> the problem with Equivalence, or I guess more accurately Proper, is that you have to prove it separately for every context something appears in, and for anything general like a number implementation there are tons of those
[Sat Aug  5 18:12:39 2017] <dh`> offhand it seems like what one would want is some more specific way to seal an abstraction layer, and then define/prove an equality that can be used like = as long as you don't unseal
[Sat Aug  5 18:43:07 2017] <dh`> alternatively, I wonder if it would make sense to have abstract data types
[Sat Aug  5 18:47:06 2017] <Cypi> The Coq version of HoTT already uses this kind of trick to simulate higher inductive types
[Sat Aug  5 18:47:18 2017] <Cypi> private modules and whatnot, I don't know much about it
[Sat Aug  5 18:47:59 2017] <dh`> something like an abstract Q that has no structural representation and whose semantics are defined by a refinement to Qz
[Sat Aug  5 18:48:06 2017] <dh`> plus some kind of consistency proof
[Sat Aug  5 18:50:43 2017] <dh`> then you could say q1 = q2 and mean numeric equality, but I guess it would be a lot of thrashing.
[Sat Aug  5 22:05:55 2017] <ringer1> what does "simple apply eq_sym" mean/do?  I found this by using info_auto -- if I understood it then it would probably be Ok.
[Sat Aug  5 22:07:02 2017] <Cypi> This is like "apply eq_sym", but performs less conversion to check if you can apply your lemma
[Sat Aug  5 22:07:16 2017] <Cypi> so basically you can just write "apply eq_sym"
[Sat Aug  5 22:17:39 2017] <ringer1> Ok.  got simple twice and neither was needed.  So I got mult_comm down to where: auto worked, then using that got it to:  apply eq_sym. trivial.   THEN info_trivial: got me the proof:  apply eq_sym. apply mult_n_Sm.
[Sat Aug  5 22:17:57 2017] <ringer1> But it feels like cheating.  I fought this for a couple of hours probably though.
[Sat Aug  5 22:19:03 2017] <ringer1> Not even sure if I should have used mult_n_Sm which is from core -- not something I built.
[Sat Aug  5 23:10:22 2017] <ringer1> How is Coq applying the:  assumption in this proof, it completes but I don't know how to read it.   https://gist.github.com/HerbM/caaa7d36760162e000470f55b883de80
[Sat Aug  5 23:17:16 2017] <Cypi> "leb (S p + n) (S p + m)" -> "leb (S (p + n)) (S (p + m))" -> "leb (p + n) (p + m)"
[Sat Aug  5 23:17:27 2017] <Cypi> so your goal and the type of IHp are convertible
[Sat Aug  5 23:17:36 2017] <Cypi> if you do "simpl", you'll see it
[Sat Aug  5 23:38:32 2017] <ringer1> ok
[Sat Aug  5 23:39:57 2017] <ringer1> well I guess the lesson you just taught me is:  If you try something easy and don't see it, then use simpl.
[Sat Aug  5 23:42:39 2017] <ringer1> thx again.
[Sun Aug  6 11:06:23 2017] <sproingie> i'm starting out with the software foundations book and browsing the chapters in Proof General... but how do i actually *use* this PG thing to run commands, check proofs, etc?
[Sun Aug  6 11:07:05 2017] <sproingie> it behaves like no language mode i've ever seen before, can't see any kind of keybinding to send expression/region
[Sun Aug  6 13:52:15 2017] <bartavelle> .users
[Sun Aug  6 13:53:40 2017] <bartavelle> hello, I am a coq newbie, and would like to know if there is a way to rewrite or apply inside "fun" lambdas that are in goals ?
[Sun Aug  6 14:13:36 2017] <Dodek> bartavelle: what does your goal and hypotheses look like?
[Sun Aug  6 14:17:58 2017] <sgnb> bartavelle: rewriting under lambdas might need some axioms, so in general no
[Sun Aug  6 14:36:37 2017] <dh`> if rewrite won't go, then you have to explode the thing and rewrite the fragments
[Sun Aug  6 14:55:19 2017] <Dodek> destructing the argument to the lambda tended to help me
[Sun Aug  6 14:55:25 2017] <Dodek> as then lambda gets simplified
[Sun Aug  6 14:55:37 2017] <Dodek> or at least allows you to prove stuff about the lambda
[Sun Aug  6 17:06:25 2017] <bartavelle> humm
[Sun Aug  6 17:06:36 2017] <bartavelle> not sure I understand most of that advice :)
[Sun Aug  6 17:06:49 2017] <bartavelle> I think I'll work throught software foundations a bit more
[Sun Aug  6 17:13:33 2017] <bartavelle> my goal looks like : (fun (r : R) (sw : S * W) => fmap idf (m r sw)) = m
[Sun Aug  6 17:13:41 2017] <bartavelle> where idf is the identity function
[Sun Aug  6 17:14:29 2017] <bartavelle> and m being a functor, I should be able to drop the "fmap idf" part, except I don't know how to apply  the relevant theorem inside the fun
[Sun Aug  6 17:46:13 2017] <dh`> equality of functions is fairly deep water
[Mon Aug  7 02:16:52 2017] <bartavelle> yeah, it seems I chewed more  than I could swallow here
[Mon Aug  7 02:26:40 2017] <dh`> oh well :-/
[Mon Aug  7 03:07:09 2017] <bartavelle> perhaps more mundane, here http://lpaste.net/357476 , how to apply em in H ?
[Mon Aug  7 03:09:43 2017] <Cypi> The easier way is to just use excluded middle on "P x"
[Mon Aug  7 03:09:57 2017] <Cypi> (you first need to introduce x of course)
[Mon Aug  7 03:10:50 2017] <bartavelle> I just noticed I could destroy em, but  will try that first
[Mon Aug  7 03:10:57 2017] <bartavelle> destruct
[Mon Aug  7 03:15:03 2017] <bartavelle> thanks, that worked
[Mon Aug  7 03:16:46 2017] <dh`> what does coq do with divides by zero?
[Mon Aug  7 03:17:23 2017] <dh`> it occurred to me to wonder this afternoon because generally code objects in coq don't have explicit preconditions
[Mon Aug  7 03:17:47 2017] <dh`> and mostly that works because the environment has been safe-ified (although it's occasionally annoying)
[Mon Aug  7 03:18:24 2017] <Cypi> it happens to return 0 in the case of natural numbers, for instance
[Mon Aug  7 03:18:41 2017] <Cypi> then most theorems will be prefixed with the adequate precondition
[Mon Aug  7 03:18:50 2017] <dh`> hmm
[Mon Aug  7 03:18:53 2017] <dh`> right
[Mon Aug  7 03:18:59 2017] <dh`> I suppose that shouldn't surprise me
[Mon Aug  7 03:19:34 2017] <dh`> given that it's consistent with the general model everything uses
[Mon Aug  7 03:19:51 2017] <dh`> but it seems kind of disconcerting, too.
[Mon Aug  7 03:20:24 2017] <Cypi> It is no different than "pred 0" returning 0 too, for instance
[Mon Aug  7 03:22:28 2017] <dh`> true, or how List.nth insists on being given a value to return in case the list isn't long enough
[Mon Aug  7 03:22:43 2017] <dh`> that one is less disconcerting but more annoying in practice :-)
[Mon Aug  7 03:24:19 2017] <dh`> I got my regexp proofs mostly finished last night, btw
[Mon Aug  7 03:24:32 2017] <Cypi> You can always use nth_error or write your own version that takes a proof of non-emptiness, but yes, there has to be a catch whatever way you choose
[Mon Aug  7 03:28:53 2017] <dh`> carrying around proofs is a lot more natural in some ways, but it also makes things a lot more painful
[Mon Aug  7 03:29:09 2017] <dh`> particularly in coq because it's not set up to cope, but in general too
[Mon Aug  7 03:29:44 2017] <Cypi> Program can help a little. You can write functions which takes sigma types
[Mon Aug  7 03:29:49 2017] <Cypi> and use them nearly normally
[Mon Aug  7 03:29:57 2017] <Cypi> take*
[Mon Aug  7 03:32:20 2017] <dh`> I have been thinking about how one might set up a framework that handles concurrent programs directly
[Mon Aug  7 03:32:28 2017] <dh`> (because I'm a glutton for punishment, or something)
[Mon Aug  7 03:35:26 2017] <dh`> and it seems like everything goes to hell the moment the hoare logic comes out
[Mon Aug  7 03:35:50 2017] <dh`> even without concurrencly (comparatively speaking, anyway)
[Mon Aug  7 03:36:40 2017] <dh`> and I realized that coq avoids this not because it's functional but because it's supersafe :-)
[Mon Aug  7 03:38:31 2017] <dh`> but it's unlikely that I'm going to have time to do anything substantive along these lines.
[Mon Aug  7 09:57:11 2017] <numee> hi, I started learning Coq just a few days ago and I'm wondering if it's easily provable that #{f | f : X -> Y} = #Y^#X . If it's easy, I think I'll give some thought to it. I don't want to waste time trying to solve a very difficult problem
[Mon Aug  7 10:00:00 2017] <Cypi> I'm not an expert, but I would guess that it all depends on your reprensentation of sets.
[Mon Aug  7 10:03:03 2017] <darktenaibre> (and functions and functional extensionality ? is this ssreflect ?)
[Mon Aug  7 10:04:32 2017] <numee> what is a representation of sets?
[Mon Aug  7 10:09:00 2017] <darktenaibre> { _ | _ } and #_ are not primitive constructs and we don't know how they are implemented if you do not give more details
[Mon Aug  7 10:12:34 2017] <darktenaibre> Without knowing what they are, it's hard to guage how bureaucratic a formal proof would get. As for the high-level strategy for proving the statement itself, it's likely to be the same whatever the implementation details are and not too complicated, but I guess you don't want to be spoiled :)
[Mon Aug  7 10:20:46 2017] <numee> I thought it was obvious but by "#{f | f : X -> Y} = #Y^#X", I meant that "for finite sets X and Y, the number of total functions from X to Y is the number of elements in Y to the power of the number of elements in X"
[Mon Aug  7 10:21:40 2017] <Cypi> oh, you meant in general
[Mon Aug  7 10:23:04 2017] <Cypi> My guess would be that it's not trivial from scratch: you need to formalize sets, ordinal numbers, cardinal numbers, and only then you can state what you want to prove. But there are formalizations of set theory which already exist and certainly contain this kind of proofs
[Mon Aug  7 10:23:35 2017] <Cypi> (CoLoR probably has something like this, maybe ssreflect)
[Mon Aug  7 10:26:55 2017] <numee> hmm ... i'd like to prove only with rudimentary tactics for the time being so i'll keep it untouched. good to know it's not trivial, thanks
[Mon Aug  7 17:14:02 2017] <ringer1> numee I started Coq about 2 weeks ago, doing first 4 chapters of SF and Cypi dh` and some other kinds folks have helped me quite a bit
[Mon Aug  7 21:05:09 2017] <dh`> nothing is trivial without its accompanying framework (pretty much)
[Tue Aug  8 19:10:17 2017] <[1]ringer1> Hacked through SF Ch. 4 except for part of the last one, it says the proof is difficult.
[Tue Aug  8 21:52:09 2017] <xcmw> Does anyone know how to get the code from software foundations to compile? It uses unicode characters like → instead of ->.
[Tue Aug  8 21:53:51 2017] <Cypi> If you click the Download button on https://softwarefoundations.cis.upenn.edu/current/index.html, you will get an archive which contains, among other things, one .v file per chapter
[Tue Aug  8 21:53:57 2017] <Cypi> these .v files do not contain unicode characters
[Tue Aug  8 21:54:12 2017] <Cypi> (and the html files are actually produced from these .v files)
[Tue Aug  8 21:55:23 2017] <xcmw> Cypi: Thanks
[Tue Aug  8 22:32:34 2017] <[1]ringer1> Whoo-ieeee  got SF Chapter 4 done.
[Wed Aug  9 00:07:51 2017] <xcmw> Is there a coq ide with a native gui for macOS?
[Wed Aug  9 00:09:06 2017] <Cypi> Doesn't CoqIDE work?
[Wed Aug  9 00:09:13 2017] <Cypi> (if it doesn't, sorry, I don't know)
[Wed Aug  9 00:13:30 2017] <xcmw> Cypi: It works but it is obviously not built for macOS.
[Wed Aug  9 00:15:07 2017] <Dodek> do you have any particular issue with it, or does it just not look right to you?
[Wed Aug  9 00:16:36 2017] <xcmw> Dodek: It randomly crashes, the undo shortcut is command U (it should be command Z), and the menu bar is in the wrong spot.
[Wed Aug  9 00:17:42 2017] <[1]ringer1> Much of the Windows interface is wrong also in CoqIDE and it crashes in low memory (for sure)
[Wed Aug  9 00:18:07 2017] <xcmw> It also just looks off in the same way the java apps do
[Wed Aug  9 00:18:21 2017] <[1]ringer1> I guess it is written in OCaml and maybe that is somewhere I could contribute sometime
[Wed Aug  9 00:18:38 2017] <[1]ringer1> xcmw, on Windows also
[Wed Aug  9 00:18:40 2017] <Cypi> The UI itself in just a basic Gtk UI :/
[Wed Aug  9 00:18:49 2017] <Cypi> s/in/is
[Wed Aug  9 00:19:17 2017] <[1]ringer1> It's not terrible but much of the time I copied to my editor, fixed and re-pasted
[Wed Aug  9 00:19:17 2017] <xcmw> Cypi: Is there one with a cocoa or web based ui?
[Wed Aug  9 00:19:43 2017] <Cypi> This exists: https://x80.org/rhino-coq/
[Wed Aug  9 00:19:57 2017] <[1]ringer1> I do like the way it steps and reverses though
[Wed Aug  9 00:20:05 2017] <Cypi> I never used it seriously, I don't know how stable it is, nor how usable it is. But I know it was made by someone who cares about UI :)
[Wed Aug  9 00:21:31 2017] <[1]ringer1> It would be nice if coqc would say where the incomplete proof started :)  but of course that was my fault :)
[Wed Aug  9 00:22:04 2017] <[1]ringer1> good night (or day) all
[Thu Aug 10 07:36:34 2017] <piyush-kurur> I have a question regarding classes in Coq. Is the Class/Instance vernacular essentially building a class using the Cannonical Structure as described in the tutorial https://hal.inria.fr/hal-00816703v1/document
[Thu Aug 10 07:36:48 2017] <piyush-kurur> Or is it something differnt
[Thu Aug 10 07:48:35 2017] <sgnb> I believe type classes and canonical structures are different mechanisms
[Sat Aug 12 12:53:28 2017] <Icewing> I'm working through the Software Foundation book. Is there an issue tracker or something equivalent for it? I had a small issue with the list notation in IndProp.v in the version from this spring.
[Sat Aug 12 20:02:43 2017] <dh`> why won't omega retire a * b > 0 given a > 0 and b > 0?
[Sat Aug 12 20:02:51 2017] <dh`> (in nat)
[Sat Aug 12 20:09:00 2017] <dh`> also, while I'm at it, what's the point of Nat.mul_lt_mono_neg_l?
[Sat Aug 12 20:09:11 2017] <dh`> Nat.mul_lt_mono_neg_l
[Sat Aug 12 20:09:11 2017] <dh`>      : forall p n m : nat, p < 0 -> n < m <-> p * m < p * n
[Sat Aug 12 20:09:27 2017] <dh`> it's not wrong, because the premise is False, but it seems questionable
[Sat Aug 12 23:10:23 2017] <[1]ringer1> Does anyone have a reference for producing a PDF of Software Foundations (or generically if not) -- in Windows if it matters, but I'll take anything you know please
[Sat Aug 12 23:30:08 2017] <lambda-11235> [1]ringer1: I got my copy from https://github.com/mietek/software-foundations.
[Sun Aug 13 00:15:46 2017] <Cypi> dh` : omega only solves Presburger arithmetic, so no multiplication between variables
[Sun Aug 13 00:15:58 2017] <[1]ringer1> Sorry, I wasn't careful in my question -- what I really am trying to do is product a Logical Foundations from the new sources where they split the book into 3 parts
[Sun Aug 13 00:15:58 2017] <Cypi> (you can multiply by a constant but that's it)
[Sun Aug 13 00:16:55 2017] <[1]ringer1> s/product/produce/ the LF book from the 2017 *.v and Makefile etc.0
[Sun Aug 13 00:30:38 2017] <dh`> oh, right.
[Sun Aug 13 02:04:57 2017] <johnw> 'ring' can solve certain abstract problems involving multiplication
[Sun Aug 13 05:44:35 2017] <[1]ringer1> ring automates commutative and associative structures for rings and semi-rings (field is similar for field structures)
[Sun Aug 13 06:10:48 2017] <[1]ringer1> simplification and such
[Sun Aug 13 08:29:39 2017] <ringer1> Is https://coq.inria.fr/ down or is it just me?  Haven't been able to get there since sometime yesterday (from 2 separate networks)
[Sun Aug 13 08:30:17 2017] <Cypi> It is down, yes. Server down for some reason, but since it's Sunday it probably won't be fixed until tomorrow :/
[Sun Aug 13 11:19:39 2017] <reuben364> With ltac "match goal" patterns, how do you match terms with bound variables? something like: match goal with H : forall (x : ?A), ?B |- _ => idtac end.
[Sun Aug 13 11:21:34 2017] <reuben364> But with being able to subsitute x with something later.
[Sun Aug 13 11:49:59 2017] <reuben364> Answered my own question: the solution is to use (@?P fv1 fv2 ...).
[Sun Aug 13 12:48:34 2017] <bartavelle> *
[Sun Aug 13 15:49:27 2017] <dh`> my question about Nat.mul_lt_mono_neg_l stands though :-)
[Sun Aug 13 15:49:33 2017] <johnw> what was that question?
[Sun Aug 13 15:50:31 2017] <dh`> why it exists, given that it's about negative nats, which don't
[Sun Aug 13 15:51:26 2017] <johnw> a "negative nat" is just zero
[Sun Aug 13 15:51:44 2017] <johnw> so I read this theorem as saying that multiplying by zero on both sides, or anything less than zero, has no effect on le
[Sun Aug 13 15:52:35 2017] <johnw> for example, you might have p - (p * 2).  You won't know the value, but you'll know it's <= 0
[Sun Aug 13 15:53:01 2017] <johnw> (that is to say, it's zero :)
[Sun Aug 13 16:56:37 2017] <dh`> well, the lemma's perfectly valid, given that it can be simplified to False -> irrelevant stuff
[Sun Aug 13 16:57:08 2017] <dh`> (it's "p < 0", not <=)
[Sun Aug 13 16:57:22 2017] <dh`> it just seems odd to have such stuff in the library
[Sun Aug 13 16:57:39 2017] <dh`> I guess they're there as parallel constructions with Z or something? that's about the only thing I can think of
[Sun Aug 13 17:09:44 2017] <Cypi> dh` : yes, that's the reason
[Sun Aug 13 17:10:09 2017] <Cypi> Nat is currently built as the result of the application of a functor to a module which specifies the basic operations and proves their most basic properties
[Sun Aug 13 17:10:14 2017] <Cypi> and then derives a bunch of lemmas
[Sun Aug 13 17:10:19 2017] <dh`> ah
[Sun Aug 13 17:10:21 2017] <dh`> I was wondering about that
[Sun Aug 13 17:10:24 2017] <Cypi> this functor is used for Nat, Z and so on, afaik
[Sun Aug 13 17:10:38 2017] <Cypi> this is both kind of nice, and very annoying when looking for the definition of a lemma :)
[Sun Aug 13 17:10:57 2017] <dh`> how do you make a functor produce a toplevel module?
[Sun Aug 13 17:11:02 2017] <dh`> (and is there a way to do that in ocaml?
[Sun Aug 13 17:11:04 2017] <dh`> )
[Sun Aug 13 17:11:42 2017] <dh`> oh wait, it isn't a toplevel module. derp
[Sun Aug 13 17:11:44 2017] <dh`> never mind, I'm stupid today
[Sun Aug 13 17:15:58 2017] <dh`> <dh`> s/today//
[Sun Aug 13 18:50:30 2017] <johnw> ah, I didn't see just <; it seems in my browser it was an underlined <
[Sun Aug 13 19:28:23 2017] <dh`> heh, dangerous that :-)
[Sun Aug 13 22:06:02 2017] <dh`> is there a way to chain two Search patterns together?
[Sun Aug 13 22:06:14 2017] <dh`> the equivalent of unix "grep foo myfile | grep bar"
[Sun Aug 13 22:54:25 2017] <johnw> Search "foo" "bar"?
[Mon Aug 14 04:01:40 2017] <dh`> huh, didn't realize you could do that
[Mon Aug 14 04:09:28 2017] <ringer1> What specifically does tauto DO?  It doesn't have an info_tauto.  I can complete the goal with it but want to know how.
[Mon Aug 14 04:11:03 2017] <ringer1> I have in context:  A, B:Prop ; H : A \/ B       Goal is:    (A -> False) /\ (B -> False) -> False   -- it's obvious but how to complete it in Coq?
[Mon Aug 14 04:12:46 2017] <Cypi> You can take a look at the proof from tauto with "Show Proof" (after calling tauto).
[Mon Aug 14 04:13:52 2017] <Cypi> Now to prove it yourself, you can start by introducing this "~A /\ ~B" hypothesis in your context, and see if you can derive an absurdity by examining H
[Mon Aug 14 04:25:39 2017] <ringer1> Ok, Cypi that should help -- didn't know Show Proof would show details, I did intros  "~A /\ ~B" but was stuck again and tauto still worked.
[Mon Aug 14 04:26:27 2017] <Cypi> Show Proof just show the proof term. It might be complicated to read, but it tells the truth.
[Mon Aug 14 04:27:04 2017] <Cypi> Well, you can try to reason it before trying to prove it in Coq. You know that either A or B holds, and you also know that both A and B do not hold.
[Mon Aug 14 04:27:44 2017] <Cypi> What you can do is say "If A holds, then I get a contradiction because A does not hold ; If B holds, then I get a contradiction because B does not hold"
[Mon Aug 14 04:28:03 2017] <Cypi> So this just a disjunction on the fact that either A or B holds
[Mon Aug 14 04:28:09 2017] <Cypi> Now, to convert that to Coq
[Mon Aug 14 04:28:37 2017] <ringer1> Yes, Cypi, the conversion is where I was stuck
[Mon Aug 14 04:28:51 2017] <Cypi> You know about "destruct", right?
[Mon Aug 14 04:29:07 2017] <ringer1> I got to False by introducing -- yes, I know some about destruct
[Mon Aug 14 04:29:30 2017] <ringer1> when I destruct 'd it seemed I was going in a circle -- let me retry
[Mon Aug 14 04:51:02 2017] <bartavelle> is there some way to write 'exists ... in H??' ?
[Mon Aug 14 04:51:40 2017] <bartavelle> (ie., how do I use hypothesis with an "exists" qualifier?)
[Mon Aug 14 04:51:45 2017] <Cypi> You destruct it
[Mon Aug 14 04:51:59 2017] <Cypi> You do not want to provide a witness to it, you want to extract a witness and a proof from it
[Mon Aug 14 04:52:14 2017] <bartavelle> I can't destruct it for some reason
[Mon Aug 14 04:52:34 2017] <Cypi> Wild guess: your goal is not in Prop
[Mon Aug 14 04:52:41 2017] <bartavelle> ah, but I have an error message
[Mon Aug 14 04:53:08 2017] <bartavelle> destruct ... with did the trick, thanks
[Mon Aug 14 09:14:11 2017] <petercommand> hmm..https://coq.inria.fr/ is still down..
[Mon Aug 14 09:39:52 2017] <ringer1> petercommand, I miss coq.infria.fr :(
[Mon Aug 14 09:40:04 2017] <sgnb> petercommand: today is inria holiday and tomorrow is public holiday
[Mon Aug 14 09:40:33 2017] <sgnb> I think it won't be fixed before wednesday
[Mon Aug 14 09:43:09 2017] <petercommand> sgnb: that's..too bad :Q
[Mon Aug 14 09:43:16 2017] <petercommand> ringer1: me too :(
[Mon Aug 14 09:45:06 2017] <sgnb> https://sympa.inria.fr/sympa/arc/coqdev/2017-08/msg00012.html
[Mon Aug 14 09:46:04 2017] <sgnb> coq.inria.fr being compromised... that's a milestone...
[Mon Aug 14 11:24:45 2017] <ringer1> petercommand, I am a newbie and most of my google searches were taking me there -- it went down sometime (early?) Saturday for me
[Mon Aug 14 11:27:36 2017] <ringer1> sgnb, thx, at least knowing they are working on it helps (and Tue is a holiday there argh!)
[Mon Aug 14 11:39:40 2017] <dh`> clearly the world needs a verified bug database :-)
[Mon Aug 14 15:55:30 2017] <vikraman> Hi, I need a proof of (n:nat) -> n/1 = n, I can see there is such a lemma in NDiv, but I don't know how to instantiate to nat.
[Mon Aug 14 15:56:55 2017] <vikraman> i.e., do Peano nats implement the modules in Numbers.Abstract.* ?
[Mon Aug 14 15:58:11 2017] <Cypi> yup
[Mon Aug 14 15:58:20 2017] <Cypi> Nat.div_1_r should be what you need?
[Mon Aug 14 16:00:30 2017] <vikraman> ok, I did a Require Import NDiv, how do I access div_1_r for nat?
[Mon Aug 14 16:01:02 2017] <vikraman> (I'm not very comfortable with using coq modules/functors)
[Mon Aug 14 16:01:34 2017] <Cypi> You don't need to know anything about modules/functors. The easiest way is to just do "Require Import Arith.", then "Nat.div_1_r" is what you need
[Mon Aug 14 16:02:20 2017] <vikraman> oh, that worked!
[Mon Aug 14 16:02:35 2017] <vikraman> Does that mean the Nat module implements the NDiv module type?
[Mon Aug 14 16:02:39 2017] <Cypi> alternatively, just "Require Import PeanoNot." is sufficient and imports less stuff; it's up to you
[Mon Aug 14 16:02:52 2017] <Cypi> among other things, yes
[Mon Aug 14 16:04:26 2017] <Cypi> https://github.com/coq/coq/blob/master/theories/Arith/PeanoNat.v the definition is here if you're interested (disclaimer: it's not very readable, and you need to dig through a lot of files to get a full picture)
[Mon Aug 14 16:05:43 2017] <vikraman> thanks
[Mon Aug 14 17:25:50 2017] <dh`> oh yeah, I was meaning to ask
[Mon Aug 14 17:25:59 2017] <dh`> Require Import Arith gets the entire arith subtree?
[Mon Aug 14 17:35:19 2017] <johnw> only if it itself does a Require Export of those sub modules
[Mon Aug 14 18:23:13 2017] <dh`> so ls -ls prints 10 and ls -l says 4067 bytes?
[Mon Aug 14 18:23:15 2017] <dh`> gah
[Mon Aug 14 18:23:25 2017] <dh`> (wrong window)
[Mon Aug 14 18:24:29 2017] <dh`> johnw: the reason I was wondering is that the manual lists a lot of stuff under Arith and it's not clear what Require Import Arith. by itself does
[Mon Aug 14 18:24:42 2017] <dh`> that is, which of those it includes and which it doesn't, or if it's something else entirely
[Mon Aug 14 18:24:55 2017] <dh`> also the library index doesn't mention a number of other toplevel modules, like Omega
[Mon Aug 14 18:25:12 2017] <dh`> by index I mean https://coq.inria.fr/library/
[Tue Aug 15 00:41:19 2017] <ringer1> thx Cypi, it seems I needed to learn more about destruct (which I suspected) and managing the Context in general.  This gave me focus for reading several of the books and a couple tutorials.
[Wed Aug 16 13:45:22 2017] <dogui> is there an option to disable positivity checking for inductives? googling shows an email that says "no", but it's from 2013
[Wed Aug 16 13:49:25 2017] <Cypi> So, there is https://github.com/coq/coq/pull/79, which was merged.
[Wed Aug 16 13:49:33 2017] <Cypi> However I think there is no user-available syntax for now, sadly
[Wed Aug 16 13:49:40 2017] <Cypi> So the answer would be no, unless I'm wrong
[Wed Aug 16 14:00:26 2017] <dogui> Cypi: thanks! seems it's not accessible indeed
[Wed Aug 16 15:04:41 2017] <johnw> dogui: what's your type?
[Wed Aug 16 15:04:48 2017] <johnw> there are existential tricks you can sometimes play
[Wed Aug 16 15:05:01 2017] <johnw> the resulting type is larger than the original type, but might suffice depending on your problem
[Wed Aug 16 15:34:14 2017] <ringer1> coq.inria.fr is back up (at least partially -- didn't check everything)
[Wed Aug 16 15:44:29 2017] <petercommand> ringer1: !! horay
[Wed Aug 16 16:07:40 2017] <johnw> btw, if there are any Mac users here, Dash is a great way to view/search the Coq documentation
[Wed Aug 16 16:09:16 2017] <johnw> the particular docsets must be downloaded and then installed (by double-clicking on them) from here: https://wiki.mq.edu.au/display/plrg/Resources
[Wed Aug 16 16:09:32 2017] <johnw> includes both the Coq docs, and the stdlib
[Wed Aug 16 16:09:48 2017] <johnw> I love it because not only is it very fast and works well, but it works *offline*
[Wed Aug 16 20:22:29 2017] <dogui> johnw: oh no I actually wanted to break consistency :) to show how to do recursion through one such type
[Wed Aug 16 20:22:54 2017] <dogui> johnw: I'm currently assuming a constructor/destructor to get the paradox, so no big deal also
[Thu Aug 17 09:37:55 2017] <notnotdan> Does anyone know if it is possible to make an argument for a tactic/tactic notation be parsed in a specific scope?
[Thu Aug 17 09:39:09 2017] <notnotdan> Like, for constants it's possible to do [Arguments f a1%E a2%E a3%V]
[Thu Aug 17 09:47:43 2017] <numee> Hi, what is a good textbook for understanding theoretical foundations of Coq (Curry-Howard isomorphism or natural deduction or that kind of thing, I guess?)? Girard's Proofs and Types looked too succinct for me...
[Thu Aug 17 09:49:59 2017] <cic> there's e.g. http://purelytheoretical.com/sywtltt.html, but maybe there's something more specific to coq
[Thu Aug 17 09:52:08 2017] <cic> (also https://github.com/jozefg/learn-tt)
[Thu Aug 17 09:54:09 2017] <numee> thanks! I'll take a look at the books referenced in these pages
[Thu Aug 17 09:57:08 2017] <cic> there's also chapter 4 in the reference manual, and some links in the official faq, but i think those things make more sense if one knows about dt in general.
[Thu Aug 17 10:01:10 2017] <dredozubov> I'm trying to decide equality for mutually recursive/nested types, I'm not sure how to correctly refer to my example. https://gist.github.com/dredozubov/ca3d16c54f37b036612e24ce263e06e6
[Thu Aug 17 10:02:17 2017] <dredozubov> I've discovered Fixpoint .. with .. , but I'm having problems proving the termination to totality checker. I'm getting an error, while trying to Qed the theorem.
[Thu Aug 17 10:15:45 2017] <ringer1> Coq'Art might fit the bill -- it has more on CiC and CoC I believe.  It's on archive.org so apparently it's legitimately free. https://archive.org/details/springer_10.1007-978-3-662-07964-5
[Thu Aug 17 10:16:59 2017] <cic> ringer1: i don't think there's much theory in coq'art? but i haven't looked very closely...
[Thu Aug 17 10:18:16 2017] <ringer1> cic, I am still in the fairly early chapters of CoqArt, Pierce SF, and Chlipala CPDT -- I'm more interested in pragmatics myself.
[Thu Aug 17 10:29:48 2017] <numee> IIRC Coq'Art doesn't describe how a type in Coq corresponds to a proposition in (intuitionistic?) logic, which I'd like to understand these days.
[Thu Aug 17 10:31:01 2017] <numee> In order to understand foundations of Coq, I learned how to draw Gentzen-style natural deduction proof diagrams, but I have no idea how it translates to expressions in Coq (Gallina, to be precise?).
[Thu Aug 17 10:31:30 2017] <cic> seen http://homepages.inf.ed.ac.uk/wadler/papers/propositions-as-types/propositions-as-types.pdf?
[Thu Aug 17 10:34:16 2017] <numee> i haven't seen that paper. i'll read it
[Thu Aug 17 10:34:49 2017] <cic> to some extent coq'art and SF talks about curry howard also, how to encode e.g. AND as an inductive type
[Thu Aug 17 11:30:20 2017] <ringer1> IntroductionToTheCoqProof-AssistantForPracticalSoftwareVerification-Paulin-MohringCourse-notes.pdf has an intriguing table relating introduction and elimination rules to Coq tactics (which I wish I understood a bit better or had more of an explanation)
[Thu Aug 17 11:30:44 2017] <ringer1> (That's my version of the title, the real title is very similar though)
[Thu Aug 17 12:25:56 2017] <numee> you're referring to this? https://www.lri.fr/~paulin/LASER/course-notes.pdf it seems quite helpful, thanks!
[Fri Aug 18 01:45:26 2017] <ringer1> numee, yes, there are several at about this size, ~60 pages, so far (I'm about half way through 3 or 4) they are all good in their own way.  Paulin-Mohring course-notes, Huet TheTutorial, Bertot Coq-in-a-Hurry, Chlipala's intro (in addition to CPDT)
[Fri Aug 18 01:46:02 2017] <ringer1> And of course Mike Nahas html tutorial on the Coq site
[Fri Aug 18 01:46:41 2017] <ringer1> Best is to get the .v files for the ones you can find Nahas for certain.)
[Fri Aug 18 02:59:18 2017] <jgross> Cypi, dogui: No syntax, currently.  You could add syntax with a plugin, though, I think.  coq.inria.fr is currently down, but I plan to submit a enhancement report for this when it's back up. 
[Fri Aug 18 03:07:12 2017] <jgross> ringer1: The table in that pdf is overly complicated, I think.	There are two tactics for introduction rules: "intro", for the Pi/forall/arrow-style rules (which included negation), and "constructor" (or "constructor 1", "constructor 2", etc.) for inductives.  ("split" = "constructor" for and, "left" = "constructor 1", "right" = "constructor 2", "reflexivity" = "constructor", "exists t" = "constructor with ....").  Similarly, there are two
[Fri Aug 18 03:07:12 2017] <jgross> tactics for elimination rules: "apply" for Pi/forall/arrow, and "destruct" for inductives.  (You can simulate "rewrite" with "pattern" and "destruct".	The "exfalso" rule is kind-of bogus; if you replace the ? up top with a name, say, h, then you can instead do "destruct h".) 
[Fri Aug 18 03:10:07 2017] <ringer1> jgross, it seems strange to me that among all the intro/tutorial resources and similar chapters in the longer books there doesn't seem to be SIMILAR and excellent summaries of when to use each tactic.
[Fri Aug 18 03:10:26 2017] <ringer1> This implies it is either very hard or bad teaching/exposition.  Maybe both.
[Fri Aug 18 03:20:34 2017] <cic> what do you mean by "when to use each tactic"? e.g. when to use "left" rather than "constructor 1"? if so, i think it's difficult to say something more than "do the most readable thing" (in this case there can only be two constructors if you are going to use left, but that's just a detail for this tactic i would say)...
[Fri Aug 18 03:20:45 2017] <cic> or maybe you mean something like http://matejkosik.github.io/www/doc/coq/notes/01__tactics.html?
[Fri Aug 18 03:29:05 2017] <jgross> ringer1: Have you seen http://adam.chlipala.net/itp/tactic-reference.html ? 
[Fri Aug 18 03:34:48 2017] <jgross> But I think one issue is that the tactics are not well organized.  For example, show me someone who can say what the different is between "eexact" and "exact" (I don't believe even any of the Coq devs can say what the difference, if any, is, and I certainly can't).  The question of when to use "dependent destruction" vs "destruct" vs "case" vs "elim" vs "induction" is roughly "use induction if it's recursive, destruct if it's not, but if
[Fri Aug 18 03:34:48 2017] <jgross> destruct gives you dependent type errors, you can try elim or case (not sure what the difference is); if the type errors come from the type of the thing being eliminated rather than the goal, use inversion rather than case, and if you actually need destruct rather than inversion, but destruct gives you type errors, try dependent destruction; if you need to not depend on UIP, then implement your own version of dependent destruction".  And if
[Fri Aug 18 03:34:48 2017] <jgross> you're using equality, use "rewrite", unless your equality shows up dependently, in which case, try "subst".  If that fails, you'll probably need "generalize dependent" before you can "subst".  Isn't that a lovely decision tree? 
[Fri Aug 18 03:46:50 2017] <ringer1> all, thx, cic, I'll take a look, jgross, I have the chlipala but review to see if I'm missing something, my claim is that proving stuff is either very hard or there should be a reasonable 80% explanation that's pretty simple (at least for beginner level+ problems)
[Fri Aug 18 03:58:54 2017] <ringer1> cic, this does look it might have more of what I am seeking -- will have to try using it as I work  ( http://matejkosik.github.io/www/doc/coq/notes/01__tactics.html? )
[Fri Aug 18 04:05:21 2017] <ringer1> It's the (good) examples that seem to make matejkosik's work -- to be fair, Nahas is good too -- it just starts off with different types of proofs than my exercises have contained, and I haven't finished working through the Nahas page yet.  Summary at bottom seems good once yo work through it.  Chlipala links are broken right now, either in the page or Coq.inria.fr is down again.
[Fri Aug 18 04:08:40 2017] <ringer1> inria is down apparently
[Fri Aug 18 16:49:19 2017] <shlevy> Any guidelines for deciding between modules and sections?
[Fri Aug 18 16:52:53 2017] <johnw> i avoid modules
[Fri Aug 18 16:52:59 2017] <johnw> they are almost always a pain
[Fri Aug 18 16:57:32 2017] <shlevy> johnw: Thanks!
[Sat Aug 19 16:02:16 2017] <bartavelle> is there a way to use "replace" only in part of an expression ?
[Sat Aug 19 16:07:42 2017] <bartavelle> hum rewrite can do that
[Sat Aug 19 16:16:33 2017] <MichaelBurge> How do you instantiate an FMapAVL with binary natural numbers as keys? https://hastebin.com/ezikukuyar.erl
[Sat Aug 19 16:34:57 2017] <MichaelBurge> I got it - it looks like there were two different things called OrderedType
[Mon Aug 21 12:37:00 2017] <bartavelle> when coq gives me a (fun x: ...) where x had a product type, is there a tactic that can change it too (fun (x1,x2): ...) ?
[Mon Aug 21 12:39:28 2017] <johnw> (fun '(x1, x2) => ...)
[Mon Aug 21 12:39:32 2017] <bartavelle> (fun is in an inner expression, so i can't use functional_extensionality)
[Mon Aug 21 12:39:38 2017] <johnw> oh, you mean that's your goal
[Mon Aug 21 12:39:41 2017] <bartavelle> yes
[Mon Aug 21 12:40:06 2017] <johnw> and where does the (fun X: ...) occur?
[Mon Aug 21 12:40:21 2017] <bartavelle> what do you mean?
[Mon Aug 21 12:40:29 2017] <johnw> without more context, I can't answer
[Mon Aug 21 12:40:32 2017] <bartavelle> ok
[Mon Aug 21 12:40:38 2017] <johnw> can you show me what your goal looks like?
[Mon Aug 21 12:40:47 2017] <bartavelle> sure
[Mon Aug 21 12:41:53 2017] <bartavelle> http://lpaste.net/4656716817790664704
[Mon Aug 21 12:43:00 2017] <johnw> have you tried "setoid_rewrite func_comp"? (or however you've named that law)
[Mon Aug 21 12:44:50 2017] <bartavelle> i'll look this tactic up thanks!
[Mon Aug 21 12:45:17 2017] <Cypi> More manually, you could also just use functional_extensionality on the outer lambdas until the goal is more manageable, right?
[Mon Aug 21 12:46:20 2017] <bartavelle> I don't think I can here
[Mon Aug 21 12:46:47 2017] <bartavelle> that was my first try
[Mon Aug 21 12:48:18 2017] <bartavelle> I can't because I am on a monad transformer I think
[Mon Aug 21 12:49:47 2017] <bartavelle> actually I think there is a simpler way, BRB
[Mon Aug 21 12:50:52 2017] <bartavelle> I think that's because I don't understand typeclasses yet in coq, I'll work some more on that!
[Mon Aug 21 12:52:50 2017] <bartavelle> ah it was actually trivial :/
[Mon Aug 21 13:26:35 2017] <numee> is there an easy way to prove 65537 is prime without using fancy tools like ssreflect or customized tactics?
[Mon Aug 21 13:40:17 2017] <benzrf> numee: there might be a theorem proving the correctness of some simple primality-checking algo, in which case you can just apply that
[Mon Aug 21 13:58:25 2017] <numee> benzrf: All I managed to find was ZArith/Znumtheory.v and it doesn't seem to help me as it takes many steps just to prove 3 is prime: https://github.com/maximedenes/native-coq/blob/cb563ddaa6e46cd44390fbfc75fe3abf35041bde/theories/ZArith/Znumtheory.v#L661
[Mon Aug 21 14:01:33 2017] <MichaelBurge> Why does discriminate fail to solve with an "m = S m" hypothesis? https://hastebin.com/yuwuwagavu.erl
[Mon Aug 21 14:02:25 2017] <johnw> MichaelBurge: because there aren't constructors on both sides
[Mon Aug 21 14:02:41 2017] <johnw> MichaelBurge: and what if it were co-inductive? discriminate needs to see Z = S _
[Mon Aug 21 14:03:14 2017] <MichaelBurge> That makes sense - thanks!
[Mon Aug 21 14:07:22 2017] <MichaelBurge> Perhaps the motivating example in the documentation should be changed then, since it can't actually solve S (S 0) = S 0 directly: https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic78
[Mon Aug 21 14:08:08 2017] <MichaelBurge> Nevermind, I tested that wrong.
[Mon Aug 21 14:30:42 2017] <benzrf> numee: try writing a primality testing function and proving it correct :>
[Mon Aug 21 14:36:44 2017] <Cypi> hmm, I'm curious to see how that would go actually...
[Mon Aug 21 15:38:17 2017] <Cypi> Oh right. 65537 in unary is an immediate stack oeverflow :v
[Mon Aug 21 15:38:19 2017] <Cypi> overflow*
[Tue Aug 22 03:54:20 2017] <bartavelle> I have something like "foo >>= (fun x => let (a,b) := x in pure (a,b))", how can I turn that goal into "foo >>= pure" ?
[Tue Aug 22 03:59:44 2017] <bartavelle> or really if there is any reference on the tactic names for working "inside" lambdas
[Tue Aug 22 04:00:29 2017] <bartavelle> johnw: told me about setoid which kind of look like what I want
[Tue Aug 22 04:01:24 2017] <bartavelle> but I am not sure that's it
[Tue Aug 22 04:04:57 2017] <bartavelle> ah I can with an assert!
[Tue Aug 22 04:26:53 2017] <bartavelle> well, if someone has pointers for working inside lambdas in goals, that would be appreciated
[Tue Aug 22 05:51:29 2017] <notnotdan> idk, maybe compute reduces inside lambdas?
[Tue Aug 22 08:51:13 2017] <bartavelle> I managed to massage the expressions
[Wed Aug 23 10:08:39 2017] <bartavelle> hello, I think I did something wrong with my usage of typeclasses here : http://lpaste.net/2601183531925241856
[Wed Aug 23 10:09:20 2017] <bartavelle> at the end of this file, I have a goal with (let (..,pure0,...) := FRSST R S ... in pure0)
[Wed Aug 23 10:09:37 2017] <bartavelle> how can I switch that with the actuall implementation of pure for "FRSST R S ..."?
[Wed Aug 23 10:09:51 2017] <bartavelle> I suppose I did something wrong with my instance declaration
[Wed Aug 23 12:36:20 2017] <michbad> Hello, I'm very new to coq. I'm trying to prove that `forall a b : nat, S a = S b -> a = b.`. But I don't see how to do that. I've tried destruct, but I didn't get anywhere with it.
[Wed Aug 23 12:38:57 2017] <drsmkl[m]> you need the inversion tactic for that one
[Wed Aug 23 12:41:28 2017] <michbad> oh, thanks, that worked - but i didn't get how inversion works
[Wed Aug 23 12:42:17 2017] <ski> (induction ?)
[Wed Aug 23 12:43:13 2017] <michbad> so inversion just removes inductive costructors from both sides of an equality?
[Wed Aug 23 12:47:12 2017] <michbad> ski, but in induction i still get subgoals like forall a b : nat, S a = S b -> a = b. is there a way to deal with those other than inversion?
[Wed Aug 23 12:47:28 2017] <michbad> sorry, i meant 1 = S (S b') -> 0 = S b'
[Wed Aug 23 13:08:58 2017] <MichaelBurge> michbad: There's congruence: https://hastebin.com/exexiqapij.erl
[Wed Aug 23 13:11:07 2017] <MichaelBurge> I suspect it's probably equivalent, though
[Wed Aug 23 13:13:00 2017] <michbad> thanks, i'll have a look! i'm just starting with 'Software Foundations', so i'm not familiar with most of the tactics.
[Wed Aug 23 13:20:36 2017] <sgnb> there's injection as well
[Wed Aug 23 13:21:20 2017] <dh`> michbad: there's a lemma for S a = S b -> a = b
[Wed Aug 23 13:22:15 2017] <sgnb> eq_add_S
[Wed Aug 23 13:22:30 2017] <sgnb> (found with "SearchAbout [ S eq ].")
[Wed Aug 23 13:27:46 2017] <Cale> You could also do f_equal pred H.
[Wed Aug 23 14:06:50 2017] <dh`> hmm
[Wed Aug 23 14:07:07 2017] <dh`> if I have: {x = foo} + {exists y, x = bar y}
[Wed Aug 23 14:07:24 2017] <dh`> how can I match or test this to extract y?
[Wed Aug 23 14:09:21 2017] <dh`> one can use if to test a {} + {}, but that doesn't have any way to bind y on the else side, and I can't figure out the match syntax
[Wed Aug 23 14:27:51 2017] <dh`> bah.
[Wed Aug 23 14:27:52 2017] <dh`> Elimination of an inductive object of sort Prop
[Wed Aug 23 14:27:52 2017] <dh`> is not allowed on a predicate in sort Set
[Wed Aug 23 14:27:52 2017] <dh`> because proofs can be eliminated only to build proofs.
[Wed Aug 23 14:29:43 2017] <dh`> I don't think this approach is going to work
[Wed Aug 23 14:29:45 2017] <dh`> * deletes
[Wed Aug 23 14:30:44 2017] <jrw> dh`: this is the syntax, but you do have to be going into Prop: http://lpaste.net/357917
[Wed Aug 23 14:47:32 2017] <dh`> yeah, and unfortunately it doesn't work
[Wed Aug 23 15:08:37 2017] <dh`> (I figured out a workaround for the syntax, but it inevitably generates the same problem)
[Wed Aug 23 15:08:45 2017] <dh`> oh well
[Wed Aug 23 16:40:06 2017] <dh`> ok, further conclusion: trying to put together a common set of theorems for lists and strings and other sequence types isn't going to work, or at least not very well.
[Wed Aug 23 16:41:07 2017] <dh`> There are too many magic things implicit in the fact of an inductive type with two constructors.
[Wed Aug 23 16:41:39 2017] <dh`> Trying to make them all explicit makes a huge mess.
[Wed Aug 23 16:41:53 2017] <dh`> And there doesn't seem to be a way to abstract over constructors as constructors.
[Wed Aug 23 16:42:44 2017] <dh`> You can put "Inductive foo := ..." in a module type, but then you can't instantiate it with an existing type.
[Wed Aug 23 16:42:59 2017] <dh`> (AFAICT, anyway, but you can't in ML so it would surprise me if it worked)
[Wed Aug 23 16:43:36 2017] <dh`> But if you don't have that magic "Inductive" word there, the objects you have are no longer constructors.
[Wed Aug 23 16:45:50 2017] <dh`> And you lose the ability to e.g. match, and have coq believe in termination, and do inversions, and various other things.
[Wed Aug 23 17:57:34 2017] <dh`> ... why does "contradict H" sometimes add ~(goal) to your hypothesis bank and sometimes not?
[Wed Aug 23 19:32:08 2017] <dh`> when it does, it's very useful... otherwise not so much
[Wed Aug 23 19:37:40 2017] <Cypi> dh` : https://coq.inria.fr/refman/Reference-Manual010.html#hevea_tactic71 for what "contradict" does. It does not always work in intuitionistic logic to add ~(goal) to your hypotheses.
[Wed Aug 23 19:38:08 2017] <Cypi> (if you want to prove "A -> B", it is usually not enough to prove "~ B -> ~ A"
[Wed Aug 23 19:38:10 2017] <Cypi> )
[Wed Aug 23 20:25:03 2017] <dh`> right, that much I know, it just so far hasn't made sense which cases this does and doesn't work in
[Wed Aug 23 20:25:11 2017] <dh`> or rather, which cases contradict does and doesn't work in
[Wed Aug 23 20:25:58 2017] <MichaelBurge> Is there a version of cbv that does just one reduction step?
[Wed Aug 23 20:27:12 2017] <dh`> looking at that table, I think the issue is/has been that it's not always obvious what coq thinks has a ~ at the front of it.
[Wed Aug 23 20:31:44 2017] <Cypi> You can "Print Ltac contradict." and read it :)
[Wed Aug 23 20:40:24 2017] <dh`> huh, neat :-)
[Wed Aug 23 20:40:48 2017] <dh`> something else I've never understood (that I just stepped on) is why rewrite sometimes rewrites all matching instances and sometimes only the first
[Wed Aug 23 20:41:32 2017] <dh`> about 98% of the time it does what one wants magically, so it's not bad
[Wed Aug 23 21:25:14 2017] <MichaelBurge> Hmm, it looks like Coq's Haskell extraction uses GHC.Prim.Any, which was removed in the latest version of ghc-prim
[Thu Aug 24 19:17:43 2017] <MichaelBurge> Is there a list of all the extraction-related modules? This one doesn't seem to be listed in the standard library: https://coq.inria.fr/library/Coq.extraction.ExtrHaskellString.html
[Thu Aug 24 23:28:58 2017] <MichaelBurge> It doesn't look like the Record macro creates record update functions. Is the only way to update a single field to create a new record repeating all the other fields?
[Fri Aug 25 03:34:14 2017] <bartavelle> is there any documentation on type classes other than https://coq.inria.fr/refman/Reference-Manual023.html ? For some reason their snippets don't work with my coq version, I don't even understand my error messages
[Fri Aug 25 03:34:37 2017] <bartavelle> (I mean I can make their snippets work, but when doing something more complex I am stuck)
[Fri Aug 25 03:39:19 2017] <dh`> not a great deal, afaicr.
[Fri Aug 25 03:39:28 2017] <dh`> experience with haskell type classes is probably the best asset
[Fri Aug 25 03:39:46 2017] <bartavelle> I do have that, but the errors make no sense to me anyway
[Fri Aug 25 03:40:54 2017] <bartavelle> that would be nice if there was an alternative though, I started with something like "Functor := exists (fmap : ...), functorlaw1 /\ functorlaw2"
[Fri Aug 25 03:41:10 2017] <dh`> the chief thing I've found that causes inexplicable weird problems is that (unlike haskell) you have to carry the instance around explicitly in a lot of places
[Fri Aug 25 03:41:11 2017] <bartavelle> but the problem is that I don't know how to reuse that "fmap" in the applicative laws
[Fri Aug 25 03:41:35 2017] <bartavelle> dh` do you mind taking a look at a snippet and tell me if there is anything obviously wrong ?
[Fri Aug 25 03:41:40 2017] <dh`> sure
[Fri Aug 25 03:42:18 2017] <bartavelle> http://lpaste.net/4490512325148672000
[Fri Aug 25 03:42:24 2017] <bartavelle> the problem is the last line
[Fri Aug 25 03:42:42 2017] <bartavelle> The expression "Applicative" of type "Type" cannot be applied to the term "RSST R W S M" : "Type -> Type"
[Fri Aug 25 03:43:15 2017] <bartavelle> whereas it looks exatly the same as "Fucntor" to me
[Fri Aug 25 03:44:34 2017] <bartavelle> (also are there built in identity/first functions in the standard library?)
[Fri Aug 25 03:45:01 2017] <bartavelle> (first specialized to tuples would be alright to me)
[Fri Aug 25 03:47:26 2017] <dh`> I think it's getting confused with implicit arguments
[Fri Aug 25 03:47:53 2017] <bartavelle> TBH, I more or less randomly put them on either sides of the ":"
[Fri Aug 25 03:48:11 2017] <dh`> (re first and identity, I dunno. I'd assume an identity exists, but remembering its name is probably harder than typing it in again)
[Fri Aug 25 03:48:18 2017] <bartavelle> :)
[Fri Aug 25 03:48:35 2017] <dh`> there's some reason you usually see all implicit arguments first
[Fri Aug 25 03:48:48 2017] <dh`> I forget what it is, but I'd suggest doing that
[Fri Aug 25 03:49:01 2017] <dh`> also try making all the implicit arguments explicit until it works
[Fri Aug 25 03:49:50 2017] <bartavelle> what does that mean? Adding a @ before Applicative here and filling the slots ?
[Fri Aug 25 03:51:06 2017] <bartavelle> alright, it now seems I have to fill the functor instance
[Fri Aug 25 03:51:28 2017] <bartavelle> except I don't know how to use my "RSSTFunctor" instance, as it doesn't seem to know it (Error: Unbound and ungeneralizable variable RSSTFunctor)
[Fri Aug 25 03:52:21 2017] <dh`> aim gun at foot, pull trigger, blame microsoft
[Fri Aug 25 03:52:22 2017] <dh`> oops
[Fri Aug 25 03:52:29 2017] <bartavelle> :)
[Fri Aug 25 03:52:43 2017] <bartavelle> seems fitting to my problem, except the microsoft part
[Fri Aug 25 03:52:54 2017] <dh`> change the {}'s to ()'s in the declarations, fill in all the bits
[Fri Aug 25 03:53:03 2017] <dh`> once it works you can try backing them off again
[Fri Aug 25 03:54:23 2017] <bartavelle> alright, that seems better, it asks me to pass something that has type "Functor ?123", but I can't seem to be able to use my previosuly defined instance
[Fri Aug 25 03:54:33 2017] <bartavelle> Error: Unbound and ungeneralizable variable RSSTFunctor
[Fri Aug 25 03:55:03 2017] <bartavelle> I had some success previously with stating that there was some functor instance, but them I can't prove anything as I can't access the definition of fmap
[Fri Aug 25 03:55:14 2017] <bartavelle> (or bind)
[Fri Aug 25 03:56:04 2017] <bartavelle> I also had success with stating all the functions / laws in a single typeclass (StateReaderWriterMonad, with functor+applicative+monad+state+writer+reader)
[Fri Aug 25 03:56:17 2017] <bartavelle> but this is annoying to work with
[Fri Aug 25 03:58:17 2017] <dh`> I don't understand what it's doing
[Fri Aug 25 03:58:42 2017] <dh`> the way you've got it though, Check Applicative prints
[Fri Aug 25 03:58:44 2017] <dh`> channel
[Fri Aug 25 03:58:46 2017] <dh`> erm
[Fri Aug 25 03:58:58 2017] <dh`> Applicative
[Fri Aug 25 03:58:58 2017] <dh`>      : Type
[Fri Aug 25 03:58:58 2017] <dh`> where
[Fri Aug 25 03:58:58 2017] <dh`> ?m : [ |- Type -> Type]
[Fri Aug 25 03:58:58 2017] <dh`> ?F : [ |- Functor ?m]
[Fri Aug 25 03:59:05 2017] <dh`> and that can't be right
[Fri Aug 25 03:59:27 2017] <bartavelle> I trust you on that :)
[Fri Aug 25 03:59:36 2017] <dh`> well
[Fri Aug 25 03:59:38 2017] <bartavelle> perhaps it's the "`" that I cargo culted from the docs
[Fri Aug 25 03:59:41 2017] <dh`> you don't want the m argument to be implicit
[Fri Aug 25 03:59:55 2017] <dh`> yeah I, um, don't know what that does
[Fri Aug 25 04:01:56 2017] <bartavelle> dropping the "`" breaks my Monad class declaration
[Fri Aug 25 04:02:14 2017] <bartavelle> I don't know what any of this is doing, I guess I'll just write all the proofs in one giant blob
[Fri Aug 25 04:02:45 2017] <dh`> dropping the ` causes your Monad to break with the same problem as the other thing, which is that the type of Applicative isn't what you want it to be
[Fri Aug 25 04:06:43 2017] <dh`> there's something else going on here that I don't understand
[Fri Aug 25 04:07:47 2017] <bartavelle> perhaps related to the fact the snippets in the documentation are not working ?
[Fri Aug 25 04:07:56 2017] <bartavelle> They seem to be able to write this:
[Fri Aug 25 04:08:10 2017] <bartavelle> Class Applicative `{F: Functor m} := ...
[Fri Aug 25 04:08:13 2017] <bartavelle> and I need to write:
[Fri Aug 25 04:08:17 2017] <bartavelle> Class Applicative m `{F: Functor m} := ...
[Fri Aug 25 04:08:36 2017] <dh`> it would really help to know what that ` is supposed to do
[Fri Aug 25 04:08:38 2017] <dh`> :-/
[Fri Aug 25 04:10:20 2017] <bartavelle> https://stackoverflow.com/a/31862550/1755520
[Fri Aug 25 04:10:49 2017] <sgnb> https://coq.inria.fr/distrib/current/refman/Reference-Manual023.html#sec692
[Fri Aug 25 04:12:03 2017] <bartavelle> for which version of coq are those docs valid anyway ?
[Fri Aug 25 04:12:24 2017] <dh`> ah I see
[Fri Aug 25 04:12:27 2017] <bartavelle> 8.6.1, whereas I use 8.4 ?
[Fri Aug 25 04:12:41 2017] <dh`> 8.4 is pretty old...
[Fri Aug 25 04:12:49 2017] <bartavelle> that's waht comes with ubuntu
[Fri Aug 25 04:12:56 2017] <bartavelle> I'll fetch a more recent version
[Fri Aug 25 04:20:48 2017] <dh`> I'm not sure exactly what's wrong but it's definitely the implicit args and the `s that's screwing it up
[Fri Aug 25 04:21:07 2017] <bartavelle> I'll update and try to do it exactly as they do it in the documentations
[Fri Aug 25 04:21:23 2017] <bartavelle> thanks a lot for spending some time with this!
[Fri Aug 25 04:29:59 2017] <bartavelle> same problem
[Fri Aug 25 04:30:37 2017] <bartavelle> I can't copy-paste the documentation snippets
[Fri Aug 25 04:30:42 2017] <dh`> in particular I think the problem is that the ` is filling in with the wrong stuff
[Fri Aug 25 04:30:55 2017] <bartavelle> even their samples with Eq => Ord doesn't work
[Fri Aug 25 04:31:16 2017] <dh`> probably you need 8.6
[Fri Aug 25 04:31:21 2017] <bartavelle> I just installed it
[Fri Aug 25 04:35:25 2017] <dh`> http://lpaste.net/3394384117989638144
[Fri Aug 25 04:35:29 2017] <dh`> that works for me
[Fri Aug 25 04:35:36 2017] <dh`> (or, more accurately, it did a couple months ago)
[Fri Aug 25 04:36:08 2017] <bartavelle> I think that would also work to me, as you don't ask it to also be an applicative
[Fri Aug 25 04:36:27 2017] <bartavelle> my problem is that I want to write proofs for a monad transformer
[Fri Aug 25 04:36:35 2017] <bartavelle> that has "Monad m => Applicative (Foo m)"
[Fri Aug 25 04:36:51 2017] <bartavelle> and I need to have the proper "bind" definition to write the proofs
[Fri Aug 25 04:37:03 2017] <dh`> http://lpaste.net/3394384117989638144 <- with an instance
[Fri Aug 25 04:37:04 2017] <dh`> sure
[Fri Aug 25 04:37:11 2017] <bartavelle> I managed to have something like "exists bind", but I could not uinfold it
[Fri Aug 25 04:37:19 2017] <dh`> but it works so you can probably then get at least the eq/ord stuff to work too
[Fri Aug 25 04:38:11 2017] <bartavelle> I got that working, I wrote a huge class that contained all the functions and laws for functor/applicative/monad/state
[Fri Aug 25 04:38:29 2017] <bartavelle> if I do that, I have no problem proving all my laws
[Fri Aug 25 04:38:53 2017] <bartavelle> but then I wanted to add laws for say, writer, and I needed to alter that big blob
[Fri Aug 25 04:39:18 2017] <bartavelle> (also I don't know what you mean by having eq/ord stuff working, I copy/pasted from the docs and it doesn't seem to work)
[Fri Aug 25 04:39:20 2017] <dh`> so what's specifically not working is class inheritance/derivation?
[Fri Aug 25 04:39:29 2017] <bartavelle> I *think*
[Fri Aug 25 04:39:53 2017] <bartavelle> I could get a monad constraint to prove the state laws
[Fri Aug 25 04:39:59 2017] <bartavelle> but then I couldn't unfold bind
[Fri Aug 25 04:40:17 2017] <bartavelle> it was some sort of generic bind that was in the environment, not the one I defined in another instance
[Fri Aug 25 04:40:37 2017] <dh`> where's the Eq => Ord example you're cribbing from?
[Fri Aug 25 04:40:43 2017] <bartavelle> the snippet I pasted is when I tried following the docs
[Fri Aug 25 04:41:02 2017] <bartavelle> https://coq.inria.fr/distrib/current/refman/Reference-Manual023.html
[Fri Aug 25 04:41:26 2017] <bartavelle> copy/paste the "Class EqDec (A : Type) := {" declaration
[Fri Aug 25 04:41:39 2017] <bartavelle> then the Ord from https://coq.inria.fr/distrib/current/refman/Reference-Manual023.html#sec695
[Fri Aug 25 04:41:48 2017] <bartavelle> it whines about A being unknown
[Fri Aug 25 04:42:08 2017] <bartavelle> if you add an "A" before the "`", it works, but I suppose it doesn't do what it should
[Fri Aug 25 04:50:43 2017] <dh`> I'm not having any trouble writing down an Ord class that derives from an Eq class
[Fri Aug 25 04:52:00 2017] <dh`> http://lpaste.net/3969492664264425472
[Fri Aug 25 04:53:26 2017] <dh`> I think the use of ` is what's causing your problems
[Fri Aug 25 04:53:52 2017] <bartavelle> hum, I'll try something like that
[Fri Aug 25 04:56:18 2017] <bartavelle> but how would you use eqq in your Instance ?
[Fri Aug 25 04:57:41 2017] <bartavelle> say you want Ord to also implent "lower than", and proove that "lee a b <-> eqq a b \/ ltt a b"
[Fri Aug 25 04:57:46 2017] <bartavelle> prove
[Fri Aug 25 04:59:46 2017] <bartavelle> (won't make much sense with bool)
[Fri Aug 25 05:01:22 2017] <bartavelle> this is where I got stuck : http://lpaste.net/8280026558127669248
[Fri Aug 25 05:05:46 2017] <dh`> http://lpaste.net/3969492664264425472
[Fri Aug 25 05:07:49 2017] <dh`> why are you stuck?
[Fri Aug 25 05:08:05 2017] <dh`> or, since that's kind of a useless question, what are you stuck on?
[Fri Aug 25 05:10:06 2017] <bartavelle> my goal is "(let (eqq0) := bool_eq in eqq0) a b = true \/ lt_bool a b = true"
[Fri Aug 25 05:10:24 2017] <bartavelle> in would like to have the definition of lt_bool
[Fri Aug 25 05:10:30 2017] <bartavelle> instead of that eqq0
[Fri Aug 25 05:10:48 2017] <bartavelle> lemme look at your snippet
[Fri Aug 25 05:12:41 2017] <bartavelle> hummm
[Fri Aug 25 05:12:46 2017] <bartavelle> why does it work? :)
[Fri Aug 25 05:12:47 2017] <dh`> simpl will get rid of the useless let binding and leave you with eqb
[Fri Aug 25 05:12:52 2017] <bartavelle> I'll research that, thanks !
[Fri Aug 25 05:13:08 2017] <dh`> what you want to unfold is not eqq but lt_bool and eq_bool
[Fri Aug 25 05:13:55 2017] <bartavelle> yeah it works for this proof
[Fri Aug 25 05:14:08 2017] <bartavelle> but to prove, say "get >>= put = pure ()", I need to unfold bind
[Fri Aug 25 05:14:28 2017] <dh`> you might not, depending
[Fri Aug 25 05:14:37 2017] <bartavelle> I think I really need in my case :)
[Fri Aug 25 05:14:53 2017] <dh`> but anyway simpl after unfold eqq makes the let rubbish go away
[Fri Aug 25 05:15:26 2017] <bartavelle> it does!
[Fri Aug 25 05:16:45 2017] <bartavelle> now I have to figure out why I can't reference my functor instance
[Fri Aug 25 05:17:09 2017] <dh`> I'm pretty sure that's from the implicit arguments and `
[Fri Aug 25 05:17:21 2017] <bartavelle> yup
[Fri Aug 25 05:17:24 2017] <dh`> anyway i need to sleep, people will be hammering in 3h
[Fri Aug 25 05:17:30 2017] <bartavelle> thanks a lot !
[Fri Aug 25 05:17:35 2017] <dh`> you're welcome :-)
[Fri Aug 25 05:24:34 2017] <bartavelle> ah, I think I get what my problem is!
[Fri Aug 25 05:24:56 2017] <bartavelle> I forget a damned Qed. !!!!
[Fri Aug 25 05:25:16 2017] <modulus> lol
[Fri Aug 25 05:25:28 2017] <bartavelle> just spent a few hours on that :)
[Fri Aug 25 05:25:46 2017] <modulus> well at least that's easy to solve.
[Fri Aug 25 05:26:03 2017] <bartavelle> sure!
[Fri Aug 25 05:28:21 2017] <bartavelle> is there a way to abort coq infinite loops in coqide?
[Fri Aug 25 16:30:47 2017] <cic> bartavelle: this might be of interest: https://softwarefoundations.cis.upenn.edu/draft/qc-current/Typeclasses.html
[Fri Aug 25 16:31:20 2017] <cic> (regarding your question on more documentation)
[Fri Aug 25 23:59:57 2017] <numee> Does anyone have an idea as to how to prove f (if c then t else e) = (if c then f t else f e) ?
[Sat Aug 26 00:02:53 2017] <Cale> numee: destruct c; reflexivity. ?
[Sat Aug 26 00:04:30 2017] <numee> Cale: thanks!
[Sun Aug 27 23:32:09 2017] <dh`> hrm
[Sun Aug 27 23:32:26 2017] <dh`> what would be a good simple program to do to muck with string code extraction?
[Sun Aug 27 23:32:29 2017] <dh`> not having any good ideas
[Sun Aug 27 23:32:54 2017] <dh`> (also, where should I look to get up to speed on doing extractions? haven't tried it before)
[Mon Aug 28 00:20:38 2017] <johnw> it's very easy to start
[Mon Aug 28 00:20:54 2017] <johnw> just Extraction Language <lang>.
[Mon Aug 28 00:21:03 2017] <johnw> then Extract "file.ext" func1 func2 func3.
[Mon Aug 28 01:04:31 2017] <dh`> neat
[Mon Aug 28 02:49:21 2017] <dh`> ugh why can't you use symmetry on <> ?
[Mon Aug 28 03:35:26 2017] <cic> dh`: there's some information in VFA (e.g. https://www.cs.princeton.edu/~appel/vfa/Extraction.html), about extraction that is, but not much
[Mon Aug 28 11:41:34 2017] <schoppenhauer> hi. I use CpdtTactics in my project. It does not allow derivative works. Is using it without any changes a derivative Work?
[Mon Aug 28 11:41:52 2017] <schoppenhauer> that is, am I allowed to just place it into my project folder and load it?
[Mon Aug 28 11:44:47 2017] <schoppenhauer> or is this just a program library?
[Mon Aug 28 11:45:58 2017] <schoppenhauer> actually, I am only using the crush tactic.
[Tue Aug 29 11:21:13 2017] <justanotheruser> Are there components of the C language like floats that are impossible to make proofs for? http://robbertkrebbers.nl/research/thesis.pdf This is "The C standard formalized in Coq", but it seems to not be capable of proofs for floating point arithmetic
[Tue Aug 29 12:09:35 2017] <Cale> justanotheruser: See CompCert -- I'm pretty sure it proves things about its implementation of floating point.
[Tue Aug 29 12:10:05 2017] <Cale> justanotheruser: It's not impossible, it's merely annoying to prove things about floats -- they don't have a whole lot of really nice properties.
[Tue Aug 29 14:49:25 2017] <dolio> It's possible that certain things about IEEE are too under-specified to prove certain things.
[Tue Aug 29 14:50:13 2017] <dolio> I'm not enough of an expert to say, though.
[Tue Aug 29 17:01:50 2017] <schoppenhauer> hi. I use CpdtTactics in my project. It does not allow derivative works. Is using it without any changes a derivative Work? that is, am I allowed to just place it into my project folder and load it? or is this just a program library? actually, I am only using the crush tactic. *push*
[Thu Aug 31 07:48:16 2017] <schoppenhauer> hi. I use CpdtTactics in my project. It does not allow derivative works. Is using it without any changes a derivative Work? that is, am I allowed to just place it into my project folder and load it? or is this just a program library? actually, I am only using the crush tactic. *push*
[Thu Aug 31 07:59:49 2017] <cic> schoppenhauer: have you read the LICENSE file in the archive from the "Tarball of a few generally useful library modules from the book" link?
[Thu Aug 31 08:51:38 2017] <cocreature> cpdtactics.v is licensed under bsd3 which allows for derivative works
[Thu Aug 31 09:02:38 2017] <leah2> yeah, its just really stupidly commented...
[Sun Sep  3 08:14:35 2017] <zozozo> Hi, It seems that the "classical_right" tactic fails when there are no hypotheses in the context, is it known/expected ? for the moment my workaround is to "pose proof True", but is there a better way ?
[Sun Sep  3 08:23:50 2017] <cq1> Is adding the following axiom inconsistent? Inductive foo := foo_intro : foo -> foo. Axiom f : foo.
[Sun Sep  3 08:24:50 2017] <cq1> It's obviously ridiculous, as there's no way of inhabiting foo because no finite term can be an inhabitant of it, but I feel like this meta fact isn't accessible from inside of Coq in a way that yields inconsistency?
[Sun Sep  3 08:37:43 2017] <Saizan> cq1: you can write foo -> False by recursion
[Sun Sep  3 08:46:01 2017] <cq1> Saizan: Awesome, thanks for the tip. I got it with that tip: https://pastebin.com/raw/m6W2hRx7
[Sun Sep  3 08:46:35 2017] <cq1> Sorry, it was the blinding flash of the obvious once you said it.
[Sun Sep  3 08:57:39 2017] <Saizan> cq1: cheers
[Sun Sep  3 11:53:43 2017] <dh`> zozozo: I have no idea, but that sounds like a bug and not desired behavior regardless of whether it's expected
[Sun Sep  3 11:57:08 2017] <zozozo> dh`: I assumed as much, do you have any idea where I can open a bug report about it ?
[Sun Sep  3 12:05:09 2017] <zozozo> I found the bugtracker and reported the problem
[Sun Sep  3 13:59:22 2017] <dh`> there, yeah
[Sun Sep  3 13:59:41 2017] <dh`> which reminds me, I still have a bug on to file on "congruence"
[Sun Sep  3 14:09:02 2017] <benzrf> whatre yalls opinions on lean
[Sun Sep  3 14:41:28 2017] <dh`> dunno, haven't tried it
[Sun Sep  3 15:33:24 2017] <dh`> is there some reason that List.nth and List.nth_default are different?
[Sun Sep  3 15:33:34 2017] <dh`> and which form would be preferred for String.get?
[Sun Sep  3 15:33:40 2017] <dh`> (which I want to call get, not nth, to match ocaml)
[Sun Sep  3 15:35:26 2017] <dh`> also, should get_default or get_error be the default "get"?
[Sun Sep  3 15:47:20 2017] <dh`> and, does coq have a list function for what haskell calls "intersperse" or should that get added? so far I can't find one
[Sun Sep  3 16:06:59 2017] <dh`> also, is there a list t -> list (t * nat) that numbers a list?
[Sun Sep  3 16:46:19 2017] <dh`> I suppose the current String defines get a certain way that I'd better leave alone, though
[Mon Sep  4 01:34:05 2017] <cjh`> I have been learning to use `inductive` to define predicates over natural numbers
[Mon Sep  4 01:34:22 2017] <cjh`> I would like to be able to express that two such predicates are equivalent using induction
[Mon Sep  4 01:34:52 2017] <cjh`> do I need coinductive predicates for this?
[Mon Sep  4 01:43:34 2017] <cjh`> e.g. I'm trying to show that N and M are equivalent https://gist.github.com/anonymous/405c00d00d08b155c306ee9bcaba6476
[Mon Sep  4 01:58:32 2017] <cjh`> whenever I try pick through M_le_N or N_le_M using induction I get stuck at some point, and it feels like I'm not able to use the induction hypothesis in the same way I would on paper
[Mon Sep  4 02:55:32 2017] <cocreature> cjh`: you probably need a stronger induction scheme that allows you to use the hypothesis for all n that are smaller and not just the one that is exactly 1 less. you can use well-founded induction on n for that.
[Mon Sep  4 02:55:48 2017] <cocreature> specifically, import Wf_nat and then use "induction (lt_wf n)"
[Mon Sep  4 03:16:30 2017] <cjh`> say I am trying to prove 'M n -> N n' and I have been able to get down to having an 'M n'
[Mon Sep  4 03:16:43 2017] <cjh`> my proof is based on the assumption M n, but can't figure out how to apply that as the final step :/
[Mon Sep  4 03:18:07 2017] <notnotdan> What exactly is in your context and in your goal?
[Mon Sep  4 03:28:17 2017] <cjh`> notnotdan: https://gist.github.com/anonymous/f69e5c630811f0198c55accfcfcaa4ac#file-nat-mat-inductive-equal-two-v-L52
[Mon Sep  4 03:28:27 2017] <cjh`> I'm still quite early on in my learning of coq, and my general proofs are not great
[Mon Sep  4 03:28:36 2017] <cjh`> I have been able to prove this by hand on paper, and it matches a proof I was given in class
[Mon Sep  4 03:28:59 2017] <cjh`> but I'm trying to learn coq to check my proofs, and I seem to have trouble translating them into coq (which we don't cover in class)
[Mon Sep  4 03:29:43 2017] <cjh`> cocreature: I can see how well founded induction would be useful, but on paper it seemed to be possible without it, but if I get stuck I will try that, thanks :)
[Mon Sep  4 03:29:57 2017] <cocreature> cjh`: do you have your paper proof somewhere?
[Mon Sep  4 03:30:19 2017] <cjh`> cocreature: not one me right now, but I can recreate / find it and share
[Mon Sep  4 03:30:32 2017] <cjh`> the format we use in class (computer science) is very informal proof though
[Mon Sep  4 03:30:46 2017] <cocreature> it’s easy to accidentally be sloppy when doing paper proofs
[Mon Sep  4 03:30:59 2017] <cjh`> yeah, which is why I am trying to learn coq
[Mon Sep  4 03:31:09 2017] <cjh`> I'm also uncomfortable with rule induction in general, especially for proofs of equality
[Mon Sep  4 03:31:17 2017] <cjh`> so I want something to check me, and coq was recommended
[Mon Sep  4 03:31:43 2017] <cjh`> I only think my paper proof is correct as it matched the proof in class, but appeal to authority isn't a great proof technique :p
[Mon Sep  4 03:32:26 2017] <cocreature> even if your proof is correct you might accidentally be using well-founded induction
[Mon Sep  4 03:33:15 2017] <cjh`> hmmm
[Mon Sep  4 03:33:29 2017] <cjh`> I can see that, since there are times I take apart my values by more than one level
[Mon Sep  4 03:41:15 2017] <Cypi> It is possible without well-founded induction if you do directlly a Fixpoint, as if you were writing a program that takes a "M n" and returns a "N n"
[Mon Sep  4 03:48:57 2017] <Cypi> You could also write your own induction principle and use it, like this http://lpaste.net/358193
[Mon Sep  4 03:57:24 2017] <cjh`> okay I tried to typeset the easy half of the proof in latex and uploaded at http://segfault.net.nz/~chris/nat-mat-induction-proof-half.pdf
[Mon Sep  4 03:57:38 2017] <cjh`> wasn't sure how else to share without taking a screenshot of my chicken scratch on paper
[Mon Sep  4 03:57:51 2017] <cjh`> I hope that format of proof makes sense :/
[Mon Sep  4 03:59:31 2017] <cjh`> oops, has a mistake, fixing now ..>
[Mon Sep  4 04:00:16 2017] <cjh`> fixed, M-2 induction rule was incorrect (had an N instead of M)
[Mon Sep  4 04:00:29 2017] <cjh`> I don't want to waste anyone's time with this though, since I am so new it is likely just due to my misunderstanding
[Mon Sep  4 04:00:55 2017] <cjh`> I have to run for a bit, thank you all for your time, I hope I didn't waste it.
[Mon Sep  4 04:01:06 2017] <cocreature> cjh`: you are not doing induction on "n", you are doing induction on "M n"
[Mon Sep  4 04:01:21 2017] <cocreature> cjh`: if you do that in Coq as well your hypotheses should work out as well
[Mon Sep  4 04:01:31 2017] <cjh`> oohhhh
[Mon Sep  4 04:01:45 2017] <cjh`> Cypi: thanks for that, I was trying Fixpoint initially but I got stuck and thought I was using the wrong tool
[Mon Sep  4 04:01:55 2017] <cjh`> cocreature: thank you so much, I will try that after I've found food and report back
[Mon Sep  4 04:02:04 2017] <cocreature> if you were doing induction on "n" you would have only two cases.
[Mon Sep  4 04:02:10 2017] <cjh`> it felt like I wasn't "tying together" the two M and N in some way
[Mon Sep  4 04:02:24 2017] <cjh`> I thought I had to relate them in an inductive sense, and coinduction sounded maybe right
[Mon Sep  4 04:02:41 2017] <cjh`> some of my biggest problems have been around relating the informal proofs in class to formal proof techniques
[Mon Sep  4 04:02:50 2017] <cjh`> I kept screwing up the inductive hypothesis
[Mon Sep  4 04:04:28 2017] <cocreature> being precise can be surprisingly tricky :)
[Mon Sep  4 04:04:44 2017] <cjh`> how do I express induction on M n in coq?
[Mon Sep  4 04:05:14 2017] <cjh`> my undergraduate cs degree didn't feature this kind of structural / rule inductive proofs, so trying to learn while running
[Mon Sep  4 04:05:15 2017] <cocreature> after "intros n H" you’ll have "H : M n". then you can just do "induction H"
[Mon Sep  4 04:06:23 2017] <cjh`> omg yes!
[Mon Sep  4 04:06:33 2017] <cjh`> there we are, the missing hypothesis \o/
[Mon Sep  4 04:07:28 2017] <cjh`> cocreature: thank you so much
[Mon Sep  4 04:07:32 2017] <cjh`> and thank you everyone for your help
[Mon Sep  4 04:07:32 2017] <cocreature> yw :)
[Mon Sep  4 04:07:42 2017] <cjh`> I had never seen `intros H`
[Mon Sep  4 04:07:54 2017] <cocreature> H is just an arbitrary name
[Mon Sep  4 04:07:58 2017] <cjh`> 19:16 < cjh`> say I am trying to prove 'M n -> N n' and I have been able to get down to having an 'M n'
[Mon Sep  4 04:08:01 2017] <cjh`> 19:16 < cjh`> my proof is based on the assumption M n, but can't figure out how to apply that as the final step :/
[Mon Sep  4 04:08:04 2017] <cjh`> that is roughly what I was trying to get at
[Mon Sep  4 04:08:04 2017] <cjh`> okay
[Mon Sep  4 04:08:09 2017] <cjh`> so I had learned intros for forall
[Mon Sep  4 04:08:19 2017] <cjh`> but I couldn't figure out how to break up `M n -> N n` for example
[Mon Sep  4 04:08:33 2017] <cjh`> I wanted to say 'use the assumption of that implication'
[Mon Sep  4 04:08:44 2017] <cocreature> "M n -> N n" is basically "forall H : M n -> N n"
[Mon Sep  4 04:09:11 2017] <cjh`> hmmm I sadly don't quite follow that
[Mon Sep  4 04:09:17 2017] <cjh`> ohh actually
[Mon Sep  4 04:09:31 2017] <cjh`> forall H (arbitrary name) of the type (M n -> N n)
[Mon Sep  4 04:09:35 2017] <cjh`> I think I follow that
[Mon Sep  4 04:09:35 2017] <cocreature> right
[Mon Sep  4 04:09:52 2017] <cjh`> cocreature: thank you so much
[Mon Sep  4 04:09:56 2017] <cjh`> this has honestly made my day
[Mon Sep  4 04:10:09 2017] <cjh`> I will try write up the full coq proof tonight and report back
[Mon Sep  4 04:10:13 2017] <cocreature> the feeling when your proof finally goes through can be quite satisfying :)
[Mon Sep  4 04:10:29 2017] <cjh`> more generally I'm trying to understand curry-howard, and how proofs and types relate
[Mon Sep  4 04:10:37 2017] <cjh`> and I keep hitting these kinds of walls which are due to my lack of understanding
[Mon Sep  4 04:10:43 2017] <cjh`> I keep trying to use the wrong tool
[Mon Sep  4 04:10:49 2017] <cjh`> have to run, thanks again :D
[Mon Sep  4 05:24:26 2017] <cjh`> cocreature: omg it works perfectly, thank you so much
[Mon Sep  4 05:24:52 2017] <cjh`> before coming in here I burned a bunch of time trying to use something like 'induction n on M' as I really wanted to say 'induction on M n' but didn't know how to express it
[Mon Sep  4 05:28:26 2017] <cjh`> final proof: https://gist.github.com/mkfifo/774b4255278ca1305c9a68f872a48a7d
[Mon Sep  4 05:28:31 2017] <cjh`> and now it matches what I was doing by hand EXACTLY
[Mon Sep  4 05:28:33 2017] <cjh`> thanks all for your time :D
[Mon Sep  4 05:31:06 2017] <cjh`> 1-1 correspondence with my hand proof is so lovely
[Mon Sep  4 17:41:21 2017] <benzrf> Question
[Mon Sep  4 17:41:46 2017] <benzrf> actually nvm my question would be better suited for ##typetheory
[Mon Sep  4 20:44:49 2017] <benzrf> is there some version of [inversion] that doesn't automatically rewrite by the generated equalities
[Mon Sep  4 20:54:58 2017] <benzrf> ah, [injection]
[Mon Sep  4 20:57:00 2017] <benzrf> [firstorder] is an excellent tactic =D
[Mon Sep  4 22:36:55 2017] <dh`> inversion doesn't, does it? that's why you almost always want inversion foo; subst
[Mon Sep  4 22:38:30 2017] <benzrf> er, it does /some/ rewritings
[Mon Sep  4 22:38:34 2017] <benzrf> not every single possible one, i guess
[Mon Sep  4 23:17:21 2017] <keep_learning> Hi Everyone
[Mon Sep  4 23:17:24 2017] <keep_learning> https://gist.github.com/mukeshtiwari/40ce0915d55bf4b47ac4f56e5d63f845
[Mon Sep  4 23:18:10 2017] <keep_learning> I am trying show to existence of function for decidable relation over finite types.
[Mon Sep  4 23:19:05 2017] <keep_learning> I have gone through https://coq.inria.fr/library/Coq.Logic.ChoiceFacts.html, but I am not able to put the piece of puzzles together.
[Mon Sep  4 23:19:52 2017] <keep_learning> I am just looking for minimum hint (direction to proceed)
[Mon Sep  4 23:23:04 2017] <dh`> I'm not sure what you're trying to accomplish exactly
[Mon Sep  4 23:24:44 2017] <dh`> and in the absence of any clear idea I'll just make a simple operational suggestion: prove the cases for P and ~P separately before writing that combined proof
[Mon Sep  4 23:25:42 2017] <keep_learning> dh`: Lets say for two elements, a and b,  of type A and a is preferred over b so P a b holds and in this case I want to give low natural number to a and high natural number to b.
[Mon Sep  4 23:25:42 2017] <dh`> and without more context I question whether the ~P case you've formulated is actually true
[Mon Sep  4 23:26:36 2017] <dh`> also try instantiating it on a simple concrete type first, like say bool
[Mon Sep  4 23:27:32 2017] <keep_learning> Lets take a, b, c and a is preferred over b and b is preferred over c then P a b is true, P a c is true and P b c is true and everything else is false
[Mon Sep  4 23:27:51 2017] <keep_learning> so in this case f a = 0, f b = 1 and f c = 2
[Mon Sep  4 23:28:31 2017] <dh`> your second case says "there exists no function into nat where f c < f d" and that's a very strong claim
[Mon Sep  4 23:29:06 2017] <keep_learning> Lets take directed graph and if node u is connected to node v then P u v holds
[Mon Sep  4 23:29:36 2017] <dh`> so the idea is that P is a total order on A?
[Mon Sep  4 23:29:52 2017] <dh`> let's take a simpler example, like bool, and suppose that false < true
[Mon Sep  4 23:30:03 2017] <keep_learning> dh`: Yes
[Mon Sep  4 23:30:18 2017] <dh`> so: P false true, ~P false false, ~P true true, and ~P true false
[Mon Sep  4 23:30:24 2017] <dh`> right?
[Mon Sep  4 23:30:28 2017] <keep_learning> Yes
[Mon Sep  4 23:31:30 2017] <dh`> so the second branch of your goal says: there exists no f: bool -> nat such that f true < f false
[Mon Sep  4 23:31:56 2017] <dh`> which is clearly not the case
[Mon Sep  4 23:33:50 2017] <dh`> which is I think because you've placed the exists somewhere other than where you wanted it
[Mon Sep  4 23:34:47 2017] <keep_learning> dh`:  {(exists f : A -> nat, forall c d : A, P c d <-> (f c < f d)%nat)} +
[Mon Sep  4 23:34:47 2017] <keep_learning> {(exists f : A -> nat, forall c d : A, ~P c d <-> (f c >= f d)%nat)}
[Mon Sep  4 23:35:59 2017] <dh`> ok, I think I see what you're chasing after
[Mon Sep  4 23:36:07 2017] <dh`> so, since you said you wanted a hint, here's a hint:
[Mon Sep  4 23:36:14 2017] <dh`> how many functions do you want to show the existence of?
[Mon Sep  4 23:36:55 2017] <keep_learning> dh`:  I think one would be great
[Mon Sep  4 23:37:19 2017] <dh`> right
[Mon Sep  4 23:37:20 2017] <dh`> so
[Mon Sep  4 23:37:27 2017] <dh`> how many do you get with the form you just pasted?
[Mon Sep  4 23:38:48 2017] <keep_learning> dh`:  I am not able to prove the lemma so none
[Mon Sep  4 23:41:05 2017] <keep_learning> dh`: or you mean something else. Sorry I did not get you about "ow many do you get with the form you just pasted?"
[Mon Sep  4 23:46:11 2017] <keep_learning_1> dh`: Sorry, my browser crashed.
[Mon Sep  4 23:50:14 2017] <dh`> how many different functions are you trying to prove the existence of?
[Mon Sep  4 23:50:55 2017] <dh`> and how many are you going to get if you prove the lemma with the form you pasted a few minutes back?
[Mon Sep  4 23:51:33 2017] <dh`> {} + {} gives you two mutually exclusive cases
[Mon Sep  4 23:51:48 2017] <dh`> if you put an exists in each one, then... how many functions exist?
[Mon Sep  4 23:52:45 2017] <keep_learning_1> My initial thought was when P c d holds then go for left  {(exists f : A -> nat, forall c d : A, P c d <-> (f c < f d)%nat)}  and give one evidence of existence.
[Mon Sep  4 23:53:01 2017] <keep_learning_1> and when ~ P c d then go right
[Mon Sep  4 23:53:10 2017] <dh`> yes, that's what you've written
[Mon Sep  4 23:53:24 2017] <dh`> but that gives you a different exists each time, and thus a different function for each case
[Mon Sep  4 23:53:34 2017] <dh`> so there's potentially two different functions (though not at the same time)
[Mon Sep  4 23:53:37 2017] <dh`> and I don't think that's what you want
[Mon Sep  4 23:55:14 2017] <keep_learning_1> dh`: Yeah, Now I understand your point and probably confused also.
[Mon Sep  4 23:55:47 2017] <dh`> also I'm not sure you want a {} + {} in the goal at all
[Mon Sep  4 23:56:41 2017] <dh`> that's an either-or
[Mon Sep  4 23:57:43 2017] <dh`> skipping over the exists question, what you've got says EITHER p is equivalent to <, OR ~P is equivalent to >=, BUT not both at once
[Mon Sep  4 23:58:20 2017] <keep_learning_1> dh`: Yes
[Tue Sep  5 00:00:29 2017] <keep_learning_1> When  P c d holds then c is ranked higher (low in number) than d  ~ P c d is c is ranked equally or lower than d.
[Tue Sep  5 00:02:35 2017] <dh`> right, so you've said
[Tue Sep  5 00:02:49 2017] <dh`> P c d <-> f c < f d
[Tue Sep  5 00:02:55 2017] <dh`> ~P c d <-> f c >= f d
[Tue Sep  5 00:03:06 2017] <dh`> but what's the connective you want between them?
[Tue Sep  5 00:05:59 2017] <dh`> are they both always true together, both true sometimes but other times only one, or can only one be true at a time?
[Tue Sep  5 00:06:40 2017] <dh`> (or something else?)
[Tue Sep  5 00:08:06 2017] <keep_learning_1> dh`: No, both are not true together. Only one at a time either P c d or ~ P c d
[Tue Sep  5 00:08:55 2017] <keep_learning_1> Seems like my assumption is wrong (if I understood you correctly)  forall c d, P c d \/ ~ P c d.
[Tue Sep  5 00:12:33 2017] <dh`> my question wasn't about P or ~P, it was about the equivalences.
[Tue Sep  5 00:12:52 2017] <dh`> P c d <-> f c < f d    and   ~P c d <-> f c >= f d
[Tue Sep  5 00:17:29 2017] <keep_learning_1> Only one at a time.
[Tue Sep  5 00:18:59 2017] <keep_learning_1> dh`:  Let me think more clearly and will be back with more clear question.
[Tue Sep  5 00:19:08 2017] <keep_learning_1> Thank you very much
[Tue Sep  5 00:34:25 2017] <benzrf> is this what its like to come face to face with one of the elder gods https://i.imgur.com/2WQFRRF.png
[Tue Sep  5 02:52:20 2017] <cjh`> benzrf: oh wow...
[Tue Sep  5 19:00:31 2017] <benzrf> in coq do all constant functions out of a sigma type factor thru the corresponding existential
[Tue Sep  5 19:12:17 2017] <Cypi> This could be of interest to you https://homotopytypetheory.org/2015/06/11/not-every-weakly-constant-function-is-conditionally-constant/
[Wed Sep  6 18:08:36 2017] <benzrf> ty Cypi
[Thu Sep  7 03:07:23 2017] <ertes-w> hi…  i have a problem with classes: https://gist.github.com/esoeylemez/9abba3e9a583ce8a89ed8938307a5a97
[Thu Sep  7 03:08:11 2017] <ertes-w> it this point the goal should be (0 ≡ 0), but it's (0 ≡ id Z (eqm n) Z.add) instead…  for some reason it doesn't take my Monoid instance into account, and all my attempts to rewrite it to 0 have failed
[Thu Sep  7 03:08:19 2017] <ertes-w> s/^it/at/
[Thu Sep  7 03:08:39 2017] <ertes-w> any ideas?
[Thu Sep  7 03:09:38 2017] <ertes-w> note: coq doesn't want me to prove that the instance exists…  apparently that particular class member is already satisfied
[Thu Sep  7 03:10:22 2017] <ertes-w> it's only asking for left_inv and right_inv
[Thu Sep  7 03:22:24 2017] <Cypi> ertes-w: when you end your "plus_mod_monoid" definition with "Qed.", it makes everything inside opaque
[Thu Sep  7 03:23:16 2017] <Cypi> so you should just replace your "Qed." with "Defined."
[Thu Sep  7 03:23:30 2017] <Cypi> and that's it, "id Z (eqm n) Z.add" will then compute to 0
[Thu Sep  7 03:25:49 2017] <ertes-w> Cypi: thanks…  do i still need to reduce it explicitly?  because so far it's still (id Z (eqm n) Z.add)
[Thu Sep  7 03:26:00 2017] <ertes-w> yeah, indeed
[Thu Sep  7 03:26:03 2017] <ertes-w> 'simpl' reduced it
[Thu Sep  7 03:26:21 2017] <Cypi> you can also use "reflexivity" directly
[Thu Sep  7 03:31:17 2017] <ertes-w> Cypi: lovely…  thanks a lot!
[Thu Sep  7 03:31:33 2017] <ertes-w> i always thought that Qed and Defined are synonymous
[Thu Sep  7 03:32:30 2017] <Cypi> That's the only difference: whether the definition will be opaque or transparent.
[Thu Sep  7 03:32:54 2017] <ertes-w> Cypi: so basically it makes a difference for structures only?
[Thu Sep  7 03:35:49 2017] <ertes-w> now that the problem is solved, are there any ways to improve this code?  still new to coq
[Thu Sep  7 03:36:27 2017] <Cypi> Not only for structures, for any definitions
[Thu Sep  7 03:37:19 2017] <Cypi> Your code looks fine to me. Only easy thing I would change: when you are proving different subgoals, use bullets to differentiate them. (It's a stylistic choice, but I find it makes proofs easier to read)
[Thu Sep  7 03:38:18 2017] <ertes-w> bullets?  what's the syntax for them?
[Thu Sep  7 03:38:43 2017] <Cypi> For instance in "plus_mod_monoid", you could have writtent the following:
[Thu Sep  7 03:38:45 2017] <Cypi> - reflexivity.
[Thu Sep  7 03:38:50 2017] <ertes-w> ah
[Thu Sep  7 03:38:54 2017] <Cypi> - intros. replace (x + 0) with .....
[Thu Sep  7 03:39:09 2017] <Cypi> you can use any symbol in -, +, *, --, ++, **, etc.
[Thu Sep  7 03:39:11 2017] <ertes-w> i see, yeah
[Thu Sep  7 03:41:38 2017] <ertes-w> is there a way to eliminate the redundancy in '- a. b. c. - a. b. c.'?
[Thu Sep  7 03:42:32 2017] <Cypi> So, you could chain it with the previous tactic (if any). Or you could write something like "all: a; b; c."
[Thu Sep  7 03:42:48 2017] <Cypi> (the ; chains several tactics)
[Thu Sep  7 03:42:57 2017] <Cypi> (and "all:" is a goal selector)
[Thu Sep  7 03:45:42 2017] <ertes-w> now i have a case where i do this:  - all: a. * b1. c. * b2. c.
[Thu Sep  7 03:46:24 2017] <ertes-w> is there a modifier 'f' such that i can do the following?  all: a. b1. f: b2. all: c.
[Thu Sep  7 03:48:41 2017] <Cypi> either "all: a; [b1 | b2]; c", or "all: a. b1. 2: b2. all: c."
[Thu Sep  7 03:50:43 2017] <ertes-w> great, now my proof for plus_mod_group looks like this:  all: intros. 1: replace (-x + x) with 0 by ring. 2: replace (x + -x) with 0 by ring. all: reflexivity.
[Thu Sep  7 03:50:58 2017] <ertes-w> i know that the "1:" is redundant, but written vertically it just looks very nice
[Thu Sep  7 03:51:33 2017] <ertes-w> thanks a lot for your support!  i'll be using coq to teach group theory in a cryptography workshop =)
[Thu Sep  7 03:59:54 2017] <Cypi> Just another personal advice (also, I am by no mean an expert in writing Coq proofs), I wouldn't mind not trying to factorize everything as most as possible; readability should really be a priority in my opinion
[Thu Sep  7 04:00:36 2017] <Cypi> So if your proof looks like "- intros. replace (-x + x) with 0 by ring. reflexivity. - intros. replace (x + -x) with 0 by ring. reflexivity.", it's very ok to me
[Thu Sep  7 04:04:56 2017] <ertes-w> Cypi: yes, that's what i'll be doing in the workshop anyway
[Thu Sep  7 04:05:03 2017] <ertes-w> i was just curious
[Thu Sep  7 10:57:42 2017] <ertes-w> in my paste from earlier, the resulting type of 'id' is: ∀ (A : Type) (eq : A → A → Prop) (dot : A → A → A), Monoid A eq dot → A
[Thu Sep  7 10:57:57 2017] <ertes-w> how do i make the first three arguments implicit?
[Thu Sep  7 10:58:08 2017] <ertes-w> without giving up the Section/Variable trick that is
[Thu Sep  7 10:59:09 2017] <ertes-w> ah, i figured it out: Context
[Thu Sep  7 11:01:32 2017] <ertes-w> err, no, that didn't quite work
[Thu Sep  7 11:01:51 2017] <ertes-w> now they are also implicit on the class itself, which is unfortunate
[Thu Sep  7 11:10:20 2017] <ertes-w> so the question is: how can i introduce a Context variable that is explicit on classes, but implicit on class members?
[Thu Sep  7 11:37:02 2017] <ertes-w> ah, now i finally get what the backtick means =)
[Thu Sep  7 20:49:49 2017] <benzrf> is it possible in a Section to locally generalize a definition
[Thu Sep  7 20:50:22 2017] <benzrf> that is, is it possible to say "this expression, but with a Variable discharged"
[Thu Sep  7 20:56:25 2017] <Cypi> You can always write it explicitely (with a lambda or something), but I don't think there is anything more direct
[Fri Sep  8 07:20:12 2017] <ertes-w> my question from yesterday still stands, if anyone knows the answer:  how can i introduce a Context variable that is explicit on classes, but implicit on class members?
[Fri Sep  8 07:22:32 2017] <ertes-w> example:  Context {A : Type}. … Class Monoid := { …; id : A; … }
[Fri Sep  8 07:22:40 2017] <ertes-w> i would like A to be explicit on Monoid, but implicit on 'id'
[Fri Sep  8 08:22:33 2017] <ertes-w> i'm using 'Arguments' now to declare it explicitly
[Fri Sep  8 08:24:13 2017] <ertes-w> is there a way to use symbolic names and infix notation more naturally?  right now i always have to introduce a regular prefix name first and then declare an infix notation for it using Notation/Infix…  that's cumbersome
[Fri Sep  8 08:25:02 2017] <ertes-w> what i would like is to use something like Reserved Infix, and then just use that symbol directly as a variable name
[Mon Sep 11 07:42:40 2017] <erisco> I am looking for a reference of the proof term language
[Mon Sep 11 07:43:50 2017] <erisco> https://coq.inria.fr/distrib/current/refman/Reference-Manual003.html#term
[Mon Sep 11 17:17:26 2017] <benzrf> i feel like ive read about function extensionality holding in cic in certain limited cases, like maybe when the domain has decidable equality or something—is there a thing like that, or am i just confusing myself?
[Mon Sep 11 17:26:08 2017] <mortberg> benzrf: you can prove fun ext for functions out of finite domain if you have an explicit enumeration of the elements of the domain
[Mon Sep 11 17:28:05 2017] <mortberg> this is used a lot in mathcomp (for instance a matrix is defined as a function from a finite set of indices, so you directly get that two matrices are equal if they are pointwise equal)
[Mon Sep 11 18:16:10 2017] <benzrf> oh that's useful :D
[Mon Sep 11 18:16:12 2017] <benzrf> mortberg: how do you prove that?
[Mon Sep 11 18:16:25 2017] <Saizan_> mortberg: don't you have to represent it as a vector though, instead of an actual function type?
[Mon Sep 11 18:24:10 2017] <mortberg> ah right, my bad. Saizan_ is right, you represent the functions by their graph
[Mon Sep 11 18:24:16 2017] <benzrf> aww wait what
[Mon Sep 11 18:24:18 2017] <benzrf> lame D:
[Mon Sep 11 18:25:06 2017] <mortberg> well, it's useful in practice. so it's not that lame, but having proper fun ext around is of course better
[Mon Sep 11 18:25:28 2017] <benzrf> so i cant prove this then? [forall A (f : unit -> A), f = fun u => match u with tt => f tt end]
[Mon Sep 11 18:27:18 2017] <Cale> benzrf: Imagine that every function, in addition to the ordinary stuff, has a colour, which is information that is lost when the function is applied.
[Mon Sep 11 18:27:59 2017] <benzrf> Cale: this is a model of mltt which invalidates that formula?
[Mon Sep 11 18:28:12 2017] <Cale> Yeah
[Mon Sep 11 18:28:20 2017] <benzrf> heuh
[Mon Sep 11 18:28:55 2017] <benzrf> ok, but you could just as easily make that claim for something like cubical tt, and it wouldnt necessarily be immediately obvious that it isnt a model
[Mon Sep 11 18:29:09 2017] <benzrf> if this was an open question, i could say "but how do you know that this is a valid model for mltt"
[Mon Sep 11 18:29:17 2017] <benzrf> which i guess is what my real question is!
[Mon Sep 11 18:29:30 2017] <mortberg> look at this paper: https://www.pédrot.fr/articles/cpp2017.pdf
[Mon Sep 11 18:30:38 2017] <benzrf> oh, neat
[Mon Sep 11 18:30:53 2017] <benzrf> heh, a domain with an é
[Tue Sep 12 15:52:19 2017] <rrika> is there a "fold /\" function in the stdlib? (list Prop -> Prop)
[Tue Sep 12 17:13:38 2017] <staffehn> like this?
[Tue Sep 12 17:13:40 2017] <staffehn> Require Import List.
[Tue Sep 12 17:13:40 2017] <staffehn> Import ListNotations.
[Tue Sep 12 17:13:40 2017] <staffehn> Definition xs := fold_right and True [1 = 1; 2 = 2; 3 = 3].
[Tue Sep 12 17:13:40 2017] <staffehn> Goal xs.
[Tue Sep 12 17:13:40 2017] <staffehn> Proof.
[Tue Sep 12 17:13:41 2017] <staffehn>   repeat split.
[Tue Sep 12 17:13:43 2017] <staffehn> Qed.
[Tue Sep 12 17:14:58 2017] <staffehn> Check fold_right and True : list Prop -> Prop.
[Tue Sep 12 17:17:40 2017] <staffehn> hmm.. actually probably better use
[Tue Sep 12 17:17:41 2017] <staffehn> Check Forall id : list Prop -> Prop.
[Tue Sep 12 17:18:34 2017] <staffehn> although.. not sure which one is better, at the moment.
[Tue Sep 12 17:27:00 2017] <staffehn> forall l : list Prop, Forall id l <-> fold_right and True l
[Tue Sep 12 17:27:00 2017] <staffehn> is easy to prove anyways
[Tue Sep 12 17:28:09 2017] <rrika> staffehn, I ended up doing exactly that
[Tue Sep 12 17:28:16 2017] <rrika> I was just wondering whether an alias for that exitsed already
[Tue Sep 12 17:28:50 2017] <rrika> I combined it with a map for convenience.
[Tue Sep 12 17:28:51 2017] <rrika> Definition all_of {A: Type} l (f:A->_) := fold_left and (map f l) True.
[Tue Sep 12 17:29:26 2017] <rrika> eg. all_of [1; 2; 3] (fun n => n < 2)
[Tue Sep 12 17:29:30 2017] <staffehn> that looks a lot like Forall though..
[Tue Sep 12 17:30:02 2017] <staffehn>  Forall (fun n => n < 2) [1;2;3].
[Tue Sep 12 17:30:09 2017] <rrika> you're right
[Tue Sep 12 17:30:35 2017] <rrika> I was a bit slow to parse.
[Wed Sep 13 04:04:15 2017] <erisco> how can I have a unicode character as an identifier?
[Wed Sep 13 04:05:11 2017] <erisco> I see the Notation declaration but this seems to be to define notations which can be desugared
[Wed Sep 13 04:05:21 2017] <notnotdan> Just enter it as an identifier in the text?
[Wed Sep 13 04:06:03 2017] <erisco> the compiler tells me "Syntax Error: Lexer: Undefined token"
[Wed Sep 13 04:08:05 2017] <notnotdan> Can you upload the full source file you are trying to compile?
[Wed Sep 13 04:08:25 2017] <erisco> what I would like is  (→ : A -> A -> Prop)  and then given x : A and y : A that I may write x → y
[Wed Sep 13 04:08:41 2017] <notnotdan> OK, for that you do need to have notations, most likely.
[Wed Sep 13 04:08:55 2017] <notnotdan> Because you want to have an infix notation, essentially
[Wed Sep 13 04:10:26 2017] <notnotdan> See for instance how it is defined here: https://gitlab.mpi-sws.org/robbertkrebbers/coq-stdpp/blob/master/theories/base.v#L355
[Wed Sep 13 04:12:45 2017] <erisco> just trying to compile line 355 the compiler says  Syntax Error: Lexer: Undefined token  and in CoqIde it highlights → at col 28
[Wed Sep 13 04:13:56 2017] <erisco> I am guessing it has some other Notation declaration somewhere
[Wed Sep 13 04:14:28 2017] <erisco> ah I bet it is using https://coq.inria.fr/library/Coq.Unicode.Utf8_core.html
[Wed Sep 13 04:15:09 2017] <notnotdan> Hm, wierd
[Wed Sep 13 04:15:17 2017] <notnotdan> I thought it should "just work".
[Wed Sep 13 04:15:22 2017] <notnotdan> What is your coqc version?
[Wed Sep 13 04:15:38 2017] <erisco> I just changed → for -> and λ for forall
[Wed Sep 13 04:16:09 2017] <erisco> it seems these just define section notations for → as an alias of ->
[Wed Sep 13 04:16:16 2017] <erisco> this is not what I want… I want → to be an identifier
[Wed Sep 13 04:16:21 2017] <erisco> a variable name
[Wed Sep 13 04:17:27 2017] <erisco> I want to have → be an arbitrary relation
[Wed Sep 13 04:17:51 2017] <erisco> in P(A*A)
[Wed Sep 13 04:20:30 2017] <erisco> the reference is a bit vague on which unicode characters are allowed in an identifier
[Wed Sep 13 04:22:27 2017] <erisco> and I guess that is just not one of the allowed ones… darn
[Wed Sep 13 04:29:48 2017] <erisco> I could, I dunno, rewrite  x → y  to  R x y  but I am not sure how to make a Notation declaration for this
[Wed Sep 13 04:30:04 2017] <erisco> because it complains R is not defined… not sure if I can refer to an R in context…
[Wed Sep 13 04:31:39 2017] <notnotdan> So what should be the meaning of (A \to B)?
[Wed Sep 13 04:32:10 2017] <erisco> is that a question for me? I do not understand it
[Wed Sep 13 04:33:05 2017] <notnotdan> Well, you want to define an identifier/unicode notation for something, right?
[Wed Sep 13 04:33:27 2017] <notnotdan> I don't exactly understand what do you want the meaning \to to be
[Wed Sep 13 04:33:45 2017] <notnotdan> Like, should (A \to B) be equal to (A -> B -> Prop) or to some element of that type?
[Wed Sep 13 04:34:15 2017] <erisco> as I said, I merely want it to be a variable name
[Wed Sep 13 04:34:57 2017] <erisco> seeing as that is not possible, maybe I can rewrite it to a fixed legal variable name, but I am not sure how to refer to the context in which x → y appears
[Wed Sep 13 04:35:07 2017] <notnotdan> OK, sorry, I misunderstood you then.
[Wed Sep 13 04:35:11 2017] <erisco> I am seeing ".." in notations and so maybe this is a way
[Wed Sep 13 04:36:06 2017] <erisco> something like this, but it does not compile yet http://lpaste.net/358397
[Wed Sep 13 04:37:17 2017] <erisco> error occurs on the last ..
[Wed Sep 13 04:38:52 2017] <erisco> hm, I don't think .. is what I want it to be, at all
[Wed Sep 13 04:39:25 2017] <erisco> I wanted it to be "arbitrary expression"
[Wed Sep 13 04:39:43 2017] <notnotdan> In that case you might want to use typeclasses? Like this: https://gist.github.com/co-dan/0102e8608a05ed9f2d663c7cff139489
[Wed Sep 13 04:39:47 2017] <notnotdan> not sure if that's the best solution tbh
[Wed Sep 13 04:48:17 2017] <erisco> maybe I'll try a section… I don't know what a section is yet
[Wed Sep 13 04:51:46 2017] <erisco> I have no idea what I am doing but this is working so far http://lpaste.net/358398
[Wed Sep 13 04:53:03 2017] <erisco> having Variable A and Variable R seems really helpful to shorten my other definitions
[Wed Sep 13 05:14:22 2017] <erisco> how do I simplify notation in a proof? I know to use unfold to substitute for the definition
[Wed Sep 13 05:16:28 2017] <erisco> I am stuck with  x ⇒ y  which is just sugar for  x -> y  and intros is not seeing that
[Wed Sep 13 05:17:23 2017] <erisco> unfold ⇒.  is a syntax error,  simpl does nothing,  compute does nothign
[Wed Sep 13 05:21:40 2017] <erisco> hm I think the precedence is wrong… I thought higher levels would bind tighter
[Wed Sep 13 05:56:01 2017] <erisco> if I have two hypotheses, how do I use them together in some way and add the result as a new hypothesis?
[Wed Sep 13 05:57:08 2017] <Cypi> If you have "H1 : A ; H2 : A -> B", you can do "pose proof (H2 H1)." for instance
[Wed Sep 13 05:57:30 2017] <erisco> I have two hypotheses which can be arguments to a constructor
[Wed Sep 13 05:57:38 2017] <Cypi> (pose proof accepts any well-typed term, and adds a new hypothesis with its type)
[Wed Sep 13 05:57:48 2017] <Cypi> pose proof (C H1 H2)
[Wed Sep 13 05:58:20 2017] <erisco> normally I'd use the constructor tactic but it only works when it gives the consequent
[Wed Sep 13 05:59:02 2017] <erisco> okay, thanks
[Wed Sep 13 06:08:52 2017] <erisco> how would I find the constructors for "and"?
[Wed Sep 13 06:09:19 2017] <Cypi> You can "Print and." to see the inductive definition
[Wed Sep 13 06:09:38 2017] <erisco> thanks!
[Wed Sep 13 06:26:40 2017] <erisco> here is a proof I have done… are there ways I can shorten or otherwise improve it? http://lpaste.net/358400 I am just getting to grips with the tactics
[Wed Sep 13 06:30:59 2017] <erisco> I fixed my levels for ⇒ and ∧ … lower levels bind tighter, okay
[Wed Sep 13 07:37:25 2017] <erisco> is there a shorter version of  elim H. intros.  ?
[Wed Sep 13 07:37:38 2017] <erisco> for ∧
[Wed Sep 13 08:23:45 2017] <erisco> what is this error here? I do not understand it http://lpaste.net/358404
[Wed Sep 13 08:24:07 2017] <erisco> if I use  and (x →* y) (is_norm y)  instead then it works fine
[Wed Sep 13 08:24:22 2017] <erisco>  /\ for ∧ also fails
[Wed Sep 13 08:30:31 2017] <erisco> ah I think it may be because I have some overlapping notations
[Wed Sep 13 08:31:46 2017] <erisco> I have  x → y  as a notation and I also want  x → y → z  as a notation
[Wed Sep 13 08:31:53 2017] <erisco> not sure that is possible… seems to be screwing up
[Wed Sep 13 08:50:48 2017] <Muir> https://softwarefoundations.cis.upenn.edu/lf-current/Basics.html#lab16
[Wed Sep 13 08:50:55 2017] <Muir> search for 'notations'
[Wed Sep 13 08:51:09 2017] <Muir> there they talk about associativity
[Wed Sep 13 08:51:32 2017] <erisco> is associativity relevant here? I thought it could be the ambiguity
[Wed Sep 13 08:57:15 2017] <erisco> bah I don't know… I'll use the noiser notation then
[Wed Sep 13 09:03:40 2017] <Muir> well if you write x → y → z as  x → (y → z) or (x → y) → z then you only need one natation
[Wed Sep 13 09:03:57 2017] <erisco> no because they mean different things
[Wed Sep 13 09:04:14 2017] <erisco> it is like  x < y  and  x < y < z
[Wed Sep 13 09:04:26 2017] <erisco> x < y < z  means  x < y ∧ y < z
[Wed Sep 13 09:09:00 2017] <erisco> is there a hotkey for "go to cursor"?
[Wed Sep 13 09:10:29 2017] <Muir> Ctrl+Right (in coqide)
[Wed Sep 13 09:10:45 2017] <erisco> awesome, thanks
[Wed Sep 13 12:15:43 2017] <erisco> I have  c : forall x y, s x y -> t x y   and would like to make x, y implicit
[Wed Sep 13 12:15:59 2017] <erisco> I tried  c : forall {x y}, s x y -> t x y   but this did not change anything, seemingly
[Wed Sep 13 12:38:40 2017] <erisco> would shorten a lot of code, hrm
[Wed Sep 13 13:15:10 2017] <erisco> I can make a Definition which wraps the constructor and has the implicit parameters
[Wed Sep 13 13:15:23 2017] <erisco> kind of clunky, but if that is what I have to do… are implicits only for Definitions?
[Wed Sep 13 17:41:34 2017] <erisco> huh, I think to prove a symmetric and transitive relation is reflexive, I need LEM
[Wed Sep 13 17:45:07 2017] <Cypi> Isn't it false?
[Wed Sep 13 17:45:22 2017] <Cypi> The empty relation is symmetric and transitive, but not reflexive, for instance.
[Wed Sep 13 17:45:27 2017] <erisco> I dunno, seems right, but I am tired enough to not see counter examples
[Wed Sep 13 17:45:57 2017] <erisco> yes, derp, I keep getting the wrong idea of reflexive in my mind
[Wed Sep 13 17:46:34 2017] <erisco> I end up thinking reflexivity means if xRy then xRx and yRy
[Wed Sep 13 17:47:11 2017] <Cypi> Then it would be true, and you wouldn't need LEM :p
[Wed Sep 13 17:48:00 2017] <erisco> yes… so I was thinking this wrong way and then trying to prove it using the correct definition of reflexivity
[Wed Sep 13 17:49:42 2017] <erisco> another thing I might be stupid on… I think the symmetric closure of the transitive closure is a subset of the transitive closure of the symmetric closure
[Wed Sep 13 17:50:03 2017] <erisco> but the proof is going nowhere fast… not seeing obvious counter examples
[Wed Sep 13 17:52:25 2017] <Cypi> Consider a set {x, y}, and your relation is {(x, y)} and that's it (so you have xRy and nothing else). The symmetric closure of the transitive closure is {(x, y), (y, x)}, while the transitive closure of the symmetric closure is {(x, x), (x, y), (y, x), (y, y)}
[Wed Sep 13 17:52:39 2017] <Cypi> Ah wait, you said a subset, that's not a counter-example :D
[Wed Sep 13 17:53:17 2017] <erisco> and you'll notice why I keep getting the wrong idea of reflexivity in my head… because the difference seems to be reflexive pairs
[Wed Sep 13 17:54:14 2017] <Cypi> I think you're right (about the symmetric closure etc.)
[Wed Sep 13 18:01:56 2017] <erisco> proved it, yay
[Wed Sep 13 18:02:40 2017] <erisco> realised a lemma that the transitive closure is a subset of the transitive closure of the symmetric closure
[Wed Sep 13 18:17:38 2017] <erisco> generalised to transitive closure preserves subset
[Thu Sep 14 00:44:19 2017] <rgrinberg> How do I make my type ordered in coq? I'm looking at this answer https://stackoverflow.com/questions/44793027/example-uses-of-msets-in-coq for constructing a set and I think i need to write a corresponding module.
[Thu Sep 14 00:44:32 2017] <rgrinberg> Not sure where to find an example of such a module and what functions it requires though
[Thu Sep 14 01:21:44 2017] <dh`> Orders, and there are some examples in OrdersEx
[Thu Sep 14 01:22:21 2017] <dh`> the examples aren't amazingly comprehensible because they're kind of overgeneralized for that (like much of the library)
[Thu Sep 14 06:37:30 2017] <anton-trunov> An example for the natural numbers is here: https://coq.inria.fr/distrib/current/stdlib/Coq.Structures.OrderedTypeEx.html#Nat_as_OT
[Thu Sep 14 11:27:50 2017] <rgrinberg> anton-trunov: thanks.
[Thu Sep 14 11:31:33 2017] <rgrinberg> do i have to write boilerplate myself btw?
[Thu Sep 14 11:31:42 2017] <rgrinberg> E.g. the lt function
[Thu Sep 14 12:58:03 2017] <schoppenhauer> hi.
[Thu Sep 14 12:58:13 2017] <schoppenhauer> hm. anyone here?
[Thu Sep 14 12:58:32 2017] <schoppenhauer> I am interested in compiling coq natively.
[Thu Sep 14 12:59:33 2017] <schoppenhauer> or more specifically, some OPAM packages for coq allow direct compilation I think. on the one hand: how is I/O handled? on the other hand: how can this be done? (I am still using extraction for most of my stuff)
[Thu Sep 14 13:01:50 2017] <pmetzger> What do you mean by compiling coq natively?
[Thu Sep 14 13:02:11 2017] <pmetzger> Most of the work one does in Coq tends not to be running things in Coq itself after all.
[Thu Sep 14 13:05:07 2017] <schoppenhauer> indeed
[Thu Sep 14 13:05:11 2017] <schoppenhauer> that is why I am wondering
[Thu Sep 14 13:05:59 2017] <schoppenhauer> ok. well, another question: how hard is it to write an own program extraction mechanism for coq?
[Thu Sep 14 13:10:37 2017] <schoppenhauer> I found https://github.com/pirapira/coq2rust/blob/rust/plugins/extraction/rust.ml
[Thu Sep 14 13:11:14 2017] <schoppenhauer> is there a central file where "proofs", that is, the structure of proofs themselves, are specified?
[Thu Sep 14 13:14:02 2017] <pmetzger> Writing extraction mechanisms is relatively straightforward from what I understand, but I've never written one.
[Thu Sep 14 13:14:15 2017] <pmetzger> I don't understand what you are asking about central files of proofs.
[Thu Sep 14 13:15:14 2017] <schoppenhauer> pmetzger: to write an extraction mechanism, I assume one has to get a proof object, and then generates program code. this proof object must have a structure that is defined somewhere in the coq source code.
[Thu Sep 14 13:16:02 2017] <pmetzger> I'd suggest reading one of the papers on extraction. They're old but they describe the mechanism.
[Thu Sep 14 13:16:37 2017] <pmetzger> Remember that you don't extract things that have type Prop.
[Thu Sep 14 13:17:04 2017] <pmetzger> When you extract something to OCaml, you're only extracting the stuff we generically think of as a program, not the proofs associated with it.
[Thu Sep 14 13:24:16 2017] <schoppenhauer> I know
[Thu Sep 14 13:24:20 2017] <schoppenhauer> hm.
[Thu Sep 14 13:24:25 2017] <schoppenhauer> pmetzger: can you suggest some paper?
[Thu Sep 14 13:25:04 2017] <pmetzger> I would only be googling for it just as you would. I last read the background on this years ago.
[Thu Sep 14 13:31:47 2017] <pmetzger> googling for "coq extraction paper" brings up immediate hits btw.
[Thu Sep 14 13:34:20 2017] <schoppenhauer> ok
[Thu Sep 14 13:34:25 2017] <schoppenhauer> yes
[Thu Sep 14 13:34:34 2017] <schoppenhauer> I currently read https://hal.archives-ouvertes.fr/hal-00150914/document
[Thu Sep 14 13:36:03 2017] <schoppenhauer> but this doesn't really help
[Thu Sep 14 13:38:24 2017] <pmetzger> I presume you've tried reading the Coq sources for a similar extraction already?
[Thu Sep 14 13:42:50 2017] <schoppenhauer> yes, I tried, but it is … rather complicated.
[Thu Sep 14 13:43:01 2017] <schoppenhauer> there is Pp
[Thu Sep 14 13:43:04 2017] <schoppenhauer> which does … something
[Thu Sep 14 13:43:20 2017] <schoppenhauer> but Pp is not really a name I understand.
[Thu Sep 14 13:46:10 2017] <pmetzger> If you don't feel comfortable reading an existing extraction, you might not be sufficiently versed to write a new one.
[Thu Sep 14 14:00:00 2017] <schoppenhauer> indeed
[Thu Sep 14 14:00:16 2017] <schoppenhauer> the point is: I want to *get* sufficiently versed ;)
[Thu Sep 14 15:52:15 2017] <numee> I have a goal of the form "if somefun x then expr1 else expr2". I destruct'ed (somefun x), expecting each of the to-be-generated subgoals to have as a hypothesis somefun x = true and somefun x = false. but I just saw the goal having changed to expr1 with no additional hypothesis added. Any idea how to deal with this?
[Thu Sep 14 15:52:52 2017] <Cypi> Use "destruct (somefun x) eqn:H" (where H is some name)
[Thu Sep 14 15:53:08 2017] <Cypi> it will generate the equation you want
[Thu Sep 14 15:53:48 2017] <numee> Cypi: thank you! you helped me again ...
[Thu Sep 14 15:56:52 2017] <numee> oops, i was confused with another person whose name starts with C and is of 4 letters, never mind
[Thu Sep 14 15:58:03 2017] <dh`> ooh, didn't know you can do that, always figured you hand to "remember (somefun x) as foo; destruct foo"
[Thu Sep 14 15:58:19 2017] <dh`> also often "symmetry in Heqfoo" too
[Thu Sep 14 15:58:40 2017] <dh`> since remember ~always produces the equation backwards from what one ultimately wants.
[Thu Sep 14 16:08:40 2017] <schoppenhauer> http://coq-club.inria.narkive.com/kH5buUqe/a-tutorial-about-writing-coq-plugins does anyone know what has become of this tutorial? both links are dead now.
[Sat Sep 16 06:34:43 2017] <numee> How can I prove with induction a proposition on positive numbers, which is of the form (forall n, 1<=n -> ...)? when I used `induction n`, I noticed a generated subgoal had as a hypothesis 1 <= S n, instead of 1 <= n
[Sat Sep 16 06:37:13 2017] <numee> But the induction hypothesis requires the proof of 1 <= n and it's impossible to prove it from 1 <= S n
[Sat Sep 16 06:37:49 2017] <erisco> how is <= defined?
[Sat Sep 16 06:39:53 2017] <numee> n is of type nat so it is defined in Coq.Init.Peano
[Sat Sep 16 06:41:47 2017] <erisco> numee, try  intros. induction le.
[Sat Sep 16 06:42:40 2017] <modulus> wait, how is that true?
[Sat Sep 16 06:42:51 2017] <modulus> 1<=0 doesn't seem true to me
[Sat Sep 16 06:43:36 2017] <modulus> oh sorry, misread
[Sat Sep 16 06:44:06 2017] <erisco> numee, or since intros will put 1<=n as a hypothesis, I think it is  induction H.  or whatever the hypothesis is named
[Sat Sep 16 06:45:34 2017] <erisco> point being, you want to use induction on <=
[Sat Sep 16 06:46:11 2017] <numee> erisco: thanks, i'll try that
[Sat Sep 16 06:46:43 2017] <erisco> and <= is notation for le… I am not sure how to determine this without looking up docs… would be happy to know
[Sat Sep 16 06:57:57 2017] <rrika> Locate "<=".
[Sat Sep 16 06:59:16 2017] <numee> ooh... with induction H I managed to prove it. thank you again.
[Sat Sep 16 07:00:06 2017] <erisco> they might have called the language "Induction H" instead
[Sat Sep 16 07:06:39 2017] <erisco> rrika, thanks!
[Sat Sep 16 10:24:04 2017] <erisco> can I have notation overloaded based on types?
[Sat Sep 16 10:24:31 2017] <erisco> for example, is there some way to overload = for different equalities?
[Sat Sep 16 10:39:24 2017] <rrika> erisco, does this help? https://coq.inria.fr/refman/Reference-Manual022.html
[Sat Sep 16 10:39:45 2017] <erisco> probably, thanks
[Sat Sep 16 12:00:30 2017] <erisco> when I am trying to prove something like  ∃x, p ⇒ x  what is a tactic I can use to have p as a hypothesis to prove x?
[Sat Sep 16 12:09:52 2017] <erisco> ah ha, eexists!
[Sat Sep 16 16:14:36 2017] <erisco> saying the nonempty set contains an element seems to require LEM, interesting
[Sat Sep 16 16:15:12 2017] <benzrf> define "nonempty set"
[Sat Sep 16 16:15:27 2017] <erisco> yes that is unclear
[Sat Sep 16 16:15:44 2017] <erisco> ¬(s = ∅) ⇒ ∃ x, x ∈ s
[Sat Sep 16 16:15:53 2017] <modulus> any set that is not the empty set? ;-)
[Sat Sep 16 16:16:06 2017] <erisco> yes, that is the version I am using here
[Sat Sep 16 16:20:33 2017] <benzrf> well sure, this is just double negation elimination basically
[Sat Sep 16 16:20:52 2017] <benzrf> think constructively
[Sat Sep 16 16:21:08 2017] <erisco> there is a double negation elimination and then LEM
[Sat Sep 16 16:21:40 2017] <benzrf> if i agree to give you anything you like in return for a proof that this set is empty, you have no way of leveraging that to produce an element of the set
[Sat Sep 16 16:21:58 2017] <benzrf> not unless you know something else about the set, which you don't if it's universally quantified
[Sat Sep 16 16:22:13 2017] <erisco> it is just interesting
[Sat Sep 16 17:34:36 2017] <Chobbes> Is it possible to prove that if f : A -> B is injective, that it has a left inverse in Coq? Typically the proof of this would just be constructing a function g where if f(x) = y, then g(y) = x, but I'm not really sure how to do that in general in Coq.
[Sat Sep 16 17:38:55 2017] <Cypi> You can't. f : False -> unit is injective, but you can't build (hopefully) g : unit -> False
[Sat Sep 16 17:40:36 2017] <Chobbes> Cypi: what about f : A -> A? I.e., can it be proven if the domain and codomain are the same?
[Sat Sep 16 17:41:27 2017] <Chobbes> That's a good point, though.
[Sat Sep 16 17:41:49 2017] <Cypi> and a good question, I need to think about it but I can't right now, I'll come back to it x)
[Sat Sep 16 17:41:54 2017] <Cypi> (someone else might, though)
[Sat Sep 16 17:46:19 2017] <Chobbes> Thanks :). I suppose another question is if you keep f : A -> B, but then assert that there exists some a : A and b : B...
[Sat Sep 16 17:47:39 2017] <Chobbes> Which actually is helpful for a potential proof, because B might be "bigger" than A, meaning you can then have g : B -> A default to a.
[Sat Sep 16 20:56:14 2017] <ertes> Chobbes: an injective function is a monomorphism, so you can prove: ∀ f g h, injective f → (∀ x, g (f x) = h (f x)) -> ∀ x, g x = h x
[Sat Sep 16 20:58:45 2017] <ertes> it's not quite "has an inverse", but you can still reason about compositions with injections
[Sat Sep 16 21:00:13 2017] <ertes> similarly surjective functions are epimorphisms: ∀ f g h, surjective f → (∀ x, f (g x) = f (h x)) → ∀ x, g x = h x
[Sat Sep 16 21:19:57 2017] <dh`> hrm
[Sat Sep 16 21:20:16 2017] <dh`> it's straightforward to prove that if a list is not the empty list, there exists an element that's in it
[Sat Sep 16 21:20:19 2017] <dh`> why are sets different?
[Sat Sep 16 21:21:02 2017] <ertes> dh`: how do you express "non-empty set"?
[Sat Sep 16 21:21:16 2017] <dh`> s <> emptyset?
[Sat Sep 16 21:21:27 2017] <dh`> surely the empty set is allowed to be a thing
[Sat Sep 16 21:21:38 2017] <ertes> dh`: we're in the context of coq, right?  so by "set" you really mean "type"?
[Sat Sep 16 21:21:48 2017] <dh`> are we?
[Sat Sep 16 21:21:56 2017] <dh`> I was replying to something in the scroll, that wasn't clear
[Sat Sep 16 21:22:06 2017] <ertes> ah, i see
[Sat Sep 16 21:23:11 2017] <dh`> the proposition in the scroll contains utf-8 that got mangled, but it seems to be writing s <> emptyset
[Sat Sep 16 21:25:23 2017] <ertes> again, are we talking about sets or types?
[Sat Sep 16 21:25:55 2017] <ertes> because the way you express "non-emptiness" for types is very different
[Sat Sep 16 21:27:13 2017] <dh`> right, you do it by saying there exists an x
[Sat Sep 16 21:27:41 2017] <ertes> in fact i would do the same for sets
[Sat Sep 16 21:27:49 2017] <dh`> and then the proposition about an element existing would be tautological
[Sat Sep 16 21:28:19 2017] <dh`> but this was probably about datatype sets or somebody's set theory development
[Sat Sep 16 21:29:19 2017] <ertes> if you assume LEM, then basically whenever you get a non-empty set you can pick an element from it
[Sat Sep 16 21:29:44 2017] <ertes> at least in ZF, and that's because LEM is actually equivalent to the axiom of choice
[Sat Sep 16 21:30:18 2017] <ertes> in constructive mathematics and type theory in particular you generally don't assume LEM
[Sat Sep 16 21:30:35 2017] <dh`> right
[Sat Sep 16 21:30:49 2017] <dh`> except I didn't realize it ended up being equivalent to the axiom of choice
[Sat Sep 16 21:31:38 2017] <ertes> in even simpler terms: if you assume LEM, then proving existence does not mean actually coming up with an element
[Sat Sep 16 21:32:49 2017] <ertes> with LEM you can prove existence by contradiction, which means: all you need to do is to show that non-existence doesn't make sense
[Sat Sep 16 21:36:46 2017] <ertes> "the set of even naturals is non-empty" = "there exists an even natural number"…  (contrived) proof with LEM: assume that all naturals were odd…  sums of natural numbers are natural numbers, so they must be odd as well, but the sum of two odd numbers is always even, thus there exist even natural numbers
[Sat Sep 16 21:37:14 2017] <ertes> the point is: in the proof i never came up with an actual even natural
[Sat Sep 16 21:40:06 2017] <dh`> right, I was thinking about coq objects, which are construcive and therefore decidable in various ways
[Sat Sep 16 21:43:48 2017] <ertes> constructive doesn't imply decidable, a.k.a. computable
[Sat Sep 16 21:44:06 2017] <dh`> well
[Sat Sep 16 21:44:31 2017] <dh`> any inductive type you can destruct
[Sat Sep 16 21:45:15 2017] <dh`> and that will give you one or more cases for empty, that are contradictions, and one or more cases where an element appears
[Sat Sep 16 21:46:02 2017] <dh`> so the proof for lists is easy, and I'd expect the proof for msets is too
[Sat Sep 16 21:46:47 2017] <ertes> what about functions?  for example function injectivity is not decidable in general
[Sat Sep 16 21:47:51 2017] <dh`> I'm happy to concede your abstract point
[Sat Sep 16 21:48:09 2017] <dh`> I have been thinking specifically about containers of the programmatic kind
[Sat Sep 16 21:48:53 2017] <ertes> yeah, you need to be careful to make them decidable though, because properties are not decidable in general, not even for nice inductive data types
[Sat Sep 16 22:15:55 2017] <dh`> actually mucking with msets seems to be extremely painful, but maybe that's just because I don't understand the inner workings.
[Sat Sep 16 22:21:18 2017] <dh`> ah, there we go. yeah, the proof goes through
[Sat Sep 16 22:27:12 2017] <dh`> for some reason it's set up so you need to "compute", "simpl" doesn't do anything on anything
[Sat Sep 16 22:28:06 2017] <dh`> that and xs <> MyMSet.empty doesn't work without proof irrelevance (and maybe not then either, didn't try), because the mset is carrying around a proof in it
[Sat Sep 16 22:28:25 2017] <dh`> and so the <> doesn't provide the contradiction you need.
[Sat Sep 16 22:28:28 2017] <dh`> anyway, whatevs
[Sat Sep 16 22:28:29 2017] <dh`> thanks
[Sat Sep 16 22:30:40 2017] <dh`> (I tried, it does work)
[Sat Sep 16 22:41:20 2017] <dh`> hrm, but proof irrelevance seems to come from Classical
[Sat Sep 16 22:41:25 2017] <dh`> anyway, whatever really, need to make dinner
[Sun Sep 17 05:00:57 2017] <numee> What is the minimal set of tactics which can prove anything that can be proven in Coq without directly specifying Gallina terms?
[Sun Sep 17 06:14:46 2017] <rrika> numee, where do you draw the border, what about "exact"?
[Sun Sep 17 06:38:08 2017] <rrika> else, I'd say
[Sun Sep 17 06:38:08 2017] <rrika> lambda → intro, function application → apply, variables → exact, constants → exact, Type → exact Type, forall → refine (forall x:_, _)., let → pose, match → destruct
[Sun Sep 17 07:34:37 2017] <numee> rrika: by "without directly specifying Gallina terms" i tried to exclude exact (fun ...)
[Sun Sep 17 07:35:41 2017] <numee> for example, is it possible to prove that (forall n, even (S (n + n)) -> False) from (even_contra': forall n', even n' -> forall n, (n' = S (n+n)) -> False) only with the tactics you listed? (the propositions are taken from CPDT p.84)
[Sun Sep 17 07:36:20 2017] <Cypi> Even when you write "apply t" or "exact t", t is already a Gallina term
[Sun Sep 17 07:36:25 2017] <Cypi> not sure where your line is
[Sun Sep 17 07:53:52 2017] <numee> Cypi: would you accept if I said "without writing explicit lambda abstraction (fun ...)" ?
[Sun Sep 17 07:53:53 2017] <numee> It is my impression that Ltac is meant to replace directly writing complex Gallina terms so every time I see a complex Gallina term in a proof I feel unconfortable. maybe this impression is just wrong
[Sun Sep 17 07:59:06 2017] <rrika> numee, "intro" will add a lambda abstraction to the proof.
[Sun Sep 17 08:02:15 2017] <numee> rrika: can you achieve what eapply do with another tactic? I think refine (fun ...) would do but that makes me uncomfortable
[Sun Sep 17 08:03:49 2017] <rrika> hm, isn't that kind of the opposite?
[Sun Sep 17 08:03:56 2017] <rrika> apply/eapply add applications
[Sun Sep 17 08:04:03 2017] <rrika> refine (fun …) adds a lambda
[Sun Sep 17 08:04:49 2017] <rrika> "refine (fun a, _)." and "intro a." should do the same.
[Sun Sep 17 08:05:25 2017] <rrika> oh, you meant "fun" as placeholder, not the keyword
[Sun Sep 17 17:13:30 2017] <erisco> how can I pass an implicit argument explicitly?
[Sun Sep 17 17:14:41 2017] <Cypi> Use @ in front of the constant name. Something like "@f x y z"
[Sun Sep 17 17:26:43 2017] <erisco> ah, and then I must give all arguments? hrm
[Sun Sep 17 17:26:50 2017] <dh`> yes
[Sun Sep 17 17:27:24 2017] <erisco> that's a bit painful… I should rethink this
[Sun Sep 17 17:27:28 2017] <dh`> also inside inductive declarations sometimes you seem to need to give all arguments anyway, not sure waht the deal with that is
[Sun Sep 17 19:55:28 2017] <erisco> what is an apply that I can use just on a hypothesis? the apply tactics I am finding target the goal
[Sun Sep 17 19:55:41 2017] <erisco> I just want a beta reduction
[Sun Sep 17 19:58:48 2017] <Chobbes> Okay, I think I'm missing something. https://coq.inria.fr/library/Coq.Vectors.Fin.html and https://coq.inria.fr/stdlib/Coq.Vectors.VectorDef.html both define an inductive type "t". Which seems crazy, because it's not exactly a great name and the overlap can only be a pain. Is there a reason for this?
[Sun Sep 17 20:00:18 2017] <Chobbes> Can I maybe rename them or something if I want to import both?
[Sun Sep 17 20:11:11 2017] <dh`> erisco: like "apply foo in H"?
[Sun Sep 17 20:11:52 2017] <erisco> apply H in H.  seems to work, mkay, thanks
[Sun Sep 17 20:12:08 2017] <dh`> also rewrite foo in H, etc.
[Sun Sep 17 20:12:13 2017] <dh`> symmetry in H
[Sun Sep 17 20:12:36 2017] <dh`> you can use a lot of tactics in hypotheses
[Sun Sep 17 20:13:42 2017] <erisco> well I honestly don't know what  apply H in H  means, other than it targets H
[Sun Sep 17 20:14:04 2017] <dh`> chobbes: I'd have expected that to be inside a module, but apparently not
[Sun Sep 17 20:14:14 2017] <dh`> what you want to do is Require Fin but not Import, then refer to it as Fin.t
[Sun Sep 17 20:14:31 2017] <dh`> erisco: apply H in H per se won't go
[Sun Sep 17 20:15:02 2017] <dh`> but suppose you have s: string  H: length s = 0
[Sun Sep 17 20:15:17 2017] <dh`> and a lemma foo: length s = 0 -> s = EmptyString
[Sun Sep 17 20:15:30 2017] <dh`> then "apply foo in H" will convert H to: s = EmptyString
[Sun Sep 17 20:15:31 2017] <erisco> H has the form  (fun x => m) a
[Sun Sep 17 20:15:57 2017] <dh`> and it won't simpl or otherwise reduce further?
[Sun Sep 17 20:16:08 2017] <dh`> (simpl in H)
[Sun Sep 17 20:16:28 2017] <Chobbes> dh`: thanks for the solution!
[Sun Sep 17 20:16:30 2017] <erisco> simpl in H  also works, but so did   apply H in H
[Sun Sep 17 20:16:50 2017] <dh`> it's weird that it would let you apply a hypotheses to itself
[Sun Sep 17 20:16:57 2017] <dh`> but *shrug*
[Sun Sep 17 20:16:57 2017] <erisco> * shrugs
[Sun Sep 17 20:17:08 2017] <dh`> simpl in H is definitely something to know about
[Sun Sep 17 20:26:27 2017] <dh`> hmm, it seems if you have H of the form t -> t, then you can apply H in H and produce H: t, and adds t as an additional goal
[Sun Sep 17 20:27:21 2017] <dh`> but this doesn't seem useful.
[Sun Sep 17 20:27:28 2017] <dh`> otherwise, or at least the things I've tried, it doesn't typecheck.
[Sun Sep 17 20:52:17 2017] <erisco> how can I fail loudly from within a match? it instead tries the next pattern, which I do not want
[Sun Sep 17 20:52:28 2017] <erisco> rather I want to see exactly why the tactic I am using fails
[Sun Sep 17 20:54:24 2017] <dh`> that I dunno, sorry
[Sun Sep 17 20:54:37 2017] <dh`> other than "try it by hand", which probably isn't helpful
[Sun Sep 17 21:08:17 2017] <erisco> thanks
[Mon Sep 18 09:27:56 2017] <erisco> how can I disable Init?
[Mon Sep 18 09:28:35 2017] <anton-trunov> you can use the cli option -noinit
[Mon Sep 18 09:30:28 2017] <erisco> thanks… any idea for using CoqIDE?
[Mon Sep 18 09:30:47 2017] <anton-trunov> sorry, I use ProofGeneral :(
[Mon Sep 18 09:30:49 2017] <Cypi> "coqide -noinit" will work.
[Mon Sep 18 09:31:00 2017] <Cypi> (I think you can also configure the coqtop arguments somewhere in the menu)
[Mon Sep 18 09:33:03 2017] <erisco> oh great, now CoqIDE won't start =\
[Mon Sep 18 09:33:08 2017] <Cypi> uhoh
[Mon Sep 18 09:33:33 2017] <erisco> any idea where the config file is stored?
[Mon Sep 18 09:33:55 2017] <erisco> apparently  AUTO -noinit  was not valid
[Mon Sep 18 09:34:32 2017] <Cypi> for me, ~/.config/coq/coqiderc, but it probably depends on your system
[Mon Sep 18 09:36:15 2017] <erisco> well now my config is borked… can you do me a favour and tell me your cmd_coqtop line?
[Mon Sep 18 09:36:35 2017] <erisco> I tried setting it back to AUTO but CoqIDE keeps deleting the setting now
[Mon Sep 18 09:36:47 2017] <Cypi> cmd_coqtop =
[Mon Sep 18 09:36:49 2017] <Cypi> literally empty
[Mon Sep 18 09:36:54 2017] <erisco> oh, okay
[Mon Sep 18 09:37:58 2017] <erisco> I don't know what to do… I tried setting it to  "coqtop -noinit"  but when I close CoqIDE it just sets it to blank again
[Mon Sep 18 09:40:01 2017] <Cypi> looks like this specific option does not support additional arguments, that's weird...
[Mon Sep 18 09:41:09 2017] <erisco> I tried making a batch script wrapper but it deletes that too
[Mon Sep 18 09:41:44 2017] <Cypi> Can't you just alias coqide to "coqide -noinit" or something like this? Since CoqIDE seems to behave weirdly...
[Mon Sep 18 09:45:21 2017] <erisco> yeah I guess… will have to do some rigmarole… I want double-clicking on a Coq file to use -noinit
[Mon Sep 18 09:45:36 2017] <erisco> I don't really want this behaviour globally… but seems I have no option
[Mon Sep 18 09:46:20 2017] <Cypi> If you don't want it globally, having it in the config file is certainly not a good idea, is it?
[Mon Sep 18 09:46:50 2017] <erisco> that is at least more convenient to change than updating shortcuts and file associations
[Mon Sep 18 09:47:11 2017] <erisco> what I want is to just have a pragma or import statement that gets rid of INit
[Mon Sep 18 09:49:29 2017] <erisco> bah whatever… guess I will have to start it with a shell
[Mon Sep 18 09:52:41 2017] <anton-trunov> erisco: http://coq-club.inria.narkive.com/mBGy60m7/unload-prelude
[Mon Sep 18 09:55:07 2017] <erisco> what loads all the tactics? I don't want those either
[Mon Sep 18 10:02:47 2017] <erisco> even with -noinit -nois I have tactics such as intros
[Mon Sep 18 11:02:52 2017] <dh`> oh the horror, a shell :-p
[Mon Sep 18 15:24:10 2017] <numee> I'm trying to define my own induction principle with Program Fixpoint but in the Obligation proof there is no references to the functin that is being defined in the list of hypotheses
[Mon Sep 18 15:26:39 2017] <numee> So I tried to solve this by Program Definition foo ... := fix _foo ... so that I can use _foo in the Obligation proof
[Mon Sep 18 15:27:03 2017] <numee> However, when the proof is completed, Coq crashes with Anomaly:
[Mon Sep 18 15:27:03 2017] <numee> error with no safe_id attached
[Mon Sep 18 15:28:00 2017] <numee> Am I doing something wrong or I found a bug in Coq?
[Mon Sep 18 15:39:05 2017] <numee> Here is the minimal Coq code that exhibits the first problem I'm faced with: https://pastebin.com/dkLwTrCc
[Mon Sep 18 17:57:25 2017] <erisco> how do I get CoqIDE to let me import libraries in a local directory (same as opened file)?
[Mon Sep 18 17:57:40 2017] <erisco> I tried  coqide -I  with a bunch of things and none worked
[Mon Sep 18 18:24:58 2017] <erisco> now I am trying -R and no luck =\
[Mon Sep 18 18:33:02 2017] <erisco> can I remap to the empty string?
[Mon Sep 18 18:33:32 2017] <erisco> I tried remapping the local directory to Local, but I still cannot load my libraries because it whines they are not called Local.Foo
[Mon Sep 18 18:34:48 2017] <erisco> okay, I use  coqide -R . "" myfile.v  and that works
[Mon Sep 18 18:39:34 2017] <Cypi> I believe the proper way is to use Top instead of the empty string, but I'm not 100% sure
[Tue Sep 19 08:23:00 2017] <numee> What options are available when Coq declines a Function definition saying "can not contain an applied match (See Limitation in Section 2.3 of refman)" ?
[Tue Sep 19 08:23:37 2017] <anton-trunov> Program Fixpoint?
[Tue Sep 19 08:27:42 2017] <numee> anton-trunov: I tried it but it didn't work because I cannot refer to the function that is being defined in the proof: https://pastebin.com/dkLwTrCc
[Tue Sep 19 08:38:42 2017] <Cypi> You need to force Program to add it to your context, for instance with something like http://lpaste.net/358556
[Tue Sep 19 08:39:22 2017] <Cypi> the rationale for this is in the refman https://coq.inria.fr/refman/Reference-Manual027.html#sec758
[Tue Sep 19 08:42:16 2017] <numee> Cypi: thank you! I'll try to apply it to my case (the code I've shown was somewhat simplified)
[Tue Sep 19 08:42:37 2017] <anton-trunov> Cypi: thank you for the link!
[Tue Sep 19 09:55:11 2017] <numee> Cypi: thanks to the magic you told me I just completed the proof I've been working on for the past few days (a weird induction principle for list): https://pastebin.com/iDM8xhWu
[Tue Sep 19 09:56:39 2017] <anton-trunov> numee: It looks similar to `rev_ind`
[Tue Sep 19 09:58:12 2017] <numee> anton-trunov: yes it is. but not the same because it reduces a list from both left and right, rather than either of them
[Tue Sep 19 10:02:33 2017] <numee> I mean, have a look at: (Pmore : (forall a b, forall xs, P xs -> P (a::xs++b::nil))). You can assume the proposition for the list with its head and last elements removed
[Tue Sep 19 10:05:58 2017] <numee> I feel like the proof could be much simpler and shorter, but this is what I came up with. feedback is welcome
[Tue Sep 19 11:36:41 2017] <anton-trunov> numee: I guess there is a more elegant version, but nevertheless: https://gist.github.com/anton-trunov/774fae6872df8d10a0350b73f326b1f4
[Tue Sep 19 12:48:53 2017] <numee> anton-trunov: that's already astonishingly simple and short. great work indeed
[Tue Sep 19 12:50:04 2017] <anton-trunov> numee: thank you!
[Tue Sep 19 13:22:14 2017] <benzrf> thinking about wlog reasoning again...
[Tue Sep 19 13:30:49 2017] <benzrf> the [clear] tactic does nothing to the proof term, right?
[Tue Sep 19 13:30:54 2017] <benzrf> it just affects the proving interface?
[Tue Sep 19 13:32:51 2017] <Cypi> sort of. Technically it does create an intermediate existential variable, whose context is restricted. But if you normalize your proof term with respect to existential variables, you are right, it does nothing to the proof term.
[Tue Sep 19 15:01:49 2017] <rgrinberg> Can anyone give me a hand to prove this simple lemma: Theorem perm_nil : forall {X: Type} (al: list X) (p: Permutation nil al), al = nil.
[Tue Sep 19 15:02:55 2017] <modulus> hmm, maybe by destructing al?
[Tue Sep 19 15:03:21 2017] <modulus> the nil case by symmetry and the h:t case by inversion?
[Tue Sep 19 15:07:22 2017] <rgrinberg> modulus: that's what i tried. for nil, just reflexivity even worked
[Tue Sep 19 15:07:31 2017] <rgrinberg> but i'm not sure how to proceed with inversion in the second case
[Tue Sep 19 15:07:59 2017] <rgrinberg> my list of hypothesis just explodes with noise...
[Tue Sep 19 15:09:21 2017] <Cypi> The easiest way I know is to prove that "Permutation l1 l2" implies that l1 and l2 have the same length.
[Tue Sep 19 15:43:53 2017] <rgrinberg> Cypi: I'm actually trying to prove that and the permutation nil l1 thing is a lemma -_-
[Tue Sep 19 15:56:51 2017] <Cypi> You shouldn't need any lemma for "Permutation l1 l2 -> length l1 = length l2"
[Tue Sep 19 15:57:06 2017] <Cypi> make sure to do an induction on the right thing
[Tue Sep 19 15:58:46 2017] <rgrinberg> Cypi: yeah, i probably messed up. Though I should be able to prove that permutation nil x anyway... that seems to be easier between those two
[Tue Sep 19 16:00:09 2017] <Cypi> well, it's not easier
[Tue Sep 19 16:01:01 2017] <rgrinberg> Btw, how do i enable the list notation? So that I can use things like [1;2;3;4]
[Tue Sep 19 16:01:04 2017] <Cypi> Reading the four constructors of Permutation, it is quite obvious that it preserves length. On the other hand, the last constructor makes it difficult to say anything about "Permutation nil l"
[Tue Sep 19 16:01:11 2017] <Cypi> Import ListNotations.
[Tue Sep 19 16:04:17 2017] <rgrinberg> Cypi: thanks
[Tue Sep 19 17:33:32 2017] <benzrf> new to ltac - is there a concept of, like, matching against what the new goal would be if i applied a tactic?
[Tue Sep 19 17:33:44 2017] <benzrf> without actually applying the tactic to the main proof state?
[Tue Sep 19 17:33:54 2017] <Cypi> You can always fail afterwards
[Tue Sep 19 17:34:02 2017] <benzrf> sounds kinda hacky :(
[Tue Sep 19 17:34:05 2017] <Cypi> It is
[Tue Sep 19 17:34:14 2017] <Cypi> I'm not sure you can get back that information and use it after failing, too
[Tue Sep 19 17:34:24 2017] <Cypi> (pretty sure jgross would know that kind of stuff)
[Tue Sep 19 18:49:03 2017] <benzrf> haha i got an anomaly
[Tue Sep 19 18:49:23 2017] <benzrf> (by trying to use a uconstr as a term context while fucking around randomly)
[Tue Sep 19 19:01:41 2017] <Chobbes> Is 'All' (proposition satisfied by ALL elements of a list) in the standard library somewhere?
[Tue Sep 19 19:03:06 2017] <Chobbes> Seems like it might just be a thing SF made up, but I'd rather not redefine it if it already exists.
[Tue Sep 19 19:05:46 2017] <benzrf> im pretty sure it exists
[Tue Sep 19 19:05:50 2017] <Cypi> There is Forall, defined in List.
[Tue Sep 19 19:05:51 2017] <benzrf> it's called "Forall", i think (with a capital F)
[Tue Sep 19 19:05:55 2017] <benzrf> jinx :)
[Tue Sep 19 19:06:48 2017] <Chobbes> benzrf: Cypi thanks! That's exactly what I wanted :).
[Tue Sep 19 19:07:15 2017] <Chobbes> I knew it *had* to be there somewhere.
[Tue Sep 19 19:29:11 2017] <benzrf> is there a way to evaluate an ltac expression and see what it results in, when the result isnt a tactic?
[Tue Sep 19 19:30:46 2017] <benzrf> hmm, this worked for now, but it doesnt seem terribly robust in general:    let u := expr in pose (foo:=u).
[Tue Sep 19 20:19:41 2017] <benzrf> ach, ltac is crap
[Tue Sep 19 20:24:47 2017] <erisco> benzrf, try  idtac expr  which should print expr
[Tue Sep 19 20:34:33 2017] <benzrf> oh damn!
[Tue Sep 19 20:34:36 2017] <benzrf> thanks!
[Tue Sep 19 20:36:32 2017] <rgrinberg> when, i do something like destruct (x <=? y), i lose the hypothesis that x <= y in my subgoal. anyway to fix that?
[Tue Sep 19 20:38:00 2017] <benzrf> rgrinberg: try [destruct (x <=? y) eqn:H]
[Tue Sep 19 20:38:24 2017] <rgrinberg> benzrf: thanks. how come i need try?
[Tue Sep 19 20:38:41 2017] <benzrf> oh lol, the try was an english word, the stuff in the braces is what you should use
[Tue Sep 19 20:38:48 2017] <benzrf> er, s/braces/square brackets/
[Tue Sep 19 20:39:50 2017] <rgrinberg> oh haha
[Tue Sep 19 20:40:08 2017] <benzrf> guhhh why cant i use match on a uconstr!!!
[Tue Sep 19 21:12:49 2017] <rgrinberg> benzrf: btw, that gives me the proposition in the form x <= y = true. how can i turn that into x <= y?
[Tue Sep 19 21:13:19 2017] <benzrf> there should be a lemma regarding that
[Tue Sep 19 21:13:29 2017] <benzrf> but you could also just use a different lemma to start with
[Tue Sep 19 21:13:45 2017] <benzrf> try this:
[Tue Sep 19 21:13:55 2017] <benzrf> Search (forall x y, x <= y \/ y <= x).
[Wed Sep 20 23:54:26 2017] <dh`> I think the trick is you need to remember (rev l) as m, then revert Heqm; revert l. *then* induction m
[Thu Sep 21 00:16:28 2017] <dh`>    intros.
[Thu Sep 21 00:16:28 2017] <dh`>    remember (rev xs) as rxs.
[Thu Sep 21 00:16:28 2017] <dh`>    revert Heqrxs. revert xs.
[Thu Sep 21 00:16:28 2017] <dh`>    induction rxs; intros.
[Thu Sep 21 00:16:31 2017] <dh`> like that.
[Thu Sep 21 00:16:35 2017] <dh`> it works.
[Thu Sep 21 00:17:22 2017] <dh`> if you don't do the revert though the induction hypothesis isn't adequately generalized.
[Thu Sep 21 00:30:51 2017] <dh`> whee, now I have rev_ind for my string library :-)
[Thu Sep 21 02:06:38 2017] <xeno> benzrf: I did find a way to represent it that was more or less what you described :)
[Thu Sep 21 02:11:18 2017] <xeno> benzrf: in the above example, R = { <a,b> : ... }, G = { <a,b> : exist H := { x[0], x[1], x[2], ... , x[z] }, x[0] = a, x[z] = b, forall x[n] where 0 <= n < x, <x[n],x[n+1]> elementof H }
[Thu Sep 21 02:17:41 2017] <schoppenhauer> hi. hm. is somebody here who is familiar with the internals of the extraction mechanism? I have a weird bug where stuff is extracted twice under different names. But finding a minimal example is hard because I don't even know where to look at. On the other hand, I do not want to post all my code on a publicly visible place yet.
[Thu Sep 21 02:18:20 2017] <dh`> not I, I've been meaning to try to figure it out but nothing yet
[Thu Sep 21 02:19:43 2017] <schoppenhauer> dh`: what?
[Thu Sep 21 02:20:48 2017] <schoppenhauer> the problem does not yet occur in 8.4pl6
[Thu Sep 21 02:20:58 2017] <schoppenhauer> but it does in 8.5 and 8.6, apparently
[Thu Sep 21 02:24:30 2017] <schoppenhauer> did anything significant change during these versions?
[Thu Sep 21 02:42:48 2017] <schoppenhauer> if somebody should come here who could help me, highlight plz.
[Thu Sep 21 04:03:15 2017] <marcecoll> hello! I just got started with Coq and following the Software Foundations book. In one of the exercises they ask to prove Theorem andb_true_elim2 : ∀ b c : bool,
[Thu Sep 21 04:03:22 2017] <marcecoll>   andb b c = true → c = true.
[Thu Sep 21 04:03:44 2017] <marcecoll> shit, screwed up the formatting let me use a pastebin
[Thu Sep 21 04:06:32 2017] <marcecoll> So, they ask to prove [0], I wrote [1] which works but I got to it almost by chance and intuition. [1] gives [2] as subgoals and Im not sure how destruct gets to creating those subgoals. why does this work? http://lpaste.net/4151898009770131456
[Thu Sep 21 04:08:32 2017] <marcecoll> I understand it when using `intros [] [].` with inductively defined datatypes, but I am a bit confused as to how destruct works with the hypothesis `andb b c` in the proof [1]
[Thu Sep 21 04:11:19 2017] <marcecoll> is it just applying andb to the values of b c in the current case?
[Thu Sep 21 05:19:19 2017] <schoppenhauer> what is the oldest coq version to support -, +, *, --, ++, **, etc., bullets?
[Thu Sep 21 05:31:16 2017] <Cypi> 8.5 is the first tu support --, ++, **, etc.; 8.4 is the first to support -, + and *
[Thu Sep 21 05:31:22 2017] <Cypi> to*
[Thu Sep 21 05:33:59 2017] <schoppenhauer> Cypi: thx
[Thu Sep 21 05:47:30 2017] <Cypi> marcecoll: the 3rd `[]` is not destructing `andb b c`, it is destructing `andb b c = true`
[Thu Sep 21 05:48:43 2017] <Cypi> destructing an equality will have the effect to rewrite the right-hand side to the left-hand side. So for instance, after `intros [] []`, the first goal is `true && true = true -> true = true`, which becomes `true && true = true && true` when you eliminate the equality at the head with one more `intros []`
[Thu Sep 21 05:49:20 2017] <Cypi> a more explicit way to write it is `intros [] [] <-.`
[Thu Sep 21 05:49:29 2017] <Cypi> (this way, it is obvious that you are rewriting)
[Thu Sep 21 06:12:57 2017] <marcecoll> Cypi: thanks, that really helped
[Thu Sep 21 07:36:45 2017] <schoppenhauer> could somebody please give me a clue on how to prove https://gist.github.com/dasuxullebt/226178ef1863bda02d94c542b63c1dd8 without dependent induction? (probably this function triggers a bug, and as dependent induction is fishy, I wondered whether this might be the problem)
[Thu Sep 21 07:43:50 2017] <schoppenhauer> I need to destructure the Vector.t a n and the Fin.t n simultaneously, and then also differentiate on the actual value of this Fin.t n
[Thu Sep 21 07:54:15 2017] <Cypi> Do you mind axioms or not?
[Thu Sep 21 08:01:52 2017] <Cypi> schoppenhauer : here is my take on it, using a Fixpoint and dependent destruction rather than dependent induction http://lpaste.net/358596 . It should be approximately the same though, and suffers from the same problem: dependent destruction uses the JMeq_eq axiom.
[Thu Sep 21 08:02:28 2017] <Cypi> Removing JMeq_eq requires a bit more work, but it is very doable
[Thu Sep 21 08:24:35 2017] <Cypi> Here is one possible way to do it axiom-less http://lpaste.net/358597 (this is what is implemented in Equations for instance; another way could be small inversion perhaps, if you are interested)
[Thu Sep 21 08:38:47 2017] <schoppenhauer> Cypi: what does "now" do? (not mentioned in https://coq.inria.fr/refman/tactic-index.html)
[Thu Sep 21 08:39:33 2017] <anton-trunov> now <tac> = <tac>; easy
[Thu Sep 21 08:39:47 2017] <Cypi> Tactic Notation "now" tactic(t) := t; easy.
[Thu Sep 21 08:39:52 2017] <Cypi> well ^
[Thu Sep 21 08:41:59 2017] <schoppenhauer> ah ok.
[Thu Sep 21 08:43:04 2017] <anton-trunov> It’s defined in https://coq.inria.fr/distrib/current/stdlib/Coq.Init.Tactics.html
[Thu Sep 21 08:44:16 2017] <schoppenhauer> ok thx
[Thu Sep 21 08:44:51 2017] <schoppenhauer> Cypi: does small inversion work without JMEq? (I read http://gallium.inria.fr/blog/a-new-Coq-tactic-for-inversion/ but it's not clear to me)
[Thu Sep 21 08:46:45 2017] <schoppenhauer> Cypi: also, invert appears not to be in 8.7-beta1. is it in the git version?
[Thu Sep 21 08:47:08 2017] <Cypi> This should be the goal, yes. "Right now, we would rather not assume the K axiom"
[Thu Sep 21 08:47:29 2017] <Cypi> I didn't say it was in Coq, it was just a pointer to the name of a technique to do proper dependent pattern-matching
[Thu Sep 21 08:47:52 2017] <Cypi> Equations is not in Coq either for now, which is why the snippet I pasted contains the tactic depelim_fin
[Thu Sep 21 08:48:10 2017] <Cypi> (which is just a well-behaved dependent elimination tactic specialized for fin)
[Thu Sep 21 08:53:38 2017] <schoppenhauer> ok, I guess I'd have to read the paper to fully understand what's going on.
[Thu Sep 21 08:54:18 2017] <schoppenhauer> Cypi: may I use your code? (How) should I attribute it?
[Thu Sep 21 08:54:29 2017] <Cypi> Just use it as you wish, no attribution necessary
[Thu Sep 21 08:54:34 2017] <schoppenhauer> ok thx
[Thu Sep 21 08:57:27 2017] <schoppenhauer> anyway, I guess I should file a bug report. because I think (could not test it yet because internet is so slow here) this function somehow causes the extraction mechanism to extract the vector type twice
[Thu Sep 21 08:58:04 2017] <schoppenhauer> at least it is the function that uses extracted functions "t_rect" and "t_rect0", where t_rect0 is t_rect for a second definition of the vector type.
[Thu Sep 21 09:01:13 2017] <Cypi> Hmm, if I just do "Recursive Extraction array_set." at the end of the snippet above, it seems to extract just as expected.
[Thu Sep 21 09:05:23 2017] <schoppenhauer> Cypi: not for me, actually.
[Thu Sep 21 09:05:28 2017] <schoppenhauer> Cypi: I extract to haskell.
[Thu Sep 21 09:05:40 2017] <schoppenhauer> Cypi: ok, you just found the minimal example of the bug \o/
[Thu Sep 21 09:05:43 2017] <schoppenhauer> Cypi: thank you!
[Thu Sep 21 09:06:05 2017] <schoppenhauer> Cypi: it doesn't happen on 8.4pl6, but on 8.5pl3.
[Thu Sep 21 09:11:16 2017] <schoppenhauer> Cypi: and your code works \o/
[Thu Sep 21 09:11:22 2017] <schoppenhauer> * hugs Cypi
[Thu Sep 21 10:24:44 2017] <bartavelle> anyone managed to solve the elements_relate theorem in the new vfa version ?
[Thu Sep 21 10:25:39 2017] <anton-trunov> is there a link?
[Thu Sep 21 10:25:50 2017] <bartavelle> https://softwarefoundations.cis.upenn.edu/vfa-current/Redblack.html
[Thu Sep 21 10:26:17 2017] <bartavelle> it says that "Because elements does not pay attention to colors, and does not rebalance the tree, then its proof should be a simple copy-paste from SearchTree.v, with only minor edits."
[Thu Sep 21 10:26:21 2017] <bartavelle> but it is not true
[Thu Sep 21 10:26:34 2017] <bartavelle> because "int2Z x = int2Z y" isn't equivalent to "x = y"
[Thu Sep 21 10:27:05 2017] <bartavelle> that seems unsolvable to me, but I can't say I am an expert
[Thu Sep 21 10:27:31 2017] <bartavelle> (also the proof in the other exercise is only half of what is asked here)
[Thu Sep 21 10:28:00 2017] <bartavelle> or perhaps ...
[Thu Sep 21 10:28:02 2017] <anton-trunov> I remember it was discussed here: https://sympa.inria.fr/sympa/arc/coq-club/2016-08/msg00196.html
[Thu Sep 21 10:28:03 2017] <bartavelle> humm
[Thu Sep 21 10:28:45 2017] <bartavelle> that is my exact problem
[Thu Sep 21 10:28:47 2017] <bartavelle> thanks a lot !
[Thu Sep 21 10:28:59 2017] <anton-trunov> you are welcome :)
[Thu Sep 21 10:30:44 2017] <bartavelle> oh, so this exercise is buggy, nice to know :)
[Thu Sep 21 10:31:45 2017] <bartavelle> ah damned, it is not buggy apparently
[Thu Sep 21 10:31:59 2017] <bartavelle> "Although this proof is only 4 stars of difficulty, it is plenty of work to do."
[Thu Sep 21 10:32:04 2017] <anton-trunov> :)
[Thu Sep 21 10:36:19 2017] <bartavelle> well, if someone has a clue, I have none
[Thu Sep 21 10:36:31 2017] <bartavelle> I can copy/paste my solution that almost works
[Thu Sep 21 10:36:59 2017] <bartavelle> but I suspect there is something else that is smarter to do
[Thu Sep 21 11:04:07 2017] <Cypi> Oh, I did not know about VFA. Guess I know what I'm doing this week-end :)
[Thu Sep 21 11:34:18 2017] <bartavelle> Cypi: please let me know if you manage to solve this particular problem
[Thu Sep 21 11:34:32 2017] <bartavelle> (elements_relate in Redlack.v)
[Thu Sep 21 17:23:15 2017] <qertyyyy> hi , is it possible to prove this (and if so , how ?): Lemma test {A : Type} `{EqDec A} (x y : A) :  (x ==b y) = true -> x = y.
[Thu Sep 21 18:49:58 2017] <benzrf> qertyyyy: do you mean === at the end there?
[Thu Sep 21 19:17:07 2017] <qertyyyy> benzrf: not exactly .. but if it helps: can I proof this lemma here : Lemma test2 {A : Type} `{EqDec A} (x y : A) :  (x === y) -> (x = y).
[Thu Sep 21 19:19:24 2017] <rrika> qertyyyy, I don't think that's possible
[Thu Sep 21 19:31:41 2017] <qertyyyy> ok , if thats so then I have another question. Is there somthing that I can use like equiv_dec for a "generiac equality check"? To be more specific I have this function :
[Thu Sep 21 19:31:55 2017] <qertyyyy> Fixpoint del1 {A : Type} `{EqDec A} (val : A) (ls : list A) : list A :=
[Thu Sep 21 19:31:57 2017] <qertyyyy> match ls with
[Thu Sep 21 19:31:59 2017] <qertyyyy>   | [] => []
[Thu Sep 21 19:32:01 2017] <qertyyyy>   | x::xs => if equiv_dec x val then xs else x :: del1 val xs
[Thu Sep 21 19:32:03 2017] <qertyyyy> end.Y
[Thu Sep 21 19:32:25 2017] <qertyyyy> this just deletes the first occurence of val in a list
[Thu Sep 21 19:33:00 2017] <qertyyyy> the problem I have with equiv_dec is that I feels a bit awkward to use in a proof
[Thu Sep 21 19:36:43 2017] <rrika> qertyyyy, counterexample for 2===3 -> 2=3. https://gist.github.com/rrika/ffbb900730d84e66183076561eb70f8d
[Thu Sep 21 19:38:13 2017] <rrika> qertyyyy, what part of it do you feel is awkward?
[Thu Sep 21 19:42:37 2017] <qertyyyy> rrika: thank you :). For example when I try to proof this :
[Thu Sep 21 19:42:42 2017] <qertyyyy> Theorem del_4 {A : Type} `{EqDec A} (x y : A) (ls : list A) :
[Thu Sep 21 19:42:44 2017] <qertyyyy>   del1 x (del1 y ls) = del1 y (del1 x ls).
[Thu Sep 21 19:43:19 2017] <qertyyyy> I have to use a lot of destructs (at least with my limited knowledge ... )
[Thu Sep 21 19:45:39 2017] <qertyyyy> I don't even know if it is provable in coq (since I haven't finised the proof) (but it should be provalbe ...)
[Thu Sep 21 19:45:50 2017] <rrika> it seems provable.
[Thu Sep 21 19:45:56 2017] <rrika> but I odn't know how to do it elegantly either.
[Thu Sep 21 19:47:28 2017] <qertyyyy> ok. thank you very much for your time and effort :)
[Thu Sep 21 20:03:57 2017] <rrika> qertyyyy, here is an ugly proof for del_4: https://gist.github.com/rrika/d454d51a9f73217647d75c1626d57b5d
[Thu Sep 21 20:09:23 2017] <qertyyyy> yes, I expected it to be like this (at least somewhat). (and thank you very very much again :) )
[Thu Sep 21 20:10:35 2017] <rrika> ^_^
[Thu Sep 21 20:12:09 2017] <qertyyyy> rrika: and what about changing del1 itself ? can you (or anyone else) think of a different way to define it in this general way (the only other thing I can think of is to defnie a function for "every" type ... which is seems quite redundant)
[Fri Sep 22 13:52:15 2017] <bartavelle> how can I write a list of strign, such as ["foo";"bar";"baz"] : list string ?
[Fri Sep 22 13:52:29 2017] <bartavelle> I get Error: No interpretation for string "foo"
[Fri Sep 22 13:52:41 2017] <bartavelle> but I can write Definition foo : string := "foo".
[Fri Sep 22 13:54:31 2017] <bartavelle> ah ok, Local Open Scope string_scope.
[Fri Sep 22 15:10:12 2017] <buttbutter> Do you guys have any recommendations for resources to learn Coq with?
[Fri Sep 22 15:12:14 2017] <Cypi> Software Foundations is a good one https://softwarefoundations.cis.upenn.edu/current/index.html
[Fri Sep 22 15:16:08 2017] <buttbutter> Cool. This looks promising. Thanks!
[Fri Sep 22 15:23:32 2017] <johnw> it's really the best place to start
[Fri Sep 22 15:23:55 2017] <tobiasBora> Hello,
[Fri Sep 22 15:24:22 2017] <tobiasBora> I can't find how to apply a the definition of a function to an assumption...
[Fri Sep 22 15:24:40 2017] <johnw> apply F in H?
[Fri Sep 22 15:26:14 2017] <tobiasBora> johnw: something like that yes, I've Definition lower x l := match l with cons ....
[Fri Sep 22 15:26:25 2017] <tobiasBora> and in my assumptions I've :
[Fri Sep 22 15:26:34 2017] <tobiasBora> H : lower x (cons n l)
[Fri Sep 22 15:28:12 2017] <tobiasBora> so I'd like to replace H by the definition of lower
[Fri Sep 22 15:29:54 2017] <Cypi> unfold lower in H
[Fri Sep 22 15:30:06 2017] <Cypi> (or just "simpl in H" if it is actually meant to reduce)
[Fri Sep 22 15:36:25 2017] <tobiasBora> Cypi: great, thank you very much, I didn't know that it was possible to use simpl in assumptions. Thank you !
[Fri Sep 22 15:56:39 2017] <tobiasBora> And another question: how would you do a proof by case when it does *not* come out of an induction
[Fri Sep 22 15:56:42 2017] <tobiasBora> like:
[Fri Sep 22 15:56:54 2017] <tobiasBora> First case: x <= n
[Fri Sep 22 15:57:01 2017] <tobiasBora> Second case: x > n
[Fri Sep 22 15:58:40 2017] <Cypi> destruct (le_gt_dec x n)
[Fri Sep 22 15:58:45 2017] <Cypi> (for this specific case)
[Fri Sep 22 15:59:01 2017] <Cypi> A "proof by case" is mostly done through a destruct
[Fri Sep 22 16:02:11 2017] <tobiasBora> Cypi: Great thank you very much, you're my god today!
[Fri Sep 22 16:26:21 2017] <tobiasBora> I'm annoying, sorry, but another stupid question: I've a theorem that I'd like to use to add one more assumption, but I don't know how to do. I tried to play with apply, but it tries to applies it in the subgoal instead of creating a new assumption.
[Fri Sep 22 16:27:27 2017] <Cypi> "pose proof t" (where t is any term) will add a new assumption with the type of t
[Fri Sep 22 16:27:40 2017] <tobiasBora> hum sorry, I found the solution with pose proof.
[Fri Sep 22 21:23:44 2017] <Cypi> bartavelle: you'll be happy to know that I am stuck at elements_relate, for now :p
[Fri Sep 22 23:25:05 2017] <Cypi> bartavelle: alright, I'm confused. I think I have proved that the current statement of `elements_relate` is not provable... Where is the flaw? http://lpaste.net/358636
[Sat Sep 23 00:10:23 2017] <dh`> cypi: where's the rest of this?
[Sat Sep 23 00:12:33 2017] <dh`> I need to make dinner but could use a nice puzzle unrelated to $work
[Sat Sep 23 01:35:46 2017] <dh`> also: is it considered better to use "reflexivity" and "assumption" when they apply, or just "auto"?
[Sat Sep 23 06:24:31 2017] <Cypi> dh` : this is VFA https://softwarefoundations.cis.upenn.edu/vfa-current/
[Sat Sep 23 06:24:38 2017] <Cypi> specifically, RedBlack.v
[Sat Sep 23 11:41:19 2017] <rgrinberg> when I do something like destruct (a <=? x), how can I get a <= x and x > a as assumptions for my subgoals?
[Sat Sep 23 11:51:16 2017] <dh`> rgrinberg: either "remember (a <=? x) as q; destruct q" or "destruct (a <=? x) eqn:H"
[Sat Sep 23 11:51:39 2017] <rgrinberg> dh`: thank you! any difference between these two?
[Sat Sep 23 11:51:45 2017] <dh`> cypi: ah
[Sat Sep 23 11:51:59 2017] <dh`> rgrinberg: only in the names of what comes out
[Sat Sep 23 11:52:53 2017] <dh`> the remember form makes you pick a useless name q and then gives you a hypothesis Heqq; the other lets you just pick a hypothesis name H
[Sat Sep 23 11:53:17 2017] <dh`> the second form is obscure enough that I only found out about it when it was mentioned here a couple days ago
[Sat Sep 23 11:55:43 2017] <rgrinberg> also, is there a way to simpl. a particular assumption?
[Sat Sep 23 11:55:52 2017] <dh`> rgrinberg: simpl in H
[Sat Sep 23 11:56:10 2017] <rgrinberg> dh`: thanks again ^_^
[Sat Sep 23 11:56:48 2017] <dh`> :-)
[Sat Sep 23 12:02:48 2017] <rgrinberg> how do I do apply on a particular assumption to get a new assumption?
[Sat Sep 23 12:28:59 2017] <buttbutter> I don't understand why this isn't a match: https://i.imglnx.com/umzrGZ.png
[Sat Sep 23 12:29:48 2017] <buttbutter> Also, can someone explain to me why the "induction as [| n' IHn']" bit names the inductive hypothesis with IHn'? Why it names n' is clear to me, but how exactly is it telling Coq "oh yeah also name the inductive hypothesis IHn' because it's the second member of the list".
[Sat Sep 23 12:35:51 2017] <buttbutter> Oh, nevermind. Forgot to include "m" in intros. :)
[Sat Sep 23 12:35:56 2017] <buttbutter> But the second question still stands.
[Sat Sep 23 19:04:40 2017] <dh`> damn, the string library's almost 8000 lines already
[Sat Sep 23 19:11:31 2017] <dh`> which is getting to be enough that the color bar across the bottom of coqide doesn't have enough resolution
[Sat Sep 23 19:11:52 2017] <Cypi> Just buy a bigger screen I guess
[Sat Sep 23 19:17:06 2017] <johnw> that's what 5K TVs were made for
[Sat Sep 23 19:22:12 2017] <rgrinberg> Suppose I already have an assumption x <= y and I'd like to simplify an expression like if x <=? y in one of my goals. How would I do that?
[Sat Sep 23 19:23:05 2017] <Chobbes> Hmmm. Is there a way to define an inductive proposition on an indexed data type? E.g., NoDup but for Vectors? `Inductive NoDupVec {A : Type} {n : nat} : Vec A n -> Prop`. In this case you run into problems when defining NoDupVec_nil for the base case, since I don't know how to say n = 0 in this case.
[Sat Sep 23 19:27:51 2017] <Chobbes> rgrinberg: you could use a theorem like PeanoNat.Nat.leb_le: forall n m : nat, (n <=? m) = true <-> n <= m
[Sat Sep 23 19:28:36 2017] <Cypi> Chobbes: the n should also be an index
[Sat Sep 23 19:28:56 2017] <Cypi> Inductive NoDupVec {A : Type} : forall {n : nat}, Vec A n -> Prop
[Sat Sep 23 19:30:03 2017] <Chobbes> Cypi: ahhh, the forall was what I was missing when I tried that before, thanks :).
[Sat Sep 23 20:44:42 2017] <Cypi> bartavelle: do you know what "makeblack_fiddle" is? (Still in RedBlack.v)
[Sun Sep 24 00:11:51 2017] <dh`> with a 5K TV I just wouldn't be able to see it :-)
[Sun Sep 24 00:12:47 2017] <dh`> (there's now almost 9000 lines)
[Sun Sep 24 02:31:45 2017] <bartavelle> cypi no, I didn't see this comment, but didn't need it either
[Sun Sep 24 04:28:42 2017] <Cypi> bartavelle : thanks, you're right, it was way easier than what I though at first because of this comment :)
[Sun Sep 24 09:13:03 2017] <bartavelle> Cypi: so, did you manage to solve the problematic part ?
[Sun Sep 24 09:13:37 2017] <Cypi> Well, as I wasy saying earlier, I think I proved that it is not provable. So I was asking for the flaw in my proof :p
[Sun Sep 24 09:13:37 2017] <bartavelle> (elements_relate)
[Sun Sep 24 09:13:44 2017] <bartavelle> ah
[Sun Sep 24 09:13:47 2017] <bartavelle> lemme see
[Sun Sep 24 09:13:50 2017] <Cypi> bartavelle: alright, I'm confused. I think I have proved that the current statement of `elements_relate` is not provable... Where is the flaw? http://lpaste.net/358636
[Sun Sep 24 09:13:54 2017] <Cypi> there
[Sun Sep 24 09:13:55 2017] <bartavelle> ah yes!
[Sun Sep 24 09:14:18 2017] <bartavelle> did you look at the email exchange that was exhumed earlier in the week ?
[Sun Sep 24 09:14:35 2017] <Cypi> not sure, I'll take a look
[Sun Sep 24 09:14:54 2017] <bartavelle> https://sympa.inria.fr/sympa/arc/coq-club/2016-08/msg00196.html
[Sun Sep 24 09:14:59 2017] <bartavelle> brb
[Sun Sep 24 09:16:00 2017] <Cypi> Hmm. So it seems like Gaëtan suggested the same counterexample. And that Andrew fixed it, but...it is not consistent with what we see in the current version
[Sun Sep 24 09:16:09 2017] <Cypi> maybe he forgot to update it at some point?
[Sun Sep 24 09:31:04 2017] <bartavelle> yeah :/
[Sun Sep 24 09:31:46 2017] <bartavelle> well, from what I understand it was provable all along
[Sun Sep 24 09:32:34 2017] <bartavelle> but the comment is indeed not updated
[Sun Sep 24 09:32:53 2017] <bartavelle> that was more than a year ago, apprently for version 0.4, and it is now 1.1
[Sun Sep 24 09:39:26 2017] <Cypi> If it is supposed to be provable in the current version, I shouldn't be able to prove what I pasted, I think
[Sun Sep 24 09:40:08 2017] <bartavelle> duh, yeah, you are right!
[Sun Sep 24 11:19:40 2017] <rgrinberg> thanks Cypi: i need to use this lemma with rewrite/apply right?
[Sun Sep 24 11:20:17 2017] <rgrinberg> Somehow it's not working. I guess it's b/c my goal is (if x <=? y then .. else ..) rather than the direct <=?
[Sun Sep 24 11:55:42 2017] <rgrinberg> i solved my issue by using destruct and proving the impossible case with congruence. I'm sure there are more elegant ways -_-
[Sun Sep 24 19:12:36 2017] <rgrinberg> are there any examples of using functional extensionality in coq?
[Sun Sep 24 19:24:58 2017] <benzrf> rgrinberg: what do you mean exactly
[Sun Sep 24 19:26:30 2017] <rgrinberg> benzrf: nvm i figured it out. it's just the extensionality tactic that i need to use
[Sun Sep 24 19:27:19 2017] <benzrf> heh
[Sun Sep 24 19:27:46 2017] <benzrf> jsyk: in most contexts im pretty sure it's just called "function extensionality"; im not sure why coq calls it "function*al*"
[Sun Sep 24 19:29:07 2017] <dh`> speaking of which, is there a table in the docs somewhere of such things that are available but often avoided?
[Sun Sep 24 19:29:22 2017] <dh`> functional extensionality, for example, and classicalfacts
[Sun Sep 24 19:41:26 2017] <rgrinberg> is there a way to make Search also search notations?
[Sun Sep 24 21:18:38 2017] <dh`> there's something else for notations but I can never remember what it is
[Sun Sep 24 21:29:25 2017] <benzrf> rgrinberg: yeah, just put the notation in quotes
[Sun Sep 24 21:29:43 2017] <benzrf> er, wait - what precisely do you mean by 'search notations'
[Mon Sep 25 15:38:09 2017] <Migi32> hi. I'm a complete beginner, but why is >= on the natural numbers not a reflexive relation but <= is?
[Mon Sep 25 15:38:36 2017] <Migi32> or to phrase it differently, why can the tactic "reflexivity" prove "a <= a" but not "a >= a"?
[Mon Sep 25 15:38:48 2017] <johnw> <= is defined in terms of <=
[Mon Sep 25 15:38:56 2017] <johnw> that is, >=
[Mon Sep 25 15:39:27 2017] <johnw> if you unfold ge, you should be able to
[Mon Sep 25 15:39:38 2017] <johnw> I don't know why the separate instance doesn't exist, though
[Mon Sep 25 15:40:13 2017] <Migi32> yeah unfolding it works, thanks.
[Mon Sep 25 18:51:46 2017] <Migi32> do any of the famous problem in mathematics (the millennium prize problems etc) have formulations in coq?
[Mon Sep 25 18:51:58 2017] <Migi32> obviously not proofs but just the statements of what is to be proved
[Mon Sep 25 18:52:54 2017] <Migi32> I'm curious how much machinery would be needed just to state the Riemann hypothesis, or P=NP, etc.
[Mon Sep 25 18:54:03 2017] <modulus> goldbach's conjecture is probably not too hard to express.
[Mon Sep 25 22:44:58 2017] <Migi32> after many hours wrestling with coq I finally proved... that 2 is prime.
[Mon Sep 25 22:45:04 2017] <Migi32> this was way harder than expected
[Mon Sep 25 22:55:42 2017] <benzrf> Migi32: nice o/
[Mon Sep 25 22:56:20 2017] <benzrf> Migi32: you can almost certainly easily express the hailstone sequence problem in coq
[Mon Sep 25 22:56:32 2017] <benzrf> and of course you can state fermat's last theorem
[Tue Sep 26 03:59:58 2017] <bartavelle> I suppose that using some else's library requires putting it in my program's path ?
[Tue Sep 26 04:05:21 2017] <bartavelle> in http://www.lix.polytechnique.fr/coq/V8.2pl1/contribs/GraphBasics.Graphs.html , why is there a G_eq case in the inductive graph type ?
[Tue Sep 26 04:05:39 2017] <bartavelle> isn't it obvious and equivalent to using replace or rewrite ?
[Tue Sep 26 12:17:31 2017] <Migi32> hi. If you have a theorem that holds for all natural numbers except 0, do you formulate it as n <> 0 -> ... or something similar, or do you just use (S n) everywhere in the statement of the theorem?
[Tue Sep 26 12:18:11 2017] <Migi32> I know both styles work, but what I'm asking is which one is more practical?
[Tue Sep 26 12:18:15 2017] <modulus> typically you start with n > 0 -> the rest
[Tue Sep 26 12:19:00 2017] <johnw> I like n <= 0
[Tue Sep 26 12:19:18 2017] <johnw> but not S n
[Tue Sep 26 12:19:36 2017] <johnw> if you use S n, it's much harder to get your theorem to apply when you want to use it, since the constructors have to line up exactly
[Tue Sep 26 12:19:44 2017] <johnw> i.e., even though succ n and S n are the same, they are the same "enough"
[Tue Sep 26 12:19:50 2017] <johnw> aren't*
[Tue Sep 26 12:19:57 2017] <modulus> but is there any n <= 0?
[Tue Sep 26 12:20:06 2017] <johnw> but if you make n <= 0 a precondition, then the theorem will apply and you'll just generate another subgoal
[Tue Sep 26 12:20:12 2017] <modulus> other than 0 itself
[Tue Sep 26 12:20:18 2017] <johnw> oh, I meant n < 0
[Tue Sep 26 12:20:22 2017] <johnw> if n : nat
[Tue Sep 26 12:20:35 2017] <johnw> grr, 0 < n
[Tue Sep 26 12:20:38 2017] <Migi32> ah
[Tue Sep 26 12:20:41 2017] <johnw> sorry, just woken up
[Tue Sep 26 12:20:45 2017] <modulus> confused for a bit.
[Tue Sep 26 12:20:49 2017] <johnw> same
[Tue Sep 26 12:21:07 2017] <modulus> yeah, 0 < n -> bla bla bla works
[Tue Sep 26 12:21:10 2017] <johnw> n > 0 is just as good, but there are more theorems in terms of < than > in the stdlib
[Tue Sep 26 12:21:30 2017] <johnw> so these days I try to stick with < and <= as much as possible
[Tue Sep 26 12:22:12 2017] <Migi32> and why not n <> 0?
[Tue Sep 26 12:22:46 2017] <modulus> it comes to the same in the end
[Tue Sep 26 12:23:37 2017] <johnw> n <> 0 is just a wee bit more annoynig
[Tue Sep 26 12:24:00 2017] <johnw> since now you're dealing with ~ (n = 0), rather than a direct inequality
[Tue Sep 26 12:24:26 2017] <johnw> omega probably doesn't care, though
[Tue Sep 26 12:37:55 2017] <Chobbes> I probably just don't understand dependent induction enough, but is there a way to prove "forall {A} (v : VectorDef.t A 0), v = VectorDef.nil A." in Coq? I was expecting to be able to use induction or dependent induction on the vector, but it leads to an error.
[Tue Sep 26 12:38:19 2017] <Chobbes> Wait. Import Program missing.
[Tue Sep 26 12:39:37 2017] <Chobbes> Problem solved :).
[Tue Sep 26 12:40:20 2017] <Cypi> (just a disclaimer, "depdent induction" _will_ use an axiom named JMeq_eq; just in case you care about it)
[Tue Sep 26 12:40:29 2017] <Cypi> "dependent induction"*
[Tue Sep 26 12:40:54 2017] <Chobbes> Cypi: I do know about that, but I also don't know enough to avoid it right now :).
[Tue Sep 26 12:41:21 2017] <Cypi> not saying you should avoid it, in a lot of setting you don't have to care about it; it was just in case :)
[Tue Sep 26 12:42:32 2017] <modulus> there is an existing macro system, but there is some work in upgrading it i believe.
[Tue Sep 26 12:42:36 2017] <Chobbes> Cypi: I'm assuming I could prove this with refine and some fancy matches instead?
[Tue Sep 26 12:42:39 2017] <modulus> ups wrong chan
[Tue Sep 26 12:43:15 2017] <Cypi> Probably, yes
[Tue Sep 26 13:29:43 2017] <Chobbes> Cypi: oh yeah. Works a charm :).
[Tue Sep 26 13:30:21 2017] <Cypi> You did it with a match? It looks good when it works nicely :p
[Tue Sep 26 13:32:01 2017] <Chobbes> Cypi: yep! It's trivial with match, I just had only heard hushed whispers of this before, so I didn't attempt it.
[Tue Sep 26 13:32:56 2017] <Migi32> why does "case n" not replace n in the hypotheses in the context?
[Tue Sep 26 13:34:08 2017] <Cypi> Because "case" is low-level. Most of the time you want "destruct n"
[Tue Sep 26 13:34:51 2017] <Cypi> (all "case" does is applying naively the eliminator for n on the current goal; it does not try to revert anything from the context back to the goal, and it does not do any intros after applying the eliminator)
[Tue Sep 26 13:39:53 2017] <Migi32> Cypi: yeah, thanks. Which tactics to apply when is still a big struggling block.
[Tue Sep 26 22:55:21 2017] <significance> hey all! any recommendations for a good first guide to coq?
[Tue Sep 26 22:55:49 2017] <benzrf> significance: what's your background?
[Tue Sep 26 22:56:12 2017] <benzrf> (btw, in the future don't expect sub-minute replies from this channel - i just happened to be looking at it :) )
[Tue Sep 26 22:56:48 2017] <significance> benzrf: undergraduate mathematics experience, plus a good amont of experience in some other languages
[Tue Sep 26 22:57:04 2017] <benzrf> what languages?
[Tue Sep 26 22:57:06 2017] <significance> benzrf: haha, I really appreciate it! no worries, I've been on a number of really slow channels before
[Tue Sep 26 22:57:34 2017] <significance> benzrf: mostly imperative paradigms (Python, Java, etc.) but some beginning functional experience (Haskell)
[Tue Sep 26 22:58:59 2017] <benzrf> what's driving your interest in coq?
[Tue Sep 26 23:00:07 2017] <significance> benzrf: I recently read GEB and would love that kind of hands-on approach to working with the Curry-Howard isomorphism/theorem provers in general
[Tue Sep 26 23:00:21 2017] <significance> It's more a general fascination for now.
[Tue Sep 26 23:02:10 2017] <significance> though I'd love to dive more into the theory for sure
[Tue Sep 26 23:03:15 2017] <benzrf> cool
[Tue Sep 26 23:03:19 2017] <benzrf> sry was distracted
[Tue Sep 26 23:03:55 2017] <benzrf> i kinda feel like you might be well served by focusing on haskell a bit and then taking a look at coq once youre a bit more familiar - depending on how much haskell youve already done
[Tue Sep 26 23:05:06 2017] <significance> benzrf: that's probably a good call -- I'm just post-LYAH, so I'll probably try out RWH and circle back :)
[Tue Sep 26 23:05:09 2017] <significance> thanks for your time!!
[Tue Sep 26 23:05:22 2017] <benzrf> significance: oh, hold on
[Tue Sep 26 23:05:26 2017] <benzrf> when you say post-lyah
[Tue Sep 26 23:05:41 2017] <benzrf> (speaking of which, lyan is dispreferred these days >:O )
[Tue Sep 26 23:05:50 2017] <significance> benzrf: huh, really? what do people start with now?
[Tue Sep 26 23:05:53 2017] <benzrf> how strong of a handle do you think you have on the content?
[Tue Sep 26 23:06:13 2017] <significance> benzrf: pretty strong -- I also read up a bit on how the categorical underpinnings come in
[Tue Sep 26 23:06:19 2017] <benzrf> uh, there's some variety in the resources, but cis194 is good - check this out https://github.com/bitemyapp/learnhaskell/
[Tue Sep 26 23:06:42 2017] <significance> sweet, I'll give cis194 a look -- heard it was good
[Tue Sep 26 23:06:55 2017] <benzrf> well, if you feel comfortable with the stuff in lyah, there may be a lot of retreading
[Tue Sep 26 23:07:07 2017] <benzrf> cis194 is just better about introducing a lot of that stuff, and how to use it - e.g. it has good exercises
[Tue Sep 26 23:07:09 2017] <benzrf> anyway -
[Tue Sep 26 23:07:15 2017] <significance> awesome -- thank you so so much
[Tue Sep 26 23:07:18 2017] <benzrf> np :)
[Tue Sep 26 23:07:20 2017] <benzrf> but -
[Tue Sep 26 23:07:51 2017] <benzrf> so if youre comfortable with stuff like type constructors, function types, lambda expressions, algebraic data types, pattern matching -0
[Tue Sep 26 23:07:57 2017] <benzrf> s/0//
[Tue Sep 26 23:08:00 2017] <benzrf> you may be ok to start with coq
[Tue Sep 26 23:08:39 2017] <benzrf> the value of haskell knowledge in using coq is primarily in familiarity with typed lambda-calculus-based systems
[Tue Sep 26 23:08:46 2017] <benzrf> not so much in the specifics of haskell itself
[Tue Sep 26 23:09:31 2017] <significance> benzrf: awesome, I'm certainly familiar with those -- is there a canonical guide for ppl with just base experience w/ those concepts?
[Tue Sep 26 23:09:55 2017] <benzrf> uhhh im not sure
[Tue Sep 26 23:09:57 2017] <benzrf> thats a good question
[Tue Sep 26 23:10:33 2017] <benzrf> personally i took a pretty rocky & gradual route in - so i dont have something i used which i would recommend, really
[Tue Sep 26 23:11:50 2017] <significance> benzrf: sweet -- I'll search around a bit more and see if anything sticks out then :)
[Tue Sep 26 23:12:06 2017] <significance> thank you for your time!! the cis194 thing looks like it'll be a huge help.
[Tue Sep 26 23:12:18 2017] <benzrf> oh, cool
[Tue Sep 26 23:12:49 2017] <benzrf> significance: for what it's worth - software foundations may be an OK introduction
[Tue Sep 26 23:13:23 2017] <significance> benzrf: I'll check that out first -- thank you :)
[Tue Sep 26 23:13:28 2017] <benzrf> but it's definitely more focused on talking about programming language stuff and coq is a vehicle for that, so it's only really incidentally an intro to coq
[Tue Sep 26 23:13:42 2017] <benzrf> so it kind of elides some stuff which might be mentioned in something explicitly trying to explain coq to you
[Tue Sep 26 23:13:45 2017] <benzrf> ¯\_(ツ)_/¯
[Tue Sep 26 23:13:52 2017] <significance> benzrf: gotcha -- honestly I could use a good formal programming text :)
[Tue Sep 26 23:15:16 2017] <benzrf> ok then, that might be two birds with one stone!
[Tue Sep 26 23:16:08 2017] <significance> yeah, this looks awesome -- thanks!
[Tue Sep 26 23:16:18 2017] <benzrf> no problem!
[Tue Sep 26 23:17:15 2017] <significance> have a good day/night :)
[Tue Sep 26 23:17:20 2017] <benzrf> you too
[Wed Sep 27 00:15:05 2017] <dh`> I will carp slightly: while "imperative" is used in the functional programming world to mean "everything that isn't functional (or maybe logic/prolog)", properly speaking "imperative" means fortran
[Wed Sep 27 00:15:39 2017] <dh`> while the functional language community was curled up in a little ball by itself the outside world moved on to "structured" and then "object-oriented" and now other post-object ideas
[Wed Sep 27 00:17:01 2017] <dh`> there's a tendency in the functional world to lump all these together, but that's about as meaningful as grouping haskell with elisp.
[Wed Sep 27 00:23:45 2017] <rgrinberg> suppose i have an asssumption that looks like this (fun x => ..) = (fun x => ...)
[Wed Sep 27 00:24:06 2017] <rgrinberg> is there a way to apply a particular value to get to this equality between functions
[Wed Sep 27 00:24:51 2017] <dh`> hrm, that's an interesting one.
[Wed Sep 27 00:25:21 2017] <dh`> you can certainly do "remember ((fun x => ...) foo) as foo'"
[Wed Sep 27 00:25:35 2017] <dh`> but I'm not sure there's any good way to do it without retying all the ...
[Wed Sep 27 00:25:38 2017] <dh`> er, retyping.
[Wed Sep 27 00:25:59 2017] <rgrinberg> and i mean apply a value, to get an equality between two values
[Wed Sep 27 00:26:29 2017] <dh`> hmm
[Wed Sep 27 00:27:05 2017] <dh`> maybe "assert (forall foo, (fun x => ..) foo = (fun x => ...) foo)"?
[Wed Sep 27 00:27:14 2017] <dh`> then use the original equality to rewrite, then reflexivity
[Wed Sep 27 00:27:39 2017] <dh`> then simpl in the resulting hypothesis to make the functions apply
[Wed Sep 27 00:27:53 2017] <rgrinberg> do i have to copy the contents of the functions into my assertion?
[Wed Sep 27 00:28:11 2017] <dh`> probably :9
[Wed Sep 27 00:28:17 2017] <dh`> er :(
[Wed Sep 27 00:28:28 2017] <dh`> like I was saying, I'm not sure there's any good way to do it without retyping the bodies
[Wed Sep 27 00:29:07 2017] <dh`> hmm.
[Wed Sep 27 00:29:08 2017] <rgrinberg> i thought retyping referred to some type theory magic i've yet to understand :D
[Wed Sep 27 00:29:14 2017] <Cypi> I am surprised there is no "forall {A B : Type} {f g : A -> B}, f = g -> forall x, f x = g x" lemma in the Stdlib?
[Wed Sep 27 00:29:42 2017] <dh`> maybe: assert (forall f g x, f = g -> f x = g x) by (intro Hfg; rewrite Hfg; auto)
[Wed Sep 27 00:29:46 2017] <Cypi> You could just prove it above whatever you're doing, and then use it with your equality, it will certainly be less verbose
[Wed Sep 27 00:30:12 2017] <dh`> then apply that in your original equality
[Wed Sep 27 00:30:38 2017] <dh`> I wish there were a good way to search the whole library, rather than just the parts you've imported
[Wed Sep 27 00:33:00 2017] <dh`> actually you want the version cypi wrote with the inner forall, otherwise (IIRC) it'll demand you pick x when you apply it in your original equality
[Wed Sep 27 00:34:17 2017] <dh`> for my part, at the moment I'm wishing that either modules or typeclasses would let you say "let t be a type with two constructors with the following type signatures"
[Wed Sep 27 00:34:56 2017] <dh`> with modules, you can put such a type in a module signature but then you can only instantiate it with a type that has the same names for the constructors.
[Wed Sep 27 00:34:59 2017] <Cypi> Yeah, I kind of have the same wish. I even want to be able to have convertibility constraints on module fields
[Wed Sep 27 00:35:12 2017] <dh`> and with typeclasses you can't do it at all.
[Wed Sep 27 00:35:34 2017] <dh`> if you make a typeclass that just has two functions that serve as the constructors, it really severely hampers proving things
[Wed Sep 27 00:36:30 2017] <rgrinberg> how do prove's cypi's lemma?
[Wed Sep 27 00:36:40 2017] <rgrinberg> how do i prove cypi's lemma?
[Wed Sep 27 00:36:46 2017] <Cypi> With a rewrite
[Wed Sep 27 00:37:01 2017] <dh`> pretty much with what I said
[Wed Sep 27 00:37:09 2017] <rgrinberg> ah yes
[Wed Sep 27 00:37:44 2017] <dh`> rewrite with the f = g, then you get forall x, f x = f x (or g x = g x, depending on the rewrite direction)
[Wed Sep 27 00:38:06 2017] <rgrinberg> yup, thanks
[Wed Sep 27 00:41:52 2017] <dh`> at the moment my thinking is that the best approach for strings is to make a module signature whose type has constructors EmptyString and String, and then provide one instantiation for the current string type and then two more, one for utf-8 strings and one for unicode wide strings
[Wed Sep 27 00:43:07 2017] <dh`> except that I'm really not thrilled about those constructor names, either.
[Wed Sep 27 00:43:58 2017] <dh`> and I continue to wonder if maybe it wouldn't be better to just use lists of characters.
[Wed Sep 27 00:44:28 2017] <dh`> and some kind of magic extraction axioms when doing ocaml extractions to get ocaml strings instead of character lists
[Wed Sep 27 00:44:48 2017] <dh`> haskell extractions ought to produce character lists regardless, because that's how haskell works.
[Wed Sep 27 00:45:28 2017] <rgrinberg> suppose I have an equality like 0 = 1 + some irrelevant stuff
[Wed Sep 27 00:45:34 2017] <rgrinberg> hwo do i generate a contradiction from that?
[Wed Sep 27 00:45:45 2017] <dh`> the easiest way is the omega tactic
[Wed Sep 27 00:46:07 2017] <Cypi> If it is literally "0 = 1 + ( ... )", inversion will work because it is convertible to "0 = S ..."
[Wed Sep 27 00:46:41 2017] <dh`> don't you need to rewrite the 1 + as S first?
[Wed Sep 27 00:46:42 2017] <Cypi> but yeah, omega is more general when you have some contradictory arithmetic facts
[Wed Sep 27 00:46:58 2017] <Cypi> No, the way addition is implemented,  "1 + ..." and "S ..." are the same thing
[Wed Sep 27 00:47:11 2017] <dh`> I've noticed that it's funny about that in ways I don't always understand
[Wed Sep 27 00:47:15 2017] <Cypi> but you do rely on the fact that implementation is implemented that way
[Wed Sep 27 00:48:04 2017] <rgrinberg> Cypi: awesome.
[Wed Sep 27 00:48:06 2017] <rgrinberg> that worked
[Wed Sep 27 00:48:08 2017] <dh`> also, is it expected that omega refuses to solve things like x * y = S (x * y) unless you do "remember (x * y) as foo"?
[Wed Sep 27 00:49:07 2017] <Cypi> it works here
[Wed Sep 27 00:49:11 2017] <dh`> I know it doesn't understand multiplication, but I would have expected it to treat x * y as an irreducible blob
[Wed Sep 27 00:49:19 2017] <Cypi> it is supposed to treat "x * y" as a variable indeed
[Wed Sep 27 00:49:20 2017] <dh`> it wasn't for some stuff I was doing
[Wed Sep 27 00:50:02 2017] <dh`> e.g. I needed the blef in: rewrite substring_append_second; try (remember (m * length s) as blef; omega)
[Wed Sep 27 00:50:28 2017] <dh`> if you want the full context I can get it
[Wed Sep 27 00:50:58 2017] <Cypi> I probably won't be able to say anything else than "I think it is expected" or the contrary, but sure, if it is not much trouble
[Wed Sep 27 00:51:02 2017] <dh`> this was in the middle of proving something about repeat (k: nat) (s: string) which stamps down the string k times
[Wed Sep 27 00:51:09 2017] <dh`> ok moment
[Wed Sep 27 00:53:19 2017] <dh`> the lemma is:
[Wed Sep 27 00:53:20 2017] <dh`> Lemma repeat_substring:
[Wed Sep 27 00:53:20 2017] <dh`>    forall m k s,
[Wed Sep 27 00:53:20 2017] <dh`>    m < k ->
[Wed Sep 27 00:53:20 2017] <dh`>    String.substring (m * String.length s) (String.length s) (repeat k s) = s.
[Wed Sep 27 00:53:42 2017] <dh`> proof is by induction on k
[Wed Sep 27 00:54:56 2017] <dh`> this is in the inductive case, and within that, the S m' case of "destruct m"
[Wed Sep 27 00:55:36 2017] <dh`> after simpl, the goal is: substring (length s + m * length s) (length s) (s ++ repeat k s) = s
[Wed Sep 27 00:56:24 2017] <dh`> substring_append_second is:
[Wed Sep 27 00:56:25 2017] <dh`>   Lemma substring_append_second:
[Wed Sep 27 00:56:26 2017] <dh`>      forall s1 s2 m n,
[Wed Sep 27 00:56:26 2017] <dh`>      m >= String.length s1 ->
[Wed Sep 27 00:56:26 2017] <dh`>      String.substring m n (s1 ++ s2)%string = String.substring (m - String.length s1) n s2.
[Wed Sep 27 00:56:41 2017] <dh`> that is, if you take a substring of s1 ++ s2 that's entirely in s2
[Wed Sep 27 00:58:04 2017] <dh`> the extra bit produced by the rewrite that the try is supposed to retire is:
[Wed Sep 27 00:58:05 2017] <dh`> length s + m * length s >= length s
[Wed Sep 27 00:58:30 2017] <dh`> I guess it doesn't work because length s appears inside m * length s?
[Wed Sep 27 00:59:32 2017] <Cypi> I never worked with string, give me a moment to catch up :p
[Wed Sep 27 00:59:51 2017] <dh`> very little of this is in the native string library :-)
[Wed Sep 27 01:00:20 2017] <dh`> (the reason I'm working on this thing is that the native string library has like 3-4 functions and a dozen lemmas)
[Wed Sep 27 01:01:21 2017] <Cypi> Alright, I see
[Wed Sep 27 01:01:29 2017] <Cypi> indeed, I would expect omega to solve this system
[Wed Sep 27 01:01:31 2017] <dh`> my stringfacts.v is currently at 8838 lines and it hasn't got to anything really complicated yet
[Wed Sep 27 01:02:04 2017] <Cypi> ("auto with arith" does solve it, btw)
[Wed Sep 27 01:02:42 2017] <dh`> not sure I knew that existed :-/
[Wed Sep 27 01:03:11 2017] <Cypi> It is just "auto" complemented by a bunch of arithmetic lemmas in the "arith" hint database
[Wed Sep 27 01:04:26 2017] <dh`> I don't know enough about hints databases
[Wed Sep 27 01:04:46 2017] <Cypi> Not much to know as long as you don't want to create one and populate it.
[Wed Sep 27 01:07:05 2017] <Cypi> It is so strange... it can solve "x + x*y >= x*y", but not "x*y + x*y >= x*y" and not "x + x*y >= x"
[Wed Sep 27 01:08:09 2017] <dh`> that's weird, particularly x*y + x*y >= x*y
[Wed Sep 27 01:11:53 2017] <dh`> that reminds me, I really need to get around to filing a proper bug report on the problem I found with congruence
[Wed Sep 27 01:14:00 2017] <dh`> (last spring I stepped on a way to get it to generate a bad proof term)
[Wed Sep 27 01:16:57 2017] <dh`> anyway, thanks for looking at it, glad it wasn't just my imagination
[Wed Sep 27 11:10:00 2017] <rgrinberg> not totally related to coq, but is it possible to have 2 proof general "contexts" running at the same time in emacs? one for each coq script that is
[Wed Sep 27 11:24:27 2017] <rgrinberg> Also another question. Suppose I want to search for all things involving "In". How would I do that? I can do Search "In". but that returns a lot of irrelevant stuff
[Wed Sep 27 11:25:24 2017] <benzrf> rgrinberg: Search In.
[Wed Sep 27 11:26:16 2017] <benzrf> rgrinberg: in general you can do [Search foo] where foo is an expression, not just something in quotes
[Wed Sep 27 11:26:28 2017] <benzrf> or SearchAbout if you want anything that mentions it, not just using it in the conclusion or whatever
[Wed Sep 27 11:26:56 2017] <rgrinberg> thanks. so Search only searches for things in the last argument?
[Wed Sep 27 11:27:10 2017] <rgrinberg> is that what you mean by "in the conclusion"?
[Wed Sep 27 11:34:07 2017] <pmetzger> rgrinberg: You can only have one proof general context going at a time. It is an unfortunate limitation. It's caused by the use of global variables for things that should be context specific.
[Wed Sep 27 11:34:17 2017] <pmetzger> Hopefully someone will fix that in the future.
[Wed Sep 27 11:43:06 2017] <rgrinberg> pmetzger: i see... damn emacs
[Wed Sep 27 11:44:55 2017] <pmetzger> I believe Paul Steckler was talking about fixing this. He has a new version of Proof General that also handles the parallelism stuff that CoqIDE does now.
[Wed Sep 27 11:47:28 2017] <rgrinberg> I don't quite get the difference between contradict and contradiction? any rule of thumb for how to decide which one to use?
[Wed Sep 27 11:47:37 2017] <rgrinberg> I actually, i'm not even sure how to use contradiction effectively at all
[Wed Sep 27 12:22:06 2017] <rgrinberg> is there a way to do a qualified import of a single symbol from a module in coq?
[Wed Sep 27 12:28:32 2017] <benzrf> rgrinberg: i cant remember what the specific behavior of search vs searchabout is, but yes i believe its basically to do with the return type
[Wed Sep 27 12:28:37 2017] <benzrf> not "final argument" :p
[Wed Sep 27 12:29:34 2017] <johnw> rgrinberg: You can make another module that only exports that one symbol, and then import that module.  But there's no easy Haskell-like way to do it.
[Wed Sep 27 12:29:42 2017] <benzrf> rgrinberg: btw, here's a fun fact regarding Search: https://i.imgur.com/XqEmu19.png
[Wed Sep 27 12:30:08 2017] <benzrf> if you pass it something to search for, it really does search for that term, not just the exact string - those two types are convertible, since it's just a variable rename, so it finds it :)
[Wed Sep 27 12:30:13 2017] <rgrinberg> johnw: i see, thanks. very ocaml-like
[Wed Sep 27 12:30:45 2017] <benzrf> that said, it doesnt do, like, actual computation for the searches - [Search (1 + 1)] won't find stuff that [Search 2] does - but it's not that dumb either
[Wed Sep 27 12:30:59 2017] <rgrinberg> benzrf: yeah searching is clever. though i'm not comfortable with it yet. for example, how do the ?p patterns works
[Wed Sep 27 12:31:07 2017] <benzrf> oh shit can you use those with search?
[Wed Sep 27 12:31:10 2017] <benzrf> i didn't know that :D
[Wed Sep 27 12:31:34 2017] <benzrf> hmm, what have you seen that uses that?
[Wed Sep 27 12:39:59 2017] <rgrinberg> i forgot but I'm somewhat able to make use of it with things like
[Wed Sep 27 12:40:05 2017] <rgrinberg> Search In ?x []. for example
[Wed Sep 27 12:41:05 2017] <benzrf> o.O
[Wed Sep 27 13:05:14 2017] <rgrinberg> do coq scripts need to start with a capital letter to be importable?
[Wed Sep 27 13:05:31 2017] <Cypi> You mean, the filename? No
[Wed Sep 27 13:07:06 2017] <rgrinberg> okay. can the filename contain numbers?
[Wed Sep 27 13:07:09 2017] <rgrinberg> digits rather
[Wed Sep 27 13:07:29 2017] <Cypi> yes
[Wed Sep 27 13:08:25 2017] <Cypi> (not in front, though)
[Wed Sep 27 13:08:37 2017] <Cypi> (the whole thing needs to be a valid Module name, basically)
[Wed Sep 27 13:17:06 2017] <rgrinberg> by default, I'm allows to import modules from my current dir, right?
[Wed Sep 27 13:17:43 2017] <Cypi> If they have been compiled previously, yes, you should be able to.
[Wed Sep 27 13:18:06 2017] <rgrinberg> and if they haven't?
[Wed Sep 27 13:18:39 2017] <Cypi> Well, then no
[Wed Sep 27 13:19:06 2017] <Cypi> If you have a directory with ./Foo.v and ./Bar.v, you need to do "coqc Foo.v" in this directory to be able to do "Require Import Foo." inside Bar.v
[Wed Sep 27 13:19:42 2017] <Cypi> Require looks for compiled files, not source files
[Wed Sep 27 13:21:10 2017] <rgrinberg> I see.. so I should probably start messing around with makefiles so that I can recompile things easily
[Wed Sep 27 13:22:12 2017] <Cypi> You could look at coq_makefile. In its simplest form, you just need a file (usually called _CoqProject) which contains the list of .v files in your project (one file per line, I believe)
[Wed Sep 27 13:22:29 2017] <Cypi> then you can call "coq_makefile -f _CoqProject -o Makefile" once to generate a Makefile
[Wed Sep 27 13:22:58 2017] <Cypi> (of course you can also write your own, it's up to you)
[Wed Sep 27 15:09:59 2017] <rgrinberg> Cypi: thanks. I'll look into that.
[Wed Sep 27 15:10:27 2017] <rgrinberg> Suppose I have an expression like (fun x => ...) a in my goal, how do I simply apply this lambda to a?
[Wed Sep 27 15:10:54 2017] <Cypi> Just "simpl" should work, it's just a beta-reduction
[Wed Sep 27 15:10:58 2017] <Cypi> (unless I misunderstood)
[Wed Sep 27 15:13:19 2017] <rgrinberg> yeah, i tried simpl. it didn't work...
[Wed Sep 27 15:13:43 2017] <Cypi> Then I'd lire more details :)
[Wed Sep 27 15:13:45 2017] <Cypi> like*
[Wed Sep 27 15:14:06 2017] <Cypi> it's in your goal, right, not in your context?
[Wed Sep 27 15:14:33 2017] <rgrinberg> yup.
[Wed Sep 27 15:19:28 2017] <Cypi> Could you copy/paste your goal or something, if it's not too long?
[Wed Sep 27 15:23:08 2017] <pmetzger> or put it on pastebin
[Wed Sep 27 15:42:47 2017] <rgrinberg> contents al v = multiset_delete (fun x0 : value => (if x0 =? v then 1 else 0) + contents al x0) v v
[Wed Sep 27 15:42:50 2017] <rgrinberg> here it is Cypi
[Wed Sep 27 15:44:18 2017] <Cypi> Ah, well, the lambda is not applied to anything in this case
[Wed Sep 27 15:44:25 2017] <Cypi> since it is just an argument to "multiset_delete"
[Wed Sep 27 15:44:50 2017] <Cypi> if you unfold multiset_delete, maybe at some point the lambda will be applied to something and you can unfold it
[Wed Sep 27 15:57:25 2017] <rgrinberg> ah i see. oops
[Wed Sep 27 15:58:54 2017] <rgrinberg> how do I simplify a clause like if v =? v then ...?
[Wed Sep 27 15:58:58 2017] <rgrinberg> since it's clearly true
[Wed Sep 27 15:59:53 2017] <benzrf> rgrinberg: it depends on what =? is
[Wed Sep 27 16:00:03 2017] <Cypi> There is probably a lemma which says "forall v, v =? v = true"
[Wed Sep 27 16:00:08 2017] <Cypi> you can rewrite with this lemma
[Wed Sep 27 16:00:36 2017] <rgrinberg> Nat.eqb
[Wed Sep 27 16:00:45 2017] <benzrf> rgrinberg: keep in mind that from coq's point of view, =? is just a function like any other - [v =? v = true] is no more obvious than, say, [n + n = 2 * n]
[Wed Sep 27 16:01:02 2017] <benzrf> so you do need a specific proof of the reflexivity of the function
[Wed Sep 27 16:01:29 2017] <rgrinberg> rewriting with Nat.eqb_refl  seems to work
[Wed Sep 27 20:02:32 2017] <Migi32> "No more subgoals."
[Wed Sep 27 20:02:37 2017] <Migi32> isn't that the best feeling ever? :p
[Wed Sep 27 20:04:31 2017] <Migi32> sorry, just finished a theorem with 18 cases, sub-cases and sub-sub-cases and I'm pretty happy that that's over now
[Wed Sep 27 20:06:54 2017] <modulus> it's a good feeling, at least when Qed doesn't fail ;-)
[Wed Sep 27 20:07:28 2017] <Migi32> Qed can fail?
[Wed Sep 27 20:13:16 2017] <Cypi> It can. The most normal case is when you used a fixpoint, and the recursive call was not correct
[Wed Sep 27 20:13:30 2017] <Cypi> but sometimes tactics can produce ill-typed terms, which will then make Qed fail
[Wed Sep 27 20:13:51 2017] <Cypi> (the whole term is type-checked again at Qed)
[Wed Sep 27 20:15:52 2017] <modulus> fortunately this doesn't happen often.
[Wed Sep 27 21:03:42 2017] <rgrinberg> I'm a noob with coq and I manage to prove stuff but my proofs end up being very long and unreadable and writing them feels like playing tetris with tactics rather than reasoning through things :/
[Wed Sep 27 21:04:37 2017] <rgrinberg> Does this problem solve itself? Or do I need to start making more of an effort writing and understanding my proofs
[Wed Sep 27 21:09:42 2017] <modulus> there are ways to structure proofs, like tacticals. that said the tetris feeling probably doesn't ever go away entirely, but it is reasoning of a sort.
[Wed Sep 27 21:14:26 2017] <rgrinberg> what do people do without tactics though? do they write proper, clear programs and understand their proofs entirely?
[Wed Sep 27 21:14:34 2017] <rgrinberg> or is there still some tetris there?
[Wed Sep 27 21:16:13 2017] <modulus> well, tactics are not absolutely necessary for proofs but it's the reasonable way of doing it, but i was asking about tacticals, things like the ";" and such.
[Wed Sep 27 21:16:29 2017] <modulus> which can help give structure to the proof and automate repetitive bits.
[Wed Sep 27 21:19:10 2017] <rgrinberg> modulus: i know how to use ";". not really any other tacticals
[Thu Sep 28 00:22:52 2017] <buttbutter> I was wondering if someone could help me along with this proof: http://paste.ubuntu.com/25631247/
[Thu Sep 28 00:23:13 2017] <buttbutter> Obviously the claim is absurd, but I can't seem to figure out how to prove that the claim is absurd (i.e. lf = x :: lf).
[Thu Sep 28 00:57:59 2017] <buttbutter> This channel is so dead :(
[Thu Sep 28 03:15:39 2017] <bartavelle> rgrinberg: I just started with coq, but I usually reason to what should be inverted / inducted / destroyed, and then it is tactics tetris
[Thu Sep 28 08:20:38 2017] <Migi32_> hi. I'm getting stuck on something really basic. Say I have a hypothesis in the context that has an implication in it, say Hyp: A -> B, and I can prove my goal if I had a proof of B. What I can do is write assert (proof_of_A: A). Then I prove that new subgoal, then I pose (proof_of_B := Hyp proof_of_A).
[Thu Sep 28 08:21:10 2017] <Migi32_> that works, but isn't there a faster way? In particular, writing the "assert (proof_of_A: A)" can be pretty cumbersome if A is a big statement
[Thu Sep 28 08:21:43 2017] <modulus> I think apply
[Thu Sep 28 08:22:07 2017] <modulus> nm, ij ust woke and i'm not making sense.
[Thu Sep 28 08:24:47 2017] <Migi32_> I seem to remember using "destruct Hyp", but that's not working now, as it gives the error: Not an inductive product.
[Thu Sep 28 08:29:39 2017] <Cypi> "apply Hyp" is what you want, indeed
[Thu Sep 28 08:30:05 2017] <Cypi> Oh, sorry, you meant that you want a proof of B to then prove your goal, alright
[Thu Sep 28 08:30:46 2017] <Cypi> a way to do it could be "refine ((fun H => _) (Hyp _))."
[Thu Sep 28 08:31:02 2017] <Cypi> a bit manual, but it should do what you want (not repeating A and so on)
[Thu Sep 28 08:41:28 2017] <Migi32_> Cypi: yeah that works great, thanks. But I'm surprised that this is not a common enough occurrence to have its own shorthand tactic. You have to admit that "refine ((fun H => _) (Hyp _))." is pretty obscure
[Thu Sep 28 08:44:50 2017] <Cypi> What you'd want is something like "especialize (Hyp _)", I am not sure why it doesn't exist
[Thu Sep 28 09:30:34 2017] <Migi32_> Cypi: I'm trying to write my own tactic to that effect using Ltac. It's going pretty well, but is there a way to switch the order of the subgoals generated by that "refine ((fun H => _) (Hyp _))."?
[Thu Sep 28 09:31:10 2017] <Cypi> yup, "tac; swap 1 2" will swap the first and second subgoals generated by a tac
[Thu Sep 28 09:33:43 2017] <Migi32_> sweet. thanks.
[Thu Sep 28 11:21:47 2017] <rgrinberg> jrw: are you the author of https://homes.cs.washington.edu/~jrw12/dep-destruct.html ?
[Thu Sep 28 13:12:59 2017] <jrw> rgrinberg: yes
[Thu Sep 28 13:38:48 2017] <rgrinberg> jrw: i enjoyed it, thanks for writing it. I'm curious though, why do we need fin at all? can't we just work directly with nat to establish cardinalities
[Thu Sep 28 13:41:13 2017] <jrw> rgrinberg: you can replace fin n with {k : nat | k < n}, if that's what you mean
[Thu Sep 28 13:41:34 2017] <rgrinberg> jrw: yeah
[Thu Sep 28 13:42:27 2017] <jrw> one way to think of that post is just as a tutorial on some aspects of dependent pattern matching. the applications to fin may or may not be interesting in their own right, but they are useful as a simple example of dependency.
[Thu Sep 28 15:03:58 2017] <rgrinberg> jrw: yeah, I get it. Thanks :)
[Thu Sep 28 15:04:41 2017] <rgrinberg> suppose I have a binding with 2 definitions. E.g. one : nat and one as a variable. is there a way to disambiguate them?
[Thu Sep 28 15:07:32 2017] <rgrinberg> Actually, the other "one" in my case is a generalizable variable
[Thu Sep 28 17:55:39 2017] <dh`> that link was an interesting read, thanks
[Thu Sep 28 18:35:26 2017] <rgrinberg> is it possible to remove imported identifiers in coq?
[Thu Sep 28 18:35:31 2017] <rgrinberg> kinda like with Reset?
[Fri Sep 29 10:41:26 2017] <piyush-kurur> question regarding extraction to haskell. Is there a way to include a module import in the extracted file
[Fri Sep 29 12:35:43 2017] <Migi32_> if you have as goal "let (a,b) := something in something_else", is it possible to bring those a and b into the context, like what intro does with implication?
[Fri Sep 29 13:15:38 2017] <deeglaze> I think you need to destruct something.
[Sat Sep 30 09:44:38 2017] <elozlo> Do we know that it is impossible to prove systemF/CC strong normalization without impredicativity?
[Sat Sep 30 11:19:09 2017] <rgrinberg> what is eqn:? at the end of a destruct? e.g. destruct H ... eqn:?.
[Sat Sep 30 11:26:10 2017] <rrika> rgrinberg, usually when you destruct some expression, that expression will in each subgoal be replaced with the respective case of whatever type that expression was.
[Sat Sep 30 11:26:59 2017] <rrika> but sometimes you want to keep the original expression around, which you can indicate with eqn:somename
[Sat Sep 30 11:27:53 2017] <rgrinberg> ah, i'm aware of that form. the way I've seen it is using something like eqn:HH.
[Sat Sep 30 11:28:12 2017] <rrika> oh wait, you mean a literal question mark?
[Sat Sep 30 11:28:14 2017] <rgrinberg> But here I don't see the new assumption under the name "?" anywhere
[Sat Sep 30 11:28:17 2017] <rgrinberg> yes
[Sat Sep 30 11:28:20 2017] <rrika> sorry
[Sat Sep 30 11:28:52 2017] <rgrinberg> rrika: to convince you i haven't made this up, look for eqn:? here: https://softwarefoundations.cis.upenn.edu/current/vfa-current/Decide.html
[Sat Sep 30 11:28:54 2017] <rgrinberg> :)
[Sat Sep 30 11:29:02 2017] <rrika> it just picks a random name
[Sat Sep 30 11:29:20 2017] <rrika> just induction generates "IH<somethingsomething>"
[Sat Sep 30 11:29:21 2017] <rgrinberg> oh
[Sat Sep 30 11:29:26 2017] <rgrinberg> ok I see.
[Sat Sep 30 11:29:27 2017] <rrika> *just like
[Sat Sep 30 18:06:36 2017] <Migi32> if I have as goal "let (a,b) := something in something_else", is it possible to move these (a,b) into the context, like what "intros" does?
[Sat Sep 30 18:06:44 2017] <Migi32> or how do you usually deal with these kinds of goals?
[Sat Sep 30 18:06:59 2017] <Migi32> I asked this question yesterday as well but I had to go before anyone could answer
[Sat Sep 30 18:07:15 2017] <Migi32> still stuck on it though
[Sat Sep 30 18:07:46 2017] <aj> "Migi32: destruct something as (a,b)" ?
[Sat Sep 30 18:08:45 2017] <aj> err "destruct something as [a b]" i mean
[Sat Sep 30 18:10:51 2017] <Migi32> well that just deletes the whole "let (a,b) := something in " part, without putting the definition of (a,b) in the context
[Sat Sep 30 18:29:50 2017] <aj> Migi32: oh, "destruct something as [a b] eqn: Hab" then?
[Sat Sep 30 18:30:39 2017] <Migi32> aj: yes! Thanks you.
[Sat Sep 30 18:30:41 2017] <Migi32> finally :p
[Sat Sep 30 18:32:21 2017] <aj> Migi32: :)
[Sat Sep 30 23:54:23 2017] <hop3> Hey, hello! I'm new around here, could anyone give me a hand? (any Portuguese speaker, by the way?)
[Sat Sep 30 23:55:32 2017] <benzrf> hop3: hi, probably!
[Sat Sep 30 23:55:38 2017] <benzrf> personally though im pretty tired, its midnight where i am
[Sat Sep 30 23:56:52 2017] <hop3> Oh, it's 1 am here, haha
[Sat Sep 30 23:58:57 2017] <hop3> ok, so, i'm trying to complete a proof of the correctness of bubblesort, but I don't know if I've built things up the right way
[Sun Oct  1 00:00:14 2017] <hop3> https://codeshare.io/Gknqe3
[Sun Oct  1 00:02:28 2017] <hop3> I know coq has a "Sorted" library, but as I'm new to it, I don't really understand how to construct a Lemma using LocallySorted, so I built my own
[Sun Oct  1 01:18:29 2017] <dh`> my browser doesn't like your pastebin, so maybe if you ask a more specific question...
[Sun Oct  1 03:26:35 2017] <rrika> hop3, your code actually describes insertion sort, not bubblesort
[Sun Oct  1 03:28:46 2017] <rrika> The "sorted" prop looks fine.
[Sun Oct  1 10:36:06 2017] <hop3> oh, thanks, rrika, I thought about that, but I searched for other implementations and they were all the same, haha...
[Sun Oct  1 10:36:18 2017] <rrika> lol
[Sun Oct  1 10:43:33 2017] <hop3> maybe the correct way to do it must considerate reducing the length of the list in the recursion function, because you don't need to compare until the end... but this is just an optimization, right?
[Sun Oct  1 10:44:06 2017] <rrika> you have two recursive functions, the inner one is good already
[Sun Oct  1 10:45:05 2017] <hop3> hmmm
[Sun Oct  1 10:58:33 2017] <hop3> by "recursion function" I meant the outer one, lol, sorry... so, what's the idea of the outer one? I'm out of ideas, lol
[Sun Oct  1 11:01:12 2017] <rrika> apply bubble to the entire list, in every iteration of bubblesort
[Sun Oct  1 11:01:24 2017] <rrika> while counting down from the length of the list to zero
[Sun Oct  1 11:02:33 2017] <rrika> Fixpoint bubblesort (n: nat) (l : list nat) : list nat :=
[Sun Oct  1 11:02:33 2017] <rrika>   match n with.
[Sun Oct  1 11:02:33 2017] <rrika>   | 0 => l
[Sun Oct  1 11:02:33 2017] <rrika>   | S n => bubblesort n (bubble l)
[Sun Oct  1 11:02:34 2017] <rrika>   end.
[Sun Oct  1 11:03:53 2017] <rrika> I imagine the proof for that is going to be hard though
[Sun Oct  1 11:07:09 2017] <rrika> More and more elements in the back of the list will correspond to the sorted version
[Sun Oct  1 11:27:00 2017] <hop3> I see, awesome! thank, rrika! <3
[Sun Oct  1 11:28:58 2017] <hop3> now I'm going to try proving this: Lemma bubble_preserves_order : forall n l, sorted l -> sorted (bubble n l).
[Sun Oct  1 11:47:37 2017] <rrika> good luck!
[Sun Oct  1 15:28:25 2017] <hop3> hey, can anyone give me another hand?
[Sun Oct  1 16:47:41 2017] <Migi32> hop3: codeshare is over capacity, it doesn't let me see what you posted
[Sun Oct  1 16:48:21 2017] <Migi32> nvm it works now
[Sun Oct  1 16:48:27 2017] <Migi32> I'll give it a shot
[Sun Oct  1 16:49:46 2017] <hop3> thanks Migi32, but I changed it a little bit
[Sun Oct  1 16:49:58 2017] <hop3> just a sec
[Sun Oct  1 16:54:21 2017] <hop3> https://gist.github.com/anonymous/6b15c4640d9558791af3a8ba6283d44a
[Sun Oct  1 16:56:13 2017] <hop3> I'm getting stuck at some points in this last Lemma proof
[Sun Oct  1 17:02:25 2017] <rrika> hop3, do you do induction on H?
[Sun Oct  1 17:07:25 2017] <hop3> I actually do induction on l
[Sun Oct  1 17:11:19 2017] <dh`> your sorted inductive isn't good enough
[Sun Oct  1 17:14:14 2017] <hop3> hmmm, maybe I need the strong version of sorted? the one I use is the "locallysorted", just like in the Sorted library
[Sun Oct  1 17:23:22 2017] <dh`> hm
[Sun Oct  1 17:23:24 2017] <dh`> maybe I'm wrong
[Sun Oct  1 17:23:48 2017] <dh`> oh
[Sun Oct  1 17:23:51 2017] <dh`> yeah, I'm wrong. n/m
[Sun Oct  1 17:26:34 2017] <hop3> what a relief, haha...
[Sun Oct  1 17:27:06 2017] <dh`> what's the first argument of bubblesort for?
[Sun Oct  1 17:28:46 2017] <rrika> I think things will be a bit easier if bubble takes only one list and splits off the head itself.
[Sun Oct  1 17:30:21 2017] <dh`> oh, I see, it's recursive gas
[Sun Oct  1 17:30:35 2017] <dh`> you ought to be able to do this without recursive gas
[Sun Oct  1 17:30:49 2017] <rrika> dh`, it was me who suggested doing that ^^;
[Sun Oct  1 17:31:19 2017] <rrika> dh`, what would you use as decreasing argument then?
[Sun Oct  1 17:31:38 2017] <hop3> my original idea was to create an outer recursion like the insertion one
[Sun Oct  1 17:41:57 2017] <hop3> I tried to do it this way: https://gist.github.com/anonymous/ead887153716682ab78cf152b094fcfe
[Sun Oct  1 17:42:42 2017] <hop3> but he won't allow the bubble, "Recursive call to bubble has principal argument equal to "h' :: tl" instead of one of the following variables: "l0" "tl"."
[Sun Oct  1 17:42:49 2017] <dh`> the list itself should be sufficient
[Sun Oct  1 17:42:50 2017] <dh`> I think
[Sun Oct  1 17:43:14 2017] <hop3> oh
[Sun Oct  1 17:43:16 2017] <hop3> you're correct
[Sun Oct  1 17:43:18 2017] <hop3> lol
[Sun Oct  1 17:43:39 2017] <hop3> yeap, lol
[Sun Oct  1 17:43:41 2017] <hop3> my bad
[Sun Oct  1 17:44:10 2017] <hop3> oh, but there's a problem
[Sun Oct  1 17:45:22 2017] <hop3> I think this won't do, we lose information
[Sun Oct  1 18:48:59 2017] <dh`> hint: it's much easier to induct on sorted than on the list
[Sun Oct  1 19:00:44 2017] <dh`> although you can do it both ways.
[Sun Oct  1 19:01:50 2017] <dh`> although what I have is technically insertion sort
[Sun Oct  1 19:02:16 2017] <dh`> not sure offhand if there's a different notion of bubblesort for cons-lists
[Sun Oct  1 19:08:51 2017] <benzrf> dh`: perhaps something with zippers
[Sun Oct  1 19:19:30 2017] <Migi32> hop3: here's a proof of bubble_preserves_order: https://gist.github.com/Migi/924d400a7ffdb7c357f23b0a25f77e53
[Sun Oct  1 19:20:56 2017] <Migi32> the names are pretty bad and nondescriptive, and it's probably possible to do this all in a much shorter and cleaner proof, but I wrote it pretty quickly
[Sun Oct  1 19:22:05 2017] <Migi32> oh and also the lemmas sorted_replace_front and bubble_head_is_ge2 aren't actually used, but I just left them in, maybe they can be useful
[Sun Oct  1 19:29:14 2017] <dh`> I was thinking maybe bubble should extract the smallest element out to the front, then recurse on the tail
[Sun Oct  1 19:29:26 2017] <dh`> but this becomes really regrettable really quickly, and I need to go
[Sun Oct  1 19:30:59 2017] <dh`> here's my full solution with insertion sort, which is relatively tidy:
[Sun Oct  1 19:31:01 2017] <dh`> http://codepad.org/PWFPZzY4
[Sun Oct  1 19:33:16 2017] <Migi32> yeah that's *much* cleaner than my solution
[Sun Oct  1 19:34:36 2017] <rrika> looks pretty
[Sun Oct  1 20:20:45 2017] <rgrinberg> is there a way to make C-C C-n in proof general stop jumping lines?
[Sun Oct  1 20:20:57 2017] <rgrinberg> I want to write a few tactics in 1 line and it's annoying to have to jump back
[Sun Oct  1 21:05:06 2017] <rgrinberg> Suppose I have sorted (x :: y :: l), how can I prove sorted (x :: l)?
[Sun Oct  1 21:13:02 2017] <dh`> transitivity of <=
[Sun Oct  1 21:13:33 2017] <dh`> destruct l so you get x :: y :: a :: l', then you get x <= y, y <= a, so x <= a
[Sun Oct  1 21:13:44 2017] <dh`> (plus a trivial case)
[Sun Oct  1 21:23:12 2017] <buttbutter> Is there a command to print the proof of a theorem, given the theorem's name?
[Sun Oct  1 21:44:22 2017] <dh`> Print
[Sun Oct  1 21:44:34 2017] <dh`> well hmm, no, that prints the proof term
[Sun Oct  1 21:44:45 2017] <dh`> I think to get the tactic-language proof you need to UTSL
[Sun Oct  1 21:45:16 2017] <dh`> my question for the moment: is there a tactic that extracts everything congruence could prove and subst's it all?
[Sun Oct  1 21:45:45 2017] <dh`> this alternate bubble sort is full of really tedious a :: b :: c :: d = a' :: c' :: b' :: d' cases
[Sun Oct  1 21:49:46 2017] <buttbutter> UTSL?
[Sun Oct  1 21:49:56 2017] <benzrf> use the source luke
[Sun Oct  1 21:50:04 2017] <buttbutter> Ah :P
[Sun Oct  1 21:50:08 2017] <buttbutter> Bummer
[Sun Oct  1 21:50:19 2017] <benzrf> yeah
[Sun Oct  1 21:51:10 2017] <benzrf> this may be mistaken, but - my impression is that trying to find out the tactic proof of a theorem is like trying to find out the expression that generated a number
[Sun Oct  1 21:52:39 2017] <buttbutter> Is that bad or something?
[Sun Oct  1 21:53:27 2017] <buttbutter> I'm also having a bit of trouble understanding iffs that also involve implications, like in this exercise: http://lpaste.net/358880
[Sun Oct  1 21:53:33 2017] <benzrf> no i just mean that it's not part of the resulting data
[Sun Oct  1 21:53:48 2017] <buttbutter> So in the lemma there's an implication prior to the iff and I find it difficult to even parse.
[Sun Oct  1 21:53:59 2017] <modulus> that's clearly true, after all a possible proof script would be exact <insert proof term>
[Sun Oct  1 21:54:04 2017] <buttbutter> benzrf: Ah, right. I'd just like to look for didactic reasons.
[Sun Oct  1 21:54:15 2017] <modulus> right before you Qed though you can print the script if you want.
[Sun Oct  1 21:54:21 2017] <benzrf> yeah i didnt mean to imply that wasnt legit :V
[Sun Oct  1 21:54:24 2017] <modulus> or in mid-proof.
[Sun Oct  1 21:54:58 2017] <buttbutter> Print the script?
[Sun Oct  1 21:55:10 2017] <modulus> the tactics.
[Sun Oct  1 21:55:13 2017] <benzrf> buttbutter: "script" = "proof script" = "tactic code used to prove"
[Sun Oct  1 21:55:14 2017] <modulus> if you use Show Script.
[Sun Oct  1 21:55:17 2017] <modulus> in proof mode
[Sun Oct  1 21:55:23 2017] <buttbutter> Oh. Let me try.
[Sun Oct  1 21:55:25 2017] <benzrf> buttbutter: what are u having trouble with in the example
[Sun Oct  1 21:56:09 2017] <buttbutter> I don't even understand the proposition.
[Sun Oct  1 21:56:28 2017] <buttbutter> " (∀ a1 a2, beq a1 a2 = true ↔ a1 = a2) →
[Sun Oct  1 21:56:37 2017] <buttbutter> That bit, prior to the iff, is confusing to me.
[Sun Oct  1 21:56:50 2017] <buttbutter> Sorry if I'm not being explicit. I don't understand it so it's difficult :)
[Sun Oct  1 21:56:56 2017] <benzrf> its cool!
[Sun Oct  1 21:57:03 2017] <benzrf> it's saying that this beq function correctly decides whether two things are equal
[Sun Oct  1 21:57:14 2017] <buttbutter> Oh, right. Of course.
[Sun Oct  1 21:57:19 2017] <benzrf> :)
[Sun Oct  1 21:57:22 2017] <buttbutter> So it's just an assumption on the properties of beq.
[Sun Oct  1 21:57:25 2017] <benzrf> right
[Sun Oct  1 21:57:53 2017] <buttbutter> And it's an implication because that beq is then being used in the subsequent term with beq_list beq l_1 l_2.
[Sun Oct  1 21:58:43 2017] <buttbutter> Thanks for the help. now i gotta prove it :D
[Sun Oct  1 22:36:16 2017] <hop3> oh, thank you guys, Migi32, dh` and rrika, I'll check it out
[Sun Oct  1 22:45:03 2017] <rgrinberg> dh`: when i destruct on l, i don't get a <= equation in my assumptions, what gives?
[Sun Oct  1 22:49:13 2017] <hop3> rgrinberg: destructing l won't give you that
[Sun Oct  1 22:50:09 2017] <hop3> you have to destruct the leb comparison inside the function to get it
[Sun Oct  1 22:52:27 2017] <rgrinberg> hop3: how do i destruct the leb comparison?
[Sun Oct  1 22:53:27 2017] <hop3> are you trying to do the same bubblesort proof I posted earlier?
[Sun Oct  1 22:53:34 2017] <dh`> you need something like "destruct (x <=? y) eqn:H"
[Sun Oct  1 22:54:02 2017] <hop3> exactly, do a "simpl", "simpl bubble" or "unfold bubble" to see it better
[Sun Oct  1 22:54:13 2017] <dh`> that will give you H: x <=? y = true, which you can then convert to x <= y via PeanoNat.Nat.leb_le
[Sun Oct  1 22:54:48 2017] <dh`> or, for the other case, PeanoNat.Nat.leb_gt
[Sun Oct  1 22:54:51 2017] <rgrinberg> nope, i'm not trying to do anything with bubble sort or insert.
[Sun Oct  1 22:55:04 2017] <hop3> oh, sorry then
[Sun Oct  1 22:55:27 2017] <hop3> but it's just like what dh` said
[Sun Oct  1 22:55:32 2017] <dh`> what *are* you doing? :-)
[Sun Oct  1 22:55:54 2017] <dh`> * searches history for context, and fails
[Sun Oct  1 22:56:05 2017] <rgrinberg> just what I said I think. prove that removing the second element in a sorted list maintains sortnedness
[Sun Oct  1 22:56:08 2017] <hop3> ll
[Sun Oct  1 22:56:31 2017] <dh`> oh, there we go
[Sun Oct  1 22:56:40 2017] <dh`> well
[Sun Oct  1 22:56:57 2017] <dh`> what I meant was: you start with sorted (x :: y :: l)
[Sun Oct  1 22:57:06 2017] <dh`> in order to reason about this you need the head of l
[Sun Oct  1 22:57:11 2017] <dh`> so the first step is to destruct l.
[Sun Oct  1 22:57:19 2017] <dh`> that gives you one case with (x :: y :: a :: l0)
[Sun Oct  1 22:57:30 2017] <dh`> and another case with (x :: y :: [])
[Sun Oct  1 22:57:40 2017] <dh`> the second case is easy
[Sun Oct  1 22:57:50 2017] <rgrinberg> yup
[Sun Oct  1 22:57:51 2017] <dh`> since x :: [] is always sorted
[Sun Oct  1 22:58:16 2017] <dh`> for the first case you then need to mess with the definition of sorted to get x <= y, y <= a
[Sun Oct  1 22:58:37 2017] <dh`> inversion on the hypothesis that says it's sorted is the basic way to do that.
[Sun Oct  1 22:58:57 2017] <dh`> or if you're using the library's notion of sorted there are some lemmas
[Sun Oct  1 23:00:25 2017] <dh`> if you're using the sorted inductive that's been pasted tonight, then you might want to prove both "forall x xs: sorted (x :: xs) -> sorted xs" and "forall x y xs, sorted (x :: y :: xs) -> x <= y
[Sun Oct  1 23:00:32 2017] <dh`> "
[Sun Oct  1 23:00:40 2017] <dh`> (as separate lemmas)
[Sun Oct  1 23:01:10 2017] <dh`> you can almost always prove such bits inline, but it can get hairy and require bullets six deep and such
[Sun Oct  1 23:01:27 2017] <dh`> and occasionally it doesn't work.
[Sun Oct  1 23:01:27 2017] <rgrinberg> Thanks. Yeah, I'm getting lost after doing the inversion. context is looking messy
[Sun Oct  1 23:01:37 2017] <dh`> always do subst after inversion
[Sun Oct  1 23:01:42 2017] <dh`> inversion makes a huge mess.
[Sun Oct  1 23:02:09 2017] <dh`> in many contexts it's also worth just robotically typing "inversion; subst; try discriminate; try contradiction"
[Sun Oct  1 23:02:56 2017] <dh`> anyway, I have the other bubble sort done
[Sun Oct  1 23:04:39 2017] <hop3> oh, cool!
[Sun Oct  1 23:05:12 2017] <hop3> did you go with induction on sorted?
[Sun Oct  1 23:08:29 2017] <dh`> this one requires functional induction
[Sun Oct  1 23:16:19 2017] <hop3> is there no Nat.le_le_trans?
[Sun Oct  1 23:50:39 2017] <rgrinberg> dh`: functional induction? what's that
[Mon Oct  2 02:09:30 2017] <hop3> yay, I think I did it
[Mon Oct  2 02:16:50 2017] <hop3> I don't know too much about advanced tactics yet, so probably my proofs could be optimized
[Mon Oct  2 02:16:56 2017] <hop3> https://gist.github.com/anonymous/00548dbd3e719120888852c3ed83db29
[Mon Oct  2 02:17:37 2017] <hop3> and I'm still not sure if it's bubblesort indeed, lol
[Mon Oct  2 03:13:09 2017] <dh`> rgrinberg: if you have Function foo ... := code (instead of Fixpoint)
[Mon Oct  2 03:13:45 2017] <dh`> it generates a bunch of additional doodads, one of which is the ability to do "functional induction (foo args)" and induct over the matching cases in the function.
[Mon Oct  2 03:14:56 2017] <dh`> this version of bubblesort is definitely from hell:
[Mon Oct  2 03:14:58 2017] <dh`> http://codepad.org/OBfRB7fy
[Mon Oct  2 03:15:29 2017] <dh`> I have been working the past six hours on it and I can't get it to go
[Mon Oct  2 03:16:58 2017] <Cypi> What are you trying to prove on this? Correctness?
[Mon Oct  2 03:19:22 2017] <dh`> yeah
[Mon Oct  2 03:19:47 2017] <dh`> basically I nerdsniped myself by mumbling about whether insertion sort is really bubble sort
[Mon Oct  2 03:19:58 2017] <dh`> so I made a second version and then a third version
[Mon Oct  2 03:20:14 2017] <Cypi> First of all, you should probably use "Defined" instead of "Qed" in the code you pasted, just so that you can compute with your definition
[Mon Oct  2 03:20:26 2017] <Cypi> Then...I don't know yet, I'm looking at it!
[Mon Oct  2 03:20:31 2017] <dh`> which one?
[Mon Oct  2 03:20:51 2017] <dh`> oh, with the Function? oops
[Mon Oct  2 03:21:10 2017] <dh`> no wonder it was making me use rewrite twiddle_equation instead
[Mon Oct  2 03:22:20 2017] <dh`> I made a definition partlysorted:
[Mon Oct  2 03:22:20 2017] <dh`> Definition partlysorted (k: nat) (xs: list nat) :=
[Mon Oct  2 03:22:20 2017] <dh`>    sorted (chop k xs).
[Mon Oct  2 03:22:25 2017] <Cypi> In some cases you'll still need to use the equation, but at least it'll compute on a closed term
[Mon Oct  2 03:22:30 2017] <dh`> where chop k xs removes the first k elements of xs
[Mon Oct  2 03:22:55 2017] <Cypi> Yup, I have a similar definition, but I wrote it as an inductive one
[Mon Oct  2 03:23:10 2017] <dh`> so I tried to prove
[Mon Oct  2 03:23:11 2017] <dh`> Lemma twiddle_sorts:
[Mon Oct  2 03:23:11 2017] <dh`>    forall k xs,
[Mon Oct  2 03:23:11 2017] <dh`>    partlysorted (S k) xs ->
[Mon Oct  2 03:23:13 2017] <dh`>    partlysorted k (twiddle xs).
[Mon Oct  2 03:23:16 2017] <dh`> and that just won't go
[Mon Oct  2 03:23:23 2017] <Cypi> [I'm trying to adapt my code about the bubble sort that was pasted yesterday)
[Mon Oct  2 03:23:41 2017] <dh`> probably making partlysorted an inductive would help, I thought about that
[Mon Oct  2 03:24:30 2017] <Cypi> I don't know, it just felt more natural
[Mon Oct  2 03:26:28 2017] <dh`> it didn't to me, but maybe I was not thinking of it in the most productive way
[Mon Oct  2 03:26:38 2017] <dh`> anyhow I need to stop this, it's 3:30am and I need to make dinner
[Mon Oct  2 03:37:31 2017] <Cypi> dh` : alright, with minor modifications my proof still went through.
[Mon Oct  2 03:37:49 2017] <Cypi> 1) In case you didn't, using twiddle_ind helps
[Mon Oct  2 03:38:16 2017] <Cypi> 2) I don't know if it's necessary, but I used some easy lemmas about Permutation and Forall
[Mon Oct  2 03:38:58 2017] <Cypi> (mainly, that the result of twiddle is a Permutation of its input, that the head of a sorted list is smaller than the rest of the list, and that a Permutation preserved a Forall)
[Mon Oct  2 03:39:16 2017] <Cypi> each lemma has a proof of 4-5 lines, but it's still useful
[Mon Oct  2 03:40:03 2017] <Cypi> my guess is that the inductive "partlysorted" helped: I just had to do some inversions on it to get all the essential information I needed from it
[Mon Oct  2 04:07:07 2017] <dh`> curious
[Mon Oct  2 04:07:15 2017] <dh`> mine was terrible in all respects
[Mon Oct  2 04:07:50 2017] <dh`> maybe I'll try making an inductive partlysorted
[Mon Oct  2 04:10:23 2017] <Cypi> If it helps, I defined it as something like this: Inductive sorted_from : nat -> list nat -> Prop := | SF_O : forall l, sorted l -> sorted_from O l | SF_S : forall h l n, sorted_from n l -> sorted_from (S n) (h :: l).
[Mon Oct  2 04:10:30 2017] <Cypi> (name is different, but it's the same idea)
[Mon Oct  2 04:24:18 2017] <dh`> that doesn't actually make it sorted...?
[Mon Oct  2 04:24:58 2017] <dh`> oh, I see
[Mon Oct  2 04:25:03 2017] <Cypi> It makes it sorted starting from the n-th element. Same idea as your partlysorted
[Mon Oct  2 04:28:00 2017] <dh`> anyway I need to sleep
[Mon Oct  2 12:06:11 2017] <benzrf> hi!
[Mon Oct  2 12:06:25 2017] <benzrf> so i decided to have a go playing around with some basic smooth infinitesimal analysis in coq
[Mon Oct  2 12:07:10 2017] <benzrf> i just got finished proving that equality on the real line cannot be decidable, and the proof was pretty long - would anyone be willing to have a look & see if i missed any nice ways of making it shorter?
[Mon Oct  2 12:07:12 2017] <benzrf> https://gist.github.com/4a883cb5493e306ac391434b6fb246ad
[Mon Oct  2 12:07:44 2017] <benzrf> im busy rn so i cant stick around to talk about it, but if you have any feedback please feel free to comment on the gist or post it in the channel - i'll read logs when i get back!
[Mon Oct  2 12:27:39 2017] <Cypi> benzrf : fwiw, it looks good to me.
[Mon Oct  2 12:31:10 2017] <rgrinberg> dh`: thanks
[Mon Oct  2 13:42:40 2017] <rgrinberg> is there a way to to pattern match on a tuple in a lambda in coq?
[Mon Oct  2 13:42:46 2017] <rgrinberg> E.g. something like fun (x, y) =>
[Mon Oct  2 13:50:35 2017] <Cypi> There is some sugar for it, yes: "fun '(x, y) => ..."
[Mon Oct  2 13:51:12 2017] <Cypi> (only from 8.6 though)
[Mon Oct  2 13:54:44 2017] <rgrinberg> Cypi: ok thanks :)
[Mon Oct  2 13:55:03 2017] <rgrinberg> Also what's the difference between {| |} and { } when defining class instances. I see both forms being used.
[Mon Oct  2 15:47:50 2017] <benzrf> Cypi: i managed to make it a bit nicer though :) https://gist.github.com/8198ed2e47b82727efafdcc99519d8dc
[Mon Oct  2 15:50:13 2017] <Cypi> I mean, yeah, you've basically cut out a part of it in another lemma :p
[Mon Oct  2 15:50:43 2017] <Cypi> (another lemma which has an interest in itself it seems, so that's good, of course)
[Mon Oct  2 16:50:50 2017] <mietek> hi
[Mon Oct  2 16:51:05 2017] <mietek> what is the difference between Set and Type, in Coq?  is the answer supplied here correct?  https://cs.stackexchange.com/a/80737
[Mon Oct  2 18:57:18 2017] <wrengr> mietek: not really. Type is a rammified hierarchy (like Set in Agda), and Set is exactly identical to the first universe in that hierarchy
[Mon Oct  2 18:57:38 2017] <mietek> wrengr: I see, thanks.
[Mon Oct  2 18:58:32 2017] <wrengr> The textual token "Type" can refer to any (Type n). They use level inference to figure out what n should be. Whereas the textual token "Set" is always resolved to be (Type 0)
[Mon Oct  2 18:58:43 2017] <wrengr> (or Type 1, if you prefer 1-based indexing)
[Mon Oct  2 18:59:07 2017] <mietek> can you read Type@{Set+1} ?
[Mon Oct  2 18:59:23 2017] <mietek> obtained with  forall A : Set, A
[Mon Oct  2 18:59:26 2017] <wrengr> also, re Prop: another difference about Prop vs Set/Type is that data types in Prop do not have discrimination
[Mon Oct  2 19:01:08 2017] <wrengr> I haven't seen it written that way before...
[Mon Oct  2 19:01:58 2017] <mietek> I suppose it’s Type at the next level from whatever level Set is
[Mon Oct  2 19:02:07 2017] <mietek> but it’s slightly confusing if Set is definitely supposed to be Type 0
[Mon Oct  2 19:02:10 2017] <wrengr> "forall A:Set, A" can be considered syntactic sugar for "forall A:Type{0}, A" and we have the typing jusdement "|- (forall A:Type{0}, A) : Type{1}"
[Mon Oct  2 19:02:28 2017] <mietek> yes, that’s what I thought
[Mon Oct  2 19:02:46 2017] <wrengr> yeah, they might use the textual token "Set" as a placeholder for where the hierarchy of Type starts
[Mon Oct  2 19:03:25 2017] <wrengr> they prolly print it that way just to avoid the 0- vs 1-based indexing issue ;)
[Mon Oct  2 19:03:29 2017] <mietek> heh
[Mon Oct  2 19:05:42 2017] <mietek> what does the --parse-comments flag for coqdoc do?
[Mon Oct  2 19:10:03 2017] <wrengr> iirc, it's the Coq-equivalent of Haddock; though of course the markup syntax is a bit different
[Tue Oct  3 01:25:07 2017] <buttbutter> What does it mean to use the destruct tactic on hypotheses? For example, if I have H : (exists x : X, P x -> False) -> False as an hypothesis (with P : X -> Prop) I can write "destruct H". But unlike, say, writing destruct y with y : bool, this doesn't have an obvious "case-by-case" interpretation to me.
[Tue Oct  3 01:25:48 2017] <benzrf> buttbutter: a lot of tactics that operate on a type T will also operate on a function type that returns T
[Tue Oct  3 01:26:00 2017] <benzrf> and generate goals for the arguments
[Tue Oct  3 01:26:22 2017] <benzrf> so that will generate a goal for "exists x : X, P x -> False", feed that goal to H, and destruct the resulting False
[Tue Oct  3 01:26:53 2017] <benzrf> similarly, you can do [rewrite H] where H is a function type that results in an equality
[Tue Oct  3 01:27:10 2017] <benzrf> er... i _think_ thats correct anyway :)
[Tue Oct  3 01:27:32 2017] <benzrf> some of this stuff might be specific to when it can infer what the arguments should be, like doing a rewrite using something of type [forall n, n + 0 = 0]
[Tue Oct  3 01:28:32 2017] <dh`> you can supply arguments to rewrite, e.g. "rewrite H with (a := a) (b := xyz)"
[Tue Oct  3 01:28:36 2017] <buttbutter> That sort of makes sense. I'm not sure I understand what it means to destruct False.
[Tue Oct  3 01:28:44 2017] <buttbutter> False is just an absurd propsition, right?
[Tue Oct  3 01:28:45 2017] <dh`> and I think you can do that with destruct too
[Tue Oct  3 01:28:52 2017] <buttbutter> proposition*
[Tue Oct  3 01:29:12 2017] <Cypi> False is an inductive type with 0 constructors
[Tue Oct  3 01:29:18 2017] <Cypi> so when you destruct it, you get 0 subgoals
[Tue Oct  3 01:30:22 2017] <dh`> speaking of which I came across something annoying last night; I had a lemma of the form "forall a b c, stuff1 -> stuff2 -> forall x, stuff3
[Tue Oct  3 01:30:58 2017] <dh`> I tried to apply it in H: stuff2, and coq insisted on instantiating x instead of giving me H: forall x, stuff3
[Tue Oct  3 01:31:22 2017] <buttbutter> I guess I'm still a bit confused why the destruct results in a new goal of just trying to figure out the arguments to the function H.
[Tue Oct  3 01:31:24 2017] <dh`> is there a way to make it not do that?
[Tue Oct  3 01:32:46 2017] <dh`> (besides "assert (forall x, stuff3) by (apply foo; auto)")
[Tue Oct  3 01:33:56 2017] <dh`> oh also
[Tue Oct  3 01:34:16 2017] <Cypi> buttbutter: if you ask Coq to destruct "H : A -> False", then it will ask you to prove A, so that it can produce something of type False and destruct that something
[Tue Oct  3 01:34:22 2017] <dh`> cypi: I redid my 3rd bubblesort with your inductive and it worked (tsill kinda messy, six levels of bullets)
[Tue Oct  3 01:34:36 2017] <Cypi> which is why destructing your H should result in exactly one goal asking you to prove (exists x, P x -> False)
[Tue Oct  3 01:34:45 2017] <buttbutter> Cypi: Oh. I see! that makes sense.
[Tue Oct  3 01:34:54 2017] <dh`> it didn't need any special properties of it being an inductive, but it did show what I was doing wrong last night
[Tue Oct  3 01:35:15 2017] <buttbutter> So the new goal is sort of an intermediate to the destruct in the sense that you first need to prove the argument before the destruct can even take place.
[Tue Oct  3 01:35:26 2017] <buttbutter> So the "destruction" hasn't happened yet. Until you prove the new goal.
[Tue Oct  3 01:35:29 2017] <dh`> namely: I was allowing lists to be more sorted than their length
[Tue Oct  3 01:35:43 2017] <Cypi> Ah right, that might make things more annoying :)
[Tue Oct  3 01:35:49 2017] <dh`> this introduced enough imprecision to make things not go
[Tue Oct  3 01:36:05 2017] <Cypi> and yes, being an inductive doesn't bring anything essential, you could just re-prove the injectivity stuff and so on
[Tue Oct  3 01:36:12 2017] <dh`> right
[Tue Oct  3 01:36:16 2017] <dh`> didn't use any of it directly anyway
[Tue Oct  3 01:36:49 2017] <Cypi> buttbutter: depends on your definition of "hasn't happened yet", but if you were to destruct "A -> bool" for instance, then Coq would produce 3 subgoals
[Tue Oct  3 01:36:52 2017] <dh`> maybe I'll redo the non-inductive version analogously, it should not be substantively different.
[Tue Oct  3 01:37:07 2017] <Cypi> so you could first prove the subgoals after the destruct if you wished so
[Tue Oct  3 01:38:26 2017] <buttbutter> Cypi: One subgoal to prove A, and then one for each of the two constructors of bool?
[Tue Oct  3 01:38:33 2017] <Cypi> yes
[Tue Oct  3 01:38:55 2017] <buttbutter> And you can prove subgoals out of order?
[Tue Oct  3 01:39:04 2017] <Cypi> sure
[Tue Oct  3 01:39:08 2017] <buttbutter> Oh. How?
[Tue Oct  3 01:39:27 2017] <Cypi> You could use "Focus 3." to focus specifically on the third subgoal that you see
[Tue Oct  3 01:39:41 2017] <Cypi> You could also do stuff like "3: apply foo." to use a tactic on the 3rd subgoal
[Tue Oct  3 01:39:56 2017] <Cypi> You can also do "all: swap 1 3" to swap the first and the third subgoals
[Tue Oct  3 01:39:59 2017] <Cypi> lot of choices :)
[Tue Oct  3 01:40:05 2017] <dh`> except that doing that moves goal 3 to the top
[Tue Oct  3 01:40:08 2017] <buttbutter> Cool :D Thanks.
[Tue Oct  3 01:40:25 2017] <dh`> a while back I had a mess where I ended up with like 850 goals
[Tue Oct  3 01:40:47 2017] <dh`> which came in patterns, so I was trying to do things like 1,6,12,18: destruct H
[Tue Oct  3 01:40:58 2017] <dh`> it didn't really work out very well
[Tue Oct  3 01:41:31 2017] <Cypi> "3: apply foo." will not move goal 3 to the top
[Tue Oct  3 01:41:51 2017] <Cypi> "3,6,9: idtac." will move goals 6 and 9 right after goal 3.
[Tue Oct  3 01:42:19 2017] <Cypi> I know it's a problem with selectors on non-consecutive goals, but I couldn't figure out a heuristics that made sense. I'm open to reasonable suggestions x)
[Tue Oct  3 01:43:10 2017] <dh`> my suggestion would be to leave them alone, tbh
[Tue Oct  3 01:43:21 2017] <Cypi> Except that it doesn't make sense from a technical standpoint
[Tue Oct  3 01:43:24 2017] <dh`> if the goals are patterned, breaking the patterns up doesn't help; if they aren't, nothing helps
[Tue Oct  3 01:43:29 2017] <dh`> oh
[Tue Oct  3 01:43:31 2017] <dh`> pity
[Tue Oct  3 01:43:49 2017] <buttbutter> One more question: say I have something like "H : forall P : Prop, P \/ ~ P" as a hypothesis, along with M : Prop. Is there a tactic to apply H to get the claim M \/ ~M?
[Tue Oct  3 01:43:51 2017] <Cypi> The way tactics work, you have a bunch of goals under focus, you apply a tactic, you end up with another bunch of goals (which might be fewer or more goals, you don't know)
[Tue Oct  3 01:44:10 2017] <buttbutter> i.e. I don't know how to deal with the "forall" for hypothesis (for goals, it's easy).
[Tue Oct  3 01:44:11 2017] <Cypi> if you have more goals, where do you put them? If less? You can't even really relate them to the goals you had initially :/
[Tue Oct  3 01:44:12 2017] <dh`> buttbutter: specialize
[Tue Oct  3 01:44:24 2017] <dh`> e.g. specialize H with (P := M)
[Tue Oct  3 01:44:35 2017] <dh`> you can also write specialize (H M)
[Tue Oct  3 01:44:49 2017] <Cypi> also, "pose proof (H M)." if you don't want to lose hypothesis H
[Tue Oct  3 01:44:59 2017] <buttbutter> Perfect! :D
[Tue Oct  3 01:45:03 2017] <buttbutter> Thanks.
[Tue Oct  3 01:45:43 2017] <buttbutter> What's the best way to learn about all these tactics, by the way?
[Tue Oct  3 01:45:51 2017] <dh`> ideally you'd put the new goals where the old ones were in the list
[Tue Oct  3 01:46:04 2017] <Cypi> But you don't know from which goal they originated
[Tue Oct  3 01:46:15 2017] <Cypi> imagine a tactic which starts with "all: cycle" and then does a bunch of stuff
[Tue Oct  3 01:46:24 2017] <dh`> buttbutter: there's a page in the manual, which is probably the best available, but it's not really suitable for beginners
[Tue Oct  3 01:46:40 2017] <dh`> there are a thousand cheatsheets and tutorials, but you tend to have to mine them for ideas
[Tue Oct  3 01:46:49 2017] <dh`> cypi: uugh
[Tue Oct  3 01:46:50 2017] <dh`> I dunno :(
[Tue Oct  3 01:47:02 2017] <Cypi> basically, if there was a way to identify "single-goal" tactics, you could have a reasonable heuristics for them. But multi-goal tactics screw up everything :(
[Tue Oct  3 01:47:04 2017] <buttbutter> Yeah. I looked at the documentation and found it very difficult to understand.
[Tue Oct  3 01:47:24 2017] <Cypi> I agree the situation isn't really satisfactory though, multiple-goals selectors are only good when you actually solve your goals
[Tue Oct  3 01:47:48 2017] <dh`> it would be great if someone who isn't a phd logician rewrote the whole manual :-/
[Tue Oct  3 01:48:01 2017] <Cypi> buttbutter: I'm pretty sure a book like Software Foundations covers the most useful tactics
[Tue Oct  3 01:48:16 2017] <Cypi> There is also this page https://coq.inria.fr/refman/tactic-index.html which is worth to glance over, when you need something
[Tue Oct  3 01:48:27 2017] <Cypi> sometimes tactics names make sense
[Tue Oct  3 01:48:41 2017] <buttbutter> Cypi: That's what I'm working through, actually.
[Tue Oct  3 01:49:11 2017] <buttbutter> But I found that a lot of the tactics aren't sufficiently explained. Or they are at first for simple cases, but then they--for example--start using destruct on functions without really explaining what's going on.
[Tue Oct  3 01:49:27 2017] <dh`> actually you know what might work better is a way to group goals
[Tue Oct  3 01:49:43 2017] <Cypi> What do you mean?
[Tue Oct  3 01:49:56 2017] <dh`> something like "group 1 2 3 4 5 as XYZ"
[Tue Oct  3 01:50:08 2017] <dh`> then maybe "Focus XYZ" to see just those goals
[Tue Oct  3 01:50:26 2017] <dh`> or XYZ: foo to apply a tactic to all of them
[Tue Oct  3 01:50:40 2017] <dh`> it would probably be a fairly big deal to implement that
[Tue Oct  3 01:51:19 2017] <Cypi> Basically, the tactics engine isn't made to focus on a non-consecutive list of goals, that's the main problem
[Tue Oct  3 01:51:38 2017] <Cypi> for the same reason as before: you don't know what to do with the goals you get at the end
[Tue Oct  3 01:52:29 2017] <dh`> making the list into a tree so you can group related things is kind of a workaround for that, maybe
[Tue Oct  3 01:52:32 2017] <dh`> I dunno, I'm thinking out loud
[Tue Oct  3 01:53:11 2017] <Cypi> I mean, I could imagine implementing what you meant, by literally putting aside these goals or something (removing them from the main focus, like a shelved evar)
[Tue Oct  3 02:02:23 2017] <dh`> you'd want to be able to name the groups, though
[Tue Oct  3 02:03:32 2017] <dh`> maybe make the goal list into a tree of groups, where you can move up and down by focusing, and only expose the current group at any one time
[Tue Oct  3 02:03:36 2017] <dh`> so things like cycle only affect it
[Tue Oct  3 02:13:10 2017] <dh`> relatedly, normally if you do something that produces additional goals, they end up after the original goal; is there a way or mode to cause them to appear first?
[Tue Oct  3 02:13:52 2017] <dh`> I'm guessing not, but often it seems more natural to dispatch them first and you can't always just do e.g. apply foo; try discriminate
[Tue Oct  3 02:14:24 2017] <dh`> and manipulating them explicitly by number if you don't have to feels fragile
[Tue Oct  3 11:44:09 2017] <rgrinberg> On this page https://softwarefoundations.cis.upenn.edu/draft/qc-current/Typeclasses.html can someone help me out with exercise 4 (Dec_All). I'd like to see what the instance declaration would look like for "Dec for All P l, given that P a is decidable for every a."
[Tue Oct  3 11:44:20 2017] <rgrinberg> I can write the instance myself. Just need the declaration.
[Tue Oct  3 12:26:44 2017] <anton-trunov> it should be something like this:
[Tue Oct  3 12:26:47 2017] <anton-trunov> Instance Dec_All `{P : A -> Prop} {H : forall a, Dec (P a)} (l : list A) : Dec (All P l).
[Tue Oct  3 15:31:28 2017] <benzrf> it's not provable that theres a surjection from (nat -> bool) to nat, right?
[Tue Oct  3 16:45:25 2017] <Migi32> hi. Is there a reason why "Qed." is used in the standard library instead of "Defined."?
[Tue Oct  3 16:45:30 2017] <Migi32> I'm reading about well-founded recursion (http://adam.chlipala.net/cpdt/html/GeneralRec.html), which says that you have to use "Defined" in proofs of well-foundedness so that you can do recursion "on the structure of Acc proofs"
[Tue Oct  3 16:45:35 2017] <Migi32> but doesn't that mean you can't use any theorems from the standard library in those well-foundedness proofs? They all end in Qed, not Defined.
[Tue Oct  3 18:31:59 2017] <steck> quelqu'un est ici?
[Tue Oct  3 18:34:38 2017] <steck> le canal est mort?
[Tue Oct  3 18:35:09 2017] <benzrf> Migi32: u probably dont need to do that kind of recursion on most proofs
[Tue Oct  3 18:36:40 2017] <Migi32> yeah you're probably right
[Tue Oct  3 19:53:17 2017] <rgrinberg> say i have 2 assumptions a: A and forall x:A, P x, how do apply my 1st assumption to the 2nd?
[Tue Oct  3 19:54:01 2017] <benzrf> rgrinberg: you can write the expression x a
[Tue Oct  3 19:54:15 2017] <benzrf> or if you want to effect a change to the proof state, you have a couple of options depending on what you want the change to be
[Tue Oct  3 20:03:23 2017] <rgrinberg> benzrf: what are those options?
[Tue Oct  3 20:03:38 2017] <rgrinberg> suppose i just want to add the result as a new assumption for example
[Tue Oct  3 20:04:25 2017] <modulus> i think pose does that.
[Tue Oct  3 20:04:29 2017] <benzrf> rgrinberg: one way to do that would be [pose (NewAssumption:=x a)]
[Tue Oct  3 20:04:35 2017] <benzrf> im not sure if theres a specific way
[Tue Oct  3 20:04:45 2017] <benzrf> pose in general lets you add a definition
[Tue Oct  3 20:06:07 2017] <rgrinberg> benzrf: thanks
[Tue Oct  3 20:06:14 2017] <benzrf> rgrinberg: you can also do [specialize (x a)] to move to [x : P a]
[Tue Oct  3 20:06:25 2017] <benzrf> or [apply x in a] to move to [a : P a]
[Tue Oct  3 20:06:29 2017] <benzrf> er, wait, that would fail i think
[Tue Oct  3 20:06:33 2017] <benzrf> since youd be overwriting the thing it's referring to
[Tue Oct  3 20:06:35 2017] <benzrf> np
[Tue Oct  3 20:06:46 2017] <modulus> specialize loses the thing though, doesn't it?
[Tue Oct  3 20:08:46 2017] <rgrinberg> in my proof context, how come my NewAssumption is written with := rather than : like other ones?
[Tue Oct  3 20:09:11 2017] <benzrf> rgrinberg: the context can have both "hypotheses" and "local definitions"
[Tue Oct  3 20:09:21 2017] <benzrf> hypotheses correspond to function arguments; you only know their type
[Tue Oct  3 20:09:43 2017] <benzrf> local definitions correspond to bindings created using things like let; you can always expand them
[Tue Oct  3 20:11:00 2017] <rgrinberg> benzrf: i see. thanks again
[Tue Oct  3 20:11:43 2017] <benzrf> np
[Tue Oct  3 20:22:41 2017] <rgrinberg> Suppose, I have this notation {P} + {~ P}, how would I use proof general/company coq to look up what it means?
[Tue Oct  3 20:22:57 2017] <rgrinberg> I actually know what it means in this coq, but i had to google it. Wondering how can I find this out inside emacs
[Tue Oct  3 20:31:07 2017] <benzrf> rgrinberg: [Print "{ _ } + { _ }"]
[Tue Oct  3 20:31:47 2017] <rgrinberg> benzrf: sweet :)
[Tue Oct  3 20:31:53 2017] <benzrf> note that u need the extra spaces there
[Tue Oct  3 20:32:05 2017] <benzrf> im not sure what the details are of what itll recognize and what it wont
[Tue Oct  3 20:32:12 2017] <benzrf> it looks like [Print "exists _, _"] doesn't work
[Tue Oct  3 20:32:14 2017] <benzrf> shrug
[Tue Oct  3 20:32:25 2017] <rgrinberg> this also worked with Locate as well. awesome
[Tue Oct  3 20:32:30 2017] <benzrf> :)
[Tue Oct  3 20:32:46 2017] <benzrf> lol i hadnt even heard of locate
[Tue Oct  3 20:33:17 2017] <rgrinberg> another quick one, suppose i have an assumption ~ P x and a goal P x. how do i make coq see the contradiction?
[Tue Oct  3 20:33:32 2017] <rgrinberg> i tried congruence but it didn't work
[Tue Oct  3 20:33:55 2017] <modulus> contradiction
[Tue Oct  3 20:35:14 2017] <rgrinberg> hmm, that doesn't work either. One thing to note is that my assumption is of the form ~ All p l, while the goal is of the form (fix All ... := ..) A p l)
[Tue Oct  3 20:35:37 2017] <rgrinberg> coq expanded it like that because of a previous unfold, but it's still equivalent
[Tue Oct  3 20:35:47 2017] <benzrf> rgrinberg: assumption ~P x and goal P x isnt solvable
[Tue Oct  3 20:36:01 2017] <benzrf> consider: [Goal ~False -> False]
[Tue Oct  3 20:36:27 2017] <rgrinberg> shouldn't this be enough to tell goal that this case is impossible?
[Tue Oct  3 20:36:41 2017] <benzrf> im not sure what youre asking
[Tue Oct  3 20:37:37 2017] <rgrinberg> here's my proof context
[Tue Oct  3 20:37:37 2017] <rgrinberg> https://gist.github.com/rgrinberg/0a5931d1d28f2903a904c66e183495f9
[Tue Oct  3 20:39:14 2017] <benzrf> so you're trying to prove something false
[Tue Oct  3 20:40:12 2017] <rgrinberg> yup
[Tue Oct  3 20:40:20 2017] <benzrf> if we know that [~All P l] is the case, we certainly can't prove [All p l]
[Tue Oct  3 20:40:25 2017] <benzrf> not unless we have a contradiction
[Tue Oct  3 20:40:31 2017] <benzrf> where's the contradiction?
[Tue Oct  3 20:41:14 2017] <rgrinberg> good point.. i thought what i had was already a contradiction
[Tue Oct  3 20:41:24 2017] <benzrf> :p easy misatake to make if you get lost in the notation
[Tue Oct  3 20:50:20 2017] <rgrinberg> ah fuck it... no idea how to proceed here. Here's what i got so far
[Tue Oct  3 20:51:00 2017] <rgrinberg> https://gist.github.com/rgrinberg/ed9f821e4214427be323e72530bccb80
[Tue Oct  3 21:54:00 2017] <rgrinberg> looks like the tauto tactic is what i was looking for...
[Tue Oct  3 22:03:01 2017] <rgrinberg> of course, that's not very satisfying as I have no idea how tauto works. So I'd like to understand that, and perhaps figure out how to do it the long way (without tauto).
[Tue Oct  3 22:03:04 2017] <rgrinberg> here's my fool proof
[Tue Oct  3 22:03:37 2017] <rgrinberg> https://gist.github.com/rgrinberg/85ece1635aec8312273008f9807346e9
[Tue Oct  3 23:32:19 2017] <piyush-k`> I asked this before but did not get an answer. Is there a way by which I can add an import Foo line in the extracted haskell code.
[Tue Oct  3 23:32:30 2017] <piyush-k`> ?
[Tue Oct  3 23:41:39 2017] <benzrf> dont personally know sorry :\
[Wed Oct  4 01:01:06 2017] <rgrinberg> jrw: in this post: https://homes.cs.washington.edu/~jrw12/InductionExercises.html what is this general helper lemma that you're referring to? is part of the exercise coming up with it? My first stab at it is something like n + sum l = sum_tail' l n but i'm not sure...
[Wed Oct  4 01:02:00 2017] <jrw> rgrinberg: to be clear, there will be a different "helper lemma" for each exercise. yours looks good to me.
[Wed Oct  4 01:03:01 2017] <rgrinberg> jrw: thank you!
[Wed Oct  4 01:25:38 2017] <rgrinberg> Is there a way to make unfold a little smarter? When I fold a recursive definition it will paste the entire definition and the arguments that it applies to it
[Wed Oct  4 01:25:42 2017] <rgrinberg> but that's not really necessary...
[Wed Oct  4 01:40:12 2017] <rgrinberg> Also, is there a rewrite rule for something like n + x = n + y => x = y
[Wed Oct  4 01:42:18 2017] <rgrinberg> Think I found it.Plus.plus_reg_l
[Wed Oct  4 05:35:49 2017] <anton-trunov> Is there a publicly available archive/log for this channel?
[Mon Oct  9 07:42:45 2017] <lfish> Hello. I need some help with this. http://lpaste.net/359064 . Thanks!
[Mon Oct  9 08:02:32 2017] <Cypi> lfish : by using these two lemmas, it should be easier http://lpaste.net/359074
[Mon Oct  9 08:04:00 2017] <Cypi> (the first one is just to be able to destruct on the end side of a list; the second one generalizes properly emlist_of_list so that you get a useful induction hypothesis)
[Mon Oct  9 08:07:18 2017] <Cypi> [actually, "Lemma dest_snoc : forall {X : Type} (l : list X) (x : X), exists x' l', x :: l = l' ++ [x']." could be even easier to use]
[Mon Oct  9 08:08:45 2017] <lfish> Cypi: while trying to build the evidence I run a couple of times into trying to define functions with no decreasing argument. Is the limitation in the length of the list in the second lemma related to that?
[Mon Oct  9 08:09:35 2017] <Cypi> I am not sure I understand your first sentence. The "length l < n" is because it makes more sense in this case to do an induction on the length of the list
[Mon Oct  9 08:10:30 2017] <Cypi> if you use the EMcons constructor, then you need an induction hypothesis that talks about the "middle" of your list. The "middle" of your list is not a subterm of your list, it is just some shorter list
[Mon Oct  9 08:10:41 2017] <Cypi> hence the induction on the length of the list instead of doing it on the list itself
[Mon Oct  9 08:13:15 2017] <lfish> Oh, I understand now, thank you
[Mon Oct  9 10:41:30 2017] <Migi32> how hesitant should I be to add more axioms, like the law of excluded middle?
[Mon Oct  9 10:41:46 2017] <Migi32> so far I've avoided adding any axioms, but I'm wondering if I'm just wasting my time
[Mon Oct  9 10:45:14 2017] <Migi32> I've read the FAQ which proposes a whole bunch of possible axioms to add, but if I understand correctly, the law of excluded middle seems to imply most of those other axioms
[Mon Oct  9 10:45:22 2017] <modulus> i would say if you're going to be hesitant that's one you should be hesitant about, since it is quite strong. negative sides of it are that you don't get constructive proofs.
[Mon Oct  9 10:46:07 2017] <modulus> if you're not going to compute with the proofs i guess it doesn't matter too much.
[Mon Oct  9 10:51:04 2017] <Migi32> I'm not entirely sure what "computing with proofs" even means. Do you mean that if someone wrote a proof in coq of Goldbach's conjecture, without using any additional axioms, that no matter how that proof is written, you could ask coq to compute the 2 primes that add up to the given even integer?
[Mon Oct  9 10:52:17 2017] <Cypi> yes
[Mon Oct  9 10:56:20 2017] <modulus> doesn't mean the computation will be fast or even feassible for very large nats though -)
[Mon Oct  9 11:00:20 2017] <Migi32> I see. That's pretty cool actually.
[Mon Oct  9 13:24:29 2017] <Chobbes> Let's say I have an indexed type, like a vector, and I have a function which creates a vector `(Vec A (f n))`, but I know that `f n = n`, and I want to simplify this. Is there a good way to do that?
[Mon Oct  9 13:26:36 2017] <Cypi> There is no magical way. From your function that creates a `Vec A (f n)` and a proof of `f n = n`, you can build a function which returns a `Vec a n` using some rewriting
[Mon Oct  9 13:27:03 2017] <Cypi> but the rewriting can make using your function a bit more difficult
[Mon Oct  9 13:27:31 2017] <Chobbes> Cypi: yeah, so I have done this using tactics, which generates some expression using eq_rec.
[Mon Oct  9 13:27:47 2017] <Chobbes> But then proving properties about this new function is proving problematic.
[Mon Oct  9 13:27:47 2017] <Cypi> yup, eq_rec is what I called rewriting
[Mon Oct  9 13:28:46 2017] <Chobbes> Cypi: do you know if there are any docs about eq_rec?
[Mon Oct  9 13:29:11 2017] <Chobbes> I can't seem to find it. eq_rect comes up a lot, but I'm pretty sure that's different.
[Mon Oct  9 13:29:20 2017] <Cypi> I don't think there is specifically. It is just the induction principle for the equality type
[Mon Oct  9 13:29:34 2017] <Cypi> and no, eq_rec is defined as eq_rect, it just goes to Set instead of Type
[Mon Oct  9 13:29:39 2017] <Cypi> (you can "Print eq_rec.")
[Mon Oct  9 13:30:03 2017] <Chobbes> Oh I see.
[Mon Oct  9 13:31:26 2017] <Chobbes> What does "rect" even stand for? I know '_rect' functions are generated for each inductive type for the induction principle but I always read it as "rectangle" or something, and I think that's wrong.
[Mon Oct  9 13:32:02 2017] <Cypi> I am pretty sure that "rec" stands for "recursion", and then "rect" stands for "recursion, but in Type"
[Mon Oct  9 13:32:06 2017] <Cypi> might be wrong
[Mon Oct  9 13:32:37 2017] <Chobbes> Aha! That's what CPDT says as well :). Okay, thanks.
[Mon Oct  9 13:45:59 2017] <Chobbes> I feel like this might be the kind of scenario where `JMeq_eq : forall (A : Type) (x y : A), x ~= y -> x = y` may cause problems. Hmmmm.
[Mon Oct  9 14:32:01 2017] <dh`> cypi: I too am curious about that fib thing; did you see the solution I posted a couple days back?
[Mon Oct  9 14:32:54 2017] <Cypi> I didn't see the solution, no. But I found my own which was easy enough that I was surprised
[Mon Oct  9 14:32:59 2017] <Cypi> (it only takes a few lines)
[Mon Oct  9 14:33:20 2017] <dh`> huh, mine's not that simple
[Mon Oct  9 14:33:22 2017] <Cypi> (and it's quite natural, just state the invariant)
[Mon Oct  9 14:34:02 2017] <dh`> it's here if you're curious: http://codepad.org/nsQpyeHY
[Mon Oct  9 14:34:22 2017] <Cypi> thanks
[Mon Oct  9 14:34:40 2017] <Cypi> ah yes, definitely simpler :)
[Mon Oct  9 14:34:42 2017] <dh`> it is not short, but it should at least be easy to follow
[Mon Oct  9 14:34:44 2017] <Cypi> let me take that again
[Mon Oct  9 14:36:54 2017] <dh`> the reason it's hard is that the invariant is confusing
[Mon Oct  9 14:37:23 2017] <Cypi> not really though :p http://lpaste.net/359084
[Mon Oct  9 14:38:24 2017] <Cypi> but that's nearly what you wrote as your first lemma
[Mon Oct  9 14:39:11 2017] <dh`> I dunno, it has one too many moving parts to be clear to me, or something
[Mon Oct  9 14:39:39 2017] <dh`> that first lemma of mine is actually a condensation of three steps when I started out
[Mon Oct  9 14:39:54 2017] <Cypi> The way I understand "fib_tail' m a b" is that it advances the sequence by m steps
[Mon Oct  9 14:40:10 2017] <Cypi> so if a is "fib (S n)" and b is "fib n", it returns the (n+m)-th term of the sequence
[Mon Oct  9 14:40:14 2017] <Cypi> that's all you need
[Mon Oct  9 14:40:34 2017] <dh`> yes... once you figure that out
[Mon Oct  9 14:40:57 2017] <Cypi> Ah right. Sorry, I thought he meant the proof itself was convoluted. Sure, it takes some time to get to that point
[Mon Oct  9 14:41:07 2017] <dh`> well, he might have :-)
[Mon Oct  9 14:41:14 2017] <dh`> now I definitely want to see his...
[Mon Oct  9 14:42:30 2017] <dh`> I should also do the expression continuations one, it is possibly comparable to something I spent ages beating my head against last spring
[Mon Oct  9 16:25:03 2017] <Steverman> Hi, totally new to Coq and functional programming, so the syntax is new to me. I have a question that might not make sense, but that's most likely because I'm not understanding all of it 100%. I am doing Basics.v exercises from "Software Foundations", and I was wondering if the proofs for the theorems I do have many approaches? I have written 3 proofs for: 'Theorem andb_true_elim2 : forall b c : bool, andb b c =
[Mon Oct  9 16:25:04 2017] <Steverman> true -> c= true'
[Mon Oct  9 16:30:19 2017] <pmetzger> It is often the case in SF that there are several obvious proof techniques.
[Mon Oct  9 16:32:49 2017] <pmetzger> (And in general it is often the case that there are many ways to prove a given theorem. This brings up the question of proof irrelevance. Don't worry about that yet.)
[Mon Oct  9 16:33:03 2017] <Steverman> Aha
[Mon Oct  9 16:34:02 2017] <Steverman> Can I PM you my 3 solutions? I want to get some feedback on my "style" of proofs
[Mon Oct  9 17:11:35 2017] <hio> why yet another language?
[Mon Oct  9 17:11:45 2017] <hio> cant you just make a c library? i dont get it
[Mon Oct  9 17:13:45 2017] <Steverman> Eh?
[Mon Oct  9 17:14:57 2017] <hio> the "convenience" of a DSL doesnt really trump the added cost of an entire new toolchain and effort of learning a language
[Mon Oct  9 17:22:25 2017] <pmetzger> Steverman: my own proofs usually look like mojibake. I wouldn't rely on me for style tips. :)
[Mon Oct  9 17:22:37 2017] <Steverman> Alright :)
[Mon Oct  9 17:22:54 2017] <pmetzger> But if your proofs check, the computer has told you they're correct at least.
[Mon Oct  9 17:23:04 2017] <Steverman> Then it's no problem?
[Mon Oct  9 17:23:46 2017] <Steverman> I mean I used the shorthand intros [] [] H., then for each subgoal: -rewrite <- H. reflexivity.
[Mon Oct  9 17:23:50 2017] <Steverman> Surprised that it worked
[Mon Oct  9 17:25:38 2017] <Steverman> Me pretty much right now: https://i.pinimg.com/236x/4f/54/29/4f5429df5ea6361fa8d3f08dfcdccdf9--programmer-humor-computer-engineering.jpg
[Mon Oct  9 17:39:02 2017] <pmetzger> Steverman: So not understanding what's going on is a problem. You should try to understand if you can.
[Mon Oct  9 17:39:22 2017] <Steverman> I suppose
[Mon Oct  9 17:39:24 2017] <pmetzger> BTW, 2/3 of the time I just do "intros" and let the thing name my variables and hypotheses whatever it wants to. :)
[Mon Oct  9 17:39:42 2017] <Steverman> SF said it's bad practice :P
[Mon Oct  9 17:39:45 2017] <pmetzger> Have you tried watching any of the DSSS'17 videos btw?
[Mon Oct  9 17:40:31 2017] <pmetzger> SF is almost certainly right that it is bad practice when you are trying to understand a complicated proof. And it is probably correct that it is a bad habit to be in. None the less, I often just do "intros."
[Mon Oct  9 17:40:36 2017] <pmetzger> Laziness.
[Mon Oct  9 17:43:54 2017] <pmetzger> Anyway, if you don't understand why something worked or didn't work, try out more examples. Or ask people.
[Mon Oct  9 18:18:03 2017] <Steverman> pmetzger: I tried
[Mon Oct  9 18:18:38 2017] <Steverman> That was for the youtube vids
[Mon Oct  9 18:18:38 2017] <pmetzger> You tried what? :)
[Mon Oct  9 18:19:08 2017] <pmetzger> Anyway, if there's something you don't understand, pastebin it and ask people to look and explain as best as they can.
[Mon Oct  9 18:19:08 2017] <Steverman> Yeah, maybe I shouldn't use shorthand notations
[Mon Oct  9 18:20:54 2017] <Steverman> my take(s) on this the problem: https://pastebin.com/ernn9U45
[Mon Oct  9 18:21:20 2017] <Steverman> -this*
[Mon Oct  9 18:24:57 2017] <Steverman> From what I've read, using 'intros []' (unnamed arguments?) will just generates subgoals from destructed arguments
[Mon Oct  9 18:56:03 2017] <pmetzger> what's your question?
[Mon Oct  9 18:56:15 2017] <pmetzger> you can do "intros.", no need for []
[Mon Oct  9 18:56:28 2017] <pmetzger> if you're not going to name things.
[Mon Oct  9 18:56:42 2017] <Steverman> I didn't know
[Mon Oct  9 18:57:05 2017] <Steverman> I've only read what was on the basics chapter
[Mon Oct  9 18:57:46 2017] <pmetzger> But what's the question? what part of your proof don't you understand (taking the first version)
[Mon Oct  9 18:59:03 2017] <Steverman> I suppose nothing then. if they all "check", then they're all valid?
[Mon Oct  9 19:01:45 2017] <pmetzger> well yes. but do you understand how they each work?
[Mon Oct  9 19:02:31 2017] <pmetzger> if "Qed." works, it means the checker says the proof is fine. It is possible, but very rare, that bugs in the tactic system could cause Qed to fail. You are unlikely to see this in the course of working through Software Foundations.
[Mon Oct  9 19:03:11 2017] <pmetzger> In mathematics there are sometimes hundreds of known proofs for a _complicated_ proposition. There are whole books of proofs of the pythagorean theorem for example.
[Mon Oct  9 19:03:32 2017] <pmetzger> though all these proofs you have are nearly the same, the differences are superficial.
[Mon Oct  9 19:03:32 2017] <Steverman> Right
[Mon Oct  9 19:03:56 2017] <Steverman> There is no preferred way?
[Mon Oct  9 19:04:35 2017] <pmetzger> What's the preferred proof of the pythagorean theorem?
[Mon Oct  9 19:04:50 2017] <Steverman> I see your point :)
[Mon Oct  9 19:05:52 2017] <pmetzger> stylistically, a proof _script_ can be clean or incomprehensible. and if you continue with coq, you'll learn that there are styles of proof for complicated things that are more and less fragile in that they'll be more or less likely to break if definitions change a bit.
[Mon Oct  9 19:06:01 2017] <pmetzger> But at this stage, concentrate on learning fundamentals and not style.
[Mon Oct  9 19:06:28 2017] <Steverman> I have a legit question though. The last question in exercise 3 (bottom page) https://softwarefoundations.cis.upenn.edu/lf-current/Basics.html
[Mon Oct  9 19:07:21 2017] <Steverman> This exactly: 'Notice that incrementing a binary number and then converting it to unary should yield the same result as first converting it to unary and then incrementing.' I can't really wrap my head around what he's saying. Am I supposed to be able to convert to unary, then use 'incr' on a nat?
[Mon Oct  9 19:07:50 2017] <pmetzger> okay, so you get that there are many representations of numbers, yes?
[Mon Oct  9 19:08:04 2017] <Steverman> Because I have defined it like this: (b : bin) : bin
[Mon Oct  9 19:08:08 2017] <Steverman> Yes
[Mon Oct  9 19:08:15 2017] <pmetzger> you can represent the same number in base 10, base 8, base 2, balanced ternary notation, roman numerals, etc.
[Mon Oct  9 19:08:29 2017] <pmetzger> So if you do math in any of these representations you should come out with the same answers.
[Mon Oct  9 19:08:55 2017] <pmetzger> if you convert from base 2 to base 10, add 1, and convert back to base 2, that should be the same as staying in base 2 and incrementing, yes?
[Mon Oct  9 19:09:09 2017] <pmetzger> so: 'Notice that incrementing a binary number and then converting it to unary should yield the same result as first converting it to unary and then incrementing.'
[Mon Oct  9 19:09:11 2017] <pmetzger> that should be obvious.
[Mon Oct  9 19:09:36 2017] <pmetzger> you can convert before or after doing a mathematical operation and it should have no effect on the final answer. converting and incrementing should commute.
[Mon Oct  9 19:09:45 2017] <pmetzger> if they don't you have a bug.
[Mon Oct  9 19:10:29 2017] <Steverman> Oh okay, so I just need to write a function that translates it back to bin
[Mon Oct  9 19:10:47 2017] <Steverman> If I want to verify
[Mon Oct  9 19:10:47 2017] <pmetzger> that's not demanded here.
[Mon Oct  9 19:11:07 2017] <pmetzger> it is only demanding binary to unary
[Mon Oct  9 19:12:27 2017] <Steverman> I see
[Mon Oct  9 19:12:50 2017] <pmetzger> but you get that incrementing and converting should commute, right?
[Mon Oct  9 19:12:57 2017] <pmetzger> the order of those operations should make no difference.
[Mon Oct  9 19:13:23 2017] <Steverman> Yes
[Mon Oct  9 19:14:02 2017] <pmetzger> so doing things both ways should always yield an equal result.
[Mon Oct  9 19:14:53 2017] <pmetzger> you should even be able to prove that, that is, for all x : Binary, [fill in statement....]
[Mon Oct  9 19:15:07 2017] <pmetzger> though at this stage I don't remember if you have all the tools you need for an inductive proof of that.
[Mon Oct  9 19:15:31 2017] <Steverman> Induction is in the next chapter  I believe
[Mon Oct  9 19:16:03 2017] <pmetzger> You need proof by induction to prove things about infinite sets, at least usually. Well, "sets", they're really types given that this is type theory but YKWIM.
[Mon Oct  9 19:18:37 2017] <Steverman> It has been a while since I've done one
[Mon Oct  9 19:20:49 2017] <Steverman> I have 'Functional Programming' as a course, and got Lambda Calculus and Coq.
[Mon Oct  9 19:21:27 2017] <Steverman> I suppose it makes sense on a Masters level CompSci
[Tue Oct 10 03:09:42 2017] <hio> There are so many proof assistants, i dont know how to choose!
[Tue Oct 10 03:10:04 2017] <hio> People say that Coq is too hard
[Tue Oct 10 03:47:04 2017] <dh`> hard for what?
[Tue Oct 10 03:52:23 2017] <hio> for its intended purpose, to learn and use quickly to develop proofs
[Tue Oct 10 04:25:46 2017] <cq1> Let's say I've defined nat' identically to nat. I presume there's no way of proving forall P : Set -> Prop, (P nat) -> (P nat')?
[Tue Oct 10 06:27:12 2017] <f8l> hio: I’m learning from ‘Software Foundations’. I find the entry level very low. I tried to learn ATS earlier from some tutorial, and despite having experience with C (ATS is similar to C) I felt lost. It all depends on the learning materials you choose for yourself.
[Tue Oct 10 06:29:31 2017] <hio> you mean this? http://adam.chlipala.net/cpdt/
[Tue Oct 10 06:30:19 2017] <f8l> No.
[Tue Oct 10 06:31:23 2017] <f8l> https://softwarefoundations.cis.upenn.edu/
[Tue Oct 10 08:03:11 2017] <Cypi> cq1: you are right, without additional axioms you can't prove this (consider for instance "P := fun (S : Set) => S = nat")
[Tue Oct 10 08:03:44 2017] <Cypi> if you think this would be natural to be able to prove this, then univalence is the axiom for you and you could take a look at Homotopy Type Theory
[Tue Oct 10 09:01:11 2017] <schoppenhauer> is it a good idea to create opam packages from my phd project?
[Tue Oct 10 09:01:30 2017] <schoppenhauer> and if so: is there a detailled documentation on how to create an opam-coq-package?
[Tue Oct 10 09:01:58 2017] <schoppenhauer> because opam seems to be rather for ocaml
[Tue Oct 10 19:12:09 2017] <cq1> Cypi: Thanks. I didn't consider such a proposition. Is there a name for the idea that two identical inductives should be equal, analogous to functional extensionality?
[Tue Oct 10 19:12:36 2017] <Cypi> The idea that two equivalent types should be equal is univalence
[Tue Oct 10 19:13:07 2017] <Cypi> this is a kind of functional extensionality but for types (it also implies functional extensionality)
[Tue Oct 10 19:14:06 2017] <cq1> What is "equivalent"? Does it have some definition inside of our logic, or is it a meta notion, like "these inductives differ only by reordering constructors, alpha-renaming, etc."?
[Tue Oct 10 19:15:13 2017] <Cypi> It is a definition inside the logic. Basically, A et B are equivalent if there is a function f : A -> B such that there is a function g : B -> A which is inverse of f
[Tue Oct 10 19:15:41 2017] <Cypi> (there are several notions of equivalence, but that's one of them)
[Tue Oct 10 19:15:47 2017] <Cypi> So this is not specific to inductive types
[Tue Oct 10 19:15:56 2017] <Cypi> I don't know of anything absolutely specific to inductive types
[Tue Oct 10 19:25:31 2017] <cq1> Cypi: Interesting, thanks. I'll look into HoTT and univalence. Is univalence pronounced /juː'nɪvələns/ or /juːnɪˈveɪləns/?
[Tue Oct 10 19:26:23 2017] <benzrf> isnt it more common to say that 2 types are equivalent if there's an equivalence between them, where an equivalence is a map whose fibers are contractible
[Tue Oct 10 19:26:25 2017] <benzrf> tsk tsk
[Tue Oct 10 19:26:56 2017] <Cypi> cq1: I'm not a native English speaker, I don't know
[Tue Oct 10 19:27:25 2017] <Cypi> benzrf: pretty sure it depends who you ask
[Tue Oct 10 19:49:59 2017] <Chobbes> Might not be the right way to say this, but can you only rewrite types?
[Tue Oct 10 19:50:03 2017] <Chobbes> http://lpaste.net/9127850804550565888
[Tue Oct 10 19:50:36 2017] <Chobbes> Well, that's not right But I'm having problems rewriting the terms in eq_rect there.
[Tue Oct 10 19:51:55 2017] <Chobbes> And I'm not sure why it won't let me do that.
[Tue Oct 10 19:55:02 2017] <Chobbes> Maybe it just has to do with the final argument to eq_rect, the `x=y` argument, and then coq gets mad when you replace `x` in the previous arguments?
[Tue Oct 10 22:17:22 2017] <pizzawizard> Super basic question that's leaving me feeling dumb: I have (cons a b = cons c d) -- how do I conclude a = c and b = d?
[Tue Oct 10 22:18:11 2017] <Cypi> with "inversion H" (if H is the name of your hypothesis)
[Tue Oct 10 22:19:04 2017] <pizzawizard> Cypi: Thanks.
[Tue Oct 10 22:57:51 2017] <tehgeekmeister> I'm having a lot of trouble with the binary inverse problem in the induction chapter of the logical foundations book of software foundations. I get into an infinite regress (even using induction) where one case just keeps being intractable. I've looked at the existing solutions I can find online (this is not homework for me), and they don't work for me (and by inspection my data type/normalize seem identical ex
[Tue Oct 10 22:57:52 2017] <tehgeekmeister> cept constructor names).
[Tue Oct 10 22:59:01 2017] <tehgeekmeister> If anyone has some hints or meta-advice like to move on come back later, I'm happy to hear it. I can paste code or something if useful, though the book says you shouldn't do that, so I'm not sure how's best to avoid causing problems for classes using the book but still get help.
[Tue Oct 10 22:59:49 2017] <tehgeekmeister> The one thing I noticed in the solution I looked at that was really interesting was they did a replace that *seemed not to modify any goals* yet later steps fail without it. https://github.com/blindFS/Software-Foundations-Solutions/blob/master/Induction.v#L686
[Wed Oct 11 00:52:31 2017] <dh`> <Cypi> Basically, A et B are equivalent if there is a function f : A -> B such that there is a function g : B -> A which is inverse of f
[Wed Oct 11 00:52:46 2017] <dh`> careful, it also needs to be surjective to get a useful notion of equaivalence :-)
[Wed Oct 11 00:54:43 2017] <dh`> s/equaivalence/equivalence/
[Wed Oct 11 00:54:54 2017] <dh`> equaivalence must be something involving deep learning
[Wed Oct 11 00:58:01 2017] <dh`> although I guess it's also sufficient to require that both f and g are mutual inverses.
[Thu Oct 12 11:49:56 2017] <bartavelle> alright, if anyone finished vfa, could he /msg me his definition of priqueue_elems ? it seems that there are many possibilities, but each one I tried got me stuck at abs_perm, which is only rated 2 stars
[Thu Oct 12 11:50:10 2017] <bartavelle> so I suppose I am missing something obvious
[Thu Oct 12 11:52:28 2017] <Cypi> Could you /msg me your definition, so that I can try to hint at it? (Or if you really just want a solution, I'll give you mine directly, as you wish.)
[Thu Oct 12 11:52:41 2017] <bartavelle> sure
[Fri Oct 13 13:04:40 2017] <wrengr> dh`: in virtue of f/g being functions (i.e., functional relations) and mutual inverses, injectivity and surjectivity follow for free (in the finite case; but then, in the infinite case "surjective" doesn't mean what one might want it to anyways)
[Fri Oct 13 13:06:00 2017] <wrengr> dh`: of course, this is a peculiarity of sets. Other structures won't necessarily get isomorphism for free
[Fri Oct 13 17:52:33 2017] <benzrf> has anybody put out, like
[Fri Oct 13 17:53:21 2017] <benzrf> some kind of library intended to provide the baseline definitions and theorems of stuff like the untyped lambda calculus or whatever -
[Fri Oct 13 17:53:50 2017] <Cypi> Something like http://iron.ouroborus.net/ ?
[Fri Oct 13 17:53:52 2017] <benzrf> but optimized for ability to take some new thing you're learning about and try formalizing it without going thru the pain of having to redo the basic
[Fri Oct 13 17:54:14 2017] <Cypi> Ah. No idea x)
[Fri Oct 13 17:54:14 2017] <benzrf> oh that actually sounds kind of like what im looking for :D
[Fri Oct 13 17:54:20 2017] <benzrf> oh mb not then
[Fri Oct 13 17:54:55 2017] <benzrf> (to be precise - im reading about denotational semantics for haskell & i was thinking itd be nice to be able to try to write down formal definitions - except that i dont wanna go thru the pain of building the language id be giving semantics to)
[Fri Oct 13 17:56:45 2017] <johnw_> benzrf: yeah, Ott
[Fri Oct 13 17:57:03 2017] <johnw_> benzrf: it will generate a whole bunch of substitution theorems for you automatically from a core definition of lambda calculus
[Fri Oct 13 17:57:08 2017] <benzrf> o:
[Fri Oct 13 17:57:27 2017] <johnw_> Stephanie Weirich used it in her DeepSpec class this summer
[Fri Oct 13 17:57:45 2017] <johnw_> along with a tool called lngen that generates even *more* theorems relating to the locally nameless representation
[Fri Oct 13 17:58:02 2017] <benzrf> oh sick :D
[Fri Oct 13 17:58:09 2017] <johnw_> it was pretty eant
[Fri Oct 13 17:58:19 2017] <johnw_> basically, you don't have to do any of the "core theory", just your semantics on top
[Fri Oct 13 17:58:20 2017] <benzrf> hmm this kind of reminds me of redex
[Fri Oct 13 17:58:26 2017] <benzrf> from the tiny tiny amount of redex ive looked at
[Fri Oct 13 17:58:45 2017] <johnw_> then there's the "bound" style monadic substitution
[Fri Oct 13 17:58:52 2017] <johnw_> which, depending on what your doing, can be WAY simpler
[Fri Oct 13 17:58:57 2017] <benzrf> god there's so many takes on lambda calc out there
[Fri Oct 13 17:59:01 2017] <johnw_> but as with anything, it's all about tradeoffs
[Fri Oct 13 17:59:03 2017] <johnw_> yep
[Fri Oct 13 17:59:04 2017] <benzrf> i wanna learn all of them
[Fri Oct 13 17:59:07 2017] <benzrf> what sohuld i read
[Fri Oct 13 17:59:25 2017] <benzrf> has anybody written a proper textbook surveying this landscape
[Fri Oct 13 17:59:29 2017] <johnw_> read up on de bruijn, locally nameless, HOAS, PHOAS, and "bound" style
[Fri Oct 13 17:59:33 2017] <johnw_> good question
[Fri Oct 13 17:59:39 2017] <johnw_> I wonder if TAPL covers any of it
[Fri Oct 13 17:59:45 2017] <benzrf> o.o
[Fri Oct 13 17:59:47 2017] <johnw_> I think the "bound" style is fairly unknown in the literate
[Fri Oct 13 17:59:52 2017] <johnw_> I was only able to find one academic paper on it
[Fri Oct 13 17:59:57 2017] <benzrf> what's that?
[Fri Oct 13 18:00:01 2017] <johnw_> one sec
[Fri Oct 13 18:00:22 2017] <Cypi> https://www.seas.upenn.edu/~plclub/poplmark/ covers a lot of styles, I think they have papers associated to each?
[Fri Oct 13 18:00:35 2017] <benzrf> tangentially: i also want to do a survey of the trillions of kinds of semantics for propositional logic
[Fri Oct 13 18:00:40 2017] <benzrf> it's all so delightful
[Fri Oct 13 18:00:50 2017] <johnw_> benzrf: http://www.cs.uwyo.edu/~jlc/courses/5000_fall_08/debruijn_as_nested_datatype.pdf
[Fri Oct 13 18:01:04 2017] <benzrf> Cypi: o=
[Fri Oct 13 18:01:15 2017] <benzrf> johnw_: 403
[Fri Oct 13 18:01:20 2017] <benzrf> but "nested datatype" =-
[Fri Oct 13 18:01:23 2017] <benzrf> i think i might know what you mean...
[Fri Oct 13 18:01:36 2017] <johnw_> benzrf: are you a US citizen? if so, you should apply to intern with my company :) or someplace similar, like Galois
[Fri Oct 13 18:01:49 2017] <benzrf> i actually tried applying to galois last year but they rejected me
[Fri Oct 13 18:01:50 2017] <johnw_> oh, :(
[Fri Oct 13 18:01:52 2017] <benzrf> >:o
[Fri Oct 13 18:01:55 2017] <benzrf> what company are you at?
[Fri Oct 13 18:02:02 2017] <benzrf> right, do you mean this https://hackage.haskell.org/package/bound
[Fri Oct 13 18:02:05 2017] <johnw_> BAE Systems, in Boston
[Fri Oct 13 18:02:09 2017] <johnw_> yeah, the bound library is based on this idea
[Fri Oct 13 18:02:27 2017] <benzrf> oh yikes defense contracting
[Fri Oct 13 18:02:35 2017] <johnw_> yeah, but it's public-facing DARPA work in formal methods
[Fri Oct 13 18:02:49 2017] <benzrf> hm
[Fri Oct 13 18:02:53 2017] <johnw_> what's your e-mail?  I'll mail you the article
[Fri Oct 13 18:03:00 2017] <benzrf> its ok
[Fri Oct 13 18:03:09 2017] <benzrf> i never actually manage to get very far in pdfs ;-;
[Fri Oct 13 18:03:14 2017] <benzrf> i mostly just wanted to know the basic idea
[Fri Oct 13 18:03:35 2017] <johnw_> then watch these: https://www.slideshare.net/ekmett/bound-making-de-bruijn-succ-less
[Fri Oct 13 18:04:12 2017] <johnw_> the basic idea is that you parameterize your variable type in the syntax, and make it into a monad; once you do that, >>= becomes substitution
[Fri Oct 13 18:04:27 2017] <benzrf> yeah
[Fri Oct 13 18:04:29 2017] <benzrf> i saw bound for the first time actually about a month ago
[Fri Oct 13 18:04:49 2017] <johnw_> Joachim used it on a project recently in Coq, and it simplified SO many proofs
[Fri Oct 13 18:04:58 2017] <benzrf> i guess the bound package itself is a slight twist on the idea youre talking about
[Fri Oct 13 18:05:01 2017] <benzrf> optimizing substitution or something
[Fri Oct 13 18:05:09 2017] <benzrf> but the idea itself i played aronud with a little bitonic
[Fri Oct 13 18:05:10 2017] <johnw_> mainly because the way he was using lambda calc coincided with the sweet spot for this represetation
[Fri Oct 13 18:05:12 2017] <benzrf> *bit
[Fri Oct 13 18:05:16 2017] <benzrf> and i love it
[Fri Oct 13 18:05:19 2017] <johnw_> bound is a Haskell implementation of the idea, as far as I understand it
[Fri Oct 13 18:05:55 2017] <benzrf> >Logically you can think of this as if the shape were the traditional f (Var b a), but the extra f a inside permits us a cheaper lift.
[Fri Oct 13 18:06:50 2017] <benzrf> but yeah if i understood what i was doing correctly it basically ends up making it so that being parametric guarantees hygiene???
[Fri Oct 13 18:06:52 2017] <benzrf> that's fucking sick
[Fri Oct 13 18:07:09 2017] <benzrf> not even using dependent types or anything =D
[Fri Oct 13 18:07:14 2017] <johnw_> yep
[Fri Oct 13 18:07:17 2017] <johnw_> it's pretty damn sweet
[Fri Oct 13 18:07:59 2017] <benzrf> i shd probably learn sml at some point
[Fri Oct 13 18:08:06 2017] <johnw> why?
[Fri Oct 13 18:08:36 2017] <benzrf> i read a post or two by bob harper that ripped on haskell & it reminded me that im a bit myopic when it comes to functional programming as something broader than just haskell
[Fri Oct 13 18:08:46 2017] <benzrf> also, moduels sound extremely good
[Fri Oct 13 18:08:49 2017] <johnw> i think the differences in syntax are pretty meaningless
[Fri Oct 13 18:08:57 2017] <benzrf> im not just talking about syntax
[Fri Oct 13 18:08:58 2017] <johnw> master what's underneath, then translate
[Fri Oct 13 18:09:14 2017] <benzrf> sml is strict and impure, among other things
[Fri Oct 13 18:09:19 2017] <benzrf> that changes a LOT
[Fri Oct 13 18:09:30 2017] <johnw> I'd rather understand System FC better than learn another surface language
[Fri Oct 13 18:09:47 2017] <benzrf> neither haskell nor sml is system  fc
[Fri Oct 13 18:10:02 2017] <benzrf> oh wait
[Fri Oct 13 18:10:10 2017] <benzrf> i was thinking of system f - not sure what system fc is
[Fri Oct 13 18:10:13 2017] <benzrf> lol
[Fri Oct 13 18:10:20 2017] <johnw> system f with polymorphic types, I thought
[Fri Oct 13 18:10:27 2017] <benzrf> oh
[Fri Oct 13 18:11:15 2017] <benzrf> well, even apart from that, /programming/ as an activity is qualitatively different from working with the formalisms that underlie language design
[Fri Oct 13 18:11:32 2017] <johnw> no doubt
[Fri Oct 13 18:11:33 2017] <benzrf> hm i shd go eat dinner soon
[Fri Oct 13 18:11:48 2017] <johnw> better to understand digestion ;)
[Fri Oct 13 18:32:37 2017] <benzrf> johnw: if youre still there: is this not equivalent to just "f(x) <= g(x)" https://i.imgur.com/uY55gJ8.png
[Fri Oct 13 18:33:53 2017] <benzrf> ok nvm i thought it thru and its equivalent
[Fri Oct 13 18:34:01 2017] <benzrf> i was avoiding hashing it out because im tired >.>
[Fri Oct 13 22:48:10 2017] <benzrf> god i need to pick up some ett
[Fri Oct 13 22:51:09 2017] <benzrf> im reading more posts on bob harper's blog and it's really reminding me how little i actually know :V
[Fri Oct 13 22:53:19 2017] <benzrf> hmm https://i.imgur.com/rbiuZT4.png
[Fri Oct 13 22:54:34 2017] <benzrf> i once downloaded and spun up a nuprl vm
[Fri Oct 13 22:54:39 2017] <benzrf> and then i never really did anything with it
[Fri Oct 13 22:55:15 2017] <benzrf> but whenever i look at stuff about nuprl, it feels like theres a gigantic universe there that i keep forgetting exists
[Fri Oct 13 22:58:07 2017] <benzrf> someone smack me every day until i acquiesce to actually sitting down and reading some primary sources
[Fri Oct 13 22:58:11 2017] <benzrf> like, martin-löf or something
[Sat Oct 14 07:52:03 2017] <cic> benzrf: https://www.ps.uni-saarland.de/autosubst/ is nice btw, but i've only used it to prove the normalization stuff in SF for lambda calculus, and it's probably mentioned somewhere if you go through the poplmark stuff.
[Sat Oct 14 07:52:17 2017] <cic> (regarding the binders discussion above.)
[Sat Oct 14 09:19:16 2017] <benzrf> cic: yeah i actually tried using autosubst for formalizing FOL and it turned out it doesnt handle so well that kind of nested type thing
[Sat Oct 14 09:19:27 2017] <benzrf> (prop type and expr type, vars bound in prop type and appear in expr type)
[Sat Oct 14 11:40:50 2017] <dmiles> "prop type and expr type, vars bound in prop type and appear in expr type" interesting..  i been fighting with the acceptance (though i definately accepted by now) that i have to maintain the two typesystems
[Sat Oct 14 11:42:48 2017] <dmiles> (for my homespun inference engine)
[Sat Oct 14 12:22:05 2017] <cic> hm, do you have some instance of this problem to illustrate, because i don't follow. (it's not that i think i can solve it, i just want to know what's going on :p)
[Sun Oct 15 10:17:23 2017] <bartavelle> is there a way to do a "match goal" on a match expression without specifying the list of matches?
[Sun Oct 15 10:17:57 2017] <bartavelle> there is a "match foo" with with tons of coases, and I would just like to write something like
[Sun Oct 15 10:18:15 2017] <bartavelle> match goal with | _ |- match ?x with _ end => ...
[Sun Oct 15 10:21:58 2017] <bartavelle> ah, managed to google it
[Sun Oct 15 10:25:57 2017] <rrika> bartavelle, so what is the syntax?
[Sun Oct 15 10:28:23 2017] <bartavelle> found a SO answer, but can't make it work
[Sun Oct 15 10:28:31 2017] <bartavelle> https://stackoverflow.com/questions/28454977/how-to-match-a-match-expression
[Sun Oct 15 10:30:31 2017] <bartavelle> argh; found out why this didn't work
[Sun Oct 15 10:30:45 2017] <bartavelle> I appended a ;simpl. at the end of my match goal, so what I was seing could not be matched :)
[Sun Oct 15 10:46:14 2017] <benzrf> cic: first-order logic syntax has separate grammars for propositions and expressions, with the latter appearing nested in the former
[Sun Oct 15 10:46:28 2017] <benzrf> cic: forall and exists bind variables, but the variables get used in the expressions
[Mon Oct 16 22:44:48 2017] <dh`> <benzrf> i shd probably learn sml at some point
[Mon Oct 16 22:44:54 2017] <dh`> (yeah that's deep in the scroll)
[Mon Oct 16 22:45:05 2017] <dh`> sml is kinda crap, tbh
[Mon Oct 16 22:49:47 2017] <lambda-11235> dh`: How so?
[Mon Oct 16 22:52:11 2017] <lambda-11235> I mean, the infrastructure is bad, but the language seems alright (if a bit dated).
[Mon Oct 16 22:58:05 2017] <dh`> it's pretty dated
[Mon Oct 16 22:58:13 2017] <dh`> and most of the implementations are bitrotten
[Mon Oct 16 22:58:23 2017] <dh`> I haven't been able to get a reliably working smlnj build
[Mon Oct 16 22:59:01 2017] <dh`> same with mosml
[Mon Oct 16 22:59:18 2017] <dh`> and mlton isn't really being worked on any more either, afaict.
[Mon Oct 16 23:00:52 2017] <dh`> also, there was a change to the spec in the late 90s that outlawed certain kinds of sharing declarations, and the result of that is that you pretty much lose the ability to have any abstraction/encapsulation in sharing-heavy module families.
[Mon Oct 16 23:01:52 2017] <dh`> ocaml seems to be strictly superior from a point of view of actual code.
[Mon Oct 16 23:11:23 2017] <benzrf> o
[Mon Oct 16 23:50:31 2017] <lambda-11235> dh`: Indeed. I must admit one of my big problems with SML is the lack of any standard FFI.
[Tue Oct 17 00:28:27 2017] <dh`> oh, also, in sml "o" is an infix operator, which is just amazingly bizarre to look at.
[Tue Oct 17 00:28:49 2017] <dh`> someone should write a sml -> ocaml translator; there's just enough syntactic differences for doing it by hand to be really annoying.
[Tue Oct 17 06:56:25 2017] <rgrinberg> dh`: yeah, OCaml more than caught up to SML in recent years. It used to be that sml had some small edges (like generative functors for example), but no longer...
[Tue Oct 17 09:41:50 2017] <hodapp> has OCaml still the issues with multithreading/parallelism I'd heard people complain of?
[Tue Oct 17 11:47:10 2017] <rgrinberg> hodapp: Yes. OCaml still has a single threaded GC. Though this is finally getting seriously addressed
[Tue Oct 17 11:47:54 2017] <rgrinberg> See the multicore effort
[Wed Oct 18 00:49:40 2017] <dh`> is compcert's cpp verified?
[Wed Oct 18 00:52:59 2017] <Cypi> I don't think parsing and preprocessing are verified
[Wed Oct 18 00:53:06 2017] <Cypi> (if "cpp" meant preprocessing)
[Wed Oct 18 00:53:58 2017] <Cypi> http://compcert.inria.fr/motivations.html explicitely states it I think
[Wed Oct 18 00:54:05 2017] <Cypi> (search for "preprocessing")
[Wed Oct 18 09:07:46 2017] <Migi32> are there any coq projects I could help with? I had some fun proving some basic number theory stuff, maybe there are a few projects where I could help out and actually prove something useful?
[Wed Oct 18 17:30:42 2017] <buttbutt1r> Is there a tactical that allows me to apply a tactic to all current subgoals? I'm aware of using ";" but that's sort of "apply this tactic to all subgoals generated by this other tactic". I just want to apply a tactic to all current subgoals, regardless of how they were generated.
[Wed Oct 18 17:30:46 2017] <buttbutt1r> I hope that makes sense.
[Wed Oct 18 17:34:38 2017] <Chobbes> buttbutt1r: I think there's a thing called "goal selectors"
[Wed Oct 18 17:36:21 2017] <Chobbes> https://coq.inria.fr/refman/ltac.html#hevea_tactic210
[Wed Oct 18 17:37:46 2017] <Chobbes> So, `all: reflexivity.` for instance.
[Wed Oct 18 18:13:51 2017] <buttbutt1r> Chobbes: Oh, cool. That's precisely what I want.
[Wed Oct 18 18:13:53 2017] <buttbutt1r> Thanks!
[Wed Oct 18 18:16:42 2017] <Chobbes> buttbutt1r: no problem! I have to say, I'm curious, though. I find that `;` is sufficient for what I have done to date! Why the desire for `all`? Just structuring differently, and you found that after some simplification your goal became the same as other subgoals?
[Wed Oct 18 18:20:12 2017] <xuanrui> Is there a neat way for working with vectors?
[Wed Oct 18 18:20:26 2017] <Chobbes> xuanrui: what do you mean?
[Wed Oct 18 18:21:01 2017] <xuanrui> so that I don't have to do Vector.everything when I work with them
[Wed Oct 18 18:21:15 2017] <xuanrui> more of a notational efficiency concern
[Wed Oct 18 18:22:11 2017] <Chobbes> xuanrui: oh god, yeah. I think there is a way, but I haven't gotten annoyed enough yet. If you don't import lists I think you can avoid Vector.cons and so forth and just write cons.
[Wed Oct 18 18:22:41 2017] <xuanrui> Alas
[Wed Oct 18 18:22:49 2017] <xuanrui> I guess I have to live with it for a while, then
[Wed Oct 18 18:22:59 2017] <xuanrui> Can I avoid writing (Vector.nil A) then
[Wed Oct 18 18:23:22 2017] <xuanrui> so that I don't have to write the type argument all the time
[Wed Oct 18 18:24:28 2017] <Chobbes> You could define nil' with an implicit argument, maybe?
[Wed Oct 18 18:24:33 2017] <xuanrui> maybe
[Wed Oct 18 18:24:49 2017] <Chobbes> It's a little annoying to unfold sometimes, but that should work.
[Wed Oct 18 18:27:04 2017] <buttbutt1r> Chobbes: I'm kind a giant noob, so my approach is probably wrong. But when I use ";" often--say--3 subgoals are similar and then there are 2 outliers (that are similar to eachother). So the tactics you use with the ";" might work for the first 3, but not the last 2. So seems like a nice place to use a goal selector.
[Wed Oct 18 18:27:34 2017] <buttbutt1r> (i.e. after you've taken care of the first 3 subgoals, then use a goal selector to take care of the last 2)
[Wed Oct 18 18:27:39 2017] <buttbutt1r> But yeh, I dunno what I'm doing.
[Wed Oct 18 18:27:55 2017] <Chobbes> buttbutt1r: ah, I see!
[Wed Oct 18 18:28:56 2017] <Chobbes> buttbutt1r: you can handle this all with ";". Maybe it's not always better to do so, though.
[Wed Oct 18 18:29:34 2017] <buttbutt1r> Chobbes: I know you could. For example using try tactics, right?
[Wed Oct 18 18:29:49 2017] <buttbutt1r> But seems like it's more readable to not handle it all with ;. I dunno.
[Wed Oct 18 18:30:00 2017] <buttbutt1r> tacticals* not tactics.
[Wed Oct 18 18:30:01 2017] <Chobbes> buttbutt1r: yeah, but I think you're right. It could be a lot better to just use all.
[Wed Oct 18 18:30:24 2017] <buttbutt1r> :)
[Wed Oct 18 18:36:04 2017] <Chobbes> xuanrui: might be of interest: http://coq-club.inria.narkive.com/Nr2nabab/qualified-imports
[Wed Oct 18 18:41:21 2017] <xuanrui> Thanks!
[Wed Oct 18 20:01:00 2017] <const> where is the PG tutorial file!? i lost..
[Wed Oct 18 20:56:40 2017] <johnw> I wonder how you'd phrase this in Coq: given a function any {A B} (P : A -> B) (xs : list A), how can I prove that every 'x : A' which is passed to P during the execution of 'any' came from xs?  Parametricity implies this, but I'm wondering how I word the theorem.  I want to derive evidence, within P, that the 'x' under consideration is in 'xs'.
[Wed Oct 18 20:58:52 2017] <Cypi> What do you mean, "within P"? Would anything resembling "{A B} (xs : list A) (P : {x : A | In x xs} -> B)" be what you're asking for?
[Wed Oct 18 20:59:00 2017] <johnw> example:
[Wed Oct 18 20:59:13 2017] <johnw> any (P:=fun x => foo x) xs
[Wed Oct 18 20:59:24 2017] <johnw> but what if foo needs a witness List.In x xs
[Wed Oct 18 20:59:45 2017] <johnw> i mean, I know this parametrically; where else could the 'x' have come from
[Wed Oct 18 20:59:55 2017] <johnw> but I don't have the witness handy
[Wed Oct 18 21:00:17 2017] <johnw> and yes, the type you gave provides the evidence
[Wed Oct 18 21:00:25 2017] <johnw> but I'm not able to redefine 'any' in my context
[Wed Oct 18 21:00:48 2017] <Cypi> Ok, I see what you mean now.
[Wed Oct 18 21:02:55 2017] <Cypi> My instinct tells me it shouldn't be possible. For instance if you consider `@any nat nat`, then you certainly can't prove that anything given to P is in xs (basically, the same for any actual instantiation of A). So what you ask only makes sense if you don't have a specific A, which means you probably can't have what you want in general, right?
[Wed Oct 18 21:03:33 2017] <johnw> what about the parametricity argument?
[Wed Oct 18 21:03:52 2017] <johnw> since 'any' is parametric in A, it cannot fabricate any term of type A
[Wed Oct 18 21:04:00 2017] <johnw> it must have come from the list
[Wed Oct 18 21:05:00 2017] <Cypi> alright, my sentence was probably wrong on second glance. What about a more compelling argument: wouldn't it contradict in some way excluded middle for instance?
[Wed Oct 18 21:05:29 2017] <Cypi> any could be implemented as "match xs with [] => True | a :: _ => `something involving excluded middle to get an arbitrary (a : A)"
[Wed Oct 18 21:05:48 2017] <johnw> but you can't do that...?
[Wed Oct 18 21:05:55 2017] <Cypi> why?
[Wed Oct 18 21:06:01 2017] <johnw> I don't have LEM
[Wed Oct 18 21:06:46 2017] <Cypi> Well yes, but Coq is supposed to be consistent with excluded-middle. So I guess my point is that what you are asking for can only be a meta-theorem.
[Wed Oct 18 21:07:02 2017] <johnw> yes, I think you're right
[Wed Oct 18 21:07:03 2017] <Cypi> (I may be wrong, but honestly I am not even sure how you would state this)
[Wed Oct 18 21:07:11 2017] <johnw> people have told me before that I can't have parametricity theorems except as axioms
[Wed Oct 18 21:07:16 2017] <johnw> or, in specific cases
[Wed Oct 18 21:07:28 2017] <johnw> such as Maxime's work on refinements for free
[Wed Oct 18 21:08:02 2017] <benzrf> johnw: parametricity is an external fact
[Wed Oct 18 21:08:37 2017] <benzrf> as Cypi pointed out, baseline coq is consistent with classical math (more or less), so it can't contradict classical math, and parametricity does not hold in classical math
[Wed Oct 18 21:09:12 2017] <johnw> how do you determine the last part of your statement?
[Wed Oct 18 21:09:13 2017] <benzrf> proving parametricity relies on analyzing what kind of constructs exist in the language, and you can't introspect like that
[Wed Oct 18 21:10:35 2017] <benzrf> well, it depends on the specifics, but broadly speaking i just mean that classical math lets you construct highly pathological functions with special-case-y behavior
[Wed Oct 18 21:11:50 2017] <benzrf> e.g., you can write down "f does thing X when used with types that arent equal to nat, and thing Y when used with types that are equal to nat", and then you have a function which does that
[Wed Oct 18 21:15:03 2017] <johnw> https://gist.github.com/37d6cb4d88da54162cedc75ef8cced05
[Wed Oct 18 21:15:09 2017] <johnw> here's a brief example of what I'm trying to do
[Wed Oct 18 21:15:52 2017] <johnw> it seems well-founded, if I know the relationship of subterm [n] to [xs']
[Wed Oct 18 21:30:57 2017] <Cypi> johnw: just in case it helps, you can define this as a nested recursion http://lpaste.net/359354
[Wed Oct 18 21:39:37 2017] <Cypi> Also it's a bit sad, but with a slightly different definition of any, it would work: http://lpaste.net/359355
[Wed Oct 18 21:40:08 2017] <Cypi> in the second definition you do the fixpoint a bit later, so you can actually reduce the application of `any'` to a predicate
[Wed Oct 18 21:40:57 2017] <Cypi> in the first definition, if you just apply `any` to a predicate, well, you get a fixpoint applied to something (which is not its principal argument in constructor form), so you can't reduce it
[Wed Oct 18 22:09:52 2017] <benzrf> ooh, this cofinite quantification thing is interesting https://www.cis.upenn.edu/~bcpierce/papers/binders.pdf
[Wed Oct 18 22:10:13 2017] <benzrf> what exactly is the benefit of locally nameless over using only de bruijn indices?
[Wed Oct 18 22:16:32 2017] <Cypi> looks like the point is to avoid too much complication with shifting lemmas
[Wed Oct 18 22:16:40 2017] <Cypi> https://www.chargueraud.org/research/2009/ln/main.pdf looks like a good explanation
[Wed Oct 18 22:21:22 2017] <benzrf> buhh
[Wed Oct 18 22:21:31 2017] <benzrf> i shd try printing these papers out so i can read them without getting distracted
[Wed Oct 18 22:21:36 2017] <benzrf> but the type would be so small...
[Wed Oct 18 22:22:14 2017] <Cypi> I mean, you don't need to read everything, he gives enough motivation in the first few paragraphs x)
[Wed Oct 18 23:37:37 2017] <Chobbes> Mmmm. Has anybody encountered a problem with PG / company coq where sometimes when you open a new buffer after it has been opened for a while it 1) doesn't do any syntax highlighting, and 2) doesn't do any proof general stuff? It seems to be stuck in fundamental mod.
[Thu Oct 19 00:07:30 2017] <dh`> cypi: parsing is verified, there's a version of menhir (I think it went into menhir mainline, but not sure) that emits certified parsers in coq
[Thu Oct 19 00:09:09 2017] <dh`> so I was wondering about cpp, not really sure where to look other than wade into the source tree
[Thu Oct 19 00:17:42 2017] <dh`> which I can do obviously, but I was hoping someone already knew :-)
[Thu Oct 19 00:28:17 2017] <dh`> hmm, the posted manual notes the parser is verified and says the rest of the front bits aren't yet
[Thu Oct 19 00:28:35 2017] <dh`> wonder if anyone over there's working on it
[Thu Oct 19 00:36:53 2017] <johnw> Cypi: so I have to hand overfold 'any', even though the definition is the same?
[Thu Oct 19 00:37:23 2017] <johnw> Cypi: I see, any' is like doing pattern on the recursive argument
[Thu Oct 19 01:28:55 2017] <dh`> johnw: did you see the comments a few days ago about the fib exercise?
[Thu Oct 19 01:29:34 2017] <johnw> no
[Thu Oct 19 01:57:56 2017] <dh`> I made a fib, and then someone else (I think Cypi) made a better one
[Thu Oct 19 01:58:14 2017] <dh`> mine's here: http://codepad.org/nsQpyeHY
[Thu Oct 19 01:59:29 2017] <dh`> the other one's here: http://lpaste.net/359084
[Fri Oct 20 02:02:16 2017] <johnw> do you guys know of companies investing in formal methods research?  I can think of a few, but I was wondering which ones Google wasn't turning up...
[Fri Oct 20 09:41:59 2017] <ertes-w> what's the difference between ":" and ":>" in class definitions?
[Fri Oct 20 09:42:05 2017] <ertes-w> (for type signatures)
[Fri Oct 20 09:42:44 2017] <anton-trunov> `:>` declares a coersion
[Fri Oct 20 09:42:57 2017] <ertes-w> ah, i see
[Fri Oct 20 09:43:17 2017] <ertes-w> so i can easily go to more general structures
[Fri Oct 20 09:51:06 2017] <ertes-w> can i query the definition of a Notation?
[Fri Oct 20 09:51:23 2017] <ertes-w> use case: what does "x = y" desugar to?
[Fri Oct 20 09:52:16 2017] <anton-trunov> you can `Locate "=".`
[Fri Oct 20 09:52:24 2017] <anton-trunov> or `Print "=".`
[Fri Oct 20 09:52:50 2017] <ertes-w> oh, indeed…  thanks
[Fri Oct 20 09:55:17 2017] <ertes-w> one more question: is there a predefined extensional equality relation for functions with all the usual instances?
[Fri Oct 20 09:57:06 2017] <anton-trunov> not that I'm aware off, but I vaguelt remember that stuff appeared on Coq-Club several years ago (IIRC Andrej Bauer was the OP)
[Fri Oct 20 09:57:15 2017] <anton-trunov> *vaguely
[Fri Oct 20 09:57:35 2017] <anton-trunov> * off = of
[Fri Oct 20 10:02:45 2017] <ertes-w> hmm, ok…  kinda expected it to be in the standard library =)
[Fri Oct 20 10:03:02 2017] <ertes-w> i'll see what i can find (or just define it myself)
[Fri Oct 20 10:04:13 2017] <ertes-w> is there a best-practices guide?  or perhaps a cheat sheet of convenience functions i should know about?  especially with regard to implicits and notations
[Fri Oct 20 10:05:32 2017] <ertes-w> doing those by hand in the context of sections and classes is rather noisy =)
[Fri Oct 20 10:07:56 2017] <anton-trunov> Probably this can be useful: https://sympa.inria.fr/sympa/arc/coq-club/2016-11/msg00113.html
[Fri Oct 20 10:14:00 2017] <ertes-w> hmm…  not very satisfying =/
[Fri Oct 20 10:14:13 2017] <anton-trunov> I agree
[Fri Oct 20 10:14:26 2017] <ertes-w> i wish infix notation was just first class syntax in coq, like in agda
[Fri Oct 20 10:14:59 2017] <anton-trunov> that would be awesome
[Fri Oct 20 10:36:17 2017] <ertes-w> what does "`" (backtick) mean?  i found quite a few resources using it, but never explaining it
[Fri Oct 20 10:37:58 2017] <ertes-w> ah, apparently it says: "use generalisable variables"
[Fri Oct 20 10:38:33 2017] <anton-trunov> it's a shorthand
[Fri Oct 20 10:39:02 2017] <anton-trunov> it allows us not to write extra variables under forall
[Fri Oct 20 10:45:22 2017] <ertes-w> yeah, thanks
[Sat Oct 21 03:47:46 2017] <dh`> is there some reason that passing a recursive call to myself to fold_left isn't allowed for functions that have an explicit measure?
[Sat Oct 21 03:48:26 2017] <dh`> it's accepted if I let coq pick a decreasing argument itself (apparently) but that doesn't work for this function
[Sat Oct 21 03:50:27 2017] <dh`> or, more pertinently, is there a way around the issue?
[Sat Oct 21 04:30:33 2017] <bartavelle> I think there is an example in software foundations where the authors write a fixpoint and shows a way to manually prove the function terminates
[Sat Oct 21 04:30:39 2017] <bartavelle> can't find it though
[Sat Oct 21 04:30:51 2017] <bartavelle> and not sure that would be what you are looking for
[Sat Oct 21 04:34:04 2017] <bartavelle> yeah can't find it, must have dreamed it :/
[Sat Oct 21 04:43:21 2017] <dh`> that's what I was doing
[Sat Oct 21 04:43:55 2017] <dh`> Function foo (arg: regexp * string) {measure: height arg} := ...
[Sat Oct 21 04:44:06 2017] <dh`> er, without the colon on the measure I think
[Sat Oct 21 04:47:25 2017] <dh`> the problem is that it won't let me call fold_left (fun ... => foo (r', s') ...
[Sat Oct 21 04:48:39 2017] <dh`> proving that (r', s') there is smaller than the original arg would be  tedious, but it should certainly be possible.
[Sat Oct 21 04:48:55 2017] <dh`> given what the fold is.
[Sat Oct 21 07:28:57 2017] <duri`> hi, I'm currently going through Coq tutorial on https://softwarefoundations.cis.upenn.edu/lf-current/. there is a bunch of .v files to download; I'm using CoqIde, previously with Coq 7.3 (really), now upgraded to 8.6
[Sat Oct 21 07:29:30 2017] <duri`> now there is Basics.v with definitions of some fixpoints like beq_nat
[Sat Oct 21 07:29:47 2017] <duri`> I've succesfully compiled Basics.v, .vo file has been created
[Sat Oct 21 07:30:56 2017] <duri`> another file, Induction.v, contains Require Export Basics, and uses beq_nat in some theorems
[Sat Oct 21 07:32:17 2017] <duri`> if I click Forward one command multiple times (or Go to end), everything works fine, the theorem that uses beq_nat gets defined, also Search "beq_nat" finds what I need
[Sat Oct 21 07:32:35 2017] <duri`> however, if I try to compile Induction.v, I get Error: The reference beq_nat was not found in the current environment.
[Sat Oct 21 07:32:57 2017] <duri`> this worked fine in 7.3 (even though I had to remove the bullets since they weren't supported)
[Sat Oct 21 07:33:09 2017] <duri`> any ideas what to do?
[Sat Oct 21 08:17:03 2017] <duri`> (okay, it has been 8.3 previously, not 7.3)
[Sat Oct 21 08:27:29 2017] <duri`> also, Print LoadPath. shows the folder with .v files in it
[Sat Oct 21 08:36:54 2017] <duri`> oh, it looks like I found the problem - if I run the program with the arrows, Print Libraries shows that Basics (from the current folder) has been loaded, but when I compile, it shows Coq.Program.Basics instead
[Sat Oct 21 08:37:15 2017] <duri`> still not sure how to fix this, but at least I'm closer
[Sat Oct 21 08:46:33 2017] <duri`> OK, looks like I partially fixed this with Add LoadPath "/path/to/v/files". It's a little bit annoying to add this to all files, so I'd still like to hear some suggestions for a better solution :-)
[Sat Oct 21 10:59:18 2017] <Chobbes> duri`: hmmm. You shouldn't have to change anything.
[Sat Oct 21 11:50:21 2017] <duri`> Chobbes: I've also thought so. We have a Coq seminar group and from about 10 people, one guy also had the same problem (and I observe this since today)
[Sat Oct 21 11:59:51 2017] <Chobbes> I've had similar problems, but it was from using an old version of ProofGeneral which didn't understand _CoqProject files. And the problem manifested itself in ProofGeneral, not on the command line.
[Sat Oct 21 12:00:13 2017] <Chobbes> (Also, to my knowledge, SF doesn't even use _CoqProject, so this is irrelevant)
[Sat Oct 21 17:20:14 2017] <dh`> there's a command-line option to add stuff to the include path; using that will be easier than adding stuff to evry file
[Sat Oct 21 17:20:21 2017] <dh`> s/evry/every/
[Sat Oct 21 19:46:16 2017] <dionyziz> Hi guys. I installed CoqIDE on mac. It worked for a few hours. Now suddenly the keyboard shortcut cmd+ctrl+right arrow (which is "go to cursor") has stopped working.
[Sat Oct 21 19:46:32 2017] <dionyziz> Instead, it makes a beep sound as if the command is forbidden. However, it works if I select it from the menu or if I click on the toolbar.
[Sat Oct 21 19:46:56 2017] <dionyziz> Also, on the menu I see a different keyboard shortcut than before (maybe for windows?) it doesn't show the cmd icon as it was earlier.
[Sat Oct 21 19:46:59 2017] <dionyziz> I didn't change any settings.
[Sat Oct 21 19:47:04 2017] <dionyziz> I don't know what has caused it.
[Sat Oct 21 19:47:06 2017] <dionyziz> Any hints?
[Sat Oct 21 20:20:03 2017] <benzrf> dionyziz: i dont know sorry
[Sat Oct 21 20:20:08 2017] <benzrf> better keep waiting :I
[Sat Oct 21 21:28:47 2017] <dionyziz> benzrf: Thanks :) If anyone else knows, please ping me, I'm still here.
[Sat Oct 21 21:30:57 2017] <dh`> have you quit out and restarted it?
[Sun Oct 22 06:22:28 2017] <dionyziz> dh`: Yes, I tried restarting the program and my computer.
[Sun Oct 22 06:23:32 2017] <dionyziz> Quick question: If I have in my hypotheses a witness of type exists x, (p x)... is it possible to extract that x somehow?
[Sun Oct 22 06:24:22 2017] <anton-tr_> yes, use `destruct` on that hypothesis
[Sun Oct 22 06:25:10 2017] <anton-tr_> of course, you won't be able to extract the original witness that has been used to prove `exists`
[Sun Oct 22 06:25:48 2017] <dionyziz> ah, yes, I see. thanks!
[Sun Oct 22 18:46:13 2017] <buttbutter> Is it just me, or is proving r_star_trans impossible here? http://lpaste.net/8184976367771713536
[Sun Oct 22 18:46:37 2017] <buttbutter> R_star is supposed to be the reflexive transitive closure of some relation R.
[Sun Oct 22 18:46:45 2017] <buttbutter> So I'm trying to show that R_star is transitive :)
[Sun Oct 22 18:52:41 2017] <Cypi> buttbutter: I don't think this is a transitive closure, as this only allows one transitive step.
[Sun Oct 22 18:53:40 2017] <Cypi> (if you know `R x y`, `R y z` and `R z t`, then you know `R x z` or `R y t`, but not `R x t`, for instance)
[Sun Oct 22 18:54:41 2017] <buttbutter> Ah, I knew something was wrong in my definition.
[Sun Oct 22 18:55:17 2017] <buttbutter> Sec, let me think about how to fix it.
[Sun Oct 22 18:57:49 2017] <buttbutter> Cypi: http://lpaste.net/57217760475742208
[Sun Oct 22 18:57:53 2017] <buttbutter> I think that did it
[Sun Oct 22 18:58:08 2017] <Cypi> Yup, now it's definitely transitive
[Sun Oct 22 18:58:23 2017] <buttbutter> Makes a lot more sense like this. Thanks for the help.
[Sun Oct 22 19:04:06 2017] <buttbutt1r> Cypi: I'm not sure if this is possible, but how can I generalize R_Star to any relation? Instead of just R? i.e., I want to prove a theorem involving a relation R and a relation T as well as their reflexive-transitive closures.
[Sun Oct 22 19:07:12 2017] <buttbutter> I guess I sort of want something like Inductive star : R -> X -> X -> Prop := ... where R is a relation with type X -> X -> Prop. But Coq complains.
[Sun Oct 22 19:09:58 2017] <Cypi> You've nearly done it actually. X and R are declared with the Variables vernacular, so if you put everything in a Section, it will generalize over X and R
[Sun Oct 22 19:10:10 2017] <Cypi> (put "Section some_name." before the declaration of X and R)
[Sun Oct 22 19:10:20 2017] <Cypi> (and then you'll need to close the section with "End some_name.")
[Sun Oct 22 19:11:03 2017] <Cypi> Another possibility is to write something like `Inductive star (X : Type) (R : Prop) : X -> X -> Prop := ...`
[Sun Oct 22 19:11:23 2017] <Cypi> I mean, `Inductive star (X : Type) (R : X -> X -> Prop) : X -> X -> Prop := ...`
[Sun Oct 22 19:13:00 2017] <buttbutter> Ah. I guess that sort of brings up another thing for me: is doing something like Inductive star (X : Type) (R : X -> X -> Prop) := stuff the same as Inductive star := | rule1 : forall (X : Type) (R : X -> X -> Prop), ... (and then each rule has a similar forall statement)?
[Sun Oct 22 19:13:29 2017] <buttbutter> Sorry if these questions are sort of "lazy". I'll go read the documentation on my own if you don't want to bother. :)
[Sun Oct 22 19:13:44 2017] <Cypi> Not exactly. In the first case, X and R are called parameters, and they need to be uniform in every constructor (that is, every constructor needs to end with `star X R ...` basically)
[Sun Oct 22 19:13:56 2017] <Cypi> in the second case, they are called indices, and are not required to be the same in every constructor
[Sun Oct 22 19:14:17 2017] <buttbutter> Okay, but if I had the same indices in each cosntructor, then the two scenarios are identical, right?
[Sun Oct 22 19:15:14 2017] <Cypi> Coq would still treat them differently. They would be a mix of parameters and indices (I don't remember the technical term)
[Sun Oct 22 19:15:26 2017] <Cypi> (and I don't remember the precise differences :D )
[Sun Oct 22 19:16:24 2017] <buttbutter> Ah, okay. Thanks for all the helpful information. I guess my last question is--is the Section treatment preferred or the "Inductive star (X : Type) (R : Prop) : " treatment preferred?
[Sun Oct 22 19:17:02 2017] <Cypi> It depends, it's a stylistic choice. Note however that with a Section you won't need to recall X and R for every lemma that you are proving about R_star
[Sun Oct 22 19:17:08 2017] <Cypi> (you can prove those lemmas in the section still)
[Sun Oct 22 19:17:48 2017] <buttbutter> Ah, true. That would be nicer. :)
[Sun Oct 22 19:17:51 2017] <buttbutter> Okay, great. Thanks!
[Mon Oct 23 10:53:30 2017] <buttbutter> I'm still not really sure what it means to use induction/inversion on hypotheses (instead of a variable, as I'm used to from math). Can anyone recommend a resource where I can read about this sort of induction? Software Foundations introduces it but doesn't really talk about what it means to my satisfaction, and I'd like to understand it better.
[Mon Oct 23 11:09:36 2017] <anton-trunov> Could you clarify what you mean by that? Hypotheses and variables are pretty much the same thing.
[Mon Oct 23 11:09:39 2017] <anton-trunov> Do you mean induction on derivation as opposed to let say induction on natural numbers?
[Mon Oct 23 11:17:26 2017] <buttbutter> I don't know what induction on derivation is. Traditionally, induction to me is sort of "okay, I have this base case and an inductive step". I.e. a single base case and a single inductive step. Generally, if I do induction on a hypothesis or on an inductive type that has multiple constructors, it's obviously not like that.
[Mon Oct 23 11:17:31 2017] <buttbutter> And it's just...foreign to me.
[Mon Oct 23 11:17:41 2017] <buttbutter> So I'm just looking for a resource that explains it.
[Mon Oct 23 11:18:43 2017] <anton-trunov> What about course-of-values induction? You have only one step there...
[Mon Oct 23 11:20:27 2017] <buttbutter> I'm unfamiliar with course-of-values induction too. I only really know weak/basic induction.
[Mon Oct 23 11:21:03 2017] <anton-trunov> https://en.wikipedia.org/wiki/Mathematical_induction#Complete_induction
[Mon Oct 23 11:21:08 2017] <buttbutter> So I guess I just want a clear resource that explains induction in Coq, aside from Software Foundations. Does that exist?
[Mon Oct 23 11:22:51 2017] <anton-trunov> Winskel's book on semantics has some explanation of different types of induction
[Mon Oct 23 11:24:12 2017] <buttbutter> Perfect. This is for a semantics course anyway :)
[Mon Oct 23 11:24:16 2017] <buttbutter> Thanks. I'll take a look.
[Mon Oct 23 11:24:18 2017] <anton-trunov> https://coq.inria.fr/distrib/current/files/RecTutorial.pdf
[Mon Oct 23 11:24:37 2017] <anton-trunov> This tutorial might help
[Mon Oct 23 11:25:05 2017] <anton-trunov> It explains induction more towards the end
[Mon Oct 23 11:26:19 2017] <buttbutter> Great. I guess what I'm confused about then is structural induction.
[Mon Oct 23 11:26:36 2017] <buttbutter> I think that's it at least. So I'll read about that :)
[Mon Oct 23 11:26:45 2017] <anton-trunov> good luck!
[Mon Oct 23 11:27:23 2017] <buttbutter> Thanks for the help!
[Mon Oct 23 11:27:38 2017] <anton-trunov> no prob :)
[Tue Oct 24 08:35:34 2017] <jstolarek> I have a premise that looks like this:
[Tue Oct 24 08:35:39 2017] <jstolarek> H : existT (fun ids : list id => stateP ids) ids b = existT (fun ids : list id => stateP ids) ids a
[Tue Oct 24 08:35:59 2017] <jstolarek> how to prove from it that a = b
[Tue Oct 24 08:36:00 2017] <jstolarek> ?
[Tue Oct 24 08:45:45 2017] <jstolarek> Ok, go it. inj_pair2_eq_dec from Coq.Logic.Eqdep_dec does the job
[Tue Oct 24 09:05:50 2017] <johnw> jstolarek: good thing it has a decidable equality, no axiom needed then
[Tue Oct 24 10:14:32 2017] <jstolarek> johnw: yes, had to prove decidable equality as a lemma, but that's better than an axiomn
[Tue Oct 24 10:17:49 2017] <johnw> jstolarek: yes, very much so :)
[Tue Oct 24 10:18:06 2017] <johnw> I find myself often written weird little side lemmas so that I can use Eqdep_dec whenever possible
[Tue Oct 24 10:25:21 2017] <johnw> jstolarek: good to see you here again, homework buddy :)
[Tue Oct 24 10:25:36 2017] <johnw> I'm going to be playing the recursion properties in Coq today
[Tue Oct 24 10:26:19 2017] <jstolarek> jonhw: nice to be back here. I on the other hand will be finishing for today
[Tue Oct 24 10:26:35 2017] <johnw> yes, I imagine so. Sleep well, and say hi to Poland for me
[Tue Oct 24 10:26:36 2017] <jstolarek> after spending yet another day on formalizing reasoning about program state
[Tue Oct 24 10:26:46 2017] <jstolarek> UK, not Poland ;-)
[Tue Oct 24 10:27:03 2017] <jstolarek> for the time being at least
[Tue Oct 24 10:27:15 2017] <johnw> oh right, why do I keep forgetting you're up there
[Tue Oct 24 22:45:35 2017] <minn> I'm having some trouble defining the following function: https://pastebin.com/DnPcHqxr. Is my best shot going to be the Program libraries?
[Tue Oct 24 22:46:51 2017] <minn> The third branch is the one I'm having trouble with. Otherwise, I could define it using Function.
[Wed Oct 25 00:27:20 2017] <minn> When solving termination obligations using Program Fixpoint, how can I simplify goals containing the function being defined? The name appears in the goal, but Coq complains that it isn't an evaluable reference.
[Wed Oct 25 08:29:35 2017] <buttbutter> How can you unfold notation in a proof?
[Wed Oct 25 08:30:03 2017] <anton-trunov> yes, `unfold "notation".`
[Wed Oct 25 08:30:21 2017] <buttbutter> I get an error that it's not a reference.
[Wed Oct 25 08:30:39 2017] <buttbutter> "Unable to interpret "<=2" as a reference", specifically.
[Wed Oct 25 08:30:56 2017] <anton-trunov> can you show your proof?
[Wed Oct 25 08:31:01 2017] <buttbutter> Yeah, I'll paste it. Sec.
[Wed Oct 25 08:32:25 2017] <buttbutter> http://lpaste.net/1356292071543013376
[Wed Oct 25 08:43:39 2017] <anton-trunov> hmmm, this is interestion. I didn't encounter an error like this before.
[Wed Oct 25 08:49:48 2017] <Cypi> I don't think you can unfold one specific notation, afaik
[Wed Oct 25 08:50:16 2017] <Cypi> You might be able to when the Notation is really just replacing the name of a function (something like "Notation value := Some.")
[Wed Oct 25 08:50:40 2017] <Cypi> in this case it will just unfold the underlying function
[Wed Oct 25 08:50:45 2017] <Cypi> but in general, I don't think you can.
[Wed Oct 25 08:51:14 2017] <modulus> hmm can't you unfold not and such?
[Wed Oct 25 08:51:47 2017] <Cypi> not is a function
[Wed Oct 25 08:52:25 2017] <Cypi> and the notation for it would be treated as an alias for "not", I guess
[Wed Oct 25 08:52:55 2017] <anton-trunov> "~ x" := not x : type_scope (default interpretation)
[Wed Oct 25 08:56:41 2017] <anton-trunov> Apparently we can unfold "+", "~" a bunch of other notations involving parameters.
[Wed Oct 25 08:57:57 2017] <anton-trunov> I don't see the reason not to be able to unfold this one, since Coq does that internally.
[Wed Oct 25 08:58:22 2017] <Cypi> it's not the parameters the problem. ~ can be directly mapped to a constant called not. + can be directely mapped to a constant called plus, and so on
[Wed Oct 25 08:58:40 2017] <Cypi> So when you ask to unfold "~", what is really unfolded is the constant "not"
[Wed Oct 25 08:58:51 2017] <Cypi> the kernel doesn't know anything about notations, so "unfold a notations" would be a noop
[Wed Oct 25 08:59:01 2017] <Cypi> -s
[Wed Oct 25 09:25:35 2017] <buttbutter_> anton-trunov: Did you perchance answer my question about the unfolding? I had to leave that computer, so I wasn't able to see your reply.
[Wed Oct 25 10:43:32 2017] <anton-trunov> buttbutter: If we take into account what Cypi told us about unfolding, then we can try to work around this issue by defining a wrapper like so:
[Wed Oct 25 10:43:38 2017] <anton-trunov> Definition wrap_le2 {X : Type} (R S : X -> X -> Prop) := forall x y, R x y -> S x y.
[Wed Oct 25 10:43:45 2017] <anton-trunov> Infix "<=2" := (wrap_le2) (at level 70).
[Wed Oct 25 10:43:59 2017] <anton-trunov> Then you'll be able to unfold "<=2".
[Wed Oct 25 10:44:25 2017] <anton-trunov> But you'll need change some of your proofs a bit
[Wed Oct 25 10:44:31 2017] <anton-trunov> -to change
[Wed Oct 25 14:10:23 2017] <buttbutter>  anton-trunov: I see. Thanks for the information. I asked about it in class as well and sort of got the blanket statement "Notations can't be unfolded". Which is why you're changing it to a definition right there, I'm guessing :)
[Wed Oct 25 15:02:03 2017] <lyxia> Is there a library for doing proof on C programs
[Wed Oct 25 15:06:46 2017] <Chobbes> lyxia: VST
[Wed Oct 25 15:07:18 2017] <Chobbes> http://vst.cs.princeton.edu/
[Wed Oct 25 15:07:33 2017] <lyxia> Chobbes: perfect, thanks!
[Wed Oct 25 15:08:01 2017] <Chobbes> I haven't used it yet, but I'm pretty sure the gist is that you convert C files to coq programs using a tool, and then prove properties on that.
[Wed Oct 25 15:08:24 2017] <Chobbes> Uses CompCert stuff behind the scenes, which is also probably worth looking into.
[Wed Oct 25 15:09:00 2017] <Chobbes> At least, I think it does. I'm no expert :).
[Thu Oct 26 09:48:56 2017] <jstolarek> is there a tactical that succeeds when a given tactic does not produce new subgoals and fails if new subgoals are generated?
[Thu Oct 26 10:27:49 2017] <cic> jstolarek: "tactic; fail" maybe?
[Thu Oct 26 10:28:05 2017] <cic> if tactic solves the current subgoal then fail will never be reached
[Thu Oct 26 10:28:33 2017] <cic> sometimes useful in combination with try: "tactic; try (tactic'; fail)"
[Thu Oct 26 10:29:07 2017] <cic> maybe there's a more idiomatic way of doing the same thing, that i don't know
[Thu Oct 26 10:29:34 2017] <Cypi> solve [ tac ] will succeed if and only fail there are no subgoals remaining after tac
[Thu Oct 26 10:29:49 2017] <Cypi> s/fail/if/
[Thu Oct 26 10:30:18 2017] <jstolarek> cic: I might have not been clear
[Thu Oct 26 10:30:26 2017] <jstolarek> I don't expect tactic to solve the goal
[Thu Oct 26 10:30:34 2017] <jstolarek> I just expect it not to produce more subgoals
[Thu Oct 26 10:31:36 2017] <cic> so it's rather that it should fail if it produces more than one subgoal then, i.e. if it "splits" the current goal
[Thu Oct 26 10:31:49 2017] <jstolarek> yes, preciesly
[Thu Oct 26 10:33:10 2017] <cic> you could look at the "General version of the invertn tactics
[Thu Oct 26 10:33:12 2017] <cic> ah
[Thu Oct 26 10:33:14 2017] <cic> new line
[Thu Oct 26 10:33:25 2017] <cic> the thread with that title in the deepspec piazza
[Thu Oct 26 10:33:47 2017] <cic> they count the number of subgoals there
[Thu Oct 26 10:34:13 2017] <cic> "numgoals"
[Thu Oct 26 10:34:14 2017] <Cypi> "tac; let n := numgoals in guard n < 2" would do it
[Thu Oct 26 10:34:27 2017] <jstolarek> ah, good point
[Thu Oct 26 10:34:29 2017] <Cypi> See https://coq.inria.fr/refman/ltac.html#hevea_default867 and the following subsections
[Thu Oct 26 10:34:34 2017] <jstolarek> I even have that in my mailbox
[Thu Oct 26 10:39:38 2017] <cic> it seems like a useful tactical to have, strange that it's not standard. but maybe it's cleaner in many cases to not use tactics that might split the goal rather than using "too heavy" tactics and then revert later.
[Thu Oct 26 10:44:03 2017] <jstolarek> I'm also surprised this is not standard.
[Thu Oct 26 10:44:21 2017] <jstolarek> Anyway, I just tested this and while my code is much more concise it is also three times slower :-.
[Thu Oct 26 10:44:24 2017] <jstolarek> :-/
[Thu Oct 26 10:45:55 2017] <Cypi> :(
[Thu Oct 26 10:46:36 2017] <modulus> does speed get to matter in very large proofs?
[Thu Oct 26 10:49:26 2017] <cic> "sometimes"? i think adam chlipala said in some interview that people are often look confused when he says that he is "optimizing" proofs, or when talking about "proof performence" or similar
[Thu Oct 26 10:49:51 2017] <modulus> yeah i tink i heard that recently
[Thu Oct 26 10:49:57 2017] <modulus> on a functional programming podcast or something like that
[Thu Oct 26 10:50:03 2017] <cic> functional geekery iirc
[Thu Oct 26 10:50:14 2017] <modulus> it def had functional in the name
[Thu Oct 26 10:50:35 2017] <modulus> my proofs are still tiny and more or less intantaeous.
[Thu Oct 26 10:50:39 2017] <modulus> *instantaneous.
[Thu Oct 26 10:51:47 2017] <cic> but the proofs do not have to be "big" for speed to matter, e.g. consider the standard example of proving "even <some large number>", where even is given by the standard inductive definition, by using "repeat constructor".
[Thu Oct 26 10:52:35 2017] <modulus> yeah i guess that's a good point
[Thu Oct 26 10:52:51 2017] <modulus> using nat for any large arithmetic is not really very fast and sometimes blows up the stack
[Thu Oct 26 10:54:24 2017] <cic> in this case it's worse than linear (what you have from nat alone), that proof size that is
[Thu Oct 26 12:10:56 2017] <cic> (the topic is outdated btw, coq 8.7 is out now :p)
[Thu Oct 26 12:10:58 2017] <cic> (https://coq.inria.fr/news/139.html)
[Thu Oct 26 12:13:29 2017] <johnw> thanks
[Thu Oct 26 17:04:21 2017] <benzrf> i feel like using auto-generated names for variables isnt very robust
[Thu Oct 26 17:04:35 2017] <benzrf> but when i do an induction on a big type, i dont wanna have a ginormous list of names all at the top
[Thu Oct 26 17:04:41 2017] <benzrf> is there a nice way of dealing with this
[Thu Oct 26 17:05:44 2017] <johnw> name only the ones you have to
[Thu Oct 26 17:05:50 2017] <johnw> intros ??? _ x ?? _ _ ?
[Thu Oct 26 17:06:47 2017] <benzrf> but i mean with induction you get the variables introduced for you
[Thu Oct 26 17:06:57 2017] <johnw> induction x as [??? _ x ?? _ _ ?] :)
[Thu Oct 26 17:06:59 2017] <benzrf> unless you provide names all at the point of the induction tactic
[Thu Oct 26 17:07:07 2017] <benzrf> yeah thats what im saying i dont wanna have a giant list up there :(
[Thu Oct 26 17:07:18 2017] <johnw> not sure what to tell you then...
[Thu Oct 26 17:07:23 2017] <benzrf> imagine if you wrote a match expression where you list all of the names at the top and not at the branches
[Thu Oct 26 17:52:19 2017] <benzrf> is there a tactic which can solve [M n = true <-> Some (M n) = Some true]
[Thu Oct 26 18:07:09 2017] <johnw> inversion solves one, f_equal solves the other
[Thu Oct 26 18:07:19 2017] <johnw> injection maybe?
[Thu Oct 26 18:07:55 2017] <johnw> no, not that
[Thu Oct 26 18:08:13 2017] <johnw> anyway: intuition; inversion H.
[Thu Oct 26 18:50:10 2017] <benzrf> things im grumpy about, part 93994885
[Thu Oct 26 18:50:38 2017] <benzrf> we have: [seq_nth: forall len start n d : nat, n < len -> nth n (seq start len) d = start + n]
[Thu Oct 26 18:51:14 2017] <benzrf> the corresponding statement for nth_err proves this very easily, but im pretty sure this doesnt help you at all if you wanna prove the converse
[Thu Oct 26 18:51:26 2017] <benzrf> and this is the only one in the stdlib; the other isnt there
[Thu Oct 26 19:12:31 2017] <benzrf> i ended up doing this which is ugly as fuck https://i.imgur.com/rH8vIM8.png
[Thu Oct 26 19:12:56 2017] <benzrf> turned out it did help you a little but you have to do a dirty trick where you set the default to something you know the result can't be if it finds a real answer
[Fri Oct 27 10:15:45 2017] <jstolarek> I have a constructor:
[Fri Oct 27 10:15:47 2017] <jstolarek> APlus  : aexp  -> aexp -> aexp
[Fri Oct 27 10:15:55 2017] <jstolarek> and I can create Notation for it:
[Fri Oct 27 10:16:12 2017] <jstolarek> Notation "a1 '+' a2" := (APlus  a1 a2) : aexp_scope.
[Fri Oct 27 10:16:24 2017] <jstolarek> I wonder if I can do the same for this constructor:
[Fri Oct 27 10:16:41 2017] <jstolarek>  ANum : nat -> aexp
[Fri Oct 27 10:17:01 2017] <jstolarek> that is, can I overload parsing of natural numbers in a given scope so that they are wrapped in ANum constructor?
[Sat Oct 28 14:10:22 2017] <dh`> <benzrf> i ended up doing this which is ugly as fuck
[Sat Oct 28 14:10:36 2017] <dh`> after working on my string library for a while I absolutely detest the functions with default values.
[Sat Oct 28 14:11:27 2017] <dh`> you can generally set things up to make the proofs go through, but it requires creating a bunch of otherwise unnecessary machinery.
[Sat Oct 28 14:12:41 2017] <dh`> and then using them requires all the same crap.
[Sat Oct 28 16:10:46 2017] <notnotdan> Hi. Does anyone know, how can I rewrite [if PeanoNat.Nat.eq_dec n n then A else B] to [A]?
[Sat Oct 28 16:11:07 2017] <notnotdan> There aren't any lemmas about Nat.eq_dec, as far as SearchAbout goes
[Sat Oct 28 16:13:25 2017] <notnotdan> Right now I am doing a `replace` + case analysis and calling `congruence`, but that seems kinda annoying to me.
[Sat Oct 28 16:18:05 2017] <artart78> notnotdan: write a lemma stating 'PeanoNat.Nat.eq_dec n n = true' and just rewrite it?
[Sat Oct 28 16:19:40 2017] <artart78> notnotdan: wait what's the PeanoNat.Nat.eq_dec you're using? the eq_dec I found in https://coq.inria.fr/library/Coq.Arith.PeanoNat.html doesn't seem to be what you want to use
[Sat Oct 28 16:24:09 2017] <notnotdan> artart78: what do i want to use then?
[Sat Oct 28 16:36:50 2017] <artart78> notnotdan: I'd say eqb or =? (infix)
[Sat Oct 28 16:42:55 2017] <benzrf> dh`: :(
[Sun Oct 29 14:28:08 2017] <dh`> there are times when I think it would be nice for coq to have some kind of builtin support for error monad refinement
[Sun Oct 29 14:29:16 2017] <dh`> something like Failing Function foo: x -> y := ... whose type is extended to be y option if referenced outside another failure context
[Sun Oct 29 18:30:16 2017] <Chobbes> Hmmm. I want to use real numbers for some basic calculus / real analysis stuff. Are the built in real numbers the best starting point? It seems like they have an odd amount of stuff. E.g., I don't see a log function, but it has limits defined on any metric space. As far as I'm aware, though, RLimit doesn't have any way to represent a divergent limit? Is there something better to use? C-CoRN seems to lag a bit
[Sun Oct 29 18:30:18 2017] <Chobbes> behind -- currently only available for 8.5.2.
[Sun Oct 29 20:29:52 2017] <dh`> argh
[Sun Oct 29 20:30:30 2017] <dh`> is there any way to tell coq that the map module I just created is the same as the one in the file I just imported?
[Sun Oct 29 20:30:51 2017] <dh`> Or do I need to build it exactly once and import it everywhere from there?
[Sun Oct 29 20:50:57 2017] <benzrf> smh @ ppl who dont know the difference between recursion and corecursion https://i.imgur.com/KzLyGACh.jpg
[Sun Oct 29 22:46:32 2017] <dh`> Anomaly: Not an arity. Please report at http://coq.inria.fr/bugs/.
[Sun Oct 29 22:46:35 2017] <dh`> beautiful
[Wed Nov  1 04:24:01 2017] <dh`> grr... if I have H: P <-> a = b, is there any way to rewrite H to transform a to b without destructing the <-> first?
[Wed Nov  1 09:23:01 2017] <jstolarek> I m struggling with this seemingly trivial goal:
[Wed Nov  1 09:23:05 2017] <jstolarek> http://lpaste.net/359718
[Wed Nov  1 09:23:26 2017] <jstolarek> I would expect that `inversion st` will figure out that st = StatePNil
[Wed Nov  1 09:23:34 2017] <jstolarek> but for some reason it does nothing
[Wed Nov  1 09:23:36 2017] <jstolarek> why?
[Wed Nov  1 09:26:26 2017] <benzrf> jstolarek: what exactly is the notation in the goal
[Wed Nov  1 09:26:40 2017] <benzrf> and what does happen when you do inversion?
[Wed Nov  1 09:29:42 2017] <benzrf> jstolarek: ack, i gotta go, sorry - but for what it's worth, a tangential but relevant note is -
[Wed Nov  1 09:30:02 2017] <benzrf> sometimes, people instead of doing:
[Wed Nov  1 09:30:18 2017] <benzrf> Inductive foo : nat -> Prop := bar : foo 0.
[Wed Nov  1 09:30:19 2017] <benzrf> peoiple do
[Wed Nov  1 09:30:32 2017] <benzrf> Inductive foo (n : nat) : Prop := bar : n = 0 -> foo n.
[Wed Nov  1 09:30:44 2017] <benzrf> i am not an expert and i dont know the details of precisely when you would want this instead of that
[Wed Nov  1 09:30:48 2017] <benzrf> but i can tell you one thing:
[Wed Nov  1 09:30:58 2017] <benzrf> defining your type like that allows you to destruct and get out equations
[Wed Nov  1 09:31:18 2017] <benzrf> without worrying about ill-formed destruction due to type mismatches between constructors and input
[Wed Nov  1 09:31:19 2017] <benzrf> ok later
[Wed Nov  1 09:33:45 2017] <jstolarek> benzrf: nothing happens - the goal remains unchanged
[Wed Nov  1 09:34:23 2017] <jstolarek> I annotated the paste with notation
[Wed Nov  1 14:47:58 2017] <dh`> st already is stateP nil, unless I'm reading wrong
[Wed Nov  1 14:48:33 2017] <dh`> oh wait, too many nils.
[Wed Nov  1 14:59:31 2017] <dh`> jstolarek: I think the problem is layers of typing; what happens if you assert (st = StatePNil), because using that to rewrite the goal will discharge it?
[Wed Nov  1 15:01:54 2017] <dh`> wait, no, maybe it'll work. both st and StatePNil have type "stateP nil"...
[Wed Nov  1 15:02:20 2017] <johnw> dh`: you may run into a problem
[Wed Nov  1 15:02:37 2017] <johnw> it will be trivially solvable with "dependent destruction st" to resolve that equality
[Wed Nov  1 15:02:41 2017] <johnw> but doing it axiom free might take work
[Wed Nov  1 15:03:45 2017] <dh`> true, but I was thinking the problem was that the types don't match up
[Wed Nov  1 15:04:25 2017] <dh`> (also this seems like a strange formulation so I wonder if there's a better way to structure it)
[Fri Nov  3 10:47:06 2017] <ertes-w> what was the command again to see the definition of an Infix/Notation?
[Fri Nov  3 11:38:47 2017] <dh`> Locate iirc
[Sat Nov  4 11:10:21 2017] <anonlastname> Hello, I have a question about a simple proof I'm trying to do involving booleans. I am trying to prove (forall a b : bool, andb a b = true -> b = true) where andb is just logical AND. This is obviouslly provable/true and I'm told that it should be done using case analysis. However, when I try to use the destruct tactic on either a or b, one of the subgoals that it generates leads to a contradiction. For example when I destruct b, it 
[Sat Nov  4 11:10:42 2017] <benzrf> anonlastname: you got cut off there
[Sat Nov  4 11:11:22 2017] <anonlastname> sorry, maybe my message was too long for your client because it showed up on mine
[Sat Nov  4 11:11:25 2017] <Cypi> but I'm pretty sure the answer would be to look in your hypotheses for an absurdity
[Sat Nov  4 11:11:59 2017] <benzrf> anonlastname: nah - irc servers dont send messages back to clients, so clients just display exactly what you typed, even if the server chops it off for everyone else
[Sat Nov  4 11:12:11 2017] <Cypi> If at some point you have some hypothesis `H : false = true` in your context, then you can solve the current goal by using `inversion H`.
[Sat Nov  4 11:12:20 2017] <benzrf> good clients generally break up long stuff into multiple messages so the server doesnt cut it - yours might have an option for that
[Sat Nov  4 11:14:17 2017] <anonlastname> Cypi: Ok I will try that
[Sat Nov  4 11:14:20 2017] <anton-trunov> or `discriminate.` which uses disjointness of constructors
[Sat Nov  4 11:16:30 2017] <anton-trunov> anonlastname: I saw your question on Stackoverflow. It looked like an exercise from SF. And it's frowned upon to give answers in public places indexed by search engines.
[Sat Nov  4 11:17:24 2017] <anton-trunov> but feel free to ask here :)
[Sat Nov  4 11:20:38 2017] <anonlastname> ah yes using the inversion tactic worked thank you
[Sat Nov  4 11:20:56 2017] <modulus> iirc destruct H will also eliminate a goal with a contradictory hypothesis.
[Sat Nov  4 11:21:04 2017] <modulus> ora rather a goal with False in it.
[Sat Nov  4 11:22:01 2017] <anton-trunov> anonlastname: you can also `rewrite` using your contradictory hypothesis. E.g. if you have H : false = true and you need to prove false = true, then rewrite H, turning your goal into true = true.
[Sat Nov  4 11:22:38 2017] <Cypi> or you can just do "exact H" in that case, since it has the correct type x)
[Sat Nov  4 11:22:49 2017] <Cypi> lots of possibilities!
[Sat Nov  4 11:22:56 2017] <anton-trunov> +1
[Sat Nov  4 11:23:06 2017] <modulus> how about contradiction?
[Sat Nov  4 11:23:36 2017] <modulus> anyway if one is going through SF it's probably best to use the tactics that already were introduced in the xercises. at least that's how i went about it.
[Sat Nov  4 11:24:14 2017] <anton-trunov> modulus: I don't believe contradiction will work in this case
[Sat Nov  4 11:24:33 2017] <modulus> * tries it
[Sat Nov  4 11:30:38 2017] <anonlastname> anton-trunov: that's probably the way that it was meant to be done
[Sat Nov  4 11:32:01 2017] <modulus> Interesting, I was misremembering some of the mechanics, simpl doesn't go from false = true to false.
[Sat Nov  4 11:32:50 2017] <Cypi> `_ = _` is an inductive type, `false = true` is as simplified as it can be
[Sat Nov  4 11:33:21 2017] <Cypi> not to be mistaken for some computable equality like `eqb : bool -> bool -> bool`
[Sat Nov  4 11:34:22 2017] <modulus> yeah, it's easy to forget that equality works oddly in coq though.
[Sat Nov  4 11:35:17 2017] <Cypi> The usual equality test that you see in more general programming languages is usually denote `_ =? _` in Coq, or something like this
[Sat Nov  4 11:35:20 2017] <Cypi> (when it has a notation)
[Sat Nov  4 11:35:28 2017] <Cypi> and of course it needs to be defined, you don't get it for free
[Sat Nov  4 23:06:44 2017] <dh`> are the exact rules for what is and isn't allowed making recursive calls in a Fix or Function documented somewhere?
[Sun Nov  5 00:04:58 2017] <dh`> pursuant to which I have a repeatable Anomaly...
[Sun Nov  5 12:18:14 2017] <t0by> Evening
[Sun Nov  5 12:20:52 2017] <t0by> I'm sorry, how do I define a datatype in Coq?
[Sun Nov  5 12:21:01 2017] <modulus> Inductive.
[Sun Nov  5 12:21:06 2017] <t0by> I'm trying to Google, but I don't know what to goo-
[Sun Nov  5 12:22:09 2017] <t0by> Ah
[Sun Nov  5 12:22:10 2017] <t0by> fantastic, thanks
[Sun Nov  5 12:22:29 2017] <modulus> yw
[Sun Nov  5 12:35:27 2017] <bor0> I have my Inductive Day : Set and Definition Next (day : Day) : Day. now proving after_monday_simple : ((Next Mon) = Tue) is simple enough. how can I prove the same, in terms of (forall A : Day, A = Mon -> Next A = Tue)?
[Sun Nov  5 12:35:48 2017] <bor0> I'm basically stuck after 2 intros
[Sun Nov  5 12:36:38 2017] <modulus> can you copy your thing on a pastebin?
[Sun Nov  5 12:38:03 2017] <bor0> https://paste.hosting/2YRdgX7n
[Sun Nov  5 12:38:09 2017] <modulus> right, sec
[Sun Nov  5 12:38:14 2017] <Cypi> bor0: you can use rewriting to replace `A` by `Mon` in your goal. For instance with `rewrite H` (assuming you have `H : A = Mon` in your context)
[Sun Nov  5 12:38:31 2017] <modulus> ffs, javascript to use a pastebin?
[Sun Nov  5 12:38:32 2017] <modulus> * sighs
[Sun Nov  5 12:38:44 2017] <bor0> rewrite! that's new to me :) (I'm going through Mike Nahas's tutorial)
[Sun Nov  5 12:39:29 2017] <bor0> ahh neat. rewrite got me one step further
[Sun Nov  5 12:40:22 2017] <bor0> I ended up with: intros A. ; intros A_eq_Mon. ; rewrite A_eq_Mon. ; simpl. ; reflexivity.
[Sun Nov  5 12:41:51 2017] <modulus> intros. rewrite H. reflexivity. Qed.
[Sun Nov  5 12:42:01 2017] <bor0> thanks modulus, Cypi! one new tactic a try
[Sun Nov  5 12:42:13 2017] <bor0> ah, you don't need to simple.?
[Sun Nov  5 12:42:37 2017] <modulus> reflexivity does an implicit simpl beforehand.
[Sun Nov  5 12:43:47 2017] <bor0> neat!
[Sun Nov  5 12:50:34 2017] <johnw> fyi, if you want "reflexivity" without simpl, can you use "constructor"
[Sun Nov  5 12:50:40 2017] <johnw> s/can you use/you can use
[Sun Nov  5 12:50:55 2017] <bor0> how many tactic commands are there like in total? :D
[Sun Nov  5 12:50:59 2017] <johnw> one sec
[Sun Nov  5 12:51:10 2017] <johnw> 191 in Coq 8.5
[Sun Nov  5 12:51:22 2017] <johnw> including variants
[Sun Nov  5 12:51:35 2017] <johnw> in Coq 8.7 there are quite a few more, since ssreflect was included
[Sun Nov  5 12:52:00 2017] <bor0> wow, that's a lot. and I've only got introduced to about 10 or so
[Sun Nov  5 12:52:10 2017] <johnw> you don't need to know all of them, by any means
[Sun Nov  5 12:52:13 2017] <bor0> s/got introduced/got myself introduced/
[Sun Nov  5 12:52:26 2017] <johnw> some are the more basic tactics from which other tactics are built up
[Sun Nov  5 12:52:38 2017] <johnw> think of it like a standard tactic library
[Sun Nov  5 12:52:50 2017] <johnw> they aren't syntactic aspects of Ltac or anything like that
[Sun Nov  5 12:53:11 2017] <Cypi> What do you mean about `constructor` johnw? Afaik, on any goal `x = y` where `reflexivity` would work, `constructor` should work too.
[Sun Nov  5 12:53:39 2017] <modulus> hmm, what does constructor do, apply the constructor of eq?
[Sun Nov  5 12:53:45 2017] <johnw> if so, then maybe "exact eq_refl" is the most basic tactic
[Sun Nov  5 12:53:53 2017] <Cypi> Yes modulus
[Sun Nov  5 12:53:56 2017] <johnw> modulus: it finds a constructor of the type that matches the goal
[Sun Nov  5 12:54:13 2017] <bor0> is constructor an alias of exact eq_refl?
[Sun Nov  5 12:54:16 2017] <modulus> right, i used constructor with user-defined inductive types, but hadn't thought of using it with eq.
[Sun Nov  5 12:54:31 2017] <Cypi> not an alias, `constructor` is more general
[Sun Nov  5 12:54:43 2017] <johnw> that's the beauty of all this: almost everything is just about types and finding inhabitants of types
[Sun Nov  5 12:54:44 2017] <modulus> bor0 - no, it tries the constructors of the types on goal and uses one that matches
[Sun Nov  5 12:55:06 2017] <buttbutter> Hi. I have a hypothesis of the form "exists v : Val, e1 = v". But I can't really figure out how I can "use" it, can you call an "exists" inside of a hypothesis to instantiate it or something?
[Sun Nov  5 12:55:10 2017] <buttbutter> Sorry, I know the question is unclear :C
[Sun Nov  5 12:55:16 2017] <johnw> sorry if I confused things, I was just trying to reveal a hierarchy of possibilities here
[Sun Nov  5 12:55:35 2017] <modulus> destruct it
[Sun Nov  5 12:56:22 2017] <modulus> johnw - i found it informative.
[Sun Nov  5 12:56:26 2017] <buttbutter> modulus: Oh, thank you! :)
[Sun Nov  5 12:56:30 2017] <modulus> yw
[Sun Nov  5 12:57:25 2017] <modulus> much as i try the fact that inductive types like = don't have computational content screws with my head a little still, so wouldn't have thought of using constructor to solve an equality.
[Sun Nov  5 12:58:40 2017] <johnw> modulus: have you use phantom types in Haskell?
[Sun Nov  5 12:59:07 2017] <modulus> not a haskeller
[Sun Nov  5 12:59:12 2017] <johnw> oh
[Sun Nov  5 12:59:30 2017] <johnw> the various inhabitants of eq differ only in their types, not their values
[Sun Nov  5 12:59:39 2017] <johnw> which is why they're all computationally equal, but logically distinct
[Sun Nov  5 12:59:56 2017] <modulus> yeah, as i said, screws with my head ;-)
[Sun Nov  5 13:00:12 2017] <johnw> in Haskell, we use "type-only variance" to good effect in many situations
[Sun Nov  5 13:00:32 2017] <johnw> it's the different between a null in java of object X, and a null of object Y
[Sun Nov  5 13:00:35 2017] <johnw> difference*
[Sun Nov  5 13:01:19 2017] <modulus> hmm
[Sun Nov  5 13:01:24 2017] <modulus> i suppose null is null
[Sun Nov  5 13:01:38 2017] <johnw> at runtime, yes
[Sun Nov  5 13:01:41 2017] <johnw> at compile-time, no
[Sun Nov  5 13:01:45 2017] <modulus> true
[Sun Nov  5 13:02:13 2017] <johnw> and likewise with the witnesses of eq
[Sun Nov  5 13:03:32 2017] <johnw> Coq's sophisticated type checking is making sure you're using everything correctly; but the actual use of those things at runtime is a MUCH simpler domain, since the purpose of all that knowledge is not needed then.  It's like, once you know that you're driving on the right road, all you need to think about is staying between the lines.
[Sun Nov  5 13:04:18 2017] <johnw> as opposed to untyped languages that do lots of sanity checking at runtime
[Sun Nov  5 13:04:37 2017] <modulus> yeah, i guess it reduces the scope of unexpected things happening a lot.
[Sun Nov  5 13:04:43 2017] <modulus> ideally entirely.
[Sun Nov  5 13:05:01 2017] <johnw> it makes sure the executable you've compiled is a correct one; all the scaffolding of logic used to make that determination is therefore only relevant at compile-time
[Sun Nov  5 13:05:16 2017] <johnw> (or rather, the "extracted code", since Coq dosen't make executables)
[Sun Nov  5 13:05:45 2017] <johnw> hence, there is real value to compile-time only distinctions; they are more efficient at runtime
[Sun Nov  5 13:06:12 2017] <johnw> in a language like Coq, the majority of the work is at compile-time in fact!
[Sun Nov  5 13:06:46 2017] <modulus> I should take up Software Foundations again where I left it, but finding it harder to make room for fun learning now I hav ework.
[Sun Nov  5 15:36:37 2017] <buttbutter> I want to apply a theorem to a hypothesis, but I also want to keep that hypothesis.
[Sun Nov  5 15:36:39 2017] <buttbutter> How can I do that?
[Sun Nov  5 15:41:33 2017] <buttbutter> "pose proof" did it :)
[Sun Nov  5 15:46:02 2017] <dh`> my incantation for that is "remember H as H0; clear HeqH0; apply foo in H0"
[Sun Nov  5 15:46:29 2017] <dh`> this is the form I can apparently remember, regardless of it being a bit weird
[Sun Nov  5 15:53:24 2017] <johnw> yeah, the clear is unnecessary if you use pose proof
[Sun Nov  5 16:28:03 2017] <dh`> right, I can just never remember that
[Sun Nov  5 17:06:03 2017] <bor0> I'm trying to prove forall x : nat, x > 5 \/ x = 5 -> x > 4. I'm stuck on the first case (x > 5 -> x > 4). I guess I need to use `exact gt_trans` or something?
[Sun Nov  5 17:11:20 2017] <modulus> Goal forall x : nat, x > 5 \/ x = 5 -> x > 4.
[Sun Nov  5 17:11:23 2017] <modulus> oops
[Sun Nov  5 17:12:57 2017] <bor0> I guess I need to know how to end proving "5 > 4" :D
[Sun Nov  5 17:17:31 2017] <modulus> I suck at proofs with inequalities.
[Sun Nov  5 17:18:16 2017] <bor0> but really, how does one even something as simple as `Goal (5 > 4).`
[Sun Nov  5 17:19:25 2017] <modulus> I used to know this :-)
[Sun Nov  5 17:19:30 2017] <bor0> auto works *shrug*
[Sun Nov  5 17:19:40 2017] <rrika> you can use "constructor"
[Sun Nov  5 17:19:46 2017] <rrika> for (4<5)
[Sun Nov  5 17:20:04 2017] <modulus> ah, you need to apply le_n.
[Sun Nov  5 17:20:05 2017] <rrika> and PeanoNat.Nat.lt_succ_l for (x > 5 -> x > 4)
[Sun Nov  5 17:20:45 2017] <modulus> at least auto solves it with le_n
[Sun Nov  5 17:21:00 2017] <bor0> how do you see that modulus?
[Sun Nov  5 17:21:07 2017] <modulus> before Qed, do Show Proof.
[Sun Nov  5 17:21:14 2017] <bor0> ahh, neat!
[Sun Nov  5 17:24:01 2017] <bor0> rrika, I can't find PeanoNat.Nat.lt_succ_l :(
[Sun Nov  5 17:24:15 2017] <bor0> are you sure it's there? I'm using latest Coq(IDE)
[Sun Nov  5 17:24:38 2017] <rrika> I'm using coq version 8.7
[Sun Nov  5 17:24:45 2017] <rrika> bor0, try "Require Import PeanoNat."
[Sun Nov  5 17:25:26 2017] <bor0> I did, it says it's "The reference lt_succ_l was not found in the current environment"
[Sun Nov  5 17:26:51 2017] <bor0> ok, if I use Nat.lt_succ_l instead now it says the types can't match: The term "Nat.lt_succ_l" has type "forall n m : nat, S n < m -> n < m" while it is expected to have type "5 > 4".
[Sun Nov  5 17:29:03 2017] <rrika> bor0, coq's ">" (gt) is defined in terms of "<" (lt) so you can convert it using "unfold gt"
[Sun Nov  5 17:31:59 2017] <bor0> neat, rrika!
[Sun Nov  5 17:35:55 2017] <modulus> what's that tactic to remove S from both sides of an equality?
[Sun Nov  5 17:36:40 2017] <modulus> like s(n) = S(n+ m) and then you get m = n`m
[Sun Nov  5 17:36:59 2017] <modulus> only without the mispellings :-)
[Sun Nov  5 17:37:33 2017] <bor0> this error tells me I'm so close, but it can't match x and m? The term "Nat.lt_succ_l 4" has type "forall m : nat, 5 < m -> 4 < m" while it is expected to have type "5 < x -> 4 < x" (cannot unify  "5 < x" and "nat").
[Sun Nov  5 17:47:13 2017] <rrika> modulus, f_equal
[Sun Nov  5 17:48:00 2017] <johnw> f_equal applies the obvious principle that if x = y -> f x = f y
[Sun Nov  5 17:48:30 2017] <johnw> equal_f, the opposite, depends on an axiom
[Sun Nov  5 17:49:35 2017] <modulus> functional extensionality?
[Sun Nov  5 17:49:39 2017] <johnw> exactly
[Sun Nov  5 19:23:18 2017] <benzrf> no, wrong opposite
[Sun Nov  5 19:23:29 2017] <benzrf> the converse is injectivity
[Sun Nov  5 19:23:52 2017] <benzrf> function extensionality is when you swap the places you're talking about functions and arguments
[Sun Nov  5 19:23:55 2017] <benzrf> but that's not what modulus asked about
[Sun Nov  5 19:24:08 2017] <benzrf> modulus: you want injectivity, i think
[Sun Nov  5 19:24:32 2017] <benzrf> oh wait thats not what the tactic is called hmmm
[Sun Nov  5 19:24:42 2017] <johnw> ah, right, equal_f is f = g -> forall x, f x = g x
[Sun Nov  5 19:24:49 2017] <johnw> thanks for the correction, benzrf
[Sun Nov  5 19:25:01 2017] <johnw> injection?
[Sun Nov  5 19:25:04 2017] <benzrf> ah yeah
[Sun Nov  5 19:25:12 2017] <benzrf> but thats for hypotheses and not goals, woops
[Sun Nov  5 19:25:19 2017] <benzrf> oh wait no
[Sun Nov  5 19:25:24 2017] <benzrf> f_equal was right in the first place
[Sun Nov  5 19:25:25 2017] <johnw> yeah, we all totally know what we're doing
[Sun Nov  5 19:25:32 2017] <benzrf> because we're talking about the /goal/, not a /hypothesis/
[Sun Nov  5 19:25:39 2017] <benzrf> so we go from the conclusion to the hypothesis
[Sun Nov  5 19:25:49 2017] <benzrf> so just [apply f_equal] is correct here
[Sun Nov  5 19:25:52 2017] <johnw> I was thinking of functional_extensionality when I said equal_f up above
[Sun Nov  5 19:26:04 2017] <johnw> which is indeed f x = f y -> x = y
[Sun Nov  5 19:26:21 2017] <benzrf> no, that's injectivity of f :P
[Sun Nov  5 19:26:33 2017] <benzrf> modulus: [apply f_equal]
[Sun Nov  5 19:26:51 2017] <Cypi> Functional extensionality is "(forall x, f x = g x) -> f = g"
[Sun Nov  5 19:27:15 2017] <johnw> um, yeah, I meant that...
[Sun Nov  5 19:27:18 2017] <benzrf> lmao
[Sun Nov  5 19:27:26 2017] <johnw> not batting 100 today
[Sun Nov  5 19:27:41 2017] <Cypi> I guess in some sense, it is the injectivity of "fun {A B : Type} (x : A) (f : A -> B) => f x", so yeah x)
[Sun Nov  5 19:27:55 2017] <johnw> this is what I get for not waiting until Qed tells me it's OK to say something in #coq
[Sun Nov  5 19:27:56 2017] <Cypi> hmm. No, nevermind.
[Sun Nov  5 19:28:23 2017] <johnw> which is actually why I love Coq so much; it's like having an genuine expert sitting behind you, to tell you when something is definitively correct
[Sun Nov  5 19:42:26 2017] <buttbutter> Okay, I have H1: Y >* Z and H2: X >* Y.   >* is transitive and I have a theorem that says X >* Y -> Y * Z -> X >* Z. How can I apply that theorem to H1 and H2 to get H3: X >* Z?
[Sun Nov  5 19:43:03 2017] <Cypi> If your theorem is called `thing_trans`, then you can do something like `pose proof (thing_trans H2 H1)`
[Sun Nov  5 19:43:23 2017] <Cypi> you might have to write something like `pose proof (thing_trans _ _ _ H2 H1)` if the arguments X, Y and Z are not implicit arguments
[Sun Nov  5 19:43:37 2017] <Cypi> (the underscore is just telling Coq to try to infer this term)
[Sun Nov  5 19:44:14 2017] <Cypi> (equivalently you could fill them yourself: `pose proof (thing_trans X Y Z H2 H1)` )
[Sun Nov  5 19:44:51 2017] <buttbutter> Okay, great. Thank you :)
[Sun Nov  5 22:16:38 2017] <johnw> if he makes his type an instance of Transitivity by that relation, then he can directly rewrite H1 in H2.
[Sun Nov  5 22:17:07 2017] <johnw> rather, the relation an instance
[Mon Nov  6 05:13:07 2017] <fvg> in Ltac, how can I check whether the goal contains a "match with" expression? I'm trying Ltac tactic := match goal with [ |- context[match someexpr(?X) with _ end] ] => ...
[Mon Nov  6 05:23:00 2017] <fvg> found it https://stackoverflow.com/questions/28454977/how-to-match-a-match-expression
[Mon Nov  6 07:45:09 2017] <Steverman> Excuse my simple question, but how should I interpret this? "Inductive prod (X Y : Type) : Type := | pair : X -> Y -> prod X Y.". Should I just say "pair" takes 2 arguments, X and Y?
[Mon Nov  6 07:45:31 2017] <Steverman> and returns a product of X and Y
[Mon Nov  6 07:56:58 2017] <lyxia> Colloquially, "product" refers to a type (or set), whose inhabitants (or elements) are "pairs".
[Mon Nov  6 07:57:56 2017] <lyxia> pair takes 2 arguments of types X and Y, to construct an inhabitant of prod X Y.
[Mon Nov  6 08:24:28 2017] <Steverman> I see
[Mon Nov  6 10:28:25 2017] <Steverman> How about "partition : forall X : Type, (X -> bool) -> list X -> list X * list X"?
[Mon Nov  6 10:28:57 2017] <Steverman> I think I got it
[Mon Nov  6 10:30:18 2017] <Steverman> Set X and a function of type X -> boolean should return  a pair of lists
[Mon Nov  6 13:05:11 2017] <johnw> has anyone here tried the Coq-Equations plugin?
[Mon Nov  6 13:05:46 2017] <johnw> I'm running into a "Unbound module Sigma" from ocaml
[Mon Nov  6 16:34:33 2017] <bor0> can anyone help me finish my factorial greater than 0 proof? https://paste.hosting/mBje3DRx. my third day using Coq :D trying to tackle some induction
[Mon Nov  6 16:35:26 2017] <artart78> bor0: 'case' is not an induction, and you need an induction here ('induction n')
[Mon Nov  6 16:35:43 2017] <bor0> I was thinking I can handle the base case that way
[Mon Nov  6 16:35:48 2017] <bor0> and the inductive step, separately
[Mon Nov  6 16:36:20 2017] <bor0> is there a way not to use the induction tactics, and do it with few simple commands? I want to get a grasp of it before using magical commands :D
[Mon Nov  6 16:36:33 2017] <artart78> wut
[Mon Nov  6 16:36:43 2017] <artart78> you should learn what's induction first probably lol
[Mon Nov  6 16:36:52 2017] <bor0> I don't know, it just feels like using "auto"
[Mon Nov  6 16:37:07 2017] <bor0> no, I know induction well. I just am new with the tactic commands
[Mon Nov  6 16:37:21 2017] <artart78> 'induction' just does a proof by induction
[Mon Nov  6 16:37:32 2017] <artart78> there's no magic, except the magics of the type theory behind it if you want
[Mon Nov  6 16:37:57 2017] <bor0> so the only way to prove induction is through the induction tactic?
[Mon Nov  6 16:38:42 2017] <artart78> yeah, induction is a basic principle in Coq
[Mon Nov  6 16:38:59 2017] <bor0> ok, that makes sense in that case then :)
[Mon Nov  6 16:39:03 2017] <artart78> on paper you'd prove the induction principle by saying "take the smallest integer for which the property is false.."
[Mon Nov  6 16:40:07 2017] <artart78> which is way more technical in Coq, and will (probably?) rely on some inductions "in the hood" anyway
[Mon Nov  6 16:40:12 2017] <bor0> ahh, induction gives me 2 cases to prove (it's not doing it all by itself)
[Mon Nov  6 16:40:29 2017] <bor0> which looks pretty similar to what I had with case before, hm :|
[Mon Nov  6 16:40:41 2017] <artart78> well you have the induction hypothesis now :P
[Mon Nov  6 16:40:43 2017] <artart78> that's supposed to help
[Mon Nov  6 16:42:11 2017] <bor0> ahh, I see. neat!
[Mon Nov  6 16:42:36 2017] <bor0> yes, IHn magically appeared there :D
[Mon Nov  6 16:42:45 2017] <bor0> thank you.
[Tue Nov  7 05:27:37 2017] <bor0> hi. I'm stuck on the inductive step of my (still first, from yesterday) induction proof attempt: https://paste.hosting/KXW3OvWk
[Tue Nov  7 05:27:53 2017] <bor0> ignore L27 and L28, just something I've been trying
[Tue Nov  7 06:43:19 2017] <modulus> can't prove that one either, but i suck with inequalities.
[Tue Nov  7 09:49:52 2017] <cic> a confused question: are evars (or whatever they are called) part of the kernel in any sense? they appear in the gallina ast iirc? so they are part of gallina's semantics, i.e. not just something part of the tactic language (ltac)?
[Tue Nov  7 09:50:52 2017] <Cypi> They appear in the AST, but the kernel doesn't know what to do with them.
[Tue Nov  7 09:52:13 2017] <cic> what do you mean by "doesn't know what to do with them"? you can't compare them or something like that? cannot compute with them? iirc you can do some computations at least, at least with some backends (not e.g. vm_compute in some cases iirc)
[Tue Nov  7 09:55:22 2017] <Cypi> By that I mean that the kernel doesn't know how to type an evar
[Tue Nov  7 09:55:52 2017] <Cypi> it won't try to reduce an evar, too. For the kernel, an evar is just some black box and won't do anything with it.
[Tue Nov  7 09:56:10 2017] <Cypi> The only thing it knows is that an evar is convertible to itself and that's it.
[Tue Nov  7 09:59:05 2017] <cic> but i think things like this will work for some backends: (\x y. y) ?evar --> y, where --> is "reduces to". so you can compute with them in that sense... not a very interesting sense maybe, but more than nothing :p
[Tue Nov  7 09:59:28 2017] <cic> but i might be confused here, this is just something i vaguely remember
[Tue Nov  7 09:59:52 2017] <Cypi> Yes, it's possible, since in this case you don't need to know anything about the evar.
[Tue Nov  7 09:59:56 2017] <cic> whereas compute backends such as vm_compute will just complain that it doens't know what to do when the expression contains an evar
[Tue Nov  7 10:00:01 2017] <Cypi> (If you ask the kernel to type the first term, it will fail though)
[Tue Nov  7 10:00:51 2017] <cic> interesting, i didn't know that evars are "untypeable", that they don't have a type
[Tue Nov  7 10:01:14 2017] <Cypi> To summarize, evars are in the AST (that is, there is some constructor `Evar : int -> constr`), but evar_maps are not in the kernel, and evar_maps are what contain all the information about an evar
[Tue Nov  7 10:01:28 2017] <Cypi> They are typeable outside the kernel
[Tue Nov  7 10:02:48 2017] <cic> oh, i've only spent maybe 15 minutes looking at kernel code, so i don't know much about it :p
[Tue Nov  7 10:02:58 2017] <cic> maybe i should take another look at some point :p
[Tue Nov  7 10:03:37 2017] <Cypi> evar_maps are defined in /engine/evd.mli (so, outside the kernel)
[Tue Nov  7 10:04:30 2017] <cic> so evars are inside the kernel in the sense that the kernel must (at least) maintain the invariant that evars are black boxes
[Tue Nov  7 10:04:49 2017] <cic> (whatever that means, but it's more than nothing at least)
[Tue Nov  7 10:05:37 2017] <Cypi> It's not much work though, since evars only give an integer which is supposed to be a key to an evar_map, and that the kernel can't access any evar_map
[Tue Nov  7 10:06:01 2017] <Cypi> https://github.com/coq/coq/blob/master/kernel/typeops.ml#L414 >> this is the main typing function in the kernel, it will just fail on evars, for instance
[Tue Nov  7 10:06:54 2017] <cic> heh, comments in french, why did i expect something else ^_^
[Tue Nov  7 10:07:05 2017] <Cypi> Yeah, some of them still remain...
[Tue Nov  7 12:06:15 2017] <duri`> I have a hypothesis of the form P && Q. How can I get two hypotheses stating P and Q, respectively?
[Tue Nov  7 12:08:35 2017] <duri`> Umm, I probably asked a silly question, the hypothesis actually is P && Q = true, which is equal to (P && Q) = true, not P && (Q = true). Never mind.
[Tue Nov  7 12:12:17 2017] <duri`> And splitting H: P /\ Q can be done with destruct H. Great, solved.
[Tue Nov  7 12:31:15 2017] <johnw> there's a lemma in the stdlib for turning P && Q = true into P = true /\ Q = true
[Tue Nov  7 12:31:38 2017] <duri`> yes, already found it :)
[Tue Nov  7 14:04:58 2017] <schoppenhauer> is the ynot-library still maintained?
[Tue Nov  7 14:05:39 2017] <schoppenhauer> http://ynot.cs.harvard.edu/ doesn't look like it
[Sun Nov 19 11:13:04 2017] <pmetzger> I don't understand your question.
[Sun Nov 19 11:13:26 2017] <anonlastname> well the inductive data type i'm using is this:
[Sun Nov 19 11:13:32 2017] <pmetzger> Partial application means that you apply a function to a subset of the arguments, yielding a function that may be applied to the remaining arguments
[Sun Nov 19 11:13:37 2017] <anonlastname> Inductive Integer : Set :=
[Sun Nov 19 11:13:40 2017] <anonlastname>   | z : Integer          (**  Zero  *)
[Sun Nov 19 11:13:43 2017] <anonlastname>   | z : Integer          (**  Zero  *)
[Sun Nov 19 11:13:48 2017] <anonlastname>   | n : nat -> Integer.  (** -(x+1) *)
[Sun Nov 19 11:13:52 2017] <anonlastname>   | p : nat -> Integer   (**  x+1   *)
[Sun Nov 19 11:14:02 2017] <anonlastname> (with only one 'z' of course)
[Sun Nov 19 11:14:33 2017] <anonlastname> and if I wanted to write a definition for the sign on an integer, I can't figure out how to avoid defining it for the 'z' element
[Sun Nov 19 11:14:41 2017] <pmetzger> z, n and p are not functions you know, they're constructors.
[Sun Nov 19 11:15:07 2017] <pmetzger> and all functions in Coq are total, so if you define a function over Integer, it must be defined for _all_ possible values, and z is one.
[Sun Nov 19 11:15:45 2017] <pmetzger> In most languages, functions need not be total. In Coq, all functions must be total, and the system must be able to prove to itself that they're total.
[Sun Nov 19 11:16:01 2017] <pmetzger> If you don't know the term, a total function is one defined on all possible values of the type.
[Sun Nov 19 11:16:37 2017] <anonlastname> what do you mean by  'term'?
[Sun Nov 19 11:17:01 2017] <pmetzger> Are you a native english speaker?
[Sun Nov 19 11:17:06 2017] <anonlastname> Yes
[Sun Nov 19 11:18:04 2017] <pmetzger> Google says, accurately: "term: a word or phrase used to describe a thing or to express a concept, especially in a particular kind of language or branch of study."
[Sun Nov 19 11:19:02 2017] <pmetzger> "total function" is a phrase used to describe an idea in mathematics and computer science, i.e. a term. Not to be confused with the term "term" when discussing grammars and the like.
[Sun Nov 19 11:19:22 2017] <anonlastname> Perhaps a better way to state this question: Is there a way to write a function that only takes arguments of 'nat -> Integer' and then has a match structure that would return either p or n?
[Sun Nov 19 11:19:55 2017] <anonlastname> It seems that coq sees 'nat -> integer' as one of the types of the arguments and then it treats it like an integer since it returns an integer
[Sun Nov 19 11:20:46 2017] <pmetzger> "nat -> Integer" is not the type of an argument to n or p. the type of n and p is nat ->Integer.
[Sun Nov 19 11:21:12 2017] <pmetzger> they are constructors that take a "nat" and return an "Integer". You have defined that so with that inductive type definition.
[Sun Nov 19 11:21:54 2017] <pmetzger> There are three type constructors for your definition, "z", "n", and "p". These are the three ways to construct a thing of type Integer, and the only three ways. The first is a nullary constructor, the other two are unary.
[Sun Nov 19 11:22:17 2017] <anonlastname> I see
[Sun Nov 19 11:24:59 2017] <pmetzger> You're clearly starting out with this. Are you studying Coq on your own or in a class?
[Sun Nov 19 11:25:56 2017] <anonlastname> I'm just learning on my own- it's an interesting language
[Sun Nov 19 11:26:43 2017] <pmetzger> Do you have prior experience with a language like Standard ML, OCaml or Haskell?
[Sun Nov 19 11:27:19 2017] <anonlastname> Yes I have done some haskell but I'm not very good at it either
[Sun Nov 19 11:27:56 2017] <pmetzger> The syntax is somewhat different from Haskell but the idea of the algebraic data types you define is pretty similar.
[Sun Nov 19 11:28:04 2017] <pmetzger> Are you using Software Foundations as a teaching text?
[Sun Nov 19 11:30:00 2017] <anonlastname> No, but I did an excercise  that I beilieve come from that book
[Sun Nov 19 11:30:25 2017] <pmetzger> I suggest going through the book from the start. It is the recommended way these days to learn Coq.
[Sun Nov 19 11:30:49 2017] <pmetzger> The normal documentation is not easy to follow, especially if you aren't already experienced with ML family languages with advanced type systems.
[Sun Nov 19 11:31:26 2017] <pmetzger> https://softwarefoundations.cis.upenn.edu/current/index.html
[Sun Nov 19 11:31:42 2017] <pmetzger> Start with Logical Foundations and work your way carefully forward.
[Sun Nov 19 11:32:50 2017] <anonlastname> i'll give that a try
[Sun Nov 19 11:33:09 2017] <pmetzger> Do you have a strong background in math or logic?
[Sun Nov 19 11:34:06 2017] <pmetzger> If not, I suggest being quite patient. The topic is not easy going even for graduate students in computer science.
[Sun Nov 19 11:47:17 2017] <JamesGrayling> I have no idea how to prove this theorem from Software Foundations.Theorem andb_true_elim2 : forall b c : bool,
[Sun Nov 19 11:47:18 2017] <JamesGrayling>   andb b c = true -> c = true.
[Sun Nov 19 11:47:51 2017] <JamesGrayling> Can someone give me a hint please?
[Sun Nov 19 11:49:55 2017] <lyxia> JamesGrayling: prove it by case analysis on b and c
[Sun Nov 19 12:02:28 2017] <pmetzger> JamesGrayling: lyxia has it,
[Sun Nov 19 12:02:33 2017] <pmetzger> that's the right approach.
[Sun Nov 19 12:07:31 2017] <dh`> cocreature: re Functional Scheme for fold_left, neat, thanks -- didn't know you could do that.
[Sun Nov 19 12:07:34 2017] <dh`> that's a ways back now...
[Sun Nov 19 12:17:04 2017] <JamesGrayling> What do I do in the cases where the condition is not met?
[Sun Nov 19 12:17:50 2017] <pmetzger> JamesGrayling: explain? You might want to use pastebin if there's more lines than you can comfortably copy here.
[Sun Nov 19 12:18:27 2017] <JamesGrayling> when b = true, c = false. H = true && false = true.
[Sun Nov 19 12:18:51 2017] <JamesGrayling> after `simpl.`, H : false = true.
[Sun Nov 19 12:19:31 2017] <pmetzger> so false = true is contradictory and you can dispose of that case easily because the hypothesis is false.
[Sun Nov 19 12:19:45 2017] <JamesGrayling> How do I dispose of the case?
[Sun Nov 19 12:20:04 2017] <JamesGrayling> I don't think it's been covered in the book
[Sun Nov 19 12:21:03 2017] <pmetzger> It has, I suspect.
[Sun Nov 19 12:21:13 2017] <duri`> you can use inversion H., but it hasn't been covered yet if you're going through Basics.v.
[Sun Nov 19 12:21:17 2017] <pmetzger> but there are several tactics that will get rid of an absurd goal.
[Sun Nov 19 12:32:31 2017] <dh`> "discriminate" is probably the most usual way to kill off false = true
[Sun Nov 19 12:34:10 2017] <lyxia> JamesGrayling: you can also use the absurd H equality to rewrite
[Sun Nov 19 12:41:48 2017] <JamesGrayling> Oh yeah, rewrite works. I thought it wasn't working because I needed to repeat it 3 times.
[Sun Nov 19 12:42:43 2017] <JamesGrayling> Thanks!
[Sun Nov 19 12:46:45 2017] <dh`> oh btw, hi perry
[Sun Nov 19 12:49:11 2017] <pmetzger> Hello!
[Sun Nov 19 12:49:34 2017] <pmetzger> dh`: I didn't know you were a Coqer.
[Sun Nov 19 12:52:39 2017] <dh`> all things in their time :-)
[Sun Nov 19 15:42:09 2017] <lyxia> It looks like CompCert/VST makes integer overflow wraparound; isn't that actually undefined behavior?
[Sun Nov 19 15:46:50 2017] <cocreature> lyxia: it’s undefined behavior for signed integers, for unsigned integers wrap-around is required.
[Sun Nov 19 15:48:14 2017] <lyxia> VST makes both wraparound
[Sun Nov 19 15:49:02 2017] <pmetzger> signed overflow is undefined in C, period.
[Sun Nov 19 15:49:40 2017] <lyxia> https://github.com/PrincetonUniversity/VST/blob/master/doc/VC.pdf p16 "The C language specification says a C compiler *may* treat signed integer overflow by wrapping around mod 2^n".
[Sun Nov 19 15:49:56 2017] <pmetzger> No.
[Sun Nov 19 15:50:07 2017] <pmetzger> Read the C standard itself.
[Sun Nov 19 15:50:15 2017] <lyxia> Sure
[Sun Nov 19 15:50:16 2017] <Cypi> It does say this, since it says the compiler may do anything.
[Sun Nov 19 15:50:22 2017] <lyxia> I'm asking about the discrepancy.
[Sun Nov 19 15:50:55 2017] <pmetzger> The compiler MAY choose to generate code to remove all the files on your file system, too. Undefined behavior means literally anything is okay.
[Sun Nov 19 15:51:39 2017] <pmetzger> Most C compilers presume that undefined behavior cannot happen, that is, if there's a possibility of an undefined behavior occurring, they can blithely presume it will never be triggered and pay attention only to what happens in other cases.
[Sun Nov 19 15:52:16 2017] <pmetzger> It is absolutely not acceptable to count on any particular behavior for signed overflow in C programs, full stop. Doing so is a way of producing code that isn't merely non-portable but actively dangerous.
[Sun Nov 19 15:52:35 2017] <lyxia> pmetzger: well, tell that to the VST/Compcert developers
[Sun Nov 19 15:52:38 2017] <pmetzger> And yes, this stuff is part of my doctoral dissertation so I know far too much about it.
[Sun Nov 19 15:53:07 2017] <pmetzger> lyxia: I have met Andrew Appel, but I don't really know him, and I don't work on VST. :)
[Sun Nov 19 15:54:05 2017] <pmetzger> But my opinion is that any such claim is wrong. If you think you're going to wrap, that's poison. No verified C program should ever try to wrap a signed.
[Sun Nov 19 15:56:40 2017] <lyxia> So if I verify code with VST, and forget whether I rely on overflow at some point, I can only expect CompCert to respect the resulting specification?
[Sun Nov 19 15:57:01 2017] <pmetzger> I hope compcert's semantics don't specify wrapping on signed ints.
[Sun Nov 19 15:57:05 2017] <lyxia> pmetzger: If you don't mind, what was your dissertation topic?
[Sun Nov 19 15:57:51 2017] <pmetzger> Not was, is. I'm defending in a few months. Methods of remediating undefined behavior in C code is the general area. You don't want more detail, it won't fit in a couple of lines.
[Sun Nov 19 15:58:40 2017] <lyxia> Okay, thanks :)
[Sun Nov 19 16:01:54 2017] <pmetzger> Anyway, if you get a copy of the ISO C standard (which is online even though it's not supposed to be), there's an appendix listing all 200 or so undefined behaviors in the language.
[Sun Nov 19 16:02:23 2017] <lyxia> pmetzger: Yes I am looking at one, in fact addition is the first example of undefined behavior.
[Sun Nov 19 16:08:31 2017] <Chobbes> pmetzger: http://compcert.inria.fr/man/manual004.html
[Sun Nov 19 16:08:58 2017] <Chobbes> CompCert seems to just define a behaviour for signed integer overflow (section 4.4.2)
[Sun Nov 19 16:10:05 2017] <Chobbes> Which is probably fine, because it's reasonable for CompCert to have more rigorously defined behaviour, especially since the C code could "do anything"
[Sun Nov 19 16:10:16 2017] <lyxia> Chobbes: Thanks
[Sun Nov 19 16:11:27 2017] <pmetzger> There's nothing wrong with CompCert deciding to define it. There's something wrong with VST deciding to define it, because code proven with VST can be compiled with other compilers.
[Sun Nov 19 16:11:28 2017] <Chobbes> But could lead to inconsistencies when using different compilers, which *shrug*. Probably one of the least causes of concern. I'm sure most compilers just treat it the same way.
[Sun Nov 19 16:11:38 2017] <pmetzger> No, THEY DO NOT.
[Sun Nov 19 16:11:55 2017] <pmetzger> C compilers frequently do horrible things when you try to do signed arithmetic that overflows.
[Sun Nov 19 16:12:01 2017] <pmetzger> HORRIBLE things.
[Sun Nov 19 16:12:18 2017] <pmetzger> Let me find the canonical example from my diss proposal, one second.
[Sun Nov 19 16:12:20 2017] <Chobbes> pmetzger: I guess optimization passes will probably look at it and decide "MEH! ALL 0"
[Sun Nov 19 16:12:29 2017] <pmetzger> oh, far, far worse.
[Sun Nov 19 16:12:37 2017] <Chobbes> Awesome:P
[Sun Nov 19 16:13:08 2017] <Chobbes> pmetzger: I think VST is only suppose to be "really" verified when using CompCert, though.
[Sun Nov 19 16:13:21 2017] <Chobbes> Using other compilers is regarded as "meh, it probably works?"
[Sun Nov 19 16:13:22 2017] <pmetzger> yah, but you still want the code to work on any compiler.
[Sun Nov 19 16:13:44 2017] <lyxia> Yes undefined behavior for overflow is crucial for optimizations
[Sun Nov 19 16:13:47 2017] <Chobbes> pmetzger: a warning would probably be good.
[Sun Nov 19 16:14:06 2017] <lyxia> If you know that x and y are positive, this allows compilers to assume that x+y is also positive.
[Sun Nov 19 16:14:09 2017] <pmetzger> not a warning. that should be undefined in the semantics to match the C standard.
[Sun Nov 19 16:14:20 2017] <pmetzger> lyxia: precisely. And they *do* assume that.
[Sun Nov 19 16:15:03 2017] <pmetzger> hell, I'm having trouble finding my diss proposal.
[Sun Nov 19 16:16:07 2017] <pmetzger> found it
[Sun Nov 19 16:17:20 2017] <pmetzger> okay, look at this, and WITHOUT compiling it or looking it up, tell me what it does if you do gcc -O3 to it: https://gist.github.com/pmetzger/d7429b4909eca180e01cd6a9368f4af7
[Sun Nov 19 16:17:55 2017] <pmetzger> feel free to then compile it -O3 with llvm or gcc and see if you guessed right.
[Sun Nov 19 16:19:39 2017] <pmetzger> Now, CompCert is free to define such things, but if one is formally verifying C code, that behavior had better _not_ be defined by the semantics you are using for the C code you're defining. Indeed, it had better be an error to ever hit a state where you wrap a signed.
[Sun Nov 19 16:19:44 2017] <pmetzger> Wrapping unsigned is totally fine.
[Sun Nov 19 16:20:17 2017] <Chobbes> pmetzger: I assume VST just uses the CompCert semantics for everything.
[Sun Nov 19 16:21:14 2017] <pmetzger> That's bad if the CompCert semantics are not what the spec says, because it means people will verify code, assume that the only difference between gcc and CompCert is that the latter is verified, and end up with something totally broken.
[Sun Nov 19 16:21:54 2017] <pmetzger> Indeed, given the number of bad security holes caused by undefined behavior (like the famous Google NaCl bug caused by a shift by greater than wordlength leading to a test being removed by the compiler) I'd say that's very very bad.
[Sun Nov 19 16:22:12 2017] <Chobbes> pmetzger: oh totally :). I would be curious how common this is. I haven't used VST, but I'm planning on giving it a try soon. Maybe I'll try to see your example :P.
[Sun Nov 19 16:22:14 2017] <pmetzger> You want your formal semantics to accurately reflect the language spec, not one particular compiler that goes beyond the spec.
[Sun Nov 19 16:22:19 2017] <pmetzger> It's very very very common.
[Sun Nov 19 16:22:26 2017] <Chobbes> I bet it breaks all the same.
[Sun Nov 19 16:23:04 2017] <pmetzger> I can name a couple dozen bad security bugs caused by undefined behavior. If CompCert defines such behavior, that's fine for _compcert_ but not fine for _VST_.
[Sun Nov 19 16:23:37 2017] <Chobbes> It's fine for VST when used with CompCert, though. Which is the only "guaranteed path" anyway?
[Sun Nov 19 16:23:39 2017] <pmetzger> Now as it happens, Mozilla just advertised that some of the crypto code in FireFox is formally verified, and I know that was VST, and I also know they're compiling with the system compiler.
[Sun Nov 19 16:23:44 2017] <pmetzger> Can you say _terrible_?
[Sun Nov 19 16:23:56 2017] <Chobbes> pmetzger: okay, fair point.
[Sun Nov 19 16:24:09 2017] <Chobbes> That's actually a little concerning :|.
[Sun Nov 19 16:24:24 2017] <pmetzger> More than a little as wrapping behavior shows up in crypto code a lot.
[Sun Nov 19 16:24:31 2017] <Chobbes> pmetzger: are there tools that print out all the undefined behaviour in a C / C++ program?
[Sun Nov 19 16:24:51 2017] <Chobbes> Could be interesting to see (quickly) if anything would be invalid under VST.
[Sun Nov 19 16:25:12 2017] <pmetzger> There's an interpreter out there that sticks whenever it hits undefined behavior (and that's a pretty good one), and there's also the various "die if undefined" flags to gcc, llvm, etc.
[Sun Nov 19 16:25:17 2017] <Chobbes> pmetzger: I thought the crypto in FireFox was something under F*, though?
[Sun Nov 19 16:25:46 2017] <pmetzger> That could be the case, I may be mistaken about it being VST, but it's C code, not Rust or what have you.
[Sun Nov 19 16:25:52 2017] <pmetzger> I assumed it was done with VST.
[Sun Nov 19 16:26:10 2017] <pmetzger> the TIS interpreter: https://trust-in-soft.com/tis-interpreter/
[Sun Nov 19 16:26:40 2017] <pmetzger> but remember, the TIS interpreter isn't formally verified.
[Sun Nov 19 16:26:44 2017] <Chobbes> https://github.com/mitls/hacl-star
[Sun Nov 19 16:26:48 2017] <Chobbes> ^ uses this thing.
[Sun Nov 19 16:27:14 2017] <pmetzger> I didn't think that was what was in firefox
[Sun Nov 19 16:27:17 2017] <pmetzger> let me check.
[Sun Nov 19 16:27:42 2017] <pmetzger> no, you're right and I'm totally wrong.
[Sun Nov 19 16:27:54 2017] <pmetzger> It's HACL*
[Sun Nov 19 16:27:55 2017] <Chobbes> pmetzger: of course, it goes through CompCerts Clight anyway :).
[Sun Nov 19 16:28:14 2017] <Chobbes> https://github.com/FStarLang/kremlin/
[Sun Nov 19 16:28:27 2017] <Chobbes> So, you know. Same problem :).
[Sun Nov 19 16:28:35 2017] <pmetzger> Aw, that's bad.
[Sun Nov 19 16:28:50 2017] <pmetzger> Unless they're distributing object code.
[Sun Nov 19 16:28:56 2017] <pmetzger> I'm going to tweet and ask.
[Sun Nov 19 16:29:11 2017] <Chobbes> pmetzger: probably not, lol :P
[Sun Nov 19 16:29:54 2017] <Chobbes> pmetzger: so, then, if there's a tool that can parse a C file and spit out all instances of undefined behaviour...
[Sun Nov 19 16:30:01 2017] <Chobbes> I bet you could find a bug pretty fast :P
[Sun Nov 19 16:30:35 2017] <pmetzger> you literally cannot.
[Sun Nov 19 16:30:38 2017] <Chobbes> At least when compiled with -Obajillion.
[Sun Nov 19 16:30:45 2017] <pmetzger> You can't statically check for undefined behavior in C. it requires runtime checks.
[Sun Nov 19 16:30:55 2017] <pmetzger> I can trivially make the undefined behavior depend on an arbitrary computation.
[Sun Nov 19 16:30:57 2017] <Chobbes> pmetzger: fair point.
[Sun Nov 19 16:31:46 2017] <pmetzger> Using C for systems code is like juggling chainsaws while ice skating. It's a cool trick until something goes wrong.
[Sun Nov 19 16:33:17 2017] <pmetzger> After something goes wrong, cleaning up is, er, messy.
[Sun Nov 19 16:37:10 2017] <Chobbes> pmetzger: I'm tempted to compile the crypto library with the magical undefined flags now. Would be interesting to see. Not sure if Low* or whatever restricts to fully defined behavior in the spec -- probably just uses Clight semantics.
[Sun Nov 19 16:39:54 2017] <pmetzger> I would manually scan the code for "int". :)
[Sun Nov 19 16:41:05 2017] <Chobbes> pmetzger: that's probably easier :P.
[Sun Nov 19 16:42:21 2017] <pmetzger> Chobbes: wouldn't mind if you retweeted my tweet on this. Sadly people like Regehr aren't usually active on a Sunday evening. (He's probably hiking in some box canyon with his kids.)
[Sun Nov 19 16:44:22 2017] <Chobbes> pmetzger: I don't know if Mozilla would go along with the CompCert license.
[Sun Nov 19 16:44:37 2017] <pmetzger> They not only wouldn't but can't.
[Sun Nov 19 16:45:04 2017] <Chobbes> pmetzger: maybe for their binary releases they could? I'm not really sure.
[Sun Nov 19 16:45:16 2017] <pmetzger> In theory they could include binary blobs for x86 and ARM. But I doubt they're doing that. And their code runs on other platforms routinely like PPC/POWER.
[Sun Nov 19 16:46:08 2017] <pmetzger> I guess they do PPC though.
[Sun Nov 19 16:46:22 2017] <pmetzger> Not MIPS but I guess no one cares about MIPS now.
[Sun Nov 19 16:46:48 2017] <Chobbes> https://github.com/FStarLang/kremlin/blob/master/DESIGN.md
[Sun Nov 19 16:59:17 2017] <Chobbes> pmetzger: there are other possible concerns as well. As far as I can tell the Low* to C compiler isn't verified. I could be wrong, but it looks like it's just an OcaML program.
[Sun Nov 19 16:59:51 2017] <pmetzger> OCaml is the usual capitalization at the moment. It's officially not Objective Caml any more btw.
[Sun Nov 19 17:00:29 2017] <pmetzger> I think most extractors one can name aren't formally verified of course. I do remember there was one people were working on?
[Sun Nov 19 17:00:33 2017] <Chobbes> Dammit. So many weird capitalizations to keep track of.
[Sun Nov 19 17:00:36 2017] <Chobbes> https://arxiv.org/pdf/1703.00053.pdf
[Sun Nov 19 17:00:49 2017] <Chobbes> There's a quote on what the trusted computing base is in this paper.
[Sun Nov 19 17:03:30 2017] <Chobbes> Looks like a lot of their assertions involve informal proofs.
[Sun Nov 19 17:04:54 2017] <pmetzger> Informal = paper and pencil?
[Sun Nov 19 17:04:59 2017] <Chobbes> Yep.
[Sun Nov 19 17:05:50 2017] <Chobbes> At first glance it doesn't seem like it's end-to-end verified. Like, it sounds like the semantics of low* are only related to clight by paper and pencil? But I could be reading that wrong.
[Sun Nov 19 17:29:04 2017] <pmetzger> I know one of the guys on that paper (Catalin). He was a postdoc at Penn. I suppose I could ask him.
[Sun Nov 19 17:31:25 2017] <Chobbes> It does kind of bring up the interesting question of "what does formally-verified" actually mean.
[Sun Nov 19 17:32:54 2017] <pmetzger> Well, for CompCert a semantics that defines more than the standard does WRT undefined behavior breaks no conforming code. It's only dangerous to use that semantics in a different context.
[Sun Nov 19 17:33:01 2017] <pmetzger> I didn't even realize this was a thing.
[Sun Nov 19 17:33:22 2017] <pmetzger> But yah, formally verified is always "with respect to _what_"....
[Sun Nov 19 17:37:59 2017] <lyxia> pmetzger: Oh. I'm also at Penn, partly thanks to him.
[Tue Nov 21 15:58:02 2017] <sud> I have an inductive Predicate:  MyType -> Prop; and I want to write a tactic that invert a hypothesis H: Predicate t only when t is not a variable
[Tue Nov 21 15:58:54 2017] <johnw> you can match goal on the hypothesis and use is_var on its parameter
[Tue Nov 21 15:59:00 2017] <sud> I tried the follwoing: Ltac t := repeat match goal with | [ H: Predicate ?T |- _ ] => tryif (is_var T) then idtac else inversion H end.
[Tue Nov 21 15:59:59 2017] <sud> johnw: I'm not sure my tactic is good, especially in the case where there are multiple hypotheses of type Predicate ?T
[Tue Nov 21 16:00:53 2017] <sud> the match could match a hypothesis of type Predicate x, where x is indeed a variable, so it will just do idtac (or I could put fail instead)
[Tue Nov 21 16:01:17 2017] <johnw> maybe you want is_var T + inversion H
[Tue Nov 21 16:04:22 2017] <sud> johnw: if I have two hypotheses, H1: Predicate X and H2: Predicate T, where X is a variable and T is not, then the match could just match H1 and then succeed on is_var X
[Tue Nov 21 16:04:44 2017] <Cypi> What if you replace `idtac` by `fail` in your tactic?
[Tue Nov 21 16:05:20 2017] <sud> Cypi: wouldn't that repeat the failure, and still match H1 on the next iteration of "repeat"?
[Tue Nov 21 16:05:40 2017] <Cypi> `repeat` will stop when there is no progress anymore
[Tue Nov 21 16:05:55 2017] <sud> Cypi: but I want it to match H2 after failing on H1
[Tue Nov 21 16:06:00 2017] <Cypi> the failure will make the `match` go to another candidate
[Tue Nov 21 16:06:06 2017] <sud> hmm
[Tue Nov 21 16:08:29 2017] <sud> I should probably clear H as well I guess
[Tue Nov 21 16:08:36 2017] <sud> in case inversion H succeeds
[Tue Nov 21 16:09:30 2017] <sud> I think it's working properly thanks
[Tue Nov 21 16:14:41 2017] <sud> is there a tactic that tries to instantiate foralls that appear in the hypotheses with other hypotheses? e.g. if you have H: forall x, F1(x) -> F2(x), and you have some H2: F1(t), it will add a hypothesis F2(t)
[Tue Nov 21 16:15:54 2017] <sud> (automatically)
[Tue Nov 21 22:13:49 2017] <anonlastname> should coq always generate a hypothesis every time you use the inductiion tactic?
[Tue Nov 21 22:14:11 2017] <anonlastname> if not what dictates whether it will or won't?
[Tue Nov 21 22:16:12 2017] <anonlastname> I've noticed that sometimes it will generate something with a name like IHn in the context when you use induction and sometimes it doesn't
[Tue Nov 21 22:20:03 2017] <lyxia> anonlastname: the induction tactic applies an "induction principle" which dictates the subgoals.
[Tue Nov 21 22:20:45 2017] <lyxia> https://softwarefoundations.cis.upenn.edu/lf-current/IndPrinciples.html
[Tue Nov 21 22:26:46 2017] <anishathalye> sud: how about something like match goal with [ H : (forall x : ?T, P x -> Q x), H' : P ?x |- _ ] => pose proof (H x H') end.
[Wed Nov 22 05:20:53 2017] <sud_> anishathalye: yes that would work; is there a way to generalize to more complicate patterns automatically (e.g. foralls with multiple variables, and multiple hypotheses P x -> Q x -> R x -> [...] -> conclusion), and have it do unification etc.?
[Wed Nov 22 06:09:35 2017] <sud_> is there a tactic that succeeds only is the argument is a constructor?
[Wed Nov 22 06:13:43 2017] <Cypi> Not that I know of, but it should be possible to craft one. Just to make sure, you want some tactic `is_construct` such that `(is_construct t)` succeeds if and only if `t` is a constructor applied to any arguments?
[Wed Nov 22 06:23:10 2017] <Cypi> sud_ : http://lpaste.net/360192 if you need it (note that it warrants some testing, since it looks kind of hack-ish :p )
[Wed Nov 22 06:26:23 2017] <Cypi> Uhoh, it also works on constructors which are not fully applied, because the `econstructor` tactic does not care...
[Wed Nov 22 06:32:40 2017] <sud_> Cypi: thanks! I ended up doing a pattern matching on the constructors I have
[Wed Nov 22 06:33:12 2017] <Cypi> Oh right, if you just want it to work for one specific inductive type, it's simpler, of course
[Wed Nov 22 06:38:31 2017] <sud_> Cypi: but then I have to rewrite "is_construct" every time I change my type (and in every different project)
[Wed Nov 22 06:39:01 2017] <Cypi> Sure. If you want more flexibility, you can try my version (no guarantee included)
[Wed Nov 22 06:41:39 2017] <sud_> thanks :)
[Wed Nov 22 06:42:36 2017] <sud_> Cypi: can you briefly explain how it works?
[Wed Nov 22 06:43:21 2017] <Cypi> So, the goal is to use the `econstructor` tactic to instantiate some evar which is supposed to have the same type as the argument `t`
[Wed Nov 22 06:43:39 2017] <Cypi> and then use `reflexivity` to try to unify the evar with `t`, which should succeed only if `t` is in constructor form
[Wed Nov 22 06:44:06 2017] <Cypi> So what I do essentially is `assert (exists x, x = t)`
[Wed Nov 22 06:44:27 2017] <Cypi> then use `eexists ?[x]` to create an evar named `x`
[Wed Nov 22 06:44:40 2017] <Cypi> then `only [x]: econstructor` will instantiate `x` with a constructor
[Wed Nov 22 06:44:56 2017] <Cypi> and finally, `reflexivity` will try to unify
[Wed Nov 22 06:45:30 2017] <Cypi> The trick is that using `assert` would change the proof term, which I want to avoid. So instead I am creating a variable at the Ltac level, saying that its type must be `exists x, x = t`
[Wed Nov 22 06:45:49 2017] <Cypi> and the term that I store in this variable is built by using a tactic, hence the `ltac:(...)`
[Wed Nov 22 06:46:51 2017] <Cypi> If creating this whole term succeeded, it means that `t` was a constructor, so I can just succeed with `idtac`, otherwise I am failing with `fail` simply to avoid a weird error message
[Wed Nov 22 06:47:03 2017] <Cypi> (you could fail with `fail "Not a constructor"` for instance, it would make more sense)
[Wed Nov 22 06:47:31 2017] <Cypi> hope this makes some kind of sense
[Wed Nov 22 07:24:18 2017] <sud_> Cypi: I think so yes thanks
[Wed Nov 22 07:26:44 2017] <sud_> in Ltac, imagine I have H: forall _ _ _ _ _ _, ?P -> ?X, and I have H2: ?Q such that P unifies with Q; I want to write "pose H _ _ _ _ _ _ H2", though I don't know in general how many '_' the forall has
[Wed Nov 22 10:52:36 2017] <cocreature> is there a tactic for arithmetic simplification? so something that removes  +0, +x-x and so on?
[Wed Nov 22 10:53:00 2017] <cocreature> I don’t need anything particularly fancy, a set of builtin rules that perform common simplifications is completely fine
[Wed Nov 22 11:00:02 2017] <lyxia> omega?
[Wed Nov 22 11:00:41 2017] <cocreature> lyxia: omega can’t solve my goal (and I don’t need it to), I just want to perform some simplifications before I continue
[Wed Nov 22 11:04:09 2017] <Chobbes> cocreature: I think ringsimpl might work with semirings, but I'm not sure it does what you want?
[Wed Nov 22 11:05:28 2017] <cocreature> Chobbes: that looks useful, thanks!
[Wed Nov 22 11:05:36 2017] <Chobbes> cocreature: you could always write some Ltac to do those rewrites too!
[Wed Nov 22 11:05:46 2017] <cocreature> Chobbes: sure, I’m just being lazy :)
[Wed Nov 22 11:05:56 2017] <cocreature> ah ring_simplify helps, thanks again
[Wed Nov 22 11:12:05 2017] <Chobbes> :thumbsup:
[Wed Nov 22 11:41:35 2017] <cocreature> how can I proof "r <> 0" from "1 <= r" where r : Real?
[Wed Nov 22 11:42:36 2017] <cocreature> ah intro; fourier. does the job
[Wed Nov 22 12:02:56 2017] <Chobbes> cocreature: lra probably works too.
[Wed Nov 22 12:16:56 2017] <cocreature> Chobbes: thanks, I’ll try that next time :)
[Wed Nov 22 16:21:58 2017] <takanuva> is it possible to use the first element of an existential in the type signature? I mean, forall (x: (exists T: Prop, T)), fst x, or something like that
[Wed Nov 22 16:23:13 2017] <benzrf> yes
[Wed Nov 22 16:23:17 2017] <benzrf> but why do you want to :P
[Wed Nov 22 16:23:58 2017] <takanuva> as I: I receive a tuple (T: Prop, T), and return the "T" from it (so type signature uses first item, function body uses the second)
[Wed Nov 22 16:24:23 2017] <takanuva> I'm still learning, this doubt came up and I couldn't make it work
[Wed Nov 22 16:24:39 2017] <benzrf> well, the problem is only that fst is the wrong type
[Wed Nov 22 16:24:51 2017] <benzrf> im not sure if theres a name for the corresponding operation on exists
[Wed Nov 22 16:27:41 2017] <takanuva> I tried writing an eliminator for exists but I keep getting Prop/Type problems
[Wed Nov 22 21:06:26 2017] <anonlastname> Is it possible to prove that [forall (a b : nat), beq_nat a b = true -> a = b]?
[Wed Nov 22 21:08:43 2017] <lyxia> yes
[Wed Nov 22 21:08:53 2017] <lyxia> induction a
[Wed Nov 22 21:09:13 2017] <anonlastname> ok thank you just wanted to make sure it wasn't a fools errand
[Wed Nov 22 23:49:26 2017] <suo> I'm having an issue when installing coqide with a fresh opam switch, on OCaml 4.06.0
[Wed Nov 22 23:49:28 2017] <suo> # File "ide/ideutils.ml", line 376, characters 38-74:# Error: This expression has type string but an expression was expected of type bytes
[Wed Nov 22 23:54:33 2017] <Cypi> I think this is because it might not be compatible (yet) with the safe strings from OCaml, which are made default by OCaml 4.06.0
[Wed Nov 22 23:55:52 2017] <Cypi> I don't know exactly when support for safe strings will be coming (for all I know it might already be implemented in the dev branch), but in the meantime, I think either 4.05.x or 4.06.0+default-unsafe-string should work.
[Wed Nov 22 23:58:53 2017] <suo> Cypi: I did opam switch 4.05.0, and now I have to reinstall coq as well (even though coq compiled fine on 4.06.0), is that normal?
[Wed Nov 22 23:59:18 2017] <Cypi> Sadly yes. Anything compiled with some version of OCaml will be unusable with another version of OCaml :(
[Thu Nov 23 00:00:04 2017] <Cypi> Therefore, the opam switches are completely independent from one another, there is no sharing or anything
[Thu Nov 23 00:00:37 2017] <suo> Cypi: alright, recompiling! do you know why the coq installation page suggests setting: export OPAMROOT=~/opam-coq.8.6; now everything I have (both switches) is in that folder
[Thu Nov 23 00:01:22 2017] <Cypi> I don't know, sorry, I never did that
[Thu Nov 23 00:03:18 2017] <suo> how will the system decide between which coqc to use, since there are one for each switch?
[Thu Nov 23 00:04:50 2017] <Cypi> Normally both switches should have separate folders, so I'm a bit confused by the suggestion
[Thu Nov 23 00:06:23 2017] <suo> I see, and I just have to "opam switch" to obtain the executables compiled with the other version
[Thu Nov 23 00:07:05 2017] <Cypi> Yes. Among other things, `opam switch` will add to your PATH the correct folder containing binaries for the current switch
[Thu Nov 23 05:00:05 2017] <Forlorn> Hi, what does "intro" do or mean in the beginning of a Proof.?
[Thu Nov 23 05:15:35 2017] <sud_> Forlorn: can you step in the proof and see how it operates on your goal? basically, if your goal is to prove A -> B, intro will put A into your hypothesis, and you'll have to prove B
[Thu Nov 23 05:25:16 2017] <Forlorn> sud_, Thanks, I think I have got the hang of this now
[Thu Nov 23 06:13:25 2017] <ggVGc> hm, I find it a bit strange that coq looks very inspired by haskell, but is implemented in ocaml
[Thu Nov 23 06:13:28 2017] <ggVGc> anyone know why?
[Thu Nov 23 06:13:41 2017] <ggVGc> I mean, why haskell was not chosen
[Thu Nov 23 06:14:29 2017] <Cypi> Haskell did not even exist at the time though
[Thu Nov 23 07:16:13 2017] <Forlorn> Any one using vim as editor for coq?
[Thu Nov 23 07:16:21 2017] <Forlorn> Any recommended plugins?
[Thu Nov 23 09:12:47 2017] <lyxia> ggVGc: I think syntactically, it looks more like ml/ocaml than haskell
[Thu Nov 23 09:16:35 2017] <ggVGc> well, it seems I had my history wrong
[Thu Nov 23 09:16:40 2017] <ggVGc> I was sure coq was newer than haskell
[Thu Nov 23 09:20:32 2017] <Cypi> According to "A History of Haskell", the decision of designing what became Haskell was taken in 1987, with the first version of Haskell being released in 1990
[Thu Nov 23 09:20:55 2017] <Cypi> https://coq.inria.fr/about-coq seems to say that Coq started in 1984
[Thu Nov 23 09:22:03 2017] <Cypi> https://caml.inria.fr/about/history.en.html says that Caml was also aimed at developping Coq at some early point
[Thu Nov 23 10:18:03 2017] <dh`> coq turns out to be a lot older than it seems like it ought to be
[Thu Nov 23 10:18:10 2017] <dh`> you aren't the first to have noticed this :-)
[Fri Nov 24 02:29:33 2017] <piyush-kurur> in coqdoc is there a way to emphasis/bold text ?
[Fri Nov 24 02:30:06 2017] <piyush-kurur> More generally what is the reference for the markup and text formating instructions that one can use in coqdoc
[Fri Nov 24 02:33:42 2017] <piyush-kurur> One of the documentation which I read says that it uses the Almost Free Text format but it looks like the '' notation for italics for example does not work in coqdoc
[Fri Nov 24 06:33:05 2017] <sud_> I'm trying to organize my files by separating theorems/proofs and tactic files. But then as soon as I have a dependencies tactic1 -> Lemma1 -> tactic2, I have to create a new tactic file to avoid cyclic dependencies in the source files. What is the recommended way of working with multiple sources?
[Fri Nov 24 06:43:57 2017] <piyush-kurur> sud_: how is your tactic2 depending on Lemma1 ?
[Fri Nov 24 06:44:45 2017] <sud_> piyush-kurur: yes
[Fri Nov 24 06:46:49 2017] <piyush-kurur> Depending on application I guess but I found the strategy of complete automation as recommended in the CPDT book to be the only feasible method to do large scale proofs
[Fri Nov 24 06:47:48 2017] <piyush-kurur> If you are following such strategy I would suggest that you have a generic "crush tactic" writen in a tactic file and then Supply your domain specific lemma (like Lemma1 etc) to crush using various kinds of hints
[Fri Nov 24 06:48:39 2017] <piyush-kurur> (need less to say that the crush tactics will have a default clause where it tries tactic like eauto etc where the hint database come into play)
[Fri Nov 24 07:54:46 2017] <lyxia> piyush-kurur: did you see https://coq.inria.fr/refman/tools.html#coqdoc ? It looks like they have only one kind of emphasis (italics) but you can also inline latex or html.
[Fri Nov 24 07:56:18 2017] <piyush-kurur> lyxia: thanks great.
[Fri Nov 24 10:42:22 2017] <dh`> <piyush-kurur> Depending on application I guess but I found the strategy of complete automation as recommended in the CPDT book to be the only feasible method to do large scale proofs
[Fri Nov 24 10:42:51 2017] <dh`> so far I have not found that and in fact it seems crazy to me (to go to the point of automating every last corner case)
[Fri Nov 24 10:43:28 2017] <dh`> is this because of what I've been working on, or does it more likely reflect some basic difference in approach?
[Fri Nov 24 10:45:54 2017] <dh`> (what I've been working on: a lot of it is the string library I occasionally talk about, but I've also done several rounds of type system soundness and i've been messing with some other things like concurrency models)
[Fri Nov 24 10:55:09 2017] <dh`> it seems to me that the critical thing for large proofs is a good decomposition into lemmas
[Fri Nov 24 10:55:22 2017] <dh`> (like dealing with large bodies of code)
[Fri Nov 24 10:56:14 2017] <dh`> I've gotten into a few things where I end up with 500 cases, but mostly they can be dismissed with things like "all: try (apply foo; discriminate)"
[Fri Nov 24 10:56:38 2017] <dh`> and sure that could be an ltac but I don't see anything much to be gained by making it one
[Fri Nov 24 17:07:30 2017] <benzrf> is there any way to write a tactic which can do different things to each goal?
[Fri Nov 24 17:08:03 2017] <benzrf> i.e. - so that i can write something like [destruct big_inductive_type_inhabitant; my_tactic] and have my_tactic operate differently on each case
[Fri Nov 24 17:08:25 2017] <benzrf> or even [my_tactic (destruct big_inductive_type_inhabitant)] would be a fine calling convention
[Fri Nov 24 17:09:09 2017] <benzrf> well, ok in that second case i could of course implement it as [Ltac my_tactic t := t; [case_a | case_b | case_c]]
[Fri Nov 24 17:09:51 2017] <benzrf> but im thinking about something programmatic, like if i could dynamically address different goals
[Fri Nov 24 17:10:28 2017] <benzrf> e.g., being able to pass in a uconstr list of lemmas and have them applied pointwise to the remaining goals
[Fri Nov 24 17:31:42 2017] <Cypi> benzrf: if you have such a list, maybe you could try to deconstruct it and use the head lemma with something like `only 1: apply lemma`?
[Fri Nov 24 17:31:54 2017] <Cypi> Ah wait, this would only work if it actually solve the goal
[Fri Nov 24 17:32:25 2017] <Cypi> hmm.
[Fri Nov 24 17:32:31 2017] <Cypi> I don't know x)
[Fri Nov 24 17:32:49 2017] <benzrf> well the other thing is
[Fri Nov 24 17:32:56 2017] <benzrf> are there any sequencing primitives besides ;
[Fri Nov 24 17:33:08 2017] <benzrf> because if you solve, how can you work on the next goal? you certainly cant do it with ;
[Fri Nov 24 17:33:51 2017] <Cypi> well yes you can
[Fri Nov 24 17:34:03 2017] <Cypi> Goal True /\ True. split; only 1: exact I; only 1: exact I. Qed.
[Fri Nov 24 17:34:06 2017] <Cypi> this works, for instance
[Fri Nov 24 17:39:48 2017] <benzrf> woah wat
[Fri Nov 24 17:40:28 2017] <benzrf> i thought if there were no more subgoals it didnt run the tactic
[Fri Nov 24 17:41:18 2017] <Cypi> This is `split; (only 1: exact I); (only 1: exact I)`. So, after the splits, there are two goals under focus, it applies the tactic `only 1: exact I` on these two goals. This tactic focuses on the first goal and applies `exact I`, solving it. Then there are one goal remaining under focus, it applies `only 1: exact I` on this goal, solving it too.
[Fri Nov 24 17:42:15 2017] <benzrf> well, this works: [split; (only 1: exact I; only 1: exact I)]
[Fri Nov 24 17:43:48 2017] <Cypi> well yes
[Fri Nov 24 17:44:07 2017] <Cypi> this is still `split; ((only 1: exact I); (only 1: exact I))`
[Fri Nov 24 17:44:22 2017] <Cypi> however, this shouldn't work: `split; only 1: (exact I; only 1: exact I)`
[Fri Nov 24 17:44:30 2017] <Cypi> (saying something about a goal that doesn't exist probably)
[Fri Nov 24 17:48:58 2017] <benzrf> oh, what the fuck
[Fri Nov 24 17:49:05 2017] <benzrf> why cant u match on uconstrs
[Fri Nov 24 17:49:16 2017] <Cypi> ah right, match wants a typed term......
[Fri Nov 24 17:49:22 2017] <Cypi> (which is very annoying if you ask me)
[Fri Nov 24 17:49:30 2017] <Cypi> (but there is probably some kind of reason somewhere)
[Fri Nov 24 17:49:41 2017] <benzrf> well i literally cant do that because what im hauling around is intropatterns
[Fri Nov 24 17:49:54 2017] <Cypi> You could have nested pairs instead of a list
[Fri Nov 24 17:49:54 2017] <benzrf> mfw ltac doesnt have lists
[Fri Nov 24 17:50:04 2017] <benzrf> still cant match
[Fri Nov 24 17:50:07 2017] <benzrf> uconstr
[Fri Nov 24 17:50:15 2017] <Cypi> In a constr I mean
[Fri Nov 24 17:50:15 2017] <benzrf> oh wait does ltac have pairs
[Fri Nov 24 17:50:23 2017] <Cypi> What does one element of your list looks like?
[Fri Nov 24 17:50:26 2017] <Cypi> look*
[Fri Nov 24 17:50:27 2017] <benzrf> an intropattern
[Fri Nov 24 17:50:45 2017] <Cypi> So stuff like [[? _] | x] ?
[Fri Nov 24 17:50:56 2017] <benzrf> well, to be precise, arguments to refine
[Fri Nov 24 17:51:50 2017] <benzrf> i wanna cut down on this repetition https://i.imgur.com/K6mK0dy.png
[Fri Nov 24 17:53:03 2017] <Cypi> Ah, so you would like stuff like `impl_I (impl_E _ (conj_E2 _))` in your list I guess :/
[Fri Nov 24 17:53:09 2017] <benzrf> i figured putting this stuff in a list would both get rid of all of the fcp_case and make me no longer need parens around each one
[Fri Nov 24 17:53:12 2017] <benzrf> yup
[Fri Nov 24 17:53:13 2017] <Cypi> isn't there anyway to compute these from the goal?
[Fri Nov 24 17:53:32 2017] <Cypi> any way*
[Fri Nov 24 17:53:37 2017] <benzrf> i mean, possibly, but writing sufficiently advanced ltac would be more work than just putting these in
[Fri Nov 24 17:53:52 2017] <Cypi> probably, depends on your usecase
[Fri Nov 24 17:54:36 2017] <benzrf> well, bbl :T
[Fri Nov 24 17:55:36 2017] <benzrf> (the problem is that these are propositional logic proofs and the assumption rule, lem, and multiple elimination rules, all apply to any goal)
[Fri Nov 24 17:55:44 2017] <benzrf> (well not lem. whatever)
[Fri Nov 24 17:55:52 2017] <benzrf> (so i cant just exhaustively search constructors)
[Fri Nov 24 18:25:10 2017] <dh_work> one of the things you can do if there are a lot of effectively duplicate cases is produce the hypotheses to solve them beforehand (before generating all the cases) and then auto will clean them up
[Fri Nov 24 18:28:36 2017] <benzrf> that's the thing though, they arent really duplicate
[Fri Nov 24 18:28:46 2017] <benzrf> this is the pared-down version, i already automated all the duplicate parts :)
[Fri Nov 24 18:29:34 2017] <benzrf> the tactic essentially refines and then does some auto stuff - the terms im passing in are basically the important parts of the derivations, and the holes are where im appealing to assumptions or induction hypotheses
[Fri Nov 24 19:22:55 2017] <tobiasBora> Hello,
[Fri Nov 24 19:23:36 2017] <tobiasBora> I'm trying to use the autosubst library, and to "debug" my code, I'd like to be able to evaluate some code
[Fri Nov 24 19:23:44 2017] <tobiasBora> I tried to do:
[Fri Nov 24 19:23:52 2017] <tobiasBora> Eval simpl in (Var 1).[ren (+1)].
[Fri Nov 24 19:24:12 2017] <tobiasBora> it outputs ?Subst (ren (+1)) (Var 1)
[Fri Nov 24 19:24:35 2017] <tobiasBora> : mytype
[Fri Nov 24 19:24:49 2017] <benzrf> have you tried compute instead of simpl?
[Fri Nov 24 19:25:24 2017] <tobiasBora> benzrf: yes, compute gives a stranger result: ?Subst (fun x : nat => ?H (S x)) (Var 1)
[Fri Nov 24 19:26:04 2017] <benzrf> o=
[Fri Nov 24 19:26:16 2017] <benzrf> do you have the appropriate instances?
[Fri Nov 24 19:26:28 2017] <dh_work> should I ask what the notation (Var 1).[ren (+1)] means?
[Fri Nov 24 19:26:41 2017] <tobiasBora> I loaded Ids, Rename, Subst, SubstLemmas
[Fri Nov 24 19:27:03 2017] <tobiasBora> dh_work: it should be something like "add 1 to all the variables"
[Fri Nov 24 19:27:30 2017] <tobiasBora> but in order to be sure, I'd like to display the result ;)
[Fri Nov 24 19:29:46 2017] <dh_work> hmm
[Fri Nov 24 19:29:55 2017] <dh_work> I don't have any idea what you're working with then, so I can't really help :-)
[Fri Nov 24 19:29:56 2017] <benzrf> tobiasBora: did you use Qed anywhere?
[Fri Nov 24 19:32:07 2017] <tobiasBora> benzrf: after the last Instance, I put SubstLemmas ... . derive. Qed. as explained in the doc
[Fri Nov 24 19:32:17 2017] <benzrf> heuh
[Fri Nov 24 19:32:35 2017] <benzrf> idk, i just thought maybe a failure to compute could be because of an opaque term somewhere
[Fri Nov 24 19:32:42 2017] <benzrf> i dont know much about instances or about autosubst!
[Fri Nov 24 19:35:57 2017] <tobiasBora> Hum, if I copy paste the example code it seems to give me a better result... Let me check the differences
[Fri Nov 24 19:36:05 2017] <lyxia> If I have a class (Arbitrary : Type -> Type), with a method (arbitrary : forall A (Arbitrary A), A), and a single instance (Arbitrary unit), somehow that instance gets picked even if there are no constraints (e.g., just type (Check arbitrary)), is there a way to avoid that?
[Fri Nov 24 19:37:13 2017] <lyxia> I don't really have a reason for it behaving one way or the other TBH, other than I'm used to how it works in Haskell
[Fri Nov 24 19:48:00 2017] <tobiasBora> benzrf: dh_work I found the problem ! In fact, I got two types that uses the autosubst library, the first one with only "var", and the second one with the "{bind }" syntax. Because "var" was just another name for "int", I thought that I would not need to use the instance also on the first type... But I was wrong, when I create two sets of instances for both types, it seems to work better
[Fri Nov 24 19:48:05 2017] <tobiasBora> Thank you for your help !
[Fri Nov 24 22:19:27 2017] <benzrf> tobiasBora: oh , good
[Fri Nov 24 22:26:29 2017] <anonlastname> How can I show that [max a b = n -> a = n \/ b = n]? Is it possible to use the fact that the only terminating brances in the fixpoint definition of max are either a or b?
[Fri Nov 24 22:28:53 2017] <benzrf> what do you mean by "terminating branches"?
[Fri Nov 24 22:29:50 2017] <anonlastname> in the "match ... with" statement the only parts that don't call max return either a or b
[Fri Nov 24 22:30:26 2017] <benzrf> just because they recurse doesn't mean they don't terminate
[Fri Nov 24 22:30:45 2017] <anonlastname> Yes but when they do terminate it's either a or b
[Fri Nov 24 22:30:48 2017] <anonlastname> which is what I want to prove
[Fri Nov 24 22:30:52 2017] <benzrf> well, consider this
[Fri Nov 24 22:30:56 2017] <benzrf> what if i evaluate [max 4 5]
[Fri Nov 24 22:31:02 2017] <benzrf> then that has to recurse
[Fri Nov 24 22:31:06 2017] <benzrf> it still terminates though!
[Fri Nov 24 22:31:27 2017] <anonlastname> And it will also satisfy my hypothesis
[Fri Nov 24 22:31:45 2017] <benzrf> yes - im not claiming your proposition is false :)
[Fri Nov 24 22:31:57 2017] <anonlastname> The hypothesis I'm trying to prove is certainly true because every fixpoint will terminate and the only things it can terminate to are a or b
[Fri Nov 24 22:31:58 2017] <benzrf> oh wait hold on i think i see what you mean
[Fri Nov 24 22:32:04 2017] <benzrf> yeah, that makes sense
[Fri Nov 24 22:32:56 2017] <benzrf> hmm, but hold on - that's not quite right
[Fri Nov 24 22:33:23 2017] <benzrf> what you're saying would make sense if it were tail-recursive
[Fri Nov 24 22:33:41 2017] <benzrf> but you can't just talk about what it results in when it terminates, because that result will be modified by the wrapping S
[Fri Nov 24 22:35:18 2017] <anonlastname> I see what you are saying
[Fri Nov 24 22:35:42 2017] <benzrf> in any case, though -
[Fri Nov 24 22:35:49 2017] <benzrf> the general principle tends to be like follows:
[Fri Nov 24 22:36:30 2017] <benzrf> the "call graph", if you want to think of it that way, of a structurally recursive function, is isomorphic to its decreasing argument as a tree
[Fri Nov 24 22:36:53 2017] <benzrf> well - at least, to some truncation of it.
[Fri Nov 24 22:37:14 2017] <benzrf> insofar as a function recurses, it can only do so by filling out the shape of its decreasing argument
[Fri Nov 24 22:37:40 2017] <benzrf> therefore, to prove a property by induction over the "call graph", you can equivalently prove it by induction over the decreasing argument
[Fri Nov 24 22:38:34 2017] <anonlastname> In this case both the arguments are decreasing
[Fri Nov 24 22:39:17 2017] <benzrf> that's true, but that only gives you more opportunities
[Fri Nov 24 22:39:34 2017] <benzrf> you can probably still work with the explicitly-marked-as-decreasing argument though
[Fri Nov 24 22:39:45 2017] <benzrf> if you try [Print Nat.max] it should tell you that max is structural in n
[Fri Nov 24 22:40:38 2017] <benzrf> well, maybe i should stop giving advice until i check whether it's actually applicable... :)
[Fri Nov 24 22:47:20 2017] <benzrf> anonlastname: fyi, i think this would be better stated as [max a b = a \/ max a b = b]
[Fri Nov 24 22:48:13 2017] <anonlastname> Perhaps, but this came up in the context of another proof
[Fri Nov 24 22:48:53 2017] <benzrf> ok, i just worked out a proof, and i can tell you that induction on the first argument indeed works
[Fri Nov 24 22:49:04 2017] <benzrf> be careful with your choice of induction hypothesis, though
[Fri Nov 24 22:49:34 2017] <anonlastname> Alright thanks for the help
[Fri Nov 24 22:50:48 2017] <benzrf> np
[Fri Nov 24 23:46:02 2017] <piyush-kurur> dh`: I have mostly been doing certain straight forward induction + some variation so it might be because of that I found the CPDT method working well (I should admit I am yet to do some really cutting edge proving)
[Fri Nov 24 23:48:06 2017] <piyush-kurur> dh` I think that strategy might not work for math theorems. But for applications like correctness of compilers I guess that is the only sane way as often your Inductive types change a lot in content but not in substance (You added a new  syntactic sugar for example).
[Fri Nov 24 23:50:23 2017] <piyush-kurur> also when I say complete automation, there might still be some tiny little adjustments one needs to do (like one needs to intro the variable at the correct time for induction to work etc). So generally the fully automated proofs do tend to look like a bunch of intros and inductions and then crush.
[Fri Nov 24 23:53:42 2017] <dh_work> nothing I've been doing is particularly cutting-edge really
[Fri Nov 24 23:54:31 2017] <dh_work> in the string library, a lot of the proofs have the same general outline, but they're all slightly different in details and automation just seems hard and fairly pointless
[Sat Nov 25 00:18:46 2017] <piyush-kurur> dh_work: do you find your self repeating some same set of tactics ?
[Sat Nov 25 00:20:05 2017] <piyush-kurur> That is the first indication that there is some possibility of automation
[Sat Nov 25 00:21:03 2017] <piyush-kurur> Also there is one advantage of having a crush, you can use it to write not just proofs. YOu can use it to fill in your other functions.
[Sat Nov 25 00:22:27 2017] <piyush-kurur> Some times coq behaves in strange ways because it is not able to see that two things are of the same type. In such cases I have also found the strategy of writing an incomplete version of the match using refine and disposing of holes in the match using the crush
[Sat Nov 25 00:23:55 2017] <piyush-kurur> those programs look like refine(match _ => whatever); crush
[Sat Nov 25 04:33:48 2017] <duri`> hi, I'm going through IndProp.v from the Software Foundations book. I have proven that the given ternary relation encodes plus: https://pastebin.com/EsgqAdEy However, it took me a long time because in the second "-" bullet, I had to find out how to completely remove H after rewrite <- H. (If H is not removed, then the following induction hypotheses would be more complicated and not useful.)
[Sat Nov 25 04:34:01 2017] <duri`> Finally I did it using destruct H.
[Sat Nov 25 04:37:02 2017] <duri`> But I don't really understand the magic - why using destruct on H: m + n = o just removes it, why this influenced the induction hypotheses that followed, and how could I possibly remove any hypothesis I want.
[Sat Nov 25 04:37:37 2017] <Cypi> To remove an hypothesis, you can just use `clear H` (as long as nothing depends on `H`)
[Sat Nov 25 04:38:17 2017] <duri`> Cypi: great, works fine :-) thanks
[Sat Nov 25 04:38:48 2017] <Cypi> In general, destructing an hypothesis with `destruct` will remove it, and refine the goal depending on how this hypothesis could have been built. If you have `n : nat` and do `destruct n`, it will generate two subgoals where `n` is replaced by `O` and `S n'`.
[Sat Nov 25 04:39:47 2017] <Cypi> If you have `H: m + n = o` and do `destruct H`, the only way to build a proof of equality is with its only constructor, `eq_refl`. So it will generate one subgoal where `H` is replaced by `eq_refl`, and also `o` is replaced by `m + n`.
[Sat Nov 25 04:40:31 2017] <duri`> wow, so I didn't even need to use rewrite <- H.
[Sat Nov 25 04:41:20 2017] <Cypi> `rewrite <- H` and `destruct H` for such a proof of equality will basically do the same anyway.
[Sat Nov 25 04:41:25 2017] <Cypi> (apart from clearing H or not)
[Sat Nov 25 04:41:39 2017] <Cypi> If your intent was to rewrite, then using `rewrite` is perfectly fine :)
[Sat Nov 25 04:41:40 2017] <duri`> I think I got it, thank you very much
[Sat Nov 25 07:58:12 2017] <tobiasBora> Hello,
[Sat Nov 25 08:11:35 2017] <tobiasBora> I'm still trying to understand autosubst. And I need to define two types "typea" and "typeb". In "typea", I define a "Var (_ : var)", and in "type b" I define a "Forall (_ : {bind typea in typeb}) | Myeq (_ : typea) (_ : typeb)"
[Sat Nov 25 08:11:57 2017] <tobiasBora> Then I load all the instances, for both types
[Sat Nov 25 08:12:11 2017] <tobiasBora> And finally I try to do some tests:
[Sat Nov 25 08:12:30 2017] <tobiasBora> Eval compute (Var 0).[ren (+1)]
[Sat Nov 25 08:12:37 2017] <tobiasBora> ==> good result: Var1
[Sat Nov 25 08:12:47 2017] <tobiasBora> BUT the following code does nothing:
[Sat Nov 25 08:13:16 2017] <tobiasBora> Eval compute (Myeq (Var 0) (Var 1)).[ren (+1)].
[Sat Nov 25 08:13:31 2017] <tobiasBora> It just gives me (Myeq (Var 0) (Var 1)).
[Sat Nov 25 08:14:42 2017] <tobiasBora> (oh, I forgot, in type b, I also add a dummy instruction "dummy (_ : var)" because without it I can't load the instance. Maybe both problems are linked ?)
[Sat Nov 25 08:18:23 2017] <tobiasBora> Any idea how I could let "talk together" the two types ?
[Sat Nov 25 08:50:51 2017] <sud> I have definitions that I want automatically unrolled, but I don't want to change my tactics everytime I add a new definition; what's the proper way of doing that?
[Sat Nov 25 09:21:56 2017] <tobiasBora> Hum, if you don't have the solution for autosubst, I may have a simpler question. I use "Eval compute <some expr>", and at the end I have something like "((((Var 0) =p (Var 0)) = ((Var 0) =p (Var 0))) -> False) -> False"
[Sat Nov 25 09:22:28 2017] <tobiasBora> The center equality is obviously true, so it should remap to (true -> false) -> false
[Sat Nov 25 09:23:38 2017] <tobiasBora> i.e. (False -> False), ie True.
[Sat Nov 25 09:24:04 2017] <tobiasBora> Why does the computation stays into this big equation ?
[Sat Nov 25 09:24:08 2017] <tobiasBora> *stay
[Sat Nov 25 09:25:01 2017] <tobiasBora> I don't know if it's important, but all of the symbols Var and =p are defined using "Inductive"
[Sat Nov 25 09:27:21 2017] <tobiasBora> (and =p is just an infix operation for Equalp)
[Sat Nov 25 09:31:42 2017] <sud> tobiasBora: a simpler example is: Eval compute in (0 = 0). basically, "0 = 0" is a proposition (a Prop), and cannot be reduced anymore/computed
[Sat Nov 25 09:32:55 2017] <tobiasBora> really ?
[Sat Nov 25 09:33:22 2017] <sud> try it :)
[Sat Nov 25 09:33:57 2017] <tobiasBora> So maybe I'm doing it in the wrong way. I'd like to debug some functions that returns Prop to be sure they do what I expect.
[Sat Nov 25 09:34:06 2017] <tobiasBora> return*
[Sat Nov 25 09:34:57 2017] <sud> tobiasBora: do you want to prove that the given Prop always "holds"?
[Sat Nov 25 09:34:58 2017] <tobiasBora> so for now I run "Eval compute in myfunction()", and I get this (often) ugly output.
[Sat Nov 25 09:35:16 2017] <tobiasBora> sud: Not really, I just want to run some tests on my function. Like
[Sat Nov 25 09:35:34 2017] <tobiasBora> assert (f 42 45) False
[Sat Nov 25 09:35:44 2017] <tobiasBora> assert (f 12 10) True
[Sat Nov 25 09:35:46 2017] <tobiasBora> ...
[Sat Nov 25 09:35:59 2017] <tobiasBora> Just for debuging
[Sat Nov 25 09:36:04 2017] <sud> tobiasBora: perhaps what you really wanted was returning a boolean?
[Sat Nov 25 09:36:50 2017] <tobiasBora> Well after I'll do real proof on it, so I guess that boolean would not be what I want.
[Sat Nov 25 09:37:22 2017] <sud> tobiasBora: things that are in Prop do not reduce to True or False
[Sat Nov 25 09:37:55 2017] <sud> tobiasBora: can you do: Example test1: f 42 45. Proof.
[Sat Nov 25 09:38:38 2017] <sud> or f 42 45 -> False if you're expecting that the Prop "f 42 45" does not hold
[Sat Nov 25 09:40:20 2017] <tobiasBora> sud: Hum it may be a good idea if there is a tactic that can do the proof easily.
[Sat Nov 25 09:41:31 2017] <tobiasBora> the "simpl." tactics gives me the same output as Eval simpl... so it's a good point
[Sat Nov 25 09:42:25 2017] <sud> tobiasBora: perhaps someone else can help you with that, but you can try simpl, intuition and congruence; can I have a look at the goal?
[Sat Nov 25 09:43:15 2017] <tobiasBora> hum, in fact "auto" works great. What is intuition ?
[Sat Nov 25 09:43:34 2017] <tobiasBora> (intuition also work great ^^)
[Sat Nov 25 09:43:46 2017] <tobiasBora> (and also congruence, amazing)
[Sat Nov 25 09:44:39 2017] <tobiasBora> thank you !
[Sat Nov 25 10:00:26 2017] <sud> tobiasBora: not sure exactly (see https://coq.inria.fr/refman/tactics.html#hevea_tactic175 for congruence)
[Sat Nov 25 10:01:13 2017] <sud> you can have a tactic: Ltac easy := repeat (simpl || congruence || intuition || subst). or similar that tries a bunch of those
[Sat Nov 25 10:09:46 2017] <tobiasBora> sud: good to know, thank you!
[Sat Nov 25 10:28:04 2017] <tobiasBora> And by the way I solved my autosubst problem
[Sat Nov 25 10:44:26 2017] <sud> tobiasBora: what was it? I joined after
[Sat Nov 25 10:47:22 2017] <tobiasBora> sud: I got some troubles to define with autosubst two types, with typeb that depends on typea. When I was trying to update the typeb, nothing happened. And the solution was to define HSubst instance, and then use .| instead of .
[Sat Nov 25 10:57:56 2017] <tobiasBora> By the way, in coq was is the convention in notation ? What should I write LikeThat, Like_that, like_that, or likeThat ?
[Sat Nov 25 11:00:23 2017] <benzrf> 2nd to last is most common
[Sat Nov 25 11:00:43 2017] <benzrf> i think UpperCamelCase is used for some things but unsure
[Sat Nov 25 11:04:54 2017] <benzrf> tobiasBora: here's some results from the standard theories shipped in the main coq codebase https://gist.github.com/c8a90f86259ed5306457d82394d58e21
[Sat Nov 25 11:05:21 2017] <benzrf> snake_case seems to overwhelmingly dominate :)
[Sat Nov 25 11:05:46 2017] <benzrf> (line 367 for the results from the other 2)
[Sat Nov 25 11:06:38 2017] <tobiasBora> benzrf: ok thanks. So I should not differentiate types and constructors ?
[Sat Nov 25 11:07:43 2017] <benzrf> i just realized i forgot one - it seems that Capital_snake_case is also very common (although not as common as lower_snake_case)
[Sat Nov 25 11:07:57 2017] <benzrf> i think constructors often start with capital letters, but im not sure theres a hard and fast rule
[Sat Nov 25 11:09:56 2017] <benzrf> tobiasBora: for what it's worth, the constructors of option begin with capitals but the constructors of le begin with lowercase
[Sat Nov 25 11:10:50 2017] <benzrf> i think the idea is roughly that the constructors of a type like le are more like "axioms for le" and hence ordinary names, whereas the constructors of option are more like "data constructors"
[Sat Nov 25 11:11:06 2017] <benzrf> but on the other hand, nil and cons are lower case...
[Sat Nov 25 11:11:08 2017] <benzrf> so who knows :)
[Sat Nov 25 11:21:52 2017] <tobiasBora> benzrf: ok thank you ;)
[Sat Nov 25 11:22:34 2017] <benzrf> np
[Sat Nov 25 11:51:06 2017] <dh`> I've been wondering what naming conventions would be best for the string library given that I'd like to get it merged
[Sat Nov 25 11:56:52 2017] <dh`> piyush-kurur: there are some cases where things are repeated, but mostly it's only things like two branches within a single proof; one could write an ltac but it doesn't really help much in general
[Sat Nov 25 11:59:10 2017] <dh`> this is a fairly typical one: http://codepad.org/ooASZH4Q
[Sat Nov 25 11:59:30 2017] <dh`> two of the middle cases are the same, but they're not long and they're not really the same as anything else
[Sat Nov 25 12:00:57 2017] <pgiarrusso> Hi!
[Sat Nov 25 12:01:46 2017] <pgiarrusso> I’m looking for examples of proofs by well-founded induction about definitions done with “Program Fixpoint”
[Sat Nov 25 12:01:56 2017] <benzrf> dh`: how does [simpl in H; firstorder using ascii_distinct] fare
[Sat Nov 25 12:02:09 2017] <benzrf> firstorder is really nice
[Sat Nov 25 12:02:31 2017] <pgiarrusso> I’ve used Program Fixpoint to define a step-indexed logical relation, now I need to do a proof with the same termination order
[Sat Nov 25 12:02:34 2017] <dh`> good question
[Sat Nov 25 12:02:37 2017] <dh`> let's try
[Sat Nov 25 12:04:12 2017] <dh`> * twiddles while it compiles
[Sat Nov 25 12:04:51 2017] <lyxia> pgiarrusso: Do you mean that you've already taken care of the obligations?
[Sat Nov 25 12:05:48 2017] <pgiarrusso> lyxia: yes
[Sat Nov 25 12:05:56 2017] <dh`> benzrf: nothing
[Sat Nov 25 12:06:05 2017] <benzrf> dh`: ouch
[Sat Nov 25 12:06:36 2017] <dh`> the simpl'd H is forall def : ascii, def = a
[Sat Nov 25 12:07:00 2017] <dh`> and now that I look at it I recall ascii_distinct being a pain in the !#$@
[Sat Nov 25 12:07:30 2017] <dh`> not so much proving it as having to prove three or four forms of it for different appearances of the same concept
[Sat Nov 25 12:08:05 2017] <dh`> although everything involving ascii is a hassle
[Sat Nov 25 12:14:56 2017] <dh`>   Lemma ascii_distinct:
[Sat Nov 25 12:14:56 2017] <dh`>      forall (a: ascii),
[Sat Nov 25 12:14:56 2017] <dh`>      (forall b, a = b) -> False.
[Sat Nov 25 12:16:34 2017] <dh`> now I can't find the alternate forms of it; I think maybe I cleansed them all
[Sat Nov 25 12:17:18 2017] <dh`> hmm
[Sat Nov 25 12:17:36 2017] <dh`> is there a way to reason directly about the constructors a type has?
[Sat Nov 25 12:17:49 2017] <benzrf> what do you mean
[Sat Nov 25 12:17:54 2017] <benzrf> there's match
[Sat Nov 25 12:19:32 2017] <dh`> a generalization of that lemma of the form: forall (t: Type) (a: t) (c: t), constructors t = [c] -> forall b, a = b.
[Sat Nov 25 12:19:55 2017] <dh`> that is, a type with one nullary constructor is a singleton so all elements of that type are equal
[Sat Nov 25 12:20:35 2017] <dh`> or something like forall (t: Type) (a: t), length (constructors t) > 1 -> forall b, a = b -> False
[Sat Nov 25 12:20:50 2017] <dh`> I'm guessing this can't be done
[Sat Nov 25 12:21:17 2017] <dh`> since it's a form of reflection that I'm pretty sure we don't have
[Sat Nov 25 12:23:44 2017] <benzrf> assert (forall a b : t, a = b) as H by (now destruct a, b).
[Sat Nov 25 12:24:37 2017] <dh`> you can do that for any singleton type, but not write it once for all singleton types
[Sat Nov 25 12:25:26 2017] <benzrf> that's true, but why do you want that in particular
[Sat Nov 25 12:26:08 2017] <benzrf> oh, some sort of contrapositive for proving ascii_distinct?
[Sat Nov 25 12:26:19 2017] <lyxia> Isn't it a one-line tactic
[Sat Nov 25 12:27:43 2017] <dh`> a general way of dealing with problems like ascii_distinct
[Sat Nov 25 12:28:27 2017] <dh`> if the string library were parameterized over the character type (it's supposed to be, but isn't yet), ascii_distinct becomes a headache
[Sat Nov 25 12:28:43 2017] <dh`> s/becomes/would become/
[Sat Nov 25 12:28:45 2017] <dh`> * can grammar
[Sat Nov 25 12:38:13 2017] <benzrf> dh`: https://gist.github.com/a96fbc58717fae57928decfbc8b4fc6e
[Sat Nov 25 12:39:39 2017] <dh`> huh, curious that firstorder takes it if it's written as <>
[Sat Nov 25 12:39:53 2017] <dh`> oh wait, that's not the head proof. derp
[Sat Nov 25 12:39:59 2017] <benzrf> huh?
[Sat Nov 25 12:40:03 2017] <benzrf> head proof?
[Sat Nov 25 12:40:05 2017] <dh`> that's a nicer proof of ascii_distinct than I have though
[Sat Nov 25 12:40:09 2017] <benzrf> :)
[Sat Nov 25 12:40:14 2017] <dh`> the lemma I pasted a few minutes back
[Sat Nov 25 12:40:18 2017] <dh`> may I steal it?
[Sat Nov 25 12:40:22 2017] <benzrf> sure!
[Sat Nov 25 12:40:26 2017] <dh`> and how would you like it to be credited?
[Sat Nov 25 12:40:39 2017] <benzrf> i cede copyright to you
[Sat Nov 25 12:40:47 2017] <benzrf> i just did it in like 6 minutes :P
[Sat Nov 25 12:41:11 2017] <dh`> I'm an academic of sorts, I'd like it to say "from benzrf; used by permission"
[Sat Nov 25 12:41:14 2017] <pgiarrusso> lyxia: is the “one-line tactic” thing an answer to me by any chance?
[Sat Nov 25 12:41:15 2017] <benzrf> well, ok
[Sat Nov 25 12:41:19 2017] <benzrf> that's fine by me
[Sat Nov 25 12:41:26 2017] <dh`> if you don't want to expose your real name, that's fine
[Sat Nov 25 12:41:53 2017] <lyxia> pgiarrusso: unfortunately not, I don't have any idea
[Sat Nov 25 12:42:24 2017] <benzrf> quick note: i proved the exists first and the forall as a corollary because going from [exists b, a <> b] to [~forall b, a = b] is just distributing the negation outside of the exists and flipping the quantifier
[Sat Nov 25 12:42:37 2017] <benzrf> - but you cant push a negation inside a forall to get an exists in intuitionistic logic
[Sat Nov 25 12:44:06 2017] <dh`> for reference, this was mine: http://codepad.org/HhKDkANk
[Sat Nov 25 12:44:08 2017] <benzrf> that said, if you dont need both lemmas, it's pretty trivial to inline the distribution of negation into the first proof
[Sat Nov 25 12:44:31 2017] <benzrf> u just specialize your hypothesis to the b instead of giving it as a witness
[Sat Nov 25 12:44:41 2017] <benzrf> ah
[Sat Nov 25 12:44:46 2017] <dh`> I might need both; I suspect having both will improve the string proofs
[Sat Nov 25 12:44:55 2017] <benzrf> :)
[Sat Nov 25 12:45:01 2017] <pgiarrusso> FWIW, looking into the Program libraries — it seems I might need to use Fix_sub_rect by hand somehow
[Sat Nov 25 12:46:12 2017] <benzrf> dh`: fyi, you can do just [specialize (H a1)]
[Sat Nov 25 12:46:44 2017] <Vivi> Hello. Is there a way to specify in a SearchAbout pattern that two terms (as usually specified by an underscore "_") should be equal? (As a simple example, SearchAbout (_ - _ = 0) to something like SearchAbout (a - a = 0).)
[Sat Nov 25 12:46:54 2017] <benzrf> really all it does is apply a hypothesis to some argument
[Sat Nov 25 12:47:31 2017] <benzrf> so you can even go from [H : P -> Q, J : P] to [H : Q] with [specialize (H J)]
[Sat Nov 25 12:50:51 2017] <dh`> speaking of which, is there an off-the-shelf tactic that simplifies hypotheses by making trivial mandatory specializations?
[Sat Nov 25 12:51:10 2017] <dh`> like that converts H: forall x, x = y -> ... to just ...
[Sat Nov 25 12:51:45 2017] <benzrf> oh, interesting
[Sat Nov 25 12:52:58 2017] <dh`> "favorite" is a pretty loaded term
[Sat Nov 25 12:53:01 2017] <dh`> oops
[Sat Nov 25 12:53:06 2017] <dh`> (wrong window)
[Sat Nov 25 12:53:11 2017] <benzrf> for that specific case, [specialize (H _ eq_refl)] works
[Sat Nov 25 12:53:19 2017] <benzrf> i dont know that there's something more general though
[Sat Nov 25 12:53:43 2017] <dh`> right, but in cases where a lot of these appear (which seems to be always if one is ever doing induction in a complicated environment)
[Sat Nov 25 12:53:49 2017] <benzrf> yeah :I
[Sat Nov 25 12:53:53 2017] <benzrf> well -
[Sat Nov 25 12:53:57 2017] <dh`> it would be nice to have a single thing to invoke to fix the whole hypothesis bank
[Sat Nov 25 12:54:36 2017] <benzrf> applying a hypothesis to something will attempt to unify as far to the right as necessary, which will automatically specialize if it can infer specialization from unification
[Sat Nov 25 12:55:21 2017] <dh`> yeah, but it doesn't always work plus you end up with lots of trivial goals to discharge
[Sat Nov 25 12:55:24 2017] <benzrf> so if you can get far enough for the specializations you need to be easily recognizable as necessary intermediate steps, something like tauto or firstorder may finish for you
[Sat Nov 25 12:55:32 2017] <dh`> apply H; auto usually covers most of them, but it's still annoying
[Sat Nov 25 12:57:44 2017] <dh`> also when you get a lot of them it's difficult to read the hypothesis bank
[Sat Nov 25 12:58:06 2017] <dh`> and in particular, difficult to tell for sure if you reverted the right things before starting the induction
[Sat Nov 25 13:00:24 2017] <dh`> anyway, I guess this tactic doesn't exist (yet)
[Sat Nov 25 13:01:56 2017] <benzrf> tbh if you have a lot of equalities involved it's pretty possible you're making the wrong statement
[Sat Nov 25 13:02:10 2017] <dh`> that's possible
[Sat Nov 25 13:03:17 2017] <benzrf> if you have [forall x, x = y -> P x y], it seems to me that probably P shouldn't've mentioned x in the first place
[Sat Nov 25 13:03:22 2017] <benzrf> do you have a particular example?
[Sat Nov 25 13:03:31 2017] <dh`> not offhand
[Sat Nov 25 13:03:41 2017] <dh`> it just seems to come up a lot, particularly with complex higher-level things
[Sat Nov 25 13:04:11 2017] <benzrf> hmm
[Sat Nov 25 13:04:43 2017] <dh`> but you can get forall x, x = y -> P x y by doing induction on y when your goal is P x y
[Sat Nov 25 13:05:03 2017] <dh`> and x = y is a fact you acquired earlier
[Sat Nov 25 13:05:09 2017] <benzrf> well...
[Sat Nov 25 13:05:15 2017] <benzrf> substitute the equation before doing the induction :)
[Sat Nov 25 13:05:17 2017] <dh`> of course if so you should have subst'd to get rid of y
[Sat Nov 25 13:05:24 2017] <benzrf> jinx
[Sat Nov 25 13:05:40 2017] <dh`> of course if you do, then you still get y = y -> P x y
[Sat Nov 25 13:05:56 2017] <benzrf> subst should clear the equation
[Sat Nov 25 13:06:03 2017] <benzrf> or you can manually remove it
[Sat Nov 25 13:06:09 2017] <dh`> it doesn't if it was there first
[Sat Nov 25 13:06:17 2017] <dh`> e.g. x = y is only true in this branch
[Sat Nov 25 13:07:45 2017] <dh`> (then how would you get it in H? I forget but it happens)
[Sat Nov 25 13:07:49 2017] <pgiarrusso> dh`: have you looked at match goal with?
[Sat Nov 25 13:07:57 2017] <dh`> anyway we need a real example to discuss this intelligently
[Sat Nov 25 13:08:01 2017] <benzrf> yeah
[Sat Nov 25 13:08:05 2017] <benzrf> also i shd really go soon ;v;
[Sat Nov 25 13:08:20 2017] <dh`> I should have gone an hour ago :-/
[Sat Nov 25 13:08:22 2017] <dh`> ttyl
[Sat Nov 25 13:08:43 2017] <pgiarrusso> dh`: I’ll explain relevance for later
[Sat Nov 25 13:09:39 2017] <pgiarrusso> if you get often forall x, x = y -> P x, you should be able to match on it with match goal and apply some tactic
[Sat Nov 25 13:09:42 2017] <pgiarrusso> something like
[Sat Nov 25 13:10:57 2017] <tobiasBora> I'd like to know, I'd like to define a type "theory", that has several "instances", like "Inductive th1 : theorie := A : th1 42 | B : th1 43", and "Inductive th2 : theorie := C : th1 142 | D : th1 242". Then, I define a parametrize "Inductive proof (myth:theorie) : int -> Prop := ... | Axth : forall (x:myth) (n:int), x n -> proof n.". The problem is that this is not accepted. How could I say that "x" should be
[Sat Nov 25 13:11:00 2017] <tobiasBora> constructed by the constructors of th1 if myth is th1, and by the constructor of th2 if if myth is th2 ?
[Sat Nov 25 13:11:05 2017] <dh`> yes, but writing a custom ltac to just do that doesn't actually save any typing over "specialize (H _ eq_refl)"
[Sat Nov 25 13:11:29 2017] <benzrf> but what you _can_ do is write one that scans all your hypotheses and does it to the right ones automatically
[Sat Nov 25 13:11:46 2017] <benzrf> then you can do [induction whatever; scan_hyps]
[Sat Nov 25 13:13:25 2017] <dh`> right, I was asking if this tactic already existed
[Sat Nov 25 13:13:38 2017] <dh`> since it seems to me like a useful general-purpose tactic
[Sat Nov 25 13:13:50 2017] <dh`> since it doesn't, writing it is a second exercise
[Sat Nov 25 13:13:57 2017] <benzrf> well that was pgiarrusso's point
[Sat Nov 25 13:14:21 2017] <dh`> right, but it needs to be broader than just that
[Sat Nov 25 13:14:34 2017] <dh`> because there's also forall y, P y -> x = y -> ...
[Sat Nov 25 13:15:00 2017] <pgiarrusso> dh`: maybe context might help here
[Sat Nov 25 13:15:13 2017] <dh`> <dh`> anyway we need a real example to discuss this intelligently
[Sat Nov 25 13:15:27 2017] <dh`> I'll come back when I have one ready to hand :-/
[Sat Nov 25 13:15:31 2017] <benzrf> dh`: for this kind of [P y], this would just be something that can also be trivially proved, right?
[Sat Nov 25 13:15:37 2017] <benzrf> you're not looking to generate new obligations?
[Sat Nov 25 13:15:45 2017] <dh`> depends
[Sat Nov 25 13:15:55 2017] <dh`> what I'd like it to do is leave behind P y -> ...
[Sat Nov 25 13:16:03 2017] <benzrf> hmmmmmm
[Sat Nov 25 13:16:08 2017] <benzrf> actually i have an idea...
[Sat Nov 25 13:16:11 2017] <benzrf> let me see
[Sat Nov 25 13:16:14 2017] <pgiarrusso> tobiasBora: are you sure theorie isn’t just Set? That seems like a starting point
[Sat Nov 25 13:16:21 2017] <dh`> anyway bbl
[Sat Nov 25 13:18:15 2017] <pgiarrusso> benzrf: I’m thinking match goal with | H : forall x, context f [ x = ?y -> ?P ] => ... end
[Sat Nov 25 13:18:25 2017] <benzrf> ooh
[Sat Nov 25 13:18:30 2017] <benzrf> yeah i was thinking similar stuff
[Sat Nov 25 13:18:42 2017] <benzrf> :) https://i.imgur.com/5iOw78Y.png
[Sat Nov 25 13:18:50 2017] <pgiarrusso> but I’m less sure how to then call H with the right number of argument, I’d need to inspect f somehow?
[Sat Nov 25 13:19:33 2017] <tobiasBora> pgiarrusso: Hum, I'm not sure, how could I test it ?
[Sat Nov 25 13:19:38 2017] <pgiarrusso> benzrf: could you try dropping the `?` from `forall ?x,`
[Sat Nov 25 13:19:42 2017] <tobiasBora> because when I run this code I've something like 'The term "myth" has type "theorie" which should be Set, Prop, or Type.
[Sat Nov 25 13:19:44 2017] <benzrf> i did
[Sat Nov 25 13:20:27 2017] <pgiarrusso> tobiasBora: how did you define theorie? But maybe definitions aren’t expanded there
[Sat Nov 25 13:20:42 2017] <pgiarrusso> I’d just use Set
[Sat Nov 25 13:21:02 2017] <pgiarrusso> that should be enough for your example
[Sat Nov 25 13:21:03 2017] <tobiasBora> pgiarrusso: Definition theorie: int -> Prop.
[Sat Nov 25 13:21:27 2017] <pgiarrusso> That’s := ?
[Sat Nov 25 13:21:36 2017] <tobiasBora> yes sorry
[Sat Nov 25 13:22:52 2017] <pgiarrusso> but then, if (myth: theorie), myth is a type constructor not a type, so  (x: myth) is wrong
[Sat Nov 25 13:23:12 2017] <pgiarrusso> there you’d want forall (n: int) (x: myth n)
[Sat Nov 25 13:23:34 2017] <tobiasBora> yes it's wrong indeed, and I understand why, but I don't see how to correct it, because if I put (x: theorie), then I forget the fact that x should be a constructor of myth
[Sat Nov 25 13:23:49 2017] <tobiasBora> * is thinking
[Sat Nov 25 13:24:01 2017] <pgiarrusso> again, forall (n: int) (x: myth n)
[Sat Nov 25 13:24:16 2017] <pgiarrusso> in the Axth
[Sat Nov 25 13:24:42 2017] <pgiarrusso> tobiasBora: ^^
[Sat Nov 25 13:26:14 2017] <tobiasBora> pgiarrusso: Hum... Interesting. So here x will be of type "int -> Prop" or it will be the evaluation of "myth n" ?
[Sat Nov 25 13:27:31 2017] <pgiarrusso> tobiasBora: myth will have type int -> Prop, and x will have type myth n (and therefore, also its result)
[Sat Nov 25 13:28:02 2017] <pgiarrusso> I guess you used evaluation for “result” or “value”
[Sat Nov 25 13:28:09 2017] <pgiarrusso> (not sure it’s wrong but it sounds strange)
[Sat Nov 25 13:30:02 2017] <pgiarrusso> benzrf: ah, you forgot the | before H
[Sat Nov 25 13:30:59 2017] <pgiarrusso> benzrf: Coq accepts Ltac foo := match goal with | H : forall x, ?P x |- _ => idtac end.
[Sat Nov 25 13:31:56 2017] <pgiarrusso> benzrf: Coq’s parser, like OCaml’s, doesn’t have great error messages
[Sat Nov 25 13:32:01 2017] <pgiarrusso> at least I can use Coq
[Sat Nov 25 13:32:14 2017] <pgiarrusso> with OCaml I managed but it was always a struggle
[Sat Nov 25 13:32:52 2017] <pgiarrusso> (in OCaml’s defense, I learned the theory of ML modules before doing any programming in it, that’s bound to be frustrating)
[Sat Nov 25 13:42:17 2017] <tobiasBora> pgiarrusso: Hum, it kind of work, but too much, now it refuses to type when the property is wrong ^^ Here is the code: https://zb.phyks.me/?2cc8c6f382cfdb4c#GKke2NcxO7cHYjMS7nzqJGeXv2NYW4Eeq06+ujTmj2o=
[Sat Nov 25 13:42:37 2017] <tobiasBora> All the lines behave as expected, except for the line "Check (Axth th2 Zero C)."
[Sat Nov 25 13:43:02 2017] <tobiasBora> Because C is a constructor of th2, I would expect it to type, even if it reduces to "False"
[Sat Nov 25 13:45:31 2017] <pgiarrusso> tobiasBora: well, I fear then you have to take *two* different indexes m and n
[Sat Nov 25 13:46:40 2017] <pgiarrusso> also, wait
[Sat Nov 25 13:47:06 2017] <pgiarrusso> strictly speaking (as we should), there’s no definition there that reduces to False
[Sat Nov 25 13:47:47 2017] <pgiarrusso> I mean, Axth th2 Zero takes an argument of type th2 Zero
[Sat Nov 25 13:48:07 2017] <pgiarrusso> now th2 Zero does not reduce to false, but it is empty
[Sat Nov 25 13:50:11 2017] <pgiarrusso> you can try Axth: forall (n : int) (m : int) (x : myth m), proof myth n
[Sat Nov 25 13:50:35 2017] <pgiarrusso> and then later you can define an interpreter for proofs that says this proof is not valid unless m = n
[Sat Nov 25 13:50:38 2017] <tobiasBora> pgiarrusso: does that mean that I need to manually enter the "m" when I call Axth, like "Check (Axth th2 Zero (S (S Zero)) C )." (so that means that I know a value where C is valid ?) (Sorry if I say nonsense, it's quite unclear in my mind)
[Sat Nov 25 13:51:02 2017] <pgiarrusso> tobiasBora: with that definition yes
[Sat Nov 25 13:51:40 2017] <pgiarrusso> this is quite correct
[Sat Nov 25 13:51:41 2017] <pgiarrusso> one can change things to make sure that m is inferred automatically from x, for convenience
[Sat Nov 25 13:52:07 2017] <pgiarrusso> the language feature for that is called “implicit arguments”
[Sat Nov 25 13:52:45 2017] <pgiarrusso> but I’m not sure exactly how it works, I use it and it does something sensible, but I’d rather not explain it
[Sat Nov 25 13:53:20 2017] <pgiarrusso> but I think if you give the command Set Implicit Arguments before that, probably you won’t have to write the m arguments when calling Axth
[Sat Nov 25 13:54:20 2017] <tobiasBora> pgiarrusso: Hum... If I do that, it fails to type check
[Sat Nov 25 13:54:44 2017] <tobiasBora> it thinks that the x is the dummy "m" value
[Sat Nov 25 13:55:30 2017] <pgiarrusso> Did you add Set Implicit Arguments *before* the definition?
[Sat Nov 25 13:55:43 2017] <pgiarrusso> (like, beginning of the file)
[Sat Nov 25 13:55:58 2017] <tobiasBora> yes
[Sat Nov 25 13:56:19 2017] <pgiarrusso> OK, then ignore what I said on how to use implicit arguments
[Sat Nov 25 13:56:43 2017] <pgiarrusso> either don’t use them and pass m, ask somebody else, or google them
[Sat Nov 25 13:57:03 2017] <tobiasBora> ok thanks
[Sat Nov 25 13:57:20 2017] <tobiasBora> But maybe I'm trying to do the wrong thing.
[Sat Nov 25 13:58:42 2017] <pgiarrusso> “making m implicit” makes sense
[Sat Nov 25 13:59:03 2017] <pgiarrusso> but I’m less sure on “allowing m and n to be different”
[Sat Nov 25 13:59:22 2017] <pgiarrusso> I mean, you are defining a datatype of proofs
[Sat Nov 25 13:59:30 2017] <pgiarrusso> (that’s what the type is called)
[Sat Nov 25 13:59:55 2017] <pgiarrusso> if you don’t have both m and n, that type will only contain valid proofs, it seems
[Sat Nov 25 14:00:05 2017] <pgiarrusso> instead of having invalid ones that somehow “reduce to False”
[Sat Nov 25 14:00:32 2017] <pgiarrusso> and “have only valid proofs” is often an advantage of using dependent types
[Sat Nov 25 14:01:57 2017] <pgiarrusso> However, having *datatypes* indexed by numbers, as you do, can get tricky in Coq when you do proofs — I’m no expert, but lots of old tactics work less well on those types, you often need the “dependent” variants from Sozeau
[Sat Nov 25 14:07:42 2017] <benzrf> dh`, pgiarrusso: repeat match goal with H : forall x : ?T, @?P x |- _ => let x := fresh in evar (x : T); specialize (H x); match type of H with context [x = ?y -> _] => instantiate (x:=y); subst x end end.
[Sat Nov 25 14:07:52 2017] <benzrf> that should be half of the functionality :')
[Sat Nov 25 14:08:35 2017] <benzrf> it will instantiate vars and turn the equations into trivial equations -
[Sat Nov 25 14:08:42 2017] <benzrf> but it doesnt clear the trivial equations as hypotheses
[Sat Nov 25 14:08:47 2017] <benzrf> but i seriously have to go so im leaving it there
[Sat Nov 25 14:08:57 2017] <pgiarrusso> benzrf: cool
[Sat Nov 25 14:09:08 2017] <benzrf> hmm also the "@?P x" could probably be replaced with just _
[Sat Nov 25 14:09:19 2017] <benzrf> its left over from another pass
[Sat Nov 25 14:10:39 2017] <benzrf> oh and it needs another clause for equalities w/ the variable on the right
[Sat Nov 25 14:10:53 2017] <pgiarrusso> ah, in the match type
[Sat Nov 25 14:43:10 2017] <tobiasBora> pgiarrusso: Ok, maybe it would be enough even if it does not type when the properties are different... I also found another way to do what I want. Thank you very much for your help
[Sat Nov 25 14:45:30 2017] <sud> what's a good strategy to do inversion on hypotheses in Ltac (so that it does not loop and only do inversion on "useful" things)
[Sat Nov 25 14:46:45 2017] <pgiarrusso> sud: +1, I had the same problem
[Sat Nov 25 14:47:59 2017] <pgiarrusso> I don’t have a good general solution
[Sat Nov 25 14:48:03 2017] <pgiarrusso> but in some project I ended up with
[Sat Nov 25 14:49:00 2017] <pgiarrusso> Ltac inversion_clear_some := simpl in *; match goal with | H : Some ?x = Some ?y |- _ => inversion_clear H; subst end.
[Sat Nov 25 14:49:16 2017] <pgiarrusso> I also had variants using tlc’s inverts tactic
[Sat Nov 25 14:49:27 2017] <pgiarrusso> but *nothing* was always robust
[Sat Nov 25 14:50:00 2017] <pgiarrusso> so sometimes I had to use inversion instead of inversion_clear, because otherwise I’d lose information
[Sat Nov 25 14:50:33 2017] <pgiarrusso> in the tactic above, using `repeat` before `match goal` won’t loop
[Sat Nov 25 14:50:59 2017] <pgiarrusso> but IIRC inversion_clear might still lose information
[Sat Nov 25 14:51:41 2017] <pgiarrusso> But I’m still a newbie, so I’m mostly joining your question
[Sat Nov 25 14:56:20 2017] <sud> what about inversion H; [idtac]; clear H?
[Sat Nov 25 14:56:27 2017] <sud> found in https://jozefg.bitbucket.io/posts/2014-07-09-dissecting-crush.html
[Sat Nov 25 14:59:00 2017] <pgiarrusso> sud: no clue, what should [idtac] do? looking up
[Sat Nov 25 14:59:21 2017] <sud> pgiarrusso: idtac is a tactic that does nothing
[Sat Nov 25 15:00:07 2017] <pgiarrusso> I get that, but what’s the point there? [idtac] must do something I guess
[Sat Nov 25 15:00:09 2017] <sud> from the web page: Remember that [t | t' | t''] is a tactic that runs t on the first subgoal, t’ on the second, and so on. If the number of goals don’t match, [] will fail. So [idtac] is just a clever way of saying “there’s only one new subgoal”.
[Sat Nov 25 15:01:06 2017] <sud> so you only do inversion if it does not add more subgoals
[Sat Nov 25 15:01:24 2017] <pgiarrusso> right, makes sense
[Sat Nov 25 15:04:18 2017] <sud> pgiarrusso: oh that fails if the inversion succeeds in solving the goal and has 0 subgoals
[Sat Nov 25 15:05:05 2017] <pgiarrusso> does it? really? shouldn’t Coq just stop the Ltac program then?
[Sat Nov 25 15:05:18 2017] <pgiarrusso> but then you can add a try solve [inversion H] before
[Sat Nov 25 15:06:31 2017] <pgiarrusso> or rather, follow the webpage more closely
[Sat Nov 25 15:06:48 2017] <pgiarrusso> see the `(inversion H; fail) ||` bit and its explanation
[Sat Nov 25 15:07:17 2017] <pgiarrusso> OK, so it sounds like I should just be using (pieces of) crush there
[Sat Nov 25 15:10:55 2017] <sud> pgiarrusso: yes it fails
[Sat Nov 25 15:11:10 2017] <sud> but I don't understand that part  inList F invOne;
[Sat Nov 25 15:11:36 2017] <pgiarrusso> me neither — at least there’s text about it
[Sat Nov 25 15:12:16 2017] <pgiarrusso> anyway: I’m also a newbie, should probably study it some other time, gotta go now :-|
[Sat Nov 25 15:13:31 2017] <pgiarrusso> (also, even though I realize it’s hard, I keep being disappointed by how much work one needs to do on top of raw tactics to make them actually convenient to use. It... works, but it all feels so primitive)
[Sat Nov 25 15:13:46 2017] <pgiarrusso> which is why I guess “use crush” is probably decent advice
[Sat Nov 25 15:14:30 2017] <sud> ah, invOne is a list of predicates on which we allow inversion
[Sat Nov 25 15:26:01 2017] <sud> but I would have to explicitly pass that list everytime I add a new constructor
[Sat Nov 25 15:27:32 2017] <pgiarrusso> sud: well, crush has a builtin list
[Sat Nov 25 15:27:59 2017] <sud> they use the empty list
[Sat Nov 25 15:28:19 2017] <sud> (Ltac crush := crush' false fail.)
[Sat Nov 25 15:29:51 2017] <sud> basically I am defining many inductive relations, and I don't want to have to redefine my tactics every time; I'd like to be able to easily change the list when defining a new relation
[Sat Nov 25 15:30:20 2017] <pgiarrusso> aah wait
[Sat Nov 25 15:30:32 2017] <pgiarrusso> invOne is a list of blacklisted things
[Sat Nov 25 15:31:12 2017] <pgiarrusso> > First we run the inList predicate, meaning that we don’t invert upon anything that we don’t want to
[Sat Nov 25 15:31:20 2017] <pgiarrusso> sud: ^^
[Sat Nov 25 15:31:47 2017] <sud> pgiarrusso: no I think it's a white list
[Sat Nov 25 15:32:11 2017] <pgiarrusso> the entire textbook using crush *never* uses crush’
[Sat Nov 25 15:32:34 2017] <pgiarrusso> and the text pretty clearly says it’s a blacklist — it might be wrong of course
[Sat Nov 25 15:32:38 2017] <pgiarrusso> but that would be more confusing
[Sat Nov 25 15:32:51 2017] <pgiarrusso> but I don’t get how it works either
[Sat Nov 25 15:34:18 2017] <sud> pgiarrusso: in the book it's described as a white list, also the definition inList definitely checks that the constructor is in the list
[Sat Nov 25 15:34:40 2017] <sud> from the book "The second argument is a list of predicates on which inversion should be attempted automatically."
[Sat Nov 25 15:35:08 2017] <sud> I think the website meant that "we don't want to invert on stuff outside the white list"
[Sat Nov 25 15:35:27 2017] <sud> though I don't understand how crush works so well if it doesn't do inversion by default
[Sat Nov 25 15:37:38 2017] <pgiarrusso> sud: OK, sorry, you’re right
[Sat Nov 25 15:38:37 2017] <pgiarrusso> maybe it does inversion elsewhere — and it does handle a few special cases specially
[Sat Nov 25 15:38:57 2017] <pgiarrusso> (say, it uses injection on Some, below)
[Sat Nov 25 15:39:24 2017] <pgiarrusso> still: the core advice of the book is “write your own automation”
[Sat Nov 25 15:39:47 2017] <pgiarrusso> (IIUC)
[Sat Nov 25 15:39:57 2017] <sud> yes trying to :) right now my tactic loops forever because it does inversion on equality
[Sat Nov 25 15:40:00 2017] <pgiarrusso> (haven’t read that part closely, only the intro, and bits and pieces)
[Sat Nov 25 15:40:13 2017] <sud> and it things it's doing progress
[Sat Nov 25 15:40:22 2017] <sud> thinks*
[Sat Nov 25 15:40:59 2017] <pgiarrusso> uh, maybe you want to blacklist equality then? only use injection there somehow?
[Sat Nov 25 15:41:59 2017] <sud> i'll look up injection I didn't know that thanks
[Sat Nov 25 15:45:57 2017] <pgiarrusso> me neither honestly
[Sat Nov 25 15:59:58 2017] <sud> trying to make sense of inList
[Sat Nov 25 16:00:27 2017] <sud> given some definition f, inList f f fails
[Sat Nov 25 16:02:22 2017] <sud> inList idtac idtac as well
[Sat Nov 25 16:05:44 2017] <pgiarrusso> the text suggests it takes lemmas, but I’m not sure it’s true
[Sat Nov 25 16:06:19 2017] <pgiarrusso> (I mean, that blog is cool but full of typos, so I’m not sure the details are necessarily extremely accurate — which is OK for a blog I guess)
[Sat Nov 25 16:10:27 2017] <sud> inList f (f) worked in the end I think
[Sat Nov 25 16:17:59 2017] <sud> anyone knows how to have local (non recursive) definitions automatically unfolded?
[Sat Nov 25 17:56:18 2017] <tobiasBora> Hum... Is it possible in coq to generate a new variable to generate a Prop ?
[Sat Nov 25 18:38:35 2017] <anonlastname> How do I prove that [forall (n : nat), n = n \/ S n = n]?
[Sat Nov 25 18:39:02 2017] <johnw> intros; left; reflexivity.
[Sat Nov 25 18:39:13 2017] <johnw> or just "auto" or "intuition" should do it
[Sat Nov 25 18:39:27 2017] <anonlastname> Ah thank you I didn't know about that tactic
[Sat Nov 25 18:39:35 2017] <johnw> intuition is very handy, but it can be slow
[Sat Nov 25 18:39:39 2017] <johnw> if it is, try "intuition idtac"
[Sat Nov 25 18:40:21 2017] <anonlastname> I meant I didn't know about the left tactic but thanks anyways
[Sat Nov 25 18:40:25 2017] <johnw> ah, ok
[Sat Nov 25 18:40:33 2017] <johnw> left works with any 2 constructor type
[Sat Nov 25 22:42:19 2017] <dh`> what's the equivalent of Print for ltac bits?
[Sun Nov 26 00:07:00 2017] <Cypi> dh` : `Print Ltac foo.`
[Sun Nov 26 03:03:13 2017] <pgiarrusso> sud_: Coq’s reference manual suggests to *not* use inversion so lightly, because it creates large proofs, and to save inversion lemmas instead
[Sun Nov 26 03:04:32 2017] <pgiarrusso> in programming languages you often see *books* state inversion lemmas Iaxh, even when
[Sun Nov 26 03:04:35 2017] <pgiarrusso> sorry
[Sun Nov 26 03:05:02 2017] <pgiarrusso> books state inversion lemmas, *say for typing relations* (say, TAPL)
[Sun Nov 26 03:05:31 2017] <pgiarrusso> sometimes even when they’re trivial
[Sun Nov 26 03:06:51 2017] <pgiarrusso> sud_: maybe *that* is why crush uses inversion carefully
[Sun Nov 26 03:52:22 2017] <pgiarrusso> sud_: comments on inversion_sigma here seem maybe interesting: https://coq.inria.fr/library/Coq.Init.Tactics.html
[Sun Nov 26 06:29:07 2017] <tobiasBora> Hello,
[Sun Nov 26 06:33:00 2017] <tobiasBora> I'd like to convert a formula into my own type into a Prop. Is it possible to generate fresh variables that I can pass in argument ? With something like "let meta_var = new metavar, let p = get_prop(A, m::meta_var), forall meta_var, p" ?
[Sun Nov 26 06:33:22 2017] <tobiasBora> s/into my own type/from my own type
[Sun Nov 26 06:33:55 2017] <tobiasBora> or to index variables by array
[Sun Nov 26 06:34:47 2017] <tobiasBora> Like, I have a list of variable name, and I can do something like my_var_list[0] to refer to the first variable
[Sun Nov 26 06:35:17 2017] <tobiasBora> and then write "forall my_var_list[0], my_var_list[0] \/ my_var_list[1]"
[Sun Nov 26 06:36:58 2017] <tobiasBora> which would be equivalent to "forall a, a \/ b : Prop"
[Sun Nov 26 07:01:17 2017] <tobiasBora> I provide here an example: https://stackoverflow.com/questions/47495923/coq-meta-programming-generate-fresh-variable
[Sun Nov 26 08:19:36 2017] <tobiasBora> Ok problem solved
[Sun Nov 26 08:32:31 2017] <sud> I have two mutually recursive functions define with Fixpoint ... with ..., but Coq cannot guess the decreasing argument. I have a (nat) measure on the arguments of the functions; can I specify this measure to Coq, without changing too much the syntax of my program? (and then I'll have to prove that the measure decreases on each recursive call)
[Sun Nov 26 08:40:14 2017] <lyxia> sud: use Program Fixpoint
[Sun Nov 26 08:42:31 2017] <sud> lyxia: I got "Well-founded fixpoints not allowed in mutually recursive blocks"
[Sun Nov 26 09:01:29 2017] <lyxia> That's unfortunate.
[Sun Nov 26 09:03:13 2017] <lyxia> Can you pick a single function to define with Program Fixpoint, and make the others parameterized by it?
[Sun Nov 26 09:05:36 2017] <lyxia> sud: http://lpaste.net/360257 for example
[Sun Nov 26 09:06:49 2017] <sud> yes that would work, thanks!
[Sun Nov 26 09:14:03 2017] <pgiarrusso> lyxia: uh, it’s surprising that typechecks! It must be Russell’s type rules?
[Sun Nov 26 09:14:12 2017] <pgiarrusso> I get why that definition makes sense
[Sun Nov 26 09:14:37 2017] <pgiarrusso> But it’s less obvious that you can use even at that type
[Sun Nov 26 09:15:00 2017] <pgiarrusso> Also, wished that Program’s documentation showed such an example
[Sun Nov 26 09:22:17 2017] <lyxia> pgiarrusso: Well-founded fixpoints make the recursive occurence of even have that type
[Sun Nov 26 09:24:00 2017] <pgiarrusso> Yeah, but that’s usually hidden, so I wonder on the typing rules
[Sun Nov 26 09:24:15 2017] <pgiarrusso> I should look for them
[Sun Nov 26 09:45:21 2017] <sud> can I use a lexicographic ordering for a measure?
[Sun Nov 26 09:46:52 2017] <sud> (my function L1 L2 calls itself on L1' L2' where L1' is a subterm of L1, or (L1' = L1 and L2' is a subterm of L2)
[Sun Nov 26 10:05:28 2017] <anonlastname> I know that you can prove [a = b] from a proven hypothesis of [S a = S b], but how do you simplify a goal of [S a = S b] to [a = b]?
[Sun Nov 26 10:05:53 2017] <anonlastname> that is, you can prove it from a proven hypothesis using the injection tactic
[Sun Nov 26 10:07:37 2017] <Cypi> You can use the tactic `f_equal`
[Sun Nov 26 10:11:29 2017] <anonlastname> thanks
[Sun Nov 26 10:17:57 2017] <lyxia> sud: http://lpaste.net/360262 (Obligation 1 is the proof that the measure is WF) I don't know how to make this simpler though.
[Sun Nov 26 10:29:06 2017] <sud> thanks!
[Mon Nov 27 16:57:44 2017] <bor0> I'm playing around with Coq and I have: Axiom test : Set. Axiom member : test. how can I start proving Theorem cardinality_set : (forall i : test, member = i). ? I was thinking intros/rewrite combination but seems it's not that simple?
[Mon Nov 27 16:58:06 2017] <bor0> (skip the theorem name, it was from something I experimented previously)
[Mon Nov 27 17:09:02 2017] <pgiarrusso> sud: such consistency bugs are fixed quickly, googling `coq proof false` leads to https://news.ycombinator.com/item?id=9259790 for the last instance
[Mon Nov 27 17:09:56 2017] <Cypi> The last more serious bug was this one I think https://sympa.inria.fr/sympa/arc/coq-club/2013-12/msg00119.html
[Mon Nov 27 17:10:21 2017] <Cypi> it didn't make Coq inconsistent by itself, but it made it inconsistent with propositional extensionality, which is wrong
[Mon Nov 27 17:11:07 2017] <sud> thanks for the references!
[Mon Nov 27 17:11:20 2017] <Cypi> bor0: I don't think you can prove this.
[Mon Nov 27 17:11:34 2017] <bor0> why? member is the only axiom of test
[Mon Nov 27 17:12:15 2017] <Cypi> And yet you cannot prove that. I lack the experience to explain this properly, but I'm quite certain of it
[Mon Nov 27 17:12:30 2017] <Cypi> basically, you asserted that `test` is a type, but you know absolutely nothing about it
[Mon Nov 27 17:12:41 2017] <Cypi> so you don't know if it's empty or not or anything else
[Mon Nov 27 17:13:03 2017] <Cypi> Then you assert that `member` has type `test`. Now you know one element in `test`, but still, that's all you know about `test`.
[Mon Nov 27 17:13:10 2017] <sud> bor0: I think you want Inductive test: Set := | member: test
[Mon Nov 27 17:14:02 2017] <Cypi> With what sud said, `test` is defined much more precisely: this is the inductive type with one constructor called `member`, so you can prove that this is the only value in that type.
[Mon Nov 27 17:14:21 2017] <Cypi> (because an inductive type is defined as the least fixpoint of a monotonous operator blah blah)
[Mon Nov 27 17:14:42 2017] <sud> (then you will need to use destruct i or induction i to prove your theorem)
[Mon Nov 27 17:14:55 2017] <sud> (sorry I have to go)
[Mon Nov 27 17:15:44 2017] <bor0> ahh that works, thank you!
[Mon Nov 27 17:25:42 2017] <bor0> given IH: max (max a b) c = max a (max b c), what tactics can I use to prove max (max (S a) b) c = max (S a) (max b c)? I believe it's something around rewrite?
[Mon Nov 27 17:26:05 2017] <bor0> I'm experimenting with Coq, trying to prove (max (max a b) c) = (max a (max b c)) :D
[Mon Nov 27 17:26:25 2017] <Cypi> `rewrite IH` should do it, right?
[Mon Nov 27 17:26:37 2017] <bor0> Found no subterm matching "Nat.max (Nat.max a b) c" in the current goal. *shrug*
[Mon Nov 27 17:26:42 2017] <Cypi> Oh wait, nevermind x)
[Mon Nov 27 17:26:47 2017] <bor0> I've already tried that :D
[Mon Nov 27 17:27:04 2017] <bor0> I need to rewrite a to (S a) in my IH, and then use exact IH
[Mon Nov 27 17:27:05 2017] <Cypi> So, IH speaks exactly of `a`, not `S a`
[Mon Nov 27 17:27:24 2017] <Cypi> What you need to do is somehow extract the S in your goal
[Mon Nov 27 17:27:28 2017] <pgiarrusso> bet: you need to generalize more variables before doing induction
[Mon Nov 27 17:27:33 2017] <Cypi> if you just `simpl`, what does it look like?
[Mon Nov 27 17:27:55 2017] <pgiarrusso> bor0: IH comes from induction I’m guessing?
[Mon Nov 27 17:28:01 2017] <bor0> a huge block of Nat.max match b with, looks scary
[Mon Nov 27 17:28:07 2017] <bor0> pgiarrusso, yea. I can show the full code I have if you want
[Mon Nov 27 17:28:28 2017] <bor0> I use double induction. I'm probably doing something wrong :)
[Mon Nov 27 17:28:50 2017] <pgiarrusso> I’m on a hurry, but I think you need to have a more general induction hypothesis, that’s a common problem
[Mon Nov 27 17:28:55 2017] <pgiarrusso> or, it depends on the goal
[Mon Nov 27 17:29:12 2017] <pgiarrusso> but if you have forall a b c and do intro
[Mon Nov 27 17:29:26 2017] <bor0> yeah I have that
[Mon Nov 27 17:29:32 2017] <pgiarrusso> you probably need to move back forall X in the goal, where X is anything you don’t do induction on
[Mon Nov 27 17:29:47 2017] <pgiarrusso> or, well, for that goal
[Mon Nov 27 17:29:52 2017] <pgiarrusso> you’d need to have forall a, ...
[Mon Nov 27 17:30:10 2017] <pgiarrusso> so that IH becomes general enough to be usable on S a
[Mon Nov 27 17:30:33 2017] <bor0> http://lpaste.net/360311
[Mon Nov 27 17:30:48 2017] <pgiarrusso> caveat: I don’t know if this is your problem, but this is the recipe for 90% of similar cases
[Mon Nov 27 17:31:41 2017] <bor0> whoops, I forgot to paste 2 axioms I'm using. if you don't see them please refresh the paste
[Mon Nov 27 17:32:03 2017] <Cypi> Since I'm guessing this is an induction on a, it won't be usable directly on `S a`. However pgiarrusso is right, it will be better if you generalize a bit.
[Mon Nov 27 17:32:21 2017] <Cypi> So when you do your induction (on `a` for instance), make sure that `b` and `c` are still in the goal
[Mon Nov 27 17:32:25 2017] <bor0> I can probably prove the axioms to be theorems but I can do that later. focused on the main theorem for now
[Mon Nov 27 17:32:44 2017] <pgiarrusso> Cypi is right, if you do induction on a you can’t have “forall a” in your hypothesis
[Mon Nov 27 17:33:22 2017] <bor0> what should I have in my hypothesis instead?
[Mon Nov 27 17:33:23 2017] <Cypi> Also, if `max` is the one defined in the stdlib, you won't need any axiom
[Mon Nov 27 17:33:24 2017] <pgiarrusso> in fact, during induction on a, you can’t have your hypothesis hold on S a
[Mon Nov 27 17:33:38 2017] <pgiarrusso> that would mean proving the thesis using itself
[Mon Nov 27 17:33:45 2017] <pgiarrusso> that would be circular
[Mon Nov 27 17:33:53 2017] <Cypi> (I mean, you won't need to prove anything else, you can do the whole proof with intros/induction/destruct/rewrite/reflexivity)
[Mon Nov 27 17:33:54 2017] <bor0> ow. I see.
[Mon Nov 27 17:34:17 2017] <bor0> so if I were doing this by hand manually, I'd probably use cases for a > b, b > c, etc. can I approach it like that in Coq?
[Mon Nov 27 17:34:24 2017] <pgiarrusso> you need to modify your goal (by simplification) so that it turns into something else
[Mon Nov 27 17:34:47 2017] <pgiarrusso> I gotta go now, but others should be able to help you
[Mon Nov 27 17:34:53 2017] <bor0> thanks for the help!
[Mon Nov 27 17:34:57 2017] <pgiarrusso> but you’ll need to say which definition of max you are using ;-)
[Mon Nov 27 17:35:17 2017] <bor0> I believe it's Nat.max, the one built-in
[Mon Nov 27 17:36:15 2017] <Cypi> Then you can do it without much trouble with a simple induction
[Mon Nov 27 17:36:40 2017] <Cypi> If you want to use cases as you were saying, you can probably do it too. You will need to use something like `le_dec` to reason by cases
[Mon Nov 27 17:36:52 2017] <Cypi> and you will need some lemmas about how `max` behaves with respect to inequalities
[Mon Nov 27 17:37:14 2017] <Cypi> (these lemmas probably exist already in the stdlib I would guess, since it's basically the specification of the function max)
[Mon Nov 27 17:37:22 2017] <bor0> ok, so this doesn't seem to be as simple as I thought for a Coq beginner. I should probably move to simpler stuff :D
[Mon Nov 27 17:37:35 2017] <Cypi> Doing it by induction is simple enough!
[Mon Nov 27 17:37:47 2017] <bor0> is it similar to what I already had approached?
[Mon Nov 27 17:37:48 2017] <Cypi> It's nearly as simple as proving the associativity of addition, the proof is really quite similar
[Mon Nov 27 17:38:16 2017] <Cypi> So, first of all, as we were saying, keep `b` and `c` in the goal before doing the induction on `a`.
[Mon Nov 27 17:38:34 2017] <Cypi> Then, you will not need to do a second induction, you can just `destruct b` instead of `induction b`
[Mon Nov 27 17:38:34 2017] <bor0> ah! so intro them at a later stage
[Mon Nov 27 17:39:07 2017] <Cypi> Finally, don't hesitate to simplify the goal to see what it looks like, and if there is a `match x with ... end`, you can try to `destruct x`, it will probably help
[Mon Nov 27 17:42:38 2017] <bor0> lol I proved it. by randomly trying combinations of simpl/reflexivity/destruct
[Mon Nov 27 17:42:58 2017] <bor0> can you explain to me what `match x with ... end` is, and why destruct "cures" it?
[Mon Nov 27 17:44:10 2017] <Cypi> `match x with ... end` is a term that allows to destruct `x`. So, in your case where `x` is an integer, you would write something like `match x with O => term1 | S n => term2 end.`. This term will reduce to `term1` if x is O, and to `term2` if x is some `S n`.
[Mon Nov 27 17:45:05 2017] <Cypi> Now, on the side of tactics, `destruct x` will do exactly this: since `x` is a `nat`, it can only be either O or some `S n`. Therefore it will generate two subgoals, one where `x` has been replaced by O, and one where `x` has been replaced by `S n`
[Mon Nov 27 17:45:27 2017] <Cypi> This will simplify the `match x with ... end` because now `x` is a constructor
[Mon Nov 27 17:47:49 2017] <bor0> ow, I remember now. I used destruct in proving A /\ B -> A earlier. so it basically splits a goal in two subgoals
[Mon Nov 27 17:48:12 2017] <Cypi> It depends on the number of constructors of what you destruct
[Mon Nov 27 17:48:34 2017] <bor0> yeah. that's the more general version, you are right. I kept thinking about A /\ B
[Mon Nov 27 17:48:37 2017] <Cypi> If you destrct `H : A /\ B` you will only have one subgoal, because the `and` inductive type has only 1 constructor
[Mon Nov 27 17:48:59 2017] <Cypi> On the other hand, if you destruct `H : A \/ B`, you will end up with two subgoals
[Mon Nov 27 17:49:54 2017] <bor0> e.g. Inductive test: Set := | member: test. in this case, a constructor is `member`, correct?
[Mon Nov 27 17:50:03 2017] <Cypi> correct
[Mon Nov 27 17:59:50 2017] <bor0> thanks Cypi! is there another tutorial for starters you'd recommend, besides Mike Nahas' one?
[Mon Nov 27 18:01:32 2017] <Cypi> I used Software Foundations to learn Coq
[Mon Nov 27 18:01:52 2017] <Cypi> I had a bit of background in functional programming (like OCaml) which certainly helped
[Mon Nov 27 18:02:58 2017] <bor0> ah, yeah. I've seen that one
[Mon Nov 27 19:22:07 2017] <tobiasBora> Hum, I'm using something like "induction x; try solve [... induction y. a. big b ....]. The problem is that in the solve I'm not allowed to use ".", only ";" seems to be allowed. How could I do, because here I really want to do a ".". I though I may use nested solve, but I'm not sure it's the best way to proceed since I know how to solve each single branch.
[Mon Nov 27 19:23:21 2017] <tobiasBora> or maybe ( ... + ...) ?
[Mon Nov 27 19:29:38 2017] <tobiasBora> And also the induction fails with an error "Error: The reference x was not found in the current environment.". If I run "intro x" before, then the intro also fail with the error Ltac call to "intro (ident)" failed.
[Mon Nov 27 19:29:41 2017] <tobiasBora> Error: No product even after head-reduction.
[Mon Nov 27 19:30:43 2017] <tobiasBora> (while if I replace the ";" with "." it works with no error)
[Mon Nov 27 19:31:27 2017] <lyxia> tobiasBora: tac0; [tac1 | tac2 | ... | tacN] applies taci to the i-th goal generated by tac0
[Mon Nov 27 19:37:56 2017] <pgiarrusso> tobiasBora: the main reason to use solve is in automated proofs, so that it fails when its argument tactic is not enough — but then, no reason for a dot in solve’s argument.
[Mon Nov 27 19:38:37 2017] <pgiarrusso> tobiasBora: also, `induction x; solve [t1. t2. t3]` would stop between `t1`, `t2`, `t3` in *each case arising from `induction`
[Mon Nov 27 19:38:37 2017] <tobiasBora> Ok thank you! I think I understood why it failed, I need to check it
[Mon Nov 27 19:39:14 2017] <pgiarrusso> if you want to look at things carefully, it always works to replace `t1; t2` with `t1. <many copies of t2>`
[Mon Nov 27 19:39:47 2017] <tobiasBora> pgiarrusso: yes, that's why I wanted to avoid to use two solved. But for the first one, I want to do that because I've lot's of goals that are solved in the same way in my 20 goals.
[Mon Nov 27 19:40:14 2017] <pgiarrusso> the failures you’re seeing are probably because the different goals produced by `induction` have different shapes
[Mon Nov 27 19:40:17 2017] <pgiarrusso> `try` can help
[Mon Nov 27 19:40:45 2017] <pgiarrusso> if you have that many goals, and you already want to try automating the proof, *maybe* you want to use the Ltac debugging facilities
[Mon Nov 27 19:40:55 2017] <pgiarrusso> but I read they are not easy to use
[Mon Nov 27 19:41:21 2017] <pgiarrusso> also, if you’re getting started, maybe it’s easier at the beginning to just use copy-paste instead of automation
[Mon Nov 27 19:41:40 2017] <pgiarrusso> once you have a non-automated proof that works, you can try automating it
[Mon Nov 27 19:41:56 2017] <tobiasBora> pgiarrusso: yes, that's what I did first
[Mon Nov 27 19:42:01 2017] <pgiarrusso> (in fact, I’ve seen that recommended also for experienced users)
[Mon Nov 27 19:42:22 2017] <tobiasBora> now my "non automated proof" works (at least for 2 subgoals ^^) and I want to factor it
[Mon Nov 27 19:43:06 2017] <pgiarrusso> ah OK, sorry
[Mon Nov 27 19:43:18 2017] <tobiasBora> no problem, I like advices
[Mon Nov 27 19:43:54 2017] <tobiasBora> but maybe I should try to factor is using Lemma, I'm not sure if it's usual to have such a big proof.
[Mon Nov 27 19:44:06 2017] <tobiasBora> (and I already use some lemma)
[Mon Nov 27 19:44:22 2017] <pgiarrusso> well, lemmas are at least readable :-)
[Mon Nov 27 19:44:29 2017] <pgiarrusso> you can read the statement
[Mon Nov 27 19:44:50 2017] <pgiarrusso> proof scripts... aren’t really readable
[Mon Nov 27 19:53:04 2017] <tobiasBora> yes, I've always tought that reading the code of someone else was quite difficult. But in coq it's not even possible ;)
[Mon Nov 27 19:54:48 2017] <tobiasBora> Hum the a ; [b | c] syntax is really nice, it makes the code much more readable.
[Mon Nov 27 19:55:16 2017] <tobiasBora> Do you know if it's possible to naviguate in this syntax "line by line" instead of evaluating the whole structure at once?
[Mon Nov 27 19:58:05 2017] <lyxia> I would also like to know.
[Mon Nov 27 20:00:15 2017] <pgiarrusso> I’ve never found such a thing, except for https://coq.inria.fr/refman/ltac.html#sec501
[Mon Nov 27 20:00:27 2017] <pgiarrusso> (and I’ve never used it)
[Mon Nov 27 20:01:04 2017] <pgiarrusso> so Chlipala advices to not try reading proof scripts, and declare lemmas for interesting steps
[Mon Nov 27 20:01:46 2017] <pgiarrusso> meanwhile, if you want to split tactics by goals, using “bullets” can be useful
[Mon Nov 27 20:02:03 2017] <tobiasBora> bullets ?
[Mon Nov 27 20:04:51 2017] <pgiarrusso> there’s an example at Sec. 7.2.7 of https://coq.inria.fr/refman/proof-handling.html#sec331
[Mon Nov 27 20:05:06 2017] <pgiarrusso> but basically, you can write sort of nested bulleted lists
[Mon Nov 27 20:05:12 2017] <pgiarrusso> to group your tactics
[Mon Nov 27 20:05:25 2017] <pgiarrusso> you write - to focus on the first goal
[Mon Nov 27 20:05:37 2017] <pgiarrusso> and you can write `-` again only when that goal is done
[Mon Nov 27 20:05:42 2017] <tobiasBora> And Set Ltac Debug is nice, it's just too bad that it's not possible to stay at the "user level", instead of going deep in the ltacs.
[Mon Nov 27 20:07:37 2017] <pgiarrusso> BTW, you can nest bullets, with +, then *, then — and so on
[Mon Nov 27 20:07:43 2017] <pgiarrusso> and there’s support for automatic indentation
[Mon Nov 27 20:08:41 2017] <tobiasBora> woahh great, and it's even supported by emacs :D
[Mon Nov 27 20:10:49 2017] <tobiasBora> Can it replace the [ ... | ... ] ? ^^'
[Mon Nov 27 20:24:51 2017] <tobiasBora> Is it possible to replace " (rewrite .... a ....; rewrite ..... b .....) + (rewrite .... c ....; rewrite ..... d.....)" by a function . I tried "let myrewrite x := rewrite .... x .... in ((myrewrite a; myrewrite b) + (myrewrite c; myrewrite d)."
[Mon Nov 27 20:24:55 2017] <tobiasBora> but it fails...
[Mon Nov 27 20:26:48 2017] <tobiasBora> (if it can help: Syntax error: 'type' 'of' expected after '(' (in [hypident]).)
[Mon Nov 27 20:29:26 2017] <lyxia> Ltac my_rewrite x := rewrite .... x .... .
[Mon Nov 27 20:32:21 2017] <tobiasBora> The Ltac syntax also give me an error : Syntax error: ']' expected after [tactic_then_gen] (in [tactic:tactic_expr]).
[Mon Nov 27 20:32:49 2017] <tobiasBora> (I use it inside a [ ... ] structure, maybe I cannot ?)
[Mon Nov 27 20:33:56 2017] <tobiasBora> (and I don't really want to define it before, because else the variables inside myrewrite won't exist)
[Mon Nov 27 20:44:54 2017] <tobiasBora> (and by the way, the bullets are so nice !)
[Mon Nov 27 21:13:26 2017] <tobiasBora> Is it possible to ask to coq to check if a property seems to be true, by trying to evaluate for random values, and some importants values, like 0, and 1 ? For now I do that by hand, it's not really long but a function would be really nice to have ;)$
[Mon Nov 27 22:01:18 2017] <lyxia> tobiasBora: There's QuickChick.
[Mon Nov 27 22:02:03 2017] <tobiasBora> Thank you !
[Mon Nov 27 23:58:13 2017] <tobiasBora> Hum... What is the name of the tactic that do nothing?
[Tue Nov 28 00:01:23 2017] <lyxia> idtac?
[Tue Nov 28 05:24:05 2017] <sud_> is there a tactic that checks online for proofs in an existing global database?
[Tue Nov 28 05:44:58 2017] <pgiarrusso> sud: i had found a database of contribution packages, but a problem is that they might or might not work with recent Coq versions; as a rule.
[Tue Nov 28 05:45:19 2017] <pgiarrusso> Sorry: *as a rule, they won’t keep working without maintenance.
[Tue Nov 28 05:51:30 2017] <sud_> pgiarrusso: wouldn't it be useful to have a central database where people upload all of their proofs, and then a tactic can go fetch them?
[Tue Nov 28 05:54:10 2017] <pgiarrusso> I’m not saying no, but there’s no point if those proofs break
[Tue Nov 28 05:54:47 2017] <pgiarrusso> more importantly, there are multiple such databases for various theorem provers
[Tue Nov 28 05:55:00 2017] <pgiarrusso> well, mostly there are repositories of contributions
[Tue Nov 28 05:55:23 2017] <pgiarrusso> there’s also NuPRL, an alternative to Coq which IIUC uses such a database
[Tue Nov 28 05:56:04 2017] <pgiarrusso> but it seems its distributed system aspects make it harder to install
[Tue Nov 28 06:34:08 2017] <bor0> I have p_imp_q : p -> q and p_imp_not_q : p -> ~ q (trying to prove neg_intro). what tactic can I use to prove that ~ p?
[Tue Nov 28 06:35:16 2017] <bor0> the way I would solve it manually is to assume p, arrive at a contradiction from ~q and q and thus not p
[Tue Nov 28 06:41:29 2017] <sud_> bor0: "intuition" should do it
[Tue Nov 28 06:42:20 2017] <sud_> bor0: if you want more details, you have to remember that ~ p is a notation for p -> False
[Tue Nov 28 06:44:01 2017] <sud_> so first you can do "intro H", which will move (H: p) to your hypotheses; then you know that p_imp_not_q : p -> q -> False, so you write "apply p_imp_not_q"; and it will ask you to prove "p" and "q"; to prove p, you just use "H"; and to prove q, you "apply p_imp_q" and use "H" again
[Tue Nov 28 07:10:11 2017] <sud_> if I have a hypothesis of the form: "a := let b : False := {...} in 5 : nat", can I prove False?
[Tue Nov 28 07:13:27 2017] <pgiarrusso> sud_ what about "exact" with the value for b?
[Tue Nov 28 07:14:18 2017] <pgiarrusso> `exact (some Gallina term)`
[Tue Nov 28 07:14:31 2017] <sud_> pgiarrusso: yes that would work, but assume I have no access to the body of b, but only to its type
[Tue Nov 28 07:14:48 2017] <pgiarrusso> Yeah, not sure how to get it out of `a`
[Tue Nov 28 07:25:23 2017] <Cypi> Why would you not have access to the body of b?
[Tue Nov 28 07:26:50 2017] <Cypi> In any case, what you have is the same as having `a := 5 : nat`, so not a chance to prove False purely by using `a`
[Tue Nov 28 07:32:59 2017] <sud_> Cypi: I was wondering whether things that are proved in the inner scope of a let could be used outside of the let binding, without having to reprove them; but it makes sense that it is not the case
[Tue Nov 28 08:16:40 2017] <sud_> what is the recommended type for using integers (positive or negative)
[Tue Nov 28 08:33:43 2017] <sud_> I'm using Z, is there a lemma that allows me to write if (lemma_lt a b) then X else Y, and have the fact that a < b propagate in the X branch, and a >= b propagate in the Y branch?
[Tue Nov 28 08:39:14 2017] <lyxia> Is lemma_lt a boolean function?
[Tue Nov 28 08:42:23 2017] <sud_> lyxia: I didn't define that lemma, but I'm looking for one (that says that either a < b or a >= b)
[Tue Nov 28 08:43:08 2017] <sud_> lyxia: I found the lemma Z.lt_ge_cases, but I cannot do if then else on it in computations apparently (I obtain an error regarding Prop and Set when doing so)
[Tue Nov 28 08:45:45 2017] <lyxia> Nat.lt_decidable
[Tue Nov 28 08:45:56 2017] <lyxia> ah...
[Tue Nov 28 08:46:43 2017] <lyxia> there should be a {a < b} + {a >= b} somewhere
[Tue Nov 28 08:48:06 2017] <sud_> SearchAbout (forall a b: Z, _ + _). returns nothing :(
[Tue Nov 28 08:48:55 2017] <Cypi> Z.lt_decidable exists
[Tue Nov 28 08:49:11 2017] <Cypi> the `_ + _` is wrapped in a definition, that's why the search fails
[Tue Nov 28 08:49:38 2017] <Cypi> Ah wait, except that this is in Prop, not Type...
[Tue Nov 28 08:49:58 2017] <sud_> yes
[Tue Nov 28 08:50:22 2017] <Cypi> Alright, `Search Z.lt "dec".` should give you everything you need
[Tue Nov 28 08:50:53 2017] <sud_> unrelated question: is there a tactic that transform every hypothesis of the form "H := term: type" to "H: type"?
[Tue Nov 28 08:51:24 2017] <sud_> only result for that search is Z.lt_decidable
[Tue Nov 28 08:51:47 2017] <Cypi> Really? Have you imported ZArith for instance?
[Tue Nov 28 08:51:54 2017] <Cypi> (I'm not sure where these lemmas are found)
[Tue Nov 28 08:52:17 2017] <Cypi> sud_: `clearbody H` does this, so you could wrap it in a `repeat match goal ...`
[Tue Nov 28 08:52:34 2017] <lyxia> Z_ge_lt_dec: forall x y : Z, {(x >= y)%Z} + {(x < y)%Z}
[Tue Nov 28 08:52:35 2017] <sud_> I only imported Require Import Coq.Numbers.BinNums. Require Import Coq.ZArith.BinInt.
[Tue Nov 28 08:52:46 2017] <lyxia> after Require Import ZArith.
[Tue Nov 28 08:53:18 2017] <Cypi> There is ZArith.Zarith_dec which seems to exist, if you want to limit your number of imports
[Tue Nov 28 08:53:32 2017] <Cypi> Sorry, ZArith.ZArith_dec
[Tue Nov 28 08:53:59 2017] <sud_> awesome thanks
[Tue Nov 28 08:54:47 2017] <Cypi> and one last thing, searching (forall a b : Z, _ + _) should still fail, but searching (forall a b : Z, {_} + {_}) should work
[Tue Nov 28 08:54:51 2017] <Cypi> (the curly braces are part of the notation)
[Tue Nov 28 08:54:55 2017] <sud_> ah I see
[Tue Nov 28 08:59:12 2017] <sud_> is there a tactic that will automatically destruct such expressions (omega didn't help here) when it sees them, or do I have to define it myself?
[Tue Nov 28 09:00:17 2017] <Cypi> I think `intuition` will do that, but it will also do a lot more
[Tue Nov 28 09:02:00 2017] <sud_> Cypi: intuition does nothing on that goal: "(if x < x then false else if x < x then false else true) = true"
[Tue Nov 28 09:02:08 2017] <sud_> (where Notation "a < b" := (Z_lt_ge_dec a b).)
[Tue Nov 28 09:03:20 2017] <Cypi> Ah right, I misunderstood what you meant (it would do something if you had `{x >= y} + {x < y}` in your hypotheses)
[Tue Nov 28 09:03:35 2017] <Cypi> The no, no built-in tactic for this afaik
[Tue Nov 28 09:03:39 2017] <Cypi> Then*
[Tue Nov 28 09:07:44 2017] <sud_> alright thanks
[Tue Nov 28 09:09:01 2017] <sud_> I'm trying to define a function (that proves a theorem) manually, as a fixpoint. So I write Fixpoint (n: nat) (H: P1): P2. (where P1 and P2: Prop) and then I want to write the proof manually.
[Tue Nov 28 09:09:17 2017] <sud_> But I get: "Cannot do a fixpoint on a non inductive type." is there a workaround?
[Tue Nov 28 09:11:10 2017] <Cypi> Fixpoint (n : nat) (H : P1) {struct n} : P2.
[Tue Nov 28 09:11:21 2017] <Cypi> Poor Coq doesn't know what the recursive argument should be
[Tue Nov 28 09:12:51 2017] <sud_> great! thanks
[Tue Nov 28 09:13:20 2017] <sud_> So I proved all the subgoals using some tactics and then got: "All the remaining goals are on the shelf: x <> y, x <> y" (P1 was x <> y)
[Tue Nov 28 09:14:05 2017] <Cypi> You can do `Unshelve.` to get under focus the goals that you actually did not prove
[Tue Nov 28 09:14:19 2017] <Cypi> these may come from some application of a lemma or different other cases, it depends on your proo
[Tue Nov 28 09:14:22 2017] <Cypi> proof*
[Tue Nov 28 09:15:07 2017] <sud_> Cypi: yes indeed, I called the Fixpoint F recursively with F n' _
[Tue Nov 28 09:15:23 2017] <sud_> (and wrapped than around "refine")
[Tue Nov 28 09:15:59 2017] <Cypi> It looks like `refine` decided that this specific _ should be put on the shelf (I'm not sure what the heuristics is)
[Tue Nov 28 09:16:09 2017] <Cypi> if you want to avoid that, you can do `unshelve refine (F n' _)`
[Tue Nov 28 09:16:19 2017] <Cypi> it will immediately unshelve anything that was put on the shelf by refine
[Tue Nov 28 09:16:30 2017] <sud_> cool that worked!
[Tue Nov 28 10:45:53 2017] <xtq> Hi. Is it possible to prove for MSets that remove x empty = empty ?
[Tue Nov 28 10:47:46 2017] <xtq> Ok, I see that no.
[Tue Nov 28 10:47:53 2017] <xtq> This equality is too strong.
[Tue Nov 28 12:45:10 2017] <Vivi> Hello. Are there any Coq tactics in mathcomp/ssreflect or corn or standard coq library that simplify dealing with systems of (in)equalities (over rationals or complex numbers)?
[Tue Nov 28 13:10:18 2017] <cocreature> Vivi: "field" should work for equalities
[Tue Nov 28 13:10:41 2017] <cocreature> oh I missed the “systems” part, sry
[Tue Nov 28 13:13:14 2017] <Vivi> So field, ring, fourier... maybe auto with real is all I am stuck with?
[Tue Nov 28 13:14:16 2017] <cocreature> at least that’s all I know about :)
[Tue Nov 28 13:16:45 2017] <Vivi> Thank you! :) I've been looking through mathcomp and corn and haven't really found any advanced automation in this regard.
[Tue Nov 28 13:17:15 2017] <Vivi> Sometimes even things like operating on both sides of an equation with an injective function is beyond automation.
[Tue Nov 28 13:19:20 2017] <cocreature> automation always breaks down when you want it most :)
[Tue Nov 28 13:21:41 2017] <Vivi> I'll conjure something myself then... yey Ltac...
[Tue Nov 28 13:56:40 2017] <pgiarrusso> Vivi: sadly, we know Peano arithmetic (unlike Presburger arithmetic) is undecidable — in fact, already addition + multiplication are :-|
[Tue Nov 28 13:59:05 2017] <Vivi> Yes, however I am not seeking a decision procedure, heuristics would do.
[Tue Nov 28 17:38:31 2017] <Gurkenglas> Is there a platform where people submit Coq theorems and other people prove them, perhaps explaining their reasoning?
[Tue Nov 28 17:51:00 2017] <Vivi> StackOverflow :)?
[Tue Nov 28 20:54:30 2017] <minn> Is there a nice way to model equality of lists modulo transposition of elements in some finite set?
[Tue Nov 28 22:47:51 2017] <nate_> In ltac, I want to write a tactic that matches '_ \/ _' in the hypothesis given as an argument and then uses "generalize dependent" on both sides of the operator.
[Tue Nov 28 22:48:41 2017] <nate_> I can't figure out how to get some identifier for the underscores in the pattern so I can pass them as arguments to 'generalize dependent'. Is this something that you're supposed to use metavariables for?
[Tue Nov 28 22:56:07 2017] <benzrf> yup
[Tue Nov 28 22:56:37 2017] <benzrf> nate_: patterns in ltac are extremely powerful - in particular, you can match against any term
[Tue Nov 28 22:57:33 2017] <benzrf> therefore, a variable occurring in an ltac pattern is treated not as a new binding but as a pattern which will match that variable
[Tue Nov 28 22:57:59 2017] <benzrf> if you want to capture a subterm in a match, like how variables in normal patterns work, you indeed use a ?metavariable
[Tue Nov 28 22:58:39 2017] <benzrf> (but this is just notation in the pattern - the bit after the question mark is the variable's name)
[Tue Nov 28 22:59:08 2017] <benzrf> (so if you want to refer to the variable that was bound, you just say metavariable - no question mark)
[Tue Nov 28 23:03:45 2017] <nate_> OK I see
[Tue Nov 28 23:03:52 2017] <nate_> I was just getting syntax errors
[Tue Nov 28 23:03:54 2017] <nate_> thanks
[Wed Nov 29 04:25:47 2017] <Blerp> Hello :). I'm trying to learn Coq with simple experiments. How can I go about proving that x^2 + 2x + 1 is equal to (x+1)^2?
[Wed Nov 29 04:37:20 2017] <cocreature> Blerp: start by simplifying things using "cbn" and then use rewriting to eliminate things like + 0 or *1 and rewrite using associativity and distributivity
[Wed Nov 29 04:38:23 2017] <cocreature> at least that’s the “manual” way which you should probably follow if you’re trying to learn Coq. there are mostly automatic solutions that require way less work :)
[Wed Nov 29 04:41:52 2017] <Blerp> I agree, the manual way would be best right now haha
[Wed Nov 29 04:42:16 2017] <Blerp> cocreature: Do you know any beginner-friendly sources that don't assume too much knowledge on the student's part?
[Wed Nov 29 04:42:41 2017] <cocreature> Blerp: I’ve learned Coq from "software foundations" and found it quite approachable
[Wed Nov 29 04:43:20 2017] <Blerp> I'll look into that, then. Thank you :)
[Wed Nov 29 06:39:59 2017] <unboxed_type> Hello! I am constructing an Ltac script which by given proposition constructs some object term, it does not change goals or hypothesis. How do I debug such Ltac script? If I run it inside proof env, Coq gives "Tactic expected" or "Expression does not evaluate to a tactic".
[Wed Nov 29 06:44:14 2017] <unboxed_type> Info 1 ... does not help either.
[Wed Nov 29 11:05:19 2017] <Arcaelyx> There's always this Coq Discord server https://discord.gg/JeJ4kxr
[Wed Nov 29 11:55:30 2017] <tobiasBora> Hello,
[Wed Nov 29 11:56:39 2017] <tobiasBora> When I have in the hypothesis: a, b, (a /\ b) -> c, how could I deduce c ? (I tried destruct and split)
[Wed Nov 29 12:05:01 2017] <tobiasBora> (and because c is not in the goal, I cannot apply the Hyphothesis 3
[Wed Nov 29 12:15:58 2017] <f8l> I think you have to supply (a /\ b) somehow.
[Wed Nov 29 12:17:41 2017] <cocreature> tobiasBora: "specialize (H (conj a b))" would be one option
[Wed Nov 29 12:18:16 2017] <cocreature> or "assert (Harg : a /\ b) by auto; apply H in Harg"
[Wed Nov 29 12:18:25 2017] <cocreature> (assuming the last hypothesis is called H)
[Wed Nov 29 12:22:58 2017] <tobiasBora> Hum interesting... And if a and b are not straight forward to show, it's also with assert?
[Wed Nov 29 12:27:15 2017] <cocreature> yeah "assert" is pretty useful for proving some intermediate things
[Wed Nov 29 12:27:45 2017] <cocreature> tobiasBora: in fact you could even do "assert c by auto" (or manually prove it using "apply" after you’ve used the assert)
[Wed Nov 29 12:28:19 2017] <tobiasBora> Great, thank you! And the "assert ... by ...." is nice to have, thank you!
[Wed Nov 29 12:28:37 2017] <cocreature> np
[Wed Nov 29 12:31:45 2017] <cocreature> tobiasBora: you might also want to look at https://coq.inria.fr/refman/proof-handling.html#hevea_default505 which is great for structuring subproofs for assertions
[Wed Nov 29 12:38:42 2017] <tobiasBora> cocreature: yes, someone showed me the bullets yesterday, it's just amazing
[Wed Nov 29 12:39:46 2017] <tobiasBora> and the "by" is really practicle!
[Wed Nov 29 17:10:15 2017] <sudi> if I have a bunch of .v files, and many unproven goals, is there an interface that allows me to see all unproven goals at once, and chose from the goals?
[Wed Nov 29 17:10:32 2017] <sudi> (chose which one to prove, and enter an interactive mode)
[Wed Nov 29 19:20:52 2017] <Steverman> I have a simple question: I am doing a proof and have come to a subgoal, which is very simple, but I can't really find the right tactic. It's this:
[Wed Nov 29 19:21:03 2017] <Steverman> n + n + m + p = n + m + n + p
[Wed Nov 29 19:23:18 2017] <lyxia> There's the omega tactic. If you want to prove it by hand, the low level properties to manipulate this kind of expressions are commutativity and associativity.
[Wed Nov 29 20:08:29 2017] <nate_> Is it possible to use Ltac to create a tactic that takes in a hypothesis of the form (A \/ B) where A and B are props and produces 2 subgoals for proving that it the goal holds when A is false and B is true and B is false and A is true
[Wed Nov 29 20:08:58 2017] <nate_> is there something that already does this? is that even possible?
[Wed Nov 29 20:09:53 2017] <Cypi> If I understand what you mean, you want to have `forall A B P, (A -> ~B -> P) -> (~A -> B -> P) -> (A \/ B -> P)`, is that right?
[Wed Nov 29 20:10:29 2017] <nate_> Well
[Wed Nov 29 20:10:34 2017] <nate_> Let me see
[Wed Nov 29 20:10:55 2017] <Cypi> Just in case, what I wrote is not provable. Take `A := True` and `B := True` for instance
[Wed Nov 29 20:11:14 2017] <Steverman> lyxia: Okay, so no middle ground. I am proving by comm. and assoc. But it is so tedious
[Wed Nov 29 20:12:24 2017] <nate_> Cypi: I'm not completely sure
[Wed Nov 29 20:12:58 2017] <nate_> I don't think so because (A -> ~B) would mean that they both can't be true
[Wed Nov 29 20:14:15 2017] <Cypi> Not exactly, I wrote (A -> ~B -> P), not (A -> ~B). I can equivalently rewrite this as `forall A B P, (A /\ ~B -> P) -> (~A /\ B -> P) -> (A \/ B -> P)`
[Wed Nov 29 20:14:45 2017] <Cypi> But you are right that what you want initially doesn't seem to be doable, because (A \/ B) doesn't say that they can't both be true.
[Wed Nov 29 20:15:50 2017] <nate_> Is there a way to generate all 4 possibilities as subgoals?
[Wed Nov 29 20:17:05 2017] <Cypi> Only if you have a decidability property on A and B, that is, you know `A \/ ~A`
[Wed Nov 29 20:17:17 2017] <Cypi> (and `B \/ ~B`)
[Wed Nov 29 20:18:18 2017] <nate_> Couldn't you prove that forall (A : prop), A \/ ~A -> True?
[Wed Nov 29 20:18:38 2017] <Cypi> You could prove what you wrote, but it doesn't say much, since anything implies True
[Wed Nov 29 20:18:58 2017] <Cypi> On the other hand, you cannot prove `forall (A : Prop), A \/ ~A`, which is excluded middle
[Wed Nov 29 20:19:25 2017] <Cypi> it's a classical property that a lot of people use, but you cannot prove it in an intuitionnistic setting such as Coq, you need to assert it as an axiom.
[Wed Nov 29 20:23:30 2017] <nate_> So if I'm willing to use an extra axiom for that, how can I exploit this to prove my goal through the possible values of A and B?
[Wed Nov 29 20:25:32 2017] <Cypi> Assuming you have `classic : forall (P : Prop), P \/ ~P`, you could for instance do `destruct (classic A); destruct (classic B)` to have 4 subgoals
[Wed Nov 29 20:25:53 2017] <Cypi> one of them will be easy to solve because you can't have both ~A and ~B (since you know A \/ B)
[Wed Nov 29 20:26:17 2017] <Cypi> Two of them will be what you wanted initially, and finally you will also get a goal where both A and B are true
[Thu Nov 30 03:25:35 2017] <pgiarrusso> sudi: grep for Admitted?
[Thu Nov 30 03:26:40 2017] <pgiarrusso> sudi: to find unproven goals. Unless you’re using tactics such as tlc’s skip, which postulates False to let you finish with Qed.
[Thu Nov 30 03:29:45 2017] <sudi`> pgiarrusso: basically I have a *.v file with many function definitions, and many calls to refine(...) with holes "_" inside the refine body;
[Thu Nov 30 03:31:50 2017] <sudi`> pgiarrusso: I want an interface that lets the user run coq on the file, have coq generate all subgoals, and then let the user choose the subgoals that remain, to prove them manually
[Thu Nov 30 03:32:55 2017] <sudi`> each unfinished proof will end with "Admitted" basically
[Thu Nov 30 03:36:25 2017] <pgiarrusso> Oh. You want to pick among the open subgoals of multiple proofs. Ok, good question.
[Thu Nov 30 03:36:25 2017] <pgiarrusso> I’m thinking of Program’s Obligations commands
[Thu Nov 30 03:37:10 2017] <pgiarrusso> But you cannot use a function until its obligations are either proven or admitted...
[Thu Nov 30 03:42:07 2017] <sudi`> pgiarrusso: or at least do the basic command-line tools (coqc/coptop) allow to have all of these functions defined in the same file, let them be Admitted and refer to each other, and then let the user process the open subgoals in order?
[Thu Nov 30 03:44:03 2017] <pgiarrusso> no clue. Maybe that works if you make the functions mutually recursive.
[Thu Nov 30 03:44:46 2017] <pgiarrusso> I mean, I only use Proof General, but it seems a function is only in scope when it’s done
[Thu Nov 30 03:46:17 2017] <pgiarrusso> But also, it’s not clear why you want this so strongly. What’s bad about “go back to an earlier point and start proving”?
[Thu Nov 30 03:46:28 2017] <pgiarrusso> Proof General will automatically retract later proofs, I guess the same for CoqIDE if it works for you
[Thu Nov 30 03:47:51 2017] <sudi`> pgiarrusso: this would be part of a project for automatically proving assertions written in another programming language; the program with assertions would be translated to Coq (with refine), and have Coq generate the subgoals
[Thu Nov 30 03:49:22 2017] <pgiarrusso> Don’t take my word for it, but sounds like you’d need to store this list externally
[Thu Nov 30 09:12:01 2017] <Steverman> If I have a inductive proposition, and someone ask me to verify if a given proposition is provable, do I write 'Goal <Proposition>'?
[Thu Nov 30 09:13:52 2017] <lyxia> That sounds fine.
[Thu Nov 30 09:14:57 2017] <Steverman> Okay :)
[Thu Nov 30 10:28:51 2017] <tobiasBora> I'd like to know, how could I specialize a forall inside an expression? Like in "a -> (forall x, b(x) -> c(x))"
[Thu Nov 30 10:40:50 2017] <lyxia> tobiasBora: it's a function that takes x as its second argument, so you can apply it
[Thu Nov 30 10:46:25 2017] <tobiasBora> lyxia: if the conclusion is in the goal yes, but what if I just want to specialize the argument, without using it now in the goal ? Do I need to use assert ?
[Thu Nov 30 10:47:52 2017] <Cypi> If you have `H : a -> (forall x, b(x) -> c(x))`, you can do something like `pose proof (fun u => H u t)` if you want to specialize x with t
[Thu Nov 30 10:49:43 2017] <tobiasBora> Cypi: great, thanks!
[Thu Nov 30 14:16:07 2017] <bor0> how can I prove this without using simpl? I believe I need to re-use the definition of "add", but how can I "rewrite" it? Theorem my_thm : forall n m : nat, S n + m = S(n + m).
[Thu Nov 30 14:16:29 2017] <bor0> also a follow-up question to that, can we prove stuff without even using simpl? just using rewrite based on axioms/definitions?
[Thu Nov 30 14:16:39 2017] <bor0> s/even/ever/
[Thu Nov 30 14:31:11 2017] <bor0> ah, I just remembered unfold and it does exactly what I need (unfold add)
[Thu Nov 30 15:40:28 2017] <Steverman> Okay, I have been trying to solve this problem for HOURS now, and I'm about to give up. I am trying to solve a problem from: https://softwarefoundations.cis.upenn.edu/lf-current/IndProp.html#lab216 (ctrl-f: Exercise: 4 stars (re_not_empty)
[Thu Nov 30 15:40:31 2017] <Steverman> )
[Thu Nov 30 15:43:35 2017] <Steverman> I don't know if I defined 're_not_empty' correct. Especially Star:   '| Star re => re_not_empty re', I think I can make it work by just returning true, but I think it's incorrect
[Thu Nov 30 15:45:33 2017] <Cypi> If you return `re_not_empty re`, then it is incorrect
[Thu Nov 30 15:46:14 2017] <Cypi> I think you've thought of it, but `Star re` will always match the empty string, therefore there is a string that it matches
[Thu Nov 30 15:46:30 2017] <Cypi> So returning true should be the right thing to do.
[Thu Nov 30 15:46:33 2017] <Steverman> So => true
[Thu Nov 30 15:46:35 2017] <Steverman> Ah
[Thu Nov 30 15:46:37 2017] <Steverman> :/
[Thu Nov 30 15:47:02 2017] <Steverman> So much pain
[Thu Nov 30 15:47:34 2017] <Steverman> Honestly, I don't think I am learning much from these exercises
[Thu Nov 30 15:48:01 2017] <Steverman> The harder ones is more of a guess game
[Thu Nov 30 15:48:35 2017] <Steverman> guessing*
[Thu Nov 30 15:52:25 2017] <abbe> Hi
[Thu Nov 30 15:52:59 2017] <abbe> doing exercise of Software Foundations, and getting this error "Error: Cannot guess decreasing argument of fix" with https://pastebin.com/JrbkPBsq
[Thu Nov 30 15:53:32 2017] <abbe> equivalent function in haskell seems to work: let alternate [] y = y;  alternate (x:xs) y = x : (alternate y xs)
[Thu Nov 30 15:54:19 2017] <Steverman> I used double pattern matching for that problem
[Thu Nov 30 15:54:22 2017] <Cypi> Haskell doesn't check for termination though, does it?
[Thu Nov 30 15:54:28 2017] <Steverman> match l1, l2
[Thu Nov 30 15:54:30 2017] <abbe> yes, it seems like it.
[Thu Nov 30 15:54:34 2017] <abbe> oh, okay
[Thu Nov 30 15:54:46 2017] <abbe> thanks Steverman
[Thu Nov 30 16:08:39 2017] <beaky> hrllo
[Thu Nov 30 16:09:18 2017] <beaky> are there any good strategies for provings things like f (x ++ y) = f x ++ f y
[Thu Nov 30 16:09:34 2017] <beaky> on lists for example
[Thu Nov 30 16:16:04 2017] <Chobbes> beaky: is 'f' a map over lists?
[Thu Nov 30 16:16:08 2017] <beaky> yes
[Thu Nov 30 16:17:14 2017] <Chobbes> beaky: you might want to look at map_app, then!
[Thu Nov 30 16:17:17 2017] <beaky> wow thanks
[Thu Nov 30 16:18:41 2017] <Chobbes> beaky: search can be very useful as it can take multiple functions: `Search List.map app.`
[Thu Nov 30 16:18:51 2017] <beaky> wow i didnt know search existed
[Thu Nov 30 16:19:13 2017] <Chobbes> beaky: are you using proof general?
[Thu Nov 30 16:19:20 2017] <beaky> yes
[Thu Nov 30 16:19:48 2017] <Chobbes> "C-a C-a" will let you do a search within it very easily :).
[Thu Nov 30 16:20:10 2017] <Chobbes> https://quanttype.net/posts/2016-04-19-finding-that-lemma.html
[Thu Nov 30 16:21:28 2017] <bor0> I have IHn : evenb (S n) = negb (evenb n) and as a goal evenb (S (S n)) = negb (evenb (S n)). how can I "rewrite" evenb (S (S n)) from its definition? should be evenb n by def
[Thu Nov 30 16:22:07 2017] <Chobbes> bor0: simpl?
[Thu Nov 30 16:22:37 2017] <bor0> I get "evenb n = negb match n with". should I destruct on n after that?
[Thu Nov 30 16:25:23 2017] <Chobbes> bor0: I would probably rewrite with IHn first.
[Thu Nov 30 16:25:45 2017] <Chobbes> Before calling simpl, that is.
[Thu Nov 30 16:26:28 2017] <Chobbes> And then you probably have a theorem about negb that can help you :).
[Thu Nov 30 16:27:07 2017] <Steverman> negb_involutive
[Thu Nov 30 16:27:09 2017] <bor0> thanks! I made progress, will try to tackle it more :)
[Thu Nov 30 16:28:32 2017] <bor0> woot Steverman. thanks for that, Qed
[Thu Nov 30 16:28:44 2017] <Steverman> :>
[Thu Nov 30 16:28:45 2017] <bor0> what's the easiest way to search Coq for theorems?
[Thu Nov 30 16:29:00 2017] <bor0> https://coq.inria.fr/library doesn't seem to be very user friendly :(
[Thu Nov 30 16:29:00 2017] <Chobbes> Search negb.
[Thu Nov 30 16:29:16 2017] <Steverman> Hah, yeah I always end there when I google
[Thu Nov 30 16:29:17 2017] <Chobbes>  https://quanttype.net/posts/2016-04-19-finding-that-lemma.html
[Thu Nov 30 16:29:20 2017] <bor0> there's `Search`! ahh. this will save me hours. thanks Chobbes!
[Thu Nov 30 16:29:21 2017] <Steverman> I immedially close it
[Thu Nov 30 16:29:30 2017] <Chobbes> bor0: also that link.
[Thu Nov 30 16:29:39 2017] <Steverman> Yeah, future coq exercises may use from previous chapters
[Thu Nov 30 16:30:13 2017] <bor0> oh wow, there's a whole blogpost on how painful searching can be. I thought it was only me :D thanks for all the help!
[Thu Nov 30 16:31:01 2017] <Chobbes> There is an effort to make the Coq reference manual a little more pleasant, hopefully by next release :).
[Thu Nov 30 16:31:35 2017] <Chobbes> bor0: searching is actually pretty nice in Coq :).
[Thu Nov 30 16:31:45 2017] <benzrf> indeed !
[Thu Nov 30 16:31:55 2017] <benzrf> ^exclamation point localized for france
[Thu Nov 30 16:32:28 2017] <bor0> how does Search differ from SearchRewrite? I thought we can rewrite using any theorem?
[Thu Nov 30 16:32:34 2017] <Chobbes> Googling for Coq stuff... That's usually not pleasant. But searching for theorems within Coq is A+.
[Thu Nov 30 16:32:50 2017] <Chobbes> bor0: SearchRewrite is for looking for theorems that will do a specific rewrite.
[Thu Nov 30 16:33:11 2017] <bor0> ah, got it.
[Thu Nov 30 16:33:32 2017] <benzrf> oic u only give one side of the equation
[Thu Nov 30 16:33:47 2017] <benzrf> well cant u also just type [Search (foo = _)] instead of [SearchRewrite foo]
[Thu Nov 30 16:33:58 2017] <benzrf> i suppose the latter does both lhs and rhs and no need for parens
[Thu Nov 30 16:34:10 2017] <Chobbes> benzrf: I think so.
[Thu Nov 30 16:35:07 2017] <bor0> so for the given goal evenb (S (S n)) = negb (negb (evenb n)) I use negb_involutive to rewrite. but when I try to SearchRewrite (evenb (S (S _))). or SearchRewrite (negb (negb (evenb _))). nothing is returned. am I mistakenly using it?
[Thu Nov 30 16:35:29 2017] <benzrf> bor0: i believe the issue is that it doesnt do full unification
[Thu Nov 30 16:35:39 2017] <bor0> ow, I understand
[Thu Nov 30 16:35:57 2017] <benzrf> but if you apply some rules of thumb it shuoldnt be too much of an issue
[Thu Nov 30 16:36:21 2017] <benzrf> for example, in this case it would seem reasonable to have an involution theorem for double negb, but probably not a theorem specifically involving both negb and evenb
[Thu Nov 30 16:36:45 2017] <bor0> `Search (negb (negb _) = _).` ok I see the power of Search in Coq :)
[Thu Nov 30 16:36:50 2017] <benzrf> ^^
[Thu Nov 30 16:37:15 2017] <Chobbes> bor0: you can also use metavariables and stuff in search :).
[Thu Nov 30 16:37:46 2017] <benzrf> do note you can search for fragments of names by using quotes, for notations using quotes, and that you can search for multiple things at once by separating with spaces
[Thu Nov 30 16:38:08 2017] <benzrf> e.g.: [Search (_ + _) "comm"]
[Thu Nov 30 16:38:54 2017] <benzrf> or even just, [Search "+" "comm"]
[Thu Nov 30 16:39:00 2017] <Steverman> using apply with parenthesis is still black magic to me
[Thu Nov 30 16:39:16 2017] <Chobbes> Steverman: oh?
[Thu Nov 30 16:39:21 2017] <benzrf> well, it is just like using apply normally, except that you are constructing a term that's not just a variable
[Thu Nov 30 16:39:25 2017] <Chobbes> apply (thm a)?
[Thu Nov 30 16:39:29 2017] <Steverman> yeah
[Thu Nov 30 16:39:35 2017] <Steverman> I don't know when to use it
[Thu Nov 30 16:39:42 2017] <bor0> what does `apply` do? I did write a bunch of proofs in Coq but never had the need (or knowledge) to use it?
[Thu Nov 30 16:39:56 2017] <benzrf> defining H as f x and then apply H is the same as apply (f x)
[Thu Nov 30 16:39:56 2017] <Chobbes> Steverman: well you can think of it as partially applying the theorem.
[Thu Nov 30 16:40:10 2017] <Chobbes> Yeah.
[Thu Nov 30 16:40:12 2017] <benzrf> bor0: it's a very general tactic for refining the goal into an application
[Thu Nov 30 16:40:36 2017] <bor0> what's an application? lambda application?
[Thu Nov 30 16:40:39 2017] <benzrf> function application
[Thu Nov 30 16:41:08 2017] <Steverman> Lemma re_not_empty_correct is too hard :/
[Thu Nov 30 16:41:08 2017] <benzrf> i.e. if you want to prove the current goal with a term of the form [f args args args], and you know what f should be, you can use [apply f] and get the args as subgoals
[Thu Nov 30 16:41:12 2017] <bor0> I (think I) know what function application is, but can you show a simple theorem where I can use apply? just so I get feeling of it
[Thu Nov 30 16:41:43 2017] <benzrf> you can use apply anytime there's an implication or forall (same thing, actually) whose conclusion unifies with your current goal
[Thu Nov 30 16:41:56 2017] <Chobbes> bor0: if your goal is "X" and you have a theeorem "H : X" you can apply H to solve the goal.
[Thu Nov 30 16:42:03 2017] <benzrf> well, that's a special case :P
[Thu Nov 30 16:42:08 2017] <bor0> isn't that just exact H?
[Thu Nov 30 16:42:13 2017] <Chobbes> If your theorem is H : A -> X then applying will leave A as the goal.
[Thu Nov 30 16:42:14 2017] <benzrf> yes, apply generalizes exact
[Thu Nov 30 16:42:42 2017] <benzrf> in some sense it's like exact is apply for a 0-arg function :-)
[Thu Nov 30 16:42:43 2017] <Steverman> There is no way to find out if you're actually stuck a proof right?
[Thu Nov 30 16:42:47 2017] <Chobbes> (Because you need to have a proof of A in order to prove X with H :) )
[Thu Nov 30 16:42:48 2017] <Steverman> stuck with a*
[Thu Nov 30 16:42:56 2017] <benzrf> Steverman: not as a general problem, but there are surely some heuristics
[Thu Nov 30 16:43:07 2017] <benzrf> like, if the goal is obviously false, that's probably a bad sign :)
[Thu Nov 30 16:43:10 2017] <bor0> "exact is apply for a 0-arg function" that's really interesting!
[Thu Nov 30 16:43:12 2017] <Chobbes> Steverman: you can usually figure it out in SF if you take a step back.
[Thu Nov 30 16:43:13 2017] <benzrf> (unless you have contradictory assumptions)
[Thu Nov 30 16:43:24 2017] <benzrf> bor0: don't take that too literally, all functions have 1 arg ;)
[Thu Nov 30 16:43:38 2017] <Chobbes> Steverman: there's also tools like quickchick which can point out when you're trying to prove something that's obviously false.
[Thu Nov 30 16:43:38 2017] <bor0> ah, (un-)currying, right? :D
[Thu Nov 30 16:43:42 2017] <benzrf> yeah
[Thu Nov 30 16:43:49 2017] <Steverman> Chobbes: I have been up for 22 hours, I don't know :D
[Thu Nov 30 16:43:54 2017] <benzrf> anyway, for an example of apply -
[Thu Nov 30 16:44:03 2017] <bor0> yes please!
[Thu Nov 30 16:44:11 2017] <Chobbes> Steverman: step 1 in knowing if you're stuck -- get some sleep :P.
[Thu Nov 30 16:44:37 2017] <Steverman> Well... you seee... I was supposed to finish this chapter yesterday
[Thu Nov 30 16:44:52 2017] <benzrf> consider this theorem: [Nat.lt_le_incl: forall n m : nat, n < m -> n <= m]
[Thu Nov 30 16:44:52 2017] <Chobbes> Steverman: it often helps to take a step back and look at it with a pencil and paper proof.
[Thu Nov 30 16:45:17 2017] <benzrf> if your current goal is something like [p <= q], you can do [apply Nat.lt_le_incl]
[Thu Nov 30 16:45:23 2017] <Steverman> Hmm
[Thu Nov 30 16:45:49 2017] <benzrf> this generate an incomplete proof of [p <= q] of the form [Nat.lt_le_incl p q _]
[Thu Nov 30 16:45:59 2017] <benzrf> then the missing proof of [p < q] will be a new obligation
[Thu Nov 30 16:46:01 2017] <Chobbes> Steverman: dead serious -- you'll be able to follow that proof more or less to convert it into Coq. It's fairly easy to get lost in tactics.
[Thu Nov 30 16:46:15 2017] <benzrf> (the p and q appear there because apply infers that it needs to do that)
[Thu Nov 30 16:46:30 2017] <Steverman> Regular Expressions subchapter is actually just all tactics guessing for me
[Thu Nov 30 16:46:33 2017] <Steverman> I don't like that
[Thu Nov 30 16:46:43 2017] <Chobbes> Steverman: don't do that then :).
[Thu Nov 30 16:47:19 2017] <Steverman> How would you do it with pen/paper?
[Thu Nov 30 16:47:21 2017] <Chobbes> Figure out how you would do the proofs manually, and use that to guide you.
[Thu Nov 30 16:47:52 2017] <Chobbes> Steverman: ah -- maybe this isn't helpful advice if you don't have a math background.
[Thu Nov 30 16:47:52 2017] <bor0> how can I search to see what I need to import to get Nat.lt_le_incl?
[Thu Nov 30 16:48:01 2017] <Steverman> I did informal proofs before, but I don't think that's what you're fishing for
[Thu Nov 30 16:48:13 2017] <Steverman> Chobbes: I am actually just a bad computer scientist
[Thu Nov 30 16:48:16 2017] <Steverman> :D
[Thu Nov 30 16:48:22 2017] <Chobbes> Steverman: that's what I'm fishing for :)
[Thu Nov 30 16:48:23 2017] <benzrf> bor0: im actually not personally all that sure >w>
[Thu Nov 30 16:48:30 2017] <bor0> :D
[Thu Nov 30 16:48:33 2017] <benzrf> but i can tell you that [Require Import PeanoNat] will do it - that might not be the right thing though
[Thu Nov 30 16:48:56 2017] <benzrf> ah, [Require Import Arith] is probably the intended top level
[Thu Nov 30 16:49:11 2017] <Chobbes> Steverman: if you can do an informal proof of the problem you'll be ahead of the game.
[Thu Nov 30 16:49:30 2017] <Steverman> I suppose
[Thu Nov 30 16:49:54 2017] <bor0> I can't see why the application of le_incl : forall n m : nat, n < m -> n <= m  on top of n <= m would generate n < m as a goal :(
[Thu Nov 30 16:49:56 2017] <benzrf> in general, apply is used for modus ponens and for instantiating foralls (which are the same thing)
[Thu Nov 30 16:50:04 2017] <benzrf> bor0: because your argument is
[Thu Nov 30 16:50:32 2017] <benzrf> "ok, i'll prove p <= q. now by le_incl, it's enough to prove p < q. then ..."
[Thu Nov 30 16:50:49 2017] <benzrf> remember, you're doing backward reasoning in the goal
[Thu Nov 30 16:50:58 2017] <benzrf> if you go from goal A to goal B, that means B -> A
[Thu Nov 30 16:51:21 2017] <benzrf> you start with the final result, then work backward to what will prove the final result, what will prove /that/, etc
[Thu Nov 30 16:52:03 2017] <bor0> ahh. I see. what you asked me to prove (Theorem asdf : forall n m : nat, n < m -> n <= m.) is actually exact Nat.lt_le_incl. but `apply` could turn out to be useful in case I have something more in the theorem e.g. Theorem asdf : forall n m : nat, n = 3 -> n < m -> n <= m. ? or I got it completely wrong
[Thu Nov 30 16:52:28 2017] <benzrf> nooo, i mean
[Thu Nov 30 16:53:13 2017] <benzrf> in any place where your current goal is of the form [n <= m] - no matter what your hypotheses are or how you got there - you can use [apply lt_le_incl] to move to [n < m]
[Thu Nov 30 16:53:52 2017] <benzrf> saying [apply lt_le_incl] means "alright, the conclusion of lt_le_incl matches what i'm currently trying to show, so let me appeal to that and prove its premises instead"
[Thu Nov 30 16:57:08 2017] <bor0> ahhh. ok. it's [apply lt_le_incl] vs [exact (Nat.lt_le_incl n m)] in this case. I *think* I see what apply does
[Thu Nov 30 16:57:42 2017] <benzrf> well, the latter wont work
[Thu Nov 30 16:57:52 2017] <bor0> sorry, after intros that is
[Thu Nov 30 16:57:57 2017] <bor0> (for the latter)
[Thu Nov 30 16:57:59 2017] <benzrf> no i mean
[Thu Nov 30 16:58:01 2017] <benzrf> the type of the latter is [n < m -> n <= m]
[Thu Nov 30 16:58:12 2017] <benzrf> so you can only use exact if your goal is of that form
[Thu Nov 30 16:58:19 2017] <benzrf> if your goal is just [n <= m], you need to use apply
[Thu Nov 30 16:58:40 2017] <bor0> oh but I didn't intro n < m yet, so my goal is still n < m -> n <= m
[Thu Nov 30 16:58:48 2017] <benzrf> aaaaa
[Thu Nov 30 16:58:57 2017] <benzrf> ok yeah, in that particular case you can just use exact :P
[Thu Nov 30 16:59:29 2017] <bor0> ok it doesn't work now when I intro n_lt_m
[Thu Nov 30 16:59:31 2017] <bor0> :D
[Thu Nov 30 16:59:39 2017] <benzrf> but if your theorem is like [forall l l', is_proper_prefix l l' -> length l <= length l']
[Thu Nov 30 17:00:21 2017] <benzrf> (ok, well, you wouldnt state the theorem that way to begin with, and if you were trying to prove this there'd probably be simpler ways than moving to the stronger less-than statement)
[Thu Nov 30 17:00:25 2017] <benzrf> (but hopefully you see what i mean)
[Thu Nov 30 17:00:54 2017] <Steverman> I also have problems knowing when to intro and when not to
[Thu Nov 30 17:00:59 2017] <Steverman> knowing when*
[Thu Nov 30 17:01:12 2017] <Steverman> Sometimes you don't have to intro everything
[Thu Nov 30 17:01:25 2017] <bor0> so if I have thm1: A -> B and my goal is B, I use apply thm1 to just prove A?
[Thu Nov 30 17:01:30 2017] <benzrf> yes, precisely :)
[Thu Nov 30 17:01:51 2017] <benzrf> except that it also handles instantiating foralls, since that's the same thing in coq's theory
[Thu Nov 30 17:02:00 2017] <benzrf> (i.e. both are function application)
[Thu Nov 30 17:02:10 2017] <bor0> I always use intro proof_A; exact B. I guess this is just a neat shortcut, or is there more to its generalization (of exact)?
[Thu Nov 30 17:02:28 2017] <benzrf> i picked lt_le_incl because using it will both move from B to A *and* instantiate n and m
[Thu Nov 30 17:02:32 2017] <bor0> Steverman, I intro everything :D guess that's the beginner's way
[Thu Nov 30 17:02:38 2017] <Steverman> It is
[Thu Nov 30 17:02:39 2017] <benzrf> you usually intro everything
[Thu Nov 30 17:02:42 2017] <benzrf> afaict
[Thu Nov 30 17:02:50 2017] <benzrf> unless you need to have a forall for an induction hypothesis
[Thu Nov 30 17:03:10 2017] <benzrf> bor0: i don't think this intro-exact does the same thing at all
[Thu Nov 30 17:03:21 2017] <benzrf> if your goal is B, and B is not a function type, you cannot use intro
[Thu Nov 30 17:03:42 2017] <benzrf> you're thinking of proving A -> B using B
[Thu Nov 30 17:03:46 2017] <benzrf> this is proving B using A -> B
[Thu Nov 30 17:03:54 2017] <benzrf> (and therefore generating an obligation to prove A)
[Thu Nov 30 17:04:06 2017] <bor0> I need to dig more into `apply`. while you are here, can I bug you about one more thing? so far I've been proving theorems involving forall, but I'm having troubles with forall,exists one, e.g. Theorem even_or_odd : forall n k : nat, exists k : nat, n = 2 * k \/ n = 2 * k + 1.
[Thu Nov 30 17:04:13 2017] <benzrf> that said, i think apply actually does work in that case -
[Thu Nov 30 17:04:20 2017] <benzrf> iirc it will automatically intros things for you if it needs to
[Thu Nov 30 17:04:21 2017] <Steverman> Wait till you read about forward reasoning
[Thu Nov 30 17:04:23 2017] <benzrf> it's pretty smart
[Thu Nov 30 17:05:31 2017] <bor0> I intro n and I don't know how I can "instantiate" k
[Thu Nov 30 17:05:43 2017] <bor0> or even use it in my premises
[Thu Nov 30 17:05:56 2017] <benzrf> you use [exists <thing here>]
[Thu Nov 30 17:06:37 2017] <bor0> what's <thing here>? I have goal `exists k : nat, n = 2 * k \/ n = 2 * k + 1` and if I try [exists k.] I get "The reference k was not found in the current environment."
[Thu Nov 30 17:07:11 2017] <bor0> my theorem is actually forall n : nat, exists k : nat, n = 2 * k \/ n = 2 * k + 1, sorry
[Thu Nov 30 17:07:17 2017] <bor0> (no k in forall)
[Thu Nov 30 17:10:04 2017] <bor0> oh, <thing here> is constant :D seems to be working
[Thu Nov 30 17:11:47 2017] <bor0> (at least for the base case :D)
[Thu Nov 30 17:16:30 2017] <benzrf> bor0: try proving this [forall P Q R : Prop, (P -> Q) -> P /\ R -> Q.]
[Thu Nov 30 17:16:44 2017] <benzrf> bor0: also, of course [exists k] doesnt work
[Thu Nov 30 17:16:58 2017] <benzrf> if i say to you "give me some number k such that k is greater than 10", and you say "ok, the number is k"
[Thu Nov 30 17:17:01 2017] <benzrf> that makes no sense :P
[Thu Nov 30 17:33:54 2017] <bor0> benzrf, is that theorem to demonstrate the usefulness of `apply`? :)
[Thu Nov 30 17:35:27 2017] <bor0> here's a newbie proof :D  [intros P Q R ; intros P_imp_Q ; intros P_and_R ; destruct P_and_R as [proof_P proof_R] ; exact (P_imp_Q proof_P).]
[Thu Nov 30 17:35:36 2017] <benzrf> yeah
[Thu Nov 30 17:35:37 2017] <bor0> I imagine the apply variant will look much simpler
[Thu Nov 30 17:35:59 2017] <benzrf> [exact (P_imp_Q proof_P)] is precisely [apply P_imp_Q; exact proof_P]
[Thu Nov 30 17:36:19 2017] <benzrf> [apply f] is basically like [exact (f _)] and then your goal is to prove the _
[Thu Nov 30 17:36:26 2017] <benzrf> except it's much smarter than that
[Thu Nov 30 17:36:44 2017] <bor0> ah! now it makes sense. it always does with examples I guess :D
[Thu Nov 30 17:36:54 2017] <benzrf> i probably shouldve given one from the start :P
[Thu Nov 30 17:39:22 2017] <bor0> ok I just used my first apply. I assume it gets better and better the longer the implication is, because exact will be more complex to be used?
[Thu Nov 30 17:41:26 2017] <bor0> ah, neat. two subgoals for P_imp_Q_imp_R for (P -> R -> Q) -> P /\ R -> Q
[Thu Nov 30 17:42:24 2017] <bor0> instead of (exact P_imp_Q_imp_R proof_R proof_P) which can get trickier
[Thu Nov 30 17:43:43 2017] <benzrf> :)
[Thu Nov 30 17:43:55 2017] <benzrf> like i was talking about earlier, it also instantiates variables in foralls, since that's also application
[Thu Nov 30 17:59:04 2017] <benzrf> bor0: a useful idiom is something along the lines of [apply H; auto] or a suitable sharpening
[Thu Nov 30 18:17:57 2017] <Steverman> Oh man... the chapters keeps introducing tactics. I can't follow :(
[Thu Nov 30 18:19:13 2017] <boro_> what book is that? I'm going through Software Foundations (Vol. 1) but still at the beginning
[Thu Nov 30 18:19:30 2017] <boro_> (well chapter 3 almost)
[Thu Nov 30 18:22:22 2017] <lyxia> There's a Tactics chapter, it's useful for reference
[Thu Nov 30 18:23:20 2017] <lyxia> Coq's reference manual also serves as a helpful reminder once you know your way around it.
[Thu Nov 30 18:26:24 2017] <boro_> given p_imp_q : p -> q, p_imp_not_q : p -> ~ q. what tactics can I use to prove that not p?
[Thu Nov 30 18:26:25 2017] <Steverman> I tried to use the manual
[Thu Nov 30 18:31:48 2017] <lyxia> boro_: intro and apply
[Thu Nov 30 18:33:11 2017] <boro_> woot. thanks :D
[Thu Nov 30 18:34:18 2017] <Steverman> When do I use 'generalize dependent'?
[Thu Nov 30 18:34:52 2017] <Steverman> Most likely before induction
[Thu Nov 30 18:35:13 2017] <boro_> I used intro/apply, my proof pass and I don't understand what apply did there :( given [p_imp_q : p -> q] ; [p_imp_not_q : p -> ~ q] ; [assume_P : p] and a goal False, why did [apply p_imp_not_q] give me 2 goals of p and q?
[Thu Nov 30 18:35:53 2017] <Steverman> That's not in chapter 2-3!
[Thu Nov 30 18:54:37 2017] <pgiarrusso> boro: ~q means q -> False
[Thu Nov 30 18:55:04 2017] <pgiarrusso> so apply p_impl_not_q proves False assuming both p and q
[Thu Nov 30 18:55:30 2017] <Steverman> he's gone
[Thu Nov 30 18:58:02 2017] <pgiarrusso> Steverman: uh right
[Thu Nov 30 19:57:52 2017] <Steverman> SF: Pumping lemma exercise
[Thu Nov 30 19:57:54 2017] <Steverman> Oh man :/
[Thu Nov 30 20:00:03 2017] <lyxia> That's tough.
[Thu Nov 30 20:18:04 2017] <Steverman> Who mentioned QuickChick?
[Thu Nov 30 20:19:35 2017] <lyxia> I did.
[Thu Nov 30 20:22:09 2017] <Steverman> Would you recommend it to someone "reading" SF?
[Thu Nov 30 20:26:06 2017] <lyxia> Steverman: do you have experience with QuickCheck, or one of its counterparts in other languages?
[Thu Nov 30 20:26:13 2017] <Steverman> None
[Thu Nov 30 20:27:00 2017] <lyxia> So I wouldn't recommend it :)
[Thu Nov 30 20:27:50 2017] <Steverman> Okay :<
[Thu Nov 30 20:28:38 2017] <lyxia> Benjamin Pierce is actually looking at whether SF+QuickChick would make a good combination.
[Thu Nov 30 20:29:46 2017] <Steverman> Ah well. By then the course will be over
[Thu Nov 30 20:29:53 2017] <lyxia> But for now the project is still in a very early stage.
[Thu Nov 30 21:55:43 2017] <Steverman> Okay, I give up on pumping lemma :D
[Thu Nov 30 22:25:43 2017] <pgiarrusso> Steverman: 4-star exercises can indeed be hard. But have you had a formal logic course?
[Thu Nov 30 22:26:01 2017] <Steverman> It's actually 5
[Thu Nov 30 22:26:23 2017] <pgiarrusso> Steverman: OK, you’re definitely trying too hard
[Thu Nov 30 22:26:28 2017] <pgiarrusso> my first theorem-proving experience sounded like yours
[Thu Nov 30 22:26:55 2017] <pgiarrusso> Studying formal logic and type systems helped
[Thu Nov 30 22:26:57 2017] <Steverman> My last logic course was 3 years ago
[Thu Nov 30 22:27:10 2017] <pgiarrusso> (Also, programming in Agda did)
[Thu Nov 30 22:27:25 2017] <pgiarrusso> Ah, but you did have logic! That helps
[Thu Nov 30 22:27:43 2017] <Steverman> Yeah
[Thu Nov 30 22:27:50 2017] <Steverman> It's actually an assignment
[Thu Nov 30 22:28:43 2017] <pgiarrusso> oh. tough.
[Thu Nov 30 22:28:56 2017] <Steverman> The whole chapter
[Thu Nov 30 22:29:02 2017] <pgiarrusso> I can maybe answer on “how much to intro” and induction though?
[Thu Nov 30 22:29:15 2017] <Steverman> I did everything up to pumping lemma
[Thu Nov 30 22:29:28 2017] <pgiarrusso> cool!
[Thu Nov 30 22:30:24 2017] <Steverman> All the way from Basics (with every optional exercise)
[Thu Nov 30 22:30:33 2017] <Steverman> including informal proofs
[Thu Nov 30 22:32:18 2017] <Steverman> I feel like I need to start over because I am not always doing it in a "structural" way
[Thu Nov 30 22:34:26 2017] <pgiarrusso> do you understand why your tactics work?
[Thu Nov 30 22:35:00 2017] <Steverman> I know what they do. Advanced tactics usage.. not so much
[Thu Nov 30 22:36:02 2017] <pgiarrusso> well, once you can follow a proof script you completed, and get why a certain tactic works, you’re already pretty good
[Thu Nov 30 22:36:22 2017] <Steverman> I may need to  reread the theory again (from lambda calculus to CoC), but the material my lecturer uploaded isn't great
[Thu Nov 30 22:36:52 2017] <Steverman> Sometimes they're just puzzles for me
[Thu Nov 30 22:37:07 2017] <pgiarrusso> did you do functional programming before?
[Thu Nov 30 22:37:23 2017] <Steverman> Very little
[Thu Nov 30 22:37:25 2017] <Steverman> Scheme
[Thu Nov 30 22:37:58 2017] <pgiarrusso> That helps a bit, but something with types would have helped more
[Thu Nov 30 22:38:08 2017] <Steverman> Created a parser for a subset language
[Thu Nov 30 22:38:14 2017] <Steverman> So lots of pattern matching
[Thu Nov 30 22:38:19 2017] <pgiarrusso> good
[Thu Nov 30 22:38:44 2017] <Steverman> Oh yeah.. created a compiler from scratch with SML
[Thu Nov 30 22:39:20 2017] <Steverman> This is the book: https://www.cs.princeton.edu/~appel/modern/ml/
[Thu Nov 30 22:39:26 2017] <pgiarrusso> because it helps to see that a theorem is a function from its argument to a proof of the thesis
[Thu Nov 30 22:39:46 2017] <pgiarrusso> so if sum_comm : forall a b, a + b = b + a
[Thu Nov 30 22:40:15 2017] <pgiarrusso> then `sum_comm m (n+1)` is a function application
[Thu Nov 30 22:40:29 2017] <pgiarrusso> and a proof that `m + (n + 1) = (n + 1) + m`
[Thu Nov 30 22:40:59 2017] <Steverman> Aha
[Thu Nov 30 22:41:21 2017] <pgiarrusso> you can use that with `exact`
[Thu Nov 30 22:41:34 2017] <pgiarrusso> (with the whole term)
[Thu Nov 30 22:41:47 2017] <pgiarrusso> or use `apply` to construct things bit-by-bit
[Thu Nov 30 22:41:59 2017] <Steverman> I mostly use apply
[Thu Nov 30 22:42:16 2017] <pgiarrusso> yes, it’s usually easier
[Thu Nov 30 22:42:58 2017] <pgiarrusso> but for me things got easier once I could understand theorem proving in terms of functional programming
[Thu Nov 30 22:43:05 2017] <pgiarrusso> and types
[Thu Nov 30 22:43:36 2017] <pgiarrusso> anyway, talking too much — any questions I might help with?
[Thu Nov 30 22:43:37 2017] <Steverman> type theory?
[Thu Nov 30 22:44:12 2017] <Steverman> Oh, I don't know. I may need a coq cheatsheet or something
[Thu Nov 30 22:44:16 2017] <pgiarrusso> what about it?
[Thu Nov 30 22:44:29 2017] <pgiarrusso> yeah, the amount of tactics is overwhelming
[Thu Nov 30 22:44:56 2017] <pgiarrusso> the reference manual in PDFs starts having a usable table of contents
[Thu Nov 30 22:44:57 2017] <Steverman> sometimes  I don't know when to use inversion or destruct
[Thu Nov 30 22:45:09 2017] <pgiarrusso> ah, good question
[Thu Nov 30 22:45:30 2017] <pgiarrusso> destruct H does case analysis on all constructors of H
[Thu Nov 30 22:45:42 2017] <pgiarrusso> but inversion is smarter
[Thu Nov 30 22:45:52 2017] <Steverman> I mean it was straight forward between induction and destruct
[Thu Nov 30 22:46:09 2017] <pgiarrusso> sometimes, some of those constructors aren’t plausible
[Thu Nov 30 22:47:08 2017] <Steverman> I mostly use inversion
[Thu Nov 30 22:48:32 2017] <pgiarrusso> ah, found an example
[Thu Nov 30 22:48:42 2017] <pgiarrusso> take H : ev (S (S n))
[Thu Nov 30 22:48:59 2017] <pgiarrusso> where ev is the inductive for “even”
[Thu Nov 30 22:49:52 2017] <pgiarrusso> now, destruct thinks that H can be ev_0 or ev_SS, since it’s a value of type ev something
[Thu Nov 30 22:50:03 2017] <Steverman> Right
[Thu Nov 30 22:50:17 2017] <pgiarrusso> inversion is smarter, and realizes that an instance of ev (S (S n)) can’t be built from ev_0
[Thu Nov 30 22:50:35 2017] <pgiarrusso> because it ev_0: ev 0
[Thu Nov 30 22:50:48 2017] <pgiarrusso> and there is no solution to ev 0 = ev (S (S n))
[Thu Nov 30 22:51:04 2017] <pgiarrusso> (this can be found by first-order unification, if you’ve seen the concept)
[Thu Nov 30 22:51:20 2017] <pgiarrusso> so inversion will only give you one case
[Thu Nov 30 22:51:27 2017] <Steverman> Right
[Thu Nov 30 22:51:37 2017] <pgiarrusso> that’s the difference
[Thu Nov 30 22:51:52 2017] <pgiarrusso> destruct can be faster, but that’s it
[Thu Nov 30 22:52:05 2017] <Steverman> I see
[Thu Nov 30 22:52:37 2017] <pgiarrusso> still, you can use `destruct` when you don’t need inversion for “cleanliness”, but that’s a secondary concern
[Thu Nov 30 22:53:30 2017] <pgiarrusso> now I could say that both tactics do pattern matching on the proofs
[Thu Nov 30 22:54:11 2017] <pgiarrusso> (not sure that helps, this pairs with the thing above on apply and exact)
[Thu Nov 30 22:54:52 2017] <pgiarrusso> and `inversion` is a smarter form of pattern matching (it is similar to pattern matching on GADTs, if that says anything, but maybe this isn’t helpful)
[Thu Nov 30 22:55:39 2017] <Steverman> Gotta look that up :),
[Thu Nov 30 22:57:44 2017] <pgiarrusso> only if it helps
[Thu Nov 30 22:58:14 2017] <Steverman> Yeah, I don't think it's relevant fo rme
[Thu Nov 30 22:58:57 2017] <pgiarrusso> anyway, I should probably sleep — hope this helped at least a bit! And good luck!
[Thu Nov 30 22:59:31 2017] <Steverman> Yes thank you!
[Fri Dec  1 00:50:58 2017] <minn> Is there a clean way to talk about equality of lists modulo transposition of elements (in some finite set)? This has been giving me some trouble - obviously for two elements you can enumerate the cases with an inductive definition. I am trying to getting bogged down with a specification in terms of positions (or functions). The context is that I need to prove an exchange lemma for a typing relation with a synthesized output context (an
[Fri Dec  1 00:50:59 2017] <minn> d need to talk about equality modulo transposition).
[Fri Dec  1 00:54:29 2017] <Chobbes> minn: you want to argue about permutations of lists?
[Fri Dec  1 00:54:59 2017] <Chobbes> minn: usually you define an inductive proposition Permutation l1 l2.
[Fri Dec  1 00:55:48 2017] <Chobbes> minn: and then in order to make proofs easier you can drop into counting elements in each list. If the counts of the elements are the same, then they're permutations of each other.
[Fri Dec  1 00:56:17 2017] <Chobbes> https://github.com/DeepSpec/dsss17/blob/master/auto/ReflectivePermutation.v <-- minn this might be useful to you!
[Fri Dec  1 00:57:10 2017] <minn> It would be much easier if I just needed permutations (or subsequences). I need to say that two lists xs and ys are equal, except that for the elements occurring in some list zs, those elements might not occur or might be transposed (but only elements in zs).
[Fri Dec  1 00:57:57 2017] <Chobbes> minn: oh, hmmmm.
[Fri Dec  1 00:58:29 2017] <minn> The implementation of permutations in the standard library is nice to reason about - I'm having trouble coming up with a similarly nice inductive definition (or other specification).
[Fri Dec  1 00:58:33 2017] <Chobbes> minn: I would guess you could do something similar, but I'm not sure exactly what you mean.
[Fri Dec  1 00:59:08 2017] <Chobbes> xs = ys, except there might be some elements from zs mixed in there?
[Fri Dec  1 00:59:26 2017] <minn> yeah, the elements in zs might not be present or could be swapped.
[Fri Dec  1 00:59:48 2017] <Chobbes> minn: but otherwise xs and ys are in the same order?
[Fri Dec  1 01:00:02 2017] <minn> right, if you removed all elements in zs the lists would be identical
[Fri Dec  1 01:01:30 2017] <Chobbes> Ok something like "remove zs xs = remove zs ys" where remove is some function which removes elements from the first list from the second list.
[Fri Dec  1 01:03:28 2017] <minn> huh, that might actually be a strong enough condition - i was banging my head against inductive definitions
[Fri Dec  1 01:03:56 2017] <Chobbes> minn: you can definitely make an inductive definition for this too.
[Fri Dec  1 01:04:16 2017] <Chobbes> Whether or not it's pretty at all is another question -- I'm starting to see if I can make one :P>
[Fri Dec  1 01:06:02 2017] <Chobbes> minn: what are you trying to do btw?
[Fri Dec  1 01:09:30 2017] <minn> prove some basic structural properties of a (deterministic) typing relation for stlc + linear types that synthesizes an output context (to prove exchange lemmas, it isn't sufficient for the output contexts to be permutations).
[Fri Dec  1 01:10:14 2017] <minn> i think something like what you suggested is probably the way to go
[Fri Dec  1 01:14:46 2017] <Chobbes> http://lpaste.net/360391 <-- minn something like that for the Inductive proposition, maybe?
[Fri Dec  1 01:20:33 2017] <minn> i think that's pretty closed to the relation i'm looking for - it seems simple when put like that
[Fri Dec  1 01:21:55 2017] <Chobbes> They're usually suprisingly simple things!
[Fri Dec  1 01:22:52 2017] <Chobbes> But that's my understanding of what you want, anyway. You might want to think up better names or whatever, but I think it should do what you want? Let me know if it works out / how the proving goes :).
[Fri Dec  1 01:29:13 2017] <minn> it's pretty close - i think a slightly stronger relation will work very well. thanks :(
[Fri Dec  1 01:29:16 2017] <minn> err :)
[Fri Dec  1 01:52:58 2017] <bor0> how is bool defined in Coq and why can't I use induction on it? if I do [Inductive my_bool : Set := true : my_bool | false : my_bool.] I can use induction on my_bool which is fancy
[Fri Dec  1 01:53:41 2017] <Cypi> Why do you think you can't do an induction on a boolean? bool is defined the same way as your in the stdlib.
[Fri Dec  1 01:53:46 2017] <Cypi> (try `Print bool.`)
[Fri Dec  1 01:53:53 2017] <Cypi> yours*
[Fri Dec  1 01:54:08 2017] <bor0> I'm having troubles proving [Theorem double_neg_elim : forall p : Prop, not (not p) -> p.] and I tried to approach using induction
[Fri Dec  1 01:54:42 2017] <Cypi> Oh, Prop and bool are two different beasts
[Fri Dec  1 01:55:03 2017] <bor0> oh, I just noticed I have Prop there. wow. how are they different?
[Fri Dec  1 01:55:06 2017] <Cypi> and you cannot prove what you want to prove in an intuitionnistic settings
[Fri Dec  1 01:55:19 2017] <Cypi> The elimination of double negation is typically classical
[Fri Dec  1 01:55:22 2017] <bor0> yeah I have excluded middle as an axiom but I'm still stuck
[Fri Dec  1 01:55:38 2017] <Cypi> Then you can use excluded middle on the proposition p.
[Fri Dec  1 01:56:09 2017] <Cypi> If you have a proof of p then your goal is trivial, and if you have a proof of (not p), then you can use it together with the `not (not p)` to derive an absurdity
[Fri Dec  1 01:56:49 2017] <Cypi> For the difference between Prop and bool: bool is a type of booleans, you can compute with it, you can check if a boolean is `true` or `false` and so on, because it just an inductive type.
[Fri Dec  1 01:56:50 2017] <bor0> is the difference between Prop and bool having to do with provability?
[Fri Dec  1 01:56:54 2017] <Cypi> yes
[Fri Dec  1 01:57:02 2017] <bor0> ok that makes sense :)
[Fri Dec  1 01:57:26 2017] <Cypi> Prop is a universe of propositions: when you have `P : Prop`, you don't know anything about the provability of P, unless you can build a term `p : P`
[Fri Dec  1 01:57:49 2017] <Cypi> So in general you cannot "compute" a proposition
[Fri Dec  1 01:58:15 2017] <Cypi> The ability to decide for any proposition if it's true or false is exactly the excluded middle
[Fri Dec  1 01:59:26 2017] <bor0> ok, this makes sense. and P \/ ~P doesn't make sense in the world of Prop, but it does in the world of bool because we have only 2 possible values, correct?
[Fri Dec  1 01:59:55 2017] <bor0> (just trying to figure out why we need excluded_middle as axiom for Prop)
[Fri Dec  1 02:00:11 2017] <Cypi> `P \/ ~P` is a valid statement, but you cannot prove it in general
[Fri Dec  1 02:00:18 2017] <Cypi> (you might be able to prove it for some specific propositions)
[Fri Dec  1 02:00:34 2017] <bor0> why can we not prove it?
[Fri Dec  1 02:01:22 2017] <Cypi> because not every statement is decidable. As long as you don't add any axiom to Coq, if you have a proof of `P \/ ~P`, then you can actually know if P is true or false
[Fri Dec  1 02:01:46 2017] <Cypi> But what if P is some fact that is know to be undecidable, such as the halting problem, or the continuum hypothesis, stuff like that?
[Fri Dec  1 02:01:50 2017] <Cypi> known*
[Fri Dec  1 02:02:06 2017] <bor0> can you tell me which tactic I can use to "include" excluded_middle as hypothesis in my proof for double_neg_elim?
[Fri Dec  1 02:02:46 2017] <Cypi> Just `apply` should be enough. You probably have some constant `excluded_middle : forall P, P \/ ~P`
[Fri Dec  1 02:02:50 2017] <bor0> oh, I see. so it has to do with computability
[Fri Dec  1 02:02:50 2017] <Cypi> (it might have another name)
[Fri Dec  1 02:05:11 2017] <bor0> I have [Axiom excluded_middle : forall p : Prop, p \/ ~ p.], but when I try to `apply` it it says it's Unable to unify "p \/ ~ p" with "p".
[Fri Dec  1 02:06:23 2017] <Cypi> Oh right, I don't know what I was saying. So, `excluded_middle p` has type `p \/ ~p`, which means that you can do `destruct (excluded_middle p)`
[Fri Dec  1 02:06:42 2017] <bor0> wow! I can use destruct in that way. awesome
[Fri Dec  1 02:11:17 2017] <bor0> thank you. :)
[Fri Dec  1 04:39:25 2017] <sudi`> is there a way to cast a list to "cons_type", and have a proof obligation be generated automatically? Definition isCons {T} (l: list T) := match l with | nil => False | cons _ _ => True end.     Definition cons_type {T} := {l: list T | isCons l}.     Definition l: cons_type := (cons 5 (cons 7 nil): cons_type).
[Fri Dec  1 05:07:46 2017] <tobiasBora> Hello,
[Fri Dec  1 05:11:41 2017] <tobiasBora> If in my goal I've something like "T a b", can I somehow add a rule "assert (U b)" without copy/paste it? I tried "let b := match goal with T a b => b end. but I've a syntax error "Syntax error: ':' or ':=' expected after [Prim.name] (in [match_hyps])."
[Fri Dec  1 05:13:29 2017] <Cypi> `match goal with |- T _ ?b => assert (U b) end` for instance
[Fri Dec  1 05:13:59 2017] <Cypi> The ?b binds the name `b` to this subterm, the _ says that you don't care about this subterm
[Fri Dec  1 05:17:10 2017] <tobiasBora> Great thank you! What "|-" is for?
[Fri Dec  1 05:18:12 2017] <Cypi> |- separates the hypotheses from the goal
[Fri Dec  1 05:18:23 2017] <Cypi> it just happens that I don't care about the hypotheses, so there is nothing to the left
[Fri Dec  1 05:18:56 2017] <Cypi> you could do stuff like `match goal with H : ?ty |- ?ty => exact H` to re-implement the `assumption` tactic for instance
[Fri Dec  1 05:23:25 2017] <tobiasBora> ok that's great, thank you very much! And I managed to do the same thing with let, and it works great, except if I want to return a tuple. let (a,b) = ... => (a,b) end. in ... is not correct ?
[Fri Dec  1 05:23:32 2017] <tobiasBora> s/=/:=
[Fri Dec  1 05:24:12 2017] <Cypi> So, I may be wrong here, but I don't think Ltac has actual tuples. You can only bind one name to a value and that's it
[Fri Dec  1 05:24:25 2017] <Cypi> You _can_ bind a tuple to a name, but that would be a tuple from Gallina, not from Ltac
[Fri Dec  1 05:24:46 2017] <Cypi> (hopefully this will change at some point in the future where Ltac will be an actual programming language, but for now it's not the case)
[Fri Dec  1 05:32:54 2017] <sudi`> I'm trying out the "Program Definition" command, this is what I needed! So "Program Definition l := cons ((cons 5 (cons 7 nil))) nil: list (cons_type nat)." this works well, but this fails: "Program Definition l := cons ((cons 5 (cons 7 nil))) nil: cons_type (cons_type nat)." any reason why?
[Fri Dec  1 06:12:45 2017] <tobiasBora> Cypi: Ok thank you!
[Fri Dec  1 06:41:50 2017] <tobiasBora> In a tactic, can I create a fresh name, and remember it? Something like "let a := <fresh name> in assert(<a> : ...) ... simpl in <a>."
[Fri Dec  1 06:42:40 2017] <Cypi> Yup, the `fresh` tactic exists
[Fri Dec  1 06:42:58 2017] <Cypi> `let a := fresh in ...` or `let a := fresh "a" in ...` if you want to give a "base" name
[Fri Dec  1 06:43:14 2017] <Cypi> (it will generate a fresh name from this base, like a or a0, a1, ...)
[Fri Dec  1 06:46:29 2017] <tobiasBora> Cypi: that's great, thank you very much!
[Fri Dec  1 06:47:05 2017] <tobiasBora> (just there is a minor typo, it's "let tac a")
[Fri Dec  1 06:48:20 2017] <tobiasBora> hum wait
[Fri Dec  1 06:49:06 2017] <tobiasBora> I used: let tac hyp := fresh "MyH" in assert (hyp: ...).
[Fri Dec  1 06:49:22 2017] <tobiasBora> and the name of the hypothèse is "hyp", not "MyH".
[Fri Dec  1 06:49:39 2017] <tobiasBora> How could I say "I want to use the variable "hyp", not the name "hyp".
[Fri Dec  1 06:52:17 2017] <Cypi> Oh, you're right, with `assert` it will probably go wrong...
[Fri Dec  1 06:52:50 2017] <Cypi> Hmm, I can't think of something less manu than `refine (fun (hyp : ...) => _) _` right now :/
[Fri Dec  1 06:53:05 2017] <Cypi> manual*
[Fri Dec  1 06:53:26 2017] <Cypi> (also note that it might swap the goal compared to what `assert` would give. If it's a problem, you can use `refine (...); swap 1 2`)
[Fri Dec  1 06:57:10 2017] <Cypi> Wait, on my Coq it works. `let H := fresh "blih" in assert (H : True).` created a hypothesis named "blih" in the second subgoal
[Fri Dec  1 06:57:21 2017] <Cypi> hmm...
[Fri Dec  1 06:57:45 2017] <Cypi> (it also works in Coq 8.6)
[Fri Dec  1 06:59:07 2017] <sudi`> 'let tac hyp := fresh "MyH"': why "let tac hyp" and not "let hyp"?
[Fri Dec  1 06:59:14 2017] <tobiasBora> oh ok
[Fri Dec  1 06:59:16 2017] <Cypi> tobiasBora: actually, why did you add the `tac`? This creates a Ltac function named `tac`, that's all
[Fri Dec  1 06:59:27 2017] <Cypi> (I didn't notice at first, my bad)
[Fri Dec  1 07:01:02 2017] <tobiasBora> that's the point, at the beginning I got an error, and I google it and I found "let tac ...". So I replace it, and I still got an error, and I just realized that the name for the hypothesis was already taken, so I changed the name, but I forgot to change back "let tac" into "let". Sorry for that !
[Fri Dec  1 07:01:25 2017] <Cypi> No problem, of course
[Fri Dec  1 07:09:19 2017] <tobiasBora> Now I begin to like Coq ^^
[Fri Dec  1 07:11:15 2017] <tobiasBora> Just a question, Ltac cannot have type for the input? I tried "Ltac mytac (x : my_type)", but it does not work, and the documentation never mention any type for the argument of a tactic
[Fri Dec  1 07:11:39 2017] <cocreature> ltac is an untyped language
[Fri Dec  1 07:11:54 2017] <cocreature> or dynamically typed/unityped/whatever you want to call it
[Fri Dec  1 07:20:00 2017] <pgiarrusso> minn: for your type system, is there any chance to work with separate contexts rather than removing one from another?
[Fri Dec  1 07:23:03 2017] <tobiasBora> cocreature: interesting ^^ Pretty rare in the ML world !
[Fri Dec  1 07:24:08 2017] <cocreature> tobiasBora: fwiw ltac2 or at least the plans that I saw for it will be typed. no idea what its current state is though
[Fri Dec  1 07:24:47 2017] <Cypi> It's fairly advanced (and already used by some for testing purposes). I don't know if/when it will be shipped with Coq, but it's already possible to play with it
[Fri Dec  1 07:25:19 2017] <cocreature> Cypi: nice! is https://github.com/ppedrot/ltac2 what one should be looking at?
[Fri Dec  1 07:25:30 2017] <Cypi> yes
[Fri Dec  1 07:26:14 2017] <cocreature> great, now I only need to find the time to play around with it :)
[Fri Dec  1 07:27:14 2017] <tobiasBora> Does that mean that everything I'm currently learning with ltac will be useles in a few months ?
[Fri Dec  1 07:27:31 2017] <tobiasBora> useless*
[Fri Dec  1 07:27:33 2017] <Cypi> Nope
[Fri Dec  1 07:28:26 2017] <Cypi> Firstly, I don't know if/when Ltac2 will completely replace Ltac, not sure what the plans are. Secondly, one of the goals of Ltac2 is to stay true to what Ltac looks like, so that it's easy to transition
[Fri Dec  1 07:28:54 2017] <Cypi> (or even seamless for the basic stuff)
[Fri Dec  1 07:30:29 2017] <tobiasBora> what a nice team!
[Fri Dec  1 07:31:11 2017] <Cypi> retrocompatibility in general is always taken into account when changing stuff
[Fri Dec  1 07:34:20 2017] <tobiasBora> except for python3
[Fri Dec  1 07:34:33 2017] <Cypi> I meant, in the case of the Coq devteam x)
[Fri Dec  1 07:34:38 2017] <Cypi> I don't know about other projects
[Fri Dec  1 07:38:09 2017] <tobiasBora> ahah sure. But sometimes when people rewrite a tool, it's because it was not though in the good way at the beginning, and it may be possible that, because everything is thought in a different manner, the initial code becomes a nonsense. But anyway, it's good to know that I continue to learn ltac ;)
[Fri Dec  1 09:33:40 2017] <pgiarrusso> tobiasBora: most of the Coq community uses Ltac, and different languages easily coexist, so don’t worry
[Fri Dec  1 09:34:18 2017] <pgiarrusso> all tactics languages generate terms in the same core language, so there’s no hurry to unsupport Ltac
[Fri Dec  1 14:08:12 2017] <tobiasBora> Ok thank you!
[Fri Dec  1 14:09:50 2017] <tobiasBora> Just, I'd like to create a function that will be used in the tactics that basically filter a list. Should I define this function using Ltac, let, or Define/Fixpoint ?
[Fri Dec  1 14:35:19 2017] <pgiarrusso> tobiasBora: sounds like you might want to study inList and nearby functions in https://jozefg.bitbucket.io/posts/2014-07-09-dissecting-crush.html
[Fri Dec  1 14:36:03 2017] <pgiarrusso> also, for your question, it seems you want Ltac — I don’t think Ltac can call Coq functions
[Fri Dec  1 14:37:13 2017] <pgiarrusso> I suspect you’d have a hard time picking a type for those Coq functions
[Fri Dec  1 14:38:15 2017] <pgiarrusso> on inList, somebody mentioned a singleton “faux-list” with `x` as element is produced with `(x)`, for use with `inList`
[Fri Dec  1 14:39:03 2017] <pgiarrusso> * wants to open a new thread, wonders how to do it on IRC
[Fri Dec  1 14:39:33 2017] <pgiarrusso> can anybody here compare Autosubst vs locally nameless and other approaches?
[Fri Dec  1 14:40:02 2017] <pgiarrusso> I can look at the Autosubst paper, and I’ve already learned they’re redesigning it
[Fri Dec  1 14:40:15 2017] <pgiarrusso> so the original version is only semi-maintained
[Fri Dec  1 16:12:28 2017] <Chobbes> pgiarrusso: no threads on IRC, just rooms.
[Fri Dec  1 16:13:39 2017] <pgiarrusso> Chobbes: Hi there! I know, it was a joke also serving as vertical whitespace
[Fri Dec  1 16:14:09 2017] <pgiarrusso> Chobbes: I'm Blaisorblade on Twitter, think we tweeted?
[Fri Dec  1 16:17:37 2017] <pgiarrusso> Chobbes: Oh yeah, you must be https://twitter.com/Chobbez
[Fri Dec  1 16:23:38 2017] <Chobbes> pgiarrusso: oh yeah! Hi :).
[Fri Dec  1 16:24:41 2017] <Chobbes> Thought you might have been new to IRC from slack or something. Where the best feature slack has added is threads :P.
[Fri Dec  1 16:29:55 2017] <Chobbes> pgiarrusso: are you doing lambda calculus things in Coq? If you want to know more about locally nameless I would check out Stephanie Weirich's lectures from DSSS17.
[Fri Dec  1 16:30:46 2017] <Chobbes> https://www.youtube.com/watch?v=MxFpplaMDXs
[Fri Dec  1 16:32:09 2017] <Chobbes> But I don't think there was any comparison with autosubst (which I haven't heard of until now).
[Fri Dec  1 16:32:47 2017] <pgiarrusso> Chobbes: Poe's law
[Fri Dec  1 16:33:35 2017] <pgiarrusso> I'm using some locally nameless mechanizations, but I'm slowly getting tired of the proof obligations
[Fri Dec  1 16:35:39 2017] <pgiarrusso> So I'm wondering if Autosubst is worth the switch; its papers seem interesting but it seems it's not as mature
[Fri Dec  1 16:36:08 2017] <pgiarrusso> But thanks for the pointer, might be worth checking out (not a talk guy but gotta try)
[Fri Dec  1 16:39:05 2017] <Chobbes> pgiarrusso: I think most of the automation in professor Weirich's lecture comes from Ott for generating useful lemmas and theorems.
[Fri Dec  1 16:40:34 2017] <Chobbes> I.e., I don't remember much automation when actually writing proofs about terms in the calculus, other than some automated finite set tactics.
[Fri Dec  1 16:41:23 2017] <Chobbes> https://github.com/plclub/lngen oh and this.
[Fri Dec  1 16:42:23 2017] <Chobbes> https://github.com/DeepSpec/dsss17
[Fri Dec  1 16:43:10 2017] <Chobbes> Lecture material is in the Stlc directory. I dunno if any of this is helpful to you, but it's resources that I'm vaguelly aware of :)
[Fri Dec  1 16:51:04 2017] <pgiarrusso> Chobbes: probably useful to have up-to-date pointers
[Fri Dec  1 16:52:13 2017] <pgiarrusso> I spent six-month reviewing papers on a different topic, then 3 hours with an expert made a huge difference
[Fri Dec  1 16:52:52 2017] <pgiarrusso> Now, it did take those 6 months to be able to convey that much information in 3 hours
[Fri Dec  1 16:54:08 2017] <pgiarrusso> though this might boil down to “studying math helps talking about math” ;-)
[Fri Dec  1 17:58:31 2017] <sud> is this axiom consistent with Coq? "Axiom classic : forall P:Prop, P + ~ P.". I want to use it to define a PropToBool function
[Fri Dec  1 18:08:20 2017] <Chobbes> sud: that's excluded middle?
[Fri Dec  1 18:08:42 2017] <sud> Chobbes: the usual one is with \/
[Fri Dec  1 18:09:21 2017] <Cypi> This is strong excluded middle https://github.com/coq/coq/wiki/CoqAndAxioms
[Fri Dec  1 18:09:25 2017] <Cypi> and should be consistent
[Fri Dec  1 18:54:50 2017] <bor0> hi! I am trying to prove a property in my program [(forall l : natlist, has_odd (evenmembers l) = false)]. I use induction and am stuck on the goal [has_odd (if Nat.even n then cons n (evenmembers l) else evenmembers l) = false]. I tried to use case (Nat.even n) but I don't have hypothesis to re-use for each case
[Fri Dec  1 18:55:24 2017] <bor0> evenmembers takes a list and returns only even numbers. has_odd returns a boolean whether list contains any odd numbers
[Fri Dec  1 18:58:16 2017] <Cypi> You can use `destruct (Nat.even n) eqn:Hn` to keep an equality that will say `Nat.even n = true` or `Nat.even n = false`
[Fri Dec  1 18:58:45 2017] <bor0> that saves the day I think! thanks! :)
[Fri Dec  1 19:00:08 2017] <bor0> Qed. woot! my first "useful" proof on lists!
[Fri Dec  1 19:01:20 2017] <bor0> so now that you told me this new gem I can use in my proofs, I figured while going through "Logical Foundations" I have a wrong answer
[Fri Dec  1 19:01:31 2017] <bor0> Briefly explain the difference between the tactics destruct and induction: When we use destruct to analyze cases we don't have hypothesis to re-use, unlike induction.
[Fri Dec  1 19:02:43 2017] <bor0> we *can* have hypothesis with destruct as well, right?
[Fri Dec  1 19:02:55 2017] <Cypi> You're not completely wrong. `destruct` will only give information about the thing you can destructing, and you can keep an equality about it if you want. The hypothesis that you can gain with `induction` is an induction hypothesis that tells something about the _subterms_ of the thing you are destructing
[Fri Dec  1 19:03:02 2017] <Cypi> s/can/are/
[Fri Dec  1 19:03:59 2017] <bor0> ah, correct. I am missing the keyword _subterms_ in my explanation
[Fri Dec  1 19:05:18 2017] <bor0> thank you again, Cypi!
[Fri Dec  1 19:32:40 2017] <clw> Somebody update the Wiki page: it has moved to Github
[Sat Dec  2 07:01:20 2017] <sud> is there a way to allow Coq to have redundant match clauses?
[Sat Dec  2 08:07:45 2017] <tobiasBora> pgiarrusso: sorry, yesterday I ran out of battery. I wanted to use Ltac, but autosubst's syntax .| seems not to be usable, so I defined i using fixpoint. However, to use it I'd like to define a fonction (or Ltac ?), that returns a function like that: "match goal with |- deduc _ _ ?g => (fun x => x = g) end" (the out should be of type "type -> bool").
[Sat Dec  2 08:08:29 2017] <tobiasBora> on Fixpoint, it should not work because match goal is for ltac, however, it I use Ltac, it does not work...
[Sat Dec  2 08:19:19 2017] <tobiasBora> and if I define everything using Ltac, the line "let r := b.|[ren(+curr_lift)] in" gives me the error "Syntax error: 'with' or 'in' expected (in [tactic:binder_tactic])."
[Sat Dec  2 08:26:43 2017] <tobiasBora> Hum, I tried to replace .| with hsubst, and now the error is in the "if" on the next line "let r = ... in if (f r) then ..."
[Sat Dec  2 08:26:50 2017] <tobiasBora> "Syntax error: [tactic:tactic_expr level 5] expected after 'in' (in"
[Sat Dec  2 08:32:08 2017] <tobiasBora> I tried to change "if" with match ... with true => ... | _ => ... in", but now I've an error saying that the function "hsubst" does not exists (while it's supposed to be imported from autosubst). Can I somehow import a function from galinea into ltac.
[Sat Dec  2 08:33:52 2017] <pgiarrusso> tobiasBora: I'd try using Ltac, and fixing those syntax errors with more parens
[Sat Dec  2 08:35:41 2017] <tobiasBora> pgiarrusso: yes, I fixed the syntax errors, but now the problem is that I'd like to do a pattern matching on the result of a function imported from autosubst, and this function seems to stay "in the coq world", and I can't use it the ltac...
[Sat Dec  2 08:37:03 2017] <pgiarrusso> What you wrote is that you didn't fix the syntax error, but you tried to do something else...
[Sat Dec  2 08:37:21 2017] <pgiarrusso> On the world separation:
[Sat Dec  2 08:38:21 2017] <pgiarrusso> Ltac can refer to Gallina functions, but it can't "run" them, it can paste together terms that will run them
[Sat Dec  2 08:41:27 2017] <pgiarrusso> tobiasBora: can you post a more complete example on a pastie?
[Sat Dec  2 08:42:18 2017] <tobiasBora> pgiarrusso: sure: https://zb.phyks.me/
[Sat Dec  2 08:42:20 2017] <tobiasBora> oups
[Sat Dec  2 08:42:26 2017] <tobiasBora> https://zb.phyks.me/?f4587b7c4f3f4b44#xN1BW11A4HckJ4pInK7u9K+wkru7xoOzb/rolK8K78E=
[Sat Dec  2 08:43:41 2017] <pgiarrusso> Ok, can you explain what you want to achieve?
[Sat Dec  2 08:45:26 2017] <tobiasBora> sure, so basically, I've a goal like "|- A _ g _". So a tactic will first match the goal to extract g, and then call my function.
[Sat Dec  2 08:45:35 2017] <tobiasBora> This g is a kind of list of expression
[Sat Dec  2 08:45:50 2017] <tobiasBora> so that's why I first do a pattern matching on this g.
[Sat Dec  2 08:45:51 2017] <pgiarrusso> Is g a Coq or Ltac list?
[Sat Dec  2 08:46:00 2017] <tobiasBora> the problem is on the "assume" case
[Sat Dec  2 08:46:41 2017] <tobiasBora> basically, f would intuively be a filter a filter function, that would return a bool when applied on a given argument
[Sat Dec  2 08:47:06 2017] <tobiasBora> this argument should be r, i.e. "hsubst (ren(+curr_lift)) b"
[Sat Dec  2 08:47:11 2017] <pgiarrusso> Really, what sort of list is g?
[Sat Dec  2 08:47:33 2017] <pgiarrusso> Because if it is a Coq list, it makes no sense to recurse on it in Ltac
[Sat Dec  2 08:47:39 2017] <tobiasBora> yes it's a coq list
[Sat Dec  2 08:47:55 2017] <tobiasBora> well a kind defined in coq.
[Sat Dec  2 08:48:27 2017] <pgiarrusso> OK, so from what you said the recursion on the list must in in Gallina
[Sat Dec  2 08:48:38 2017] <tobiasBora> ok
[Sat Dec  2 08:48:39 2017] <pgiarrusso> But the match goal must be in Coq
[Sat Dec  2 08:48:50 2017] <tobiasBora> Gallina and coq is not the same thing?
[Sat Dec  2 08:48:56 2017] <pgiarrusso> Sorry
[Sat Dec  2 08:49:08 2017] <pgiarrusso> Match goal must be in Ltac
[Sat Dec  2 08:50:02 2017] <pgiarrusso> Well, strictly speaking Coq has everything, though we use it usually (but sloppily) to mean Gallina
[Sat Dec  2 08:50:09 2017] <tobiasBora> ok
[Sat Dec  2 08:50:18 2017] <pgiarrusso> I mean, Coq includes Ltac, Gallina doesn't
[Sat Dec  2 08:50:35 2017] <tobiasBora> so in this model I've another problem: define the filter function "f" in my code
[Sat Dec  2 08:51:57 2017] <pgiarrusso> tobiasBora: also, are you sure you understand the stage distinction between Ltac and Gallina?
[Sat Dec  2 08:52:25 2017] <tobiasBora> I think that I see the difference yes. Basically Ltac generate Gallina code that will handle the proof right?
[Sat Dec  2 08:54:45 2017] <pgiarrusso> tobiasBora: correct! Now, if I have in a proof context a variable g bound to one of your “list”, and I try to match it in Ltac, what does Ltac see?
[Sat Dec  2 08:55:09 2017] <pgiarrusso> I ask because that’s what the snippet tries to do
[Sat Dec  2 08:55:43 2017] <pgiarrusso> and overall, I ask because your task seems to require mixing Ltac and Gallina carefully, so I want to make sure before we proceed
[Sat Dec  2 08:55:58 2017] <tobiasBora> sure no problem. Let me think...
[Sat Dec  2 08:57:38 2017] <tobiasBora> Actually it's a good question, I would say that Ltac would have the ability to read g if g has already been generated before the call to the tactic.
[Sat Dec  2 08:58:25 2017] <pgiarrusso> well, but g is just a variable in context
[Sat Dec  2 08:58:59 2017] <pgiarrusso> and I mean a proof context — like, one of the assumptions in a goal
[Sat Dec  2 08:59:16 2017] <pgiarrusso> if I finish the proof and run it, g will have a value
[Sat Dec  2 08:59:44 2017] <pgiarrusso> but when I’m writing the proof g is just a Gallina variable
[Sat Dec  2 09:00:25 2017] <pgiarrusso> so it does *not* have a value
[Sat Dec  2 09:00:27 2017] <tobiasBora> hum... You mean something like "g: Mytype |- ..." ?
[Sat Dec  2 09:00:39 2017] <pgiarrusso> something like that
[Sat Dec  2 09:01:09 2017] <tobiasBora> ok, so here I agree.
[Sat Dec  2 09:01:18 2017] <pgiarrusso> it’s different if g is an Ltac variable bound to some Coq expression
[Sat Dec  2 09:01:41 2017] <tobiasBora> like in "match goal with Mytype g => " ?
[Sat Dec  2 09:01:47 2017] <pgiarrusso> yes
[Sat Dec  2 09:01:52 2017] <tobiasBora> *Mytype ?g
[Sat Dec  2 09:02:11 2017] <tobiasBora> ok
[Sat Dec  2 09:02:14 2017] <pgiarrusso> so, if you have an Ltac match binding g to something *appearing in the goal*, you can do metaprogramming on the g — on what appeared in the goal
[Sat Dec  2 09:02:34 2017] <pgiarrusso> actually, I’m taking your “match goal with Mytype g => “ loosely
[Sat Dec  2 09:04:06 2017] <pgiarrusso> so when you say “I’ve got a goal of shape ‘|- A _ g _’”, which one do you mean?
[Sat Dec  2 09:04:23 2017] <tobiasBora> I mean the "match goal" thing
[Sat Dec  2 09:05:14 2017] <pgiarrusso> to be sure: you mean your goal could be ‘|- A _ nilc _” or “|- A _ (intc _) _” etc?
[Sat Dec  2 09:05:50 2017] <pgiarrusso> and you want to run different tactics if you have literally `nilc` or `(intc _)` ?
[Sat Dec  2 09:06:13 2017] <tobiasBora> kind of yes
[Sat Dec  2 09:07:00 2017] <pgiarrusso> well, if those can be different functions I’d stick to gallina, but if you need different *tactics* maybe you need Ltac
[Sat Dec  2 09:07:28 2017] <pgiarrusso> still, the pattern match in the snippet will fail if your goal is literally `|- A _ g _`
[Sat Dec  2 09:07:40 2017] <pgiarrusso> where `g` is a Gallina variable
[Sat Dec  2 09:08:14 2017] <pgiarrusso> if you’re familiar with the metalanguage/object language distinction, maybe it helps to use that language
[Sat Dec  2 09:08:36 2017] <pgiarrusso> Ltac is a metalanguage for manipulating expressions from Gallina, the object language
[Sat Dec  2 09:09:11 2017] <pgiarrusso> and in `filter_aux`, `g` is a metavariable standing for an object expression of type `mytype`
[Sat Dec  2 09:10:53 2017] <tobiasBora> yes, this seems pretty natural, it's exactly what I want
[Sat Dec  2 09:11:39 2017] <pgiarrusso> well `filter_aux` looks like it’s written in the Gallina mindset, but maybe you’re right
[Sat Dec  2 09:12:20 2017] <pgiarrusso> still, I’m not sure what you overall are trying to achieve, at a higher level, so I’m not sure what you actually need to do, beyond writing out what lives at which stage
[Sat Dec  2 09:12:25 2017] <tobiasBora> ok, so with your nice advices, now I've something that "types", but when I try to run it I've an error saying the "a = b" returns a Prop, while it should be a bool. How could I return a bool to test if two elements are syntaxiquely the same ?
[Sat Dec  2 09:13:05 2017] <tobiasBora> pgiarrusso: hum, now I'm doubtful... Not sure anymore, and actually, if it works, it may seems pretty magical ^^{
[Sat Dec  2 09:13:07 2017] <tobiasBora> ^^'*
[Sat Dec  2 09:13:47 2017] <pgiarrusso> well, if it turns out my advice are bad, it’s because this conversation *might* be an instance of the XY problem: https://meta.stackexchange.com/a/66378/210646
[Sat Dec  2 09:13:55 2017] <pgiarrusso> anyway on your next question:
[Sat Dec  2 09:14:35 2017] <pgiarrusso> so a and b are metavariables standing for terms, I imagine
[Sat Dec  2 09:15:18 2017] <pgiarrusso> it sounds like you want *not* to use decidable equality for their type (which would be what you want in Gallina)
[Sat Dec  2 09:18:00 2017] <pgiarrusso> OK, not sure — I usually just reuse a variable in a pattern match (`match goal with ?a + ?a > 5 => ...`) to ensure both positions have the same content...
[Sat Dec  2 09:18:03 2017] <pgiarrusso> googling ntime
[Sat Dec  2 09:18:05 2017] <pgiarrusso> *time
[Sat Dec  2 09:21:54 2017] <pgiarrusso> coq ltac comparing termshttps://stackoverflow.com/q/33049082/53974 and http://coq-club.inria.narkive.com/1I7oD4Vm/term-classification-in-ltac-has-var-is-constr-term-complexity-measure
[Sat Dec  2 09:21:59 2017] <pgiarrusso> sorry
[Sat Dec  2 09:22:04 2017] <pgiarrusso> I’ve googled `coq ltac comparing terms`
[Sat Dec  2 09:22:19 2017] <pgiarrusso> and those two links seem vaguely relevant (not sure)
[Sat Dec  2 09:22:38 2017] <pgiarrusso> but... I have no clue
[Sat Dec  2 10:11:41 2017] <sud> is there a tactic that automatically sees contradictions such as: forall y ys, Cons x xs <> Cons y ys in the hypotheses?
[Sat Dec  2 10:16:10 2017] <lyxia> I just wrote a   Ltac magic = match goal with H : forall y ys, ?f ?x ?xs <> ?f y ys |- _ => solve [exfalso; eapply H; auto] end.
[Sat Dec  2 10:22:37 2017] <sud> lyxia: eauto worked :) (after doing intuition to unroll the <> in -> False)
[Sat Dec  2 10:35:24 2017] <dh`> you don't need intuition for that, just "intro" works
[Sat Dec  2 10:37:49 2017] <dh`> which isn't the "right" way either of course, but intuition is fairly expensive to run
[Sat Dec  2 11:16:40 2017] <Steverman> pgiarrusso: I think I found a case where I really shouldn't intros everything: "Lemma beq_list_true_iff" in the Logic chapter.
[Sat Dec  2 11:17:11 2017] <sud> dh`: but the forall was in the hypotheses
[Sat Dec  2 11:17:57 2017] <Steverman> ^ that's why
[Sat Dec  2 11:18:05 2017] <Steverman> :D
[Sat Dec  2 11:18:25 2017] <sud> can I have a tactic that unfolds definitions which is defined once and for all, and then add more and more definitions to be unfolded once I defined them?
[Sat Dec  2 11:19:46 2017] <pgiarrusso> sud: are you looking for autounfold?
[Sat Dec  2 11:20:03 2017] <pgiarrusso> and `Hint Unfold foo`?
[Sat Dec  2 11:20:32 2017] <pgiarrusso> though when I’m using Software Foundations and TLC, I often prefer `unfolds`
[Sat Dec  2 11:20:48 2017] <pgiarrusso> (which just unfolds the head definition, which seems more useful and safer)
[Sat Dec  2 11:23:59 2017] <sud> pgiarrusso: nice! is unfolds a custom tactic?
[Sat Dec  2 11:24:48 2017] <pgiarrusso> sud: it's from the TLC library
[Sat Dec  2 11:25:13 2017] <pgiarrusso> There's IIRC a LibTactics chapter in software foundations
[Sat Dec  2 11:27:49 2017] <dh`> oh, I missed some of the context
[Sat Dec  2 11:28:01 2017] <dh`> for that case I'd probably just write "specialize (H x xs); contradiction"
[Sat Dec  2 11:28:48 2017] <dh`> looking for (or writing) a tactic takes a lot longer than typing one line
[Sat Dec  2 11:29:05 2017] <dh`> so unless you have a gazillion cases like this reappearing...
[Sat Dec  2 11:29:30 2017] <pgiarrusso> dh`: but how do you know your hypothesis is H?
[Sat Dec  2 11:29:41 2017] <pgiarrusso> You can, but you need to pay attention
[Sat Dec  2 11:29:54 2017] <pgiarrusso> Especially if you plan to maintain your proof
[Sat Dec  2 11:30:18 2017] <pgiarrusso> lyxia's automation is a bit more robust
[Sat Dec  2 11:30:40 2017] <pgiarrusso> (though here it's a bit specific indeed)
[Sat Dec  2 11:33:13 2017] <dh`> mostly you need to worry about that regardless
[Sat Dec  2 11:34:02 2017] <dh`> also, proofs rarely change wildly in a single go, at least IME
[Sat Dec  2 11:34:25 2017] <dh`> but I haven't done any real long-term maintenance on coq things yet
[Sat Dec  2 13:08:37 2017] <dh`> I do wish inversion produced more predictable hypothesis names, though...
[Sat Dec  2 14:29:35 2017] <Steverman> If I get false = true, then I suppose I did something wrong earlier
[Sat Dec  2 14:29:42 2017] <Steverman> In my goal that is..
[Sat Dec  2 14:32:09 2017] <Cypi> Either you have an absurdity in your hypotheses, or your initial goal is not provable, or you did something wrong
[Sat Dec  2 14:32:18 2017] <Cypi> (but in the first case it's perfectly fine)
[Sat Dec  2 14:36:30 2017] <Steverman> Because then I could use inversion?
[Sat Dec  2 14:37:19 2017] <Cypi> For instance, depends on your hypotheses.
[Sat Dec  2 14:39:13 2017] <Steverman> Regarding the 'Search' tactic.. I sometmes can't find e.g: 'andb_true_iff'
[Sat Dec  2 14:39:25 2017] <Steverman> But searchin for 'andb' will find it
[Sat Dec  2 14:39:36 2017] <Steverman> 'andb_true' will not work
[Sat Dec  2 14:40:02 2017] <Steverman> The reference andb_true was not found in the current environment.
[Sat Dec  2 14:40:16 2017] <Cypi> If you write `Search andb`, then it will look for any lemma that mentions the constant `andb` in its conclusion
[Sat Dec  2 14:40:47 2017] <Cypi> if you want to look for part of the name of a lemma, then you need to write `Search "andb_true".` for instance.
[Sat Dec  2 14:40:53 2017] <Steverman> Ah
[Sat Dec  2 14:40:58 2017] <Steverman> So quote it
[Sat Dec  2 14:41:14 2017] <Steverman> That works :)
[Sat Dec  2 14:41:29 2017] <bor0> in proving [length (reverse l) = length l], I'm stuck on [length l + 1 = S (length l)]. how can I prove something as simple as that?
[Sat Dec  2 14:42:49 2017] <Cypi> There is a lemma called `Nat.add_1_r` which will prove exactly that
[Sat Dec  2 14:43:07 2017] <Cypi> You can do `Search (_ + 1 = S _).` to search for it for instance
[Sat Dec  2 14:43:21 2017] <Cypi> (I think I had to import Arith or something similar to get this lemma though)
[Sat Dec  2 14:43:51 2017] <bor0> Qed. thanks. I just imported PeanoNat
[Sat Dec  2 14:44:04 2017] <bor0> why can't Coq solve that by `simpl.`? (I guess I need to prove it myself to understand)
[Sat Dec  2 14:44:54 2017] <Cypi> Addition is defined by induction on the first argument. So, `S n + m` can reduce to `S (n + m)` for instance. But `length l + 1` is simply stuck, because the first argument is `length l` and is not a constructor
[Sat Dec  2 14:45:27 2017] <Cypi> So to prove `forall n, n + 1 = S n`, you actually need an induction
[Sat Dec  2 14:46:21 2017] <Steverman> bor0: don't they explain it further down the chapter?
[Sat Dec  2 14:46:26 2017] <bor0> oh. I just realized that by proving it. thank you! :)
[Sat Dec  2 14:46:35 2017] <bor0> Steverman, they probably do, but I'm trying my own things on the way
[Sat Dec  2 14:46:46 2017] <Steverman> Alright
[Sat Dec  2 14:47:03 2017] <bor0> I also try to just look at the Theorem header only and try to prove it myself before looking at the actual proof
[Sat Dec  2 15:11:56 2017] <Steverman> Hmm, I don't quite understand this. So I have "IHl1 : forall l2 : list A, beq_list beq l1 l2 = true <-> l1 = l2", "l1 : list A", "l2 : list A". The IH will only work if the goal is: "beq_list beq l1 l1 = true"
[Sat Dec  2 15:12:16 2017] <Steverman> "beq_list beq l2 l2 = true" won't
[Sat Dec  2 15:12:48 2017] <Cypi> The induction hypothesis is quantified over l2, but not l1. So you can instantiate l2 with whatever you want, but not l1
[Sat Dec  2 15:13:05 2017] <Steverman> Right
[Sat Dec  2 15:22:25 2017] <bor0> when we say beq l1 l2 l3.. how are the arguments (l1, l2, l3) consumed? are they consumed by quantifiers (forall/exists)?
[Sat Dec  2 15:22:43 2017] <bor0> or is it by hypothesis also?
[Sat Dec  2 15:29:01 2017] <lyxia> all of them
[Sat Dec  2 15:29:37 2017] <bor0> in the exact order as in the theorem, I assume?
[Sat Dec  2 15:30:48 2017] <lyxia> yes
[Sat Dec  2 15:32:00 2017] <bor0> is it wrong to say that almost all Coq tactics are about rewriting rules?
[Sat Dec  2 15:33:06 2017] <bor0> or substitution rules, if that makes more sense
[Sat Dec  2 15:34:18 2017] <bor0> a follow-up to that, does it have a list of "basic" tactics that all other tactics can be represented by? like Lisp needing only 5 (7?) primitives
[Sat Dec  2 15:37:01 2017] <Steverman> Above the line is called the context right?
[Sat Dec  2 15:37:29 2017] <bor0> I've heard state and hypothesis, but I guess context isn't that far off :)
[Sat Dec  2 15:38:11 2017] <Steverman> Oh well
[Sat Dec  2 15:38:15 2017] <Steverman> I have these: 'H : forall P : Prop, P \/ (P -> False)', 'P, Q : Prop'
[Sat Dec  2 15:38:19 2017] <Steverman> I can't destruct H
[Sat Dec  2 15:38:44 2017] <bor0> destruct (H P)?
[Sat Dec  2 15:39:13 2017] <bor0> oh, isn't that an axiom? (excluded middle)
[Sat Dec  2 15:39:17 2017] <Steverman> Yes
[Sat Dec  2 15:39:35 2017] <Steverman> Proving: excluded_middle -> peirce.
[Sat Dec  2 15:39:52 2017] <Steverman> I don't understand parenthesis with tactics
[Sat Dec  2 15:40:08 2017] <bor0> (H P) means feed P into H (for the quantifier). did it work? :D
[Sat Dec  2 15:40:13 2017] <Steverman> Yeah
[Sat Dec  2 15:40:30 2017] <Steverman> Thanks
[Sat Dec  2 15:40:32 2017] <dh`> a better way to think about it: (H P) passes P as the first argument of H
[Sat Dec  2 15:42:37 2017] <Steverman> I guess it makes sense! I have used it like  this: 'destruct (f b)'  where f is a function  and b is a boolean
[Sat Dec  2 15:42:49 2017] <Steverman> Tactics chapter :)
[Sat Dec  2 16:38:34 2017] <Steverman> Okay: I need a tip on this one: 'H : forall P Q : Prop, ((P -> Q) -> P) -> P', 'P : Prop', 'HP : (P -> False) -> False' | goal:  P
[Sat Dec  2 16:39:41 2017] <Steverman> Do I have to do something similar as like time like destruct but with another tactic?
[Sat Dec  2 16:45:08 2017] <pgiarrusso> Steverman: wow, are you dealing with the excluded middle exercises?
[Sat Dec  2 16:45:14 2017] <Steverman> I am
[Sat Dec  2 16:45:38 2017] <pgiarrusso> does... intuition solve this?
[Sat Dec  2 16:45:50 2017] <pgiarrusso> (I suspect that’d be cheating though)
[Sat Dec  2 16:46:07 2017] <Steverman> Uh
[Sat Dec  2 16:46:18 2017] <Steverman> Is that a tactic?
[Sat Dec  2 16:46:21 2017] <Cypi> Steverman: it's all about finding the correct Q to instantiate H.
[Sat Dec  2 16:46:29 2017] <Steverman> FalsE?
[Sat Dec  2 16:46:31 2017] <Steverman> False*
[Sat Dec  2 16:46:33 2017] <pgiarrusso> sorry, yes, `intuition`
[Sat Dec  2 16:46:49 2017] <Cypi> False is probably a good idea, yes
[Sat Dec  2 16:47:38 2017] <Steverman> pgiarrusso: I have never heard of it
[Sat Dec  2 16:47:49 2017] <Steverman> But yeah. it solves it :D
[Sat Dec  2 16:48:02 2017] <pgiarrusso> OK, so I guess it is cheating
[Sat Dec  2 16:48:17 2017] <pgiarrusso> Steverman: I think the non-obvious step might be that you’ll need False -> P somewhere
[Sat Dec  2 16:48:34 2017] <Steverman> Mmmh okay
[Sat Dec  2 16:49:42 2017] <pgiarrusso> It looks like starting with `apply H.` might work
[Sat Dec  2 16:50:21 2017] <Steverman> It does
[Sat Dec  2 16:52:12 2017] <pgiarrusso> I also think this way might work till the end — you’ll need to use `HP`, but need `P -> False` somewhere
[Sat Dec  2 16:52:35 2017] <Steverman> I will try :)
[Sat Dec  2 16:55:57 2017] <pgiarrusso> I *think* though, I haven’t fully tried it
[Sat Dec  2 16:56:00 2017] <Steverman> I am not sure if this is the correct way to solve the whole exercise. I have to prove that the 5 propositions (classical logic) are equivalent. I could do A -> B, B -> C.... etc, but I doing it like this instead: 'A <-> B', 'A <-> C', and then just proved 'excluded_middle -> peirce'
[Sat Dec  2 16:56:32 2017] <pgiarrusso> when I was working SF I failed that miserably
[Sat Dec  2 16:56:50 2017] <Steverman> I suppose you can do it now :)
[Sat Dec  2 16:56:56 2017] <Cypi> both ways are valid Steverman, it's just that you probably end up doing more work by proving equivalences
[Sat Dec  2 16:57:19 2017] <Cypi> Proving A -> B -> C -> D -> E -> A is 5 implications, while A <-> B <-> ... <-> E -> A is 9 implications
[Sat Dec  2 16:57:43 2017] <Steverman> Oh great... my TA suggested the latter
[Sat Dec  2 16:58:04 2017] <Cypi> I mean, maybe the point is to make you work on your proving skills, I don't know x)
[Sat Dec  2 16:58:28 2017] <Steverman> Cypi: oh... it's not like that
[Sat Dec  2 16:58:33 2017] <Steverman> It's from A only
[Sat Dec  2 16:58:56 2017] <Cypi> Ah right, star-like. Well, it's still 8 implications, but you're right, it's noticeably different
[Sat Dec  2 16:59:12 2017] <Steverman> Well here is his wording: You could either:
[Sat Dec  2 16:59:14 2017] <Steverman> - Show that A -> B, B -> C and C -> A
[Sat Dec  2 16:59:16 2017] <Steverman> - Show that A <-> B and A <-> C
[Sat Dec  2 17:05:59 2017] <Steverman> Got it :)
[Sat Dec  2 17:26:19 2017] <Steverman> pgiarrusso: I am intrigued by 'intuition'. Is it like auto, but better? I never used auto myself.
[Sat Dec  2 17:28:58 2017] <dh`> intuition is not like auto. it's closer to firstorder.
[Sat Dec  2 17:46:30 2017] <Steverman> It turns 'H: (P -> False) /\ (Q -> False) -> False' into 'H0 : (P -> False) -> (Q -> False) -> False'
[Sat Dec  2 18:28:19 2017] <pgiarrusso> Steverman: the “Tactics” section of the reference manual can be rather readable for a reference: https://coq.inria.fr/refman/tactics.html#sec423
[Sat Dec  2 18:28:33 2017] <pgiarrusso> but TL;DR. once you merge the descriptions of `intuition` and `tauto`
[Sat Dec  2 18:28:46 2017] <Steverman> Oh okay
[Sat Dec  2 18:28:56 2017] <pgiarrusso> you learn that `intuition` is a decision procedure for intuitionistic propositional calculus
[Sat Dec  2 18:29:11 2017] <pgiarrusso> I also recommend the PDF version of the reference manual
[Sat Dec  2 18:29:34 2017] <Steverman> Easier to search?
[Sat Dec  2 18:29:50 2017] <pgiarrusso> simply because the TOC of chapter 8 goes one level deeper and shows the actual tactics :-)
[Sat Dec  2 18:30:00 2017] <Steverman> Yeah :D
[Sat Dec  2 18:30:06 2017] <Steverman> peirce <-> de_morgan_not_and_not is hard for me
[Sat Dec  2 18:30:38 2017] <Cypi> https://coq.inria.fr/refman/tactic-index.html if you need an index of tactics, pgiarrusso
[Sat Dec  2 18:31:03 2017] <pgiarrusso> Cypi: no, I need a *directory* of tactics sorted by goal :-)
[Sat Dec  2 18:31:15 2017] <pgiarrusso> by category, whatever
[Sat Dec  2 18:31:22 2017] <pgiarrusso> Steverman: wait, you’re showing that *pierce* is equivalent to the others?
[Sat Dec  2 18:31:31 2017] <pgiarrusso> isn’t pierce the weirdest?
[Sat Dec  2 18:31:37 2017] <pgiarrusso> at least, it is for me
[Sat Dec  2 18:31:41 2017] <pgiarrusso> I have no intuition about it
[Sat Dec  2 18:31:45 2017] <Steverman> Uhm
[Sat Dec  2 18:31:53 2017] <Steverman> Already did:   peirce <-> double_negation_elimination.
[Sat Dec  2 18:31:57 2017] <Steverman> No going back!
[Sat Dec  2 18:32:37 2017] <pgiarrusso> you can go back, just switch to double_negation_elimination as the first step for everything else :-)
[Sat Dec  2 18:32:45 2017] <pgiarrusso> *if* that one is easier for you
[Sat Dec  2 18:32:56 2017] <Steverman> I could yeah :)
[Sat Dec  2 18:33:08 2017] <pgiarrusso> (it is for me, but it’s a personal choice)
[Sat Dec  2 18:33:25 2017] <Steverman> Quick question... how do I remember the H I destruct?
[Sat Dec  2 18:33:55 2017] <pgiarrusso> Steverman: do either remember or pose (H1 := H) help?
[Sat Dec  2 18:34:03 2017] <pgiarrusso> (I forget the `remember` syntax)
[Sat Dec  2 18:34:12 2017] <Steverman> Oh right.. remember to remember :D
[Sat Dec  2 18:34:42 2017] <Steverman> But it's introduced in the next chapter
[Sat Dec  2 18:34:51 2017] <Steverman> Not sure if I should use it then
[Sat Dec  2 18:35:14 2017] <Steverman> I only use tacics I learnt from start to the chapter I am in.
[Sat Dec  2 18:35:40 2017] <lyxia> Steverman: destruct term eqn:myEquation  too perhaps?
[Sat Dec  2 18:36:30 2017] <Steverman> Need a fully applied argument.
[Sat Dec  2 18:37:22 2017] <Cypi> pgiarrusso: for the intuition about Peirce one, would it be easyer if it said `forall P, (~P -> P) -> P`?
[Sat Dec  2 18:37:28 2017] <Cypi> easier*
[Sat Dec  2 18:40:12 2017] <Steverman> I have no idea what that error is
[Sat Dec  2 18:42:08 2017] <Steverman> Oh well, I shouldn't use it anyway
[Sat Dec  2 18:42:57 2017] <pgiarrusso> Steverman: `destruct (term) eqn:myEquation` probably
[Sat Dec  2 18:43:42 2017] <pgiarrusso> I think it’s an achievement of the ML world to confuse so many people on parsing issues with their grammars and error messages :-|
[Sat Dec  2 18:46:10 2017] <pgiarrusso> (but I’m biased because I’m among the confused people)
[Sat Dec  2 18:46:27 2017] <Steverman> :D
[Sat Dec  2 18:46:43 2017] <Steverman> Yeah, I will switch to double_negation
[Sat Dec  2 18:47:54 2017] <Cypi> Did you find peirce -> double_negation easier, or double_negation -> peirce?
[Sat Dec  2 18:48:55 2017] <pgiarrusso> Cypi: uh, good point
[Sat Dec  2 18:48:56 2017] <Steverman> I had to ask for the tip :P
[Sat Dec  2 18:49:23 2017] <Steverman> apply (H P False)
[Sat Dec  2 18:49:52 2017] <Steverman> Hmm, I don't know
[Sat Dec  2 18:50:11 2017] <pgiarrusso> Steverman: shoot-out if that was meant as a Memento quote :-)
[Sat Dec  2 18:50:25 2017] <Steverman> The movie?
[Sat Dec  2 18:50:34 2017] <Steverman> It wasn't :(
[Sat Dec  2 18:50:45 2017] <Steverman> It's a great movie thoug
[Sat Dec  2 18:50:47 2017] <Steverman> j
[Sat Dec  2 18:50:49 2017] <Steverman> though*
[Sat Dec  2 18:52:24 2017] <Cypi> It's a criteria like any other, but if `A -> B` felt easier to me than `B -> A`, then I would think that A is "stronger" (even though they are equivalent) than B
[Sat Dec  2 18:52:31 2017] <Cypi> so it should make proofs easier by starting from A
[Sat Dec  2 18:52:36 2017] <Cypi> but really, it's nothing precise
[Sat Dec  2 18:52:59 2017] <Steverman> It was definitely shorter to write
[Sat Dec  2 18:53:08 2017] <Steverman> By... 3 tactics
[Sat Dec  2 18:53:32 2017] <Steverman> Actually much more
[Sat Dec  2 18:53:59 2017] <Steverman> apply with parenthesis is still icky for me
[Sat Dec  2 18:54:22 2017] <Cypi> It's like the statement I wrote above, `forall P, (~P -> P) -> P`. It's just Peirce instantiated with (Q := False), so clearly Peirce is at least as strong and any proof you can do with (Q := False), you can easily do with Peirce.
[Sat Dec  2 18:54:45 2017] <Cypi> But you can prove that both statements are equivalent of course, so in the end it's a matter of taste
[Sat Dec  2 18:55:06 2017] <Cypi> anyway, I'm just nitpicking x)
[Sat Dec  2 18:56:56 2017] <Steverman> https://gist.githubusercontent.com/Steverman/a0e0ffe1efee9d6f501fefd84f8369e1/raw/433ea65873362a4d9909d87c71e6bc56c9224752/gistfile1.txt
[Sat Dec  2 18:57:26 2017] <Steverman> Works if I use 'left' first
[Sat Dec  2 18:58:43 2017] <pgiarrusso> Steverman: since your hypotheses are in fact symmetric, it seems using `right` first should work as well (not sure the *tactics* would be as easy, but the proof is the same)
[Sat Dec  2 18:59:32 2017] <pgiarrusso> Steverman: but indeed, using an introduction form for the goal is often not a bad thing to try :-)
[Sat Dec  2 19:03:28 2017] <Cypi> Steverman: are you saying that you managed to finish your proof after using `left`?
[Sat Dec  2 19:04:20 2017] <Steverman> Nooo
[Sat Dec  2 19:04:22 2017] <Steverman> :D
[Sat Dec  2 19:04:31 2017] <Cypi> Alright x)
[Sat Dec  2 19:04:32 2017] <Steverman> Nevermind
[Sat Dec  2 19:04:50 2017] <Cypi> Just to explain why I was suspicious
[Sat Dec  2 19:05:31 2017] <Cypi> The only thing you know in your hypothesis which tells you something about P and Q is `~(~P /\ ~Q)`. Nothing strange with this hypothesis, we know that it should be equivalent to `P \/ Q` in a classical context
[Sat Dec  2 19:05:54 2017] <Cypi> If you were able to finish your proof after starting with `left`, it would mean that from this simple hypothesis, you could, _always_ prove P
[Sat Dec  2 19:06:27 2017] <Cypi> and as pgiarrusso was saying, since everything is symmetric, basically you could also always prove Q
[Sat Dec  2 19:06:43 2017] <Steverman> Oh okay
[Sat Dec  2 19:06:56 2017] <Cypi> So, in the end, from your proof, you could prove `P \/ Q -> P /\ Q`, which is clearly suspicious, even with classical logic
[Sat Dec  2 19:07:37 2017] <Cypi> This was a long way of saying: unless you've done something special to distinguish P and Q, there is no reason you should be able to choose between them
[Sat Dec  2 19:07:48 2017] <Cypi> so starting with `left` or `right` probably should not work
[Sat Dec  2 19:07:49 2017] <Steverman> Right
[Sat Dec  2 19:07:58 2017] <pgiarrusso> Steverman: ah, this is the second time you write “works” and I read it as “I can get to Qed.”
[Sat Dec  2 19:08:20 2017] <pgiarrusso> (while Cypi just wrote “work” as “you can finish the proof”)
[Sat Dec  2 19:08:48 2017] <Steverman> Right, it just means I can apply the tactic
[Sat Dec  2 19:10:34 2017] <Cypi> Also, I'm sorry, despite my "rant" about peirce vs double_negation, for this proof it's probably easier to go through double_negation :p . Now I'm going to shut up, sorry x)
[Sat Dec  2 19:11:00 2017] <Steverman> Yeah.. why make it harder
[Sat Dec  2 19:13:54 2017] <pgiarrusso> Cypi: I haven’t seen a rant
[Sat Dec  2 19:14:30 2017] <pgiarrusso> in fact, you taught us that to use Pierce, we should often think of taking Q := False before going on :-)
[Sat Dec  2 19:14:38 2017] <pgiarrusso> so thanks ;-)
[Sat Dec  2 19:15:13 2017] <Steverman> Even with this proof?
[Sat Dec  2 19:16:09 2017] <Steverman> Ohhh.. I have to lookup apply
[Sat Dec  2 19:18:09 2017] <Steverman> apply () is the same as apply with?
[Sat Dec  2 19:19:00 2017] <Cypi> hmm, `with` is just a way to specify which value should be bound to some binders in the term you are applying
[Sat Dec  2 19:19:07 2017] <pgiarrusso> Steverman: you mean `apply ($something)`?
[Sat Dec  2 19:19:09 2017] <Chobbes> Steverman: similar yeah, in that it allows you to specify the arguments to the theorem you're applynig.
[Sat Dec  2 19:19:18 2017] <Steverman> pgiarrusso: yes
[Sat Dec  2 19:19:31 2017] <Cypi> So in the case of `peirce : forall (P Q : Prop), ((P -> Q) -> P) -> P`, doing `apply (H P False)` and `apply H with (P := P) (Q := False)` would be the same
[Sat Dec  2 19:19:48 2017] <pgiarrusso> +1 to Cypi, good example
[Sat Dec  2 19:19:48 2017] <Chobbes> Steverman: but apply () is really just apply without the with! You just construct a new theorem to apply by partially applying it.
[Sat Dec  2 19:20:11 2017] <Steverman> Oh okay
[Sat Dec  2 19:20:12 2017] <Chobbes> You should be able to use apply (blah x y) with (z:=something)
[Sat Dec  2 19:20:14 2017] <Cypi> The advantage of "with" can be that you don't have to specify the position of the binder you are referring to. You can refer to it by its name
[Sat Dec  2 19:20:21 2017] <Chobbes> ^^^
[Sat Dec  2 19:20:35 2017] <pgiarrusso> so `apply f with ...` is just a syntax for “named function arguments” when calling `f`
[Sat Dec  2 19:20:49 2017] <Cypi> So if you know that Coq will be able to infer the first argument of H, you can write `apply (H _ False)`, but you can also write `apply H with (Q := False)` and it should be enough
[Sat Dec  2 19:20:56 2017] <Chobbes> Cypi: although, you can use holes if you only want to supply the third argument of-
[Sat Dec  2 19:21:04 2017] <Chobbes> Yep :)
[Sat Dec  2 19:21:05 2017] <Steverman> Yeah, I tried that
[Sat Dec  2 19:21:09 2017] <Steverman> Got the same
[Sat Dec  2 19:21:15 2017] <Cypi> Yup, but then when you add an argument to your lemma, you need add underscores everywhere :p
[Sat Dec  2 19:21:30 2017] <Chobbes> Cypi: very good point :).
[Sat Dec  2 19:21:38 2017] <Cypi> and of course if you change the name of your argument, you need to change the name in every "with", both ways have pros and cons, as often
[Sat Dec  2 19:21:39 2017] <Steverman> I was actually more explicit
[Sat Dec  2 19:21:47 2017] <Steverman> instead of underscore
[Sat Dec  2 19:21:53 2017] <Steverman> But I can see it can get tedious
[Sat Dec  2 19:22:15 2017] <pgiarrusso> for now being explicit is good
[Sat Dec  2 19:22:31 2017] <Chobbes> Cypi: mmmm. You might be able to use with (1:=blah) or something for the first argument? Seems like a very Coq thing, but I'm not sure that actually works.
[Sat Dec  2 19:22:50 2017] <Cypi> (1:=...) should refer to the first "non-dependent" hypothesis
[Sat Dec  2 19:23:02 2017] <pgiarrusso> oh my gosh, numbers
[Sat Dec  2 19:23:02 2017] <Cypi> (which is usually the first unnamed one (usually, not always))
[Sat Dec  2 19:23:18 2017] <pgiarrusso> who thought they’re a good idea?
[Sat Dec  2 19:23:19 2017] <Cypi> So in this case you can't refer to Q by a number
[Sat Dec  2 19:24:06 2017] <pgiarrusso> also, where do you learn what they mean, I couldn’t make heads or tails of the reference manual there... hm, should ask that when I have a problem in front of me...
[Sat Dec  2 19:24:36 2017] <Chobbes> pgiarrusso: there's some info in CPDT on them.
[Sat Dec  2 19:25:59 2017] <Chobbes> It makes heavy use of them with all of the tactics like induction.
[Sat Dec  2 19:33:41 2017] <pgiarrusso> OK, now I remember my question: how does `rewrite $term at $occurrences` work?
[Sat Dec  2 19:34:09 2017] <pgiarrusso> the manual (https://coq.inria.fr/refman/tactics.html#sec423) points to `pattern`
[Sat Dec  2 19:34:22 2017] <Cypi> weirdly. That's the best I can do on this question, sorry, I never quite understood myself x)
[Sat Dec  2 19:34:49 2017] <pgiarrusso> thanks
[Sat Dec  2 19:35:08 2017] <pgiarrusso> moral support is already great
[Sat Dec  2 19:35:28 2017] <pgiarrusso> I often have `rewrite term at 1` work but `rewrite term at 2` not work
[Sat Dec  2 19:35:38 2017] <pgiarrusso> even when there *are* two occurrences
[Sat Dec  2 19:36:26 2017] <pgiarrusso> in a wonderful touch, the manual says “Occurrences are located from left to right.”, but it does NOT say if the numbering starts at 0 or 1
[Sat Dec  2 19:36:43 2017] <Cypi> I think this is due to a weird thing where rewrite will find the first occurrence, instantiate your $term accordingly (if your $term starts with `forall ..., ...`), and then with this instantiation it won't match your second occurrence
[Sat Dec  2 19:36:44 2017] <pgiarrusso> or even something else, dunno, like -2
[Sat Dec  2 19:36:52 2017] <Cypi> but sometimes experience contradicts this, so really, I don't kno
[Sat Dec  2 19:36:53 2017] <Cypi> w
[Sat Dec  2 19:37:09 2017] <pgiarrusso> wait. a. second.
[Sat Dec  2 19:37:20 2017] <Cypi> Don't take my word for it on this one
[Sat Dec  2 19:37:25 2017] <pgiarrusso> why would rewrite do that if I only want to rewrite the 2nd instance?
[Sat Dec  2 19:37:28 2017] <pgiarrusso> no problem
[Sat Dec  2 19:37:40 2017] <Cypi> To find the 2nd instance, it needs to find the first one, first
[Sat Dec  2 19:38:00 2017] <pgiarrusso> sure, but not to do instantiation, one would hope
[Sat Dec  2 19:38:11 2017] <Cypi> one would hope. I don't know :)
[Sat Dec  2 19:38:44 2017] <pgiarrusso> ohhhh wait, maybe it needs to do unification, and unification uses unification variables, and the sensible implementation for them is imperative, and but this thing might be using backtracking...
[Sat Dec  2 19:38:59 2017] <pgiarrusso> OK, I refuse to believe this might be a bug, but I would not be surprised
[Sat Dec  2 19:39:05 2017] <pgiarrusso> why, $deity, why
[Sat Dec  2 19:39:10 2017] <pgiarrusso> </rant>
[Sat Dec  2 19:40:13 2017] <pgiarrusso> (and then people ask why somebody would use Agda instead of dealing with tactics)
[Sat Dec  2 19:40:25 2017] <pgiarrusso> OK, I promise this is </rant> for real
[Sat Dec  2 19:40:50 2017] <Cypi> You can always ignore tactics and just write terms, or use only refine x)
[Sat Dec  2 19:44:21 2017] <pgiarrusso> Cypi: but I can’t do that without holes
[Sat Dec  2 19:44:28 2017] <Cypi> hence refine
[Sat Dec  2 19:44:33 2017] <pgiarrusso> uh
[Sat Dec  2 19:44:43 2017] <Cypi> (or I misunderstood what you just meant)
[Sat Dec  2 19:44:44 2017] <pgiarrusso> and without dependent pattern matching (though Sozeau might have me covered)
[Sat Dec  2 19:44:55 2017] <pgiarrusso> you’re right, refine *is* relevant
[Sat Dec  2 19:45:07 2017] <Cypi> Equations will be coming for the general public consumption at some point x)
[Sat Dec  2 19:45:27 2017] <pgiarrusso> Cypi: you’re confirming it’s not really ready yet?
[Sat Dec  2 19:46:04 2017] <Cypi> I'm not confirming anything. You can already use it, it will do what's written on the box. But there might still be some quirks and bugs, and there is still work we want to do on it.
[Sat Dec  2 19:46:42 2017] <pgiarrusso> Cypi: “we”? It’s good to know people working on Coq are in the same boat
[Sat Dec  2 19:47:35 2017] <pgiarrusso> anyway, the truth is that I might be more productive in Coq than in Agda right now
[Sat Dec  2 19:47:39 2017] <Cypi> I'm a PhD student of Sozeau, hence the "we". He's still the main developer but I've been working on some parts of Equations.
[Sat Dec  2 19:48:01 2017] <pgiarrusso> well, good luck!
[Sat Dec  2 19:48:06 2017] <Cypi> thanks :)
[Sat Dec  2 20:29:01 2017] <Steverman> Oh well.... I went with peirce anyway
[Sat Dec  2 20:29:11 2017] <Steverman> I only need:   peirce <-> implies_to_or
[Sat Dec  2 21:24:43 2017] <Steverman> 'H : forall P Q : Prop, (P -> Q) -> (P -> False) \/ Q', 'P, Q : Prop', 'HPQP : (P -> Q) -> P' | Goal: P
[Sat Dec  2 21:25:34 2017] <Steverman> I stuck on this
[Sat Dec  2 21:26:25 2017] <Steverman> I'm*
[Sat Dec  2 21:32:54 2017] <Cypi> Hmm, I think there are two keys uses of H in this proof
[Sat Dec  2 21:33:06 2017] <Cypi> one of them is to translate the implication given by HPQP to a disjunction
[Sat Dec  2 21:33:17 2017] <Cypi> the other one is to decide whether P is true or false
[Sat Dec  2 21:34:52 2017] <Steverman> Uff
[Sat Dec  2 21:36:04 2017] <Cypi> I'm wrong actually, you only need one. So scratch what I just said: you can use H to have the exact same goal, but with an extra hypothesis that has type ` ~ P `
[Sat Dec  2 21:36:09 2017] <Cypi> from this it should be easy
[Sat Dec  2 21:36:31 2017] <Steverman> Thanks for the tip :)
[Sat Dec  2 21:36:36 2017] <Steverman> I'll try it
[Sat Dec  2 21:58:02 2017] <Steverman> Huh, not sure what you really meant
[Sat Dec  2 21:59:33 2017] <Steverman> I used 'intros. destruct (H P P)' it works (to QED :D)
[Sat Dec  2 22:00:25 2017] <Cypi> When you do `destruct (H P P)`, in one branch you get `P` (which you can use trivially to prove the goal), and in the other branch you get `~P`, which is what I meant
[Sat Dec  2 22:01:32 2017] <Steverman> https://gist.github.com/Steverman/3e8c7249f7524a133472bf71404354ef
[Sat Dec  2 22:02:11 2017] <Steverman> I see it onw
[Sat Dec  2 22:02:13 2017] <Steverman> now*
[Sun Dec  3 09:31:50 2017] <cq1> This is more of a Company Coq question, but I'd love to somehow annotate my .v file with something that tells Company Coq to render some given text with some particular symbols.
[Sun Dec  3 09:32:19 2017] <cq1> In particular, I want my inductive constructor Iota to render as a nice little iota. I was hoping that Company Coq had a feature for adding custom prettifications.
[Sun Dec  3 09:32:22 2017] <cq1> Does anyone know?
[Sun Dec  3 10:44:32 2017] <dh`> I suspect you want to do that by writing it as an iota, not by telling the ide to translate
[Sun Dec  3 10:58:30 2017] <cq1> dh`: You mean using the Unicode iota character as an identifier?
[Sun Dec  3 11:00:00 2017] <dh`> yeah.
[Sun Dec  3 11:00:13 2017] <dh`> you can definitely do that.
[Sun Dec  3 11:00:19 2017] <cq1> Hmm. :/
[Sun Dec  3 11:00:32 2017] <dh`> (although I've had problems with coqide converting all unicode characters to '?')
[Sun Dec  3 11:01:29 2017] <cq1> Not the worst idea, but seems maybe problematic for other users who might have a hard time typing ι.
[Sun Dec  3 11:02:27 2017] <cq1> I'm using Company Coq (thus emacs) not coqide, so containing a unicode character isn't the worst, but still seems like a potentially problematic solution.
[Sun Dec  3 11:03:07 2017] <dh`> coqide is supposed to support it, it's just the usual problems with unicode on unix
[Sun Dec  3 11:03:51 2017] <dh`> (that is, typically everything works until programs try to start supporting unicode explicitly)
[Sun Dec  3 11:03:59 2017] <pgiarrusso> dh`: aren’t we all on UTF-8 now? Input methods, on the other hand...
[Sun Dec  3 11:04:30 2017] <pgiarrusso> I suspect installing Agda-mode in emacs just for this might be worth it...
[Sun Dec  3 11:04:43 2017] <dh`> you'd think
[Sun Dec  3 11:04:59 2017] <pgiarrusso> Still, I think cq1’s idea can be done
[Sun Dec  3 11:05:12 2017] <pgiarrusso> Spacemacs definitely shows exists as \exists
[Sun Dec  3 11:05:21 2017] <dh`> oh, another way, try using a Notation?
[Sun Dec  3 11:05:26 2017] <pgiarrusso> I think the emacs lingo for this might be font lock
[Sun Dec  3 11:05:56 2017] <cq1> pgiarrusso: Does Spacemacs do that *without* Company Coq?
[Sun Dec  3 11:06:27 2017] <dh`> font lock is about displaying multiple fonts and font styles and colors
[Sun Dec  3 11:06:31 2017] <dh`> less about characters
[Sun Dec  3 11:06:32 2017] <dh`> afaicr
[Sun Dec  3 11:07:15 2017] <pgiarrusso> Or is it fortification? Anyway, you’ll need the right name for this sort of thing to google for the solution
[Sun Dec  3 11:07:41 2017] <cq1> A custom prettification really seems like the lowest burden solution. I can keep my file as 7-bit ASCII (with all the entailed benefits of making it easier to edit for most people), and still have it render nicely.
[Sun Dec  3 11:07:55 2017] <pgiarrusso> cq1 it’s with the Coq layer on the devel branch, that includes company-Coq + proof-general + not sure what stuff
[Sun Dec  3 11:08:24 2017] <pgiarrusso> cq1: I agree that’s a valid concern, especially in the Coq world
[Sun Dec  3 11:09:10 2017] <pgiarrusso> (In contrast to Agda, but Agda tools give better support for math Unicode input)
[Sun Dec  3 11:11:55 2017] <pgiarrusso> cq1 https://emacs.stackexchange.com/a/36156/2087 with proof general
[Sun Dec  3 11:12:39 2017] <anonlastname> Where can I get info about how Coq decides if an argument is decreasing or not?
[Sun Dec  3 11:16:05 2017] <lyxia> 1. Unfold stuff. 2. See whether arguments of recursive calls come from pattern matching parameters of inductive types at the same position...?
[Sun Dec  3 11:16:34 2017] <cq1> pgiarrusso: Cool, seems useful. I wonder if this is compatible with Company Coq...
[Sun Dec  3 11:17:50 2017] <pgiarrusso> cq1: either of us could check the Spacemacs layer, though probably we have the same valid reasons for not doing it
[Sun Dec  3 11:19:15 2017] <pgiarrusso> cq1 but I mean, isn’t company-Coq required to work with proof general? I’d just try and/or ask there; linking to a stackexchange was also a hint ;-)
[Sun Dec  3 11:34:11 2017] <cq1> pgiarrusso: Yeah, that seems to work fine for me. Thanks for the link.
[Sun Dec  3 11:42:39 2017] <pgiarrusso> :-)
[Sun Dec  3 12:49:49 2017] <cq1> How fast growing a function nat -> nat can one actually define in Coq?
[Sun Dec  3 12:53:55 2017] <Cypi> You can define the Ackermann function in Coq, cq1. Does that help answering your question?
[Sun Dec  3 12:54:01 2017] <Cypi> (I don't know much about computability)
[Sun Dec  3 12:56:37 2017] <cq1> Cypi: That puts a nice lower bound on it, thanks.
[Sun Dec  3 13:04:22 2017] <darktenaibre> cq1: that's actually a pretty hard question; you can certainly define *much worse*
[Sun Dec  3 13:05:26 2017] <darktenaibre> Ackerman is system-T definable, so it is actually kind of easy, as in Peano Arithmetic-easy to be precise
[Sun Dec  3 13:07:28 2017] <darktenaibre> and Coq is strong enough to show normalization of system F, so you should have everything that is definable in second-order arithmetic, which should include all sorts of length of hydra battle or length of Goodstein sequences
[Sun Dec  3 13:09:28 2017] <darktenaibre> then I'm not an expert either, but these issues are also linked to consistency strength, which I think are not so well-known for Coq, beyond the (Coq + EM) at type n+1 ⟹ Cons of ZF + n inaccessible cardinals by bruno barras' work
[Sun Dec  3 13:11:09 2017] <darktenaibre> so my guess is that a quick answer to your question is mostly "horribly big" and depends whether or not you assume further axioms
[Sun Dec  3 13:11:30 2017] <cq1> darktenaibre: Thanks, this is very helpful.
[Sun Dec  3 13:12:34 2017] <cq1> This is also the sort of answer I was looking for.
[Sun Dec  3 13:13:07 2017] <cq1> Do you have a citation on the Bruno Barras work?
[Sun Dec  3 13:16:55 2017] <Vivi_> Can anyone point me to a formalization of indexed set families?
[Sun Dec  3 13:20:07 2017] <darktenaibre> cq1: not sure how relevant it is for the specifics of your question as I'm not an expert on definability of fast-growing recursive functions tho; and I do not have a specific citation in mind actually, I am mostly aware of his big formalization efforts, there are probably more details on his webpage http://www.lix.polytechnique.fr/~barras/
[Sun Dec  3 13:21:12 2017] <darktenaibre> I suppose this would be the most relevant paper https://jfr.unibo.it/article/view/1695, I haven't read it recently, maybe skimmed through it a couple years ago
[Sun Dec  3 13:23:37 2017] <darktenaibre> (and also, as with all things regarding metatheory of coq as implemented, I think no one would dare make a definite claim for an upper bound; another question of interested that was probably studied more thoroughly in the past is the same question restricted to various predicative fragments (MLTT))
[Sun Dec  3 13:25:00 2017] <darktenaibre> (in such a case, ackermann would still be one of these obvious system T-definable lower bounds, but maybe you can get upper bounds such as "definable in full second order arithmetic" or smth)
[Sun Dec  3 13:43:02 2017] <cq1> darktenaibre: Thanks, I'm reading this paper now.
[Sun Dec  3 16:03:04 2017] <cq1> Does the admit tactic work differently now in 8.6? I used to be able to do Theorem bad : False. Proof. admit. Qed. but now that's not working.
[Sun Dec  3 16:05:19 2017] <Cypi> Now it forces you to end your proof with `Admitted.`. You can import Compat.AdmitAxiom to get the old behaviour back
[Sun Dec  3 16:05:44 2017] <cq1> Cypi: Hmm, that seems like a good change. Thanks.
[Sun Dec  3 16:31:30 2017] <cq1> I have an inductive that is basically just a trivial tree. What's the best idiom to get an equality decider on it? Optimally I'd like something very automatic.
[Sun Dec  3 16:32:27 2017] <lapinot> hello
[Sun Dec  3 16:45:07 2017] <lyxia> lapinot: <3
[Sun Dec  3 16:58:20 2017] <lapinot> i'm quite excited to be able to do a pull request on coq/coq: there is a stupid bug in coqide on 4.06.0 since now lablgtk2 has upgrade to using safe strings
[Sun Dec  3 16:58:33 2017] <lapinot> s/upgrade/upgraded/
[Sun Dec  3 17:00:03 2017] <dh`> cq1: just write it down, unless your tree has a lot of cases it's pretty easy
[Sun Dec  3 17:02:23 2017] <dh`> e.g. http://codepad.org/8GXPeSCH
[Sun Dec  3 17:04:01 2017] <lyxia> lapinot: Can upgrading to safe string cause bugs?
[Sun Dec  3 17:04:42 2017] <cq1> dh`: I don't want propositional equality, I want boolean equality. I could do as you say, and additionally define the obvious Fixpoint, then prove correctness, but I was really hoping there was some built in mechanism to do all of this for me.
[Sun Dec  3 17:05:47 2017] <cq1> I don't want to just write the obvious boolean equality Fixpoint, because I could have made a dumb mistake. I can prevent this by proving it equivalent to what you wrote, but now I'm looking at 15+ lines for something that is should be totally rote.
[Sun Dec  3 17:06:03 2017] <dh`> oh
[Sun Dec  3 17:06:05 2017] <lapinot> lyxia: i guess so (now strings are safe by default so unsafe behavior will crash)..
[Sun Dec  3 17:06:05 2017] <cq1> "There is no such builtin mechanism" is an acceptable answer.
[Sun Dec  3 17:06:15 2017] <dh`> you can use Tree_dec to build the boolean function for you
[Sun Dec  3 17:06:31 2017] <dh`> yuo'll get pretty crap code from this, but that probably doesn't matter
[Sun Dec  3 17:07:04 2017] <dh`> now the question is whether I can remember how
[Sun Dec  3 17:07:51 2017] <lyxia> lapinot: I assumed it just made programs not compile
[Sun Dec  3 17:08:39 2017] <cq1> dh`: I guess that's not the worst.
[Sun Dec  3 17:08:45 2017] <lapinot> lyxia: ha! yeah, i was being unprecise but that's what i meant!
[Sun Dec  3 17:10:23 2017] <cq1> dh`: That's actually a pretty okay solution, especially because I "Definition beq_tree a b := if Tree_dec a b then true else false." seems pretty trivially bug-free.
[Sun Dec  3 17:10:31 2017] <cq1> I guess I could accidentally swap the positions of true and false.
[Sun Dec  3 17:10:45 2017] <dh`> yeah but you didn't :-)
[Sun Dec  3 17:11:43 2017] <lyxia> lapinot: ah, okay :) I guess for some value of "bug", "not compiling" counts as one.
[Sun Dec  3 17:12:01 2017] <cq1> dh`: I'm picturing that I've got a bunch of such inductives, and maybe I accidentally mess up for one of them. I'd really like a "MagicalVernacularThatMakesABooleanDecider my_inductive" that eliminates all such issues.
[Sun Dec  3 17:12:18 2017] <cq1> But I guess your solution is sufficiently non-horrific. It's still mildly horrific.
[Sun Dec  3 17:13:58 2017] <pgiarrusso> cq1: on your “fast growth”, would definability in System F/2nd order Peano arithmetic be relevant?
[Sun Dec  3 17:14:06 2017] <pgiarrusso> cq1: Coq is more powerful of course
[Sun Dec  3 17:14:17 2017] <dh`> it seems to me that there ought to be a nice way to get foo_dec for an arbitrary inductive
[Sun Dec  3 17:14:27 2017] <dh`> (at least where it's true)
[Sun Dec  3 17:15:25 2017] <dh`> hmm, Definition Tree_eq (a b: Tree) : bool :=
[Sun Dec  3 17:15:25 2017] <dh`>    if Tree_dec a b then true else false.
[Sun Dec  3 17:15:30 2017] <dh`> acts kinda weird
[Sun Dec  3 17:15:38 2017] <pgiarrusso> cq1: Girard’s “Proofs and Types” shows that System F can define exactly the functions that you can prove total in 2nd order Peano/Heyting arithmetic
[Sun Dec  3 17:15:43 2017] <lapinot> oh but now i'm really sad, it has already been reported and fixed: https://github.com/coq/coq/issues/6140 .. it's just that no release happened in the meantime
[Sun Dec  3 17:17:04 2017] <pgiarrusso> cq1: and I suspect that should extend to bigger systems — the proof is based on a realizability model, and we know how to build those for many languages
[Sun Dec  3 17:37:38 2017] <bor0> given n <= m, how can I apply this hypothesis to the min/max for the goal min n m <= max n m?
[Sun Dec  3 17:39:57 2017] <Vivi_> Why do you need n <= m for min n m <= max n m?
[Sun Dec  3 17:40:30 2017] <bor0> I'm trying to prove forall n m : nat, min n m <= max n m for fun :D
[Sun Dec  3 17:40:44 2017] <Vivi_> right, you don't need that assumption
[Sun Dec  3 17:41:08 2017] <bor0> I don't need n <= m? I'm using [case (Nat.leb n m) eqn:Hn.]
[Sun Dec  3 17:41:53 2017] <bor0> my attempt was to use the fact that [n <= m \/ n > m] and prove by cases, by rewriting min/max defs with the current hypothesis
[Sun Dec  3 17:42:10 2017] <Chobbes> bor0: you should end up with two cases in your proof. One where n <= m and one where m <= n. Is that what you're refering to?
[Sun Dec  3 17:42:20 2017] <Chobbes> Errr. m < n
[Sun Dec  3 17:42:28 2017] <Chobbes> You know what I mean :)
[Sun Dec  3 17:42:33 2017] <bor0> n <= m and m > n you mean? :D
[Sun Dec  3 17:42:44 2017] <Vivi_> m > n <-> n < m :)
[Sun Dec  3 17:43:11 2017] <Chobbes> bor0: no, because that would be n <= m and n < m
[Sun Dec  3 17:43:26 2017] <cq1> bor0: Are you looking for something like this? https://pastebin.com/raw/ifcNfYEw
[Sun Dec  3 17:44:25 2017] <bor0> oh, right :D sorry
[Sun Dec  3 17:44:35 2017] <bor0> n <= m and m < n
[Sun Dec  3 17:44:54 2017] <Chobbes> bor0: Min n m <= max n m if n <= m or if m <= n. So you shouldn't need that as an assumption.
[Sun Dec  3 17:45:15 2017] <bor0> cq1, wow. I'm speechless. what does the "try" tactic do?
[Sun Dec  3 17:45:41 2017] <bor0> my proof attempt already has 3 lemmas and 4 LoC theorem :D
[Sun Dec  3 17:45:44 2017] <Chobbes> bor0: attempts the tactic, and doesn't complain if it fails.
[Sun Dec  3 17:45:56 2017] <Chobbes> bor0: it's useful in conjunction with ';'
[Sun Dec  3 17:46:09 2017] <Vivi_> sorry to re-ask this, but is there a formalization of indexed set families handy someplace?
[Sun Dec  3 17:46:17 2017] <bor0> ahhh, min_l and max_r is the magic here
[Sun Dec  3 17:46:31 2017] <bor0> *runs Coq Check on them*
[Sun Dec  3 17:46:35 2017] <cq1> pgiarrusso: This seems like the sort of thing I'm looking for, but I'll have to look up these various terms more.
[Sun Dec  3 17:47:26 2017] <bor0> haha, those are exactly what I had as axioms for my theorem: [Axiom a1 : forall n m : nat, n <= m -> min n m = n.] [Axiom a2 : forall n m : nat, n <= m -> max n m = m.]. cute
[Sun Dec  3 17:48:00 2017] <cq1> bor0: Are you trying to prove things yourself with minimal library theorems?
[Sun Dec  3 17:48:25 2017] <pgiarrusso> cq1 yeah it is not immediate
[Sun Dec  3 17:48:29 2017] <bor0> cq1, I'm doing random stuff to be honest. I just thought of this simple theorem and trying to prove it myself to increase my Coq knowledge. I'm at chapter 4 of Software Foundations Vol. 1
[Sun Dec  3 17:49:03 2017] <bor0> so "assumption" is the same as "exact <Some hyp>"?
[Sun Dec  3 17:49:28 2017] <Chobbes> bor0: yep!
[Sun Dec  3 17:49:43 2017] <Chobbes> It just finds the hypothesis automatically.
[Sun Dec  3 17:49:55 2017] <Chobbes> Sometimes it can't do it if the types are really complicated, though.
[Sun Dec  3 17:51:40 2017] <bor0> in proving [forall n m : nat, n <= m -> min n m = n.], is my original approach (considering [n <= m \/ n > m]) a good way to attack it?
[Sun Dec  3 17:52:16 2017] <Chobbes> Should be!
[Sun Dec  3 17:53:51 2017] <Vivi_> If you know n <= n, considering [n <= m \/ n > m] is [|exfalso] tho.
[Sun Dec  3 17:54:01 2017] <Vivi_> n <= m*
[Sun Dec  3 17:54:39 2017] <bor0> what's the difference between <= and <=? (I know the latter is nat -> nat -> bool)
[Sun Dec  3 17:55:02 2017] <bor0> ah, I have leb_le to re-use for my case (but still wondering how they differ)
[Sun Dec  3 17:55:33 2017] <cq1> bor0: It may be that you don't want spoilers, but you can prove (forall n m, min n m <= max n m) pretty readily with library theorems: https://pastebin.com/raw/Z1H5ENm5
[Sun Dec  3 17:56:01 2017] <bor0> I will look at the pastebin, but I think doing it from "scratch" will probably increase my skills (at least a bit) :D
[Sun Dec  3 17:57:22 2017] <bor0> for example, I already tried to do [Axiom a1 : forall n m : nat, n <= m -> min n m = n.] before seeing your pastebin, which makes me proud I was on the right path :D
[Sun Dec  3 17:58:05 2017] <cq1> bor0: Why do you have that as an axiom? Are you intending to replace that with a proof? If so, maybe you should have it as a lemma and admit it until you're ready to go back and prove it.
[Sun Dec  3 17:58:30 2017] <bor0> ahhh! forgot about Admitted. it was discussed in the book. good catch! yeah my plan was to prove it later
[Sun Dec  3 17:59:27 2017] <Chobbes> cq1: the only difference is a little bit of syntax, though?
[Sun Dec  3 18:00:03 2017] <bor0> I think "Admitted" marks my green (status?) bar with yellow points while Axiom doesn't (might be wrong)
[Sun Dec  3 18:00:26 2017] <Chobbes> Status bar? CoqIDE?
[Sun Dec  3 18:00:37 2017] <bor0> yeah
[Sun Dec  3 18:00:49 2017] <Chobbes> Ah okay, I'm a PG person.
[Sun Dec  3 18:00:55 2017] <cq1> Chobbes: It's true. I was mostly asking to make sure bor0 wasn't thinking they had to axiomatically define min and max, or something, and intended to prove those.
[Sun Dec  3 18:01:05 2017] <Chobbes> Though, yeah, I think Admitted shows up red in PG.
[Sun Dec  3 18:01:26 2017] <bor0> is there a vim PG? or vim anything-Coq-related? I'm kind of struggling with CoqIDE because the key bindings are weird on OS X
[Sun Dec  3 18:01:44 2017] <Chobbes> bor0: use Evil with PG.
[Sun Dec  3 18:01:45 2017] <bor0> but it's good that I can go step by step, that's why I avoid the command line compiler
[Sun Dec  3 18:02:03 2017] <Chobbes> https://www.emacswiki.org/emacs/Evil
[Sun Dec  3 18:02:33 2017] <bor0> that's emacs right? yeah. I tried emacs a bunch of times in the past :D guess I have to give it another try
[Sun Dec  3 18:02:34 2017] <Chobbes> I know of lots of people who do this. Though, I am not one of them :).
[Sun Dec  3 18:02:50 2017] <Chobbes> bor0: PG is just an emacs plugin.
[Sun Dec  3 18:03:02 2017] <Chobbes> But you can make emacs have vim keys if you would like :).
[Sun Dec  3 18:03:07 2017] <bor0> ah, Evil is "vi" on emacs. guess I can try that combo :D
[Sun Dec  3 18:03:29 2017] <bor0> lol E"vi"l, nice
[Sun Dec  3 18:04:41 2017] <Chobbes> bor0: I'd recommend getting familiar with emacs if you're interested in stuff like Coq. A lot of modes for "esoteric" programming languages start with Emacs.
[Sun Dec  3 18:05:42 2017] <bor0> yeah, I noticed that. I tried Agda, Lean and a couple of others, but Coq seems best for me. I only have some Haskell experience so most of the things click but I still get stuck on some things
[Sun Dec  3 18:06:15 2017] <bor0> "brew install emacs" then :D
[Sun Dec  3 18:06:24 2017] <Steverman> I'm thinking about going back to basics. Starting with SKI, then Simply Typed Lambda Calculus.... System F, and eventually Calculus of Constructions. Just to know the inner workings (and for my course). I just don't have any material for it
[Sun Dec  3 18:06:37 2017] <Chobbes> bor0: brew install emacs --with-cocoa=y probably, if I recall correctly.
[Sun Dec  3 18:06:51 2017] <Chobbes> bor0: also a lot of people like Spacemacs.
[Sun Dec  3 18:07:06 2017] <Steverman> My lecture notes are not good neough for me, so I need to look somewhere else
[Sun Dec  3 18:07:09 2017] <bor0> how is it different from Emacs? (w.r.t. Coq, or in general)
[Sun Dec  3 18:07:10 2017] <Chobbes> Which is like a front end to emacs? I don't use it, but it includes some easy setup stuff, I think.
[Sun Dec  3 18:07:39 2017] <Chobbes> bor0: by default I think brew only installs the command line version.
[Sun Dec  3 18:07:59 2017] <Chobbes> Though it has been a while since I have used a mac, so I might be remembering wrong :).
[Sun Dec  3 18:08:19 2017] <Chobbes> It might also recommend adding a cask(?) or something for emacs for mac or whatever it is.
[Sun Dec  3 18:08:27 2017] <Chobbes> I'd probably listen to brew.
[Sun Dec  3 18:09:04 2017] <Chobbes> bor0: oh! Also if you do try proof general I would *strongly* recommed installing company-coq as well.
[Sun Dec  3 18:09:30 2017] <Chobbes> https://github.com/cpitclaudel/company-coq
[Sun Dec  3 18:11:05 2017] <bor0> thanks! I will check those out
[Sun Dec  3 18:11:18 2017] <bor0> Steverman, are you following a college/university course? or just self-learning?
[Sun Dec  3 18:11:51 2017] <Steverman> university
[Sun Dec  3 18:12:24 2017] <bor0> ah, ok. I guess it's trickier, given time constraints etc
[Sun Dec  3 18:13:24 2017] <Steverman> I have a coq assignment, but I have no idea how to start on it
[Sun Dec  3 18:13:33 2017] <Chobbes> Steverman: honestly if you want a teensy peek behind the curtains I would recommend going through this: http://oxij.org/note/BrutalDepTypes/
[Sun Dec  3 18:13:53 2017] <bor0> Steverman, are you allowed to share the assignment? I'm just curious
[Sun Dec  3 18:14:00 2017] <Steverman> Chobbes: Sure
[Sun Dec  3 18:14:05 2017] <Steverman> bor0*
[Sun Dec  3 18:14:06 2017] <Steverman> :D
[Sun Dec  3 18:14:13 2017] <Chobbes> Steverman: I've found that doing a bit of Agda (where you write out raw proof terms instead of using tactcs in Coq) enlightening.
[Sun Dec  3 18:14:49 2017] <bor0> Chobbes, why is that? what is "raw proof terms"? is it like _the_ lambda calculus or?
[Sun Dec  3 18:14:54 2017] <Steverman> I can't do that with my time constraint
[Sun Dec  3 18:15:27 2017] <Steverman> I get lost in tactics pretty fast, but that's because I am poor at formal logic
[Sun Dec  3 18:15:42 2017] <Chobbes> bor0: more or less, yeah. I mean there's still a bunch of syntactic sugar in Agda, but you get a much better sense of what a proof actually looks like in a curry-howard sense.
[Sun Dec  3 18:15:56 2017] <Steverman> Especially with the last chapter I did
[Sun Dec  3 18:16:03 2017] <bor0> Chobbes, is there not a way to do that with Coq? I liked Lean because of that but I thought I'd get to that point in Coq, eventually
[Sun Dec  3 18:16:21 2017] <Chobbes> bor0: you can do this in Coq too!
[Sun Dec  3 18:16:25 2017] <Chobbes> Or, Gallina, rather.
[Sun Dec  3 18:16:46 2017] <Chobbes> But Agda is a bit cleaner and includes an axiom that makes dependent pattern matching much nicer.
[Sun Dec  3 18:16:48 2017] <Steverman> Chobbes: I will look at it :). I need a crash course on everything
[Sun Dec  3 18:17:02 2017] <Chobbes> Programming with dependent types in Coq is... More painful.
[Sun Dec  3 18:17:46 2017] <bor0> Steverman, are you good with mathematical proofs (on paper)?
[Sun Dec  3 18:17:58 2017] <Steverman> Not really
[Sun Dec  3 18:18:25 2017] <Steverman> bor0: https://www.dropbox.com/s/xfv0gdysfygth7l/projects.pdf?dl=0
[Sun Dec  3 18:18:35 2017] <Chobbes> Steverman: depending on what you mean by "lost in tactics" it's possible that proof tree could be a little helpful for you?
[Sun Dec  3 18:18:42 2017] <bor0> ignoring your time constraint https://www.amazon.com/How-Prove-Structured-Approach-2nd/dp/0521675995 this really helped me with that part. another good one (free) alternative is http://people.uleth.ca/~dave.morris/books/proofs+concepts.html
[Sun Dec  3 18:19:35 2017] <Steverman> Chobbes: if it's the ones with lines, then the part I am struggling with is mostly the symbols and definitions
[Sun Dec  3 18:19:56 2017] <Chobbes> Is it bad form to recommend Software Foundations for learning proofs? :P
[Sun Dec  3 18:20:16 2017] <Chobbes> Steverman: yeah, it sort of shows you where you are in the tree structure of the proof.
[Sun Dec  3 18:20:32 2017] <Steverman> SKI was easy to understand
[Sun Dec  3 18:20:38 2017] <Chobbes> Which can be a little helpful for keeping track of where you were.
[Sun Dec  3 18:21:16 2017] <bor0> as far as I see it does assume knowing proofs a bit (at least Vol. 1). it doesn't have kind of the "total newbie" exercises like HTPI (prove A, A -> B .:. B, show why it holds with tables), etc
[Sun Dec  3 18:21:31 2017] <Chobbes> Steverman: for definitions and symbols -- don't know what would be most helpful. Probably unfolding things / searching / printing in Coq?
[Sun Dec  3 18:21:47 2017] <Steverman> Lambda calculus got tricky, and may need more reading. Got totally lost then types can have kinds... like types for types?
[Sun Dec  3 18:22:01 2017] <Steverman> This is outside of coq :)
[Sun Dec  3 18:22:32 2017] <Steverman> We pretty much got handed 2 lecture notes and that's it
[Sun Dec  3 18:22:47 2017] <Steverman> Weekly coq assignments. Usually whole chapters from SF
[Sun Dec  3 18:22:56 2017] <Steverman> including optional
[Sun Dec  3 18:23:29 2017] <Chobbes> Steverman: oooh, Aarhus?
[Sun Dec  3 18:23:34 2017] <Steverman> Yes
[Sun Dec  3 18:24:03 2017] <Steverman> Stop gooling my lecturer :D
[Sun Dec  3 18:24:05 2017] <Steverman> googling*
[Sun Dec  3 18:24:13 2017] <bor0> types do have types in Coq too I think. e.g. Inductive bool : Set.
[Sun Dec  3 18:24:14 2017] <Chobbes> Cool :). I met a bunch of people from there at the DeepSpec Summer School (coq thing).
[Sun Dec  3 18:24:27 2017] <Chobbes> bor0: yep!
[Sun Dec  3 18:24:50 2017] <Chobbes> I don't know too much about it but there's this type hierarchy.
[Sun Dec  3 18:24:51 2017] <Steverman> I actually took this course because of a lecturer. But he left!
[Sun Dec  3 18:25:07 2017] <Steverman> The best lecturer I had
[Sun Dec  3 18:25:12 2017] <Chobbes> Steverman: :C
[Sun Dec  3 18:25:17 2017] <bor0> yeah, I think type hierarchy is for Russel's paradox (I remember reading this somewhere, and it also might have been Software Foundations Vol 1. too, or maybe Mike Nahas tutorial)
[Sun Dec  3 18:25:43 2017] <bor0> Russell's*
[Sun Dec  3 18:25:54 2017] <Chobbes> bor0: yeah. It's to prevent paradoxes and whatnot.
[Sun Dec  3 18:25:59 2017] <Steverman> Then we got a new guy. Every lecture is just him and coq. I don't get much out of it
[Sun Dec  3 18:26:19 2017] <Steverman> But it's this guy: https://www.nature.com/articles/432790b
[Sun Dec  3 18:27:08 2017] <Chobbes> Steverman: are you a grad / undergrad?
[Sun Dec  3 18:27:11 2017] <Steverman> grad
[Sun Dec  3 18:27:15 2017] <bor0> I'd say pre-requisites for Coq is knowledge with at *least* one FP language (pref. Haskell) and math proofs on paper. this is from personal experience, and doesn't mean it has to be done that way but I _think_ I get what's going on
[Sun Dec  3 18:27:17 2017] <Steverman> well..
[Sun Dec  3 18:27:23 2017] <Steverman> Studying masters.. so not yet grad?
[Sun Dec  3 18:28:56 2017] <Steverman> I am not familiar with undergraduate/graduate as it's a North American thing
[Sun Dec  3 18:29:01 2017] <Chobbes> Steverman: ah, okay. I was wondering if you would know a couple PhD students -- Lau and Marit. Maybe you wouldn't then?
[Sun Dec  3 18:29:05 2017] <Steverman> + few others
[Sun Dec  3 18:29:22 2017] <Steverman> Lau
[Sun Dec  3 18:29:27 2017] <Steverman> My old TA
[Sun Dec  3 18:29:41 2017] <Steverman> The bearded guy?
[Sun Dec  3 18:29:46 2017] <Chobbes> Steverman: yeah! :)
[Sun Dec  3 18:30:17 2017] <Steverman> He was TA for my "regularity" and automata course
[Sun Dec  3 18:30:37 2017] <Steverman> intro to formal language I guess?
[Sun Dec  3 18:30:39 2017] <Chobbes> Steverman: Lau is clairvoyant. They predicted that I would end up in a wheel chair at DSSS17... And I broke my ankle a few days later.
[Sun Dec  3 18:30:56 2017] <Steverman> :D
[Sun Dec  3 18:31:12 2017] <Steverman> Marit.. hmmmm hmm
[Sun Dec  3 18:31:15 2017] <Chobbes> bor0: Haskell + proofs definitely help! Though, I would say that Coq can also help you learn Haskell ;)
[Sun Dec  3 18:31:19 2017] <Steverman> Oh her
[Sun Dec  3 18:31:33 2017] <Steverman> We started at the same time
[Sun Dec  3 18:32:01 2017] <bor0> Chobbes, yep :D I don't negate that. my road was starting with Haskell first (I heard the hype from some friends) but then I learned about Coq (which is much more powerful than Haskell) so decided to give it a go :)
[Sun Dec  3 18:32:18 2017] <Chobbes> bor0: one thing is that Coq tends to be a lot more... Tame than Haskell.
[Sun Dec  3 18:32:42 2017] <Steverman> I guess she started on her PhD on top of her masters degree
[Sun Dec  3 18:32:49 2017] <Steverman> Seems to be a trend here
[Sun Dec  3 18:33:12 2017] <bor0> Chobbes, so math proofs being the only pre-requisite? or do you think SF handles that well?
[Sun Dec  3 18:33:33 2017] <Chobbes> Like you can get into some pretty complicated types and magical category theory when diving into Haskell right away. You usually don't have that problem in Coq, I find.
[Sun Dec  3 18:34:00 2017] <bor0> yeah, especially the monads stuff. I guess it's because Haskell is more about IO than Coq?
[Sun Dec  3 18:34:07 2017] <bor0> (I might be wrong, as I still haven't done any Coq IO)
[Sun Dec  3 18:34:43 2017] <Steverman> I am still worried about this course, and may have to drop it
[Sun Dec  3 18:34:46 2017] <Chobbes> bor0: I keep wanting to teach people math with Coq, so I dunno. It is one of the goals of SF to handle that relatively well, and I think it does a decent job? But I dunno. Different things work for different people.
[Sun Dec  3 18:36:21 2017] <Chobbes> bor0: I think that's definitely part of it, but another part might just be that the community is smaller so you have fewer libraries that you might want to use that force you to learn ever more type wizardry fast. Plus Coq has had really good beginner resources like SF for a while. Haskell was lacking for a time.
[Sun Dec  3 18:37:30 2017] <Chobbes> Steverman: hopefully not :(. I do find that it takes a couple passes for Coq to make sense sometimes. Also if a proof isn't coming along it's very good to take a break, maybe try to solve the thing on paper.
[Sun Dec  3 18:37:31 2017] <Steverman> To be honest. If you don't know anything  about the inner workings, proofs (or poor at it), then Coq is just a puzzle solving game. That is what I heard from most students here
[Sun Dec  3 18:37:34 2017] <bor0> yeah, agree. LYAH was really good tho for beginners
[Sun Dec  3 18:38:39 2017] <Steverman> I want to do it on paper, but I lack the proper foundation to be able to :)
[Sun Dec  3 18:39:01 2017] <Chobbes> bor0: LYAH is good for encouraging people to learn Haskell, but I think overall it's not the best due to a lack of exercises, some shaky monad / applicative / functor chapters, and out of date sections.
[Sun Dec  3 18:40:07 2017] <Chobbes> Steverman: :(. Well, if you have particular questions maybe I or somebody else in here can help you!
[Sun Dec  3 18:40:34 2017] <Steverman> This was supposed to be an introduction course, but oh boy he skipped the earlier parts so quick
[Sun Dec  3 18:40:49 2017] <Chobbes> Steverman: that's how it always goes :P.
[Sun Dec  3 18:41:33 2017] <Steverman> Uni life :(
[Sun Dec  3 18:42:15 2017] <Chobbes> Yep! But it's usually a lot better when you sit down and get a chance to go through it. Though, obviously that's not without challenges.
[Sun Dec  3 18:42:42 2017] <bor0> Steverman, I think the fastest way to get to it is to read up on two-column proofs, and read some of the rewrite (inference) rules https://en.wikipedia.org/wiki/List_of_rules_of_inference#Table:_Rules_of_Inference
[Sun Dec  3 18:42:42 2017] <Steverman> Yeah, that's why I asked for materials :D
[Sun Dec  3 18:42:53 2017] <Steverman> I have to start with basics
[Sun Dec  3 18:43:17 2017] <Steverman> I remember these from my logic course
[Sun Dec  3 18:43:23 2017] <bor0> two-column proofs is basically when you try to prove something and on the left column you do the actual rewrite and on the right you explain by which rule it is
[Sun Dec  3 18:43:47 2017] <bor0> when doing proofs I think it all boils down to rewriting. both in Coq and manually
[Sun Dec  3 18:44:09 2017] <bor0> rewriting/substitution
[Sun Dec  3 18:44:12 2017] <Steverman> I used natural deduction
[Sun Dec  3 18:44:36 2017] <Steverman> But I remember them as boxes
[Sun Dec  3 18:44:55 2017] <bor0> boxes? or do you mean tables?
[Sun Dec  3 18:45:02 2017] <Vivi_> Thinking about proofs in terms of rewriting is a bad idea.
[Sun Dec  3 18:45:13 2017] <bor0> whoops. why's that, Vivi_?
[Sun Dec  3 18:46:04 2017] <Vivi_> It is how it works in proof assistants, but "natural" proofs rarely if ever are expressed in terms of steps that "compose" a proof.
[Sun Dec  3 18:46:05 2017] <Steverman> No, actual boxes: https://www.researchgate.net/profile/Bernard_Sufrin/publication/2650380/figure/fig1/AS:341829011689481@1458509795515/Figure-6-a-small-proof-in-the-above-encoding-of-natural-deduction.png
[Sun Dec  3 18:46:12 2017] <Steverman> When I did natural deduction
[Sun Dec  3 18:46:21 2017] <Vivi_> For the same reason why two column proofs are a bad idea.
[Sun Dec  3 18:46:24 2017] <bor0> Vivi_, by "natural" you mean "informal"?
[Sun Dec  3 18:46:30 2017] <Vivi_> yes
[Sun Dec  3 18:47:04 2017] <bor0> I definitely agree. I read this somewhere also in some book "now that you learned how to apply two-column proofs, forget it and never use it" :D but I think it's a good thing to explain what's going on under the hood
[Sun Dec  3 18:50:23 2017] <Vivi_> In Coq, the closest to "natural"
[Sun Dec  3 18:50:37 2017] <Vivi_> proving one can get is to adopt Adam Chlipala's style
[Sun Dec  3 18:51:49 2017] <Vivi_> (although I wouldn't recommend any of his books before you finish SF)
[Sun Dec  3 18:52:28 2017] <Steverman> Regarding my upcoming project. There are 3 coq projects I can choose. And knowing that I am poor at this. I don't know which project I should avoid to stop myself from shooting myself in the foot
[Sun Dec  3 18:54:21 2017] <bor0> I suggest you go with the group approach (as far as I checked the pdf). probably easier than solo :)
[Sun Dec  3 18:54:49 2017] <bor0> (disclaimer: I'm (still) a Coq noob)
[Sun Dec  3 18:55:31 2017] <Steverman> That was not the question :D.
[Sun Dec  3 18:55:46 2017] <Steverman> Section 2 has the projects
[Sun Dec  3 18:58:03 2017] <Steverman> I  think 2-3 Trees looking doable
[Sun Dec  3 18:58:05 2017] <Steverman> looks*
[Sun Dec  3 19:09:02 2017] <bor0> why is the definition of max recursive and not using comparison definitions? makes stuff a bit harder to prove?
[Sun Dec  3 19:09:28 2017] <benzrf> well, there is probably a lemma somewhere
[Sun Dec  3 19:09:46 2017] <bor0> there is, but I'm trying to prove it :D Lemma my_min_l : forall n m : nat, n <= m -> min n m = n.
[Sun Dec  3 19:09:51 2017] <benzrf> hah
[Sun Dec  3 19:19:14 2017] <cq1> bor0: Those comparisons are, themselves, recursive. The overall term for min/max is smaller as written as two simple nested matches.
[Sun Dec  3 19:19:33 2017] <bor0> ah. that makes complete sense. thank you!
[Sun Dec  3 19:24:24 2017] <bor0> if I have [Hn : (n =? v) = true], how can I replace n with v in the goal?
[Sun Dec  3 19:29:47 2017] <Chobbes> bor0: if you use search you should be able to find a lemma!
[Sun Dec  3 19:30:02 2017] <Chobbes> There is a n =? v = true -> n = v lemma.
[Sun Dec  3 19:30:02 2017] <bor0> why do I keep thinking in terms of tactics? :D
[Sun Dec  3 19:30:11 2017] <cq1> bor0: I don't know what structure you have equality on here, but SearchAbout ((_ =? _) = true) to find an appropriate lemma to get (n = v) then rewrite with it or subst it in.
[Sun Dec  3 19:30:19 2017] <Chobbes> Then you can rewrite as usual.
[Sun Dec  3 19:30:42 2017] <bor0> thank you both!
[Sun Dec  3 19:52:33 2017] <mniip> is it impossible to prove eta-contraction without axiom of extensionality?
[Sun Dec  3 20:05:13 2017] <cq1> mniip: Hmm, good question. I think so? The proof is very straight forward given functional extensionality. But without FE, I'm not sure what handles one has on a goal like ((fun x => f x) = f).
[Sun Dec  3 20:05:26 2017] <cq1> *the proof of eta-contraction's validity given FE
[Sun Dec  3 20:06:23 2017] <Cypi> You can prove this trivially in Coq by eq_refl
[Sun Dec  3 20:07:22 2017] <Cypi> eta-expansion is in the convertibility rules for Coq (but not reduction)
[Sun Dec  3 20:08:20 2017] <cq1> Cypi: Oh, yeah, derp.
[Sun Dec  3 22:19:10 2017] <pgiarrusso> Regarding Vivi_’s earlier comment on “natural” informal proofs: the “informal” proofs used in graduate math miss too many steps to be formalized in Coq, but they’re also not meant to be actual proofs
[Sun Dec  3 22:19:25 2017] <pgiarrusso> They’re meant to allow you to reconstruct the full argument
[Sun Dec  3 22:19:51 2017] <pgiarrusso> And you *have* to reconstruct it before formalizing it, early on
[Sun Dec  3 22:20:08 2017] <dh`> you can still formalize them, you just need more steps
[Sun Dec  3 22:20:24 2017] <pgiarrusso> Sure
[Sun Dec  3 22:20:31 2017] <dh`> and it may not be easy :-)
[Sun Dec  3 22:20:58 2017] <pgiarrusso> My opinion was about *learning* Coq
[Sun Dec  3 22:21:31 2017] <pgiarrusso> you can’t *expect* a similar level of detail :-)
[Sun Dec  3 22:21:45 2017] <dh`> yeah, that's not a good way to learn, unless it's math you're very familiar with
[Sun Dec  3 22:22:19 2017] <pgiarrusso> if you know the math too well it might be worse
[Sun Dec  3 22:22:56 2017] <pgiarrusso> I mean, you’ll need to decompose many more “obvious” steps
[Sun Dec  3 22:24:24 2017] <pgiarrusso> I utterly failed to prove the pigeonhole principle in SF—it’s so obvious to me (and I’ve used it lots) I had no clue how to approach its formal proof
[Sun Dec  3 22:35:06 2017] <benzrf> hahaha
[Mon Dec  4 00:13:47 2017] <beaky> haha im also stuck in those exact places in the SF book (im new to math too :<)
[Mon Dec  4 00:14:39 2017] <beaky> (that whole chapter is badass though makes me not regret trying to learn coq)
[Mon Dec  4 00:45:04 2017] <dh`> wow we've had a lot of scroll today
[Mon Dec  4 01:43:39 2017] <cq1> I've got some ltac that'd doing (let x' := fresh "x" in remember x as x') but I want to follow it up with some manipulation of the new Heqx hypothesis. Is there some way to get what remember named it?
[Mon Dec  4 01:45:51 2017] <Cypi> You can name it yourself `remember x as x' eqn:Heqx`
[Mon Dec  4 01:51:47 2017] <cq1> Cypi: What's the behavior if Heqx isn't fresh?
[Mon Dec  4 01:52:07 2017] <cq1> Also, what purpose does "as x'" serve in this case?
[Mon Dec  4 01:52:35 2017] <cq1> I guess I can test the former...
[Mon Dec  4 01:53:25 2017] <cq1> Oh, I see, sorry, I answered the purpose of "as x'" by testing.
[Mon Dec  4 01:53:56 2017] <cq1> Okay, and now I answered the former -- sorry I should have experimented more before asking.
[Mon Dec  4 01:56:17 2017] <cq1> Cypi: Thanks, that's just what I wanted.
[Mon Dec  4 02:15:54 2017] <bor0> why is it we can [case (Nat.eqb n v)] but not [case n = v]?
[Mon Dec  4 02:17:31 2017] <cq1> bor0: Because "n = v" is a Prop.
[Mon Dec  4 02:17:48 2017] <bor0> case works only on inductive types?
[Mon Dec  4 02:18:43 2017] <cq1> bor0: Think about what case is building into the current hole. It builds a match, letting you do case analysis on the constructors of a given dependent product.
[Mon Dec  4 02:19:27 2017] <bor0> thank you! that clears it up for me
[Mon Dec  4 02:21:56 2017] <cq1> bor0: This may be more basic than you're thinking. (n = v) : Prop, while (Nat.eqb n v) : bool : Set. They're different distances from a sort.
[Mon Dec  4 02:21:56 2017] <cq1> bor0: It's not just that (n = v) was disqualified for "not being an inductive", recall that (n = v) is notation for (eq x y), which is an inductive.
[Mon Dec  4 02:22:27 2017] <bor0> ow, ow
[Mon Dec  4 02:23:49 2017] <cq1> To put it in somewhat simplistic (crappy) terms (n = v) is a "type", while (Nat.eqb n v) is an actual value that can be destructed, and not a type (it's two down from a sort).
[Mon Dec  4 02:24:56 2017] <bor0> n = v being a "type", does that mean it's only useful in terms of Gallina? e.g. stuff like rev l1 = rev l2 -> l1 = l2
[Mon Dec  4 02:27:12 2017] <bor0> I just printed Nat.eqb and saw it doesn't rely on eq at all. was just wondering in which cases will eq be useful, and in which other cases will eqb be useful
[Mon Dec  4 02:27:53 2017] <cq1> bor0: (n = v) is useful whenever you need propositional equality, which occurs all over the place. Gallina refers to the term language of Coq.
[Mon Dec  4 02:31:20 2017] <bor0> ok I think I was being confused by the fact that Prop is not true/false, rather provable/unprovable. I need to keep reminding myself of this. so eq is a check for provable/unprovable, while eqb is a true/false check?
[Mon Dec  4 02:31:55 2017] <cq1> bor0: eqb is a true/false check
[Mon Dec  4 02:32:14 2017] <cq1> To say that eq is a "provable/unprovable check" is drawing a false parallel to the computation that eqb performs.
[Mon Dec  4 02:33:05 2017] <bor0> right. ok I see. it doesn't check the value, rather the type. so it will be correct to say it's a Prop check?
[Mon Dec  4 02:33:35 2017] <cq1> I don't like the word "check" here -- it's not checking anything and returning something based on that check.
[Mon Dec  4 02:33:47 2017] <bor0> :(
[Mon Dec  4 02:33:48 2017] <bor0> match?
[Mon Dec  4 02:33:49 2017] <cq1> (x = y) simply is the proposition that x equals y. You can think of it as the type of proofs that x equals y.
[Mon Dec  4 02:34:25 2017] <cq1> A term t whose type is (t : (x = y)) is a proof that x = y.
[Mon Dec  4 02:34:39 2017] <bor0> in my happy and untyped math world, x = y was always either true/false. this is why this (as simple as it sounds) is a bit weird to me now
[Mon Dec  4 02:35:25 2017] <cq1> bor0: You must understand that inhabitants of Prop are types whose inhabitants are proofs of logical statements. This is key to the whole enterprise.
[Mon Dec  4 02:36:08 2017] <cq1> Compare what I wrote above to the eqb case. (eqb x y) is NOT a type, and thus there can be no term (t : (eqb x y)), while there can be terms (t : (eq x y)) because (eq x y) is a type.
[Mon Dec  4 02:36:17 2017] <cq1> They're structurally extremely different.
[Mon Dec  4 02:37:10 2017] <bor0> I'd like to read up on this more. I'll save your statements and re-read them. do you know if Software Foundations covers this later? or prefer a short intro/tutorial to type theory?
[Mon Dec  4 02:40:13 2017] <cq1> bor0: I'm not sure, I haven't read SF. This is close to the corner stones of Howard-Curry and the BHK interpretation. That (x : p : Prop) means that p is a logical proposition and x is its proof is a key part of the paradigm (perhaps *the* key part).
[Mon Dec  4 02:42:56 2017] <bor0> I definitely "see" how isomorphic they are (Prop and bool). was computability the only reasoning behind this?
[Mon Dec  4 02:43:22 2017] <bor0> s/the only/a/
[Mon Dec  4 02:46:01 2017] <cq1> bor0: Prop and bool are completely different beasts that have no meaningful isomorphism. Prop is a Sort, and thus there exist pairs x y with (x : y : Prop). bool can only live in the middle of such triples (x : bool : Set).
[Mon Dec  4 02:46:42 2017] <cq1> bor0: bool has two inhabitants: true and false. It is an inductive. Contrast to Prop which has infinitely many inhabitants, with the various inhabitants being types corresponding to logical propositions.
[Mon Dec  4 02:47:35 2017] <bor0> and https://en.wikipedia.org/wiki/Brouwer%E2%80%93Heyting%E2%80%93Kolmogorov_interpretation#The_interpretation are these logical propositions?
[Mon Dec  4 02:48:11 2017] <cq1> bor0: Don't be confused into thinking bool is particularly profound. It just happens to be the name we give to the inductive in Set that has two constructors. The inductive in Set with one constructor is called "unit".
[Mon Dec  4 02:49:01 2017] <cq1> bor0: In that Coq manifests the BHK interpretation, those expressions from that article should be thought of as Props.
[Mon Dec  4 02:50:27 2017] <cq1> bor0: Here's the translation. When the Wikipedia BHK article says "A proof of x is an object y such that..." you should translate that to Coq world as there being some proposition (x : Prop) with some proof (y : x).
[Mon Dec  4 02:50:37 2017] <bor0> ok, this kind of makes sense. your explanation is very precise and thank you for that! but I think I need to read up on some type theory. I thought I "knew" types but it's probably more than just to say "x : A, x has a type of A"
[Mon Dec  4 02:52:12 2017] <bor0> ok, so for a given x : Prop, it's proof is an inhabited type of Prop, i.e. x?
[Mon Dec  4 02:52:19 2017] <bor0> s/it's/its/
[Mon Dec  4 02:52:55 2017] <cq1> bor0: An inhabitant of a type is just a term of that type. I'm not saying anything special. When (x : T), x is an inhabitant of the type T.
[Mon Dec  4 02:53:47 2017] <bor0> how come it's satisfying that for x : Prop, y : x is a valid proof? is the only requirement types to flow correctly?
[Mon Dec  4 02:54:16 2017] <bor0> I mean if y : x is a valid proof, then probably y' : x is as well?
[Mon Dec  4 02:54:28 2017] <cq1> bor0: Absolutely.
[Mon Dec  4 02:54:45 2017] <cq1> x has potentially infinitely many proofs.
[Mon Dec  4 02:54:54 2017] <cq1> Every term y : x is a valid proof of x.
[Mon Dec  4 02:55:00 2017] <bor0> which ones are satisfying? the ones that have the types flow/match?
[Mon Dec  4 02:55:11 2017] <bor0> ok, cool
[Mon Dec  4 02:56:03 2017] <cq1> I'm not sure what you mean by "types flow/match". Any term (y : x) is definitionally a term whose type "matches x".
[Mon Dec  4 02:56:14 2017] <bor0> yeah, that :)
[Mon Dec  4 02:56:19 2017] <cq1> bor0: Think of a proposition (x : Prop) as being the "type of all proofs of the logical statement x".
[Mon Dec  4 02:56:41 2017] <cq1> Also, note that above whenever I wrote (a : b : c) that was short-hand for (a : b) and (b : c).
[Mon Dec  4 02:57:35 2017] <bor0> so all of /\ \/ -> that I've been using all this time are BHK? and not boolean expressions?
[Mon Dec  4 02:58:37 2017] <cq1> bor0: Correct, they form propositions that can be interpreted roughly via that Wikipedia BHK article. They do not manipulate booleans.
[Mon Dec  4 02:59:10 2017] <cq1> bor0: It may be instructive to try things like: Variable p1 p2 : Prop. Check (p1 /\ p2).
[Mon Dec  4 02:59:13 2017] <cq1> You
[Mon Dec  4 02:59:14 2017] <bor0> one side question, do you know why [Check (\/).] doesn't work, and it doesn't work generally for operators? if I were able to Check \/ I wouldn't have asked you that question (to confirm it's a Prop)
[Mon Dec  4 02:59:42 2017] <bor0> ah. I need to specify variables for it
[Mon Dec  4 03:00:12 2017] <cq1> bor0: That's because \/ is notation. You can first do Locate "\/" to see that it's shorthand for or. You can do Check or. to see that or : Prop -> Prop -> Prop.
[Mon Dec  4 03:01:06 2017] <bor0> ah, Locate! that is handy
[Mon Dec  4 03:01:41 2017] <cq1> bor0: Coq's structure is much simpler than you may believe. There is a lot of notation. It may be instructive to "Unset Printing Notations." and complete a proof.
[Mon Dec  4 03:04:54 2017] <bor0> what should be different when I do that? I just proved [Theorem cool : forall a b : Prop, a /\ b -> a.] but didn't notice anything new
[Mon Dec  4 03:06:13 2017] <cq1> bor0: Step through the proof and see what the output is. You should see that the goal starts as "forall a b : Prop, (_ : and a b), a".
[Mon Dec  4 03:06:51 2017] <bor0> it still says [forall a b : Prop, a /\ b -> a]. I have "Unset Printing Notations." right above my theorem
[Mon Dec  4 03:07:35 2017] <cq1> What environment are you using?
[Mon Dec  4 03:07:44 2017] <bor0> CoqIDE 8.7.0
[Mon Dec  4 03:09:21 2017] <cq1> bor0: Oh, I see. I use PG. Click "view" in and uncheck "Display notations" instead then.
[Mon Dec  4 03:09:42 2017] <bor0> ahh! weird why that "Unset" statement didn't override that setting. it works now!
[Mon Dec  4 03:12:02 2017] <bor0> this is helpful. do you think it will be useful for my understanding if I re-do my deduction system with this thing turned on (https://github.com/bor0/tutorials/blob/master/2017/deduction_system.v)?
[Mon Dec  4 03:14:31 2017] <cq1> bor0: I don't know, probably not really. I think it's just instructive to realize that things like "/\" "\/" "->" aren't super fundamental, but are just notations for some inductives in Prop.
[Mon Dec  4 03:14:51 2017] <cq1> You should Print or. and Print and. and see if the inductives make sense to you.
[Mon Dec  4 03:15:56 2017] <bor0> ahh!!
[Mon Dec  4 03:16:13 2017] <bor0> product and sum inductive types, I see
[Mon Dec  4 03:16:46 2017] <bor0> and the proofs for them are satisfied when the types flow correctly (or types match)
[Mon Dec  4 03:17:59 2017] <bor0> how can I print ->? Locate doesn't give a meaningful name: Notation "A -> B" := forall _ : A, B : type_scope (default interpretation)
[Mon Dec  4 03:18:21 2017] <bor0> sorry, never mind. the notation itself makes sense to me
[Mon Dec  4 03:18:41 2017] <cq1> bor0: Yes, -> is not an inductive. It's notation for a non-dependent product.
[Mon Dec  4 03:19:06 2017] <bor0> :D I think the more answers you give to me, the more questions I have. what are non-dependent products?
[Mon Dec  4 03:19:29 2017] <cq1> bor0: Contrast to the case of (forall x : A, B) where x is a sub-term of B.
[Mon Dec  4 03:20:45 2017] <cq1> bor0: It may be instructive to Google "dependent product".
[Mon Dec  4 03:21:32 2017] <bor0> ahhh, Pi-type. damn, I went through this when I was checking out Lean
[Mon Dec  4 03:24:14 2017] <bor0> thank you again for Type Theory 101! as awesome as this is, I gotta get back to my regular work. will continue later :)
[Mon Dec  4 03:25:58 2017] <cq1> bor0: You write at one point "(* performs case analysis without recursion, unlike induction *)"
[Mon Dec  4 03:27:07 2017] <bor0> :D I think I have something similar here? https://github.com/bor0/coqlf/blob/master/ch2/1_exercises.v#L108-L109
[Mon Dec  4 03:27:41 2017] <bor0> I guess now I need to go through all exercises that I did with what I learned today on top of my mind
[Mon Dec  4 03:28:27 2017] <cq1> This is incorrect. What is going on is that ~p is simply p -> False, so it adds p as an obligation, then destructs on the constructors of False. False is the inductive in Prop with no constructors, so it immediately discharges the goal.
[Mon Dec  4 03:28:36 2017] <cq1> Then you're left with the obligation p. That's why the goal changed from q to p.
[Mon Dec  4 03:29:19 2017] <bor0> if I said "case" instead of destruct in that statement, would it made sense?
[Mon Dec  4 03:29:32 2017] <bor0> I just figured out today with one exercise how case and destruct are different
[Mon Dec  4 03:29:35 2017] <cq1> In general you *cannot* do case analysis on an arbitrary proposition, as you correctly note in your long comment block, whose prose is pretty correct.
[Mon Dec  4 03:29:54 2017] <cq1> bor0: No, there is no case analysis to be done on ~p. What is going on is subtle.
[Mon Dec  4 03:30:46 2017] <cq1> It has to do with the fact that destruct is looking at the head of the hypothesis, which in this case is the inductive False.
[Mon Dec  4 03:30:54 2017] <bor0> yeah I need to re-read that comment block. it's copy-paste from a discussion I had in this channel earlier
[Mon Dec  4 03:31:11 2017] <cq1> This "destruct" IS doing case analysis, but across all zero cases that are the constructors of False.
[Mon Dec  4 03:31:38 2017] <cq1> Here's how you should think of what happened:
[Mon Dec  4 03:31:56 2017] <cq1> Recall that ~p is simply p -> False.
[Mon Dec  4 03:32:10 2017] <cq1> destruct makes one case for the current goal for each constructor of False.
[Mon Dec  4 03:32:23 2017] <cq1> There are no constructors of False, so it makes zero cases. This effectively discharges the current goal of "q".
[Mon Dec  4 03:32:51 2017] <cq1> HOWEVER, destruct used the assumption p in order to build that term of type False that it did case analysis on. So it emits a goal corresponding to that obligation.
[Mon Dec  4 03:33:02 2017] <cq1> So it looks like your goal changed from "q" to "p".
[Mon Dec  4 03:34:38 2017] <cq1> There is no general way of doing case analysis on a proposition. Had your hypothesis instead been "p -> q" or something like that then destruct would give you "Error: Not an inductive product."
[Mon Dec  4 03:35:10 2017] <bor0> I've seen that error a lot
[Mon Dec  4 03:36:27 2017] <cq1> The destruct you're using is certainly compact, but it may be conceptually easier to realize that not_p : p -> False is a term that will give you a False if you give it a p.
[Mon Dec  4 03:36:35 2017] <cq1> With a term of type False you're golden, and can discharge any goal.
[Mon Dec  4 03:37:04 2017] <cq1> So what you've written is a way of passing p into not_p, getting the False out, and then using that False to discharge the goal "q".
[Mon Dec  4 03:37:16 2017] <bor0> ow, I see. we proved the current goal q to be False, and are left with proving p (by not_p)?
[Mon Dec  4 03:37:57 2017] <bor0> what tactics can I use to make this more explicit? I feel destruct did quite some magic there
[Mon Dec  4 03:38:10 2017] <cq1> You could also write it in more of a contradiction style: apply not_p in proof_p. contradiction.
[Mon Dec  4 03:38:25 2017] <cq1> Or something like this: exfalso. exact (not_p proof_p).
[Mon Dec  4 03:39:13 2017] <bor0> exfalso, is it like [assert False], but replaces current goal instead of adding a new one?
[Mon Dec  4 03:39:14 2017] <cq1> Your current way of doing it is totally fine. Just don't think that "destruct" is doing case analysis on not_p. It's doing case analysis on the head of not_p, which is a False -- it's doing case analysis across all zero cases of False.
[Mon Dec  4 03:40:00 2017] <cq1> I guess in terms of the effects that's right.
[Mon Dec  4 03:41:14 2017] <cq1> "exfalso. { ... }" is basically the same as "assert False as bad. { ... } destruct bad."
[Mon Dec  4 03:41:34 2017] <bor0> can I "unfold not" a hypothesis?
[Mon Dec  4 03:41:43 2017] <cq1> bor0: unfold not in not_p.
[Mon Dec  4 03:41:48 2017] <bor0> ah, `in`
[Mon Dec  4 03:44:20 2017] <cq1> bor0: contradiction is basically the same as just searching for a hypothesis of type False and destructing it. It's basically just Ltac contradiction' := match goal with [ H : False |- _ ] => destruct H end.
[Mon Dec  4 03:44:54 2017] <bor0> so if I have a given of False, contradiction will end the proof for me?
[Mon Dec  4 03:45:00 2017] <bor0> s/end/finish/
[Mon Dec  4 03:46:00 2017] <cq1> bor0: Yes, or destructing that False, or whatnot. It's slightly fancier, and will actually complete the proof right after your three intros because it sees that not_p and proof_p together fit the pattern [ H1 : ?x, H2 : ?x -> False ]
[Mon Dec  4 03:48:37 2017] <cq1> bor0: The gist here is that neg_elim is true because ~p -> p -> q is simply stating that a contradiction proves anything. This proof script can be simplified to the single command: Proof. contradiction. Qed.
[Mon Dec  4 03:49:01 2017] <bor0> is this correct? destruct not_p. (* discharge current goal q by p -> False, p .:. False *)
[Mon Dec  4 03:51:10 2017] <cq1> bor0: You're discharging the current goal with the False, and get p as an obligation to use the False.
[Mon Dec  4 03:51:12 2017] <cq1> I guess that's okay.
[Mon Dec  4 05:14:24 2017] <sud> I have a relation R defined as: Inductive rel: A -> A -> Prop := | Base: forall a1 a2, base a1 a2 -> rel a1 a2     | Trans: forall a1 a2 a3, rel a1 a2 -> rel a2 a3 -> rel a1 a3.    When I use "constructor" on a goal of the form "rel (f x1) (f x2)" it asks me to prove "base (f x1) (f x2)", but instead it should go to the transitivity case. Is there a safe version of "constructor" that doesn't make unsafe choices?
[Mon Dec  4 05:19:17 2017] <cq1> sud: What behavior do you want?
[Mon Dec  4 05:20:41 2017] <sud> cq1: if there are multiple choices, I'd rather have the tactic fail
[Mon Dec  4 05:20:57 2017] <sud> (because this is in an Ltac script)
[Mon Dec  4 06:29:07 2017] <pgiarrusso> sud: ++
[Mon Dec  4 06:31:04 2017] <Cypi> sud: this is experimental, but you can try to use `exactly_once constructor`
[Mon Dec  4 06:31:09 2017] <Cypi> see https://coq.inria.fr/refman/ltac.html#hevea_tactic223 for details
[Mon Dec  4 06:40:01 2017] <sud> pgiarrusso: ?
[Mon Dec  4 06:40:21 2017] <sud> Cypi: nice thanks
[Mon Dec  4 06:40:26 2017] <pgiarrusso> Cool
[Mon Dec  4 06:40:42 2017] <pgiarrusso> sud: Sorry, I meant to upvote your question :-)
[Mon Dec  4 06:41:05 2017] <sud> ah, I thought that was a secret Ltac operator :)
[Mon Dec  4 06:41:14 2017] <pgiarrusso> Lol
[Mon Dec  4 06:41:48 2017] <pgiarrusso> Excellent answer sir, you win the internet today (or at least the channel)
[Mon Dec  4 06:42:22 2017] <pgiarrusso> And scratch the sir. Sorry.
[Mon Dec  4 06:42:26 2017] <pgiarrusso> Bad idiom
[Mon Dec  4 06:42:44 2017] <sud> haha :)
[Mon Dec  4 08:36:53 2017] <tobiasBora> pgiarrusso: Thank you for your help, I finally managed to make my tactic working, by simulating the "=" function I needed by a tactic that fails if the goal cannot be matched with my input. And it's much clearer, simpler... and it works :D Thank you for your help!
[Mon Dec  4 10:12:31 2017] <sud> any general advice on how to better automate this? https://pastebin.com/RZcVZapN it seems that I need to inspect the context and goal manually to "guess" what should be these intermediary steps (that I pose with the Transitivity constructor)
[Mon Dec  4 10:21:15 2017] <lyxia> eapply Transitivity
[Mon Dec  4 10:22:04 2017] <sud> lyxia: it seems that sometimes gets stuck when it picks the wrong "intermediary"
[Mon Dec  4 10:23:20 2017] <lyxia> Yes you might need to be careful to instantiate the existential variables the way you want
[Mon Dec  4 10:26:00 2017] <sud> lyxia: so I will still have to manually choose the existiential, unless I make an algorithm that chooses right?
[Mon Dec  4 10:26:35 2017] <sud> lyxia: what about automating this part? "apply IHyp1; myTactic."; should I try to just apply all hypotheses in my context automatically?
[Mon Dec  4 10:29:35 2017] <lyxia> sud: in the worst case where you choose the existential explicitly you might as well use apply in the current way
[Mon Dec  4 10:30:31 2017] <lyxia> sud: I'm not sure how to automate that part either in general
[Mon Dec  4 10:30:55 2017] <lyxia> sud: what do the types of IHyp1 and IHyp2 look like?
[Mon Dec  4 10:31:16 2017] <sud> I did something that tried to apply eveyr hypothesis in the context and solve the goal in one step; so now I have that: https://pastebin.com/Ppv5bH7e
[Mon Dec  4 10:31:30 2017] <lyxia> And maybe I could see the type of Transitivity too for context.
[Mon Dec  4 10:32:29 2017] <sud> lyxia: they're an inductive hypothesis of the form: forall x, _ -> Result, where the Result unifies with the goal I'm trying to prove
[Mon Dec  4 10:32:50 2017] <sud> lyxia: it's a constructor for an inductively defined relation:   | Transitivity: forall R1 R2 R3, betaConvRef R1 R2 -> betaConvRef R2 R3 -> betaConvRef R1 R3
[Mon Dec  4 10:34:53 2017] <lyxia> okay so if we eapply Transitivity on the goal betaConvRef R1 R3, we get betaConvRef R1 ?R2 and betaConvRef ?R2 R3 as subgoals...
[Mon Dec  4 10:35:35 2017] <lyxia> and applying IHyp1 for example in one of the cases should instantiate ?R2
[Mon Dec  4 10:35:41 2017] <lyxia> does it not?
[Mon Dec  4 10:36:21 2017] <lyxia> ah, unless the conclusion of IHyp1 also quantifies over R2.
[Mon Dec  4 10:37:06 2017] <lyxia> So I guess I would need to look at the whole context to get more ideas.
[Mon Dec  4 10:37:21 2017] <sud> lyxia: well IHyp could deduces other things as well that the R2 we want indeed
[Mon Dec  4 10:38:41 2017] <lyxia> sud: but then it sounds surprising that having R2 properly instantiated before applying IHyp makes it work
[Mon Dec  4 10:39:58 2017] <lyxia> Is it not myTactic trying something too eagerly, that fails with a concrete R2, but succeeds if it is existential?
[Mon Dec  4 10:44:29 2017] <sud> lyxia: right now my code looks like that: https://pastebin.com/Ppv5bH7e (so myTactic succeeds when the R2 is concrete). Also sometimes note that I have to introduce 2 different intermediary steps for the same goal
[Mon Dec  4 10:47:10 2017] <sud> (sorry I have to go I'll reconnect later. I probably need a minimal example to show :-)
[Mon Dec  4 13:14:41 2017] <tobiasBora> Hum... Sometimes I've in the assumptions something like "T1 a b = T2". And because T1 and T2 are two different constructors, it's obvious that this is not possible. How could I reduce this to bottom?
[Mon Dec  4 13:15:18 2017] <tobiasBora> (it appears after a "inversion H" operation)
[Mon Dec  4 13:24:47 2017] <tobiasBora> Hum I found the solution with discriminate
[Mon Dec  4 13:25:06 2017] <tobiasBora> (and actually now I rememember that one of you already pointed me to this solution)
[Mon Dec  4 15:03:13 2017] <Chobbes> tobiasBora: you could probably just inversion the T1 a b = T2 thing? Although, I would have thought that inversion would see the contradiction if it generated it.
[Mon Dec  4 15:15:38 2017] <dh`> that depends on whether it arises from the target of the inversion, I think
[Mon Dec  4 15:15:43 2017] <dh`> anyway "try discriminate" is often helpful
[Sat Dec 23 23:02:05 2017] <pgiarrusso> beaky: it seems you’d want to define splitWith directly by recursion, your solution calls the predicate twice per element, even after extraction
[Sat Dec 23 23:02:19 2017] <beaky> o right
[Sat Dec 23 23:03:23 2017] <pgiarrusso> beaky: on your actual question, it’s hard to be sure without seeing the output, but https://gmalecha.github.io/reflections/2017/qed-considered-harmful might be relevant
[Sat Dec 23 23:03:51 2017] <pgiarrusso> OTOH, my first instinct was to use Qed for the obligations
[Sat Dec 23 23:03:59 2017] <beaky> nice thanks
[Sat Dec 23 23:04:27 2017] <pgiarrusso> In fact, my 0th instinct would be to ask if you really should be using vectors here
[Sat Dec 23 23:05:12 2017] <beaky> haha that is the painful realization i am facing
[Sat Dec 23 23:05:53 2017] <pgiarrusso> In Coq you can just prove facts about the length of the list if you want
[Sat Dec 23 23:08:38 2017] <beaky> yes i had a splitWith with ordinary lists (accompanied by length proofs) and wanted to see how it would go with vectors (was hoping it would cut down on the proofs :D)
[Sat Dec 23 23:09:37 2017] <pgiarrusso> Well sometimes it does
[Sat Dec 23 23:09:56 2017] <pgiarrusso> But `filter` and friends seem more problematic
[Sat Dec 23 23:10:47 2017] <pgiarrusso> I’ve used heterogeneous length-indexed vectors in Agda with great success, but there I never had something like filter
[Sat Dec 23 23:11:27 2017] <pgiarrusso> *also*, Coq tends to be less friendly to dependently-typed data structure, that blog post is just one issue with the “ecosystem”
[Sat Dec 23 23:11:56 2017] <beaky> nice i hope i can get into agda (and idris too) after coq
[Sat Dec 23 23:12:39 2017] <pgiarrusso> That `destruct` and `induction` don’t work well on vectors and friends is another
[Sat Dec 23 23:12:51 2017] <pgiarrusso> I think Agda is instructive
[Sat Dec 23 23:13:21 2017] <benzrf> as oppsosed to destructive?
[Sat Dec 23 23:13:22 2017] <benzrf> :]
[Sat Dec 23 23:13:49 2017] <benzrf> pgiarrusso: isnt agda's friendliness b/c it has a rly powerful elimination construct but which actually causes a stronger theory than coc
[Sat Dec 23 23:13:51 2017] <pgiarrusso> But I have painted myself into a corner with dependently-typed data multiple types
[Sat Dec 23 23:14:32 2017] <pgiarrusso> benzrf: weeell.... sort-of-somewhat
[Sat Dec 23 23:15:01 2017] <pgiarrusso> benzrf: in terms of that blog post, agda defaults to `Defined` over `Qed` for the reasons argued there
[Sat Dec 23 23:15:56 2017] <pgiarrusso> benzrf: it is true that Agda has dependent pattern matching (unlike Coq, but like Coq + Equations) and that dependent pattern matching is easier to do using “axiom K” which Coq doesn’t use
[Sat Dec 23 23:16:33 2017] <pgiarrusso> but axiom K (or UIP, for uniqueness of identity proofs) can be often avoided (see Jesper Cockx’s “Pattern matching without K”)
[Sat Dec 23 23:16:56 2017] <benzrf> wots coq + equations
[Sat Dec 23 23:17:23 2017] <pgiarrusso> google sozeau equations
[Sat Dec 23 23:18:00 2017] <pgiarrusso> a PhD student of Sozeau working on equations hangs in this channel and wrote so, afraid I forget who it is :-(
[Sat Dec 23 23:18:24 2017] <benzrf> anyway yeah i was wondering how u use equalities in agda when they're hell to do directly in coq and i googled and it seemed u just eliminate them and it ~works~
[Sat Dec 23 23:18:24 2017] <pgiarrusso> but sorry, tl;dr.: equations gives Agda-style pattern matching in Coq
[Sat Dec 23 23:18:28 2017] <benzrf> ah
[Sat Dec 23 23:19:14 2017] <pgiarrusso> what *is* missing though in Coq is *interactive* support for `refine` *when writing programs*, which is often nice
[Sat Dec 23 23:19:57 2017] <pgiarrusso> the problem, though, can be that it seems to take a PhD to write dependently-typed programs in just the right way so that dependent types work nicely
[Sat Dec 23 23:20:09 2017] <benzrf> heh heh
[Sat Dec 23 23:22:46 2017] <pgiarrusso> https://people.mpi-sws.org/~gil/publications/typedsyntaxfull.pdf is one of my favorite examples — people working out just the right way to represent a certain tricky data structure (simply-typed lambda calculus terms) so that dependent types are less painful
[Sat Dec 23 23:22:50 2017] <pgiarrusso> and actually helpful
[Sat Dec 23 23:24:11 2017] <pgiarrusso> benzrf: “just eliminate equalities” by pattern matching is indeed very nice in Agda — it’s much more concise and readable than doing `dependent destruction` on them :-) (never tried it, does it work?)
[Sat Dec 23 23:31:36 2017] <benzrf> i dont know
[Sun Dec 24 09:41:17 2017] <bor0> is inversion the only tactic I can use to prove [x] = [y] -> x = y?
[Sun Dec 24 09:46:36 2017] <Cypi> What is [x]? A list with one element? You should be able to use `injection` too, which is a bit more precise and low-level.
[Sun Dec 24 09:47:54 2017] <bor0> neat
[Sun Dec 24 19:32:09 2017] <williamyager> How does this work? It seems like this should fail... "S m" should not unify with "m". https://pastebin.com/e4ZP5jng
[Sun Dec 24 19:32:46 2017] <williamyager> n can freely unify with "S n'" because it's universally quantified, but m should be fixed and fail to unify with "S m", yes?
[Sun Dec 24 19:33:59 2017] <williamyager> (I mean obviously not, but that's what I would think)
[Sun Dec 24 19:36:34 2017] <williamyager> My guess is that Coq is doing something smarter than just "apply the function", but I'm not sure what.
[Sun Dec 24 20:31:08 2017] <benzrf> arguments wrong way around smh https://scontent-ort2-1.xx.fbcdn.net/v/t1.0-9/23472080_1503337823096298_1032036901787370844_n.png?oh=6522030821783b56a64f604424a56a5b&oe=5ACB0584
[Sun Dec 24 20:32:04 2017] <williamyager> I accidentally got disconnected a few minutes ago; did anyone respond to my question
[Sun Dec 24 20:32:08 2017] <williamyager> *?
[Sun Dec 24 20:32:23 2017] <pgiarrusso> williamyager: not yet, but got an idea
[Sun Dec 24 20:32:48 2017] <pgiarrusso> williamyager: I suspect `simpl in *.` before the `apply` could clarify things
[Sun Dec 24 20:33:03 2017] <pgiarrusso> I think `eq_nat (S a) (S b)` simplifies to `eq_nat a b`
[Sun Dec 24 20:33:32 2017] <pgiarrusso> williamyager: ^^
[Sun Dec 24 20:33:36 2017] <williamyager> Ah, you are correct.
[Sun Dec 24 20:33:38 2017] <williamyager> Thank you!
[Sun Dec 24 20:33:57 2017] <pgiarrusso> :-)
[Sun Dec 24 20:34:02 2017] <pgiarrusso> this was indeed confusing
[Sun Dec 24 20:34:18 2017] <williamyager> I could have sworn I tried doing simpl before and it didn't work, but I may have forgotten "in eq".
[Sun Dec 24 20:34:55 2017] <pgiarrusso> took me a while to realize that `eq_nat` is not a “constructor” for unification
[Sun Dec 24 20:35:55 2017] <pgiarrusso> (that is, `eq_nat a b = eq_nat c d` does not necessarily mean that `a = c` and `b = d` — one has at least to simplify first)
[Mon Dec 25 00:09:54 2017] <williamyager> How can I destruct on a boolean expression like "pred x" such that I get a witness that the expression evaluates to true or false in each branch?
[Mon Dec 25 00:10:47 2017] <williamyager> I can destruct on the expression, and it replaces any already-present instances of "pred x" with "true" and simplifies, but I can't subsequently replace any instances of "pred x" I come up with with "true".
[Mon Dec 25 00:11:11 2017] <williamyager> I would like it to add "H0 : pred x = true" to scope or something
[Mon Dec 25 00:13:39 2017] <williamyager> It looks like I can use "compare (pred x) true" but that seems a bit indirect
[Mon Dec 25 02:29:05 2017] <pgiarrusso> And... the answer was ‘destruct (pred x) eqn:H’ (see also reference manual for destruct), but williamyager js out
[Mon Dec 25 05:58:36 2017] <t0by> Merry christmas ladies, gentlemen, bots.
[Mon Dec 25 05:58:48 2017] <t0by> I sort of doubt anybody is around today, but
[Mon Dec 25 05:59:03 2017] <t0by> I think I have just "proved" that 0 != 0
[Mon Dec 25 05:59:19 2017] <t0by> Can somebody help me understand what I'm doing wrong?
[Mon Dec 25 05:59:19 2017] <t0by> https://pastebin.com/e1Yh20bQ
[Mon Dec 25 09:19:10 2017] <lyxia> t0by: That seems to be something different from  Inductive Empty := .
[Mon Dec 25 09:19:25 2017] <t0by> Yes, that is it
[Mon Dec 25 09:19:32 2017] <t0by> Sorry, found out on my own a while ago
[Mon Dec 25 09:19:37 2017] <t0by> thanks and merry christmas!
[Mon Dec 25 09:20:29 2017] <t0by> lyxia, while we are at it: I'm trying to figure out how to _build_ a proof term (by hand) of NonZero (succ O)
[Mon Dec 25 09:20:30 2017] <lyxia> Merry Christmas to you too
[Mon Dec 25 09:20:42 2017] <t0by> Using tactics intro; inversion H suffices
[Mon Dec 25 09:20:56 2017] <t0by> but the resulting proof term is a behemoth I can't make heads or tails of
[Mon Dec 25 09:21:09 2017] <t0by> Any hint?
[Mon Dec 25 09:21:37 2017] <t0by> (Using as little of coq's theory and lemmas as possible, since I'm working through a textbook)
[Mon Dec 25 09:27:22 2017] <lyxia> Maybe I can explain what's going on because that may be as simple as it gets
[Mon Dec 25 09:27:32 2017] <lyxia> the key part is eq_ind
[Mon Dec 25 09:27:47 2017] <lyxia> If P x is true, then forall y, x = y -> P y
[Mon Dec 25 09:28:02 2017] <lyxia> It's the induction principle for eq
[Mon Dec 25 09:28:44 2017] <t0by> Oh, sure.
[Mon Dec 25 09:30:22 2017] <t0by> What is the P in question, though?
[Mon Dec 25 09:32:26 2017] <lyxia> (fun n : nat => match n with O => False | S _ => True end)  or the other way around (True/False) depending on whether you wrote (0 = 1) or (1 = 0)
[Mon Dec 25 09:33:25 2017] <t0by> and then essentially it's ex falso?
[Mon Dec 25 09:33:38 2017] <lyxia> A different way to put it is if   (x = x) -> P x is true   then   forall y, (x = y) -> P y is true
[Mon Dec 25 09:33:52 2017] <t0by> If I squint I can now sort of see it in this monster of a pt.
[Mon Dec 25 09:34:44 2017] <lyxia> P is a function that can match on y, so that   P y = False   whenever y is not x
[Mon Dec 25 09:36:22 2017] <lyxia> And to implement that principle you use dependent pattern matching. When you pattern match on refl : x = x you can just assume the two sides are the same.
[Mon Dec 25 09:42:54 2017] <t0by> Hrrr
[Mon Dec 25 09:42:57 2017] <t0by> let me digest this
[Mon Dec 25 09:42:59 2017] <t0by> but thanks
[Wed Dec 27 23:06:48 2017] <benzrf> plenty of fans of untyped languages are big proponents of runtime distinction between "types"
[Wed Dec 27 23:06:58 2017] <dh`> and many aren't, too.
[Wed Dec 27 23:07:09 2017] <benzrf> yes, but they're the ones who dislike python
[Wed Dec 27 23:07:31 2017] <benzrf> basically it seems out of character for python to think True == 1
[Wed Dec 27 23:08:11 2017] <dh`> in awk, 1 == "1" but 1.0 != "1.0"
[Wed Dec 27 23:08:45 2017] <dh`> true
[Wed Dec 27 23:09:35 2017] <dh`> anyway, syntactically, if you don't make assignment an expression, you end up needing two classes of statements
[Wed Dec 27 23:09:40 2017] <dh`> and I'm not sure that's really preferable
[Wed Dec 27 23:09:49 2017] <benzrf> well, that's true
[Wed Dec 27 23:09:57 2017] <dh`> it's easy to reject assignments that were supposed to be comparisons; gcc's been doing it for 20 years
[Wed Dec 27 23:10:10 2017] <dh`> no, more than that.
[Wed Dec 27 23:11:10 2017] <dh`> matching with if is a more interesting syntactic problem
[Wed Dec 27 23:11:32 2017] <benzrf> i think rust has a handle on it
[Wed Dec 27 23:11:37 2017] <benzrf> the key is to not do donkey sentences
[Wed Dec 27 23:12:59 2017] <dh`> if (exists x, foo == Foo x) then x else 0 is fine from a logic point of view
[Wed Dec 27 23:13:13 2017] <dh`> it just requires a restriction on where x can appear
[Wed Dec 27 23:14:09 2017] <dh`> in particular it has to be constrained by equality
[Wed Dec 27 23:14:44 2017] <benzrf> the x is escaping the binder
[Wed Dec 27 23:14:57 2017] <dh`> that depends on how you think of the binder
[Wed Dec 27 23:15:24 2017] <dh`> or rather, you could write it some other way
[Wed Dec 27 23:15:26 2017] <dh`> or both
[Wed Dec 27 23:15:30 2017] <benzrf> well, i assumed that the thing inside of the if was supposed to be an expression
[Wed Dec 27 23:16:02 2017] <benzrf> so unless you're doing crazy special-casing that would imply that you have some bizarre scoping rules
[Wed Dec 27 23:16:06 2017] <dh`> it's not unprecedented for the scope of binders in the head of a statement to cover the body
[Wed Dec 27 23:16:26 2017] <benzrf> that's generally special-cased
[Wed Dec 27 23:16:32 2017] <benzrf> er, i mean
[Wed Dec 27 23:16:45 2017] <benzrf> that's generally a case where that sort of binder is a distinct syntactic form
[Wed Dec 27 23:16:47 2017] <dh`> actually I guess it's the distinction between assignment and let-binding
[Wed Dec 27 23:17:01 2017] <dh`> and we expect "exists x," to be a let-binding
[Wed Dec 27 23:17:09 2017] <benzrf> not a let binding
[Wed Dec 27 23:17:11 2017] <benzrf> just a binding
[Wed Dec 27 23:17:13 2017] <benzrf> o.O
[Wed Dec 27 23:17:57 2017] <dh`> syntactically it's "let x = (some type) in foo == Foo x"
[Wed Dec 27 23:18:13 2017] <dh`> and we expect the binding to be limited to the in-clause
[Wed Dec 27 23:18:19 2017] <benzrf> that's not a let thing
[Wed Dec 27 23:18:21 2017] <benzrf> that's just called "binding"
[Wed Dec 27 23:18:34 2017] <dh`> no?
[Wed Dec 27 23:18:50 2017] <dh`> what's "int x; x = 0; ...... return x;"
[Wed Dec 27 23:18:56 2017] <benzrf> declaration and assignment
[Wed Dec 27 23:19:04 2017] <dh`> it's still a binding of x
[Wed Dec 27 23:19:12 2017] <dh`> or at least, I'd say so
[Wed Dec 27 23:19:49 2017] <dh`> if someone wrote "int x; x = 0; ...... return boundp(x)" and it returned false, that would be weird.
[Wed Dec 27 23:20:17 2017] <benzrf> i was about to start typing up a counterpoint but then i realized i dont think i have an actual point i'm arguing
[Wed Dec 27 23:20:29 2017] <dh`> anyway that's a detail
[Wed Dec 27 23:21:05 2017] <benzrf> let me back up: what i meant to say is that in the context of talking about expression-based syntaxes, the concept of a term in which a subterm has a bound variable is just "binding", not "let-binding"
[Wed Dec 27 23:22:04 2017] <dh`> yes, but whether the binding escapes the term or not... the latter is the defining characteristic of let-binding
[Wed Dec 27 23:22:39 2017] <benzrf> no it's not, that's true of pretty much every binder in most logics and type theories
[Wed Dec 27 23:22:43 2017] <benzrf> forall, exists, lambda
[Wed Dec 27 23:23:45 2017] <dh`> I suppose that's true
[Wed Dec 27 23:24:22 2017] <dh`> anyway this is still a side issue
[Wed Dec 27 23:24:37 2017] <benzrf> in fact, "int x;" isn't a case of a binding escaping a binder
[Wed Dec 27 23:25:30 2017] <benzrf> because either we want to see "int x;" as not a term with subterms, in which case it's not a coherent question, or else we should regard "int x; ..." as a term with the ... as a subterm which int x binds over
[Wed Dec 27 23:26:04 2017] <dh`> well, it does have two subterms: int and x
[Wed Dec 27 23:26:13 2017] <dh`> but I take your point
[Wed Dec 27 23:26:20 2017] <benzrf> i wouldn't call those subterms
[Wed Dec 27 23:26:24 2017] <benzrf> they're different parts of the grammar
[Wed Dec 27 23:26:34 2017] <dh`> x is, int isn't really
[Wed Dec 27 23:26:39 2017] <benzrf> but i guess this is a silly argument anyway since by definition a variable can't escape a binder
[Wed Dec 27 23:26:46 2017] <dh`> in C types are different, but at a fundamental level they aren't
[Wed Dec 27 23:27:12 2017] <dh`> anyway
[Wed Dec 27 23:27:43 2017] <benzrf> either a variable is bound by a given binder, or not, and "escaping" is a description of human interaction, like how "bugs" arent features of programs themselves
[Wed Dec 27 23:29:12 2017] <dh`> actually I think the way to do it is an operator that takes a statement and converts its success or failure to a boolean
[Wed Dec 27 23:29:43 2017] <benzrf> uhhh
[Wed Dec 27 23:29:50 2017] <benzrf> booleans are bad, mkay
[Wed Dec 27 23:30:02 2017] <dh`> booleans are reality :-)
[Wed Dec 27 23:30:12 2017] <dh`> so is failure, for that matter...
[Wed Dec 27 23:30:13 2017] <benzrf> so is assembly language
[Wed Dec 27 23:34:37 2017] <dh`> Foo (var x) = foo ?? x :: 0;
[Wed Dec 27 23:34:41 2017] <dh`> for = meaning assignment
[Wed Dec 27 23:35:04 2017] <dh`> I don't think that syntax violates any standard assumptions
[Wed Dec 27 23:35:17 2017] <dh`> given that ?? would mean "test for failure"
[Wed Dec 27 23:35:45 2017] <dh`> although maybe it should be written { Foo (var x) = foo } ?? x :: 0; to make the grouping clear
[Wed Dec 27 23:35:55 2017] <dh`> except that does violate standard notions of scoping
[Wed Dec 27 23:36:16 2017] <dh`> meh.
[Wed Dec 27 23:36:21 2017] <dh`> I'm not actually designing a language tonight
[Wed Dec 27 23:38:05 2017] <benzrf> https://play.rust-lang.org/?gist=973e5ffaadecf566a33e24e954d90664&version=stable
[Wed Dec 27 23:38:37 2017] <benzrf> j/k, if let is a specific construct
[Wed Dec 27 23:55:10 2017] <dh`> does rust really use "let" for all assignments?
[Wed Dec 27 23:56:21 2017] <benzrf> i dont think so
[Wed Dec 27 23:56:24 2017] <benzrf> it uses let for declarations
[Wed Dec 27 23:56:58 2017] <benzrf> if you have a mutable variable then assigning to it is just like in c
[Wed Dec 27 23:57:29 2017] <dh`> ah
[Wed Dec 27 23:57:39 2017] <benzrf> you say let mut for mutable variables
[Wed Dec 27 23:57:53 2017] <benzrf> well - actually mut is a modifier on the variable binding, and it's still let
[Wed Dec 27 23:58:49 2017] <benzrf> e.g. https://play.rust-lang.org/?gist=86793e081b9b42f2eb4dfbb957e9d62d&version=stable
[Wed Dec 27 23:59:50 2017] <dh`> ah
[Thu Dec 28 00:03:45 2017] <dh`> seems a lot like the role of "var" in pascal, not that this is necessarily bad
[Thu Dec 28 00:04:30 2017] <benzrf> i read my dads old pascal book once like 10 years ago. thats what i know about pascal
[Thu Dec 28 00:05:04 2017] <dh`> but I admit, "let x = 3;" annoys me both because it doesn't have a body and because it is a throwback to early BASIC dialects
[Thu Dec 28 00:05:11 2017] <dh`> which you probably aren't old enough to remember :-)
[Thu Dec 28 00:05:30 2017] <benzrf> actually "True BASIC" is the first programming language i learned, bizarrely
[Thu Dec 28 00:06:05 2017] <benzrf> what do you mean about not having a body, though
[Thu Dec 28 00:06:07 2017] <dh`> * waits for the RESF to come strike him down
[Thu Dec 28 00:06:18 2017] <dh`> "let" should have the form "let x in y"
[Thu Dec 28 00:06:25 2017] <benzrf> oh
[Thu Dec 28 00:06:36 2017] <dh`> if that's not what it is, use a different keyword
[Thu Dec 28 00:07:26 2017] <benzrf> but you just pointed out that not having a body is the earlier form 🤔
[Thu Dec 28 00:07:55 2017] <dh`> I don't think it is
[Thu Dec 28 00:07:58 2017] <dh`> BASIC dates to the 70s
[Thu Dec 28 00:08:04 2017] <dh`> "let" comes from lisp and probably dates to the 60s
[Thu Dec 28 00:08:13 2017] <benzrf> well
[Thu Dec 28 00:08:16 2017] <benzrf> okay
[Thu Dec 28 00:08:31 2017] <dh`> though I don't know much about the history of lisp (and don't really care very much)
[Thu Dec 28 00:08:42 2017] <benzrf> gonna hold you to taking prompting from lisp when it comes to syntax (:
[Thu Dec 28 00:09:09 2017] <benzrf> hadnt heard of the resf but wow https://pbs.twimg.com/media/DL7ggZWWkAAHL9y.jpg:large
[Thu Dec 28 00:10:41 2017] <benzrf> good night
[Thu Dec 28 00:12:29 2017] <dh`> heh
[Thu Dec 28 00:13:22 2017] <dh`> night
[Thu Dec 28 00:13:54 2017] <dh`> everybody we've been drowning out, please resume talking about coq :-)
[Thu Dec 28 02:07:03 2017] <piyush-kurur> pgiarrusso: it looks like cpdt is not doing anything special for type setting, may be the style file he is using makes the difference. Also the output of the coq interpreter, is being included by hand. So I think that is the best that can be done.
[Thu Dec 28 02:07:12 2017] <piyush-kurur> pgiarrusso: thanks for the help in any case
[Thu Dec 28 02:13:29 2017] <piyush-kurur> pgiarrusso: I found two latex macros that control the typesetting of keywords and ids
[Thu Dec 28 02:13:47 2017] <piyush-kurur> I guess I can tweak that for better styling
[Thu Dec 28 02:47:31 2017] <piyush-kurur> pgiarrusso: it seems the coqdoc package takes a color option so now I am happy.
[Thu Dec 28 02:47:48 2017] <piyush-kurur> * should always try the obvious thing before asking
[Thu Dec 28 03:32:14 2017] <beaky> is there a way to automate this kind of proof involving 'exists'? (i.e. solvable by just trying out constructors and hoping one sticks)  https://bpaste.net/show/3d20ce88d5b1
[Thu Dec 28 03:36:20 2017] <lyxia> eexists perhaps?
[Thu Dec 28 03:37:55 2017] <lyxia> You can probably also write a loop but I don't know how.
[Thu Dec 28 03:38:29 2017] <lyxia> intros []; eexists; eauto.
[Thu Dec 28 05:05:40 2017] <pgiarrusso> exists + whatever automation is good, but warning: you often want to delay eexists. doing substitution on existential variables is a pain
[Thu Dec 28 05:06:52 2017] <pgiarrusso> ah sorry, I agree this isn't relevant here
[Thu Dec 28 05:51:50 2017] <Cypi> beaky : to do what you describe, you can try `repeat econstructor; eauto`
[Thu Dec 28 05:51:56 2017] <Cypi> this will even do the `eexists` for you
[Thu Dec 28 06:56:15 2017] <pgiarrusso> Cypi: I thought you’d need a backtracking loop and errors though... closer to `repeat solve [econstructor; eauto]` (or maybe you need a dummy `match goal` to get the needed backtracking?)
[Thu Dec 28 06:58:31 2017] <pgiarrusso> But I’m not sure what `intros []` means... checking it out
[Thu Dec 28 07:00:56 2017] <dh`> I was wondering that
[Thu Dec 28 07:04:00 2017] <pgiarrusso> OK, `intros []` *is* a case split on the first argument
[Thu Dec 28 07:05:19 2017] <pgiarrusso> though https://coq.inria.fr/refman/tactics.html#hevea_tactic38 appears to forbid it in the documentation of disjunctive patterns
[Thu Dec 28 07:17:04 2017] <pgiarrusso> FWIW, the alternative I had in mind was `match goal with _ |- _ => solve [econstructor; eauto] end.`, or something like that — where the dummy `match goal` gives backtracking. But I’m still pretty confused here on the exact semantics.
[Thu Dec 28 07:17:43 2017] <pgiarrusso> also, `repeat solve ...` is redundant for `solve ...`
[Thu Dec 28 08:11:14 2017] <Cypi> pgiarrusso: the ; from Ltac is backtracking.
[Thu Dec 28 08:13:09 2017] <Cypi> Consider this simple example http://lpaste.net/361162
[Thu Dec 28 08:13:26 2017] <Cypi> `constructor` will pick the first constructor, so in the first case you end up with having to prove `False`
[Thu Dec 28 08:14:04 2017] <Cypi> but this is actually a tactic with multiple successes, so if a further tactic would fail (like the second `constructor` in the latter example), it will backtrack and try the next constructor
[Thu Dec 28 08:14:58 2017] <Cypi> So if you do `repeat econstructor; solve[ tac ].`, it will actually try every combination of constructors applications until `tac` can succeed
[Thu Dec 28 10:17:00 2017] <pgiarrusso> Cypi: first of all, I’m taking the original script to never nest calls to constructor, making repeat econstructor undesirable
[Thu Dec 28 10:17:48 2017] <pgiarrusso> Cypi: but your explanation suggests that econstructor; solve [eauto]. might be the desired tactic
[Thu Dec 28 10:21:13 2017] <pgiarrusso> Looking at the reference manual, this might be explained under heading “Backtracking branching” of https://coq.inria.fr/refman/ltac.html#sec468, while discussing the semantics of +; the equation with + and ; are especially suggestive.
[Thu Dec 28 10:22:41 2017] <pgiarrusso> But if that’s the case, the earlier explanation of ; is very bad, and even the later one js bad... this might be appropriate for a bad tutorial, not for a reference manual
[Thu Dec 28 10:23:45 2017] <pgiarrusso> Of course I might miss something, but now I have one more reason to ask for a formal semantics of Ltac (crazy, I know)
[Thu Dec 28 10:25:38 2017] <pgiarrusso> Though... I gotta look closer at your example
[Thu Dec 28 10:28:41 2017] <pgiarrusso> Cypi: OK, indeed got your example, and `econstructor; solve [eauto]` solves it too :-).
[Thu Dec 28 10:34:15 2017] <pgiarrusso> beaky: `econstructor; solve [eauto]` seems the closest automation of your solution
[Thu Dec 28 11:08:03 2017] <pgiarrusso> Cypi: also, THANKS, I’m wondering how I missed this earlier
[Fri Dec 29 09:13:05 2017] <rain1> hello
[Fri Dec 29 09:13:10 2017] <rain1> https://streaming.media.ccc.de/34c3/relive/9105
[Fri Dec 29 09:13:14 2017] <rain1> adam gave a talk at CCC
[Fri Dec 29 09:31:43 2017] <piyush-kurur> pgiarrusso: is there a way to include (* *) comments in the doc ?
[Fri Dec 29 09:33:12 2017] <pgiarrusso> piyush-kurur: I'm unqualified to answer, but those books I cited last time seem to do it by default? or maybe they only include some comments?
[Fri Dec 29 11:09:41 2017] <Steverman> dh`: do you want to see the end result of the 2-3 tree project?
[Fri Dec 29 12:29:15 2017] <dh`> sure
[Fri Dec 29 12:29:18 2017] <dh`> :-)
[Fri Dec 29 21:16:39 2017] <dh_work> ugh... if I have H: P (ctor arg) for some inductive P, is there any working way to do induction H?
[Fri Dec 29 21:17:11 2017] <dh_work> it seems that if you don't remember and hide away (ctor arg) the induction forgets it isn't the general case of its type
[Fri Dec 29 21:18:09 2017] <dh_work> but if you do, the Heq* from remembering it gives you a false premise in the induction hypothesis.
[Fri Dec 29 21:20:31 2017] <dh_work> I suppose it's reasonable that it works out this way, but it's annoying and it's making it impossible to prove something otherwise simple...
[Fri Dec 29 21:33:53 2017] <pgiarrusso> dh_work: isn’t this what dependent induction is for?
[Fri Dec 29 21:34:40 2017] <pgiarrusso> This is the same problem that various “dependent foo” tactics solve
[Fri Dec 29 21:43:32 2017] <dh_work> hmm that's an idea
[Fri Dec 29 21:45:00 2017] <dh_work> yes that worked! woo
[Fri Dec 29 21:45:36 2017] <dh_work> back on regexps, was trying to prove that RxStar (RxEpsilon) can't match x :: xs
[Fri Dec 29 21:50:18 2017] <dh_work> and that's surprisingly hard.
[Fri Dec 29 21:59:45 2017] <pgiarrusso> wait, that regexp is \epsilon *?
[Fri Dec 29 22:00:04 2017] <pgiarrusso> an arbitrary sequence of empty strings?
[Fri Dec 29 22:00:38 2017] <pgiarrusso> which matches... the empty string, hence a prefix of x :: xs... so I hope you mean it doesn’t do a “full” match
[Fri Dec 29 22:01:09 2017] <pgiarrusso> have you tried reasoning on the length of x :: xs (>= 1) and of strings matching \epsilon * (0)? those lengths are disjoint
[Fri Dec 29 22:01:32 2017] <pgiarrusso> so the thesis should follow
[Fri Dec 29 22:01:56 2017] <pgiarrusso> once you prove enough facts about “length of matches”
[Fri Dec 29 22:03:10 2017] <pgiarrusso> dh_work: ^^
[Fri Dec 29 22:05:51 2017] <pgiarrusso> I mean, reasoning on \epsilon * by direct induction (on matches of *) would fail because \epsilon * =
[Fri Dec 29 22:06:03 2017] <pgiarrusso> \epsilon \epsilon*
[Fri Dec 29 22:06:19 2017] <pgiarrusso> so a match of \epsilon* is a match against \epsilon and a match against \epsilon*
[Fri Dec 29 22:06:48 2017] <pgiarrusso> so we’re back to where we started without having made progress
[Fri Dec 29 22:06:58 2017] <pgiarrusso> having consumed characters, and so on
[Fri Dec 29 22:08:50 2017] <pgiarrusso> dh_work: or, can you prove that a match against r* is a match against `r^n` for some n (where `r^n` means `n` times `r`)? If so, you can at least reason by induction on `n`
[Fri Dec 29 22:09:29 2017] <pgiarrusso> and prove by induction on `n` that for all `n`, `\epsilon^n` does not match `x :: xs`
[Fri Dec 29 22:15:39 2017] <dh_work> I'm not convinced lengths will help
[Fri Dec 29 22:15:42 2017] <dh_work> the latter probably will
[Fri Dec 29 22:15:57 2017] <dh_work> at the moment I'm trying to work it by adding more inductives
[Fri Dec 29 22:19:58 2017] <dh_work> also, is the latter even true? the basic problem here is that r* matches "" ++ s, and after simplifying you get right back to r* matches s
[Fri Dec 29 22:24:26 2017] <dh_work> bah
[Fri Dec 29 22:24:51 2017] <dh_work> dependent induction works for RxStar RxEpsilon, but not for RxStar r
[Fri Dec 29 22:25:13 2017] <dh_work> In nested Ltac calls to "dependent induction (ident)", "do_depind",
[Fri Dec 29 22:25:13 2017] <dh_work> "tac" (bound to fun hyp => do_ind hyp), "do_ind", "elim_ind",
[Fri Dec 29 22:25:13 2017] <dh_work> "elim_tac" and "p", last term evaluation failed.
[Fri Dec 29 22:25:13 2017] <dh_work> Variable p should be bound to a term but is bound to a ident.
[Fri Dec 29 22:25:38 2017] <dh_work> can't really interpret that message :(
[Fri Dec 29 22:27:25 2017] <pgiarrusso> people working on Coq warned me against `dependent induction` because it’s more experimental, this might be what they meant :-|
[Fri Dec 29 22:28:15 2017] <pgiarrusso> > 4:19 AM <dh_work> also, is the latter even true? the basic problem here is that r* matches "" ++ s, and after simplifying you get right back to r* matches s
[Fri Dec 29 22:28:36 2017] <pgiarrusso> I agree that is the problem, and making `n` explicit fixes that
[Fri Dec 29 22:29:01 2017] <pgiarrusso> (I tried to hint at this but explained that badly)
[Fri Dec 29 22:29:33 2017] <pgiarrusso> `n` explicit fixes that because at least you go to `r^(n - 1) matches s` and the inductive hypothesis tells you that’s impossible
[Fri Dec 29 22:29:54 2017] <pgiarrusso> and this, BTW, is just strengthening of the induction hypothesis
[Fri Dec 29 22:30:19 2017] <pgiarrusso> well, scratch “just”... it’s yet another instance of it
[Fri Dec 29 22:32:23 2017] <pgiarrusso> on lengths, I’ll agree it’d be more work, and a few steps might be hard
[Fri Dec 29 22:36:41 2017] <pgiarrusso> dh_work: on your original question re `dependent induction H`, you should not remember just `H`, but you should also “generalize” its indexes
[Fri Dec 29 22:36:54 2017] <pgiarrusso> > 3:16 AM <dh_work> ugh... if I have H: P (ctor arg) for some inductive P, is there any working way to do induction H?
[Fri Dec 29 22:38:36 2017] <pgiarrusso> you need to bind a fresh variable `x` and remember that `x = ctor arg`, turn `H` into `H : P x`, *then* do `induction H`
[Fri Dec 29 22:40:06 2017] <pgiarrusso> that’s a (bad) summary of https://coq.inria.fr/refman/tactic-examples.html#dependent-induction-example
[Fri Dec 29 22:40:14 2017] <pgiarrusso> which explains how the tactic is implemented
[Fri Dec 29 22:41:00 2017] <pgiarrusso> this way, beyond the absurd premise in the induction hypothesis, you should get an absurd premise to the goal as well
[Fri Dec 29 22:41:26 2017] <pgiarrusso> dh_work: ^^
[Fri Dec 29 22:43:49 2017] <dh_work> hmm
[Fri Dec 29 23:09:33 2017] <dh_work> hmm
[Fri Dec 29 23:10:00 2017] <dh_work> the cases in which dependent induction doesn't work are the ones where the regexp has a subregexp in it
[Fri Dec 29 23:11:32 2017] <dh_work> or rather, it seems, dependent induction H chokes as above if H contains a subterm that's a general case of a regexp
[Fri Dec 29 23:11:48 2017] <dh_work> which will always be the case for some instances, because regexps are inductive.
[Fri Dec 29 23:13:35 2017] <dh_work> aha
[Fri Dec 29 23:14:27 2017] <dh_work> it seems to be critical to define matching for * just so
[Fri Dec 29 23:15:08 2017] <dh_work> I had been using:
[Fri Dec 29 23:15:09 2017] <dh_work> | StarMatches: forall ctx r xs,
[Fri Dec 29 23:15:09 2017] <dh_work>      RxMatches ctx (RxAlt RxEpsilon (RxSeq r (RxStar r))) xs ->
[Fri Dec 29 23:15:09 2017] <dh_work>      RxMatches ctx (RxStar r) xs
[Fri Dec 29 23:16:22 2017] <dh_work> in which case inducting on RxMatches after remembering (RxStar r) gives a single IH that wants RxAlt RxEpsilon (RxSeq r (RxStar r)) = RxStar r
[Fri Dec 29 23:16:24 2017] <dh_work> and it fails
[Fri Dec 29 23:16:29 2017] <dh_work> however, changing that to:
[Fri Dec 29 23:16:41 2017] <dh_work> | StarMatchesEmpty: forall ctx r,
[Fri Dec 29 23:16:41 2017] <dh_work>      RxMatches ctx (RxStar r) []
[Fri Dec 29 23:16:41 2017] <dh_work> | StarMatchesMore: forall ctx r xs0 xs1,
[Fri Dec 29 23:16:41 2017] <dh_work>      RxMatches ctx r xs0 ->
[Fri Dec 29 23:16:41 2017] <dh_work>      RxMatches ctx (RxStar r) xs1 ->
[Fri Dec 29 23:16:42 2017] <dh_work>      RxMatches ctx (RxStar r) (xs0 ++ xs1)
[Fri Dec 29 23:17:30 2017] <dh_work> makes it a lot better: the empty case works out easily and the other case gives me two induction hypotheses, where the equality premise of the second one is RxStar r0 = RxStar r, and that works
[Fri Dec 29 23:17:41 2017] <dh_work> that is not something I would have expected.
[Fri Dec 29 23:17:59 2017] <dh_work> I'd been using the second form earlier, but changed for this branch of things because it looks tidier to unfold the other way
[Fri Dec 29 23:24:22 2017] <sud_> I have a term t that appears in many places in my context and I want to declare a name X for it (pose t as X for instance), and I want to substitute every occurrence of t with X (assert (H: t = x). { auto. }    rewrite H in *.
[Fri Dec 29 23:24:50 2017] <sud_> this part is ok, but I also want that subst and other tactics to not simplify X away
[Fri Dec 29 23:43:26 2017] <dh_work> you can do that more easily with "remember t as X"; but I don't know any way to make subst ignore it
[Fri Dec 29 23:49:13 2017] <sud_> dh_work: perhaps by "hiding" the equality inside a constructor? Inductive W: Prop -> Prop := Wrap: forall P: Prop, P -> W P.
[Sat Dec 30 01:43:05 2017] <dh_work> oh, that should do it.
[Sat Dec 30 01:43:51 2017] <dh_work> don't even bother with that, just assert (Some t = Some x) by (apply f_equal; auto).
[Sat Dec 30 01:45:34 2017] <benzrf> i believe even just f_equal is a tactic
[Sat Dec 30 01:45:44 2017] <benzrf> (so [by f_equal])
[Sat Dec 30 01:45:52 2017] <dh_work> then clear the direct equation
[Sat Dec 30 01:46:32 2017] <benzrf> oh wait no yeah the auto is still necessary nvm
[Sat Dec 30 23:38:59 2017] <dh`> if anyone's about and bored, and has opinions about how my string librrary should think about character classes, this would be a good time to speak up
[Sun Dec 31 02:49:12 2017] <dh`> Also, does the Coq library have anything comparable to struct timespec or time_t?
[Sun Dec 31 03:01:46 2017] <johnw> dh`: not that I know of
[Sun Dec 31 03:16:42 2017] <dh`> figures
[Sun Dec 31 03:17:15 2017] <dh`> the string library ought to have strftime(), was hoping there's already some time infrastructure
[Sun Dec 31 03:17:41 2017] <dh`> but given coq's general detachment from that level of reality I'm not actually surprised :-)
[Sun Dec 31 03:21:43 2017] <dh`> while I maybe have your attention: do you see any value in python's foo[x:y:z] stride array slicing for strings?
[Sun Dec 31 03:21:47 2017] <dh`> I'm thinking not
[Sun Dec 31 06:36:17 2017] <bollu1> https://gist.github.com/bollu/bb2bfdeccfc86a173319576a15f62c7a <- I'm not able to convert a Zneq_bool  into a type-level witness
[Sun Dec 31 06:36:24 2017] <bollu1> I get a cryptic error that I don't know how to debug
[Sun Dec 31 06:40:22 2017] <lyxia> bollu1: did you not mean "apply Zeq_bool_neq"
[Sun Dec 31 08:18:15 2017] <bollu1> lyxia: yes, I did
[Mon Jan  1 00:06:02 2018] <dh`> heh, coqide gets really slow on 10000-line files
[Mon Jan  1 00:49:18 2018] <piyush-kurur> It looks to me that a Class constraint in Coq becomes a formal argument in the extracted haskell code. Is there a way to make it a class constraint.
[Mon Jan  1 00:49:55 2018] <piyush-kurur> Or is this inherently going to be difficult
[Mon Jan  1 00:56:10 2018] <dh`> haskell typeclasses are different enough that it probably will be difficult
[Mon Jan  1 01:15:50 2018] <Tone29> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ A DISCUSSION IS GOING ON ABOUT TO TO RE-ENSLAVE NIGGERS IN #/JOIN IF THIS GETS YOUR DICK HARD JOIN IN (MESSAGE VAP0R FOR HELP) jwotpmr: mpickering tomjack xeno ▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 01:15:56 2018] <Tone29> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ A DISCUSSION IS GOING ON ABOUT TO TO RE-ENSLAVE NIGGERS IN #/JOIN IF THIS GETS YOUR DICK HARD JOIN IN (MESSAGE VAP0R FOR HELP) mjwcqjadpu: justan0theruser bitonic mankyKitty ▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:31 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)tbtnyj: augur tomjack butterthebuddha ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:36 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)zagytvq: ynyounuo contrapumpkin sbp ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:41 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)jamqm: rgrinberg hackedy_ terrorjack ▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:46 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)ackjhprdup: jgross bitonic cjh` ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:51 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)nqefkrdj: petercommand wedify Intensity ▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:51:56 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)zeegmaa: bitonic ertes justan0theruser ▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:01 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)wfzspj: augur ynyounuo mbrcknl_ ▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:06 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)uxfgg: lynn jmagnusj aj ▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:11 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)gdzyz: bitonic sbp jmagnusj ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:16 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)ajccxywd: terrorjack bitonic Intensity ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:21 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)gjrjtc: ynyounuo zgrepc dmiles ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:27 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)rspdzj: jgross ggherdov terrorjack ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:31 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)zlohihq: schoppenhauer ynyounuo augur ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:36 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)hezwhb: rgrinberg piyush-kurur lynn ▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 10:52:42 2018] <ReggX676> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ we have got more than 200% of the monthly donations today, thank you all so much!(weechat devs)nytuamhusz: butterthebuddha sbp jmagnusj ▄▄▄▄▄▄▄▄▄▄▄▄▄
[Mon Jan  1 18:49:46 2018] <pnull> Hi folks! Does the Coq standard library provide a definition for Nat type?
[Mon Jan  1 18:51:08 2018] <benzrf> pnull: yes, it's just nat
[Mon Jan  1 18:51:18 2018] <benzrf> a lot of type names in coq are lowercase
[Mon Jan  1 18:52:50 2018] <pnull> Oh, God. Sorry, I mistyped that. I would like to find a Fin type.
[Mon Jan  1 18:56:47 2018] <Cypi> https://coq.inria.fr/library/Coq.Vectors.Fin.html this one?
[Mon Jan  1 19:00:40 2018] <pnull> Cypi: It looks like something I want, but doing `Require Coq.Vectors.Fin. Check fin.` gives me an error. How do I properly "import" this package?
[Mon Jan  1 19:01:31 2018] <Cypi> `Check Fin.t.`
[Mon Jan  1 19:01:48 2018] <Cypi> it doesn't define anything named `fin`, despite what the comments would suggest, just a type `t`
[Mon Jan  1 19:02:08 2018] <Cypi> (I guess this is a habit coming from OCaml, where the internal type defined by a Module is often called `t`)
[Mon Jan  1 19:02:15 2018] <pnull> Great, it works. Thank you!
[Mon Jan  1 19:02:49 2018] <pnull> Also, could you please explain me one more thing.
[Mon Jan  1 19:03:43 2018] <pnull> I haven't learned yet what `Set` is, is it ok if I ignore it and pretend it's just `Type`?
[Mon Jan  1 19:04:09 2018] <Cypi> It is actually. `Set` could be considered as the lowest `Type`
[Mon Jan  1 19:04:29 2018] <pnull> Thank you once again.
[Mon Jan  1 19:15:54 2018] <dh`> does Set promote to Type? I wouldn't expect it but I'd expect a lot more things to fail than actually do if you use Sets
[Mon Jan  1 19:17:19 2018] <Cypi> I'm not sure I understand the question. Just in case, if you have some function that applies on a Type, and you use it on `nat : Set`, then `Set` is not promoted to `Type`. It would be the other way around, the function is instantiated with `Set`.
[Mon Jan  1 19:25:37 2018] <dh`> hrm
[Mon Jan  1 19:25:52 2018] <dh`> well, for example you can do Inductive foo: Set := ...
[Mon Jan  1 19:26:06 2018] <dh`> and then have lists of foo, but list is allegedly Set -> Set
[Mon Jan  1 19:26:12 2018] <dh`> erm
[Mon Jan  1 19:26:16 2018] <dh`> list is allegedly Type -> Type
[Mon Jan  1 19:26:16 2018] <dh`> sorry
[Mon Jan  1 19:26:37 2018] <dh`> there's some extra polymorphism going on in there
[Mon Jan  1 19:29:33 2018] <Cypi> Ah. Well, anything typed as a Set can be typed as Type. Now there is still some extra stuff going on to make `list nat` a Set, and not a Type
[Mon Jan  1 19:30:20 2018] <dh`> if it came out as a Type what happens would be indistiguishable from promotion in the traditional sense :-)
[Mon Jan  1 19:30:36 2018] <Cypi> Alright, sorry then, I misunderstood what you meant x)
[Mon Jan  1 19:32:12 2018] <dh`> as I recall maps *don't* work this way
[Mon Jan  1 19:32:46 2018] <dh`> anyway, I was just curious.
[Mon Jan  1 19:34:21 2018] <dh`> anytime implicit type conversions get used successfully to avoid user-facing administrative hassles is at least marginally interesting, especially when coexisting with a strong type system.
[Tue Jan  2 05:22:17 2018] <takanuva> how do I make Coq believe that n + 0 = n in here? https://gist.github.com/takanuva/c645d2a46e3c9bcb10a0293683da3423
[Tue Jan  2 05:40:14 2018] <lyxia> Theorem vec_c_n: forall {n}, forall v1: Vector n, eq_rect_r Vector (concat v1 Nil) (plus_n_O n) = v1.  My best approximation so far
[Tue Jan  2 05:50:01 2018] <takanuva> lyxia: that helps, thanks! but it raised a lot more questions now, though... :(
[Tue Jan  2 06:07:05 2018] <bollu_alternate> https://gist.github.com/bollu/84a241bcce247b1cfa98c4ad284589a9 <- can I please have some help proving propositions about ListMap?
[Tue Jan  2 06:17:05 2018] <lyxia> isn't every nat >= 0
[Tue Jan  2 06:18:02 2018] <lyxia> ignoring that, you need to strengthen your lemma
[Tue Jan  2 06:19:33 2018] <lyxia> in the intermediate step, in_proof simplifies to  ... (insertNats n somethingNotEmpty)
[Tue Jan  2 06:20:41 2018] <bollu_alternate> lyxia, indeed, I was going to make the example harder next, but I couldn't even get this to prove
[Tue Jan  2 06:21:55 2018] <bollu_alternate> lyxia what do you mean by "intermediate step"?
[Tue Jan  2 06:23:31 2018] <lyxia> bollu_alternate: I mean whatever you get after  "simpl in in_proof." once more after tauto.
[Tue Jan  2 06:24:05 2018] <bollu_alternate> We get this, right?   in_proof : List.In k (keys (insertNats n (add (S n) (S n) NatToNatEmpty)))
[Tue Jan  2 06:24:28 2018] <lyxia> Yeah
[Tue Jan  2 06:24:37 2018] <bollu_alternate> yes, but, well
[Tue Jan  2 06:24:43 2018] <bollu_alternate> How do I use this? :)
[Tue Jan  2 06:25:14 2018] <lyxia> the induction hypothesis should quantify on the map
[Tue Jan  2 06:26:48 2018] <bollu_alternate> I am not sure what you mean by that. You mean that I should state my theorem for all possible maps?
[Tue Jan  2 06:27:06 2018] <lyxia> forall n mm, (forall k, List.In k (keys mm) -> k >= 0) -> (forall k, List.In k (keys (insertNats n mm)) -> k >= 0)
[Tue Jan  2 06:27:48 2018] <lyxia> don't introduce mm before doing the induction.
[Tue Jan  2 06:28:21 2018] <bollu_alternate> So I have the universal quantifier available, I assume?
[Tue Jan  2 06:29:23 2018] <bollu_alternate> I am confused, are you saying that I should try and prove this? forall n mm, (forall k, List.In k (keys mm) -> k >= 0) -> (forall k, List.In k (keys (insertNats n mm)) -> k >= 0)
[Tue Jan  2 06:30:57 2018] <lyxia> yes
[Tue Jan  2 06:31:46 2018] <bollu_alternate> I am trying that, that makes sense
[Tue Jan  2 06:31:51 2018] <bollu_alternate> Also, what does "simpl" do, really
[Tue Jan  2 06:31:59 2018] <bollu_alternate> I use it as a black box that knows stuff
[Tue Jan  2 06:32:02 2018] <bollu_alternate> but, how does it work
[Tue Jan  2 06:32:11 2018] <lyxia> bollu_alternate: by "intermediate step" I was referring to insertNats, which works by successively adding elements to the map
[Tue Jan  2 06:32:40 2018] <lyxia> but in your theorem, when you do induction, the induction step assumes something about insertNats on an empty map
[Tue Jan  2 06:33:58 2018] <lyxia> bollu_alternate: think of it as beta-reduction
[Tue Jan  2 06:34:17 2018] <lyxia> bollu_alternate: about simpl ^
[Tue Jan  2 06:34:33 2018] <bollu_alternate> hm, I see
[Tue Jan  2 06:35:15 2018] <lyxia> there are some more rules about opaqueness, but that's the basic idea otherwise.
[Tue Jan  2 06:39:51 2018] <bollu_alternate> lyxia:  got farther, but I'm stuck again :)  https://gist.github.com/bollu/84a241bcce247b1cfa98c4ad284589a9#file-farther-need-right-tactic-v-L47. How do I find the theorem / tactic I need?
[Tue Jan  2 06:40:10 2018] <bollu_alternate> I need some "learning how to learn" coq. I know of Search and SearchAbout, but I do not think they are strong enough here
[Tue Jan  2 06:44:35 2018] <lyxia> bollu_alternate: you can split on these cases using decidable equality, something like  forall n m, {n = m} + {n <> m}
[Tue Jan  2 06:44:55 2018] <lyxia> It's somewhere in the stdlib
[Tue Jan  2 06:47:05 2018] <lyxia> PeanoNat.Nat.eq_dec
[Tue Jan  2 06:48:06 2018] <lyxia> Then with "Search MNat.add" there are some relevant lemmas
[Tue Jan  2 06:48:44 2018] <bollu_alternate> I drr
[Tue Jan  2 06:48:46 2018] <bollu_alternate> see*
[Tue Jan  2 06:48:52 2018] <bollu_alternate> I believe the theorem I need is this:
[Tue Jan  2 06:48:54 2018] <bollu_alternate> Theorem key_add_presence: forall (k: nat) (v: nat) (mm : NatToNat) (curk : nat), List.In curk (keys (add k v mm)) -> curk = k \/ List.In curk (keys mm).
[Tue Jan  2 06:49:11 2018] <lyxia> you will need to relate the MapsTo predicate to whatever you are doing with List.In and keys
[Tue Jan  2 06:49:33 2018] <bollu_alternate> lyxia why do I need to relate MapsTo?
[Tue Jan  2 06:49:48 2018] <lyxia> because that's the predicate that's used by the lemmas about MNat.add
[Tue Jan  2 06:49:52 2018] <bollu_alternate> I see
[Tue Jan  2 06:50:29 2018] <bollu_alternate> OK, I'll check this out :)
[Tue Jan  2 06:50:30 2018] <bollu_alternate> ty
[Tue Jan  2 06:51:08 2018] <lyxia> yw
[Wed Jan  3 12:08:10 2018] <bollu1> What does functionalInduction do, actually? as a tactic
[Wed Jan  3 12:08:12 2018] <bollu1> I asked a question here
[Wed Jan  3 12:08:13 2018] <bollu1> https://stackoverflow.com/questions/48076202/what-does-the-functional-induction-tactic-do-in-coq
[Wed Jan  3 12:08:18 2018] <bollu1> I have some vague intuition about it
[Wed Jan  3 12:08:21 2018] <bollu1> but no real insight
[Wed Jan  3 12:08:28 2018] <bollu1> could someone please help? :)
[Wed Jan  3 12:08:35 2018] <bollu1> lyxia: ping, if you are around!
[Wed Jan  3 13:43:10 2018] <pgiarrusso> bollu1: an induction principle is an actual lemma that you can `Print`
[Wed Jan  3 13:43:58 2018] <pgiarrusso> I forget the name generation scheme, it’s easier to see with Induction Scheme IIRC
[Wed Jan  3 13:44:43 2018] <pgiarrusso> But before reading those, you probably want to understand simpler principles, like dunno, nat_ind
[Wed Jan  3 13:45:25 2018] <pgiarrusso> Eventually you should see they’re basically fancier and more dependently typed folds
[Wed Jan  3 13:46:04 2018] <pgiarrusso> But on your actual question, I’m not sure what Function’s principles do
[Wed Jan  3 13:49:53 2018] <pgiarrusso> Uh, sorry, he went...
[Wed Jan  3 14:45:02 2018] <deeglaze> anyone answering on SO?
[Wed Jan  3 14:50:29 2018] <pgiarrusso> deeglaze: good point
[Wed Jan  3 14:59:05 2018] <deeglaze> I'm writing an answer.
[Wed Jan  3 14:59:50 2018] <deeglaze> I haven't dived into the inner workings of what Coq actually does, but I do have experience with induction schemes and what I'm pretty sure Coq does...
[Wed Jan  3 15:05:31 2018] <pgiarrusso> deeglaze: I’ve added a comment (I’m Blaisorblade there), but it’s not a full answer
[Wed Jan  3 15:06:11 2018] <pgiarrusso> also, I am not sure where bollu1 is stuck on the docs, since quite a few of their questions are answered there
[Wed Jan  3 15:50:24 2018] <dh`> given that he's a beginner, that's likely not the kind of answer he's looking for.
[Wed Jan  3 15:51:54 2018] <dh`> what he wants is most likely "it does induction over the recursive calls in a function" even though that's not a very well-formed statement
[Wed Jan  3 15:53:32 2018] <dh`> (well, "he")
[Wed Jan  3 19:17:07 2018] <pgiarrusso> dh`: You might well be right, it’s sad we didn’t catch them on IRC to answer more interactively
[Wed Jan  3 20:12:51 2018] <dh`> oh well
[Wed Jan  3 20:12:51 2018] <dh`> when people ask questions and don't stick around for answers, it's their problem.
[Fri Jan  5 05:58:08 2018] <takanuva> how do I split a class definition in a proof? I have only one goal (Monad Foo), I'd like to split it to prove its components
[Fri Jan  5 05:58:20 2018] <takanuva> (still learning, studying by myself)
[Fri Jan  5 06:13:14 2018] <lyxia> Try "constructor"
[Fri Jan  5 06:13:20 2018] <lyxia> or "split"
[Fri Jan  5 06:56:50 2018] <takanuva> lyxia: "constructor" gives me "No applicable tactic", and "split" gives me "unable to find an instance for variables Return, Bind" (the class is Monad)
[Fri Jan  5 07:01:35 2018] <lyxia> takanuva: Can I see the definition of Monad
[Fri Jan  5 07:04:00 2018] <takanuva> lyxia: https://i.imgur.com/2Q8UgSZ.png
[Fri Jan  5 07:05:02 2018] <lyxia> takanuva: can you show me how you tried to use those tactics
[Fri Jan  5 07:06:17 2018] <takanuva> "constructor." and "split.", since what I'm trying to break is my goal... isn't that right? (sorry, I'm studying by myself!)
[Fri Jan  5 07:07:03 2018] <takanuva> if I add the := {} on the Instance, it already breaks the five goals I want... I assume there's a tactic to do that as well
[Fri Jan  5 07:08:34 2018] <lyxia> if I write "constructor." I get to prove the five goals.
[Fri Jan  5 07:09:01 2018] <takanuva> odd...
[Fri Jan  5 07:11:15 2018] <lyxia> oh wait no I simplified too much
[Fri Jan  5 07:13:00 2018] <takanuva> oh, I thought it maybe could be the Coq version... I'm running 8.6 here
[Fri Jan  5 07:14:15 2018] <lyxia> ah I see it can't split because the laws depend on the definition of Return and Bind
[Fri Jan  5 07:15:07 2018] <takanuva> oh
[Fri Jan  5 07:16:32 2018] <lyxia> I mean, not with constructor/split. there may be another tactic
[Fri Jan  5 07:17:49 2018] <takanuva> at least I already learned something new :D
[Fri Jan  5 07:18:43 2018] <takanuva> I noticed that "eexists" does something, but it only gives me the laws instead (and I don't know what to do then)
[Fri Jan  5 07:19:13 2018] <lyxia> yeah the "existential" variants of the tactics seem relevant
[Fri Jan  5 07:19:20 2018] <lyxia> econstructor. Unshelve.
[Fri Jan  5 07:20:06 2018] <lyxia> eexists seems to do the same as econstructor here.
[Fri Jan  5 07:20:55 2018] <lyxia> I'm not sure how to avoid shelving and get the same order of goals as with := {}
[Fri Jan  5 07:21:21 2018] <anton-trunov> you might want to look at this https://stackoverflow.com/q/35937980/2747511
[Fri Jan  5 07:21:49 2018] <lyxia> You can use Focus 2. to pick the right goal.
[Fri Jan  5 07:22:00 2018] <takanuva> yeah, this is where I took the code from, but I noticed I can use Proof instead of {| ... |}, I took it as an exercise
[Fri Jan  5 07:23:25 2018] <takanuva> why "Focus" and "Unshelve" start with a capital letter?
[Fri Jan  5 07:25:02 2018] <lyxia> they are commands.
[Fri Jan  5 07:27:02 2018] <takanuva> this solves the issue, I can probably write an LTac that splits, unshelves and reorders by myself now
[Fri Jan  5 07:27:05 2018] <takanuva> thank you very much :)
[Fri Jan  5 07:28:43 2018] <lyxia> takanuva: There is also a Build_Monad function (that is used by those tactics), so if you manage to define Return and Bind you can write apply Build_Monad with (Return := MyReturn) (Bind := MyBind).
[Fri Jan  5 07:29:15 2018] <takanuva> lyxia: I'll take note of that, thanks! :D
[Fri Jan  5 07:29:38 2018] <lyxia> yw. That's about all I could think of so far.
[Fri Jan  5 07:34:08 2018] <anton-trunov> econstructor also supports binding lists: econstructor 1 with (Return := ...) (Bind := ...)
[Fri Jan  5 07:52:42 2018] <lyxia> ohhh
[Sat Jan  6 10:42:22 2018] <beaky> hello. besides embedding or extraction, are there any other methods for obtaining verified programs from coq in an automated fashion?
[Sat Jan  6 10:52:59 2018] <robwebbjr> Sorry if this is a double post, new here... [07:50] To join a channel type: Hello. I am working through Pierce's Logical Foundations and I am stuck trying to prove a trivial theorem about lists. Would you please help me? The details are here: http://lpaste.net/360556 Thank you!
[Sat Jan  6 10:59:24 2018] <anton-trunov> robwebbjr: basically, you need to pattern match on `x` using `destruct x.`
[Sat Jan  6 10:59:57 2018] <anton-trunov> because `beq_id` is defined via pattern matching on its parameters
[Sat Jan  6 11:00:21 2018] <robwebbjr> Hi. thank you so much!
[Sat Jan  6 11:00:25 2018] <anton-trunov> in many cases your proofs reflect the structure of your function
[Sat Jan  6 11:00:45 2018] <anton-trunov> you sort of symbolically execute your function in your proofs
[Sat Jan  6 11:01:54 2018] <robwebbjr> The techniques used up to this point did not seem to work here. Someone mentioned "apply"; what is this command?
[Sat Jan  6 11:03:28 2018] <anton-trunov> it's called a "tactic" (commands are different beasts in Coq, their names start with capital letters)
[Sat Jan  6 11:03:47 2018] <anton-trunov> if your goal matches some lemma you can `apply` the lemma
[Sat Jan  6 11:03:56 2018] <anton-trunov> I'm simplifying a lot
[Sat Jan  6 11:04:10 2018] <anton-trunov> so my description is not really precise
[Sat Jan  6 11:04:20 2018] <anton-trunov> but should get you started
[Sat Jan  6 11:06:11 2018] <robwebbjr> OK, I get it though.
[Sat Jan  6 11:06:21 2018] <robwebbjr> That's what I was missing.
[Sat Jan  6 11:07:01 2018] <robwebbjr> I started with Agda, and stumbled onto Coq, looking for answers from being stuck.
[Sat Jan  6 11:07:39 2018] <robwebbjr> And this is like rewriting using the theorem that you are currently proving.
[Sat Jan  6 11:08:04 2018] <robwebbjr> Which was just presented as an ordinary rewrite in Agda.
[Sat Jan  6 11:08:26 2018] <robwebbjr> Thank you so much. The book hasn't covered tactics yet.
[Sat Jan  6 11:09:19 2018] <anton-trunov> really? As far as I remember the book does that. Is it possible that you have started from the wrong chapter?
[Sat Jan  6 11:10:20 2018] <robwebbjr> Well, I started at chapter 1 of logical foundations. this is chapter 3 and I don't recall any mention of tactics...
[Sat Jan  6 11:11:31 2018] <anton-trunov> the 1st chapter mentiones tactics in Proof by Simplification section
[Sat Jan  6 11:15:48 2018] <robwebbjr> OK, well I'm satisfied with your great help. Thanks again!
[Sat Jan  6 11:16:03 2018] <anton-trunov> No problem! Good luck
[Sat Jan  6 11:49:40 2018] <bartavelle> hum, I can't figure out how to switch by goal from
[Sat Jan  6 11:49:44 2018] <bartavelle> (a,b) = (c,d)
[Sat Jan  6 11:49:45 2018] <bartavelle> to
[Sat Jan  6 11:49:52 2018] <bartavelle> a = c /\ b = d
[Sat Jan  6 11:55:24 2018] <anton-trunov> enough (a = c /\ b = d) as [-> ->] by trivial.
[Sat Jan  6 12:00:01 2018] <bartavelle> what does (-> ->] mean
[Sat Jan  6 12:00:04 2018] <bartavelle> err
[Sat Jan  6 12:00:14 2018] <bartavelle> alright, I expected smething like using f_equal
[Sat Jan  6 12:00:24 2018] <bartavelle> * looks up "enough"
[Sat Jan  6 12:01:05 2018] <anton-trunov> it destructs the conjunction and uses both equalities to rewrite in the goal
[Sat Jan  6 12:01:55 2018] <anton-trunov> it's called "intro-pattern" (you can look them up in the manual, they are quite fun to use)
[Sat Jan  6 12:02:39 2018] <pgiarrusso> bartavelle: f_equal will do what you want, unless you really want your obligations in a conjunction
[Sat Jan  6 12:03:31 2018] <pgiarrusso> anton-trunov: is this intro pattern more common with ssreflect?
[Sat Jan  6 12:04:23 2018] <pgiarrusso> I'm no expert but I've only seen it in those proofs
[Sat Jan  6 12:04:35 2018] <pgiarrusso> (until now)
[Sat Jan  6 12:04:54 2018] <anton-trunov> yeah, ssreflect proofs use them a lot, but intro-patterns are part of standard Coq for quite a long time
[Sat Jan  6 12:05:03 2018] <bartavelle> pgiarrusso: I can't seem to be able to use f_equal
[Sat Jan  6 12:05:03 2018] <anton-trunov> well ssreflect is now too
[Sat Jan  6 12:05:17 2018] <bartavelle> and the "enough" trick gives me Error: Tactic generated a subgoal identical to the original goal.
[Sat Jan  6 12:05:31 2018] <anton-trunov> bartavelle: what Coq version are you on?
[Sat Jan  6 12:05:48 2018] <bartavelle> 8.6.1
[Sat Jan  6 12:05:50 2018] <anton-trunov> I tested with Coq 8.7.1
[Sat Jan  6 12:06:07 2018] <pgiarrusso> anton-trunov: ssreflect is merged since 8.7
[Sat Jan  6 12:06:07 2018] <bartavelle> argh :(
[Sat Jan  6 12:06:14 2018] <pgiarrusso> bartavelle: any dependent types in your goal?
[Sat Jan  6 12:06:22 2018] <bartavelle> that is my exact goal : http://lpaste.net/3424182772887977984
[Sat Jan  6 12:06:29 2018] <pgiarrusso> in the types of a, b, c, d?
[Sat Jan  6 12:07:35 2018] <pgiarrusso> uh
[Sat Jan  6 12:07:51 2018] <bartavelle> ah but it runs f_equal on the inner pair
[Sat Jan  6 12:07:57 2018] <bartavelle> (looks like)
[Sat Jan  6 12:08:01 2018] <pgiarrusso> wat
[Sat Jan  6 12:08:05 2018] <pgiarrusso> not surprised
[Sat Jan  6 12:09:05 2018] <pgiarrusso> maybe something like enough a = b as [ -> ] by trivial would be safer
[Sat Jan  6 12:09:18 2018] <pgiarrusso> but you need your actual a and b (the functions)
[Sat Jan  6 12:09:24 2018] <bartavelle> is there a trick to help it figure out this problem? Or an already existing theorem like " (a,c) = (b,c) <-> a = b "
[Sat Jan  6 12:09:58 2018] <pgiarrusso> you could just prove that lemma yourself and use it with apply
[Sat Jan  6 12:10:05 2018] <bartavelle> oh well
[Sat Jan  6 12:10:08 2018] <bartavelle> I'll just do that
[Sat Jan  6 12:10:10 2018] <bartavelle> thanks!
[Sat Jan  6 12:10:32 2018] <pgiarrusso> (or search for it, but I doubt people would bother adding it to the library)
[Sat Jan  6 12:11:36 2018] <pgiarrusso> you might need to specify c to apply to help inference
[Sat Jan  6 12:26:18 2018] <anton-trunov> bartavelle: if you use the `f_equal` tactic, what error message Coq gives you back?
[Sat Jan  6 12:31:15 2018] <bartavelle> Unable to unify "pair (fun s0 : S => (fun t : S => a (mappend s (mappend s0 t)), snd (a (mappend s s0))))" with
[Sat Jan  6 12:31:16 2018] <bartavelle>  "pair (fun t : S => (fun t0 : S => a (mappend (mappend s t) t0), snd (a (mappend s t))))".
[Sat Jan  6 12:34:11 2018] <anton-trunov> can you try `f_equal.`? (not `apply f_equal.`)
[Sat Jan  6 14:52:17 2018] <lyxia> f_equal2
[Sat Jan  6 14:54:08 2018] <lyxia> ah, f_equal the tactic may apply f_equal or f_equal2 (or ...) the lemmas
[Sat Jan  6 17:12:01 2018] <bartavelle> f_equal on its own worked!
[Sat Jan  6 23:19:50 2018] <gamept> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄ LRH IS LIVE NOW!! TODAYS EDITION SLIMER GETS FUCKED IN VEGAS!! https://www.youtube.com/user/l0de/live CALL 315-505-4666 kcgnleidge: bacam edwardk dmiles ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Sat Jan  6 23:19:50 2018] <gamept> ▄▄▄▄▄▄▄▄▄▄▄▄▄ LRH IS LIVE NOW!! TODAYS EDITION SLIMER GETS FUCKED IN VEGAS!! https://www.youtube.com/user/l0de/live CALL 315-505-4666 nnytnao: bacam dmiles schoppenhauer ▄▄▄▄▄▄▄▄▄▄▄
[Sat Jan  6 23:35:52 2018] <scpHVU61U> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ LRH IS LIVE NOW!! TODAYS EDITION SLIMER GETS FUCKED IN VEGAS!! https://www.youtube.com/user/l0de/live CALL 315-505-4666 jenticsxd: bitonic ertes leah2 ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Sat Jan  6 23:35:52 2018] <scpHVU61U> ▄▄▄▄▄▄▄▄▄▄ LRH IS LIVE NOW!! TODAYS EDITION SLIMER GETS FUCKED IN VEGAS!! https://www.youtube.com/user/l0de/live CALL 315-505-4666 wcplpowol: anton-trunov zgrepc otto_s ▄▄▄▄▄▄▄▄▄▄▄▄▄
[Sat Jan  6 23:35:52 2018] <scpHVU61U> ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ LRH IS LIVE NOW!! TODAYS EDITION SLIMER GETS FUCKED IN VEGAS!! https://www.youtube.com/user/l0de/live CALL 315-505-4666 xpjxcmqjv: dolio otto_s lynn ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
[Sun Jan  7 02:44:49 2018] <johnw> jgross: ping
[Sun Jan  7 09:51:56 2018] <sbp> huh, I just found http://web.mit.edu/cpitcla/www/coq-rst/tactics.html
[Sun Jan  7 09:52:01 2018] <sbp> created by https://www.csail.mit.edu/person/clement-pit-claudel apparently
[Sun Jan  7 09:52:22 2018] <sbp> (in Chlipala's research group at MIT)
[Sun Jan  7 12:09:01 2018] <sud> how can I change the keybindings of proof general in emacs?
[Sun Jan  7 13:33:09 2018] <Steverman> I am trying to understand Calculus of Constructions, but I have forgotten the basic formalities. Can someone point me to learning materials?
[Sun Jan  7 13:37:08 2018] <Steverman> I want to be able to create proof trees through rules of inference (Am I right on this?)
[Sun Jan  7 15:48:34 2018] <jmagnusj> Hi, when extracting to ocaml is it possible to map string to ocaml's string type? I see there is this issue: https://github.com/coq/coq/issues/2747
[Sun Jan  7 15:55:49 2018] <dh`> it will be at best hard
[Sun Jan  7 15:55:56 2018] <dh`> also strings in coq kinda suck
[Sun Jan  7 15:56:00 2018] <dh`> (at least for now)
[Sun Jan  7 15:57:08 2018] <dh`> ocaml's string type is opaque; coq's is inductive
[Sun Jan  7 15:57:19 2018] <dh`> you'll have to e.g. never match on strings, which means you can't prove anything at all
[Sun Jan  7 15:57:26 2018] <dh`> or write much of anything at all
[Sun Jan  7 16:05:20 2018] <dh`> and there's next to no existing string library to fall back on, either
[Sun Jan  7 16:05:27 2018] <dh`> (I've been working on that)
[Sun Jan  7 16:13:06 2018] <darktenaibre> errr, what's wrong with extraction directive ? sure the extracted code might not be stellar in terms of efficiency if you do the minimal amount of work, but I don't see why it shouldn't work as easily as nat in principle ? https://coq.inria.fr/distrib/current/refman/extraction.html#sec818
[Sun Jan  7 16:16:13 2018] <dh`> it runs, it gives output that is not ocaml strings
[Sun Jan  7 16:16:22 2018] <dh`> (or ocaml characters either, afaik)
[Sun Jan  7 16:22:00 2018] <darktenaibre> I don't see why the "Extract Inductive" directive on both ascii and string to get ocaml strings as output
[Sun Jan  7 16:22:42 2018] <darktenaibre> I mean as per the example beneath the line "
[Sun Jan  7 16:22:43 2018] <darktenaibre> As an example of translation to a non-inductive datatype, let’s turn nat into Ocaml’s int (see caveat above):
[Sun Jan  7 16:22:46 2018] <darktenaibre> "
[Sun Jan  7 16:22:52 2018] <darktenaibre>  in the refman page I quoted
[Sun Jan  7 16:23:42 2018] <darktenaibre> (sorry I am unable to run coq right now to double-check this; I do remember having used those directive in the past for similar purposes though)
[Sun Jan  7 16:28:29 2018] <jmagnusj> Perhaps it would be possible to use functors and provide the implementation in ocaml?
[Sun Jan  7 16:29:00 2018] <dh`> I don't konw. I have yet to look into this part of things
[Sun Jan  7 16:29:13 2018] <dh`> started to a while back, but then got distracted by RL
[Sun Jan  7 16:30:08 2018] <jmagnusj> darktenaibre: examples I've seen go as far as mapping ascii to char, but not as far as mapping list of char to string
[Sun Jan  7 16:31:10 2018] <jmagnusj> dh: to write a better string library?
[Sun Jan  7 16:36:00 2018] <darktenaibre> Extract Inductive string => "string" [ "\"\"" (fun a b -> (string_of_char a) ^ b)"] "(fun e c s -> if s = "" then e else c s.[0] (String.sub s 1 (String.length s - 1)))"
[Sun Jan  7 16:37:17 2018] <darktenaibre> (untested ass-pull, supposing you did ascii -> char)
[Sun Jan  7 16:38:35 2018] <dh`> jmagnusj: I have been working on a string library ever since I discovered coq doesn't come with a String_as_OT
[Sun Jan  7 16:38:45 2018] <dh`> so you can't have maps from string to t without writing your own
[Sun Jan  7 16:39:20 2018] <dh`> I have mostly been working on the code itself (as in, what string operations to have, what to call them, etc.) and its proofs, and thinking about how to present it as a library
[Sun Jan  7 16:40:00 2018] <dh`> extraction is on my list of things to worry about but real life stuff intervened shortly after I started looking into it
[Sun Jan  7 16:44:45 2018] <jmagnusj> darktenaibre: Extract Inductive string => "string" [ """""" "(fun a b -> (string_of_char a) ^ b)"] "(fun e c s -> if s = "" then e else c s.[0] (String.sub s 1 (String.length s - 1)))".
[Sun Jan  7 16:45:05 2018] <Steverman> w
[Sun Jan  7 16:45:05 2018] <jmagnusj> darktenaibre: that seems to work except literals aren't translated to literals
[Sun Jan  7 16:45:39 2018] <jmagnusj> darktenaibre: "+" maps to ((fun a b -> (string_of_char a) ^ b) ('+', ""))
[Sun Jan  7 16:46:36 2018] <jmagnusj> dh: cool, that seems like a worthwhile project. This is probably something everyone who wants to do program extraction runs into
[Sun Jan  7 16:47:17 2018] <jmagnusj> and while it's not a blocker it certainly is a bit offputting
[Sun Jan  7 16:48:30 2018] <dh`> having to do all your own string stuff is a barrier that presumably anyone who tries to do anything text-oriented runs into, extraction or not
[Sun Jan  7 16:48:50 2018] <dh`> I already have about 10,000 lines of material and it's not remotely finished
[Sun Jan  7 16:51:52 2018] <jmagnusj> standar library's ExtrOcamlString has this: Extract Inductive string => "char list" [ "[]" "(::)" ].
[Sun Jan  7 16:53:20 2018] <jmagnusj> dh: wow, that's a lot. Perhaps there's a smaller kernel of the most basic functionality that can be published?
[Sun Jan  7 16:55:28 2018] <jmagnusj> darktenaibre: One can hope that the ocaml compiler is smart enough to evaluate the string at compile time. In worst case you can give the strings names and evaluate them once so this goes pretty far.
[Sun Jan  7 16:58:19 2018] <jmagnusj> dh: is your effort related to this? https://github.com/mit-plv/fiat/blob/master/src/Common/String_as_OT.v
[Sun Jan  7 17:01:09 2018] <dh`> no
[Sun Jan  7 17:01:20 2018] <dh`> I'm sure there are a bunch of String_as_OT implementations
[Sun Jan  7 17:01:40 2018] <dh`> jmagnusj: the goal is to have a real string library (comparable to, say, python)
[Sun Jan  7 17:04:47 2018] <jmagnusj> dh: gotcha. cool
[Sun Jan  7 17:14:42 2018] <dh`> the size isn't that surprising; basically you end up with O(n^2) lemmas when you apply any one string op to any other
[Sun Jan  7 17:15:06 2018] <dh`> and so far I haven't tried to shorten the proofs by writing ltac (and I'm not convinced anything would actually end up shorter)
[Sun Jan  7 17:16:31 2018] <dh`> oh, since that bug report was on github: is github or the inria bugzilla I have a link for somewhere the proper place to file bugs?
[Sun Jan  7 17:30:20 2018] <anton-trunov> dh`: the Coq team uses Github pretty much for everything nowadays, so you should file your issues on gihub
[Sun Jan  7 17:31:58 2018] <dh`> noted
[Sun Jan  7 17:55:10 2018] <darktenaibre> jmagnusj: yeah, efficient translation of litterals is something I wouldn't know how to deal with automatically; I guess that if you only have very few of them in your program, you may pack them in a Definition and use "Extract Constant" as a crutch (and my gut feeling is that the ocaml compiler might not be too stellar in optimizing this kind of code, but I don't know really)
[Sun Jan  7 17:55:37 2018] <dh`> hmm
[Sun Jan  7 17:55:54 2018] <dh`> looking at the extraction manual again, I don't see any reason why it shouldn't be possible to do it the same way as it shows for nat
[Sun Jan  7 17:56:02 2018] <dh`> (and it may already, haven't tried)
[Sun Jan  7 17:56:07 2018] <dh`> but it'll still be pretty crap code
[Sun Jan  7 17:57:34 2018] <darktenaibre> yes; but if you're going to do this, you might as well use Extract Constant for any function defined in the OCaml stdlib to achieve similar efficiency
[Sun Jan  7 17:59:09 2018] <darktenaibre> (you may both shadow term with this directive, or just use it on axioms and axiomatize the stdlib iirc)
[Sun Jan  7 17:59:35 2018] <dh`> the ocaml string library doesn't have a whole lot in it, and it's not proven correct either ;-)
[Sun Jan  7 18:00:29 2018] <dh`> I think the right way to do it is to provide equivalences from normal coq code to coq code written in the style of ocaml strings (which doesn't require mutation but does typically require e.g. for-loops)
[Sun Jan  7 18:01:35 2018] <dh`> and then have the extraction specifically use the ocaml-style ones when doing ocaml extraction, so what you get out (for the string library code anyway) is decent ocaml code that the ocaml compiler can do something useful with.
[Sun Jan  7 18:01:54 2018] <dh`> but you don't want this for haskell extraction since haskell has a quite different model of strings.
[Sun Jan  7 18:04:26 2018] <dh`> this only helps your own string code if you avoid ever doing matching or consing of strings yourself, though.
[Sun Jan  7 18:17:09 2018] <dh`> of course, this assumes it works. Is it possible to tell the extraction system to extract foo' when asked for foo?
[Sun Jan  7 18:39:26 2018] <darktenaibre> yes, this is what "Extract Constant" does
[Sun Jan  7 19:34:50 2018] <dh`> ah, it doesn't have to be a string on the RHS, but can be something else to be extracted recursively?
[Sun Jan  7 19:40:01 2018] <dh`> bah
[Sun Jan  7 19:40:17 2018] <dh`> is there a way to state assumptions that coqide doesn't label yellow?
[Sun Jan  7 19:41:03 2018] <dh`> I would like it (temporarily at least) to mark only missing obligations (e.g. admits) yellow, and not axioms
[Sun Jan  7 20:19:33 2018] <dh`> ok, I think I'm a good way towards making this extract decently
[Sun Jan  7 20:21:09 2018] <dh`> next question is how to concoct something for coq that can extract to an ocaml for-loop
[Sun Jan  7 20:21:24 2018] <dh`> maybe just fold_left will work...
[Sun Jan  7 20:22:09 2018] <dh`> but I kinda want to prove equivalence somehow
[Sun Jan  7 20:38:33 2018] <pgiarrusso> dh`: sorry to ask, but do you plan to open-source this eventually? If so, why not OS IT
[Sun Jan  7 20:38:46 2018] <pgiarrusso> *OS it now?
[Sun Jan  7 20:59:59 2018] <jmagnusj> dh, that's unfortunate if you need O(n^2) proofs
[Sun Jan  7 21:00:29 2018] <jmagnusj> dh`, I'm sure you've thought about whether there's a better approach
[Sun Jan  7 23:29:52 2018] <dh`> you want the O(n^2) proofs, and not very many of the lemmas are hard
[Sun Jan  7 23:29:56 2018] <dh`> erm
[Sun Jan  7 23:30:04 2018] <dh`> you want the O(n^2) lemmas, and not very many of the proofs are hard (or long)
[Sun Jan  7 23:31:10 2018] <dh`> pgiarrusso: of course it will be, since the goal is to get it merged upstream (in the coq standard library)
[Sun Jan  7 23:31:39 2018] <dh`> but it's not done and posting not-done stuff in public has rarely proved beneficial in the past
[Sun Jan  7 23:32:53 2018] <dh`> ...however, that was an interesting proof I just did so maybe I should post it somewhere anyway
[Sun Jan  7 23:33:20 2018] <dh`> needed to generalize before inducting, but then weaken the generalization
[Mon Jan  8 03:46:58 2018] <pgiarrusso> dh`: most open-source projects are indeed ignored, but you want this merged upstream and used
[Mon Jan  8 03:47:19 2018] <pgiarrusso> dh`: which means that you want other people to approve of the design
[Mon Jan  8 03:48:08 2018] <pgiarrusso> dh`: so, either you come up with the perfect design alone, or you get others involved early
[Mon Jan  8 03:49:05 2018] <pgiarrusso> dh`: to avoid the O(n^2) lemmas, can’t you follow the same trick as shortcut or stream fusion? prove that all the functions can be expressed using some primitive, then devise some fusion/swap lemmas?
[Mon Jan  8 03:51:13 2018] <pgiarrusso> in Haskell you can *write* the functions using some primitive and get the compiler to optimize them together (mostly); that doesn’t work in OCaml, but the equivalences should keep holding (at least when the function arguments of the primitives are total)
[Mon Jan  8 03:58:59 2018] <pgiarrusso> or let me rephrase: that doesn’t “just work”, but it suggests you might not have to prove O(n^2) lemmas, or at least not fully independently
[Mon Jan  8 03:59:22 2018] <pgiarrusso> (but I’m not an expert of fusion and fusion rules)
[Mon Jan  8 04:02:01 2018] <pgiarrusso> but even if you don’t like such feedback, you’ll get it sooner or later if you want it merged... so trying to develop this alone sounds a bit like hybris ;-)
[Mon Jan  8 04:51:20 2018] <dh`> well, maybe. let me put it another way: it's not ready for anyone else to look at until it's gotten quite a bit further.
[Mon Jan  8 04:51:54 2018] <dh`> as for fusion, I'm not sure what you mean.
[Mon Jan  8 04:53:40 2018] <dh`> as a random example, though, consider forall x xs, String.In x xs -> exists m, String.find x (String.concat xs) = Some m.
[Mon Jan  8 04:53:51 2018] <dh`> actually that should be List.In
[Mon Jan  8 04:54:26 2018] <dh`> where find looks for the offset of a substring (like strstr in C) and String.concat concats a list of strings into one string
[Mon Jan  8 04:55:05 2018] <dh`> the proof for this is neither long nor difficult (although I don't think it's one I've done yet)
[Mon Jan  8 04:55:56 2018] <dh`> basically it goes by induction xs, and either x is the first in xs and the offset is 0, or you go by the induction hypothesis.
[Mon Jan  8 04:56:42 2018] <dh`> but so far I haven't seen any useful way to automate the proofs, let alone automate writing the lemmas somehow.
[Mon Jan  8 04:57:23 2018] <dh`> or for another one, forall c x xs, List.In x xs -> String.In c x -> String.In c (String.concat xs)
[Mon Jan  8 05:07:48 2018] <dh`> or, say, forall f k n, k < n -> String.In (f k) (String.init f n). (where init is like in ocaml)
[Mon Jan  8 05:09:42 2018] <dh`> or forall xs, String.length (String.concat xs) = nat_sum (map String.length xs)
[Mon Jan  8 05:10:07 2018] <dh`> there's just a lot of these if one's trying to be complete, and I am
[Mon Jan  8 08:23:17 2018] <sbp> hey. I created a simple inductive type "Truebox : bool -> Set := | truebox : Truebox true". now I want to prove that "Truebox false -> False", i.e. there's no way to construct Truebox false, which is obvious because the truebox constructor discards its bool argument and always uses constant true instead. the term for this is simple, and with refine the proof is "refine (fun F : Truebox false => match F with end)."
[Mon Jan  8 08:24:42 2018] <sbp> my question is: can the same term be generated using case or some other tactic that doesn't involve just using the term language? in other words, is there a more tactical way to prove this? I've tried looking through the manual for different ways to invoke "case" but I couldn't find one that works. case itself generates "match F with | truebox => ?Goal end"
[Mon Jan  8 08:25:09 2018] <Cypi> `inversion` will do that. `intros H; inversion H.` or just `inversion 1.` completes your goal.
[Mon Jan  8 08:26:10 2018] <Cypi> (the proof term will be uglier though)
[Mon Jan  8 08:26:24 2018] <sbp> Cypi: ah beautiful, thanks! yeah, that's fine though since that's pretty much expected with tactics
[Mon Jan  8 08:29:38 2018] <sbp> ironically I had already looked at the proof term that inversion generated, but I didn't think to check to see if it actually completed the proof. heh
[Mon Jan  8 08:30:12 2018] <sbp> it didn't look like the short term I wanted so I just ignored it
[Mon Jan  8 08:52:31 2018] <pgiarrusso> sbp: haven’t checked, but `intros H; dependent destruction H.` might also do that proof, and with a smaller proof term
[Mon Jan  8 08:58:51 2018] <pgiarrusso> dh`: “not ready to look at until it’s gotten further” is often a fallacy, I’m not sure this is an exception (unless people will pile on you with negative criticism, which seems unexpected)
[Mon Jan  8 09:01:01 2018] <pgiarrusso> dh`: “fusion” refers to either loop fusion (in imperative languages) or shortcut fusion/stream fusion (in functional languages, often Haskell)
[Mon Jan  8 09:01:54 2018] <pgiarrusso> fusion tries to remove intermediate data structures from string-processing pipelines (not relevant here), which would naively need O(n^2) rules
[Mon Jan  8 09:02:23 2018] <pgiarrusso> to avoid that, all operators are expressed into some primitive, then some rewrite rules are used for optimization
[Mon Jan  8 09:02:35 2018] <pgiarrusso> that general strategy seems potentially helpful here
[Mon Jan  8 09:03:14 2018] <pgiarrusso> for instance, your length/concat lemma (11:09 AM <dh`> or forall xs, String.length (String.concat xs) = nat_sum (map String.length xs)) seems to involve swapping folds
[Mon Jan  8 09:04:05 2018] <pgiarrusso> I’m not an expert of the right research area, but it should be possible to derive such theorems from more general principles
[Mon Jan  8 09:05:59 2018] <pgiarrusso> dh`: one well-known paper on the topic is https://www.dropbox.com/s/7chntgnevsoc3fl/A%20tutorial%20on%20the%20universality%20and%20expressiveness%20of%20fold%20-%20fold.pdf?dl=0
[Mon Jan  8 09:06:17 2018] <pgiarrusso> but there are people who are far more qualified than me to comment
[Mon Jan  8 09:06:46 2018] <pgiarrusso> (this is the whole Squiggol research tradition, which merged into Haskell more than ML)
[Mon Jan  8 12:02:28 2018] <sbp> pgiarrusso: gives me a syntax error in Coq 8.7.1. strange though, the manual indicates it should be okay. (error: "'induction' or 'generalize_eqs_vars' or 'generalize_eqs' or 'rewrite' or 'simple' 'inversion' expected after 'dependent' (in [tactic:simple_tactic])")
[Mon Jan  8 12:05:08 2018] <pgiarrusso> sbp: missing some import, or using a different manual version?
[Mon Jan  8 12:05:31 2018] <pgiarrusso> (needed imports are somewhere in the manual)
[Mon Jan  8 12:09:34 2018] <sbp> oh yes, sorry. needed Coq.Program.Equality. thanks!
[Mon Jan  8 13:29:15 2018] <dh`> pgiarrusso: there's a level of doneness before which posting work in progress isn't helpful
[Mon Jan  8 13:29:31 2018] <dh`> especially when further progress is slow
[Mon Jan  8 13:30:02 2018] <dh`> it is time I posted on coq-club about the general layout of the thing
[Mon Jan  8 13:30:21 2018] <dh`> but that's about it for the time being.
[Mon Jan  8 13:31:00 2018] <dh`> as for fold fusion, now I see what you mean. yes, many string ops can be written as folds and fusing compound folds is a nice way to do certain things
[Mon Jan  8 13:31:00 2018] <dh`> but
[Mon Jan  8 13:31:23 2018] <dh`> reasoning about folds in coq is a gigantic pain (I have already complained about this a number of times ;-) )
[Mon Jan  8 13:31:44 2018] <dh`> and so none of the functions are written as folds natively so proofs go through.
[Mon Jan  8 13:32:16 2018] <dh`> this might be a good way to automate string proofs, and I will definitely think on that
[Mon Jan  8 13:32:38 2018] <dh`> but I don't see any way to derive an automated way to *write down* the O(n^2) lemmas
[Mon Jan  8 13:32:44 2018] <dh`> if you know of one, please share
[Mon Jan  8 13:46:11 2018] <dh`> for the proofs, seems like one can write down a fold version of each function (these are maybe wanted anyway for ocaml extraction), prove each equivalent, then use a private hint database to apply the equivalences, then write some automation on the resulting folds
[Mon Jan  8 13:46:22 2018] <dh`> might work, worth a try.
[Mon Jan  8 14:21:32 2018] <pgiarrusso> dh`: yep — once you rewrite as much as possible to folds, some theorems should be reducible to general theorems on folds
[Mon Jan  8 14:22:06 2018] <pgiarrusso> one annoyance is that running those folds sometimes works better with *lazy* folds — that doesn’t matter in Coq, but it might affect extraction
[Mon Jan  8 14:23:20 2018] <pgiarrusso> for instance, you can search for the first element satisfying `p` with a `fold_right`, but an eager `fold_right` will IIRC always scan the entire list
[Mon Jan  8 14:25:10 2018] <pgiarrusso> also, GHC’s optimizer is aggressive enough it can be convinced to fuse compound folds often, while OCaml’s optimizer is much more predictable but also conservative
[Mon Jan  8 14:25:37 2018] <pgiarrusso> but all these questions about optimizations affect only extraction to OCaml, not the proofs
[Mon Jan  8 15:49:37 2018] <dh_work> the reason to write in terms of folds for extraction to ocaml is that what I was doing last night was writing and proving an embedding of string.foldi_left in an ocaml for-loop
[Mon Jan  8 15:50:52 2018] <dh_work> even if extracting a composition of these generates terrible code (as it probably will) it'll still beat faking pattern-matching on ocaml strings.
[Mon Jan  8 16:16:21 2018] <pgiarrusso> I’m sure you know more OCaml than me :-)
[Mon Jan  8 16:16:44 2018] <pgiarrusso> however: I’d guess fold_left *will* throw a wrench into proofs
[Mon Jan  8 16:17:04 2018] <pgiarrusso> using just fold_right works nicely for proofs
[Mon Jan  8 16:18:20 2018] <pgiarrusso> though `fold_left` might help in an eager language? (not sure?) maybe `fold_right` with thunks will do better though
[Mon Jan  8 16:19:15 2018] <pgiarrusso> simply encoding call-by-name with `Unit -> T` should be “lazy enough” to write a search using `fold_right` — and it’s a search finding the *first* match
[Mon Jan  8 18:57:43 2018] <dh_work> easier to write a custom thing that extracts to a loop that stops early
[Mon Jan  8 18:57:53 2018] <dh_work> at least, assuming ocaml allows that, which on reflection I'm not sure about
[Mon Jan  8 19:02:57 2018] <rrika> what tactic can I use to turn "|- {x : nat & P x}" into "|- P ?x"
[Mon Jan  8 19:03:37 2018] <Cypi> `eexists` or `econstructor` should work I think
[Mon Jan  8 19:04:04 2018] <rrika> ooh, thanks
[Mon Jan  8 19:32:38 2018] <dh_work> pgiarrusso: I don't know that much about ocaml really, only really used it for one real project so far
[Mon Jan  8 19:32:53 2018] <dh_work> the important thing though is that its string type isn't an inductive type.
[Mon Jan  8 19:49:55 2018] <dh_work> and, internally, strings aren't cons-lists, so manipulating them like they are is expensive
[Tue Jan  9 10:47:39 2018] <Steverman> I am trying to rewrite a Fixpoint to Inductive, but I am not sure if I have written my Inductive correct: https://gist.github.com/Steverman/05421617bcca1774dfec6b1594fbfe1e
[Tue Jan  9 10:50:03 2018] <Cypi> This looks correct to me. However, I would not use equalities for e_n2_eq and so on, but directly `e_n2_eq : forall n t1 t2, Elem' n (Node2 t1 n t2)`.
[Tue Jan  9 10:50:14 2018] <Cypi> both are correct I think, it's just a matter of taste
[Tue Jan  9 10:50:29 2018] <Steverman> I see
[Tue Jan  9 10:51:08 2018] <Steverman> And changing between them also changes how the proof is made?
[Tue Jan  9 10:51:17 2018] <Steverman> written*
[Tue Jan  9 10:51:35 2018] <Cypi> You mean, between with an equality or without?
[Tue Jan  9 10:51:42 2018] <Steverman> Fixpoint and Inductive
[Tue Jan  9 10:51:46 2018] <Cypi> oh, right
[Tue Jan  9 10:52:19 2018] <Steverman> Because I am trying it out on an old proven Lemma
[Tue Jan  9 10:52:22 2018] <Cypi> Well in this case, it should not matter much. But having an Inductive allows you to perform an induction directly on it
[Tue Jan  9 10:52:30 2018] <Cypi> that's often more natural
[Tue Jan  9 10:52:51 2018] <Cypi> (you should be able to write the same induction principle for the Fixpoint version of course, it's just that you get it for free with the Inductive)
[Tue Jan  9 10:52:52 2018] <Steverman> This for example: forall t k, Elem' k (Insert k t).
[Tue Jan  9 10:53:27 2018] <Steverman> Which I did induction on the tree on
[Tue Jan  9 10:53:43 2018] <Steverman> Sorry, -on
[Tue Jan  9 11:08:23 2018] <Steverman> I get stuck here: https://i.imgur.com/PskEZvo.png
[Tue Jan  9 11:09:56 2018] <Cypi> The hypothesis IHt1 should get you everything you need
[Tue Jan  9 11:10:18 2018] <Cypi> If you use `inversion` on it, it should give you three subgoals which will be easy to solve
[Tue Jan  9 11:10:42 2018] <Steverman> Ah, I thought it was wrong to do :)
[Tue Jan  9 11:12:29 2018] <Steverman> I end up in the same situation in the third goal
[Tue Jan  9 11:12:58 2018] <Steverman> Oh maybe..
[Tue Jan  9 11:13:14 2018] <Steverman> No :(
[Tue Jan  9 11:13:20 2018] <Cypi> In the third goal you should have `Elem' k t0` in your hypotheses, shouldn't you?
[Tue Jan  9 11:13:32 2018] <Steverman> I do, but goal is Elem' k t
[Tue Jan  9 11:13:57 2018] <Cypi> How has the goal changed? In your image it's `Elem' k (Node3 ...)`
[Tue Jan  9 11:14:04 2018] <Cypi> have you used `constructor`?
[Tue Jan  9 11:14:25 2018] <Steverman> apply e_n3_left.
[Tue Jan  9 11:14:33 2018] <Steverman> Oh
[Tue Jan  9 11:14:40 2018] <Steverman> I see
[Tue Jan  9 11:14:40 2018] <Cypi> Well, why this one?
[Tue Jan  9 11:14:41 2018] <Steverman> ;D
[Tue Jan  9 11:14:44 2018] <Cypi> ok x)
[Tue Jan  9 11:15:18 2018] <Steverman> Thanks!
[Tue Jan  9 11:18:22 2018] <gallais> 16:53 < Cypi> Well in this case, it should not matter much. But having an Inductive allows you to perform an induction directly on it
[Tue Jan  9 11:18:36 2018] <gallais> feels like `functional induction` ought to deliver the same functionality
[Tue Jan  9 11:30:20 2018] <Steverman> Cypi: I am not exactly what I am doing here. It works, but I don't have the overall idea
[Tue Jan  9 11:34:20 2018] <Steverman> So I suppose I am doing case analysis on comparison ( ?= ), and right now I am at "Lt". For the Node2 case, it is easy to use the constructor, as it has to be left subtree because (k < n).
[Tue Jan  9 11:38:31 2018] <Steverman> inversion IHt1 creates 2 additional subgoals, where I applied "e_n3_eq1", "e_n3_left" and "e_n3_middle"
[Tue Jan  9 11:49:43 2018] <jgross> johnw: pong 
[Tue Jan  9 12:40:03 2018] <Steverman> Does this make sense? I made a map function for trees. I want to prove: Lemma Elem_map : forall (f : nat -> nat) (k : nat), exists (t : Tree), + Elem' (f k) (tree_map f t).
[Tue Jan  9 12:41:56 2018] <Steverman> Elem is a predicate defining a proposition about whether a key belongs to a tree
[Tue Jan  9 12:42:37 2018] <Steverman> The only reason why I used exists is because the tree can be empty
[Tue Jan  9 12:57:35 2018] <pgiarrusso> gallais: when `functional induction` works well you’re probably right
[Tue Jan  9 13:28:37 2018] <johnw> jgross: I've forgotten now what that ping was for :)
[Tue Jan  9 14:00:37 2018] <Steverman> Slight change: Lemma Elem_map' :forall (f : nat -> nat) (k : nat) (t : Tree), Elem' k t -> Elem' (f k) (tree_map f t).
[Wed Jan 10 10:53:45 2018] <takanuva> can I prove in Coq that (exists x1, ..., exists xn, foo) <-> forall p: (exists x1, ..., exists xn), foo? (i.e., "extracting" the "rightmost" nested type from the existential)
[Wed Jan 10 10:55:38 2018] <modulus> if i get what you want to do, probably you can destruct the type.
[Wed Jan 10 10:57:21 2018] <Cypi> Let's say n=1 for simplicity. What you want if I understand correctly is `(exists (x : T), foo) <-> (forall (p : T), foo)`, so if your types are not dependent, you want an equivalence between `T * foo` and `T -> foo`. That's not possible in general
[Wed Jan 10 10:57:56 2018] <takanuva> I'm still learning Coq, I'd like to state this theorem, but I don't know how I can make this for an arbitraty number of nested "exists" clauses... I mean, I would need to match on the type of the second element to see if it is an existential as well
[Wed Jan 10 10:59:00 2018] <takanuva> it's impossible to prove, or is it just not true in geral? (I'm trying to check this on the dependent case, foo may depend on the previous assumptions)
[Wed Jan 10 11:00:01 2018] <Cypi> It's not true. Unless what you've written is not what you want
[Wed Jan 10 11:00:28 2018] <Cypi> The left hand-side of your equivalence is basically a tuple with (n+1) elements, while the right hand-side is a function that takes a tuple with n elements and return 1 value
[Wed Jan 10 11:03:10 2018] <takanuva> e.g., I'd like to show that ~(exists x: nat, exists y: nat, foo x y) is logically equivalent to ~(forall p: (exists x: nat, nat), foo (fst p) (snd p)), that I could curry the last item
[Wed Jan 10 11:03:36 2018] <takanuva> (in this case, n = 2, but if possible I could show that for any n)
[Wed Jan 10 11:05:27 2018] <Cypi> But it's not I think? Take for instance `foo x y := x = y`. In that case you mean to prove that `exists x, exists y, x = y` is equivalent to `forall (p : exists x, nat), fst p = snd p`, which is false
[Wed Jan 10 11:05:39 2018] <Cypi> The first one is provable, while the second is simply false
[Wed Jan 10 11:07:05 2018] <takanuva> lemme check that particular example here... if this is not true as you said, I'll have major problems with the calculus I'm trying to make :(
[Wed Jan 10 11:07:43 2018] <Cypi> If you're talking about currying, maybe you mean something like: `(forall p: (exists x1, ..., exists xn, foo), T) <-> (forall p: (exists x1, ..., xn), foo -> T)`
[Wed Jan 10 11:13:01 2018] <takanuva> oh, of course!
[Wed Jan 10 11:13:15 2018] <takanuva> that isn't supposed to be a "forall", that's supposed to be another exists
[Wed Jan 10 11:13:44 2018] <Cypi> Right, that would work too
[Wed Jan 10 11:13:50 2018] <takanuva> so ~(exists x: nat, exists y: nat, foo x y) <-> ~(exists p: (exists x: nat, nat), foo (fst p) (snd p))
[Wed Jan 10 11:14:34 2018] <Cypi> That's certainly provable. But as you said, it's not very easy to express for any `n`.
[Wed Jan 10 11:15:29 2018] <takanuva> I'm working on a dependent continuation-passing style calculus for my master's, I'd like to conjecture that such conversion is sound for any n, then I got curious if it would be provable in Coq
[Wed Jan 10 11:18:26 2018] <takanuva> is it impossible, or just difficult?
[Wed Jan 10 11:18:45 2018] <Cypi> just difficult (I'm trying to write something about one way to do it, I think)
[Wed Jan 10 11:21:09 2018] <Cypi> So...I should try to do it to make sure it's reasonable, but I would start by defining a type of nested existentials (aka telescopes) of length n, something basically equivalent to `exists x1, ..., xn`
[Wed Jan 10 11:21:44 2018] <Cypi> Then you need a function to extract the last Type in this telescope. Except that it can't be just a `Type`, since it might depend on the head of the Telescope...
[Wed Jan 10 11:22:11 2018] <Cypi> If you have these ingredients, you can state what you want in terms of this kind of Telescopes
[Wed Jan 10 11:24:21 2018] <takanuva> hm, I'll try that
[Wed Jan 10 11:24:24 2018] <takanuva> thank you very much :)
[Thu Jan 11 08:20:33 2018] <rrika> Is it possible to prove (forall (A:Type) (a b: A), {a=b}+{~a=b}) -> False?
[Thu Jan 11 08:20:54 2018] <rrika> In other words, is there a type that has provably undecidable equality?
[Thu Jan 11 08:21:08 2018] <Cypi> No, since Coq is consistent with classical axioms
[Thu Jan 11 08:29:47 2018] <rrika> Cypi, thank you
[Thu Jan 11 08:30:20 2018] <rrika> another question, if I have a function of type "forall (A:Type), A -> nat" then can I show that the function can not distinguish different objects of type A?
[Thu Jan 11 08:31:30 2018] <Cypi> In the metatheory it's a parametricity result and you certainly can. But internally, I don't think so. That is, you won't be able to prove something like `forall A x y, f A x = f A y`
[Thu Jan 11 08:33:06 2018] <rrika> thanks again
[Thu Jan 11 09:12:55 2018] <Migi32> hi. If I have a proof that a certain natural number exists, I can't use it in fixpoints for some reason related to proofs being in Prop and not Type that I don't fully understand. But could I write a program that searches for the number, turning my proof that the number exists into a proof that the program will terminate? Or would that run into the same typing problems?
[Thu Jan 11 09:13:20 2018] <Migi32> I have no upper bound for the number unfortunately.
[Thu Jan 11 09:35:38 2018] <benzrf> Migi32: unfortunately you can't do this
[Thu Jan 11 09:35:46 2018] <benzrf> oh actually hmm hold on
[Thu Jan 11 09:36:17 2018] <benzrf> well, i do know you can't use [~~exists n, P n] as a proof of termiantion to search for a number - but if you have actual exists, id have to consider
[Thu Jan 11 09:37:05 2018] <benzrf> but fwiw the Prop thing is that you can't eliminate a value whose type is a Prop if the result of the elimination has a type which isn't a Prop
[Thu Jan 11 09:37:29 2018] <benzrf> *except* for some special cases for single-constructor types and empty types iirc
[Thu Jan 11 09:37:39 2018] <benzrf> this basically enforces proof irrelevance
[Thu Jan 11 09:38:05 2018] <benzrf> but Qed marks terms opaque anyway so you can't really compute with proofs that use other proofs ended with Qed
[Thu Jan 11 09:38:07 2018] <benzrf> it's kind of a pain
[Thu Jan 11 09:38:26 2018] <benzrf> should i https://i.imgur.com/EXcbaYg.png
[Thu Jan 11 09:38:32 2018] <benzrf> fuck wrong channel lmao
[Thu Jan 11 09:39:46 2018] <Migi32> I'd fill out that question the same :)
[Thu Jan 11 09:39:50 2018] <benzrf> heh
[Thu Jan 11 09:40:16 2018] <benzrf> Migi32: in theory you should be able to rewrite the exists proof into a { | } though
[Thu Jan 11 09:40:23 2018] <benzrf> unless the proof relies on axioms
[Thu Jan 11 09:40:51 2018] <Migi32> hmm, it doesn't rely on axioms
[Thu Jan 11 09:41:05 2018] <benzrf> or even if the proof relies on axioms, actually, as long as you don't eliminate them as part of determining thje nat
[Thu Jan 11 09:41:11 2018] <Migi32> could you link me to the documentation about {|}? It's not really something I can google easily
[Thu Jan 11 09:41:20 2018] <benzrf> right haha
[Thu Jan 11 09:41:39 2018] <benzrf> it's technically called "sig" https://coq.inria.fr/library/Coq.Init.Specif.html
[Thu Jan 11 09:41:55 2018] <benzrf> it's just exists but in Type
[Thu Jan 11 09:42:26 2018] <benzrf> so you can eliminate it into Type, but on the other hand you cant eliminate Props into it
[Thu Jan 11 09:42:31 2018] <Cypi> https://coq.inria.fr/library/Coq.Logic.ConstructiveEpsilon.html isn't this what you need to go from `exists n, P n` to `{n : nat | P n}`?
[Thu Jan 11 09:42:44 2018] <benzrf> aha
[Thu Jan 11 09:42:47 2018] <benzrf> probably :D
[Thu Jan 11 09:42:50 2018] <benzrf> i forgot about that
[Thu Jan 11 09:42:55 2018] <sbp> Migi32: http://seb.mondet.org/blog/post/coqtests-01-subsets.html might help
[Thu Jan 11 09:43:07 2018] <Migi32> I'll check out all of these things thanks
[Thu Jan 11 09:43:10 2018] <Cypi> You do need P to be decidable, of course
[Thu Jan 11 09:43:30 2018] <benzrf> ah, of course
[Thu Jan 11 09:43:45 2018] <benzrf> well, i guess itd be silly to ask the original question if P wasnt decidable
[Thu Jan 11 09:43:47 2018] <benzrf> :V
[Thu Jan 11 09:45:24 2018] <benzrf> i remember struggling with an issue along these lines once, getting linked to ConstructiveEpsilon, browsing thru the code, and punching myself in the face when i saw how they did the thing
[Thu Jan 11 09:46:47 2018] <benzrf> to be precise: you cant eliminate the recursive argument if it's a prop and you're resulting in a type -
[Thu Jan 11 09:48:38 2018] <benzrf> buuuuuuuuuuuuuuuuuuuuut if you can decide externally in Type whether it's gonna be a leaf or a branch, then you CAN eliminate it *in the recursive argument* since that's a prop you can eliminate into
[Thu Jan 11 09:49:36 2018] <benzrf> i.e. you cant do match rec_arg with O' => foo | S' rec_arg' => this_func rec_arg' end
[Thu Jan 11 09:50:44 2018] <benzrf> but you *can* do match decide rec_arg with left done => foo | right notdone => this_func (match rec_arg with O' => contradiction_with_notdone | S' rec_arg' => rec_arg') end
[Thu Jan 11 09:51:19 2018] <benzrf> well, of course decide can't do that based on rec_arg itself as an argument, but if you have another argument you're carrying with you that rec_arg is parameterized over, yadda yadda
[Thu Jan 11 09:52:05 2018] <benzrf> e.g. rec_arg is a <= proof and you bring along the number so that you can compute whether the <= with the number is of the right form
[Thu Jan 11 12:28:06 2018] <pgiarrusso> aaah, so ConstructiveEpsilon implements Migi32’s idea to “search for some n such that P n”, right? I’ve just read the initial comment
[Thu Jan 11 19:30:55 2018] <dh_work> hrm, how dangerous is it to write "Axiom external_foo: string -> string." and extract it to something in ocaml that's non-stateless?
[Thu Jan 11 19:31:47 2018] <dh_work> obviously it's not a good idea, but as long as it's deterministic it doesn't seem immediately obviously wrong, either.
[Thu Jan 11 22:33:28 2018] <benzrf> how about doing a module instead
[Fri Jan 12 04:52:12 2018] <pgiarrusso> dh_work: non-stateless but deterministic isn’t enough; if it’s non-stateless but observably pure you’re fine (so a mutable memoization cache is no problem)
[Fri Jan 12 04:53:44 2018] <pgiarrusso> dh_work: otherwise you’d be postulating the lie that external_foo is a pure function when it isn’t and hell would break lose
[Fri Jan 12 04:55:07 2018] <pgiarrusso> benzrf: an axiom here is just as sound, though a module might be more flexible (you can apply the module to an axiom but also to something else)
[Fri Jan 12 06:19:46 2018] <jstolarek> I have a premiss that looks like this:
[Fri Jan 12 06:19:49 2018] <jstolarek> IH : forall (a : A) (b : B), C = D -> E = F
[Fri Jan 12 06:19:54 2018] <jstolarek> how do I match it in Ltac?
[Fri Jan 12 06:20:02 2018] <jstolarek> I tried:
[Fri Jan 12 06:20:33 2018] <jstolarek> | [ IH : forall _ _, ?A -> ?B |- _ ] =>
[Fri Jan 12 06:20:50 2018] <jstolarek> but I get "no matching clause" error
[Fri Jan 12 09:00:08 2018] <pgiarrusso> jstolarek: your thing looks about right, also against examples in http://adam.chlipala.net/cpdt/html/Cpdt.Match.html, so I’m wondering about (a) reusing `IH` might be bad (b) do `C`, `D`, `E`, or `F` use `a` or `b`? behavior in that case can be tricky
[Fri Jan 12 09:01:10 2018] <pgiarrusso> for debugging I’d start from `match goal with | [ forall _, _ ] => idtac.` and use bisection to see what introduces the error
[Fri Jan 12 09:02:36 2018] <pgiarrusso> and you might need something like `[ H : forall a b, ?A a b -> ?B a b |- _ ]` to make things work
[Fri Jan 12 09:03:22 2018] <pgiarrusso> jstolarek: meanwhile, I retract idea (a), shadowing must just work (I’ve never needed to explicitly freshen names for match goal)
[Fri Jan 12 09:04:08 2018] <pgiarrusso> jstolarek: on the other hand, any chance the tactic in the right-hand side fails somehow and makes `match goal` backtrack leading to a spurious error (not sure if this can happen, sorry)
[Fri Jan 12 09:43:46 2018] <jstolarek> pgiarrusso: for reasons I don't really understand the problem was caused by ?A and ?B
[Fri Jan 12 09:44:03 2018] <jstolarek> this is a form that works:
[Fri Jan 12 09:44:14 2018] <jstolarek> | [ IH : forall _ _ _, _ |- _ ] =>
[Fri Jan 12 09:44:45 2018] <jstolarek> although it does not allow me to be precise by specifying unification variables to precisely match the premisses I still can achieve what I want
[Fri Jan 12 09:45:00 2018] <pgiarrusso> jstolarek, I think because ?A is something that doesn't use the forall variable then
[Fri Jan 12 09:45:44 2018] <pgiarrusso> I'm not sure because even my link from Chlipala gives confusing info
[Fri Jan 12 09:46:23 2018] <pgiarrusso> but that's the basic sort of issue
[Fri Jan 12 09:47:46 2018] <pgiarrusso> also, the general problem match goal would have to solve is higher-order unification, and I'm not sure what it does instead
[Fri Jan 12 09:47:55 2018] <pgiarrusso> jstolarek ^^
[Fri Jan 12 09:52:16 2018] <lyxia> it would be awkward to refer to ?A otherwise because there is nowhere to bound its free variables
[Fri Jan 12 09:58:42 2018] <jstolarek> lyxia: that's a good point
[Fri Jan 12 10:24:04 2018] <pgiarrusso> jstolarek: forall x, ?A x might help with that
[Sat Jan 13 12:05:02 2018] <jmagnusj> Module U := FMapList.Make(String).     Error: The field lt is missing in Coq.Strings.String.
[Sat Jan 13 12:06:17 2018] <jmagnusj> Is there an ordered version of string in the standard library?
[Sat Jan 13 13:02:51 2018] <dh`> jmagnusj: there is not
[Sat Jan 13 13:03:47 2018] <benzrf> rip
[Sat Jan 13 13:05:36 2018] <dh`> this is one of the things that motivated me to start on a real string library
[Sat Jan 13 13:06:09 2018] <dh`> (although the issue here is actually a real character library, the string part of that is easy)
[Sat Jan 13 13:08:43 2018] <dh`> and unrelatedly: pgiarrusso: yeah you'd think, but if it's deterministic, what actually goes wrong? since there's no body to examine you can't attempt to reason about what it does, and when it's deterministic it doesn't matter how many times it gets evaluated on any one argument
[Sat Jan 13 13:10:10 2018] <dh`> it violates parametricity, but in a subtle way: it's not clear to me that you can distinguish a function on strings that computes the result from the argument, and one that deterministically returns the same string for the same argument based on externally stored information, without a turing oracle.
[Sat Jan 13 13:11:03 2018] <dh`> e.g. your favorite cryptographic hash is a pure function on strings
[Sat Jan 13 13:14:53 2018] <jmagnusj> I also tried integers of various types as keys with no better luck... these things don't exactly plop together like legos
[Sat Jan 13 13:16:07 2018] <jmagnusj> Kind of makes it hard to start something unless you are really determined
[Sat Jan 13 13:19:14 2018] <jmagnusj> Is it a fundamental problem of coq or just a problem with the standard library?
[Sat Jan 13 13:19:37 2018] <jmagnusj> * bbl
[Sat Jan 13 13:43:06 2018] <dh`> fmaps from nat work
[Sat Jan 13 13:43:12 2018] <dh`> dunno about others, haven't tried
[Sat Jan 13 13:44:09 2018] <dh`> pgiarrusso: the case I was thinking of was to add import to a simple interpreter by providing an ocaml function that retrieved the contents of a file, and memoized it to make sure it was deterministic
[Sat Jan 13 13:45:12 2018] <dh`> the results might be different from run to run, but that's not ultimately different from compiling them into a separately-compiled source file
[Sat Jan 13 13:47:11 2018] <dh`> here's a case with fewer moving parts (but no useful application) though: a function that internally stores a hash code, and that caches its results so it always returns the same result for the same argument, but when given a new argument hashes it into the internal state and returns the new hash
[Sat Jan 13 13:47:32 2018] <dh`> so the results of hashing a given string are always the same but depend on which strings were hashed previously
[Sat Jan 13 13:48:26 2018] <dh`> what can this break, and (assuming cryptographic hashes) how can you distinguish it from a function that just hashes its argument?
[Sat Jan 13 13:48:45 2018] <dh`> I'm now curious :-)
[Sat Jan 13 13:52:17 2018] <benzrf> so when you say "always the same"
[Sat Jan 13 13:52:30 2018] <benzrf> you mean always the same in a given program run, not always the same across runs
[Sat Jan 13 13:52:36 2018] <dh`> right
[Sat Jan 13 13:53:04 2018] <benzrf> sounds like it could break a whole fuckin lot
[Sat Jan 13 13:53:19 2018] <dh`> like?
[Sat Jan 13 13:53:34 2018] <benzrf> coq believes that [swap (hash a, hash b) = (hash b, hash a)]
[Sat Jan 13 13:54:06 2018] <benzrf> or if you extract to haskell, laziness creates major unpredictability
[Sat Jan 13 13:54:19 2018] <benzrf> well i guess it was already pretty unpredictable
[Sat Jan 13 13:55:03 2018] <dh`> it doesn't break that; on any given run hash a = hash a
[Sat Jan 13 13:55:34 2018] <dh`> and keep in mind that different on different runs isn't distinguishable from different in different recompilations after someone changed the other source file that contains the implementation
[Sat Jan 13 13:56:21 2018] <benzrf> so we're assuming that we treat the function as an opaque constant with no facts about it other than its type?
[Sat Jan 13 14:00:07 2018] <benzrf> i suppose we could come up with, like, an extended calculus of [inductive] constructions where judgments are parameterized by a state and rules for deducing reduction equivalence change the state, and then see if the ordinary Co[I]C interprets soundly into it
[Sat Jan 13 14:00:12 2018] <benzrf> sounds like a lot of work tho
[Sat Jan 13 14:00:14 2018] <benzrf> :]
[Sat Jan 13 14:00:54 2018] <dh`> right, that's what Axiom does unless you add more axioms to give semantics
[Sat Jan 13 14:01:08 2018] <dh`> yeah, that sounds like work
[Sat Jan 13 14:16:20 2018] <dh`> it's still sort of an interesting question what that scenario would actually break, though.
[Sat Jan 13 14:18:34 2018] <dh`> on an unrelated topic: currently with strings you can write match s with | "abc"%string => ...
[Sat Jan 13 14:18:45 2018] <dh`> but the logic that comes out is a minor nightmare
[Sat Jan 13 14:21:21 2018] <dh`> which is partly because it unpacks the string but mostly because of the internal representation of Ascii
[Sat Jan 13 14:23:12 2018] <dh`> a better character type is necessary
[Sat Jan 13 14:23:36 2018] <dh`> however, for extracting to ocaml matching directly on strings like this is bad, because ocaml strings aren't cons-lists
[Sat Jan 13 14:23:52 2018] <dh`> and so it generates a horrible mess
[Sat Jan 13 14:29:48 2018] <dh`> is it worth trying to fix this with complex extraction logic, or would it be better to try to write notations for string matching that expand to equality tests?
[Sat Jan 13 14:29:58 2018] <dh`> both of these approaches have severe downsides :(
[Sat Jan 13 14:30:08 2018] <dh`> or just tell people not to match on strings?
[Sat Jan 13 14:30:38 2018] <dh`> it would be nice if coq's string match could extract to an ocaml string match, that is, match s with | "abc" -> ...
[Sat Jan 13 14:30:43 2018] <dh`> but that doesn't seem very likely to be possible.
[Sat Jan 13 14:32:42 2018] <dh`> (similarly, extracting string constants not as conses seems like a problem, but this is more likely to be cleaned up by the ocaml compiler)
[Sat Jan 13 14:54:12 2018] <beaky> hello. im looking into heterogeneous lists so i can have e.g. lists of things like record projections (where the codomain is different). besides somethign like the hlist in cpdt http://adam.chlipala.net/cpdt/html/Cpdt.DataStruct.html#lab57 are there other approaches for this? i recall something involving tuples that happened to be easier to use for some cases
[Sat Jan 13 14:56:12 2018] <hodapp> * fluffles beaky
[Sat Jan 13 14:57:47 2018] <beaky> hello hodapp
[Sat Jan 13 14:57:57 2018] <hodapp> you follow me everywhere >_>
[Sat Jan 13 15:02:50 2018] <lyxia> beaky:  Fixpoint hlist (l : list A) : Type := match l with [] => unit | h :: t => h * hlist t end.
[Sat Jan 13 15:02:55 2018] <beaky> for example: Record t { a : nat; b : list; }. then i want to have something like Definition t_projections := [a; b].
[Sat Jan 13 15:03:21 2018] <beaky> ah thanks lyxia (i think that was the one i was trying to recall)
[Sat Jan 13 20:04:24 2018] <pgiarrusso> dh` dh_work: I was concerned about “deterministic but impure” for a different reason — your actual example that memoizes a file content looks fine, the hash example doesn’t
[Sat Jan 13 20:05:04 2018] <pgiarrusso> a counter is already a problem
[Sat Jan 13 20:06:11 2018] <pgiarrusso> Let `fresh_int` be defined in imperative pseudocode as `fresh_int () := set cell (1 + get cell); get cell`
[Sat Jan 13 20:06:53 2018] <pgiarrusso> if in Coq you have `fresh_int: Unit -> Nat` Coq believes that `fresh_int() = let _ = fresh_int() in fresh_int()`
[Sat Jan 13 20:07:21 2018] <pgiarrusso> I guess this is all clear
[Sat Jan 13 20:07:33 2018] <pgiarrusso> or it should be
[Sat Jan 13 20:07:43 2018] <pgiarrusso> but this function is impure yet 100% deterministic
[Sat Jan 13 20:08:54 2018] <pgiarrusso> I guess that’s not what you meant, but when you asked I didn’t know
[Sat Jan 13 20:10:00 2018] <pgiarrusso> for your example with cryptographic hashes, I thought it suffered from the same problem, but I’m not sure it dowes
[Sat Jan 13 20:10:01 2018] <pgiarrusso> *does
[Sat Jan 13 20:14:14 2018] <pgiarrusso> however, things compiling Coq assume reordering calls is semantics-preserving (which it isn’t here), so at the very least you could get miscompilations changing the actual result
[Sat Jan 13 20:16:07 2018] <pgiarrusso> to see such miscompilations spectacularly in action, we have to turn to buggy unsafe Haskell :-)
[Sat Jan 13 20:16:23 2018] <pgiarrusso> see https://github.com/haskell/bytestring/blob/master/Data/ByteString/Internal.hs#L566-L588 and links
[Sat Jan 13 20:18:37 2018] <pgiarrusso> benzrf: if you want state, wouldn’t you just use one of the N encodings of state into Coq (maybe one which is maintained though, unlike IIRC yNot)?
[Sat Jan 13 20:43:29 2018] <dh_work> hmm
[Sat Jan 13 20:43:44 2018] <dh_work> the hash example is fine in your first context, because it takes an arg
[Sat Jan 13 20:44:49 2018] <dh_work> the second context (let x := hash 3 in let y := hash 5 = let y := hash 5 in let x := hash 3) is more interesting
[Sat Jan 13 20:45:01 2018] <dh_work> it's still true
[Sat Jan 13 20:45:11 2018] <dh_work> but the actual values depend on the order produced by the compiler
[Sat Jan 13 20:47:00 2018] <dh_work> or rather, (let x := hash 3 in let y := hash 5 in (x, y) = let y := hash 5 in let x := hash 3 in (x, y)) is more interesting
[Sat Jan 13 20:47:06 2018] <dh_work> s/is more interesting//
[Sat Jan 13 20:49:46 2018] <dh_work> if you evaluate both expressions, you get the same value; if you evaluuate each one in isolation, you don't, but then you also can't compare them to discover that someting's different.
[Sat Jan 13 20:50:39 2018] <dh_work> there's something very schroedinger about that
[Sat Jan 13 21:13:26 2018] <pgiarrusso> dh_work: I’d try using projections from exists c, hash 3 = c, then using hash 5, then checking the projected value matches hash 3. This is still likely to work, but it’s trickier
[Sat Jan 13 21:15:15 2018] <pgiarrusso> Actually, just take the actual result from hash 3 (say 42), prove that hash 3 = 42 (by computation, if that works?), and then throw away the proof to change evaluation order after extraction... uh, the proof by computation likely fails
[Sat Jan 13 21:16:12 2018] <pgiarrusso> OK, giving up, but if your idea is indeed safe it’s far from obvious why
[Sat Jan 13 21:23:16 2018] <benzrf> pgiarrusso: im talking about verifying whether coq's conclusions are valid when extracting a parameter as a function of the sort dh` described
[Sat Jan 13 21:24:52 2018] <benzrf> i.e. one that, in a given run of the program, will always return the same value for the same input, but that value won't be determined until the first time you ask, and the determination at that point will depend on how you've used the function prior
[Sat Jan 13 21:27:36 2018] <dh_work> you can't prove the actual result, because the function's external to coq.
[Sat Jan 13 21:28:14 2018] <dh_work> I'm pretty sure the exists thing will work; the extracted code must call hash 3 either before or after hash 5
[Sat Jan 13 21:29:16 2018] <dh_work> it's not safe, obviously, but it's not obvious how you'd construct something that fails.
[Sat Jan 13 21:31:06 2018] <dh_work> it can't be something about the actual value since you can't prove anything about that; it would have to be some conclusion based on assumptions about functions that it violates.
[Sat Jan 13 21:34:35 2018] <dh_work> (unrelated side question: does ocaml have an Either type? I can't find one in the docs)
[Sat Jan 13 22:03:03 2018] <benzrf> dh_work: i guess, like
[Sat Jan 13 22:03:24 2018] <benzrf> in this context, how should we give semantics to a statement like "hash 3 = 5 -> hash 4 = 6"
[Sun Jan 14 02:25:49 2018] <dh_work> benzrf: right, that would do it, but you can't assert the premise except as an axiom so I'm not sure it's important
[Sun Jan 14 02:26:47 2018] <benzrf> dh_work: then how should we give semantics to [forall n m, hash n = m -> hash n = m]
[Sun Jan 14 02:27:03 2018] <benzrf> that's clearly provable - how do we interpret it
[Sun Jan 14 02:27:22 2018] <dh_work> how is it provable when all you know about hash n is that it's a nat?
[Sun Jan 14 02:27:30 2018] <benzrf> well, two things
[Sun Jan 14 02:27:32 2018] <dh_work> oh wait, I misread
[Sun Jan 14 02:27:35 2018] <benzrf> oh lol
[Sun Jan 14 02:27:42 2018] <benzrf> well yeah actually im not sure this is problematic anyway nvm
[Sun Jan 14 02:27:51 2018] <dh_work> but I don't think it's problematic
[Sun Jan 14 02:28:02 2018] <dh_work> I read it as hash n = m -> hash m = n
[Sun Jan 14 02:28:06 2018] <benzrf> hah
[Sun Jan 14 02:29:56 2018] <benzrf> well, regardless
[Sun Jan 14 02:30:09 2018] <dh_work> ugh, 6500 lines of ocaml in the past week, not counting adding stuff to the output code generation framework
[Sun Jan 14 02:30:14 2018] <dh_work> no wonder my eyes are glazed over.
[Sun Jan 14 02:30:26 2018] <benzrf> i don't think it's /useful/ to do this unless you can come up with a semantics to assign to these statements
[Sun Jan 14 02:30:30 2018] <dh_work> (and yes I'm at work at 2:30am on saturday night too)
[Sun Jan 14 02:30:37 2018] <benzrf> because the standard semantics only describe functions
[Sun Jan 14 02:30:44 2018] <dh_work> it's not
[Sun Jan 14 02:30:52 2018] <benzrf> well ok good :)
[Sun Jan 14 02:30:58 2018] <dh_work> when I introduced the hash example I pointed out that it has no application :-)
[Sun Jan 14 02:31:01 2018] <benzrf> woops
[Sun Jan 14 02:31:12 2018] <benzrf> well yes, as long as you don't apply it you can't observe any difference
[Sun Jan 14 02:31:14 2018] <dh_work> the thing that reads files for an interpreter's import statement has an application, but it's a lot more complicated to think about.
[Sun Jan 14 02:31:14 2018] <benzrf> :>
[Sun Jan 14 02:31:20 2018] <dh_work> heh
[Sun Jan 14 02:34:10 2018] <dh_work> that one is not entirely aimless; one of the pieces of vaporware I have brewing is a verified c preprocessor (this is supposed to give the string library a workout, among other things) and how to load include files isn't obvious
[Sun Jan 14 02:39:33 2018] <benzrf> it seems obvious to parameterize everything over a filesystem value input
[Sun Jan 14 02:39:36 2018] <benzrf> what's the catch there
[Sun Jan 14 03:11:06 2018] <dh`> that it's basically the io monad and infests everything
[Sun Jan 14 03:15:37 2018] <dh`> and in addition to carrying it around, you also have to carry around predicates about it.
[Sun Jan 14 03:16:21 2018] <dh`> also while we're talking about subtle and not-so-subtle violations of parametricity, the io monad is not actually enough to model the outside world correctly.
[Sun Jan 14 03:20:24 2018] <dh`> e.g. you can write down "read_file (name: string) -> IO string", but it doesn't follow that "read_file foo >>= fun text1 => read_file foo >>= fun text2 => (text1, text2)" implies text1 = text2
[Sun Jan 14 03:20:33 2018] <dh`> but in coqland that's implicitly true
[Sun Jan 14 03:22:49 2018] <dh`> if you unfold the monad it becomes fun world => let (world', text1) := read_file foo in let (world'', text2) := read_file foo in (world'', (text1, text2))
[Sun Jan 14 03:22:58 2018] <dh`> and since read_file doesn't change the world...
[Sun Jan 14 03:24:43 2018] <dh`> erm
[Sun Jan 14 03:24:51 2018] <dh`> if you unfold the monad it becomes fun world => let (world', text1) := read_file world foo in let (world'', text2) := read_file world' foo in (world'', (text1, text2))
[Sun Jan 14 03:27:01 2018] <dh`> I suppose if you don't state that read_file doesn't change the world it's safe
[Sun Jan 14 03:27:59 2018] <dh`> but it's still very similar to the hash example
[Sun Jan 14 12:31:01 2018] <pgiarrusso> dh`: it’s been shown that inlining the definition of the IO monad is unsafe — the unsafe rewritings are just ones that GHC never does
[Sun Jan 14 12:33:08 2018] <pgiarrusso> If you have `c <- read_char file`, then use `c` twice, and allow inlining `c`’s definition at the use site (reusing the same world), you duplicate effects — but GHC refuses to duplicate function calls in this scenario so everything’s fine; you’d need to give a linear type to the world to forbid this duplication
[Sun Jan 14 13:14:31 2018] <benzrf> 03:27 <dh`> I suppose if you don't state that read_file doesn't change the world it's safe
[Sun Jan 14 13:14:38 2018] <benzrf> um yeah that's the whole point of RealWorld
[Sun Jan 14 14:37:13 2018] <pgiarrusso> in fact, the real world keeps changing, so stateBeforeRead = stateAfterRead would be a lie
[Sun Jan 14 14:40:02 2018] <dh`> it nonetheless violates parametricity in a similar way to the hash example
[Sun Jan 14 14:42:25 2018] <pgiarrusso> dh`: BTW, not sure why you mention parametricity here — we aren’t dealing with polymorphic functions
[Sun Jan 14 14:44:14 2018] <dh`> the new world value after read_file not depend only on the old world and the other argument
[Sun Jan 14 14:44:24 2018] <dh`> s/not/does not/\
[Sun Jan 14 14:44:36 2018] <pgiarrusso> yeah, parametricity has nothing to do with this
[Sun Jan 14 14:44:42 2018] <pgiarrusso> our examples violate purity, but I think they’re all still parametric functions (if you can define parametricity for an effectful language, but we’ve learned how in the last decade)
[Sun Jan 14 14:45:14 2018] <dh`> there's something somewhere I don't understand then
[Sun Jan 14 14:45:24 2018] <pgiarrusso> parametricity tells you that abstract types (from either existentials or universals) create abstraction barriers
[Sun Jan 14 14:45:50 2018] <pgiarrusso> as a special case, it tells you that a pure function of type forall a. a -> a must be the identity (and other such things)
[Sun Jan 14 14:46:14 2018] <dh`> ah, I'm just using the wrong term
[Sun Jan 14 14:46:17 2018] <dh`> * goes off to think
[Sun Jan 14 14:47:10 2018] <dh`> oh, and also: the IO monad is unsafe if you unfold it because its functioning relies on the monad typing to prevent world values from being used more than once
[Sun Jan 14 14:48:42 2018] <dh`> that seems to become a very squirrelly concept in a proof environment
[Sun Jan 14 14:54:22 2018] <dh`> I should go reread the ynot papers with these issues in mind, and stick to talking about things I understand properly ;-)
[Sun Jan 14 15:08:25 2018] <pgiarrusso> dh`: keeping that monad abstract (say, with modules) might be good — but I’ve never read the ynot papers, so reading them is probably better than asking me :-)
[Sun Jan 14 15:09:30 2018] <pgiarrusso> dh`: also no worries, but I thought clarifying the miscommunication was useful
[Sun Jan 14 15:10:32 2018] <pgiarrusso> I *don’t* just stick to what I’m sure about (though I try to avoid overconfidence and will shut up to somebody with a clue)
[Sun Jan 14 15:43:32 2018] <dh`> I don't actually either, but I also prefer to avoid looking like an idiot in public when it's avoidable :-)
[Mon Jan 15 06:34:17 2018] <jstolarek> I have several equalities in the context. I would like to write a tactic that inverts all of them. however, any attempt of using repeat results in infinite loop (unsurprisingly). Are there any alternatives?
[Mon Jan 15 06:34:42 2018] <jstolarek> repeat match goal with | [H : ?P = ?R |- _] => inversion H; subst end
[Mon Jan 15 06:35:05 2018] <jstolarek> that's what I'd like to do
[Mon Jan 15 08:56:25 2018] <pgiarrusso> jstolarek: great question! you can clear the equality to avoid looping, but that can lose information when `inversion` doesn’t work well; `inverts` from Software Foundation LibTactics (originally from TLC) might work better
[Mon Jan 15 08:57:04 2018] <pgiarrusso> also, for scenarios where it works, `injection` is a much more predictable tactic than `inversion`
[Mon Jan 15 08:57:21 2018] <pgiarrusso> (`injection` can replace `inversion` for `Some a = Some b`)
[Mon Jan 15 08:59:14 2018] <pgiarrusso> jstolarek: I’ve seen good sources of “improved standard tactics” in proof scripts by Chlipala, by Chargeraud (SF’s LibTactics / TLC)
[Mon Jan 15 08:59:53 2018] <pgiarrusso> also found nice bits in the coq-stdpp library
[Mon Jan 15 09:00:28 2018] <pgiarrusso> (from Krebbers, who’s fully formalized C11 in Coq)
[Mon Jan 15 09:01:26 2018] <pgiarrusso> jstolarek: but to be sure, I said “great question” because I don’t yet have a full answer, so I use a mixture of the strategies I just mentioned — I still don’t have a *safe* tactic
[Mon Jan 15 09:02:29 2018] <pgiarrusso> I’m also not sure why `inversion` loses info in general — I often simplify/unfold aggressively before inverting (it’s as if `inversion` never required simplifications)
[Mon Jan 15 14:45:53 2018] <sudd> I'm trying to write a tactic t, that given some hypothesis H, does "pose proof (lemma H)"; this works well, but I'm trying to avoid non-termination of the tactic. The tactic does other things that manipulate the hypothesis (e.g. intuition), so it hard to know whether I have already did this "pose proof (lemma H)" step. What's the standard way in Ltac to make sure we don't apply a step twice in some tactic?
[Mon Jan 15 15:14:49 2018] <sudd> more precisely, lemma H produces some disjunction P1 \/ P2, then intuition will do a case analysis and create two subgoals
[Mon Jan 15 15:15:33 2018] <sudd> then the tactic will loop and invoke lemma H again, because it will see that P1 \/ P2 is not one of the hypothesis (only P1 would be on one branch, and only P2 would be on the other branch)
[Mon Jan 15 15:15:38 2018] <sudd> the whole tactic then does not terminate
[Mon Jan 15 15:17:40 2018] <sudd> I was thinking about adding some strings in my goal to mark the fact that I already applied this step, such as "applied lemma to H"
[Mon Jan 15 15:18:06 2018] <sudd> but I'm not sure how to convert a Coq term to a string in Ltac
[Mon Jan 15 16:54:11 2018] <dh_work> my first question would be: if this should only be done once, why loop?
[Mon Jan 15 17:42:54 2018] <pgiarrusso> sudd: assuming there’s a reason to loop, can you use `match goal with | [ ?P1 \/ ?P2, ?P1 ] => fail; | [ ?P1 \/ ?P2, ?P2 ] => fail end` to detect what you describe explicitly?
[Mon Jan 15 17:43:27 2018] <pgiarrusso> or something like that
[Mon Jan 15 17:45:51 2018] <pgiarrusso> sudd: also, if you know what you want `intuition` to do, you might want to write the special case you need explicitly with `match goal`, that’ll be much faster and could lead you to more specific automation
[Mon Jan 15 17:46:21 2018] <pgiarrusso> here sth. like `match goal with | [ H: _ \/ _ ] => destruct H end`
[Tue Jan 16 02:06:53 2018] <sudd> dh_work: pgiarrusso: my general tactic looks like: repeat match goal with ... end; so this particular step that I want to apply only once is only one step among many other steps that "improve" the goal; the step where I apply "lemma" can be applied only thanks to other steps, and then from the conclusion of lemma I want to continue my tactic
[Tue Jan 16 02:07:54 2018] <sudd> dh_work: pgiarrusso: also "lemma" must be applied once per hypothesis "H" which is compatible with "lemma", but overall could be applied many times
[Tue Jan 16 02:09:33 2018] <sudd> pgiarrusso: intuition was an example, but the tactic I use does other kind of simplifications and it would be tedious to make a special case to avoid simplifying these kinds of hypotheses, since I'm invoking many personal or built-in tactics that may change them
[Tue Jan 16 02:10:03 2018] <pgiarrusso> sudd: I suspected you were looking for all possible hyps for lemma...
[Tue Jan 16 02:10:18 2018] <pgiarrusso> sudd: wait, what about `clear`?
[Tue Jan 16 02:10:43 2018] <pgiarrusso> sudd: `pose proof (lemma H); clear H`
[Tue Jan 16 02:10:51 2018] <pgiarrusso> it’s not always safe
[Tue Jan 16 02:11:11 2018] <pgiarrusso> but if it works for you *that* is the standard way to prevent looping
[Tue Jan 16 02:11:16 2018] <sudd> pgiarrusso: yes it's not safe in my case, because H is a much stronger property
[Tue Jan 16 02:11:29 2018] <pgiarrusso> sudd: can you change `lemma` to make it safe?
[Tue Jan 16 02:12:04 2018] <sudd> lemma is basically of the form: forall x, P x -> Q x
[Tue Jan 16 02:12:25 2018] <sudd> pgiarrusso: what I'm doing currently is using; mark "lemma"; pose proof (lemma H), and mark "lemma" will add some string s := "lemma": string to the context so that I know I have already applied lemma
[Tue Jan 16 02:13:14 2018] <sudd> the problem with this solution is that it only allows lemma to be applied once overall, instead of once per compatible hypothesis of the form "P _"
[Tue Jan 16 02:13:51 2018] <pgiarrusso> `lemma2: forall x, P x -> Q x /\ Hide (P x)`, where `Hide` is some identity function (or maybe a constructor) that does not get auto-unfolded and prevents applying `lemma2` again
[Tue Jan 16 02:14:03 2018] <pgiarrusso> where did I see Hide? Hm... let me check one place
[Tue Jan 16 02:15:19 2018] <sudd> pgiarrusso: but that would also make P x unusable for other tactics/auto and such right?
[Tue Jan 16 02:16:27 2018] <pgiarrusso> so, something like https://gitlab.mpi-sws.org/robbertkrebbers/coq-stdpp/blob/master/theories/tactics.v#L444
[Tue Jan 16 02:16:30 2018] <sudd> isn't possible to make some string out of a term, that way I could use mark ("lemma" ++ to_string H1) and mark("lemma" ++ to_string H2)
[Tue Jan 16 02:16:38 2018] <pgiarrusso> well, yes, but see also unblock_goal...
[Tue Jan 16 02:16:41 2018] <sudd> and have different marks for different instances
[Tue Jan 16 02:16:57 2018] <pgiarrusso> OTOH, that file has `iter` which might be even better
[Tue Jan 16 02:17:04 2018] <pgiarrusso> if you can turn your hypotheses into a list
[Tue Jan 16 02:17:37 2018] <pgiarrusso> on your question: maybe, dunno — maybe it’s easier to make strings out of hypotheses names
[Tue Jan 16 02:20:05 2018] <sudd> I didn't figure out how yet but I'll keep looking :) thanks for the alternative solutions
[Tue Jan 16 02:26:23 2018] <sudd> pgiarrusso: or if perhaps I could create another variable name out of H or out of the variables that appear in H, and then just pose that variable (not necessarily of type string) in my context?
[Tue Jan 16 02:27:45 2018] <pgiarrusso> sudd: uh, maybe `fresh` helps?
[Tue Jan 16 02:28:06 2018] <pgiarrusso> it can take proposed names, though maybe it takes them as string?
[Tue Jan 16 02:28:17 2018] <pgiarrusso> oh wait, I’m silly
[Tue Jan 16 02:28:32 2018] <pgiarrusso> the point of `fresh` is that it’ll never conflict...
[Tue Jan 16 02:30:26 2018] <sudd> pgiarrusso: but if fresh can be implemented in Ltac then maybe I can take inspiration from that? or is it some built-in thing?
[Tue Jan 16 02:35:20 2018] <pgiarrusso> I have used `fresh`, not implemented it
[Tue Jan 16 02:37:12 2018] <pgiarrusso> https://coq.inria.fr/refman/ltac.html suggests it might be a builtin
[Tue Jan 16 02:42:30 2018] <pgiarrusso> sudd: but since you ask about “standard way”: I use that file and library (the author formalized the C11 spec)
[Tue Jan 16 02:42:42 2018] <pgiarrusso> Chlipala’s code (see https://jozefg.bitbucket.io/posts/2014-07-09-dissecting-crush.html and the CPDT chapter)
[Tue Jan 16 02:45:24 2018] <pgiarrusso> and from Software Foundations / the TLC library there are https://softwarefoundations.cis.upenn.edu/plf-current/UseTactics.html (intro) / https://softwarefoundations.cis.upenn.edu/plf-current/LibTactics.html (implementation)
[Tue Jan 16 02:45:53 2018] <sudd> thanks that's nice, I think I'll find what I need :)
[Tue Jan 16 02:48:12 2018] <pgiarrusso> sudd: for emphasis, looping over the hypotheses that fit `lemma` in one go, and applying that lemma to all in one pass, might be the best strategy; but I’m not sure how to get a list of hypotheses :-|
[Tue Jan 16 02:50:12 2018] <sudd> pgiarrusso: but what to do if the hypotheses that fit lemma can be generated after my other automation tactics? (and then from the result of lemma I can make some progress, and so on)
[Tue Jan 16 02:52:33 2018] <pgiarrusso> Uh, position markers might help: https://softwarefoundations.cis.upenn.edu/plf-current/LibTactics.html#lab450
[Tue Jan 16 02:53:38 2018] <pgiarrusso> hypotheses are ordered (and *usually* the order is preserved, though it can be changed)
[Tue Jan 16 02:54:10 2018] <pgiarrusso> so if you add a mark after you’re done with a pass, you’ll find new hyps after the mark
[Tue Jan 16 02:55:10 2018] <sudd> ah good to know
[Tue Jan 16 02:55:51 2018] <pgiarrusso> I’m thinking of `gen_until_mark; < “block” the hyps in context that match lemma > ; intro_until_mark; < do a pass of the lemma on the unblocked hyps > ; < unblock hyps >`
[Tue Jan 16 02:56:15 2018] <pgiarrusso> not sure that works, but seems plausible?
[Tue Jan 16 02:56:38 2018] <pgiarrusso> well, insane but Ltac-plausible
[Tue Jan 16 02:57:31 2018] <pgiarrusso> but I’ve never done something like this
[Tue Jan 16 02:57:34 2018] <pgiarrusso> sudd: ^^
[Tue Jan 16 02:58:34 2018] <pgiarrusso> (to be clear, I’m looking for an answer to learn what it is, not because I am actually an expert)
[Tue Jan 16 02:59:36 2018] <pgiarrusso> and also this stuff feels like programming in TeX
[Tue Jan 16 02:59:55 2018] <pgiarrusso> * does not find *TeX* the language very elegant
[Tue Jan 16 03:02:05 2018] <sudd> that could be a solution, I'll try to think about it; reconnecting later, thanks for your help!
[Tue Jan 16 06:20:01 2018] <sudd> pgiarrusso: I think I figured out a way to do what I want; I introduce some dummy type: Inductive Marked {T}: T -> string -> Type :=| Mark: forall t s, Marked t s. and then whenever I applied lemma to H, I do: pose proof (Mark H "applied lemma"), and that mark will stay in the context
[Tue Jan 16 07:12:14 2018] <jstolarek> pgiarrusso: thanks. I ended up doing a stupid thing, ie. writing several matches: one that matches only one hypothesis, another that matches two,... and so on up to six. This is horrible but works for me
[Tue Jan 16 07:12:44 2018] <jstolarek> I am now wondering if Ltac allows my to write a tactic that understands "as" suffix, eg:
[Tue Jan 16 07:12:59 2018] <jstolarek> myTactic X Y Z as H
[Tue Jan 16 07:13:27 2018] <jstolarek> I'd like H to be an argument to the tactic, just want to use "as" syntax since it is easier to read in the script
[Tue Jan 16 08:10:16 2018] <pgiarrusso> sudd: uh, sounds nice!
[Tue Jan 16 08:12:36 2018] <pgiarrusso> jstolarek: searching for “as” in the LibTactics link above finds “Tactic Notation "gen_eq" ":" constr(E) "as" ident(X) := gen_eq X: E.”
[Tue Jan 16 08:13:00 2018] <pgiarrusso> jstolarek: link: https://softwarefoundations.cis.upenn.edu/plf-current/LibTactics.html
[Tue Jan 16 08:13:26 2018] <pgiarrusso> I’m afraid I recommend cargo-culting :-|
[Tue Jan 16 08:15:20 2018] <pgiarrusso> also, the code in there seems often as horrible — Ltac 1 seems to range between TeX and PHP (Ltac2 might be a bit better), but at least that horror doesn’t affect correctness of completed proofs :-|
[Tue Jan 16 10:15:55 2018] <leah2> how can i prove "inord 1 != inord 2"?
[Tue Jan 16 15:28:53 2018] <jmgrosen> what is the reasoning behind the restrictions on reservable names?
[Tue Jan 16 15:29:07 2018] <jmgrosen> "it must have no trailing digits, quote, or _"
[Tue Jan 16 15:35:34 2018] <jmgrosen> Ah. Read the docs a bit more closely: "The effect of the command is to automatically set the type of bound variables starting with ident (either ident itself or ident followed by one or more single quotes, underscore or digits)"
[Tue Jan 16 18:10:34 2018] <pgiarrusso> leah2: what’s inord? if it’s a data constructor, `intro H; inversion H` should be enough. `intro H; injection H` might also produce a goal that is easier to solve
[Tue Jan 16 18:11:09 2018] <leah2> (from ssreflect)
[Wed Jan 17 03:42:28 2018] <rootmos> account add jabber gustav.behm@gmail.com
[Wed Jan 17 03:42:56 2018] <rootmos> whoops, thanks irssi :)
[Wed Jan 17 04:58:09 2018] <jstolarek> pgiarrusso: ah, Tactic Notation, right!  Haven't thought about that
[Wed Jan 17 04:59:08 2018] <jstolarek> "Ltac is like TeX - just barely usable enough to be indispensible" - B. Pierce, 2017
[Wed Jan 17 06:44:00 2018] <pgiarrusso> jstolarek: thanks, stealing it!
[Wed Jan 17 06:44:06 2018] <pgiarrusso> * googles...
[Wed Jan 17 06:44:10 2018] <pgiarrusso> retweeting https://twitter.com/cattheory/status/920048352149958656
[Wed Jan 17 10:55:36 2018] <jmagnusj> what would be a good text book for learning coq in a small study group?
[Wed Jan 17 10:55:49 2018] <modulus> software foundations is probably the best chance.
[Wed Jan 17 10:56:11 2018] <jmagnusj> thanks for your data point :)
[Wed Jan 17 12:19:33 2018] <pgiarrusso> jmagnusj: SF++
[Wed Jan 17 13:55:42 2018] <jmagnusj> pgiarrusso, thanks
[Wed Jan 17 21:15:51 2018] <benzrf> constructive math is gr8 https://i.imgur.com/x75gCs0.png
[Wed Jan 17 22:06:30 2018] <dh`> heh
[Wed Jan 17 22:07:06 2018] <dh`> why would = be the negation of /= rather than the other way around? there must be a reason, but it's not obvious on casual contact
[Wed Jan 17 22:15:29 2018] <benzrf> dh`: look closer, it's talking about inequivalence relations that properly witness a distinction
[Wed Jan 17 22:16:54 2018] <benzrf> hmm actually it still seems strange that negating would give you equality
[Wed Jan 17 22:16:58 2018] <benzrf> even if you have more info than neq
[Wed Jan 17 22:17:53 2018] <benzrf> hmm, how about...
[Wed Jan 17 22:18:27 2018] <benzrf> let's say we have [S := nat -> nat]; then we can define [apart x y := exists i, x i <> y i]
[Wed Jan 17 22:19:21 2018] <benzrf> so: [~apart x y] -> [forall i, ~(x i <> y i)] -> [forall i, x i = y i] --(assuming funext)--> [x = y]
[Wed Jan 17 22:20:28 2018] <benzrf> but of course we need markov's principle or something to go [x <> y] -> [apart x y]
[Thu Jan 18 02:51:26 2018] <pgiarrusso> benzrf dh` : that seems to be saying that since reals are infinite, you can’t give a finite witness that they’re equal, but you can more easily witness they’re unequal, or that inequality gives a contradiction
[Thu Jan 18 02:54:44 2018] <pgiarrusso> Also, “they’re the same sequence” as you use in your example is probably much too restrictive, since reals must be quotiented
[Thu Jan 18 02:56:17 2018] <pgiarrusso> OTOH, I’ve heard there are multiple pretty different constructive definitions of reals, many predating type theory/Coq
[Thu Jan 18 03:43:06 2018] <dh`> well, you can't have not (not eq) being the same as eq, because of excluded middle, but all else being ... the same ... I'd expect equality to be the base case
[Thu Jan 18 03:43:54 2018] <dh`> on the grounds that because an object is equal to itself, it's more primitive. or something like that.
[Thu Jan 18 03:44:33 2018] <dh`> this is not a piece of math I particularly claim to understand though.
[Thu Jan 18 04:17:13 2018] <pgiarrusso> dh` if you’re trying to justify reals when you don’t trust infinity, “equality of reals is primitive” should sound suspicious
[Thu Jan 18 04:17:47 2018] <pgiarrusso> also, “equality of reals” is probably a pretty complicated equivalence
[Thu Jan 18 04:18:10 2018] <pgiarrusso> if you defined reals with Cauchy sequences, say, two sequences for the same real could be wildly different
[Thu Jan 18 04:18:44 2018] <pgiarrusso> even decimal expansions of reals need some quotienting (because 1 = 0.99999....)
[Thu Jan 18 04:28:48 2018] <dh`> I dunno. every real is still equal to itself.
[Thu Jan 18 04:33:42 2018] <dh`> whereas any scheme for writing down reals (that aren't rationals) makes it problematic to show that any two are not equal
[Thu Jan 18 04:33:58 2018] <dh`> but maybe that's the point, a statement that two are not equal is stronger?
[Thu Jan 18 04:34:00 2018] <dh`> I dunno.
[Thu Jan 18 04:34:07 2018] <dh`> anyway the original link doesn't mention reals specifically
[Thu Jan 18 04:39:03 2018] <pgiarrusso> yeah, I feel like making the statement stronger (more constructive) was part of the point
[Thu Jan 18 04:39:23 2018] <pgiarrusso> dh`: ^^
[Thu Jan 18 04:39:37 2018] <pgiarrusso> dh`:  you’re right the link doesn’t mention reals, but it says “apartness”
[Thu Jan 18 04:40:01 2018] <pgiarrusso> and I think I’ve only seen apartness introduced for reals
[Thu Jan 18 06:55:56 2018] <pgiarrusso> Question: since Ltac scripts have side effects (backtracking, exceptions), is there any formal description of them? What is the Ltac monad?
[Thu Jan 18 06:56:13 2018] <pgiarrusso> Alternatively, is there a paper introducing Ltac?
[Thu Jan 18 06:57:02 2018] <pgiarrusso> I’m aware of Chap. 9 in the reference manual, but I don’t think it has a good answer
[Thu Jan 18 06:57:41 2018] <pgiarrusso> so I first complained about it (https://twitter.com/Blaisorblade/status/953958722165989376), then thought it’d be more constructive to ask here
[Thu Jan 18 09:16:04 2018] <gnull> Hello, friends! I've encountered a strange compilation error while solving exercises from IndProp.v chapter of Software Foundations. The error appears when I add `eqn:something` to my induction tactic. The minimal example reproducing it is provided here: https://pastebin.com/JQz9Rpse .
[Thu Jan 18 09:16:45 2018] <gnull> Could you, please, help me understand its meaning or find some workaround?
[Thu Jan 18 09:21:20 2018] <lyxia> I don't understand it enough to explain it but the workaround is probably to not use eqn.
[Thu Jan 18 09:25:38 2018] <lyxia> you could use fix and inversion
[Thu Jan 18 09:27:35 2018] <lyxia> gnull: another way is   remember (cons x a) as a'. induction H.
[Thu Jan 18 09:28:16 2018] <gnull> lyxia: Thank you, I haven't heard of fix before, but I'll study it.
[Thu Jan 18 09:30:24 2018] <gnull> lyxia: Great, the remember+induction option works for me. Thank you!
[Thu Jan 18 11:25:05 2018] <benzrf> pgiarrusso, dh`: first of all, i didnt mean for S to be the reals
[Thu Jan 18 11:25:37 2018] <benzrf> reals as sequences of nats is asinine, you should be using rationals or digits
[Thu Jan 18 11:25:48 2018] <benzrf> well maybe its not asinine but i dont know of any particular construction based on it
[Thu Jan 18 11:26:28 2018] <pgiarrusso> yeah I didn’t really check “S = reals”, apartness set me off
[Thu Jan 18 11:26:43 2018] <benzrf> secondly: 'apart' here means that we have a specific example of how they differ
[Thu Jan 18 11:26:59 2018] <pgiarrusso> sure
[Thu Jan 18 11:27:25 2018] <benzrf> the key thing is that equality of nats is decidable
[Thu Jan 18 11:27:36 2018] <benzrf> so apartness for nats is equivalent to not equal
[Thu Jan 18 11:27:55 2018] <benzrf> then pushing not-apart inside the function, we can turn that into equality
[Thu Jan 18 11:28:37 2018] <benzrf> but if we just have not-equal, we can't recover apartness since we'd need to do a search for a differing input and we can't do that without markov's principle
[Thu Jan 18 11:29:21 2018] <benzrf> if you prefer, pick a domain that isn't recursively enumerable, and then we can't do it even *with* markov's principle
[Thu Jan 18 11:29:27 2018] <pgiarrusso> good point, apartness is stronger than inequality in constructive logic
[Thu Jan 18 11:29:36 2018] <pgiarrusso> and that’s why constructive people introduced it
[Thu Jan 18 11:29:40 2018] <benzrf> right
[Thu Jan 18 11:29:47 2018] <benzrf> well, that's just a particular case of apartness
[Thu Jan 18 11:29:59 2018] <benzrf> what i pasted was talking about a more general concept
[Thu Jan 18 11:30:40 2018] <pgiarrusso> BTW, just realized S is homomorphic to the reals probably, since a natural can code a fraction (not a rational, hence homomorphic not isomorphic)
[Thu Jan 18 11:30:56 2018] <benzrf> homomorphic as what kind of structure?
[Thu Jan 18 11:31:08 2018] <pgiarrusso> I think that needs set homomorphism
[Thu Jan 18 11:31:18 2018] <benzrf> that's just a function
[Thu Jan 18 11:31:48 2018] <pgiarrusso> hm. Trying to say that fraction equivalence induces an equivalence on S
[Thu Jan 18 11:32:07 2018] <pgiarrusso> and if you quotient S with that equivalence, the result seems isomorphic to reals
[Thu Jan 18 11:32:08 2018] <benzrf> an equivalence morphism, then
[Thu Jan 18 11:32:47 2018] <pgiarrusso> not sure what that is
[Thu Jan 18 11:33:05 2018] <benzrf> a morphism of sets equipped with equivalence relations :]
[Thu Jan 18 11:33:22 2018] <pgiarrusso> ah, an arrow between setoids?
[Thu Jan 18 11:33:35 2018] <pgiarrusso> you’re right that “set homomorphism” is just a function
[Thu Jan 18 11:33:37 2018] <benzrf> if you like
[Thu Jan 18 11:33:43 2018] <benzrf> here's the page i was screenshotting btw https://ncatlab.org/nlab/show/apartness+relation
[Thu Jan 18 11:33:45 2018] <pgiarrusso> anyway, this is all a tangent
[Thu Jan 18 11:34:56 2018] <pgiarrusso> thanks for the link
[Thu Jan 18 11:35:05 2018] <benzrf> :)
[Thu Jan 18 18:17:16 2018] <anonlastname> Hello, my goal is basically to use coq to model bitwise algebra according to this set of equations (https://pastebin.com/4B0ALHE6) plus others that might be neccessary
[Thu Jan 18 18:18:01 2018] <anonlastname> I'm not sure how to approach this because it isn't a ring or a group or anything and I'm not sure if it's neccessary to use a construction of actually binary in order to apply these equations
[Thu Jan 18 18:18:41 2018] <anonlastname> so my question is how do I go about this?
[Thu Jan 18 18:31:27 2018] <lyxia> anonlastname: you could declare these equations as axioms or parameters
[Thu Jan 18 18:33:31 2018] <anonlastname> I considered doing that but I'm not sure what type the variables would represent
[Thu Jan 18 18:33:53 2018] <lyxia> that could also be a parameter
[Thu Jan 18 18:34:12 2018] <anonlastname> or how exactly the operators would be defined
[Thu Jan 18 18:35:15 2018] <dh_work> anonlastname: if you want to make sure those are exactly the only axioms used, make a fresh boolean type (e.g. Inductive mybool = mytrue | myfalse) and state all those equations as axioms
[Thu Jan 18 18:36:12 2018] <dh_work> but given how many there are, you're probably better off defining the operators more concisely and proving that those statements follow
[Thu Jan 18 18:36:17 2018] <dh_work> oh, wait, those are integers?
[Thu Jan 18 18:36:26 2018] <anonlastname> yes they are binary integers
[Thu Jan 18 18:37:11 2018] <dh_work> hmm
[Thu Jan 18 18:37:29 2018] <anonlastname> They are not quite natural numbers though because you have to choose between 2s complement and having 'infinity' being defined
[Thu Jan 18 18:37:39 2018] <anonlastname> because ~0 is all ones
[Thu Jan 18 18:38:07 2018] <lyxia> Are you asking how to implement those or is an axiomatic definition enough
[Thu Jan 18 18:39:01 2018] <anonlastname> I'm considering implementing it but I'm not sure if that's feasible
[Thu Jan 18 18:39:18 2018] <dh_work> it's feasible to make your own integer types made of bits, just a pain.
[Thu Jan 18 18:39:47 2018] <anonlastname> Do you think that the standard library's binary can handle this?
[Thu Jan 18 18:40:04 2018] <dh_work> I don't know; probably.
[Thu Jan 18 18:40:08 2018] <lyxia> it looks like you're talking about 2-adic numbers
[Thu Jan 18 18:40:18 2018] <dh_work> but if you specifically want to use only those definitions, you probably want your own type
[Thu Jan 18 18:40:18 2018] <anonlastname> Yes that's what they are called
[Thu Jan 18 18:41:45 2018] <lyxia> they're easily defined coinductively as streams of digits, but equality might be annoying to work with.
[Thu Jan 18 18:43:04 2018] <lyxia> the standard library's binary numbers are just integers
[Thu Jan 18 18:43:46 2018] <dh_work> I would think it wouldn't be a big problem; for any finite number there's a finite number of bits required, so there are exactly two coinductive cases and I'd expect to be able to prove all that
[Thu Jan 18 18:43:58 2018] <dh_work> but I haven't tried.
[Thu Jan 18 18:44:20 2018] <dh_work> all the stuff like this I've done has been with integers of some specific size.
[Thu Jan 18 18:44:41 2018] <dh_work> integers whose sizes are powers of two can be done fairly elegantly
[Thu Jan 18 18:44:50 2018] <anonlastname> I'd be able to do what I want to do with a finite model as well
[Thu Jan 18 18:45:10 2018] <anonlastname> because it is something that can be computed with C++ integers
[Thu Jan 18 18:45:19 2018] <benzrf> dh_work: its not possible, iirc, to prove that the coinductive "naturals" are the sum of unit and nat
[Thu Jan 18 18:45:32 2018] <dh_work> bleh.
[Thu Jan 18 18:45:53 2018] <benzrf> think about it: there's no way to decide whether a given conat is infinity
[Thu Jan 18 18:46:28 2018] <lyxia> anonlastname: If you just need the equations maybe you can use something like this? http://lpaste.net/361777
[Thu Jan 18 18:47:26 2018] <benzrf> coinductive types are kind of a pain from what ive seen, altho what ive seen aint much
[Thu Jan 18 18:47:45 2018] <anonlastname> I will give that a try. I didn't realize how to declare a type like that
[Thu Jan 18 18:48:07 2018] <dh_work> I would think you could prove that forall n, exists k, n < 2^k
[Thu Jan 18 18:48:08 2018] <anonlastname> it seems like what I was looking for in that is capable of just rewriting equations
[Thu Jan 18 18:48:31 2018] <dh_work> and then given the bound you can decide, because once you get past the bound it's either 0 or inf
[Thu Jan 18 18:48:49 2018] <benzrf> what?
[Thu Jan 18 18:48:54 2018] <dh_work> but I'm blathering
[Thu Jan 18 18:48:55 2018] <benzrf> hold on
[Thu Jan 18 18:48:57 2018] <dh_work> I should write it down
[Thu Jan 18 18:49:00 2018] <benzrf> no, you can't prove that
[Thu Jan 18 18:49:05 2018] <benzrf> it doesnt work in the infinity case
[Thu Jan 18 18:49:43 2018] <dh_work> hrm, since inf is in the type, no i guess it's just not true
[Thu Jan 18 18:49:47 2018] <dh_work> foo.
[Thu Jan 18 18:50:29 2018] <dh_work> but it's kind of a mangy type to have an infinite list of bits, because you have infinitely many distinguishable infinite values that are all equivalent.
[Thu Jan 18 18:50:45 2018] <benzrf> what?
[Thu Jan 18 18:50:55 2018] <benzrf> hold on
[Thu Jan 18 18:51:04 2018] <benzrf> nvm
[Thu Jan 18 18:51:05 2018] <dh_work> maybe I'm not thinking about the same thing you're talking about
[Thu Jan 18 18:52:12 2018] <dh_work> hm. but if you have an infinite string of bits that is a two's complement signed value, the type doesn't include infinity
[Thu Jan 18 18:52:14 2018] <benzrf> newspaper cartoons explains the distinction between intensional and extensional equality https://www.cse.buffalo.edu//~rapaport/Mutts-20090105-intensionVsExtension.gif
[Thu Jan 18 18:52:44 2018] <dh_work> heheh
[Thu Jan 18 19:00:40 2018] <dh_work> hmm, actually doing it as a coinductive type seems to just not work
[Thu Jan 18 21:20:37 2018] <dh_work> doing arbitrarily long bitstrings as an *inductive* type works fine
[Thu Jan 18 21:20:49 2018] <dh_work> now I'm not sure what the issue was :-/
[Fri Jan 19 04:11:56 2018] <dh`> so I spent considerably longer than I should have messing with bitwise representations of numbers
[Fri Jan 19 04:12:10 2018] <pgiarrusso> you'd need conduction to also allow infinite bytestrings... which probably you don't want to
[Fri Jan 19 04:12:42 2018] <dh`> definining [[ Inductive num := | zero | minusone | shift more b ]] works adequately but not nicely
[Fri Jan 19 04:12:45 2018] <dh`> well
[Fri Jan 19 04:12:58 2018] <dh`> you don't want infinity in your type, because then nothing works properly anyway
[Fri Jan 19 04:12:58 2018] <pgiarrusso> (have a separate constructor for infinity maybe?)
[Fri Jan 19 04:14:08 2018] <pgiarrusso> ah, not needed here...
[Fri Jan 19 04:14:35 2018] <pgiarrusso> looks like arbitrary precision bitstrings are enough for the question
[Fri Jan 19 04:14:46 2018] <dh`> the problem with this definition is that it contains degenerate values like shift zero false
[Fri Jan 19 04:15:05 2018] <dh`> and so you either need to normalize them away, carry around proofs tha they aren't present, or something like that.
[Fri Jan 19 04:15:23 2018] <dh`> I haven't been able to think of a way to avoid this that doesn't make worse problems :-/
[Fri Jan 19 04:16:37 2018] <dh`> e.g. Inductive num' := | one | minustwo | shift more b. Inductive num := | zero | minusone | other (n: num')
[Fri Jan 19 04:17:37 2018] <dh`> it works, though, just kinda messy in places
[Fri Jan 19 04:39:53 2018] <pgiarrusso> maybe just pack those proofs together with subset types and write definitions with Program? Just lipstick on “carry around proofs”
[Fri Jan 19 04:39:58 2018] <pgiarrusso> but maybe helps?
[Fri Jan 19 04:40:18 2018] <pgiarrusso> or maybe Program’s mean to you and this makes things worse
[Fri Jan 19 04:43:03 2018] <pgiarrusso> but the case I’ve hit with blowup from Program is probably not that common
[Fri Jan 19 07:58:23 2018] <rribeiro> Hello all! I'm trying to define a function by recursion over an inductive predicate whose result is in Set. I'm trying to use tactics to do it, but in a case that I need to invert the predicate to use the inductive hypothesis, pattern matching restriction bytes me. Is there a way to solve this kind of problem?
[Fri Jan 19 08:52:59 2018] <pgiarrusso> rribeiro: what pattern matching restriction? You can’t match on Set, but you should match on your predicate
[Fri Jan 19 08:53:37 2018] <rribeiro> pgiarrusso: The problem is that I'm trying to build a certified function, so its type is a sumbool
[Fri Jan 19 08:54:03 2018] <pgiarrusso> And?
[Fri Jan 19 08:54:29 2018] <pgiarrusso> Self-contained complete examples of Coq code are best
[Fri Jan 19 08:54:39 2018] <rribeiro> Inversion would require case analysis on sort Set which is not allowed for
[Fri Jan 19 08:54:39 2018] <rribeiro> inductive definition in_regex.
[Fri Jan 19 08:54:53 2018] <pgiarrusso> Prepare a gist or pastie
[Fri Jan 19 08:55:03 2018] <rribeiro> Ok, I 'll do it
[Fri Jan 19 08:55:14 2018] <pgiarrusso> And include the actual error message please
[Fri Jan 19 08:56:26 2018] <pgiarrusso> dh`: should one add this sort of advice (maybe in some weakened form) to the topic? Or is it a bad idea? I wouldn’t know how to phrase it
[Fri Jan 19 08:57:39 2018] <pgiarrusso> dh`: this advice = minimized examples please for certain
[Fri Jan 19 08:57:49 2018] <pgiarrusso> *for certain questions
[Fri Jan 19 09:01:16 2018] <rribeiro> https://gist.github.com/rodrigogribeiro/e0e87eb8f0ed547ed5f4016a61f45dc9
[Fri Jan 19 09:02:12 2018] <rribeiro> I asked in general because I thought that it was a general problem with a general solution
[Fri Jan 19 10:40:52 2018] <pgiarrusso> answered rribeiro on the gist
[Fri Jan 19 10:45:18 2018] <pgiarrusso> looks like the error message mentions case analysis on `Set` but the actual problem is, rribeiro was inverting a judgment in `Prop` to produce a result in `Set`
[Fri Jan 19 10:45:23 2018] <pgiarrusso> weird error
[Fri Jan 19 10:48:27 2018] <anton-trunov> pgiarrusso: but it says "Inversion _would_ require case analysis on sort Set"
[Fri Jan 19 10:50:19 2018] <anton-trunov> pgiarrusso: there is a typo in "unlike stuff in Prop", you obviously meant "... in Set"
[Fri Jan 19 10:52:32 2018] <pgiarrusso> anton-trunov: typo fixed
[Fri Jan 19 10:52:43 2018] <pgiarrusso> on *would*: so what?
[Fri Jan 19 10:53:08 2018] <anton-trunov> well, it says you need this thing in Set, but it's not
[Fri Jan 19 10:53:17 2018] <pgiarrusso> no no no
[Fri Jan 19 10:53:25 2018] <pgiarrusso> I read the message as “to do what you ask, I (the inversion tactic) _would_ have to do case analysis on `Set`, which is forbidden”
[Fri Jan 19 10:53:50 2018] <pgiarrusso> it *could* say “in_regex would have to be in `Set` to allow case analysis”, but it doesn’t say that
[Fri Jan 19 10:54:05 2018] <anton-trunov> but Set is not an inductive type, thus it does not make sense
[Fri Jan 19 10:54:31 2018] <anton-trunov> but I agree that this is not the clearest error message in the world
[Fri Jan 19 10:54:50 2018] <pgiarrusso> agreed
[Fri Jan 19 10:55:00 2018] <pgiarrusso> wait, re-reading the error, it’s saying yet something else
[Fri Jan 19 10:55:30 2018] <pgiarrusso> “case analysis on sort Set” does not mean “case analysis on Set” (Set is indeed not inductive)
[Fri Jan 19 10:55:53 2018] <pgiarrusso> but I guess it must mean “the language construct case analysis on datatypes of sort Set”
[Fri Jan 19 10:56:22 2018] <pgiarrusso> and that construct cannot be applied to `in_regex` which is in Prop
[Fri Jan 19 10:56:52 2018] <pgiarrusso> I’m... verbosely agreeing, understanding what the message might actually mean (well, not sure), and I’m *more* scared
[Fri Jan 19 10:56:58 2018] <anton-trunov> I understand it exactly like you just said
[Fri Jan 19 10:57:14 2018] <anton-trunov> Another way to say it is “Coq does not allow case analysis on sort [Prop] when the goal is in not in [Prop]”
[Fri Jan 19 11:14:18 2018] <pgiarrusso> anton-trunov: yes, what you proposed is indeed clearer
[Fri Jan 19 11:14:51 2018] <pgiarrusso> and would not have misled the user into rribeiro’s question
[Fri Jan 19 11:15:17 2018] <anton-trunov> that's not exactly my proposition, I read it some time ago in the stdlib :)
[Fri Jan 19 13:36:17 2018] <dh`> pgiarrussu: regarding the topic, possibly... but it also probably won't fit there
[Fri Jan 19 13:36:37 2018] <dh`> possibly we should have a channel faq page somewhere
[Fri Jan 19 13:36:45 2018] <dh`> s/su/so/
[Fri Jan 19 14:03:32 2018] <pgiarrusso> dh` this reminds me, why is the Feit-Thomson link going to some weird french thing (is it on architecture?)
[Fri Jan 19 14:05:21 2018] <dh`> don't ask me, that link's been in there since I first came here :-)
[Fri Jan 19 14:05:44 2018] <Cypi> yeah, it's been dead for a long time...
[Fri Jan 19 14:44:54 2018] <pgiarrusso> wondering who can change the topic
[Fri Jan 19 14:45:25 2018] <pgiarrusso> OK, only channel ops
[Fri Jan 19 14:46:51 2018] <pgiarrusso> johnw: could you remove or replace the dead Feit-Thompson link from the topic?
[Fri Jan 19 14:48:02 2018] <pgiarrusso> johnw also seems the only OP around
[Fri Jan 19 14:48:37 2018] <pgiarrusso> ah wait, guessing contrapumpkin and Cale might be alt-nicks of copumpkin and cale?
[Fri Jan 19 14:48:52 2018] <contrapumpkin> yeah I'm copumpkin
[Fri Jan 19 14:48:56 2018] <contrapumpkin> what's up?
[Fri Jan 19 14:49:38 2018] <contrapumpkin> or if there's a better link, I can put it back
[Fri Jan 19 14:51:19 2018] <pgiarrusso> contrapumpkin: thanks a lot!
[Fri Jan 19 14:52:01 2018] <pgiarrusso> wait, the proof is from 2012... https://www.msr-inria.fr/news/feit-thomson-proved-in-coq/
[Fri Jan 19 14:58:37 2018] <dh`> heh, has it been in the channel topic since then?
[Fri Jan 19 15:04:44 2018] <benzrf> dh`: CoInductive conat := coO CoInductive delayed (A : Set) := hold_on (next : delayed A) | done (result : A). CoFixpoint
[Fri Jan 19 15:04:46 2018] <benzrf> oops
[Fri Jan 19 15:04:48 2018] <benzrf> sorry wasnt done writing
[Fri Jan 19 15:06:50 2018] <benzrf> CoInductive conat := coO | coS (pred : conat).
[Fri Jan 19 15:06:52 2018] <benzrf> CoInductive delayed A := hold_on (next : delayed A) | done (result : A).
[Fri Jan 19 15:06:59 2018] <benzrf> CoFixpoint timer {A} (process : delayed A) : conat := match process with hold_on _ next => coS (timer next) | done _ _ => coO end.
[Fri Jan 19 15:08:03 2018] <benzrf> if we implement a suitable turing-complete interpreter as a cofixpoint that delays as necessary, we can time it; then, we'd be able to solve the halting problem if we had conat ~ nat + unit
[Fri Jan 19 15:08:26 2018] <dh`> oo
[Fri Jan 19 15:08:32 2018] <dh`> I need to think about that :-)
[Fri Jan 19 15:09:56 2018] <dh`> so making the type coinductive means pred can be infinitely long?
[Fri Jan 19 15:11:56 2018] <benzrf> CoFixpoint omega := coS omega.
[Fri Jan 19 15:12:08 2018] <benzrf> honestly tho u shouldve been able to intuit this from the fact that omega + 1 is not a discrete space
[Fri Jan 19 15:12:10 2018] <benzrf> :]
[Fri Jan 19 15:12:50 2018] <dh`> "thou shouldst" :-p
[Fri Jan 19 15:13:02 2018] <dh`> oh wait, that was a 'u' for 'you' wasn't it, n/m
[Fri Jan 19 15:13:21 2018] <benzrf> yeah
[Fri Jan 19 15:13:28 2018] <benzrf> what did you think it was...
[Fri Jan 19 15:13:58 2018] <dh`> I dunno, the automated typo fixer read it as "thou should've"
[Fri Jan 19 15:14:02 2018] <benzrf> hah
[Fri Jan 19 15:14:24 2018] <dh`> anyway, insert sarcastic remarks about wondering where my friend's college roommate U is
[Fri Jan 19 15:14:38 2018] <benzrf> 🤔
[Fri Jan 19 15:14:52 2018] <benzrf> never forget: countable ≠ discrete
[Fri Jan 19 15:16:25 2018] <dh`> anyway I don't remember how we got onto conats last night
[Fri Jan 19 15:16:49 2018] <benzrf> infinite bitstrings or something
[Fri Jan 19 15:17:43 2018] <benzrf> wait, fuk, i just had a thought
[Fri Jan 19 15:18:07 2018] <benzrf> does just having decidable equality tell us that [n <> omega -> finite n]
[Fri Jan 19 15:18:24 2018] <dh`> right, but somehow we went from arbitrarily large bitstrings for arbitrarily large integers to actually infinite ones, when that wasn't what the original question wanted
[Fri Jan 19 15:18:32 2018] <benzrf> lol
[Fri Jan 19 15:18:54 2018] <Cypi> You don't have decidable equality on conat, right?
[Fri Jan 19 15:19:05 2018] <benzrf> well
[Fri Jan 19 15:19:08 2018] <benzrf> now im thinking about it
[Fri Jan 19 15:19:11 2018] <benzrf> but im almost certain you dont
[Fri Jan 19 15:19:18 2018] <dh`> you shouldn't, you have to sample infinitely much of it to see if two are really the same
[Fri Jan 19 15:19:19 2018] <benzrf> hmmmmmmmmmmmmmm
[Fri Jan 19 15:19:25 2018] <benzrf> dh`: oh, NOW you're convinced
[Fri Jan 19 15:19:29 2018] <Cypi> I have the same intuition, yes
[Fri Jan 19 15:19:50 2018] <dh`> well yes, that's because last night half of what was being said was at cross-purposes
[Fri Jan 19 15:20:15 2018] <Cypi> Having something that would tell you (n : conat) is either omega or the same as a nat would basically give you an equivalence between nat and conat I think
[Fri Jan 19 15:20:30 2018] <benzrf> yes that would be problematic, BUT
[Fri Jan 19 15:20:34 2018] <benzrf> 15:18 <benzrf> does just having decidable equality tell us that [n <> omega -> finite n]
[Fri Jan 19 15:20:58 2018] <Cypi> I agree, it's the missing step x)
[Fri Jan 19 15:21:42 2018] <Cypi> I dislike coinductives. It's obvious that there should be nothing else than omega and a finite number of applications of cS, but I'm not even sure you can prove it...
[Fri Jan 19 15:21:58 2018] <Cypi> (even with decidable equality I mean)
[Fri Jan 19 15:21:58 2018] <benzrf> of course you can't, that'd give you the equivalence :v
[Fri Jan 19 15:22:30 2018] <dh`> that probably requires reasoning about the object having been constructed decidably
[Fri Jan 19 15:22:32 2018] <dh`> as in
[Fri Jan 19 15:22:49 2018] <dh`> if you go off for an infinite amount of time you can build something that's not either finite or omega
[Fri Jan 19 15:23:32 2018] <benzrf> well if we want to delve into this kind of thing we shuold probably clarify what kinds of equality we mean
[Fri Jan 19 15:24:35 2018] <dh`> anyway, I need to work.
[Fri Jan 19 15:24:46 2018] <dh`> I spent too much of last night on (finite) bitstring integers
[Fri Jan 19 15:24:59 2018] <dh`> I am too easily nerdsniped by such things.
[Fri Jan 19 15:25:12 2018] <dh`> and coq makes it so easy to spend hours fiddling with something like that
[Fri Jan 19 15:26:38 2018] <benzrf> >:)
[Fri Jan 19 15:28:24 2018] <pgiarrusso> benzrf: agda copatterns are a somewhat understandable presentation of coinductives, nothing else makes enough sense to me
[Fri Jan 19 15:28:49 2018] <pgiarrusso> but TL;DR. in one step you can only do a *finite observation*
[Fri Jan 19 15:29:01 2018] <pgiarrusso> test if a conat is z or S (c: conat)
[Fri Jan 19 15:29:33 2018] <pgiarrusso> you can’t do an infinite number of steps in one go
[Fri Jan 19 15:30:36 2018] <benzrf> well, certainly
[Fri Jan 19 15:38:25 2018] <benzrf> ooh, this is quite interesting https://github.com/coq/coq/wiki/extensional_equality
[Fri Jan 19 15:38:48 2018] <benzrf> i'd previously noticed, actually, that what it calls "instensional families" seemed a bit suspicious somehow in the context of stuff like univalence
[Fri Jan 19 15:39:08 2018] <benzrf> *intensional
[Fri Jan 19 15:41:10 2018] <benzrf> i think what i noticed was that if you somehow have univalence and canonicity then you could do [Inductive foo : Set -> Prop := foo_bool : foo bool | foo_sum : foo (unit + unit)]
[Fri Jan 19 15:41:31 2018] <benzrf> er, fuck
[Fri Jan 19 15:41:55 2018] <benzrf> i think what i noticed was that if you somehow have univalence and canonicity then you could do [Inductive is_bool : Set -> Prop := foo_bool : foo bool] and then prove [bool = unit + unit] and rewrite by that, and then what would that term normalize to?
[Fri Jan 19 15:44:07 2018] <pgiarrusso> benzrf: IIUC cubical type theory answers that question
[Fri Jan 19 15:44:13 2018] <pgiarrusso> but I don’t know the answer
[Fri Jan 19 15:44:56 2018] <pgiarrusso> the idea I do get is that to rewrite by a proof `p` that bool = unit + unit you need to *run* p back and forth to convert bools into unit + unit and viceversa
[Fri Jan 19 15:45:13 2018] <benzrf> yeah, i know about that and its very neat
[Fri Jan 19 15:45:20 2018] <benzrf> the problem here is that you cant do that because it's a phantom type
[Fri Jan 19 15:45:30 2018] <benzrf> well, in any case, i think the basic cubical theory doesnt have an internalized mechanism for introducing new inductive families
[Fri Jan 19 15:45:44 2018] <benzrf> and in particular i believe the canonicalization proof only applied to the theory w/ nats or something
[Fri Jan 19 15:46:14 2018] <pgiarrusso> then you know more than me
[Fri Jan 19 15:47:10 2018] <benzrf> :>
[Fri Jan 19 15:47:41 2018] <Cypi> In cubical it would normalize to something with their `glue` primitive I believe
[Fri Jan 19 15:48:01 2018] <benzrf> o
[Fri Jan 19 15:48:07 2018] <benzrf> well that's not quite "canonical" form is it? or
[Fri Jan 19 15:48:56 2018] <pgiarrusso> that seems an extended notion of canonical
[Fri Jan 19 15:49:11 2018] <pgiarrusso> Cypi: would “glue” be a sort of cast
[Fri Jan 19 15:49:17 2018] <pgiarrusso> ?
[Fri Jan 19 15:49:30 2018] <Cypi> I'm not quite sure honestly
[Fri Jan 19 15:49:33 2018] <pgiarrusso> I was thinking something similar for the example on the wiki
[Fri Jan 19 15:50:27 2018] <pgiarrusso> benzrf: if `glue` is a cast, its argument would have to be canonical in the usual sense
[Fri Jan 19 15:50:35 2018] <pgiarrusso> that is, start with a constructor
[Fri Jan 19 15:51:15 2018] <pgiarrusso> this is similar to how HoTT adjoins new constructors to identity types
[Fri Jan 19 15:51:25 2018] <pgiarrusso> hm, I might be misspeaking
[Fri Jan 19 15:52:52 2018] <pgiarrusso> benzrf: in http://math.andrej.com/2013/08/28/the-elements-of-an-inductive-type/ Andrej Bauer disputes against > An inductive type contains exactly those elements that we obtain by repeatedly using the constructors.
[Fri Jan 19 15:55:25 2018] <benzrf> so pgiarrusso have you checked out cubical at all or only know it by reputation as a compute-y theory into which hott can be interpreted
[Fri Jan 19 15:55:44 2018] <pgiarrusso> benzrf: the latter I’m afraid
[Fri Jan 19 15:56:08 2018] <pgiarrusso> I looked at some slides, they made some sense but didn’t stick
[Fri Jan 19 15:56:36 2018] <pgiarrusso> benzrf: re the Bauer post on HoTT and canonicity, if you’re familiar with freely generated algebraic structures (e.g. freely generated groups), you might have a better idea: freely generated groups have not just the generators but also elements adjoined by the group operations
[Fri Jan 19 15:57:07 2018] <pgiarrusso> benzrf: did I already say nonsense on cubical you noticed? apologies if so
[Fri Jan 19 15:57:30 2018] <pgiarrusso> I tried to mark speculation as such
[Fri Jan 19 15:58:19 2018] <benzrf> no you didnt say nonsense afaict :)
[Fri Jan 19 15:58:36 2018] <benzrf> you just didnt say much too specific so i thought it might be possible you hadnt looked into it much
[Fri Jan 19 15:59:05 2018] <benzrf> in any case you should check it out because its fuckin neat
[Fri Jan 19 16:02:24 2018] <pgiarrusso> let’s say it’s on my reading list, \omega^1 lives in the future
[Fri Jan 19 16:02:36 2018] <pgiarrusso> kidding, but too much to do
[Fri Jan 19 16:02:48 2018] <pgiarrusso> got a good pointer though?
[Fri Jan 19 16:12:20 2018] <benzrf> pointers are for C programmers
[Fri Jan 19 16:13:34 2018] <benzrf> the original paper is good though (here it is with nicer formatting than on arxiv http://www.cse.chalmers.se/~simonhu/papers/cubicaltt.pdf)
[Fri Jan 19 16:14:28 2018] <benzrf> well, slightly nicer
[Fri Jan 19 16:24:40 2018] <sbp> hey. I'm looking at ways to disable just the _ -> _ arrow notation. I know that disabling individual notations is something that's being considered for Coq, and e.g. is being worked on in https://github.com/coq/coq/pull/703 but I thought a decent stopgap solution for now would be to just create *another* notation on top of _ -> _
[Fri Jan 19 16:24:50 2018] <sbp> to that end I made this:
[Fri Jan 19 16:24:53 2018] <sbp> Notation "'forall' ( '_' : A ), B" := (A -> B)
[Fri Jan 19 16:24:53 2018] <sbp>   (at level 200, format "'forall'  '(' '_'  ':'  A '),'  B") : type_scope.
[Fri Jan 19 16:25:47 2018] <sbp> now checking (forall (_ : nat), bool) works okay, but unfortunately (forall (n : nat), bool) doesn't work. I thought about using "fa" instead of "forall", but that doesn't work either
[Fri Jan 19 16:26:17 2018] <sbp> can anybody think of a way of making this do what I intend?
[Fri Jan 19 16:29:54 2018] <benzrf> o__o
[Fri Jan 19 16:31:38 2018] <sbp> it's for teaching, in case that's you wondering why on earth anybody would bother to do that :-)
[Fri Jan 19 16:34:09 2018] <benzrf> how so?
[Fri Jan 19 16:34:21 2018] <sbp> unfold "how so?".
[Fri Jan 19 16:35:35 2018] <dh_work> I didn't realize -> was a notation; that explains a number of oddities
[Fri Jan 19 16:35:35 2018] <sbp> I mean the idea is that you don't introduce syntactic sugar to students before they understand the structures behind the syntactic sugars. I'm trying to minimise the number of syntactic constructions for people to learn
[Fri Jan 19 16:35:57 2018] <dh_work> also I keep wishing for a paper on the innards of notations so I can implement them elsewhere
[Fri Jan 19 16:36:04 2018] <sbp> dh_work: you can see how it's defined using Locate "_ -> _".
[Fri Jan 19 16:36:15 2018] <dh_work> right, you have to think to look though
[Fri Jan 19 16:36:23 2018] <sbp> indeed, which is entirely my point :-)
[Fri Jan 19 16:36:51 2018] <benzrf> sbp: i understand that reasoning, but i feel like this is part of that fallacy where you try to teach by loading the principles up front
[Fri Jan 19 16:38:02 2018] <sbp> I suppose it's just an alternative, but it's how I prefer to teach it. certainly many people learned about -> as a construction on its own and made good progress without thinking about how it all worked under the covers, myself included. but I want to teach it from a principles up front perspective, for better or worse
[Fri Jan 19 16:40:06 2018] <Cypi> sbp: could `Notation "'forall' ( '_' : A ) , B" := (A -> B) (at level 200).` work?
[Fri Jan 19 16:40:07 2018] <benzrf> idk, principles-up-front is extremely appealing to me, but ive started to believe that it's just not suited for how human brains work :(
[Fri Jan 19 16:40:15 2018] <Cypi> (same as yours, just less quotes around punctuation)
[Fri Jan 19 16:40:33 2018] <dh_work> it also depends on the students; it's one thing with upper-level grad students, and another with undergrads who aren't real solid on how to write proofs at all
[Fri Jan 19 16:42:08 2018] <sbp> Cypi: ah, Coq collapses that to forall ( _ : nat), bool, which probably indicates where the problem is: it really needs the space before _ otherwise there's a problem
[Fri Jan 19 16:42:34 2018] <sbp> benzrf: there are advantages. if you're teaching the history of logic, for example, you can link the structures with things like Meredith's condensed detachment, and compare it to Nicod's axioms and so on. I don't think that any one approach is the absolute way it must be done; people can gravitate towards the approach they like the most
[Fri Jan 19 16:42:52 2018] <Cypi> Right, it does add a space. You don't need to write it yourself though, so I guess it's fine?
[Fri Jan 19 16:43:03 2018] <sbp> dh_work: absolutely
[Fri Jan 19 16:43:30 2018] <sbp> Cypi: that's a point, that's weird. so why does it work whereas mine didn't?
[Fri Jan 19 16:43:47 2018] <Cypi> I have honestly no idea, notations are complicated x)
[Fri Jan 19 16:43:52 2018] <sbp> hehe, fair enough
[Fri Jan 19 16:43:57 2018] <sbp> thank you!
[Fri Jan 19 16:44:08 2018] <benzrf> you want a format annotation
[Fri Jan 19 16:44:24 2018] <sbp> yeah, but my format annotation (see above, original query) broke it
[Fri Jan 19 16:44:34 2018] <benzrf> oh woops
[Fri Jan 19 16:44:36 2018] <benzrf> >.<
[Fri Jan 19 16:44:43 2018] <sbp> perhaps just adding a space, using two spaces, before the underscore would do it...
[Fri Jan 19 16:45:17 2018] <sbp> nope, two spaces before '_' doesn't work either
[Fri Jan 19 16:45:36 2018] <sbp> anyway Cypi's magic incantation seems to do the trick, very grateful
[Fri Jan 19 16:46:33 2018] <Cypi> There will still be discrepancies between `forall (_ : nat), nat` and `forall (n : nat), n = n` (in the latter, Coq removes the parentheses when printing...)
[Fri Jan 19 16:46:36 2018] <Cypi> but well.
[Fri Jan 19 16:49:12 2018] <sbp> hopefully precedence will be picked up more intuitively than a brand new syntax. I mean if you think that "nat, n" or ": nat," is an atomic part of the syntax then you've probably gotta go back quite a few steps anyway
[Fri Jan 19 16:49:50 2018] <sbp> I'll also try to avoid paren dropping as best I can. I won't avoid -> forever
[Fri Jan 19 16:51:20 2018] <Cypi> and one last thing (maybe), you might want to add `right associativity` to the Notation. Take a look at `forall ( _ : nat), forall (_ : nat), nat`
[Fri Jan 19 16:53:09 2018] <sbp> oh yeah. that's okay though, the extra parens are fine
[Fri Jan 19 16:53:35 2018] <sbp> that's actually another common "what?" moment for people learning -> too
[Fri Jan 19 16:53:50 2018] <sbp> they're so used to everything being left associative that a -> b -> c meaning a -> (b -> c) can be a bit of a moment
[Fri Jan 19 16:53:51 2018] <dh_work> yes
[Fri Jan 19 16:54:23 2018] <sbp> then they can learn about currying and why we do that instead of using the left associative \/ as an equivalent
[Fri Jan 19 16:54:30 2018] <dh_work> or rather, that (a -> b) -> c isn't a -> b -> c
[Fri Jan 19 16:54:45 2018] <sbp> er, /\ even
[Fri Jan 19 16:54:55 2018] <dh_work> which tends to come uup when people discover they can't write those types in ml
[Sat Jan 20 00:24:29 2018] <Chobbes> Is there a way to forget a piece of Ltac? Like I want to have `Ltac my_tactic := blah`, but then redefine it later with `Ltac my_tactic := blah`. I know I can use `Ltac my_tactic ::= blah` to redefine, but I don't want to do that because this is for examples in a literate coq file, basically, and I want to keep it consistent.
[Sat Jan 20 00:24:58 2018] <Chobbes> I wouldn't care too much, but if somebody copy / pastes the `Ltac my_tactic ::= blah` thing it fails if it isn't defined before >_<
[Sat Jan 20 01:07:52 2018] <Cypi> Chobbes: you can use Sections
[Sat Jan 20 01:08:10 2018] <Cypi> (or you could just add a comment to explain the `::=` or something like that)
[Sat Jan 20 01:35:29 2018] <dh_work> or fix your literate tool to generate a different output file for each example
[Sat Jan 20 11:50:29 2018] <mgttlinger> When using Program Fixpoints with measure functions I sometimes get obligations to proove that the measure really decreases which are unprovable because I get no hypotheses relating the left and right side of the goal inequality in any way.
[Sat Jan 20 11:51:41 2018] <mgttlinger> https://www.irccloud.com/pastebin/Dcp63E1F/
[Sat Jan 20 11:52:58 2018] <mgttlinger> In this example the first obligation is one of those cases where I'm screwed
[Sat Jan 20 11:54:14 2018] <mgttlinger> Any tricks to avoid this?
[Sat Jan 20 12:33:36 2018] <lyxia> mgttlinger: why does it seem like cmpl d = 1 for all d
[Sat Jan 20 12:35:04 2018] <mgttlinger> lyxia: Because I made a mistake there ;) but that does not change the problem of the mising hypotheses. If you change the recursive case in the measure function to S (cmpl x * cmpl x0) the same problem occurs.
[Sat Jan 20 12:37:17 2018] <lyxia> Ok, right
[Sat Jan 20 12:38:34 2018] <lyxia> mgttlinger: it seems to be because the recursive call of demo is hidden in flat_map
[Sat Jan 20 12:39:52 2018] <lyxia> "demo e" you need some nonlocal reasoning to know that "e" will actually be instantiated only with elements of the lists
[Sat Jan 20 12:41:55 2018] <lyxia> mgttlinger: try changing the type of "e" to also carry a proof that its measure is smaller than dp's
[Sat Jan 20 12:43:23 2018] <mgttlinger> Hm that seems like a lot of pain given that my measure and my types are more complicated in my real case but I will try that. Thanks for your help.
[Sat Jan 20 13:02:43 2018] <dh`> another way is to write a different flat_map that passes a proof to the map function that the argument's In the original list
[Sat Jan 20 13:03:28 2018] <dh`> I had this same issue with folds a month ago and that worked nicely
[Sat Jan 20 13:04:44 2018] <dh`> ideally one would like to have a theorem of the form forall f xs, flat_map f xs -> f is only called on elements of xs
[Sat Jan 20 13:04:56 2018] <dh`> but there's no way to write that down
[Sat Jan 20 13:05:34 2018] <dh`> although hmm, you can write (and easily prove) forall f x xs, In x xs -> In (f x) (map f xs) and that might work for you
[Sat Jan 20 13:05:56 2018] <dh`> you might need <->
[Sat Jan 20 13:07:23 2018] <dh`> although that won't work for flat_map, n/m.
[Sat Jan 20 13:12:50 2018] <dh`> also <-> is only true for injective functions...
[Sat Jan 20 13:23:40 2018] <pgiarrusso> mgttlinger: I’d also modify flat_map, but I don’t think you need to pass `In`; you can pass directly the needed hypothesis on the measure
[Sat Jan 20 13:24:19 2018] <dh`> that depends if you want a reusable flat_map' or not :-)
[Sat Jan 20 13:24:50 2018] <dh`> this issue is going to come up every time there are higher-order functions
[Sat Jan 20 13:25:03 2018] <dh`> and it occurs to me to wonder if there's a general solution
[Sat Jan 20 13:25:20 2018] <pgiarrusso> sized types are a general solution, but they’re tricky and not around in Coq
[Sat Jan 20 13:26:06 2018] <dh`> nah, a general solution for the problem of addressing the calls to f :-)
[Sat Jan 20 13:26:40 2018] <pgiarrusso> hm... wait, sorry, sized types help with structural recursion through higher-order functions
[Sat Jan 20 13:26:57 2018] <pgiarrusso> in my case I did not have lists, so I wouldn’t know how to use the design with `In`
[Sat Jan 20 13:27:38 2018] <pgiarrusso> (unless maybe you generalized that to W-types or something similarly datatype-polymorphic and probably not so usable)
[Sat Jan 20 13:28:18 2018] <pgiarrusso> your solution might help for a list library, though some details are unclear
[Sat Jan 20 13:28:44 2018] <dh`> I think having dependent forms of map and fold that provide proofs of In to f is a general solution, but it's not a tidy one.
[Sat Jan 20 13:29:04 2018] <pgiarrusso> well, it’s general for lists
[Sat Jan 20 13:29:17 2018] <pgiarrusso> not about structural recursion on other datatypes :-)
[Sat Jan 20 13:29:49 2018] <dh`> In is just as generalizable as map and fold are :-)
[Sat Jan 20 13:29:50 2018] <pgiarrusso> and generalizing In to other datatypes would have those problems
[Sat Jan 20 13:29:53 2018] <mgttlinger> Maybe I'm to naive wouldnt the solution be to unfold the higher order function? Isn't that what the "normal" structural induction checker does?
[Sat Jan 20 13:29:55 2018] <dh`> and I think it's still sufficient in general
[Sat Jan 20 13:30:26 2018] <pgiarrusso> mgttlinger: so you *could* unfold the higher-order function, which I think structural induction checking does *not* do
[Sat Jan 20 13:31:07 2018] <dh`> e.g. when you're folding over a map, it calls f key value z, and so what you need is In key value map
[Sat Jan 20 13:31:13 2018] <mgttlinger> But I can use map in "normal" fixpoints and the chercking is happy with that
[Sat Jan 20 13:31:48 2018] <dh`> map is fine when the map function doesn't involve a local recursive call
[Sat Jan 20 13:32:01 2018] <pgiarrusso> agreed with dh`
[Sat Jan 20 13:32:09 2018] <dh`> when it does, things get messy.
[Sat Jan 20 13:32:26 2018] <mgttlinger> What does "local recursive" mean?
[Sat Jan 20 13:32:35 2018] <dh`> a recursive call to the function you're in.
[Sat Jan 20 13:32:50 2018] <mgttlinger> But that works with map
[Sat Jan 20 13:32:56 2018] <dh`> Not IME.
[Sat Jan 20 13:33:01 2018] <pgiarrusso> not IME either
[Sat Jan 20 13:33:14 2018] <mgttlinger> Wait, let me check my code
[Sat Jan 20 13:34:06 2018] <dh`> if you don't use Program Fixpoint it just flatly refuses to go, and if you do you get these proof headaches
[Sat Jan 20 13:34:13 2018] <pgiarrusso> dh`: so how do you use `In`? Do you prove that `In x xs -> x < xs` (for the appropriate `<`)
[Sat Jan 20 13:34:19 2018] <pgiarrusso> doh
[Sat Jan 20 13:34:25 2018] <pgiarrusso> dh`: ^^
[Sat Jan 20 13:36:04 2018] <pgiarrusso> dh`: in my use-case (recursion over types) I agree I could generalize `In` but that sounds like defining a datatype of *contexts* for holes in types (like for zippers), which I’d rather not do :-)
[Sat Jan 20 13:37:18 2018] <mgttlinger> Maybe I'm missunderstanding something but in general in normal structural recursive fixpoints higher order functions were no problem in my code. See: https://gist.github.com/mgttlinger/cede4fd8fe96aa7f7996341f878a8eb5#file-demo-v-L154-L167
[Sat Jan 20 13:37:24 2018] <dh`> well
[Sat Jan 20 13:37:34 2018] <dh`> I was thinking about it in terms of containers
[Sat Jan 20 13:37:51 2018] <dh`> i suspect for folding over abstract syntax the In becomes both trivial and annoying.
[Sat Jan 20 13:40:06 2018] <dh`> mgttlinger: curious, maybe Vector is different for this
[Sat Jan 20 13:41:16 2018] <pgiarrusso> maybe, but how? the indexing by length shouldn’t help, should it?
[Sat Jan 20 13:41:28 2018] <pgiarrusso> mgttlinger: also confused; I agree that inlining would work there, but I didn’t expect Coq to do it
[Sat Jan 20 13:41:55 2018] <pgiarrusso> (Agda doesn’t do inlining and I hear its termination checker is more powerful than Coq usually)
[Sat Jan 20 13:42:12 2018] <pgiarrusso> also, inlining up to which point? Hm...
[Sat Jan 20 13:43:14 2018] <mgttlinger> https://stackoverflow.com/questions/47082796/when-does-the-termination-checker-reduce-a-record-accessor
[Sat Jan 20 13:43:36 2018] <mgttlinger> There Joachim Breitner sais that certain things are inlined by the termination checker
[Sat Jan 20 13:44:18 2018] <mgttlinger> (the thing described there is btw also the solution to the problem which the above gist was created to showcase)
[Sat Jan 20 13:48:25 2018] <mgttlinger> Unfolding the flat_map in my fixpoint with measure could also solve the issue I see there, right? So the question is: Why is that function not unfolded anymore when a measure function is used for termination checking?
[Sat Jan 20 13:49:18 2018] <dh`> various things seem to be different when you use a measure. I don't know why...
[Sat Jan 20 13:50:40 2018] <pgiarrusso> mgttlinger: I don’t know if this is intentional
[Sat Jan 20 13:50:57 2018] <pgiarrusso> speculating on why: inlining does not scale too well
[Sat Jan 20 13:51:03 2018] <pgiarrusso> and with a measure, it is not necessary
[Sat Jan 20 13:51:56 2018] <mgttlinger> My current (very limited) experience with fixpoints with measure functions is that they only work in very simple cases and otherwise generate unproovable and/or horribly many obligations very quickly.
[Sat Jan 20 13:52:01 2018] <pgiarrusso> I mean, inlining this function is fine, inlining a bigger one is not, but should the checker only inline up to a size limit? That would be pretty unpredictable
[Sat Jan 20 13:52:25 2018] <pgiarrusso> mgttlinger: for “many obligations” I often find proof automation useful
[Sat Jan 20 13:53:23 2018] <pgiarrusso> Local Obligation Tactic := program_simpl; <insert your homegrown tactic for the obligations>.
[Sat Jan 20 13:53:34 2018] <mgttlinger> pgiarrusso:  I found automation to get rather slow when the obligations go into the hundreds.
[Sat Jan 20 13:53:45 2018] <dh`> you could imagine giving hints to the termination checker, e.g {measure foo inlining fold}
[Sat Jan 20 13:54:03 2018] <mgttlinger> that would be nice
[Sat Jan 20 13:54:28 2018] <pgiarrusso> mgttlinger: do you get a hundred obligation from *one* definition? `Program` seems to like smaller ones better
[Sat Jan 20 13:55:01 2018] <dh`> that would make this kind of thing possible to handle without using Program, probably.
[Sat Jan 20 13:55:14 2018] <mgttlinger> Oh jeah from my fixpoint in question in my code I currently get 84 obligations and havethe cases aren't even implemented in the function yet
[Sat Jan 20 13:55:30 2018] <mgttlinger> *halve
[Sat Jan 20 13:55:31 2018] <dh`> that sounds like your function is too big.
[Sat Jan 20 13:56:00 2018] <mgttlinger> Well the alternative would be splitting it into a lot of mutual fixpoints.
[Sat Jan 20 13:56:23 2018] <mgttlinger> because most of the cases recurse over the whole thing
[Sat Jan 20 13:56:29 2018] <pgiarrusso> the main function can pass itself to the subfunctions
[Sat Jan 20 13:56:47 2018] <pgiarrusso> see https://github.com/Blaisorblade/minidot/blob/silr/ecoop17/dsubsup_total_rec_monotone.v#L210
[Sat Jan 20 13:57:04 2018] <mgttlinger> But wouldn'T the termination checker then again be required to unfold that?
[Sat Jan 20 13:57:24 2018] <pgiarrusso> well, I’m passing a proof the measure is smaller
[Sat Jan 20 13:58:31 2018] <pgiarrusso> that code checks pretty fast, and the result has a manageable size
[Sat Jan 20 13:59:08 2018] <dh`> my experience has been that for large functions, splitting the guts of each case into separate Definitions makes the whole thing check much, much faster.
[Sat Jan 20 13:59:14 2018] <pgiarrusso> before splitting it, one lemma took 2 minutes to prove and generated goals that occupied 2 MB (when pretty-printed)
[Sat Jan 20 13:59:16 2018] <pgiarrusso> dh`: same
[Sat Jan 20 13:59:55 2018] <pgiarrusso> dh`: and Coq code from Robert Krebbers (who formalized C11 in Coq) follows the same pattern
[Sat Jan 20 14:00:36 2018] <pgiarrusso> mgttlinger: Coq tries to be lazy when unfolding functions to reduce the size of goals and terms, so splitting the function helps there
[Sat Jan 20 14:00:55 2018] <mgttlinger> Ok, I'll try that then
[Sat Jan 20 14:01:13 2018] <mgttlinger> Thanks for your help
[Sat Jan 20 14:01:49 2018] <pgiarrusso> mgttlinger: to check the result, you might want to `Admit Obligations.` and print the generated term
[Sat Jan 20 14:02:22 2018] <pgiarrusso> another problem I had was that `Program` makes a mess of combined pattern matches and wildcards
[Sat Jan 20 14:03:22 2018] <pgiarrusso> (I think Program’s pattern match compiler is *worse*)
[Sat Jan 20 14:04:59 2018] <Cypi> What do you mean?
[Sat Jan 20 14:08:55 2018] <dh`> I wonder if you could write lemmas with a form something like this: Lemma map_f_in: forall f xs x', map (fun x {{ In x xs }} => x') xs.
[Sat Jan 20 14:09:05 2018] <dh`> without needing a stronger proof term language
[Sat Jan 20 14:09:24 2018] <dh`> where you can put the/a goal inside the higher-order term
[Sat Jan 20 14:09:40 2018] <dh`> I suppose probably not, should go off and think about it though
[Sat Jan 20 14:12:35 2018] <mgttlinger> dh`:  I did something similar to define me a usable induction priciple for nested inductive types (one constructor contains vector of the type) which gives you as induction hypothesis in that case that the property holds for every element in the vector already
[Sat Jan 20 14:24:29 2018] <mgttlinger> also you could define a map that allows the function to only work on elements of the list
[Sat Jan 20 14:24:54 2018] <mgttlinger> https://www.irccloud.com/pastebin/gkEs0y7F/
[Sat Jan 20 15:13:07 2018] <pgiarrusso> Cypi: IIRC in that 2MB-generated definition there were duplicated copies of the handling for fallback cases in pattern matching
[Sat Jan 20 16:43:48 2018] <Cypi> pgiarrusso: well, in Coq there will be duplicated copied anyway for now, no magic there. It's possible that Program made it so that these fallback cases could not be recovered when printing back, indeed.
[Sat Jan 20 16:44:07 2018] <Cypi> (all `match` are always completely expanded internally)
[Sat Jan 20 16:44:17 2018] <Cypi> (by "internally" I mean in the kernel)
[Sat Jan 20 16:47:40 2018] <pgiarrusso> Cypi: i spoke too early
[Sat Jan 20 16:48:02 2018] <pgiarrusso> but Megabytes of output comes from emacs, I didn't make it up
[Sat Jan 20 16:48:28 2018] <pgiarrusso> I had a match on *two* values
[Sat Jan 20 16:49:05 2018] <Cypi> It's generally true that you don't want to look at what Program produces if possible x)
[Sat Jan 20 16:49:30 2018] <pgiarrusso> yeah, but I was defining a predicate, not a function
[Sat Jan 20 16:49:34 2018] <pgiarrusso> so I had to
[Sat Jan 20 16:49:57 2018] <pgiarrusso> I'm happy the proof took just 2 minutes
[Sat Jan 20 16:50:12 2018] <pgiarrusso> comments in the code claimed a step took hours
[Sat Jan 20 16:50:24 2018] <pgiarrusso> and admitted a lemma
[Sat Jan 20 16:50:51 2018] <pgiarrusso> a lemma claiming that the result of the definition satisfied indeed its definiting equation
[Sat Jan 20 16:53:53 2018] <dh_work> the case where I found having additional definitions critical involved multiply nested matches where all but one or two of several cases were the same
[Sat Jan 20 16:54:05 2018] <dh_work> I get the feeling there's something in there that's exponential in the number of match cases.
[Sat Jan 20 17:02:03 2018] <pgiarrusso> dh_work: that feels very familiar
[Sat Jan 20 17:09:02 2018] <pgiarrusso> dh_work: so, if you add a wildcard case, even with a single match, Program thinks it’s a good idea to *copy all the other branches* in the handling of the wildcard case
[Sat Jan 20 17:14:55 2018] <pgiarrusso> dh_work Cypi: so the cost of a wildcard pattern in `Program` is proportional to the number of overall cases considered
[Sat Jan 20 17:16:37 2018] <pgiarrusso> the wildcard case gets compiled to a branch with hypotheses that the scrutinee is not an instance of each of the other patterns
[Sat Jan 20 17:17:14 2018] <pgiarrusso> which might or might not have to do with the strange obligation you get that I discharge with `discriminate` because it asks me to show that yes, distinct branches of the datatype are distinct
[Sat Jan 20 17:17:47 2018] <pgiarrusso> Cypi: so I didn’t speak so early, I had just forgot the details that made me have this impression
[Sat Jan 20 17:17:56 2018] <pgiarrusso> </rant>
[Sat Jan 20 17:50:57 2018] <dh_work> right, I know it expands each match to an independent copy of each case, eliminating wildcards
[Sat Jan 20 17:52:24 2018] <dh_work> and the size of *that* is exponential in the depth of the matching, but I was only three deep or so and with less than 10 cases per layer that's still not that many cases total, by computer standards.
[Sat Jan 20 17:57:46 2018] <pgiarrusso> dh_work: I think I had to use `unfold_sub` or friends to get to 2 MB
[Sat Jan 20 17:58:20 2018] <pgiarrusso> dh_work: did you have functions, or predicates to use in goals?
[Sat Jan 20 17:58:25 2018] <dh_work> in my case it wasn't "takes minutes", it was "takes long enough to be annoying"
[Sat Jan 20 17:58:42 2018] <dh_work> it was one of my regexp matcher functions
[Sat Jan 20 18:00:07 2018] <pgiarrusso> well, good that you found a way around it
[Sat Jan 20 18:01:08 2018] <dh_work> modulo it being a pointless exercise, yes :-)
[Sat Jan 20 18:01:57 2018] <dh_work> also, it wasn't the function itself that was slow but any use of it in a proof.
[Sat Jan 20 18:06:48 2018] <pgiarrusso> yeah same here
[Sat Jan 20 18:08:05 2018] <pgiarrusso> luckily, I followed existing scripts, and they prove by induction an “unfolding lemma” for the predicate (stating the predicate satisfied its defining equation)
[Sat Jan 20 18:13:52 2018] <dh_work> oh, as for the other thing I mentioned earlier about higher-order functions, it's rubbish
[Sat Jan 20 18:14:09 2018] <pgiarrusso> dh_work: uh?
[Sat Jan 20 18:14:32 2018] <pgiarrusso> in what ways?
[Sat Jan 20 18:14:33 2018] <dh_work> coming up with a way to write down proofs about the arguments passed to higher-order functions
[Sat Jan 20 18:14:57 2018] <dh_work> it's not necessarily an invalid idea, but it's equivalent to giving coq support for program points, and that's a big deal given that coq's specifically not designed that way.
[Sat Jan 20 18:15:30 2018] <pgiarrusso> “program points”?
[Sat Jan 20 18:15:50 2018] <pgiarrusso> are you talking about this? > 8:08 PM <dh`> I wonder if you could write lemmas with a form something like this: Lemma map_f_in: forall f xs x', map (fun x {{ In x xs }} => x') xs.
[Sat Jan 20 18:15:56 2018] <dh_work> yes
[Sat Jan 20 18:16:16 2018] <dh_work> that's equivalent to reasoning about the program point before f is called
[Sat Jan 20 18:16:23 2018] <pgiarrusso> the `x’` part made no sense, and `map` isn’t a proposition
[Sat Jan 20 18:16:42 2018] <pgiarrusso> ah
[Sat Jan 20 18:17:24 2018] <dh_work> the notation is rubbish too obviously
[Sat Jan 20 18:17:45 2018] <pgiarrusso> I don’t mind, I just didn’t get it and made up something
[Sat Jan 20 18:18:32 2018] <dh_work> the idea was to use {{ }} to introduce a context to put a proposition in
[Sat Jan 20 18:19:03 2018] <dh_work> because there x is in scope so you can write about it.
[Sat Jan 20 18:19:25 2018] <pgiarrusso> if you want me to get it, you should say that lemma in words
[Sat Jan 20 18:19:32 2018] <pgiarrusso> but you don’t have to of course :-)
[Sat Jan 20 18:19:49 2018] <pgiarrusso> I am fine about writing `map’ : forall (xs: List a), (f: forall (x: A), In x xs -> B) -> List B`, but apparently it’s not what you means
[Sat Jan 20 18:19:50 2018] <pgiarrusso> *meant
[Sat Jan 20 18:19:59 2018] <pgiarrusso> and I start to guess what you did mean:
[Sat Jan 20 18:20:13 2018] <pgiarrusso> whenever `f` is called, its argument `x` is such that `In x xs` exists
[Sat Jan 20 18:21:56 2018] <pgiarrusso> dh_work: if you embed Hoare logic in Coq (as many have done), you can probably type `map` that way
[Sat Jan 20 18:21:58 2018] <dh_work> the way I intended it to be read is something like: for all f xs x', if you have "map (fun x => x') xs" then you can conclude In x xs, within the context of f where this is a well-formed statement
[Sat Jan 20 18:22:54 2018] <pgiarrusso> OK, but with `x` you mean the actual argument of `f`, not the object variable that `f` binds
[Sat Jan 20 18:23:06 2018] <pgiarrusso> still, I sort of get what you mean
[Sat Jan 20 18:23:11 2018] <dh_work> yes, this is true for all f
[Sat Jan 20 18:23:18 2018] <dh_work> because it's a property of map.
[Sat Jan 20 18:24:08 2018] <dh_work> or is that not what you meant?
[Sat Jan 20 18:24:32 2018] <pgiarrusso> not really...
[Sat Jan 20 18:24:47 2018] <pgiarrusso> I think I got what you mean anyway
[Sat Jan 20 18:25:15 2018] <pgiarrusso> you mean that when `fun x => x’` gets called and `x` gets a value, then `In x xs` is true
[Sat Jan 20 18:25:17 2018] <dh_work> anyway, yes you can write this down if you have hoare logic for coq terms, but is that a thing? it's easy (well, relatively) to work up hoare logic for some abstract syntax you have, but natively?
[Sat Jan 20 18:25:32 2018] <dh_work> yes.
[Sat Jan 20 18:25:40 2018] <pgiarrusso> indeed, not for Coq terms
[Sat Jan 20 18:26:02 2018] <dh_work> (and there shouldn't have been a loose f in the foralls)
[Sat Jan 20 18:26:11 2018] <dh_work> that's what I thought
[Sat Jan 20 18:26:43 2018] <pgiarrusso> or, at least not that I know of
[Sat Jan 20 18:26:47 2018] <pgiarrusso> the best I’ve seen is http://iris-project.org/pdfs/2017-popl-proofmode-final.pdf
[Sat Jan 20 18:26:50 2018] <dh_work> if that existed, it would more or less obsolete Program I think
[Sat Jan 20 18:27:09 2018] <pgiarrusso> where you get *tactics* for an Hoare logic embedded like that
[Sat Jan 20 18:27:29 2018] <pgiarrusso> well, Program does something a bit different
[Sat Jan 20 18:27:35 2018] <pgiarrusso> *but*
[Sat Jan 20 18:27:57 2018] <pgiarrusso> Program isn’t built-in, is it? There’s probably a plugin, but it’s not in the trusted core
[Sat Jan 20 18:28:06 2018] <pgiarrusso> so if you wanted you could write HoareProgram
[Sat Jan 20 18:28:29 2018] <pgiarrusso> the biggest annoyance would be picking the right encoding of state (because you want one, no?)
[Sat Jan 20 18:29:03 2018] <pgiarrusso> so you still would not quite have native functions, but functions in some State monad (or similar)
[Sat Jan 20 18:29:09 2018] <pgiarrusso> but otherwise I guess you could?
[Sat Jan 20 18:29:17 2018] <dh_work> well, state is a different issue
[Sat Jan 20 18:29:36 2018] <dh_work> or rather, a much bigger extension
[Sat Jan 20 18:29:49 2018] <pgiarrusso> does hoare logic without mutation make sense?
[Sat Jan 20 18:29:57 2018] <dh_work> sure.
[Sat Jan 20 18:30:08 2018] <dh_work> what we've just been talking about is an application, right?
[Sat Jan 20 18:30:14 2018] <dh_work> no mutation in map...
[Sat Jan 20 18:30:16 2018] <pgiarrusso> OK, no clue. Then scratch state from what I said
[Sat Jan 20 18:30:22 2018] <pgiarrusso> very fair point
[Sat Jan 20 18:31:49 2018] <dh_work> although actually
[Sat Jan 20 18:31:58 2018] <dh_work> writing anything down about the uses of f is still a problem
[Sat Jan 20 18:32:18 2018] <pgiarrusso> OTOH, I mean, you can also just write map xs (f : {x | In x xs}) *today* with Program
[Sat Jan 20 18:32:31 2018] <pgiarrusso> it’s just a curried variant of the `f` I had in mind
[Sat Jan 20 18:32:36 2018] <dh_work> you can write {P} map f xs {Q} but that doesn't get you anywhere,
[Sat Jan 20 18:32:37 2018] <pgiarrusso> *of the `map`
[Sat Jan 20 18:32:45 2018] <dh_work> and if you write {P} f {Q} that's general statements of f
[Sat Jan 20 18:33:02 2018] <dh_work> you'd need some syntax for hoare triples with negative occurrences of propositions
[Sat Jan 20 18:33:33 2018] <dh_work> and that seems like it could get either weird or unsound (or both) very rapidly.
[Sat Jan 20 18:33:37 2018] <pgiarrusso> well, `map` gets a function `f` whose precondition includes “my argument is in `xs`)
[Sat Jan 20 18:34:08 2018] <dh_work> how do you write down the statement that map can accept such functions?
[Sat Jan 20 18:34:45 2018] <pgiarrusso> let me check a second if Iris can do it
[Sat Jan 20 18:34:47 2018] <dh_work> in the statement of map, we have the same problem as in coq where x isn't in scope and can't be addressed
[Sat Jan 20 18:34:48 2018] <pgiarrusso> or, a minute
[Sat Jan 20 18:35:33 2018] <pgiarrusso> dh_work: but we have talked about solutions when writing `map`
[Sat Jan 20 18:35:44 2018] <pgiarrusso> in Coq we’d need a new `map`
[Sat Jan 20 18:36:08 2018] <pgiarrusso> if we have Curry-style typing we don’t
[Sat Jan 20 18:36:11 2018] <dh_work> all the solutions that work involving passing an explicitly proof
[Sat Jan 20 18:36:17 2018] <dh_work> s/ly//
[Sat Jan 20 18:36:29 2018] <pgiarrusso> what about `{x | In x xs}` ?
[Sat Jan 20 18:36:42 2018] <dh_work> because that proof can be manufactured easily enough inside map when making the call.
[Sat Jan 20 18:36:50 2018] <dh_work> hmm.
[Sat Jan 20 18:37:05 2018] <pgiarrusso> but if you don’t want even that, let me check the Hoare logic approach
[Sat Jan 20 18:37:12 2018] <dh_work> that probably works actually
[Sat Jan 20 18:38:15 2018] <dh_work> so, map {t1 t2} (f: {x: In x xs) -> t2) (xs: list t1) : list t2
[Sat Jan 20 18:44:23 2018] <pgiarrusso> what’s convenient with `{x: In x xs}` is that the proofs can be filled in via separate `Program` obligations
[Sat Jan 20 18:44:58 2018] <dh_work> it does work, but requires Program
[Sat Jan 20 18:45:10 2018] <pgiarrusso> sure
[Sat Jan 20 18:45:15 2018] <dh_work> and you can't refer to xs before binding it, so you can't write the arguments in the traditional order
[Sat Jan 20 18:45:39 2018] <dh_work> Program Fixpoint map' {t1 t2} (xs: list t1) (f: {x | In x xs} -> t2) : list t2 :=
[Sat Jan 20 18:45:39 2018] <dh_work>    match xs with
[Sat Jan 20 18:45:39 2018] <dh_work>    | [] => []
[Sat Jan 20 18:45:39 2018] <dh_work>    | x :: more => (f x) :: map' more f
[Sat Jan 20 18:45:39 2018] <dh_work>    end.
[Sat Jan 20 18:45:42 2018] <pgiarrusso> should you really care, maybe a notation could help?
[Sat Jan 20 18:45:50 2018] <pgiarrusso> though I wouldn’t define such a notation
[Sat Jan 20 18:46:28 2018] <dh_work> It generates two obligations, but they're both trivial; they correspond to the two cases of In.
[Sat Jan 20 18:46:40 2018] <pgiarrusso> :-)
[Sat Jan 20 18:46:48 2018] <pgiarrusso> meanwhile, I’ve just seen that Iris allows writing a specification of some higher-order function (like `map`) where the input `f` is restricted to satisfy some Hoare triple
[Sat Jan 20 18:47:06 2018] <dh_work> now the question is whether this works for proving something like the original example that started this discussion
[Sat Jan 20 18:47:11 2018] <dh_work> but I'd expect that it should.
[Sat Jan 20 18:47:32 2018] <dh_work> that's the other way around
[Sat Jan 20 18:47:50 2018] <pgiarrusso> dh_work: page 32 of http://iris-project.org/tutorial-pdfs/iris-lecture-notes.pdf has such a specification, for `foldr`
[Sat Jan 20 18:48:04 2018] <dh_work> although maybe it's sufficient
[Sat Jan 20 18:48:27 2018] <pgiarrusso> dh_work: well, if you only prove `foldr` correct for such a function, then you’re forced to use it accordingly
[Sat Jan 20 18:48:44 2018] <pgiarrusso> so I’d suspect it’s sufficient
[Sat Jan 20 18:49:26 2018] <pgiarrusso> in those notes, the base language is not typed per se, all the typing is done through the Hoare logic
[Sat Jan 20 18:50:07 2018] <pgiarrusso> on your doubts on soundness: that is a pretty fancy higher-order impredicative separation logic, and proving it sound requires some advanced techniques
[Sat Jan 20 18:50:46 2018] <pgiarrusso> > 12:33 AM <dh_work> you'd need some syntax for hoare triples with negative occurrences of propositions
[Sat Jan 20 18:51:07 2018] <pgiarrusso> I think that resembles concerns that are correct and that they had to fix
[Sat Jan 20 18:52:04 2018] <dh_work> I need to read up more on iris before I can fully follow the example
[Sat Jan 20 18:52:33 2018] <pgiarrusso> honestly, I think me too
[Sat Jan 20 18:52:47 2018] <pgiarrusso> and I’ve had serious reasons to study it
[Sat Jan 20 18:53:21 2018] <pgiarrusso> regarding negative occurrences: somewhere deep down, they had to find a semantics for types similar to `Inductive T := Constructor (T -> T).`
[Sat Jan 20 18:53:32 2018] <pgiarrusso> and a semantics that preserves consistency
[Sat Jan 20 18:53:53 2018] <pgiarrusso> part of the trick is called guarded recursion, in case you heard it
[Sat Jan 20 18:54:04 2018] <pgiarrusso> the other part of the trick are step-indexed logical relations
[Sat Jan 20 18:54:24 2018] <pgiarrusso> but none of this is trivial
[Sat Jan 20 18:55:10 2018] <pgiarrusso> *anyway*, I’m learning on Iris and so I tend to mention it everywhere it can be relevant
[Sat Jan 20 18:55:22 2018] <dh_work> I should be, it's on my list
[Sat Jan 20 18:55:26 2018] <dh_work> (but so are about a million things)
[Sat Jan 20 18:55:36 2018] <pgiarrusso> homepage: http://iris-project.org/
[Sat Jan 20 18:55:46 2018] <pgiarrusso> or see also the POPL’18 keynote on Youtube
[Sat Jan 20 18:56:04 2018] <pgiarrusso> though that one looks a bit more at a different aspect of Iris
[Sat Jan 20 18:57:35 2018] <dh_work> well, remember, I'm ultimately a systems guy. coq is all very well but I'd rather have a framework that supports state and concurrency
[Sat Jan 20 18:58:10 2018] <benzrf> state and concurrency are for piece of shit losers tbh
[Sat Jan 20 18:58:14 2018] <benzrf> 😎
[Sat Jan 20 18:58:32 2018] <dh_work> because many of the problems I have that need dealing with involve both state and concurrency, like file systems
[Sat Jan 20 18:59:26 2018] <benzrf> the real world is for losers
[Sat Jan 20 18:59:37 2018] <benzrf> just pretend there's no such thing as computers
[Sat Jan 20 19:01:29 2018] <pgiarrusso> dh_work: Iris *is* for state and concurrency
[Sat Jan 20 19:01:55 2018] <pgiarrusso> in those lecture notes, the language they consider has both
[Sat Jan 20 19:02:04 2018] <pgiarrusso> fork and cas are primitives
[Sat Jan 20 19:02:13 2018] <pgiarrusso> it *is* an academic language
[Sat Jan 20 19:02:21 2018] <pgiarrusso> but they’re also working on Rust
[Sat Jan 20 19:02:58 2018] <pgiarrusso> and as far as academic things go, they have a bunch of somewhat realistic case studies
[Sat Jan 20 19:03:19 2018] <pgiarrusso> of course, other works using concurrent separation logic are more advanced and in use at Facebook
[Sat Jan 20 19:03:32 2018] <dh_work> right
[Sat Jan 20 19:03:43 2018] <dh_work> that's why iris was already on my list of stuff to look into
[Sat Jan 20 19:04:55 2018] <pgiarrusso> of course, if you don’t ask your separation logic checker to produce Coq proofs, the authors can focus on other aspects
[Sat Jan 20 19:05:38 2018] <pgiarrusso> but IIUC Iris can verify properties that other systems can’t
[Sat Jan 20 19:06:39 2018] <pgiarrusso> I’m not sure verifiers for C can show that some module works because some type is abstract so only that module can manipulate a certain structure
[Sat Jan 20 19:06:52 2018] <pgiarrusso> (but I don’t know)
[Sat Jan 20 19:07:16 2018] <pgiarrusso> anyway, I’m using Iris for different stuff, it just seems relevant
[Sat Jan 20 19:07:26 2018] <pgiarrusso> time to stop blathering though
[Sat Jan 20 19:08:35 2018] <dh_work> a verifier for C ought to be written to use that assumption with the implicit or not so implicit condition that you also prove/check memory safety.
[Sat Jan 20 19:08:45 2018] <dh_work> (otherwise you can't conclude anything useful about C code)
[Sat Jan 20 19:10:01 2018] <dh_work> anyway what I really want is something with the interactivity of coq that similarly lets you write separable theorems about code elements, with as little hoare logic as possible.
[Sat Jan 20 19:10:21 2018] <pgiarrusso> IIUC separation logic can do safety, even automatically
[Sat Jan 20 19:11:05 2018] <dh_work> safety for C involves proof obligations about array bounds, and also about uses of void pointers and so on
[Sat Jan 20 19:11:05 2018] <pgiarrusso> (“as an exercise, let’s automatically verify the libc of some BSD is safe”)
[Sat Jan 20 19:11:25 2018] <dh_work> that would be nice to do!
[Sat Jan 20 19:11:48 2018] <dh_work> as of the last I looked there's nothing like a toolset that can even think about it yet, though.
[Sat Jan 20 19:11:57 2018] <dh_work> vst wants to be there, but they've still got a ways to go afaik
[Sat Jan 20 19:12:19 2018] <dh_work> and if you want to prove that a malloc implementation is safe, that involves a lot of extra glop.
[Sat Jan 20 19:13:04 2018] <pgiarrusso> the ones in Coq aren’t so automated; external ones do better
[Sat Jan 20 19:13:17 2018] <pgiarrusso> what I said is close to something people actually do
[Sat Jan 20 19:14:52 2018] <pgiarrusso> this is close, not quite what I read though: http://www.eecs.qmul.ac.uk/~ddino/papers/nasa-infer.pdf
[Sat Jan 20 19:18:00 2018] <dh_work> huh, hadn't seen that one, guess because it's proprietary
[Sat Jan 20 19:20:22 2018] <pgiarrusso> not sure it’s distinct from http://fbinfer.com/docs/hello-world.html#hello-world-c
[Sat Jan 20 19:20:50 2018] <pgiarrusso> anyway, Facebook Infer also uses bi-abduction, which is the core trick in that paper
[Sat Jan 20 19:21:26 2018] <pgiarrusso> if you want something with both automation and some user-control of specs in Coq, maybe Chlipala’s Bedrock is interesting?
[Sat Jan 20 19:21:59 2018] <pgiarrusso> Iris right now IIUC is focusing on support for manual proof for sophisticated invariants
[Sat Jan 20 19:23:35 2018] <dh_work> well, ultimately I have multiple long-term goals
[Sat Jan 20 19:24:08 2018] <dh_work> one is to verify (and fix as needed) existing C code
[Sat Jan 20 19:24:57 2018] <dh_work> one is to be able to write new things that are fully verified and involve state and concurrency
[Sat Jan 20 19:26:39 2018] <dh_work> and one is to deal with annoyances in existing toolsets, because that's how you get better ones.
[Sat Jan 20 19:27:49 2018] <dh_work> or something like that.
[Sat Jan 20 19:28:31 2018] <dh_work> at the moment, "work" is grad studenting which leaves little time for other projects, and the currently funded project isn't about verification at all.
[Sat Jan 20 19:28:39 2018] <dh_work> so none of this is actually progressing much.
[Sat Jan 20 19:32:32 2018] <dh_work> and the reason I'm in the office on saturday night is to work on that project, not to talk about verification :-/
[Sat Jan 20 21:15:58 2018] <dh_work> oh, something somewhat related, though definitely offtopic here: do you know if anyone has an existing program database or AST storage thingy that can be made to hold abstract syntax for something the size of a whole kernel? (so, millions of lines)
[Sat Jan 20 23:17:08 2018] <pgiarrusso> dh_work: seems like they’d have to compare with “CodeQuest: Scalable Source Code Queries with Datalog”, and looking through the citing articles also finds e.g. http://people.inf.elte.hu/kiss/14kor/oopsla13.pdf
[Sat Jan 20 23:23:34 2018] <dh_work> thanks!
[Sat Jan 20 23:23:46 2018] <dh_work> the last time I went looking for program database stuff I couldn't find much useful
[Sat Jan 20 23:24:14 2018] <dh_work> I doubt anything with datalog is actually useful for storage, however scalable the query processing might be ;-)
[Sat Jan 20 23:24:39 2018] <dh_work> but still, a couple seeds for searching vastly outperforms 0
[Sat Jan 20 23:28:53 2018] <pgiarrusso> Michael Eichberg from Darmstadt Univ. confirmed Datalog and Prolog are pretty slow and they went to engineer their own things (and he’s also a systems guy), but I can’t find relevant work from him (though he might have better pointers)
[Sun Jan 21 00:13:30 2018] <dh`> there's a guy in our department who's done a chunk of work on making datalog faster
[Sun Jan 21 03:28:18 2018] <dh`> I've never had the impression datalog was much of a data *storage* engine though
[Sun Jan 21 07:02:49 2018] <pgiarrusso> dh`: I don’t really get datalog, but where do you put the facts?
[Sun Jan 21 07:03:42 2018] <pgiarrusso> if the facts are in memory you’re right, and I’m not quite sure
[Sun Jan 21 07:04:41 2018] <pgiarrusso> but the CodeQuest alternative using graphs seems to use Neo4j which I hear called “a graph database”, so I suppose that does do storage 😃
[Sun Jan 21 11:30:40 2018] <dh`> yeah, me either.
[Sun Jan 21 11:31:04 2018] <dh`> neo4j is in fact a graph database, but it's terribly slow (and it's in java, which makes it a pain to either run or integrate with)
[Sun Jan 21 11:42:45 2018] <dh`> since high-level program representations are basically trees with occasional crosslinks rather than hard-core graphs, a graph database as such isn't entirely necessary... not that there are very many good tree databases.
[Sun Jan 21 11:43:06 2018] <dh`> one could probably misuse XML stores for it though.
[Sun Jan 21 11:52:04 2018] <dh`> the goal is basically to have something persistent that one can write multiple independent analysis passes against. and load code into incrementally...
[Sun Jan 21 11:56:29 2018] <dh`> and the immediate purpose is to detect and mitigate spectre gadgets in the kernel.
[Sun Jan 21 12:54:39 2018] <pgiarrusso> but do you need whole program analysis for Spectre? if not, I'd avoid the storage. Also, have you looked at existing analysis tools for the Linux kernel? coccinelle, sparse, etc....
[Sun Jan 21 12:59:21 2018] <pgiarrusso> none of those store ASTs I think, maybe because parsing is slow enough to warrant it... storing annotated ASTs would be different of course
[Sun Jan 21 13:00:17 2018] <pgiarrusso> regarding tree/hierarchical databases: isn't that another name for OO dbs or key-value stores?
[Sun Jan 21 13:03:15 2018] <dh_work> the problem is that it's nonlocal; you can make it modular, but you really need to crawl over the whole program, at which point storing the lot so you can update incrementally is worthwhile
[Sun Jan 21 13:03:24 2018] <dh_work> (plus the long-term goal is to add other checks)
[Sun Jan 21 13:03:43 2018] <dh_work> and re tree databases, sort of.
[Sun Jan 21 13:06:35 2018] <dh_work> you can build a tree database with a key/value store (same as you can build a relational database)
[Sun Jan 21 13:10:04 2018] <bollu> When I destruct an inductive term, say T x1 x2 x3, and if this T is used in a match
[Sun Jan 21 13:10:18 2018] <bollu> why do I not get some equivalence between the old T x1 x2 x3 and the subterms of it
[Sun Jan 21 13:14:10 2018] <pgiarrusso> bollu: you can, with ` eqn:H` on destruct
[Sun Jan 21 13:14:28 2018] <pgiarrusso> look up the manual for the exact syntax though
[Sun Jan 21 13:34:31 2018] <bollu> pgiarrusso:  neat! I wish the manual had exmples, I can't read the manual properly
[Sun Jan 21 13:34:36 2018] <bollu> because I'm still a noob :(
[Sun Jan 21 13:50:10 2018] <pgiarrusso> bollu: I don't like the manual, but I'm on the phone... I hope somebody else here can help you further, or maybe try out the syntax for a bit
[Sun Jan 21 13:50:57 2018] <pgiarrusso> I just forget if `destruct foo eqn:bar` is enough or some other word is needed in the middle
[Sun Jan 21 14:07:12 2018] <mgttlinger> No I think thats all you have to do
[Mon Jan 22 10:53:52 2018] <jstolarek> I've run into Ltac silliness:
[Mon Jan 22 10:54:18 2018] <jstolarek> Ltac foo := refine (let bar := _ in _); clearbody bar.
[Mon Jan 22 10:54:39 2018] <jstolarek> results in "The variable bar was not found in the current environment"
[Mon Jan 22 10:55:12 2018] <jstolarek> that's becuase Ltac scope checker does not realize that after call to refine (....) "bar" will be in scope
[Mon Jan 22 12:54:59 2018] <johnw> pgiarrusso: hi
[Mon Jan 22 13:04:18 2018] <pgiarrusso> johnw: hi! another op already took care of my question :-)
[Mon Jan 22 13:04:30 2018] <johnw> ok, great
[Mon Jan 22 13:05:55 2018] <pgiarrusso> jstolarek: Ltac tries to guess whether `bar` is Ltac or Coq, but IIRC you can *override* the detection with `constr:bar` or `(bar)` something like that (the manual suggests `(bar)`)
[Mon Jan 22 13:07:15 2018] <pgiarrusso> jstolarek: hm, both `constr: bar` and `ltac: bar` exist and are IIRC relevant
[Mon Jan 22 13:08:40 2018] <pgiarrusso> so http://adam.chlipala.net/cpdt/html/Cpdt.Match.html recommends `constr:` in similar cases
[Mon Jan 22 13:09:29 2018] <johnw> yeah, it has to be constr:(bar) since 8.6
[Mon Jan 22 13:12:48 2018] <pgiarrusso> jstolarek: ^^. also, comparing with CPDT, it seems the scope checker might be looking for `bar` in the Ltac environment. IIUC (from the design docs of Ltac 2) the heuristics in Ltac (that is, Ltac 1) are pretty fragile
[Mon Jan 22 13:55:55 2018] <dh`> probably you ought to make a fresh name anyway, and then it becomes an ltac var
[Mon Jan 22 15:13:14 2018] <pgiarrusso> good point ^^
[Tue Jan 23 11:24:57 2018] <SharpGAF> Does anyone here know whether the initial results about CiC (that all of its computational content lives in Fomega) translate to more modern dependent type systems as used in Coq and Agda (with things like inductive families)?
[Tue Jan 23 12:43:11 2018] <pgiarrusso> SharpGAF: sorry, but do you have a citation for the original result? I only know about CoC, which has no inductive families
[Tue Jan 23 12:43:22 2018] <SharpGAF> pgiarrusso: http://repository.cmu.edu/cgi/viewcontent.cgi?article=2907&context=compsci
[Tue Jan 23 12:43:37 2018] <SharpGAF> I think the full result is in Christine Paulin-Mohring's original paper
[Tue Jan 23 12:43:50 2018] <SharpGAF> There are some restrictions on it that I don't fully understand
[Tue Jan 23 12:43:57 2018] <SharpGAF> (I'm not sure if they correspond to positivity restrictions)
[Tue Jan 23 12:47:00 2018] <pgiarrusso> Thanks
[Tue Jan 23 12:47:41 2018] <pgiarrusso> I’m not sure how different inductive families are; I know
[Tue Jan 23 12:47:46 2018] <pgiarrusso> Sorry
[Tue Jan 23 12:49:47 2018] <pgiarrusso> SharpGAF: hm, are you asking if we can extract CiC? Not quite though, because they want to extract and preserve termination
[Tue Jan 23 12:50:11 2018] <pgiarrusso> So you’re looking for *typed* realizability of Coq...
[Tue Jan 23 12:50:33 2018] <SharpGAF> The current extraction of CiC to ML loses types sometimes, sure…
[Tue Jan 23 12:51:41 2018] <SharpGAF> I guess I'm wondering how minimal the trusted kernel can be, in some sense
[Tue Jan 23 12:51:59 2018] <pgiarrusso> I’d look at Haskell maybe, ML is much smaller than Fomega (modulo encodings)
[Tue Jan 23 12:52:05 2018] <SharpGAF> Right, exactly
[Tue Jan 23 12:52:11 2018] <pgiarrusso> Hm... extraction to Haskell might he
[Tue Jan 23 12:52:11 2018] <pgiarrusso> *help
[Tue Jan 23 12:52:26 2018] <SharpGAF> I think Haskell is also smaller, but more to the point I'm not sure how much work has been done on the extraction to Haskell vs. OCaml.
[Tue Jan 23 12:52:42 2018] <pgiarrusso> Core ML is much smaller than fomega (modulo encodings in the module system)
[Tue Jan 23 12:52:59 2018] <SharpGAF> I'm not really looking to extract to either, to be clear (both are much too large to be considered trustworthy compared to Coq, even though Coq's kernel isn't the smallest ever).
[Tue Jan 23 12:53:14 2018] <SharpGAF> I am more curious what parts are hard to translate
[Tue Jan 23 12:53:27 2018] <SharpGAF> And whether the earlier result (translation to Fw) even applies today
[Tue Jan 23 12:56:33 2018] <pgiarrusso> Yeah, just trying to figure out what’s possible... thinking aloud here
[Tue Jan 23 13:01:54 2018] <SharpGAF> I'm still a bit confused about what was actually proved in the initial paper… it seems like they can compute with their representations
[Tue Jan 23 13:02:23 2018] <SharpGAF> So does that mean that termination of CiC terms (in 1989 anyway) is automatic by translation to Fw?
[Tue Jan 23 13:03:25 2018] <SharpGAF> It's certainly not the case that termination of normalization in Coq today is obviously true…
[Tue Jan 23 13:25:55 2018] <pgiarrusso> that normalization proof makes indeed sense, though I haven't checked what 1989 did
[Tue Jan 23 13:26:40 2018] <SharpGAF> It makes sense from CoC.  From CiC, though, I know it's considered much harder.
[Tue Jan 23 13:27:31 2018] <SharpGAF> I think the most recent proofs about consistency of CiC (e.g. by translation into ZFC + transfinite cardinals) do not imply strong normalization.
[Tue Jan 23 17:04:02 2018] <dh_work> if you want to extract to something more obviously sound than ocaml you'll probably have to write most of it yourself :-/
[Tue Jan 23 17:08:24 2018] <dh_work> * throws shade on haskell by implying it's less sound than ocaml :-)
[Tue Jan 23 17:08:53 2018] <dh_work> extracting to C-- might be interesting
[Tue Jan 23 17:10:03 2018] <SharpGAF> Well, the advantage of extracting to something like Fomega (which I'm skeptical about at the moment) is that you can probably mechanize the proof that a Coq implementation is total
[Tue Jan 23 17:10:43 2018] <SharpGAF> So then instead of trusting the extractor for arbitrary programs you'd just have to trust it for that one program, and then your kernel could do all its reduction in the extracted version of Fw (or whatever)
[Wed Jan 24 00:01:25 2018] <pgiarrusso> SharpGAF: consistency of CIC should require strong normalization: non terminating proofs are inconsistent
[Wed Jan 24 00:06:48 2018] <SharpGAF> pgiarrusso: AFAIK the models that come closest to current Coq (like https://arxiv.org/pdf/1710.03912.pdf) do not imply SN… also, Coq itself is not SN on all terms (at least, not if you consider cbv a legal reduction strategy)
[Wed Jan 24 00:06:54 2018] <SharpGAF> Though that last part is sort of a bug I think.
[Wed Jan 24 00:07:09 2018] <benzrf> o.o
[Wed Jan 24 00:07:51 2018] <SharpGAF> benzrf: Dumb stuff around guard conditions, I think it's mentioned in a few papers
[Wed Jan 24 00:08:28 2018] <SharpGAF> benzrf: https://coq.inria.fr/files/adt-2fev10-barras.pdf
[Wed Jan 24 08:08:18 2018] <beaky> in coq why cant i use certain axioms as a hint, e.g. Axiom M : ∀p w, □p w → p w. Hint Resolve M says "Error: M cannot be used as a hint."
[Wed Jan 24 09:40:18 2018] <darktenaibre> pgiarrusso: no
[Wed Jan 24 09:42:52 2018] <darktenaibre> WN is enough
[Wed Jan 24 10:47:39 2018] <pgiarrusso> darktenaibre SharpGAF: more accurately, SN clearly implies consistency... while WN also works because it’s enough to have *one* way to normalize the proof?
[Wed Jan 24 10:48:12 2018] <pgiarrusso> that sounds fine, I had just never looked at a system where the difference matters
[Wed Jan 24 10:49:17 2018] <Cypi> WN is enough if you also have Subject Reduction
[Wed Jan 24 10:49:32 2018] <Cypi> (which Coq does not have either in some specific cases)
[Wed Jan 24 10:50:05 2018] <pgiarrusso> beaky: you might need a `Hint Extern`. I suspect that’s because (IIUC) `Resolve` wants `p` to be a constant, so the hint is only used for goals with that constant in head position
[Wed Jan 24 10:50:14 2018] <beaky> ah
[Wed Jan 24 10:50:43 2018] <pgiarrusso> also, do you want the hint to be used only when Box p is already around? Or unconditionally?
[Wed Jan 24 10:51:03 2018] <pgiarrusso> in the latter case the hint applies to every goal, which *might* slow down proof search
[Wed Jan 24 10:51:11 2018] <pgiarrusso> (or not if there’s no way to prove Box p)
[Wed Jan 24 10:51:40 2018] <pgiarrusso> beaky: but I’m not sure, I have vague recollections from discussions of hints in CPDT and/or SF (1st/2nd volume)
[Wed Jan 24 10:52:11 2018] <pgiarrusso> Cypi: but do you need Subject Reduction or just soundness? You only need the final value to have the right type, no?
[Wed Jan 24 10:52:15 2018] <beaky> yes i think ill go digging through those
[Wed Jan 24 10:52:37 2018] <pgiarrusso> beaky: specifically, they have chapters on proof search/automation you want to look at
[Wed Jan 24 10:52:57 2018] <pgiarrusso> see on Hint Resolve/Hint Extern
[Wed Jan 24 10:55:27 2018] <pgiarrusso> Cypi: I’ve heard subject reduction is lost with coinductive types, and IIRC the reason is semi-boring (and maybe doesn’t affect soundness)
[Wed Jan 24 16:45:55 2018] <minn> how should you handle dependencies on external libraries: ship with the specific version of the library (assuming licenses are in order)? ad-hoc enforcement in a makefile or readme?
[Wed Jan 24 16:58:54 2018] <lyxia> Use opam
[Wed Jan 24 17:38:16 2018] <dh_work> minn: declare what you need in the build docs and let the person building it (or the packaging system) handle it
[Wed Jan 24 17:38:34 2018] <dh_work> never ship copies of things with your code unless there's some really good reason
[Wed Jan 24 17:38:52 2018] <dh_work> it causes you and everyone else trouble when that package gets updated.
[Wed Jan 24 17:38:57 2018] <dh_work> especially if it gets updated for security bugs
[Wed Jan 24 17:41:12 2018] <minn> that makes sense and is probably the best option in the absence of a package manager if opam is unavailable
[Wed Jan 24 17:43:27 2018] <dh_work> also remember that if your thing gets used much it'll potentially get added to debian and other downstream packaging systems
[Wed Jan 24 17:43:45 2018] <dh_work> don't do anything to make that hard :-)
[Thu Jan 25 04:34:35 2018] <ulysses> Hello, channel! Is there a way to search for a lemma without requiring corresponding library? The Search command needs Require.
[Thu Jan 25 05:18:52 2018] <dh`> don't think so (besides the manual)
[Thu Jan 25 05:45:01 2018] <ulysses> What would be the way to find right library? I googled for something called max_le_iff, online doc tells me it is in Coq.Structures.GenericMinMax library, MinMaxLogicalProperties module. But after requiring the library I still cannot use this MinMaxLogicalProperties.max_le_iff. On the other hand, I see how people use it like this: PeanoNat.Nat.max_le_iff. So how am I supposed to find this way of using max_le_iff?
[Thu Jan 25 07:35:12 2018] <lyxia> ulysses: I used Locate
[Thu Jan 25 07:50:34 2018] <lyxia> ulysses: MinMaxLogicalProperties is a functor, what we need to use is an instantiation of it. Since we are using it at type nat, look under the Init or Arith library. Loading Arith is sufficient to use Locate here.
[Thu Jan 25 07:51:42 2018] <lyxia> ulysses: PeanoNat.Nat includes an instanciation of UsualMinMaxLogicalProperties which includes MinMaxLogicalProperties
[Thu Jan 25 09:09:28 2018] <ulysses> lyxia: thanks a lot! now it is clear
[Thu Jan 25 11:33:50 2018] <dh`> Locate still doesn't find things that haven't been loaded into the session though, right?
[Thu Jan 25 11:42:52 2018] <lyxia> Right
[Thu Jan 25 11:43:19 2018] <lyxia> https://coq.inria.fr/distrib/current/stdlib/Coq.Structures.GenericMinMax.html is GenericMinMax really a "library" though?
[Thu Jan 25 12:09:43 2018] <dh`> that's debatable, depends what you mean by a library :-/
[Fri Jan 26 02:24:22 2018] <ilzolende> My friend, who is likely dealing with some impostor syndrome, doesn't have much experience with the language but has some projects they've worked on. Do you guys know if there are any good heuristics they can use to figure out whether their code is GitHub-ready or if anyone could discuss their code with them in the future?
[Fri Jan 26 04:17:00 2018] <pgiarrusso> ilzolende: describe the project appropriately and nobody should object to putting it on github. Advertising it is another matter.
[Fri Jan 26 04:18:11 2018] <pgiarrusso> Also, what’s good style in Coq proofs is under debate in these years
[Fri Jan 26 04:18:26 2018] <mgttlinger> Is there an easy way to see what is taking coq so long when evaluating a `Compute` statement?
[Fri Jan 26 04:58:59 2018] <mgttlinger> My suspicion is that it is somehow related to my use of `EqDec` because when evaluating the expression by hand (aka in an interactive proof environement by repeatedly applying `unfold` and `simpl`) there are a few places where I don't get any further because `simpl` can't figure out that `p ==b p` is true although `EqDec` rquires the used relation to be an equivalence relation.
[Fri Jan 26 10:12:05 2018] <jstolarek> I've just run into some nonsense in Coq
[Fri Jan 26 10:12:09 2018] <jstolarek> I have:
[Fri Jan 26 10:13:01 2018] <jstolarek> refine ((fun P => let foo := _ (* refine this with tactics *) in ....) X).
[Fri Jan 26 10:13:17 2018] <jstolarek> where P is a binder for a proof term
[Fri Jan 26 10:13:42 2018] <jstolarek> for some reason that P is not visible when proving _
[Fri Jan 26 10:13:57 2018] <jstolarek> but if I inline call to foo and get rid of let binding then P is visible
[Fri Jan 26 18:51:05 2018] <pgiarrusso> jstolarek: wouldn’t be the first time some tactic doesn’t like let... I run into similar problems with Program. Not that I get it
[Fri Jan 26 23:18:10 2018] <dh`> ilzolende: the only real reason *not* to post something on github is if it's ambitious and grandiose and at the same time half-baked and clueless
[Fri Jan 26 23:18:36 2018] <dh`> like the guys who post their new custom kernel that doesn't actually have anything much besides a splashscreen
[Fri Jan 26 23:19:22 2018] <dh`> it is certainly possible to do similar kinds of things in coq, but it's not real likely, because coq is fairly hard
[Fri Jan 26 23:24:27 2018] <dh`> I don't habitually post things in public until they've reached a certain doneness level, because it's like promoting vaporware
[Sat Jan 27 00:50:41 2018] <pgiarrusso> ilzolende: by “describe appropriately” I meant in particular “doesn’t have much experience with the language”. In particular, publishing *claims* exposes you to a small risk that the claim does not reflect what you actually proved
[Sat Jan 27 00:50:55 2018] <pgiarrusso> At least if stating the correct definitions is hard
[Sat Jan 27 00:51:07 2018] <pgiarrusso> Or the correct theorem statements
[Sat Jan 27 01:08:31 2018] <dh`> my experience though is that usually when people think their stuff isn't good enough (as opposed to not done enough) it's because they underestimate their skill level
[Sat Jan 27 01:17:08 2018] <ilzolende> friend is a perfectionist and has trouble assessing both quality and doneness, is there a good place for them to find someone who'd be willing to look over their code? i looked around and i could find some *tutorials* but the reddit contains basically no active discussion and so i wasn't sure where to look besides here
[Sat Jan 27 01:21:24 2018] <dh`> here's probably a good place to look, but dunno how many people are going to have time available for substantive reviews
[Sat Jan 27 01:22:49 2018] <dh`> as in, it's one thing to look at a lemma that won't go, another to go through a whole development, especially if it's something itself nontrivial.
[Sat Jan 27 02:59:44 2018] <pgiarrusso> ilzolende: I understand your friend, I’m a perfectionist myself (and I think perfectionism must be endemic in channels like this)
[Sat Jan 27 03:00:46 2018] <ilzolende> so SoundLogic is the friend i've been mentioning :)
[Sat Jan 27 03:01:07 2018] <SoundLogic> Hello apparently nice people
[Sat Jan 27 03:01:11 2018] <pgiarrusso> Ah, welcome SoundLogic!
[Sat Jan 27 03:02:21 2018] <pgiarrusso> Style-wise, CPDT claims nobody knows good practices (well, Chlipala claims what he does has some cool ideas)
[Sat Jan 27 03:03:20 2018] <SoundLogic> I like dependently typed languages. Proved code is good.
[Sat Jan 27 03:04:07 2018] <pgiarrusso> SoundLogic: :-D
[Sat Jan 27 03:04:55 2018] <pgiarrusso> Thanks for calling us nice! Personally, I feel Coq is a harsh judge, so it forces some humility
[Sat Jan 27 03:05:54 2018] <pgiarrusso> And I hear formalizing informal proofs often teaches you others are fallible too, and that’s OK, we’re all humans after all :-)
[Sat Jan 27 03:06:14 2018] <SoundLogic> It is logic. Logic isn't harsh, it is *immutable*.
[Sat Jan 27 03:06:55 2018] <SoundLogic> * has strong views on this
[Sat Jan 27 03:07:07 2018] <pgiarrusso> Sure, “harsh” was more about Coq’s effects on the users, not a complaint :-)
[Sat Jan 27 03:07:13 2018] <SoundLogic> As indicated by my name :P
[Sat Jan 27 03:08:07 2018] <pgiarrusso> Anyway, what sort of thing have you worked on, if I may ask?
[Sat Jan 27 03:09:50 2018] <SoundLogic> A fair bit of "get frustrated at the standard library, start reimplementing/generalizing a chunk". I like setoids. Been working most recently on a puzzle game.
[Sat Jan 27 03:11:27 2018] <SoundLogic> I keep putting off figuring out how to setup proof general and some nice libraries though which has kiiinda hampered me a fair bit >_<
[Sat Jan 27 03:13:30 2018] <SoundLogic> Poked around at trying to add more stuff to morphism signatures, but haven't figured out a satisfactory way to represent it. Which, uh, is also a snag I hit a lot >_>
[Sat Jan 27 03:15:51 2018] <dh`> <pgiarrusso> I think perfectionism must be endemic in channels like this  <-- it is probably a prereq for using coq :-)
[Sat Jan 27 03:16:51 2018] <dh`> the standard library has... weaknesses
[Sat Jan 27 03:16:56 2018] <SoundLogic> Given how often I wind up glaring at coq for being insufficiently formal and precise...
[Sat Jan 27 03:17:52 2018] <SoundLogic> Yes I really need to figure out how to install proof general and mathclasses and such but it keeps being confusing for windows machines and I keep putting it off
[Sat Jan 27 03:20:56 2018] <SoundLogic> ilzolende keeps mentioning an old laptop I should maybe use but ¯\_(ツ)_/¯
[Sat Jan 27 03:21:44 2018] <dh`> proof general doesn't seem to offer all that much over coqide unless you're a fairly heavy emacs user
[Sat Jan 27 03:22:16 2018] <dh`> I have not got around to setting it up, even though I am a fairly heavy emacs user.
[Sat Jan 27 03:22:29 2018] <SoundLogic> Huh
[Sat Jan 27 03:24:24 2018] <SoundLogic> Mathclasses looks good though I think, unless I'm missing something?
[Sat Jan 27 03:26:03 2018] <SoundLogic> HoTT's truncation levels and such also look nice, despite my objections to the underlying principles
[Sat Jan 27 03:27:12 2018] <pgiarrusso> “Coq insufficiently formal” sounds weird, at least about the kernel; error messages, reference manual, and so on are all fair game
[Sat Jan 27 03:27:26 2018] <pgiarrusso> dh`: it’s now finally on MELPA
[Sat Jan 27 03:27:31 2018] <dh`> the manual's way too formal in most places :-/
[Sat Jan 27 03:27:57 2018] <pgiarrusso> dh`: the tactics chapter is too formal *and* informal
[Sat Jan 27 03:28:02 2018] <dh`> yes!
[Sat Jan 27 03:28:17 2018] <pgiarrusso> as I might have mentioned, the description of the semantics is... well...
[Sat Jan 27 03:28:19 2018] <dh`> I should volunteer to rewrite the manual... if only I had time for that :(
[Sat Jan 27 03:28:22 2018] <pgiarrusso> a clusterfuck?
[Sat Jan 27 03:28:40 2018] <pgiarrusso> “rewrite the manual” is the sort of hybris that prevents completion
[Sat Jan 27 03:29:18 2018] <pgiarrusso> I hear they’re porting it to sphinx, so hopefully when they’re done they might accept contributions
[Sat Jan 27 03:29:18 2018] <SoundLogic> I am rather unusual. I don't believe in referential transparency *or* side effects. My objections to HoTT are on the same grounds.
[Sat Jan 27 03:30:09 2018] <pgiarrusso> SoundLogic: I’ve stopped talking about “beliefs” in formal theories
[Sat Jan 27 03:30:34 2018] <pgiarrusso> yes, ultrafinitism exists, they have arguments, I don’t mind
[Sat Jan 27 03:30:34 2018] <dh`> pgiarrusso: well
[Sat Jan 27 03:30:48 2018] <dh`> when a document kind of wants major restructuring, what else would you call it?
[Sat Jan 27 03:30:58 2018] <dh`> "heavy editing"?
[Sat Jan 27 03:31:24 2018] <pgiarrusso> dh`: not objecting to the term
[Sat Jan 27 03:31:30 2018] <dh`> note also that I don't expect anyone to take this proposition seriously without evidence that I can write, which I don't think anyone here has
[Sat Jan 27 03:31:33 2018] <SoundLogic> pgiarrusso: ultrafinitism ftw. And I mean it very literally. I don't think (non-extremely trivial) referential transparency or side effects as commonly viewed exist.
[Sat Jan 27 03:32:13 2018] <pgiarrusso> dh`: but since nobody’s paying you full-time for a couple years to rewrite the manual, we’ll have to settle for local patches to the most glaring issues or nothing
[Sat Jan 27 03:32:47 2018] <pgiarrusso> *also*, it’s somewhat unrealistic to outsource rewriting a manual to outsiders
[Sat Jan 27 03:33:05 2018] <pgiarrusso> not because *I* don’t take you seriously
[Sat Jan 27 03:33:15 2018] <dh`> well
[Sat Jan 27 03:33:15 2018] <pgiarrusso> but because I’m sure the authors have their own opinions
[Sat Jan 27 03:33:24 2018] <dh`> if one actually does it, one perforce ceases to be an outsider
[Sat Jan 27 03:33:27 2018] <dh`> but yeah
[Sat Jan 27 03:33:31 2018] <pgiarrusso> also, that manual is a *reference* manual
[Sat Jan 27 03:33:40 2018] <dh`> anyway, it isn't realistic
[Sat Jan 27 03:34:12 2018] <dh`> well, it's partly a reference manual, one of the things it needs is to have the parts that are user guide to be separated out.
[Sat Jan 27 03:34:18 2018] <dh`> (or that are trying to be user guide)
[Sat Jan 27 03:34:25 2018] <pgiarrusso> also not saying that you *should* do the local refactoring instead of the rewrite (I’d encourage you to)
[Sat Jan 27 03:34:30 2018] <pgiarrusso> dh`: fair point!
[Sat Jan 27 03:34:36 2018] <pgiarrusso> on the user guide vs reference
[Sat Jan 27 03:35:00 2018] <dh`> that is in fact the main reorganization that I think's needed
[Sat Jan 27 03:35:35 2018] <dh`> the other one is to systematize the ... formalism density somehow
[Sat Jan 27 03:35:50 2018] <pgiarrusso> Agree. If I tried (which I likely won’t), I’d start doing it chapter per-chapter using sections
[Sat Jan 27 03:36:00 2018] <pgiarrusso> “intro to tacticals” — “tacticals formalized”
[Sat Jan 27 03:36:05 2018] <pgiarrusso> I mean, I’ve only written papers
[Sat Jan 27 03:36:08 2018] <dh`> right now there are sections of the manual where you're going along fine and suddenly you need to be a logician to follow
[Sat Jan 27 03:36:31 2018] <pgiarrusso> but there’s a very successful style of papers which we know how to write
[Sat Jan 27 03:36:42 2018] <dh`> yes
[Sat Jan 27 03:36:51 2018] <SoundLogic> Does anyone here know of a good tutorial for setting up coq libraries and the build stuff on windows? It seems rather confusing.
[Sat Jan 27 03:36:51 2018] <dh`> unfortunately, manuals are different from those
[Sat Jan 27 03:36:53 2018] <pgiarrusso> (for some definition of “we”, and it’s still hard to do, but we’ve tons of examples)
[Sat Jan 27 03:37:08 2018] <dh`> the haskell docs have the same kinds of problems (for the same set of reasons, I expect)
[Sat Jan 27 03:37:28 2018] <dh`> soundlogic: I don't. my first advice, unfortunately, would be "don't use windows"
[Sat Jan 27 03:37:40 2018] <dh`> which probably isn't at all helpful.
[Sat Jan 27 03:37:40 2018] <pgiarrusso> SoundLogic: “referential transparency does not exist” can’t possibly be a proposition; there’s lots to criticize about it, but none of the criticisms I know have that summary
[Sat Jan 27 03:38:14 2018] <pgiarrusso> SoundLogic: I also don’t know; I’ve seen people use opam for libraries, but not on Windows
[Sat Jan 27 03:38:21 2018] <pgiarrusso> maybe there’s some tutorial on opam for Windows?
[Sat Jan 27 03:38:42 2018] <pgiarrusso> SoundLogic: any chance of using a Linux virtual machine with a GUI?
[Sat Jan 27 03:38:54 2018] <pgiarrusso> and then opening a terminal and following tutorials?
[Sat Jan 27 03:39:27 2018] <pgiarrusso> I’m not sure what to refer you to, I think Real World OCaml’s tutorial might be one of your best chances to set up opam
[Sat Jan 27 03:39:40 2018] <pgiarrusso> well, actually, you don’t need that much, sorry
[Sat Jan 27 03:40:28 2018] <pgiarrusso> SoundLogic: anyway, using Linux will require you at least *some* knowledge about Linux shells (sh/bash)
[Sat Jan 27 03:43:01 2018] <dh`> I've done a couple of large manuals. it's not the same as writing papers; the goals are different
[Sat Jan 27 03:43:22 2018] <SoundLogic> pgiarrusso: I hold rather extreme views. To speak less soundbiteish, the fact that you can swap (1+5) and 6 as "referentially transparent" is in my opinion design flaw. True leibniz equality is trivial beyond the point of usefulness. (1+5) and 6 are equivalent in certain setoids, but not all.
[Sat Jan 27 03:44:32 2018] <dh`> anyway I'm not sure I can help much with the manual *without* proposing a mass rewrite; it's difficult for me to work on details without a global plan.
[Sat Jan 27 03:45:29 2018] <dh`> something like I need to know where I'm going
[Sat Jan 27 03:48:40 2018] <dh`> or something like I have to account for where all the bits are expected to go before I can propose local changes that will be helpful
[Sat Jan 27 03:49:15 2018] <dh`> anyway, the last thing I need is more projects; i should stick to the string library.
[Sat Jan 27 03:49:35 2018] <SoundLogic> So, I should probably setup a thing with linux then since it sounds like coq and windows do not mix well?
[Sat Jan 27 03:54:08 2018] <pgiarrusso> SoundLogic: on 1+5 vs 6, I see the confusion. But there's a difference between the number resulting from 1+5 (which is 6) and the syntax for 1+5, which is an AST
[Sat Jan 27 03:55:11 2018] <pgiarrusso> so I'd say it's not that you hold extreme views, it's that you'd like to read a book that clarifies the distinction, which is indeed usually only made in proof theory and programming language
[Sat Jan 27 03:55:56 2018] <SoundLogic> pgiarrusso: There is a setoid they are equivilent on, and functions like successor, addition, subtraction, and so on respect that setoid. Functions like "get_memory_address" and "get_time_to_compute" don't.
[Sat Jan 27 03:56:00 2018] <pgiarrusso> proofs and types has an aside on that, but that book sometimes almost assumes you already know everything relevant and then adds a bit of insight
[Sat Jan 27 03:56:37 2018] <SoundLogic> I wasn't refering to the AST
[Sat Jan 27 03:56:48 2018] <pgiarrusso> but you are
[Sat Jan 27 03:57:14 2018] <SoundLogic> "get_memory_address" is not a thing about the AST
[Sat Jan 27 03:57:32 2018] <pgiarrusso> if you are computing, that's on a program
[Sat Jan 27 03:57:53 2018] <pgiarrusso> well, the 6 of a mathematician does not have a memory address
[Sat Jan 27 03:58:30 2018] <pgiarrusso> you should really check out TAPL to learn the standard language for what you have in mind
[Sat Jan 27 03:58:42 2018] <pgiarrusso> Benjamin Pierce's TAPL
[Sat Jan 27 03:59:05 2018] <SoundLogic> The six natural number of a mathematician is implicitly parameterized by a zero and a successor for the signature.
[Sat Jan 27 03:59:19 2018] <pgiarrusso> you'll learn that all that you're saying is extremely well known in PL under the right terms
[Sat Jan 27 03:59:35 2018] <pgiarrusso> that's not the 6 of a mathematician, it's something else
[Sat Jan 27 04:01:16 2018] <SoundLogic> something else?
[Sat Jan 27 04:01:20 2018] <pgiarrusso> the 6 of a usual mathematician is a certain thing in ZFC
[Sat Jan 27 04:01:30 2018] <pgiarrusso> *type theorist
[Sat Jan 27 04:01:32 2018] <pgiarrusso> the 6 of a type theory is something else
[Sat Jan 27 04:01:32 2018] <pgiarrusso> *type theorist
[Sat Jan 27 04:01:32 2018] <pgiarrusso> and it's what you define in Coq
[Sat Jan 27 04:02:02 2018] <pgiarrusso> anyway, gotta check in at an airport
[Sat Jan 27 04:02:14 2018] <pgiarrusso> but the core message stands
[Sat Jan 27 04:02:35 2018] <pgiarrusso> reading that book will improve and validate a corrected version of your beliefs
[Sat Jan 27 04:02:57 2018] <pgiarrusso> you can still formalize things differently, but I doubt you'll see the point
[Sat Jan 27 04:04:02 2018] <dh`> TAPL is a good text
[Sat Jan 27 04:04:10 2018] <pgiarrusso> Harper's PFPL is also good and has (or used to have) free drafts online
[Sat Jan 27 04:04:38 2018] <SoundLogic> * goes and looks
[Sat Jan 27 04:05:00 2018] <pgiarrusso> relevant concepts: the distinction between object and meta-language, formalizing object languages with syntax, semantics
[Sat Jan 27 04:05:24 2018] <pgiarrusso> you'll need a semantics with a heap to define get_memory_address
[Sat Jan 27 04:08:00 2018] <pgiarrusso> (a simple set-theoretic denotational semantics might also help drive home the distinction between numbers in the object and meta-language)
[Sat Jan 27 04:19:21 2018] <SoundLogic> pgiarrusso: my instinctive approch would be to say that the fact that the existance of stopwatches implies apartness and therefore inequality
[Sat Jan 27 04:22:25 2018] <pgiarrusso> anyway, once you talk about the programs 1+5 and 6, you can totally discuss whether one takes more execution time than the other or not (it typically does)
[Sat Jan 27 04:23:13 2018] <pgiarrusso> and whether 6 and 6 have the same memory address (which you can't even state, let alone answer, without writing down the actual semantics of the programming language)
[Sat Jan 27 04:30:06 2018] <SoundLogic> The fact that you can't state it doesn't seem very relevant? In coq you can't pattern match over types or functions so you can't construct False by assuming univalence or function extensionality, but that doesn't make them the same, it just means that coq doesn't enable the construction of functions which don't respect certain setoids.
[Sat Jan 27 04:31:52 2018] <SoundLogic> It is like the thing with private types for HITs.
[Sat Jan 27 04:35:09 2018] <pgiarrusso> SoundLogic: what I'm saying is that, once you fix a semantics, that becomes a precise statement you can prove or disprove
[Sat Jan 27 04:35:27 2018] <pgiarrusso> and I can fix different semantics that give a different results
[Sat Jan 27 04:35:32 2018] <pgiarrusso> *result
[Sat Jan 27 04:36:11 2018] <SoundLogic> yes...?
[Sat Jan 27 04:36:16 2018] <pgiarrusso> if I use memoization, for instance, all copies of the value 6 will share the same address
[Sat Jan 27 04:37:06 2018] <SoundLogic> Yes
[Sat Jan 27 04:38:40 2018] <pgiarrusso> viceversa, concepts that aren't formalized (at least in a sketch) aren't yet really math
[Sat Jan 27 04:42:48 2018] <SoundLogic> I am completely in favor of being able to abstract out over things. "All the functions here respect the following" is really helpful, and I wish coq supported it more generally than just its "equivalent up to the following reduction laws". But working primarily within a certain collection of setoids doesn't make other functions stop existing, and I don't expect you to use any semantics that manage to make stopwatches stop
[Sat Jan 27 04:42:48 2018] <SoundLogic> existing either.
[Sat Jan 27 04:47:41 2018] <SoundLogic> pgiarrusso: This is a good book
[Sat Jan 27 04:51:07 2018] <pgiarrusso> SoundLogic: I must say, in constructive mathematics it makes more sense to talk about the “computation” inside 5 + 1
[Sat Jan 27 04:51:13 2018] <pgiarrusso> in classical mathematics it doesn’t
[Sat Jan 27 04:51:39 2018] <pgiarrusso> but formalizing a language inside Coq lets you say most or all that you want to say
[Sat Jan 27 04:51:53 2018] <pgiarrusso> actually, TAPL’s good for doing the math on-paper
[Sat Jan 27 04:52:20 2018] <pgiarrusso> and Software Foundations (especially vol. 2) is good for the next step (doing it in Coq, though they cover MUCH less)
[Sat Jan 27 04:52:50 2018] <SoundLogic> Formalizing a language inside C would also let me say things. None the less, there is a reason I prefer coq.
[Sat Jan 27 04:54:37 2018] <pgiarrusso> anyway, do check it out, I think you’ll like it
[Sat Jan 27 04:54:47 2018] <pgiarrusso> Flight’s leaving, so bye!
[Sat Jan 27 04:55:20 2018] <SoundLogic> I'm reading it
[Sat Jan 27 04:55:21 2018] <SoundLogic> Bye!
[Sat Jan 27 06:53:16 2018] <sbp> is there a way to change the automatic names that Coq generates using intros? if I do Goal bool -> bool. intros. for example, I get H : bool. if I want b : bool instead I can do intros b., but can I not use some command to force Coq to use "b" as its initial choice using intros. alone? I've tried the guide and SO and found nothing, though Idris can do this
[Sat Jan 27 07:06:54 2018] <pgiarrusso> sbp: the closest thing I know is the string argument of fresh
[Sat Jan 27 07:07:07 2018] <pgiarrusso> so you could write your own wrappers
[Sat Jan 27 07:07:56 2018] <pgiarrusso> maybe use Chargueraud's (IIRC) introv for inspiration (in e.g. Software Foundations)
[Sat Jan 27 07:09:06 2018] <pgiarrusso> sbp: but wait
[Sat Jan 27 07:09:29 2018] <pgiarrusso> in your example Goal: forall (b: bool), bool would work
[Sat Jan 27 07:10:03 2018] <pgiarrusso> or you could just name your function argument as usual
[Sat Jan 27 07:10:20 2018] <pgiarrusso> not sure which one you want
[Sat Jan 27 07:19:46 2018] <sbp> pgiarrusso: I knew about fresh, but I didn't know about introv. that's pretty interesting, but the idea is to have "upstream" decide your variable names for you. that's why I didn't use (b: bool) in the type, because it's pretty much just the same as using intros b
[Sat Jan 27 07:20:12 2018] <sbp> the idea is, imagine you're exporting some datatype as a library for others to use
[Sat Jan 27 07:21:04 2018] <sbp> you want them to be able to intros on your datatype without ending up with H H0 H1. they can use explicit names, but it's like unnecessary duplication of effort when you can have the author just do it once, at the point of Inductive creation, for all time
[Sat Jan 27 07:21:28 2018] <sbp> so I guess that's some motivation for me to tinker with Coq's source. adding this might be an interesting OCaml project ;)
[Sat Jan 27 07:25:02 2018] <sbp> what inspired me was the %name construct in Idris. example here: https://github.com/idris-lang/Idris-dev/blob/24f580d45455b3fee35d0e96e48415612e58aaed/libs/prelude/Prelude/List.idr#L30
[Sat Jan 27 07:31:54 2018] <pgiarrusso> the annoying thing is in Coq, unlike Idris, adding such an hint will break clients
[Sat Jan 27 07:32:54 2018] <pgiarrusso> it'd be cooler to mix interactive editing and tactics
[Sat Jan 27 09:44:57 2018] <aweinstock> I'm trying to pass tactics as arguments, and can pass idtac, but not (idtac "hello"). using the Ltac EBNF from the manual, I've gotten this far: https://paste.rs/vrO, not sure what to try next/what the error means
[Sat Jan 27 10:09:52 2018] <aweinstock> disregard the above, solved the issue by grepping for examples in the coq source 'twice ltac:(idtac "hello")' works where 'twice (ltac:(idtac "hello"))' was failing
[Sat Jan 27 11:42:21 2018] <dganti> newbie question: i have installed coq using opam. When i do c-c c-enter on proof general, i get "coq process exited". How do i fix this?
[Sat Jan 27 12:32:28 2018] <dh`> because of the way we think about bools, it's rare in practice (IME anyway) to get H: bool
[Sun Jan 28 10:27:56 2018] <srpx> Is it true that coq has a small kernel? Is its codebase modular? How feasible would it be for me to separate the core language and make my own little IDE for coq? With my own syntax and editor, using just the core from coq and its type checker, nothing more?
[Sun Jan 28 10:30:16 2018] <SharpGAF> srpx: Depends how you define "small," but fortunately the kernel in Coq is already (somewhat) isolated from the rest of the code.
[Sun Jan 28 10:37:40 2018] <SharpGAF> srpx: https://github.com/coq/coq/tree/master/kernel is the kernel.  The rest (outside of some shared library code) is theoretically optional.  However, I think there are documented plugin APIs somewhere that people are supposed to be able to rely on being more stable than kernel internals.  https://github.com/coq/coq/wiki/DevelopmentTutorial has a much better overview than I can give (I've mostly worked in the checker, which is kind of
[Sun Jan 28 10:39:02 2018] <srpx> Which is kind of? (Your message was cut)
[Sun Jan 28 10:39:15 2018] <srpx> SharpGAF .
[Sun Jan 28 10:40:11 2018] <SharpGAF> kind of isolated from the rest of the code by design.
[Sun Jan 28 10:40:42 2018] <SharpGAF> The checker is probably not what you want, since it both isn't interactive, and is very slow (though hopefully that can be fixed to some extent).
[Sun Jan 28 10:48:59 2018] <srpx> Hmmm. So that won’t work, I guess
[Sun Jan 28 10:49:15 2018] <srpx> Type checker is slow because of unification or something?
[Sun Jan 28 10:54:26 2018] <srpx> SharpGAF so, I’m trying to implement a browser for apps which instead of JavaScript, uses a language on which the browser can download proofs of certain properties of the apps it runs. For example, “for all sequence of use inputs, this game will never violate the zero sum of balances”. Problem is I’m not sure what language to use for that. Every language that has a type system powerful enough for that is a huge
[Sun Jan 28 10:54:26 2018] <srpx> project that I can’t just ship with a browser. I tried implementing my own core language but without inductive families it isn’t expressive enough in practice, and those are hard to implement. I’d use coqs core but you just said its checker is slow. Out of ideas
[Sun Jan 28 11:06:22 2018] <pgiarrusso> wait, why is Coq’s kernel slow? It’s used to check all proofs, no?
[Sun Jan 28 11:07:38 2018] <pgiarrusso> IIUC, Coq users use tactics to build proofs, and then they’re checked by the kernel
[Sun Jan 28 11:08:00 2018] <pgiarrusso> or does Coq use some faster checker during interactive use?
[Sun Jan 28 11:09:39 2018] <aweinstock> "fast enough to check one proof interactively" might still be "too slow to be worth gating page loads on checking an entire library of proofs" (I'm guessing motivations, don't know the exact runtimes involved)
[Sun Jan 28 11:19:20 2018] <SharpGAF> srpx: Sorry, I realize that would be easy to read that way… the kernel is pretty fast (given what it's doing).  The checker is a (sort of) separate implementation of the typechecker, so its slowness shouldn't affect you unless you want to use it.
[Sun Jan 28 11:19:49 2018] <srpx> Oh okay! Thanks for that clarification.
[Sun Jan 28 11:20:26 2018] <SharpGAF> I definitely recommend using the Coq kernel over writing your own checker, unless you want that to be the research project :)
[Sun Jan 28 11:21:45 2018] <SharpGAF> It is worth noting that Coq can actually run in the browser even for quite large developments (though that might not matter for what you're doing).
[Sun Jan 28 11:36:03 2018] <srpx> I’m aware, with coq.js, right? I’m more and more tending towards what you suggested, yes. I could use coqsSo, you’d say it is feasible to build a different surface language on top of coqs core? (I probably don’t need the tactics, most of the unification and more complex features, and I need an editor that understands the whole grammar)
[Sun Jan 28 11:36:23 2018] <srpx> I could use coqs core as a lib and build the browser in ocaml. *
[Sun Jan 28 11:37:38 2018] <srpx> (SharpGAF)
[Sun Jan 28 11:45:27 2018] <SharpGAF> It's certainly *possible.*  After all, most people interact with Coq primarily through Ltac, which isn't part of the kernel at all.
[Sun Jan 28 11:46:03 2018] <SharpGAF> It would be a huge amount of work, but that would be the case whether or not you use Coq as the kernel.
[Sun Jan 28 12:23:35 2018] <aweinstock> I'm trying to prove "Goal forall b c : bool, andb b c = true -> b = true /\ c = true.", and am ending up with "true = false" as a subgoal; does that mean I'm trying to prove a nontheorem, or just applying the wrong tactics?
[Sun Jan 28 12:24:19 2018] <pgiarrusso> aweinstock: wrong tactics
[Sun Jan 28 12:25:14 2018] <pgiarrusso> aweinstock: unless you took a modified `andb`, but if it’s called and the theorem is true
[Sun Jan 28 12:25:44 2018] <pgiarrusso> I’ve gotten such things by using `destruct b` over `destruct b eqn:Hb`; the former can lose information
[Sun Jan 28 12:25:53 2018] <pgiarrusso> actually, wait
[Sun Jan 28 12:26:02 2018] <pgiarrusso> `destruct b` won’t lose anything
[Sun Jan 28 12:26:06 2018] <pgiarrusso> but `destruct t` will
[Sun Jan 28 12:26:15 2018] <aweinstock> standard andb from the standard library, was trying 'intros; destruct b,c,H; compute.'
[Sun Jan 28 12:26:33 2018] <pgiarrusso> ah, `destruct H` sounds like a problem
[Sun Jan 28 12:27:04 2018] <pgiarrusso> `destruct b, c; simpl; split; reflexivity` might be enough
[Sun Jan 28 12:27:39 2018] <pgiarrusso> aweinstock: ^^
[Sun Jan 28 12:28:33 2018] <pgiarrusso> aweinstock: since `H`’s type is an indexed datatype, `destruct H` loses information, while `inversion H` or `dependent destruction H` are more appropriate
[Sun Jan 28 12:28:52 2018] <pgiarrusso> ah, my proposed tactics won’t work
[Sun Jan 28 12:30:11 2018] <pgiarrusso> because in 3 out of four cases `H` reduces to `false = true`; but adding `inversion H` should fix that
[Sun Jan 28 12:30:33 2018] <pgiarrusso> `destruct b, c; simpl; inversion H; split; reflexivity`
[Sun Jan 28 12:31:19 2018] <aweinstock> that works, thanks
[Sun Jan 28 12:31:31 2018] <aweinstock> what's the intuition behind how inversion differs from destruct?
[Sun Jan 28 12:35:06 2018] <benzrf> aweinstock: inversion deduces equalities, destruct just eliminates
[Sun Jan 28 12:35:31 2018] <benzrf> do you know the difference between indices and parameters for types?
[Sun Jan 28 12:37:11 2018] <aweinstock> I don't think I know the difference, is there a paper/section of the Coq manual that explains it?
[Sun Jan 28 12:39:36 2018] <SharpGAF> aweinstock: Essentially, indices are "outputs" and parameters are "inputs".  While every constructor in the inductive type takes the same parameter types and outputs the same index types, for indices the constructor gets to decide their values based on both parameters and constructor arguments.
[Sun Jan 28 12:41:07 2018] <benzrf> aweinstock: to be more precise - when you make a declaration like [Inductive foo (t : Type) (a : nat) : forall (s : Type), list s -> Prop]
[Sun Jan 28 12:41:33 2018] <benzrf> formally, coq understands everything before the : as a 'parameter' and everything afterward as an 'index'
[Sun Jan 28 12:41:41 2018] <benzrf> that is, t and a are parameters, s and the list are indices
[Sun Jan 28 12:41:45 2018] <SharpGAF> Oh right, yes, syntax :)
[Sun Jan 28 12:42:26 2018] <benzrf> the 't' and 'a' are bound in the body of the declaration, and the result type of each constructor _must_ use them as its t and a
[Sun Jan 28 12:43:03 2018] <benzrf> so for example, somehting like [bar : foo t 3 nat nil] would be invalid, because you used '3' instead of 'a'
[Sun Jan 28 12:43:36 2018] <benzrf> on the other hand, 's' won't be bound in the declaration (that wouldnt make sense anyway since s is scoped to the body of the forall)
[Sun Jan 28 12:43:56 2018] <benzrf> and in particular it can be determined however you like
[Sun Jan 28 12:44:16 2018] <benzrf> if you've used haskell, all basic algebraic data type declarations have only parameters, no indices
[Sun Jan 28 12:46:22 2018] <aweinstock> I've used more haskell than dependently typed languages, so I probably just don't have intuition for indices yet then
[Sun Jan 28 12:46:26 2018] <benzrf> yh
[Sun Jan 28 12:46:38 2018] <benzrf> basically, indices are precisely what GADTs allow you to do that ADTs don'
[Sun Jan 28 12:46:40 2018] <benzrf> t
[Sun Jan 28 12:47:24 2018] <benzrf> the key thing about parameters is that, essentially, the type declaration is *parametric* over them
[Sun Jan 28 12:47:51 2018] <benzrf> when you apply
[Sun Jan 28 12:47:53 2018] <benzrf> er
[Sun Jan 28 12:48:28 2018] <benzrf> if you have the types [foo t a s l] and [foo t b s l], the only difference between them is that 'a' gets swapped out for 'b'
[Sun Jan 28 12:48:33 2018] <benzrf> in the types of each constructor
[Sun Jan 28 12:50:04 2018] <benzrf> on the other hand, consider a type like this: [Inductive nice : nat -> Prop := three_is_nice : nice 3 | four_is_nice : nice 4]
[Sun Jan 28 12:51:02 2018] <benzrf> since the 'nat' argument to the type constructor appears on the rhs of the :, it's an index, and we are free to determine it as we like in the types of our constructors
[Sun Jan 28 12:51:20 2018] <benzrf> now [nice] is not 'parametric' in its first argument
[Sun Jan 28 12:51:51 2018] <benzrf> [nice 2] and [nice 3] have /different sets of constructors/
[Sun Jan 28 12:53:49 2018] <benzrf> now when you [destruct] something, it creates subgoals for each constructor of the type (iirc)
[Sun Jan 28 12:54:29 2018] <benzrf> and it clobbers some stuff and uh i dont remember the details
[Sun Jan 28 12:55:04 2018] <benzrf> when you use [inversion], it examines what values you've given for the indices of the type, and intelligently figures out what constraints that causes
[Sun Jan 28 12:56:11 2018] <benzrf> tangential thing that's worth knowing: when coq generates an induction principle, it puts the parameters of the type as arguments at the very beginning that then get used throughout the rest, whereas it puts the indices as arguments to each inductive case and the conclusion
[Sun Jan 28 13:01:30 2018] <benzrf> e.g. https://i.imgur.com/RRrV34F.png
[Sun Jan 28 13:01:39 2018] <benzrf> oops fuck
[Sun Jan 28 13:02:07 2018] <benzrf> there we go https://i.imgur.com/pH6BXmh.png
[Sun Jan 28 13:03:16 2018] <benzrf> oh yeah, and parameters are automatically added as arguments to the types of the constructors, but you cant match on them as subpatterns, or something?
[Sun Jan 28 13:03:21 2018] <benzrf> i cant remember the detail
[Sun Jan 28 13:03:34 2018] <benzrf> it gets a bit subtle
[Sun Jan 28 13:03:55 2018] <benzrf> but if you examine some stdlib types like eq and le, youll find that theyve carefully chosen their arguments to be parameters or indices
[Sun Jan 28 13:04:05 2018] <aweinstock> in that example, is 'A' the parameter, and 'identity A' the index?
[Sun Jan 28 13:04:10 2018] <benzrf> no -
[Sun Jan 28 13:04:25 2018] <benzrf> the first type uses a parameter, the second type uses an inde
[Sun Jan 28 13:04:27 2018] <benzrf> x
[Sun Jan 28 13:05:25 2018] <benzrf> ack i forgot how hard to see coq's arrow highlighting is on this theme
[Sun Jan 28 13:05:25 2018] <aweinstock> so the "A" in "identity A" is a parameter, and the "A" in "identity' A" is an index
[Sun Jan 28 13:05:37 2018] <benzrf> right
[Sun Jan 28 13:05:50 2018] <benzrf> notice the differences in the generated induction principles too
[Sun Jan 28 13:06:33 2018] <benzrf> also check this out https://i.imgur.com/0C3bh35.png
[Sun Jan 28 13:06:41 2018] <aweinstock> is this {the same thing as, related to} existentials in haskell-style GADTs?
[Sun Jan 28 13:06:54 2018] <benzrf> somewhat
[Sun Jan 28 13:06:58 2018] <benzrf> oh wait hmm
[Sun Jan 28 13:07:08 2018] <benzrf> no i'd say it isn't
[Sun Jan 28 13:07:22 2018] <benzrf> existentials in haskell are precisely when the arguments to the constructor *don't* show up in its result type
[Sun Jan 28 13:07:37 2018] <benzrf> but this distinction is entirely regarding those result types and where they come from
[Sun Jan 28 13:08:01 2018] <benzrf> for example:
[Sun Jan 28 13:08:19 2018] <benzrf> this is totally fine: Inductive identity (A : Type) : Type := wrap : forall T, T -> identity A.
[Sun Jan 28 13:08:41 2018] <benzrf> i have an existential type here and coq doesn't care - the important thing is just that i be parametric over A, it doesnt matter what else i do
[Sun Jan 28 13:09:07 2018] <benzrf> the A can't come from a forall there because it has to come from the A bound above, but if i have other parameters that i use elsewhere, it doesnt matter
[Sun Jan 28 13:09:58 2018] <SharpGAF> AFAIK, indices can either be thought of as a generalization of dependent sigma, or as a type level reification of the language's equality judgement together with dependent sigma.
[Sun Jan 28 13:11:13 2018] <pgiarrusso> SharpGAF: I think understanding that is a final exam question on inductive types :-)
[Sun Jan 28 13:11:29 2018] <pgiarrusso> though I think it sounds correct
[Sun Jan 28 13:13:21 2018] <pgiarrusso> to clarify, a constructor like `three_is_nice: nice 3` can be translated into `three_is_nice: forall n, n = 3 -> nice n`
[Sun Jan 28 13:13:43 2018] <pgiarrusso> so we see `n = 3` (which reifies equality)
[Sun Jan 28 13:14:54 2018] <pgiarrusso> a dependent sigma because we pack the `n = 3` witness (and we could pack more stuff if we had existentials)
[Sun Jan 28 13:15:14 2018] <dh`> it is often annoying that you can't use existentials there :-/
[Sun Jan 28 13:15:15 2018] <pgiarrusso> aweinstock: that translation I showed is how Haskell GADTs (used to be) explained in the literature
[Sun Jan 28 13:15:37 2018] <pgiarrusso> dh`: isn’t it enough to bind more variables?
[Sun Jan 28 13:15:54 2018] <dh`> not always, no
[Sun Jan 28 13:16:00 2018] <pgiarrusso> `evens_are_nice: forall m, nice (2 * m)`
[Sun Jan 28 13:16:17 2018] <dh`> I don't have an example
[Sun Jan 28 13:16:24 2018] <dh`> every time I run into it, I end up having to rewrite :-)
[Sun Jan 28 13:16:45 2018] <dh`> which usually involves restructuring, not just introducing more stuff
[Sun Jan 28 13:18:04 2018] <pgiarrusso> dh`: maybe, but no clue what could be an example
[Sun Jan 28 13:18:29 2018] <dh`> I will try to remember to dump here the next time I run into this
[Sun Jan 28 13:18:30 2018] <pgiarrusso> except that you can’t bind variables that are too big for the target type
[Sun Jan 28 13:18:42 2018] <pgiarrusso> but that’s fixed by making the target larger
[Sun Jan 28 13:18:52 2018] <pgiarrusso> or, well, in Coq you don’t write universe levels really
[Sun Jan 28 13:19:29 2018] <pgiarrusso> so worst-case you produce unsatisfiable constraints and get trouble...
[Sun Jan 28 13:20:03 2018] <pgiarrusso> dh`: right, this is the *one thing* existentials can do and Coq can’t
[Sun Jan 28 13:20:06 2018] <dh`> suppose I wanted to have a prop SAT: expr -> Prop
[Sun Jan 28 13:20:17 2018] <pgiarrusso> weak existentials can be more impredicative
[Sun Jan 28 13:21:19 2018] <dh`> a natural way to write the constructor is as "isSAT: forall e, exists (a: assignment), Eval a e true -> SAT e
[Sun Jan 28 13:21:43 2018] <dh`> you can write something similar with forall, but it's a weaker property.
[Sun Jan 28 13:23:03 2018] <dh`> or at lest, i think it is.
[Sun Jan 28 13:23:10 2018] <dh`> I might have botched any piece of this ;-)
[Sun Jan 28 13:25:06 2018] <pgiarrusso> hm
[Sun Jan 28 13:25:36 2018] <pgiarrusso> OK, I think `isSAT: forall e a, Eval a e true -> SAT e` should be what you want
[Sun Jan 28 13:25:45 2018] <pgiarrusso> because that’s the type of isSAT
[Sun Jan 28 13:25:56 2018] <dh`> yes, that's at least legal
[Sun Jan 28 13:26:32 2018] <pgiarrusso> and it’s equivalent (at least in System F) to `isSAT: forall e, (exists a, Eval a e true) -> SAT e`
[Sun Jan 28 13:26:55 2018] <pgiarrusso> now, why would the latter not work?
[Sun Jan 28 13:27:13 2018] <pgiarrusso> with the right version of existentials
[Sun Jan 28 13:27:24 2018] <dh`> in what sense of not work?
[Sun Jan 28 13:27:32 2018] <pgiarrusso> well, be illegal
[Sun Jan 28 13:27:39 2018] <dh`> oh
[Sun Jan 28 13:27:58 2018] <pgiarrusso> or what is the problem with this, since it is what you want to write?
[Sun Jan 28 13:28:05 2018] <dh`> is that allowed in an inductive?
[Sun Jan 28 13:28:11 2018] <pgiarrusso> (I added parens and those matter)
[Sun Jan 28 13:28:25 2018] <dh`> right
[Sun Jan 28 13:28:26 2018] <pgiarrusso> I *am* wondering about size issues
[Sun Jan 28 13:28:36 2018] <pgiarrusso> but this one lives in `Prop`
[Sun Jan 28 13:30:05 2018] <pgiarrusso> one case which will fail is trying to store a `Type i` into a `Type i` with universe errors
[Sun Jan 28 13:30:33 2018] <pgiarrusso> and there you often need to replace the `Type i` you want to pack with some *code* for the `Type i`
[Sun Jan 28 13:31:10 2018] <pgiarrusso> or wait!
[Sun Jan 28 13:31:33 2018] <pgiarrusso> maybe `exists p: Prop, foo: Prop` is already illegal
[Sun Jan 28 13:31:43 2018] <pgiarrusso> that’s allowed in System F which has (weak) existentials
[Sun Jan 28 13:32:03 2018] <pgiarrusso> but it becomes inconsistent if you switch to sigma types/strong existentials
[Sun Jan 28 13:32:17 2018] <pgiarrusso> I think even for impredicative universes
[Sun Jan 28 13:33:03 2018] <pgiarrusso> But... now I’m confused
[Sun Jan 28 13:33:15 2018] <pgiarrusso> (also, I meant `(exists p: Prop, foo): Prop`)
[Sun Jan 28 13:35:04 2018] <dh`> it accepts the existential inside the parens, and it seems correct to have the parents
[Sun Jan 28 13:35:14 2018] <dh`> so maybe the solution to the problems I've run into is that
[Sun Jan 28 13:36:41 2018] <pgiarrusso> dh`: for this example, yes
[Sun Jan 28 13:36:54 2018] <pgiarrusso> I see why one might want `exists` to be closer to `forall` syntax
[Sun Jan 28 13:37:02 2018] <pgiarrusso> well, sort-of see
[Sun Jan 28 13:37:17 2018] <pgiarrusso> (except that would in fact be wrong)
[Sun Jan 28 13:37:18 2018] <dh`> also now I'm not sure (in this case) what the difference in meaning is when you remove the parens
[Sun Jan 28 13:37:50 2018] <dh`> it would allow the existential variable to appear in the SAT conclusion and that's obviously problematic, but it doesn't
[Sun Jan 28 13:37:52 2018] <pgiarrusso> well, the body of exists extends to the right as much as possible, just like forall
[Sun Jan 28 13:38:00 2018] <dh`> right
[Sun Jan 28 13:38:09 2018] <pgiarrusso> but that’s just not the right syntax
[Sun Jan 28 13:41:23 2018] <dh`> well yes, but the *statement* forall e, exists a, Eval a e true -> SAT e
[Sun Jan 28 13:41:37 2018] <pgiarrusso> that’s fine
[Sun Jan 28 13:41:44 2018] <dh`> can be written, and now I'm not sure how this is actually a different statement
[Sun Jan 28 13:41:50 2018] <dh`> which is probably because I'm being stupid
[Sun Jan 28 13:41:59 2018] <pgiarrusso> this is subtle
[Sun Jan 28 13:42:30 2018] <pgiarrusso> OK, so that statement can be written, yes, and it might even be true, for extra confusion
[Sun Jan 28 13:42:58 2018] <pgiarrusso> ah no
[Sun Jan 28 13:43:19 2018] <pgiarrusso> dh`: I hope `False` is an false Expression, yes?
[Sun Jan 28 13:43:49 2018] <pgiarrusso> well, not quite Coq’s `False`, call it `EFalse`
[Sun Jan 28 13:44:30 2018] <pgiarrusso> that statement says that for all expressions (including `EFalse`), there exists a specific assignment, such that if the assignment is true `e` is satisfiable
[Sun Jan 28 13:44:47 2018] <pgiarrusso> OK, so now I suspect this is a true but stupid statement
[Sun Jan 28 13:45:21 2018] <pgiarrusso> let’s prove it to explain it. Assume you have a SAT solver that decides whether `e` is satisfiable.
[Sun Jan 28 13:46:11 2018] <pgiarrusso> if `e` is unsatisfiable, for any assignment `a` the conclusion will be vacuously true (because `Eval a e true` is false)
[Sun Jan 28 13:46:30 2018] <pgiarrusso> if `e` is satisfied by `a`, pick assignment `a` as witness of the existential
[Sun Jan 28 13:46:34 2018] <pgiarrusso> in both cases, we’re done
[Sun Jan 28 13:46:40 2018] <pgiarrusso> so the statement holds
[Sun Jan 28 13:46:50 2018] <pgiarrusso> but is it interesting? I’d say no
[Sun Jan 28 13:47:26 2018] <pgiarrusso> `forall e, (exists a, Eval a true) -> SAT e`, instead, lets us show that `e` is satisfiable by providing a satisfying assignment
[Sun Jan 28 13:47:27 2018] <dh`> yes, well, both statements say that in english, is the problem. I'm writing it down to tinker with
[Sun Jan 28 13:47:32 2018] <pgiarrusso> that’s much more interesting
[Sun Jan 28 13:47:51 2018] <pgiarrusso> if both statements say that in English, you’re mistranslating them
[Sun Jan 28 13:48:16 2018] <pgiarrusso> but this is indeed pretty confusing
[Sun Jan 28 13:48:38 2018] <dh`> I am probably being stupid.
[Sun Jan 28 13:48:42 2018] <dh`> my head is boiled this weekend
[Sat Feb  3 15:41:55 2018] <aweinstock> Is there a way to anonymously refer to the term built via an ltac script?
[Sat Feb  3 15:43:13 2018] <aweinstock> concretely: I want to be able to instantiate a record field with something like {| SRmul_1_l := inline_ltac (intros; simpl; rewrite plus_rightzero; reflexivity.) |}
[Sat Feb  3 15:43:48 2018] <Cypi> Wherever a Gallina term is expected, you can write `ltac:(some tactic)`
[Sat Feb  3 15:43:57 2018] <Cypi> where `some tactic` is a Ltac tactic that solves the goal
[Sat Feb  3 15:44:06 2018] <aweinstock> right now, the best I can do is construct a proof term interactively via "Goal forall x, 1 * x = x. intros. simpl. rewrite plus_rightzero. reflexivity. Qed. Print Unnamed_thm" and inline it
[Sat Feb  3 15:45:26 2018] <aweinstock> trying it with ltac:(...) now
[Sat Feb  3 15:51:50 2018] <aweinstock> after "Definition foo : forall x, 1 * x = x := ltac:(intro x; simpl; rewrite plus_rightzero; reflexivity).", "{| SRmul_1_l := foo |}" works, but "{| SR_mul_1_l := ltac:(intro x; simpl; rewrite plus_rightzero; reflexivity) |}" fails with "Error: Found no subterm matching "?M707 + 0" in the current goal."
[Sat Feb  3 15:52:23 2018] <aweinstock> the span info for the "Error: Found no subterm matching "?M707 + 0" in the current goal." message points at the "rewrite plus_rightzero" term
[Sat Feb  3 15:53:51 2018] <aweinstock> adding "Set Ltac Debug." before the record definition didn't get it to dump more info
[Sat Feb  3 15:57:15 2018] <pgiarrusso> aweinstock: that means that in the term you are building you can’t rewrite with that lemma, there’s no instance of ??? + 0
[Sat Feb  3 15:57:43 2018] <pgiarrusso> why do you expect the type of `SR_mul_1_l` to need such a rewrite?
[Sat Feb  3 15:58:10 2018] <pgiarrusso> aweinstock: in fact, it’s surprising it works inside `foo`, that makes no sense
[Sat Feb  3 15:59:07 2018] <aweinstock> I got it to work with "{| SRmul_1_l := fun x : nat => (fun (e : 1 * x = x) => e) ltac:(simpl; rewrite plus_rightzero; reflexivity); |}"
[Sat Feb  3 15:59:25 2018] <aweinstock> (basically just adding explicit binders to get the types unified correctly)
[Sat Feb  3 16:00:17 2018] <aweinstock> pgiarrusso: I'm trying to instantiate Ring_theory.semi_ring_theory for nat, and I want (forall x : nat, 1*x = x) inlined since it's such a trivial lemma
[Sat Feb  3 16:01:49 2018] <aweinstock> my guess as to why it didn't work before adding the binders but did afterwards was that it was trying to infer a type that referred to the semiring's parameters, but wasn't unifying them properly
[Sat Feb  3 16:02:27 2018] <aweinstock> is that a thing that makes sense to expect? (i.e. did I luck into a working solution, or did I get it for close to the right reason?)
[Sat Feb  3 16:02:45 2018] <pgiarrusso> aweinstock: wait, so `plus_rightzero` is here a lemma referred to multiplication? that was confusing
[Sat Feb  3 16:03:24 2018] <pgiarrusso> also, a lemma on a right *identiy* should say `x * 1 = x`, not talk about `1 * x`
[Sat Feb  3 16:04:15 2018] <aweinstock> pgiarrusso: (plus_rightzero : forall n, n + 0 = n)
[Sat Feb  3 16:04:38 2018] <pgiarrusso> aweinstock: so why is that relevant to `foo`’s type? no + in sight
[Sat Feb  3 16:05:17 2018] <pgiarrusso> aweinstock: to your question, I suspect plus_rightzero is overloaded over either canonical structures or typeclass instances, and resolution might be picking different instances... but the type you show suggests no overloading
[Sat Feb  3 16:05:33 2018] <aweinstock> it comes up after simpl does 1 step of reduction (from (1 * x = x) to (x + 0 = x))
[Sat Feb  3 16:05:54 2018] <aweinstock> * is the Nat.mul from the standard library, defined by left-recursion on nats
[Sat Feb  3 16:05:54 2018] <pgiarrusso> Ah! Thanks.
[Sat Feb  3 16:06:56 2018] <pgiarrusso> aweinstock: OK...
[Sat Feb  3 16:07:15 2018] <pgiarrusso> maybe SR_mul_1_l is overloaded?
[Sat Feb  3 16:07:36 2018] <aweinstock> I confirmed that "SRmul_1_l := fun x : nat => ltac:(simpl; rewrite plus_rightzero; reflexivity)" fails where "SRmul_1_l := fun x : nat => (fun e : 1 * x = x => e) ltac:(simpl; rewrite plus_rightzero; reflexivity)" suceeds
[Sat Feb  3 16:07:55 2018] <pgiarrusso> aweinstock: makes sense, but which overload is unspecified
[Sat Feb  3 16:08:26 2018] <pgiarrusso> I’d expect a type annotation for the overall instance? but you’re not pasting a full command for `SRmul_1_l`
[Sat Feb  3 16:08:52 2018] <aweinstock> "Check Ring_theory.SRmul_1_l." gives "SRmul_1_l : forall (R : Type) (rO rI : R) (radd rmul : R -> R -> R) (req : R -> R -> Prop), semi_ring_theory rO rI radd rmul req -> forall n : R, req (rmul rI n) n"
[Sat Feb  3 16:09:38 2018] <pgiarrusso> aweinstock: and semi_ring_theory is the typeclass/structure you’re building
[Sat Feb  3 16:09:57 2018] <pgiarrusso> aweinstock: it looks like you’re trying something like `Definition foo := {| SRmul_1_l := ... |}`
[Sat Feb  3 16:10:19 2018] <pgiarrusso> while you’d need `Definition foo: semi_ring_theory <insert params here> := {| ... |}`
[Sat Feb  3 16:10:57 2018] <pgiarrusso> in the first case, Coq can’t know which semiring theory you’re trying to build, so doesn’t know to use multiplication, so `simpl` can’t produce an addition
[Sat Feb  3 16:11:09 2018] <pgiarrusso> (or maybe Coq guesses a different instance)
[Sat Feb  3 16:11:17 2018] <pgiarrusso> aweinstock: makes sense?
[Sat Feb  3 16:11:29 2018] <pgiarrusso> that would explain why your type annotations work around the problem
[Sat Feb  3 16:11:43 2018] <aweinstock> https://github.com/aweinstock314/coq-stuff/blob/master/softwareverification_homework1.v#L112-L123
[Sat Feb  3 16:12:42 2018] <aweinstock> I'm passing the arguments to semi_ring_theory before starting the record definition, so I don't think that explanation addresses it?
[Sat Feb  3 16:16:42 2018] <pgiarrusso> aweinstock: Thanks for the link! Stumped then. This still looks like a type inference issue, but this looks like Coq being sillier than I’d have expected?
[Sat Feb  3 16:17:21 2018] <pgiarrusso> except that I don’t know if typechecking is done before running `Ltac`, which might interact with the problem
[Sat Feb  3 16:18:22 2018] <pgiarrusso> aweinstock: but any chance using `Program Definition` makes your life simpler?
[Sat Feb  3 16:18:31 2018] <aweinstock> so it's probably just some sort of phase issue between ltac/typecheck that's easily worked around then
[Sat Feb  3 16:18:58 2018] <aweinstock> I'm not sure, haven't heard of the `Program Definition` feature before
[Sat Feb  3 16:20:34 2018] <aweinstock> (found it in the manual and am reading about it, but I'm not sure what you were suggesting I replace with it)
[Sat Feb  3 16:27:30 2018] <aweinstock> If I'm understanding correctly, `Program Fixpoint` allows manually writing termination for proofs of some algorithms that might not be writeable with `Fixpoint`, which is good to know about for another thing I'm working on
[Sat Feb  3 16:28:06 2018] <aweinstock> (poset lattice fixpoint iteration, as used in dataflow algorithms for compilers)
[Sat Feb  3 17:04:17 2018] <aweinstock> unrelated question (about recovering information after branching on it to get a bool): in https://paste.rs/iBC, how can I find out what function the 'if/then/else' in H expands to? `Print Scopes.` only gave me IF_then_else, which doesn't look like its type unifies
[Sat Feb  3 17:06:24 2018] <aweinstock> (i.e. `Check fun (A : Set) (f : dec_eq A) (x y : A) => IF_then_else (f x y).` fails to typecheck)
[Sat Feb  3 17:09:25 2018] <aweinstock> I tried `Unset Printing Notations.`, and it still shows up as `H : eq (if f x y then true else false) true`
[Sat Feb  3 17:12:24 2018] <pgiarrusso> aweinstock: `Program Definition` is similar to `refine` and lets you fill in proofs in definitions more conveniently ... just write `_` and get a goal
[Sat Feb  3 17:12:29 2018] <pgiarrusso> instead of writing `ltac:(...)`
[Sat Feb  3 17:13:53 2018] <pgiarrusso> aweinstock: `if...then...else` is probably a primitive and has special behavior
[Sat Feb  3 17:14:06 2018] <pgiarrusso> the condition can have any type with two constructors
[Sat Feb  3 17:14:14 2018] <pgiarrusso> (IIRC)
[Sat Feb  3 17:14:16 2018] <aweinstock> w.r.t. the dec_eq question, I found it in figure 1.1, and the behaviour in 2.2.2 (coq manual)
[Sat Feb  3 17:14:19 2018] <pgiarrusso> no way to achieve that with a usual function
[Sat Feb  3 17:15:13 2018] <aweinstock> the https://paste.rs/iBC thing is a minimal repro of an issue I ran into in a larger proof for the poset_lattice project (antisymmetry for a free-lattice construct)
[Sat Feb  3 17:17:43 2018] <pgiarrusso> uh, `destruct f x y` should let you finish that proof
[Sat Feb  3 17:18:01 2018] <pgiarrusso> (if you wonder about that)
[Sat Feb  3 17:18:31 2018] <aweinstock> (aside: w.r.t. etiquette, should I be more explicit about numbering questions if I'm asking multiple unrelated questions asynchronously?)
[Sat Feb  3 17:19:37 2018] <pgiarrusso> gotta leave (for now?), see you, hope the above helps!
[Sat Feb  3 17:20:46 2018] <aweinstock> 'destruct f; [exact e | discriminate H]' solves the dec_eq thing, thanks!
[Sat Feb  3 18:47:34 2018] <pgiarrusso> aweinstock: uh, I meant `destruct (f x y)` :-|... amazed that `destruct f` works!
[Sun Feb  4 18:40:16 2018] <anonlastname> Does anybody know how to go about defining the order of a group? I have a definition of a group that only provides the 3 usual axioms
[Sun Feb  4 18:42:29 2018] <contrapumpkin> a bijection to Fin?
[Sun Feb  4 21:04:31 2018] <dh`> what kind of thing is your group?
[Sun Feb  4 21:05:49 2018] <dh`> because the size of the group should follow from the set it's a structuring of
[Mon Feb  5 04:02:15 2018] <dh`> hmm
[Mon Feb  5 04:02:22 2018] <dh`> I think I may have outsmarted myself
[Mon Feb  5 04:02:37 2018] <dh`> is there a clever way to fuse fold_right (fold_left ...) [or vice vera]?
[Mon Feb  5 04:18:14 2018] <dh`> seems so. hmm
[Mon Feb  5 06:02:05 2018] <Limeth> Hello, I am a computer science student in my first year of studies. Yesterday I discovered Coq. I am reading this book on Geometric Algebra and I thought Coq might help me learn it if I tried to build up the theory in Coq. How feasible is this, and, are there any Coq libraries for Linear Algebra?
[Mon Feb  5 07:18:02 2018] <pgiarrusso> dh`: can you write fold_left as a fold_right? (Recommend googling the solution, there is one). That might be a (slow) way. Not sure if any fusion can do much better
[Mon Feb  5 07:19:17 2018] <pgiarrusso> fold_right id (fun x xs, (cons x) . xs) xs
[Mon Feb  5 07:20:13 2018] <pgiarrusso> Limeth: the mathematical components project has some algebra, so maybe linear algebra
[Mon Feb  5 07:21:44 2018] <pgiarrusso> Limeth: but most likely your project is too hard for now, you’d need lots of experience with both subjects to do your own formalization
[Mon Feb  5 07:22:34 2018] <pgiarrusso> Limeth: if you have significant time, you can start following a good Coq book (say, Software Foundations)
[Mon Feb  5 07:32:05 2018] <Limeth> I've actually already started with the Software Foundations guide. My main goal is to create a geometric algebra library for Rust, but I thought trying to formalize parts of GA could be useful. But I might be getting ahead of myself.
[Mon Feb  5 07:51:12 2018] <pgiarrusso> statistically, you are — it’s a good thought, it’ll just take a while
[Mon Feb  5 07:51:15 2018] <pgiarrusso> Limeth: for me, the exercise on the pigeonhole principle was appropriately humbling — I’ve used it millions of times but I gave up formalizing its proof when I first worked through SF
[Mon Feb  5 07:51:58 2018] <pgiarrusso> http://math-comp.github.io/math-comp/
[Mon Feb  5 07:52:17 2018] <pgiarrusso> Limeth: that’s the mathematical components homepage ^^
[Mon Feb  5 07:56:09 2018] <Limeth> Thanks for the link
[Mon Feb  5 13:15:14 2018] <dh`> pgiarrusso: by chaining lambdas or by reverse? neither seems very useful for fusion :-/
[Mon Feb  5 13:21:17 2018] <pgiarrusso> dh`: yeah I realize... not sure if any of the papers on fusion handle left folds better
[Mon Feb  5 13:24:29 2018] <dh`> I was hoping to avoid having to dig in deeply :-)
[Mon Feb  5 13:25:39 2018] <dh`> I have a stack of string ops as folds now, with equivalence lemmas, but some of them are left folds and some right
[Mon Feb  5 13:26:38 2018] <dh`> also when scoping this I forgot about the way haskell laziness affects foldr
[Mon Feb  5 13:27:39 2018] <dh`> (as in, extracting to foldr is sometimes desirable for haskell, but virtually never for ocaml)
[Mon Feb  5 13:34:26 2018] <t0by> Hi, I'm sorry, stupid question.
[Mon Feb  5 13:34:39 2018] <t0by> I'm in the middle of an interactive proof, can I save a term for later?
[Mon Feb  5 13:34:47 2018] <t0by> Not _admit_, mind you.
[Mon Feb  5 13:34:56 2018] <t0by> It's just an f(x) where x is in the hypotesis.
[Mon Feb  5 13:35:10 2018] <dh`> I think that's what shelve is for, but I'm not sure how to use it
[Mon Feb  5 13:35:50 2018] <Cypi> `shelve` will put the current goal on the shelf. You can then `Unshelve.` to get all the shelved goals back into focus
[Mon Feb  5 13:36:11 2018] <Cypi> (there is probably a way to unshelve only one specific goal, maybe with `Focus`, I'm not sure)
[Mon Feb  5 13:38:46 2018] <t0by> thanks, but I don't want the current goal
[Mon Feb  5 13:38:51 2018] <t0by> let me rephrase
[Mon Feb  5 13:39:03 2018] <t0by> I have x:A, y:B, x:C in the hypotesis
[Mon Feb  5 13:39:07 2018] <t0by> my goal is foo
[Mon Feb  5 13:39:20 2018] <t0by> I can eval and print an f(x)
[Mon Feb  5 13:39:27 2018] <t0by> I'd like to store that, i.e.
[Mon Feb  5 13:39:43 2018] <t0by> Add an hypotesis w = f(x) : whatever
[Mon Feb  5 13:39:43 2018] <Cypi> `pose proof (f(x))` ?
[Mon Feb  5 13:39:52 2018] <t0by> for later use
[Mon Feb  5 13:40:07 2018] <Cypi> or `set (f(x))` depending if you want it opaque or transparent
[Mon Feb  5 13:40:09 2018] <dh`> "remember (f x) as w"?
[Mon Feb  5 13:40:36 2018] <t0by> Ah
[Mon Feb  5 13:40:39 2018] <t0by> fantastic
[Mon Feb  5 13:40:41 2018] <t0by> thank you all!
[Mon Feb  5 17:22:40 2018] <pgiarrusso> dh`: I tried to mention the laziness issue — even `find_first p xs` works as a fold_right only with laziness
[Mon Feb  5 17:23:01 2018] <pgiarrusso> maybe you want to use a CBN fold even in OCaml?
[Mon Feb  5 17:23:14 2018] <dh_work> well
[Mon Feb  5 17:23:20 2018] <pgiarrusso> you don’t need laziness, thunks are enough
[Mon Feb  5 17:23:21 2018] <dh_work> I'm mostly using the folds as proof tools
[Mon Feb  5 17:23:59 2018] <pgiarrusso> “mostly”
[Mon Feb  5 17:24:19 2018] <pgiarrusso> do these efficiency issues affect proof tools for some fancy reason?
[Mon Feb  5 17:24:31 2018] <dh_work> so it doesn't matter if e.g. the one for find_first is inefficient
[Mon Feb  5 17:25:01 2018] <pgiarrusso> ah, you said *extracting* to foldr
[Mon Feb  5 17:25:15 2018] <dh_work> right, for haskell
[Mon Feb  5 17:25:41 2018] <dh_work> where fold versions exist, they can be dropped in for extraction if it seems desirable
[Mon Feb  5 17:26:45 2018] <dh_work> I had two categories of fold versions, one that makes reasonably sensible ocaml output from fold_left, and one that doesn't.
[Mon Feb  5 17:27:00 2018] <dh_work> but because of the haskell fold_right thing, there need to be three.
[Mon Feb  5 17:27:22 2018] <pgiarrusso> oh dear
[Mon Feb  5 17:28:11 2018] <dh_work> so for example the fold version of case-insensitive string compare does not generate sensible output, no matter how you slice it.
[Mon Feb  5 17:28:35 2018] <dh_work> because at least for the time being fold2 requires strings that are the same length, so it has to test the length of the strings up front
[Mon Feb  5 17:29:23 2018] <dh_work> and that means two iterations over both strings instead of one.
[Mon Feb  5 17:29:49 2018] <dh_work> but some of the other ones are fine except for being fold_right, which is almost never desirable in ocaml
[Mon Feb  5 17:29:58 2018] <dh_work> and those are also just tagged "inefficient"
[Mon Feb  5 17:43:54 2018] <dh_work> (this is not a big deal, it just means going through the whole mess again and rearranging the naming)
[Mon Feb  5 21:53:39 2018] <michbad> I was hoping someone could help me set up Proof General in Spacemacs. I installed Proof General, added two lines to my init.el file, and coq files open in the PG mode. I also added coq to my spacemacs layers, but then I'm getting a fail for that layer when I try to execute the configuration file. Does anyone know what the issue is?
[Mon Feb  5 23:45:26 2018] <pgiarrusso> michbad: the coq layer includes proof general, you don’t need both; but also, that layer requires the develop branch of spacemacs (last I saw)
[Mon Feb  5 23:47:32 2018] <michbad> pgiarrusso: I managed to get it to kind of work by changing the proof general path in a couple places. Weirdly, I get some of the keybindings described in the documentation, but not all of them. I might play around with it a little more, maybe the develop branch will help.
[Mon Feb  5 23:49:29 2018] <pgiarrusso> michbad: sounds like you installed proof general by hand? It’s on melpa now
[Mon Feb  5 23:49:51 2018] <pgiarrusso> I suspect you might want to save your changes and just add the coq layer
[Mon Feb  5 23:50:42 2018] <pgiarrusso> But I should paste my working .spacemacs for this
[Mon Feb  5 23:51:01 2018] <pgiarrusso> (Not now, but feel free to ping me)
[Mon Feb  5 23:53:03 2018] <michbad> pgiarrusso: I think I have the coq layer now: if I do `SPC m` or `,`, then I can execute a bunch of the commands. Thanks, I'll experiment and see what I can come up with.
[Tue Feb  6 00:22:27 2018] <pgiarrusso> michbad: if ESC autocompletes there’s a workaround!
[Tue Feb  6 00:27:35 2018] <michbad> pgiarrusso: Actually it does, what is it?
[Tue Feb  6 00:29:13 2018] <michbad> nevermind, i found it
[Tue Feb  6 00:29:23 2018] <pgiarrusso> https://github.com/syl20bnr/spacemacs/issues/8853#issuecomment-302706114
[Tue Feb  6 00:29:28 2018] <pgiarrusso> Ah
[Tue Feb  6 00:38:40 2018] <michbad> pgiarrusso: Got it to work. Thanks for your help, I feel like I finally get some grasp of how to use it. :)
[Tue Feb  6 10:27:18 2018] <mgttlinger> https://www.irccloud.com/pastebin/dMa7fP74/
[Tue Feb  6 10:27:23 2018] <mgttlinger> I hav ethis Ltac
[Tue Feb  6 10:28:04 2018] <mgttlinger> and it matches a hypothes stating `false = xy`
[Tue Feb  6 10:28:41 2018] <mgttlinger> in th egoal there is a `if xy then ... else ...` buried inside other things (without binders)
[Tue Feb  6 10:29:09 2018] <mgttlinger> so as `Debug Ltac` telld me th efirst branch matches
[Tue Feb  6 10:29:14 2018] <mgttlinger> but the rewrite fails
[Tue Feb  6 10:30:41 2018] <mgttlinger> Does this sound familiar to anyone? If I try to do that rewrite by hand it also fails telling me that xy is nowhere in the goal
[Tue Feb  6 10:30:55 2018] <Cypi> What does it say when it fails? Also, for debugging purposes I would try two things. 1) Just print `f` (with `idtac f`), then do the rewrite manually and see if it fails and why. 2) Replace `rewrite H` by `pattern f; rewrite H; simpl`.
[Tue Feb  6 10:31:30 2018] <Cypi> (The tactic `pattern f` will change the goal so that it has the shape `P f`, hopefully it will make things easier for `rewrite`)
[Tue Feb  6 13:30:34 2018] <mgttlinger> Cypi:  Thanks for your help. When doing the rewrite by hand it sais "Error: Found no subterm matching "pure_in p (b_conj a1 a2)" in the current goal." But it is in the goal... `pattern f; rewrite; simpl` did the trick. Any insight  as to why this could be necessary?
[Tue Feb  6 13:36:14 2018] <dh`> is it in the goal under an exists? (or worse, a lambda?)
[Tue Feb  6 13:36:42 2018] <mgttlinger> No no binders involved
[Tue Feb  6 13:36:59 2018] <mgttlinger> Just about 60 lines of expanded computation
[Tue Feb  6 13:38:33 2018] <ExcaliburZero> What is the easiest way to construct finite sets and apply operations like union and intersect in Coq? I've search a bit online, but I wasn't able to find any clear examples on how to do this. I found Coq.Sets.Ensembles, but I was not sure on how best to use it to construct finite sets.
[Tue Feb  6 13:43:38 2018] <dh`> what are you trying to do with your sets?
[Tue Feb  6 13:43:53 2018] <dh`> if you're trying to use them as collections, you want the msets piece of the library
[Tue Feb  6 13:44:20 2018] <dh`> if you're trying to do set theory, then probably coq.sets
[Tue Feb  6 13:49:50 2018] <ExcaliburZero> I am just trying to use them as collections, though I may try some set theory stuff later.
[Tue Feb  6 13:50:15 2018] <ExcaliburZero> I'll check those sections of the library.
[Tue Feb  6 13:51:05 2018] <ExcaliburZero> Are there any quick examples them that you know of?
[Tue Feb  6 13:52:52 2018] <ExcaliburZero> MSets looks like it will work for what I want to try.
[Tue Feb  6 14:50:37 2018] <ExcaliburZero> dh`: MSets ended up working well. Thanks!
[Tue Feb  6 16:08:59 2018] <dh_work> * bows
[Tue Feb  6 16:09:11 2018] <dh_work> set theory sets and container sets are quite different things
[Tue Feb  6 16:21:55 2018] <mgttlinger> Cypi: your trick with `pattern`solved a lot of cases however I now have a case where `pattern`does not replace the term by the newly indtroduced lambda variable. Any tips on debugging that?
[Tue Feb  6 17:12:10 2018] <pgiarrusso> mgttlinger: any dependent types involved?
[Tue Feb  6 17:12:42 2018] <pgiarrusso> sometimes it’s ill-typed to replace a term
[Tue Feb  6 17:13:28 2018] <pgiarrusso> for instance, assume you have a length-indexed type `Vec A n`, where `cons` gives you a `Vec A (S n)`
[Tue Feb  6 17:14:28 2018] <pgiarrusso> argh, bad example
[Tue Feb  6 17:15:47 2018] <pgiarrusso> better: assume a predicate `tailEven: Vec A (S n) -> Prop`, and assumptions `xs : Vec A (S n)` and `H : tailEven xs`
[Tue Feb  6 17:16:28 2018] <pgiarrusso> if `m = S n`, I think you can’t replace `S n` by `m` in `xs` type, because `tailEven xs` is ill-typed if `xs : Vec A m`
[Tue Feb  6 17:16:34 2018] <pgiarrusso> mgttlinger: ^^
[Tue Feb  6 17:17:12 2018] <pgiarrusso> caveat: I reconstructed this example on the spot and I might miss something, but I remember I have seen similar things discussed
[Tue Feb  6 17:17:58 2018] <pgiarrusso> crucially, I expect this could work if `m` were defined in the context through `m := S n`
[Tue Feb  6 17:18:15 2018] <pgiarrusso> but not if the replacement used just `Heq : m = S n`
[Tue Feb  6 17:43:57 2018] <anishathalye> Is there any way to get Coq's evaluation machinery to compute, but have it not unfold / descend into a particular function `foo` or its arguments?
[Tue Feb  6 17:45:26 2018] <anishathalye> I wan't something that's (intuitively) something like `cbv - [foo]` (I know that syntax means something different, though)
[Tue Feb  6 17:46:07 2018] <Cypi> I was about to suggest `cbv -[foo]` though
[Tue Feb  6 17:46:16 2018] <Cypi> but it will still reduce the arguments of the function
[Tue Feb  6 17:47:54 2018] <Cypi> "the arguments of a function" is something vaguely defined anyway. So you might have to to that more manually
[Tue Feb  6 17:48:16 2018] <Cypi> (you could do stuff like `remember (foo a b c) as tmp` and then unfold back `tmp` in the goal
[Tue Feb  6 17:48:19 2018] <Cypi> )
[Tue Feb  6 17:48:34 2018] <pgiarrusso> Cypi: could anishathalye  `pattern` the function call?
[Tue Feb  6 17:49:30 2018] <Cypi> Probably? But then you still have `P (foo a b c)` as a goal, so you still need either to make this more opaque (using `remember` for instance), or to disable beta-reduction
[Tue Feb  6 17:49:45 2018] <Cypi> hmm. Disabling beta-reduction is not enough, it will still reduce a, b and c
[Tue Feb  6 17:51:08 2018] <pgiarrusso> * should study pattern
[Tue Feb  6 17:51:54 2018] <pgiarrusso> Cypi: but what about `cbn` or `simpl` after excluding the function? Arguments won’t be reduced then
[Tue Feb  6 17:52:20 2018] <pgiarrusso> I mean, if `cbn -[foo]` works, it shouldn’t have a need to reduce `foo`’s argument
[Tue Feb  6 17:52:24 2018] <pgiarrusso> *arguments
[Tue Feb  6 17:52:26 2018] <pgiarrusso> right?
[Tue Feb  6 17:53:19 2018] <Cypi> I don't understand what you mean
[Tue Feb  6 17:53:30 2018] <Cypi> `cbn -[foo]` will always work, it is just a reduction tactic
[Tue Feb  6 17:53:48 2018] <Cypi> It will perform full strong reduction, except that `foo` will be considered opaque and never replaced by its definition
[Tue Feb  6 18:53:56 2018] <anishathalye> Oops, `cbv -[foo]` was exactly what I wanted. For some reason, I was confused. Thanks for your help Cypi and pgiarrusso!
[Tue Feb  6 18:54:40 2018] <pgiarrusso> Cypi: I just didn’t know if `cbn -[foo]` was valid syntax, I just guessed it
[Tue Feb  6 18:54:51 2018] <pgiarrusso> thanks for clarifying it does
[Wed Feb  7 02:40:44 2018] <mgttlinger> pgiarrusso: as far as I can see the only dependent types involved are the hypotheses in context which are depenent by their very nature but everything else is at most paramterised over `Set` ad the expression I'm trying to `pattern` `rewrite` is an expression evaluating to a `bool`
[Wed Feb  7 02:41:52 2018] <mgttlinger> which occurs in an `if` which I want coq to resolve due to having proff in context that the thing evaluates to true (false)
[Wed Feb  7 02:43:15 2018] <mgttlinger> and all binders involved in this expresion are in the `else` branch of said `if`so this can't cause it
[Wed Feb  7 02:45:04 2018] <pgiarrusso> No clue then, except if `Unset Notations` (or what was it?) shows there was a binder hidden in your goal
[Wed Feb  7 02:46:48 2018] <johnw> Unset Printing Notations, I believe.
[Wed Feb  7 02:47:01 2018] <johnw> or Set Printing All.
[Wed Feb  7 02:47:07 2018] <johnw> or Unset Printing Implicits.
[Wed Feb  7 02:47:14 2018] <johnw> err, Set
[Wed Feb  7 02:48:10 2018] <mgttlinger> johnw: Ok, that hint was helpful
[Wed Feb  7 02:48:29 2018] <mgttlinger> Now I see why they are different
[Wed Feb  7 02:49:30 2018] <mgttlinger> well they are equal after beta reductuion however
[Wed Feb  7 02:51:59 2018] <mgttlinger> Then the question arises: why do the implicit arguments in the goal get beta reduced but in the argument in my pattern they dont and therefore are considered unequal
[Wed Feb  7 02:52:24 2018] <johnw> what's your example?
[Wed Feb  7 02:53:32 2018] <mgttlinger> I have a rather large term in the goal which has an if then else structure having a term evaluating to bool
[Wed Feb  7 02:53:44 2018] <johnw> and simpl doesn't simplify it?
[Wed Feb  7 02:53:53 2018] <mgttlinger> I have proof in context that this term evaluates to  false
[Wed Feb  7 02:54:23 2018] <mgttlinger> rewrite with that proof sais that the term is not in context
[Wed Feb  7 02:54:41 2018] <mgttlinger> ( now visibly due to this missing beta reduction of impicits)
[Wed Feb  7 02:54:57 2018] <mgttlinger> but in some cases pattern and then  rewrite solved it
[Wed Feb  7 02:55:02 2018] <mgttlinger> somehow
[Wed Feb  7 02:55:23 2018] <johnw> it's hard to say without seeing what you're seeing
[Wed Feb  7 02:55:56 2018] <mgttlinger> Yes but any smaller example I tried to come up with didn't show that behaviour
[Wed Feb  7 02:56:37 2018] <mgttlinger> I'll have another go at it knowing now that this missing beta reduction is causing it
[Wed Feb  7 02:56:43 2018] <johnw> can you prove that these two beta-equivalent terms are equal with an auxiliary lemma, and then rewrite with that?
[Wed Feb  7 02:59:05 2018] <mgttlinger> probably unfold would do it given that it really is just a definition which doesn't get unfolded
[Wed Feb  7 02:59:10 2018] <mgttlinger> let me try that
[Wed Feb  7 03:05:25 2018] <mgttlinger> Ok, unfolding and then `pattern`cause pattern to max my CPU for at least the last 50 seconds...
[Wed Feb  7 03:05:55 2018] <johnw> hah, 50 seconds
[Wed Feb  7 03:05:55 2018] <mgttlinger> Is there a way to see what coq is doing there?
[Wed Feb  7 03:06:05 2018] <mgttlinger> I mean it's stil running
[Wed Feb  7 03:06:07 2018] <johnw> are you on a Mac or Linux?
[Wed Feb  7 03:06:12 2018] <mgttlinger> Linux
[Wed Feb  7 03:06:27 2018] <johnw> hmm.. I don't know how to do stochastic profiilng on Linux
[Wed Feb  7 03:06:30 2018] <mgttlinger> but i mean pattern previously was somwhat instant
[Wed Feb  7 03:08:33 2018] <johnw> i'm just used to Coq being crazy slow at unexpected times, I don't know what it's doing
[Wed Feb  7 03:08:59 2018] <johnw> these 10 minutes to me a good sign it may not end before I run out of patience
[Wed Feb  7 03:09:02 2018] <johnw> these days*
[Wed Feb  7 03:09:10 2018] <mgttlinger> I'm by now being used to coq just doung weird stuff when `Programm` and `Typeclass` are used...
[Wed Feb  7 03:09:55 2018] <mgttlinger> It's still trying to pattern...
[Wed Feb  7 03:10:19 2018] <mgttlinger> gonna killit now...
[Wed Feb  7 03:10:27 2018] <mgttlinger> ah nevermind
[Wed Feb  7 03:10:35 2018] <mgttlinger> proces ran out of memory and killed itself
[Wed Feb  7 03:11:13 2018] <johnw> ah, a bug to be reported, if you can possibly shrink it!
[Wed Feb  7 03:13:15 2018] <mgttlinger> The last time I thought coq taking forever to compute something it turned out that it triedto unfold my functions all the way
[Wed Feb  7 03:13:26 2018] <mgttlinger> resulting in terms so large that the memory didn't suffice
[Wed Feb  7 03:13:36 2018] <mgttlinger> which wasn't really a bug as such
[Wed Feb  7 03:17:45 2018] <mgttlinger> Ok but at least now I have a clue as to why those rewrites didn't work in the first place
[Wed Feb  7 03:18:00 2018] <pgiarrusso> mgttlinger: maybe try to factor out pieces of the definition
[Wed Feb  7 03:18:24 2018] <pgiarrusso> doubly so if involved definitions are generated by `Program`
[Wed Feb  7 03:19:08 2018] <pgiarrusso> or by definitions that use `Program` and *pattern match*
[Wed Feb  7 03:20:18 2018] <mgttlinger> Hmmmm yeah that function is ridiculous anyway... 35 lines of code generating 351 proof obligations
[Wed Feb  7 03:21:03 2018] <mgttlinger> apart from 4 of those all can basicaly be proved by omega and congruence
[Wed Feb  7 03:55:34 2018] <mgttlinger> I think I'm going insane with coq.... I have `is_true (f a1) \/ is_true (f a2)` in scope and I want to destruct that but coq tells me `Error: Case analysis on sort Type is not allowed for inductive definition
[Wed Feb  7 03:55:34 2018] <mgttlinger> Logic.or.`
[Wed Feb  7 03:56:04 2018] <mgttlinger> but `Logic.or` is `Prop -> Prop -> Prop`
[Wed Feb  7 03:56:19 2018] <mgttlinger> and `is_true : bool -> Prop`
[Wed Feb  7 04:02:32 2018] <Cypi> mgttlinger: your goal is in Type
[Wed Feb  7 04:02:55 2018] <mgttlinger> Yes
[Wed Feb  7 04:03:06 2018] <Cypi> and to build/prove something in Type (or Set), you cannot in general eliminate something in Prop
[Wed Feb  7 04:03:30 2018] <Cypi> (basically, your computation cannot depend on the actual value of anything in Prop)
[Wed Feb  7 04:03:45 2018] <mgttlinger> Ok
[Wed Feb  7 04:04:03 2018] <mgttlinger> yeah that fixed it
[Wed Feb  7 04:04:05 2018] <mgttlinger> Thanks
[Wed Feb  7 04:21:52 2018] <mgttlinger> Can I force definitions to alwys e unfolded?
[Wed Feb  7 04:22:16 2018] <mgttlinger> certain definitions that is
[Wed Feb  7 04:22:30 2018] <mgttlinger> not all in general
[Wed Feb  7 04:25:10 2018] <cic> maybe you want notations rather than new definitions?
[Wed Feb  7 04:27:08 2018] <mgttlinger> cic: oh right that would work.
[Wed Feb  7 04:27:25 2018] <cic> or maybe one could write a simple ltac line that's just a long rewrite and use that as a tactic later. that's not automatic, but maybe better than fully manual.
[Wed Feb  7 04:28:19 2018] <mgttlinger> Well It's unfortunately not that simple
[Wed Feb  7 04:28:35 2018] <mgttlinger> those definitions occur only in implicit arguments
[Wed Feb  7 04:29:00 2018] <mgttlinger> and apparently only can be unfolded by my tactic if printin gof implicits is enabled
[Wed Feb  7 04:36:21 2018] <Cypi> Printing should not change what can and cannot be unfolded
[Wed Feb  7 04:36:26 2018] <Cypi> if it's the case, it's a bug
[Wed Feb  7 04:37:21 2018] <mgttlinger> I just noticed if i put unfold commands into the obligation tactic  and in an unsolved goal set implicit printing those are not unfolded
[Wed Feb  7 04:37:36 2018] <mgttlinger> and if i set that before the whole thing they are unfolded in the unsolved goals
[Wed Feb  7 04:38:11 2018] <mgttlinger> Unless I'm missing something to mee that seems like the printing changes the outcome
[Wed Feb  7 04:38:28 2018] <Cypi> If you have a self-contained piece of code I can try and take a look at it
[Wed Feb  7 04:38:45 2018] <mgttlinger> let me try to build something
[Wed Feb  7 04:41:21 2018] <mgttlinger> Ok hat unfolding of those function was what was confusing rewrite before and needing a custom tactic from me to solve those `if`s
[Wed Feb  7 04:42:11 2018] <mgttlinger> lesson learned: don't use definitions for type aliases
[Wed Feb  7 04:53:43 2018] <mgttlinger> Cypi: I'm having trouble making a self contained example exhibiting the behaviour I'm experiencing...
[Wed Feb  7 13:06:34 2018] <lyxia> I want to rename module N to M, but   Module M := N   duplicates instances in N...
[Wed Feb  7 13:07:44 2018] <lyxia> So now instance resolution takes exponential time because it makes every choice twice
[Wed Feb  7 13:08:03 2018] <lyxia> Is there some better way to rename modules?
[Wed Feb  7 13:09:14 2018] <lyxia> If it helps, N is a module that I "Require Import"-ed.
[Wed Feb  7 18:25:38 2018] <pgiarrusso> lyxia: I’m thinking you should just import module N, not require it, and then require M (or maybe swap import and require in what I said)
[Wed Feb  7 18:25:55 2018] <pgiarrusso> *maybe*, just a guess
[Wed Feb  7 18:26:25 2018] <pgiarrusso> Which assumes you’re also Requiring M after the rename, otherwise I’m confused
[Wed Feb  7 18:30:26 2018] <lyxia> Hm, unfortunately it seems even Require-ing the module pulls in its instances
[Thu Feb  8 06:43:31 2018] <mgttlinger> Can I locally turn off warnings for overridden notations?
[Thu Feb  8 06:44:37 2018] <mgttlinger> So I want those warnings turned off but only for one file
[Thu Feb  8 06:45:31 2018] <anton-trunov> `Set Warnings "-notation-overridden".`
[Thu Feb  8 06:47:39 2018] <mgttlinger> Ok, thanks that was easier than expected
[Thu Feb  8 06:47:53 2018] <anton-trunov> :)
[Thu Feb  8 06:49:34 2018] <mgttlinger> Ok but it doesn't do what I want. My description of the desired behaviour was wrong
[Thu Feb  8 06:49:52 2018] <mgttlinger> I want no warnings for the notations defined in a single file.
[Thu Feb  8 06:50:29 2018] <mgttlinger> With that flag set I get the warnings everywhere the file is imported
[Thu Feb  8 06:56:55 2018] <anton-trunov> You can add turn this warning off before importing your file and then turn it on.
[Thu Feb  8 06:57:13 2018] <anton-trunov> *s/add//
[Thu Feb  8 06:58:28 2018] <mgttlinger> I import that file almost everywhere...
[Thu Feb  8 06:59:41 2018] <mgttlinger> well I think I'm gonna live with those warnings then. Have done enough C++ to know how to ignore a bunch of warnings.
[Thu Feb  8 06:59:44 2018] <anton-trunov> People usually just copy a set of commands across all the files of a project
[Thu Feb  8 06:59:56 2018] <anton-trunov> It seems there is no better way as of now
[Thu Feb  8 07:00:25 2018] <anton-trunov> I'd like to be proven wrong :)
[Thu Feb  8 07:03:47 2018] <anton-trunov> Once I suggested a "horrendous hack" ;) in this (slightly) related coq-club thread: https://sympa.inria.fr/sympa/arc/coq-club/2017-02/msg00010.html
[Thu Feb  8 12:53:10 2018] <dh`> <lyxia> I want to rename module N to M, but   Module M := N   duplicates instances in N...
[Thu Feb  8 12:53:25 2018] <dh`> that seems like just a bug...
[Thu Feb  8 12:59:06 2018] <Cypi> Would `Module M. Include N. End M.` work?
[Thu Feb  8 13:19:00 2018] <dh`> this makes me wonder about the interaction between instances and generative functors, though
[Thu Feb  8 13:23:29 2018] <dh`> I never did understand why haskell instances are unscopeable
[Thu Feb  8 15:10:56 2018] <lyxia> Many Haskell libraries assume instances are unique
[Thu Feb  8 16:33:48 2018] <pgiarrusso> dh`: take two dictionaries based on two different orderings on the same type. You want them to have incompatible types so you don’t try to merge them together (because merging assumes they are both ordered the same way). SML uses generative functors, Haskell forbids having two different orderings on the same type.
[Thu Feb  8 16:34:21 2018] <pgiarrusso> dh`: but you can “copy” the type with `newtype` (which has no runtime overhead) and then give different instances
[Thu Feb  8 16:35:02 2018] <dh_work> nothing bad happens if you define two different orderings on the same type within two separate scopes, though
[Thu Feb  8 16:35:31 2018] <dh_work> there's no point where the two instances can intersect then.
[Thu Feb  8 16:37:48 2018] <dh_work> (and outside both scopes it's not ordered at all)
[Thu Feb  8 16:39:54 2018] <lyxia> Consider Data.Map, which are binary search trees. Operations expect an Ord instance, and if you don't use the same then things break.
[Thu Feb  8 16:44:58 2018] <hackinghorn> hi
[Thu Feb  8 16:45:14 2018] <hackinghorn> I want to prove False from (~P -> P) and (~P)
[Thu Feb  8 16:46:30 2018] <lyxia> hackinghorn: what's the problem?
[Thu Feb  8 16:47:08 2018] <hackinghorn> lyxia, how to prove it.. I tried "apply H1" where H1 is "~P -> P" but it doesnt work
[Thu Feb  8 16:47:36 2018] <hackinghorn> it gives "Unable to unify "P" with "False"."
[Thu Feb  8 16:48:25 2018] <lyxia> apply H  expects the conclusion of H to match the goal.
[Thu Feb  8 16:48:38 2018] <lyxia> Since your goal is False, you must use   H : ??? -> False
[Thu Feb  8 16:48:59 2018] <lyxia> Note that   ~P = P -> False   so you could use that
[Thu Feb  8 16:50:47 2018] <hackinghorn> lyxia, oh yeahhh, i got it now
[Thu Feb  8 16:50:53 2018] <hackinghorn> thankss
[Thu Feb  8 17:18:42 2018] <dh_work> lyxia: ah, that's a good reason :-
[Thu Feb  8 17:18:43 2018] <dh_work> )
[Thu Feb  8 17:19:56 2018] <dh_work> it seems like one could build things so that doesn't escape either, but they didn't
[Thu Feb  8 17:36:50 2018] <hackinghorn> um, how to prove a disjunction
[Thu Feb  8 17:37:42 2018] <lyxia> hackinghorn: use "left" or "right" to choose the side you want to prove
[Thu Feb  8 17:38:38 2018] <hackinghorn> lyxia, ahh thankss
[Thu Feb  8 18:23:30 2018] <atlask> What are you guys using coq for? Academic? Professional?
[Thu Feb  8 18:31:00 2018] <dh_work> there's not a whole lot of production deployments of verification yet
[Thu Feb  8 18:32:30 2018] <atlask> Why is that?
[Thu Feb  8 18:32:41 2018] <atlask> Companies love their unit tests?
[Thu Feb  8 18:36:56 2018] <dh_work> it's still too hard and not scalable enough
[Thu Feb  8 18:37:35 2018] <dh_work> the state of the art in 'real software' is programs on the order of 10000 lines
[Thu Feb  8 18:37:59 2018] <dh_work> interesting production deployment targets tend to start at millions
[Thu Feb  8 18:38:37 2018] <dh_work> I guess compcert is bigger than that, but compcert is also a very specific kind of thing that happens to fit well into the available models
[Thu Feb  8 18:42:31 2018] <pgiarrusso> Add CakeML, if it’s done
[Thu Feb  8 18:42:55 2018] <pgiarrusso> dh_work: but people do use (other forms of) verification in practice
[Thu Feb  8 18:43:16 2018] <pgiarrusso> including model checking and ATP and provers with more automation than Coq
[Thu Feb  8 18:43:30 2018] <pgiarrusso> actually, scratch the latter, they’re still too hard
[Thu Feb  8 18:52:31 2018] <atlask> I know MIT made a fully verified filesystem albiet I would still call that academic
[Thu Feb  8 18:52:36 2018] <atlask> https://github.com/mit-pdos/fscq
[Thu Feb  8 18:53:38 2018] <atlask> dh_work: When you say "not scalable enough" do you mean that it lacks tooling or that there aren't very many supporting libraries yet
[Thu Feb  8 19:01:04 2018] <dh_work> fscq is a long way from a filesystem you'd want to use.
[Thu Feb  8 19:01:41 2018] <dh_work> I mean if you want to try to write a 10-million-line project it'll take you multiple teams of phds working for years
[Thu Feb  8 19:02:32 2018] <dh_work> it's also quite feasible to model your stuff in coq and prove theorems about it
[Thu Feb  8 19:02:43 2018] <atlask> Because of the heavy math involved?
[Thu Feb  8 19:02:56 2018] <dh_work> to me it seems preferable to using a model checker, but that's probably just a matter of taste
[Thu Feb  8 19:03:08 2018] <atlask> Or should I say "mathematical mindset"
[Thu Feb  8 19:03:46 2018] <dh_work> atlask: it's not heavy math for the most part, unless you're really trying to push the boundaries. but it's still basically just hard.
[Thu Feb  8 19:04:18 2018] <atlask> dh_work: I agree but why do you think it's so hard?
[Thu Feb  8 19:04:41 2018] <atlask> Because of the technological stack necessary to be productive?
[Thu Feb  8 19:05:00 2018] <dh_work> why is it hard, or why do I think it's hard?
[Thu Feb  8 19:05:04 2018] <dh_work> I don't think it's hard, tbh.
[Thu Feb  8 19:05:09 2018] <atlask> OMG
[Thu Feb  8 19:05:31 2018] <atlask> lol why do you think people think it's hard
[Thu Feb  8 19:05:37 2018] <dh_work> I think it's not markedly different from ordinary programming, except that you have to actually write carefully instead of pumping out halfassed garbage
[Thu Feb  8 19:05:50 2018] <atlask> I think so too!
[Thu Feb  8 19:06:16 2018] <dh_work> what makes it hard is that most people find *that* hard.
[Thu Feb  8 19:06:25 2018] <dh_work> that and many people also find proofs hard in the first place.
[Thu Feb  8 19:07:04 2018] <Cypi> In programming you're so used to relying on unsaid invariants, non-terminating programs, and so on. It _is_ hard x)
[Thu Feb  8 19:07:12 2018] <dh_work> the level of proofs required for proving ordinary things about ordinary coq code isn't much past what people are supposed to learn in high school geometry; but few people actually learn that much in undergrad, let alone high school.
[Thu Feb  8 19:07:41 2018] <atlask> I honestly think its way more natural to reason about that writing a bunch of unit test ad infinitum until you "feel" like you've covered all the functionality
[Thu Feb  8 19:08:24 2018] <dh_work> I'd classify the nontermination issues as annoyances, not significant sources of hardness, except when you run into a case where you can't manage to prove that your function is nonterminating because the tools aren't strong enough
[Thu Feb  8 19:09:24 2018] <atlask> dh_work: What do you use coq for?
[Thu Feb  8 19:09:44 2018] <atlask> I'm guessing at some uni?
[Thu Feb  8 19:22:42 2018] <pgiarrusso> dh_work: the amount of annoyance needed to prove pretty simple facts is... annoying
[Thu Feb  8 19:23:08 2018] <pgiarrusso> That’s after you move past “Coq’s too stupid”
[Thu Feb  8 19:23:57 2018] <pgiarrusso> Also, for lots of code idioms used in practice, we’ve only figured recently how to prove them correct (even on paper)
[Thu Feb  8 19:24:38 2018] <pgiarrusso> And by this I’m talking of all the separation logic proofs of the last 20 years, and the ongoing work on them
[Thu Feb  8 19:29:09 2018] <dh_work> well yes, but all of that's in the can now
[Thu Feb  8 19:29:33 2018] <dh_work> things are a lot closer to being ready for real deployments than they were just a few years abck
[Thu Feb  8 19:31:15 2018] <dh_work> I haven't seen that level of annoyance, but maybe I'm not trying the right problems
[Thu Feb  8 22:10:14 2018] <benzrf> https://pbs.twimg.com/media/DVjMjZrW0AAn68R.jpg
[Thu Feb  8 23:29:24 2018] <lyxia> benzrf: hahaha where is that from
[Thu Feb  8 23:33:09 2018] <benzrf> umm not sure
[Thu Feb  8 23:33:13 2018] <benzrf> it was on twitter as u can guess from the url
[Fri Feb  9 02:34:03 2018] <_xvilka_> hi! I know Coq as a proof assistant, but is it useful for problem solving?
[Fri Feb  9 02:34:14 2018] <_xvilka_> for example I work on the problems on program analysis
[Fri Feb  9 02:34:28 2018] <_xvilka_> and modern tools stick to SMT solvers
[Fri Feb  9 02:34:49 2018] <_xvilka_> but at this point SMT solvers are still low level to effectively test hypotheses
[Fri Feb  9 02:35:17 2018] <_xvilka_> so if I implement some foundation for particular set of the problems in program analysis
[Fri Feb  9 02:35:32 2018] <_xvilka_> will be I able to check hypotheses?
[Fri Feb  9 02:39:41 2018] <pgiarrusso> _xvilka_: are you asking if you can implement some program analyzer in Coq from scratch by yourself? Conceptually yes, if you can make it terminating
[Fri Feb  9 02:40:40 2018] <pgiarrusso> but that might be hard
[Fri Feb  9 02:41:38 2018] <pgiarrusso> _xvilka_: I expect Coq still is lower-level than most SMT solvers, as long as somebody doesn’t reimplement an SMT solver in Ltac
[Fri Feb  9 02:42:00 2018] <pgiarrusso> * thinks of writing actual software in Ltac and runs away screaming
[Fri Feb  9 02:46:16 2018] <_xvilka_> pgiarrusso: Coq as a core - surely yes, but if you provide a libraries, etc - can be quite high-level, can handle bigger abstractions than SMT, imho
[Fri Feb  9 02:47:14 2018] <pgiarrusso> agreed
[Fri Feb  9 02:48:08 2018] <pgiarrusso> I suspect for now Chlipala (and students) are almost the only one doing so at an automation level anywhere close to SMT
[Fri Feb  9 02:48:47 2018] <pgiarrusso> I’d maybe wait for Ltac2 or use some alternative before trying to write so much automation
[Fri Feb  9 02:50:39 2018] <_xvilka_> ok, thx for the hint
[Fri Feb  9 03:00:29 2018] <pgiarrusso> _xvilka_: OTOH, as example for your thesis, the Iris people implemented a *program logic* (separation logic) in Coq (with correctness proofs), but without much automation — for now they simply provide tactics for separation logic proof rules
[Fri Feb  9 03:00:58 2018] <pgiarrusso> I expect an SMT solver can’t even remotely do that
[Fri Feb  9 04:57:32 2018] <hackinghorn> benzrf, haha, I'm still laughing!
[Fri Feb  9 05:09:54 2018] <_xvilka_> pgiarrusso: wow, thank you, didn't knew about this Iris project
[Fri Feb  9 05:11:28 2018] <pgiarrusso> _xvilka_: now just reimplement Facebook Infer on top of Iris and you're done!
[Fri Feb  9 05:11:41 2018] <_xvilka_> "just"
[Fri Feb  9 05:11:54 2018] <pgiarrusso> yep!
[Fri Feb  9 05:12:09 2018] <pgiarrusso> since you mentioned SMT solvers
[Fri Feb  9 05:13:23 2018] <pgiarrusso> anyway not entirely serious for a bunch of reasons, what you prove with Iris seems stronger than what you autoprove with Infer (caveat: not an expert, might be nonsense)
[Fri Feb  9 05:14:24 2018] <_xvilka_> pgiarrusso: point is not to prove, thats a whole another domain. My goal is to test hypotheses interactively, if they hold or not
[Fri Feb  9 05:15:56 2018] <_xvilka_> more like a researcher helper tool
[Fri Feb  9 05:16:08 2018] <_xvilka_> which can automate like 80% of work
[Fri Feb  9 05:27:47 2018] <pgiarrusso> _xvilka_: see QuickCheck/QuickChick/model checkers
[Fri Feb  9 05:28:14 2018] <pgiarrusso> or also, SmallCheck, which might be even closer to model checkers
[Fri Feb  9 05:48:16 2018] <_xvilka_> ah, yes, I know QuickCheck
[Fri Feb  9 05:49:18 2018] <_xvilka_> but I thought its purpose is entirely different
[Fri Feb  9 06:01:01 2018] <pgiarrusso> QuickCheck is similar to model checkers
[Fri Feb  9 06:01:55 2018] <pgiarrusso> if model checkers are not what you want, I’d guess you have more in mind than you’re saying
[Fri Feb  9 06:02:07 2018] <pgiarrusso> anyway, gotta go
[Fri Feb  9 06:02:12 2018] <pgiarrusso> _xvilka_: ^^
[Fri Feb  9 06:19:36 2018] <_xvilka_> thanks for your help
[Fri Feb  9 06:42:13 2018] <mgttlinger> Is there a reduction tactic which takes as an argument the subexpression I wan reduced?
[Fri Feb  9 06:44:03 2018] <mgttlinger> I tried different coq reduction tactics `cbn` `cbv` `simpl` but all of those unfold/reduce in a prolematic order resulting in a goal so large my machine runs out of memory making proofs very inconvenient
[Fri Feb  9 06:51:01 2018] <Cypi> If you know of a subterm `t` that you want to reduce, you can something like `match goal with |- context C [t] => let t' := eval cbv in t in let gl := context C [ t' ] in change gl end`
[Fri Feb  9 06:51:08 2018] <Cypi> it's a bit manual but it should work
[Fri Feb  9 06:51:53 2018] <Cypi> alternatively, if the problem is just that there is a function `foo` that gets unfolded and you do not want it to unfold, you can try something like `cbv -[foo]`, or making `foo` opaque with the command `Opaque foo.`
[Fri Feb  9 06:52:10 2018] <Cypi> So it depends on what you want to do exactly
[Fri Feb  9 07:01:36 2018] <mgttlinger> Ok, I didn't know that `cbv` taks this kind of arguments. I'll see how far that takes me
[Fri Feb  9 07:01:44 2018] <mgttlinger> Thanks again for your help
[Fri Feb  9 07:03:23 2018] <Cypi> Some reduction tactics (probably `cbn` too) take flags as arguments to modulate which reductions are allowed. So you can say `cbv beta` to perform only beta-reduction for instance, or `cbv beta delta iota zeta.` to have full reduction.
[Fri Feb  9 08:12:29 2018] <mgttlinger> Ok, I think I found why the goal becomes so huge
[Fri Feb  9 08:13:08 2018] <mgttlinger> coq can't figure out that `forall (a : nat), a =? a = true` by itself
[Fri Feb  9 08:13:31 2018] <mgttlinger> therefore `if` statements don't get resolved and both branches unfolded at multiple places
[Fri Feb  9 08:15:31 2018] <mgttlinger> can I somehow add that lemma to the simplification mechanism or do I need to write my own simplification tactic for that?
[Fri Feb  9 17:46:33 2018] <dh`> mgttlinger: the general method I have settled on for these problems (simpl/cbv/etc unfolding too much) is "replace (term_that_exists) with (term_I_want) by (simpl; auto)"
[Fri Feb  9 17:47:18 2018] <dh`> for the a =? a thing, have you considered making a separate lemma on the original object that produces a reduced one for the a =? a case?
[Fri Feb  9 17:47:38 2018] <dh`> (that is, before feeding any of the other material in that would lead it to expand unboundedly)
[Fri Feb  9 17:48:51 2018] <dh`> e.g. if the original thing is "foo a b", make a "foo' a" and a lemma "foo a a = foo' a", or whatever like that
[Fri Feb  9 17:49:28 2018] <dh`> this may or may not make any sense depending on what you're doing :-)